Commit Graph

875 Commits

Author SHA1 Message Date
christos 4fcb2eb6de Coveriry CID 1998: Fix memory leak. 2006-03-18 22:17:48 +00:00
elad 6c6e841e30 Don't dereference NULL pointer, found by Coverity, CID 954. 2006-03-18 21:09:57 +00:00
dan ccd53bd92b reform a loop to be prettier and appease coverity CID 2618 2006-03-18 10:41:24 +00:00
jnemeth 79787ff03b Fix Coverity run 5, issue 2021 -- memory leak.
Approved by christos@.
2006-03-18 10:22:46 +00:00
jnemeth 1f89beeb43 Fix Coverity run 5, issue 1966 -- memory leak
Approved by christos@.
2006-03-18 10:19:09 +00:00
is 2de2502171 Make sure the right error is reported later, if all socket() calls fail.
If we close the invalid sock, we'll report EBADF later in that case.
2006-03-01 15:39:00 +00:00
is 6aece482c0 On non-fatal errors (identified: EPROTONOTSUPPORT), don't output the
error message unless debugging - the error for the last address tried
will be shown anyway, and earlier errors without context are only confusing
the user.
2006-03-01 15:18:09 +00:00
christos dd8ccf5b99 Add a namespace.h to rename the most conflict inducing names from libssh.
Idea from thorpej.
2006-02-13 16:49:33 +00:00
he e245f48109 The sig_atomic_t type is not guaranteed to be printf-compatible
with %d, so cast to int before printing it.
2006-02-08 23:08:13 +00:00
christos 55c58b142d bring in new file needed from the portable openssh. 2006-02-04 22:32:54 +00:00
christos fab0e5bf66 resolve conflicts 2006-02-04 22:32:13 +00:00
christos c7a1af8c71 From ftp.openbsd.org. 2006-02-04 22:22:31 +00:00
elad ef2fdd1d7f qsieve(6) -> qsieve(1) 2006-01-24 19:16:53 +00:00
wiz 7e91ac6596 Sort SEE ALSO. 2006-01-22 00:33:27 +00:00
elad 7db6fc6be2 xref qsieve(6). 2006-01-19 23:31:09 +00:00
manu 7f50c0a531 make software behave as the documentation advertise for INTERNAL_NETMASK4.
Keep the old INTERNAL_MASK4 to avoid breaking backward compatibility.
2006-01-07 23:51:50 +00:00
christos aa419ec271 enable cryptodev. 2005-12-31 00:08:34 +00:00
christos e1a76ccb7e netbsd has issetugid() 2005-12-31 00:07:26 +00:00
jmc 06b42f5e66 Redo previous rework to generate yacc/lex output again and remove generated
copies from the import as they don't compile clean across all archs.
2005-12-16 16:25:07 +00:00
martin 07c3097258 Allow archs to override BF_PTR 2005-12-13 09:50:52 +00:00
martin 3804e42335 Back out bn/bn.h rev. 1.9:
> use explicitly sized types for U_LLONG U_LONG and LONG; otherwise bn
> breaks on 64 bit platforms. The "LONG" openssl wants is really a 32 bit int.

Instead define SIXTY_FOUR_BIT_LONG where apropriate.
Regression tests still pass on sparc64 and i386. Furthermore this allows
us to finaly close PR 28935 (thanks to christos for removing the local
hacks on last import).
2005-12-12 19:50:26 +00:00
manu a5b1c92448 Add NAT ports to SAD in setkey so that NAT SAD entries generated by
racoon can be removed by hand.
2005-12-04 20:46:40 +00:00
christos cb9321f06d use intptr_t not U_LONG to cast from a pointer to an int. 2005-11-28 19:08:30 +00:00
christos bfae00e6c7 use explicitly sized types for U_LLONG U_LONG and LONG; otherwise bn
breaks on 64 bit platforms. The "LONG" openssl wants is really a 32 bit int.
2005-11-28 19:07:42 +00:00
christos ea39e380db Adjust to the new openssl 2005-11-26 02:32:58 +00:00
christos b1d8541f7b Add casts. 2005-11-25 22:28:31 +00:00
christos 859fae516a change back to match the openssl original prototype. 2005-11-25 22:22:44 +00:00
christos c4bfa0c238 XXX: This file does not really belong here.
Add ENGINESDIR define
2005-11-25 20:35:41 +00:00
christos 50a9cbc98b Resolve conflicts:
1. Instead of trying to cleanup the ugly ifdefs, we leave them alone so that
   there are going to be fewer conflicts in the future.
2. Where we make changes to override things #ifdef __NetBSD__ around them
   so that it is clear what we are changing. This is still missing in some
   places, notably in opensslconf.h because it would make things messier.
2005-11-25 19:14:11 +00:00
christos 8dc8acfeef from http://www.openssl.org/source 2005-11-25 03:02:45 +00:00
wiz 11cf64bdd7 New sentence, new line. Remove trailing whitespace.
Mark up paths with .Pa.
2005-11-24 20:23:02 +00:00
manu 7fc03cd9fa Merge ipsec-tools 0.6.3 import 2005-11-21 14:20:29 +00:00
manu 6e7df3c68b From Yves-Alexis Perez: use sysdep_sa_len to make it compile on Linux 2005-11-21 14:20:28 +00:00
manu c263eb3142 Merge ipsec-tools 0.6.3 import 2005-11-21 14:20:28 +00:00
manu fdc9ad890d Import IPsec-tools 0.6.3. This fixes several bugs, including bugs that
caused DoS.
2005-11-21 14:11:59 +00:00
manu 982fc9c517 Merge ipsec-tools 0.6.2 import. 2005-10-14 14:01:34 +00:00
manu a37873eef0 Import ipsec-tools-0.6.2. Here is the ChangeLog since 0.6.1 (most of them
have already been pulled up in NetBSD CVS)
---------------------------------------------

        0.6.2 released

2005-10-14  Yvan Vanhullebus  <vanhu@netasq.com>

        * src/racoon/ipsec_doi.c: don't allow NULL or empty FQDNs or
          USER_FQDNs (problem reported by Bernhard Suttner).

---------------------------------------------

        0.6.2.beta3 released

2005-09-05   Emmanuel Dreyfus  <manu@netbsd.org>

        From Andreas Hasenack <ahasenack@terra.com.br>
        * configure.ac: More build fixes for Linux

---------------------------------------------

        0.6.2.beta2 released

2005-09-04  Emmanuel Dreyfus  <manu@netbsd.org>

        From Wilfried Weissmann
        * src/libipsec/policy_parse.y src/racoon/{ipsec_doi.c|oakley.c}
          src/racoon/{sockmisc.c|sockmisc.h}: build fixes

---------------------------------------------

        0.6.2.beta1 released

2005-09-03  Emmanuel Dreyfus  <manu@netbsd.org>

        From Francis Dupont <Francis.Dupont@enst-bretagne.fr>
        * src/libipsec/pfkey.c src/racoon/pfkey.c: Cope with extensions

2005-08-26  Emmanuel Dreyfus  <manu@netbsd.org>

        * src/racoon/cfparse.y: handle xauth_login correctly
        * src/racoon/isakmp.c: catch internal error
        * src/raccon/isakmp_agg.c: fix racoon as Xauth client
        * src/raccon/{isakmp_agg.c|isakmp_base.c}: Proposal safety checks
        * src/racoon/evt.c: Fix memory leak when event queue overflows

2005-08-23  Emmanuel Dreyfus  <manu@netbsd.org>

        * src/racoon/{isakmp_agg.c|isakmp_ident.c|isakmp_base.c}: Correctly
          initialize NAT-T VID to avoid freeing unallocated stuff.

2005-08-21  Emmanuel Dreyfus  <manu@netbsd.org>

        From Matthias Scheler <matthias.scheler@tadpole.com>
        * src/racoon/{isakmp_cfg.c|racoon.conf.5}: enable the use of
          ISAKMP mode config without Xauth.

2005-09-16  Yvan Vanhullebus  <vanhu@free.fr>

        * src/racoon/policy.c: Do not parse all sptree in inssp() if we
          don't use Policies priority.

2005-08-15  Emmanuel Dreyfus  <manu@netbsd.org>

        From: Thomas Klausner <wiz@netbsd.org>
        src/setkey/setkey.8: Drop trailing spaces
2005-10-14 13:21:42 +00:00
gendalia decff3d730 Add a preprocessor symbol so we can distinguish fixed openssl
from the vanilla openssl.  Thanks <jlam>.
2005-10-11 21:17:17 +00:00
gendalia ed304be38e fix openssl 2.0 rollback, CAN-2005-2969
approved by: agc
2005-10-11 18:07:40 +00:00
rpaulo e3886d37ea Add "openssl_" to man page references if they are available.
Fixes part of PR security/13953. Fixing the rest of the PR requires
adding more man pages.
2005-10-05 23:47:30 +00:00
manu c557aaf18f Fix bug when using hybrid auth in client mode
make xauth_login work again
add safety checks
2005-09-26 16:24:57 +00:00
christos e83e36d896 fix spelling from Liam Foy. 2005-09-24 22:45:51 +00:00
christos b9301b48d0 fix typos. 2005-09-24 17:34:17 +00:00
christos 2192079ea8 use get*_r() 2005-09-24 14:40:59 +00:00
christos 54a773e9d7 Can we please stop using caddr_t? 2005-09-24 14:40:39 +00:00
wiz e904ea2e97 Drop trailing whitespace. 2005-09-23 19:58:28 +00:00
manu 7e2e2c16ff Correctly initialize NAT-T VID to avoid freeing unallocated space 2005-09-23 14:22:27 +00:00
tron 3cc3e3c7a3 Correct documentation about Mode Config. It now works without XAuth, too.
Patch supplied by Emmanuel Dreyfus on the "ipsec-tools" mailing list.
2005-09-21 15:06:22 +00:00
tron dc5127a31e Make "Mode Config" work if XAuth is not used. 2005-09-21 12:46:08 +00:00
christos a6040f634b PR/13738: Johan Danielsson: ssh doesn't look at $HOME 2005-09-18 18:39:05 +00:00