Age | Commit message (Expand) | Author |
2006-06-18 | add group "none"; when choosen, pfs will be disabled. | Hans-Joerg Hoexer |
2006-06-16 | add a missing "force" | Hans-Joerg Hoexer |
2006-06-16 | report the correct line number on an error. Noticed by david@ | Hans-Joerg Hoexer |
2006-06-15 | be careful when touch the peer component of a rule. It is not | Hans-Joerg Hoexer |
2006-06-14 | recover list of key sizes from vpn(8); suggested by markus@, ok hshoexer@ | Christian Weisgerber |
2006-06-13 | For IKE, allow main mode SHA2 and quick mode AESCTR transforms, | Christian Weisgerber |
2006-06-12 | Fix a typo that prevented ipsecctl -ss from showing authentication | Christian Weisgerber |
2006-06-11 | the default encryption algorithm with static keying is AES-CBC now; ok hshoexer@ | Christian Weisgerber |
2006-06-11 | As naddy@ pointed out RFC 3686 discourages use of AESCTR for static | Hans-Joerg Hoexer |
2006-06-11 | Adopt to recent changes (mopd3072 is not the default anymore). | Hans-Joerg Hoexer |
2006-06-10 | Better error message when a key file can not be opened or the provided key is | Hans-Joerg Hoexer |
2006-06-10 | switch back to original defaults regarding DH groups. modp3072 is to | Hans-Joerg Hoexer |
2006-06-10 | knf & careful data freeing, regression tested by todd | Theo de Raadt |
2006-06-09 | simplify previous; | Jason McIntyre |
2006-06-08 | fix usage, make synopsis more pretty. noticed by david@ | Hans-Joerg Hoexer |
2006-06-08 | fix some indentation, noticed by david@ | Hans-Joerg Hoexer |
2006-06-08 | Add a transport mode specifier to ike rules. Tunnel mode remains the default. | Christian Weisgerber |
2006-06-08 | allocate enough storage via sockaddr_storage for sockaddr_in6, | Todd T. Fries |
2006-06-08 | Fix a typo: When testing for quick mode lifetimes, make sure to | Hans-Joerg Hoexer |
2006-06-08 | turns out this really doesn't break what is in the tree; ok hshoexer@ | Todd T. Fries |
2006-06-07 | make sure, we initialize unspecified keys and spis. Noticed by | Hans-Joerg Hoexer |
2006-06-07 | Do not yet expand the "any" keyword to v6 addresses. ok todd@ | Hans-Joerg Hoexer |
2006-06-07 | remove unused prototype, ok todd@ | Hans-Joerg Hoexer |
2006-06-02 | correct spelling of specified | David Krause |
2006-06-02 | exit(2) when loading of rules did work partially. ok markus@ | Hans-Joerg Hoexer |
2006-06-02 | document port modifiers in ike rules | Christian Weisgerber |
2006-06-02 | support tcp/udp port modifiers in ike rules | Christian Weisgerber |
2006-06-02 | print full information about tcpmd5 and ipcomp SAs, too | Markus Friedl |
2006-06-02 | add trailing \ when printing multiple lines for an SA, this way | Markus Friedl |
2006-06-02 | mark up keywords using .Ic; ok hshoexer | Jason McIntyre |
2006-06-02 | allow to specify phase 1 and 2 lifetimes. Right now, these values | Hans-Joerg Hoexer |
2006-06-02 | simplify handling of peers. | Hans-Joerg Hoexer |
2006-06-02 | some more cleanup and simplification, no functional change. | Hans-Joerg Hoexer |
2006-06-02 | put src and dst host in dedicated structure. Make the API more | Hans-Joerg Hoexer |
2006-06-02 | tiny style cleanup and white spaces | Hans-Joerg Hoexer |
2006-06-02 | fix the formatting for sadb_register messages in monitor mode. | Mathieu Sauve-Frankel |
2006-06-02 | Simplify main/quick mode parsing and generation of the actual ike config. | Hans-Joerg Hoexer |
2006-06-02 | Generalize parsing of main/quick mode specification. Preparation | Hans-Joerg Hoexer |
2006-06-02 | Prepare for parsing lifetimes for ike main and quick mode. Not enabled yet. | Hans-Joerg Hoexer |
2006-06-01 | Final bits for SA grouping. | Hans-Joerg Hoexer |
2006-06-01 | pfkey bits needed for SA grouping | Hans-Joerg Hoexer |
2006-06-01 | address has two `d', and i had to use a dictionary to check ;) | Jason McIntyre |
2006-06-01 | document port matching in flows; ok hshoexer@ | Christian Weisgerber |
2006-06-01 | change the local-ID section name to always be unique as we may want to use mo... | Mathieu Sauve-Frankel |
2006-06-01 | Support flows with port modifiers for proto tcp/udp, e.g. | Christian Weisgerber |
2006-06-01 | more to free, needed for SA grouping. | Hans-Joerg Hoexer |
2006-06-01 | convert pfkey to ipsec_rule and use ipsecctl_print_rule() when dumping | Markus Friedl |
2006-06-01 | Add members dst2, proto2 and spi2 to struct ipsec_rule and define | Hans-Joerg Hoexer |
2006-06-01 | Prepare for SA grouping. | Hans-Joerg Hoexer |
2006-06-01 | print actual key size when warning about the wrong key size; ok hshoexer | Markus Friedl |