summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Collapse)Author
2001-04-24Correct SA refcounting. Fixes a bug where isakmpd could die when a peer wasNiklas Hallqvist
discovered to have rebooted, and old now invalid SAs had to be garbage- collected.
2001-04-19PF_KEY identity extensions are NUL-terminated. Do not forget neither toNiklas Hallqvist
allocate for the NUL, nor to actually transfer it.
2001-04-15Style.Hakan Olsson
2001-04-14Minor cleanup.Hakan Olsson
2001-04-12More.Hakan Olsson
2001-04-12Correct various faulty x509 deallocations. By Niklas and me.Hakan Olsson
2001-04-12Don't put the same message on the sendq twice. By niklas and me.Hakan Olsson
2001-04-09More style fixes...Hakan Olsson
2001-04-09Only set BINDIR if undefined. From NetBSD's isakmpd port (itojun, presumably).Hakan Olsson
2001-04-09isakmpd can now capture un-encrypted IKE negotiation packets to aHakan Olsson
file. In pcap(3) format, so tcpdump(8) can read it. Idea by Tim Newsham <newsham@lava.net>, work by him and me. Ok angelos@, niklas@
2001-04-09Style police a'la niklas@.Hakan Olsson
2001-04-09fix typoMarkus Friedl
2001-04-08log_print, not log_errorHakan Olsson
2001-04-07Add missing filename argument.Hakan Olsson
2001-04-05Also mention mode requirements for the private key file, plus one less typo.Hakan Olsson
2001-04-05Be more clear about configuration file mode requirements.Hakan Olsson
2001-04-05As the isakmpd.policy file can contain sensitive information, we wantHakan Olsson
the same mode checks we use for isakmpd.conf. Style.
2001-04-05Style.Hakan Olsson
2001-04-05let check_file_secrecy() set errnoHakan Olsson
2001-04-03Don't free reallocated memory.Hakan Olsson
2001-04-03x509 verified to work on NetBSD nowNiklas Hallqvist
2001-03-29We need ipsec_decode_ids regardless of DEBUG feature now.Hakan Olsson
2001-03-28Take into consideration the IDs when determining whether two Phase 1Angelos D. Keromytis
SAs match.
2001-03-27Fix another memory leak, found by boehm-gc. While not required,Hakan Olsson
also keep what I think is a cleanup of pf_key_v2_msg_free().
2001-03-27Plug one memory leak. Found with boehm-gc.Hakan Olsson
2001-03-27Allocate a buffer large enough to contain the generated assertion.Hakan Olsson
Found with ElectricFence.
2001-03-27(c)-2001Hakan Olsson
2001-03-23bsdi support, ok niklas@Markus Friedl
2001-03-22BSD/OS make treats ${A:S/a/x/} like ${A:S/a/x/1}, so we use ${A:S/a/x/g}.Markus Friedl
this works on both systems (for this special case).
2001-03-14Make these compile again...Thorsten Lockert
2001-03-14Indentation and style fascismNiklas Hallqvist
2001-03-14might as well throw a few crumbs at the anal compilerTheo de Raadt
2001-03-14incorrect TAILQ management; chris@stallion.oz.au, pr#1723Theo de Raadt
2001-03-13Somewhere along the line we stopped using the configuration file defaultsHakan Olsson
properly. Make them work again. (niklas@ ok)
2001-03-13Add logging classes for Negotiation and Policy, and change a number ofHakan Olsson
debug messages to use these instead. Change a number of 'log_print' to debug messages to keep the noise down. Use 'log_error' instead of 'log_print' in some cases when we have errno. Some indentation fixes. (niklas@ ok)
2001-03-07Oops, use the right legnth for the key id.Angelos D. Keromytis
2001-03-07Add KEY_ID support (mostly from roland@digitalvampire.org)Angelos D. Keromytis
2001-03-06Print the name of the marked SA (if available).Angelos D. Keromytis
2001-03-06Don't use the source for both sides!Angelos D. Keromytis
2001-02-28Make sure the default lifetimes in the General section are taken intoAngelos D. Keromytis
consideration.
2001-02-24Make DES a feature, so isakmpd can compile on Linux (most of the fixedAngelos D. Keromytis
by newsham@lava.net)
2001-02-24For the GETSPI PFKEY message, use the sequence number from the ACQUIREAngelos D. Keromytis
message.
2001-02-23Allocate larger buffer for generated policies.Angelos D. Keromytis
2001-02-19passphrase-md5-hex: and passphrase-sha1-hex: formats for passphrases.Angelos D. Keromytis
2001-02-18Encode the X509 expiration in the KeyNote credential/policiesAngelos D. Keromytis
generated on the fly. For the record, this commit done at the beach in Cayman Islands :-)
2001-02-16use the hash algorithm found in original certificate for the signatureNiels Provos
after it has been patched. from angelos@
2001-02-12Temporarily disable dlopen() support, some issues with latest OpenSSL update.Hakan Olsson
2001-02-08Typo.Angelos D. Keromytis
2001-02-08Add debug printf.Angelos D. Keromytis
2001-01-28$OpenBSD$Niklas Hallqvist