Merge ipsec-tools 0.6.3 import trunk
authormanu <manu@NetBSD.org>
Mon, 21 Nov 2005 14:20:28 +0000
branchtrunk
changeset 141242 5c8adcf6115b
parent 141241 d85cd2b1d539
child 141243 5f72ac04958b
Merge ipsec-tools 0.6.3 import
crypto/dist/ipsec-tools/ChangeLog
crypto/dist/ipsec-tools/src/include-glibc/glibc-bugs.h
crypto/dist/ipsec-tools/src/include-glibc/net/pfkeyv2.h
crypto/dist/ipsec-tools/src/include-glibc/netinet/ipsec.h
crypto/dist/ipsec-tools/src/include-glibc/sys/queue.h
crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c
crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c
crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3
crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3
crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c
crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h
crypto/dist/ipsec-tools/src/libipsec/key_debug.c
crypto/dist/ipsec-tools/src/libipsec/libpfkey.h
crypto/dist/ipsec-tools/src/libipsec/pfkey.c
crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c
crypto/dist/ipsec-tools/src/libipsec/policy_parse.c
crypto/dist/ipsec-tools/src/libipsec/policy_parse.h
crypto/dist/ipsec-tools/src/libipsec/policy_parse.y
crypto/dist/ipsec-tools/src/libipsec/policy_token.c
crypto/dist/ipsec-tools/src/libipsec/policy_token.l
crypto/dist/ipsec-tools/src/libipsec/test-policy.c
crypto/dist/ipsec-tools/src/racoon/admin.c
crypto/dist/ipsec-tools/src/racoon/admin.h
crypto/dist/ipsec-tools/src/racoon/admin_var.h
crypto/dist/ipsec-tools/src/racoon/algorithm.c
crypto/dist/ipsec-tools/src/racoon/algorithm.h
crypto/dist/ipsec-tools/src/racoon/backupsa.c
crypto/dist/ipsec-tools/src/racoon/backupsa.h
crypto/dist/ipsec-tools/src/racoon/cfparse.c
crypto/dist/ipsec-tools/src/racoon/cfparse.y
crypto/dist/ipsec-tools/src/racoon/cfparse_proto.h
crypto/dist/ipsec-tools/src/racoon/cftoken.c
crypto/dist/ipsec-tools/src/racoon/cftoken.l
crypto/dist/ipsec-tools/src/racoon/cftoken_proto.h
crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c
crypto/dist/ipsec-tools/src/racoon/crypto_openssl.h
crypto/dist/ipsec-tools/src/racoon/debug.h
crypto/dist/ipsec-tools/src/racoon/debugrm.h
crypto/dist/ipsec-tools/src/racoon/dhgroup.h
crypto/dist/ipsec-tools/src/racoon/dnssec.c
crypto/dist/ipsec-tools/src/racoon/dnssec.h
crypto/dist/ipsec-tools/src/racoon/dump.h
crypto/dist/ipsec-tools/src/racoon/eaytest.c
crypto/dist/ipsec-tools/src/racoon/evt.c
crypto/dist/ipsec-tools/src/racoon/evt.h
crypto/dist/ipsec-tools/src/racoon/gcmalloc.h
crypto/dist/ipsec-tools/src/racoon/genlist.c
crypto/dist/ipsec-tools/src/racoon/genlist.h
crypto/dist/ipsec-tools/src/racoon/getcertsbyname.c
crypto/dist/ipsec-tools/src/racoon/gnuc.h
crypto/dist/ipsec-tools/src/racoon/grabmyaddr.c
crypto/dist/ipsec-tools/src/racoon/grabmyaddr.h
crypto/dist/ipsec-tools/src/racoon/gssapi.c
crypto/dist/ipsec-tools/src/racoon/gssapi.h
crypto/dist/ipsec-tools/src/racoon/handler.c
crypto/dist/ipsec-tools/src/racoon/handler.h
crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c
crypto/dist/ipsec-tools/src/racoon/ipsec_doi.h
crypto/dist/ipsec-tools/src/racoon/isakmp.c
crypto/dist/ipsec-tools/src/racoon/isakmp.h
crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c
crypto/dist/ipsec-tools/src/racoon/isakmp_agg.h
crypto/dist/ipsec-tools/src/racoon/isakmp_base.c
crypto/dist/ipsec-tools/src/racoon/isakmp_base.h
crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.c
crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.h
crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c
crypto/dist/ipsec-tools/src/racoon/isakmp_frag.h
crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c
crypto/dist/ipsec-tools/src/racoon/isakmp_ident.h
crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c
crypto/dist/ipsec-tools/src/racoon/isakmp_inf.h
crypto/dist/ipsec-tools/src/racoon/isakmp_newg.c
crypto/dist/ipsec-tools/src/racoon/isakmp_newg.h
crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c
crypto/dist/ipsec-tools/src/racoon/isakmp_quick.h
crypto/dist/ipsec-tools/src/racoon/isakmp_unity.c
crypto/dist/ipsec-tools/src/racoon/isakmp_unity.h
crypto/dist/ipsec-tools/src/racoon/isakmp_var.h
crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c
crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.h
crypto/dist/ipsec-tools/src/racoon/kmpstat.c
crypto/dist/ipsec-tools/src/racoon/localconf.c
crypto/dist/ipsec-tools/src/racoon/localconf.h
crypto/dist/ipsec-tools/src/racoon/logger.c
crypto/dist/ipsec-tools/src/racoon/logger.h
crypto/dist/ipsec-tools/src/racoon/main.c
crypto/dist/ipsec-tools/src/racoon/misc.c
crypto/dist/ipsec-tools/src/racoon/misc.h
crypto/dist/ipsec-tools/src/racoon/nattraversal.c
crypto/dist/ipsec-tools/src/racoon/nattraversal.h
crypto/dist/ipsec-tools/src/racoon/netdb_dnssec.h
crypto/dist/ipsec-tools/src/racoon/oakley.c
crypto/dist/ipsec-tools/src/racoon/oakley.h
lib/libipsec/config.h
lib/libipsec/package_version.h
--- a/crypto/dist/ipsec-tools/ChangeLog	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/ChangeLog	Mon Nov 21 14:20:28 2005 +0000
@@ -1,3 +1,46 @@
+---------------------------------------------
+
+	0.6.3 released
+
+2005-11-21  Yvan Vanhullebus  <vanhu@netasq.com>
+
+	* src/racoon/isakmp_[ident|agg].c: Check if natt is available when
+	  receiving a NAT_D payload from initiator. It saves a crash,
+	  reported by Dave Huang to NetBSD.
+
+2005-11-20  Yvan Vanhullebus  <vanhu@netasq.com>
+
+	* src/racoon/isakmp_agg.c: Check that we got some needed payloads
+	  from peer (could cause a DoS). Crash reported by Adrian Portelli
+	  using IKE test suite from 
+	  http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
+
+2005-11-06  Aidas Kasparas  <a.kasparas@gmc.lt>
+
+	* src/racoon/main.c, src/racoon/session.c: moved .pid file writing
+	  just before main loop. Thanks Stephen Thorne
+	* src/racoon/localconf.h, src/racoon/cftoken.l: introduced 
+	  path pidfile directive
+	* src/racoon/racoon.conf.5: documented above
+	* configure.ac: OpenSSL 0.9.8 compilation fix. Thank Ganesan 
+	  Rajagopal
+	* configure.ac: added check for strlcat function
+	* src/racoon/misc.h: define strlcat function for systems without one
+	* src/racoon/remoteconf.c: strncat -> strlcat
+
+2005-10-17  Aidas Kasparas  <a.kasparas@gmc.lt>
+
+	Introduced subnet sainfo type.
+	* src/racoon/cftoken.l: new token "subnet"
+	* src/racoon/cfparse.y: added address/subnet diferentiation logic
+	* src/racoon/ipsec-doi.h: new constant
+	* src/racoon/ipsec-doi.c: adopted to above
+	* src/racoon/racoon.conf.5: documented above
+	
+2005-10-14  Emmanuel Dreyfus  <manu@netbsd.org>
+
+	* src/libipsec/pfkey.c: One forgotten cast caddr_t -> void *
+
 ---------------------------------------------
 
