Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
159,916 Commits 606 Branches 0 Tags 3.1 GiB
6319443e37
Commit Graph

1091 Commits

Author SHA1 Message Date
christos
30638c77c3 PR/36562: Takeshi Nakayama: sshd(8) HostbasedAuthentication fails after 
upgrading to 4.0_BETA
Remove $HOME test since this is also used by sshd.
 2007-06-26 18:28:34 +00:00
christos
d1cb3ec527 remove unused variable. 2007-06-25 01:42:31 +00:00
christos
c6b86acffc don't use __progname for the pam service name. Hard-code it to "sshd" 2007-06-24 23:48:30 +00:00
manu
72fe4c3a84 From Paul Winder <Paul.Winder@tadpole.com>: 
Fix ignored INTERNAL_DNS4_LIST
 2007-06-07 20:04:26 +00:00
vanhu
6ae0ffb7d9 From Rong-En Fan: fix compilation with gcc 4.2 2007-06-06 15:37:15 +00:00
vanhu
cc41629a4c fixed compilation with gcc 4.2 2007-06-06 15:37:14 +00:00
vanhu
6817ea28d9 speeds up interfaces update when they changed 2007-06-06 09:47:30 +00:00
vanhu
1ed22670fa From Jianli Liu: speed up interfaces update when they change. 2007-06-06 09:47:29 +00:00
vanhu
7c53bfe0b6 ignore obsolete lifebyte when validating reloaded configuration 2007-06-06 09:18:16 +00:00
manu
a16fcccee0 From Joy Latten <latten@austin.ibm.com> 
Fix file descriptor shortage when using labeled IPsec.
 2007-05-31 19:54:54 +00:00
manu
23326f5b62 From Jianli Liu <jlliu@nortel.com>: 
In racoonctl, use the specified socket path instead of the default location
 2007-05-30 21:02:39 +00:00
christos
5d1825b2a1 Use RESCUEDIR if set. 2007-05-17 00:17:50 +00:00
christos
538010e358 coverity CID 4168: yyerror() does not return, so we proceed to de-reference 
NULL. Make it return -1 instead like in other places.
 2007-05-16 21:00:40 +00:00
christos
dc073934fe coverity CID 4170: yyerror() does not return, so we proceed to de-reference 
NULL. Make it return -1 instead like in other places.
 2007-05-16 20:59:04 +00:00
vanhu
5e29f1f1bb search a ph1 by address if iph2->ph1 is NULL when validating the new config 2007-05-04 14:33:38 +00:00
vanhu
79dfa780cb ... 2007-05-04 09:10:07 +00:00
vanhu
0f20ab497d added some debug in getph1byaddr() to track some port matching problems with NAT-T 2007-05-04 09:09:54 +00:00
vanhu
e91f01072a added some debug in isakmp_chkph1there() to track some port matching problems with NAT-T 2007-05-04 09:09:47 +00:00
vanhu
ff0f36d165 added some debug for DELETE_SA process 2007-05-04 09:09:35 +00:00
vanhu
ae24f5b259 Force the update of ph2 in pk_recvupdate() if NAT_T support, to solve some port match problems with the first IPSec SAs negociated as initiator 2007-05-04 09:09:26 +00:00
plunky
e3a1867a4d fix usage error: use type for .Ft 2007-04-13 18:22:08 +00:00
vanhu
ace683e685 checks proto_id in ipsecdoi_chkcmpids() 2007-04-04 13:09:36 +00:00
vanhu
f31c3aee8e dumps peer's ID and peer's certificate subject /subjectaltname if they don't match 2007-04-04 13:07:31 +00:00
vanhu
52c7a2891e Store the DPD main scheduler in ph1 handler, to be able to cancel it when removing the handler, and some minor cleanups in DPD code 2007-03-26 15:58:07 +00:00
christos
8f6921b522 PR/36069: Huang Yushuo: racoon can't work with pam_group 
Set RUSER.
 2007-03-24 02:07:42 +00:00
vanhu
2af4eed892 From Joy Latten: fix a segfault when using security labels between 32bit and 64bit host. 2007-03-23 15:43:19 +00:00
vanhu
38a126966c fixed a segfault when using security labels between a 32bit and a 64bit host 2007-03-23 15:43:18 +00:00
vanhu
27934310cd expire zombie handlers in getph2byid(), to avoid situations where we'll never negociate a phase2 again 2007-03-23 15:34:31 +00:00
vanhu
1046a9e619 From Cyrus Rahman: give more details about what is checked when using certificates to authenticate 2007-03-23 09:57:29 +00:00
vanhu
a1d41ca41d give more details about what is checked when using certificates to authenticate 2007-03-23 09:57:28 +00:00
vanhu
27187d08ab fixed subnet check to generate IPV4_ADDRESS when needed in sockaddr2id() 2007-03-22 10:26:19 +00:00
vanhu
002f3b4723 checks if arg is NULL in SCHED_KILL 2007-03-21 14:37:58 +00:00
vanhu
452cfb7edf NULL sched check is now done in SCHED_KILL 2007-03-21 14:29:22 +00:00
vanhu
43c152a498 checks if arg is NULL in SCHED_KILL 2007-03-21 14:28:59 +00:00
vanhu
a270a7afb9 From Yves-Alexis Perez: enable monitoring of ipv6 address changes on Linux. 2007-03-15 14:12:12 +00:00
vanhu
7a26f531db enable monitoring of ipv6 addresse changes on linux 2007-03-15 14:12:11 +00:00
vanhu
0fca99dc2f Consider a negociation timeout when retry_counter is <=0 instead of < 0 2007-03-15 10:37:44 +00:00
christos
2cf8149db2 resurect files that we need and make things compile again. 2007-03-10 23:05:24 +00:00
christos
06993fb381 resolve conflicts. 2007-03-10 22:52:04 +00:00
christos
38f7168c16 PR/35965: Kazushi Marukawa: SSHD doesn't work under protocol 1 
This is a manifestation of a bug in OpenSSL 0.9.8e, which breaks
certain ciphers in OpenSSH <= 4.5p1. See:
    http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html
    http://bugzilla.mindrot.org/show_bug.cgi?id=1291
 2007-03-10 17:18:31 +00:00
christos
f0f7c41448 enable RFC/3779, requested by George Michaelson 2007-03-10 00:49:47 +00:00
dogcow
01abf44400 resolve the not-quite-resolved cvs conflicts (a missing #endif) 2007-03-07 02:34:59 +00:00
mjf
d774015c29 resolve conflicts 2007-03-06 23:47:18 +00:00
mjf
b22ff73a10 Import OpenSSL 0.9.8e 2007-03-06 21:12:00 +00:00
christos
17fe25abca eliminate caddr_t 2007-03-04 08:21:34 +00:00
mgrooms
adf474a143 Add logic to allow ip address ids to be matched to ip subnet ids when 
appropriate.
 2007-02-28 05:36:45 +00:00
vanhu
f1c1e37275 block variable declaration before code in ipsecdoi_id2str() 2007-02-21 11:01:06 +00:00
vanhu
740b198715 Removed a debug printf.... 2007-02-20 16:32:28 +00:00
vanhu
bd81981229 Only delete a generated SPD if it's creation date matches the creation date of the SA we are currently deleting 2007-02-20 09:11:30 +00:00
vanhu
1cb0c229b8 updated delete_spd() calls 2007-02-20 09:11:14 +00:00