[Announce] Openswan 2.6.30 released
Paul Wouters
paul at xelerance.com
Mon Oct 18 11:10:10 EDT 2010
Xelerance has released openswan 2.6.30
http://www.openswan.org/download/openswan-2.6.30.tar.gz
http://www.openswan.org/download/openswan-2.6.30.tar.gz.asc
This is a bugfix release with some minor feature enhancements.
The full changeset for this release follows below. Note that people using SAref
tracking might have to add sareftrack=yes to their conn.
v2.6.30 (October 18, 2010)
* Fix for: ASSERTION FAILED at connections.c:1579: c->kind == CK_TEMPLATE [Paul]
* Add --listen/listen= option to limit listening to a single IP [Paul]
* sa_policy_bit_names was missing ModeConfig DNS and WINS bit names [Paul]
* SAREF: Add sareftrack=<no|yes|conntrack> connection option [Paul]
* Fix for "handling event EVENT_RETRANSMIT for <invalid>" [Paul]
* Fix for specifying protport=47 (GRE has no ports) [Paul]
* Don't fill traffic selector struct in IKEv2 child SA when not recv'd [Paul]
* Add geode-aes to the list of crypto modules to load [Paul]
* Don't install ipsec init script as /etc/init.d/setup [David]
* Don't create rc.? symlinks - let user use chkconfig etc instead [Paul]
* Bugtracker bugs fixed:
# 252/619 more than 20 payloads in message; ignored [paul]
# 690 ipsec lwdnsq --help not implemented
# 860 Port --random for newhostkey [Paul]
#1005 Incorrect message "R_U_THERE_ACK has unexpected sequence number" [Mike]
#1040: Fix to compile without DEBUG [Paul]
#1054: Startup warning: "ignored obsolete keyword (null)" [Michael Smith]
#1112: Prototypes only, if function enabled in c-source with KLIPS or
PFKEY [Henry N.]
#1115: Fix various warnings u_char * vs. char * for sscanf,... [Henry N.]
#1149: pluto uses empty NAT_OA as IDci, Server behind NAT and non natted
Windows XP [Wolfgang Nothdurft]
#1151: The ipsec module is not removed by 'ipsec setup stop' [Paul]
More information about the Announce
mailing list