summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Collapse)Author
2003-06-20Be a bit more verbose when we give up on ever seeing a response to theHakan Olsson
last message we sent out. In case we initiated the exchange, one possible and common reason is a network level problem (pf, routing, whatnot), if we're the responder, there is also the possibility we were scanned by something like ike-scan. markus@ ok.
2003-06-17Sync with share/misc/license.template and add missing DARPA creditTodd C. Miller
where applicable.
2003-06-15ID copying should happen earlier in exchange_finalize so that we won't loseHakan Olsson
data during rekeying. From Jean-Francois Dive.
2003-06-14allocate payload_node with calloc instead of mallocHakan Olsson
2003-06-10boring cleanupsTheo de Raadt
2003-06-10Do not crash on unsupported IPSec ID types, as noted by Eric Boudrand.Hakan Olsson
2003-06-04Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, AngelosHakan Olsson
D. Keromytis and Niels Provos.
2003-06-04Remove 3 and 4 from the "license to use"Hakan Olsson
2003-06-03Remove clause 3. Approved by niklas@ and Thomas Walpuski.Hakan Olsson
2003-06-03Obsolete.Hakan Olsson
2003-06-03Remove clauses 3 and 4. Approved by markus@ and niklas@.Hakan Olsson
2003-06-03Remove clauses 3 and 4. Approved by Niklas Hallqvist and Niels Provos.Hakan Olsson
2003-06-03Remove clauses 3 and 4. Approved by Niklas Hallqvist and Niels Provos.Hakan Olsson
2003-06-03Remove clauses 3 and 4. Approved by Niklas Hallqvist and Niels Provos.Hakan Olsson
2003-06-03Remove clause 3.Hakan Olsson
2003-06-03Remove clause 3. Approved by niklas@Hakan Olsson
2003-06-03Remove clauses 3 and 4. With approval from Niklas Hallqvist andHakan Olsson
Niels Provos.
2003-06-03- section reorderJason McIntyre
- some mdoc fixes
2003-06-03Cleanup. Use 'sizeof variable' instead of magic constants.Hakan Olsson
2003-06-03Use an ISC-tyle license for all my code; it is simpler and more permissive.Todd C. Miller
2003-06-02Remove the advertising clause in the UCB license which BerkeleyTodd C. Miller
rescinded 22 July 1999. Proofed by myself and Theo.
2003-05-18Add some path sanitation; only permit write operations to /tmp,Hakan Olsson
/var/tmp and /var/run. Opens in /etc/isakmpd/ are read-only. Any other path is invalid. markus@ ok.
2003-05-18Style tweak.Hakan Olsson
2003-05-18Add a debug message to sa_reinit() to indicate when we renegotiateHakan Olsson
active connections.
2003-05-18Forgot to remove a couple of debug messagesHakan Olsson
2003-05-18struct sockaddr is not large enough in itself to contain the addressHakan Olsson
value. Switching to sockaddr_storage makes interface rescanning work properly. niklas@ ok.
2003-05-18More isakmpd privsep work. X509 private keys are now kept in the privilegedHakan Olsson
process only. Various cleanup and bugfixes. markus@ ok
2003-05-18Sysdep for native Linux IPSec, 2.5 and later. From Thomas Walpuski, withHakan Olsson
various tweaks by me. niklas@ ok.
2003-05-17Better return codes from mm_send_fd and mm_receive_fdHakan Olsson
2003-05-17Use log_error(), not log_fatal().Hakan Olsson
Style.
2003-05-17tweak;Jason McIntyre
ok ho@
2003-05-16If the "Renegotiate-on-HUP" tag is defined in the [General] section, aHakan Olsson
HUP signal (or "R" to the FIFO) will also renegotiate all Phase 2 SAs, i.e all connections. ok niklas@, tested and ok kjell@.
2003-05-15Correct a two year old typo, which might actually makeHakan Olsson
setsockopt(..., IP_IPSEC_LOCAL_AUTH, ...) start working.
2003-05-15Cleanup. Do not store the private key in either the exchange or sa structs.Hakan Olsson
2003-05-15Work around some OpenSSL BIO "features" to read the key correctly.Hakan Olsson
2003-05-15Proper exit of the monitor process.Hakan Olsson
2003-05-15wait() for the child processHakan Olsson
2003-05-15Start of privilege separation for isakmpd.Hakan Olsson
There are some kinks left, so keep it default disabled for now. markus@ says ok to commit.
2003-05-15(c)Hakan Olsson
2003-05-14properly terminate debug string (levels >=40)Kjell Wooding
Use "%.*s" as suggested by Niklas. ok ho@. Lost by kjell. oked ho@. lost by kjell again. oked ho@
2003-05-14Remove the .if/.endif stuff that gmake does not understand.Hakan Olsson
Replace with a comment about needing keynote for policy.
2003-05-14Call the FreeS/WAN sysdep 'freeswan'. The 'linux' sysdep will be native ↵Hakan Olsson
Linux IPSec.
2003-05-14Default public key directory definition sanity.Hakan Olsson
2003-05-14Policy file default defined twice, kill the local copy.Hakan Olsson
2003-05-14Fix a typo (in unused code).Hakan Olsson
2003-05-14I did not test this enough. Unbreak.Hakan Olsson
2003-05-12Update with some data for NAT-T specific payload types, IKEv2Hakan Olsson
notifications, ISAKMP EAP code and types, plus fix an old typo.
2003-05-12AES -> AES_128_CBCHakan Olsson
2003-05-12Add two more encapsulation types (UDP encap, potential future NAT-T)Hakan Olsson
Add BLOCK_SIZE attribute Rename IPSEC_ESP_AES -> IPSEC_ESP_AES_128_CBC.
2003-05-11Slight style fix for .cst files. Permit comments also after a definition.Hakan Olsson
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-12 09:27:50 +0000