CVSROOT: /cvs
Module name: src
Changes by: r...@cvs.openbsd.org 2017/03/27 04:06:41
Modified files:
sbin/iked : ca.c crypto.c iked.8 iked.conf.5 iked.h ikev2.c
ikev2.h ikev2_msg.c parse.y
Log message:
Add support for RFC4754 (ECDSA) and RFC7427 authentication.
These modes provide stronger and more flexible ways for
authentication: while RSA public key auth relies on SHA-1 hashes, the
news modes use SHA2-256 and up to SHA2-512 hashes.
Original diff from markus@ with patches from mikeb@ and me.
OK mikeb@ patrick@
