summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Expand)Author
2008-07-01Isakmpd acquire mode did not work with a config generated fromAlexander Bluhm
2008-06-10Arguments to fifo commands were limited to 80 bytes. That is tooAlexander Bluhm
2008-06-10Fix implementation of IN6_IS_ADDR_FULL so that IPV6_ADDR is usedAlexander Bluhm
2008-05-12Error out with usage line if additional arguments are given after thePierre-Yves Ritschard
2008-03-24msg_controllen has to be CMSG_SPACE so that the kernel can account forTheo de Raadt
2008-03-15Repair the simple cases for msg_controllen where it should just beTheo de Raadt
2008-03-13Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due toTheo de Raadt
2008-03-02Use a union to ensure alignment of the cmsg.Hans-Joerg Hoexer
2008-02-17Define default configurations for AES-192 and AES-256. From Mitja MuzenicHans-Joerg Hoexer
2008-02-06Fix possible memory leaks when sending phase 1 IDs.Moritz Jodeit
2008-01-29fix race in makefileMarc Espie
2007-09-02more malloc(n * m) -> calloc(n, m); from Igor ZinovikTheo de Raadt
2007-09-02use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsgTheo de Raadt
2007-08-15Remove a superflous debug fprintf.Hans-Joerg Hoexer
2007-08-11Do not complain about being not able to read non-existing files. MinorHans-Joerg Hoexer
2007-08-07m_priv_req_readdir(): check file type after fstat, since d_typeMarkus Friedl
2007-08-05Allow key exchange with RSA signature authentication to work withTom Cosgrove
2007-07-31Use correct function name in log message. Noticed by Igor ZinovkHans-Joerg Hoexer
2007-06-02safer snprintf construct with more paranoid length calculationPeter Valchev
2007-06-01Let conf_trans_node() set all parts of the node, so that we don'tMoritz Jodeit
2007-05-31convert to new .Dd format;Jason McIntyre
2007-05-27Don't include sys/mbuf.h it is not needed. OK mcbride@ msf@Claudio Jeker
2007-05-23Get rid of some obsolete exampels.Hans-Joerg Hoexer
2007-05-07Bump crypto buffer logging (before crypto/after crypto) to level 70 fromChad Loder
2007-05-07It was possible for phase 1 negotiation to fail due to lifetime durationChad Loder
2007-05-07Document "M active|passive" ui command.Joel Knight
2007-05-05Kill a log message which looks like an error message but is actuallyChad Loder
2007-04-22Free allocated node in conf_set_now() before failing,Moritz Jodeit
2007-04-22Use conf_free_list() after calling conf_get_list().Moritz Jodeit
2007-04-16There's no point in checking ptr for NULL before doing free(ptr)Moritz Jodeit
2007-04-15Fix interop-issue with vpn peers that start reyking on port 4500 whenHans-Joerg Hoexer
2007-04-08Fix lint comments. s/Fall through/FALLTHROUGH/.Moritz Jodeit
2007-04-08o Kill another strerror() from a call to log_error(),Moritz Jodeit
2007-04-02Don't append the errno string in a log_error() call,Moritz Jodeit
2007-04-02When setting all signals to their default handlers, startMoritz Jodeit
2007-04-02Don't let -r fall through to the next case block,Moritz Jodeit
2007-03-26typo in initial RCS tag ($OpenBSD: -> $OpenBSD$)Pedro Martelletto
2007-03-18Fix usage of predefined lifetimes. "Default-phase-[12]-lifetime"Hans-Joerg Hoexer
2007-03-05Set pointer to NULL after freeing it, so callers ofMoritz Jodeit
2007-03-03There may be more than one item in the subjectAltName (cropping upTom Cosgrove
2007-03-03keynote_cert_obtain should not leak in case of error. OK moritz@Chad Loder
2007-03-03Make sure we can't accidentally free() a pointer that's been acceptedTom Cosgrove
2007-03-01improve the description of -a. specifically, make it clear thatJason McIntyre
2007-02-22Add a comment that explains, why the VID of draft 2 NAT-T includesHans-Joerg Hoexer
2007-02-19tweak;Jason McIntyre
2007-02-19Document NULL encryption.Hans-Joerg Hoexer
2007-02-19isakmpd bits for ESP+NULL encryption. This is useful, when AH canHans-Joerg Hoexer
2006-12-05plug memleak, noticed by jesus@mxtelecom.comHans-Joerg Hoexer
2006-12-05some carp/sasyncd bits from msf and myself;Jason McIntyre
2006-12-05Don't leak message structures, when we see unsupported payloadsMoritz Jodeit