src - OpenBSD base system

Age	Commit message (Collapse)	Author
2005-04-08	Make deterministic randomness (only ever used for testing) a compile-time	Chad Loder
	option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
2005-04-08	keynote and policy always compiled in	Theo de Raadt

2005-04-08	un-ifdef USE_BLOWFISH	Theo de Raadt

2005-04-06	knf, ok cloder	Theo de Raadt

2005-04-05	Always compile X509 support. Almost everyone uses it. Makes the code	Chad Loder
	much easier to read and to maintain. OK and testing by hshoexer@, more testing by me
2005-04-04	spacing; ok cloder	Theo de Raadt

2005-03-15	reset config line numbers, when daemon gets reinitialized.	Moritz Jodeit
	prevents wrong line numbers in error cases. help from jaredy@ and ok hshoexer@.
2005-03-10	Avoid memory leak if strdup should fail.	Chad Loder
	OK hshoexer@
2004-12-14	Allow the Address, Network, or Netmask values of the <IPsec-ID> to be	Ryan Thomas McBride
	specified with an interface name (in which case the first address is used) or the keyword 'default' (in which case the address is selected based on the default route). eg: [roadwarrior-ip] ID-type= IPV4_ADDR Address= default ok ho@ hshoexer@
2004-08-08	spacing	Theo de Raadt

2004-07-29	Less noise while debugging.	Hakan Olsson

2004-06-25	Keynote policy checking can now be disabled by "-K" switch and config tag	Hans-Joerg Hoexer
	"Use-Keynote". Default is to use keynote. ok henning@ ho@
2004-06-14	avoid stat before open	Hans-Joerg Hoexer
	ok ho@
2004-06-14	KNF, style, 80c, etc. hshoexer@ ok	Hakan Olsson

2004-06-09	Style nits. hshoexer@ ok	Hakan Olsson

2004-05-14	Some more KNF, no binary change.	Hans-Joerg Hoexer
	ok ho@
2004-04-23	Make sure KEY_LENGTH attribute is present when checking AES proposals,	Hakan Olsson
	required when acting as responder to SafeNet peers. Also make conf_load_defaults() readable again (KNF). hshoexer@ ok.
2004-04-15	more knf; ok hshoexer	Theo de Raadt

2004-04-15	knf	Theo de Raadt

2004-04-15	partial move to KNF. More to come. This has happened because there	Theo de Raadt
	are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
2004-03-19	Add missing bits to make already present privsep code work. Enable privsep.	Hans-Joerg Hoexer
	ok ho@ deraadt@ markus@
2004-02-27	Add group 14 (modp2048) to predefined suites. Manpage also updated.	Hans-Joerg Hoexer
	ok ho@
2004-01-06	small typos fixed.	Hans-Joerg Hoexer
	ok markus@
2003-09-02	A couple of nits. deraadt@ ok.	Hakan Olsson

2003-08-28	support AES in phase 1, too. switch to OpenSSL EVP interface;	Markus Friedl
	with Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@
2003-07-25	add sha2 support; ok ho@	Markus Friedl

2003-06-10	boring cleanups	Theo de Raadt

2003-06-03	Remove clauses 3 and 4. With approval from Niklas Hallqvist and	Hakan Olsson
	Niels Provos.
2003-06-03	Cleanup. Use 'sizeof variable' instead of magic constants.	Hakan Olsson

2003-05-18	More isakmpd privsep work. X509 private keys are now kept in the privileged	Hakan Olsson
	process only. Various cleanup and bugfixes. markus@ ok
2003-05-15	Start of privilege separation for isakmpd.	Hakan Olsson
	There are some kinks left, so keep it default disabled for now. markus@ says ok to commit.
2003-05-14	Default public key directory definition sanity.	Hakan Olsson

2003-04-30	cast size_t to unsigned long and use %lu;ok ho	Jason Wright

2003-02-04	don't set the Transform for Default-phase-1-configuration twice, ok ho@	Markus Friedl

2002-12-06	Section and tag comparisions should be case-insensitive. PR#3010, Mike Neuman.	Hakan Olsson

2002-11-15	Missing "Configuration" tag in a Phase-1 peer was not handled correctly,	Hakan Olsson
	pointed out by Aref Taidi. Replace this with a "Default-Phase-1-Configuration" that will be used if this tag is missing from the peer. Update manpage accordingly. niklas@ ok.
2002-11-14	Better whitespace/newline handling, this should make broken lines and	Hakan Olsson
	multiple values parse correctly again, as well as fix PR#2974. Also fix some int/u_int mismatches, and remove conf_get_line() (obsolete).
2002-09-11	signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.	Hakan Olsson

2002-08-07	A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>.	Hakan Olsson
	Some style mods, and checks added for OpenSSL version 0.9.7 or later. Currently CRLs are not supported for earlier versions. Manual pages updated.
2002-08-02	CRL support for isakmpd. From <Thomas.Walpuski@gmx.net> with some minor	Hakan Olsson
	modifications by me. ok niklas@.
2002-06-09	rm trailing whitespace	Todd T. Fries

2002-06-01	size_t must be cast to (unsigned long) and printed using %lu	Theo de Raadt

2002-05-28	off_t to size_t change for printf format and malloc. Pointed out by ↵	Hakan Olsson
	<greg@nest.cx>
2002-04-29	wierd -> weird	Peter Valchev

2002-04-22	Handle configuration lines that end in whitespace or ^M.	Hakan Olsson
	Also avoid a potential memory leak.
2002-03-01	Change DH group handling in the pre-generated parts of the	Hakan Olsson
	configuration. Add a -GRP{1,2,5} component to transform and suite names to directly specify which group to use. If no group is specified, use DH group 2 (MODP_1024). Earlier transforms and suites using the MD5 hash defaulted to DH group 1, this is no longer true. niklas@ ok.
2002-01-23	the last few sprintf -> snprintf	Hakan Olsson

2002-01-03	str[n]{cpy,cat} -> strl{cpy,cat}, sprintf -> snprintf	Hakan Olsson

2001-10-05	Missed this file; some more debug level fixes.	Hakan Olsson

2001-07-05	Add prototypes and some other various cleanup.	Hakan Olsson