FIPS Product: YES
FIPS Kernel: NO
FIPS Mode: NO
NSS DB directory: sql:/etc/ipsec.d
Initializing NSS
Opening NSS database "sql:/etc/ipsec.d" read-only
NSS initialized
NSS crypto library initialized
FIPS HMAC integrity support [enabled]
FIPS mode disabled for pluto daemon
FIPS HMAC integrity verification self-test FAILED
libcap-ng support [enabled]
Linux audit support [enabled]
Linux audit activated
Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:28837
core dump dir: /var/tmp
secrets file: /etc/ipsec.secrets
leak-detective enabled
NSS crypto [enabled]
XAUTH PAM support [enabled]
| libevent is using pluto's memory allocator
Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
| libevent_malloc: new ptr-libevent@0x5617653a35c8 size 40
| libevent_malloc: new ptr-libevent@0x5617653a3548 size 40
| libevent_malloc: new ptr-libevent@0x5617653a34c8 size 40
| creating event base
| libevent_malloc: new ptr-libevent@0x5617653950f8 size 56
| libevent_malloc: new ptr-libevent@0x56176531ed48 size 664
| libevent_malloc: new ptr-libevent@0x5617653ddbe8 size 24
| libevent_malloc: new ptr-libevent@0x5617653ddc38 size 384
| libevent_malloc: new ptr-libevent@0x5617653ddba8 size 16
| libevent_malloc: new ptr-libevent@0x5617653a3448 size 40
| libevent_malloc: new ptr-libevent@0x5617653a33c8 size 48
| libevent_realloc: new ptr-libevent@0x56176531e9d8 size 256
| libevent_malloc: new ptr-libevent@0x5617653ddde8 size 16
| libevent_free: release ptr-libevent@0x5617653950f8
| libevent initialized
| libevent_realloc: new ptr-libevent@0x5617653950f8 size 64
| global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds
| init_nat_traversal() initialized with keep_alive=0s
NAT-Traversal support [enabled]
| global one-shot timer EVENT_NAT_T_KEEPALIVE initialized
| global one-shot timer EVENT_FREE_ROOT_CERTS initialized
| global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds
| global one-shot timer EVENT_REVIVE_CONNS initialized
| global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds
| global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds
Encryption algorithms:
AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c
AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b
AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a
3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des
CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128}
CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia
AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c
AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b
AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a
AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr
AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes
SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent
TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish
TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh
NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac
NULL IKEv1: ESP IKEv2: ESP []
CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305
Hash algorithms:
MD5 IKEv1: IKE IKEv2:
SHA1 IKEv1: IKE IKEv2: FIPS sha
SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256
SHA2_384 IKEv1: IKE IKEv2: FIPS sha384
SHA2_512 IKEv1: IKE IKEv2: FIPS sha512
PRF algorithms:
HMAC_MD5 IKEv1: IKE IKEv2: IKE md5
HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1
HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256
HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384
HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512
AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc
Integrity algorithms:
HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5
HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1
HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512
HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384
HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH
AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96
AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac
NONE IKEv1: ESP IKEv2: IKE ESP FIPS null
DH algorithms:
NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0
MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5
MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14
MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15
MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16
MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17
MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18
DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256
DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384
DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521
DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519
testing CAMELLIA_CBC:
Camellia: 16 bytes with 128-bit key
Camellia: 16 bytes with 128-bit key
Camellia: 16 bytes with 256-bit key
Camellia: 16 bytes with 256-bit key
testing AES_GCM_16:
empty string
one block
two blocks
two blocks with associated data
testing AES_CTR:
Encrypting 16 octets using AES-CTR with 128-bit key
Encrypting 32 octets using AES-CTR with 128-bit key
Encrypting 36 octets using AES-CTR with 128-bit key
Encrypting 16 octets using AES-CTR with 192-bit key
Encrypting 32 octets using AES-CTR with 192-bit key
Encrypting 36 octets using AES-CTR with 192-bit key
Encrypting 16 octets using AES-CTR with 256-bit key
Encrypting 32 octets using AES-CTR with 256-bit key
Encrypting 36 octets using AES-CTR with 256-bit key
testing AES_CBC:
Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key
Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key
Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key
Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key
testing AES_XCBC:
RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input
RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input
RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input
RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input
RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input
RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input
RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input
RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16)
RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10)
RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18)
testing HMAC_MD5:
RFC 2104: MD5_HMAC test 1
RFC 2104: MD5_HMAC test 2
RFC 2104: MD5_HMAC test 3
8 CPU cores online
starting up 7 crypto helpers
started thread for crypto helper 0
| starting up helper thread 0
| status value returned by setting the priority of this thread (crypto helper 0) 22
| crypto helper 0 waiting (nothing to do)
started thread for crypto helper 1
started thread for crypto helper 2
| starting up helper thread 2
| status value returned by setting the priority of this thread (crypto helper 2) 22
| crypto helper 2 waiting (nothing to do)
started thread for crypto helper 3
| starting up helper thread 3
| status value returned by setting the priority of this thread (crypto helper 3) 22
| crypto helper 3 waiting (nothing to do)
started thread for crypto helper 4
| starting up helper thread 4
| status value returned by setting the priority of this thread (crypto helper 4) 22
| crypto helper 4 waiting (nothing to do)
started thread for crypto helper 5
| starting up helper thread 5
| starting up helper thread 1
| status value returned by setting the priority of this thread (crypto helper 5) 22
| status value returned by setting the priority of this thread (crypto helper 1) 22
started thread for crypto helper 6
| checking IKEv1 state table
| starting up helper thread 6
| status value returned by setting the priority of this thread (crypto helper 6) 22
| MAIN_R0: category: half-open IKE SA flags: 0:
| -> MAIN_R1 EVENT_SO_DISCARD
| crypto helper 5 waiting (nothing to do)
| MAIN_I1: category: half-open IKE SA flags: 0:
| -> MAIN_I2 EVENT_RETRANSMIT
| crypto helper 1 waiting (nothing to do)
| MAIN_R1: category: open IKE SA flags: 200:
| -> MAIN_R2 EVENT_RETRANSMIT
| crypto helper 6 waiting (nothing to do)
| -> UNDEFINED EVENT_RETRANSMIT
| -> UNDEFINED EVENT_RETRANSMIT
| MAIN_I2: category: open IKE SA flags: 0:
| -> MAIN_I3 EVENT_RETRANSMIT
| -> UNDEFINED EVENT_RETRANSMIT
| -> UNDEFINED EVENT_RETRANSMIT
| MAIN_R2: category: open IKE SA flags: 0:
| -> MAIN_R3 EVENT_SA_REPLACE
| -> MAIN_R3 EVENT_SA_REPLACE
| -> UNDEFINED EVENT_SA_REPLACE
| MAIN_I3: category: open IKE SA flags: 0:
| -> MAIN_I4 EVENT_SA_REPLACE
| -> MAIN_I4 EVENT_SA_REPLACE
| -> UNDEFINED EVENT_SA_REPLACE
| MAIN_R3: category: established IKE SA flags: 200:
| -> UNDEFINED EVENT_NULL
| MAIN_I4: category: established IKE SA flags: 0:
| -> UNDEFINED EVENT_NULL
| AGGR_R0: category: half-open IKE SA flags: 0:
| -> AGGR_R1 EVENT_SO_DISCARD
| AGGR_I1: category: half-open IKE SA flags: 0:
| -> AGGR_I2 EVENT_SA_REPLACE
| -> AGGR_I2 EVENT_SA_REPLACE
| AGGR_R1: category: open IKE SA flags: 200:
| -> AGGR_R2 EVENT_SA_REPLACE
| -> AGGR_R2 EVENT_SA_REPLACE
| AGGR_I2: category: established IKE SA flags: 200:
| -> UNDEFINED EVENT_NULL
| AGGR_R2: category: established IKE SA flags: 0:
| -> UNDEFINED EVENT_NULL
| QUICK_R0: category: established CHILD SA flags: 0:
| -> QUICK_R1 EVENT_RETRANSMIT
| QUICK_I1: category: established CHILD SA flags: 0:
| -> QUICK_I2 EVENT_SA_REPLACE
| QUICK_R1: category: established CHILD SA flags: 0:
| -> QUICK_R2 EVENT_SA_REPLACE
| QUICK_I2: category: established CHILD SA flags: 200:
| -> UNDEFINED EVENT_NULL
| QUICK_R2: category: established CHILD SA flags: 0:
| -> UNDEFINED EVENT_NULL
| INFO: category: informational flags: 0:
| -> UNDEFINED EVENT_NULL
| INFO_PROTECTED: category: informational flags: 0:
| -> UNDEFINED EVENT_NULL
| XAUTH_R0: category: established IKE SA flags: 0:
| -> XAUTH_R1 EVENT_NULL
| XAUTH_R1: category: established IKE SA flags: 0:
| -> MAIN_R3 EVENT_SA_REPLACE
| MODE_CFG_R0: category: informational flags: 0:
| -> MODE_CFG_R1 EVENT_SA_REPLACE
| MODE_CFG_R1: category: established IKE SA flags: 0:
| -> MODE_CFG_R2 EVENT_SA_REPLACE
| MODE_CFG_R2: category: established IKE SA flags: 0:
| -> UNDEFINED EVENT_NULL
| MODE_CFG_I1: category: established IKE SA flags: 0:
| -> MAIN_I4 EVENT_SA_REPLACE
| XAUTH_I0: category: established IKE SA flags: 0:
| -> XAUTH_I1 EVENT_RETRANSMIT
| XAUTH_I1: category: established IKE SA flags: 0:
| -> MAIN_I4 EVENT_RETRANSMIT
| checking IKEv2 state table
| PARENT_I0: category: ignore flags: 0:
| -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT)
| PARENT_I1: category: half-open IKE SA flags: 0:
| -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification)
| -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH)
| PARENT_I2: category: open IKE SA flags: 0:
| -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification)
| -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification)
| -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification)
| -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response)
| -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification)
| PARENT_I3: category: established IKE SA flags: 0:
| -> PARENT_I3 EVENT_RETAIN (I3: Informational Request)
| -> PARENT_I3 EVENT_RETAIN (I3: Informational Response)
| -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request)
| -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response)
| PARENT_R0: category: half-open IKE SA flags: 0:
| -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT)
| PARENT_R1: category: half-open IKE SA flags: 0:
| -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED))
| -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request)
| PARENT_R2: category: established IKE SA flags: 0:
| -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request)
| -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response)
| -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request)
| -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response)
| V2_CREATE_I0: category: established IKE SA flags: 0:
| -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA)
| V2_CREATE_I: category: established IKE SA flags: 0:
| -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response)
| V2_REKEY_IKE_I0: category: established IKE SA flags: 0:
| -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey)
| V2_REKEY_IKE_I: category: established IKE SA flags: 0:
| -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response)
| V2_REKEY_CHILD_I0: category: established IKE SA flags: 0:
| -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA)
| V2_REKEY_CHILD_I: category: established IKE SA flags: 0: <none>
| V2_CREATE_R: category: established IKE SA flags: 0:
| -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request)
| V2_REKEY_IKE_R: category: established IKE SA flags: 0:
| -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey)
| V2_REKEY_CHILD_R: category: established IKE SA flags: 0: <none>
| V2_IPSEC_I: category: established CHILD SA flags: 0: <none>
| V2_IPSEC_R: category: established CHILD SA flags: 0: <none>
| IKESA_DEL: category: established IKE SA flags: 0:
| -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL)
| CHILDSA_DEL: category: informational flags: 0: <none>
Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64
| Hard-wiring algorithms
| adding AES_CCM_16 to kernel algorithm db
| adding AES_CCM_12 to kernel algorithm db
| adding AES_CCM_8 to kernel algorithm db
| adding 3DES_CBC to kernel algorithm db
| adding CAMELLIA_CBC to kernel algorithm db
| adding AES_GCM_16 to kernel algorithm db
| adding AES_GCM_12 to kernel algorithm db
| adding AES_GCM_8 to kernel algorithm db
| adding AES_CTR to kernel algorithm db
| adding AES_CBC to kernel algorithm db
| adding SERPENT_CBC to kernel algorithm db
| adding TWOFISH_CBC to kernel algorithm db
| adding NULL_AUTH_AES_GMAC to kernel algorithm db
| adding NULL to kernel algorithm db
| adding CHACHA20_POLY1305 to kernel algorithm db
| adding HMAC_MD5_96 to kernel algorithm db
| adding HMAC_SHA1_96 to kernel algorithm db
| adding HMAC_SHA2_512_256 to kernel algorithm db
| adding HMAC_SHA2_384_192 to kernel algorithm db
| adding HMAC_SHA2_256_128 to kernel algorithm db
| adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db
| adding AES_XCBC_96 to kernel algorithm db
| adding AES_CMAC_96 to kernel algorithm db
| adding NONE to kernel algorithm db
| net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes
| global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds
| setup kernel fd callback
| add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x56176539d2e8
| libevent_malloc: new ptr-libevent@0x5617653dc358 size 128
| libevent_malloc: new ptr-libevent@0x5617653e33e8 size 16
| add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x5617653e3378
| libevent_malloc: new ptr-libevent@0x561765395da8 size 128
| libevent_malloc: new ptr-libevent@0x5617653e3048 size 16
| global one-shot timer EVENT_CHECK_CRLS initialized
selinux support is enabled.
| unbound context created - setting debug level to 5
| /etc/hosts lookups activated
| /etc/resolv.conf usage activated
| outgoing-port-avoid set 0-65535
| outgoing-port-permit set 32768-60999
| Loading dnssec root key from:/var/lib/unbound/root.key
| No additional dnssec trust anchors defined via dnssec-trusted= option
| Setting up events, loop start
| add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x5617653e3818
| libevent_malloc: new ptr-libevent@0x5617653ef6f8 size 128
| libevent_malloc: new ptr-libevent@0x5617653fa9e8 size 16
| libevent_realloc: new ptr-libevent@0x5617653faa28 size 256
| libevent_malloc: new ptr-libevent@0x5617653fab58 size 8
| libevent_realloc: new ptr-libevent@0x5617653fab98 size 144
| libevent_malloc: new ptr-libevent@0x5617653a18b8 size 152
| libevent_malloc: new ptr-libevent@0x5617653fac58 size 16
| signal event handler PLUTO_SIGCHLD installed
| libevent_malloc: new ptr-libevent@0x5617653fac98 size 8
| libevent_malloc: new ptr-libevent@0x56176531f728 size 152
| signal event handler PLUTO_SIGTERM installed
| libevent_malloc: new ptr-libevent@0x5617653facd8 size 8
| libevent_malloc: new ptr-libevent@0x5617653fad18 size 152
| signal event handler PLUTO_SIGHUP installed
| libevent_malloc: new ptr-libevent@0x5617653fade8 size 8
| libevent_realloc: release ptr-libevent@0x5617653fab98
| libevent_realloc: new ptr-libevent@0x5617653fae28 size 256
| libevent_malloc: new ptr-libevent@0x5617653faf58 size 152
| signal event handler PLUTO_SIGSYS installed
| created addconn helper (pid:28913) using fork+execve
| forked child 28913
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
listening for IKE messages
| Inspecting interface lo
| found lo with address 127.0.0.1
| Inspecting interface eth0
| found eth0 with address 192.0.2.254
| Inspecting interface eth1
| found eth1 with address 192.1.2.23
Kernel supports NIC esp-hw-offload
adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.23:500
| NAT-Traversal: Trying sockopt style NAT-T
| NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
adding interface eth1/eth1 192.1.2.23:4500
adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.2.254:500
| NAT-Traversal: Trying sockopt style NAT-T
| NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
adding interface eth0/eth0 192.0.2.254:4500
adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500
| NAT-Traversal: Trying sockopt style NAT-T
| NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
adding interface lo/lo 127.0.0.1:4500
| no interfaces to sort
| FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations
| add_fd_read_event_handler: new ethX-pe@0x5617653fb538
| libevent_malloc: new ptr-libevent@0x5617653ef648 size 128
| libevent_malloc: new ptr-libevent@0x5617653fb5a8 size 16
| setup callback for interface lo 127.0.0.1:4500 fd 22
| add_fd_read_event_handler: new ethX-pe@0x5617653fb5e8
| libevent_malloc: new ptr-libevent@0x561765395e58 size 128
| libevent_malloc: new ptr-libevent@0x5617653fb658 size 16
| setup callback for interface lo 127.0.0.1:500 fd 21
| add_fd_read_event_handler: new ethX-pe@0x5617653fb698
| libevent_malloc: new ptr-libevent@0x561765395778 size 128
| libevent_malloc: new ptr-libevent@0x5617653fb708 size 16
| setup callback for interface eth0 192.0.2.254:4500 fd 20
| add_fd_read_event_handler: new ethX-pe@0x5617653fb748
| libevent_malloc: new ptr-libevent@0x56176539d038 size 128
| libevent_malloc: new ptr-libevent@0x5617653fb7b8 size 16
| setup callback for interface eth0 192.0.2.254:500 fd 19
| add_fd_read_event_handler: new ethX-pe@0x5617653fb7f8
| libevent_malloc: new ptr-libevent@0x56176539d138 size 128
| libevent_malloc: new ptr-libevent@0x5617653fb868 size 16
| setup callback for interface eth1 192.1.2.23:4500 fd 18
| add_fd_read_event_handler: new ethX-pe@0x5617653fb8a8
| libevent_malloc: new ptr-libevent@0x56176539d238 size 128
| libevent_malloc: new ptr-libevent@0x5617653fb918 size 16
| setup callback for interface eth1 192.1.2.23:500 fd 17
| certs and keys locked by 'free_preshared_secrets'
| certs and keys unlocked by 'free_preshared_secrets'
loading secrets from "/etc/ipsec.secrets"
| saving Modulus
| saving PublicExponent
| ignoring PrivateExponent
| ignoring Prime1
| ignoring Prime2
| ignoring Exponent1
| ignoring Exponent2
| ignoring Coefficient
| ignoring CKAIDNSS
| computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1
| computed rsa CKAID 8a 82 25 f1
loaded private key for keyid: PKK_RSA:AQO9bJbr3
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secret'
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 0.586 milliseconds in whack
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
listening for IKE messages
| Inspecting interface lo
| found lo with address 127.0.0.1
| Inspecting interface eth0
| found eth0 with address 192.0.2.254
| Inspecting interface eth1
| found eth1 with address 192.1.2.23
| no interfaces to sort
| libevent_free: release ptr-libevent@0x5617653ef648
| free_event_entry: release EVENT_NULL-pe@0x5617653fb538
| add_fd_read_event_handler: new ethX-pe@0x5617653fb538
| libevent_malloc: new ptr-libevent@0x5617653ef648 size 128
| setup callback for interface lo 127.0.0.1:4500 fd 22
| libevent_free: release ptr-libevent@0x561765395e58
| free_event_entry: release EVENT_NULL-pe@0x5617653fb5e8
| add_fd_read_event_handler: new ethX-pe@0x5617653fb5e8
| libevent_malloc: new ptr-libevent@0x561765395e58 size 128
| setup callback for interface lo 127.0.0.1:500 fd 21
| libevent_free: release ptr-libevent@0x561765395778
| free_event_entry: release EVENT_NULL-pe@0x5617653fb698
| add_fd_read_event_handler: new ethX-pe@0x5617653fb698
| libevent_malloc: new ptr-libevent@0x561765395778 size 128
| setup callback for interface eth0 192.0.2.254:4500 fd 20
| libevent_free: release ptr-libevent@0x56176539d038
| free_event_entry: release EVENT_NULL-pe@0x5617653fb748
| add_fd_read_event_handler: new ethX-pe@0x5617653fb748
| libevent_malloc: new ptr-libevent@0x56176539d038 size 128
| setup callback for interface eth0 192.0.2.254:500 fd 19
| libevent_free: release ptr-libevent@0x56176539d138
| free_event_entry: release EVENT_NULL-pe@0x5617653fb7f8
| add_fd_read_event_handler: new ethX-pe@0x5617653fb7f8
| libevent_malloc: new ptr-libevent@0x56176539d138 size 128
| setup callback for interface eth1 192.1.2.23:4500 fd 18
| libevent_free: release ptr-libevent@0x56176539d238
| free_event_entry: release EVENT_NULL-pe@0x5617653fb8a8
| add_fd_read_event_handler: new ethX-pe@0x5617653fb8a8
| libevent_malloc: new ptr-libevent@0x56176539d238 size 128
| setup callback for interface eth1 192.1.2.23:500 fd 17
| certs and keys locked by 'free_preshared_secrets'
forgetting secrets
| certs and keys unlocked by 'free_preshared_secrets'
loading secrets from "/etc/ipsec.secrets"
| saving Modulus
| saving PublicExponent
| ignoring PrivateExponent
| ignoring Prime1
| ignoring Prime2
| ignoring Exponent1
| ignoring Exponent2
| ignoring Coefficient
| ignoring CKAIDNSS
| computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1
| computed rsa CKAID 8a 82 25 f1
loaded private key for keyid: PKK_RSA:AQO9bJbr3
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secret'
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 0.351 milliseconds in whack
| processing signal PLUTO_SIGCHLD
| waitpid returned pid 28913 (exited with status 0)
| reaped addconn helper child (status 0)
| waitpid returned ECHILD (no child processes left)
| spent 0.0165 milliseconds in signal handler PLUTO_SIGCHLD
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
| FOR_EACH_CONNECTION_... in conn_by_name
| FOR_EACH_CONNECTION_... in foreach_connection_by_alias
| FOR_EACH_CONNECTION_... in conn_by_name
| FOR_EACH_CONNECTION_... in foreach_connection_by_alias
| FOR_EACH_CONNECTION_... in conn_by_name
| Added new connection san with policy RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
| ike (phase1) algorithm values: AES_GCM_16_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_GCM_16_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31
| from whack: got --esp=
| ESP/AH string values: AES_GCM_16_256-NONE, AES_GCM_16_128-NONE, AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128, AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128
| counting wild cards for 192.1.2.45 is 0
| loading right certificate 'east' pubkey
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653fef58
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653fef08
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653feeb8
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653fec08
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x5617653febb8
| unreference key: 0x5617653fefa8 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
| unreference key: 0x561765402428 192.1.2.23 cnt 1--
| certs and keys locked by 'lsw_add_rsa_secret'
| certs and keys unlocked by 'lsw_add_rsa_secret'
| counting wild cards for 192.1.2.23 is 0
| connect_to_host_pair: 192.1.2.23:500 192.1.2.45:500 -> hp@(nil): none
| new hp@0x561765402028
added connection description "san"
| ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
| 192.1.2.23<192.1.2.23>...192.1.2.45<192.1.2.45>
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 1.01 milliseconds in whack
| spent 0.00524 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 828 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500)
| d2 a7 aa df b0 45 d4 6f 00 00 00 00 00 00 00 00
| 21 20 22 08 00 00 00 00 00 00 03 3c 22 00 01 b4
| 02 00 00 64 01 01 00 0b 03 00 00 0c 01 00 00 14
| 80 0e 01 00 03 00 00 08 02 00 00 07 03 00 00 08
| 02 00 00 05 03 00 00 08 04 00 00 0e 03 00 00 08
| 04 00 00 0f 03 00 00 08 04 00 00 10 03 00 00 08
| 04 00 00 12 03 00 00 08 04 00 00 13 03 00 00 08
| 04 00 00 14 03 00 00 08 04 00 00 15 00 00 00 08
| 04 00 00 1f 02 00 00 64 02 01 00 0b 03 00 00 0c
| 01 00 00 14 80 0e 00 80 03 00 00 08 02 00 00 07
| 03 00 00 08 02 00 00 05 03 00 00 08 04 00 00 0e
| 03 00 00 08 04 00 00 0f 03 00 00 08 04 00 00 10
| 03 00 00 08 04 00 00 12 03 00 00 08 04 00 00 13
| 03 00 00 08 04 00 00 14 03 00 00 08 04 00 00 15
| 00 00 00 08 04 00 00 1f 02 00 00 74 03 01 00 0d
| 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08
| 02 00 00 07 03 00 00 08 02 00 00 05 03 00 00 08
| 03 00 00 0e 03 00 00 08 03 00 00 0c 03 00 00 08
| 04 00 00 0e 03 00 00 08 04 00 00 0f 03 00 00 08
| 04 00 00 10 03 00 00 08 04 00 00 12 03 00 00 08
| 04 00 00 13 03 00 00 08 04 00 00 14 03 00 00 08
| 04 00 00 15 00 00 00 08 04 00 00 1f 00 00 00 74
| 04 01 00 0d 03 00 00 0c 01 00 00 0c 80 0e 00 80
| 03 00 00 08 02 00 00 07 03 00 00 08 02 00 00 05
| 03 00 00 08 03 00 00 0e 03 00 00 08 03 00 00 0c
| 03 00 00 08 04 00 00 0e 03 00 00 08 04 00 00 0f
| 03 00 00 08 04 00 00 10 03 00 00 08 04 00 00 12
| 03 00 00 08 04 00 00 13 03 00 00 08 04 00 00 14
| 03 00 00 08 04 00 00 15 00 00 00 08 04 00 00 1f
| 28 00 01 08 00 0e 00 00 4e 3f b6 53 5f 1c 40 78
| 14 d2 e0 d3 c2 b1 46 0f 1d 0a e4 da c4 df 77 24
| 9c 8a a3 07 3b 0a 26 c1 4e 05 05 f3 82 f6 25 31
| 34 b1 ae 38 fc 1b a1 ec 07 7a b7 8a 67 82 6b 96
| ea 39 3b 88 6e 10 3b 42 74 e8 55 78 6e df 8f bf
| 72 32 d5 92 c9 06 f9 ea ec 0f a9 cf ec 93 7e 37
| da e4 bb 8c 1a 42 35 05 66 b6 14 69 ed fb 7c e0
| 4f c5 dc c8 d1 3a fe 84 06 20 89 49 bf d2 47 3e
| 8b 6b 3f d9 64 43 3c f5 19 5b 95 89 7a c1 60 03
| 21 9b 64 fe a5 51 8a ab 27 fc 17 e7 b7 45 e6 6e
| 8e bd 58 6e 7d b1 79 2c bc 99 bf 67 b1 f7 fa f6
| ab b5 f0 5c 9a 05 1a 3a f7 0f 7e b5 bb ad 3f ca
| 12 67 00 50 ed 8b 92 d7 2d 9d 03 83 52 53 76 52
| d2 11 51 f2 d5 9b cf 07 24 01 72 b0 95 4c 22 3e
| 9d 1f 83 84 99 73 a6 6f 04 0a 5d 5e fe 30 06 3d
| fd bf 0d df f4 3e 0d 33 78 6a b5 0d 56 e7 2f 8a
| f6 8e 67 8a fb 23 85 88 29 00 00 24 6a d3 5e 3e
| 07 e3 76 7e 13 fd 6e 6c d6 fa 99 20 dc 28 2e dc
| 72 eb 38 a5 11 2c 7e 1c 8a cd 15 56 29 00 00 08
| 00 00 40 2e 29 00 00 1c 00 00 40 04 2c 1c ea cb
| 94 26 64 09 73 9c 5c bc 0a c3 71 cf 77 17 ca 99
| 00 00 00 1c 00 00 40 05 88 42 29 12 e3 73 7f ee
| 06 1e 2d 70 0d 24 84 d8 c2 84 4d ce
| start processing: from 192.1.2.45:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
| initiator cookie:
| d2 a7 aa df b0 45 d4 6f
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_v2SA (0x21)
| ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
| exchange type: ISAKMP_v2_IKE_SA_INIT (0x22)
| flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
| Message ID: 0 (0x0)
| length: 828 (0x33c)
| processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_SA_INIT (34)
| I am the IKE SA Original Responder receiving an IKEv2 IKE_SA_INIT request
| State DB: IKEv2 state not found (find_v2_ike_sa_by_initiator_spi)
| Now let's proceed with payload (ISAKMP_NEXT_v2SA)
| ***parse IKEv2 Security Association Payload:
| next payload type: ISAKMP_NEXT_v2KE (0x22)
| flags: none (0x0)
| length: 436 (0x1b4)
| processing payload: ISAKMP_NEXT_v2SA (len=432)
| Now let's proceed with payload (ISAKMP_NEXT_v2KE)
| ***parse IKEv2 Key Exchange Payload:
| next payload type: ISAKMP_NEXT_v2Ni (0x28)
| flags: none (0x0)
| length: 264 (0x108)
| DH group: OAKLEY_GROUP_MODP2048 (0xe)
| processing payload: ISAKMP_NEXT_v2KE (len=256)
| Now let's proceed with payload (ISAKMP_NEXT_v2Ni)
| ***parse IKEv2 Nonce Payload:
| next payload type: ISAKMP_NEXT_v2N (0x29)
| flags: none (0x0)
| length: 36 (0x24)
| processing payload: ISAKMP_NEXT_v2Ni (len=32)
| Now let's proceed with payload (ISAKMP_NEXT_v2N)
| ***parse IKEv2 Notify Payload:
| next payload type: ISAKMP_NEXT_v2N (0x29)
| flags: none (0x0)
| length: 8 (0x8)
| Protocol ID: PROTO_v2_RESERVED (0x0)
| SPI size: 0 (0x0)
| Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
| processing payload: ISAKMP_NEXT_v2N (len=0)
| Now let's proceed with payload (ISAKMP_NEXT_v2N)
| ***parse IKEv2 Notify Payload:
| next payload type: ISAKMP_NEXT_v2N (0x29)
| flags: none (0x0)
| length: 28 (0x1c)
| Protocol ID: PROTO_v2_RESERVED (0x0)
| SPI size: 0 (0x0)
| Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004)
| processing payload: ISAKMP_NEXT_v2N (len=20)
| Now let's proceed with payload (ISAKMP_NEXT_v2N)
| ***parse IKEv2 Notify Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| length: 28 (0x1c)
| Protocol ID: PROTO_v2_RESERVED (0x0)
| SPI size: 0 (0x0)
| Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
| processing payload: ISAKMP_NEXT_v2N (len=20)
| DDOS disabled and no cookie sent, continuing
| find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=ECDSA+IKEV2_ALLOW but ignoring ports
| find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports
| find_next_host_connection policy=ECDSA+IKEV2_ALLOW
| found policy = RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (san)
| find_next_host_connection returns empty
| find_host_connection local=192.1.2.23:500 remote=<none:> policy=ECDSA+IKEV2_ALLOW but ignoring ports
| find_next_host_connection policy=ECDSA+IKEV2_ALLOW
| find_next_host_connection returns empty
| initial parent SA message received on 192.1.2.23:500 but no connection has been authorized with policy ECDSA+IKEV2_ALLOW
| find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=RSASIG+IKEV2_ALLOW but ignoring ports
| find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports
| find_next_host_connection policy=RSASIG+IKEV2_ALLOW
| found policy = RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (san)
| find_next_host_connection returns san
| find_next_host_connection policy=RSASIG+IKEV2_ALLOW
| find_next_host_connection returns empty
| found connection: san with policy RSASIG+IKEV2_ALLOW
| creating state object #1 at 0x5617654060b8
| State DB: adding IKEv2 state #1 in UNDEFINED
| pstats #1 ikev2.ike started
| Message ID: init #1: msgid=0 lastack=4294967295 nextuse=0 lastrecv=4294967295 lastreplied=0
| parent state #1: UNDEFINED(ignore) => PARENT_R0(half-open IKE SA)
| Message ID: init_ike #1; ike: initiator.sent=0->-1 initiator.recv=0->-1 responder.sent=0->-1 responder.recv=0->-1 wip.initiator=0->-1 wip.responder=0->-1
| start processing: state #1 connection "san" from 192.1.2.45 (in ikev2_process_packet() at ikev2.c:2016)
| State DB: IKEv2 state not found (find_v2_sa_by_responder_wip)
| [RE]START processing: state #1 connection "san" from 192.1.2.45 (in ike_process_packet() at ikev2.c:2064)
| #1 st.st_msgid_lastrecv -1 md.hdr.isa_msgid 00000000
| Message ID: #1 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1
| Message ID: start-responder #1 request 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1 wip.initiator=-1 wip.responder=-1->0
| #1 in state PARENT_R0: processing SA_INIT request
| selected state microcode Respond to IKE_SA_INIT
| Now let's proceed with state specific processing
| calling processor Respond to IKE_SA_INIT
| #1 updating local interface from 192.1.2.23:500 to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669)
| constructing local IKE proposals for san (IKE SA responder matching remote proposals)
| converting ike_info AES_GCM_16_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ...
| ... ikev2_proposal: 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
| converting ike_info AES_GCM_16_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ...
| ... ikev2_proposal: 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
| converting ike_info AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ...
| ... ikev2_proposal: 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
| converting ike_info AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ...
| ... ikev2_proposal: 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
"san": constructed local IKE proposals for san (IKE SA responder matching remote proposals): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
| Comparing remote proposals against IKE responder 4 local proposals
| local proposal 1 type ENCR has 1 transforms
| local proposal 1 type PRF has 2 transforms
| local proposal 1 type INTEG has 1 transforms
| local proposal 1 type DH has 8 transforms
| local proposal 1 type ESN has 0 transforms
| local proposal 1 transforms: required: ENCR+PRF+DH; optional: INTEG
| local proposal 2 type ENCR has 1 transforms
| local proposal 2 type PRF has 2 transforms
| local proposal 2 type INTEG has 1 transforms
| local proposal 2 type DH has 8 transforms
| local proposal 2 type ESN has 0 transforms
| local proposal 2 transforms: required: ENCR+PRF+DH; optional: INTEG
| local proposal 3 type ENCR has 1 transforms
| local proposal 3 type PRF has 2 transforms
| local proposal 3 type INTEG has 2 transforms
| local proposal 3 type DH has 8 transforms
| local proposal 3 type ESN has 0 transforms
| local proposal 3 transforms: required: ENCR+PRF+INTEG+DH; optional: none
| local proposal 4 type ENCR has 1 transforms
| local proposal 4 type PRF has 2 transforms
| local proposal 4 type INTEG has 2 transforms
| local proposal 4 type DH has 8 transforms
| local proposal 4 type ESN has 0 transforms
| local proposal 4 transforms: required: ENCR+PRF+INTEG+DH; optional: none
| ****parse IKEv2 Proposal Substructure Payload:
| last proposal: v2_PROPOSAL_NON_LAST (0x2)
| length: 100 (0x64)
| prop #: 1 (0x1)
| proto ID: IKEv2_SEC_PROTO_IKE (0x1)
| spi size: 0 (0x0)
| # transforms: 11 (0xb)
| Comparing remote proposal 1 containing 11 transforms against local proposal [1..4] of 4 local proposals
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 12 (0xc)
| IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
| IKEv2 transform ID: AES_GCM_C (0x14)
| ******parse IKEv2 Attribute Substructure Payload:
| af+type: AF+IKEv2_KEY_LENGTH (0x800e)
| length/value: 256 (0x100)
| remote proposal 1 transform 0 (ENCR=AES_GCM_C_256) matches local proposal 1 type 1 (ENCR) transform 0
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 1 type 2 (PRF) transform 0
| remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 2 type 2 (PRF) transform 0
| remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 3 type 2 (PRF) transform 0
| remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 4 type 2 (PRF) transform 0
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
| remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0
| remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 3 type 4 (DH) transform 0
| remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 4 type 4 (DH) transform 0
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_LAST (0x0)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f)
| remote proposal 1 proposed transforms: ENCR+PRF+DH; matched: ENCR+PRF+DH; unmatched: none
| comparing remote proposal 1 containing ENCR+PRF+DH transforms to local proposal 1; required: ENCR+PRF+DH; optional: INTEG; matched: ENCR+PRF+DH
| remote proposal 1 matches local proposal 1
| ****parse IKEv2 Proposal Substructure Payload:
| last proposal: v2_PROPOSAL_NON_LAST (0x2)
| length: 100 (0x64)
| prop #: 2 (0x2)
| proto ID: IKEv2_SEC_PROTO_IKE (0x1)
| spi size: 0 (0x0)
| # transforms: 11 (0xb)
| Comparing remote proposal 2 containing 11 transforms against local proposal [1..0] of 4 local proposals
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 12 (0xc)
| IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
| IKEv2 transform ID: AES_GCM_C (0x14)
| ******parse IKEv2 Attribute Substructure Payload:
| af+type: AF+IKEv2_KEY_LENGTH (0x800e)
| length/value: 128 (0x80)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_LAST (0x0)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f)
| remote proposal 2 proposed transforms: ENCR+PRF+DH; matched: none; unmatched: ENCR+PRF+DH
| remote proposal 2 does not match; unmatched remote transforms: ENCR+PRF+DH
| ****parse IKEv2 Proposal Substructure Payload:
| last proposal: v2_PROPOSAL_NON_LAST (0x2)
| length: 116 (0x74)
| prop #: 3 (0x3)
| proto ID: IKEv2_SEC_PROTO_IKE (0x1)
| spi size: 0 (0x0)
| # transforms: 13 (0xd)
| Comparing remote proposal 3 containing 13 transforms against local proposal [1..0] of 4 local proposals
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 12 (0xc)
| IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
| IKEv2 transform ID: AES_CBC (0xc)
| ******parse IKEv2 Attribute Substructure Payload:
| af+type: AF+IKEv2_KEY_LENGTH (0x800e)
| length/value: 256 (0x100)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
| IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
| IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_LAST (0x0)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f)
| remote proposal 3 proposed transforms: ENCR+PRF+INTEG+DH; matched: none; unmatched: ENCR+PRF+INTEG+DH
| remote proposal 3 does not match; unmatched remote transforms: ENCR+PRF+INTEG+DH
| ****parse IKEv2 Proposal Substructure Payload:
| last proposal: v2_PROPOSAL_LAST (0x0)
| length: 116 (0x74)
| prop #: 4 (0x4)
| proto ID: IKEv2_SEC_PROTO_IKE (0x1)
| spi size: 0 (0x0)
| # transforms: 13 (0xd)
| Comparing remote proposal 4 containing 13 transforms against local proposal [1..0] of 4 local proposals
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 12 (0xc)
| IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
| IKEv2 transform ID: AES_CBC (0xc)
| ******parse IKEv2 Attribute Substructure Payload:
| af+type: AF+IKEv2_KEY_LENGTH (0x800e)
| length/value: 128 (0x80)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
| IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
| IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15)
| *****parse IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_LAST (0x0)
| length: 8 (0x8)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f)
| remote proposal 4 proposed transforms: ENCR+PRF+INTEG+DH; matched: none; unmatched: ENCR+PRF+INTEG+DH
| remote proposal 4 does not match; unmatched remote transforms: ENCR+PRF+INTEG+DH
"san" #1: proposal 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519
| accepted IKE proposal ikev2_proposal: 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048
| converting proposal to internal trans attrs
| natd_hash: rcookie is zero
| natd_hash: hasher=0x561763ede800(20)
| natd_hash: icookie= d2 a7 aa df b0 45 d4 6f
| natd_hash: rcookie= 00 00 00 00 00 00 00 00
| natd_hash: ip= c0 01 02 17
| natd_hash: port=500
| natd_hash: hash= 88 42 29 12 e3 73 7f ee 06 1e 2d 70 0d 24 84 d8
| natd_hash: hash= c2 84 4d ce
| natd_hash: rcookie is zero
| natd_hash: hasher=0x561763ede800(20)
| natd_hash: icookie= d2 a7 aa df b0 45 d4 6f
| natd_hash: rcookie= 00 00 00 00 00 00 00 00
| natd_hash: ip= c0 01 02 2d
| natd_hash: port=500
| natd_hash: hash= 2c 1c ea cb 94 26 64 09 73 9c 5c bc 0a c3 71 cf
| natd_hash: hash= 77 17 ca 99
| NAT_TRAVERSAL encaps using auto-detect
| NAT_TRAVERSAL this end is NOT behind NAT
| NAT_TRAVERSAL that end is NOT behind NAT
| NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45
| adding ikev2_inI1outR1 KE work-order 1 for state #1
| event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x561765402c78
| inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1
| libevent_malloc: new ptr-libevent@0x5617653feb08 size 128
| crypto helper 0 resuming
| crypto helper 0 starting work-order 1 for state #1
| crypto helper 0 doing build KE and nonce (ikev2_inI1outR1 KE); request ID 1
| #1 spent 1.43 milliseconds in processing: Respond to IKE_SA_INIT in ikev2_process_state_packet()
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379)
| #1 complete_v2_state_transition() PARENT_R0->PARENT_R1 with status STF_SUSPEND
| suspending state #1 and saving MD
| #1 is busy; has a suspended MD
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in log_stf_suspend() at ikev2.c:3269)
| "san" #1 complete v2 state STATE_PARENT_R0 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451
| stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018)
| #1 spent 2.14 milliseconds in ikev2_process_packet()
| stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380)
| processing: STOP state #0 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 2.16 milliseconds in comm_handle_cb() reading and processing packet
| crypto helper 0 finished build KE and nonce (ikev2_inI1outR1 KE); request ID 1 time elapsed 0.001818 seconds
| (#1) spent 1.8 milliseconds in crypto helper computing work-order 1: ikev2_inI1outR1 KE (pcr)
| crypto helper 0 sending results from work-order 1 for state #1 to event queue
| scheduling resume sending helper answer for #1
| libevent_malloc: new ptr-libevent@0x7f6bf0002888 size 128
| crypto helper 0 waiting (nothing to do)
| processing resume sending helper answer for #1
| start processing: state #1 connection "san" from 192.1.2.45:500 (in resume_handler() at server.c:797)
| crypto helper 0 replies to request ID 1
| calling continuation function 0x561763e09b50
| ikev2_parent_inI1outR1_continue for #1: calculated ke+nonce, sending R1
| **emit ISAKMP Message:
| initiator cookie:
| d2 a7 aa df b0 45 d4 6f
| responder cookie:
| f1 48 0b c7 09 b8 1d ac
| next payload type: ISAKMP_NEXT_NONE (0x0)
| ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
| exchange type: ISAKMP_v2_IKE_SA_INIT (0x22)
| flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
| Message ID: 0 (0x0)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| Emitting ikev2_proposal ...
