Age | Commit message (Collapse) | Author | |
---|---|---|---|
2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter | |
phase 2 traffic. this allows policy-based filtering of encrypted and unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and isakmpd.conf(5) for details and examples. this is work in progress and still needs some testing and feedback, but it is safe to put it in now. ok hshoexer@ | |||
2006-06-01 | observed by Naddy, found by claudio, strange constructs require strange defines | Todd T. Fries | |
.. fixes proto display for the non zero case ok claudio@ | |||
2006-05-30 | with Naddy prodding, claudio's peril sensitive glasses turning black, and | Todd T. Fries | |
msf@'s assistance with hexdumping, this bug was found. do NOT access the wrong union member (sockaddr_in) when using v6 addresses this fixes output errors when displaying v6 encap routes for ipsecctl, route, and recently netstat ok hshoexer@ markus@ claudio@ naddy@ | |||
2005-05-27 | Convert IPSP_IPSEC_x to SADB_X_FLOW_TYPE_x. hshoexer@ ok. | Hakan Olsson | |
2005-05-27 | Add export_flow() | Hans-Joerg Hoexer | |
ok ho markus | |||
2005-05-25 | AESCTR support for ESP (RFC 3686); ok hshoexer | Markus Friedl | |
2005-05-24 | Better SA state reporting. markus@, hshoexer@ ok. | Hakan Olsson | |
2005-05-10 | support NULL encryption for ESP; ok hshoexer, ho | Markus Friedl | |
2004-08-10 | Add SADB_X_EXT_LIFETIME_LASTUSE for use with isakmpd/DPD, adding this | Hakan Olsson | |
extends the bitmap to 64bits. Also repair SADB_GET. hshoexer@ ok. | |||
2004-06-24 | This moves access to wall and uptime variables in MI code, | Thorsten Lockert | |
encapsulating all such access into wall-defined functions that makes sure locking is done as needed. It also cleans up some uses of wall time vs. uptime some places, but there is sure to be more of these needed as well, particularily in MD code. Also, many current calls to microtime() should probably be changed to getmicrotime(), or to the {,get}microuptime() versions. ok art@ deraadt@ aaron@ matthieu@ beck@ sturm@ millert@ others "Oh, that is not your problem!" from miod@ | |||
2004-06-21 | make it possble to use IPsec over link-local address (policy table uses | Jun-ichiro itojun Hagino | |
sin6_scope_id, IPsec porion uses embedded form). beck ok | |||
2003-12-02 | UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt) | Markus Friedl | |
ok deraadt@ | |||
2003-07-24 | conform to RFC2367 on SADB_xx naming (local name must be prefixed with | Jun-ichiro itojun Hagino | |
SADB_X_xx) | |||
2003-07-24 | hmac-sha2-{256,384,512} support in AH/ESP auth. markus ok | Jun-ichiro itojun Hagino | |
2003-02-23 | typo in export_auth; ok ho@ | Markus Friedl | |
2003-02-16 | KNF | Theo de Raadt | |
2003-02-15 | skeleton support for LZS compression | Jason Wright | |
2002-06-09 | Export compression info only if the SA (xform) is initialized. | Angelos D. Keromytis | |
2002-06-07 | Detect wrap-around of timeout and set it to its maximum value. Hacky | Angelos D. Keromytis | |
way of getting the max value attributed to millert@ | |||
2002-06-07 | Add flow type arg to import_flow() | Hakan Olsson | |
2002-06-07 | While src is rarely NULL, ssrc might be. Fixes PR#2721. | Hakan Olsson | |
2002-05-31 | Move code out of pfkeyv2.c into import_flow() | Angelos D. Keromytis | |
2001-12-12 | Remember to add the current time...problem noticed by ho@ | Angelos D. Keromytis | |
2001-12-06 | Use hzto() to handle overflow of (hz * timeout) cases --- when using | Angelos D. Keromytis | |
extremely long SA expirations. | |||
2001-07-05 | IPComp. angelos@ ok. | Jean-Jacques Bernard-Gundol | |
2001-06-26 | KNF | Angelos D. Keromytis | |
2001-06-25 | Copyright update. | Angelos D. Keromytis | |
2001-06-23 | merge crypto/crypto{dev,}.h to crypto/cryptodev.h, to avoid name conflicts ↵ | Theo de Raadt | |
inside OpenSSL codebase | |||
2001-06-08 | Fork out some of the code in pfkeyv2.c to pfkeyv2_convert.c, to make | Angelos D. Keromytis | |
the former more managable/readable (an almost impossible task). |