src - OpenBSD base system

Age	Commit message (Collapse)	Author
2004-02-16	check for isakmp_sa->transport != NULL; noticed by bluhm at genua.de ok ↵	Markus Friedl
	hshoexer@
2004-02-05	small logging cleanup and improvement requested by markus	Hans-Joerg Hoexer
	ok ho@ markus@
2004-01-16	Added -v option. Enables logging of successful exchange completion.	Hans-Joerg Hoexer
	ok ho@
2003-11-06	Style nits.	Hakan Olsson

2003-11-06	Require encrypted messages are soon as we have the keystate for it.	Hakan Olsson
	Require DELETE payloads to be accompanied by HASHes, and add validation for HASH payloads without active exchanges. From Hans-Joerg Hoexer with various modifications and suggestions from me and markus@. Ok markus@.
2003-10-14	constant_lookup() to constant_name() cleanup. markus@ ok.	Hakan Olsson

2003-09-25	Fix one case of set length before realloc. Fix another case of	Chad Loder
	foo = realloc(foo...) and avoid possible memory leaks. Avoid leaving things pointing to freed memory on failure.
2003-08-08	Be more careful when using constant_lookup() in messages. Pointed out by	Hakan Olsson
	Jean-Francois Dive, although I opted for a slightly different patch.
2003-06-15	ID copying should happen earlier in exchange_finalize so that we won't lose	Hakan Olsson
	data during rekeying. From Jean-Francois Dive.
2003-06-10	boring cleanups	Theo de Raadt

2003-06-04	Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos	Hakan Olsson
	D. Keromytis and Niels Provos.
2003-06-03	Cleanup. Use 'sizeof variable' instead of magic constants.	Hakan Olsson

2003-05-15	Cleanup. Do not store the private key in either the exchange or sa structs.	Hakan Olsson

2003-03-06	Bad cut'n'paste msg plus style fixes.	Hakan Olsson

2003-02-26	IPsec is written ``IPsec'', not ``IPSec''.	David Krause
	ok ho@
2003-01-09	Add some #ifdef USE_ISAKMP_CFG, no need to compile in code that will	Hakan Olsson
	never be used.
2003-01-09	Enable SET/ACK (ike-mode-cfg) when acting as responder. From Tomas	Hakan Olsson
	Walpuski.
2002-11-21	-Wshadow nits.	Hakan Olsson

2002-11-15	Missing "Configuration" tag in a Phase-1 peer was not handled correctly,	Hakan Olsson
	pointed out by Aref Taidi. Replace this with a "Default-Phase-1-Configuration" that will be used if this tag is missing from the peer. Update manpage accordingly. niklas@ ok.
2002-11-08	I missed a 'return' statement. Also spotted by Aref Taidi. Thanks.	Hakan Olsson

2002-11-06	More careful will alloc/free. Spotted by Aref Taidi.	Hakan Olsson

2002-09-11	signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.	Hakan Olsson

2002-09-05	Without IDs wait until next step/retry to handle CERTREQs. This should	Hakan Olsson
	make certificate auth work better with some clients, such as SSH Sentinel.
2002-09-05	Do not create SAs for transaction exchanges either. By niklas@	Hakan Olsson

2002-06-10	The dlopen() stuff goes away.	Hakan Olsson

2002-06-07	Start for support of IKECFG in SET/ACK mode. Server side only so far.	Hakan Olsson

2002-06-01	size_t must be cast to (unsigned long) and printed using %lu	Theo de Raadt

2002-01-23	snprintf, and only dump exchange data if USE_DEBUG is defined	Hakan Olsson

2002-01-03	str[n]{cpy,cat} -> strl{cpy,cat}, sprintf -> snprintf	Hakan Olsson

2001-08-25	Style	Niklas Hallqvist

2001-08-22	Need an extra sa_release() when de-allocating exchange-associated SAs;	Angelos D. Keromytis
	thus, failed exchanges/negotiations don't leak SAs and transports. ok niklas@
2001-08-15	Some more style...	Hakan Olsson

2001-08-11	Fix keynote credential case again.	Angelos D. Keromytis

2001-07-05	Add prototypes and some other various cleanup.	Hakan Olsson

2001-07-03	strlcpy->strncpy for now	Markus Friedl

2001-07-01	Style	Niklas Hallqvist

2001-07-01	Remove inaccurate "Assumes IPv4" comments.	Angelos D. Keromytis

2001-06-29	oops	Niklas Hallqvist

2001-06-29	more AF-independence	Niklas Hallqvist

2001-06-29	Change get_src/get_dst API as we get the length with sa_len.	Hakan Olsson

2001-06-27	Keep track of the ACQUIRE sequence number, and pass it to the kernel	Angelos D. Keromytis
	along with the ADD message.
2001-06-05	Style.	Angelos D. Keromytis

2001-06-05	Style issues and commentary	Niklas Hallqvist

2001-06-05	Dynamically allocate conn, as this is given to the exchange; cleanup	Angelos D. Keromytis
	conf space on failure to establish dynamic SA. ok niklas@
2001-05-31	Copy the new information from the exchange to the sa at the end of the	Angelos D. Keromytis
	exchange, and generalize certificate copying by taking advantage of the new routines in the cert handler.
2001-05-05	Add comment about finalize routine processing.	Angelos D. Keromytis

2001-04-24	Correct SA refcounting. Fixes a bug where isakmpd could die when a peer was	Niklas Hallqvist
	discovered to have rebooted, and old now invalid SAs had to be garbage- collected.
2001-04-09	More style fixes...	Hakan Olsson

2001-04-08	log_print, not log_error	Hakan Olsson

2001-03-28	Take into consideration the IDs when determining whether two Phase 1	Angelos D. Keromytis
	SAs match.