summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/ike_quick_mode.c
AgeCommit message (Collapse)Author
2002-01-23the last few sprintf -> snprintfHakan Olsson
2002-01-23strcpy->strlcpyHakan Olsson
2001-10-26Just rename sockaddr_data/len functions to sockaddr_addrdata/addrlen.Hakan Olsson
2001-10-05Some more debug level fixes.Hakan Olsson
2001-08-15Some more style...Hakan Olsson
2001-07-01More Style police, but also sane checking of addressNiklas Hallqvist
family vs stated ID-type.
2001-06-29Change get_src/get_dst API as we get the length with sa_len.Hakan Olsson
2001-06-29Be consistent.Hakan Olsson
2001-06-27IPv6. Also avoid a couple of mem leaks.Hakan Olsson
2001-06-07Get rid of useless x509_policy_asserts[]Angelos D. Keromytis
2001-05-31Store/retrieve the right information in terms of keys.Angelos D. Keromytis
2001-04-09Style police a'la niklas@.Hakan Olsson
2001-03-13Add logging classes for Negotiation and Policy, and change a number ofHakan Olsson
debug messages to use these instead. Change a number of 'log_print' to debug messages to keep the noise down. Use 'log_error' instead of 'log_print' in some cases when we have errno. Some indentation fixes. (niklas@ ok)
2001-02-19passphrase-md5-hex: and passphrase-sha1-hex: formats for passphrases.Angelos D. Keromytis
2001-02-08Add debug printf.Angelos D. Keromytis
2001-01-27(c) 2001Niklas Hallqvist
2001-01-26Pedantic style policeNiklas Hallqvist
2001-01-26Merge with EOM 1.139Niklas Hallqvist
author: niklas Remove blank line author: ho Print warning with log_print, not log_error. author: ho Report if doi->get_spi() fails.
2001-01-14Do the HASH verification before handling the SA payload.Angelos D. Keromytis
2001-01-10If only the Remote-ID is specified for a Phase 2 configuration, useAngelos D. Keromytis
our address for Local-ID; useful for road-warrior scenarios (adrian@lion.aba.net.au)
2000-10-16Merge with EOM 1.135Niklas Hallqvist
author: provos better referencing. okay niklas@ author: angelos Eliminate bogus freeing of static variable.
2000-10-07Merge with EOM 1.133Niklas Hallqvist
author: niklas style and < that should be <= author: angelos If the initiator does not propose a Phase 2 ID, use the local/peer addresses as implicit IDs; this was supported on the responder side, but weirdly enough not on the initiator. Reported by itojun@ author: angelos Handle 32-bit lifetimes (in generating them). author: ho (c)-2000 author: provos style as pointed out by the code style pedant. author: provos proper reference counting for isakmp_sa in struct message, remove bogus calls to sa_reference; fix some more memory leaks in conf.c
2000-08-03Merge with EOM 1.127Niklas Hallqvist
author: angelos Be careful when there's no assertions.
2000-06-08Merge with EOM 1.126Niklas Hallqvist
author: angelos Be a bit more verbose when printing policy results. author: angelos Correct environment cleanup. author: angelos Different policy/Keynote sessions per Phase 1 SA. author: angelos &&, not || author: angelos Begin support for KeyNote credentials exchanged.
2000-04-07Merge with EOM 1.121Niklas Hallqvist
author: niklas log_fatal is only OK during initialization author: ho Missing #ifdef USE_X509 added author: ho typo author: ho Add #ifdef USE_X509
2000-02-25Merge with EOM 1.117Niklas Hallqvist
author: angelos Move the check after we get rid of the unused protos. author: niklas Made debug logging a compile time selectable feature
2000-02-19Makefile: Merge with EOM 1.61Niklas Hallqvist
crypto.c: Merge with EOM 1.27 exchange.c: Merge with EOM 1.115 ike_quick_mode.c: Merge with EOM 1.115 x509.c: Merge with EOM 1.35 features/ec: Merge with EOM 1.1 features/aggressive: Merge with EOM 1.1 features/policy: Merge with EOM 1.1 features/x509: Merge with EOM 1.1 author: niklas Allow isakmpd builders to remove optional parts and save bytes.
2000-02-12Merge with EOM 1.114Niklas Hallqvist
author: angelos Bad typo, the check should be inverted. Also, add a NOTIFY message being sent to the Responder if policy check fails at the initiator (and print a log message).
2000-02-11Merge with EOM 1.113Niklas Hallqvist
author: angelos Rename the "CN:" tag to "DN:", after Jorgen's suggestion. author: angelos Do a policy check on the Initiator, when notified by the Responder on the SA selection. For efficiency, we should replicate this check on the first message sent by the Initiator (so we only send proposals we know we'll eventually accept).
2000-02-07ike_quick_mode.c: Merge with EOM 1.111Niklas Hallqvist
libcrypto.c: Merge with EOM 1.11 libcrypto.h: Merge with EOM 1.11 x509.c: Merge with EOM 1.33 author: angelos Add Canonical Names as policy targets (so they can be specified in the Licensees field), with the "CN:..." format.
