summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Expand)Author
2020-05-10sockaddr_rtdns does not guarantee alignment of the buffer. So firstOtto Moerbeek
2020-05-09Log error notifications other than NO_PROPOSAL_CHOSENtobhe
2020-05-09Shuffle and clarify logic creating the contents of resolv.conf.Kenneth R Westerback
2020-05-08Use a union to ensure cmsg buffer is properly alignedJeremie Courreges-Anglas
2020-05-08Remove unneccessary X509_NAME_oneline wrapper. Passing NULL as buftobhe
2020-05-08Nuke unneeded 'inits' field in struct proposal. 'mtu' being 0 is enough of a ...Kenneth R Westerback
2020-05-08Nuke 'set but never used' addrs field in struct proposal.Kenneth R Westerback
2020-05-02Use gettimeofday() instead of CLOCK_MONOTONIC in gettime(). The return valuetobhe
2020-05-01When initiating IKE SA rekeying, make sure to send a key from a mutualtobhe
2020-05-01Clarify global 'set active' and 'set passive' options and how theytobhe
2020-04-30Add ECDH groups and higher order MODP DH groups to default proposal.tobhe
2020-04-29Remove trailing tabtobhe
2020-04-29Missing whitespace.tobhe
2020-04-29Add the 'nomimo' nwflag which disables MIMO in 11n mode.Stefan Sperling
2020-04-28The order of arguments to proposals_negotiate makes a difference.tobhe
2020-04-28Remove support for insecure EC2N groups. Clarify which Diffie-Hellmantobhe
2020-04-27Add curve25519 IANA group number.tobhe
2020-04-27Log with SPI_SA().tobhe
2020-04-27If the DHCP server disappears between OFFER'ing and ACK'ing a lease,Kenneth R Westerback
2020-04-26Fix leak of temporary ID ibufs on IKE SA rekey.tobhe
2020-04-26Only print valid rdomains. '-1' is used as default value and shouldtobhe
2020-04-26Tighten up NAK handling. Inform unwind when the active lease isKenneth R Westerback
2020-04-25Reduce minimum allowed number of chunks in a CONCAT volume from 2 toKenneth R Westerback
2020-04-24Add some useful log messages for the IKE handshake.tobhe
2020-04-24Log INFORMATIONAL messages with LOG_DEBUG. They are rarely useful fortobhe
2020-04-24Stray whitespace.Kenneth R Westerback
2020-04-23SYNOPSIS had no matching Ek, but since it wasn;t needed, remove Bk;Jason McIntyre
2020-04-23 ce examples of "Ar arg Ar arg" with "Ar arg arg" and stop the spread;Jason McIntyre
2020-04-23Add support for switching rdomain on IPsec encryption/decryption.tobhe
2020-04-23Support SADB_X_EXT_RDOMAIN extension in pfkey dump (-m).tobhe
2020-04-22Fix leaks in signature validation.tobhe
2020-04-22Log authentication verification failure with "info" priority.tobhe
2020-04-21unwind(8) is supposed to work in all situations, it no longerFlorian Obser
2020-04-21Send broadcast packets to INADDR_BROADCAST, not INADDR_ANY.Kenneth R Westerback
2020-04-20Remove unused 'dsa_cert' variable.tobhe
2020-04-18SPI_SA(sa, NULL) already prints a colon.tobhe
2020-04-17Log retransmits of sent requests and responses.tobhe
2020-04-17Only pay attention to interfaces in our routing domainFlorian Obser
2020-04-16Print SPI value of deleted SA.tobhe
2020-04-16Make the control socket name depend on the routing domain we are in.Florian Obser
2020-04-15Remove redundant 'sa == NULL' check.tobhe
2020-04-14Print 'ipcomp' in print_policy() if configured.tobhe
2020-04-14When slaacd is run in a routing domain (rdomain) other than the default (0) itFlorian Obser
2020-04-13Try to send a DELETE message if the SA is reset with 'ikectl reset id'.tobhe
2020-04-12No need to call lc_idtype(). idstr does not contain a leading typetobhe
2020-04-12"could not open public key" is an error and should be log_info.tobhe
2020-04-11DELETE payloads are common. Log with log_info instead of log_warnx.tobhe
2020-04-11If we haven't received any IKE message from our partner for sometobhe
2020-04-10Only make the type part of the idstring lowercase when looking for certs intobhe
2020-04-09Simplify socket creation logic. Normally iked needs two sockets, onetobhe