Age | Commit message (Collapse) | Author | |
---|---|---|---|
2001-06-27 | Keep track of the ACQUIRE sequence number, and pass it to the kernel | Angelos D. Keromytis | |
along with the ADD message. | |||
2001-06-27 | IPv6. Also avoid a couple of mem leaks. | Hakan Olsson | |
2001-06-27 | A few more functions to help with IPv6 support. By Niklas and me. | Hakan Olsson | |
2001-06-25 | Copyright update. | Angelos D. Keromytis | |
2001-06-25 | Update copyright dates. | Angelos D. Keromytis | |
2001-06-25 | Handle responder cookies same as initiator cookies. | Hakan Olsson | |
2001-06-22 | fix for filesystems where readdir does not return d_type, use stat instead. | Niels Provos | |
okay deraadt@ | |||
2001-06-20 | "hmac-sha", not "sha" | Angelos D. Keromytis | |
2001-06-12 | more to do | Niklas Hallqvist | |
2001-06-12 | comment style | Niklas Hallqvist | |
2001-06-12 | Link with libcrypto instead of libdes | Niklas Hallqvist | |
2001-06-12 | Add printing of the ciphertext | Niklas Hallqvist | |
2001-06-12 | style | Niklas Hallqvist | |
2001-06-11 | make #ifdef around x509_generate_kn() consistent. | Jun-ichiro itojun Hagino | |
2001-06-07 | Print the right port on error message. | Angelos D. Keromytis | |
2001-06-07 | Actually, using ACQUIRE can cause lowering of security policy level | Angelos D. Keromytis | |
for outgoing policies -- so, just use USE on the remote. | |||
2001-06-07 | Ingress flows should be ACQUIRE, not REQUIRE. | Angelos D. Keromytis | |
2001-06-07 | log_error -> log_print | Angelos D. Keromytis | |
2001-06-07 | Actually, don't re-insert X509 certs which we acquired from our store | Angelos D. Keromytis | |
-- just translate them to KeyNote. | |||
2001-06-07 | No need to allocate/free X509 policy information -- the certs are | Angelos D. Keromytis | |
converted as needed, and the CA certs are irrelevant. | |||
2001-06-07 | Get rid of useless x509_policy_asserts[] | Angelos D. Keromytis | |
2001-06-07 | Get rid of the main policy session (unnecessary). | Angelos D. Keromytis | |
2001-06-07 | Add an X509 cert in the policy session even if it was found in our | Angelos D. Keromytis | |
local repository. | |||
2001-06-07 | Correctly initialize the policy_id field on SA structures, such that | Angelos D. Keromytis | |
failed SAs don't cause the default policy context to be free'ed (and thus cause no end of trouble in establishing further Phase 1 SAs) | |||
2001-06-07 | Add some log_print() | Angelos D. Keromytis | |
2001-06-06 | NUL-terminate passphrase. | Angelos D. Keromytis | |
2001-06-05 | PF_KEY identity extensions are NUL-terminated. Now, also calculate | Hakan Olsson | |
the length properly. | |||
2001-06-05 | Remove BUGS section, as the only bug mentioned there was removed | Angelos D. Keromytis | |
earlier today :-) | |||
2001-06-05 | Correctly initialize remote ID when using prefix. | Angelos D. Keromytis | |
2001-06-05 | Print the correct expected Remote ID value | Angelos D. Keromytis | |
2001-06-05 | Oops, typo. | Angelos D. Keromytis | |
2001-06-05 | Use pf_key_v2_convert_id() instead of repeating code for the IDs; | Angelos D. Keromytis | |
log_error() cleanup. | |||
2001-06-05 | Style. | Angelos D. Keromytis | |
2001-06-05 | log_error() cleanup | Angelos D. Keromytis | |
2001-06-05 | Don't use log_error() in vain. | Angelos D. Keromytis | |
2001-06-05 | Don't use log_error() if it's an internal error. | Angelos D. Keromytis | |
2001-06-05 | Enforce Remote-ID specified in Phase 1 peer section (whether manually | Angelos D. Keromytis | |
or dynamically specified). | |||
2001-06-05 | SADB_IDENTTYPE_PREFIX support (only for fully-specified hosts), plus | Angelos D. Keromytis | |
punctuation. niklas@ ok | |||
2001-06-05 | Bad niklas, re-committed redundant code. | Angelos D. Keromytis | |
2001-06-05 | Style issues and commentary | Niklas Hallqvist | |
2001-06-05 | Add back check for found/not found public key to use for verification | Angelos D. Keromytis | |
(somehow was dropped during the previous commit). | |||
2001-06-05 | License clarification from David Mazieres, ok deraadt@ | Peter Valchev | |
2001-06-05 | Dynamically allocate conn, as this is given to the exchange; cleanup | Angelos D. Keromytis | |
conf space on failure to establish dynamic SA. ok niklas@ | |||
2001-06-05 | portability; unused function on non-openbsd platform | Jun-ichiro itojun Hagino | |
2001-06-05 | Make our pfkeyv2.h more RFC2367 compliant. Also fix some backwards | Niklas Hallqvist | |
compatibility problems in isakmpd, at least 2.8 stable can compile current isakmpd now. angelos@ ok | |||
2001-06-05 | Deal with an unclear license by replacing the file with a PD | Niklas Hallqvist | |
one, which also have a real implementation instead of stubs :-) | |||
2001-05-31 | If we're passed keys and certs to use, put them in the conf space. | Angelos D. Keromytis | |
Send back keys/certs the peer has sent us during Phase 1. | |||
2001-05-31 | When trying to find the right certificate/key to use, first check in | Angelos D. Keromytis | |
the conf space, as we may have been passed that information from the kernel. Likewise, store the peer's key and cert so we can send it back to the kernel when we establish the SA. | |||
2001-05-31 | Store/retrieve the right information in terms of keys. | Angelos D. Keromytis | |
2001-05-31 | Appropriately release the cert and key fields in the SA structure on free. | Angelos D. Keromytis | |