Click on a directory to enter that directory. Click on a file to display its revision history and to get a chance to display diffs between revisions.
Current directory: [local] / src / sbin / isakmpd
| File | Rev. | Age | Author | Last log entry |
|---|---|---|---|---|
![[BACK]](/icons/back.gif){kind=icon} Parent Directory |
||||
![[DIR]](/icons/dir.gif){kind=icon} apps/ |
||||
| features/ |
||||
| regress/ |
||||
| samples/ |
||||
| sysdep/ |
||||
![[TXT]](/icons/text.gif){kind=icon} BUGS |
1.16 | 3 years | mpi | Remove listing of fixed bugs. ok markus@ |
| DESIGN-NOTES |
1.25 | 14 years | hshoexer | Big spelling cleanup, no binary change. From david@ |
| Makefile |
1.89 | 5 weeks | bluhm | Link isakmpd dynamically. Mount /usr on NFS via IPsec does not work anyway. Dy... |
| QUESTIONS |
1.5 | 17 years | jmc | updated URL from Jared Yanovich; |
| README |
1.20 | 4 years | tb | move links from http to https://www.openbsd.org/ ok beck |
| TO-DO |
1.26 | 17 years | markus | support AES in phase 1, too. switch to OpenSSL EVP interface; with Hans-Joerg.Ho... |
| app.c |
1.14 | 4 years | guenther | Stop assuming that in_{addr,port}_t are typedefed in <sys/types.h> and instead p... |
| app.h |
1.7 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| attribute.c |
1.13 | 4 years | guenther | Stop assuming that in_{addr,port}_t are typedefed in <sys/types.h> and instead p... |
| attribute.h |
1.6 | 16 years | hshoexer | Some more KNF, no binary change. ok ho@ |
| cert.c |
1.33 | 8 years | deraadt | remove excessive includes |
| cert.h |
1.16 | 6 years | deraadt | Replace <sys/param.h> with <limits.h> and other less dirty headers where possibl... |
| conf.c |
1.107 | 3 years | mpi | Support DH groups 19 to 21 and 25 to 30, just like iked(8) does. ok visa@, mark... |
| conf.h |
1.34 | 14 years | hshoexer | Make SA deletion on shutdown the default again. Use -S for failover situations ... |
| connection.c |
1.41 | 3 years | mpi | Spacing, no object change. |
| connection.h |
1.5 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| constants.c |
1.10 | 15 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
| constants.h |
1.6 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| cookie.c |
1.17 | 4 years | guenther | Stop assuming that in_{addr,port}_t are typedefed in <sys/types.h> and instead p... |
| cookie.h |
1.7 | 16 years | hshoexer | Some more KNF, no binary change. ok ho@ |
| crypto.c |
1.35 | 3 years | mpi | Spacing, no object change. |
| crypto.h |
1.20 | 10 years | mikeb | convert to fuse cast from the libcrypto. with a simplification nit from blamber... |
| dh.c |
1.21 | 3 years | patrick | In the final RFC 5903 the computation for the DH shared secret changed. Instead ... |
| dh.h |
1.10 | 3 years | patrick | In the final RFC 5903 the computation for the DH shared secret changed. Instead ... |
| dnssec.c |
1.27 | 3 years | mpi | Spacing, no object change. |
| dnssec.h |
1.7 | 16 years | hshoexer | Some more KNF, no binary change. ok ho@ |
| doi.c |
1.11 | 8 years | deraadt | remove excessive includes |
| doi.h |
1.15 | 15 years | deraadt | USE_DEBUG is bye bye |
| dpd.c |
1.20 | 3 years | jca | Use clock_gettime(CLOCK_MONOTONIC) to schedule timers From Scott Cheloha, ok tb... |
| dpd.h |
1.3 | 15 years | markus | don't send DPD messages before the exchange is finialized, otherwise we have a r... |
| exchange.c |
1.142 | 3 years | mpi | Spacing, no object change. |
| exchange.h |
1.37 | 3 years | mpi | Spacing, no object change. |
| exchange_num.cst |
1.5 | 14 years | hshoexer | Big spelling cleanup, no binary change. From david@ |
| field.c |
1.22 | 3 years | tom | Check return value of asprintf(), and don't use 0 as a char * Started by, and o... |
| field.h |
1.6 | 16 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
| genconstants.sh |
1.13 | 7 years | deraadt | improve randomization. remove some junk debugging features that are fundamental... |
| genfields.sh |
1.10 | 7 years | deraadt | improve randomization. remove some junk debugging features that are fundamental... |
| hash.c |
1.24 | 5 years | mmcc | A classic case for bzero() -> explicit_bzero() ok deraadt@ |
| hash.h |
1.8 | 14 years | hshoexer | support sha2 for main mode hmacs and aesctr for quick mode encryption. ok markus... |
| if.c |
1.26 | 20 months | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
| if.h |
1.7 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| ike_aggressive.c |
1.13 | 3 years | mpi | Spacing, no object change. |
| ike_aggressive.h |
1.5 | 16 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
| ike_auth.c |
1.118 | 8 months | tobhe | Fix shared DH secret length in log message. ok patrick@ |
| ike_auth.h |
1.5 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| ike_main_mode.c |
1.19 | 3 years | mpi | Spacing, no object change. |
| ike_main_mode.h |
1.6 | 16 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
| ike_phase_1.c |
1.78 | 2 years | jsg | add missing braces implied by indentation ok millert@ mpi@ |
| ike_phase_1.h |
1.4 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| ike_quick_mode.c |
1.114 | 3 years | mpi | Spacing, no object change. |
| ike_quick_mode.h |
1.6 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| init.c |
1.43 | 3 years | mpi | Spacing, no object change. |
| init.h |
1.6 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| ipsec.c |
1.150 | 3 years | mpi | Spacing, no object change. |
| ipsec.h |
1.27 | 3 years | patrick | In the final RFC 5903 the computation for the DH shared secret changed. Instead ... |
| ipsec_doi.h |
1.8 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| ipsec_fld.fld |
1.5 | 17 years | ho | Remove clauses 3 and 4. With approval from Niklas Hallqvist and Niels Provos. |
| ipsec_num.cst |
1.20 | 3 years | mpi | Support DH groups 19 to 21 and 25 to 30, just like iked(8) does. ok visa@, mark... |
| isakmp.h |
1.7 | 16 years | ho | NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok. |
| isakmp_cfg.c |
1.41 | 3 years | mpi | Spacing, no object change. |
| isakmp_cfg.h |
1.5 | 16 years | hshoexer | More KNF. Mainly spaces and line-wraps, no binary change. ok ho@ |
| isakmp_doi.c |
1.26 | 10 years | todd | as determined 4 years ago, FortiGate needs DOI of 0 responses to DPD so, copy a ... |
| isakmp_doi.h |
1.5 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| isakmp_fld.fld |
1.8 | 16 years | ho | NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok. |
| isakmp_num.cst |
1.13 | 15 years | hshoexer | typo in comment |
| isakmpd.8 |
1.123 | 18 months | jmc | mop up for the pcap.3 rename; help/ok deraadt |
| isakmpd.c |
1.107 | 3 years | mpi | Spacing, no object change. |
| isakmpd.conf.5 |
1.135 | 2 years | stsp | Document how to avoid isakmpd(8) source IP address pitfalls by using the Listen-... |
| isakmpd.policy.5 |
1.48 | 5 years | jmc | typo fix; from julian hsiao |
| key.c |
1.26 | 4 years | guenther | Stop assuming that in_{addr,port}_t are typedefed in <sys/types.h> and instead p... |
| key.h |
1.8 | 15 years | cloder | Be cleaner about signed vs. unsigned when it's easy to do so. OK hshoexer |
| libcrypto.c |
1.19 | 15 years | cloder | Make deterministic randomness (only ever used for testing) a compile-time option... |
| libcrypto.h |
