![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.115 / (download) - annotate - [select for diffs], Fri Mar 31 20:16:55 2023 UTC (14 months, 1 week ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
HEAD
Changes since 1.114: +3 -1 lines
Diff to previous 1.114 (colored)
Add missing NULL check after group_get() Otherwise dh_getlen() will dereference ie->group and crash. looks correct to hshoexer
Revision 1.114 / (download) - annotate - [select for diffs], Mon Jan 15 09:54:48 2018 UTC (6 years, 4 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.113: +12 -12 lines
Diff to previous 1.113 (colored)
Spacing, no object change.
Revision 1.113 / (download) - annotate - [select for diffs], Thu Jan 4 14:21:00 2018 UTC (6 years, 5 months ago) by mpi
Branch: MAIN
Changes since 1.112: +13 -13 lines
Diff to previous 1.112 (colored)
space -> tab No object change.
Revision 1.112 / (download) - annotate - [select for diffs], Thu Dec 7 11:44:02 2017 UTC (6 years, 6 months ago) by mpi
Branch: MAIN
Changes since 1.111: +36 -4 lines
Diff to previous 1.111 (colored)
Set the correct ENCAPSULATION_MODE when doing NAT-T. Fix at least interoperability with Cisco when isakmpd(8) is initiating the connections, originally reported by sebastia@ in 2014. Refreshed diff from and ok hshoexer@, ok sthen@, ok remi@
Revision 1.111 / (download) - annotate - [select for diffs], Wed Nov 8 13:33:49 2017 UTC (6 years, 7 months ago) by patrick
Branch: MAIN
Changes since 1.110: +7 -6 lines
Diff to previous 1.110 (colored)
In the final RFC 5903 the computation for the DH shared secret changed. Instead of the full point, only the X point is included. The member g_xy is always the shared secret but so far its buffer has been allocated using the size of the public points. Since this is a different size now, as the shared secret for EC Groups should only store the x point, we need another member to specify the length of g_xy. Since this is a backwards incompatible change older isakmpds won't be able to negotiate if you use EC groups. Bump the version of our own vendor tag so peers can try to keep compatibility based on the presen- ted tag. This could be used to implement backwards compatibility to older isakmpds. Prompted by and ok mpi@
Revision 1.110 / (download) - annotate - [select for diffs], Thu Dec 10 17:27:00 2015 UTC (8 years, 6 months ago) by mmcc
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.109: +3 -5 lines
Diff to previous 1.109 (colored)
Remove NULL-checks before free(). ok tb@
Revision 1.109 / (download) - annotate - [select for diffs], Thu Aug 20 22:02:21 2015 UTC (8 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.108: +3 -4 lines
Diff to previous 1.108 (colored)
<stdlib.h> is included, so do not need to cast result from malloc, calloc, realloc* ok krw millert
Revision 1.108 / (download) - annotate - [select for diffs], Thu Oct 9 02:38:56 2014 UTC (9 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.107: +11 -11 lines
Diff to previous 1.107 (colored)
obvious reallocarray() conversions
Revision 1.107 / (download) - annotate - [select for diffs], Mon Dec 12 07:35:29 2011 UTC (12 years, 6 months ago) by yasuoka
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.106: +17 -1 lines
Diff to previous 1.106 (colored)
Allow using FQDN as a ID payload type. Some client (eg Windows XP) uses the FQDN type in NAT-T with transport mode. ok markus
Revision 1.106 / (download) - annotate - [select for diffs], Sat Apr 23 03:17:04 2011 UTC (13 years, 1 month ago) by lum
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.105: +3 -2 lines
Diff to previous 1.105 (colored)
Indicate which side of the connection responded during phase 1 while using -v. ok sthen@ markus@
Revision 1.105 / (download) - annotate - [select for diffs], Tue Jun 29 19:50:16 2010 UTC (13 years, 11 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.104: +0 -1 lines
Diff to previous 1.104 (colored)
Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the smaller implementation from iked that is using libcrypto instead. This allows to remove a lot of code (which is always good), get rid of some custom crypto code by using libcrypto, theoretically adds support for many new MODP and EC2N/ECP modes (but it is not configurable yet), and allows to share the dh.c/dh.h code in different codebases (it is identical in isakmpd and iked, but could also be used elsewhere). ok deraadt@
Revision 1.104 / (download) - annotate - [select for diffs], Thu Mar 4 13:55:28 2010 UTC (14 years, 3 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.103: +33 -1 lines
Diff to previous 1.103 (colored)
don't crash on invalid phase 2 IDs; from hshoexer; ok sthen@
Revision 1.103 / (download) - annotate - [select for diffs], Fri Nov 13 22:07:59 2009 UTC (14 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.102: +10 -2 lines
Diff to previous 1.102 (colored)
fix a few memory leaks found by parfait; ok hshoexer
Revision 1.102 / (download) - annotate - [select for diffs], Tue Nov 11 15:11:28 2008 UTC (15 years, 7 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.101: +3 -2 lines
Diff to previous 1.101 (colored)
Use rfc2409 conform notification message when client identities are not valid during phase 2. From Dirk Mast <condor2k at googlemail dot com>, thanks! ok markus@
Revision 1.101 / (download) - annotate - [select for diffs], Wed Aug 15 21:05:45 2007 UTC (16 years, 9 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.100: +1 -3 lines
Diff to previous 1.100 (colored)
Remove a superflous debug fprintf.
