summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Expand)Author
2010-06-14Initiator mode with certificates; needs more work but works.Reyk Floeter
2010-06-14Initial support for initiator mode which allows to run iked as aReyk Floeter
2010-06-14the ikesa prf config option is currently brokenReyk Floeter
2010-06-14fix block length for AESReyk Floeter
2010-06-14fix EAP responder modeReyk Floeter
2010-06-14NAT detection again: make it work in initiator and responder modeReyk Floeter
2010-06-14remove policy lookup debug messageReyk Floeter
2010-06-14NAT detection with SPIr is always 0Reyk Floeter
2010-06-14restructure code a bit to move closer to initiator mode:Reyk Floeter
2010-06-14cleanup messages and parsed information correctlyReyk Floeter
2010-06-14add define for saproto 0Reyk Floeter
2010-06-14More code for initiator mode (not finished yet)Reyk Floeter
2010-06-11add some infrastructure to support timers and initiator mode later.Reyk Floeter
2010-06-11tweak the code slightly so we can remove -lsslJonathan Gray
2010-06-10don't print keywords as underlined arguments.Reyk Floeter
2010-06-10update usage()Reyk Floeter
2010-06-10Add the -S flag which does the same as "set passive" but matches theReyk Floeter
2010-06-10move a bzero of the x509 store context higher up so theJonathan Gray
2010-06-10add new commands: the couple/decouple commands will set loading of theReyk Floeter
2010-06-10Add another tree to lookup policy SAs by peer address.Reyk Floeter
2010-06-10simplify the pfkey code by adding a pfkey_write() functionReyk Floeter
2010-06-10small fix for sockaddr_cmp()Reyk Floeter
2010-06-10i don't like splitting source code in too many source files but ikev2.cReyk Floeter
2010-06-10only call RB_REMOVE once when removing an SA.Reyk Floeter
2010-06-09add missing headers needed for opendev() and close()Charles Longeau
2010-06-07$OpenBSD$Jonathan Gray
2010-06-07Oups, an unused prototype sneaked into ifconfig. Found by jsg@Claudio Jeker
2010-06-07switch iked pki files to /etc/iked, discussed with reyk.Jonathan Gray
2010-06-07various small tweaks; ok reykJason McIntyre
2010-06-07various tweaks; ok reykJason McIntyre
2010-06-07Enable iked/ikectl in the builds. iked is still in an early stage,Reyk Floeter
2010-06-07make clearer the relationship between isakmpd and ikev1; and iked and ikev2;Jason McIntyre
2010-06-07fix a quoting wobble for the srcnat keyword; verified by reykJason McIntyre
2010-06-05Switch fsck_ffs(8) and fsdb(8) to opendev(3) so that they will soon be ableJoel Sing
2010-06-04Fix NAT-T detection to enable UDP encapsulation. It was done before,Reyk Floeter
2010-06-04Merge interface flags and xflags before printing them. So it is possible toClaudio Jeker
2010-06-03manpage tweaksReyk Floeter
2010-06-03Stop requiring the 'inet6' keyword when the 'autoconfprivacy' option is used.Stefan Sperling
2010-06-03Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.Reyk Floeter
2010-06-03remove my BINDIR override, pointed out by deraadt@Reyk Floeter
2010-06-03update the manpages for isakmpd(8) and ipsec.conf(5) to point to iked(8)Reyk Floeter
2010-06-03Import iked, a new implementation of the IKEv2 protocol.Reyk Floeter
2010-06-02Have dhclient obey the interface's rdomain, instead of doing routes onPeter Hessler
2010-05-28tweak previous;Jason McIntyre
2010-05-28Add mpls/-mpls commands to enable MPLS label switching on an interface.Claudio Jeker
2010-05-25no Pp before/after Sh/Ss;Jason McIntyre
2010-05-25use opendev(), as requested in 6373. document this using text borrowed fromTheo de Raadt
2010-05-25match usage to the manual page, and borrow the description of 'disk'Theo de Raadt
2010-05-20document the optional arg to "flag", as requested by Thomas Pfaff;Jason McIntyre
2010-05-19Use the newly committed version of strnlen from libc. ok millert@ kettenis@Dale Rahn