summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/virtual.c
AgeCommit message (Collapse)Author
2019-06-28When system calls indicate an error they return -1, not some arbitraryTheo de Raadt
value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
2015-08-20<stdlib.h> is included, so do not need to cast result fromTheo de Raadt
malloc, calloc, realloc* ok krw millert
2011-02-03When binding to addresses, ignore any IP address not in the currentPeter Hessler
routing domain. While here, update comment on what the ioctl is used for (from sthen@). OK mikeb@, sthen@
2009-01-28cleaning up my tree: trivial KNF and a comment fix.Hans-Joerg Hoexer
2008-10-21do not listen on tentative (during DAD), duplicated (after DAD) orMarkus Friedl
detached addresses. bind(2) will not allow this. ok hshoexer, fries
2007-04-16There's no point in checking ptr for NULL before doing free(ptr)Moritz Jodeit
since free(NULL) is just fine. ok hshoexer@
2007-04-15Fix interop-issue with vpn peers that start reyking on port 4500 whenHans-Joerg Hoexer
NAT-T is used. Solves problems with cisco and openswan. Tested by todd@ (cisco interop), ok ho@ Original fix with Stefan Roth (stefan dot roth at siemens dot com), thanks!
2006-06-02Big spelling cleanup, no binary change. From david@Hans-Joerg Hoexer
2005-11-13zap unused variable and silence gcc.Hans-Joerg Hoexer
From Mike Belopuhov <mkb at crypt dot org dot ru> Thanks!
2005-10-27Do not touch LIST_* macro internals.Hans-Joerg Hoexer
with otto@, ok ho@
2005-10-25some small knf, ok ho@Hans-Joerg Hoexer
2005-08-25read the information from the INADDR_ANY socket and do not loop ifMarkus Friedl
a new IP appears (cf udp.c, rev 1.74), ok ho@ hshoexer@ cloder@ deraadt@
2005-04-08get rid of sysdep_sa_lenHans-Joerg Hoexer
ok cloder@
2005-04-08USE_DEBUG is bye byeTheo de Raadt
2005-04-08nat-traversal alwaysTheo de Raadt
2005-04-08Remove references to LINUX_IPSECChad Loder
2005-04-07remove unnecessary typecasts.Hans-Joerg Hoexer
ok ho@
2005-04-06knf, ok cloderTheo de Raadt
2005-04-05Add -T flag to isakmpd to disable NAT-T support from the command line.Chad Loder
This lets binat setups work again without having to recompile isakmpd. OK ho, hshoexer.
2005-04-04spacing; ok cloderTheo de Raadt
2005-03-05No need for err.h. hshoexer@ okHakan Olsson
2005-03-04cleanup binding and cloning functions, use text2port(), correctlyHans-Joerg Hoexer
determin the encap port. This makes udpencap fully useable on ports other than the default 4500. ok ho cloder
2005-02-27where possible, use bzero instead of memsetHans-Joerg Hoexer
ok cloder henning
2004-12-14Allow the Address, Network, or Netmask values of the <IPsec-ID> to beRyan Thomas McBride
specified with an interface name (in which case the first address is used) or the keyword 'default' (in which case the address is selected based on the default route). eg: [roadwarrior-ip] ID-type= IPV4_ADDR Address= default ok ho@ hshoexer@
2004-09-20compile cleanly with -Wsign-compareHans-Joerg Hoexer
ok ho
2004-08-10spacingTheo de Raadt
2004-08-08spacingTheo de Raadt
2004-08-03Rewrite the transport reference count code to avoid leaks.Hakan Olsson
hshoexer@ ok.
2004-07-08free() and close() in error path.Hans-Joerg Hoexer
ok ho@
2004-06-22The NAT-T drafts suggest we should drop incoming messages arriving onHakan Olsson
the old port (500) after we've switched to the new one.
2004-06-21When switching from main to encap transport, copy dst port ifHakan Olsson
translated (NAT).
2004-06-21Port floating (500->4500) for p1 and p2 exchanges.Hakan Olsson
2004-06-20NAT-Traversal for isakmpd. Work in progress...Hakan Olsson
hshoexer@ ok.