Revision 1.100 / (download) - annotate - [select for diffs], Mon Apr 16 13:01:39 2007 UTC (17 years, 1 month ago) by moritz
Branch: MAIN
Changes since 1.99: +18 -35 lines
Diff to previous 1.99 (colored)
There's no point in checking ptr for NULL before doing free(ptr) since free(NULL) is just fine. ok hshoexer@
Revision 1.99 / (download) - annotate - [select for diffs], Sat Jun 10 21:09:45 2006 UTC (18 years ago) by msf
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.98: +3 -1 lines
Diff to previous 1.98 (colored)
Allow isakmpd to use a different private rsa key per isakmp ID. Hans wrote this a long time ago, I synced it to -current and tested. ok hshoexer@
Revision 1.98 / (download) - annotate - [select for diffs], Fri Jun 2 19:35:55 2006 UTC (18 years ago) by hshoexer
Branch: MAIN
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)
Big spelling cleanup, no binary change. From david@
Revision 1.97 / (download) - annotate - [select for diffs], Mon Nov 14 23:25:11 2005 UTC (18 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.96: +3 -7 lines
Diff to previous 1.96 (colored)
use snprintf; ok cloder. also looked at by a few other people
Revision 1.96 / (download) - annotate - [select for diffs], Thu May 26 06:11:09 2005 UTC (19 years ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.95: +2 -4 lines
Diff to previous 1.95 (colored)
Use TAILQ_FOREACH where possible, remove payload_last() ok markus
Revision 1.95 / (download) - annotate - [select for diffs], Fri Apr 8 22:32:10 2005 UTC (19 years, 2 months ago) by cloder
Branch: MAIN
Changes since 1.94: +1 -3 lines
Diff to previous 1.94 (colored)
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
Revision 1.94 / (download) - annotate - [select for diffs], Fri Apr 8 17:15:01 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.93: +1 -22 lines
Diff to previous 1.93 (colored)
keynote and policy always compiled in
Revision 1.93 / (download) - annotate - [select for diffs], Wed Apr 6 16:00:20 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.92: +3 -3 lines
Diff to previous 1.92 (colored)
knf, ok cloder
Revision 1.92 / (download) - annotate - [select for diffs], Tue Apr 5 20:46:20 2005 UTC (19 years, 2 months ago) by cloder
Branch: MAIN
Changes since 1.91: +1 -10 lines
Diff to previous 1.91 (colored)
Always compile X509 support. Almost everyone uses it. Makes the code much easier to read and to maintain. OK and testing by hshoexer@, more testing by me
Revision 1.91 / (download) - annotate - [select for diffs], Mon Apr 4 19:31:11 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.90: +54 -55 lines
Diff to previous 1.90 (colored)
spacing; ok cloder
Revision 1.90 / (download) - annotate - [select for diffs], Tue Mar 22 12:43:39 2005 UTC (19 years, 2 months ago) by hshoexer
Branch: MAIN
Changes since 1.89: +3 -1 lines
Diff to previous 1.89 (colored)
Do not leak keynote session in error path. ok cloder@
Revision 1.89 / (download) - annotate - [select for diffs], Sat Mar 5 12:32:58 2005 UTC (19 years, 3 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.88: +12 -15 lines
Diff to previous 1.88 (colored)
No need to use a local hashsize. hshoexer@ ok.
Revision 1.88 / (download) - annotate - [select for diffs], Thu Feb 10 13:01:01 2005 UTC (19 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)
ignore_policy should be ifdef USE_POLICY. hshoexer@ ok
Revision 1.87 / (download) - annotate - [select for diffs], Fri Sep 17 13:53:08 2004 UTC (19 years, 8 months ago) by ho
Branch: MAIN
Changes since 1.86: +6 -3 lines
Diff to previous 1.86 (colored)
Missing #ifdefs.
Revision 1.86 / (download) - annotate - [select for diffs], Sat Aug 14 13:29:50 2004 UTC (19 years, 9 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.85: +12 -13 lines
Diff to previous 1.85 (colored)
When using -K (keynote disabled), check peers' proposal against isakmpd.conf. ok ho@ henning@
Revision 1.85 / (download) - annotate - [select for diffs], Sun Aug 8 19:11:06 2004 UTC (19 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.84: +8 -8 lines
Diff to previous 1.84 (colored)
spacing
Revision 1.84 / (download) - annotate - [select for diffs], Fri Jun 25 20:25:34 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.83: +6 -1 lines
Diff to previous 1.83 (colored)
Keynote policy checking can now be disabled by "-K" switch and config tag "Use-Keynote". Default is to use keynote. ok henning@ ho@
Revision 1.83 / (download) - annotate - [select for diffs], Sun Jun 20 17:17:35 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.82: +10 -12 lines
Diff to previous 1.82 (colored)
Make the payload array in struct message dynamic, since we need to handle payloads in the private range, such as the pre-RFC NAT-D/NAT-OA. Replace TAILQ_FIRST(&msg->payload[i]) instances with function calls.
Revision 1.82 / (download) - annotate - [select for diffs], Tue Jun 15 15:53:13 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.81: +4 -1 lines
Diff to previous 1.81 (colored)
also use MSG_AUTHENTICATED flag. ok ho@
Revision 1.81 / (download) - annotate - [select for diffs], Mon Jun 14 09:55:41 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.80: +389 -274 lines
Diff to previous 1.80 (colored)
KNF, style, 80c, etc. hshoexer@ ok
Revision 1.70.2.2 / (download) - annotate - [select for diffs], Fri Jun 11 03:08:02 2004 UTC (20 years ago) by brad
Branch: OPENBSD_3_4
Changes since 1.70.2.1: +7 -1 lines
Diff to previous 1.70.2.1 (colored) to branchpoint 1.70 (colored) next main 1.71 (colored)
MFC: Fix by hshoexer@ Mark authenticated messages explicitly. Better check for authentication before deleteing SAs. This fix is needed to solve the problems reported by Thomas Walpuski, previous diff was not sufficient. Pointed out by Thomas. Thanks!
Revision 1.75.2.1 / (download) - annotate - [select for diffs], Fri Jun 11 02:34:56 2004 UTC (20 years ago) by brad
Branch: OPENBSD_3_5
Changes since 1.75: +7 -1 lines
Diff to previous 1.75 (colored) next main 1.76 (colored)
MFC: Fix by hshoexer@ Mark authenticated messages explicitly. Better check for authentication before deleteing SAs. This fix is needed to solve the problems reported by Thomas Walpuski, previous diff was not sufficient. Pointed out by Thomas. Thanks!
Revision 1.80 / (download) - annotate - [select for diffs], Thu Jun 10 12:54:53 2004 UTC (20 years ago) by hshoexer
Branch: MAIN
Changes since 1.79: +7 -1 lines
Diff to previous 1.79 (colored)
Mark authenticated messages explicitly. Better check for authentication before deleteing SAs. This fix is needed to solve the problems reported by Thomas Walpuski, previous diff was not sufficient. Pointed out by Thomas. Thanks! ok ho@ niklas@, testing and spellcheck by todd@ msf@
Revision 1.79 / (download) - annotate - [select for diffs], Wed Jun 9 14:02:44 2004 UTC (20 years ago) by ho
Branch: MAIN
Changes since 1.78: +9 -9 lines
Diff to previous 1.78 (colored)
Style nits. hshoexer@ ok
Revision 1.78 / (download) - annotate - [select for diffs], Wed Apr 28 20:20:31 2004 UTC (20 years, 1 month ago) by hshoexer
Branch: MAIN
Changes since 1.77: +58 -58 lines
Diff to previous 1.77 (colored)
remove unused variable and shorten names of two other. Removed some spaces while around. ok ho@ markus@
Revision 1.77 / (download) - annotate - [select for diffs], Thu Apr 15 18:39:25 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.76: +1668 -1811 lines
Diff to previous 1.76 (colored)
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
Revision 1.76 / (download) - annotate - [select for diffs], Wed Apr 7 22:45:49 2004 UTC (20 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.75: +6 -5 lines
Diff to previous 1.75 (colored)
-Wsign-compare nits. hshoexer@ ok.
Revision 1.67.4.1 / (download) - annotate - [select for diffs], Wed Mar 17 15:05:03 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.67: +23 -7 lines
Diff to previous 1.67 (colored) next main 1.68 (colored)
MFC: Fix by hshoexer@ Fix payload handling flaws found by cloder@. Based on initial patch by cloder@. ok deraadt@ hshoexer@
Revision 1.70.2.1 / (download) - annotate - [select for diffs], Wed Mar 17 14:59:17 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.70: +23 -7 lines
Diff to previous 1.70 (colored)
MFC: Fix by hshoexer@ Fix payload handling flaws found by cloder@. Based on initial patch by cloder@. ok deraadt@ hshoexer@
Revision 1.75 / (download) - annotate - [select for diffs], Fri Feb 27 10:16:26 2004 UTC (20 years, 3 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)
(C)-2004
Revision 1.74 / (download) - annotate - [select for diffs], Fri Feb 27 09:01:18 2004 UTC (20 years, 3 months ago) by ho
Branch: MAIN
Changes since 1.73: +19 -1 lines
Diff to previous 1.73 (colored)
Follow RFC 2408 more closely regarding how to better check the proposal returned by the other peer (the responder). Some implementations (notably the Cisco PIX) does not follow a SHOULD in section 4.2 of the RFC. With certain proposal combinations this caused us to setup the wrong SA resulting in us being unable to process incoming IPsec traffic (over this tunnel). Tested against a number of different IKE implementations. hshoexer@ ok.
Revision 1.73 / (download) - annotate - [select for diffs], Fri Feb 20 11:31:10 2004 UTC (20 years, 3 months ago) by hshoexer
Branch: MAIN
Changes since 1.72: +7 -8 lines
Diff to previous 1.72 (colored)
More small adjustments of log messages.
Revision 1.72 / (download) - annotate - [select for diffs], Fri Feb 20 09:46:56 2004 UTC (20 years, 3 months ago) by hshoexer
Branch: MAIN
Changes since 1.71: +23 -7 lines
Diff to previous 1.71 (colored)
Fix some double free errors. While around, adjust a log message. ok ho@
Revision 1.71 / (download) - annotate - [select for diffs], Fri Jan 16 10:51:57 2004 UTC (20 years, 4 months ago) by hshoexer
Branch: MAIN
Changes since 1.70: +7 -1 lines
Diff to previous 1.70 (colored)
Added -v option. Enables logging of successful exchange completion. ok ho@
Revision 1.70 / (download) - annotate - [select for diffs], Tue Jun 10 16:41:29 2003 UTC (21 years ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)
boring cleanups
Revision 1.69 / (download) - annotate - [select for diffs], Wed Jun 4 07:31:16 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.68: +1 -6 lines
Diff to previous 1.68 (colored)
Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos D. Keromytis and Niels Provos.
Revision 1.68 / (download) - annotate - [select for diffs], Tue Jun 3 12:51:39 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.67: +3 -3 lines
Diff to previous 1.67 (colored)
Cleanup. Use 'sizeof variable' instead of magic constants.
Revision 1.67 / (download) - annotate - [select for diffs], Wed Sep 11 09:50:43 2002 UTC (21 years, 9 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_2_BASE,
OPENBSD_3_2
Branch point for: OPENBSD_3_3
Changes since 1.66: +9 -7 lines
Diff to previous 1.66 (colored)
signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.
Revision 1.66 / (download) - annotate - [select for diffs], Fri Jun 14 12:43:11 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.65: +6 -1 lines
Diff to previous 1.65 (colored)
Recognize the ECN_TUNNEL attribute.
Revision 1.65 / (download) - annotate - [select for diffs], Tue Jun 11 18:56:07 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.64: +87 -62 lines
Diff to previous 1.64 (colored)
Various IPComp-related mods
Revision 1.64 / (download) - annotate - [select for diffs], Mon Jun 10 20:45:35 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.63: +2 -6 lines
Diff to previous 1.63 (colored)
Zap a few remaining libkeynote refs.
Revision 1.63 / (download) - annotate - [select for diffs], Mon Jun 10 18:08:58 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.62: +20 -23 lines
Diff to previous 1.62 (colored)
The dlopen() stuff goes away.
Revision 1.62 / (download) - annotate - [select for diffs], Fri Jun 7 21:59:22 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.61: +2 -1 lines
Diff to previous 1.61 (colored)
Avoid some gcc3 warnings. From David Krause <openbsd@davidkrause.com>
Revision 1.61 / (download) - annotate - [select for diffs], Thu Jun 6 02:15:27 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.60: +23 -17 lines
Diff to previous 1.60 (colored)
Style, and a few additional format/type mods.
Revision 1.60 / (download) - annotate - [select for diffs], Sat Jun 1 07:44:21 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.59: +74 -66 lines
Diff to previous 1.59 (colored)
size_t must be cast to (unsigned long) and printed using %lu
Revision 1.59 / (download) - annotate - [select for diffs], Wed Mar 6 09:43:08 2002 UTC (22 years, 3 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.58: +3 -3 lines
Diff to previous 1.58 (colored)
Unbreak MD5 and SHA1 passphrases in policy check. From <chris@stallion.oz.au>.
Revision 1.58 / (download) - annotate - [select for diffs], Wed Jan 23 18:44:47 2002 UTC (22 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.57: +10 -10 lines
Diff to previous 1.57 (colored)
the last few sprintf -> snprintf
Revision 1.57 / (download) - annotate - [select for diffs], Wed Jan 23 17:16:42 2002 UTC (22 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.56: +17 -18 lines
Diff to previous 1.56 (colored)
strcpy->strlcpy
Revision 1.56 / (download) - annotate - [select for diffs], Fri Oct 26 12:03:07 2001 UTC (22 years, 7 months ago) by ho
Branch: MAIN
Changes since 1.55: +16 -16 lines
Diff to previous 1.55 (colored)
Just rename sockaddr_data/len functions to sockaddr_addrdata/addrlen.
Revision 1.55 / (download) - annotate - [select for diffs], Fri Oct 5 05:57:06 2001 UTC (22 years, 8 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.54: +3 -3 lines
Diff to previous 1.54 (colored)
Some more debug level fixes.
Revision 1.54 / (download) - annotate - [select for diffs], Wed Aug 15 13:06:53 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
Some more style...
Revision 1.53 / (download) - annotate - [select for diffs], Sun Jul 1 20:11:53 2001 UTC (22 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.52: +65 -58 lines
Diff to previous 1.52 (colored)
More Style police, but also sane checking of address family vs stated ID-type.
Revision 1.52 / (download) - annotate - [select for diffs], Fri Jun 29 18:52:16 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.51: +6 -9 lines
Diff to previous 1.51 (colored)
Change get_src/get_dst API as we get the length with sa_len.
Revision 1.51 / (download) - annotate - [select for diffs], Fri Jun 29 17:59:34 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)
Be consistent.
