| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Only accept IPsec SAs when searching for such
sa.h: Merge with EOM 1.41
Stayalive connections as a default for now, init pf_encap_socket
pf_encap.c: Merge with EOM 1.45
Stayalive connections as a default for now, init pf_encap_socket
|
|
|
|
|
|
|
|
|
|
since that's the kernel limit (both are 20)
|
|
|
|
|
|
| revision 1.3
| date: 1998/08/21 14:33:12; author: provos; state: Exp; lines: +8 -1
| encode IP into cert. many XXX.
| ----------------------------
| revision 1.2
| date: 1998/08/20 14:09:05; author: provos; state: Exp; lines: +3 -3
| rename pkcs_{set,get}_{public,private}_key to something more understandable,
| it confused me, so i suppose it will also confuse others.
| ----------------------------
| revision 1.1
| date: 1998/08/11 20:29:16; author: provos; state: Exp;
| add a tool for generating x509 certificates
| =============================================================================
|
|
| revision 1.2
| date: 1998/08/21 15:02:12; author: provos; state: Exp; lines: +1 -1
| generate x509v3 certificates
| ----------------------------
| revision 1.1
| date: 1998/08/11 20:29:16; author: provos; state: Exp;
| add a tool for generating x509 certificates
| =============================================================================
|
|
| revision 1.5
| date: 1999/02/25 15:10:11; author: niklas; state: Exp; lines: +2 -2
| Whoops
| ----------------------------
| revision 1.4
| date: 1999/02/25 15:07:36; author: niklas; state: Exp; lines: +6 -4
| Mesing with the new sysdep paths
| ----------------------------
| revision 1.3
| date: 1998/12/21 00:41:59; author: niklas; state: Exp; lines: +2 -0
| RCS Ids
| ----------------------------
| revision 1.2
| date: 1998/08/14 08:52:19; author: niklas; state: Exp; lines: +3 -2
| Work in objdir setups correctly
| ----------------------------
| revision 1.1
| date: 1998/08/11 20:29:16; author: provos; state: Exp;
| add a tool for generating x509 certificates
| =============================================================================
|
|
| revision 1.5
| date: 1998/10/07 16:40:51; author: niklas; state: Exp; lines: +3 -2
| Clean out warnings on alpha
| ----------------------------
| revision 1.4
| date: 1998/08/20 14:09:07; author: provos; state: Exp; lines: +3 -3
| rename pkcs_{set,get}_{public,private}_key to something more understandable,
| it confused me, so i suppose it will also confuse others.
| ----------------------------
| revision 1.3
| date: 1998/08/11 21:06:20; author: niklas; state: Exp; lines: +1 -2
| Remove unused variables
| ----------------------------
| revision 1.2
| date: 1998/08/11 20:30:38; author: provos; state: Exp; lines: +4 -3
| update to reflect recent changes
| ----------------------------
| revision 1.1
| date: 1998/08/09 20:04:41; author: provos; state: Exp;
| a tool for generating rsa keypair, a spin off of this might be used later
| as key generation tool for the daemon.
| =============================================================================
|
|
| revision 1.3
| date: 1999/02/25 15:12:01; author: niklas; state: Exp; lines: +6 -3
| More messing with the new sysdep paths
| ----------------------------
| revision 1.2
| date: 1998/12/21 00:41:58; author: niklas; state: Exp; lines: +2 -0
| RCS Ids
| ----------------------------
| revision 1.1
| date: 1998/08/09 20:04:41; author: provos; state: Exp;
| a tool for generating rsa keypair, a spin off of this might be used later
| as key generation tool for the daemon.
| =============================================================================
|
|
| revision 1.5
| date: 1998/08/20 14:09:04; author: provos; state: Exp; lines: +3 -3
| rename pkcs_{set,get}_{public,private}_key to something more understandable,
| it confused me, so i suppose it will also confuse others.
| ----------------------------
| revision 1.4
| date: 1998/08/11 20:30:40; author: provos; state: Exp; lines: +4 -3
| update to reflect recent changes
| ----------------------------
| revision 1.3
| date: 1998/08/09 19:22:24; author: niklas; state: Exp; lines: +4 -3
| include string.h
| ----------------------------
| revision 1.2
| date: 1998/08/04 16:59:33; author: provos; state: Exp; lines: +11 -7
| use log_print instead of log_debug for reporting errors. ASN was missing
| length checks, dito for PKCS#1. Make encryption and decryption also allow
| public key (random padding) instead of only private key. Both modes are
| needed for authentication with ISAKMP/Oakley.
| ----------------------------
| revision 1.1
| date: 1998/08/03 19:41:20; author: provos; state: Exp;
| read some test BER encoded public and private key from the example sections
| of the pkcs.tar.Z and encrypt and decrypt a sample string with it.
| =============================================================================
|
|
| revision 1.5
| date: 1999/02/25 15:12:00; author: niklas; state: Exp; lines: +6 -3
| More messing with the new sysdep paths
| ----------------------------
| revision 1.4
| date: 1998/12/21 00:41:56; author: niklas; state: Exp; lines: +2 -0
| RCS Ids
| ----------------------------
| revision 1.3
| date: 1998/08/11 20:30:39; author: provos; state: Exp; lines: +2 -1
| update to reflect recent changes
| ----------------------------
| revision 1.2
| date: 1998/08/04 16:59:32; author: provos; state: Exp; lines: +1 -1
| use log_print instead of log_debug for reporting errors. ASN was missing
| length checks, dito for PKCS#1. Make encryption and decryption also allow
| public key (random padding) instead of only private key. Both modes are
| needed for authentication with ISAKMP/Oakley.
| ----------------------------
| revision 1.1
| date: 1998/08/03 19:41:20; author: provos; state: Exp;
| read some test BER encoded public and private key from the example sections
| of the pkcs.tar.Z and encrypt and decrypt a sample string with it.
| =============================================================================
|
|
| revision 1.1
| date: 1998/08/08 23:18:08; author: provos; state: Exp;
| regress for ASN.1 decoding, basically only parses the SSH certificate
| down until reaching the public key.
| =============================================================================
|
|
| revision 1.6
| date: 1998/10/07 16:40:48; author: niklas; state: Exp; lines: +3 -2
| Clean out warnings on alpha
| ----------------------------
| revision 1.5
| date: 1998/08/20 14:09:06; author: provos; state: Exp; lines: +2 -2
| rename pkcs_{set,get}_{public,private}_key to something more understandable,
| it confused me, so i suppose it will also confuse others.
| ----------------------------
| revision 1.4
| date: 1998/08/11 21:06:19; author: niklas; state: Exp; lines: +2 -3
| Remove unused variables
| ----------------------------
| revision 1.3
| date: 1998/08/11 20:30:42; author: provos; state: Exp; lines: +64 -15
| update to reflect recent changes
| ----------------------------
| revision 1.2
| date: 1998/08/09 21:13:24; author: provos; state: Exp; lines: +1 -3
| Add Support for ANY types, also add OBJECTID to human readable string
| functions, which allow to parse the types in e.g. AttributeValueAssertions.
| ----------------------------
| revision 1.1
| date: 1998/08/08 23:18:08; author: provos; state: Exp;
| regress for ASN.1 decoding, basically only parses the SSH certificate
| down until reaching the public key.
| =============================================================================
|
|
| revision 1.5
| date: 1999/02/25 15:10:04; author: niklas; state: Exp; lines: +1 -1
| Whoops
| ----------------------------
| revision 1.4
| date: 1999/02/25 15:07:29; author: niklas; state: Exp; lines: +5 -3
| Mesing with the new sysdep paths
| ----------------------------
| revision 1.3
| date: 1998/08/14 08:52:17; author: niklas; state: Exp; lines: +3 -2
| Work in objdir setups correctly
| ----------------------------
| revision 1.2
| date: 1998/08/11 20:30:41; author: provos; state: Exp; lines: +1 -1
| update to reflect recent changes
| ----------------------------
| revision 1.1
| date: 1998/08/08 23:18:08; author: provos; state: Exp;
| regress for ASN.1 decoding, basically only parses the SSH certificate
| down until reaching the public key.
| =============================================================================
|
|
| revision 1.2
| date: 1999/02/25 16:21:13; author: niklas; state: Exp; lines: +4 -0
| Make self-contained, define NULL if not set
| ----------------------------
| revision 1.1
| date: 1999/02/25 14:59:52; author: niklas; state: Exp;
| Move includes up
| =============================================================================
|
|
| revision 1.2
| date: 1999/02/25 16:14:24; author: niklas; state: Exp; lines: +3 -1
| Include from freeswan gmp
| ----------------------------
| revision 1.1
| date: 1999/02/25 15:53:39; author: niklas; state: Exp;
| sysdep Makefile fragments
| =============================================================================
|
|
| revision 1.1
| date: 1999/02/25 14:18:39; author: niklas; state: Exp;
| Better OS-dependency layout
| =============================================================================
|
|
| revision 1.3
| date: 1999/02/25 16:26:49; author: niklas; state: Exp; lines: +9 -53
| Remove more OpenBSDisms
| ----------------------------
| revision 1.2
| date: 1999/02/25 16:23:32; author: niklas; state: Exp; lines: +1 -3
| Remove OpenBSDisms
| ----------------------------
| revision 1.1
| date: 1999/02/25 14:18:40; author: niklas; state: Exp;
| Better OS-dependency layout
| =============================================================================
|
|
| revision 1.1
| date: 1999/02/25 14:18:42; author: niklas; state: Exp;
| Better OS-dependency layout
| =============================================================================
|
|
| revision 1.1
| date: 1999/02/25 14:18:41; author: niklas; state: Exp;
| Better OS-dependency layout
| =============================================================================
|
|
| revision 1.1
| date: 1999/02/25 15:53:39; author: niklas; state: Exp;
| sysdep Makefile fragments
| =============================================================================
|
|
| revision 1.3
| date: 1999/02/25 10:21:36; author: niklas; state: Exp; lines: +19 -19
| Replay window changes was done at the wrong level
| ----------------------------
| revision 1.2
| date: 1999/02/25 09:30:32; author: niklas; state: Exp; lines: +19 -1
| Replay protection window configurable
| ----------------------------
| revision 1.1
| date: 1999/02/14 00:49:53; author: niklas; state: Exp;
| An example of a two-node VPN setup
| =============================================================================
|
|
| revision 1.3
| date: 1999/02/25 10:21:35; author: niklas; state: Exp; lines: +19 -19
| Replay window changes was done at the wrong level
| ----------------------------
| revision 1.2
| date: 1999/02/25 09:30:31; author: niklas; state: Exp; lines: +21 -1
| Replay protection window configurable
| ----------------------------
| revision 1.1
| date: 1999/02/14 00:49:53; author: niklas; state: Exp;
| An example of a two-node VPN setup
| =============================================================================
|
|
|
|
| revision 1.9
| date: 1999/02/25 11:39:29; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.13
| date: 1999/02/25 11:39:27; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.27
| date: 1999/02/25 11:39:26; author: niklas; state: Exp; lines: +4 -1
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.11
| date: 1999/02/14 00:15:16; author: niklas; state: Exp; lines: +2 -2
| New fd_set API which may clear a bit. Use it for doing proper message
| send queue runs, as reported by Ilya Tsindlekht. Better style.
| ----------------------------
|
|
| revision 1.30
| date: 1999/02/25 11:39:25; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
| revision 1.29
| date: 1999/02/24 15:45:38; author: niklas; state: Exp; lines: +17 -5
| Use correct socket options for sharing of ports
| ----------------------------
| revision 1.28
| date: 1999/02/24 12:17:02; author: niklas; state: Exp; lines: +2 -3
| Set extra transport flags after initialization
| ----------------------------
| revision 1.27
| date: 1999/02/14 00:16:07; author: niklas; state: Exp; lines: +51 -8
| New fd_set API. Listen on chosen interfaces only.
| ----------------------------
| revision 1.26
| date: 1999/01/31 01:23:22; author: niklas; state: Exp; lines: +3 -1
| commentary
| ----------------------------
|
|
| revision 1.25
| date: 1999/02/25 11:39:24; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
| revision 1.24
| date: 1999/02/25 11:09:40; author: niklas; state: Exp; lines: +6 -2
| Make conf_get_num take a default value to give back when tag does not exist
| ----------------------------
| revision 1.23
| date: 1999/02/24 12:14:10; author: niklas; state: Exp; lines: +2 -1
| initialize flags, noted by Ilya Tsindlekht
| ----------------------------
| revision 1.22
| date: 1999/02/14 00:15:15; author: niklas; state: Exp; lines: +11 -8
| New fd_set API which may clear a bit. Use it for doing proper message
| send queue runs, as reported by Ilya Tsindlekht. Better style.
