| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
Disabled, has no configuration mechanism yet. This will be used for roaming
users, who are going to get parameters like IP-address and nameserver from its
peer, very much like DHCP, but securily inside an ISAKMP connection and still
in time before negotiation of IPsec connections. You may see stylistic fixes
in this commit too. Add some not yet used Makefile magic to deal with DNSSEC-
enabled OpenSSL too. The IKECFG code work was sponsered by Gatespace Inc.
Thank you! Configuration will come very soon, btw.
|
|
|
|
|
|
|
|
|
|
|
|
by newsham@lava.net)
|
|
|
|
|
|
looking up the certificate via the name. The lookup method already
guarantees a match. It is also a problem to look at the subjectAltName
should we have got the certificate with no such name in it. Prodded by
mickey@ although I solved the problem in a different way.
|
|
|
|
regress/rsakeygen/rsakeygen.c: Merge with EOM 1.10
regress/x509/x509test.c: Merge with EOM 1.9
author: ho
Only include <gmp.h> with MP_FLAVOUR_GMP.
|
|
|
|
regress/ec2n/Makefile: Merge with EOM 1.9
conf.c: Merge with EOM 1.40
util.c: Merge with EOM 1.17
author: ho
Add file permission check to private key file. Split out check function to util.c.
|
|
author: niklas
Multiple subject name matching, makes certificate interop with PGPnet at least
partly working. Added some error checking.
author: ho
Read in FEATURES for proper operation
author: angelos
No need for NODEBUG.
author: angelos
Use NODEBUG compile flag, so policy.c doesn't barf.
|
|
|
|
author: ho
Revert to manual OS selection, and make sure USE_X509 is set as needed.
author: ho
Another way to do multiple OSes
|
|
regress/ec2n/Makefile: Merge with EOM 1.8
regress/exchange/Makefile: Merge with EOM 1.8
regress/prf/Makefile: Merge with EOM 1.6
regress/x509/Makefile: Merge with EOM 1.12
author: ho
Revert to manual OS selection.
author: ho
Another way to do multiple OSes
|
|
regress/group/Makefile: Merge with EOM 1.12
author: niklas
Use OpenSSL math
author: ho
Revert to manual OS selection.
author: ho
Another way to do multiple OSes
|
|
|
|
|
|
regress/dh/Makefile: Merge with EOM 1.7
regress/group/Makefile: Merge with EOM 1.9
regress/prf/Makefile: Merge with EOM 1.4
regress/rsakeygen/Makefile: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.10
Makefile: Merge with EOM 1.62
attribute.c: Merge with EOM 1.10
sa.c: Merge with EOM 1.99
conf.c: Merge with EOM 1.20
crypto.c: Merge with EOM 1.28
isakmpd.c: Merge with EOM 1.45
connection.c: Merge with EOM 1.19
doi.h: Merge with EOM 1.28
field.c: Merge with EOM 1.11
exchange.c: Merge with EOM 1.116
ike_auth.c: Merge with EOM 1.44
pf_key_v2.c: Merge with EOM 1.37
ike_phase_1.c: Merge with EOM 1.22
ipsec.c: Merge with EOM 1.118
isakmp_doi.c: Merge with EOM 1.40
log.c: Merge with EOM 1.26
log.h: Merge with EOM 1.18
math_group.c: Merge with EOM 1.23
message.c: Merge with EOM 1.144
pf_encap.c: Merge with EOM 1.70
policy.c: Merge with EOM 1.18
timer.c: Merge with EOM 1.13
transport.c: Merge with EOM 1.41
udp.c: Merge with EOM 1.47
ui.c: Merge with EOM 1.37
x509.c: Merge with EOM 1.36
author: niklas
Made debug logging a compile time selectable feature
|
|
author: niklas
typo
|
|
regress/exchange/def-r.1: Sync with EOM
isakmpd.policy.5: Sync with EOM
.cvsignore: Add isakmpd.policy.cat5
|
|
README.PKI: Merge with EOM 1.7
author: niklas
OpenSSL 0.9.4 support
|
|
author: niklas
Hmm, make compile in an ugly way. Dependencies that seem to be backwards.
author: ho
Don't build w/o crypto support
author: niklas
Add support for dynamic loading of optional facilities, libcrypto first.
|
|
regress/x509/x509test.c: Merge with EOM 1.7
DESIGN-NOTES: Merge with EOM 1.48
README.PKI: Merge with EOM 1.6
TO-DO: Merge with EOM 1.44
cert.c: Merge with EOM 1.12
author: niklas
Add support for dynamic loading of optional facilities, libcrypto first.
|
|
regress/b2n/.cvsignore: Ignore me
regress/crypto/.cvsignore: Ignore me
regress/dh/.cvsignore: Ignore me
regress/ec2n/.cvsignore: Ignore me
regress/exchange/.cvsignore: Ignore me
regress/group/.cvsignore: Ignore me
regress/hmac/.cvsignore: Ignore me
regress/pkcs/.cvsignore: Ignore me
regress/prf/.cvsignore: Ignore me
regress/rsakeygen/.cvsignore: Ignore me
regress/x509/.cvsignore: Ignore me
apps/certpatch/.cvsignore: Ignore me
.cvsignore: Ignore me
|
|
author: ho
Don't build w/o crypto support
author: niklas
Add support for dynamic loading of optional facilities, libcrypto first.
