Support DH groups 19 to 21 and 25 to 30, just like iked(8) does.

ok visa@, markus@

More "(<blah> *)0" -> NULL, avoiding any stdarg functions.

Feedback millert@ kettenis@

Remove plain DES encryption from IPsec.

DES is insecure since brute force attacks are practical due to its
short key length.

This removes support for DES-CBC encryption in ESP and in IKE main
and quick mode from the kernel, isakmpd(8), ipsecctl(8), and iked(8).

ok mikeb@

<stdlib.h> is included, so do not need to cast result from
malloc, calloc, realloc*
ok krw millert

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

remove excessive includes

Support additional MODP DH groups in the Phase 1 and Phase 2.
lteo@ noticed that ipsecctl allowed them within the ike rules
while isakmpd failed to load the generated configuration.
The fix was verified by hshoexer, ok naddy

enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP
ok mikeb@

Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC
(as AESGMAC) ciphers in the ISAKMP Phase 2 (aka Quick Mode).

Thoroughly tested by me and naddy. Works fine with Linux.

Requires updated pfkeyv2.h include file.

ok naddy

fixup keylength for aes-128-cbc in quickmode
from mikeb

Define default configurations for AES-192 and AES-256. From Mitja Muzenic
<mitja at muzenic dot net>, diff provided already quite some time ago,
many many thanks. This should have gone in months ago but I was slacking,
sorry for that.

Let conf_trans_node() set all parts of the node, so that we don't
have to expose the node to the outside.

Without this, conf_trans_node() created a node, linked it into the
conf_trans queue and returned it to the caller. If something failed
in one of the callers, the half-initialized node would still be
linked in the queue and could get accessed later on.

ok hshoexer@

Free allocated node in conf_set_now() before failing,
so we do not leak memory.

ok hshoexer@

There's no point in checking ptr for NULL before doing free(ptr)
since free(NULL) is just fine.

ok hshoexer@

isakmpd bits for ESP+NULL encryption. This is useful, when AH can
not be used (when being behind NAT). With Martin Hedenfalk
<martin.hedenfalk at gmail.com>, thanks!

Properly define quick mode suites for AH. With naddy.
ok ho

Make deletion of SAs on shutdown optional. The default behaviour
now is to not delete SAs. Needed for reliable ipsec failover.
Suggested by mtu@. Moreover, this ensures that packets do not leak
when isakmpd is shutdown.

ok mcbride@, testing mtu@

Allow isakmpd to use a different private rsa key per isakmp ID. Hans wrote this a long time ago, I synced it to -current and tested.

ok hshoexer@

This shouldn't have been commited yet.

support sha2 for main mode hmacs and aesctr for quick mode encryption.
ok markus@ ho@

add group15/modp3072 to default configurations.

remove some unused functions and an unused variable found by lint.

ok markus@

use snprintf; ok cloder. also looked at by a few other people

Make sure to always load at least the default configuration values. Fixes a
problem noticed by Yaron Wahl, who also pointed out that problem. Thanks!

ok mpf@

Handle strdup returning NULL. OK hshoexer

Make deterministic randomness (only ever used for testing) a compile-time
option. Reduces chances of somehow setting regrand when it's not supposed
to be set. Remove "-r" option from man page. Also xref certpatch(8) while
we are in there. And remove some include sysdep.h where it is no longer
needed.
OK hshoexer

keynote and policy always compiled in

un-ifdef USE_BLOWFISH

knf, ok cloder

Always compile X509 support. Almost everyone uses it. Makes the code
much easier to read and to maintain.
OK and testing by hshoexer@, more testing by me

spacing; ok cloder

reset config line numbers, when daemon gets reinitialized.
prevents wrong line numbers in error cases.
help from jaredy@ and ok hshoexer@.

Avoid memory leak if strdup should fail.
OK hshoexer@

Allow the Address, Network, or Netmask values of the <IPsec-ID> to be
specified with an interface name (in which case the first address is used)
or the keyword 'default' (in which case the address is selected based on the
default route). eg:

[roadwarrior-ip]
ID-type= IPV4_ADDR
Address= default

ok ho@ hshoexer@

spacing

Less noise while debugging.

Keynote policy checking can now be disabled by "-K" switch and config tag
"Use-Keynote". Default is to use keynote.

ok henning@ ho@

avoid stat before open

ok ho@

KNF, style, 80c, etc. hshoexer@ ok

Style nits. hshoexer@ ok

Some more KNF, no binary change.

ok ho@

Make sure KEY_LENGTH attribute is present when checking AES proposals,
required when acting as responder to SafeNet peers.
Also make conf_load_defaults() readable again (KNF).
hshoexer@ ok.

more knf; ok hshoexer

knf

partial move to KNF. More to come. This has happened because there
are a raft of source code auditors who are willing to help improve this
code only if this is done, and hey, isakmpd does need our standard
auditing process. ok ho hshoexer

Add missing bits to make already present privsep code work. Enable privsep.

ok ho@ deraadt@ markus@

Add group 14 (modp2048) to predefined suites. Manpage also updated.
ok ho@

small typos fixed.

ok markus@

A couple of nits. deraadt@ ok.

support AES in phase 1, too. switch to OpenSSL EVP interface;
with Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@

add sha2 support; ok ho@

boring cleanups

Remove clauses 3 and 4. With approval from Niklas Hallqvist and
Niels Provos.

Cleanup. Use 'sizeof variable' instead of magic constants.

More isakmpd privsep work. X509 private keys are now kept in the privileged
process only. Various cleanup and bugfixes.
markus@ ok

Start of privilege separation for isakmpd.
There are some kinks left, so keep it default disabled for now.
markus@ says ok to commit.

Default public key directory definition sanity.

cast size_t to unsigned long and use %lu;ok ho

don't set the Transform for Default-phase-1-configuration twice, ok ho@

Section and tag comparisions should be case-insensitive. PR#3010, Mike Neuman.

Missing "Configuration" tag in a Phase-1 peer was not handled correctly,
pointed out by Aref Taidi. Replace this with a "Default-Phase-1-Configuration"
that will be used if this tag is missing from the peer. Update manpage
accordingly. niklas@ ok.

Better whitespace/newline handling, this should make broken lines and
multiple values parse correctly again, as well as fix PR#2974.
Also fix some int/u_int mismatches, and remove conf_get_line() (obsolete).

signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.

A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>.
Some style mods, and checks added for OpenSSL version 0.9.7 or later.
Currently CRLs are not supported for earlier versions.
Manual pages updated.

CRL support for isakmpd. From <Thomas.Walpuski@gmx.net> with some minor
modifications by me. ok niklas@.

rm trailing whitespace

size_t must be cast to (unsigned long) and printed using %lu

off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>

wierd -> weird

Handle configuration lines that end in whitespace or ^M.
Also avoid a potential memory leak.

Change DH group handling in the pre-generated parts of the
configuration. Add a -GRP{1,2,5} component to transform and suite
names to directly specify which group to use. If no group is
specified, use DH group 2 (MODP_1024). Earlier transforms and suites
using the MD5 hash defaulted to DH group 1, this is no longer true.
niklas@ ok.

the last few sprintf -> snprintf

str[n]{cpy,cat} -> strl{cpy,cat}, sprintf -> snprintf

Missed this file; some more debug level fixes.

Add prototypes and some other various cleanup.

Style

Provide an API to get sockaddrs out of the config db

(c)-2001

Somewhere along the line we stopped using the configuration file defaults
properly. Make them work again. (niklas@ ok)

Make sure the default lifetimes in the General section are taken into
consideration.

(c) 2001

Pedantic style police

Merge with EOM 1.48

author: angelos
Add Default-phase-1-ID tag in [General], and document its use.

author: angelos
Default Phase 1 entry.

branches: 1.24.2;
conf.c: Merge with EOM 1.46
util.c: Merge EOM diff 1.20 - 1.21, i.e. 1.19 is still left to be merged

author: ho
Use stat(), not lstat().

Merge with EOM 1.45

author: niklas
fgetc returns int not char; Boris Prochazka <boris@stargate.ipunplugged.com>

Merge with EOM 1.44

author: angelos
Just to be on the safe side, use a struct stat.

author: angelos
Only do the secrecy check and parse the configuration file if it
actually exists.

author: angelos
Actually create all the pre-configured Transforms and Suites, even if
the user doesn't actually define them in the configuration file; ugly
kludge, but it allows use of isakmpd without a configuration file.

author: angelos
Add RIPEMD negotiation/configuration.

regress/b2n/Makefile: Merge with EOM 1.12
regress/ec2n/Makefile: Merge with EOM 1.9
conf.c: Merge with EOM 1.40
util.c: Merge with EOM 1.17

author: ho
Add file permission check to private key file. Split out check function to util.c.

Merge with EOM 1.39

author: ho
Revert. Be strict about file mode.

Merge with EOM 1.38

author: ho
Warn but continue on isakmpd.conf permissions.

samples/VPN-3way-template.conf: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.12
samples/VPN-west.conf: Merge with EOM 1.13
samples/policy: Merge with EOM 1.6
samples/singlehost-west.conf: Merge with EOM 1.9
samples/singlehost-east.conf: Merge with EOM 1.9
conf.c: Merge with EOM 1.37
ipsec.c: Merge with EOM 1.133
ipsec_num.cst: Merge with EOM 1.4
isakmpd.conf.5: Merge with EOM 1.48
isakmpd.policy.5: Merge with EOM 1.21
policy.c: Merge with EOM 1.46

author: angelos
AES support.

Merge with EOM 1.36

author: niklas
Remove some spaces

author: niklas
do not crash on empty config files

author: ho
(c)-2000

author: provos
style as pointed out by the code style pedant.

author: provos
proper reference counting for isakmp_sa in struct message, remove bogus
calls to sa_reference; fix some more memory leaks in conf.c

Merge with EOM 1.31

author: angelos
Initialize [Keynote]:Credential-directory.

author: ho
Autogenerated p1/p2 default lifetimes can be defined in config.

author: niklas
style

Merge with EOM 1.28

author: niklas
style fascism

author: ho
style fix

author: ho
Typo in comment.

author: ho
Typo; Cers-directory -> Cert-directory

author: ho
Do not load configuration if isakmpd.conf is not owned by the user running
isakmpd. Also, do not load config if file modes are too open.
Do not warn about ignored duplicate tags when they are autogenerated.

author: niklas
From ho: provide defaults for requested transforms, shortens config files
vastly.

Merge with EOM 1.26

author: ho
Typo in comment.

author: ho
Typo; Cers-directory -> Cert-directory

author: ho
Do not load configuration if isakmpd.conf is not owned by the user running
isakmpd. Also, do not load config if file modes are too open.
Do not warn about ignored duplicate tags when they are autogenerated.

author: niklas
From ho: provide defaults for requested transforms, shortens config files
vastly.

conf.c: Merge with EOM 1.22
gmp_util.c: Merge with EOM 1.5
gmp_util.h: Merge with EOM 1.3
math_mp.h: Merge with EOM 1.2
sa.c: Merge with EOM 1.101
ui.c: Merge with EOM 1.40

author: niklas
(c) 2000

conf.c: Merge with EOM 1.21
isakmpd.c: Merge with EOM 1.46
sa.c: Merge with EOM 1.100
ui.c: Merge with EOM 1.39

author: niklas
error message style

regress/crypto/Makefile: Merge with EOM 1.5
regress/dh/Makefile: Merge with EOM 1.7
regress/group/Makefile: Merge with EOM 1.9
regress/prf/Makefile: Merge with EOM 1.4
regress/rsakeygen/Makefile: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.10
Makefile: Merge with EOM 1.62
attribute.c: Merge with EOM 1.10
sa.c: Merge with EOM 1.99
conf.c: Merge with EOM 1.20
crypto.c: Merge with EOM 1.28
isakmpd.c: Merge with EOM 1.45
connection.c: Merge with EOM 1.19
doi.h: Merge with EOM 1.28
field.c: Merge with EOM 1.11
exchange.c: Merge with EOM 1.116
ike_auth.c: Merge with EOM 1.44
pf_key_v2.c: Merge with EOM 1.37
ike_phase_1.c: Merge with EOM 1.22
ipsec.c: Merge with EOM 1.118
isakmp_doi.c: Merge with EOM 1.40
log.c: Merge with EOM 1.26
log.h: Merge with EOM 1.18
math_group.c: Merge with EOM 1.23
message.c: Merge with EOM 1.144
pf_encap.c: Merge with EOM 1.70
policy.c: Merge with EOM 1.18
timer.c: Merge with EOM 1.13
transport.c: Merge with EOM 1.41
udp.c: Merge with EOM 1.47
ui.c: Merge with EOM 1.37
x509.c: Merge with EOM 1.36

author: niklas
Made debug logging a compile time selectable feature

DESIGN-NOTES: Merge with EOM 1.47
conf.c: Merge with EOM 1.19
conf.h: Merge with EOM 1.10
ui.c: Merge with EOM 1.34

author: niklas
Dynamic updates of the configuration database is now possible, either through
ui, or through the new conf_* API described in DESIGN-NOTES

sysdep/openbsd/sysdep.c: Merge with EOM 1.7
DESIGN-NOTES: Merge with EOM 1.42
Makefile: Merge with EOM 1.51
app.c: Merge with EOM 1.6
conf.c: Merge with EOM 1.18
init.c: Merge with EOM 1.14
isakmpd.conf.5: Merge with EOM 1.19
pf_encap.c: Merge with EOM 1.64
pf_encap.h: Merge with EOM 1.12
pf_key_v2.h: Merge with EOM 1.3
sysdep.h: Merge with EOM 1.16
transport.c: Merge with EOM 1.40
ui.c: Merge with EOM 1.32

author: niklas
A new connection abstraction

Merge with EOM 1.17
memory leak fixes

1999 copyrights

conf.c: Merge with EOM 1.15
One include too much

conf.h: Merge with EOM 1.7
Forgotten include file

Merge from the Ericsson repository
| revision 1.14
| date: 1999/02/25 11:38:47; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------
| revision 1.13
| date: 1999/02/25 11:09:31; author: niklas; state: Exp; lines: +7 -4
| Make conf_get_num take a default value to give back when tag does not exist
| ----------------------------
| revision 1.12
| date: 1999/01/31 01:20:42; author: niklas; state: Exp; lines: +7 -1
| on-demand keying
| ----------------------------

Remove bogus check of printableness of the config file

Add iterator for tags in a section. Add range checking for numbers.

Add RCS Ids from the EOM repository

openBSD RCS IDs

branches: 1.1.1;
Initial revision