Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Correct settings for file ownership (*OWN, *GRP in patch-aa and patch-ao).
Added missing installation directories in patch-aa.
Sorted PLIST to placate pkglint.
Adapted filename in patch-an to the way mkpatches generates nowadays.
|
|
|
|
int arg cause compile to fail because -Werror is specified in compile flags.
Fix was to add appropriate cast in several places.
|
|
not include <openssl/rsa.h> from <openssl/x509.h>. Fixes PR pkg/23901.
While here, apply the patches to properly buildlinkify it for openssl,
which I forgot to pass to agc@ for the last update.
|
|
No changelog available, but many bugs fixed, and these sources will
compile with gcc-3.3.1 (well, after I tweaked them). With thanks to
Christoph Badura for most of this work, I merely did the gcc-3.3.1
patching.
|
|
|
|
|
|
* bug fixes
|
|
|
|
* OpenBSD 3.1 SA 010: Receiving IKE payloads out of sequence can cause
isakmpd(8) to crash.
* A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>.
Some style mods, and checks added for OpenSSL version 0.9.7 or later.
Currently CRLs are not supported for earlier versions.
Manual pages updated.
* Handle configuration lines that end in whitespace or ^M.
Also avoid a potential memory leak.
* Start for support of IKECFG in SET/ACK mode. Server side only so far.
* Fix keyed HMAC where the key was longer than the blocksize
|
|
- Change DH group handling in the pre-generated parts of the
configuration. Add a -GRP{1,2,5} component to transform and suite
names to directly specify which group to use. If no group is
specified, use DH group 2 (MODP_1024). Earlier transforms and suites
using the MD5 hash defaulted to DH group 1, this is no longer true.
- Unbreak MD5 and SHA1 passphrases in policy check.
- Don't message_dump_raw() bad length messages, i.e too short.
- Fix a couple of snprintf length bugs.
- Compile without warnings for older/newer OpenSSL.
|
|
Changes:
* bug fixes
|
|
- str[n]{cpy,cat} -> strl{cpy,cat}, sprintf -> snprintf
- strftime format fixes
- Don't hang waiting for select() with SIGTERM + no active SA
- Add UI option 'R' to trigger isakmpd reinit (same as SIGHUP)
...
http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/isakmpd/
|
|
Exact list of changes is unknown (you might take a look at OpenBSD's
log entries at http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/isakmpd/)
|
|
key changes since 20010403:
- be more picky about isakmpd.policy permission
- debug: dump decoded IKE packets in pcap(3) format
- cert improvements
- RFC2367 compliance
- bug fixes: correct SA refcnt, memory alloc and doc fixes
|
|
|
|
|
|
+ move the patch digest/checksum values from files/patch-sum to distinfo
|