Revision 1.50 / (download) - annotate - [select for diffs], Wed Jun 27 00:16:30 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.49: +90 -50 lines
Diff to previous 1.49 (colored)
IPv6. Also avoid a couple of mem leaks.
Revision 1.49 / (download) - annotate - [select for diffs], Thu Jun 7 04:45:42 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.48: +1 -26 lines
Diff to previous 1.48 (colored)
Get rid of useless x509_policy_asserts[]
Revision 1.48 / (download) - annotate - [select for diffs], Thu May 31 20:27:50 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.47: +22 -25 lines
Diff to previous 1.47 (colored)
Store/retrieve the right information in terms of keys.
Revision 1.38.2.1 / (download) - annotate - [select for diffs], Tue May 8 12:45:23 2001 UTC (23 years, 1 month ago) by ho
Branch: OPENBSD_2_8
Changes since 1.38: +219 -130 lines
Diff to previous 1.38 (colored) next main 1.39 (colored)
Pull in isakmpd from 2.9 to 2.8 branch.
Revision 1.47 / (download) - annotate - [select for diffs], Mon Apr 9 12:34:37 2001 UTC (23 years, 2 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9
Changes since 1.46: +6 -6 lines
Diff to previous 1.46 (colored)
Style police a'la niklas@.
Revision 1.46 / (download) - annotate - [select for diffs], Tue Mar 13 14:05:18 2001 UTC (23 years, 3 months ago) by ho
Branch: MAIN
Changes since 1.45: +80 -75 lines
Diff to previous 1.45 (colored)
Add logging classes for Negotiation and Policy, and change a number of debug messages to use these instead. Change a number of 'log_print' to debug messages to keep the noise down. Use 'log_error' instead of 'log_print' in some cases when we have errno. Some indentation fixes. (niklas@ ok)
Revision 1.45 / (download) - annotate - [select for diffs], Mon Feb 19 16:58:04 2001 UTC (23 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.44: +49 -24 lines
Diff to previous 1.44 (colored)
passphrase-md5-hex: and passphrase-sha1-hex: formats for passphrases.
Revision 1.44 / (download) - annotate - [select for diffs], Thu Feb 8 22:37:34 2001 UTC (23 years, 4 months ago) by angelos
Branch: MAIN
Changes since 1.43: +2 -1 lines
Diff to previous 1.43 (colored)
Add debug printf.
Revision 1.43 / (download) - annotate - [select for diffs], Sat Jan 27 12:03:33 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.42: +4 -4 lines
Diff to previous 1.42 (colored)
(c) 2001
Revision 1.42 / (download) - annotate - [select for diffs], Fri Jan 26 12:12:51 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.41: +16 -10 lines
Diff to previous 1.41 (colored)
Pedantic style police
Revision 1.41 / (download) - annotate - [select for diffs], Fri Jan 26 11:08:43 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.40: +6 -4 lines
Diff to previous 1.40 (colored)
Merge with EOM 1.139 author: niklas Remove blank line author: ho Print warning with log_print, not log_error. author: ho Report if doi->get_spi() fails.
Revision 1.40 / (download) - annotate - [select for diffs], Sun Jan 14 23:09:11 2001 UTC (23 years, 4 months ago) by angelos
Branch: MAIN
Changes since 1.39: +35 -35 lines
Diff to previous 1.39 (colored)
Do the HASH verification before handling the SA payload.
Revision 1.39 / (download) - annotate - [select for diffs], Wed Jan 10 18:16:26 2001 UTC (23 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.38: +52 -2 lines
Diff to previous 1.38 (colored)
If only the Remote-ID is specified for a Phase 2 configuration, use our address for Local-ID; useful for road-warrior scenarios (adrian@lion.aba.net.au)
Revision 1.38 / (download) - annotate - [select for diffs], Mon Oct 16 23:29:07 2000 UTC (23 years, 7 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.37: +13 -8 lines
Diff to previous 1.37 (colored)
Merge with EOM 1.135 author: provos better referencing. okay niklas@ author: angelos Eliminate bogus freeing of static variable.
Revision 1.37 / (download) - annotate - [select for diffs], Sat Oct 7 07:01:19 2000 UTC (23 years, 8 months ago) by niklas
Branch: MAIN
Changes since 1.36: +89 -26 lines
Diff to previous 1.36 (colored)
Merge with EOM 1.133 author: niklas style and < that should be <= author: angelos If the initiator does not propose a Phase 2 ID, use the local/peer addresses as implicit IDs; this was supported on the responder side, but weirdly enough not on the initiator. Reported by itojun@ author: angelos Handle 32-bit lifetimes (in generating them). author: ho (c)-2000 author: provos style as pointed out by the code style pedant. author: provos proper reference counting for isakmp_sa in struct message, remove bogus calls to sa_reference; fix some more memory leaks in conf.c
Revision 1.36 / (download) - annotate - [select for diffs], Thu Aug 3 07:23:44 2000 UTC (23 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.35: +18 -14 lines
Diff to previous 1.35 (colored)
Merge with EOM 1.127 author: angelos Be careful when there's no assertions.
