We’re the DNSSEC Experts.

We are an active contributor to DNS(SEC) standards, and the ONLY commercial DNSSEC vendor consulted on signed root deployment.

Our corporation's expertise is in accelerating the design, development and deployment of usable secure systems, based on open protocols and standards based security.
Our products make DNSSEC compliance simple, simple, simple, with a GUI second to none.
Learn More >

What They’re Saying

“DNSSEC needs to be far more automated than it is today. The Xelerance DNSX appliances address this issue.”
-- Dan Kaminsky

Upcoming Event:

Xelerance

Xelerance releases version 2.6.34 of Openswan

Posted June 8, 2011 in news

Xelerance has released openswan 2.6.34

This is a bugfix release mostly focussed on KLIPS and IPv6. Happy IPv6 day!

http://www.openswan.org/download/openswan-2.6.34.tar.gz
http://www.openswan.org/download/openswan-2.6.34.tar.gz.asc

The full change set for this release follows below.

v2.6.34 (June 8, 2011)
* Fix build without USE_EXTRACRYPTO introduced in 2.6.33 [Tuomo]
* Fix new leftmtu= option to pass correctly to _updown [Mattias Walstrom]
* Add Apple iOS work-around to l2tp example configs [Tuomo]
* KLIPS: Support to compile on Linux 2.6.38 and 2.6.39 [David]
* KLIPS: Make sin_family setting in delflow the same as addflow [David]
* KLIPS: IPv6 and SLES10 compile fixes [Sony Japan]
* KLIPS: IPv6 outbound policy check used wrong index [Sony Japan]
* KLIPS: Enable CryptoAPI per default [Paul]
* KLIPS: Module unload fixes [David]
* KLIPS: Routing cache corruption due to ip_select_ident [David]
* KLIPS: Only fixup the ethernet header it might be on [David]
* KLIPS: Fix for ixs->skb->dev is null at the top of ipsec_xmit_send [David]
* MAST: refcount bug in transport mode prevented ipsec.ko unload [Sony Japan]
* MAST: Don’t autopick mast [David]
* NETKEY: Fix AH mode [Avesh]
– rh #704548
* DYNDNS: using hostnames could lead to loss of ports in SA [Avesh]
– rh #703473
* Many uml testing harness fixes and updates, mostly IPv6 related [Paul/Hugh]
* “ipsec look” now shows NETKEY/XFRM and IPv6 routing table [Paul]
* “ipsec look” now shows iptables NEW_IPSEC_CONN mangle table [Paul]
* “ipsec look” and “ipsec barf” now shows ip6tables like iptables [Paul]
* Fix inbound policy –addin, and added –replacein [David]
* KLIPS: Fix family check when policies are not set [David]
* MAST: Fix family check when policies are not set [Sony Japan]
* Improve build speed (don’t recalculate build version all the time [David]
* XAUTH: Fix rekey with Cisco when remote_peer_type=cisco [Avesh]
* Openswan (IKEv2/IKEv1) icmp issue (redhat bz 681974) [Avesh]
* IKEv2: port range was hardcoded to 0-65535, not local policy [Avesh]
* MAST: Fix oops on module unload [David]
* Improve build speed, calulate version once [David]
* Import OpenWRT packaging updates [Simon]
* contrib: added openswan patch for 2.4.37.9 [Yannick Koehler]
* KLIPS: Fix for compiling on 2.6.22 (Fedora Core 6 based) kernels [Paul]
* KLIPS IPV6: Fix packet fragmentation [Paul]
* Added PLUTO_CONN_ADDRFAMILY= to updown.* (to disable SAref on v6) [Paul]
* KLIPS: cleanup packaging/*/config-* files [Paul]
* Fix a bunch of gcc unused-but-set-variable warnings [Paul]
* Fix some WERROR warnings [mcr]
* Various file descriptor leaks and mimor memleaks [Avesh/dhr]
* Removed reference to http://www.freeswan.org from ipsec –help [Tuomo]
* Bugtracker bugs fixed:
#1233 WARNING: at net/ipv4/af_inet.c:151 inet_sock_destruct on stop [David]

Login