Age | Commit message (Collapse) | Author |
|
be committed).
|
|
setusercontext() in most places where previously we did a setlogin().
Add default login.conf file and put root in the "daemon" login class.
|
|
|
|
|
|
|
|
have to worry about stdout == stdin (and since this is done inconsistently
it is useless anyway). Pointed out by map@infinitum.ch.
|
|
completely in sync with kame (do not nuke #ifdef please).
|
|
|
|
|
|
some nat state bugs, and ups the default state table size.
See sbin/ipf/HISTORY for details.
|
|
single_user, not runcom (/etc/rc).
|
|
Thomas Klausner in NetBSD.
|
|
|
|
author: niklas
style
|
|
author: niklas
From OpenBSD: be paranoid about the syslog format parameter
|
|
author: niklas
remove unnecessary include
|
|
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
author: provos
dont segfault on connection report when id is not set
|
|
author: provos
dont strdup exchange->recv_cert, it is not always a 0 terminated string
for CERTENC_NONE. we need to malloc and memcpy instead. found by
electric fence.
author: provos
provide transport dependent ID decoding; hope indentation is right now ;)
author: ho
ISAKMP peer transport defaults to UDP.
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
author: provos
indent
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
|
|
author: angelos
Get the right value.
author: angelos
Add "phase1_group_desc" attribute, and explain the various values.
|
|
author: angelos
Be more careful.
author: angelos
Oops, typo.
author: angelos
Avoid endless loop in INITIAL-CONTACT handling.
author: angelos
Don't delete the ISAKMP SA over which we received an INITIAL-CONTACT
payload.
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
author: provos
indent
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
|
|
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
|
|
author: angelos
Add "phase1_group_desc" attribute, and explain the various values.
|
|
author: provos
provide transport dependent ID decoding; hope indentation is right now ;)
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
|
|
author: ho
Mention 'Default' tag in Phase 1 section, modify peer tag descriptions
to match. Phase 1 peer transport 'udp' is now a default value. The
'Stayalive' flag died long ago, remove it from the example. Also
remove reference to the likewise dead 'Next-hop' tag. Some minor cleanup.
|
|
author: ho
ISAKMP peer transport defaults to UDP.
|
|
transport.h: Merge with EOM 1.16
author: provos
provide transport dependent ID decoding; hope indentation is right now ;)
|
|
author: angelos
Be careful when there's no assertions.
|
|
author: provos
prevent isakmpd crashing when client gives an unknown ID in aggressive mode.
bug report from James Winquist <winquist@mail.cybernet.com>
|
|
author: angelos
Add sa_enter() prototype.
|
|
author: provos
prevent crashing when we receive an encrypted message as response to
our first packet as initiator. James Winquist <winquist@mail.cybernet.com>
|
|
doi.h: Merge with EOM 1.29
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
|
|
|
|
|
|
|
|
|
|
|
|
kludge to begin with, and it's about time we get rid of it.
|
|
version. Basically just a generalization of my previous commit in this area.
|
|
|
|
|
|
|
|
|
|
were made, some code in an ifdefed section was missed. Update that
section of code to have the appropriate added parameter.
|
|
|
|
|
|
|
|
|
|
|
|
Update the description of available channel for Japan.
The regulations has been changed to adopt 802.11b since Oct. 99.
For 11Mbps NICs sold in Japan, all DS channels (1..14) are available.
|
|
|