[Openswan dev] openswan 2.6.18rc1 available
Paul Wouters
paul at xelerance.com
Wed Oct 1 18:57:57 EDT 2008
A release candidate was just made. The one important bugfix we want to put
in before a final release is the KLIPS error (Unknown socket write error 96).
But for NETKEY there should not be a difference between this prerelease
and the final openswan 2.6.18 release, unless one of you finds a regression
compared to openswan 2.6.16.
Changes follow below,
Paul
(ps. note that there is no openswan 2.6.17 release)
v2.6.18
* Fix for compiling KLIPS on RHEL/Centos 2.6.18-92.1.10.el5 [dhr/paul]
* Fix in deleting connections that might have caused some of our Delete
Notifies to have gotten lost. Introduced in openswan 2.5.01 [paul]
* Rekey= inverted yes/no, causing rekey=no to be rekey=yes [Shingo Yamawaki]
* Some memory leaks / refcount fixes [Shingo Yamawaki]
* Removed most of #ifdef CONFIG_KLIPS_DEBUG conditionals. We now always
compile in DEBUG support. [paul]
* No longer use the assembly version of des_encrypt (dx86unix.S). It
is i386-i686 specific, requires framepointers and does not work with
CONFIG_REGPARM=y, which is the unconditional default for 2.6.17+ [paul]
* Fix memory leak when we run out of descriptors [David McCullough]
* Various memory leak fixes for pluto (from #macosx) [Ilia Sotnikov]
* LEAK_DETECTIVE should report better now [Ilia Sotnikov]
* Add support for USE_DMALLOC [Ilia Sotnikov]
* Update stats to show dropped packets [David McCullough]
* Allow session migration of OCF devices [Brad Vrabete]
* DNS/WINS ModeConfig fixes [David McCullough]
* refineconnection bug fix. This might cover various problems where
the right conn was not picked (eg rightca="%any" workaround, but
perhaps also some rekey issues) [paul]
* unregister_netdevice: waiting for ppp2 to become free. Usage
count = -1 on kernels < 2.6.24 [Martin Schiller]
* Bugtracker bugs fixed:
#989: Patch for fixing type-punned compiler warnings [Alin Nastac]
#979: Two errors in debian/ packaging files (fix included) [ruben]
#978: ipsec.conf man page has typo in virtual_private sample line [tuomo]
#231: In Aggressive Mode with NAT-T,initiator should switch port [hiren joshi]
#228: Problems with %any matching in ipsec.secrets? [David McCullough]
#984: OpenSwan 2.4.13: Wrong ipsec_dev_get(x) function for Kernels < 2.6.24
v2.6.17 [will be skipped due to bad tag]
More information about the Dev
mailing list