← Back to branch summary

~ubuntu-branches/ubuntu/hardy/openswan/hardy-updates

~ubuntu-branches/ubuntu/hardy/openswan/hardy-updates

« back to all changes in this revision

Viewing changes to programs/pluto/x509keys.c

Committer: Bazaar Package Importer
Author(s): Rene Mayrhofer
Date: 2005-01-27 16:10:11 UTC
mfrom: (1.1.1 upstream)
Revision ID: james.westby@ubuntu.com-20050127161011-idgybmyz3vwhpfiq

Tags: 2.3.0-2

http://bugs.debian.org/292458

http://bugs.debian.org/291143

Urgency HIGH due to security issue and problems with build-deps in sarge.
* Fix the security issue. Please see
  http://www.idefense.com/application/poi/display?id=190&
      type=vulnerabilities&flashstatus=false
  for more details. Thanks to Martin Schulze for informing me about
  this issue.
  Closes: #292458: Openswan XAUTH/PAM Buffer Overflow Vulnerability
* Added a Build-Dependency to lynx.
  Closes: #291143: openswan: FTBFS: Missing build dependency.

files added:
ROADMAP.txt

contrib/cisco

contrib/cisco/pcf2os.pl

contrib/cisco/sample.pcf

contrib/janus

contrib/janus/janus.pl

contrib/janus/janushelp.txt

contrib/pam.d/README

debian/po/ja.po

doc/ALG-TODO

doc/GOING-AWAY

doc/README.DPD

doc/doxygen.cfg

doc/draft-ietf-ipsec-udp-encaps-09.txt

doc/draft-myers-ipsec-ikev2-oscp-00.txt

doc/src/reference.IPSECKEY.xml

docs

docs/HACKING

docs/HACKING/CoreDump

docs/HACKING/Notifications

docs/HACKING/PlutoHelper

docs/HACKING/PlutoNotes

docs/HACKING/StateObjects

docs/HACKING/WikiHowto.txt

docs/RELEASE-NOTES.txt

docs/conf

docs/conf/sendcert-forced.txt

docs/utils

docs/utils/manxml2html

include

include/alg_info.h

include/constants.h

include/enum_names.h

include/ietf_constants.h

include/kernel_alg.h

include/oswalloc.h

include/oswlog.h

include/packet.h

include/pluto_constants.h

lib/libcrypto

lib/libcrypto/Makefile

lib/libcrypto/libaes

lib/libcrypto/libaes/Makefile

lib/libcrypto/libaes/test_main.c

lib/libcrypto/libaes/test_main_mac.c

lib/libcrypto/libdes

lib/libcrypto/libdes/Makefile

lib/libcrypto/libdes/asm

lib/libcrypto/libdes/asm/crypt586.pl

lib/libcrypto/libdes/asm/perlasm

lib/libcrypto/libdes/asm/perlasm/cbc.pl

lib/libcrypto/libdes/asm/perlasm/readme

lib/libcrypto/libdes/asm/perlasm/x86asm.pl

lib/libcrypto/libdes/asm/perlasm/x86ms.pl

lib/libcrypto/libdes/asm/perlasm/x86unix.pl

lib/libcrypto/libdes/des_crypt.man

lib/libcrypto/libdes/destest.c

lib/libcrypto/libdes/fcrypt.c

lib/libcrypto/libdes/fcrypt_b.c

lib/libcrypto/libdes/options.txt

lib/libcrypto/libdes/speed.c

lib/liblwres/include/lwres/version.h

lib/liblwres/print.c

lib/liblwres/print_p.h

lib/libopenswan/alg_info.c

lib/libopenswan/alloc.c

lib/libopenswan/anyaddr.3

lib/libopenswan/anyaddr.3.xml

lib/libopenswan/atoaddr.3

lib/libopenswan/atoaddr.3.xml

lib/libopenswan/atoaddr.c

lib/libopenswan/atoasr.3

lib/libopenswan/atoasr.3.xml

lib/libopenswan/atoasr.c

lib/libopenswan/atosubnet.c

lib/libopenswan/atoul.3

lib/libopenswan/atoul.3.xml

lib/libopenswan/atoul.c

lib/libopenswan/constants.c

lib/libopenswan/copyright.c

lib/libopenswan/diag.c

lib/libopenswan/goodmask.3

lib/libopenswan/goodmask.3.xml

lib/libopenswan/initaddr.3

lib/libopenswan/initaddr.3.xml

lib/libopenswan/initsaid.c

lib/libopenswan/initsubnet.3

lib/libopenswan/initsubnet.3.xml

lib/libopenswan/initsubnet.c

lib/libopenswan/internal.h

lib/libopenswan/kernel_alg.c

lib/libopenswan/keyblobtoid.3

lib/libopenswan/keyblobtoid.3.xml

lib/libopenswan/keyblobtoid.c

lib/libopenswan/optionsfrom.3

lib/libopenswan/optionsfrom.3.xml

lib/libopenswan/optionsfrom.c

lib/libopenswan/oswlog.c

lib/libopenswan/packet.c

lib/libopenswan/portof.3

lib/libopenswan/portof.3.xml

lib/libopenswan/portof.c

lib/libopenswan/prng.3

lib/libopenswan/prng.3.xml

lib/libopenswan/rangetosubnet.3

lib/libopenswan/rangetosubnet.3.xml

lib/libopenswan/rangetosubnet.c

lib/libopenswan/sameaddr.3

lib/libopenswan/sameaddr.3.xml

lib/libopenswan/sameaddr.c

lib/libopenswan/satoa.c

lib/libopenswan/subnetof.3

lib/libopenswan/subnetof.3.xml

lib/libopenswan/subnettot.c

lib/libopenswan/subnettypeof.c

lib/libopenswan/ttoaddr.3

lib/libopenswan/ttoaddr.3.xml

lib/libopenswan/ttoaddr.c

lib/libopenswan/ttodata.3

lib/libopenswan/ttodata.3.xml

lib/libopenswan/ttodata.c

lib/libopenswan/ttoprotoport.c

lib/libopenswan/ttosa.3

lib/libopenswan/ttosa.3.xml

lib/libopenswan/ttosa.c

lib/libopenswan/ttosubnet.c

lib/libopenswan/ttoul.3

lib/libopenswan/ttoul.3.xml

lib/libopenswan/ttoul.c

lib/libopenswan/version.3

lib/libopenswan/version.3.xml

lib/libopenswan/version.in.c

linux/crypto/ciphers/aes

linux/crypto/ciphers/aes/test_main.c

linux/crypto/ciphers/aes/test_main_mac.c

linux/include/crypto/aes.h

linux/include/crypto/aes_cbc.h

linux/include/crypto/aes_xcbc_mac.h

linux/include/crypto/cbc_generic.h

linux/include/des

linux/include/des/des_locl.h

linux/include/des/des_ver.h

linux/include/des/podd.h

linux/include/des/sk.h

linux/include/des/spr.h

linux/include/openswan

linux/include/openswan/ipcomp.h

linux/include/openswan/ipsec_ah.h

linux/include/openswan/ipsec_alg.h

linux/include/openswan/ipsec_auth.h

linux/include/openswan/ipsec_encap.h

linux/include/openswan/ipsec_eroute.h

linux/include/openswan/ipsec_errs.h

linux/include/openswan/ipsec_esp.h

linux/include/openswan/ipsec_ipcomp.h

linux/include/openswan/ipsec_ipe4.h

linux/include/openswan/ipsec_ipip.h

linux/include/openswan/ipsec_kern24.h

linux/include/openswan/ipsec_kversion.h

linux/include/openswan/ipsec_life.h

linux/include/openswan/ipsec_md5h.h

linux/include/openswan/ipsec_param.h

linux/include/openswan/ipsec_policy.h

linux/include/openswan/ipsec_proto.h

linux/include/openswan/ipsec_radij.h

linux/include/openswan/ipsec_rcv.h

linux/include/openswan/ipsec_sa.h

linux/include/openswan/ipsec_sha1.h

linux/include/openswan/ipsec_stats.h

linux/include/openswan/ipsec_tunnel.h

linux/include/openswan/ipsec_xform.h

linux/include/openswan/ipsec_xmit.h

linux/include/openswan/passert.h

linux/include/openswan/pfkey_debug.h

linux/include/openswan/radij.h

linux/include/zlib/zconf.h

linux/net/Kconfig.fs2_6.patch

linux/net/Makefile.fs2_6.patch

linux/net/ipsec/Kconfig

linux/net/ipsec/Makefile.fs2_2

linux/net/ipsec/Makefile.fs2_4

linux/net/ipsec/Makefile.fs2_6

linux/net/ipsec/README-zlib

linux/net/ipsec/README-zlib.freeswan

linux/net/ipsec/addrtoa.c

linux/net/ipsec/addrtot.c

linux/net/ipsec/addrtypeof.c

linux/net/ipsec/adler32.c

linux/net/ipsec/aes

linux/net/ipsec/aes/Makefile.fs2_6

linux/net/ipsec/aes/aes-i586.S

linux/net/ipsec/aes/aes.c

linux/net/ipsec/aes/aes_cbc.c

linux/net/ipsec/aes/aes_xcbc_mac.c

linux/net/ipsec/aes/ipsec_alg_aes.c

linux/net/ipsec/alg

linux/net/ipsec/alg/Config.alg_aes.in

linux/net/ipsec/alg/Config.alg_cryptoapi.in

linux/net/ipsec/alg/Config.in

linux/net/ipsec/alg/Makefile

linux/net/ipsec/alg/Makefile.alg_aes

linux/net/ipsec/alg/Makefile.alg_cryptoapi

linux/net/ipsec/alg/ipsec_alg_aes.c

linux/net/ipsec/alg/ipsec_alg_cryptoapi.c

linux/net/ipsec/alg/scripts

linux/net/ipsec/alg/scripts/mk-static_init.c.sh

linux/net/ipsec/anyaddr.c

linux/net/ipsec/datatot.c

linux/net/ipsec/deflate.c

linux/net/ipsec/deflate.h

linux/net/ipsec/des

linux/net/ipsec/des/COPYRIGHT

linux/net/ipsec/des/INSTALL

linux/net/ipsec/des/Makefile.fs2_6

linux/net/ipsec/des/README

linux/net/ipsec/des/README.freeswan

linux/net/ipsec/des/VERSION

linux/net/ipsec/des/asm

linux/net/ipsec/des/asm/des-586.pl

linux/net/ipsec/des/asm/des686.pl

linux/net/ipsec/des/asm/desboth.pl

linux/net/ipsec/des/asm/readme

linux/net/ipsec/des/cbc_enc.c

linux/net/ipsec/des/des.doc

linux/net/ipsec/des/des_enc.c

linux/net/ipsec/des/des_opts.c

linux/net/ipsec/des/dx86unix.S

linux/net/ipsec/des/ecb_enc.c

linux/net/ipsec/des/set_key.c

linux/net/ipsec/goodmask.c

linux/net/ipsec/infblock.c

linux/net/ipsec/infblock.h

linux/net/ipsec/infcodes.c

linux/net/ipsec/infcodes.h

linux/net/ipsec/inffast.c

linux/net/ipsec/inffast.h

linux/net/ipsec/inffixed.h

linux/net/ipsec/inflate.c

linux/net/ipsec/inftrees.c

linux/net/ipsec/inftrees.h

linux/net/ipsec/infutil.c

linux/net/ipsec/infutil.h

linux/net/ipsec/initaddr.c

linux/net/ipsec/ipsec_alg.c

linux/net/ipsec/ipsec_alg_cryptoapi.c

linux/net/ipsec/match586.S

linux/net/ipsec/match686.S

linux/net/ipsec/pfkey_v2_build.c

linux/net/ipsec/pfkey_v2_debug.c

linux/net/ipsec/pfkey_v2_ext_bits.c

linux/net/ipsec/pfkey_v2_parse.c

linux/net/ipsec/prng.c

linux/net/ipsec/rangetoa.c

linux/net/ipsec/satot.c

linux/net/ipsec/subnetof.c

linux/net/ipsec/subnettoa.c

linux/net/ipsec/trees.c

linux/net/ipsec/trees.h

linux/net/ipsec/ultoa.c

linux/net/ipsec/ultot.c

linux/net/ipsec/version.in.c

linux/net/ipsec/zutil.c

linux/net/ipv4/af_inet.c.fs2_6.patch

packaging/ipkg/control-openswan-module.dist

packaging/ipkg/control-openswan.dist

packaging/linus/config-all.hmodules

packaging/makefiles/module.defs

packaging/makefiles/module26.make

packaging/makefiles/module26.sh

packaging/redhat/openswan.spec

packaging/suse

packaging/suse/openswan.26spec

programs/_confread/_confread.8.xml

programs/_confread/ipsec.conf.5.xml

programs/_copyright/_copyright.8.xml

programs/_include/_include.8.xml

programs/_keycensor/_keycensor.8.xml

programs/_plutoload/_plutoload.8.xml

programs/_plutorun/_plutorun.8.xml

programs/_realsetup/_realsetup.8.xml

programs/_secretcensor/_secretcensor.8.xml

programs/_startklips/_startklips.8.xml

programs/_updown/_updown.8.xml

programs/_updown_x509/_updown_x509.8.xml

programs/algoinfo

programs/algoinfo/Makefile

programs/algoinfo/algoinfo.c

programs/auto/auto.8.xml

programs/barf/barf.8.xml

programs/calcgoo/calcgoo.8.xml

programs/eroute/eroute.5.xml

programs/eroute/eroute.8.xml

programs/fswcert

programs/fswcert/CHANGES

programs/fswcert/Makefile

programs/fswcert/README

programs/fswcert/fswcert.c

programs/fswcert/fswcert.pod

programs/ikeping/ikeping.8.xml

programs/ipsec/ipsec.8.xml

programs/klipsdebug/klipsdebug.5.xml

programs/klipsdebug/klipsdebug.8.xml

programs/livetest

programs/livetest/Makefile

programs/livetest/livetest.8

programs/livetest/livetest.8.xml

programs/livetest/livetest.in

programs/look/look.8.xml

programs/lwdnsq/lwdnsq.8.xml

programs/mailkey/mailkey.8.xml

programs/manual/manual.8.xml

programs/newhostkey/newhostkey.8.xml

programs/pf_key/pf_key.5.xml

programs/pf_key/pf_key.8.xml

programs/pluto/HACKERSGUIDE

programs/pluto/Makefile.depend

programs/pluto/alg

programs/pluto/alg/Config.ike_alg

programs/pluto/alg/Makefile

programs/pluto/alg/Makefile.ike_alg_aes

programs/pluto/alg/ike_alg_aes.c

programs/pluto/crypt_ke.c

programs/pluto/db_ops.c

programs/pluto/db_ops.h

programs/pluto/dpd.c

programs/pluto/dpd.h

programs/pluto/ike_alg.c

programs/pluto/ike_alg.h

programs/pluto/ike_alg_aes.c

programs/pluto/ike_alginit.c

programs/pluto/ipsec.secrets.5.xml

programs/pluto/ocsp.c

programs/pluto/ocsp.h

programs/pluto/pluto.8.xml

programs/pluto/pluto_constants.c

programs/pluto/pluto_crypt.c

programs/pluto/pluto_crypt.h

programs/pluto/pluto_endian.h

programs/pluto/plutoalg.c

programs/pluto/plutoalg.h

programs/pluto/spdb_struct.c

programs/pluto/whackinit.c

programs/pluto/whacklib.c

programs/pluto/x509keys.c

programs/proc/trap_count.5.xml

programs/proc/trap_sendcount.5.xml

programs/proc/version.5.xml

programs/ranbits/ranbits.8.xml

programs/rsasigkey/rsasigkey.8.xml

programs/secrets/secrets.8.xml

programs/send-pr/send-pr.8.xml

programs/setup/setup.8.xml

programs/showdefaults/showdefaults.8.xml

programs/showhostkey/showhostkey.8.xml

programs/showpolicy/showpolicy.8.xml

programs/simpleca

programs/simpleca/Makefile

programs/spi/spi.5.xml

programs/spi/spi.8.xml

programs/spigrp/spigrp.5.xml

programs/spigrp/spigrp.8.xml

programs/starter

programs/starter/Makefile

programs/starter/README

programs/starter/STATUS

programs/starter/alloc.c

programs/starter/cmp.c

programs/starter/cmp.h

programs/starter/confread.c

programs/starter/confread.h

programs/starter/confwrite.c

programs/starter/confwrite.h

programs/starter/exec.c

programs/starter/exec.h

programs/starter/files.h

programs/starter/interfaces.c

programs/starter/interfaces.h

programs/starter/invokepluto.c

programs/starter/keywords.c

programs/starter/keywords.h

programs/starter/klips.c

programs/starter/klips.h

programs/starter/netkey.c

programs/starter/netkey.h

programs/starter/parser.h

programs/starter/parser.l

