diff options
| author |   mpi <mpi@openbsd.org> | 2017-08-22 15:03:37 +0000 |
|---|---|---|
| committer | mpi <mpi@openbsd.org> | 2017-08-22 15:03:37 +0000 |
| commit | 3e56d06f776a22fcdd8112809cddbed3d17a5e0f (patch) | |
| tree | 12fc655e73f8e399212486f1296ee7dcf597fe1d | |
| parent | Prevent a race against ipsec_in_use. (diff) | |
| download | wireguard-openbsd-3e56d06f776a22fcdd8112809cddbed3d17a5e0f.tar.xz wireguard-openbsd-3e56d06f776a22fcdd8112809cddbed3d17a5e0f.zip | |
Remove listing of fixed bugs.
ok markus@
| -rw-r--r-- | sbin/isakmpd/BUGS | 50 |
1 files changed, 1 insertions, 49 deletions
diff --git a/sbin/isakmpd/BUGS b/sbin/isakmpd/BUGS index 0aafa4f99d0..670eb9f8aea 100644 --- a/sbin/isakmpd/BUGS +++ b/sbin/isakmpd/BUGS @@ -1,68 +1,20 @@ -$OpenBSD: BUGS,v 1.15 2006/06/02 19:35:55 hshoexer Exp $ +$OpenBSD: BUGS,v 1.16 2017/08/22 15:03:37 mpi Exp $ $EOM: BUGS,v 1.38 2000/02/18 08:47:35 niklas Exp $ Until we have a bug-tracking system setup, we might just add bugs to this file: ------------------------------------------------------------------------------ -* message_drop frees the message, this is sometimes wrong and can cause - duplicate frees, for example when a proposal does not get chosen. [fixed] - -* Notifications should be their own exchanges, otherwise the IV gets - disturbed. [fixed] * We need a death timeout on half-ready SAs just like exchanges. At the moment we leak SAs. -* When we establish a phase 2 exchange we seem to get the wrong IV set, - according to SSH's logs. [fixed] - -* If a phase 1 SA negotiation terminates with a cause that is to be sent in - a NOTIFY to the peer, we get multiple free calls on the cleanup of the - informational exchange. [fixed] - -* IKE mandates that a HASH should be added to informational exchanges in - phase 2. [fixed] - -* Message_send requires an exchange to exist, and potentially it tries to - encrypt a message multiple times when retransmitting. [fixed] - -* Multiple protocol proposals seems to fail. [fixed] - -* The initiator fails to match the responders choice of protocol suite with - the correct one of its own when several are offered. [fixed] - -* Duplicate specified sections is not detected. [fixed] - * Quick mode establishments via UI using -P bind-addr gets "Address already in use". -* Not chosen proposals should be deleted from the protos list in the sa - structure. [fixed] - -* Setting SPIs generates "Invalid argument" errors due to one tunnel endpoint - being INADDR_ANY. [fixed] - -* ipsec_proto structs are never allocated. [fixed] - -* Remove SPIs of unused proposals. [fixed] - * If the first proposal is turned down, the initiator gets confused. * Renegotiation after a failed phase 1 fails. -* Phase 1 rekey event removal seems to be done twice. [fixed] - -* PF_ENCAP expirations does not find the proper phase 2 SA to remove. [fixed] - -* ISAKMP SA expirations should have a soft/hard timeout just like IPsec ones. - The soft one should put a watchdog on the SA, and start a renegotiation as - soon as something used the SA. Hard ones should just clean it up, no - renegotiation at all. [fixed] - -* ISAKMP SAs does not get removed after rekeying. [fixed] - -* On-demand PF_ENCAP SAs does not get reestablished. [fixed] - * Rekeying is now done automatically on expirations, it should not. The SAs should be brought up on-demand just like the first time. |