![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.26 / (download) - annotate - [select for diffs], Mon Oct 18 21:38:58 2010 UTC (13 years, 7 months ago) by todd
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7,
OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
HEAD
Changes since 1.25: +18 -4 lines
Diff to previous 1.25 (colored)
as determined 4 years ago, FortiGate needs DOI of 0 responses to DPD so, copy a small bit of logic to make DPD interop with FortiGate function tested by me, ok mikeb@, silence from 'the usual suspects'
Revision 1.25 / (download) - annotate - [select for diffs], Fri Apr 8 22:32:10 2005 UTC (19 years, 2 months ago) by cloder
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0,
OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.24: +1 -3 lines
Diff to previous 1.24 (colored)
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
Revision 1.24 / (download) - annotate - [select for diffs], Fri Apr 8 19:40:03 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.23: +1 -9 lines
Diff to previous 1.23 (colored)
USE_DEBUG is bye bye
Revision 1.23 / (download) - annotate - [select for diffs], Fri Apr 8 16:52:41 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.22: +1 -3 lines
Diff to previous 1.22 (colored)
always enable aggressive, dpd, and isakmp_cfg
Revision 1.22 / (download) - annotate - [select for diffs], Sun Jun 20 17:17:35 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7,
OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.21: +4 -4 lines
Diff to previous 1.21 (colored)
Make the payload array in struct message dynamic, since we need to handle payloads in the private range, such as the pre-RFC NAT-D/NAT-OA. Replace TAILQ_FIRST(&msg->payload[i]) instances with function calls.
Revision 1.21 / (download) - annotate - [select for diffs], Mon Jun 14 09:55:41 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.20: +8 -7 lines
Diff to previous 1.20 (colored)
KNF, style, 80c, etc. hshoexer@ ok
Revision 1.20 / (download) - annotate - [select for diffs], Sun May 23 18:17:56 2004 UTC (20 years ago) by hshoexer
Branch: MAIN
Changes since 1.19: +15 -16 lines
Diff to previous 1.19 (colored)
More KNF. Mainly spaces and line-wraps, no binary change. ok ho@
Revision 1.19 / (download) - annotate - [select for diffs], Thu Apr 15 18:39:26 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.18: +130 -134 lines
Diff to previous 1.18 (colored)
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
Revision 1.14.8.1 / (download) - annotate - [select for diffs], Wed Mar 17 15:05:03 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.14: +3 -3 lines
Diff to previous 1.14 (colored) next main 1.15 (colored)
MFC: Fix by hshoexer@ Fix payload handling flaws found by cloder@. Based on initial patch by cloder@. ok deraadt@ hshoexer@
Revision 1.16.2.1 / (download) - annotate - [select for diffs], Wed Mar 17 14:59:17 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.16: +3 -3 lines
Diff to previous 1.16 (colored) next main 1.17 (colored)
MFC: Fix by hshoexer@ Fix payload handling flaws found by cloder@. Based on initial patch by cloder@. ok deraadt@ hshoexer@
Revision 1.18 / (download) - annotate - [select for diffs], Wed Mar 10 23:08:49 2004 UTC (20 years, 3 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
Fix payload handling flaws found by cloder@. Based on initial patch by cloder@. Testing by markus@ cloder@ hshoexer@. ok ho@
Revision 1.17 / (download) - annotate - [select for diffs], Tue Oct 14 14:29:15 2003 UTC (20 years, 8 months ago) by ho
Branch: MAIN
Changes since 1.16: +3 -5 lines
Diff to previous 1.16 (colored)
constant_lookup() to constant_name() cleanup. markus@ ok.
Revision 1.16 / (download) - annotate - [select for diffs], Fri Aug 8 08:46:59 2003 UTC (20 years, 10 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.15: +5 -3 lines
Diff to previous 1.15 (colored)
Be more careful when using constant_lookup() in messages. Pointed out by Jean-Francois Dive, although I opted for a slightly different patch.
