| Age | Commit message (Collapse) | Author |
|---|
|
jmc@ dislikes a comma before "then" in a conditional, so leave those
untouched.
ok jmc@
|
|
ok jmc@ sthen@ millert@
|
|
log a warning rather than attempting to dereference it. Check suggested by
millert@, ok "your fix shouldn't hurt" mpi@
This isn't fixing the root cause but I don't have a better idea and I'm
hitting problems on several systems as I upgrade them, and I think in this
case logging rather than dumping core is more helpful.
Without this, in recent OpenBSD versions (I have seen it in since at least
the snapshot from June 14 2021) I am often seeing isakmpd crashes after
SAs come in shortly after isakmpd starts with my usual flags, although
they don't seem to occur if I raise logs to heavy debug levels (-DA=90).
With this, those connections will fail but isakmpd will stay running and
after usually one retry things will be ok.
Usually, perhaps always, seen associated with "responder_recv_HASH_SA_NONCE:
KEY_EXCH payload without a group desc. attribute" logged previously.
Pcap written by isakmpd -L shows a normal-looking proposal though, with
proto/ids/group description set, yet printing *isa at the point that message
is logged shows zeros in sport/dport/group_desc/etc.
(I can give more info and/or test if someone has a better idea!)
|
|
apostrophe.
|
|
ok guenther@
|
|
|
|
ok jsing
|
|
let alone sys/param.h, which it uses to get roundup(). make a local
copy of the macro, and call it a day.
|
|
Straightforward conversion to the OpenSSL 1.1 API as a step towards
making EVP_PKEY opaque. EVP_PKEY_get0_RSA() can't fail if we know
that the pkey type is RSA.
ok sthen
|
|
ok jmc sthen
|
|
instead of having it on the stack. Adjust code accordingly.
|
|
3rd (variadic) mode_t parameter is irrelevant. Many developers in the past
have passed mode_t (0, 044, 0644, or such), which might lead future people
to copy this broken idiom, and perhaps even believe this parameter has some
meaning or implication or application. Delete them all.
This comes out of a conversation where tb@ noticed that a strange (but
intentional) pledge behaviour is to always knock-out high-bits from
mode_t on a number of system calls as a safety factor, and his bewilderment
that this appeared to be happening against valid modes (at least visually),
but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef.
ok millert
|
|
|
|
algorithm is gone. Reomve all LZS references from the tree. The
v42bis in isakmpd also looks unsupported.
OK mvs@ patrick@ sthen@
|
|
ok benno
|
|
an accessor instead of reaching directly into the struct.
ok benno
|
|
No-one is going to build this with OpenSSL 0.9.7 or earlier, so we
can remove this code.
ok bluhm sthen (as part of a larger diff)
|
|
All this does is a call to OpenSSL_add_all_algorithms(), which is
no longer needed since libbcrypto initializes itself.
ok bluhm sthen (part of a larger diff)
|
|
ok millert
|
|
undocumented macro alias X509_name_cmp(3);
no binary change;
OK tb@
|
|
ok tobhe
|
|
work anyway. Dynamic binaries help building errata, reduce disk
usage and make ROP harder. Also remove an unused bsd.subdir.mk
include.
OK sthen@ mvs@ deraadt@ tobhe@ patrick@
|
|
ok deraadt@
|
|
ok patrick@
|
|
when exiting.
"make sense" deraadt
|
|
the path sanitizer in the privsep parent. Bring back the checks
in a way that works with new realpath(3).
tested and OK hshoexer@
|
|
ENOENT. In this case, try to open(2) the path. Then a non-existing
file will be created, but a missing directory component still causes
an error. This fixes isakmpd(8) IKE pcap file creation.
from hshoexer@
|
|
isakmpd and iked to REQUIRE. Filter policy violations earlier.
ok sashan@ bluhm@
|
|
non existing isakmpd.conf(5) file. This was a result of the changed
realpath(3) behavior. Now isakmpd(8) uses the errno from the system.
reported by igor kos; OK deraadt@
|
|
help/ok deraadt
|
|
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
|
|
- show an example sed to substitute the $ENV::CERTIP/CERTFQDN strings
while copying /etc/ssl/x509v3.cnf to a temp file
- don't use /etc/ssl/x509v3.cnf on the command line when we've just
told people to copy and edit
- fix an instance of CERTIP that should have been CERTFQDN
based on diffs from Sevan Janiyan, feedback/ok jmc@
|
|
where the "wrong" #define was used.
ok dlg@
|
|
ok millert@ mpi@
|
|
the Listen-on directive in isakmpd.conf(5). This directive can be necessary
in multi-homed situations, and if isakmpd(8) is used with carp(4).
ok sthen@ mpi@
|
|
|
|
No object change.
|
|
Fix at least interoperability with Cisco when isakmpd(8) is initiating
the connections, originally reported by sebastia@ in 2014.
Refreshed diff from and ok hshoexer@, ok sthen@, ok remi@
|
|
From Scott Cheloha, ok tb@
|
|
also some minor tweaks while here...
|
|
Instead of the full point, only the X point is included.
The member g_xy is always the shared secret but so far its buffer has
been allocated using the size of the public points. Since this is a
different size now, as the shared secret for EC Groups should only store
the x point, we need another member to specify the length of g_xy.
Since this is a backwards incompatible change older isakmpds won't be
able to negotiate if you use EC groups. Bump the version of our own
vendor tag so peers can try to keep compatibility based on the presen-
ted tag. This could be used to implement backwards compatibility to
older isakmpds.
Prompted by and ok mpi@
|
|
ok visa@, markus@
|
|
`finalize' function with the `fail' argument when this happen.
Introduce some sanity checks in exchange_free() to be able to call if
even if the data structure isn't completely initialized.
Plug memory leaks when exchange_establish() fails. While here fix a
double free in one of the error paths.
Based on a diff from hshoexer@, ok stsp@, markus@
|
|
ok markus@
|
|
arguments to f_key_v2_connection_check().
The race can be triggered by sending SIGHUP to the daemon. Note that
this change do not fix the memory leak if exchange_establish() fails.
Reported by MichaÅ Koc.
ok hshoexer@, markus@, henning@
|
|
This deference can occur because sa_find() is called from a timer and
iterates over all existing `sa'. At that time the corresponding
`finalize_exchange' might not have been called, in which case it is
unsafe to dereference `src_net', `dst_net' & co.
Issue reported by MichaÅ Koc. ok hshoexer@, markus@
|
|
okay millert@
|
|
OK espie@
|
