index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
sbin
/
iked
Age
Commit message (
Expand
)
Author
2017-04-26
cope with IP address changes. before, we were trying to resend the msg
Henning Brauer
2017-04-24
Fix configuration of ASN1_DN IDs.
Reyk Floeter
2017-04-18
use freezero()
Theo de Raadt
2017-04-13
Add a NAT-T keepalive timer in case we are behind a NAT gateway.
Patrick Wildt
2017-03-30
Only close the SA if an error happens before ikev2_msg_init() was called
Patrick Wildt
2017-03-28
Add helpful debug messages to tell us why public key authentication failed.
Reyk Floeter
2017-03-28
Remove RSA from the list of keywords, lookup is now done in a table.
Reyk Floeter
2017-03-28
Don't send informational responses before we're having the key material.
Reyk Floeter
2017-03-28
Returning -1 in an imsg handler like ikev2_dispatch_cert aborts iked.
Reyk Floeter
2017-03-27
Don't cache the DH group in the policy
Mike Belopuhov
2017-03-27
correct verb pattern;
Jason McIntyre
2017-03-27
Factor out flows into separate configuration messages
Mike Belopuhov
2017-03-27
spacing
Reyk Floeter
2017-03-27
Fix another iked leak of SAs in pfkey_sa(), copy tags correctly.
Reyk Floeter
2017-03-27
Add support to reflect the responder IKEv2 COOKIE.
Reyk Floeter
2017-03-27
Add support for RFC4754 (ECDSA) and RFC7427 authentication.
Reyk Floeter
2017-03-23
set ps_noaction to not fork uneeded children when checking config with -n
Jonathan Gray
2017-03-21
From a syslog perspective it does not make sense to log fatal and
Alexander Bluhm
2017-03-13
Resolve simultaneous Child SA rekeying
Mike Belopuhov
2017-03-13
Resolve simultaneous IKE SA rekeying
Mike Belopuhov
2017-03-13
Make sure that proposal contains a DH group when rekeying with PFS enabled
Reyk Floeter
2017-03-13
NAT-T improvements
Reyk Floeter
2017-03-13
Don't rekey acquired Child SAs
Mike Belopuhov
2017-03-13
Clarify iked.conf(5) manpage in regards to IP compression.
Patrick Wildt
2017-03-13
When setting up IPcomp flows for the networks 'A' and 'B' between
Patrick Wildt
2017-03-13
When freeing a Child SA make sure it's peer no longer points to it
Mike Belopuhov
2017-03-13
Fix and improve the IKE SA rekeying timeout, add a randomized jitter.
Reyk Floeter
2017-03-13
Improve reporting of authentication errors
Mike Belopuhov
2017-03-13
flow_cmp() must compare the same flow-attributes as the kernel,
Patrick Wildt
2017-03-13
We need to call policy_ref() for policies that have refcounting
Patrick Wildt
2017-02-28
Depending on the addresses, ipsecctl(8) automatically groups sa
Alexander Bluhm
2017-02-24
In a scenario where a config reload happens during an IKE_AUTH exchange,
Patrick Wildt
2017-02-03
Stop assuming that in_{addr,port}_t are typedefed in <sys/types.h> and
Philip Guenther
2017-01-20
Add a warning when the address pool is exhausted
Mike Belopuhov
2017-01-20
Constify the data argument for ibuf_new
Mike Belopuhov
2017-01-20
Reset various pointers in ikev2_msg_cleanup
Mike Belopuhov
2017-01-20
Make sure to free reference to the public key after decoding
Mike Belopuhov
2017-01-20
Closed SAs should never be treated as valid
Mike Belopuhov
2017-01-20
Check bounds of the flows array when configuring traffic selectors
Mike Belopuhov
2017-01-20
Verify the certificate imsg payload size
Mike Belopuhov
2017-01-20
Include only found SPIs into the PAYLOAD_DELETE message
Mike Belopuhov
2017-01-20
Minor formatting fix
Mike Belopuhov
2017-01-20
New RFC7383 define
Mike Belopuhov
2017-01-17
Nuke some whitespace that keeps poking me in the eye as I try to
Kenneth R Westerback
2017-01-09
Stop accessing verbose and debug variables from log.c directly.
Reyk Floeter
2017-01-09
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with
Kenneth R Westerback
2017-01-08
Sync log.c with the latest version from vmd/log.c that preserves errno
Reyk Floeter
2017-01-05
Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ
Kenneth R Westerback
2017-01-04
Remove modular exponential groups specified in RFC5114
Mike Belopuhov
2017-01-03
Fix pledge of the ca process by calling the right function on startup.
Reyk Floeter
[next]