[Announce] Openswan 2.6.30 released

Paul Wouters paul at xelerance.com
Mon Oct 18 11:10:10 EDT 2010


Xelerance has released openswan 2.6.30

http://www.openswan.org/download/openswan-2.6.30.tar.gz
http://www.openswan.org/download/openswan-2.6.30.tar.gz.asc

This is a bugfix release with some minor feature enhancements.

The full changeset for this release follows below. Note that people using SAref
tracking might have to add sareftrack=yes to their conn.

v2.6.30 (October 18, 2010)
* Fix for: ASSERTION FAILED at connections.c:1579: c->kind == CK_TEMPLATE [Paul]
* Add --listen/listen= option to limit listening to a single IP [Paul]
* sa_policy_bit_names was missing ModeConfig DNS and WINS bit names [Paul]
* SAREF: Add sareftrack=<no|yes|conntrack> connection option [Paul]
* Fix for "handling event EVENT_RETRANSMIT for <invalid>" [Paul]
* Fix for specifying protport=47 (GRE has no ports) [Paul]
* Don't fill traffic selector struct in IKEv2 child SA when not recv'd [Paul]
* Add geode-aes to the list of crypto modules to load [Paul]
* Don't install ipsec init script as /etc/init.d/setup [David]
* Don't create rc.? symlinks - let user use chkconfig etc instead [Paul]
* Bugtracker bugs fixed:
    # 252/619 more than 20 payloads in message; ignored [paul]
    # 690 ipsec lwdnsq --help not implemented
    # 860 Port --random for newhostkey [Paul]
    #1005 Incorrect message "R_U_THERE_ACK has unexpected sequence number" [Mike]
    #1040: Fix to compile without DEBUG [Paul]
    #1054: Startup warning: "ignored obsolete keyword (null)" [Michael Smith]
    #1112: Prototypes only, if function enabled in c-source with KLIPS or
           PFKEY [Henry N.]
    #1115: Fix various warnings u_char * vs. char * for sscanf,... [Henry N.]
    #1149: pluto uses empty NAT_OA as IDci, Server behind NAT and non natted
           Windows XP [Wolfgang Nothdurft]
    #1151: The ipsec module is not removed by 'ipsec setup stop' [Paul]




More information about the Announce mailing list