Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
185,952 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

1679 Commits

Author SHA1 Message Date
christos 4ab80ffe22 Disable SSL V3 session renegotiation since the protocol parameters of the 
old session are not cryptographically tied to the new session ones.
NB: Applications that require session re-negotiation will fail after this
update.
 2009-12-03 23:44:33 +00:00
agc 7d576ad983 Add python bindings for netpgp, via swig. 
When using python, always add the dumb symbolic link to the library name.
 2009-12-02 00:32:06 +00:00
agc e5e6e15318 Re-instate perl taint checking by re-defining the possible taint check in 
swig. Fix a bug whereby the generated shlib_version file got appended to,
rather than rewritten.
 2009-12-01 20:44:50 +00:00
agc f17a59eb6a Turns out that swig and tainted don't play well together - perl has no way 
of knowing whether the memory will be modified. For now, the gross hack is
to switch off tainting
 2009-12-01 08:02:50 +00:00
agc e1d61885e2 Add language bindings for tcl and perl 2009-12-01 06:43:57 +00:00
agc 6b13238156 Use the right field for the prefix 2009-12-01 06:33:31 +00:00
agc e502623fdd Add a swig interface file, and a wrapper script, for calling swig for 
various language bindings for netpgp.
 2009-12-01 05:19:51 +00:00
agc b4d6642e10 Recognise the hash algorithm in a case-insensitive manner. 2009-12-01 02:36:32 +00:00
christos aabb31871d PR/42363: Yasuoka Masahiko: 
racoon uses a wrong IPsec-SA handle that is for other peer in case it
receives a ISAKMP message for IPsec-SA that has the same message-id as
the message-id that is received before.

racoon uses message-id to find the handle of IPsec-SA.  The message-id
is a unique number for each peer, but different peers may use the same
value.

Different Windows Vista or Windows 7 peers seem to use the same
message-id.  racoon can handle the first Windows's Phase-2, but it
cannot handle the second Windows.  Because racoon misunderstands the
message for the second Windows as the message for the first Windows.

>Category:       bin
>Synopsis:       racoon uses a wrong IPsec-SA that is for different peer
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Nov 22 18:25:00 +0000 2009
>Originator:     yasuoka@iij.ad.jp
 2009-11-22 19:34:55 +00:00
agc f8429fa3c9 Remove vestiges of debugging 2009-11-20 15:23:37 +00:00
agc 33ee8138ba When writing an ascii-armoured message, push the linebreak writer onto 
the write function stack for the body of the message as well as the
headers.

This means that an ascii-armoured signed file created by netpgp conforms
to RFC 4880 (and 2440, thanks, moof[1]), and can be verified by gpg now, as
well as netpgp.

[1] Are there any other RFCs which are superceded by their double?
 2009-11-20 15:21:18 +00:00
agc 632dc3ac9b Unbreak the creation of ascii-armoured signatures. 
Add automatic detection of ascii-armoured signatures.

Add tests for same - with small and large source files.
 2009-11-20 07:17:07 +00:00
agc ad7bc21d21 Commit some changes that have been in a private tree for a while: 
+ add a netpgp library function - netpgp_get_key(3) - to print a
specific key
+ add functionality to call this function in netpgpkeys(1)
+ add test for netpgp_get_key
+ add a verbose switch to the tst script
+ add netpgp functions to expose the memory signing and verification
functions - netpgp_sign_memory(3) and netpgp_verify_memory(3)
+ coalesced signing and verification ops file functions
 2009-11-19 21:56:00 +00:00
christos 2853bbf4b7 use %option instead of #define YY_NO_... 2009-10-29 14:49:02 +00:00
christos 792f03d2b0 use %option noinput nounput 2009-10-29 14:34:27 +00:00
christos cd2a002a7a no unput 2009-10-28 20:59:46 +00:00
wiz 02d06f301f Remove .Os argument. 
Remove ending dot in SEE ALSO.
Use Fl Fl for long options.
New sentence, new line.
Remove trailing whitespace.
 2009-10-25 10:30:47 +00:00
reed 06921da813 Fix section number for a man page reference. 
While here put the man pages in the SEE ALSO in order too.
(This was shared and now fixed upstream too.)
 2009-10-25 01:52:04 +00:00
reed fa923fa9a7 Fix Nm macro usage. 
Fixed upstream in April:
9747de8132
 2009-10-24 11:12:56 +00:00
reed 638b376411 Fix Document Title. 
(I already report and it is fixed upstream.)
 2009-10-24 11:09:31 +00:00
agc a2dd3398cd Add 'a' and 'a.sig' to CLEANFILES - from Marc Balmer 
Wrap long lines
 2009-10-19 05:17:46 +00:00
agc 5ea8497ecf Use LD_LIBRARY_PATH to manage the library path, and don't try to second 
guess from the lua driver program
 2009-10-19 01:07:08 +00:00
agc 9470081fd3 Use a lua for loop in preference to a while and increment in the lua 
example code - suggested by Marc Balmer.

