| Age | Commit message (Expand) | Author |
|---|
| 2016-09-03 | Add the missing bits to have NAT on enc(4) support in iked. | Vincent Gross |
| 2016-08-06 | Unbreak PSK authentication, broken by previous. | Pascal Stumpf |
| 2016-07-20 | When parsing the configuration. initialize the auth structure | Reyk Floeter |
| 2016-06-21 | do not allow whitespace in macro names, i.e. "this is" = "a variable". | Sebastian Benoit |
| 2015-12-09 | Remove plain DES encryption from IPsec. | Christian Weisgerber |
| 2015-11-04 | Support Chacha20-Poly1305 for Child SAs; ok reyk | Mike Belopuhov |
| 2015-10-31 | RFC4754 specifies ECDSA-521 (sic), not -512. ok reyk@ | Christian Weisgerber |
| 2015-10-02 | Remove MD5 from the default proposals. At least SHA1 seems to be the | Reyk Floeter |
| 2015-08-21 | Switch iked to C99-style fixed-width integer types. | Reyk Floeter |
| 2015-08-19 | spacing (no binary change, verified with checksums) | Reyk Floeter |
| 2015-07-03 | Terminate 'config' keyword array with a NULL element. | Mike Belopuhov |
| 2015-06-03 | Do not assume that asprintf() clears the pointer on failure, which | Todd C. Miller |
| 2015-02-08 | Use AI_ADDRCONFIG when resolv hosts on startup. | Reyk Floeter |
| 2015-01-19 | Remove unnecessary <netinet/ip_ipsp.h> includes | Mike Belopuhov |
| 2015-01-16 | Replace <sys/param.h> with <limits.h> and other less dirty headers where | Theo de Raadt |
| 2015-01-12 | Don't forget about protocol specification when configuring flows. | Mike Belopuhov |
| 2014-11-20 | Don't allow embedded nul characters in strings. | Jonathan Gray |
| 2014-11-14 | Add gcc printf format attributes to iked's parse.y and remove unused | Doug Hogan |
| 2014-08-27 | Add support for Curve25519 using the public domain code that is found | Reyk Floeter |
| 2014-08-25 | Add support for DH groups 27-30 using the Brainpool curves which have | Reyk Floeter |
| 2014-05-06 | initiate ike sa rekeying (ikesalifetime keyword), re-queue pfkey | Markus Friedl |
| 2014-02-17 | basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"' | Markus Friedl |
| 2014-02-14 | initial support for IPComp | Markus Friedl |
| 2014-01-22 | relax the cfg file secrecy check slightly to allow group readability | Henning Brauer |
| 2013-12-03 | never cast to sockaddr_storage, always cast to the abstract 'class' sockaddr | Markus Friedl |
| 2013-11-28 | support raw pubkey authentication w/o x509 certificates; | Markus Friedl |
| 2013-11-25 | use u_char for buffers in yylex, for ctype calls | Sebastian Benoit |
| 2013-11-22 | Whole bunch of (unsigned char) casts carefully added for ctype calls. | Theo de Raadt |
| 2013-03-21 | remove excessive includes | Theo de Raadt |
| 2013-01-08 | Remove private CVS tag from an obsolete repository and bump copyright | Reyk Floeter |
| 2012-10-25 | Move the arrays of default IKE and ESP transforms into parse.y instead | Reyk Floeter |
| 2012-09-18 | update email addresses to match reality. | Reyk Floeter |
| 2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
| 2012-06-29 | Add missing ESN bits | Mike Belopuhov |
| 2012-05-08 | rename espxforms to ipsecxforms for clarity | Mike Belopuhov |
| 2012-03-24 | fix some leaks | Jonathan Gray |
| 2011-05-27 | spacing | Reyk Floeter |
| 2011-04-18 | When the kernel wants to acquire an SA for an unknown flow, lookup a | Reyk Floeter |
| 2011-01-21 | Reimplement the iked(8) policy evaluation for incoming connections to | Reyk Floeter |
| 2011-01-17 | move mask2prefixlen functions to the util module; ok reyk | Mike Belopuhov |
| 2010-12-23 | pick netmask instead of address when we mean it; found by dhill, ok reyk | Mike Belopuhov |
| 2010-12-22 | Tweak the grammar a little bit by requiring a "bytes" keyword before the | Reyk Floeter |
| 2010-12-22 | child sa rekeying revamp plus numerous bugfixes; | Mike Belopuhov |
| 2010-12-21 | Convert netmask from sockaddr to prefixlen correctly as noticed | Mike Belopuhov |
| 2010-11-17 | Allow the -D command line flag to actually define macros. | Chris Kuethe |
| 2010-09-23 | support for aes-gcm | Mike Belopuhov |
| 2010-09-09 | - allow esp proposals without integrity and ah proposals without | Mike Belopuhov |
| 2010-08-03 | fix linecount bug with comments spanning multiple lines | Henning Brauer |
| 2010-07-22 | Don't deref a NULL pointer if tap or tag are not specified in the | Jonathan Gray |
| 2010-07-01 | Add support for the tap extension (ikev2 ... tap "enc1") that will | Reyk Floeter |
