![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.78 / (download) - annotate - [select for diffs], Thu Sep 20 11:49:55 2018 UTC (5 years, 8 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
HEAD
Changes since 1.77: +3 -2 lines
Diff to previous 1.77 (colored)
add missing braces implied by indentation ok millert@ mpi@
Revision 1.77 / (download) - annotate - [select for diffs], Wed Nov 8 13:33:49 2017 UTC (6 years, 7 months ago) by patrick
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.76: +8 -7 lines
Diff to previous 1.76 (colored)
In the final RFC 5903 the computation for the DH shared secret changed. Instead of the full point, only the X point is included. The member g_xy is always the shared secret but so far its buffer has been allocated using the size of the public points. Since this is a different size now, as the shared secret for EC Groups should only store the x point, we need another member to specify the length of g_xy. Since this is a backwards incompatible change older isakmpds won't be able to negotiate if you use EC groups. Bump the version of our own vendor tag so peers can try to keep compatibility based on the presen- ted tag. This could be used to implement backwards compatibility to older isakmpds. Prompted by and ok mpi@
Revision 1.76 / (download) - annotate - [select for diffs], Thu Dec 10 17:27:00 2015 UTC (8 years, 6 months ago) by mmcc
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.75: +2 -3 lines
Diff to previous 1.75 (colored)
Remove NULL-checks before free(). ok tb@
Revision 1.75 / (download) - annotate - [select for diffs], Thu Aug 20 22:02:21 2015 UTC (8 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.74: +3 -3 lines
Diff to previous 1.74 (colored)
<stdlib.h> is included, so do not need to cast result from malloc, calloc, realloc* ok krw millert
Revision 1.74 / (download) - annotate - [select for diffs], Sun Feb 15 01:56:42 2015 UTC (9 years, 3 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.73: +2 -2 lines
Diff to previous 1.73 (colored)
convert bcmp to memcmp ok doug millert miod
Revision 1.73 / (download) - annotate - [select for diffs], Fri Aug 22 07:59:52 2014 UTC (9 years, 9 months ago) by doug
Branch: MAIN
Changes since 1.72: +2 -1 lines
Diff to previous 1.72 (colored)
fix memory leak in isakmpd ok gerhard@ (also corrected first version)
Revision 1.72 / (download) - annotate - [select for diffs], Tue Jun 29 19:50:16 2010 UTC (13 years, 11 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.71: +1 -2 lines
Diff to previous 1.71 (colored)
Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the smaller implementation from iked that is using libcrypto instead. This allows to remove a lot of code (which is always good), get rid of some custom crypto code by using libcrypto, theoretically adds support for many new MODP and EC2N/ECP modes (but it is not configurable yet), and allows to share the dh.c/dh.h code in different codebases (it is identical in isakmpd and iked, but could also be used elsewhere). ok deraadt@
Revision 1.71 / (download) - annotate - [select for diffs], Wed Feb 6 11:37:53 2008 UTC (16 years, 4 months ago) by moritz
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.70: +8 -1 lines
Diff to previous 1.70 (colored)
Fix possible memory leaks when sending phase 1 IDs. From Igor Zinovik <zinovik@cs.karelia.ru> ok hshoexer@
Revision 1.70 / (download) - annotate - [select for diffs], Sun Aug 5 09:43:09 2007 UTC (16 years, 10 months ago) by tom
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.69: +6 -1 lines
Diff to previous 1.69 (colored)
Allow key exchange with RSA signature authentication to work with Cisco IOS and other initiators that only send their certs in response to CERT_REQUEST. With input and help from cloder@, Stuart Henderson, mpf@, and several others who did lots of testing - thanks to all. ok hshoexer@
Revision 1.69 / (download) - annotate - [select for diffs], Mon May 7 18:19:56 2007 UTC (17 years, 1 month ago) by cloder
Branch: MAIN
Changes since 1.68: +33 -28 lines
Diff to previous 1.68 (colored)
It was possible for phase 1 negotiation to fail due to lifetime duration mismatch without any log message stating so. This diff makes sure that all phase 1 negotiation failures due to proposal attribute mismatch are logged. Also change these messages from LOG_NEGOTIATION debug level 70 to always be logged (not just with debug). General idea OK hshoexer, tested here in production.
