| Age | Commit message (Expand) | Author |
|---|
| 2019-08-26 | Fix file descriptor leak due to popfile() never closing the main config file. | tobhe |
| 2019-02-13 | (unsigned) means (unsigned int) which on ptrdiff_t or size_t or other | Theo de Raadt |
| 2018-11-07 | sync cmdline_symset() changes with src/usr.sbin; OK sashan@ claudio@ | miko |
| 2018-11-01 | - odd condition/test in PF lexer | Alexandr Nedvedicky |
| 2018-07-11 | Do for most running out of memory err() what was done for most running | Kenneth R Westerback |
| 2018-07-09 | No need to mention which memory allocation entry point failed (malloc, | Kenneth R Westerback |
| 2018-07-08 | Be consistent in warn() and log_warn() usage when | Kenneth R Westerback |
| 2018-04-26 | Plug leak in error case of the common 'varset' implementations. | Kenneth R Westerback |
| 2017-10-27 | Support DH groups 19 to 21 and 25 to 30, just like iked(8) does. | Martin Pieuchot |
| 2017-04-19 | Rename all SA groups to bundles consistently. The first kernel | Alexander Bluhm |
| 2017-04-14 | Up to now ipsecctl(8) grouped SAs with identical src and dst to the | Alexander Bluhm |
| 2017-01-05 | Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ | Kenneth R Westerback |
| 2016-06-21 | do not allow whitespace in macro names, i.e. "this is" = "a variable". | Sebastian Benoit |
| 2015-12-09 | Remove plain DES encryption from IPsec. | Christian Weisgerber |
| 2015-11-04 | Decode Chacha20-Poly1305 when dumping SAs; ok reyk, naddy | Mike Belopuhov |
| 2015-06-03 | Do not assume that asprintf() clears the pointer on failure, which | Todd C. Miller |
| 2014-11-20 | Don't allow embedded nul characters in strings. | Jonathan Gray |
| 2014-11-04 | Add gcc format attributes to ipsecctl's parse.y. Also, fix a few format | Doug Hogan |
| 2014-01-22 | relax the cfg file secrecy check slightly to allow group readability | Henning Brauer |
| 2013-11-25 | use u_char for buffers in yylex, for ctype calls | Sebastian Benoit |
| 2013-11-22 | Whole bunch of (unsigned char) casts carefully added for ctype calls. | Theo de Raadt |
| 2012-07-10 | Rename "life" to "lifetime" to match iked. | Lawrence Teo |
| 2012-07-08 | Disallow manual security associations that use AES-CTR, AES-GCM, | Christian Weisgerber |
| 2012-07-07 | copy&paste mistake in error message | Christian Weisgerber |
| 2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
| 2011-12-20 | unsigned long should use "%lu" format; from eric lax, thanks | Mike Belopuhov |
| 2011-07-06 | For non-crypted flows (such as ipcomp and ipip), default their | Theo de Raadt |
| 2010-10-06 | Retire Skipjack | Mike Belopuhov |
| 2010-09-22 | Support AES-GCM-16 (as aes-gcm) and ENCR_NULL_AUTH_AES_GMAC | Mike Belopuhov |
| 2010-08-03 | fix linecount bug with comments spanning multiple lines | Henning Brauer |
| 2010-05-10 | Various comment typos. 'wether' -> 'whether' (most popular), 'possiblity' -> | Kenneth R Westerback |
| 2009-08-04 | Specify an ID-type of IPV4_ADDR or IPV6_ADDR if the srcid or dstid is | Joel Sing |
| 2009-03-31 | Fixed memory leaks which would occur if the second of two memory | Tobias Stoeckmann |
| 2009-01-30 | If the "peer" address is not specified or derived from "to" for | Alexander Bluhm |
| 2009-01-29 | After checking that peer == NULL do not assign peer = NULL a few | Alexander Bluhm |
| 2009-01-28 | Allow to specify ike and flow explicitly without peer. The any | Alexander Bluhm |
| 2009-01-20 | Add support to isakmpd(8) and ipsecctl(8) to install SA's with a | Marco Pfatschbacher |
| 2008-11-14 | When parsing v4 addresses mark them as network addresses | Hans-Joerg Hoexer |
| 2008-10-17 | findeol() fix from pfctl | Henning Brauer |
| 2008-07-01 | If a rules contains a hostname instead of an address, use the list | Alexander Bluhm |
| 2008-07-01 | If multiple to addresses but no peer are given in an ike or flow | Alexander Bluhm |
| 2008-06-14 | Move ike and flow peer selection to common function. | Alexander Bluhm |
| 2008-06-11 | trivial code simplification | Alexander Bluhm |
| 2008-04-11 | add support for the "include" directive using code from pfctl/parse.y. | Reyk Floeter |
| 2008-02-22 | Support for specifying aes-{128,192,256}. Originial idea by Prabhu | Hans-Joerg Hoexer |
| 2007-11-12 | Remove space/tab compression function from lgetc() and replace | Marco Pfatschbacher |
| 2007-10-22 | sync with daemon parser code. | Pierre-Yves Ritschard |
| 2007-10-16 | Allow '=' to end a number in all lexers. | Marco Pfatschbacher |
| 2007-10-16 | in the lex... even inside quotes, a \ followed by space or tab should | Theo de Raadt |
| 2007-10-13 | in all these programs using the same pfctl-derived parse.y, re-unify the | Theo de Raadt |
