racoon(8) is the current IKEv1 implementation used in NetBSD. The racoon code is old and crufty and full of potential security issues. We would like to replace it. There are other implementations available, such as StrongSwan, openiked/isakmpd, racoon2.

This project has two stages:

I have started working on that for racoon2 on https://github.com/zoulasc/racoon2/ (see the TODO file), and also have a build glue for NetBSD for it https://github.com/zoulasc/racoon2-glue/ and it works. I've also gotten openiked to compile (but not work).

Add a comment