| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2005-12-06 | more appropriate error messages; ok hshoexer | Markus Friedl | |
| 2005-12-06 | ipip support: ip-in-ip w/o gif(4); ok hshoexer | Markus Friedl | |
| 2005-12-01 | spacing | Theo de Raadt | |
| 2005-12-01 | do not choke and dump core when printing bypass flows. noticed by jacob | Hans-Joerg Hoexer | |
| schlyter. Thanks! | |||
| 2005-11-30 | handle that pfkey_ipsec_flush() can fail. | Hans-Joerg Hoexer | |
| 2005-11-27 | sanity check constraints for transforms. | Hans-Joerg Hoexer | |
| ok deraadt@ | |||
| 2005-11-27 | truly permit auth/enc/comp expressions to be in any order | Theo de Raadt | |
| hshoexer will add back in the contraint language | |||
| 2005-11-26 | allow specficiation of encryption and authentication algorithms to be swapped. | Hans-Joerg Hoexer | |
| Ie. both "enc 3des-cbc auth hmac-sha1" and " auth hmac-sha1 enc 3des-cbc" are valid. | |||
| 2005-11-24 | "hmac" not "hmc", notice by <gwyllion at ulyssis dot org> | Hans-Joerg Hoexer | |
| 2005-11-24 | Make clear we only have "hmac-sha1" and "hmac-md5". | Hans-Joerg Hoexer | |
| 2005-11-24 | Remove old-style keyed sha1/md5. We only support hmac-sha1/md5. | Hans-Joerg Hoexer | |
| Noticed the hard way by <raff at brodewicz dot pl> | |||
| 2005-11-21 | Fix memory leaks. From Andrey Matveev <evol at online dot ptt dot ru>, | Hans-Joerg Hoexer | |
| thanks! | |||
| 2005-11-13 | spacing | Theo de Raadt | |
| 2005-11-13 | fclose() file descriptor of the rule file when we are done with it. | Hans-Joerg Hoexer | |
| From David Hill <dhill at mindcry dot org>, thanks! | |||
| 2005-11-12 | spacing | Hans-Joerg Hoexer | |
| 2005-11-12 | add support for interface names as host specifications | Hans-Joerg Hoexer | |
| 2005-11-12 | permit TO/FROM to be swapped (symmetry is good); ok hshoexermk | Theo de Raadt | |
| 2005-11-12 | simplify TAILQ walking code; ok hshoexer | Theo de Raadt | |
| 2005-11-12 | spacing | Theo de Raadt | |
| 2005-11-12 | spacing | Theo de Raadt | |
| 2005-11-12 | do not stat() before open(); instead -- use fstat(); ok hshoexer | Theo de Raadt | |
| 2005-11-12 | handle transport/tunnel mode | Hans-Joerg Hoexer | |
| 2005-11-06 | Improved address and address mask handling, derived from pfctl stuff. | Hans-Joerg Hoexer | |
| 2005-11-06 | better handling of ip addresses, prepare for v6. Partially derived from diff | Hans-Joerg Hoexer | |
| by todd@. Work in progress. | |||
| 2005-10-30 | - SEE ALSO is sorted by section first | Jason McIntyre | |
| - new sentence, new line | |||
| 2005-10-30 | prepare for more flexible hostname resolver. Right now just v4, more to come | Hans-Joerg Hoexer | |
| (if groups, v6, dns). | |||
| 2005-10-30 | Xr ipcomp, sort "SEE ALSO" section | Hans-Joerg Hoexer | |
| 2005-10-30 | describe ipcomp | Hans-Joerg Hoexer | |
| 2005-10-30 | add support for ipcomp. | Hans-Joerg Hoexer | |
| 2005-10-28 | more error message cleanup | Hans-Joerg Hoexer | |
| 2005-10-17 | parse correctly flows using ipcomp. Glitch noticed by jared rr spiegel. | Hans-Joerg Hoexer | |
| 2005-10-16 | Prepare for better host specification parser: dns names, interfaces, etc. But | Hans-Joerg Hoexer | |
| for now, just ipv4. Derived from pfctl(8). | |||
| 2005-10-16 | Unset debug flag. | Hans-Joerg Hoexer | |
| 2005-10-16 | Add keyword "any" for addresses, reduces to "0.0.0.0/0". | Hans-Joerg Hoexer | |
| 2005-10-16 | cleanup messages generated by err(3) | Hans-Joerg Hoexer | |
| 2005-09-23 | - beef up DESCRIPTION | Jason McIntyre | |
| - document that paths to key files may be relative or absolute - reference vpn(8) in SEE ALSO most of this diff came about from a mail from benjamin pineau who mailed hshoexer and myself about some possible improvements to this file; ok hshoexer@ | |||
| 2005-09-23 | Remove some uncommented section headers from the template man page (RETURN | Hans-Joerg Hoexer | |
| VALUES, BUGS, CAVEATS,...). While there, add HISTORY section. | |||
| 2005-09-22 | use "force" keyword when adding to Phase 1 section, otherwise isakmpd will | Hans-Joerg Hoexer | |
| write some annyoing warning to the logs... | |||
| 2005-09-20 | add an entry to "Phase 1" section for each remote peer. | Hans-Joerg Hoexer | |
| 2005-09-20 | add a "Connection=..." entry for active connections | Hans-Joerg Hoexer | |
| 2005-09-19 | grammar; | Jason McIntyre | |
| from benjamin pineau; ok hshoexer@ | |||
| 2005-08-23 | grammar + formatting tweaks; | Jason McIntyre | |
| 2005-08-22 | document recent changes | Hans-Joerg Hoexer | |
| ok deraadt | |||
| 2005-08-22 | Teach ipsecctl to control isakmpd. | Hans-Joerg Hoexer | |
| ok deraadt | |||
| 2005-08-22 | spelling | David Krause | |
| 2005-08-19 | more useful error message | Hans-Joerg Hoexer | |
| 2005-08-11 | document recent changes, with jmc@ | Hans-Joerg Hoexer | |
| 2005-08-10 | - typo | Jason McIntyre | |
| - generate a backslash using `\e', not `\\' | |||
| 2005-08-09 | Document how to read keys from a file. | Hans-Joerg Hoexer | |
| 2005-08-09 | Rewrite handling of transforms. Now both ah and esp can be specified and | Hans-Joerg Hoexer | |
| validated correctly. Unbreaks ah. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |