[Openswan Users] manual keying: encryption-only connection with DES
hiren joshi
joshihirenn at gmail.com
Thu Jan 29 10:01:32 EST 2009
I solved this in openswan-2.4.9 with the following:
--- programs/spi/spi.c.orig Sun Jan 18 05:48:16 2009
+++ programs/spi/spi.c Sun Jan 18 05:48:41 2009
@@ -420,7 +420,7 @@ int decode_esp(char *algname)
} else if(!strcmp(algname, "3des")) {
esp_alg = XF_ESP3DES;
#ifdef KERNEL_ALG
- } else if((alg_info=alg_info_esp_create_from_str(algname, &alg_err,
FALSE))) {
+ } else if((alg_info=alg_info_esp_create_from_str(algname, &alg_err,
TRUE))) {
int esp_ealg_id, esp_aalg_id;
esp_alg = XF_OTHER_ALG;
Does it look okay?
Thanks for you time.
Regards,
-hiren
On Wed, Jan 28, 2009 at 11:55 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Wed, 28 Jan 2009, hiren joshi wrote:
>
> Date: Wed, 28 Jan 2009 20:38:05 +0530
>> From: hiren joshi <joshihirenn at gmail.com>
>> To: users at openswan.org
>> Subject: [Openswan Users] manual keying: encryption-only connection with
>> DES
>>
>> Hello,
>>
>> I tried to setup a manually keyed encryption-only connection with DES
>> (for compatibility reasons).
>> But failed.
>>
>
> Did you set USE_WEAKSTUFF=true and USE_NOCRYPTO=true in Makefile.inc ?
>
> Though really, I'm tempted to again rip out all of 1DES. It was unsafe
> 5 years ago, it is even more unsafe now.
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090129/d42a3c34/attachment.html
More information about the Users
mailing list