Revision 1.34.2.1 / (download) - annotate - [select for diffs], Sat Jun 10 17:22:57 2000 UTC (24 years ago) by jason
Branch: OPENBSD_2_7
Changes since 1.34: +6 -1 lines
Diff to previous 1.34 (colored) next main 1.35 (colored)
Pull in patch: Errata (009): A serious bug in isakmpd(8) policy handling wherein policy verification could be completely bypassed in isakmpd. Fix (angelos): Fix bug that resulted in bypass of policy verification of proposed SAs.
Revision 1.35 / (download) - annotate - [select for diffs], Thu Jun 8 20:50:16 2000 UTC (24 years ago) by niklas
Branch: MAIN
Changes since 1.34: +193 -64 lines
Diff to previous 1.34 (colored)
Merge with EOM 1.126 author: angelos Be a bit more verbose when printing policy results. author: angelos Correct environment cleanup. author: angelos Different policy/Keynote sessions per Phase 1 SA. author: angelos &&, not || author: angelos Begin support for KeyNote credentials exchanged.
Revision 1.34 / (download) - annotate - [select for diffs], Fri Apr 7 22:05:19 2000 UTC (24 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.33: +16 -5 lines
Diff to previous 1.33 (colored)
Merge with EOM 1.121 author: niklas log_fatal is only OK during initialization author: ho Missing #ifdef USE_X509 added author: ho typo author: ho Add #ifdef USE_X509
Revision 1.33 / (download) - annotate - [select for diffs], Fri Feb 25 17:22:22 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.32: +112 -107 lines
Diff to previous 1.32 (colored)
Merge with EOM 1.117 author: angelos Move the check after we get rid of the unused protos. author: niklas Made debug logging a compile time selectable feature
Revision 1.32 / (download) - annotate - [select for diffs], Sat Feb 19 19:31:32 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.31: +16 -14 lines
Diff to previous 1.31 (colored)
Makefile: Merge with EOM 1.61 crypto.c: Merge with EOM 1.27 exchange.c: Merge with EOM 1.115 ike_quick_mode.c: Merge with EOM 1.115 x509.c: Merge with EOM 1.35 features/ec: Merge with EOM 1.1 features/aggressive: Merge with EOM 1.1 features/policy: Merge with EOM 1.1 features/x509: Merge with EOM 1.1 author: niklas Allow isakmpd builders to remove optional parts and save bytes.
Revision 1.31 / (download) - annotate - [select for diffs], Sat Feb 12 09:21:23 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.30: +8 -4 lines
Diff to previous 1.30 (colored)
Merge with EOM 1.114 author: angelos Bad typo, the check should be inverted. Also, add a NOTIFY message being sent to the Responder if policy check fails at the initiator (and print a log message).
Revision 1.30 / (download) - annotate - [select for diffs], Fri Feb 11 10:21:28 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.29: +58 -48 lines
Diff to previous 1.29 (colored)
Merge with EOM 1.113 author: angelos Rename the "CN:" tag to "DN:", after Jorgen's suggestion. author: angelos Do a policy check on the Initiator, when notified by the Responder on the SA selection. For efficiency, we should replicate this check on the first message sent by the Initiator (so we only send proposals we know we'll eventually accept).
Revision 1.29 / (download) - annotate - [select for diffs], Mon Feb 7 01:32:54 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.28: +34 -11 lines
Diff to previous 1.28 (colored)
ike_quick_mode.c: Merge with EOM 1.111 libcrypto.c: Merge with EOM 1.11 libcrypto.h: Merge with EOM 1.11 x509.c: Merge with EOM 1.33 author: angelos Add Canonical Names as policy targets (so they can be specified in the Licensees field), with the "CN:..." format.
Revision 1.28 / (download) - annotate - [select for diffs], Tue Feb 1 02:46:17 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.27: +3 -2 lines
Diff to previous 1.27 (colored)
apps/certpatch/certpatch.8: Merge with EOM 1.4 apps/certpatch/certpatch.c: Merge with EOM 1.6 exchange.c: Merge with EOM 1.114 ike_quick_mode.c: Merge with EOM 1.110 ike_phase_1.c: Merge with EOM 1.16 ike_auth.c: Merge with EOM 1.41 ike_aggressive.c: Merge with EOM 1.4 libcrypto.c: Merge with EOM 1.10 libcrypto.h: Merge with EOM 1.10 isakmpd.8: Merge with EOM 1.19 isakmpd.c: Merge with EOM 1.42 ipsec.h: Merge with EOM 1.40 init.c: Merge with EOM 1.22 message.c: Merge with EOM 1.143 message.h: Merge with EOM 1.49 sa.c: Merge with EOM 1.98 sa.h: Merge with EOM 1.54 policy.c: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.36 x509.c: Merge with EOM 1.32 x509.h: Merge with EOM 1.9 udp.c: Merge with EOM 1.46 author: niklas Angelos copyrights
Revision 1.27 / (download) - annotate - [select for diffs], Mon Jan 31 08:38:28 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.26: +3 -3 lines
Diff to previous 1.26 (colored)
ike_quick_mode.c: Merge with EOM 1.109 isakmpd.conf.5: Merge with EOM 1.38 message.c: Merge with EOM 1.142 pf_key_v2.c: Merge with EOM 1.35 x509.c: Merge with EOM 1.31 author: niklas (c) 2000
Revision 1.26 / (download) - annotate - [select for diffs], Sun Jan 30 21:01:49 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.25: +9 -8 lines
Diff to previous 1.25 (colored)
Merge with EOM 1.108 author: niklas style
Revision 1.25 / (download) - annotate - [select for diffs], Sun Jan 30 20:52:20 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.24: +22 -4 lines
Diff to previous 1.24 (colored)
Merge with EOM 1.107 author: angelos Fix part of the problem with X509 certificates (delegating to the CA isn't working yet, but I know where the problem is -- upcoming commit later today).
Revision 1.24 / (download) - annotate - [select for diffs], Wed Jan 26 15:22:02 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.23: +23 -7 lines
Diff to previous 1.23 (colored)
Merge with EOM 1.106 date: 2000/01/24 22:55:46; author: angelos; state: Exp; lines: +2 -2 Fix typo. date: 2000/01/24 16:48:42; author: ho; state: Exp; lines: +12 -2 Log when check_policy() returns failure. (bitten by keynote once too often... sigh) author: angelos Typo. author: angelos Passphrases are encoded as "passphrase:xxxx" now, to distinguish between passphrases and logic labels. author: angelos Oops on previous PFS-policy patch. Small fixes in the manpages. author: angelos Include files, in anticipation of the keynote.h changes.
Revision 1.23 / (download) - annotate - [select for diffs], Tue Oct 26 22:32:28 1999 UTC (24 years, 7 months ago) by angelos
Branch: MAIN
Changes since 1.22: +3 -1 lines
Diff to previous 1.22 (colored)
sync with latest libkeynote (include file changes only)
Revision 1.22 / (download) - annotate - [select for diffs], Fri Oct 1 14:07:16 1999 UTC (24 years, 8 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.21: +22 -5 lines
Diff to previous 1.21 (colored)
Merge with EOM 1.100 author: niklas AUTHENTICATION_ALGORITHM is a must in AH transforms. Better error reporting. author: ho More debugging output. author: angelos Remove evil experimental code, fix off-by-1 buffer allocation.
Revision 1.21 / (download) - annotate - [select for diffs], Thu Aug 26 22:30:21 1999 UTC (24 years, 9 months ago) by niklas
Branch: MAIN
Changes since 1.20: +101 -45 lines
Diff to previous 1.20 (colored)
Merge with EOM 1.97 author: niklas Support dynamic loading of libkeynote too. Build isakmpd static by default. Stylistic cleanup of keynote policy code. Correct some libcrypto calls. author: ho We want the exchange name if it's one of our (passive) connections. author: angelos Warning about RSA-specific code. author: angelos Complete policy work; tested for the shared-key case. Documentation needed.
Revision 1.20 / (download) - annotate - [select for diffs], Thu Aug 5 22:42:04 1999 UTC (24 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.19: +23 -3 lines
Diff to previous 1.19 (colored)
Merge with EOM 1.93 author: niklas Fix no ID in QM, when acting as responder, bug author: niklas Fix bad size computation in last commit author: niklas Make ID-less QM really work. Forgot to allocate space for the fake ID payloads.
Revision 1.19 / (download) - annotate - [select for diffs], Wed Jul 7 22:09:54 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.18: +160 -61 lines
Diff to previous 1.18 (colored)
exchange.h: Merge with EOM 1.25 ike_quick_mode.c: Merge with EOM 1.90 init.c: Merge with EOM 1.15 author: ho Add keynote policy support (with USE_KEYNOTE). angelos@openbsd.org
Revision 1.18 / (download) - annotate - [select for diffs], Sat Jun 5 23:09:21 1999 UTC (25 years ago) by niklas
Branch: MAIN
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
Merge with EOM 1.89 author: ho Remove early variable initialization.
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jun 2 06:30:39 1999 UTC (25 years ago) by niklas
Branch: MAIN
Changes since 1.16: +116 -87 lines
Diff to previous 1.16 (colored)
Merge with EOM 1.88 author: niklas Some extra error checking, documentation and style wrt connections author: niklas Some more #if 0 stuff for passive connections author: niklas Error handling looked over. Some restructuring of ID checks, but still no coupling to names.
Revision 1.16 / (download) - annotate - [select for diffs], Sun May 2 19:20:32 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.15: +17 -68 lines
Diff to previous 1.15 (colored)
BUGS: Merge with EOM 1.31 doi.h: Merge with EOM 1.27 ike_auth.c: Merge with EOM 1.30 ike_quick_mode.c: Merge with EOM 1.85 ipsec.c: Merge with EOM 1.107 ipsec.h: Merge with EOM 1.36 isakmp_doi.c: Merge with EOM 1.39 author: niklas Factor out keyed hashing of all payloads with SKEYID_a, and make DOI hooks for informational exchanges to add such hashing. Use it from QM and the IKE authentication module too. Remove some bogus XXX comments. Add error reporting
Revision 1.15 / (download) - annotate - [select for diffs], Fri Apr 30 11:46:24 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.14: +8 -8 lines
Diff to previous 1.14 (colored)
ike_phase_1.c: Merge with EOM 1.3 ike_quick_mode.c: Merge with EOM 1.84 message.h: Merge with EOM 1.46 author: niklas New message_drop API. Generate real INVALID_COOKIE notification. Generate informational exchanges in phase 1 too. Really get these messages to the wire
Revision 1.14 / (download) - annotate - [select for diffs], Tue Apr 27 21:04:07 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.13: +2 -5 lines
Diff to previous 1.13 (colored)
Merge with EOM 1.83 author: niklas Do not hold on to the exchange for post quick mode, it will be there.
Revision 1.13 / (download) - annotate - [select for diffs], Mon Apr 19 21:22:49 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.12: +11 -5 lines
Diff to previous 1.12 (colored)
./regress/x509/x509test.c: Merge with EOM 1.4 ./dh.h: Merge with EOM 1.4 ./math_ec2n.c: Merge with EOM 1.8 ./crypto.c: Merge with EOM 1.25 ./ike_quick_mode.c: Merge with EOM 1.82 ./math_group.c: Merge with EOM 1.16 ./math_ec2n.h: Merge with EOM 1.4 Style. alloc error reporting. Math error propagation. Allocate right sizes.
Revision 1.12 / (download) - annotate - [select for diffs], Tue Apr 6 17:08:53 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.11: +5 -7 lines
Diff to previous 1.11 (colored)
Merge with EOM 1.81 Too much removed in last commit Actually save the DH values in inititor mode Non-PFS case for initiators bailed out wrongly.
Revision 1.11 / (download) - annotate - [select for diffs], Mon Apr 5 20:58:52 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.10: +198 -60 lines
Diff to previous 1.10 (colored)
Merge with EOM 1.78 clear pointer when what is pointed to is freed Fix PFS in initator mode. Improve commentary. Some more error reporting. GC proto structures if we bail out on a message. Never free twice. Error handling of group allocation. Memory alloc. error reporting. Mem leak plugging.
Revision 1.10 / (download) - annotate - [select for diffs], Sat Apr 3 09:14:52 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.9: +6 -3 lines
Diff to previous 1.9 (colored)
Merge with EOM 1.74 refcount the exchange when delayed processing is scheduled for QM 1999 copyrights
Revision 1.9 / (download) - annotate - [select for diffs], Wed Mar 31 20:29:57 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.8: +5 -2 lines
Diff to previous 1.8 (colored)
Merge with EOM 1.72 Use SA refcounting where needed
Revision 1.8 / (download) - annotate - [select for diffs], Wed Mar 31 14:28:34 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)
Merge with EOM 1.71 Fix comment
Revision 1.7 / (download) - annotate - [select for diffs], Wed Mar 31 00:50:21 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.6: +9 -7 lines
Diff to previous 1.6 (colored)
Merge with EOM 1.70 Do not deref after free, thanks ElectricFence
Revision 1.6 / (download) - annotate - [select for diffs], Fri Feb 26 03:42:30 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.5: +17 -9 lines
Diff to previous 1.5 (colored)
Merge from the Ericsson repository | revision 1.69 | date: 1999/02/25 11:39:04; author: niklas; state: Exp; lines: +3 -1 | include sysdep.h everywhere | ---------------------------- | revision 1.68 | date: 1999/02/25 11:09:36; author: niklas; state: Exp; lines: +7 -6 | Make conf_get_num take a default value to give back when tag does not exist | ---------------------------- | revision 1.67 | date: 1999/02/25 10:21:30; author: niklas; state: Exp; lines: +2 -2 | Replay window changes was done at the wrong level | ---------------------------- | revision 1.66 | date: 1999/02/25 09:30:23; author: niklas; state: Exp; lines: +5 -1 | Replay protection window configurable | ---------------------------- | revision 1.65 | date: 1999/02/14 00:07:24; author: niklas; state: Exp; lines: +4 -3 | Clarify which SPI we are setting up | ----------------------------
Revision 1.5 / (download) - annotate - [select for diffs], Mon Dec 21 01:02:24 1998 UTC (25 years, 5 months ago) by niklas
Branch: MAIN
Changes since 1.4: +150 -15 lines
Diff to previous 1.4 (colored)
Last months worth of work on isakmpd, lots done
Revision 1.4 / (download) - annotate - [select for diffs], Fri Nov 20 07:37:44 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.3: +4 -4 lines
Diff to previous 1.3 (colored)
Use new message_negotiate_sa API
Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 17 11:10:13 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Add RCS Ids from the EOM repository
Revision 1.2 / (download) - annotate - [select for diffs], Sun Nov 15 00:43:55 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
openBSD RCS IDs
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Nov 15 00:03:48 1998 UTC (25 years, 7 months ago) by niklas
Branch: NIKLAS
CVS Tags: NIKLAS_981114
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Initial import of isakmpd, an IKE (ISAKMP/Oakley) implementation for the OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by Ericsson Radio Systems. It is not yet complete or usable in a real scenario but the missing pieces will soon be there. The early commit is for people who wants early access and who are not afraid of looking at source. isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so far, so it is not that incomplete. It is really mostly configuration that is lacking.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Nov 15 00:03:48 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Initial revision