------------------------------------------------------------------------
r238 | mgrooms | 2007-10-12 02:10:03 -0500 (Fri, 12 Oct 2007) | 2 lines
A few more man page cleanups.
------------------------------------------------------------------------
r236 | mgrooms | 2007-10-12 01:53:10 -0500 (Fri, 12 Oct 2007) | 2 lines
Correct some man page formatting errors.
------------------------------------------------------------------------
r234 | mgrooms | 2007-10-11 11:51:56 -0500 (Thu, 11 Oct 2007) | 2 lines
Minor formatting fixes to unix man pages.
------------------------------------------------------------------------
r232 | mgrooms | 2007-10-11 11:41:06 -0500 (Thu, 11 Oct 2007) | 2 lines
Add cmake properties to enable shared object library versioning to be
used.
------------------------------------------------------------------------
r229 | mgrooms | 2007-10-10 10:49:59 -0500 (Wed, 10 Oct 2007) | 2 lines
Add a missing list termination tag in the iked.8 man page. Reported by
Nicolas Deschildre.
------------------------------------------------------------------------
r228 | mgrooms | 2007-10-09 18:00:49 -0500 (Tue, 09 Oct 2007) | 4 lines
Correct a build error with iked when using an older version of the
openldap libraries. Reported by Nicolas Deschildre.
Correct a bug that was producing an ambiguous error message when the
iked.conf file could not be read. Submitted by Nicolas Deschildre.
------------------------------------------------------------------------
r216 | mgrooms | 2007-09-26 22:54:11 -0500 (Wed, 26 Sep 2007) | 1 line
If Split DNS is enabled but no Split Domains are listed, disable split
DNS and allow the virtual adapter specific DNS server to be used.
------------------------------------------------------------------------
r197 | mgrooms | 2007-09-18 17:04:53 -0500 (Tue, 18 Sep 2007) | 2 lines
Correct a problem with ikec when manual DNS settings are used but a
domain name suffix is not specified.
------------------------------------------------------------------------
r195 | mgrooms | 2007-09-18 15:13:27 -0500 (Tue, 18 Sep 2007) | 2 lines
Correct a problem that was preventing site configurations from being
read properly when manual DNS settings are used.
------------------------------------------------------------------------
r190 | mgrooms | 2007-09-16 14:51:22 -0500 (Sun, 16 Sep 2007) | 2 lines
Correct a bug in the list utility that I introduced during the last
commit.
------------------------------------------------------------------------
r189 | mgrooms | 2007-09-16 11:00:10 -0500 (Sun, 16 Sep 2007) | 1 line
Correct a bug in the list utility where a delete could be called on a
NULL value.
------------------------------------------------------------------------
r187 | mgrooms | 2007-09-15 16:46:25 -0500 (Sat, 15 Sep 2007) | 1 line
Branch for 2.0.1 release.
------------------------------------------------------------------------
r186 | mgrooms | 2007-09-11 16:35:47 -0500 (Tue, 11 Sep 2007) | 2 lines
Remove white spaces between the -D and value when adding compiler
definitions. This was breaking the language wrappers on NetBSD pkgsrc.
------------------------------------------------------------------------
r185 | mgrooms | 2007-09-08 01:28:25 -0500 (Sat, 08 Sep 2007) | 2 lines
Remove some temporary printf debug statements.
------------------------------------------------------------------------
r184 | mgrooms | 2007-09-08 01:16:06 -0500 (Sat, 08 Sep 2007) | 1 line
Introduce new lock to protect the ip packet queuing mechanism.
------------------------------------------------------------------------
r183 | mgrooms | 2007-09-08 00:48:02 -0500 (Sat, 08 Sep 2007) | 2 lines
Add a few debug printfs and add a cmake check for the pthread timed
mutex lock function.
------------------------------------------------------------------------
r182 | mgrooms | 2007-09-05 18:54:37 -0500 (Wed, 05 Sep 2007) | 2 lines
Replace the OpenSSL cmake package check with two checks. One looks for
the OpenSSL crypto development headers and the other looks for the
crypto development library.
