[strongSwan-dev] support for {left,right}allowany in charon?
Andreas Steffen
andreas.steffen at strongswan.org
Fri Jun 22 09:57:49 CEST 2012
Hi Mirko,
thanks for the feedback.
On 06/21/2012 01:41 PM, Mirko Parthey wrote:
> On Sat, Jun 09, 2012 at 02:50:47PM +0200, Andreas Steffen wrote:
>> the right|leftallowany feature is now supported by the new monolithic
>> IKEv1/v2 strongSwan 5.0 charon daemon. If you want to give it a
>> try, download our 5.0.0dr1 developers release
>>
>> http://download.strongswan.org/strongswan-5.0.0dr1.tar.bz2
>>
>> I also created the following IKEv2 allow-any example scenario:
>>
>> http://www.strongswan.org/uml/testresults5dr/ikev2/dynamic-initiator/
>
> Hi Andreas,
>
> I have been using the 5.0.0dr1 release for a week now, with a
> configuration based on the rightallowany feature, and it is working well
> for me.
>
> A few minor issues:
>
> Building strongswan fails when the --enable-certexpire option is set:
> certexpire_export.c: In function ‘certexpire_export_create’:
> certexpire_export.c:356: error: ‘charon’ undeclared (first use in this function)
> certexpire_export.c:356: error: (Each undeclared identifier is reported only once
> certexpire_export.c:356: error: for each function it appears in.)
> The reason seems to be a missing #include <daemon.h>.
>
Fixed by
http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=aa8898bc455cae6920694c841e7e1dacab862bcf
> The ikev2/dynamic-* test scenarios talk about "IKE main mode", which is an
> IKEv1 concept. Maybe this could be reworded in terms of IKEv2 exchanges?
>
Fixed by
http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=fc1629639128f2955d47e7ec4567957e2102695e
> Regards,
> Mirko
Regards
Andreas
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Dev
mailing list