BSDSec

OpenIKED 7.2 released

1 December, 2022 by tobhe@openbsd.org | openbsd

We have released OpenIKED 7.2, which will be arriving in the
OpenIKED directory of your local OpenBSD mirror soon.

This release includes the following changes to the previous release:

  * Added iked connection statistics counters that can be viewed with
    'ikectl show stats'

  * Added support for sending certificate chains in multiple CERT payloads.

  * Added OpenIKED vendor ID payload to improve interoperability with older
    versions

  * Improved policy lookup by respecting the srcnat property

  * Fixed nonce comparison bug which lead to sporadic failures because
    the wrong Child SA got deleted.

  * Fixed interoperability with implementations sending more than one CERT
    payload

  * Fixed a bug where NAT-T was not working correctly on Linux

  * Fixed various bugs and memory leaks.

OpenIKED is known to compile and run on OpenBSD, FreeBSD, NetBSD, macOS
and the Linux distributions Arch, Debian, Fedora and Ubuntu.

It is our hope that packagers take interest and help adapt OpenIKED to
more distributions.

OpenIKED can be downloaded from any of the mirrors listed at
https://www.openbsd.org/ftp.html, from the /pub/OpenBSD/OpenIKED
directory.

General bugs may be reported to bugs@openbsd.org. Portable bugs
may be filed at https://github.com/openiked/openiked-portable.

We welcome feedback and improvements from the broader community.
Thanks to all of the contributors who helped make this release
possible.