Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ipsec-tools Resolve conflicts caused by recent i...
details: https://anonhg.NetBSD.org/src/rev/39be79c77837
branches: trunk
changeset: 583450:39be79c77837
user: manu <manu%NetBSD.org@localhost>
date: Sun Aug 07 09:38:45 2005 +0000
description:
Resolve conflicts caused by recent ipsec-tools-0.6.1rc1 import by prefering
the newer software. Some useful local change might have been overwritten,
we'll take care of this soon.
diffstat:
crypto/dist/ipsec-tools/ChangeLog | 274 ++++++++-
crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c | 15 +-
crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c | 7 +-
crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3 | 2 +-
crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3 | 2 +-
crypto/dist/ipsec-tools/src/libipsec/key_debug.c | 4 +-
crypto/dist/ipsec-tools/src/libipsec/libpfkey.h | 26 +-
crypto/dist/ipsec-tools/src/libipsec/pfkey.c | 42 +-
crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c | 15 +-
crypto/dist/ipsec-tools/src/libipsec/policy_parse.y | 15 +-
crypto/dist/ipsec-tools/src/libipsec/policy_token.l | 4 +-
crypto/dist/ipsec-tools/src/racoon/admin.c | 6 +-
crypto/dist/ipsec-tools/src/racoon/algorithm.c | 4 +-
crypto/dist/ipsec-tools/src/racoon/cfparse.y | 6 +-
crypto/dist/ipsec-tools/src/racoon/cftoken.l | 6 +-
crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c | 194 +++---
crypto/dist/ipsec-tools/src/racoon/eaytest.c | 4 +-
crypto/dist/ipsec-tools/src/racoon/handler.c | 43 +-
crypto/dist/ipsec-tools/src/racoon/handler.h | 4 +-
crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c | 35 +-
crypto/dist/ipsec-tools/src/racoon/ipsec_doi.h | 4 +-
crypto/dist/ipsec-tools/src/racoon/isakmp.c | 129 +++-
crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c | 12 +-
crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.c | 4 +-
crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.h | 2 +-
crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c | 82 +-
crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c | 23 +-
crypto/dist/ipsec-tools/src/racoon/isakmp_unity.c | 4 +-
crypto/dist/ipsec-tools/src/racoon/isakmp_var.h | 4 +-
crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c | 26 +-
crypto/dist/ipsec-tools/src/racoon/nattraversal.c | 2 +-
crypto/dist/ipsec-tools/src/racoon/nattraversal.h | 2 +-
crypto/dist/ipsec-tools/src/racoon/oakley.c | 283 +++++----
crypto/dist/ipsec-tools/src/racoon/pfkey.c | 12 +-
crypto/dist/ipsec-tools/src/racoon/plainrsa-gen.8 | 4 +-
crypto/dist/ipsec-tools/src/racoon/privsep.c | 8 +-
crypto/dist/ipsec-tools/src/racoon/proposal.c | 23 +-
crypto/dist/ipsec-tools/src/racoon/racoon.8 | 4 +-
crypto/dist/ipsec-tools/src/racoon/racoon.conf.5 | 4 +-
crypto/dist/ipsec-tools/src/racoon/racoonctl.8 | 4 +-
crypto/dist/ipsec-tools/src/racoon/remoteconf.c | 4 +-
crypto/dist/ipsec-tools/src/racoon/remoteconf.h | 4 +-
crypto/dist/ipsec-tools/src/racoon/samples/racoon.conf.sample-inherit | 2 +-
crypto/dist/ipsec-tools/src/racoon/samples/racoon.conf.sample-natt | 2 +-
crypto/dist/ipsec-tools/src/racoon/samples/racoon.conf.sample-plainrsa | 2 +-
crypto/dist/ipsec-tools/src/racoon/session.c | 2 +-
crypto/dist/ipsec-tools/src/racoon/sockmisc.h | 6 +-
crypto/dist/ipsec-tools/src/racoon/strnames.c | 2 +-
crypto/dist/ipsec-tools/src/setkey/parse.y | 15 +-
crypto/dist/ipsec-tools/src/setkey/setkey.8 | 16 +-
crypto/dist/ipsec-tools/src/setkey/setkey.c | 18 +-
crypto/dist/ipsec-tools/src/setkey/test-pfkey.c | 2 +-
crypto/dist/ipsec-tools/src/setkey/token.l | 5 +-
53 files changed, 901 insertions(+), 523 deletions(-)
diffs (truncated from 2948 to 300 lines):
diff -r 119ebb9dc7a2 -r 39be79c77837 crypto/dist/ipsec-tools/ChangeLog
--- a/crypto/dist/ipsec-tools/ChangeLog Sun Aug 07 08:46:11 2005 +0000
+++ b/crypto/dist/ipsec-tools/ChangeLog Sun Aug 07 09:38:45 2005 +0000
@@ -1,23 +1,151 @@
+---------------------------------------------
+
+ 0.6.1.rc1 released
+
+2005-08-04 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * configure.ac: correctly quote RACOON_PATH_LIBS arguments
+
+2005-08-02 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/isakmp_inf.c: First fix to
+ info_recv_initialcontact(): do a basic IP check when no NAT-T.
