Ubuntu
ipsec-tools package

Racoon fails to load the crypto modules

Bug #877891 reported by jfp
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ipsec-tools (Ubuntu)
Fix Released
High
Unassigned
Oneiric
Fix Released
High
Unassigned

Bug Description

Racoon fails to load the crypto modules and therefore fails.
This is dues to the racoon-tool improperly checking the version number:
It uses the following code to work out the module extensions, but will get the wrong (old) extension on 3.0.x Kernels.
(As in Oneiric 1:0.8.0-3ubuntu1)

$modext = ( $kver =~ /^2\.6\./ ? ".ko" : ".o" );

SRU Justification:

======
IMPACT:
 * racoon fails to load necessary modules on oneiric if installation uses racoon-tool administrative front-end to manage configuration. This is optional (debconf question at racoon pkg installation). If racoon-tool is chosen over directly editing config, /etc/init.d/racoon init script makes use of racoon-tool which does is broken on oneiric due to a bug in kernel version detection in racoon-tool.pl

ADDRESSED:
 * racoon-tool.pl is maintained in Debian and has since been fixed to properly parse 3.x kernel versions as wel as 2.6.x. It has been fixed in the latest Ubuntu development version since ipsec-tools 1:0.8.0-9ubuntu1.

REPRODUCE:
 * apt-get -y install racoon. Choose 'racoon-tool' at the first debconf question. '/etc/init.d/racoon start' reports dozens of errors similar to: FATAL: Module seed. not found.

REGRESSION POTENTIAL:
 * Minimal. oneiric is the only affected release as its the only Ubuntu release running a 3.x kernel with an affected ipsec-tools package.
======

See original description

Related branches

lp:~gandelman-a/ubuntu/oneiric/ipsec-tools/lp877891
Luke Yelavich (community): Approve
Ubuntu branches: Pending requested
Diff: 28 lines (+9/-1)
2 files modified
debian/changelog (+7/-0)
debian/racoon-tool.pl (+2/-1)
lp:ubuntu/oneiric-proposed/ipsec-tools
Serge Hallyn (serge-hallyn)
Changed in ipsec-tools (Ubuntu):
importance: Undecided → High
status: New → Confirmed
Revision history for this message
Adam Gandelman (gandelman-a) wrote :

The racool-tool.pl script is maintained in Debian. This has since been fixed there and fixed in Ubuntu as of ipsec-tools 1:0.8.0-9ubuntu1 via merge Bug #881097

Changed in ipsec-tools (Ubuntu):
status: Confirmed → Fix Released
Adam Gandelman (gandelman-a)
Changed in ipsec-tools (Ubuntu Oneiric):
assignee: nobody → Adam Gandelman (gandelman-a)
importance: Undecided → High
status: New → Confirmed
Adam Gandelman (gandelman-a)
description: updated
Adam Gandelman (gandelman-a)
Changed in ipsec-tools (Ubuntu Oneiric):
assignee: Adam Gandelman (gandelman-a) → nobody
Revision history for this message
Martin Pitt (pitti) wrote : Please test proposed package

Hello jfp, or anyone else affected,

Accepted ipsec-tools into oneiric-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in ipsec-tools (Ubuntu Oneiric):
status: Confirmed → Fix Committed
tags: added: verification-needed
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Verified on oneiric.

Martin Pitt (pitti)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ipsec-tools - 1:0.8.0-3ubuntu1.1

---------------
ipsec-tools (1:0.8.0-3ubuntu1.1) oneiric-proposed; urgency=low

  * debian/racoon-tool.pl: Backport a fix to correctly determine module
    extension for 3.x kernels. (LP: #877891)
 -- Adam Gandelman <email address hidden> Tue, 25 Oct 2011 11:12:16 -0700

Changed in ipsec-tools (Ubuntu Oneiric):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.