![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.44 / (download) - annotate - [select for diffs], Wed Oct 13 16:56:30 2021 UTC (2 years, 7 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
HEAD
Changes since 1.43: +1 -2 lines
Diff to previous 1.43 (colored)
isakmpd: remove libcrypto.c All this does is a call to OpenSSL_add_all_algorithms(), which is no longer needed since libbcrypto initializes itself. ok bluhm sthen (part of a larger diff)
Revision 1.43 / (download) - annotate - [select for diffs], Mon Jan 15 09:54:48 2018 UTC (6 years, 4 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.42: +4 -4 lines
Diff to previous 1.42 (colored)
Spacing, no object change.
Revision 1.42 / (download) - annotate - [select for diffs], Thu Jan 4 14:21:00 2018 UTC (6 years, 5 months ago) by mpi
Branch: MAIN
Changes since 1.41: +4 -4 lines
Diff to previous 1.41 (colored)
space -> tab No object change.
Revision 1.41 / (download) - annotate - [select for diffs], Wed Apr 24 13:46:09 2013 UTC (11 years, 1 month ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7,
OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.40: +1 -7 lines
Diff to previous 1.40 (colored)
remove old backwards random junk ok mikeb
Revision 1.40 / (download) - annotate - [select for diffs], Tue Jun 29 19:50:16 2010 UTC (13 years, 11 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the smaller implementation from iked that is using libcrypto instead. This allows to remove a lot of code (which is always good), get rid of some custom crypto code by using libcrypto, theoretically adds support for many new MODP and EC2N/ECP modes (but it is not configurable yet), and allows to share the dh.c/dh.h code in different codebases (it is identical in isakmpd and iked, but could also be used elsewhere). ok deraadt@
Revision 1.39 / (download) - annotate - [select for diffs], Sun Jul 2 13:19:00 2006 UTC (17 years, 11 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.38: +3 -1 lines
Diff to previous 1.38 (colored)
Let isakmpd send out a vendor ID announcing isamkpds release version. Will be handy for release specific bug fixes, etc. Suggested by markus@ quite some time ago. ok markus@
Revision 1.38 / (download) - annotate - [select for diffs], Mon Mar 20 16:43:22 2006 UTC (18 years, 2 months ago) by hshoexer
Branch: MAIN
Changes since 1.37: +1 -2 lines
Diff to previous 1.37 (colored)
make sure the command fifo is ready before isakmpd returns. This resolves a startup race when interacting with ipsecctl. Suggested by and discussed with moritz@ ok moritz@
Revision 1.37 / (download) - annotate - [select for diffs], Thu May 26 05:14:17 2005 UTC (19 years ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.36: +1 -2 lines
Diff to previous 1.36 (colored)
get rid of payload mapping ok markus ho cloder
Revision 1.36 / (download) - annotate - [select for diffs], Fri Apr 8 22:32:10 2005 UTC (19 years, 2 months ago) by cloder
Branch: MAIN
Changes since 1.35: +3 -3 lines
Diff to previous 1.35 (colored)
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
Revision 1.35 / (download) - annotate - [select for diffs], Fri Apr 8 17:15:01 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.34: +1 -7 lines
Diff to previous 1.34 (colored)
keynote and policy always compiled in
Revision 1.34 / (download) - annotate - [select for diffs], Fri Apr 8 16:37:14 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.33: +1 -5 lines
Diff to previous 1.33 (colored)
nat-traversal always
Revision 1.33 / (download) - annotate - [select for diffs], Fri Sep 17 13:46:34 2004 UTC (19 years, 8 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.32: +3 -1 lines
Diff to previous 1.32 (colored)
#include <stdlib.h> for srandom().
Revision 1.32 / (download) - annotate - [select for diffs], Fri Jun 25 00:58:39 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.31: +3 -2 lines
Diff to previous 1.31 (colored)
Narrow down privsep interface. Remove ui_init to monitor. So we can get rid of monitor_mkfifo. Work in progress. ok ho@
Revision 1.31 / (download) - annotate - [select for diffs], Sun Jun 20 17:17:35 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.30: +2 -1 lines
Diff to previous 1.30 (colored)
Make the payload array in struct message dynamic, since we need to handle payloads in the private range, such as the pre-RFC NAT-D/NAT-OA. Replace TAILQ_FIRST(&msg->payload[i]) instances with function calls.
