Note that to compile FreeS/WAN on Red Hat using the Red Hat
kernel-source RPM you need to:
rm include/linux/modules/*.ver
before you 'make dep'. Otherwise you get module version
brokenness.
-derek
Lucky Green [EMAIL PROTECTED] writes:
The big question is: will FreeS/WAN latest release after some 4 or 5
years of development finally both compile and install cleanly on current
versions of Red Hat Linux, FreeS/WAN's purported target platform?
--Lucky, who is bothered by the fact that most his Linux using friends
so far have been unable to get FreeS/WAN to even compile into a working
kernel, while just about every *BSD distribution - and for that matter
Windows XP - ship with a working IPSec implementation out-of-the-box.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Bill Stewart
Sent: Thursday, December 06, 2001 2:05 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: FreeSWAN Release 1.93 ships!
From Claudia Schmeing [EMAIL PROTECTED]'s summary:
http://lists.freeswan.org/pipermail/briefs/
=
1. Release 1.93 ships!
===
1 post Dec 3
http://lists.freeswan.org/pipermail/users/2001-December/005632
.html
A number of small improvements have been added to this release, which
was shipped on-time.
Some highlights:
* Diffie-Hellman group 5 is now the first group proposed.
* Two cases where fragmentation is needed will be handled better, thanks
to these two changes
The code that decides whether to send an ICMP complaint back
about
a packet which had to be fragmented, but couldn't be, has gotten
smart enough that we now feel comfortable enabling it by
default.
and
IKE (UDP/500) packets which were large enough to be fragmented
used
to be mishandled, with some of the fragments failing to bypass
IPsec
tunnels properly. This has been fixed; our thanks to Hans
Schultz.
* If Pluto gets more than one RSA key from DNS, it will now try each
key.
This will help when a system administrator replaces a key.
* There is preliminary support for building RPMs.
* SMP support is better.
* The team has eliminated a vulnerability that might permit a denial of
service
attack.
What can we expect from the next release? Henry Spencer writes:
We are in the process of chasing down a couple of significant bugs
(which
have been there since at least 1.92 and possibly earlier), and we
*might*
ship another release quite shortly if we nail them down and fix
them. If
we don't, we won't. Barring that possibility, the next release is
planned
for the end of January; a more precise date will be announced
shortly.
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH
[EMAIL PROTECTED]PGP key available
