Bug #5782: ike.config(4) needs additional oakley_group numbers - illumos gate - illumos

Bug #5782

ike.config(4) needs additional oakley_group numbers

Added by Eric Sproul about 6 years ago. Updated about 6 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Eric Sproul

Category:

Start date:

2015-04-02

Due date:

% Done:

100%

Estimated time:

Difficulty:

Bite-size

Tags:

needs-triage

Gerrit CR:

Description

While setting up a new IPsec tunnel, I noticed that the documented oakley_group numbers in ike.config(4) are not the only ones supported. We appear to support some or all of the additional numbers from RFC 5114, section 3.2 (I used 21). The man page should be enhanced to list the additional group numbers that we support.

Updated by Dan McDonald about 6 years ago

The ikedoor.h file has the values we support: http://src.illumos.org/source/xref/illumos-gate/usr/src/lib/libipsecutil/common/ikedoor.h. Look for IKE_GRP_DESC_*.

Updated by Eric Sproul about 6 years ago

Status changed from New to Feedback
Assignee set to Eric Sproul
% Done changed from 0 to 100

Updated by Electric Monk about 6 years ago

Status changed from Feedback to Closed

git commit 808449d51f6ccd25ce8ca4ff2e7cb4302ad9b574

commit  808449d51f6ccd25ce8ca4ff2e7cb4302ad9b574
Author: Eric Sproul <eric.sproul@circonus.com>
Date:   2015-04-07T16:15:51.000Z

    5782 ike.config(4) needs additional oakley_group numbers
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Reviewed by: Bayard Bell <buffer.g.overflow@gmail.com>
    Approved by: Robert Mustacchi <rm@joyent.com>

Also available in: Atom PDF

Project

General

Profile

illumos gate

Custom queries

Bug #5782

ike.config(4) needs additional oakley_group numbers

Updated by Dan McDonald about 6 years ago

Updated by Eric Sproul about 6 years ago

Updated by Electric Monk about 6 years ago