programs/starter/parser.y

programs/starter/parserlast.h

programs/starter/pluto.h

programs/starter/starter.8

programs/starter/starter.8.xml

programs/starter/starter.c

programs/starter/starterlog.c

programs/starter/starterlog.h

programs/starter/starterwhack.c

programs/starter/starterwhack.h

programs/tncfg/tncfg.5.xml

programs/tncfg/tncfg.8.xml

programs/verify/verify.8.xml

snapshotsigs.pgp

testing/CA/cacert-expired.pem

testing/CA/cacert-old.pem

testing/CA/crls

testing/CA/crls/nic-crl-expired-ca.crl

testing/CA/crls/nic-expired.crl

testing/CA/crls/nic.crl

testing/CA/dist_certs

testing/CA/east.uml.freeswan.org/east.uml.freeswan.org.req

testing/CA/issue_crl

testing/CA/newcerts/04.pem

testing/CA/newcerts/05.pem

testing/CA/newcerts/06.pem

testing/CA/newcerts/07.pem

testing/CA/newcerts/08.pem

testing/CA/north.uml.freeswan.org/north.uml.freeswan.org.req

testing/CA/resign_ca

testing/CA/resign_cert

testing/CA/west.uml.freeswan.org/west.uml.freeswan.org.req

testing/baseconfigs/all/etc/ipsec.d/cacerts

testing/baseconfigs/all/etc/ipsec.d/cacerts/caCert.pem

testing/baseconfigs/all/etc/ipsec.d/crls

testing/baseconfigs/all/etc/ipsec.d/crls/nic.crl

testing/baseconfigs/east/etc/ipsec.d/crls

testing/baseconfigs/east/etc/ipsec.d/crls/crashcrl-1.pem

testing/baseconfigs/east/etc/ipsec.d/crls/crashcrl-2.pem

testing/baseconfigs/east/etc/ipsec.d/crls/crashcrl-3.pem

testing/baseconfigs/nic/etc/CA/index.txt

testing/baseconfigs/nic/etc/CA/newcerts

testing/baseconfigs/nic/etc/CA/newcerts/05.pem

testing/baseconfigs/nic/etc/CA/newcerts/06.pem

testing/baseconfigs/nic/etc/CA/newcerts/07.pem

testing/baseconfigs/nic/etc/CA/newcerts/08.pem

testing/baseconfigs/nic/etc/CA/private

testing/baseconfigs/nic/etc/CA/private/cakey.pem

testing/baseconfigs/nic/etc/CA/serial

testing/baseconfigs/nic/etc/openssl

testing/baseconfigs/nic/etc/openssl/openssl.cnf.in

testing/baseconfigs/north/etc/ipsec.d/certs

testing/baseconfigs/north/etc/ipsec.d/certs/north.uml.freeswan.org.cert

testing/baseconfigs/north/etc/ipsec.d/certs/northbad.uml.freeswan.org.cert

testing/baseconfigs/north/etc/ipsec.d/private

testing/baseconfigs/north/etc/ipsec.d/private/north.pem

testing/baseconfigs/north/etc/ipsec.d/private/north.req

testing/baseconfigs/north/etc/ipsec.d/private/northbad.req

testing/baseconfigs/west/etc/ipsec.d/crls

testing/baseconfigs/west/etc/ipsec.d/crls/crashcrl-1.pem

testing/baseconfigs/west/etc/ipsec.d/crls/crashcrl-2.pem

testing/baseconfigs/west/etc/ipsec.d/crls/crashcrl-3.pem

testing/kernelconfigs/extras.2.6.6-1.patch

testing/kernelconfigs/extras.2.6.7-1.patch

testing/kernelconfigs/extras.2.6.7-2.patch

testing/kernelconfigs/extras.2.6.8.1-1.patch

testing/kernelconfigs/umlplain26.config

testing/kernelconfigs/umlswan26.config

testing/klips/east-espiv-01/description.txt

testing/klips/east-espiv-02

testing/klips/east-espiv-02/description.txt

testing/klips/east-espiv-02/examineIV.pl

testing/klips/east-espiv-02/spi1-console.txt

testing/klips/east-espiv-02/spi1-output.txt

testing/klips/east-espiv-02/spi1.sh

testing/klips/east-espiv-02/testparams.sh

testing/klips/east-icmp-01/spi1-console26.txt

testing/klips/east-icmp-05

testing/klips/east-icmp-05/description.txt

testing/klips/east-icmp-05/spi1-console.txt

testing/klips/east-icmp-05/spi1-output.txt

testing/klips/east-icmp-05/spi1.sh

testing/klips/east-icmp-05/testparams.sh

testing/klips/east-spi-01

testing/klips/east-spi-01/description.txt

testing/klips/east-spi-01/spi1-console.txt

testing/klips/east-spi-01/spi1-output.txt

testing/klips/east-spi-01/spi1.sh

testing/klips/east-spi-01/testparams.sh

testing/klips/fixups/ipsec-ver-remove.sed

testing/klips/fixups/ipsec-ver-sanitize.sed

testing/klips/fixups/no-arp-pcap2.pl

testing/klips/inputs/08-sunrise-sunset-aes.pcap

testing/klips/inputs/08-sunrise-sunset-esp-noauth.pcap

testing/klips/west-icmp-01/spi1-console26.txt

testing/klips/west-icmp-05

testing/klips/west-icmp-05/description.txt

testing/klips/west-icmp-05/spi1-cleartext.txt

testing/klips/west-icmp-05/spi1-console.txt

testing/klips/west-icmp-05/spi1-in.sh

testing/klips/west-icmp-05/testparams.sh

testing/klips/west-spi-01

testing/klips/west-spi-01/description.txt

testing/klips/west-spi-01/spi1-console.txt

testing/klips/west-spi-01/spi1-output.txt

testing/klips/west-spi-01/spi1.sh

testing/klips/west-spi-01/testparams.sh

testing/lib/libopenswan

testing/lib/libopenswan/Makefile

testing/lib/libopenswan/TESTLIST

testing/lib/libpluto

testing/lib/libpluto/FLAGS.spdbfirst

testing/lib/libpluto/FLAGS.spdbmerge

testing/lib/libpluto/FLAGS.spdbtest

testing/lib/libpluto/Makefile

testing/lib/libpluto/OUTPUT.spdbfirst.txt

testing/lib/libpluto/OUTPUT.spdbmerge.txt

testing/lib/libpluto/OUTPUT.spdbtest.txt

testing/lib/libpluto/TESTLIST

testing/lib/libpluto/spdbfirst.c

testing/lib/libpluto/spdbmerge.c

testing/lib/libpluto/spdbtest.c

testing/packaging/ipkg-install-01

testing/packaging/ipkg-install-01/ipkg-content-list.txt

testing/packaging/ipkg-install-01/openswan-module.txt

testing/packaging/ipkg-install-01/openswan-utils.txt

testing/packaging/ipkg-install-01/testparams.sh

testing/packaging/modtest-link-01

testing/packaging/modtest-link-01/defconfig

testing/packaging/modtest-link-01/description.txt

testing/packaging/modtest-link-01/examineunknowns.sh

testing/packaging/modtest-link-01/testparams.sh

testing/packaging/modtest-link-01/unknowns.txt

testing/pluto/aggr-pluto-01

testing/pluto/aggr-pluto-01/debugpublic.txt

testing/pluto/aggr-pluto-01/description.txt

testing/pluto/aggr-pluto-01/east-console.txt

testing/pluto/aggr-pluto-01/east-console26.txt

testing/pluto/aggr-pluto-01/east.conf

testing/pluto/aggr-pluto-01/eastinit.sh

testing/pluto/aggr-pluto-01/eroutewait.sh

testing/pluto/aggr-pluto-01/final.sh

testing/pluto/aggr-pluto-01/spi1-cleartext.txt

testing/pluto/aggr-pluto-01/testparams.sh

testing/pluto/aggr-pluto-01/west-console.txt

testing/pluto/aggr-pluto-01/west-console26.txt

testing/pluto/aggr-pluto-01/west.conf

testing/pluto/aggr-pluto-01/westinit.sh

testing/pluto/aggr-pluto-01/westrun.sh

testing/pluto/aggr-pluto-02

testing/pluto/aggr-pluto-02/debugpublic.txt

testing/pluto/aggr-pluto-02/description.txt

testing/pluto/aggr-pluto-02/east-console.txt

testing/pluto/aggr-pluto-02/east-console26.txt

testing/pluto/aggr-pluto-02/east.conf

testing/pluto/aggr-pluto-02/east.secrets

testing/pluto/aggr-pluto-02/eastinit.sh

testing/pluto/aggr-pluto-02/final.sh

testing/pluto/aggr-pluto-02/testparams.sh

testing/pluto/aggr-pluto-02/west-console.txt

testing/pluto/aggr-pluto-02/west-console26.txt

testing/pluto/aggr-pluto-02/west.conf

testing/pluto/aggr-pluto-02/west.secrets

testing/pluto/aggr-pluto-02/westinit.sh

testing/pluto/aggr-pluto-02/westrun.sh

testing/pluto/aggr-unit-01

testing/pluto/aggr-unit-01/description.txt

testing/pluto/aggr-unit-01/dowhack.sh

testing/pluto/aggr-unit-01/east-console.txt

testing/pluto/aggr-unit-01/pluto_unit_tests.sh

testing/pluto/aggr-unit-01/testparams.sh

testing/pluto/aggr-unit-02

testing/pluto/aggr-unit-02/description.txt

testing/pluto/aggr-unit-02/dowhack.sh

testing/pluto/aggr-unit-02/east-console.txt

testing/pluto/aggr-unit-02/pluto_unit_tests.sh

testing/pluto/aggr-unit-02/testparams.sh

testing/pluto/basic-pluto-01/east-console26.txt

testing/pluto/basic-pluto-01/west-console26.txt

testing/pluto/basic-pluto-03/east-cleartext.txt

testing/pluto/basic-pluto-03/east-console.txt

testing/pluto/basic-pluto-03/east.conf

testing/pluto/basic-pluto-03/eastinit.sh

testing/pluto/basic-pluto-03/final.sh

testing/pluto/basic-pluto-03/nicinit.sh

testing/pluto/basic-pluto-03/north-console.txt

testing/pluto/basic-pluto-03/north.conf

testing/pluto/basic-pluto-03/northinit.sh

testing/pluto/basic-pluto-03/northrun.sh

testing/pluto/basic-pluto-03/testparams.sh

testing/pluto/basic-pluto-04

testing/pluto/basic-pluto-04/description.txt

testing/pluto/basic-pluto-04/east-console.txt

testing/pluto/basic-pluto-04/east.conf

testing/pluto/basic-pluto-04/eastinit.sh

testing/pluto/basic-pluto-04/eroutewait.sh

testing/pluto/basic-pluto-04/final.sh

testing/pluto/basic-pluto-04/spi1-cleartext.txt

testing/pluto/basic-pluto-04/testparams.sh

testing/pluto/basic-pluto-04/west-console.txt

testing/pluto/basic-pluto-04/west.conf

testing/pluto/basic-pluto-04/westinit.sh

testing/pluto/basic-pluto-04/westrun.sh

testing/pluto/basic-pluto-05

testing/pluto/basic-pluto-05/description.txt

testing/pluto/basic-pluto-05/east-cleartext.txt

testing/pluto/basic-pluto-05/east-console.txt

testing/pluto/basic-pluto-05/east.conf

testing/pluto/basic-pluto-05/eastinit.sh

testing/pluto/basic-pluto-05/final.sh

testing/pluto/basic-pluto-05/nicinit.sh

testing/pluto/basic-pluto-05/north-console.txt

testing/pluto/basic-pluto-05/north.conf

testing/pluto/basic-pluto-05/northinit.sh

testing/pluto/basic-pluto-05/northrun.sh

testing/pluto/basic-pluto-05/testparams.sh

testing/pluto/bin/westlocal.sh

testing/pluto/dh1-pluto-01

testing/pluto/dh1-pluto-01/description.txt

testing/pluto/dh1-pluto-01/east-console.txt

testing/pluto/dh1-pluto-01/east.conf

testing/pluto/dh1-pluto-01/eastinit.sh

testing/pluto/dh1-pluto-01/final.sh

testing/pluto/dh1-pluto-01/spi1-cleartext.txt

testing/pluto/dh1-pluto-01/testparams.sh

testing/pluto/dh1-pluto-01/west-console.txt

testing/pluto/dh1-pluto-01/west.conf

testing/pluto/dh1-pluto-01/westinit.sh

testing/pluto/dh1-pluto-01/westrun.sh

testing/pluto/dpd-01

testing/pluto/dpd-01/debugpublic.txt

testing/pluto/dpd-01/description.txt

testing/pluto/dpd-01/east-console.txt

testing/pluto/dpd-01/east.conf

testing/pluto/dpd-01/eastinit.sh

testing/pluto/dpd-01/final.sh

testing/pluto/dpd-01/testparams.sh

testing/pluto/dpd-01/west-console.txt

testing/pluto/dpd-01/west.conf

testing/pluto/dpd-01/westinit.sh

testing/pluto/dpd-01/westrun.sh

testing/pluto/dpd-02

testing/pluto/dpd-02/debugpublic.txt

testing/pluto/dpd-02/description.txt

testing/pluto/dpd-02/east-console.txt

testing/pluto/dpd-02/east.conf

testing/pluto/dpd-02/eastinit.sh

testing/pluto/dpd-02/final.sh

testing/pluto/dpd-02/testparams.sh

testing/pluto/dpd-02/west-console.txt

testing/pluto/dpd-02/west.conf

testing/pluto/dpd-02/westinit.sh

testing/pluto/dpd-02/westrun.sh

testing/pluto/dpd-03

testing/pluto/dpd-03/debugpublic.txt

testing/pluto/dpd-03/description.txt

testing/pluto/dpd-03/east-console.txt

testing/pluto/dpd-03/east.conf

testing/pluto/dpd-03/eastinit.sh

testing/pluto/dpd-03/eastrun2.sh

testing/pluto/dpd-03/final.sh

testing/pluto/dpd-03/testparams.sh

testing/pluto/dpd-03/west-console.txt

testing/pluto/dpd-03/west.conf

testing/pluto/dpd-03/westinit.sh

testing/pluto/dpd-03/westrun.sh

testing/pluto/dpd-03/westrun2.sh

testing/pluto/dpd-04

testing/pluto/dpd-04/debugpublic.txt

testing/pluto/dpd-04/description.txt

testing/pluto/dpd-04/east-console.txt

testing/pluto/dpd-04/east.conf

testing/pluto/dpd-04/eastinit.sh

testing/pluto/dpd-04/eastrun2.sh

testing/pluto/dpd-04/final.sh

testing/pluto/dpd-04/testparams.sh

testing/pluto/dpd-04/west-console.txt

testing/pluto/dpd-04/west.conf

testing/pluto/dpd-04/westinit.sh

testing/pluto/dpd-04/westrun.sh

testing/pluto/dpd-04/westrun2.sh

testing/pluto/dpd-05

testing/pluto/dpd-05/debugpublic.txt

testing/pluto/dpd-05/description.txt

testing/pluto/dpd-05/east-console.txt

testing/pluto/dpd-05/east.conf

testing/pluto/dpd-05/eastinit.sh

testing/pluto/dpd-05/final.sh

testing/pluto/dpd-05/testparams.sh

testing/pluto/dpd-05/west-console.txt

testing/pluto/dpd-05/west.conf

testing/pluto/dpd-05/westinit.sh

testing/pluto/dpd-05/westrun.sh

testing/pluto/fail-x509-01

testing/pluto/fail-x509-01/description.txt

testing/pluto/fail-x509-02

testing/pluto/fail-x509-02/description.txt

testing/pluto/fail-x509-03

testing/pluto/fail-x509-03/description.txt

testing/pluto/fail-x509-04

testing/pluto/fail-x509-04/description.txt

testing/pluto/fail-x509-05

testing/pluto/fail-x509-05/description.txt

testing/pluto/fail-x509-06

testing/pluto/fail-x509-06/description.txt

testing/pluto/fail-x509-07

testing/pluto/fail-x509-07/description.txt

testing/pluto/fail-x509-07/east-console.txt

testing/pluto/fail-x509-07/east.conf

testing/pluto/fail-x509-07/eastinit.sh

testing/pluto/fail-x509-07/testparams.sh

testing/pluto/fail-x509-07/west-console.txt

testing/pluto/fail-x509-07/west.conf

testing/pluto/fail-x509-07/westinit.sh

testing/pluto/fail-x509-08

testing/pluto/fail-x509-08/description.txt

testing/pluto/fail-x509-08/east-console.txt

testing/pluto/fail-x509-08/east.conf

testing/pluto/fail-x509-08/eastinit.sh

testing/pluto/fail-x509-08/testparams.sh

testing/pluto/fail-x509-08/west-console.txt

testing/pluto/fail-x509-08/west.conf

testing/pluto/fail-x509-08/westinit.sh

testing/pluto/fail-x509-09

testing/pluto/fail-x509-09/debugpublic.txt

testing/pluto/fail-x509-09/description.txt

testing/pluto/fail-x509-09/east-cleartext.txt

testing/pluto/fail-x509-09/east-console.txt

testing/pluto/fail-x509-09/east.conf

testing/pluto/fail-x509-09/eastinit.sh

testing/pluto/fail-x509-09/eroutewait.sh

testing/pluto/fail-x509-09/faked.crt

testing/pluto/fail-x509-09/faked2.crt

testing/pluto/fail-x509-09/fakeindex.txt

testing/pluto/fail-x509-09/final.sh

testing/pluto/fail-x509-09/genkeys.sh

testing/pluto/fail-x509-09/keyA-priv.pem

testing/pluto/fail-x509-09/keyA.crt

testing/pluto/fail-x509-09/keyA.req

testing/pluto/fail-x509-09/keyAB.crt

testing/pluto/fail-x509-09/keyAB.der

testing/pluto/fail-x509-09/keyB-priv.pem

testing/pluto/fail-x509-09/keyB.crt

testing/pluto/fail-x509-09/keyB.der

testing/pluto/fail-x509-09/keyB.req

testing/pluto/fail-x509-09/keyChain.der

testing/pluto/fail-x509-09/keyChain.duu

testing/pluto/fail-x509-09/openssl.cnf

testing/pluto/fail-x509-09/testparams.sh

testing/pluto/fail-x509-09/west-console.txt

testing/pluto/fail-x509-09/west.conf

testing/pluto/fail-x509-09/westinit.sh

testing/pluto/fail-x509-09/westrun.sh

testing/pluto/helper-queue-01

testing/pluto/helper-queue-01/description.txt

testing/pluto/helper-queue-01/east-console.txt

testing/pluto/helper-queue-01/east-console26.txt

testing/pluto/helper-queue-01/east.conf

testing/pluto/helper-queue-01/eastinit.sh

testing/pluto/helper-queue-01/final.sh

testing/pluto/helper-queue-01/testparams.sh

testing/pluto/helper-queue-01/west-console.txt

testing/pluto/helper-queue-01/west-console26.txt

testing/pluto/helper-queue-01/west.conf

testing/pluto/helper-queue-01/westinit.sh

testing/pluto/ike-algo-01

testing/pluto/ike-algo-01/description.txt

testing/pluto/ike-algo-01/east-console.txt

testing/pluto/ike-algo-01/pluto_unit_tests.sh

testing/pluto/ike-algo-01/testparams.sh

testing/pluto/ipsec.d

testing/pluto/ipsec.d/east

testing/pluto/ipsec.d/east/aacerts

testing/pluto/ipsec.d/east/aacerts/.KEEP_ME

testing/pluto/ipsec.d/east/cacerts

testing/pluto/ipsec.d/east/cacerts/.KEEP_ME

testing/pluto/ipsec.d/east/crls

testing/pluto/ipsec.d/east/crls/.KEEP_ME

testing/pluto/ipsec.d/east/ocspcerts

testing/pluto/ipsec.d/east/ocspcerts/.KEEP_ME

testing/pluto/ipsec.d/east/policies

testing/pluto/ipsec.d/east/policies/clear

testing/pluto/ipsec.d/east/policies/clear-west

testing/pluto/ipsec.d/east/policies/opportunity

testing/pluto/ipsec.d/east/policies/opportunity-mine

testing/pluto/ipsec.d/east/policies/reject

testing/pluto/ipsec.d/west

testing/pluto/ipsec.d/west/aacerts

testing/pluto/ipsec.d/west/aacerts/.KEEP_ME

testing/pluto/ipsec.d/west/cacerts

testing/pluto/ipsec.d/west/cacerts/.KEEP_ME

testing/pluto/ipsec.d/west/crls

testing/pluto/ipsec.d/west/crls/.KEEP_ME

testing/pluto/ipsec.d/west/ocspcerts

testing/pluto/ipsec.d/west/ocspcerts/.KEEP_ME

testing/pluto/ipsec.d/west/policies

testing/pluto/ipsec.d/west/policies/block

testing/pluto/ipsec.d/west/policies/clear

testing/pluto/ipsec.d/west/policies/oe

testing/pluto/ipsec.d/west/policies/opportunity

testing/pluto/ipsec.d/west/policies/opportunity-mine

testing/pluto/ipsec.d/west/policies/reject

testing/pluto/kingnet-isp-01

testing/pluto/kingnet-isp-01/description.txt

testing/pluto/kingnet-isp-01/eastinit.sh

testing/pluto/kingnet-isp-01/final.sh

testing/pluto/kingnet-isp-01/nicinit.sh

testing/pluto/kingnet-isp-01/north.conf

testing/pluto/kingnet-isp-01/northinit.sh

testing/pluto/kingnet-isp-01/testparams.sh

testing/pluto/nat-dpd-pluto-01

testing/pluto/nat-dpd-pluto-01/debugpublic.txt

testing/pluto/nat-dpd-pluto-01/description.txt

testing/pluto/nat-dpd-pluto-01/east-cleartext.txt

testing/pluto/nat-dpd-pluto-01/east-console.txt

testing/pluto/nat-dpd-pluto-01/east.conf

testing/pluto/nat-dpd-pluto-01/eastinit.sh

testing/pluto/nat-dpd-pluto-01/final.sh

testing/pluto/nat-dpd-pluto-01/nicinit.sh

testing/pluto/nat-dpd-pluto-01/north-console.txt

testing/pluto/nat-dpd-pluto-01/north.conf

testing/pluto/nat-dpd-pluto-01/northinit.sh

testing/pluto/nat-dpd-pluto-01/northrun.sh

testing/pluto/nat-dpd-pluto-01/testparams.sh

testing/pluto/nat-pluto-03

testing/pluto/nat-pluto-03/debugpublic.txt

testing/pluto/nat-pluto-03/description.txt

testing/pluto/nat-pluto-03/east-console.txt

testing/pluto/nat-pluto-03/east.conf

testing/pluto/nat-pluto-03/eastinit.sh

testing/pluto/nat-pluto-03/eroutewait.sh

testing/pluto/nat-pluto-03/final.sh

testing/pluto/nat-pluto-03/road-console.txt

testing/pluto/nat-pluto-03/road.conf

testing/pluto/nat-pluto-03/roadinit.sh

testing/pluto/nat-pluto-03/roadrun.sh

testing/pluto/nat-pluto-03/testparams.sh

testing/pluto/nat-pluto-04

testing/pluto/nat-pluto-04/debugpublic.txt

testing/pluto/nat-pluto-04/description.txt

testing/pluto/nat-pluto-04/east-cleartext.txt

testing/pluto/nat-pluto-04/east-console.txt

testing/pluto/nat-pluto-04/eastinit.sh

testing/pluto/nat-pluto-04/final.sh

testing/pluto/nat-pluto-04/nicinit.sh

testing/pluto/nat-pluto-04/road-console.txt

testing/pluto/nat-pluto-04/roadinit.sh

testing/pluto/nat-pluto-04/roadrun.sh

testing/pluto/nat-pluto-04/testparams.sh

testing/pluto/oe-road-01/road.conf

testing/pluto/psk-pluto-01

testing/pluto/psk-pluto-01/debugpublic.txt

testing/pluto/psk-pluto-01/description.txt

testing/pluto/psk-pluto-01/east-console.txt

testing/pluto/psk-pluto-01/east-console26.txt

testing/pluto/psk-pluto-01/east.conf

testing/pluto/psk-pluto-01/east.secrets

testing/pluto/psk-pluto-01/eastinit.sh

testing/pluto/psk-pluto-01/final.sh

testing/pluto/psk-pluto-01/road-console.txt

testing/pluto/psk-pluto-01/road.conf

testing/pluto/psk-pluto-01/road.secrets

testing/pluto/psk-pluto-01/roadinit.sh

testing/pluto/psk-pluto-01/roadrun.sh

testing/pluto/psk-pluto-01/testparams.sh

testing/pluto/psk-pluto-02

testing/pluto/psk-pluto-02/debugpublic.txt

testing/pluto/psk-pluto-02/description.txt

testing/pluto/psk-pluto-02/east-console.txt

testing/pluto/psk-pluto-02/east-console26.txt

testing/pluto/psk-pluto-02/east.conf

testing/pluto/psk-pluto-02/east.secrets

testing/pluto/psk-pluto-02/eastinit.sh

testing/pluto/psk-pluto-02/final.sh

testing/pluto/psk-pluto-02/road-console.txt

testing/pluto/psk-pluto-02/road.conf

testing/pluto/psk-pluto-02/road.secrets

testing/pluto/psk-pluto-02/roadinit.sh

testing/pluto/psk-pluto-02/roadrun.sh

testing/pluto/psk-pluto-02/testparams.sh

testing/pluto/vpn-yes-oe-no-01

testing/pluto/vpn-yes-oe-no-01/description.txt

testing/pluto/x509-pluto-02

testing/pluto/x509-pluto-02/debugpublic.txt

testing/pluto/x509-pluto-02/description.txt

testing/pluto/x509-pluto-02/east-cleartext.txt

testing/pluto/x509-pluto-02/east-console.txt

testing/pluto/x509-pluto-02/east.conf

testing/pluto/x509-pluto-02/eastinit.sh

testing/pluto/x509-pluto-02/final.sh

testing/pluto/x509-pluto-02/north-console.txt

testing/pluto/x509-pluto-02/northinit.sh

testing/pluto/x509-pluto-02/northrun.sh

testing/pluto/x509-pluto-02/testparams.sh

testing/pluto/x509-pluto-03

testing/pluto/x509-pluto-03/TODO.txt

testing/pluto/x509-pluto-03/debugpublic.txt

testing/pluto/x509-pluto-03/description.txt

testing/pluto/x509-pluto-03/east-console.txt

testing/pluto/x509-pluto-03/east.conf

testing/pluto/x509-pluto-03/eastinit.sh

testing/pluto/x509-pluto-03/eroutewait.sh

testing/pluto/x509-pluto-03/final.sh

testing/pluto/x509-pluto-03/testparams.sh

testing/pluto/x509-pluto-03/west-console.txt

testing/pluto/x509-pluto-03/west.conf

testing/pluto/x509-pluto-03/westinit.sh

testing/pluto/x509-pluto-03/westrun.sh

testing/pluto/x509-pluto-04

testing/pluto/x509-pluto-04/description.txt

testing/pluto/x509-pluto-04/east-cleartext.txt

testing/pluto/x509-pluto-04/east-console.txt

testing/pluto/x509-pluto-04/east.conf

testing/pluto/x509-pluto-04/eastinit.sh

testing/pluto/x509-pluto-04/final.sh

testing/pluto/x509-pluto-04/nicinit.sh

testing/pluto/x509-pluto-04/north-console.txt

testing/pluto/x509-pluto-04/northinit.sh

testing/pluto/x509-pluto-04/northrun.sh

testing/pluto/x509-pluto-04/testparams.sh

testing/pluto/x509-pluto-05

testing/pluto/x509-pluto-05/description.txt

testing/pluto/x509-pluto-05/east-cleartext.txt

testing/pluto/x509-pluto-05/east-console.txt

testing/pluto/x509-pluto-05/east.conf

testing/pluto/x509-pluto-05/eastinit.sh

testing/pluto/x509-pluto-05/final.sh

testing/pluto/x509-pluto-05/nicinit.sh

testing/pluto/x509-pluto-05/north-console.txt

testing/pluto/x509-pluto-05/northinit.sh

testing/pluto/x509-pluto-05/northrun.sh

testing/pluto/x509-pluto-05/testparams.sh

testing/pluto/x509-pluto-06

testing/pluto/x509-pluto-06/description.txt

testing/pluto/x509-pluto-06/east-cleartext.txt

testing/pluto/x509-pluto-06/east-console.txt

testing/pluto/x509-pluto-06/east.conf

testing/pluto/x509-pluto-06/eastinit.sh

testing/pluto/x509-pluto-06/final.sh

testing/pluto/x509-pluto-06/nicinit.sh

testing/pluto/x509-pluto-06/north-console.txt

testing/pluto/x509-pluto-06/north.conf

testing/pluto/x509-pluto-06/northinit.sh

testing/pluto/x509-pluto-06/northrun.sh

testing/pluto/x509-pluto-06/testparams.sh

testing/pluto/x509-pluto-07

testing/pluto/x509-pluto-07/description.txt

testing/pluto/x509-pluto-08

testing/pluto/x509-pluto-08/description.txt

testing/pluto/x509-pluto-08/east-console.txt

testing/pluto/x509-pluto-08/pemtocert.sh

testing/pluto/x509-pluto-08/pemtoder.sh

testing/pluto/x509-pluto-08/testparams.sh

testing/pluto/x509-pluto-08/west-console.txt

testing/pluto/x509-pluto-08/west.conf

testing/pluto/x509-pluto-08/westcert.der

testing/pluto/x509-pluto-08/westinit.sh

testing/pluto/x509-pluto-08/westrun.sh

testing/pluto/xauth-pluto-04

testing/pluto/xauth-pluto-04/debugpublic.txt

testing/pluto/xauth-pluto-04/description.txt

testing/pluto/xauth-pluto-04/east-console.txt

testing/pluto/xauth-pluto-04/east.conf

testing/pluto/xauth-pluto-04/east.secrets

testing/pluto/xauth-pluto-04/eastinit.sh

testing/pluto/xauth-pluto-04/final.sh

testing/pluto/xauth-pluto-04/road-console.txt

testing/pluto/xauth-pluto-04/road.conf

testing/pluto/xauth-pluto-04/road.secrets

testing/pluto/xauth-pluto-04/roadinit.sh

testing/pluto/xauth-pluto-04/roadrun.sh

testing/pluto/xauth-pluto-04/testparams.sh

testing/pluto/xauth-pluto-05

testing/pluto/xauth-pluto-05/debugpublic.txt

testing/pluto/xauth-pluto-05/description.txt

testing/pluto/xauth-pluto-05/east-console.txt

testing/pluto/xauth-pluto-05/east.conf

testing/pluto/xauth-pluto-05/east.secrets

testing/pluto/xauth-pluto-05/eastinit.sh

testing/pluto/xauth-pluto-05/final.sh

testing/pluto/xauth-pluto-05/road-console.txt

testing/pluto/xauth-pluto-05/road.conf

testing/pluto/xauth-pluto-05/road.secrets

testing/pluto/xauth-pluto-05/roadinit.sh

testing/pluto/xauth-pluto-05/roadrun.sh

testing/pluto/xauth-pluto-05/testparams.sh

testing/pluto/xauth-pluto-06

testing/pluto/xauth-pluto-06/debugpublic.txt

testing/pluto/xauth-pluto-06/description.txt

testing/pluto/xauth-pluto-06/east-console.txt

testing/pluto/xauth-pluto-06/east.conf

testing/pluto/xauth-pluto-06/east.secrets

testing/pluto/xauth-pluto-06/eastinit.sh

testing/pluto/xauth-pluto-06/final.sh

testing/pluto/xauth-pluto-06/road-console.txt

testing/pluto/xauth-pluto-06/road.conf

testing/pluto/xauth-pluto-06/road.secrets

testing/pluto/xauth-pluto-06/roadinit.sh

testing/pluto/xauth-pluto-06/roadrun.sh

testing/pluto/xauth-pluto-06/testparams.sh

testing/pluto/xauth-pluto-07

testing/pluto/xauth-pluto-07/description.txt

testing/pluto/xauth-pluto-07/east-console.txt

testing/pluto/xauth-pluto-07/east.conf

testing/pluto/xauth-pluto-07/east.secrets

testing/pluto/xauth-pluto-07/eastinit.sh

testing/pluto/xauth-pluto-07/final.sh

testing/pluto/xauth-pluto-07/road-console.txt

testing/pluto/xauth-pluto-07/road.conf

testing/pluto/xauth-pluto-07/road.secrets

testing/pluto/xauth-pluto-07/roadinit.sh

testing/pluto/xauth-pluto-07/roadrun.sh

testing/pluto/xauth-pluto-07/testparams.sh

testing/pluto/xauth-vpn-upgrade-01

testing/pluto/xauth-vpn-upgrade-01/description.txt

