summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Expand)Author
2021-12-13Only generate a new xid on state change.Florian Obser
2021-12-13Treat xid as a uint32_t in network byte order on the wire.Florian Obser
2021-12-13Replace struct member assignment with struct assignment to make theFlorian Obser
2021-12-11Start the default OpenBSD partition either immediately followingKenneth R Westerback
2021-12-09Rework in which state to add and not add the server-ip andFlorian Obser
2021-12-09Properly enable NAT-T without udpencap if mobike was negotiated without NAT.Tobias Heider
2021-12-09Move switch to NAT-T port and udpencap activation to ikev2_enable_natt().Tobias Heider
2021-12-08The /etc/iked/certs/ directory is used for both local and peerTobias Heider
2021-12-07Fix locally stored peer certificates in /etc/iked/certs as documented inTobias Heider
2021-12-07Don't truncate the default OpenBSD partition at the end of theKenneth R Westerback
2021-12-06Logging received addresses and DNS configuration only makes sense forTobias Heider
2021-12-04Send out dstid as initiator if configured. This makes it easier forTobias Heider
2021-12-01Remove the MBR_init() "#ifdef defined(__macppc__) ||Kenneth R Westerback
2021-12-01whitespace cleanup during review readTheo de Raadt
2021-11-30isakmpd: convert modp_init() for opaque DH.Theo Buehler
2021-11-30whitespaceTobias Heider
2021-11-29add -V to usage(), and list it before -v in both SYNOPSIS and theJason McIntyre
2021-11-29Add command line option to show the versionTobias Heider
2021-11-29sys/param.h was included for MAX(), MIN() and roundup(). make localTheo de Raadt
2021-11-29the code in this file has reason to include any sys/*.h header files,Theo de Raadt
2021-11-28Make sure the interface still exists before updating it.Florian Obser
2021-11-28Make sure if_index is set in all case statements and use itFlorian Obser
2021-11-27Rename msg_id to msg_peerid now that we also have msg_localid.Tobias Heider
2021-11-26A peer sends both his local id and remote id he expects us to be. So far wePatrick Wildt
2021-11-26Fix ikev2_child_sa_rekey() warnings. The SPI can't be printed without aTobias Heider
2021-11-26remaing -> remainingJonathan Gray
2021-11-25Remove unused variable fd.Tobias Heider
2021-11-25Silence unitialized variable warnings.Tobias Heider
2021-11-25Honour /usr/mdec/mbr or -f partition 0 information even outsideKenneth R Westerback
2021-11-24Unregister event on pfkey socket during pfkey_reply(). Using eventsTobias Heider
2021-11-24Pass env to pfkey API. Consistently call pfkey file descriptor fd.Tobias Heider
2021-11-23Use system uptime not UTC time to calculate PPPoE session durationKlemens Nanni
2021-11-23Add logging for rekey failures.Tobias Heider
2021-11-22MOBIKE is RFC 4555.Tobias Heider
2021-11-21Add 'ikectl show certinfo' to show trusted CAs and certificates.Tobias Heider
2021-11-20Gather the setup of the initial OpenBSD MBR partition into oneKenneth R Westerback
2021-11-20Fix some strdup() leaks in ocsp config option.Tobias Heider
2021-11-20No need for intermediate 'adj' variable. Add 'disksz'Kenneth R Westerback
2021-11-20Send default client identifier when a config file is present but noFlorian Obser
2021-11-20Sectors-per-cylinder (spc) is a constant value, so make it constKenneth R Westerback
2021-11-19isakmpd: stop reaching into EVP_PKEY.Theo Buehler
2021-11-19Check stdrup() return value.Tobias Heider
2021-11-19Sync to unbound to allow interface names as scope-id in IPv6Florian Obser
2021-11-18iked: replace a conditional EVP_CIPHER_CTX_cleanup() + free() stanzaTheo Buehler
2021-11-18Check if encoding works in dsa_init(). This avoids calling fatal()Tobias Heider
2021-11-17Display DNS information from sppp(4) in ifconfig(8)Bjorn Ketelaars
2021-11-16Zero all copies of pre-shared key.Tobias Heider
2021-11-16Validate RTM_PROPOSAL in resolver not frontendKlemens Nanni
2021-11-16Simplify address family handling, ditch inet_ntop(3)Klemens Nanni
2021-11-16Install missing scope identifier for IPv6 link-local addressesKlemens Nanni