[Openswan dev] CheckPoint SecureClient Hybrid mode authentication
Michael Richardson
mcr at xelerance.com
Sun Jun 20 17:14:21 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Chris, thank you for the patches.
It looks to me like CPSP mode is just pre-XAUTH checkpoint stuff?
CheckPoint Hybrid mode more-or-less became XAUTH after some rototiling.
Does CP not support XAUTH mode?
While the patches are relatively simple, I wonder if they are really
worth including. Is this the only mode that the Checkpoint can be
configured? Doesn't CP support XAUTH on their clients as well?
In particular, I would like to have server-side patches, and a test case
as well. That would make it easy to incorporate into openswan.
Why is the id.c patch necessary?
One can already specify specify user at fqdn in the ID type. And setting
the id->name.len = 0 can not be correct. It should be set to the length
of the string.
- --
] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQNXwGYqHRg3pndX9AQFTNwQAvBE27SJ2QESSsB25iShONfVqFqqcLDkR
0+WsnZp+nRiK2FquUxS4tckPVR8kJptl2qSsEc4JjXdMaA4xqtOJuIvy4sZ+KJOy
OgM1BXJq6WilRiGj5a9cGlO0MqU8gmHzVedt8rw2XXagMheFFVYcYJSvZwfGhpyz
WmM22hI2Cek=
=1aCt
-----END PGP SIGNATURE-----
More information about the Dev
mailing list