CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/29 14:04:15
Modified files:
regress/sbin/iked/live: Makefile
Log message:
Add 'enforcesingleikesa' test.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/28 07:37:52
Modified files:
sbin/iked : iked.h ikev2.c pfkey.c
Log message:
Rename ikev2_*_sa() functions to make clear they handle Child SAs.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/28 06:43:59
Modified files:
sys/net: pfkeyv2.c
Log message:
Make sure not to pass NULL to explicit_bzero().
Fixes CID 1496732.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/27 10:26:51
Modified files:
sbin/iked : ikev2.c
Log message:
Make sure to save certificate in the CERTINVALID case to fix
ikev2_log_cert_info().
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/26 08:49:48
Modified files:
sbin/iked : config.c iked.conf.5 iked.h ikev2.c
Log message:
Allow disabling DPD liveness checks by setting dpd_check_interval to 0.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/25 10:26:54
Modified files:
sbin/iked : parse.y
Log message:
Fix undefined symbol.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/25 09:08:08
Modified files:
sbin/iked : config.c iked.conf.5 iked.h ikev2.c parse.y
Log message:
Add dpd_check_interval configuration option. If for any IKE SA no IPsec
or IKE message has been
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/24 15:00:21
Modified files:
sbin/iked : config.c iked.c iked.h ikev2.c types.h
Log message:
Reduce the amount of boilerplate code and imsgs for config options by
grouping fixed-size values in
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/23 13:16:08
Modified files:
sbin/iked : config.c iked.c iked.conf.5 iked.h ikev2.c
parse.y policy.c types.h
Log message:
Add a new configuration option to limit the
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/23 09:14:25
Modified files:
sbin/iked : iked.c iked.h ikev2.c
Log message:
Rename natt_mode to sc_nattmode for consistency.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/22 15:40:24
Modified files:
sbin/iked : ikev2.c
Log message:
Prevent concurrent CREATE_CHILD_SA and INFORMATIONAL exchanges.
Make sure not to initiate new exchanges while waiting for an
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/21 08:30:17
Modified files:
sbin/iked : ca.c iked.c iked.conf.5 iked.h ocsp.c types.h
Log message:
Use trusted CA from /etc/iked/ca/ as OCSP issuer to get rid of
/etc/iked/ocsp/issuer.crt.
Try
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/20 13:28:01
Modified files:
sbin/iked : ikev2_pld.c
Log message:
Remove redundant variable.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/19 13:09:26
Modified files:
sbin/iked : ikev2_pld.c
Log message:
Restructure traffic selector payload parsing. Add additional size and
sanity checks.
Feedback and ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/18 15:02:49
Modified files:
sbin/iked : ca.c config.c iked.conf.5 iked.h ocsp.c parse.y
types.h
Log message:
Add optional time-stamp validaten for ocsp. The new
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/17 10:49:28
Modified files:
sbin/iked : ocsp.c
Log message:
Fix possible leak of ocsp_id.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/16 03:09:17
Modified files:
sbin/iked : ca.c config.c iked.h ikev2.c ikev2_pld.c ocsp.c
Log message:
Clean up unused parameters.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/15 05:31:17
Modified files:
sbin/iked : ikev2.c ikev2_msg.c policy.c util.c
Log message:
Remove dead assignments.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/14 15:13:15
Modified files:
sbin/iked : ca.c config.c
Log message:
Clean up unused variables.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/14 10:20:42
Modified files:
sbin/iked : ikev2.c
Log message:
Delete unused variable 'policy'.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/14 10:16:05
Modified files:
sbin/iked : ikev2.c
Log message:
Print local 'sa' variable instead of 'msg->msg_sa'.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/14 10:09:32
Modified files:
sbin/iked : parse.y
Log message:
Delete unused variable 'idtype'.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/14 10:06:59
Modified files:
sbin/iked : ikev2.c
Log message:
Delete unused variable 'certid'.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/13 15:36:38
Modified files:
sbin/iked : pfkey.c
Log message:
Properly set flow_saproto for aquire.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/12 14:37:30
Modified files:
sbin/iked : ikev2.c
Log message:
style(9).
