summaryrefslogtreecommitdiffstats
path: root/sbin/isakmpd/virtual.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* When system calls indicate an error they return -1, not some arbitraryderaadt2019-06-281-2/+2
| | | | | | value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
* <stdlib.h> is included, so do not need to cast result fromderaadt2015-08-201-3/+3
| | | | | malloc, calloc, realloc* ok krw millert
* When binding to addresses, ignore any IP address not in the currentphessler2011-02-031-2/+19
| | | | | | | | routing domain. While here, update comment on what the ioctl is used for (from sthen@). OK mikeb@, sthen@
* cleaning up my tree: trivial KNF and a comment fix.hshoexer2009-01-281-2/+2
|
* do not listen on tentative (during DAD), duplicated (after DAD) ormarkus2008-10-211-3/+32
| | | | detached addresses. bind(2) will not allow this. ok hshoexer, fries
* There's no point in checking ptr for NULL before doing free(ptr)moritz2007-04-161-3/+2
| | | | | | since free(NULL) is just fine. ok hshoexer@
* Fix interop-issue with vpn peers that start reyking on port 4500 whenhshoexer2007-04-151-3/+9
| | | | | | | | | NAT-T is used. Solves problems with cisco and openswan. Tested by todd@ (cisco interop), ok ho@ Original fix with Stefan Roth (stefan dot roth at siemens dot com), thanks!
* Big spelling cleanup, no binary change. From david@hshoexer2006-06-021-2/+2
|
* zap unused variable and silence gcc.hshoexer2005-11-131-2/+2
| | | | | From Mike Belopuhov <mkb at crypt dot org dot ru> Thanks!
* Do not touch LIST_* macro internals.hshoexer2005-10-271-5/+8
| | | | with otto@, ok ho@
* some small knf, ok ho@hshoexer2005-10-251-4/+4
|
* read the information from the INADDR_ANY socket and do not loop ifmarkus2005-08-251-15/+1
| | | | a new IP appears (cf udp.c, rev 1.74), ok ho@ hshoexer@ cloder@ deraadt@
* get rid of sysdep_sa_lenhshoexer2005-04-081-7/+6
| | | | ok cloder@
* USE_DEBUG is bye byederaadt2005-04-081-3/+1
|
* nat-traversal alwaysderaadt2005-04-081-11/+1
|
* Remove references to LINUX_IPSECcloder2005-04-081-7/+1
|
* remove unnecessary typecasts.hshoexer2005-04-071-3/+3
| | | | ok ho@
* knf, ok cloderderaadt2005-04-061-16/+14
|
* Add -T flag to isakmpd to disable NAT-T support from the command line.cloder2005-04-051-38/+45
| | | | | This lets binat setups work again without having to recompile isakmpd. OK ho, hshoexer.
* spacing; ok cloderderaadt2005-04-041-4/+1
|
* No need for err.h. hshoexer@ okho2005-03-051-2/+1
|
* cleanup binding and cloning functions, use text2port(), correctlyhshoexer2005-03-041-29/+34
| | | | | | | determin the encap port. This makes udpencap fully useable on ports other than the default 4500. ok ho cloder
* where possible, use bzero instead of memsethshoexer2005-02-271-2/+2
| | | | ok cloder henning
* Allow the Address, Network, or Netmask values of the <IPsec-ID> to bemcbride2004-12-141-2/+2
| | | | | | | | | | | | specified with an interface name (in which case the first address is used) or the keyword 'default' (in which case the address is selected based on the default route). eg: [roadwarrior-ip] ID-type= IPV4_ADDR Address= default ok ho@ hshoexer@
* compile cleanly with -Wsign-comparehshoexer2004-09-201-3/+3
| | | | ok ho
* spacingderaadt2004-08-101-3/+3
|
* spacingderaadt2004-08-081-7/+7
|
* Rewrite the transport reference count code to avoid leaks.ho2004-08-031-20/+27
| | | | hshoexer@ ok.
* free() and close() in error path.hshoexer2004-07-081-3/+12
| | | | ok ho@
* The NAT-T drafts suggest we should drop incoming messages arriving onho2004-06-221-1/+15
| | | | the old port (500) after we've switched to the new one.
* When switching from main to encap transport, copy dst port ifho2004-06-211-8/+13
| | | | translated (NAT).
* Port floating (500->4500) for p1 and p2 exchanges.ho2004-06-211-57/+38
|
* NAT-Traversal for isakmpd. Work in progress...ho2004-06-201-0/+706
hshoexer@ ok.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.