 	0.6.2 released
--- a/crypto/dist/ipsec-tools/src/include-glibc/glibc-bugs.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/include-glibc/glibc-bugs.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: glibc-bugs.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: glibc-bugs.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 #ifndef __GLIBC_BUGS_H__
 #define __GLIBC_BUGS_H__ 1
--- a/crypto/dist/ipsec-tools/src/include-glibc/net/pfkeyv2.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/include-glibc/net/pfkeyv2.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: pfkeyv2.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: pfkeyv2.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 #ifndef __NET_PFKEYV2_H_
 #define __NET_PFKEYV2_H_ 1
--- a/crypto/dist/ipsec-tools/src/include-glibc/netinet/ipsec.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/include-glibc/netinet/ipsec.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: ipsec.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 #include <net/pfkeyv2.h>
 #include <linux/ipsec.h>
--- a/crypto/dist/ipsec-tools/src/include-glibc/sys/queue.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/include-glibc/sys/queue.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: queue.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: queue.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /*
  * Copyright (c) 1991, 1993
--- a/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/ipsec_dump_policy.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec_dump_policy.c,v 1.5 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: ipsec_dump_policy.c,v 1.6 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: ipsec_dump_policy.c,v 1.7.4.2 2005/06/29 13:01:27 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/ipsec_get_policylen.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec_get_policylen.c,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: ipsec_get_policylen.c,v 1.5 2005/11/21 14:20:28 manu Exp $	*/
 