	% make USETOOLS=no t
	cp Makefile a
	./netpgp.lua --sign --detached a
	netpgp: default key set to "C0596823"
	pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
	Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
	uid              Alistair Crooks <agc@netbsd.org>
	uid              Alistair Crooks <agc@pkgsrc.org>
	uid              Alistair Crooks <agc@alistaircrooks.com>
	uid              Alistair Crooks <alistair@hockley-crooks.com>
	netpgp passphrase:
	-rw-r--r--  1 agc  agc  287 Oct 17 15:58 a.sig
	./netpgp.lua --verify a.sig
	netpgp: default key set to "C0596823"
	netpgp: assuming signed data in "a"
	Good signature for a.sig made Sat Oct 17 15:58:09 2009
	using RSA (Encrypt or Sign) key 1b68dcfcc0596823
	pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
	Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
	uid              Alistair Crooks <alistair@hockley-crooks.com>
	uid              Alistair Crooks <agc@pkgsrc.org>
	uid              Alistair Crooks <agc@netbsd.org>
	uid              Alistair Crooks <agc@alistaircrooks.com>
	%
 2009-10-18 07:23:37 +00:00
agc 1f8267516a Minor changes to find lua glue library, and to set the home directory on 
the correct C/Lua structure
 2009-10-18 07:17:28 +00:00
agc 606ee0c668 Link in the netpgp shared library to the lua glue library 2009-10-18 07:15:43 +00:00
agc faff2f64a8 Create .so from the lua interface library 2009-10-18 07:14:55 +00:00
agc 829fc7a59b Minor renaming of lua array 
Zero allocated storage after return from lua_newuserdata()
 2009-10-18 07:14:19 +00:00
joerg d935d602c7 Fix redundancy. 2009-10-15 00:07:45 +00:00
joerg addb345ac7 Do not work around ancient groff limits with .Xo/.Xc. 2009-10-14 23:37:33 +00:00
joerg 4467064d5b Do not use .Xo/.Xc to workaround ancient groff limits. 2009-10-14 23:36:55 +00:00
joerg a453670196 Do not use .Xo/.Xc to work around ancient groff limits. 
Fix markup.
 2009-10-14 18:34:14 +00:00
joerg 0639ebde24 Don't use .Xo/.Xc to work around ancient groff limits. 
Set only one list type.
 2009-10-14 18:22:04 +00:00
joerg 2644011d38 Use proper markup. 2009-10-14 17:33:56 +00:00
joerg 37ee8ee594 Don't use .Xo/.Xc to work around ancient groff limits. 2009-10-14 17:33:20 +00:00
joerg 68d56b9fdf Fix markup. 2009-10-13 22:49:34 +00:00
joerg 37aea36c2a Use sane logical markup and actual cross references. 2009-10-13 22:47:55 +00:00
joerg 951207a2a8 Fix markup. 2009-10-13 22:47:31 +00:00
agc eb8043c766 Add lua language bindings for netpgp 2009-10-12 02:55:46 +00:00
agc 0aa9bcca65 Add some checks for return value from allocation routines 2009-10-09 06:02:55 +00:00
agc 7affbacab9 More checking of allocation return values where not already done. 
Revamp hash initialisation to return a success/failure error code.

Document places where we prefer to continue with a NULL buffer,
rather than silently continue with possibly erroneous results.
 2009-10-07 16:19:51 +00:00
agc e82f21eb7a More checks for the return value from memory allocation. 2009-10-07 04:56:51 +00:00
agc 83cfb9deb0 Clean up some Flexelint (issues pointed out by phk - many thanks!). 
Also make sure the return value for each memory allocation is checked - this
is still a WIP.
 2009-10-07 04:18:47 +00:00
agc 57036e7063 More Flexelint cleanup from issues pointed out by phk - thanks! - just easy 
low-hanging fruit for now.
 2009-10-06 05:54:24 +00:00
agc b491010d02 More Flexelint cleanup from phk - many thanks! - low-hanging fruit for 
just now.
 2009-10-06 03:30:59 +00:00
agc 1603af0219 Clean up more Flexelint, from phk - many thanks! - just low-hanging fruit 
for just now.
 2009-10-06 02:46:17 +00:00
agc 814ccb85bf Clean up Flexelint warnings - from phk, many thanks - just low-hanging 
fruit for just now.
 2009-10-06 02:39:53 +00:00
agc 5a83dba05a More Flexelint fixes from phk - just low-hanging fruit for just now - 
many thanks!
 2009-10-06 02:26:05 +00:00
agc 3574ef6dec Get rid of some lint-style issues - pointed out by Poul-Henning Kamp 
and FlexeLint (many thanks!)
 2009-10-04 21:58:25 +00:00
agc e8be961ca7 Get rid of multiple prototypes - pointed out by Poul-Henning Kamp and 
FlexeLint (many thanks!)
 2009-10-04 21:57:09 +00:00
agc f462900c00 const poisoning - pointed out by Poul-Henning Kamp and FlexeLint (many 
thanks!)
 2009-10-04 21:55:55 +00:00