| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-10-15 | use standard list width; | Jason McIntyre | |
| 2010-10-15 | nicer formatting for the various synopses; | Jason McIntyre | |
| 2010-10-15 | document "openssl ts"; | Jason McIntyre | |
| 2010-10-15 | Rework the kroute framework of ldpd. ldpd is different from the other | Claudio Jeker | |
| routing daemons. Change the way the kroute tree is indexed (by FEC with a linked list in case there is a priority conflict -- same route + nexthop at different priorities). This needs a mpath capable MPLS routing table. Still work in progress but works a lot better in close meshed networks. | |||
| 2010-10-15 | return numeric 0 rather than attempting to return a null string, | Stuart Henderson | |
| fixes a segfault when walking memiftable. seems sane to phessler, ok dlg@ | |||
| 2010-10-15 | Switch the remaining users of libdes in src to libcrypto, | Jonathan Gray | |
| telnet portion partially from the latest heimdal. ok mikeb@ | |||
| 2010-10-15 | typo in comment | Stuart Henderson | |
| 2010-10-15 | Add the FSM suberrors specified in draft-ietf-idr-fsm-subcode. This | Claudio Jeker | |
| should help identifying FSM errors since the state is know known. OK henning@ sthen@ | |||
| 2010-10-15 | Add a few more wanrings to the UPDATE parser. Mainly to warn when | Claudio Jeker | |
| attributes are ignored or UPDATEs are invalidated and withdrawn. While there use % to check if a attribute is a multiple of X. OK henning@, sthen@ | |||
| 2010-10-14 | probabalistic -> probabilistic; from naddy | Jason McIntyre | |
| 2010-10-14 | Same fix as previously commited to ospfd. Ensure that kr_redistribute() | Claudio Jeker | |
| is called with the head node of a multipath chain. | |||
| 2010-10-14 | kr_redistribute() needs to be called with the head node of a multipath | Claudio Jeker | |
| chain. Fix kroute_insert() and rtmsg_process() to correctly do this. OK bluhm@ | |||
| 2010-10-14 | for openssl prime, note that results are probabalistic; from djm | Jason McIntyre | |
| 2010-10-13 | 'socket "path" [restricted]' needs quotes around path; make it clear | Stuart Henderson | |
| in the manual. Help from jmc@. | |||
| 2010-10-13 | document "openssl prime"; | Jason McIntyre | |
| 2010-10-13 | document "openssl pkeyparam"; | Jason McIntyre | |
| 2010-10-13 | The heimdal code switched to using DES from libcrypto when 0.7.2 | Jonathan Gray | |
| was imported over four years ago, so we don't need to link libdes for kerberos anymore. ok mikeb@ deraadt@ | |||
| 2010-10-12 | document "openssl pkeyutl"; | Jason McIntyre | |
| 2010-10-12 | Plug a significant memory leak when using SSL. | David Hill | |
| ok claudio@, jsg@, phessler@ | |||
| 2010-10-11 | and another one... s/10.4.5.6/10.3.4.5/, also from jy-p. | Stuart Henderson | |
| 2010-10-11 | typo, s/10.1.2.3/10.2.3.4/, from jy-p | Stuart Henderson | |
| 2010-10-11 | bgpd needs to see all routing messages so set the ROUTE_TABLEFILTER to | Claudio Jeker | |
| RTABLE_ANY. OK henning@ | |||
| 2010-10-11 | zap unused definitions | Pierre-Yves Ritschard | |
| 2010-10-09 | these need to be re-added too | Gilles Chehade | |
| 2010-10-09 | missing from previous commit | Gilles Chehade | |
| 2010-10-09 | no longer compiled, i will reintroduce them later, lots of stuff needs to | Gilles Chehade | |
| be done before we can write queue backends anyway ... | |||
| 2010-10-09 | backout the "new" queue code commited 4 months ago. it has many good ideas, | Gilles Chehade | |
