summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/pf_key_v2.c
AgeCommit message (Expand)Author
2007-09-02use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsgTheo de Raadt
2007-05-27Don't include sys/mbuf.h it is not needed. OK mcbride@ msf@Claudio Jeker
2007-04-16There's no point in checking ptr for NULL before doing free(ptr)Moritz Jodeit
2007-04-08Fix lint comments. s/Fall through/FALLTHROUGH/.Moritz Jodeit
2007-02-19isakmpd bits for ESP+NULL encryption. This is useful, when AH canHans-Joerg Hoexer
2006-11-24add support to tag ipsec traffic belonging to specific IKE-initiatedReyk Floeter
2006-09-01Add a new UI command to force isakmpd into passive only mode.Marco Pfatschbacher
2006-08-30fix isakmpd -Ka, as used by bgpd, or acquire flows set up via ipsecctl.Henning Brauer
2006-08-30need to retry writing to pfkey socket on EAGAIN, ok theo hshoexerHenning Brauer
2006-08-30do not call pf_key_v2_disable_sa twice; ok hshoexer, hoMarkus Friedl
2006-06-10support sha2 for main mode hmacs and aesctr for quick mode encryption.Hans-Joerg Hoexer
2006-05-31tiny KNFHans-Joerg Hoexer
2006-05-31Make sure, that phase 1 SAs of active connections stay alive. Fixes a DPDHans-Joerg Hoexer
2006-05-29export pf_key_v2_disable_sa() (unbreaks build)Markus Friedl
2005-11-14use snprintf; ok cloder. also looked at by a few other peopleTheo de Raadt
2005-06-14add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947Hans-Joerg Hoexer
2005-06-01Fix memory leak. OK hshoexerChad Loder
2005-05-22No more ifdef KAME. From hshoexerChad Loder
2005-04-08get rid of sysdep_sa_lenHans-Joerg Hoexer
2005-04-08USE_DEBUG is bye byeTheo de Raadt
2005-04-08keynote and policy always compiled inTheo de Raadt
2005-04-08nat-traversal alwaysTheo de Raadt
2005-04-08kill USE_OLD_SOCKADDRTheo de Raadt
2005-04-08Remove references to LINUX_IPSECChad Loder
2005-04-06knf, ok cloderTheo de Raadt
2005-04-05Always compile X509 support. Almost everyone uses it. Makes the codeChad Loder
2005-04-04spacing; ok cloderTheo de Raadt
2005-03-02knf, linewrapping, whitespaces, no binary changeHans-Joerg Hoexer
2005-02-27cleanup correctly in some error paths.Patrick Latifi
2005-02-27where possible, use bzero instead of memsetHans-Joerg Hoexer
2005-02-25Fix an obviously incorrect call to memset. '0' and 0 are not the sameChad Loder
2004-12-27Fix broken pointer arithmetic when receiving a RSA key from the kernel. FoundHans-Joerg Hoexer
2004-09-17Missing #ifdefs.Hakan Olsson
2004-08-12Avoid memleak on error (Linux/KAME). Found by Benjamin Pineau.Hakan Olsson
2004-08-10Better implementation of the Dead Peer Detection protocol, RFC 3706.Hakan Olsson
2004-08-08spacingTheo de Raadt
2004-06-26Narrow down privsep interface. Move pf_key_v2_open() to monitor.Hans-Joerg Hoexer
2004-06-23Print corrent prefix. Found and tested by alex at vbone.net.Hakan Olsson
2004-06-21udpencap_port should be taken from dst transportHakan Olsson
2004-06-21Tell the kernel to enable ESP-in-UDP encapsulation when we haveHakan Olsson
2004-06-14KNF, style, 80c, etc. hshoexer@ okHakan Olsson
2004-06-09Style nits. hshoexer@ okHakan Olsson
2004-04-15partial move to KNF. More to come. This has happened because thereTheo de Raadt
2004-04-07-Wsign-compare nits. hshoexer@ ok.Hakan Olsson
2004-03-10Fix for PR2429, from Clemens Wittinger.Hakan Olsson
2003-11-06Style nits.Hakan Olsson
2003-08-08Fine grained selectors for Linux native IPsec. From Jean-Francois Dive.Hakan Olsson
2003-07-25add sha2 support; ok ho@Markus Friedl
2003-07-24conform to RFC2367 on SADB_xx naming (local name must be prefixed withJun-ichiro itojun Hagino
2003-06-10boring cleanupsTheo de Raadt