![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sbin / isakmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.55 / (download) - annotate - [select for diffs], Mon Aug 7 04:01:30 2023 UTC (10 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
HEAD
Changes since 1.54: +7 -1 lines
Diff to previous 1.54 (colored)
support configuring interface SAs for route-based ipsec vpns. add "Interface NUMBER" to the config parser to specify that once SAs have been negotiated with a peer, install the SAs with the sadb_x_iface extension set up, but skip installing the flows/SPD entries. this allows for the negotiation of multiple esp tunnels covering all traffic between 0.0.0.0/0 to 0.0.0.0/0, and then being able to do something useful with them using the routing table and sec(4) interfaces instead of having SPD entries fight over those packets in the kernel. this in turn allows interoperation with other ipsec/vpn solutions that require the negotiation of such tunnels. support from many including markus@ tobhe@ claudio@ sthen@ patrick@ now is a good time deraadt@
Revision 1.54 / (download) - annotate - [select for diffs], Mon Jan 15 09:54:48 2018 UTC (6 years, 4 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.53: +6 -6 lines
Diff to previous 1.53 (colored)
Spacing, no object change.
Revision 1.53 / (download) - annotate - [select for diffs], Thu Jan 4 14:21:00 2018 UTC (6 years, 5 months ago) by mpi
Branch: MAIN
Changes since 1.52: +6 -6 lines
Diff to previous 1.52 (colored)
space -> tab No object change.
Revision 1.52 / (download) - annotate - [select for diffs], Thu Mar 26 12:21:37 2015 UTC (9 years, 2 months ago) by mikeb
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.51: +1 -2 lines
Diff to previous 1.51 (colored)
Remove bits of unfinished IPsec proxy support. DNS' KX records, anyone? ok markus, hshoexer
Revision 1.51 / (download) - annotate - [select for diffs], Fri Jan 16 06:39:59 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.50: +1 -2 lines
Diff to previous 1.50 (colored)
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
Revision 1.50 / (download) - annotate - [select for diffs], Thu Nov 21 22:25:02 2013 UTC (10 years, 6 months ago) by yasuoka
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.49: +6 -2 lines
Diff to previous 1.49 (colored)
Keep the flow until last IPsec SA is deleted, if the flow is shared by multiple IPsec SAs in NAT-T case. This fixes a problem that L2TP/IPsec connections are disconnected improper in case multiple Windows clients are connected from behind one NAT. ok markus
Revision 1.49 / (download) - annotate - [select for diffs], Fri Nov 24 13:52:14 2006 UTC (17 years, 6 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.48: +4 -1 lines
Diff to previous 1.48 (colored)
add support to tag ipsec traffic belonging to specific IKE-initiated phase 2 traffic. this allows policy-based filtering of encrypted and unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and isakmpd.conf(5) for details and examples. this is work in progress and still needs some testing and feedback, but it is safe to put it in now. ok hshoexer@
Revision 1.48 / (download) - annotate - [select for diffs], Fri Jun 2 19:35:55 2006 UTC (18 years ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
Big spelling cleanup, no binary change. From david@
Revision 1.47 / (download) - annotate - [select for diffs], Fri Sep 23 14:44:03 2005 UTC (18 years, 8 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)
Provide UI commands to delete phase 1 SAs. Looks good mortiz@
Revision 1.46 / (download) - annotate - [select for diffs], Fri Apr 8 16:52:41 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.45: +1 -3 lines
Diff to previous 1.45 (colored)
always enable aggressive, dpd, and isakmp_cfg
Revision 1.45 / (download) - annotate - [select for diffs], Fri Apr 8 16:37:15 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.44: +1 -3 lines
Diff to previous 1.44 (colored)
nat-traversal always
Revision 1.44 / (download) - annotate - [select for diffs], Mon Apr 4 19:31:11 2005 UTC (19 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)
spacing; ok cloder
Revision 1.43 / (download) - annotate - [select for diffs], Fri Mar 4 16:20:07 2005 UTC (19 years, 3 months ago) by hshoexer
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.42: +2 -12 lines
Diff to previous 1.42 (colored)
remove unused stuff. ok ho@
Revision 1.42 / (download) - annotate - [select for diffs], Wed Dec 8 16:08:10 2004 UTC (19 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.41: +2 -1 lines
Diff to previous 1.41 (colored)
1. allow up to DPD_RETRANS_MAX retransmitted R_U_THERE messages. 2. reset dpd_failcount when switching to DPD_TIMER_NORMAL. 3. ignore DPD timeouts on SAs that are marked SA_FLAG_REPLACED. ok hshoexer, ho
Revision 1.41 / (download) - annotate - [select for diffs], Tue Aug 10 15:59:10 2004 UTC (19 years, 10 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.40: +45 -2 lines
Diff to previous 1.40 (colored)
Better implementation of the Dead Peer Detection protocol, RFC 3706. hshoexer@ ok.
Revision 1.40 / (download) - annotate - [select for diffs], Mon Jun 21 23:27:10 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.39: +5 -1 lines
Diff to previous 1.39 (colored)
Implement NAT-T keepalive messages.
Revision 1.39 / (download) - annotate - [select for diffs], Mon Jun 21 13:09:00 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.38: +5 -1 lines
Diff to previous 1.38 (colored)
Port floating (500->4500) for p1 and p2 exchanges.
Revision 1.38 / (download) - annotate - [select for diffs], Sun Jun 20 15:20:07 2004 UTC (19 years, 11 months ago) by ho
Branch: MAIN
Changes since 1.37: +11 -1 lines
Diff to previous 1.37 (colored)
A start towards Dead Peer Detection (DPD) support, as specified in RFC 3706
Revision 1.37 / (download) - annotate - [select for diffs], Sun May 23 18:17:56 2004 UTC (20 years ago) by hshoexer
Branch: MAIN
Changes since 1.36: +16 -16 lines
Diff to previous 1.36 (colored)
More KNF. Mainly spaces and line-wraps, no binary change. ok ho@
Revision 1.36 / (download) - annotate - [select for diffs], Thu May 13 06:56:34 2004 UTC (20 years, 1 month ago) by ho
Branch: MAIN
Changes since 1.35: +2 -5 lines
Diff to previous 1.35 (colored)
Extensions to the FIFO interface: "C get [section]:tag" fetches a configuration value. "C add [section]:tag=value" adds 'value' to a list, typically for the [Phase 2]:Connections tag. FIFO "S" command destination file changed. Various KNF cleanups. hshoexer@ ok.
Revision 1.35 / (download) - annotate - [select for diffs], Thu Apr 15 18:39:26 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.34: +166 -156 lines
Diff to previous 1.34 (colored)
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
Revision 1.34 / (download) - annotate - [select for diffs], Fri Feb 27 10:16:26 2004 UTC (20 years, 3 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.33: +2 -1 lines
Diff to previous 1.33 (colored)
(C)-2004
Revision 1.33 / (download) - annotate - [select for diffs], Fri Feb 27 09:01:19 2004 UTC (20 years, 3 months ago) by ho
Branch: MAIN
Changes since 1.32: +15 -1 lines
Diff to previous 1.32 (colored)
Follow RFC 2408 more closely regarding how to better check the proposal returned by the other peer (the responder). Some implementations (notably the Cisco PIX) does not follow a SHOULD in section 4.2 of the RFC. With certain proposal combinations this caused us to setup the wrong SA resulting in us being unable to process incoming IPsec traffic (over this tunnel). Tested against a number of different IKE implementations. hshoexer@ ok.
Revision 1.32 / (download) - annotate - [select for diffs], Wed Jun 4 07:31:17 2003 UTC (21 years ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.31: +1 -6 lines
Diff to previous 1.31 (colored)
Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos D. Keromytis and Niels Provos.
Revision 1.31 / (download) - annotate - [select for diffs], Fri May 16 20:31:16 2003 UTC (21 years ago) by ho
Branch: MAIN
Changes since 1.30: +2 -1 lines
Diff to previous 1.30 (colored)
If the "Renegotiate-on-HUP" tag is defined in the [General] section, a HUP signal (or "R" to the FIFO) will also renegotiate all Phase 2 SAs, i.e all connections. ok niklas@, tested and ok kjell@.
Revision 1.30 / (download) - annotate - [select for diffs], Thu May 15 02:28:56 2003 UTC (21 years, 1 month ago) by ho
Branch: MAIN
Changes since 1.29: +2 -4 lines
Diff to previous 1.29 (colored)
Cleanup. Do not store the private key in either the exchange or sa structs.
Revision 1.29 / (download) - annotate - [select for diffs], Sun Jun 9 08:13:07 2002 UTC (22 years ago) by todd
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3,
OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.28: +3 -3 lines
Diff to previous 1.28 (colored)
rm trailing whitespace
Revision 1.28 / (download) - annotate - [select for diffs], Fri Jun 7 15:24:22 2002 UTC (22 years ago) by ho
Branch: MAIN
Changes since 1.27: +4 -1 lines
Diff to previous 1.27 (colored)
Add 'ikecfg' as a valid Flags= value.
Revision 1.27 / (download) - annotate - [select for diffs], Sun Mar 17 21:50:59 2002 UTC (22 years, 2 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.26: +4 -1 lines
Diff to previous 1.26 (colored)
Move SA_FILE definition to sa.h.
Revision 1.26 / (download) - annotate - [select for diffs], Sun Mar 17 21:48:06 2002 UTC (22 years, 2 months ago) by angelos
Branch: MAIN
Changes since 1.25: +3 -1 lines
Diff to previous 1.25 (colored)
Add 'T' and 'S' commands (for tearing-down and reporting all Phase 2 SAs), from bdallen@nps.navy.mil
Revision 1.25 / (download) - annotate - [select for diffs], Fri Jan 25 13:46:22 2002 UTC (22 years, 4 months ago) by ho
Branch: MAIN
Changes since 1.24: +2 -1 lines
Diff to previous 1.24 (colored)
no static for sa_dump, explicit log cls/level
Revision 1.24 / (download) - annotate - [select for diffs], Wed Jun 27 00:48:21 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.23: +4 -1 lines
Diff to previous 1.23 (colored)
Keep track of the ACQUIRE sequence number, and pass it to the kernel along with the ADD message.
Revision 1.23 / (download) - annotate - [select for diffs], Tue Jun 12 21:50:36 2001 UTC (23 years ago) by niklas
Branch: MAIN
Changes since 1.22: +19 -9 lines
Diff to previous 1.22 (colored)
comment style
Revision 1.22 / (download) - annotate - [select for diffs], Thu May 31 20:23:17 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.21: +17 -6 lines
Diff to previous 1.21 (colored)
Get rid of recv_certlen, add sent_* and keynote_key fields, explanations added.
Revision 1.18.2.1 / (download) - annotate - [select for diffs], Tue May 8 12:45:25 2001 UTC (23 years, 1 month ago) by ho
Branch: OPENBSD_2_8
Changes since 1.18: +5 -5 lines
Diff to previous 1.18 (colored) next main 1.19 (colored)
Pull in isakmpd from 2.9 to 2.8 branch.
Revision 1.21 / (download) - annotate - [select for diffs], Tue Apr 24 07:27:37 2001 UTC (23 years, 1 month ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9
Changes since 1.20: +3 -3 lines
Diff to previous 1.20 (colored)
Correct SA refcounting. Fixes a bug where isakmpd could die when a peer was discovered to have rebooted, and old now invalid SAs had to be garbage- collected.
Revision 1.20 / (download) - annotate - [select for diffs], Sat Jan 27 12:03:36 2001 UTC (23 years, 4 months ago) by niklas
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
(c) 2001
Revision 1.19 / (download) - annotate - [select for diffs], Sun Jan 14 23:40:01 2001 UTC (23 years, 4 months ago) by angelos
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
Handling of Phase 1 DELETE and Phase 2 INVALID_SPI messages (newsham@lava.net)
Revision 1.18 / (download) - annotate - [select for diffs], Tue Oct 10 13:35:24 2000 UTC (23 years, 8 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
Merge with EOM 1.58 author: provos increase size of refcnt. okay niklas@
Revision 1.17 / (download) - annotate - [select for diffs], Thu Aug 3 07:23:18 2000 UTC (23 years, 10 months ago) by niklas
Branch: MAIN
Changes since 1.16: +3 -2 lines
Diff to previous 1.16 (colored)
Merge with EOM 1.57 author: angelos Add sa_enter() prototype.
Revision 1.16 / (download) - annotate - [select for diffs], Thu Jun 8 20:50:07 2000 UTC (24 years ago) by niklas
Branch: MAIN
Changes since 1.15: +7 -3 lines
Diff to previous 1.15 (colored)
Merge with EOM 1.56 author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol. author: angelos Begin support for KeyNote credentials exchanged.
Revision 1.15 / (download) - annotate - [select for diffs], Tue Feb 1 02:46:18 2000 UTC (24 years, 4 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE,
OPENBSD_2_7
Changes since 1.14: +3 -2 lines
Diff to previous 1.14 (colored)
apps/certpatch/certpatch.8: Merge with EOM 1.4 apps/certpatch/certpatch.c: Merge with EOM 1.6 exchange.c: Merge with EOM 1.114 ike_quick_mode.c: Merge with EOM 1.110 ike_phase_1.c: Merge with EOM 1.16 ike_auth.c: Merge with EOM 1.41 ike_aggressive.c: Merge with EOM 1.4 libcrypto.c: Merge with EOM 1.10 libcrypto.h: Merge with EOM 1.10 isakmpd.8: Merge with EOM 1.19 isakmpd.c: Merge with EOM 1.42 ipsec.h: Merge with EOM 1.40 init.c: Merge with EOM 1.22 message.c: Merge with EOM 1.143 message.h: Merge with EOM 1.49 sa.c: Merge with EOM 1.98 sa.h: Merge with EOM 1.54 policy.c: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.36 x509.c: Merge with EOM 1.32 x509.h: Merge with EOM 1.9 udp.c: Merge with EOM 1.46 author: niklas Angelos copyrights
Revision 1.14 / (download) - annotate - [select for diffs], Thu Aug 26 22:27:51 1999 UTC (24 years, 9 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.13: +15 -2 lines
Diff to previous 1.13 (colored)
ike_phase_1.c: Merge with EOM 1.8 message.c: Merge with EOM 1.135 message.h: Merge with EOM 1.48 sa.c: Merge with EOM 1.97 sa.h: Merge with EOM 1.53 author: angelos Complete policy work; tested for the shared-key case. Documentation needed.
Revision 1.13 / (download) - annotate - [select for diffs], Wed Jun 2 06:31:22 1999 UTC (25 years ago) by niklas
Branch: MAIN
Changes since 1.12: +5 -2 lines
Diff to previous 1.12 (colored)
Merge with EOM 1.52 author: ho New flag
Revision 1.12 / (download) - annotate - [select for diffs], Tue Apr 27 20:59:47 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.11: +6 -9 lines
Diff to previous 1.11 (colored)
sa.c: Merge with EOM 1.88 sa.h: Merge with EOM 1.51 author: niklas Handle leftover payloads, esp INITIAL CONTACT notifications. Factor out SA expiration setting. Add commentary. author: ho Keep track of trailing retransmissions by keeping exchanges around longer. Removed references to sa->last_sent_in_setup, use last_sent and last_received in exchange instead. Free setup exchanges by expiration only. author: ho Backout last change. (Go with exchange directly instead of sa->msg) author: ho Handle phase 2 late retransmissions.