|
|
author: niklas
EOM RCS Id
author: niklas
New regression test of exchanges, with timed events
=============================================================================
|
|
regress/exchange/mm-1-setup.sh: Merge with EOM 1.1
regress/exchange/mm-i-1.t: Merge with EOM 1.1
regress/exchange/mm-r-1.t: Merge with EOM 1.1
author: niklas
New regression test of exchanges, with timed events
=============================================================================
|
|
author: niklas
Fix isakmpd path
|
|
sysdep/openbsd/sysdep.c: Merge with EOM 1.8
cookie.c: Merge with EOM 1.21
util.c: Merge with EOM 1.15
util.h: Merge with EOM 1.7
author: niklas
Move regrand var to util.c, and get the decl from util.h, do not update the
cookie secret if in deterministic mode.
|
|
regress/rsakeygen/rsakeygen.c: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.6
regress/x509/x509test.c: Merge with EOM 1.6
regress/Makefile: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.6
samples/VPN-west.conf: Merge with EOM 1.6
samples/singlehost-east.conf: Merge with EOM 1.3
samples/singlehost-west.conf: Merge with EOM 1.3
sysdep/openbsd/Makefile.sysdep: Merge with EOM 1.5
x509.h: Merge with EOM 1.6
x509.c: Merge with EOM 1.17
DESIGN-NOTES: Merge with EOM 1.46
Makefile: Merge with EOM 1.55
cert.c: Merge with EOM 1.11
cert.h: Merge with EOM 1.6
exchange.c: Merge with EOM 1.109
exchange.h: Merge with EOM 1.26
ike_auth.c: Merge with EOM 1.32
ike_phase_1.c: Merge with EOM 1.7
init.c: Merge with EOM 1.16
isakmpd.conf.5: Merge with EOM 1.27
README.PKI: Merge with EOM 1.1
author: niklas
From Niels Provos, edited by me: certificate support using SSLeay
|
|
asn_useful.h: Merge with EOM 1.7
asn.c: Merge with EOM 1.28
asn.h: Merge with EOM 1.19
asn_useful.c: Merge with EOM 1.12
pkcs.c: Merge with EOM 1.21
pkcs.h: Merge with EOM 1.9
author: niklas
From Niels Provos, edited by me: certificate support using SSLeay
|
|
author: niklas
typo
|
|
author: niklas
Update validity times
|
|
regress/exchange/run.sh: Merge with EOM 1.5
regress/rsakeygen/rsakeygen.c: Merge with EOM 1.7
genconstants.sh: Merge with EOM 1.6
genfields.sh: Merge with EOM 1.5
author: niklas
1999
|
|
./dh.h: Merge with EOM 1.4
./math_ec2n.c: Merge with EOM 1.8
./crypto.c: Merge with EOM 1.25
./ike_quick_mode.c: Merge with EOM 1.82
./math_group.c: Merge with EOM 1.16
./math_ec2n.h: Merge with EOM 1.4
Style. alloc error reporting. Math error propagation. Allocate right
sizes.
|
|
./regress/pkcs/pkcstest.c: Merge with EOM 1.7
1999
|
|
RSA fixes and optimiations from Ilya Tsindlekht, via Niels Provos
|
|
RSA fixes and optimiations from Ilya Tsindlekht, via Niels Provos
|
|
|
|
| revision 1.3
| date: 1998/08/21 14:33:12; author: provos; state: Exp; lines: +8 -1
| encode IP into cert. many XXX.
| ----------------------------
| revision 1.2
| date: 1998/08/20 14:09:05; author: provos; state: Exp; lines: +3 -3
| rename pkcs_{set,get}_{public,private}_key to something more understandable,
| it confused me, so i suppose it will also confuse others.
| ----------------------------
| revision 1.1
| date: 1998/08/11 20:29:16; author: provos; state: Exp;
| add a tool for generating x509 certificates
| =============================================================================
|
|
| revision 1.2
| date: 1998/08/21 15:02:12; author: provos; state: Exp; lines: +1 -1
| generate x509v3 certificates
| ----------------------------
| revision 1.1
| date: 1998/08/11 20:29:16; author: provos; state: Exp;
| add a tool for generating x509 certificates
| =============================================================================
|
|
| revision 1.5
| date: 1999/02/25 15:10:11; author: niklas; state: Exp; lines: +2 -2
| Whoops
| ----------------------------
| revision 1.4
| date: 1999/02/25 15:07:36; author: niklas; state: Exp; lines: +6 -4
| Mesing with the new sysdep paths
| ----------------------------
| revision 1.3
| date: 1998/12/21 00:41:59; author: niklas; state: Exp; lines: +2 -0
| RCS Ids
| ----------------------------
| revision 1.2
| date: 1998/08/14 08:52:19; author: niklas; state: Exp; lines: +3 -2
| Work in objdir setups correctly
| ----------------------------
| revision 1.1
| date: 1998/08/11 20:29:16; author: provos; state: Exp;
| add a tool for generating x509 certificates
| =============================================================================
|
|
| revision 1.5
| date: 1998/10/07 16:40:51; author: niklas; state: Exp; lines: +3 -2
| Clean out warnings on alpha
| ----------------------------
| revision 1.4
| date: 1998/08/20 14:09:07; author: provos; state: Exp; lines: +3 -3
| rename pkcs_{set,get}_{public,private}_key to something more understandable,
| it confused me, so i suppose it will also confuse others.
| ----------------------------
| revision 1.3
| date: 1998/08/11 21:06:20; author: niklas; state: Exp; lines: +1 -2
| Remove unused variables
| ----------------------------
| revision 1.2
| date: 1998/08/11 20:30:38; author: provos; state: Exp; lines: +4 -3
| update to reflect recent changes
| ----------------------------
| revision 1.1
| date: 1998/08/09 20:04:41; author: provos; state: Exp;
| a tool for generating rsa keypair, a spin off of this might be used later
| as key generation tool for the daemon.
| =============================================================================
|
