summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Collapse)Author
2005-06-04undo last commit, all memory is already freed by udp_remove()Hans-Joerg Hoexer
ok cloder
2005-06-04Clarify that for -i/-R only paths beginning with /var/run are valid.Hans-Joerg Hoexer
2005-06-02unbreak port floating, noticed by sean at obstacle9 dot comHans-Joerg Hoexer
ok cloder
2005-06-02expand the section on pki:Jason McIntyre
- list different methods available - document key-based method - move x509-based into its own section - add keynote stub section ok hshoexer@
2005-06-01Fix memory leak. OK hshoexerChad Loder
2005-06-01Fix memory leaks. OK hshoexerChad Loder
2005-06-01This file is outdated, everything needed for setting up PKI is in the man pagesHans-Joerg Hoexer
now. noticed by david@ ok ho markus
2005-05-31certpatch is gone, noticed by david@Hans-Joerg Hoexer
2005-05-28ooopsHans-Joerg Hoexer
2005-05-28Remove current state code, it's bogus. We'll redo this.Hans-Joerg Hoexer
suggested by and ok moritz
2005-05-28do sanity checking on directoy entries. ok hshoexer@Moritz Jodeit
2005-05-28Cleanup sample configurations a bit; more AES, less MD5, remove fields weHakan Olsson
no longer require etc. Also add a 9-line "default" config sample.
2005-05-28introduce new readdir implementation for the monitor.Moritz Jodeit
testing and ok hshoexer@
2005-05-28make path checking in the monitor a lot easier. ok hshoexer@Moritz Jodeit
2005-05-27Make monitor.c use unsigned lengths in messages. Makes this compileChad Loder
with -Wsign-compare. OK and a little testing by hshoexer, OK moritz Now it's anil's turn to do some of this somewhere else
2005-05-27Additional paranoia. OK hshoexerChad Loder
2005-05-27o only pass signals from monitor to slave when pid is validMoritz Jodeit
o remove some unused monitor command with and ok hshoexer
2005-05-27move m_state.s directly into must_{read,write} instead of passingMoritz Jodeit
it every time as an argument. ok cloder@ hshoexer@
2005-05-27guarantee nul-termination in the monitor, we must. ok cloder@ hshoexer@Moritz Jodeit
2005-05-26simplify read/write between child and monitorHans-Joerg Hoexer
help and ok cloder moritz
2005-05-26Add ARGSUSED for lint, one comment for meHans-Joerg Hoexer
2005-05-26Use TAILQ_FOREACH where possible, remove payload_last()Hans-Joerg Hoexer
ok markus
2005-05-26add log_errorx() which doesn't print the errno value. ok hshoexer@Moritz Jodeit
2005-05-26introduce ISAKMP_PAYLOAD_MAXHans-Joerg Hoexer
2005-05-26get rid of payload mappingHans-Joerg Hoexer
ok markus ho cloder
2005-05-26Handle strdup returning NULL. OK hshoexerChad Loder
2005-05-26Clean up some cleanup code. Fixes at least one leak, possibly more.Chad Loder
OK hshoexer
2005-05-25Fix a commentHans-Joerg Hoexer
2005-05-24kill unneeded exit(). log_fatal() already does it. ok hshoexer@Moritz Jodeit
2005-05-24typoMoritz Jodeit
2005-05-23Mention interface names can be used in Listen-on. OK hshoexerChad Loder
2005-05-23endpwent() not needed here, pointed out by theo.Hakan Olsson
2005-05-23endpwent() after last use. hshoexer@ okHakan Olsson
2005-05-22No more ifdef KAME. From hshoexerChad Loder
2005-05-18remove certpatch(8) stuff;Jason McIntyre
ok hshoexer@
2005-05-18bye byeHans-Joerg Hoexer
2005-05-18bye byeHans-Joerg Hoexer
2005-05-18there's no need for certpatch anymore, so remove itHans-Joerg Hoexer
ok markus some time ago
2005-05-18allow payload types 20 and 21 for nat-tHans-Joerg Hoexer
ok ho
2005-05-14more logical section order;Jason McIntyre
2005-05-14- openssl req can create self-signed certs in one stepJason McIntyre
- no need to encourage people to generate system keys: rc(8) already does it ok hshoexer@
2005-05-12add some missing section descriptions to make this page a littleJason McIntyre
easier to read; ok hshoexer@
2005-05-10no need to use select()Hans-Joerg Hoexer
ok moritz cloder
2005-05-06sync the CERTIP and CERTFQDN sections;Jason McIntyre
2005-05-05document /etc/isakmpd/pubkeys a little better;Jason McIntyre
2005-05-05cleanup FIFO section;Jason McIntyre
2005-05-05.Xr openssl 1 ,Jason McIntyre
2005-05-05sort options;Jason McIntyre
2005-05-05first stab at improving PKI section;Jason McIntyre
2005-05-05improve FILES;Jason McIntyre