[Openswan Users] Configuration file parser does not support modp specifier for ike parameter
Steve Lanser
slanser at tallmaple.com
Mon Nov 28 16:58:43 EST 2011
Thanks Paul for your prompt response!!
What do you consider to be the most stable release after 2.6.24?
Steve
On Mon, Nov 28, 2011 at 04:43:01PM -0500, Paul Wouters wrote:
> On Mon, 28 Nov 2011, Steve Lanser wrote:
>
> >I'm new to this forum. I've recently begun testing Openswan 2.6.21 (on
> >CentOS, 2.6.18), and I've discovered what looks to be a longstanding bug in
> >the parser (or in the documentation), namely that it fails to support
> >";modpXXXX" syntax in the ike parameter, as stated in the ipsec.conf man
>
> >In short, the parser appears simply to reject the semicolon suffix syntax
> >component altogether, and issues, for example, an error like this:
> >
> >pluto[31725]: esp string error: Non alphanum or valid separator found in
> >auth string, just after "3des-sha1" (old_state=ST_AA)
> >
> >for the ipsec.conf configuration parameter:
> >
> > ike = 3des-sha1;modp1024
>
> This has been fixed in openswan 2.6.24 released Jan 8 2010.
>
> Paul
More information about the Users
mailing list