Age | Commit message (Collapse) | Author | |
---|---|---|---|
1999-09-03 | inet_ntoa4 should manage 4-calls, not just 2 | Hakan Olsson | |
1999-09-01 | increase tcp_iss increment | Niels Provos | |
1999-08-31 | correctly update window information | Niels Provos | |
1999-08-27 | more SACK hole validity testing; fix a tcp seq arithmetic bug. cmetz and me. | Niels Provos | |
1999-08-27 | Disable SACK for now, it has problems, deraadt@ | Todd C. Miller | |
1999-08-26 | add an inner xor to make prediction attacks against the ids harder, due | Niels Provos | |
to an attack pointed out by David Wagner. | |||
1999-08-10 | Add tdb_satype (PF_KEY SADB_SATYPE_<XXX>) to struct tdb | Hakan Olsson | |
1999-08-08 | undeclared variable | Niklas Hallqvist | |
1999-08-08 | Fix cases when wanting to communicate with the bridge' | Niklas Hallqvist | |
s remote interfaces, both ARP and local delivery had bugs | |||
1999-08-08 | Support detaching of network interfaces. Still work to do in ipf, and | Niklas Hallqvist | |
other families than inet. | |||
1999-08-06 | back out all recent changes, which continue to be a source for nasty bugs | Theo de Raadt | |
1999-08-05 | Add tdb_walk. tdb_delete() should clean up routes when deleting flows. | Hakan Olsson | |
1999-08-02 | Ethernet, not 10 Mb/s Ethernet | Theo de Raadt | |
1999-07-28 | Moved the m_data/m_len shave of IP and TCP headers back to its original | cmetz | |
location, as attempts to do it differently have caused too many problems. | |||
1999-07-22 | Revert to 1.21 | Niklas Hallqvist | |
1999-07-22 | Reintroduce rev 1.41 which brings us TCP signatures again, but this time | Niklas Hallqvist | |
hopefully without random kernel data corruption. | |||
1999-07-18 | Prevent host on one interface from overwriting ARP route entry for a | Hakan Olsson | |
host on a different interface. Also add interface name to other overwrite diagnostic messages. | |||
1999-07-18 | use proper C | Theo de Raadt | |
1999-07-17 | revert tcp_input.c to before 07/01/1999 - this seems to solve the mysterious | Niels Provos | |
data corruptions and panics that people have experienced. by reverting we loose tcp signatures and ipv6 cleanups, the code looked correct to me. | |||
1999-07-17 | A good hashing function for IPsec SAs that should remove the risks | Niklas Hallqvist | |
of running out of memory when adding SPIs. | |||
1999-07-15 | Protect better against rehashing make the kernel run out of resources | Niklas Hallqvist | |
1999-07-15 | From angelos@, edits by me, demand keying for PF_KEY | Niklas Hallqvist | |
1999-07-13 | correct non-STDC case | Theo de Raadt | |
1999-07-06 | ipsec_in_use could get out of sync. (Also niklas@. angelos@ ok) | Hakan Olsson | |
1999-07-06 | Added support for TCP MD5 option (RFC 2385). | cmetz | |
1999-07-06 | Fixed compilation problems when INET6 is enabled. | cmetz | |
1999-07-06 | Removed bogus ifdef/define lines that resulted from an over-aggressive M-x. | cmetz | |
1999-07-05 | remove bogus entry from if_enc address list; and rename enc_softc to encif | Theo de Raadt | |
1999-07-03 | indent | Theo de Raadt | |
1999-07-02 | rename SADB_foo_X_bar to SADB_X_foo_bar | Theo de Raadt | |
1999-07-02 | Fixed a #ifdef defined()... typo that turned into a compilation failure. | cmetz | |
1999-07-02 | Significant cleanups in the way TCP is made to handle multiple network | cmetz | |
protocols. "struct tcpiphdr" is now gone from much of the code, as are separate pointers for ti and ti6. The result is fewer variables, which is generally a good thing. Simple if(is_ipv6) ... else ... tests are gone in favor of a switch(protocol family), which allows future new protocols to be added easily. This also makes it possible for someone so inclined to re-implement TUBA (TCP over CLNP?) and do it right instead of the kluged way it was done in 4.4. The TCP header template is now referenced through a mbuf rather than done through a data pointer and dtom()ed as needed. This is partly because dtom() is evil and partly because max_linkhdr + IPv6 + TCP + MSS/TS/SACK opts won't fit inside a packet header mbuf, so we need to grab a cluster for that (which the code now does, if needed). | |||
1999-06-30 | remove final low-level crypto knowledge from base ipsec code | Theo de Raadt | |
1999-06-18 | split out transforms; some debugging done but there may still be bugs in | Theo de Raadt | |
the new key init/zero functions | |||
1999-06-15 | handle multicast packets inside ipf too; darren | Theo de Raadt | |
1999-06-11 | removed TCPCOOKIE support. | pattonme | |
1999-06-07 | I do not believe this | Theo de Raadt | |
1999-06-07 | return a ICMP_UNREACH_PROTOCOL for protocols we do not support; discussion ↵ | Theo de Raadt | |
with cmetz | |||
1999-06-07 | Fix use of uninitialized TDB hash table in tdb_delete(), introduced | Angelos D. Keromytis | |
along with the dynamically-resized TDB table (report and fix suggestion by henric@ncal.verio.com) | |||
1999-06-06 | Ident. | Angelos D. Keromytis | |
1999-06-06 | avoid a future problem inside an #ifdef notyet | Theo de Raadt | |
1999-06-04 | forgot to zero sunion | Niels Provos | |
1999-05-24 | instead of dropping out of window SYNs, send an ACK and drop afterwards. | Niels Provos | |
fixes a problem with NFS over TCP reported by Jason Thorpe, fix from klm@netbsd.org | |||
1999-05-23 | SA hash table resizing | Niklas Hallqvist | |
1999-05-20 | Fix a bug where the ordered expiration list could get out of order. Add | Niklas Hallqvist | |
invariant checking of the lists when DIAGNOSTIC compiled. Extend the critical region to cover all of tdb_expiration so the tdb won't disappear behind our back. | |||
1999-05-16 | Don't judge locally generated tunnel packets as spoof attempts. indent. | Niklas Hallqvist | |
1999-05-16 | spltdb introduced, protection for tdb lists and related structures, so | Niklas Hallqvist | |
they won't disappear behind our back by an expiration. Cleanup expiration logic too. | |||
1999-05-16 | Add support for static ARP entries that cannot be overwritten. | Hakan Olsson | |
Ordinary static ARPs that are overwritten will no longer still be static. | |||
1999-05-14 | A new scalable IPsec SA expiration model. | Niklas Hallqvist | |
1999-05-12 | Obvious pasto | Niklas Hallqvist | |