summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/message.c
AgeCommit message (Collapse)Author
2004-06-14added a missing message_free().Hans-Joerg Hoexer
ok ho@
2004-06-14KNF, style, 80c, etc. hshoexer@ okHakan Olsson
2004-06-11typo in commentBrad Smith
2004-06-10Mark authenticated messages explicitly. Better check for authentication beforeHans-Joerg Hoexer
deleteing SAs. This fix is needed to solve the problems reported by Thomas Walpuski, previous diff was not sufficient. Pointed out by Thomas. Thanks! ok ho@ niklas@, testing and spellcheck by todd@ msf@
2004-06-09Style nits. hshoexer@ okHakan Olsson
2004-06-09only accept DELETEs during an authenticated INFORMATIONAL exchange.Hans-Joerg Hoexer
Fix for recent problem disclosed by Thomas Walpuski. ok ho@
2004-05-23More KNF. Mainly spaces and line-wraps, no binary change.Hans-Joerg Hoexer
ok ho@
2004-04-29Better checking of minimum payload lengths. Drop out safely when an unknownHans-Joerg Hoexer
payload type is encountered. While around, do some KNF. ok ho@
2004-04-15partial move to KNF. More to come. This has happened because thereTheo de Raadt
are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
2004-04-07-Wsign-compare nits. hshoexer@ ok.Hakan Olsson
2004-03-10Fix payload handling flaws found by cloder@. Based on initial patch byHans-Joerg Hoexer
cloder@. Testing by markus@ cloder@ hshoexer@. ok ho@
2004-03-10Plug up memory leak.Hans-Joerg Hoexer
ok ho@
2004-03-10Reduce some noise on receipt of an invalid spi.Hans-Joerg Hoexer
ok ho@
2004-03-09Plug memleaks, found by cloder@.Hans-Joerg Hoexer
ok ho@
2003-12-05Style nitsHakan Olsson
2003-12-04Validate SPIs presented in DELETE messages of the informational exchange.Hans-Joerg Hoexer
ok markus@
2003-11-06Style nits.Hakan Olsson
2003-11-06Require encrypted messages are soon as we have the keystate for it.Hakan Olsson
Require DELETE payloads to be accompanied by HASHes, and add validation for HASH payloads without active exchanges. From Hans-Joerg Hoexer with various modifications and suggestions from me and markus@. Ok markus@.
2003-09-02Require ISAKMP_FLAGS_ENC on phase 2 messages. ok markus@, deraadt@.Hakan Olsson
2003-06-14allocate payload_node with calloc instead of mallocHakan Olsson
2003-06-04Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, AngelosHakan Olsson
D. Keromytis and Niels Provos.
2003-06-03Cleanup. Use 'sizeof variable' instead of magic constants.Hakan Olsson
2002-09-11signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.Hakan Olsson
2002-07-09HASH payload validation does not require an exchange.Hakan Olsson
2002-07-04Do not assume we have an active exchange during payload validation.Hakan Olsson
2002-06-09rm trailing whitespaceTodd T. Fries
2002-06-06better format/typeHakan Olsson
2002-06-06Style, and a few additional format/type mods.Hakan Olsson
2002-06-01size_t must be cast to (unsigned long) and printed using %luTheo de Raadt
2002-05-28Proper types in format strings. From <greg@nest.cx>Hakan Olsson
2002-03-26Don't message_dump_raw() bad length messages, i.e too short.Hakan Olsson
Should solve PR 2474 (unconfirmed). niklas@, me.
2002-01-23the last few sprintf -> snprintfHakan Olsson
2001-10-26Change to use sysdep_sa_len() function.Hakan Olsson
2001-10-26Sometimes the daemon will not die promptly on SIGTERM, even thoughHakan Olsson
all DELETE notifications is sent out. Create a prioritized send-queue for the DELETE messages to solve this. Some (C)-2001. niklas@ ok.
2001-07-01ISAKMP configuration, a.k.a IKECFG or "mode-config", protocol implementation.Niklas Hallqvist
Disabled, has no configuration mechanism yet. This will be used for roaming users, who are going to get parameters like IP-address and nameserver from its peer, very much like DHCP, but securily inside an ISAKMP connection and still in time before negotiation of IPsec connections. You may see stylistic fixes in this commit too. Add some not yet used Makefile magic to deal with DNSSEC- enabled OpenSSL too. The IKECFG code work was sponsered by Gatespace Inc. Thank you! Configuration will come very soon, btw.
