| Age | Commit message (Expand) | Author |
|---|
| 2024-02-06 | Tweak previous. Passing "dns" to pledge(2) is suitable for the purpose. | YASUOKA Masahiko |
| 2024-01-29 | Open /etc/{services,protocols} before pledge(2). | YASUOKA Masahiko |
| 2023-10-10 | Print at most pkgsize - hdrsize bytes for pfkey tag and identity to | Tobias Heider |
| 2023-10-09 | Add pledge("stdio") before parsing pfkey messages. This applies to | Tobias Heider |
| 2023-08-07 | add support route based ipsec vpn negotiation with sec(4) via isakmpd. | David Gwynne |
| 2023-04-19 | remove duplicate includes | Jonathan Gray |
| 2023-03-07 | Delete obsolete /* ARGSUSED1 */ lint comments. | Philip Guenther |
| 2022-06-25 | Use in_addr for AF_INET. | mbuhl |
| 2022-02-04 | Fix another instance of incorrect capitalization of ChaCha20. | Theo Buehler |
| 2021-11-04 | Tweaks (improve previous commit) | YASUOKA Masahiko |
| 2021-11-04 | Clarify "aes" will accept keys which length is in 128:256 bits. Also | YASUOKA Masahiko |
| 2021-10-22 | After deleting hifn(4) the only provider for the LZS compression | Alexander Bluhm |
| 2021-10-15 | Don't declare variables as "unsigned char *" that are passed to | Christian Weisgerber |
| 2021-07-14 | Export SA replay counters via pfkey and print with ipsecctl. | tobhe |
| 2021-07-05 | Print SA MTU if included in pfkey message. | tobhe |
| 2020-12-29 | getifaddrs() can return entries where ifa_addr is NULL. Check for this | Sebastian Benoit |
| 2020-11-05 | Enable support for ASN1_DN ipsec identifiers. | Peter Hessler |
| 2020-06-01 | Fix "comparison of integers of different signs" warning. | tobhe |
| 2020-04-23 | Support SADB_X_EXT_RDOMAIN extension in pfkey dump (-m). | tobhe |
| 2020-02-16 | Quote variables in pf tag strings | kn |
| 2020-02-10 | briefly mention /etc/examples/ in the FILES section of all the | Ingo Schwarze |
| 2020-02-07 | Extend the ipsecctl(8) parser to set the udpencap flag and port | Alexander Bluhm |
| 2019-11-10 | Consistently use _rcctl enable foo_ in examples, it's simpler and less | Landry Breuil |
| 2019-08-26 | Fix file descriptor leak due to popfile() never closing the main config file. | tobhe |
| 2019-07-03 | snprintf/vsnprintf return < 0 on error, rather than -1. | Theo de Raadt |
| 2019-06-28 | When system calls indicate an error they return -1, not some arbitrary | Theo de Raadt |
| 2019-02-13 | (unsigned) means (unsigned int) which on ptrdiff_t or size_t or other | Theo de Raadt |
| 2018-11-07 | sync cmdline_symset() changes with src/usr.sbin; OK sashan@ claudio@ | miko |
| 2018-11-01 | - odd condition/test in PF lexer | Alexandr Nedvedicky |
| 2018-09-07 | Remove unnused af argument from unmask(), sync with pfctl | kn |
| 2018-08-28 | Display per-TDB counters in verbose mode. | Martin Pieuchot |
| 2018-07-11 | Do for most running out of memory err() what was done for most running | Kenneth R Westerback |
| 2018-07-10 | Include <sys/queue.h> instead of relying on kernel headers to include | Martin Pieuchot |
| 2018-07-09 | No need to mention which memory allocation entry point failed (malloc, | Kenneth R Westerback |
| 2018-07-08 | Be consistent in warn() and log_warn() usage when | Kenneth R Westerback |
| 2018-04-26 | Plug leak in error case of the common 'varset' implementations. | Kenneth R Westerback |
| 2018-04-17 | Document how to avoid isakmpd(8) source IP address pitfalls by using | Stefan Sperling |
| 2017-11-23 | in isakmpd(8), provide a hint: from scott cheloha | Jason McIntyre |
| 2017-11-20 | Support collapsing flow outputs. | Martin Pieuchot |
| 2017-10-27 | Support DH groups 19 to 21 and 25 to 30, just like iked(8) does. | Martin Pieuchot |
| 2017-04-19 | Rename all SA groups to bundles consistently. The first kernel | Alexander Bluhm |
| 2017-04-18 | use freezero() | Theo de Raadt |
| 2017-04-14 | Up to now ipsecctl(8) grouped SAs with identical src and dst to the | Alexander Bluhm |
| 2017-04-10 | Found another len += snprintf... | Theo de Raadt |
| 2017-03-02 | Now that the kernel provides information about IPsec SA bundles, | Alexander Bluhm |
| 2017-02-28 | Depending on the addresses, ipsecctl(8) automatically groups sa | Alexander Bluhm |
| 2017-01-05 | Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ | Kenneth R Westerback |
| 2016-06-21 | do not allow whitespace in macro names, i.e. "this is" = "a variable". | Sebastian Benoit |
| 2015-12-10 | Remove NULL-checks before free(). ok tb@ | mmcc |
| 2015-12-09 | Remove plain DES encryption from IPsec. | Christian Weisgerber |
