Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625
|
#
1.26 |
|
28-May-2018 |
maxv |
drop __P, suggested by sevan
|
#
1.25 |
|
28-May-2018 |
maxv |
fix -Wunused and -Wold-style-definition
|
Revision tags: netbsd-7-2-RELEASE netbsd-8-0-RELEASE netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 netbsd-7-1-2-RELEASE pgoyette-compat-base netbsd-7-1-1-RELEASE matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 bouyer-socketcan-base pgoyette-localcount-20170107 netbsd-7-1-RC1 pgoyette-localcount-20161104 netbsd-7-0-2-RELEASE localcount-20160914 netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-7-base yamt-pagecache-base9 netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 agc-symver-base netbsd-6-1-RC2 netbsd-6-1-RC1 yamt-pagecache-base8 netbsd-6-0-1-RELEASE yamt-pagecache-base7 matt-nb6-plus-nbase yamt-pagecache-base6 netbsd-6-0-RELEASE netbsd-6-0-RC2 tls-maxphys-base matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base5 yamt-pagecache-base4 netbsd-6-base
|
#
1.24 |
|
13-Feb-2012 |
wiz |
branches: 1.24.40; Use the correct constant. From FreeBSD via Henning Petersen in PR 46005.
|
#
1.23 |
|
09-Jan-2012 |
drochner |
allow setkey(8) set and display the ESP fragment size in the NAT-T case, userland part of PR kern/44952 by Wolfgang Stukenbrock, just changed the "frag" option name to "esp_frag", for consistency to the existing option of similar effect in racoon(8)
|
#
1.22 |
|
14-Nov-2011 |
tteras |
From Marcelo Leitner <mleitner@redhat.com>: do not shrink pfkey socket buffers (if system default is larger than what we want as minimum)
|
Revision tags: yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base ipsec-tools-0_8_0 bouyer-quota2-nbase bouyer-quota2-base
|
#
1.21 |
|
20-Jan-2011 |
vanhu |
branches: 1.21.2; 1.21.6; fixed a typo, it will now compile when KMADDRESS is defined. reported by Roman Hoog Antink (rha (at) open.ch)
|
Revision tags: matt-mips64-premerge-20101231
|
#
1.20 |
|
08-Dec-2010 |
joerg |
branches: 1.20.2; ANSIfy
|
Revision tags: matt-premerge-20091211
|
#
1.19 |
|
03-Jul-2009 |
tteras |
From Yvan Vanhullebus: Use SADB_X_EXT_NAT_T_* consistently for passing the NAT-T port information. This might break compatibility with some kernels, but as discussed this is the proper way to pass NAT-T ports and the broken kernels need to be fixed.
|
Revision tags: jym-xensuspend-nbase jym-xensuspend-base
|
#
1.18 |
|
05-Dec-2008 |
tteras |
From Arnaud Ebalard: Improved Mobile IPv6 support per draft-ebalard-mext-pfkey-enhanced-migrate.
|
#
1.17 |
|
27-Nov-2008 |
tteras |
From: Matthew Krenzer Ability to set pfkey socket buffer size via configuration file directive. (Indentation and minor fixes by me.)
|
Revision tags: netbsd-5-0-RC1 netbsd-5-base matt-mips64-base2 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2
|
#
1.16 |
|
03-Sep-2008 |
tteras |
branches: 1.16.4; - Fix reloading of SPD (Linux satype check, handling of SPD dump responses) - Remove some spurious error log message from extract_port()
|
Revision tags: wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-base matt-armv6-nbase cube-autoconf-base matt-armv6-base hpcarm-cleanup-base
|
#
1.15 |
|
15-Oct-2007 |
vanhu |
branches: 1.15.8; Try to increase the buffer size of the pfkey socket, this may help things when we have a huge SPD
|
Revision tags: matt-mips64-base
|
#
1.14 |
|
18-Jul-2007 |
vanhu |
branches: 1.14.4; 1.14.6; use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues
|
Revision tags: ipsec-tools-0_7-rc1 ipsec-tools-0_7-RC1 ipsec-tools-0_7-beta3 ipsec-tools-0_7-beta2 ipsec-tools-0_7-beta1 ipsec-tools-0_7-base
|
#
1.13 |
|
10-Dec-2006 |
manu |
branches: 1.13.4; Bring back API and ABI backward compatibility with previous libipsec before recent interface change. Bump libipsec minor version. Remove ifdefs in struct pfkey_send_sa_args to avoid ABI compatibility lossage. Add a capability flags to detect missing optional feature in libipsec
|
#
1.12 |
|
09-Dec-2006 |
manu |
From Joy Latten: Add support for SELinux security contexts. Also cleanup the libipsec interface for adding and updating security associations.
|
Revision tags: netbsd-4-base
|
#
1.11 |
|
21-Sep-2006 |
vanhu |
branches: 1.11.2; use sysdep_sa_len to make it compile on Linux
|
#
1.10 |
|
09-Sep-2006 |
manu |
Migration of ipsec-tools to NetBSD CVS part 2: resolving the import conflicts. Since we previously had a release branch and we import here the HEAD of CVS, let's assume all local changes are to be dumped. Local patches should have been propagated upstream, anyway.
|
Revision tags: abandoned-netbsd-4-base
|
#
1.9 |
|
21-Nov-2005 |
manu |
Merge ipsec-tools 0.6.3 import
|
#
1.8 |
|
14-Oct-2005 |
manu |
Merge ipsec-tools 0.6.2 import.
|
#
1.7 |
|
24-Sep-2005 |
christos |
Can we please stop using caddr_t?
|
#
1.6 |
|
20-Aug-2005 |
manu |
Update to ipsec-tools 0.6.1
|
#
1.5 |
|
07-Aug-2005 |
manu |
Resolve conflicts caused by recent ipsec-tools-0.6.1rc1 import by prefering the newer software. Some useful local change might have been overwritten, we'll take care of this soon.
|
#
1.4 |
|
28-Jun-2005 |
christos |
Add proper casts. Fix a problem where (uint32_t < ~0). Cast both ~0's to u_int, since this is what the author intended.
|
#
1.3 |
|
20-May-2005 |
manu |
Fix NAT-T plus IPcomp
|
#
1.2 |
|
10-Apr-2005 |
manu |
Resurrect TCP-MD5 support. This fixes bin/29915
|
#
1.1 |
|
12-Feb-2005 |
manu |
branches: 1.1.1; Initial revision
|
#
1.24 |
|
13-Feb-2012 |
wiz |
Use the correct constant. From FreeBSD via Henning Petersen in PR 46005.
|
#
1.23 |
|
09-Jan-2012 |
drochner |
allow setkey(8) set and display the ESP fragment size in the NAT-T case, userland part of PR kern/44952 by Wolfgang Stukenbrock, just changed the "frag" option name to "esp_frag", for consistency to the existing option of similar effect in racoon(8)
|
#
1.22 |
|
14-Nov-2011 |
tteras |
From Marcelo Leitner <mleitner@redhat.com>: do not shrink pfkey socket buffers (if system default is larger than what we want as minimum)
|
#
1.21 |
|
20-Jan-2011 |
vanhu |
branches: 1.21.2; 1.21.6; fixed a typo, it will now compile when KMADDRESS is defined. reported by Roman Hoog Antink (rha (at) open.ch)
|
#
1.20 |
|
07-Dec-2010 |
joerg |
branches: 1.20.2; ANSIfy
|
#
1.19 |
|
03-Jul-2009 |
tteras |
From Yvan Vanhullebus: Use SADB_X_EXT_NAT_T_* consistently for passing the NAT-T port information. This might break compatibility with some kernels, but as discussed this is the proper way to pass NAT-T ports and the broken kernels need to be fixed.
|
#
1.18 |
|
04-Dec-2008 |
tteras |
From Arnaud Ebalard: Improved Mobile IPv6 support per draft-ebalard-mext-pfkey-enhanced-migrate.
|
#
1.17 |
|
27-Nov-2008 |
tteras |
From: Matthew Krenzer Ability to set pfkey socket buffer size via configuration file directive. (Indentation and minor fixes by me.)
|
#
1.16 |
|
03-Sep-2008 |
tteras |
branches: 1.16.4; - Fix reloading of SPD (Linux satype check, handling of SPD dump responses) - Remove some spurious error log message from extract_port()
|
#
1.15 |
|
14-Oct-2007 |
vanhu |
branches: 1.15.8; Try to increase the buffer size of the pfkey socket, this may help things when we have a huge SPD
|
#
1.14 |
|
18-Jul-2007 |
vanhu |
branches: 1.14.4; 1.14.6; use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues
|
#
1.13 |
|
10-Dec-2006 |
manu |
branches: 1.13.4; Bring back API and ABI backward compatibility with previous libipsec before recent interface change. Bump libipsec minor version. Remove ifdefs in struct pfkey_send_sa_args to avoid ABI compatibility lossage. Add a capability flags to detect missing optional feature in libipsec
|
#
1.12 |
|
08-Dec-2006 |
manu |
From Joy Latten: Add support for SELinux security contexts. Also cleanup the libipsec interface for adding and updating security associations.
