![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.netbsd.org] / src / crypto / dist / ipsec-tools / src / racoon
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.47 / (download) - annotate - [select for diffs], Tue Mar 15 13:20:14 2011 UTC (14 months, 1 week ago) by vanhu
Branch: MAIN
CVS Tags: yamt-pagecache-base5,
yamt-pagecache-base4,
yamt-pagecache-base3,
yamt-pagecache-base2,
yamt-pagecache-base,
yamt-pagecache,
netbsd-6-base,
netbsd-6,
ipsec-tools-0_8_0,
ipsec-tools-0_8-branch,
cherry-xenmp-base,
cherry-xenmp,
HEAD
Changes since 1.46: +2 -2
lines
Diff to previous 1.46 (colored)
directly call isakmp_ph1delete() instead of scheduling isakmp_ph1delete_stub(), as it is useless an can lead to memory access after free
Revision 1.46 / (download) - annotate - [select for diffs], Mon Mar 14 17:18:13 2011 UTC (14 months, 1 week ago) by tteras
Branch: MAIN
Changes since 1.45: +6 -6
lines
Diff to previous 1.45 (colored)
Explicitly compare return value of cmpsaddr() against a return value define to make it more obvious what is the intended action. One more return value is also added, to fix comparison of security policy descriptors. Namely, getsp() should not allow wildcard matching (as the comment says, it does exact matching) - otherwise we get problems when kernel has generic policy with no ports, and a second similar policy with ports.
Revision 1.44.2.1 / (download) - annotate - [select for diffs], Tue Feb 8 16:18:30 2011 UTC (15 months, 2 weeks ago) by bouyer
Branch: bouyer-quota2
Changes since 1.44: +10 -1
lines
Diff to previous 1.44 (colored) next main 1.45 (colored)
Sync with HEAD
Revision 1.14.4.18 / (download) - annotate - [select for diffs], Sat Jan 22 07:44:39 2011 UTC (16 months ago) by tteras
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.17: +10 -1
lines
Diff to previous 1.14.4.17 (colored) to branchpoint 1.14 (colored) next main 1.15 (colored)
From Roman Hoog Antink <rha@open.ch>: Fixes a null pointer dereference that might occur after removing peers from the config and then reloading.
Revision 1.45 / (download) - annotate - [select for diffs], Sat Jan 22 07:38:51 2011 UTC (16 months ago) by tteras
Branch: MAIN
CVS Tags: bouyer-quota2-nbase,
bouyer-quota2-base
Changes since 1.44: +10 -1
lines
Diff to previous 1.44 (colored)
From Roman Hoog Antink <rha@open.ch>: Fixes a null pointer dereference that might occur after removing peers from the config and then reloading.
Revision 1.44 / (download) - annotate - [select for diffs], Wed Nov 17 10:40:41 2010 UTC (18 months, 1 week ago) by tteras
Branch: MAIN
CVS Tags: matt-mips64-premerge-20101231
Branch point for: bouyer-quota2
Changes since 1.43: +6 -4
lines
Diff to previous 1.43 (colored)
Fix my previous patch to not call purge_remote() twice. Change the place where purge_remote() is called. This fixes also a possible crash from the same patch since ph1->remote can be NULL (when we are responder and config is not yet selected).
Revision 1.43 / (download) - annotate - [select for diffs], Fri Nov 12 09:09:47 2010 UTC (18 months, 1 week ago) by tteras
Branch: MAIN
Changes since 1.42: +11 -16
lines
Diff to previous 1.42 (colored)
Improve DPD sequence checks to allow any reply within valid sequence window to be proof of livelyness. This can improves things if there's random packet delays, or if racoon is not getting enough CPU time.
Revision 1.42 / (download) - annotate - [select for diffs], Tue Jun 22 09:41:33 2010 UTC (23 months ago) by vanhu
Branch: MAIN
Changes since 1.41: +2 -1
lines
Diff to previous 1.41 (colored)
added a specific script hook when a dead peer is detected
Revision 1.41 / (download) - annotate - [select for diffs], Fri Jul 3 06:41:46 2009 UTC (2 years, 10 months ago) by tteras
Branch: MAIN
CVS Tags: matt-premerge-20091211
Changes since 1.40: +22 -91
lines
Diff to previous 1.40 (colored)
Get rid of the evil CMPSADDR macro. Trac #295.
Revision 1.40 / (download) - annotate - [select for diffs], Fri Jul 3 06:40:10 2009 UTC (2 years, 10 months ago) by tteras
Branch: MAIN
Changes since 1.39: +20 -19
lines
Diff to previous 1.39 (colored)
From Yvan Vanhullebus: Use SADB_X_EXT_NAT_T_* consistently for passing the NAT-T port information. This might break compatibility with some kernels, but as discussed this is the proper way to pass NAT-T ports and the broken kernels need to be fixed.
Revision 1.14.4.17 / (download) - annotate - [select for diffs], Mon May 18 17:07:46 2009 UTC (3 years ago) by tteras
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7_3
Changes since 1.14.4.16: +2 -6
lines
Diff to previous 1.14.4.16 (colored) to branchpoint 1.14 (colored)
From Tomas Mraz: Remove variable that is not really used; only referenced while uninitialized causing valgrind error.
Revision 1.39 / (download) - annotate - [select for diffs], Mon May 18 17:07:15 2009 UTC (3 years ago) by tteras
Branch: MAIN
Changes since 1.38: +2 -6
lines
Diff to previous 1.38 (colored)
From Tomas Mraz: Remove variable that is not really used; only referenced while uninitialized causing valgrind error.
Revision 1.36.2.1 / (download) - annotate - [select for diffs], Wed May 13 19:15:54 2009 UTC (3 years ago) by jym
Branch: jym-xensuspend
Changes since 1.36: +6 -18
lines
Diff to previous 1.36 (colored) next main 1.37 (colored)
Sync with HEAD. Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
Revision 1.14.4.16 / (download) - annotate - [select for diffs], Mon Apr 20 13:35:36 2009 UTC (3 years, 1 month ago) by tteras
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7_2
Changes since 1.14.4.15: +6 -7
lines
Diff to previous 1.14.4.15 (colored) to branchpoint 1.14 (colored)
Orignally from Bin Li: Fix possible memory corruption in binsanitize().
Revision 1.38 / (download) - annotate - [select for diffs], Mon Apr 20 13:23:54 2009 UTC (3 years, 1 month ago) by tteras
Branch: MAIN
CVS Tags: jym-xensuspend-nbase,
jym-xensuspend-base
Changes since 1.37: +5 -7
lines
Diff to previous 1.37 (colored)
Orignally from Bin Li: Fix possible memory corruption in binsanitize().
Revision 1.37 / (download) - annotate - [select for diffs], Thu Mar 12 10:57:26 2009 UTC (3 years, 2 months ago) by tteras
Branch: MAIN
Changes since 1.36: +2 -12
lines
Diff to previous 1.36 (colored)
Support multiple anonymous remotes and decide remoteconf based on identity, received certificates and other information. General code clean up.
Revision 1.34.4.1 / (download) - annotate - [select for diffs], Sun Feb 8 18:42:17 2009 UTC (3 years, 3 months ago) by snj
Branch: netbsd-5
CVS Tags: netbsd-5-1-RELEASE,
netbsd-5-1-RC4,
netbsd-5-1-RC3,
netbsd-5-1-RC2,
netbsd-5-1-RC1,
netbsd-5-1-2-RELEASE,
netbsd-5-1-1-RELEASE,
netbsd-5-1,
netbsd-5-0-RELEASE,
netbsd-5-0-RC4,
netbsd-5-0-RC3,
netbsd-5-0-RC2,
netbsd-5-0-2-RELEASE,
netbsd-5-0-1-RELEASE,
netbsd-5-0,
matt-nb5-pq3-base,
matt-nb5-pq3,
matt-nb5-mips64-u2-k2-k4-k7-k8-k9,
matt-nb5-mips64-u1-k1-k5,
matt-nb5-mips64-premerge-20101231,
matt-nb5-mips64-premerge-20091211,
matt-nb5-mips64-k15,
matt-nb5-mips64,
matt-nb4-mips64-k7-u2a-k9b
Changes since 1.34: +153 -126
lines
Diff to previous 1.34 (colored) next main 1.35 (colored)
Apply patch (requested by manu/spz in #378): Downgrade ipsec-tools to 0.7.1nb1.
Revision 1.36 / (download) - annotate - [select for diffs], Fri Jan 23 08:25:06 2009 UTC (3 years, 4 months ago) by tteras
Branch: MAIN
Branch point for: jym-xensuspend
Changes since 1.35: +1 -5
lines
Diff to previous 1.35 (colored)
Detect if monotonic system clock is available, and use it for relative time measurements to avoid complite hang if time jumps backwards.
Revision 1.35 / (download) - annotate - [select for diffs], Tue Dec 23 14:03:12 2008 UTC (3 years, 5 months ago) by tteras
Branch: MAIN
Changes since 1.34: +3 -3
lines
Diff to previous 1.34 (colored)
rewrite local address detection make some functions static that arr not needed globally rework how fd_set is construction for the main loop select()
Revision 1.27.2.3 / (download) - annotate - [select for diffs], Wed Sep 24 16:30:24 2008 UTC (3 years, 8 months ago) by wrstuden
Branch: wrstuden-revivesa
Changes since 1.27.2.2: +15 -1
lines
Diff to previous 1.27.2.2 (colored) to branchpoint 1.27 (colored) next main 1.28 (colored)
Merge in changes between wrstuden-revivesa-base-2 and wrstuden-revivesa-base-3.
Revision 1.34 / (download) - annotate - [select for diffs], Fri Sep 19 11:14:49 2008 UTC (3 years, 8 months ago) by tteras
Branch: MAIN
CVS Tags: netbsd-5-base,
netbsd-5-0-RC1,
matt-mips64-base2
Branch point for: netbsd-5
Changes since 1.33: +6 -9
lines
Diff to previous 1.33 (colored)
Implement ISAKMP SA rekeying configurable with rekey {on|off|force} option
in remote conf.
Revision 1.33 / (download) - annotate - [select for diffs], Fri Sep 19 11:01:08 2008 UTC (3 years, 8 months ago) by tteras
Branch: MAIN
Changes since 1.32: +12 -16
lines
Diff to previous 1.32 (colored)
Change struct sched to be allocated be the caller to avoid some memory allocations. Optimize scheduling algorithm to not scan all entries in the main loop.
Revision 1.27.2.2 / (download) - annotate - [select for diffs], Thu Sep 18 04:54:19 2008 UTC (3 years, 8 months ago) by wrstuden
Branch: wrstuden-revivesa
Changes since 1.27.2.1: +93 -130
lines
Diff to previous 1.27.2.1 (colored) to branchpoint 1.27 (colored)
Sync with wrstuden-revivesa-base-2.
Revision 1.14.4.15 / (download) - annotate - [select for diffs], Wed Sep 17 12:49:50 2008 UTC (3 years, 8 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.14: +15 -1
lines
Diff to previous 1.14.4.14 (colored) to branchpoint 1.14 (colored)
Fixed port match in purge_ipsec_spi() when NAT-T enabled and trying to purge non NAT-T SAs
Revision 1.32 / (download) - annotate - [select for diffs], Wed Sep 17 12:39:07 2008 UTC (3 years, 8 months ago) by vanhu
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-3
Changes since 1.31: +15 -1
lines
Diff to previous 1.31 (colored)
Fixed port match in purge_ipsec_spi() when NAT-T enabled and trying to purge non NAT-T SAs
Revision 1.13.2.1.2.2 / (download) - annotate - [select for diffs], Thu Sep 4 08:46:10 2008 UTC (3 years, 8 months ago) by skrll
Branch: wrstuden-fixsa
Changes since 1.13.2.1.2.1: +35 -31
lines
Diff to previous 1.13.2.1.2.1 (colored) next main 1.13.2.2 (colored)
Sync with netbsd-4.
Revision 1.13.2.2.2.1 / (download) - annotate - [select for diffs], Mon Aug 18 20:33:33 2008 UTC (3 years, 9 months ago) by jdc
Branch: netbsd-4-0
CVS Tags: netbsd-4-0-1-RELEASE
Changes since 1.13.2.2: +35 -31
lines
Diff to previous 1.13.2.2 (colored) next main 1.13.2.3 (colored)
Upgrade ipsec-tools to release 0.7.1 (requested by manu in ticket #1183).
Revision 1.13.2.3 / (download) - annotate - [select for diffs], Mon Aug 18 20:31:30 2008 UTC (3 years, 9 months ago) by jdc
Branch: netbsd-4
CVS Tags: wrstuden-fixsa-newbase,
wrstuden-fixsa-base
Changes since 1.13.2.2: +35 -31
lines
Diff to previous 1.13.2.2 (colored) to branchpoint 1.13 (colored) next main 1.14 (colored)
Upgrade ipsec-tools to release 0.7.1 (requested by manu in ticket #1183).
Revision 1.31 / (download) - annotate - [select for diffs], Mon Jul 14 05:40:13 2008 UTC (3 years, 10 months ago) by tteras
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-2
Changes since 1.30: +89 -121
lines
Diff to previous 1.30 (colored)
Clean up notification payload handling. Handle INITIAL-CONTACT notification in last main mode exchange (delayed) and during quick mode exchanges.
Revision 1.14.4.14 / (download) - annotate - [select for diffs], Fri Jul 11 08:08:42 2008 UTC (3 years, 10 months ago) by tteras
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7_1
Changes since 1.14.4.13: +3 -8
lines
Diff to previous 1.14.4.13 (colored) to branchpoint 1.14 (colored)
Original patch from Atis Elsts: Fix a double memory free and a memory corruption (LIST_REMOVE() on an uninserted node) in some error handling paths.
Revision 1.30 / (download) - annotate - [select for diffs], Fri Jul 11 08:02:06 2008 UTC (3 years, 10 months ago) by tteras
Branch: MAIN
Changes since 1.29: +3 -8
lines
Diff to previous 1.29 (colored)
Original patch from Atis Elsts: Fix a double memory free and a memory corruption (LIST_REMOVE() on an uninserted node) in some error handling paths.
Revision 1.14.4.13 / (download) - annotate - [select for diffs], Wed Jul 2 14:47:53 2008 UTC (3 years, 10 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.12: +3 -3
lines
Diff to previous 1.14.4.12 (colored) to branchpoint 1.14 (colored)
From Timo Teras: fixed some %d to %zu (size_t values).
Revision 1.29 / (download) - annotate - [select for diffs], Wed Jul 2 14:46:27 2008 UTC (3 years, 10 months ago) by vanhu
Branch: MAIN
Changes since 1.28: +3 -3
lines
Diff to previous 1.28 (colored)
From Timo Teras: fix some %d to %zu (size_t values)
Revision 1.27.2.1 / (download) - annotate - [select for diffs], Mon Jun 23 04:26:46 2008 UTC (3 years, 11 months ago) by wrstuden
Branch: wrstuden-revivesa
Changes since 1.27: +5 -17
lines
Diff to previous 1.27 (colored)
Sync w/ -current. 34 merge conflicts to follow.
Revision 1.14.4.12 / (download) - annotate - [select for diffs], Wed Jun 18 07:30:19 2008 UTC (3 years, 11 months ago) by mgrooms
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.11: +5 -17
lines
Diff to previous 1.14.4.11 (colored) to branchpoint 1.14 (colored)
Use utility functions to evaluate and manipulate network port values. No functional changes. Submitted by Timo Teras.
Revision 1.28 / (download) - annotate - [select for diffs], Wed Jun 18 06:47:25 2008 UTC (3 years, 11 months ago) by mgrooms
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-1,
wrstuden-revivesa-base
Changes since 1.27: +5 -17
lines
Diff to previous 1.27 (colored)
Use utility functions to evaluate and manipulate network port values. No functional changes. Submitted by Timo Teras.
Revision 1.26.2.1 / (download) - annotate - [select for diffs], Sun May 18 12:28:48 2008 UTC (4 years ago) by yamt
Branch: yamt-pf42
Changes since 1.26: +19 -3
lines
Diff to previous 1.26 (colored) next main 1.27 (colored)
sync with head.
Revision 1.14.4.11 / (download) - annotate - [select for diffs], Fri Apr 25 14:42:06 2008 UTC (4 years, 1 month ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.10: +19 -3
lines
Diff to previous 1.14.4.10 (colored) to branchpoint 1.14 (colored)
From Timo Teras: extract port numbers from SADB_X_EXT_NAT_T[SD]PORT if present in purge_ipsec_spi().
Revision 1.27 / (download) - annotate - [select for diffs], Fri Apr 25 14:41:18 2008 UTC (4 years, 1 month ago) by vanhu
Branch: MAIN
CVS Tags: yamt-pf42-base4,
yamt-pf42-base3,
yamt-pf42-base2,
hpcarm-cleanup-nbase
Branch point for: wrstuden-revivesa
Changes since 1.26: +19 -3
lines
Diff to previous 1.26 (colored)
From Timo Teras: extract port numbers from SADB_X_EXT_NAT_T[SD]PORT if present in purge_ipsec_spi().
Revision 1.26 / (download) - annotate - [select for diffs], Fri Mar 28 04:18:52 2008 UTC (4 years, 1 month ago) by manu
Branch: MAIN
CVS Tags: yamt-pf42-baseX,
yamt-pf42-base
Branch point for: yamt-pf42
Changes since 1.25: +5 -3
lines
Diff to previous 1.25 (colored)
From Cyrus Rahman: Allow interface reconfiguration when running in privilege separation mode, document privilege separation
Revision 1.24.2.1 / (download) - annotate - [select for diffs], Mon Mar 24 07:14:30 2008 UTC (4 years, 2 months ago) by keiichi
Branch: keiichi-mipv6
Changes since 1.24: +3 -6
lines
Diff to previous 1.24 (colored) next main 1.25 (colored)
sync with head.
Revision 1.22.4.1 / (download) - annotate - [select for diffs], Sun Mar 23 00:13:34 2008 UTC (4 years, 2 months ago) by matt
Branch: matt-armv6
Changes since 1.22: +13 -11
lines
Diff to previous 1.22 (colored) next main 1.23 (colored)
sync with HEAD
Revision 1.25 / (download) - annotate - [select for diffs], Thu Mar 6 00:34:11 2008 UTC (4 years, 2 months ago) by mgrooms
Branch: MAIN
CVS Tags: matt-armv6-nbase,
keiichi-mipv6-base
Changes since 1.24: +3 -6
lines
Diff to previous 1.24 (colored)
Refactor admin socket event protocol to be less error prone. Backwards compatibility is provided. Submitted by Timo Teras.
Revision 1.14.4.10 / (download) - annotate - [select for diffs], Fri Jan 11 14:28:23 2008 UTC (4 years, 4 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.9: +3 -1
lines
Diff to previous 1.14.4.9 (colored) to branchpoint 1.14 (colored)
From Timo Teras: reset iph1->dpd_r_u in the scheduler's callback, to avoid access to freed memory.
Revision 1.24 / (download) - annotate - [select for diffs], Fri Jan 11 14:27:34 2008 UTC (4 years, 4 months ago) by vanhu
Branch: MAIN
CVS Tags: hpcarm-cleanup-base
Branch point for: keiichi-mipv6
Changes since 1.23: +3 -1
lines
Diff to previous 1.23 (colored)
From Timo Teras: reset iph1->dpd_r_u in the scheduler's callback, to avoid access to freed memory.
Revision 1.14.4.9 / (download) - annotate - [select for diffs], Fri Jan 11 14:12:23 2008 UTC (4 years, 4 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.8: +9 -6
lines
Diff to previous 1.14.4.8 (colored) to branchpoint 1.14 (colored)
From Krzysztof Oledzki: added some details to some logs (also reported new getph1byaddr() arg).
Revision 1.23 / (download) - annotate - [select for diffs], Fri Jan 11 14:08:29 2008 UTC (4 years, 4 months ago) by vanhu
Branch: MAIN
Changes since 1.22: +9 -6
lines
Diff to previous 1.22 (colored)
From Krzysztof Oledzki: added some details to some logs (also reported new getph1byaddr() arg).
Revision 1.13.2.1.2.1 / (download) - annotate - [select for diffs], Mon Sep 3 06:51:14 2007 UTC (4 years, 8 months ago) by wrstuden
Branch: wrstuden-fixsa
Changes since 1.13.2.1: +15 -7
lines
Diff to previous 1.13.2.1 (colored)
Sync w/ NetBSD-4-RC_1
Revision 1.13.2.2 / (download) - annotate - [select for diffs], Tue Aug 28 11:14:45 2007 UTC (4 years, 8 months ago) by liamjfoy
Branch: netbsd-4
CVS Tags: wrstuden-fixsa-base-1,
netbsd-4-0-RELEASE,
netbsd-4-0-RC5,
netbsd-4-0-RC4,
netbsd-4-0-RC3,
netbsd-4-0-RC2,
netbsd-4-0-RC1
Branch point for: netbsd-4-0
Changes since 1.13.2.1: +15 -7
lines
Diff to previous 1.13.2.1 (colored) to branchpoint 1.13 (colored)
Pull up following revision(s) (requested by manu in ticket #830): Import ipsec-tools 0.7
Revision 1.14.4.8 / (download) - annotate - [select for diffs], Wed Aug 1 11:52:20 2007 UTC (4 years, 9 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7
Changes since 1.14.4.7: +2 -6
lines
Diff to previous 1.14.4.7 (colored) to branchpoint 1.14 (colored)
use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues
Revision 1.22.8.2 / (download) - annotate - [select for diffs], Wed Jul 18 12:07:52 2007 UTC (4 years, 10 months ago) by vanhu
Branch: matt-mips64
Changes since 1.22.8.1: +1700 -0
lines
Diff to previous 1.22.8.1 (colored) to branchpoint 1.22 (colored) next main 1.23 (colored)
use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues
Revision 1.22.8.1, Wed Jul 18 12:07:51 2007 UTC (4 years, 10 months ago) by vanhu
Branch: matt-mips64
Changes since 1.22: +0 -1700
lines
FILE REMOVED
file isakmp_inf.c was added on branch matt-mips64 on 2007-07-18 12:07:52 +0000
Revision 1.22 / (download) - annotate - [select for diffs], Wed Jul 18 12:07:51 2007 UTC (4 years, 10 months ago) by vanhu
Branch: MAIN
CVS Tags: matt-mips64-base,
matt-armv6-prevmlocking,
matt-armv6-base,
hpcarm-cleanup,
cube-autoconf-base,
cube-autoconf
Branch point for: matt-mips64,
matt-armv6
Changes since 1.21: +2 -6
lines
Diff to previous 1.21 (colored)
use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues
Revision 1.13.2.1 / (download) - annotate - [select for diffs], Sun May 13 10:14:05 2007 UTC (5 years ago) by jdc
Branch: netbsd-4
Branch point for: wrstuden-fixsa
Changes since 1.13: +31 -31
lines
Diff to previous 1.13 (colored)
Upgrade ipsec-tools to 0.7-beta3 (Requested by manu in ticket #634).
Revision 1.14.4.7 / (download) - annotate - [select for diffs], Fri May 4 09:12:07 2007 UTC (5 years ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7-rc1,
ipsec-tools-0_7-RC1
Changes since 1.14.4.6: +14 -2
lines
Diff to previous 1.14.4.6 (colored) to branchpoint 1.14 (colored)
added some debug for DELETE_SA process
Revision 1.21 / (download) - annotate - [select for diffs], Fri May 4 09:09:35 2007 UTC (5 years ago) by vanhu
Branch: MAIN
Changes since 1.20: +14 -2
lines
Diff to previous 1.20 (colored)
added some debug for DELETE_SA process
Revision 1.1.1.3.2.7.4.1 / (download) - annotate - [select for diffs], Fri Apr 13 09:23:27 2007 UTC (5 years, 1 month ago) by ghen
Branch: netbsd-3-1
CVS Tags: netbsd-3-1-1-RELEASE
Changes since 1.1.1.3.2.7: +5 -5
lines
Diff to previous 1.1.1.3.2.7 (colored) next main 1.1.1.3.2.8 (colored)
Apply patch (requested by adrianp in ticket #1763): crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c Fix a denial of service vulnerability (CVE-2007-1841) which could allow an attacker to disrupt a connection between IPSec peers.
Revision 1.1.1.3.2.7.2.1 / (download) - annotate - [select for diffs], Fri Apr 13 09:23:22 2007 UTC (5 years, 1 month ago) by ghen
Branch: netbsd-3-0
CVS Tags: netbsd-3-0-3-RELEASE
Changes since 1.1.1.3.2.7: +5 -5
lines
Diff to previous 1.1.1.3.2.7 (colored) next main 1.1.1.3.2.8 (colored)
Apply patch (requested by adrianp in ticket #1763): crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c Fix a denial of service vulnerability (CVE-2007-1841) which could allow an attacker to disrupt a connection between IPSec peers.
Revision 1.1.1.3.2.8 / (download) - annotate - [select for diffs], Fri Apr 13 09:23:14 2007 UTC (5 years, 1 month ago) by ghen
Branch: netbsd-3
Changes since 1.1.1.3.2.7: +5 -5
lines
Diff to previous 1.1.1.3.2.7 (colored) to branchpoint 1.1.1.3 (colored) next main 1.1.1.4 (colored)
Apply patch (requested by adrianp in ticket #1763): crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c Fix a denial of service vulnerability (CVE-2007-1841) which could allow an attacker to disrupt a connection between IPSec peers.
Revision 1.14.4.6 / (download) - annotate - [select for diffs], Mon Mar 26 15:58:26 2007 UTC (5 years, 2 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7-beta3
Changes since 1.14.4.5: +5 -20
lines
Diff to previous 1.14.4.5 (colored) to branchpoint 1.14 (colored)
Store the DPD main scheduler in ph1 handler, to be able to cancel it when removing the handler, and some minor cleanups in DPD code
Revision 1.20 / (download) - annotate - [select for diffs], Mon Mar 26 15:58:07 2007 UTC (5 years, 2 months ago) by vanhu
Branch: MAIN
Changes since 1.19: +5 -20
lines
Diff to previous 1.19 (colored)
Store the DPD main scheduler in ph1 handler, to be able to cancel it when removing the handler, and some minor cleanups in DPD code
Revision 1.14.4.5 / (download) - annotate - [select for diffs], Wed Mar 21 14:30:08 2007 UTC (5 years, 2 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.4: +3 -5
lines
Diff to previous 1.14.4.4 (colored) to branchpoint 1.14 (colored)
NULL sched check is now done in SCHED_KILL
Revision 1.19 / (download) - annotate - [select for diffs], Wed Mar 21 14:29:22 2007 UTC (5 years, 2 months ago) by vanhu
Branch: MAIN
Changes since 1.18: +4 -7
lines
Diff to previous 1.18 (colored)
NULL sched check is now done in SCHED_KILL
Revision 1.18 / (download) - annotate - [select for diffs], Tue Feb 20 16:32:28 2007 UTC (5 years, 3 months ago) by vanhu
Branch: MAIN
Changes since 1.17: +1 -2
lines
Diff to previous 1.17 (colored)
Removed a debug printf....
Revision 1.14.4.4 / (download) - annotate - [select for diffs], Tue Feb 20 13:00:29 2007 UTC (5 years, 3 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7-beta2
Changes since 1.14.4.3: +1 -2
lines
Diff to previous 1.14.4.3 (colored) to branchpoint 1.14 (colored)
Removed a debug printf....
Revision 1.17 / (download) - annotate - [select for diffs], Tue Feb 20 09:11:03 2007 UTC (5 years, 3 months ago) by vanhu
Branch: MAIN
Changes since 1.16: +10 -3
lines
Diff to previous 1.16 (colored)
fills creation date of generated SPDs
Revision 1.14.4.3 / (download) - annotate - [select for diffs], Tue Feb 20 09:08:19 2007 UTC (5 years, 3 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.14.4.2: +10 -3
lines
Diff to previous 1.14.4.2 (colored) to branchpoint 1.14 (colored)
fills creation date of generated SPDs
Revision 1.14.4.2 / (download) - annotate - [select for diffs], Thu Feb 15 13:02:07 2007 UTC (5 years, 3 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
CVS Tags: ipsec-tools-0_7-beta1
Changes since 1.14.4.1: +6 -2
lines
Diff to previous 1.14.4.1 (colored) to branchpoint 1.14 (colored)
From "Uncle Pedro" on sf.net: Just expire a ph1 handle when receiving a DELETE-SA instead of calling purge_remote().
Revision 1.16 / (download) - annotate - [select for diffs], Thu Feb 15 13:01:26 2007 UTC (5 years, 3 months ago) by vanhu
Branch: MAIN
Changes since 1.15: +6 -2
lines
Diff to previous 1.15 (colored)
From "Uncle Pedro" on sf.net: Just expire a ph1 handle when receiving a DELETE-SA instead of calling purge_remote().
Revision 1.14.4.1 / (download) - annotate - [select for diffs], Thu Feb 1 08:51:33 2007 UTC (5 years, 3 months ago) by vanhu
Branch: ipsec-tools-0_7-branch
Changes since 1.14: +11 -5
lines
Diff to previous 1.14 (colored)
From "Uncle Pedro" on sf.net: When receiving an ISAKMP DELETE_SA, get the cookie of the SA to be deleted from payload instead of just deleting the ISAKMP SA used to protect the informational exchange.
Revision 1.15 / (download) - annotate - [select for diffs], Thu Feb 1 08:48:32 2007 UTC (5 years, 3 months ago) by vanhu
Branch: MAIN
Changes since 1.14: +12 -6
lines
Diff to previous 1.14 (colored)
From "Uncle Pedro" on sf.net: When receiving an ISAKMP DELETE_SA, get the cookie of the SA to be deleted from payload instead of just deleting the ISAKMP SA used to protect the informational exchange.
Revision 1.14 / (download) - annotate - [select for diffs], Sat Dec 9 05:52:57 2006 UTC (5 years, 5 months ago) by manu
Branch: MAIN
CVS Tags: ipsec-tools-0_7-base
Branch point for: ipsec-tools-0_7-branch
Changes since 1.13: +2 -1
lines
Diff to previous 1.13 (colored)
From Joy Latten: Add support for SELinux security contexts. Also cleanup the libipsec interface for adding and updating security associations.
Revision 1.13 / (download) - annotate - [select for diffs], Mon Oct 2 21:47:32 2006 UTC (5 years, 7 months ago) by manu
Branch: MAIN
CVS Tags: netbsd-4-base
Branch point for: netbsd-4
Changes since 1.12: +11 -7
lines
Diff to previous 1.12 (colored)
Check for NULL pointer (COverity 4175)
Revision 1.12 / (download) - annotate - [select for diffs], Mon Sep 18 20:32:40 2006 UTC (5 years, 8 months ago) by manu
Branch: MAIN
Changes since 1.11: +2 -1
lines
Diff to previous 1.11 (colored)
From Matthew Grooms: ike_frag force option to force the use of IKE on first packet exchange (prior to peer consent)
Revision 1.11 / (download) - annotate - [select for diffs], Sat Sep 9 16:22:09 2006 UTC (5 years, 8 months ago) by manu
Branch: MAIN
Changes since 1.10: +335 -316
lines
Diff to previous 1.10 (colored)
Migration of ipsec-tools to NetBSD CVS part 2: resolving the import conflicts. Since we previously had a release branch and we import here the HEAD of CVS, let's assume all local changes are to be dumped. Local patches should have been propagated upstream, anyway.
Revision 1.1.1.6 / (download) - annotate - [select for diffs] (vendor branch), Sat Sep 9 16:12:03 2006 UTC (5 years, 8 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-base
Changes since 1.1.1.5: +335 -316
lines
Diff to previous 1.1.1.5 (colored)
Migrate ipsec-tools CVS to cvs.netbsd.org
Revision 1.1.1.3.2.7 / (download) - annotate - [select for diffs], Mon Nov 21 21:12:30 2005 UTC (6 years, 6 months ago) by tron
Branch: netbsd-3
CVS Tags: netbsd-3-1-RELEASE,
netbsd-3-1-RC4,
netbsd-3-1-RC3,
netbsd-3-1-RC2,
netbsd-3-1-RC1,
netbsd-3-0-RELEASE,
netbsd-3-0-RC6,
netbsd-3-0-RC5,
netbsd-3-0-RC4,
netbsd-3-0-RC3,
netbsd-3-0-RC2,
netbsd-3-0-2-RELEASE,
netbsd-3-0-1-RELEASE
Branch point for: netbsd-3-1,
netbsd-3-0
Changes since 1.1.1.3.2.6: +1 -1
lines
Diff to previous 1.1.1.3.2.6 (colored) to branchpoint 1.1.1.3 (colored)
Apply patch (requested by manu in ticket #981): Update ipsec-tools to version 0.6.3.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Nov 21 14:20:29 2005 UTC (6 years, 6 months ago) by manu
Branch: MAIN
CVS Tags: abandoned-netbsd-4-base,
abandoned-netbsd-4
Changes since 1.9: +0 -0
lines
Diff to previous 1.9 (colored)
Merge ipsec-tools 0.6.3 import
Revision 1.1.1.3.2.6 / (download) - annotate - [select for diffs], Sat Sep 3 07:03:49 2005 UTC (6 years, 8 months ago) by snj
Branch: netbsd-3
CVS Tags: netbsd-3-0-RC1
Changes since 1.1.1.3.2.5: +73 -27
lines
Diff to previous 1.1.1.3.2.5 (colored) to branchpoint 1.1.1.3 (colored)
Apply patch (requested by tron in ticket #741): Update ipsec-tools to version 0.6.1.
Revision 1.9 / (download) - annotate - [select for diffs], Sat Aug 20 00:57:06 2005 UTC (6 years, 9 months ago) by manu
Branch: MAIN
Changes since 1.8: +1 -1
lines
Diff to previous 1.8 (colored)
Update to ipsec-tools 0.6.1
Revision 1.1.1.5 / (download) - annotate - [select for diffs] (vendor branch), Sat Aug 20 00:41:48 2005 UTC (6 years, 9 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-0_6_3,
ipsec-tools-0_6_2,
ipsec-tools-0_6_1
Changes since 1.1.1.4: +0 -11
lines
Diff to previous 1.1.1.4 (colored)
Import ipsec-tools 0.6.1
Revision 1.8 / (download) - annotate - [select for diffs], Sun Aug 7 09:38:45 2005 UTC (6 years, 9 months ago) by manu
Branch: MAIN
Changes since 1.7: +53 -29
lines
Diff to previous 1.7 (colored)
Resolve conflicts caused by recent ipsec-tools-0.6.1rc1 import by prefering the newer software. Some useful local change might have been overwritten, we'll take care of this soon.
Revision 1.1.1.4 / (download) - annotate - [select for diffs] (vendor branch), Sun Aug 7 08:46:16 2005 UTC (6 years, 9 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-0_6_1-rc1
Changes since 1.1.1.3: +88 -378
lines
Diff to previous 1.1.1.3 (colored)
Update ipsec-tools to 0.6.1rc1 Most of the changes since 0.6b4 have already been committed to the NetBSD tree. This upgrade fixes some IPcomp and NAT-T related problems that were left unadressed in the NetBSD tree.
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jul 12 21:33:01 2005 UTC (6 years, 10 months ago) by manu
Branch: MAIN
Changes since 1.6: +24 -2
lines
Diff to previous 1.6 (colored)
Add safety checks for informational messages
Revision 1.6 / (download) - annotate - [select for diffs], Tue Jul 12 19:17:37 2005 UTC (6 years, 10 months ago) by tron
Branch: MAIN
Changes since 1.5: +0 -22
lines
Diff to previous 1.5 (colored)
Backout botched patch, approved by Emmanuel Dreyfus.
Revision 1.1.1.3.2.5 / (download) - annotate - [select for diffs], Tue Jul 12 19:08:47 2005 UTC (6 years, 10 months ago) by tron
Branch: netbsd-3
Changes since 1.1.1.3.2.4: +1 -23
lines
Diff to previous 1.1.1.3.2.4 (colored) to branchpoint 1.1.1.3 (colored)
Backout ticket 579 because it causes build failures.
Revision 1.1.1.3.2.4 / (download) - annotate - [select for diffs], Tue Jul 12 17:31:25 2005 UTC (6 years, 10 months ago) by tron
Branch: netbsd-3
Changes since 1.1.1.3.2.3: +22 -0
lines
Diff to previous 1.1.1.3.2.3 (colored) to branchpoint 1.1.1.3 (colored)
Pull up revision 1.5 (requested by manu in ticket #579): Safety checks on informational messages
Revision 1.5 / (download) - annotate - [select for diffs], Tue Jul 12 14:13:10 2005 UTC (6 years, 10 months ago) by manu
Branch: MAIN
Changes since 1.4: +23 -1
lines
Diff to previous 1.4 (colored)
Safety checks on informational messages
Revision 1.1.1.3.2.3 / (download) - annotate - [select for diffs], Wed May 11 12:17:19 2005 UTC (7 years ago) by tron
Branch: netbsd-3
Changes since 1.1.1.3.2.2: +13 -362
lines
Diff to previous 1.1.1.3.2.2 (colored) to branchpoint 1.1.1.3 (colored)
Pull up revision 1.4 (requested by manu in ticket #277): More NAT-T fixes for the situation where racoon acts as a VPN client Flush SA and generated SP on DPD timeout and deletion payloads
Revision 1.4 / (download) - annotate - [select for diffs], Sun May 8 08:57:26 2005 UTC (7 years ago) by manu
Branch: MAIN
Changes since 1.3: +14 -363
lines
Diff to previous 1.3 (colored)
More NAT-T fixes for the situation where racoon acts as a VPN client Flush SA and generated SP on DPD timeout and deletion payloads
Revision 1.1.1.3.2.2 / (download) - annotate - [select for diffs], Sun May 1 11:01:05 2005 UTC (7 years ago) by tron
Branch: netbsd-3
Changes since 1.1.1.3.2.1: +2 -0
lines
Diff to previous 1.1.1.3.2.1 (colored) to branchpoint 1.1.1.3 (colored)
Pull up revision 1.3 (requested by manu in ticket #215): Bug fixes from the ipsec-tools 0.6 branch: - Fix NAT-T problems that prevented multiple peers behind the same NAT to talk to the same machine outside the NAT. This also require kernel fixes (already committed eralier) - Fix a LP64 bug - Fix NAT-T RFC conformance bugs (missing non ESP marker in packets) - Add a -p option to setkey to display ports that could be used for ESP over UDP when printing policies
Revision 1.3 / (download) - annotate - [select for diffs], Wed Apr 27 05:19:50 2005 UTC (7 years, 1 month ago) by manu
Branch: MAIN
Changes since 1.2: +3 -1
lines
Diff to previous 1.2 (colored)
Bug fixes from the ipsec-tools 0.6 branch: - Fix NAT-T problems that prevented multiple peers behind the same NAT to talk to the same machine outside the NAT. This also require kernel fixes (already committed eralier) - Fix a LP64 bug - Fix NAT-T RFC conformance bugs (missing non ESP marker in packets) - Add a -p option to setkey to display ports that could be used for ESP over UDP when printing policies
Revision 1.1.1.3.2.1 / (download) - annotate - [select for diffs], Thu Apr 21 16:51:40 2005 UTC (7 years, 1 month ago) by tron
Branch: netbsd-3
Changes since 1.1.1.3: +1 -1
lines
Diff to previous 1.1.1.3 (colored)
Pull up revision 1.2 (requested by manu in ticket #179): Fix simple DES support (security problems for racoon to racoon setups) Fix broken generated policies flush
Revision 1.2 / (download) - annotate - [select for diffs], Tue Apr 19 19:42:09 2005 UTC (7 years, 1 month ago) by manu
Branch: MAIN
Changes since 1.1: +268 -1
lines
Diff to previous 1.1 (colored)
Fix simple DES support (security problems for racoon to racoon setups) Fix broken generated policies flush
Revision 1.1.1.3 / (download) - annotate - [select for diffs] (vendor branch), Mon Mar 14 08:14:30 2005 UTC (7 years, 2 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: netbsd-3-base,
ipsec-tools-0_6-20050317,
ipsec-tools-0_6-20050314
Branch point for: netbsd-3
Changes since 1.1.1.2: +5 -2
lines
Diff to previous 1.1.1.2 (colored)
Import ipsec-tools ipsec-tools-0_6-20050314
Revision 1.1.1.2 / (download) - annotate - [select for diffs] (vendor branch), Wed Feb 23 14:54:21 2005 UTC (7 years, 3 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-0_6-20050224,
ipsec-tools-0_6-20050223
Changes since 1.1.1.1: +265 -1
lines
Diff to previous 1.1.1.1 (colored)
Import ipsec-tools 0.6 branch as of 2005/02/23. News from last imported version
according to ipsec-tools' ChangeLog:
2005-02-23 Emmanuel Dreyfus <manu@netbsd.org>
* configure.ac, src/racoon/{Makefile.am|crypto_openssl.c}: optionnal
support for patented algorithms: IDEA and RC5.
* src/racoon/{isakmp_xauth.c|main.c}: don't initialize RADIUS if it
is not required in the configuration
* src/racoon/isakmp.c: do not reject addresses for which kernel
refused UDP encapsulation, they can still be used for non NAT-T
traffic (eg: NAT-T enabled racoon on non NAT-T enabled kernel)
2005-02-18 Emmanuel Dreyfus <manu@netbsd.org>
* src/racoon/{main.c|eaytest.c|plairsa-gen.c}
src/setkey/setkey.c: don't use fuzzy paths for package_version.h
2005-02-18 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/isakmp_inf.c: Purge generated SPDs when getting a
related DELETE_SA
* src/racoon/pfkey.c: do NOT unbindph12() when SA acquire
2005-02-17 Emmanuel Dreyfus <manu@netbsd.org>
From Fred Senault <fred.letter@lacave.net>
* src/racoon/remoteconf.c: Fix a bug in script init
2005-02-17 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/ipsec_doi.c: Workaround for phase1 lifetime checks
2005-02-15 Michal Ludvig <michal@logix.cz>
* configure.ac: Changed --enable-natt_NN to --enable-natt-versions=NN,NN
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sat Feb 12 11:12:27 2005 UTC (7 years, 3 months ago) by manu
Branch: IPSEC_TOOLS
CVS Tags: ipsec-tools-0_6-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
Import ipsec-tools (tag ipsec-tools-0_6-base in ipsec-tools CVS) ipsec-tools is a fork from KAME racoon/libipsec/setkey, with many enhancements.
Revision 1.1 / (download) - annotate - [select for diffs], Sat Feb 12 11:12:27 2005 UTC (7 years, 3 months ago) by manu
Branch: MAIN
Initial revision