![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.123 / (download) - annotate - [select for diffs], Fri Aug 30 17:51:47 2019 UTC (4 years, 9 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
HEAD
Changes since 1.122: +4 -4 lines
Diff to previous 1.122 (colored)
mop up for the pcap.3 rename; help/ok deraadt
Revision 1.122 / (download) - annotate - [select for diffs], Tue Feb 19 06:54:39 2019 UTC (5 years, 3 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.121: +2 -3 lines
Diff to previous 1.121 (colored)
oops, bad Pp snuck in;
Revision 1.121 / (download) - annotate - [select for diffs], Mon Feb 18 23:30:39 2019 UTC (5 years, 3 months ago) by sthen
Branch: MAIN
Changes since 1.120: +19 -13 lines
Diff to previous 1.120 (colored)
Rework the certificate generation examples a bit: - show an example sed to substitute the $ENV::CERTIP/CERTFQDN strings while copying /etc/ssl/x509v3.cnf to a temp file - don't use /etc/ssl/x509v3.cnf on the command line when we've just told people to copy and edit - fix an instance of CERTIP that should have been CERTFQDN based on diffs from Sevan Janiyan, feedback/ok jmc@
Revision 1.120 / (download) - annotate - [select for diffs], Tue Apr 17 12:13:29 2018 UTC (6 years, 1 month ago) by stsp
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.119: +13 -4 lines
Diff to previous 1.119 (colored)
Document how to avoid isakmpd(8) source IP address pitfalls by using the Listen-on directive in isakmpd.conf(5). This directive can be necessary in multi-homed situations, and if isakmpd(8) is used with carp(4). ok sthen@ mpi@
Revision 1.119 / (download) - annotate - [select for diffs], Thu Nov 23 20:49:38 2017 UTC (6 years, 6 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.118: +4 -5 lines
Diff to previous 1.118 (colored)
in isakmpd(8), provide a hint: from scott cheloha also some minor tweaks while here...
Revision 1.118 / (download) - annotate - [select for diffs], Sat Mar 5 08:38:36 2016 UTC (8 years, 3 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.117: +13 -5 lines
Diff to previous 1.117 (colored)
fix steps for cert creation; issue reported by igor.kos (temporary) fix entirely provided by sthen
Revision 1.117 / (download) - annotate - [select for diffs], Fri Sep 25 14:27:26 2015 UTC (8 years, 8 months ago) by schwarze
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.116: +13 -80 lines
Diff to previous 1.116 (colored)
drop useless .Xo and .Bk, and shorten by avoiding some .Sm
Revision 1.116 / (download) - annotate - [select for diffs], Fri Jan 16 14:19:07 2015 UTC (9 years, 4 months ago) by schwarze
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.115: +10 -15 lines
Diff to previous 1.115 (colored)
Tweak previous: Do not put punctuation on its own line, put it at the end of the preceding macro line; no output change with mandoc, fixes output with groff. Also, if you want spacing back after .Sm off, do not add an argument containing a blank character, simply rely on .Sm on.
Revision 1.115 / (download) - annotate - [select for diffs], Fri Jan 16 09:08:41 2015 UTC (9 years, 4 months ago) by bentley
Branch: MAIN
Changes since 1.114: +51 -51 lines
Diff to previous 1.114 (colored)
Clean up macros in isakmpd(8).
- Fix mandoc warnings ("WARNING: skipping empty macro: No")
- Mark up arguments with Ar, not Aq Ic
- Mark up pathnames with Pa
ok jmc@
Revision 1.114 / (download) - annotate - [select for diffs], Tue Mar 11 15:25:34 2014 UTC (10 years, 3 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.113: +16 -10 lines
Diff to previous 1.113 (colored)
For CA generation, go back to using a two-step procedure to create a CSR and then self-sign it rather than using the "openssl req" shortcut. This allows us to specify -extfile and thus set the correct certificate extensions so that stricter SSL implementations will trust this as a CA cert, and matches how things are done in ssl(8). This is basically a partial revert of r1.77. Researched by chrisz@, tweak/ok jmc@ ok beck@
Revision 1.113 / (download) - annotate - [select for diffs], Thu Nov 14 08:47:21 2013 UTC (10 years, 6 months ago) by bentley
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.112: +39 -6 lines
Diff to previous 1.112 (colored)
Add STANDARDS section to isakmpd(8). tweaks/ok jmc@
Revision 1.112 / (download) - annotate - [select for diffs], Sun Jul 14 16:37:41 2013 UTC (10 years, 11 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.111: +4 -3 lines
Diff to previous 1.111 (colored)
"r" logs to syslog; From: Anders Berggren ok millert sthen
Revision 1.111 / (download) - annotate - [select for diffs], Tue Sep 25 13:58:00 2012 UTC (11 years, 8 months ago) by otto
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.110: +3 -3 lines
Diff to previous 1.110 (colored)
lost preposition "in"
Revision 1.110 / (download) - annotate - [select for diffs], Fri Aug 24 14:49:21 2012 UTC (11 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.109: +3 -3 lines
Diff to previous 1.109 (colored)
ikev2 is described in rfc 5996 now;
Revision 1.109 / (download) - annotate - [select for diffs], Thu Sep 29 17:57:09 2011 UTC (12 years, 8 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.108: +8 -8 lines
Diff to previous 1.108 (colored)
ssl.8: Certifying Authority -> Certificate Authority isakmpd.8: rsa:1024 -> rsa:2048 (ok markus) all: X509 -> X.509 from Lawrence Teo
Revision 1.108 / (download) - annotate - [select for diffs], Mon Jun 6 08:05:05 2011 UTC (13 years ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.107: +12 -6 lines
Diff to previous 1.107 (colored)
some improvements for the text on packet capture; from Lawrence Teo ok sthen
Revision 1.107 / (download) - annotate - [select for diffs], Mon Jun 7 08:38:09 2010 UTC (14 years ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.106: +9 -12 lines
Diff to previous 1.106 (colored)
make clearer the relationship between isakmpd and ikev1; and iked and ikev2; ok reyk
Revision 1.106 / (download) - annotate - [select for diffs], Thu Jun 3 16:57:40 2010 UTC (14 years ago) by reyk
Branch: MAIN
Changes since 1.105: +21 -4 lines
Diff to previous 1.105 (colored)
update the manpages for isakmpd(8) and ipsec.conf(5) to point to iked(8) for IKEv2 and to clarify that a) isakmpd is IKEv1/ISAKMP only and b) iked(8) is IKEv2 only. ISAKMP/IKEv1 support is currently not supported by iked(8) and not worked on, but maybe in the future - I want to get IKEv2 support first done right. So keep on using isakmpd(8) for IKEv1 for now... ok deraadt@
Revision 1.105 / (download) - annotate - [select for diffs], Sun Jan 3 16:43:45 2010 UTC (14 years, 5 months ago) by schwarze
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.104: +3 -3 lines
Diff to previous 1.104 (colored)
Neither .Pp nor unqualified text are allowed at the top level of .Bl; instead, .It is required. Thus, move .Pp and text before the .Bl, and remove the .Pp altogether where it is not needed. Syntax errors found by mandoc(1), also required to fix the mandoc build; feedback and ok jmc@, and sobrado@ also supports the direction.
Revision 1.104 / (download) - annotate - [select for diffs], Thu May 31 19:19:45 2007 UTC (17 years ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.103: +2 -2 lines
Diff to previous 1.103 (colored)
convert to new .Dd format;
Revision 1.103 / (download) - annotate - [select for diffs], Wed May 23 07:28:15 2007 UTC (17 years ago) by hshoexer
Branch: MAIN
Changes since 1.102: +1 -5 lines
Diff to previous 1.102 (colored)
Get rid of some obsolete exampels. ok and prodding @jmc
Revision 1.102 / (download) - annotate - [select for diffs], Mon May 7 01:50:46 2007 UTC (17 years, 1 month ago) by joel
Branch: MAIN
Changes since 1.101: +8 -1 lines
Diff to previous 1.101 (colored)
Document "M active|passive" ui command. ok jmc@ mpf@
Revision 1.101 / (download) - annotate - [select for diffs], Thu Mar 1 20:30:09 2007 UTC (17 years, 3 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.100: +5 -5 lines
Diff to previous 1.100 (colored)
improve the description of -a. specifically, make it clear that ipsec.conf users do not want to run isakmpd -a unless they are messing with manual flows; closes documentation/5399, from sthen original diff and feedback from sthen ok hshoexer
Revision 1.100 / (download) - annotate - [select for diffs], Tue Dec 5 14:29:14 2006 UTC (17 years, 6 months ago) by jmc
Branch: MAIN
Changes since 1.99: +24 -3 lines
Diff to previous 1.99 (colored)
some carp/sasyncd bits from msf and myself; ok mpf
Revision 1.99 / (download) - annotate - [select for diffs], Thu Nov 30 11:24:49 2006 UTC (17 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.98: +13 -1 lines
Diff to previous 1.98 (colored)
new ui command 'rmv': removes an entry from a list, thus reversing an 'add' operation; ok ho, hshoexer, jmc eVS: ----------------------------------------------------------------------
Revision 1.98 / (download) - annotate - [select for diffs], Wed Nov 29 19:44:50 2006 UTC (17 years, 6 months ago) by jmc
Branch: MAIN
Changes since 1.97: +4 -14 lines
Diff to previous 1.97 (colored)
no need to document generation of local.key 3 times; spotted by mcbride, ok hshoexer;
Revision 1.97 / (download) - annotate - [select for diffs], Wed Nov 29 14:50:06 2006 UTC (17 years, 6 months ago) by jmc
Branch: MAIN
Changes since 1.96: +4 -4 lines
Diff to previous 1.96 (colored)
zap trailing spaces;
Revision 1.96 / (download) - annotate - [select for diffs], Wed Nov 29 07:27:55 2006 UTC (17 years, 6 months ago) by mcbride
Branch: MAIN
Changes since 1.95: +14 -18 lines
Diff to previous 1.95 (colored)
Document the new location of local.pub, and clarify the fact that local.key contains the entire keypair. ok deraadt jmc
Revision 1.95 / (download) - annotate - [select for diffs], Tue Nov 28 09:27:09 2006 UTC (17 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.94: +3 -2 lines
Diff to previous 1.94 (colored)
do not re-add existing entries; ok hshoexer
Revision 1.94 / (download) - annotate - [select for diffs], Thu Oct 5 09:11:27 2006 UTC (17 years, 8 months ago) by tom
Branch: MAIN
Changes since 1.93: +2 -2 lines
Diff to previous 1.93 (colored)
Reword sentence to fix grammar nit. ok jmc@
Revision 1.93 / (download) - annotate - [select for diffs], Sat Sep 9 07:52:04 2006 UTC (17 years, 9 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.92: +16 -2 lines
Diff to previous 1.92 (colored)
point people towards ipsec.conf.5; after some discussion w/ reyk ok hshoexer reyk
Revision 1.92 / (download) - annotate - [select for diffs], Fri Sep 1 00:49:45 2006 UTC (17 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.91: +5 -5 lines
Diff to previous 1.91 (colored)
use shell-independent examples;
Revision 1.91 / (download) - annotate - [select for diffs], Thu Aug 31 19:06:53 2006 UTC (17 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.90: +12 -1 lines
Diff to previous 1.90 (colored)
document an issue with subjectAltName found by reyk; ok hshoexer ho reyk
Revision 1.90 / (download) - annotate - [select for diffs], Thu Aug 31 17:07:23 2006 UTC (17 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.89: +1 -5 lines
Diff to previous 1.89 (colored)
remove a confusing sentence; ok hshoexer ho
Revision 1.89 / (download) - annotate - [select for diffs], Wed Aug 30 20:27:52 2006 UTC (17 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.88: +2 -3 lines
Diff to previous 1.88 (colored)
rewording; from reyk cloder hshoexer ok ho
Revision 1.88 / (download) - annotate - [select for diffs], Wed Aug 30 16:56:56 2006 UTC (17 years, 9 months ago) by hshoexer
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)
Make SA deletion on shutdown the default again. Use -S for failover situations where you do not want this. Discussed and agreed on with ho, mcbride, markus, cloder,... We will have to teach sasyncd to deal with this. Testing by msf and hshoexer with help from mtu ok markus cloder
Revision 1.87 / (download) - annotate - [select for diffs], Thu Jun 29 10:00:49 2006 UTC (17 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.86: +4 -1 lines
Diff to previous 1.86 (colored)
Document that pcap files can only be writen to the /var/run directory.
Revision 1.86 / (download) - annotate - [select for diffs], Sat Jun 10 21:23:50 2006 UTC (18 years ago) by hshoexer
Branch: MAIN
Changes since 1.85: +6 -2 lines
Diff to previous 1.85 (colored)
Document -S and the "Delete-SAs" tag. Those will enable SA deletion on shutdown.
Revision 1.85 / (download) - annotate - [select for diffs], Fri May 26 09:26:07 2006 UTC (18 years ago) by jmc
Branch: MAIN
Changes since 1.84: +2 -11 lines
Diff to previous 1.84 (colored)
vpn.8 removal;
Revision 1.84 / (download) - annotate - [select for diffs], Fri May 26 04:02:59 2006 UTC (18 years ago) by deraadt
Branch: MAIN
Changes since 1.83: +3 -3 lines
Diff to previous 1.83 (colored)
let us not talk about ipsecadm and vpn anymore; ok reyk
Revision 1.83 / (download) - annotate - [select for diffs], Fri Sep 23 14:45:25 2005 UTC (18 years, 8 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.82: +24 -3 lines
Diff to previous 1.82 (colored)
Document new UI commands ok and help jmc@
Revision 1.82 / (download) - annotate - [select for diffs], Tue Aug 23 15:02:31 2005 UTC (18 years, 9 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.81: +15 -1 lines
Diff to previous 1.81 (colored)
note that RSA_SIG should be part of the "Transforms" tag when setting up key- and cert-based authentication; problem found by andrew fresh; help/ok hshoexer@
Revision 1.81 / (download) - annotate - [select for diffs], Sat Jun 4 17:22:42 2005 UTC (19 years ago) by hshoexer
Branch: MAIN
Changes since 1.80: +7 -1 lines
Diff to previous 1.80 (colored)
Clarify that for -i/-R only paths beginning with /var/run are valid.
