From nobody@FreeBSD.org  Sat Oct  8 04:34:59 2005
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 12B4316A41F
	for <freebsd-gnats-submit@FreeBSD.org>; Sat,  8 Oct 2005 04:34:59 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D88E643D45
	for <freebsd-gnats-submit@FreeBSD.org>; Sat,  8 Oct 2005 04:34:58 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j984Ywav035254
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 8 Oct 2005 04:34:58 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id j984Ywh7035253;
	Sat, 8 Oct 2005 04:34:58 GMT
	(envelope-from nobody)
Message-Id: <200510080434.j984Ywh7035253@www.freebsd.org>
Date: Sat, 8 Oct 2005 04:34:58 GMT
From: Ken Diliberto <ken@kdmd.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Boot process will not complete with IPSEC enabled and no ipsec.conf file
X-Send-Pr-Version: www-2.3

>Number:         87107
>Category:       kern
>Synopsis:       Boot process will not complete with IPSEC enabled and no ipsec.conf file
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    remko
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Oct 08 04:40:10 GMT 2005
>Closed-Date:    Mon Dec 25 14:33:21 GMT 2006
>Last-Modified:  Mon Dec 25 14:33:21 GMT 2006
>Originator:     Ken Diliberto
>Release:        5.4
>Organization:
>Environment:
FreeBSD HeatStroke.kdmd.net 5.4-RELEASE-p7 FreeBSD 5.4-RELEASE-p7 #0: Mon Oct  3 00:54:19 MST 2005     root@HeatStroke.kdmd.net:/usr/src/sys/i386/compile/HeatStroke-SMP  i386

>Description:
After compiling IPSEC into the kernel and installing the new kernel, the system will ask which shell to use if ipsec_enable="YES" and the /etc/ipsec.conf file does not exist when the system is rebooted.
>How-To-Repeat:
Boot the system with IPSEC enabled and no ipsec.conf file.
>Fix:
              
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: remko 
State-Changed-When: Mon Dec 25 14:31:45 UTC 2006 
State-Changed-Why:  
This is not true, data will just not be encrypted if the ipsec.conf is not 
there (since the gw does not know the encryption domain of the remote host 
so to say). You probably had an " too much somewhere, causing a broken /etc/rc.conf 
which results in the behaviour you are seeing. 

Since i am fairly confident this is the case i will close the PR. If I am wrong 
(yes ofcourse I can be wrong ;-)) please poke me and I will look together with the 
submitter how we can resolve this. 


Responsible-Changed-From-To: freebsd-bugs->remko 
Responsible-Changed-By: remko 
Responsible-Changed-When: Mon Dec 25 14:31:45 UTC 2006 
Responsible-Changed-Why:  
grab the PR to get the feedback. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=87107 
>Unformatted:
