Date: Tue, 22 Jan 2002 00:44:10 -0700 From: "Sean McCreary" <mccreary@pch.net> To: freebsd-security@FreeBSD.ORG Subject: Update for isakmpd port Message-ID: <200201220744.g0M7iAB01318@xoanon.mcwest.org>
next in thread | raw e-mail | index | archive | help
I've put together an update for isakmpd in the ports collection, and I'd like
some feedback before I submit the changes. The port is based off the
isakmpd source released with OpenBSD 3.0, but includes several patches to
make it work better with FreeBSD. In addition to patches to the sysdep
files for FreeBSD, I also changed the default location for the isakmpd.conf
from /etc/isakmpd to /usr/local/etc/isakmpd. This may be controversial, but
it seems to match the approach taken in other ports like the one for OpenSSH.
Feel free to tell me whether you think this is a good or bad thing :-)
This version also supports negotiation of SAs in phase 2 that use encryption
algorithms other than DES or 3DES, and uses arc4random() for the generation
of cookies rather than the predictable sequence generated by random(). There
are a few more things that need to be done to fix problems with building
certpatch automatically and running the regression tests, but the daemon
itself runs well for me and I'd like feedback on how well it works for others.
You can temporarily obtain the port from either
http://www.pch.net/software/isakmpd/isakmpd-3.0_FreeBSD_Port.tgz
or
ftp://ftp.cs.colorado.edu/pub/isakmpd/isakmpd-3.0_FreeBSD_Port.tgz
Please send feedback to either <isakmpd@pch.net> or me directly.
--
Sean McCreary mccreary@pch.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201220744.g0M7iAB01318>