Revision 1.68 / (download) - annotate - [select for diffs], Sun Apr 22 11:32:30 2007 UTC (17 years, 1 month ago) by moritz
Branch: MAIN
Changes since 1.67: +4 -2 lines
Diff to previous 1.67 (colored)
Use conf_free_list() after calling conf_get_list(). Otherwise we leak memory. ok ho@
Revision 1.67 / (download) - annotate - [select for diffs], Mon Apr 16 13:01:39 2007 UTC (17 years, 1 month ago) by moritz
Branch: MAIN
Changes since 1.66: +6 -11 lines
Diff to previous 1.66 (colored)
There's no point in checking ptr for NULL before doing free(ptr) since free(NULL) is just fine. ok hshoexer@
Revision 1.66 / (download) - annotate - [select for diffs], Sun Jul 2 13:19:00 2006 UTC (17 years, 11 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.65: +12 -3 lines
Diff to previous 1.65 (colored)
Let isakmpd send out a vendor ID announcing isamkpds release version. Will be handy for release specific bug fixes, etc. Suggested by markus@ quite some time ago. ok markus@
Revision 1.65 / (download) - annotate - [select for diffs], Tue Jul 5 11:59:51 2005 UTC (18 years, 11 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored)
fix comment
Revision 1.64 / (download) - annotate - [select for diffs], Sat Jun 25 11:40:52 2005 UTC (18 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.63: +13 -2 lines
Diff to previous 1.63 (colored)
Use correct local ID in phase 1 when using IPV[46]_ADDR. Diff from st.sch at gmx.net
Revision 1.63 / (download) - annotate - [select for diffs], Thu May 26 06:11:09 2005 UTC (19 years ago) by hshoexer
Branch: MAIN
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)
Use TAILQ_FOREACH where possible, remove payload_last() ok markus
Revision 1.62 / (download) - annotate - [select for diffs], Fri Apr 8 22:32:10 2005 UTC (19 years, 2 months ago) by cloder
Branch: MAIN
Changes since 1.61: +1 -3 lines
Diff to previous 1.61 (colored)
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
Revision 1.61 / (download) - annotate - [select for diffs], Fri Apr 8 16:52:41 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.60: +1 -7 lines
Diff to previous 1.60 (colored)
always enable aggressive, dpd, and isakmp_cfg
Revision 1.60 / (download) - annotate - [select for diffs], Fri Apr 8 16:37:14 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.59: +1 -11 lines
Diff to previous 1.59 (colored)
nat-traversal always
Revision 1.59 / (download) - annotate - [select for diffs], Mon Apr 4 19:31:11 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.58: +3 -3 lines
Diff to previous 1.58 (colored)
spacing; ok cloder
Revision 1.58 / (download) - annotate - [select for diffs], Sat Jan 29 17:07:55 2005 UTC (19 years, 4 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.57: +26 -26 lines
Diff to previous 1.57 (colored)
some knf and space killing, no binary change.
Revision 1.57 / (download) - annotate - [select for diffs], Tue Dec 14 10:17:28 2004 UTC (19 years, 5 months ago) by mcbride
Branch: MAIN
Changes since 1.56: +24 -4 lines
Diff to previous 1.56 (colored)
Allow the Address, Network, or Netmask values of the <IPsec-ID> to be specified with an interface name (in which case the first address is used) or the keyword 'default' (in which case the address is selected based on the default route). eg: [roadwarrior-ip] ID-type= IPV4_ADDR Address= default ok ho@ hshoexer@
Revision 1.56 / (download) - annotate - [select for diffs], Sun Aug 8 19:11:06 2004 UTC (19 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)
spacing
Revision 1.55 / (download) - annotate - [select for diffs], Thu Jul 29 08:54:08 2004 UTC (19 years, 10 months ago) by ho
Branch: MAIN
Changes since 1.54: +4 -3 lines
Diff to previous 1.54 (colored)
Repair NAT-T using Aggressive mode, NAT-D checks were in the wrong place. Noted by Yvan VANHULLEBUS.
Revision 1.54 / (download) - annotate - [select for diffs], Mon Jul 5 17:33:35 2004 UTC (19 years, 11 months ago) by pvalchev
Branch: MAIN
Changes since 1.53: +6 -6 lines
Diff to previous 1.53 (colored)
%lu and cast to unsigned long to print a size_t; ok ho
Revision 1.53 / (download) - annotate - [select for diffs], Wed Jun 23 00:56:45 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.52: +45 -4 lines
Diff to previous 1.52 (colored)
Support IPV{4,6}_ADDR_SUBNET IDs in Phase 1, just like the man page
says we do. Noted and tested by alex at vbone.net. Also avoid a
potential SEGV here. hshoexer@ok
Revision 1.52 / (download) - annotate - [select for diffs], Sun Jun 20 17:17:35 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.51: +10 -14 lines
Diff to previous 1.51 (colored)
Make the payload array in struct message dynamic, since we need to handle payloads in the private range, such as the pre-RFC NAT-D/NAT-OA. Replace TAILQ_FIRST(&msg->payload[i]) instances with function calls.
Revision 1.51 / (download) - annotate - [select for diffs], Sun Jun 20 15:24:05 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.50: +47 -2 lines
Diff to previous 1.50 (colored)
NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok.
Revision 1.50 / (download) - annotate - [select for diffs], Mon Jun 14 09:55:41 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.49: +3 -2 lines
Diff to previous 1.49 (colored)
KNF, style, 80c, etc. hshoexer@ ok
Revision 1.39.2.1 / (download) - annotate - [select for diffs], Fri Jun 11 03:08:02 2004 UTC (20 years ago) by brad
Branch: OPENBSD_3_4
Changes since 1.39: +4 -1 lines
Diff to previous 1.39 (colored) next main 1.40 (colored)
MFC: Fix by hshoexer@ Mark authenticated messages explicitly. Better check for authentication before deleteing SAs. This fix is needed to solve the problems reported by Thomas Walpuski, previous diff was not sufficient. Pointed out by Thomas. Thanks!
Revision 1.44.2.1 / (download) - annotate - [select for diffs], Fri Jun 11 02:34:56 2004 UTC (20 years ago) by brad
Branch: OPENBSD_3_5
Changes since 1.44: +4 -1 lines
Diff to previous 1.44 (colored) next main 1.45 (colored)
MFC: Fix by hshoexer@ Mark authenticated messages explicitly. Better check for authentication before deleteing SAs. This fix is needed to solve the problems reported by Thomas Walpuski, previous diff was not sufficient. Pointed out by Thomas. Thanks!
Revision 1.49 / (download) - annotate - [select for diffs], Thu Jun 10 12:54:53 2004 UTC (20 years ago) by hshoexer
Branch: MAIN
Changes since 1.48: +5 -1 lines
Diff to previous 1.48 (colored)
Mark authenticated messages explicitly. Better check for authentication before deleteing SAs. This fix is needed to solve the problems reported by Thomas Walpuski, previous diff was not sufficient. Pointed out by Thomas. Thanks! ok ho@ niklas@, testing and spellcheck by todd@ msf@
Revision 1.48 / (download) - annotate - [select for diffs], Wed Jun 9 14:02:44 2004 UTC (20 years ago) by ho
Branch: MAIN
Changes since 1.47: +15 -15 lines
Diff to previous 1.47 (colored)
Style nits. hshoexer@ ok
Revision 1.47 / (download) - annotate - [select for diffs], Sun Jun 6 13:05:40 2004 UTC (20 years ago) by ho
Branch: MAIN
Changes since 1.46: +134 -100 lines
Diff to previous 1.46 (colored)
Style (KNF, 80c). No binary change.
Revision 1.46 / (download) - annotate - [select for diffs], Thu Apr 15 18:39:25 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.45: +1092 -1215 lines
Diff to previous 1.45 (colored)
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
Revision 1.45 / (download) - annotate - [select for diffs], Wed Apr 7 22:45:49 2004 UTC (20 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.44: +5 -3 lines
Diff to previous 1.44 (colored)
-Wsign-compare nits. hshoexer@ ok.
Revision 1.44 / (download) - annotate - [select for diffs], Fri Feb 27 10:16:26 2004 UTC (20 years, 3 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)
(C)-2004
Revision 1.43 / (download) - annotate - [select for diffs], Fri Feb 27 09:01:18 2004 UTC (20 years, 3 months ago) by ho
Branch: MAIN
Changes since 1.42: +20 -3 lines
Diff to previous 1.42 (colored)
Follow RFC 2408 more closely regarding how to better check the proposal returned by the other peer (the responder). Some implementations (notably the Cisco PIX) does not follow a SHOULD in section 4.2 of the RFC. With certain proposal combinations this caused us to setup the wrong SA resulting in us being unable to process incoming IPsec traffic (over this tunnel). Tested against a number of different IKE implementations. hshoexer@ ok.
Revision 1.42 / (download) - annotate - [select for diffs], Thu Dec 4 21:13:35 2003 UTC (20 years, 6 months ago) by miod
Branch: MAIN
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
Typos
Revision 1.41 / (download) - annotate - [select for diffs], Tue Oct 14 14:29:15 2003 UTC (20 years, 8 months ago) by ho
Branch: MAIN
Changes since 1.40: +3 -4 lines
Diff to previous 1.40 (colored)
constant_lookup() to constant_name() cleanup. markus@ ok.
Revision 1.40 / (download) - annotate - [select for diffs], Sat Oct 4 17:29:58 2003 UTC (20 years, 8 months ago) by cloder
Branch: MAIN
Changes since 1.39: +17 -6 lines
Diff to previous 1.39 (colored)
Avoid crash on invalid config file (missing value for LIFE_DURATION). OK ho@
Revision 1.39 / (download) - annotate - [select for diffs], Fri Aug 8 08:46:59 2003 UTC (20 years, 10 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.38: +4 -3 lines
Diff to previous 1.38 (colored)
Be more careful when using constant_lookup() in messages. Pointed out by Jean-Francois Dive, although I opted for a slightly different patch.
Revision 1.38 / (download) - annotate - [select for diffs], Tue Jun 10 16:41:29 2003 UTC (21 years ago) by deraadt
Branch: MAIN
Changes since 1.37: +3 -3 lines
Diff to previous 1.37 (colored)
boring cleanups
Revision 1.37 / (download) - annotate - [select for diffs], Wed Jun 4 07:31:16 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.36: +1 -6 lines
Diff to previous 1.36 (colored)
Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos D. Keromytis and Niels Provos.
Revision 1.36 / (download) - annotate - [select for diffs], Tue Jun 3 12:51:39 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.35: +4 -4 lines
Diff to previous 1.35 (colored)
Cleanup. Use 'sizeof variable' instead of magic constants.
Revision 1.35 / (download) - annotate - [select for diffs], Wed Sep 11 09:50:43 2002 UTC (21 years, 9 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3,
OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.34: +9 -8 lines
Diff to previous 1.34 (colored)
signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.
Revision 1.34 / (download) - annotate - [select for diffs], Thu Jul 4 17:00:35 2002 UTC (21 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.33: +8 -5 lines
Diff to previous 1.33 (colored)
style
Revision 1.33 / (download) - annotate - [select for diffs], Thu Jun 6 02:15:27 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.32: +5 -4 lines
Diff to previous 1.32 (colored)
Style, and a few additional format/type mods.
Revision 1.32 / (download) - annotate - [select for diffs], Sat Jun 1 07:44:21 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.31: +29 -28 lines
Diff to previous 1.31 (colored)
size_t must be cast to (unsigned long) and printed using %lu
Revision 1.31 / (download) - annotate - [select for diffs], Fri Oct 26 12:03:07 2001 UTC (22 years, 7 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.30: +7 -7 lines
Diff to previous 1.30 (colored)
Just rename sockaddr_data/len functions to sockaddr_addrdata/addrlen.
Revision 1.30 / (download) - annotate - [select for diffs], Sun Jul 1 20:11:53 2001 UTC (22 years, 11 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.29: +47 -29 lines
Diff to previous 1.29 (colored)
More Style police, but also sane checking of address family vs stated ID-type.
Revision 1.29 / (download) - annotate - [select for diffs], Sun Jul 1 18:46:33 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.28: +3 -2 lines
Diff to previous 1.28 (colored)
Set size correctly for IPv6 Phase 1 IDs.
Revision 1.28 / (download) - annotate - [select for diffs], Fri Jun 29 18:52:16 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.27: +3 -4 lines
Diff to previous 1.27 (colored)
Change get_src/get_dst API as we get the length with sa_len.
Revision 1.27 / (download) - annotate - [select for diffs], Fri Jun 29 04:12:00 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.26: +28 -10 lines
Diff to previous 1.26 (colored)
Initial IPv6 support. (niklas@ ok)
Revision 1.26 / (download) - annotate - [select for diffs], Tue Jun 5 10:50:55 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
Print the correct expected Remote ID value
Revision 1.25 / (download) - annotate - [select for diffs], Tue Jun 5 10:09:01 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.24: +4 -4 lines
Diff to previous 1.24 (colored)
Don't use log_error() in vain.
Revision 1.24 / (download) - annotate - [select for diffs], Tue Jun 5 08:01:07 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.23: +65 -11 lines
Diff to previous 1.23 (colored)
Enforce Remote-ID specified in Phase 1 peer section (whether manually or dynamically specified).
Revision 1.20.2.1 / (download) - annotate - [select for diffs], Tue May 8 12:45:23 2001 UTC (23 years, 1 month ago) by ho
Branch: OPENBSD_2_8
Changes since 1.20: +43 -30 lines
Diff to previous 1.20 (colored) next main 1.21 (colored)
Pull in isakmpd from 2.9 to 2.8 branch.
Revision 1.23 / (download) - annotate - [select for diffs], Tue Mar 13 14:05:18 2001 UTC (23 years, 3 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9
Changes since 1.22: +38 -29 lines
Diff to previous 1.22 (colored)
Add logging classes for Negotiation and Policy, and change a number of debug messages to use these instead. Change a number of 'log_print' to debug messages to keep the noise down. Use 'log_error' instead of 'log_print' in some cases when we have errno. Some indentation fixes. (niklas@ ok)
Revision 1.22 / (download) - annotate - [select for diffs], Wed Mar 7 07:33:53 2001 UTC (23 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.21: +2 -1 lines
Diff to previous 1.21 (colored)
Add KEY_ID support (mostly from roland@digitalvampire.org)
Revision 1.21 / (download) - annotate - [select for diffs], Tue Dec 12 01:45:45 2000 UTC (23 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.20: +5 -2 lines
Diff to previous 1.20 (colored)
Merge with EOM 1.31 author: niklas style nit, we only use NULL in isakmpd when a manpage mandates it author: angelos Also check for default Phase 1 ID.
Revision 1.20 / (download) - annotate - [select for diffs], Mon Oct 16 23:27:13 2000 UTC (23 years, 7 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.19: +8 -2 lines
Diff to previous 1.19 (colored)
Merge with EOM 1.29 author: angelos Add comment on where we could be checking the Remote-ID.
Revision 1.19 / (download) - annotate - [select for diffs], Sat Oct 7 06:58:07 2000 UTC (23 years, 8 months ago) by niklas
Branch: MAIN
Changes since 1.18: +24 -15 lines
Diff to previous 1.18 (colored)
Merge with EOM 1.28 author: niklas style and < that should be <= author: angelos Handle 32-bit lifetimes (in generating them). author: ho Use log_print() instead of log_error here, no errno here.
Revision 1.18 / (download) - annotate - [select for diffs], Fri Apr 7 22:05:48 2000 UTC (24 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE,
OPENBSD_2_7
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
Merge with EOM 1.25 author: niklas wording
Revision 1.17 / (download) - annotate - [select for diffs], Wed Mar 8 08:43:04 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.16: +4 -3 lines
Diff to previous 1.16 (colored)
Merge with EOM 1.24 author: niklas line break
Revision 1.16 / (download) - annotate - [select for diffs], Mon Feb 28 22:48:34 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.15: +4 -3 lines
Diff to previous 1.15 (colored)
Merge with EOM 1.23 author: niklas nm@wizard.web.am & winquist@cybernet.com both independently found my bug, a %s without a string given.