 /*	$KAME: ipsec_get_policylen.c,v 1.5 2000/05/07 05:25:03 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/ipsec_set_policy.3	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ipsec_set_policy.3,v 1.11 2005/08/20 00:57:06 manu Exp $
+.\"	$NetBSD: ipsec_set_policy.3,v 1.12 2005/11/21 14:20:28 manu Exp $
 .\"
 .\"	$KAME: ipsec_set_policy.3,v 1.16 2003/01/06 21:59:03 sumikawa Exp $
 .\"
--- a/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.3	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ipsec_strerror.3,v 1.8 2005/08/20 00:57:06 manu Exp $
+.\"	$NetBSD: ipsec_strerror.3,v 1.9 2005/11/21 14:20:28 manu Exp $
 .\"
 .\"	$KAME: ipsec_strerror.3,v 1.9 2001/08/17 07:21:36 itojun Exp $
 .\"
--- a/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec_strerror.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: ipsec_strerror.c,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /*	$KAME: ipsec_strerror.c,v 1.7 2000/07/30 00:45:12 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/ipsec_strerror.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec_strerror.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: ipsec_strerror.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: ipsec_strerror.h,v 1.4 2004/06/07 09:18:46 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/libipsec/key_debug.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/key_debug.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: key_debug.c,v 1.5 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: key_debug.c,v 1.6 2005/11/21 14:20:28 manu Exp $	*/
 
 /*	$KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: libpfkey.h,v 1.7 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: libpfkey.h,v 1.8 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: libpfkey.h,v 1.8.2.3 2005/06/29 13:01:28 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/libipsec/pfkey.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/pfkey.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: pfkey.c,v 1.8 2005/10/14 14:01:34 manu Exp $	*/
+/*	$NetBSD: pfkey.c,v 1.9 2005/11/21 14:20:28 manu Exp $	*/
 
 /*	$KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/pfkey_dump.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: pfkey_dump.c,v 1.10 2005/10/14 14:01:34 manu Exp $	*/
+/*	$NetBSD: pfkey_dump.c,v 1.11 2005/11/21 14:20:28 manu Exp $	*/
 
 /*	$KAME: pfkey_dump.c,v 1.45 2003/09/08 10:14:56 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/libipsec/policy_parse.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/policy_parse.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: policy_parse.c,v 1.1.1.1 2005/11/21 14:12:17 manu Exp $	*/
+/*	$NetBSD: policy_parse.c,v 1.2 2005/11/21 14:20:28 manu Exp $	*/
 
 
 /*  A Bison parser, made from policy_parse.y
--- a/crypto/dist/ipsec-tools/src/libipsec/policy_parse.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/policy_parse.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: policy_parse.h,v 1.1.1.1 2005/11/21 14:12:17 manu Exp $	*/
+/*	$NetBSD: policy_parse.h,v 1.2 2005/11/21 14:20:28 manu Exp $	*/
 
 typedef union {
 	u_int num;
--- a/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/policy_parse.y	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: policy_parse.y,v 1.7 2005/10/14 14:01:34 manu Exp $	*/
+/*	$NetBSD: policy_parse.y,v 1.8 2005/11/21 14:20:28 manu Exp $	*/
 
 /*	$KAME: policy_parse.y,v 1.21 2003/12/12 08:01:26 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/libipsec/policy_token.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/policy_token.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: policy_token.c,v 1.1.1.1 2005/11/21 14:12:17 manu Exp $	*/
+/*	$NetBSD: policy_token.c,v 1.2 2005/11/21 14:20:28 manu Exp $	*/
 
 #define yy_create_buffer __libipsec_create_buffer
 #define yy_delete_buffer __libipsec_delete_buffer
--- a/crypto/dist/ipsec-tools/src/libipsec/policy_token.l	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/policy_token.l	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: policy_token.l,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: policy_token.l,v 1.5 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: policy_token.l,v 1.10.4.1 2005/05/07 14:30:38 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/libipsec/test-policy.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/test-policy.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: test-policy.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: test-policy.c,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /*	$KAME: test-policy.c,v 1.16 2003/08/26 03:24:08 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/admin.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/admin.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: admin.c,v 1.6 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: admin.c,v 1.7 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: admin.c,v 1.17.2.4 2005/07/12 11:49:44 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/admin.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/admin.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: admin.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: admin.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: admin.h,v 1.10 2004/12/30 13:45:49 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/admin_var.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/admin_var.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: admin_var.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: admin_var.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: admin_var.h,v 1.7 2004/12/30 00:08:30 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/algorithm.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/algorithm.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: algorithm.c,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: algorithm.c,v 1.5 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: algorithm.c,v 1.11.4.1 2005/06/28 22:38:02 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/algorithm.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/algorithm.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: algorithm.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: algorithm.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: algorithm.h,v 1.8 2004/11/18 15:14:44 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/backupsa.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/backupsa.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: backupsa.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: backupsa.c,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /*	$KAME: backupsa.c,v 1.16 2001/12/31 20:13:40 thorpej Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/backupsa.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/backupsa.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: backupsa.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: backupsa.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: backupsa.h,v 1.3 2004/06/11 16:00:15 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/cfparse.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/cfparse.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: cfparse.c,v 1.1.1.1 2005/11/21 14:12:09 manu Exp $	*/
+/*	$NetBSD: cfparse.c,v 1.2 2005/11/21 14:20:28 manu Exp $	*/
 
