![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.103 / (download) - annotate - [select for diffs], Sun Apr 28 16:43:42 2024 UTC (4 weeks, 6 days ago) by florian
Branch: MAIN
CVS Tags: HEAD
Changes since 1.102: +13 -3 lines
Diff to previous 1.102 (colored)
gmtime(3) / locatime(3) can fail when timestamps are way off. Add missing error checks to all calls under sbin/ Input & OK millert
Revision 1.102 / (download) - annotate - [select for diffs], Fri Oct 22 12:30:54 2021 UTC (2 years, 7 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.101: +1 -9 lines
Diff to previous 1.101 (colored)
After deleting hifn(4) the only provider for the LZS compression algorithm is gone. Reomve all LZS references from the tree. The v42bis in isakmpd also looks unsupported. OK mvs@ patrick@ sthen@
Revision 1.101 / (download) - annotate - [select for diffs], Wed Jul 3 03:24:02 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.100: +3 -3 lines
Diff to previous 1.100 (colored)
snprintf/vsnprintf return < 0 on error, rather than -1.
Revision 1.100 / (download) - annotate - [select for diffs], Fri Jun 28 13:32:44 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.99: +2 -2 lines
Diff to previous 1.99 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.99 / (download) - annotate - [select for diffs], Mon Jan 15 09:54:48 2018 UTC (6 years, 4 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.98: +2 -2 lines
Diff to previous 1.98 (colored)
Spacing, no object change.
Revision 1.98 / (download) - annotate - [select for diffs], Thu Jan 4 14:21:00 2018 UTC (6 years, 4 months ago) by mpi
Branch: MAIN
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)
space -> tab No object change.
Revision 1.97 / (download) - annotate - [select for diffs], Fri Nov 22 04:12:47 2013 UTC (10 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7,
OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.96: +4 -4 lines
Diff to previous 1.96 (colored)
Whole bunch of (unsigned char) casts carefully added for ctype calls. Careful second audit by millert
Revision 1.96 / (download) - annotate - [select for diffs], Tue Apr 16 19:26:00 2013 UTC (11 years, 1 month ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.95: +3 -3 lines
Diff to previous 1.95 (colored)
remove casts to time_t * which are not needed
Revision 1.95 / (download) - annotate - [select for diffs], Thu Mar 21 04:30:14 2013 UTC (11 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.94: +1 -2 lines
Diff to previous 1.94 (colored)
remove excessive includes
Revision 1.94 / (download) - annotate - [select for diffs], Sat Jun 30 14:51:31 2012 UTC (11 years, 11 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.93: +2 -2 lines
Diff to previous 1.93 (colored)
enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP
ok mikeb@
Revision 1.93 / (download) - annotate - [select for diffs], Wed Apr 6 11:36:25 2011 UTC (13 years, 1 month ago) by miod
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.92: +3 -3 lines
Diff to previous 1.92 (colored)
Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0' for chars.
Revision 1.92 / (download) - annotate - [select for diffs], Wed Sep 22 13:45:16 2010 UTC (13 years, 8 months ago) by mikeb
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.91: +3 -1 lines
Diff to previous 1.91 (colored)
Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC (as AESGMAC) ciphers in the ISAKMP Phase 2 (aka Quick Mode). Thoroughly tested by me and naddy. Works fine with Linux. Requires updated pfkeyv2.h include file. ok naddy
Revision 1.91 / (download) - annotate - [select for diffs], Sun Aug 5 09:43:09 2007 UTC (16 years, 10 months ago) by tom
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.90: +11 -4 lines
Diff to previous 1.90 (colored)
Allow key exchange with RSA signature authentication to work with Cisco IOS and other initiators that only send their certs in response to CERT_REQUEST. With input and help from cloder@, Stuart Henderson, mpf@, and several others who did lots of testing - thanks to all. ok hshoexer@
Revision 1.90 / (download) - annotate - [select for diffs], Mon Apr 16 13:01:39 2007 UTC (17 years, 1 month ago) by moritz
Branch: MAIN
Changes since 1.89: +9 -14 lines
Diff to previous 1.89 (colored)
There's no point in checking ptr for NULL before doing free(ptr) since free(NULL) is just fine. ok hshoexer@
Revision 1.89 / (download) - annotate - [select for diffs], Sat Mar 3 18:47:37 2007 UTC (17 years, 3 months ago) by cloder
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.88: +3 -1 lines
Diff to previous 1.88 (colored)
keynote_cert_obtain should not leak in case of error. OK moritz@
Revision 1.88 / (download) - annotate - [select for diffs], Sat Jun 17 10:06:21 2006 UTC (17 years, 11 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.87: +2 -1 lines
Diff to previous 1.87 (colored)
Do not leak file descriptor in error path. From Andrey Matveev <evol at online dot ptt dot ru>, thanks!
Revision 1.87 / (download) - annotate - [select for diffs], Mon Nov 14 23:25:11 2005 UTC (18 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.86: +15 -18 lines
Diff to previous 1.86 (colored)
use snprintf; ok cloder. also looked at by a few other people
Revision 1.86 / (download) - annotate - [select for diffs], Tue Jun 14 10:50:47 2005 UTC (18 years, 11 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.85: +4 -2 lines
Diff to previous 1.85 (colored)
add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947
ok markus
Revision 1.85 / (download) - annotate - [select for diffs], Fri Apr 8 22:32:10 2005 UTC (19 years, 1 month ago) by cloder
Branch: MAIN
Changes since 1.84: +1 -3 lines
Diff to previous 1.84 (colored)
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
Revision 1.84 / (download) - annotate - [select for diffs], Fri Apr 8 18:39:04 2005 UTC (19 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.83: +1 -7 lines
Diff to previous 1.83 (colored)
we have IPPROTO_ETHERIP
Revision 1.83 / (download) - annotate - [select for diffs], Fri Apr 8 16:37:15 2005 UTC (19 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.82: +3 -4 lines
Diff to previous 1.82 (colored)
nat-traversal always
Revision 1.82 / (download) - annotate - [select for diffs], Wed Apr 6 16:00:20 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.81: +3 -3 lines
Diff to previous 1.81 (colored)
knf, ok cloder
Revision 1.81 / (download) - annotate - [select for diffs], Mon Apr 4 19:31:11 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.80: +35 -37 lines
Diff to previous 1.80 (colored)
spacing; ok cloder
Revision 1.80 / (download) - annotate - [select for diffs], Thu Mar 3 15:06:55 2005 UTC (19 years, 3 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.79: +9 -5 lines
Diff to previous 1.79 (colored)
handle return value of snprintf more carefully ok cloder ho
Revision 1.79 / (download) - annotate - [select for diffs], Sun Feb 27 13:12:12 2005 UTC (19 years, 3 months ago) by hshoexer
Branch: MAIN
Changes since 1.78: +27 -27 lines
Diff to previous 1.78 (colored)
where possible, use bzero instead of memset ok cloder henning
Revision 1.78 / (download) - annotate - [select for diffs], Sun Aug 8 19:11:06 2004 UTC (19 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.77: +7 -7 lines
Diff to previous 1.77 (colored)
spacing
Revision 1.77 / (download) - annotate - [select for diffs], Fri Jun 25 20:25:34 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.76: +7 -1 lines
Diff to previous 1.76 (colored)
Keynote policy checking can now be disabled by "-K" switch and config tag "Use-Keynote". Default is to use keynote. ok henning@ ho@
Revision 1.76 / (download) - annotate - [select for diffs], Thu Jun 24 15:58:58 2004 UTC (19 years, 11 months ago) by hshoexer
Branch: MAIN
Changes since 1.75: +3 -2 lines
Diff to previous 1.75 (colored)
Also handle keys from x509-certificates embedded in keynote credentials. with msf@ ok ho@
Revision 1.75 / (download) - annotate - [select for diffs], Sun Jun 20 15:24:05 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.74: +18 -1 lines
Diff to previous 1.74 (colored)
NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok.
