summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Expand)Author
2011-05-13wrong id for UDP_ENCAP_TRANSPORT_DRAFT; ok mikeb@Markus Friedl
2011-04-23Indicate which side of the connection responded during phase 1 while using -v.lum
2011-04-16Allow -v (verbose logging) to work if a -D option is supplied.Stuart Henderson
2011-04-06Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0'Miod Vallat
2011-02-03When binding to addresses, ignore any IP address not in the currentPeter Hessler
2010-12-09When looking up an SA based on peer address, also check the portMartin Hedenfal
2010-11-29make key exchange faster by not checking the predefined groups with DH_check()Markus Friedl
2010-10-19convert to fuse cast from the libcrypto. with a simplification nit fromMike Belopuhov
2010-10-18as determined 4 years ago, FortiGate needs DOI of 0 responses to DPDTodd T. Fries
2010-10-15Switch the remaining users of libdes in src to libcrypto,Jonathan Gray
2010-09-22Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMACMike Belopuhov
2010-08-04fixup keylength for aes-128-cbc in quickmodeTheo de Raadt
2010-06-29Replace the hand-crafted Diffie-Hellman implementation in isakmpd withReyk Floeter
2010-06-07make clearer the relationship between isakmpd and ikev1; and iked and ikev2;Jason McIntyre
2010-06-03update the manpages for isakmpd(8) and ipsec.conf(5) to point to iked(8)Reyk Floeter
2010-05-10Various comment typos. 'wether' -> 'whether' (most popular), 'possiblity' ->Kenneth R Westerback
2010-04-15Log when isakmpd starts - patch from Toni Muellerlum
2010-04-06fix some more dodgy "-indent"; aucat.1 has some too, but i'll leave that forJason McIntyre
2010-03-26dispense with some wacky escape sequences;Jason McIntyre
2010-03-04don't crash on invalid phase 2 IDs; from hshoexer; ok sthen@Markus Friedl
2010-01-10only substract ISAKMP_ID_DATA_OFF once. otherwise 'buf' might overflowMarkus Friedl
2010-01-03Neither .Pp nor unqualified text are allowed at the top level of .Bl;Ingo Schwarze
2009-11-13fix a few memory leaks found by parfait; ok hshoexerTheo de Raadt
2009-06-25Add missing RTM_VERSION check. This is needed before accessing other dataClaudio Jeker
2009-06-05rtm->rtm_hdrlen conversionChris Cappuccio
2009-01-29Improve logging:Hans-Joerg Hoexer
2009-01-28cleaning up my tree: trivial KNF and a comment fix.Hans-Joerg Hoexer
2009-01-28Remove some dead (#if 0) code.Hans-Joerg Hoexer
2009-01-20Add support to isakmpd(8) and ipsecctl(8) to install SA's with aMarco Pfatschbacher
2008-12-22mark log_fatal() and monitor_exit() as __dead, as they do not return.Hans-Joerg Hoexer
2008-11-11Use rfc2409 conform notification message when client identities areHans-Joerg Hoexer
2008-10-21do not listen on tentative (during DAD), duplicated (after DAD) orMarkus Friedl
2008-09-06adapt to API changes in OpenSSL 0.9.8hDamien Miller
2008-09-06adapt to sha2(3) API changes; ok millert@Damien Miller
2008-07-22If isakmpd is started with -4 or -6, virtual_get_default() mayAlexander Bluhm
2008-07-01Isakmpd acquire mode did not work with a config generated fromAlexander Bluhm
2008-06-10Arguments to fifo commands were limited to 80 bytes. That is tooAlexander Bluhm
2008-06-10Fix implementation of IN6_IS_ADDR_FULL so that IPV6_ADDR is usedAlexander Bluhm
2008-05-12Error out with usage line if additional arguments are given after thePierre-Yves Ritschard
2008-03-24msg_controllen has to be CMSG_SPACE so that the kernel can account forTheo de Raadt
2008-03-15Repair the simple cases for msg_controllen where it should just beTheo de Raadt
2008-03-13Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due toTheo de Raadt
2008-03-02Use a union to ensure alignment of the cmsg.Hans-Joerg Hoexer
2008-02-17Define default configurations for AES-192 and AES-256. From Mitja MuzenicHans-Joerg Hoexer
2008-02-06Fix possible memory leaks when sending phase 1 IDs.Moritz Jodeit
2008-01-29fix race in makefileMarc Espie
2007-09-02more malloc(n * m) -> calloc(n, m); from Igor ZinovikTheo de Raadt
2007-09-02use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsgTheo de Raadt
2007-08-15Remove a superflous debug fprintf.Hans-Joerg Hoexer
2007-08-11Do not complain about being not able to read non-existing files. MinorHans-Joerg Hoexer