![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.118 / (download) - annotate - [select for diffs], Tue Jul 7 17:33:40 2020 UTC (3 years, 10 months ago) by tobhe
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
HEAD
Changes since 1.117: +2 -2 lines
Diff to previous 1.117 (colored)
Fix shared DH secret length in log message. ok patrick@
Revision 1.117 / (download) - annotate - [select for diffs], Fri Jun 28 13:32:44 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.116: +5 -5 lines
Diff to previous 1.116 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.116 / (download) - annotate - [select for diffs], Mon Jan 15 09:54:48 2018 UTC (6 years, 4 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.115: +6 -6 lines
Diff to previous 1.115 (colored)
Spacing, no object change.
Revision 1.115 / (download) - annotate - [select for diffs], Thu Jan 4 14:21:00 2018 UTC (6 years, 4 months ago) by mpi
Branch: MAIN
Changes since 1.114: +6 -6 lines
Diff to previous 1.114 (colored)
space -> tab No object change.
Revision 1.114 / (download) - annotate - [select for diffs], Wed Nov 8 13:33:49 2017 UTC (6 years, 6 months ago) by patrick
Branch: MAIN
Changes since 1.113: +3 -3 lines
Diff to previous 1.113 (colored)
In the final RFC 5903 the computation for the DH shared secret changed. Instead of the full point, only the X point is included. The member g_xy is always the shared secret but so far its buffer has been allocated using the size of the public points. Since this is a different size now, as the shared secret for EC Groups should only store the x point, we need another member to specify the length of g_xy. Since this is a backwards incompatible change older isakmpds won't be able to negotiate if you use EC groups. Bump the version of our own vendor tag so peers can try to keep compatibility based on the presen- ted tag. This could be used to implement backwards compatibility to older isakmpds. Prompted by and ok mpi@
Revision 1.113 / (download) - annotate - [select for diffs], Tue Apr 21 01:44:47 2015 UTC (9 years, 1 month ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.112: +1 -2 lines
Diff to previous 1.112 (colored)
No need to do "size = (size_t)sb.st_size" both before and after a fstat() call. ok mikeb@ markus@
Revision 1.112 / (download) - annotate - [select for diffs], Mon Aug 25 08:00:48 2014 UTC (9 years, 9 months ago) by doug
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.111: +3 -1 lines
Diff to previous 1.111 (colored)
Fix a few fd leaks in isakmpd. The latter close is from a sweep of the tree looking for fdopen problems. While reviewing the patch, gerhard@ fixed another leak. ok gerhard@
Revision 1.111 / (download) - annotate - [select for diffs], Sat Aug 23 00:48:57 2014 UTC (9 years, 9 months ago) by doug
Branch: MAIN
Changes since 1.110: +3 -1 lines
Diff to previous 1.110 (colored)
Fix double free in ike_auth.c ok jca@
Revision 1.110 / (download) - annotate - [select for diffs], Mon Apr 16 13:01:39 2007 UTC (17 years, 1 month ago) by moritz
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.109: +8 -15 lines
Diff to previous 1.109 (colored)
There's no point in checking ptr for NULL before doing free(ptr) since free(NULL) is just fine. ok hshoexer@
Revision 1.109 / (download) - annotate - [select for diffs], Fri Nov 24 13:52:14 2006 UTC (17 years, 6 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.108: +5 -3 lines
Diff to previous 1.108 (colored)
add support to tag ipsec traffic belonging to specific IKE-initiated phase 2 traffic. this allows policy-based filtering of encrypted and unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and isakmpd.conf(5) for details and examples. this is work in progress and still needs some testing and feedback, but it is safe to put it in now. ok hshoexer@
Revision 1.108 / (download) - annotate - [select for diffs], Thu Nov 9 09:43:35 2006 UTC (17 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.107: +5 -1 lines
Diff to previous 1.107 (colored)
support public keys w/o SubjectPublicKeyInfo (format: BEGIN RSA PUBLIC KEY) ok ho, hshoexer
Revision 1.107 / (download) - annotate - [select for diffs], Sat Jun 10 21:09:45 2006 UTC (17 years, 11 months ago) by msf
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.106: +50 -12 lines
Diff to previous 1.106 (colored)
Allow isakmpd to use a different private rsa key per isakmp ID. Hans wrote this a long time ago, I synced it to -current and tested. ok hshoexer@
Revision 1.106 / (download) - annotate - [select for diffs], Thu Nov 17 13:44:11 2005 UTC (18 years, 6 months ago) by moritz
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.105: +2 -1 lines
Diff to previous 1.105 (colored)
add a free() which got lost in r1.104. ok hshoexer@ deraadt@
Revision 1.105 / (download) - annotate - [select for diffs], Mon Nov 14 23:25:11 2005 UTC (18 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.104: +7 -19 lines
Diff to previous 1.104 (colored)
use snprintf; ok cloder. also looked at by a few other people
Revision 1.104 / (download) - annotate - [select for diffs], Thu Jul 14 12:50:08 2005 UTC (18 years, 10 months ago) by moritz
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.103: +7 -1 lines
Diff to previous 1.103 (colored)
fix some memleaks. ok hshoexer@
Revision 1.103 / (download) - annotate - [select for diffs], Thu May 26 06:11:09 2005 UTC (19 years ago) by hshoexer
Branch: MAIN
Changes since 1.102: +2 -3 lines
Diff to previous 1.102 (colored)
Use TAILQ_FOREACH where possible, remove payload_last() ok markus
Revision 1.102 / (download) - annotate - [select for diffs], Fri Apr 8 22:32:10 2005 UTC (19 years, 1 month ago) by cloder
Branch: MAIN
Changes since 1.101: +1 -3 lines
Diff to previous 1.101 (colored)
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
Revision 1.101 / (download) - annotate - [select for diffs], Fri Apr 8 20:04:57 2005 UTC (19 years, 1 month ago) by hshoexer
Branch: MAIN
Changes since 1.100: +1 -2 lines
Diff to previous 1.100 (colored)
kill gmp
Revision 1.100 / (download) - annotate - [select for diffs], Fri Apr 8 18:35:37 2005 UTC (19 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.99: +1 -7 lines
Diff to previous 1.99 (colored)
zap USE_RAWKEY
Revision 1.99 / (download) - annotate - [select for diffs], Fri Apr 8 17:15:01 2005 UTC (19 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.98: +1 -12 lines
Diff to previous 1.98 (colored)
keynote and policy always compiled in
Revision 1.98 / (download) - annotate - [select for diffs], Tue Apr 5 20:46:20 2005 UTC (19 years, 2 months ago) by cloder
Branch: MAIN
Changes since 1.97: +1 -21 lines
Diff to previous 1.97 (colored)
Always compile X509 support. Almost everyone uses it. Makes the code much easier to read and to maintain. OK and testing by hshoexer@, more testing by me
Revision 1.97 / (download) - annotate - [select for diffs], Tue Feb 22 16:57:48 2005 UTC (19 years, 3 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.96: +5 -2 lines
Diff to previous 1.96 (colored)
better error messages ok ho
Revision 1.96 / (download) - annotate - [select for diffs], Wed Dec 22 12:25:27 2004 UTC (19 years, 5 months ago) by hshoexer
Branch: MAIN
Changes since 1.95: +7 -7 lines
Diff to previous 1.95 (colored)
Fix parenthesis mismatch, from Stefan Miltchev. Thanks! While around, zap some spaces ok markus@
Revision 1.95 / (download) - annotate - [select for diffs], Sun Aug 8 19:11:06 2004 UTC (19 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)
spacing
Revision 1.94 / (download) - annotate - [select for diffs], Wed Jun 23 03:01:52 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.93: +16 -7 lines
Diff to previous 1.93 (colored)
Avoid stat before open. Do open and fstat instead. Remove check_file_secrecy() as it is obsoleted be check_file_secrecy_fd(). ok ho@
Revision 1.93 / (download) - annotate - [select for diffs], Tue Jun 22 18:22:18 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.92: +5 -4 lines
Diff to previous 1.92 (colored)
kn_get_string() may return NULL on failure. Handle this corrctly. with msf@, ok ho@ markus@
Revision 1.92 / (download) - annotate - [select for diffs], Sun Jun 20 17:17:34 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.91: +5 -5 lines
Diff to previous 1.91 (colored)
Make the payload array in struct message dynamic, since we need to handle payloads in the private range, such as the pre-RFC NAT-D/NAT-OA. Replace TAILQ_FIRST(&msg->payload[i]) instances with function calls.
Revision 1.91 / (download) - annotate - [select for diffs], Mon Jun 14 13:53:31 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.90: +20 -19 lines
Diff to previous 1.90 (colored)
avoid stat before open ok ho@
Revision 1.90 / (download) - annotate - [select for diffs], Mon Jun 14 09:55:41 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.89: +45 -27 lines
Diff to previous 1.89 (colored)
KNF, style, 80c, etc. hshoexer@ ok
Revision 1.89 / (download) - annotate - [select for diffs], Wed Jun 2 16:19:16 2004 UTC (20 years ago) by hshoexer
Branch: MAIN
Changes since 1.88: +1 -48 lines
Diff to previous 1.88 (colored)
remove unused BIO-functions. ok markus@ ho@
Revision 1.88 / (download) - annotate - [select for diffs], Wed May 26 22:17:58 2004 UTC (20 years ago) by hshoexer
Branch: MAIN
Changes since 1.87: +3 -1 lines
Diff to previous 1.87 (colored)
do not leak fd on error path. ok ho@
Revision 1.87 / (download) - annotate - [select for diffs], Sun May 23 18:17:55 2004 UTC (20 years ago) by hshoexer
Branch: MAIN
Changes since 1.86: +115 -94 lines
Diff to previous 1.86 (colored)
More KNF. Mainly spaces and line-wraps, no binary change. ok ho@
Revision 1.86 / (download) - annotate - [select for diffs], Thu Apr 15 18:39:25 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.85: +936 -1086 lines
Diff to previous 1.85 (colored)
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
Revision 1.85 / (download) - annotate - [select for diffs], Wed Apr 7 22:45:49 2004 UTC (20 years, 1 month ago) by ho
Branch: MAIN
Changes since 1.84: +9 -6 lines
Diff to previous 1.84 (colored)
-Wsign-compare nits. hshoexer@ ok.
Revision 1.84 / (download) - annotate - [select for diffs], Wed Mar 31 10:54:46 2004 UTC (20 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.83: +3 -3 lines
Diff to previous 1.83 (colored)
-Wsign-compare nits. hshoexer@ ok.
Revision 1.83 / (download) - annotate - [select for diffs], Fri Mar 19 14:04:43 2004 UTC (20 years, 2 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.82: +41 -23 lines
Diff to previous 1.82 (colored)
Add missing bits to make already present privsep code work. Enable privsep. ok ho@ deraadt@ markus@
Revision 1.82 / (download) - annotate - [select for diffs], Wed Mar 17 11:10:06 2004 UTC (20 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.81: +15 -4 lines
Diff to previous 1.81 (colored)
For consistency and to avoid a rare memory leak, the result from ike_auth_get_key() should always be released after use. Found and ok hshoexer@.
Revision 1.81 / (download) - annotate - [select for diffs], Thu Nov 6 16:12:07 2003 UTC (20 years, 7 months ago) by ho
Branch: MAIN
Changes since 1.80: +16 -15 lines
Diff to previous 1.80 (colored)
Style nits.
Revision 1.80 / (download) - annotate - [select for diffs], Tue Oct 14 14:29:15 2003 UTC (20 years, 7 months ago) by ho
Branch: MAIN
Changes since 1.79: +3 -5 lines
Diff to previous 1.79 (colored)
constant_lookup() to constant_name() cleanup. markus@ ok.
Revision 1.79 / (download) - annotate - [select for diffs], Fri Aug 8 08:46:59 2003 UTC (20 years, 9 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.78: +5 -3 lines
Diff to previous 1.78 (colored)
Be more careful when using constant_lookup() in messages. Pointed out by Jean-Francois Dive, although I opted for a slightly different patch.
Revision 1.78 / (download) - annotate - [select for diffs], Tue Jun 10 16:41:29 2003 UTC (20 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)
boring cleanups
Revision 1.77 / (download) - annotate - [select for diffs], Wed Jun 4 07:31:16 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.76: +1 -6 lines
Diff to previous 1.76 (colored)
Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos D. Keromytis and Niels Provos.
Revision 1.76 / (download) - annotate - [select for diffs], Tue Jun 3 14:28:16 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)
Remove clauses 3 and 4. With approval from Niklas Hallqvist and Niels Provos.
Revision 1.75 / (download) - annotate - [select for diffs], Tue Jun 3 12:51:39 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.74: +9 -6 lines
Diff to previous 1.74 (colored)
Cleanup. Use 'sizeof variable' instead of magic constants.
Revision 1.74 / (download) - annotate - [select for diffs], Sun May 18 19:37:46 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.73: +54 -87 lines
Diff to previous 1.73 (colored)
More isakmpd privsep work. X509 private keys are now kept in the privileged process only. Various cleanup and bugfixes. markus@ ok
Revision 1.73 / (download) - annotate - [select for diffs], Thu May 15 03:20:28 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)
Correct a two year old typo, which might actually make setsockopt(..., IP_IPSEC_LOCAL_AUTH, ...) start working.
Revision 1.72 / (download) - annotate - [select for diffs], Thu May 15 02:28:56 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.71: +15 -14 lines
Diff to previous 1.71 (colored)
Cleanup. Do not store the private key in either the exchange or sa structs.
Revision 1.71 / (download) - annotate - [select for diffs], Thu May 15 02:08:54 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.70: +15 -8 lines
Diff to previous 1.70 (colored)
Work around some OpenSSL BIO "features" to read the key correctly.
Revision 1.70 / (download) - annotate - [select for diffs], Thu May 15 00:28:53 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.69: +47 -2 lines
Diff to previous 1.69 (colored)
Start of privilege separation for isakmpd. There are some kinks left, so keep it default disabled for now. markus@ says ok to commit.
Revision 1.69 / (download) - annotate - [select for diffs], Wed May 14 18:11:19 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.68: +2 -3 lines
Diff to previous 1.68 (colored)
Default public key directory definition sanity.
Revision 1.68 / (download) - annotate - [select for diffs], Thu Mar 13 13:24:48 2003 UTC (21 years, 2 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.67: +8 -1 lines
Diff to previous 1.67 (colored)
Might as well do blinding here too.
Revision 1.67 / (download) - annotate - [select for diffs], Wed Jan 22 15:13:11 2003 UTC (21 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)
Typo.
Revision 1.66 / (download) - annotate - [select for diffs], Wed Sep 11 09:50:43 2002 UTC (21 years, 8 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.65: +14 -12 lines
Diff to previous 1.65 (colored)
signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.
Revision 1.65 / (download) - annotate - [select for diffs], Mon Jun 10 18:08:58 2002 UTC (21 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.64: +30 -34 lines
Diff to previous 1.64 (colored)
The dlopen() stuff goes away.
Revision 1.64 / (download) - annotate - [select for diffs], Sun Jun 9 08:13:06 2002 UTC (21 years, 11 months ago) by todd
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)
rm trailing whitespace
Revision 1.63 / (download) - annotate - [select for diffs], Sat Jun 1 07:44:21 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.62: +25 -17 lines
Diff to previous 1.62 (colored)
size_t must be cast to (unsigned long) and printed using %lu
Revision 1.62 / (download) - annotate - [select for diffs], Tue May 28 11:23:20 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.61: +7 -6 lines
Diff to previous 1.61 (colored)
off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>
Revision 1.61 / (download) - annotate - [select for diffs], Wed Jan 23 17:14:28 2002 UTC (22 years, 4 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.60: +13 -13 lines
Diff to previous 1.60 (colored)
strncat->strlcat, sprintf->snprintf
Revision 1.60 / (download) - annotate - [select for diffs], Thu Aug 23 19:32:46 2001 UTC (22 years, 9 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.59: +1 -4 lines
Diff to previous 1.59 (colored)
Correct ipsec_id_string buffer and length handling.
Revision 1.59 / (download) - annotate - [select for diffs], Wed Aug 22 17:30:46 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.58: +18 -61 lines
Diff to previous 1.58 (colored)
use ipsec_id_string() when generating rawkey file names.
Revision 1.58 / (download) - annotate - [select for diffs], Wed Aug 22 17:24:45 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.57: +8 -10 lines
Diff to previous 1.57 (colored)
If we fail to get a key from DNSSEC, RAWKEY can still succeed.
Revision 1.57 / (download) - annotate - [select for diffs], Thu Aug 16 16:51:57 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.56: +14 -7 lines
Diff to previous 1.56 (colored)
openssl black magic.
Revision 1.56 / (download) - annotate - [select for diffs], Thu Aug 16 13:49:50 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.55: +9 -4 lines
Diff to previous 1.55 (colored)
Off-by-one error in [u]fqdn cases, plus better debug messages when looking for public key files.
Revision 1.55 / (download) - annotate - [select for diffs], Thu Aug 16 13:27:03 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.54: +5 -1 lines
Diff to previous 1.54 (colored)
ISAKMP ID type offset was wrong.
Revision 1.54 / (download) - annotate - [select for diffs], Wed Aug 15 13:06:53 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.53: +17 -17 lines
Diff to previous 1.53 (colored)
Some more style...
Revision 1.53 / (download) - annotate - [select for diffs], Wed Aug 15 09:16:29 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.52: +107 -1 lines
Diff to previous 1.52 (colored)
Support trusted public (RSA) keys as files too. niklas@ ok.
Revision 1.52 / (download) - annotate - [select for diffs], Sun Jul 1 19:48:43 2001 UTC (22 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.51: +47 -51 lines
Diff to previous 1.51 (colored)
Style
Revision 1.51 / (download) - annotate - [select for diffs], Fri Jun 29 19:55:36 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.50: +3 -3 lines
Diff to previous 1.50 (colored)
Remove extra ':' from LOG_DBG_BUF()
Revision 1.50 / (download) - annotate - [select for diffs], Fri Jun 29 04:11:59 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.49: +18 -18 lines
Diff to previous 1.49 (colored)
Initial IPv6 support. (niklas@ ok)
Revision 1.49 / (download) - annotate - [select for diffs], Thu Jun 28 21:41:58 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.48: +12 -1 lines
Diff to previous 1.48 (colored)
Add some more debugging information wrt PRF generation.
Revision 1.48 / (download) - annotate - [select for diffs], Mon Jun 11 10:50:09 2001 UTC (22 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.47: +3 -3 lines
Diff to previous 1.47 (colored)
make #ifdef around x509_generate_kn() consistent.
Revision 1.47 / (download) - annotate - [select for diffs], Thu Jun 7 04:48:21 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.46: +7 -2 lines
Diff to previous 1.46 (colored)
Actually, don't re-insert X509 certs which we acquired from our store -- just translate them to KeyNote.
Revision 1.46 / (download) - annotate - [select for diffs], Thu Jun 7 04:19:03 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.45: +2 -1 lines
Diff to previous 1.45 (colored)
Add an X509 cert in the policy session even if it was found in our local repository.
Revision 1.45 / (download) - annotate - [select for diffs], Wed Jun 6 22:22:12 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)
NUL-terminate passphrase.
Revision 1.44 / (download) - annotate - [select for diffs], Tue Jun 5 10:04:46 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.43: +9 -8 lines
Diff to previous 1.43 (colored)
Don't use log_error() if it's an internal error.
Revision 1.43 / (download) - annotate - [select for diffs], Tue Jun 5 05:59:42 2001 UTC (23 years ago) by niklas
Branch: MAIN
Changes since 1.42: +12 -12 lines
Diff to previous 1.42 (colored)
Style issues and commentary
Revision 1.42 / (download) - annotate - [select for diffs], Tue Jun 5 05:08:26 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.41: +9 -3 lines
Diff to previous 1.41 (colored)
Add back check for found/not found public key to use for verification (somehow was dropped during the previous commit).
Revision 1.39.2.1 / (download) - annotate - [select for diffs], Sun Jun 3 19:00:23 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_9
Changes since 1.39: +3 -2 lines
Diff to previous 1.39 (colored) next main 1.40 (colored)
Pull in patch from current: Fix (angelos): Match the IDs without checking the ASN1 length field, similar to how we do things in x509.c --- this should solve some problems with certificate-based authentication not working.
Revision 1.41 / (download) - annotate - [select for diffs], Thu May 31 20:29:49 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.40: +147 -80 lines
Diff to previous 1.40 (colored)
When trying to find the right certificate/key to use, first check in the conf space, as we may have been passed that information from the kernel. Likewise, store the peer's key and cert so we can send it back to the kernel when we establish the SA.
Revision 1.40 / (download) - annotate - [select for diffs], Thu May 24 03:15:37 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.39: +3 -2 lines
Diff to previous 1.39 (colored)
Match the IDs without checking the ASN1 length field, similar to how we do things in x509.c --- this should solve some problems with certificate-based authentication not working.
Revision 1.29.2.2 / (download) - annotate - [select for diffs], Tue May 8 12:45:22 2001 UTC (23 years ago) by ho
Branch: OPENBSD_2_8
Changes since 1.29.2.1: +47 -15 lines
Diff to previous 1.29.2.1 (colored) to branchpoint 1.29 (colored) next main 1.30 (colored)
Pull in isakmpd from 2.9 to 2.8 branch.
Revision 1.39 / (download) - annotate - [select for diffs], Mon Apr 9 12:34:37 2001 UTC (23 years, 1 month ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.38: +4 -4 lines
Diff to previous 1.38 (colored)
Style police a'la niklas@.
Revision 1.38 / (download) - annotate - [select for diffs], Tue Mar 27 18:47:09 2001 UTC (23 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.37: +5 -2 lines
Diff to previous 1.37 (colored)
Plug one memory leak. Found with boehm-gc.
Revision 1.37 / (download) - annotate - [select for diffs], Sat Jan 27 15:39:54 2001 UTC (23 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.36: +4 -4 lines
Diff to previous 1.36 (colored)
Call OpenSSL functions with LC (). Various style nits.
Revision 1.36 / (download) - annotate - [select for diffs], Sat Jan 27 12:03:32 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.35: +3 -3 lines
Diff to previous 1.35 (colored)
(c) 2001
Revision 1.35 / (download) - annotate - [select for diffs], Sat Jan 27 11:53:57 2001 UTC (23 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.34: +3 -1 lines
Diff to previous 1.34 (colored)
include dnssec.h only if USE_DNSSEC; niklas ok
Revision 1.34 / (download) - annotate - [select for diffs], Fri Jan 26 21:49:37 2001 UTC (23 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.33: +30 -5 lines
Diff to previous 1.33 (colored)
Preliminary but working code to permit IKE authentication using DNSSEC validated KEY records. Uses lwresd from the bind-9.1.0 port. Enable by adding 'dnssec' to FEATURES.
Revision 1.33 / (download) - annotate - [select for diffs], Fri Jan 26 19:12:38 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.32: +3 -1 lines
Diff to previous 1.32 (colored)
include keynote.h only if USE_KEYNOTE is defined; ok niklas@
Revision 1.32 / (download) - annotate - [select for diffs], Fri Jan 26 12:12:51 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.31: +5 -4 lines
Diff to previous 1.31 (colored)
Pedantic style police
Revision 1.31 / (download) - annotate - [select for diffs], Tue Dec 19 19:03:05 2000 UTC (23 years, 5 months ago) by mickey
Branch: MAIN
Changes since 1.30: +1 -2 lines
Diff to previous 1.30 (colored)
gmp is gone, make it build again; cvs retard
Revision 1.29.2.1 / (download) - annotate - [select for diffs], Mon Dec 11 05:38:23 2000 UTC (23 years, 5 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.29: +4 -3 lines
Diff to previous 1.29 (colored)
Pull in patch from current: Fix (angelos, provos): Merge with EOM 1.59 author: angelos Initialize variable, avoid free() warnings. author: provos when cert_get fails dont dereference p if its NULL, found by francis.dupont@enst-bretagne.fr
Revision 1.30 / (download) - annotate - [select for diffs], Thu Nov 23 12:56:33 2000 UTC (23 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.29: +5 -4 lines
Diff to previous 1.29 (colored)
Merge with EOM 1.59 author: angelos Initialize variable, avoid free() warnings. author: provos when cert_get fails dont dereference p if its NULL, found by francis.dupont@enst-bretagne.fr
Revision 1.29 / (download) - annotate - [select for diffs], Fri Oct 13 13:42:50 2000 UTC (23 years, 7 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.28: +5 -2 lines
Diff to previous 1.28 (colored)
util.h: Merge with EOM 1.8 ike_auth.c: Merge with EOM 1.57 author: ho Add file permission check to private key file. Split out check function to util.c.
