| #
befd40c8 |
| 01-Jul-2008 |
bluhm <bluhm@openbsd.org> |
Isakmpd acquire mode did not work with a config generated from
ipsec.conf. The config created by isakmpd dynamically was different
from the config that ipsecctl generated out of ipsec.conf.
Both co
Isakmpd acquire mode did not work with a config generated from
ipsec.conf. The config created by isakmpd dynamically was different
from the config that ipsecctl generated out of ipsec.conf.
Both config formats are changed so that they match. One needs a
passive ike line and a require flow line with the same parameters
in the ipsec.conf. Then the acquire message generated by the kernel
will trigger isakmpd to generate a config that matches the one that
ipsecctl generated from the ike line.
ok hshoexer, 'sounds good' todd
show more ...
|
| #
c9c27a6c |
| 30-Nov-2006 |
markus <markus@openbsd.org> |
sync: rmv to unregister ipsec connections
|
| #
22a96053 |
| 21-Nov-2006 |
markus <markus@openbsd.org> |
sync
|
| #
ae010495 |
| 01-Nov-2006 |
mcbride <mcbride@openbsd.org> |
Adjust existing ikedel tests for aggressive mode support (we now
delete both mainmode and aggressive mode phase 1 transforms)
|
| #
29f1eaaa |
| 15-Jun-2006 |
hshoexer <hshoexer@openbsd.org> |
Add a bunch of test for deletion of ike rules, add a test for "to
any" rules without a peer specified. These tests resulted in the
recent fix in ipsecctl/ike.c.
|