| Age | Commit message (Expand) | Author |
|---|
| 2020-04-23 | Support SADB_X_EXT_RDOMAIN extension in pfkey dump (-m). | tobhe |
| 2020-02-16 | Quote variables in pf tag strings | kn |
| 2020-02-10 | briefly mention /etc/examples/ in the FILES section of all the | Ingo Schwarze |
| 2020-02-07 | Extend the ipsecctl(8) parser to set the udpencap flag and port | Alexander Bluhm |
| 2019-11-10 | Consistently use _rcctl enable foo_ in examples, it's simpler and less | Landry Breuil |
| 2019-08-26 | Fix file descriptor leak due to popfile() never closing the main config file. | tobhe |
| 2019-07-03 | snprintf/vsnprintf return < 0 on error, rather than -1. | Theo de Raadt |
| 2019-06-28 | When system calls indicate an error they return -1, not some arbitrary | Theo de Raadt |
| 2019-02-13 | (unsigned) means (unsigned int) which on ptrdiff_t or size_t or other | Theo de Raadt |
| 2018-11-07 | sync cmdline_symset() changes with src/usr.sbin; OK sashan@ claudio@ | miko |
| 2018-11-01 | - odd condition/test in PF lexer | Alexandr Nedvedicky |
| 2018-09-07 | Remove unnused af argument from unmask(), sync with pfctl | kn |
| 2018-08-28 | Display per-TDB counters in verbose mode. | Martin Pieuchot |
| 2018-07-11 | Do for most running out of memory err() what was done for most running | Kenneth R Westerback |
| 2018-07-10 | Include <sys/queue.h> instead of relying on kernel headers to include | Martin Pieuchot |
| 2018-07-09 | No need to mention which memory allocation entry point failed (malloc, | Kenneth R Westerback |
| 2018-07-08 | Be consistent in warn() and log_warn() usage when | Kenneth R Westerback |
| 2018-04-26 | Plug leak in error case of the common 'varset' implementations. | Kenneth R Westerback |
| 2018-04-17 | Document how to avoid isakmpd(8) source IP address pitfalls by using | Stefan Sperling |
| 2017-11-23 | in isakmpd(8), provide a hint: from scott cheloha | Jason McIntyre |
| 2017-11-20 | Support collapsing flow outputs. | Martin Pieuchot |
| 2017-10-27 | Support DH groups 19 to 21 and 25 to 30, just like iked(8) does. | Martin Pieuchot |
| 2017-04-19 | Rename all SA groups to bundles consistently. The first kernel | Alexander Bluhm |
| 2017-04-18 | use freezero() | Theo de Raadt |
| 2017-04-14 | Up to now ipsecctl(8) grouped SAs with identical src and dst to the | Alexander Bluhm |
| 2017-04-10 | Found another len += snprintf... | Theo de Raadt |
| 2017-03-02 | Now that the kernel provides information about IPsec SA bundles, | Alexander Bluhm |
| 2017-02-28 | Depending on the addresses, ipsecctl(8) automatically groups sa | Alexander Bluhm |
| 2017-01-05 | Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ | Kenneth R Westerback |
| 2016-06-21 | do not allow whitespace in macro names, i.e. "this is" = "a variable". | Sebastian Benoit |
| 2015-12-10 | Remove NULL-checks before free(). ok tb@ | mmcc |
| 2015-12-09 | Remove plain DES encryption from IPsec. | Christian Weisgerber |
| 2015-12-02 | remove unimplemented PF_KEY algorithms; ok sthen@ mpi@ mikeb@ | Christian Weisgerber |
| 2015-11-04 | Decode Chacha20-Poly1305 when dumping SAs; ok reyk, naddy | Mike Belopuhov |
| 2015-11-01 | replace "can not" with "cannot"; | Jason McIntyre |
| 2015-10-18 | Use explicit_bzero() when the memory is freed directly afterward. | mmcc |
| 2015-06-03 | Do not assume that asprintf() clears the pointer on failure, which | Todd C. Miller |
| 2015-05-25 | bump up the default Diffie-Hellman group to modp3072; ok mikeb@ djm@ | Christian Weisgerber |
| 2015-04-17 | Remove unsupported SADB_X_IDENTTYPE_CONNECTION; OK markus, hshoexer | Mike Belopuhov |
| 2015-04-14 | Remove support for storing credentials and auth information in the kernel. | Mike Belopuhov |
| 2015-02-28 | Reduce usage of predefined strings in manpages. | Anthony J. Bentley |
| 2015-01-16 | Replace <sys/param.h> with <limits.h> and other less dirty headers where | Theo de Raadt |
| 2015-01-10 | tell the truth about DES. | Igor Sobrado |
| 2015-01-02 | PFS stands for Perfect Forward Secrecy. | Igor Sobrado |
| 2014-12-28 | Unbreak the tree. Looks like tedu did not tedu enough when killing KPDK | Claudio Jeker |
| 2014-11-20 | Yet more #include de-duplication. | Kenneth R Westerback |
| 2014-11-20 | Don't allow embedded nul characters in strings. | Jonathan Gray |
| 2014-11-04 | Add gcc format attributes to ipsecctl's parse.y. Also, fix a few format | Doug Hogan |
| 2014-11-03 | simple conversion from select() to poll() | Theo de Raadt |
| 2014-03-19 | Unify ipsec.conf(5)'s copy of the text dealing with multiline comments, | Stuart Henderson |
