FIPS Product: YES FIPS Kernel: NO FIPS Mode: NO NSS DB directory: sql:/etc/ipsec.d Initializing NSS Opening NSS database "sql:/etc/ipsec.d" read-only NSS initialized NSS crypto library initialized FIPS HMAC integrity support [enabled] FIPS mode disabled for pluto daemon FIPS HMAC integrity verification self-test FAILED libcap-ng support [enabled] Linux audit support [enabled] Linux audit activated Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:28837 core dump dir: /var/tmp secrets file: /etc/ipsec.secrets leak-detective enabled NSS crypto [enabled] XAUTH PAM support [enabled] | libevent is using pluto's memory allocator Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) | libevent_malloc: new ptr-libevent@0x5617653a35c8 size 40 | libevent_malloc: new ptr-libevent@0x5617653a3548 size 40 | libevent_malloc: new ptr-libevent@0x5617653a34c8 size 40 | creating event base | libevent_malloc: new ptr-libevent@0x5617653950f8 size 56 | libevent_malloc: new ptr-libevent@0x56176531ed48 size 664 | libevent_malloc: new ptr-libevent@0x5617653ddbe8 size 24 | libevent_malloc: new ptr-libevent@0x5617653ddc38 size 384 | libevent_malloc: new ptr-libevent@0x5617653ddba8 size 16 | libevent_malloc: new ptr-libevent@0x5617653a3448 size 40 | libevent_malloc: new ptr-libevent@0x5617653a33c8 size 48 | libevent_realloc: new ptr-libevent@0x56176531e9d8 size 256 | libevent_malloc: new ptr-libevent@0x5617653ddde8 size 16 | libevent_free: release ptr-libevent@0x5617653950f8 | libevent initialized | libevent_realloc: new ptr-libevent@0x5617653950f8 size 64 | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds | init_nat_traversal() initialized with keep_alive=0s NAT-Traversal support [enabled] | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized | global one-shot timer EVENT_FREE_ROOT_CERTS initialized | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds | global one-shot timer EVENT_REVIVE_CONNS initialized | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds Encryption algorithms: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac NULL IKEv1: ESP IKEv2: ESP [] CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 Hash algorithms: MD5 IKEv1: IKE IKEv2: SHA1 IKEv1: IKE IKEv2: FIPS sha SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 PRF algorithms: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc Integrity algorithms: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac NONE IKEv1: ESP IKEv2: IKE ESP FIPS null DH algorithms: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 testing CAMELLIA_CBC: Camellia: 16 bytes with 128-bit key Camellia: 16 bytes with 128-bit key Camellia: 16 bytes with 256-bit key Camellia: 16 bytes with 256-bit key testing AES_GCM_16: empty string one block two blocks two blocks with associated data testing AES_CTR: Encrypting 16 octets using AES-CTR with 128-bit key Encrypting 32 octets using AES-CTR with 128-bit key Encrypting 36 octets using AES-CTR with 128-bit key Encrypting 16 octets using AES-CTR with 192-bit key Encrypting 32 octets using AES-CTR with 192-bit key Encrypting 36 octets using AES-CTR with 192-bit key Encrypting 16 octets using AES-CTR with 256-bit key Encrypting 32 octets using AES-CTR with 256-bit key Encrypting 36 octets using AES-CTR with 256-bit key testing AES_CBC: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key testing AES_XCBC: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) testing HMAC_MD5: RFC 2104: MD5_HMAC test 1 RFC 2104: MD5_HMAC test 2 RFC 2104: MD5_HMAC test 3 8 CPU cores online starting up 7 crypto helpers started thread for crypto helper 0 | starting up helper thread 0 | status value returned by setting the priority of this thread (crypto helper 0) 22 | crypto helper 0 waiting (nothing to do) started thread for crypto helper 1 started thread for crypto helper 2 | starting up helper thread 2 | status value returned by setting the priority of this thread (crypto helper 2) 22 | crypto helper 2 waiting (nothing to do) started thread for crypto helper 3 | starting up helper thread 3 | status value returned by setting the priority of this thread (crypto helper 3) 22 | crypto helper 3 waiting (nothing to do) started thread for crypto helper 4 | starting up helper thread 4 | status value returned by setting the priority of this thread (crypto helper 4) 22 | crypto helper 4 waiting (nothing to do) started thread for crypto helper 5 | starting up helper thread 5 | starting up helper thread 1 | status value returned by setting the priority of this thread (crypto helper 5) 22 | status value returned by setting the priority of this thread (crypto helper 1) 22 started thread for crypto helper 6 | checking IKEv1 state table | starting up helper thread 6 | status value returned by setting the priority of this thread (crypto helper 6) 22 | MAIN_R0: category: half-open IKE SA flags: 0: | -> MAIN_R1 EVENT_SO_DISCARD | crypto helper 5 waiting (nothing to do) | MAIN_I1: category: half-open IKE SA flags: 0: | -> MAIN_I2 EVENT_RETRANSMIT | crypto helper 1 waiting (nothing to do) | MAIN_R1: category: open IKE SA flags: 200: | -> MAIN_R2 EVENT_RETRANSMIT | crypto helper 6 waiting (nothing to do) | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_I2: category: open IKE SA flags: 0: | -> MAIN_I3 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_R2: category: open IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | -> MAIN_R3 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_I3: category: open IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | -> MAIN_I4 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_R3: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | MAIN_I4: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | AGGR_R0: category: half-open IKE SA flags: 0: | -> AGGR_R1 EVENT_SO_DISCARD | AGGR_I1: category: half-open IKE SA flags: 0: | -> AGGR_I2 EVENT_SA_REPLACE | -> AGGR_I2 EVENT_SA_REPLACE | AGGR_R1: category: open IKE SA flags: 200: | -> AGGR_R2 EVENT_SA_REPLACE | -> AGGR_R2 EVENT_SA_REPLACE | AGGR_I2: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | AGGR_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | QUICK_R0: category: established CHILD SA flags: 0: | -> QUICK_R1 EVENT_RETRANSMIT | QUICK_I1: category: established CHILD SA flags: 0: | -> QUICK_I2 EVENT_SA_REPLACE | QUICK_R1: category: established CHILD SA flags: 0: | -> QUICK_R2 EVENT_SA_REPLACE | QUICK_I2: category: established CHILD SA flags: 200: | -> UNDEFINED EVENT_NULL | QUICK_R2: category: established CHILD SA flags: 0: | -> UNDEFINED EVENT_NULL | INFO: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | INFO_PROTECTED: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | XAUTH_R0: category: established IKE SA flags: 0: | -> XAUTH_R1 EVENT_NULL | XAUTH_R1: category: established IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | MODE_CFG_R0: category: informational flags: 0: | -> MODE_CFG_R1 EVENT_SA_REPLACE | MODE_CFG_R1: category: established IKE SA flags: 0: | -> MODE_CFG_R2 EVENT_SA_REPLACE | MODE_CFG_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | MODE_CFG_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | XAUTH_I0: category: established IKE SA flags: 0: | -> XAUTH_I1 EVENT_RETRANSMIT | XAUTH_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_RETRANSMIT | checking IKEv2 state table | PARENT_I0: category: ignore flags: 0: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) | PARENT_I1: category: half-open IKE SA flags: 0: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) | PARENT_I2: category: open IKE SA flags: 0: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) | PARENT_I3: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) | PARENT_R0: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) | PARENT_R1: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) | PARENT_R2: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) | V2_CREATE_I0: category: established IKE SA flags: 0: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) | V2_CREATE_I: category: established IKE SA flags: 0: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) | V2_REKEY_IKE_I: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: | V2_CREATE_R: category: established IKE SA flags: 0: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) | V2_REKEY_IKE_R: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: | V2_IPSEC_I: category: established CHILD SA flags: 0: | V2_IPSEC_R: category: established CHILD SA flags: 0: | IKESA_DEL: category: established IKE