summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/policy.c
AgeCommit message (Expand)Author
2010-09-22Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMACMike Belopuhov
2007-08-05Allow key exchange with RSA signature authentication to work withTom Cosgrove
2007-04-16There's no point in checking ptr for NULL before doing free(ptr)Moritz Jodeit
2007-03-03keynote_cert_obtain should not leak in case of error. OK moritz@Chad Loder
2006-06-17Do not leak file descriptor in error path. From Andrey MatveevHans-Joerg Hoexer
2005-11-14use snprintf; ok cloder. also looked at by a few other peopleTheo de Raadt
2005-06-14add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947Hans-Joerg Hoexer
2005-04-08Make deterministic randomness (only ever used for testing) a compile-timeChad Loder
2005-04-08we have IPPROTO_ETHERIPTheo de Raadt
2005-04-08nat-traversal alwaysTheo de Raadt
2005-04-06knf, ok cloderTheo de Raadt
2005-04-04spacing; ok cloderTheo de Raadt
2005-03-03handle return value of snprintf more carefullyHans-Joerg Hoexer
2005-02-27where possible, use bzero instead of memsetHans-Joerg Hoexer
2004-08-08spacingTheo de Raadt
2004-06-25Keynote policy checking can now be disabled by "-K" switch and config tagHans-Joerg Hoexer
2004-06-24Also handle keys from x509-certificates embedded in keynote credentials.Hans-Joerg Hoexer
2004-06-20NAT-Traversal for isakmpd. Work in progress...Hakan Olsson
2004-06-14KNF, style, 80c, etc. hshoexer@ okHakan Olsson
2004-05-23More KNF. Mainly spaces and line-wraps, no binary change.Hans-Joerg Hoexer
2004-05-23stat before open is flawedTheo de Raadt
2004-04-28remove unused variable and shorten names of two other. Removed some spacesHans-Joerg Hoexer
2004-04-15partial move to KNF. More to come. This has happened because thereTheo de Raadt
2004-04-07-Wsign-compare nits. hshoexer@ ok.Hakan Olsson
2004-03-19Add missing bits to make already present privsep code work. Enable privsep.Hans-Joerg Hoexer
2003-11-06Style nits.Hakan Olsson
2003-07-25add sha2 support; ok ho@Markus Friedl
2003-06-10boring cleanupsTheo de Raadt
2003-06-04Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, AngelosHakan Olsson
2003-06-03Cleanup. Use 'sizeof variable' instead of magic constants.Hakan Olsson
2003-05-18More isakmpd privsep work. X509 private keys are now kept in the privilegedHakan Olsson
2003-05-15Start of privilege separation for isakmpd.Hakan Olsson
2003-05-14Policy file default defined twice, kill the local copy.Hakan Olsson
2003-05-14I did not test this enough. Unbreak.Hakan Olsson
2003-05-12AES -> AES_128_CBCHakan Olsson
2002-11-14Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848.Hakan Olsson
2002-09-11signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.Hakan Olsson
2002-06-15ecn_* policy attributes --- ok ho@Angelos D. Keromytis
2002-06-10The dlopen() stuff goes away.Hakan Olsson
2002-06-09rm trailing whitespaceTodd T. Fries
2002-06-01size_t must be cast to (unsigned long) and printed using %luTheo de Raadt
2002-05-28off_t to size_t change for printf format and malloc. Pointed out by <greg@nes...Hakan Olsson
2002-01-23Actually return the ESP/AH/COMP ground descriptions for policyAngelos D. Keromytis
2002-01-23no more strcpy/sprintfHakan Olsson
2002-01-23strcpy->strlcpy, sprintf->snprintfHakan Olsson
2002-01-03strftime format fixes. From Christo Butcher <christo@fox-it.com>.Hakan Olsson
2001-08-26more styleNiklas Hallqvist
2001-08-25Use x509_DN_string API. Style fixes.Niklas Hallqvist
2001-08-24I was only going to remove #include "init.h", but found 8 moreHakan Olsson
2001-08-11Allocate slightly larger buffer for cert.Angelos D. Keromytis