Public bug reported:
Ubuntu Trusty seems to be affected by the scenario number 1 described in
this post on OpenSSL's bug tracker:
http://rt.openssl.org/Ticket/Attachment/45105/25601/
To summarize, verifying the peer's identifer fails when the peer's DN
contains a component of ASN.1 type
I did some testing yesterday with the proposed package, and everything
seems to work fine.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ipsec-tools in Ubuntu.
https://bugs.launchpad.net/bugs/947309
Title:
racoon phase 2
I had a discussion on this issue with one of the upstream developers.
According to him, racoon should observe the addition of a new IP address
via a NETLINK socket, but this functionality is broken in versions prior
to 0.8 causing it to fail with some configurations. He also mentioned
that there
It's the same story as with your PPA package: I installed the proposed
package 4 weeks ago and haven't heard any complaints. I suppose the
package fixes the problem without regressions, but haven't yet had the
possibility to personally verify this.
Is there some hard time limit before which the
What kind of test case did you use? If you stop an interface and restart
it while racoon is running, racoon has already bound to the IP address
of the interface and will work, provided that the interface keeps the
same address.
The problem occurs when racoon starts up while an interface is down
All right, I did some testing today. The problem indeed disappears with
the patched packages.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ipsec-tools in Ubuntu.
https://bugs.launchpad.net/bugs/947309
Title:
racoon phase 2
I installed the patched package on my client's server a couple of weeks
ago, and I haven't heard any complaints since. I haven't yet had the
chance to personally verify the behavior, but I plan to do that when I'm
visiting their site later this week.
--
You received this bug notification because
Public bug reported:
Release: 11.04
racoon version: 1:0.7.3-12ubuntu1
When a new network interface is brought up, racoon does not bind to its
address if already running. Many other daemon packages, such as openssh-
server, contain a script in /etc/network/if-up.d to signal or restart
the daemon
** Patch added: Suggested solution
https://bugs.launchpad.net/bugs/972786/+attachment/2998333/+files/ipsec-tools-sighup-on-if-up.patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ipsec-tools in Ubuntu.
Yes, I can help with that.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ipsec-tools in Ubuntu.
https://bugs.launchpad.net/bugs/947309
Title:
racoon phase 2 negotiation fails with Win Vista/7
To manage notifications about this
This looks like the upstream bug report on the problem:
http://gnats.netbsd.org/42363
There are two patches changing a single line in handler.c. I haven't yet
verified if these patches really solve the problem, though.
--
You received this bug notification because you are a member of Ubuntu
Public bug reported:
Ubuntu release: 10.04
racoon package version: 1:0.7.1-1.6ubuntu1
IKE phase 2 negotiation fails with Windows Vista/7 L2TP clients if there
already is a non-expired ESP SA for that client, created for the
previous session. See the discussion here:
12 matches
Mail list logo