summaryrefslogtreecommitdiff
path: root/sbin/iked/parse.y
AgeCommit message (Expand)Author
2020-11-29Add 'set stickyaddress' option. If this option is enabled, iked will trytobhe
2020-11-03Add 'any' keyword for request to allow 'request address any'.tobhe
2020-11-01Add 'dynamic' keyword to configure flows to dynamically assigned addresses.tobhe
2020-10-29Add initial support to request IP addresses as IKEv2 initiator.tobhe
2020-09-23Add new 'set cert_partial_chain' config option to allow verification oftobhe
2020-09-19Add SHA2_384 and SHA2_512 to default proposals.tobhe
2020-09-18Fix memory leak in 'n->name'.tobhe
2020-09-16Fix EAP authentication if the initiator sends no certificatetobhe
2020-09-05Initialize flow_dir and flow_saproto so policy_test() can find the policytobhe
2020-08-25Fix undefined symbol.tobhe
2020-08-25Add dpd_check_interval configuration option. If for any IKE SA no IPsectobhe
2020-08-23Add a new configuration option to limit the number of connections fortobhe
2020-08-18Add optional time-stamp validaten for ocsp. The new optional 'tolerate'tobhe
2020-08-14Delete unused variable 'idtype'.tobhe
2020-07-20Fix dst/src port configuration bug with multiple flows.tobhe
2020-07-20iked: fix typo in fatalxStuart Henderson
2020-06-25Rework 'ikeauth' configuration option. The key and cert checks in the configtobhe
2020-06-05Add default proposals for AES-GCM ciphers in IKE and ESP.tobhe
2020-05-26Add AES-GCM mode ciphers (IANA IDs 19 and 20) for IKEv2.tobhe
2020-04-30Add ECDH groups and higher order MODP DH groups to default proposal.tobhe
2020-04-29Remove trailing tabtobhe
2020-04-29Missing whitespace.tobhe
2020-04-28Remove support for insecure EC2N groups. Clarify which Diffie-Hellmantobhe
2020-04-26Only print valid rdomains. '-1' is used as default value and shouldtobhe
2020-04-23Add support for switching rdomain on IPsec encryption/decryption.tobhe
2020-04-14Print 'ipcomp' in print_policy() if configured.tobhe
2020-04-12No need to call lc_idtype(). idstr does not contain a leading typetobhe
2020-04-10Only make the type part of the idstring lowercase when looking for certs intobhe
2020-03-28Plug some memory leaks.tobhe
2020-02-21Add transport mode for child SAs. This is useful for GRE over IPsec andtobhe
2019-12-03Correctly represent flows as traffic selectors as described in RFC 7296. Thistobhe
2019-11-28Merge host_v{4,6}() into host_ip(), simplify host()kn
2019-11-28Introduce copy_sockaddrtoipa() and set_ipmask() bits from pfctlkn
2019-11-12Add configuration options to explicitly specify ESN support for child SAs.tobhe
2019-09-26Fix leaks by cleaning up after configuration parser.tobhe
2019-08-26Fix file descriptor leak in config parser. Inspired by bgpd parse.y.tobhe
2019-08-16Fix segfault in parser when specifying an invalid transform.tobhe
2019-06-28When system calls indicate an error they return -1, not some arbitraryTheo de Raadt
2019-05-11Add support for IKEv2 Message Fragmentation as defined in RFC 7383.Patrick Wildt
2019-04-02When curve25519 was added to iked, it was based on the internet-draft andStuart Henderson
2019-02-13(unsigned) means (unsigned int) which on ptrdiff_t or size_t or otherTheo de Raadt
2018-11-07sync cmdline_symset() changes with src/usr.sbin; OK sashan@ claudio@miko
2018-11-01- odd condition/test in PF lexerAlexandr Nedvedicky
2018-07-11Do for most running out of memory err() what was done for most runningKenneth R Westerback
2018-07-09No need to mention which memory allocation entry point failed (malloc,Kenneth R Westerback
2018-07-08Be consistent in warn() and log_warn() usage whenKenneth R Westerback
2018-06-11Fix an off-by-one line count when using include statements.denis
2018-04-26Plug leak in error case of the common 'varset' implementations.Kenneth R Westerback
2018-01-31Add support for specifying multiple transforms within a single proposal.Patrick Wildt
2018-01-24Implement support for specifying multiple proposals. This means we canPatrick Wildt
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 06:27:51 +0000