 
 /*  A Bison parser, made from ./cfparse.y
--- a/crypto/dist/ipsec-tools/src/racoon/cfparse.y	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/cfparse.y	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: cfparse.y,v 1.9 2005/10/14 14:01:34 manu Exp $	*/
+/*	$NetBSD: cfparse.y,v 1.10 2005/11/21 14:20:28 manu Exp $	*/
 
-/* Id: cfparse.y,v 1.37.2.4 2005/05/10 09:45:45 manubsd Exp */
+/* Id: cfparse.y,v 1.37.2.6 2005/10/17 16:23:50 monas Exp */
 
 %{
 /*
@@ -823,7 +823,9 @@
 					return -1;
 				}
 				$$ = ipsecdoi_sockaddr2id(saddr,
-					$3 == ~0 ? (sizeof(struct in_addr) << 3): $3,
+					$3 == (sizeof(struct in_addr) << 3) &&
+						$1 == IDTYPE_ADDRESS
+					  ? ~0 : $3,
 					$5);
 				break;
 #ifdef INET6
@@ -834,7 +836,9 @@
 					return -1;
 				}
 				$$ = ipsecdoi_sockaddr2id(saddr,
-					$3 == ~0 ? (sizeof(struct in6_addr) << 3) : $3,
+					$3 == (sizeof(struct in6_addr) << 3) &&
+						$1 == IDTYPE_ADDRESS
+					  ? ~0 : $3,
 					$5);
 				break;
 #endif
--- a/crypto/dist/ipsec-tools/src/racoon/cfparse_proto.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/cfparse_proto.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: cfparse_proto.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: cfparse_proto.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: cfparse_proto.h,v 1.3 2004/06/11 16:00:15 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/cftoken.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/cftoken.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: cftoken.c,v 1.1.1.1 2005/11/21 14:12:10 manu Exp $	*/
+/*	$NetBSD: cftoken.c,v 1.2 2005/11/21 14:20:28 manu Exp $	*/
 
 #line 2 "cftoken.c"
 /* A lexical scanner generated by flex */
--- a/crypto/dist/ipsec-tools/src/racoon/cftoken.l	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/cftoken.l	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: cftoken.l,v 1.5 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: cftoken.l,v 1.6 2005/11/21 14:20:28 manu Exp $	*/
 
-/* Id: cftoken.l,v 1.31.2.5 2005/06/28 22:38:02 manubsd Exp */
+/* Id: cftoken.l,v 1.31.2.7 2005/11/06 17:18:26 monas Exp */
 
 %{
 /*
@@ -169,6 +169,8 @@
 				return(PATHTYPE); }
 <S_PTH>backupsa		{ YYD; yylval.num = LC_PATHTYPE_BACKUPSA;
 				return(PATHTYPE); }
+<S_PTH>pidfile		{ YYD; yylval.num = LC_PATHTYPE_PIDFILE;
+				return(PATHTYPE); }
 <S_PTH>{semi}		{ BEGIN S_INI; YYDB; return(EOS); }
 
 	/* include */
@@ -471,6 +473,7 @@
 fqdn		{ YYD; yylval.num = IDTYPE_FQDN; return(IDENTIFIERTYPE); }
 keyid		{ YYD; yylval.num = IDTYPE_KEYID; return(IDENTIFIERTYPE); }
 address		{ YYD; yylval.num = IDTYPE_ADDRESS; return(IDENTIFIERTYPE); }
+subnet		{ YYD; yylval.num = IDTYPE_SUBNET; return(IDENTIFIERTYPE); }
 asn1dn		{ YYD; yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
 certname	{ YYD; yywarn("certname will be obsoleted in near future."); yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
 
--- a/crypto/dist/ipsec-tools/src/racoon/cftoken_proto.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/cftoken_proto.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: cftoken_proto.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: cftoken_proto.h,v 1.3 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: cftoken_proto.h,v 1.3 2004/06/11 16:00:15 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: crypto_openssl.c,v 1.5 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: crypto_openssl.c,v 1.6 2005/11/21 14:20:28 manu Exp $	*/
 