Revision 1.30 / (download) - annotate - [select for diffs], Sun Jun 20 15:24:05 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.29: +17 -6 lines
Diff to previous 1.29 (colored)
NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok.
Revision 1.29 / (download) - annotate - [select for diffs], Thu Apr 15 18:39:25 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.28: +64 -64 lines
Diff to previous 1.28 (colored)
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
Revision 1.28 / (download) - annotate - [select for diffs], Thu Apr 8 10:05:54 2004 UTC (20 years, 2 months ago) by hshoexer
Branch: MAIN
Changes since 1.27: +1 -6 lines
Diff to previous 1.27 (colored)
Set timezone before privsep, child uses now correct timezone. Noticed by david@ ok ho@ david@
Revision 1.27 / (download) - annotate - [select for diffs], Wed Feb 25 16:01:28 2004 UTC (20 years, 3 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.26: +6 -1 lines
Diff to previous 1.26 (colored)
Add and document configuration options Logverbose and Loglevel. As log.c now depends on conf.c and some regression tests use log.c, add conf.c to Makefiles where necessary. ok ho@
Revision 1.26 / (download) - annotate - [select for diffs], Sat Nov 8 19:17:28 2003 UTC (20 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
typos from Jonathon Gray;
Revision 1.25 / (download) - annotate - [select for diffs], Wed Jun 4 07:31:16 2003 UTC (21 years ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.24: +1 -6 lines
Diff to previous 1.24 (colored)
Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos D. Keromytis and Niels Provos.
Revision 1.24 / (download) - annotate - [select for diffs], Tue Jun 3 14:28:16 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.23: +2 -1 lines
Diff to previous 1.23 (colored)
Remove clauses 3 and 4. With approval from Niklas Hallqvist and Niels Provos.
Revision 1.23 / (download) - annotate - [select for diffs], Sun May 18 20:46:29 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)
Style tweak.
Revision 1.22 / (download) - annotate - [select for diffs], Fri May 16 20:31:15 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.21: +3 -2 lines
Diff to previous 1.21 (colored)
If the "Renegotiate-on-HUP" tag is defined in the [General] section, a HUP signal (or "R" to the FIFO) will also renegotiate all Phase 2 SAs, i.e all connections. ok niklas@, tested and ok kjell@.
Revision 1.21 / (download) - annotate - [select for diffs], Thu May 15 00:28:53 2003 UTC (21 years, 1 month ago) by ho
Branch: MAIN
Changes since 1.20: +1 -2 lines
Diff to previous 1.20 (colored)
Start of privilege separation for isakmpd. There are some kinks left, so keep it default disabled for now. markus@ says ok to commit.
Revision 1.20 / (download) - annotate - [select for diffs], Wed Aug 7 13:19:20 2002 UTC (21 years, 10 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3,
OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.19: +3 -1 lines
Diff to previous 1.19 (colored)
A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>. Some style mods, and checks added for OpenSSL version 0.9.7 or later. Currently CRLs are not supported for earlier versions. Manual pages updated.
Revision 1.19 / (download) - annotate - [select for diffs], Mon Jun 10 18:08:58 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.18: +1 -4 lines
Diff to previous 1.18 (colored)
The dlopen() stuff goes away.
Revision 1.18 / (download) - annotate - [select for diffs], Mon Dec 10 03:34:51 2001 UTC (22 years, 6 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.17: +53 -1 lines
Diff to previous 1.17 (colored)
Add UI option 'R' to trigger isakmpd reinit (same as SIGHUP).
Revision 1.17 / (download) - annotate - [select for diffs], Fri Jul 6 14:37:11 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)
Style.
Revision 1.16 / (download) - annotate - [select for diffs], Mon Jun 25 00:00:44 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.15: +1 -3 lines
Diff to previous 1.15 (colored)
Handle responder cookies same as initiator cookies.
