Age | Commit message (Expand) | Author |
2012-07-09 | fix some of the confusion we have in pf regarding filter criteria vs | Henning Brauer |
2012-07-09 | Revert previous. | Kenneth R Westerback |
2012-07-09 | Use strtonum() instead of strtol() inside ask_num(). Many overflows | Kenneth R Westerback |
2012-07-08 | set_pid() does not need prompt string, low or high parameters. These | Kenneth R Westerback |
2012-07-08 | Disallow manual security associations that use AES-CTR, AES-GCM, | Christian Weisgerber |
2012-07-08 | New attempt to make the -P flag work with -ss, so that states can be | Lawrence Teo |
2012-07-08 | Split out an ask_pid() function rather than over-parameterizing the | Kenneth R Westerback |
2012-07-08 | Return EROFS when a read-write mount of a read-only sd(4) device | Kenneth R Westerback |
2012-07-08 | Call Xsetpid() to edit the partition type from Xedit() rather than | Kenneth R Westerback |
2012-07-08 | if you use nitems() in userland, you must define it yourself | Theo de Raadt |
2012-07-08 | Nuke useless EDIT() #define in Xsetpid. | Kenneth R Westerback |
2012-07-08 | Replace tricker atoi() and hand rolled parsing with strsep() and | Kenneth R Westerback |
2012-07-07 | copy&paste mistake in error message | Christian Weisgerber |
2012-07-07 | remove incorrect check in pfctl preventing set-tos for ipvshit. | Henning Brauer |
2012-07-07 | rename prio in struct pf_rule and related structs to set_prio so it is | Henning Brauer |
2012-07-07 | Replace atoi() with strtonum() where it's easy. Make related error | Kenneth R Westerback |
2012-07-05 | don't output "esn" string in the rule section as we can't use the | Mike Belopuhov |
2012-07-05 | when rekeying ike sa copy more info from the old one; | Mike Belopuhov |
2012-07-03 | Improve the key derivation function to produce correct keying material | Mike Belopuhov |
2012-07-02 | checking state flags make sense only when processing a response | Mike Belopuhov |
2012-07-02 | augment every sa_free call with a debugging log message | Mike Belopuhov |
2012-07-02 | Don't close IKE SA immediately after creating a new one when rekeying. | Mike Belopuhov |
2012-07-02 | a state machine is not worth the trouble when you've got a flag. doh! | Mike Belopuhov |
2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
2012-06-29 | Add missing ESN bits | Mike Belopuhov |
2012-06-29 | Print esn flag when dumping SAs with ESN enabled | Mike Belopuhov |
2012-06-28 | prevent salt_len overflow; reported by andrew nelless, ok otto, tedu | Mike Belopuhov |
2012-06-27 | leftover code re-enqueued the same item on the list multiple times | Mike Belopuhov |
2012-06-27 | prevent an endless loop | Mike Belopuhov |
2012-06-26 | Add some more paranoia and make code clearer. Check that the required | Kenneth R Westerback |
2012-06-26 | RFC 2132 says "Options containing NVT ASCII data SHOULD NOT include | Kenneth R Westerback |
2012-06-26 | improve ikev2_msg_retransmit_timeout | Mike Belopuhov |
2012-06-26 | close SA when IKE_SA_INIT or IKE_AUTH exchanges fail; | Mike Belopuhov |
2012-06-26 | compare exchange types as well when looking up a message; | Mike Belopuhov |
2012-06-25 | log all, not log-all; ok henning | Jason McIntyre |
2012-06-24 | Nuke interface_link_status() (check media status only) and use | Kenneth R Westerback |
2012-06-22 | Add initial support for retransmition timeouts and response retries. | Mike Belopuhov |
2012-06-22 | decouple timer initialization from timer_register | Mike Belopuhov |
2012-06-22 | Two 'ioctl() < 0' -> 'ioctl() == -1'. guenther@ says they're odd. | Kenneth R Westerback |
2012-06-22 | Set state to S_REBOOTING when calling state_reboot() and set state | Kenneth R Westerback |
2012-06-20 | Cancel all timeouts in state_reboot(), since we can get there from any state | Mark Kettenis |
2012-06-20 | no more boot_mac68k(8); | Jason McIntyre |
2012-06-20 | more mac68k bits for the attic | Matthew Dempsky |
2012-06-20 | Delete some more SUBDIR += mac68k. | Matthew Dempsky |
2012-06-04 | Rounding up a number of bytes in a bignum returned by the BN_num_bytes() | Mike Belopuhov |
2012-06-01 | revert previous, breaks tcpdump | Jonathan Gray |
2012-06-01 | Make the -P flag work with -ss, so that states can be printed with port | Lawrence Teo |
2012-05-31 | Clarify issues del (bridge command) vs delete (IP address command); | Theo de Raadt |
2012-05-31 | Let quotacheck work with duid based fstab. Missed one open() -> opendev() | Kenneth R Westerback |
2012-05-30 | more timer changes | Mike Belopuhov |