[Swan] What to do with some rare KLIPS-only options, currently broken
David McCullough
ucdevel at gmail.com
Fri Jun 21 03:38:00 EEST 2013
Paul Wouters wrote the following:
> On Fri, 21 Jun 2013, David McCullough wrote:
>
> >I can only say that we have used overridemtu and hidetos in the past. I am
> >not sure about fragicmp.
> >
> >All I can say is that we already have a number of other klips only options
> >(like interfaces, klipsdebug). If we can manage those, is it really a
> >huge burden to maintain compat with older config files ?
> >
> >I can say that more and more embedded systems will be using at least the
> >"ipsec setup start" and similar scripts. I would probably say most already
> >do. Any systemd/init.d stuff is probably a little less used but not that
> >far from main stream.
>
> Okay, then I will fix these options by adding support for them in
> _stackmanager, which will require some support in addconn to get those
> values. I've filed this as:
>
> Bug 127 - Fix _startklips options lost in port to _stackmanager
>
> >Of course we switched to NSS completely as well so this is pretty minor in
> >comparison IMO ;-) :-) ;-)
>
> Still open for #ifdef NSS / OPENSSL :)
I know, hopefully soon I'll get to look at it properly :-)
Cheers,
Davidm
--
David McCullough, davidm at spottygum.com, Ph: 0410 560 763
More information about the Swan
mailing list