From owner-freebsd-stable  Fri Jan 31 14: 7:36 2003
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 563FD37B401
	for <freebsd-stable@freebsd.org>; Fri, 31 Jan 2003 14:07:35 -0800 (PST)
Received: from sep.oldach.net (sep.oldach.net [194.180.25.6])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DC03E43F3F
	for <freebsd-stable@freebsd.org>; Fri, 31 Jan 2003 14:07:33 -0800 (PST)
	(envelope-from hmo@sep.oldach.net)
Received: from sep.oldach.net (localhost [127.0.0.1])
	by sep.oldach.net (8.12.6/8.12.6/hmo29jun02) with ESMTP id h0VM7JP9030848
	(version=TLSv1/SSLv3 cipher=EDH-DSS-DES-CBC3-SHA bits=168 verify=NO);
	Fri, 31 Jan 2003 23:07:19 +0100 (CET)
	(envelope-from hmo@sep.oldach.net)
Received: (from hmo@localhost)
	by sep.oldach.net (8.12.6/8.12.6/Submit) id h0VM7Ih6030847;
	Fri, 31 Jan 2003 23:07:18 +0100 (CET)
	(envelope-from hmo)
Message-Id: <200301312207.h0VM7Ih6030847@sep.oldach.net>
Subject: Re: HEADS UP: fast ipsec committed
In-Reply-To: <100c01c2c973$9e7decf0$52557f42@errno.com> from Sam Leffler at "Jan 31, 2003  1:56:33 pm"
To: sam@errno.com (Sam Leffler)
Date: Fri, 31 Jan 2003 23:07:18 +0100 (CET)
Cc: freebsd-stable@freebsd.org
From: Helge Oldach <stable31jan03@oldach.net>
X-Message-Flag: No HTML mail please
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

Sam Leffler:
> > diff -r /usr/include/net/pfkeyv2.h /mnt/usr/include/net/pfkeyv2.h
> > 1c1
> > < /* $FreeBSD: src/sys/net/pfkeyv2.h,v 1.4.2.4 2003/01/24 05:11:33 sam Exp
> $ */
> > ---
> > > /* $FreeBSD: src/sys/net/pfkeyv2.h,v 1.4.2.3 2001/10/24 19:49:13 ume Exp
> $ */
> > 303,305c303,305
> > < #define SADB_AALG_MD5HMAC 2
> > < #define SADB_AALG_SHA1HMAC 3
> > < #define SADB_AALG_MAX 251
> > ---
> > > #define SADB_AALG_MD5HMAC 1 /*2*/
> > > #define SADB_AALG_SHA1HMAC 2 /*3*/
> > > #define SADB_AALG_MAX 8
> >
> Yes, I missed this in my commit.  I should revert pfkeyv2.h's constants to
> maintain binary compatibility.  Unfortunately this will require another
> rebuild of racoon.  Sorry.

Never mind. My intention was just to warn the list about this side
effect.

It will affect -STABLE trackers who install ports on their own only.
Future -RELEASE users installing packages will see a working racoon.

The new constants appear more sensible to me as they are in line
with RFC 2407. Please keep it like it is; it's fairly easy to make a
workaround.

I would suggest to just document the necessity to re-build userland
ISAKMP daemons in UPDATING instead.

Regards,
Helge

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message