Age | Commit message (Collapse) | Author | |
---|---|---|---|
1999-04-11 | Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default. | Niklas Hallqvist | |
If you are going to use either of AH or ESP or both, enable these in /etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now named net.inet.ip.encdebug. Some corrected function signatures too. | |||
1999-02-24 | Update copyright; remove a few annoying debugging printfs. | Angelos D. Keromytis | |
Btw, OpenBSD hit 25000 commits a couple commits ago. | |||
1999-02-24 | Remove encap.h include; saner debugging printfs; fix buglets; work with | Angelos D. Keromytis | |
pfkeyv2. | |||
1998-11-25 | Add checks of packets getting to big after transforms. | Niklas Hallqvist | |
Also make sure some more error conditions get told to the caller. | |||
1998-05-18 | first step to the setsockopt/getsockopt interface as described in | Niels Provos | |
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal userland key management applications when security services are requested. this is only for outgoing connections at the moment, incoming packets are not yet checked against the selected socket policy. | |||
1997-11-24 | add ripemd-160 as authentication function. | Niels Provos | |
1997-11-04 | make it easier to add additional transforms. add blowfish and cast | Niels Provos | |
encryption. some more info for kernfs/ipsec. | |||
1997-07-14 | global byte counters. | Niels Provos | |
1997-07-11 | put old esp/ah and new esp/ah in different files. | Niels Provos | |
generalised way of handling transforms. | |||
1997-06-25 | hard and soft limits for SPI's per absolute timer, relative since establish, | Niels Provos | |
relative since first use timers, packet and byte counters. notify key mgmt on soft limits. key mgmt can now specify limits. new encap messages: EMT_RESERVESPI, EMT_ENABLESPI, EMT_DISABLESPI | |||
1997-06-20 | ah-sha1 + esp-3des + indentation | Niels Provos | |
1997-03-30 | no more 2(two) md5 libs in kernel! | Michael Shalayeff | |
tested for rnd(4).... should work for ip too, since it's the copy of ip_md*. use sys/md5k.h for protos.... std iface forever! hurray! | |||
1997-02-26 | I/O packet counters added. | Angelos D. Keromytis | |
1997-02-24 | Beautification. | Angelos D. Keromytis | |
1997-02-24 | OpenBSD tags + some prototyping police | Niklas Hallqvist | |
1997-02-20 | IPSEC package by John Ioannidis and Angelos D. Keromytis. Written in | Theo de Raadt | |
Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz |