Commit Graph

1245 Commits

Author SHA1 Message Date
tteras 191869cf2a From Krzysztof Piotr Oledzki:
Make privileged process exit if unprivileged process is terminated and
some spelling fixes.
2008-08-06 19:14:28 +00:00
simonb 5a3c2f6809 Revert the HPN changes that added verbose "Max throughput" summary
after scp(1) finishes.
2008-08-05 14:13:34 +00:00
veego cca63e16c3 Restore .hx support for avoiding unneeded regeneration of header files
Fix PR lib/39185

Partly restore the changes which were removed during the Heimdal 1.1 update:
src/lib/libasn1/Makefile 1.28 -> 1.29
src/lib/libhdb/Makefile 1.21 -> 1.22
src/crypto/dist/heimdal/lib/asn1/gen.c 1.8 -> 1.9

Add .hx support in 'new' heimdal libraries:
src/lib/libgssapi/Makefile
src/lib/libhx509/Makefile

Add a new entry in doc/HACKS for this changes.
2008-08-03 07:16:58 +00:00
mgrooms 9ef0a25aeb Add some missing ifdefs required for non-radius enabled builds. 2008-07-23 17:36:00 +00:00
tteras 4521811287 Do not use GNU make specific extension. 2008-07-23 13:53:08 +00:00
tteras 28aa26f3de Do flex/bison invocation in a more standard way, and keep the generated
files in the dist tarball.
2008-07-23 09:06:51 +00:00
vanhu 826c52702d From Kohki Ohhira: fix some memory leaks, when malloc fails or when peer sends invalid proposal. 2008-07-22 13:25:18 +00:00
vanhu 754d7776f7 fixed some memory leaks, when malloc fails or when peer sends invalid proposals 2008-07-22 13:25:17 +00:00
mgrooms fd9755072f Add an optional radius configuration section to the racoon.conf file. This
is similar to the the LDAP configuration section and overrides settings in
the system radius configuration file.
2008-07-22 01:30:02 +00:00
tron 0cc0bec23e Correct typo to fix the build. 2008-07-21 09:43:03 +00:00
tteras ca3b7c5a9f Separate generic vendor id handling to a new function and use it. 2008-07-21 06:26:06 +00:00
tteras 7a1c3cb1b8 Do not set default gss id if xauth is used, otherwise gss-id attribute
might be sent even if it was not requested.
2008-07-21 06:24:29 +00:00
mgrooms 879eeb1025 Fix an a typo that prevented racoon from building with hybrid enabled. 2008-07-15 02:16:58 +00:00
mgrooms 6353d50296 Update changelog which was missed in my previous commit. 2008-07-15 00:53:36 +00:00
mgrooms 8f0b3482bc Fix a conflict with the FreeBSD 8 system hexdump function. 2008-07-15 00:47:09 +00:00
tteras 56a42db6a6 Handle RESPONDER-LIFETIME notification in quick mode. 2008-07-14 05:45:15 +00:00
tteras 583275a951 Clean up notification payload handling. Handle INITIAL-CONTACT notification
in last main mode exchange (delayed) and during quick mode exchanges.
2008-07-14 05:40:13 +00:00
tteras 75bc4bd6cd Original patch from Atis Elsts:
Fix a double memory free and a memory corruption (LIST_REMOVE() on
an uninserted node) in some error handling paths.
2008-07-11 08:02:06 +00:00
tteras 7f51b6fe42 From Chong Peng:
fix a file descriptor and memory leak on configuration file reread
2008-07-09 12:16:50 +00:00
vanhu d20c6ed916 From Timo Teras: fix some %d to %zu (size_t values) 2008-07-02 14:46:27 +00:00
vanhu 874968c865 fixed some %d to %zu (size_t values) 2008-07-02 14:46:26 +00:00
christos a494eea816 Add an ifdef to disable the AES_CTR_MT cipher because static binaries don't
work with -pthread, and /rescue is linked against libssh.
2008-06-23 14:51:31 +00:00
christos 80a665de90 Add the HPN patch for ssh:
http://www.psc.edu/networking/projects/hpn-ssh/
2008-06-22 15:42:50 +00:00
wiz bf3ddb193b Bump date for previous. 2008-06-18 07:40:16 +00:00
mgrooms 93c1205f96 Add an admin port command to retrieve the peer certificate. Submitted by Timo Teras. 2008-06-18 07:12:04 +00:00
mgrooms c47cb1615c Add an admin port command to retrieve the peer certificate. Submitted by
Timmo Teras.
2008-06-18 07:12:03 +00:00
mgrooms 01e8cc1e5d Set sockets to be closed on exec to avoid potential file descriptor inheritance issues. Submitted by Timo Teras. 2008-06-18 07:04:23 +00:00
mgrooms 5d397c5ba5 Set sockets to be closed on exec to avoid potential file descriptor
inheritance issues. Submitted by Timmo Teras.
2008-06-18 07:04:22 +00:00
mgrooms 7598372e37 Use utility functions to evaluate and manipulate network port values. No functional changes. Submitted by Timo Teras. 2008-06-18 06:47:25 +00:00
mgrooms 2c40396f3a Use utility functions to evaluate or manipulate network port values. No
functional changes. Submitted by Timmo Teras.
2008-06-18 06:47:24 +00:00
mgrooms 7dac642960 Admin port code cleanup. No functional changes. Submitted by Timo Teras. 2008-06-18 06:27:49 +00:00
mgrooms 18fc645e9a Admin port code cleanup. No functional changes. Submitted by Timmo Teras. 2008-06-18 06:27:48 +00:00
mgrooms 9345b05cc4 Correct a phase2 status event. Submitted by Timo Teras. 2008-06-18 06:11:38 +00:00
mgrooms b163716d45 Correct a phase2 status event. Submitted by Timmo Teras. 2008-06-18 06:11:37 +00:00
tls f5792c6ee8 Apply patch from Darryl Miles which adjusts SSL_shutdown's behavior for
non-blocking BIOs so that it is sane -- so that, in other words, -1 with
a meaningful library error code (WANT_READ or WANT_WRITE) is returned
when we would block for I/O.  Without this change, you have to sleep or
spin -- you can't know how to put the underlying socket in your select
or poll set.

Patch from http://marc.info/?l=openssl-dev&m=115154030723033&w=2 and
rationale at http://marc.info/?l=openssl-dev&m=115153998821797&w=2 where
sadly they were overlooked by the OpenSSL team for some time.  It is hoped
that now that we've brought this change to their attention they will
integrate it into their sources and we can lose the local change in
NetBSD.
2008-06-10 19:45:00 +00:00
tonnerre 31197b7671 Fix two Denial of Service vulnerabilities in OpenSSL:
- Fix flaw if server key exchange message is omitted from a TLS handshake
   which could lead to a silent crash.
 - Fix double free in TLS server name extensions which could lead to a
   remote crash.

Fixes CVE-2008-1672.
2008-06-05 15:30:10 +00:00
christos 90318d80f4 PR/38728: Tomoyuki Okazaki: Enable Camellia 2008-05-26 16:39:45 +00:00
christos a41e5a83be Add coverity alloc comment. 2008-05-24 20:07:00 +00:00
christos cfb67f710f add a coverity alloc comment. 2008-05-24 20:05:52 +00:00
christos e520f14ae6 Coverity CID 5003: Fix memory leak. 2008-05-24 20:00:07 +00:00
christos e3ee1b22da Coverity CID 5004: Fix double free. 2008-05-24 19:58:01 +00:00
christos 78dc0fbbfc Add a coverity alloc comment. 2008-05-24 19:54:43 +00:00
christos 13ebcc71fb Add a coverity alloc comment 2008-05-24 19:52:36 +00:00
christos c2e438738f Coverity CID 5007: Avoid double free. 2008-05-24 19:48:27 +00:00
christos 677bd71b1f Add a coverity allocation comment. 2008-05-24 19:46:32 +00:00
christos 66009f62a3 Coverity CID 5010: Avoid buf[-1] = '\0' on error. 2008-05-24 19:32:28 +00:00
christos aa3b40a116 Coverity CID 5018: Fix double frees. 2008-05-24 18:39:40 +00:00
christos b6c10a6fe5 avoid using free_func as an argument because it is already a typedef. 2008-05-10 16:52:05 +00:00
christos 33d34d249c fix version string 2008-05-09 22:10:19 +00:00
christos 2149db96e3 resolve conflicts 2008-05-09 21:49:39 +00:00