index
:
wireguard-openbsd
jd/histogram
jd/queueboosts
jd/simplify-queueing
master
WireGuard implementation for the OpenBSD kernel
Matt Dunwoodie
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
sbin
/
iked
/
ikev2.c
(
follow
)
Commit message (
Expand
)
Author
Age
Files
Lines
*
Don't send DELETE notify if IKE SA is replaced because of
tobhe
2021-03-23
1
-2
/
+2
*
Ignore msg_ke in CREATE_CHILD_SA if DH negotiation results in group
tobhe
2021-03-15
1
-3
/
+7
*
Log errors with log level info and SPI.
tobhe
2021-03-14
1
-12
/
+17
*
Also log transforms on IKE SA rekey.
tobhe
2021-03-09
1
-3
/
+10
*
Log ESN for child SAs if enabled.
tobhe
2021-03-07
1
-3
/
+6
*
whitespace
tobhe
2021-03-06
1
-2
/
+2
*
Print PFS group for rekeyed Child SAs.
tobhe
2021-03-05
1
-5
/
+11
*
Log transforms of established IKE and Child SAs.
tobhe
2021-03-05
1
-7
/
+36
*
Derive config netmask from address pool if not explicitly configured.
tobhe
2021-03-04
1
-2
/
+24
*
Fail on invalid address family.
tobhe
2021-02-20
1
-1
/
+3
*
Save one allocation by passing msg_nonce ownership instead of using
tobhe
2021-02-18
1
-10
/
+10
*
Pass ownership instead of duplicating ibuf msg_ke.
tobhe
2021-02-18
1
-12
/
+5
*
Add dynamic address configuration for roadwarrior clients.
tobhe
2021-02-13
1
-1
/
+2
*
Explicitly unset IKED_REQ_CERTVALID before sending cert to ca process.
tobhe
2021-02-11
1
-1
/
+2
*
Delay deletion of IKE SAs on rekey when stickyaddress is enabled to make
tobhe
2021-02-10
1
-2
/
+10
*
Add optional 'group none' transform for child SAs and fix handling of
tobhe
2021-02-09
1
-5
/
+25
*
Rename 'struct group' to 'struct dh_group' for more clarity and
tobhe
2021-02-04
1
-8
/
+8
*
Upgrade to OpenSSL 1.1 compatible crypto API. Add additional
tobhe
2021-02-04
1
-13
/
+15
*
Take flows into consideration for policy lookup as initiator.
tobhe
2021-02-01
1
-7
/
+7
*
Ignore addresses that are not 0/32 (dynamic) in ikev2_cp_fixaddr()
tobhe
2021-01-31
1
-3
/
+3
*
Don't leak flows if ikev2_cp_fixflow() fails.
tobhe
2021-01-31
1
-3
/
+8
*
Fix typos.
tobhe
2021-01-23
1
-2
/
+2
*
Handle NO_PROPOSAL_CHOSEN for CREATE_CHILD_SA.
tobhe
2021-01-21
1
-2
/
+10
*
Add support for INVALID_KE_PAYLOAD in CREATE_CHILD_SA
tobhe
2021-01-21
1
-29
/
+86
*
Make sure to enforce matching dstid as initiator. Use policy lookup
tobhe
2021-01-20
1
-1
/
+23
*
Sync SA configuration payload to new SA after IKE SA rekeying.
tobhe
2021-01-18
1
-1
/
+6
*
Fix "any" and "dynamic" keywords for flows and add proper IPv6 support.
tobhe
2020-12-27
1
-5
/
+7
*
Use policy_test() to reassign existing SAs to updated policies after
tobhe
2020-12-21
1
-2
/
+33
*
We need to rekey every child SA (even if acquired): Otherwise we can
tobhe
2020-11-30
1
-11
/
+7
*
Add 'set stickyaddress' option. If this option is enabled, iked will try
tobhe
2020-11-29
1
-1
/
+62
*
Add support for multiple address pools. The parser already allows
tobhe
2020-11-28
1
-42
/
+78
*
Remove redundant state change. ikev2_ikesa_delete() sets the correct state.
tobhe
2020-11-27
1
-2
/
+1
*
Fix proposal error handling. If a proposal contains an unknown transform
tobhe
2020-11-25
1
-2
/
+2
*
Fix duplicate sa->sa_cp assignment.
tobhe
2020-11-24
1
-4
/
+1
*
Clean up NATT hack. Pass 'frompeer' as parameter instead of manipulating
tobhe
2020-11-21
1
-28
/
+7
*
Remove redundant indirection via msg_parent. This is only needed in
tobhe
2020-11-17
1
-3
/
+3
*
Reenable ikev2_init_auth() return value check. Make sure sa_stateok()
tobhe
2020-11-16
1
-3
/
+9
*
Backout ikev2_init_auth() return check to fix regression with
tobhe
2020-11-16
1
-8
/
+2
*
Make sure not to replace 0.0.0.0 with dynamic address if it is a a network
tobhe
2020-11-14
1
-1
/
+5
*
addr_net is already checked in ikev2_cp_setaddr() before sessing
tobhe
2020-11-13
1
-5
/
+3
*
Close SA if ikev2_init_auth() fails.
tobhe
2020-11-12
1
-6
/
+12
*
Fail if ikev2_init_ike_auth() is entered with invalid state.
tobhe
2020-11-12
1
-2
/
+2
*
Implement 'from dynamic', which installs flows where 'dynamic' is replaced
tobhe
2020-11-07
1
-8
/
+41
*
Set correct netmask on patched addresses for debug printing.
tobhe
2020-11-06
1
-1
/
+5
*
Add missing bits to make 'request addr 0.0.0.0' accept ANY dynamic address.
tobhe
2020-10-30
1
-1
/
+9
*
Whitespace fixes.
tobhe
2020-10-30
1
-3
/
+3
*
Fix key payload size. Use size from new SA.
tobhe
2020-10-30
1
-2
/
+2
*
Add initial support to request IP addresses as IKEv2 initiator.
tobhe
2020-10-29
1
-14
/
+111
*
Refactor parts of the dh_* API.
tobhe
2020-10-28
1
-55
/
+22
*
Don't modify sa in ikev2_pld_cp. Store cp_type in msg until message has
tobhe
2020-10-24
1
-1
/
+4
[next]