CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/04/09 09:48:01
Modified files:
sbin/iked : proc.c
usr.sbin/httpd : proc.c
usr.sbin/vmd : proc.c
usr.sbin/snmpd : proc.c
Log message:
Sync removal of setsid(),
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/04/08 07:18:54
Modified files:
usr.sbin/snmpd : proc.c snmpd.c
Log message:
Call daemon() only in parent and before proc_exec() to avoid orphaning child
processes. Synced from relayd.
ok florian@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/04/08 06:48:26
Modified files:
usr.sbin/vmd : proc.c vmd.c
Log message:
Call daemon() only in parent and before proc_exec() to avoid orphaning child
processes. Synced from relayd.
ok mlarkin@ dv@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/04/08 06:50:05
Modified files:
sbin/iked : proc.c
Log message:
Move daemon() after proc_setup() to sync with other proc.c daemons.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/04/08 06:45:18
Modified files:
usr.sbin/httpd : httpd.c proc.c
Log message:
Call daemon() only in parent and before proc_exec() to avoid orphaning child
processes. Synced from relayd.
ok kn@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/04/02 13:58:28
Modified files:
sbin/iked : ikev2_pld.c
Log message:
Add check to make sure EAP header length matches expected payload length.
ok markus@ yasuoka@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/03/21 16:08:49
Modified files:
sbin/iked : ikev2.c
Log message:
Avoid redundant allocation in ikev2_prfplus()
from markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/03/02 09:16:07
Modified files:
sbin/iked : iked.h ikev2.c ikev2_msg.c ikev2_pld.c
Log message:
Trigger retransmission only for fragment 1/x, otherwise each received
fragment can trigger
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/03/02 08:55:58
Modified files:
sbin/iked : version.h
Log message:
Bump to OpenIKED 7.4
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/02/15 13:10:45
Modified files:
sbin/iked : iked.c iked.h proc.c types.h
Log message:
Introduce new IMSG_CTL_PROCREADY which is used to signal that all pipes
are set up by child processes. The
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/02/15 12:11:00
Modified files:
sbin/iked : config.c iked.h ikev2.c
Log message:
Delay enabling sockets until ikev2 process is ready.
from markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/02/15 12:04:12
Modified files:
sbin/iked : iked.c iked.h proc.c
Log message:
Remove unused control_socks queue.
from markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/02/13 05:25:11
Modified files:
sbin/iked : ca.c config.c iked.c
Log message:
Control startup of PROC_CERT and PROC_IKEV2.
Currenly PROC_PARENT sends the configuration to both PROC_CERT and
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/02/06 06:10:56
Modified files:
sbin/iked : ca.c
Log message:
Pass struct iked directly to ca_reset() instead of passing it via ps
discussed with markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/01/24 03:09:08
Modified files:
sbin/iked : ca.c control.c iked.h ikev2.c
Log message:
Use per connection peerid for control replies
instead of 'broadcasting' replies for 'ikectl show sa' and
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/01/15 08:29:00
Modified files:
sbin/iked : ca.c config.c iked.c iked.h ikev2.c types.h
Log message:
Include cert_partial_chain in iked_static instead of sending a separate
message.
from markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2024/01/03 14:41:44
Modified files:
sys/dev/hid: hidkbd.c
Log message:
Enable Apple brightness keys also for archs other than macppc.
ok kettenis@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/12/19 17:34:14
Modified files:
sbin/isakmpd : ipsec.c
Log message:
Don't unset the SA tag set by ipsec_sa_tag in ipsec_sa_iface.
Fixes SA tagging and a possible leak.
from markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/11/26 15:18:45
Modified files:
gnu/llvm/lld/ELF: Symbols.cpp Symbols.h Thunks.cpp
gnu/llvm/lld/ELF/Arch: AArch64.cpp
Log message:
Add arm64 bti pads for range extension thunks.
Large arm64
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/11/24 07:43:00
Modified files:
sbin/iked : ikev2.c
Log message:
Empty IKEv2 DPD messages should not contain extra NONE payloads
from markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/11/22 11:22:53
Modified files:
sys/dev/usb: ukbdmap.c
Log message:
regen
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/11/22 11:19:25
Modified files:
sys/dev/hid: hidkbd.c
sys/dev/usb: makemap.awk
sys/dev/wscons : wskbd.c wsksymdef.h
Log message:
Add support for keyboard backlight hotkeys in
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/11/22 11:14:35
Modified files:
sys/arch/macppc/dev: adb.c pm_direct.c pm_direct.h
Log message:
Add support for keyboard backlight on Apple Powerbooks.
>From jon (at) elytron (dot) openbsd (dot)
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2023/11/20 10:45:32
Modified files:
openiked : index.html releases.html
Log message:
OpenIKED 7.3
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/11/17 07:43:36
Modified files:
usr.sbin/ikectl: ikeca.cnf
Log message:
Set "unique_subject = no" to allow renewing expired certificates.
Without this, openssl throws an error when creating a second req
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/11/13 02:18:19
Modified files:
usr.bin/ssh: sftp-client.c
Log message:
Make sure sftp_get_limits() only returns 0 if 'limits' was initialized.
This fixes a potential uninitialized use of 'limits'
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/11/10 01:03:02
Modified files:
sbin/iked : ikev2.c policy.c
Log message:
Always prefer group from initial KE payload as responder if supported.
from markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/10/11 16:13:16
Modified files:
sys/net: pfkeyv2.c pfkeyv2_convert.c
sys/netinet: ip_ipsp.c ip_ipsp.h
Log message:
Prevent deref-after-free when tdb_timeout() fires on invalid new
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/10/10 10:16:16
Modified files:
sbin/ipsecctl : pfkdump.c
Log message:
Print at most pkgsize - hdrsize bytes for pfkey tag and identity to
prevent out-of-bounds read in strlen().
ok tb@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/10/09 09:32:14
Modified files:
sbin/ipsecctl : ipsecctl.c ipsecctl.h pfkey.c
Log message:
Add pledge("stdio") before parsing pfkey messages. This applies to
ipsecctl -m and ipsecctl -s. Refactor
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/09/29 12:45:42
Modified files:
sys/net: pfkeyv2_parsemessage.c
Log message:
Make sure pfkeyv2_parsemessage() only returns 0 if the message was
successfully validated. Decline all messages from
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/09/29 12:40:08
Modified files:
sys/net: pfkeyv2.c
Log message:
Only forward validated pfkey messages to promiscuous listeners.
Fixes a bunch of crashes with ipsecctl -m.
ok bluhm@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/09/07 05:17:32
Modified files:
usr.bin/vi/vi : v_paragraph.c
Log message:
Treat consecutive paragraph indicators as different paragraphs
Consecutive empty lines count toward the same state, so
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/09/05 05:04:06
Modified files:
sys/arch/arm64/dev: apldc.c
Log message:
Fix touchpad on newer device trees. The *gpio fields moved up one layer.
The driver will work with both formats for now but we
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/09/02 12:36:31
Modified files:
sbin/iked : ikev2_pld.c
Log message:
Make sure cert_type is not 0 to prevent leak of certid->id_buf.
Found by David Linder
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/09/02 12:16:02
Modified files:
sbin/iked : ca.c
Log message:
Remove unneccessary id == NULL check after dereferencing it. id can never
be NULL here.
Found by tb@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/08/21 15:16:18
Modified files:
usr.bin/ssh: kex.c
Log message:
Log errors in kex_exchange_identification() with level verbose instead
of error to reduce preauth log spam. All of those get logged
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/08/14 06:02:02
Modified files:
sbin/iked : pfkey.c
Log message:
Improve error message when if_indextoname() fails.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/08/14 05:55:03
Modified files:
sbin/iked : policy.c
Log message:
Add explicit NULL checks for sa_cp_addr and sa_cp_addr6.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/08/11 05:24:55
Modified files:
sbin/iked : iked.h ikev2.c parse.y pfkey.c
Log message:
Add iked support for route based sec(4) tunnels.
