summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Collapse)Author
2003-10-04Avoid crash on invalid config file (missing value for LIFE_DURATION).Chad Loder
OK ho@
2003-09-26Fix off-by-ones in format string for 's' specifier; millert@, deraadt@ okAaron Campbell
2003-09-26don't listen to INADDR_ANY if Listen-on is specified.Cedric Berger
patch from markus@, ok ho@
2003-09-25Fix off-by-one out-of-bounds write; millert@ okAaron Campbell
2003-09-25Fix one case of set length before realloc. Fix another case ofChad Loder
foo = realloc(foo...) and avoid possible memory leaks. Avoid leaving things pointing to freed memory on failure.
2003-09-24re-add AES, but without using EVP;Markus Friedl
patch from Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@ (interops with isakmpd+AES in OpenBSD 3.4)
2003-09-24back out EVP change; causes fd leaks; ok cedric@Markus Friedl
2003-09-05socket leak on error paths. from Patrick Latifi. ok deraadt@ ho@Ted Unangst
2003-09-02A couple of nits. deraadt@ ok.Hakan Olsson
2003-09-02Require ISAKMP_FLAGS_ENC on phase 2 messages. ok markus@, deraadt@.Hakan Olsson
2003-09-02For easier compilation on linux systems. Requested by Thomas Walpuski.Hakan Olsson
2003-08-28support AES in phase 1, too. switch to OpenSSL EVP interface;Markus Friedl
with Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@
2003-08-20Zap an old "Identification" tag in this sample config. I have no ideaHakan Olsson
what it was supposed to do and in any case there is no reference to this tag in current code. Pointed out by Fridtjof Busse.
2003-08-20certpatch(8) can be used to create FQDN X509v3 extensions too.Hakan Olsson
From Fridtjof Busse, via henning@. Thanks.
2003-08-18typos; ho@Markus Friedl
note that ping is still not working on -current; however, SA/SPD/flow setup works for testing isakmpd/ipsec on a signle machine.
2003-08-09new sentence, new line + small cleanup;Jason McIntyre
ok ho@
2003-08-08Be more careful when using constant_lookup() in messages. Pointed out byHakan Olsson
Jean-Francois Dive, although I opted for a slightly different patch.
2003-08-08Fine grained selectors for Linux native IPsec. From Jean-Francois Dive.Hakan Olsson
2003-08-06Remove some double semicolons (hmm, do two semis equal a maxi?).Todd C. Miller
I've skipped the GNU stuff for now. From Patrick Latifi.
2003-08-06support ESP with cast/blowfish in KAME plattformsMarkus Friedl
2003-08-06support ESP with cast/blowfish on KAME platformsMarkus Friedl
2003-07-29off-by-one in a printf %sAnil Madhavapeddy
markus@ ok a while back
2003-07-25add sha2Markus Friedl
2003-07-25add sha2 support; ok ho@Markus Friedl
2003-07-24conform to RFC2367 on SADB_xx naming (local name must be prefixed withJun-ichiro itojun Hagino
SADB_X_xx)
2003-07-09- remove some .Ss's that worked around the old blank line bugJason McIntyre
- remove some unnecessary .Pp's - mdoc a list ok ho@
2003-06-20Be a bit more verbose when we give up on ever seeing a response to theHakan Olsson
last message we sent out. In case we initiated the exchange, one possible and common reason is a network level problem (pf, routing, whatnot), if we're the responder, there is also the possibility we were scanned by something like ike-scan. markus@ ok.
2003-06-17Sync with share/misc/license.template and add missing DARPA creditTodd C. Miller
where applicable.
2003-06-15ID copying should happen earlier in exchange_finalize so that we won't loseHakan Olsson
data during rekeying. From Jean-Francois Dive.
2003-06-14allocate payload_node with calloc instead of mallocHakan Olsson
2003-06-10boring cleanupsTheo de Raadt
2003-06-10Do not crash on unsupported IPSec ID types, as noted by Eric Boudrand.Hakan Olsson
2003-06-04Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, AngelosHakan Olsson
D. Keromytis and Niels Provos.
2003-06-04Remove 3 and 4 from the "license to use"Hakan Olsson
2003-06-03Remove clause 3. Approved by niklas@ and Thomas Walpuski.Hakan Olsson
2003-06-03Obsolete.Hakan Olsson
2003-06-03Remove clauses 3 and 4. Approved by markus@ and niklas@.Hakan Olsson
2003-06-03Remove clauses 3 and 4. Approved by Niklas Hallqvist and Niels Provos.Hakan Olsson
2003-06-03Remove clauses 3 and 4. Approved by Niklas Hallqvist and Niels Provos.Hakan Olsson
2003-06-03Remove clauses 3 and 4. Approved by Niklas Hallqvist and Niels Provos.Hakan Olsson
2003-06-03Remove clause 3.Hakan Olsson
2003-06-03Remove clause 3. Approved by niklas@Hakan Olsson
2003-06-03Remove clauses 3 and 4. With approval from Niklas Hallqvist andHakan Olsson
Niels Provos.
2003-06-03- section reorderJason McIntyre
- some mdoc fixes
2003-06-03Cleanup. Use 'sizeof variable' instead of magic constants.Hakan Olsson
2003-06-03Use an ISC-tyle license for all my code; it is simpler and more permissive.Todd C. Miller
2003-06-02Remove the advertising clause in the UCB license which BerkeleyTodd C. Miller
rescinded 22 July 1999. Proofed by myself and Theo.
2003-05-18Add some path sanitation; only permit write operations to /tmp,Hakan Olsson
/var/tmp and /var/run. Opens in /etc/isakmpd/ are read-only. Any other path is invalid. markus@ ok.
2003-05-18Style tweak.Hakan Olsson
2003-05-18Add a debug message to sa_reinit() to indicate when we renegotiateHakan Olsson
active connections.