![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.netbsd.org] / pkgsrc / security / ipsec-tools
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.32 / (download) - annotate - [select for diffs], Thu Nov 11 11:42:20 2010 UTC (18 months, 1 week ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base,
pkgsrc-2012Q1,
pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2,
pkgsrc-2011Q1-base,
pkgsrc-2011Q1,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4,
HEAD
Changes since 1.31: +2 -2
lines
Diff to previous 1.31 (colored)
reset maintainer, he does not use this package anymore.
Revision 1.31 / (download) - annotate - [select for diffs], Sat Mar 6 09:07:15 2010 UTC (2 years, 2 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base,
pkgsrc-2010Q3,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1
Changes since 1.30: +28 -23
lines
Diff to previous 1.30 (colored)
update to latest release DESTDIRify ok'd by manu@
Revision 1.30 / (download) - annotate - [select for diffs], Sun Jan 17 12:02:40 2010 UTC (2 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.29: +2 -1
lines
Diff to previous 1.29 (colored)
Recursive PKGREVISION bump for jpeg update to 8.
Revision 1.29 / (download) - annotate - [select for diffs], Sat Jan 10 17:13:01 2009 UTC (3 years, 4 months ago) by manu
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base,
pkgsrc-2009Q4,
pkgsrc-2009Q3-base,
pkgsrc-2009Q3,
pkgsrc-2009Q2-base,
pkgsrc-2009Q2,
pkgsrc-2009Q1-base,
pkgsrc-2009Q1
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored)
From Sergey Svishchev <svs@ropnet.ru>: ipsec-tools builds fine on FreeBSD
Revision 1.27.6.1 / (download) - annotate - [select for diffs], Tue Aug 19 00:26:03 2008 UTC (3 years, 9 months ago) by rtr
Branch: pkgsrc-2008Q2
Changes since 1.27: +3 -4
lines
Diff to previous 1.27 (colored) next main 1.28 (colored)
pullup ticket #2489 - requested by manu
ipsec-tools: update package for cve
revisions pulled up:
pkgsrc/security/ipsec-tools/Makefile 1.28
pkgsrc/security/ipsec-tools/distinfo 1.15
Module Name: pkgsrc
Committed By: manu
Date: Sat Aug 16 06:55:18 UTC 2008
Modified Files:
pkgsrc/doc: CHANGES-2008
pkgsrc/security/ipsec-tools: Makefile distinfo
Log Message:
Update to ipsec-tools 0.7.1, fixes CVE-2008-3652
Changes since the 0.6 branch:
0.7.1 - 23 July 2008
o Fixes a memory leak when invalid proposal received
o Some fixes in DPD
o do not set default gss id if xauth is used
o fixed hybrid enabled builds
o fixed compilation on FreeBSD8
o cleanup in network port value manipulation
o gets ports from SADB_X_EXT_NAT_T_[SD]PORT if present in
purge_ipsec_sp
i()
o Generates a log if cert validation has been disabled by
configuration
o better handling for pfkey socket read errors
o Fixes in yacc / bison stuff
o new plog() macro (reduced CPU usage when logging is disabled)
o Try to works better with huge SPD/SAD
o Corrected modecfg option syntax
o Many other various fixes...
0.7 - 09 August 2007
o Xauth with pre-shared key PSK
o Xauth with certificates
o SHA2 support
o pkcs7 support
o system accounting (utmp)
o Darwin support
o configuration can be reloaded
o Support for UNIQUE generated policies
o Support for semi anonymous sainfos
o Support for ph1id to remoteid matching
o Plain RSA authentication
o Native LDAP support for Xauth and modecfg
o Group membership checks for Xauth and sainfo selection
o Camellia cipher support
o IKE Fragment force option
o Modecfg SplitNet attribute support
o Modecfg SplitDNS attribute support ( server side )
o Modecfg Default Domain attribute support
o Modecfg DNS/WINS server multiple attribute support
Revision 1.28 / (download) - annotate - [select for diffs], Sat Aug 16 06:55:18 2008 UTC (3 years, 9 months ago) by manu
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.27: +3 -4
lines
Diff to previous 1.27 (colored)
Update to ipsec-tools 0.7.1, fixes CVE-2008-3652
Changes since the 0.6 branch:
0.7.1 - 23 July 2008
o Fixes a memory leak when invalid proposal received
o Some fixes in DPD
o do not set default gss id if xauth is used
o fixed hybrid enabled builds
o fixed compilation on FreeBSD8
o cleanup in network port value manipulation
o gets ports from SADB_X_EXT_NAT_T_[SD]PORT if present in purge_ipsec_sp
i()
o Generates a log if cert validation has been disabled by configuration
o better handling for pfkey socket read errors
o Fixes in yacc / bison stuff
o new plog() macro (reduced CPU usage when logging is disabled)
o Try to works better with huge SPD/SAD
o Corrected modecfg option syntax
o Many other various fixes...
0.7 - 09 August 2007
o Xauth with pre-shared key PSK
o Xauth with certificates
o SHA2 support
o pkcs7 support
o system accounting (utmp)
o Darwin support
o configuration can be reloaded
o Support for UNIQUE generated policies
o Support for semi anonymous sainfos
o Support for ph1id to remoteid matching
o Plain RSA authentication
o Native LDAP support for Xauth and modecfg
o Group membership checks for Xauth and sainfo selection
o Camellia cipher support
o IKE Fragment force option
o Modecfg SplitNet attribute support
o Modecfg SplitDNS attribute support ( server side )
o Modecfg Default Domain attribute support
o Modecfg DNS/WINS server multiple attribute support
Revision 1.27 / (download) - annotate - [select for diffs], Fri Jan 18 05:09:37 2008 UTC (4 years, 4 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base,
pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
cwrapper
Branch point for: pkgsrc-2008Q2
Changes since 1.26: +2 -1
lines
Diff to previous 1.26 (colored)
Per the process outlined in revbump(1), perform a recursive revbump on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@
Revision 1.25.2.1 / (download) - annotate - [select for diffs], Sun May 20 22:41:48 2007 UTC (5 years ago) by salo
Branch: pkgsrc-2007Q1
Changes since 1.25: +2 -2
lines
Diff to previous 1.25 (colored) next main 1.26 (colored)
Pullup ticket 2093 - requested by ghen security update for ipsec-tools Revisions pulled up: - pkgsrc/security/ipsec-tools/Makefile 1.26 - pkgsrc/security/ipsec-tools/distinfo 1.14 Module Name: pkgsrc Committed By: ghen Date: Wed Apr 11 06:51:19 UTC 2007 Modified Files: pkgsrc/security/ipsec-tools: Makefile distinfo Log Message: Update to ipsec-tools 0.6.7. o Fixed SHA256 detection on some systems o Fixed a DoS in Informationnal messages processing (CVE-2007-1841).
Revision 1.26 / (download) - annotate - [select for diffs], Wed Apr 11 06:51:19 2007 UTC (5 years, 1 month ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base,
pkgsrc-2007Q4,
pkgsrc-2007Q3-base,
pkgsrc-2007Q3,
pkgsrc-2007Q2-base,
pkgsrc-2007Q2
Changes since 1.25: +2 -2
lines
Diff to previous 1.25 (colored)
Update to ipsec-tools 0.6.7. o Fixed SHA256 detection on some systems o Fixed a DoS in Informationnal messages processing (CVE-2007-1841).
Revision 1.25 / (download) - annotate - [select for diffs], Thu Feb 22 19:27:07 2007 UTC (5 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base
Branch point for: pkgsrc-2007Q1
Changes since 1.24: +2 -2
lines
Diff to previous 1.24 (colored)
Whitespace cleanup, courtesy of pkglint. Patch provided by Sergey Svishchev in private mail.
Revision 1.24 / (download) - annotate - [select for diffs], Wed Oct 25 17:12:18 2006 UTC (5 years, 7 months ago) by bad
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base,
pkgsrc-2006Q4
Changes since 1.23: +2 -2
lines
Diff to previous 1.23 (colored)
Update ipsec-tools to 0.6.6.
Changes since 0.6.3:
0.6.6
* src/racoon/isakmp_xauth.c: Build fix
* src/racoon/pfkey.c: Sets NAT-T ports to 0 if no NAT
encapsulation in pk_sendgetspi().
* src/racoon/pfkey.c: Sets NAT-T ports to 0 if no NAT
encapsulation in pk_sendupdate().
* src/racoon/isakmp_xauth.c: fix memory leak
* src/racoon/{cfparse.y|handler.h}: typos
0.6.5
* src/racoon/isakmp.c: Fixed zombie PH1 handler when isakmp_send()
fails in isakmp_ph1resend()
* src/racoon/{cfparse.y|ipsec_doi.c}: Temporary fix for /32
subnets parsing.
* src/racoon/isakmp_cfg.c: make software behave as the documentation
advertise for INTERNAL_NETMASK4. Keep the old INTERNAL_MASK4 to
avoid breaking backward compatibility.
* src/racoon/session.c: Fixed / cleaned up signal handling.
0.6.4
* configure.ac src/racoon/plog.c: backported Fred's workaround for
%zu problems on (at least) FreeBSD4.
* src/racoon/session.c: backport: fix possible race conditions in
signal handlers (see session.c 1.17).
* src/libipsec/pfkey_dump.c: fixed compilation when NAT_T
disabled (Fred has still some CVS problems).
* src/libipsec/{libpfkey.h|pfkey_dump.c}: add a sadump_withports
function to display SAD entries with their associated ports.
* src/setkey/{parse.y|setkey.c|setkey.8}: allow to use setkey -p flag
in conjunction with -D to show SADs with the port, allow both get and
delete commands to use bracketed ports if needed.
* src/racoon/racoon.conf.5: Style changes
Revision 1.23 / (download) - annotate - [select for diffs], Mon Dec 5 23:55:17 2005 UTC (6 years, 5 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base,
pkgsrc-2006Q3,
pkgsrc-2006Q2-base,
pkgsrc-2006Q2,
pkgsrc-2006Q1-base,
pkgsrc-2006Q1,
pkgsrc-2005Q4-base,
pkgsrc-2005Q4
Changes since 1.22: +3 -3
lines
Diff to previous 1.22 (colored)
Ran "pkglint --autofix", which corrected some of the quoting issues in CONFIGURE_ARGS.
Revision 1.22 / (download) - annotate - [select for diffs], Mon Dec 5 20:50:56 2005 UTC (6 years, 5 months ago) by rillig
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored)
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
Revision 1.20.2.1 / (download) - annotate - [select for diffs], Tue Nov 22 17:25:59 2005 UTC (6 years, 6 months ago) by salo
Branch: pkgsrc-2005Q3
Changes since 1.20: +2 -2
lines
Diff to previous 1.20 (colored) next main 1.21 (colored)
Pullup ticket 920 - requested by Matthias Scheler security update for ipsec-tools Revisions pulled up: - pkgsrc/security/ipsec-tools/Makefile 1.21 - pkgsrc/security/ipsec-tools/distinfo 1.12 Module Name: pkgsrc Committed By: tron Date: Tue Nov 22 16:22:47 UTC 2005 Modified Files: pkgsrc/security/ipsec-tools: Makefile distinfo Log Message: Update "ipsec-tools" package to version 0.6.3. Changes since 0.6.1: - Various bug fixes - ISAKMP mode config works without Xauth This update fixes the security vulnerability reported in SA17668.
Revision 1.21 / (download) - annotate - [select for diffs], Tue Nov 22 16:22:47 2005 UTC (6 years, 6 months ago) by tron
Branch: MAIN
Changes since 1.20: +2 -2
lines
Diff to previous 1.20 (colored)
Update "ipsec-tools" package to version 0.6.3. Changes since 0.6.1: - Various bug fixes - ISAKMP mode config works without Xauth This update fixes the security vulnerability reported in SA17668.
Revision 1.20 / (download) - annotate - [select for diffs], Fri Sep 2 17:01:13 2005 UTC (6 years, 8 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base
Branch point for: pkgsrc-2005Q3
Changes since 1.19: +3 -1
lines
Diff to previous 1.19 (colored)
Mark this package as only available on NetBSD 3.0 and newer and Linux 2.6.x and newer.
Revision 1.19 / (download) - annotate - [select for diffs], Sun Aug 21 21:58:41 2005 UTC (6 years, 9 months ago) by tron
Branch: MAIN
Changes since 1.18: +2 -2
lines
Diff to previous 1.18 (colored)
Update "ipsec-tools" package to version 0.6.1. Changes since 0.6.1rc1:
- src/racoon/dnssec.c: fix bogus test on function result
- src/racoon/isakmp.c: Improved in/out SA addresses check in
purge_remote()
- src/libipsec/{key_debug.c|pfkey.c|pfkey_dump.c}: de-lint, warnings
- src/racoon/privsep.c: Fixed a %d -> %zu in port_check()
Revision 1.18 / (download) - annotate - [select for diffs], Fri Aug 5 12:04:33 2005 UTC (6 years, 9 months ago) by tron
Branch: MAIN
Changes since 1.17: +14 -3
lines
Diff to previous 1.17 (colored)
Update "ipsec-tools" package to version 0.6.1rc1. Changes since version 0.6b2: - NAT-T fixes for situations where NAT-T is not used - OpenSSL 0.9.8 support - keys are not restricted to OpenSSL default size anymore - PKCS7 support - SHA2 support
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jun 1 14:35:31 2005 UTC (6 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.16: +2 -2
lines
Diff to previous 1.16 (colored)
Fix casing of IPsec in COMMENT.
Revision 1.16 / (download) - annotate - [select for diffs], Tue May 31 10:01:39 2005 UTC (6 years, 11 months ago) by dillo
Branch: MAIN
Changes since 1.15: +3 -3
lines
Diff to previous 1.15 (colored)
Packages have no business modifying PKG_DEFAULT_OPTIONS -- it's a user settable variable. Set PKG_SUGGESTED_OPTIONS instead. Also, make use of PKG_OPTIONS_LEGACY_VARS. Reviewed by wiz.
Revision 1.12.2.1 / (download) - annotate - [select for diffs], Wed May 11 14:18:27 2005 UTC (7 years ago) by salo
Branch: pkgsrc-2005Q1
Changes since 1.12: +6 -5
lines
Diff to previous 1.12 (colored) next main 1.13 (colored)
Pullup ticket 490 - requested by Takahiro Kambe security update for ipsec-tools Revisions pulled up: - pkgsrc/security/ipsec-tools/Makefile 1.13 - pkgsrc/security/ipsec-tools/distinfo 1.7 - pkgsrc/security/ipsec-tools/PLIST 1.3 Module Name: pkgsrc Committed By: manu Date: Wed Mar 23 16:49:39 UTC 2005 Modified Files: pkgsrc/security/ipsec-tools: Makefile distinfo Log Message: Upgrade to ipsec-tools 0.6b1. New features: - PAM support - privilege separation --- Module Name: pkgsrc Committed By: manu Date: Wed Mar 23 17:27:17 UTC 2005 Modified Files: pkgsrc/security/ipsec-tools: PLIST Log Message: Missing installed files inPLIST
Revision 1.15 / (download) - annotate - [select for diffs], Tue May 10 12:39:28 2005 UTC (7 years ago) by manu
Branch: MAIN
Changes since 1.14: +3 -5
lines
Diff to previous 1.14 (colored)
Updated ipsec-tools to 0.6b2. Multiple bug fixes, the most important being NAT-T now working with multiple endpoints behind the same NAT.
Revision 1.14 / (download) - annotate - [select for diffs], Mon Apr 11 21:47:12 2005 UTC (7 years, 1 month ago) by tv
Branch: MAIN
Changes since 1.13: +1 -2
lines
Diff to previous 1.13 (colored)
Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.
Revision 1.13 / (download) - annotate - [select for diffs], Wed Mar 23 16:49:39 2005 UTC (7 years, 2 months ago) by manu
Branch: MAIN
Changes since 1.12: +6 -5
lines
Diff to previous 1.12 (colored)
Upgrade to ipsec-tools 0.6b1. New features: - PAM support - privilege separation
Revision 1.12 / (download) - annotate - [select for diffs], Sun Feb 20 01:03:30 2005 UTC (7 years, 3 months ago) by manu
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base
Branch point for: pkgsrc-2005Q1
Changes since 1.11: +18 -2
lines
Diff to previous 1.11 (colored)
Fix file installation, add missing samples config files
Revision 1.11 / (download) - annotate - [select for diffs], Fri Feb 18 09:53:40 2005 UTC (7 years, 3 months ago) by manu
Branch: MAIN
Changes since 1.10: +3 -5
lines
Diff to previous 1.10 (colored)
Upgraded ipsec-tools to release version 0.5
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jan 12 15:31:11 2005 UTC (7 years, 4 months ago) by kim
Branch: MAIN
Changes since 1.9: +4 -1
lines
Diff to previous 1.9 (colored)
Use PKG_SYSCONFDIR
Revision 1.9 / (download) - annotate - [select for diffs], Thu Nov 11 12:13:24 2004 UTC (7 years, 6 months ago) by grant
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base,
pkgsrc-2004Q4
Changes since 1.8: +2 -1
lines
Diff to previous 1.8 (colored)
add additional libraries required by libradius.
Revision 1.8 / (download) - annotate - [select for diffs], Thu Nov 11 11:51:12 2004 UTC (7 years, 6 months ago) by grant
Branch: MAIN
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored)
include libradius/buildlink3.mk only if we're including radius support.
Revision 1.7 / (download) - annotate - [select for diffs], Thu Nov 11 11:49:15 2004 UTC (7 years, 6 months ago) by grant
Branch: MAIN
Changes since 1.6: +12 -2
lines
Diff to previous 1.6 (colored)
allow radius support to be disabled by moving it to PKG_OPTIONS. no PKGREVISION bump as it is still enabled by default.
Revision 1.6 / (download) - annotate - [select for diffs], Thu Nov 11 10:53:08 2004 UTC (7 years, 6 months ago) by manu
Branch: MAIN
Changes since 1.5: +5 -1
lines
Diff to previous 1.5 (colored)
Remove lex and yacc generated files before building: they might not match with the libraries installed on the system.
Revision 1.5 / (download) - annotate - [select for diffs], Wed Nov 10 16:44:51 2004 UTC (7 years, 6 months ago) by manu
Branch: MAIN
Changes since 1.4: +5 -3
lines
Diff to previous 1.4 (colored)
Disable nat-t by default as the kernel does not have support for it without an unofficial patch yet.
Revision 1.4 / (download) - annotate - [select for diffs], Wed Nov 10 09:11:34 2004 UTC (7 years, 6 months ago) by xtraeme
Branch: MAIN
Changes since 1.3: +2 -1
lines
Diff to previous 1.3 (colored)
This package needs openssl bl3.mk... and it needs NAT-T kernel option to build...
Revision 1.3 / (download) - annotate - [select for diffs], Wed Nov 10 08:49:32 2004 UTC (7 years, 6 months ago) by xtraeme
Branch: MAIN
Changes since 1.2: +1 -3
lines
Diff to previous 1.2 (colored)
No need to set BUILDLINK_DEPMETHOD.libradius-linux?= build here...
Revision 1.2 / (download) - annotate - [select for diffs], Wed Nov 10 08:43:44 2004 UTC (7 years, 6 months ago) by xtraeme
Branch: MAIN
Changes since 1.1: +5 -7
lines
Diff to previous 1.1 (colored)
* Fix HOMEPAGE.
* No need to use LIBTOOL_OVERRIDE.
* Remove unneeded ${EXAMPLESDIR} (??!!) after bl3.mk includes
* Remove unneeded BUILD_DEPEND, because this pkg uses bl3
Still libradius is broken...
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Tue Nov 9 22:42:20 2004 UTC (7 years, 6 months ago) by manu
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
racoon speaks IKE (ISAKMP/Oakley) key management protocol, to establish IPsec security association with other hosts. This is based on KAME racoon, with some enhancements such as NAT-Traversal (needs a kernel patch), hybrid authentication, ISAKMP mode config, RADIUS support, IKE fragmentation and others. Ipsec-tools' racoon is able to act as a VPN server for the Cisco VPN client using hybrid authentication.
Revision 1.1 / (download) - annotate - [select for diffs], Tue Nov 9 22:42:20 2004 UTC (7 years, 6 months ago) by manu
Branch: MAIN
Initial revision