1.18 | 6 years | jsg | add additional includes required to build with -DOPENSSL_NO_DEPRECATED |
| log.c |
1.64 | 3 years | mpi | Spacing, no object change. |
| log.h |
1.25 | 12 years | hshoexer | mark log_fatal() and monitor_exit() as __dead, as they do not return. |
| message.c |
1.129 | 4 years | yasuoka | Fix memory leak. Call proto_free() always to free proto. Diff from Yuuichi Some... |
| message.h |
1.29 | 3 years | mpi | Spacing, no object change. |
| monitor.c |
1.81 | 13 months | yasuoka | Fix isakmpd monitor process to use the exit status of main process when exiting.... |
| monitor.h |
1.19 | 12 years | hshoexer | mark log_fatal() and monitor_exit() as __dead, as they do not return. |
| monitor_fdpass.c |
1.17 | 5 years | jca | Print ssize_t with %zd; ok deraadt@ mmcc@ |
| nat_traversal.c |
1.25 | 3 years | jca | Use clock_gettime(CLOCK_MONOTONIC) to schedule timers From Scott Cheloha, ok tb... |
| nat_traversal.h |
1.4 | 15 years | hshoexer | Use payload NAT-D or NAT-D-DRAFT according to NAT-T vendor ID advertised by the ... |
| pf_key_v2.c |
1.201 | 15 months | tobhe | Change the default security level for incoming IPsec flows from isakmpd and iked... |
| pf_key_v2.h |
1.13 | 14 years | markus | export pf_key_v2_disable_sa() (unbreaks build) |
| policy.c |
1.101 | 20 months | deraadt | snprintf/vsnprintf return < 0 on error, rather than -1. |
| policy.h |
1.17 | 13 years | tom | Allow key exchange with RSA signature authentication to work with Cisco IOS and ... |
| prf.c |
1.16 | 8 years | deraadt | remove excessive includes |
| prf.h |
1.10 | 16 years | deraadt | partial move to KNF. More to come. This has happened because there are a raft ... |
| sa.c |
1.124 | 3 years | jca | Use clock_gettime(CLOCK_MONOTONIC) to schedule timers From Scott Cheloha, ok tb... |
| sa.h |
1.54 | 3 years | mpi | Spacing, no object change. |
| timer.c |
1.18 | 3 years | jca | Use clock_gettime(CLOCK_MONOTONIC) to schedule timers From Scott Cheloha, ok tb... |
| timer.h |
1.9 | 3 years | jca | Use clock_gettime(CLOCK_MONOTONIC) to schedule timers From Scott Cheloha, ok tb... |
| transport.c |
1.39 | 7 weeks | mortimer | Extern transport_list. Fixed compilation with -fno-common. ok deraadt@ |
| transport.h |
1.23 | 7 weeks | mortimer | Extern transport_list. Fixed compilation with -fno-common. ok deraadt@ |
| udp.c |
1.95 | 12 years | bluhm | If isakmpd is started with -4 or -6, virtual_get_default() may return NULL. Thi... |
| udp.h |
1.11 | 16 years | hshoexer | Zap -P option. It has never done anything. While there tweak descripton of -N.... |
| udp_encap.c |
1.23 | 5 years | deraadt | <stdlib.h> is included, so do not need to cast result from malloc, calloc, reall... |
| udp_encap.h |
1.2 | 16 years | hshoexer | remove unused variable. |
| ui.c |
1.57 | 3 years | jca | Use clock_gettime(CLOCK_MONOTONIC) to schedule timers From Scott Cheloha, ok tb... |
| ui.h |
1.8 | 14 years | mpf | Add a new UI command to force isakmpd into passive only mode. Will be used by sa... |
| util.c |
1.72 | 20 months | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
| util.h |
1.33 | 3 years | jca | Use clock_gettime(CLOCK_MONOTONIC) to schedule timers From Scott Cheloha, ok tb... |
| vendor.c |
1.6 | 3 years | patrick | In the final RFC 5903 the computation for the DH shared secret changed. Instead ... |
| vendor.h |
1.2 | 14 years | pedro | typo in initial RCS tag ($OpenBSD: -> $OpenBSD$) |
| virtual.c |
1.33 | 20 months | deraadt | When system calls indicate an error they return -1, not some arbitrary value < 0... |
| virtual.h |
1.1 | 16 years | ho | NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok. |