| ----------------------------
| revision 1.21
| date: 1999/02/06 15:03:41; author: niklas; state: Exp; lines: +2 -1
| Do not forget to remove message from sendq when freed
| ----------------------------
|
|
| revision 1.8
| date: 1999/02/25 11:39:23; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.13
| date: 1999/02/25 11:21:55; author: niklas; state: Exp; lines: +3 -1
| sysdep-os.h addition
| ----------------------------
| revision 1.12
| date: 1999/01/31 01:24:53; author: niklas; state: Exp; lines: +3 -2
| on-demand keying
| ----------------------------
|
|
| revision 1.40
| date: 1999/02/14 00:11:40; author: niklas; state: Exp; lines: +7 -4
| Generalize how to find SAs with given attributes. Do SA expiration both hard
| and soft, and do not rekey automatically anymore. We will revisit this by
| adding some kind of policy what to do at these times. Improve commentary
| ----------------------------
|
|
| revision 1.66
| date: 1999/02/25 11:39:20; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
| revision 1.65
| date: 1999/02/25 10:21:33; author: niklas; state: Exp; lines: +2 -2
| Replay window changes was done at the wrong level
| ----------------------------
| revision 1.64
| date: 1999/02/25 09:30:30; author: niklas; state: Exp; lines: +6 -1
| Replay protection window configurable
| ----------------------------
| revision 1.63
| date: 1999/02/14 00:11:38; author: niklas; state: Exp; lines: +52 -27
| Generalize how to find SAs with given attributes. Do SA expiration both hard
| and soft, and do not rekey automatically anymore. We will revisit this by
| adding some kind of policy what to do at these times. Improve commentary
| ----------------------------
| revision 1.62
| date: 1999/02/06 15:07:23; author: niklas; state: Exp; lines: +3 -1
| remove referense to rekey event when it has happened
| ----------------------------
|
|
| revision 1.4
| date: 1999/02/25 11:39:19; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.12
| date: 1999/02/25 11:39:18; author: niklas; state: Exp; lines: +3 -2
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.9
| date: 1999/01/31 01:20:39; author: niklas; state: Exp; lines: +7 -2
| on-demand keying
| ----------------------------
|
|
| revision 1.44
| date: 1999/02/25 14:03:54; author: niklas; state: Exp; lines: +13 -13
| do not use the app_socket name. correct some LOG_* syms
| ----------------------------
| revision 1.43
| date: 1999/02/25 11:39:17; author: niklas; state: Exp; lines: +3 -2
| include sysdep.h everywhere
| ----------------------------
| revision 1.42
| date: 1999/02/25 09:30:28; author: niklas; state: Exp; lines: +3 -3
| Replay protection window configurable
| ----------------------------
| revision 1.41
| date: 1999/02/14 00:17:15; author: niklas; state: Exp; lines: +68 -28
| Better PF_ENCAP expiration and SA request handling
| ----------------------------
| revision 1.40
| date: 1999/02/06 15:08:33; author: niklas; state: Exp; lines: +6 -1
| Drop SA request notifies if an exchange or SA already exist
| ----------------------------
| revision 1.39
| date: 1999/01/31 01:20:37; author: niklas; state: Exp; lines: +217 -51
| on-demand keying
| ----------------------------
|
|
| revision 1.39
| date: 1999/02/06 15:03:40; author: niklas; state: Exp; lines: +4 -1
| Do not forget to remove message from sendq when freed
| ----------------------------
|
|
| revision 1.106
| date: 1999/02/25 11:39:15; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
| revision 1.105
| date: 1999/02/14 00:18:11; author: niklas; state: Exp; lines: +10 -9
| Keep track of what SPI we are generating/using
| ----------------------------
| revision 1.104
| date: 1999/02/06 15:03:39; author: niklas; state: Exp; lines: +7 -1
| Do not forget to remove message from sendq when freed
| ----------------------------
|
|
| revision 1.10
| date: 1999/02/25 11:39:14; author: niklas; state: Exp; lines: +4 -4
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.5
| date: 1999/02/25 11:39:13; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.11
| date: 1999/02/25 11:39:12; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.15
| date: 1999/02/25 11:39:10; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
|
|
| revision 1.26
| date: 1999/02/24 15:48:51; author: niklas; state: Exp; lines: +2 -1
| Show a commented out Listen-on line
| ----------------------------
| revision 1.25
| date: 1999/01/31 01:52:19; author: niklas; state: Exp; lines: +7 -1
| on-demand keying
| ----------------------------
|