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/11 14:51:06
Modified files:
sbin/iked : iked.h ikev2.c ikev2_msg.c ikev2_pld.c
Log message:
Prioritize incoming certificate requests by the order of CERTEQ payloads
in the received message.
ok
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/10 13:35:39
Modified files:
sbin/iked : ikev2_pld.c
Log message:
Reduce log spam.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/10 13:33:58
Modified files:
sbin/iked : ikev2_pld.c
Log message:
Remove unused argument.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/07 14:12:15
Modified files:
sys/net: pfkeyv2.c pfkeyv2.h
Log message:
pfkey_get may allocate more memory than is needed to hold the SA
information. Make sure to only copy out actually used
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/06 16:04:04
Modified files:
sbin/iked : policy.c
Log message:
Delete commented out code.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/08/05 15:04:54
Modified files:
sys/net: pfkeyv2.c
Log message:
Use PFKEYV2_LIFETIME_CURRENT instead of magic number.
ok patrick@
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2020/08/03 12:07:52
Modified files:
openiked : goals.html index.html manual.html openbsd.css
papers.html security.html users.html
Log message:
sync css w/ openssh
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2020/08/03 11:46:19
Added files:
openiked : favicon.ico openbsd.css
Log message:
Fix 404 for css and favicon.
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2020/08/03 11:22:44
Modified files:
openiked : security.html
Log message:
Mention authentication bypass bug.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/27 08:29:45
Modified files:
usr.sbin/rpki-client: cert.c
Log message:
Fix return value check for openssl API. Do not return success if pkey is NULL.
Feedback and ok cladio@
ok patrick@, tb@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/27 08:22:53
Modified files:
sbin/iked : ca.c
Log message:
Fix return value check for openssl API used during pubkey validation.
Found thanks to bug report by Michael Scheibel
ok patrick@,
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/25 06:26:09
Modified files:
sys/arch/arm64/arm64: db_disasm.c
sys/arch/arm64/conf: files.arm64
Added files:
sys/arch/arm64/arm64: disasm.c disasm.h
Log message:
Port over NetBSD's
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/23 16:01:08
Modified files:
sbin/iked : config.c
Log message:
Fix ibuf leak in sa_localauth when SA is freed.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/22 07:54:30
Modified files:
sys/crypto : aes.c aes.h blake2s.c blake2s.h
chacha_private.h chachapoly.c chachapoly.h
curve25519.c curve25519.h
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/21 07:45:13
Modified files:
regress/sbin/iked/live: Makefile
Added files:
regress/sbin/iked/live: pf.in
Log message:
Add pf config to block unencrypted pings.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/21 07:15:34
Modified files:
regress/sbin/iked/live: Makefile
Log message:
Make test work with IPv6 addresses.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/21 02:03:39
Modified files:
sbin/iked : iked.h ikev2.c ikev2_pld.c pfkey.c policy.c
Log message:
Handle TEMPORARY_FAILURE notification on IKESA rekeying.
If we rekey both the IKESA and an
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/21 01:54:43
Modified files:
sys/net: pfkeyv2.c
Log message:
Make sure to explicit_bzero() buffers holding sensitive SA data.
ok kn@, patrick@
On Mon, Jul 20, 2020 at 03:24:46PM -0600, Tobias Heider wrote:
> CVSROOT: /cvs
> Module name: src
> Changes by: to...@cvs.openbsd.org 2020/07/20 15:24:46
>
> Modified files:
> sbin/iked : parse.y
>
> Log message:
> Fix dst/src port configurat
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/20 15:24:46
Modified files:
sbin/iked : parse.y
Log message:
Fix dst/src port configuration bug with multiple flows.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/19 06:16:43
Modified files:
sbin/iked : pfkey.c
Log message:
Try to deal with no reply from PF_KEY on pfkey_sa_add.
ok markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/16 11:38:24
Modified files:
sbin/iked : ikev2.c
Log message:
Remove unused assignment.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/16 11:16:17
Modified files:
sbin/iked : ikev2.c policy.c
Log message:
Make sure to update policy dependant SA fields after policy_lookup().
ok kn@ patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/15 08:45:15
Modified files:
sbin/iked : ca.c iked.h ikev2.c
Log message:
Make CERT and CERTREQ payloads optional for public key authentication.
