| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Disabled, has no configuration mechanism yet. This will be used for roaming
users, who are going to get parameters like IP-address and nameserver from its
peer, very much like DHCP, but securily inside an ISAKMP connection and still
in time before negotiation of IPsec connections. You may see stylistic fixes
in this commit too. Add some not yet used Makefile magic to deal with DNSSEC-
enabled OpenSSL too. The IKECFG code work was sponsered by Gatespace Inc.
Thank you! Configuration will come very soon, btw.
|
|
|
|
author: ho
ipsec_decode_ids is only used with USE_DEBUG
|
|
doi.h: Merge with EOM 1.29
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
|
|
regress/dh/Makefile: Merge with EOM 1.7
regress/group/Makefile: Merge with EOM 1.9
regress/prf/Makefile: Merge with EOM 1.4
regress/rsakeygen/Makefile: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.10
Makefile: Merge with EOM 1.62
attribute.c: Merge with EOM 1.10
sa.c: Merge with EOM 1.99
conf.c: Merge with EOM 1.20
crypto.c: Merge with EOM 1.28
isakmpd.c: Merge with EOM 1.45
connection.c: Merge with EOM 1.19
doi.h: Merge with EOM 1.28
field.c: Merge with EOM 1.11
exchange.c: Merge with EOM 1.116
ike_auth.c: Merge with EOM 1.44
pf_key_v2.c: Merge with EOM 1.37
ike_phase_1.c: Merge with EOM 1.22
ipsec.c: Merge with EOM 1.118
isakmp_doi.c: Merge with EOM 1.40
log.c: Merge with EOM 1.26
log.h: Merge with EOM 1.18
math_group.c: Merge with EOM 1.23
message.c: Merge with EOM 1.144
pf_encap.c: Merge with EOM 1.70
policy.c: Merge with EOM 1.18
timer.c: Merge with EOM 1.13
transport.c: Merge with EOM 1.41
udp.c: Merge with EOM 1.47
ui.c: Merge with EOM 1.37
x509.c: Merge with EOM 1.36
author: niklas
Made debug logging a compile time selectable feature
|
|
doi.h: Merge with EOM 1.27
ike_auth.c: Merge with EOM 1.30
ike_quick_mode.c: Merge with EOM 1.85
ipsec.c: Merge with EOM 1.107
ipsec.h: Merge with EOM 1.36
isakmp_doi.c: Merge with EOM 1.39
author: niklas
Factor out keyed hashing of all payloads with SKEYID_a, and make DOI hooks
for informational exchanges to add such hashing. Use it from QM and the IKE
authentication module too. Remove some bogus XXX comments. Add error
reporting
|
|
isakmp_doi.c: Merge with EOM 1.38
author: niklas
Recognize but ignore incoming informationmal exchanges
author: niklas
New message_drop API. Generate real INVALID_COOKIE notification.
Generate informational exchanges in phase 1 too. Really get these
messages to the wire
|
|
isakmp_doi.c: Merge with EOM 1.36
author: niklas
Handle leftover payloads.
|
|
./gmp_util.c: Merge with EOM 1.3
./asn_useful.c: Merge with EOM 1.11
./attribute.c: Merge with EOM 1.9
./constants.c: Merge with EOM 1.7
./doi.h: Merge with EOM 1.25
./doi.c: Merge with EOM 1.4
./field.c: Merge with EOM 1.9
./init.c: Merge with EOM 1.13
./isakmp_doi.c: Merge with EOM 1.35
./prf.c: Merge with EOM 1.6
./util.c: Merge with EOM 1.14
./app.h: Merge with EOM 1.4
./conf.h: Merge with EOM 1.8
./ipsec.h: Merge with EOM 1.34
./ipsec_doi.h: Merge with EOM 1.10
./pkcs.h: Merge with EOM 1.8
./sysdep.h: Merge with EOM 1.15
1999 copyrights
|
|
| revision 1.34
| date: 1999/02/25 11:39:08; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
| revision 1.33
| date: 1999/02/25 09:30:27; author: niklas; state: Exp; lines: +2 -1
| Replay protection window configurable
| ----------------------------
|
|
|
|
|
|
OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by
Ericsson Radio Systems. It is not yet complete or usable in a real scenario
but the missing pieces will soon be there. The early commit is for people
who wants early access and who are not afraid of looking at source.
isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so
far, so it is not that incomplete. It is really mostly configuration that
is lacking.
|
