<HTML><BODY style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; "><BR><DIV><DIV>Le 19 déc. 05 à 14:54, Alain RICHARD a écrit :</DIV><BR class="Apple-interchange-newline"><BLOCKQUOTE type="cite"><SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><BLOCKQUOTE type="cite"><BLOCKQUOTE type="cite"><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ; color: rgb(0, 99, 18); "><SPAN class="Apple-style-span" style="color: rgb(0, 99, 18); ">Question is : why this patch was not ported into mainstream for the last year</SPAN></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ; color: rgb(0, 99, 18); "><SPAN class="Apple-style-span" style="color: rgb(0, 99, 18); ">as it allows to establish an unencrypted tunnel with a Cisco without apparent</SPAN></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ; color: rgb(0, 99, 18); "><SPAN class="Apple-style-span" style="color: rgb(0, 99, 18); ">drawback ?</SPAN></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; min-height: 14px; ; color: rgb(0, 99, 18); "><BR style="color: rgb(0, 99, 18); "></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ; color: rgb(0, 99, 18); "><SPAN class="Apple-style-span" style="color: rgb(0, 99, 18); ">(See attachment for a 2.4.5dr3 version of the patch)</SPAN></DIV></BLOCKQUOTE><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; min-height: 14px; ; color: rgb(0, 0, 221); "><BR style="color: rgb(0, 0, 221); "></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ; color: rgb(0, 0, 221); "><SPAN class="Apple-style-span" style="color: rgb(0, 0, 221); ">I've created bug #546 for this item and attached your patch. This has simply</SPAN></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ; color: rgb(0, 0, 221); "><SPAN class="Apple-style-span" style="color: rgb(0, 0, 221); ">been a matter of "low priority" to get this fixed. People who want to not use</SPAN></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ; color: rgb(0, 0, 221); "><SPAN class="Apple-style-span" style="color: rgb(0, 0, 221); ">encryption should really use AH, not ESP. ESP_NULL was only meant for testing</SPAN></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ; color: rgb(0, 0, 221); "><SPAN class="Apple-style-span" style="color: rgb(0, 0, 221); ">the code.</SPAN></DIV><BR class="Apple-interchange-newline"></BLOCKQUOTE></SPAN></BLOCKQUOTE></DIV><DIV><BR class="khtml-block-placeholder"></DIV>Please note also that the IETF ipsec working group is not considering ESP_NULL as a testing stuff, but is indicated as required in the current drafts :<DIV><BR class="khtml-block-placeholder"></DIV><DIV><A href="http://www.ietf.org/internet-drafts/draft-ietf-ipsec-esp-ah-algorithms-02.txt">http://www.ietf.org/internet-drafts/draft-ietf-ipsec-esp-ah-algorithms-02.txt</A></DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>regards,<DIV><BR class="khtml-block-placeholder"></DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><FONT face="Helvetica" size="3" style="font: 12.0px Helvetica">--<SPAN class="Apple-converted-space"> </SPAN></FONT><DIV> <P style="margin: 0.0px 0.0px 0.0px 0.0px"><FONT face="Helvetica" size="3" style="font: 12.0px Helvetica">Alain RICHARD <<A href="mailto:alain.richard@equation.fr">mailto:alain.richard@equation.fr</A>></FONT></P> <P style="margin: 0.0px 0.0px 0.0px 0.0px"><FONT face="Helvetica" size="3" style="font: 12.0px Helvetica">EQUATION SA <<A href="http://www.equation.fr/">http://www.equation.fr/</A>></FONT></P> <P style="margin: 0.0px 0.0px 0.0px 0.0px"><FONT face="Helvetica" size="3" style="font: 12.0px Helvetica">Tel : +33 477 79 48 00<SPAN class="Apple-converted-space"><SPAN class="Apple-converted-tab"> </SPAN> </SPAN>Fax : +33 477 79 48 01</FONT></P> <P style="margin: 0.0px 0.0px 0.0px 0.0px"><FONT face="Helvetica" size="3" style="font: 12.0px Helvetica">Applications client/serveur, ingénierie réseau et Linux</FONT></P> </DIV><BR></DIV></DIV></BODY></HTML>