Revision 1.11 / (download) - annotate - [select for diffs], Mon Apr 19 19:59:28 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored)
./sa.h: Merge with EOM 1.47 Remove SA_FLAG_REPLACED settings from various parts in preparation of a grand unified setting in exchange_finalize. Fix sa_mark_replaced to not release a referance to the sa, and adjust the API as it won't get called as a finalize func anymore.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Apr 5 21:02:32 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.9: +4 -4 lines
Diff to previous 1.9 (colored)
Merge with EOM 1.46 New finalize API. Free keystate. 1999 copyrights
Revision 1.9 / (download) - annotate - [select for diffs], Wed Mar 31 20:31:17 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.8: +14 -6 lines
Diff to previous 1.8 (colored)
Merge with EOM 1.44 Add refcounting to SA's. Make phase 1 expirations be able to cause renegotiations if configured to.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Mar 31 00:52:27 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.7: +6 -2 lines
Diff to previous 1.7 (colored)
Merge with EOM 1.43 the SA replace flag
Revision 1.7 / (download) - annotate - [select for diffs], Tue Mar 2 15:48:23 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.6: +6 -2 lines
Diff to previous 1.6 (colored)
sa.c: Merge with EOM 1.67 Add SA attributes, specifically stayalive sa.h: Merge with EOM 1.42 Add SA attributes, specifically stayalive pf_encap.c: Merge with EOM 1.46 Add SA attributes, specifically stayalive exchange.c: Merge with EOM 1.65 Add SA attributes, specifically stayalive
Revision 1.6 / (download) - annotate - [select for diffs], Sat Feb 27 09:59:36 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.5: +6 -3 lines
Diff to previous 1.5 (colored)
ipsec.c: Merge with EOM 1.83 Only accept IPsec SAs when searching for such sa.h: Merge with EOM 1.41 Stayalive connections as a default for now, init pf_encap_socket pf_encap.c: Merge with EOM 1.45 Stayalive connections as a default for now, init pf_encap_socket
Revision 1.5 / (download) - annotate - [select for diffs], Fri Feb 26 03:50:26 1999 UTC (25 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.4: +8 -5 lines
Diff to previous 1.4 (colored)
Merge from the Ericsson repository | revision 1.40 | date: 1999/02/14 00:11:40; author: niklas; state: Exp; lines: +7 -4 | Generalize how to find SAs with given attributes. Do SA expiration both hard | and soft, and do not rekey automatically anymore. We will revisit this by | adding some kind of policy what to do at these times. Improve commentary | ----------------------------
Revision 1.4 / (download) - annotate - [select for diffs], Mon Dec 21 01:02:27 1998 UTC (25 years, 5 months ago) by niklas
Branch: MAIN
Changes since 1.3: +6 -2 lines
Diff to previous 1.3 (colored)
Last months worth of work on isakmpd, lots done
Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 17 11:10:19 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Add RCS Ids from the EOM repository
Revision 1.2 / (download) - annotate - [select for diffs], Sun Nov 15 00:44:02 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
openBSD RCS IDs
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Nov 15 00:03:49 1998 UTC (25 years, 6 months ago) by niklas
Branch: NIKLAS
CVS Tags: NIKLAS_981114
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Initial import of isakmpd, an IKE (ISAKMP/Oakley) implementation for the OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by Ericsson Radio Systems. It is not yet complete or usable in a real scenario but the missing pieces will soon be there. The early commit is for people who wants early access and who are not afraid of looking at source. isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so far, so it is not that incomplete. It is really mostly configuration that is lacking.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Nov 15 00:03:49 1998 UTC (25 years, 6 months ago) by niklas
Branch: MAIN
Initial revision