Age | Commit message (Collapse) | Author |
|
author: niklas
diagnostic
|
|
author: niklas
Do not decrease SA lifetime if we cannot act as initiator
|
|
author: niklas
Reversed a condition by mistake
author: niklas
Another part of the former commit.
author: niklas
Do not add HASH to informational exchanges if we have
no ISAKMP SA.
|
|
author: niklas
Mention flow cleanup
|
|
author: niklas
Plug a message leak
|
|
author: niklas
Correct allocation of contacts
|
|
doi.h: Merge with EOM 1.27
ike_auth.c: Merge with EOM 1.30
ike_quick_mode.c: Merge with EOM 1.85
ipsec.c: Merge with EOM 1.107
ipsec.h: Merge with EOM 1.36
isakmp_doi.c: Merge with EOM 1.39
author: niklas
Factor out keyed hashing of all payloads with SKEYID_a, and make DOI hooks
for informational exchanges to add such hashing. Use it from QM and the IKE
authentication module too. Remove some bogus XXX comments. Add error
reporting
|
|
author: niklas
Use new informational exchange hooks. Never bind incoming phase 2 messages to
ISAKMP SAs that are not ready. It is not clear just yet what to do in that
case, for now just drop such messages.
|
|
author: niklas
Talk about the config file
|
|
author: niklas
Free SAs left in the exchange's SA list always when freeing
the exchange.
author: niklas
disconnect SAs from the exchange when they are ready
author: ho
Don't create SAs for informational exchanges.
|
|
prf.c: Merge with EOM 1.7
author: niklas
Remove bogus XXXes, add allocation error reporting.
|
|
author: niklas
Remove bogus XXXes, add allocation error reporting.
author: ho
Typo.
author: ho
Do not automatically check connections at HARD_EXPIRE.
Also check for existing exchanges in pf_encap_connection_check.
author: ho
Cut'n'paste typo fix.
|
|
|
|
|
|
|
|
|
|
sa.c: Merge with EOM 1.90
message.c: Merge with EOM 1.131
message.h: Merge with EOM 1.47
author: niklas
Send DELETE payloads in informational exchanges
|
|
author: niklas
Forgot one change in last commit
|
|
author: niklas
Remove larval SAs if an exchange dies. Also use the DOI from the isakmp_sa
if doing an informational exchange in phase 2.
|
|
|
|
DESIGN-NOTES: Merge with EOM 1.42
Makefile: Merge with EOM 1.51
app.c: Merge with EOM 1.6
conf.c: Merge with EOM 1.18
init.c: Merge with EOM 1.14
isakmpd.conf.5: Merge with EOM 1.19
pf_encap.c: Merge with EOM 1.64
pf_encap.h: Merge with EOM 1.12
pf_key_v2.h: Merge with EOM 1.3
sysdep.h: Merge with EOM 1.16
transport.c: Merge with EOM 1.40
ui.c: Merge with EOM 1.32
author: niklas
A new connection abstraction
|
|
author: niklas
typo in debug output
author: niklas
A new connection abstraction
|
|
author: niklas
Sigh, tunnel mode needs a special flag.
|
|
author: niklas
INITIAL-CONTACT bug
|
|
author: niklas
Informational exchanges do not have SAs
|
|
author: niklas
Unused var removed
|
|
author: niklas
Do not free a message twice
|
|
author: niklas
Try to get the right DOI in notifications
author: niklas
Revert last change
author: niklas
Informational exchanges reaches their end immediately.
author: niklas
Keep track of messages in the send queue from the exchange point of view.
author: niklas
Only retransmit if we have something to retransmit
author: niklas
New message_drop API. Generate real INVALID_COOKIE notification.
Generate informational exchanges in phase 1 too. Really get these
messages to the wire
|
|
README: Merge with EOM 1.21
TO-DO: Merge with EOM 1.35
author: niklas
Up-to-date
|
|
isakmp_doi.c: Merge with EOM 1.38
author: niklas
Recognize but ignore incoming informationmal exchanges
author: niklas
New message_drop API. Generate real INVALID_COOKIE notification.
Generate informational exchanges in phase 1 too. Really get these
messages to the wire
|
|
author: niklas
Try to fix the retransmit business, so info exchanges does not retransmit
author: niklas
Remove unneccesary code
author: niklas
Keep track of messages in the send queue from the exchange point of view.
author: niklas
Free the last sent message when freeing an exchange
author: niklas
New message_drop API. Generate real INVALID_COOKIE notification.
Generate informational exchanges in phase 1 too. Really get these
messages to the wire
|
|
author: niklas
Keep track of messages in the send queue from the exchange point of view.
|
|
author: niklas
inet_ntoa returns a static, do not call twice in an expression
|
|
author: niklas
Careful rewrite of the message sending to cope with exchanges disappearing
in post-send functions.
author: niklas
Try to fix the retransmit business, so info exchanges does not retransmit
author: niklas
Keep track of messages in the send queue from the exchange point of view.
|
|
ike_quick_mode.c: Merge with EOM 1.84
message.h: Merge with EOM 1.46
author: niklas
New message_drop API. Generate real INVALID_COOKIE notification.
Generate informational exchanges in phase 1 too. Really get these
messages to the wire
|
|
author: niklas
Do not put multiple expirations on a single SA
|
|
|
|
.Nd takes at most 9 arguments.
Hence, if the description is longer than that, you lose.
Unless you get it to be just one argument, by quoting it.
Automated search of other such manpages to do, or a way to fix
.Nd if someone knows enough troff...
|
|
author: niklas
Bind notify message types to the IPsec notify message types as well.
|
|
author: niklas
Simplify exchange life logic some. Some style too.
|
|
DESIGN-NOTES: Merge with EOM 1.41
author: niklas
Up-to-date
|
|
author: niklas
Do not lose the transport we are handling
author: niklas
Remove obsolete XXX comment.
author: niklas
Collapse MSG_NO_RETRANS & MSG_KEEP into MSG_LAST.
|
|
ike_main_mode.c: Merge with EOM 1.77
ipsec.h: Merge with EOM 1.35
author: niklas
Send out INITIAL-CONTACT notifications
|
|
author: niklas
When seeing duplicates, just retransmit if the last sent
message was the last of an exchange, thus not scheduled for retransmission.
author: ho
Keep track of trailing retransmissions by keeping exchanges around longer.
Removed references to sa->last_sent_in_setup, use last_sent and
last_received in exchange instead. Free setup exchanges by expiration only.
author: ho
Backout last change. (Go with exchange directly instead of sa->msg)
author: ho
Handle phase 2 late retransmissions.
|
|
author: niklas
reference transport when doing listen sockets. Style + remove old comment
|
|
author: niklas
Handle leftover payloads.
author: niklas
Simplify exchange life logic some. Some style too.
author: niklas
Collapse MSG_NO_RETRANS & MSG_KEEP into MSG_LAST.
author: niklas
Style
author: ho
Keep track of trailing retransmissions by keeping exchanges around longer.
Removed references to sa->last_sent_in_setup, use last_sent and
last_received in exchange instead. Free setup exchanges by expiration only.
author: ho
Backout last change. (Go with exchange directly instead of sa->msg)
author: ho
Handle phase 2 late retransmissions.
|
|
author: niklas
Handle leftover payloads, esp INITIAL CONTACT notifications.
Factor out SA expiration setting. Add commentary.
author: niklas
Send out INITIAL-CONTACT notifications
|
|
author: niklas
Do not hold on to the exchange for post quick mode, it will be there.
|
|
regress/exchange/run.sh: Merge with EOM 1.5
regress/rsakeygen/rsakeygen.c: Merge with EOM 1.7
genconstants.sh: Merge with EOM 1.6
genfields.sh: Merge with EOM 1.5
author: niklas
1999
|
|
author: niklas
Remove unused macro.
|