------------------------------------------------------------------------
r181 | mgrooms | 2007-09-04 22:13:43 -0500 (Tue, 04 Sep 2007) | 1 line
Remember to hold the sdb lock before calling the policy_list_remove
function in the client thread or we may run into problems.
------------------------------------------------------------------------
r180 | mgrooms | 2007-09-04 22:09:14 -0500 (Tue, 04 Sep 2007) | 1 line
Rearrange the policy cleanup code once again. Linux tap adapters will
not free a tap device while still being referenced by IPsec policies.
This forces us to revert to calling policy_list_remove before releasing
the tap device in the client thread.
------------------------------------------------------------------------
r179 | mgrooms | 2007-09-04 02:04:34 -0500 (Tue, 04 Sep 2007) | 1 line
Correct two more const keyword issues that were specific to the windows
platform builds.
------------------------------------------------------------------------
r178 | mgrooms | 2007-09-04 01:50:50 -0500 (Tue, 04 Sep 2007) | 2 lines
Correct one more const warning instance and bump the version to 2.0.1.
------------------------------------------------------------------------
r177 | mgrooms | 2007-09-04 01:41:21 -0500 (Tue, 04 Sep 2007) | 2 lines
Large mechanical update to specify the const keyword where necessary to
silence gcc 4.2.1 warnings.
------------------------------------------------------------------------
r176 | mgrooms | 2007-09-03 18:52:45 -0500 (Mon, 03 Sep 2007) | 2 lines
Add build support for FreeBSD 7.
------------------------------------------------------------------------
r175 | mgrooms | 2007-08-31 02:54:10 -0500 (Fri, 31 Aug 2007) | 1 line
Now that the lock recursion issue has been fixed, reorder a few
statements for aesthetic purposes.
------------------------------------------------------------------------
r174 | mgrooms | 2007-08-31 02:06:18 -0500 (Fri, 31 Aug 2007) | 1 line
Correct an issue in the last commit. I didn't catch 3 of the 4 lock
clauses. Also, add a whitespace to the end of the ike.policy.cpp file so
gcc stops complaining.
------------------------------------------------------------------------
r173 | mgrooms | 2007-08-31 01:52:30 -0500 (Fri, 31 Aug 2007) | 1 line
Second attempt to correct a lock recursion issue when iked is acting as
a client gateway. Require that the spd lock be held before calling the
policy list destroy function. Move the policy list call out of the
client thread and always call this before releasing the spd lock and
destroying the tunnel object.
------------------------------------------------------------------------
r172 | mgrooms | 2007-08-31 01:18:53 -0500 (Fri, 31 Aug 2007) | 1 line
Attempt to correct a lock recursion issue when iked is acting as a
client gateway. The policy list create/destroy functions lock spd which
causes a recursion if the lock is already held by the caller. Move the
calls to destroy policies and release the pool address until after the
lock is released and the tunnel object is about to be destroyed.
------------------------------------------------------------------------
r171 | mgrooms | 2007-08-31 00:14:41 -0500 (Fri, 31 Aug 2007) | 1 line
Implement handling of flush and spflush pfkey messages in iked.
------------------------------------------------------------------------
r170 | mgrooms | 2007-08-29 20:18:12 -0500 (Wed, 29 Aug 2007) | 1 line
Add support for the unity save password attribute. This doesn't serve a
functional purpose yet but will be negotiated if unity pull support is
used.
------------------------------------------------------------------------
r169 | mgrooms | 2007-08-29 00:05:03 -0500 (Wed, 29 Aug 2007) | 1 line
Further refine our modecfg attribute request semantics. When a peer does
not supply a cisco unity vendor id during phase1 negotiations, we no
longer request unity configuration attributes when operating in pull
mode. This provides a more adaptive mode of operation than was
previously available.