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/aacerts

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/aacerts/.KEEPME

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/crls

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/crls/.KEEPME

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/ocspcerts

testing/scripts/ipsec.conf-alsoflip-01/etc-alsoflip/ipsec.d/ocspcerts/.KEEPME

files removed:
debian/freeswan.conffiles

debian/freeswan.config

debian/freeswan.dirs

debian/freeswan.docs

debian/freeswan.postinst

debian/freeswan.postrm

debian/freeswan.preinst

debian/freeswan.prerm

debian/freeswan.templates

debian/kernel-patch-freeswan.apply

debian/kernel-patch-freeswan.dirs

debian/kernel-patch-freeswan.docs

debian/kernel-patch-freeswan.unpatch

debian/openswan-modules-source-build

debian/openswan-modules-source-build/modules

debian/openswan-modules-source-build/modules/openswan

debian/openswan-modules-source-build/modules/openswan/Makefile.inc

debian/openswan-modules-source-build/modules/openswan/Makefile.ver

debian/openswan-modules-source-build/modules/openswan/config-all.h

debian/openswan-modules-source-build/modules/openswan/debian

debian/openswan-modules-source-build/modules/openswan/debian/changelog

debian/openswan-modules-source-build/modules/openswan/debian/control.in

debian/openswan-modules-source-build/modules/openswan/debian/rules

debian/openswan-modules-source-build/modules/openswan/linux

debian/openswan-modules-source-build/modules/openswan/linux/Documentation

debian/openswan-modules-source-build/modules/openswan/linux/Documentation/Configure.help.fs2_0.patch

debian/openswan-modules-source-build/modules/openswan/linux/Documentation/Configure.help.fs2_2.patch

debian/openswan-modules-source-build/modules/openswan/linux/Documentation/Configure.help.fs2_4.patch

debian/openswan-modules-source-build/modules/openswan/linux/Makefile

debian/openswan-modules-source-build/modules/openswan/linux/README.openswan-2

debian/openswan-modules-source-build/modules/openswan/linux/crypto

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/COPYRIGHT

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/INSTALL

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/Makefile.objs

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/README

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/README.freeswan

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/VERSION

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/crypt586.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/des-586.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/des686.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/desboth.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/cbc.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/readme

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/x86asm.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/x86ms.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/perlasm/x86unix.pl

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/asm/readme

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/cbc_enc.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des.doc

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_crypt.man

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_enc.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_locl.h

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_opts.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/des_ver.h

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/destest.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/dx86unix.S

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/ecb_enc.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/fcrypt.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/fcrypt_b.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/options.txt

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/podd.h

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/set_key.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/sk.h

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/speed.c

debian/openswan-modules-source-build/modules/openswan/linux/crypto/ciphers/des/spr.h

debian/openswan-modules-source-build/modules/openswan/linux/include

debian/openswan-modules-source-build/modules/openswan/linux/include/crypto

debian/openswan-modules-source-build/modules/openswan/linux/include/crypto/des.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipcomp.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_ah.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_auth.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_encap.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_eroute.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_errs.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_esp.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_ipcomp.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_ipe4.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_ipip.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_kversion.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_life.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_md5h.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_param.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_policy.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_proto.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_radij.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_rcv.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_sa.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_sha1.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_stats.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_tunnel.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_xform.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/ipsec_xmit.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/passert.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/pfkey_debug.h

debian/openswan-modules-source-build/modules/openswan/linux/include/freeswan/radij.h

debian/openswan-modules-source-build/modules/openswan/linux/include/mast.h

debian/openswan-modules-source-build/modules/openswan/linux/include/openswan.h

debian/openswan-modules-source-build/modules/openswan/linux/include/pfkey.h

debian/openswan-modules-source-build/modules/openswan/linux/include/pfkeyv2.h

debian/openswan-modules-source-build/modules/openswan/linux/include/zlib

debian/openswan-modules-source-build/modules/openswan/linux/include/zlib/zlib.h

debian/openswan-modules-source-build/modules/openswan/linux/include/zlib/zutil.h

debian/openswan-modules-source-build/modules/openswan/linux/lib

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/Makefile.objs

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/addrtoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/addrtot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/addrtypeof.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/anyaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/anyaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoasr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoasr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atosubnet.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoul.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/atoul.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/copyright.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/datatot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/goodmask.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/goodmask.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initsaid.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initsubnet.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/initsubnet.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/internal.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/keyblobtoid.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/keyblobtoid.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/optionsfrom.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/optionsfrom.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/pfkey_v2_build.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/pfkey_v2_debug.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/pfkey_v2_ext_bits.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/pfkey_v2_parse.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/portof.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/portof.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/prng.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/prng.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/rangetoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/rangetosubnet.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/rangetosubnet.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/sameaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/sameaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/satoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/satot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnetof.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnetof.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnettoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnettot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/subnettypeof.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoaddr.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoaddr.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttodata.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttodata.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoprotoport.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttosa.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttosa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttosubnet.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoul.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ttoul.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ultoa.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/ultot.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/version.3

debian/openswan-modules-source-build/modules/openswan/linux/lib/libfreeswan/version.in.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/Makefile

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/Makefile.objs

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/README

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/README.freeswan

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/adler32.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/deflate.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/deflate.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infblock.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infblock.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infcodes.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infcodes.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inffast.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inffast.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inffixed.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inflate.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inftrees.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/inftrees.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infutil.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/infutil.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/match586.S

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/match686.S

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/trees.c

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/trees.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/zconf.h

debian/openswan-modules-source-build/modules/openswan/linux/lib/zlib/zutil.c

debian/openswan-modules-source-build/modules/openswan/linux/net

debian/openswan-modules-source-build/modules/openswan/linux/net/Config.in.fs2_0.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Config.in.fs2_2.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Config.in.fs2_4.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Makefile.fs2_0.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Makefile.fs2_2.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/Makefile.fs2_4.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/Config.in

