[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Merging Non-Back-Compatible setkey(8)



On Thu, May 29, 2003 at 01:38:49PM +0900, JINMEI Tatuya / ?$B?_(_at_)_L@C#:H wrote:
> >>>>> On Wed, 28 May 2003 14:48:22 -0700, 
> >>>>> "Crist J. Clark" <crist_(_dot_)_clark_(_at_)_attbi_(_dot_)_com> said:
> 
> > I sent a PR into the KAME guys a few weeks back about an issue with
> > setkey(8). The issue is that setkey(8) refers to the NULL encryption
> > algorithm by the rather misleading name, 'simple.' I'd hoped they'd
> > patch it in a back-compatible way, so that 'simple' still would work,
> > but they've just swapped 'simple' for 'null' in the code.
> 
> We (KAME) provided backward compatibility, though the fix warned when
> the old name is specified.  Our latest code works as follows:
> 
> # /usr/local/v6/sbin/setkey -c << E_O_F
> heredoc> add 10.0.0.1 10.0.0.2 esp 123457 -E simple;
> heredoc> E_O_F
> line 1: WARNING: encryption algorithm is obsoleted. at [simple]
> 
> # /usr/local/v6/sbin/setkey -D | head -10
> 10.0.0.1 10.0.0.2 
> 	esp mode=any spi=123457(0x0001e241) reqid=0(0x00000000)
> 	E: null 
> 	seq=0x00000000 replay=0 flags=0x00000040 state=mature 
> 	created: May 29 13:37:27 2003	current: May 29 13:37:52 2003
> 	diff: 25(s)	hard: 0(s)	soft: 0(s)
> 	last:                     	hard: 0(s)	soft: 0(s)
> 	current: 0(bytes)	hard: 0(bytes)	soft: 0(bytes)
> 	allocated: 0	hard: 0	soft: 0
> 	sadb_seq=8 pid=14308 refcnt=1

Sorry, I hadn't noticed that the changes were made with a number of
separate commits when I reviewed them. Thanks for the good work.
-- 
Crist J. Clark                     |     cjclark_(_at_)_alum_(_dot_)_mit_(_dot_)_edu
                                   |     cjclark_(_at_)_jhu_(_dot_)_edu
http://people.freebsd.org/~cjc/    |     cjc_(_at_)_freebsd_(_dot_)_org

Visit your host, monkey.org