| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 1998-05-18 | first step to the setsockopt/getsockopt interface as described in | Niels Provos | |
| draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal userland key management applications when security services are requested. this is only for outgoing connections at the moment, incoming packets are not yet checked against the selected socket policy. | |||
| 1998-03-18 | Fix tunnel mode input processing (use ip4_input instead of ipe4_input), | Niels Provos | |
| fix some old code leftovers in ah_new_input (adjust to variable hash length), avoid double ip encapsulation in tunnel mode. Problems reportd by Petr Novak <petr@internet.cz>. | |||
| 1998-02-03 | bad types; wileyc@sekiya.twics.co.jp | Theo de Raadt | |
| 1997-10-02 | conditional error logging | Theo de Raadt | |
| 1997-09-28 | log() needs a \n | Theo de Raadt | |
| 1997-08-26 | indent | Theo de Raadt | |
| 1997-08-04 | No more crashes because of this bug (double m_freem(), essentially). | Angelos D. Keromytis | |
| 1997-07-31 | some indentation stuff | Theo de Raadt | |
| 1997-07-27 | expiration messages, fixes, updates, all sorts of things | Niklas Hallqvist | |
| 1997-07-18 | enablespi/disablespi in encap + print spi's in hostorder | Niels Provos | |
| 1997-07-14 | routes with zero spi can be used to avoid ipsec processing | Niels Provos | |
| 1997-07-11 | put old esp/ah and new esp/ah in different files. | Niels Provos | |
| generalised way of handling transforms. | |||
| 1997-07-01 | major restructuring | Niels Provos | |
| 1997-06-25 | hard and soft limits for SPI's per absolute timer, relative since establish, | Niels Provos | |
| relative since first use timers, packet and byte counters. notify key mgmt on soft limits. key mgmt can now specify limits. new encap messages: EMT_RESERVESPI, EMT_ENABLESPI, EMT_DISABLESPI | |||
| 1997-06-24 | handle IP options in AH + allow IP options in outgoing encapsulated packets | Niels Provos | |
| + usage counters for later use with keymanagement processes | |||
| 1997-06-16 | swap labels; adam@math.tau.ac.il | Theo de Raadt | |
| 1997-03-02 | Need to get a new pointer for the IP header after doing a pullup on the mbuf | Thorsten Lockert | |
| 1997-03-02 | Cosmetic changes. | Angelos D. Keromytis | |
| 1997-02-28 | Moved IPsec socket state to the PCB. | Angelos D. Keromytis | |
| 1997-02-28 | IPsec socket API hooks are in. | Angelos D. Keromytis | |
| 1997-02-20 | IPSEC package by John Ioannidis and Angelos D. Keromytis. Written in | Theo de Raadt | |
| Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz | |||
| 1996-07-29 | From FreeBSD (with slightly different sysctl names): | Jason Downs | |
| "... Allow the user to nominate one of three ranges of port numbers as candidates for selecting a local address to replace a zero port number. The ranges are selected via a setsockopt(s, IPPROTO_IP, IP_PORTRANGE, &arg) call. The three ranges are: default, high (to bypass firewalls) and low (to get a port below 1024). The default and high port ranges are sysctl settable under sysctl net.inet.ip.portrange.* [net.inet.ip.portfirst, net.inet.ip.portlast, net.inet.ip.porthifirst, and net.inet.ip.porthilast currently in OpenBSD.] This code also fixes a potential deadlock if the system accidently ran out of local port addresses. It'd drop into an infinite while loop. The secure port selection (for root) should reduce overheads and increase reliability of rlogin/rlogind/rsh/rshd if they are modified to take advantage of it." | |||
| 1996-03-04 | Initial commit of NetBSD 960217 netiso. | Michael Shalayeff | |
| all the rest is the fixes to the import by Niklas. | |||
| 1996-03-03 | From NetBSD: 960217 merge | Niklas Hallqvist | |
| 1996-01-25 | IP filter 3.0.1 | dm | |
| 1996-01-07 | from beurton@fnet.fr: Darren Reed's IP filter | dm | |
| 1995-10-18 | initial import of NetBSD tree | Theo de Raadt | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |