| Age | Commit message (Expand) | Author |
|---|
| 2013-06-13 | Add support for protected-subnet config types. | Reyk Floeter |
| 2013-05-22 | Move the gmac/null ciphers to a different table block, clearly labelled as | Stuart Henderson |
| 2013-03-30 | Sync with latest IKEv2 Parameters from IANA. No functional change. | Reyk Floeter |
| 2013-03-21 | remove excessive includes | Theo de Raadt |
| 2013-03-11 | handle ECONNABORTED errors from accept(). In many code blocks they can be | Theo de Raadt |
| 2013-03-05 | cross referencing the manual page is better. | Igor Sobrado |
| 2013-03-05 | fix program name used in AUTHORS section. | Igor Sobrado |
| 2013-01-08 | Remove private CVS tag from an obsolete repository and bump copyright | Reyk Floeter |
| 2012-12-15 | Remove unused variables. | Reyk Floeter |
| 2012-12-15 | Don't print an error if the process exited normally. | Reyk Floeter |
| 2012-12-15 | Plug two memory leaks when cleaning up the dh/dsa crypto structures. | Reyk Floeter |
| 2012-12-15 | Fix a very hidden but harmless overflow in the MSCHAPv2 code. | Reyk Floeter |
| 2012-12-15 | Don't pass an uninitialized arg to ibuf_release(); initialize it to NULL. | Reyk Floeter |
| 2012-12-15 | Don't dereference NULL pointers (and some cleanup here). | Reyk Floeter |
| 2012-12-04 | remove some unnecessary sys/param.h inclusions | Theo de Raadt |
| 2012-11-29 | use Nm instead of Xr to self; | Jason McIntyre |
| 2012-11-29 | Prevent VPN traffic leakages in dual-stack hosts/networks. | Reyk Floeter |
| 2012-11-16 | promote some debug messages to warnings; ok reyk | Mike Belopuhov |
| 2012-10-25 | Include the license and copyright notice in the generated files. | Reyk Floeter |
| 2012-10-25 | Move the arrays of default IKE and ESP transforms into parse.y instead | Reyk Floeter |
| 2012-10-23 | Change the order of variables just to shrink the diff to the (not yet | Reyk Floeter |
| 2012-10-23 | Allow to overwrite a few more definitions like file paths from the | Reyk Floeter |
| 2012-10-23 | Add a cast for input to inet_pton() to silence a possible but harmless | Reyk Floeter |
| 2012-10-22 | tweak previous; | Jason McIntyre |
| 2012-10-22 | Fix NAT-T support in iked, both on the initiator and the responder | Reyk Floeter |
| 2012-10-11 | The RSA public keys will be found in a subdirectory of /etc/iked/ | Reyk Floeter |
| 2012-10-09 | "If srcid is omitted, the default is to use the hostname of the local | Reyk Floeter |
| 2012-09-25 | Correct DPADD to not list libssl which is not used by iked. | Brad Smith |
| 2012-09-22 | last stage of rfc changes, using consistent Rs/Re blocks, and moving the | Jason McIntyre |
| 2012-09-18 | update email addresses to match reality. | Reyk Floeter |
| 2012-07-08 | if you use nitems() in userland, you must define it yourself | Theo de Raadt |
| 2012-07-05 | when rekeying ike sa copy more info from the old one; | Mike Belopuhov |
| 2012-07-03 | Improve the key derivation function to produce correct keying material | Mike Belopuhov |
| 2012-07-02 | checking state flags make sense only when processing a response | Mike Belopuhov |
| 2012-07-02 | augment every sa_free call with a debugging log message | Mike Belopuhov |
| 2012-07-02 | Don't close IKE SA immediately after creating a new one when rekeying. | Mike Belopuhov |
| 2012-07-02 | a state machine is not worth the trouble when you've got a flag. doh! | Mike Belopuhov |
| 2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
| 2012-06-29 | Add missing ESN bits | Mike Belopuhov |
| 2012-06-27 | leftover code re-enqueued the same item on the list multiple times | Mike Belopuhov |
| 2012-06-27 | prevent an endless loop | Mike Belopuhov |
| 2012-06-26 | improve ikev2_msg_retransmit_timeout | Mike Belopuhov |
| 2012-06-26 | close SA when IKE_SA_INIT or IKE_AUTH exchanges fail; | Mike Belopuhov |
| 2012-06-26 | compare exchange types as well when looking up a message; | Mike Belopuhov |
| 2012-06-22 | Add initial support for retransmition timeouts and response retries. | Mike Belopuhov |
| 2012-06-22 | decouple timer initialization from timer_register | Mike Belopuhov |
| 2012-06-04 | Rounding up a number of bytes in a bignum returned by the BN_num_bytes() | Mike Belopuhov |
| 2012-05-30 | more timer changes | Mike Belopuhov |
| 2012-05-30 | when changing peer's address in the SA, remove the old entry from the | Mike Belopuhov |
| 2012-05-30 | pass a file descriptor in the msg_fd instead of a function argument | Mike Belopuhov |