| ***emit IKEv2 Security Association Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA)
| next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet'
| ****emit IKEv2 Proposal Substructure Payload:
| last proposal: v2_PROPOSAL_LAST (0x0)
| prop #: 1 (0x1)
| proto ID: IKEv2_SEC_PROTO_IKE (0x1)
| spi size: 0 (0x0)
| # transforms: 3 (0x3)
| last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal'
| *****emit IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
| IKEv2 transform ID: AES_GCM_C (0x14)
| last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform'
| ******emit IKEv2 Attribute Substructure Payload:
| af+type: AF+IKEv2_KEY_LENGTH (0x800e)
| length/value: 256 (0x100)
| emitting length of IKEv2 Transform Substructure Payload: 12
| *****emit IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_NON_LAST (0x3)
| IKEv2 transform type: TRANS_TYPE_PRF (0x2)
| IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
| last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform'
| emitting length of IKEv2 Transform Substructure Payload: 8
| *****emit IKEv2 Transform Substructure Payload:
| last transform: v2_TRANSFORM_LAST (0x0)
| IKEv2 transform type: TRANS_TYPE_DH (0x4)
| IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
| last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform'
| emitting length of IKEv2 Transform Substructure Payload: 8
| emitting length of IKEv2 Proposal Substructure Payload: 36
| last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0
| emitting length of IKEv2 Security Association Payload: 40
| last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0
| ***emit IKEv2 Key Exchange Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| DH group: OAKLEY_GROUP_MODP2048 (0xe)
| next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE)
| next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet'
| emitting 256 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload
| ikev2 g^x 6c 49 57 06 0f 41 3a c8 6c 0c c1 52 0c e4 c2 0a
| ikev2 g^x fc d3 24 9c a9 66 6e e8 c2 48 c4 6a e4 01 9d eb
| ikev2 g^x d4 9e d5 8c e4 65 48 f2 1a ad 40 3b 0a ba 9d e4
| ikev2 g^x e2 8b a8 e1 91 96 76 b9 a8 4e e0 a4 8d f9 4c d5
| ikev2 g^x 5d 23 4e d3 39 83 89 2c 23 e1 19 fb 7b c1 c4 56
| ikev2 g^x 35 e6 79 ab 66 77 c0 88 3b 62 26 aa 0b 29 53 14
| ikev2 g^x af 87 bc 38 05 c5 01 70 43 25 b1 f2 8a c9 e9 43
| ikev2 g^x ca 14 4a 11 ac 19 3a 6f 03 1e e7 21 34 b3 03 07
| ikev2 g^x 97 f9 b1 1f 77 0e 41 e3 bd 40 c5 a9 79 80 68 8a
| ikev2 g^x 9a 2e dd b5 c4 3d 92 2f 95 e0 d1 7c 68 39 0e 34
| ikev2 g^x d2 d1 81 91 b2 3f 87 09 a4 c1 cb fc 9e 5f e4 3c
| ikev2 g^x ae f1 59 88 55 55 49 e8 9f 63 86 55 4a 49 96 e7
| ikev2 g^x 3a 48 96 58 ab f2 10 f0 c1 ee 6b 6c bb ef f2 26
| ikev2 g^x 43 eb 22 e8 b3 1a 44 64 5c de 8c ac 72 25 40 2e
| ikev2 g^x 4f 4d f7 ce a3 18 9f 0d 14 2b 0c 29 0a 36 40 2c
| ikev2 g^x 0a 87 12 59 49 6d f3 f3 35 fe 1f 21 bb d3 d7 7a
| emitting length of IKEv2 Key Exchange Payload: 264
| ***emit IKEv2 Nonce Payload:
| next payload type: ISAKMP_NEXT_v2N (0x29)
| flags: none (0x0)
| next payload chain: ignoring supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N
| next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni)
| next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload
| IKEv2 nonce d9 f7 06 c0 25 0d 9a f2 87 0a 6c 28 6b f0 12 1d
| IKEv2 nonce bd 8c 32 09 94 56 50 4e 69 d5 1d 1b 6e 4c c8 a9
| emitting length of IKEv2 Nonce Payload: 36
| Adding a v2N Payload
| ***emit IKEv2 Notify Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| Protocol ID: PROTO_v2_RESERVED (0x0)
| SPI size: 0 (0x0)
| Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
| next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
| next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
| emitting length of IKEv2 Notify Payload: 8
| NAT-Traversal support [enabled] add v2N payloads.
| natd_hash: hasher=0x561763ede800(20)
| natd_hash: icookie= d2 a7 aa df b0 45 d4 6f
| natd_hash: rcookie= f1 48 0b c7 09 b8 1d ac
| natd_hash: ip= c0 01 02 17
| natd_hash: port=500
| natd_hash: hash= 1a 53 af 03 fd 37 b0 3b 1d d2 b1 18 d5 44 ef 14
| natd_hash: hash= 55 a1 d5 8c
| Adding a v2N Payload
| ***emit IKEv2 Notify Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| Protocol ID: PROTO_v2_RESERVED (0x0)
| SPI size: 0 (0x0)
| Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004)
| next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
| next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
| emitting 20 raw bytes of Notify data into IKEv2 Notify Payload
| Notify data 1a 53 af 03 fd 37 b0 3b 1d d2 b1 18 d5 44 ef 14
| Notify data 55 a1 d5 8c
| emitting length of IKEv2 Notify Payload: 28
| natd_hash: hasher=0x561763ede800(20)
| natd_hash: icookie= d2 a7 aa df b0 45 d4 6f
| natd_hash: rcookie= f1 48 0b c7 09 b8 1d ac
| natd_hash: ip= c0 01 02 2d
| natd_hash: port=500
| natd_hash: hash= 4d b9 94 12 d3 52 96 d9 09 dd 0d c9 43 fa c7 84
| natd_hash: hash= b4 e4 1b 8a
| Adding a v2N Payload
| ***emit IKEv2 Notify Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| Protocol ID: PROTO_v2_RESERVED (0x0)
| SPI size: 0 (0x0)
| Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
| next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
| next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
| emitting 20 raw bytes of Notify data into IKEv2 Notify Payload
| Notify data 4d b9 94 12 d3 52 96 d9 09 dd 0d c9 43 fa c7 84
| Notify data b4 e4 1b 8a
| emitting length of IKEv2 Notify Payload: 28
| going to send a certreq
| connection->kind is CK_PERMANENT so send CERTREQ
| ***emit IKEv2 Certificate Request Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| ikev2 cert encoding: CERT_X509_SIGNATURE (0x4)
| next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Certificate Request Payload (38:ISAKMP_NEXT_v2CERTREQ)
| next payload chain: saving location 'IKEv2 Certificate Request Payload'.'next payload type' in 'reply packet'
| emitting length of IKEv2 Certificate Request Payload: 5
| emitting length of ISAKMP Message: 437
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379)
| #1 complete_v2_state_transition() PARENT_R0->PARENT_R1 with status STF_OK
| IKEv2: transition from state STATE_PARENT_R0 to state STATE_PARENT_R1
| parent state #1: PARENT_R0(half-open IKE SA) => PARENT_R1(half-open IKE SA)
| Message ID: updating counters for #1 to 0 after switching state
| Message ID: recv #1 request 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1->0 wip.initiator=-1 wip.responder=0->-1
| Message ID: sent #1 response 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1->0 responder.recv=0 wip.initiator=-1 wip.responder=-1
"san" #1: STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
| sending V2 new request packet to 192.1.2.45:500 (from 192.1.2.23:500)
| sending 437 bytes for STATE_PARENT_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1)
| d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac
| 21 20 22 20 00 00 00 00 00 00 01 b5 22 00 00 28
| 00 00 00 24 01 01 00 03 03 00 00 0c 01 00 00 14
| 80 0e 01 00 03 00 00 08 02 00 00 07 00 00 00 08
| 04 00 00 0e 28 00 01 08 00 0e 00 00 6c 49 57 06
| 0f 41 3a c8 6c 0c c1 52 0c e4 c2 0a fc d3 24 9c
| a9 66 6e e8 c2 48 c4 6a e4 01 9d eb d4 9e d5 8c
| e4 65 48 f2 1a ad 40 3b 0a ba 9d e4 e2 8b a8 e1
| 91 96 76 b9 a8 4e e0 a4 8d f9 4c d5 5d 23 4e d3
| 39 83 89 2c 23 e1 19 fb 7b c1 c4 56 35 e6 79 ab
| 66 77 c0 88 3b 62 26 aa 0b 29 53 14 af 87 bc 38
| 05 c5 01 70 43 25 b1 f2 8a c9 e9 43 ca 14 4a 11
| ac 19 3a 6f 03 1e e7 21 34 b3 03 07 97 f9 b1 1f
| 77 0e 41 e3 bd 40 c5 a9 79 80 68 8a 9a 2e dd b5
| c4 3d 92 2f 95 e0 d1 7c 68 39 0e 34 d2 d1 81 91
| b2 3f 87 09 a4 c1 cb fc 9e 5f e4 3c ae f1 59 88
| 55 55 49 e8 9f 63 86 55 4a 49 96 e7 3a 48 96 58
| ab f2 10 f0 c1 ee 6b 6c bb ef f2 26 43 eb 22 e8
| b3 1a 44 64 5c de 8c ac 72 25 40 2e 4f 4d f7 ce
| a3 18 9f 0d 14 2b 0c 29 0a 36 40 2c 0a 87 12 59
| 49 6d f3 f3 35 fe 1f 21 bb d3 d7 7a 29 00 00 24
| d9 f7 06 c0 25 0d 9a f2 87 0a 6c 28 6b f0 12 1d
| bd 8c 32 09 94 56 50 4e 69 d5 1d 1b 6e 4c c8 a9
| 29 00 00 08 00 00 40 2e 29 00 00 1c 00 00 40 04
| 1a 53 af 03 fd 37 b0 3b 1d d2 b1 18 d5 44 ef 14
| 55 a1 d5 8c 26 00 00 1c 00 00 40 05 4d b9 94 12
| d3 52 96 d9 09 dd 0d c9 43 fa c7 84 b4 e4 1b 8a
| 00 00 00 05 04
| state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
| libevent_free: release ptr-libevent@0x5617653feb08
| free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x561765402c78
| event_schedule: new EVENT_SO_DISCARD-pe@0x561765402c78
| inserting event EVENT_SO_DISCARD, timeout in 200 seconds for #1
| libevent_malloc: new ptr-libevent@0x561765402d58 size 128
| resume sending helper answer for #1 suppresed complete_v2_state_transition()
| #1 spent 1.07 milliseconds in resume sending helper answer
| stop processing: state #1 connection "san" from 192.1.2.45:500 (in resume_handler() at server.c:833)
| libevent_free: release ptr-libevent@0x7f6bf0002888
| spent 0 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 539 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500)
| d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac
| 35 20 23 08 00 00 00 01 00 00 02 1b 23 00 01 ff
| 00 01 00 04 bd cf 29 5b 93 dd 36 6b b4 e3 21 b9
| 1f 93 03 3a 79 6e 31 13 f6 b7 f8 65 90 b3 56 f9
| 9d 6d f6 d2 f1 88 3c 87 99 a9 40 1c ff 99 0e 6e
| e9 4a 94 bc 21 09 55 e6 1e aa d6 c7 cc 34 e1 d5
| 36 5e 21 80 b6 2c 4c 90 59 19 40 8e 3c b6 47 35
| a9 4c d7 b4 7e 2c a1 ea 0a d6 2e 86 5d 92 b9 74
| 9b 8e 17 07 fe ed 4c c8 8c d5 58 eb 30 14 c5 b2
| ae 33 8e d8 52 0d 41 49 58 97 5b 18 5c e9 f3 38
| d4 a3 22 0d 00 fd 0a a7 15 23 94 2a d7 ce 16 c2
| 2c ca bf c2 7b 65 b8 82 90 da 0f 2f d6 f1 6b ea
| c7 79 63 3a 60 b0 dd 9e 45 4d 4c b5 c3 02 9e 3e
| d5 b2 b5 ab 50 0f ca bd bd 47 b0 a1 3b b6 3c 2f
| 2a 3f 2a 7e 94 eb cd 40 ae 49 c5 6d 65 12 c8 1b
| 9a 0a 4c 47 ee 83 bc 85 62 42 a4 2e d7 c9 e1 6d
| 8f 1f 1b 63 10 74 67 bc 63 30 2b 0f b7 2d 57 63
| 80 85 d8 66 c5 5a be 88 26 97 51 68 b7 02 da 55
| 91 e2 e4 1d f8 cd 3f 1f 4a b9 ad f3 27 b8 70 17
| df ba 74 38 e7 7e 1f 9f 29 fc ba 70 fd 7d a4 dd
| 8d 27 0a 4f 4b d6 2e 75 bb 4a 77 6f 7e d1 3e bc
| 5d 03 96 88 28 8e be 06 96 a1 54 bb 4a 2e 80 c0
| cd 84 56 5f 28 f6 28 1d 1d 4b 57 1b b2 8c 82 a0
| 40 94 c8 dc f3 72 df 6c 40 c5 5a eb 1c 4a ba 90
| 49 7e 4a 87 d6 05 55 fe 2f 27 80 06 1c 27 0e 44
| af 83 8a 7b 43 b3 5c 3c c2 f6 5f 09 26 c9 bd 8f
| e0 4c 8c 7f b6 ac 7d 3f f4 ba 3a c2 7b 34 bb 66
| b0 af 0d a7 e5 21 eb 74 85 39 1f 2c 6e a5 14 f2
| 21 3d 4c 01 61 8e 0a ff d0 b3 91 ff 99 96 a3 6c
| 04 78 f6 8d 5b af f0 1b aa 35 20 86 c9 62 1c 29
| 1b 42 4c c1 f5 f5 ce c7 62 8a fd d9 df 2e 8e 56
| 16 dd 61 1f 13 d4 29 b2 e2 6d 50 ca 30 a8 7c 02
| 7e 24 14 38 fa c4 69 2a 26 5e 7b 06 34 91 cd 75
| 06 9b 04 7a c0 e5 a6 a4 55 5f e4
| start processing: from 192.1.2.45:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
| initiator cookie:
| d2 a7 aa df b0 45 d4 6f
| responder cookie:
| f1 48 0b c7 09 b8 1d ac
| next payload type: ISAKMP_NEXT_v2SKF (0x35)
| ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
| exchange type: ISAKMP_v2_IKE_AUTH (0x23)
| flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
| Message ID: 1 (0x1)
| length: 539 (0x21b)
| processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request
| State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa)
| start processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016)
| State DB: IKEv2 state not found (find_v2_sa_by_responder_wip)
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2064)
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| Message ID: #1 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0
| unpacking clear payload
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
| next payload type: ISAKMP_NEXT_v2IDi (0x23)
| flags: none (0x0)
| length: 511 (0x1ff)
| fragment number: 1 (0x1)
| total fragments: 4 (0x4)
| processing payload: ISAKMP_NEXT_v2SKF (len=503)
| Message ID: start-responder #1 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=-1->1
| #1 in state PARENT_R1: received v2I1, sent v2R1
| received IKE encrypted fragment number '1', total number '4', next payload '35'
| updated IKE fragment state to respond using fragments without waiting for re-transmits
| stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018)
| #1 spent 0.224 milliseconds in ikev2_process_packet()
| stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380)
| processing: STOP state #0 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.242 milliseconds in comm_handle_cb() reading and processing packet
| spent 0.00317 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 539 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500)
| d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac
| 35 20 23 08 00 00 00 01 00 00 02 1b 00 00 01 ff
| 00 02 00 04 de 31 1f 50 d8 89 ba ae 95 ea 92 7b
| fd 4b 50 d9 5e 0d 72 0c 2f f4 72 74 1c f5 ca 39
| 79 36 9c 6f ea 62 2f d9 a7 7b f0 38 f4 36 01 10
| 1c 1a 30 c7 da b4 72 50 c6 26 df e0 92 3b b6 ae
| fe b3 c4 a6 ae 15 f2 64 f6 80 bc 44 c8 9c be a1
| 57 7b 59 23 a2 12 34 3e 50 ba 52 8b 65 6a 30 08
| 3e c0 c6 0f 95 c2 ab 2e d1 91 f1 b5 f0 46 a1 4b
| 72 d7 25 d5 3b 54 33 8d 43 c3 d8 f7 f1 e8 d2 7c
| e7 8c 85 65 c2 b4 d9 69 39 48 c7 40 ec 9e 03 3c
| 62 7c 7d b7 d5 ab f5 50 8b 88 0b aa d1 6d b1 a4
| a1 60 f3 bd 05 07 51 e1 64 0d 50 95 01 22 fe 01
| 41 b3 cc 38 5a 80 e3 7b b5 09 6a 8c 23 0a a1 1a
| 23 46 d2 36 4a 95 e4 f1 de 7e 42 c6 f2 9f 28 e7
| d3 5c 9b 0c 3e 90 cd 34 b8 ce 15 36 61 e6 f2 d9
| d8 d4 58 95 29 92 f5 57 d2 cb 50 ae ed 02 02 a0
| 92 ed 8c 1b 19 01 34 ed 78 79 ed 2f b2 39 55 2b
| d0 6b 63 92 d5 4c 7b ea 37 c7 70 15 d6 87 7e 36
| d6 1f 17 22 3f a8 48 47 12 7f c8 bf bc aa 30 cf
| 69 cc 9a 74 3a 22 42 60 25 ba 53 e3 5b 9c d2 af
| 5e 3b 89 03 8f 33 be 02 98 b1 a0 a5 08 52 69 6a
| 4e ba f9 f9 25 d4 d9 87 da 3c 5a d5 8f 4b a3 4a
| 74 8b 4e dc cb c1 98 f3 09 ab 2f 37 ff f9 2f 33
| 65 ed f6 e9 46 cc 11 2d 5f 7e e8 1a 8b ff a6 96
| 85 4c ba 60 6e 3a c4 b5 56 3c 73 34 0a 6c e6 9c
| 84 43 87 f9 e4 ce 55 69 f0 9a 3b e7 77 07 aa 25
| b3 ff 76 e7 9e f3 d7 dc 42 ab 0b 5c e0 c0 15 2d
| dc 84 b7 88 91 5a 6b 89 a3 37 3f 81 79 c8 8f 23
| 1f 23 d9 27 11 58 d5 6f 65 60 e5 71 52 84 64 30
| c3 67 00 0f 49 86 93 6a 86 41 33 4e 28 f9 6d fb
| 5d 1e a8 81 c8 25 0f d8 56 55 d9 39 39 73 e1 21
| ce 18 42 fb 46 34 08 b2 da 6c dc 17 ef 1c 0a 7f
| aa 4a e9 51 f6 22 37 ca f1 7b 4e
| start processing: from 192.1.2.45:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
| initiator cookie:
| d2 a7 aa df b0 45 d4 6f
| responder cookie:
| f1 48 0b c7 09 b8 1d ac
| next payload type: ISAKMP_NEXT_v2SKF (0x35)
| ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
| exchange type: ISAKMP_v2_IKE_AUTH (0x23)
| flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
| Message ID: 1 (0x1)
| length: 539 (0x21b)
| processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request
| State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa)
| start processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016)
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2062)
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 is idle
| #1 idle
| Message ID: #1 not a duplicate - responder is accumulating fragments; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=1
| unpacking clear payload
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| length: 511 (0x1ff)
| fragment number: 2 (0x2)
| total fragments: 4 (0x4)
| processing payload: ISAKMP_NEXT_v2SKF (len=503)
| #1 in state PARENT_R1: received v2I1, sent v2R1
| received IKE encrypted fragment number '2', total number '4', next payload '0'
| stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018)
| #1 spent 0.183 milliseconds in ikev2_process_packet()
| stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380)
| processing: STOP state #0 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.198 milliseconds in comm_handle_cb() reading and processing packet
| spent 0.0019 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 539 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500)
| d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac
| 35 20 23 08 00 00 00 01 00 00 02 1b 00 00 01 ff
| 00 03 00 04 2d fb 2d 55 82 10 28 6d 67 e4 48 b8
| b5 bb ea 53 7b bc e2 85 f0 9f 9e 8a 12 d1 19 2d
| 92 bc e6 8e c5 56 fc 30 d9 c1 5a d9 5e fa 11 2f
| 93 aa 1b 3d d9 59 fe 67 b4 90 f2 97 1d 07 3a 1f
| 74 ab 35 3f bd 83 46 73 59 2d a6 da a8 49 2e 6c
| b6 d8 77 1d 2b 1a a2 4b 5e 80 a6 06 29 d7 b6 57
| a7 62 99 3a 87 86 8f ca d7 b2 1c 99 3d a1 2b b1
| 81 14 43 9c 96 56 82 68 61 43 83 72 91 57 dc 6d
| 83 e0 d8 17 b0 40 fc e9 d6 cc bc c9 b1 e2 ed 6c
| da 2e 19 14 ab 3f a2 da 77 96 c5 57 e2 bc 70 34
| a6 89 91 8e 88 92 0c da 2e 5f ac 9f 81 3c 4e 0c
| b6 00 dc 03 81 ee 33 87 f9 e3 0f e7 01 b1 59 de
| e9 d7 89 fa f5 91 98 6a ad e4 cc f8 36 69 c0 fd
| f3 9c 8a 54 91 ac f3 9a 7c f1 bf 8b d3 09 7e cc
| ee ba 22 30 00 97 88 66 90 a3 50 a4 0c 84 df 2c
| e2 a0 78 19 ed f5 d5 10 63 dd 41 03 7e 1b a1 7b
| 32 8a 10 99 7c 8f 8f 33 46 e2 f1 31 7d ca 57 b9
| d0 1e e4 43 22 88 7a 42 a7 4f 24 07 e7 17 16 42
| 05 cc ed 3c 52 0d 97 1e 50 01 84 85 9a 23 58 ff
| 34 96 2f 44 fc 7b 15 0e a9 93 7f 0a 25 10 c0 e4
| c9 47 7d 91 4c 35 75 7f 22 99 e6 df 25 67 bb 79
| 8f 35 8d d1 e0 96 88 af a2 e0 51 0c fa d2 d8 32
| d2 25 45 59 72 30 6a ee 76 73 57 e5 16 f3 59 7e
| 62 39 e2 c4 7d ec 55 91 2d 4f 44 01 7c 04 e3 be
| 23 a3 3c b4 e3 2c 34 47 05 0c 17 0a be 85 68 f7
| 32 a5 3d 3f de d0 d0 d8 b4 e0 5e eb 0c 02 ab b0
| 54 79 fb cb 1b 54 0e d6 9a 79 90 ad 9f db aa e5
| 82 ec 03 d5 78 7e 44 5a 5a ab 38 42 27 ea 2c 2e
| 11 c8 34 ec ca 90 43 84 5a cd 14 ba 19 70 e9 8c
| 8e 6c 35 42 bc 07 62 ed 34 16 78 08 3b 8a c0 93
| af db a1 34 a5 85 03 42 05 5e e6 ea 1e a2 87 b4
| 75 af ad 42 24 b9 f1 64 05 e7 51
| start processing: from 192.1.2.45:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
| initiator cookie:
| d2 a7 aa df b0 45 d4 6f
| responder cookie:
| f1 48 0b c7 09 b8 1d ac
| next payload type: ISAKMP_NEXT_v2SKF (0x35)
| ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
| exchange type: ISAKMP_v2_IKE_AUTH (0x23)
| flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
| Message ID: 1 (0x1)
| length: 539 (0x21b)
| processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request
| State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa)
| start processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016)
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2062)
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 is idle
| #1 idle
| Message ID: #1 not a duplicate - responder is accumulating fragments; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=1
| unpacking clear payload
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| length: 511 (0x1ff)
| fragment number: 3 (0x3)
| total fragments: 4 (0x4)
| processing payload: ISAKMP_NEXT_v2SKF (len=503)
| #1 in state PARENT_R1: received v2I1, sent v2R1
| received IKE encrypted fragment number '3', total number '4', next payload '0'
| stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018)
| #1 spent 0.137 milliseconds in ikev2_process_packet()
| stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380)
| processing: STOP state #0 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.147 milliseconds in comm_handle_cb() reading and processing packet
| spent 0.00142 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 508 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500)
| d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac
| 35 20 23 08 00 00 00 01 00 00 01 fc 00 00 01 e0
| 00 04 00 04 d6 e8 7d fb 66 14 ee b9 3a a2 05 46
| 14 a0 fb 8e 84 aa 48 b0 21 b8 1c 9f 9b 77 8d 92
| 23 48 e2 98 4a 19 b7 0b 43 b6 94 13 9a 21 82 14
| aa 70 48 15 63 69 02 58 a0 dc 2b 46 3c 63 2e 40
| 46 5f 39 ac ac 46 11 44 e5 65 fe d8 a6 a8 fa fa
| 42 fa 9f 7d 1e 96 47 7e 56 19 19 c4 dd dd d9 d7
| e1 4d 9b 0e fd 4a ff 15 6c ae 4b 3d 66 eb 1b 85
| 65 19 1d 9e a0 b8 61 62 4c b7 93 55 63 7b 92 8c
| ae fc e9 45 a7 8f 3b 75 99 4f 2e d6 ce 95 92 83
| 5d 79 84 9d e7 63 db 25 ad b3 9e 68 43 a3 7f e3
| aa de b4 63 94 b1 68 32 27 05 0f 73 85 bc 96 f3
| 9c f9 6d ac 18 82 4f 43 65 a6 9f 2f bb 0a 53 49
| 4c 6e 94 0f b8 a7 f2 07 bf 6d a7 d6 aa be 39 40
| 5f 92 3e 52 09 d4 a8 41 99 5a 17 cc 62 8e 7b 78
| 4a 20 8a b3 e3 7b 84 ce df a7 f8 fb 92 8e f4 13
| 98 22 5b e6 91 1d 7b 6f 82 88 b6 71 a3 f3 7c 1b
| c9 58 cc 31 d5 3d a3 fb 1b eb 3b cb 57 22 1a fb
| 4f 89 b5 a9 29 e1 08 96 5d da 07 b1 ac 95 e7 19
| 35 ac 6a 2e 5a f8 df 3b 53 32 51 8f c9 dd 2f b6
| 10 32 96 32 94 fd a1 15 11 23 c0 33 89 5c 25 cc
| c9 84 85 d2 5c b7 f6 ee 50 4f 50 a7 50 30 5d 1e
| 73 4e e5 0c a3 be 63 fa 1f f1 1a a0 72 78 56 0d
| 6b f6 1d 3e b0 e2 8f cd 61 f7 f3 54 c5 2b 7a 33
| 47 35 6b 6d cf 03 b3 aa 98 bf 3d 34 64 33 f4 56
| a6 01 37 6d ca af 01 a6 c4 33 bc 7f 9d 9d ba b1
| 3c f4 93 e6 2d 5d 0e 1e 8b 55 6e 39 bf 64 35 17
| e1 b2 4e e5 6c 46 94 70 fc d8 40 9e cb af b6 dc
| 3c fe ba 7f 4b ea 47 ca e5 8d 2b 94 92 53 b2 51
| 01 4b 2c 0f 57 bd b3 82 db 0f 9c d4 27 38 0e 7d
| 5d 7c 90 32 5b 3e 51 8b b1 d2 94 22
| start processing: from 192.1.2.45:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
| initiator cookie:
| d2 a7 aa df b0 45 d4 6f
| responder cookie:
| f1 48 0b c7 09 b8 1d ac
| next payload type: ISAKMP_NEXT_v2SKF (0x35)
| ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
| exchange type: ISAKMP_v2_IKE_AUTH (0x23)
| flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
| Message ID: 1 (0x1)
| length: 508 (0x1fc)
| processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request
| State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa)
| start processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016)
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2062)
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 is idle
| #1 idle
| Message ID: #1 not a duplicate - responder is accumulating fragments; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=1
| unpacking clear payload
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| length: 480 (0x1e0)
| fragment number: 4 (0x4)
| total fragments: 4 (0x4)
| processing payload: ISAKMP_NEXT_v2SKF (len=472)
| #1 in state PARENT_R1: received v2I1, sent v2R1
| received IKE encrypted fragment number '4', total number '4', next payload '0'
| selected state microcode Responder: process IKE_AUTH request (no SKEYSEED)
| Now let's proceed with state specific processing
| calling processor Responder: process IKE_AUTH request (no SKEYSEED)
| ikev2 parent inI2outR2: calculating g^{xy} in order to decrypt I2
| offloading IKEv2 SKEYSEED using prf=HMAC_SHA2_512 integ=NONE cipherkey=AES_GCM_16
| adding ikev2_inI2outR2 KE work-order 2 for state #1
| state #1 requesting EVENT_SO_DISCARD to be deleted
| libevent_free: release ptr-libevent@0x561765402d58
| free_event_entry: release EVENT_SO_DISCARD-pe@0x561765402c78
| event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x561765402c78
| inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1
| libevent_malloc: new ptr-libevent@0x7f6bf0002888 size 128
| #1 spent 0.0294 milliseconds in processing: Responder: process IKE_AUTH request (no SKEYSEED) in ikev2_process_state_packet()
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379)
| #1 complete_v2_state_transition() PARENT_R1->PARENT_R1 with status STF_SUSPEND
| crypto helper 2 resuming
| suspending state #1 and saving MD
| #1 is busy; has a suspended MD
| crypto helper 2 starting work-order 2 for state #1
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in log_stf_suspend() at ikev2.c:3269)
| "san" #1 complete v2 state STATE_PARENT_R1 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451
| stop processing: state #1 connection "san" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018)
| crypto helper 2 doing compute dh (V2) (ikev2_inI2outR2 KE); request ID 2
| #1 spent 0.179 milliseconds in ikev2_process_packet()
| stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380)
| processing: STOP state #0 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.196 milliseconds in comm_handle_cb() reading and processing packet
| calculating skeyseed using prf=sha2_512 integ=none cipherkey-size=32 salt-size=4
| crypto helper 2 finished compute dh (V2) (ikev2_inI2outR2 KE); request ID 2 time elapsed 0.001591 seconds
| (#1) spent 1.59 milliseconds in crypto helper computing work-order 2: ikev2_inI2outR2 KE (pcr)
| crypto helper 2 sending results from work-order 2 for state #1 to event queue
| scheduling resume sending helper answer for #1
| libevent_malloc: new ptr-libevent@0x7f6be8000f48 size 128
| crypto helper 2 waiting (nothing to do)
| processing resume sending helper answer for #1
| start processing: state #1 connection "san" from 192.1.2.45:500 (in resume_handler() at server.c:797)
| crypto helper 2 replies to request ID 2
| calling continuation function 0x561763e09b50
| ikev2_parent_inI2outR2_continue for #1: calculating g^{xy}, sending R2
| #1 in state PARENT_R1: received v2I1, sent v2R1
| already have all fragments, skipping fragment collection
| already have all fragments, skipping fragment collection
| #1 ikev2 ISAKMP_v2_IKE_AUTH decrypt success
| Now let's proceed with payload (ISAKMP_NEXT_v2IDi)
| **parse IKEv2 Identification - Initiator - Payload:
| next payload type: ISAKMP_NEXT_v2CERT (0x25)
| flags: none (0x0)
| length: 12 (0xc)
| ID type: ID_IPV4_ADDR (0x1)
| processing payload: ISAKMP_NEXT_v2IDi (len=4)
| Now let's proceed with payload (ISAKMP_NEXT_v2CERT)
| **parse IKEv2 Certificate Payload:
| next payload type: ISAKMP_NEXT_v2AUTH (0x27)
| flags: none (0x0)
| length: 1265 (0x4f1)
| ikev2 cert encoding: CERT_X509_SIGNATURE (0x4)
| processing payload: ISAKMP_NEXT_v2CERT (len=1260)
| Now let's proceed with payload (ISAKMP_NEXT_v2AUTH)
| **parse IKEv2 Authentication Payload:
| next payload type: ISAKMP_NEXT_v2SA (0x21)
| flags: none (0x0)
| length: 392 (0x188)
| auth method: IKEv2_AUTH_RSA (0x1)
| processing payload: ISAKMP_NEXT_v2AUTH (len=384)
| Now let's proceed with payload (ISAKMP_NEXT_v2SA)
| **parse IKEv2 Security Association Payload:
| next payload type: ISAKMP_NEXT_v2TSi (0x2c)
| flags: none (0x0)
| length: 164 (0xa4)
| processing payload: ISAKMP_NEXT_v2SA (len=160)
| Now let's proceed with payload (ISAKMP_NEXT_v2TSi)
| **parse IKEv2 Traffic Selector - Initiator - Payload:
| next payload type: ISAKMP_NEXT_v2TSr (0x2d)
| flags: none (0x0)
| length: 24 (0x18)
| number of TS: 1 (0x1)
| processing payload: ISAKMP_NEXT_v2TSi (len=16)
| Now let's proceed with payload (ISAKMP_NEXT_v2TSr)
| **parse IKEv2 Traffic Selector - Responder - Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| length: 24 (0x18)
| number of TS: 1 (0x1)
| processing payload: ISAKMP_NEXT_v2TSr (len=16)
| selected state microcode Responder: process IKE_AUTH request
| Now let's proceed with state specific processing
| calling processor Responder: process IKE_AUTH request
"san" #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,AUTH,SA,TSi,TSr}
| #1 updating local interface from 192.1.2.23:500 to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669)
| global one-shot timer EVENT_FREE_ROOT_CERTS scheduled in 300 seconds
loading root certificate cache
| spent 4.31 milliseconds in get_root_certs() calling PK11_ListCertsInSlot()
| spent 0.0318 milliseconds in get_root_certs() filtering CAs
| #1 spent 4.4 milliseconds in find_and_verify_certs() calling get_root_certs()
| checking for known CERT payloads
| saving certificate of type 'X509_SIGNATURE'
| decoded cert: E=user-west@testing.libreswan.org,CN=west.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
| #1 spent 0.248 milliseconds in find_and_verify_certs() calling decode_cert_payloads()
| cert_issuer_has_current_crl: looking for a CRL issued by E=testing@libreswan.org,CN=Libreswan test CA for mainca,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
| #1 spent 0.0494 milliseconds in find_and_verify_certs() calling crl_update_check()
| missing or expired CRL
| crl_strict: 0, ocsp: 0, ocsp_strict: 0, ocsp_post: 0
| verify_end_cert trying profile IPsec
"san" #1: Certificate E=testing@libreswan.org,CN=Libreswan test CA for mainca,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA failed IPsec verification
"san" #1: ERROR: The certificate was signed using a signature algorithm that is disabled because it is not secure.
