8810c16b934a2ad4f27aa86f95b0e8cec1c6ea46 |
|
03-Nov-2006 |
danmcd <none@none> |
PSARC 2005/516 IPsec Tunnel Reform
4882852 tunnels vs. inverse acquire.
4970365 Support of ESP tunnel mode within Solaris
5027528 in.iked should be more intelligent about tunnel addresses
6180161 need to support multiple tunnels to a single nat
6208976 ipsecconf error messages make me think there are monsters under the bed
6313012 Clean up from removal of ipsec_inbound_debug_tag()
6351840 assertion failed: (ipha->ipha_protocol != 6) && (ipha->ipha_protocol != 17), ip.c, line: 15351
6359831 multicast tunnels don't get their IPsec policy checked.
6369094 ipseckey shouldn't accept/save-out encryption algorithm even it's none/any
6374560 ipseckey debug functions should be moved to libipsecutil
6374596 dump utilities need to be able to understand inner tunnel addresses and netmasks
6402781 Five dead declarations in IPsec code
6405338 spdsock leaks policy head references
6437366 NAT-OA payloads not processed early enough.
6465594 ipsec_policy_delete() uses wrong ipsec_selkey_t structure.
6467596 spdsock_ext_to_actvec() needs to reset "act" upon every SPD_ATTR_NEXT.
6470725 PF_POLICY shouldn't accept '0' for an algorithm value.
6475903 Outbound DROP rules are not enforced
6480815 INVERSE_ACQUIRE failures leak in in.iked
6482403 Race in in.iked, early door call vs. rest of initialization code
6482653 Don't accept UDP-encapsulated ESP on non-NAT SAs.
6487857 Post-ACQUIRE, AH+ESP packets misinitalized ipha/ip6 |