To use sec(4) instead of policy based tunnels, create a
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/08/06 08:30:08
Modified files:
sys/dev/acpi : acpi_apm.c
Log message:
Add acpi_softc == NULL checks and return ENXIO instead of crashing on
non-acpi x86 machines. This was lost in refactoring when
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/31 06:00:07
Modified files:
sys/arch/macppc/dev: onyx.c
Log message:
Implement audio input source selection.
from jon at elytron dot openbsd dot amsterdam
feedback and ok miod@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/09 02:04:09
Modified files:
sys/dev/usb: ukbdmap.c
Log message:
regen
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/09 02:02:14
Modified files:
sys/dev/usb: makemap.awk
sys/dev/hid: hidkbd.c
sys/dev/wscons : wskbd.c wsksymdef.h
Log message:
Add suspend key support in wskbd and make it
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/08 08:44:43
Modified files:
sys/arch/arm64/dev: aplsmc.c apm.c
sys/arch/macppc/dev: apm.c
sys/dev/acpi : acpi_apm.c
sys/sys: device.h
Log message:
Adds
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/08 02:01:10
Modified files:
sys/arch/amd64/conf: files.amd64
sys/arch/i386/conf: files.i386
sys/dev/acpi : acpi.c
Added files:
sys/dev/acpi : acpi_apm.c
Log message:
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/07 09:44:54
Modified files:
. : .gitignore
Log message:
Ignore CVS directories for easier git + CVS coexistence.
ok bluhm@ stsp@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/05 12:51:56
Modified files:
sys/dev/acpi : acpi.c acpi_x86.c
Log message:
Move acpiioctl to acpi_x86.c, it is only used up on i386 and amd64.
ok kettenis@ deraadt@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/05 02:26:56
Modified files:
sys/arch/arm64/dev: apm.c
Log message:
Suspend from suspend_taskq in apmioctl.
ok kettenis@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/03 09:54:07
Modified files:
sys/arch/arm64/dev: apldc.c
Log message:
Enable mouse.tp.mtbuttons for apldcms
ok bru@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/03 05:43:15
Modified files:
lib/libcrypto/hidden/openssl: x509_vfy.h
Log message:
Delete some more references to dead policy code.
Fixes -DNAMESPACE
ok tb@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/07/03 04:59:16
Modified files:
lib/libcrypto/hidden: README
Log message:
typo
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/06/28 08:10:24
Modified files:
sbin/iked : ca.c iked.h ikev2.c ikev2.h ikev2_msg.c
ikev2_pld.c
Log message:
Add support to verify X509 chain from CERT payloads.
Encode
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/06/22 09:29:05
Modified files:
share/man/man4/man4.arm64: aplsmc.4
Log message:
Mention lid position support.
>From Jan Stary
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/06/22 09:20:16
Modified files:
etc/etc.arm64 : sysctl.conf
Log message:
Add machdep.lidaction example. We support this on arm64 laptops now.
>From Jan Stary
Ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/06/17 16:33:34
Modified files:
sbin/iked : ca.c
Log message:
Fix leak of key.id_buf in pubkey auth case.
from markus
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/05/22 06:53:04
Modified files:
usr.bin/tcpbench: tcpbench.c
Log message:
Remove unused variable kerr.
ok bluhm@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/04/25 05:12:38
Modified files:
sys/dev/fdt: pwmleds.c
Log message:
Disable keyboard backlight on Apple Silicon laptops on suspend,
restore on wakeup.
ok patrick@ kettenis@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/04/10 09:14:04
Modified files:
sys/arch/arm64/dev: apldc.c aplhidev.c
Log message:
Enable caps lock LED on modern Apple laptop keyboards.
ok kettenis@ patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/03/10 12:26:06
Modified files:
sbin/iked : ikev2.c
Log message:
Fix possible leak of spibuf and flowbuf in error case.
ok patrick@ bluhm@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/03/08 07:47:02
Modified files:
bin/ps : print.c
Log message:
Fix alignment of command column. print_comm_name() returns an updated
length value, not the length difference.
