Age | Commit message (Expand) | Author |
2012-10-29 | backout possible infinit-loop (from rev 1.5) when parsing nat_d; | Markus Friedl |
2012-09-25 | lost preposition "in" | Otto Moerbeek |
2012-08-24 | ikev2 is described in rfc 5996 now; | Jason McIntyre |
2012-08-12 | Use .Lk for HTTP hyperlinks, not .Pa. | Ingo Schwarze |
2012-07-13 | Support additional MODP DH groups in the Phase 1 and Phase 2. | Mike Belopuhov |
2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
2012-06-04 | Rounding up a number of bytes in a bignum returned by the BN_num_bytes() | Mike Belopuhov |
2012-03-24 | set the vendor string to OpenBSD-5.2; ok mikeb@ | Markus Friedl |
2012-01-16 | import (and fix) net_addrcmp() from libc as a static function. | Eric Faurot |
2011-12-12 | Allow using FQDN as a ID payload type. Some client (eg Windows XP) | YASUOKA Masahiko |
2011-10-20 | For NAT-T with transport mode, use the ISAKMP's SA addresses for the | YASUOKA Masahiko |
2011-09-29 | ssl.8: Certifying Authority -> Certificate Authority | Jason McIntyre |
2011-08-02 | add refcounting for "Configuration" section for acquire-mode SAs | Markus Friedl |
2011-06-23 | Use a common text explaining how the various configuration parsers using | Stuart Henderson |
2011-06-15 | When BN_bn2bin converts a bignum to the binary representation | Mike Belopuhov |
2011-06-06 | some improvements for the text on packet capture; from Lawrence Teo | Jason McIntyre |
2011-05-13 | wrong id for UDP_ENCAP_TRANSPORT_DRAFT; ok mikeb@ | Markus Friedl |
2011-04-23 | Indicate which side of the connection responded during phase 1 while using -v. | lum |
2011-04-16 | Allow -v (verbose logging) to work if a -D option is supplied. | Stuart Henderson |
2011-04-06 | Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0' | Miod Vallat |
2011-02-03 | When binding to addresses, ignore any IP address not in the current | Peter Hessler |
2010-12-09 | When looking up an SA based on peer address, also check the port | Martin Hedenfal |
2010-11-29 | make key exchange faster by not checking the predefined groups with DH_check() | Markus Friedl |
2010-10-19 | convert to fuse cast from the libcrypto. with a simplification nit from | Mike Belopuhov |
2010-10-18 | as determined 4 years ago, FortiGate needs DOI of 0 responses to DPD | Todd T. Fries |
2010-10-15 | Switch the remaining users of libdes in src to libcrypto, | Jonathan Gray |
2010-09-22 | Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMAC | Mike Belopuhov |
2010-08-04 | fixup keylength for aes-128-cbc in quickmode | Theo de Raadt |
2010-06-29 | Replace the hand-crafted Diffie-Hellman implementation in isakmpd with | Reyk Floeter |
2010-06-07 | make clearer the relationship between isakmpd and ikev1; and iked and ikev2; | Jason McIntyre |
2010-06-03 | update the manpages for isakmpd(8) and ipsec.conf(5) to point to iked(8) | Reyk Floeter |
2010-05-10 | Various comment typos. 'wether' -> 'whether' (most popular), 'possiblity' -> | Kenneth R Westerback |
2010-04-15 | Log when isakmpd starts - patch from Toni Mueller | lum |
2010-04-06 | fix some more dodgy "-indent"; aucat.1 has some too, but i'll leave that for | Jason McIntyre |
2010-03-26 | dispense with some wacky escape sequences; | Jason McIntyre |
2010-03-04 | don't crash on invalid phase 2 IDs; from hshoexer; ok sthen@ | Markus Friedl |
2010-01-10 | only substract ISAKMP_ID_DATA_OFF once. otherwise 'buf' might overflow | Markus Friedl |
2010-01-03 | Neither .Pp nor unqualified text are allowed at the top level of .Bl; | Ingo Schwarze |
2009-11-13 | fix a few memory leaks found by parfait; ok hshoexer | Theo de Raadt |
2009-06-25 | Add missing RTM_VERSION check. This is needed before accessing other data | Claudio Jeker |
2009-06-05 | rtm->rtm_hdrlen conversion | Chris Cappuccio |
2009-01-29 | Improve logging: | Hans-Joerg Hoexer |
2009-01-28 | cleaning up my tree: trivial KNF and a comment fix. | Hans-Joerg Hoexer |
2009-01-28 | Remove some dead (#if 0) code. | Hans-Joerg Hoexer |
2009-01-20 | Add support to isakmpd(8) and ipsecctl(8) to install SA's with a | Marco Pfatschbacher |
2008-12-22 | mark log_fatal() and monitor_exit() as __dead, as they do not return. | Hans-Joerg Hoexer |
2008-11-11 | Use rfc2409 conform notification message when client identities are | Hans-Joerg Hoexer |
2008-10-21 | do not listen on tentative (during DAD), duplicated (after DAD) or | Markus Friedl |
2008-09-06 | adapt to API changes in OpenSSL 0.9.8h | Damien Miller |
2008-09-06 | adapt to sha2(3) API changes; ok millert@ | Damien Miller |