src - OpenBSD base system

Age	Commit message (Collapse)	Author
2005-06-09	note that nwid and essid are synonymous;	Jason McIntyre
	from walter goulet and clarified by reyk@
2005-06-09	print the interface address on route get; ok henning, claudio	Markus Friedl

2005-06-08	netns crap i missed earlier... damn unreliable tools	Henning Brauer

2005-06-07	move description of the default groups to the ifconfog manpage	Henning Brauer
	netintro should only give an intro, not the glory details :) theo ok
2005-06-07	don't include ccitt headers (were not used anyway)	Henning Brauer

2005-06-06	parse local/remote credential payload types.	Hans-Joerg Hoexer

2005-06-06	get rid of another leftover from the src routing adventure	Henning Brauer

2005-06-04	undo last commit, all memory is already freed by udp_remove()	Hans-Joerg Hoexer
	ok cloder
2005-06-04	Clarify that for -i/-R only paths beginning with /var/run are valid.	Hans-Joerg Hoexer

2005-06-02	unbreak port floating, noticed by sean at obstacle9 dot com	Hans-Joerg Hoexer
	ok cloder
2005-06-02	Make buf_add a no-op if length == 0. OK henning	Chad Loder

2005-06-02	expand the section on pki:	Jason McIntyre
	- list different methods available - document key-based method - move x509-based into its own section - add keynote stub section ok hshoexer@
2005-06-01	Fix memory leak. OK hshoexer	Chad Loder

2005-06-01	Fix memory leaks. OK hshoexer	Chad Loder

2005-06-01	This file is outdated, everything needed for setting up PKI is in the man pages	Hans-Joerg Hoexer
	now. noticed by david@ ok ho markus
2005-06-01	snprintf returns an int, not a size_t. OK deraadt@	Chad Loder

2005-05-31	grammar;	Jason McIntyre

2005-05-31	tidy up the trunk stuff;	Jason McIntyre

2005-05-31	fix a typo, touch-pannel -> touch-panel	Brad Smith
	From: Chris Kuethe via PR 4232
2005-05-31	certpatch is gone, noticed by david@	Hans-Joerg Hoexer

2005-05-29	robustness against malformed snames.	marius eriksen
	ok henning@
2005-05-28	ooops	Hans-Joerg Hoexer

2005-05-28	Remove current state code, it's bogus. We'll redo this.	Hans-Joerg Hoexer
	suggested by and ok moritz
2005-05-28	do sanity checking on directoy entries. ok hshoexer@	Moritz Jodeit

2005-05-28	Cleanup sample configurations a bit; more AES, less MD5, remove fields we	Hakan Olsson
	no longer require etc. Also add a 9-line "default" config sample.
2005-05-28	introduce new readdir implementation for the monitor.	Moritz Jodeit
	testing and ok hshoexer@
2005-05-28	make path checking in the monitor a lot easier. ok hshoexer@	Moritz Jodeit

2005-05-28	don't print the "[ Inserted: uid pid ]" line when -g is used, so the	Daniel Hartmeier
	regress tests don't have to deal with it (and it's a useless thing to check from there).
2005-05-27	Use rtm_fmask instead of rtm_use	Ryan Thomas McBride
	ok marius@ claudio@
2005-05-27	Hide Hostid and Checksum in pfctl -si output unless the -v flag is used.	Ryan Thomas McBride
	Prodded by henning@
2005-05-27	Calculate an MD5 checksum over the main pf ruleset.	Marco Pfatschbacher
	This is the basis for further pfsync improvements, to ensure that pf rules are in sync with the master. "get it in" mcbride@
2005-05-27	Make monitor.c use unsigned lengths in messages. Makes this compile	Chad Loder
	with -Wsign-compare. OK and a little testing by hshoexer, OK moritz Now it's anil's turn to do some of this somewhere else
2005-05-27	filtering on ruleset name is already implemented, document it.	Daniel Hartmeier

2005-05-27	show flow type (require, use, etc.)	Hans-Joerg Hoexer

2005-05-27	Additional paranoia. OK hshoexer	Chad Loder

2005-05-27	Use SADB_SATYPE_* instead of IPPROTO_*	Hans-Joerg Hoexer

2005-05-27	get rid of 'log-all'. now that we have 'log (options)', make 'all' an	Daniel Hartmeier
	option to log. so, 'log-all' becomes 'log (all)'.
2005-05-27	get rid of shift/reduce conflicts, don't support empty logopts	Daniel Hartmeier

2005-05-27	log two pairs of uid/pid through pflog: the uid/pid of the process that	Daniel Hartmeier
	inserted the rule which causes the logging. secondly, the uid/pid of the process in case the logged packet is delivered to/from a local socket. a lookup of the local socket can be forced for logged packets with a new option, 'log (user)'. make tcpdump print the additional information when -e and -v is used. note: this changes the pflog header struct, rebuild all dependancies. ok bob@, henning@.
2005-05-27	When looping over pfkey messages, make sure extension length is > 0.	Hans-Joerg Hoexer
	While around, do some minor tweaks in a not yet used code path.
2005-05-27	use new sysctl to retrieve flow informations including IDs	Hans-Joerg Hoexer

2005-05-27	o only pass signals from monitor to slave when pid is valid	Moritz Jodeit
	o remove some unused monitor command with and ok hshoexer
2005-05-27	move m_state.s directly into must_{read,write} instead of passing	Moritz Jodeit
	it every time as an argument. ok cloder@ hshoexer@
2005-05-27	remove unused table	Hans-Joerg Hoexer

2005-05-27	Support for dumping the SADB.	Hans-Joerg Hoexer

2005-05-27	Experimental support for opportunitic use of jumbograms where only some hosts	Ryan Thomas McBride
	on the local network support them. This adds a new socket option, SO_JUMBO, and a new route flag, RTF_JUMBO. If _both_ the socket option is set and the route for the host has RTF_JUMBO set, ip_output will fragment the packet to the largest possible size for the link, ignoring the card's MTU. The semantics of this feature will be evolving rapidly; talk to us if you intend to use it. ok deraadt@ marius@
2005-05-27	guarantee nul-termination in the monitor, we must. ok cloder@ hshoexer@	Moritz Jodeit

2005-05-27	allow 'tagged' in 'anchor' rules (without complaining about missing	Daniel Hartmeier
	'keep state'), as a condition to branch into the anchor. suggested by Bill Marquette.
2005-05-26	simplify read/write between child and monitor	Hans-Joerg Hoexer
	help and ok cloder moritz
2005-05-26	Add ARGSUSED for lint, one comment for me	Hans-Joerg Hoexer