Revision 1.80 / (download) - annotate - [select for diffs], Thu Jun 2 10:03:37 2005 UTC (19 years ago) by jmc
Branch: MAIN
Changes since 1.79: +106 -29 lines
Diff to previous 1.79 (colored)
expand the section on pki: - list different methods available - document key-based method - move x509-based into its own section - add keynote stub section ok hshoexer@
Revision 1.79 / (download) - annotate - [select for diffs], Wed May 18 20:22:19 2005 UTC (19 years ago) by jmc
Branch: MAIN
Changes since 1.78: +1 -31 lines
Diff to previous 1.78 (colored)
remove certpatch(8) stuff; ok hshoexer@
Revision 1.78 / (download) - annotate - [select for diffs], Sat May 14 09:28:18 2005 UTC (19 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.77: +154 -154 lines
Diff to previous 1.77 (colored)
more logical section order;
Revision 1.77 / (download) - annotate - [select for diffs], Sat May 14 09:25:51 2005 UTC (19 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.76: +20 -18 lines
Diff to previous 1.76 (colored)
- openssl req can create self-signed certs in one step - no need to encourage people to generate system keys: rc(8) already does it ok hshoexer@
Revision 1.76 / (download) - annotate - [select for diffs], Fri May 6 19:06:50 2005 UTC (19 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.75: +3 -4 lines
Diff to previous 1.75 (colored)
sync the CERTIP and CERTFQDN sections;
Revision 1.75 / (download) - annotate - [select for diffs], Thu May 5 14:14:38 2005 UTC (19 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.74: +4 -3 lines
Diff to previous 1.74 (colored)
document /etc/isakmpd/pubkeys a little better;
Revision 1.74 / (download) - annotate - [select for diffs], Thu May 5 14:05:51 2005 UTC (19 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.73: +111 -39 lines
Diff to previous 1.73 (colored)
cleanup FIFO section;
Revision 1.73 / (download) - annotate - [select for diffs], Thu May 5 12:09:35 2005 UTC (19 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.72: +25 -16 lines
Diff to previous 1.72 (colored)
first stab at improving PKI section;
Revision 1.72 / (download) - annotate - [select for diffs], Thu May 5 11:32:05 2005 UTC (19 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.71: +42 -28 lines
Diff to previous 1.71 (colored)
improve FILES;
Revision 1.71 / (download) - annotate - [select for diffs], Sun Apr 10 14:17:49 2005 UTC (19 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.70: +70 -80 lines
Diff to previous 1.70 (colored)
- sort synopsis + options list - sync usage() - tidy up lists and displays - misc tweaks
Revision 1.70 / (download) - annotate - [select for diffs], Fri Apr 8 22:32:10 2005 UTC (19 years, 2 months ago) by cloder
Branch: MAIN
Changes since 1.69: +2 -5 lines
Diff to previous 1.69 (colored)
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
Revision 1.69 / (download) - annotate - [select for diffs], Tue Apr 5 21:32:13 2005 UTC (19 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.68: +3 -3 lines
Diff to previous 1.68 (colored)
ipsecadm lives in section 8, not 4; missing word;
Revision 1.68 / (download) - annotate - [select for diffs], Tue Apr 5 18:06:05 2005 UTC (19 years, 2 months ago) by cloder
Branch: MAIN
Changes since 1.67: +8 -1 lines
Diff to previous 1.67 (colored)
Add -T flag to isakmpd to disable NAT-T support from the command line. This lets binat setups work again without having to recompile isakmpd. OK ho, hshoexer.
Revision 1.67 / (download) - annotate - [select for diffs], Fri Feb 25 14:14:31 2005 UTC (19 years, 3 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.66: +2 -12 lines
Diff to previous 1.66 (colored)
Zap -P option. It has never done anything. While there tweak descripton of -N. zap -P ok ho@
Revision 1.66 / (download) - annotate - [select for diffs], Thu Feb 24 13:55:51 2005 UTC (19 years, 3 months ago) by hshoexer
Branch: MAIN
Changes since 1.65: +6 -1 lines
Diff to previous 1.65 (colored)
Add -N switch to select port for udpencap. Thus it's possible to run multiple isakmpds on different ports specified with -p and -N. ok ho@
Revision 1.65 / (download) - annotate - [select for diffs], Thu Jul 8 10:37:12 2004 UTC (19 years, 11 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.64: +3 -3 lines
Diff to previous 1.64 (colored)
typo, and line adjustment;
Revision 1.64 / (download) - annotate - [select for diffs], Wed Jul 7 22:25:39 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.63: +25 -1 lines
Diff to previous 1.63 (colored)
document -a/-K and "Acquire-Only"/"Use-Keynote". ok markus@ henning@ ho@ english polish and mdoc help and ok jmc@
Revision 1.63 / (download) - annotate - [select for diffs], Thu May 13 06:56:34 2004 UTC (20 years, 1 month ago) by ho
Branch: MAIN
Changes since 1.62: +16 -3 lines
Diff to previous 1.62 (colored)
Extensions to the FIFO interface: "C get [section]:tag" fetches a configuration value. "C add [section]:tag=value" adds 'value' to a list, typically for the [Phase 2]:Connections tag. FIFO "S" command destination file changed. Various KNF cleanups. hshoexer@ ok.
Revision 1.62 / (download) - annotate - [select for diffs], Thu Apr 15 00:27:40 2004 UTC (20 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)
spaces
Revision 1.61 / (download) - annotate - [select for diffs], Wed Mar 24 16:44:24 2004 UTC (20 years, 2 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.60: +19 -1 lines
Diff to previous 1.60 (colored)
Add some notes about privsep to manpage. ok ho@ jmc@ deraadt@
Revision 1.60 / (download) - annotate - [select for diffs], Fri Jan 23 23:08:46 2004 UTC (20 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.59: +3 -3 lines
Diff to previous 1.59 (colored)
`Ns' implies `No', so `Ns No' -> `Ns'; (even simpler in adduser(8)) discussed with todd@
Revision 1.59 / (download) - annotate - [select for diffs], Fri Jan 16 10:51:57 2004 UTC (20 years, 4 months ago) by hshoexer
Branch: MAIN
Changes since 1.58: +12 -1 lines
Diff to previous 1.58 (colored)
Added -v option. Enables logging of successful exchange completion. ok ho@
Revision 1.58 / (download) - annotate - [select for diffs], Thu Nov 20 11:23:01 2003 UTC (20 years, 6 months ago) by jmc
Branch: MAIN
Changes since 1.57: +5 -6 lines
Diff to previous 1.57 (colored)
use .Dv for AF_INET and AF_INET6 (kills ugly line break); spotted by Alexey E. Suslikov; also kill some .Pp's before displays/lists for better PostScript output;
Revision 1.57 / (download) - annotate - [select for diffs], Sat Oct 25 07:47:28 2003 UTC (20 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)
receiveing -> receiving; from Jared Yanovich;
Revision 1.56 / (download) - annotate - [select for diffs], Mon Oct 13 13:57:51 2003 UTC (20 years, 8 months ago) by ho
Branch: MAIN
Changes since 1.55: +4 -2 lines
Diff to previous 1.55 (colored)
Add a UI FIFO debug class. ok markus@ plus I think henning@
Revision 1.55 / (download) - annotate - [select for diffs], Wed Aug 20 12:25:02 2003 UTC (20 years, 9 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.54: +9 -1 lines
Diff to previous 1.54 (colored)
certpatch(8) can be used to create FQDN X509v3 extensions too. From Fridtjof Busse, via henning@. Thanks.
Revision 1.54 / (download) - annotate - [select for diffs], Sat Aug 9 08:45:58 2003 UTC (20 years, 10 months ago) by jmc
Branch: MAIN
Changes since 1.53: +67 -41 lines
Diff to previous 1.53 (colored)
new sentence, new line + small cleanup; ok ho@
Revision 1.53 / (download) - annotate - [select for diffs], Wed Jun 4 07:31:17 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.52: +1 -6 lines
Diff to previous 1.52 (colored)
Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos D. Keromytis and Niels Provos.
Revision 1.52 / (download) - annotate - [select for diffs], Tue Jun 3 13:16:08 2003 UTC (21 years ago) by jmc
Branch: MAIN
Changes since 1.51: +14 -15 lines
Diff to previous 1.51 (colored)
- section reorder - some mdoc fixes
Revision 1.51 / (download) - annotate - [select for diffs], Sat May 10 21:13:41 2003 UTC (21 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.50: +3 -3 lines
Diff to previous 1.50 (colored)
typos;
Revision 1.50 / (download) - annotate - [select for diffs], Sun Apr 27 11:17:14 2003 UTC (21 years, 1 month ago) by ho
Branch: MAIN
Changes since 1.49: +5 -2 lines
Diff to previous 1.49 (colored)
Describe the 'C set' FIFO command better. (PR#3148, also)
Revision 1.49 / (download) - annotate - [select for diffs], Sat Feb 22 06:56:20 2003 UTC (21 years, 3 months ago) by kjell
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.48: +3 -3 lines
Diff to previous 1.48 (colored)
Clarify some language, grammar. ho@ okayed this many moons ago, and I forgot all about it.
Revision 1.48 / (download) - annotate - [select for diffs], Wed Feb 5 10:29:49 2003 UTC (21 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.47: +21 -19 lines
Diff to previous 1.47 (colored)
typos; isakmpd(8) ok niklas@, mailwrapper(8) help kjell@
Revision 1.47 / (download) - annotate - [select for diffs], Tue Dec 3 20:05:10 2002 UTC (21 years, 6 months ago) by ho
Branch: MAIN
Changes since 1.46: +7 -1 lines
Diff to previous 1.46 (colored)
Add -4/-6 cmdline options to select what address family (IPv4,v6) to use. niklas@ ok.
Revision 1.46 / (download) - annotate - [select for diffs], Wed Nov 27 14:36:20 2002 UTC (21 years, 6 months ago) by ho
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)
Update document date.
Revision 1.45 / (download) - annotate - [select for diffs], Sat Nov 9 02:22:33 2002 UTC (21 years, 7 months ago) by fgsch
Branch: MAIN
Changes since 1.44: +3 -3 lines
Diff to previous 1.44 (colored)
more SEE ALSO fixes.
Revision 1.44 / (download) - annotate - [select for diffs], Sat Nov 9 00:57:20 2002 UTC (21 years, 7 months ago) by fgsch
Branch: MAIN
Changes since 1.43: +1 -1 lines
Diff to previous 1.43 (colored)
SEE ALSO reordering and corrections.
Revision 1.43 / (download) - annotate - [select for diffs], Fri Sep 6 21:36:52 2002 UTC (21 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.42: +1 -2 lines
Diff to previous 1.42 (colored)
remove Xr to photuris
Revision 1.42 / (download) - annotate - [select for diffs], Wed Aug 7 13:19:20 2002 UTC (21 years, 10 months ago) by ho
Branch: MAIN
Changes since 1.41: +6 -6 lines
Diff to previous 1.41 (colored)
A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>. Some style mods, and checks added for OpenSSL version 0.9.7 or later. Currently CRLs are not supported for earlier versions. Manual pages updated.
Revision 1.41 / (download) - annotate - [select for diffs], Fri Aug 2 13:27:22 2002 UTC (21 years, 10 months ago) by ho
Branch: MAIN
Changes since 1.40: +10 -1 lines
Diff to previous 1.40 (colored)
Mention CRL support, tag and default value.
Revision 1.40 / (download) - annotate - [select for diffs], Sun Jun 9 08:13:06 2002 UTC (22 years ago) by todd
Branch: MAIN
Changes since 1.39: +3 -3 lines
Diff to previous 1.39 (colored)
rm trailing whitespace
Revision 1.39 / (download) - annotate - [select for diffs], Wed Apr 10 20:56:28 2002 UTC (22 years, 2 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.38: +68 -2 lines
Diff to previous 1.38 (colored)
Document the FIFO ui. deraadt@ ok.
Revision 1.38 / (download) - annotate - [select for diffs], Sun Mar 17 21:49:26 2002 UTC (22 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.37: +3 -1 lines
Diff to previous 1.37 (colored)
Mention isakmpd_sa file.
Revision 1.37 / (download) - annotate - [select for diffs], Fri Dec 21 11:41:50 2001 UTC (22 years, 5 months ago) by mpech
Branch: MAIN
Changes since 1.36: +11 -11 lines
Diff to previous 1.36 (colored)
Initial patch for a new mdoc issue. Powered by @mantoya: o) kill extra line in the end of file; o) kill extra space in the end of line; o) replace blank lines with .Pp; millert@ ok
Revision 1.36 / (download) - annotate - [select for diffs], Thu Dec 13 20:16:48 2001 UTC (22 years, 6 months ago) by mpech
Branch: MAIN
Changes since 1.35: +48 -38 lines
Diff to previous 1.35 (colored)
o) start new sentence on a new line; o) wrap long lines; o) fix bogus .Xr usage; o) we don't like blank lines; o) always close .Bl tags; o) OpenBSD -> .Ox; o) don't like .Pp before .Ss; millert@ ok;
Revision 1.35 / (download) - annotate - [select for diffs], Mon Dec 10 04:06:45 2001 UTC (22 years, 6 months ago) by ho
Branch: MAIN
Changes since 1.34: +21 -8 lines
Diff to previous 1.34 (colored)
Add example on how to create FQDN certificates suitable for use with isakmpd. Requires an FQDN addition to /etc/ssl/x509v3.cnf
Revision 1.34 / (download) - annotate - [select for diffs], Mon Dec 10 03:45:03 2001 UTC (22 years, 6 months ago) by ho
Branch: MAIN
Changes since 1.33: +3 -1 lines
Diff to previous 1.33 (colored)
Mention that SIGHUP will cause isakmpd to reread isakmpd.conf
Revision 1.33 / (download) - annotate - [select for diffs], Fri Aug 31 12:22:19 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.32: +2 -1 lines
Diff to previous 1.32 (colored)
(c)-2001
Revision 1.32 / (download) - annotate - [select for diffs], Thu Aug 30 09:03:18 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.31: +5 -1 lines
Diff to previous 1.31 (colored)
Mention which debug levels we currently use.
Revision 1.31 / (download) - annotate - [select for diffs], Thu Aug 23 18:14:16 2001 UTC (22 years, 9 months ago) by niklas
Branch: MAIN
Changes since 1.30: +3 -9 lines
Diff to previous 1.30 (colored)
RSA-enabling is not necessary anymore.
Revision 1.30 / (download) - annotate - [select for diffs], Wed Aug 15 09:16:29 2001 UTC (22 years, 10 months ago) by ho
Branch: MAIN
Changes since 1.29: +33 -3 lines
Diff to previous 1.29 (colored)
Support trusted public (RSA) keys as files too. niklas@ ok.
Revision 1.29 / (download) - annotate - [select for diffs], Fri Jul 20 18:07:11 2001 UTC (22 years, 10 months ago) by mpech
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
we don't like: o) .Pp before/after .Sh; o) .Pp before/after .Rs/.Re; o) .Nm without argument in SYNOPSIS;
Revision 1.28 / (download) - annotate - [select for diffs], Wed Jun 27 03:31:42 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
Consistently use "IPsec" capitalization (jsyn@nthought.com)
Revision 1.27 / (download) - annotate - [select for diffs], Thu May 24 15:59:30 2001 UTC (23 years ago) by ho
Branch: MAIN
Changes since 1.26: +3 -1 lines
Diff to previous 1.26 (colored)
Add isakmpd.pid to the FILES section.
Revision 1.19.4.1 / (download) - annotate - [select for diffs], Tue May 8 12:45:23 2001 UTC (23 years, 1 month ago) by ho
Branch: OPENBSD_2_8
Changes since 1.19: +94 -15 lines
Diff to previous 1.19 (colored) next main 1.20 (colored)
Pull in isakmpd from 2.9 to 2.8 branch.
Revision 1.26 / (download) - annotate - [select for diffs], Mon Apr 30 14:38:12 2001 UTC (23 years, 1 month ago) by ho
Branch: MAIN
Changes since 1.25: +24 -12 lines
Diff to previous 1.25 (colored)
Mention the sample configuration directory. Cleanup some .Nm usage.
Revision 1.25 / (download) - annotate - [select for diffs], Mon Apr 30 12:51:13 2001 UTC (23 years, 1 month ago) by provos
Branch: MAIN
Changes since 1.24: +20 -4 lines
Diff to previous 1.24 (colored)
mention how to generate extended attributes for certs with openssl; from tim newsham; okay niklas@ ho@
Revision 1.24 / (download) - annotate - [select for diffs], Mon Apr 9 21:21:57 2001 UTC (23 years, 2 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9
Changes since 1.23: +21 -2 lines
Diff to previous 1.23 (colored)
isakmpd can now capture un-encrypted IKE negotiation packets to a file. In pcap(3) format, so tcpdump(8) can read it. Idea by Tim Newsham <newsham@lava.net>, work by him and me. Ok angelos@, niklas@
Revision 1.23 / (download) - annotate - [select for diffs], Thu Apr 5 23:31:05 2001 UTC (23 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)
Also mention mode requirements for the private key file, plus one less typo.
Revision 1.22 / (download) - annotate - [select for diffs], Thu Apr 5 23:22:57 2001 UTC (23 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.21: +5 -3 lines
Diff to previous 1.21 (colored)
Be more clear about configuration file mode requirements.
Revision 1.21 / (download) - annotate - [select for diffs], Tue Mar 13 14:05:18 2001 UTC (23 years, 3 months ago) by ho
Branch: MAIN
Changes since 1.20: +5 -1 lines
Diff to previous 1.20 (colored)
Add logging classes for Negotiation and Policy, and change a number of debug messages to use these instead. Change a number of 'log_print' to debug messages to keep the noise down. Use 'log_error' instead of 'log_print' in some cases when we have errno. Some indentation fixes. (niklas@ ok)
Revision 1.20 / (download) - annotate - [select for diffs], Tue Dec 12 05:01:01 2000 UTC (23 years, 6 months ago) by todd
Branch: MAIN
Changes since 1.19: +29 -3 lines
Diff to previous 1.19 (colored)
enumerate debugging number meanings; ok angelos@
Revision 1.19 / (download) - annotate - [select for diffs], Tue May 2 14:36:51 2000 UTC (24 years, 1 month ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE,
OPENBSD_2_7_BASE,
OPENBSD_2_7
Branch point for: OPENBSD_2_8
Changes since 1.18: +136 -13 lines
Diff to previous 1.18 (colored)
Merge with EOM 1.23 author: niklas Describe PKI setup author: ho Mention requirement for config file owner and mode. author: niklas save pid in a pidfile, based on code from Lawrence A. Wimble. Also retry to dlopen libcrypto after SIGHUP, useful if /usr was mounted in between.
Revision 1.18 / (download) - annotate - [select for diffs], Fri Apr 7 22:23:14 2000 UTC (24 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
apps/certpatch/certpatch.8: Merge with EOM 1.5 isakmpd.8: Merge with EOM 1.20 isakmpd.conf.5: Merge with EOM 1.40 isakmpd.policy.5: Merge with EOM 1.13 author: niklas Changes from OpenBSD
Revision 1.17 / (download) - annotate - [select for diffs], Sat Mar 18 22:55:59 2000 UTC (24 years, 2 months ago) by aaron
Branch: MAIN
Changes since 1.16: +7 -5 lines
Diff to previous 1.16 (colored)
Remove hard sentence breaks, and some other cleanup along the way.
