| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- net.inet.ipsec.esp_auth hasn't been there
- nuke all debug printfs, which are unneeded by now.
- get rid of #ifdef IPSEC_DEBUG in headers
- now that key_debug_level is always defined, there's no need for
#ifdef IPSEC_DEBUG around sysctl MIB code (net.key.debug).
- switch all debug printf() to ipseclog().
- When there is no suitable inbound policy for the packet of the ipsec
tunnel mode, the kernel never decapsulate the tunneled packet
as the ipsec tunnel mode even when the system wide policy is "none".
Then the kernel leaves the generic tunnel module to process this
packet. If there is no rule of the generic tunnel, the packet
is rejected and the statistics will be counted up.
sys/netinet6/ipsec.c: 1.14
sys/netkey/key.c: 1.32-1.35
sys/netkey/key_debug.c: 1.16
sys/netkey/key_debug.h: 1.8
sys/netkey/key_var.h: 1.5
sys/netkey/keysock.c: 1.8
Notes:
svn path=/stable/4/; revision=86649
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.
etc/defaults/rc.conf: 1.111
etc/rc.network: 1.98
etc/rc.network6: 1.20
lib/libipsec/ipsec_set_policy.3: 1.8
lib/libipsec/ipsec_strerror.3: 1.7
lib/libipsec/ipsec_strerror.c: 1.3
lib/libipsec/ipsec_strerror.h: 1.3
lib/libipsec/libpfkey.h: 1.2
lib/libipsec/pfkey.c: 1.3
lib/libipsec/pfkey_dump.c: 1.3
lib/libipsec/policy_token.l: 1.5
lib/libipsec/test-policy.c: 1.4
sbin/ifconfig/ifconfig.8: 1.42
sbin/ifconfig/ifconfig.c: 1.63
sbin/ping6/ping6.8: 1.10
sbin/ping6/ping6.c: 1.9
sbin/route/route.c: 1.48, 1.50
sbin/rtsol/Makefile: 1.4
share/doc/IPv6/IMPLEMENTATION: 1.3
share/examples/IPv6/USAGE: 1.3
share/man/man4/faith.4: 1.10
share/man/man4/gif.4: 1.9
share/man/man4/inet6.4: 1.8
share/man/man4/ip6.4: 1.8
share/man/man4/ipsec.4: 1.9
share/man/man4/kame.4: 1.8
share/man/man4/stf.4: 1.8
sys/conf/files: 1.534
sys/crypto/md5.c: 1.4
sys/crypto/sha1.c: 1.7
sys/crypto/blowfish/bf_enc.c: 1.4
sys/crypto/blowfish/bf_locl.h: 1.4
sys/crypto/blowfish/bf_skey.c: 1.4
sys/crypto/blowfish/blowfish.h: 1.4
sys/crypto/cast128/cast128.c: 1.4
sys/crypto/cast128/cast128.h: 1.4
sys/crypto/des/des.h: 1.4
sys/crypto/des/des_ecb.c: 1.4
sys/crypto/des/des_locl.h: 1.5
sys/crypto/des/des_setkey.c: 1.4
sys/crypto/rijndael/boxes-fst.dat: 1.2
sys/crypto/rijndael/rijndael-alg-fst.c: 1.2, 1.3
sys/crypto/rijndael/rijndael-alg-fst.h: 1.2
sys/crypto/rijndael/rijndael-api-fst.c: 1.2
sys/crypto/rijndael/rijndael-api-fst.h: 1.2
sys/crypto/rijndael/rijndael_local.h: 1.3
sys/kern/uipc_domain.c: 1.24
sys/kern/uipc_mbuf.c: 1.82
sys/kern/uipc_mbuf2.c: 1.8
sys/net/if.c: 1.109
sys/net/if_faith.c: 1.4, 1.5
sys/net/if_gif.c: 1.10
sys/net/if_gif.h: 1.4
sys/net/if_loop.c: 1.61
sys/net/if_sppp.h: 1.17
sys/net/if_spppsubr.c: 1.68, 1.69
sys/net/net_osdep.c: 1.4
sys/net/net_osdep.h: 1.5
sys/net/pfkeyv2.h: 1.6
sys/net/ppp_defs.h: 1.7
sys/net/rtsock.c: 1.52
sys/netinet/icmp6.h: 1.4
sys/netinet/in.c: 1.54
sys/netinet/in_gif.c: 1.10
sys/netinet/in_pcb.c: 1.84
sys/netinet/in_pcb.h: 1.38
sys/netinet/in_proto.c: 1.56
sys/netinet/ip6.h: 1.5
sys/netinet/ip_ecn.c: 1.4
sys/netinet/ip_ecn.h: 1.4
sys/netinet/ip_encap.c: 1.4
sys/netinet/ip_icmp.c: 1.57
sys/netinet/ip_input.c: 1.171
sys/netinet/ip_output.c: 1.126
sys/netinet/ip_var.h: 1.56
sys/netinet/raw_ip.c: 1.78
sys/netinet/tcp_input.c: 1.132
sys/netinet/tcp_output.c: 1.50
sys/netinet/tcp_subr.c: 1.103
sys/netinet/tcp_usrreq.c: 1.60
sys/netinet/udp_usrreq.c: 1.89
sys/netinet6/ah.h: 1.5
sys/netinet6/ah6.h: 1.4
sys/netinet6/ah_core.c: 1.8
sys/netinet6/ah_input.c: 1.7
sys/netinet6/ah_output.c: 1.7
sys/netinet6/dest6.c: 1.6
sys/netinet6/esp.h: 1.4
sys/netinet6/esp6.h: 1.4
sys/netinet6/esp_core.c: 1.5
sys/netinet6/esp_input.c: 1.7
sys/netinet6/esp_output.c: 1.5
sys/netinet6/frag6.c: 1.8
sys/netinet6/icmp6.c: 1.11
sys/netinet6/in6.c: 1.12
sys/netinet6/in6.h: 1.13
sys/netinet6/in6_cksum.c: 1.4
sys/netinet6/in6_gif.c: 1.5
sys/netinet6/in6_ifattach.c: 1.6
sys/netinet6/in6_ifattach.h: 1.3
sys/netinet6/in6_pcb.c: 1.15
sys/netinet6/in6_pcb.h: 1.4
sys/netinet6/in6_prefix.c: 1.7
sys/netinet6/in6_prefix.h: 1.5
sys/netinet6/in6_proto.c: 1.14
sys/netinet6/in6_rmx.c: 1.4
sys/netinet6/in6_src.c: 1.4
sys/netinet6/in6_var.h: 1.8
sys/netinet6/ip6_ecn.h: 1.4
sys/netinet6/ip6_forward.c: 1.11
sys/netinet6/ip6_fw.c: 1.11
sys/netinet6/ip6_fw.h: 1.11
sys/netinet6/ip6_input.c: 1.27
sys/netinet6/ip6_mroute.c: 1.7
sys/netinet6/ip6_mroute.h: 1.4
sys/netinet6/ip6_output.c: 1.25
sys/netinet6/ip6_var.h: 1.7
sys/netinet6/ip6protosw.h: 1.6
sys/netinet6/ipcomp.h: 1.2
sys/netinet6/ipcomp6.h: 1.2
sys/netinet6/ipcomp_core.c: 1.2
sys/netinet6/ipcomp_input.c: 1.2
sys/netinet6/ipcomp_output.c: 1.2
sys/netinet6/ipsec.c: 1.12
sys/netinet6/ipsec.h: 1.8
sys/netinet6/ipsec6.h: 1.5
sys/netinet6/mld6.c: 1.7
sys/netinet6/nd6.c: 1.9
sys/netinet6/nd6.h: 1.7
sys/netinet6/nd6_nbr.c: 1.9
sys/netinet6/nd6_rtr.c: 1.7, 1.8
sys/netinet6/raw_ip6.c: 1.11
sys/netinet6/route6.c: 1.4
sys/netinet6/scope6.c: 1.2
sys/netinet6/udp6_output.c: 1.3
sys/netinet6/udp6_usrreq.c: 1.15
sys/netkey/key.c: 1.25
sys/netkey/key.h: 1.7
sys/netkey/key_debug.c: 1.14
sys/netkey/key_debug.h: 1.7
sys/netkey/key_var.h: 1.4
sys/netkey/keydb.h: 1.6
sys/netkey/keysock.c: 1.6
sys/netsmb/smb_crypt.c: 1.2
sys/sys/mbuf.h: 1.79, 1.80
sys/sys/protosw.h: 1.33
sys/sys/socket.h: 1.54, 1.56
sys/sys/sockio.h: 1.17
usr.bin/netstat/inet.c: 1.42
usr.bin/netstat/inet6.c: 1.10
usr.bin/netstat/ipsec.c: 1.2
usr.bin/netstat/main.c: 1.40
usr.bin/netstat/mroute6.c: 1.5
usr.bin/netstat/netstat.1: 1.29
usr.bin/netstat/netstat.h: 1.21
usr.bin/netstat/route.c: 1.50, 1.51, 1.55
usr.sbin/faithd/Makefile: 1.6
usr.sbin/faithd/README: 1.4
usr.sbin/faithd/faithd.8: 1.9
usr.sbin/faithd/faithd.c: 1.7
usr.sbin/faithd/faithd.h: 1.3
usr.sbin/faithd/ftp.c: 1.5
usr.sbin/faithd/rsh.c: 1.5
usr.sbin/faithd/tcp.c: 1.3
