Xcllnt/master #5
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-portable maintainer. Sync iked/ikectl code with -current.
This needs build testing and cleanups.
why it causes a build failure (ikectl-log.Po)
This reverts commit a3c6d0a.
If a policy (configuration) does not specify any peers, then flag the policy as being able to use transport mode IPSec. Send the USE_TRANSPORT_MODE notification with the request to signal the peer that we want transport mode. Enable transport mode if we receive the USE_TRANSPORT_MODE notification.
that such is possible.
OpenIKED-portable and to implement transport mode - thanks a lot! - Update the autoconf framework to work on OpenBSD (not needed since OpenBSD has iked in base).
Just fix the spacing for now, but they should probably go away or fit into iked's style (whithout the custom LOG_SESSION prefix).
- Fix unsigned len type in iked/ca.c - Prevent LibreSSL from redefining __bounded__
that expect a PATH_MAX input buffer (like realpath on Linux). Despite the comment, there doesn't seem to be an imsg with a path element.
LibreSSL since it implements a proper PRNG. Unfortunately, Ubuntu still defaults to OpenSSL.
BSD IP_RECVDSTADDR returns a struct in_addr.
by default and I'd have to build a custom kernel as documented in https://www.freebsd.org/doc/handbook/ipsec.html).
sockaddr and struct sockaddr_storage (resp):
- Fix openbsd-compat.h and replace SET_STORAGE_LEN with
SET_SA_LEN and SET_SS_LEN. Remove the unused STORAGE_LEN
and now unused STORAGE_FAMILY.
- Make the definition of SET_SA_LEN dependent upon
HAVE_STRUCT_SOCKADDR_SA_LEN. if HAVE_STRUCT_SOCKADDR_SA_LEN
is not defined, expand SET_SA_LEN to void.
- Make the definition of SET_SS_LEN dependent upon
HAVE_STRUCT_SOCKADDR_STORAGE_SS_LEN. If the latter is not
defined, expand SET_SS_LEN to SET_SA_LEN. This to avoid
compatibility problems between ss_len and __ss_len.
- Avoid excessive back and forth casting and use sockaddr or
sockaddr_storage as much as possible.
While here, eliminate the af field from struct ipsec_addr_wrap.
This makes sure that the ss_family field in address is always
properly initialized. Redundant variables tend to have that
effect.
This fixes setting up SAs on FreeBSD and presumably any OS that
have sa_len and ss_len.
In configure.ac, if $prefix evaluates to NONE (unspecified), use $ac_default_prefix instead. Use $_prefix internally so that we can test whether --prefix was specified or not.
Fix initialization of the sa_len and ss_len fields in struct
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.