~ubuntu-branches/ubuntu/hardy/openswan/hardy-updates

Committer: Bazaar Package Importer
Author(s): Rene Mayrhofer
Date: 2005-01-27 16:10:11 UTC
mfrom: (1.1.1 upstream)
Revision ID: james.westby@ubuntu.com-20050127161011-idgybmyz3vwhpfiq

Tags: 2.3.0-2

http://bugs.debian.org/292458

http://bugs.debian.org/291143

Urgency HIGH due to security issue and problems with build-deps in sarge.
* Fix the security issue. Please see
  http://www.idefense.com/application/poi/display?id=190&
      type=vulnerabilities&flashstatus=false
  for more details. Thanks to Martin Schulze for informing me about
  this issue.
  Closes: #292458: Openswan XAUTH/PAM Buffer Overflow Vulnerability
* Added a Build-Dependency to lynx.
  Closes: #291143: openswan: FTBFS: Missing build dependency.

files added:
ROADMAP.txt

contrib/cisco

contrib/cisco/pcf2os.pl

contrib/cisco/sample.pcf

contrib/janus

contrib/janus/janus.pl

contrib/janus/janushelp.txt

contrib/pam.d/README

debian/po/ja.po

doc/ALG-TODO

doc/GOING-AWAY

doc/README.DPD

doc/doxygen.cfg

doc/draft-ietf-ipsec-udp-encaps-09.txt

doc/draft-myers-ipsec-ikev2-oscp-00.txt

doc/src/reference.IPSECKEY.xml

docs

docs/HACKING

docs/HACKING/CoreDump

docs/HACKING/Notifications

docs/HACKING/PlutoHelper

docs/HACKING/PlutoNotes

docs/HACKING/StateObjects

docs/HACKING/WikiHowto.txt

docs/RELEASE-NOTES.txt

docs/conf

docs/conf/sendcert-forced.txt

docs/utils

docs/utils/manxml2html

include

include/alg_info.h

include/constants.h

include/enum_names.h

include/ietf_constants.h

include/kernel_alg.h

include/oswalloc.h

include/oswlog.h

include/packet.h

include/pluto_constants.h

lib/libcrypto

lib/libcrypto/Makefile

lib/libcrypto/libaes

lib/libcrypto/libaes/Makefile

lib/libcrypto/libaes/test_main.c

lib/libcrypto/libaes/test_main_mac.c

lib/libcrypto/libdes

lib/libcrypto/libdes/Makefile

lib/libcrypto/libdes/asm

lib/libcrypto/libdes/asm/crypt586.pl

lib/libcrypto/libdes/asm/perlasm

lib/libcrypto/libdes/asm/perlasm/cbc.pl

lib/libcrypto/libdes/asm/perlasm/readme

lib/libcrypto/libdes/asm/perlasm/x86asm.pl

lib/libcrypto/libdes/asm/perlasm/x86ms.pl

lib/libcrypto/libdes/asm/perlasm/x86unix.pl

lib/libcrypto/libdes/des_crypt.man

lib/libcrypto/libdes/destest.c

lib/libcrypto/libdes/fcrypt.c

lib/libcrypto/libdes/fcrypt_b.c

lib/libcrypto/libdes/options.txt

lib/libcrypto/libdes/speed.c

lib/liblwres/include/lwres/version.h

lib/liblwres/print.c

lib/liblwres/print_p.h

lib/libopenswan/alg_info.c

lib/libopenswan/alloc.c

lib/libopenswan/anyaddr.3

lib/libopenswan/anyaddr.3.xml

lib/libopenswan/atoaddr.3

lib/libopenswan/atoaddr.3.xml

lib/libopenswan/atoaddr.c

lib/libopenswan/atoasr.3

lib/libopenswan/atoasr.3.xml

lib/libopenswan/atoasr.c

lib/libopenswan/atosubnet.c

lib/libopenswan/atoul.3

lib/libopenswan/atoul.3.xml

lib/libopenswan/atoul.c

lib/libopenswan/constants.c

lib/libopenswan/copyright.c

lib/libopenswan/diag.c

lib/libopenswan/goodmask.3

lib/libopenswan/goodmask.3.xml

lib/libopenswan/initaddr.3

lib/libopenswan/initaddr.3.xml

lib/libopenswan/initsaid.c

lib/libopenswan/initsubnet.3

lib/libopenswan/initsubnet.3.xml

lib/libopenswan/initsubnet.c

lib/libopenswan/internal.h

lib/libopenswan/kernel_alg.c

lib/libopenswan/keyblobtoid.3

lib/libopenswan/keyblobtoid.3.xml

lib/libopenswan/keyblobtoid.c

lib/libopenswan/optionsfrom.3

lib/libopenswan/optionsfrom.3.xml

lib/libopenswan/optionsfrom.c

lib/libopenswan/oswlog.c

lib/libopenswan/packet.c

lib/libopenswan/portof.3

lib/libopenswan/portof.3.xml

lib/libopenswan/portof.c

lib/libopenswan/prng.3

lib/libopenswan/prng.3.xml

lib/libopenswan/rangetosubnet.3

lib/libopenswan/rangetosubnet.3.xml

lib/libopenswan/rangetosubnet.c

lib/libopenswan/sameaddr.3

lib/libopenswan/sameaddr.3.xml

lib/libopenswan/sameaddr.c

lib/libopenswan/satoa.c

lib/libopenswan/subnetof.3

lib/libopenswan/subnetof.3.xml

lib/libopenswan/subnettot.c

lib/libopenswan/subnettypeof.c

lib/libopenswan/ttoaddr.3

lib/libopenswan/ttoaddr.3.xml

lib/libopenswan/ttoaddr.c

lib/libopenswan/ttodata.3

lib/libopenswan/ttodata.3.xml

lib/libopenswan/ttodata.c

lib/libopenswan/ttoprotoport.c

lib/libopenswan/ttosa.3

lib/libopenswan/ttosa.3.xml

lib/libopenswan/ttosa.c

lib/libopenswan/ttosubnet.c

lib/libopenswan/ttoul.3

lib/libopenswan/ttoul.3.xml

lib/libopenswan/ttoul.c

lib/libopenswan/version.3

lib/libopenswan/version.3.xml

lib/libopenswan/version.in.c

linux/crypto/ciphers/aes

linux/crypto/ciphers/aes/test_main.c

linux/crypto/ciphers/aes/test_main_mac.c

linux/include/crypto/aes.h

linux/include/crypto/aes_cbc.h

linux/include/crypto/aes_xcbc_mac.h

linux/include/crypto/cbc_generic.h

linux/include/des

linux/include/des/des_locl.h

linux/include/des/des_ver.h

linux/include/des/podd.h

linux/include/des/sk.h

linux/include/des/spr.h

linux/include/openswan

linux/include/openswan/ipcomp.h

linux/include/openswan/ipsec_ah.h

linux/include/openswan/ipsec_alg.h

linux/include/openswan/ipsec_auth.h

linux/include/openswan/ipsec_encap.h

linux/include/openswan/ipsec_eroute.h

linux/include/openswan/ipsec_errs.h

linux/include/openswan/ipsec_esp.h

linux/include/openswan/ipsec_ipcomp.h

linux/include/openswan/ipsec_ipe4.h

linux/include/openswan/ipsec_ipip.h

linux/include/openswan/ipsec_kern24.h

linux/include/openswan/ipsec_kversion.h

linux/include/openswan/ipsec_life.h

linux/include/openswan/ipsec_md5h.h

linux/include/openswan/ipsec_param.h

linux/include/openswan/ipsec_policy.h

linux/include/openswan/ipsec_proto.h

linux/include/openswan/ipsec_radij.h

linux/include/openswan/ipsec_rcv.h

linux/include/openswan/ipsec_sa.h

linux/include/openswan/ipsec_sha1.h

linux/include/openswan/ipsec_stats.h

linux/include/openswan/ipsec_tunnel.h

linux/include/openswan/ipsec_xform.h

linux/include/openswan/ipsec_xmit.h

linux/include/openswan/passert.h

linux/include/openswan/pfkey_debug.h

linux/include/openswan/radij.h

linux/include/zlib/zconf.h

linux/net/Kconfig.fs2_6.patch

linux/net/Makefile.fs2_6.patch

linux/net/ipsec/Kconfig

linux/net/ipsec/Makefile.fs2_2

linux/net/ipsec/Makefile.fs2_4

linux/net/ipsec/Makefile.fs2_6

linux/net/ipsec/README-zlib

linux/net/ipsec/README-zlib.freeswan

linux/net/ipsec/addrtoa.c

linux/net/ipsec/addrtot.c

linux/net/ipsec/addrtypeof.c

linux/net/ipsec/adler32.c

linux/net/ipsec/aes

linux/net/ipsec/aes/Makefile.fs2_6

linux/net/ipsec/aes/aes-i586.S

linux/net/ipsec/aes/aes.c

linux/net/ipsec/aes/aes_cbc.c

linux/net/ipsec/aes/aes_xcbc_mac.c

linux/net/ipsec/aes/ipsec_alg_aes.c

linux/net/ipsec/alg

linux/net/ipsec/alg/Config.alg_aes.in

linux/net/ipsec/alg/Config.alg_cryptoapi.in

linux/net/ipsec/alg/Config.in

linux/net/ipsec/alg/Makefile

linux/net/ipsec/alg/Makefile.alg_aes

linux/net/ipsec/alg/Makefile.alg_cryptoapi

linux/net/ipsec/alg/ipsec_alg_aes.c

linux/net/ipsec/alg/ipsec_alg_cryptoapi.c

linux/net/ipsec/alg/scripts

linux/net/ipsec/alg/scripts/mk-static_init.c.sh

linux/net/ipsec/anyaddr.c

linux/net/ipsec/datatot.c

linux/net/ipsec/deflate.c

linux/net/ipsec/deflate.h

linux/net/ipsec/des

linux/net/ipsec/des/COPYRIGHT

linux/net/ipsec/des/INSTALL

linux/net/ipsec/des/Makefile.fs2_6

linux/net/ipsec/des/README

linux/net/ipsec/des/README.freeswan

linux/net/ipsec/des/VERSION

linux/net/ipsec/des/asm

linux/net/ipsec/des/asm/des-586.pl

linux/net/ipsec/des/asm/des686.pl

linux/net/ipsec/des/asm/desboth.pl

linux/net/ipsec/des/asm/readme

linux/net/ipsec/des/cbc_enc.c

linux/net/ipsec/des/des.doc

linux/net/ipsec/des/des_enc.c

linux/net/ipsec/des/des_opts.c

linux/net/ipsec/des/dx86unix.S

linux/net/ipsec/des/ecb_enc.c

linux/net/ipsec/des/set_key.c

linux/net/ipsec/goodmask.c

linux/net/ipsec/infblock.c

linux/net/ipsec/infblock.h

linux/net/ipsec/infcodes.c

linux/net/ipsec/infcodes.h

linux/net/ipsec/inffast.c

linux/net/ipsec/inffast.h

linux/net/ipsec/inffixed.h

linux/net/ipsec/inflate.c

linux/net/ipsec/inftrees.c

linux/net/ipsec/inftrees.h

linux/net/ipsec/infutil.c

linux/net/ipsec/infutil.h

linux/net/ipsec/initaddr.c

linux/net/ipsec/ipsec_alg.c

linux/net/ipsec/ipsec_alg_cryptoapi.c

linux/net/ipsec/match586.S

linux/net/ipsec/match686.S

linux/net/ipsec/pfkey_v2_build.c

linux/net/ipsec/pfkey_v2_debug.c

linux/net/ipsec/pfkey_v2_ext_bits.c

linux/net/ipsec/pfkey_v2_parse.c

linux/net/ipsec/prng.c

linux/net/ipsec/rangetoa.c

linux/net/ipsec/satot.c

linux/net/ipsec/subnetof.c

linux/net/ipsec/subnettoa.c

linux/net/ipsec/trees.c

linux/net/ipsec/trees.h

linux/net/ipsec/ultoa.c

linux/net/ipsec/ultot.c

linux/net/ipsec/version.in.c

linux/net/ipsec/zutil.c

linux/net/ipv4/af_inet.c.fs2_6.patch

packaging/ipkg/control-openswan-module.dist

packaging/ipkg/control-openswan.dist

packaging/linus/config-all.hmodules

packaging/makefiles/module.defs

packaging/makefiles/module26.make

packaging/makefiles/module26.sh

packaging/redhat/openswan.spec

packaging/suse

packaging/suse/openswan.26spec

programs/_confread/_confread.8.xml

programs/_confread/ipsec.conf.5.xml

programs/_copyright/_copyright.8.xml

programs/_include/_include.8.xml

programs/_keycensor/_keycensor.8.xml

programs/_plutoload/_plutoload.8.xml

programs/_plutorun/_plutorun.8.xml

programs/_realsetup/_realsetup.8.xml

programs/_secretcensor/_secretcensor.8.xml

programs/_startklips/_startklips.8.xml

programs/_updown/_updown.8.xml

programs/_updown_x509/_updown_x509.8.xml

programs/algoinfo

programs/algoinfo/Makefile

programs/algoinfo/algoinfo.c

programs/auto/auto.8.xml

programs/barf/barf.8.xml

programs/calcgoo/calcgoo.8.xml

programs/eroute/eroute.5.xml

programs/eroute/eroute.8.xml

programs/fswcert

programs/fswcert/CHANGES

programs/fswcert/Makefile

programs/fswcert/README

programs/fswcert/fswcert.c

programs/fswcert/fswcert.pod

programs/ikeping/ikeping.8.xml

programs/ipsec/ipsec.8.xml

programs/klipsdebug/klipsdebug.5.xml

programs/klipsdebug/klipsdebug.8.xml

programs/livetest

programs/livetest/Makefile

programs/livetest/livetest.8

programs/livetest/livetest.8.xml

programs/livetest/livetest.in

programs/look/look.8.xml

programs/lwdnsq/lwdnsq.8.xml

programs/mailkey/mailkey.8.xml

programs/manual/manual.8.xml

programs/newhostkey/newhostkey.8.xml

programs/pf_key/pf_key.5.xml

programs/pf_key/pf_key.8.xml

programs/pluto/HACKERSGUIDE

programs/pluto/Makefile.depend

programs/pluto/alg

programs/pluto/alg/Config.ike_alg

programs/pluto/alg/Makefile

programs/pluto/alg/Makefile.ike_alg_aes

programs/pluto/alg/ike_alg_aes.c

programs/pluto/crypt_ke.c

programs/pluto/db_ops.c

programs/pluto/db_ops.h

programs/pluto/dpd.c

programs/pluto/dpd.h

programs/pluto/ike_alg.c

programs/pluto/ike_alg.h

programs/pluto/ike_alg_aes.c

programs/pluto/ike_alginit.c

programs/pluto/ipsec.secrets.5.xml

programs/pluto/ocsp.c

programs/pluto/ocsp.h

programs/pluto/pluto.8.xml

programs/pluto/pluto_constants.c

programs/pluto/pluto_crypt.c

programs/pluto/pluto_crypt.h

programs/pluto/pluto_endian.h

programs/pluto/plutoalg.c

programs/pluto/plutoalg.h

programs/pluto/spdb_struct.c

programs/pluto/whackinit.c

programs/pluto/whacklib.c

programs/pluto/x509keys.c

programs/proc/trap_count.5.xml

programs/proc/trap_sendcount.5.xml

programs/proc/version.5.xml

programs/ranbits/ranbits.8.xml

programs/rsasigkey/rsasigkey.8.xml

programs/secrets/secrets.8.xml

programs/send-pr/send-pr.8.xml

programs/setup/setup.8.xml

programs/showdefaults/showdefaults.8.xml

programs/showhostkey/showhostkey.8.xml

programs/showpolicy/showpolicy.8.xml

programs/simpleca

programs/simpleca/Makefile

programs/spi/spi.5.xml

programs/spi/spi.8.xml

programs/spigrp/spigrp.5.xml

programs/spigrp/spigrp.8.xml

programs/starter

programs/starter/Makefile

programs/starter/README

programs/starter/STATUS

programs/starter/alloc.c

programs/starter/cmp.c

programs/starter/cmp.h

programs/starter/confread.c

programs/starter/confread.h

programs/starter/confwrite.c

programs/starter/confwrite.h

programs/starter/exec.c

programs/starter/exec.h

programs/starter/files.h

programs/starter/interfaces.c

programs/starter/interfaces.h

programs/starter/invokepluto.c

programs/starter/keywords.c

programs/starter/keywords.h

programs/starter/klips.c

programs/starter/klips.h

programs/starter/netkey.c

programs/starter/netkey.h

programs/starter/parser.h

programs/starter/parser.l

programs/starter/parser.y

programs/starter/parserlast.h

programs/starter/pluto.h

programs/starter/starter.8

programs/starter/starter.8.xml

programs/starter/starter.c

programs/starter/starterlog.c

programs/starter/starterlog.h

programs/starter/starterwhack.c

programs/starter/starterwhack.h

programs/tncfg/tncfg.5.xml

programs/tncfg/tncfg.8.xml

programs/verify/verify.8.xml

snapshotsigs.pgp

testing/CA/cacert-expired.pem

testing/CA/cacert-old.pem

testing/CA/crls

testing/CA/crls/nic-crl-expired-ca.crl

testing/CA/crls/nic-expired.crl

testing/CA/crls/nic.crl

testing/CA/dist_certs

testing/CA/east.uml.freeswan.org/east.uml.freeswan.org.req

testing/CA/issue_crl

testing/CA/newcerts/04.pem

testing/CA/newcerts/05.pem

testing/CA/newcerts/06.pem

testing/CA/newcerts/07.pem

testing/CA/newcerts/08.pem

testing/CA/north.uml.freeswan.org/north.uml.freeswan.org.req

testing/CA/resign_ca

testing/CA/resign_cert

testing/CA/west.uml.freeswan.org/west.uml.freeswan.org.req

testing/baseconfigs/all/etc/ipsec.d/cacerts

testing/baseconfigs/all/etc/ipsec.d/cacerts/caCert.pem

testing/baseconfigs/all/etc/ipsec.d/crls

testing/baseconfigs/all/etc/ipsec.d/crls/nic.crl

testing/baseconfigs/east/etc/ipsec.d/crls

testing/baseconfigs/east/etc/ipsec.d/crls/crashcrl-1.pem

testing/baseconfigs/east/etc/ipsec.d/crls/crashcrl-2.pem

testing/baseconfigs/east/etc/ipsec.d/crls/crashcrl-3.pem

testing/baseconfigs/nic/etc/CA/index.txt

testing/baseconfigs/nic/etc/CA/newcerts

testing/baseconfigs/nic/etc/CA/newcerts/05.pem

testing/baseconfigs/nic/etc/CA/newcerts/06.pem

testing/baseconfigs/nic/etc/CA/newcerts/07.pem

testing/baseconfigs/nic/etc/CA/newcerts/08.pem

testing/baseconfigs/nic/etc/CA/private

testing/baseconfigs/nic/etc/CA/private/cakey.pem

testing/baseconfigs/nic/etc/CA/serial

testing/baseconfigs/nic/etc/openssl

testing/baseconfigs/nic/etc/openssl/openssl.cnf.in

testing/baseconfigs/north/etc/ipsec.d/certs

testing/baseconfigs/north/etc/ipsec.d/certs/north.uml.freeswan.org.cert

testing/baseconfigs/north/etc/ipsec.d/certs/northbad.uml.freeswan.org.cert

testing/baseconfigs/north/etc/ipsec.d/private

testing/baseconfigs/north/etc/ipsec.d/private/north.pem

testing/baseconfigs/north/etc/ipsec.d/private/north.req

testing/baseconfigs/north/etc/ipsec.d/private/northbad.req

testing/baseconfigs/west/etc/ipsec.d/crls

testing/baseconfigs/west/etc/ipsec.d/crls/crashcrl-1.pem

testing/baseconfigs/west/etc/ipsec.d/crls/crashcrl-2.pem

testing/baseconfigs/west/etc/ipsec.d/crls/crashcrl-3.pem

testing/kernelconfigs/extras.2.6.6-1.patch

testing/kernelconfigs/extras.2.6.7-1.patch

testing/kernelconfigs/extras.2.6.7-2.patch

testing/kernelconfigs/extras.2.6.8.1-1.patch

testing/kernelconfigs/umlplain26.config

testing/kernelconfigs/umlswan26.config

testing/klips/east-espiv-01/description.txt

testing/klips/east-espiv-02

testing/klips/east-espiv-02/description.txt

testing/klips/east-espiv-02/examineIV.pl

testing/klips/east-espiv-02/spi1-console.txt

testing/klips/east-espiv-02/spi1-output.txt

testing/klips/east-espiv-02/spi1.sh

testing/klips/east-espiv-02/testparams.sh

testing/klips/east-icmp-01/spi1-console26.txt

testing/klips/east-icmp-05

testing/klips/east-icmp-05/description.txt

testing/klips/east-icmp-05/spi1-console.txt

testing/klips/east-icmp-05/spi1-output.txt

testing/klips/east-icmp-05/spi1.sh

testing/klips/east-icmp-05/testparams.sh

testing/klips/east-spi-01

testing/klips/east-spi-01/description.txt

testing/klips/east-spi-01/spi1-console.txt

testing/klips/east-spi-01/spi1-output.txt

testing/klips/east-spi-01/spi1.sh

testing/klips/east-spi-01/testparams.sh

testing/klips/fixups/ipsec-ver-remove.sed

testing/klips/fixups/ipsec-ver-sanitize.sed

testing/klips/fixups/no-arp-pcap2.pl

testing/klips/inputs/08-sunrise-sunset-aes.pcap

testing/klips/inputs/08-sunrise-sunset-esp-noauth.pcap

testing/klips/west-icmp-01/spi1-console26.txt

testing/klips/west-icmp-05

testing/klips/west-icmp-05/description.txt

testing/klips/west-icmp-05/spi1-cleartext.txt

testing/klips/west-icmp-05/spi1-console.txt

testing/klips/west-icmp-05/spi1-in.sh

testing/klips/west-icmp-05/testparams.sh

testing/klips/west-spi-01

testing/klips/west-spi-01/description.txt

testing/klips/west-spi-01/spi1-console.txt

testing/klips/west-spi-01/spi1-output.txt

testing/klips/west-spi-01/spi1.sh

testing/klips/west-spi-01/testparams.sh

testing/lib/libopenswan

testing/lib/libopenswan/Makefile

testing/lib/libopenswan/TESTLIST

testing/lib/libpluto

testing/lib/libpluto/FLAGS.spdbfirst

testing/lib/libpluto/FLAGS.spdbmerge

testing/lib/libpluto/FLAGS.spdbtest

testing/lib/libpluto/Makefile

testing/lib/libpluto/OUTPUT.spdbfirst.txt

testing/lib/libpluto/OUTPUT.spdbmerge.txt

testing/lib/libpluto/OUTPUT.spdbtest.txt

testing/lib/libpluto/TESTLIST

testing/lib/libpluto/spdbfirst.c

testing/lib/libpluto/spdbmerge.c

testing/lib/libpluto/spdbtest.c

testing/packaging/ipkg-install-01

testing/packaging/ipkg-install-01/ipkg-content-list.txt

testing/packaging/ipkg-install-01/openswan-module.txt

testing/packaging/ipkg-install-01/openswan-utils.txt

testing/packaging/ipkg-install-01/testparams.sh

testing/packaging/modtest-link-01

testing/packaging/modtest-link-01/defconfig

testing/packaging/modtest-link-01/description.txt

testing/packaging/modtest-link-01/examineunknowns.sh

testing/packaging/modtest-link-01/testparams.sh

testing/packaging/modtest-link-01/unknowns.txt

testing/pluto/aggr-pluto-01

testing/pluto/aggr-pluto-01/debugpublic.txt

testing/pluto/aggr-pluto-01/description.txt

testing/pluto/aggr-pluto-01/east-console.txt

testing/pluto/aggr-pluto-01/east-console26.txt

testing/pluto/aggr-pluto-01/east.conf

testing/pluto/aggr-pluto-01/eastinit.sh

testing/pluto/aggr-pluto-01/eroutewait.sh

testing/pluto/aggr-pluto-01/final.sh

testing/pluto/aggr-pluto-01/spi1-cleartext.txt

testing/pluto/aggr-pluto-01/testparams.sh

testing/pluto/aggr-pluto-01/west-console.txt

testing/pluto/aggr-pluto-01/west-console26.txt

testing/pluto/aggr-pluto-01/west.conf

testing/pluto/aggr-pluto-01/westinit.sh

testing/pluto/aggr-pluto-01/westrun.sh

testing/pluto/aggr-pluto-02

testing/pluto/aggr-pluto-02/debugpublic.txt

testing/pluto/aggr-pluto-02/description.txt

testing/pluto/aggr-pluto-02/east-console.txt

testing/pluto/aggr-pluto-02/east-console26.txt

testing/pluto/aggr-pluto-02/east.conf

testing/pluto/aggr-pluto-02/east.secrets

testing/pluto/aggr-pluto-02/eastinit.sh

testing/pluto/aggr-pluto-02/final.sh

testing/pluto/aggr-pluto-02/testparams.sh

testing/pluto/aggr-pluto-02/west-console.txt

testing/pluto/aggr-pluto-02/west-console26.txt

testing/pluto/aggr-pluto-02/west.conf

testing/pluto/aggr-pluto-02/west.secrets

testing/pluto/aggr-pluto-02/westinit.sh

testing/pluto/aggr-pluto-02/westrun.sh

testing/pluto/aggr-unit-01

testing/pluto/aggr-unit-01/description.txt

testing/pluto/aggr-unit-01/dowhack.sh

testing/pluto/aggr-unit-01/east-console.txt

testing/pluto/aggr-unit-01/pluto_unit_tests.sh

testing/pluto/aggr-unit-01/testparams.sh

testing/pluto/aggr-unit-02

testing/pluto/aggr-unit-02/description.txt

testing/pluto/aggr-unit-02/dowhack.sh

testing/pluto/aggr-unit-02/east-console.txt

testing/pluto/aggr-unit-02/pluto_unit_tests.sh

testing/pluto/aggr-unit-02/testparams.sh

testing/pluto/basic-pluto-01/east-console26.txt

testing/pluto/basic-pluto-01/west-console26.txt

testing/pluto/basic-pluto-03/east-cleartext.txt

testing/pluto/basic-pluto-03/east-console.txt

testing/pluto/basic-pluto-03/east.conf

testing/pluto/basic-pluto-03/eastinit.sh

testing/pluto/basic-pluto-03/final.sh

testing/pluto/basic-pluto-03/nicinit.sh

testing/pluto/basic-pluto-03/north-console.txt

testing/pluto/basic-pluto-03/north.conf

testing/pluto/basic-pluto-03/northinit.sh

testing/pluto/basic-pluto-03/northrun.sh

testing/pluto/basic-pluto-03/testparams.sh

testing/pluto/basic-pluto-04

testing/pluto/basic-pluto-04/description.txt

testing/pluto/basic-pluto-04/east-console.txt

testing/pluto/basic-pluto-04/east.conf

testing/pluto/basic-pluto-04/eastinit.sh

testing/pluto/basic-pluto-04/eroutewait.sh

testing/pluto/basic-pluto-04/final.sh

testing/pluto/basic-pluto-04/spi1-cleartext.txt

testing/pluto/basic-pluto-04/testparams.sh

testing/pluto/basic-pluto-04/west-console.txt

testing/pluto/basic-pluto-04/west.conf

testing/pluto/basic-pluto-04/westinit.sh

testing/pluto/basic-pluto-04/westrun.sh

testing/pluto/basic-pluto-05

testing/pluto/basic-pluto-05/description.txt

testing/pluto/basic-pluto-05/east-cleartext.txt

testing/pluto/basic-pluto-05/east-console.txt

testing/pluto/basic-pluto-05/east.conf

testing/pluto/basic-pluto-05/eastinit.sh

testing/pluto/basic-pluto-05/final.sh

testing/pluto/basic-pluto-05/nicinit.sh

testing/pluto/basic-pluto-05/north-console.txt

testing/pluto/basic-pluto-05/north.conf

testing/pluto/basic-pluto-05/northinit.sh

testing/pluto/basic-pluto-05/northrun.sh

testing/pluto/basic-pluto-05/testparams.sh

testing/pluto/bin/westlocal.sh

testing/pluto/dh1-pluto-01

testing/pluto/dh1-pluto-01/description.txt

testing/pluto/dh1-pluto-01/east-console.txt

testing/pluto/dh1-pluto-01/east.conf

testing/pluto/dh1-pluto-01/eastinit.sh

testing/pluto/dh1-pluto-01/final.sh

testing/pluto/dh1-pluto-01/spi1-cleartext.txt

testing/pluto/dh1-pluto-01/testparams.sh

testing/pluto/dh1-pluto-01/west-console.txt

testing/pluto/dh1-pluto-01/west.conf

testing/pluto/dh1-pluto-01/westinit.sh

testing/pluto/dh1-pluto-01/westrun.sh

testing/pluto/dpd-01

testing/pluto/dpd-01/debugpublic.txt

testing/pluto/dpd-01/description.txt

testing/pluto/dpd-01/east-console.txt

testing/pluto/dpd-01/east.conf

testing/pluto/dpd-01/eastinit.sh

testing/pluto/dpd-01/final.sh

testing/pluto/dpd-01/testparams.sh

testing/pluto/dpd-01/west-console.txt

testing/pluto/dpd-01/west.conf

testing/pluto/dpd-01/westinit.sh

testing/pluto/dpd-01/westrun.sh

testing/pluto/dpd-02

testing/pluto/dpd-02/debugpublic.txt

testing/pluto/dpd-02/description.txt

testing/pluto/dpd-02/east-console.txt

testing/pluto/dpd-02/east.conf

testing/pluto/dpd-02/eastinit.sh

testing/pluto/dpd-02/final.sh

testing/pluto/dpd-02/testparams.sh

testing/pluto/dpd-02/west-console.txt

testing/pluto/dpd-02/west.conf

testing/pluto/dpd-02/westinit.sh

testing/pluto/dpd-02/westrun.sh

testing/pluto/dpd-03

testing/pluto/dpd-03/debugpublic.txt

testing/pluto/dpd-03/description.txt

testing/pluto/dpd-03/east-console.txt

testing/pluto/dpd-03/east.conf

testing/pluto/dpd-03/eastinit.sh

testing/pluto/dpd-03/eastrun2.sh

testing/pluto/dpd-03/final.sh

testing/pluto/dpd-03/testparams.sh

testing/pluto/dpd-03/west-console.txt

testing/pluto/dpd-03/west.conf

testing/pluto/dpd-03/westinit.sh

testing/pluto/dpd-03/westrun.sh

testing/pluto/dpd-03/westrun2.sh

testing/pluto/dpd-04

testing/pluto/dpd-04/debugpublic.txt

testing/pluto/dpd-04/description.txt

testing/pluto/dpd-04/east-console.txt

testing/pluto/dpd-04/east.conf

testing/pluto/dpd-04/eastinit.sh

testing/pluto/dpd-04/eastrun2.sh

testing/pluto/dpd-04/final.sh

testing/pluto/dpd-04/testparams.sh

testing/pluto/dpd-04/west-console.txt

testing/pluto/dpd-04/west.conf

testing/pluto/dpd-04/westinit.sh

testing/pluto/dpd-04/westrun.sh

testing/pluto/dpd-04/westrun2.sh

testing/pluto/dpd-05

testing/pluto/dpd-05/debugpublic.txt

testing/pluto/dpd-05/description.txt

testing/pluto/dpd-05/east-console.txt

testing/pluto/dpd-05/east.conf

testing/pluto/dpd-05/eastinit.sh

testing/pluto/dpd-05/final.sh

testing/pluto/dpd-05/testparams.sh

testing/pluto/dpd-05/west-console.txt

testing/pluto/dpd-05/west.conf

testing/pluto/dpd-05/westinit.sh

testing/pluto/dpd-05/westrun.sh

testing/pluto/fail-x509-01

testing/pluto/fail-x509-01/description.txt

testing/pluto/fail-x509-02

testing/pluto/fail-x509-02/description.txt

testing/pluto/fail-x509-03

testing/pluto/fail-x509-03/description.txt

testing/pluto/fail-x509-04

testing/pluto/fail-x509-04/description.txt

testing/pluto/fail-x509-05

testing/pluto/fail-x509-05/description.txt

testing/pluto/fail-x509-06

testing/pluto/fail-x509-06/description.txt

testing/pluto/fail-x509-07

testing/pluto/fail-x509-07/description.txt

testing/pluto/fail-x509-07/east-console.txt

testing/pluto/fail-x509-07/east.conf

testing/pluto/fail-x509-07/eastinit.sh

testing/pluto/fail-x509-07/testparams.sh

testing/pluto/fail-x509-07/west-console.txt

testing/pluto/fail-x509-07/west.conf

testing/pluto/fail-x509-07/westinit.sh

testing/pluto/fail-x509-08

testing/pluto/fail-x509-08/description.txt

testing/pluto/fail-x509-08/east-console.txt

testing/pluto/fail-x509-08/east.conf

testing/pluto/fail-x509-08/eastinit.sh

testing/pluto/fail-x509-08/testparams.sh

testing/pluto/fail-x509-08/west-console.txt

testing/pluto/fail-x509-08/west.conf

testing/pluto/fail-x509-08/westinit.sh

testing/pluto/fail-x509-09

testing/pluto/fail-x509-09/debugpublic.txt

testing/pluto/fail-x509-09/description.txt

testing/pluto/fail-x509-09/east-cleartext.txt

testing/pluto/fail-x509-09/east-console.txt

testing/pluto/fail-x509-09/east.conf

testing/pluto/fail-x509-09/eastinit.sh

testing/pluto/fail-x509-09/eroutewait.sh

testing/pluto/fail-x509-09/faked.crt

testing/pluto/fail-x509-09/faked2.crt

testing/pluto/fail-x509-09/fakeindex.txt

testing/pluto/fail-x509-09/final.sh

testing/pluto/fail-x509-09/genkeys.sh

testing/pluto/fail-x509-09/keyA-priv.pem

testing/pluto/fail-x509-09/keyA.crt

testing/pluto/fail-x509-09/keyA.req

testing/pluto/fail-x509-09/keyAB.crt

testing/pluto/fail-x509-09/keyAB.der

testing/pluto/fail-x509-09/keyB-priv.pem

testing/pluto/fail-x509-09/keyB.crt

testing/pluto/fail-x509-09/keyB.der

testing/pluto/fail-x509-09/keyB.req

testing/pluto/fail-x509-09/keyChain.der

testing/pluto/fail-x509-09/keyChain.duu

testing/pluto/fail-x509-09/openssl.cnf

testing/pluto/fail-x509-09/testparams.sh

testing/pluto/fail-x509-09/west-console.txt

testing/pluto/fail-x509-09/west.conf

testing/pluto/fail-x509-09/westinit.sh

testing/pluto/fail-x509-09/westrun.sh

testing/pluto/helper-queue-01

testing/pluto/helper-queue-01/description.txt

testing/pluto/helper-queue-01/east-console.txt

testing/pluto/helper-queue-01/east-console26.txt

testing/pluto/helper-queue-01/east.conf

testing/pluto/helper-queue-01/eastinit.sh

testing/pluto/helper-queue-01/final.sh

testing/pluto/helper-queue-01/testparams.sh

testing/pluto/helper-queue-01/west-console.txt

testing/pluto/helper-queue-01/west-console26.txt

testing/pluto/helper-queue-01/west.conf

testing/pluto/helper-queue-01/westinit.sh

testing/pluto/ike-algo-01

testing/pluto/ike-algo-01/description.txt

testing/pluto/ike-algo-01/east-console.txt

testing/pluto/ike-algo-01/pluto_unit_tests.sh

testing/pluto/ike-algo-01/testparams.sh

testing/pluto/ipsec.d

testing/pluto/ipsec.d/east

testing/pluto/ipsec.d/east/aacerts

testing/pluto/ipsec.d/east/aacerts/.KEEP_ME

testing/pluto/ipsec.d/east/cacerts

testing/pluto/ipsec.d/east/cacerts/.KEEP_ME

testing/pluto/ipsec.d/east/crls

testing/pluto/ipsec.d/east/crls/.KEEP_ME

testing/pluto/ipsec.d/east/ocspcerts

testing/pluto/ipsec.d/east/ocspcerts/.KEEP_ME

testing/pluto/ipsec.d/east/policies

testing/pluto/ipsec.d/east/policies/clear

testing/pluto/ipsec.d/east/policies/clear-west

testing/pluto/ipsec.d/east/policies/opportunity

testing/pluto/ipsec.d/east/policies/opportunity-mine

testing/pluto/ipsec.d/east/policies/reject

testing/pluto/ipsec.d/west

testing/pluto/ipsec.d/west/aacerts

testing/pluto/ipsec.d/west/aacerts/.KEEP_ME

testing/pluto/ipsec.d/west/cacerts

testing/pluto/ipsec.d/west/cacerts/.KEEP_ME

testing/pluto/ipsec.d/west/crls

testing/pluto/ipsec.d/west/crls/.KEEP_ME

testing/pluto/ipsec.d/west/ocspcerts

testing/pluto/ipsec.d/west/ocspcerts/.KEEP_ME

testing/pluto/ipsec.d/west/policies

testing/pluto/ipsec.d/west/policies/block

testing/pluto/ipsec.d/west/policies/clear

testing/pluto/ipsec.d/west/policies/oe

testing/pluto/ipsec.d/west/policies/opportunity

testing/pluto/ipsec.d/west/policies/opportunity-mine

testing/pluto/ipsec.d/west/policies/reject

testing/pluto/kingnet-isp-01

testing/pluto/kingnet-isp-01/description.txt

testing/pluto/kingnet-isp-01/eastinit.sh

testing/pluto/kingnet-isp-01/final.sh

testing/pluto/kingnet-isp-01/nicinit.sh

testing/pluto/kingnet-isp-01/north.conf

testing/pluto/kingnet-isp-01/northinit.sh

testing/pluto/kingnet-isp-01/testparams.sh

testing/pluto/nat-dpd-pluto-01

testing/pluto/nat-dpd-pluto-01/debugpublic.txt

testing/pluto/nat-dpd-pluto-01/description.txt

testing/pluto/nat-dpd-pluto-01/east-cleartext.txt

testing/pluto/nat-dpd-pluto-01/east-console.txt

testing/pluto/nat-dpd-pluto-01/east.conf

testing/pluto/nat-dpd-pluto-01/eastinit.sh

testing/pluto/nat-dpd-pluto-01/final.sh

testing/pluto/nat-dpd-pluto-01/nicinit.sh

testing/pluto/nat-dpd-pluto-01/north-console.txt

testing/pluto/nat-dpd-pluto-01/north.conf

testing/pluto/nat-dpd-pluto-01/northinit.sh

testing/pluto/nat-dpd-pluto-01/northrun.sh

testing/pluto/nat-dpd-pluto-01/testparams.sh

testing/pluto/nat-pluto-03

testing/pluto/nat-pluto-03/debugpublic.txt

testing/pluto/nat-pluto-03/description.txt

testing/pluto/nat-pluto-03/east-console.txt

testing/pluto/nat-pluto-03/east.conf

testing/pluto/nat-pluto-03/eastinit.sh

testing/pluto/nat-pluto-03/eroutewait.sh

testing/pluto/nat-pluto-03/final.sh

testing/pluto/nat-pluto-03/road-console.txt

testing/pluto/nat-pluto-03/road.conf

testing/pluto/nat-pluto-03/roadinit.sh

testing/pluto/nat-pluto-03/roadrun.sh

testing/pluto/nat-pluto-03/testparams.sh

testing/pluto/nat-pluto-04

testing/pluto/nat-pluto-04/debugpublic.txt

testing/pluto/nat-pluto-04/description.txt

testing/pluto/nat-pluto-04/east-cleartext.txt

testing/pluto/nat-pluto-04/east-console.txt

testing/pluto/nat-pluto-04/eastinit.sh

testing/pluto/nat-pluto-04/final.sh

testing/pluto/nat-pluto-04/nicinit.sh

testing/pluto/nat-pluto-04/road-console.txt

testing/pluto/nat-pluto-04/roadinit.sh

testing/pluto/nat-pluto-04/roadrun.sh

testing/pluto/nat-pluto-04/testparams.sh

testing/pluto/oe-road-01/road.conf

testing/pluto/psk-pluto-01

testing/pluto/psk-pluto-01/debugpublic.txt

testing/pluto/psk-pluto-01/description.txt

testing/pluto/psk-pluto-01/east-console.txt

testing/pluto/psk-pluto-01/east-console26.txt

testing/pluto/psk-pluto-01/east.conf

testing/pluto/psk-pluto-01/east.secrets

testing/pluto/psk-pluto-01/eastinit.sh

testing/pluto/psk-pluto-01/final.sh

testing/pluto/psk-pluto-01/road-console.txt

testing/pluto/psk-pluto-01/road.conf

testing/pluto/psk-pluto-01/road.secrets

testing/pluto/psk-pluto-01/roadinit.sh

testing/pluto/psk-pluto-01/roadrun.sh

testing/pluto/psk-pluto-01/testparams.sh

testing/pluto/psk-pluto-02

testing/pluto/psk-pluto-02/debugpublic.txt

testing/pluto/psk-pluto-02/description.txt

testing/pluto/psk-pluto-02/east-console.txt

testing/pluto/psk-pluto-02/east-console26.txt

testing/pluto/psk-pluto-02/east.conf

testing/pluto/psk-pluto-02/east.secrets

testing/pluto/psk-pluto-02/eastinit.sh

testing/pluto/psk-pluto-02/final.sh

testing/pluto/psk-pluto-02/road-console.txt

testing/pluto/psk-pluto-02/road.conf

testing/pluto/psk-pluto-02/road.secrets

testing/pluto/psk-pluto-02/roadinit.sh

testing/pluto/psk-pluto-02/roadrun.sh

testing/pluto/psk-pluto-02/testparams.sh

testing/pluto/vpn-yes-oe-no-01

testing/pluto/vpn-yes-oe-no-01/description.txt

testing/pluto/x509-pluto-02

testing/pluto/x509-pluto-02/debugpublic.txt

testing/pluto/x509-pluto-02/description.txt

testing/pluto/x509-pluto-02/east-cleartext.txt

testing/pluto/x509-pluto-02/east-console.txt

testing/pluto/x509-pluto-02/east.conf

testing/pluto/x509-pluto-02/eastinit.sh

testing/pluto/x509-pluto-02/final.sh

testing/pluto/x509-pluto-02/north-console.txt

testing/pluto/x509-pluto-02/northinit.sh

testing/pluto/x509-pluto-02/northrun.sh

testing/pluto/x509-pluto-02/testparams.sh

testing/pluto/x509-pluto-03

testing/pluto/x509-pluto-03/TODO.txt

testing/pluto/x509-pluto-03/debugpublic.txt

testing/pluto/x509-pluto-03/description.txt

testing/pluto/x509-pluto-03/east-console.txt

testing/pluto/x509-pluto-03/east.conf

testing/pluto/x509-pluto-03/eastinit.sh

testing/pluto/x509-pluto-03/eroutewait.sh

testing/pluto/x509-pluto-03/final.sh

testing/pluto/x509-pluto-03/testparams.sh

testing/pluto/x509-pluto-03/west-console.txt

testing/pluto/x509-pluto-03/west.conf

testing/pluto/x509-pluto-03/westinit.sh

testing/pluto/x509-pluto-03/westrun.sh

testing/pluto/x509-pluto-04

testing/pluto/x509-pluto-04/description.txt

testing/pluto/x509-pluto-04/east-cleartext.txt

testing/pluto/x509-pluto-04/east-console.txt

testing/pluto/x509-pluto-04/east.conf

testing/pluto/x509-pluto-04/eastinit.sh

testing/pluto/x509-pluto-04/final.sh

testing/pluto/x509-pluto-04/nicinit.sh

testing/pluto/x509-pluto-04/north-console.txt

testing/pluto/x509-pluto-04/northinit.sh

testing/pluto/x509-pluto-04/northrun.sh

testing/pluto/x509-pluto-04/testparams.sh

testing/pluto/x509-pluto-05

testing/pluto/x509-pluto-05/description.txt

testing/pluto/x509-pluto-05/east-cleartext.txt

testing/pluto/x509-pluto-05/east-console.txt

testing/pluto/x509-pluto-05/east.conf

testing/pluto/x509-pluto-05/eastinit.sh

testing/pluto/x509-pluto-05/final.sh

testing/pluto/x509-pluto-05/nicinit.sh

testing/pluto/x509-pluto-05/north-console.txt

testing/pluto/x509-pluto-05/northinit.sh

testing/pluto/x509-pluto-05/northrun.sh

testing/pluto/x509-pluto-05/testparams.sh

testing/pluto/x509-pluto-06

testing/pluto/x509-pluto-06/description.txt

testing/pluto/x509-pluto-06/east-cleartext.txt

testing/pluto/x509-pluto-06/east-console.txt

testing/pluto/x509-pluto-06/east.conf

testing/pluto/x509-pluto-06/eastinit.sh

testing/pluto/x509-pluto-06/final.sh

testing/pluto/x509-pluto-06/nicinit.sh

testing/pluto/x509-pluto-06/north-console.txt

testing/pluto/x509-pluto-06/north.conf

testing/pluto/x509-pluto-06/northinit.sh

testing/pluto/x509-pluto-06/northrun.sh

testing/pluto/x509-pluto-06/testparams.sh

testing/pluto/x509-pluto-07

testing/pluto/x509-pluto-07/description.txt

testing/pluto/x509-pluto-08

testing/pluto/x509-pluto-08/description.txt

testing/pluto/x509-pluto-08/east-console.txt

testing/pluto/x509-pluto-08/pemtocert.sh

testing/pluto/x509-pluto-08/pemtoder.sh

testing/pluto/x509-pluto-08/testparams.sh

testing/pluto/x509-pluto-08/west-console.txt

testing/pluto/x509-pluto-08/west.conf

testing/pluto/x509-pluto-08/westcert.der

testing/pluto/x509-pluto-08/westinit.sh

testing/pluto/x509-pluto-08/westrun.sh

testing/pluto/xauth-pluto-04

testing/pluto/xauth-pluto-04/debugpublic.txt

testing/pluto/xauth-pluto-04/description.txt

testing/pluto/xauth-pluto-04/east-console.txt

testing/pluto/xauth-pluto-04/east.conf

testing/pluto/xauth-pluto-04/east.secrets

testing/pluto/xauth-pluto-04/eastinit.sh

testing/pluto/xauth-pluto-04/final.sh

testing/pluto/xauth-pluto-04/road-console.txt

testing/pluto/xauth-pluto-04/road.conf

testing/pluto/xauth-pluto-04/road.secrets

testing/pluto/xauth-pluto-04/roadinit.sh

testing/pluto/xauth-pluto-04/roadrun.sh

testing/pluto/xauth-pluto-04/testparams.sh

testing/pluto/xauth-pluto-05

testing/pluto/xauth-pluto-05/debugpublic.txt

testing/pluto/xauth-pluto-05/description.txt

testing/pluto/xauth-pluto-05/east-console.txt

testing/pluto/xauth-pluto-05/east.conf

testing/pluto/xauth-pluto-05/east.secrets

testing/pluto/xauth-pluto-05/eastinit.sh

testing/pluto/xauth-pluto-05/final.sh

testing/pluto/xauth-pluto-05/road-console.txt

testing/pluto/xauth-pluto-05/road.conf

testing/pluto/xauth-pluto-05/road.secrets

testing/pluto/xauth-pluto-05/roadinit.sh

testing/pluto/xauth-pluto-05/roadrun.sh

testing/pluto/xauth-pluto-05/testparams.sh

testing/pluto/xauth-pluto-06

testing/pluto/xauth-pluto-06/debugpublic.txt

testing/pluto/xauth-pluto-06/description.txt

testing/pluto/xauth-pluto-06/east-console.txt

testing/pluto/xauth-pluto-06/east.conf

testing/pluto/xauth-pluto-06/east.secrets

testing/pluto/xauth-pluto-06/eastinit.sh

testing/pluto/xauth-pluto-06/final.sh

testing/pluto/xauth-pluto-06/road-console.txt

testing/pluto/xauth-pluto-06/road.conf

testing/pluto/xauth-pluto-06/road.secrets

testing/pluto/xauth-pluto-06/roadinit.sh

testing/pluto/xauth-pluto-06/roadrun.sh

testing/pluto/xauth-pluto-06/testparams.sh

testing/pluto/xauth-pluto-07

testing/pluto/xauth-pluto-07/description.txt

testing/pluto/xauth-pluto-07/east-console.txt

testing/pluto/xauth-pluto-07/east.conf

testing/pluto/xauth-pluto-07/east.secrets

testing/pluto/xauth-pluto-07/eastinit.sh

testing/pluto/xauth-pluto-07/final.sh

testing/pluto/xauth-pluto-07/road-console.txt

testing/pluto/xauth-pluto-07/road.conf

testing/pluto/xauth-pluto-07/road.secrets

testing/pluto/xauth-pluto-07/roadinit.sh

testing/pluto/xauth-pluto-07/roadrun.sh

testing/pluto/xauth-pluto-07/testparams.sh

testing/pluto/xauth-vpn-upgrade-01

testing/pluto/xauth-vpn-upgrade-01/description.txt

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/aacerts

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/aacerts/.KEEPME

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/crls

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/crls/.KEEPME

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/ocspcerts

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/ocspcerts/.KEEPME

files removed:
debian/freeswan.conffiles

debian/freeswan.config

debian/freeswan.dirs

debian/freeswan.docs

debian/freeswan.postinst

debian/freeswan.postrm

debian/freeswan.preinst

debian/freeswan.prerm

debian/freeswan.templates

debian/kernel-patch-freeswan.apply

debian/kernel-patch-freeswan.dirs

debian/kernel-patch-freeswan.docs

debian/kernel-patch-freeswan.unpatch

debian/openswan-modules-source-build

debian/openswan-modules-source-build/modules

debian/openswan-modules-source-build/modules/openswan

debian/openswan-modules-source-build/modules/openswan/Makefile.inc

debian/openswan-modules-source-build/modules/openswan/Makefile.ver

debian/openswan-modules-source-build/modules/openswan/config-all.h

debian/openswan-modules-source-build/modules/openswan/debian

debian/openswan-modules-source-build/modules/openswan/debian/changelog

debian/openswan-modules-source-build/modules/openswan/debian/control.in

debian/openswan-modules-source-build/modules/openswan/debian/rules

debian/openswan-modules-source-build/modules/openswan/linux

debian/openswan-modules-source-build/modules/openswan/linux/Documentation

debian/openswan-modules-source-build/modules/openswan/linux/Documentation/Configure.help.fs2_0.patch

debian/openswan-modules-source-build/modules/openswan/linux/Documentation/Configure.help.fs2_2.patch

debian/openswan-modules-source-build/modules/openswan/linux/Documentation/Configure.help.fs2_4.patch

debian/openswan-modules-source-build/modules/openswan/linux/Makefile

debian/openswan-modules-source-build/modules/openswan/linux/README.openswan-2

debian/openswan-modules-source-build/modules/openswan/linux/crypto

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/COPYRIGHT

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/INSTALL

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/Makefile.objs

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/README

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/README.freeswan

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/VERSION

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/crypt586.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/des-586.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/des686.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/desboth.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/cbc.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/readme

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/x86asm.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/x86ms.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/x86unix.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/readme

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/cbc_enc.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des.doc

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_crypt.man

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_enc.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_locl.h

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_opts.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_ver.h

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/destest.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/dx86unix.S

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/ecb_enc.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/fcrypt.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/fcrypt_b.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/options.txt

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/podd.h

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/set_key.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/sk.h

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/speed.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/spr.h

debian/openswan-modules-source-build/modules/openswan/linux/include

debian/openswan-modules-source-build/modules/openswan/linux/include/crypto

debian/openswan-modules-source-build/modules/openswan/linux/include/crypto/des.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipcomp.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_ah.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_auth.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_encap.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_eroute.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_errs.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_esp.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_ipcomp.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_ipe4.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_ipip.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_kversion.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_life.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_md5h.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_param.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_policy.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_proto.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_radij.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_rcv.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_sa.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_sha1.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_stats.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_tunnel.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_xform.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_xmit.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/passert.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/pfkey_debug.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/radij.h

debian/openswan-modules-source-build/modules/openswan/linux/include/mast.h

debian/openswan-modules-source-build/modules/openswan/linux/include/openswan.h

debian/openswan-modules-source-build/modules/openswan/linux/include/pfkey.h

debian/openswan-modules-source-build/modules/openswan/linux/include/pfkeyv2.h

debian/openswan-modules-source-build/modules/openswan/linux/include/zlib

debian/openswan-modules-source-build/modules/openswan/linux/include/zlib/zlib.h

debian/openswan-modules-source-build/modules/openswan/linux/include/zlib/zutil.h

debian/openswan-modules-source-build/modules/openswan/linux/lib

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/Makefile.objs

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/addrtoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/addrtot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/addrtypeof.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/anyaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/anyaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoasr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoasr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atosubnet.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoul.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoul.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/copyright.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/datatot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/goodmask.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/goodmask.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initsaid.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initsubnet.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initsubnet.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/internal.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/keyblobtoid.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/keyblobtoid.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/optionsfrom.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/optionsfrom.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/pfkey_v2_build.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/pfkey_v2_debug.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/pfkey_v2_ext_bits.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/pfkey_v2_parse.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/portof.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/portof.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/prng.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/prng.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/rangetoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/rangetosubnet.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/rangetosubnet.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/sameaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/sameaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/satoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/satot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnetof.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnetof.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnettoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnettot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnettypeof.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttodata.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttodata.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoprotoport.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttosa.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttosa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttosubnet.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoul.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoul.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ultoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ultot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/version.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/version.in.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/Makefile

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/Makefile.objs

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/README

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/README.freeswan

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/adler32.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/deflate.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/deflate.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infblock.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infblock.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infcodes.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infcodes.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inffast.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inffast.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inffixed.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inflate.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inftrees.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inftrees.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infutil.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infutil.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/match586.S

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/match686.S

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/trees.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/trees.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/zconf.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/zutil.c

debian/openswan-modules-source-build/modules/openswan/linux/net

debian/openswan-modules-source-build/modules/openswan/linux/net/Config.in.fs2_0.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Config.in.fs2_2.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Config.in.fs2_4.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Makefile.fs2_0.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Makefile.fs2_2.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Makefile.fs2_4.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/Config.in

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/Makefile

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/defconfig

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipcomp.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_ah.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_esp.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_init.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_ipcomp.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_ipip.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_life.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_mast.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_md5c.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_proc.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_radij.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_rcv.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_sa.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_sha1.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_tunnel.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_xform.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_xmit.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/pfkey_v2.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/pfkey_v2_ext_process.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/pfkey_v2_parser.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/radij.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/sysctl_net_ipsec.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/tagsfile.mak

debian/openswan-modules-source-build/modules/openswan/linux/net/ipv4

debian/openswan-modules-source-build/modules/openswan/linux/net/ipv4/af_inet.c.fs2_0.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/ipv4/af_inet.c.fs2_2.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/ipv4/af_inet.c.fs2_4.patch

debian/pre-build-patches

debian/pre-build-patches/00-notify_delete-freeswan-1.98b-020724_with_freeswan-alg.diff

debian/pre-build-patches/plutorun-use-bash.diff

debian/pre-install-patches

debian/pre-install-patches/init.d-add-kernelsupport-check.diff

debian/pre-install-patches/init.d-remove-depmod.diff

doc/draft-richardson-ipsec-rr.txt

doc/manpage.d

doc/manpage.d/ipsec.8.html

doc/manpage.d/ipsec.conf.5.html

doc/manpage.d/ipsec.secrets.5.html

doc/manpage.d/ipsec__confread.8.html

doc/manpage.d/ipsec__copyright.8.html

doc/manpage.d/ipsec__include.8.html

doc/manpage.d/ipsec__keycensor.8.html

doc/manpage.d/ipsec__plutoload.8.html

doc/manpage.d/ipsec__plutorun.8.html

doc/manpage.d/ipsec__realsetup.8.html

doc/manpage.d/ipsec__secretcensor.8.html

doc/manpage.d/ipsec__startklips.8.html

doc/manpage.d/ipsec__updown.8.html

doc/manpage.d/ipsec__updown_x509.8.html

doc/manpage.d/ipsec_addrbytesof.3.html

doc/manpage.d/ipsec_addrbytesptr.3.html

doc/manpage.d/ipsec_addrcmp.3.html

doc/manpage.d/ipsec_addrinsubnet.3.html

doc/manpage.d/ipsec_addrlenof.3.html

doc/manpage.d/ipsec_addrtoa.3.html

doc/manpage.d/ipsec_addrtosubnet.3.html

doc/manpage.d/ipsec_addrtot.3.html

doc/manpage.d/ipsec_addrtypeof.3.html

doc/manpage.d/ipsec_anyaddr.3.html

doc/manpage.d/ipsec_atoaddr.3.html

doc/manpage.d/ipsec_atoasr.3.html

doc/manpage.d/ipsec_atosubnet.3.html

doc/manpage.d/ipsec_atoul.3.html

doc/manpage.d/ipsec_auto.8.html

doc/manpage.d/ipsec_barf.8.html

doc/manpage.d/ipsec_bitstomask.3.html

doc/manpage.d/ipsec_broadcastof.3.html

doc/manpage.d/ipsec_calcgoo.8.html

doc/manpage.d/ipsec_copyright_notice.3.html

doc/manpage.d/ipsec_datatot.3.html

doc/manpage.d/ipsec_eroute.5.html

doc/manpage.d/ipsec_eroute.8.html

doc/manpage.d/ipsec_goodmask.3.html

doc/manpage.d/ipsec_hostof.3.html

doc/manpage.d/ipsec_ikeping.8.html

doc/manpage.d/ipsec_initaddr.3.html

doc/manpage.d/ipsec_initsaid.3.html

doc/manpage.d/ipsec_initsubnet.3.html

doc/manpage.d/ipsec_isanyaddr.3.html

doc/manpage.d/ipsec_isloopbackaddr.3.html

doc/manpage.d/ipsec_isunspecaddr.3.html

doc/manpage.d/ipsec_keyblobtoid.3.html

doc/manpage.d/ipsec_klipsdebug.5.html

doc/manpage.d/ipsec_klipsdebug.8.html

doc/manpage.d/ipsec_look.8.html

doc/manpage.d/ipsec_loopbackaddr.3.html

doc/manpage.d/ipsec_lwdnsq.8.html

doc/manpage.d/ipsec_mailkey.8.html

doc/manpage.d/ipsec_manual.8.html

doc/manpage.d/ipsec_maskof.3.html

doc/manpage.d/ipsec_masktobits.3.html

doc/manpage.d/ipsec_masktocount.3.html

doc/manpage.d/ipsec_networkof.3.html

doc/manpage.d/ipsec_newhostkey.8.html

doc/manpage.d/ipsec_optionsfrom.3.html

doc/manpage.d/ipsec_pf_key.5.html

doc/manpage.d/ipsec_pf_key.8.html

doc/manpage.d/ipsec_pluto.8.html

doc/manpage.d/ipsec_portof.3.html

doc/manpage.d/ipsec_prng.3.html

doc/manpage.d/ipsec_prng_bytes.3.html

doc/manpage.d/ipsec_prng_final.3.html

doc/manpage.d/ipsec_prng_init.3.html

doc/manpage.d/ipsec_ranbits.8.html

doc/manpage.d/ipsec_rangetoa.3.html

doc/manpage.d/ipsec_rangetosubnet.3.html

doc/manpage.d/ipsec_rsasigkey.8.html

doc/manpage.d/ipsec_sameaddr.3.html

doc/manpage.d/ipsec_sameaddrtype.3.html

doc/manpage.d/ipsec_samesaid.3.html

doc/manpage.d/ipsec_samesubnet.3.html

doc/manpage.d/ipsec_samesubnettype.3.html

doc/manpage.d/ipsec_satot.3.html

doc/manpage.d/ipsec_secrets.8.html

doc/manpage.d/ipsec_send-pr.8.html

doc/manpage.d/ipsec_setportof.3.html

doc/manpage.d/ipsec_setup.8.html

doc/manpage.d/ipsec_showdefaults.8.html

doc/manpage.d/ipsec_showhostkey.8.html

doc/manpage.d/ipsec_showpolicy.8.html

doc/manpage.d/ipsec_sockaddrlenof.3.html

doc/manpage.d/ipsec_sockaddrof.3.html

doc/manpage.d/ipsec_spi.5.html

doc/manpage.d/ipsec_spi.8.html

doc/manpage.d/ipsec_spigrp.5.html

doc/manpage.d/ipsec_spigrp.8.html

doc/manpage.d/ipsec_splitkeytoid.3.html

doc/manpage.d/ipsec_subnetinsubnet.3.html

doc/manpage.d/ipsec_subnetishost.3.html

doc/manpage.d/ipsec_subnetof.3.html

doc/manpage.d/ipsec_subnettoa.3.html

doc/manpage.d/ipsec_subnettot.3.html

doc/manpage.d/ipsec_subnettypeof.3.html

doc/manpage.d/ipsec_tnatoaddr.3.html

doc/manpage.d/ipsec_tncfg.5.html

doc/manpage.d/ipsec_tncfg.8.html

doc/manpage.d/ipsec_trap_count.5.html

doc/manpage.d/ipsec_trap_sendcount.5.html

doc/manpage.d/ipsec_ttoaddr.3.html

doc/manpage.d/ipsec_ttodata.3.html

doc/manpage.d/ipsec_ttosa.3.html

doc/manpage.d/ipsec_ttosubnet.3.html

doc/manpage.d/ipsec_ttoul.3.html

doc/manpage.d/ipsec_ultoa.3.html

doc/manpage.d/ipsec_ultot.3.html

doc/manpage.d/ipsec_unspecaddr.3.html

doc/manpage.d/ipsec_verify.8.html

doc/manpage.d/ipsec_version.3.html

doc/manpage.d/ipsec_version.5.html

doc/manpage.d/ipsec_version_code.3.html

doc/manpage.d/ipsec_version_string.3.html

doc/manpage.d/ipsec_whack.8.html

doc/src/draft-richardson-ipsec-rr.html

doc/src/draft-richardson-ipsec-rr.xml

lib/libdes/Makefile

lib/libfreeswan

lib/libfreeswan/Makefile

lib/libfreeswan/pfkey_print.c

lib/libfreeswan/sanitizestring.c

lib/liblwres/man/lwres.3

lib/liblwres/man/lwres.html

lib/liblwres/man/lwres_buffer.3

lib/liblwres/man/lwres_buffer.html

lib/liblwres/man/lwres_config.3

lib/liblwres/man/lwres_config.html

lib/liblwres/man/lwres_context.3

lib/liblwres/man/lwres_context.html

lib/liblwres/man/lwres_gabn.3

lib/liblwres/man/lwres_gabn.html

lib/liblwres/man/lwres_gai_strerror.3

lib/liblwres/man/lwres_gai_strerror.html

lib/liblwres/man/lwres_getaddrinfo.3

lib/liblwres/man/lwres_getaddrinfo.html

lib/liblwres/man/lwres_gethostent.3

lib/liblwres/man/lwres_gethostent.html

lib/liblwres/man/lwres_getipnode.3

lib/liblwres/man/lwres_getipnode.html

lib/liblwres/man/lwres_getnameinfo.3

lib/liblwres/man/lwres_getnameinfo.html

lib/liblwres/man/lwres_getrrsetbyname.3

lib/liblwres/man/lwres_getrrsetbyname.html

lib/liblwres/man/lwres_gnba.3

lib/liblwres/man/lwres_gnba.html

lib/liblwres/man/lwres_hstrerror.3

lib/liblwres/man/lwres_hstrerror.html

lib/liblwres/man/lwres_inetntop.3

lib/liblwres/man/lwres_inetntop.html

lib/liblwres/man/lwres_noop.3

lib/liblwres/man/lwres_noop.html

lib/liblwres/man/lwres_packet.3

lib/liblwres/man/lwres_packet.html

lib/liblwres/man/lwres_resutil.3

lib/liblwres/man/lwres_resutil.html

linux/crypto/ciphers/des

linux/crypto/ciphers/des/COPYRIGHT

linux/crypto/ciphers/des/INSTALL

linux/crypto/ciphers/des/Makefile.objs

linux/crypto/ciphers/des/README

linux/crypto/ciphers/des/README.freeswan

linux/crypto/ciphers/des/VERSION

linux/crypto/ciphers/des/asm

linux/crypto/ciphers/des/asm/crypt586.pl

linux/crypto/ciphers/des/asm/des-586.pl

linux/crypto/ciphers/des/asm/des686.pl

linux/crypto/ciphers/des/asm/desboth.pl

linux/crypto/ciphers/des/asm/perlasm

linux/crypto/ciphers/des/asm/perlasm/cbc.pl

linux/crypto/ciphers/des/asm/perlasm/readme

linux/crypto/ciphers/des/asm/perlasm/x86asm.pl

linux/crypto/ciphers/des/asm/perlasm/x86ms.pl

linux/crypto/ciphers/des/asm/perlasm/x86unix.pl

linux/crypto/ciphers/des/asm/readme

linux/crypto/ciphers/des/cbc_enc.c

linux/crypto/ciphers/des/des.doc

linux/crypto/ciphers/des/des_crypt.man

linux/crypto/ciphers/des/des_enc.c

linux/crypto/ciphers/des/des_locl.h

linux/crypto/ciphers/des/des_opts.c

linux/crypto/ciphers/des/des_ver.h

linux/crypto/ciphers/des/destest.c

linux/crypto/ciphers/des/dx86unix.S

linux/crypto/ciphers/des/ecb_enc.c

linux/crypto/ciphers/des/fcrypt.c

linux/crypto/ciphers/des/fcrypt_b.c

linux/crypto/ciphers/des/options.txt

linux/crypto/ciphers/des/podd.h

linux/crypto/ciphers/des/set_key.c

linux/crypto/ciphers/des/sk.h

linux/crypto/ciphers/des/speed.c

linux/crypto/ciphers/des/spr.h

linux/include/freeswan

linux/include/freeswan.h

linux/include/freeswan/ipcomp.h

linux/include/freeswan/ipsec_ah.h

linux/include/freeswan/ipsec_auth.h

linux/include/freeswan/ipsec_encap.h

linux/include/freeswan/ipsec_eroute.h

linux/include/freeswan/ipsec_errs.h

linux/include/freeswan/ipsec_esp.h

linux/include/freeswan/ipsec_ipcomp.h

linux/include/freeswan/ipsec_ipe4.h

linux/include/freeswan/ipsec_ipip.h

linux/include/freeswan/ipsec_kversion.h

linux/include/freeswan/ipsec_life.h

linux/include/freeswan/ipsec_md5h.h

linux/include/freeswan/ipsec_param.h

linux/include/freeswan/ipsec_policy.h

linux/include/freeswan/ipsec_proto.h

linux/include/freeswan/ipsec_radij.h

linux/include/freeswan/ipsec_rcv.h

linux/include/freeswan/ipsec_sa.h

linux/include/freeswan/ipsec_sha1.h

linux/include/freeswan/ipsec_stats.h

linux/include/freeswan/ipsec_tunnel.h

linux/include/freeswan/ipsec_xform.h

linux/include/freeswan/ipsec_xmit.h

linux/include/freeswan/passert.h

linux/include/freeswan/pfkey_debug.h

linux/include/freeswan/radij.h

linux/lib/libfreeswan/addrtoa.c

linux/lib/libfreeswan/addrtot.c

linux/lib/libfreeswan/addrtypeof.c

linux/lib/libfreeswan/anyaddr.3

linux/lib/libfreeswan/anyaddr.c

linux/lib/libfreeswan/atoaddr.3

linux/lib/libfreeswan/atoaddr.c

linux/lib/libfreeswan/atoasr.3

linux/lib/libfreeswan/atoasr.c

linux/lib/libfreeswan/atosubnet.c

linux/lib/libfreeswan/atoul.3

linux/lib/libfreeswan/atoul.c

linux/lib/libfreeswan/copyright.c

linux/lib/libfreeswan/datatot.c

linux/lib/libfreeswan/goodmask.3

linux/lib/libfreeswan/goodmask.c

linux/lib/libfreeswan/initaddr.3

linux/lib/libfreeswan/initaddr.c

linux/lib/libfreeswan/initsaid.c

linux/lib/libfreeswan/initsubnet.3

linux/lib/libfreeswan/initsubnet.c

linux/lib/libfreeswan/internal.h

linux/lib/libfreeswan/keyblobtoid.3

linux/lib/libfreeswan/keyblobtoid.c

linux/lib/libfreeswan/optionsfrom.3

linux/lib/libfreeswan/optionsfrom.c

linux/lib/libfreeswan/pfkey_v2_build.c

linux/lib/libfreeswan/pfkey_v2_debug.c

linux/lib/libfreeswan/pfkey_v2_ext_bits.c

linux/lib/libfreeswan/pfkey_v2_parse.c

linux/lib/libfreeswan/portof.3

linux/lib/libfreeswan/portof.c

linux/lib/libfreeswan/prng.3

linux/lib/libfreeswan/prng.c

linux/lib/libfreeswan/rangetoa.c

linux/lib/libfreeswan/rangetosubnet.3

linux/lib/libfreeswan/rangetosubnet.c

linux/lib/libfreeswan/sameaddr.3

linux/lib/libfreeswan/sameaddr.c

linux/lib/libfreeswan/satoa.c

linux/lib/libfreeswan/satot.c

linux/lib/libfreeswan/subnetof.3

linux/lib/libfreeswan/subnetof.c

linux/lib/libfreeswan/subnettoa.c

linux/lib/libfreeswan/subnettot.c

linux/lib/libfreeswan/subnettypeof.c

linux/lib/libfreeswan/ttoaddr.3

linux/lib/libfreeswan/ttoaddr.c

linux/lib/libfreeswan/ttodata.3

linux/lib/libfreeswan/ttodata.c

linux/lib/libfreeswan/ttoprotoport.c

linux/lib/libfreeswan/ttosa.3

linux/lib/libfreeswan/ttosa.c

linux/lib/libfreeswan/ttosubnet.c

linux/lib/libfreeswan/ttoul.3

linux/lib/libfreeswan/ttoul.c

linux/lib/libfreeswan/ultoa.c

linux/lib/libfreeswan/ultot.c

linux/lib/libfreeswan/version.3

linux/lib/libfreeswan/version.in.c

linux/lib/zlib/README

linux/lib/zlib/README.freeswan

linux/lib/zlib/adler32.c

linux/lib/zlib/deflate.c

linux/lib/zlib/deflate.h

linux/lib/zlib/infblock.c

linux/lib/zlib/infblock.h

linux/lib/zlib/infcodes.c

linux/lib/zlib/infcodes.h

linux/lib/zlib/inffast.c

linux/lib/zlib/inffast.h

linux/lib/zlib/inffixed.h

linux/lib/zlib/inflate.c

linux/lib/zlib/inftrees.c

linux/lib/zlib/inftrees.h

linux/lib/zlib/infutil.c

linux/lib/zlib/infutil.h

linux/lib/zlib/match586.S

linux/lib/zlib/match686.S

linux/lib/zlib/trees.c

linux/lib/zlib/trees.h

linux/lib/zlib/zconf.h

linux/lib/zlib/zutil.c

linux/net/ipsec/Makefile

packaging/redhat/freeswan.spec

programs/_confread/block

programs/_confread/clear

programs/_confread/clear-or-private

programs/_confread/ipsec.conf

programs/_confread/private

programs/_confread/private-or-clear

programs/_updown/_updown.in

programs/examples/no_oe.conf

programs/ipsec/distros.txt

programs/pluto/constants.c

programs/pluto/constants.h

programs/pluto/endian.h

programs/pluto/packet.c

programs/pluto/packet.h

testing/CA/east.uml.freeswan.org/east.uml.freeswan.org.pem

testing/lib/libfreeswan

testing/lib/libfreeswan/Makefile

testing/lib/libfreeswan/TESTLIST

testing/pluto/co-terminal-03/nic-init.sh

testing/pluto/xauth-pluto-03/westinit.sh

files modified:
CHANGES

CREDITS

LICENSE

Makefile

Makefile.inc

Makefile.ver

README

debian/README.Debian

debian/changelog

debian/control

debian/fswcert/fswcert.c

debian/kernel-patch-openswan.apply

debian/openswan-modules-source.kernel-config

debian/openswan-modules-source.rules *

debian/openswan.docs

debian/openswan.postinst

debian/openswan.templates

debian/openswan.templates.master

debian/po/fr.po

debian/po/pt_BR.po

debian/po/templates.pot

debian/rules

doc/2.6.known-issues

doc/HowTo.html

doc/HowTo.pdf

doc/HowTo.ps

doc/HowTo.txt

doc/Makefile

doc/README.XAUTH

doc/README.x509

doc/draft-richardson-ipsec-opportunistic.txt

doc/src/draft-richardson-ipsec-opportunistic.html

doc/src/draft-richardson-ipsec-opportunistic.xml

doc/src/roadmap.html

doc/src/umltesting.html

doc/umltesting.html

doc/upgrading.html

lib/Makefile

lib/libipsecpolicy/Makefile

lib/liblwres/Makefile

lib/liblwres/async.c

lib/liblwres/context.c

lib/liblwres/gai_strerror.c

lib/liblwres/getaddrinfo.c

lib/liblwres/gethost.c

lib/liblwres/getipnode.c

lib/liblwres/getnameinfo.c

lib/liblwres/getrrset.c

lib/liblwres/getrrset2.c

lib/liblwres/herror.c

lib/liblwres/include/lwres/context.h

lib/liblwres/include/lwres/int.h

lib/liblwres/include/lwres/ipv6.h

lib/liblwres/include/lwres/lang.h

lib/liblwres/include/lwres/list.h

lib/liblwres/include/lwres/lwbuffer.h

lib/liblwres/include/lwres/lwpacket.h

lib/liblwres/include/lwres/lwres.h

lib/liblwres/include/lwres/netdb.h

lib/liblwres/include/lwres/platform.h

lib/liblwres/include/lwres/result.h

lib/liblwres/lwbuffer.c

lib/liblwres/lwconfig.c

lib/liblwres/lwinetaton.c

lib/liblwres/lwinetntop.c

lib/liblwres/lwinetpton.c

lib/liblwres/lwpacket.c

lib/liblwres/lwres_gabn.c

lib/liblwres/lwres_gnba.c

lib/liblwres/lwres_grbn.c

lib/liblwres/lwres_noop.c

lib/liblwres/lwresutil.c

lib/liblwres/man/Makefile.in

lib/liblwres/man/lwres.docbook

lib/liblwres/man/lwres_buffer.docbook

lib/liblwres/man/lwres_config.docbook

lib/liblwres/man/lwres_context.docbook

lib/liblwres/man/lwres_gabn.docbook

lib/liblwres/man/lwres_gai_strerror.docbook

lib/liblwres/man/lwres_getaddrinfo.docbook

lib/liblwres/man/lwres_gethostent.docbook

lib/liblwres/man/lwres_getipnode.docbook

lib/liblwres/man/lwres_getnameinfo.docbook

lib/liblwres/man/lwres_getrrsetbyname.docbook

lib/liblwres/man/lwres_gnba.docbook

lib/liblwres/man/lwres_hstrerror.docbook

lib/liblwres/man/lwres_inetntop.docbook

lib/liblwres/man/lwres_noop.docbook

lib/liblwres/man/lwres_packet.docbook

lib/liblwres/man/lwres_resutil.docbook

lib/liblwres/unix/include/lwres/net.h

lib/liblwres/version.c

lib/libopenswan/Makefile

lib/libopenswan/pfkey_print.c

lib/libopenswan/sanitizestring.c

linux/Documentation/Configure.help.fs2_0.patch

linux/Documentation/Configure.help.fs2_2.patch

linux/Documentation/Configure.help.fs2_4.patch

linux/Makefile

linux/include/crypto/des.h

linux/include/openswan.h

linux/include/pfkey.h

linux/include/pfkeyv2.h

linux/lib/libfreeswan/Makefile.objs

linux/net/Config.in.fs2_0.patch

linux/net/Config.in.fs2_2.patch

linux/net/Config.in.fs2_4.patch

linux/net/Makefile.fs2_0.patch

linux/net/Makefile.fs2_2.patch

linux/net/Makefile.fs2_4.patch

linux/net/ipsec/Config.in

linux/net/ipsec/defconfig

linux/net/ipsec/ipcomp.c

linux/net/ipsec/ipsec_ah.c

linux/net/ipsec/ipsec_esp.c

linux/net/ipsec/ipsec_init.c

linux/net/ipsec/ipsec_ipcomp.c

linux/net/ipsec/ipsec_ipip.c

linux/net/ipsec/ipsec_life.c

linux/net/ipsec/ipsec_mast.c

linux/net/ipsec/ipsec_md5c.c

linux/net/ipsec/ipsec_proc.c

linux/net/ipsec/ipsec_radij.c

linux/net/ipsec/ipsec_rcv.c

linux/net/ipsec/ipsec_sa.c

linux/net/ipsec/ipsec_sha1.c

linux/net/ipsec/ipsec_tunnel.c

linux/net/ipsec/ipsec_xform.c

linux/net/ipsec/ipsec_xmit.c

linux/net/ipsec/pfkey_v2.c

linux/net/ipsec/pfkey_v2_ext_process.c

linux/net/ipsec/pfkey_v2_parser.c

linux/net/ipsec/radij.c

linux/net/ipsec/sysctl_net_ipsec.c

linux/net/ipv4/af_inet.c.fs2_0.patch

linux/net/ipv4/af_inet.c.fs2_2.patch

linux/net/ipv4/af_inet.c.fs2_4.patch

nat-t/include/net/sock.h.fs2_2.patch

nat-t/include/net/sock.h.fs2_4.patch

nat-t/net/ipv4/udp.c.fs2_2.patch

nat-t/net/ipv4/udp.c.fs2_4.patch

packaging/ipkg/generate-ipkg

packaging/linus/config-all.h

packaging/makefiles/module.make

packaging/redhat/Makefile

packaging/redhat/openswan.26spec *

packaging/redhat/rpm.in

packaging/utils/errcheck

packaging/utils/kernelpatch

programs/Makefile

programs/Makefile.program

programs/_confread/Makefile

programs/_confread/_confread.in

programs/_confread/ipsec.conf.5

programs/_confread/ipsec.conf.in

programs/_copyright/Makefile

programs/_copyright/_copyright.c

programs/_include/Makefile

programs/_keycensor/Makefile

programs/_plutoload/Makefile

programs/_plutorun/Makefile

programs/_plutorun/_plutorun.in

programs/_realsetup/Makefile

programs/_realsetup/_realsetup.in

programs/_secretcensor/Makefile

programs/_startklips/Makefile

programs/_startklips/_startklips.in

programs/_updown/Makefile

programs/_updown/_updown.ip2.in

programs/_updown_x509/Makefile

programs/auto/Makefile

programs/auto/auto.in

programs/barf/Makefile

programs/barf/barf.8

programs/barf/barf.in

programs/calcgoo/Makefile

programs/eroute/Makefile

programs/eroute/eroute.c

programs/examples/Makefile

programs/examples/no_oe.conf.in

programs/ikeping/Makefile

programs/ikeping/ikeping.c

programs/ipsec/Makefile

programs/ipsec/ipsec.in

programs/klipsdebug/Makefile

programs/klipsdebug/klipsdebug.c

programs/look/Makefile

programs/lwdnsq/Makefile

programs/lwdnsq/lookup.c

programs/lwdnsq/lwdnsq.c

programs/lwdnsq/lwdnsq.xml.in

programs/mailkey/Makefile

programs/manual/Makefile

programs/manual/manual.in

programs/newhostkey/Makefile

programs/pf_key/Makefile

programs/pf_key/pf_key.c

programs/pluto/Makefile

programs/pluto/ac.c

programs/pluto/ac.h

programs/pluto/adns.c

programs/pluto/asn1.c

programs/pluto/asn1.h

programs/pluto/certs.c

programs/pluto/certs.h

programs/pluto/connections.c

programs/pluto/connections.h

programs/pluto/cookie.c

programs/pluto/cookie.h

programs/pluto/crypto.c

programs/pluto/crypto.h

programs/pluto/defs.c

programs/pluto/defs.h

programs/pluto/demux.c

programs/pluto/demux.h

programs/pluto/dnskey.c

programs/pluto/fetch.c

programs/pluto/fetch.h

programs/pluto/foodgroups.c

programs/pluto/gcryptfix.c

programs/pluto/id.c

programs/pluto/ipsec_doi.c

programs/pluto/ipsec_doi.h

programs/pluto/kernel.c

programs/pluto/kernel.h

programs/pluto/kernel_netlink.c

programs/pluto/kernel_noklips.c

programs/pluto/kernel_pfkey.c

programs/pluto/keys.c

programs/pluto/keys.h

programs/pluto/lex.c

programs/pluto/lex.h

programs/pluto/log.c

programs/pluto/log.h

programs/pluto/md5.c

programs/pluto/md5.h

