summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Expand)Author
2004-09-24Don't process NAT-T keepalives. Noted by Kamel Messaoudi. hshoexer@ okHakan Olsson
2004-09-20compile cleanly with -Wsign-compareHans-Joerg Hoexer
2004-09-20Remove __func__Hans-Joerg Hoexer
2004-09-17avoid signal race.Hans-Joerg Hoexer
2004-09-17Missing #ifdefs.Hakan Olsson
2004-09-17#include <stdlib.h> for srandom().Hakan Olsson
2004-09-17Permit next payload type NAT-OA. Noted by Kamel Messaoudi.Hakan Olsson
2004-08-23We need to set sa->initiator before checking if the newly created SAHakan Olsson
2004-08-23Default enable DPD (Dead Peer Detection) support. hshoexer@ okHakan Olsson
2004-08-23Indent nit.Hakan Olsson
2004-08-17check for msg->isakmpg_sa being NULL before referencingHans-Joerg Hoexer
2004-08-14When using -K (keynote disabled), check peers' proposal against isakmpd.conf.Hans-Joerg Hoexer
2004-08-13extra check for no message case; ok markus, deraadt, hshoexer, henningDamien Miller
2004-08-12Fix compiler warning on alpha.Hans-Joerg Hoexer
2004-08-12Avoid memleak on error (Linux/KAME). Found by Benjamin Pineau.Hakan Olsson
2004-08-10spacingTheo de Raadt
2004-08-10Better implementation of the Dead Peer Detection protocol, RFC 3706.Hakan Olsson
2004-08-10Linux has AES (and DES). From Benjamin Pineau.Hakan Olsson
2004-08-10If opening /dev/arandom fails, try /dev/random. Suggested by Benjamin Pineau.Hakan Olsson
2004-08-08spacingTheo de Raadt
2004-08-03Rewrite the transport reference count code to avoid leaks.Hakan Olsson
2004-08-02Do not expire unestablished phase 2 SAs on SIGHUP.Hans-Joerg Hoexer
2004-08-02Missed to add virtual.c here. Noted by Benjamin Pineau.Hakan Olsson
2004-07-30Style.Hakan Olsson
2004-07-29Less noise while debugging.Hakan Olsson
2004-07-29Repair NAT-T using Aggressive mode, NAT-D checks were in the wrong place.Hakan Olsson
2004-07-09ansiTheo de Raadt
2004-07-08free() and close() in error path.Hans-Joerg Hoexer
2004-07-08typo, and line adjustment;Jason McIntyre
2004-07-07document -a/-K and "Acquire-Only"/"Use-Keynote".Hans-Joerg Hoexer
2004-07-07plug memleak when receiving an INVALID_HASH_INFORMATION notify.Hans-Joerg Hoexer
2004-07-07compile cleanly with -Wsign-compare; while around, kill a spaceHans-Joerg Hoexer
2004-07-05%lu and cast to unsigned long to print a size_t; ok hoPeter Valchev
2004-06-30Compile cleanly with gcc3.3.2.Hans-Joerg Hoexer
2004-06-26new sentence, new line;Jason McIntyre
2004-06-26Narrow down privsep interface. Move pf_key_v2_open() to monitor.Hans-Joerg Hoexer
2004-06-26Remove -DHAVE_GETNAMEINFO frome makefiles.Ryan Thomas McBride
2004-06-25Keynote policy checking can now be disabled by "-K" switch and config tagHans-Joerg Hoexer
2004-06-25Remove HAVE_GETNAMEINFO alternate code. Compiled binary is unchanged.Ryan Thomas McBride
2004-06-25Narrow down privsep interface. Remove ui_init to monitor. So we can get rid ofHans-Joerg Hoexer
2004-06-24Remove some unused code.Hans-Joerg Hoexer
2004-06-24Also handle keys from x509-certificates embedded in keynote credentials.Hans-Joerg Hoexer
2004-06-23Print corrent prefix. Found and tested by alex at vbone.net.Hakan Olsson
2004-06-23Avoid stat before open. Do open and fstat instead.Hans-Joerg Hoexer
2004-06-23Make compiling with Boehm's gc possible again.Hakan Olsson
2004-06-23Support IPV{4,6}_ADDR_SUBNET IDs in Phase 1, just like the man pageHakan Olsson
2004-06-23Add commandline switch -a / config tag "Acquire-Only" to tell isakmpd to notHans-Joerg Hoexer
2004-06-22kn_get_string() may return NULL on failure. Handle this corrctly.Hans-Joerg Hoexer
2004-06-22The NAT-T drafts suggest we should drop incoming messages arriving onHakan Olsson
2004-06-21Describe the [Default]:NAT-T-Keepalive configuration parameter.Hakan Olsson