SA flags: 0: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) | CHILDSA_DEL: category: informational flags: 0: Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64 | Hard-wiring algorithms | adding AES_CCM_16 to kernel algorithm db | adding AES_CCM_12 to kernel algorithm db | adding AES_CCM_8 to kernel algorithm db | adding 3DES_CBC to kernel algorithm db | adding CAMELLIA_CBC to kernel algorithm db | adding AES_GCM_16 to kernel algorithm db | adding AES_GCM_12 to kernel algorithm db | adding AES_GCM_8 to kernel algorithm db | adding AES_CTR to kernel algorithm db | adding AES_CBC to kernel algorithm db | adding SERPENT_CBC to kernel algorithm db | adding TWOFISH_CBC to kernel algorithm db | adding NULL_AUTH_AES_GMAC to kernel algorithm db | adding NULL to kernel algorithm db | adding CHACHA20_POLY1305 to kernel algorithm db | adding HMAC_MD5_96 to kernel algorithm db | adding HMAC_SHA1_96 to kernel algorithm db | adding HMAC_SHA2_512_256 to kernel algorithm db | adding HMAC_SHA2_384_192 to kernel algorithm db | adding HMAC_SHA2_256_128 to kernel algorithm db | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db | adding AES_XCBC_96 to kernel algorithm db | adding AES_CMAC_96 to kernel algorithm db | adding NONE to kernel algorithm db | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds | setup kernel fd callback | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x56176539d2e8 | libevent_malloc: new ptr-libevent@0x5617653dc358 size 128 | libevent_malloc: new ptr-libevent@0x5617653e33e8 size 16 | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x5617653e3378 | libevent_malloc: new ptr-libevent@0x561765395da8 size 128 | libevent_malloc: new ptr-libevent@0x5617653e3048 size 16 | global one-shot timer EVENT_CHECK_CRLS initialized selinux support is enabled. | unbound context created - setting debug level to 5 | /etc/hosts lookups activated | /etc/resolv.conf usage activated | outgoing-port-avoid set 0-65535 | outgoing-port-permit set 32768-60999 | Loading dnssec root key from:/var/lib/unbound/root.key | No additional dnssec trust anchors defined via dnssec-trusted= option | Setting up events, loop start | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x5617653e3818 | libevent_malloc: new ptr-libevent@0x5617653ef6f8 size 128 | libevent_malloc: new ptr-libevent@0x5617653fa9e8 size 16 | libevent_realloc: new ptr-libevent@0x5617653faa28 size 256 | libevent_malloc: new ptr-libevent@0x5617653fab58 size 8 | libevent_realloc: new ptr-libevent@0x5617653fab98 size 144 | libevent_malloc: new ptr-libevent@0x5617653a18b8 size 152 | libevent_malloc: new ptr-libevent@0x5617653fac58 size 16 | signal event handler PLUTO_SIGCHLD installed | libevent_malloc: new ptr-libevent@0x5617653fac98 size 8 | libevent_malloc: new ptr-libevent@0x56176531f728 size 152 | signal event handler PLUTO_SIGTERM installed | libevent_malloc: new ptr-libevent@0x5617653facd8 size 8 | libevent_malloc: new ptr-libevent@0x5617653fad18 size 152 | signal event handler PLUTO_SIGHUP installed | libevent_malloc: new ptr-libevent@0x5617653fade8 size 8 | libevent_realloc: release ptr-libevent@0x5617653fab98 | libevent_realloc: new ptr-libevent@0x5617653fae28 size 256 | libevent_malloc: new ptr-libevent@0x5617653faf58 size 152 | signal event handler PLUTO_SIGSYS installed | created addconn helper (pid:28913) using fork+execve | forked child 28913 | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.2.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.23 Kernel supports NIC esp-hw-offload adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.23:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth1/eth1 192.1.2.23:4500 adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.2.254:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth0/eth0 192.0.2.254:4500 adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface lo/lo 127.0.0.1:4500 | no interfaces to sort | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | add_fd_read_event_handler: new ethX-pe@0x5617653fb538 | libevent_malloc: new ptr-libevent@0x5617653ef648 size 128 | libevent_malloc: new ptr-libevent@0x5617653fb5a8 size 16 | setup callback for interface lo 127.0.0.1:4500 fd 22 | add_fd_read_event_handler: new ethX-pe@0x5617653fb5e8 | libevent_malloc: new ptr-libevent@0x561765395e58 size 128 | libevent_malloc: new ptr-libevent@0x5617653fb658 size 16 | setup callback for interface lo 127.0.0.1:500 fd 21 | add_fd_read_event_handler: new ethX-pe@0x5617653fb698 | libevent_malloc: new ptr-libevent@0x561765395778 size 128 | libevent_malloc: new ptr-libevent@0x5617653fb708 size 16 | setup callback for interface eth0 192.0.2.254:4500 fd 20 | add_fd_read_event_handler: new ethX-pe@0x5617653fb748 | libevent_malloc: new ptr-libevent@0x56176539d038 size 128 | libevent_malloc: new ptr-libevent@0x5617653fb7b8 size 16 | setup callback for interface eth0 192.0.2.254:500 fd 19 | add_fd_read_event_handler: new ethX-pe@0x5617653fb7f8 | libevent_malloc: new ptr-libevent@0x56176539d138 size 128 | libevent_malloc: new ptr-libevent@0x5617653fb868 size 16 | setup callback for interface eth1 192.1.2.23:4500 fd 18 | add_fd_read_event_handler: new ethX-pe@0x5617653fb8a8 | libevent_malloc: new ptr-libevent@0x56176539d238 size 128 | libevent_malloc: new ptr-libevent@0x5617653fb918 size 16 | setup callback for interface eth1 192.1.2.23:500 fd 17 | certs and keys locked by 'free_preshared_secrets' | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | saving Modulus | saving PublicExponent | ignoring PrivateExponent | ignoring Prime1 | ignoring Prime2 | ignoring Exponent1 | ignoring Exponent2 | ignoring Coefficient | ignoring CKAIDNSS | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 | computed rsa CKAID 8a 82 25 f1 loaded private key for keyid: PKK_RSA:AQO9bJbr3 | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.586 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.2.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.23 | no interfaces to sort | libevent_free: release ptr-libevent@0x5617653ef648 | free_event_entry: release EVENT_NULL-pe@0x5617653fb538 | add_fd_read_event_handler: new ethX-pe@0x5617653fb538 | libevent_malloc: new ptr-libevent@0x5617653ef648 size 128 | setup callback for interface lo 127.0.0.1:4500 fd 22 | libevent_free: release ptr-libevent@0x561765395e58 | free_event_entry: release EVENT_NULL-pe@0x5617653fb5e8 | add_fd_read_event_handler: new ethX-pe@0x5617653fb5e8 | libevent_malloc: new ptr-libevent@0x561765395e58 size 128 | setup callback for interface lo 127.0.0.1:500 fd 21 | libevent_free: release ptr-libevent@0x561765395778 | free_event_entry: release EVENT_NULL-pe@0x5617653fb698 | add_fd_read_event_handler: new ethX-pe@0x5617653fb698 | libevent_malloc: new ptr-libevent@0x561765395778 size 128 | setup callback for interface eth0 192.0.2.254:4500 fd 20 | libevent_free: release ptr-libevent@0x56176539d038 | free_event_entry: release EVENT_NULL-pe@0x5617653fb748 | add_fd_read_event_handler: new ethX-pe@0x5617653fb748 | libevent_malloc: new ptr-libevent@0x56176539d038 size 128 | setup callback for interface eth0 192.0.2.254:500 fd 19 | libevent_free: release ptr-libevent@0x56176539d138 | free_event_entry: release EVENT_NULL-pe@0x5617653fb7f8 | add_fd_read_event_handler: new ethX-pe@0x5617653fb7f8 | libevent_malloc: new ptr-libevent@0x56176539d138 size 128 | setup callback for interface eth1 192.1.2.23:4500 fd 18 | libevent_free: release ptr-libevent@0x56176539d238 | free_event_entry: release EVENT_NULL-pe@0x5617653fb8a8 | add_fd_read_event_handler: new ethX-pe@0x5617653fb8a8 | libevent_malloc: new ptr-libevent@0x56176539d238 size 128 | setup callback for interface eth1 192.1.2.23:500 fd 17 | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | saving Modulus | saving PublicExponent | ignoring PrivateExponent | ignoring Prime1 | ignoring Prime2 | ignoring Exponent1 | ignoring Exponent2 | ignoring Coefficient | ignoring CKAIDNSS | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 | computed rsa CKAID 8a 82 25 f1 loaded private key for keyid: PKK_RSA:AQO9bJbr3 | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.351 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned pid 28913 (exited with status 0) | reaped addconn helper child (status 0) | waitpid returned ECHILD (no child processes left) | spent 0.0165 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection san with policy RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_GCM_16_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_GCM_16_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 | from whack: got --esp= | ESP/AH string values: AES_GCM_16_256-NONE, AES_GCM_16_128-NONE, AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128, AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128 | counting wild cards for 192.1.2.45 is 0 | loading right certificate 'east' pubkey | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653fef58 | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653fef08 | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653feeb8 | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653fec08 | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653febb8 | unreference key: 0x5617653fefa8 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1-- | unreference key: 0x561765402428 192.1.2.23 cnt 1-- | certs and keys locked by 'lsw_add_rsa_secret' | certs and keys unlocked by 'lsw_add_rsa_secret' | counting wild cards for 192.1.2.23 is 0 | connect_to_host_pair: 192.1.2.23:500 192.1.2.45:500 -> hp@(nil): none | new hp@0x561765402028 added connection description "san" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.1.2.23<192.1.2.23>...192.1.2.45<192.1.2.45> | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.01 milliseconds in whack | spent 0.00524 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 828 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | d2 a7 aa df b0 45 d4 6f 00 00 00 00 00 00 00 00 | 21 20 22 08 00 00 00 00 00 00 03 3c 22 00 01 b4 | 02 00 00 64 01 01 00 0b 03 00 00 0c 01 00 00 14 | 80 0e 01 00 03 00 00 08 02 00 00 07 03 00 00 08 | 02 00 00 05 03 00 00 08 04 00 00 0e 03 00 00 08 | 04 00 00 0f 03 00 00 08 04 00 00 10 03 00 00 08 | 04 00 00 12 03 00 00 08 04 00 00 13 03 00 00 08 | 04 00 00 14 03 00 00 08 04 00 00 15 00 00 00 08 | 04 00 00 1f 02 00 00 64 02 01 00 0b 03 00 00 0c | 01 00 00 14 80 0e 00 80 03 00 00 08 02 00 00 07 | 03 00 00 08 02 00 00 05 03 00 00 08 04 00 00 0e | 03 00 00 08 04 00 00 0f 03 00 00 08 04 00 00 10 | 03 00 00 08 04 00 00 12 03 00 00 08 04 00 00 13 | 03 00 00 08 04 00 00 14 03 00 00 08 04 00 00 15 | 00 00 00 08 04 00 00 1f 02 00 00 74 03 01 00 0d | 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 | 02 00 00 07 03 00 00 08 02 00 00 05 03 00 00 08 | 03 00 00 0e 03 00 00 08 03 00 00 0c 03 00 00 08 | 04 00 00 0e 03 00 00 08 04 00 00 0f 03 00 00 08 | 04 00 00 10 03 00 00 08 04 00 00 12 03 00 00 08 | 04 00 00 13 03 00 00 08 04 00 00 14 03 00 00 08 | 04 00 00 15 00 00 00 08 04 00 00 1f 00 00 00 74 | 04 01 00 0d 03 00 00 0c 01 00 00 0c 80 0e 00 80 | 03 00 00 08 02 00 00 07 03 00 00 08 02 00 00 05 | 03 00 00 08 03 00 00 0e 03 00 00 08 03 00 00 0c | 03 00 00 08 04 00 00 0e 03 00 00 08 04 00 00 0f | 03 00 00 08 04 00 00 10 03 00 00 08 04 00 00 12 | 03 00 00 08 04 00 00 13 03 00 00 08 04 00 00 14 | 03 00 00 08 04 00 00 15 00 00 00 08 04 00 00 1f | 28 00 01 08 00 0e 00 00 4e 3f b6 53 5f 1c 40 78 | 14 d2 e0 d3 c2 b1 46 0f 1d 0a e4 da c4 df 77 24 | 9c 8a a3 07 3b 0a 26 c1 4e 05 05 f3 82 f6 25 31 | 34 b1 ae 38 fc 1b a1 ec 07 7a b7 8a 67 82 6b 96 | ea 39 3b 88 6e 10 3b 42 74 e8 55 78 6e df 8f bf | 72 32 d5 92 c9 06 f9 ea ec 0f a9 cf ec 93 7e 37 | da e4 bb 8c 1a 42 35 05 66 b6 14 69 ed fb 7c e0 | 4f c5 dc c8 d1 3a fe 84 06 20 89 49 bf d2 47 3e | 8b 6b 3f d9 64 43 3c f5 19 5b 95 89 7a c1 60 03 | 21 9b 64 fe a5 51 8a ab 27 fc 17 e7 b7 45 e6 6e | 8e bd 58 6e 7d b1 79 2c bc 99 bf 67 b1 f7 fa f6 | ab b5 f0 5c 9a 05 1a 3a f7 0f 7e b5 bb ad 3f ca | 12 67 00 50 ed 8b 92 d7 2d 9d 03 83 52 53 76 52 | d2 11 51 f2 d5 9b cf 07 24 01 72 b0 95 4c 22 3e | 9d 1f 83 84 99 73 a6 6f 04 0a 5d 5e fe 30 06 3d | fd bf 0d df f4 3e 0d 33 78 6a b5 0d 56 e7 2f 8a | f6 8e 67 8a fb 23 85 88 29 00 00 24 6a d3 5e 3e | 07 e3 76 7e 13 fd 6e 6c d6 fa 99 20 dc 28 2e dc | 72 eb 38 a5 11 2c 7e 1c 8a cd 15 56 29 00 00 08 | 00 00 40 2e 29 00 00 1c 00 00 40 04 2c 1c ea cb | 94 26 64 09 73 9c 5c bc 0a c3 71 cf 77 17 ca 99 | 00 00 00 1c 00 00 40 05 88 42 29 12 e3 73 7f ee | 06 1e 2d 70 0d 24 84 d8 c2 84 4d ce | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d2 a7 aa df b0 45 d4 6f | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_v2SA (0x21) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) | Message ID: 0 (0x0) | length: 828 (0x33c) | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_SA_INIT (34) | I am the IKE SA Original Responder receiving an IKEv2 IKE_SA_INIT request | State DB: IKEv2 state not found (find_v2_ike_sa_by_initiator_spi) | Now let's proceed with payload (ISAKMP_NEXT_v2SA) | ***parse IKEv2 Security Association Payload: | next payload type: ISAKMP_NEXT_v2KE (0x22) | flags: none (0x0) | length: 436 (0x1b4) | processing payload: ISAKMP_NEXT_v2SA (len=432) | Now let's proceed with payload (ISAKMP_NEXT_v2KE) | ***parse IKEv2 Key Exchange Payload: | next payload type: ISAKMP_NEXT_v2Ni (0x28) | flags: none (0x0) | length: 264 (0x108) | DH group: OAKLEY_GROUP_MODP2048 (0xe) | processing payload: ISAKMP_NEXT_v2KE (len=256) | Now let's proceed with payload (ISAKMP_NEXT_v2Ni) | ***parse IKEv2 Nonce Payload: | next payload type: ISAKMP_NEXT_v2N (0x29) | flags: none (0x0) | length: 36 (0x24) | processing payload: ISAKMP_NEXT_v2Ni (len=32) | Now let's proceed with payload (ISAKMP_NEXT_v2N) | ***parse IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2N (0x29) | flags: none (0x0) | length: 8 (0x8) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) | processing payload: ISAKMP_NEXT_v2N (len=0) | Now let's proceed with payload (ISAKMP_NEXT_v2N) | ***parse IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2N (0x29) | flags: none (0x0) | length: 28 (0x1c) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) | processing payload: ISAKMP_NEXT_v2N (len=20) | Now let's proceed with payload (ISAKMP_NEXT_v2N) | ***parse IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | length: 28 (0x1c) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) | processing payload: ISAKMP_NEXT_v2N (len=20) | DDOS disabled and no cookie sent, continuing | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=ECDSA+IKEV2_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=ECDSA+IKEV2_ALLOW | found policy = RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (san) | find_next_host_connection returns empty | find_host_connection local=192.1.2.23:500 remote= policy=ECDSA+IKEV2_ALLOW but ignoring ports | find_next_host_connection policy=ECDSA+IKEV2_ALLOW | find_next_host_connection returns empty | initial parent SA message received on 192.1.2.23:500 but no connection has been authorized with policy ECDSA+IKEV2_ALLOW | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=RSASIG+IKEV2_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=RSASIG+IKEV2_ALLOW | found policy = RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (san) | find_next_host_connection returns san | find_next_host_connection policy=RSASIG+IKEV2_ALLOW | find_next_host_connection returns empty | found connection: san with policy RSASIG+IKEV2_ALLOW | creating state object #1 at 0x5617654060b8 | State DB: adding IKEv2 state #1 in UNDEFINED | pstats #1 ikev2.ike started | Message ID: init #1: msgid=0 lastack=4294967295 nextuse=0 lastrecv=4294967295 lastreplied=0 | parent state #1: UNDEFINED(ignore) => PARENT_R0(half-open IKE SA) | Message ID: init_ike #1; ike: initiator.sent=0->-1 initiator.recv=0->-1 responder.sent=0->-1 responder.recv=0->-1 wip.initiator=0->-1 wip.responder=0->-1 | start processing: state #1 connection "san" from 192.1.2.45 (in ikev2_process_packet() at ikev2.c:2016) | State DB: IKEv2 state not found (find_v2_sa_by_responder_wip) | [RE]START processing: state #1 connection "san" from 192.1.2.45 (in ike_process_packet() at ikev2.c:2064) | #1 st.st_msgid_lastrecv -1 md.hdr.isa_msgid 00000000 | Message ID: #1 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1 | Message ID: start-responder #1 request 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1 wip.initiator=-1 wip.responder=-1->0 | #1 in state PARENT_R0: processing SA_INIT request | selected state microcode Respond to IKE_SA_INIT | Now let's proceed with state specific processing | calling processor Respond to IKE_SA_INIT | #1 updating local interface from 192.1.2.23:500 to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | constructing local IKE proposals for san (IKE SA responder matching remote proposals) | converting ike_info AES_GCM_16_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ... | ... ikev2_proposal: 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 | converting ike_info AES_GCM_16_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ... | ... ikev2_proposal: 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 | converting ike_info AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ... | ... ikev2_proposal: 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 | converting ike_info AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ... | ... ikev2_proposal: 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 "san": constructed local IKE proposals for san (IKE SA responder matching remote proposals): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 | Comparing remote proposals against IKE responder 4 local proposals | local proposal 1 type ENCR has 1 transforms | local proposal 1 type PRF has 2 transforms | local proposal 1 type INTEG has 1 transforms | local proposal 1 type DH has 8 transforms | local proposal 1 type ESN has 0 transforms | local proposal 1 transforms: required: ENCR+PRF+DH; optional: INTEG | local proposal 2 type ENCR has 1 transforms | local proposal 2 type PRF has 2 transforms | local proposal 2 type INTEG has 1 transforms | local proposal 2 type DH has 8 transforms | local proposal 2 type ESN has 0 transforms | local proposal 2 transforms: required: ENCR+PRF+DH; optional: INTEG | local proposal 3 type ENCR has 1 transforms | local proposal 3 type PRF has 2 transforms | local proposal 3 type INTEG has 2 transforms | local proposal 3 type DH has 8 transforms | local proposal 3 type ESN has 0 transforms | local proposal 3 transforms: required: ENCR+PRF+INTEG+DH; optional: none | local proposal 4 type ENCR has 1 transforms | local proposal 4 type PRF has 2 transforms | local proposal 4 type INTEG has 2 transforms | local proposal 4 type DH has 8 transforms | local proposal 4 type ESN has 0 transforms | local proposal 4 transforms: required: ENCR+PRF+INTEG+DH; optional: none | ****parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 100 (0x64) | prop #: 1 (0x1) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 11 (0xb) | Comparing remote proposal 1 containing 11 transforms against local proposal [1..4] of 4 local proposals | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | ******parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | remote proposal 1 transform 0 (ENCR=AES_GCM_C_256) matches local proposal 1 type 1 (ENCR) transform 0 | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 1 type 2 (PRF) transform 0 | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 2 type 2 (PRF) transform 0 | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 3 type 2 (PRF) transform 0 | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 4 type 2 (PRF) transform 0 | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0 | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0 | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 3 type 4 (DH) transform 0 | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 4 type 4 (DH) transform 0 | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f) | remote proposal 1 proposed transforms: ENCR+PRF+DH; matched: ENCR+PRF+DH; unmatched: none | comparing remote proposal 1 containing ENCR+PRF+DH transforms to local proposal 1; required: ENCR+PRF+DH; optional: INTEG; matched: ENCR+PRF+DH | remote proposal 1 matches local proposal 1 | ****parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 100 (0x64) | prop #: 2 (0x2) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 11 (0xb) | Comparing remote proposal 2 containing 11 transforms against local proposal [1..0] of 4 local proposals | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | ******parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f) | remote proposal 2 proposed transforms: ENCR+PRF+DH; matched: none; unmatched: ENCR+PRF+DH | remote proposal 2 does not match; unmatched remote transforms: ENCR+PRF+DH | ****parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 116 (0x74) | prop #: 3 (0x3) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 13 (0xd) | Comparing remote proposal 3 containing 13 transforms against local proposal [1..0] of 4 local proposals | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_CBC (0xc) | ******parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f) | remote proposal 3 proposed transforms: ENCR+PRF+INTEG+DH; matched: none; unmatched: ENCR+PRF+INTEG+DH | remote proposal 3 does not match; unmatched remote transforms: ENCR+PRF+INTEG+DH | ****parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_LAST (0x0) | length: 116 (0x74) | prop #: 4 (0x4) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 13 (0xd) | Comparing remote proposal 4 containing 13 transforms against local proposal [1..0] of 4 local proposals | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_CBC (0xc) | ******parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f) | remote proposal 4 proposed transforms: ENCR+PRF+INTEG+DH; matched: none; unmatched: ENCR+PRF+INTEG+DH | remote proposal 4 does not match; unmatched remote transforms: ENCR+PRF+INTEG+DH "san" #1: proposal 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 | accepted IKE proposal ikev2_proposal: 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048 | converting proposal to internal trans attrs | natd_hash: rcookie is zero | natd_hash: hasher=0x561763ede800(20) | natd_hash: icookie= d2 a7 aa df b0 45 d4 6f | natd_hash: rcookie= 00 00 00 00 00 00 00 00 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 88 42 29 12 e3 73 7f ee 06 1e 2d 70 0d 24 84 d8 | natd_hash: hash= c2 84 4d ce | natd_hash: rcookie is zero | natd_hash: hasher=0x561763ede800(20) | natd_hash: icookie= d2 a7 aa df b0 45 d4 6f | natd_hash: rcookie= 00 00 00 00 00 00 00 00 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 2c 1c ea cb 94 26 64 09 73 9c 5c bc 0a c3 71 cf | natd_hash: hash= 77 17 ca 99 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | adding ikev2_inI1outR1 KE work-order 1 for state #1 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x561765402c78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x5617653feb08 size 128 | crypto helper 0 resuming | crypto helper 0 starting work-order 1 for state #1 | crypto helper 0 doing build KE and nonce (ikev2_inI1outR1 KE); request ID 1 | #1 spent 1.43 milliseconds in processing: Respond to IKE_SA_INIT in ikev2_process_state_packet() | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | #1 complete_v2_state_transition() PARENT_R0->PARENT_R1 with status STF_SUSPEND | suspending state #1 and saving MD | #1 is busy; has a suspended MD | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in log_stf_suspend() at ikev2.c:3269) | "san" #1 complete v2 state STATE_PARENT_R0 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 | stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018) | #1 spent 2.14 milliseconds in ikev2_process_packet() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 2.16 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 finished build KE and nonce (ikev2_inI1outR1 KE); request ID 1 time elapsed 0.001818 seconds | (#1) spent 1.8 milliseconds in crypto helper computing work-order 1: ikev2_inI1outR1 KE (pcr) | crypto helper 0 sending results from work-order 1 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7f6bf0002888 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "san" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 1 | calling continuation function 0x561763e09b50 | ikev2_parent_inI1outR1_continue for #1: calculated ke+nonce, sending R1 | **emit ISAKMP Message: | initiator cookie: | d2 a7 aa df b0 45 d4 6f | responder cookie: | f1 48 0b c7 09 b8 1d ac | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | Emitting ikev2_proposal ... | ***emit IKEv2 Security Association Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' | ****emit IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_LAST (0x0) | prop #: 1 (0x1) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 3 (0x3) | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' | *****emit IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' | ******emit IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | emitting length of IKEv2 Transform Substructure Payload: 12 | *****emit IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' | emitting length of IKEv2 Transform Substructure Payload: 8 | *****emit IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' | emitting length of IKEv2 Transform Substructure Payload: 8 | emitting length of IKEv2 Proposal Substructure Payload: 36 | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 | emitting length of IKEv2 Security Association Payload: 40 | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 | ***emit IKEv2 Key Exchange Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | DH group: OAKLEY_GROUP_MODP2048 (0xe) | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE) | next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload | ikev2 g^x 6c 49 57 06 0f 41 3a c8 6c 0c c1 52 0c e4 c2 0a | ikev2 g^x fc d3 24 9c a9 66 6e e8 c2 48 c4 6a e4 01 9d eb | ikev2 g^x d4 9e d5 8c e4 65 48 f2 1a ad 40 3b 0a ba 9d e4 | ikev2 g^x e2 8b a8 e1 91 96 76 b9 a8 4e e0 a4 8d f9 4c d5 | ikev2 g^x 5d 23 4e d3 39 83 89 2c 23 e1 19 fb 7b c1 c4 56 | ikev2 g^x 35 e6 79 ab 66 77 c0 88 3b 62 26 aa 0b 29 53 14 | ikev2 g^x af 87 bc 38 05 c5 01 70 43 25 b1 f2 8a c9 e9 43 | ikev2 g^x ca 14 4a 11 ac 19 3a 6f 03 1e e7 21 34 b3 03 07 | ikev2 g^x 97 f9 b1 1f 77 0e 41 e3 bd 40 c5 a9 79 80 68 8a | ikev2 g^x 9a 2e dd b5 c4 3d 92 2f 95 e0 d1 7c 68 39 0e 34 | ikev2 g^x d2 d1 81 91 b2 3f 87 09 a4 c1 cb fc 9e 5f e4 3c | ikev2 g^x ae f1 59 88 55 55 49 e8 9f 63 86 55 4a 49 96 e7 | ikev2 g^x 3a 48 96 58 ab f2 10 f0 c1 ee 6b 6c bb ef f2 26 | ikev2 g^x 43 eb 22 e8 b3 1a 44 64 5c de 8c ac 72 25 40 2e | ikev2 g^x 4f 4d f7 ce a3 18 9f 0d 14 2b 0c 29 0a 36 40 2c | ikev2 g^x 0a 87 12 59 49 6d f3 f3 35 fe 1f 21 bb d3 d7 7a | emitting length of IKEv2 Key Exchange Payload: 264 | ***emit IKEv2 Nonce Payload: | next payload type: ISAKMP_NEXT_v2N (0x29) | flags: none (0x0) | next payload chain: ignoring supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N | next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni) | next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload | IKEv2 nonce d9 f7 06 c0 25 0d 9a f2 87 0a 6c 28 6b f0 12 1d | IKEv2 nonce bd 8c 32 09 94 56 50 4e 69 d5 1d 1b 6e 4c c8 a9 | emitting length of IKEv2 Nonce Payload: 36 | Adding a v2N Payload | ***emit IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) | next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' | emitting length of IKEv2 Notify Payload: 8 | NAT-Traversal support [enabled] add v2N payloads. | natd_hash: hasher=0x561763ede800(20) | natd_hash: icookie= d2 a7 aa df b0 45 d4 6f | natd_hash: rcookie= f1 48 0b c7 09 b8 1d ac | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 1a 53 af 03 fd 37 b0 3b 1d d2 b1 18 d5 44 ef 14 | natd_hash: hash= 55 a1 d5 8c | Adding a v2N Payload | ***emit IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload | Notify data 1a 53 af 03 fd 37 b0 3b 1d d2 b1 18 d5 44 ef 14 | Notify data 55 a1 d5 8c | emitting length of IKEv2 Notify Payload: 28 | natd_hash: hasher=0x561763ede800(20) | natd_hash: icookie= d2 a7 aa df b0 45 d4 6f | natd_hash: rcookie= f1 48 0b c7 09 b8 1d ac | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 4d b9 94 12 d3 52 96 d9 09 dd 0d c9 43 fa c7 84 | natd_hash: hash= b4 e4 1b 8a | Adding a v2N Payload | ***emit IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload | Notify data 4d b9 94 12 d3 52 96 d9 09 dd 0d c9 43 fa c7 84 | Notify data b4 e4 1b 8a | emitting length of IKEv2 Notify Payload: 28 | going to send a certreq | connection->kind is CK_PERMANENT so send CERTREQ | ***emit IKEv2 Certificate Request Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | ikev2 cert encoding: CERT_X509_SIGNATURE (0x4) | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Certificate Request Payload (38:ISAKMP_NEXT_v2CERTREQ) | next payload chain: saving location 'IKEv2 Certificate Request Payload'.'next payload type' in 'reply packet' | emitting length of IKEv2 Certificate Request Payload: 5 | emitting length of ISAKMP Message: 437 | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | #1 complete_v2_state_transition() PARENT_R0->PARENT_R1 with status STF_OK | IKEv2: transition from state STATE_PARENT_R0 to state STATE_PARENT_R1 | parent state #1: PARENT_R0(half-open IKE SA) => PARENT_R1(half-open IKE SA) | Message ID: updating counters for #1 to 0 after switching state | Message ID: recv #1 request 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1->0 wip.initiator=-1 wip.responder=0->-1 | Message ID: sent #1 response 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1->0 responder.recv=0 wip.initiator=-1 wip.responder=-1 "san" #1: STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048} | sending V2 new request packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 437 bytes for STATE_PARENT_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac | 21 20 22 20 00 00 00 00 00 00 01 b5 22 00 00 28 | 00 00 00 24 01 01 00 03 03 00 00 0c 01 00 00 14 | 80 0e 01 00 03 00 00 08 02 00 00 07 00 00 00 08 | 04 00 00 0e 28 00 01 08 00 0e 00 00 6c 49 57 06 | 0f 41 3a c8 6c 0c c1 52 0c e4 c2 0a fc d3 24 9c | a9 66 6e e8 c2 48 c4 6a e4 01 9d eb d4 9e d5 8c | e4 65 48 f2 1a ad 40 3b 0a ba 9d e4 e2 8b a8 e1 | 91 96 76 b9 a8 4e e0 a4 8d f9 4c d5 5d 23 4e d3 | 39 83 89 2c 23 e1 19 fb 7b c1 c4 56 35 e6 79 ab | 66 77 c0 88 3b 62 26 aa 0b 29 53 14 af 87 bc 38 | 05 c5 01 70 43 25 b1 f2 8a c9 e9 43 ca 14 4a 11 | ac 19 3a 6f 03 1e e7 21 34 b3 03 07 97 f9 b1 1f | 77 0e 41 e3 bd 40 c5 a9 79 80 68 8a 9a 2e dd b5 | c4 3d 92 2f 95 e0 d1 7c 68 39 0e 34 d2 d1 81 91 | b2 3f 87 09 a4 c1 cb fc 9e 5f e4 3c ae f1 59 88 | 55 55 49 e8 9f 63 86 55 4a 49 96 e7 3a 48 96 58 | ab f2 10 f0 c1 ee 6b 6c bb ef f2 26 43 eb 22 e8 | b3 1a 44 64 5c de 8c ac 72 25 40 2e 4f 4d f7 ce | a3 18 9f 0d 14 2b 0c 29 0a 36 40 2c 0a 87 12 59 | 49 6d f3 f3 35 fe 1f 21 bb d3 d7 7a 29 00 00 24 | d9 f7 06 c0 25 0d 9a f2 87 0a 6c 28 6b f0 12 1d | bd 8c 32 09 94 56 50 4e 69 d5 1d 1b 6e 4c c8 a9 | 29 00 00 08 00 00 40 2e 29 00 00 1c 00 00 40 04 | 1a 53 af 03 fd 37 b0 3b 1d d2 b1 18 d5 44 ef 14 | 55 a1 d5 8c 26 00 00 1c 00 00 40 05 4d b9 94 12 | d3 52 96 d9 09 dd 0d c9 43 fa c7 84 b4 e4 1b 8a | 00 00 00 05 04 | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5617653feb08 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x561765402c78 | event_schedule: new EVENT_SO_DISCARD-pe@0x561765402c78 | inserting event EVENT_SO_DISCARD, timeout in 200 seconds for #1 | libevent_malloc: new ptr-libevent@0x561765402d58 size 128 | resume sending helper answer for #1 suppresed complete_v2_state_transition() | #1 spent 1.07 milliseconds in resume sending helper answer | stop processing: state #1 connection "san" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bf0002888 | spent 0 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 539 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac | 35 20 23 08 00 00 00 01 00 00 02 1b 23 00 01 ff | 00 01 00 04 bd cf 29 5b 93 dd 36 6b b4 e3 21 b9 | 1f 93 03 3a 79 6e 31 13 f6 b7 f8 65 90 b3 56 f9 | 9d 6d f6 d2 f1 88 3c 87 99 a9 40 1c ff 99 0e 6e | e9 4a 94 bc 21 09 55 e6 1e aa d6 c7 cc 34 e1 d5 | 36 5e 21 80 b6 2c 4c 90 59 19 40 8e 3c b6 47 35 | a9 4c d7 b4 7e 2c a1 ea 0a d6 2e 86 5d 92 b9 74 | 9b 8e 17 07 fe ed 4c c8 8c d5 58 eb 30 14 c5 b2 | ae 33 8e d8 52 0d 41 49 58 97 5b 18 5c e9 f3 38 | d4 a3 22 0d 00 fd 0a a7 15 23 94 2a d7 ce 16 c2 | 2c ca bf c2 7b 65 b8 82 90 da 0f 2f d6 f1 6b ea | c7 79 63 3a 60 b0 dd 9e 45 4d 4c b5 c3 02 9e 3e | d5 b2 b5 ab 50 0f ca bd bd 47 b0 a1 3b b6 3c 2f | 2a 3f 2a 7e 94 eb cd 40 ae 49 c5 6d 65 12 c8 1b | 9a 0a 4c 47 ee 83 bc 85 62 42 a4 2e d7 c9 e1 6d | 8f 1f 1b 63 10 74 67 bc 63 30 2b 0f b7 2d 57 63 | 80 85 d8 66 c5 5a be 88 26 97 51 68 b7 02 da 55 | 91 e2 e4 1d f8 cd 3f 1f 4a b9 ad f3 27 b8 70 17 | df ba 74 38 e7 7e 1f 9f 29 fc ba 70 fd 7d a4 dd | 8d 27 0a 4f 4b d6 2e 75 bb 4a 77 6f 7e d1 3e bc | 5d 03 96 88 28 8e be 06 96 a1 54 bb 4a 2e 80 c0 | cd 84 56 5f 28 f6 28 1d 1d 4b 57 1b b2 8c 82 a0 | 40 94 c8 dc f3 72 df 6c 40 c5 5a eb 1c 4a ba 90 | 49 7e 4a 87 d6 05 55 fe 2f 27 80 06 1c 27 0e 44 | af 83 8a 7b 43 b3 5c 3c c2 f6 5f 09 26 c9 bd 8f | e0 4c 8c 7f b6 ac 7d 3f f4 ba 3a c2 7b 34 bb 66 | b0 af 0d a7 e5 21 eb 74 85 39 1f 2c 6e a5 14 f2 | 21 3d 4c 01 61 8e 0a ff d0 b3 91 ff 99 96 a3 6c | 04 78 f6 8d 5b af f0 1b aa 35 20 86 c9 62 1c 29 | 1b 42 4c c1 f5 f5 ce c7 62 8a fd d9 df 2e 8e 56 | 16 dd 61 1f 13 d4 29 b2 e2 6d 50 ca 30 a8 7c 02 | 7e 24 14 38 fa c4 69 2a 26 5e 7b 06 34 91 cd 75 | 06 9b 04 7a c0 e5 a6 a4 55 5f e4 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d2 a7 aa df b0 45 d4 6f | responder cookie: | f1 48 0b c7 09 b8 1d ac | next payload type: ISAKMP_NEXT_v2SKF (0x35) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_AUTH (0x23) | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) | Message ID: 1 (0x1) | length: 539 (0x21b) | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request | State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa) | start processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016) | State DB: IKEv2 state not found (find_v2_sa_by_responder_wip) | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2064) | #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 | Message ID: #1 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 | unpacking clear payload | Now let's proceed with payload (ISAKMP_NEXT_v2SKF) | ***parse IKEv2 Encrypted Fragment: | next payload type: ISAKMP_NEXT_v2IDi (0x23) | flags: none (0x0) | length: 511 (0x1ff) | fragment number: 1 (0x1) | total fragments: 4 (0x4) | processing payload: ISAKMP_NEXT_v2SKF (len=503) | Message ID: start-responder #1 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=-1->1 | #1 in state PARENT_R1: received v2I1, sent v2R1 | received IKE encrypted fragment number '1', total number '4', next payload '35' | updated IKE fragment state to respond using fragments without waiting for re-transmits | stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018) | #1 spent 0.224 milliseconds in ikev2_process_packet() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.242 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00317 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 539 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac | 35 20 23 08 00 00 00 01 00 00 02 1b 00 00 01 ff | 00 02 00 04 de 31 1f 50 d8 89 ba ae 95 ea 92 7b | fd 4b 50 d9 5e 0d 72 0c 2f f4 72 74 1c f5 ca 39 | 79 36 9c 6f ea 62 2f d9 a7 7b f0 38 f4 36 01 10 | 1c 1a 30 c7 da b4 72 50 c6 26 df e0 92 3b b6 ae | fe b3 c4 a6 ae 15 f2 64 f6 80 bc 44 c8 9c be a1 | 57 7b 59 23 a2 12 34 3e 50 ba 52 8b 65 6a 30 08 | 3e c0 c6 0f 95 c2 ab 2e d1 91 f1 b5 f0 46 a1 4b | 72 d7 25 d5 3b 54 33 8d 43 c3 d8 f7 f1 e8 d2 7c | e7 8c 85 65 c2 b4 d9 69 39 48 c7 40 ec 9e 03 3c | 62 7c 7d b7 d5 ab f5 50 8b 88 0b aa d1 6d b1 a4 | a1 60 f3 bd 05 07 51 e1 64 0d 50 95 01 22 fe 01 | 41 b3 cc 38 5a 80 e3 7b b5 09 6a 8c 23 0a a1 1a | 23 46 d2 36 4a 95 e4 f1 de 7e 42 c6 f2 9f 28 e7 | d3 5c 9b 0c 3e 90 cd 34 b8 ce 15 36 61 e6 f2 d9 | d8 d4 58 95 29 92 f5 57 d2 cb 50 ae ed 02 02 a0 | 92 ed 8c 1b 19 01 34 ed 78 79 ed 2f b2 39 55 2b | d0 6b 63 92 d5 4c 7b ea 37 c7 70 15 d6 87 7e 36 | d6 1f 17 22 3f a8 48 47 12 7f c8 bf bc aa 30 cf | 69 cc 9a 74 3a 22 42 60 25 ba 53 e3 5b 9c d2 af | 5e 3b 89 03 8f 33 be 02 98 b1 a0 a5 08 52 69 6a | 4e ba f9 f9 25 d4 d9 87 da 3c 5a d5 8f 4b a3 4a | 74 8b 4e dc cb c1 98 f3 09 ab 2f 37 ff f9 2f 33 | 65 ed f6 e9 46 cc 11 2d 5f 7e e8 1a 8b ff a6 96 | 85 4c ba 60 6e 3a c4 b5 56 3c 73 34 0a 6c e6 9c | 84 43 87 f9 e4 ce 55 69 f0 9a 3b e7 77 07 aa 25 | b3 ff 76 e7 9e f3 d7 dc 42 ab 0b 5c e0 c0 15 2d | dc 84 b7 88 91 5a 6b 89 a3 37 3f 81 79 c8 8f 23 | 1f 23 d9 27 11 58 d5 6f 65 60 e5 71 52 84 64 30 | c3 67 00 0f 49 86 93 6a 86 41 33 4e 28 f9 6d fb | 5d 1e a8 81 c8 25 0f d8 56 55 d9 39 39 73 e1 21 | ce 18 42 fb 46 34 08 b2 da 6c dc 17 ef 1c 0a 7f | aa 4a e9 51 f6 22 37 ca f1 7b 4e | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d2 a7 aa df b0 45 d4 6f | responder cookie: | f1 48 0b c7 09 b8 1d ac | next payload type: ISAKMP_NEXT_v2SKF (0x35) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_AUTH (0x23) | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) | Message ID: 1 (0x1) | length: 539 (0x21b) | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request | State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa) | start processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016) | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2062) | #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 | #1 is idle | #1 idle | Message ID: #1 not a duplicate - responder is accumulating fragments; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=1 | unpacking clear payload | Now let's proceed with payload (ISAKMP_NEXT_v2SKF) | ***parse IKEv2 Encrypted Fragment: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | length: 511 (0x1ff) | fragment number: 2 (0x2) | total fragments: 4 (0x4) | processing payload: ISAKMP_NEXT_v2SKF (len=503) | #1 in state PARENT_R1: received v2I1, sent v2R1 | received IKE encrypted fragment number '2', total number '4', next payload '0' | stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018) | #1 spent 0.183 milliseconds in ikev2_process_packet() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.198 milliseconds in comm_handle_cb() reading and processing packet | spent 0.0019 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 539 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac | 35 20 23 08 00 00 00 01 00 00 02 1b 00 00 01 ff | 00 03 00 04 2d fb 2d 55 82 10 28 6d 67 e4 48 b8 | b5 bb ea 53 7b bc e2 85 f0 9f 9e 8a 12 d1 19 2d | 92 bc e6 8e c5 56 fc 30 d9 c1 5a d9 5e fa 11 2f | 93 aa 1b 3d d9 59 fe 67 b4 90 f2 97 1d 07 3a 1f | 74 ab 35 3f bd 83 46 73 59 2d a6 da a8 49 2e 6c | b6 d8 77 1d 2b 1a a2 4b 5e 80 a6 06 29 d7 b6 57 | a7 62 99 3a 87 86 8f ca d7 b2 1c 99 3d a1 2b b1 | 81 14 43 9c 96 56 82 68 61 43 83 72 91 57 dc 6d | 83 e0 d8 17 b0 40 fc e9 d6 cc bc c9 b1 e2 ed 6c | da 2e 19 14 ab 3f a2 da 77 96 c5 57 e2 bc 70 34 | a6 89 91 8e 88 92 0c da 2e 5f ac 9f 81 3c 4e 0c | b6 00 dc 03 81 ee 33 87 f9 e3 0f e7 01 b1 59 de | e9 d7 89 fa f5 91 98 6a ad e4 cc f8 36 69 c0 fd | f3 9c 8a 54 91 ac f3 9a 7c f1 bf 8b d3 09 7e cc | ee ba 22 30 00 97 88 66 90 a3 50 a4 0c 84 df 2c | e2 a0 78 19 ed f5 d5 10 63 dd 41 03 7e 1b a1 7b | 32 8a 10 99 7c 8f 8f 33 46 e2 f1 31 7d ca 57 b9 | d0 1e e4 43 22 88 7a 42 a7 4f 24 07 e7 17 16 42 | 05 cc ed 3c 52 0d 97 1e 50 01 84 85 9a 23 58 ff | 34 96 2f 44 fc 7b 15 0e a9 93 7f 0a 25 10 c0 e4 | c9 47 7d 91 4c 35 75 7f 22 99 e6 df 25 67 bb 79 | 8f 35 8d d1 e0 96 88 af a2 e0 51 0c fa d2 d8 32 | d2 25 45 59 72 30 6a ee 76 73 57 e5 16 f3 59 7e | 62 39 e2 c4 7d ec 55 91 2d 4f 44 01 7c 04 e3 be | 23 a3 3c b4 e3 2c 34 47 05 0c 17 0a be 85 68 f7 | 32 a5 3d 3f de d0 d0 d8 b4 e0 5e eb 0c 02 ab b0 | 54 79 fb cb 1b 54 0e d6 9a 79 90 ad 9f db aa e5 | 82 ec 03 d5 78 7e 44 5a 5a ab 38 42 27 ea 2c 2e | 11 c8 34 ec ca 90 43 84 5a cd 14 ba 19 70 e9 8c | 8e 6c 35 42 bc 07 62 ed 34 16 78 08 3b 8a c0 93 | af db a1 34 a5 85 03 42 05 5e e6 ea 1e a2 87 b4 | 75 af ad 42 24 b9 f1 64 05 e7 51 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d2 a7 aa df b0 45 d4 6f | responder cookie: | f1 48 0b c7 09 b8 1d ac | next payload type: ISAKMP_NEXT_v2SKF (0x35) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_AUTH (0x23) | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) | Message ID: 1 (0x1) | length: 539 (0x21b) | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request | State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa) | start processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016) | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2062) | #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 | #1 is idle | #1 idle | Message ID: #1 not a duplicate - responder is accumulating fragments; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=1 | unpacking clear payload | Now let's proceed with payload (ISAKMP_NEXT_v2SKF) | ***parse IKEv2 Encrypted Fragment: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | length: 511 (0x1ff) | fragment number: 3 (0x3) | total fragments: 4 (0x4) | processing payload: ISAKMP_NEXT_v2SKF (len=503) | #1 in state PARENT_R1: received v2I1, sent v2R1 | received IKE encrypted fragment number '3', total number '4', next payload '0' | stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018) | #1 spent 0.137 milliseconds in ikev2_process_packet() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.147 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00142 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 508 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac | 35 20 23 08 00 00 00 01 00 00 01 fc 00 00 01 e0 | 00 04 00 04 d6 e8 7d fb 66 14 ee b9 3a a2 05 46 | 14 a0 fb 8e 84 aa 48 b0 21 b8 1c 9f 9b 77 8d 92 | 23 48 e2 98 4a 19 b7 0b 43 b6 94 13 9a 21 82 14 | aa 70 48 15 63 69 02 58 a0 dc 2b 46 3c 63 2e 40 | 46 5f 39 ac ac 46 11 44 e5 65 fe d8 a6 a8 fa fa | 42 fa 9f 7d 1e 96 47 7e 56 19 19 c4 dd dd d9 d7 | e1 4d 9b 0e fd 4a ff 15 6c ae 4b 3d 66 eb 1b 85 | 65 19 1d 9e a0 b8 61 62 4c b7 93 55 63 7b 92 8c | ae fc e9 45 a7 8f 3b 75 99 4f 2e d6 ce 95 92 83 | 5d 79 84 9d e7 63 db 25 ad b3 9e 68 43 a3 7f e3 | aa de b4 63 94 b1 68 32 27 05 0f 73 85 bc 96 f3 | 9c f9 6d ac 18 82 4f 43 65 a6 9f 2f bb 0a 53 49 | 4c 6e 94 0f b8 a7 f2 07 bf 6d a7 d6 aa be 39 40 | 5f 92 3e 52 09 d4 a8 41 99 5a 17 cc 62 8e 7b 78 | 4a 20 8a b3 e3 7b 84 ce df a7 f8 fb 92 8e f4 13 | 98 22 5b e6 91 1d 7b 6f 82 88 b6 71 a3 f3 7c 1b | c9 58 cc 31 d5 3d a3 fb 1b eb 3b cb 57 22 1a fb | 4f 89 b5 a9 29 e1 08 96 5d da 07 b1 ac 95 e7 19 | 35 ac 6a 2e 5a f8 df 3b 53 32 51 8f c9 dd 2f b6 | 10 32 96 32 94 fd a1 15 11 23 c0 33 89 5c 25 cc | c9 84 85 d2 5c b7 f6 ee 50 4f 50 a7 50 30 5d 1e | 73 4e e5 0c a3 be 63 fa 1f f1 1a a0 72 78 56 0d | 6b f6 1d 3e b0 e2 8f cd 61 f7 f3 54 c5 2b 7a 33 | 47 35 6b 6d cf 03 b3 aa 98 bf 3d 34 64 33 f4 56 | a6 01 37 6d ca af 01 a6 c4 33 bc 7f 9d 9d ba b1 | 3c f4 93 e6 2d 5d 0e 1e 8b 55 6e 39 bf 64 35 17 | e1 b2 4e e5 6c 46 94 70 fc d8 40 9e cb af b6 dc | 3c fe ba 7f 4b ea 47 ca e5 8d 2b 94 92 53 b2 51 | 01 4b 2c 0f 57 bd b3 82 db 0f 9c d4 27 38 0e 7d | 5d 7c 90 32 5b 3e 51 8b b1 d2 94 22 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d2 a7 aa df b0 45 d4 6f | responder cookie: | f1 48 0b c7 09 b8 1d ac | next payload type: ISAKMP_NEXT_v2SKF (0x35) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_AUTH (0x23) | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) | Message ID: 1 (0x1) | length: 508 (0x1fc) | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request | State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa) | start processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016) | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2062) | #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 | #1 is idle | #1 idle | Message ID: #1 not a duplicate - responder is accumulating fragments; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=1 | unpacking clear payload | Now let's proceed with payload (ISAKMP_NEXT_v2SKF) | ***parse IKEv2 Encrypted Fragment: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | length: 480 (0x1e0) | fragment number: 4 (0x4) | total fragments: 4 (0x4) | processing payload: ISAKMP_NEXT_v2SKF (len=472) | #1 in state PARENT_R1: received v2I1, sent v2R1 | received IKE encrypted fragment number '4', total number '4', next payload '0' | selected state microcode Responder: process IKE_AUTH request (no SKEYSEED) | Now let's proceed with state specific processing | calling processor Responder: process IKE_AUTH request (no SKEYSEED) | ikev2 parent inI2outR2: calculating g^{xy} in order to decrypt I2 | offloading IKEv2 SKEYSEED using prf=HMAC_SHA2_512 integ=NONE cipherkey=AES_GCM_16 | adding ikev2_inI2outR2 KE work-order 2 for state #1 | state #1 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x561765402d58 | free_event_entry: release EVENT_SO_DISCARD-pe@0x561765402c78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x561765402c78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x7f6bf0002888 size 128 | #1 spent 0.0294 milliseconds in processing: Responder: process IKE_AUTH request (no SKEYSEED) in ikev2_process_state_packet() | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | #1 complete_v2_state_transition() PARENT_R1->PARENT_R1 with status STF_SUSPEND | crypto helper 2 resuming | suspending state #1 and saving MD | #1 is busy; has a suspended MD | crypto helper 2 starting work-order 2 for state #1 | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in log_stf_suspend() at ikev2.c:3269) | "san" #1 complete v2 state STATE_PARENT_R1 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 | stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018) | crypto helper 2 doing compute dh (V2) (ikev2_inI2outR2 KE); request ID 2 | #1 spent 0.179 milliseconds in ikev2_process_packet() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.196 milliseconds in comm_handle_cb() reading and processing packet | calculating skeyseed using prf=sha2_512 integ=none cipherkey-size=32 salt-size=4 | crypto helper 2 finished compute dh (V2) (ikev2_inI2outR2 KE); request ID 2 time elapsed 0.001591 seconds | (#1) spent 1.59 milliseconds in crypto helper computing work-order 2: ikev2_inI2outR2 KE (pcr) | crypto helper 2 sending results from work-order 2 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7f6be8000f48 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "san" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 2 | calling continuation function 0x561763e09b50 | ikev2_parent_inI2outR2_continue for #1: calculating g^{xy}, sending R2 | #1 in state PARENT_R1: received v2I1, sent v2R1 | already have all fragments, skipping fragment collection | already have all fragments, skipping fragment collection | #1 ikev2 ISAKMP_v2_IKE_AUTH decrypt success | Now let's proceed with payload (ISAKMP_NEXT_v2IDi) | **parse IKEv2 Identification - Initiator - Payload: | next payload type: ISAKMP_NEXT_v2CERT (0x25) | flags: none (0x0) | length: 12 (0xc) | ID type: ID_IPV4_ADDR (0x1) | processing payload: ISAKMP_NEXT_v2IDi (len=4) | Now let's proceed with payload (ISAKMP_NEXT_v2CERT) | **parse IKEv2 Certificate Payload: | next payload type: ISAKMP_NEXT_v2AUTH (0x27) | flags: none (0x0) | length: 1265 (0x4f1) | ikev2 cert encoding: CERT_X509_SIGNATURE (0x4) | processing payload: ISAKMP_NEXT_v2CERT (len=1260) | Now let's proceed with payload (ISAKMP_NEXT_v2AUTH) | **parse IKEv2 Authentication Payload: | next payload type: ISAKMP_NEXT_v2SA (0x21) | flags: none (0x0) | length: 392 (0x188) | auth method: IKEv2_AUTH_RSA (0x1) | processing payload: ISAKMP_NEXT_v2AUTH (len=384) | Now let's proceed with payload (ISAKMP_NEXT_v2SA) | **parse IKEv2 Security Association Payload: | next payload type: ISAKMP_NEXT_v2TSi (0x2c) | flags: none (0x0) | length: 164 (0xa4) | processing payload: ISAKMP_NEXT_v2SA (len=160) | Now let's proceed with payload (ISAKMP_NEXT_v2TSi) | **parse IKEv2 Traffic Selector - Initiator - Payload: | next payload type: ISAKMP_NEXT_v2TSr (0x2d) | flags: none (0x0) | length: 24 (0x18) | number of TS: 1 (0x1) | processing payload: ISAKMP_NEXT_v2TSi (len=16) | Now let's proceed with payload (ISAKMP_NEXT_v2TSr) | **parse IKEv2 Traffic Selector - Responder - Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | length: 24 (0x18) | number of TS: 1 (0x1) | processing payload: ISAKMP_NEXT_v2TSr (len=16) | selected state microcode Responder: process IKE_AUTH request | Now let's proceed with state specific processing | calling processor Responder: process IKE_AUTH request "san" #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,AUTH,SA,TSi,TSr} | #1 updating local interface from 192.1.2.23:500 to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | global one-shot timer EVENT_FREE_ROOT_CERTS scheduled in 300 seconds loading root certificate cache | spent 4.31 milliseconds in get_root_certs() calling PK11_ListCertsInSlot() | spent 0.0318 milliseconds in get_root_certs() filtering CAs | #1 spent 4.4 milliseconds in find_and_verify_certs() calling get_root_certs() | checking for known CERT payloads | saving certificate of type 'X509_SIGNATURE' | decoded cert: E=user-west@testing.libreswan.org,CN=west.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA | #1 spent 0.248 milliseconds in find_and_verify_certs() calling decode_cert_payloads() | cert_issuer_has_current_crl: looking for a CRL issued by E=testing@libreswan.org,CN=Libreswan test CA for mainca,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA | #1 spent 0.0494 milliseconds in find_and_verify_certs() calling crl_update_check() | missing or expired CRL | crl_strict: 0, ocsp: 0, ocsp_strict: 0, ocsp_post: 0 | verify_end_cert trying profile IPsec "san" #1: Certificate E=testing@libreswan.org,CN=Libreswan test CA for mainca,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA failed IPsec verification "san" #1: ERROR: The certificate was signed using a signature algorithm that is disabled because it is not secure. | #1 spent 0.542 milliseconds in find_and_verify_certs() calling verify_end_cert() "san" #1: X509: Certificate rejected for this connection "san" #1: X509: CERT payload bogus or revoked | parsing 4 raw bytes of IKEv2 Identification - Initiator - Payload into peer ID | peer ID c0 01 02 2d | refine_host_connection for IKEv2: starting with "san" | match_id a=192.1.2.45 | b=192.1.2.45 | results matched | refine_host_connection: checking "san" against "san", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked san against san, now for see if best | started looking for secret for 192.1.2.23->192.1.2.45 of kind PKK_RSA | searching for certificate PKK_RSA:AwEAAbEef vs PKK_RSA:AwEAAbEef | returning because exact peer id match | offered CA: 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' "san" #1: IKEv2 mode peer ID is ID_IPV4_ADDR: '192.1.2.45' | verifying AUTH payload | required RSA CA is '%any' | checking RSA keyid '192.1.2.23' for match with '192.1.2.45' | checking RSA keyid 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' for match with '192.1.2.45' | checking RSA keyid 'user-east@testing.libreswan.org' for match with '192.1.2.45' | checking RSA keyid '@east.testing.libreswan.org' for match with '192.1.2.45' | checking RSA keyid 'east@testing.libreswan.org' for match with '192.1.2.45' "san" #1: no RSA public key known for '192.1.2.45' | #1 spent 0.0454 milliseconds in ikev2_verify_rsa_hash() "san" #1: RSA authentication of I2 Auth Payload failed "san" #1: responding to IKE_AUTH message (ID 1) from 192.1.2.45:500 with encrypted notification AUTHENTICATION_FAILED | Opening output PBS encrypted notification | **emit ISAKMP Message: | initiator cookie: | d2 a7 aa df b0 45 d4 6f | responder cookie: | f1 48 0b c7 09 b8 1d ac | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_AUTH (0x23) | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) | Message ID: 1 (0x1) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit IKEv2 Encryption Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK) | next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'encrypted notification' | emitting 8 zero bytes of IV into IKEv2 Encryption Payload | Adding a v2N Payload | ****emit IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_AUTHENTICATION_FAILED (0x18) | next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'encrypted notification' | emitting length of IKEv2 Notify Payload: 8 | adding 1 bytes of padding (including 1 byte padding-length) | emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload | emitting length of IKEv2 Encryption Payload: 37 | emitting length of ISAKMP Message: 65 | sending 65 bytes for v2 notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac | 2e 20 23 20 00 00 00 01 00 00 00 41 29 00 00 25 | 8e b7 c7 60 22 9d ef 51 c2 54 c6 4b fd 7b 1a c0 | f4 22 dd d4 8b d8 42 1c cb 5b 83 9b 23 4f ef 39 | 76 | pstats #1 ikev2.ike failed auth-failed | ikev2_parent_inI2outR2_continue_tail returned STF_FATAL | #1 spent 5.69 milliseconds in processing: Responder: process IKE_AUTH request in ikev2_process_state_packet() | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | #1 complete_v2_state_transition() PARENT_R1->V2_IPSEC_R with status STF_FATAL | release_pending_whacks: state #1 has no whack fd | pstats #1 ikev2.ike deleted auth-failed | #1 spent 7.33 milliseconds in total | [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in delete_state() at state.c:879) "san" #1: deleting state (STATE_PARENT_R1) aged 0.036s and NOT sending notification | parent state #1: PARENT_R1(half-open IKE SA) => delete | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bf0002888 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x561765402c78 | State DB: IKEv2 state not found (flush_incomplete_children) | in connection_discard for connection san | State DB: deleting IKEv2 state #1 in PARENT_R1 | parent state #1: PARENT_R1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #1 from 192.1.2.45:500 (in delete_state() at state.c:1143) | resume sending helper answer for #1 suppresed complete_v2_state_transition() | in statetime_stop() and could not find #1 | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6be8000f48 | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_STATE_... in show_states_status (sort_states) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.35 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) shutting down | processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825) destroying root certificate cache | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' | unreference key: 0x5617653ff098 192.1.2.23 cnt 1-- | unreference key: 0x561765404768 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1-- | unreference key: 0x5617654042e8 user-east@testing.libreswan.org cnt 1-- | unreference key: 0x561765403d88 @east.testing.libreswan.org cnt 1-- | unreference key: 0x561765402648 east@testing.libreswan.org cnt 1-- | start processing: connection "san" (in delete_connection() at connections.c:189) | Deleting states for connection - including all other IPsec SA's of this IKE SA | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x561765402028 | flush revival: connection 'san' wasn't on the list | stop processing: connection "san" (in discard_connection() at connections.c:249) | crl fetch request list locked by 'free_crl_fetch' | crl fetch request list unlocked by 'free_crl_fetch' shutting down interface lo/lo 127.0.0.1:4500 shutting down interface lo/lo 127.0.0.1:500 shutting down interface eth0/eth0 192.0.2.254:4500 shutting down interface eth0/eth0 192.0.2.254:500 shutting down interface eth1/eth1 192.1.2.23:4500 shutting down interface eth1/eth1 192.1.2.23:500 | FOR_EACH_STATE_... in delete_states_dead_interfaces | libevent_free: release ptr-libevent@0x5617653ef648 | free_event_entry: release EVENT_NULL-pe@0x5617653fb538 | libevent_free: release ptr-libevent@0x561765395e58 | free_event_entry: release EVENT_NULL-pe@0x5617653fb5e8 | libevent_free: release ptr-libevent@0x561765395778 | free_event_entry: release EVENT_NULL-pe@0x5617653fb698 | libevent_free: release ptr-libevent@0x56176539d038 | free_event_entry: release EVENT_NULL-pe@0x5617653fb748 | libevent_free: release ptr-libevent@0x56176539d138 | free_event_entry: release EVENT_NULL-pe@0x5617653fb7f8 | libevent_free: release ptr-libevent@0x56176539d238 | free_event_entry: release EVENT_NULL-pe@0x5617653fb8a8 | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | libevent_free: release ptr-libevent@0x5617653ef6f8 | free_event_entry: release EVENT_NULL-pe@0x5617653e3818 | libevent_free: release ptr-libevent@0x561765395da8 | free_event_entry: release EVENT_NULL-pe@0x5617653e3378 | libevent_free: release ptr-libevent@0x5617653dc358 | free_event_entry: release EVENT_NULL-pe@0x56176539d2e8 | global timer EVENT_REINIT_SECRET uninitialized | global timer EVENT_SHUNT_SCAN uninitialized | global timer EVENT_PENDING_DDNS uninitialized | global timer EVENT_PENDING_PHASE2 uninitialized | global timer EVENT_CHECK_CRLS uninitialized | global timer EVENT_REVIVE_CONNS uninitialized | global timer EVENT_FREE_ROOT_CERTS uninitialized | global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized | global timer EVENT_NAT_T_KEEPALIVE uninitialized | libevent_free: release ptr-libevent@0x5617653a18b8 | signal event handler PLUTO_SIGCHLD uninstalled | libevent_free: release ptr-libevent@0x56176531f728 | signal event handler PLUTO_SIGTERM uninstalled | libevent_free: release ptr-libevent@0x5617653fad18 | signal event handler PLUTO_SIGHUP uninstalled | libevent_free: release ptr-libevent@0x5617653faf58 | signal event handler PLUTO_SIGSYS uninstalled | releasing event base | libevent_free: release ptr-libevent@0x5617653fae28 | libevent_free: release ptr-libevent@0x5617653ddc38 | libevent_free: release ptr-libevent@0x5617653ddbe8 | libevent_free: release ptr-libevent@0x5617653950f8 | libevent_free: release ptr-libevent@0x5617653ddba8 | libevent_free: release ptr-libevent@0x5617653fa9e8 | libevent_free: release ptr-libevent@0x5617653fac58 | libevent_free: release ptr-libevent@0x5617653ddde8 | libevent_free: release ptr-libevent@0x5617653e33e8 | libevent_free: release ptr-libevent@0x5617653e3048 | libevent_free: release ptr-libevent@0x5617653fb918 | libevent_free: release ptr-libevent@0x5617653fb868 | libevent_free: release ptr-libevent@0x5617653fb7b8 | libevent_free: release ptr-libevent@0x5617653fb708 | libevent_free: release ptr-libevent@0x5617653fb658 | libevent_free: release ptr-libevent@0x5617653fb5a8 | libevent_free: release ptr-libevent@0x56176531e9d8 | libevent_free: release ptr-libevent@0x5617653facd8 | libevent_free: release ptr-libevent@0x5617653fac98 | libevent_free: release ptr-libevent@0x5617653fab58 | libevent_free: release ptr-libevent@0x5617653fade8 | libevent_free: release ptr-libevent@0x5617653faa28 | libevent_free: release ptr-libevent@0x5617653a3448 | libevent_free: release ptr-libevent@0x5617653a33c8 | libevent_free: release ptr-libevent@0x56176531ed48 | releasing global libevent data | libevent_free: release ptr-libevent@0x5617653a35c8 | libevent_free: release ptr-libevent@0x5617653a3548 | libevent_free: release ptr-libevent@0x5617653a34c8 leak detective found no leaks