| #1 spent 0.542 milliseconds in find_and_verify_certs() calling verify_end_cert()
"san" #1: X509: Certificate rejected for this connection
"san" #1: X509: CERT payload bogus or revoked
| parsing 4 raw bytes of IKEv2 Identification - Initiator - Payload into peer ID
| peer ID c0 01 02 2d
| refine_host_connection for IKEv2: starting with "san"
| match_id a=192.1.2.45
| b=192.1.2.45
| results matched
| refine_host_connection: checking "san" against "san", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0))
| Warning: not switching back to template of current instance
| No IDr payload received from peer
| refine_host_connection: checked san against san, now for see if best
| started looking for secret for 192.1.2.23->192.1.2.45 of kind PKK_RSA
| searching for certificate PKK_RSA:AwEAAbEef vs PKK_RSA:AwEAAbEef
| returning because exact peer id match
| offered CA: 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
"san" #1: IKEv2 mode peer ID is ID_IPV4_ADDR: '192.1.2.45'
| verifying AUTH payload
| required RSA CA is '%any'
| checking RSA keyid '192.1.2.23' for match with '192.1.2.45'
| checking RSA keyid 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' for match with '192.1.2.45'
| checking RSA keyid 'user-east@testing.libreswan.org' for match with '192.1.2.45'
| checking RSA keyid '@east.testing.libreswan.org' for match with '192.1.2.45'
| checking RSA keyid 'east@testing.libreswan.org' for match with '192.1.2.45'
"san" #1: no RSA public key known for '192.1.2.45'
| #1 spent 0.0454 milliseconds in ikev2_verify_rsa_hash()
"san" #1: RSA authentication of I2 Auth Payload failed
"san" #1: responding to IKE_AUTH message (ID 1) from 192.1.2.45:500 with encrypted notification AUTHENTICATION_FAILED
| Opening output PBS encrypted notification
| **emit ISAKMP Message:
| initiator cookie:
| d2 a7 aa df b0 45 d4 6f
| responder cookie:
| f1 48 0b c7 09 b8 1d ac
| next payload type: ISAKMP_NEXT_NONE (0x0)
| ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
| exchange type: ISAKMP_v2_IKE_AUTH (0x23)
| flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
| Message ID: 1 (0x1)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit IKEv2 Encryption Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK)
| next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'encrypted notification'
| emitting 8 zero bytes of IV into IKEv2 Encryption Payload
| Adding a v2N Payload
| ****emit IKEv2 Notify Payload:
| next payload type: ISAKMP_NEXT_v2NONE (0x0)
| flags: none (0x0)
| Protocol ID: PROTO_v2_RESERVED (0x0)
| SPI size: 0 (0x0)
| Notify Message Type: v2N_AUTHENTICATION_FAILED (0x18)
| next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
| next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'encrypted notification'
| emitting length of IKEv2 Notify Payload: 8
| adding 1 bytes of padding (including 1 byte padding-length)
| emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload
| emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload
| emitting length of IKEv2 Encryption Payload: 37
| emitting length of ISAKMP Message: 65
| sending 65 bytes for v2 notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1)
| d2 a7 aa df b0 45 d4 6f f1 48 0b c7 09 b8 1d ac
| 2e 20 23 20 00 00 00 01 00 00 00 41 29 00 00 25
| 8e b7 c7 60 22 9d ef 51 c2 54 c6 4b fd 7b 1a c0
| f4 22 dd d4 8b d8 42 1c cb 5b 83 9b 23 4f ef 39
| 76
| pstats #1 ikev2.ike failed auth-failed
| ikev2_parent_inI2outR2_continue_tail returned STF_FATAL
| #1 spent 5.69 milliseconds in processing: Responder: process IKE_AUTH request in ikev2_process_state_packet()
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379)
| #1 complete_v2_state_transition() PARENT_R1->V2_IPSEC_R with status STF_FATAL
| release_pending_whacks: state #1 has no whack fd
| pstats #1 ikev2.ike deleted auth-failed
| #1 spent 7.33 milliseconds in total
| [RE]START processing: state #1 connection "san" from 192.1.2.45:500 (in delete_state() at state.c:879)
"san" #1: deleting state (STATE_PARENT_R1) aged 0.036s and NOT sending notification
| parent state #1: PARENT_R1(half-open IKE SA) => delete
| state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
| libevent_free: release ptr-libevent@0x7f6bf0002888
| free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x561765402c78
| State DB: IKEv2 state not found (flush_incomplete_children)
| in connection_discard for connection san
| State DB: deleting IKEv2 state #1 in PARENT_R1
| parent state #1: PARENT_R1(half-open IKE SA) => UNDEFINED(ignore)
| stop processing: state #1 from 192.1.2.45:500 (in delete_state() at state.c:1143)
| resume sending helper answer for #1 suppresed complete_v2_state_transition()
| in statetime_stop() and could not find #1
| processing: STOP state #0 (in resume_handler() at server.c:833)
| libevent_free: release ptr-libevent@0x7f6be8000f48
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
| FOR_EACH_CONNECTION_... in show_connections_status
| FOR_EACH_CONNECTION_... in show_connections_status
| FOR_EACH_STATE_... in show_states_status (sort_states)
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 1.35 milliseconds in whack
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
shutting down
| processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825)
destroying root certificate cache
| certs and keys locked by 'free_preshared_secrets'
forgetting secrets
| certs and keys unlocked by 'free_preshared_secrets'
| unreference key: 0x5617653ff098 192.1.2.23 cnt 1--
| unreference key: 0x561765404768 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
| unreference key: 0x5617654042e8 user-east@testing.libreswan.org cnt 1--
| unreference key: 0x561765403d88 @east.testing.libreswan.org cnt 1--
| unreference key: 0x561765402648 east@testing.libreswan.org cnt 1--
| start processing: connection "san" (in delete_connection() at connections.c:189)
| Deleting states for connection - including all other IPsec SA's of this IKE SA
| pass 0
| FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
| pass 1
| FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
| free hp@0x561765402028
| flush revival: connection 'san' wasn't on the list
| stop processing: connection "san" (in discard_connection() at connections.c:249)
| crl fetch request list locked by 'free_crl_fetch'
| crl fetch request list unlocked by 'free_crl_fetch'
shutting down interface lo/lo 127.0.0.1:4500
shutting down interface lo/lo 127.0.0.1:500
shutting down interface eth0/eth0 192.0.2.254:4500
shutting down interface eth0/eth0 192.0.2.254:500
shutting down interface eth1/eth1 192.1.2.23:4500
shutting down interface eth1/eth1 192.1.2.23:500
| FOR_EACH_STATE_... in delete_states_dead_interfaces
| libevent_free: release ptr-libevent@0x5617653ef648
| free_event_entry: release EVENT_NULL-pe@0x5617653fb538
| libevent_free: release ptr-libevent@0x561765395e58
| free_event_entry: release EVENT_NULL-pe@0x5617653fb5e8
| libevent_free: release ptr-libevent@0x561765395778
| free_event_entry: release EVENT_NULL-pe@0x5617653fb698
| libevent_free: release ptr-libevent@0x56176539d038
| free_event_entry: release EVENT_NULL-pe@0x5617653fb748
| libevent_free: release ptr-libevent@0x56176539d138
| free_event_entry: release EVENT_NULL-pe@0x5617653fb7f8
| libevent_free: release ptr-libevent@0x56176539d238
| free_event_entry: release EVENT_NULL-pe@0x5617653fb8a8
| FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations
| libevent_free: release ptr-libevent@0x5617653ef6f8
| free_event_entry: release EVENT_NULL-pe@0x5617653e3818
| libevent_free: release ptr-libevent@0x561765395da8
| free_event_entry: release EVENT_NULL-pe@0x5617653e3378
| libevent_free: release ptr-libevent@0x5617653dc358
| free_event_entry: release EVENT_NULL-pe@0x56176539d2e8
| global timer EVENT_REINIT_SECRET uninitialized
| global timer EVENT_SHUNT_SCAN uninitialized
| global timer EVENT_PENDING_DDNS uninitialized
| global timer EVENT_PENDING_PHASE2 uninitialized
| global timer EVENT_CHECK_CRLS uninitialized
| global timer EVENT_REVIVE_CONNS uninitialized
| global timer EVENT_FREE_ROOT_CERTS uninitialized
| global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized
| global timer EVENT_NAT_T_KEEPALIVE uninitialized
| libevent_free: release ptr-libevent@0x5617653a18b8
| signal event handler PLUTO_SIGCHLD uninstalled
| libevent_free: release ptr-libevent@0x56176531f728
| signal event handler PLUTO_SIGTERM uninstalled
| libevent_free: release ptr-libevent@0x5617653fad18
| signal event handler PLUTO_SIGHUP uninstalled
| libevent_free: release ptr-libevent@0x5617653faf58
| signal event handler PLUTO_SIGSYS uninstalled
| releasing event base
| libevent_free: release ptr-libevent@0x5617653fae28
| libevent_free: release ptr-libevent@0x5617653ddc38
| libevent_free: release ptr-libevent@0x5617653ddbe8
| libevent_free: release ptr-libevent@0x5617653950f8
| libevent_free: release ptr-libevent@0x5617653ddba8
| libevent_free: release ptr-libevent@0x5617653fa9e8
| libevent_free: release ptr-libevent@0x5617653fac58
| libevent_free: release ptr-libevent@0x5617653ddde8
| libevent_free: release ptr-libevent@0x5617653e33e8
| libevent_free: release ptr-libevent@0x5617653e3048
| libevent_free: release ptr-libevent@0x5617653fb918
| libevent_free: release ptr-libevent@0x5617653fb868
| libevent_free: release ptr-libevent@0x5617653fb7b8
| libevent_free: release ptr-libevent@0x5617653fb708
| libevent_free: release ptr-libevent@0x5617653fb658
| libevent_free: release ptr-libevent@0x5617653fb5a8
| libevent_free: release ptr-libevent@0x56176531e9d8
| libevent_free: release ptr-libevent@0x5617653facd8
| libevent_free: release ptr-libevent@0x5617653fac98
| libevent_free: release ptr-libevent@0x5617653fab58
| libevent_free: release ptr-libevent@0x5617653fade8
| libevent_free: release ptr-libevent@0x5617653faa28
| libevent_free: release ptr-libevent@0x5617653a3448
| libevent_free: release ptr-libevent@0x5617653a33c8
| libevent_free: release ptr-libevent@0x56176531ed48
| releasing global libevent data
| libevent_free: release ptr-libevent@0x5617653a35c8
| libevent_free: release ptr-libevent@0x5617653a3548
| libevent_free: release ptr-libevent@0x5617653a34c8
leak detective found no leaks