2011-03-17 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/oakley.c: fixed a memory leak in oakley_append_rmconf_cr() while generating plist. patch by Roman Hoog Antink <rha@open.ch> * src/racoon/oakley.c: free name later, to avoid a memory use after free in oakley_check_certid(). also give iph1->remote to some plog() calls. patch by Roman Hoog Antink <rha@open.ch> * src/racoon/oakley.c: fixed a memory leak in oakley_check_certid(). patch by Roman Hoog Antink <rha@open.ch> 2011-03-15 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: isakmp.c, isakmp_inf.c, pfkey.c: directly call isakmp_ph1delete() instead of scheduling isakmp_ph1delete_stub(), as it is useless an can lead to memory access after free 2011-03-14 Timo Teras <timo.teras@iki.fi> * src/racoon/: grabmyaddr.c, handler.c, isakmp.c, isakmp_inf.c, isakmp_quick.c, nattraversal.c, pfkey.c, policy.c, sockmisc.c, sockmisc.h, throttle.c: Explicitly compare return value of cmpsaddr() against a return value define to make it more obvious what is the intended action. One more return value is also added, to fix comparison of security policy descriptors. Namely, getsp() should not allow wildcard matching (as the comment says, it does exact matching) - otherwise we get problems when kernel has generic policy with no ports, and a second similar policy with ports. 2011-03-14 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: cfparse.y, isakmp_xauth.c, isakmp_xauth.h, remoteconf.c, remoteconf.h, rsalist.c, rsalist.h: avoid some memory leaks / free memory access when reloading conf and have inherited config. patch from Roman Hoog Antink <rha@open.ch> * src/racoon/handler.c: removed an useless comment * src/racoon/handler.c: check if we got RMCONF_ERR_MULTIPLE from getrmconf_by_ph1() in revalidate_ph1tree_rmconf() 2011-03-11 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: handler.c, isakmp.c: directly delete a ph1 in remove_ph1-) instead of scheduling it, to avoid (completely ?) a race condition when reloading configuration 2011-03-06 Timo Teras <timo.teras@iki.fi> * src/racoon/privsep.c: Quiet a gcc warning when strict-aliasing checks are enabled. Reported by Stephen Clark. 2011-03-02 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/session.c: flush sainfo list when closing session. patch by Roman Hoog Antink <rha@open.ch> * src/racoon/: remoteconf.c, rsalist.c, rsalist.h: free rsa structures when deleting a struct rmconf. patch by Roman Hoog Antink <rha@open.ch> * src/racoon/: cfparse.y, remoteconf.c, remoteconf.h: free spspec when deleting a rmconf struct. patch by Roman Hoog Antink <rha@open.ch> * src/racoon/: remoteconf.c, session.c: fixed some memory leaks in remoteconf. patch by Roman Hoog Antink <rha@open.ch> * src/racoon/: cfparse.y, prsa_par.y: fixed some memory leaks during configuration parsing. patch by Roman Hoog Antink <rha@open.ch> 2011-03-01 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: isakmp.c, pfkey.c: plog text fixes, patch from M E Andersson <debian@gisladisker.se> * src/racoon/cfparse.y: reset yyerrorcount before doing parse stuff. patch by Roman Hoog Antink <rha@open.ch> 2011-02-20 Timo Teras <timo.teras@iki.fi> * src/racoon/oakley.c: From Roman Hoog Antink <rha@open.ch>: Fix memory leak when using plain RSA key authentication. 2011-02-11 Timo Teras <timo.teras@iki.fi> * src/racoon/plainrsa-gen.c: From Mats E Andersson <debian@gisladisker.se>: Fix fprintf format specifier usage from previous patch. 2011-02-10 Timo Teras <timo.teras@iki.fi> * src/racoon/plainrsa-gen.c: From Mats Erik Andersson <debian@gisladisker.se>: Implement importing of RSA keys from PEM files. * src/racoon/prsa_par.y: From M E Andersson <debian@gisladisker.se>: Fix parsing of restricted RSA key addresses. 2011-02-02 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: cftoken.l, isakmp.c, remoteconf.h, sainfo.c, sainfo.h: store ph1id in an u_int32_t instead of a (signed)int. Patch from Christophe Carre 2011-01-28 Timo Teras <timo.teras@iki.fi> * src/racoon/: sainfo.c, sainfo.h, session.c: From Roman Hoog Antink <rha@open.ch>: Clean up sainfo reloading: rename the functions, and remove unneeded global variable. * src/racoon/: remoteconf.c, remoteconf.h, session.c: From Roman Hoog Antink <rha@open.ch>: Clean up rmconf reloading: rename the functions, and remove unneeded global variable. * src/racoon/plog.c: From Roman Hoog Antink <rha@open.ch>: Log remote IP address if available (slightly modified by tteras) 2011-01-22 Timo Teras <timo.teras@iki.fi> * src/racoon/isakmp_inf.c: From Roman Hoog Antink <rha@open.ch>: Fixes a null pointer dereference that might occur after removing peers from the config and then reloading. 2011-01-20 Yvan Vanhullebus <vanhu@netasq.com> * src/libipsec/pfkey.c: fixed a typo, it will now compile when KMADDRESS is defined. reported by Roman Hoog Antink (rha (at) open.ch) 2010-12-28 Timo Teras <timo.teras@iki.fi> * src/racoon/handler.c: From Roman Hoog Antink <rha@open.ch>: Fix config reload to not delete too many phase 2 handles, because wrong chain field is used when enumerating the handles. 2010-12-16 gdt * src/racoon/oakley.c: When encountering a certificate where "ID mismatched with ASN1 SubjectName", and verify_identifier is off, don't raise an error. This makes the behavior match the man page. Patch sent for review long ago: http://mail-index.netbsd.org/tech-security/2006/03/24/0000.html with no negative feedback received to date. 2010-12-14 Timo Teras <timo.teras@iki.fi> * src/racoon/ipsec_doi.c: From Roman Hoog Antink <rha@open.ch>: Fix possible null derefence. 2010-12-08 Timo Teras <timo.teras@iki.fi> * src/racoon/admin.c: Use separate SA addresses for phase2's created by admin command. The phase2 startup overwrites src/dst with ISAKMP ports if they are zero and we don't want that to happen for the SA ports. 2010-12-08 joerg * src/libipsec/pfkey.c: ANSIfy 2010-12-07 Timo Teras <timo.teras@iki.fi> * src/racoon/isakmp_quick.c: Fix spacing and improve wording in some log messages. 2010-12-03 Timo Teras <timo.teras@iki.fi> * src/libipsec/ipsec_dump_policy.c: Recognize direction for Linux per-socket policies. * src/: libipsec/libpfkey.h, libipsec/pfkey_dump.c, setkey/parse.y, setkey/setkey.8: Support GRE key as upper layer protocol specifier (will be supported in Linux kernel 2.6.38). * src/racoon/grabmyaddr.c: Netlink deletion notification does not guarentee actual address deletion: it might still exist on some other interface. Make sure we do not unbind unless the address is really gone. 2010-11-17 Timo Teras <timo.teras@iki.fi> * src/racoon/: handler.c, handler.h, isakmp.c, isakmp_inf.c: Fix my previous patch to not call purge_remote() twice. Change the place where purge_remote() is called. This fixes also a possible crash from the same patch since ph1->remote can be NULL (when we are responder and config is not yet selected). 2010-11-12 Timo Teras <timo.teras@iki.fi> * src/racoon/: admin.c, isakmp.c, isakmp_var.h, pfkey.c: isakmp_post_acquire is now called from admin commands too, add a flag so admin commands can be used to establish even passive links on demand. * src/racoon/isakmp.c: Purge all IPsec-SA's if the last main ISAKMP-SA for the node is deleted by remote request and the phase1 rekeying is enabled (this will also trigger the new phase1_dead script hook). * src/racoon/: handler.h, isakmp_inf.c: Improve DPD sequence checks to allow any reply within valid sequence window to be proof of livelyness. This can improves things if there's random packet delays, or if racoon is not getting enough CPU time. * src/racoon/: admin.c, admin.h, kmpstat.c, racoonctl.c: Extern admin protocol to allow reply packets to exceed 64kb. E.g SA dumps with many established SAs can be easily over the limit. 