Age | Commit message (Expand) | Author |
2012-07-07 | copy&paste mistake in error message | Christian Weisgerber |
2012-07-07 | remove incorrect check in pfctl preventing set-tos for ipvshit. | Henning Brauer |
2012-07-07 | rename prio in struct pf_rule and related structs to set_prio so it is | Henning Brauer |
2012-07-07 | Replace atoi() with strtonum() where it's easy. Make related error | Kenneth R Westerback |
2012-07-05 | don't output "esn" string in the rule section as we can't use the | Mike Belopuhov |
2012-07-05 | when rekeying ike sa copy more info from the old one; | Mike Belopuhov |
2012-07-03 | Improve the key derivation function to produce correct keying material | Mike Belopuhov |
2012-07-02 | checking state flags make sense only when processing a response | Mike Belopuhov |
2012-07-02 | augment every sa_free call with a debugging log message | Mike Belopuhov |
2012-07-02 | Don't close IKE SA immediately after creating a new one when rekeying. | Mike Belopuhov |
2012-07-02 | a state machine is not worth the trouble when you've got a flag. doh! | Mike Belopuhov |
2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
2012-06-29 | Add missing ESN bits | Mike Belopuhov |
2012-06-29 | Print esn flag when dumping SAs with ESN enabled | Mike Belopuhov |
2012-06-28 | prevent salt_len overflow; reported by andrew nelless, ok otto, tedu | Mike Belopuhov |
2012-06-27 | leftover code re-enqueued the same item on the list multiple times | Mike Belopuhov |
2012-06-27 | prevent an endless loop | Mike Belopuhov |
2012-06-26 | Add some more paranoia and make code clearer. Check that the required | Kenneth R Westerback |
2012-06-26 | RFC 2132 says "Options containing NVT ASCII data SHOULD NOT include | Kenneth R Westerback |
2012-06-26 | improve ikev2_msg_retransmit_timeout | Mike Belopuhov |
2012-06-26 | close SA when IKE_SA_INIT or IKE_AUTH exchanges fail; | Mike Belopuhov |
2012-06-26 | compare exchange types as well when looking up a message; | Mike Belopuhov |
2012-06-25 | log all, not log-all; ok henning | Jason McIntyre |
2012-06-24 | Nuke interface_link_status() (check media status only) and use | Kenneth R Westerback |
2012-06-22 | Add initial support for retransmition timeouts and response retries. | Mike Belopuhov |
2012-06-22 | decouple timer initialization from timer_register | Mike Belopuhov |
2012-06-22 | Two 'ioctl() < 0' -> 'ioctl() == -1'. guenther@ says they're odd. | Kenneth R Westerback |
2012-06-22 | Set state to S_REBOOTING when calling state_reboot() and set state | Kenneth R Westerback |
2012-06-20 | Cancel all timeouts in state_reboot(), since we can get there from any state | Mark Kettenis |
2012-06-20 | no more boot_mac68k(8); | Jason McIntyre |
2012-06-20 | more mac68k bits for the attic | Matthew Dempsky |
2012-06-20 | Delete some more SUBDIR += mac68k. | Matthew Dempsky |
2012-06-04 | Rounding up a number of bytes in a bignum returned by the BN_num_bytes() | Mike Belopuhov |
2012-06-01 | revert previous, breaks tcpdump | Jonathan Gray |
2012-06-01 | Make the -P flag work with -ss, so that states can be printed with port | Lawrence Teo |
2012-05-31 | Clarify issues del (bridge command) vs delete (IP address command); | Theo de Raadt |
2012-05-31 | Let quotacheck work with duid based fstab. Missed one open() -> opendev() | Kenneth R Westerback |
2012-05-30 | more timer changes | Mike Belopuhov |
2012-05-30 | when changing peer's address in the SA, remove the old entry from the | Mike Belopuhov |
2012-05-30 | pass a file descriptor in the msg_fd instead of a function argument | Mike Belopuhov |
2012-05-29 | Fix tyop in error message; this was copied from/to umount(8)'s umount.c which... | Jasper Lievisse Adriaanse |
2012-05-29 | Make 'mount nfssrv:/path' without mount point work again : | Landry Breuil |
2012-05-29 | Fix typo in error message ("Cannot MNT PRC"->RPC) | Landry Breuil |
2012-05-29 | improve timer framework; will be needed soon | Mike Belopuhov |
2012-05-24 | don't increment the next expected message id when sending a response back. | Mike Belopuhov |
2012-05-23 | fixup from/to specification | Mike Belopuhov |
2012-05-23 | remove hardcoded values for esp and let ikev2_add_proposals decide | Mike Belopuhov |
2012-05-23 | factor out proposal matching code from ikev2_sa_negotiate and eliminate | Mike Belopuhov |
2012-05-14 | ansi. no binary change | Jonathan Gray |
2012-05-08 | When setting up NAT-T notify payloads, make sure to supply an | Mike Belopuhov |