summaryrefslogtreecommitdiffstats
path: root/sbin/setkey
Commit message (Collapse)AuthorAgeFilesLines
* mdoc: drop even more redundant .Pp callsuqs2010-10-191-4/+0
| | | | | | No change in rendered output, less mandoc lint warnings. Tool provided by: Nobuyuki Koganemaru n-kogane at syd.odn.ne.jp
* o Fix typo.maxim2010-03-261-1/+1
| | | | | | PR: docs/145031 Submitted by: olgeni MFC after: 1 week
* Use the newly brought %U macro.ru2010-01-151-1/+1
|
* o Add missed dot.maxim2008-09-291-1/+1
|
* o Allow setkey(8) to recognize esp as a protocoal name for spdadd.maxim2008-01-121-0/+1
| | | | | | PR: bin/107392 Submitted by: Eugene Grosbein MFC after: 1 month
* Cleanup of userland __P usekevlo2007-11-074-50/+50
|
* Commit IPv6 support for FAST_IPSEC to the tree.gnn2007-07-016-15/+14
| | | | | | | | This commit includes all remaining changes for the time being including user space updates. Submitted by: bz Approved by: re
* Integrate the Camellia Block Cipher. For more information see RFC 4132gnn2007-05-092-0/+2
| | | | | | | and its bibliography. Submitted by: Tomoyuki Okazaki <okazaki at kick dot gr dot jp> MFC after: 1 month
* Markup fixes.ru2006-09-181-19/+27
|
* Obey MK_INET6_SUPPORT.yar2006-07-271-3/+8
| | | | This is also a good chance to apply style.Makefile(5) in some cases.
* Include other AES key lengths in the comment.pjd2006-05-131-1/+1
|
* Langauge fixes required to disambiguate some statements.gnn2006-01-081-84/+114
| | | | Explain the examples.
* fixed a crush when either -lh or -ls option is used.ume2005-10-131-3/+3
| | | | Obtained from: KAME
* setkey(8) is not WARNS=2 compliant, yet.ume2005-10-131-0/+2
|
* Fixed the misplaced $FreeBSD$.ru2005-02-091-1/+2
|
* Added the EXIT STATUS section where appropriate.ru2005-01-171-1/+1
|
* Fixed display type.ru2005-01-151-1/+1
|
* Reapply traditionally lost fixes, fixed some more.ru2004-06-051-38/+43
| | | | This manpage needs an English clenup.
* check if the null encryption is supported or not.ume2004-05-131-1/+11
| | | | | Requested by: bms Obtained from: KAME
* Fix regression in setkey whereby parser would fail to recognise tcp asbms2004-03-311-0/+1
| | | | | | | both a security protocol and an upper level protocol for encapsulation. PR: bin/63616 Submitted by: ume@
* Fixed mispellings of '\0' as NULL.bde2004-03-111-2/+2
|
* Initial import of RFC 2385 (TCP-MD5) digest support.bms2004-02-113-4/+22
| | | | | | | | | | | | | | This is the second of two commits; bring in the userland support to finish. Teach libipsec and setkey about the tcp-md5 class of security associations, thus allowing administrators to add per-host keys to the SADB for use by the tcpsignature_compute() function. Document that a single SPI must be used until such time as the code which adds support to the SPD to specify flows for tcp-md5 treatment is suitable for production. Sponsored by: sentex.net
* enable aes-xcbc-mac and aes-ctr, again.ume2003-11-101-3/+3
|
* - do hexdump on send. set length field properlyume2003-11-056-920/+1220
| | | | | | | | | | | | | | | | | - check for encryption/authentication key together with algorithm. - warned if a deprecated encryption algorithm (that includes "simple") is specified. - changed the syntax how to define a policy of a ICMPv6 type and/or a code, like spdadd ::/0 ::/0 icmp6 134,0 -P out none; - random cleanup in parser. - use yyfatal, or return -1 after yyerror. - deal with strdup() failure. - permit scope notation in policy string (-P esp/tunnel/foo%scope-bar%scope/use) - simplify /prefix and [port]. - g/c some unused symbols. Obtained from: KAME
* - styleume2003-10-171-25/+28
| | | | | | | | - rename variable - use strlcpy - const'fy Obtained from: KAME
* - support AES counter mode for ESP.ume2003-10-132-0/+6
| | | | | | | | - use size_t as return type of schedlen(), as there's no error check needed. - clear key schedule buffer before freeing. Obtained from: KAME
* - support AES XCBC MAC for AHume2003-10-132-0/+3
| | | | | | - correct SADB_X_AALG_RIPEMD160HMAC to 8 Obtained from: KAME
* - RIPEMD160 supportume2003-10-122-0/+3
| | | | | | - pass size arg to ah->result (avoid assuming result buffer size) Obtained from: KAME
* Use NI_xxx macros.sumikawa2003-04-161-1/+1
| | | | | Obtained from: KAME MFC after: 1 week
* Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,schweikh2003-01-012-4/+4
| | | | especially in troff files.
