summaryrefslogtreecommitdiff
path: root/sbin/ipsecctl
AgeCommit message (Expand)Author
2006-02-21The new default encryption algorithm for main mode is AES instead of 3DES.Hans-Joerg Hoexer
2006-02-03override authentication tag as well; ok hshoexer@Christian Weisgerber
2006-02-02Two fixes: generate default main mode config when using PSK, added missingHans-Joerg Hoexer
2006-02-01noted by lint: include <string.h> instead of <strings.h>, add tow ARGSUSED1Hans-Joerg Hoexer
2006-01-20initialize authtype->string in case of RSA to avoid bad free()Christian Weisgerber
2006-01-17wrap long lines (no binary change)Reyk Floeter
2006-01-17spacingTheo de Raadt
2006-01-17no , after last element in enumTheo de Raadt
2006-01-16add support for pre-shared keys with "ike esp" using the new keywordReyk Floeter
2005-12-28no close() after fdopen(); ok hshoexer@Christian Weisgerber
2005-12-28make sure isakmpd fifo is actually a fifo.Hans-Joerg Hoexer
2005-12-21Userland programs should include <errno.h> not <sys/errno.h>Todd C. Miller
2005-12-12use ARGSUSED1 hereHans-Joerg Hoexer
2005-12-12use err() instead of errx()Hans-Joerg Hoexer
2005-12-12Correctly copy interface names; fixes breakage noticed by naddy@Hans-Joerg Hoexer
2005-12-06more appropriate error messages; ok hshoexerMarkus Friedl
2005-12-06ipip support: ip-in-ip w/o gif(4); ok hshoexerMarkus Friedl
2005-12-01spacingTheo de Raadt
2005-12-01do not choke and dump core when printing bypass flows. noticed by jacobHans-Joerg Hoexer
2005-11-30handle that pfkey_ipsec_flush() can fail.Hans-Joerg Hoexer
2005-11-27sanity check constraints for transforms.Hans-Joerg Hoexer
2005-11-27truly permit auth/enc/comp expressions to be in any orderTheo de Raadt
2005-11-26allow specficiation of encryption and authentication algorithms to be swapped.Hans-Joerg Hoexer
2005-11-24"hmac" not "hmc", notice by <gwyllion at ulyssis dot org>Hans-Joerg Hoexer
2005-11-24Make clear we only have "hmac-sha1" and "hmac-md5".Hans-Joerg Hoexer
2005-11-24Remove old-style keyed sha1/md5. We only support hmac-sha1/md5.Hans-Joerg Hoexer
2005-11-21Fix memory leaks. From Andrey Matveev <evol at online dot ptt dot ru>,Hans-Joerg Hoexer
2005-11-13spacingTheo de Raadt
2005-11-13fclose() file descriptor of the rule file when we are done with it.Hans-Joerg Hoexer
2005-11-12spacingHans-Joerg Hoexer
2005-11-12add support for interface names as host specificationsHans-Joerg Hoexer
2005-11-12permit TO/FROM to be swapped (symmetry is good); ok hshoexermkTheo de Raadt
2005-11-12simplify TAILQ walking code; ok hshoexerTheo de Raadt
2005-11-12spacingTheo de Raadt
2005-11-12spacingTheo de Raadt
2005-11-12do not stat() before open(); instead -- use fstat(); ok hshoexerTheo de Raadt
2005-11-12handle transport/tunnel modeHans-Joerg Hoexer
2005-11-06Improved address and address mask handling, derived from pfctl stuff.Hans-Joerg Hoexer
2005-11-06better handling of ip addresses, prepare for v6. Partially derived from diffHans-Joerg Hoexer
2005-10-30- SEE ALSO is sorted by section firstJason McIntyre
2005-10-30prepare for more flexible hostname resolver. Right now just v4, more to comeHans-Joerg Hoexer
2005-10-30Xr ipcomp, sort "SEE ALSO" sectionHans-Joerg Hoexer
2005-10-30describe ipcompHans-Joerg Hoexer
2005-10-30add support for ipcomp.Hans-Joerg Hoexer
2005-10-28more error message cleanupHans-Joerg Hoexer
2005-10-17parse correctly flows using ipcomp. Glitch noticed by jared rr spiegel.Hans-Joerg Hoexer
2005-10-16Prepare for better host specification parser: dns names, interfaces, etc. ButHans-Joerg Hoexer
2005-10-16Unset debug flag.Hans-Joerg Hoexer
2005-10-16Add keyword "any" for addresses, reduces to "0.0.0.0/0".Hans-Joerg Hoexer
2005-10-16cleanup messages generated by err(3)Hans-Joerg Hoexer
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-20 19:37:08 +0000