CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2010/06/29 13:50:16
Modified files:
sbin/isakmpd : Makefile dh.c dh.h ike_aggressive.c
ike_main_mode.c ike_phase_1.c ike_quick_mode.c
init.c ipsec.c x509.c
regress/sbin/isakmpd/dh: Makefile dhtest.c
Removed files:
sbin/isakmpd : math_2n.c math_2n.h math_ec2n.c math_ec2n.h
math_group.c math_group.h math_mp.h
Log message:
Replace the hand-crafted Diffie-Hellman implementation in isakmpd with
the smaller implementation from iked that is using libcrypto instead.
This allows to remove a lot of code (which is always good), get rid of
some custom crypto code by using libcrypto, theoretically adds
support for many new MODP and EC2N/ECP modes (but it is not configurable
yet), and allows to share the dh.c/dh.h code in different codebases
(it is identical in isakmpd and iked, but could also be used elsewhere).
ok deraadt@
