Age | Commit message (Expand) | Author |
2021-07-14 | Export SA replay counters via pfkey and print with ipsecctl. | tobhe |
2021-07-08 | Initialize `ipsec_acquire_pool' pool (9) within pfkey_init() instead of | mvs |
2021-07-05 | Export tdb MTU to userland via SADB_GET. This helps debug path MTU | tobhe |
2021-05-25 | The arrays sadb_exts_allowed_out and sadb_exts_required_out are | Alexander Bluhm |
2020-12-14 | Make sure that the address families of a flow's source address, | tobhe |
2020-11-05 | Enable support for ASN1_DN ipsec identifiers. | Peter Hessler |
2020-08-07 | pfkey_get may allocate more memory than is needed to hold the SA | tobhe |
2020-07-18 | Add size to free(9) calls | kn |
2020-04-23 | Add support for autmatically moving traffic between rdomains on ipsec(4) | tobhe |
2019-03-04 | Add padding to struct sadb_x_counter to make it comply with | Stefan Sperling |
2018-08-28 | Add per-TDB counters and a new SADB extension to export them to | Martin Pieuchot |
2017-11-20 | Flush flows using the radix-tree instead of a global list. | Martin Pieuchot |
2017-10-27 | Dump IPsec flows by iterating over the rafdix-tree. | Martin Pieuchot |
2017-05-29 | Kill struct pfkey_version and move struct pfkeyv2_socket & dump_state | Claudio Jeker |
2017-05-29 | PFKEY version 2 is the only pfkey version supported. No need for extra | Claudio Jeker |
2017-05-26 | There is only one version of pfkey in OpenBSD and this will not change any | Claudio Jeker |
2017-02-28 | Depending on the addresses, ipsecctl(8) automatically groups sa | Alexander Bluhm |
2017-01-24 | A space here, a space there. Soon we're talking real whitespace | Kenneth R Westerback |
2015-12-09 | Remove plain DES encryption from IPsec. | Christian Weisgerber |
2015-12-02 | remove unimplemented PF_KEY algorithms; ok sthen@ mpi@ mikeb@ | Christian Weisgerber |
2015-11-03 | Plumb Chacha20-Poly1305 into the IPsec/ESP and PF_KEY frameworks | Mike Belopuhov |
2015-05-23 | introduce ipsec-id bundles and use them for ipsecflowinfo, | Markus Friedl |
2015-04-17 | Remove unsupported SADB_X_IDENTTYPE_CONNECTION; OK markus, hshoexer | Mike Belopuhov |
2015-04-16 | change {import,export}_identity so it can be used for policies; ok mikeb | Markus Friedl |
2015-04-14 | Remove support for storing credentials and auth information in the kernel. | Mike Belopuhov |
2014-12-28 | remove KPDK. not really used, and a bad choice anyway. ok naddy | Ted Unangst |
2013-10-24 | Move more stuff under _KERNEL | Theo de Raadt |
2013-03-09 | normalize structure definitions | Theo de Raadt |
2012-09-18 | remove the SADB_X_SAFLAGS_{HALFIV,RANDOMPADDING,NOREPLAY} pfkey-API (not set | Markus Friedl |
2012-06-29 | Add support for the Extended (64-bit) Sequence Number as defined | Mike Belopuhov |
2010-10-06 | Retire Skipjack | Mike Belopuhov |
2010-09-22 | Add AES-GCM Transform Identifiers as specified by IANA in | Mike Belopuhov |
2010-07-09 | Add support for using IPsec in multiple rdomains. | Reyk Floeter |
2010-07-01 | Allow to specify an alternative enc(4) interface for an SA. All | Reyk Floeter |
2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter |
2005-05-27 | Use export_flow() to wrap policies retrieved via sysctl in pfkey message | Hans-Joerg Hoexer |
2005-05-25 | AESCTR support for ESP (RFC 3686); ok hshoexer | Markus Friedl |
2005-04-04 | Add sysctl for dumping the SPD | Hans-Joerg Hoexer |
2004-11-26 | implement net.key.v2.sadb_dump.{unspec,esp,ah,...} sysctl subtree | Markus Friedl |
2004-08-10 | Add SADB_X_EXT_LIFETIME_LASTUSE for use with isakmpd/DPD, adding this | Hakan Olsson |
2004-01-27 | don't convert tcpmd5 to ip-over-ip in SADB_X_GETSPROTO; from hshoexer | Markus Friedl |
2003-12-02 | UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt) | Markus Friedl |
2003-07-24 | conform to RFC2367 on SADB_xx naming (local name must be prefixed with | Jun-ichiro itojun Hagino |
2003-02-24 | SADB_X_CALG_MAX is supposed to be the highest numbered supported algorithm | Jason Wright |
2003-02-16 | KNF | Theo de Raadt |
2003-02-16 | KNF | Jason Wright |
2003-02-15 | s/LSZ/LZS (consistent with linux and isakmpd *.cst) | Jason Wright |
2002-06-07 | Add flow type arg to import_flow() | Hakan Olsson |
2002-05-31 | import_flow() prototype | Angelos D. Keromytis |
2001-12-18 | NRL license cleaning | Theo de Raadt |