Hosting Provided By

Re: [Users] ANNOUNCE: x509-1.5.2a bug fix for freeswan-2.05 released

From: Andreas Steffen <andreas.steffen(at)strongsec.net>
Date: Sun Feb 29 2004 - 16:49:22 EST

David Santinoli wrote:
> On Sun, Feb 29, 2004 at 08:56:13PM +0100, Andreas Steffen wrote:

>>FreeS/WAN 2.05 introduced a new st_ph1_iv state variable which caused
>>the IV for the encryption of notification messages sent during Main
>>Mode to be computed incorrectly. Version 1.5.2a corrects this bug.

>
>
> Does this bug have any relevance for those running 2.05+1.5.2 without

Yes, if an ID or AUTHENTICATION error occurs after the computation of the Diffie-Hellman secret but before the successful establishment of the ISAKMP SA. An informational exchange message will be generated by FreeS/WAN which will be incorrectly encrypted so that the peer will not be able read it.

>
> Thanks,
> David

Regards

Andreas

Andreas Steffen                   e-mail: andreas.steffen@strongsec.com
strongSec GmbH                    home:   
http://www.strongsec.com
Alter Zürichweg 20                phone:  +41 1 730 80 64

CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65

==========================================[strong internet security]===

_______________________________________________

FreeS/WAN Users mailing list
users@lists.freeswan.org
https://mj2.freeswan.org/cgi-bin/mj_wwwusr Received on Sun Feb 29 16:53:27 2004

This message: [ Message body ]
Next message: productorders(at)sewl.com.au: "[Users] notice!"
Previous message: Pedro Rebello de Andrade: "[Users] Interop update Draytek Vigor 2600."
In reply to David Santinoli: "Re: [Users] ANNOUNCE: x509-1.5.2a bug fix for freeswan-2.05 released"
Next in thread: Andreas Steffen: "[Users] ANNOUNCE: x509 patch with port wildcard interoperates now with Mac OS X Panther"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:02:06 EDT