94921

no flags

On amd64:

# ./isakmpd -d -DA=80 2>&1 |grep -A15 KE_NONCE
014147.212770 Negt 80 ike_phase_1_post_exchange_KE_NONCE: g^xy:
014147.212845 Negt 80 3566c7dc adeac30a 7690c318 8a974fea a97f59d4 391c3e51
32dab30e 863ef192
014147.212972 Negt 80 711d7920 2f702636 4312a76b b0ed881e eb9b2cc1 a793145a
a679905f bdd84176
014147.212998 Negt 80 2b980c74 d22b9f12 572554ac 8898036e ebdb1a3c efb056f6
ac3108e1 cc9b0262
014147.213062 Negt 80 ab693ccb b9a0c931 8b741fb3 6d341382 8575647a af929c5a
f09c5d72 759fa5e7
014147.213080 Negt 10 MATS pre_shared_gen_skeyid: START
014147.213136 Negt 10 MATS ike_auth_get_key: 6FS6o7d5247hnb7M7kW
014147.213168 Cryp 60 hash_get: requested algorithm 1
014147.213229 Negt 10 MATS pre_shared_gen_skeyid: nonce_i:
014147.213251 Negt 10 fb40c23d fa26a01b aadea179 3ac3c675
014147.213274 Negt 10 MATS pre_shared_gen_skeyid: nonce_r:
014147.213333 Negt 10 fb85e612 29a5c670 d1ed0e52 e63f4a37
014147.213356 Negt 10 MATS pre_shared_gen_skeyid: skeyid:
014147.213406 Negt 10 52e3f141 9b0205c0 4ae4be28 37326748 6fe521be
014147.213469 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID:
014147.213492 Negt 80 52e3f141 9b0205c0 4ae4be28 37326748 6fe521be
014147.213525 Cryp 60 hash_get: requested algorithm 1
014147.213591 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_d:
014147.213613 Negt 80 c872f31e c146f14d 64875361 d38b2220 1b974bf9
014147.213664 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_a:
014147.213686 Negt 80 349538c6 8e462dce 1ec2f7fc 8310ee0a 36a397bd
014147.213739 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_e:
014147.213761 Negt 80 51183104 f7d9bc30 491a5900 815dba10 5af8408c
014147.213804 Cryp 60 hash_get: requested algorithm 1
014147.213841 Cryp 40 crypto_init: key:
014147.213891 Cryp 40 9eb4addc 94957d07 594c1316 ba406618 1a644f82 fba7ffd1

On i386:
# ./isakmpd -d -DA=80 2>&1 |grep -A15 KE_NONCE
014147.238275 Negt 80 ike_phase_1_post_exchange_KE_NONCE: g^xy:
014147.238294 Negt 80 3566c7dc adeac30a 7690c318 8a974fea a97f59d4 391c3e51
32dab30e 863ef192
014147.238310 Negt 80 711d7920 2f702636 4312a76b b0ed881e eb9b2cc1 a793145a
a679905f bdd84176
014147.238325 Negt 80 2b980c74 d22b9f12 572554ac 8898036e ebdb1a3c efb056f6
ac3108e1 cc9b0262
014147.238340 Negt 80 ab693ccb b9a0c931 8b741fb3 6d341382 8575647a af929c5a
f09c5d72 759fa5e7
014147.238347 Negt 10 MATS pre_shared_gen_skeyid: START
014147.238357 Negt 10 MATS ike_auth_get_key: 6FS6o7d5247hnb7M7kW
014147.238400 Cryp 60 hash_get: requested algorithm 1
014147.238426 Negt 10 MATS pre_shared_gen_skeyid: nonce_i:
014147.238450 Negt 10 fb40c23d fa26a01b aadea179 3ac3c675
014147.238471 Negt 10 MATS pre_shared_gen_skeyid: nonce_r:
014147.238495 Negt 10 fb85e612 29a5c670 d1ed0e52 e63f4a37
014147.238523 Negt 10 MATS pre_shared_gen_skeyid: skeyid:
014147.238548 Negt 10 e59dd4eb 82e00e75 25a7a039 f74a2b73 bb60d0eb
014147.238569 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID:
014147.238597 Negt 80 e59dd4eb 82e00e75 25a7a039 f74a2b73 bb60d0eb
014147.238619 Cryp 60 hash_get: requested algorithm 1
014147.238662 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_d:
014147.238675 Negt 80 b1c85da3 3e5cd92e 3b7093a1 3a49745d 332c970e
014147.238693 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_a:
014147.238723 Negt 80 2eb16c4a e63f6384 83a15eb8 0b88b467 c2f9744f
014147.238753 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_e:
014147.238790 Negt 80 d7837776 59a3b7e3 0a02a811 c5e2f80d 1bde3e1e
014147.238810 Cryp 60 hash_get: requested algorithm 1
014147.238850 Cryp 40 crypto_init: key:
014147.238876 Cryp 40 348ecbdc 4b3e14f6 8bc0c5a7 954b422b 4484fa60 9b121d7f

(the messages marked with MATS was added by me for debugging...)

The result is that the keys doesn't match...

The bug is that SHA1 and MD5 hash alg. that is included in isakmpd
source does not work on amd64 (probably also affects other 64-bit archs).

How-To-Repeat: Configure a VPN with pre-shared keys between a amd64 host and a i386 host.