Revision 1.28 / (download) - annotate - [select for diffs], Sat Oct 7 07:01:04 2000 UTC (23 years, 8 months ago) by niklas
Branch: MAIN
Changes since 1.27: +26 -13 lines
Diff to previous 1.27 (colored)
Merge with EOM 1.56 author: niklas Multiple subject name matching, makes certificate interop with PGPnet at least partly working. Added some error checking. author: angelos No need to delete SPIs, they'll just expire. author: provos style as pointed out by the code style pedant.
Revision 1.27 / (download) - annotate - [select for diffs], Thu Aug 3 07:23:32 2000 UTC (23 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.26: +6 -2 lines
Diff to previous 1.26 (colored)
Merge with EOM 1.53 author: provos prevent isakmpd crashing when client gives an unknown ID in aggressive mode. bug report from James Winquist <winquist@mail.cybernet.com>
Revision 1.26 / (download) - annotate - [select for diffs], Tue Jun 20 05:55:15 2000 UTC (23 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.25: +15 -13 lines
Diff to previous 1.25 (colored)
Merge with EOM 1.52 author: niklas Indentation, bad greek
Revision 1.25 / (download) - annotate - [select for diffs], Thu Jun 8 20:48:53 2000 UTC (23 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.24: +310 -106 lines
Diff to previous 1.24 (colored)
Merge with EOM 1.51 author: angelos Don't add the callback at initialization time, we must set it before each invokation. author: angelos Different policy/Keynote sessions per Phase 1 SA. author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol.
Revision 1.24 / (download) - annotate - [select for diffs], Fri Apr 7 22:07:44 2000 UTC (24 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE,
OPENBSD_2_7
Changes since 1.23: +70 -57 lines
Diff to previous 1.23 (colored)
Merge with EOM 1.48 author: niklas Style and correct error reporting author: provos remove double free(buf), caused skeyid to point to skeyid_d when using USER_FQDN author: niklas More braindamage with USE_ macros
Revision 1.23 / (download) - annotate - [select for diffs], Mon Feb 28 23:59:14 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.22: +2 -6 lines
Diff to previous 1.22 (colored)
Merge with EOM 1.45 author: niklas I must have been on drugs. X509 is not preshared key.
Revision 1.22 / (download) - annotate - [select for diffs], Fri Feb 25 17:23:40 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.21: +16 -16 lines
Diff to previous 1.21 (colored)
regress/crypto/Makefile: Merge with EOM 1.5 regress/dh/Makefile: Merge with EOM 1.7 regress/group/Makefile: Merge with EOM 1.9 regress/prf/Makefile: Merge with EOM 1.4 regress/rsakeygen/Makefile: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.10 Makefile: Merge with EOM 1.62 attribute.c: Merge with EOM 1.10 sa.c: Merge with EOM 1.99 conf.c: Merge with EOM 1.20 crypto.c: Merge with EOM 1.28 isakmpd.c: Merge with EOM 1.45 connection.c: Merge with EOM 1.19 doi.h: Merge with EOM 1.28 field.c: Merge with EOM 1.11 exchange.c: Merge with EOM 1.116 ike_auth.c: Merge with EOM 1.44 pf_key_v2.c: Merge with EOM 1.37 ike_phase_1.c: Merge with EOM 1.22 ipsec.c: Merge with EOM 1.118 isakmp_doi.c: Merge with EOM 1.40 log.c: Merge with EOM 1.26 log.h: Merge with EOM 1.18 math_group.c: Merge with EOM 1.23 message.c: Merge with EOM 1.144 pf_encap.c: Merge with EOM 1.70 policy.c: Merge with EOM 1.18 timer.c: Merge with EOM 1.13 transport.c: Merge with EOM 1.41 udp.c: Merge with EOM 1.47 ui.c: Merge with EOM 1.37 x509.c: Merge with EOM 1.36 author: niklas Made debug logging a compile time selectable feature
Revision 1.21 / (download) - annotate - [select for diffs], Sat Feb 19 19:32:53 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.20: +12 -12 lines
Diff to previous 1.20 (colored)
cert.c: Merge with EOM 1.14 ike_auth.c: Merge with EOM 1.43 ike_phase_1.c: Merge with EOM 1.21 init.c: Merge with EOM 1.24 ipsec.c: Merge with EOM 1.117 isakmpd.c: Merge with EOM 1.44 math_group.c: Merge with EOM 1.22 author: niklas Copyright 2000 author: niklas Allow isakmpd builders to remove optional parts and save bytes.
Revision 1.20 / (download) - annotate - [select for diffs], Tue Feb 1 02:46:18 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.19: +3 -2 lines
Diff to previous 1.19 (colored)
apps/certpatch/certpatch.8: Merge with EOM 1.4 apps/certpatch/certpatch.c: Merge with EOM 1.6 exchange.c: Merge with EOM 1.114 ike_quick_mode.c: Merge with EOM 1.110 ike_phase_1.c: Merge with EOM 1.16 ike_auth.c: Merge with EOM 1.41 ike_aggressive.c: Merge with EOM 1.4 libcrypto.c: Merge with EOM 1.10 libcrypto.h: Merge with EOM 1.10 isakmpd.8: Merge with EOM 1.19 isakmpd.c: Merge with EOM 1.42 ipsec.h: Merge with EOM 1.40 init.c: Merge with EOM 1.22 message.c: Merge with EOM 1.143 message.h: Merge with EOM 1.49 sa.c: Merge with EOM 1.98 sa.h: Merge with EOM 1.54 policy.c: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.36 x509.c: Merge with EOM 1.32 x509.h: Merge with EOM 1.9 udp.c: Merge with EOM 1.46 author: niklas Angelos copyrights
Revision 1.19 / (download) - annotate - [select for diffs], Fri Oct 1 14:10:54 1999 UTC (24 years, 8 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.18: +3 -87 lines
Diff to previous 1.18 (colored)
Merge with EOM 1.40 author: angelos Allow for new versions of SSLeay author: angelos Remove evil experimental code, fix off-by-1 buffer allocation.
Revision 1.18 / (download) - annotate - [select for diffs], Wed Sep 29 04:45:01 1999 UTC (24 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.17: +5 -1 lines
Diff to previous 1.17 (colored)
openssl readiness; various group members
Revision 1.17 / (download) - annotate - [select for diffs], Thu Aug 26 22:30:08 1999 UTC (24 years, 9 months ago) by niklas
Branch: MAIN
Changes since 1.16: +188 -36 lines
Diff to previous 1.16 (colored)
Merge with EOM 1.38 author: angelos When doing preshared key authentication, if the responder has the initiator's ID (as is the case in aggressive mode) and a shared key cannot be found for the initiator's address (as may be the case for a roaming laptop user), try to find the password under using as a lookup key the initiator's Phase 1 ID, if it's an IPv4 address, an FQDN (host.domain), or a User-FQDN (user@host.domain). This allows us to support roaming laptop users with preshared key authentication, using aggressive mode (sick). There is also a lot of experimental, insecure, and ifdef'd out code for fetching credentials and secret passphrases from a remote server if all else fails. Extremely experimental code. Don't use. You'll be blinded and your hair will fall if you even think about using it. You have been warned. author: angelos Complete policy work; tested for the shared-key case. Documentation needed. author: ho Compile without USE_LIBCRYPTO and HAVE_DLOPEN. author: niklas Missing dynamic link fixes author: niklas Add support for dynamic loading of optional facilities, libcrypto first.
Revision 1.16 / (download) - annotate - [select for diffs], Sun Jul 18 09:33:33 1999 UTC (24 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.15: +3 -3 lines
Diff to previous 1.15 (colored)
samples/VPN-east.conf: Merge with EOM 1.7 samples/VPN-west.conf: Merge with EOM 1.7 samples/singlehost-west.conf: Merge with EOM 1.4 samples/singlehost-east.conf: Merge with EOM 1.4 README.PKI: Merge with EOM 1.3 ike_auth.c: Merge with EOM 1.33 isakmpd.conf.5: Merge with EOM 1.28 author: niklas Moving the PRIVKEY tag into the X509-certificates section, renaming it to Private-key. Also rename the keynote policy file.
Revision 1.15 / (download) - annotate - [select for diffs], Sat Jul 17 21:54:39 1999 UTC (24 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.14: +221 -92 lines
Diff to previous 1.14 (colored)
regress/rsakeygen/Makefile: Merge with EOM 1.4 regress/rsakeygen/rsakeygen.c: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.6 regress/x509/x509test.c: Merge with EOM 1.6 regress/Makefile: Merge with EOM 1.8 samples/VPN-east.conf: Merge with EOM 1.6 samples/VPN-west.conf: Merge with EOM 1.6 samples/singlehost-east.conf: Merge with EOM 1.3 samples/singlehost-west.conf: Merge with EOM 1.3 sysdep/openbsd/Makefile.sysdep: Merge with EOM 1.5 x509.h: Merge with EOM 1.6 x509.c: Merge with EOM 1.17 DESIGN-NOTES: Merge with EOM 1.46 Makefile: Merge with EOM 1.55 cert.c: Merge with EOM 1.11 cert.h: Merge with EOM 1.6 exchange.c: Merge with EOM 1.109 exchange.h: Merge with EOM 1.26 ike_auth.c: Merge with EOM 1.32 ike_phase_1.c: Merge with EOM 1.7 init.c: Merge with EOM 1.16 isakmpd.conf.5: Merge with EOM 1.27 README.PKI: Merge with EOM 1.1 author: niklas From Niels Provos, edited by me: certificate support using SSLeay
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jul 7 22:04:08 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.13: +8 -8 lines
Diff to previous 1.13 (colored)
Merge with EOM 1.31 author: niklas indent
Revision 1.13 / (download) - annotate - [select for diffs], Sun May 2 19:20:31 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.12: +14 -27 lines
Diff to previous 1.12 (colored)
BUGS: Merge with EOM 1.31 doi.h: Merge with EOM 1.27 ike_auth.c: Merge with EOM 1.30 ike_quick_mode.c: Merge with EOM 1.85 ipsec.c: Merge with EOM 1.107 ipsec.h: Merge with EOM 1.36 isakmp_doi.c: Merge with EOM 1.39 author: niklas Factor out keyed hashing of all payloads with SKEYID_a, and make DOI hooks for informational exchanges to add such hashing. Use it from QM and the IKE authentication module too. Remove some bogus XXX comments. Add error reporting
Revision 1.12 / (download) - annotate - [select for diffs], Mon Apr 19 21:08:44 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.11: +145 -90 lines
Diff to previous 1.11 (colored)
./ike_auth.c: Merge with EOM 1.29 Accept multiple CERT payloads. Some style nits. Style. alloc error reporting. Math error propagation. Allocate right sizes. Memory alloc. error reporting 1999 copyrights
Revision 1.11 / (download) - annotate - [select for diffs], Wed Mar 24 14:42:49 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.10: +5 -12 lines
Diff to previous 1.10 (colored)
Merge with EOM 1.25 Only get the destination address when needed RSA fixes and optimiations from Ilya Tsindlekht, via Niels Provos
Revision 1.10 / (download) - annotate - [select for diffs], Fri Feb 26 03:40:50 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.9: +4 -2 lines
Diff to previous 1.9 (colored)
Merge from the Ericsson repository | revision 1.23 | date: 1999/02/25 11:39:02; author: niklas; state: Exp; lines: +3 -1 | include sysdep.h everywhere | ----------------------------
Revision 1.9 / (download) - annotate - [select for diffs], Mon Dec 21 01:02:24 1998 UTC (25 years, 5 months ago) by niklas
Branch: MAIN
Changes since 1.8: +6 -10 lines
Diff to previous 1.8 (colored)
Last months worth of work on isakmpd, lots done
Revision 1.8 / (download) - annotate - [select for diffs], Fri Nov 20 23:42:29 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.7: +50 -7 lines
Diff to previous 1.7 (colored)
Preshared key per IP-address, and in hex-format too
Revision 1.7 / (download) - annotate - [select for diffs], Tue Nov 17 11:10:12 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.6: +2 -1 lines
Diff to previous 1.6 (colored)
Add RCS Ids from the EOM repository
Revision 1.6 / (download) - annotate - [select for diffs], Mon Nov 16 21:07:16 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.5: +276 -2 lines
Diff to previous 1.5 (colored)
Reinstate X509 signature code except for RSA code
Revision 1.5 / (download) - annotate - [select for diffs], Sun Nov 15 01:13:27 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.4: +1 -2 lines
Diff to previous 1.4 (colored)
Remove last warnings after crippling
Revision 1.4 / (download) - annotate - [select for diffs], Sun Nov 15 01:09:59 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.3: +1 -39 lines
Diff to previous 1.3 (colored)
Remove more cruft
Revision 1.3 / (download) - annotate - [select for diffs], Sun Nov 15 00:59:11 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.2: +2 -237 lines
Diff to previous 1.2 (colored)
cripple until later
Revision 1.2 / (download) - annotate - [select for diffs], Sun Nov 15 00:43:54 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
openBSD RCS IDs
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Nov 15 00:03:48 1998 UTC (25 years, 6 months ago) by niklas
Branch: NIKLAS
CVS Tags: NIKLAS_981114
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Initial import of isakmpd, an IKE (ISAKMP/Oakley) implementation for the OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by Ericsson Radio Systems. It is not yet complete or usable in a real scenario but the missing pieces will soon be there. The early commit is for people who wants early access and who are not afraid of looking at source. isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so far, so it is not that incomplete. It is really mostly configuration that is lacking.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Nov 15 00:03:48 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Initial revision