[Announce] Openswan 2.6.35 and xl2tpd 1.3.0 released

Paul Wouters paul at xelerance.com
Wed Aug 3 19:29:36 EDT 2011

Xelerance has released openswan 2.6.35 (in fact we released it last week)


This is a bugfix release. Specifically, 2.6.34 broke the MAST
stack for L2TP clients.

v2.6.35 (July 23, 2011)
* OCF: Fix accidental 'always' setting of large resources [Sony Japan]
* OCF: Give a hard #error in ipsec_ocf.h without proper CONFIG_KLIPS_OCF [Paul]
* OCF: Only include ipsec_ocf.h when using CONFIG_KLIPS_OCF
* MAST: Add ipsec_xmit_sanity_check_dev() in the mast path [Paul]
* MAST: Be more careful about {mast,ipsec}priv structure [Bart]
* MAST: Fix host-host connections, bug introduced in v2.6.34 [David]
* SAREF: Fix crasher in ipsec.ko unload with saref kernel [Sony Japan]
* SAREF: ip_cmsg_recv_ipsec_refinfo() doesn't initialize refs array [Sony Japan]
* SAREF: Added null check of secpath_dup(NULL) [Sony Japan]
* KLIPS: Fix possible double skb free [Sony Japan]
* KLIPS: Fix MTU on interface - bug introduced in 2.6.33 [Wolfgang Nothdurft]
* KLIPS: debug messages often had pre-refactor names in prefix [Paul]
* DPD: Do not ignore failure in dpd_init() but return STF_FAIL [Paul]
* pluto: Fix IPcomp pull-up from 2.4 introduced in 2.6.20 [Paul]
          (malloc <-> pfree caused assertion with LEAK_DETECTIVE set)
* pluto: st_peeridentity_port missed ntohs() causing interop
          failure between big/little-endian machines [Magnus Öberg]
* pluto: Fix for Tuomo's (rare) crasher where globals were not reset [dhr]

Xelerance also released xl2tpd 1.3.0 last week:


This release adds a new helper utility xl2tpd-control to assist NetworkManager
with adding and removing L2TP configurations.

v1.3.0 (July 23, 2011)
* Added xl2tpd-control [Alexander Dorokhov]
* Added 'a' (add) and 'd' (delete) control options [Alexander Dorokhov]
* Refresh debian/ from Debian. [Roberto C. Snchez]
* Buffer overrun in reading >16 char l2tp-secrets [Matt Domsch]
* xl2tpd may leaks file descriptors [Steve Barth]
* xl2tpd: field o_pad in "struct payload_hdr" unnecessary. RFC 2661 [Ilya]
* Fix logging in write_packet() [Ilya]
* Bug tracker bugs fixed:
   #1119 Segfault upon config error [Andrey Cherny]
   #1223 Gentoo QA warning: dereferencing pointer [Andrey Cherny]
   #1236 xl2tpd hungs and wont redial after communication fail [Andrey Cherny]
   #1237 delayed null pointer check [Andrey Cherny]

More information about the Announce mailing list