[Openswan dev] [Announce] Openswan 2.4.10 Released

Paul Wouters paul at xelerance.com
Tue Nov 6 22:34:41 EST 2007

On Tue, 6 Nov 2007, Michael Richardson wrote:

> >>>>> "Jacco" == Jacco de Leeuw <jacco2 at dds.nl> writes:
>     >> Most importantly, you can now use leftprotoport=17/0 to mean "any
>     >> single udp port", which is required for some L2TP implementations
>     >> that use a random high port but don't negotiate that port
>     >> properly (eg OSX).
>     Jacco> You mean rightprotoport=17/0 for Mac clients, not
>     Jacco> leftprotoport=17/0?
>     Jacco> IIRC leftprotoport=17/0 was for Cisco VPN 3000's and
>     Jacco> non-updated Windows 2000/XP clients.
>     Jacco> Also, I got "NAT-Traversal: Result using
>     Jacco> draft-ietf-ipsec-nat-t-ike (MacOS X)" when connecting with
>     Jacco> Vista. I had expected "RFC 3947 (NAT-Traversal)".  Probably
>     Jacco> has something to do with the draft-ietf-ipsec-nat-t-ike-05
>     Jacco> that was added.
>   Hmm.  Yes, we found that as well when we patched things from 2.4.10
> into 2.5.  I guess we should do a 2.4.11 with that patch at some point.
>   It did in fact use RFC3947 method, but the string says the wrong
> value.
> http://git.openswan.org/cgi-bin/gitweb.cgi?p=openswan.git;a=commit;h=f3a4c57e3cca974d2bb776d1a063cfff3178bab7

Darn, we fixed it in git, not in cvs. I forgot to back port it.

I've comitted it to CVS, but on its own, the bug is only in the logging,
not in the functionality. So unless we will encounter other bugs, we will
not release another 2.4 version.


More information about the Dev mailing list