summaryrefslogtreecommitdiffstats
path: root/sbin/ipsecctl/pfkey.c (follow)
Commit message (Expand)AuthorAgeFilesLines
* Extend the ipsecctl(8) parser to set the udpencap flag and portbluhm2020-02-071-4/+19
* When system calls indicate an error they return -1, not some arbitraryderaadt2019-06-281-2/+2
* Rename all SA groups to bundles consistently. The first kernelbluhm2017-04-191-5/+5
* use freezero()deraadt2017-04-181-7/+4
* Depending on the addresses, ipsecctl(8) automatically groups sabluhm2017-02-281-2/+2
* Remove NULL-checks before free(). ok tb@mmcc2015-12-101-5/+3
* Remove plain DES encryption from IPsec.naddy2015-12-091-4/+1
* Use explicit_bzero() when the memory is freed directly afterward.mmcc2015-10-181-4/+4
* simple conversion from select() to poll()deraadt2014-11-031-15/+10
* enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESPnaddy2012-06-301-1/+4
* fix some leaksjsg2012-03-241-1/+2
* Retire Skipjackmikeb2010-10-061-4/+1
* Support AES-GCM-16 (as aes-gcm) and ENCR_NULL_AUTH_AES_GMACmikeb2010-09-221-1/+14
* Only warn about pfkey failures when errno is != EEXIST.hshoexer2008-12-221-3/+5
* move autodetection of the ID type to the parser. this way themarkus2007-03-161-3/+3
* Fix grouping for SAs. Now all combinations of SAs are possible,hshoexer2006-11-101-11/+30
* can get EAGAIN when writing to the pfkey socket; same change as bgpd,henning2006-08-301-8/+6
* fix some indentation, noticed by david@hshoexer2006-06-081-2/+2
* pfkey bits needed for SA groupinghshoexer2006-06-011-1/+168
* Support flows with port modifiers for proto tcp/udp, e.g.naddy2006-06-011-7/+33
* read the full reply from PFKEY even if sadb_errno is set; ok hshoexermarkus2006-06-011-7/+6
* correct error messages to match calloc where appropriatetodd2006-06-011-3/+3
* whitespace cleanuphshoexer2006-05-311-3/+3
* implement monitor mode for ipsecctl. worked on with markus@msf2006-05-301-8/+83
* kill trainling whitespacehshoexer2006-05-281-2/+2
* fill in AF_INET6 casestodd2006-05-281-20/+71
* "type" keyword to specify flow type (require, use, etc.)hshoexer2006-04-191-1/+7
* allow specification of encapsulated protocol for flows; ok hshoexermarkus2006-03-311-13/+17
* allow specification of outer local ips in flows (SADB_EXT_ADDRESS_SRC); ok hshoexer, reykmarkus2006-03-301-14/+50
* add support for special "bypass" and "deny" flows.reyk2006-03-071-1/+7
* ipip support: ip-in-ip w/o gif(4); ok hshoexermarkus2005-12-061-3/+12
* Remove old-style keyed sha1/md5. We only support hmac-sha1/md5.hshoexer2005-11-241-7/+1
* spacingderaadt2005-11-121-7/+7
* handle transport/tunnel modehshoexer2005-11-121-5/+9
* Improved address and address mask handling, derived from pfctl stuff.hshoexer2005-11-061-36/+19
* better handling of ip addresses, prepare for v6. Partially derived from diffhshoexer2005-11-061-18/+40
* add support for ipcomp.hshoexer2005-10-301-4/+23
* parse correctly flows using ipcomp. Glitch noticed by jared rr spiegel.hshoexer2005-10-171-1/+3
* cleanup messages generated by err(3)hshoexer2005-10-161-15/+15
* Teach ipsecctl to control isakmpd.hshoexer2005-08-221-5/+5
* Rewrite handling of transforms. Now both ah and esp can be specified andhshoexer2005-08-091-16/+15
* pfkey pieces for static keying, enable static keyinghshoexer2005-08-081-23/+116
* prepare for static keyinghshoexer2005-08-081-2/+8
* prepare for authentication and encryption keys, not used yet.hshoexer2005-08-051-3/+3
* be more careful when using struct ipsec_auth, might be NULL now.hshoexer2005-08-031-1/+15
* Make use of struct ipsec_auth dynamic.hshoexer2005-08-021-20/+20
* also bail out when pfkey returns ESRCH (eg. trying to delete a non-existing SA)hshoexer2005-07-091-7/+7
* small cleanupshshoexer2005-07-091-19/+19
* Provide infrastructure for adding/deleting SAs, will be used by tcpmd5 andhshoexer2005-07-091-36/+180
* set flow type (use, require, etc.) when a rule is created. Up to now this washshoexer2005-07-071-7/+14
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.