programs/pluto/nat_traversal.c

programs/pluto/nat_traversal.h

programs/pluto/oid.c

programs/pluto/oid.h

programs/pluto/oid.pl

programs/pluto/oid.txt

programs/pluto/paths.h

programs/pluto/pem.c

programs/pluto/pem.h

programs/pluto/pgp.c

programs/pluto/pgp.h

programs/pluto/pkcs.c

programs/pluto/pkcs.h

programs/pluto/pluto.8

programs/pluto/plutomain.c

programs/pluto/quirks.h

programs/pluto/rcv_info.c

programs/pluto/rcv_info.h

programs/pluto/rcv_whack.c

programs/pluto/rnd.c

programs/pluto/server.c

programs/pluto/server.h

programs/pluto/sha1.c

programs/pluto/sha1.h

programs/pluto/smartcard.c

programs/pluto/smartcard.h

programs/pluto/spdb.c

programs/pluto/spdb.h

programs/pluto/state.c

programs/pluto/state.h

programs/pluto/timer.c

programs/pluto/timer.h

programs/pluto/vendor.c

programs/pluto/vendor.h

programs/pluto/virtual.c

programs/pluto/virtual.h

programs/pluto/whack.c

programs/pluto/whack.h

programs/pluto/x509.c

programs/pluto/x509.h

programs/pluto/xauth.c

programs/pluto/xauth.h

programs/proc/Makefile

programs/ranbits/Makefile

programs/ranbits/ranbits.c

programs/rsasigkey/Makefile

programs/rsasigkey/rsasigkey.c

programs/secrets/Makefile

programs/send-pr/Makefile

programs/setup/Makefile

programs/setup/setup.in

programs/showdefaults/Makefile

programs/showhostkey/Makefile

programs/showhostkey/showhostkey.in

programs/showpolicy/Makefile

programs/showpolicy/showpolicy.c

programs/spi/Makefile

programs/spi/spi.c

programs/spigrp/Makefile

programs/spigrp/spigrp.c

programs/tncfg/Makefile

programs/tncfg/tncfg.c

programs/verify/Makefile

programs/verify/verify.in

testing/CA/cacert.pem

testing/CA/east.uml.freeswan.org/east.uml.freeswan.org.cert

testing/CA/index.txt

testing/CA/north.uml.freeswan.org/north.uml.freeswan.org.cert

testing/CA/openssl.cnf

testing/CA/serial

testing/CA/west.uml.freeswan.org/west.uml.freeswan.org.cert

testing/Makefile

testing/baseconfigs/all/etc/ipsec.d/certs/east.uml.freeswan.org.cert

testing/baseconfigs/all/etc/ipsec.d/certs/north.uml.freeswan.org.cert

testing/baseconfigs/all/etc/ipsec.d/certs/west.uml.freeswan.org.cert

testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common

testing/baseconfigs/east/etc/ipsec.conf

testing/baseconfigs/east/etc/ipsec.d/passwd

testing/baseconfigs/east/etc/ipsec.d/private/east.req

testing/baseconfigs/genx509keys.sh

testing/baseconfigs/net.nic.sh

testing/baseconfigs/net.west.sh

testing/baseconfigs/nic/etc/network/interfaces

testing/baseconfigs/north/etc/ipsec.conf

testing/baseconfigs/north/etc/ipsec.secrets

testing/baseconfigs/road/etc/ipsec.conf

testing/baseconfigs/west/etc/ipsec.conf

testing/baseconfigs/west/etc/ipsec.d/private/west.req

testing/baseconfigs/west/etc/network/interfaces

testing/dnssec/Makefile

testing/dnssec/TESTLIST

testing/dnssec/setup.sh

testing/kernelconfigs/umlmodule.config

testing/kernelconfigs/umlplain.config

testing/kernelconfigs/umlswan.config

testing/klips/Makefile

testing/klips/TESTLIST

testing/klips/ah-esp-01/east-console.txt

testing/klips/ah-esp-01/west-console.txt

testing/klips/east-ah-icmp-01/ah1-console.txt

testing/klips/east-ah-icmp-01/ah1-output.txt

testing/klips/east-ah-icmp-01/testparams.sh

testing/klips/east-ah-icmp-02/ah2-console.txt

testing/klips/east-ah-icmp-02/ah2-output.txt

testing/klips/east-ah-icmp-02/testparams.sh

testing/klips/east-drop-01/spi1-console.txt

testing/klips/east-drop-02/spi1-console.txt

testing/klips/east-drop-02/spi1-output.txt

testing/klips/east-drop-02/testparams.sh

testing/klips/east-espiv-01/examineIV.pl

testing/klips/east-espiv-01/spi1-console.txt

testing/klips/east-hold-01/spi1-console.txt

testing/klips/east-hold-02/spi1-console.txt

testing/klips/east-hold-02/spi1-output.txt

testing/klips/east-hold-02/testparams.sh

testing/klips/east-icmp-01/spi1-console.txt

testing/klips/east-icmp-01/spi1-output.txt

testing/klips/east-icmp-01/testparams.sh

testing/klips/east-icmp-02/spi1-console.txt

testing/klips/east-icmp-03/spi1-console.txt

testing/klips/east-icmp-04/spi1-console.txt

testing/klips/east-icmp-04/spi1-output.txt

testing/klips/east-icmp-04/testparams.sh

testing/klips/east-lifetime-02/test-02-console.txt

testing/klips/east-lifetime-02/testparams.sh

testing/klips/east-lifetime-03/spi1-output.txt

testing/klips/east-lifetime-03/test-03-console.txt

testing/klips/east-lifetime-03/testparams.sh

testing/klips/east-none-01/spi1-console.txt

testing/klips/east-none-02/spi1-console.txt

testing/klips/east-none-02/spi1-output.txt

testing/klips/east-none-02/testparams.sh

testing/klips/east-pass-01/spi1-console.txt

testing/klips/east-pass-02/spi1-console.txt

testing/klips/east-pass-02/spi1-output.txt

testing/klips/east-pass-02/testparams.sh

testing/klips/east-reject-01/icmp-output.txt

testing/klips/east-reject-01/spi1-console.txt

testing/klips/east-reject-01/testparams.sh

testing/klips/east-reject-02/spi1-console.txt

testing/klips/east-reject-02/spi1-output.txt

testing/klips/east-reject-02/testparams.sh

testing/klips/east-saref-pfkey-01/spi1-console.txt

testing/klips/east-trap-01/spi1-console.txt

testing/klips/east-trap-01/spi1.sh

testing/klips/east-trap-01/testparams.sh

testing/klips/east-trap-02/spi1-console.txt

testing/klips/east-trap-02/spi1-output.txt

testing/klips/east-trap-02/testparams.sh

testing/klips/east-trapsubnet-01/spi1-console.txt

testing/klips/east-trapsubnet-02/spi1-console.txt

testing/klips/east-trapsubnet-02/spi1-output.txt

testing/klips/east-trapsubnet-02/testparams.sh

testing/klips/fixups/ipsec-look-esp-sanitize.pl

testing/klips/fixups/kern-list-fixups.sed

testing/klips/fixups/wilog.sed

testing/klips/outputs/publicnet-west-east-ping.txt

testing/klips/proc-fs-01/examine-proc.txt

testing/klips/proc-fs-02/examine-proc.txt

testing/klips/proc-fs-03/proc-birth-console.txt

testing/klips/saref-alloc-01/saref-console.txt

testing/klips/setup.sh

testing/klips/west-ah-icmp-01/ah1-console.txt

testing/klips/west-ah-icmp-02/ah2-console.txt

testing/klips/west-bigicmp-01/spi1-cleartext.txt

testing/klips/west-bigicmp-01/spi1-console.txt

testing/klips/west-bigicmp-01/testparams.sh

testing/klips/west-drop-02/spi1-console.txt

testing/klips/west-esp-short-01/spi1-console.txt

testing/klips/west-esp-short-02/spi1-console.txt

testing/klips/west-hold-02/spi1-console.txt

testing/klips/west-icmp-01/spi1-cleartext.txt

testing/klips/west-icmp-01/spi1-console.txt

testing/klips/west-icmp-01/testparams.sh

testing/klips/west-icmp-02/spi1-console.txt

testing/klips/west-icmp-02/spi1-once.txt

testing/klips/west-icmp-02/testparams.sh

testing/klips/west-icmp-03/spi1-console.txt

testing/klips/west-icmp-04/spi1-cleartext.txt

testing/klips/west-icmp-04/spi1-console.txt

testing/klips/west-icmp-04/testparams.sh

testing/klips/west-none-02/spi1-console.txt

testing/klips/west-pass-02/spi1-console.txt

testing/klips/west-pass-02/spi1-output.txt

testing/klips/west-pass-02/testparams.sh

testing/klips/west-rcv-nfmark-set-01/spi1-console.txt

testing/klips/west-rcv-nfmark-set-02/testparams.sh

testing/klips/west-reject-02/icmp-output.txt

testing/klips/west-reject-02/spi1-console.txt

testing/klips/west-reject-02/testparams.sh

testing/klips/west-trap-02/spi1-console.txt

testing/klips/west-trapsubnet-02/spi1-console.txt

testing/lib/Makefile

testing/packaging/Makefile

testing/packaging/TESTLIST

testing/packaging/basic-docmake-01/make_doc_output.txt

testing/packaging/basic-install-01/find-f-l.txt

testing/packaging/basic-uninstall-01/justconf.txt

testing/packaging/fixups/nukeversion.pl

testing/packaging/kernpatch-two-four-01/linus_two_four.txt

testing/packaging/kernpatch-two-oh-01/linus_two_oh.txt

testing/packaging/kernpatch-two-two-01/linus_two_two.txt

testing/packaging/overwrite-install-01/find-f-l.txt

testing/packaging/setup.sh

testing/packaging/xisp-install-01/find-f-l.txt

testing/pluto/Makefile

testing/pluto/TESTLIST

testing/pluto/bad-updown-01/east-console.txt

testing/pluto/bad-updown-01/west-console.txt

testing/pluto/basic-pluto-01/east-console.txt

testing/pluto/basic-pluto-01/eastinit.sh

testing/pluto/basic-pluto-01/final.sh

testing/pluto/basic-pluto-01/testparams.sh

testing/pluto/basic-pluto-01/west-console.txt

testing/pluto/basic-pluto-01/westinit.sh

testing/pluto/basic-pluto-01/westrun.sh

testing/pluto/basic-pluto-02/east-console.txt

testing/pluto/basic-pluto-02/testparams.sh

testing/pluto/basic-pluto-02/west-console.txt

testing/pluto/bin/CONFIG

testing/pluto/bin/doauto

testing/pluto/bin/dopluto

testing/pluto/bin/eastlocal.sh

testing/pluto/bin/northlocal.sh

testing/pluto/co-terminal-01/gwd-console.txt

testing/pluto/co-terminal-01/mrcharlie-console.txt

testing/pluto/co-terminal-01/rw-console.txt

testing/pluto/co-terminal-02/east-console.txt

testing/pluto/co-terminal-02/japan-console.txt

testing/pluto/co-terminal-02/nic-init.sh

testing/pluto/co-terminal-02/wavesec-console.txt

testing/pluto/co-terminal-02/wavesec-init.sh

testing/pluto/co-terminal-02/wavesec.conf

testing/pluto/co-terminal-03/east-console.txt

testing/pluto/co-terminal-03/japan-console.txt

testing/pluto/co-terminal-03/wavesec-console.txt

testing/pluto/co-terminal-04/east-console.txt

testing/pluto/co-terminal-04/japan-console.txt

testing/pluto/co-terminal-04/wavesec-console.txt

testing/pluto/delete-sa-01/east-console.txt

testing/pluto/delete-sa-01/west-console.txt

testing/pluto/food-groups-bug-01/east-console.txt

testing/pluto/food-groups-bug-01/west-console.txt

testing/pluto/food-groups-clear-01/east-console.txt

testing/pluto/food-groups-clear-01/publicnet-east-sunset-ping.txt

testing/pluto/food-groups-clear-01/testparams.sh

testing/pluto/food-groups-clear-01/west-console.txt

testing/pluto/food-groups-clear-01/westnet-east-sunset-ping.txt

testing/pluto/food-groups-clear-02/east-console.txt

testing/pluto/food-groups-clear-02/west-console.txt

testing/pluto/food-groups-clear-or-oe-01/east-console.txt

testing/pluto/food-groups-clear-or-oe-01/east.conf

testing/pluto/food-groups-clear-or-oe-01/west-console.txt

testing/pluto/food-groups-clear-or-oe-02/east-console.txt

testing/pluto/food-groups-clear-or-oe-02/west-console.txt

testing/pluto/food-groups-never-01/description.txt

testing/pluto/food-groups-never-01/east-console.txt

testing/pluto/food-groups-never-01/eastinit.sh

testing/pluto/food-groups-never-01/testparams.sh

testing/pluto/food-groups-never-01/west-console.txt

testing/pluto/food-groups-never-01/westinit.sh

testing/pluto/food-groups-never-02/east-console.txt

testing/pluto/food-groups-never-02/west-console.txt

testing/pluto/food-groups-oe-or-clear-01/east-console.txt

testing/pluto/food-groups-oe-or-clear-01/testparams.sh

testing/pluto/food-groups-oe-or-clear-01/west-console.txt

testing/pluto/food-groups-oe-or-clear-01/westnet-ping.txt

testing/pluto/food-groups-oe-or-clear-02/east-console.txt

testing/pluto/food-groups-oe-or-clear-02/west-console.txt

testing/pluto/food-groups-oe-or-die-01/east-console.txt

testing/pluto/food-groups-oe-or-die-01/testparams.sh

testing/pluto/food-groups-oe-or-die-01/west-console.txt

testing/pluto/food-groups-oe-or-die-01/westnet-ping.txt

testing/pluto/food-groups-oe-or-die-02/east-console.txt

testing/pluto/food-groups-oe-or-die-02/west-console.txt

testing/pluto/log.ref/block-pl/wi-log

testing/pluto/log.ref/clear/wi-log

testing/pluto/log.ref/ipsec-dnsrsa-c/wi-log

testing/pluto/log.ref/ipsec-dnsrsa-co/wi-log

testing/pluto/log.ref/ipsec-dnsrsa-delete/wi-log

testing/pluto/log.ref/ipsec-dnsrsa-rw/wi-log

testing/pluto/log.ref/ipsec-dnsrsa/wi-log

testing/pluto/log.ref/ipsec-oppo-group/wi-log

testing/pluto/log.ref/ipsec-oppo-miss/wi-log

testing/pluto/log.ref/ipsec-oppo-narrow/wi-log

testing/pluto/log.ref/ipsec-oppo-seq/wi-log

testing/pluto/log.ref/ipsec-oppo-twice/wi-log

testing/pluto/log.ref/ipsec-oppo/wi-log

testing/pluto/log.ref/ipsec-psk-id-rw/wi-log

testing/pluto/log.ref/ipsec-psk-rw/wi-log

testing/pluto/log.ref/ipsec-psk/wi-log

testing/pluto/log.ref/ipsec-rsa-c/wi-log

testing/pluto/log.ref/ipsec-rsa-co/wi-log

testing/pluto/log.ref/ipsec-rsa-delete/wi-log

testing/pluto/log.ref/ipsec-rsa-rw/wi-log

testing/pluto/log.ref/ipsec-rsa-time-neg-dontrekey/wi-log

testing/pluto/log.ref/ipsec-rsa-time-neg/wi-log

testing/pluto/log.ref/ipsec-rsa-time-trunc-dontrekey/wi-log

testing/pluto/log.ref/ipsec-rsa-time-trunc/wi-log

testing/pluto/log.ref/ipsec-rsa/wi-log

testing/pluto/log.ref/isakmp-dnsrsa-case/wi-log

testing/pluto/log.ref/isakmp-dnsrsa-dot/wi-log

testing/pluto/log.ref/isakmp-dnsrsa/wi-log

testing/pluto/log.ref/isakmp-psk/wi-log

testing/pluto/log.ref/isakmp-rsa-case/wi-log

testing/pluto/log.ref/isakmp-rsa-dot/wi-log

testing/pluto/log.ref/isakmp-rsa-myid/wi-log

testing/pluto/log.ref/isakmp-rsa/wi-log

testing/pluto/log.ref/oe/wi-log

testing/pluto/log.ref/regr-oppo-narrow/wi-log

testing/pluto/log.ref/regr-shunt-oppo/wi-log

testing/pluto/log.ref/regr-template-32-32/wi-log

testing/pluto/log.ref/reject-pl/wi-log

testing/pluto/myid-road-01/east-console.txt

testing/pluto/myid-road-01/road-console.txt

testing/pluto/myid-road-01/road.conf

testing/pluto/myid-road-02/east-console.txt

testing/pluto/myid-road-02/road-console.txt

testing/pluto/myid-road-02/road.conf

testing/pluto/myid-road-03/east-console.txt

testing/pluto/myid-road-03/road-console.txt

testing/pluto/myid-road-03/road.conf

testing/pluto/myid-road-04/east-console.txt

testing/pluto/myid-road-04/road-console.txt

testing/pluto/myid-road-04/road.conf

testing/pluto/myid-road-05/east-console.txt

testing/pluto/myid-road-05/road-console.txt

testing/pluto/myid-road-05/road.conf

testing/pluto/myid-road-06/east-console.txt

testing/pluto/myid-road-06/road-console.txt

testing/pluto/myid-road-06/road.conf

testing/pluto/nat-oe-03/east-console.txt

testing/pluto/nat-oe-03/east.conf

testing/pluto/nat-oe-03/road-console.txt

testing/pluto/nat-oe-03/road.conf

testing/pluto/nat-pluto-01/east-console.txt

testing/pluto/nat-pluto-01/east.conf

testing/pluto/nat-pluto-01/north-console.txt

testing/pluto/nat-pluto-01/north.conf

testing/pluto/nat-pluto-01/northrun.sh

testing/pluto/nat-pluto-02/east-console.txt

testing/pluto/nat-pluto-02/east.conf

testing/pluto/nat-pluto-02/road-console.txt

testing/pluto/nat-pluto-02/road.conf

testing/pluto/oe-fail-without-private-key-01/east-console-txtrr.txt

testing/pluto/oe-fail-without-private-key-01/east-console.txt

testing/pluto/oe-fail-without-resp-client-txt-01/east-console.txt

testing/pluto/oe-fail-without-resp-client-txt-01/west-console.txt

testing/pluto/oe-flood-deadlock-01/east-console.txt

testing/pluto/oe-road-01/description.txt

testing/pluto/oe-road-01/east-console.txt

testing/pluto/oe-road-01/road-console.txt

testing/pluto/oe-road-01/roadfinal.sh

testing/pluto/oe-road-01/roadinit.sh

testing/pluto/oe-road-02/east-console.txt

testing/pluto/oe-road-02/road-console.txt

testing/pluto/oe-road-02/road.conf

testing/pluto/oe-road-02/roadinit.sh

testing/pluto/oe-road-03/east-console.txt

testing/pluto/oe-road-03/road-console.txt

testing/pluto/oe-road-03/road.conf

testing/pluto/oe-road-04/east-console.txt

testing/pluto/oe-road-04/road-console.txt

testing/pluto/oe-road-04/road.conf

testing/pluto/oe-snat-01/west-console.txt

testing/pluto/pluto-dontreky-expiry-01/east-console.txt

testing/pluto/pluto-dontreky-expiry-01/pluto_unit_tests.sh

testing/pluto/pluto-ipcmp-01/east-console.txt

testing/pluto/pluto-ipcmp-01/testparams.sh

testing/pluto/pluto-ipcmp-01/west-console.txt

testing/pluto/pluto-ipcmp-01/westinit.sh

testing/pluto/pluto-rekey-01/east-console.txt

testing/pluto/pluto-rekey-01/road-console.txt

testing/pluto/pluto-unit-01/east-console.txt

testing/pluto/policy-01/east-console.txt

testing/pluto/policy-01/road-console.txt

testing/pluto/setup.sh

testing/pluto/vpn-dns-01/east-console.txt

testing/pluto/x509-pluto-01/east-console.txt

testing/pluto/x509-pluto-01/eastinit.sh

testing/pluto/x509-pluto-01/testparams.sh

testing/pluto/x509-pluto-01/west-console.txt

testing/pluto/xauth-pluto-03/description.txt

testing/pluto/xauth-pluto-03/east-console.txt

testing/pluto/xauth-pluto-03/east.conf

testing/pluto/xauth-pluto-03/road-console.txt

testing/pluto/xauth-pluto-03/road.conf

testing/pluto/xauth-pluto-03/testparams.sh

testing/pluto/xauth-pluto-03/west-console.txt

testing/scripts/Makefile

testing/scripts/barf-01/east-console.txt

testing/scripts/barf-02/east-console.txt

testing/scripts/ipsec.conf-alsoflip-01/east-console.txt

testing/scripts/ipsec.conf-alsoflip-01/testparams.sh

testing/scripts/ipsec.conf-myid-01/east-console.txt

testing/scripts/ipsec.conf-restart-01/east-console.txt

testing/scripts/ipsec.conf-restart-01/testparams.sh

testing/scripts/setup.sh

testing/utils/2host-test.tcl

testing/utils/Makefile

testing/utils/Xhost-test.tcl

testing/utils/bootuml.sh

testing/utils/freeswan-regress-env-sample.sh

testing/utils/functions.sh

testing/utils/host-test.tcl

testing/utils/ikeping/Makefile

testing/utils/kill-uml.sh

testing/utils/localswitches.sh

testing/utils/localswitches.tcl

testing/utils/make-uml.sh

testing/utils/netjig.tcl

testing/utils/regress-stage2.sh

testing/utils/regress-summarize-results.pl

testing/utils/runme.sh

testing/utils/start-all-umls.sh

testing/utils/uml-functions.sh

testing/utils/uml_netjig/Makefile

testing/utils/umlsetup-sample.sh

Show diffs side-by-side

added added

removed removed

programs/spi/spi.c

* for more details.

char spi_c_version[] = "RCSID $Id: spi.c,v 1.101 2003/12/05 16:44:19 mcr Exp $";

char spi_c_version[] = "RCSID $Id: spi.c,v 1.106 2004/04/29 04:08:28 mcr Exp $";

#include <asm/types.h>

#include <sys/types.h>

#include <ctype.h>

#include <stdio.h>

#include <stdlib.h>

#include <freeswan.h>

#include <openswan.h>

#if 0

#include <linux/autoconf.h> /* CONFIG_IPSEC_PFKEYv2 */

#endif

#include <pfkeyv2.h>

#include <pfkey.h>

#include "freeswan/radij.h"

#include "freeswan/ipsec_encap.h"

#include "freeswan/ipsec_xform.h"

#include "freeswan/ipsec_ipe4.h"

#include "freeswan/ipsec_ah.h"

#include "freeswan/ipsec_esp.h"

#include "freeswan/ipsec_sa.h" /* IPSEC_SAREF_NULL */

#include "openswan/radij.h"

#include "openswan/ipsec_encap.h"

#include "openswan/ipsec_xform.h"

#include "openswan/ipsec_ipe4.h"

#include "openswan/ipsec_ah.h"

#include "openswan/ipsec_esp.h"

#include "openswan/ipsec_sa.h" /* IPSEC_SAREF_NULL */

#include "constants.h"

#include "oswlog.h"

#include "alg_info.h"

#include "kernel_alg.h"

struct encap_msghdr *em;

char *program_name;

* Manual conn support for ipsec_alg (modular algos).

