summaryrefslogtreecommitdiff
path: root/sbin/iked
AgeCommit message (Expand)Author
2011-01-17Add initial acquire mode support and use it whenever Windows peers decideMike Belopuhov
2011-01-17move mask2prefixlen functions to the util module; ok reykMike Belopuhov
2011-01-12postpone processing of pfkey messages received in pfkey_reply instead ofMike Belopuhov
2011-01-12decouple flow deletion from the ikev2_childsa_delete; ok reykMike Belopuhov
2011-01-12fixup bogus check; ok reykMike Belopuhov
2011-01-12don't forget to specify spi sizes; ok reykMike Belopuhov
2010-12-23pick netmask instead of address when we mean it; found by dhill, ok reykMike Belopuhov
2010-12-23always add a none payload, should fix ike sa rekeying for responders; ok reykMike Belopuhov
2010-12-22move and rename util.c:print_id() to ikev2.c:ikev2_print_id() becauseReyk Floeter
2010-12-22split util.c into two files: imsg_util.c for ibuf/imsg stuff and util forReyk Floeter
2010-12-22ikev2 rfc was recently updated, so list the newer one; ok reykMike Belopuhov
2010-12-22Tweak the grammar a little bit by requiring a "bytes" keyword before theReyk Floeter
2010-12-22Fix a little control socket bug, as discussed with mikeb@Reyk Floeter
2010-12-22child sa rekeying revamp plus numerous bugfixes;Mike Belopuhov
2010-12-21Convert netmask from sockaddr to prefixlen correctly as noticedMike Belopuhov
2010-12-21fixup log_warn and log_debug arguments; ok reykMike Belopuhov
2010-12-01Clarify the internal ibuf API: rename ibuf_copy() to ibuf_get() becauseReyk Floeter
2010-11-29make key exchange faster by not checking the predefined groups with DH_check()Markus Friedl
2010-11-17Allow the -D command line flag to actually define macros.Chris Kuethe
2010-11-08fixup number rounding; ok reykMike Belopuhov
2010-10-14plug a tiny leak.David Hill
2010-09-30promote openssl errors to the warning level; ok reykMike Belopuhov
2010-09-30check that there are transforms in the proposal before tryingMike Belopuhov
2010-09-30disable padding correctly. therefore we no longer need to supplyMike Belopuhov
2010-09-30More information about creating and maintaining the PKI with a link toReyk Floeter
2010-09-23support for aes-gcmMike Belopuhov
2010-09-22support INVALID_KE_PAYLOAD notification sent by the responder in caseMike Belopuhov
2010-09-20fixup length of an eap identity message payload.Mike Belopuhov
2010-09-16pass proper argument to the proc_sig_handler and check env forMike Belopuhov
2010-09-09- allow esp proposals without integrity and ah proposals withoutMike Belopuhov
2010-08-03fix linecount bug with comments spanning multiple linesHenning Brauer
2010-07-29some error cases returned 01 when they should have been returning -1Jonathan Gray
2010-07-28Change back to the pre rev 1.11 behaviour of not treating unexpectedJonathan Gray
2010-07-22Don't deref a NULL pointer if tap or tag are not specified in theJonathan Gray
2010-07-20two iterators should be u_int; ok jsgTheo de Raadt
2010-07-03Better non-debug logging messages when a session is established/closed.Reyk Floeter
2010-07-01Add support for the tap extension (ikev2 ... tap "enc1") that willReyk Floeter
2010-06-29add code to lookup the RSA public keys in /etc/iked/pubkeys/ as anReyk Floeter
2010-06-29Add missing frees.Reyk Floeter
2010-06-27When a peer requests a certificate from the local gateway, we firstReyk Floeter
2010-06-27fix possible double free of the initiator certReyk Floeter
2010-06-27fix the length check for ASN1_ID Ids.Reyk Floeter
2010-06-27Verify that the subjectAltName extension is present and matches theReyk Floeter
2010-06-27Instead of modifying and fiddling with the IKE SA in the payloadReyk Floeter
2010-06-27print the required bits as a stringReyk Floeter
2010-06-27cycle static buffers in print_bits()Reyk Floeter
2010-06-26revert the files that have been accidentally committed with myReyk Floeter
2010-06-26mixing any (AF_UNSPEC) with AF_INET/INET6 is not an address family mismatchReyk Floeter
2010-06-26Include the Id type in the generated SA tag that is passed to theReyk Floeter
2010-06-24unbreak the ikectl log verbose/brief commands.Reyk Floeter
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 20:29:02 +0000