2010-10-22 Timo Teras <timo.teras@iki.fi> * src/racoon/grabmyaddr.c: Change Linux Netlink address monitoring to monitor local route changes. This works around a kernel bug, and slightly improves behaviour on some special cases. 2010-10-21 Timo Teras <timo.teras@iki.fi> * src/racoon/: admin.c, evt.c, grabmyaddr.c, isakmp.c, pfkey.c, session.c, session.h: Introduce priorities for file descriptor polling mechanism and give priority to admin port. If admin port is used by ISAKMP-SA hook scripts they should be preferred, other wise heavy traffic can delay admin port requests considerably. This in turn may cause renegotiation loop for ISAKMP-SA. This is mostly useful for OpenNHRP setup, but can benefit other setups too. * src/racoon/: admin.c, handler.c, handler.h: Remove initial-contact entry when all ISAKMP-SA are purged via adminport. This will avoid stale security associations if some of the delete notifications happens to get lost. 2010-10-20 Timo Teras <timo.teras@iki.fi> * src/racoon/crypto_openssl.c: Use high-level openssl EVP and HMAC functions when possible: this allows openssl to perform hardware acceleration if available. * src/racoon/: isakmp.c, isakmp_quick.c: Various improvements to error log messages and a few additional error log messages to improve diagnosing an error condition. * src/racoon/grabmyaddr.c: Fix address comparison so we actually close sockets which were bound to IP-address that got deconfigured. 2010-10-11 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/ipsec_doi.c: report a higher encryption key length in approval for OBEY / CLAIM / STRICT modes 2010-09-27 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_xauth.c: fixed some typos in logs (reported by fazaeli (at) sepehrs.com) 2010-09-24 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/cftoken.l: fixed a fd leak, patch by getlaser (at) gmail.com 2010-09-22 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/admin.c: get the correct length of username when processing ADMIN_LOGOUT_USER, patch by rweikusat (at) mssgmbh.com * src/racoon/nattraversal.h: fixed a typo in macros, reported by marisp (at) mt.lv 2010-09-21 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_cfg.c: moved from utmp.h to utmpx.h (patch provided by marcin.cieslak (at) gmail.com) 2010-09-08 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/remoteconf.c: fixed remoteconf selection when no ID specified in configuration, and added some debug to remoteconf selection 2010-08-26 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/remoteconf.c: fix by Sergio.Gelato (at) astro.su.se: duplicate some dynamic values in duprmconf() 2010-08-04 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_cfg.c: fixed answer for IP4_SUBNET request 2010-07-30 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/doc/FAQ: updated link to NetBSD's documentation 2010-06-22 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: Bump date for previous. 2010-06-22 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: cfparse.y, cftoken.l, isakmp.c, isakmp_inf.c, racoon.conf.5, remoteconf.c, remoteconf.h: added a specific script hook when a dead peer is detected 2010-06-04 Thomas Klausner <wiz@netbsd.org> * src/setkey/setkey.8: New sentence, new line. Bump date for previous. 2010-06-04 Yvan Vanhullebus <vanhu@netasq.com> * src/setkey/: parse.y, setkey.8, token.l: Added support for spdupdate command in setkey 2010-04-07 Yvan Vanhullebus <vanhu@netasq.com> * src/libipsec/ipsec_strerror.c: by Eric Preston: fixed a typo 2010-04-02 Christos Zoulas <christos@netbsd.org> * src/: libipsec/pfkey_dump.c, racoon/backupsa.c: handle ctime returning NULL. 2010-03-11 Christos Zoulas <christos@netbsd.org> * src/racoon/handler.c: PR/42363: Yasuoka Masahiko: Second part of the patch: iterate only on the phase2 handles that are bound by the given phase1 handle. 2010-03-05 Timo Teras <timo.teras@iki.fi> * src/: libipsec/ipsec_set_policy.3, racoon/privsep.c, racoon/doc/FAQ, setkey/setkey.8: From Stefan Bauer: Fix multiple typoes and manpage formatting errors. 2010-03-04 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/session.c: From Pierre POMES: fixed admin port initialization 2010-02-28 snj * src/racoon/: sockmisc.c, sockmisc.h: Fight the ever-increasing size of src checkouts by spelling "useful" without an extra l. 2010-02-09 Thomas Klausner <wiz@netbsd.org> * src/racoon/: pfkey.c, proposal.h: Fix typo in comment. 2010-01-17 Thomas Klausner <wiz@netbsd.org> * src/racoon/sainfo.c: Free strdeupped string after using it. Found by cppcheck. * src/racoon/: eaytest.c, ipsec_doi.c: Close file handles after using them. Found by cppcheck. 2010-01-15 joerg * src/setkey/setkey.8: Use .%U instead of .%O for URLs. 2009-12-11 Timo Teras <timo.teras@iki.fi> * src/racoon/Makefile.am: From Paul Wernau: vmbuf.h was defined twice in the headers. Remove the redundant entry so new install tool does not complain about overwriting just installed file. 2009-11-22 Christos Zoulas <christos@netbsd.org> * src/racoon/handler.c: PR/42363: Yasuoka Masahiko: racoon uses a wrong IPsec-SA handle that is for other peer in case it receives a ISAKMP message for IPsec-SA that has the same message-id as the message-id that is received before. racoon uses message-id to find the handle of IPsec-SA. The message-id is a unique number for each peer, but different peers may use the same value. Different Windows Vista or Windows 7 peers seem to use the same message-id. racoon can handle the first Windows's Phase-2, but it cannot handle the second Windows. Because racoon misunderstands the message for the second Windows as the message for the first Windows. >Category: bin >Synopsis: racoon uses a wrong IPsec-SA that is for different peer >Confidential: no >Severity: serious >Priority: medium >Responsible: bin-bug-people >State: open >Class: sw-bug >Submitter-Id: net >Arrival-Date: Sun Nov 22 18:25:00 +0000 2009 >Originator: yasuoka@iij.ad.jp 2009-10-29 Christos Zoulas <christos@netbsd.org> * src/setkey/token.l: use %option noinput nounput 2009-10-28 Christos Zoulas <christos@netbsd.org> * src/setkey/token.l: no unput 2009-10-14 joerg * src/libipsec/ipsec_set_policy.3: Do not use .Xo/.Xc to workaround ancient groff limits. * src/setkey/setkey.8: Do not use .Xo/.Xc to work around ancient groff limits. Fix markup. * src/racoon/racoon.conf.5: Don't use .Xo/.Xc to work around ancient groff limits. Set only one list type. 2009-09-18 Timo Teras <timo.teras@iki.fi> * src/racoon/: isakmp_agg.c, isakmp_ident.c: From Tomas Mraz: Fix gssapi error checking. 2009-09-03 Timo Teras <timo.teras@iki.fi> * src/racoon/: admin.c, handler.c, handler.h, isakmp.c, isakmp_var.h, pfkey.c: When rekeying phase2 use phase1 used to negotiate phase2 as a hint to select the phase1 for rekeying the new phase2. 2009-09-01 Timo Teras <timo.teras@iki.fi> * src/racoon/: nattraversal.c, racoon.conf.5, vendorid.c: Check nat_traversal configuration from remote configuration candidates when acting as responder. Enable NAT-T if any of the remote candidates have NAT-T enabled. * src/racoon/remoteconf.c: Change remote conf matching level to matching score. This way one can override anonymous certificate block config with more exact "inhereted" IP specific block. * src/racoon/: isakmp.c, racoon.conf.5: From Maik Broemme: export ISAKMP SA identity as REMOTE_ID for phase1 up script (trac #313). 2009-08-24 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/oakley.c: fixed typo: algoriym -> algorithm 2009-08-19 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/remoteconf.c: fixed address check in rmconf_match_type(), just check address with wildcard port 2009-08-19 Timo Teras <timo.teras@iki.fi> * src/racoon/remoteconf.c: Have an enum for rmconf_match_type() return values to make the code a bit more readable. 2009-08-18 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/oakley.c: typo: algoritym -> algorithm 2009-08-17 Yvan Vanhullebus <vanhu@netasq.com> * src/libipsec/libpfkey.h: do not use SADB_X_NAT_T_NEW_MAPPING to check system support for NAT-T, as at least FreeBSD doesn't have this define anymore * src/racoon/schedule.h: include stddef.h so we have a chance to get the system offsetof if present * src/racoon/crypto_openssl.h: removed a self include 2009-08-13 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/oakley.c: fixed a potential DoS in oakley_do_decrypt(), reported by Orange Labs 2009-08-10 Timo Teras <timo.teras@iki.fi> * src/racoon/pfkey.c: Don't print EAGAIN error from pfkey_handler(), it can occur normally under some code paths and is not a hard error in any case. 2009-08-06 Timo Teras <timo.teras@iki.fi> * src/setkey/setkey.c: From Paul Wenau: Check fgets return value in setkey to make gcc happy. 2009-08-05 Timo Teras <timo.teras@iki.fi> * src/racoon/pfkey.c: From Paul Wernau: Fix transport mode per-port security associations that got broke during NAT-T fixes. 2009-07-07 Timo Teras <timo.teras@iki.fi> * src/racoon/sockmisc.c: From Arnaud Ebalard: Fix possible usage of uninitialized local variable (not sure if any code path triggers this, but this makes compiler happy). 2009-07-03 Timo Teras <timo.teras@iki.fi> * src/racoon/: admin.c, grabmyaddr.c, handler.c, handler.h, isakmp.c, isakmp_cfg.c, isakmp_inf.c, isakmp_quick.c, nattraversal.c, pfkey.c, policy.c, remoteconf.c, remoteconf.h, sockmisc.c, sockmisc.h, throttle.c: Get rid of the evil CMPSADDR macro. Trac #295. * src/: libipsec/libpfkey.h, libipsec/pfkey.c, racoon/isakmp.c, racoon/isakmp_inf.c, racoon/pfkey.c, racoon/pfkey.h: From Yvan Vanhullebus: Use SADB_X_EXT_NAT_T_* consistently for passing the NAT-T port information. This might break compatibility with some kernels, but as discussed this is the proper way to pass NAT-T ports and the broken kernels need to be fixed. 2009-06-24 Timo Teras <timo.teras@iki.fi> * src/racoon/session.c: Fix a call to null pointer: in some cases, the unmonitor_fd can be called from another fd's callback. That could lead to still have callback pending after unmonitoring the fd resulting in a call to null pointer. This is fixed by making unmonitor_fd now clear the pending fd_set too. Bug was introduced by my commit in 2008-12-23. 2009-05-20 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp.h: typo 2009-05-19 Timo Teras <timo.teras@iki.fi> * src/racoon/: ipsec_doi.c, isakmp.c: From Jukka Salmi: Fix couple of typos from previous commit. 2009-05-18 Timo Teras <timo.teras@iki.fi> * src/racoon/: ipsec_doi.c, isakmp.c, sockmisc.c, sockmisc.h: From Tomas Mraz: Introduce union sockaddr_any and use it to make code more readable. Related to trac #293. * src/racoon/isakmp_inf.c: From Tomas Mraz: Remove variable that is not really used; only referenced while uninitialized causing valgrind error. * src/racoon/nattraversal.c: From Tomas Mraz: Fix natt_flags check. 2009-05-04 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: Remove superfluous spaces around parentheses. 2009-04-29 Timo Teras <timo.teras@iki.fi> * src/racoon/crypto_openssl.c: From Ross Meng: Fix a memory leak in X509 certificate validation. 2009-04-28 Timo Teras <timo.teras@iki.fi> * src/racoon/handler.c: Reset nat_oa variables too when reusing phase two handler. Otherwise phase2 rekeying might fail in some scenarios. 2009-04-22 Timo Teras <timo.teras@iki.fi> * src/racoon/isakmp_frag.c: From Neil Kettle: Fix a possible null pointer dereference in fragmentation code. 2009-04-21 Timo Teras <timo.teras@iki.fi> * src/racoon/: grabmyaddr.c, grabmyaddr.h, session.c: Fix strict_address to work again. The lists needs to be initialized before configuration is read, which happens before my_addr_init() call. 2009-04-20 Timo Teras <timo.teras@iki.fi> * src/racoon/: isakmp.c, isakmp.h, isakmp_var.h: Fix a memory leak in certificate request generation. * src/racoon/: isakmp_inf.c, isakmp_xauth.c, plog.c: Orignally from Bin Li: Fix possible memory corruption in binsanitize(). * src/racoon/crypto_openssl.c: From Stephen Bevan: Fix a x509 signature verification memory leak. * src/racoon/: admin.c, racoonctl.c: Originally from Bin Li: Fix a crash with racoonctl logout user. * src/racoon/nattraversal.c: Fix a memory leak in nat-t keepalive code. * src/racoon/handler.c: From Paul Moore: Phase2 message id's should be unique wrt phase1, not globally. 2009-03-13 Timo Teras <timo.teras@iki.fi> * src/racoon/: pfkey.c, remoteconf.h: From Arnaud Ebalard: Fix couple of problems with previous commit. 2009-03-12 he * src/racoon/: isakmp.c, remoteconf.c: When casting to/from a pointer to an integral type (a bad practice, if you ask me), you need to cast via intptr_t for portability. 2009-03-12 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: New sentence, new line. Avoid marking up punctuation. * src/racoon/racoonctl.8: Bump date for previous. Sort options to establish-sa. Stop using Xo/Xc. 2009-03-12 Timo Teras <timo.teras@iki.fi> * src/racoon/: admin.c, cfparse.y, cftoken.l, crypto_openssl.c, crypto_openssl.h, dnssec.c, dnssec.h, handler.c, handler.h, ipsec_doi.c, ipsec_doi.h, isakmp.c, isakmp.h, isakmp_agg.c, isakmp_base.c, isakmp_ident.c, isakmp_inf.c, isakmp_quick.c, isakmp_var.h, nattraversal.c, oakley.c, oakley.h, racoon.conf.5, racoonctl.8, racoonctl.c, remoteconf.c, remoteconf.h, sockmisc.c, vendorid.c: Support multiple anonymous remotes and decide remoteconf based on identity, received certificates and other information. General code clean up. 2009-03-06 Timo Teras <timo.teras@iki.fi> * src/setkey/: extern.h, parse.y, setkey.c: setkey: fix deleteall in Linux Linux requires SADB_DELETE message to have SPI. So send a SADB_DELETE message for each matching SA. Trac #284. From: Gabriel Somlo <somlo@cmu.edu> 2009-02-16 Timo Teras <timo.teras@iki.fi> * src/libipsec/policy_parse.y: From Paul Moore: Fix a heap corruption bug (yacc return non-null terminated buffer and sprintf writes over bounds). 2009-02-11 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: isakmp.c, sockmisc.c, sockmisc.h: trac#301: fixed IPsec SAs flush in purge_remote() when NAT-T enabled but no NAT-T on tunnel 2009-02-03 Timo Teras <timo.teras@iki.fi> * src/racoon/isakmp.c: From: Phil Sutter. Fix script environment variables with IPv6 addresses. 2009-01-26 Timo Teras <timo.teras@iki.fi> * src/racoon/main.c: Argument parsing needs lcconf initialized. 2009-01-24 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoonctl.c: Sort options in usage. * src/racoon/racoonctl.8: Sort options. New sentence, new line. * src/racoon/racoon.8: Sort options. 2009-01-23 Timo Teras <timo.teras@iki.fi> * src/racoon/: racoonctl.8, racoonctl.c: Update usage and manpage for racoonctl. * src/racoon/: main.c, racoon.8: Racoon -v to print version and compilation information. Update usage message. * NEWS: Update NEWS with major changes since 0.7 release. * src/racoon/schedule.c: Fix monotonic scheduler change, to not refresh 'now' before exit. Otherwise we can return negative timeout after spending time handling other events. * src/racoon/: handler.c, pfkey.c: From Arnaud Ebalard: Handle reception of MIGRATE message during Phase 1 and Phase 2 negotiation. Also corrects some debugging statements. * src/racoon/pfkey.c: From Arnaud Ebalard: On the responder (for instance), there is a need to not only migrate local and remote addresses of Phase 1 that match previous addresses but also the local and remote addresses of a Phase 1 *associated* with a migrated Phase 2. For instance, we have that need when receiving the first MIGRATE/KMADDRESS message because the old addresses are still the HoA and the address of the HA (while the peer has contacted us using the CoA and we have negotiated this address as src attribute in Phase 2). The patch fixes that by having migrate_ph1_ike_addresses() called from migrate_ph2_ike_addresses() callback. * src/racoon/isakmp_quick.c: From Arnaud Ebalard: Set phase2 spid when acting as responder. * configure.ac, src/racoon/handler.c, src/racoon/handler.h, src/racoon/isakmp_inf.c, src/racoon/isakmp_xauth.c, src/racoon/schedule.c, src/racoon/schedule.h, src/racoon/throttle.c, src/racoon/throttle.h: Detect if monotonic system clock is available, and use it for relative time measurements to avoid complite hang if time jumps backwards. * src/racoon/: cfparse.y, ipsec_doi.c, isakmp.c, isakmp_agg.c, isakmp_base.c, isakmp_cfg.c, isakmp_ident.c, isakmp_xauth.c, oakley.c, oakley.h: Fix authentication method ambiguity by internally using unique ID and setting/interpreting the wire format based on received vendor ID:s. Fixes trac #280. * src/racoon/: handler.h, isakmp_agg.c, isakmp_base.c, isakmp_ident.c, vendorid.c, vendorid.h: Introduce vendorid bitmask that can be used otherwhere to detect peer capabilities. * configure.ac, src/racoon/admin.c, src/racoon/evt.c, src/racoon/grabmyaddr.c, src/racoon/isakmp.c, src/racoon/pfkey.c, src/racoon/session.c, src/racoon/session.h: Remove "fastquit" configure option and make it the default behaviour. The previous normal behaviour is buggy, as after flush kernel can immediately create larval SA:s which would prevent exit. 2009-01-20 Timo Teras <timo.teras@iki.fi> * Makefile.am, misc/cvs2cl.pl, misc/cvsusermap: Autogenerate ChangeLog from NetBSD CVS. Put sourceforge.net changes to ChangeLog.old. 2009-01-10 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: Make ready for HTML output. Use proper escape for backslash ('\e'). 2009-01-10 Timo Teras <timo.teras@iki.fi> * src/racoon/: crypto_openssl.c, racoon.conf.5: From Cyrus Rahman: Accept RFC2253 compliant escaped special characters for asn1dn identifier. 2009-01-09 Timo Teras <timo.teras@iki.fi> * configure.ac: Fix a CPPLAGS typo to CPPFLAGS which was intended 2009-01-05 Timo Teras <timo.teras@iki.fi> * src/racoon/: cfparse.y, cftoken.l, racoon.conf.5: Remove obsolete configuration options, fix radius configuration block and add GRE as recognized protocol. * src/racoon/session.c: Do not use counting in signal handling as it was unsafe by not using atomic functions (post increment is not necessarily atomic). Instead reap all children on SIGCHLD as that was the only signal needing signal counting. 2008-12-30 Timo Teras <timo.teras@iki.fi> * src/racoon/session.c: schedular() call can now modify fd mask so make the working copy just before calling select(); otherwise it can contain bad file descriptors 2008-12-29 Michael van Elst <mlelstv@netbsd.org> * src/setkey/parse.y: support icmp codes. Fixes PR 39056. 2008-12-24 Christos Zoulas <christos@netbsd.org> * src/racoon/grabmyaddr.c: remove sin{6,}_len linux does not have it. From Timo Teras. * src/racoon/grabmyaddr.c: I was wrong. addr is actually set. * src/racoon/grabmyaddr.c: - make this compile by zeroing out the whole structure not just bogus fields. - set length field of sockets appropriately. - mark bogus no-op code (I don't understand what the author intended here). 2008-12-23 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: Bump date for identity configuration option removal. 2008-12-23 Timo Teras <timo.teras@iki.fi> * src/racoon/: cfparse.y, cftoken.l, ipsec_doi.c, localconf.c, localconf.h, racoon.conf.5: Remove the obsoleted global identity configuration option. * src/racoon/: admin.c, admin_var.h, cfparse.y, debug.h, evt.c, evt.h, grabmyaddr.c, grabmyaddr.h, handler.c, isakmp.c, isakmp_inf.c, isakmp_var.h, localconf.c, localconf.h, main.c, nattraversal.c, pfkey.c, pfkey.h, privsep.c, session.c, session.h: rewrite local address detection make some functions static that arr not needed globally rework how fd_set is construction for the main loop select() 2008-12-18 Timo Teras <timo.teras@iki.fi> * src/racoon/pfkey.c: From Arnaud Ebalard: Delete larval ph2handles when expire with hard lifetime received 2008-12-16 Timo Teras <timo.teras@iki.fi> * README: Update README * src/racoon/pfkey.c: Fix transport mode address selection in acquire handling. Some earlier fixes got lost on 2008-12-05 commit. 2008-12-11 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/grabmyaddr.c: Fixed compilation on FreeBSD (RTM_IFINFO and RTM_OIFINFO stuff) * src/racoon/isakmp.c: Fixed compilation when DPD support is disabled 2008-12-08 Timo Teras <timo.teras@iki.fi> * src/racoon/: pfkey.c, privsep.c, privsep.h: Do not cache pfkey sockets: it might cause to not handle some pfkey events when select() has marked pfkey socket readable, but a timer callback first calls pfkey_dump_sadb(). 2008-12-05 Timo Teras <timo.teras@iki.fi> * src/: libipsec/key_debug.c, libipsec/libpfkey.h, libipsec/pfkey.c, racoon/handler.c, racoon/handler.h, racoon/ipsec_doi.c, racoon/isakmp.c, racoon/isakmp_quick.c, racoon/pfkey.c, racoon/policy.c, racoon/policy.h: From Arnaud Ebalard: Improved Mobile IPv6 support per draft-ebalard-mext-pfkey-enhanced-migrate. 2008-12-04 Christoph Badura <bad@netbsd.org> * src/racoon/privsep.c: Fix typo in previous and use SIG_IGN as I intended. 2008-12-02 Timo Teras <timo.teras@iki.fi> * src/racoon/session.c: Explicitly ignore SIGPIPE. Default action on Linux is terminate. 2008-11-28 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: Remove empty line. Fix typo. New sentence, new line. 2008-11-27 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/main.c: Set up a default value for Mode Config Pool size if pool address specified but pool size not specified * src/racoon/isakmp_cfg.c: Fixed pool resizing 2008-11-27 Timo Teras <timo.teras@iki.fi> * src/racoon/pfkey.c: From Arnaud Ebalard: Remove MAXNESTEDSA weirdness. It's probably meant for bundle support which is not done. When someone actually writes bundle support, the nested SA stuff would probably be reworked too anyway. * src/: libipsec/libpfkey.h, libipsec/pfkey.c, racoon/cfparse.y, racoon/cftoken.l, racoon/localconf.c, racoon/localconf.h, racoon/pfkey.c, racoon/racoon.conf.5: From: Matthew Krenzer Ability to set pfkey socket buffer size via configuration file directive. (Indentation and minor fixes by me.) 2008-11-25 Christoph Badura <bad@netbsd.org> * src/racoon/: evt.c, privsep.c, session.c: Avoid using MSG_NOSIGNAL as it is not available everywhere. Ignore SIGPIPE instead. * src/racoon/grabmyaddr.c: Ignore unspecified and looback addresses. Ignoring unspecified addresses prevents racoon from trying to bind to the wildcard address and specific addresses simultaneously after e.g. dhclient has changed an interface's address to 0.0.0.0. * src/racoon/grabmyaddr.c: RTM_DELETE and RTM_IFINFO don't carry info for added or deleted addresses. Ignore them silently. * src/racoon/grabmyaddr.c: Ignoring an unsuitable address is not an error. Therefore log it as informational. Make it clear from the log message that a route message is not interesting. * src/racoon/grabmyaddr.c: Use insmyaddr() instead of open coding it. * src/racoon/isakmp.c: Do not return erroneously from isakmp_open() when setting IPV6_USE_MIN_MTU fails. * src/racoon/: grabmyaddr.c, isakmp.c: Keep myaddr.sock at -1 when no socket is opened. 2008-11-08 Christoph Badura <bad@netbsd.org> * src/racoon/samples/roadwarrior/client/: phase1-down.sh, phase1-up.sh: Preserve owner and permissions of original /etc/resolv.conf. Ensure that new /etc/resolv.conf isn't group or world writable. * src/racoon/samples/roadwarrior/client/: phase1-down.sh, phase1-up.sh: Print and check INTERNAL_NETMASK4. * src/racoon/samples/roadwarrior/client/: phase1-down.sh, phase1-up.sh: Make the handling of NAT-T SPD entries automatic. * src/racoon/samples/roadwarrior/client/: phase1-down.sh, phase1-up.sh: Ensure that the determination of the default gateway and the corresponding interface don't get confused by multiple, possibly non-IPv4 default routes. Bring the NetBSD case of deleting the VPN routes and address in line with the Linux case and delete the address after deleting the VPN routes. 2008-11-06 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/sainfo.c: fixed delsainfo() to avoid a crash when iddst's value is SAINFO_CLIENTADDR 2008-10-29 S.P.Zeidler <spz@netbsd.org> * src/racoon/ipsec_doi.c: Changes to ipsecdoi_id2str(): struct sockaddr -> struct sockaddr_storage fixes a stack overflow For non-linklocal addresses the value in 'scope' is garbage and gets set to zero instead. 2008-10-27 Timo Teras <timo.teras@iki.fi> * src/racoon/pfkey.c: From Arnaud Ebalard: Add missing return to error path * src/racoon/grabmyaddr.c: From Francis Dupont (sent by Arnaud Ebalard): recognize RTM_IFANNOUNCE * src/racoon/grabmyaddr.c: From Arnaud Ebalard: Fix indentation issues for readability * src/racoon/session.c: From Arnaud Ebalard: initfds() needs to be called only if monitored file descriptor numbers have changed * src/racoon/isakmp_var.h: From Arnaud Ebalard: Remove duplicate declaration 2008-10-23 Timo Teras <timo.teras@iki.fi> * src/racoon/: privsep.c, session.c, session.h: From Krzysztof Piotr Oledzki <olel@ans.pl>: Revert parts of 2008-08-06 commit; the problem those changes address are already handled in a sensible way by Cyrus Rahman's patch from 2008-03-06. 2008-10-09 Timo Teras <timo.teras@iki.fi> * src/racoon/isakmp_quick.c: From Arnaud Ebalard: remove unnecessary unbindph12() call which is now done in remph2() 2008-09-25 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp.c: Fixed resending mechanism to have non-ESP marker for retransmitted packets 2008-09-19 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: New sentence, new line. 2008-09-19 Timo Teras <timo.teras@iki.fi> * src/racoon/: admin.c, cfparse.y, cftoken.l, handler.c, handler.h, isakmp.c, isakmp_cfg.c, isakmp_inf.c, isakmp_quick.c, isakmp_var.h, isakmp_xauth.c, pfkey.c, proposal.c, racoon.conf.5, remoteconf.c, remoteconf.h: Implement ISAKMP SA rekeying configurable with rekey {on|off|force} option in remote conf. * src/racoon/: handler.c, handler.h, isakmp.c, isakmp_inf.c, isakmp_quick.c, isakmp_var.h, isakmp_xauth.c, isakmp_xauth.h, nattraversal.c, pfkey.c, pfkey.h, schedule.c, schedule.h, session.c: Change struct sched to be allocated be the caller to avoid some memory allocations. Optimize scheduling algorithm to not scan all entries in the main loop. 2008-09-17 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_inf.c: Fixed port match in purge_ipsec_spi() when NAT-T enabled and trying to purge non NAT-T SAs 2008-09-09 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/pfkey.c: Some calls to set_port() were not correctly updated in the previous commit 2008-09-03 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/pfkey.c: From Tomas Mraz: Duplicate addresses in pk_sendxxx functions, as they may be altered for NAT-T stuff. 2008-09-03 Timo Teras <timo.teras@iki.fi> * src/: libipsec/pfkey.c, racoon/pfkey.c, racoon/sockmisc.c: - Fix reloading of SPD (Linux satype check, handling of SPD dump responses) - Remove some spurious error log message from extract_port() 2008-08-29 Gregory McGarry <gmcgarry@netbsd.org> * src/racoon/isakmp.c: Eliminate gcc-specific feature of empty structures. * src/racoon/evt.h: Eliminate superfluous semicolon. * src/racoon/: admin.c, admin.h: Eliminate gcc-specific feature of unnamed structures added recently. 2008-08-12 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp.c: From Krzysztof Piotr Oledzki: Remove ph1handler if we received an invalid first exchange from initiator. 2008-08-06 Timo Teras <timo.teras@iki.fi> * src/racoon/: privsep.c, session.c, session.h: From Krzysztof Piotr Oledzki: Make privileged process exit if unprivileged process is terminated and some spelling fixes. 2008-07-23 Matthew Grooms <mgrooms@shrew.net> * src/racoon/: cfparse.y, session.c: Add some missing ifdefs required for non-radius enabled builds. 2008-07-23 Timo Teras <timo.teras@iki.fi> * src/racoon/Makefile.am: Do not use GNU make specific extension. * src/: libipsec/Makefile.am, racoon/Makefile.am, setkey/Makefile.am: Do flex/bison invocation in a more standard way, and keep the generated files in the dist tarball. 2008-07-22 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/proposal.c: From Kohki Ohhira: fix some memory leaks, when malloc fails or when peer sends invalid proposal. 2008-07-22 Matthew Grooms <mgrooms@shrew.net> * src/racoon/: cfparse.y, cftoken.l, isakmp_cfg.c, isakmp_xauth.c, isakmp_xauth.h, main.c, racoon.conf.5, session.c: Add an optional radius configuration section to the racoon.conf file. This is similar to the the LDAP configuration section and overrides settings in the system radius configuration file. 2008-07-21 Matthias Scheler <tron@netbsd.org> * src/racoon/cfparse.y: Correct typo to fix the build. 2008-07-21 Timo Teras <timo.teras@iki.fi> * src/racoon/: isakmp_agg.c, isakmp_base.c, isakmp_ident.c, vendorid.c, vendorid.h: Separate generic vendor id handling to a new function and use it. * src/racoon/cfparse.y: Do not set default gss id if xauth is used, otherwise gss-id attribute might be sent even if it was not requested. 2008-07-15 Matthew Grooms <mgrooms@shrew.net> * src/racoon/isakmp_cfg.c: Fix an a typo that prevented racoon from building with hybrid enabled. * src/racoon/: crypto_openssl.c, eaytest.c, misc.c, misc.h, racoonctl.c: Fix a conflict with the FreeBSD 8 system hexdump function. 2008-07-14 Timo Teras <timo.teras@iki.fi> * src/racoon/: handler.h, ipsec_doi.c, ipsec_doi.h, isakmp_quick.c, pfkey.c: Handle RESPONDER-LIFETIME notification in quick mode. * src/racoon/: handler.h, isakmp.c, isakmp_agg.c, isakmp_ident.c, isakmp_inf.c, isakmp_inf.h, isakmp_quick.c, strnames.c: Clean up notification payload handling. Handle INITIAL-CONTACT notification in last main mode exchange (delayed) and during quick mode exchanges. 2008-07-11 Timo Teras <timo.teras@iki.fi> * src/racoon/: isakmp.c, isakmp_inf.c: Original patch from Atis Elsts: Fix a double memory free and a memory corruption (LIST_REMOVE() on an uninserted node) in some error handling paths. 2008-07-09 Timo Teras <timo.teras@iki.fi> * src/racoon/cfparse.y: From Chong Peng: fix a file descriptor and memory leak on configuration file reread 2008-07-02 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_inf.c: From Timo Teras: fix some %d to %zu (size_t values) 2008-06-18 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoonctl.8: Bump date for previous. 2008-06-18 Matthew Grooms <mgrooms@shrew.net> * src/racoon/: admin.c, admin.h, racoonctl.8, racoonctl.c: Add an admin port command to retrieve the peer certificate. Submitted by Timo Teras. * src/racoon/: admin.c, grabmyaddr.c, isakmp.c, misc.c, misc.h: Set sockets to be closed on exec to avoid potential file descriptor inheritance issues. Submitted by Timo Teras. * src/racoon/: admin.c, grabmyaddr.c, ipsec_doi.c, isakmp.c, isakmp_cfg.c, isakmp_inf.c, privsep.c, remoteconf.c: Use utility functions to evaluate and manipulate network port values. No functional changes. Submitted by Timo Teras. * src/racoon/: admin.c, racoonctl.c: Admin port code cleanup. No functional changes. Submitted by Timo Teras. * src/racoon/pfkey.c: Correct a phase2 status event. Submitted by Timo Teras. 