src - OpenBSD base system

Age	Commit message (Collapse)	Author
2004-06-26	Default enable udpencap. Add 'disable' sysctl to sysctl.conf. markus@ ok.	Hakan Olsson

2004-06-21	First step towards more sane time handling in the kernel -- this changes	Thorsten Lockert
	things such that code that only need a second-resolution uptime or wall time, and used to get that from time.tv_secs or mono_time.tv_secs now get this from separate time_t globals time_second and time_uptime. ok art@ niklas@ nordin@
2004-06-21	don't send UDP encapsulated packets w/o UDP header if encap is disabled; ok ho@	Markus Friedl

2003-12-02	UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt)	Markus Friedl
	ok deraadt@
2003-07-09	do not flip ip_len/ip_off in netinet stack. deraadt ok.	Jun-ichiro itojun Hagino
	(please test, especially PF portion)
2003-02-19	add a counter for times ipcomp is skipped because the packet is below the	Jason Wright
	minimum compression threshold.
2002-08-28	Fix a problem where passing NULL as a pointer with varargs does not promote	Per Fogelstrom
	NULL to full 64 bits on a 64 bit address system. Soultion is to add a (void *) cast before NULL. This makes a 64 bit MIPS kernel work and will probably help future 64 bit ports as well. OK from art@
2002-07-01	Move mtod() after the m_pullup() --- noted by sam@errno.com (who seems	Angelos D. Keromytis
	to be going over the IPsec code with a magnifying glass)
2002-06-19	Remove redundant address family check -- sam@errno.com	Angelos D. Keromytis

2002-06-09	whitespace	Jun-ichiro itojun Hagino

2002-02-19	IPsec is written ``IPsec'', not ``IPSec''.	Miod Vallat

2001-12-06	Use hzto() to handle overflow of (hz * timeout) cases --- when using	Angelos D. Keromytis
	extremely long SA expirations.
2001-08-08	Remove IPCOMP option, it's now part of IPSEC option. You still need to	Jean-Jacques Bernard-Gundol
	enable ipcomp via sysctl to use it. deraadt@ ok.
2001-07-05	IPComp support. angelos@ ok.	Jean-Jacques Bernard-Gundol

2001-06-26	KNF	Angelos D. Keromytis

2001-06-25	Copyright.	Angelos D. Keromytis

2001-06-24	path mtu discovery for ipsec. on receiving a need fragment icmp match	Niels Provos
	against active tdb and store the ipsec header size corrected mtu
2001-06-08	Trim include files.	Angelos D. Keromytis

2001-05-30	Update to match prototypes.	Angelos D. Keromytis

2001-05-29	Record last use time for SAs.	Angelos D. Keromytis

2001-05-28	Don't use IPV6_ENCAPSULATED, tags are used instead.	Angelos D. Keromytis

2001-05-27	New tags.	Angelos D. Keromytis

2001-05-22	Add an IPSEC_NEEDED tag if SKIPCRYPTO is set in the TDB	Angelos D. Keromytis

2001-05-20	Record outgoing SA processing, do loop detection.	Angelos D. Keromytis

2001-05-11	Check m_pullup() and m_pullup2() return for NULL, not 0; itojun@ ok	Aaron Campbell

2001-04-14	Minor changes, preparing for real socket-attached TDBs; also, more	Angelos D. Keromytis
	information will be stored in the TDB. ok ho@ provos@
2001-04-06	Move offsetof define into sys/param.h	Constantine Sapuntzakis

2001-03-28	Allow tdbi's to appear in mbufs throughout the stack; this allows	Angelos D. Keromytis
	security properties of the packets to be pushed up to the application (not done yet). Eventually, this will be turned into a packet attributes framework. Make sure tdbi's are free'd/cleared properly whenever drivers (or NFS) does weird things with mbufs.
2001-03-15	convert SA expirations to the new timeouts.	Michael Shalayeff
	simplifies expirations handling a lot. tdb_exp_timeout and tdb_soft_timeout are made consistant throughout the code to be a relative time offsets, just like first_use timeouts. tested on singlehost isakmpd setup. lots of dangling spaces and tabs removed. angelos@ ok
2000-09-19	SA bundles.	Angelos D. Keromytis

2000-09-19	Lots and lots of changes.	Angelos D. Keromytis