![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.netbsd.org] / src / crypto / dist / ipsec-tools / src / racoon
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.39.6.1 / (download) - annotate - [select for diffs], Tue Apr 17 00:01:41 2012 UTC (5 weeks, 4 days ago) by yamt
Branch: yamt-pagecache
Changes since 1.39: +15 -9
lines
Diff to previous 1.39 (colored) next main 1.40 (colored)
sync with head
Revision 1.41 / (download) - annotate - [select for diffs], Sun Jan 1 15:57:31 2012 UTC (4 months, 3 weeks ago) by tteras
Branch: MAIN
CVS Tags: yamt-pagecache-base5,
yamt-pagecache-base4,
netbsd-6-base,
netbsd-6,
HEAD
Changes since 1.40: +3 -3
lines
Diff to previous 1.40 (colored)
From Wolfgang Schmieder <wolfgang@die-schmieders.de>: Fix various typos in comments and log messages. Fix default port used in copy_ph1addresses().
Revision 1.39.2.1 / (download) - annotate - [select for diffs], Thu Nov 17 14:46:31 2011 UTC (6 months, 1 week ago) by vanhu
Branch: ipsec-tools-0_8-branch
Changes since 1.39: +13 -7
lines
Diff to previous 1.39 (colored) next main 1.40 (colored)
fixed some crashes in LIST_FOREACH where current element could be removed during the loop
Revision 1.40 / (download) - annotate - [select for diffs], Thu Nov 17 14:41:55 2011 UTC (6 months, 1 week ago) by vanhu
Branch: MAIN
Changes since 1.39: +13 -7
lines
Diff to previous 1.39 (colored)
fixed some crashes in LIST_FOREACH where current element could be removed during the loop
Revision 1.39 / (download) - annotate - [select for diffs], Mon Mar 14 17:18:12 2011 UTC (14 months, 1 week ago) by tteras
Branch: MAIN
CVS Tags: yamt-pagecache-base3,
yamt-pagecache-base2,
yamt-pagecache-base,
ipsec-tools-0_8_0,
cherry-xenmp-base,
cherry-xenmp
Branch point for: yamt-pagecache,
ipsec-tools-0_8-branch
Changes since 1.38: +14 -14
lines
Diff to previous 1.38 (colored)
Explicitly compare return value of cmpsaddr() against a return value define to make it more obvious what is the intended action. One more return value is also added, to fix comparison of security policy descriptors. Namely, getsp() should not allow wildcard matching (as the comment says, it does exact matching) - otherwise we get problems when kernel has generic policy with no ports, and a second similar policy with ports.
Revision 1.38 / (download) - annotate - [select for diffs], Mon Mar 14 14:54:07 2011 UTC (14 months, 1 week ago) by vanhu
Branch: MAIN
Changes since 1.37: +1 -2
lines
Diff to previous 1.37 (colored)
removed an useless comment
Revision 1.37 / (download) - annotate - [select for diffs], Mon Mar 14 09:19:23 2011 UTC (14 months, 1 week ago) by vanhu
Branch: MAIN
Changes since 1.36: +6 -3
lines
Diff to previous 1.36 (colored)
check if we got RMCONF_ERR_MULTIPLE from getrmconf_by_ph1() in revalidate_ph1tree_rmconf()
Revision 1.36 / (download) - annotate - [select for diffs], Fri Mar 11 14:30:07 2011 UTC (14 months, 2 weeks ago) by vanhu
Branch: MAIN
Changes since 1.35: +7 -2
lines
Diff to previous 1.35 (colored)
directly delete a ph1 in remove_ph1-) instead of scheduling it, to avoid (completely ?) a race condition when reloading configuration
Revision 1.9.6.9 / (download) - annotate - [select for diffs], Tue Dec 28 06:02:45 2010 UTC (16 months, 4 weeks ago) by tteras
Branch: ipsec-tools-0_7-branch
Changes since 1.9.6.8: +2 -2
lines
Diff to previous 1.9.6.8 (colored) to branchpoint 1.9 (colored) next main 1.10 (colored)
From Roman Hoog Antink <rha@open.ch>: Fix config reload to not delete too many phase 2 handles, because wrong chain field is used when enumerating the handles.
Revision 1.35 / (download) - annotate - [select for diffs], Tue Dec 28 06:00:18 2010 UTC (16 months, 4 weeks ago) by tteras
Branch: MAIN
CVS Tags: matt-mips64-premerge-20101231,
bouyer-quota2-nbase,
bouyer-quota2-base,
bouyer-quota2
Changes since 1.34: +2 -2
lines
Diff to previous 1.34 (colored)
From Roman Hoog Antink <rha@open.ch>: Fix config reload to not delete too many phase 2 handles, because wrong chain field is used when enumerating the handles.
Revision 1.34 / (download) - annotate - [select for diffs], Wed Nov 17 10:40:41 2010 UTC (18 months, 1 week ago) by tteras
Branch: MAIN
Changes since 1.33: +17 -1
lines
Diff to previous 1.33 (colored)
Fix my previous patch to not call purge_remote() twice. Change the place where purge_remote() is called. This fixes also a possible crash from the same patch since ph1->remote can be NULL (when we are responder and config is not yet selected).
Revision 1.33 / (download) - annotate - [select for diffs], Thu Oct 21 06:04:33 2010 UTC (19 months ago) by tteras
Branch: MAIN
Changes since 1.32: +17 -1
lines
Diff to previous 1.32 (colored)
Remove initial-contact entry when all ISAKMP-SA are purged via adminport. This will avoid stale security associations if some of the delete notifications happens to get lost.
Revision 1.21.4.1.4.1 / (download) - annotate - [select for diffs], Wed Apr 21 05:17:36 2010 UTC (2 years, 1 month ago) by matt
Branch: matt-nb5-mips64
CVS Tags: matt-nb5-mips64-premerge-20101231,
matt-nb5-mips64-k15
Changes since 1.21.4.1: +2 -2
lines
Diff to previous 1.21.4.1 (colored) next main 1.21.4.2 (colored)
sync to netbsd-5
Revision 1.21.4.2 / (download) - annotate - [select for diffs], Sun Mar 28 16:36:57 2010 UTC (2 years, 1 month ago) by snj
Branch: netbsd-5
CVS Tags: netbsd-5-1-RELEASE,
netbsd-5-1-RC4,
netbsd-5-1-RC3,
netbsd-5-1-RC2,
netbsd-5-1-RC1,
netbsd-5-1-2-RELEASE,
netbsd-5-1-1-RELEASE,
netbsd-5-1,
matt-nb5-pq3-base,
matt-nb5-pq3
Changes since 1.21.4.1: +2 -2
lines
Diff to previous 1.21.4.1 (colored) to branchpoint 1.21 (colored) next main 1.22 (colored)
Pull up following revision(s) (requested by hubertf in ticket #1341): crypto/dist/ipsec-tools/src/racoon/handler.c: revision 1.31, 1.32 PR/42363: Yasuoka Masahiko: racoon uses a wrong IPsec-SA handle that is for other peer in case it receives a ISAKMP message for IPsec-SA that has the same message-id as the message-id that is received before. racoon uses message-id to find the handle of IPsec-SA. The message-id is a unique number for each peer, but different peers may use the same value. Different Windows Vista or Windows 7 peers seem to use the same message-id. racoon can handle the first Windows's Phase-2, but it cannot handle the second Windows. Because racoon misunderstands the message for the second Windows as the message for the first Windows. -- PR/42363: Yasuoka Masahiko: Second part of the patch: iterate only on the phase2 handles that are bound by the given phase1 handle.
Revision 1.32 / (download) - annotate - [select for diffs], Thu Mar 11 15:44:48 2010 UTC (2 years, 2 months ago) by christos
Branch: MAIN
Changes since 1.31: +2 -2
lines
Diff to previous 1.31 (colored)
PR/42363: Yasuoka Masahiko: Second part of the patch: iterate only on the phase2 handles that are bound by the given phase1 handle.
Revision 1.31 / (download) - annotate - [select for diffs], Sun Nov 22 19:34:55 2009 UTC (2 years, 6 months ago) by christos
Branch: MAIN
CVS Tags: matt-premerge-20091211
Changes since 1.30: +2 -2
lines
Diff to previous 1.30 (colored)
PR/42363: Yasuoka Masahiko: racoon uses a wrong IPsec-SA handle that is for other peer in case it receives a ISAKMP message for IPsec-SA that has the same message-id as the message-id that is received before. racoon uses message-id to find the handle of IPsec-SA. The message-id is a unique number for each peer, but different peers may use the same value. Different Windows Vista or Windows 7 peers seem to use the same message-id. racoon can handle the first Windows's Phase-2, but it cannot handle the second Windows. Because racoon misunderstands the message for the second Windows as the message for the first Windows. >Category: bin >Synopsis: racoon uses a wrong IPsec-SA that is for different peer >Confidential: no >Severity: serious >Priority: medium >Responsible: bin-bug-people >State: open >Class: sw-bug >Submitter-Id: net >Arrival-Date: Sun Nov 22 18:25:00 +0000 2009 >Originator: yasuoka@iij.ad.jp
Revision 1.30 / (download) - annotate - [select for diffs], Thu Sep 3 09:29:07 2009 UTC (2 years, 8 months ago) by tteras
Branch: MAIN
Changes since 1.29: +36 -18
lines
Diff to previous 1.29 (colored)
When rekeying phase2 use phase1 used to negotiate phase2 as a hint to select the phase1 for rekeying the new phase2.
Revision 1.29 / (download) - annotate - [select for diffs], Fri Jul 3 06:41:46 2009 UTC (2 years, 10 months ago) by tteras
Branch: MAIN
Changes since 1.28: +19 -24
lines
Diff to previous 1.28 (colored)
Get rid of the evil CMPSADDR macro. Trac #295.
Revision 1.25.2.1 / (download) - annotate - [select for diffs], Wed May 13 19:15:54 2009 UTC (3 years ago) by jym
Branch: jym-xensuspend
Changes since 1.25: +66 -220
lines
Diff to previous 1.25 (colored) next main 1.26 (colored)
Sync with HEAD. Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
Revision 1.28 / (download) - annotate - [select for diffs], Tue Apr 28 13:54:07 2009 UTC (3 years ago) by tteras
Branch: MAIN
CVS Tags: jym-xensuspend-nbase,
jym-xensuspend-base
Changes since 1.27: +12 -1
lines
Diff to previous 1.27 (colored)
Reset nat_oa variables too when reusing phase two handler. Otherwise phase2 rekeying might fail in some scenarios.
Revision 1.9.6.8 / (download) - annotate - [select for diffs], Mon Apr 20 13:25:27 2009 UTC (3 years, 1 month ago) by tteras
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7_3,
ipsec-tools-0_7_2
Changes since 1.9.6.7: +2 -2
lines
Diff to previous 1.9.6.7 (colored) to branchpoint 1.9 (colored)
From Paul Moore: Phase2 message id's should be unique wrt phase1, not globally.
Revision 1.27 / (download) - annotate - [select for diffs], Mon Apr 20 13:16:52 2009 UTC (3 years, 1 month ago) by tteras
Branch: MAIN
Changes since 1.26: +2 -2
lines
Diff to previous 1.26 (colored)
From Paul Moore: Phase2 message id's should be unique wrt phase1, not globally.
Revision 1.26 / (download) - annotate - [select for diffs], Thu Mar 12 10:57:26 2009 UTC (3 years, 2 months ago) by tteras
Branch: MAIN
Changes since 1.25: +54 -219
lines
Diff to previous 1.25 (colored)
Support multiple anonymous remotes and decide remoteconf based on identity, received certificates and other information. General code clean up.
Revision 1.21.4.1 / (download) - annotate - [select for diffs], Sun Feb 8 18:42:16 2009 UTC (3 years, 3 months ago) by snj
Branch: netbsd-5
CVS Tags: netbsd-5-0-RELEASE,
netbsd-5-0-RC4,
netbsd-5-0-RC3,
netbsd-5-0-RC2,
netbsd-5-0-2-RELEASE,
netbsd-5-0-1-RELEASE,
netbsd-5-0,
matt-nb5-mips64-u2-k2-k4-k7-k8-k9,
matt-nb5-mips64-u1-k1-k5,
matt-nb5-mips64-premerge-20091211,
matt-nb4-mips64-k7-u2a-k9b
Branch point for: matt-nb5-mips64
Changes since 1.21: +45 -101
lines
Diff to previous 1.21 (colored)
Apply patch (requested by manu/spz in #378): Downgrade ipsec-tools to 0.7.1nb1.
Revision 1.25 / (download) - annotate - [select for diffs], Fri Jan 23 08:32:58 2009 UTC (3 years, 4 months ago) by tteras
Branch: MAIN
Branch point for: jym-xensuspend
Changes since 1.24: +4 -1
lines
Diff to previous 1.24 (colored)
From Arnaud Ebalard: Handle reception of MIGRATE message during Phase 1 and Phase 2 negotiation. Also corrects some debugging statements.
Revision 1.24 / (download) - annotate - [select for diffs], Fri Jan 23 08:25:06 2009 UTC (3 years, 4 months ago) by tteras
Branch: MAIN
Changes since 1.23: +15 -17
lines
Diff to previous 1.23 (colored)
Detect if monotonic system clock is available, and use it for relative time measurements to avoid complite hang if time jumps backwards.
Revision 1.23 / (download) - annotate - [select for diffs], Tue Dec 23 14:03:12 2008 UTC (3 years, 5 months ago) by tteras
Branch: MAIN
Changes since 1.22: +2 -2
lines
Diff to previous 1.22 (colored)
rewrite local address detection make some functions static that arr not needed globally rework how fd_set is construction for the main loop select()
Revision 1.22 / (download) - annotate - [select for diffs], Fri Dec 5 06:02:20 2008 UTC (3 years, 5 months ago) by tteras
Branch: MAIN
Changes since 1.21: +72 -21
lines
Diff to previous 1.21 (colored)
From Arnaud Ebalard: Improved Mobile IPv6 support per draft-ebalard-mext-pfkey-enhanced-migrate.
Revision 1.21 / (download) - annotate - [select for diffs], Fri Sep 19 11:14:49 2008 UTC (3 years, 8 months ago) by tteras
Branch: MAIN
CVS Tags: netbsd-5-base,
netbsd-5-0-RC1,
matt-mips64-base2
Branch point for: netbsd-5
Changes since 1.20: +67 -18
lines
Diff to previous 1.20 (colored)
Implement ISAKMP SA rekeying configurable with rekey {on|off|force} option
in remote conf.
Revision 1.20 / (download) - annotate - [select for diffs], Fri Sep 19 11:01:08 2008 UTC (3 years, 8 months ago) by tteras
Branch: MAIN
Changes since 1.19: +13 -19
lines
Diff to previous 1.19 (colored)
Change struct sched to be allocated be the caller to avoid some memory allocations. Optimize scheduling algorithm to not scan all entries in the main loop.
Revision 1.9.2.1.2.2 / (download) - annotate - [select for diffs], Thu Sep 4 08:46:10 2008 UTC (3 years, 8 months ago) by skrll
Branch: wrstuden-fixsa
Changes since 1.9.2.1.2.1: +9 -3
lines
Diff to previous 1.9.2.1.2.1 (colored) next main 1.9.2.2 (colored)
Sync with netbsd-4.
Revision 1.9.2.2.2.1 / (download) - annotate - [select for diffs], Mon Aug 18 20:33:33 2008 UTC (3 years, 9 months ago) by jdc
Branch: netbsd-4-0
CVS Tags: netbsd-4-0-1-RELEASE
Changes since 1.9.2.2: +9 -3
lines
Diff to previous 1.9.2.2 (colored) next main 1.9.2.3 (colored)
Upgrade ipsec-tools to release 0.7.1 (requested by manu in ticket #1183).
Revision 1.9.2.3 / (download) - annotate - [select for diffs], Mon Aug 18 20:31:30 2008 UTC (3 years, 9 months ago) by jdc
Branch: netbsd-4
CVS Tags: wrstuden-fixsa-newbase,
wrstuden-fixsa-base
Changes since 1.9.2.2: +9 -3
lines
Diff to previous 1.9.2.2 (colored) to branchpoint 1.9 (colored) next main 1.10 (colored)
Upgrade ipsec-tools to release 0.7.1 (requested by manu in ticket #1183).
Revision 1.18.2.1 / (download) - annotate - [select for diffs], Mon Mar 24 07:14:29 2008 UTC (4 years, 2 months ago) by keiichi
Branch: keiichi-mipv6
Changes since 1.18: +8 -5
lines
Diff to previous 1.18 (colored) next main 1.19 (colored)
sync with head.
Revision 1.15.4.3 / (download) - annotate - [select for diffs], Sun Mar 23 00:13:34 2008 UTC (4 years, 2 months ago) by matt
Branch: matt-armv6
Changes since 1.15.4.2: +16 -7
lines
Diff to previous 1.15.4.2 (colored) to branchpoint 1.15 (colored) next main 1.16 (colored)
sync with HEAD
Revision 1.19 / (download) - annotate - [select for diffs], Thu Mar 6 00:34:11 2008 UTC (4 years, 2 months ago) by mgrooms
Branch: MAIN
CVS Tags: yamt-pf42-baseX,
yamt-pf42-base4,
yamt-pf42-base3,
yamt-pf42-base2,
yamt-pf42-base,
yamt-pf42,
wrstuden-revivesa-base-3,
wrstuden-revivesa-base-2,
wrstuden-revivesa-base-1,
wrstuden-revivesa-base,
wrstuden-revivesa,
matt-armv6-nbase,
keiichi-mipv6-base,
hpcarm-cleanup-nbase
Changes since 1.18: +8 -5
lines
Diff to previous 1.18 (colored)
Refactor admin socket event protocol to be less error prone. Backwards compatibility is provided. Submitted by Timo Teras.
Revision 1.9.6.7 / (download) - annotate - [select for diffs], Fri Jan 11 14:12:00 2008 UTC (4 years, 4 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7_1
Changes since 1.9.6.6: +9 -3
lines
Diff to previous 1.9.6.6 (colored) to branchpoint 1.9 (colored)
added an 'established' arg to getph1byaddr()
Revision 1.18 / (download) - annotate - [select for diffs], Fri Jan 11 14:06:56 2008 UTC (4 years, 4 months ago) by vanhu
Branch: MAIN
CVS Tags: hpcarm-cleanup-base
Branch point for: keiichi-mipv6
Changes since 1.17: +9 -3
lines
Diff to previous 1.17 (colored)
added an 'established' arg to getph1byaddr()
Revision 1.15.4.2 / (download) - annotate - [select for diffs], Wed Jan 9 01:22:34 2008 UTC (4 years, 4 months ago) by matt
Branch: matt-armv6
Changes since 1.15.4.1: +15 -5
lines
Diff to previous 1.15.4.1 (colored) to branchpoint 1.15 (colored)
sync with HEAD
Revision 1.17 / (download) - annotate - [select for diffs], Wed Dec 12 04:45:59 2007 UTC (4 years, 5 months ago) by mgrooms
Branch: MAIN
CVS Tags: matt-armv6-base
Changes since 1.16: +15 -5
lines
Diff to previous 1.16 (colored)
Add support for nat-t oa payload handling. Submitted by Timo Teras.
Revision 1.15.4.1 / (download) - annotate - [select for diffs], Tue Nov 6 23:07:33 2007 UTC (4 years, 6 months ago) by matt
Branch: matt-armv6
CVS Tags: matt-armv6-prevmlocking
Changes since 1.15: +2 -2
lines
Diff to previous 1.15 (colored)
sync with HEAD
Revision 1.16 / (download) - annotate - [select for diffs], Wed Sep 12 23:39:50 2007 UTC (4 years, 8 months ago) by mgrooms
Branch: MAIN
CVS Tags: cube-autoconf-base,
cube-autoconf
Changes since 1.15: +2 -2
lines
Diff to previous 1.15 (colored)
Implement clientaddr sainfo remote id option and refine the sainfo man page syntax.
Revision 1.9.2.1.2.1 / (download) - annotate - [select for diffs], Mon Sep 3 06:51:11 2007 UTC (4 years, 8 months ago) by wrstuden
Branch: wrstuden-fixsa
Changes since 1.9.2.1: +50 -7
lines
Diff to previous 1.9.2.1 (colored)
Sync w/ NetBSD-4-RC_1
Revision 1.9.2.2 / (download) - annotate - [select for diffs], Tue Aug 28 11:14:44 2007 UTC (4 years, 8 months ago) by liamjfoy
Branch: netbsd-4
CVS Tags: wrstuden-fixsa-base-1,
netbsd-4-0-RELEASE,
netbsd-4-0-RC5,
netbsd-4-0-RC4,
netbsd-4-0-RC3,
netbsd-4-0-RC2,
netbsd-4-0-RC1
Branch point for: netbsd-4-0
Changes since 1.9.2.1: +50 -7
lines
Diff to previous 1.9.2.1 (colored) to branchpoint 1.9 (colored)
Pull up following revision(s) (requested by manu in ticket #830): Import ipsec-tools 0.7
Revision 1.9.6.6 / (download) - annotate - [select for diffs], Wed Jun 6 09:20:12 2007 UTC (4 years, 11 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7-rc1,
ipsec-tools-0_7-RC1,
ipsec-tools-0_7
Changes since 1.9.6.5: +17 -1
lines
Diff to previous 1.9.6.5 (colored) to branchpoint 1.9 (colored)
ignore obsolete lifebyte when validating reloaded configuration
Revision 1.15 / (download) - annotate - [select for diffs], Wed Jun 6 09:18:16 2007 UTC (4 years, 11 months ago) by vanhu
Branch: MAIN
CVS Tags: matt-mips64-base,
matt-mips64,
hpcarm-cleanup
Branch point for: matt-armv6
Changes since 1.14: +17 -1
lines
Diff to previous 1.14 (colored)
ignore obsolete lifebyte when validating reloaded configuration
Revision 1.9.2.1 / (download) - annotate - [select for diffs], Sun May 13 10:14:04 2007 UTC (5 years ago) by jdc
Branch: netbsd-4
Branch point for: wrstuden-fixsa
Changes since 1.9: +18 -6
lines
Diff to previous 1.9 (colored)
Upgrade ipsec-tools to 0.7-beta3 (Requested by manu in ticket #634).
Revision 1.9.6.5 / (download) - annotate - [select for diffs], Fri May 4 14:34:00 2007 UTC (5 years ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.9.6.4: +13 -5
lines
Diff to previous 1.9.6.4 (colored) to branchpoint 1.9 (colored)
search a ph1 by address if iph2->ph1 is NULL when validating the new config
Revision 1.14 / (download) - annotate - [select for diffs], Fri May 4 14:33:38 2007 UTC (5 years ago) by vanhu
Branch: MAIN
Changes since 1.13: +13 -5
lines
Diff to previous 1.13 (colored)
search a ph1 by address if iph2->ph1 is NULL when validating the new config
Revision 1.9.6.4 / (download) - annotate - [select for diffs], Fri May 4 09:12:32 2007 UTC (5 years ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.9.6.3: +22 -3
lines
Diff to previous 1.9.6.3 (colored) to branchpoint 1.9 (colored)
added some debug in getph1byaddr() to track some port matching problems with NAT-T
Revision 1.13 / (download) - annotate - [select for diffs], Fri May 4 09:09:54 2007 UTC (5 years ago) by vanhu
Branch: MAIN
Changes since 1.12: +22 -3
lines
Diff to previous 1.12 (colored)
added some debug in getph1byaddr() to track some port matching problems with NAT-T
Revision 1.9.6.3 / (download) - annotate - [select for diffs], Fri Mar 23 15:36:58 2007 UTC (5 years, 2 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7-beta3
Changes since 1.9.6.2: +16 -3
lines
Diff to previous 1.9.6.2 (colored) to branchpoint 1.9 (colored)
expire zombie handlers in getph2byid(), to avoid situations where we'll never negociate a phase2 again
Revision 1.12 / (download) - annotate - [select for diffs], Fri Mar 23 15:34:31 2007 UTC (5 years, 2 months ago) by vanhu
Branch: MAIN
Changes since 1.11: +16 -3
lines
Diff to previous 1.11 (colored)
expire zombie handlers in getph2byid(), to avoid situations where we'll never negociate a phase2 again
Revision 1.9.6.2 / (download) - annotate - [select for diffs], Wed Mar 21 14:30:08 2007 UTC (5 years, 2 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.9.6.1: +2 -3
lines
Diff to previous 1.9.6.1 (colored) to branchpoint 1.9 (colored)
NULL sched check is now done in SCHED_KILL
Revision 1.11 / (download) - annotate - [select for diffs], Wed Mar 21 14:29:22 2007 UTC (5 years, 2 months ago) by vanhu
Branch: MAIN
Changes since 1.10: +2 -3
lines
Diff to previous 1.10 (colored)
NULL sched check is now done in SCHED_KILL
Revision 1.10 / (download) - annotate - [select for diffs], Tue Feb 20 09:11:14 2007 UTC (5 years, 3 months ago) by vanhu
Branch: MAIN
Changes since 1.9: +2 -2
lines
Diff to previous 1.9 (colored)
updated delete_spd() calls
Revision 1.9.6.1 / (download) - annotate - [select for diffs], Tue Feb 20 09:08:49 2007 UTC (5 years, 3 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7-beta2
Changes since 1.9: +2 -2
lines
Diff to previous 1.9 (colored)
updated delete_spd() calls
Revision 1.9 / (download) - annotate - [select for diffs], Tue Oct 3 08:02:51 2006 UTC (5 years, 7 months ago) by vanhu
Branch: MAIN
CVS Tags: netbsd-4-base,
ipsec-tools-0_7-beta1,
ipsec-tools-0_7-base
Branch point for: netbsd-4,
ipsec-tools-0_7-branch
Changes since 1.8: +3 -2
lines
Diff to previous 1.8 (colored)
Uses remoteid/ph1id values
Revision 1.8 / (download) - annotate - [select for diffs], Sat Sep 9 16:22:09 2006 UTC (5 years, 8 months ago) by manu
Branch: MAIN
Changes since 1.7: +503 -9
lines
Diff to previous 1.7 (colored)
Migration of ipsec-tools to NetBSD CVS part 2: resolving the import conflicts. Since we previously had a release branch and we import here the HEAD of CVS, let's assume all local changes are to be dumped. Local patches should have been propagated upstream, anyway.
Revision 1.1.1.4 / (download) - annotate - [select for diffs] (vendor branch), Sat Sep 9 16:11:49 2006 UTC (5 years, 8 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-base
Changes since 1.1.1.3: +503 -9
lines
Diff to previous 1.1.1.3 (colored)
Migrate ipsec-tools CVS to cvs.netbsd.org
Revision 1.1.1.2.2.5 / (download) - annotate - [select for diffs], Mon Nov 21 21:12:30 2005 UTC (6 years, 6 months ago) by tron
Branch: netbsd-3
CVS Tags: netbsd-3-1-RELEASE,
netbsd-3-1-RC4,
netbsd-3-1-RC3,
netbsd-3-1-RC2,
netbsd-3-1-RC1,
netbsd-3-1-1-RELEASE,
netbsd-3-1,
netbsd-3-0-RELEASE,
netbsd-3-0-RC6,
netbsd-3-0-RC5,
netbsd-3-0-RC4,
netbsd-3-0-RC3,
netbsd-3-0-RC2,
netbsd-3-0-3-RELEASE,
netbsd-3-0-2-RELEASE,
netbsd-3-0-1-RELEASE,
netbsd-3-0
Changes since 1.1.1.2.2.4: +1 -1
lines
Diff to previous 1.1.1.2.2.4 (colored) to branchpoint 1.1.1.2 (colored) next main 1.1.1.3 (colored)
Apply patch (requested by manu in ticket #981): Update ipsec-tools to version 0.6.3.
Revision 1.7 / (download) - annotate - [select for diffs], Mon Nov 21 14:20:29 2005 UTC (6 years, 6 months ago) by manu
Branch: MAIN
CVS Tags: abandoned-netbsd-4-base,
abandoned-netbsd-4
Changes since 1.6: +0 -0
lines
Diff to previous 1.6 (colored)
Merge ipsec-tools 0.6.3 import
Revision 1.1.1.2.2.4 / (download) - annotate - [select for diffs], Sat Sep 3 07:03:49 2005 UTC (6 years, 8 months ago) by snj
Branch: netbsd-3
CVS Tags: netbsd-3-0-RC1
Changes since 1.1.1.2.2.3: +24 -19
lines
Diff to previous 1.1.1.2.2.3 (colored) to branchpoint 1.1.1.2 (colored)
Apply patch (requested by tron in ticket #741): Update ipsec-tools to version 0.6.1.
Revision 1.6 / (download) - annotate - [select for diffs], Sat Aug 20 00:57:06 2005 UTC (6 years, 9 months ago) by manu
Branch: MAIN
Changes since 1.5: +1 -1
lines
Diff to previous 1.5 (colored)
Update to ipsec-tools 0.6.1
Revision 1.5 / (download) - annotate - [select for diffs], Sun Aug 7 09:38:45 2005 UTC (6 years, 9 months ago) by manu
Branch: MAIN
Changes since 1.4: +24 -19
lines
Diff to previous 1.4 (colored)
Resolve conflicts caused by recent ipsec-tools-0.6.1rc1 import by prefering the newer software. Some useful local change might have been overwritten, we'll take care of this soon.
Revision 1.1.1.3 / (download) - annotate - [select for diffs] (vendor branch), Sun Aug 7 08:46:39 2005 UTC (6 years, 9 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-0_6_3,
ipsec-tools-0_6_2,
ipsec-tools-0_6_1-rc1,
ipsec-tools-0_6_1
Changes since 1.1.1.2: +62 -2
lines
Diff to previous 1.1.1.2 (colored)
Update ipsec-tools to 0.6.1rc1 Most of the changes since 0.6b4 have already been committed to the NetBSD tree. This upgrade fixes some IPcomp and NAT-T related problems that were left unadressed in the NetBSD tree.
Revision 1.1.1.2.2.3 / (download) - annotate - [select for diffs], Sat May 28 13:04:30 2005 UTC (6 years, 11 months ago) by tron
Branch: netbsd-3
Changes since 1.1.1.2.2.2: +5 -0
lines
Diff to previous 1.1.1.2.2.2 (colored) to branchpoint 1.1.1.2 (colored)
Pull up revision 1.4 (requested by manu in ticket #337): When altering the lifetime, don't modify to configured proposal, duplicate it instead.
Revision 1.4 / (download) - annotate - [select for diffs], Fri May 20 00:54:55 2005 UTC (7 years ago) by manu
Branch: MAIN
Changes since 1.3: +6 -1
lines
Diff to previous 1.3 (colored)
When altering the lifetime, don't modify to configured proposal, duplicate it instead.
Revision 1.1.1.2.2.2 / (download) - annotate - [select for diffs], Wed May 11 12:16:57 2005 UTC (7 years ago) by tron
Branch: netbsd-3
Changes since 1.1.1.2.2.1: +34 -1
lines
Diff to previous 1.1.1.2.2.1 (colored) to branchpoint 1.1.1.2 (colored)
Pull up revision 1.3 (requested by manu in ticket #277): More NAT-T fixes for the situation where racoon acts as a VPN client Flush SA and generated SP on DPD timeout and deletion payloads
Revision 1.1.1.2.2.1 / (download) - annotate - [select for diffs], Tue May 10 16:07:02 2005 UTC (7 years ago) by tron
Branch: netbsd-3
Changes since 1.1.1.2: +17 -0
lines
Diff to previous 1.1.1.2 (colored)
Pull up revision 1.2 (requested by manu in ticket #274): on phase 2 acquire, lookup phase 2 by (src, dst, policy id) so that multiple SA can be used in transport mode While I'm there, patch ipsec-tools ChangeLog to reflect the changes we took from ipsec-tools-0_6-branch
Revision 1.3 / (download) - annotate - [select for diffs], Sun May 8 08:57:26 2005 UTC (7 years ago) by manu
Branch: MAIN
Changes since 1.2: +35 -2
lines
Diff to previous 1.2 (colored)
More NAT-T fixes for the situation where racoon acts as a VPN client Flush SA and generated SP on DPD timeout and deletion payloads
Revision 1.2 / (download) - annotate - [select for diffs], Tue May 3 21:08:47 2005 UTC (7 years ago) by manu
Branch: MAIN
Changes since 1.1: +20 -1
lines
Diff to previous 1.1 (colored)
on phase 2 acquire, lookup phase 2 by (src, dst, policy id) so that multiple SA can be used in transport mode While I'm there, patch ipsec-tools ChangeLog to reflect the changes we took from ipsec-tools-0_6-branch
Revision 1.1.1.2 / (download) - annotate - [select for diffs] (vendor branch), Wed Feb 23 14:54:15 2005 UTC (7 years, 3 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: netbsd-3-base,
ipsec-tools-0_6-20050317,
ipsec-tools-0_6-20050314,
ipsec-tools-0_6-20050224,
ipsec-tools-0_6-20050223
Branch point for: netbsd-3
Changes since 1.1.1.1: +3 -1
lines
Diff to previous 1.1.1.1 (colored)
Import ipsec-tools 0.6 branch as of 2005/02/23. News from last imported version
according to ipsec-tools' ChangeLog:
2005-02-23 Emmanuel Dreyfus <manu@netbsd.org>
* configure.ac, src/racoon/{Makefile.am|crypto_openssl.c}: optionnal
support for patented algorithms: IDEA and RC5.
* src/racoon/{isakmp_xauth.c|main.c}: don't initialize RADIUS if it
is not required in the configuration
* src/racoon/isakmp.c: do not reject addresses for which kernel
refused UDP encapsulation, they can still be used for non NAT-T
traffic (eg: NAT-T enabled racoon on non NAT-T enabled kernel)
2005-02-18 Emmanuel Dreyfus <manu@netbsd.org>
* src/racoon/{main.c|eaytest.c|plairsa-gen.c}
src/setkey/setkey.c: don't use fuzzy paths for package_version.h
2005-02-18 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/isakmp_inf.c: Purge generated SPDs when getting a
related DELETE_SA
* src/racoon/pfkey.c: do NOT unbindph12() when SA acquire
2005-02-17 Emmanuel Dreyfus <manu@netbsd.org>
From Fred Senault <fred.letter@lacave.net>
* src/racoon/remoteconf.c: Fix a bug in script init
2005-02-17 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/ipsec_doi.c: Workaround for phase1 lifetime checks
2005-02-15 Michal Ludvig <michal@logix.cz>
* configure.ac: Changed --enable-natt_NN to --enable-natt-versions=NN,NN
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sat Feb 12 11:12:00 2005 UTC (7 years, 3 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-0_6-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
Import ipsec-tools (tag ipsec-tools-0_6-base in ipsec-tools CVS) ipsec-tools is a fork from KAME racoon/libipsec/setkey, with many enhancements.
Revision 1.1 / (download) - annotate - [select for diffs], Sat Feb 12 11:12:00 2005 UTC (7 years, 3 months ago) by manu
Branch: MAIN
Initial revision