 /* Id: crypto_openssl.c,v 1.40.4.5 2005/07/12 11:50:15 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: crypto_openssl.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: crypto_openssl.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: crypto_openssl.h,v 1.11 2004/11/13 11:28:01 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/debug.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/debug.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: debug.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: debug.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: debug.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/debugrm.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/debugrm.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: debugrm.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: debugrm.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: debugrm.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/dhgroup.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/dhgroup.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: dhgroup.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: dhgroup.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: dhgroup.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/dnssec.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/dnssec.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: dnssec.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: dnssec.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: dnssec.c,v 1.2 2001/08/05 18:46:07 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/dnssec.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/dnssec.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: dnssec.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: dnssec.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: dnssec.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/dump.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/dump.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: dump.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: dump.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: dump.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/eaytest.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/eaytest.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: eaytest.c,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: eaytest.c,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: eaytest.c,v 1.20.4.2 2005/06/28 22:38:02 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/evt.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/evt.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: evt.c,v 1.3 2005/10/14 14:01:34 manu Exp $	*/
+/*	$NetBSD: evt.c,v 1.4 2005/11/21 14:20:29 manu Exp $	*/
 
-/* Id: evt.c,v 1.2 2004/11/29 23:30:39 manubsd Exp */
+/* Id: evt.c,v 1.2.4.1 2005/09/26 17:49:38 manubsd Exp */
 
 /*
  * Copyright (C) 2004 Emmanuel Dreyfus
--- a/crypto/dist/ipsec-tools/src/racoon/evt.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/evt.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: evt.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: evt.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: evt.h,v 1.3 2004/11/29 23:30:39 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/gcmalloc.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/gcmalloc.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: gcmalloc.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: gcmalloc.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: gcmalloc.h,v 1.4 2001/11/16 04:34:57 sakane Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/genlist.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/genlist.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: genlist.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: genlist.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: genlist.c,v 1.2 2004/07/12 20:43:50 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/genlist.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/genlist.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: genlist.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: genlist.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: genlist.h,v 1.2 2004/07/12 20:43:50 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/getcertsbyname.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/getcertsbyname.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: getcertsbyname.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: getcertsbyname.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: getcertsbyname.c,v 1.7 2001/11/16 04:12:59 sakane Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/gnuc.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/gnuc.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: gnuc.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: gnuc.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: gnuc.h,v 1.4 2004/11/18 15:14:44 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/grabmyaddr.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/grabmyaddr.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: grabmyaddr.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: grabmyaddr.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: grabmyaddr.c,v 1.23.4.2 2005/07/16 04:41:01 monas Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/grabmyaddr.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/grabmyaddr.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: grabmyaddr.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: grabmyaddr.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: grabmyaddr.h,v 1.5 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/gssapi.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/gssapi.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: gssapi.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: gssapi.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: gssapi.c,v 1.19 2001/04/03 15:51:55 thorpej Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/gssapi.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/gssapi.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: gssapi.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: gssapi.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: gssapi.h,v 1.5 2005/02/11 06:59:01 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/handler.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/handler.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: handler.c,v 1.6 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: handler.c,v 1.7 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: handler.c,v 1.13.4.4 2005/07/14 12:00:36 vanhu Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/handler.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/handler.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: handler.h,v 1.7 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: handler.h,v 1.8 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: handler.h,v 1.11.4.3 2005/05/07 17:26:05 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: ipsec_doi.c,v 1.11 2005/10/14 14:01:34 manu Exp $	*/
-
-/* Id: ipsec_doi.c,v 1.26.2.12 2005/07/12 11:50:15 manubsd Exp */
+/*	$NetBSD: ipsec_doi.c,v 1.12 2005/11/21 14:20:29 manu Exp $	*/
+
+/* Id: ipsec_doi.c,v 1.26.2.15 2005/10/17 16:23:50 monas Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -3744,7 +3744,7 @@
 	switch (saddr->sa_family) {
 	case AF_INET:
 		len1 = sizeof(struct in_addr);
-		if (prefixlen == (sizeof(struct in_addr) << 3)) {
+		if (prefixlen == ~0) {
 			type = IPSECDOI_ID_IPV4_ADDR;
 			len2 = 0;
 		} else {
@@ -3757,7 +3757,7 @@
 #ifdef INET6
 	case AF_INET6:
 		len1 = sizeof(struct in6_addr);
-		if (prefixlen == (sizeof(struct in6_addr) << 3)) {
+		if (prefixlen == ~0) {
 			type = IPSECDOI_ID_IPV6_ADDR;
 			len2 = 0;
 		} else {
--- a/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: ipsec_doi.h,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: ipsec_doi.h,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
-/* Id: ipsec_doi.h,v 1.9.2.1 2005/06/28 22:38:03 manubsd Exp */
+/* Id: ipsec_doi.h,v 1.9.2.2 2005/10/17 16:23:50 monas Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -182,6 +182,7 @@
 #define IDTYPE_ADDRESS		4
 #define IDTYPE_ASN1DN		5
 #define IDTYPE_LOGIN		6
+#define IDTYPE_SUBNET		7
 
 /* The use for checking proposal payload. This is not exchange type. */
 #define IPSECDOI_TYPE_PH1	0
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: isakmp.c,v 1.10 2005/09/26 16:24:57 manu Exp $	*/
-
-/* Id: isakmp.c,v 1.34.2.19 2005/08/11 14:58:51 vanhu Exp */
+/*	$NetBSD: isakmp.c,v 1.11 2005/11/21 14:20:29 manu Exp $	*/
+
+/* Id: isakmp.c,v 1.34.2.20 2005/09/26 16:12:20 manubsd Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp.h,v 1.10 2005/01/29 16:34:25 vanhu Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: isakmp_agg.c,v 1.6 2005/09/26 16:24:57 manu Exp $	*/
+/*	$NetBSD: isakmp_agg.c,v 1.7 2005/11/21 14:20:29 manu Exp $	*/
 
-/* Id: isakmp_agg.c,v 1.20.2.1 2005/04/09 22:32:06 manubsd Exp */
+/* Id: isakmp_agg.c,v 1.20.2.5 2005/11/21 09:46:23 vanhu Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -459,7 +459,7 @@
 #ifdef ENABLE_NATT
 		case ISAKMP_NPTYPE_NATD_DRAFT:
 		case ISAKMP_NPTYPE_NATD_RFC:
-			if (NATT_AVAILABLE(iph1) && iph1->natt_options &&
+			if (NATT_AVAILABLE(iph1) && iph1->natt_options != NULL &&
 			    pa->type == iph1->natt_options->payload_nat_d) {
 				struct natd_payload *natd;
 				natd = (struct natd_payload *)racoon_malloc(sizeof(*natd));
@@ -490,7 +490,11 @@
 	}
 
 	/* payload existency check */
-	/* XXX to be checked each authentication method. */
+	if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) {
+		plog(LLV_ERROR, LOCATION, iph1->remote,
+			"few isakmp message received.\n");
+		goto end;
+	}
 
 	/* verify identifier */
 	if (ipsecdoi_checkid1(iph1) != 0) {
@@ -890,7 +894,11 @@
 	}
 
 	/* payload existency check */
-	/* XXX to be checked each authentication method. */
+	if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) {
+		plog(LLV_ERROR, LOCATION, iph1->remote,
+			"few isakmp message received.\n");
+		goto end;
+	}
 
 	/* verify identifier */
 	if (ipsecdoi_checkid1(iph1) != 0) {
@@ -1358,7 +1366,8 @@
 #ifdef ENABLE_NATT
 		case ISAKMP_NPTYPE_NATD_DRAFT:
 		case ISAKMP_NPTYPE_NATD_RFC:
-			if (pa->type == iph1->natt_options->payload_nat_d)
+			if (NATT_AVAILABLE(iph1) && iph1->natt_options != NULL &&
+				pa->type == iph1->natt_options->payload_nat_d)
 			{
 				vchar_t *natd_received = NULL;
 				int natd_verified;
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_agg.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_agg.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_agg.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_base.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_base.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_base.c,v 1.4 2005/09/26 16:24:57 manu Exp $	*/
+/*	$NetBSD: isakmp_base.c,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: isakmp_base.c,v 1.49 2003/11/13 02:30:20 sakane Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_base.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_base.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_base.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_base.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_base.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: isakmp_cfg.c,v 1.8 2005/09/21 12:46:08 tron Exp $	*/
+/*	$NetBSD: isakmp_cfg.c,v 1.9 2005/11/21 14:20:29 manu Exp $	*/
 
-/* Id: isakmp_cfg.c,v 1.26.2.5 2005/05/10 09:45:46 manubsd Exp */
+/* Id: isakmp_cfg.c,v 1.26.2.6 2005/09/23 14:29:45 manubsd Exp */
 
 /*
  * Copyright (C) 2004 Emmanuel Dreyfus
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_cfg.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_cfg.h,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_cfg.h,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME$ */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_frag.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_frag.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_frag.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_frag.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	Id: isakmp_frag.h,v 1.2 2004/10/24 16:51:24 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: isakmp_ident.c,v 1.3 2005/09/23 14:22:27 manu Exp $	*/
+/*	$NetBSD: isakmp_ident.c,v 1.4 2005/11/21 14:20:29 manu Exp $	*/
 
-/* Id: isakmp_ident.c,v 1.13 2005/01/29 16:34:25 vanhu Exp */
+/* Id: isakmp_ident.c,v 1.13.2.2 2005/11/21 09:46:23 vanhu Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -420,7 +420,7 @@
 #ifdef ENABLE_NATT
 		case ISAKMP_NPTYPE_NATD_DRAFT:
 		case ISAKMP_NPTYPE_NATD_RFC:
-			if (NATT_AVAILABLE(iph1) && iph1->natt_options &&
+			if (NATT_AVAILABLE(iph1) && iph1->natt_options != NULL &&
 			    pa->type == iph1->natt_options->payload_nat_d) {
 				natd_received = NULL;
 				if (isakmp_p2ph (&natd_received, pa->ptr) < 0)
@@ -1063,7 +1063,8 @@
 #ifdef ENABLE_NATT
 		case ISAKMP_NPTYPE_NATD_DRAFT:
 		case ISAKMP_NPTYPE_NATD_RFC:
-			if (pa->type == iph1->natt_options->payload_nat_d)
+			if (NATT_AVAILABLE(iph1) && iph1->natt_options != NULL &&
+			    pa->type == iph1->natt_options->payload_nat_d)
 			{
 				vchar_t *natd_received = NULL;
 				int natd_verified;
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_ident.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_ident.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_ident.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_inf.c,v 1.9 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_inf.c,v 1.10 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_inf.c,v 1.14.4.9 2005/08/02 15:09:26 vanhu Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_inf.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_inf.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_inf.h,v 1.4 2004/11/16 15:44:46 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_newg.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_newg.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_newg.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_newg.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: isakmp_newg.c,v 1.10 2002/09/27 05:55:52 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_newg.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_newg.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_newg.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_newg.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_newg.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_quick.c,v 1.7 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_quick.c,v 1.8 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_quick.c,v 1.13.2.7 2005/07/20 08:02:05 vanhu Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_quick.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_quick.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_quick.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_quick.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_quick.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_unity.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_unity.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_unity.c,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_unity.c,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_unity.c,v 1.5.4.1 2005/05/10 09:45:46 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_unity.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_unity.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_unity.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_unity.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME$ */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_var.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_var.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_var.h,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_var.h,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_var.h,v 1.9.2.1 2005/05/07 17:26:06 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_xauth.c,v 1.7 2005/10/14 14:01:34 manu Exp $	*/
+/*	$NetBSD: isakmp_xauth.c,v 1.8 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: isakmp_xauth.c,v 1.17.2.5 2005/05/20 07:31:09 manubsd Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp_xauth.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: isakmp_xauth.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME$ */
 
--- a/crypto/dist/ipsec-tools/src/racoon/kmpstat.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/kmpstat.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: kmpstat.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: kmpstat.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: kmpstat.c,v 1.33 2004/08/16 08:20:28 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/localconf.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/localconf.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: localconf.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: localconf.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: localconf.c,v 1.33 2001/08/09 07:32:19 sakane Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/localconf.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/localconf.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: localconf.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: localconf.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
-/* Id: localconf.h,v 1.9.2.2 2005/03/16 23:18:43 manubsd Exp */
+/* Id: localconf.h,v 1.9.2.3 2005/11/06 17:18:26 monas Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -43,7 +43,8 @@
 #define LC_PATHTYPE_CERT	2
 #define LC_PATHTYPE_BACKUPSA	3
 #define LC_PATHTYPE_SCRIPT	4
-#define LC_PATHTYPE_MAX		5
+#define LC_PATHTYPE_PIDFILE	5
+#define LC_PATHTYPE_MAX		6
 
 #define LC_DEFAULT_PAD_MAXSIZE		20
 #define LC_DEFAULT_PAD_RANDOM		TRUE
--- a/crypto/dist/ipsec-tools/src/racoon/logger.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/logger.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: logger.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: logger.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: logger.c,v 1.9 2002/09/03 14:37:03 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/logger.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/logger.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: logger.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: logger.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: logger.h,v 1.3 2004/06/11 16:00:16 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/main.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/main.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: main.c,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: main.c,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
-/* Id: main.c,v 1.14.2.2 2005/02/23 12:18:40 manubsd Exp */
+/* Id: main.c,v 1.14.2.3 2005/11/06 17:18:26 monas Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,6 @@
 #else /* TOP_PACKAGE */
 static char version[] = "@(#) racoon / IPsec-tools";
 #endif /* TOP_PACKAGE */
-static pid_t racoon_pid = 0;
 
