Date: Thu, 29 May 2003 13:38:49 +0900 From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isl.rdc.toshiba.co.jp> To: "Crist J. Clark" <cjc@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: Merging Non-Back-Compatible setkey(8) Message-ID: <y7v1xyis6xy.wl@ocean.jinmei.org> In-Reply-To: <20030528214822.GB3907@blossom.cjclark.org> References: <20030528214822.GB3907@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> On Wed, 28 May 2003 14:48:22 -0700, >>>>> "Crist J. Clark" <crist.clark@attbi.com> said: > I sent a PR into the KAME guys a few weeks back about an issue with > setkey(8). The issue is that setkey(8) refers to the NULL encryption > algorithm by the rather misleading name, 'simple.' I'd hoped they'd > patch it in a back-compatible way, so that 'simple' still would work, > but they've just swapped 'simple' for 'null' in the code. We (KAME) provided backward compatibility, though the fix warned when the old name is specified. Our latest code works as follows: # /usr/local/v6/sbin/setkey -c << E_O_F heredoc> add 10.0.0.1 10.0.0.2 esp 123457 -E simple; heredoc> E_O_F line 1: WARNING: encryption algorithm is obsoleted. at [simple] # /usr/local/v6/sbin/setkey -D | head -10 10.0.0.1 10.0.0.2 esp mode=any spi=123457(0x0001e241) reqid=0(0x00000000) E: null seq=0x00000000 replay=0 flags=0x00000040 state=mature created: May 29 13:37:27 2003 current: May 29 13:37:52 2003 diff: 25(s) hard: 0(s) soft: 0(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=8 pid=14308 refcnt=1 JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?y7v1xyis6xy.wl>