Folks,

I've been working with the flashrd system for booting from compact flash
media, and ran across a case where I'd like to make some changes to isakmpd,
but before I do so I'm not sure that it's a good idea.

The location for certificates, CA's, private keys, etc. is hard-coded in
/usr/src/sbin/isakmpd/conf.h and conf.c to be /etc/isakmpd/. I'd like to be
able to set a flag on isakmpd at launch time that it should read the
information from a different path, such as /flash/isakmpd, so that such
system-specific information can be more easily preserved across upgrades of
the base system. However, since this is getting into crypto and security
territory, I'm not sure that it's a good idea to allow this path to be
changed.

I'm fairly certain that this is innocuous, but opinions, anyone, before I
start hacking?


--Paul

[demime 1.01d removed an attachment of type application/pkcs7-signature which 
had a name of smime.p7s]

Reply via email to