Revision 1.74 / (download) - annotate - [select for diffs], Mon Jun 14 09:55:42 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.73: +395 -239 lines
Diff to previous 1.73 (colored)
KNF, style, 80c, etc. hshoexer@ ok
Revision 1.73 / (download) - annotate - [select for diffs], Sun May 23 18:17:56 2004 UTC (20 years ago) by hshoexer
Branch: MAIN
Changes since 1.72: +46 -39 lines
Diff to previous 1.72 (colored)
More KNF. Mainly spaces and line-wraps, no binary change. ok ho@
Revision 1.72 / (download) - annotate - [select for diffs], Sun May 23 16:14:22 2004 UTC (20 years ago) by deraadt
Branch: MAIN
Changes since 1.71: +18 -13 lines
Diff to previous 1.71 (colored)
stat before open is flawed
Revision 1.71 / (download) - annotate - [select for diffs], Wed Apr 28 20:20:31 2004 UTC (20 years, 1 month ago) by hshoexer
Branch: MAIN
Changes since 1.70: +71 -71 lines
Diff to previous 1.70 (colored)
remove unused variable and shorten names of two other. Removed some spaces while around. ok ho@ markus@
Revision 1.70 / (download) - annotate - [select for diffs], Thu Apr 15 18:39:26 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.69: +1850 -1967 lines
Diff to previous 1.69 (colored)
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
Revision 1.69 / (download) - annotate - [select for diffs], Wed Apr 7 22:45:49 2004 UTC (20 years, 1 month ago) by ho
Branch: MAIN
Changes since 1.68: +11 -9 lines
Diff to previous 1.68 (colored)
-Wsign-compare nits. hshoexer@ ok.
Revision 1.68 / (download) - annotate - [select for diffs], Fri Mar 19 14:04:43 2004 UTC (20 years, 2 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.67: +3 -3 lines
Diff to previous 1.67 (colored)
Add missing bits to make already present privsep code work. Enable privsep. ok ho@ deraadt@ markus@
Revision 1.67 / (download) - annotate - [select for diffs], Thu Nov 6 16:12:08 2003 UTC (20 years, 7 months ago) by ho
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)
Style nits.
Revision 1.66 / (download) - annotate - [select for diffs], Fri Jul 25 08:31:16 2003 UTC (20 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.65: +37 -1 lines
Diff to previous 1.65 (colored)
add sha2 support; ok ho@
Revision 1.65 / (download) - annotate - [select for diffs], Tue Jun 10 16:41:29 2003 UTC (20 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.64: +6 -6 lines
Diff to previous 1.64 (colored)
boring cleanups
Revision 1.64 / (download) - annotate - [select for diffs], Wed Jun 4 07:31:17 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.63: +1 -6 lines
Diff to previous 1.63 (colored)
Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos D. Keromytis and Niels Provos.
Revision 1.63 / (download) - annotate - [select for diffs], Tue Jun 3 12:51:39 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.62: +52 -37 lines
Diff to previous 1.62 (colored)
Cleanup. Use 'sizeof variable' instead of magic constants.
Revision 1.62 / (download) - annotate - [select for diffs], Sun May 18 19:37:47 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)
More isakmpd privsep work. X509 private keys are now kept in the privileged process only. Various cleanup and bugfixes. markus@ ok
Revision 1.61 / (download) - annotate - [select for diffs], Thu May 15 00:28:53 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.60: +4 -3 lines
Diff to previous 1.60 (colored)
Start of privilege separation for isakmpd. There are some kinks left, so keep it default disabled for now. markus@ says ok to commit.
Revision 1.60 / (download) - annotate - [select for diffs], Wed May 14 18:10:30 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)
Policy file default defined twice, kill the local copy.
Revision 1.59 / (download) - annotate - [select for diffs], Wed May 14 17:37:22 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)
I did not test this enough. Unbreak.
Revision 1.58 / (download) - annotate - [select for diffs], Mon May 12 21:43:22 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.57: +3 -2 lines
Diff to previous 1.57 (colored)
AES -> AES_128_CBC
Revision 1.57 / (download) - annotate - [select for diffs], Thu Nov 14 16:38:05 2002 UTC (21 years, 6 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.56: +4 -4 lines
Diff to previous 1.56 (colored)
Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848.
