summaryrefslogtreecommitdiffstats
path: root/sbin/iked (follow)
Commit message (Expand)AuthorAgeFilesLines
* Sync correct ROUNDUP() from net/route.ctobhe2021-03-251-3/+2
* Don't send DELETE notify if IKE SA is replaced because oftobhe2021-03-231-2/+2
* The tag comes after iface in iked.conf(5).tobhe2021-03-211-4/+4
* Add 'grp31' alias for curve25519 as documented in iked.conf(5).tobhe2021-03-161-1/+2
* We makes sure that a dh group is required if the local proposaltobhe2021-03-151-3/+13
* Ignore msg_ke in CREATE_CHILD_SA if DH negotiation results in grouptobhe2021-03-151-3/+7
* Log errors with log level info and SPI.tobhe2021-03-141-12/+17
* Also log transforms on IKE SA rekey.tobhe2021-03-091-3/+10
* Log ESN for child SAs if enabled.tobhe2021-03-071-3/+6
* whitespacetobhe2021-03-061-2/+2
* Print PFS group for rekeyed Child SAs.tobhe2021-03-052-6/+14
* Log transforms of established IKE and Child SAs.tobhe2021-03-051-7/+36
* Move policy printing code from parse.y to new print.ctobhe2021-03-054-247/+291
* Remove -g from CFLAGS. This was accidentally added with the last commit.tobhe2021-03-041-2/+2
* Derive config netmask from address pool if not explicitly configured.tobhe2021-03-042-4/+26
* Free sc_vroute on shutdown.tobhe2021-03-031-1/+2
* Increase the size of iov in pfkey_sa() to be large enough for alljsg2021-03-021-2/+2
* Make sure sa_policy is not NULL in sa_configure_iface(). This can happentobhe2021-03-011-2/+2
* Rename addr to gateway.tobhe2021-02-281-8/+8
* Set RTF_GATEWAY for host route based on RTM_GET response.tobhe2021-02-271-11/+15
* Set RTF_GATEWAY for flow routes, not for host route.tobhe2021-02-261-3/+3
* Fix and improve handling of address families in vroute_getcloneroute().tobhe2021-02-261-27/+9
* Constify cipher API.tobhe2021-02-252-10/+10
* Use ASN1_STRING_get0_data() instead of the deprecated ASN1_STRING_data().tobhe2021-02-241-3/+3
* Don't pass 'id' as argument to make function signature match similartobhe2021-02-223-7/+7
* Don't explicitly send address family in IMSG_VROUTE_ADD. The receivingtobhe2021-02-211-12/+2
* Fail on invalid address family.tobhe2021-02-201-1/+3
* Fail on duplicate nonce payload.tobhe2021-02-191-2/+5
* Save one allocation by passing msg_nonce ownership instead of usingtobhe2021-02-181-10/+10
* Remove redundant ibuf_release. msg_ke is always NULL because of thetobhe2021-02-181-2/+1
* Pass ownership instead of duplicating ibuf msg_ke.tobhe2021-02-181-12/+5
* Fail on duplicate KE payload.tobhe2021-02-161-1/+5
* Add dynamic address configuration for roadwarrior clients.tobhe2021-02-1310-18/+751
* Fix local and peer addresses in policy lookup for dangling SAstobhe2021-02-121-3/+3
* Explicitly unset IKED_REQ_CERTVALID before sending cert to ca process.tobhe2021-02-111-1/+2
* Delay deletion of IKE SAs on rekey when stickyaddress is enabled to maketobhe2021-02-101-2/+10
* Add optional 'group none' transform for child SAs and fix handling oftobhe2021-02-093-8/+39
* Clean up kernel IPsec flows and security associations on shutdown.tobhe2021-02-083-10/+33
* Free X509_STOREs in ca_shutdown().tobhe2021-02-071-1/+3
* Fix address leaks in expand_flows().tobhe2021-02-071-3/+5
* Rename 'struct group' to 'struct dh_group' for more clarity andtobhe2021-02-044-63/+63
* EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m()tobhe2021-02-041-21/+7
* Upgrade to OpenSSL 1.1 compatible crypto API. Add additionaltobhe2021-02-045-144/+231
* Take flows into consideration for policy lookup as initiator.tobhe2021-02-013-11/+15
* Whitespacetobhe2021-02-011-2/+2
* Ignore addresses that are not 0/32 (dynamic) in ikev2_cp_fixaddr()tobhe2021-01-311-3/+3
* Don't leak flows if ikev2_cp_fixflow() fails.tobhe2021-01-311-3/+8
* Add proper padding for pfkey messages. Use ROUNDUP() for auth andtobhe2021-01-291-22/+95
* Extern privsep_process. Fixes compilation with -fno-common.mortimer2021-01-282-3/+5
* Add support for RSA-PSS PKCS1 signatures. Don't enable them bytobhe2021-01-262-19/+23
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.