Revision 1.16 / (download) - annotate - [select for diffs], Tue Feb 1 02:46:18 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.15: +3 -2 lines
Diff to previous 1.15 (colored)
apps/certpatch/certpatch.8: Merge with EOM 1.4 apps/certpatch/certpatch.c: Merge with EOM 1.6 exchange.c: Merge with EOM 1.114 ike_quick_mode.c: Merge with EOM 1.110 ike_phase_1.c: Merge with EOM 1.16 ike_auth.c: Merge with EOM 1.41 ike_aggressive.c: Merge with EOM 1.4 libcrypto.c: Merge with EOM 1.10 libcrypto.h: Merge with EOM 1.10 isakmpd.8: Merge with EOM 1.19 isakmpd.c: Merge with EOM 1.42 ipsec.h: Merge with EOM 1.40 init.c: Merge with EOM 1.22 message.c: Merge with EOM 1.143 message.h: Merge with EOM 1.49 sa.c: Merge with EOM 1.98 sa.h: Merge with EOM 1.54 policy.c: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.36 x509.c: Merge with EOM 1.32 x509.h: Merge with EOM 1.9 udp.c: Merge with EOM 1.46 author: niklas Angelos copyrights
Revision 1.15 / (download) - annotate - [select for diffs], Wed Jan 26 15:22:30 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.14: +24 -16 lines
Diff to previous 1.14 (colored)
Merge with EOM 1.18
Revision 1.14 / (download) - annotate - [select for diffs], Sun Oct 17 19:35:23 1999 UTC (24 years, 8 months ago) by aaron
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.13: +15 -22 lines
Diff to previous 1.13 (colored)
Few fixes.
Revision 1.13 / (download) - annotate - [select for diffs], Fri Oct 1 14:09:20 1999 UTC (24 years, 8 months ago) by niklas
Branch: MAIN
Changes since 1.12: +6 -3 lines
Diff to previous 1.12 (colored)
isakmpd.8: Merge with EOM 1.17 isakmpd.c: Merge with EOM 1.38 author: angelos Allow "-DA=xx" to mean "set all debug classes to level xx"
Revision 1.12 / (download) - annotate - [select for diffs], Sun Jul 18 20:13:39 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.11: +3 -3 lines
Diff to previous 1.11 (colored)
Merge with EOM 1.16 author: niklas 1999
Revision 1.11 / (download) - annotate - [select for diffs], Sun Jul 18 09:33:21 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.10: +4 -4 lines
Diff to previous 1.10 (colored)
conf.h: Merge with EOM 1.9 isakmpd.8: Merge with EOM 1.15 author: niklas Moving /etc/isakmpd.conf to /etc/isakmpd/isakmpd.conf.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jul 7 22:08:10 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
isakmpd.8: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.17 author: niklas Merge in fixes done in the OpenBSD tree
Revision 1.9 / (download) - annotate - [select for diffs], Sat Jul 3 02:11:07 1999 UTC (24 years, 11 months ago) by aaron
Branch: MAIN
Changes since 1.8: +1 -2 lines
Diff to previous 1.8 (colored)
remove redundant .Pp macros
Revision 1.8 / (download) - annotate - [select for diffs], Fri Jun 4 02:45:22 1999 UTC (25 years ago) by aaron
Branch: MAIN
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)
start to remove non-escaped trailing whitespace, it can confuse troff; pjanzen@
Revision 1.7 / (download) - annotate - [select for diffs], Fri May 28 23:00:02 1999 UTC (25 years ago) by aaron
Branch: MAIN
Changes since 1.6: +8 -4 lines
Diff to previous 1.6 (colored)
more .El madness
Revision 1.6 / (download) - annotate - [select for diffs], Mon Dec 21 01:02:25 1998 UTC (25 years, 5 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.5: +33 -10 lines
Diff to previous 1.5 (colored)
Last months worth of work on isakmpd, lots done
Revision 1.5 / (download) - annotate - [select for diffs], Tue Dec 15 01:20:42 1998 UTC (25 years, 6 months ago) by aaron
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
always give .Nm macros an argument in SYNOPSIS sections; krw@tcn.net
Revision 1.4 / (download) - annotate - [select for diffs], Sat Nov 28 19:56:32 1998 UTC (25 years, 6 months ago) by aaron
Branch: MAIN
Changes since 1.3: +37 -24 lines
Diff to previous 1.3 (colored)
kill redundant .Nm macro arguments; other misc fixes
Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 17 11:10:15 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Add RCS Ids from the EOM repository
Revision 1.2 / (download) - annotate - [select for diffs], Sun Nov 15 00:43:57 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
openBSD RCS IDs
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Nov 15 00:03:48 1998 UTC (25 years, 7 months ago) by niklas
Branch: NIKLAS
CVS Tags: NIKLAS_981114
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Initial import of isakmpd, an IKE (ISAKMP/Oakley) implementation for the OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by Ericsson Radio Systems. It is not yet complete or usable in a real scenario but the missing pieces will soon be there. The early commit is for people who wants early access and who are not afraid of looking at source. isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so far, so it is not that incomplete. It is really mostly configuration that is lacking.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Nov 15 00:03:48 1998 UTC (25 years, 7 months ago) by niklas
Branch: MAIN
Initial revision