| Age | Commit message (Expand) | Author |
|---|
| 2021-02-13 | Add dynamic address configuration for roadwarrior clients. | tobhe |
| 2021-02-08 | Clean up kernel IPsec flows and security associations on shutdown. | tobhe |
| 2020-09-23 | Add new 'set cert_partial_chain' config option to allow verification of | tobhe |
| 2020-08-24 | Reduce the amount of boilerplate code and imsgs for config options by | tobhe |
| 2020-08-23 | Add a new configuration option to limit the number of connections for | tobhe |
| 2020-08-21 | Use trusted CA from /etc/iked/ca/ as OCSP issuer to get rid of | tobhe |
| 2020-08-18 | Add optional time-stamp validaten for ocsp. The new optional 'tolerate' | tobhe |
| 2020-04-09 | Simplify socket creation logic. Normally iked needs two sockets, one | tobhe |
| 2020-03-22 | Add 'ikectl show sa' command to print information about the state of | tobhe |
| 2020-03-18 | Add 'ikectl reset id <ID>' command to reset all SAs from policies with | tobhe |
| 2020-01-16 | Add '-p' command line option which allows to configure | tobhe |
| 2020-01-14 | Remove IPsec flow blocking unencrypted IPv6 traffic which was | tobhe |
| 2019-05-11 | Add support for IKEv2 Message Fragmentation as defined in RFC 7383. | Patrick Wildt |
| 2017-11-27 | Implement MOBIKE (RFC 4555) support in iked(8), with us acting as | Patrick Wildt |
| 2017-03-27 | Factor out flows into separate configuration messages | Mike Belopuhov |
| 2017-03-27 | Add support to reflect the responder IKEv2 COOKIE. | Reyk Floeter |
| 2017-01-03 | Fix pledge of the ca process by calling the right function on startup. | Reyk Floeter |
| 2016-01-27 | fyx typo. s,dynanic,dynamic, | Gleydson Soares |
| 2015-11-23 | Replace socket_set_blockmode() and fcntl(fd, F_SETFL, O_NONBLOCK) calls | Reyk Floeter |
| 2015-10-22 | iked hereby pledges that it will run with restricted system | Reyk Floeter |
| 2015-10-19 | Remove the ikev1 stub - Since I started iked, it has an empty privsep | Reyk Floeter |
| 2015-08-21 | Switch iked to C99-style fixed-width integer types. | Reyk Floeter |
| 2015-08-19 | spacing (no binary change, verified with checksums) | Reyk Floeter |
| 2015-06-11 | Use "compliant" header guards by avoiding the reserved '_' namespace. | Reyk Floeter |
| 2014-02-17 | basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"' | Markus Friedl |
| 2013-01-08 | Remove private CVS tag from an obsolete repository and bump copyright | Reyk Floeter |
| 2012-11-29 | Prevent VPN traffic leakages in dual-stack hosts/networks. | Reyk Floeter |
| 2012-10-23 | Allow to overwrite a few more definitions like file paths from the | Reyk Floeter |
| 2012-10-22 | Fix NAT-T support in iked, both on the initiator and the responder | Reyk Floeter |
| 2012-10-11 | The RSA public keys will be found in a subdirectory of /etc/iked/ | Reyk Floeter |
| 2012-09-18 | update email addresses to match reality. | Reyk Floeter |
| 2012-07-08 | if you use nitems() in userland, you must define it yourself | Theo de Raadt |
| 2011-05-05 | rename iked_proc* to privsep_proc*. no functional change. | Reyk Floeter |
| 2011-01-21 | Reimplement the iked(8) policy evaluation for incoming connections to | Reyk Floeter |
| 2011-01-17 | Add initial acquire mode support and use it whenever Windows peers decide | Mike Belopuhov |
| 2010-12-22 | child sa rekeying revamp plus numerous bugfixes; | Mike Belopuhov |
| 2010-06-29 | add code to lookup the RSA public keys in /etc/iked/pubkeys/ as an | Reyk Floeter |
| 2010-06-10 | Add the -S flag which does the same as "set passive" but matches the | Reyk Floeter |
| 2010-06-10 | add new commands: the couple/decouple commands will set loading of the | Reyk Floeter |
| 2010-06-07 | switch iked pki files to /etc/iked, discussed with reyk. | Jonathan Gray |
| 2010-06-03 | Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user. | Reyk Floeter |
| 2010-06-03 | Import iked, a new implementation of the IKEv2 protocol. | Reyk Floeter |
