Commit Graph

60 Commits

Author SHA1 Message Date
gnn
f5875f045c Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.

Submitted by:    bz
Approved by:    re
2007-07-01 12:08:08 +00:00
deischen
ff36458e08 Bump library versions in preparation for 7.0.
Ok'd by:	kan
2007-05-21 02:49:08 +00:00
gnn
38b76f0623 Integrate the Camellia Block Cipher. For more information see RFC 4132
and its bibliography.

Submitted by:   Tomoyuki Okazaki <okazaki at kick dot gr dot jp>
MFC after:      1 month
2007-05-09 19:37:02 +00:00
ru
f4eec08060 Markup fixes. 2006-09-17 21:27:35 +00:00
ru
17d5388342 Provide alternate default for SHLIBDIR before bsd.own.mk does this.
Reported by:	phk
2006-03-18 11:01:06 +00:00
ru
388e590f95 Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
gnn
a3483ac2d7 Clean up some descriptions and remove ambiguities in the language.
Add explanations to the examples.

MFC after:	1 week
2006-02-14 13:02:00 +00:00
kensmith
f97f77429f Bump the shared library version number of all libraries that have not
been bumped since RELENG_5.

Reviewed by:	ru
Approved by:	re (not needed for commit check but in principle...)
2005-07-22 17:19:05 +00:00
ru
114ea39c76 Fixed the misplaced $FreeBSD$. 2005-02-09 18:07:17 +00:00
ru
5c04306fea NOINET6 -> NO_INET6 2004-12-21 10:49:29 +00:00
ru
50143bfdc4 Back out last delta, it just unpolitely reverted some local changes. 2004-07-01 17:13:15 +00:00
bms
9ce9891eda Initial import of RFC 2385 (TCP-MD5) digest support.
This is the second of two commits; bring in the userland support to finish.

Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.

Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.

Sponsored by:	sentex.net
2004-02-11 04:34:34 +00:00
ume
1b0d2b237e - plug memory leak.
- fixed a length of the sadb extension in the case of pfkey_send_x5().
- used getprotobynumber() for printing a upper layer protocol name.
- modified the output format against the change of the setkey syntax
  about a icmp6 type/code.
- don't enumerate reserved fields.  use memset.

Obtained from:	KAME
2003-11-05 09:41:23 +00:00
ume
5d571f04bf - errx() doesn't need `\n'.
- use %u for unsigned variable.

Obtained from:	KAME
2003-10-26 12:00:27 +00:00
ume
bf741bc603 stop use of NI_WITHSCOPEID. it was deprecated.
Obtained from:	KAME
2003-10-21 20:11:47 +00:00
ume
fd41336ef5 - support AES counter mode for ESP.
- use size_t as return type of schedlen(), as there's no error
  check needed.
- clear key schedule buffer before freeing.

Obtained from:	KAME
2003-10-13 14:57:41 +00:00
ume
de427fb9bf - support AES XCBC MAC for AH
- correct SADB_X_AALG_RIPEMD160HMAC to 8

Obtained from:	KAME
2003-10-13 04:54:51 +00:00
ume
2da6bcd326 - RIPEMD160 support
- pass size arg to ah->result (avoid assuming result buffer size)

Obtained from:	KAME
2003-10-12 09:41:42 +00:00
ru
1edcd1b018 mdoc(7): Properly mark C headers. 2003-09-10 19:24:35 +00:00
obrien
372364ee0f style.Makefile(5) 2003-08-18 15:25:39 +00:00
gordon
5901302929 Stage 3 of dynamic root support. Make all the libraries needed to run
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
2003-08-17 08:28:46 +00:00
sumikawa
c48484a7fe Buffer size is not enough in the previous commit. Use 128.
Pointed out by:	nectar
MFC after:	1 week
2003-04-17 07:20:00 +00:00
sumikawa
dea571d781 Make character buffer more bigger.
Obtained from:	KAME
MFC after:	1 week
2003-04-16 11:21:12 +00:00
charnier
f0ffe0ef9f The .Fn function 2003-03-24 16:02:05 +00:00
charnier
bd156625a7 The .Fn function. Spelling. 2003-02-06 11:29:40 +00:00
schweikh
d3367c5f5d Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
schweikh
fec6546e12 english(4) police. 2002-12-27 12:15:40 +00:00
peter
0a7f0ba37e Zap now-unused SHLIB_MINOR 2002-09-28 00:25:32 +00:00
suz
553226e8e1 just merged cosmetic changes from KAME to ease sync between KAME and FreeBSD.
(based on freebsd4-snap-20020128)

Reviewed by:	ume
MFC after:	1 week
2002-04-19 04:46:24 +00:00
obrien
e2881f49cc Remove multi-line __P() usage. 2002-03-22 09:22:15 +00:00
obrien
fd9d7ac0ed Remove __P() usage. 2002-03-21 23:54:04 +00:00
ru
623da62a5a mdoc(7) police: Use the new .In macro for #include statements. 2001-10-01 16:09:29 +00:00
dillon
06293dece1 Add __FBSDID()s to libipsec 2001-09-30 21:43:45 +00:00
ru
7221cd94bd mdoc(7) police: fixed the "new sentence" bogons. 2001-08-10 15:03:10 +00:00
ru
4345758876 mdoc(7) police:
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
2001-08-07 15:48:51 +00:00
ume
840f9b9d5f printed current sequence number of the SA. accordingly, changed
into sadb_x_sa2_sequence from sadb_x_sa2_reserved3 in the sadb_x_sa2
structure.  Also the output of setkey is changed.  sequence number
of the sadb is replaced to the end of the output.

Obtained from:	KAME
2001-08-06 19:40:01 +00:00
dd
a145482cf6 Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
ume
832f8d2249 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00
ru
25ef23ac1c MAN[1-9] -> MAN. 2001-03-27 17:27:19 +00:00
ru
8a6f8b5fe4 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
ben
30b43d4123 Fix typo: ispec -> ipsec
PR:		24005
Submitted by:	Jimmy Olgeni <olgeni@uli.it>
2001-01-01 23:26:16 +00:00
obrien
10e390cb2e Change the spelling of .' to .' from .OBJDIR since `.' really is where
generated files land.  Also give precedence to generated files.
2000-12-05 22:10:43 +00:00
obrien
cafb2a0daa The GCC 2.96 snapshots have slightly different rules for finding include
files.  Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive.  Some were
misspellings of "-I${.CURDIR}" as "-I.".
2000-12-01 09:39:28 +00:00
itojun
0bbd943f40 synchronize with latest kame tree.
behavior change: policy syntax was changed.  you may need to update your
setkey(8) configuration files.
2000-07-04 16:22:05 +00:00
phantom
70475243cd Fix typo.
Noticed by:	hoek
2000-05-06 14:07:35 +00:00
phantom
3f441717c9 . remove some unneeded comments
. replace .Os value with empty value since this library is not KAME only
anymore
. add a note about IPv6 and IPsec integration to the FreeBSD
2000-05-01 14:42:09 +00:00
phantom
7ee9c71cc0 . add a note about IPv6/IPsec integration to the FreeBSD
. replace .Po/.Pc pairs with .Pq
. remove some unneeded comments
. .Lb-ify
2000-05-01 14:40:06 +00:00
steve
1feb59c27f Don't try to compile in INET6 support when NOINET6 is defined. 2000-04-15 20:45:52 +00:00
shin
d63032307c Replace the prefix for yylval to less confusing one.
(Sorry, this should be committed with previous commit to Makefile.)
2000-04-02 05:08:07 +00:00
shin
79ce44e001 Replace the prefix for yylval to less confusing one.
Suggested by: bruce
2000-04-01 22:28:36 +00:00