| Age | Commit message (Expand) | Author |
|---|
| 2019-02-13 | (unsigned) means (unsigned int) which on ptrdiff_t or size_t or other | Theo de Raadt |
| 2018-12-07 | Make sure the TAP extension is only added to the vector when needed. | Martin Pieuchot |
| 2018-12-07 | Make sure that the prefixlen returned by mask2prefixlen6 is never bigger | Claudio Jeker |
| 2018-11-07 | sync cmdline_symset() changes with src/usr.sbin; OK sashan@ claudio@ | miko |
| 2018-11-01 | - odd condition/test in PF lexer | Alexandr Nedvedicky |
| 2018-08-06 | Remove cpath pledge(2) promise. We decided that not deleting the unix control | Ricardo Mestre |
| 2018-07-11 | Do for most running out of memory err() what was done for most running | Kenneth R Westerback |
| 2018-07-09 | No need to mention which memory allocation entry point failed (malloc, | Kenneth R Westerback |
| 2018-07-08 | Be consistent in warn() and log_warn() usage when | Kenneth R Westerback |
| 2018-07-03 | Rephrase a misleading sentence in iked(8), and add a missing | Stefan Sperling |
| 2018-06-22 | Use __func__ in log_debug calls. | rob |
| 2018-06-11 | Fix an off-by-one line count when using include statements. | denis |
| 2018-04-26 | Plug leak in error case of the common 'varset' implementations. | Kenneth R Westerback |
| 2018-03-22 | The iked(8) fuzzer did not fuzz encrypted payloads. With that changed | Patrick Wildt |
| 2018-03-16 | Consistently spell "IPsec" in comments and debug outputs. | Martin Pieuchot |
| 2018-03-05 | Outsource enabling/disabling the DPD and keepalive timers for SAs into | Patrick Wildt |
| 2018-01-31 | Add support for specifying multiple transforms within a single proposal. | Patrick Wildt |
| 2018-01-24 | Implement support for specifying multiple proposals. This means we can | Patrick Wildt |
| 2017-12-23 | Since ikev2_init_recv() is supposed to only handle responses to an | Patrick Wildt |
| 2017-12-13 | getsockname(2) needs to be passed the length of the input struct. | Patrick Wildt |
| 2017-12-07 | Change the SA payload parser to parse more than the first proposal. This | Patrick Wildt |
| 2017-12-05 | When sending out a proposal we create an SA/SPI for the Child SAs if we | Patrick Wildt |
| 2017-12-04 | Remove duplicate check that never could execute because the exact same | Patrick Wildt |
| 2017-12-04 | Consistently log "malformed payload" instead of "payload malformed", and | Patrick Wildt |
| 2017-12-04 | Remove check that is now a duplicate due to recent refactoring. | Patrick Wildt |
| 2017-12-04 | The payloads are layered like onions, so you can validate one layer and | Patrick Wildt |
| 2017-12-04 | Initialize variable, otherwise the pointer might contain stack garbage. | Patrick Wildt |
| 2017-12-03 | If we wanted to send out more proposals than just one, we need to set a | Patrick Wildt |
| 2017-12-03 | The RFC specifies that to accept a proposal, we must select a transform | Patrick Wildt |
| 2017-12-01 | The RFC specifies that in an SA payload the proposals must be numbered | Patrick Wildt |
| 2017-12-01 | Turns out that, as specified in the RFC, the initial Child SA does not | Patrick Wildt |
| 2017-11-30 | Add support for rejecting IKE SA messages. This means that we can reply | Patrick Wildt |
| 2017-11-29 | Print_host is used mainly in printf style functions. So do not return NULL | Claudio Jeker |
| 2017-11-27 | Implement MOBIKE (RFC 4555) support in iked(8), with us acting as | Patrick Wildt |
| 2017-11-15 | Reset the OCSP URL on config reload. Otherwise we end up not being | Patrick Wildt |
| 2017-11-08 | Do not accept superfluous arguments. | Patrick Wildt |
| 2017-11-08 | For IPcomp we need to load explicit ESP-flows for the IPIP or IPCOMP | Patrick Wildt |
| 2017-10-30 | In the subjectAltName comparison, the bzero before the while-loop was | Patrick Wildt |
| 2017-10-27 | Support multiple subjectAltNames by trying each existing until there | Patrick Wildt |
| 2017-10-27 | In the final RFC 5903 the computation for the DH shared secret changed. | Patrick Wildt |
| 2017-08-28 | fix char ** to const char ** conversion warning; ok mikeb@ | Otto Moerbeek |
| 2017-07-19 | more depends gc / yacc rules overhaul | Marc Espie |
| 2017-07-03 | no need to generate y.tab.h if nothing uses it, set YFLAGS to nothing | Marc Espie |
| 2017-06-01 | Expand $eapid in iked tags, allowing PF rules to be written based on EAP | Stuart Henderson |
| 2017-05-21 | A few more freezero() uses | Theo de Raadt |
| 2017-04-26 | cope with IP address changes. before, we were trying to resend the msg | Henning Brauer |
| 2017-04-24 | Fix configuration of ASN1_DN IDs. | Reyk Floeter |
| 2017-04-18 | use freezero() | Theo de Raadt |
| 2017-04-13 | Add a NAT-T keepalive timer in case we are behind a NAT gateway. | Patrick Wildt |
| 2017-03-30 | Only close the SA if an error happens before ikev2_msg_init() was called | Patrick Wildt |