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/Makefile

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/defconfig

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipcomp.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_ah.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_esp.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_init.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_ipcomp.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_ipip.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_life.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_mast.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_md5c.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_proc.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_radij.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_rcv.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_sa.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_sha1.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_tunnel.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_xform.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/ipsec_xmit.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/pfkey_v2.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/pfkey_v2_ext_process.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/pfkey_v2_parser.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/radij.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/sysctl_net_ipsec.c

debian/openswan-modules-source-build/modules/openswan/linux/net/ipsec/tagsfile.mak

debian/openswan-modules-source-build/modules/openswan/linux/net/ipv4

debian/openswan-modules-source-build/modules/openswan/linux/net/ipv4/af_inet.c.fs2_0.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/ipv4/af_inet.c.fs2_2.patch

debian/openswan-modules-source-build/modules/openswan/linux/net/ipv4/af_inet.c.fs2_4.patch

debian/pre-build-patches

debian/pre-build-patches/00-notify_delete-freeswan-1.98b-020724_with_freeswan-alg.diff

debian/pre-build-patches/plutorun-use-bash.diff

debian/pre-install-patches

debian/pre-install-patches/init.d-add-kernelsupport-check.diff

debian/pre-install-patches/init.d-remove-depmod.diff

doc/draft-richardson-ipsec-rr.txt

doc/manpage.d

doc/manpage.d/ipsec.8.html

doc/manpage.d/ipsec.conf.5.html

doc/manpage.d/ipsec.secrets.5.html

doc/manpage.d/ipsec__confread.8.html

doc/manpage.d/ipsec__copyright.8.html

doc/manpage.d/ipsec__include.8.html

doc/manpage.d/ipsec__keycensor.8.html

doc/manpage.d/ipsec__plutoload.8.html

doc/manpage.d/ipsec__plutorun.8.html

doc/manpage.d/ipsec__realsetup.8.html

doc/manpage.d/ipsec__secretcensor.8.html

doc/manpage.d/ipsec__startklips.8.html

doc/manpage.d/ipsec__updown.8.html

doc/manpage.d/ipsec__updown_x509.8.html

doc/manpage.d/ipsec_addrbytesof.3.html

doc/manpage.d/ipsec_addrbytesptr.3.html

doc/manpage.d/ipsec_addrcmp.3.html

doc/manpage.d/ipsec_addrinsubnet.3.html

doc/manpage.d/ipsec_addrlenof.3.html

doc/manpage.d/ipsec_addrtoa.3.html

doc/manpage.d/ipsec_addrtosubnet.3.html

doc/manpage.d/ipsec_addrtot.3.html

doc/manpage.d/ipsec_addrtypeof.3.html

doc/manpage.d/ipsec_anyaddr.3.html

doc/manpage.d/ipsec_atoaddr.3.html

doc/manpage.d/ipsec_atoasr.3.html

doc/manpage.d/ipsec_atosubnet.3.html

doc/manpage.d/ipsec_atoul.3.html

doc/manpage.d/ipsec_auto.8.html

doc/manpage.d/ipsec_barf.8.html

doc/manpage.d/ipsec_bitstomask.3.html

doc/manpage.d/ipsec_broadcastof.3.html

doc/manpage.d/ipsec_calcgoo.8.html

doc/manpage.d/ipsec_copyright_notice.3.html

doc/manpage.d/ipsec_datatot.3.html

doc/manpage.d/ipsec_eroute.5.html

doc/manpage.d/ipsec_eroute.8.html

doc/manpage.d/ipsec_goodmask.3.html

doc/manpage.d/ipsec_hostof.3.html

doc/manpage.d/ipsec_ikeping.8.html

doc/manpage.d/ipsec_initaddr.3.html

doc/manpage.d/ipsec_initsaid.3.html

doc/manpage.d/ipsec_initsubnet.3.html

doc/manpage.d/ipsec_isanyaddr.3.html

doc/manpage.d/ipsec_isloopbackaddr.3.html

doc/manpage.d/ipsec_isunspecaddr.3.html

doc/manpage.d/ipsec_keyblobtoid.3.html

doc/manpage.d/ipsec_klipsdebug.5.html

doc/manpage.d/ipsec_klipsdebug.8.html

doc/manpage.d/ipsec_look.8.html

doc/manpage.d/ipsec_loopbackaddr.3.html

doc/manpage.d/ipsec_lwdnsq.8.html

doc/manpage.d/ipsec_mailkey.8.html

doc/manpage.d/ipsec_manual.8.html

doc/manpage.d/ipsec_maskof.3.html

doc/manpage.d/ipsec_masktobits.3.html

doc/manpage.d/ipsec_masktocount.3.html

doc/manpage.d/ipsec_networkof.3.html

doc/manpage.d/ipsec_newhostkey.8.html

doc/manpage.d/ipsec_optionsfrom.3.html

doc/manpage.d/ipsec_pf_key.5.html

doc/manpage.d/ipsec_pf_key.8.html

doc/manpage.d/ipsec_pluto.8.html

doc/manpage.d/ipsec_portof.3.html

doc/manpage.d/ipsec_prng.3.html

doc/manpage.d/ipsec_prng_bytes.3.html

doc/manpage.d/ipsec_prng_final.3.html

doc/manpage.d/ipsec_prng_init.3.html

doc/manpage.d/ipsec_ranbits.8.html

doc/manpage.d/ipsec_rangetoa.3.html

doc/manpage.d/ipsec_rangetosubnet.3.html

doc/manpage.d/ipsec_rsasigkey.8.html

doc/manpage.d/ipsec_sameaddr.3.html

doc/manpage.d/ipsec_sameaddrtype.3.html

doc/manpage.d/ipsec_samesaid.3.html

doc/manpage.d/ipsec_samesubnet.3.html

doc/manpage.d/ipsec_samesubnettype.3.html

doc/manpage.d/ipsec_satot.3.html

doc/manpage.d/ipsec_secrets.8.html

doc/manpage.d/ipsec_send-pr.8.html

doc/manpage.d/ipsec_setportof.3.html

doc/manpage.d/ipsec_setup.8.html

doc/manpage.d/ipsec_showdefaults.8.html

doc/manpage.d/ipsec_showhostkey.8.html

doc/manpage.d/ipsec_showpolicy.8.html

doc/manpage.d/ipsec_sockaddrlenof.3.html

doc/manpage.d/ipsec_sockaddrof.3.html

doc/manpage.d/ipsec_spi.5.html

doc/manpage.d/ipsec_spi.8.html

doc/manpage.d/ipsec_spigrp.5.html

doc/manpage.d/ipsec_spigrp.8.html

doc/manpage.d/ipsec_splitkeytoid.3.html

doc/manpage.d/ipsec_subnetinsubnet.3.html

doc/manpage.d/ipsec_subnetishost.3.html

doc/manpage.d/ipsec_subnetof.3.html

doc/manpage.d/ipsec_subnettoa.3.html

doc/manpage.d/ipsec_subnettot.3.html

doc/manpage.d/ipsec_subnettypeof.3.html

doc/manpage.d/ipsec_tnatoaddr.3.html

doc/manpage.d/ipsec_tncfg.5.html

doc/manpage.d/ipsec_tncfg.8.html

doc/manpage.d/ipsec_trap_count.5.html

doc/manpage.d/ipsec_trap_sendcount.5.html

doc/manpage.d/ipsec_ttoaddr.3.html

doc/manpage.d/ipsec_ttodata.3.html

doc/manpage.d/ipsec_ttosa.3.html

doc/manpage.d/ipsec_ttosubnet.3.html

doc/manpage.d/ipsec_ttoul.3.html

doc/manpage.d/ipsec_ultoa.3.html

doc/manpage.d/ipsec_ultot.3.html

doc/manpage.d/ipsec_unspecaddr.3.html

doc/manpage.d/ipsec_verify.8.html

doc/manpage.d/ipsec_version.3.html

doc/manpage.d/ipsec_version.5.html

doc/manpage.d/ipsec_version_code.3.html

doc/manpage.d/ipsec_version_string.3.html

doc/manpage.d/ipsec_whack.8.html

doc/src/draft-richardson-ipsec-rr.html

doc/src/draft-richardson-ipsec-rr.xml

lib/libdes/Makefile

lib/libfreeswan

lib/libfreeswan/Makefile

lib/libfreeswan/pfkey_print.c

lib/libfreeswan/sanitizestring.c

lib/liblwres/man/lwres.3

lib/liblwres/man/lwres.html

lib/liblwres/man/lwres_buffer.3

lib/liblwres/man/lwres_buffer.html

lib/liblwres/man/lwres_config.3

lib/liblwres/man/lwres_config.html

lib/liblwres/man/lwres_context.3

lib/liblwres/man/lwres_context.html

lib/liblwres/man/lwres_gabn.3

lib/liblwres/man/lwres_gabn.html

lib/liblwres/man/lwres_gai_strerror.3

lib/liblwres/man/lwres_gai_strerror.html

lib/liblwres/man/lwres_getaddrinfo.3

lib/liblwres/man/lwres_getaddrinfo.html

lib/liblwres/man/lwres_gethostent.3

lib/liblwres/man/lwres_gethostent.html

lib/liblwres/man/lwres_getipnode.3

lib/liblwres/man/lwres_getipnode.html

lib/liblwres/man/lwres_getnameinfo.3

lib/liblwres/man/lwres_getnameinfo.html

lib/liblwres/man/lwres_getrrsetbyname.3

lib/liblwres/man/lwres_getrrsetbyname.html

lib/liblwres/man/lwres_gnba.3

lib/liblwres/man/lwres_gnba.html

lib/liblwres/man/lwres_hstrerror.3

lib/liblwres/man/lwres_hstrerror.html

lib/liblwres/man/lwres_inetntop.3

lib/liblwres/man/lwres_inetntop.html

lib/liblwres/man/lwres_noop.3

lib/liblwres/man/lwres_noop.html

lib/liblwres/man/lwres_packet.3

lib/liblwres/man/lwres_packet.html

lib/liblwres/man/lwres_resutil.3

lib/liblwres/man/lwres_resutil.html

linux/crypto/ciphers/des

linux/crypto/ciphers/des/COPYRIGHT

linux/crypto/ciphers/des/INSTALL

linux/crypto/ciphers/des/Makefile.objs

linux/crypto/ciphers/des/README

linux/crypto/ciphers/des/README.freeswan

linux/crypto/ciphers/des/VERSION

linux/crypto/ciphers/des/asm

linux/crypto/ciphers/des/asm/crypt586.pl

linux/crypto/ciphers/des/asm/des-586.pl

linux/crypto/ciphers/des/asm/des686.pl

linux/crypto/ciphers/des/asm/desboth.pl

linux/crypto/ciphers/des/asm/perlasm

linux/crypto/ciphers/des/asm/perlasm/cbc.pl

linux/crypto/ciphers/des/asm/perlasm/readme

linux/crypto/ciphers/des/asm/perlasm/x86asm.pl

linux/crypto/ciphers/des/asm/perlasm/x86ms.pl

linux/crypto/ciphers/des/asm/perlasm/x86unix.pl

linux/crypto/ciphers/des/asm/readme

linux/crypto/ciphers/des/cbc_enc.c

linux/crypto/ciphers/des/des.doc

linux/crypto/ciphers/des/des_crypt.man

linux/crypto/ciphers/des/des_enc.c

linux/crypto/ciphers/des/des_locl.h

linux/crypto/ciphers/des/des_opts.c

linux/crypto/ciphers/des/des_ver.h

linux/crypto/ciphers/des/destest.c

linux/crypto/ciphers/des/dx86unix.S

linux/crypto/ciphers/des/ecb_enc.c

linux/crypto/ciphers/des/fcrypt.c

linux/crypto/ciphers/des/fcrypt_b.c

linux/crypto/ciphers/des/options.txt

linux/crypto/ciphers/des/podd.h

linux/crypto/ciphers/des/set_key.c

linux/crypto/ciphers/des/sk.h

linux/crypto/ciphers/des/speed.c

linux/crypto/ciphers/des/spr.h

linux/include/freeswan

linux/include/freeswan.h

linux/include/freeswan/ipcomp.h

linux/include/freeswan/ipsec_ah.h

linux/include/freeswan/ipsec_auth.h

linux/include/freeswan/ipsec_encap.h

linux/include/freeswan/ipsec_eroute.h

linux/include/freeswan/ipsec_errs.h

linux/include/freeswan/ipsec_esp.h

linux/include/freeswan/ipsec_ipcomp.h

linux/include/freeswan/ipsec_ipe4.h

linux/include/freeswan/ipsec_ipip.h

linux/include/freeswan/ipsec_kversion.h

linux/include/freeswan/ipsec_life.h

linux/include/freeswan/ipsec_md5h.h

linux/include/freeswan/ipsec_param.h

linux/include/freeswan/ipsec_policy.h

linux/include/freeswan/ipsec_proto.h

linux/include/freeswan/ipsec_radij.h

linux/include/freeswan/ipsec_rcv.h

linux/include/freeswan/ipsec_sa.h

linux/include/freeswan/ipsec_sha1.h

linux/include/freeswan/ipsec_stats.h

linux/include/freeswan/ipsec_tunnel.h

linux/include/freeswan/ipsec_xform.h

linux/include/freeswan/ipsec_xmit.h

linux/include/freeswan/passert.h

linux/include/freeswan/pfkey_debug.h

linux/include/freeswan/radij.h

linux/lib/libfreeswan/addrtoa.c

linux/lib/libfreeswan/addrtot.c

linux/lib/libfreeswan/addrtypeof.c

linux/lib/libfreeswan/anyaddr.3

linux/lib/libfreeswan/anyaddr.c

linux/lib/libfreeswan/atoaddr.3

linux/lib/libfreeswan/atoaddr.c

linux/lib/libfreeswan/atoasr.3

linux/lib/libfreeswan/atoasr.c

linux/lib/libfreeswan/atosubnet.c

linux/lib/libfreeswan/atoul.3

linux/lib/libfreeswan/atoul.c

linux/lib/libfreeswan/copyright.c

linux/lib/libfreeswan/datatot.c

linux/lib/libfreeswan/goodmask.3

linux/lib/libfreeswan/goodmask.c

linux/lib/libfreeswan/initaddr.3

linux/lib/libfreeswan/initaddr.c

linux/lib/libfreeswan/initsaid.c

linux/lib/libfreeswan/initsubnet.3

linux/lib/libfreeswan/initsubnet.c

linux/lib/libfreeswan/internal.h

linux/lib/libfreeswan/keyblobtoid.3

linux/lib/libfreeswan/keyblobtoid.c

linux/lib/libfreeswan/optionsfrom.3

linux/lib/libfreeswan/optionsfrom.c

linux/lib/libfreeswan/pfkey_v2_build.c

linux/lib/libfreeswan/pfkey_v2_debug.c

linux/lib/libfreeswan/pfkey_v2_ext_bits.c

linux/lib/libfreeswan/pfkey_v2_parse.c

linux/lib/libfreeswan/portof.3

linux/lib/libfreeswan/portof.c

