| Age | Commit message (Collapse) | Author |
|---|
|
|
|
with the SOCK_NONBLOCK flag to socket() and accept4().
OK claudio@ jung@
|
|
include the process name, and replace all calls of fatal*(NULL) with
fatal(__func__) for better debugging.
OK benno@
|
|
get rid of the "LOSS OF MIND" joke. Haha. We keep on removing it and
it shows up again because it accidentally gets synced from somewhere
else. bgpd and ospfd don't have it anymore, but their offsprings
still carry it. If you see it, remove it, and, in the OpenBSD ISC
case, use the original text from /usr/share/misc/license.template.
All authors agree.
|
|
sync log.c with relayd and httpd - all three daemons are using a copy
of the same file now. Nevertheless, adding "extern int debug/verbose"
in util.c is not super nice but helps for now. No functional change.
|
|
strndup().
ok millert@
|
|
policy after receiving it from the parent. print_policy ->
print_proto -> getprotobynumber -> pledge abort because it tried to
access /etc/protocols without rpath. It was just a debugging message
that can be moved to the parent (printing the policy on the sender
side and not the receiver side). The parent has rpath and dns.
Issue found by sthen@ with "proto etherip"
OK sthen@ benno@
|
|
|
|
|
|
|
|
|
|
|
|
operations. This adds pledge(2) too all processes, including the iked
parent process; the existing privsep design has been improved for
better pledgeability. There haven't been any serious problems as it
was already sane (eg. by receiving the PFKEYv2 and UDP sockets via fd
passing). The control socket moved to an independent process to
remove some abilities from the cert process.
Committed in agreement with many but nobody was brave enough to OK it.
Better testing will happen with having it in the tree.
"It's the truth" deraadt@
"Let's see what happens" benno@
|
|
-static for NFS-over-IPsec that might mount the libraries after /usr.
The benefit of linking iked dynamic outweighs the historic reason, eg.
to get full address space randomization and to benefit from libcrypto
updates, so we turn it into a dynamic binary.
OK deraadt@ naddy@
|
|
Confirmed by markus@ with an identical diff
|
|
|
|
imsg_compose_event(). This was done by pyr@ in relayd/control.c
-r1.32 (2009/06/05, ok eric@) but somehow didn't slip into other
daemons that imported control.c.
|
|
process for ISAKMP+IKEv1. I kept it to let somebody either contribute
the old protocol one day, I never intended to implement IKEv1 myself,
or to add a new kind of pipe to isakmpd to hand off IKEv1 messages.
As IKEv2 is widely supported by all major OS and networking vendors
now, I'm happy to scrap the idea of supporting ISAKMP+IKEv1. It is
still possible to use isakmpd for legacy VPNs.
OK mikeb@
|
|
calls on pf data to explicit_bzero().
ok mikeb@
|
|
with Curve448). And we already support it. Mention it here to update
the Id when it was assigned by IANA.
|
|
assigned an official ID 28 for it. This is good news, and we should
really support it as well. Just add the ID for now.
Discussed with mikeb@
|
|
minimum out there. Even El Capitan announces 3DES and SHA1 instead of MD5.
OK mikeb@
|
|
This fixes EAP (user-based auth) with IKEv2 in El Capitan.
OK mikeb@
|
|
if no CERTREQ were received. In conjunction with the previous iOS9 interop fix,
this may fix an interop problem seen by Denis Lapshin with BlackBerry OS 10.3.1
and one of a number with firebrick.co.uk's IKEv2 implementation diagnosed by
their developer Cliff Hones. ok reyk@
|
|
CERTREQ but a CERT, respond with a local CERT that was selected based
on our own policy instead of leaving it out. This seems to be valid
with the RFC that makes the CERTREQ optional and allows to ignore it
or to apply an own policy.
OK mikeb@ sthen@
|
|
ok mikeb@
|
|
OK mikeb@
|
|
|
|
|
|
This repairs setup of SPD flows that specify port only on the one
side of the from-to specification.
ok markus
|
|
ok mikeb
|
|
(e.g. the policy might be used-after-free on 'ikectl reconfig')
ok mikeb@
|
|
Reported by trondd at kagu-tsuchi ! com, thanks!
|
|
Pointed out by Markus Elfring
OK mikeb@ millert@
|
|
With help and ok from mikeb@
|
|
is non-portable. Also add missing asprintf() return value checks.
OK deraadt@ guenther@ doug@
|
|
restricted to SHA1 for RSA signatures. ok mikeb@
|
|
Predefined strings are not very portable across troff implementations,
and they make the source much harder to read. Usually the intended
character can be written directly.
No output changes, except for two instances where the incorrect escape
was used in the first place.
tweaks + ok schwarze@
|
|
ok doug millert miod
|
|
OK henning@
|
|
|
|
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
joint work with djm@ and jsing@
ok djm@
|
|
Tested by and OK claudio.
|
|
ok reyk@
|
|
|
|
sure the negative error gets treated correctly and doesn't get
accidentally promoted to a huge unsigned value.
From Pedro Martelletto, thanks! OK reyk
|
|
Crash reported and fix tested by Vincent Gross <dermiste at kilob ! yt>;
patch from Pedro Martelletto, thanks!
|
|
ok matthew
|
