summaryrefslogtreecommitdiff
path: root/security/racoon/patches
AgeCommit message (Collapse)AuthorFilesLines
2002-11-20upgrade to 20021120.itojun2-29/+6
- fix sha2 computation (was in patch-ag) - plug some memory leaks - more strict isakmp header length check - correct phase 2 proposal reqid handling - check for fd_set overrun
2002-08-25Merge packages from the buildlink2 branch back into the main trunk thatjlam1-1/+1
have been converted to USE_BUILDLINK2.
2002-05-20fix sha2 interoperability. From: "JuanJo Ciarlante" <jjo@mendoza.gov.ar>itojun1-0/+23
2002-05-13upgrade to 20020507a. logging issue is fixed. phase 2 negotiation w/itojun2-44/+0
unique policy is corrected.
2002-05-07fix arg to plogv().itojun4-2/+50
2002-04-26upgrade to 20020426a from kame.itojun1-34/+0
file descriptor leak fix. null encryption algorithm key length fix (should use 0). couple of null-pointer reference fixes. set port # to 500 in ID payload (possible interop issue - spec is unclear). correctly match address pair on informational exchange.
2002-04-15correct initial contact handling. PR 15949itojun1-0/+34
2001-10-17upgrade to 10/16 snapshot.itojun1-10/+1
- bugfixes in spd handling, scheduler leak. - make identity check more strict. - correct phase 2 proposal check.
2001-08-31upgrade to the latest (20010831a). a lot of bug fixes after helsinki IPsec/IKEitojun1-6/+6
bakeoff.
2001-08-02make it at least compile on netbsd151 systems. kernel API diffs should beitojun2-0/+30
wrapped by configure.in scripts, however, we don't use them for libipsec part.
2001-06-28make sure to link against local libipsec.a.itojun1-4/+14
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
2001-04-22remove "twofish" from sample configuration file, as the algorithmitojun1-6/+20
is not available in *BSD integrated KAME IPsec tree.
2001-02-18upgrade: 20001211a -> 20010215aitojun1-12/+0
key changes: -B flag, DH shared secret length handling fix, logging level fix, gssapi support (not enabled, may not work on plain 1.5 due to issue in kerberos library)
2000-12-12remove bogus bound-check. need revisit (DoS issue is not re-introduced).itojun1-0/+12
sync with kame
2000-11-06upgrade to 20001106a.itojun1-18/+0
- validate initial contact better. - more fine-grained control over pre-shared key configuration. - cert fixes.
2000-11-06do not return negative value from internal random() function.itojun1-0/+18
from shigeru@iij.ad.jp. sync with KAME.
2000-10-21add RCS Idwiz1-0/+1
2000-10-04upgrade to 10/4 snapshot.itojun2-63/+5
- disable idea/rc5 in phase 1 by default - use official DOI # for AES (= rijndael) - be more careful about parsing variable-length packet content - have __attribute__((__packed__)), be friendly with align-picky arch (confirmed to be working on i386, sh3 and alpha)
2000-09-24disable admin port better (KAME session.c 1.13 -> 1.14)itojun1-0/+53
2000-09-23upgrade to 9/23 snapshot.itojun1-8/+5
changes: lots of stabilization (made during interop tests with bunch of other implementations), certificate support improvement, security issue fix (admin tcp port, without authentication, was open previously)
2000-09-12upgrade racoon to 2000/9/12.itojun2-45/+9
certificate improvements. bug fix in policy matching. make pfs/policy matching strictness configurable. other logs can be found at http://www.kame.net/dev/cvsweb.cgi/kame/CHANGELOG.
2000-08-04Fix a bug where the parser would fail if a keylength was notthorpej1-0/+37
explicitly specified in a Phase-1 proposal statement. Patch sent to sakane@kame.net.
2000-07-30update to latest (7/31), to sync with /usr/include/netinet6/ipsec.h change.itojun1-11/+11
- improvements in multiple address case - sync with improvements in INET2000 bakeoff
2000-06-12build 20000612 KAME racoon IKE daemon, by pulling tar.gz from ftp.kame.netitojun4-22/+71
(does not use anoncvs any more). changes in racoon itself is way too many to mention. for full changelog refer http://www.kame.net/dev/cvsweb.cgi/kame/CHANGELOG.
2000-04-04pkgsrc build for racoon IKE daemonitojun1-0/+23
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-09 05:57:56 +0000