ok deraadt@ millert@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/03/05 15:17:22
Modified files:
sbin/iked : ca.c control.c iked.c iked.h ikev2.c proc.c
Log message:
Fix clean process shutdown by storing env globally like vmd and httpd do
instead of getting it
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/03/04 15:22:51
Modified files:
sbin/iked : ca.c control.c iked.c iked.h ikev2.c proc.c
types.h
Log message:
Sync proc.c from vmd(8) to enabled fork + exec for all
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/02/15 13:44:01
Modified files:
sbin/iked : proc.c
usr.sbin/relayd: proc.c
usr.sbin/httpd : proc.c
usr.sbin/vmd : proc.c
usr.sbin/snmpd : proc.c
Log message:
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/02/10 12:51:09
Modified files:
sbin/iked : vroute.c
Log message:
Add support for configuring multiple name servers as roadwarrior
client. This allows us to have a fallback in case one connection
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/01/10 09:33:18
Modified files:
sys/dev/wscons : wsdisplay.c
Log message:
Switch to console before suspending in DUMBFB mode. Fixes frame buffer
corruption
and a few other bugs/races after wakeup on
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2023/01/03 03:59:00
Modified files:
sys/dev/fdt: gpiobl.c
Log message:
Disable display backlight on Apple Silicon laptops when suspending.
ok kettenis@ patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/12/06 02:07:33
Modified files:
sbin/iked : ikev2.c ikev2_msg.c ikev2_pld.c
Log message:
Print size_t with %zu.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/12/04 04:54:31
Modified files:
sbin/iked : control.c
usr.sbin/ikectl: ikectl.c
Log message:
Rename sun to s_un for portability.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/12/03 17:23:03
Modified files:
regress/sbin/iked/parser: test_parser_fuzz.c
Log message:
Include endian.h for htobe32
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/12/03 15:34:35
Modified files:
sbin/iked : config.c dh.c iked.h ocsp.c
usr.sbin/ikectl: ikectl.c
regress/sbin/iked/parser: common.c test_parser_fuzz.c
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/12/03 14:02:27
Modified files:
sbin/iked : eap.c ikev2.c ikev2_msg.c ikev2_pld.c
Log message:
Include endian.h where needed for betohXX functions.
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2022/12/02 07:41:46
Modified files:
openiked : index.html releases.html
Log message:
OpenIKED 7.2
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/26 10:23:15
Modified files:
sys/arch/arm64/arm64: acpi_machdep.c machdep.c
sys/arch/arm64/dev: aplsmc.c
sys/arch/arm64/include: cpu.h
Log message:
Add arm64 lid_action sysctl for
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/26 10:12:11
Modified files:
sbin/iked : version.h
Log message:
Bump to 7.2
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/25 13:33:11
Modified files:
sys/arch/arm64/dev: aplsmc.c
Log message:
Disable screen backlight on Apple silicon laptops when lid is closed.
ok kettenis@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/22 02:53:46
Modified files:
usr.sbin/installboot: efi_installboot.c
Log message:
Copy apple-boot firmware to EFI system partition. This enables automatic
bootloader updates on Apple Silicon
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/17 06:30:21
Modified files:
usr.sbin/fw_update: patterns.c
Log message:
Add apple-boot firmware for Apple arm64 machines in fw_update(8) patterns.
The pattern matches the printed CPU_IMPL_APPLE
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/10 05:37:00
Modified files:
lib/libcrypto/ec: eck_prn.c
lib/libcrypto/dsa: dsa_prn.c
Log message:
Fix a few more leaks in *_print() functions.
ok jsing@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/09 15:56:44
Modified files:
sys/dev/fdt: gpiobl.c simplefb.c
Log message:
Hook up gpiobl(4) to the screen burner instead of wsdisplay(4) brightness
control. This enables automatic screen
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/08 18:05:45
Modified files:
lib/libcrypto/bn: bn_mpi.c
Log message:
Fix possible memory leak in BN_mpi2bn() if BN_bin2bn() fails.
found with CodeChecker
feedback from millert@
ok tb@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/08 12:19:08
Modified files:
lib/libcrypto/rsa: rsa_prn.c
Log message:
Rename out to err to conform with standard naming scheme.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/08 12:17:05
Modified files:
lib/libcrypto/dsa: dsa_prn.c
Log message:
Fix leak of pk if EVP_PKEY_set1_DSA() fails.
Found with CodeChecker
ok jsing@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/08 12:07:34
Modified files:
sys/arch/arm64/conf: GENERIC
Log message:
Enable gpiobl(4)
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/08 12:06:57
Modified files:
sys/dev/fdt: files.fdt
Added files:
sys/dev/fdt: gpiobl.c
Log message:
Add gpiobl(4), a driver for gpio controlled display backlights. This will
allow us
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/08 05:59:36
Modified files:
lib/libcrypto/rsa: rsa_prn.c
Log message:
Fix leak of pk if EVP_PKEY_set1_RSA() fails.
Found with CodeChecker
feedback and ok tb@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/07 15:39:52
Modified files:
sbin/iked : ca.c crypto.c ikev2.c
Log message:
Free objects that were dynamically allocated in libcrypto with OPENSSL_free().
When linking against libressl,
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/11/06 04:11:47
Modified files:
sbin/iked : ikev2.c
Log message:
Fix out-of-order string operations resulting in a wrongly calculated
string size that could lead to a buffer overflow in
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/10/24 09:52:40
Modified files:
sbin/iked : ikev2.c
Log message:
Fix DH group lookup when checking if PFS is required. Compare ID
directly instead of calling group_get() and leaking the result.
ok
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/10/23 16:15:45
Modified files:
sys/arch/arm64/dev: apldma.c
Log message:
Make sure driver is attached before allocating a channel. Fixes a crash on
M2 Macbook Air with a newer device tree where
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/10/10 05:33:56
Modified files:
sbin/iked : config.c ikev2.c policy.c
Log message:
Move enabling the policy refcounting from policy_ref() to config_free_policy().
In config_free_policy() the
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/09/21 16:32:11
Modified files:
sbin/iked : ikev2.c ikev2_msg.c
Log message:
Distinguish between retransmit ok and nothing to retransmit. This makes
sure ikes_retransmit_response events don't also
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/09/19 14:54:02
Modified files:
sbin/iked : config.c control.c iked.h ikev2.c ikev2_msg.c
ikev2_pld.c policy.c types.h
usr.sbin/ikectl: ikectl.c parser.c parser.h
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/09/15 08:45:50
Modified files:
sys/arch/arm64/dev: apldc.c
Log message:
Add support for Apple fn key combinations. Based on Apple fn key handling
in ukbd(4).
ok miod@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/09/14 07:07:50
Modified files:
sbin/iked : ikev2.c policy.c
Log message:
Compare 'srcnat' when comparing policies. Fixes a bug where policy lookup could
not differentiate between similar policies
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/08/22 06:34:55
Modified files:
sys/arch/arm64/dev: aplintc.c
Log message:
Get number of interrupt cells from device tree instead of guessing based
on version. Fixes M2 Macbook Air 2022 which reports
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/07/22 09:53:33
Modified files:
sbin/iked : iked.conf.5 iked.h ikev2.c parse.y types.h
Log message:
Include an OpenIKED Vendor ID payload in the initial handshake. This will
make it easier to
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/07/22 09:33:53
Modified files:
sbin/iked : pfkey.c
Log message:
Fix potential leak of reply in error case.
>From markus@
ok bluhm@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/07/18 13:32:16
Modified files:
sbin/iked : vroute.c
Log message:
Check if there is a locally cached nameserver to send before responding
to RTP_PROPOSAL_SOLICIT. Fixes a crash when resolvd is
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2022/07/11 12:19:47
Modified files:
etc: rc
Log message:
Generate P-256 ECDH keys for iked instead of reusing 2048 bit RSA keys
from isakmpd.
ok bluhm@
1 - 100 of 632 matches
Mail list logo