When using certificate authentication the CERT
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/14 15:11:54
Modified files:
sbin/iked : ikev2.c
Log message:
Properly clean up and dereference 'old' policy after failed lookup.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/10 14:17:39
Modified files:
sbin/iked : iked.conf.5
Log message:
Document which crypto transforms are enabled by default.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/08 15:35:35
Modified files:
sbin/iked : ikev2_msg.c
Log message:
Always try to retransmit on sendtofrom() errors to ensure the SA
is properly cleaned up in ikev2_msg_retransmit_timeout().
ok
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/07/07 11:33:40
Modified files:
sbin/isakmpd : ike_auth.c
Log message:
Fix shared DH secret length in log message.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/25 13:14:26
Modified files:
sbin/iked : ca.c
Log message:
Silence ca_validate_pubkey() error message for cert type
IKEV2_CERT_X509_CERT.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/25 07:05:59
Modified files:
sbin/iked : parse.y
Log message:
Rework 'ikeauth' configuration option. The key and cert checks in the config
parser aren't needed as they are checked at runtime
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/23 04:15:19
Modified files:
share/man/man4 : wg.4
Log message:
'wgkey (pub)' was renamed to 'wgpubkey'.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/23 04:03:49
Modified files:
sys/net: if_wg.c
Log message:
Enable MPSAFE start routine to keep encryption workers more active.
>From Jason A. Donenfeld"
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/23 03:35:17
Modified files:
sys/net: if_wg.c
Log message:
Increase TX mitigation backlog size for increased throughput.
>From Jason A. Donenfeld"
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/22 09:54:55
Modified files:
sys/dev/usb: umass_quirks.c
Log message:
Blacklist Ericsson F5521gw broadband modem.
ok sthen@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/22 09:52:39
Modified files:
sys/dev/usb: usbdevs.h usbdevs_data.h
Log message:
regen
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/22 09:49:37
Modified files:
sys/dev/usb: usbdevs
Log message:
Add Ericsson F5521gw Mobile Broadband Modem.
ok sthen@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/18 13:55:03
Modified files:
sbin/iked : eap.c
Log message:
Fix handling of short EAP-MSCHAP messages.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/17 13:41:04
Modified files:
sbin/iked : ca.c
Log message:
Fix length check in ca_getreq().
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/15 12:37:37
Modified files:
sbin/iked : ikev2.c
Log message:
Log errors with log_info and SPI prepended.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/09 15:53:26
Modified files:
sbin/iked : ikev2.c ikev2_pld.c
Log message:
Move AUTH_REQUEST SA state change from parser to IKE_AUTH exchange handler.
ok patrick@
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2020/06/07 13:54:52
Modified files:
faq: faq17.html
Log message:
Fix indentation
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2020/06/06 10:27:46
Modified files:
faq: faq17.html
Log message:
Drop 'rsa' from examples. iked should automatically figure out the right
authentication method.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/05 08:47:26
Modified files:
sbin/iked : parse.y
Log message:
Add default proposals for AES-GCM ciphers in IKE and ESP.
ok patrick@
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2020/06/04 02:51:51
Modified files:
faq: faq17.html
Log message:
server2.domain is the srcid for server2.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/03 11:56:42
Modified files:
sbin/iked : iked.h ikev2.c policy.c
Log message:
Pass sockaddr instead of sockaddr_storage to sa_address.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/02 13:37:47
Modified files:
sbin/iked : ikev2.c
Log message:
Don't leak authmsg.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/06/01 15:00:51
Modified files:
sbin/ipsecctl : pfkdump.c
Log message:
Fix "comparison of integers of different signs" warning.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/30 11:44:35
Modified files:
sbin/iked : ikev2.c
Log message:
Indentation style(9).
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/28 13:09:31
Modified files:
sbin/iked : ikev2.c
Log message:
Move duplicate SA negotiation code to ikev2_sa_negotiate_common().
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/26 14:24:31
Modified files:
sbin/iked : crypto.c iked.conf.5 iked.h ikev2.c ikev2.h
ikev2_msg.c parse.y policy.c
Log message:
Add AES-GCM mode ciphers (IANA IDs 19 and
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2020/05/18 09:36:40
Modified files:
faq: upgrade67.html
Log message:
Document IP stack 'host mode' changes.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/14 09:08:30
Modified files:
sbin/iked : crypto.c iked.h ikev2_msg.c
Log message:
Stricter return value checking for EVP_Cipher* calls.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/13 17:03:20
Modified files:
sbin/iked : policy.c
Log message:
Remove unnecessary logging messages.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/13 12:28:51
Modified files:
sbin/iked : iked.h pfkey.c
Log message:
Remove dead 'iked_flow' member 'flow_type'.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/11 14:11:35
Modified files:
sbin/iked : ikev2.c ikev2_pld.c policy.c
Log message:
Fix policy lookup edge case for simultaneous transport and tunnel mode SAs.
Only the initiator can use
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/09 13:23:17
Modified files:
sbin/iked : ikev2.c
Log message:
Log error notifications other than NO_PROPOSAL_CHOSEN
ok markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/08 13:33:13
Modified files:
sbin/iked : ca.c iked.h
Log message:
Remove unneccessary X509_NAME_oneline wrapper. Passing NULL as buf
does the same thing.
ok patrick@
CVSROOT:/cvs
Module name:www
Changes by: to...@cvs.openbsd.org 2020/05/07 04:50:18
Modified files:
. : 67.html
Log message:
Clean up ipsec(4) changes and move to separate section
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/02 07:01:37
Modified files:
sbin/iked : ikev2.c
Log message:
Use gettimeofday() instead of CLOCK_MONOTONIC in gettime(). The return value
is compared to one received via PFKEY which results in
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/01 15:07:06
Modified files:
sbin/iked : ikev2.c
Log message:
When initiating IKE SA rekeying, make sure to send a key from a mutual
DH group (as negotiated by IKE_SA_INIT) instead of one from
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/05/01 11:44:03
Modified files:
sbin/iked : iked.conf.5
Log message:
Clarify global 'set active' and 'set passive' options and how they
interact with the per-policy active/passive options.
ok kn@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/30 15:11:13
Modified files:
sbin/iked : parse.y
Log message:
Add ECDH groups and higher order MODP DH groups to default proposal.
ok sthen@, patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/29 10:09:11
Modified files:
sbin/iked : parse.y
Log message:
Remove trailing tab
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/29 08:55:21
Modified files:
sbin/iked : parse.y
Log message:
Missing whitespace.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/28 11:56:45
Modified files:
sbin/iked : policy.c
Log message:
The order of arguments to proposals_negotiate makes a difference.
'key->pol_proposals' should be the peer proposal as it is derived
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/28 09:18:52
Modified files:
sbin/iked : dh.c dh.h iked.conf.5 ikev2.h parse.y
Log message:
Remove support for insecure EC2N groups. Clarify which Diffie-Hellman
groups are not recommended to
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/27 16:40:09
Modified files:
sbin/iked : iked.conf.5
Log message:
Add curve25519 IANA group number.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/27 13:28:14
Modified files:
sbin/iked : ikev2_pld.c
Log message:
Log with SPI_SA().
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/26 12:21:53
Modified files:
sbin/iked : ikev2.c
Log message:
Fix leak of temporary ID ibufs on IKE SA rekey.
ok markus@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/26 10:55:47
Modified files:
sbin/iked : parse.y
Log message:
Only print valid rdomains. '-1' is used as default value and should
not be printed.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/25 12:38:22
Modified files:
usr.sbin/ikectl: ikectl.8
Log message:
Document 'ikectl show sa'.
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/24 15:20:52
Modified files:
sbin/iked : ikev2.c
Log message:
Add some useful log messages for the IKE handshake.
ok patrick@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/24 15:15:05
Modified files:
sbin/iked : ikev2.c ikev2_msg.c
Log message:
Log INFORMATIONAL messages with LOG_DEBUG. They are rarely useful for
debugging and fill up the logs.
ok patrick@ kn@
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/23 14:17:48
Modified files:
sbin/iked : iked.conf.5 iked.h ikev2.c parse.y pfkey.c
policy.c
Log message:
Add support for switching rdomain on IPsec
CVSROOT:/cvs
Module name:src
Changes by: to...@cvs.openbsd.org 2020/04/23 13:57:01
Modified files:
sbin/ipsecctl : pfkdump.c
Log message:
Support SADB_X_EXT_RDOMAIN extension in pfkey dump (-m).
ok markus@, patrick@
401 - 500 of 632 matches
Mail list logo