summaryrefslogtreecommitdiff
path: root/sbin/iked
AgeCommit message (Expand)Author
2022-12-06Print size_t with %zu.Tobias Heider
2022-12-04Rename sun to s_un for portability.Tobias Heider
2022-12-03Consistently use uintXX_t from <stdint.h> instead of u_intXX_t.Tobias Heider
2022-12-03Include endian.h where needed for betohXX functions.Tobias Heider
2022-11-30Switch idiom of d2i_ECDSA_SIG() invocationTheo Buehler
2022-11-26Bump to 7.2Tobias Heider
2022-11-18Revert my last two changes.Moritz Buhl
2022-11-13Make sure csa->csa_bundled is NULL after freeing to prevent aMoritz Buhl
2022-11-11Make sure csa->csa_bundled is NULL after freeing to prevent aMoritz Buhl
2022-11-11In case of an invalid SA resp is passed to ikev2_msg_cleanup withoutMoritz Buhl
2022-11-07Free objects that were dynamically allocated in libcrypto with OPENSSL_free().Tobias Heider
2022-11-06Fix out-of-order string operations resulting in a wrongly calculatedTobias Heider
2022-10-24Fix DH group lookup when checking if PFS is required. Compare IDTobias Heider
2022-10-10Move enabling the policy refcounting from policy_ref() to config_free_policy().Tobias Heider
2022-09-21Distinguish between retransmit ok and nothing to retransmit. This makesTobias Heider
2022-09-19Add iked connection statistics for successful and failed connections, commonTobias Heider
2022-09-14Compare 'srcnat' when comparing policies. Fixes a bug where policy lookup couldTobias Heider
2022-07-22add missing full stop;Jason McIntyre
2022-07-22Include an OpenIKED Vendor ID payload in the initial handshake. This willTobias Heider
2022-07-22Fix potential leak of reply in error case.Tobias Heider
2022-07-18Check if there is a locally cached nameserver to send before respondingTobias Heider
2022-07-08Support sending certificate chains with intermediate CAs in multiple CERTTobias Heider
2022-07-04Ignore any CERT payload after the first instead of failing the exchangeTobias Heider
2022-07-04Fix error in the comparison of the Child SA nonces to decide whichTobias Heider
2022-05-28Since 'sa' can be freed inside the loop, RB_FOREACH_SAFE is required.Gerhard Roth
2022-05-17Move towards OpenIKED 7.1Tobias Heider
2022-05-08Move ikev2_reset_alive_timer() to a place where it makes more sense. The ideaTobias Heider
2022-04-13IKED_LIFETIME_BYTES is > 2GB, and potentially used in strange place,Theo de Raadt
2022-04-13Document sntrup761x25519 key exchange.Tobias Heider
2022-04-11Fix leak of esnxf if esn ore noesn are configured explicitly.Tobias Heider
2022-03-16Make sure contents of vroute messages are aligned properly.Tobias Heider
2022-03-14Improve retransmission of message fragments. RFC 7383 states that loss ofTobias Heider
2022-02-13SKEEYSEED -> SKEYSEEDmbuhl
2022-02-06remove please from manual pagesJonathan Gray
2022-01-28When it's the possessive of 'it', it's spelled "its", without thePhilip Guenther
2021-12-23fix off by one in bounds testJonathan Gray
2021-12-14Move raw pubkey bytes to EVP_PKEY conversion to common function.Tobias Heider
2021-12-13Fix asprintf() error check. Portable code should check the returnTheo Buehler
2021-12-13Fix a few leaks due to X509_NAME_oneline(name, NULL, 0) dynamicallyTheo Buehler
2021-12-13Avoid a potential double free in group_free()Theo Buehler
2021-12-13Cleanup libcrypto memory management. Remove redundant NULL checksTobias Heider
2021-12-09Properly enable NAT-T without udpencap if mobike was negotiated without NAT.Tobias Heider
2021-12-09Move switch to NAT-T port and udpencap activation to ikev2_enable_natt().Tobias Heider
2021-12-08The /etc/iked/certs/ directory is used for both local and peerTobias Heider
2021-12-07Fix locally stored peer certificates in /etc/iked/certs as documented inTobias Heider
2021-12-06Logging received addresses and DNS configuration only makes sense forTobias Heider
2021-12-04Send out dstid as initiator if configured. This makes it easier forTobias Heider
2021-12-01whitespace cleanup during review readTheo de Raadt
2021-11-30whitespaceTobias Heider
2021-11-29add -V to usage(), and list it before -v in both SYNOPSIS and theJason McIntyre
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 00:56:30 +0000