[Openswan Users] Configuration file parser does not support modp specifier for ike parameter
Paul Wouters
paul at xelerance.com
Mon Nov 28 16:43:01 EST 2011
On Mon, 28 Nov 2011, Steve Lanser wrote:
> I'm new to this forum. I've recently begun testing Openswan 2.6.21 (on
> CentOS, 2.6.18), and I've discovered what looks to be a longstanding bug in
> the parser (or in the documentation), namely that it fails to support
> ";modpXXXX" syntax in the ike parameter, as stated in the ipsec.conf man
> In short, the parser appears simply to reject the semicolon suffix syntax
> component altogether, and issues, for example, an error like this:
>
> pluto[31725]: esp string error: Non alphanum or valid separator found in auth string, just after "3des-sha1" (old_state=ST_AA)
>
> for the ipsec.conf configuration parameter:
>
> ike = 3des-sha1;modp1024
This has been fixed in openswan 2.6.24 released Jan 8 2010.
Paul
More information about the Users
mailing list