Description of problem: If you create a ifcfg-ipsec0 file, you can only specify keys using ascii, not hex, due to quoting which is done in the ifup-ipsec script. The ipsec HOWTO shows how to create random hex keys, but not how to create random ascii keys. The online Red Hat docs (for RHEL4, at: http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/security-guide/s1-ipsec-generalconf.html and the next two pages) don't mention how to create secure ascii keys and refers to the ipsec HOWTO as well. Version-Release number of selected component (if applicable): FC3 and RHEL4 How reproducible: Every time Steps to Reproduce: 1. Put a hex key in the config file (with or without 0x prefix) 2. 3. Actual results: Failure due to key length mismatch Expected results: Should realise that its a hex key from its length and then format it correctly for setkey to parse. Additional info:
Created attachment 112401 [details] a patch for this This assumes any key prefixed with '0x' is hex, otherwise, it's ASCII. Should be backwards-compatible.
Will be in initscripts-8.06-1.
*** Bug 150579 has been marked as a duplicate of this bug. ***
*** Bug 153723 has been marked as a duplicate of this bug. ***