summaryrefslogtreecommitdiff
path: root/sbin/iked/iked.c
AgeCommit message (Expand)Author
2023-03-05Fix clean process shutdown by storing env globally like vmd and httpd doTobias Heider
2023-03-04Sync proc.c from vmd(8) to enabled fork + exec for all processes. This givesTobias Heider
2021-12-01whitespace cleanup during review readTheo de Raadt
2021-11-29add -V to usage(), and list it before -v in both SYNOPSIS and theJason McIntyre
2021-11-29Add command line option to show the versionTobias Heider
2021-11-25Silence unitialized variable warnings.Tobias Heider
2021-09-01Add client side support for DNS configuration. Use RTM_PROPOSAL_STATICTobias Heider
2021-05-13Refactor iked process shutdown and cleanup. Remember configuredtobhe
2021-03-03Free sc_vroute on shutdown.tobhe
2021-02-22Don't pass 'id' as argument to make function signature match similartobhe
2021-02-13Add dynamic address configuration for roadwarrior clients.tobhe
2021-02-08Clean up kernel IPsec flows and security associations on shutdown.tobhe
2020-12-17Use strtonum() instead of atoi() to parse port option.tobhe
2020-12-17Sort command line options.tobhe
2020-11-20add -s to synopsis and usage; -S before -s in options list;Jason McIntyre
2020-11-20Add -s socket option to specify control socket. This can be useful iftobhe
2020-09-23Add new 'set cert_partial_chain' config option to allow verification oftobhe
2020-08-24Reduce the amount of boilerplate code and imsgs for config options bytobhe
2020-08-23Add a new configuration option to limit the number of connections fortobhe
2020-08-23Rename natt_mode to sc_nattmode for consistency.tobhe
2020-08-21Use trusted CA from /etc/iked/ca/ as OCSP issuer to get rid oftobhe
2020-04-09Simplify socket creation logic. Normally iked needs two sockets, onetobhe
2020-04-03Port set in 'sin_port' should be htons() not ntohs().tobhe
2020-01-16Add '-p' command line option which allows to configuretobhe
2020-01-15s/deprecated/ignored/ in the warning message if -6 is used; the optionStuart Henderson
2020-01-14Remove IPsec flow blocking unencrypted IPv6 traffic which wastobhe
2019-11-30The message sent in config_setmode starts the handshake in the ikev2 processtobhe
2019-05-11Add support for IKEv2 Message Fragmentation as defined in RFC 7383.Patrick Wildt
2017-11-27Implement MOBIKE (RFC 4555) support in iked(8), with us acting asPatrick Wildt
2017-11-08Do not accept superfluous arguments.Patrick Wildt
2017-03-23set ps_noaction to not fork uneeded children when checking config with -nJonathan Gray
2017-01-09Stop accessing verbose and debug variables from log.c directly.Reyk Floeter
2017-01-03Fix pledge of the ca process by calling the right function on startup.Reyk Floeter
2016-09-04Forward IMSG_CTL_VERBOSE via the parent; this fixes a crash when doingReyk Floeter
2015-12-07Sync proc.c, use shorter proc_compose[v]()Reyk Floeter
2015-11-22Update log.c: change fatal() and fatalx() into variadic functions,Reyk Floeter
2015-10-22iked hereby pledges that it will run with restricted systemReyk Floeter
2015-10-19Remove the ikev1 stub - Since I started iked, it has an empty privsepReyk Floeter
2015-10-15Remove some unnecessary NULL-checks before free(). Change two bzero()mmcc
2015-08-21Switch iked to C99-style fixed-width integer types.Reyk Floeter
2015-06-03Do not assume that asprintf() clears the pointer on failure, whichTodd C. Miller
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
2014-08-18Sync proc.c with httpd. httpd needs SIGUSR1 but iked will ignore itReyk Floeter
2014-05-08match iked proc.c infrastructure with proc.cBret Lambert
2014-04-22Update iked to use the same proc.c that relayd uses.Reyk Floeter
2014-02-17basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"'Markus Friedl
2013-10-24no need for netinet/ip_var.h (and friends)Theo de Raadt
2013-03-21remove excessive includesTheo de Raadt
2013-01-08Remove private CVS tag from an obsolete repository and bump copyrightReyk Floeter
2012-12-15Don't print an error if the process exited normally.Reyk Floeter