Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
Closes PR 1246
|
|
be committed).
|
|
setusercontext() in most places where previously we did a setlogin().
Add default login.conf file and put root in the "daemon" login class.
|
|
|
|
|
|
|
|
have to worry about stdout == stdin (and since this is done inconsistently
it is useless anyway). Pointed out by map@infinitum.ch.
|
|
completely in sync with kame (do not nuke #ifdef please).
|
|
|
|
|
|
some nat state bugs, and ups the default state table size.
See sbin/ipf/HISTORY for details.
|
|
single_user, not runcom (/etc/rc).
|
|
Thomas Klausner in NetBSD.
|
|
|
|
author: niklas
style
|
|
author: niklas
From OpenBSD: be paranoid about the syslog format parameter
|
|
author: niklas
remove unnecessary include
|
|
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
author: provos
dont segfault on connection report when id is not set
|
|
author: provos
dont strdup exchange->recv_cert, it is not always a 0 terminated string
for CERTENC_NONE. we need to malloc and memcpy instead. found by
electric fence.
author: provos
provide transport dependent ID decoding; hope indentation is right now ;)
author: ho
ISAKMP peer transport defaults to UDP.
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
author: provos
indent
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
|
|
author: angelos
Get the right value.
author: angelos
Add "phase1_group_desc" attribute, and explain the various values.
|
|
author: angelos
Be more careful.
author: angelos
Oops, typo.
author: angelos
Avoid endless loop in INITIAL-CONTACT handling.
author: angelos
Don't delete the ISAKMP SA over which we received an INITIAL-CONTACT
payload.
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
author: provos
indent
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
|
|
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
|
|
author: angelos
Add "phase1_group_desc" attribute, and explain the various values.
|
|
author: provos
provide transport dependent ID decoding; hope indentation is right now ;)
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
author: provos
introduce ipsec_decode_ids, also decodes FQDN and USER_FQDN now.
new ipsec_clone_id to copy IDs to phase 2 SAs for better status
reports. okay angelos@
|
|
author: ho
Mention 'Default' tag in Phase 1 section, modify peer tag descriptions
to match. Phase 1 peer transport 'udp' is now a default value. The
'Stayalive' flag died long ago, remove it from the example. Also
remove reference to the likewise dead 'Next-hop' tag. Some minor cleanup.
|
|
author: ho
ISAKMP peer transport defaults to UDP.
|
|
transport.h: Merge with EOM 1.16
author: provos
provide transport dependent ID decoding; hope indentation is right now ;)
|
|
author: angelos
Be careful when there's no assertions.
|
|
author: provos
prevent isakmpd crashing when client gives an unknown ID in aggressive mode.
bug report from James Winquist <winquist@mail.cybernet.com>
|
|
author: angelos
Add sa_enter() prototype.
|
|
author: provos
prevent crashing when we receive an encrypted message as response to
our first packet as initiator. James Winquist <winquist@mail.cybernet.com>
|
|
doi.h: Merge with EOM 1.29
author: provos
make a DOI specific decode_ids, but have isakmp doi decode point to
ipsec.
|
|
|
|
|
|
|
|
|
|
|
|
kludge to begin with, and it's about time we get rid of it.
|
|
version. Basically just a generalization of my previous commit in this area.
|
|
|
|
|
|
|
|
|
|
were made, some code in an ifdefed section was missed. Update that
section of code to have the appropriate added parameter.
|
|
|