index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
sbin
/
iked
/
ca.c
Age
Commit message (
Expand
)
Author
2017-10-30
In the subjectAltName comparison, the bzero before the while-loop was
Patrick Wildt
2017-10-27
Support multiple subjectAltNames by trying each existing until there
Patrick Wildt
2017-03-28
Add helpful debug messages to tell us why public key authentication failed.
Reyk Floeter
2017-03-27
Add support for RFC4754 (ECDSA) and RFC7427 authentication.
Reyk Floeter
2017-01-20
Make sure to free reference to the public key after decoding
Mike Belopuhov
2017-01-03
Fix pledge of the ca process by calling the right function on startup.
Reyk Floeter
2015-12-07
Sync proc.c, use shorter proc_compose[v]()
Reyk Floeter
2015-10-22
iked hereby pledges that it will run with restricted system
Reyk Floeter
2015-10-19
Remove the ikev1 stub - Since I started iked, it has an empty privsep
Reyk Floeter
2015-10-01
Fix interoperability with Apple iOS9: If we don't get a (valid)
Reyk Floeter
2015-08-21
Switch iked to C99-style fixed-width integer types.
Reyk Floeter
2015-03-26
initial support for RFC 7427 signatures, so we are no longer
Markus Friedl
2015-02-06
unneeded getopt.h
Theo de Raadt
2015-01-16
Replace <sys/param.h> with <limits.h> and other less dirty headers where
Theo de Raadt
2014-12-05
Specify correct number of iovecs when sending replies to the ikev2 proc
Mike Belopuhov
2014-07-10
add additional includes required to build with -DOPENSSL_NO_DEPRECATED
Jonathan Gray
2014-05-07
make authentication work with X509 certificates that don't have a
Markus Friedl
2014-05-05
ca_x509_serialize: don't leak the bio buffer; ok reyk@
Markus Friedl
2014-05-05
make the ca_pubkey_serialize() code similar to the private key code, and
Markus Friedl
2014-04-22
Update iked to use the same proc.c that relayd uses.
Reyk Floeter
2014-02-17
basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"'
Markus Friedl
2014-02-17
Fix compiler warnings in the format strings: use %zd for ssize_t and
Reyk Floeter
2013-11-28
support raw pubkey authentication w/o x509 certificates;
Markus Friedl
2013-11-14
pass caller to ca_sslerror for better error messages; ok mikeb
Markus Friedl
2013-03-21
remove excessive includes
Theo de Raadt
2013-01-08
Remove private CVS tag from an obsolete repository and bump copyright
Reyk Floeter
2012-11-16
promote some debug messages to warnings; ok reyk
Mike Belopuhov
2012-10-09
"If srcid is omitted, the default is to use the hostname of the local
Reyk Floeter
2012-09-18
update email addresses to match reality.
Reyk Floeter
2011-05-27
spacing
Reyk Floeter
2011-05-09
rename functions in proc.c to proc_* and move some code from imsg_util.c to
Reyk Floeter
2011-05-05
Small tweak - add direct pointer to env instead of using an indirect one.
Reyk Floeter
2011-05-05
Move the proc.c-specific runtime state out of struct iked into a sub-struct.
Reyk Floeter
2011-05-05
rename iked_proc* to privsep_proc*. no functional change.
Reyk Floeter
2010-12-22
move and rename util.c:print_id() to ikev2.c:ikev2_print_id() because
Reyk Floeter
2010-09-30
promote openssl errors to the warning level; ok reyk
Mike Belopuhov
2010-06-29
add code to lookup the RSA public keys in /etc/iked/pubkeys/ as an
Reyk Floeter
2010-06-27
When a peer requests a certificate from the local gateway, we first
Reyk Floeter
2010-06-27
fix the length check for ASN1_ID Ids.
Reyk Floeter
2010-06-27
Verify that the subjectAltName extension is present and matches the
Reyk Floeter
2010-06-26
Include the Id type in the generated SA tag that is passed to the
Reyk Floeter
2010-06-24
unbreak the ikectl log verbose/brief commands.
Reyk Floeter
2010-06-11
tweak the code slightly so we can remove -lssl
Jonathan Gray
2010-06-10
move a bzero of the x509 store context higher up so the
Jonathan Gray
2010-06-10
i don't like splitting source code in too many source files but ikev2.c
Reyk Floeter
2010-06-03
Import iked, a new implementation of the IKEv2 protocol.
Reyk Floeter