summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Collapse)Author
2001-08-31(c)-2001Hakan Olsson
2001-08-30Mention which debug levels we currently use.Hakan Olsson
2001-08-27Compile on alpha.Hakan Olsson
2001-08-27un-borkTheo de Raadt
2001-08-26more styleNiklas Hallqvist
2001-08-25Enable IKE mode config, as it works ok with PGPnet and at least has a usableNiklas Hallqvist
configuration method. Documentation will follow.
2001-08-25Use x509_DN_string API. Style fixes.Niklas Hallqvist
2001-08-25Add x509_DN_string API to get a printable DN component given oneNiklas Hallqvist
rpresented in ASN.1
2001-08-25StyleNiklas Hallqvist
2001-08-25Casting of lhs, is not what you think it is.Niklas Hallqvist
2001-08-24Send DELETE notifications for all active SAs when we shut down the daemon.Hakan Olsson
This "clean" shutdown happens on SIGTERM ('kill <pid>') or if a 'Q' command is input to the fifo UI. Suggested by <Ghislaine.Labouret@hsc.fr>.
2001-08-24Initial IPCOMP support.Hakan Olsson
2001-08-24I was only going to remove #include "init.h", but found 8 moreHakan Olsson
#include's we don't need here.
2001-08-24typo in debug msgHakan Olsson
2001-08-23Make the wildcard address use SO_REUSEPORT, so multiple instances ofAngelos D. Keromytis
isakmpd can run on the same machine and reuse the wildcard address. This is intended mostly for debugging and testing purposes, so multiple listener issues are not relevant.
2001-08-23Reinitialize transports on SIGUP.Angelos D. Keromytis
2001-08-23Update (SPD entries are deleted when SPI is removed, and new addressesAngelos D. Keromytis
are identified on a SIGUP or INADDR_ANY packet).
2001-08-23Use ipsec_id_string as the section name for IKE mode config.Niklas Hallqvist
2001-08-23Correct ipsec_id_string buffer and length handling.Niklas Hallqvist
2001-08-23Compile on old systems, my version.Niklas Hallqvist
2001-08-23RSA-enabling is not necessary anymore.Niklas Hallqvist
2001-08-23ignore EEXIST for SPDADD on KAME; ok ho@Markus Friedl
2001-08-23sync w/ netbsdMarkus Friedl
2001-08-23recieve -> receiveAaron Campbell
2001-08-22Revert last change.Hakan Olsson
2001-08-22Compile on older systems.Hakan Olsson
2001-08-22use ipsec_id_string() when generating rawkey file names.Hakan Olsson
2001-08-22If we fail to get a key from DNSSEC, RAWKEY can still succeed.Hakan Olsson
2001-08-22Modify as per deraadt@'s wishes. aaron@ ok.Hakan Olsson
2001-08-22Add an example.Hakan Olsson
2001-08-22Add a manual page.Hakan Olsson
2001-08-22DNS KEY RR values.Hakan Olsson
2001-08-22Cleanup and style fixes. Use getopt().Hakan Olsson
2001-08-22USER_FQDN ID support, untested.Hakan Olsson
2001-08-22IPCOMP policy control should be optional for backwardNiklas Hallqvist
compatibility.
2001-08-22Alphabeticize extern decls.Niklas Hallqvist
2001-08-22Add ipsec_id_string, a function for converting IDs to on epossibleNiklas Hallqvist
string form, to be used for IKE mode config and raw key selection by ID. Not yet used though.
2001-08-22Need an extra sa_release() when de-allocating exchange-associated SAs;Angelos D. Keromytis
thus, failed exchanges/negotiations don't leak SAs and transports. ok niklas@
2001-08-22Bypass IPCOMP too.Niklas Hallqvist
2001-08-19Prevent section leak in conf space.Angelos D. Keromytis
2001-08-18careful with snprintf() == -1; ho, provosTheo de Raadt
2001-08-17Fix keyed HMAC where the key was longer than the blocksizeNiklas Hallqvist
2001-08-17Add test with long key, longer than common hmac blocksizeNiklas Hallqvist
2001-08-17Rewrite to do lookups depending on ID type. IPv4 and FQDN only for now.Hakan Olsson
2001-08-16remove unneeded LWRESLIB definition. ok ho@Jakob Schlyter
2001-08-16openssl black magic.Hakan Olsson
2001-08-16Don't right-justify this debug message.Hakan Olsson
2001-08-16Off-by-one error in [u]fqdn cases, plus better debug messages whenHakan Olsson
looking for public key files.
2001-08-16ISAKMP ID type offset was wrong.Hakan Olsson
2001-08-16do not link with lwres. ok ho@Jakob Schlyter