+
+2005-07-28 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * src/racoon/{pfkey.c|proposal.c}: IPcomp CPI size fixes
+
+2005-07-26 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/isakmp.c: Fixed purge_remote()
+
+2005-07-25 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/isakmp.c: Do not purge IPSec SAs in purge_remote() if
+ a new ph1handle exists (patch by Krzysztof Oledzki)
+
+---------------------------------------------
+
+ 0.6.1.beta3 released
+
+2005-07-20 Aidas Kasparas <a.kasparas%gmc.lt@localhost>
+
+ * configure.ac: disabled --enable-samode-unspec for linux
+
+2005-07-20 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/isakmp_quick.c: Ignore NATOA payloads in
+ quick_r1recv() as it is done in quick_i2recv().
+
+2005-07-19 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/isakmp.c: Checks in isakmp_ph1begin_r() if we got the
+ packet from NAT-T port, and set up the NAT_PORTS_CHANGED in that
+ case (RFC 3947, sect 4, we MUST allow new phase1 negociations on
+ NAT-T floated port), to correctly generate the reply.
+
+2005-07-16 Aidas Kasparas <a.kasparas%gmc.lt@localhost>
+
+ * src/racoon/grabmyaddr.c: fixed file descriptor leak. Thanks to
+ Patrice Fournier
+ * src/setkey/setkey.c: disabled readline's filename completion.
+ Fixed bug 1179281.
+ * src/racoon/proposal.c: fixed mode selection for SAs with
+ complex_bundle on behind NAT.
+
+2005-07-14 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/handler.c: Clears the DPD schedule in delph1()
+
+---------------------------------------------
+
+ 0.6.1.beta2 released
+
+2005-07-13 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * src/setkey/Makefile.am: missing file in distribution
+ * src/racoon/isakmp_inf.c: build fix
+
+---------------------------------------------
+
+ 0.6.1.beta1 released
+
+2005-07-12 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/isakmp.c: Fixed a mem leak in isakmp_send().
+
+2005-07-12 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * src/racoon/pfkey.c: Set IKE ports to 0 in the SA when NAT-T is not
+ used.
+ * src/racoon/{crypto_openssl.c|ipsec_doi.c|oakley.c} configure.ac
+ src/racoon/missing/crypto/sha2/sha2.h: Support OpenSSL-0.9.8
+ * src/racoon/{admin.c|session.c}: Don't use the adminport if it is
+ disabled
+ * src/racoon/samples/roadwarrior/client/{pahse1-up.sh|phase1-down.sh}:
+ Add comments for using the scripts without NAT-T
+
+2005-07-04 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * src/racoon/isakmp_inf.c: safety checks on informational messages
+
+2005-07-11 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * configure.ac: build fixes on Linux. Accomodate various libiconv
+ versions
+
2005-07-09 Yvan Vanhullebus <vanhu%free.fr@localhost>
* src/racoon/crypto_openssl.c: Fixed evp_crypt when using crypto
algorithms with variable key size but not OpenSSL default key
size.
-2005-07-12 Emmanuel Dreyfus <manu%netbsd.org@localhost>
-
- * src/racoon/samples/roadwarrior/client/{pahse1-up.sh|phase1-down.sh}:
- Add comments for using the scripts without NAT-T
- * src/racoon/pfkey.c: Set IKE ports to 0 in the SA when NAT-T is not
- used.
- * src/racoon/{admin.c|session.c}: Don't use adminport if it is
- disabled.
+2005-07-07 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ From Mathias Scheler <tron%netbsd.org@localhost>
+ * src/racoon/raccon.conf.5: Document that aes can be used in
+ racoon.conf
+
+2005-07-06 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * src/setkey/extern.h: new file (was missing in previous commit)
+
+2005-07-06 Frederic Senault <fred%lacave.net@localhost>
+
+ * src/setkey/setkey.c: fix compilation with readline.
+ * src/racoon/oakley.c: move declarations to the top of the function
+ to fix compilation issues with gcc 2.95.4/FreeBSD4, re-indentation
+ and style cleanup of the pkcs7 patch.
2005-07-01 Emmanuel Dreyfus <manu%netbsd.org@localhost>
- From Uri <urimobile%optonline.net@localhost>
+ From Uri <urimobile%optonline.net@localhost>:
+ * src/racoon/{ipsec_doi.c|Makefile.am}: Linux build fixes
* src/racoon/oakley.c: pkcs7 support
+2005-06-29 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ From Christos Zoulas <christos%zoulas.com@localhost>
+ * configure.ac src/setkey/{parse.y|setkey.c|token.l}
+ src/libipsec/{ipsec_dump_policy.c|ipsec_get_policylen.c|key_debug.c}
+ src/libipsec/{libpfkey.h|pfkey_dump.c|policy_parse.y}: de-lint,
+ using void * instead of caddr_t and adding const where appropriate.
+ * src/setkey/extern.h: new file
+ * src/libipsec/{pfkey.c|pfkey_dump.c|policy_parse.y}
+ src/racoon/{sockmisc.c|sockmisc.h}: de-lint signed/unsigned,
+ size_t/int and lint constants
+
+2005-06-29 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ From Uri <urimobile%optonline.net@localhost> and Larry Baird <lab%gta.com@localhost>:
+ * src/libipsec/pfkey_dump.c src/setkey/test-pfkey.c
+ src/racoon/{algorithm.c|cftoken.l|eaytest.c|ipsec_doi.c}
+ src/racoon/{ipsec_doi.h|pfkey.c|strnames.c}: Add SHA2 support
+
+---------------------------------------------
+
+ 0.6 released
+
2005-06-22 Emmanuel Dreyfus <manu%netbsd.org@localhost>
From Ludo Stellingwerff <ludo%protactive.nl@localhost>:
@@ -27,15 +155,11 @@
on phase 2 initiation retries when the phase 2 had been queued
for a phase 1.
-2005-06-19 Emmanuel Dreyfus <manu%netbsd.org@localhost>
-
- From Uri <urimobile%optonline.net@localhost> and Larry Baird <lab%gta.com@localhost>:
- * src/libipsec/pfkey_dump.c src/setkey/test-pfkey.c
- src/racoon/{algorithm.c|cftoken.l|eaytest.c|ipsec_doi.c}
- src/racoon/{ipsec_doi.h|pfkey.c|strnames.c}: Add SHA2 support
-
-
-2005-06-07 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+---------------------------------------------
+
+ 0.6rc1 released
+
+2005-06-15 Emmanuel Dreyfus <manu%netbsd.org@localhost>
From Larry Baird <lab%gta.com@localhost>
* src/racoon/isakmp.c: consume NAT keepalive data already seen
@@ -48,11 +172,25 @@
From Frederic Senault <fred%lacave.net@localhost>
* src/racoon/privsep.c: fix Xauth login with PAM authentication
+2005-06-05 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ From Thomas Klausner <wiz%netbsd.org@localhost>
+ * src/setkey/setkey.8 src/racoon/racoon.conf.5: remove trailing
+ spaces, grammar fix
+
2005-05-31 Aidas Kasparas <a.kasparas%gmc.lt@localhost>
* src/racoon/ipsec_doi.c: Inserted missing 0th element of
rm_idtype2doi array. Bug #1199700 fix.
+2005-05-23 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * src/racoon/admin.c: build fix
+
+---------------------------------------------
+
+ 0.6b3 released
+
2005-05-20 Emmanuel Dreyfus <manu%netbsd.org@localhost>
From Mike Robinson <sundialservices%users.sourceforge.net@localhost>
@@ -68,23 +206,38 @@
altering lifetime, duplicate the proposal instead of modifying
the configured one.
+ From Frederic Senault <fred%lacave.net@localhost>
+ * src/racoon/{isakmp.c|pfkey.c}: Put sockets in non-blocking mode to
+ fix a hangup with FreeBSD 4.
+
2005-05-14 Emmanuel Dreyfus <manu%netbsd.org@localhost>
* src/libipsec/policy_parse.y: fix parse bug in IPsec policies
+2005-05-14 Aidas Kasparas <a.kasparas%gmc.lt@localhost>
+
+ * src/racoon/sockmisc.c: Debug message said it will send to
+ source address insted of destination.
+
2005-05-13 Emmanuel Dreyfus <manu%netbsd.org@localhost>
* src/racoon/isakmp.c: For acquire messages, when NAT-T is in use,
consider null port as a wildcard and use IKE port
+ * src/racoon/isakmp.c: Build fix
+
2005-05-13 Yvan Vanhullebus <vanhu%free.fr@localhost>
* src/racoon/isakmp.c: Fixed a double ph2handler free in
isakmp_ph2begin_i().
+2005-05-12 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * src/racoon/{proposal.c|proposal.h|isakmp_quick.c}: fix build problem
+
---------------------------------------------
- 0.6b2 released
+ 0.6b2 released
2005-05-10 Emmanuel Dreyfus <manu%netbsd.org@localhost>
@@ -95,12 +248,18 @@
higher security settings. Remove now useless phase 1 down
script on server side.
+2005-05-10 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
* src/racoon/ipsec_doi.c: check for lifebyte in proposals
* src/racoon/ipsec_doi.c: fix a bug in proposal_check claim for phase 1
* src/racoon/{cfparse.y|cftoken.l|racoon.conf.5|isakmp_cfg.c}
src/racoon/{isakmp_cfg.h|isakmp_unity.c}: add Cisco extensions for
- pushing PFS group and save password setting through ISAKMP mode cfg
+ sending PFS group and save password through ISAKMP mode config.
+
+2005-05-08 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * configure.ac src/racoon/isakmp_xauth.c: Support shadow passwords
2005-05-07 Emmanuel Dreyfus <manu%netbsd.org@localhost>
@@ -131,11 +290,19 @@
From Manisha Malla <mmanisha%novell.com@localhost>
* src/racoon/isakmp_cfg.c: fix unsigned int checked for being negative
+ From Ludo Stellingwerff <ludo%protactive.nl@localhost>
+ * src/setkey/{parse.y|token.l}: build on system that do not have
+ TCP-MD5 support
+
+2005-05-04 Michal Ludvig <michal%logix.cz@localhost>
+
+ * configure.ac: Revert GLIBC_BUGS change from 2005-04-15
+
2005-05-03 Emmanuel Dreyfus <manu%netbsd.org@localhost>
From Patrick McHardy <kaber%trash.net@localhost>
- * src/racoon/{pfkey.c|handler.h|hendler.c}: on phase 2 acquire,
- lookup phase 2 by (src, dst, policy id) so that multiple SA can
+ * src/racoon/{pfkey.c|handler.h|hendler.c}: on phase 2 acquire,
+ lookup phase 2 by (src, dst, policy id) so that multiple SA can
be used in transport mode
2005-04-26 Emmanuel Dreyfus <manu%netbsd.org@localhost>
@@ -148,17 +315,34 @@
* src/libipsec/{ipsec_dump_policy.c|pfkey_dump.c|libpfkey.h}:
src/setkey/{setkey.8|setkey.c}: add a -p option to setkey to
enable the display of ESP over UDP ports in policies.
-
+
* src/racoon/{isakmp.c|isakmp_cfg.c|isakmp_inf.c|pfkey.c}: don't
Home |
Main Index |
Thread Index |
Old Index