summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/policy.h
AgeCommit message (Collapse)Author
2004-06-25Keynote policy checking can now be disabled by "-K" switch and config tagHans-Joerg Hoexer
"Use-Keynote". Default is to use keynote. ok henning@ ho@
2004-04-28remove unused variable and shorten names of two other. Removed some spacesHans-Joerg Hoexer
while around. ok ho@ markus@
2004-04-15partial move to KNF. More to come. This has happened because thereTheo de Raadt
are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
2003-06-04Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, AngelosHakan Olsson
D. Keromytis and Niels Provos.
2003-05-14Policy file default defined twice, kill the local copy.Hakan Olsson
2002-06-10The dlopen() stuff goes away.Hakan Olsson
2001-08-15Some more style...Hakan Olsson
2001-05-31Routines for handling KeyNote cert representation.Angelos D. Keromytis
2000-10-07cert.c: Merge with EOM 1.18Niklas Hallqvist
cert.h: Merge with EOM 1.8 libcrypto.c: Merge with EOM 1.14 policy.h: Merge with EOM 1.12 x509.h: Merge with EOM 1.11 author: niklas Multiple subject name matching, makes certificate interop with PGPnet at least partly working. Added some error checking.
2000-06-08Merge with EOM 1.11Niklas Hallqvist
author: angelos Different policy/Keynote sessions per Phase 1 SA. author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol. author: angelos A few more definitions. author: angelos Some more support for KeyNote credential exchange (not yet done).
2000-05-02Merge with EOM 1.7Niklas Hallqvist
author: angelos Move POLICY_FILE_DEFAULT definition to the .h file.
2000-04-07Merge with EOM 1.6Niklas Hallqvist
author: niklas Hmm keynote does not exist in a dynamically linked version
2000-02-20Merge with EOM 1.5Niklas Hallqvist
author: niklas Allow isakmpd builders to remove optional parts and save bytes.
1999-08-26Merge with EOM 1.4Niklas Hallqvist
author: niklas typo author: niklas Support dynamic loading of libkeynote too. Build isakmpd static by default. Stylistic cleanup of keynote policy code. Correct some libcrypto calls.
1999-07-07policy.h: Merge with EOM 1.2Niklas Hallqvist
policy.c: Merge with EOM 1.2 author: niklas Remove $EOM$ from Eom repository version author: niklas New file, for keynote policy handling. By angelos@openbsd.org
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 20:55:02 +0000