CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: christos Date: Fri Jun 5 15:19:08 UTC 2020 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: key_debug.c Log Message: fix wrong size addition (Andrew Cagney) XXX: This file is nearly identical with /usr/src/sys/netipsec/key_debug.c and should be merged. To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 \ src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.14 src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.15 --- src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.14 Mon May 28 16:45:38 2018 +++ src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c Fri Jun 5 11:19:08 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: key_debug.c,v 1.14 2018/05/28 20:45:38 maxv Exp $ */ +/* $NetBSD: key_debug.c,v 1.15 2020/06/05 15:19:08 christos Exp $ */ /* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */ @@ -418,7 +418,7 @@ kdebug_sadb_key(struct sadb_ext *ext) (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); } - ipsec_hexdump(key + sizeof(struct sadb_key), + ipsec_hexdump(key + 1, (int)((uint32_t)key->sadb_key_bits >> 3)); printf(" }\n"); return;
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: maxv Date: Sun Oct 14 08:36:09 UTC 2018 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: Makefile.am Removed Files: src/crypto/dist/ipsec-tools/src/libipsec: test-policy-priority.c test-policy.c Log Message: Remove dead files that have never been built, and likely can't build since they are not correct C files. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/crypto/dist/ipsec-tools/src/libipsec/Makefile.am cvs rdiff -u -r1.4 -r0 \ src/crypto/dist/ipsec-tools/src/libipsec/test-policy-priority.c \ src/crypto/dist/ipsec-tools/src/libipsec/test-policy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/Makefile.am diff -u src/crypto/dist/ipsec-tools/src/libipsec/Makefile.am:1.3 src/crypto/dist/ipsec-tools/src/libipsec/Makefile.am:1.4 --- src/crypto/dist/ipsec-tools/src/libipsec/Makefile.am:1.3 Wed Jul 23 09:06:51 2008 +++ src/crypto/dist/ipsec-tools/src/libipsec/Makefile.am Sun Oct 14 08:36:09 2018 @@ -1,5 +1,4 @@ -#bin_PROGRAMS = test-policy test-policy-priority lib_LTLIBRARIES = libipsec.la libipsecdir = $(includedir)/libipsec @@ -30,10 +29,4 @@ libipsec_la_LIBADD = $(LEXLIB) noinst_HEADERS = ipsec_strerror.h -#test_policy_SOURCES = test-policy.c -#test_policy_LDFLAGS = libipsec.la - -#test_policy_priority_SOURCES = test-policy-priority.c -#test_policy_priority_LDFLAGS = libipsec.la - -EXTRA_DIST = ${man3_MANS} test-policy.c +EXTRA_DIST = ${man3_MANS}
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: maxv Date: Thu Sep 6 09:38:05 UTC 2018 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: ipsec_strerror.3 Log Message: sync with reality To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3 diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3:1.12 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3:1.13 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3:1.12 Wed Jan 4 16:30:50 2012 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3 Thu Sep 6 09:38:05 2018 @@ -1,4 +1,4 @@ -.\" $NetBSD: ipsec_strerror.3,v 1.12 2012/01/04 16:30:50 wiz Exp $ +.\" $NetBSD: ipsec_strerror.3,v 1.13 2018/09/06 09:38:05 maxv Exp $ .\" .\" $KAME: ipsec_strerror.3,v 1.9 2001/08/17 07:21:36 itojun Exp $ .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd January 4, 2012 +.Dd September 6, 2018 .Dt IPSEC_STRERROR 3 .Os .\" @@ -45,17 +45,9 @@ .Fn ipsec_strerror void .\" .Sh DESCRIPTION -.Pa netinet6/ipsec.h -declares -.Pp -.Dl extern int ipsec_errcode ; -.Pp -which is used to pass an error code from the IPsec policy manipulation -library to a program. .Fn ipsec_strerror can be used to obtain the error message string for the error code. .Pp -The array pointed to is not to be modified by the calling program. Since .Fn ipsec_strerror uses
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: maxv Date: Mon May 28 19:39:21 UTC 2018 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: key_debug.c Log Message: Remove ipsec_bindump, there is no prototype, so the function can't be used. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 \ src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.12 src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.13 --- src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.12 Mon May 28 19:22:40 2018 +++ src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c Mon May 28 19:39:21 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: key_debug.c,v 1.12 2018/05/28 19:22:40 maxv Exp $ */ +/* $NetBSD: key_debug.c,v 1.13 2018/05/28 19:39:21 maxv Exp $ */ /* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */ @@ -868,18 +868,6 @@ kdebug_sockaddr(struct sockaddr *addr) } void -ipsec_bindump(caddr_t buf, int len) -{ - int i; - - for (i = 0; i < len; i++) - printf("%c", (unsigned char)buf[i]); - - return; -} - - -void ipsec_hexdump(const void *buf, int len) { int i;
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: maxv Date: Mon May 28 20:45:38 UTC 2018 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: ipsec_dump_policy.c ipsec_strerror.h key_debug.c libpfkey.h pfkey.c pfkey_dump.c policy_parse.y policy_token.l Log Message: drop __P, suggested by sevan To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c cvs rdiff -u -r1.4 -r1.5 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h cvs rdiff -u -r1.13 -r1.14 \ src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c \ src/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y cvs rdiff -u -r1.19 -r1.20 \ src/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h cvs rdiff -u -r1.25 -r1.26 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c cvs rdiff -u -r1.23 -r1.24 \ src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c cvs rdiff -u -r1.9 -r1.10 \ src/crypto/dist/ipsec-tools/src/libipsec/policy_token.l Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.10 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.11 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.10 Mon May 28 19:22:40 2018 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c Mon May 28 20:45:38 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_dump_policy.c,v 1.10 2018/05/28 19:22:40 maxv Exp $ */ +/* $NetBSD: ipsec_dump_policy.c,v 1.11 2018/05/28 20:45:38 maxv Exp $ */ /* Id: ipsec_dump_policy.c,v 1.10 2005/06/29 09:12:37 manubsd Exp */ @@ -63,12 +63,12 @@ static const char *ipsp_policy_strs[] = "discard", "none", "ipsec", "entrust", "bypass", }; -static char *ipsec_dump_ipsecrequest __P((char *, size_t, - struct sadb_x_ipsecrequest *, size_t, int)); -static char *ipsec_dump_policy1 __P((void *, const char *, int)); -static int set_addresses __P((char *, size_t, struct sockaddr *, - struct sockaddr *, int)); -static char *set_address __P((char *, size_t, struct sockaddr *, int)); +static char *ipsec_dump_ipsecrequest(char *, size_t, + struct sadb_x_ipsecrequest *, size_t, int); +static char *ipsec_dump_policy1(void *, const char *, int); +static int set_addresses(char *, size_t, struct sockaddr *, + struct sockaddr *, int); +static char *set_address(char *, size_t, struct sockaddr *, int); /* * policy is sadb_x_policy buffer. Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h:1.4 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h:1.5 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h:1.4 Sat Sep 9 16:22:09 2006 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h Mon May 28 20:45:38 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_strerror.h,v 1.4 2006/09/09 16:22:09 manu Exp $ */ +/* $NetBSD: ipsec_strerror.h,v 1.5 2018/05/28 20:45:38 maxv Exp $ */ /* Id: ipsec_strerror.h,v 1.4 2004/06/07 09:18:46 ludvigm Exp */ @@ -35,7 +35,7 @@ #define _IPSEC_STRERROR_H extern int __ipsec_errcode; -extern void __ipsec_set_strerror __P((const char *)); +extern void __ipsec_set_strerror(const char *); #define EIPSEC_NO_ERROR 0 /*success*/ #define EIPSEC_NOT_SUPPORTED 1 /*not supported*/ Index: src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.13 src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.14 --- src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.13 Mon May 28 19:39:21 2018 +++ src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c Mon May 28 20:45:38 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: key_debug.c,v 1.13 2018/05/28 19:39:21 maxv Exp $ */ +/* $NetBSD: key_debug.c,v 1.14 2018/05/28 20:45:38 maxv Exp $ */ /* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */ @@ -71,35 +71,35 @@ #include "config.h" #include "libpfkey.h" -static void kdebug_sadb_prop __P((struct sadb_ext *)); -static void kdebug_sadb_identity __P((struct sadb_ext *)); -static void kdebug_sadb_supported __P((struct sadb_ext *)); -static void kdebug_sadb_lifetime __P((struct sadb_ext *)); -static void kdebug_sadb_sa __P((struct sadb_ext *)); -static void kdebug_sadb_address __P((struct sadb_ext *)); -static void kdebug_sadb_key __P((struct sadb_ext *)); -static void kdebug_sadb_x_sa2 __P((struct sadb_ext *)); -static void kdebug_sadb_x_policy __P((struct sadb_ext *ext)); -static void kdebug_sockaddr __P((struct sockaddr *addr)); +static void kdebug_sadb_prop(struct sadb_ext *); +static void kdebug_sadb_identity(struct sadb_ext *); +static void kdebug_sadb_supported(struct sadb_ext *); +static void kdebug_sadb_lifetime(struct sadb_ext *); +static void kdebug_sadb_sa(struct sadb_ext *); +static void kdebug_sadb_addre
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: maxv Date: Mon May 28 19:36:42 UTC 2018 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: pfkey_dump.c policy_parse.y Log Message: fix -Wdiscarded-qualifiers To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 \ src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c cvs rdiff -u -r1.12 -r1.13 \ src/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.22 src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.23 --- src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.22 Mon May 28 19:22:40 2018 +++ src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c Mon May 28 19:36:42 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkey_dump.c,v 1.22 2018/05/28 19:22:40 maxv Exp $ */ +/* $NetBSD: pfkey_dump.c,v 1.23 2018/05/28 19:36:42 maxv Exp $ */ /* $KAME: pfkey_dump.c,v 1.45 2003/09/08 10:14:56 itojun Exp $ */ @@ -105,12 +105,12 @@ do { \ printf("%u ", (num)); \ } while (/*CONSTCOND*/0) -static char *str_ipaddr __P((struct sockaddr *)); -static char *str_ipport __P((struct sockaddr *)); -static char *str_prefport __P((u_int, u_int, u_int, u_int)); +static const char *str_ipaddr __P((struct sockaddr *)); +static const char *str_ipport __P((struct sockaddr *)); +static const char *str_prefport __P((u_int, u_int, u_int, u_int)); static void str_upperspec __P((u_int, u_int, u_int)); static char *str_time __P((time_t)); -static void str_lifetime_byte __P((struct sadb_lifetime *, char *)); +static void str_lifetime_byte __P((struct sadb_lifetime *, const char *)); static void pfkey_sadump1(struct sadb_msg *, int); static void pfkey_spdump1(struct sadb_msg *, int); @@ -122,7 +122,7 @@ struct val2str { /* * Must to be re-written about following strings. */ -static char *str_satype[] = { +static const char *str_satype[] = { "unspec", "unknown", "ah", @@ -137,13 +137,13 @@ static char *str_satype[] = { "tcp", }; -static char *str_mode[] = { +static const char *str_mode[] = { "any", "transport", "tunnel", }; -static char *str_state[] = { +static const char *str_state[] = { "larval", "mature", "dying", @@ -661,7 +661,7 @@ pfkey_spdump1(struct sadb_msg *m, int wi /* * set "ipaddress" to buffer. */ -static char * +static const char * str_ipaddr(struct sockaddr *sa) { static char buf[NI_MAXHOST]; @@ -679,7 +679,7 @@ str_ipaddr(struct sockaddr *sa) /* * set "port" to buffer. */ -static char * +static const char * str_ipport(struct sockaddr *sa) { static char buf[NI_MAXHOST]; @@ -698,7 +698,7 @@ str_ipport(struct sockaddr *sa) /* * set "/prefix[port number]" to buffer. */ -static char * +static const char * str_prefport(u_int family, u_int pref, u_int port, u_int ulp) { static char buf[128]; @@ -793,10 +793,10 @@ str_time(time_t t) } static void -str_lifetime_byte(struct sadb_lifetime *x, char *str) +str_lifetime_byte(struct sadb_lifetime *x, const char *str) { double y; - char *unit; + const char *unit; int w; if (x == NULL) { Index: src/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y diff -u src/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y:1.12 src/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y:1.13 --- src/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y:1.12 Mon May 28 19:22:40 2018 +++ src/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y Mon May 28 19:36:42 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: policy_parse.y,v 1.12 2018/05/28 19:22:40 maxv Exp $ */ +/* $NetBSD: policy_parse.y,v 1.13 2018/05/28 19:36:42 maxv Exp $ */ /* $KAME: policy_parse.y,v 1.21 2003/12/12 08:01:26 itojun Exp $ */ @@ -107,7 +107,7 @@ static struct sockaddr *p_src = NULL; static struct sockaddr *p_dst = NULL; struct _val; -extern void yyerror __P((char *msg)); +extern void yyerror __P((const char *msg)); static struct sockaddr *parse_sockaddr __P((struct _val *addrbuf, struct _val *portbuf)); static int rule_check __P((void)); @@ -362,7 +362,7 @@ addresses %% void -yyerror(char *msg) +yyerror(const char *msg) { fprintf(stderr, "libipsec: %s while parsing \"%s\"\n", msg, __libipsectext);
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: maxv Date: Mon May 28 19:22:40 UTC 2018 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: ipsec_dump_policy.c ipsec_get_policylen.c key_debug.c pfkey.c pfkey_dump.c policy_parse.y policy_token.l Log Message: fix -Wunused and -Wold-style-definition To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c cvs rdiff -u -r1.7 -r1.8 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c cvs rdiff -u -r1.11 -r1.12 \ src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c \ src/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y cvs rdiff -u -r1.24 -r1.25 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c cvs rdiff -u -r1.21 -r1.22 \ src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c cvs rdiff -u -r1.8 -r1.9 \ src/crypto/dist/ipsec-tools/src/libipsec/policy_token.l Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.9 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.10 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.9 Fri Dec 3 15:01:11 2010 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c Mon May 28 19:22:40 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_dump_policy.c,v 1.9 2010/12/03 15:01:11 tteras Exp $ */ +/* $NetBSD: ipsec_dump_policy.c,v 1.10 2018/05/28 19:22:40 maxv Exp $ */ /* Id: ipsec_dump_policy.c,v 1.10 2005/06/29 09:12:37 manubsd Exp */ @@ -76,26 +76,19 @@ static char *set_address __P((char *, si * When delimiter == NULL, alternatively ' '(space) is applied. */ char * -ipsec_dump_policy(policy, delimiter) - ipsec_policy_t policy; - __ipsec_const char *delimiter; +ipsec_dump_policy(ipsec_policy_t policy, __ipsec_const char *delimiter) { return ipsec_dump_policy1(policy, delimiter, 0); } char * -ipsec_dump_policy_withports(policy, delimiter) - void *policy; - const char *delimiter; +ipsec_dump_policy_withports(void *policy, const char *delimiter) { return ipsec_dump_policy1(policy, delimiter, 1); } static char * -ipsec_dump_policy1(policy, delimiter, withports) - void *policy; - const char *delimiter; - int withports; +ipsec_dump_policy1(void *policy, const char *delimiter, int withports) { struct sadb_x_policy *xpl = policy; struct sadb_x_ipsecrequest *xisr; @@ -276,12 +269,8 @@ ipsec_dump_policy1(policy, delimiter, wi } static char * -ipsec_dump_ipsecrequest(buf, len, xisr, bound, withports) - char *buf; - size_t len; - struct sadb_x_ipsecrequest *xisr; - size_t bound; /* boundary */ - int withports; +ipsec_dump_ipsecrequest(char *buf, size_t len, struct sadb_x_ipsecrequest *xisr, +size_t bound /* boundary */, int withports) { const char *proto, *mode, *level; char abuf[NI_MAXHOST * 2 + 2]; @@ -376,12 +365,8 @@ ipsec_dump_ipsecrequest(buf, len, xisr, } static int -set_addresses(buf, len, sa1, sa2, withports) - char *buf; - size_t len; - struct sockaddr *sa1; - struct sockaddr *sa2; - int withports; +set_addresses(char *buf, size_t len, struct sockaddr *sa1, struct sockaddr *sa2, +int withports) { char tmp1[NI_MAXHOST], tmp2[NI_MAXHOST]; @@ -395,11 +380,7 @@ set_addresses(buf, len, sa1, sa2, withpo } static char * -set_address(buf, len, sa, withports) - char *buf; - size_t len; - struct sockaddr *sa; - int withports; +set_address(char *buf, size_t len, struct sockaddr *sa, int withports) { const int niflags = NI_NUMERICHOST | NI_NUMERICSERV; char host[NI_MAXHOST]; Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c:1.7 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c:1.8 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c:1.7 Wed Jul 18 12:07:50 2007 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c Mon May 28 19:22:40 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_get_policylen.c,v 1.7 2007/07/18 12:07:50 vanhu Exp $ */ +/* $NetBSD: ipsec_get_policylen.c,v 1.8 2018/05/28 19:22:40 maxv Exp $ */ /* $KAME: ipsec_get_policylen.c,v 1.5 2000/05/07 05:25:03 itojun Exp $ */ @@ -47,8 +47,7 @@ #include "ipsec_strerror.h" int -ipsec_get_policylen(policy) - ipsec_policy_t policy; +ipsec_get_policylen(ipsec_policy_t policy) { return policy ? PFKEY_EXTLEN(policy) : -1; } Index: src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.11 src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.12 --- src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c:1.11 Wed Apr 26 03:16:06 2017 +++ src/crypto/dist/ipsec-tools/src/libipsec/key_debug.c Mon May 28 19:22:40 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: key_debug.c,v 1.11 2017
