[Ipsec-tools-commits] ipsec-tools ChangeLog,1.110,1.111
Brought to you by:
mit_warlord,
netbsd
From: Aidas K. <mo...@us...> - 2004-06-15 13:02:22
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv13793 Modified Files: ChangeLog Log Message: SECURITY: Certificate authentication bugfix. Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.110 retrieving revision 1.111 diff -u -d -r1.110 -r1.111 --- ChangeLog 11 Jun 2004 16:03:44 -0000 1.110 +++ ChangeLog 15 Jun 2004 13:02:12 -0000 1.111 @@ -1,3 +1,13 @@ +2004-06-15 Aidas Kasparas <a.k...@gm...> + + SECURITY + * src/racoon/crypto_openssl.[ch] (cb_check_cert_local, + cb_check_cert_remote): split cb_check_cert() due to stricter + requirements for certificates received from network. + * src/racoon/crypto_openssl.[ch] (eay_check_x509cert): new parameter + local to specify how strict cert check should be + * src/racoon/oakley.c, src/racoon/eaytest.c: adjust to use above + 2004-06-11 Michal Ludvig <ml...@su...> * src/racoon/nattraversal.c (natt_vendorid, natt_fill_options): Support @@ -27,6 +37,8 @@ * src/setkey/setkey.c: -n (no action) support. Thanks Thomas Habets. * src/setkey/setkey.8: Documentation for above. + * src/racoon/doc/README.certificate: updated link to more recent + version of document. Debian bug #252513 by Jose Luis Domingo Lopez 2004-06-01 Michal Ludvig <ml...@su...> |