Age | Commit message (Collapse) | Author |
|
author: angelos
Document the ID section/tag for Phase 1 exchanges.
|
|
author: niklas
typo
author: niklas
Support dynamic loading of libkeynote too. Build isakmpd static by default.
Stylistic cleanup of keynote policy code. Correct some libcrypto calls.
|
|
author: ho
Don't build w/o crypto support
author: niklas
Add support for dynamic loading of optional facilities, libcrypto first.
|
|
author: niklas
Support dynamic loading of libkeynote too. Build isakmpd static by default.
Stylistic cleanup of keynote policy code. Correct some libcrypto calls.
author: angelos
Complete policy work; tested for the shared-key case. Documentation needed.
author: ho
Compile without USE_LIBCRYPTO and HAVE_DLOPEN.
author: niklas
Add support for dynamic loading of optional facilities, libcrypto first.
|
|
message.c: Merge with EOM 1.135
message.h: Merge with EOM 1.48
sa.c: Merge with EOM 1.97
sa.h: Merge with EOM 1.53
author: angelos
Complete policy work; tested for the shared-key case. Documentation needed.
|
|
author: niklas
EOM RCS Id
author: niklas
New regression test of exchanges, with timed events
=============================================================================
|
|
author: niklas
Fix no ID in QM, when acting as responder, bug
author: niklas
Fix bad size computation in last commit
author: niklas
Make ID-less QM really work. Forgot to allocate space for the
fake ID payloads.
|
|
BUGS: Merge with EOM 1.32
author: niklas
Up-to-date
|
|
author: niklas
typo
|
|
regress/exchange/mm-1-setup.sh: Merge with EOM 1.1
regress/exchange/mm-i-1.t: Merge with EOM 1.1
regress/exchange/mm-r-1.t: Merge with EOM 1.1
author: niklas
New regression test of exchanges, with timed events
=============================================================================
|
|
author: niklas
Fix no ID in QM, when acting as responder, bug
|
|
author: niklas
Moving the PRIVKEY tag into the X509-certificates section, renaming it to
Private-key. Also rename the keynote policy file.
author: niklas
From Niels Provos, edited by me: certificate support using SSLeay
|
|
conf.c: Merge with EOM 1.19
conf.h: Merge with EOM 1.10
ui.c: Merge with EOM 1.34
author: niklas
Dynamic updates of the configuration database is now possible, either through
ui, or through the new conf_* API described in DESIGN-NOTES
|
|
author: niklas
regrand is in util.h now. Use new conf_reinit API at SIGHUP time. Fix
timeout handling in deteerministic mode.
|
|
author: niklas
Fix isakmpd path
|
|
sysdep/openbsd/sysdep.c: Merge with EOM 1.8
cookie.c: Merge with EOM 1.21
util.c: Merge with EOM 1.15
util.h: Merge with EOM 1.7
author: niklas
Move regrand var to util.c, and get the decl from util.h, do not update the
cookie secret if in deterministic mode.
|
|
author: niklas
Add a manpage
|
|
author: niklas
Add a manpage
|
|
author: niklas
1999
|
|
|
|
author: niklas
More sync with OpenBSD version
|
|
author: niklas
Remove obsolete mkdirs
|
|
samples/VPN-west.conf: Merge with EOM 1.7
samples/singlehost-west.conf: Merge with EOM 1.4
samples/singlehost-east.conf: Merge with EOM 1.4
README.PKI: Merge with EOM 1.3
ike_auth.c: Merge with EOM 1.33
isakmpd.conf.5: Merge with EOM 1.28
author: niklas
Moving the PRIVKEY tag into the X509-certificates section, renaming it to
Private-key. Also rename the keynote policy file.
|
|
isakmpd.8: Merge with EOM 1.15
author: niklas
Moving /etc/isakmpd.conf to /etc/isakmpd/isakmpd.conf.
|
|
samples/policy: Merge with EOM 1.1
samples/isakmpd.policy: Merge with EOM 1.2
author: niklas
Moving the PRIVKEY tag into the X509-certificates section, renaming it to
Private-key. Also rename the keynote policy file.
|
|
author: niklas
More stuff to do
|
|
author: niklas
libdes not needed anymore
|
|
author: niklas
RCD Id
|
|
regress/rsakeygen/rsakeygen.c: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.6
regress/x509/x509test.c: Merge with EOM 1.6
regress/Makefile: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.6
samples/VPN-west.conf: Merge with EOM 1.6
samples/singlehost-east.conf: Merge with EOM 1.3
samples/singlehost-west.conf: Merge with EOM 1.3
sysdep/openbsd/Makefile.sysdep: Merge with EOM 1.5
x509.h: Merge with EOM 1.6
x509.c: Merge with EOM 1.17
DESIGN-NOTES: Merge with EOM 1.46
Makefile: Merge with EOM 1.55
cert.c: Merge with EOM 1.11
cert.h: Merge with EOM 1.6
exchange.c: Merge with EOM 1.109
exchange.h: Merge with EOM 1.26
ike_auth.c: Merge with EOM 1.32
ike_phase_1.c: Merge with EOM 1.7
init.c: Merge with EOM 1.16
isakmpd.conf.5: Merge with EOM 1.27
README.PKI: Merge with EOM 1.1
author: niklas
From Niels Provos, edited by me: certificate support using SSLeay
|
|
apps/certpatch/Makefile: Merge with EOM 1.2
apps/Makefile: Merge with EOM 1.2
author: niklas
From Niels Provos, edited by me: certificate support using SSLeay
author: provos
add a tool that takes a certificate and private key in PEM format,
adds a subjectAltName extension to the certifcate and finally signs
it with the private key, writing back the result.
|
|
author: niklas
More stuff
|
|
asn_useful.h: Merge with EOM 1.7
asn.c: Merge with EOM 1.28
asn.h: Merge with EOM 1.19
asn_useful.c: Merge with EOM 1.12
pkcs.c: Merge with EOM 1.21
pkcs.h: Merge with EOM 1.9
author: niklas
From Niels Provos, edited by me: certificate support using SSLeay
|
|
author: niklas
From Niels Provos, edited by me: certificate support using SSLeay
author: ho
Initial.
author: ho
file VPN-3way-template.conf was initially added on branch RELEASE_1_0.
|
|
author: niklas
Bugs found when interoperating with KAME:
Inbound policy was not checked properly. Lifetime duration could be in
long format. Main mode can carry different DH-groups.
|
|
author: niklas
Do not try to establish an encryption key for AH
|
|
math_group.c: Merge with EOM 1.20
author: niklas
Really make group 5 work
|
|
author: ho
Oops.
|
|
* except when it is escaped with a `\' at the end of the line
- fix remaining .Nm usage as well
- this is from a patch I received from kwesterback@home.com, who has been
working on some scripts for fixing formatting errors in mdoc'd man pages
Ok, so there could be a cost/benefit debate with this commit, but since I have
the patch we might as well commit it...
|
|
pf_key_v2.c: Merge with EOM 1.18
author: niklas
Support building on older PF_KEY systems with non-standard-compliant SADB_-
constants.
|
|
|
|
x509.c: Merge with EOM 1.16
author: niklas
Start stab at supporting other IDs than IPV4_ADDR in main mode
|
|
TO-DO: Merge with EOM 1.40
author: niklas
Up-to-date
|
|
author: niklas
typo
|
|
ipsec.h: Merge with EOM 1.37
author: niklas
Add a function giving the size of a certain ID-payload
|
|
author: ho
Add copyright notice.
author: ho
Add connection_exist
|
|
author: ho
Add trap for SIGUSR2. Preliminary use to rehash soft exp. timers.
author: ho
Add keynote policy support (with USE_KEYNOTE). angelos@openbsd.org
|
|
author: niklas
Not a good sample anymore
|
|
author: ho
Release lock(s) on logfile when write fails.
|
|
author: niklas
Put back now fixed optimization from Ilya Tsindlekht
author: niklas
Revert optimization as x509test loses with it
author: niklas
Style. alloc error reporting. Math error propagation. Allocate right
sizes.
author: niklas
1999 copyrights
author: niklas
style
author: niklas
Remove stuff not meant to be committed
author: niklas
style
author: niklas
RSA fixes and optimiations from Ilya Tsindlekht, via Niels Provos
|
|
policy.c: Merge with EOM 1.2
author: niklas
Remove $EOM$ from Eom repository version
author: niklas
New file, for keynote policy handling. By angelos@openbsd.org
|