| Age | Commit message (Expand) | Author |
|---|
| 2015-12-09 | Remove plain DES encryption from IPsec. | Christian Weisgerber |
| 2015-07-17 | manage spd entries by using the radix api directly instead of | Bret Lambert |
| 2015-05-23 | introduce ipsec-id bundles and use them for ipsecflowinfo, | Markus Friedl |
| 2015-04-16 | remove unfinished/unused support for socket-attached ipsec-policies | Markus Friedl |
| 2015-04-16 | change {import,export}_identity so it can be used for policies; ok mikeb | Markus Friedl |
| 2015-04-14 | Remove support for storing credentials and auth information in the kernel. | Mike Belopuhov |
| 2015-04-13 | Now that if_input() set the receiving interface pointer on mbufs for us | Martin Pieuchot |
| 2015-03-26 | Remove bits of unfinished IPsec proxy support. DNS' KX records, anyone? | Mike Belopuhov |
| 2014-12-19 | unifdef INET in net code as a precursor to removing the pretend option. | Ted Unangst |
| 2014-11-25 | The proliferation of "struct route" in all its flavors didn't make | Martin Pieuchot |
| 2014-11-01 | Rename rtalloc1() into rtalloc(9) and convert its flags to only enable | Martin Pieuchot |
| 2014-10-14 | Use rtfree() instead of RTFREE(), NULLify some free'd route pointers and | Martin Pieuchot |
| 2014-09-27 | Kill rtalloc() and update rtalloc1() and rtalloc_mpath() to no longer | Martin Pieuchot |
| 2014-07-12 | add a size argument to free. will be used soon, but for now default to 0. | Ted Unangst |
| 2014-01-08 | Perform manual malloc/free of a large object in pfkeyv2_send() to | Theo de Raadt |
| 2013-08-21 | get rid of the copy argument in m_devget that let you provide an | David Gwynne |
| 2013-03-09 | re-arrange the pre-accounting of the objects in the buffer so it | Theo de Raadt |
| 2013-02-26 | Reserve space for source and destination addresses unconditionally rather | Stuart Henderson |
| 2012-12-28 | change the malloc(9) flags from M_DONTWAIT to M_NOWAIT; OK millert@ | Gleydson Soares |
| 2012-09-26 | add M_ZEROIZE as an mbuf flag, so copied PFKEY messages (with embedded keys) | Markus Friedl |
| 2012-09-20 | spltdb() was really just #define'd to be splsoftnet(); replace the former | Bret Lambert |
| 2012-03-28 | pfkey needs some p_p->ps_pid too. OK deraadt@ guenther@ | Claudio Jeker |
| 2011-01-12 | Never include SADB_X_EXT_REMOTE_AUTH (which is either a | Mike Belopuhov |
| 2010-10-06 | Retire Skipjack | Mike Belopuhov |
| 2010-09-27 | a pool_get() assuming that PR_NOWAIT is 0 (not anymore!); run into by naddy | Theo de Raadt |
| 2010-07-09 | Add support for using IPsec in multiple rdomains. | Reyk Floeter |
| 2010-07-01 | Allow to specify an alternative enc(4) interface for an SA. All | Reyk Floeter |
| 2008-05-09 | replace rtrequest() with corresponding rtrequest1() replacement. | Claudio Jeker |
| 2007-11-24 | some spelling fixes from Martynas Venckus | Jason McIntyre |
| 2007-09-13 | Convert MALLOC/FREE to malloc/free and use M_ZERO where applicable. | Hans-Joerg Hoexer |
| 2007-09-01 | since the | Henning Brauer |
| 2007-06-22 | export the flow/filter information attached to the SA, too; ok hshoexer@ | Markus Friedl |
| 2007-02-14 | Consistently spell FALLTHROUGH to appease lint. | Jonathan Gray |
| 2007-01-18 | allow kernels with TCP_SIGNATURE (aka tcp md5sig), but without IPSEC to | Henning Brauer |
| 2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter |
| 2006-06-16 | adjust functions dealing with the routing table to take a table ID as | Henning Brauer |
| 2006-05-06 | Fix bracketing messed up in KNF commit 1.86, allows sasyncd to reliably | Ryan Thomas McBride |
| 2005-12-06 | export ipip flows, too; ok hshoexer | Markus Friedl |
| 2005-06-01 | when dumping policies, skip those attached to a socket. | Hans-Joerg Hoexer |
| 2005-05-28 | Only protect IDs by suser() | Hans-Joerg Hoexer |
| 2005-05-27 | Must convert back from IPPROTO_x to SADB_SATYPE_x. hshoexer@ ok | Hakan Olsson |
| 2005-05-27 | Use export_flow() to wrap policies retrieved via sysctl in pfkey message | Hans-Joerg Hoexer |
| 2005-05-25 | AESCTR support for ESP (RFC 3686); ok hshoexer | Markus Friedl |
| 2005-05-24 | Make sure all fields in the SADB_DUMP header are zeroed properly. hshoexer@ ok. | Hakan Olsson |
| 2005-05-10 | support NULL encryption for ESP; ok hshoexer, ho | Markus Friedl |
| 2005-04-04 | Add sysctl for dumping the SPD | Hans-Joerg Hoexer |
| 2005-01-13 | protect pfkeyv2_dump_walker with spltdb(). Noticed by mpech@, thanks! | Hans-Joerg Hoexer |
| 2004-12-11 | SADB_X_EXT_LIFETIME_LASTUSE is always defined | Markus Friedl |
| 2004-12-11 | pass out the correct lifetime type on expire | Markus Friedl |
| 2004-12-11 | count SADB_REGISTER only once per socket | Markus Friedl |