* Rather ugly to include from pluto dir but avoids

* code duplication.

char *progname;

int debug = 0;

int saref = 0;

char *command;

int address_family = 0;

unsigned char proto = 0;

int alg = 0;

#ifdef KERNEL_ALG

* Manual connection support for modular algos (ipsec_alg) --Juanjo.

#define XF_OTHER_ALG (XF_CLR-1) /* define magic XF_ symbol for alg_info's */

#include <assert.h>

const char *alg_string = NULL; /* algorithm string */

struct alg_info_esp *alg_info = NULL; /* algorithm info got from string */

struct esp_info *esp_info = NULL; /* esp info from 1st (only) element */

const char *alg_err; /* auxiliar for parsing errors */

int proc_read_ok = 0; /* /proc/net/pf_key_support read ok */

#endif /* KERNEL_ALG */

int replay_window = 0;

char sa[SATOT_BUF];

100

107

131

spi --ip4 <SA> --src <encap-src> --dst <encap-dst>\n\

108

132

spi --ip6 <SA> --src <encap-src> --dst <encap-dst>\n\

109

133

spi --ah <algo> <SA> [<life> ][ --replay_window <replay_window> ] --authkey <key>\n\

110

where <algo> is one of: hmac-md5-96 | hmac-sha1-96\n\

134

where <algo> is one of: hmac-md5-96 | hmac-sha1-96 | something-loaded \n\

111

135

spi --esp <algo> <SA> [<life> ][ --replay_window <replay-window> ] --enckey <ekey> --authkey <akey>\n\

112

where <algo> is one of: 3des-md5-96 | 3des-sha1-96\n\

136

where <algo> is one of: 3des-md5-96 | 3des-sha1-96\n | something-loaded\

113

137

spi --esp <algo> <SA> [<life> ][ --replay_window <replay-window> ] --enckey <ekey>\n\

114

138

where <algo> is: 3des\n\

115

139

spi --comp <algo> <SA>\n\

150

174

} else {

151

175

fprintf(stderr,

152

176

"%s: missing lifetime severity in %s, optargt=0p%p, optargp=0p%p, sizeof(\"soft\")=%d\n",

153

program_name,

177

progname,

154

178

optargt,

155

179

optargt,

156

180

optargp,

157

181

(int)sizeof("soft"));

158

usage(program_name, stderr);

182

usage(progname, stderr);

159

183

return(1);

160

184

}

161

185

if(debug) {

162

186

fprintf(stdout,

163

187

"%s: debug: life_severity=%d, optargt=0p%p=\"%s\", optargp=0p%p=\"%s\", sizeof(\"soft\")=%d\n",

164

program_name,

188

progname,

165

189

life_severity,

166

190

optargt,

167

191

optargt,

172

196

if(*(optargp++) != '-') {

173

197

fprintf(stderr,

174

198

"%s: expected '-' after severity of lifetime parameter to --life option.\n",

175

program_name);

176

usage(program_name, stderr);

199

progname);

200

usage(progname, stderr);

177

201

return(1);

178

202

}

179

203

if(debug) {

180

204

fprintf(stdout,

181

205

"%s: debug: optargt=0p%p=\"%s\", optargp=0p%p=\"%s\", strlen(optargt)=%d, strlen(optargp)=%d, strncmp(optargp, \"addtime\", sizeof(\"addtime\")-1)=%d\n",

182

program_name,

206

progname,

183

207

optargt,

184

208

optargt,

185

209

optargp,

206

230

} else {

207

231

fprintf(stderr,

208

232

"%s: missing lifetime type after '-' in %s\n",

209

program_name,

233

progname,

210

234

optargt);

211

usage(program_name, stderr);

235

usage(progname, stderr);

212

236

return(1);

213

237

}

214

238

if(debug) {

215

239

fprintf(stdout,

216

240

"%s: debug: life_type=%d\n",

217

program_name,

241

progname,

218

242

life_type);

219

243

}

220

244

if(life_opt[life_severity][life_type] != NULL) {

221

245

fprintf(stderr,

222

246

"%s: Error, lifetime parameter redefined:%s, already defined as:0p%p\n",

223

program_name,

247

progname,

224

248

optargt,

225

249

life_opt[life_severity][life_type]);

226

250

return(1);

228

252

if(*(optargp++) != '=') {

229

253

fprintf(stderr,

230

254

"%s: expected '=' after type of lifetime parameter to --life option.\n",

231

program_name);

232

usage(program_name, stderr);

255

progname);

256

usage(progname, stderr);

233

257

return(1);

234

258

}

235

259

if(debug) {

236

260

fprintf(stdout,

237

261

"%s: debug: optargt=0p%p, optargt+strlen(optargt)=0p%p, optargp=0p%p, strlen(optargp)=%d\n",

238

program_name,

262

progname,

239

263

optargt,

240

264

optargt+strlen(optargt),

241

265

optargp,

244

268

if(strlen(optargp) == 0) {

245

269

fprintf(stderr,

246

270

"%s: expected value after '=' in --life option. optargt=0p%p, optargt+strlen(optargt)=0p%p, optargp=0p%p\n",

247

program_name,

271

progname,

248

272

optargt,

249

273

optargt+strlen(optargt),

250

274

optargp);

251

usage(program_name, stderr);

275

usage(progname, stderr);

252

276

return(1);

253

277

}

254

278

life[life_severity][life_type] = strtoul(optargp, &endptr, 0);

256

280

if(!((endptr == optargp + strlen(optargp)) || (endptr == optargp + strcspn(optargp, ", ")))) {

257

281

fprintf(stderr,

258

282

"%s: Invalid character='%c' at offset %d in lifetime option parameter: '%s', parameter string is %d characters long, %d valid value characters found.\n",

259

program_name,

283

progname,

260

284

*endptr,

261

285

(int)(endptr - optarg),

262

286

optarg,

267

291

life_opt[life_severity][life_type] = optargt;

268

292

if(debug) {

269

293

fprintf(stdout, "%s lifetime %s set to %d.\n",

270

program_name, optargt, life[life_severity][life_type]);

294

progname, optargt, life[life_severity][life_type]);

271

295

}

272

296

optargp=endptr+1;

273

297

} while(*endptr==',' || isspace(*endptr));

292

316

getpid());

293

317

if(error != 0) {

294

318

fprintf(stderr, "%s: Trouble building message header, error=%d.\n",

295

program_name, error);

319

progname, error);

296

320

pfkey_extensions_free(extensions);

297

321

return(1);

298

322

}

300

324

error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_IN);

301

325

if(error != 0) {

302

326

fprintf(stderr, "%s: Trouble building pfkey message, error=%d.\n",

303

program_name, error);

327

progname, error);

304

328

pfkey_extensions_free(extensions);

305

329

pfkey_msg_free(&pfkey_msg);

306

330

return(1);

311

335

/* cleanup code here */

312

336

if(wlen < 0)

313

337

fprintf(stderr, "%s: Trouble writing to channel PF_KEY: %s\n",

314

program_name,

338

progname,

315

339

strerror(errno));

316

340

else

317

341

fprintf(stderr, "%s: write to channel PF_KEY truncated.\n",

318

program_name);

342

progname);

319

343

pfkey_extensions_free(extensions);

320

344

pfkey_msg_free(&pfkey_msg);

321

345

return(1);

359

383

{0, 0, 0, 0}

360

384

};

361

385

386

387

int decode_esp(char *algname)

388

{

389

int esp_alg;

390

391

if(!strcmp(algname, "3des-md5-96")) {

392

esp_alg = XF_ESP3DESMD596;

393

} else if(!strcmp(algname, "3des-sha1-96")) {

394

esp_alg = XF_ESP3DESSHA196;

395

} else if(!strcmp(algname, "3des")) {

396

esp_alg = XF_ESP3DES;

397

#ifdef KERNEL_ALG

398

} else if((alg_info=alg_info_esp_create_from_str(algname, &alg_err, FALSE))) {

399

int esp_ealg_id, esp_aalg_id;

400

401

esp_alg = XF_OTHER_ALG;

402

if (alg_info->alg_info_cnt>1) {

403

fprintf(stderr, "%s: Invalid encryption algorithm '%s' "

404

"follows '--esp' option: lead too many(%d) "

405

"transforms\n",

406

progname, algname, alg_info->alg_info_cnt);

407

exit(1);

408

}

409

alg_string=algname;

410

esp_info=&alg_info->esp[0];

411

if (debug) {

412

fprintf(stdout, "%s: alg_info: cnt=%d ealg[0]=%d aalg[0]=%d\n",

413

progname,

414

alg_info->alg_info_cnt,

415

esp_info->encryptalg,

416

esp_info->authalg);

417

}

418

esp_ealg_id=esp_info->esp_ealg_id;

419

esp_aalg_id=esp_info->esp_aalg_id;

420

if (kernel_alg_proc_read()==0) {

421

err_t ugh;

422

423

proc_read_ok++;

424

425

ugh = kernel_alg_esp_enc_ok(esp_ealg_id, 0, 0);

426

if (ugh != NULL)

427

{

428

fprintf(stderr, "%s: ESP encryptalg=%d (\"%s\") "

429

"not present - %s\n",

430

progname,

431

esp_ealg_id,

432

enum_name(&esp_transformid_names, esp_ealg_id),

433

ugh);

434

exit(1);

435

}

436

437

ugh = kernel_alg_esp_auth_ok(esp_aalg_id, 0);

438

if (ugh != NULL)

439

{

440

fprintf(stderr, "%s: ESP authalg=%d (\"%s\") - %s "

441

"not present\n",

442

progname, esp_aalg_id,

443

enum_name(&auth_alg_names, esp_aalg_id), ugh);

444

exit(1);

445

}

446

}

447

#endif /* KERNEL_ALG */

448

} else {

449

fprintf(stderr, "%s: Invalid encryption algorithm '%s' follows '--esp' option.\n",

450

progname, algname);

451

exit(1);

452

}

453

return esp_alg;

454

}

455

456

457

362

458

int

363

459

main(int argc, char *argv[])

364

460

{

390

486

uint32_t life[life_maxsever][life_maxtype];

391

487

char *life_opt[life_maxsever][life_maxtype];

392

488

393

program_name = argv[0];

489

progname = argv[0];

394

490

mypid = getpid();

395

491

492

tool_init_log();

493

396

494

memset(&said, 0, sizeof(said));

397

495

iv_opt = akey_opt = ekey_opt = alg_opt = edst_opt = spi_opt = proto_opt = af_opt = said_opt = dst_opt = src_opt = NULL;

398

496

{

410

508

case 'g':

411

509

debug = 1;

412

510

pfkey_lib_debug = PF_KEY_DEBUG_PARSE_MAX;

511

cur_debugging = 0xffffffff;

413

512

argcount--;

414

513

break;

415

514

424

523

break;

425

524

426

525

case 'l':

427

program_name = malloc(strlen(argv[0])

526

progname = malloc(strlen(argv[0])

428

527

+ 10 /* update this when changing the sprintf() */

429

528

+ strlen(optarg));

430

sprintf(program_name, "%s --label %s",

529

sprintf(progname, "%s --label %s",

431

530

argv[0],

432

531

optarg);

532

tool_close_log();

533

tool_init_log();

534

433

535

argcount -= 2;

434

536

break;

435

537

case 'H':

436

538

if(alg) {

437

539

fprintf(stderr, "%s: Only one of '--ah', '--esp', '--comp', '--ip4', '--ip6', '--del' or '--clear' options permitted.\n",

438

program_name);

540

progname);

439

541

exit(1);

440

542

}

441

if (!strcmp(optarg, "hmac-md5-96")) {

543

if(!strcmp(optarg, "hmac-md5-96")) {

442

544

alg = XF_AHHMACMD5;

443

545

} else if(!strcmp(optarg, "hmac-sha1-96")) {

444

546

alg = XF_AHHMACSHA1;

445

547

} else {

446

548

fprintf(stderr, "%s: Unknown authentication algorithm '%s' follows '--ah' option.\n",

447

program_name, optarg);

549

progname, optarg);

448

550

exit(1);

449

551

}

450

552

if(debug) {

451

553

fprintf(stdout, "%s: Algorithm %d selected.\n",

452

program_name,

554

progname,

453

555

alg);

454

556

}

455

557

alg_opt = optarg;

457

559

case 'P':

458

560

if(alg) {

459

561

fprintf(stderr, "%s: Only one of '--ah', '--esp', '--comp', '--ip4', '--ip6', '--del' or '--clear' options permitted.\n",

460

program_name);

461

exit(1);

462

}

463

if (!strcmp(optarg, "3des-md5-96")) {

464

alg = XF_ESP3DESMD596;

465

} else if(!strcmp(optarg, "3des-sha1-96")) {

466

alg = XF_ESP3DESSHA196;

467

} else if(!strcmp(optarg, "3des")) {

468

alg = XF_ESP3DES;

469

} else {

470

fprintf(stderr, "%s: Invalid encryption algorithm '%s' follows '--esp' option.\n",

471

program_name, optarg);

472

exit(1);

473

}

562

progname);

563

exit(1);

564

}

565

566

alg = decode_esp(optarg);

567

474

568

if(debug) {

475

569

fprintf(stdout, "%s: Algorithm %d selected.\n",

476

program_name,

570

progname,

477

571

alg);

478

572

}

479

573

alg_opt = optarg;

481

575

case 'Z':

482

576

if(alg) {

483

577

fprintf(stderr, "%s: Only one of '--ah', '--esp', '--comp', '--ip4', '--ip6', '--del' or '--clear' options permitted.\n",

484

program_name);

578

progname);

485

579

exit(1);

486

580

}

487

581

if (!strcmp(optarg, "deflate")) {

488

582

alg = XF_COMPDEFLATE;

489

583

} else {

490

584

fprintf(stderr, "%s: Unknown compression algorithm '%s' follows '--comp' option.\n",

491

program_name, optarg);

585

progname, optarg);

492

586

exit(1);

493

587

}

494

588

if(debug) {

495

589

fprintf(stdout, "%s: Algorithm %d selected.\n",

496

program_name,

590

progname,

497

591

alg);

498

592

}

499

593

alg_opt = optarg;

501

595

case '4':

502

596

if(alg) {

503

597

fprintf(stderr, "%s: Only one of '--ah', '--esp', '--comp', '--ip4', '--ip6', '--del' or '--clear' options permitted.\n",

504

program_name);

598

progname);

505

599

exit(1);

506

600

}

507

601

alg = XF_IP4;

508

602

address_family = AF_INET;

509

603

if(debug) {

510

604

fprintf(stdout, "%s: Algorithm %d selected.\n",

511

program_name,

605

progname,

512

606

alg);

513

607

}

514

608

alg_opt = optarg;

516

610

case '6':

517

611

if(alg) {

518

612

fprintf(stderr, "%s: Only one of '--ah', '--esp', '--comp', '--ip4', '--ip6', '--del' or '--clear' options permitted.\n",

519

program_name);

613

progname);

520

614

exit(1);

521

615

}

522

616

alg = XF_IP6;

523

617

address_family = AF_INET6;

524

618

if(debug) {

525

619

fprintf(stdout, "%s: Algorithm %d selected.\n",

526

program_name,

620

progname,

527

621

alg);

528

622

}

529

623

alg_opt = optarg;

531

625

case 'd':

532

626

if(alg) {

533

627

fprintf(stderr, "%s: Only one of '--ah', '--esp', '--comp', '--ip4', '--ip6', '--del' or '--clear' options permitted.\n",

534

program_name);

628

progname);

535

629

exit(1);

536

630

}

537

631

alg = XF_DEL;

538

632

if(debug) {

539

633

fprintf(stdout, "%s: Algorithm %d selected.\n",

540

program_name,

634

progname,

541

635

alg);

542

636

}

543

637

alg_opt = optarg;

545

639

case 'c':

546

640

if(alg) {

547

641

fprintf(stderr, "%s: Only one of '--ah', '--esp', '--comp', '--ip4', '--ip6', '--del' or '--clear' options permitted.\n",

548

program_name);

642

progname);

549

643

exit(1);

550

644

}

551

645

alg = XF_CLR;

552

646

if(debug) {

553

647

fprintf(stdout, "%s: Algorithm %d selected.\n",

554

program_name,

648

progname,

555

649

alg);

556

650

}

557

651

alg_opt = optarg;

559

653

case 'e':

560

654

if(said_opt) {

561

655

fprintf(stderr, "%s: Error, EDST parameter redefined:%s, already defined in SA:%s\n",

562

program_name, optarg, said_opt);

656

progname, optarg, said_opt);

563

657

exit (1);

564

658

}

565

659

if(edst_opt) {

566

660

fprintf(stderr, "%s: Error, EDST parameter redefined:%s, already defined as:%s\n",

567

program_name, optarg, edst_opt);

661

progname, optarg, edst_opt);

568

662

exit (1);

569

663

}

570

664

error_s = ttoaddr(optarg, 0, address_family, &edst);

571

665

if(error_s != NULL) {

572

666

if(error_s) {

573

667

fprintf(stderr, "%s: Error, %s converting --edst argument:%s\n",

574

program_name, error_s, optarg);

668

progname, error_s, optarg);

575

669

exit (1);

576

670

}

577

671

}

579

673

if(debug) {

580

674

addrtot(&edst, 0, ipaddr_txt, sizeof(ipaddr_txt));

581

675

fprintf(stdout, "%s: edst=%s.\n",

582

program_name,

676

progname,

583

677

ipaddr_txt);

584

678

}

585

679

break;

586

680

case 's':

587

681

if(said_opt) {

588

682

fprintf(stderr, "%s: Error, SPI parameter redefined:%s, already defined in SA:%s\n",

589

program_name, optarg, said_opt);

683

progname, optarg, said_opt);

590

684

exit (1);

591

685

}

592

686

if(spi_opt) {

593

687

fprintf(stderr, "%s: Error, SPI parameter redefined:%s, already defined as:%s\n",

594

program_name, optarg, spi_opt);

688

progname, optarg, spi_opt);

595

689

exit (1);

596

690

}

597

691

spi = strtoul(optarg, &endptr, 0);

598

692

if(!(endptr == optarg + strlen(optarg))) {

599

693

fprintf(stderr, "%s: Invalid character in SPI parameter: %s\n",

600

program_name, optarg);

694

progname, optarg);

601

695

exit (1);

602

696

}

603

697

if(spi < 0x100) {

604

698

fprintf(stderr, "%s: Illegal reserved spi: %s => 0x%x Must be larger than 0x100.\n",

605

program_name, optarg, spi);

699

progname, optarg, spi);

606

700

exit(1);

607

701

}

608

702

spi_opt = optarg;

610

704

case 'p':

611

705

if(said_opt) {

612

706

fprintf(stderr, "%s: Error, PROTO parameter redefined:%s, already defined in SA:%s\n",

613

program_name, optarg, said_opt);

707

progname, optarg, said_opt);

614

708

exit (1);

615

709

}

616

710

if(proto_opt) {

617

711

fprintf(stderr, "%s: Error, PROTO parameter redefined:%s, already defined as:%s\n",

618

program_name, optarg, proto_opt);

712

progname, optarg, proto_opt);

619

713

exit (1);

620

714

}

621

715

if(!strcmp(optarg, "ah"))

628

722

proto = SA_COMP;

629

723

if(proto == 0) {

630

724

fprintf(stderr, "%s: Invalid PROTO parameter: %s\n",

631

program_name, optarg);

725

progname, optarg);

632

726

exit (1);

633

727

}

634

728

proto_opt = optarg;

636

730

case 'a':

637

731

if(said_opt) {

638

732

fprintf(stderr, "%s: Error, ADDRESS FAMILY parameter redefined:%s, already defined in SA:%s\n",

639

program_name, optarg, said_opt);

733

progname, optarg, said_opt);

640

734

exit (1);

641

735

}

642

736

if(af_opt) {

643

737

fprintf(stderr, "%s: Error, ADDRESS FAMILY parameter redefined:%s, already defined as:%s\n",

644

program_name, optarg, af_opt);

738

progname, optarg, af_opt);

645

739

exit (1);

646

740

}

647

741

if(strcmp(optarg, "inet") == 0) {

660

754

}

661

755

if((strcmp(optarg, "inet") != 0) && (strcmp(optarg, "inet6") != 0)) {

662

756

fprintf(stderr, "%s: Invalid ADDRESS FAMILY parameter: %s.\n",

663

program_name, optarg);

