summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2002-09-05Without IDs wait until next step/retry to handle CERTREQs. This shouldHakan Olsson
make certificate auth work better with some clients, such as SSH Sentinel.
2002-09-05Do not require the presence of subjectAltName in certificates used forHakan Olsson
IKE auth. Should make interoperating with for example FreeS/WAN easier (Pluto).
2002-09-05Do not create SAs for transaction exchanges either. By niklas@Hakan Olsson
2002-09-03add strlcpy/cat for BSD/OSMarkus Friedl
2002-09-03CPI_RESERVED_MIN is not defined on KAME+BSD/OS; ok ho@Markus Friedl
2002-09-03use sig_atomic_t; cloderTheo de Raadt
2002-09-02Fix parsing of port ranges in translation rules (port a:b -> port c:d).Daniel Hartmeier
ok henning@
2002-09-02Make sure the interface specified with route-to/dup-to/fastroute existsDaniel Hartmeier
and null-terminate the interface name. Found by Michael Wallis. ok henning@
2002-08-29need CPI_xx declsJun-ichiro itojun Hagino
2002-08-29size_t has to be casted to u_long on printing.Jun-ichiro itojun Hagino
From: Martti Kuparinen <martti.kuparinen@iki.fi>
2002-08-29Work around arguably correct OpenSSL behaviour and only ask for CRLHakan Olsson
checks when we actually have CRLs to check against. Problem pointed out by <sturm@sec.informatik.tu-darmstadt.de>.
2002-08-23Initial support for MacOS X (v10.2 and later).Hakan Olsson
2002-08-23Small cleanup.Hakan Olsson
2002-08-23Another format tweakHakan Olsson
2002-08-23Proper formatHakan Olsson
2002-08-23- Convert function definitions to new styleGrigoriy Orlov
- eliminate trailing whitespace - remove casts that aren't needed. - make rcsid strings const, for -Wall compilation. from tedu <grendel@zeitbombe.org>
2002-08-20clean some more signal races, some cannot be fixedTheo de Raadt
2002-08-20Increase lineno on newlines inside multi-line macro definitions, otherwiseDaniel Hartmeier
errors on subsequent lines are reported with wrong line numbers. From Paul B. Henson.
2002-08-16kill duplicated check for '(' and ')' in allowed_in_stringHenning Brauer
2002-08-12Catch null pointer deref (segfault), from wilfried@Daniel Hartmeier
2002-08-12Build the wscons utilities on sparc, tooMiod Vallat
2002-08-12Enable wscons code on sparc, and let kbd_sparc.c dieMiod Vallat
2002-08-12Swap args to calloc(3) so they are in the correct order; art@ ok.Aaron Campbell
2002-08-08Fix structure allocation. The code incorrectly used sizeof(pointer) insteadAaron Campbell
of sizeof(*pointer). provos@ ok
2002-08-08Use & to test if bits are set, not &&; art@ ok.Aaron Campbell
2002-08-08Append to the packet log file, don't overwrite. Requested by pb@.Hakan Olsson
2002-08-08Insist on having the raid[0..n]a set up, when using the root on raid feature.Thierry Deval
(to avoid problems as in PR#2816)
2002-08-08add a hppa caseMichael Shalayeff
2002-08-07A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>.Hakan Olsson
Some style mods, and checks added for OpenSSL version 0.9.7 or later. Currently CRLs are not supported for earlier versions. Manual pages updated.
2002-08-06missing free(), mpech@Henning Brauer
ok pb@
2002-08-06check fo strdup() allocation errorsHenning Brauer
pointed out by mpech@ ok pb@
2002-08-04- grammar cleanup.Grigoriy Orlov
- check for the failure of strdup(). from tedu <grendel@zeitbombe.org>
2002-08-02Check inet_aton() failure with == 0, not == -1; millert@ ok.Aaron Campbell
2002-08-02Mention CRL support, tag and default value.Hakan Olsson
2002-08-02CRL support for isakmpd. From <Thomas.Walpuski@gmx.net> with some minorHakan Olsson
modifications by me. ok niklas@.
2002-07-31KNF, esp. missing prototypesHenning Brauer
2002-07-30grmpf.Henning Brauer
in some cases, on non-tcp rules flags weren't resetted. cosmetical only problem. but, well, checking for r->flags and r->flagset if we could have assigned them zero just one round ago is just stupid, and it's not needed to check them at all. ok pb@, dhartmei@
2002-07-30allow to specify flags on all rules that include tcp.Henning Brauer
these are valid: pass in from any to any flags S pass in proto { tcp, udp, icmp } from any to any flags S pass in proto tcp from any to any flags S these are invalid: pass in proto { udp, icmp } from any to any flags S pass in proto udp from any to any flags S ok "I've lost my slacker status for at least a week" frantzen@ ok pb@, dhartmei@, deraadt@
2002-07-27Typo; similates -> simulatesAaron Campbell
2002-07-26make the order of log and quick irrelevant. now bothHenning Brauer
block in log quick all and block in quick log all work. ok dhartmei@, deraadt@
2002-07-25prettyTheo de Raadt
2002-07-25Rename the WSDISPLAY_TYPE_SUNFFB display type into a more generic name,Miod Vallat
..._SUN24, since this only means 24 bit framebuffers with BGR encoding. Also add a WSDISPLAY_TYPE_SUNBW for Sun monochrome framebuffers, to be used by Xwsfb shortly.
2002-07-23timeout_list/_spec and limit_list/_spec don't return anything -> no %type.Henning Brauer
ok theo
2002-07-21fix route-to alsoTheo de Raadt
2002-07-21make the , optional in many places. This makes string concat a lot moreTheo de Raadt
useful. Now you can in = ssh domain www out = $in ftp finger pass in proto tcp from any to any port { $in } pass out proto tcp from any to any port { $out } a poor example, but the idea is obvious
2002-07-21string concat, ie.Theo de Raadt
a=a b c=$a $a
2002-07-20minor indent tweaksTheo de Raadt
2002-07-20properly split yacc and lex useTheo de Raadt
2002-07-19minor tweaks, sighTheo de Raadt
2002-07-19And back out the last change again.Daniel Hartmeier