| is way more optimized than what we had earlier and there's definitely stuff we want to keep, however it is early optimization that doesn't account for many features and makes them hard (if not impossible) to write without ugly workarounds that ruin the purpose of the optimizations. the backout goes to 30 May's right before the commit and catches up on all the non-queue related commits that happened since then. i'll work on reintroducing the ideas from this queue when the basic features we expect from a MTA are implemented. suggested on tech@ about a week ago, no objections, several "please make smtpd move forward" mails from hackers and tech readers. | |||
| 2010-10-09 | document "openssl pkey"; | Jason McIntyre | |
| 2010-10-09 | document "openssl genpkey"; | Jason McIntyre | |
| 2010-10-09 | Do not use BPF_WORDALIGN when computing pflog header length as it aligns | Can Erkin Acar | |
| to 8-byte boundary on 64-bit architectures. Instead explicitly round up to a 4-byte boundary. Reported and tested by sthen@ | |||
| 2010-10-08 | document "openssl engine"; | Jason McIntyre | |
| 2010-10-08 | document "openssl ecparam"; | Jason McIntyre | |
| 2010-10-08 | set the client/server certificate options with all the common keyusage | Reyk Floeter | |
| and extendedkeyusage and nscerttype flags. the ikectl CA can now be used with all kinds of other vpn tools in addition to iked and isakmpd. ok phessler@ | |||
| 2010-10-08 | check if a directory exists before trying to create it in the export | Jonathan Gray | |
| case as well, spotted by mikeb | |||
| 2010-10-08 | use the right capitalization in the Nd strings. | Igor Sobrado | |
| ok jmc@ | |||
| 2010-10-08 | tweak for nroff | Jonathan Gray | |
| 2010-10-08 | if non absolute paths are specified in install commands assume they | Jonathan Gray | |
| are relative to /etc | |||
| 2010-10-08 | allow optional paths for the install commands so we can | Jonathan Gray | |
| install into the isakmpd directory hierarchy for example. | |||
| 2010-10-08 | Allow to show certificate details (show ca x cert [y]). | Reyk Floeter | |
| 2010-10-08 | supply the correct value of ciphers DEFAULT; from djm | Jason McIntyre | |
| 2010-10-08 | document "openssl ec"; | Jason McIntyre | |
| 2010-10-07 | only try to setup a passfile when creating a CA | Jonathan Gray | |
| 2010-10-07 | Allow to specify the export password on the command line (optionally, for | Reyk Floeter | |
| scripting). The "peer" argument now needs to be preceded with the "peer" keyword, eg. ... export peer 10.1.1.1 instead of export 10.1.1.1. | |||
| 2010-10-07 | sync usage(); | Jason McIntyre | |
| 2010-10-07 | aginst -> against; from Luca Corti | Jason McIntyre | |
| 2010-10-07 | Don't try to add MPLS routes with a incomming MPLS_LABEL_IMPLNULL label. | Claudio Jeker | |
| The kernel has now a static entry for them and they should not hit the wire anyway. | |||
| 2010-10-07 | nroff doesn't like long argument lists that work fine with mandoc. | Reyk Floeter | |
| split them into Xo/Xc blocks to make nroff happy again. | |||
| 2010-10-07 | - add a -q (quiet) command line option that will be used by ikeca to | Reyk Floeter | |
| set openssl batch mode: don't ask for x509 options, use the defaults. - allow to specify the initial ca password on the command line to also make it scriptable. - allow to create certificates for clientAuth or serverAuth only (eg. ikectl ca foo certificate bar server). - cosmetics: move double declarations of ca_*() functions to parser.h. ok phessler@ | |||
| 2010-10-07 | Garbage collect some unused structs. | Claudio Jeker | |
| 2010-10-07 | set saner permissions on the directory we export, so we don't change | Peter Hessler | |
| perms of /etc/iked when extracting OK jsg@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |