(racoon 545) Re: Racoon and FreeSwan RSA

[Sascha Hüdepohl <sascha@ravenworks.de>]

Hello,

* Michal Ludvig (michal@logix.cz) wrote:
> On Wed, 16 Jun 2004, Sascha [iso-8859-15] Hüdepohl wrote:
> 
> > is it possible to build an ipsec-tunnel using Racoon at one end and
> > FreeSwan at the other end using the FreeSwan-Style RSA-Signatures?
> 
> It is work in progress in racoon for Linux from IPsec-tools package
> (http://ipsec-tools.sourceforge.net). I believe the resulting patch should
> be easily protable to KAME racoon. Testers are welcome :-)

thanks, thats exactly what i was looking for.

Unfortunately i get "Segmentation Fault" when i use it.
Is this to be expected because of early state of development?

Here is what i did:

I downloaded ipsec-tools-plainrsa20040611.tar.gz and run configure;
make. Then i manualy copied "eaytest,  plainrsa-gen,  racoon,  racoonctl,
setkey" to /usr/local/sbin.

eaytest runs all tests "Good".

I created a rsa-file with plainrsa-gen > plain.rsa and copied this file
to both machines. Then i adopted racoon.conf.sample-plainrsa to match my
environment, installed SPD with setkey wich worked with PreSharedKeys
and started racoon -vdF.
Then i ping the other host and racooon segfaults on the machine i
start ping.

The racoon.conf i used:
http://hermes.rz.hs-bremen.de/~renegat/racoon.conf.sample-plainrsa

result from "strace -o racoon.strace racoon -F": 
http://hermes.rz.hs-bremen.de/~renegat/racoon.strace

Im now at a dead point.
Is there an error in my config or in my setup?

TIA
sascha