------------------------------------------------------------------------
r168 | mgrooms | 2007-08-26 03:15:18 -0500 (Sun, 26 Aug 2007) | 2 lines
Update the open source ikec program to be compatible with the size_t
changes made to libike.
------------------------------------------------------------------------
r167 | mgrooms | 2007-08-26 01:28:40 -0500 (Sun, 26 Aug 2007) | 1 line
Correct a problem with the configuration path passed to the iked
conf_load function on windows platforms. The iked configuration path
passed to this function was unconditionally modified to append the
iked.conf file name in a previous commit. This was to honor the cmake
configured etc configuration directory on unix platforms. But on windows
platforms, the configuration path specifies a registry path which is
bogus when iked.conf is appended. To correct this, we push the code that
appends the iked.conf to the configuration path down into the unix
specific conf_load function.
------------------------------------------------------------------------
r166 | mgrooms | 2007-08-25 17:45:57 -0500 (Sat, 25 Aug 2007) | 1 line
Use a ~0 instead of -1 when defining the default value for a size_t
parameter. This silences a warning emitted from gcc.
------------------------------------------------------------------------
r165 | mgrooms | 2007-08-25 17:36:28 -0500 (Sat, 25 Aug 2007) | 2 lines
Unbreak the unix socket handling code after the size_t changes.
------------------------------------------------------------------------
r164 | mgrooms | 2007-08-25 17:21:15 -0500 (Sat, 25 Aug 2007) | 1 line
Cleanup the vast majority of misc types used to express buffer lengths
and offsets. These have been replaced with size_t which also removes
several compiler warnings on x64 windows builds. A second pass will be
necessary to ensure gcc doesn't complain about these changes.
------------------------------------------------------------------------
r163 | mgrooms | 2007-08-24 16:51:04 -0500 (Fri, 24 Aug 2007) | 2 lines
Correct some capitalization inconsistencies in the README.TXT file.
------------------------------------------------------------------------
r162 | mgrooms | 2007-08-24 16:48:45 -0500 (Fri, 24 Aug 2007) | 2 lines
Add some NetBSD specific information to the README.TXT file.
------------------------------------------------------------------------
r161 | mgrooms | 2007-08-24 16:33:49 -0500 (Fri, 24 Aug 2007) | 2 lines
Update README.TXT file with additional information.
------------------------------------------------------------------------
r160 | mgrooms | 2007-08-24 14:53:08 -0500 (Fri, 24 Aug 2007) | 2 lines
When performing cmake configuration, nsure the /usr/local prefix takes
precedent over the /usr prefix for platforms that support it.
------------------------------------------------------------------------
r159 | mgrooms | 2007-08-21 15:18:00 -0500 (Tue, 21 Aug 2007) | 2 lines
Fix the cmake NATT check for linux platforms. Also add a hackish
workaround that allows multiple remote NAT Discovery payloads to be read
but not necessarily processed. A real fix is in the works.
------------------------------------------------------------------------
r158 | mgrooms | 2007-08-21 14:37:00 -0500 (Tue, 21 Aug 2007) | 5 lines
Remove the cmake check for X11. This appears to cause problems on
FreeBSD and isn't really necessary as we depend on QT not X11.
Correct issues associacted with missing QT embedded images. This was
causing the image to not be displayed properly in ikec and a core dump
under specific circumstances in ikea.
------------------------------------------------------------------------
r157 | mgrooms | 2007-08-20 13:35:38 -0500 (Mon, 20 Aug 2007) | 2 lines
Update the main CMakeLists file to include checks for OpenSSL, pthreads
and X11 dependencies.
------------------------------------------------------------------------
r156 | mgrooms | 2007-08-14 01:49:57 -0500 (Tue, 14 Aug 2007) | 2 lines
Remove the unconditional librt dependency for iked. This is now handled
conditionally.
------------------------------------------------------------------------
r155 | mgrooms | 2007-08-13 20:34:16 -0500 (Mon, 13 Aug 2007) | 2 lines
Remove a few debug printfs.
