Commit Graph

13 Commits

Author SHA1 Message Date
itojun
33fe7af9a4 sync with latest kame setkey(8), modulo icmp6 hack.
pfkey.c is now more picky about buffer length validation.
spddump (setkey -DP) will print lifetime information.
2002-05-14 11:24:20 +00:00
wiz
456dff6cb8 Spell 'occurred' with two 'r's. 2001-09-16 16:34:23 +00:00
matt
6ac8d1ec06 More include cleanup. Remvoe (p) from #undef in libipsec. 2000-07-03 03:56:20 +00:00
itojun
92e64a4a0d sync with almost-latest KAME IPsec. full changelog would be too big
to mention here.  notable changes are like below.

kernel:
- make PF_KEY kernel interface more robust against broken input stream.
  it includes complete internal structure change in sys/netkey/key.c.
- remove non-RFC compliant change in PF_KEY API, in particular,
  in struct sadb_msg.  we cannot just change these standard structs.
  sadb_x_sa2 is introduced instead.
- remove prototypes for pfkey_xx functions from /usr/include/net/pfkeyv2.h.
  these functions are not supplied in /usr/lib.

setkey(8):
- get/delete does not require "-m mode" (ignored with warning, if you
  specify it)
- spddelete takes direction specification
2000-06-12 10:40:37 +00:00
itojun
8ab75e23f4 hide shouldn't-be-exported symbols from the outside.
don't compile pfkey*, since we expect tons of changes in the near future.

bump shlib major (due to less exported APIs than before - am I correct here?).
2000-03-13 21:23:55 +00:00
itojun
667dbda449 use proper include path (net/pfkeyv2.h) 2000-02-08 13:17:51 +00:00
itojun
28dacfc3da don't include in6.h directly. 2000-02-08 13:14:35 +00:00
itojun
e5e6464767 upgrade libipsec to the latest.
- parser now uses yacc/lex (there'll be no symbol conflict).
- outbound policy and inbound policy is now separate
- policy specification for tunnel SA is improved
- api changed, bump shlib major

XXX some of programs will become not buildable - will commit shortly
2000-01-31 14:15:30 +00:00
itojun
64061af71d temporary workaround against KAME PR 154.
http://www2.kame.net/dev/query-pr.cgi?pr=154

This allows many keys to be dumped via "setkey -D", or many keys
to be configured by single "setkey -c < foo" command.
1999-09-16 04:20:03 +00:00
itojun
0516428837 add NetBSD RCS ID on the top.
retain KAME RCS ID where there was one.
1999-07-04 01:36:12 +00:00
itojun
95fa2d90fb s/CFLAGS/CPPFLAGS/ for -D and -I.
remove lint error.
1999-07-03 06:59:28 +00:00
simonb
3f777e28cc More trailing white space. 1999-07-02 15:58:35 +00:00
itojun
85685e0177 ipsec support library.
mainly for debugging, and policy text->binary conversion.  NO crypto code
is included so it is export safe.
1999-07-01 20:15:26 +00:00