index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
sbin
/
iked
/
ikev2.c
Age
Commit message (
Expand
)
Author
2021-02-20
Fail on invalid address family.
tobhe
2021-02-18
Save one allocation by passing msg_nonce ownership instead of using
tobhe
2021-02-18
Pass ownership instead of duplicating ibuf msg_ke.
tobhe
2021-02-13
Add dynamic address configuration for roadwarrior clients.
tobhe
2021-02-11
Explicitly unset IKED_REQ_CERTVALID before sending cert to ca process.
tobhe
2021-02-10
Delay deletion of IKE SAs on rekey when stickyaddress is enabled to make
tobhe
2021-02-09
Add optional 'group none' transform for child SAs and fix handling of
tobhe
2021-02-04
Rename 'struct group' to 'struct dh_group' for more clarity and
tobhe
2021-02-04
Upgrade to OpenSSL 1.1 compatible crypto API. Add additional
tobhe
2021-02-01
Take flows into consideration for policy lookup as initiator.
tobhe
2021-01-31
Ignore addresses that are not 0/32 (dynamic) in ikev2_cp_fixaddr()
tobhe
2021-01-31
Don't leak flows if ikev2_cp_fixflow() fails.
tobhe
2021-01-23
Fix typos.
tobhe
2021-01-21
Handle NO_PROPOSAL_CHOSEN for CREATE_CHILD_SA.
tobhe
2021-01-21
Add support for INVALID_KE_PAYLOAD in CREATE_CHILD_SA
tobhe
2021-01-20
Make sure to enforce matching dstid as initiator. Use policy lookup
tobhe
2021-01-18
Sync SA configuration payload to new SA after IKE SA rekeying.
tobhe
2020-12-27
Fix "any" and "dynamic" keywords for flows and add proper IPv6 support.
tobhe
2020-12-21
Use policy_test() to reassign existing SAs to updated policies after
tobhe
2020-11-30
We need to rekey every child SA (even if acquired): Otherwise we can
tobhe
2020-11-29
Add 'set stickyaddress' option. If this option is enabled, iked will try
tobhe
2020-11-28
Add support for multiple address pools. The parser already allows
tobhe
2020-11-27
Remove redundant state change. ikev2_ikesa_delete() sets the correct state.
tobhe
2020-11-25
Fix proposal error handling. If a proposal contains an unknown transform
tobhe
2020-11-24
Fix duplicate sa->sa_cp assignment.
tobhe
2020-11-21
Clean up NATT hack. Pass 'frompeer' as parameter instead of manipulating
tobhe
2020-11-17
Remove redundant indirection via msg_parent. This is only needed in
tobhe
2020-11-16
Reenable ikev2_init_auth() return value check. Make sure sa_stateok()
tobhe
2020-11-16
Backout ikev2_init_auth() return check to fix regression with
tobhe
2020-11-14
Make sure not to replace 0.0.0.0 with dynamic address if it is a a network
tobhe
2020-11-13
addr_net is already checked in ikev2_cp_setaddr() before sessing
tobhe
2020-11-12
Close SA if ikev2_init_auth() fails.
tobhe
2020-11-12
Fail if ikev2_init_ike_auth() is entered with invalid state.
tobhe
2020-11-07
Implement 'from dynamic', which installs flows where 'dynamic' is replaced
tobhe
2020-11-06
Set correct netmask on patched addresses for debug printing.
tobhe
2020-10-30
Add missing bits to make 'request addr 0.0.0.0' accept ANY dynamic address.
tobhe
2020-10-30
Whitespace fixes.
tobhe
2020-10-30
Fix key payload size. Use size from new SA.
tobhe
2020-10-29
Add initial support to request IP addresses as IKEv2 initiator.
tobhe
2020-10-28
Refactor parts of the dh_* API.
tobhe
2020-10-24
Don't modify sa in ikev2_pld_cp. Store cp_type in msg until message has
tobhe
2020-10-22
Handle NO_PROPOSAL_CHOSEN for initiator in IKE_SA_INIT exchange.
tobhe
2020-10-19
Handle NO_PROPOSAL_CHOSEN as IKE_AUTH initiator.
tobhe
2020-10-09
More unused headers.
tobhe
2020-10-09
Remove unused "wait.h" includes.
tobhe
2020-10-06
Always allocate hash_keylength() for buffers passed to hash_final() to
tobhe
2020-10-05
Only handle AUTHENTICATION_FAILED for IKE_AUTH and INFORMATIONAL exchanges.
tobhe
2020-10-03
React to DELETE notifications only in INFORMATIONAL messages
tobhe
2020-10-02
Send AUTH_FAILED in ikev2_ike_auth_recv() if the message did not contain
tobhe
2020-09-24
Cleanup logging, print SPIs where it makes sense.
tobhe
[next]