[strongSwan] Mac OS X Widget Yosemite Issues

Martin Willi martin at strongswan.org
Fri Oct 24 16:00:34 CEST 2014


> I’m using the Mac OS X strongSwan widget and after upgrading to
> Yosemite, I am receiving the error "No common traffic selectors found”
> very frequently, but not 100% of the time.  Something like 95% of the
> time.

I could reproduce the issue here on Yosemite. It happens here in 1 of
about 10 times, so I unfortunately haven't noticed that in my earlier

> created TUN device: utun1
> virtual IP did not appear on utun1
> installing virtual IP failed
> no acceptable traffic selectors found

On Yosemite, the kernel raises RTM_IFINFO for our new tun device, but
the address seems to not be enumerable yet by getifaddrs(). As the
kernel doesn't give us a RTM_NEWADDR event, either, charon can't notice
that the address is ready.

A clean fix is rather difficult, maybe we could manually enumerate the
interfaces once again if the timeout triggers, but this requires some
major changes. Instead, I've included a short delay before calling
getifaddrs() on the RTM_IFINFO event [1]. In my tests that seems to make
things more reliable, it was successful in all of about 30 tries.

A new release based on 5.2.1 is available at [2]. Probably it can't fix
the issue, but it certainly should make the success rate significantly
better. Let me know if it works for you.



More information about the Users mailing list