patch1 for freeswan-1.2 ======================= This patch fixes several problems with pluto in FreeS/WAN Version 1.2. Without this patch, pluto will crash when it gets an IKE packet from an unexpected source. Furthermore, there were a number of bugs in the handling of identities and Road Warriors. This code is quite new so there may well be more. D. Hugh Redelmeier To use this patch: 1. Download: ncftp ftp://ftp.xs4all.nl/pub/crypto/freeswan/freeswan-* 2. You should now have: freeswan-1.2.tar.gz freeswan-1.2.tar.gz.sig freeswan-1.2.patch1.README freeswan-1.2.patch1.README.sig freeswan-1.2.patch1.gz freeswan-1.2.patch1.gz.sig freeswan-sigkey.asc 3. Check the files' integrity: pgp freeswan-1.2.tar.gz.sig freeswan-1.2.tar.gz pgp freeswan-1.2.patch1.README.sig freeswan-1.2.patch1.README pgp freeswan-1.2.patch1.gz.sig freeswan-1.2.patch1.gz 4. Unpack the FreeS/WAN sources where you would normally do so. 5. Before "making" anything, cd into the top-level FreeS/WAN source directory and apply the patches: cd .../freeswan-1.2/ zcat .../freeswan-1.2.patch1.gz | patch -p0 > PATCH.LOG 2>&1 || cat PATCH.LOG 6. The result should be console output of the form 'patching file '. It will also be in PATCH.LOG. If you see any 'FAILED' messages or mention of files with a suffix of '.rej', the patch has failed. Report the problem and do not proceed. 7. Now continue with the normal freeswan-1.2 installation by completely reading README and INSTALL in the top-level FreeS/WAN directory. Check the FreeS/WAN errata page at http://www.freeswan.org/errata.html for further updates.