linux/lib/libfreeswan/prng.3

linux/lib/libfreeswan/prng.c

linux/lib/libfreeswan/rangetoa.c

linux/lib/libfreeswan/rangetosubnet.3

linux/lib/libfreeswan/rangetosubnet.c

linux/lib/libfreeswan/sameaddr.3

linux/lib/libfreeswan/sameaddr.c

linux/lib/libfreeswan/satoa.c

linux/lib/libfreeswan/satot.c

linux/lib/libfreeswan/subnetof.3

linux/lib/libfreeswan/subnetof.c

linux/lib/libfreeswan/subnettoa.c

linux/lib/libfreeswan/subnettot.c

linux/lib/libfreeswan/subnettypeof.c

linux/lib/libfreeswan/ttoaddr.3

linux/lib/libfreeswan/ttoaddr.c

linux/lib/libfreeswan/ttodata.3

linux/lib/libfreeswan/ttodata.c

linux/lib/libfreeswan/ttoprotoport.c

linux/lib/libfreeswan/ttosa.3

linux/lib/libfreeswan/ttosa.c

linux/lib/libfreeswan/ttosubnet.c

linux/lib/libfreeswan/ttoul.3

linux/lib/libfreeswan/ttoul.c

linux/lib/libfreeswan/ultoa.c

linux/lib/libfreeswan/ultot.c

linux/lib/libfreeswan/version.3

linux/lib/libfreeswan/version.in.c

linux/lib/zlib/README

linux/lib/zlib/README.freeswan

linux/lib/zlib/adler32.c

linux/lib/zlib/deflate.c

linux/lib/zlib/deflate.h

linux/lib/zlib/infblock.c

linux/lib/zlib/infblock.h

linux/lib/zlib/infcodes.c

linux/lib/zlib/infcodes.h

linux/lib/zlib/inffast.c

linux/lib/zlib/inffast.h

linux/lib/zlib/inffixed.h

linux/lib/zlib/inflate.c

linux/lib/zlib/inftrees.c

linux/lib/zlib/inftrees.h

linux/lib/zlib/infutil.c

linux/lib/zlib/infutil.h

linux/lib/zlib/match586.S

linux/lib/zlib/match686.S

linux/lib/zlib/trees.c

linux/lib/zlib/trees.h

linux/lib/zlib/zconf.h

linux/lib/zlib/zutil.c

linux/net/ipsec/Makefile

packaging/redhat/freeswan.spec

programs/_confread/block

programs/_confread/clear

programs/_confread/clear-or-private

programs/_confread/ipsec.conf

programs/_confread/private

programs/_confread/private-or-clear

programs/_updown/_updown.in

programs/examples/no_oe.conf

programs/ipsec/distros.txt

programs/pluto/constants.c

programs/pluto/constants.h

programs/pluto/endian.h

programs/pluto/packet.c

programs/pluto/packet.h

testing/CA/east.uml.freeswan.org/east.uml.freeswan.org.pem

testing/lib/libfreeswan

testing/lib/libfreeswan/Makefile

testing/lib/libfreeswan/TESTLIST

testing/pluto/co-terminal-03/nic-init.sh

testing/pluto/xauth-pluto-03/westinit.sh

files modified:
CHANGES

CREDITS

LICENSE

Makefile

Makefile.inc

Makefile.ver

README

debian/README.Debian

debian/changelog

debian/control

debian/fswcert/fswcert.c

debian/kernel-patch-openswan.apply

debian/openswan-modules-source.kernel-config

debian/openswan-modules-source.rules *

debian/openswan.docs

debian/openswan.postinst

debian/openswan.templates

debian/openswan.templates.master

debian/po/fr.po

debian/po/pt_BR.po

debian/po/templates.pot

debian/rules

doc/2.6.known-issues

doc/HowTo.html

doc/HowTo.pdf

doc/HowTo.ps

doc/HowTo.txt

doc/Makefile

doc/README.XAUTH

doc/README.x509

doc/draft-richardson-ipsec-opportunistic.txt

doc/src/draft-richardson-ipsec-opportunistic.html

doc/src/draft-richardson-ipsec-opportunistic.xml

doc/src/roadmap.html

doc/src/umltesting.html

doc/umltesting.html

doc/upgrading.html

lib/Makefile

lib/libipsecpolicy/Makefile

lib/liblwres/Makefile

lib/liblwres/async.c

lib/liblwres/context.c

lib/liblwres/gai_strerror.c

lib/liblwres/getaddrinfo.c

lib/liblwres/gethost.c

lib/liblwres/getipnode.c

lib/liblwres/getnameinfo.c

lib/liblwres/getrrset.c

lib/liblwres/getrrset2.c

lib/liblwres/herror.c

lib/liblwres/include/lwres/context.h

lib/liblwres/include/lwres/int.h

lib/liblwres/include/lwres/ipv6.h

lib/liblwres/include/lwres/lang.h

lib/liblwres/include/lwres/list.h

lib/liblwres/include/lwres/lwbuffer.h

lib/liblwres/include/lwres/lwpacket.h

lib/liblwres/include/lwres/lwres.h

lib/liblwres/include/lwres/netdb.h

lib/liblwres/include/lwres/platform.h

lib/liblwres/include/lwres/result.h

lib/liblwres/lwbuffer.c

lib/liblwres/lwconfig.c

lib/liblwres/lwinetaton.c

lib/liblwres/lwinetntop.c

lib/liblwres/lwinetpton.c

lib/liblwres/lwpacket.c

lib/liblwres/lwres_gabn.c

lib/liblwres/lwres_gnba.c

lib/liblwres/lwres_grbn.c

lib/liblwres/lwres_noop.c

lib/liblwres/lwresutil.c

lib/liblwres/man/Makefile.in

lib/liblwres/man/lwres.docbook

lib/liblwres/man/lwres_buffer.docbook

lib/liblwres/man/lwres_config.docbook

lib/liblwres/man/lwres_context.docbook

lib/liblwres/man/lwres_gabn.docbook

lib/liblwres/man/lwres_gai_strerror.docbook

lib/liblwres/man/lwres_getaddrinfo.docbook

lib/liblwres/man/lwres_gethostent.docbook

lib/liblwres/man/lwres_getipnode.docbook

lib/liblwres/man/lwres_getnameinfo.docbook

lib/liblwres/man/lwres_getrrsetbyname.docbook

lib/liblwres/man/lwres_gnba.docbook

lib/liblwres/man/lwres_hstrerror.docbook

lib/liblwres/man/lwres_inetntop.docbook

lib/liblwres/man/lwres_noop.docbook

lib/liblwres/man/lwres_packet.docbook

lib/liblwres/man/lwres_resutil.docbook

lib/liblwres/unix/include/lwres/net.h

lib/liblwres/version.c

lib/libopenswan/Makefile

lib/libopenswan/pfkey_print.c

lib/libopenswan/sanitizestring.c

linux/Documentation/Configure.help.fs2_0.patch

linux/Documentation/Configure.help.fs2_2.patch

linux/Documentation/Configure.help.fs2_4.patch

linux/Makefile

linux/include/crypto/des.h

linux/include/openswan.h

linux/include/pfkey.h

linux/include/pfkeyv2.h

linux/lib/libfreeswan/Makefile.objs

linux/net/Config.in.fs2_0.patch

linux/net/Config.in.fs2_2.patch

linux/net/Config.in.fs2_4.patch

linux/net/Makefile.fs2_0.patch

linux/net/Makefile.fs2_2.patch

linux/net/Makefile.fs2_4.patch

linux/net/ipsec/Config.in

linux/net/ipsec/defconfig

linux/net/ipsec/ipcomp.c

linux/net/ipsec/ipsec_ah.c

linux/net/ipsec/ipsec_esp.c

linux/net/ipsec/ipsec_init.c

linux/net/ipsec/ipsec_ipcomp.c

linux/net/ipsec/ipsec_ipip.c

linux/net/ipsec/ipsec_life.c

linux/net/ipsec/ipsec_mast.c

linux/net/ipsec/ipsec_md5c.c

linux/net/ipsec/ipsec_proc.c

linux/net/ipsec/ipsec_radij.c

linux/net/ipsec/ipsec_rcv.c

linux/net/ipsec/ipsec_sa.c

linux/net/ipsec/ipsec_sha1.c

linux/net/ipsec/ipsec_tunnel.c

linux/net/ipsec/ipsec_xform.c

linux/net/ipsec/ipsec_xmit.c

linux/net/ipsec/pfkey_v2.c

linux/net/ipsec/pfkey_v2_ext_process.c

linux/net/ipsec/pfkey_v2_parser.c

linux/net/ipsec/radij.c

linux/net/ipsec/sysctl_net_ipsec.c

linux/net/ipv4/af_inet.c.fs2_0.patch

linux/net/ipv4/af_inet.c.fs2_2.patch

linux/net/ipv4/af_inet.c.fs2_4.patch

nat-t/include/net/sock.h.fs2_2.patch

nat-t/include/net/sock.h.fs2_4.patch

nat-t/net/ipv4/udp.c.fs2_2.patch

nat-t/net/ipv4/udp.c.fs2_4.patch

packaging/ipkg/generate-ipkg

packaging/linus/config-all.h

packaging/makefiles/module.make

packaging/redhat/Makefile

packaging/redhat/openswan.26spec *

packaging/redhat/rpm.in

packaging/utils/errcheck

packaging/utils/kernelpatch

programs/Makefile

programs/Makefile.program

programs/_confread/Makefile

programs/_confread/_confread.in

programs/_confread/ipsec.conf.5

programs/_confread/ipsec.conf.in

programs/_copyright/Makefile

programs/_copyright/_copyright.c

programs/_include/Makefile

programs/_keycensor/Makefile

programs/_plutoload/Makefile

programs/_plutorun/Makefile

programs/_plutorun/_plutorun.in

programs/_realsetup/Makefile

programs/_realsetup/_realsetup.in

programs/_secretcensor/Makefile

programs/_startklips/Makefile

programs/_startklips/_startklips.in

programs/_updown/Makefile

programs/_updown/_updown.ip2.in

programs/_updown_x509/Makefile

programs/auto/Makefile

programs/auto/auto.in

programs/barf/Makefile

programs/barf/barf.8

programs/barf/barf.in

programs/calcgoo/Makefile

programs/eroute/Makefile

programs/eroute/eroute.c

programs/examples/Makefile

programs/examples/no_oe.conf.in

programs/ikeping/Makefile

programs/ikeping/ikeping.c

programs/ipsec/Makefile

programs/ipsec/ipsec.in

programs/klipsdebug/Makefile

programs/klipsdebug/klipsdebug.c

programs/look/Makefile

programs/lwdnsq/Makefile

programs/lwdnsq/lookup.c

programs/lwdnsq/lwdnsq.c

programs/lwdnsq/lwdnsq.xml.in

programs/mailkey/Makefile

programs/manual/Makefile

programs/manual/manual.in

programs/newhostkey/Makefile

programs/pf_key/Makefile

programs/pf_key/pf_key.c

programs/pluto/Makefile

programs/pluto/ac.c

programs/pluto/ac.h

programs/pluto/adns.c

programs/pluto/asn1.c

programs/pluto/asn1.h

programs/pluto/certs.c

programs/pluto/certs.h

programs/pluto/connections.c

programs/pluto/connections.h

programs/pluto/cookie.c

programs/pluto/cookie.h

programs/pluto/crypto.c

programs/pluto/crypto.h

programs/pluto/defs.c

programs/pluto/defs.h

programs/pluto/demux.c

programs/pluto/demux.h

programs/pluto/dnskey.c

programs/pluto/fetch.c

programs/pluto/fetch.h

programs/pluto/foodgroups.c

programs/pluto/gcryptfix.c

programs/pluto/id.c

programs/pluto/ipsec_doi.c

programs/pluto/ipsec_doi.h

programs/pluto/kernel.c

programs/pluto/kernel.h

programs/pluto/kernel_netlink.c

programs/pluto/kernel_noklips.c

programs/pluto/kernel_pfkey.c

programs/pluto/keys.c

programs/pluto/keys.h

programs/pluto/lex.c

programs/pluto/lex.h

programs/pluto/log.c

programs/pluto/log.h

programs/pluto/md5.c

programs/pluto/md5.h

programs/pluto/nat_traversal.c

programs/pluto/nat_traversal.h

programs/pluto/oid.c

programs/pluto/oid.h

programs/pluto/oid.pl

programs/pluto/oid.txt

programs/pluto/paths.h

programs/pluto/pem.c

programs/pluto/pem.h

programs/pluto/pgp.c

programs/pluto/pgp.h

programs/pluto/pkcs.c

programs/pluto/pkcs.h

programs/pluto/pluto.8

programs/pluto/plutomain.c

programs/pluto/quirks.h

programs/pluto/rcv_info.c

programs/pluto/rcv_info.h

programs/pluto/rcv_whack.c

programs/pluto/rnd.c

programs/pluto/server.c

programs/pluto/server.h

programs/pluto/sha1.c

programs/pluto/sha1.h

programs/pluto/smartcard.c

programs/pluto/smartcard.h

programs/pluto/spdb.c

programs/pluto/spdb.h

programs/pluto/state.c

programs/pluto/state.h

programs/pluto/timer.c

programs/pluto/timer.h

programs/pluto/vendor.c

programs/pluto/vendor.h

programs/pluto/virtual.c

programs/pluto/virtual.h

programs/pluto/whack.c

programs/pluto/whack.h

programs/pluto/x509.c

programs/pluto/x509.h

programs/pluto/xauth.c

programs/pluto/xauth.h

programs/proc/Makefile

programs/ranbits/Makefile

programs/ranbits/ranbits.c

programs/rsasigkey/Makefile

programs/rsasigkey/rsasigkey.c

programs/secrets/Makefile

programs/send-pr/Makefile

programs/setup/Makefile

programs/setup/setup.in

programs/showdefaults/Makefile

programs/showhostkey/Makefile

programs/showhostkey/showhostkey.in

programs/showpolicy/Makefile

programs/showpolicy/showpolicy.c

programs/spi/Makefile

programs/spi/spi.c

programs/spigrp/Makefile

programs/spigrp/spigrp.c

programs/tncfg/Makefile

programs/tncfg/tncfg.c

programs/verify/Makefile

programs/verify/verify.in

testing/CA/cacert.pem

testing/CA/east.uml.freeswan.org/east.uml.freeswan.org.cert

testing/CA/index.txt

testing/CA/north.uml.freeswan.org/north.uml.freeswan.org.cert

testing/CA/openssl.cnf

testing/CA/serial

testing/CA/west.uml.freeswan.org/west.uml.freeswan.org.cert

testing/Makefile

testing/baseconfigs/all/etc/ipsec.d/certs/east.uml.freeswan.org.cert

testing/baseconfigs/all/etc/ipsec.d/certs/north.uml.freeswan.org.cert

testing/baseconfigs/all/etc/ipsec.d/certs/west.uml.freeswan.org.cert

testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common

testing/baseconfigs/east/etc/ipsec.conf

testing/baseconfigs/east/etc/ipsec.d/passwd

testing/baseconfigs/east/etc/ipsec.d/private/east.req

testing/baseconfigs/genx509keys.sh

testing/baseconfigs/net.nic.sh

testing/baseconfigs/net.west.sh

testing/baseconfigs/nic/etc/network/interfaces

testing/baseconfigs/north/etc/ipsec.conf

testing/baseconfigs/north/etc/ipsec.secrets

