summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/pf_key_v2.c
AgeCommit message (Collapse)Author
2005-06-14add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947Hans-Joerg Hoexer
ok markus
2005-06-01Fix memory leak. OK hshoexerChad Loder
2005-05-22No more ifdef KAME. From hshoexerChad Loder
2005-04-08get rid of sysdep_sa_lenHans-Joerg Hoexer
ok cloder@
2005-04-08USE_DEBUG is bye byeTheo de Raadt
2005-04-08keynote and policy always compiled inTheo de Raadt
2005-04-08nat-traversal alwaysTheo de Raadt
2005-04-08kill USE_OLD_SOCKADDRTheo de Raadt
2005-04-08Remove references to LINUX_IPSECChad Loder
2005-04-06knf, ok cloderTheo de Raadt
2005-04-05Always compile X509 support. Almost everyone uses it. Makes the codeChad Loder
much easier to read and to maintain. OK and testing by hshoexer@, more testing by me
2005-04-04spacing; ok cloderTheo de Raadt
2005-03-02knf, linewrapping, whitespaces, no binary changeHans-Joerg Hoexer
2005-02-27cleanup correctly in some error paths.Patrick Latifi
ok hshoexer
2005-02-27where possible, use bzero instead of memsetHans-Joerg Hoexer
ok cloder henning
2005-02-25Fix an obviously incorrect call to memset. '0' and 0 are not the sameChad Loder
thing. Input and OK from markus@, ho@, niklas@, deraadt@, hshoexer@
2004-12-27Fix broken pointer arithmetic when receiving a RSA key from the kernel. FoundHans-Joerg Hoexer
and fix provided by Stefan Miltchev. Thanks! ok otto@
2004-09-17Missing #ifdefs.Hakan Olsson
2004-08-12Avoid memleak on error (Linux/KAME). Found by Benjamin Pineau.Hakan Olsson
2004-08-10Better implementation of the Dead Peer Detection protocol, RFC 3706.Hakan Olsson
hshoexer@ ok.
2004-08-08spacingTheo de Raadt
2004-06-26Narrow down privsep interface. Move pf_key_v2_open() to monitor.Hans-Joerg Hoexer
Work in progress. ok ho@
2004-06-23Print corrent prefix. Found and tested by alex at vbone.net.Hakan Olsson
2004-06-21udpencap_port should be taken from dst transportHakan Olsson
2004-06-21Tell the kernel to enable ESP-in-UDP encapsulation when we haveHakan Olsson
SAs negotiated with NAT-T.
2004-06-14KNF, style, 80c, etc. hshoexer@ okHakan Olsson
2004-06-09Style nits. hshoexer@ okHakan Olsson
2004-04-15partial move to KNF. More to come. This has happened because thereTheo de Raadt
are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
2004-04-07-Wsign-compare nits. hshoexer@ ok.Hakan Olsson
2004-03-10Fix for PR2429, from Clemens Wittinger.Hakan Olsson
2003-11-06Style nits.Hakan Olsson
2003-08-08Fine grained selectors for Linux native IPsec. From Jean-Francois Dive.Hakan Olsson
2003-07-25add sha2 support; ok ho@Markus Friedl
2003-07-24conform to RFC2367 on SADB_xx naming (local name must be prefixed withJun-ichiro itojun Hagino
SADB_X_xx)
2003-06-10boring cleanupsTheo de Raadt
2003-06-04Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, AngelosHakan Olsson
D. Keromytis and Niels Provos.
2003-05-18More isakmpd privsep work. X509 private keys are now kept in the privilegedHakan Olsson
process only. Various cleanup and bugfixes. markus@ ok
2003-05-18Sysdep for native Linux IPSec, 2.5 and later. From Thomas Walpuski, withHakan Olsson
various tweaks by me. niklas@ ok.
2003-05-15Start of privilege separation for isakmpd.Hakan Olsson
There are some kinks left, so keep it default disabled for now. markus@ says ok to commit.
2003-05-14properly terminate debug string (levels >=40)Kjell Wooding
Use "%.*s" as suggested by Niklas. ok ho@. Lost by kjell. oked ho@. lost by kjell again. oked ho@
2003-05-14I did not test this enough. Unbreak.Hakan Olsson
2003-05-12AES -> AES_128_CBCHakan Olsson
2003-05-11fix ID-type for ipv6; ok niklas; report friesMarkus Friedl
2003-04-14More snprintf styleHakan Olsson
2003-04-14A "%d" is 12 chars, not 10. Use sizeof num instead of '10' inHakan Olsson
snprintf. From Theo.
2003-02-24pf_key_v2_flow: typo in debug msg (KAME)Markus Friedl
2003-01-09Change "Default-Phase-2-Suites" --> "Default-phase-2-suites"Hakan Olsson
2002-12-06Set transform from default. PR#3008Hakan Olsson
2002-12-04bit_ffc(3) returns a -1 location for a full bitset. Problem found byHakan Olsson
Olivier Courtay.
2002-12-04allow ACQUIRE with empty EXT_ADDRESS_SRC; PR 2996; ok angelos@, ho@Markus Friedl
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-23 23:47:47 +0000