------------------------------------------------------------------------
r154 | mgrooms | 2007-08-13 16:52:21 -0500 (Mon, 13 Aug 2007) | 2 lines
Make the usage of timed mutex locks optional. This doesn't appear to be
available on NetBSD.
------------------------------------------------------------------------
r153 | mgrooms | 2007-08-13 16:23:55 -0500 (Mon, 13 Aug 2007) | 4 lines
Correct a bug in the Linux route mangement code. There may still be some
minor issues but things appear to be working quite well now.
Correct a build error for Linux where librt was not being included. This
is required for the timed mutex lock changes that were recently made.
------------------------------------------------------------------------
r152 | mgrooms | 2007-08-13 15:43:35 -0500 (Mon, 13 Aug 2007) | 1 line
Attempt to resolve some mutex lock recursion issues by moving the call
to cleanup policies to into the admin thread. Also add a bit more win32
mutex debug output.
------------------------------------------------------------------------
r151 | mgrooms | 2007-08-13 14:51:19 -0500 (Mon, 13 Aug 2007) | 2 lines
Correct errors with pthread lock timeouts. I missed the part in the man
page where the timespec should be specified as absolute instead of
relative.
------------------------------------------------------------------------
r150 | mgrooms | 2007-08-13 13:40:46 -0500 (Mon, 13 Aug 2007) | 2 lines
Add some more mutex lock debugging code. We seem to have a serious
problem with locking on Unix.
------------------------------------------------------------------------
r149 | mgrooms | 2007-08-12 19:52:46 -0500 (Sun, 12 Aug 2007) | 2 lines
Add some assertions in the unix mutex code.
------------------------------------------------------------------------
r148 | mgrooms | 2007-08-12 19:21:06 -0500 (Sun, 12 Aug 2007) | 4 lines
Add support for converting between network masks and prefix lengths to
the Linux route mangement mode.
Add support for logging the natt protocol extension decode information
used in pfkey messaging.
------------------------------------------------------------------------
r147 | mgrooms | 2007-08-12 14:00:33 -0500 (Sun, 12 Aug 2007) | 2 lines
Juggle the order in which we process options in the main CMakeLists file
so NATT will be enabled correctly in the QT GUI applications.
------------------------------------------------------------------------
r146 | mgrooms | 2007-08-12 13:13:58 -0500 (Sun, 12 Aug 2007) | 2 lines
Resolve some issues related to the NATT option on unix targets. This
includes changes to the qt ui behavior and the iked configuration
checks.
------------------------------------------------------------------------
r145 | mgrooms | 2007-08-12 02:31:28 -0500 (Sun, 12 Aug 2007) | 4 lines
Add route management support for Linux using the netlink API. Also
correct support for the Linux tap driver where the adapter was left in a
down link state after creation. This was causing route additions for the
interface to fail.
Correct a problem that was causing the NAT Traversal operation to be
selected incorrectly due to a string usage inconsistency in ikea.
------------------------------------------------------------------------
r144 | mgrooms | 2007-08-11 00:44:02 -0500 (Sat, 11 Aug 2007) | 2 lines
Modify tap device support to work with Linux.
------------------------------------------------------------------------
r143 | mgrooms | 2007-08-10 18:04:33 -0500 (Fri, 10 Aug 2007) | 2 lines
Update tap support for FreeBSD.
------------------------------------------------------------------------
r142 | mgrooms | 2007-08-10 17:26:55 -0500 (Fri, 10 Aug 2007) | 2 lines
Modify tap device support to work with NetBSD. This breaks FreeBSD
support which will be updated shortly.
------------------------------------------------------------------------
r141 | mgrooms | 2007-08-09 23:29:18 -0500 (Thu, 09 Aug 2007) | 2 lines
Fix a double free in liblog due to a file pointer not being nulled. If
closed before destroyed, it would be closed a second time.
