| Age | Commit message (Collapse) | Author |
|---|
|
./dh.c: Merge with EOM 1.5
./hash.c: Merge with EOM 1.10
./math_group.h: Merge with EOM 1.7
Style. alloc error reporting. Math error propagation. Allocate right
sizes.
1999 copyrights
|
|
./ike_phase_1.h: Merge with EOM 1.1
./ike_aggressive.h: Merge with EOM 1.1
Let's get aggressive!
|
|
Remove SA_FLAG_REPLACED settings from various parts in preparation of a
grand unified setting in exchange_finalize. Fix sa_mark_replaced to not
release a referance to the sa, and adjust the API as it won't get called
as a finalize func anymore.
|
|
Check should be for step > 1, not step > 0.
Don't drop new incoming phase 1 exchange request if our existing
exchange hasn't gotten past step 0.
Style. alloc error reporting. Math error propagation. Allocate right
sizes.
Off by one (< -> <=)
Let's get aggressive\!
Added classes LOG_SA and LOG_EXCHANGE, converted
many LOG_MISC to new classes, adjusted levels slightly.
More SA logging.
Simplify the checks of existing exchanges by moving it into
exchange_establish. This means we need to change the finalize API.
Try to make PF_ENCAP support handle multiple connections to a single
security gateway.
Include sa_list in exchange_dump
Add finalization to exchange when we initiate a new exchange
while an old one is being setup.
Add LOG_REPORT to always go to logchannel regardless of level; misc small fixes
Deal with incoming informational exchanges
style
At end of an exchange, mark the old SAs as replaced.
Do not answer on main-mode initiations from peers we already talk to.
|
|
./x509.c: Merge with EOM 1.13
Style
Style. alloc error reporting. Math error propagation. Allocate right
sizes.
1999 copyrights
|
|
Style. alloc error reporting. Math error propagation. Allocate right
sizes.
1999
Style police. No free(0).
|
|
Up-to-date
Up-to-date
Garbage collect transports via refcounting. Fix commentary.
up-to-date
|
|
Up-to-date
we do not leak SPIs now
New bugs
up-to-date
|
|
./gmp_util.c: Merge with EOM 1.3
./asn_useful.c: Merge with EOM 1.11
./attribute.c: Merge with EOM 1.9
./constants.c: Merge with EOM 1.7
./doi.h: Merge with EOM 1.25
./doi.c: Merge with EOM 1.4
./field.c: Merge with EOM 1.9
./init.c: Merge with EOM 1.13
./isakmp_doi.c: Merge with EOM 1.35
./prf.c: Merge with EOM 1.6
./util.c: Merge with EOM 1.14
./app.h: Merge with EOM 1.4
./conf.h: Merge with EOM 1.8
./ipsec.h: Merge with EOM 1.34
./ipsec_doi.h: Merge with EOM 1.10
./pkcs.h: Merge with EOM 1.8
./sysdep.h: Merge with EOM 1.15
1999 copyrights
|
|
Style
Make an attempt to handle failures in logging; disk full, etc.
We fallback to syslog(), which in turn has a fallback to /dev/console.
Move LOG_SIZE to log.h
Add LOG_REPORT to always go to logchannel regardless of level; misc small fixes
I did not need to do this but... style nits
Add class and level to debug messages
log time on -d mode
1999 copyrights
|
|
Add transport_report
Garbage collect transports via refcounting. Fix commentary.
1999 copyrights
|
|
|
|
|
|
If you are going to use either of AH or ESP or both, enable these in
/etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now
named net.inet.ip.encdebug. Some corrected function signatures too.
|
|
does not generate an error
|
|
|
|
|
|
|
|
|
|
|
|
o Change "Save changes" prompt to "Write new label"
o call writelabel() with &label and then update *lp instead of
updating *lp and then calling writelabel() with lp.
|
|
Too much removed in last commit
Actually save the DH values in inititor mode
Non-PFS case for initiators bailed out wrongly.
|
|
Make valid according to the RFCs
|
|
up-to-date
|
|
up-to-date
|
|
Make "Connections" handling nicer, and even implement it for KLIPS.
A stab at reregestering the on-demand routes for PF_ENCAP.
|
|
Mem leak plugging. New finalize API.
Do not renegotiate on already replaced SA expirations
Only establish on-demand route if we know how to
If we get an EEXIST from RTM_ADD, try to RTM_CHANGE the route.
Correct buffer size in log printout
make compile
Make "Connections" handling nicer, and even implement it for KLIPS.
A stab at reregestering the on-demand routes for PF_ENCAP.
typo found by ho@netman.se
|
|
New finalize API. Free keystate.
1999 copyrights
|
|
Make "Connections" handling nicer, and even implement it for KLIPS.
A stab at reregestering the on-demand routes for PF_ENCAP.
|
|
Remove obsoleted code
Memory alloc. error reporting. Garbage collect keystate.
|
|
Mem leak fix
1999 copyrights
|
|
Style police. No free(0).
1999 copyrights
|
|
Memory alloc. error reporting. Mem leak plugging.
|
|
memory leak fixes
1999 copyrights
|
|
Better error messages, style
1999 copyrights
|
|
Mem leak plugging.
1999 copyrights
|
|
We need log.h
Plug memleak
1999 copyrights
|
|
Correct wording of debug printout
Debug output. Style. Missing break in case.
Style
Style police.
1999 copyrights
|
|
Typecast correct
Get a private copy of connection names that should live forever.
New finalize API.
Make "Connections" handling nicer, and even implement it for KLIPS.
A stab at reregestering the on-demand routes for PF_ENCAP.
|
|
Allocation failure reporting. Debug printouts. Typecast correctly.
New finalize API. Free keystate.
|
|
clear pointer when what is pointed to is freed
Fix PFS in initator mode. Improve commentary. Some more error reporting.
GC proto structures if we bail out on a message. Never free twice.
Error handling of group allocation.
Memory alloc. error reporting. Mem leak plugging.
|
|
New finalize API so we can call it when failing too, so we do not leak
resources. Plug memory leaks in general. More memory allocation error
reporting.
|
|
Plug the leak of the last QM message. More error reporting from
insufficient memory. Move the finalize call of exchanges as close to
the real deallocation as possible.
New finalize API so we can call it when failing too, so we do not leak
resources. Plug memory leaks in general. More memory allocation error
reporting.
|
|
More error reporting.
Plug memleak (all memleak I have fixed recently have been discovered by the
leak-finding mode of Boehm's conservative garbage collector. Error
handling of group allocation.
Memory alloc. error reporting. Be consistent on allocating keystate.
|
|
1999
Mem leak plugging.
Make "Connections" handling nicer, and even implement it for KLIPS.
A stab at reregestering the on-demand routes for PF_ENCAP.
|
|
Inconsistent proposals (wrt groups) not allowed.
|
|
refcount the exchange when delayed processing is scheduled for QM
1999 copyrights
|
|
|
|
|
|
1999 copyrights
Better error reporting in lifetime policy checking
too aggressively removing gotos
|
