[strongSwan] Mac OS X Widget Yosemite Issues

Martin Willi martin at strongswan.org
Fri Oct 24 16:00:34 CEST 2014


Dan,

> I’m using the Mac OS X strongSwan widget and after upgrading to
> Yosemite, I am receiving the error "No common traffic selectors found”
> very frequently, but not 100% of the time.  Something like 95% of the
> time.

I could reproduce the issue here on Yosemite. It happens here in 1 of
about 10 times, so I unfortunately haven't noticed that in my earlier
tests.

> created TUN device: utun1
> virtual IP 10.100.255.1 did not appear on utun1
> installing virtual IP 10.100.255.1 failed
> no acceptable traffic selectors found

On Yosemite, the kernel raises RTM_IFINFO for our new tun device, but
the address seems to not be enumerable yet by getifaddrs(). As the
kernel doesn't give us a RTM_NEWADDR event, either, charon can't notice
that the address is ready.

A clean fix is rather difficult, maybe we could manually enumerate the
interfaces once again if the timeout triggers, but this requires some
major changes. Instead, I've included a short delay before calling
getifaddrs() on the RTM_IFINFO event [1]. In my tests that seems to make
things more reliable, it was successful in all of about 30 tries.

A new release based on 5.2.1 is available at [2]. Probably it can't fix
the issue, but it certainly should make the success rate significantly
better. Let me know if it works for you.

Regards
Martin

[1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=b66e0c64
[2]http://download.strongswan.org/osx/strongswan-5.2.1-1.app.zip



More information about the Users mailing list