* english(4) police.schweikh2002-12-271-1/+1
|
* Fix spacing for -P (policy) examples.fenner2002-07-271-10/+3
|
* s/IPSEC/IPsec according to RFCsblackend2002-07-231-1/+1
| | | | | | PR: in part docs/38668 Reviewed by: charnier MFC after: 10 days
* The .Nm utilitycharnier2002-07-141-7/+10
|
* Don't install scriptdump which is written in Perl. This isume2002-05-161-1/+1
| | | | corresponding to removal of Perl from base system.
* mdoc(7) police: protect trailing full stops of abbreviationsru2001-08-101-1/+1
| | | | with a trailing zero-width space: `e.g.\&'.
* can not -> cannotsheldonh2001-08-081-1/+1
|
* mdoc(7) police:ru2001-08-071-14/+8
| | | | | | | Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text. Not only this slows down the mdoc(7) processing significantly, but it also has an undesired (in this case) effect of disabling hyphenation within the entire enclosed block.
* printed current sequence number of the SA. accordingly, changedume2001-08-061-2/+2
| | | | | | | | into sadb_x_sa2_sequence from sadb_x_sa2_reserved3 in the sadb_x_sa2 structure. Also the output of setkey is changed. sequence number of the sadb is replaced to the end of the output. Obtained from: KAME
* Perform a major cleanup of the usr.sbin Makefiles.obrien2001-07-201-8/+11
| | | | | These are not perfectly in agreement with each other style-wise, but they are orders of orders of magnitude more consistent style-wise than before.
* Remove whitespace at EOL.dd2001-07-151-1/+1
|
* mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2).ru2001-07-061-2/+2
|
* Sync with recent KAME.ume2001-06-115-94/+270
| | | | | | | | | | | | | | | | | | This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks
* Allow ``ip4'' as an ``upperspec'' value, and update the manbrian2001-05-172-0/+4
| | | | | | | | | | | | | | | | | | page with *all* the permissible values. This should really be spelt ipencap (as /etc/protocols does), but a precedent has already been set by the ipproto array in setkey.c. It would be nice if /etc/protocols was parsed for the upperspec field, but I don't do yacc/lex... This change allows policies that only encrypt the encapsulated packets passing between the endpoints of a gif tunnel. Setting such a policy means that you can still talk directly (and unencrypted) between the public IP numbers with (say) ssh. MFC after: 1 week
* mdoc(7) police: normalize .Nd.ru2001-04-181-1/+1
|
* beforeinstall -> SCRIPTS.ru2001-04-071-9/+3
|
* - Backout botched attempt to introduce MANSECT feature.ru2001-03-261-0/+1
| | | | - MAN[1-9] -> MAN.
* Set the default manual section for usr.sbin/ to 8.ru2001-03-201-1/+0
|
* mdoc(7) police: split punctuation characters + misc fixes.ru2001-02-011-8/+6
|
* Minor layout fixes.ben2001-01-011-0/+4
| | | | | PR: 24004 Submitted by: Jimmy Olgeni <olgeni@uli.it>
OpenPOWER on IntegriCloud