------------------------------------------------------------------------
r140 | mgrooms | 2007-08-09 15:55:55 -0500 (Thu, 09 Aug 2007) | 2 lines
Rename the BUILD.TXT to README.TXT and update its contents to contain a
USAGE section. Also, correct a problem with the ikea application where
the local and remote client ids were not being populated correctly.
------------------------------------------------------------------------
r139 | mgrooms | 2007-08-07 20:43:59 -0500 (Tue, 07 Aug 2007) | 4 lines
Correct a bug that was causing trash pointers to be passed as args to
the string format functions.
Make sure iked respects the config defined etc directory on unix
targets.
------------------------------------------------------------------------
r138 | mgrooms | 2007-08-07 19:40:44 -0500 (Tue, 07 Aug 2007) | 2 lines
Modify the unix socket recv code to be Linux compatible.
------------------------------------------------------------------------
r137 | mgrooms | 2007-08-07 11:33:01 -0500 (Tue, 07 Aug 2007) | 2 lines
Add header to main cmake file.
------------------------------------------------------------------------
r136 | mgrooms | 2007-08-07 11:31:46 -0500 (Tue, 07 Aug 2007) | 2 lines
Cleanup the cmake variables and configure options to manually specify
the etc and man paths. Also add a sample configuration file that allows
client operation to work out of the box.
------------------------------------------------------------------------
r135 | mgrooms | 2007-08-06 15:39:33 -0500 (Mon, 06 Aug 2007) | 2 lines
Update CMake build to enforce basic pre-requisite checks for bison and
flex. This still doesn't catch the error case where bison < ver 2.3 yet.
Also attempt to detect the proper man page install directory.
------------------------------------------------------------------------
r134 | mgrooms | 2007-08-06 13:30:58 -0500 (Mon, 06 Aug 2007) | 3 lines
Add unix install support.
------------------------------------------------------------------------
r133 | mgrooms | 2007-08-05 13:25:52 -0500 (Sun, 05 Aug 2007) | 2 lines
Update the basic public documentation.
------------------------------------------------------------------------
r132 | mgrooms | 2007-08-05 12:09:47 -0500 (Sun, 05 Aug 2007) | 2 lines
Compile fixes for ikec on Linux.
------------------------------------------------------------------------
r131 | mgrooms | 2007-08-05 12:00:15 -0500 (Sun, 05 Aug 2007) | 2 lines
Use the QDir class instead of the dirent functions in ikea. This turned
out to be much more portable between BSD and linux.
------------------------------------------------------------------------
r130 | mgrooms | 2007-08-04 10:55:27 -0500 (Sat, 04 Aug 2007) | 2 lines
Modify the main CMakeFiles.txt to require multi-threaded qt.
------------------------------------------------------------------------
r129 | mgrooms | 2007-08-04 02:48:42 -0500 (Sat, 04 Aug 2007) | 4 lines
Correct some problems with main CMakeFiles.txt file on linux.
Don't include the compat path to include the winstring.h file. This
avoids conflicts with the inttypes.h that exists in the same directory.
------------------------------------------------------------------------
r128 | mgrooms | 2007-08-04 02:17:37 -0500 (Sat, 04 Aug 2007) | 2 lines
Correct some errors in the main CMakeLists file.
------------------------------------------------------------------------
r127 | mgrooms | 2007-08-03 17:13:46 -0500 (Fri, 03 Aug 2007) | 2 lines
Overhaul the CMake tests to be more portable. Also use the moc and uic
wrappers for building the unix gui apps.
------------------------------------------------------------------------
r126 | mgrooms | 2007-08-03 11:41:16 -0500 (Fri, 03 Aug 2007) | 2 lines
Add compatibility functions for new windows safe string functions for
unix targets. This has only been compile tested on FreeBSD.
------------------------------------------------------------------------
r125 | mgrooms | 2007-08-03 10:44:14 -0500 (Fri, 03 Aug 2007) | 1 line
Replace all string function calls that have been depreciated on win32
with the newer safe variety. This will temporarily break all unix build
targets until compatibility shims have been added.
------------------------------------------------------------------------