Revision 1.56 / (download) - annotate - [select for diffs], Wed Sep 11 09:50:44 2002 UTC (21 years, 8 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.55: +8 -8 lines
Diff to previous 1.55 (colored)
signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.
Revision 1.55 / (download) - annotate - [select for diffs], Sat Jun 15 19:27:06 2002 UTC (21 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.54: +32 -1 lines
Diff to previous 1.54 (colored)
ecn_* policy attributes --- ok ho@
Revision 1.54 / (download) - annotate - [select for diffs], Mon Jun 10 18:08:58 2002 UTC (21 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.53: +16 -69 lines
Diff to previous 1.53 (colored)
The dlopen() stuff goes away.
Revision 1.53 / (download) - annotate - [select for diffs], Sun Jun 9 08:13:06 2002 UTC (21 years, 11 months ago) by todd
Branch: MAIN
Changes since 1.52: +3 -3 lines
Diff to previous 1.52 (colored)
rm trailing whitespace
Revision 1.52 / (download) - annotate - [select for diffs], Sat Jun 1 07:44:22 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.51: +62 -62 lines
Diff to previous 1.51 (colored)
size_t must be cast to (unsigned long) and printed using %lu
Revision 1.51 / (download) - annotate - [select for diffs], Tue May 28 11:23:20 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.50: +9 -7 lines
Diff to previous 1.50 (colored)
off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>
Revision 1.50 / (download) - annotate - [select for diffs], Wed Jan 23 22:14:28 2002 UTC (22 years, 4 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.49: +10 -1 lines
Diff to previous 1.49 (colored)
Actually return the ESP/AH/COMP ground descriptions for policy comparisons -- from cjkim2000@yahoo.com
Revision 1.49 / (download) - annotate - [select for diffs], Wed Jan 23 18:09:04 2002 UTC (22 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.48: +98 -129 lines
Diff to previous 1.48 (colored)
no more strcpy/sprintf
Revision 1.48 / (download) - annotate - [select for diffs], Wed Jan 23 17:25:38 2002 UTC (22 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.47: +60 -58 lines
Diff to previous 1.47 (colored)
strcpy->strlcpy, sprintf->snprintf
Revision 1.47 / (download) - annotate - [select for diffs], Thu Jan 3 09:24:02 2002 UTC (22 years, 5 months ago) by ho
Branch: MAIN
Changes since 1.46: +3 -3 lines
Diff to previous 1.46 (colored)
strftime format fixes. From Christo Butcher <christo@fox-it.com>.
Revision 1.46 / (download) - annotate - [select for diffs], Sun Aug 26 01:48:12 2001 UTC (22 years, 9 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.45: +3 -2 lines
Diff to previous 1.45 (colored)
more style
Revision 1.45 / (download) - annotate - [select for diffs], Sat Aug 25 22:22:11 2001 UTC (22 years, 9 months ago) by niklas
Branch: MAIN
Changes since 1.44: +29 -82 lines
Diff to previous 1.44 (colored)
Use x509_DN_string API. Style fixes.
Revision 1.44 / (download) - annotate - [select for diffs], Fri Aug 24 11:19:01 2001 UTC (22 years, 9 months ago) by ho
Branch: MAIN
Changes since 1.43: +1 -10 lines
Diff to previous 1.43 (colored)
I was only going to remove #include "init.h", but found 8 more #include's we don't need here.
Revision 1.43 / (download) - annotate - [select for diffs], Sat Aug 11 05:26:59 2001 UTC (22 years, 9 months ago) by angelos
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)
Allocate slightly larger buffer for cert.
Revision 1.42 / (download) - annotate - [select for diffs], Thu Jul 5 07:29:59 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.41: +82 -5 lines
Diff to previous 1.41 (colored)
DER_ASN1_DN ID handling --- untested
Revision 1.41 / (download) - annotate - [select for diffs], Wed Jul 4 22:16:32 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.40: +35 -2 lines
Diff to previous 1.40 (colored)
Better handling of Key IDs.
Revision 1.40 / (download) - annotate - [select for diffs], Tue Jul 3 23:39:01 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.39: +197 -14 lines
Diff to previous 1.39 (colored)
Fix policy information for IPv6 subnet/range cases. This is ugly, I'll have to find another way of dealing with IPv6 addresses.
Revision 1.39 / (download) - annotate - [select for diffs], Tue Jul 3 11:00:52 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.38: +5 -3 lines
Diff to previous 1.38 (colored)
Wait with strlcpy a while, change to strncpy.
Revision 1.38 / (download) - annotate - [select for diffs], Tue Jul 3 08:07:22 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.37: +3 -3 lines
Diff to previous 1.37 (colored)
use strlcpy instead of memcpy to copy strings
Revision 1.37 / (download) - annotate - [select for diffs], Sun Jul 1 19:48:44 2001 UTC (22 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.36: +5 -5 lines
Diff to previous 1.36 (colored)
Style
Revision 1.36 / (download) - annotate - [select for diffs], Sun Jul 1 18:57:33 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.35: +52 -6 lines
Diff to previous 1.35 (colored)
Start support for IPv6 addresses in policy.
Revision 1.35 / (download) - annotate - [select for diffs], Sun Jul 1 05:42:05 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
Fix remote_negotiation_address attribute; fix sockaddr2text() return value when zero-filling; log_error()->log_print() consistently.
Revision 1.34 / (download) - annotate - [select for diffs], Fri Jun 29 18:52:17 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.33: +5 -7 lines
Diff to previous 1.33 (colored)
Change get_src/get_dst API as we get the length with sa_len.
Revision 1.33 / (download) - annotate - [select for diffs], Fri Jun 29 04:12:01 2001 UTC (22 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.32: +86 -41 lines
Diff to previous 1.32 (colored)
Initial IPv6 support. (niklas@ ok)
Revision 1.32 / (download) - annotate - [select for diffs], Thu Jun 7 04:46:45 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.31: +1 -4 lines
Diff to previous 1.31 (colored)
No need to allocate/free X509 policy information -- the certs are converted as needed, and the CA certs are irrelevant.
Revision 1.31 / (download) - annotate - [select for diffs], Thu Jun 7 04:23:35 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.30: +20 -25 lines
Diff to previous 1.30 (colored)
Get rid of the main policy session (unnecessary).
Revision 1.30 / (download) - annotate - [select for diffs], Thu Jun 7 03:15:15 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.29: +10 -4 lines
Diff to previous 1.29 (colored)
Add some log_print()
Revision 1.29 / (download) - annotate - [select for diffs], Thu May 31 20:21:08 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.28: +32 -2 lines
Diff to previous 1.28 (colored)
Routines for handling KeyNote cert representation.
Revision 1.17.2.1 / (download) - annotate - [select for diffs], Tue May 8 12:45:25 2001 UTC (23 years, 1 month ago) by ho
Branch: OPENBSD_2_8
Changes since 1.17: +307 -218 lines
Diff to previous 1.17 (colored) next main 1.18 (colored)
Pull in isakmpd from 2.9 to 2.8 branch.
Revision 1.28 / (download) - annotate - [select for diffs], Mon Apr 9 12:34:38 2001 UTC (23 years, 1 month ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9
Changes since 1.27: +6 -6 lines
Diff to previous 1.27 (colored)
Style police a'la niklas@.
Revision 1.27 / (download) - annotate - [select for diffs], Thu Apr 5 23:18:53 2001 UTC (23 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.26: +13 -13 lines
Diff to previous 1.26 (colored)
As the isakmpd.policy file can contain sensitive information, we want the same mode checks we use for isakmpd.conf. Style.
Revision 1.26 / (download) - annotate - [select for diffs], Wed Mar 14 21:13:24 2001 UTC (23 years, 2 months ago) by tholo
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
Make these compile again...
Revision 1.25 / (download) - annotate - [select for diffs], Wed Mar 14 12:15:45 2001 UTC (23 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.24: +85 -70 lines
Diff to previous 1.24 (colored)
Indentation and style fascism
Revision 1.24 / (download) - annotate - [select for diffs], Tue Mar 13 14:05:19 2001 UTC (23 years, 2 months ago) by ho
Branch: MAIN
Changes since 1.23: +166 -151 lines
Diff to previous 1.23 (colored)
Add logging classes for Negotiation and Policy, and change a number of debug messages to use these instead. Change a number of 'log_print' to debug messages to keep the noise down. Use 'log_error' instead of 'log_print' in some cases when we have errno. Some indentation fixes. (niklas@ ok)
Revision 1.23 / (download) - annotate - [select for diffs], Wed Mar 7 07:36:34 2001 UTC (23 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.22: +4 -5 lines
Diff to previous 1.22 (colored)
Oops, use the right legnth for the key id.
Revision 1.22 / (download) - annotate - [select for diffs], Wed Mar 7 07:33:53 2001 UTC (23 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.21: +46 -5 lines
Diff to previous 1.21 (colored)
Add KEY_ID support (mostly from roland@digitalvampire.org)
Revision 1.21 / (download) - annotate - [select for diffs], Sat Jan 27 12:03:34 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.20: +3 -3 lines
Diff to previous 1.20 (colored)
(c) 2001
Revision 1.20 / (download) - annotate - [select for diffs], Fri Jan 26 12:12:52 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.19: +22 -12 lines
Diff to previous 1.19 (colored)
Pedantic style police
Revision 1.19 / (download) - annotate - [select for diffs], Wed Jan 10 00:42:00 2001 UTC (23 years, 4 months ago) by angelos
Branch: MAIN
Changes since 1.18: +7 -7 lines
Diff to previous 1.18 (colored)
Handle null remote_id/local_filter/remote_filter nicer.
Revision 1.18 / (download) - annotate - [select for diffs], Thu Nov 23 12:56:15 2000 UTC (23 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.17: +20 -11 lines
Diff to previous 1.17 (colored)
policy.c: Merge with EOM 1.49 util.h: Merge with EOM 1.10 author: niklas style and removal of unused, unneeded code
Revision 1.17 / (download) - annotate - [select for diffs], Mon Oct 16 23:28:43 2000 UTC (23 years, 7 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.16: +16 -5 lines
Diff to previous 1.16 (colored)
Merge with EOM 1.48 author: angelos Fix comment. author: angelos Add RIPEMD negotiation/configuration.
Revision 1.16 / (download) - annotate - [select for diffs], Mon Oct 9 23:27:31 2000 UTC (23 years, 7 months ago) by niklas
Branch: MAIN
Changes since 1.15: +6 -2 lines
Diff to previous 1.15 (colored)
samples/VPN-3way-template.conf: Merge with EOM 1.8 samples/VPN-east.conf: Merge with EOM 1.12 samples/VPN-west.conf: Merge with EOM 1.13 samples/policy: Merge with EOM 1.6 samples/singlehost-west.conf: Merge with EOM 1.9 samples/singlehost-east.conf: Merge with EOM 1.9 conf.c: Merge with EOM 1.37 ipsec.c: Merge with EOM 1.133 ipsec_num.cst: Merge with EOM 1.4 isakmpd.conf.5: Merge with EOM 1.48 isakmpd.policy.5: Merge with EOM 1.21 policy.c: Merge with EOM 1.46 author: angelos AES support.
Revision 1.15 / (download) - annotate - [select for diffs], Sat Oct 7 06:59:56 2000 UTC (23 years, 8 months ago) by niklas
Branch: MAIN
Changes since 1.14: +37 -41 lines
Diff to previous 1.14 (colored)
Merge with EOM 1.45 author: angelos Unsigned integers for most attributes. author: niklas Multiple subject name matching, makes certificate interop with PGPnet at least partly working. Added some error checking. author: ho Nowadays we can use #include <openssl/...> instead of <ssl/...> author: angelos Typo on checking esp lifetimes. author: angelos Use the correct protocol from the IDi/IDr.
Revision 1.14 / (download) - annotate - [select for diffs], Thu Aug 3 07:25:11 2000 UTC (23 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.13: +12 -2 lines
Diff to previous 1.13 (colored)
Merge with EOM 1.40 author: angelos Get the right value. author: angelos Add "phase1_group_desc" attribute, and explain the various values.
