summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/policy.c
AgeCommit message (Collapse)Author
2004-06-25Keynote policy checking can now be disabled by "-K" switch and config tagHans-Joerg Hoexer
"Use-Keynote". Default is to use keynote. ok henning@ ho@
2004-06-24Also handle keys from x509-certificates embedded in keynote credentials.Hans-Joerg Hoexer
with msf@ ok ho@
2004-06-20NAT-Traversal for isakmpd. Work in progress...Hakan Olsson
hshoexer@ ok.
2004-06-14KNF, style, 80c, etc. hshoexer@ okHakan Olsson
2004-05-23More KNF. Mainly spaces and line-wraps, no binary change.Hans-Joerg Hoexer
ok ho@
2004-05-23stat before open is flawedTheo de Raadt
2004-04-28remove unused variable and shorten names of two other. Removed some spacesHans-Joerg Hoexer
while around. ok ho@ markus@
2004-04-15partial move to KNF. More to come. This has happened because thereTheo de Raadt
are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
2004-04-07-Wsign-compare nits. hshoexer@ ok.Hakan Olsson
2004-03-19Add missing bits to make already present privsep code work. Enable privsep.Hans-Joerg Hoexer
ok ho@ deraadt@ markus@
2003-11-06Style nits.Hakan Olsson
2003-07-25add sha2 support; ok ho@Markus Friedl
2003-06-10boring cleanupsTheo de Raadt
2003-06-04Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, AngelosHakan Olsson
D. Keromytis and Niels Provos.
2003-06-03Cleanup. Use 'sizeof variable' instead of magic constants.Hakan Olsson
2003-05-18More isakmpd privsep work. X509 private keys are now kept in the privilegedHakan Olsson
process only. Various cleanup and bugfixes. markus@ ok
2003-05-15Start of privilege separation for isakmpd.Hakan Olsson
There are some kinks left, so keep it default disabled for now. markus@ says ok to commit.
2003-05-14Policy file default defined twice, kill the local copy.Hakan Olsson
2003-05-14I did not test this enough. Unbreak.Hakan Olsson
2003-05-12AES -> AES_128_CBCHakan Olsson
2002-11-14Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848.Hakan Olsson
2002-09-11signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.Hakan Olsson
2002-06-15ecn_* policy attributes --- ok ho@Angelos D. Keromytis
2002-06-10The dlopen() stuff goes away.Hakan Olsson
2002-06-09rm trailing whitespaceTodd T. Fries
2002-06-01size_t must be cast to (unsigned long) and printed using %luTheo de Raadt
2002-05-28off_t to size_t change for printf format and malloc. Pointed out by ↵Hakan Olsson
<greg@nest.cx>
2002-01-23Actually return the ESP/AH/COMP ground descriptions for policyAngelos D. Keromytis
comparisons -- from cjkim2000@yahoo.com
2002-01-23no more strcpy/sprintfHakan Olsson
2002-01-23strcpy->strlcpy, sprintf->snprintfHakan Olsson
2002-01-03strftime format fixes. From Christo Butcher <christo@fox-it.com>.Hakan Olsson
2001-08-26more styleNiklas Hallqvist
2001-08-25Use x509_DN_string API. Style fixes.Niklas Hallqvist
2001-08-24I was only going to remove #include "init.h", but found 8 moreHakan Olsson
#include's we don't need here.
2001-08-11Allocate slightly larger buffer for cert.Angelos D. Keromytis
2001-07-05DER_ASN1_DN ID handling --- untestedAngelos D. Keromytis
2001-07-04Better handling of Key IDs.Angelos D. Keromytis
2001-07-03Fix policy information for IPv6 subnet/range cases. This is ugly, I'llAngelos D. Keromytis
have to find another way of dealing with IPv6 addresses.
2001-07-03Wait with strlcpy a while, change to strncpy.Hakan Olsson
2001-07-03use strlcpy instead of memcpy to copy stringsHakan Olsson
2001-07-01StyleNiklas Hallqvist
2001-07-01Start support for IPv6 addresses in policy.Angelos D. Keromytis
2001-07-01Fix remote_negotiation_address attribute; fix sockaddr2text() returnAngelos D. Keromytis
value when zero-filling; log_error()->log_print() consistently.
2001-06-29Change get_src/get_dst API as we get the length with sa_len.Hakan Olsson
2001-06-29Initial IPv6 support. (niklas@ ok)Hakan Olsson
2001-06-07No need to allocate/free X509 policy information -- the certs areAngelos D. Keromytis
converted as needed, and the CA certs are irrelevant.
2001-06-07Get rid of the main policy session (unnecessary).Angelos D. Keromytis
2001-06-07Add some log_print()Angelos D. Keromytis
2001-05-31Routines for handling KeyNote cert representation.Angelos D. Keromytis
2001-04-09Style police a'la niklas@.Hakan Olsson
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 06:13:54 +0000