| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2001-06-08 | Move ifpromisc() from bpf.c to if.c, include cleanup. | Angelos D. Keromytis | |
| 2001-06-08 | Cut down on include files, although I think this file should just go | Angelos D. Keromytis | |
| -- it serves no purpose at all. | |||
| 2001-06-08 | One more include cleanup, just to piss off Aaron :-) | Angelos D. Keromytis | |
| 2001-06-08 | Yet more include file cleanup. | Angelos D. Keromytis | |
| 2001-06-08 | Trim some unnecessary includes. | Angelos D. Keromytis | |
| 2001-06-08 | Fork out some of the code in pfkeyv2.c to pfkeyv2_convert.c, to make | Angelos D. Keromytis | |
| the former more managable/readable (an almost impossible task). | |||
| 2001-06-07 | On a pfkeyv2_get(), allocate enough room for the extra stuff we store | Angelos D. Keromytis | |
| in the SA. | |||
| 2001-06-07 | use faster arc4random() instead of get_random_bytes(); jason@ ok | Michael Shalayeff | |
| 2001-06-06 | in bridge_filter(), pullup hlen, not sizeof(struct ip); ok jason@ | jasoni | |
| 2001-06-05 | Allow boot -c to change number of gre devices. -moj ok angelos@ | Mats O Jansson | |
| 2001-06-05 | repair copyright notices for NRL & cmetz; cmetz | Theo de Raadt | |
| 2001-06-05 | Make our pfkeyv2.h more RFC2367 compliant. Also fix some backwards | Niklas Hallqvist | |
| compatibility problems in isakmpd, at least 2.8 stable can compile current isakmpd now. angelos@ ok | |||
| 2001-06-04 | if_up() requires splnet(). sync with kame | Jun-ichiro itojun Hagino | |
| 2001-06-04 | adjust routing socket message (kernel -> user) to the right size. | Jun-ichiro itojun Hagino | |
| with old code we may see junk at the end. sync with kame, 4.4BSD bug. | |||
| 2001-06-01 | Don't let packets that need IPsec crypto processing at the NIC be | Angelos D. Keromytis | |
| bridge-broadcast; rather, turn off offloading for now. The IPsec stack will do its own crypto for subsequent packets, which will be broadcast. Once the bridge knows which interface to send packets for that MAC to, if that interface supports IPsec offloading it'll turn it back on. | |||
| 2001-05-30 | Add comments on what the credential types are. | Angelos D. Keromytis | |
| 2001-05-30 | MBOX->USERFQDN, noticed by markus@ | Angelos D. Keromytis | |
| 2001-05-30 | Import/export authentication information for SA. | Angelos D. Keromytis | |
| 2001-05-30 | Check the LOCAL_AUTH payload. | Angelos D. Keromytis | |
| 2001-05-30 | Add AUTH payload. | Angelos D. Keromytis | |
| 2001-05-30 | Remove ipf. Darren Reed has interpreted his (old, new, whichever) | Theo de Raadt | |
| licence in a way that makes ipf not free according to the rules we established over 5 years ago, at www.openbsd.org/goals.html (and those same basic rules govern the other *BSD projects too). Specifically, Darren says that modified versions are not permitted. But software which OpenBSD uses and redistributes must be free to all (be they people or companies), for any purpose they wish to use it, including modification, use, peeing on, or even integration into baby mulching machines or atomic bombs to be dropped on Australia. Furthermore, we know of a number of companies using ipf with modification like us, who are now in the same situation, and we hope that some of them will work with us to fill this gap that now exists in OpenBSD (temporarily, we hope). | |||
| 2001-05-28 | add BIOC[GS]HDRCMPLT ioctl for BPF, to disable overwriting of link level ↵ | Dug Song | |
| source address in forged frames. from NetBSD. art@ok | |||
| 2001-05-28 | IPSECv4 -> IPSEC | Angelos D. Keromytis | |
| 2001-05-28 | Copy the packet header only if the original mbuf had a packet header | Angelos D. Keromytis | |
| (just general paranoia). | |||
| 2001-05-28 | No need for separate ESP/AH interface capabilities. | Angelos D. Keromytis | |
| 2001-05-28 | Interface capabilities (based on NetBSD, but merge ethercom and ifnet | Angelos D. Keromytis | |