|
#
1.11 |
|
21-Sep-2006 |
vanhu |
branches: 1.11.2; use sysdep_sa_len to make it compile on Linux
|
#
1.10 |
|
08-Sep-2006 |
manu |
Migration of ipsec-tools to NetBSD CVS part 2: resolving the import conflicts. Since we previously had a release branch and we import here the HEAD of CVS, let's assume all local changes are to be dumped. Local patches should have been propagated upstream, anyway.
|
#
1.9 |
|
21-Nov-2005 |
manu |
Merge ipsec-tools 0.6.3 import
|
#
1.8 |
|
14-Oct-2005 |
manu |
Merge ipsec-tools 0.6.2 import.
|
#
1.7 |
|
24-Sep-2005 |
christos |
Can we please stop using caddr_t?
|
#
1.6 |
|
19-Aug-2005 |
manu |
Update to ipsec-tools 0.6.1
|
#
1.5 |
|
07-Aug-2005 |
manu |
Resolve conflicts caused by recent ipsec-tools-0.6.1rc1 import by prefering the newer software. Some useful local change might have been overwritten, we'll take care of this soon.
|
#
1.4 |
|
27-Jun-2005 |
christos |
Add proper casts. Fix a problem where (uint32_t < ~0). Cast both ~0's to u_int, since this is what the author intended.
|
#
1.3 |
|
19-May-2005 |
manu |
Fix NAT-T plus IPcomp
|
#
1.2 |
|
10-Apr-2005 |
manu |
Resurrect TCP-MD5 support. This fixes bin/29915
|
#
1.1 |
|
12-Feb-2005 |
manu |
branches: 1.1.1; Initial revision
|
#
1.1.1.7 |
|
08-Sep-2006 |
manu |
Migrate ipsec-tools CVS to cvs.netbsd.org
|
#
1.1.1.6 |
|
21-Nov-2005 |
manu |
Import IPsec-tools 0.6.3. This fixes several bugs, including bugs that caused DoS.
|
#
1.1.1.5 |
|
14-Oct-2005 |
manu |
Import ipsec-tools-0.6.2. Here is the ChangeLog since 0.6.1 (most of them have already been pulled up in NetBSD CVS)
|
#
1.1.1.4 |
|
19-Aug-2005 |
manu |
Import ipsec-tools 0.6.1
|
#
1.1.1.3 |
|
07-Aug-2005 |
manu |
Update ipsec-tools to 0.6.1rc1 Most of the changes since 0.6b4 have already been committed to the NetBSD tree. This upgrade fixes some IPcomp and NAT-T related problems that were left unadressed in the NetBSD tree.
|
#
1.1.1.2 |
|
23-Feb-2005 |
manu |
branches: 1.1.1.2.2; Import ipsec-tools 0.6 branch as of 2005/02/23. News from last imported version according to ipsec-tools' ChangeLog:
2005-02-23 Emmanuel Dreyfus <manu@netbsd.org>
* configure.ac, src/racoon/{Makefile.am|crypto_openssl.c}: optionnal support for patented algorithms: IDEA and RC5. * src/racoon/{isakmp_xauth.c|main.c}: don't initialize RADIUS if it is not required in the configuration * src/racoon/isakmp.c: do not reject addresses for which kernel refused UDP encapsulation, they can still be used for non NAT-T traffic (eg: NAT-T enabled racoon on non NAT-T enabled kernel)
2005-02-18 Emmanuel Dreyfus <manu@netbsd.org>
* src/racoon/{main.c|eaytest.c|plairsa-gen.c} src/setkey/setkey.c: don't use fuzzy paths for package_version.h
2005-02-18 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/isakmp_inf.c: Purge generated SPDs when getting a related DELETE_SA * src/racoon/pfkey.c: do NOT unbindph12() when SA acquire
2005-02-17 Emmanuel Dreyfus <manu@netbsd.org>
From Fred Senault <fred.letter@lacave.net> * src/racoon/remoteconf.c: Fix a bug in script init
2005-02-17 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/ipsec_doi.c: Workaround for phase1 lifetime checks
2005-02-15 Michal Ludvig <michal@logix.cz>
* configure.ac: Changed --enable-natt_NN to --enable-natt-versions=NN,NN
|
#
1.1.1.1 |
|
12-Feb-2005 |
manu |
Import ipsec-tools (tag ipsec-tools-0_6-base in ipsec-tools CVS) ipsec-tools is a fork from KAME racoon/libipsec/setkey, with many enhancements.
|
#
1.1.1.2.2.4 |
|
21-Nov-2005 |
tron |
Apply patch (requested by manu in ticket #981): Update ipsec-tools to version 0.6.3.
|
#
1.1.1.2.2.3 |
|
21-Oct-2005 |
riz |
Pull up the following revisions (requested by manu in ticket #894): crypto/dist/ipsec-tools/ChangeLog 1.28-1.30 crypto/dist/ipsec-tools/NEWS 1.1.1.4 crypto/dist/ipsec-tools/configure.ac 1.1.1.7 crypto/dist/ipsec-tools/src/libipsec/pfkey.c 1.7-1.8 crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c 1.10 crypto/dist/ipsec-tools/src/libipsec/policy_parse.y 1.7 crypto/dist/ipsec-tools/src/racoon/cfparse.y 1.5-1.9 crypto/dist/ipsec-tools/src/racoon/evt.c 1.3 crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c 1.11 crypto/dist/ipsec-tools/src/racoon/isakmp.c 1.10 crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c 1.5-1.6 crypto/dist/ipsec-tools/src/racoon/isakmp_base.c 1.3-1.4 crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c 1.3 crypto/dist/ipsec-tools/src/racoon/oakley.c 1.6 crypto/dist/ipsec-tools/src/racoon/pfkey.c 1.10 crypto/dist/ipsec-tools/src/racoon/policy.c 1.3 crypto/dist/ipsec-tools/src/racoon/racoon.conf.5 1.21-1.23 crypto/dist/ipsec-tools/src/racoon/sockmisc.c 1.3 crypto/dist/ipsec-tools/src/racoon/sockmisc.h 1.5 crypto/dist/ipsec-tools/src/setkey/setkey.8 1.17 lib/libipsec/package_version.h 1.15
Update to ipsec-tools 0.6.2
|
#
1.1.1.2.2.2 |
|
03-Sep-2005 |
snj |
Apply patch (requested by tron in ticket #741): Update ipsec-tools to version 0.6.1.
|
#
1.1.1.2.2.1 |
|
12-Apr-2005 |
tron |
Pull up revision 1.2 (requested by manu in ticket #132): Resurrect TCP-MD5 support. This fixes bin/29915
|
#
1.11.2.3 |
|
18-Aug-2008 |
jdc |
Upgrade ipsec-tools to release 0.7.1 (requested by manu in ticket #1183).
|
#
1.11.2.2 |
|
28-Aug-2007 |
liamjfoy |
branches: 1.11.2.2.2; Pull up following revision(s) (requested by manu in ticket #830):
Import ipsec-tools 0.7
|
#
1.11.2.1 |
|
13-May-2007 |
jdc |
branches: 1.11.2.1.2; Upgrade ipsec-tools to 0.7-beta3 (Requested by manu in ticket #634).
|
#
1.11.2.2.2.1 |
|
18-Aug-2008 |
jdc |
Upgrade ipsec-tools to release 0.7.1 (requested by manu in ticket #1183).
|
#
1.11.2.1.2.2 |
|
04-Sep-2008 |
skrll |
Sync with netbsd-4.
|
#
1.11.2.1.2.1 |
|
03-Sep-2007 |
wrstuden |
Sync w/ NetBSD-4-RC_1
|
#
1.13.4.2 |
|
14-Oct-2007 |
vanhu |
Try to increase the buffer size of the pfkey socket, this may help things when we have a huge SPD
|
#
1.13.4.1 |
|
01-Aug-2007 |
vanhu |
use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues
|
#
1.14.6.2 |
|
18-Jul-2007 |
vanhu |
use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues
|
#
1.14.6.1 |
|
18-Jul-2007 |
vanhu |
file pfkey.c was added on branch matt-mips64 on 2007-07-18 12:07:51 +0000
|
#
1.14.4.1 |
|
06-Nov-2007 |
matt |
sync with HEAD
|
#
1.15.8.1 |
|
17-Sep-2008 |
wrstuden |
Sync with wrstuden-revivesa-base-2.
|
#
1.16.4.1 |
|
08-Feb-2009 |
snj |
Apply patch (requested by manu/spz in #378): Downgrade ipsec-tools to 0.7.1nb1.
|
#
1.20.2.1 |
|
08-Feb-2011 |
bouyer |
Sync with HEAD
|
#
1.21.6.1 |
|
16-Apr-2012 |
yamt |
sync with head
|
#
1.21.2.1 |
|
14-Nov-2011 |
tteras |
From Marcelo Leitner <mleitner@redhat.com>: do not shrink pfkey socket buffers (if system default is larger than what we want as minimum)
|