| #
259065 |
|
07-Dec-2013 |
gjb |
- Copy stable/10 (r259064) to releng/10.0 as part of the
10.0-RELEASE cycle.
- Update __FreeBSD_version [1]
- Set branch name to -RC1
[1] 10.0-CURRENT __FreeBSD_version value ended at '55', so
start releng/10.0 at '100' so the branch is started with
a value ending in zero.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| #
256281 |
|
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| #
175248 |
|
12-Jan-2008 |
maxim |
o Allow setkey(8) to recognize esp as a protocoal name for spdadd.
PR: bin/107392
Submitted by: Eugene Grosbein
MFC after: 1 month
|
| #
173412 |
|
07-Nov-2007 |
kevlo |
Cleanup of userland __P use
|
| #
171135 |
|
01-Jul-2007 |
gnn |
Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.
Submitted by: bz
Approved by: re
|
| #
151293 |
|
13-Oct-2005 |
ume |
fixed a crush when either -lh or -ls option is used.
Obtained from: KAME
|
| #
129183 |
|
13-May-2004 |
ume |
check if the null encryption is supported or not.
Requested by: bms
Obtained from: KAME
|
| #
127684 |
|
31-Mar-2004 |
bms |
Fix regression in setkey whereby parser would fail to recognise tcp as
both a security protocol and an upper level protocol for encapsulation.
PR: bin/63616
Submitted by: ume@
|
| #
125681 |
|
11-Feb-2004 |
bms |
Initial import of RFC 2385 (TCP-MD5) digest support.
This is the second of two commits; bring in the userland support to finish.
Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.
Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.
Sponsored by: sentex.net
|
| #
122108 |
|
05-Nov-2003 |
ume |
- do hexdump on send. set length field properly
- check for encryption/authentication key together with algorithm.
- warned if a deprecated encryption algorithm (that includes "simple")
is specified.
- changed the syntax how to define a policy of a ICMPv6 type and/or a
code, like spdadd ::/0 ::/0 icmp6 134,0 -P out none;
- random cleanup in parser.
- use yyfatal, or return -1 after yyerror.
- deal with strdup() failure.
- permit scope notation in policy string (-P
esp/tunnel/foo%scope-bar%scope/use)
- simplify /prefix and [port].
- g/c some unused symbols.
Obtained from: KAME
|
| #
78064 |
|
11-Jun-2001 |
ume |
Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.
TODO:
- The definitions of SADB_* in sys/net/pfkeyv2.h are still different
from RFC2407/IANA assignment because of binary compatibility
issue. It should be fixed under 5-CURRENT.
- ip6po_m member of struct ip6_pktopts is no longer used. But, it
is still there because of binary compatibility issue. It should
be removed under 5-CURRENT.
Reviewed by: itojun
Obtained from: KAME
MFC after: 3 weeks
|
| #
62583 |
|
04-Jul-2000 |
itojun |
synchronize with latest kame tree.
behavior change: policy syntax was changed. you may need to update your
setkey(8) configuration files.
|
| #
55505 |
|
06-Jan-2000 |
shin |
libipsec and IPsec related apps. (and some KAME related man pages)
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
|