Age | Commit message (Collapse) | Author | |
---|---|---|---|
2001-06-11 | sync w/ netbsd | Michael Shalayeff | |
2001-06-09 | Not needed anymore. | Angelos D. Keromytis | |
2001-06-09 | Include cleanup. | Angelos D. Keromytis | |
2001-06-09 | Include cleanup | Angelos D. Keromytis | |
2001-06-09 | These don't need net_osdep.h | Angelos D. Keromytis | |
2001-06-09 | Whitespace cleanup. | Angelos D. Keromytis | |
2001-06-09 | By popular demand, protect from multiple inclusion, and fix to use the | Angelos D. Keromytis | |
same naming style. | |||
2001-06-08 | Only delete/modify flows with the IPSP_POLICY_STATIC flag if the appropriate | Angelos D. Keromytis | |
flag is set in the protocol message. | |||
2001-06-08 | Flag field for flows. | Angelos D. Keromytis | |
2001-06-08 | Unneeded, ok itojun@ | Angelos D. Keromytis | |
2001-06-08 | Move ifpromisc() from bpf.c to if.c, include cleanup. | Angelos D. Keromytis | |
2001-06-08 | Cut down on include files, although I think this file should just go | Angelos D. Keromytis | |
-- it serves no purpose at all. | |||
2001-06-08 | One more include cleanup, just to piss off Aaron :-) | Angelos D. Keromytis | |
2001-06-08 | Yet more include file cleanup. | Angelos D. Keromytis | |
2001-06-08 | Trim some unnecessary includes. | Angelos D. Keromytis | |
2001-06-08 | Fork out some of the code in pfkeyv2.c to pfkeyv2_convert.c, to make | Angelos D. Keromytis | |
the former more managable/readable (an almost impossible task). | |||
2001-06-07 | On a pfkeyv2_get(), allocate enough room for the extra stuff we store | Angelos D. Keromytis | |
in the SA. | |||
2001-06-07 | use faster arc4random() instead of get_random_bytes(); jason@ ok | Michael Shalayeff | |
2001-06-06 | in bridge_filter(), pullup hlen, not sizeof(struct ip); ok jason@ | jasoni | |
2001-06-05 | Allow boot -c to change number of gre devices. -moj ok angelos@ | Mats O Jansson | |
2001-06-05 | repair copyright notices for NRL & cmetz; cmetz | Theo de Raadt | |
2001-06-05 | Make our pfkeyv2.h more RFC2367 compliant. Also fix some backwards | Niklas Hallqvist | |
compatibility problems in isakmpd, at least 2.8 stable can compile current isakmpd now. angelos@ ok | |||
2001-06-04 | if_up() requires splnet(). sync with kame | Jun-ichiro itojun Hagino | |
2001-06-04 | adjust routing socket message (kernel -> user) to the right size. | Jun-ichiro itojun Hagino | |
with old code we may see junk at the end. sync with kame, 4.4BSD bug. | |||
2001-06-01 | Don't let packets that need IPsec crypto processing at the NIC be | Angelos D. Keromytis | |
bridge-broadcast; rather, turn off offloading for now. The IPsec stack will do its own crypto for subsequent packets, which will be broadcast. Once the bridge knows which interface to send packets for that MAC to, if that interface supports IPsec offloading it'll turn it back on. | |||
2001-05-30 | Add comments on what the credential types are. | Angelos D. Keromytis | |
2001-05-30 | MBOX->USERFQDN, noticed by markus@ | Angelos D. Keromytis | |
2001-05-30 | Import/export authentication information for SA. | Angelos D. Keromytis | |
2001-05-30 | Check the LOCAL_AUTH payload. | Angelos D. Keromytis | |
2001-05-30 | Add AUTH payload. | Angelos D. Keromytis | |
2001-05-30 | Remove ipf. Darren Reed has interpreted his (old, new, whichever) | Theo de Raadt | |
licence in a way that makes ipf not free according to the rules we established over 5 years ago, at www.openbsd.org/goals.html (and those same basic rules govern the other *BSD projects too). Specifically, Darren says that modified versions are not permitted. But software which OpenBSD uses and redistributes must be free to all (be they people or companies), for any purpose they wish to use it, including modification, use, peeing on, or even integration into baby mulching machines or atomic bombs to be dropped on Australia. Furthermore, we know of a number of companies using ipf with modification like us, who are now in the same situation, and we hope that some of them will work with us to fill this gap that now exists in OpenBSD (temporarily, we hope). | |||
2001-05-28 | add BIOC[GS]HDRCMPLT ioctl for BPF, to disable overwriting of link level ↵ | Dug Song | |
source address in forged frames. from NetBSD. art@ok | |||
2001-05-28 | IPSECv4 -> IPSEC | Angelos D. Keromytis | |
2001-05-28 | Copy the packet header only if the original mbuf had a packet header | Angelos D. Keromytis | |
(just general paranoia). | |||
2001-05-28 | No need for separate ESP/AH interface capabilities. | Angelos D. Keromytis | |
2001-05-28 | Interface capabilities (based on NetBSD, but merge ethercom and ifnet | Angelos D. Keromytis | |
capabilities into one, in the ifp). | |||
2001-05-27 | Initialize old mbuf chain head tags. | Angelos D. Keromytis | |
2001-05-27 | Fixup tags on old mbuf chain head. | Angelos D. Keromytis | |
2001-05-27 | Fixup old mbuf chain head. | Angelos D. Keromytis | |
2001-05-21 | Use a reference-counted structure for IPsec IDs and credentials, so we | Angelos D. Keromytis | |
can cheaply keep copies of them at the PCB. ok deraadt@ | |||
2001-05-17 | convert mbuf and cluster allocation to pool, mostly from NetBSD | Niels Provos | |
okay art@ miod@ | |||
2001-05-16 | No need to check M_WAIT/M_WAITOK malloc return values. (art@ ok) | Hakan Olsson | |
2001-05-11 | Check m_pullup() and m_pullup2() return for NULL, not 0; itojun@ ok | Aaron Campbell | |
2001-05-11 | check for 'fastroute' condition (like ip_input) in bridge_filter() and | Jason Wright | |
deal with it. | |||
2001-05-05 | Use the new M_* malloc types | Angelos D. Keromytis | |
2001-04-23 | s = splimp(); ... s = splimp(); ... splx(x); ... splx(s); is a bad idea. | Artur Grabowski | |
2001-04-19 | Include NUL-termination in identity extension length computation | Niklas Hallqvist | |
2001-04-14 | Minor changes, preparing for real socket-attached TDBs; also, more | Angelos D. Keromytis | |
information will be stored in the TDB. ok ho@ provos@ | |||
2001-04-06 | Move offsetof define into sys/param.h | Constantine Sapuntzakis | |
2001-04-04 | check for return value of ENODEV from ifpromisc(). This will happen | Jason Wright | |
at detach time when if_detach_ioctl() has been installed for an outgoing interface and does not represent an error. |