testing/baseconfigs/road/etc/ipsec.conf

testing/baseconfigs/west/etc/ipsec.conf

testing/baseconfigs/west/etc/ipsec.d/private/west.req

testing/baseconfigs/west/etc/network/interfaces

testing/dnssec/Makefile

testing/dnssec/TESTLIST

testing/dnssec/setup.sh

testing/kernelconfigs/umlmodule.config

testing/kernelconfigs/umlplain.config

testing/kernelconfigs/umlswan.config

testing/klips/Makefile

testing/klips/TESTLIST

testing/klips/ah-esp-01/east-console.txt

testing/klips/ah-esp-01/west-console.txt

testing/klips/east-ah-icmp-01/ah1-console.txt

testing/klips/east-ah-icmp-01/ah1-output.txt

testing/klips/east-ah-icmp-01/testparams.sh

testing/klips/east-ah-icmp-02/ah2-console.txt

testing/klips/east-ah-icmp-02/ah2-output.txt

testing/klips/east-ah-icmp-02/testparams.sh

testing/klips/east-drop-01/spi1-console.txt

testing/klips/east-drop-02/spi1-console.txt

testing/klips/east-drop-02/spi1-output.txt

testing/klips/east-drop-02/testparams.sh

testing/klips/east-espiv-01/examineIV.pl

testing/klips/east-espiv-01/spi1-console.txt

testing/klips/east-hold-01/spi1-console.txt

testing/klips/east-hold-02/spi1-console.txt

testing/klips/east-hold-02/spi1-output.txt

testing/klips/east-hold-02/testparams.sh

testing/klips/east-icmp-01/spi1-console.txt

testing/klips/east-icmp-01/spi1-output.txt

testing/klips/east-icmp-01/testparams.sh

testing/klips/east-icmp-02/spi1-console.txt

testing/klips/east-icmp-03/spi1-console.txt

testing/klips/east-icmp-04/spi1-console.txt

testing/klips/east-icmp-04/spi1-output.txt

testing/klips/east-icmp-04/testparams.sh

testing/klips/east-lifetime-02/test-02-console.txt

testing/klips/east-lifetime-02/testparams.sh

testing/klips/east-lifetime-03/spi1-output.txt

testing/klips/east-lifetime-03/test-03-console.txt

testing/klips/east-lifetime-03/testparams.sh

testing/klips/east-none-01/spi1-console.txt

testing/klips/east-none-02/spi1-console.txt

testing/klips/east-none-02/spi1-output.txt

testing/klips/east-none-02/testparams.sh

testing/klips/east-pass-01/spi1-console.txt

testing/klips/east-pass-02/spi1-console.txt

testing/klips/east-pass-02/spi1-output.txt

testing/klips/east-pass-02/testparams.sh

testing/klips/east-reject-01/icmp-output.txt

testing/klips/east-reject-01/spi1-console.txt

testing/klips/east-reject-01/testparams.sh

testing/klips/east-reject-02/spi1-console.txt

testing/klips/east-reject-02/spi1-output.txt

testing/klips/east-reject-02/testparams.sh

testing/klips/east-saref-pfkey-01/spi1-console.txt

testing/klips/east-trap-01/spi1-console.txt

testing/klips/east-trap-01/spi1.sh

testing/klips/east-trap-01/testparams.sh

testing/klips/east-trap-02/spi1-console.txt

testing/klips/east-trap-02/spi1-output.txt

testing/klips/east-trap-02/testparams.sh

testing/klips/east-trapsubnet-01/spi1-console.txt

testing/klips/east-trapsubnet-02/spi1-console.txt

testing/klips/east-trapsubnet-02/spi1-output.txt

testing/klips/east-trapsubnet-02/testparams.sh

testing/klips/fixups/ipsec-look-esp-sanitize.pl

testing/klips/fixups/kern-list-fixups.sed

testing/klips/fixups/wilog.sed

testing/klips/outputs/publicnet-west-east-ping.txt

testing/klips/proc-fs-01/examine-proc.txt

testing/klips/proc-fs-02/examine-proc.txt

testing/klips/proc-fs-03/proc-birth-console.txt

testing/klips/saref-alloc-01/saref-console.txt

testing/klips/setup.sh

testing/klips/west-ah-icmp-01/ah1-console.txt

testing/klips/west-ah-icmp-02/ah2-console.txt

testing/klips/west-bigicmp-01/spi1-cleartext.txt

testing/klips/west-bigicmp-01/spi1-console.txt

testing/klips/west-bigicmp-01/testparams.sh

testing/klips/west-drop-02/spi1-console.txt

testing/klips/west-esp-short-01/spi1-console.txt

testing/klips/west-esp-short-02/spi1-console.txt

testing/klips/west-hold-02/spi1-console.txt

testing/klips/west-icmp-01/spi1-cleartext.txt

testing/klips/west-icmp-01/spi1-console.txt

testing/klips/west-icmp-01/testparams.sh

testing/klips/west-icmp-02/spi1-console.txt

testing/klips/west-icmp-02/spi1-once.txt

testing/klips/west-icmp-02/testparams.sh

testing/klips/west-icmp-03/spi1-console.txt

testing/klips/west-icmp-04/spi1-cleartext.txt

testing/klips/west-icmp-04/spi1-console.txt

testing/klips/west-icmp-04/testparams.sh

testing/klips/west-none-02/spi1-console.txt

testing/klips/west-pass-02/spi1-console.txt

testing/klips/west-pass-02/spi1-output.txt

testing/klips/west-pass-02/testparams.sh

testing/klips/west-rcv-nfmark-set-01/spi1-console.txt

testing/klips/west-rcv-nfmark-set-02/testparams.sh

testing/klips/west-reject-02/icmp-output.txt

testing/klips/west-reject-02/spi1-console.txt

testing/klips/west-reject-02/testparams.sh

testing/klips/west-trap-02/spi1-console.txt

testing/klips/west-trapsubnet-02/spi1-console.txt

testing/lib/Makefile

testing/packaging/Makefile

testing/packaging/TESTLIST

testing/packaging/basic-docmake-01/make_doc_output.txt

testing/packaging/basic-install-01/find-f-l.txt

testing/packaging/basic-uninstall-01/justconf.txt

testing/packaging/fixups/nukeversion.pl

testing/packaging/kernpatch-two-four-01/linus_two_four.txt

testing/packaging/kernpatch-two-oh-01/linus_two_oh.txt

testing/packaging/kernpatch-two-two-01/linus_two_two.txt

testing/packaging/overwrite-install-01/find-f-l.txt

testing/packaging/setup.sh

testing/packaging/xisp-install-01/find-f-l.txt

testing/pluto/Makefile

testing/pluto/TESTLIST

testing/pluto/bad-updown-01/east-console.txt

testing/pluto/bad-updown-01/west-console.txt

testing/pluto/basic-pluto-01/east-console.txt

testing/pluto/basic-pluto-01/eastinit.sh

testing/pluto/basic-pluto-01/final.sh

testing/pluto/basic-pluto-01/testparams.sh

testing/pluto/basic-pluto-01/west-console.txt

testing/pluto/basic-pluto-01/westinit.sh

testing/pluto/basic-pluto-01/westrun.sh

testing/pluto/basic-pluto-02/east-console.txt

testing/pluto/basic-pluto-02/testparams.sh

testing/pluto/basic-pluto-02/west-console.txt

testing/pluto/bin/CONFIG

testing/pluto/bin/doauto

testing/pluto/bin/dopluto

testing/pluto/bin/eastlocal.sh

testing/pluto/bin/northlocal.sh

testing/pluto/co-terminal-01/gwd-console.txt

testing/pluto/co-terminal-01/mrcharlie-console.txt

testing/pluto/co-terminal-01/rw-console.txt

testing/pluto/co-terminal-02/east-console.txt

testing/pluto/co-terminal-02/japan-console.txt

testing/pluto/co-terminal-02/nic-init.sh

testing/pluto/co-terminal-02/wavesec-console.txt

testing/pluto/co-terminal-02/wavesec-init.sh

testing/pluto/co-terminal-02/wavesec.conf

testing/pluto/co-terminal-03/east-console.txt

testing/pluto/co-terminal-03/japan-console.txt

testing/pluto/co-terminal-03/wavesec-console.txt

testing/pluto/co-terminal-04/east-console.txt

testing/pluto/co-terminal-04/japan-console.txt

testing/pluto/co-terminal-04/wavesec-console.txt

testing/pluto/delete-sa-01/east-console.txt

testing/pluto/delete-sa-01/west-console.txt

testing/pluto/food-groups-bug-01/east-console.txt

testing/pluto/food-groups-bug-01/west-console.txt

testing/pluto/food-groups-clear-01/east-console.txt

testing/pluto/food-groups-clear-01/publicnet-east-sunset-ping.txt

testing/pluto/food-groups-clear-01/testparams.sh

testing/pluto/food-groups-clear-01/west-console.txt

testing/pluto/food-groups-clear-01/westnet-east-sunset-ping.txt

testing/pluto/food-groups-clear-02/east-console.txt

testing/pluto/food-groups-clear-02/west-console.txt

testing/pluto/food-groups-clear-or-oe-01/east-console.txt

testing/pluto/food-groups-clear-or-oe-01/east.conf

testing/pluto/food-groups-clear-or-oe-01/west-console.txt

testing/pluto/food-groups-clear-or-oe-02/east-console.txt

testing/pluto/food-groups-clear-or-oe-02/west-console.txt

testing/pluto/food-groups-never-01/description.txt

testing/pluto/food-groups-never-01/east-console.txt

testing/pluto/food-groups-never-01/eastinit.sh

testing/pluto/food-groups-never-01/testparams.sh

testing/pluto/food-groups-never-01/west-console.txt

testing/pluto/food-groups-never-01/westinit.sh

testing/pluto/food-groups-never-02/east-console.txt

testing/pluto/food-groups-never-02/west-console.txt

testing/pluto/food-groups-oe-or-clear-01/east-console.txt

testing/pluto/food-groups-oe-or-clear-01/testparams.sh

testing/pluto/food-groups-oe-or-clear-01/west-console.txt

testing/pluto/food-groups-oe-or-clear-01/westnet-ping.txt

testing/pluto/food-groups-oe-or-clear-02/east-console.txt

testing/pluto/food-groups-oe-or-clear-02/west-console.txt

testing/pluto/food-groups-oe-or-die-01/east-console.txt

testing/pluto/food-groups-oe-or-die-01/testparams.sh

testing/pluto/food-groups-oe-or-die-01/west-console.txt

testing/pluto/food-groups-oe-or-die-01/westnet-ping.txt

testing/pluto/food-groups-oe-or-die-02/east-console.txt

testing/pluto/food-groups-oe-or-die-02/west-console.txt

testing/pluto/log.ref/block-pl/wi-log

testing/pluto/log.ref/clear/wi-log

testing/pluto/log.ref/ipsec-dnsrsa-c/wi-log

testing/pluto/log.ref/ipsec-dnsrsa-co/wi-log

testing/pluto/log.ref/ipsec-dnsrsa-delete/wi-log

testing/pluto/log.ref/ipsec-dnsrsa-rw/wi-log

testing/pluto/log.ref/ipsec-dnsrsa/wi-log

testing/pluto/log.ref/ipsec-oppo-group/wi-log

testing/pluto/log.ref/ipsec-oppo-miss/wi-log

testing/pluto/log.ref/ipsec-oppo-narrow/wi-log

testing/pluto/log.ref/ipsec-oppo-seq/wi-log

testing/pluto/log.ref/ipsec-oppo-twice/wi-log

testing/pluto/log.ref/ipsec-oppo/wi-log

testing/pluto/log.ref/ipsec-psk-id-rw/wi-log

testing/pluto/log.ref/ipsec-psk-rw/wi-log

testing/pluto/log.ref/ipsec-psk/wi-log

testing/pluto/log.ref/ipsec-rsa-c/wi-log

testing/pluto/log.ref/ipsec-rsa-co/wi-log

testing/pluto/log.ref/ipsec-rsa-delete/wi-log

testing/pluto/log.ref/ipsec-rsa-rw/wi-log

testing/pluto/log.ref/ipsec-rsa-time-neg-dontrekey/wi-log

testing/pluto/log.ref/ipsec-rsa-time-neg/wi-log

testing/pluto/log.ref/ipsec-rsa-time-trunc-dontrekey/wi-log

testing/pluto/log.ref/ipsec-rsa-time-trunc/wi-log

testing/pluto/log.ref/ipsec-rsa/wi-log

testing/pluto/log.ref/isakmp-dnsrsa-case/wi-log

testing/pluto/log.ref/isakmp-dnsrsa-dot/wi-log

testing/pluto/log.ref/isakmp-dnsrsa/wi-log

testing/pluto/log.ref/isakmp-psk/wi-log

testing/pluto/log.ref/isakmp-rsa-case/wi-log

testing/pluto/log.ref/isakmp-rsa-dot/wi-log

testing/pluto/log.ref/isakmp-rsa-myid/wi-log

testing/pluto/log.ref/isakmp-rsa/wi-log

testing/pluto/log.ref/oe/wi-log

testing/pluto/log.ref/regr-oppo-narrow/wi-log

testing/pluto/log.ref/regr-shunt-oppo/wi-log

testing/pluto/log.ref/regr-template-32-32/wi-log

testing/pluto/log.ref/reject-pl/wi-log

testing/pluto/myid-road-01/east-console.txt

testing/pluto/myid-road-01/road-console.txt

testing/pluto/myid-road-01/road.conf

testing/pluto/myid-road-02/east-console.txt

testing/pluto/myid-road-02/road-console.txt

testing/pluto/myid-road-02/road.conf

testing/pluto/myid-road-03/east-console.txt

testing/pluto/myid-road-03/road-console.txt

testing/pluto/myid-road-03/road.conf

testing/pluto/myid-road-04/east-console.txt

testing/pluto/myid-road-04/road-console.txt

testing/pluto/myid-road-04/road.conf

testing/pluto/myid-road-05/east-console.txt

testing/pluto/myid-road-05/road-console.txt

testing/pluto/myid-road-05/road.conf

testing/pluto/myid-road-06/east-console.txt

testing/pluto/myid-road-06/road-console.txt

testing/pluto/myid-road-06/road.conf

testing/pluto/nat-oe-03/east-console.txt

testing/pluto/nat-oe-03/east.conf

testing/pluto/nat-oe-03/road-console.txt

testing/pluto/nat-oe-03/road.conf

testing/pluto/nat-pluto-01/east-console.txt

testing/pluto/nat-pluto-01/east.conf

testing/pluto/nat-pluto-01/north-console.txt

testing/pluto/nat-pluto-01/north.conf

testing/pluto/nat-pluto-01/northrun.sh

testing/pluto/nat-pluto-02/east-console.txt

