Age | Commit message (Collapse) | Author |
|
|
|
netbsd 1.57 -> 1.58
|
|
From: =?iso-8859-1?Q?G=F6ran_Bengtson?= <goeran@cdg.chalmers.se>
|
|
for details.
|
|
|
|
|
|
author: angelos
Bad typo, the check should be inverted. Also, add a NOTIFY message
being sent to the Responder if policy check fails at the initiator
(and print a log message).
|
|
author: ho
style...
author: ho
Think-o. Reword log msg again to match what happens here.
author: ho
(struct constant_map *) is not (char *), plus reword the log msg.
|
|
author: angelos
Rename the "CN:" tag to "DN:", after Jorgen's suggestion.
author: angelos
Add an initiator attribute, and make the code amenable to be invoked
by the initiator as well (for policy compliance checking).
author: angelos
Fix typo, noted by Jorgen.Granstam@abc.se
|
|
author: angelos
Rename the "CN:" tag to "DN:", after Jorgen's suggestion.
|
|
author: angelos
Rename the "CN:" tag to "DN:", after Jorgen's suggestion.
author: angelos
Do a policy check on the Initiator, when notified by the Responder on
the SA selection. For efficiency, we should replicate this check on
the first message sent by the Initiator (so we only send proposals we
know we'll eventually accept).
|
|
author: angelos
Do a policy check on the Initiator, when notified by the Responder on
the SA selection. For efficiency, we should replicate this check on
the first message sent by the Initiator (so we only send proposals we
know we'll eventually accept).
author: angelos
Add an initiator attribute, and make the code amenable to be invoked
by the initiator as well (for policy compliance checking).
|
|
|
|
|
|
|
|
|
|
libcrypto.c: Merge with EOM 1.11
libcrypto.h: Merge with EOM 1.11
x509.c: Merge with EOM 1.33
author: angelos
Add Canonical Names as policy targets (so they can be specified in the
Licensees field), with the "CN:..." format.
|
|
author: angelos
Add Canonical Names as policy targets (so they can be specified in the
Licensees field), with the "CN:..." format.
author: angelos
Done.
author: angelos
One missing item left...
author: angelos
More text.
author: angelos
Passphrases are encoded as "passphrase:xxxx" now, to distinguish
between passphrases and logic labels.
author: angelos
Consistent references.
author: angelos
Minor tweak.
|
|
msdos on hard disk as well as floppies. ok millert@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for details.
|
|
apps/certpatch/certpatch.c: Merge with EOM 1.6
exchange.c: Merge with EOM 1.114
ike_quick_mode.c: Merge with EOM 1.110
ike_phase_1.c: Merge with EOM 1.16
ike_auth.c: Merge with EOM 1.41
ike_aggressive.c: Merge with EOM 1.4
libcrypto.c: Merge with EOM 1.10
libcrypto.h: Merge with EOM 1.10
isakmpd.8: Merge with EOM 1.19
isakmpd.c: Merge with EOM 1.42
ipsec.h: Merge with EOM 1.40
init.c: Merge with EOM 1.22
message.c: Merge with EOM 1.143
message.h: Merge with EOM 1.49
sa.c: Merge with EOM 1.98
sa.h: Merge with EOM 1.54
policy.c: Merge with EOM 1.14
pf_key_v2.c: Merge with EOM 1.36
x509.c: Merge with EOM 1.32
x509.h: Merge with EOM 1.9
udp.c: Merge with EOM 1.46
author: niklas
Angelos copyrights
|
|
samples/VPN-west.conf: Merge with EOM 1.10
samples/singlehost-east.conf: Merge with EOM 1.7
samples/singlehost-west.conf: Merge with EOM 1.7
author: niklas
Remove volume-based lifetimes on phase 1 SAs
|
|
isakmpd.conf.5: Merge with EOM 1.38
message.c: Merge with EOM 1.142
pf_key_v2.c: Merge with EOM 1.35
x509.c: Merge with EOM 1.31
author: niklas
(c) 2000
|
|
libcrypto.h: Merge with EOM 1.9
author: angelos
Make x509_cert_init() able to re-initialize.
author: angelos
Add prototypes for a few more X509 SSL calls.
|
|
author: angelos
Remove empty line.
author: angelos
Change the order of initializing x509 and policy (x509 depends on policy).
|
|
author: angelos
Make x509_cert_init() able to re-initialize.
author: angelos
Reinitialize certificates as well.
|
|
author: angelos
Make x509_cert_init() able to re-initialize.
author: angelos
Fix delegating to a CA.
|
|
author: niklas
style
|
|
author: angelos
Fix part of the problem with X509 certificates (delegating to the CA
isn't working yet, but I know where the problem is -- upcoming commit
later today).
|
|
|
|
|
|
author: niklas
Also check that the exchange to be upgraded is phase 1
|
|
author: niklas
Oops in last commit
author: niklas
Only upgrade exchanges that are still without a responder cookie
|
|
author: angelos
Better logic.
author: angelos
Don't crash if Life is not present...
|
|
giving by the user in addition to what reapath() returns. Things
that call mount(2) directly may use paths different than what
realpath() returns but you still want to be able to umount them...
|
|
author: ho
Bugfix for IPSEC_ID_USER_FQDN from <<Jorgen.Granstam@abc.se>.
Apply similar to the IPSEC_ID_FQDN case plus fix the log messages.
|
|
author: ho
Bugfix. From <Jorgen.Granstam@abc.se>.
|
|
author: niklas
-Wall friendly
|
|
author: niklas
Fix cert ID hashing
|
|
Use the new ESP/AH flags for "old" ESP/AH.
|
|
|
|
author: niklas
style
author: ho
Lower the common {ADD,DEL}FLOW warnings to log_debug() on OpenBSD.
|
|
author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.
|