diff options
Diffstat (limited to 'sbin/isakmpd')
| -rw-r--r-- | sbin/isakmpd/isakmpd.8 | 29 | ||||
| -rw-r--r-- | sbin/isakmpd/isakmpd.conf.5 | 24 | ||||
| -rw-r--r-- | sbin/isakmpd/isakmpd.policy.5 | 28 |
3 files changed, 40 insertions, 41 deletions
diff --git a/sbin/isakmpd/isakmpd.8 b/sbin/isakmpd/isakmpd.8 index ad11fe770e3..d0e78539940 100644 --- a/sbin/isakmpd/isakmpd.8 +++ b/sbin/isakmpd/isakmpd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.8,v 1.51 2003/05/10 21:13:41 jmc Exp $ +.\" $OpenBSD: isakmpd.8,v 1.52 2003/06/03 13:16:08 jmc Exp $ .\" $EOM: isakmpd.8,v 1.23 2000/05/02 00:30:23 niklas Exp $ .\" .\" Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. @@ -360,7 +360,6 @@ and named and stored after this easy formula: .It For UFQDN identities /etc/isakmpd/pubkeys/ufqdn/user@foo.bar.org .El -.Pp .Ss The FIFO user interface When .Nm @@ -429,19 +428,6 @@ Tear down the named connection, if active. .It Ic "T" Tear down all active connections. .El -.Sh BUGS -The -.Fl P -flag does not do what we document, rather it does nothing. -.Sh CAVEATS -When storing a trusted public key for an IPv6 identity, the -.Em most efficient -form of address representation, i.e "::" instead of ":0:0:0:", -must be used or the matching will fail. -.Nm -uses the output from -.Xr getnameinfo 3 -for the address-to-name translation. .Sh FILES .Bl -tag -width /etc/isakmpd/private/local. .It Pa /etc/isakmpd/ca/ @@ -506,3 +492,16 @@ and .%T RFC 2409 . This implementation was done 1998 by Niklas Hallqvist and Niels Provos, sponsored by Ericsson Radio Systems. +.Sh CAVEATS +When storing a trusted public key for an IPv6 identity, the +.Em most efficient +form of address representation, i.e "::" instead of ":0:0:0:", +must be used or the matching will fail. +.Nm +uses the output from +.Xr getnameinfo 3 +for the address-to-name translation. +.Sh BUGS +The +.Fl P +flag does not do what we document, rather it does nothing. diff --git a/sbin/isakmpd/isakmpd.conf.5 b/sbin/isakmpd/isakmpd.conf.5 index 50166376e2a..5b7141cf5d3 100644 --- a/sbin/isakmpd/isakmpd.conf.5 +++ b/sbin/isakmpd/isakmpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.conf.5,v 1.79 2003/05/17 17:26:40 jmc Exp $ +.\" $OpenBSD: isakmpd.conf.5,v 1.80 2003/06/03 13:16:08 jmc Exp $ .\" $EOM: isakmpd.conf.5,v 1.57 2000/12/21 14:43:17 ho Exp $ .\" .\" Copyright (c) 1998, 1999, 2000 Niklas Hallqvist. All rights reserved. @@ -692,6 +692,17 @@ Currently this can be: [user@foo.bar.org] .El .El +.Sh FILES +.Bl -tag -width /etc/isakmpd/isakmpd.conf +.It Pa /etc/isakmpd/isakmpd.conf +The default +.Nm isakmpd +configuration file. +.It Pa /usr/share/ipsec/isakmpd/ +A directory containing some sample +.Nm isakmpd +configuration files. +.El .Sh EXAMPLES An example of a configuration file: .Pp @@ -1044,17 +1055,6 @@ LIFE_DURATION= 3600,1800:7200 LIFE_TYPE= KILOBYTES LIFE_DURATION= 1000,768:1536 .Ed -.Sh FILES -.Bl -tag -width /etc/isakmpd/isakmpd.conf -.It Pa /etc/isakmpd/isakmpd.conf -The default -.Nm isakmpd -configuration file. -.It Pa /usr/share/ipsec/isakmpd/ -A directory containing some sample -.Nm isakmpd -configuration files. -.El .Sh SEE ALSO .Xr keynote 1 , .Xr ipsec 4 , diff --git a/sbin/isakmpd/isakmpd.policy.5 b/sbin/isakmpd/isakmpd.policy.5 index cf72784820b..73d91850c2d 100644 --- a/sbin/isakmpd/isakmpd.policy.5 +++ b/sbin/isakmpd/isakmpd.policy.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.policy.5,v 1.30 2003/03/06 20:29:24 jmc Exp $ +.\" $OpenBSD: isakmpd.policy.5,v 1.31 2003/06/03 13:16:08 jmc Exp $ .\" $EOM: isakmpd.policy.5,v 1.24 2000/11/23 12:55:25 niklas Exp $ .\" .\" Copyright (c) 1999-2001, Angelos D. Keromytis. All rights reserved. @@ -495,6 +495,17 @@ Set to the UTC date/time, in YYYYMMDDHHmmSS format. .It LocalTimeOfDay Set to the local date/time, in YYYYMMDDHHmmSS format. .El +.Sh FILES +.Bl -tag -width /etc/isakmpd/isakmpd.policy +.It Pa /etc/isakmpd/isakmpd.policy +The default +.Nm isakmpd +policy configuration file. +.It Pa /usr/share/ipsec/isakmpd/policy +A sample +.Nm isakmpd +policy configuration file. +.El .Sh EXAMPLES .Bd -literal Authorizer: "POLICY" @@ -614,21 +625,10 @@ Signature: "sig-x509-sha1-base64:ql+vrUxv14DcBOQHR2jsbXayq6T\\ mkdudZ0wjgeTLMI2NI4GibMMsToakOKMex/0q4cpdpln3DKcQ\\ IcjzRv4khDws69FT3QfELjcpShvbLrXmh1Z00OFmxjyqDw=" .Ed -.Sh BUGS -A more sane way of expressing IPv6 address ranges is needed. -.Sh FILES -.Bl -tag -width /etc/isakmpd/isakmpd.policy -.It Pa /etc/isakmpd/isakmpd.policy -The default -.Nm isakmpd -policy configuration file. -.It Pa /usr/share/ipsec/isakmpd/policy -A sample -.Nm isakmpd -policy configuration file. -.El .Sh SEE ALSO .Xr ipsec 4 , .Xr keynote 4 , .Xr keynote 5 , .Xr isakmpd 8 +.Sh BUGS +A more sane way of expressing IPv6 address ranges is needed. |