remove excessive includes

Allow key exchange with RSA signature authentication to work with
Cisco IOS and other initiators that only send their certs in response
to CERT_REQUEST.

With input and help from cloder@, Stuart Henderson, mpf@, and several
others who did lots of testing - thanks to all.

ok hshoexer@

Make deterministic randomness (only ever used for testing) a compile-time
option. Reduces chances of somehow setting regrand when it's not supposed
to be set. Remove "-r" option from man page. Also xref certpatch(8) while
we are in there. And remove some include sysdep.h where it is no longer
needed.
OK hshoexer

keynote and policy always compiled in

Always compile X509 support. Almost everyone uses it. Makes the code
much easier to read and to maintain.
OK and testing by hshoexer@, more testing by me

KNF, style, 80c, etc. hshoexer@ ok

Some more KNF, no binary change.

ok ho@

partial move to KNF. More to come. This has happened because there
are a raft of source code auditors who are willing to help improve this
code only if this is done, and hey, isakmpd does need our standard
auditing process. ok ho hshoexer

-Wsign-compare nits. hshoexer@ ok.

Remove clauses 3 and 4. With approval from Niklas Hallqvist and
Niels Provos.

A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>.
Some style mods, and checks added for OpenSSL version 0.9.7 or later.
Currently CRLs are not supported for earlier versions.
Manual pages updated.

rm trailing whitespace

Style, and a few additional format/type mods.

size_t must be cast to (unsigned long) and printed using %lu

We get ssl.h with x509.h/libcrypto.h

Style issues and commentary

Expand the X509 and KeyNote cert handlers.

cert.c: Merge with EOM 1.18
cert.h: Merge with EOM 1.8
libcrypto.c: Merge with EOM 1.14
policy.h: Merge with EOM 1.12
x509.h: Merge with EOM 1.11

author: niklas
Multiple subject name matching, makes certificate interop with PGPnet at least
partly working. Added some error checking.

Merge with EOM 1.17

author: angelos
Some more support for KeyNote credential exchange (not yet done).

Merge with EOM 1.16

author: ho
Missing #ifdef USE_X509 added

cert.c: Merge with EOM 1.15
libcrypto.h: Merge with EOM 1.12

author: ho
KAME and ssl includes

cert.c: Merge with EOM 1.14
ike_auth.c: Merge with EOM 1.43
ike_phase_1.c: Merge with EOM 1.21
init.c: Merge with EOM 1.24
ipsec.c: Merge with EOM 1.117
isakmpd.c: Merge with EOM 1.44
math_group.c: Merge with EOM 1.22

author: niklas
Copyright 2000

author: niklas
Allow isakmpd builders to remove optional parts and save bytes.

regress/rsakeygen/rsakeygen.c: Merge with EOM 1.9
regress/x509/x509test.c: Merge with EOM 1.7
DESIGN-NOTES: Merge with EOM 1.48
README.PKI: Merge with EOM 1.6
TO-DO: Merge with EOM 1.44
cert.c: Merge with EOM 1.12

author: niklas
Add support for dynamic loading of optional facilities, libcrypto first.

regress/rsakeygen/Makefile: Merge with EOM 1.4
regress/rsakeygen/rsakeygen.c: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.6
regress/x509/x509test.c: Merge with EOM 1.6
regress/Makefile: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.6
samples/VPN-west.conf: Merge with EOM 1.6
samples/singlehost-east.conf: Merge with EOM 1.3
samples/singlehost-west.conf: Merge with EOM 1.3
sysdep/openbsd/Makefile.sysdep: Merge with EOM 1.5
x509.h: Merge with EOM 1.6
x509.c: Merge with EOM 1.17
DESIGN-NOTES: Merge with EOM 1.46
Makefile: Merge with EOM 1.55
cert.c: Merge with EOM 1.11
cert.h: Merge with EOM 1.6
exchange.c: Merge with EOM 1.109
exchange.h: Merge with EOM 1.26
ike_auth.c: Merge with EOM 1.32
ike_phase_1.c: Merge with EOM 1.7
init.c: Merge with EOM 1.16
isakmpd.conf.5: Merge with EOM 1.27
README.PKI: Merge with EOM 1.1

author: niklas
From Niels Provos, edited by me: certificate support using SSLeay

./cert.c: Merge with EOM 1.10
./x509.c: Merge with EOM 1.13

Style

Style. alloc error reporting. Math error propagation. Allocate right
sizes.

1999 copyrights

Merge from the Ericsson repository
| revision 1.7
| date: 1999/02/25 11:38:45; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------

Add RCS Ids from the EOM repository

Reinstate X509 signature code except for RSA code

Remove X509 hooks

revive

Not clean enough yet

openBSD RCS IDs

branches: 1.1.1;
Initial revision