summaryrefslogtreecommitdiff
path: root/sbin/iked/parse.y
AgeCommit message (Expand)Author
2023-04-19remove duplicate includesJonathan Gray
2022-07-22Include an OpenIKED Vendor ID payload in the initial handshake. This willTobias Heider
2022-04-11Fix leak of esnxf if esn ore noesn are configured explicitly.Tobias Heider
2021-12-23fix off by one in bounds testJonathan Gray
2021-12-01whitespace cleanup during review readTheo de Raadt
2021-11-20Fix some strdup() leaks in ocsp config option.Tobias Heider
2021-11-16Zero all copies of pre-shared key.Tobias Heider
2021-10-26Make proto config option accept a list to allow specifying multipleTobias Heider
2021-10-15Don't declare variables as "unsigned char *" that are passed toChristian Weisgerber
2021-10-12Make sure all copies of MSCHAPv2 passphrase are zeroed after use.Tobias Heider
2021-09-18upon length check or other failure, explicit_bzero an object, because it mayTheo de Raadt
2021-05-28Add experimental post-quantum hybrid key exchange methodtobhe
2021-03-16Add 'grp31' alias for curve25519 as documented in iked.conf(5).tobhe
2021-03-05Move policy printing code from parse.y to new print.ctobhe
2021-02-13Add dynamic address configuration for roadwarrior clients.tobhe
2021-02-09Add optional 'group none' transform for child SAs and fix handling oftobhe
2021-02-07Fix address leaks in expand_flows().tobhe
2021-02-01Whitespacetobhe
2020-12-29getifaddrs() can return entries where ifa_addr is NULL. Check for thisSebastian Benoit
2020-12-27Fix "any" and "dynamic" keywords for flows and add proper IPv6 support.tobhe
2020-12-20Don't leak ipsec_hosts when building hosts_list.tobhe
2020-12-15Fix leak of REQUEST string.tobhe
2020-12-13Make sure flow src and dst addresses have the same address family.tobhe
2020-12-10Print valid ikesa/childsa configuration at startup. Comma seperatedtobhe
2020-11-29Add 'set stickyaddress' option. If this option is enabled, iked will trytobhe
2020-11-03Add 'any' keyword for request to allow 'request address any'.tobhe
2020-11-01Add 'dynamic' keyword to configure flows to dynamically assigned addresses.tobhe
2020-10-29Add initial support to request IP addresses as IKEv2 initiator.tobhe
2020-09-23Add new 'set cert_partial_chain' config option to allow verification oftobhe
2020-09-19Add SHA2_384 and SHA2_512 to default proposals.tobhe
2020-09-18Fix memory leak in 'n->name'.tobhe
2020-09-16Fix EAP authentication if the initiator sends no certificatetobhe
2020-09-05Initialize flow_dir and flow_saproto so policy_test() can find the policytobhe
2020-08-25Fix undefined symbol.tobhe
2020-08-25Add dpd_check_interval configuration option. If for any IKE SA no IPsectobhe
2020-08-23Add a new configuration option to limit the number of connections fortobhe
2020-08-18Add optional time-stamp validaten for ocsp. The new optional 'tolerate'tobhe
2020-08-14Delete unused variable 'idtype'.tobhe
2020-07-20Fix dst/src port configuration bug with multiple flows.tobhe
2020-07-20iked: fix typo in fatalxStuart Henderson
2020-06-25Rework 'ikeauth' configuration option. The key and cert checks in the configtobhe
2020-06-05Add default proposals for AES-GCM ciphers in IKE and ESP.tobhe
2020-05-26Add AES-GCM mode ciphers (IANA IDs 19 and 20) for IKEv2.tobhe
2020-04-30Add ECDH groups and higher order MODP DH groups to default proposal.tobhe
2020-04-29Remove trailing tabtobhe
2020-04-29Missing whitespace.tobhe
2020-04-28Remove support for insecure EC2N groups. Clarify which Diffie-Hellmantobhe
2020-04-26Only print valid rdomains. '-1' is used as default value and shouldtobhe
2020-04-23Add support for switching rdomain on IPsec encryption/decryption.tobhe
2020-04-14Print 'ipcomp' in print_policy() if configured.tobhe