usr.sbin/gifconfig/gifconfig.8: 1.6
usr.sbin/gifconfig/gifconfig.c: 1.4
usr.sbin/ifmcstat/ifmcstat.8: 1.3
usr.sbin/ifmcstat/ifmcstat.c: 1.7
usr.sbin/mld6query/mld6.c: 1.2
usr.sbin/mld6query/mld6query.8: 1.2
usr.sbin/ndp/ndp.8: 1.6
usr.sbin/ndp/ndp.c: 1.6
usr.sbin/prefix/Makefile: 1.4
usr.sbin/rip6query/rip6query.8: 1.4
usr.sbin/rip6query/rip6query.c: 1.5
usr.sbin/route6d/route6d.8: 1.6
usr.sbin/route6d/route6d.c: 1.9
usr.sbin/route6d/route6d.h: 1.3
usr.sbin/rrenumd/lexer.l: 1.3
usr.sbin/rrenumd/parser.y: 1.3
usr.sbin/rrenumd/rrenumd.8: 1.6
usr.sbin/rrenumd/rrenumd.c: 1.4
usr.sbin/rrenumd/rrenumd.conf.5: 1.10
usr.sbin/rrenumd/rrenumd.h: 1.3
usr.sbin/rtadvd/advcap.c: 1.4
usr.sbin/rtadvd/advcap.h: 1.4
usr.sbin/rtadvd/config.c: 1.7
usr.sbin/rtadvd/config.h: 1.4
usr.sbin/rtadvd/dump.c: 1.3
usr.sbin/rtadvd/dump.h: 1.3
usr.sbin/rtadvd/if.c: 1.6
usr.sbin/rtadvd/if.h: 1.4
usr.sbin/rtadvd/pathnames.h: 1.5
usr.sbin/rtadvd/rrenum.c: 1.5
usr.sbin/rtadvd/rrenum.h: 1.4
usr.sbin/rtadvd/rtadvd.8: 1.8
usr.sbin/rtadvd/rtadvd.c: 1.6
usr.sbin/rtadvd/rtadvd.conf.5: 1.6
usr.sbin/rtadvd/rtadvd.h: 1.4
usr.sbin/rtadvd/timer.c: 1.4
usr.sbin/rtadvd/timer.h: 1.4
usr.sbin/rtsold/Makefile: 1.6
usr.sbin/rtsold/dump.c: 1.4
usr.sbin/rtsold/if.c: 1.5
usr.sbin/rtsold/probe.c: 1.5
usr.sbin/rtsold/rtsol.c: 1.4
usr.sbin/rtsold/rtsold.8: 1.5
usr.sbin/rtsold/rtsold.c: 1.4
usr.sbin/rtsold/rtsold.h: 1.4
usr.sbin/setkey/parse.y: 1.3
usr.sbin/setkey/scriptdump.pl: 1.3
usr.sbin/setkey/setkey.8: 1.14
usr.sbin/setkey/setkey.c: 1.3
usr.sbin/setkey/token.l: 1.5
usr.sbin/traceroute6/traceroute6.8: 1.7
usr.sbin/traceroute6/traceroute6.c: 1.8
Notes:
svn path=/stable/4/; revision=79138
|
| |
|
|
| |
Notes:
svn path=/stable/4/; revision=63207
|
| |
|
|
|
|
|
|
|
| |
is an application space macro and the applications are supposed to be free
to use it as they please (but cannot). This is consistant with the other
BSD's who made this change quite some time ago. More commits to come.
Notes:
svn path=/head/; revision=55205
|
| |
|
|
|
|
|
|
|
|
|
| |
pr_input() routines prototype is also changed to support IPSEC and IPV6
chained protocol headers.
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
Notes:
svn path=/head/; revision=55009
|
| |
|
|
|
|
|
| |
use tradictional decls. tabify. remove bogus #defines. prototypes.
Notes:
svn path=/head/; revision=33871
|
| |
|
|
|
|
|
| |
I'll polish the code later on.
Notes:
svn path=/head/; revision=33870
|
|
|
to PF_ROUTE) from NRL's IPv6 distribution, heavily modified by me for
better source layout, formatting, and textual conventions. I am told
that this code is no longer under active development, but it's a useful
hack for those interested in doing work on network security, key management,
etc. This code has only been tested twice, so it should be considered
highly experimental.
Obtained from: ftp.ripe.net
Notes:
svn path=/head/; revision=16368
|
