| Age | Commit message (Expand) | Author |
|---|
| 2019-07-03 | snprintf/vsnprintf return < 0 on error, rather than -1. | Theo de Raadt |
| 2019-06-28 | When system calls indicate an error they return -1, not some arbitrary | Theo de Raadt |
| 2019-05-11 | Add support for IKEv2 Message Fragmentation as defined in RFC 7383. | Patrick Wildt |
| 2019-05-10 | Set the IKED_REQ_INFORMATIONAL flag when sending a delete request | Patrick Wildt |
| 2019-05-10 | Enforce messages after IKE_SA_INIT exchange to contain only | Patrick Wildt |
| 2019-04-02 | When curve25519 was added to iked, it was based on the internet-draft and | Stuart Henderson |
| 2019-02-27 | update RFC references, from tobias_heider at genua.de, ok claudio@ | Stuart Henderson |
| 2019-02-26 | Fix sending IKEV2_CFG_INTERNAL_IP6_DNS, IKEV2_CFG_INTERNAL_IP6_NBNS, | Patrick Wildt |
| 2019-02-13 | (unsigned) means (unsigned int) which on ptrdiff_t or size_t or other | Theo de Raadt |
| 2018-12-07 | Make sure the TAP extension is only added to the vector when needed. | Martin Pieuchot |
| 2018-12-07 | Make sure that the prefixlen returned by mask2prefixlen6 is never bigger | Claudio Jeker |
| 2018-11-07 | sync cmdline_symset() changes with src/usr.sbin; OK sashan@ claudio@ | miko |
| 2018-11-01 | - odd condition/test in PF lexer | Alexandr Nedvedicky |
| 2018-08-06 | Remove cpath pledge(2) promise. We decided that not deleting the unix control | Ricardo Mestre |
| 2018-07-11 | Do for most running out of memory err() what was done for most running | Kenneth R Westerback |
| 2018-07-09 | No need to mention which memory allocation entry point failed (malloc, | Kenneth R Westerback |
| 2018-07-08 | Be consistent in warn() and log_warn() usage when | Kenneth R Westerback |
| 2018-07-03 | Rephrase a misleading sentence in iked(8), and add a missing | Stefan Sperling |
| 2018-06-22 | Use __func__ in log_debug calls. | rob |
| 2018-06-11 | Fix an off-by-one line count when using include statements. | denis |
| 2018-04-26 | Plug leak in error case of the common 'varset' implementations. | Kenneth R Westerback |
| 2018-03-22 | The iked(8) fuzzer did not fuzz encrypted payloads. With that changed | Patrick Wildt |
| 2018-03-16 | Consistently spell "IPsec" in comments and debug outputs. | Martin Pieuchot |
| 2018-03-05 | Outsource enabling/disabling the DPD and keepalive timers for SAs into | Patrick Wildt |
| 2018-01-31 | Add support for specifying multiple transforms within a single proposal. | Patrick Wildt |
| 2018-01-24 | Implement support for specifying multiple proposals. This means we can | Patrick Wildt |
| 2017-12-23 | Since ikev2_init_recv() is supposed to only handle responses to an | Patrick Wildt |
| 2017-12-13 | getsockname(2) needs to be passed the length of the input struct. | Patrick Wildt |
| 2017-12-07 | Change the SA payload parser to parse more than the first proposal. This | Patrick Wildt |
| 2017-12-05 | When sending out a proposal we create an SA/SPI for the Child SAs if we | Patrick Wildt |
| 2017-12-04 | Remove duplicate check that never could execute because the exact same | Patrick Wildt |
| 2017-12-04 | Consistently log "malformed payload" instead of "payload malformed", and | Patrick Wildt |
| 2017-12-04 | Remove check that is now a duplicate due to recent refactoring. | Patrick Wildt |
| 2017-12-04 | The payloads are layered like onions, so you can validate one layer and | Patrick Wildt |
| 2017-12-04 | Initialize variable, otherwise the pointer might contain stack garbage. | Patrick Wildt |
| 2017-12-03 | If we wanted to send out more proposals than just one, we need to set a | Patrick Wildt |
| 2017-12-03 | The RFC specifies that to accept a proposal, we must select a transform | Patrick Wildt |
| 2017-12-01 | The RFC specifies that in an SA payload the proposals must be numbered | Patrick Wildt |
| 2017-12-01 | Turns out that, as specified in the RFC, the initial Child SA does not | Patrick Wildt |
| 2017-11-30 | Add support for rejecting IKE SA messages. This means that we can reply | Patrick Wildt |
| 2017-11-29 | Print_host is used mainly in printf style functions. So do not return NULL | Claudio Jeker |
| 2017-11-27 | Implement MOBIKE (RFC 4555) support in iked(8), with us acting as | Patrick Wildt |
| 2017-11-15 | Reset the OCSP URL on config reload. Otherwise we end up not being | Patrick Wildt |
| 2017-11-08 | Do not accept superfluous arguments. | Patrick Wildt |
| 2017-11-08 | For IPcomp we need to load explicit ESP-flows for the IPIP or IPCOMP | Patrick Wildt |
| 2017-10-30 | In the subjectAltName comparison, the bzero before the while-loop was | Patrick Wildt |
| 2017-10-27 | Support multiple subjectAltNames by trying each existing until there | Patrick Wildt |
| 2017-10-27 | In the final RFC 5903 the computation for the DH shared secret changed. | Patrick Wildt |
| 2017-08-28 | fix char ** to const char ** conversion warning; ok mikeb@ | Otto Moerbeek |
| 2017-07-19 | more depends gc / yacc rules overhaul | Marc Espie |
