summaryrefslogtreecommitdiff
path: root/sbin/iked
AgeCommit message (Expand)Author
2020-04-22Fix leaks in signature validation.tobhe
2020-04-22Log authentication verification failure with "info" priority.tobhe
2020-04-20Remove unused 'dsa_cert' variable.tobhe
2020-04-18SPI_SA(sa, NULL) already prints a colon.tobhe
2020-04-17Log retransmits of sent requests and responses.tobhe
2020-04-16Print SPI value of deleted SA.tobhe
2020-04-15Remove redundant 'sa == NULL' check.tobhe
2020-04-14Print 'ipcomp' in print_policy() if configured.tobhe
2020-04-13Try to send a DELETE message if the SA is reset with 'ikectl reset id'.tobhe
2020-04-12No need to call lc_idtype(). idstr does not contain a leading typetobhe
2020-04-12"could not open public key" is an error and should be log_info.tobhe
2020-04-11DELETE payloads are common. Log with log_info instead of log_warnx.tobhe
2020-04-11If we haven't received any IKE message from our partner for sometobhe
2020-04-10Only make the type part of the idstring lowercase when looking for certs intobhe
2020-04-09Simplify socket creation logic. Normally iked needs two sockets, onetobhe
2020-04-08Prevent multiple ibuf leaks. Clean up on proccess shutdown.tobhe
2020-04-07Always prefer generic signature authentication (RFC 7427) , not just for RSA.tobhe
2020-04-06Fix pubkey leak in CA process for ASN1_DN IDs.tobhe
2020-04-05Fix size checks in ikev2_getimsgdata().tobhe
2020-04-04It makes no sense to fall back to original policy if the relookup with thetobhe
2020-04-03Port set in 'sin_port' should be htons() not ntohs().tobhe
2020-04-03Don't fallthrough in IMSG_CTL_RESET_ID case.tobhe
2020-04-02Store USE_TRANSPORTMODE in iked_message until the full message was parsedtobhe
2020-04-01Properly handle multiple CERTREQ payloads in CA process. Only for thetobhe
2020-03-31Log summary of certificates in cert store when iked fails to find atobhe
2020-03-30Log the received cryptographic proposal when the handshake fails becausetobhe
2020-03-30Log summary of IKE SA for established policy.tobhe
2020-03-28Plug some memory leaks.tobhe
2020-03-27Copy EAP ID to new SA when rekeying IKE SA.tobhe
2020-03-27Adjust cert type when choosing public key fallback.tobhe
2020-03-27Fix use of 'idstr' and 'idstrlen' arguments in print_static_id().tobhe
2020-03-24Add ikev2_print_static_id() to print static IDs in log_debug() output.tobhe
2020-03-24Make our CERTREQ payload handling less strict. If we can not find atobhe
2020-03-24Always clear sa_simult when initiating a new CREATE_CHILD_SA exchange, nottobhe
2020-03-24The certreq payload has no use in PSK authenticated exchanges. Once we aretobhe
2020-03-24Fix user database corruption from 'ikectl reload'. Copy only the new passwordtobhe
2020-03-22Add 'ikectl show sa' command to print information about the state oftobhe
2020-03-20Unset 'sa->sa_simult' when the exchange fails with CHILD_SA_NOT_FOUND.tobhe
2020-03-18Add 'ikectl reset id <ID>' command to reset all SAs from policies withtobhe
2020-03-16Handle allocation failure in reallocarry. Print errors with log_info.tobhe
2020-03-16Correctly calculate IPv6 address leases from small address pools.tobhe
2020-03-10Relookup policy based on received cryptographic parameter proposal.tobhe
2020-03-10Make sure 'pooladdr' is zero initialized.tobhe
2020-03-10Fix memory leak of 'cr' if allocation of 'cr->data' fails.tobhe
2020-03-10Make sure ikev2_next_payload() is only called when there is a previoustobhe
2020-03-10Return when SA lookup fails in ikev2_init_recv().tobhe
2020-03-10Delete dead code in ikev2_msg_valid_ike_sa().tobhe
2020-03-10Make sure 'e' is NULL initialized to prevent nullptr dereference intobhe
2020-03-09Use TAILQ_FOREACH_SAFE instead of hand rolled loops.tobhe
2020-03-01When the proposals are first matched the responder doestobhe
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 22:01:09 +0000