2008-05-24 Christos Zoulas <christos@netbsd.org> * src/racoon/privsep.c: Coverity CID 5018: Fix double frees. 2008-05-08 Emmanuel Dreyfus <manu@netbsd.org> * configure.ac: From Christian Hohnstaedt: allow out of tree building 2008-04-30 Martin Husemann <martin@netbsd.org> * netbsd-import.sh: Convert TNF licenses to new 2 clause variant 2008-04-25 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_inf.c: From Timo Teras: extract port numbers from SADB_X_EXT_NAT_T[SD]PORT if present in purge_ipsec_spi(). 2008-04-13 Christos Zoulas <christos@netbsd.org> * src/racoon/privsep.c: for symmetry set controllen the same way we set it on the receiving side. 2008-04-02 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/: Makefile.am, sockmisc.c, sockmisc.h: fix Linux build 2008-03-28 Christos Zoulas <christos@netbsd.org> * src/racoon/privsep.c: properly fix the variable stack allocation code. 2008-03-28 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/privsep.c: Still from Cyrus Rahman: fix file descriptor leak introduced by previous commit. * src/racoon/: Makefile.am, isakmp.c, isakmp_inf.c, privsep.c, privsep.h, sockmisc.c, doc/README.privsep: From Cyrus Rahman: Allow interface reconfiguration when running in privilege separation mode, document privilege separation 2008-03-06 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/oakley.c: Generates a log if cert validation has been disabled by configuration 2008-03-06 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/: privsep.c, session.c: From Cyrus Rahman <crahman@gmail.com> privilegied instance exit when unprivilegied one terminates. Save PID in real root, not in chroot 2008-03-06 Matthew Grooms <mgrooms@shrew.net> * src/racoon/: admin.c, isakmp.c, isakmp_var.h, pfkey.c, racoonctl.8, racoonctl.c: Add the ability to initiate IPsec SA negotiations using the admin socket. Submitted by Timo Teras. * src/racoon/: admin.c, admin.h, evt.c, evt.h, handler.c, handler.h, isakmp.c, isakmp_agg.c, isakmp_base.c, isakmp_cfg.c, isakmp_ident.c, isakmp_inf.c, isakmp_var.h, isakmp_xauth.c, racoonctl.8, racoonctl.c, session.c: Refactor admin socket event protocol to be less error prone. Backwards compatibility is provided. Submitted by Timo Teras. 2008-03-05 Matthew Grooms <mgrooms@shrew.net> * src/racoon/cfparse.y: Properly initialize the unity network struct to prevent erroneous protocol and port info from being transmitted. * src/racoon/: pfkey.c, pfkey.h, session.c: Reload SPD on SIGHUP or adminport reload. Also provide better handling for pfkey socket read errors. Submitted by Timo Teras. 2008-02-25 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/ipsec_doi.c: From Brian Haley <brian.haley@hp.com> There's a cut/paste error in cmp_aproppair_i(), it's supposed to be checking spi_size but it's not. I'm not sure this patch is correct, but what's there isn't either. 2008-02-22 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp.c: Fix address length, from Brian Haley 2008-02-10 S.P.Zeidler <spz@netbsd.org> * src/racoon/ipsec_doi.c: closes PR bin/37644 did not meet violent opposition ( :) ) on ipsec-tools-devel 2008-01-11 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_inf.c: From Timo Teras: reset iph1->dpd_r_u in the scheduler's callback, to avoid access to freed memory. * src/racoon/crypto_openssl.c: From Krzysztof Oledzki: Fix compilation with IDEA and recent gcc. * src/racoon/isakmp_inf.c: From Krzysztof Oledzki: added some details to some logs (also reported new getph1byaddr() arg). * src/racoon/isakmp.c: From Krzysztof Oledzki: Only search for established ph1 handles in DPD (also reported new getph1byaddr() arg). * src/racoon/: handler.c, handler.h: added an 'established' arg to getph1byaddr() 2007-12-31 Matthew Grooms <mgrooms@shrew.net> * src/racoon/: policy.c, racoonctl.8, racoonctl.c: Add GRE protocol number to racoonctl. Correct id wildcard matching for transport mode. Submitted by Timo Teras. 2007-12-12 Matthew Grooms <mgrooms@shrew.net> * NEWS, src/racoon/isakmp_quick.c: Add corrections submitted in a follow up patch for the nat-t oa support. * src/racoon/: handler.c, handler.h, isakmp_quick.c, pfkey.c: Add support for nat-t oa payload handling. Submitted by Timo Teras. 2007-12-04 Matthew Grooms <mgrooms@shrew.net> * src/racoon/: ipsec_doi.c, ipsec_doi.h, isakmp_quick.c: Modify ipsecdoi_sockaddr2id() to obtain an id without specifying the exact prefix length. Correct a memory leak in phase2. Both submitted by Timo Teras. 2007-12-01 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: Fix typos. New sentence, new line. 2007-11-29 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/Makefile.am: From Natanael Copa: fixed a race condition when building yacc stuff. 2007-11-09 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/pfkey.c: From Arnaud Ebalard: Some sanity checking in pk_recv() * src/racoon/policy.c: From Arnaud Ebalard: Better matching of SPD entries in getsp_r(). * src/racoon/isakmp_quick.c: From Arnaud Ebalard: Added some debug in get_proposal_r(). 2007-10-19 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/: isakmp_cfg.c, isakmp_unity.c, isakmp_unity.h, racoon.conf.5: Add SPLITNET_{INCLUDR_LOCAL}_CIDR to hook scripts 2007-10-15 Yvan Vanhullebus <vanhu@netasq.com> * src/libipsec/pfkey.c: Try to increase the buffer size of the pfkey socket, this may help things when we have a huge SPD 2007-10-02 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/crypto_openssl.c: From Scott Lamb: include plog.h to work with the new plog macro. * src/racoon/kmpstat.c: From Scott Lamb: plog changed to _plog to work with new plog macro * src/racoon/: plog.c, plog.h: From Scott Lamb: new plog macro. 2007-09-19 Matthew Grooms <mgrooms@shrew.net> * src/racoon/isakmp.c: Set REUSE option on sockets to prevent failures associated with closing and immediately re-opening. Submitted by Gabriel Somlo. * src/racoon/isakmp_unity.c: Prevent duplicate entries in splitnet list. Submitted by Gabriel Somlo. 2007-09-13 Matthew Grooms <mgrooms@shrew.net> * configure.ac: Fix autoconf check for selinux support. Submitted by Joy Latten. 2007-09-12 Matthew Grooms <mgrooms@shrew.net> * src/racoon/: cfparse.y, cftoken.l, handler.c, isakmp_quick.c, pfkey.c, racoon.conf.5, sainfo.c, sainfo.h: Implement clientaddr sainfo remote id option and refine the sainfo man page syntax. 2007-09-05 Matthew Grooms <mgrooms@shrew.net> * src/racoon/sainfo.c: Sort sainfo sections on insert and improve matching logic. 2007-09-03 Matthew Grooms <mgrooms@shrew.net> * src/racoon/: cftoken.l, racoon.conf.5: Correct the syntax for wins4 in the man page and add nbns4 as an alias. Pointed out by Claas Langbehn. 2007-08-07 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp_xauth.c: src/racoon/isakmp_xauth.c: Don't mix up RADIUS authentication and authorization ports. Allow interoperability with freeradius 2007-07-24 Matthew Grooms <mgrooms@shrew.net> * NEWS: Update NEWS file with additional 0.7 improvements. 2007-07-18 Matthew Grooms <mgrooms@shrew.net> * src/racoon/racoon.conf.5: Various racoon configuration manpage updates. 2007-07-18 Yvan Vanhullebus <vanhu@netasq.com> * configure.ac, src/libipsec/ipsec_dump_policy.c, src/libipsec/ipsec_get_policylen.c, src/libipsec/ipsec_strerror.c, src/libipsec/key_debug.c, src/libipsec/libpfkey.h, src/libipsec/pfkey.c, src/libipsec/pfkey_dump.c, src/libipsec/policy_parse.y, src/libipsec/policy_token.l, src/libipsec/test-policy-priority.c, src/racoon/admin.c, src/racoon/backupsa.c, src/racoon/cfparse.y, src/racoon/cftoken.l, src/racoon/ipsec_doi.c, src/racoon/isakmp.c, src/racoon/isakmp_inf.c, src/racoon/isakmp_quick.c, src/racoon/pfkey.c, src/racoon/policy.c, src/racoon/proposal.c, src/racoon/remoteconf.c, src/racoon/sainfo.c, src/racoon/session.c, src/racoon/sockmisc.c, src/racoon/strnames.c, src/setkey/parse.y, src/setkey/setkey.c, src/setkey/token.l: use a single PATH_IPSEC_H to fix some path_to_ipsec.h issues 2007-07-16 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/grabmyaddr.c: fixed a socket leak * src/racoon/proposal.c: indentation 2007-06-07 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp_cfg.c: From Paul Winder <Paul.Winder@tadpole.com>: Fix ignored INTERNAL_DNS4_LIST 2007-06-06 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: eaytest.c, var.h: From Rong-En Fan: fix compilation with gcc 4.2 * src/racoon/session.c: From Jianli Liu: speed up interfaces update when they change. * src/racoon/handler.c: ignore obsolete lifebyte when validating reloaded configuration 2007-05-31 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/: main.c, policy.h, security.c: From Joy Latten <latten@austin.ibm.com> Fix file descriptor shortage when using labeled IPsec. 2007-05-30 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/kmpstat.c: From Jianli Liu <jlliu@nortel.com>: In racoonctl, use the specified socket path instead of the default location 2007-05-16 Christos Zoulas <christos@netbsd.org> * src/racoon/cfparse.y: coverity CID 4168: yyerror() does not return, so we proceed to de-reference NULL. Make it return -1 instead like in other places. * src/racoon/cfparse.y: coverity CID 4170: yyerror() does not return, so we proceed to de-reference NULL. Make it return -1 instead like in other places. 2007-05-04 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/handler.c: search a ph1 by address if iph2->ph1 is NULL when validating the new config * src/racoon/handler.c: added some debug in getph1byaddr() to track some port matching problems with NAT-T * src/racoon/isakmp.c: added some debug in isakmp_chkph1there() to track some port matching problems with NAT-T * src/racoon/isakmp_inf.c: added some debug for DELETE_SA process * src/racoon/pfkey.c: Force the update of ph2 in pk_recvupdate() if NAT_T support, to solve some port match problems with the first IPSec SAs negociated as initiator 2007-04-04 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/ipsec_doi.c: checks proto_id in ipsecdoi_chkcmpids() * src/racoon/oakley.c: dumps peer's ID and peer's certificate subject /subjectaltname if they don't match 2007-03-26 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_inf.c: Store the DPD main scheduler in ph1 handler, to be able to cancel it when removing the handler, and some minor cleanups in DPD code 2007-03-24 Christos Zoulas <christos@netbsd.org> * src/racoon/isakmp_xauth.c: PR/36069: Huang Yushuo: racoon can't work with pam_group Set RUSER. 2007-03-23 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: ipsec_doi.c, security.c: From Joy Latten: fix a segfault when using security labels between 32bit and 64bit host. * src/racoon/handler.c: expire zombie handlers in getph2byid(), to avoid situations where we'll never negociate a phase2 again * src/racoon/: oakley.c, racoon.conf.5: From Cyrus Rahman: give more details about what is checked when using certificates to authenticate 2007-03-22 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: cfparse.y, ipsec_doi.c: fixed subnet check to generate IPV4_ADDRESS when needed in sockaddr2id() 2007-03-21 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: handler.c, isakmp.c, isakmp_inf.c, pfkey.c: NULL sched check is now done in SCHED_KILL * src/racoon/schedule.h: checks if arg is NULL in SCHED_KILL 2007-03-15 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/grabmyaddr.c: From Yves-Alexis Perez: enable monitoring of ipv6 address changes on Linux. * src/racoon/isakmp.c: Consider a negociation timeout when retry_counter is <=0 instead of < 0 2007-02-28 Matthew Grooms <mgrooms@shrew.net> * src/racoon/ipsec_doi.c: Add logic to allow ip address ids to be matched to ip subnet ids when appropriate. 2007-02-21 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/ipsec_doi.c: block variable declaration before code in ipsecdoi_id2str() 2007-02-20 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_inf.c: Removed a debug printf.... * src/racoon/isakmp.c: Only delete a generated SPD if it's creation date matches the creation date of the SA we are currently deleting * src/racoon/: handler.c, isakmp_var.h: updated delete_spd() calls * src/racoon/: isakmp_inf.c, pfkey.c: fills creation date of generated SPDs * src/racoon/policy.h: added 'created' var 2007-02-19 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp.c: Removed a debug printf.... 2007-02-16 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/ipsec_doi.c: From Olivier Warin: Fix a %zu in a printf. 2007-02-15 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/security.c: Missing SELinux file * configure.ac: Missing stuff for SELinux 2007-02-15 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_inf.c: From "Uncle Pedro" on sf.net: Just expire a ph1 handle when receiving a DELETE-SA instead of calling purge_remote(). * src/racoon/isakmp.c: Fixed the way phase1/2 messages are sent/resent, to avoid zombie handles and acces to freed memory 2007-02-02 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/cfparse.y: Fixed a check of NAT-T support in libipsec 2007-02-01 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp_inf.c: From "Uncle Pedro" on sf.net: When receiving an ISAKMP DELETE_SA, get the cookie of the SA to be deleted from payload instead of just deleting the ISAKMP SA used to protect the informational exchange. 2006-12-26 Arnaud Lacombe <alc@netbsd.org> * src/racoon/ipsec_doi.c: CID-4167: check for 'iph1->approval != NULL' 2006-12-23 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: Use even more macros. * src/racoon/racoon.conf.5: Use more macros. * src/racoon/racoon.conf.5: Serial comma, and bump date for previous. 2006-12-18 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/crypto_openssl.c: From Joy Latten: fix a memory leak 2006-12-10 tag ipsec-tools-0_7-base 2006-12-10 Emmanuel Dreyfus <manu@netbsd.org> * src/: libipsec/Makefile.am, libipsec/libpfkey.h, libipsec/pfkey.c, racoon/backupsa.c, racoon/cfparse.y, racoon/pfkey.c: Bring back API and ABI backward compatibility with previous libipsec before recent interface change. Bump libipsec minor version. Remove ifdefs in struct pfkey_send_sa_args to avoid ABI compatibility lossage. Add a capability flags to detect missing optional feature in libipsec * src/racoon/: Makefile.am, doc/README.plainrsa: From Joy Latten: README.plainrsa documenting plain RSA auth 2006-12-09 Emmanuel Dreyfus <manu@netbsd.org> * configure.ac, src/libipsec/libpfkey.h, src/libipsec/pfkey.c, src/racoon/Makefile.am, src/racoon/backupsa.c, src/racoon/backupsa.h, src/racoon/cftoken.l, src/racoon/ipsec_doi.c, src/racoon/ipsec_doi.h, src/racoon/isakmp_inf.c, src/racoon/isakmp_quick.c, src/racoon/pfkey.c, src/racoon/policy.c, src/racoon/policy.h, src/racoon/proposal.c, src/racoon/proposal.h, src/racoon/remoteconf.c: From Joy Latten: Add support for SELinux security contexts. Also cleanup the libipsec interface for adding and updating security associations. * src/racoon/racoon.conf.5: From Simon Chang: More hints about plain RSA authentication 2006-12-05 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: proposal.c, proposal.h, racoon.conf.5: Check keys length regarding proposal_check level 2006-11-16 Matthew Grooms <mgrooms@shrew.net> * src/racoon/sainfo.c: Correct issues associated with anonymous sainfo selection in racoon. 2006-11-09 Christos Zoulas <christos@netbsd.org> * src/racoon/crypto_openssl.c: eliminate the only variable stack array allocation. 2006-10-31 Christian Biere <cbiere@netbsd.org> * src/racoon/sockmisc.c: Don't define the deprecated IPV6_RECVDSTADDR if the "advanced IPv6 API" is used because IPV6_RECVPKTINFO and IPV6_PKTINFO are used to prevent potential bugs in the future just in case that the numeric value of the socket option is ever recycled. 2006-10-22 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/: backupsa.c, cfparse.y: From Michal Ruzicka: fix typos 2006-10-19 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/sainfo.c: From Matthew Grooms: use ipsecdoi_chkcmpids() and changed src/dst to loc/rmt in getsainfo(). * src/racoon/: ipsec_doi.c, ipsec_doi.h: From Matthew Grooms: Added ipsecdoi_chkcmpids() function. 2006-10-09 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/proposal.c: Fix memory leak (Coverity 3438 and 3437) * src/racoon/isakmp_unity.c: Correctly check read() return value: it's signed (Coverity 1251) 2006-10-06 Emmanuel Dreyfus <manu@netbsd.org> * configure.ac, src/libipsec/pfkey_dump.c, src/racoon/algorithm.c, src/racoon/algorithm.h, src/racoon/cftoken.l, src/racoon/crypto_openssl.c, src/racoon/crypto_openssl.h, src/racoon/eaytest.c, src/racoon/ipsec_doi.c, src/racoon/ipsec_doi.h, src/racoon/oakley.h, src/racoon/pfkey.c, src/racoon/racoon.conf.5, src/racoon/strnames.c, src/setkey/setkey.8, src/setkey/test-pfkey.c, src/setkey/token.l: Camelia cipher support as in RFC 4312, from Tomoyuki Okazaki <okazaki@kick.gr.jp> 2006-10-03 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/admin.c: fix endianness issue introduced yesterday 2006-10-03 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/racoon.conf.5: Added remoteid/ph1id syntax * src/racoon/: cfparse.y, cftoken.l: Parses remoteid/ph1id values * src/racoon/: handler.c, isakmp_quick.c, pfkey.c, sainfo.c: Uses remoteid/ph1id values * src/racoon/: remoteconf.h, sainfo.h: Added remoteid/ph1id values 2006-10-02 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp_base.c: avoid reusing free'd pointer (Coverity 2613) * src/racoon/isakmp_inf.c: Check for NULL pointer (COverity 4175) * src/racoon/isakmp_ident.c: Remove dead code (Coverity 3451) * src/racoon/algorithm.c: Fix array overrun (Coverity 4172) * src/racoon/admin.c: Fix memory leak (Coverity 2002) * src/racoon/: admin.c, isakmp.c, sockmisc.c: Fix memory leak (Coverity 2001), refactor the code to use port get/set functions * src/racoon/admin.c: Avoid reusing free'd pointer (Coverity 4200) * src/racoon/oakley.c: Don't use NULL pointer (Coverity 3443), reformat to 80 char/line 2006-10-02 Tom Spindler <dogcow@netbsd.org> * src/racoon/ipsec_doi.c: If you're going to initialize a pointer, you have to init it with a pointer type, not an int. 2006-10-02 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp.c: Don't use NULL pointer (coverity 3439) * src/racoon/ipsec_doi.c: Don't use NULL pointer (Coverity 1334) * src/racoon/pfkey.c: Don't use NULL pointer (Coverity 944) * src/racoon/proposal.c: Don't use NULL pointer (Coverity 941) * src/racoon/racoonctl.c: Don't use NULL pointer (Coverity 942) * src/racoon/sockmisc.c: Don't use null pointer (Coverity 863) 2006-10-01 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/ipsec_doi.c: FIx memory leak (Coverity 4181) * src/racoon/isakmp.c: Check that iph1->remote is not NULL before using it (Coverity 3436) 2006-09-30 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp_agg.c: emove dead code (Coverity 4165) * src/racoon/isakmp_cfg.c: Fix memory leak (Coverity 4179) * src/racoon/samples/roadwarrior/client/: phase1-down.sh, phase1-up.sh: update the scripts for wrorking around routing problems on NetBSD * src/racoon/session.c: Reuse existing code for closing IKE sockets, and avoid screwing things by setting p->sock = -1, which is not expected (Coverity 4173). * src/racoon/admin.c: Do not free id and key, as they are used later 2006-09-29 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/racoonctl.c: Fix the fix: handle_recv closes the socket, so we must call com_init before sending any data. 2006-09-28 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp_xauth.c: Fix unchecked mallocs (Coverity 4176, 4174) * src/racoon/racoonctl.c: Fix access after free (Coverity 4178) 2006-09-26 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/cfparse.y: Fix memory leak (Coverity) * src/racoon/backupsa.c: Fix memory leak (Coverity) * src/racoon/admin.c: Remove dead code (Coverity) * src/racoon/admin.c: Fix memory leak (Coverity) * src/racoon/admin.c: One more memory leak * src/racoon/admin.c: Fix memory leak in racoonctl (coverity) * src/racoon/ipsec_doi.c: Fix buffer overflow Also fix credits: SA bundle fix was contributed by Jeff Bailey, not Matthew Grooms. Matthew updated the patch for current code, though. * src/racoon/: pfkey.c, proposal.c: fix SA bundle (e.g.: for negotiating ESP+IPcomp) 2006-09-25 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/isakmp.c: From Yves-Alexis Perez: struct ip -> struct iphdr for Linux 2006-09-25 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp.c: style (mostly for testing ipsec-tools-commits@netbsd.org) * src/racoon/ipsec_doi.c: Fix double free, from Matthew Grooms 2006-09-21 Yvan Vanhullebus <vanhu@netasq.com> * src/libipsec/pfkey.c: use sysdep_sa_len to make it compile on Linux 2006-09-19 Thomas Klausner <wiz@netbsd.org> * src/racoon/racoon.conf.5: Bump date for ike_frag force. * src/racoon/: plainrsa-gen.8, racoon.conf.5: New sentence, new line. * src/racoon/: racoon.conf.5, plainrsa-gen.8: Remove trailing whitespace. 2006-09-19 Yvan Vanhullebus <vanhu@netasq.com> * src/racoon/proposal.c: From Yves-Alexis Perez: fixes default value for encmodesv in set_proposal_from_policy() * src/racoon/isakmp.c: always include some headers, as they are required even without NAT-T * src/: libipsec/pfkey_dump.c, setkey/token.l: From Larry Baird: define SADB_X_EALG_AESCBC as SADB_X_EALG_AES if needed * src/racoon/crypto_openssl.c: From Larry Baird: some printf() -> plog() 2006-09-18 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/: cfparse.y, cftoken.l, isakmp.c, isakmp_frag.h, isakmp_inf.c, racoon.conf.5, remoteconf.c: From Matthew Grooms: ike_frag force option to force the use of IKE on first packet exchange (prior to peer consent) 2006-09-18 Yvan Vanhullebus <vanhu@netasq.com> * rpm/suse/ipsec-tools.spec, src/racoon/prsa_tok.c: removed generated files from the CVS * src/racoon/prsa_par.c: removed generated files from the CVS * src/racoon/: cfparse.c, cftoken.c: removed generated files from the CVS 2006-09-18 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/isakmp.c: From Matthew Grooms: handle IKE frag used in the first packet. That should not normally happen, as the initiator does not know yet if the responder can handle IKE frag. However, in some setups, the first packet is too big to get through, and assuming the peer supports IKE frag is the only way to go. racoon should have a setting in the remote section to do taht (something like ike_frag force) 2006-09-16 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/ipsec_doi.c: Trivial bugfix in RFC2407 4.6.2 conformance, from Matthew Grooms 2006-09-15 Emmanuel Dreyfus <manu@netbsd.org> * src/racoon/ipsec_doi.c: Fix build on Linux For older changes see ChangeLog.old