Commit Graph

69 Commits

Author SHA1 Message Date
bapt
3b0b9fa5f9 remove redundant yyparse declarations
PR:		conf/174079
Submitted by:	Garrett Cooper <yanegomi@gmail.com>
2012-12-05 20:28:44 +00:00
bz
51f3dcc0bd MFp4 204292:
Ignore the NAT_T extension types so we can at least dump the SADB from
the in-base libipsec/setkey without error when NAT_T support is present
in the kernel, though not printing the additional information yet.
However in case there is no NAT_T support in kernel still consider them
to be an error.

MFC after:	8 weeks
2012-02-11 20:43:01 +00:00
bz
97ccc39efb Use the correct constant (with same value) for comparying the SA type.
PR:		kern/142741
Submitted by:	Matthijs Kooiman (matthijs stdin.nl)
MFC after:	3 days
2012-02-11 11:11:43 +00:00
dim
8961209ca3 In lib/libipsec/policy_token.l, use lex's standard "%option noinput"
instead of hand-defining the YY_NO_INPUT macro.

MFC after:	1 week
2011-12-16 00:01:19 +00:00
dim
1288130bd1 Define YY_NO_INPUT in lib/libipsec/policy_token.l, so lex's input()
function does not get defined needlessly.

MFC after:	1 week
2011-12-15 23:22:24 +00:00
eadler
9d7884364e - change "is is" to "is" or "it is"
- change "the the" to "the"

Approved by:	lstewart
Approved by:	sahil (mentor)
MFC after:	3 days
2011-10-16 14:30:28 +00:00
kevlo
66c1e42a10 The use of snprintf() to append to a buffer is not valid according to C99 2010-12-11 08:07:21 +00:00
ed
09818ac28e Build lib/ with WARNS=6 by default.
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.

I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
2010-01-02 09:58:07 +00:00
kensmith
9c2c634ee9 Bump the version of all non-symbol-versioned shared libraries in
preparation for 8.0-RELEASE.  Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.

Reviewed by:    kib
Approved by:    re (rwatson)
2009-07-19 17:25:24 +00:00
gnn
f5875f045c Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.

Submitted by:    bz
Approved by:    re
2007-07-01 12:08:08 +00:00
deischen
ff36458e08 Bump library versions in preparation for 7.0.
Ok'd by:	kan
2007-05-21 02:49:08 +00:00
gnn
38b76f0623 Integrate the Camellia Block Cipher. For more information see RFC 4132
and its bibliography.

Submitted by:   Tomoyuki Okazaki <okazaki at kick dot gr dot jp>
MFC after:      1 month
2007-05-09 19:37:02 +00:00
ru
f4eec08060 Markup fixes. 2006-09-17 21:27:35 +00:00
ru
17d5388342 Provide alternate default for SHLIBDIR before bsd.own.mk does this.
Reported by:	phk
2006-03-18 11:01:06 +00:00
ru
388e590f95 Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
gnn
a3483ac2d7 Clean up some descriptions and remove ambiguities in the language.
Add explanations to the examples.

MFC after:	1 week
2006-02-14 13:02:00 +00:00
kensmith
f97f77429f Bump the shared library version number of all libraries that have not
been bumped since RELENG_5.

Reviewed by:	ru
Approved by:	re (not needed for commit check but in principle...)
2005-07-22 17:19:05 +00:00
ru
114ea39c76 Fixed the misplaced $FreeBSD$. 2005-02-09 18:07:17 +00:00
ru
5c04306fea NOINET6 -> NO_INET6 2004-12-21 10:49:29 +00:00
ru
50143bfdc4 Back out last delta, it just unpolitely reverted some local changes. 2004-07-01 17:13:15 +00:00
bms
9ce9891eda Initial import of RFC 2385 (TCP-MD5) digest support.
This is the second of two commits; bring in the userland support to finish.

Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.

Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.

Sponsored by:	sentex.net
2004-02-11 04:34:34 +00:00
ume
1b0d2b237e - plug memory leak.
- fixed a length of the sadb extension in the case of pfkey_send_x5().
- used getprotobynumber() for printing a upper layer protocol name.
- modified the output format against the change of the setkey syntax
  about a icmp6 type/code.
- don't enumerate reserved fields.  use memset.

Obtained from:	KAME
2003-11-05 09:41:23 +00:00
ume
5d571f04bf - errx() doesn't need `\n'.
- use %u for unsigned variable.

Obtained from:	KAME
2003-10-26 12:00:27 +00:00
ume
bf741bc603 stop use of NI_WITHSCOPEID. it was deprecated.
Obtained from:	KAME
2003-10-21 20:11:47 +00:00
ume
fd41336ef5 - support AES counter mode for ESP.
- use size_t as return type of schedlen(), as there's no error
  check needed.
- clear key schedule buffer before freeing.

Obtained from:	KAME
2003-10-13 14:57:41 +00:00
ume
de427fb9bf - support AES XCBC MAC for AH
- correct SADB_X_AALG_RIPEMD160HMAC to 8

Obtained from:	KAME
2003-10-13 04:54:51 +00:00
ume
2da6bcd326 - RIPEMD160 support
- pass size arg to ah->result (avoid assuming result buffer size)

Obtained from:	KAME
2003-10-12 09:41:42 +00:00
ru
1edcd1b018 mdoc(7): Properly mark C headers. 2003-09-10 19:24:35 +00:00
obrien
372364ee0f style.Makefile(5) 2003-08-18 15:25:39 +00:00
gordon
5901302929 Stage 3 of dynamic root support. Make all the libraries needed to run
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
2003-08-17 08:28:46 +00:00
sumikawa
c48484a7fe Buffer size is not enough in the previous commit. Use 128.
Pointed out by:	nectar
MFC after:	1 week
2003-04-17 07:20:00 +00:00
sumikawa
dea571d781 Make character buffer more bigger.
Obtained from:	KAME
MFC after:	1 week
2003-04-16 11:21:12 +00:00
charnier
f0ffe0ef9f The .Fn function 2003-03-24 16:02:05 +00:00
charnier
bd156625a7 The .Fn function. Spelling. 2003-02-06 11:29:40 +00:00
schweikh
d3367c5f5d Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
schweikh
fec6546e12 english(4) police. 2002-12-27 12:15:40 +00:00
peter
0a7f0ba37e Zap now-unused SHLIB_MINOR 2002-09-28 00:25:32 +00:00
suz
553226e8e1 just merged cosmetic changes from KAME to ease sync between KAME and FreeBSD.
(based on freebsd4-snap-20020128)

Reviewed by:	ume
MFC after:	1 week
2002-04-19 04:46:24 +00:00
obrien
e2881f49cc Remove multi-line __P() usage. 2002-03-22 09:22:15 +00:00
obrien
fd9d7ac0ed Remove __P() usage. 2002-03-21 23:54:04 +00:00
ru
623da62a5a mdoc(7) police: Use the new .In macro for #include statements. 2001-10-01 16:09:29 +00:00
dillon
06293dece1 Add __FBSDID()s to libipsec 2001-09-30 21:43:45 +00:00
ru
7221cd94bd mdoc(7) police: fixed the "new sentence" bogons. 2001-08-10 15:03:10 +00:00
ru
4345758876 mdoc(7) police:
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
2001-08-07 15:48:51 +00:00
ume
840f9b9d5f printed current sequence number of the SA. accordingly, changed
into sadb_x_sa2_sequence from sadb_x_sa2_reserved3 in the sadb_x_sa2
structure.  Also the output of setkey is changed.  sequence number
of the sadb is replaced to the end of the output.

Obtained from:	KAME
2001-08-06 19:40:01 +00:00
dd
a145482cf6 Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
ume
832f8d2249 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00
ru
25ef23ac1c MAN[1-9] -> MAN. 2001-03-27 17:27:19 +00:00
ru
8a6f8b5fe4 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
ben
30b43d4123 Fix typo: ispec -> ipsec
PR:		24005
Submitted by:	Jimmy Olgeni <olgeni@uli.it>
2001-01-01 23:26:16 +00:00