| Age | Commit message (Collapse) | Author |
|---|
|
libcrypto.c: Merge with EOM 1.11
libcrypto.h: Merge with EOM 1.11
x509.c: Merge with EOM 1.33
author: angelos
Add Canonical Names as policy targets (so they can be specified in the
Licensees field), with the "CN:..." format.
|
|
author: angelos
Add Canonical Names as policy targets (so they can be specified in the
Licensees field), with the "CN:..." format.
author: angelos
Done.
author: angelos
One missing item left...
author: angelos
More text.
author: angelos
Passphrases are encoded as "passphrase:xxxx" now, to distinguish
between passphrases and logic labels.
author: angelos
Consistent references.
author: angelos
Minor tweak.
|
|
msdos on hard disk as well as floppies. ok millert@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for details.
|
|
apps/certpatch/certpatch.c: Merge with EOM 1.6
exchange.c: Merge with EOM 1.114
ike_quick_mode.c: Merge with EOM 1.110
ike_phase_1.c: Merge with EOM 1.16
ike_auth.c: Merge with EOM 1.41
ike_aggressive.c: Merge with EOM 1.4
libcrypto.c: Merge with EOM 1.10
libcrypto.h: Merge with EOM 1.10
isakmpd.8: Merge with EOM 1.19
isakmpd.c: Merge with EOM 1.42
ipsec.h: Merge with EOM 1.40
init.c: Merge with EOM 1.22
message.c: Merge with EOM 1.143
message.h: Merge with EOM 1.49
sa.c: Merge with EOM 1.98
sa.h: Merge with EOM 1.54
policy.c: Merge with EOM 1.14
pf_key_v2.c: Merge with EOM 1.36
x509.c: Merge with EOM 1.32
x509.h: Merge with EOM 1.9
udp.c: Merge with EOM 1.46
author: niklas
Angelos copyrights
|
|
samples/VPN-west.conf: Merge with EOM 1.10
samples/singlehost-east.conf: Merge with EOM 1.7
samples/singlehost-west.conf: Merge with EOM 1.7
author: niklas
Remove volume-based lifetimes on phase 1 SAs
|
|
isakmpd.conf.5: Merge with EOM 1.38
message.c: Merge with EOM 1.142
pf_key_v2.c: Merge with EOM 1.35
x509.c: Merge with EOM 1.31
author: niklas
(c) 2000
|
|
libcrypto.h: Merge with EOM 1.9
author: angelos
Make x509_cert_init() able to re-initialize.
author: angelos
Add prototypes for a few more X509 SSL calls.
|
|
author: angelos
Remove empty line.
author: angelos
Change the order of initializing x509 and policy (x509 depends on policy).
|
|
author: angelos
Make x509_cert_init() able to re-initialize.
author: angelos
Reinitialize certificates as well.
|
|
author: angelos
Make x509_cert_init() able to re-initialize.
author: angelos
Fix delegating to a CA.
|
|
author: niklas
style
|
|
author: angelos
Fix part of the problem with X509 certificates (delegating to the CA
isn't working yet, but I know where the problem is -- upcoming commit
later today).
|
|
|
|
|
|
author: niklas
Also check that the exchange to be upgraded is phase 1
|
|
author: niklas
Oops in last commit
author: niklas
Only upgrade exchanges that are still without a responder cookie
|
|
author: angelos
Better logic.
author: angelos
Don't crash if Life is not present...
|
|
giving by the user in addition to what reapath() returns. Things
that call mount(2) directly may use paths different than what
realpath() returns but you still want to be able to umount them...
|
|
author: ho
Bugfix for IPSEC_ID_USER_FQDN from <<Jorgen.Granstam@abc.se>.
Apply similar to the IPSEC_ID_FQDN case plus fix the log messages.
|
|
author: ho
Bugfix. From <Jorgen.Granstam@abc.se>.
|
|
author: niklas
-Wall friendly
|
|
author: niklas
Fix cert ID hashing
|
|
Use the new ESP/AH flags for "old" ESP/AH.
|
|
|
|
author: niklas
style
author: ho
Lower the common {ADD,DEL}FLOW warnings to log_debug() on OpenBSD.
|
|
author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.
|
|
author: angelos
GMTTimeOfDay and LocalTimeOfDay attributes, comment in x509.c.
author: angelos
Include files, in anticipation of the keynote.h changes.
