| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2004-12-10 | check msg->isakmp_sa != NULL before the transport gets updated; ok hshoexer | Markus Friedl | |
| 2004-12-08 | 1. allow up to DPD_RETRANS_MAX retransmitted R_U_THERE messages. | Markus Friedl | |
| 2. reset dpd_failcount when switching to DPD_TIMER_NORMAL. 3. ignore DPD timeouts on SAs that are marked SA_FLAG_REPLACED. ok hshoexer, ho | |||
| 2004-12-08 | NAT/T: replace the isakmpd SA transport with the transport from the | Markus Friedl | |
| message (only during phase 1). this avoids DPD messages to the 'wrong' port. ok hshoexer | |||
| 2004-12-06 | RFC2409 mandates min and max nonce lengths. hshoexer@ ok. | Hakan Olsson | |
| 2004-11-29 | Spell precede correctly. | Jonathan Gray | |
| 'looks fine' millert@, krw@. ok jmc@ | |||
| 2004-11-18 | use hash and not hmac to calculate NAT-D payloads. Also add NAT-D payload for | Hans-Joerg Hoexer | |
| the destination address first. Remove support for obsolete V1 NAT-T. This fixes interoperability problems with non-openbsd isakmpd implementations. "looks good" ho@, ok markus@ for hash/hmac testing by various people (thanks!) | |||
| 2004-11-10 | Use ${STATIC} rather than -static (dont hardcode). ok miod@ | Dale Rahn | |
| 2004-11-08 | rename char array realpath to pathreal to avoid naming conflict with | Hans-Joerg Hoexer | |
| realpath(3); makes lint a bit happier ok ho@ | |||
| 2004-11-08 | more monitor cleanup: | Hans-Joerg Hoexer | |
| remove dead code, some debug messages, prototype monitor_close() to void. ok ho@ | |||
| 2004-11-08 | no const for sysdep_sa_len (not yet), slipped in during previous commit... | Hans-Joerg Hoexer | |
| 2004-11-08 | monitor cleanup: honor const, added missing inlcude, missing typecast (makes | Hans-Joerg Hoexer | |
| lint happy) ok ho@ | |||
| 2004-11-08 | make lint happy and honor const. | Hans-Joerg Hoexer | |
| ok ho@ | |||
| 2004-10-20 | fix potential memleaks & small cleanup. found by patrick latifi, thanks! | Hans-Joerg Hoexer | |
| ok ho | |||
| 2004-10-08 | pull in some changes from libc arc4random (only relevant for non-OpenBSD | Hans-Joerg Hoexer | |
| systems): ansify, discard first 256 output bytes, make key schedule more arc4 stream ciper like. ok djm ho | |||
| 2004-10-01 | add some missing $, ok djm@ 'That looks fine to me' millert@ | Jonathan Gray | |
| 2004-09-24 | Don't process NAT-T keepalives. Noted by Kamel Messaoudi. hshoexer@ ok | Hakan Olsson | |
| 2004-09-20 | compile cleanly with -Wsign-compare | Hans-Joerg Hoexer | |
| ok ho | |||
| 2004-09-20 | Remove __func__ | Hans-Joerg Hoexer | |
| ok ho deraadt | |||
| 2004-09-17 | avoid signal race. | Hans-Joerg Hoexer | |
| ok ho@ otto@ | |||
| 2004-09-17 | Missing #ifdefs. | Hakan Olsson | |
| 2004-09-17 | #include <stdlib.h> for srandom(). | Hakan Olsson | |
| 2004-09-17 | Permit next payload type NAT-OA. Noted by Kamel Messaoudi. | Hakan Olsson | |
| 2004-08-23 | We need to set sa->initiator before checking if the newly created SA | Hakan Olsson | |
| replaces an old one, or the id_i/id_r check will mismatch. Previous behaviour was mostly harmless, but wasted some resources (until normal SA expiration). hshoexer@ "haven't tried, but think it's ok" | |||
| 2004-08-23 | Default enable DPD (Dead Peer Detection) support. hshoexer@ ok | Hakan Olsson | |
| 2004-08-23 | Indent nit. | Hakan Olsson | |
| 2004-08-17 | check for msg->isakmpg_sa being NULL before referencing | Hans-Joerg Hoexer | |
| ok ho@ | |||
| 2004-08-14 | When using -K (keynote disabled), check peers' proposal against isakmpd.conf. | Hans-Joerg Hoexer | |
| ok ho@ henning@ | |||
| 2004-08-13 | extra check for no message case; ok markus, deraadt, hshoexer, henning | Damien Miller | |
| 2004-08-12 | Fix compiler warning on alpha. | Hans-Joerg Hoexer | |
| Noted by and ok ho@ | |||
| 2004-08-12 | Avoid memleak on error (Linux/KAME). Found by Benjamin Pineau. | Hakan Olsson | |
| 2004-08-10 | spacing | Theo de Raadt | |
| 2004-08-10 | Better implementation of the Dead Peer Detection protocol, RFC 3706. | Hakan Olsson | |
| hshoexer@ ok. | |||
| 2004-08-10 | Linux has AES (and DES). From Benjamin Pineau. | Hakan Olsson | |
| 2004-08-10 | If opening /dev/arandom fails, try /dev/random. Suggested by Benjamin Pineau. | Hakan Olsson | |
| 2004-08-08 | spacing | Theo de Raadt | |
| 2004-08-03 | Rewrite the transport reference count code to avoid leaks. | Hakan Olsson | |
| hshoexer@ ok. | |||
| 2004-08-02 | Do not expire unestablished phase 2 SAs on SIGHUP. | Hans-Joerg Hoexer | |
| ok ho@ | |||
| 2004-08-02 | Missed to add virtual.c here. Noted by Benjamin Pineau. | Hakan Olsson | |
| 2004-07-30 | Style. | Hakan Olsson | |
| 2004-07-29 | Less noise while debugging. | Hakan Olsson | |
| 2004-07-29 | Repair NAT-T using Aggressive mode, NAT-D checks were in the wrong place. | Hakan Olsson | |
| Noted by Yvan VANHULLEBUS. | |||
| 2004-07-09 | ansi | Theo de Raadt | |
| 2004-07-08 | free() and close() in error path. | Hans-Joerg Hoexer | |
| ok ho@ | |||
| 2004-07-08 | typo, and line adjustment; | Jason McIntyre | |
| 2004-07-07 | document -a/-K and "Acquire-Only"/"Use-Keynote". | Hans-Joerg Hoexer | |
| ok markus@ henning@ ho@ english polish and mdoc help and ok jmc@ | |||
| 2004-07-07 | plug memleak when receiving an INVALID_HASH_INFORMATION notify. | Hans-Joerg Hoexer | |
| Found by Patrick Latifi, thanks! ok ho@ | |||
| 2004-07-07 | compile cleanly with -Wsign-compare; while around, kill a space | Hans-Joerg Hoexer | |
| ok ho@ | |||
| 2004-07-05 | %lu and cast to unsigned long to print a size_t; ok ho | Peter Valchev | |
| 2004-06-30 | Compile cleanly with gcc3.3.2. | Hans-Joerg Hoexer | |
| ok ho@ | |||
| 2004-06-26 | new sentence, new line; | Jason McIntyre | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |