src - OpenBSD base system

Age	Commit message (Collapse)	Author
2006-09-15	Remove "Delete-SAs" config option. This was needed for interaction	Hans-Joerg Hoexer
	with sasyncd(8). Now sasyncd(8) controls isakmpd(8) regarding SA deletion so this option is obsolete. ok mpf jmc
2006-08-30	Make SA deletion on shutdown the default again. Use -S for failover	Hans-Joerg Hoexer
	situations where you do not want this. Discussed and agreed on with ho, mcbride, markus, cloder,... We will have to teach sasyncd to deal with this. Testing by msf and hshoexer with help from mtu ok markus cloder
2006-06-11	Document AESCTR for quick mode and SHA2-* for main mode. Help by jmc.	Hans-Joerg Hoexer
	ok jmc@
2006-06-11	tweaks;	Jason McIntyre

2006-06-10	Document -S and the "Delete-SAs" tag. Those will enable SA deletion	Hans-Joerg Hoexer
	on shutdown.
2006-06-10	Allow isakmpd to use a different private rsa key per isakmp ID. Hans wrote ↵	Mathieu Sauve-Frankel
	this a long time ago, I synced it to -current and tested. ok hshoexer@
2006-05-27	document modp3072.	Hans-Joerg Hoexer

2006-05-26	ipsectl -> ipsecctl	Jason McIntyre

2006-05-26	vpn.8 removal;	Jason McIntyre

2006-05-26	let us not talk about ipsecadm and vpn anymore; ok reyk	Theo de Raadt

2005-10-06	improve examples and show how to use KEY_LENGTH. Slightly different fix than	Hans-Joerg Hoexer
	proposed by sthen at spacehopper dot org, fixes pr 4522, thanks! ok and with jmc@
2005-08-23	`DSS' is unsupported, so remove references to it;	Jason McIntyre
	ok hshoexer@
2005-06-11	grammar;	Jason McIntyre

2005-05-31	certpatch is gone, noticed by david@	Hans-Joerg Hoexer

2005-05-23	Mention interface names can be used in Listen-on. OK hshoexer	Chad Loder

2005-05-12	add some missing section descriptions to make this page a little	Jason McIntyre
	easier to read; ok hshoexer@
2005-05-05	alphabetically order options within sections;	Jason McIntyre
	discussed w/ hshoexer@
2005-05-05	this is not a separate list item;	Jason McIntyre
	ok hshoexer@
2005-05-05	first stab at making this page easier to read:	Jason McIntyre
	various grammar/mdoc fixes;
2005-04-06	Check-interval and DPD-check-interval are specified in seconds.	Chad Loder

2005-02-22	fix wrong line break in comment.	Moritz Jodeit
	ok hshoexer@
2005-01-05	kill whitespace;	Jason McIntyre

2005-01-05	Discourage using aggressive mode.	Hans-Joerg Hoexer
	ok and some help ho@
2004-12-14	Allow the Address, Network, or Netmask values of the <IPsec-ID> to be	Ryan Thomas McBride
	specified with an interface name (in which case the first address is used) or the keyword 'default' (in which case the address is selected based on the default route). eg: [roadwarrior-ip] ID-type= IPV4_ADDR Address= default ok ho@ hshoexer@
2004-08-10	Better implementation of the Dead Peer Detection protocol, RFC 3706.	Hakan Olsson
	hshoexer@ ok.
2004-07-08	typo, and line adjustment;	Jason McIntyre

2004-07-07	document -a/-K and "Acquire-Only"/"Use-Keynote".	Hans-Joerg Hoexer
	ok markus@ henning@ ho@ english polish and mdoc help and ok jmc@
2004-06-26	new sentence, new line;	Jason McIntyre

2004-06-21	Describe the [Default]:NAT-T-Keepalive configuration parameter.	Hakan Olsson

2004-02-27	Add group 14 (modp2048) to predefined suites. Manpage also updated.	Hans-Joerg Hoexer
	ok ho@
2004-02-26	tweak;	Jason McIntyre
	ok hshoexer@
2004-02-25	Add and document configuration options Logverbose and Loglevel. As log.c now	Hans-Joerg Hoexer
	depends on conf.c and some regression tests use log.c, add conf.c to Makefiles where necessary. ok ho@
2003-11-05	PFS: Perfect Forward Secrecy (RFC 2409);	Jason McIntyre
	from misc@ and ok markus@
2003-08-28	support AES in phase 1, too. switch to OpenSSL EVP interface;	Markus Friedl
	with Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@
2003-08-09	new sentence, new line + small cleanup;	Jason McIntyre
	ok ho@
2003-07-25	add sha2 support; ok ho@	Markus Friedl

2003-07-09	- remove some .Ss's that worked around the old blank line bug	Jason McIntyre
	- remove some unnecessary .Pp's - mdoc a list ok ho@
2003-06-03	Remove clauses 3 and 4. With approval from Niklas Hallqvist and	Hakan Olsson
	Niels Provos.
2003-06-03	- section reorder	Jason McIntyre
	- some mdoc fixes
2003-05-17	tweak;	Jason McIntyre
	ok ho@
2003-05-16	If the "Renegotiate-on-HUP" tag is defined in the [General] section, a	Hakan Olsson
	HUP signal (or "R" to the FIFO) will also renegotiate all Phase 2 SAs, i.e all connections. ok niklas@, tested and ok kjell@.
2003-05-10	typos;	Jason McIntyre

2003-03-21	document [initiator-id] section; richb@timestone.com.au; ok ho@, jmc@	Markus Friedl

2003-03-06	.Xr typos;	Jason McIntyre
	ok deraadt@
2003-03-03	Re-add the BUGS section; the RFCs still do not permit differing DH groups	Hakan Olsson
	in the same proposal. This time, mention that this also applies to mixing PFS and non-PFS suites.
2003-02-22	Clarify some language, grammar. ho@ okayed this many moons ago,	Kjell Wooding
	and I forgot all about it.
2003-01-19	typos; jmc@prioris.mini.pw.edu.pl	Theo de Raadt

2003-01-09	Document the various "default" settings. Some style and alphabetical	Hakan Olsson
	reordering.
2002-11-27	Update document date.	Hakan Olsson

2002-11-15	Missing "Configuration" tag in a Phase-1 peer was not handled correctly,	Hakan Olsson
	pointed out by Aref Taidi. Replace this with a "Default-Phase-1-Configuration" that will be used if this tag is missing from the peer. Update manpage accordingly. niklas@ ok.