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: ozaki-r Date: Wed Apr 26 03:19:49 UTC 2017 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: pfkey_dump.c Log Message: Print protocol number as well as its name ex.) before: "reserved" -> after: "255(reserved)" The original author is hsuenaga@IIJ To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 \ src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.20 src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.21 --- src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.20 Mon Jan 9 15:25:13 2012 +++ src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c Wed Apr 26 03:19:49 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkey_dump.c,v 1.20 2012/01/09 15:25:13 drochner Exp $ */ +/* $NetBSD: pfkey_dump.c,v 1.21 2017/04/26 03:19:49 ozaki-r Exp $ */ /* $KAME: pfkey_dump.c,v 1.45 2003/09/08 10:14:56 itojun Exp $ */ @@ -761,7 +761,7 @@ str_upperspec(ulp, p1, p2) ent = getprotobynumber((int)ulp); if (ent) - printf("%s", ent->p_name); + printf("%u(%s)", ulp, ent->p_name); else printf("%u", ulp);
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: wiz Date: Mon Feb 13 13:03:06 UTC 2012 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: pfkey.c Log Message: Use the correct constant. >From FreeBSD via Henning Petersen in PR 46005. To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.23 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.24 --- src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.23 Mon Jan 9 15:25:13 2012 +++ src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c Mon Feb 13 13:03:06 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkey.c,v 1.23 2012/01/09 15:25:13 drochner Exp $ */ +/* $NetBSD: pfkey.c,v 1.24 2012/02/13 13:03:06 wiz Exp $ */ /* $KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $ */ @@ -710,7 +710,7 @@ pfkey_send_register(int so, u_int satype { int len, algno; - if (satype == PF_UNSPEC) { + if (satype == SADB_SATYPE_UNSPEC) { for (algno = 0; algno < sizeof(supported_map)/sizeof(supported_map[0]); algno++) {
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: wiz Date: Wed Jan 4 16:30:51 UTC 2012 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: ipsec_set_policy.3 ipsec_strerror.3 Log Message: Bump date for previous. To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3 cvs rdiff -u -r1.11 -r1.12 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3 diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3:1.17 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3:1.18 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3:1.17 Wed Jan 4 16:09:40 2012 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3 Wed Jan 4 16:30:50 2012 @@ -1,4 +1,4 @@ -.\" $NetBSD: ipsec_set_policy.3,v 1.17 2012/01/04 16:09:40 drochner Exp $ +.\" $NetBSD: ipsec_set_policy.3,v 1.18 2012/01/04 16:30:50 wiz Exp $ .\" .\" $KAME: ipsec_set_policy.3,v 1.16 2003/01/06 21:59:03 sumikawa Exp $ .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd May 5, 1998 +.Dd January 4, 2012 .Dt IPSEC_SET_POLICY 3 .Os .Sh NAME Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3 diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3:1.11 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3:1.12 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3:1.11 Wed Jan 4 16:09:40 2012 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3 Wed Jan 4 16:30:50 2012 @@ -1,4 +1,4 @@ -.\" $NetBSD: ipsec_strerror.3,v 1.11 2012/01/04 16:09:40 drochner Exp $ +.\" $NetBSD: ipsec_strerror.3,v 1.12 2012/01/04 16:30:50 wiz Exp $ .\" .\" $KAME: ipsec_strerror.3,v 1.9 2001/08/17 07:21:36 itojun Exp $ .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd May 6, 1998 +.Dd January 4, 2012 .Dt IPSEC_STRERROR 3 .Os .\"
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: tteras Date: Mon Nov 14 13:24:05 UTC 2011 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: pfkey.c Log Message: >From Marcelo Leitner : do not shrink pfkey socket buffers (if system default is larger than what we want as minimum) To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.21 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.22 --- src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.21 Thu Jan 20 16:08:35 2011 +++ src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c Mon Nov 14 13:24:04 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkey.c,v 1.21 2011/01/20 16:08:35 vanhu Exp $ */ +/* $NetBSD: pfkey.c,v 1.22 2011/11/14 13:24:04 tteras Exp $ */ /* $KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $ */ @@ -1783,7 +1783,9 @@ int pfkey_open(void) { int so; - int bufsiz = 128 * 1024; /*is 128K enough?