summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/conf.c
AgeCommit message (Expand)Author
2017-10-27Support DH groups 19 to 21 and 25 to 30, just like iked(8) does.Martin Pieuchot
2016-03-16More "(<blah> *)0" -> NULL, avoiding any stdarg functions.Kenneth R Westerback
2015-12-09Remove plain DES encryption from IPsec.Christian Weisgerber
2015-08-20<stdlib.h> is included, so do not need to cast result fromTheo de Raadt
2013-11-22Whole bunch of (unsigned char) casts carefully added for ctype calls.Theo de Raadt
2013-03-21remove excessive includesTheo de Raadt
2012-07-13Support additional MODP DH groups in the Phase 1 and Phase 2.Mike Belopuhov
2012-06-30enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESPChristian Weisgerber
2010-09-22Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMACMike Belopuhov
2010-08-04fixup keylength for aes-128-cbc in quickmodeTheo de Raadt
2008-02-17Define default configurations for AES-192 and AES-256. From Mitja MuzenicHans-Joerg Hoexer
2007-06-01Let conf_trans_node() set all parts of the node, so that we don'tMoritz Jodeit
2007-04-22Free allocated node in conf_set_now() before failing,Moritz Jodeit
2007-04-16There's no point in checking ptr for NULL before doing free(ptr)Moritz Jodeit
2007-02-19isakmpd bits for ESP+NULL encryption. This is useful, when AH canHans-Joerg Hoexer
2006-08-29Properly define quick mode suites for AH. With naddy.Hans-Joerg Hoexer
2006-06-10Make deletion of SAs on shutdown optional. The default behaviourHans-Joerg Hoexer
2006-06-10Allow isakmpd to use a different private rsa key per isakmp ID. Hans wrote th...Mathieu Sauve-Frankel
2006-06-10This shouldn't have been commited yet.Hans-Joerg Hoexer
2006-06-10support sha2 for main mode hmacs and aesctr for quick mode encryption.Hans-Joerg Hoexer
2006-05-27add group15/modp3072 to default configurations.Hans-Joerg Hoexer
2005-12-28remove some unused functions and an unused variable found by lint.Hans-Joerg Hoexer
2005-11-14use snprintf; ok cloder. also looked at by a few other peopleTheo de Raadt
2005-08-02Make sure to always load at least the default configuration values. Fixes aHans-Joerg Hoexer
2005-05-26Handle strdup returning NULL. OK hshoexerChad Loder
2005-04-08Make deterministic randomness (only ever used for testing) a compile-timeChad Loder
2005-04-08keynote and policy always compiled inTheo de Raadt
2005-04-08un-ifdef USE_BLOWFISHTheo de Raadt
2005-04-06knf, ok cloderTheo de Raadt
2005-04-05Always compile X509 support. Almost everyone uses it. Makes the codeChad Loder
2005-04-04spacing; ok cloderTheo de Raadt
2005-03-15reset config line numbers, when daemon gets reinitialized.Moritz Jodeit
2005-03-10Avoid memory leak if strdup should fail.Chad Loder
2004-12-14Allow the Address, Network, or Netmask values of the <IPsec-ID> to beRyan Thomas McBride
2004-08-08spacingTheo de Raadt
2004-07-29Less noise while debugging.Hakan Olsson
2004-06-25Keynote policy checking can now be disabled by "-K" switch and config tagHans-Joerg Hoexer
2004-06-14avoid stat before openHans-Joerg Hoexer
2004-06-14KNF, style, 80c, etc. hshoexer@ okHakan Olsson
2004-06-09Style nits. hshoexer@ okHakan Olsson
2004-05-14Some more KNF, no binary change.Hans-Joerg Hoexer
2004-04-23Make sure KEY_LENGTH attribute is present when checking AES proposals,Hakan Olsson
2004-04-15more knf; ok hshoexerTheo de Raadt
2004-04-15knfTheo de Raadt
2004-04-15partial move to KNF. More to come. This has happened because thereTheo de Raadt
2004-03-19Add missing bits to make already present privsep code work. Enable privsep.Hans-Joerg Hoexer
2004-02-27Add group 14 (modp2048) to predefined suites. Manpage also updated.Hans-Joerg Hoexer
2004-01-06small typos fixed.Hans-Joerg Hoexer
2003-09-02A couple of nits. deraadt@ ok.Hakan Olsson
2003-08-28support AES in phase 1, too. switch to OpenSSL EVP interface;Markus Friedl
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-29 08:56:41 +0000