summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Expand)Author
2007-08-07m_priv_req_readdir(): check file type after fstat, since d_typeMarkus Friedl
2007-08-05Allow key exchange with RSA signature authentication to work withTom Cosgrove
2007-07-31Use correct function name in log message. Noticed by Igor ZinovkHans-Joerg Hoexer
2007-06-02safer snprintf construct with more paranoid length calculationPeter Valchev
2007-06-01Let conf_trans_node() set all parts of the node, so that we don'tMoritz Jodeit
2007-05-31convert to new .Dd format;Jason McIntyre
2007-05-27Don't include sys/mbuf.h it is not needed. OK mcbride@ msf@Claudio Jeker
2007-05-23Get rid of some obsolete exampels.Hans-Joerg Hoexer
2007-05-07Bump crypto buffer logging (before crypto/after crypto) to level 70 fromChad Loder
2007-05-07It was possible for phase 1 negotiation to fail due to lifetime durationChad Loder
2007-05-07Document "M active|passive" ui command.Joel Knight
2007-05-05Kill a log message which looks like an error message but is actuallyChad Loder
2007-04-22Free allocated node in conf_set_now() before failing,Moritz Jodeit
2007-04-22Use conf_free_list() after calling conf_get_list().Moritz Jodeit
2007-04-16There's no point in checking ptr for NULL before doing free(ptr)Moritz Jodeit
2007-04-15Fix interop-issue with vpn peers that start reyking on port 4500 whenHans-Joerg Hoexer
2007-04-08Fix lint comments. s/Fall through/FALLTHROUGH/.Moritz Jodeit
2007-04-08o Kill another strerror() from a call to log_error(),Moritz Jodeit
2007-04-02Don't append the errno string in a log_error() call,Moritz Jodeit
2007-04-02When setting all signals to their default handlers, startMoritz Jodeit
2007-04-02Don't let -r fall through to the next case block,Moritz Jodeit
2007-03-26typo in initial RCS tag ($OpenBSD: -> $OpenBSD$)Pedro Martelletto
2007-03-18Fix usage of predefined lifetimes. "Default-phase-[12]-lifetime"Hans-Joerg Hoexer
2007-03-05Set pointer to NULL after freeing it, so callers ofMoritz Jodeit
2007-03-03There may be more than one item in the subjectAltName (cropping upTom Cosgrove
2007-03-03keynote_cert_obtain should not leak in case of error. OK moritz@Chad Loder
2007-03-03Make sure we can't accidentally free() a pointer that's been acceptedTom Cosgrove
2007-03-01improve the description of -a. specifically, make it clear thatJason McIntyre
2007-02-22Add a comment that explains, why the VID of draft 2 NAT-T includesHans-Joerg Hoexer
2007-02-19tweak;Jason McIntyre
2007-02-19Document NULL encryption.Hans-Joerg Hoexer
2007-02-19isakmpd bits for ESP+NULL encryption. This is useful, when AH canHans-Joerg Hoexer
2006-12-05plug memleak, noticed by jesus@mxtelecom.comHans-Joerg Hoexer
2006-12-05some carp/sasyncd bits from msf and myself;Jason McIntyre
2006-12-05Don't leak message structures, when we see unsupported payloadsMoritz Jodeit
2006-11-30new ui command 'rmv': removes an entry from a list, thus reversing anMarkus Friedl
2006-11-29no need to document generation of local.key 3 times;Jason McIntyre
2006-11-29zap trailing spaces;Jason McIntyre
2006-11-29Document the new location of local.pub, and clarify the fact that local.keyRyan Thomas McBride
2006-11-28do not re-add existing entries; ok hshoexerMarkus Friedl
2006-11-24add support to tag ipsec traffic belonging to specific IKE-initiatedReyk Floeter
2006-11-09support public keys w/o SubjectPublicKeyInfo (format: BEGIN RSA PUBLIC KEY)Markus Friedl
2006-10-29Fix TAILQ usage, preventing crashesPedro Martelletto
2006-10-18do not name FILE * variables "fd" since it is confusingTheo de Raadt
2006-10-05Reword sentence to fix grammar nit.Tom Cosgrove
2006-09-19Use S_IS* macros insted of masking with S_IF* flags. The latter mayOtto Moerbeek
2006-09-15Remove "Delete-SAs" config option. This was needed for interactionHans-Joerg Hoexer
2006-09-09point people towards ipsec.conf.5; after some discussion w/ reykJason McIntyre
2006-09-01use shell-independent examples;Jason McIntyre
2006-09-01Add a new UI command to force isakmpd into passive only mode.Marco Pfatschbacher