Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
162,998 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

1116 Commits

Author SHA1 Message Date
adrianp c9951c135d Fix for CVE-2007-4995 from OpenSSL CVS 2007-10-21 20:34:14 +00:00
manu 57c0ea0775 Add SPLITNET_{INCLUDR_LOCAL}_CIDR to hook scripts 2007-10-19 03:37:18 +00:00
vanhu 702eac21e5 Try to increase the buffer size of the pfkey socket, this may help things when we have a huge SPD 2007-10-15 16:05:01 +00:00
vanhu 657e6e5324 new plog macro 2007-10-02 09:48:08 +00:00
vanhu 4e4df07d61 From Scott Lamb: include plog.h to work with the new plog macro. 2007-10-02 09:47:55 +00:00
vanhu 400c6ca5a9 From Scott Lamb: plog changed to _plog to work with new plog macro 2007-10-02 09:47:45 +00:00
vanhu c12d0d481a From Scott Lamb: new plog macro. 2007-10-02 09:47:40 +00:00
drochner 0e0b59826f apply a patch from openssl CVS to fix a remaining off-by-one error 
in an older security fix, see
http://www.securityfocus.com/archive/1/480855/30/0/threaded
 2007-09-28 13:09:26 +00:00
mgrooms 26182f1f5d Set REUSE option on sockets to prevent failures associated with closing and immediately re-opening. Submitted by Gabriel Somlo. 2007-09-19 19:29:36 +00:00
mgrooms 33e6656ef9 Prevent duplicate entries in splitnet list. Submitted by Gabriel Somlo. 2007-09-19 19:20:25 +00:00
mgrooms 8293a09746 Fix autoconf check for selinux support. Submitted by Joy Latten. 2007-09-13 00:26:14 +00:00
mgrooms aca8e1eed2 Implement clientaddr sainfo remote id option and refine the sainfo man page syntax. 2007-09-12 23:39:49 +00:00
tron 6dda4e3f48 Use poll(2) to wait for rnd(4). The initialisation of OpenSSL's RNG 
now works reliably if the first FD_SETSIZE file descriptors are in use.
 2007-09-07 08:10:00 +00:00
mgrooms 324a68d0b7 Sort sainfo sections on insert and improve matching logic. 2007-09-05 06:55:44 +00:00
mgrooms edac7dae7c Correct the syntax for wins4 in the man page and add nbns4 as an alias. Pointed out by Claas Langbehn. 2007-09-03 18:08:42 +00:00
manu 1c79bc103b src/racoon/isakmp_xauth.c: Don't mix up RADIUS authentication and 
authorization ports. Allow interoperability with freeradius
 2007-08-07 04:35:01 +00:00
taca 9fcfdb104e Apply a patch from https://bugzilla.mindrot.org/show_bug.cgi?id=1306. 
Fix nasty "error: channel 0: chan_read_failed for istate 3" message.
 2007-07-31 03:09:49 +00:00
mgrooms 8628a88239 Update NEWS file with additional 0.7 improvements. 2007-07-24 04:29:23 +00:00
mgrooms 9b7e05e155 Various racoon configuration manpage updates. 2007-07-18 22:50:47 +00:00
christos 0878f17383 PR/36665: Matthias Scheler: Thread support is not enabled in NetBSD's OpenSSL 
I enabled it.
 2007-07-18 20:19:56 +00:00
vanhu c3bc7fe364 use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues 2007-07-18 12:07:49 +00:00
vanhu 9f7ae421ea fixed a socket leak 2007-07-16 15:05:10 +00:00
vanhu 0fd2ceaf72 indentation 2007-07-16 15:03:13 +00:00
christos 4d0c78dab0 PR/36624: Edgar Fu: sshd should not check pw_{expire,change} if UsePam is 
enabled. This is what the "portable" version of openssh does.
 2007-07-10 15:48:56 +00:00
christos a39c84a8c3 PR/36623: Edgar Fu: ssh publickey authentification fails if homedir not present 
Removed extra realpath check that was introduced by a bogus merge.
