| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2006-01-13 | Path MTU discovery for NAT-T. | Marco Pfatschbacher | |
| OK markus@, "looks good" hshoexer@ | |||
| 2005-11-24 | Remove kernfs, okay deraadt@. | Pedro Martelletto | |
| 2005-05-28 | Add SA replay counter synchronization to pfsync(4). Required for IPsec | Hakan Olsson | |
| failover gateways. ok mcbride@, "looks good" hshoexer@ | |||
| 2005-05-27 | long overdue snprintf cleanup in kernfs related code | Hans-Joerg Hoexer | |
| ok cloder | |||
| 2005-04-21 | handle return value of snprintf correctly | Hans-Joerg Hoexer | |
| ok deraadt@ | |||
| 2004-11-19 | Plug memory leak. Found by pat@. Thanks! | Hans-Joerg Hoexer | |
| ok myself markus@ | |||
| 2004-06-21 | First step towards more sane time handling in the kernel -- this changes | Thorsten Lockert | |
| things such that code that only need a second-resolution uptime or wall time, and used to get that from time.tv_secs or mono_time.tv_secs now get this from separate time_t globals time_second and time_uptime. ok art@ niklas@ nordin@ | |||
| 2004-04-14 | simpler ipsp_aux_match() API; ok henning, hshoexer | Markus Friedl | |
| 2004-03-31 | in gettdbbysrcdst(), allow matching with either src or dst beeing a wildcard | Henning Brauer | |
| (emtpy) entry ok markus@ | |||
| 2004-02-15 | check TDBF_INVALID for TCP MD5 SA lookups; ok mcbride, henning | Markus Friedl | |
| 2004-01-27 | in gettdbbysrcdst(): hash by SRC and lookup SA in the tdbsrc[] hash table | Markus Friedl | |
| with hshoexer@ | |||
| 2004-01-22 | add gettdbbysrcdst(), just like gettdb(), but compares tdb_src as well; ok ↵ | Markus Friedl | |
| mcbride@ | |||
| 2003-12-02 | UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt) | Markus Friedl | |
| ok deraadt@ | |||
| 2003-05-09 | string cleaning; ok tedu | Theo de Raadt | |
| 2003-05-06 | string cleaning; tedu ok | Theo de Raadt | |
| 2002-11-19 | Use queue.h macros | Jason Wright | |
| 2002-06-09 | whitespace | Jun-ichiro itojun Hagino | |
| 2002-06-09 | Comment out currently-unused code (it's there for the ethernet-ipsec | Angelos D. Keromytis | |
| cards, none of which we support at the moment). | |||
| 2002-05-31 | Move some common code to separate routines; also, fix the problem of | Angelos D. Keromytis | |
| using the same SA for different traffic classes. Now, different SAs will be renegotiated as needed. XXX It's a sub-optimal (but correct) solution, as it looks for an exact match -- it should be checking for subset/subnet. One of these days... | |||
| 2002-03-14 | First round of __P removal in sys | Todd C. Miller | |
| 2002-02-23 | Print compression algorithm name too. | Angelos D. Keromytis | |
| 2001-12-05 | KNF whack | Theo de Raadt | |
| 2001-10-03 | If the TDB doesn't have an attached src/dst ID, it can be used for any | Angelos D. Keromytis | |
| type of traffic. | |||
| 2001-09-05 | use %ll instead of %q | Theo de Raadt | |
| 2001-08-08 | Remove IPCOMP option, it's now part of IPSEC option. You still need to | Jean-Jacques Bernard-Gundol | |
| enable ipcomp via sysctl to use it. deraadt@ ok. | |||
| 2001-07-05 | IPComp support. angelos@ ok. | Jean-Jacques Bernard-Gundol | |
| 2001-06-27 | Minor nits. | Angelos D. Keromytis | |
| 2001-06-27 | Don't cache packets that hit policies -- we'll do that at the PCB for | Angelos D. Keromytis | |
| local packets. | |||
| 2001-06-26 | Keep the PFKEY sequence number at the TDB, plus a little bit of KNF | Angelos D. Keromytis | |
| 2001-06-26 | KNF | Angelos D. Keromytis | |
| 2001-06-25 | Copyright. | Angelos D. Keromytis | |
| 2001-06-24 | print mtu of tdb if discovered | Niels Provos | |
| 2001-06-24 | Print TDBF_USEDTUNNEL in ipsp_kern() | Angelos D. Keromytis | |
| 2001-06-23 | Having to update queue(3) for DLIST_* is a major PITA; thus, just use | Angelos D. Keromytis | |
| SLIST and be done with it. | |||
| 2001-06-23 | Use DLIST for tags. | Angelos D. Keromytis | |
| 2001-06-08 | Trim include files. | Angelos D. Keromytis | |
| 2001-06-07 | Simplify SPD logic (and correct some input cases). | Angelos D. Keromytis | |
| 2001-06-05 | That DPRINTF() is not needed. | Angelos D. Keromytis | |
| 2001-06-05 | Clear acquires only if TDB was established correctly. | Angelos D. Keromytis | |
| 2001-06-05 | Correct credential matching logic. | Angelos D. Keromytis | |
| 2001-06-04 | use a faster arc4random() for random spi generation; angelos@ ok | Michael Shalayeff | |
| 2001-06-01 | Merge two m_copydata() calls into one, and (hopefully) correct the | Angelos D. Keromytis | |
| self-describing padding verification. | |||
| 2001-06-01 | ipsp_parse_headers() goes down a list of IPv4/IPv6/AH/ESP headers and | Angelos D. Keromytis | |
| creates a tag for each of the ESP/AH headers. This will be used by IPsec-aware NIC device drivers that need to notify IPsec that crypto processing has already been done. There is an excessive amount of m_copydata() calls used by this routine, but there's no way around it that I can think of. | |||
| 2001-05-30 | IPSP_IDENTITY_MBOX -> IPSP_IDENTITY_FQDN, and print type of creds/auth | Angelos D. Keromytis | |
| in kernfs | |||
| 2001-05-30 | Free remote authentication material on TDB free. | Angelos D. Keromytis | |
| 2001-05-30 | Free local auth on TDB free. | Angelos D. Keromytis | |
| 2001-05-29 | Keep track of when a TDB was last marked/unmared as SKIPCRYPTO, and | Angelos D. Keromytis | |
| print the relevant information on KERNFS. | |||
| 2001-05-29 | Add ipsp_skipcrypto_{mark,unmark}() | Angelos D. Keromytis | |
| 2001-05-27 | ipsp_copy_ident() no longer needed. | Angelos D. Keromytis | |
| 2001-05-22 | Simplify option printing. ok deraadt@ | Angelos D. Keromytis | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |