Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on Aug 27, 2000
  1. make sure we have IV that is random enough. memory allocator on

    itojun authored
    some of platforms give us almost constant number (oops).
  2. repair iv initialization on encryption.

    itojun authored
  3. esp internal API change - algo->{en,de}crypt reclaims the mbuf on

    itojun authored
    encryption error.
    
    use m_copyback() to initialize IV, and remove too strong mbuf assumption.
  4. s/$/CBC/ for rijndael/twofish, for consistency

    itojun authored
  5. declare SADB_X_EALG_{RIJNDAEL,TWOFISH}, based on

    itojun authored
    draft-ietf-ipsec-ciph-aes-cbc-00.txt.
  6. "contact KAME guys" warning on setsockopt #s

    itojun authored
Commits on Aug 26, 2000
  1. do not use MALLOC() to allocate variable length memory region.

    itojun authored
    see sys/malloc.h.
  2. RFC2893 obsoletes 1933

    itojun authored
Commits on Aug 25, 2000
  1. remove #if 0 portion

    itojun authored
  2. fixed a comment.

    sakane authored
  3. 2000-08-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>

    jinmei authored
    	* kame/sys/netinet6/in6.c (in6_lifaddr_ioctl): made
    	SIOC[DG]LIFADDR scope-aware; fe80::/64 (not /10) will be accepted
    	to specify a link-local address.
    	In response to a report from Francis Dupont
    	<Francis.Dupont@enst-bretagne.fr>.
  4. made SIOC[DG]LIFADDR scope-aware; fe80::/64 (not /10) will be accepted

    jinmei authored
    to specify a link-local address.
    report from Francis Dupont.
Commits on Aug 24, 2000
  1. * kame/kame/racoon:

    sakane authored
    It is possible to verify the signer chain in the certificate.
    You must have all of the certificate of each authorities before
    the certificate verification.
    Also racoon can output a readable certificate to the logfile during
    debugging.
    XXX the caomparison between ID value and Subject{,Alt}Name is not yet.
  2. enabled to check all of authorities of the certificate.

    sakane authored
    print a certificate for debugging.
  3. improved certificate test.

    sakane authored
  4. * netbsd/pkgsrc/net/bind9, freebsd3/ports/bind9: use bind

    sumikawa authored
      9.0.0rc4.
  5. upgrade to rc4 and fix PLIST.

    sumikawa authored
  6. * netbsd/pkgsrc/net/bind9: use bind 9.0.0rc4.

    itojun authored
  7. upgrade to 9.0.0rc4. install manpages.

    itojun authored
  8. * kame/kame/racoon:

    sakane authored
    Fixed IV processing.  IV mismatching happened when a peer sent a
    encrypted informational exchange on phase 1.  Also added a comment
    about IV processing in handler.h.  And deleted ivd in IV hander
    because it is useless.
  9. fixed IV processing. IV mismatching happened when a peer sent a encry…

    sakane authored
    …pted
    
    informational exchange on phase 1.  Also added a comment about IV processing
    in handler.h.  And deleted ivd in IV hander because it is useless.
  10. adujst the length of phase 2 IV.

    sakane authored
  11. - clarified some message.

    sakane authored
    - added a code in order to check authenticator, but not enabled.
  12. clarified status message.

    sakane authored
  13. ping6 change for netbsd

    itojun authored
  14. make it frendly to openssl0.9.4.

    sakane authored
  15. modified a augument of eay_check_x509cert. The type of the path of

    sakane authored
    the CA directory is char *, not vchar_t *.
Commits on Aug 23, 2000
  1. updated.

    sakane authored
  2. change contact address to snap-users@kame.net.

    sakane authored
  3. * kame/kame/racoon:

    sakane authored
    Added the behavior of PFS selection in the case of "strict"/"claim".
    If PFS is not required by the responder, the responder obeys the
    proposal.  If PFS is required by both sides and if the responder's
    group is not equal to the initiator's one, then the responder reject
    the proposal.
Something went wrong with that request. Please try again.