summaryrefslogtreecommitdiff
path: root/sbin/iked
AgeCommit message (Expand)Author
2016-09-26Pass the flags argument of recvfromto down to the underlying recvmsgJeremie Courreges-Anglas
2016-09-13Disable the timer event before attempting to change itMike Belopuhov
2016-09-04Forward IMSG_CTL_VERBOSE via the parent; this fixes a crash when doingReyk Floeter
2016-09-04Now that we have IP_SENDSRCADDR, add sendtofrom().Vincent Gross
2016-09-03Add the missing bits to have NAT on enc(4) support in iked.Vincent Gross
2016-08-06Unbreak PSK authentication, broken by previous.Pascal Stumpf
2016-07-20When parsing the configuration. initialize the auth structureReyk Floeter
2016-06-21do not allow whitespace in macro names, i.e. "this is" = "a variable".Sebastian Benoit
2016-06-02Use the last 32-bits of the IPv6 address to dynamically assignPatrick Wildt
2016-06-01Implement a second address pool specifically for IPv6, so thatPatrick Wildt
2016-06-01ikev2_cp_fixaddr() is called to replace unspecified (e.g. 0.0.0.0)Patrick Wildt
2016-03-07http -> https for IETF/IANA URLs in commentsmmcc
2016-01-27fyx typo. s,dynanic,dynamic,Gleydson Soares
2015-12-10comment typommcc
2015-12-09Remove plain DES encryption from IPsec.Christian Weisgerber
2015-12-07Add imsg "peerid" to debug messages (only within -DDEBUG).Reyk Floeter
2015-12-07Sync proc.c, use shorter proc_compose[v]()Reyk Floeter
2015-12-07sync with vmdReyk Floeter
2015-12-05EAGAIN handling for imsg_read. OK henning@ benno@Claudio Jeker
2015-12-02remove unimplemented PF_KEY algorithms; ok sthen@ mpi@ mikeb@Christian Weisgerber
2015-11-23Replace socket_set_blockmode() and fcntl(fd, F_SETFL, O_NONBLOCK) callsReyk Floeter
2015-11-22Update log.c: change fatal() and fatalx() into variadic functions,Reyk Floeter
2015-11-21Once again, fix the license text. After many years, we just cannotReyk Floeter
2015-11-21Move local logging functions to util.c (which is shared with ikectl),Reyk Floeter
2015-11-19Simplify all instances of get_string() and get_data() using malloc() andmmcc
2015-11-18pledge exposed a simple bug: the unprivileged child tried to print theReyk Floeter
2015-11-04Support Chacha20-Poly1305 for Child SAs; ok reykMike Belopuhov
2015-11-01replace "can not" with "cannot";Jason McIntyre
2015-10-31pastoChristian Weisgerber
2015-10-31RFC4754 specifies ECDSA-521 (sic), not -512. ok reyk@Christian Weisgerber
2015-10-23push LDSTATIC line down so it's not overridden by makefile.inc. ok reykTed Unangst
2015-10-22iked hereby pledges that it will run with restricted systemReyk Floeter
2015-10-22Stop linking iked -static: It was inherited from isakmpd that isReyk Floeter
2015-10-20Fix ocsp by adding a missing TAILQ_INIT().Reyk Floeter
2015-10-19break long lines in examples; ok jmc@Christian Weisgerber
2015-10-19Fix control_imsg_forward() by changing imsg_compose() toReyk Floeter
2015-10-19Remove the ikev1 stub - Since I started iked, it has an empty privsepReyk Floeter
2015-10-15Remove some unnecessary NULL-checks before free(). Change two bzero()mmcc
2015-10-02Curve25519 is now specified in draft-ietf-ipsecme-safecurves-00 (alongReyk Floeter
2015-10-02RFC7634 specifies ChaCha20-Poly1305 for IKEv2 and IPsec and IANAReyk Floeter
2015-10-02Remove MD5 from the default proposals. At least SHA1 seems to be theReyk Floeter
2015-10-02If the policy certreqtype is 0, use the global one instead.Reyk Floeter
2015-10-01Don't reject an "empty" CERTREQ (one with no CA hashes), instead treat it asStuart Henderson
2015-10-01Fix interoperability with Apple iOS9: If we don't get a (valid)Reyk Floeter
2015-08-26use 0xffff not 0xfffff for a 16 bit port constantJonathan Gray
2015-08-21Switch iked to C99-style fixed-width integer types.Reyk Floeter
2015-08-19Add missing OpenBSD CVS tag - no binary changeReyk Floeter
2015-08-19spacing (no binary change, verified with checksums)Reyk Floeter
2015-07-17Assign correct destination port value for the destination netmask.Mike Belopuhov
2015-07-14clarification from trondd;Jason McIntyre
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 19:46:18 +0000