CVS commit: [netbsd-7] src/crypto/dist/ipsec-tools/src/racoon

Fri, 15 Apr 2016 00:52:32 -0700 

Module Name:    src
Committed By:   snj
Date:           Fri Apr 15 07:52:15 UTC 2016

Modified Files:
        src/crypto/dist/ipsec-tools/src/racoon [netbsd-7]: isakmp.c
            isakmp_cfg.c isakmp_ident.c isakmp_xauth.c

Log Message:
Pull up following revision(s) (requested by phx in ticket #1145):
        crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.c: revision 1.26
        crypto/dist/ipsec-tools/src/racoon/isakmp.c: revision 1.75
        crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c: revision 1.28
        crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c: revision 1.14
PR/50918: David Binderman: Fix memory leak
--
>From Frank Wille:
Request "IKE mode config" in "rsasig" (certificates on both sides only)
authentication mode, if "mode_cfg" is configured to "on".
Tested with a Lancom router, using the following configuration:
path include "/etc/racoon";
path certificate "/etc/racoon/certs";
path script "/etc/racoon/scripts";
remote "wpsd"
{
    remote_address 1.2.3.4;
    exchange_mode main,base;
    my_identifier asn1dn;
    certificate_type x509 "vpnclient15.crt" "vpnclient15.key";
    ca_type x509 "ca.crt";
    mode_cfg on;
    dpd_delay 20;
    nat_traversal on;
    lifetime time 8 hour;
    script "phase1-up.sh" phase1_up;
    script "phase1-down.sh" phase1_down;
    proposal {
        encryption_algorithm aes;
        hash_algorithm md5;
        authentication_method rsasig;
        dh_group 2;
    }
    proposal_check obey;
}
sainfo anonymous
{
    pfs_group 2;
    lifetime time 8 hour;
    encryption_algorithm aes;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
}


To generate a diff of this commit:
cvs rdiff -u -r1.74 -r1.74.20.1 \
    src/crypto/dist/ipsec-tools/src/racoon/isakmp.c
cvs rdiff -u -r1.25 -r1.25.8.1 \
    src/crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.c
cvs rdiff -u -r1.13 -r1.13.28.1 \
    src/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c
cvs rdiff -u -r1.27 -r1.27.4.1 \
    src/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Reply via email to