CVS commit: [netbsd-6] src

Mon, 03 Sep 2012 11:45:47 -0700 

Module Name:    src
Committed By:   riz
Date:           Mon Sep  3 18:45:42 UTC 2012

Modified Files:
        src/distrib/notes/common [netbsd-6]: main
        src/doc [netbsd-6]: CHANGES

Log Message:
Pull up following revision(s) (requested by drochner in ticket #527):

mention switch to FAST_IPSEC in January


To generate a diff of this commit:
cvs rdiff -u -r1.484.2.1 -r1.484.2.2 src/distrib/notes/common/main
cvs rdiff -u -r1.1670.2.8 -r1.1670.2.9 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/distrib/notes/common/main
diff -u src/distrib/notes/common/main:1.484.2.1 src/distrib/notes/common/main:1.484.2.2
--- src/distrib/notes/common/main:1.484.2.1	Fri Aug 17 23:53:48 2012
+++ src/distrib/notes/common/main	Mon Sep  3 18:45:42 2012
@@ -1,4 +1,4 @@
-.\"	$NetBSD: main,v 1.484.2.1 2012/08/17 23:53:48 riz Exp $
+.\"	$NetBSD: main,v 1.484.2.2 2012/09/03 18:45:42 riz Exp $
 .\"
 .\" Copyright (c) 1999-2012 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -500,6 +500,15 @@ and
 .Xr groff 1
 can still be found in pkgsrc as
 .Pa textproc/groff .
+.It
+.Xr kame_ipsec 4
+has been replaced by
+.Xr fast_ipsec 4 .
+The option to use the old implementation (see
+.Xr options 4 )
+will be removed in the next
+.Nx
+release.
 .bullet)
 .
 .Ss "The NetBSD Foundation"
@@ -747,6 +756,12 @@ using either the
 .Xr sysctl 8
 command or through
 .Xr sysctl.conf 5 .
+.Pp
+The implementation of SHA2-HMAC in KAME_IPSEC as used in NetBSD-5
+and before did not comply to current standards.
+FAST_IPSEC does, with the result that old and new systems cannot
+communicate over IPSEC, if one of the affected authentication
+algorithms (hmac_sha256, hmac_sha384, hmac_sha512) is used.
 .
 .Ss2 Issues affecting an upgrade from NetBSD 4.x releases
 .Pp

Index: src/doc/CHANGES
diff -u src/doc/CHANGES:1.1670.2.8 src/doc/CHANGES:1.1670.2.9
--- src/doc/CHANGES:1.1670.2.8	Mon Aug 13 20:33:05 2012
+++ src/doc/CHANGES	Mon Sep  3 18:45:42 2012
@@ -1,4 +1,4 @@
-# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.1670.2.8 $>
+# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.1670.2.9 $>
 #
 #
 # [Note: This file does not mention every change made to the NetBSD source tree.
@@ -1213,6 +1213,8 @@ Changes from NetBSD 5.0 to NetBSD 6.0:
 		using large pages). [chs 20111204]
 	adventure(6): New save file format. Please regenerate (restore
 		and re-save) any old save files. [dholland 20120107]
+	ipsec(4): Make FAST_IPSEC the default IPSEC implementation.
+		[drochner 20120109]
 	x86, xen: Add cpu ucode loading support via cpuctl(8). [cegger 20120113]
 	sandpoint: Netronix NH-230/231 and compatible NAS are supported.
 		[phx 20120114]

Reply via email to