summaryrefslogtreecommitdiff
path: root/usr.sbin
AgeCommit message (Collapse)Author
2004-02-02Fix bug in the decision process. The decision process is unable to directlyClaudio Jeker
detect changes of the active prefix. This bug is only triggered when a nexthop changes state. While doing that clarify prefix_move a bit. OK henning@
2004-02-02Somehow I missed this peace in one of my last commits. OK henning@Claudio Jeker
2004-02-02Use correct struct in sizeof for calloc. OK henning@Claudio Jeker
2004-02-02Seal a memory leak and fix a format string, conf->as is unsigned.Claudio Jeker
OK henning@
2004-02-02Do away with non-aligned memory accesses.Otto Moerbeek
ok deraadt@ hshoexer@
2004-02-01pasto, from glukHenning Brauer
2004-02-01Update: document the network statement and update the announce descriptionClaudio Jeker
OK henning@
2004-02-01Set sane default announce types according to the peer type. For IBGP useClaudio Jeker
announce all and for EBGP use announce self. OK henning@
2004-02-01put v6 cruft into session_up() while beeing there... claudio okHenning Brauer
2004-02-01sort openssl rand options;Jason McIntyre
2004-02-01add paper.txt target;Jason McIntyre
2004-02-01add paper.txt target;Jason McIntyre
2004-01-31rename tcp sockopt TCP_SIGNATURE_ENABLE to TCP_MD5SIGHenning Brauer
requested by theo ok markus@ hshoexer@
2004-01-31pkg_create -L support, which I forgot to commit.Marc Espie
-B pkg-destdir, synonymous to -S, and PKG_DESTDIR support.
2004-01-31general cleanup and better SIGCHLD handling from millert@Otto Moerbeek
ok canacar@
2004-01-30in the parse_config() -> merge_config() chain, you shall not nullHenning Brauer
conf->opts that holds some of the command line opts. repairs -n.
2004-01-30missing free() in an error path that should be unreachableHenning Brauer
From: Patrick Latifi <pat@eyeo.org>
2004-01-30please sparc64, with & ok claudioHenning Brauer
2004-01-30-enable md5sig on the listening socketHenning Brauer
-on connections we just accepted, check wether md5sig is configured for that peer, and check wether the connection is md5sig'd too. if not, refuse tested against cisco 7200.
2004-01-29enable tcp md5sig om the connecting socket when md5sig is configured for thatHenning Brauer
peer. I just successfully established an md5sig'd session against a cisco 7200 with that.
2004-01-29destdir supportMarc Espie
okay pvalchev.
2004-01-29KNFHenning Brauer
2004-01-29and another oneMichael Shalayeff
2004-01-29will be needed for cats tooTheo de Raadt
2004-01-29MORE BULLSHIT BECAUSE THIS PIECE OF SHIT IS INTERTWINED WITH PFCTLTheo de Raadt
2004-01-28properly whine when password is too long instead of silently truncatingHenning Brauer
2004-01-28implementHenning Brauer
tcp md5sig password so that the key can be given in ascii, what unfortunately limits the key space (cisco/juniper compat...) we keep the ability to specify the key in hex whithout these limits. help & ok markus
2004-01-28improve loggingHenning Brauer
2004-01-28some code refactoring.Marc Espie
minor optimization: don't try to open pipe to local file that doesn't exist anyways. track connections per-host for ftp/http. Don't allow more than maxcount() connections per-host (for now, one connection). tests by sturm@, fries@
2004-01-28KNFHenning Brauer
2004-01-28Add -L to record/enforce localbase.Marc Espie
Okay sturm@
2004-01-28add some missing options/args to pkcs{7,8,12} that i missed earlier;Jason McIntyre
2004-01-28-rename pfkey_setkey to pfkey_sa_addHenning Brauer
-implement pfkey_sa_remove -use it in pfkey_auth_remove we now properly remove the SAs we added on bgpd shutdown ok markus
2004-01-28fix pfkey_reply() logic:Henning Brauer
we always need to read the full message or we find old crap next time much more difficult to find than it sounds here... with & ok markus
2004-01-28privilege separated tcpdump, joint work with otto@Can Erkin Acar
tested by avsm@ vincent@ dhartmei@ markus@ hshoexer@ and others go for it deraadt@
2004-01-28update and sort openssl pkcs{7,8,12};Jason McIntyre
plus some consistency fixes;
2004-01-28catch SIGINT here as well so we can properly shut down if ^C'ed in debug modeHenning Brauer
2004-01-28STOP events for all sessions before we exit.Henning Brauer
allows for some cleanup to happen, especially we need this to remove the md5sig flows
2004-01-28missing free and fix memset misuse; From: Patrick Latifi <pat@eyeo.org>Henning Brauer
tho i fixed that using bzero instead
2004-01-28repair the bind() in session_connect; only used if local-addr was specifiedHenning Brauer
got broken in the sockaddr_in -> bgpd_addr conversion
2004-01-28improve loggingHenning Brauer
2004-01-28we need a pfkey_init the gets us a PF_KEY socket before we drop privsHenning Brauer
eases other code quite a bit in exchange...
2004-01-28label x86_64 as LETheo de Raadt
2004-01-28Repair build links for pegosos, and also build for amd64Theo de Raadt
2004-01-28call pfkey_auth_establish() on START eventsHenning Brauer
call pfkey_auth_remove when a session drops back to IDLE state ok markus@ claudio@
2004-01-28-struct peer_auth to store the SPIs, linked into struct peerHenning Brauer
-add pfkey_auth_establish(), which sets up flows for both directions and stores the SPIs in above struct -add (yet dummy) pfkey_auth_remove() with markus, ok claudio markus
2004-01-28don't pfkey_setkey() from here, claudio markus okHenning Brauer
2004-01-28initial support for SADB_DELETE; ok hshoexerMarkus Friedl
2004-01-28pfkey_setkey: sockaddr -> bgpd_addr; ok claudioMarkus Friedl
2004-01-28typo; from Ross L Richardson (PR 3655);Jason McIntyre
fix passed back to arlad people;
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-28 22:40:54 +0000