summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Expand)Author
2001-08-22If we fail to get a key from DNSSEC, RAWKEY can still succeed.Hakan Olsson
2001-08-22Modify as per deraadt@'s wishes. aaron@ ok.Hakan Olsson
2001-08-22Add an example.Hakan Olsson
2001-08-22Add a manual page.Hakan Olsson
2001-08-22DNS KEY RR values.Hakan Olsson
2001-08-22Cleanup and style fixes. Use getopt().Hakan Olsson
2001-08-22USER_FQDN ID support, untested.Hakan Olsson
2001-08-22IPCOMP policy control should be optional for backwardNiklas Hallqvist
2001-08-22Alphabeticize extern decls.Niklas Hallqvist
2001-08-22Add ipsec_id_string, a function for converting IDs to on epossibleNiklas Hallqvist
2001-08-22Need an extra sa_release() when de-allocating exchange-associated SAs;Angelos D. Keromytis
2001-08-22Bypass IPCOMP too.Niklas Hallqvist
2001-08-19Prevent section leak in conf space.Angelos D. Keromytis
2001-08-18careful with snprintf() == -1; ho, provosTheo de Raadt
2001-08-17Fix keyed HMAC where the key was longer than the blocksizeNiklas Hallqvist
2001-08-17Add test with long key, longer than common hmac blocksizeNiklas Hallqvist
2001-08-17Rewrite to do lookups depending on ID type. IPv4 and FQDN only for now.Hakan Olsson
2001-08-16remove unneeded LWRESLIB definition. ok ho@Jakob Schlyter
2001-08-16openssl black magic.Hakan Olsson
2001-08-16Don't right-justify this debug message.Hakan Olsson
2001-08-16Off-by-one error in [u]fqdn cases, plus better debug messages whenHakan Olsson
2001-08-16ISAKMP ID type offset was wrong.Hakan Olsson
2001-08-16do not link with lwres. ok ho@Jakob Schlyter
2001-08-16add support for getrrsetbyname(3) from libc. ok ho@.Jakob Schlyter
2001-08-15Some more style...Hakan Olsson
2001-08-15A small utility to convert between OpenSSL(1) and DNSSEC key formats.Hakan Olsson
2001-08-15Support trusted public (RSA) keys as files too. niklas@ ok.Hakan Olsson
2001-08-14The same msg length fix for KAME cases.Hakan Olsson
2001-08-14Proper length for PFKEYv2 messages in IPv4-in-IPv6 / IPv6-in-IPv4 flows.Hakan Olsson
2001-08-14Print the correct fields in a debug message. (cut'n'paste bug)Hakan Olsson
2001-08-13use getifaddrs(3) rather than SIOCGIFCONF. in fact, if_map() does not doJun-ichiro itojun Hagino
2001-08-13need to use IPV6_IPSEC_POLICY for IPv6 bypass policy setting. from theJun-ichiro itojun Hagino
2001-08-12Don't coredump if the kernel doesn't support IPv6.Angelos D. Keromytis
2001-08-12#(endif|else) foo is incorrect, make it #endif /* foo */Heikki Korpela
2001-08-11Check socket >= 0. We should also be going through the list of clonedAngelos D. Keromytis
2001-08-11When a message is received on the wildcard (default) transport,Angelos D. Keromytis
2001-08-11Add TRANSPORT_MARK, for mark-and-sweep garbage collection of transportAngelos D. Keromytis
2001-08-11Fix keynote credential case again.Angelos D. Keromytis
2001-08-11Allocate slightly larger buffer for cert.Angelos D. Keromytis
2001-08-02Let the example config use suites that actually work together.Hakan Olsson
2001-07-29-Wunused for KAME caseJun-ichiro itojun Hagino
2001-07-25pf_key_v2_flow: sync success and failure messages; ok niklas@Markus Friedl
2001-07-25CFG mode changes: send attributes of size 0 if attribute is not availableMarkus Friedl
2001-07-25do not setup identity extensions for KAME; ok angelos@Markus Friedl
2001-07-20we don't like:Mike Pechkin
2001-07-18protect #define MAX(); ok ho@Markus Friedl
2001-07-18minor updates.Markus Friedl
2001-07-18use correct length for SADB_X_EXT_POLICY message on KAMEMarkus Friedl
2001-07-13Be more verbose about why X509_verify_cert() failed. Thanks toHakan Olsson
2001-07-13Add lc_X509_verify_cert_error_string().Hakan Olsson