Revision 1.15 / (download) - annotate - [select for diffs], Tue Jun 3 14:28:16 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.14: +1 -6 lines
Diff to previous 1.14 (colored)
Remove clauses 3 and 4. With approval from Niklas Hallqvist and Niels Provos.
Revision 1.14 / (download) - annotate - [select for diffs], Thu Jul 5 12:36:52 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_2_BASE,
OPENBSD_3_2,
OPENBSD_3_1_BASE,
OPENBSD_3_1,
OPENBSD_3_0_BASE,
OPENBSD_3_0
Branch point for: OPENBSD_3_3
Changes since 1.13: +3 -2 lines
Diff to previous 1.13 (colored)
Add prototypes and some other various cleanup.
Revision 1.13 / (download) - annotate - [select for diffs], Sun Jul 1 20:43:39 2001 UTC (22 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.12: +7 -2 lines
Diff to previous 1.12 (colored)
ISAKMP configuration, a.k.a IKECFG or "mode-config", protocol implementation. Disabled, has no configuration mechanism yet. This will be used for roaming users, who are going to get parameters like IP-address and nameserver from its peer, very much like DHCP, but securily inside an ISAKMP connection and still in time before negotiation of IPsec connections. You may see stylistic fixes in this commit too. Add some not yet used Makefile magic to deal with DNSSEC- enabled OpenSSL too. The IKECFG code work was sponsered by Gatespace Inc. Thank you! Configuration will come very soon, btw.
Revision 1.12 / (download) - annotate - [select for diffs], Wed Jun 27 03:31:41 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)
Consistently use "IPsec" capitalization (jsyn@nthought.com)
Revision 1.11 / (download) - annotate - [select for diffs], Sat Oct 7 06:59:24 2000 UTC (23 years, 8 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9,
OPENBSD_2_8_BASE,
OPENBSD_2_8
Changes since 1.10: +4 -2 lines
Diff to previous 1.10 (colored)
Merge with EOM 1.42 author: ho ipsec_decode_ids is only used with USE_DEBUG
Revision 1.10 / (download) - annotate - [select for diffs], Thu Aug 3 07:23:00 2000 UTC (23 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.9: +5 -3 lines
Diff to previous 1.9 (colored)
isakmp_doi.c: Merge with EOM 1.41 doi.h: Merge with EOM 1.29 author: provos make a DOI specific decode_ids, but have isakmp doi decode point to ipsec.
Revision 1.9 / (download) - annotate - [select for diffs], Fri Feb 25 17:23:40 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE,
OPENBSD_2_7
Changes since 1.8: +14 -8 lines
Diff to previous 1.8 (colored)
regress/crypto/Makefile: Merge with EOM 1.5 regress/dh/Makefile: Merge with EOM 1.7 regress/group/Makefile: Merge with EOM 1.9 regress/prf/Makefile: Merge with EOM 1.4 regress/rsakeygen/Makefile: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.10 Makefile: Merge with EOM 1.62 attribute.c: Merge with EOM 1.10 sa.c: Merge with EOM 1.99 conf.c: Merge with EOM 1.20 crypto.c: Merge with EOM 1.28 isakmpd.c: Merge with EOM 1.45 connection.c: Merge with EOM 1.19 doi.h: Merge with EOM 1.28 field.c: Merge with EOM 1.11 exchange.c: Merge with EOM 1.116 ike_auth.c: Merge with EOM 1.44 pf_key_v2.c: Merge with EOM 1.37 ike_phase_1.c: Merge with EOM 1.22 ipsec.c: Merge with EOM 1.118 isakmp_doi.c: Merge with EOM 1.40 log.c: Merge with EOM 1.26 log.h: Merge with EOM 1.18 math_group.c: Merge with EOM 1.23 message.c: Merge with EOM 1.144 pf_encap.c: Merge with EOM 1.70 policy.c: Merge with EOM 1.18 timer.c: Merge with EOM 1.13 transport.c: Merge with EOM 1.41 udp.c: Merge with EOM 1.47 ui.c: Merge with EOM 1.37 x509.c: Merge with EOM 1.36 author: niklas Made debug logging a compile time selectable feature
Revision 1.8 / (download) - annotate - [select for diffs], Sun May 2 19:20:33 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.7: +4 -2 lines
Diff to previous 1.7 (colored)
BUGS: Merge with EOM 1.31 doi.h: Merge with EOM 1.27 ike_auth.c: Merge with EOM 1.30 ike_quick_mode.c: Merge with EOM 1.85 ipsec.c: Merge with EOM 1.107 ipsec.h: Merge with EOM 1.36 isakmp_doi.c: Merge with EOM 1.39 author: niklas Factor out keyed hashing of all payloads with SKEYID_a, and make DOI hooks for informational exchanges to add such hashing. Use it from QM and the IKE authentication module too. Remove some bogus XXX comments. Add error reporting
Revision 1.7 / (download) - annotate - [select for diffs], Fri Apr 30 11:47:41 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.6: +40 -8 lines
Diff to previous 1.6 (colored)
ipsec.c: Merge with EOM 1.105 isakmp_doi.c: Merge with EOM 1.38 author: niklas Recognize but ignore incoming informationmal exchanges author: niklas New message_drop API. Generate real INVALID_COOKIE notification. Generate informational exchanges in phase 1 too. Really get these messages to the wire
Revision 1.6 / (download) - annotate - [select for diffs], Tue Apr 27 20:57:20 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.5: +3 -2 lines
Diff to previous 1.5 (colored)
doi.h: Merge with EOM 1.26 isakmp_doi.c: Merge with EOM 1.36 author: niklas Handle leftover payloads.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Apr 19 19:54:53 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.4: +3 -3 lines
Diff to previous 1.4 (colored)
./app.c: Merge with EOM 1.5 ./gmp_util.c: Merge with EOM 1.3 ./asn_useful.c: Merge with EOM 1.11 ./attribute.c: Merge with EOM 1.9 ./constants.c: Merge with EOM 1.7 ./doi.h: Merge with EOM 1.25 ./doi.c: Merge with EOM 1.4 ./field.c: Merge with EOM 1.9 ./init.c: Merge with EOM 1.13 ./isakmp_doi.c: Merge with EOM 1.35 ./prf.c: Merge with EOM 1.6 ./util.c: Merge with EOM 1.14 ./app.h: Merge with EOM 1.4 ./conf.h: Merge with EOM 1.8 ./ipsec.h: Merge with EOM 1.34 ./ipsec_doi.h: Merge with EOM 1.10 ./pkcs.h: Merge with EOM 1.8 ./sysdep.h: Merge with EOM 1.15 1999 copyrights
Revision 1.4 / (download) - annotate - [select for diffs], Fri Feb 26 03:44:24 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.3: +5 -2 lines
Diff to previous 1.3 (colored)
Merge from the Ericsson repository | revision 1.34 | date: 1999/02/25 11:39:08; author: niklas; state: Exp; lines: +3 -1 | include sysdep.h everywhere | ---------------------------- | revision 1.33 | date: 1999/02/25 09:30:27; author: niklas; state: Exp; lines: +2 -1 | Replay protection window configurable | ----------------------------
Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 17 11:10:14 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Add RCS Ids from the EOM repository
Revision 1.2 / (download) - annotate - [select for diffs], Sun Nov 15 00:43:56 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
openBSD RCS IDs
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Nov 15 00:03:48 1998 UTC (25 years, 7 months ago) by niklas
Branch: NIKLAS
CVS Tags: NIKLAS_981114
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Initial import of isakmpd, an IKE (ISAKMP/Oakley) implementation for the OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by Ericsson Radio Systems. It is not yet complete or usable in a real scenario but the missing pieces will soon be there. The early commit is for people who wants early access and who are not afraid of looking at source. isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so far, so it is not that incomplete. It is really mostly configuration that is lacking.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Nov 15 00:03:48 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Initial revision