Revision 1.15 / (download) - annotate - [select for diffs], Fri Feb 25 17:23:40 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.14: +19 -19 lines
Diff to previous 1.14 (colored)
regress/crypto/Makefile: Merge with EOM 1.5 regress/dh/Makefile: Merge with EOM 1.7 regress/group/Makefile: Merge with EOM 1.9 regress/prf/Makefile: Merge with EOM 1.4 regress/rsakeygen/Makefile: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.10 Makefile: Merge with EOM 1.62 attribute.c: Merge with EOM 1.10 sa.c: Merge with EOM 1.99 conf.c: Merge with EOM 1.20 crypto.c: Merge with EOM 1.28 isakmpd.c: Merge with EOM 1.45 connection.c: Merge with EOM 1.19 doi.h: Merge with EOM 1.28 field.c: Merge with EOM 1.11 exchange.c: Merge with EOM 1.116 ike_auth.c: Merge with EOM 1.44 pf_key_v2.c: Merge with EOM 1.37 ike_phase_1.c: Merge with EOM 1.22 ipsec.c: Merge with EOM 1.118 isakmp_doi.c: Merge with EOM 1.40 log.c: Merge with EOM 1.26 log.h: Merge with EOM 1.18 math_group.c: Merge with EOM 1.23 message.c: Merge with EOM 1.144 pf_encap.c: Merge with EOM 1.70 policy.c: Merge with EOM 1.18 timer.c: Merge with EOM 1.13 transport.c: Merge with EOM 1.41 udp.c: Merge with EOM 1.47 ui.c: Merge with EOM 1.37 x509.c: Merge with EOM 1.36 author: niklas Made debug logging a compile time selectable feature
Revision 1.14 / (download) - annotate - [select for diffs], Sat Feb 19 19:32:53 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.13: +13 -3 lines
Diff to previous 1.13 (colored)
cert.c: Merge with EOM 1.14 ike_auth.c: Merge with EOM 1.43 ike_phase_1.c: Merge with EOM 1.21 init.c: Merge with EOM 1.24 ipsec.c: Merge with EOM 1.117 isakmpd.c: Merge with EOM 1.44 math_group.c: Merge with EOM 1.22 author: niklas Copyright 2000 author: niklas Allow isakmpd builders to remove optional parts and save bytes.
Revision 1.13 / (download) - annotate - [select for diffs], Fri Feb 11 10:22:25 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.12: +4 -3 lines
Diff to previous 1.12 (colored)
Merge with EOM 1.19 author: ho style... author: ho Think-o. Reword log msg again to match what happens here. author: ho (struct constant_map *) is not (char *), plus reword the log msg.
Revision 1.12 / (download) - annotate - [select for diffs], Tue Feb 1 02:46:18 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.11: +3 -2 lines
Diff to previous 1.11 (colored)
apps/certpatch/certpatch.8: Merge with EOM 1.4 apps/certpatch/certpatch.c: Merge with EOM 1.6 exchange.c: Merge with EOM 1.114 ike_quick_mode.c: Merge with EOM 1.110 ike_phase_1.c: Merge with EOM 1.16 ike_auth.c: Merge with EOM 1.41 ike_aggressive.c: Merge with EOM 1.4 libcrypto.c: Merge with EOM 1.10 libcrypto.h: Merge with EOM 1.10 isakmpd.8: Merge with EOM 1.19 isakmpd.c: Merge with EOM 1.42 ipsec.h: Merge with EOM 1.40 init.c: Merge with EOM 1.22 message.c: Merge with EOM 1.143 message.h: Merge with EOM 1.49 sa.c: Merge with EOM 1.98 sa.h: Merge with EOM 1.54 policy.c: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.36 x509.c: Merge with EOM 1.32 x509.h: Merge with EOM 1.9 udp.c: Merge with EOM 1.46 author: niklas Angelos copyrights
Revision 1.11 / (download) - annotate - [select for diffs], Sun Jan 30 09:20:57 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.10: +4 -4 lines
Diff to previous 1.10 (colored)
Merge with EOM 1.15 author: angelos Better logic. author: angelos Don't crash if Life is not present...
