Automatic conversion of the NetBSD pkgsrc CVS module, use with care
b32f3f64c0
Wed Apr 11 18:52:26 JST 2001 sakane@ydc.co.jp * racoon: Supported to get a certificate from DNS CERT RR. Also getcertsbyname() is implemented In order to get CERT RRs. This function can use lwres.a if HAVE_LWRES is defined when racoon is compiled. XXX need more local test and interoperability test. XXX should be arranged too many certificate stuff in racoon.conf. 2001-04-10 Jason R. Thorpe <thorpej@zembu.com> * racoon/pfkey.c: pk_recvacquire(): Make sure the phase1 and phase2 handlers are unbound before the phase 2 handler is deleted. * racoon/isakmp.c: ph1_main(), quick_main(): Add the message to the received-list before processing to ensure the packet isn't processed twice in case of an error. isakmp_post_acquire(): Don't unbind the phase1/phase2 handlers; let the caller do it. isakmp_newcookie(): Plug memory leaks. From George Yang <gyang@zembu.com>. * racoon/ipsec_doi.c: get_ph2approvalx(): When we find a matching saprop, make sure to flushsaprop(pr0), as the returned saprop is a copy. Fixes a memory leak. From George Yang <gyang@zembu.com>. * racoon/isakmp_quick.c: quick_r2send(): Make sure to vfree(data) if we fail to allocate a new body. Fixes a memory leak. From George Yang <gyang@zembu.com>. Fri Apr 6 23:25:19 JST 2001 sakane@ydc.co.jp * racoon: implemented to generate the policy in the responder side automatically. If the responder does not have any policy in SPD during phase 2 negotiation, and the directive is set on, then racoon will choice the first proposal in the SA payload from the initiator, and generate policy entries from the proposal. This function is for the responder, and ignored in the initiator case. XXX should be checked tunnel mode case. 2001-04-04 Jason R. Thorpe <thorpej@zembu.com> * racoon: Add support for the Dmalloc debugging malloc library. This library gives very nice memory usage statistics and leak information. Wed Apr 4 22:47:27 JST 2001 sakane@ydc.co.jp * racoon: support scopeid. base code was from <Francis.Dupont@enst-bretagne.fr>. it should be considered more. 2001-04-03 Jason R. Thorpe <thorpej@zembu.com> * racoon: Better integration of debugging malloc libraries. Use wrapper macros (racoon_{malloc,calloc,free,realloc}()) so that debugging malloc implementations can get file/line info, and also put traditional malloc/calloc/free/realloc stubs in the main program so that libraries linked with racoon get the debugging allocators, as well. 2001-03-26 Jason R. Thorpe <thorpej@zembu.com> * racoon/isakmp_ident.c: ident_ir2sendmx(): plug memory leak -- gsstoken wasn't being freed at function exit. 2001-03-26 Jason R. Thorpe <thorpej@zembu.com> * racoon: Changes to Vendor ID payload handling. Determine which VID we will send on a per-proposal basis; we may need to send a different one for each proposal depending on the proposal contents (e.g. GSSAPI auth method). We no longer set the Vendor ID in the localconf. When matching the Vendor ID in check_vendorid(), use a table of known Vendor IDs, and return the index, and maintain a list of extensions that vendors implement (e.g. GSSAPI auth method). XXX We have a slight hack to recognize the Windows 2000 Vendor ID. Need to clarify with the Microsoft IPsec guys. In Aggressive Mode, as responder, when sending first response, make sure to include a Vendor ID payload. In Main Mode, as responder, when sending first response, make sure to include a Vendor ID payload. XXX Still more Vendor ID processing fixes to go. And GSSAPI auth doesn't interoperate with Windows 2000 yet. Thu Mar 22 08:06:30 JST 2001 sakane@ydc.co.jp * racoon: fixed to parse modp1536 of DH group. reported by <shigeru@iij.ad.jp> Thu Mar 22 04:56:57 JST 2001 sakane@ydc.co.jp * racoon/policy.c: fixed to compare between policies when the responder decides to accept the proposal or not. the upper layer protocol is represented by 0 in ID payload. Thu Mar 22 01:45:32 JST 2001 sakane@ydc.co.jp * racoon: fixed potencial of a buffer overrun when adding a ID payload to the ISAKMP payload. It happened when policy is both to use IPSec transport mode and not to specify a transport protocol. reported by <cs@purdue.edu>. Thu Mar 15 20:39:03 JST 2001 sakane@ydc.co.jp * racoon: - fixed a phase 2 handler deletion. racoon will delete a phase2 handler immediately when hard lifetime expires. - check a unit of the timer in the configuration file. 2001-03-06 Jason R. Thorpe <thorpej@zembu.com> * kame/racoon/schedule.c: Implement sched_scrub_param(), which kills all scheduler work queue entries which a specified parameter. * kame/racoon/handler.c: Use sched_scrub_param() to make sure no references to a handler exist when it is freed. 2001-03-05 Jason R. Thorpe <thorpej@zembu.com> * kame/racoon/gssapi.c: Use GSS_C_MECH_CODE when reporting GSSAPI errors. 2001-03-05 Jason R. Thorpe <thorpej@zembu.com> * kame/racoon/handler.c: Implement deleteallph2(), which deletes all Phase 2 handlers for a given src/dst/proto. * kame/racoon/isakmp_inf.c: When processing INITIAL-CONTACT, try to use the SADB_DELETE `delete all' extension and deleteallph2() before doing it The Hard Way. For both The Easy Way and The Hard Way, make sure we only delete SAD entries for SATYPEs that we manage. * kame/racoon/pfkey.c: Use a table of SATYPEs that we manage, and use that table to initialize our PF_KEY state. Thu Feb 22 10:08:27 JST 2001 sakane@ydc.co.jp * racoon: fixed to check the outbound policy when the responder received the 1st packet in phase 2. the tunnel mode and the transport specified the pair of IP addresses of the end of the SA had failed. |
