Click on a directory to enter that directory. Click on a file to display its revision history and to get a chance to display diffs between revisions.
Current directory: [local] / src / sbin / isakmpd
Current tag: OPENBSD_4_9_BASE
File | Rev. | Age | Author | Last log entry |
---|---|---|---|---|
Parent Directory | ||||
apps/ | ||||
features/ | ||||
regress/ | ||||
samples/ | ||||
sysdep/ | ||||
BUGS | 1.15 | 18 years | hshoexer | Big spelling cleanup, no binary change. From david@ |
DESIGN-NOTES | 1.25 | 18 years | hshoexer | Big spelling cleanup, no binary change. From david@ |
Makefile | 1.82 | 13 years | jsg | Switch the remaining users of libdes in src to libcrypto, telnet portion partial... |
QUESTIONS | 1.5 | 20 years | jmc | updated URL from Jared Yanovich; |
README | 1.19 | 21 years | kjell | typo: noneheless->nontheless |
TO-DO | 1.26 | 20 years | markus | support AES in phase 1, too. switch to OpenSSL EVP interface; with Hans-Joerg.Ho... |
app.c | 1.12 | 19 years | hshoexer | clean up KEY_API() wrapper. ok ho@ |
app.h | 1.7 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
attribute.c | 1.12 | 19 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
attribute.h | 1.6 | 20 years | hshoexer | Some more KNF, no binary change. ok ho@ |
cert.c | 1.32 | 16 years | tom | Allow key exchange with RSA signature authentication to work with Cisco IOS and ... |
cert.h | 1.15 | 16 years | tom | Allow key exchange with RSA signature authentication to work with Cisco IOS and ... |
conf.c | 1.99 | 13 years | mikeb | Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC (as AESGMA... |
conf.h | 1.34 | 17 years | hshoexer | Make SA deletion on shutdown the default again. Use -S for failover situations ... |
connection.c | 1.35 | 17 years | moritz | There's no point in checking ptr for NULL before doing free(ptr) since free(NULL... |
connection.h | 1.5 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
constants.c | 1.10 | 19 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
constants.h | 1.6 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
cookie.c | 1.15 | 19 years | hshoexer | get rid of sysdep_sa_len ok cloder@ |
cookie.h | 1.7 | 20 years | hshoexer | Some more KNF, no binary change. ok ho@ |
crypto.c | 1.31 | 13 years | mikeb | convert to fuse cast from the libcrypto. with a simplification nit from blamber... |
crypto.h | 1.20 | 13 years | mikeb | convert to fuse cast from the libcrypto. with a simplification nit from blamber... |
dh.c | 1.13 | 13 years | markus | branches: 1.13.2; make key exchange faster by not checking the predefined group... |
dh.h | 1.8 | 13 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
dnssec.c | 1.23 | 19 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
dnssec.h | 1.7 | 20 years | hshoexer | Some more KNF, no binary change. ok ho@ |
doi.c | 1.10 | 19 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
doi.h | 1.15 | 19 years | deraadt | USE_DEBUG is bye bye |
dpd.c | 1.16 | 17 years | ho | Style; return is not a function. hshoexer@ ok. |
dpd.h | 1.3 | 18 years | markus | don't send DPD messages before the exchange is finialized, otherwise we have a r... |
exchange.c | 1.133 | 15 years | hshoexer | Remove some dead (#if 0) code. |
exchange.h | 1.33 | 16 years | tom | Allow key exchange with RSA signature authentication to work with Cisco IOS and ... |
exchange_num.cst | 1.5 | 18 years | hshoexer | Big spelling cleanup, no binary change. From david@ |
field.c | 1.19 | 18 years | cloder | Add a new raw2hex function and yank out several pieces of code in other places t... |
field.h | 1.6 | 20 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
genconstants.sh | 1.12 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
genfields.sh | 1.9 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
hash.c | 1.22 | 15 years | djm | adapt to sha2(3) API changes; ok millert@ |
hash.h | 1.8 | 17 years | hshoexer | support sha2 for main mode hmacs and aesctr for quick mode encryption. ok markus... |
if.c | 1.25 | 19 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
if.h | 1.7 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
ike_aggressive.c | 1.11 | 13 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
ike_aggressive.h | 1.5 | 20 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
ike_auth.c | 1.110 | 17 years | moritz | There's no point in checking ptr for NULL before doing free(ptr) since free(NULL... |
ike_auth.h | 1.5 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
ike_main_mode.c | 1.17 | 13 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
ike_main_mode.h | 1.6 | 20 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
ike_phase_1.c | 1.72 | 13 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
ike_phase_1.h | 1.4 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
ike_quick_mode.c | 1.105 | 13 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
ike_quick_mode.h | 1.6 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
init.c | 1.40 | 13 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
init.h | 1.6 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
ipsec.c | 1.136 | 13 years | mikeb | Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC (as AESGMA... |
ipsec.h | 1.26 | 18 years | hshoexer | Big whitespace cleanup. |
ipsec_doi.h | 1.8 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
ipsec_fld.fld | 1.5 | 21 years | ho | Remove clauses 3 and 4. With approval from Niklas Hallqvist and Niels Provos. |
ipsec_num.cst | 1.17 | 13 years | mikeb | Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC (as AESGMA... |
