summaryrefslogtreecommitdiffstats
path: root/usr.sbin/sasyncd (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* sync the synopsis and usage; "usage:" is lowercasesobrado2008-03-171-3/+2
| | | | ok jmc@
* use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsgderaadt2007-09-021-3/+3
|
* convert to new .Dd format;jmc2007-05-312-4/+4
|
* Check getpwnam() return value for NULL before dereferencing it.moritz2007-05-171-2/+8
| | | | ok ray@ millert@
* Zero out struct before using, not after.ray2007-02-261-2/+3
| | | | | | From <sthen at symphytum dot spacehopper dot org>, PR 5388. OK hshoexer@ and mpf@.
* allow shared key specification in hex (0x01234...); ok homarkus2007-01-084-21/+74
|
* make option processing happen first.msf2006-12-261-10/+10
| | | | ok deraadt@
* good day to remove a some pooderaadt2006-12-251-13/+4
|
* spacingderaadt2006-12-252-4/+4
|
* first pass cleanup of sasyncd, based on some discussion with deraadt@msf2006-12-243-67/+59
| | | | | | | inline conf_init into main() and remove it from conf.y. add usage(). small amount of whitespace nits in sasync.h ok deraadt@ mcbride@
* add additional link states to report the half duplex / full duplexreyk2006-11-281-1/+3
| | | | | | | | state, if known by the driver. this is required to check the full duplex state without depending on the ifmedia ioctl which can't be called in the kernel without process context. ok henning@, brad@
* Only interpret link state routing messages for the monitored carp interface.mpf2006-09-161-6/+12
| | | | | memcpy the if_msghdr to avoid alignment problems. OK hshoexer@, miod@, deraadt@
* for apps which use interface groups, point to the section ofjmc2006-09-121-1/+7
| | | | | | ifconfig(8) where they are explained; ok mcbride mpf henning
* Teach sasyncd to set isakmpd into active or passive mode, accordingmpf2006-09-016-16/+130
| | | | | | to our current carp state. Based on a diff by ho@. OK ho@, hshoexer@, deraadt@
* Add more SADB types to the filter: ACQUIRE, X_ASKPOLICY, REGISTER.mpf2006-08-311-10/+11
| | | | | | While there put the message sieve into the more appropriate filter function. Pointed out by markus. OK ho@, markus@, hshoexer@, deraadt@
* Only chroot the unprivileged part of sasyncd(8).mpf2006-08-311-6/+6
| | | | OK deraadt@ mcbride@ hshoexer@
* need to retry writing to pfkey socket on EAGAIN, ok theohenning2006-08-301-2/+6
|
* tweaks;jmc2006-06-031-5/+7
|
* whitespace cleanup, no binary change.moritz2006-06-027-32/+32
|
* Make sasyncd fail back correctly with carp preemption enabled.mcbride2006-06-0210-25/+186
| | | | | | | | | | | | | | Hold the carp demotion when booting, to prevent carp from preempting until we've sync'd with our peers. This adds a new CTL_ENDSNAP message to the exchange between the sasync daemons to indicate when the complete snapshot has been sent. Undemote after 60 seconds, or when recieve a CTL_ENDSNAP from all our peers. Syntax is slightly changed, removing the 'carp' keyword (so do "interface carp0" rather than "carp interface carp0". Adds 'group <ifgroup>', defaults to the 'carp' group. ok moritz@
* Instead of polling the carp interface to detect a switch between MASTER andmcbride2006-06-016-91/+116
| | | | | | | | BACKUP, listen to the routing socket for link change messages. Based on a diff from nathanael at polymorpheous dot com. ok moritz@
* let us not talk about ipsecadm and vpn anymore; ok reykderaadt2006-05-261-4/+4
|
* cleanup error handling to avoid two memleaks. found and ok pat@moritz2006-04-161-8/+10
|
* Plug memory leak on error path; ok ho@ moritz@pat2006-03-311-1/+2
|
* remove "the the" in comment; ok jmc@david2006-02-151-2/+2
|
* fix some format strings and add a missingmoritz2006-01-264-9/+9
| | | | argument to a log_err() call. ok ho@
* Don't depend on implicit include of signal.hmillert2006-01-201-1/+2
|
* IPSec -> IPsecjmc2005-09-211-5/+5
| | | | | | grammar from joel@
* handle short read()'s. fixes transfermoritz2005-09-111-12/+17
| | | | of very large SA/SPD snapshots. ok ho@
* handle short reads/writes. this fixes themoritz2005-07-191-18/+64
| | | | transfer of big SA/SPD snapshots. ok ho@
* IP-address -> IP address;jmc2005-07-092-4/+4
| | | | from tamas tevesz;
* when reading of sadb/spd data fails don't callmoritz2005-07-071-5/+6
| | | | memset with a len of (unsigned)-1. ok ho@
* minor tweaks;jmc2005-05-311-13/+16
|
* result not used; ok hoderaadt2005-05-281-2/+2
|
* Optionally prevent syncing failover node-node SA/SPD info (master side).ho2005-05-284-32/+161
|
* Update, also mention pfsync integrationho2005-05-271-8/+31
|
* Keep sockaddr in syncpeer struct.ho2005-05-272-11/+16
|
* Implement SPD (IPsec flow) snapshots.ho2005-05-271-15/+23
|
* Document 'flushmode'ho2005-05-261-1/+22
|
* add a 'flushmode' to control how the master handles FLUSH to slaves. tweak some loglevels.ho2005-05-267-48/+116
|
* check ppidho2005-05-261-3/+9
|
* disable SPD snapshot for nowho2005-05-261-3/+5
|
* Initialize variablesho2005-05-261-3/+2
|
* Don't alloc/free zero-sized SADB/SPD buffers.ho2005-05-262-73/+87
|
* cleanup parser, permit more than one listenerho2005-05-244-199/+328
|
* logging tweaksho2005-05-241-6/+4
|
* Now that all "other" SADB_DUMP fields are zero, we don't have fix it here.ho2005-05-241-3/+1
|
* Remove some debugging cruft.ho2005-05-241-10/+3
|
* When peers connect, have the master daemon look at in-kernel SAs and feedho2005-05-246-85/+411
| | | | | these to the new peer. Adds privsep as fetching SADB and SPD kernel data requires privileges.
* wee fixes;jmc2005-05-231-4/+4
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.