summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_esp.c
AgeCommit message (Collapse)Author
1998-06-10make the packets which were successfully processed by IPSec available toNiels Provos
bpf via the enc0 interface, using linktype DLT_ENC.
1998-05-24avoid source address spoofing for mutual hostile hosts which have SAs toNiels Provos
us, reported by Craig Metz <cmetz@inner.net>.
1998-05-18first step to the setsockopt/getsockopt interface as described inNiels Provos
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal userland key management applications when security services are requested. this is only for outgoing connections at the moment, incoming packets are not yet checked against the selected socket policy.
1997-11-04make it easier to add additional transforms. add blowfish and castNiels Provos
encryption. some more info for kernfs/ipsec.
1997-10-02conditional error loggingTheo de Raadt
1997-09-28log() needs a \nTheo de Raadt
1997-07-27expiration messages, fixes, updates, all sorts of thingsNiklas Hallqvist
1997-07-18enablespi/disablespi in encap + print spi's in hostorderNiels Provos
1997-07-11put old esp/ah and new esp/ah in different files.Niels Provos
generalised way of handling transforms.
1997-07-01major restructuringNiels Provos
1997-06-25hard and soft limits for SPI's per absolute timer, relative since establish,Niels Provos
relative since first use timers, packet and byte counters. notify key mgmt on soft limits. key mgmt can now specify limits. new encap messages: EMT_RESERVESPI, EMT_ENABLESPI, EMT_DISABLESPI
1997-06-21u_int32_t changes, need testingTheo de Raadt
1997-06-20ah-sha1 + esp-3des + indentationNiels Provos
1997-02-26count input/output packets for espTheo de Raadt
1997-02-24OpenBSD tags + some prototyping policeNiklas Hallqvist
1997-02-20IPSEC package by John Ioannidis and Angelos D. Keromytis. Written inTheo de Raadt
Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz