Note that to compile FreeS/WAN on Red Hat using the Red Hat kernel-source RPM you need to: rm include/linux/modules/*.ver before you 'make dep'. Otherwise you get module version brokenness.
-derek "Lucky Green" <[EMAIL PROTECTED]> writes: > The big question is: will FreeS/WAN latest release after some 4 or 5 > years of development finally both compile and install cleanly on current > versions of Red Hat Linux, FreeS/WAN's purported target platform? > > --Lucky, who is bothered by the fact that most his Linux using friends > so far have been unable to get FreeS/WAN to even compile into a working > kernel, while just about every *BSD distribution - and for that matter > Windows XP - ship with a working IPSec implementation out-of-the-box. > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]] On Behalf Of Bill Stewart > > Sent: Thursday, December 06, 2001 2:05 AM > > To: [EMAIL PROTECTED] > > Cc: [EMAIL PROTECTED] > > Subject: FreeSWAN Release 1.93 ships! > > > > > > From Claudia Schmeing <[EMAIL PROTECTED]>'s summary: > > <http://lists.freeswan.org/pipermail/briefs/> > > ========= > > > > 1. Release 1.93 ships! > > =================== > > 1 post Dec 3 > > > > http://lists.freeswan.org/pipermail/users/2001-December/005632 > .html > > A number of small improvements have been added to this release, which > was shipped on-time. > > Some highlights: > > * Diffie-Hellman group 5 is now the first group proposed. > * Two cases where fragmentation is needed will be handled better, thanks > to these two changes > > The code that decides whether to send an ICMP complaint back > about > a packet which had to be fragmented, but couldn't be, has gotten > smart enough that we now feel comfortable enabling it by > default. > and > > IKE (UDP/500) packets which were large enough to be fragmented > used > to be mishandled, with some of the fragments failing to bypass > IPsec > tunnels properly. This has been fixed; our thanks to Hans > Schultz. > > * If Pluto gets more than one RSA key from DNS, it will now try each > key. > This will help when a system administrator replaces a key. > * There is preliminary support for building RPMs. > * SMP support is better. > * The team has eliminated a vulnerability that might permit a denial of > service > attack. > > What can we expect from the next release? Henry Spencer writes: > > We are in the process of chasing down a couple of significant bugs > (which > have been there since at least 1.92 and possibly earlier), and we > *might* > ship another release quite shortly if we nail them down and fix > them. If > we don't, we won't. Barring that possibility, the next release is > planned > for the end of January; a more precise date will be announced > shortly. > > > > > --------------------------------------------------------------------- > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH [EMAIL PROTECTED] PGP key available