Age | Commit message (Expand) | Author |
2006-03-31 | allow specification of encapsulated protocol for ike; ok hshoexer | Markus Friedl |
2006-03-31 | allow specification of encapsulated protocol for flows; ok hshoexer | Markus Friedl |
2006-03-31 | uppercase `ip'; | Jason McIntyre |
2006-03-30 | when resolving interface names to ip adresses, set netmask to all bits 1 | Hans-Joerg Hoexer |
2006-03-30 | allow specification of outer local ips in flows (SADB_EXT_ADDRESS_SRC); ok hs... | Markus Friedl |
2006-03-22 | add support for macros in ipsec.conf(5). some bits have already been | Reyk Floeter |
2006-03-20 | When being verbose while deleting ike rules (-dv), print deletions instead of | Hans-Joerg Hoexer |
2006-03-20 | When adding a connection, do not explicitly start that connection | Hans-Joerg Hoexer |
2006-03-07 | add support for special "bypass" and "deny" flows. | Reyk Floeter |
2006-03-07 | add an ike option for road warrior setups (hosts with dynamic ip | Reyk Floeter |
2006-02-21 | The new default encryption algorithm for main mode is AES instead of 3DES. | Hans-Joerg Hoexer |
2006-02-03 | override authentication tag as well; ok hshoexer@ | Christian Weisgerber |
2006-02-02 | Two fixes: generate default main mode config when using PSK, added missing | Hans-Joerg Hoexer |
2006-02-01 | noted by lint: include <string.h> instead of <strings.h>, add tow ARGSUSED1 | Hans-Joerg Hoexer |
2006-01-20 | initialize authtype->string in case of RSA to avoid bad free() | Christian Weisgerber |
2006-01-17 | wrap long lines (no binary change) | Reyk Floeter |
2006-01-17 | spacing | Theo de Raadt |
2006-01-17 | no , after last element in enum | Theo de Raadt |
2006-01-16 | add support for pre-shared keys with "ike esp" using the new keyword | Reyk Floeter |
2005-12-28 | no close() after fdopen(); ok hshoexer@ | Christian Weisgerber |
2005-12-28 | make sure isakmpd fifo is actually a fifo. | Hans-Joerg Hoexer |
2005-12-21 | Userland programs should include <errno.h> not <sys/errno.h> | Todd C. Miller |
2005-12-12 | use ARGSUSED1 here | Hans-Joerg Hoexer |
2005-12-12 | use err() instead of errx() | Hans-Joerg Hoexer |
2005-12-12 | Correctly copy interface names; fixes breakage noticed by naddy@ | Hans-Joerg Hoexer |
2005-12-06 | more appropriate error messages; ok hshoexer | Markus Friedl |
2005-12-06 | ipip support: ip-in-ip w/o gif(4); ok hshoexer | Markus Friedl |
2005-12-01 | spacing | Theo de Raadt |
2005-12-01 | do not choke and dump core when printing bypass flows. noticed by jacob | Hans-Joerg Hoexer |
2005-11-30 | handle that pfkey_ipsec_flush() can fail. | Hans-Joerg Hoexer |
2005-11-27 | sanity check constraints for transforms. | Hans-Joerg Hoexer |
2005-11-27 | truly permit auth/enc/comp expressions to be in any order | Theo de Raadt |
2005-11-26 | allow specficiation of encryption and authentication algorithms to be swapped. | Hans-Joerg Hoexer |
2005-11-24 | "hmac" not "hmc", notice by <gwyllion at ulyssis dot org> | Hans-Joerg Hoexer |
2005-11-24 | Make clear we only have "hmac-sha1" and "hmac-md5". | Hans-Joerg Hoexer |
2005-11-24 | Remove old-style keyed sha1/md5. We only support hmac-sha1/md5. | Hans-Joerg Hoexer |
2005-11-21 | Fix memory leaks. From Andrey Matveev <evol at online dot ptt dot ru>, | Hans-Joerg Hoexer |
2005-11-13 | spacing | Theo de Raadt |
2005-11-13 | fclose() file descriptor of the rule file when we are done with it. | Hans-Joerg Hoexer |
2005-11-12 | spacing | Hans-Joerg Hoexer |
2005-11-12 | add support for interface names as host specifications | Hans-Joerg Hoexer |
2005-11-12 | permit TO/FROM to be swapped (symmetry is good); ok hshoexermk | Theo de Raadt |
2005-11-12 | simplify TAILQ walking code; ok hshoexer | Theo de Raadt |
2005-11-12 | spacing | Theo de Raadt |
2005-11-12 | spacing | Theo de Raadt |
2005-11-12 | do not stat() before open(); instead -- use fstat(); ok hshoexer | Theo de Raadt |
2005-11-12 | handle transport/tunnel mode | Hans-Joerg Hoexer |
2005-11-06 | Improved address and address mask handling, derived from pfctl stuff. | Hans-Joerg Hoexer |
2005-11-06 | better handling of ip addresses, prepare for v6. Partially derived from diff | Hans-Joerg Hoexer |
2005-10-30 | - SEE ALSO is sorted by section first | Jason McIntyre |