From: Ken Bantoft (ken_at_freeswan.ca)
Date: Sat Oct 12 2002 - 05:05:59 CEST
-----BEGIN PGP SIGNED MESSAGE-----
Nothing major - just a patch from Mathieu Lafon to allow manual keying to
work when using the NAT-Traversal patch (NAT-T 0.3 patch breaks this).
Thanks to Tim Carr for finding this.
Available from http://www.freeswan.ca/code/super-freeswan
Release Notes Follow:
This is the 7th release of Super FreeS/WAN, version 1.98b_kb7
Super FreeS/WAN is a largely patched up version of FreeS/WAN (www.freeswan.org)
with support for all sorts of addtional features that aren't considered mainline,
or haven't been tested enough for the FreeS/WAN developers to accept into the
mainline branch.
Think of it as the -ac branch of the Linux Kernel. Cool new toys that aren't
tested well enough for "production use" land here first. Then we beg the
developers to accept the patches until they get in (or so we hope!)
This version includes the following patches:
X.509 0.9.15
ALG 0.8.0 (All ciphers/hashes enabled)
Notify/Delete SA (020904 version)
NAT Traversal 0.3
As well, the following bugfixes have been applied on top of these:
Bugfix for Pluto lifetime problem (from DHR's post on design mailing list)
Bugfix for serpent.c to compile on broken kernels with __fswab32 not defined correctly.
Bugfix for klips Makefile to compile with -DNAT_TRAVERSAL so manual keying works.
This version of Super FreeS/WAN is made possible by patches from the following folks:
Andreas Steffan - X.509 patches
Mathieu Lafon - Notify/DeleteSA, NAT Traversal
JuanJo Ciarlante - ALG patches
FreeS/WAN Team - v1.98b + providing me access to thier CVS tree to get bugfixes
And various folks for testing it, and sending me feedback.
For a complete list of changes, check CHANGES.SUPERFS.
HOW TO INSTALL:
1. Read all the README's. Ignore the patching instructions - I've done all that
for you.
2. Remember if you want NAT-Traversal, you need to build a new kernel, since this
patch touches the TCP/IP stack in the kernel.
NOTES:
1. make (x)rpm is broken. It's broken in stock FreeS/WAN v1.98b too :(
I will provide a .spec soon, I promise!
2. Building this a module works, however if you want to the NAT Traversal, you'll need
to build a new kernel, as the EDPinUDP patch touches the TCP/IP stack in the kernel.
This is tested to compile + play happily with 2.4.18 + 2.4.19 only.
I don't have a huge collection of machines at my disposal to play with, so I rely mainly
on bug reports and feedback from users to know what kernel versions work.
Enjoy! Feedback for bugs with the package itself to ken_at_freeswan.ca
Please don't email me directly for support - use the mailing list for that, as the
authors of each of the patches are there, as are other people who can probably help
quicker than I can - http://lists.freeswan.org/mailman/listinfo/users.
Ken Bantoft 2002-10-11
ken_at_freeswan.ca
- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
PGP Key: finger ken_at_bantoft.org
"We can factor the number 15 with quantum computers. We
can also factor the number 15 with a dog trained to bark
three times." -- Robert Harley, 5/12/01, Sci.crypt
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBPaeRm1iWUusaxGxpAQG90gQAsgD2JnhpEnDMPHuIGlnO/QqNJR9ouRrp
2JZ+wzW3skqWg3niEZEpAU75fqGfdB2+KBggIGCd25jmZMQcw/7EE5suve0ARisc
feNpEIDBm0Z+MzR0lstXQyNW9vRMq1UXrV/DvcBOgmlXvY+DaoXMp6NfKUBiGWGY
xMxt8cQKqj4=
=J/wd
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sun Oct 13 2002 - 05:20:25 CEST