*/ + int bufsiz_current, bufsiz_wanted; + int ret; + socklen_t len; if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) { __ipsec_set_strerror(strerror(errno)); @@ -1794,14 +1796,29 @@ pfkey_open(void) * This is a temporary workaround for KAME PR 154. * Don't really care even if it fails. */ - (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz)); - (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); - bufsiz = 256 * 1024; - (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); - bufsiz = 512 * 1024; - (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); - bufsiz = 1024 * 1024; - (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); + /* Try to have 128k. If we have more, do not lower it. */ + bufsiz_wanted = 128 * 1024; + len = sizeof(bufsiz_current); + ret = getsockopt(so, SOL_SOCKET, SO_SNDBUF, + &bufsiz_current, &len); + if ((ret < 0) || (bufsiz_current < bufsiz_wanted)) + (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, + &bufsiz_wanted, sizeof(bufsiz_wanted)); + + /* Try to have have at least 2MB. If we have more, do not lower it. */ + bufsiz_wanted = 2 * 1024 * 1024; + len = sizeof(bufsiz_current); + ret = getsockopt(so, SOL_SOCKET, SO_RCVBUF, + &bufsiz_current, &len); + if (ret < 0) + bufsiz_current = 128 * 1024; + + for (; bufsiz_wanted > bufsiz_current; bufsiz_wanted /= 2) { + if (setsockopt(so, SOL_SOCKET, SO_RCVBUF, +&bufsiz_wanted, sizeof(bufsiz_wanted)) == 0) + break; + } + __ipsec_errcode = EIPSEC_NO_ERROR; return so; }
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: vanhu Date: Thu Jan 20 16:08:35 UTC 2011 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: pfkey.c Log Message: fixed a typo, it will now compile when KMADDRESS is defined. reported by Roman Hoog Antink (rha (at) open.ch) To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.20 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.21 --- src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.20 Wed Dec 8 01:55:12 2010 +++ src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c Thu Jan 20 16:08:35 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkey.c,v 1.20 2010/12/08 01:55:12 joerg Exp $ */ +/* $NetBSD: pfkey.c,v 1.21 2011/01/20 16:08:35 vanhu Exp $ */ /* $KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $ */ @@ -2282,7 +2282,7 @@ * `buf' must has been allocated sufficiently. */ static caddr_t -pfkey_setsadbkmaddr(caddr_t buf, caddr_T lim, struct sockaddr *local, +pfkey_setsadbkmaddr(caddr_t buf, caddr_t lim, struct sockaddr *local, struct sockaddr *remote) { struct sadb_x_kmaddress *p;
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: joerg Date: Wed Dec 8 01:55:12 UTC 2010 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: pfkey.c Log Message: ANSIfy To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.19 src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.20 --- src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c:1.19 Fri Jul 3 06:40:10 2009 +++ src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c Wed Dec 8 01:55:12 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkey.c,v 1.19 2009/07/03 06:40:10 tteras Exp $ */ +/* $NetBSD: pfkey.c,v 1.20 2010/12/08 01:55:12 joerg Exp $ */ /* $KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $ */ @@ -380,13 +380,10 @@ * -1 : error occured, and set errno. */ int -pfkey_send_getspi_nat(so, satype, mode, src, dst, natt_type, sport, dport, min, max, reqid, seq) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int8_t natt_type; - u_int16_t sport, dport; - u_int32_t min, max, reqid, seq; +pfkey_send_getspi_nat(int so, u_int satype, u_int mode, struct sockaddr *src, +struct sockaddr *dst, u_int8_t natt_type, u_int16_t sport, +u_int16_t dport, u_int32_t min, u_int32_t max, u_int32_t reqid, +u_int32_t seq) { struct sadb_msg *newmsg; caddr_t ep; @@ -538,11 +535,9 @@ } int -pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t min, max, reqid, seq; +pfkey_send_getspi(int so, u_int satype, u_int mode, struct sockaddr *src, +struct sockaddr *dst, u_int32_t min, u_int32_t max, u_int32_t reqid, +u_int32_t seq) { return pfkey_send_getspi_nat(so, satype, mode, src, dst, 0, 0, 0, min, max, reqid, seq); @@ -556,12 +551,10 @@ * -1 : error occured, and set errno. */ int -pfkey_send_update2(sa_parms) - struct pfkey_send_sa_args *sa_parms; +pfkey_send_update2(struct pfkey_send_sa_args *sa_parms) { int len; - sa_parms->type = SADB_UPDATE; if ((len = pfkey_send_x1(sa_parms)) < 0) return -1; @@ -577,8 +570,7 @@ * -1 : error occured, and set errno. */ int -pfkey_send_add2(sa_parms) - struct pfkey_send_sa_args *sa_parms; +pfkey_send_add2(struct pfkey_send_sa_args *sa_parms) { int len; @@ -596,11 +588,8 @@ * -1 : error occured, and set errno. */ int -pfkey_send_delete(so, satype, mode, src, dst, spi) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; +pfkey_send_delete(int so, u_int satype, u_int mode, struct sockaddr *src, +struct sockaddr *dst, u_int32_t spi) { int len; if ((len = pfkey_send_x2(so, SADB_DELETE, satype, mode, src, dst, spi)) < 0) @@ -620,10 +609,8 @@ */ /*ARGSUSED*/ int -pfkey_send_delete_all(so, satype, mode, src, dst) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; +pfkey_send_delete_all(int so, u_int satype, u_int mode, struct sockaddr *src, +struct sockaddr *dst) { struct sadb_msg *newmsg; int len; @@ -702,11 +689,8 @@ * -1 : error occured, and set errno. */ int -pfkey_send_get(so, satype, mode, src, dst, spi) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; +pfkey_send_get(int so, u_int satype, u_int mode, struct sockaddr *src, +struct sockaddr *dst, u_int32_t spi) { int len; if ((len = pfkey_send_x2(so, SADB_GET, satype, mode, src, dst, spi)) < 0) @@ -722,9 +706,7 @@ * -1 : error occured, and set errno. */ int -pfkey_send_register(so, satype) - int so; - u_int satype; +pfkey_send_register(int so, u_int satype) { int len, algno; @@ -764,8 +746,7 @@ * -1: error occured, and set errno. */ int -pfkey_recv_register(so) - int so; +pfkey_recv_register(int so) { pid_t pid = getpid(); struct sadb_msg *newmsg; @@ -804,9 +785,7 @@ * -1: error occured, and set errno. */ int -pfkey_set_supported(msg, tlen) - struct sadb_msg *msg; - int tlen; +pfkey_set_supported(struct sadb_msg *msg, int tlen) { struct sadb_supported *sup; caddr_t p; @@ -868,9 +847,7 @@ * -1 : error occured, and set errno. */ int -pfkey_send_flush(so, satype) - int so; - u_int satype; +pfkey_send_flush(int so, u_int satype) { int len; @@ -887,9 +864,7 @@ * -1 : error occured, and set errno. */ int -pfkey_send_dump(so, satype) - int so; - u_int satype; +pfkey_send_dump(int so, u_int satype) { int len; @@ -912,9 +887,7 @@ * algorithms is. */ int -pfkey_send_promisc_toggle(so, flag) - int so; - int flag; +pfkey_send_promisc_toggle(int so, int flag) { int len; @@ -932,13 +905,9 @@ * -1 : error occured, and set errno. */ int -pfkey_send_spdadd(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int pre
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: tteras Date: Fri Dec 3 15:01:11 UTC 2010 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: ipsec_dump_policy.c Log Message: Recognize direction for Linux per-socket policies. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.8 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.9 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c:1.8 Wed Jul 18 12:07:50 2007 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c Fri Dec 3 15:01:11 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_dump_policy.c,v 1.8 2007/07/18 12:07:50 vanhu Exp $ */ +/* $NetBSD: ipsec_dump_policy.c,v 1.9 2010/12/03 15:01:11 tteras Exp $ */ /* Id: ipsec_dump_policy.c,v 1.10 2005/06/29 09:12:37 manubsd Exp */ @@ -53,7 +53,10 @@ #include "libpfkey.h" static const char *ipsp_dir_strs[] = { - "any", "in", "out", "fwd" + "any", "in", "out", "fwd", +#ifdef __linux__ + "in(socket)", "out(socket)" +#endif }; static const char *ipsp_policy_strs[] = { @@ -165,6 +168,8 @@ case IPSEC_DIR_OUTBOUND: #ifdef HAVE_POLICY_FWD case IPSEC_DIR_FWD: + case IPSEC_DIR_FWD + 1: + case IPSEC_DIR_FWD + 2: #endif break; default:
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: vanhu Date: Wed Apr 7 14:53:52 UTC 2010 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: ipsec_strerror.c Log Message: by Eric Preston: fixed a typo To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c:1.5 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c:1.6 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c:1.5 Wed Jul 18 12:07:50 2007 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c Wed Apr 7 14:53:52 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_strerror.c,v 1.5 2007/07/18 12:07:50 vanhu Exp $ */ +/* $NetBSD: ipsec_strerror.c,v 1.6 2010/04/07 14:53:52 vanhu Exp $ */ /* $KAME: ipsec_strerror.c,v 1.7 2000/07/30 00:45:12 itojun Exp $ */ @@ -63,7 +63,7 @@ "Invalid key length",/*EIPSEC_INVAL_KEYLEN*/ "Invalid address family", /*EIPSEC_INVAL_FAMILY*/ "Invalid prefix length", /*EIPSEC_INVAL_PREFIXLEN*/ -"Invalid direciton",/*EIPSEC_INVAL_DIR*/ +"Invalid direction",/*EIPSEC_INVAL_DIR*/ "SPI range violation",/*EIPSEC_INVAL_SPI*/ "No protocol specified", /*EIPSEC_NO_PROTO*/ "No algorithm specified", /*EIPSEC_NO_ALGS*/
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: christos Date: Fri Apr 2 15:13:27 UTC 2010 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: pfkey_dump.c Log Message: handle ctime returning NULL. To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 \ src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c diff -u src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.16 src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.17 --- src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c:1.16 Wed Jul 18 08:07:50 2007 +++ src/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c Fri Apr 2 11:13:26 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkey_dump.c,v 1.16 2007/07/18 12:07:50 vanhu Exp $ */ +/* $NetBSD: pfkey_dump.c,v 1.17 2010/04/02 15:13:26 christos Exp $ */ /* $KAME: pfkey_dump.c,v 1.45 2003/09/08 10:14:56 itojun Exp $ */ @@ -774,8 +774,10 @@ for (;i < 20;) buf[i++] = ' '; } else { char *t0; - t0 = ctime(&t); - memcpy(buf, t0 + 4, 20); + if ((t0 = ctime(&t)) == NULL) + memset(buf, '?', 20); + else + memcpy(buf, t0 + 4, 20); } buf[20] = '\0';
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: joerg Date: Wed Oct 14 23:36:55 UTC 2009 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: ipsec_set_policy.3 Log Message: Do not use .Xo/.Xc to workaround ancient groff limits. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 \ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3 diff -u src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3:1.13 src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3:1.14 --- src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3:1.13 Sat Sep 9 16:22:09 2006 +++ src/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3 Wed Oct 14 23:36:55 2009 @@ -1,4 +1,4 @@ -.\" $NetBSD: ipsec_set_policy.3,v 1.13 2006/09/09 16:22:09 manu Exp $ +.\" $NetBSD: ipsec_set_policy.3,v 1.14 2009/10/14 23:36:55 joerg Exp $ .\" .\" $KAME: ipsec_set_policy.3,v 1.16 2003/01/06 21:59:03 sumikawa Exp $ .\" @@ -124,14 +124,10 @@ support policy priorities (Linux \*[Gt]= 2.6.6). It takes one of the following formats: .Bl -tag -width "discard" -.It Xo -.Ar {priority,prio} offset -.Xc +.It Ar {priority,prio} offset .Ar offset is an integer in the range -2147483647..214783648. -.It Xo -.Ar {priority,prio} base {+,-} offset -.Xc +.It Ar {priority,prio} base {+,-} offset .Ar base is either .Li low (-1073741824) , @@ -162,12 +158,7 @@ means to bypass the IPsec processing. .Pq the packet will be transmitted in clear . This is for privileged sockets. -.It Xo -.Ar direction -.Bq Ar priority specification -.Li ipsec -.Ar request ... -.Xc +.It Ar direction Bo Ar priority specification Bc Li ipsec Ar request ... .Li ipsec means that the matching packets are subject to IPsec processing. .Li ipsec @@ -175,16 +166,7 @@ .Ar request strings, which are formatted as below: .Bl -tag -width "discard" -.It Xo -.Ar protocol -.Li / -.Ar mode -.Li / -.Ar src -.Li - -.Ar dst -.Op Ar /level -.Xc +.It Ar protocol Li / Ar mode Li / Ar src Li - Ar dst Op Ar /level .Ar protocol is either .Li ah ,
CVS commit: src/crypto/dist/ipsec-tools/src/libipsec
Module Name:src Committed By: vanhu Date: Mon Aug 17 13:52:14 UTC 2009 Modified Files: src/crypto/dist/ipsec-tools/src/libipsec: libpfkey.h Log Message: do not use SADB_X_NAT_T_NEW_MAPPING to check system support for NAT-T, as at least FreeBSD doesn't have this define anymore To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 \ src/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h diff -u src/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h:1.16 src/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h:1.17 --- src/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h:1.16 Fri Jul 3 06:40:10 2009 +++ src/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h Mon Aug 17 13:52:14 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: libpfkey.h,v 1.16 2009/07/03 06:40:10 tteras Exp $ */ +/* $NetBSD: libpfkey.h,v 1.17 2009/08/17 13:52:14 vanhu Exp $ */ /* Id: libpfkey.h,v 1.13 2005/12/04 20:26:43 manubsd Exp */ @@ -161,7 +161,7 @@ /* XXX should be somewhere else !!! */ -#ifdef SADB_X_NAT_T_NEW_MAPPING +#ifdef SADB_X_EXT_NAT_T_TYPE #define PFKEY_ADDR_X_PORT(ext) (ntohs(((struct sadb_x_nat_t_port *)ext)->sadb_x_nat_t_port_port)) #define PFKEY_ADDR_X_NATTYPE(ext) ( ext != NULL && ((struct sadb_x_nat_t_type *)ext)->sadb_x_nat_t_type_type ) #endif