summaryrefslogtreecommitdiff
path: root/usr.sbin
AgeCommit message (Collapse)Author
2004-02-01put v6 cruft into session_up() while beeing there... claudio okHenning Brauer
2004-02-01sort openssl rand options;Jason McIntyre
2004-02-01add paper.txt target;Jason McIntyre
2004-02-01add paper.txt target;Jason McIntyre
2004-01-31rename tcp sockopt TCP_SIGNATURE_ENABLE to TCP_MD5SIGHenning Brauer
requested by theo ok markus@ hshoexer@
2004-01-31pkg_create -L support, which I forgot to commit.Marc Espie
-B pkg-destdir, synonymous to -S, and PKG_DESTDIR support.
2004-01-31general cleanup and better SIGCHLD handling from millert@Otto Moerbeek
ok canacar@
2004-01-30in the parse_config() -> merge_config() chain, you shall not nullHenning Brauer
conf->opts that holds some of the command line opts. repairs -n.
2004-01-30missing free() in an error path that should be unreachableHenning Brauer
From: Patrick Latifi <pat@eyeo.org>
2004-01-30please sparc64, with & ok claudioHenning Brauer
2004-01-30-enable md5sig on the listening socketHenning Brauer
-on connections we just accepted, check wether md5sig is configured for that peer, and check wether the connection is md5sig'd too. if not, refuse tested against cisco 7200.
2004-01-29enable tcp md5sig om the connecting socket when md5sig is configured for thatHenning Brauer
peer. I just successfully established an md5sig'd session against a cisco 7200 with that.
2004-01-29destdir supportMarc Espie
okay pvalchev.
2004-01-29KNFHenning Brauer
2004-01-29and another oneMichael Shalayeff
2004-01-29will be needed for cats tooTheo de Raadt
2004-01-29MORE BULLSHIT BECAUSE THIS PIECE OF SHIT IS INTERTWINED WITH PFCTLTheo de Raadt
2004-01-28properly whine when password is too long instead of silently truncatingHenning Brauer
2004-01-28implementHenning Brauer
tcp md5sig password so that the key can be given in ascii, what unfortunately limits the key space (cisco/juniper compat...) we keep the ability to specify the key in hex whithout these limits. help & ok markus
2004-01-28improve loggingHenning Brauer
2004-01-28some code refactoring.Marc Espie
minor optimization: don't try to open pipe to local file that doesn't exist anyways. track connections per-host for ftp/http. Don't allow more than maxcount() connections per-host (for now, one connection). tests by sturm@, fries@
2004-01-28KNFHenning Brauer
2004-01-28Add -L to record/enforce localbase.Marc Espie
Okay sturm@
2004-01-28add some missing options/args to pkcs{7,8,12} that i missed earlier;Jason McIntyre
2004-01-28-rename pfkey_setkey to pfkey_sa_addHenning Brauer
-implement pfkey_sa_remove -use it in pfkey_auth_remove we now properly remove the SAs we added on bgpd shutdown ok markus
2004-01-28fix pfkey_reply() logic:Henning Brauer
we always need to read the full message or we find old crap next time much more difficult to find than it sounds here... with & ok markus
2004-01-28privilege separated tcpdump, joint work with otto@Can Erkin Acar
tested by avsm@ vincent@ dhartmei@ markus@ hshoexer@ and others go for it deraadt@
2004-01-28update and sort openssl pkcs{7,8,12};Jason McIntyre
plus some consistency fixes;
2004-01-28catch SIGINT here as well so we can properly shut down if ^C'ed in debug modeHenning Brauer
2004-01-28STOP events for all sessions before we exit.Henning Brauer
allows for some cleanup to happen, especially we need this to remove the md5sig flows
2004-01-28missing free and fix memset misuse; From: Patrick Latifi <pat@eyeo.org>Henning Brauer
tho i fixed that using bzero instead
2004-01-28repair the bind() in session_connect; only used if local-addr was specifiedHenning Brauer
got broken in the sockaddr_in -> bgpd_addr conversion
2004-01-28improve loggingHenning Brauer
2004-01-28we need a pfkey_init the gets us a PF_KEY socket before we drop privsHenning Brauer
eases other code quite a bit in exchange...
2004-01-28label x86_64 as LETheo de Raadt
2004-01-28Repair build links for pegosos, and also build for amd64Theo de Raadt
2004-01-28call pfkey_auth_establish() on START eventsHenning Brauer
call pfkey_auth_remove when a session drops back to IDLE state ok markus@ claudio@
2004-01-28-struct peer_auth to store the SPIs, linked into struct peerHenning Brauer
-add pfkey_auth_establish(), which sets up flows for both directions and stores the SPIs in above struct -add (yet dummy) pfkey_auth_remove() with markus, ok claudio markus
2004-01-28don't pfkey_setkey() from here, claudio markus okHenning Brauer
2004-01-28initial support for SADB_DELETE; ok hshoexerMarkus Friedl
2004-01-28pfkey_setkey: sockaddr -> bgpd_addr; ok claudioMarkus Friedl
2004-01-28typo; from Ross L Richardson (PR 3655);Jason McIntyre
fix passed back to arlad people;
2004-01-28log & ignore RTM_CHANGE messages for that we don't find an exact matchHenning Brauer
apparently pppd loves to issue change messages twice, once with and once without netmask, and in the latter case we have to play the classless game, which could lead to additional entries with wrong netmask in our internal view of the routing table.
2004-01-28remove unused variable. ok millert@Kevin Lo
2004-01-27avoid File::IO, one less module to load.Marc Espie
catch more error conditions and die in a systematic way. okay sturm@
2004-01-27log_ntoa is herewith condemned to death by claudio and yours trulyHenning Brauer
2004-01-27make rt_sendmsg's local nextop and prefix struct in_addr too and don't useHenning Brauer
log_ntoa, claudio ok
2004-01-27don't use log_ntoa, claudio okHenning Brauer
2004-01-27struct kroute changed, copeHenning Brauer
ok claudio
2004-01-27move strict kroute from in_addr_t for nexthop and prefix to struct in_addrHenning Brauer
ok claudio
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-20 12:27:04 +0000