| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
openssl. From: Bernd.Ernesti@security.kpnqwest.com (Bernd Ernesti)
|
|
changes from 6/14:
- improved internal data garbage collection
- avoid sending packet that constitutes invalid exchange
- "non_auth" setting will avoid negotiating ESP authentication
- improve notify message
|
|
-- full changelog
Mon Jun 19 18:23:15 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
A path name in configuration file is always complemented if it is
not begin from slash(/). If it's begin from slash, a path name
never be complemented.
Mon Jun 19 16:51:24 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
If "non_auth" is defined in racoon.conf, any transform of AH proposal
including "non_auth" is not sent to the peer.
Thu Jun 15 14:44:30 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
CR payload is only made if signature authentication method is applied.
Thu Jun 15 13:29:29 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon/cfparse.y:
In racoon.conf, the path of configuration file is complemented by
include directive only if there is no '/' in the path.
|
|
- SA bundle (AH + ESP) negotiation is corrected
- be more picky about permission of pre-shared key file (don't open it
it it looks vulnerable).
|
|
|
|
|
|
|
|
(does not use anoncvs any more).
changes in racoon itself is way too many to mention. for full changelog refer
http://www.kame.net/dev/cvsweb.cgi/kame/CHANGELOG.
|
|
assume that a full (i.e. "with RSA") OpenSSL installation already
exists on the system (and thus a dependency on ../security/openssl
is not needed).
|
|
|
|
|
|
|
|
|
|
|
