Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
177,176 Commits 606 Branches 0 Tags 3.1 GiB
5d551dd0c7
Commit Graph

1309 Commits

Author SHA1 Message Date
tteras
2b68c3a06a Autogenerate ChangeLog from NetBSD CVS. Put sourceforge.net changes to 
ChangeLog.old.
 2009-01-20 14:36:07 +00:00
wiz
67cbe60826 Make ready for HTML output. 
Use proper escape for backslash ('\e').
 2009-01-10 21:58:38 +00:00
tteras
f7557f766d From Cyrus Rahman: 
Accept RFC2253 compliant escaped special characters for asn1dn identifier.
 2009-01-10 19:08:40 +00:00
tteras
a0b1dc6be0 Fix a CPPLAGS typo to CPPFLAGS which was intended 2009-01-09 06:31:38 +00:00
tteras
9df0ec5c7e Fix a CPPLAGS type to CPPFLAGS which was intended 2009-01-09 06:31:37 +00:00
christos
10c9b70baa Correct error checking for DSA and ECDSA keys (from FreeBSD) 2009-01-07 23:05:07 +00:00
tteras
b264308e87 Remove obsolete configuration options, fix radius configuration block and 
add GRE as recognized protocol.
 2009-01-05 06:03:58 +00:00
tteras
328859aef7 Do not use counting in signal handling as it was unsafe by not using 
atomic functions (post increment is not necessarily atomic).
Instead reap all children on SIGCHLD as that was the only signal needing
signal counting.
 2009-01-05 06:00:27 +00:00
tteras
a3c1a92d23 schedular() call can now modify fd mask so make the working copy just 
before calling select(); otherwise it can contain bad file descriptors
 2008-12-30 15:50:24 +00:00
mlelstv
e5b90a2fc2 support icmp codes. Fixes PR 39056. 2008-12-29 12:54:33 +00:00
christos
aa3382cd31 remove sin{6,}_len linux does not have it. From Timo Teras. 2008-12-24 20:20:52 +00:00
christos
6c532322d2 I was wrong. addr is actually set. 2008-12-24 19:05:48 +00:00
christos
16b17fbeab - make this compile by zeroing out the whole structure not just bogus fields. 
- set length field of sockets appropriately.
- mark bogus no-op code (I don't understand what the author intended here).
 2008-12-24 15:25:44 +00:00
wiz
c1e7a459ca Bump date for identity configuration option removal. 2008-12-23 19:28:18 +00:00
tteras
535280aca9 Remove the obsoleted global identity configuration option. 2008-12-23 14:04:42 +00:00
tteras
bd378f6dda rewrite local address detection 
make some functions static that arr not needed globally
rework how fd_set is construction for the main loop select()
 2008-12-23 14:03:12 +00:00
tteras
182f0b93be From Arnaud Ebalard: 
Delete larval ph2handles when expire with hard lifetime received
 2008-12-18 07:20:25 +00:00
tteras
50a2f2e6d0 Update README 2008-12-16 06:48:38 +00:00
tteras
b2b7434a10 Fix transport mode address selection in acquire handling. 
Some earlier fixes got lost on 2008-12-05 commit.
 2008-12-16 06:08:46 +00:00
vanhu
a75f34b133 Fixed compilation on FreeBSD (RTM_IFINFO and RTM_OIFINFO stuff) 2008-12-11 15:45:24 +00:00
vanhu
cffd15164d Fixed compilation when DPD support is disabled 2008-12-11 15:33:59 +00:00
bad
f140528153 Document my fix to src/racoon/privsep.c for the SIG_IGN typo on 2008-12-04. 2008-12-09 23:28:08 +00:00
tteras
dae665ff27 Do not cache pfkey sockets: it might cause to not handle some pfkey events 
when select() has marked pfkey socket readable, but a timer callback first
calls pfkey_dump_sadb().
 2008-12-08 06:00:53 +00:00
tteras
02f2a72861 From Arnaud Ebalard: 
Improved Mobile IPv6 support per draft-ebalard-mext-pfkey-enhanced-migrate.
 2008-12-05 06:02:20 +00:00
bad
3ef91ecea8 Fix typo in previous and use SIG_IGN as I intended. 2008-12-04 22:30:26 +00:00
tteras