757

progname, optarg);

664

758

exit (1);

665

759

}

666

760

af_opt = optarg;

668

762

case 'I':

669

763

if(said_opt) {

670

764

fprintf(stderr, "%s: Error, SAID parameter redefined:%s, already defined in SA:%s\n",

671

program_name, optarg, said_opt);

765

progname, optarg, said_opt);

672

766

exit (1);

673

767

}

674

768

if(proto_opt) {

675

769

fprintf(stderr, "%s: Error, PROTO parameter redefined in SA:%s, already defined as:%s\n",

676

program_name, optarg, proto_opt);

770

progname, optarg, proto_opt);

677

771

exit (1);

678

772

}

679

773

if(edst_opt) {

680

774

fprintf(stderr, "%s: Error, EDST parameter redefined in SA:%s, already defined as:%s\n",

681

program_name, optarg, edst_opt);

775

progname, optarg, edst_opt);

682

776

exit (1);

683

777

}

684

778

if(spi_opt) {

685

779

fprintf(stderr, "%s: Error, SPI parameter redefined in SA:%s, already defined as:%s\n",

686

program_name, optarg, spi_opt);

780

progname, optarg, spi_opt);

687

781

exit (1);

688

782

}

689

783

error_s = ttosa(optarg, 0, &said);

690

784

if(error_s != NULL) {

691

785

fprintf(stderr, "%s: Error, %s converting --sa argument:%s\n",

692

program_name, error_s, optarg);

786

progname, error_s, optarg);

693

787

exit (1);

694

788

}

695

789

if(debug) {

696

790

satot(&said, 0, ipsaid_txt, sizeof(ipsaid_txt));

697

791

fprintf(stdout, "%s: said=%s.\n",

698

program_name,

792

progname,

699

793

ipsaid_txt);

700

794

}

701

795

/* init the src and dst with the same address family */

703

797

address_family = addrtypeof(&said.dst);

704

798

} else if(address_family != addrtypeof(&said.dst)) {

705

799

fprintf(stderr, "%s: Error, specified address family (%d) is different that of SAID: %s\n",

706

program_name, address_family, optarg);

800

progname, address_family, optarg);

707

801

exit (1);

708

802

}

709

803

anyaddr(address_family, &dst);

720

814

break;

721

815

default:

722

816

fprintf(stderr, "%s: Authentication key must have a '0x', '0t' or '0s' prefix to select the format: %s\n",

723

program_name, optarg);

817

progname, optarg);

724

818

exit(1);

725

819

}

726

820

}

727

821

authkeylen = atodata(optarg, 0, NULL, 0);

728

822

if(!authkeylen) {

729

823

fprintf(stderr, "%s: unknown format or syntax error in authentication key: %s\n",

730

program_name, optarg);

824

progname, optarg);

731

825

exit (1);

732

826

}

733

827

authkey = malloc(authkeylen);

734

828

if(authkey == NULL) {

735

fprintf(stderr, "%s: Memory allocation error.\n", program_name);

829

fprintf(stderr, "%s: Memory allocation error.\n", progname);

736

830

exit(1);

737

831

}

738

832

memset(authkey, 0, authkeylen);

748

842

break;

749

843

default:

750

844

fprintf(stderr, "%s: Encryption key must have a '0x', '0t' or '0s' prefix to select the format: %s\n",

751

program_name, optarg);

845

progname, optarg);

752

846

exit(1);

753

847

}

754

848

}

755

849

enckeylen = atodata(optarg, 0, NULL, 0);

756

850

if(!enckeylen) {

757

851

fprintf(stderr, "%s: unknown format or syntax error in encryption key: %s\n",

758

program_name, optarg);

852

progname, optarg);

759

853

exit (1);

760

854

}

761

855

enckey = malloc(enckeylen);

762

856

if(enckey == NULL) {

763

fprintf(stderr, "%s: Memory allocation error.\n", program_name);

857

fprintf(stderr, "%s: Memory allocation error.\n", progname);

764

858

exit(1);

765

859

}

766

860

memset(enckey, 0, enckeylen);

771

865

replay_window = strtoul(optarg, &endptr, 0);

772

866

if(!(endptr == optarg + strlen(optarg))) {

773

867

fprintf(stderr, "%s: Invalid character in replay_window parameter: %s\n",

774

program_name, optarg);

868

progname, optarg);

775

869

exit (1);

776

870

}

777

871

if((replay_window < 0x1) || (replay_window > 64)) {

778

872

fprintf(stderr, "%s: Failed -- Illegal window size: arg=%s, replay_window=%d, must be 1 <= size <= 64.\n",

779

program_name, optarg, replay_window);

873

progname, optarg, replay_window);

780

874

exit(1);

781

875

}

782

876

break;

789

883

break;

790

884

default:

791

885

fprintf(stderr, "%s: IV must have a '0x', '0t' or '0s' prefix to select the format, found '%c'.\n",

792

program_name, optarg[1]);

886

progname, optarg[1]);

793

887

exit(1);

794

888

}

795

889

}

796

890

ivlen = atodata(optarg, 0, NULL, 0);

797

891

if(!ivlen) {

798

892

fprintf(stderr, "%s: unknown format or syntax error in IV: %s\n",

799

program_name, optarg);

893

progname, optarg);

800

894

exit (1);

801

895

}

802

896

iv = malloc(ivlen);

803

897

if(iv == NULL) {

804

fprintf(stderr, "%s: Memory allocation error.\n", program_name);

898

fprintf(stderr, "%s: Memory allocation error.\n", progname);

805

899

exit(1);

806

900

}

807

901

memset(iv, 0, ivlen);

811

905

case 'D':

812

906

if(dst_opt) {

813

907

fprintf(stderr, "%s: Error, DST parameter redefined:%s, already defined as:%s\n",

814

program_name, optarg, dst_opt);

908

progname, optarg, dst_opt);

815

909

exit (1);

816

910

}

817

911

error_s = ttoaddr(optarg, 0, address_family, &dst);

818

912

if(error_s != NULL) {

819

913

fprintf(stderr, "%s: Error, %s converting --dst argument:%s\n",

820

program_name, error_s, optarg);

914

progname, error_s, optarg);

821

915

exit (1);

822

916

}

823

917

dst_opt = optarg;

824

918

if(debug) {

825

919

addrtot(&dst, 0, ipaddr_txt, sizeof(ipaddr_txt));

826

920

fprintf(stdout, "%s: dst=%s.\n",

827

program_name,

921

progname,

828

922

ipaddr_txt);

829

923

}

830

924

break;

831

925

case 'S':

832

926

if(src_opt) {

833

927

fprintf(stderr, "%s: Error, SRC parameter redefined:%s, already defined as:%s\n",

834

program_name, optarg, src_opt);

928

progname, optarg, src_opt);

835

929

exit (1);

836

930

}

837

931

error_s = ttoaddr(optarg, 0, address_family, &src);

838

932

if(error_s != NULL) {

839

933

fprintf(stderr, "%s: Error, %s converting --src argument:%s\n",

840

program_name, error_s, optarg);

934

progname, error_s, optarg);

841

935

exit (1);

842

936

}

843

937

src_opt = optarg;

844

938

if(debug) {

845

939

addrtot(&src, 0, ipaddr_txt, sizeof(ipaddr_txt));

846

940

fprintf(stdout, "%s: src=%s.\n",

847

program_name,

941

progname,

848

942

ipaddr_txt);

849

943

}

850

944

break;

851

945

case 'h':

852

usage(program_name, stdout);

946

usage(progname, stdout);

853

947

exit(0);

854

948

case '?':

855

usage(program_name, stderr);

949

usage(progname, stderr);

856

950

exit(1);

857

951

case 'v':

858

fprintf(stdout, "%s, %s\n", program_name, spi_c_version);

952

fprintf(stdout, "%s, %s\n", progname, spi_c_version);

859

953

exit(1);

860

954

case '+': /* optionsfrom */

861

955

optionsfrom(optarg, &argc, &argv, optind, stderr);

870

964

break;

871

965

default:

872

966

fprintf(stderr, "%s: unrecognized option '%c', update option processing.\n",

873

program_name, c);

967

progname, c);

874

968

exit(1);

875

969

}

876

970

previous = c;

877

971

}

878

972

if(debug) {

879

973

fprintf(stdout, "%s: All options processed.\n",

880

program_name);

974

progname);

881

975

}

882

976

883

977

if(argcount == 1) {

886

980

}

887

981

888

982

switch(alg) {

983

#ifdef KERNEL_ALG

984

case XF_OTHER_ALG:

985

/* validate keysizes */

986

if (proc_read_ok) {

987

const struct sadb_alg *alg_p;

988

int keylen, minbits, maxbits;

989

alg_p=kernel_alg_sadb_alg_get(SADB_SATYPE_ESP,SADB_EXT_SUPPORTED_ENCRYPT,

990

esp_info->encryptalg);

991

assert(alg_p);

992

keylen=enckeylen * 8;

993

994

if (alg_p->sadb_alg_id==ESP_3DES || alg_p->sadb_alg_id==ESP_DES) {

995

maxbits=minbits=alg_p->sadb_alg_minbits * 8 /7;

996

} else {

997

minbits=alg_p->sadb_alg_minbits;

998

maxbits=alg_p->sadb_alg_maxbits;

999

}

1000

1001

* if explicit keylen told in encrypt algo, eg "aes128"

1002

* check actual keylen "equality"

1003

1004

if (esp_info->esp_ealg_keylen &&

1005

esp_info->esp_ealg_keylen!=keylen) {

1006

fprintf(stderr, "%s: invalid encryption keylen=%d, "

1007

"required %d by encrypt algo string=\"%s\"\n",

1008

progname,

1009

keylen,

1010

(int)esp_info->esp_ealg_keylen,

1011

alg_string);

1012

exit(1);

1013

1014

}

1015

/* thanks DES for this sh*t */

1016

1017

if (minbits > keylen || maxbits < keylen) {

1018

fprintf(stderr, "%s: invalid encryption keylen=%d, "

1019

"must be between %d and %d bits\n",

1020

progname,

1021

keylen, minbits, maxbits);

1022

exit(1);

1023

}

1024

alg_p=kernel_alg_sadb_alg_get(SADB_SATYPE_ESP,SADB_EXT_SUPPORTED_AUTH,

1025

esp_info->authalg);

1026

assert(alg_p);

1027

keylen=authkeylen * 8;

1028

minbits=alg_p->sadb_alg_minbits;

1029

maxbits=alg_p->sadb_alg_maxbits;

1030

if (minbits > keylen || maxbits < keylen) {

1031

fprintf(stderr, "%s: invalid auth keylen=%d, "

1032

"must be between %d and %d bits\n",

1033

progname,

1034

keylen, minbits, maxbits);

1035

exit(1);

1036

}

1037

1038

}

1039

#endif /* KERNEL_ALG */

889

1040

case XF_IP4:

890

1041

case XF_IP6:

891

1042

case XF_DEL:

898

1049

if(!said_opt) {

899

1050

if(isanyaddr(&edst)) {

900

1051

fprintf(stderr, "%s: SA destination not specified.\n",

901

program_name);

1052

progname);

902

1053

exit(1);

903

1054

}

904

1055

if(!spi) {

905

1056

fprintf(stderr, "%s: SA SPI not specified.\n",

906

program_name);

1057

progname);

907

1058

exit(1);

908

1059

}

909

1060

if(!proto) {

910

1061

fprintf(stderr, "%s: SA PROTO not specified.\n",

911

program_name);

1062

progname);

912

1063

exit(1);

913

1064

}

914

1065

initsaid(&edst, htonl(spi), proto, &said);

919

1070

}

920

1071

if((address_family != 0) && (address_family != addrtypeof(&said.dst))) {

921

1072

fprintf(stderr, "%s: Defined address family and address family of SA missmatch.\n",

922

program_name);

1073

progname);

923

1074

exit(1);

924

1075

}

925

1076

sa_len = satot(&said, 0, sa, sizeof(sa));

926

1077

927

1078

if(debug) {

928

1079

fprintf(stdout, "%s: SA valid.\n",

929

program_name);

1080

progname);

930

1081

}

931

1082

break;

932

1083

case XF_CLR:

933

1084

break;

934

1085

default:

935

1086

fprintf(stderr, "%s: No action chosen. See '%s --help' for usage.\n",

936

program_name, program_name);

1087

progname, progname);

937

1088

exit(1);

938

1089

}

939

1090

948

1099

case XF_ESP3DESSHA196:

949

1100

case XF_ESP3DES:

950

1101

case XF_COMPDEFLATE:

1102

#ifdef KERNEL_ALG

1103

case XF_OTHER_ALG:

1104

#endif /* NO_KERNEL_ALG */

951

1105

break;

952

1106

default:

953

1107

fprintf(stderr, "%s: No action chosen. See '%s --help' for usage.\n",

954

program_name, program_name);

1108

progname, progname);

955

1109

exit(1);

956

1110

}

957

1111

if(debug) {

958

1112

fprintf(stdout, "%s: Algorithm ok.\n",

959

program_name);

1113

progname);

960

1114

}

961

1115

962

1116

if((pfkey_sock = socket(PF_KEY, SOCK_RAW, PF_KEY_V2) ) < 0) {

963

1117

fprintf(stderr, "%s: Trouble opening PF_KEY family socket with error: ",

964

program_name);

1118

progname);

965

1119

switch(errno) {

966

1120

case ENOENT:

967

1121

fprintf(stderr, "device does not exist. See FreeS/WAN installation procedure.\n");

1029

1183

pfkey_extensions_init(extensions);

1030

1184

if(debug) {

1031

1185

fprintf(stdout, "%s: extensions=0p%p &extensions=0p%p extensions[0]=0p%p &extensions[0]=0p%p cleared.\n",

1032

program_name,

1186

progname,

1033

1187

extensions,

1034

1188

&extensions,

1035

1189

extensions[0],

1042

1196

++pfkey_seq,

1043

1197

mypid))) {

1044

1198

fprintf(stderr, "%s: Trouble building message header, error=%d.\n",

1045

program_name, error);

1199

progname, error);

1046

1200

pfkey_extensions_free(extensions);

1047

1201

exit(1);

1048

1202

}

1049

1203

if(debug) {

1050

1204

fprintf(stdout, "%s: extensions=0p%p &extensions=0p%p extensions[0]=0p%p &extensions[0]=0p%p set w/msghdr.\n",

1051

program_name,

1205

progname,

1052

1206

extensions,

1053

1207

&extensions,

1054

1208

extensions[0],

1055

1209

&extensions[0]);

1056

1210

}

1057

1211

if(debug) {

1058

fprintf(stdout, "%s: base message assembled.\n", program_name);

1212

fprintf(stdout, "%s: base message assembled.\n", progname);

1059

1213

}

1060

1214

1061

1215

switch(alg) {

1067

1221

case XF_ESP3DESSHA196:

1068

1222

authalg = SADB_AALG_SHA1HMAC;

1069

1223

break;

1224

#ifdef KERNEL_ALG

1225

case XF_OTHER_ALG:

1226

authalg= esp_info->authalg;

1227

if(debug) {

1228

fprintf(stdout, "%s: debug: authalg=%d\n",

1229

progname, authalg);

1230

}

1231

break;

1232

#endif /* KERNEL_ALG */

1070

1233

case XF_ESP3DESMD5:

1071

1234

default:

1072

1235

authalg = SADB_AALG_NONE;

1080

1243

case XF_COMPDEFLATE:

1081

1244

encryptalg = SADB_X_CALG_DEFLATE;

1082

1245

break;

1246

#ifdef KERNEL_ALG

1247

case XF_OTHER_ALG:

1248

encryptalg= esp_info->encryptalg;

1249

if(debug) {

1250

fprintf(stdout, "%s: debug: encryptalg=%d\n",

1251

progname, encryptalg);

1252

}

1253

break;

1254

#endif /* KERNEL_ALG */

1083

1255

default:

1084

1256

encryptalg = SADB_EALG_NONE;

1085

1257

}

1093

1265

encryptalg,

1094

1266

0))) {

1095

1267

fprintf(stderr, "%s: Trouble building sa extension, error=%d.\n",

1096

program_name, error);

1268

progname, error);

1097

1269

pfkey_extensions_free(extensions);

1098

1270

exit(1);

1099

1271

}

1100

1272

if(debug) {

1101

1273

fprintf(stdout, "%s: extensions[0]=0p%p previously set with msg_hdr.\n",

1102

program_name,

1274

progname,

1103

1275

extensions[0]);

1104

1276

}

1105

1277

if(debug) {

1106

1278

fprintf(stdout, "%s: assembled SA extension, pfkey msg authalg=%d encalg=%d.\n",

1107

program_name,

1279

progname,

1108

1280

authalg,

1109

1281

encryptalg);

1110

1282

}

1114

1286

for(i = 0; i < life_maxsever; i++) {

1115

1287

for(j = 0; j < life_maxtype; j++) {

1116

1288

fprintf(stdout, "%s: i=%d, j=%d, life_opt[%d][%d]=0p%p, life[%d][%d]=%d\n",

1117

program_name,

1289

progname,

1118

1290

i, j, i, j, life_opt[i][j], i, j, life[i][j]);

1119

1291

}

1120

1292

}

1132

1304

life[life_soft][life_usetime],/*-1,*/ /*usetime*/

1133

1305

life[life_soft][life_packets]/*-1*/))) { /*packets*/

1134

1306

fprintf(stderr, "%s: Trouble building lifetime_s extension, error=%d.\n",

1135

program_name, error);

1307

progname, error);

1136

1308

pfkey_extensions_free(extensions);

1137

1309

exit(1);

1138

1310

}

1139

1311

if(debug) {

1140

1312

fprintf(stdout, "%s: lifetime_s extension assembled.\n",

1141

program_name);

1313

progname);

1142

1314

}

1143

1315

}

1144

1316

1155

1327

life[life_hard][life_usetime],/*-1,*/ /*usetime*/

1156

1328

life[life_hard][life_packets]/*-1*/))) { /*packets*/

1157

1329

fprintf(stderr, "%s: Trouble building lifetime_h extension, error=%d.\n",

1158

program_name, error);

1330

progname, error);

1159

1331

pfkey_extensions_free(extensions);

1160

1332

exit(1);

1161

1333

}

1162

1334

if(debug) {

1163

1335

fprintf(stdout, "%s: lifetime_h extension assembled.\n",

1164

program_name);

1336

progname);

1165

1337

}

1166

1338

}

1167

1339

1168

1340

if(debug) {

1169

1341

addrtot(&src, 0, ipaddr_txt, sizeof(ipaddr_txt));

1170

1342

fprintf(stdout, "%s: assembling address_s extension (%s).\n",

1171

program_name, ipaddr_txt);

1343

progname, ipaddr_txt);

1172

1344

}

1173

1345

1174

1346

if((error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],

1178

1350

sockaddrof(&src)))) {

1179

1351

addrtot(&src, 0, ipaddr_txt, sizeof(ipaddr_txt));

1180

1352

fprintf(stderr, "%s: Trouble building address_s extension (%s), error=%d.\n",

1181

program_name, ipaddr_txt, error);

1353

progname, ipaddr_txt, error);

1182

1354

pfkey_extensions_free(extensions);

1183

1355

exit(1);

1184

1356

}

1196

1368

break;

1197

1369

default:

1198

1370

fprintf(stdout, "%s: unknown address family (%d).\n",

1199

program_name, address_family);

1371

progname, address_family);

1200

1372

exit(1);

1201

1373

}

1202

1374

addrtot(&temp_addr, 0, ipaddr_txt, sizeof(ipaddr_txt));

1203

1375

fprintf(stdout, "%s: address_s extension assembled (%s).\n",

1204

program_name, ipaddr_txt);

1376

progname, ipaddr_txt);

1205

1377

}

1206

1378

1207

1379

if(debug) {

1208

1380

addrtot(&edst, 0, ipaddr_txt, sizeof(ipaddr_txt));

1209

1381

fprintf(stdout, "%s: assembling address_d extension (%s).\n",

1210

program_name, ipaddr_txt);

1382

progname, ipaddr_txt);

1211

1383

}

1212

1384

1213

1385

if((error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],

1217

1389

sockaddrof(&edst)))) {

1218

1390

addrtot(&edst, 0, ipaddr_txt, sizeof(ipaddr_txt));

1219

1391

fprintf(stderr, "%s: Trouble building address_d extension (%s), error=%d.\n",

1220

program_name, ipaddr_txt, error);

1392

progname, ipaddr_txt, error);

1221

1393

pfkey_extensions_free(extensions);

1222

1394

exit(1);

1223

1395

}

1234

1406

break;

1235

1407

default:

1236

1408

fprintf(stdout, "%s: unknown address family (%d).\n",

1237

program_name, address_family);

1409

progname, address_family);

1238

1410

exit(1);

1239

1411

}

1240

1412

addrtot(&temp_addr, 0, ipaddr_txt, sizeof(ipaddr_txt));