|
|
date: 2000/01/25 13:35:24; author: niklas; state: Exp; lines: +8 -1
Do not assume ingress flows are available
date: 2000/01/25 01:24:38; author: angelos; state: Exp; lines: +40 -1
We also allow the remote gateway to talk to the local subnet and the
local gateway through the SAs setup.
date: 2000/01/25 01:09:20; author: angelos; state: Exp; lines: +2 -2
Don't use REPLACE for ingress flows.
date: 2000/01/24 23:28:39; author: angelos; state: Exp; lines: +30 -28
Delete ACL only for incoming SAs...
date: 2000/01/23 22:56:43; author: angelos; state: Exp; lines: +2 -2
Send SA payload when deleting ingress flow.
date: 2000/01/13 22:54:54; author: angelos; state: Exp; lines: +5 -1
Return on error from ingress flow establishment/deletion.
date: 2000/01/13 22:53:21; author: angelos; state: Exp; lines: +25 -5
Interim ingress flows.
date: 2000/01/13 06:48:27; author: angelos; state: Exp; lines: +37 -12
Establish (and delete) ingress flows.
author: ho
Unbreak.
author: ho
Compile under OpenBSD again.
author: niklas
Ugly KAME support, will be improved
author: angelos
Get rid of the LOCALFLOW flag.
author: ho
log_print -> log_debug for delete_spi: DELETE message. Plus log class typos.
|
|
author: ho
Add Blowfish-main-mode and Blowfish-quick-mode,
including suites, protocols and transforms for them.
Add a policy file default, currently set to /etc/isakmpd/policy.
Also, slightly more verbose comments for the quick mode transforms.
author: ho
Kill volume lifetimes for main mode.
Add AH-SHA tranforms for quick mode, and 3DES-MD5 transform for main mode.
|
|
date: 2000/01/25 02:21:10; author: angelos; state: Exp; lines: +2 -2
Move the policy file location
author: angelos
GMTTimeOfDay and LocalTimeOfDay attributes, comment in x509.c.
author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.
author: angelos
Add pfs keynote attribute.
author: angelos
Include files, in anticipation of the keynote.h changes.
|
|
author: niklas
typo
|
|
author: angelos
Manpage support in the Makefiles, mention in README.
author: niklas
Up-to-date
author: niklas
Typo + mail change for ho
|
|
author: ho
Blowfish needs the KEY_LENGTH attribute accepted.
|
|
samples/singlehost-west.conf: Merge with EOM 1.6
samples/VPN-west.conf: Merge with EOM 1.9
samples/VPN-east.conf: Merge with EOM 1.9
author: niklas
Remove deprecated stayalive flags
author: niklas
Correct AH transform attributes
|
|
author: niklas
Be kind to libcrypto DES
|
|
date: 2000/01/25 11:19:34; author: niklas; state: Exp; lines: +3 -3
useable->usable; from openbsd
author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.
author: angelos
Default value for policy-file.
|
|
date: 2000/01/10 22:02:00; author: angelos; state: Exp; lines: +2 -2
Fix wrong memcpy()
|
|
|
|
date: 2000/01/25 06:51:20; author: angelos; state: Exp; lines: +2 -3
Unneeded variable.
date: 2000/01/25 06:50:51; author: angelos; state: Exp; lines: +1 -27
Didn't realize there was a sysdep_cleartext() for setting the BYPASS
flags for socket security levels. Remove reduntant setsockopt() code.
date: 2000/01/11 04:47:41; author: angelos; state: Exp; lines: +30 -4
Set IPSEC_LEVEL_BYPASS on all our sockets, so IKE packets don't
accidentally get encrypted.
|
|
date: 2000/01/24 22:55:46; author: angelos; state: Exp; lines: +2 -2
Fix typo.
date: 2000/01/24 16:48:42; author: ho; state: Exp; lines: +12 -2
Log when check_policy() returns failure. (bitten by keynote once too often... sigh)
author: angelos
Typo.
author: angelos
Passphrases are encoded as "passphrase:xxxx" now, to distinguish
between passphrases and logic labels.
author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.
author: angelos
Include files, in anticipation of the keynote.h changes.
|
|
author: niklas
Add FreeBSD support
author: angelos
Manpage support in the Makefiles, mention in README.
|
|
date: 2000/01/25 06:13:15; author: angelos; state: Exp; lines: +7 -4
Handle IPV4_ADDR as a Phase 1 ID
|