2001-07-01Eliminate IPv4 dependency.Angelos D. Keromytis
2001-06-29Change get_src/get_dst API as we get the length with sa_len.Hakan Olsson
2001-04-24Correct SA refcounting. Fixes a bug where isakmpd could die when a peer wasNiklas Hallqvist
discovered to have rebooted, and old now invalid SAs had to be garbage- collected.
2001-04-14Minor cleanup.Hakan Olsson
2001-04-12Don't put the same message on the sendq twice. By niklas and me.Hakan Olsson
2001-04-09More style fixes...Hakan Olsson
2001-04-09isakmpd can now capture un-encrypted IKE negotiation packets to aHakan Olsson
file. In pcap(3) format, so tcpdump(8) can read it. Idea by Tim Newsham <newsham@lava.net>, work by him and me. Ok angelos@, niklas@
2001-03-13Add logging classes for Negotiation and Policy, and change a number ofHakan Olsson
debug messages to use these instead. Change a number of 'log_print' to debug messages to keep the noise down. Use 'log_error' instead of 'log_print' in some cases when we have errno. Some indentation fixes. (niklas@ ok)
2001-01-27(c) 2001Niklas Hallqvist
2001-01-26Pedantic style policeNiklas Hallqvist
2000-10-10message.c: Merge with EOM 1.156Niklas Hallqvist
message.h: Merge with EOM 1.51 transport.c: Merge with EOM 1.43 author: provos use message_send_expire for timeouts. okay niklas@
2000-10-07Merge with EOM 1.155Niklas Hallqvist
author: niklas style author: niklas spelling author: ho (c)-2000 author: niklas style author: provos fail if exchange can not be created author: angelos Invalid payload may be because of passphrase mismatch, so warn about that. author: provos reference to freed object, move free down author: ho log_debug -> LOG_DBG (USE_DEBUG) author: provos proper reference counting for isakmp_sa in struct message, remove bogus calls to sa_reference; fix some more memory leaks in conf.c
2000-08-03Merge with EOM 1.146Niklas Hallqvist
author: provos prevent crashing when we receive an encrypted message as response to our first packet as initiator. James Winquist <winquist@mail.cybernet.com>
2000-06-19Merge with EOM 1.145Niklas Hallqvist
author: ho Recognize and handle reserved and private payloads differently. A private payload in a message is ignored. A message containing a reserved payload is dropped.
2000-02-25regress/crypto/Makefile: Merge with EOM 1.5Niklas Hallqvist
regress/dh/Makefile: Merge with EOM 1.7 regress/group/Makefile: Merge with EOM 1.9 regress/prf/Makefile: Merge with EOM 1.4 regress/rsakeygen/Makefile: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.10 Makefile: Merge with EOM 1.62 attribute.c: Merge with EOM 1.10 sa.c: Merge with EOM 1.99 conf.c: Merge with EOM 1.20 crypto.c: Merge with EOM 1.28 isakmpd.c: Merge with EOM 1.45 connection.c: Merge with EOM 1.19 doi.h: Merge with EOM 1.28 field.c: Merge with EOM 1.11 exchange.c: Merge with EOM 1.116 ike_auth.c: Merge with EOM 1.44 pf_key_v2.c: Merge with EOM 1.37 ike_phase_1.c: Merge with EOM 1.22 ipsec.c: Merge with EOM 1.118 isakmp_doi.c: Merge with EOM 1.40 log.c: Merge with EOM 1.26 log.h: Merge with EOM 1.18 math_group.c: Merge with EOM 1.23 message.c: Merge with EOM 1.144 pf_encap.c: Merge with EOM 1.70 policy.c: Merge with EOM 1.18 timer.c: Merge with EOM 1.13 transport.c: Merge with EOM 1.41 udp.c: Merge with EOM 1.47 ui.c: Merge with EOM 1.37 x509.c: Merge with EOM 1.36 author: niklas Made debug logging a compile time selectable feature
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-11 09:56:32 +0000