Bug 182245 - compression algorithm support issue
Summary: compression algorithm support issue
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: ipsec-tools
Version: 3.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Steve Conklin
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2006-02-21 12:47 UTC by Benoit Rovera
Modified: 2007-11-30 22:07 UTC (History)
0 users

Clone Of:
Last Closed: 2007-10-19 18:47:07 UTC

Attachments (Terms of Use)

Description Benoit Rovera 2006-02-21 12:47:36 UTC
Description of problem:


I get the following log messages when i restart the racoon daemon:

pfkey.c:2311:pk_checkalg(): compression algorithm can not be checked
because sadb message doesn't support it.
sainfo.c:99:getsainfo(): anonymous sainfo selected.

Due to this issue i'm not able to define specific parameters for phase 2
using the sainfo statement (the sainfo anonymous is used in any case).
So I'm not able to specify lifetime and pfs group per connection for
phase 2.
Each time i add a new ipsec connection i have to ask the other party to
match with the defaults parameters provided in the sainfo anonymous
statement which can be an issue for the other party.

I run ipsec-tools for a while on several RedHat ES 3 running a kernel
2.4.21. I have updated the kernel to the latest 2.4 version.
For information the Redhat ES 2.4 kernel has the ipsec support built in
the kernel as a 2.6 kernel.
The ipsec-tools version i'm currently using is: ipsec-tools-0.2.5-0.7
(latest package provided by RedHat). I have also tried to use the latest
stable version of ipsec-tools and i experience the same issue.
ipcomp is compiled as a module. I have tried to load this module
manually and it does not change anything.

Thanks in advance for your help.

Best regards,


Version-Release number of selected component (if applicable):
kernel 2.4.21-37.EL

How reproducible:

Steps to Reproduce:
1. restart racoon
Actual results:
sainfo anonymous selected

Expected results:
specific sainfo selected

Additional info:

Comment 1 Red Hat Bugzilla 2007-07-20 00:43:07 UTC
change the owner of ipsec-tools

Comment 2 RHEL Product and Program Management 2007-10-19 18:47:07 UTC
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
For more information of the RHEL errata support policy, please visit:
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.

Note You need to log in before you can comment on or make changes to this bug.