isakmp.h | 1.7 | 19 years | ho | NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok. |
isakmp_cfg.c | 1.38 | 17 years | moritz | There's no point in checking ptr for NULL before doing free(ptr) since free(NULL... |
isakmp_cfg.h | 1.5 | 20 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
isakmp_doi.c | 1.26 | 13 years | todd | as determined 4 years ago, FortiGate needs DOI of 0 responses to DPD so, copy a ... |
isakmp_doi.h | 1.5 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
isakmp_fld.fld | 1.8 | 19 years | ho | NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok. |
isakmp_num.cst | 1.13 | 18 years | hshoexer | typo in comment |
isakmpd.8 | 1.107 | 13 years | jmc | make clearer the relationship between isakmpd and ikev1; and iked and ikev2; ok ... |
isakmpd.c | 1.98 | 14 years | lum | Log when isakmpd starts - patch from Toni Mueller ok ho@ mpf@ krw@ sthen@ kjell@... |
isakmpd.conf.5 | 1.127 | 13 years | mikeb | Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC (as AESGMA... |
isakmpd.policy.5 | 1.44 | 13 years | jmc | make clearer the relationship between isakmpd and ikev1; and iked and ikev2; ok ... |
key.c | 1.25 | 17 years | moritz | Set pointer to NULL after freeing it, so callers of key_from_printable() are not... |
key.h | 1.8 | 18 years | cloder | Be cleaner about signed vs. unsigned when it's easy to do so. OK hshoexer |
libcrypto.h | 1.17 | 19 years | cloder | Always compile X509 support. Almost everyone uses it. Makes the code much easie... |
log.c | 1.60 | 17 years | pvalchev | safer snprintf construct with more paranoid length calculation ok millert |
log.h | 1.25 | 15 years | hshoexer | mark log_fatal() and monitor_exit() as __dead, as they do not return. |
message.c | 1.126 | 17 years | pvalchev | safer snprintf construct with more paranoid length calculation ok millert |
message.h | 1.25 | 17 years | hshoexer | Fix interop-issue with vpn peers that start reyking on port 4500 when NAT-T is u... |
monitor.c | 1.72 | 14 years | krw | Various comment typos. 'wether' -> 'whether' (most popular), 'possiblity' -> 'po... |
monitor.h | 1.19 | 15 years | hshoexer | mark log_fatal() and monitor_exit() as __dead, as they do not return. |
monitor_fdpass.c | 1.16 | 16 years | deraadt | msg_controllen has to be CMSG_SPACE so that the kernel can account for each cmsg... |
nat_traversal.c | 1.20 | 17 years | cloder | Kill a log message which looks like an error message but is actually both meanin... |
nat_traversal.h | 1.4 | 18 years | hshoexer | Use payload NAT-D or NAT-D-DRAFT according to NAT-T vendor ID advertised by the ... |
pf_key_v2.c | 1.186 | 13 years | mikeb | Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC (as AESGMA... |
pf_key_v2.h | 1.13 | 18 years | markus | export pf_key_v2_disable_sa() (unbreaks build) |
policy.c | 1.92 | 13 years | mikeb | Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC (as AESGMA... |
policy.h | 1.17 | 16 years | tom | Allow key exchange with RSA signature authentication to work with Cisco IOS and ... |
prf.c | 1.15 | 19 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
prf.h | 1.10 | 20 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
sa.c | 1.115 | 13 years | martinh | When looking up an SA based on peer address, also check the port number. Without... |
sa.h | 1.49 | 17 years | reyk | add support to tag ipsec traffic belonging to specific IKE-initiated phase 2 tra... |
timer.c | 1.15 | 19 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
timer.h | 1.7 | 20 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
transport.c | 1.35 | 18 years | hshoexer | remove some unused functions and an unused variable found by lint. ok markus@ |
transport.h | 1.18 | 18 years | hshoexer | Big spelling cleanup, no binary change. From david@ |
udp.c | 1.95 | 15 years | bluhm | If isakmpd is started with -4 or -6, virtual_get_default() may return NULL. Thi... |
udp.h | 1.11 | 19 years | hshoexer | Zap -P option. It has never done anything. While there tweak descripton of -N.... |
udp_encap.c | 1.21 | 17 years | moritz | There's no point in checking ptr for NULL before doing free(ptr) since free(NULL... |
udp_encap.h | 1.2 | 19 years | hshoexer | remove unused variable. |
ui.c | 1.54 | 15 years | bluhm | Arguments to fifo commands were limited to 80 bytes. That is too short for IPv6... |
ui.h | 1.8 | 17 years | mpf | Add a new UI command to force isakmpd into passive only mode. Will be used by sa... |
util.c | 1.65 | 14 years | claudio | Add missing RTM_VERSION check. This is needed before accessing other data from r... |
util.h | 1.29 | 17 years | reyk | add support to tag ipsec traffic belonging to specific IKE-initiated phase 2 tra... |
vendor.c | 1.4 | 17 years | moritz | There's no point in checking ptr for NULL before doing free(ptr) since free(NULL... |
vendor.h | 1.2 | 17 years | pedro | typo in initial RCS tag ($OpenBSD: -> $OpenBSD$) |
virtual.c | 1.31 | 13 years | phessler | When binding to addresses, ignore any IP address not in the current routing doma... |
virtual.h | 1.1 | 19 years | ho | NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok. |
x509.c | 1.113 | 13 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
x509.h | 1.22 | 16 years | tom | Allow key exchange with RSA signature authentication to work with Cisco IOS and ... |
libcrypto.c (in the Attic) [Hide] | 1.19 | 19 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
sysdep.h (in the Attic) [Hide] | 1.25 | 19 years | hshoexer | clean up KEY_API() wrapper. ok ho@ |