summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2000-10-16Merge with EOM 1.135Niklas Hallqvist
author: provos better referencing. okay niklas@ author: angelos Eliminate bogus freeing of static variable.
2000-10-16Merge with EOM 1.44Niklas Hallqvist
author: angelos Just to be on the safe side, use a struct stat. author: angelos Only do the secrecy check and parse the configuration file if it actually exists. author: angelos Actually create all the pre-configured Transforms and Suites, even if the user doesn't actually define them in the configuration file; ugly kludge, but it allows use of isakmpd without a configuration file. author: angelos Add RIPEMD negotiation/configuration.
2000-10-16Merge with EOM 1.48Niklas Hallqvist
author: angelos Fix comment. author: angelos Add RIPEMD negotiation/configuration.
2000-10-16Merge with EOM 1.78Niklas Hallqvist
author: niklas correct test for GMP feature
2000-10-16Merge with EOM 1.52Niklas Hallqvist
author: niklas heh, backspace as a continuation character, yeah right! author: angelos Mention Remote-ID tag in ISAKMP-peer section, and also that it doesn't currently work. author: angelos It's "Local-address", not "Listen-address" in the ISAKMP-peer section. author: angelos Mention RIPEMD.
2000-10-16Merge with EOM 1.9Niklas Hallqvist
author: angelos Correct byte-order handling in encode/decode_128, add function prototypes.
2000-10-16Merge with EOM 1.12Niklas Hallqvist
author: niklas missed some FEATURES-dependencies in the last commit author: niklas include crypto headers based on FEATURES
2000-10-16ipsec_num.cst: Merge with EOM 1.5Niklas Hallqvist
isakmpd.policy.5: Merge with EOM 1.22 author: angelos Add RIPEMD negotiation/configuration.
2000-10-16Merge with EOM 1.110Niklas Hallqvist
author: provos better referencing. okay niklas@ author: niklas Allow new and old style configuration simultaneously
2000-10-16Merge with EOM 1.134Niklas Hallqvist
author: provos better referencing. okay niklas@
2000-10-16Merge with EOM 1.52Niklas Hallqvist
author: niklas ifdef HAVE_GETNAMINFO author: angelos That comment doesn't justify an XXX mark :-)
2000-10-16Merge with EOM 1.29Niklas Hallqvist
author: angelos Add comment on where we could be checking the Remote-ID.
2000-10-16Merge with EOM 1.19Niklas Hallqvist
author: angelos Correct byte-order handling in encode/decode_128, add function prototypes. author: angelos A few more auxiliary routines.
2000-10-16Merge with EOM 1.1Niklas Hallqvist
author: niklas Add weak aliases for keynote symbols that have not always been there
2000-10-16Merge with EOM 1.16Niklas Hallqvist
author: niklas conditionalize getnaminfo and add weak keynote syms author: niklas Add weak aliases for keynote symbols that have not always been there
2000-10-16Merge with EOM 1.139Niklas Hallqvist
author: niklas Allow new and old style configuration simultaneously author: niklas use snprintf instead of strlcpy since it is more backwards compatible author: niklas Provide NI_MAXHOSTS for systems who do not have it author: niklas conditionalize getnaminfo and be a style pedant author: angelos Fix bounds checking for transforms to include AES (noticed by mickey@) author: angelos Add RIPEMD negotiation/configuration.
2000-10-16Merge with EOM 1.59Niklas Hallqvist
author: provos better referencing. okay niklas@ author: niklas Name collissions introduced by me, DOH! author: niklas Allow new and old style configuration simultaneously author: niklas Backward compatibility with old style configuration author: niklas remove redundant ifdefs author: niklas facistoid style and naming pedantery author: angelos Construct the ISAKMP-peer section such that it actually contains the src/dst Phase 1 IDs (so we don't have to worry about configuration conflicts). I should update the manpage.... author: angelos Use local-address, not listen-address. author: angelos First cut of ACQUIRE handling, fully functional but not entirely dynamic (it depends on the pre-defined Transforms and Suites). Nonetheless, it is possible to use isakmpd without a configuration file when using certificates for authentication. author: angelos Add RIPEMD negotiation/configuration.
2000-10-16Xr spppcontrolChris Cappuccio
2000-10-16getserv* already returns ports in network byteorderNiklas Hallqvist
2000-10-14document net.inet.tcp.rstppslimit.Jun-ichiro itojun Hagino
2000-10-13Make the arguments more compatible with wi/ancontrolChris Cappuccio
Now the interface is specified as the first argument instead of with -i
2000-10-13- Remove hard sentence breaks.Aaron Campbell
- OpenBSD'ify somewhat (we don't use a .Sh OPTIONS section marker). - Remove broken reference to spppcontrol(8). - NetBSD 1.4 -> OpenBSD 2.8.
2000-10-13The -i flags was being ignored, this breaks backwards compatibilityChris Cappuccio
ok deraadt@
2000-10-13lmccontrolChris Cappuccio
2000-10-13utility to control lmc(4) interfacesChris Cappuccio
2000-10-13util.h: Merge with EOM 1.8Niklas Hallqvist
ike_auth.c: Merge with EOM 1.57 author: ho Add file permission check to private key file. Split out check function to util.c.
2000-10-13regress/b2n/Makefile: Merge with EOM 1.12Niklas Hallqvist
regress/ec2n/Makefile: Merge with EOM 1.9 conf.c: Merge with EOM 1.40 util.c: Merge with EOM 1.17 author: ho Add file permission check to private key file. Split out check function to util.c.
2000-10-13Merge with EOM 1.39Niklas Hallqvist
author: ho Revert. Be strict about file mode.
2000-10-13Merge with EOM 1.38Niklas Hallqvist
author: ho Warn but continue on isakmpd.conf permissions.
2000-10-12don't segv on too many arguments. sync with kameJun-ichiro itojun Hagino
2000-10-12printf-like string format pedantJun-ichiro itojun Hagino
2000-10-10mount -t is the preferred way to invokeMarco S Hyman
2000-10-10mount -t is the preferred way to invokeMarco S Hyman
2000-10-10mount -t is the preferred way to invokeMarco S Hyman
2000-10-10mount -t is the preferred way to invokeMarco S Hyman
2000-10-10mount -t is the preferred way to invokeMarco S Hyman
2000-10-10mention icmp{,6}.errppslimitJun-ichiro itojun Hagino
2000-10-10Merge with EOM 1.58Niklas Hallqvist
author: provos increase size of refcnt. okay niklas@
2000-10-10message.c: Merge with EOM 1.156Niklas Hallqvist
message.h: Merge with EOM 1.51 transport.c: Merge with EOM 1.43 author: provos use message_send_expire for timeouts. okay niklas@
2000-10-10Merge with EOM 1.49Niklas Hallqvist
author: niklas Very ugly, transient fix so isakmpd works in a backward compatible way, instead of requiring the new undocumented ACQUIRE-based setup
2000-10-09samples/VPN-3way-template.conf: Merge with EOM 1.8Niklas Hallqvist
samples/VPN-east.conf: Merge with EOM 1.12 samples/VPN-west.conf: Merge with EOM 1.13 samples/policy: Merge with EOM 1.6 samples/singlehost-west.conf: Merge with EOM 1.9 samples/singlehost-east.conf: Merge with EOM 1.9 conf.c: Merge with EOM 1.37 ipsec.c: Merge with EOM 1.133 ipsec_num.cst: Merge with EOM 1.4 isakmpd.conf.5: Merge with EOM 1.48 isakmpd.policy.5: Merge with EOM 1.21 policy.c: Merge with EOM 1.46 author: angelos AES support.
2000-10-09Merge with EOM 1.133Niklas Hallqvist
author: angelos Use Default entry for Phase 1 configuration if none is found.
2000-10-09Merge with EOM 1.48Niklas Hallqvist
author: niklas properly ifdef PF_KEY extension author: angelos AES support.
2000-10-09do not coredump if can't get raw device name, e.g. /tmp on mfs; millert@ okMichael Shalayeff
2000-10-09AES.Angelos D. Keromytis
2000-10-08update DNS label length validation. check inet_ntop() errors. sync with kame.Jun-ichiro itojun Hagino
2000-10-07Merge with EOM 1.133Niklas Hallqvist
author: niklas style and < that should be <= author: angelos If the initiator does not propose a Phase 2 ID, use the local/peer addresses as implicit IDs; this was supported on the responder side, but weirdly enough not on the initiator. Reported by itojun@ author: angelos Handle 32-bit lifetimes (in generating them). author: ho (c)-2000 author: provos style as pointed out by the code style pedant. author: provos proper reference counting for isakmp_sa in struct message, remove bogus calls to sa_reference; fix some more memory leaks in conf.c
2000-10-07Merge with EOM 1.56Niklas Hallqvist
author: niklas Multiple subject name matching, makes certificate interop with PGPnet at least partly working. Added some error checking. author: angelos No need to delete SPIs, they'll just expire. author: provos style as pointed out by the code style pedant.
2000-10-07Merge with EOM 1.16Niklas Hallqvist
author: niklas Multiple subject name matching, makes certificate interop with PGPnet at least partly working. Added some error checking. author: ho Read in FEATURES for proper operation author: angelos No need for NODEBUG. author: angelos Use NODEBUG compile flag, so policy.c doesn't barf.
2000-10-07Merge with EOM 1.4Niklas Hallqvist
author: ho Nowadays we can use #include <openssl/...> instead of <ssl/...>