Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 153723 - ifcfg-ipsec fails due to invalid keylength
Summary: ifcfg-ipsec fails due to invalid keylength
Keywords:
Status: CLOSED DUPLICATE of bug 150552
Alias: None
Product: Fedora
Classification: Fedora
Component: initscripts
Version: 3
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact: Brock Organ
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-04-05 11:08 UTC by Marco Verleun
Modified: 2014-03-17 02:53 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-04-05 18:06:11 UTC


Attachments (Terms of Use)

Description Marco Verleun 2005-04-05 11:08:00 UTC
Description of problem:
ifup-ipsec fails due to an invalid keylength error.

Version-Release number of selected component (if applicable):


How reproducible:
Reproducible by sourcing an config file, in my case .
/etc/sysconfig/networking-scripts/ifcfg-IPSec, and to evaluate the output of
every single line. Feeding this info into setkey -c results in an error message
invalid keylength.


Steps to Reproduce:
1.# . /etc/sysconfig/network-scripts/ifcfg-IPSec
2.# echo ${KEY_ESP_IN:+add $DST $SRC esp $SPI_ESP_IN -E
${ESP_PROTO_IN:-$ESP_PROTO} $(echo '"')$KEY_ESP_IN$(echo '"');}
3.# setkey -c
add 192.168.65.237 192.168.5.2 esp 0x201 -E 3des-cbc
"0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831";

Actual results:
400 192 192
line 1: Invalid key length at [0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c83
1]

Expected results:
Silent acceptence of the command

Additional info:
Note the following does work:
1.# . /etc/sysconfig/network-scripts/ifcfg-IPSec
2.# echo ${KEY_ESP_IN:+add $DST $SRC esp $SPI_ESP_IN -E
${ESP_PROTO_IN:-$ESP_PROTO} $(echo '"')$KEY_ESP_IN$(echo '"');}
3.# setkey -c
add 192.168.65.237 192.168.5.2 esp 0x201 -E 3des-cbc
0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831;

Comment 1 Marco Verleun 2005-04-05 11:12:24 UTC
Just in case the difference between the two commands is not clear I would like
to mention that the working example doesn't have the surrounding quotes.

Comment 2 Bill Nottingham 2005-04-05 18:06:11 UTC

*** This bug has been marked as a duplicate of 150552 ***


Note You need to log in before you can comment on or make changes to this bug.