summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
AgeCommit message (Collapse)Author
2002-12-06Set transform from default. PR#3008Hakan Olsson
2002-12-06Section and tag comparisions should be case-insensitive. PR#3010, Mike Neuman.Hakan Olsson
2002-12-04bit_ffc(3) returns a -1 location for a full bitset. Problem found byHakan Olsson
Olivier Courtay.
2002-12-04allow ACQUIRE with empty EXT_ADDRESS_SRC; PR 2996; ok angelos@, ho@Markus Friedl
2002-12-03Add -4/-6 cmdline options to select what address family (IPv4,v6) to use.Hakan Olsson
niklas@ ok.
2002-12-03LOG_DBG for missing ca/, certs/, crls/ dirs, notHakan Olsson
log_error(). Suggested by markus@.
2002-11-27Make sure daemon() does not close any fd opened during initialization.Hakan Olsson
niklas@ ok.
2002-11-27Update document date.Hakan Olsson
2002-11-21Add 'rawkey' to FEATURES.Hakan Olsson
2002-11-21-Wshadow nits.Hakan Olsson
2002-11-21hmac_init and prf_alloc should use unsigned lengths. Problem pointed out by ↵Hakan Olsson
Patrick Latifi.
2002-11-15Missing "Configuration" tag in a Phase-1 peer was not handled correctly,Hakan Olsson
pointed out by Aref Taidi. Replace this with a "Default-Phase-1-Configuration" that will be used if this tag is missing from the peer. Update manpage accordingly. niklas@ ok.
2002-11-14Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848.Hakan Olsson
2002-11-14Better whitespace/newline handling, this should make broken lines andHakan Olsson
multiple values parse correctly again, as well as fix PR#2974. Also fix some int/u_int mismatches, and remove conf_get_line() (obsolete).
2002-11-14correct IPv6 setsockopt for ipsec operation. angelos okJun-ichiro itojun Hagino
From: Martti Kuparinen <martti.kuparinen@iki.fi>
2002-11-10fix SEE ALSO; ho ok.Federico G. Schwindt
2002-11-09more SEE ALSO fixes.Federico G. Schwindt
2002-11-09SEE ALSO reordering and corrections.Federico G. Schwindt
2002-11-08I missed a 'return' statement. Also spotted by Aref Taidi. Thanks.Hakan Olsson
2002-11-06More careful will alloc/free. Spotted by Aref Taidi.Hakan Olsson
2002-09-11signed vs unsigned from -pedantic.Hakan Olsson
2002-09-11signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.Hakan Olsson
2002-09-08Fix -pedantic errors.Hakan Olsson
2002-09-06remove Xr to photurisTheo de Raadt
2002-09-05Without IDs wait until next step/retry to handle CERTREQs. This shouldHakan Olsson
make certificate auth work better with some clients, such as SSH Sentinel.
2002-09-05Do not require the presence of subjectAltName in certificates used forHakan Olsson
IKE auth. Should make interoperating with for example FreeS/WAN easier (Pluto).
2002-09-05Do not create SAs for transaction exchanges either. By niklas@Hakan Olsson
2002-09-03add strlcpy/cat for BSD/OSMarkus Friedl
2002-09-03CPI_RESERVED_MIN is not defined on KAME+BSD/OS; ok ho@Markus Friedl
2002-08-29need CPI_xx declsJun-ichiro itojun Hagino
2002-08-29size_t has to be casted to u_long on printing.Jun-ichiro itojun Hagino
From: Martti Kuparinen <martti.kuparinen@iki.fi>
2002-08-29Work around arguably correct OpenSSL behaviour and only ask for CRLHakan Olsson
checks when we actually have CRLs to check against. Problem pointed out by <sturm@sec.informatik.tu-darmstadt.de>.
2002-08-23Initial support for MacOS X (v10.2 and later).Hakan Olsson
2002-08-23Small cleanup.Hakan Olsson
2002-08-23Another format tweakHakan Olsson
2002-08-23Proper formatHakan Olsson
2002-08-08Append to the packet log file, don't overwrite. Requested by pb@.Hakan Olsson
2002-08-07A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>.Hakan Olsson
Some style mods, and checks added for OpenSSL version 0.9.7 or later. Currently CRLs are not supported for earlier versions. Manual pages updated.
2002-08-02Check inet_aton() failure with == 0, not == -1; millert@ ok.Aaron Campbell
2002-08-02Mention CRL support, tag and default value.Hakan Olsson
2002-08-02CRL support for isakmpd. From <Thomas.Walpuski@gmx.net> with some minorHakan Olsson
modifications by me. ok niklas@.
2002-07-16fix $OpenBSD TagMarkus Friedl
2002-07-11malloc() failure tests; rimshot@pandora.beTheo de Raadt
2002-07-09HASH payload validation does not require an exchange.Hakan Olsson
2002-07-05volatile sig_atomic_t, suggested by Theo.Hakan Olsson
2002-07-05gcc 3.1 nits. Pointed out by David Krause.Hakan Olsson
2002-07-04Do not assume we have an active exchange during payload validation.Hakan Olsson
2002-07-04styleHakan Olsson
2002-06-17A bit better. Remove debug cruft.Hakan Olsson
2002-06-15ecn_* policy attributes --- ok ho@Angelos D. Keromytis
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-12 05:47:23 +0000