[Openswan dev] 2.3.1: regression from 2.2.0 to 2.3 still exists (3)

Paul Wouters paul at xelerance.com
Thu Apr 14 17:42:13 CEST 2005

On Thu, 14 Apr 2005, Rene Mayrhofer wrote:

>> void
>> crypto_cbc_encrypt(const struct encrypt_desc *e, bool enc
>>                     , u_int8_t *buf, size_t size, struct state *st)
>> {
>>      passert(st->st_new_iv_len >= e->enc_blocksize);
>>      st->st_new_iv_len = e->enc_blocksize;       /* truncate */
>> I am not sure why we would passert fail and then still truncate.
>> Michael?
> Any news on that? The next few days are probably the last chance of getting
> openswan into the next Debian stable release....

We are currently busy on paid work. This is one of our higest priorities
after that, which might happen on friday, but might not happen before that.

You can try a work around by specifying esp=3des in the %defaults section.


More information about the Dev mailing list