| Age | Commit message (Expand) | Author |
|---|
| 2012-07-10 | use PFSTATE_SCRUBMASK | Henning Brauer |
| 2012-07-10 | Allow an implicit address family for af-to rules. If the address | Alexander Bluhm |
| 2012-07-10 | intermediate hack^Wugly "fix" to prevent spurious "scrub ()" prints | Henning Brauer |
| 2012-07-10 | set { ... } -> set ( ... ) | Henning Brauer |
| 2012-07-09 | Fix typo in warning message. | Lawrence Teo |
| 2012-07-09 | We always want to do unit conversions. So flags parameter of getuint() | Kenneth R Westerback |
| 2012-07-09 | I want some of what kjell was smoking 10 years ago when he added | Kenneth R Westerback |
| 2012-07-09 | Make 'swap' command work like fdisk(8) says -- you must supply two valid | Kenneth R Westerback |
| 2012-07-09 | Terminate with extreme prejudice the multiple timeout queuing | Kenneth R Westerback |
| 2012-07-09 | fix some of the confusion we have in pf regarding filter criteria vs | Henning Brauer |
| 2012-07-09 | Revert previous. | Kenneth R Westerback |
| 2012-07-09 | Use strtonum() instead of strtol() inside ask_num(). Many overflows | Kenneth R Westerback |
| 2012-07-08 | set_pid() does not need prompt string, low or high parameters. These | Kenneth R Westerback |
| 2012-07-08 | Disallow manual security associations that use AES-CTR, AES-GCM, | Christian Weisgerber |
| 2012-07-08 | New attempt to make the -P flag work with -ss, so that states can be | Lawrence Teo |
| 2012-07-08 | Split out an ask_pid() function rather than over-parameterizing the | Kenneth R Westerback |
| 2012-07-08 | Return EROFS when a read-write mount of a read-only sd(4) device | Kenneth R Westerback |
| 2012-07-08 | Call Xsetpid() to edit the partition type from Xedit() rather than | Kenneth R Westerback |
| 2012-07-08 | if you use nitems() in userland, you must define it yourself | Theo de Raadt |
| 2012-07-08 | Nuke useless EDIT() #define in Xsetpid. | Kenneth R Westerback |
| 2012-07-08 | Replace tricker atoi() and hand rolled parsing with strsep() and | Kenneth R Westerback |
| 2012-07-07 | copy&paste mistake in error message | Christian Weisgerber |
| 2012-07-07 | remove incorrect check in pfctl preventing set-tos for ipvshit. | Henning Brauer |
| 2012-07-07 | rename prio in struct pf_rule and related structs to set_prio so it is | Henning Brauer |
| 2012-07-07 | Replace atoi() with strtonum() where it's easy. Make related error | Kenneth R Westerback |
| 2012-07-05 | don't output "esn" string in the rule section as we can't use the | Mike Belopuhov |
| 2012-07-05 | when rekeying ike sa copy more info from the old one; | Mike Belopuhov |
| 2012-07-03 | Improve the key derivation function to produce correct keying material | Mike Belopuhov |
| 2012-07-02 | checking state flags make sense only when processing a response | Mike Belopuhov |
| 2012-07-02 | augment every sa_free call with a debugging log message | Mike Belopuhov |
| 2012-07-02 | Don't close IKE SA immediately after creating a new one when rekeying. | Mike Belopuhov |
| 2012-07-02 | a state machine is not worth the trouble when you've got a flag. doh! | Mike Belopuhov |
| 2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
| 2012-06-29 | Add missing ESN bits | Mike Belopuhov |
| 2012-06-29 | Print esn flag when dumping SAs with ESN enabled | Mike Belopuhov |
| 2012-06-28 | prevent salt_len overflow; reported by andrew nelless, ok otto, tedu | Mike Belopuhov |
| 2012-06-27 | leftover code re-enqueued the same item on the list multiple times | Mike Belopuhov |
| 2012-06-27 | prevent an endless loop | Mike Belopuhov |
| 2012-06-26 | Add some more paranoia and make code clearer. Check that the required | Kenneth R Westerback |
| 2012-06-26 | RFC 2132 says "Options containing NVT ASCII data SHOULD NOT include | Kenneth R Westerback |
| 2012-06-26 | improve ikev2_msg_retransmit_timeout | Mike Belopuhov |
| 2012-06-26 | close SA when IKE_SA_INIT or IKE_AUTH exchanges fail; | Mike Belopuhov |
| 2012-06-26 | compare exchange types as well when looking up a message; | Mike Belopuhov |
| 2012-06-25 | log all, not log-all; ok henning | Jason McIntyre |
| 2012-06-24 | Nuke interface_link_status() (check media status only) and use | Kenneth R Westerback |
| 2012-06-22 | Add initial support for retransmition timeouts and response retries. | Mike Belopuhov |
| 2012-06-22 | decouple timer initialization from timer_register | Mike Belopuhov |
| 2012-06-22 | Two 'ioctl() < 0' -> 'ioctl() == -1'. guenther@ says they're odd. | Kenneth R Westerback |
| 2012-06-22 | Set state to S_REBOOTING when calling state_reboot() and set state | Kenneth R Westerback |
| 2012-06-20 | Cancel all timeouts in state_reboot(), since we can get there from any state | Mark Kettenis |