2000-02-01apps/certpatch/certpatch.8: Merge with EOM 1.4Niklas Hallqvist
apps/certpatch/certpatch.c: Merge with EOM 1.6 exchange.c: Merge with EOM 1.114 ike_quick_mode.c: Merge with EOM 1.110 ike_phase_1.c: Merge with EOM 1.16 ike_auth.c: Merge with EOM 1.41 ike_aggressive.c: Merge with EOM 1.4 libcrypto.c: Merge with EOM 1.10 libcrypto.h: Merge with EOM 1.10 isakmpd.8: Merge with EOM 1.19 isakmpd.c: Merge with EOM 1.42 ipsec.h: Merge with EOM 1.40 init.c: Merge with EOM 1.22 message.c: Merge with EOM 1.143 message.h: Merge with EOM 1.49 sa.c: Merge with EOM 1.98 sa.h: Merge with EOM 1.54 policy.c: Merge with EOM 1.14 pf_key_v2.c: Merge with EOM 1.36 x509.c: Merge with EOM 1.32 x509.h: Merge with EOM 1.9 udp.c: Merge with EOM 1.46 author: niklas Angelos copyrights
2000-01-31ike_quick_mode.c: Merge with EOM 1.109Niklas Hallqvist
isakmpd.conf.5: Merge with EOM 1.38 message.c: Merge with EOM 1.142 pf_key_v2.c: Merge with EOM 1.35 x509.c: Merge with EOM 1.31 author: niklas (c) 2000
2000-01-30Merge with EOM 1.108Niklas Hallqvist
author: niklas style
2000-01-30Merge with EOM 1.107Niklas Hallqvist
author: angelos Fix part of the problem with X509 certificates (delegating to the CA isn't working yet, but I know where the problem is -- upcoming commit later today).
2000-01-26Merge with EOM 1.106Niklas Hallqvist
date: 2000/01/24 22:55:46; author: angelos; state: Exp; lines: +2 -2 Fix typo. date: 2000/01/24 16:48:42; author: ho; state: Exp; lines: +12 -2 Log when check_policy() returns failure. (bitten by keynote once too often... sigh) author: angelos Typo. author: angelos Passphrases are encoded as "passphrase:xxxx" now, to distinguish between passphrases and logic labels. author: angelos Oops on previous PFS-policy patch. Small fixes in the manpages. author: angelos Include files, in anticipation of the keynote.h changes.
1999-10-26sync with latest libkeynote (include file changes only)Angelos D. Keromytis
1999-10-01Merge with EOM 1.100Niklas Hallqvist
author: niklas AUTHENTICATION_ALGORITHM is a must in AH transforms. Better error reporting. author: ho More debugging output. author: angelos Remove evil experimental code, fix off-by-1 buffer allocation.
1999-08-26Merge with EOM 1.97Niklas Hallqvist
author: niklas Support dynamic loading of libkeynote too. Build isakmpd static by default. Stylistic cleanup of keynote policy code. Correct some libcrypto calls. author: ho We want the exchange name if it's one of our (passive) connections. author: angelos Warning about RSA-specific code. author: angelos Complete policy work; tested for the shared-key case. Documentation needed.
1999-08-05Merge with EOM 1.93Niklas Hallqvist
author: niklas Fix no ID in QM, when acting as responder, bug author: niklas Fix bad size computation in last commit author: niklas Make ID-less QM really work. Forgot to allocate space for the fake ID payloads.
1999-07-07exchange.h: Merge with EOM 1.25Niklas Hallqvist
ike_quick_mode.c: Merge with EOM 1.90 init.c: Merge with EOM 1.15 author: ho Add keynote policy support (with USE_KEYNOTE). angelos@openbsd.org
1999-06-05Merge with EOM 1.89Niklas Hallqvist
author: ho Remove early variable initialization.
1999-06-02Merge with EOM 1.88Niklas Hallqvist
author: niklas Some extra error checking, documentation and style wrt connections author: niklas Some more #if 0 stuff for passive connections author: niklas Error handling looked over. Some restructuring of ID checks, but still no coupling to names.
1999-05-02BUGS: Merge with EOM 1.31Niklas Hallqvist
doi.h: Merge with EOM 1.27 ike_auth.c: Merge with EOM 1.30 ike_quick_mode.c: Merge with EOM 1.85 ipsec.c: Merge with EOM 1.107 ipsec.h: Merge with EOM 1.36 isakmp_doi.c: Merge with EOM 1.39 author: niklas Factor out keyed hashing of all payloads with SKEYID_a, and make DOI hooks for informational exchanges to add such hashing. Use it from QM and the IKE authentication module too. Remove some bogus XXX comments. Add error reporting
1999-04-30ike_phase_1.c: Merge with EOM 1.3Niklas Hallqvist
ike_quick_mode.c: Merge with EOM 1.84 message.h: Merge with EOM 1.46 author: niklas New message_drop API. Generate real INVALID_COOKIE notification. Generate informational exchanges in phase 1 too. Really get these messages to the wire
1999-04-27Merge with EOM 1.83Niklas Hallqvist
author: niklas Do not hold on to the exchange for post quick mode, it will be there.
1999-04-19./regress/x509/x509test.c: Merge with EOM 1.4Niklas Hallqvist
./dh.h: Merge with EOM 1.4 ./math_ec2n.c: Merge with EOM 1.8 ./crypto.c: Merge with EOM 1.25 ./ike_quick_mode.c: Merge with EOM 1.82 ./math_group.c: Merge with EOM 1.16 ./math_ec2n.h: Merge with EOM 1.4 Style. alloc error reporting. Math error propagation. Allocate right sizes.
1999-04-06Merge with EOM 1.81Niklas Hallqvist
Too much removed in last commit Actually save the DH values in inititor mode Non-PFS case for initiators bailed out wrongly.
1999-04-05Merge with EOM 1.78Niklas Hallqvist
clear pointer when what is pointed to is freed Fix PFS in initator mode. Improve commentary. Some more error reporting. GC proto structures if we bail out on a message. Never free twice. Error handling of group allocation. Memory alloc. error reporting. Mem leak plugging.
1999-04-03Merge with EOM 1.74Niklas Hallqvist
refcount the exchange when delayed processing is scheduled for QM 1999 copyrights
1999-03-31Merge with EOM 1.72Niklas Hallqvist
Use SA refcounting where needed