summaryrefslogtreecommitdiff
path: root/sbin/iked
AgeCommit message (Expand)Author
2021-11-05Clarify iface option.Tobias Heider
2021-11-04Clarify "aes" will accept keys which length is in 128:256 bits. AlsoYASUOKA Masahiko
2021-10-26Make proto config option accept a list to allow specifying multipleTobias Heider
2021-10-15Don't declare variables as "unsigned char *" that are passed toChristian Weisgerber
2021-10-12Change responder to prefer DH group from KE payload.Tobias Heider
2021-10-12Make sure all copies of MSCHAPv2 passphrase are zeroed after use.Tobias Heider
2021-09-18upon length check or other failure, explicit_bzero an object, because it mayTheo de Raadt
2021-09-18freezero() instead of free(), because the object may contain a passwordTheo de Raadt
2021-09-07Fix leak of msg_cert.id_buf. ikev2_msg_cleanup() frees id_buf if weTobias Heider
2021-09-07Fix leak of m if message initialization fails.Tobias Heider
2021-09-06Fix leaks in vroute addr and route caches.Tobias Heider
2021-09-02styleTobias Heider
2021-09-01Add client side support for DNS configuration. Use RTM_PROPOSAL_STATICTobias Heider
2021-08-03Increase default data bytes limit for Child SAs to 4 GB.tobhe
2021-06-29Send AUTHENTICATION_FAILED in case of unexpected auth method or authtobhe
2021-06-23Use print_host() to log destination, netmask and gateway. Add prettytobhe
2021-06-23Factor out vroute_addr().tobhe
2021-06-17Skip flows in ikev2_cp_addr() if they don't contain a dynamic (0.0.0.0)tobhe
2021-06-11Revert previous change in ikev2_cp_fixaddr().tobhe
2021-06-01Remember flow routes in addition to host routes and deletetobhe
2021-05-31Don't fail hard in ikev2_cp_fixaddr() if no address pool is found.tobhe
2021-05-31Prevent address underflow with /32 config address prefix.tobhe
2021-05-28Add experimental post-quantum hybrid key exchange methodtobhe
2021-05-17Avoid calling ibuf_add() with NULL and zero length.tobhe
2021-05-13Refactor iked process shutdown and cleanup. Remember configuredtobhe
2021-05-13Use field independent version of {get,set}_affine_coordinates.Theo Buehler
2021-04-20Move TAILQ initialization to files where they are used.dv
2021-04-11Document 'request' option to request additional configuration payloads.tobhe
2021-04-09Only modify routes if SA has a valid address lease. On IKE SA rekeytobhe
2021-04-03Add size check for sockaddr mask.tobhe
2021-03-25Sync correct ROUNDUP() from net/route.ctobhe
2021-03-23Don't send DELETE notify if IKE SA is replaced because oftobhe
2021-03-21The tag comes after iface in iked.conf(5).tobhe
2021-03-16Add 'grp31' alias for curve25519 as documented in iked.conf(5).tobhe
2021-03-15We makes sure that a dh group is required if the local proposaltobhe
2021-03-15Ignore msg_ke in CREATE_CHILD_SA if DH negotiation results in grouptobhe
2021-03-14Log errors with log level info and SPI.tobhe
2021-03-09Also log transforms on IKE SA rekey.tobhe
2021-03-07Log ESN for child SAs if enabled.tobhe
2021-03-06whitespacetobhe
2021-03-05Print PFS group for rekeyed Child SAs.tobhe
2021-03-05Log transforms of established IKE and Child SAs.tobhe
2021-03-05Move policy printing code from parse.y to new print.ctobhe
2021-03-04Remove -g from CFLAGS. This was accidentally added with the last commit.tobhe
2021-03-04Derive config netmask from address pool if not explicitly configured.tobhe
2021-03-03Free sc_vroute on shutdown.tobhe
2021-03-02Increase the size of iov in pfkey_sa() to be large enough for allJonathan Gray
2021-03-01Make sure sa_policy is not NULL in sa_configure_iface(). This can happentobhe
2021-02-28Rename addr to gateway.tobhe
2021-02-27Set RTF_GATEWAY for host route based on RTM_GET response.tobhe
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 04:15:22 +0000