![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.netbsd.org] / src / crypto / dist / ipsec-tools / src / racoon
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.28.6.1 / (download) - annotate - [select for diffs], Tue Apr 17 00:01:41 2012 UTC (5 weeks, 4 days ago) by yamt
Branch: yamt-pagecache
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored) next main 1.29 (colored)
sync with head
Revision 1.29 / (download) - annotate - [select for diffs], Sun Jan 1 15:54:51 2012 UTC (4 months, 3 weeks ago) by tteras
Branch: MAIN
CVS Tags: yamt-pagecache-base5,
yamt-pagecache-base4,
netbsd-6-base,
netbsd-6,
HEAD
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored)
Fix myaddr_getsport() to return -1 if no suitable address is found. This is used in pfkey.c:pk_recvacquire() to check if IKE negotiation should be started or not.
Revision 1.28 / (download) - annotate - [select for diffs], Mon Mar 14 17:18:12 2011 UTC (14 months, 1 week ago) by tteras
Branch: MAIN
CVS Tags: yamt-pagecache-base3,
yamt-pagecache-base2,
yamt-pagecache-base,
ipsec-tools-0_8_0,
ipsec-tools-0_8-branch,
cherry-xenmp-base,
cherry-xenmp
Branch point for: yamt-pagecache
Changes since 1.27: +6 -6
lines
Diff to previous 1.27 (colored)
Explicitly compare return value of cmpsaddr() against a return value define to make it more obvious what is the intended action. One more return value is also added, to fix comparison of security policy descriptors. Namely, getsp() should not allow wildcard matching (as the comment says, it does exact matching) - otherwise we get problems when kernel has generic policy with no ports, and a second similar policy with ports.
Revision 1.27 / (download) - annotate - [select for diffs], Fri Dec 3 09:46:24 2010 UTC (17 months, 3 weeks ago) by tteras
Branch: MAIN
CVS Tags: matt-mips64-premerge-20101231,
bouyer-quota2-nbase,
bouyer-quota2-base,
bouyer-quota2
Changes since 1.26: +92 -3
lines
Diff to previous 1.26 (colored)
Netlink deletion notification does not guarentee actual address deletion: it might still exist on some other interface. Make sure we do not unbind unless the address is really gone.
Revision 1.26 / (download) - annotate - [select for diffs], Fri Oct 22 06:26:26 2010 UTC (19 months ago) by tteras
Branch: MAIN
Changes since 1.25: +108 -29
lines
Diff to previous 1.25 (colored)
Change Linux Netlink address monitoring to monitor local route changes. This works around a kernel bug, and slightly improves behaviour on some special cases.
Revision 1.25 / (download) - annotate - [select for diffs], Thu Oct 21 06:15:28 2010 UTC (19 months ago) by tteras
Branch: MAIN
Changes since 1.24: +2 -2
lines
Diff to previous 1.24 (colored)
Introduce priorities for file descriptor polling mechanism and give priority to admin port. If admin port is used by ISAKMP-SA hook scripts they should be preferred, other wise heavy traffic can delay admin port requests considerably. This in turn may cause renegotiation loop for ISAKMP-SA. This is mostly useful for OpenNHRP setup, but can benefit other setups too.
Revision 1.24 / (download) - annotate - [select for diffs], Wed Oct 20 10:56:39 2010 UTC (19 months ago) by tteras
Branch: MAIN
Changes since 1.23: +4 -3
lines
Diff to previous 1.23 (colored)
Fix address comparison so we actually close sockets which were bound to IP-address that got deconfigured.
Revision 1.23 / (download) - annotate - [select for diffs], Fri Jul 3 06:41:46 2009 UTC (2 years, 10 months ago) by tteras
Branch: MAIN
CVS Tags: matt-premerge-20091211
Changes since 1.22: +9 -15
lines
Diff to previous 1.22 (colored)
Get rid of the evil CMPSADDR macro. Trac #295.
Revision 1.21.2.1 / (download) - annotate - [select for diffs], Wed May 13 19:15:54 2009 UTC (3 years ago) by jym
Branch: jym-xensuspend
Changes since 1.21: +8 -4
lines
Diff to previous 1.21 (colored) next main 1.22 (colored)
Sync with HEAD. Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
Revision 1.22 / (download) - annotate - [select for diffs], Tue Apr 21 18:38:31 2009 UTC (3 years, 1 month ago) by tteras
Branch: MAIN
CVS Tags: jym-xensuspend-nbase,
jym-xensuspend-base
Changes since 1.21: +8 -4
lines
Diff to previous 1.21 (colored)
Fix strict_address to work again. The lists needs to be initialized before configuration is read, which happens before my_addr_init() call.
Revision 1.10.2.1 / (download) - annotate - [select for diffs], Sun Feb 8 18:42:16 2009 UTC (3 years, 3 months ago) by snj
Branch: netbsd-5
CVS Tags: netbsd-5-1-RELEASE,
netbsd-5-1-RC4,
netbsd-5-1-RC3,
netbsd-5-1-RC2,
netbsd-5-1-RC1,
netbsd-5-1-2-RELEASE,
netbsd-5-1-1-RELEASE,
netbsd-5-1,
netbsd-5-0-RELEASE,
netbsd-5-0-RC4,
netbsd-5-0-RC3,
netbsd-5-0-RC2,
netbsd-5-0-2-RELEASE,
netbsd-5-0-1-RELEASE,
netbsd-5-0,
matt-nb5-pq3-base,
matt-nb5-pq3,
matt-nb5-mips64-u2-k2-k4-k7-k8-k9,
matt-nb5-mips64-u1-k1-k5,
matt-nb5-mips64-premerge-20101231,
matt-nb5-mips64-premerge-20091211,
matt-nb5-mips64-k15,
matt-nb5-mips64,
matt-nb4-mips64-k7-u2a-k9b
Changes since 1.10: +7 -11
lines
Diff to previous 1.10 (colored) next main 1.11 (colored)
Apply patch (requested by manu/spz in #378): Downgrade ipsec-tools to 0.7.1nb1.
Revision 1.21 / (download) - annotate - [select for diffs], Fri Jan 23 08:05:58 2009 UTC (3 years, 4 months ago) by tteras
Branch: MAIN
Branch point for: jym-xensuspend
Changes since 1.20: +2 -2
lines
Diff to previous 1.20 (colored)
Remove "fastquit" configure option and make it the default behaviour. The previous normal behaviour is buggy, as after flush kernel can immediately create larval SA:s which would prevent exit.
Revision 1.20 / (download) - annotate - [select for diffs], Wed Dec 24 20:20:52 2008 UTC (3 years, 5 months ago) by christos
Branch: MAIN
Changes since 1.19: +1 -3
lines
Diff to previous 1.19 (colored)
remove sin{6,}_len linux does not have it. From Timo Teras.
Revision 1.19 / (download) - annotate - [select for diffs], Wed Dec 24 19:05:48 2008 UTC (3 years, 5 months ago) by christos
Branch: MAIN
Changes since 1.18: +1 -3
lines
Diff to previous 1.18 (colored)
I was wrong. addr is actually set.
Revision 1.18 / (download) - annotate - [select for diffs], Wed Dec 24 15:25:44 2008 UTC (3 years, 5 months ago) by christos
Branch: MAIN
Changes since 1.17: +6 -4
lines
Diff to previous 1.17 (colored)
- make this compile by zeroing out the whole structure not just bogus fields. - set length field of sockets appropriately. - mark bogus no-op code (I don't understand what the author intended here).
Revision 1.17 / (download) - annotate - [select for diffs], Tue Dec 23 14:03:12 2008 UTC (3 years, 5 months ago) by tteras
Branch: MAIN
Changes since 1.16: +514 -760
lines
Diff to previous 1.16 (colored)
rewrite local address detection make some functions static that arr not needed globally rework how fd_set is construction for the main loop select()
Revision 1.16 / (download) - annotate - [select for diffs], Thu Dec 11 15:45:24 2008 UTC (3 years, 5 months ago) by vanhu
Branch: MAIN
Changes since 1.15: +6 -1
lines
Diff to previous 1.15 (colored)
Fixed compilation on FreeBSD (RTM_IFINFO and RTM_OIFINFO stuff)
Revision 1.15 / (download) - annotate - [select for diffs], Tue Nov 25 22:00:15 2008 UTC (3 years, 5 months ago) by bad
Branch: MAIN
Changes since 1.14: +25 -1
lines
Diff to previous 1.14 (colored)
Ignore unspecified and looback addresses. Ignoring unspecified addresses prevents racoon from trying to bind to the wildcard address and specific addresses simultaneously after e.g. dhclient has changed an interface's address to 0.0.0.0.
Revision 1.14 / (download) - annotate - [select for diffs], Tue Nov 25 21:54:05 2008 UTC (3 years, 5 months ago) by bad
Branch: MAIN
Changes since 1.13: +4 -3
lines
Diff to previous 1.13 (colored)
RTM_DELETE and RTM_IFINFO don't carry info for added or deleted addresses. Ignore them silently.
Revision 1.13 / (download) - annotate - [select for diffs], Tue Nov 25 21:50:47 2008 UTC (3 years, 5 months ago) by bad
Branch: MAIN
Changes since 1.12: +4 -4
lines
Diff to previous 1.12 (colored)
Ignoring an unsuitable address is not an error. Therefore log it as informational. Make it clear from the log message that a route message is not interesting.
Revision 1.12 / (download) - annotate - [select for diffs], Tue Nov 25 21:46:12 2008 UTC (3 years, 5 months ago) by bad
Branch: MAIN
Changes since 1.11: +3 -5
lines
Diff to previous 1.11 (colored)
Use insmyaddr() instead of open coding it.
Revision 1.11 / (download) - annotate - [select for diffs], Tue Nov 25 21:37:11 2008 UTC (3 years, 5 months ago) by bad
Branch: MAIN
Changes since 1.10: +2 -1
lines
Diff to previous 1.10 (colored)
Keep myaddr.sock at -1 when no socket is opened.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Oct 27 06:24:27 2008 UTC (3 years, 6 months ago) by tteras
Branch: MAIN
CVS Tags: netbsd-5-base,
netbsd-5-0-RC1
Branch point for: netbsd-5
Changes since 1.9: +4 -1
lines
Diff to previous 1.9 (colored)
From Francis Dupont (sent by Arnaud Ebalard): recognize RTM_IFANNOUNCE
Revision 1.9 / (download) - annotate - [select for diffs], Mon Oct 27 06:21:29 2008 UTC (3 years, 6 months ago) by tteras
Branch: MAIN
Changes since 1.8: +7 -7
lines
Diff to previous 1.8 (colored)
From Arnaud Ebalard: Fix indentation issues for readability
Revision 1.4.2.1.2.2 / (download) - annotate - [select for diffs], Thu Sep 4 08:46:10 2008 UTC (3 years, 8 months ago) by skrll
Branch: wrstuden-fixsa
Changes since 1.4.2.1.2.1: +15 -31
lines
Diff to previous 1.4.2.1.2.1 (colored) next main 1.4.2.2 (colored)
Sync with netbsd-4.
Revision 1.4.2.2.2.1 / (download) - annotate - [select for diffs], Mon Aug 18 20:33:33 2008 UTC (3 years, 9 months ago) by jdc
Branch: netbsd-4-0
CVS Tags: netbsd-4-0-1-RELEASE
Changes since 1.4.2.2: +15 -31
lines
Diff to previous 1.4.2.2 (colored) next main 1.4.2.3 (colored)
Upgrade ipsec-tools to release 0.7.1 (requested by manu in ticket #1183).
Revision 1.4.2.3 / (download) - annotate - [select for diffs], Mon Aug 18 20:31:30 2008 UTC (3 years, 9 months ago) by jdc
Branch: netbsd-4
CVS Tags: wrstuden-fixsa-newbase,
wrstuden-fixsa-base
Changes since 1.4.2.2: +15 -31
lines
Diff to previous 1.4.2.2 (colored) to branchpoint 1.4 (colored) next main 1.5 (colored)
Upgrade ipsec-tools to release 0.7.1 (requested by manu in ticket #1183).
Revision 1.6.12.1 / (download) - annotate - [select for diffs], Mon Jun 23 04:26:46 2008 UTC (3 years, 11 months ago) by wrstuden
Branch: wrstuden-revivesa
Changes since 1.6: +16 -31
lines
Diff to previous 1.6 (colored) next main 1.7 (colored)
Sync w/ -current. 34 merge conflicts to follow.
Revision 1.4.6.3 / (download) - annotate - [select for diffs], Wed Jun 18 07:30:18 2008 UTC (3 years, 11 months ago) by mgrooms
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7_3,
ipsec-tools-0_7_2,
ipsec-tools-0_7_1
Changes since 1.4.6.2: +15 -31
lines
Diff to previous 1.4.6.2 (colored) to branchpoint 1.4 (colored) next main 1.5 (colored)
Use utility functions to evaluate and manipulate network port values. No functional changes. Submitted by Timo Teras.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jun 18 07:04:23 2008 UTC (3 years, 11 months ago) by mgrooms
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-3,
wrstuden-revivesa-base-2,
wrstuden-revivesa-base-1,
wrstuden-revivesa-base,
matt-mips64-base2
Changes since 1.7: +2 -1
lines
Diff to previous 1.7 (colored)
Set sockets to be closed on exec to avoid potential file descriptor inheritance issues. Submitted by Timo Teras.
Revision 1.7 / (download) - annotate - [select for diffs], Wed Jun 18 06:47:25 2008 UTC (3 years, 11 months ago) by mgrooms
Branch: MAIN
Changes since 1.6: +15 -31
lines
Diff to previous 1.6 (colored)
Use utility functions to evaluate and manipulate network port values. No functional changes. Submitted by Timo Teras.
Revision 1.4.2.1.2.1 / (download) - annotate - [select for diffs], Mon Sep 3 06:51:10 2007 UTC (4 years, 8 months ago) by wrstuden
Branch: wrstuden-fixsa
Changes since 1.4.2.1: +2 -1
lines
Diff to previous 1.4.2.1 (colored)
Sync w/ NetBSD-4-RC_1
Revision 1.4.2.2 / (download) - annotate - [select for diffs], Tue Aug 28 11:14:44 2007 UTC (4 years, 8 months ago) by liamjfoy
Branch: netbsd-4
CVS Tags: wrstuden-fixsa-base-1,
netbsd-4-0-RELEASE,
netbsd-4-0-RC5,
netbsd-4-0-RC4,
netbsd-4-0-RC3,
netbsd-4-0-RC2,
netbsd-4-0-RC1
Branch point for: netbsd-4-0
Changes since 1.4.2.1: +2 -1
lines
Diff to previous 1.4.2.1 (colored) to branchpoint 1.4 (colored)
Pull up following revision(s) (requested by manu in ticket #830): Import ipsec-tools 0.7
Revision 1.4.6.2 / (download) - annotate - [select for diffs], Mon Jul 16 16:03:43 2007 UTC (4 years, 10 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7
Changes since 1.4.6.1: +2 -1
lines
Diff to previous 1.4.6.1 (colored) to branchpoint 1.4 (colored)
fixed a socket leak
Revision 1.6 / (download) - annotate - [select for diffs], Mon Jul 16 15:05:10 2007 UTC (4 years, 10 months ago) by vanhu
Branch: MAIN
CVS Tags: yamt-pf42-baseX,
yamt-pf42-base4,
yamt-pf42-base3,
yamt-pf42-base2,
yamt-pf42-base,
yamt-pf42,
matt-mips64-base,
matt-mips64,
matt-armv6-prevmlocking,
matt-armv6-nbase,
matt-armv6-base,
matt-armv6,
keiichi-mipv6-base,
keiichi-mipv6,
hpcarm-cleanup-nbase,
hpcarm-cleanup-base,
hpcarm-cleanup,
cube-autoconf-base,
cube-autoconf
Branch point for: wrstuden-revivesa
Changes since 1.5: +2 -1
lines
Diff to previous 1.5 (colored)
fixed a socket leak
Revision 1.4.2.1 / (download) - annotate - [select for diffs], Sun May 13 10:14:04 2007 UTC (5 years ago) by jdc
Branch: netbsd-4
Branch point for: wrstuden-fixsa
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (colored)
Upgrade ipsec-tools to 0.7-beta3 (Requested by manu in ticket #634).
Revision 1.4.6.1 / (download) - annotate - [select for diffs], Thu Mar 15 14:15:00 2007 UTC (5 years, 2 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7-rc1,
ipsec-tools-0_7-beta3,
ipsec-tools-0_7-RC1
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (colored)
From Yves-Alexis Perez: enable monitoring of ipv6 address changes on Linux.
Revision 1.5 / (download) - annotate - [select for diffs], Thu Mar 15 14:12:12 2007 UTC (5 years, 2 months ago) by vanhu
Branch: MAIN
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (colored)
From Yves-Alexis Perez: enable monitoring of ipv6 address changes on Linux.
Revision 1.4 / (download) - annotate - [select for diffs], Sat Sep 9 16:22:09 2006 UTC (5 years, 8 months ago) by manu
Branch: MAIN
CVS Tags: netbsd-4-base,
ipsec-tools-0_7-beta2,
ipsec-tools-0_7-beta1,
ipsec-tools-0_7-base
Branch point for: netbsd-4,
ipsec-tools-0_7-branch
Changes since 1.3: +9 -2
lines
Diff to previous 1.3 (colored)
Migration of ipsec-tools to NetBSD CVS part 2: resolving the import conflicts. Since we previously had a release branch and we import here the HEAD of CVS, let's assume all local changes are to be dumped. Local patches should have been propagated upstream, anyway.
Revision 1.1.1.4 / (download) - annotate - [select for diffs] (vendor branch), Sat Sep 9 16:11:46 2006 UTC (5 years, 8 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-base
Changes since 1.1.1.3: +9 -2
lines
Diff to previous 1.1.1.3 (colored)
Migrate ipsec-tools CVS to cvs.netbsd.org
Revision 1.1.1.2.2.2 / (download) - annotate - [select for diffs], Mon Nov 21 21:12:30 2005 UTC (6 years, 6 months ago) by tron
Branch: netbsd-3
CVS Tags: netbsd-3-1-RELEASE,
netbsd-3-1-RC4,
netbsd-3-1-RC3,
netbsd-3-1-RC2,
netbsd-3-1-RC1,
netbsd-3-1-1-RELEASE,
netbsd-3-1,
netbsd-3-0-RELEASE,
netbsd-3-0-RC6,
netbsd-3-0-RC5,
netbsd-3-0-RC4,
netbsd-3-0-RC3,
netbsd-3-0-RC2,
netbsd-3-0-3-RELEASE,
netbsd-3-0-2-RELEASE,
netbsd-3-0-1-RELEASE,
netbsd-3-0
Changes since 1.1.1.2.2.1: +1 -1
lines
Diff to previous 1.1.1.2.2.1 (colored) to branchpoint 1.1.1.2 (colored) next main 1.1.1.3 (colored)
Apply patch (requested by manu in ticket #981): Update ipsec-tools to version 0.6.3.
Revision 1.3 / (download) - annotate - [select for diffs], Mon Nov 21 14:20:29 2005 UTC (6 years, 6 months ago) by manu
Branch: MAIN
CVS Tags: abandoned-netbsd-4-base,
abandoned-netbsd-4
Changes since 1.2: +0 -0
lines
Diff to previous 1.2 (colored)
Merge ipsec-tools 0.6.3 import
Revision 1.1.1.2.2.1 / (download) - annotate - [select for diffs], Sat Sep 3 07:03:49 2005 UTC (6 years, 8 months ago) by snj
Branch: netbsd-3
CVS Tags: netbsd-3-0-RC1
Changes since 1.1.1.2: +4 -3
lines
Diff to previous 1.1.1.2 (colored)
Apply patch (requested by tron in ticket #741): Update ipsec-tools to version 0.6.1.
Revision 1.2 / (download) - annotate - [select for diffs], Sat Aug 20 00:57:06 2005 UTC (6 years, 9 months ago) by manu
Branch: MAIN
Changes since 1.1: +5 -2
lines
Diff to previous 1.1 (colored)
Update to ipsec-tools 0.6.1
Revision 1.1.1.3 / (download) - annotate - [select for diffs] (vendor branch), Sun Aug 7 08:46:36 2005 UTC (6 years, 9 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-0_6_3,
ipsec-tools-0_6_2,
ipsec-tools-0_6_1-rc1,
ipsec-tools-0_6_1
Changes since 1.1.1.2: +3 -2
lines
Diff to previous 1.1.1.2 (colored)
Update ipsec-tools to 0.6.1rc1 Most of the changes since 0.6b4 have already been committed to the NetBSD tree. This upgrade fixes some IPcomp and NAT-T related problems that were left unadressed in the NetBSD tree.
Revision 1.1.1.2 / (download) - annotate - [select for diffs] (vendor branch), Wed Feb 23 14:54:14 2005 UTC (7 years, 3 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: netbsd-3-base,
ipsec-tools-0_6-20050317,
ipsec-tools-0_6-20050314,
ipsec-tools-0_6-20050224,
ipsec-tools-0_6-20050223
Branch point for: netbsd-3
Changes since 1.1.1.1: +3 -1
lines
Diff to previous 1.1.1.1 (colored)
Import ipsec-tools 0.6 branch as of 2005/02/23. News from last imported version
according to ipsec-tools' ChangeLog:
2005-02-23 Emmanuel Dreyfus <manu@netbsd.org>
* configure.ac, src/racoon/{Makefile.am|crypto_openssl.c}: optionnal
support for patented algorithms: IDEA and RC5.
* src/racoon/{isakmp_xauth.c|main.c}: don't initialize RADIUS if it
is not required in the configuration
* src/racoon/isakmp.c: do not reject addresses for which kernel
refused UDP encapsulation, they can still be used for non NAT-T
traffic (eg: NAT-T enabled racoon on non NAT-T enabled kernel)
2005-02-18 Emmanuel Dreyfus <manu@netbsd.org>
* src/racoon/{main.c|eaytest.c|plairsa-gen.c}
src/setkey/setkey.c: don't use fuzzy paths for package_version.h
2005-02-18 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/isakmp_inf.c: Purge generated SPDs when getting a
related DELETE_SA
* src/racoon/pfkey.c: do NOT unbindph12() when SA acquire
2005-02-17 Emmanuel Dreyfus <manu@netbsd.org>
From Fred Senault <fred.letter@lacave.net>
* src/racoon/remoteconf.c: Fix a bug in script init
2005-02-17 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/ipsec_doi.c: Workaround for phase1 lifetime checks
2005-02-15 Michal Ludvig <michal@logix.cz>
* configure.ac: Changed --enable-natt_NN to --enable-natt-versions=NN,NN
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sat Feb 12 11:11:57 2005 UTC (7 years, 3 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-0_6-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
Import ipsec-tools (tag ipsec-tools-0_6-base in ipsec-tools CVS) ipsec-tools is a fork from KAME racoon/libipsec/setkey, with many enhancements.
Revision 1.1 / (download) - annotate - [select for diffs], Sat Feb 12 11:11:57 2005 UTC (7 years, 3 months ago) by manu
Branch: MAIN
Initial revision