FreeSWAN Release 1.93 ships!

Bill Stewart bill.stewart at
Thu Dec 6 05:04:45 EST 2001

 From Claudia Schmeing <claudia at>'s summary:

1.  Release 1.93 ships!
     1 post Dec 3

A number of small improvements have been added to this release, which was
shipped on-time.

Some highlights:

* Diffie-Hellman group 5 is now the first group proposed.
* Two cases where fragmentation is needed will be handled better, thanks
   to these two changes

        The code that decides whether to send an ICMP complaint back about
        a packet which had to be fragmented, but couldn't be, has gotten
        smart enough that we now feel comfortable enabling it by default.

        IKE (UDP/500) packets which were large enough to be fragmented used
        to be mishandled, with some of the fragments failing to bypass IPsec
        tunnels properly.  This has been fixed; our thanks to Hans Schultz.

* If Pluto gets more than one RSA key from DNS, it will now try each key.
   This will help when a system administrator replaces a key.
* There is preliminary support for building RPMs.
* SMP support is better.
* The team has eliminated a vulnerability that might permit a denial of 

What can we expect from the next release? Henry Spencer writes:

     We are in the process of chasing down a couple of significant bugs (which
     have been there since at least 1.92 and possibly earlier), and we *might*
     ship another release quite shortly if we nail them down and fix them.  If
     we don't, we won't.  Barring that possibility, the next release is planned
     for the end of January; a more precise date will be announced shortly.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list