 2007-07-10 14:56:25 +00:00
christos 30638c77c3 PR/36562: Takeshi Nakayama: sshd(8) HostbasedAuthentication fails after 
upgrading to 4.0_BETA
Remove $HOME test since this is also used by sshd.
 2007-06-26 18:28:34 +00:00
christos d1cb3ec527 remove unused variable. 2007-06-25 01:42:31 +00:00
christos c6b86acffc don't use __progname for the pam service name. Hard-code it to "sshd" 2007-06-24 23:48:30 +00:00
manu 72fe4c3a84 From Paul Winder <Paul.Winder@tadpole.com>: 
Fix ignored INTERNAL_DNS4_LIST
 2007-06-07 20:04:26 +00:00
vanhu 6ae0ffb7d9 From Rong-En Fan: fix compilation with gcc 4.2 2007-06-06 15:37:15 +00:00
vanhu cc41629a4c fixed compilation with gcc 4.2 2007-06-06 15:37:14 +00:00
vanhu 6817ea28d9 speeds up interfaces update when they changed 2007-06-06 09:47:30 +00:00
vanhu 1ed22670fa From Jianli Liu: speed up interfaces update when they change. 2007-06-06 09:47:29 +00:00
vanhu 7c53bfe0b6 ignore obsolete lifebyte when validating reloaded configuration 2007-06-06 09:18:16 +00:00
manu a16fcccee0 From Joy Latten <latten@austin.ibm.com> 
Fix file descriptor shortage when using labeled IPsec.
 2007-05-31 19:54:54 +00:00
manu 23326f5b62 From Jianli Liu <jlliu@nortel.com>: 
In racoonctl, use the specified socket path instead of the default location
 2007-05-30 21:02:39 +00:00
christos 5d1825b2a1 Use RESCUEDIR if set. 2007-05-17 00:17:50 +00:00
christos 538010e358 coverity CID 4168: yyerror() does not return, so we proceed to de-reference 
NULL. Make it return -1 instead like in other places.
 2007-05-16 21:00:40 +00:00
christos dc073934fe coverity CID 4170: yyerror() does not return, so we proceed to de-reference 
NULL. Make it return -1 instead like in other places.
 2007-05-16 20:59:04 +00:00
vanhu 5e29f1f1bb search a ph1 by address if iph2->ph1 is NULL when validating the new config 2007-05-04 14:33:38 +00:00
vanhu 79dfa780cb ... 2007-05-04 09:10:07 +00:00
vanhu 0f20ab497d added some debug in getph1byaddr() to track some port matching problems with NAT-T 2007-05-04 09:09:54 +00:00
vanhu e91f01072a added some debug in isakmp_chkph1there() to track some port matching problems with NAT-T 2007-05-04 09:09:47 +00:00
vanhu ff0f36d165 added some debug for DELETE_SA process 2007-05-04 09:09:35 +00:00
vanhu ae24f5b259 Force the update of ph2 in pk_recvupdate() if NAT_T support, to solve some port match problems with the first IPSec SAs negociated as initiator 2007-05-04 09:09:26 +00:00
plunky e3a1867a4d fix usage error: use type for .Ft 2007-04-13 18:22:08 +00:00
vanhu ace683e685 checks proto_id in ipsecdoi_chkcmpids() 2007-04-04 13:09:36 +00:00
vanhu f31c3aee8e dumps peer's ID and peer's certificate subject /subjectaltname if they don't match 2007-04-04 13:07:31 +00:00
vanhu 52c7a2891e Store the DPD main scheduler in ph1 handler, to be able to cancel it when removing the handler, and some minor cleanups in DPD code 2007-03-26 15:58:07 +00:00
christos 8f6921b522 PR/36069: Huang Yushuo: racoon can't work with pam_group 
Set RUSER.
 2007-03-24 02:07:42 +00:00