Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
138,162 Commits 606 Branches 0 Tags 3.1 GiB
243d04ef01
Commit Graph

799 Commits

Author SHA1 Message Date
christos
eb8e3b9ad4 Add proper casts. Fix a problem where (uint32_t < ~0). Cast both ~0's to 
u_int, since this is what the author intended.
 2005-06-28 16:12:41 +00:00
christos
ca496ece2e - Add lint comments 
- Fix bad casts.
- Comment out unused variables.
 2005-06-28 16:04:54 +00:00
christos
a1625e9ee8 Fix an error I introduced in the previous commit. The length could be 0. 
Also parenthesize an expression properly.
 2005-06-28 16:03:09 +00:00
christos
444efb36db deal with casting/caddr_t stupidity. It is not 1980 anymore and people should 
start using void *, instead of caddr_t.
 2005-06-27 03:19:45 +00:00
christos
983e538712 Collect externs into one file instead of duplicating them everywhere. 2005-06-26 23:49:31 +00:00
christos
dd8cdde018 Fix compiler warnings. 2005-06-26 23:34:26 +00:00
christos
fba8d9ce60 Fix some of the pointer abuse, and add some const. Not done yet. 2005-06-26 21:14:08 +00:00
manu
dd3259cec0 NAT-T fix: We treat null ports in SPD as wildcard so that IKE ports 
are used instead. This was done on phase 2 initiation from the kernel
(acquire message), but not on phase 2 initiation retries when the
phase 2 had been queued  for a phase 1.
 2005-06-22 21:28:18 +00:00
manu
13ca728372 Consume NAT-T packets that have already been seen through MSG_PEEK 2005-06-15 07:29:20 +00:00
chs
7bbdd188e1 appease gcc -Wuninitialized on hp700. 2005-06-05 19:08:28 +00:00
manu
6ec5a5a9b7 Fix Xauth login with PAM authentication 2005-06-04 22:09:27 +00:00
manu
2c39301c40 Endianness bug fix 2005-06-04 21:55:05 +00:00
manu
311dff8be0 Missing 0th element in rm_idtype2doi array 2005-06-03 22:27:06 +00:00
lukem
d687f4502c appease gcc -Wuninitialized 2005-06-02 04:59:17 +00:00
lukem
936a4cd73f Don't attempt to close a random file descriptor upon error. 
Detected with gcc -Wuninitialized.
 2005-06-02 04:57:33 +00:00
lukem
08ef6270ca appease gcc -Wuninitialized 2005-06-02 04:56:14 +00:00
lukem
89f4d29f7d Appease gcc -Wuninitialized, in a similar method used elsewhere in the 
same function.
 2005-06-02 04:43:45 +00:00
lukem
6e3cdc676d appease gcc -Wuninitialized 2005-06-01 12:07:00 +00:00
wiz
8bf012821a Drop trailing whitespace. 2005-05-25 16:57:39 +00:00
wiz
bf77c4e4b3 Drop trailing whitespace and a grammar fix. 2005-05-25 10:09:36 +00:00
manu
bd592e6e99 Really delete phase 1 on Xauth failure 2005-05-20 07:34:47 +00:00
manu
48fade8581 Fix NAT-T plus IPcomp 2005-05-20 01:28:13 +00:00
manu
c6660c31c6 Fix parse bug in IPsec policies 2005-05-20 00:57:33 +00:00
manu
2e090d4afb When altering the lifetime, don't modify to configured proposal, duplicate 
it instead.
 2005-05-20 00:54:55 +00:00
christos
137ea645ec PR/30198: Lubomir Sedlacik: The forwarding listening host is optional; don't 
try to free it.
 2005-05-18 16:11:11 +00:00
manu
6add206c2f - Fix a double free 
- For acquire messages, when NAT-T is in use, consider null port as a
  wildcard and use IKE port
 2005-05-13 14:09:44 +00:00
manu
a5a80e2b4d Update sample config file to higher security settings 2005-05-10 10:22:03 +00:00
manu
aed94b2d22 Add two Cisco extensions for pushing PFS group and save password 
setting throug ISAKMP mode config
 2005-05-10 09:54:43 +00:00
manu
db7c068992 proposal_check fixes: 
- fix claim behavior in phase 1
- also check lifebyte
 2005-05-10 09:23:36 +00:00
lukem
56b6919254 Remove a stale #endif, and add one missing at EOF. 
Noticed by code inspection and confirming by diffing against the vendor source.
The previous code compiled, but it certainly wouldn't have DTRT ...
 2005-05-08 23:30:46 +00:00
christos
0a3fafc305 Update PAM from the "portable openssh" 4.0p1 2005-05-08 21:15:04 +00:00
he
8d29e11e90 Add a prototype for getph2bysaddr(), fixes build problem for isakmp.c. 2005-05-08 14:14:18 +00:00
manu
873e8e21a9 More NAT-T fixes for the situation where racoon acts as a VPN client 
Flush SA and generated SP on DPD timeout and deletion payloads
 2005-05-08 08:57:26 +00:00
manu
63a609062e From Manisha Malla <mmanisha@novell.com>: 
fix unsigned int checked for being negative
 2005-05-04 17:23:10 +00:00
manu
8bf053b3f3 on phase 2 acquire, lookup phase 2 by (src, dst, policy id) so that 
multiple SA can be used in transport mode

While I'm there, patch ipsec-tools ChangeLog to reflect the changes we
took from ipsec-tools-0_6-branch
 2005-05-03 21:08:47 +00:00
uwe
f3b48582e5 return statements in void functions make lint very confused. 2005-04-27 22:38:56 +00:00
manu
10802677c9 Bug fixes from the ipsec-tools 0.6 branch: 
- Fix NAT-T problems that prevented multiple peers behind the same NAT
  to talk to the same machine outside the NAT. This also require kernel
  fixes (already committed eralier)
- Fix a LP64 bug
- Fix NAT-T RFC conformance bugs (missing non ESP marker in packets)
- Add a -p option to setkey to display ports that could be used for ESP
  over UDP when printing policies
 2005-04-27 05:19:49 +00:00
matt
d627c3edde Don't emit struct units [] anymore. emit a struct units * const foo and 
in the C file initialize that to the static list.
 2005-04-25 17:20:51 +00:00
matt
5ac7f26c22 Emit headers with #include <parse_units.h> so that struct units is defined 
so that extern struct units <foo> will not cause errors with gcc4.x
 2005-04-25 01:25:25 +00:00
kleink
14fc3b7ba8 Fix printf format/argument mismatch. 2005-04-24 13:31:01 +00:00
christos
a8090b3963 add back moduli 2005-04-23 21:12:47 +00:00
christos
31ed567522 resolve conflicts. 2005-04-23 19:31:14 +00:00
christos
ed314b4eb0 from www.openssl.org 2005-04-23 19:10:56 +00:00
christos
0df7655544 bring back files that this update removed. 2005-04-23 16:55:03 +00:00
christos
8471a3b7da resolve conflicts. 2005-04-23 16:53:28 +00:00
christos
70917d9a4b Import OpenSSH 4.0 from ftp.openbsd.org 2005-04-23 16:28:01 +00:00
manu
6845962b31 Fix simple DES support (security problems for racoon to racoon setups) 
Fix broken generated policies flush
 2005-04-19 19:42:08 +00:00
christos
97b2d3b1c8 check for pwd != NULL in getpwnam_r. From John Nemeth. 2005-04-19 12:55:31 +00:00
manu
d3e5d568cd Fix SA lifebyte check 2005-04-18 11:15:01 +00:00
wiz
e35111eeee Some more minor changes, ok manu@. 2005-04-17 01:03:46 +00:00