CVSROOT: /cvs
Module name: src
Changes by: to...@cvs.openbsd.org 2020/08/23 13:16:08
Modified files:
sbin/iked : config.c iked.c iked.conf.5 iked.h ikev2.c
parse.y policy.c types.h
Log message:
Add a new configuration option to limit the number of connections for
each peer (identified by their 'dstid'). When 'set enforcesingleikesa'
is enabled, each peer can only have one active IKE SA at a time.
On successful authentication of a new connection, the old IKE SA is
automatically deleted.
ok patrick@
