Age | Commit message (Expand) | Author |
2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
2011-10-20 | For NAT-T with transport mode, use the ISAKMP's SA addresses for the | YASUOKA Masahiko |
2010-09-22 | Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC | Mike Belopuhov |
2010-06-29 | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with | Reyk Floeter |
2010-03-04 | don't crash on invalid phase 2 IDs; from hshoexer; ok sthen@ | Markus Friedl |
2010-01-10 | only substract ISAKMP_ID_DATA_OFF once. otherwise 'buf' might overflow | Markus Friedl |
2009-01-29 | Improve logging: | Hans-Joerg Hoexer |
2009-01-20 | Add support to isakmpd(8) and ipsecctl(8) to install SA's with a | Marco Pfatschbacher |
2007-09-02 | use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsg | Theo de Raadt |
2007-07-31 | Use correct function name in log message. Noticed by Igor Zinovk | Hans-Joerg Hoexer |
2007-04-16 | There's no point in checking ptr for NULL before doing free(ptr) | Moritz Jodeit |
2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter |
2006-06-10 | support sha2 for main mode hmacs and aesctr for quick mode encryption. | Hans-Joerg Hoexer |
2006-06-09 | Allow for AH the use of the authentication algorithms added a while ago. | Christian Weisgerber |
2006-05-29 | Fix broken merge of patch. Pointed out by nathanael at polymorpheus dot com. | Ryan Thomas McBride |
2006-05-28 | Change the default replay window for SAs created by the isakmpd responder | Ryan Thomas McBride |
2005-09-23 | Provide UI commands to delete phase 1 SAs. | Hans-Joerg Hoexer |
2005-06-25 | /* Fallthrough. */ -> /* FALLTHROUGH */ | Hans-Joerg Hoexer |
2005-06-14 | add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947 | Hans-Joerg Hoexer |
2005-05-26 | Use TAILQ_FOREACH where possible, remove payload_last() | Hans-Joerg Hoexer |
2005-05-04 | clean up KEY_API() wrapper. | Hans-Joerg Hoexer |
2005-04-08 | get rid of sysdep_sa_len | Hans-Joerg Hoexer |
2005-04-08 | USE_DEBUG is bye bye | Theo de Raadt |
2005-04-08 | always enable aggressive, dpd, and isakmp_cfg | Theo de Raadt |
2005-04-08 | nat-traversal always | Theo de Raadt |
2005-04-08 | kill USE_OLD_SOCKADDR | Theo de Raadt |
2005-04-06 | knf, ok cloder | Theo de Raadt |
2005-04-05 | Always compile X509 support. Almost everyone uses it. Makes the code | Chad Loder |
2005-04-04 | spacing; ok cloder | Theo de Raadt |
2005-04-04 | fix byteorder confusion | Hans-Joerg Hoexer |
2005-03-29 | Always use network byte order when stuffing port numbers into IPSEC ID | Chad Loder |
2005-03-18 | Back out a possible bogus minor diff until we investigate what | Chad Loder |
2005-03-05 | Always use correct byte order when stuffing port numbers into packets. | Chad Loder |
2004-12-14 | Allow the Address, Network, or Netmask values of the <IPsec-ID> to be | Ryan Thomas McBride |
2004-09-17 | Missing #ifdefs. | Hakan Olsson |
2004-08-10 | Better implementation of the Dead Peer Detection protocol, RFC 3706. | Hakan Olsson |
2004-08-08 | spacing | Theo de Raadt |
2004-06-23 | Add commandline switch -a / config tag "Acquire-Only" to tell isakmpd to not | Hans-Joerg Hoexer |
2004-06-21 | Implement NAT-T keepalive messages. | Hakan Olsson |
2004-06-21 | style nit | Hakan Olsson |
2004-06-20 | Make the payload array in struct message dynamic, since we need to handle | Hakan Olsson |
2004-06-20 | NAT-Traversal for isakmpd. Work in progress... | Hakan Olsson |
2004-06-17 | Yet another bunch of memleask found and fixed by Patrick Latifi. Thanks! | Hans-Joerg Hoexer |
2004-06-16 | fix ipv6-address and ipv6-address-mask mixup. | Hans-Joerg Hoexer |
2004-06-14 | KNF, style, 80c, etc. hshoexer@ ok | Hakan Olsson |
2004-06-10 | Mark authenticated messages explicitly. Better check for authentication before | Hans-Joerg Hoexer |
2004-06-09 | Style nits. hshoexer@ ok | Hakan Olsson |
2004-05-23 | More KNF. Mainly spaces and line-wraps, no binary change. | Hans-Joerg Hoexer |
2004-05-19 | Permit symbolic protocol and service names, such as "Protocol= tcp", in the | Hakan Olsson |
2004-04-15 | partial move to KNF. More to come. This has happened because there | Theo de Raadt |