CVSROOT: /cvs Module name: src Changes by: to...@cvs.openbsd.org 2020/08/23 13:16:08
Modified files: sbin/iked : config.c iked.c iked.conf.5 iked.h ikev2.c parse.y policy.c types.h Log message: Add a new configuration option to limit the number of connections for each peer (identified by their 'dstid'). When 'set enforcesingleikesa' is enabled, each peer can only have one active IKE SA at a time. On successful authentication of a new connection, the old IKE SA is automatically deleted. ok patrick@