22b0737f30 Explicitly ignore SIGPIPE. Default action on Linux is terminate. 2008-12-02 07:41:43 +00:00
wiz
659c30f2ba Remove empty line. Fix typo. New sentence, new line. 2008-11-28 22:37:44 +00:00
vanhu
0b0a39b9f9 ModeConfig fixes 2008-11-27 15:04:34 +00:00
vanhu
3a74e20575 Set up a default value for Mode Config Pool size if pool address specified but pool size not specified 2008-11-27 15:04:21 +00:00
vanhu
054e0e851d Fixed pool resizing 2008-11-27 15:04:16 +00:00
tteras
f863fa40c3 From Arnaud Ebalard: 
Remove MAXNESTEDSA weirdness. It's probably meant for bundle support which
is not done. When someone actually writes bundle support, the nested SA
stuff would probably be reworked too anyway.
 2008-11-27 11:08:48 +00:00
tteras
1c6c2a3356 From: Matthew Krenzer 
Ability to set pfkey socket buffer size via configuration file directive.
(Indentation and minor fixes by me.)
 2008-11-27 10:53:48 +00:00
bad
e564489300 Document my changes from 2008-11-08 and today. 2008-11-25 22:39:20 +00:00
bad
f798cbf18b Avoid using MSG_NOSIGNAL as it is not available everywhere. 
Ignore SIGPIPE instead.
 2008-11-25 22:38:31 +00:00
bad
d9c51cbeae Ignore unspecified and looback addresses. Ignoring unspecified addresses 
prevents racoon from trying to bind to the wildcard address and specific
addresses simultaneously after e.g. dhclient has changed an interface's
address to 0.0.0.0.
 2008-11-25 22:00:15 +00:00
bad
e7c2314bc8 RTM_DELETE and RTM_IFINFO don't carry info for added or deleted addresses. 
Ignore them silently.
 2008-11-25 21:54:05 +00:00
bad
6db1040de3 Ignoring an unsuitable address is not an error. Therefore log it as 
informational.
Make it clear from the log message that a route message is not interesting.
 2008-11-25 21:50:47 +00:00
bad
220cbdde75 Use insmyaddr() instead of open coding it. 2008-11-25 21:46:12 +00:00
bad
b8d42d186b Do not return erroneously from isakmp_open() when setting IPV6_USE_MIN_MTU 
fails.
 2008-11-25 21:42:36 +00:00
bad
667107700d Keep myaddr.sock at -1 when no socket is opened. 2008-11-25 21:37:11 +00:00
bad
96020e15cb Preserve owner and permissions of original /etc/resolv.conf. 
Ensure that new /etc/resolv.conf isn't group or world writable.
 2008-11-08 13:41:09 +00:00
bad
447613dc6a Print and check INTERNAL_NETMASK4. 2008-11-08 13:38:46 +00:00
bad
aabe06ab2f Make the handling of NAT-T SPD entries automatic. 2008-11-08 13:36:35 +00:00
bad
5a8370eefd Ensure that the determination of the default gateway and the corresponding 
interface don't get confused by multiple, possibly non-IPv4  default routes.
Bring the NetBSD case of deleting the VPN routes and address in line with
the Linux case and delete the address after deleting the VPN routes.
 2008-11-08 13:31:23 +00:00
wiz
a4814aed6a The escape sequence for a backslash is "\e". 2008-11-07 16:51:27 +00:00
reed
a455765d91 Use line continuation for an example. It was too wide for my output 
so was cropped.

Already shared upstream and was told (in September) will be in next
major release.
 2008-11-07 15:50:38 +00:00
vanhu
33dafe234f fixed delsainfo() to avoid a crash when iddst's value is SAINFO_CLIENTADDR 2008-11-06 14:12:28 +00:00
tteras
66f152db75 Add ChangeLog entry about S.P.Zeidler's commit. Fix my name in one place. 2008-11-01 06:55:10 +00:00
spz
334414e667 Changes to ipsecdoi_id2str(): 
struct sockaddr -> struct sockaddr_storage fixes a stack overflow

For non-linklocal addresses the value in 'scope' is garbage and gets
set to zero instead.
 2008-10-29 18:49:45 +00:00
tteras
0c1f013cc5 Fix commit dates to reflect reality. 2008-10-28 19:03:27 +00:00