Spacing, no object change.

space -> tab

No object change.

Remove plain DES encryption from IPsec.

DES is insecure since brute force attacks are practical due to its
short key length.

This removes support for DES-CBC encryption in ESP and in IKE main
and quick mode from the kernel, isakmpd(8), ipsecctl(8), and iked(8).

ok mikeb@

remove excessive includes

convert to fuse cast from the libcrypto. with a simplification nit from
blambert, ok jsg, "seems ok" todd

Switch the remaining users of libdes in src to libcrypto,
telnet portion partially from the latest heimdal.

ok mikeb@

Bump crypto buffer logging (before crypto/after crypto) to level 70 from
level 30. This was a huge cause of log spam at level 30 and below, and is
really not that useful.

Make deterministic randomness (only ever used for testing) a compile-time
option. Reduces chances of somehow setting regrand when it's not supposed
to be set. Remove "-r" option from man page. Also xref certpatch(8) while
we are in there. And remove some include sysdep.h where it is no longer
needed.
OK hshoexer

simplify

kill USE_DES and USE_TRIPLEDES, why was it ever a choice even?

app.c

un-ifdef USE_BLOWFISH

Do not log before/after crypto blobs at log level 10. Makes -DA=10
useable without enduring pages of hex. OK hshoexer

KNF, style, 80c, etc. hshoexer@ ok

Some more KNF, no binary change.

ok ho@

partial move to KNF. More to come. This has happened because there
are a raft of source code auditors who are willing to help improve this
code only if this is done, and hey, isakmpd does need our standard
auditing process. ok ho hshoexer

-Wsign-compare nits. hshoexer@ ok.

re-add AES, but without using EVP;
patch from Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@
(interops with isakmpd+AES in OpenBSD 3.4)

back out EVP change; causes fd leaks; ok cedric@

branches: 1.16.2;
support AES in phase 1, too. switch to OpenSSL EVP interface;
with Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@

Remove some double semicolons (hmm, do two semis equal a maxi?).
I've skipped the GNU stuff for now. From Patrick Latifi.

Remove clauses 3 and 4. With approval from Niklas Hallqvist and
Niels Provos.

rm trailing whitespace

size_t must be cast to (unsigned long) and printed using %lu

Make DES a feature, so isakmpd can compile on Linux (most of the fixed
by newsham@lava.net)

branches: 1.10.4;
Merge with EOM 1.32

author: niklas
Use a clearer pointer arithmetic

author: niklas
Multiple DES API support

author: niklas
argh

author: niklas
More braindamage with USE_ macros

regress/crypto/Makefile: Merge with EOM 1.5
regress/dh/Makefile: Merge with EOM 1.7
regress/group/Makefile: Merge with EOM 1.9
regress/prf/Makefile: Merge with EOM 1.4
regress/rsakeygen/Makefile: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.10
Makefile: Merge with EOM 1.62
attribute.c: Merge with EOM 1.10
sa.c: Merge with EOM 1.99
conf.c: Merge with EOM 1.20
crypto.c: Merge with EOM 1.28
isakmpd.c: Merge with EOM 1.45
connection.c: Merge with EOM 1.19
doi.h: Merge with EOM 1.28
field.c: Merge with EOM 1.11
exchange.c: Merge with EOM 1.116
ike_auth.c: Merge with EOM 1.44
pf_key_v2.c: Merge with EOM 1.37
ike_phase_1.c: Merge with EOM 1.22
ipsec.c: Merge with EOM 1.118
isakmp_doi.c: Merge with EOM 1.40
log.c: Merge with EOM 1.26
log.h: Merge with EOM 1.18
math_group.c: Merge with EOM 1.23
message.c: Merge with EOM 1.144
pf_encap.c: Merge with EOM 1.70
policy.c: Merge with EOM 1.18
timer.c: Merge with EOM 1.13
transport.c: Merge with EOM 1.41
udp.c: Merge with EOM 1.47
ui.c: Merge with EOM 1.37
x509.c: Merge with EOM 1.36

author: niklas
Made debug logging a compile time selectable feature

Makefile: Merge with EOM 1.61
crypto.c: Merge with EOM 1.27
exchange.c: Merge with EOM 1.115
ike_quick_mode.c: Merge with EOM 1.115
x509.c: Merge with EOM 1.35
features/ec: Merge with EOM 1.1
features/aggressive: Merge with EOM 1.1
features/policy: Merge with EOM 1.1
features/x509: Merge with EOM 1.1

author: niklas
Allow isakmpd builders to remove optional parts and save bytes.

Merge with EOM 1.26

author: niklas
Be kind to libcrypto DES

./regress/x509/x509test.c: Merge with EOM 1.4
./dh.h: Merge with EOM 1.4
./math_ec2n.c: Merge with EOM 1.8
./crypto.c: Merge with EOM 1.25
./ike_quick_mode.c: Merge with EOM 1.82
./math_group.c: Merge with EOM 1.16
./math_ec2n.h: Merge with EOM 1.4

Style. alloc error reporting. Math error propagation. Allocate right
sizes.

Merge with EOM 1.24
Better error messages, style

1999 copyrights

Merge from the Ericsson repository
| revision 1.22
| date: 1999/02/25 11:38:50; author: niklas; state: Exp; lines: +3 -1
| include sysdep.h everywhere
| ----------------------------

Add RCS Ids from the EOM repository

openBSD RCS IDs

branches: 1.1.1;
Initial revision