||
|---|---|---|
| archivers | ||
| audio | ||
| benchmarks | ||
| biology | ||
| cad | ||
| chat | ||
| comms | ||
| converters | ||
| cross | ||
| databases | ||
| devel | ||
| distfiles | ||
| editors | ||
| emulators | ||
| finance | ||
| fonts | ||
| games | ||
| graphics | ||
| ham | ||
| japanese | ||
| lang | ||
| licenses | ||
| math | ||
| mbone | ||
| meta-pkgs | ||
| misc | ||
| mk | ||
| net | ||
| news | ||
| packages | ||
| parallel | ||
| pkgtools | ||
| security | ||
| shells | ||
| sysutils | ||
| templates | ||
| textproc | ||
| time | ||
| wm | ||
| www | ||
| x11 | ||
| Makefile | ||
| Packages.txt | ||
| pkglocate | ||
| README | ||
$NetBSD: README,v 1.11 2000/07/23 18:02:33 fredb Exp $ Welcome to the NetBSD Packages Collection ========================================= In brief, the NetBSD Packages Collection is a set of software utilities and libraries which have been ported to NetBSD. The packages collection software can retrieve the software from its home site, assuming you are connected in some way to the Internet, verify its integrity, apply any patches, configure the software for NetBSD, and build it. Any prerequisite software will also be built and installed for you. Installation and de-installation of software is managed by the packaging utilities. The packages collection is made into a tar_file every week: ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-current/tar_files/pkgsrc.tar.gz and you can sup the pkgsrc tree using the `pkgsrc' name for the collection. The pkgsrc tree is laid out in various categories, and, within that, the various packages themselves. You need to have root privileges to install packages. We are looking at ways to remove this restriction. + To install a package on your system, you need to change into the directory of the package, and type "make install". + If you've made a mistake, and decided that you don't want that package on your system, then type "pkg_delete <pkg-name>", or "make deinstall" while in the directory for the package. + To find out all the packages that you have installed on your system, type "pkg_info". + To remove the work directory, type "make clean", and "make clean-depends" will clean up any working directories for other packages that are built in the process of making your package. + Optionally, you can periodically run "make clean" from the top level pkgsrc directory. This will delete extracted and built files, but will not affect the retreived source sets in pkgsrc/distfiles. + You can set variables to customise the behaviour (where packages are installed, various options for individual packages etc), by setting variables in /etc/mk.conf. The pkgsrc/mk/mk.conf.example file provides some examples for customisation. The best way to find out what packages are in the collection is to move to the top-level pkgsrc directory (this will usually be /usr/pkgsrc), and type "make readme". This will create a file called README.html in the top-level pkgsrc directory, and also in all category and package directories. You can then see what packages are available, along with a short (one-line) comment about the function of the package, and a pointer to a fuller description, by using a browser like lynx (see pkgsrc/www/lynx) or Mozilla (pkgsrc/www/mozilla), or Communicator. This is also available online as ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/README.html. Another way to find out what packages are in the collection is to move to the top-level pkgsrc directory and type "make index". This will create pkgsrc/INDEX which can be viewed via "make print-index | more". You can also search for particular packages or keywords via "make search key=<somekeyword>". It is also possible to use the packaging software to install pre-compiled binary packages by typing "pkg_add <URL-of-binary-pkg>". To see what binary packages are available, see: ftp://ftp.netbsd.org/pub/NetBSD/packages/<release>/<arch>/All/ where <release> is the NetBSD release, and <arch> is the hardware architecture. One limitation of using binary packages provided from ftp.netbsd.org is that all mk.conf options were set to the defaults at compile time. LOCALBASE, in particular, defaults to /usr/pkg, so non-X binaries will be installed in /usr/pkg/bin, man pages will be installed in /usr/pkg/man... When a packaged tool has major compile time choices, such as support for multiple graphic toolkit libraries, the different options may be available as separate packages. For more information on the packages collection see the file Packages.txt where you found this README, or in your top-level pkgsrc directory.