| capabilities into one, in the ifp). | |||
| 2001-05-27 | Initialize old mbuf chain head tags. | Angelos D. Keromytis | |
| 2001-05-27 | Fixup tags on old mbuf chain head. | Angelos D. Keromytis | |
| 2001-05-27 | Fixup old mbuf chain head. | Angelos D. Keromytis | |
| 2001-05-21 | Use a reference-counted structure for IPsec IDs and credentials, so we | Angelos D. Keromytis | |
| can cheaply keep copies of them at the PCB. ok deraadt@ | |||
| 2001-05-17 | convert mbuf and cluster allocation to pool, mostly from NetBSD | Niels Provos | |
| okay art@ miod@ | |||
| 2001-05-16 | No need to check M_WAIT/M_WAITOK malloc return values. (art@ ok) | Hakan Olsson | |
| 2001-05-11 | Check m_pullup() and m_pullup2() return for NULL, not 0; itojun@ ok | Aaron Campbell | |
| 2001-05-11 | check for 'fastroute' condition (like ip_input) in bridge_filter() and | Jason Wright | |
| deal with it. | |||
| 2001-05-05 | Use the new M_* malloc types | Angelos D. Keromytis | |
| 2001-04-23 | s = splimp(); ... s = splimp(); ... splx(x); ... splx(s); is a bad idea. | Artur Grabowski | |
| 2001-04-19 | Include NUL-termination in identity extension length computation | Niklas Hallqvist | |
| 2001-04-14 | Minor changes, preparing for real socket-attached TDBs; also, more | Angelos D. Keromytis | |
| information will be stored in the TDB. ok ho@ provos@ | |||
| 2001-04-06 | Move offsetof define into sys/param.h | Constantine Sapuntzakis | |
| 2001-04-04 | check for return value of ENODEV from ifpromisc(). This will happen | Jason Wright | |
| at detach time when if_detach_ioctl() has been installed for an outgoing interface and does not represent an error. | |||
| 2001-03-30 | increase ierrors if m_pullup fails in vlan_input(); pointed out by chris@ | Jason Wright | |
| 2001-03-28 | Allow tdbi's to appear in mbufs throughout the stack; this allows | Angelos D. Keromytis | |
| security properties of the packets to be pushed up to the application (not done yet). Eventually, this will be turned into a packet attributes framework. Make sure tdbi's are free'd/cleared properly whenever drivers (or NFS) does weird things with mbufs. | |||
| 2001-03-28 | $OpenBSD$ | Jason Wright | |
| 2001-03-28 | Rework vlan_start() to make sure it -never- munges the packet internals (eg. | Jason Wright | |
| shared mbuf clusters) Revert the deleted m_adj() call in vlan_input() back to inline mbuf manipulation, all of the checks really are there by API/convention. | |||
| 2001-03-27 | Fix a problem with how TDB timeouts were used in pfkeyv2. | Artur Grabowski | |
| When we allocated a tdb we did a timeout_add before a timeout_set. This was a problem in itself, but it shouldn't hurt too much. What did hurt was that we did a timeout_set after the timeout_add, timeout_set marked the timeout as not being on the timeout list and if we did a timeout_del (or timeout_add) later (before the timeout fired) we ended up with a chunk of freed memory on the timeout queue or maybe even dangling pointers (or a circular list). This should probably cure the timeout queue corruption some people were seeing lately. | |||
| 2001-03-26 | Fix bug I introduced... if m_pullup fails, don't try to free the result. | Jason Wright | |
| 2001-03-26 | - move if_vlan back to a default if_type of IFT_PROPVIRTUAL | Jason Wright | |
| - change if_type to match parent at vlan_configure time - comment typo - implement promiscuous mode for vlan interfaces (from NetBSD) - change if_flags inheritance mask to UP|BROADCAST|SIMPLE|MULTICAST (upshot of all this: bridging vlan interfaces works, with some limitations... documentation soon) | |||
| 2001-03-25 | Missing splx(s). Thanks to dawson and team | Constantine Sapuntzakis | |
| 2001-03-25 | Minor bug. Could corrupt stat counters | Constantine Sapuntzakis | |
| 2001-03-25 | Don't set pbp to point to free memory. Thanks to Dawson Engler and team | Constantine Sapuntzakis | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |