summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/pf_key_v2.c
AgeCommit message (Expand)Author
2017-08-06Prevent a use-after-free by always passing dynamically allocatedMartin Pieuchot
2017-02-28Depending on the addresses, ipsecctl(8) automatically groups saAlexander Bluhm
2015-12-10Remove NULL-checks before free(). ok tb@mmcc
2015-12-09Remove plain DES encryption from IPsec.Christian Weisgerber
2015-08-20<stdlib.h> is included, so do not need to cast result fromTheo de Raadt
2015-04-17Remove unsupported SADB_X_IDENTTYPE_CONNECTION; OK markus, hshoexerMike Belopuhov
2015-04-14Remove support for storing credentials and auth information in the kernel.Mike Belopuhov
2015-03-26Remove bits of unfinished IPsec proxy support. DNS' KX records, anyone?Mike Belopuhov
2014-10-29convert simple cases of select() to poll()Theo de Raadt
2014-10-22Fix error reporting when reallocarray() fails. OK miod@Todd C. Miller
2014-10-18Convert malloc() with a size var using multiplication to reallocarray().Doug Hogan
2012-06-30enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESPChristian Weisgerber
2011-08-02add refcounting for "Configuration" section for acquire-mode SAsMarkus Friedl
2010-09-22Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMACMike Belopuhov
2009-01-28cleaning up my tree: trivial KNF and a comment fix.Hans-Joerg Hoexer
2008-07-01Isakmpd acquire mode did not work with a config generated fromAlexander Bluhm
2008-06-10Fix implementation of IN6_IS_ADDR_FULL so that IPV6_ADDR is usedAlexander Bluhm
2007-09-02use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsgTheo de Raadt
2007-05-27Don't include sys/mbuf.h it is not needed. OK mcbride@ msf@Claudio Jeker
2007-04-16There's no point in checking ptr for NULL before doing free(ptr)Moritz Jodeit
2007-04-08Fix lint comments. s/Fall through/FALLTHROUGH/.Moritz Jodeit
2007-02-19isakmpd bits for ESP+NULL encryption. This is useful, when AH canHans-Joerg Hoexer
2006-11-24add support to tag ipsec traffic belonging to specific IKE-initiatedReyk Floeter
2006-09-01Add a new UI command to force isakmpd into passive only mode.Marco Pfatschbacher
2006-08-30fix isakmpd -Ka, as used by bgpd, or acquire flows set up via ipsecctl.Henning Brauer
2006-08-30need to retry writing to pfkey socket on EAGAIN, ok theo hshoexerHenning Brauer
2006-08-30do not call pf_key_v2_disable_sa twice; ok hshoexer, hoMarkus Friedl
2006-06-10support sha2 for main mode hmacs and aesctr for quick mode encryption.Hans-Joerg Hoexer
2006-05-31tiny KNFHans-Joerg Hoexer
2006-05-31Make sure, that phase 1 SAs of active connections stay alive. Fixes a DPDHans-Joerg Hoexer
2006-05-29export pf_key_v2_disable_sa() (unbreaks build)Markus Friedl
2005-11-14use snprintf; ok cloder. also looked at by a few other peopleTheo de Raadt
2005-06-14add ENCAP_UDP_{TUNNEL,TRANSPORT} types according to rfc 3947Hans-Joerg Hoexer
2005-06-01Fix memory leak. OK hshoexerChad Loder
2005-05-22No more ifdef KAME. From hshoexerChad Loder
2005-04-08get rid of sysdep_sa_lenHans-Joerg Hoexer
2005-04-08USE_DEBUG is bye byeTheo de Raadt
2005-04-08keynote and policy always compiled inTheo de Raadt
2005-04-08nat-traversal alwaysTheo de Raadt
2005-04-08kill USE_OLD_SOCKADDRTheo de Raadt
2005-04-08Remove references to LINUX_IPSECChad Loder
2005-04-06knf, ok cloderTheo de Raadt
2005-04-05Always compile X509 support. Almost everyone uses it. Makes the codeChad Loder
2005-04-04spacing; ok cloderTheo de Raadt
2005-03-02knf, linewrapping, whitespaces, no binary changeHans-Joerg Hoexer
2005-02-27cleanup correctly in some error paths.Patrick Latifi
2005-02-27where possible, use bzero instead of memsetHans-Joerg Hoexer
2005-02-25Fix an obviously incorrect call to memset. '0' and 0 are not the sameChad Loder
2004-12-27Fix broken pointer arithmetic when receiving a RSA key from the kernel. FoundHans-Joerg Hoexer
2004-09-17Missing #ifdefs.Hakan Olsson
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-01 18:30:33 +0000