gmtime(3) / locatime(3) can fail when timestamps are way off.

Add missing error checks to all calls under sbin/

Input & OK millert

After deleting hifn(4) the only provider for the LZS compression
algorithm is gone. Reomve all LZS references from the tree. The
v42bis in isakmpd also looks unsupported.
OK mvs@ patrick@ sthen@

snprintf/vsnprintf return < 0 on error, rather than -1.

When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.

Spacing, no object change.

space -> tab

No object change.

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

remove casts to time_t * which are not needed

remove excessive includes

enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP
ok mikeb@

Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0'
for chars.

Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC
(as AESGMAC) ciphers in the ISAKMP Phase 2 (aka Quick Mode).

Thoroughly tested by me and naddy. Works fine with Linux.

Requires updated pfkeyv2.h include file.

ok naddy

Allow key exchange with RSA signature authentication to work with
Cisco IOS and other initiators that only send their certs in response
to CERT_REQUEST.

With input and help from cloder@, Stuart Henderson, mpf@, and several
others who did lots of testing - thanks to all.

ok hshoexer@

There's no point in checking ptr for NULL before doing free(ptr)
since free(NULL) is just fine.

ok hshoexer@

keynote_cert_obtain should not leak in case of error. OK moritz@

Do not leak file descriptor in error path. From Andrey Matveev
<evol at online dot ptt dot ru>, thanks!

use snprintf; ok cloder. also looked at by a few other people

add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947

ok markus

Make deterministic randomness (only ever used for testing) a compile-time
option. Reduces chances of somehow setting regrand when it's not supposed
to be set. Remove "-r" option from man page. Also xref certpatch(8) while
we are in there. And remove some include sysdep.h where it is no longer
needed.
OK hshoexer

we have IPPROTO_ETHERIP

nat-traversal always

knf, ok cloder

spacing; ok cloder

handle return value of snprintf more carefully

ok cloder ho

where possible, use bzero instead of memset

ok cloder henning

spacing

Keynote policy checking can now be disabled by "-K" switch and config tag
"Use-Keynote". Default is to use keynote.

ok henning@ ho@

Also handle keys from x509-certificates embedded in keynote credentials.

with msf@
ok ho@

NAT-Traversal for isakmpd. Work in progress...
hshoexer@ ok.

KNF, style, 80c, etc. hshoexer@ ok

More KNF. Mainly spaces and line-wraps, no binary change.

ok ho@

stat before open is flawed

remove unused variable and shorten names of two other. Removed some spaces
while around.

ok ho@ markus@

partial move to KNF. More to come. This has happened because there
are a raft of source code auditors who are willing to help improve this
code only if this is done, and hey, isakmpd does need our standard
auditing process. ok ho hshoexer

-Wsign-compare nits. hshoexer@ ok.

Add missing bits to make already present privsep code work. Enable privsep.

ok ho@ deraadt@ markus@

Style nits.

add sha2 support; ok ho@

boring cleanups

Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos
D. Keromytis and Niels Provos.

Cleanup. Use 'sizeof variable' instead of magic constants.

More isakmpd privsep work. X509 private keys are now kept in the privileged
process only. Various cleanup and bugfixes.
markus@ ok

Start of privilege separation for isakmpd.
There are some kinks left, so keep it default disabled for now.
markus@ says ok to commit.

Policy file default defined twice, kill the local copy.

I did not test this enough. Unbreak.

AES -> AES_128_CBC

Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848.

signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.

ecn_* policy attributes --- ok ho@

The dlopen() stuff goes away.

rm trailing whitespace

size_t must be cast to (unsigned long) and printed using %lu

off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>

Actually return the ESP/AH/COMP ground descriptions for policy
comparisons -- from cjkim2000@yahoo.com

no more strcpy/sprintf

strcpy->strlcpy, sprintf->snprintf

strftime format fixes. From Christo Butcher <christo@fox-it.com>.

more style

Use x509_DN_string API. Style fixes.

I was only going to remove #include "init.h", but found 8 more
#include's we don't need here.

Allocate slightly larger buffer for cert.

DER_ASN1_DN ID handling --- untested

Better handling of Key IDs.

Fix policy information for IPv6 subnet/range cases. This is ugly, I'll
have to find another way of dealing with IPv6 addresses.

Wait with strlcpy a while, change to strncpy.

use strlcpy instead of memcpy to copy strings

Style

Start support for IPv6 addresses in policy.

Fix remote_negotiation_address attribute; fix sockaddr2text() return
value when zero-filling; log_error()->log_print() consistently.

Change get_src/get_dst API as we get the length with sa_len.

Initial IPv6 support. (niklas@ ok)

No need to allocate/free X509 policy information -- the certs are
converted as needed, and the CA certs are irrelevant.

Get rid of the main policy session (unnecessary).

Add some log_print()

Routines for handling KeyNote cert representation.

Style police a'la niklas@.

As the isakmpd.policy file can contain sensitive information, we want
the same mode checks we use for isakmpd.conf. Style.

Make these compile again...

Indentation and style fascism

Add logging classes for Negotiation and Policy, and change a number of
debug messages to use these instead. Change a number of 'log_print'
to debug messages to keep the noise down. Use 'log_error' instead of
'log_print' in some cases when we have errno. Some indentation fixes.
(niklas@ ok)

Oops, use the right legnth for the key id.

Add KEY_ID support (mostly from roland@digitalvampire.org)

(c) 2001

Pedantic style police

Handle null remote_id/local_filter/remote_filter nicer.

policy.c: Merge with EOM 1.49
util.h: Merge with EOM 1.10

author: niklas
style and removal of unused, unneeded code

branches: 1.17.2;
Merge with EOM 1.48

author: angelos
Fix comment.

author: angelos
Add RIPEMD negotiation/configuration.

samples/VPN-3way-template.conf: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.12
samples/VPN-west.conf: Merge with EOM 1.13
samples/policy: Merge with EOM 1.6
samples/singlehost-west.conf: Merge with EOM 1.9
samples/singlehost-east.conf: Merge with EOM 1.9
conf.c: Merge with EOM 1.37
ipsec.c: Merge with EOM 1.133
ipsec_num.cst: Merge with EOM 1.4
isakmpd.conf.5: Merge with EOM 1.48
isakmpd.policy.5: Merge with EOM 1.21
policy.c: Merge with EOM 1.46

author: angelos
AES support.

Merge with EOM 1.45

author: angelos
Unsigned integers for most attributes.

author: niklas
Multiple subject name matching, makes certificate interop with PGPnet at least
partly working. Added some error checking.

author: ho
Nowadays we can use #include <openssl/...> instead of <ssl/...>

author: angelos
Typo on checking esp lifetimes.

author: angelos
Use the correct protocol from the IDi/IDr.

Merge with EOM 1.40

author: angelos
Get the right value.

author: angelos
Add "phase1_group_desc" attribute, and explain the various values.

Merge with EOM 1.38

author: angelos
No need for NODEBUG actually...

author: angelos
Use LOG_DBG() instead of log_debug()

author: angelos
NODEBUG compile option, so regress doesn't barf.

author: angelos
No point adding a handling attribute for the generic session.

author: angelos
log_debug() for the action attributes.

author: angelos
Different policy/Keynote sessions per Phase 1 SA.

author: angelos
Allow exchange of KeyNote credentials over IKE. Multiple credentials
may be passed in a single CERT payload. KeyNote is used if a
directory named as the local ID we use in an exchange exists in the
KeyNote directory (default: /etc/isakmpd/keynote/). Note that
asymmetric credentials are possible (use KeyNote in one direction and
X509 in the other); such authentication is envisioned to be the most
common: the clients will use KeyNote credentials to authenticate and
authorize with a server, whilst the server will just provide an X509
certificate proving its binding to the IP address or ID.

Totally asymmetric authentication (e.g., shared key in one direction,
RSA in the other) is not supported by the IKE protocol.

author: angelos
Correct pointer handling.

author: angelos
A few more certificate handling routines for KeyNote.

author: angelos
Some more support for KeyNote credential exchange (not yet done).

author: angelos
Add a couple more KeyNote functions in the sym entries.

author: ho
Some systems do not define IPPROTO_ETHERIP (yet).

branches: 1.12.2;
Merge with EOM 1.26

author: niklas
style

author: angelos
Move POLICY_FILE_DEFAULT definition to the .h file.

author: angelos
Add etherip and protocol numbers in the transport protocol entries,
document.

Merge with EOM 1.23

author: angelos
Typo...

author: angelos
*_ike_address -> *_negotiation_address (so it's not IKE specific)

author: angelos
No need to use log_fatal...

Merge with EOM 1.20

author: niklas
Hmm keynote does not exist in a dynamically linked version

author: angelos
Add phase_1 attribute.

regress/crypto/Makefile: Merge with EOM 1.5
regress/dh/Makefile: Merge with EOM 1.7
regress/group/Makefile: Merge with EOM 1.9
regress/prf/Makefile: Merge with EOM 1.4
regress/rsakeygen/Makefile: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.10
Makefile: Merge with EOM 1.62
attribute.c: Merge with EOM 1.10
sa.c: Merge with EOM 1.99
conf.c: Merge with EOM 1.20
crypto.c: Merge with EOM 1.28
isakmpd.c: Merge with EOM 1.45
connection.c: Merge with EOM 1.19
doi.h: Merge with EOM 1.28
field.c: Merge with EOM 1.11
exchange.c: Merge with EOM 1.116
ike_auth.c: Merge with EOM 1.44
pf_key_v2.c: Merge with EOM 1.37
ike_phase_1.c: Merge with EOM 1.22
ipsec.c: Merge with EOM 1.118
isakmp_doi.c: Merge with EOM 1.40
log.c: Merge with EOM 1.26
log.h: Merge with EOM 1.18
math_group.c: Merge with EOM 1.23
message.c: Merge with EOM 1.144
pf_encap.c: Merge with EOM 1.70
policy.c: Merge with EOM 1.18
timer.c: Merge with EOM 1.13
transport.c: Merge with EOM 1.41
udp.c: Merge with EOM 1.47
ui.c: Merge with EOM 1.37
x509.c: Merge with EOM 1.36

author: niklas
Made debug logging a compile time selectable feature

Merge with EOM 1.17

author: niklas
Copyright 2000

Merge with EOM 1.16

author: angelos
Do a policy check on the Initiator, when notified by the Responder on
the SA selection. For efficiency, we should replicate this check on
the first message sent by the Initiator (so we only send proposals we
know we'll eventually accept).

author: angelos
Add an initiator attribute, and make the code amenable to be invoked
by the initiator as well (for policy compliance checking).

apps/certpatch/certpatch.8: Merge with EOM 1.4
apps/certpatch/certpatch.c: Merge with EOM 1.6
exchange.c: Merge with EOM 1.114
ike_quick_mode.c: Merge with EOM 1.110
ike_phase_1.c: Merge with EOM 1.16
ike_auth.c: Merge with EOM 1.41
ike_aggressive.c: Merge with EOM 1.4
libcrypto.c: Merge with EOM 1.10
libcrypto.h: Merge with EOM 1.10
isakmpd.8: Merge with EOM 1.19
isakmpd.c: Merge with EOM 1.42
ipsec.h: Merge with EOM 1.40
init.c: Merge with EOM 1.22
message.c: Merge with EOM 1.143
message.h: Merge with EOM 1.49
sa.c: Merge with EOM 1.98
sa.h: Merge with EOM 1.54
policy.c: Merge with EOM 1.14
pf_key_v2.c: Merge with EOM 1.36
x509.c: Merge with EOM 1.32
x509.h: Merge with EOM 1.9
udp.c: Merge with EOM 1.46

author: niklas
Angelos copyrights

Merge with EOM 1.13

author: ho
Bugfix for IPSEC_ID_USER_FQDN from <<Jorgen.Granstam@abc.se>.
Apply similar to the IPSEC_ID_FQDN case plus fix the log messages.

Merge with EOM 1.12

date: 2000/01/25 02:21:10; author: angelos; state: Exp; lines: +2 -2
Move the policy file location

author: angelos
GMTTimeOfDay and LocalTimeOfDay attributes, comment in x509.c.

author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.

author: angelos
Add pfs keynote attribute.

author: angelos
Include files, in anticipation of the keynote.h changes.

sync with latest libkeynote (include file changes only)

Merge with EOM 1.7

author: niklas
Support dynamic loading of libkeynote too. Build isakmpd static by default.
Stylistic cleanup of keynote policy code. Correct some libcrypto calls.

author: niklas
more style

author: niklas
isakmpd style

author: angelos
Hopefully better wording of variables.

author: angelos
Complete policy work; tested for the shared-key case. Documentation needed.

policy.h: Merge with EOM 1.2
policy.c: Merge with EOM 1.2

author: niklas
Remove $EOM$ from Eom repository version

author: niklas
New file, for keynote policy handling. By angelos@openbsd.org

After deleting hifn(4) the only provider for the LZS compression
algorithm is gone. Reomve all LZS references from the tree. The
v42bis in isakmpd also looks unsupported.
OK mvs@ patrick@ sthen@

snprintf/vsnprintf return < 0 on error, rather than -1.

When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.

Spacing, no object change.

space -> tab

No object change.

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

remove casts to time_t * which are not needed

remove excessive includes

enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP
ok mikeb@

Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0'
for chars.

Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC
(as AESGMAC) ciphers in the ISAKMP Phase 2 (aka Quick Mode).

Thoroughly tested by me and naddy. Works fine with Linux.

Requires updated pfkeyv2.h include file.

ok naddy

Allow key exchange with RSA signature authentication to work with
Cisco IOS and other initiators that only send their certs in response
to CERT_REQUEST.

With input and help from cloder@, Stuart Henderson, mpf@, and several
others who did lots of testing - thanks to all.

ok hshoexer@

There's no point in checking ptr for NULL before doing free(ptr)
since free(NULL) is just fine.

ok hshoexer@

keynote_cert_obtain should not leak in case of error. OK moritz@

Do not leak file descriptor in error path. From Andrey Matveev
<evol at online dot ptt dot ru>, thanks!

use snprintf; ok cloder. also looked at by a few other people

add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947

ok markus

Make deterministic randomness (only ever used for testing) a compile-time
option. Reduces chances of somehow setting regrand when it's not supposed
to be set. Remove "-r" option from man page. Also xref certpatch(8) while
we are in there. And remove some include sysdep.h where it is no longer
needed.
OK hshoexer

we have IPPROTO_ETHERIP

nat-traversal always

knf, ok cloder

spacing; ok cloder

handle return value of snprintf more carefully

ok cloder ho

where possible, use bzero instead of memset

ok cloder henning

spacing

Keynote policy checking can now be disabled by "-K" switch and config tag
"Use-Keynote". Default is to use keynote.

ok henning@ ho@

Also handle keys from x509-certificates embedded in keynote credentials.

with msf@
ok ho@

NAT-Traversal for isakmpd. Work in progress...
hshoexer@ ok.

KNF, style, 80c, etc. hshoexer@ ok

More KNF. Mainly spaces and line-wraps, no binary change.

ok ho@

stat before open is flawed

remove unused variable and shorten names of two other. Removed some spaces
while around.

ok ho@ markus@

partial move to KNF. More to come. This has happened because there
are a raft of source code auditors who are willing to help improve this
code only if this is done, and hey, isakmpd does need our standard
auditing process. ok ho hshoexer

-Wsign-compare nits. hshoexer@ ok.

Add missing bits to make already present privsep code work. Enable privsep.

ok ho@ deraadt@ markus@

Style nits.

add sha2 support; ok ho@

boring cleanups

Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos
D. Keromytis and Niels Provos.

Cleanup. Use 'sizeof variable' instead of magic constants.

More isakmpd privsep work. X509 private keys are now kept in the privileged
process only. Various cleanup and bugfixes.
markus@ ok

Start of privilege separation for isakmpd.
There are some kinks left, so keep it default disabled for now.
markus@ says ok to commit.

Policy file default defined twice, kill the local copy.

I did not test this enough. Unbreak.

AES -> AES_128_CBC

Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848.

signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.

ecn_* policy attributes --- ok ho@

The dlopen() stuff goes away.

rm trailing whitespace

size_t must be cast to (unsigned long) and printed using %lu

off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>

Actually return the ESP/AH/COMP ground descriptions for policy
comparisons -- from cjkim2000@yahoo.com

no more strcpy/sprintf

strcpy->strlcpy, sprintf->snprintf

strftime format fixes. From Christo Butcher <christo@fox-it.com>.

more style

Use x509_DN_string API. Style fixes.

I was only going to remove #include "init.h", but found 8 more
#include's we don't need here.

Allocate slightly larger buffer for cert.

DER_ASN1_DN ID handling --- untested

Better handling of Key IDs.

Fix policy information for IPv6 subnet/range cases. This is ugly, I'll
have to find another way of dealing with IPv6 addresses.

Wait with strlcpy a while, change to strncpy.

use strlcpy instead of memcpy to copy strings

Style

Start support for IPv6 addresses in policy.

Fix remote_negotiation_address attribute; fix sockaddr2text() return
value when zero-filling; log_error()->log_print() consistently.

Change get_src/get_dst API as we get the length with sa_len.

Initial IPv6 support. (niklas@ ok)

No need to allocate/free X509 policy information -- the certs are
converted as needed, and the CA certs are irrelevant.

Get rid of the main policy session (unnecessary).

Add some log_print()

Routines for handling KeyNote cert representation.

Style police a'la niklas@.

As the isakmpd.policy file can contain sensitive information, we want
the same mode checks we use for isakmpd.conf. Style.

Make these compile again...

Indentation and style fascism

Add logging classes for Negotiation and Policy, and change a number of
debug messages to use these instead. Change a number of 'log_print'
to debug messages to keep the noise down. Use 'log_error' instead of
'log_print' in some cases when we have errno. Some indentation fixes.
(niklas@ ok)

Oops, use the right legnth for the key id.

Add KEY_ID support (mostly from roland@digitalvampire.org)

(c) 2001

Pedantic style police

Handle null remote_id/local_filter/remote_filter nicer.

policy.c: Merge with EOM 1.49
util.h: Merge with EOM 1.10

author: niklas
style and removal of unused, unneeded code

branches: 1.17.2;
Merge with EOM 1.48

author: angelos
Fix comment.

author: angelos
Add RIPEMD negotiation/configuration.

samples/VPN-3way-template.conf: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.12
samples/VPN-west.conf: Merge with EOM 1.13
samples/policy: Merge with EOM 1.6
samples/singlehost-west.conf: Merge with EOM 1.9
samples/singlehost-east.conf: Merge with EOM 1.9
conf.c: Merge with EOM 1.37
ipsec.c: Merge with EOM 1.133
ipsec_num.cst: Merge with EOM 1.4
isakmpd.conf.5: Merge with EOM 1.48
isakmpd.policy.5: Merge with EOM 1.21
policy.c: Merge with EOM 1.46

author: angelos
AES support.

Merge with EOM 1.45

author: angelos
Unsigned integers for most attributes.

author: niklas
Multiple subject name matching, makes certificate interop with PGPnet at least
partly working. Added some error checking.

author: ho
Nowadays we can use #include <openssl/...> instead of <ssl/...>

author: angelos
Typo on checking esp lifetimes.

author: angelos
Use the correct protocol from the IDi/IDr.

Merge with EOM 1.40

author: angelos
Get the right value.

author: angelos
Add "phase1_group_desc" attribute, and explain the various values.

Merge with EOM 1.38

author: angelos
No need for NODEBUG actually...

author: angelos
Use LOG_DBG() instead of log_debug()

author: angelos
NODEBUG compile option, so regress doesn't barf.

author: angelos
No point adding a handling attribute for the generic session.

author: angelos
log_debug() for the action attributes.

author: angelos
Different policy/Keynote sessions per Phase 1 SA.

author: angelos
Allow exchange of KeyNote credentials over IKE. Multiple credentials
may be passed in a single CERT payload. KeyNote is used if a
directory named as the local ID we use in an exchange exists in the
KeyNote directory (default: /etc/isakmpd/keynote/). Note that
asymmetric credentials are possible (use KeyNote in one direction and
X509 in the other); such authentication is envisioned to be the most
common: the clients will use KeyNote credentials to authenticate and
authorize with a server, whilst the server will just provide an X509
certificate proving its binding to the IP address or ID.

Totally asymmetric authentication (e.g., shared key in one direction,
RSA in the other) is not supported by the IKE protocol.

author: angelos
Correct pointer handling.

author: angelos
A few more certificate handling routines for KeyNote.

author: angelos
Some more support for KeyNote credential exchange (not yet done).

author: angelos
Add a couple more KeyNote functions in the sym entries.

author: ho
Some systems do not define IPPROTO_ETHERIP (yet).

branches: 1.12.2;
Merge with EOM 1.26

author: niklas
style

author: angelos
Move POLICY_FILE_DEFAULT definition to the .h file.

author: angelos
Add etherip and protocol numbers in the transport protocol entries,
document.

Merge with EOM 1.23

author: angelos
Typo...

author: angelos
*_ike_address -> *_negotiation_address (so it's not IKE specific)

author: angelos
No need to use log_fatal...

Merge with EOM 1.20

author: niklas
Hmm keynote does not exist in a dynamically linked version

author: angelos
Add phase_1 attribute.

regress/crypto/Makefile: Merge with EOM 1.5
regress/dh/Makefile: Merge with EOM 1.7
regress/group/Makefile: Merge with EOM 1.9
regress/prf/Makefile: Merge with EOM 1.4
regress/rsakeygen/Makefile: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.10
Makefile: Merge with EOM 1.62
attribute.c: Merge with EOM 1.10
sa.c: Merge with EOM 1.99
conf.c: Merge with EOM 1.20
crypto.c: Merge with EOM 1.28
isakmpd.c: Merge with EOM 1.45
connection.c: Merge with EOM 1.19
doi.h: Merge with EOM 1.28
field.c: Merge with EOM 1.11
exchange.c: Merge with EOM 1.116
ike_auth.c: Merge with EOM 1.44
pf_key_v2.c: Merge with EOM 1.37
ike_phase_1.c: Merge with EOM 1.22
ipsec.c: Merge with EOM 1.118
isakmp_doi.c: Merge with EOM 1.40
log.c: Merge with EOM 1.26
log.h: Merge with EOM 1.18
math_group.c: Merge with EOM 1.23
message.c: Merge with EOM 1.144
pf_encap.c: Merge with EOM 1.70
policy.c: Merge with EOM 1.18
timer.c: Merge with EOM 1.13
transport.c: Merge with EOM 1.41
udp.c: Merge with EOM 1.47
ui.c: Merge with EOM 1.37
x509.c: Merge with EOM 1.36

author: niklas
Made debug logging a compile time selectable feature

Merge with EOM 1.17

author: niklas
Copyright 2000

Merge with EOM 1.16

author: angelos
Do a policy check on the Initiator, when notified by the Responder on
the SA selection. For efficiency, we should replicate this check on
the first message sent by the Initiator (so we only send proposals we
know we'll eventually accept).

author: angelos
Add an initiator attribute, and make the code amenable to be invoked
by the initiator as well (for policy compliance checking).

apps/certpatch/certpatch.8: Merge with EOM 1.4
apps/certpatch/certpatch.c: Merge with EOM 1.6
exchange.c: Merge with EOM 1.114
ike_quick_mode.c: Merge with EOM 1.110
ike_phase_1.c: Merge with EOM 1.16
ike_auth.c: Merge with EOM 1.41
ike_aggressive.c: Merge with EOM 1.4
libcrypto.c: Merge with EOM 1.10
libcrypto.h: Merge with EOM 1.10
isakmpd.8: Merge with EOM 1.19
isakmpd.c: Merge with EOM 1.42
ipsec.h: Merge with EOM 1.40
init.c: Merge with EOM 1.22
message.c: Merge with EOM 1.143
message.h: Merge with EOM 1.49
sa.c: Merge with EOM 1.98
sa.h: Merge with EOM 1.54
policy.c: Merge with EOM 1.14
pf_key_v2.c: Merge with EOM 1.36
x509.c: Merge with EOM 1.32
x509.h: Merge with EOM 1.9
udp.c: Merge with EOM 1.46

author: niklas
Angelos copyrights

Merge with EOM 1.13

author: ho
Bugfix for IPSEC_ID_USER_FQDN from <<Jorgen.Granstam@abc.se>.
Apply similar to the IPSEC_ID_FQDN case plus fix the log messages.

Merge with EOM 1.12

date: 2000/01/25 02:21:10; author: angelos; state: Exp; lines: +2 -2
Move the policy file location

author: angelos
GMTTimeOfDay and LocalTimeOfDay attributes, comment in x509.c.

author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.

author: angelos
Add pfs keynote attribute.

author: angelos
Include files, in anticipation of the keynote.h changes.

sync with latest libkeynote (include file changes only)

Merge with EOM 1.7

author: niklas
Support dynamic loading of libkeynote too. Build isakmpd static by default.
Stylistic cleanup of keynote policy code. Correct some libcrypto calls.

author: niklas
more style

author: niklas
isakmpd style

author: angelos
Hopefully better wording of variables.

author: angelos
Complete policy work; tested for the shared-key case. Documentation needed.

policy.h: Merge with EOM 1.2
policy.c: Merge with EOM 1.2

author: niklas
Remove $EOM$ from Eom repository version

author: niklas
New file, for keynote policy handling. By angelos@openbsd.org

snprintf/vsnprintf return < 0 on error, rather than -1.

When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.

Spacing, no object change.

space -> tab

No object change.

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

remove casts to time_t * which are not needed

remove excessive includes

enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP
ok mikeb@

Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0'
for chars.

Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC
(as AESGMAC) ciphers in the ISAKMP Phase 2 (aka Quick Mode).

Thoroughly tested by me and naddy. Works fine with Linux.

Requires updated pfkeyv2.h include file.

ok naddy

Allow key exchange with RSA signature authentication to work with
Cisco IOS and other initiators that only send their certs in response
to CERT_REQUEST.

With input and help from cloder@, Stuart Henderson, mpf@, and several
others who did lots of testing - thanks to all.

ok hshoexer@

There's no point in checking ptr for NULL before doing free(ptr)
since free(NULL) is just fine.

ok hshoexer@

keynote_cert_obtain should not leak in case of error. OK moritz@

Do not leak file descriptor in error path. From Andrey Matveev
<evol at online dot ptt dot ru>, thanks!

use snprintf; ok cloder. also looked at by a few other people

add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947

ok markus

Make deterministic randomness (only ever used for testing) a compile-time
option. Reduces chances of somehow setting regrand when it's not supposed
to be set. Remove "-r" option from man page. Also xref certpatch(8) while
we are in there. And remove some include sysdep.h where it is no longer
needed.
OK hshoexer

we have IPPROTO_ETHERIP

nat-traversal always

knf, ok cloder

spacing; ok cloder

handle return value of snprintf more carefully

ok cloder ho

where possible, use bzero instead of memset

ok cloder henning

spacing

Keynote policy checking can now be disabled by "-K" switch and config tag
"Use-Keynote". Default is to use keynote.

ok henning@ ho@

Also handle keys from x509-certificates embedded in keynote credentials.

with msf@
ok ho@

NAT-Traversal for isakmpd. Work in progress...
hshoexer@ ok.

KNF, style, 80c, etc. hshoexer@ ok

More KNF. Mainly spaces and line-wraps, no binary change.

ok ho@

stat before open is flawed

remove unused variable and shorten names of two other. Removed some spaces
while around.

ok ho@ markus@

partial move to KNF. More to come. This has happened because there
are a raft of source code auditors who are willing to help improve this
code only if this is done, and hey, isakmpd does need our standard
auditing process. ok ho hshoexer

-Wsign-compare nits. hshoexer@ ok.

Add missing bits to make already present privsep code work. Enable privsep.

ok ho@ deraadt@ markus@

Style nits.

add sha2 support; ok ho@

boring cleanups

Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos
D. Keromytis and Niels Provos.

Cleanup. Use 'sizeof variable' instead of magic constants.

More isakmpd privsep work. X509 private keys are now kept in the privileged
process only. Various cleanup and bugfixes.
markus@ ok

Start of privilege separation for isakmpd.
There are some kinks left, so keep it default disabled for now.
markus@ says ok to commit.

Policy file default defined twice, kill the local copy.

I did not test this enough. Unbreak.

AES -> AES_128_CBC

Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848.

signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.

ecn_* policy attributes --- ok ho@

The dlopen() stuff goes away.

rm trailing whitespace

size_t must be cast to (unsigned long) and printed using %lu

off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>

Actually return the ESP/AH/COMP ground descriptions for policy
comparisons -- from cjkim2000@yahoo.com

no more strcpy/sprintf

strcpy->strlcpy, sprintf->snprintf

strftime format fixes. From Christo Butcher <christo@fox-it.com>.

more style

Use x509_DN_string API. Style fixes.

I was only going to remove #include "init.h", but found 8 more
#include's we don't need here.

Allocate slightly larger buffer for cert.

DER_ASN1_DN ID handling --- untested

Better handling of Key IDs.

Fix policy information for IPv6 subnet/range cases. This is ugly, I'll
have to find another way of dealing with IPv6 addresses.

Wait with strlcpy a while, change to strncpy.

use strlcpy instead of memcpy to copy strings

Style

Start support for IPv6 addresses in policy.

Fix remote_negotiation_address attribute; fix sockaddr2text() return
value when zero-filling; log_error()->log_print() consistently.

Change get_src/get_dst API as we get the length with sa_len.

Initial IPv6 support. (niklas@ ok)

No need to allocate/free X509 policy information -- the certs are
converted as needed, and the CA certs are irrelevant.

Get rid of the main policy session (unnecessary).

Add some log_print()

Routines for handling KeyNote cert representation.

Style police a'la niklas@.

As the isakmpd.policy file can contain sensitive information, we want
the same mode checks we use for isakmpd.conf. Style.

Make these compile again...

Indentation and style fascism

Add logging classes for Negotiation and Policy, and change a number of
debug messages to use these instead. Change a number of 'log_print'
to debug messages to keep the noise down. Use 'log_error' instead of
'log_print' in some cases when we have errno. Some indentation fixes.
(niklas@ ok)

Oops, use the right legnth for the key id.

Add KEY_ID support (mostly from roland@digitalvampire.org)

(c) 2001

Pedantic style police

Handle null remote_id/local_filter/remote_filter nicer.

policy.c: Merge with EOM 1.49
util.h: Merge with EOM 1.10

author: niklas
style and removal of unused, unneeded code

branches: 1.17.2;
Merge with EOM 1.48

author: angelos
Fix comment.

author: angelos
Add RIPEMD negotiation/configuration.

samples/VPN-3way-template.conf: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.12
samples/VPN-west.conf: Merge with EOM 1.13
samples/policy: Merge with EOM 1.6
samples/singlehost-west.conf: Merge with EOM 1.9
samples/singlehost-east.conf: Merge with EOM 1.9
conf.c: Merge with EOM 1.37
ipsec.c: Merge with EOM 1.133
ipsec_num.cst: Merge with EOM 1.4
isakmpd.conf.5: Merge with EOM 1.48
isakmpd.policy.5: Merge with EOM 1.21
policy.c: Merge with EOM 1.46

author: angelos
AES support.

Merge with EOM 1.45

author: angelos
Unsigned integers for most attributes.

author: niklas
Multiple subject name matching, makes certificate interop with PGPnet at least
partly working. Added some error checking.

author: ho
Nowadays we can use #include <openssl/...> instead of <ssl/...>

author: angelos
Typo on checking esp lifetimes.

author: angelos
Use the correct protocol from the IDi/IDr.

Merge with EOM 1.40

author: angelos
Get the right value.

author: angelos
Add "phase1_group_desc" attribute, and explain the various values.

Merge with EOM 1.38

author: angelos
No need for NODEBUG actually...

author: angelos
Use LOG_DBG() instead of log_debug()

author: angelos
NODEBUG compile option, so regress doesn't barf.

author: angelos
No point adding a handling attribute for the generic session.

author: angelos
log_debug() for the action attributes.

author: angelos
Different policy/Keynote sessions per Phase 1 SA.

author: angelos
Allow exchange of KeyNote credentials over IKE. Multiple credentials
may be passed in a single CERT payload. KeyNote is used if a
directory named as the local ID we use in an exchange exists in the
KeyNote directory (default: /etc/isakmpd/keynote/). Note that
asymmetric credentials are possible (use KeyNote in one direction and
X509 in the other); such authentication is envisioned to be the most
common: the clients will use KeyNote credentials to authenticate and
authorize with a server, whilst the server will just provide an X509
certificate proving its binding to the IP address or ID.

Totally asymmetric authentication (e.g., shared key in one direction,
RSA in the other) is not supported by the IKE protocol.

author: angelos
Correct pointer handling.

author: angelos
A few more certificate handling routines for KeyNote.

author: angelos
Some more support for KeyNote credential exchange (not yet done).

author: angelos
Add a couple more KeyNote functions in the sym entries.

author: ho
Some systems do not define IPPROTO_ETHERIP (yet).

branches: 1.12.2;
Merge with EOM 1.26

author: niklas
style

author: angelos
Move POLICY_FILE_DEFAULT definition to the .h file.

author: angelos
Add etherip and protocol numbers in the transport protocol entries,
document.

Merge with EOM 1.23

author: angelos
Typo...

author: angelos
*_ike_address -> *_negotiation_address (so it's not IKE specific)

author: angelos
No need to use log_fatal...

Merge with EOM 1.20

author: niklas
Hmm keynote does not exist in a dynamically linked version

author: angelos
Add phase_1 attribute.

regress/crypto/Makefile: Merge with EOM 1.5
regress/dh/Makefile: Merge with EOM 1.7
regress/group/Makefile: Merge with EOM 1.9
regress/prf/Makefile: Merge with EOM 1.4
regress/rsakeygen/Makefile: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.10
Makefile: Merge with EOM 1.62
attribute.c: Merge with EOM 1.10
sa.c: Merge with EOM 1.99
conf.c: Merge with EOM 1.20
crypto.c: Merge with EOM 1.28
isakmpd.c: Merge with EOM 1.45
connection.c: Merge with EOM 1.19
doi.h: Merge with EOM 1.28
field.c: Merge with EOM 1.11
exchange.c: Merge with EOM 1.116
ike_auth.c: Merge with EOM 1.44
pf_key_v2.c: Merge with EOM 1.37
ike_phase_1.c: Merge with EOM 1.22
ipsec.c: Merge with EOM 1.118
isakmp_doi.c: Merge with EOM 1.40
log.c: Merge with EOM 1.26
log.h: Merge with EOM 1.18
math_group.c: Merge with EOM 1.23
message.c: Merge with EOM 1.144
pf_encap.c: Merge with EOM 1.70
policy.c: Merge with EOM 1.18
timer.c: Merge with EOM 1.13
transport.c: Merge with EOM 1.41
udp.c: Merge with EOM 1.47
ui.c: Merge with EOM 1.37
x509.c: Merge with EOM 1.36

author: niklas
Made debug logging a compile time selectable feature

Merge with EOM 1.17

author: niklas
Copyright 2000

Merge with EOM 1.16

author: angelos
Do a policy check on the Initiator, when notified by the Responder on
the SA selection. For efficiency, we should replicate this check on
the first message sent by the Initiator (so we only send proposals we
know we'll eventually accept).

author: angelos
Add an initiator attribute, and make the code amenable to be invoked
by the initiator as well (for policy compliance checking).

apps/certpatch/certpatch.8: Merge with EOM 1.4
apps/certpatch/certpatch.c: Merge with EOM 1.6
exchange.c: Merge with EOM 1.114
ike_quick_mode.c: Merge with EOM 1.110
ike_phase_1.c: Merge with EOM 1.16
ike_auth.c: Merge with EOM 1.41
ike_aggressive.c: Merge with EOM 1.4
libcrypto.c: Merge with EOM 1.10
libcrypto.h: Merge with EOM 1.10
isakmpd.8: Merge with EOM 1.19
isakmpd.c: Merge with EOM 1.42
ipsec.h: Merge with EOM 1.40
init.c: Merge with EOM 1.22
message.c: Merge with EOM 1.143
message.h: Merge with EOM 1.49
sa.c: Merge with EOM 1.98
sa.h: Merge with EOM 1.54
policy.c: Merge with EOM 1.14
pf_key_v2.c: Merge with EOM 1.36
x509.c: Merge with EOM 1.32
x509.h: Merge with EOM 1.9
udp.c: Merge with EOM 1.46

author: niklas
Angelos copyrights

Merge with EOM 1.13

author: ho
Bugfix for IPSEC_ID_USER_FQDN from <<Jorgen.Granstam@abc.se>.
Apply similar to the IPSEC_ID_FQDN case plus fix the log messages.

Merge with EOM 1.12

date: 2000/01/25 02:21:10; author: angelos; state: Exp; lines: +2 -2
Move the policy file location

author: angelos
GMTTimeOfDay and LocalTimeOfDay attributes, comment in x509.c.

author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.

author: angelos
Add pfs keynote attribute.

author: angelos
Include files, in anticipation of the keynote.h changes.

sync with latest libkeynote (include file changes only)

Merge with EOM 1.7

author: niklas
Support dynamic loading of libkeynote too. Build isakmpd static by default.
Stylistic cleanup of keynote policy code. Correct some libcrypto calls.

author: niklas
more style

author: niklas
isakmpd style

author: angelos
Hopefully better wording of variables.

author: angelos
Complete policy work; tested for the shared-key case. Documentation needed.

policy.h: Merge with EOM 1.2
policy.c: Merge with EOM 1.2

author: niklas
Remove $EOM$ from Eom repository version

author: niklas
New file, for keynote policy handling. By angelos@openbsd.org

When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.

Spacing, no object change.

space -> tab

No object change.

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

remove casts to time_t * which are not needed

remove excessive includes

enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP
ok mikeb@

Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0'
for chars.

Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC
(as AESGMAC) ciphers in the ISAKMP Phase 2 (aka Quick Mode).

Thoroughly tested by me and naddy. Works fine with Linux.

Requires updated pfkeyv2.h include file.

ok naddy

Allow key exchange with RSA signature authentication to work with
Cisco IOS and other initiators that only send their certs in response
to CERT_REQUEST.

With input and help from cloder@, Stuart Henderson, mpf@, and several
others who did lots of testing - thanks to all.

ok hshoexer@

There's no point in checking ptr for NULL before doing free(ptr)
since free(NULL) is just fine.

ok hshoexer@

keynote_cert_obtain should not leak in case of error. OK moritz@

Do not leak file descriptor in error path. From Andrey Matveev
<evol at online dot ptt dot ru>, thanks!

use snprintf; ok cloder. also looked at by a few other people

add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947

ok markus

Make deterministic randomness (only ever used for testing) a compile-time
option. Reduces chances of somehow setting regrand when it's not supposed
to be set. Remove "-r" option from man page. Also xref certpatch(8) while
we are in there. And remove some include sysdep.h where it is no longer
needed.
OK hshoexer

we have IPPROTO_ETHERIP

nat-traversal always

knf, ok cloder

spacing; ok cloder

handle return value of snprintf more carefully

ok cloder ho

where possible, use bzero instead of memset

ok cloder henning

spacing

Keynote policy checking can now be disabled by "-K" switch and config tag
"Use-Keynote". Default is to use keynote.

ok henning@ ho@

Also handle keys from x509-certificates embedded in keynote credentials.

with msf@
ok ho@

NAT-Traversal for isakmpd. Work in progress...
hshoexer@ ok.

KNF, style, 80c, etc. hshoexer@ ok

More KNF. Mainly spaces and line-wraps, no binary change.

ok ho@

stat before open is flawed

remove unused variable and shorten names of two other. Removed some spaces
while around.

ok ho@ markus@

partial move to KNF. More to come. This has happened because there
are a raft of source code auditors who are willing to help improve this
code only if this is done, and hey, isakmpd does need our standard
auditing process. ok ho hshoexer

-Wsign-compare nits. hshoexer@ ok.

Add missing bits to make already present privsep code work. Enable privsep.

ok ho@ deraadt@ markus@

Style nits.

add sha2 support; ok ho@

boring cleanups

Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos
D. Keromytis and Niels Provos.

Cleanup. Use 'sizeof variable' instead of magic constants.

More isakmpd privsep work. X509 private keys are now kept in the privileged
process only. Various cleanup and bugfixes.
markus@ ok

Start of privilege separation for isakmpd.
There are some kinks left, so keep it default disabled for now.
markus@ says ok to commit.

Policy file default defined twice, kill the local copy.

I did not test this enough. Unbreak.

AES -> AES_128_CBC

Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848.

signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.

ecn_* policy attributes --- ok ho@

The dlopen() stuff goes away.

rm trailing whitespace

size_t must be cast to (unsigned long) and printed using %lu

off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>

Actually return the ESP/AH/COMP ground descriptions for policy
comparisons -- from cjkim2000@yahoo.com

no more strcpy/sprintf

strcpy->strlcpy, sprintf->snprintf

strftime format fixes. From Christo Butcher <christo@fox-it.com>.

more style

Use x509_DN_string API. Style fixes.

I was only going to remove #include "init.h", but found 8 more
#include's we don't need here.

Allocate slightly larger buffer for cert.

DER_ASN1_DN ID handling --- untested

Better handling of Key IDs.

Fix policy information for IPv6 subnet/range cases. This is ugly, I'll
have to find another way of dealing with IPv6 addresses.

Wait with strlcpy a while, change to strncpy.

use strlcpy instead of memcpy to copy strings

Style

Start support for IPv6 addresses in policy.

Fix remote_negotiation_address attribute; fix sockaddr2text() return
value when zero-filling; log_error()->log_print() consistently.

Change get_src/get_dst API as we get the length with sa_len.

Initial IPv6 support. (niklas@ ok)

No need to allocate/free X509 policy information -- the certs are
converted as needed, and the CA certs are irrelevant.

Get rid of the main policy session (unnecessary).

Add some log_print()

Routines for handling KeyNote cert representation.

Style police a'la niklas@.

As the isakmpd.policy file can contain sensitive information, we want
the same mode checks we use for isakmpd.conf. Style.

Make these compile again...

Indentation and style fascism

Add logging classes for Negotiation and Policy, and change a number of
debug messages to use these instead. Change a number of 'log_print'
to debug messages to keep the noise down. Use 'log_error' instead of
'log_print' in some cases when we have errno. Some indentation fixes.
(niklas@ ok)

Oops, use the right legnth for the key id.

Add KEY_ID support (mostly from roland@digitalvampire.org)

(c) 2001

Pedantic style police

Handle null remote_id/local_filter/remote_filter nicer.

policy.c: Merge with EOM 1.49
util.h: Merge with EOM 1.10

author: niklas
style and removal of unused, unneeded code

branches: 1.17.2;
Merge with EOM 1.48

author: angelos
Fix comment.

author: angelos
Add RIPEMD negotiation/configuration.

samples/VPN-3way-template.conf: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.12
samples/VPN-west.conf: Merge with EOM 1.13
samples/policy: Merge with EOM 1.6
samples/singlehost-west.conf: Merge with EOM 1.9
samples/singlehost-east.conf: Merge with EOM 1.9
conf.c: Merge with EOM 1.37
ipsec.c: Merge with EOM 1.133
ipsec_num.cst: Merge with EOM 1.4
isakmpd.conf.5: Merge with EOM 1.48
isakmpd.policy.5: Merge with EOM 1.21
policy.c: Merge with EOM 1.46

author: angelos
AES support.

Merge with EOM 1.45

author: angelos
Unsigned integers for most attributes.

author: niklas
Multiple subject name matching, makes certificate interop with PGPnet at least
partly working. Added some error checking.

author: ho
Nowadays we can use #include <openssl/...> instead of <ssl/...>

author: angelos
Typo on checking esp lifetimes.

author: angelos
Use the correct protocol from the IDi/IDr.

Merge with EOM 1.40

author: angelos
Get the right value.

author: angelos
Add "phase1_group_desc" attribute, and explain the various values.

Merge with EOM 1.38

author: angelos
No need for NODEBUG actually...

author: angelos
Use LOG_DBG() instead of log_debug()

author: angelos
NODEBUG compile option, so regress doesn't barf.

author: angelos
No point adding a handling attribute for the generic session.

author: angelos
log_debug() for the action attributes.

author: angelos
Different policy/Keynote sessions per Phase 1 SA.

author: angelos
Allow exchange of KeyNote credentials over IKE. Multiple credentials
may be passed in a single CERT payload. KeyNote is used if a
directory named as the local ID we use in an exchange exists in the
KeyNote directory (default: /etc/isakmpd/keynote/). Note that
asymmetric credentials are possible (use KeyNote in one direction and
X509 in the other); such authentication is envisioned to be the most
common: the clients will use KeyNote credentials to authenticate and
authorize with a server, whilst the server will just provide an X509
certificate proving its binding to the IP address or ID.

Totally asymmetric authentication (e.g., shared key in one direction,
RSA in the other) is not supported by the IKE protocol.

author: angelos
Correct pointer handling.

author: angelos
A few more certificate handling routines for KeyNote.

author: angelos
Some more support for KeyNote credential exchange (not yet done).

author: angelos
Add a couple more KeyNote functions in the sym entries.

author: ho
Some systems do not define IPPROTO_ETHERIP (yet).

branches: 1.12.2;
Merge with EOM 1.26

author: niklas
style

author: angelos
Move POLICY_FILE_DEFAULT definition to the .h file.

author: angelos
Add etherip and protocol numbers in the transport protocol entries,
document.

Merge with EOM 1.23

author: angelos
Typo...

author: angelos
*_ike_address -> *_negotiation_address (so it's not IKE specific)

author: angelos
No need to use log_fatal...

Merge with EOM 1.20

author: niklas
Hmm keynote does not exist in a dynamically linked version

author: angelos
Add phase_1 attribute.

regress/crypto/Makefile: Merge with EOM 1.5
regress/dh/Makefile: Merge with EOM 1.7
regress/group/Makefile: Merge with EOM 1.9
regress/prf/Makefile: Merge with EOM 1.4
regress/rsakeygen/Makefile: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.10
Makefile: Merge with EOM 1.62
attribute.c: Merge with EOM 1.10
sa.c: Merge with EOM 1.99
conf.c: Merge with EOM 1.20
crypto.c: Merge with EOM 1.28
isakmpd.c: Merge with EOM 1.45
connection.c: Merge with EOM 1.19
doi.h: Merge with EOM 1.28
field.c: Merge with EOM 1.11
exchange.c: Merge with EOM 1.116
ike_auth.c: Merge with EOM 1.44
pf_key_v2.c: Merge with EOM 1.37
ike_phase_1.c: Merge with EOM 1.22
ipsec.c: Merge with EOM 1.118
isakmp_doi.c: Merge with EOM 1.40
log.c: Merge with EOM 1.26
log.h: Merge with EOM 1.18
math_group.c: Merge with EOM 1.23
message.c: Merge with EOM 1.144
pf_encap.c: Merge with EOM 1.70
policy.c: Merge with EOM 1.18
timer.c: Merge with EOM 1.13
transport.c: Merge with EOM 1.41
udp.c: Merge with EOM 1.47
ui.c: Merge with EOM 1.37
x509.c: Merge with EOM 1.36

author: niklas
Made debug logging a compile time selectable feature

Merge with EOM 1.17

author: niklas
Copyright 2000

Merge with EOM 1.16

author: angelos
Do a policy check on the Initiator, when notified by the Responder on
the SA selection. For efficiency, we should replicate this check on
the first message sent by the Initiator (so we only send proposals we
know we'll eventually accept).

author: angelos
Add an initiator attribute, and make the code amenable to be invoked
by the initiator as well (for policy compliance checking).

apps/certpatch/certpatch.8: Merge with EOM 1.4
apps/certpatch/certpatch.c: Merge with EOM 1.6
exchange.c: Merge with EOM 1.114
ike_quick_mode.c: Merge with EOM 1.110
ike_phase_1.c: Merge with EOM 1.16
ike_auth.c: Merge with EOM 1.41
ike_aggressive.c: Merge with EOM 1.4
libcrypto.c: Merge with EOM 1.10
libcrypto.h: Merge with EOM 1.10
isakmpd.8: Merge with EOM 1.19
isakmpd.c: Merge with EOM 1.42
ipsec.h: Merge with EOM 1.40
init.c: Merge with EOM 1.22
message.c: Merge with EOM 1.143
message.h: Merge with EOM 1.49
sa.c: Merge with EOM 1.98
sa.h: Merge with EOM 1.54
policy.c: Merge with EOM 1.14
pf_key_v2.c: Merge with EOM 1.36
x509.c: Merge with EOM 1.32
x509.h: Merge with EOM 1.9
udp.c: Merge with EOM 1.46

author: niklas
Angelos copyrights

Merge with EOM 1.13

author: ho
Bugfix for IPSEC_ID_USER_FQDN from <<Jorgen.Granstam@abc.se>.
Apply similar to the IPSEC_ID_FQDN case plus fix the log messages.

Merge with EOM 1.12

date: 2000/01/25 02:21:10; author: angelos; state: Exp; lines: +2 -2
Move the policy file location

author: angelos
GMTTimeOfDay and LocalTimeOfDay attributes, comment in x509.c.

author: angelos
Oops on previous PFS-policy patch. Small fixes in the manpages.

author: angelos
Add pfs keynote attribute.

author: angelos
Include files, in anticipation of the keynote.h changes.

sync with latest libkeynote (include file changes only)

Merge with EOM 1.7

author: niklas
Support dynamic loading of libkeynote too. Build isakmpd static by default.
Stylistic cleanup of keynote policy code. Correct some libcrypto calls.

author: niklas
more style

author: niklas
isakmpd style

author: angelos
Hopefully better wording of variables.

author: angelos
Complete policy work; tested for the shared-key case. Documentation needed.

policy.h: Merge with EOM 1.2
policy.c: Merge with EOM 1.2

author: niklas
Remove $EOM$ from Eom repository version

author: niklas
New file, for keynote policy handling. By angelos@openbsd.org

Spacing, no object change.

space -> tab

No object change.

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

remove casts to time_t * which are not needed

remove excessive includes

enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP
ok mikeb@

Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0'
for chars.

Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC
(as AESGMAC) ciphers in the ISAKMP Phase 2 (aka Quick Mode).

Thoroughly tested by me and naddy. Works fine with Linux.

Requires updated pfkeyv2.h include file.

ok naddy

Allow key exchange with RSA signature authentication to work with
Cisco IOS and other initiators that only send their certs in response
to CERT_REQUEST.

With input and help from cloder@, Stuart Henderson, mpf@, and several
others who did lots of testing - thanks to all.

ok hshoexer@

There's no point in checking ptr for NULL before doing free(ptr)
since free(NULL) is just fine.

ok hshoexer@

keynote_cert_obtain should not leak in case of error. OK moritz@

Do not leak file descriptor in error path. From Andrey Matveev
<evol at online dot ptt dot ru>, thanks!

use snprintf; ok cloder. also looked at by a few other people