summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Collapse)Author
2003-05-18struct sockaddr is not large enough in itself to contain the addressHakan Olsson
value. Switching to sockaddr_storage makes interface rescanning work properly. niklas@ ok.
2003-05-18More isakmpd privsep work. X509 private keys are now kept in the privilegedHakan Olsson
process only. Various cleanup and bugfixes. markus@ ok
2003-05-18Sysdep for native Linux IPSec, 2.5 and later. From Thomas Walpuski, withHakan Olsson
various tweaks by me. niklas@ ok.
2003-05-17Better return codes from mm_send_fd and mm_receive_fdHakan Olsson
2003-05-17Use log_error(), not log_fatal().Hakan Olsson
Style.
2003-05-17tweak;Jason McIntyre
ok ho@
2003-05-16If the "Renegotiate-on-HUP" tag is defined in the [General] section, aHakan Olsson
HUP signal (or "R" to the FIFO) will also renegotiate all Phase 2 SAs, i.e all connections. ok niklas@, tested and ok kjell@.
2003-05-15Correct a two year old typo, which might actually makeHakan Olsson
setsockopt(..., IP_IPSEC_LOCAL_AUTH, ...) start working.
2003-05-15Cleanup. Do not store the private key in either the exchange or sa structs.Hakan Olsson
2003-05-15Work around some OpenSSL BIO "features" to read the key correctly.Hakan Olsson
2003-05-15Proper exit of the monitor process.Hakan Olsson
2003-05-15wait() for the child processHakan Olsson
2003-05-15Start of privilege separation for isakmpd.Hakan Olsson
There are some kinks left, so keep it default disabled for now. markus@ says ok to commit.
2003-05-15(c)Hakan Olsson
2003-05-14properly terminate debug string (levels >=40)Kjell Wooding
Use "%.*s" as suggested by Niklas. ok ho@. Lost by kjell. oked ho@. lost by kjell again. oked ho@
2003-05-14Remove the .if/.endif stuff that gmake does not understand.Hakan Olsson
Replace with a comment about needing keynote for policy.
2003-05-14Call the FreeS/WAN sysdep 'freeswan'. The 'linux' sysdep will be native ↵Hakan Olsson
Linux IPSec.
2003-05-14Default public key directory definition sanity.Hakan Olsson
2003-05-14Policy file default defined twice, kill the local copy.Hakan Olsson
2003-05-14Fix a typo (in unused code).Hakan Olsson
2003-05-14I did not test this enough. Unbreak.Hakan Olsson
2003-05-12Update with some data for NAT-T specific payload types, IKEv2Hakan Olsson
notifications, ISAKMP EAP code and types, plus fix an old typo.
2003-05-12AES -> AES_128_CBCHakan Olsson
2003-05-12Add two more encapsulation types (UDP encap, potential future NAT-T)Hakan Olsson
Add BLOCK_SIZE attribute Rename IPSEC_ESP_AES -> IPSEC_ESP_AES_128_CBC.
2003-05-11Slight style fix for .cst files. Permit comments also after a definition.Hakan Olsson
2003-05-11fix ID-type for ipv6; ok niklas; report friesMarkus Friedl
2003-05-10typos;Jason McIntyre
2003-04-30cast size_t to unsigned long and use %lu;ok hoJason Wright
2003-04-27Describe the 'C set' FIFO command better. (PR#3148, also)Hakan Olsson
2003-04-27Make the 'C set' FIFO command work as expected. PR#3148.Hakan Olsson
2003-04-14Unlink FIFO and pid files on clean shutdown. PR#3199Hakan Olsson
2003-04-14More snprintf styleHakan Olsson
2003-04-14A "%d" is 12 chars, not 10. Use sizeof num instead of '10' inHakan Olsson
snprintf. From Theo.
2003-04-09Less noise for missing crl dir, demoted to debug message.Hakan Olsson
2003-03-21document [initiator-id] section; richb@timestone.com.au; ok ho@, jmc@Markus Friedl
2003-03-16secrity -> security. Ok ho@Matthieu Herrb
2003-03-14Spelling fixes from david@. jmc@ ok.Hakan Olsson
2003-03-13Might as well do blinding here too.Hakan Olsson
2003-03-13Avoid "j += snprintf()". niklas@ ok.Hakan Olsson
2003-03-06.Xr typos;Jason McIntyre
ok deraadt@
2003-03-06fix text2sockaddr() when HAVE_GETNAMEINFO is false and port is NULL.Cedric Berger
ok ho@
2003-03-06"len" is decremented too early, so the second argumentCedric Berger
of the snprintf call is too small on last run of the loop. ok ho@
2003-03-06Bad cut'n'paste msg plus style fixes.Hakan Olsson
2003-03-06Less ambiguous l-value usage. Noted by cedric@Hakan Olsson
2003-03-06date should be written formally: .Dd Month day, yearDavid Krause
ok henning@ jmc@
2003-03-03Re-add the BUGS section; the RFCs still do not permit differing DH groupsHakan Olsson
in the same proposal. This time, mention that this also applies to mixing PFS and non-PFS suites.
2003-02-26Typo/pasto. Spotted by Tim Donahue.Hakan Olsson
2003-02-26IPsec is written ``IPsec'', not ``IPSec''.David Krause
ok ho@
2003-02-24pf_key_v2_flow: typo in debug msg (KAME)Markus Friedl
2003-02-22typo: noneheless->nonthelessKjell Wooding
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-13 12:32:46 +0000