PSARC 2010/101 in.iked preshared key file extensions
6511591 Support at least remote-prefixes for preshared key entries

PSARC 2010/102 ikeadm dump algs
6927650 provide the list of DH groups in ikeadm
6927657 provide the list of algorithms offered by iked for IKE in ikeadm

PSARC 2010/055 ECP and RFC5114 groups for IKE
6586320 RFC 4753 ECP groups needed for IKE
6900895 RFC 5114 ECP Diffie-Hellman groups
6897862 RFC 5114 integer modulus Diffie-Hellman groups

6874992 in.iked does not use network byte order for IP address in sendto() call
6874983 ikedoor.h is not C++ safe
6885833 IPsec utilities should print lifetimes in human readable format
6889086 ikeadm reports kilobyte lifetimes with wrong units
6898492 iked should enforce lower maximum values for lifetimes
6897711 iked debug output should be less confusing for average sysadmin
6902926 SOFT kilobyte expires for inbound SAs should make it to userland and be reacted upon

PSARC/2008/252 Labeled IPsec phase 1
6886771 Labeled IPsec phase 1
6808727 Alignment error panic in tsol_can_accept_raw()
6894979 nightly -0 + -p builds then destroys SUNW0on

6824443 Make in.iked a 64-bit process when possible.

PSARC 2008/525 ikeadm token login
6219638 in.iked(1m) should not have to read PKCS#11 pins off-disk
6780866 ikeadm should use authorizations

PSARC 2008/523 IPsec session failover
6398024 IPsec should support session failover across machines
6545486 PF_KEY needs to set an SA's sequence number

PSARC 2008/014 SHA-2 support for IPsec and IKE
6586319 Need to enable SHA-256,384,512 support in AH, ESP, and IKE
6663271 sha2_mac_verify_atomic() function is missing SHA384 exceptions

6516622 ACQUIRE-specified lifetimes are now ignored by in.iked
6609988 superfluous debugging in isakmp_udp.c
6612767 Logfile time stamp for in.iked a bit OTT
6612771 Some in.iked messages contain information thats no longer useful

PSARC/2007/409 RFC 3526 Diffie-Hellman groups for IKE
4886779 RFC 3526 Diffie-Hellman groups for IKE

6520181 in.iked leaks memory when parsing config with duplicate encr_alg
6520196 ikeadm cannot configure keysizes
6520197 ikeadm should print keysizes of algorithms

PSARC 2006/409 IKE configuration of SA lifetimes
5039559 IKE should use soft expires and aggressively negotiate new SAs
6412531 Comments in ssh-stubs.c are incorrect
6431529 update_assoc_lifetime() does not update SOFT lifetimes

PSARC 2005/575 ikecert certlocal private key import into a keystore
6228358 ikecert certlocal -a should be allowed on a PKCS#11 token
6314433 in.iked needs to reject identical rule label additions
6314444 ikeadm add preshared got core dump with incomplete arguments
6331159 If the only pre-shared key is deleted, the IKE daemon can not add new keys from a file
6331246 certlocal -r should not delete public key
6333081 ike needs to reject identical preshared object additions
6334208 dumping preshared keys with different types can cause in.iked core dump
6334300 in.iked memory leak when referenced keystore certs do not exist
6337221 in.iked shouldn't treat a bad preshared key file as fatal
6338331 debug statement can cause in.iked crash as v6 responder

OpenSolaris Launch

PSARC 2010/101 in.iked preshared key file extensions
6511591 Support at least remote-prefixes for preshared key entries

PSARC 2010/102 ikeadm dump algs
6927650 provide the list of DH groups in ikeadm
6927657 provide the list of algorithms offered by iked for IKE in ikeadm

PSARC 2010/055 ECP and RFC5114 groups for IKE
6586320 RFC 4753 ECP groups needed for IKE
6900895 RFC 5114 ECP Diffie-Hellman groups
6897862 RFC 5114 integer modulus Diffie-Hellman groups

6874992 in.iked does not use network byte order for IP address in sendto() call
6874983 ikedoor.h is not C++ safe
6885833 IPsec utilities should print lifetimes in human readable format
6889086 ikeadm reports kilobyte lifetimes with wrong units
6898492 iked should enforce lower maximum values for lifetimes
6897711 iked debug output should be less confusing for average sysadmin
6902926 SOFT kilobyte expires for inbound SAs should make it to userland and be reacted upon

PSARC/2008/252 Labeled IPsec phase 1
6886771 Labeled IPsec phase 1
6808727 Alignment error panic in tsol_can_accept_raw()
6894979 nightly -0 + -p builds then destroys SUNW0on

6824443 Make in.iked a 64-bit process when possible.

PSARC 2008/525 ikeadm token login
6219638 in.iked(1m) should not have to read PKCS#11 pins off-disk
6780866 ikeadm should use authorizations

PSARC 2008/523 IPsec session failover
6398024 IPsec should support session failover across machines
6545486 PF_KEY needs to set an SA's sequence number

PSARC 2008/014 SHA-2 support for IPsec and IKE
6586319 Need to enable SHA-256,384,512 support in AH, ESP, and IKE
6663271 sha2_mac_verify_atomic() function is missing SHA384 exceptions

6516622 ACQUIRE-specified lifetimes are now ignored by in.iked
6609988 superfluous debugging in isakmp_udp.c
6612767 Logfile time stamp for in.iked a bit OTT
6612771 Some in.iked messages contain information thats no longer useful

PSARC/2007/409 RFC 3526 Diffie-Hellman groups for IKE
4886779 RFC 3526 Diffie-Hellman groups for IKE

6520181 in.iked leaks memory when parsing config with duplicate encr_alg
6520196 ikeadm cannot configure keysizes
6520197 ikeadm should print keysizes of algorithms

PSARC 2006/409 IKE configuration of SA lifetimes
5039559 IKE should use soft expires and aggressively negotiate new SAs
6412531 Comments in ssh-stubs.c are incorrect
6431529 update_assoc_lifetime() does not update SOFT lifetimes

PSARC 2005/575 ikecert certlocal private key import into a keystore
6228358 ikecert certlocal -a should be allowed on a PKCS#11 token
6314433 in.iked needs to reject identical rule label additions
6314444 ikeadm add preshared got core dump with incomplete arguments
6331159 If the only pre-shared key is deleted, the IKE daemon can not add new keys from a file
6331246 certlocal -r should not delete public key
6333081 ike needs to reject identical preshared object additions
6334208 dumping preshared keys with different types can cause in.iked core dump
6334300 in.iked memory leak when referenced keystore certs do not exist
6337221 in.iked shouldn't treat a bad preshared key file as fatal
6338331 debug statement can cause in.iked crash as v6 responder

OpenSolaris Launch