Author: markfen
Repository: /hg/onnv/onnv-gate
Latest revision: 9fa3fc23fb8f69bbdc61f556196cea6836a1a9c9
Total changesets: 1
Log message:
PSARC/2008/232 Paired IPsec Security Associations
6584918 in.iked will exit if you try and add a duplicate rule with ikeadm
6595953 Remove SCCS keywords from ipsec{ah,esp}, keysock, and spdsock
6628201 Inbound and Outbound IPsec SA's should be treated as a pair.
6643439 check_rule() in in.iked does not sanity check kilobyte based lifetime
values
6668752 ikeadm(1m) get defaults displays wrong value for p2_softlife_kb
6669211 Need a way to disable Soft Expires when using in.iked(1m)
6670612 sadb_address_proto and sadb_address_prefixlen need to be initialized in
NAT_T extensions.
6674203 Ordering of src/dst address extensions in pf_key messages is
inconsistent.
6676436 ipseckey(1m) error messages could be less cryptic
6683004 Updating hard_usetime on an IPsec SA will cause it to evaporate.
6703265 in.iked can dump core if avl_nearest() returns NULL
Files:
update: usr/src/cmd/cmd-inet/usr.sbin/ipsecutils/ipseckey.c
update: usr/src/lib/libipsecutil/common/ipsec_util.c
update: usr/src/uts/common/inet/ip/ipsecah.c
update: usr/src/uts/common/inet/ip/ipsecahddi.c
update: usr/src/uts/common/inet/ip/ipsecesp.c
update: usr/src/uts/common/inet/ip/ipsecespddi.c
update: usr/src/uts/common/inet/ip/keysock.c
update: usr/src/uts/common/inet/ip/keysockddi.c
update: usr/src/uts/common/inet/ip/sadb.c
update: usr/src/uts/common/inet/ip/spdsockddi.c
update: usr/src/uts/common/inet/sadb.h
update: usr/src/uts/common/net/pfkeyv2.h
