| Age | Commit message (Expand) | Author |
|---|
| 2017-03-13 | Resolve simultaneous Child SA rekeying | Mike Belopuhov |
| 2017-01-03 | Fix pledge of the ca process by calling the right function on startup. | Reyk Floeter |
| 2016-06-01 | Implement a second address pool specifically for IPv6, so that | Patrick Wildt |
| 2015-12-07 | Sync proc.c, use shorter proc_compose[v]() | Reyk Floeter |
| 2015-11-18 | pledge exposed a simple bug: the unprivileged child tried to print the | Reyk Floeter |
| 2015-10-19 | Remove the ikev1 stub - Since I started iked, it has an empty privsep | Reyk Floeter |
| 2015-10-15 | Remove some unnecessary NULL-checks before free(). Change two bzero() | mmcc |
| 2015-08-21 | Switch iked to C99-style fixed-width integer types. | Reyk Floeter |
| 2015-07-07 | repair policy-ikesa-linking by replacing the broken RB_TREE w/TAILQ | Markus Friedl |
| 2015-02-06 | unneeded getopt.h | Theo de Raadt |
| 2015-01-16 | Replace <sys/param.h> with <limits.h> and other less dirty headers where | Theo de Raadt |
| 2014-12-03 | Init SPI using arc4random_buf, rather than (r << 32) | r | Theo de Raadt |
| 2014-10-08 | trivial use of reallocarray() | Theo de Raadt |
| 2014-05-06 | change the create-child-sa responder code, so it does not store any | Markus Friedl |
| 2014-05-06 | initiate ike sa rekeying (ikesalifetime keyword), re-queue pfkey | Markus Friedl |
| 2014-05-06 | cleanup IKE-SA tree handling (fixes repeated-insert & double-remove) | Markus Friedl |
| 2014-05-06 | initial support for PFS; ok reyk@ | Markus Friedl |
| 2014-04-22 | Update iked to use the same proc.c that relayd uses. | Reyk Floeter |
| 2014-02-17 | interpret 'config address net/prefix' as a pool of addresses and | Markus Friedl |
| 2014-02-17 | basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"' | Markus Friedl |
| 2014-01-24 | use a bit saner timer api | Mike Belopuhov |
| 2013-12-03 | never cast to sockaddr_storage, always cast to the abstract 'class' sockaddr | Markus Friedl |
| 2013-11-28 | don't leak duplicate flows; ok mikeb@ | Markus Friedl |
| 2013-10-24 | no need for netinet/ip_var.h (and friends) | Theo de Raadt |
| 2013-03-21 | remove excessive includes | Theo de Raadt |
| 2013-01-08 | Remove private CVS tag from an obsolete repository and bump copyright | Reyk Floeter |
| 2012-12-15 | Remove unused variables. | Reyk Floeter |
| 2012-10-22 | Fix NAT-T support in iked, both on the initiator and the responder | Reyk Floeter |
| 2012-09-18 | update email addresses to match reality. | Reyk Floeter |
| 2012-07-02 | Don't close IKE SA immediately after creating a new one when rekeying. | Mike Belopuhov |
| 2012-06-22 | Add initial support for retransmition timeouts and response retries. | Mike Belopuhov |
| 2011-07-05 | fix memcpy sizeof. found by jsg. ok deraadt krw mikeb | Ted Unangst |
| 2011-05-09 | rename functions in proc.c to proc_* and move some code from imsg_util.c to | Reyk Floeter |
| 2011-05-05 | rename iked_proc* to privsep_proc*. no functional change. | Reyk Floeter |
| 2011-04-18 | When the kernel wants to acquire an SA for an unknown flow, lookup a | Reyk Floeter |
| 2011-01-26 | get rid of acquire flows completely, as they tend to pass traffic | Mike Belopuhov |
| 2011-01-21 | Reimplement the iked(8) policy evaluation for incoming connections to | Reyk Floeter |
| 2011-01-21 | split pfkey initialization into a privileged and unprivileged part to | Reyk Floeter |
| 2011-01-12 | postpone processing of pfkey messages received in pfkey_reply instead of | Mike Belopuhov |
| 2010-12-22 | child sa rekeying revamp plus numerous bugfixes; | Mike Belopuhov |
| 2010-06-14 | More code for initiator mode (not finished yet) | Reyk Floeter |
| 2010-06-10 | add new commands: the couple/decouple commands will set loading of the | Reyk Floeter |
| 2010-06-10 | Add another tree to lookup policy SAs by peer address. | Reyk Floeter |
| 2010-06-03 | Import iked, a new implementation of the IKEv2 protocol. | Reyk Floeter |