Revision 1.15 / (download) - annotate - [select for diffs], Fri Apr 7 22:05:08 2000 UTC (24 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9,
OPENBSD_2_8_BASE,
OPENBSD_2_8,
OPENBSD_2_7_BASE,
OPENBSD_2_7
Changes since 1.14: +4 -2 lines
Diff to previous 1.14 (colored)
init.c: Merge with EOM 1.25 log.h: Merge with EOM 1.19 author: ho Add log_init().
Revision 1.14 / (download) - annotate - [select for diffs], Sat Feb 19 19:32:53 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.13: +5 -5 lines
Diff to previous 1.13 (colored)
cert.c: Merge with EOM 1.14 ike_auth.c: Merge with EOM 1.43 ike_phase_1.c: Merge with EOM 1.21 init.c: Merge with EOM 1.24 ipsec.c: Merge with EOM 1.117 isakmpd.c: Merge with EOM 1.44 math_group.c: Merge with EOM 1.22 author: niklas Copyright 2000 author: niklas Allow isakmpd builders to remove optional parts and save bytes.
Revision 1.13 / (download) - annotate - [select for diffs], Tue Feb 1 02:46:18 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.12: +3 -2 lines
Diff to previous 1.12 (colored)
apps/certpatch/certpatch.8: Merge with EOM 1.4 apps/certpatch/certpatch.c: Merge with EOM 1.6 exchange.c: Merge with EOM 1.114 ike_quick_mode.c: Merge with EOM 1.110 ike_phase_1.c: Merge with EOM 1.16 ike_auth.c: Merge with EOM 1.41 ike_aggressive.c: Merge with EOM 1.4 libcrypto.c: Merge with EOM 1.10 libcrypto.h: Merge with EOM 1.10 isakmpd.8: Merge with EOM 1.19 isakmpd.c: Merge with EOM 1.42 ipsec.h: Merge with EOM 1.40 init.c: Merge with EOM 1.22 message.c: Merge with EOM 1.143 message.h: Merge with EOM 1.49 sa.c: Merge with EOM 1.98 sa.h: Merge with EOM 1.54 policy.c: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.36 x509.c: Merge with EOM 1.32 x509.h: Merge with EOM 1.9 udp.c: Merge with EOM 1.46 author: niklas Angelos copyrights
Revision 1.12 / (download) - annotate - [select for diffs], Mon Jan 31 08:19:05 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.11: +8 -8 lines
Diff to previous 1.11 (colored)
Merge with EOM 1.21 author: angelos Remove empty line. author: angelos Change the order of initializing x509 and policy (x509 depends on policy).
Revision 1.11 / (download) - annotate - [select for diffs], Wed Jan 26 15:21:08 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.10: +5 -2 lines
Diff to previous 1.10 (colored)
isakmpd.c: Merge with EOM 1.39 init.c: Merge with EOM 1.19 author: angelos GMTTimeOfDay and LocalTimeOfDay attributes, comment in x509.c.
Revision 1.10 / (download) - annotate - [select for diffs], Thu Aug 26 22:30:58 1999 UTC (24 years, 9 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.9: +7 -5 lines
Diff to previous 1.9 (colored)
Merge with EOM 1.18 author: niklas Support dynamic loading of libkeynote too. Build isakmpd static by default. Stylistic cleanup of keynote policy code. Correct some libcrypto calls. author: niklas Add support for dynamic loading of optional facilities, libcrypto first.
