On 2006-10-27 10:06 Emmanuel Dreyfus wrote:
> Well, I finished my paper, so I have spare time to start up the branch.
> Is it the right time? No change pending to HEAD?
I'm working on a couple of fixes in order to make SafeNet's SoftRemote
work with Racoon in XAUTH mode.
I already have working patches for two issues:
* Contrary to RFC 2408, responder Racoon requires that Vendor IDs be
sent in the first exchange of phase 1. This impairs XAUTH and DPD
function in SoftRemote.
* While in XAUTH mode, responder's Racoon script for phase1_up is not
called if initiator omits sending a REQUEST message.
These two patches are pretty rough right now, but I'll be able to
share them sometime next week.
I'm also considering adding some code to support the early drafts'
"push-style" XAUTH config mode, which is the only way of getting
SoftRemote to accept XAUTH parameters. I've put some code together,
but it's not working yet so it may or may not be ready for next week.