Revision 1.12.2.1 / (download) - annotate - [select for diffs], Sat Jun 10 17:22:57 2000 UTC (23 years, 11 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored) next main 1.13 (colored)
Pull in patch: Errata (009): A serious bug in isakmpd(8) policy handling wherein policy verification could be completely bypassed in isakmpd. Fix (angelos): Fix bug that resulted in bypass of policy verification of proposed SAs.
Revision 1.13 / (download) - annotate - [select for diffs], Thu Jun 8 20:51:42 2000 UTC (23 years, 11 months ago) by niklas
Branch: MAIN
Changes since 1.12: +361 -64 lines
Diff to previous 1.12 (colored)
Merge with EOM 1.38 author: angelos No need for NODEBUG actually... author: angelos Use LOG_DBG() instead of log_debug() author: angelos NODEBUG compile option, so regress doesn't barf. author: angelos No point adding a handling attribute for the generic session. author: angelos log_debug() for the action attributes. author: angelos Different policy/Keynote sessions per Phase 1 SA. author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol. author: angelos Correct pointer handling. author: angelos A few more certificate handling routines for KeyNote. author: angelos Some more support for KeyNote credential exchange (not yet done). author: angelos Add a couple more KeyNote functions in the sym entries. author: ho Some systems do not define IPPROTO_ETHERIP (yet).
Revision 1.12 / (download) - annotate - [select for diffs], Tue May 2 14:35:27 2000 UTC (24 years, 1 month ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.11: +36 -11 lines
Diff to previous 1.11 (colored)
Merge with EOM 1.26 author: niklas style author: angelos Move POLICY_FILE_DEFAULT definition to the .h file. author: angelos Add etherip and protocol numbers in the transport protocol entries, document.
Revision 1.11 / (download) - annotate - [select for diffs], Fri Apr 7 22:50:02 2000 UTC (24 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.10: +120 -59 lines
Diff to previous 1.10 (colored)
Merge with EOM 1.23 author: angelos Typo... author: angelos *_ike_address -> *_negotiation_address (so it's not IKE specific) author: angelos No need to use log_fatal...
Revision 1.10 / (download) - annotate - [select for diffs], Fri Apr 7 22:04:02 2000 UTC (24 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.9: +19 -5 lines
Diff to previous 1.9 (colored)
Merge with EOM 1.20 author: niklas Hmm keynote does not exist in a dynamically linked version author: angelos Add phase_1 attribute.
Revision 1.9 / (download) - annotate - [select for diffs], Fri Feb 25 17:23:41 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.8: +3 -3 lines
Diff to previous 1.8 (colored)
regress/crypto/Makefile: Merge with EOM 1.5 regress/dh/Makefile: Merge with EOM 1.7 regress/group/Makefile: Merge with EOM 1.9 regress/prf/Makefile: Merge with EOM 1.4 regress/rsakeygen/Makefile: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.10 Makefile: Merge with EOM 1.62 attribute.c: Merge with EOM 1.10 sa.c: Merge with EOM 1.99 conf.c: Merge with EOM 1.20 crypto.c: Merge with EOM 1.28 isakmpd.c: Merge with EOM 1.45 connection.c: Merge with EOM 1.19 doi.h: Merge with EOM 1.28 field.c: Merge with EOM 1.11 exchange.c: Merge with EOM 1.116 ike_auth.c: Merge with EOM 1.44 pf_key_v2.c: Merge with EOM 1.37 ike_phase_1.c: Merge with EOM 1.22 ipsec.c: Merge with EOM 1.118 isakmp_doi.c: Merge with EOM 1.40 log.c: Merge with EOM 1.26 log.h: Merge with EOM 1.18 math_group.c: Merge with EOM 1.23 message.c: Merge with EOM 1.144 pf_encap.c: Merge with EOM 1.70 policy.c: Merge with EOM 1.18 timer.c: Merge with EOM 1.13 transport.c: Merge with EOM 1.41 udp.c: Merge with EOM 1.47 ui.c: Merge with EOM 1.37 x509.c: Merge with EOM 1.36 author: niklas Made debug logging a compile time selectable feature
Revision 1.8 / (download) - annotate - [select for diffs], Sat Feb 19 19:32:04 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)
Merge with EOM 1.17 author: niklas Copyright 2000
Revision 1.7 / (download) - annotate - [select for diffs], Fri Feb 11 10:21:05 2000 UTC (24 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.6: +70 -48 lines
Diff to previous 1.6 (colored)
Merge with EOM 1.16 author: angelos Do a policy check on the Initiator, when notified by the Responder on the SA selection. For efficiency, we should replicate this check on the first message sent by the Initiator (so we only send proposals we know we'll eventually accept). author: angelos Add an initiator attribute, and make the code amenable to be invoked by the initiator as well (for policy compliance checking).
