summaryrefslogtreecommitdiff
path: root/sbin/iked/parse.y
AgeCommit message (Expand)Author
2020-09-16Fix EAP authentication if the initiator sends no certificatetobhe
2020-09-05Initialize flow_dir and flow_saproto so policy_test() can find the policytobhe
2020-08-25Fix undefined symbol.tobhe
2020-08-25Add dpd_check_interval configuration option. If for any IKE SA no IPsectobhe
2020-08-23Add a new configuration option to limit the number of connections fortobhe
2020-08-18Add optional time-stamp validaten for ocsp. The new optional 'tolerate'tobhe
2020-08-14Delete unused variable 'idtype'.tobhe
2020-07-20Fix dst/src port configuration bug with multiple flows.tobhe
2020-07-20iked: fix typo in fatalxStuart Henderson
2020-06-25Rework 'ikeauth' configuration option. The key and cert checks in the configtobhe
2020-06-05Add default proposals for AES-GCM ciphers in IKE and ESP.tobhe
2020-05-26Add AES-GCM mode ciphers (IANA IDs 19 and 20) for IKEv2.tobhe
2020-04-30Add ECDH groups and higher order MODP DH groups to default proposal.tobhe
2020-04-29Remove trailing tabtobhe
2020-04-29Missing whitespace.tobhe
2020-04-28Remove support for insecure EC2N groups. Clarify which Diffie-Hellmantobhe
2020-04-26Only print valid rdomains. '-1' is used as default value and shouldtobhe
2020-04-23Add support for switching rdomain on IPsec encryption/decryption.tobhe
2020-04-14Print 'ipcomp' in print_policy() if configured.tobhe
2020-04-12No need to call lc_idtype(). idstr does not contain a leading typetobhe
2020-04-10Only make the type part of the idstring lowercase when looking for certs intobhe
2020-03-28Plug some memory leaks.tobhe
2020-02-21Add transport mode for child SAs. This is useful for GRE over IPsec andtobhe
2019-12-03Correctly represent flows as traffic selectors as described in RFC 7296. Thistobhe
2019-11-28Merge host_v{4,6}() into host_ip(), simplify host()kn
2019-11-28Introduce copy_sockaddrtoipa() and set_ipmask() bits from pfctlkn
2019-11-12Add configuration options to explicitly specify ESN support for child SAs.tobhe
2019-09-26Fix leaks by cleaning up after configuration parser.tobhe
2019-08-26Fix file descriptor leak in config parser. Inspired by bgpd parse.y.tobhe
2019-08-16Fix segfault in parser when specifying an invalid transform.tobhe
2019-06-28When system calls indicate an error they return -1, not some arbitraryTheo de Raadt
2019-05-11Add support for IKEv2 Message Fragmentation as defined in RFC 7383.Patrick Wildt
2019-04-02When curve25519 was added to iked, it was based on the internet-draft andStuart Henderson
2019-02-13(unsigned) means (unsigned int) which on ptrdiff_t or size_t or otherTheo de Raadt
2018-11-07sync cmdline_symset() changes with src/usr.sbin; OK sashan@ claudio@miko
2018-11-01- odd condition/test in PF lexerAlexandr Nedvedicky
2018-07-11Do for most running out of memory err() what was done for most runningKenneth R Westerback
2018-07-09No need to mention which memory allocation entry point failed (malloc,Kenneth R Westerback
2018-07-08Be consistent in warn() and log_warn() usage whenKenneth R Westerback
2018-06-11Fix an off-by-one line count when using include statements.denis
2018-04-26Plug leak in error case of the common 'varset' implementations.Kenneth R Westerback
2018-01-31Add support for specifying multiple transforms within a single proposal.Patrick Wildt
2018-01-24Implement support for specifying multiple proposals. This means we canPatrick Wildt
2017-12-01The RFC specifies that in an SA payload the proposals must be numberedPatrick Wildt
2017-11-27Implement MOBIKE (RFC 4555) support in iked(8), with us acting asPatrick Wildt
2017-11-15Reset the OCSP URL on config reload. Otherwise we end up not beingPatrick Wildt
2017-04-24Fix configuration of ASN1_DN IDs.Reyk Floeter
2017-03-28Remove RSA from the list of keywords, lookup is now done in a table.Reyk Floeter
2017-03-27Factor out flows into separate configuration messagesMike Belopuhov
2017-03-27Add support for RFC4754 (ECDSA) and RFC7427 authentication.Reyk Floeter
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-22 11:08:30 +0000