index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
sbin
/
iked
Age
Commit message (
Expand
)
Author
2014-04-14
Fix the following idiom in the following way:
Bret Lambert
2014-04-10
Add validation routines to ikev2_pld.c: For each payload type overall
Reyk Floeter
2014-03-12
don't leak an ibuf for each expired SA; ok mikeb@
Markus Friedl
2014-03-12
unbreak config-address w/o pool; ok mikeb@
Markus Friedl
2014-02-26
don't policy_ref an activate policy (policy_ref/unref are assymetrical),
Markus Friedl
2014-02-21
support rekeying for IPCOMP; ok mikeb@
Markus Friedl
2014-02-18
check the error from ikev2_cp_setaddr
Markus Friedl
2014-02-17
interpret 'config address net/prefix' as a pool of addresses and
Markus Friedl
2014-02-17
basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"'
Markus Friedl
2014-02-17
Fix compiler warnings in the format strings: use %zd for ssize_t and
Reyk Floeter
2014-02-14
remove unused function that distracts from cleaning up the imsg_flush() mess
Sebastian Benoit
2014-02-14
initial support for IPComp
Markus Friedl
2014-02-12
make sure to set the msg_responded flag on the original message; ok mikeb@
Markus Friedl
2014-01-24
re-lookup the policy as soon as we have the ID of the peer (destid)
Markus Friedl
2014-01-24
enable format-string checks for log_*(); ok mikeb
Markus Friedl
2014-01-24
make sure sa_lookup() can actually find SAs; ok mikeb
Markus Friedl
2014-01-24
don't leak prv RSA key for each signature; ok mikeb
Markus Friedl
2014-01-24
use a bit saner timer api
Mike Belopuhov
2014-01-22
implement DPD similar to isakmpd, but only send DPD-messages 'on-demand'
Markus Friedl
2014-01-22
relax the cfg file secrecy check slightly to allow group readability
Henning Brauer
2014-01-18
Remove -Wbounded: it is now the compiler default.
Martynas Venckus
2013-12-09
distingush between sa_msgid not set and 0; otherwise we start
Markus Friedl
2013-12-04
Use EVP_sha1 directly instead of doing the EVP_get_digestbyname lookup.
Mike Belopuhov
2013-12-03
never cast to sockaddr_storage, always cast to the abstract 'class' sockaddr
Markus Friedl
2013-11-28
mark replaced flows as 'not loaded'; this can happen if both
Markus Friedl
2013-11-28
don't leak duplicate flows; ok mikeb@
Markus Friedl
2013-11-28
drop duplicate requests
Markus Friedl
2013-11-28
document sa_msgid & sa_reqid; ok mikeb@
Markus Friedl
2013-11-28
sa_lookup: don't compare with sh_rspi if rspi is not set
Markus Friedl
2013-11-28
sa_new(): discard & free duplicate IKESAs; ok mibek@
Markus Friedl
2013-11-28
include hexdump in debug output only for -vvv; ok mikeb@
Markus Friedl
2013-11-28
support raw pubkey authentication w/o x509 certificates;
Markus Friedl
2013-11-25
use u_char for buffers in yylex, for ctype calls
Sebastian Benoit
2013-11-22
Whole bunch of (unsigned char) casts carefully added for ctype calls.
Theo de Raadt
2013-11-21
Make the bit string u_char * in print_bits(). In practice we
Todd C. Miller
2013-11-15
Cope with the EAGAIN API change for msgbuf_write()
Mike Belopuhov
2013-11-14
ignore messages for other daemons, like isakmpd does; ok mikeb
Markus Friedl
2013-11-14
setup pfkey timer before use; ok mikeb
Markus Friedl
2013-11-14
pass caller to ca_sslerror for better error messages; ok mikeb
Markus Friedl
2013-11-14
verify EC points; from hshoexer; ok mikeb
Markus Friedl
2013-11-14
not need to specify OBJDIR; ok mikeb
Markus Friedl
2013-11-01
altq -> new queue in examples
Henning Brauer
2013-10-24
no need for netinet/ip_var.h (and friends)
Theo de Raadt
2013-09-26
After some manipulations with the buffer, ike message header (hdr)
Mike Belopuhov
2013-07-16
Add missing .Mt macros for AUTHORS email addresses.
Ingo Schwarze
2013-06-29
do not use Sx for sections outwith the page;
Jason McIntyre
2013-06-13
Add support for protected-subnet config types.
Reyk Floeter
2013-05-22
Move the gmac/null ciphers to a different table block, clearly labelled as
Stuart Henderson
2013-03-30
Sync with latest IKEv2 Parameters from IANA. No functional change.
Reyk Floeter
2013-03-21
remove excessive includes
Theo de Raadt
[next]