Revision 1.6 / (download) - annotate - [select for diffs], Tue Feb 1 02:46:18 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
apps/certpatch/certpatch.8: Merge with EOM 1.4 apps/certpatch/certpatch.c: Merge with EOM 1.6 exchange.c: Merge with EOM 1.114 ike_quick_mode.c: Merge with EOM 1.110 ike_phase_1.c: Merge with EOM 1.16 ike_auth.c: Merge with EOM 1.41 ike_aggressive.c: Merge with EOM 1.4 libcrypto.c: Merge with EOM 1.10 libcrypto.h: Merge with EOM 1.10 isakmpd.8: Merge with EOM 1.19 isakmpd.c: Merge with EOM 1.42 ipsec.h: Merge with EOM 1.40 init.c: Merge with EOM 1.22 message.c: Merge with EOM 1.143 message.h: Merge with EOM 1.49 sa.c: Merge with EOM 1.98 sa.h: Merge with EOM 1.54 policy.c: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.36 x509.c: Merge with EOM 1.32 x509.h: Merge with EOM 1.9 udp.c: Merge with EOM 1.46 author: niklas Angelos copyrights
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jan 27 18:07:28 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.4: +10 -8 lines
Diff to previous 1.4 (colored)
Merge with EOM 1.13 author: ho Bugfix for IPSEC_ID_USER_FQDN from <<Jorgen.Granstam@abc.se>. Apply similar to the IPSEC_ID_FQDN case plus fix the log messages.
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jan 26 15:24:03 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.3: +28 -5 lines
Diff to previous 1.3 (colored)
Merge with EOM 1.12 date: 2000/01/25 02:21:10; author: angelos; state: Exp; lines: +2 -2 Move the policy file location author: angelos GMTTimeOfDay and LocalTimeOfDay attributes, comment in x509.c. author: angelos Oops on previous PFS-policy patch. Small fixes in the manpages. author: angelos Add pfs keynote attribute. author: angelos Include files, in anticipation of the keynote.h changes.
Revision 1.3 / (download) - annotate - [select for diffs], Tue Oct 26 22:32:28 1999 UTC (24 years, 7 months ago) by angelos
Branch: MAIN
Changes since 1.2: +3 -1 lines
Diff to previous 1.2 (colored)
sync with latest libkeynote (include file changes only)
Revision 1.2 / (download) - annotate - [select for diffs], Thu Aug 26 22:31:09 1999 UTC (24 years, 9 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.1: +1073 -411 lines
Diff to previous 1.1 (colored)
Merge with EOM 1.7 author: niklas Support dynamic loading of libkeynote too. Build isakmpd static by default. Stylistic cleanup of keynote policy code. Correct some libcrypto calls. author: niklas more style author: niklas isakmpd style author: angelos Hopefully better wording of variables. author: angelos Complete policy work; tested for the shared-key case. Documentation needed.
Revision 1.1 / (download) - annotate - [select for diffs], Wed Jul 7 22:10:28 1999 UTC (24 years, 11 months ago) by niklas
Branch: MAIN
policy.h: Merge with EOM 1.2 policy.c: Merge with EOM 1.2 author: niklas Remove $EOM$ from Eom repository version author: niklas New file, for keynote policy handling. By angelos@openbsd.org