| x509.c |
1.118 | 6 years | deraadt | Replace <sys/param.h> with <limits.h> and other less dirty headers where possibl... |
| x509.h |
1.22 | 13 years | tom | Allow key exchange with RSA signature authentication to work with Cisco IOS and ... |
| GNUmakefile (in the Attic) [Hide] |
1.14 | 15 years | deraadt | nothing uses this |
| README.PKI (in the Attic) [Hide] |
1.8 | 15 years | hshoexer | This file is outdated, everything needed for setting up PKI is in the man pages ... |
| asn.c (in the Attic) [Hide] |
1.9 | 21 years | niklas | regress/x509/certificate.txt: Merge with EOM 1.4 asn_useful.h: Merge with EOM 1.... |
| asn.h (in the Attic) [Hide] |
1.5 | 21 years | niklas | regress/x509/certificate.txt: Merge with EOM 1.4 asn_useful.h: Merge with EOM 1.... |
| asn_useful.c (in the Attic) [Hide] |
1.8 | 21 years | niklas | regress/x509/certificate.txt: Merge with EOM 1.4 asn_useful.h: Merge with EOM 1.... |
| asn_useful.h (in the Attic) [Hide] |
1.4 | 21 years | niklas | regress/x509/certificate.txt: Merge with EOM 1.4 asn_useful.h: Merge with EOM 1.... |
| dyn.c (in the Attic) [Hide] |
1.2 | 18 years | ho | The dlopen() stuff goes away. |
| dyn.h (in the Attic) [Hide] |
1.2 | 18 years | ho | The dlopen() stuff goes away. |
| gmp_util.c (in the Attic) [Hide] |
1.13 | 15 years | hshoexer | kill gmp |
| gmp_util.h (in the Attic) [Hide] |
1.9 | 15 years | hshoexer | kill gmp |
| isakmpd.conf.sample (in the Attic) [Hide] |
1.8 | 21 years | niklas | Merge with EOM 1.27 author: niklas Not a good sample anymore |
| isakmpd_cert.sample (in the Attic) [Hide] |
1.2 | 21 years | niklas | Remove bad examples of stuff we do not yet support in this version anyhow |
| isakmpd_key.pub.sample (in the Attic) [Hide] |
1.2 | 21 years | niklas | Remove bad examples of stuff we do not yet support in this version anyhow |
| isakmpd_key.sample (in the Attic) [Hide] |
1.2 | 21 years | niklas | Remove bad examples of stuff we do not yet support in this version anyhow |
| math_2n.c (in the Attic) [Hide] |
1.27 | 10 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
| math_2n.h (in the Attic) [Hide] |
1.10 | 10 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
| math_ec2n.c (in the Attic) [Hide] |
1.14 | 10 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
| math_ec2n.h (in the Attic) [Hide] |
1.8 | 10 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
| math_group.c (in the Attic) [Hide] |
1.33 | 10 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
| math_group.h (in the Attic) [Hide] |
1.13 | 10 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
| math_mp.h (in the Attic) [Hide] |
1.8 | 10 years | reyk | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with the small... |
| pf_encap.c (in the Attic) [Hide] |
1.25 | 19 years | ho | Remove support for PF_ENCAP (deprecated since OpenBSD2.5). |
| pf_encap.h (in the Attic) [Hide] |
1.10 | 19 years | ho | Remove support for PF_ENCAP (deprecated since OpenBSD2.5). |
| pkcs.c (in the Attic) [Hide] |
1.11 | 21 years | niklas | regress/x509/certificate.txt: Merge with EOM 1.4 asn_useful.h: Merge with EOM 1.... |
| pkcs.h (in the Attic) [Hide] |
1.6 | 21 years | niklas | regress/x509/certificate.txt: Merge with EOM 1.4 asn_useful.h: Merge with EOM 1.... |
| sysdep-openbsd.c (in the Attic) [Hide] |
1.4 | 22 years | niklas | Merge from the Ericsson repository |
| sysdep.c (in the Attic) [Hide] |
1.3 | 22 years | niklas | Merge from the Ericsson repository |
| sysdep.h (in the Attic) [Hide] |
1.26 | 7 years | deraadt | improve randomization. remove some junk debugging features that are fundamental... |