tangled
alpha
login
or
join now
jcs.org
/
openbsd-src
0
fork
atom
jcs's openbsd hax
openbsd
0
fork
atom
overview
issues
pulls
pipelines
openbsd-src
/
sbin
/
iked
/
at
fan
38 files
Makefile
Add experimental post-quantum hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519).
4 years ago
ca.c
Fix clean process shutdown by storing env globally like vmd and httpd do instead of getting it from p_ps. The old approach does not work anymore after the recent fork + exec update.
3 years ago
chap_ms.c
Upgrade to OpenSSL 1.1 compatible crypto API. Add additional checks where needed.
5 years ago
chap_ms.h
Switch iked to C99-style fixed-width integer types.
10 years ago
config.c
Consistently use uintXX_t from <stdint.h> instead of u_intXX_t.
3 years ago
control.c
Delete obsolete /* ARGSUSED */ lint comments.
3 years ago
crypto.c
i2d_ECDSA_SIG() may return a negative value in case of error. Do no use this as length in iked(8) _dsa_verify_prepare(). OK tobhe@ tb@
3 years ago
crypto_api.h
Add experimental post-quantum hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519).
4 years ago
crypto_hash.c
Add experimental post-quantum hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519).
4 years ago
dh.c
Consistently use uintXX_t from <stdint.h> instead of u_intXX_t.
3 years ago
dh.h
Add experimental post-quantum hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519).
4 years ago
eap.c
Include endian.h where needed for betohXX functions.
3 years ago
eap.h
Move all the EAP logic from a single branch in the message parsing code to somewhere past successful message verification, closer to where the other exchanges are handled. EAP is stll special, but this fits a lot better into the overall architecture.
5 years ago
genmap.sh
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
11 years ago
iked.8
add -V to usage(), and list it before -v in both SYNOPSIS and the options list;
4 years ago
iked.c
Fix clean process shutdown by storing env globally like vmd and httpd do instead of getting it from p_ps. The old approach does not work anymore after the recent fork + exec update.
3 years ago
iked.conf.5
add missing full stop;
3 years ago
iked.h
Fix clean process shutdown by storing env globally like vmd and httpd do instead of getting it from p_ps. The old approach does not work anymore after the recent fork + exec update.
3 years ago
ikev2.c
Fix possible leak of spibuf and flowbuf in error case.
3 years ago
ikev2.h
Add experimental post-quantum hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519).
4 years ago
ikev2_msg.c
Print size_t with %zu.
3 years ago
ikev2_pld.c
Print size_t with %zu.
3 years ago
imsg_util.c
Avoid calling ibuf_add() with NULL and zero length.
4 years ago
log.c
From a syslog perspective it does not make sense to log fatal and warn with the same severity. Switch log_warn() to LOG_ERR and keep fatal() at LOG_CRIT. OK reyk@ florian@
9 years ago
ocsp.c
Consistently use uintXX_t from <stdint.h> instead of u_intXX_t.
3 years ago
parse.y
Include an OpenIKED Vendor ID payload in the initial handshake. This will make it easier to handle interoperability problems with older versions in the future. The ID is constructed from the string "OpenIKED-" followed by the version number. Sending of the vendor ID payload can be disabled by specifying "set novendorid" in iked.conf(5).
3 years ago
pfkey.c
Fix potential leak of reply in error case.
3 years ago
policy.c
iked: garbage collect an unused counter variable to make clang 15 happier
3 years ago
print.c
Make proto config option accept a list to allow specifying multiple protocols for a single policy, e.g. "proto { ipencap, ipv6 }".
4 years ago
proc.c
Fix clean process shutdown by storing env globally like vmd and httpd do instead of getting it from p_ps. The old approach does not work anymore after the recent fork + exec update.
3 years ago
smult_curve25519_ref.c
Add support for Curve25519 using the public domain code that is found in OpenSSH. The "private use" DH group 1034 is based on the value that was picked by strongswan recently.
11 years ago
sntrup761.c
Add experimental post-quantum hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519).
4 years ago
sntrup761.sh
Add experimental post-quantum hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519).
4 years ago
timer.c
Disable the timer event before attempting to change it
9 years ago
types.h
Sync proc.c from vmd(8) to enabled fork + exec for all processes. This gives each process a fresh and unique address space to further improve randomization of ASLR and stack protector.
3 years ago
util.c
Remove dead assignments.
5 years ago
version.h
Bump to 7.2
3 years ago
vroute.c
Add support for configuring multiple name servers as roadwarrior client. This allows us to have a fallback in case one connection fails.
3 years ago
jcs.org