summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Expand)Author
2012-07-09fix some of the confusion we have in pf regarding filter criteria vsHenning Brauer
2012-07-09Revert previous.Kenneth R Westerback
2012-07-09Use strtonum() instead of strtol() inside ask_num(). Many overflowsKenneth R Westerback
2012-07-08set_pid() does not need prompt string, low or high parameters. TheseKenneth R Westerback
2012-07-08Disallow manual security associations that use AES-CTR, AES-GCM,Christian Weisgerber
2012-07-08New attempt to make the -P flag work with -ss, so that states can beLawrence Teo
2012-07-08Split out an ask_pid() function rather than over-parameterizing theKenneth R Westerback
2012-07-08Return EROFS when a read-write mount of a read-only sd(4) deviceKenneth R Westerback
2012-07-08Call Xsetpid() to edit the partition type from Xedit() rather thanKenneth R Westerback
2012-07-08if you use nitems() in userland, you must define it yourselfTheo de Raadt
2012-07-08Nuke useless EDIT() #define in Xsetpid.Kenneth R Westerback
2012-07-08Replace tricker atoi() and hand rolled parsing with strsep() andKenneth R Westerback
2012-07-07copy&paste mistake in error messageChristian Weisgerber
2012-07-07remove incorrect check in pfctl preventing set-tos for ipvshit.Henning Brauer
2012-07-07rename prio in struct pf_rule and related structs to set_prio so it isHenning Brauer
2012-07-07Replace atoi() with strtonum() where it's easy. Make related errorKenneth R Westerback
2012-07-05don't output "esn" string in the rule section as we can't use theMike Belopuhov
2012-07-05when rekeying ike sa copy more info from the old one;Mike Belopuhov
2012-07-03Improve the key derivation function to produce correct keying materialMike Belopuhov
2012-07-02checking state flags make sense only when processing a responseMike Belopuhov
2012-07-02augment every sa_free call with a debugging log messageMike Belopuhov
2012-07-02Don't close IKE SA immediately after creating a new one when rekeying.Mike Belopuhov
2012-07-02a state machine is not worth the trouble when you've got a flag. doh!Mike Belopuhov
2012-06-30enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESPChristian Weisgerber
2012-06-29Add missing ESN bitsMike Belopuhov
2012-06-29Print esn flag when dumping SAs with ESN enabledMike Belopuhov
2012-06-28prevent salt_len overflow; reported by andrew nelless, ok otto, teduMike Belopuhov
2012-06-27leftover code re-enqueued the same item on the list multiple timesMike Belopuhov
2012-06-27prevent an endless loopMike Belopuhov
2012-06-26Add some more paranoia and make code clearer. Check that the requiredKenneth R Westerback
2012-06-26RFC 2132 says "Options containing NVT ASCII data SHOULD NOT includeKenneth R Westerback
2012-06-26improve ikev2_msg_retransmit_timeoutMike Belopuhov
2012-06-26close SA when IKE_SA_INIT or IKE_AUTH exchanges fail;Mike Belopuhov
2012-06-26compare exchange types as well when looking up a message;Mike Belopuhov
2012-06-25log all, not log-all; ok henningJason McIntyre
2012-06-24Nuke interface_link_status() (check media status only) and useKenneth R Westerback
2012-06-22Add initial support for retransmition timeouts and response retries.Mike Belopuhov
2012-06-22decouple timer initialization from timer_registerMike Belopuhov
2012-06-22Two 'ioctl() < 0' -> 'ioctl() == -1'. guenther@ says they're odd.Kenneth R Westerback
2012-06-22Set state to S_REBOOTING when calling state_reboot() and set stateKenneth R Westerback
2012-06-20Cancel all timeouts in state_reboot(), since we can get there from any stateMark Kettenis
2012-06-20no more boot_mac68k(8);Jason McIntyre
2012-06-20more mac68k bits for the atticMatthew Dempsky
2012-06-20Delete some more SUBDIR += mac68k.Matthew Dempsky
2012-06-04Rounding up a number of bytes in a bignum returned by the BN_num_bytes()Mike Belopuhov
2012-06-01revert previous, breaks tcpdumpJonathan Gray
2012-06-01Make the -P flag work with -ss, so that states can be printed with portLawrence Teo
2012-05-31Clarify issues del (bridge command) vs delete (IP address command);Theo de Raadt
2012-05-31Let quotacheck work with duid based fstab. Missed one open() -> opendev()Kenneth R Westerback
2012-05-30more timer changesMike Belopuhov