subject:"\[Group.of.nepali.translators\] \[Bug 1734207\] Re\: Multiple PSKs with dyndns left\/rightids doesn't work"

[Group.of.nepali.translators] [Bug 1734207] Re: Multiple PSKs with dyndns left/rightids doesn't work

2018-01-03 Thread Launchpad Bug Tracker

This bug was fixed in the package strongswan - 5.3.5-1ubuntu3.5

---
strongswan (5.3.5-1ubuntu3.5) xenial; urgency=medium

  * d/p/ikev1-First-do-PSK-lookups-lp1734207.patch ensure evaluation
with resolvable hostnames selects the right PSK (LP: #1734207).

 -- Christian Ehrhardt   Mon, 18 Dec
2017 11:22:24 +0100

** Changed in: strongswan (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1734207

Title:
  Multiple PSKs with dyndns left/rightids doesn't work

Status in strongswan package in Ubuntu:
  Fix Released
Status in strongswan source package in Xenial:
  Fix Released
Status in strongswan source package in Zesty:
  Fix Released
Status in strongswan source package in Artful:
  Fix Released

Bug description:
  [Impact]

   * charon unnecessarily selects a wrong PSK in some cases:
 * A site-to-site connection using resolvable hostnames (e.g., DynDNS) as 
identities in /etc/ipsec.secrets and a Roadwarrior connection (using %any as 
remote peer identity)
 * Multiple site-to-site connections using resolvable hostnames as 
identities

   * Fix is a backport from upstream in since 5.5.2

  [Test Case]

   * There are detailed steps on how to configure for this case on 
 https://wiki.strongswan.org/issues/2223

  [Regression Potential]

   * It is known (see discussion in upstream bug) that this can slightly 
 increase the connection setup as it adds a dns query. But un-breaking 
 the covered use cases was considered worth to do so upstream, and so 
 should we.

   * By changing the IKEv1 PSK codepath is the only changed path, so this is 
 the area where unexpected regressions could occur. None of the testing 
 found some so far and since upstream didn't change it for a while it 
 seems safe to me.

  [Other Info]
   
* n/a

  ---

  See: https://wiki.strongswan.org/issues/2223

  There is a chance to get an backport into xenial?

  It's fixed in the upstream version 5.5.2

  # apt-cache policy strongswan
  strongswan:
    Installed: 5.3.5-1ubuntu3.4
    Candidate: 5.3.5-1ubuntu3.4

  # lsb_release -rd
  Description:Ubuntu 16.04.3 LTS
  Release:16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1734207/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1734207] Re: Multiple PSKs with dyndns left/rightids doesn't work

2018-01-02 Thread Launchpad Bug Tracker

This bug was fixed in the package strongswan - 5.5.1-4ubuntu2.2

---
strongswan (5.5.1-4ubuntu2.2) artful; urgency=medium

  * d/p/ikev1-First-do-PSK-lookups-lp1734207.patch ensure evaluation
with resolvable hostnames selects the right PSK (LP: #1734207).

 -- Christian Ehrhardt   Mon, 18 Dec
2017 11:05:57 +0100

** Changed in: strongswan (Ubuntu Artful)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1734207

Title:
  Multiple PSKs with dyndns left/rightids doesn't work

Status in strongswan package in Ubuntu:
  Fix Released
Status in strongswan source package in Xenial:
  Fix Committed
Status in strongswan source package in Zesty:
  Fix Released
Status in strongswan source package in Artful:
  Fix Released

Bug description:
  [Impact]

   * charon unnecessarily selects a wrong PSK in some cases:
 * A site-to-site connection using resolvable hostnames (e.g., DynDNS) as 
identities in /etc/ipsec.secrets and a Roadwarrior connection (using %any as 
remote peer identity)
 * Multiple site-to-site connections using resolvable hostnames as 
identities

   * Fix is a backport from upstream in since 5.5.2

  [Test Case]

   * There are detailed steps on how to configure for this case on 
 https://wiki.strongswan.org/issues/2223

  [Regression Potential]

   * It is known (see discussion in upstream bug) that this can slightly 
 increase the connection setup as it adds a dns query. But un-breaking 
 the covered use cases was considered worth to do so upstream, and so 
 should we.

   * By changing the IKEv1 PSK codepath is the only changed path, so this is 
 the area where unexpected regressions could occur. None of the testing 
 found some so far and since upstream didn't change it for a while it 
 seems safe to me.

  [Other Info]
   
* n/a

  ---

  See: https://wiki.strongswan.org/issues/2223

  There is a chance to get an backport into xenial?

  It's fixed in the upstream version 5.5.2

  # apt-cache policy strongswan
  strongswan:
    Installed: 5.3.5-1ubuntu3.4
    Candidate: 5.3.5-1ubuntu3.4

  # lsb_release -rd
  Description:Ubuntu 16.04.3 LTS
  Release:16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1734207/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1734207] Re: Multiple PSKs with dyndns left/rightids doesn't work

2018-01-02 Thread Launchpad Bug Tracker

This bug was fixed in the package strongswan - 5.5.1-1ubuntu3.3

---
strongswan (5.5.1-1ubuntu3.3) zesty; urgency=medium

  * d/p/ikev1-First-do-PSK-lookups-lp1734207.patch ensure evaluation
with resolvable hostnames selects the right PSK (LP: #1734207).

 -- Christian Ehrhardt   Mon, 18 Dec
2017 11:13:53 +0100

** Changed in: strongswan (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1734207

Title:
  Multiple PSKs with dyndns left/rightids doesn't work

Status in strongswan package in Ubuntu:
  Fix Released
Status in strongswan source package in Xenial:
  Fix Committed
Status in strongswan source package in Zesty:
  Fix Released
Status in strongswan source package in Artful:
  Fix Released

Bug description:
  [Impact]

   * charon unnecessarily selects a wrong PSK in some cases:
 * A site-to-site connection using resolvable hostnames (e.g., DynDNS) as 
identities in /etc/ipsec.secrets and a Roadwarrior connection (using %any as 
remote peer identity)
 * Multiple site-to-site connections using resolvable hostnames as 
identities

   * Fix is a backport from upstream in since 5.5.2

  [Test Case]

   * There are detailed steps on how to configure for this case on 
 https://wiki.strongswan.org/issues/2223

  [Regression Potential]

   * It is known (see discussion in upstream bug) that this can slightly 
 increase the connection setup as it adds a dns query. But un-breaking 
 the covered use cases was considered worth to do so upstream, and so 
 should we.

   * By changing the IKEv1 PSK codepath is the only changed path, so this is 
 the area where unexpected regressions could occur. None of the testing 
 found some so far and since upstream didn't change it for a while it 
 seems safe to me.

  [Other Info]
   
* n/a

  ---

  See: https://wiki.strongswan.org/issues/2223

  There is a chance to get an backport into xenial?

  It's fixed in the upstream version 5.5.2

  # apt-cache policy strongswan
  strongswan:
    Installed: 5.3.5-1ubuntu3.4
    Candidate: 5.3.5-1ubuntu3.4

  # lsb_release -rd
  Description:Ubuntu 16.04.3 LTS
  Release:16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1734207/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1734207] Re: Multiple PSKs with dyndns left/rightids doesn't work

[Group.of.nepali.translators] [Bug 1734207] Re: Multiple PSKs with dyndns left/rightids doesn't work

[Group.of.nepali.translators] [Bug 1734207] Re: Multiple PSKs with dyndns left/rightids doesn't work

3 matches

Site Navigation

Mail list logo

Footer information