testing/pluto/nat-pluto-02/east.conf

testing/pluto/nat-pluto-02/road-console.txt

testing/pluto/nat-pluto-02/road.conf

testing/pluto/oe-fail-without-private-key-01/east-console-txtrr.txt

testing/pluto/oe-fail-without-private-key-01/east-console.txt

testing/pluto/oe-fail-without-resp-client-txt-01/east-console.txt

testing/pluto/oe-fail-without-resp-client-txt-01/west-console.txt

testing/pluto/oe-flood-deadlock-01/east-console.txt

testing/pluto/oe-road-01/description.txt

testing/pluto/oe-road-01/east-console.txt

testing/pluto/oe-road-01/road-console.txt

testing/pluto/oe-road-01/roadfinal.sh

testing/pluto/oe-road-01/roadinit.sh

testing/pluto/oe-road-02/east-console.txt

testing/pluto/oe-road-02/road-console.txt

testing/pluto/oe-road-02/road.conf

testing/pluto/oe-road-02/roadinit.sh

testing/pluto/oe-road-03/east-console.txt

testing/pluto/oe-road-03/road-console.txt

testing/pluto/oe-road-03/road.conf

testing/pluto/oe-road-04/east-console.txt

testing/pluto/oe-road-04/road-console.txt

testing/pluto/oe-road-04/road.conf

testing/pluto/oe-snat-01/west-console.txt

testing/pluto/pluto-dontreky-expiry-01/east-console.txt

testing/pluto/pluto-dontreky-expiry-01/pluto_unit_tests.sh

testing/pluto/pluto-ipcmp-01/east-console.txt

testing/pluto/pluto-ipcmp-01/testparams.sh

testing/pluto/pluto-ipcmp-01/west-console.txt

testing/pluto/pluto-ipcmp-01/westinit.sh

testing/pluto/pluto-rekey-01/east-console.txt

testing/pluto/pluto-rekey-01/road-console.txt

testing/pluto/pluto-unit-01/east-console.txt

testing/pluto/policy-01/east-console.txt

testing/pluto/policy-01/road-console.txt

testing/pluto/setup.sh

testing/pluto/vpn-dns-01/east-console.txt

testing/pluto/x509-pluto-01/east-console.txt

testing/pluto/x509-pluto-01/eastinit.sh

testing/pluto/x509-pluto-01/testparams.sh

testing/pluto/x509-pluto-01/west-console.txt

testing/pluto/xauth-pluto-03/description.txt

testing/pluto/xauth-pluto-03/east-console.txt

testing/pluto/xauth-pluto-03/east.conf

testing/pluto/xauth-pluto-03/road-console.txt

testing/pluto/xauth-pluto-03/road.conf

testing/pluto/xauth-pluto-03/testparams.sh

testing/pluto/xauth-pluto-03/west-console.txt

testing/scripts/Makefile

testing/scripts/barf-01/east-console.txt

testing/scripts/barf-02/east-console.txt

testing/scripts/ipsec.conf-alsoflip-01/east-console.txt

testing/scripts/ipsec.conf-alsoflip-01/testparams.sh

testing/scripts/ipsec.conf-myid-01/east-console.txt

testing/scripts/ipsec.conf-restart-01/east-console.txt

testing/scripts/ipsec.conf-restart-01/testparams.sh

testing/scripts/setup.sh

testing/utils/2host-test.tcl

testing/utils/Makefile

testing/utils/Xhost-test.tcl

testing/utils/bootuml.sh

testing/utils/freeswan-regress-env-sample.sh

testing/utils/functions.sh

testing/utils/host-test.tcl

testing/utils/ikeping/Makefile

testing/utils/kill-uml.sh

testing/utils/localswitches.sh

testing/utils/localswitches.tcl

testing/utils/make-uml.sh

testing/utils/netjig.tcl

testing/utils/regress-stage2.sh

testing/utils/regress-summarize-results.pl

testing/utils/runme.sh

testing/utils/start-all-umls.sh

testing/utils/uml-functions.sh

testing/utils/uml_netjig/Makefile

testing/utils/umlsetup-sample.sh

Show diffs side-by-side

added added

removed removed

programs/pluto/x509keys.c

1

/* Support of X.509 keys

2

* Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann

3

* Copyright (C) 2001 Marco Bertossa, Andreas Schleiss

4

* Copyright (C) 2002 Mario Strasser

5

* Copyright (C) 2000-2004 Andreas Steffen, Zuercher Hochschule Winterthur

6

* Copyright (C) 2004 Michael Richardson <mcr@xelerance.com>

7

*

8

* This program is free software; you can redistribute it and/or modify it

9

* under the terms of the GNU General Public License as published by the

10

* Free Software Foundation; either version 2 of the License, or (at your

11

* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.

12

*

13

* This program is distributed in the hope that it will be useful, but

14

* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY

15

* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License

16

* for more details.

17

*

18

* RCSID $Id: x509keys.c,v 1.4 2004/06/27 22:42:14 mcr Exp $

19

*/

20

21

#include <stdlib.h>

22

#include <stdio.h>

23

#include <string.h>

24

#include <unistd.h>

25

#include <dirent.h>

26

#include <time.h>

27

#include <sys/types.h>

28

29

#include <openswan.h>

30

#include <openswan/ipsec_policy.h>

31

32

#include <sys/queue.h>

33

34

#include "constants.h"

35

#include "oswlog.h"

36

37

#include "defs.h"

38

#include "log.h"

39

#include "id.h"

40

#include "asn1.h"

41

#include "oid.h"

42

#include "x509.h"

43

#include "pgp.h"

44

#include "certs.h"

45

#include "keys.h"

46

#include "packet.h"

47

#include "demux.h" /* needs packet.h */

48

#include "connections.h"

49

#include "state.h"

50

#include "md2.h"

51

#include "md5.h"

52

#include "sha1.h"

53

#include "whack.h"

54

#include "fetch.h"

55

#include "ocsp.h"

56

#include "pkcs.h"

57

#include "x509more.h"

58

#include "paths.h"

59

60

/* extract id and public key from x.509 certificate and

61

* insert it into a pubkeyrec

62

*/

63

void

64

add_x509_public_key(x509cert_t *cert , time_t until

65

, enum dns_auth_level dns_auth_level)

66

{

67

generalName_t *gn;

68

struct pubkey *pk;

69

cert_t c = { FALSE, CERT_X509_SIGNATURE, {cert} };

70

71

/* we support RSA only */

72

if (cert->subjectPublicKeyAlgorithm != PUBKEY_ALG_RSA) return;

73

74

/* ID type: ID_DER_ASN1_DN (X.509 subject field) */

75

pk = allocate_RSA_public_key(c);

76

passert(pk != NULL);

77

pk->id.kind = ID_DER_ASN1_DN;

78

pk->id.name = cert->subject;

79

pk->dns_auth_level = dns_auth_level;

80

pk->until_time = until;

81

pk->issuer = cert->issuer;

82

delete_public_keys(&pk->id, pk->alg);

83

install_public_key(pk, &pubkeys);

84

85

gn = cert->subjectAltName;

86

87

while (gn != NULL) /* insert all subjectAltNames */

88

{

89

struct id id = empty_id;

90

91

gntoid(&id, gn);

92

if (id.kind != ID_NONE)

93

{

94

pk = allocate_RSA_public_key(c);

95

pk->id = id;

96

pk->dns_auth_level = dns_auth_level;

97

pk->until_time = until;

98

pk->issuer = cert->issuer;

99

delete_public_keys(&pk->id, pk->alg);

100

install_public_key(pk, &pubkeys);

101

}

102

gn = gn->next;

103

}

104

}

105

106

107

/* when a X.509 certificate gets revoked, all instances of

108

* the corresponding public key must be removed

109

*/

110

void

111

remove_x509_public_key(/*const*/ x509cert_t *cert)

112

{

113

const cert_t c = {FALSE, CERT_X509_SIGNATURE, {cert}};

114

struct pubkey_list *p, **pp;

115

struct pubkey *revoked_pk;

116

117

revoked_pk = allocate_RSA_public_key(c);

118

p = pubkeys;

119

pp = &pubkeys;

120

121

while(p != NULL)

122

{

123

if (same_RSA_public_key(&p->key->u.rsa, &revoked_pk->u.rsa))

124

{

125

/* remove p from list and free memory */

126

*pp = free_public_keyentry(p);

127

loglog(RC_LOG_SERIOUS,

128

"invalid RSA public key deleted");

129

}

130

else

131

{

132

pp = &p->next;

133

}

134

p =*pp;

135

}

136

free_public_key(revoked_pk);

137

}

138

139

/*

140

* Decode the CERT payload of Phase 1.

141

*/

142

void

143

decode_cert(struct msg_digest *md)

144

{

145

struct payload_digest *p;

146

147

for (p = md->chain[ISAKMP_NEXT_CERT]; p != NULL; p = p->next)

148

{

149

struct isakmp_cert *const cert = &p->payload.cert;

150

chunk_t blob;

151

time_t valid_until;

152

blob.ptr = p->pbs.cur;

153

blob.len = pbs_left(&p->pbs);

154

if (cert->isacert_type == CERT_X509_SIGNATURE)

155

{

156

x509cert_t cert = empty_x509cert;

157

if (parse_x509cert(blob, 0, &cert))

158

{

159

if (verify_x509cert(&cert, strict_crl_policy, &valid_until))

160

{

161

DBG(DBG_X509 | DBG_PARSING,

162

DBG_log("Public key validated")

163

)

164

add_x509_public_key(&cert, valid_until, DAL_SIGNED);

165

}

166

else

167

{

168

plog("X.509 certificate rejected");

169

}

170

free_generalNames(cert.subjectAltName, FALSE);

171

free_generalNames(cert.crlDistributionPoints, FALSE);

172

}

173

else

174

plog("Syntax error in X.509 certificate");

175

}

176

else if (cert->isacert_type == CERT_PKCS7_WRAPPED_X509)

177

{

178

x509cert_t *cert = NULL;

179

180

if (parse_pkcs7_cert(blob, &cert))

181

store_x509certs(&cert, strict_crl_policy);

182

else

183

plog("Syntax error in PKCS#7 wrapped X.509 certificates");

184

}

185

else

186

{

187

loglog(RC_LOG_SERIOUS, "ignoring %s certificate payload",

188

enum_show(&cert_type_names, cert->isacert_type));

189

DBG_cond_dump_chunk(DBG_PARSING, "CERT:\n", blob);

190

}

191

}

192

}

193

194

/*

195

* Decode the CR payload of Phase 1.

196

*/

197

void

198

decode_cr(struct msg_digest *md, generalName_t **requested_ca)

199

{

200

struct payload_digest *p;

201

202

for (p = md->chain[ISAKMP_NEXT_CR]; p != NULL; p = p->next)

203

{

204

struct isakmp_cr *const cr = &p->payload.cr;

205

chunk_t ca_name;

206

207

ca_name.len = pbs_left(&p->pbs);

208

ca_name.ptr = (ca_name.len > 0)? p->pbs.cur : NULL;

209

210

DBG_cond_dump_chunk(DBG_PARSING, "CR", ca_name);

211

212

if (cr->isacr_type == CERT_X509_SIGNATURE)

213

{

214

char buf[IDTOA_BUF];

215

216

if (ca_name.len > 0)

217

{

218

generalName_t *gn;

219

220

if (!is_asn1(ca_name))

221

continue;

222

223

gn = alloc_thing(generalName_t, "generalName");

224

clonetochunk(ca_name, ca_name.ptr,ca_name.len, "ca name");

225

gn->kind = GN_DIRECTORY_NAME;

226

gn->name = ca_name;

227

gn->next = *requested_ca;

228

*requested_ca = gn;

229

}

230

231

DBG(DBG_PARSING | DBG_CONTROL,

232

dntoa_or_null(buf, IDTOA_BUF, ca_name, "%any");

233

DBG_log("requested CA: '%s'", buf);

234

)

235

}

236

else

237

loglog(RC_LOG_SERIOUS, "ignoring %s certificate request payload",

238

enum_show(&cert_type_names, cr->isacr_type));

239

}

240

}

241

242

bool

243

build_and_ship_CR(u_int8_t type, chunk_t ca, pb_stream *outs, u_int8_t np)

244

{

245

pb_stream cr_pbs;

246

struct isakmp_cr cr_hd;

247

cr_hd.isacr_np = np;

248

cr_hd.isacr_type = type;

249

250

/* build CR header */

251

if (!out_struct(&cr_hd, &isakmp_ipsec_cert_req_desc, outs, &cr_pbs))

252

return FALSE;

253

254

if (ca.ptr != NULL)

255

{

256

/* build CR body containing the distinguished name of the CA */

257

if (!out_chunk(ca, &cr_pbs, "CA"))

258

return FALSE;

259

}

260

close_output_pbs(&cr_pbs);

261

return TRUE;

262

}

263

264

bool

265

collect_rw_ca_candidates(struct msg_digest *md, generalName_t **top)

266

{

267

struct connection *d = find_host_connection(&md->iface->addr

268

, pluto_port, (ip_address*)NULL, md->sender_port);

269

270

for (; d != NULL; d = d->hp_next)

271

{

272

/* must be a road warrior connection */

273

if (d->kind == CK_TEMPLATE && !(d->policy & POLICY_OPPO)

274

&& d->spd.that.ca.ptr != NULL)

275

{

276

generalName_t *gn;

277

bool new_entry = TRUE;

278

279

for (gn = *top; gn != NULL; gn = gn->next)

280

{

281

if (same_dn(gn->name, d->spd.that.ca))

282

{

283

new_entry = FALSE;

284

break;

285

}

286

}

287

if (new_entry)

288

{

289

gn = alloc_thing(generalName_t, "generalName");

290

gn->kind = GN_DIRECTORY_NAME;

291

gn->name = d->spd.that.ca;

292

gn->next = *top;

293

*top = gn;

294

}

295

}

296

}

297

return *top != NULL;

298

}

299

300

/*

301

* Local Variables:

302

* c-basic-offset:4

303

* c-style: pluto

304

* End:

305

*/

Older »