summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2000-07-03plug 2 memory leaks; reported by andrew.lunn@ascom.ch.Jason Wright
2000-07-02OpenBSD'ify these man pages.Aaron Campbell
2000-07-02From onoe@netbsd.org:Hakan Olsson
Update the description of available channel for Japan. The regulations has been changed to adopt 802.11b since Oct. 99. For 11Mbps NICs sold in Japan, all DS channels (1..14) are available.
2000-07-02descent into wsconsctlMichael Shalayeff
2000-07-02make it compiling only for alpha and hppaMichael Shalayeff
2000-07-01wscons control tool; initial import from newtbsd treeMichael Shalayeff
2000-07-01be more verbose when warning for partition errors,Michael Shalayeff
print partition number in the message.
2000-06-30correct address family handling in "giftunnel".Jun-ichiro itojun Hagino
test with the following: # ifconfig gif0 inet giftunnel localhost localhost # ifconfig gif0 inet6 giftunnel localhost localhost
2000-06-30warnx?/errx? paranoia (use "%s" not a bare string unless it is aTodd C. Miller
constant). These are not security holes but it is worth fixing them anyway both for robustness and so folks looking for examples in the tree are not misled into doing something potentially dangerous. Furthermore, it is a bad idea to assume that pathnames will not include '%' in them and that error routines don't return strings with '%' in them (especially in light of the possibility of locales).
2000-06-29use %s with syslogTheo de Raadt
2000-06-29use %s when calling syslogTheo de Raadt
2000-06-28Remove information that's NetBSD-specific.Artur Grabowski
2000-06-28prevent endless looping on looping fat chainsMichael Shalayeff
2000-06-22fix a typo by wpaul; using ipv6 tunneled to usenix (thanks itojun!)Todd T. Fries
2000-06-21- clean makefileFederico G. Schwindt
- add OpenBSD tags and copyright notice where missing. - check the return value of mount(), like EOPTNOTSUPP, and the like. - remove unused declarations and headers - rearrange manpage a bit. Add history section
2000-06-20more info on what a bridge is (from bridge(4)).Jason Wright
2000-06-20pedant; getopt(3) returns -1 instead of EOF. from aaronJun-ichiro itojun Hagino
2000-06-20spellingAaron Campbell
2000-06-20Merge with EOM 1.41Niklas Hallqvist
author: itojun synchronize with latest KAME PF_KEY interface. need more testing. old: changes sadb_msg, which is bad new: added sadb_x_sa2 for extra meat
2000-06-20Merge with EOM 1.52Niklas Hallqvist
author: niklas Indentation, bad greek
2000-06-19Merge with EOM 1.145Niklas Hallqvist
author: ho Recognize and handle reserved and private payloads differently. A private payload in a message is ignored. A message containing a reserved payload is dropped.
2000-06-19Merge with EOM 1.40Niklas Hallqvist
author: niklas && not &
2000-06-18Fix more buffer overflows... that's 5 in this one program (so far)Aaron Campbell
2000-06-18strcpy() -> strlcpy()Aaron Campbell
2000-06-18routes on down interfaces are disabledNiels Provos
2000-06-18Xr hostname.ifNiklas Hallqvist
2000-06-18- Give more precise definitions for the -d and -f options.Aaron Campbell
- Clean up FILES section. - s/BACKWARD COMPATIBILITY/COMPATIBILITY/ - Use standard options list introduction.
2000-06-18OpenBSD tagNiels Provos
2000-06-18get cipher number correctly.Niels Provos
2000-06-18add mount_tcfsNiels Provos
2000-06-18allows mount of ffs file system as tcfs file system.Niels Provos
2000-06-17Mention -f can be used to bypass the dirty filesystem checkNiklas Hallqvist
2000-06-17Support the -f flag in order to mount dirty filesystems. This makes senseNiklas Hallqvist
with soft-updates, but will leak free blocks. On non-softupdates filesystems this option is strongly unrecommended. It also allows downgrades to readonly by revoking files opened for writing. If the filesystem have mmap'ed files writeable this is dangerous. Thus, we do *not* recommend its use!
2000-06-17-o force is not a negative option, it should set MNT_FORCE, not clear it. ↵Niklas Hallqvist
OK millert
2000-06-16use TP_BSIZE (== BUFSIZ so no problem)Theo de Raadt
2000-06-14document swapencrypt ctl levelNiels Provos
2000-06-14add swapencrypt ctl level.Niels Provos
2000-06-12update icmp6 name lookup code to conform to 05 draft. previous codeJun-ichiro itojun Hagino
was 03/05 chimera. ping6: -n by default due to too many false error report due to too long reverse query delay.
2000-06-110x39 == plan9Markus Friedl
2000-06-10know QNX; jcplace@ibm.neTheo de Raadt
2000-06-08Merge with EOM 1.12Niklas Hallqvist
author: angelos Default value for [KeyNote]:Credential-directory.
2000-06-08Merge with EOM 1.19Niklas Hallqvist
author: angelos Point back to isakmpd.conf(5) author: angelos Remove fixed item from BUGs section. author: angelos Talk about re-loading of policies on SIGHUP.
2000-06-08Merge with EOM 1.17Niklas Hallqvist
author: angelos Some more support for KeyNote credential exchange (not yet done).
2000-06-08Merge with EOM 1.38Niklas Hallqvist
author: angelos No need for NODEBUG actually... author: angelos Use LOG_DBG() instead of log_debug() author: angelos NODEBUG compile option, so regress doesn't barf. author: angelos No point adding a handling attribute for the generic session. author: angelos log_debug() for the action attributes. author: angelos Different policy/Keynote sessions per Phase 1 SA. author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol. author: angelos Correct pointer handling. author: angelos A few more certificate handling routines for KeyNote. author: angelos Some more support for KeyNote credential exchange (not yet done). author: angelos Add a couple more KeyNote functions in the sym entries. author: ho Some systems do not define IPPROTO_ETHERIP (yet).
2000-06-08Merge with EOM 1.52Niklas Hallqvist
author: angelos Add the -R option in getopt!!!
2000-06-08Merge with EOM 1.40Niklas Hallqvist
author: angelos Different policy/Keynote sessions per Phase 1 SA. author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol.
2000-06-08Merge with EOM 1.104Niklas Hallqvist
author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol. author: angelos Cleanup.
2000-06-08Merge with EOM 1.45Niklas Hallqvist
author: angelos Some more text. author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol. author: ho Update re DOI:IPSEC and default p1/p2 lifetimes.
2000-06-08Merge with EOM 1.11Niklas Hallqvist
author: angelos Different policy/Keynote sessions per Phase 1 SA. author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol. author: angelos A few more definitions. author: angelos Some more support for KeyNote credential exchange (not yet done).
2000-06-08Merge with EOM 1.119Niklas Hallqvist
author: provos typo