![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.25, Fri Jul 6 09:35:57 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
CVS Tags: HEAD
Changes since 1.24: +1 -1 lines
FILE REMOVED
Remove support for PF_ENCAP (deprecated since OpenBSD2.5).
Revision 1.24 / (download) - annotate - [select for diffs], Fri Jun 29 19:08:11 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.23: +11 -14 lines
Diff to previous 1.23 (colored)
Get rid of redundant lengths in get_spi API.
Revision 1.23 / (download) - annotate - [select for diffs], Fri Jun 29 04:12:00 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.22: +41 -11 lines
Diff to previous 1.22 (colored)
Initial IPv6 support. (niklas@ ok)
Revision 1.22 / (download) - annotate - [select for diffs], Wed Jun 27 03:31:42 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
Consistently use "IPsec" capitalization (jsyn@nthought.com)
Revision 1.17.2.1 / (download) - annotate - [select for diffs], Tue May 8 12:45:24 2001 UTC (23 years ago) by ho
Branch: OPENBSD_2_8
Changes since 1.17: +17 -14 lines
Diff to previous 1.17 (colored) next main 1.18 (colored)
Pull in isakmpd from 2.9 to 2.8 branch.
Revision 1.21 / (download) - annotate - [select for diffs], Mon Apr 9 22:09:52 2001 UTC (23 years, 1 month ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9
Changes since 1.20: +8 -8 lines
Diff to previous 1.20 (colored)
More style fixes...
Revision 1.20 / (download) - annotate - [select for diffs], Sat Jan 27 12:03:34 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
(c) 2001
Revision 1.19 / (download) - annotate - [select for diffs], Fri Jan 26 12:12:52 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.18: +3 -2 lines
Diff to previous 1.18 (colored)
Pedantic style police
Revision 1.18 / (download) - annotate - [select for diffs], Tue Dec 12 01:46:29 2000 UTC (23 years, 5 months ago) by niklas
Branch: MAIN
Changes since 1.17: +7 -5 lines
Diff to previous 1.17 (colored)
Merge with EOM 1.73 author: angelos Pass the local/remote Phase 1 ID to the flow, so it can be reused when an SA is re-negotiated. author: angelos isakmpd can now negotiate transport protocol/ports (either through the configuration file or through kernel ACQUIREs).
Revision 1.17 / (download) - annotate - [select for diffs], Thu Jun 8 20:49:19 2000 UTC (23 years, 11 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.16: +3 -8 lines
Diff to previous 1.16 (colored)
Merge with EOM 1.71 author: ho DOI IPSEC is default if not specified.
Revision 1.16 / (download) - annotate - [select for diffs], Fri Feb 25 17:23:41 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE,
OPENBSD_2_7
Changes since 1.15: +32 -31 lines
Diff to previous 1.15 (colored)
regress/crypto/Makefile: Merge with EOM 1.5 regress/dh/Makefile: Merge with EOM 1.7 regress/group/Makefile: Merge with EOM 1.9 regress/prf/Makefile: Merge with EOM 1.4 regress/rsakeygen/Makefile: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.10 Makefile: Merge with EOM 1.62 attribute.c: Merge with EOM 1.10 sa.c: Merge with EOM 1.99 conf.c: Merge with EOM 1.20 crypto.c: Merge with EOM 1.28 isakmpd.c: Merge with EOM 1.45 connection.c: Merge with EOM 1.19 doi.h: Merge with EOM 1.28 field.c: Merge with EOM 1.11 exchange.c: Merge with EOM 1.116 ike_auth.c: Merge with EOM 1.44 pf_key_v2.c: Merge with EOM 1.37 ike_phase_1.c: Merge with EOM 1.22 ipsec.c: Merge with EOM 1.118 isakmp_doi.c: Merge with EOM 1.40 log.c: Merge with EOM 1.26 log.h: Merge with EOM 1.18 math_group.c: Merge with EOM 1.23 message.c: Merge with EOM 1.144 pf_encap.c: Merge with EOM 1.70 policy.c: Merge with EOM 1.18 timer.c: Merge with EOM 1.13 transport.c: Merge with EOM 1.41 udp.c: Merge with EOM 1.47 ui.c: Merge with EOM 1.37 x509.c: Merge with EOM 1.36 author: niklas Made debug logging a compile time selectable feature
Revision 1.15 / (download) - annotate - [select for diffs], Sun May 2 19:16:12 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.14: +17 -6 lines
Diff to previous 1.14 (colored)
Merge with EOM 1.69 author: niklas Remove bogus XXXes, add allocation error reporting. author: ho Typo. author: ho Do not automatically check connections at HARD_EXPIRE. Also check for existing exchanges in pf_encap_connection_check. author: ho Cut'n'paste typo fix.
Revision 1.14 / (download) - annotate - [select for diffs], Sat May 1 22:57:38 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.13: +7 -10 lines
Diff to previous 1.13 (colored)
Merge with EOM 1.65 author: niklas Forgot one change in last commit
Revision 1.13 / (download) - annotate - [select for diffs], Sat May 1 20:43:43 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.12: +65 -32 lines
Diff to previous 1.12 (colored)
sysdep/openbsd/sysdep.c: Merge with EOM 1.7 DESIGN-NOTES: Merge with EOM 1.42 Makefile: Merge with EOM 1.51 app.c: Merge with EOM 1.6 conf.c: Merge with EOM 1.18 init.c: Merge with EOM 1.14 isakmpd.conf.5: Merge with EOM 1.19 pf_encap.c: Merge with EOM 1.64 pf_encap.h: Merge with EOM 1.12 pf_key_v2.h: Merge with EOM 1.3 sysdep.h: Merge with EOM 1.16 transport.c: Merge with EOM 1.40 ui.c: Merge with EOM 1.32 author: niklas A new connection abstraction
Revision 1.12 / (download) - annotate - [select for diffs], Mon Apr 19 21:07:42 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.11: +19 -56 lines
Diff to previous 1.11 (colored)
./pf_encap.c: Merge with EOM 1.63 remove warning Simplify the checks of existing exchanges by moving it into exchange_establish. This means we need to change the finalize API. Try to make PF_ENCAP support handle multiple connections to a single security gateway. Sigh, log the SPIs in network byte order, please
Revision 1.11 / (download) - annotate - [select for diffs], Mon Apr 5 21:02:48 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.10: +157 -35 lines
Diff to previous 1.10 (colored)
Merge with EOM 1.60 Mem leak plugging. New finalize API. Do not renegotiate on already replaced SA expirations Only establish on-demand route if we know how to If we get an EEXIST from RTM_ADD, try to RTM_CHANGE the route. Correct buffer size in log printout make compile Make "Connections" handling nicer, and even implement it for KLIPS. A stab at reregestering the on-demand routes for PF_ENCAP. typo found by ho@netman.se
Revision 1.10 / (download) - annotate - [select for diffs], Wed Mar 31 14:27:38 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.9: +4 -6 lines
Diff to previous 1.9 (colored)
ipsec.c: Merge with EOM 1.86 ipsec.h: Merge with EOM 1.33 pf_encap.c: Merge with EOM 1.52 pf_key_v2.c: Merge with EOM 1.3 Fix case of missing client ID payloads, a case the standards allow. Thanks to Michael Paddon (mwp@aba.net.au) for the diffs I based my fix upon. His diff also made me realize I stored the address information in host order in internal structures where I had planned to use network order. Fix this, and remove the XXXes I had due to this elsewhere. Add commentary.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Mar 31 00:51:50 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.8: +19 -7 lines
Diff to previous 1.8 (colored)
Merge with EOM 1.51 Async PF_ENCAP messages might be handled earlier so recheck readability in the handler. Remove some XXX comments. Fix some byte order conversions in debugging output.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Mar 24 14:41:41 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.7: +66 -47 lines
Diff to previous 1.7 (colored)
Merge with EOM 1.50 New sysdep API. Fix an allocation size typo. Use correct SPIs and addresses all over. Simplify flow Correct log headers s/LOG_PF_ENCAP/LOG_SYSDEP/
Revision 1.7 / (download) - annotate - [select for diffs], Tue Mar 2 15:48:23 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.6: +2 -5 lines
Diff to previous 1.6 (colored)
sa.c: Merge with EOM 1.67 Add SA attributes, specifically stayalive sa.h: Merge with EOM 1.42 Add SA attributes, specifically stayalive pf_encap.c: Merge with EOM 1.46 Add SA attributes, specifically stayalive exchange.c: Merge with EOM 1.65 Add SA attributes, specifically stayalive
Revision 1.6 / (download) - annotate - [select for diffs], Sat Feb 27 09:59:36 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.5: +29 -6 lines
Diff to previous 1.5 (colored)
ipsec.c: Merge with EOM 1.83 Only accept IPsec SAs when searching for such sa.h: Merge with EOM 1.41 Stayalive connections as a default for now, init pf_encap_socket pf_encap.c: Merge with EOM 1.45 Stayalive connections as a default for now, init pf_encap_socket
Revision 1.5 / (download) - annotate - [select for diffs], Fri Feb 26 03:48:32 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.4: +295 -83 lines
Diff to previous 1.4 (colored)
Merge from the Ericsson repository | revision 1.44 | date: 1999/02/25 14:03:54; author: niklas; state: Exp; lines: +13 -13 | do not use the app_socket name. correct some LOG_* syms | ---------------------------- | revision 1.43 | date: 1999/02/25 11:39:17; author: niklas; state: Exp; lines: +3 -2 | include sysdep.h everywhere | ---------------------------- | revision 1.42 | date: 1999/02/25 09:30:28; author: niklas; state: Exp; lines: +3 -3 | Replay protection window configurable | ---------------------------- | revision 1.41 | date: 1999/02/14 00:17:15; author: niklas; state: Exp; lines: +68 -28 | Better PF_ENCAP expiration and SA request handling | ---------------------------- | revision 1.40 | date: 1999/02/06 15:08:33; author: niklas; state: Exp; lines: +6 -1 | Drop SA request notifies if an exchange or SA already exist | ---------------------------- | revision 1.39 | date: 1999/01/31 01:20:37; author: niklas; state: Exp; lines: +217 -51 | on-demand keying | ----------------------------
Revision 1.4 / (download) - annotate - [select for diffs], Mon Dec 21 01:02:26 1998 UTC (25 years, 5 months ago) by niklas
Branch: MAIN
Changes since 1.3: +16 -9 lines
Diff to previous 1.3 (colored)
Last months worth of work on isakmpd, lots done
Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 17 11:10:18 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Add RCS Ids from the EOM repository
Revision 1.2 / (download) - annotate - [select for diffs], Sun Nov 15 00:44:01 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
openBSD RCS IDs
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Nov 15 00:03:49 1998 UTC (25 years, 6 months ago) by niklas
Branch: NIKLAS
CVS Tags: NIKLAS_981114
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Initial import of isakmpd, an IKE (ISAKMP/Oakley) implementation for the OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by Ericsson Radio Systems. It is not yet complete or usable in a real scenario but the missing pieces will soon be there. The early commit is for people who wants early access and who are not afraid of looking at source. isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so far, so it is not that incomplete. It is really mostly configuration that is lacking.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Nov 15 00:03:49 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Initial revision