Revision 1.9 / (download) - annotate - [select for diffs], Sat Jul 17 21:54:39 1999 UTC (24 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.8: +6 -2 lines
Diff to previous 1.8 (colored)
regress/rsakeygen/Makefile: Merge with EOM 1.4 regress/rsakeygen/rsakeygen.c: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.6 regress/x509/x509test.c: Merge with EOM 1.6 regress/Makefile: Merge with EOM 1.8 samples/VPN-east.conf: Merge with EOM 1.6 samples/VPN-west.conf: Merge with EOM 1.6 samples/singlehost-east.conf: Merge with EOM 1.3 samples/singlehost-west.conf: Merge with EOM 1.3 sysdep/openbsd/Makefile.sysdep: Merge with EOM 1.5 x509.h: Merge with EOM 1.6 x509.c: Merge with EOM 1.17 DESIGN-NOTES: Merge with EOM 1.46 Makefile: Merge with EOM 1.55 cert.c: Merge with EOM 1.11 cert.h: Merge with EOM 1.6 exchange.c: Merge with EOM 1.109 exchange.h: Merge with EOM 1.26 ike_auth.c: Merge with EOM 1.32 ike_phase_1.c: Merge with EOM 1.7 init.c: Merge with EOM 1.16 isakmpd.conf.5: Merge with EOM 1.27 README.PKI: Merge with EOM 1.1 author: niklas From Niels Provos, edited by me: certificate support using SSLeay
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jul 7 22:09:54 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.7: +11 -2 lines
Diff to previous 1.7 (colored)
exchange.h: Merge with EOM 1.25 ike_quick_mode.c: Merge with EOM 1.90 init.c: Merge with EOM 1.15 author: ho Add keynote policy support (with USE_KEYNOTE). angelos@openbsd.org
Revision 1.7 / (download) - annotate - [select for diffs], Sat May 1 20:43:43 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.6: +4 -2 lines
Diff to previous 1.6 (colored)
sysdep/openbsd/sysdep.c: Merge with EOM 1.7 DESIGN-NOTES: Merge with EOM 1.42 Makefile: Merge with EOM 1.51 app.c: Merge with EOM 1.6 conf.c: Merge with EOM 1.18 init.c: Merge with EOM 1.14 isakmpd.conf.5: Merge with EOM 1.19 pf_encap.c: Merge with EOM 1.64 pf_encap.h: Merge with EOM 1.12 pf_key_v2.h: Merge with EOM 1.3 sysdep.h: Merge with EOM 1.16 transport.c: Merge with EOM 1.40 ui.c: Merge with EOM 1.32 author: niklas A new connection abstraction
Revision 1.6 / (download) - annotate - [select for diffs], Mon Apr 19 19:54:53 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
./app.c: Merge with EOM 1.5 ./gmp_util.c: Merge with EOM 1.3 ./asn_useful.c: Merge with EOM 1.11 ./attribute.c: Merge with EOM 1.9 ./constants.c: Merge with EOM 1.7 ./doi.h: Merge with EOM 1.25 ./doi.c: Merge with EOM 1.4 ./field.c: Merge with EOM 1.9 ./init.c: Merge with EOM 1.13 ./isakmp_doi.c: Merge with EOM 1.35 ./prf.c: Merge with EOM 1.6 ./util.c: Merge with EOM 1.14 ./app.h: Merge with EOM 1.4 ./conf.h: Merge with EOM 1.8 ./ipsec.h: Merge with EOM 1.34 ./ipsec_doi.h: Merge with EOM 1.10 ./pkcs.h: Merge with EOM 1.8 ./sysdep.h: Merge with EOM 1.15 1999 copyrights
Revision 1.5 / (download) - annotate - [select for diffs], Wed Mar 31 20:30:11 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.4: +7 -4 lines
Diff to previous 1.4 (colored)
Merge with EOM 1.12 do conf.c init after timer.c
Revision 1.4 / (download) - annotate - [select for diffs], Fri Feb 26 03:43:00 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.3: +4 -2 lines
Diff to previous 1.3 (colored)
Merge from the Ericsson repository | revision 1.11 | date: 1999/02/25 11:39:06; author: niklas; state: Exp; lines: +3 -1 | include sysdep.h everywhere | ----------------------------
Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 17 11:10:13 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Add RCS Ids from the EOM repository
Revision 1.2 / (download) - annotate - [select for diffs], Sun Nov 15 00:43:55 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
openBSD RCS IDs
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Nov 15 00:03:48 1998 UTC (25 years, 7 months ago) by niklas
Branch: NIKLAS
CVS Tags: NIKLAS_981114
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Initial import of isakmpd, an IKE (ISAKMP/Oakley) implementation for the OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by Ericsson Radio Systems. It is not yet complete or usable in a real scenario but the missing pieces will soon be there. The early commit is for people who wants early access and who are not afraid of looking at source. isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so far, so it is not that incomplete. It is really mostly configuration that is lacking.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Nov 15 00:03:48 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Initial revision