1241

1413

fprintf(stdout, "%s: address_d extension assembled (%s).\n",

1242

program_name, ipaddr_txt);

1414

progname, ipaddr_txt);

1243

1415

}

1244

1416

1245

1417

#if PFKEY_PROXY

1250

1422

1251

1423

sockaddrof(&pfkey_address_p_ska)))) {

1252

1424

fprintf(stderr, "%s: Trouble building address_p extension, error=%d.\n",

1253

program_name, error);

1425

progname, error);

1254

1426

pfkey_extensions_free(extensions);

1255

1427

exit(1);

1256

1428

}

1257

1429

if(debug) {

1258

fprintf(stdout, "%s: address_p extension assembled.\n", program_name);

1430

fprintf(stdout, "%s: address_p extension assembled.\n", progname);

1259

1431

}

1260

1432

#endif /* PFKEY_PROXY */

1261

1433

1262

1434

switch(alg) {

1435

#ifdef KERNEL_ALG

1436

/* Allow no auth ... after all is local root decision 8) */

1437

case XF_OTHER_ALG:

1438

if (!authalg)

1439

break;

1440

#endif /* KERNEL_ALG */

1263

1441

case XF_AHHMACMD5:

1264

1442

case XF_ESP3DESMD596:

1265

1443

case XF_AHHMACSHA1:

1269

1447

authkeylen * 8,

1270

1448

authkey))) {

1271

1449

fprintf(stderr, "%s: Trouble building key_a extension, error=%d.\n",

1272

program_name, error);

1450

progname, error);

1273

1451

pfkey_extensions_free(extensions);

1274

1452

exit(1);

1275

1453

}

1276

1454

if(debug) {

1277

1455

fprintf(stdout, "%s: key_a extension assembled.\n",

1278

program_name);

1456

progname);

1279

1457

}

1280

1458

break;

1281

1459

default:

1286

1464

case XF_ESP3DES:

1287

1465

case XF_ESP3DESMD596:

1288

1466

case XF_ESP3DESSHA196:

1467

#ifdef KERNEL_ALG

1468

case XF_OTHER_ALG:

1469

#endif /* KERNEL_ALG */

1289

1470

if((error = pfkey_key_build(&extensions[SADB_EXT_KEY_ENCRYPT],

1290

1471

SADB_EXT_KEY_ENCRYPT,

1291

1472

enckeylen * 8,

1292

1473

enckey))) {

1293

1474

fprintf(stderr, "%s: Trouble building key_e extension, error=%d.\n",

1294

program_name, error);

1475

progname, error);

1295

1476

pfkey_extensions_free(extensions);

1296

1477

exit(1);

1297

1478

}

1298

1479

if(debug) {

1299

1480

fprintf(stdout, "%s: key_e extension assembled.\n",

1300

program_name);

1481

progname);

1301

1482

}

1302

1483

break;

1303

1484

default:

1312

1493

strlen(pfkey_ident_s_ska),

1313

1494

pfkey_ident_s_ska))) {

1314

1495

fprintf(stderr, "%s: Trouble building ident_s extension, error=%d.\n",

1315

program_name, error);

1496

progname, error);

1316

1497

pfkey_extensions_free(extensions);

1317

1498

exit(1);

1318

1499

}

1329

1510

strlen(pfkey_ident_d_ska),

1330

1511

pfkey_ident_d_ska))) {

1331

1512

fprintf(stderr, "%s: Trouble building ident_d extension, error=%d.\n",

1332

program_name, error);

1513

progname, error);

1333

1514

pfkey_extensions_free(extensions);

1334

1515

exit(1);

1335

1516

}

1341

1522

1342

1523

if(debug) {

1343

1524

fprintf(stdout, "%s: ident extensions assembled.\n",

1344

program_name);

1525

progname);

1345

1526

}

1346

1527

#endif /* PFKEY_IDENT */

1347

1528

}

1348

1529

1349

1530

if(debug) {

1350

1531

fprintf(stdout, "%s: assembling pfkey msg....\n",

1351

program_name);

1532

progname);

1352

1533

}

1353

1534

if((error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_IN))) {

1354

1535

fprintf(stderr, "%s: Trouble building pfkey message, error=%d.\n",

1355

program_name, error);

1536

progname, error);

1356

1537

pfkey_extensions_free(extensions);

1357

1538

pfkey_msg_free(&pfkey_msg);

1358

1539

exit(1);

1359

1540

}

1360

1541

if(debug) {

1361

1542

fprintf(stdout, "%s: assembled.\n",

1362

program_name);

1543

progname);

1363

1544

}

1364

1545

if(debug) {

1365

1546

fprintf(stdout, "%s: writing pfkey msg.\n",

1366

program_name);

1547

progname);

1367

1548

}

1368

1549

io_error = write(pfkey_sock,

1369

1550

pfkey_msg,

1370

1551

pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN);

1371

1552

if(io_error < 0) {

1372

1553

fprintf(stderr, "%s: pfkey write failed (errno=%d): ",

1373

program_name, errno);

1554

progname, errno);

1374

1555

pfkey_extensions_free(extensions);

1375

1556

pfkey_msg_free(&pfkey_msg);

1376

1557

switch(errno) {

1424

1605

exit(1);

1425

1606

} else if (io_error != (ssize_t)(pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN)) {

1426

1607

fprintf(stderr, "%s: pfkey write truncated to %d bytes\n",

1427

program_name, (int)io_error);

1608

progname, (int)io_error);

1428

1609

pfkey_extensions_free(extensions);

1429

1610

pfkey_msg_free(&pfkey_msg);

1430

1611

exit(1);

1432

1613

1433

1614

if(debug) {

1434

1615

fprintf(stdout, "%s: pfkey command written to socket.\n",

1435

program_name);

1616

progname);

1436

1617

}

1437

1618

1438

1619

if(pfkey_msg) {

1441

1622

}

1442

1623

if(debug) {

1443

1624

fprintf(stdout, "%s: pfkey message buffer freed.\n",

1444

program_name);

1625

progname);

1445

1626

}

1446

1627

if(authkey) {

1447

1628

memset((caddr_t)authkey, 0, authkeylen);

1469

1650

if((size_t)readlen < sizeof(struct sadb_msg)) {

1470

1651

if(debug) {

1471

1652

printf("%s: runt packet of size: %ld (<%lu)\n",

1472

program_name, (long)readlen, (unsigned long)sizeof(struct sadb_msg));

1653

progname, (long)readlen, (unsigned long)sizeof(struct sadb_msg));

1473

1654

}

1474

1655

continue;

1475

1656

}

1477

1658

/* okay, we got enough for a message, print it out */

1478

1659

if(debug) {

1479

1660

printf("%s: pfkey v%d msg received. type=%d(%s) seq=%d len=%d pid=%d errno=%d satype=%d(%s)\n",

1480

program_name,

1661

progname,

1481

1662

pfkey_msg->sadb_msg_version,

1482

1663

pfkey_msg->sadb_msg_type,

1483

1664

pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type),

1493

1674

{

1494

1675

if(debug) {

1495

1676

printf("%s: packet size read from socket=%d doesn't equal sadb_msg_len %u * %u; message not decoded\n",

1496

program_name,

1677

progname,

1497

1678

(int)readlen,

1498

1679

(unsigned)pfkey_msg->sadb_msg_len,

1499

1680

(unsigned)IPSEC_PFKEYv2_ALIGN);

1504

1685

if (pfkey_msg_parse(pfkey_msg, NULL, extensions, EXT_BITS_OUT)) {

1505

1686

if(debug) {

1506

1687

printf("%s: unparseable PF_KEY message.\n",

1507

program_name);

1688

progname);

1508

1689

}

1509

1690

continue;

1510

1691

} else {

1511

1692

if(debug) {

1512

1693

printf("%s: parseable PF_KEY message.\n",

1513

program_name);

1694

progname);

1514

1695

}

1515

1696

}

1516

1697

if((pid_t)pfkey_msg->sadb_msg_pid == mypid) {

1517

1698

if(saref) {

1518

1699

printf("%s: saref=%d\n",

1519

program_name,

1700

progname,

1520

1701

(extensions[SADB_EXT_SA] != NULL)

1521

1702

? ((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_x_sa_ref

1522

1703

: IPSEC_SAREF_NULL);

1527

1708

}

1528

1709

(void) close(pfkey_sock); /* close the socket */

1529

1710

if(debug || listenreply) {

1530

printf("%s: exited normally\n", program_name);

1711

printf("%s: exited normally\n", progname);

1531

1712

}

1532

1713

exit(0);

1533

1714

}

1534

1715

1716

void exit_tool(int x)

1717

{

1718

exit(x);

1719

}

1720

1535

1721

1536

1722

* $Log: spi.c,v $

1723

* Revision 1.106 2004/04/29 04:08:28 mcr

1724

* broke out decode_esp() function, and use new

1725

* libopenswan code.

1726

1727

* Revision 1.105 2004/04/26 05:05:04 ken

1728

* Cast properly on 64bit platforms

1729

1730

* Revision 1.104 2004/04/18 03:08:02 mcr

1731

* use common files from libopenswan.

1732

1733

* Revision 1.103 2004/04/06 03:04:54 mcr

1734

* pullup of algo code from alg-branch.

1735

1736

* Revision 1.102 2004/04/04 01:53:13 ken

1737

* Use openswan includes

1738

1739

* Revision 1.101.4.2 2004/04/06 00:53:06 mcr

1740

* code adjusted to compile on branch

1741

1742

* Revision 1.101.4.1 2003/12/22 15:25:53 jjo

1743

* Merged algo-0.8.1-rc11-test1 into alg-branch

1744

1537

1745

* Revision 1.101 2003/12/05 16:44:19 mcr

1538

1746

* patches to avoid ipsec_netlink.h, which has been obsolete for

1539

1747

* some time now.

1696

1904

* Removed DES usage.

1697

1905

* Changed usage of memset on extensions to pfkey_extensions_init().

1698

1906

1699

* Revision 1.54 1999/12/29 21:17:41 rgb

1700

* Changed pfkey_msg_build() I/F to include a struct sadb_msg**

1701

* parameter for cleaner manipulation of extensions[] and to guard

1702

* against potential memory leaks.

1703

* Changed the I/F to pfkey_msg_free() for the same reason.

1704

1705

* Revision 1.53 1999/12/10 17:35:37 rgb

1706

* Added address debugging.

1707

* Fixed undetected spi followed by said sanity check bug.

1708

* Fixed unset spi and edst using said bug.

1709

1710

* Revision 1.52 1999/12/09 23:13:53 rgb

1711

* Added argument to pfkey_sa_build() to do eroutes.

1712

1713

* Revision 1.51 1999/12/07 18:29:13 rgb

1714

* Converted local functions to static to limit scope.

1715

* Removed unused cruft.

1716

* Changed types to unsigned to quiet compiler.

1717

* Cleaned up compiler directives.

1718

1719

* Revision 1.50 1999/12/01 22:19:04 rgb

1720

* Change pfkey_sa_build to accept an SPI in network byte order.

1721

* Minor reformatting.

1722

* Close socket after cleanup.

1723

* Moved pfkey_lib_debug variable into the library.

1724

1725

* Revision 1.49 1999/11/27 11:53:56 rgb

1726

* Fix pfkey_v2_parse calls.

1727

* Add argument to pfkey_msg_parse() for direction.

1728

* Move parse-after-build check inside pfkey_msg_build().

1729

1730

* Revision 1.48 1999/11/25 19:05:12 rgb

1731

* Add parser calls to parse newly built message and disabled signal

1732

* handler.

1733

* Zapped all manual pfkey assignment code in favour of build library

1734

* calls.

1735

* Clean out other unused code.

1736

1737

* Revision 1.47 1999/11/25 09:08:46 rgb

1738

* Turn debug compiler directive into command line switch.

1739

* Fix unused argument bug in usage.

1740

* Delete unused variables and code.

1741

* Add default to alg switch to catch algo not set.

1742

* Added error return checking from pfkey_build routines.

1743

* Clarified assignment in conditional with parens.

1744

* Fixed extension pointer bugs passing args to pfkey_build routines.

1745

1746

* Revision 1.46 1999/11/24 17:22:25 rgb

1747

* Fix PFKEY_BUILD_LIB compiler directives.

1748

* Fix bug in memset(extensions) size argument.

1749

* Fix bug in extensions type and calling style.

1750

* Fix PFKEY_BUILD_LIB ifdef boundary bug.

1751

1752

* Revision 1.45 1999/11/23 23:11:18 rgb

1753

* Added pfkey_v2_build calls.

1754

* Sort out pfkey and freeswan headers, putting them in a library path.

1755

* Corrected a couple of bugs in as-yet-inactive code.

1756

* Clarified indention of pfkey_msg assembly code.

1757

1758

* Revision 1.44 1999/11/18 04:56:07 rgb

1759

* Change expected signal type comment.

1760

* Add signal handler degugging code.

1761

* Temporarily remove select() code for signal debugging.

1762

* Fix minor sequence number bug.

1763

1764

* Revision 1.43 1999/10/27 20:01:01 rgb

1765

* Enabled the signal handler.

1766

* Changed pfkey_seq from post-increment to pre-increment.

1767

1768

* Revision 1.42 1999/10/16 00:26:34 rgb

1769

* Add to pfkey lifetime support.

1770

* Attempt to add pfkey socket receive support.

1771

* Change to more intuitive name of pfkey socket variable.

1772

1773

* Revision 1.41 1999/07/08 19:18:33 rgb

1774

* Shut off debugging by default.

1775

1776

* Revision 1.40 1999/06/10 16:12:53 rgb

1777

* Add autoconf to use pfkey.

1778

* Add error return code description.

1779

1780

* Revision 1.39 1999/04/29 15:26:54 rgb

1781

* Debug pfkey support.

1782

* Add debugging instrumentation.

1783

* Add error return code checks.

1784

* Add support for DELETE and CLR messages.

1785

* Add support for IPPROTO_IPIP.

1786

* Copy in src address.

1787

* Set sin_zero properly.

1788

* Add ident_d support(untested).

1789

* Fix msg header copy length bug.

1790

* Add kludge to support FLUSH.

1791

1792

* Revision 1.38 1999/04/15 15:37:28 rgb

1793

* Forward check changes from POST1_00 branch.

1794

1795

* Revision 1.34.2.2 1999/04/13 20:58:10 rgb

1796

* Add argc==1 --> /proc/net/ipsec_*.

1797

1798

* Revision 1.34.2.1 1999/03/30 17:07:04 rgb

1799

* Make main() return type explicit.

1800

* Add pfkey code.

1801

* OOO window size htons bugfix.

1802

1803

* Revision 1.37 1999/04/11 00:12:08 henry

1804

* GPL boilerplate

1805

1806

* Revision 1.36 1999/04/06 04:54:38 rgb

1807

* Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes

1808

* patch shell fixes.

1809

1810

* Revision 1.35 1999/03/17 15:40:07 rgb

1811

* Make explicit main() return type of int.

1812

* Fix memory clear bug in spi.c.

1813

1814

* Revision 1.34 1999/02/16 05:20:49 rgb

1815

* Fix memory clear bugs just prior to normal exit that were causing ipsec

1816

* manual scripts to fail and potentially leaving large core files.

1817

1818

* Revision 1.33 1999/02/09 00:13:16 rgb

1819

* Fix replay window htonl bug.

1820

1821

* Revision 1.32 1999/01/22 06:35:54 rgb

1822

* 64-bit clean-up.

1823

* Added algorithm switch code.

1824

* Removed IV requirement, now an option (kept code for back-compat).

1825

* Cruft clean-out.

1826

* Add error-checking.

1827

* Removed PFKEY code, will re-add later.

1828

1829

* Revision 1.31 1998/11/12 21:08:04 rgb

1830

* Add --label option to identify caller from scripts.

1831

1832

* Revision 1.30 1998/11/11 18:34:12 rgb

1833

* Fixed #includes for RH5.1.

1834

1835

* Revision 1.29 1998/11/11 07:14:18 rgb

1836

* #include cleanup to hopefully compile under RH5.1.

1837

1838

* Revision 1.28 1998/11/10 05:34:11 rgb

1839

* Add support for SA direction flag.

1840

* Add more specific error output messages.

1841

1842

* Revision 1.27 1998/10/27 00:31:12 rgb

1843

* Set replay structure flag to 0 (not used).

1844

1845

* Revision 1.26 1998/10/26 01:28:38 henry

1846

* use SA_* protocol names, not IPPROTO_*, to avoid compile problems

1847

1848

* Revision 1.25 1998/10/25 02:45:39 rgb

1849

* Change program to program_name to bring in line with other utils.

1850

* Added debugging code to find null proto bug, premature exit on hex info bug.

1851

* Fixed premature exit on hex info bug.

1852

1853

* Revision 1.24 1998/10/22 06:34:16 rgb

1854

* Fixed bad stucture pointer.

1855

* Fixed unknown var (cut and paste error).

1856

1857

* Revision 1.23 1998/10/19 18:56:24 rgb

1858

* Added inclusion of freeswan.h.

1859

* sa_id structure implemented and used: now includes protocol.

1860

* Start to add some inactive pfkey2 code.

1861

1862

* Revision 1.22 1998/10/09 18:47:30 rgb

1863

* Add 'optionfrom' to get more options from a named file.

1864

1865

* Revision 1.21 1998/10/09 04:36:03 rgb

1866

* Standardise on '-96' notation for AH transforms.

1867

1868

* Revision 1.20 1998/09/03 01:29:32 henry

1869

* improve atodata()-failed error messages a bit

1870

1871

* Revision 1.19 1998/09/02 03:14:33 henry

1872

* no point in printing zero lengths used as error returns

1873

1874

* Revision 1.18 1998/09/02 03:12:08 henry

1875

* --help output goes on stdout, not stderr

1876

1877

* Revision 1.17 1998/09/01 19:50:50 henry

1878

* fix operator-precedence bug that often messed up --ah SPI creation

1879

* minor cleanup

1880

1881

* Revision 1.16 1998/08/28 03:14:12 rgb

1882

* Simplify/Clarify usage text.

1883

1884

* Revision 1.15 1998/08/12 00:16:46 rgb

1885

* Removed a lot of old cruft that was commented out.

1886

* Updated usage text.

1887

* Added config options for new xforms.

1888

1889

* Revision 1.14 1998/08/05 22:24:45 rgb

1890

* Change includes to accomodate RH5.x

1891

1892

* Revision 1.13 1998/07/29 21:41:17 rgb

1893

* Fix spi bug, add hexadecimal value entry debugging.

1894

1895

* Revision 1.12 1998/07/28 00:14:24 rgb

1896

* Convert from positional parameters to long options.

1897

* Add --clean option.

1898

* Add hostname lookup support.

1899

1900

* Revision 1.11 1998/07/14 18:15:55 rgb

1901

* Fix undetected bug using AH-SHA1 with manual keying: The key was

1902

* truncated by the data structure used to get it to the kernel.

1903

1904

* Revision 1.10 1998/07/09 18:14:11 rgb

1905

* Added error checking to IP's and keys.

1906

* Made most error messages more specific rather than spamming usage text.

1907

* Added more descriptive kernel error return codes and messages.

1908

* Converted all spi translations to unsigned.

1909

* Removed all invocations of perror.

1910

1911

* Revision 1.9 1998/06/30 18:04:31 rgb

1912

* Fix compiler warning: couldn't find 'struct option' prototype.

1913

1914

* Revision 1.8 1998/06/11 05:40:04 rgb

1915

* Make usage text more concise WRT replay window sizes and defaults.

1916

* Make error reporting more concise WRT exact IV and key lengths supported

1917

* and their units.

1918

1919

* Revision 1.7 1998/06/08 17:54:58 rgb

1920

* Fixed string escape code in usage.

1921

1922

* Revision 1.6 1998/06/05 02:22:49 rgb

1923

* Clarify usage text and update for key splitting and i/r removal.

1924

* Require keys of exact length.

1925

1926

* Revision 1.5 1998/05/27 20:54:11 rgb

1927

* Added --help and --version directives. Separated auth and encr keys.

1928

1929

* Revision 1.4 1998/05/18 21:12:13 rgb

1930

* Clean up debugging code, clean up after keys, cleaner options setting.

1931

1932

* Revision 1.3 1998/05/06 03:37:11 rgb

1933

* Fixed incorrect signed interpretation of command line spi to unsigned long.

1934

* It prevented deletion of ~spi values generated by pluto.

1935

1936

* Revision 1.2 1998/05/01 23:34:01 rgb

1937

* Clarified the usage text.

1938

1939

* Revision 1.1.1.1 1998/04/08 05:35:10 henry

1940

* RGB's ipsec-0.8pre2.tar.gz ipsec-0.8

1941

1942

* Revision 0.5 1997/06/03 04:31:55 ji

1943

* Added esp 3des-md5-96

1944

1945

* Revision 0.4 1997/01/15 01:37:54 ji

1946

* New program in this release, replaces set* programs.

1947

1948

1907

1949

1908

Older »