File ike.changes of Package ike

-------------------------------------------------------------------
Mon Nov  1 12:36:52 UTC 2010 - chris@computersalat.de

- update to 2.1.7
  o Correct an issue with the VPN Access Manager related to pcf import. When
    a non encrypted password is present, don't try to hex-decode it. Just
    import it as plain text.
  o Make sure we don't try to set the initial flag to true on a non-ipsec
    policy. Wait for the first ipsec policy instead. Thanks to Michael Kenny
    for diagnosing this issue and submitting the patch.
  o Correct an issue in ikea with the dialog updates after loading the
    phase1 and phase2 options. Make sure we call the update functions at the
    end of the load process.
  o Modify the location of dialog update helper routine calls in the site
    configuration load member function. The must be called in the correct
    order or problems will occur. Thanks to Michael Kenney for reporting
    this issue.
  o Correct a bug in the ikec program that caused an invalid filename to be
    displayed when prompting the user for a password. Thanks to Michael
    Kenny for submitting this patch.
  o Modify iked to only create a NONE policy for the next-hop address when
    the vpn gateway is not on a network locally attached to the client. This
    caused communication failures as the route was being installed as
    0.0.0.0 -> next-hop which is obviously incorrect.
  o Fix a bug with the shared policy level support. When a IPsec SA expires,
    the peer may attempt to initiate a new phase2 negotation as a
    replacement. This will cause negotiation to fail as the source ID will
    always be 0.0.0.0/0 which won't match a policy. Correct this by only
    matching policies the destination ID since the source ID will always be
    generic. 

-------------------------------------------------------------------
Fri Oct  1 19:01:20 UTC 2010 - chris@computersalat.de

- initial package 2.1.6