 int main __P((int, char **));
 static void usage __P((void));
@@ -221,9 +220,6 @@
 	if (f_foreground)
 		close(0);
 	else {
-		const char *pid_file = _PATH_VARRUN "racoon.pid";
-		FILE *fp;
-
 		if (daemon(0, 0) < 0) {
 			errx(1, "failed to be daemon. (%s)",
 				strerror(errno));
@@ -240,21 +236,6 @@
 			/* no big deal if it fails.. */
 		}
 #endif
-		racoon_pid = getpid();
-		fp = fopen(pid_file, "w");
-		if (fp) {
-			if (fchmod(fileno(fp),
-				S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) {
-				syslog(LOG_ERR, "%s", strerror(errno));
-				fclose(fp);
-				exit(1);
-			}
-			fprintf(fp, "%ld\n", (long)racoon_pid);
-			fclose(fp);
-		} else {
-			plog(LLV_ERROR, LOCATION, NULL,
-				"cannot open %s", pid_file);
-		}
 		if (!f_local) {
 #if 0
 			if (atexit(cleanup_pidfile) < 0) {
--- a/crypto/dist/ipsec-tools/src/racoon/misc.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/misc.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: misc.c,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: misc.c,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /*	$KAME: misc.c,v 1.23 2001/08/16 14:37:29 itojun Exp $	*/
 
--- a/crypto/dist/ipsec-tools/src/racoon/misc.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/misc.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: misc.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: misc.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
-/* Id: misc.h,v 1.6 2004/06/11 16:00:17 ludvigm Exp */
+/* Id: misc.h,v 1.6.10.1 2005/11/06 17:18:26 monas Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -54,6 +54,10 @@
 #define strlcpy(d,s,l) (strncpy(d,s,l), (d)[(l)-1] = '\0')
 #endif
 
+#ifndef HAVE_STRLCAT
+#define strlcat(d,s,l) strncat(d,s,(l)-strlen(d)-1)
+#endif
+
 #include "libpfkey.h"
 
 #endif /* _MISC_H */
--- a/crypto/dist/ipsec-tools/src/racoon/nattraversal.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/nattraversal.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: nattraversal.c,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: nattraversal.c,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
 /*
  * Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany.
--- a/crypto/dist/ipsec-tools/src/racoon/nattraversal.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/nattraversal.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: nattraversal.h,v 1.4 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: nattraversal.h,v 1.5 2005/11/21 14:20:29 manu Exp $	*/
 
 /*
  * Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany.
--- a/crypto/dist/ipsec-tools/src/racoon/netdb_dnssec.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/netdb_dnssec.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: netdb_dnssec.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: netdb_dnssec.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: netdb_dnssec.h,v 1.3 2004/06/11 16:00:17 ludvigm Exp */
 
--- a/crypto/dist/ipsec-tools/src/racoon/oakley.c	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/oakley.c	Mon Nov 21 14:20:28 2005 +0000
@@ -1,6 +1,6 @@
-/*	$NetBSD: oakley.c,v 1.6 2005/10/14 14:01:34 manu Exp $	*/
-
-/* Id: oakley.c,v 1.17.2.4 2005/07/12 11:50:15 manubsd Exp */
+/*	$NetBSD: oakley.c,v 1.7 2005/11/21 14:20:29 manu Exp $	*/
+
+/* Id: oakley.c,v 1.17.2.5 2005/10/04 09:54:27 manubsd Exp */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
--- a/crypto/dist/ipsec-tools/src/racoon/oakley.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/oakley.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,4 +1,4 @@
-/*	$NetBSD: oakley.h,v 1.2 2005/08/20 00:57:06 manu Exp $	*/
+/*	$NetBSD: oakley.h,v 1.3 2005/11/21 14:20:29 manu Exp $	*/
 
 /* Id: oakley.h,v 1.9 2004/10/24 17:37:00 manubsd Exp */
 
--- a/lib/libipsec/config.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/lib/libipsec/config.h	Mon Nov 21 14:20:28 2005 +0000
@@ -154,6 +154,9 @@
 /* Define to 1 if you have the <string.h> header file. */
 #define HAVE_STRING_H 1
 
+/* Define to 1 if you have the `strlcat' function. */
+#define HAVE_STRLCAT 1
+
 /* Define to 1 if you have the `strlcpy' function. */
 #define HAVE_STRLCPY 1
 
--- a/lib/libipsec/package_version.h	Mon Nov 21 14:11:59 2005 +0000
+++ b/lib/libipsec/package_version.h	Mon Nov 21 14:20:28 2005 +0000
@@ -1,5 +1,5 @@
 #define TOP_PACKAGE "ipsec-tools"
 #define TOP_PACKAGE_NAME "ipsec-tools"
-#define TOP_PACKAGE_VERSION  "0.6.2"
-#define TOP_PACKAGE_STRING  "ipsec-tools 0.6.2"
+#define TOP_PACKAGE_VERSION  "0.6.3"
+#define TOP_PACKAGE_STRING  "ipsec-tools 0.6.3"
 #define TOP_PACKAGE_URL "http://ipsec-tools.sourceforge.net"