[Openswan Users] Apple macOSX 10.4.3: success!

Jacco de Leeuw jacco2 at dds.nl
Mon Nov 14 23:41:51 CET 2005


Paul Wouters wrote:

>>I have only tried it on 10.4.3 though, so I don't know if also works on
>>previous versions of Tiger. I did not want to downgrade to find out.
>>(Is there anyone who is willing to try it on 10.4.0 - 10.4.2?)
> 
> The GUI is missing on those systems, only Tiger had the X.509 option, So
> you cannot really try it on those.

The certificates GUI is indeed missing on Panther (10.3.x) but I was
referring to earlier versions of Tiger (10.4.0 - 10.4.2). If I remember
correctly, these versions do have the 'Select certificate' button.

> The GUI allows you to unlock those keychains as well. So it should still be
> possible to do through the GUI. Open Keychain Access.app and on the far left
> bottom corner you see a 'show keychains' option. Then you should be able to
> see (and unlock) the System keychain.

Believe me, I tried. I cannot get it to work as advertised. I get the
CL_INVALID_FIELD_POINTER error.

I'd say this is another Apple bug because the expected behaviour of the
procedure that you described would be total access to the System keychain.

>>I guess the only remaining problem is the bug in Apple's racoon where they
>>swapped the NAT-D hashs: http://bugs.xelerance.com/view.php?id=462
>>Peter Van der Beken made a workaround but it is not in the recently
>>released Openswan 2.4.2.
> 
> It is broken.

The workaround is broken? Or do you mean Apple's racoon? Openswan 2.4.2?

> I have an outstanding bug report for this with Apple Developer Centre. So
> far, I've only received 4 spams from them.

Apple is compliant with Open Source licences to the letter but their
communication could be more according to the spirit of Open Source...

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl
                     Mosquitos suck


More information about the Users mailing list