Up to [cvs.NetBSD.org] / src / lib / libipsec
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.23, Sat Feb 19 16:55:04 2005 UTC (19 years, 1 month ago) by thorpej
Branch: MAIN
CVS Tags: yamt-pf42-base4,
yamt-pf42-base3,
yamt-pf42-base2,
yamt-pf42-base,
yamt-pf42,
yamt-pagecache-tag8,
yamt-pagecache-base9,
yamt-pagecache-base8,
yamt-pagecache-base7,
yamt-pagecache-base6,
yamt-pagecache-base5,
yamt-pagecache-base4,
yamt-pagecache-base3,
yamt-pagecache-base2,
yamt-pagecache-base,
yamt-pagecache,
tls-maxphys-base,
tls-earlyentropy-base,
tls-earlyentropy,
riastradh-xf86-video-intel-2-7-1-pre-2-21-15,
riastradh-drm2-base3,
prg-localcount2-base3,
prg-localcount2-base2,
prg-localcount2-base1,
prg-localcount2-base,
prg-localcount2,
phil-wifi-20200421,
phil-wifi-20200411,
phil-wifi-20200406,
pgoyette-localcount-base,
pgoyette-localcount-20170426,
pgoyette-localcount-20170320,
pgoyette-localcount-20170107,
pgoyette-localcount-20161104,
pgoyette-localcount-20160806,
pgoyette-localcount-20160726,
pgoyette-localcount,
pgoyette-compat-merge-20190127,
pgoyette-compat-base,
pgoyette-compat-20190127,
pgoyette-compat-20190118,
pgoyette-compat-1226,
pgoyette-compat-1126,
pgoyette-compat-1020,
pgoyette-compat-0930,
pgoyette-compat-0906,
pgoyette-compat-0728,
pgoyette-compat-0625,
pgoyette-compat-0521,
pgoyette-compat-0502,
pgoyette-compat-0422,
pgoyette-compat-0415,
pgoyette-compat-0407,
pgoyette-compat-0330,
pgoyette-compat-0322,
pgoyette-compat-0315,
pgoyette-compat,
perseant-stdc-iso10646-base,
perseant-stdc-iso10646,
netbsd-5-base,
netbsd-5-2-RELEASE,
netbsd-5-2-RC1,
netbsd-5-2-3-RELEASE,
netbsd-5-2-2-RELEASE,
netbsd-5-2-1-RELEASE,
netbsd-5-2,
netbsd-5-1-RELEASE,
netbsd-5-1-RC4,
netbsd-5-1-RC3,
netbsd-5-1-RC2,
netbsd-5-1-RC1,
netbsd-5-1-5-RELEASE,
netbsd-5-1-4-RELEASE,
netbsd-5-1-3-RELEASE,
netbsd-5-1-2-RELEASE,
netbsd-5-1-1-RELEASE,
netbsd-5-1,
netbsd-5-0-RELEASE,
netbsd-5-0-RC4,
netbsd-5-0-RC3,
netbsd-5-0-RC2,
netbsd-5-0-RC1,
netbsd-5-0-2-RELEASE,
netbsd-5-0-1-RELEASE,
netbsd-5-0,
netbsd-5,
mjf-devfs2-base,
mjf-devfs2,
matt-nb5-pq3-base,
matt-nb5-pq3,
localcount-20160914,
keiichi-mipv6-base,
keiichi-mipv6,
jym-xensuspend-nbase,
jym-xensuspend-base,
jym-xensuspend,
hpcarm-cleanup-nbase,
hpcarm-cleanup-base,
hpcarm-cleanup,
cube-autoconf-base,
cube-autoconf,
cjep_sun2x-base,
cjep_sun2x,
cjep_staticlib_x-base1,
cjep_staticlib_x-base,
cjep_staticlib_x,
bouyer-socketcan-base1,
bouyer-socketcan-base,
bouyer-socketcan,
bouyer-quota2-nbase,
bouyer-quota2-base,
bouyer-quota2,
agc-symver-base,
agc-symver,
HEAD
Changes since 1.22: +1 -1
lines
FILE REMOVED
Switch to ipsec-tools for libipsec, setkey, and racoon. From Emmanuel Dreyfus, with some small changes by me.
Revision 1.22 / (download) - annotate - [select for diffs], Wed Oct 13 23:46:46 2004 UTC (19 years, 5 months ago) by abs
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored)
I'm not sure what the comment is trying to say, but it can say it with 'making' at least as well as 'makeing'.
Revision 1.21 / (download) - annotate - [select for diffs], Sun Apr 25 22:25:05 2004 UTC (19 years, 11 months ago) by jonathan
Branch: MAIN
Changes since 1.20: +16 -3
lines
Diff to previous 1.20 (colored)
Initial commit of a port of the FreeBSD implementation of RFC 2385 (MD5 signatures for TCP, as used with BGP). Credit for original FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship credited to sentex.net. Shortening of the setsockopt() name attributed to Vincent Jardin. This commit is a minimal, working version of the FreeBSD code, as MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp modified to set the TCP-MD5 option; BMS's additions to tcpdump-current (tcpdump -M) confirm that the MD5 signatures are correct. Committed as-is for further testing between a NetBSD BGP speaker (e.g., quagga) and industry-standard BGP speakers (e.g., Cisco, Juniper). NOTE: This version has two potential flaws. First, I do see any code that verifies recieved TCP-MD5 signatures. Second, the TCP-MD5 options are internally padded and assumed to be 32-bit aligned. A more space-efficient scheme is to pack all TCP options densely (and possibly unaligned) into the TCP header ; then do one final padding to a 4-byte boundary. Pre-existing comments note that accounting for TCP-option space when we add SACK is yet to be done. For now, I'm punting on that; we can solve it properly, in a way that will handle SACK blocks, as a separate exercise. In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c ,and modifies: sys/net/pfkeyv2.h,v 1.15 sys/netinet/files.netinet,v 1.5 sys/netinet/ip.h,v 1.25 sys/netinet/tcp.h,v 1.15 sys/netinet/tcp_input.c,v 1.200 sys/netinet/tcp_output.c,v 1.109 sys/netinet/tcp_subr.c,v 1.165 sys/netinet/tcp_usrreq.c,v 1.89 sys/netinet/tcp_var.h,v 1.109 sys/netipsec/files.netipsec,v 1.3 sys/netipsec/ipsec.c,v 1.11 sys/netipsec/ipsec.h,v 1.7 sys/netipsec/key.c,v 1.11 share/man/man4/tcp.4,v 1.16 lib/libipsec/pfkey.c,v 1.20 lib/libipsec/pfkey_dump.c,v 1.17 lib/libipsec/policy_token.l,v 1.8 sbin/setkey/parse.y,v 1.14 sbin/setkey/setkey.8,v 1.27 sbin/setkey/token.l,v 1.15 Note that the preceding two revisions to tcp.4 will be required to cleanly apply this diff.
Revision 1.20 / (download) - annotate - [select for diffs], Tue Feb 24 15:12:51 2004 UTC (20 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: netbsd-2-base,
netbsd-2-1-RELEASE,
netbsd-2-1-RC6,
netbsd-2-1-RC5,
netbsd-2-1-RC4,
netbsd-2-1-RC3,
netbsd-2-1-RC2,
netbsd-2-1-RC1,
netbsd-2-1,
netbsd-2-0-base,
netbsd-2-0-RELEASE,
netbsd-2-0-RC5,
netbsd-2-0-RC4,
netbsd-2-0-RC3,
netbsd-2-0-RC2,
netbsd-2-0-RC1,
netbsd-2-0-3-RELEASE,
netbsd-2-0-2-RELEASE,
netbsd-2-0-1-RELEASE,
netbsd-2-0,
netbsd-2
Changes since 1.19: +26 -26
lines
Diff to previous 1.19 (colored)
occured -> occurred. From Peter Postma.
Revision 1.19 / (download) - annotate - [select for diffs], Fri Sep 26 22:23:58 2003 UTC (20 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.18: +3 -3
lines
Diff to previous 1.18 (colored)
Process has only one c. From miod@openbsd.
Revision 1.18 / (download) - annotate - [select for diffs], Tue Aug 26 03:49:05 2003 UTC (20 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.17: +5 -3
lines
Diff to previous 1.17 (colored)
protect SADB_X_EXT_TAG with #ifdef
Revision 1.17 / (download) - annotate - [select for diffs], Tue Aug 26 03:37:25 2003 UTC (20 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.16: +27 -26
lines
Diff to previous 1.16 (colored)
typo
Revision 1.16 / (download) - annotate - [select for diffs], Tue Jul 22 03:31:44 2003 UTC (20 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.15: +6 -6
lines
Diff to previous 1.15 (colored)
cosmetic
Revision 1.15 / (download) - annotate - [select for diffs], Sun Mar 9 01:03:55 2003 UTC (21 years ago) by lukem
Branch: MAIN
Changes since 1.14: +4 -1
lines
Diff to previous 1.14 (colored)
use __RCSID()
Revision 1.14 / (download) - annotate - [select for diffs], Tue Mar 4 18:30:58 2003 UTC (21 years ago) by christos
Branch: MAIN
Changes since 1.13: +8 -5
lines
Diff to previous 1.13 (colored)
Avoid memory leak. Pointed out by Patrick Latifi <patrickl at secureops dot com>
Revision 1.13 / (download) - annotate - [select for diffs], Tue May 14 11:24:21 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-6-base,
netbsd-1-6-RELEASE,
netbsd-1-6-RC3,
netbsd-1-6-RC2,
netbsd-1-6-RC1,
netbsd-1-6-PATCH002-RELEASE,
netbsd-1-6-PATCH002-RC4,
netbsd-1-6-PATCH002-RC3,
netbsd-1-6-PATCH002-RC2,
netbsd-1-6-PATCH002-RC1,
netbsd-1-6-PATCH002,
netbsd-1-6-PATCH001-RELEASE,
netbsd-1-6-PATCH001-RC3,
netbsd-1-6-PATCH001-RC2,
netbsd-1-6-PATCH001-RC1,
netbsd-1-6-PATCH001,
netbsd-1-6,
fvdl_fs64_base
Changes since 1.12: +643 -131
lines
Diff to previous 1.12 (colored)
sync with latest kame setkey(8), modulo icmp6 hack. pfkey.c is now more picky about buffer length validation. spddump (setkey -DP) will print lifetime information.
Revision 1.12 / (download) - annotate - [select for diffs], Sun Sep 16 16:34:26 2001 UTC (22 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.11: +21 -21
lines
Diff to previous 1.11 (colored)
Spell 'occurred' with two 'r's.
Revision 1.11 / (download) - annotate - [select for diffs], Mon Jul 3 03:56:22 2000 UTC (23 years, 9 months ago) by matt
Branch: MAIN
Changes since 1.10: +2 -2
lines
Diff to previous 1.10 (colored)
More include cleanup. Remvoe (p) from #undef in libipsec.
Revision 1.9.2.1 / (download) - annotate - [select for diffs], Fri Jun 23 16:16:35 2000 UTC (23 years, 9 months ago) by minoura
Branch: minoura-xpg4dl
Changes since 1.9: +326 -154
lines
Diff to previous 1.9 (colored) next main 1.10 (colored)
Sync w/ netbsd-1-5-base.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Jun 12 10:40:52 2000 UTC (23 years, 9 months ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-5-base,
netbsd-1-5-RELEASE,
netbsd-1-5-PATCH003,
netbsd-1-5-PATCH002,
netbsd-1-5-PATCH001,
netbsd-1-5-BETA2,
netbsd-1-5-BETA,
netbsd-1-5-ALPHA2,
netbsd-1-5
Changes since 1.9: +326 -154
lines
Diff to previous 1.9 (colored)
sync with almost-latest KAME IPsec. full changelog would be too big to mention here. notable changes are like below. kernel: - make PF_KEY kernel interface more robust against broken input stream. it includes complete internal structure change in sys/netkey/key.c. - remove non-RFC compliant change in PF_KEY API, in particular, in struct sadb_msg. we cannot just change these standard structs. sadb_x_sa2 is introduced instead. - remove prototypes for pfkey_xx functions from /usr/include/net/pfkeyv2.h. these functions are not supplied in /usr/lib. setkey(8): - get/delete does not require "-m mode" (ignored with warning, if you specify it) - spddelete takes direction specification
Revision 1.9 / (download) - annotate - [select for diffs], Mon Mar 13 21:23:56 2000 UTC (24 years ago) by itojun
Branch: MAIN
CVS Tags: minoura-xpg4dl-base
Branch point for: minoura-xpg4dl
Changes since 1.8: +68 -68
lines
Diff to previous 1.8 (colored)
hide shouldn't-be-exported symbols from the outside. don't compile pfkey*, since we expect tons of changes in the near future. bump shlib major (due to less exported APIs than before - am I correct here?).
Revision 1.8 / (download) - annotate - [select for diffs], Tue Feb 8 13:17:52 2000 UTC (24 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored)
use proper include path (net/pfkeyv2.h)
Revision 1.7 / (download) - annotate - [select for diffs], Tue Feb 8 13:14:35 2000 UTC (24 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.6: +1 -2
lines
Diff to previous 1.6 (colored)
don't include in6.h directly.
Revision 1.6 / (download) - annotate - [select for diffs], Mon Jan 31 14:15:32 2000 UTC (24 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.5: +667 -518
lines
Diff to previous 1.5 (colored)
upgrade libipsec to the latest. - parser now uses yacc/lex (there'll be no symbol conflict). - outbound policy and inbound policy is now separate - policy specification for tunnel SA is improved - api changed, bump shlib major XXX some of programs will become not buildable - will commit shortly
Revision 1.5 / (download) - annotate - [select for diffs], Thu Sep 16 04:20:03 1999 UTC (24 years, 6 months ago) by itojun
Branch: MAIN
CVS Tags: wrstuden-devbsize-base,
wrstuden-devbsize-19991221,
wrstuden-devbsize,
comdex-fall-1999-base,
comdex-fall-1999
Changes since 1.4: +10 -2
lines
Diff to previous 1.4 (colored)
temporary workaround against KAME PR 154. http://www2.kame.net/dev/query-pr.cgi?pr=154 This allows many keys to be dumped via "setkey -D", or many keys to be configured by single "setkey -c < foo" command.
Revision 1.4 / (download) - annotate - [select for diffs], Sun Jul 4 01:36:13 1999 UTC (24 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.3: +7 -1
lines
Diff to previous 1.3 (colored)
add NetBSD RCS ID on the top. retain KAME RCS ID where there was one.
Revision 1.3 / (download) - annotate - [select for diffs], Sat Jul 3 06:59:28 1999 UTC (24 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.2: +13 -2
lines
Diff to previous 1.2 (colored)
s/CFLAGS/CPPFLAGS/ for -D and -I. remove lint error.
Revision 1.2 / (download) - annotate - [select for diffs], Fri Jul 2 16:17:44 1999 UTC (24 years, 9 months ago) by simonb
Branch: MAIN
Changes since 1.1: +7 -7
lines
Diff to previous 1.1 (colored)
More trailing white space.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Jul 1 20:15:28 1999 UTC (24 years, 9 months ago) by itojun
Branch: MAIN
ipsec support library. mainly for debugging, and policy text->binary conversion. NO crypto code is included so it is export safe.