summaryrefslogtreecommitdiff
path: root/sbin/iked/config.c
AgeCommit message (Expand)Author
2024-09-15Add handling of "Class" attribute. diff from markusYASUOKA Masahiko
2024-07-13Add RADIUS support. Authentication, accounting, and "DynamicYASUOKA Masahiko
2024-02-15Delay enabling sockets until ikev2 process is ready.Tobias Heider
2024-02-13Control startup of PROC_CERT and PROC_IKEV2.Tobias Heider
2024-01-17Convert to use imsg_get_fd()Claudio Jeker
2024-01-15Include cert_partial_chain in iked_static instead of sending a separateTobias Heider
2023-08-04Convert calls to ibuf_length() where it is clear that the ibuf is notClaudio Jeker
2023-05-23Replace ibuf_release() with ibuf_free() since the former just calls the latterClaudio Jeker
2022-12-03Consistently use uintXX_t from <stdint.h> instead of u_intXX_t.Tobias Heider
2022-11-18Revert my last two changes.Moritz Buhl
2022-11-13Make sure csa->csa_bundled is NULL after freeing to prevent aMoritz Buhl
2022-10-10Move enabling the policy refcounting from policy_ref() to config_free_policy().Tobias Heider
2022-09-19Add iked connection statistics for successful and failed connections, commonTobias Heider
2022-07-08Support sending certificate chains with intermediate CAs in multiple CERTTobias Heider
2022-05-08Move ikev2_reset_alive_timer() to a place where it makes more sense. The ideaTobias Heider
2021-11-25Silence unitialized variable warnings.Tobias Heider
2021-11-24Pass env to pfkey API. Consistently call pfkey file descriptor fd.Tobias Heider
2021-10-12Make sure all copies of MSCHAPv2 passphrase are zeroed after use.Tobias Heider
2021-09-18freezero() instead of free(), because the object may contain a passwordTheo de Raadt
2021-09-01Add client side support for DNS configuration. Use RTM_PROPOSAL_STATICTobias Heider
2021-05-13Refactor iked process shutdown and cleanup. Remember configuredtobhe
2021-02-22Don't pass 'id' as argument to make function signature match similartobhe
2021-02-13Add dynamic address configuration for roadwarrior clients.tobhe
2021-02-08Clean up kernel IPsec flows and security associations on shutdown.tobhe
2021-01-21Add support for INVALID_KE_PAYLOAD in CREATE_CHILD_SAtobhe
2020-11-29Add 'set stickyaddress' option. If this option is enabled, iked will trytobhe
2020-11-25Fix proposal error handling. If a proposal contains an unknown transformtobhe
2020-10-29Add initial support to request IP addresses as IKEv2 initiator.tobhe
2020-10-21Remove SAs from ike_dstid_sas on 'ikectl reset sa' to prevent use after free.tobhe
2020-10-09More unused headers.tobhe
2020-10-09Remove unused "wait.h" includes.tobhe
2020-09-30Don't leak sa->sa_peerauth.id_buf.tobhe
2020-09-25Simplify RB_TREE cleanup loops.tobhe
2020-09-23Add new 'set cert_partial_chain' config option to allow verification oftobhe
2020-08-26Allow disabling DPD liveness checks by setting dpd_check_interval to 0.tobhe
2020-08-25Add dpd_check_interval configuration option. If for any IKE SA no IPsectobhe
2020-08-24Reduce the amount of boilerplate code and imsgs for config options bytobhe
2020-08-23Add a new configuration option to limit the number of connections fortobhe
2020-08-18Add optional time-stamp validaten for ocsp. The new optional 'tolerate'tobhe
2020-08-16Clean up unused parameters.tobhe
2020-08-14Clean up unused variables.tobhe
2020-07-23Fix ibuf leak in sa_localauth when SA is freed.tobhe
2020-04-13Try to send a DELETE message if the SA is reset with 'ikectl reset id'.tobhe
2020-04-09Simplify socket creation logic. Normally iked needs two sockets, onetobhe
2020-03-24Fix user database corruption from 'ikectl reload'. Copy only the new passwordtobhe
2020-03-09Use TAILQ_FOREACH_SAFE instead of hand rolled loops.tobhe
2020-01-16Add '-p' command line option which allows to configuretobhe
2020-01-07Link ESP-SA and IPcomp-SA using GRPSPIS instead of using a self-builttobhe
2019-12-03Correctly represent flows as traffic selectors as described in RFC 7296. Thistobhe
2019-05-11Add support for IKEv2 Message Fragmentation as defined in RFC 7383.Patrick Wildt
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 03:36:49 +0000