| Age | Commit message (Expand) | Author |
|---|
| 2016-06-01 | Implement a second address pool specifically for IPv6, so that | Patrick Wildt |
| 2015-12-07 | Sync proc.c, use shorter proc_compose[v]() | Reyk Floeter |
| 2015-11-23 | Replace socket_set_blockmode() and fcntl(fd, F_SETFL, O_NONBLOCK) calls | Reyk Floeter |
| 2015-11-22 | Update log.c: change fatal() and fatalx() into variadic functions, | Reyk Floeter |
| 2015-11-21 | Move local logging functions to util.c (which is shared with ikectl), | Reyk Floeter |
| 2015-10-22 | iked hereby pledges that it will run with restricted system | Reyk Floeter |
| 2015-10-19 | Remove the ikev1 stub - Since I started iked, it has an empty privsep | Reyk Floeter |
| 2015-10-01 | Fix interoperability with Apple iOS9: If we don't get a (valid) | Reyk Floeter |
| 2015-08-21 | Switch iked to C99-style fixed-width integer types. | Reyk Floeter |
| 2015-08-19 | spacing (no binary change, verified with checksums) | Reyk Floeter |
| 2015-07-07 | repair policy-ikesa-linking by replacing the broken RB_TREE w/TAILQ | Markus Friedl |
| 2015-06-11 | Use "compliant" header guards by avoiding the reserved '_' namespace. | Reyk Floeter |
| 2015-03-26 | initial support for RFC 7427 signatures, so we are no longer | Markus Friedl |
| 2015-01-16 | Replace <sys/param.h> with <limits.h> and other less dirty headers where | Theo de Raadt |
| 2014-08-18 | Sync proc.c with httpd. httpd needs SIGUSR1 but iked will ignore it | Reyk Floeter |
| 2014-05-09 | get rid of redundant {csa,flow}_{src,dst}id pointers, so we don't need | Markus Friedl |
| 2014-05-09 | replace iked_transform pointer with xform id, since target of pointer | Markus Friedl |
| 2014-05-08 | match iked proc.c infrastructure with proc.c | Bret Lambert |
| 2014-05-07 | make authentication work with X509 certificates that don't have a | Markus Friedl |
| 2014-05-06 | change the create-child-sa responder code, so it does not store any | Markus Friedl |
| 2014-05-06 | initiate ike sa rekeying (ikesalifetime keyword), re-queue pfkey | Markus Friedl |
| 2014-05-06 | initial support for PFS; ok reyk@ | Markus Friedl |
| 2014-05-06 | retire IKED_REQ_DELETE and fix delete parsing; ok reyk@ | Markus Friedl |
| 2014-04-29 | make sure the state machine only advances if the AUTH payload has | Markus Friedl |
| 2014-04-22 | Update iked to use the same proc.c that relayd uses. | Reyk Floeter |
| 2014-04-10 | Add validation routines to ikev2_pld.c: For each payload type overall | Reyk Floeter |
| 2014-02-21 | support rekeying for IPCOMP; ok mikeb@ | Markus Friedl |
| 2014-02-17 | interpret 'config address net/prefix' as a pool of addresses and | Markus Friedl |
| 2014-02-17 | basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"' | Markus Friedl |
| 2014-02-14 | remove unused function that distracts from cleaning up the imsg_flush() mess | Sebastian Benoit |
| 2014-02-14 | initial support for IPComp | Markus Friedl |
| 2014-01-24 | enable format-string checks for log_*(); ok mikeb | Markus Friedl |
| 2014-01-24 | use a bit saner timer api | Mike Belopuhov |
| 2014-01-22 | implement DPD similar to isakmpd, but only send DPD-messages 'on-demand' | Markus Friedl |
| 2013-12-09 | distingush between sa_msgid not set and 0; otherwise we start | Markus Friedl |
| 2013-12-03 | never cast to sockaddr_storage, always cast to the abstract 'class' sockaddr | Markus Friedl |
| 2013-11-28 | document sa_msgid & sa_reqid; ok mikeb@ | Markus Friedl |
| 2013-11-28 | support raw pubkey authentication w/o x509 certificates; | Markus Friedl |
| 2013-11-21 | Make the bit string u_char * in print_bits(). In practice we | Todd C. Miller |
| 2013-11-14 | pass caller to ca_sslerror for better error messages; ok mikeb | Markus Friedl |
| 2013-01-08 | Remove private CVS tag from an obsolete repository and bump copyright | Reyk Floeter |
| 2012-11-29 | Prevent VPN traffic leakages in dual-stack hosts/networks. | Reyk Floeter |
| 2012-10-22 | Fix NAT-T support in iked, both on the initiator and the responder | Reyk Floeter |
| 2012-09-18 | update email addresses to match reality. | Reyk Floeter |
| 2012-07-02 | Don't close IKE SA immediately after creating a new one when rekeying. | Mike Belopuhov |
| 2012-06-29 | Add missing ESN bits | Mike Belopuhov |
| 2012-06-26 | compare exchange types as well when looking up a message; | Mike Belopuhov |
| 2012-06-22 | Add initial support for retransmition timeouts and response retries. | Mike Belopuhov |
| 2012-06-22 | decouple timer initialization from timer_register | Mike Belopuhov |
| 2012-05-30 | more timer changes | Mike Belopuhov |
