Age | Commit message (Expand) | Author |
2015-12-09 | Remove plain DES encryption from IPsec. | Christian Weisgerber |
2015-11-04 | Decode Chacha20-Poly1305 when dumping SAs; ok reyk, naddy | Mike Belopuhov |
2015-06-03 | Do not assume that asprintf() clears the pointer on failure, which | Todd C. Miller |
2014-11-20 | Don't allow embedded nul characters in strings. | Jonathan Gray |
2014-11-04 | Add gcc format attributes to ipsecctl's parse.y. Also, fix a few format | Doug Hogan |
2014-01-22 | relax the cfg file secrecy check slightly to allow group readability | Henning Brauer |
2013-11-25 | use u_char for buffers in yylex, for ctype calls | Sebastian Benoit |
2013-11-22 | Whole bunch of (unsigned char) casts carefully added for ctype calls. | Theo de Raadt |
2012-07-10 | Rename "life" to "lifetime" to match iked. | Lawrence Teo |
2012-07-08 | Disallow manual security associations that use AES-CTR, AES-GCM, | Christian Weisgerber |
2012-07-07 | copy&paste mistake in error message | Christian Weisgerber |
2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
2011-12-20 | unsigned long should use "%lu" format; from eric lax, thanks | Mike Belopuhov |
2011-07-06 | For non-crypted flows (such as ipcomp and ipip), default their | Theo de Raadt |
2010-10-06 | Retire Skipjack | Mike Belopuhov |
2010-09-22 | Support AES-GCM-16 (as aes-gcm) and ENCR_NULL_AUTH_AES_GMAC | Mike Belopuhov |
2010-08-03 | fix linecount bug with comments spanning multiple lines | Henning Brauer |
2010-05-10 | Various comment typos. 'wether' -> 'whether' (most popular), 'possiblity' -> | Kenneth R Westerback |
2009-08-04 | Specify an ID-type of IPV4_ADDR or IPV6_ADDR if the srcid or dstid is | Joel Sing |
2009-03-31 | Fixed memory leaks which would occur if the second of two memory | Tobias Stoeckmann |
2009-01-30 | If the "peer" address is not specified or derived from "to" for | Alexander Bluhm |
2009-01-29 | After checking that peer == NULL do not assign peer = NULL a few | Alexander Bluhm |
2009-01-28 | Allow to specify ike and flow explicitly without peer. The any | Alexander Bluhm |
2009-01-20 | Add support to isakmpd(8) and ipsecctl(8) to install SA's with a | Marco Pfatschbacher |
2008-11-14 | When parsing v4 addresses mark them as network addresses | Hans-Joerg Hoexer |
2008-10-17 | findeol() fix from pfctl | Henning Brauer |
2008-07-01 | If a rules contains a hostname instead of an address, use the list | Alexander Bluhm |
2008-07-01 | If multiple to addresses but no peer are given in an ike or flow | Alexander Bluhm |
2008-06-14 | Move ike and flow peer selection to common function. | Alexander Bluhm |
2008-06-11 | trivial code simplification | Alexander Bluhm |
2008-04-11 | add support for the "include" directive using code from pfctl/parse.y. | Reyk Floeter |
2008-02-22 | Support for specifying aes-{128,192,256}. Originial idea by Prabhu | Hans-Joerg Hoexer |
2007-11-12 | Remove space/tab compression function from lgetc() and replace | Marco Pfatschbacher |
2007-10-22 | sync with daemon parser code. | Pierre-Yves Ritschard |
2007-10-16 | Allow '=' to end a number in all lexers. | Marco Pfatschbacher |
2007-10-16 | in the lex... even inside quotes, a \ followed by space or tab should | Theo de Raadt |
2007-10-13 | in all these programs using the same pfctl-derived parse.y, re-unify the | Theo de Raadt |
2007-10-11 | next step in the yylex unification: handle quoted strings in a nicer fashion | Theo de Raadt |
2007-09-12 | Here too: Add support to the lex for parsing number out of the stream. | Hans-Joerg Hoexer |
2007-08-10 | duplicate strdup; ok hshoexer | Markus Friedl |
2007-07-03 | allow proto esp/ah in flow specification (especially useful for bypass flows) | Markus Friedl |
2007-05-10 | Do not crash when lists include the "any" keyword. Reported by | Hans-Joerg Hoexer |
2007-03-16 | move autodetection of the ID type to the parser. this way the | Markus Friedl |
2007-02-26 | Really, we don't need two grp18's ;-) | Todd T. Fries |
2007-02-19 | Bits for ESP+NULL encryption. This is useful, when AH can not be | Hans-Joerg Hoexer |
2007-02-19 | undo previous commit and keep the original behaviour of the parser. | Hans-Joerg Hoexer |
2007-02-16 | Do not accept '\n' in quoted strings. Addresses issues noticed by | Hans-Joerg Hoexer |
2007-01-10 | allow rule if there is at least _one_ matching address family combination. | Markus Friedl |
2007-01-04 | don't pass -1 as a netmask; report vicviq at gmail.com | Markus Friedl |
2007-01-02 | better support for IPv6 hostname/numeric representation. | Jun-ichiro itojun Hagino |