Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 28 May 2003 14:48:22 -0700
From:      "Crist J. Clark" <crist.clark@attbi.com>
To:        freebsd-net@freebsd.org
Subject:   Merging Non-Back-Compatible setkey(8)
Message-ID:  <20030528214822.GB3907@blossom.cjclark.org>

next in thread | raw e-mail | index | archive | help
I sent a PR into the KAME guys a few weeks back about an issue with
setkey(8). The issue is that setkey(8) refers to the NULL encryption
algorithm by the rather misleading name, 'simple.' I'd hoped they'd
patch it in a back-compatible way, so that 'simple' still would work,
but they've just swapped 'simple' for 'null' in the code.

So now I'm trying to decide what to do, stay close to the vendor and
merge their change, add a hack that accepts both, or leave it for
someone else to worry about when they next sync stuff with KAME.

My personal lean is that 'simple,' now known as 'null,' should only
really be used as a debugging tool so we wouldn't be breaking many, if
any at all, existing installations. I should go ahead and merge it
into -CURRENT and -STABLE (honoring any code freezes of course)
as-is.

So, my reason for writing is, is anyone aware of wide-spread use of
the NULL encryption algorithm in confguration file that will get
broken by such a change?
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030528214822.GB3907>