Revision 1.10 / (download) - annotate - [select for diffs], Thu Jan 27 18:07:16 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.9: +4 -3 lines
Diff to previous 1.9 (colored)
Merge with EOM 1.13 author: ho Bugfix. From <Jorgen.Granstam@abc.se>.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jan 26 15:21:36 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.8: +8 -5 lines
Diff to previous 1.8 (colored)
Merge with EOM 1.12 date: 2000/01/25 06:13:15; author: angelos; state: Exp; lines: +7 -4 Handle IPV4_ADDR as a Phase 1 ID
Revision 1.8 / (download) - annotate - [select for diffs], Fri Oct 1 14:07:42 1999 UTC (24 years, 8 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.7: +26 -9 lines
Diff to previous 1.7 (colored)
Merge with EOM 1.11 author: ho add some more debugging info author: angelos Allow "Life" to be ANY author: angelos Allow "ANY" in some fields
Revision 1.7 / (download) - annotate - [select for diffs], Thu Aug 26 22:27:51 1999 UTC (24 years, 9 months ago) by niklas
Branch: MAIN
Changes since 1.6: +6 -4 lines
Diff to previous 1.6 (colored)
ike_phase_1.c: Merge with EOM 1.8 message.c: Merge with EOM 1.135 message.h: Merge with EOM 1.48 sa.c: Merge with EOM 1.97 sa.h: Merge with EOM 1.53 author: angelos Complete policy work; tested for the shared-key case. Documentation needed.
Revision 1.6 / (download) - annotate - [select for diffs], Sat Jul 17 21:54:39 1999 UTC (24 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
regress/rsakeygen/Makefile: Merge with EOM 1.4 regress/rsakeygen/rsakeygen.c: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.6 regress/x509/x509test.c: Merge with EOM 1.6 regress/Makefile: Merge with EOM 1.8 samples/VPN-east.conf: Merge with EOM 1.6 samples/VPN-west.conf: Merge with EOM 1.6 samples/singlehost-east.conf: Merge with EOM 1.3 samples/singlehost-west.conf: Merge with EOM 1.3 sysdep/openbsd/Makefile.sysdep: Merge with EOM 1.5 x509.h: Merge with EOM 1.6 x509.c: Merge with EOM 1.17 DESIGN-NOTES: Merge with EOM 1.46 Makefile: Merge with EOM 1.55 cert.c: Merge with EOM 1.11 cert.h: Merge with EOM 1.6 exchange.c: Merge with EOM 1.109 exchange.h: Merge with EOM 1.26 ike_auth.c: Merge with EOM 1.32 ike_phase_1.c: Merge with EOM 1.7 init.c: Merge with EOM 1.16 isakmpd.conf.5: Merge with EOM 1.27 README.PKI: Merge with EOM 1.1 author: niklas From Niels Provos, edited by me: certificate support using SSLeay
Revision 1.5 / (download) - annotate - [select for diffs], Fri Jul 16 02:01:59 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.4: +34 -34 lines
Diff to previous 1.4 (colored)
Merge with EOM 1.6 author: niklas Bugs found when interoperating with KAME: Inbound policy was not checked properly. Lifetime duration could be in long format. Main mode can carry different DH-groups.
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jul 7 22:15:42 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.3: +44 -10 lines
Diff to previous 1.3 (colored)
ike_phase_1.c: Merge with EOM 1.5 x509.c: Merge with EOM 1.16 author: niklas Start stab at supporting other IDs than IPV4_ADDR in main mode
Revision 1.3 / (download) - annotate - [select for diffs], Sun May 2 19:16:41 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.2: +2 -3 lines
Diff to previous 1.2 (colored)
ike_phase_1.c: Merge with EOM 1.4 prf.c: Merge with EOM 1.7 author: niklas Remove bogus XXXes, add allocation error reporting.
Revision 1.2 / (download) - annotate - [select for diffs], Fri Apr 30 11:46:23 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.1: +6 -5 lines
Diff to previous 1.1 (colored)
ike_phase_1.c: Merge with EOM 1.3 ike_quick_mode.c: Merge with EOM 1.84 message.h: Merge with EOM 1.46 author: niklas New message_drop API. Generate real INVALID_COOKIE notification. Generate informational exchanges in phase 1 too. Really get these messages to the wire
Revision 1.1 / (download) - annotate - [select for diffs], Mon Apr 19 21:05:22 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
./ike_phase_1.c: Merge with EOM 1.2 Style. alloc error reporting. Math error propagation. Allocate right sizes. Let's get aggressive!