| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 1999-12-28 | Avoid recursive rw_enter panic. From darrenr@pobox.com. | Kjell Wooding | |
| 1999-12-28 | Update to ipfilter 3.3.6. See src/sbin/ipf/HISTORY for details. | Kjell Wooding | |
| 1999-12-28 | remove unused part of kame patch from the tree. openbsd does not pass | Jun-ichiro itojun Hagino | |
| "proto" around as xx_input argument. (sync with kame change) | |||
| 1999-12-28 | remove non-effective kame patch. openbsd ip_input() passes | Jun-ichiro itojun Hagino | |
| different thing to the upper-layers than other KAME/*BSD does (additional NULL pointer and "0"), so live with that. (sync with kame) | |||
| 1999-12-27 | synchronize inp_flags definition across kame/*bsd. | Jun-ichiro itojun Hagino | |
| this would ease us implement future COMPAT_*BSD. (sync with kame tree) | |||
| 1999-12-27 | Print associated interface, if present. | Angelos D. Keromytis | |
| 1999-12-26 | Correctly initialize loop variables when not doing authentication with | Angelos D. Keromytis | |
| ESP (bug reported by provos@) | |||
| 1999-12-25 | Support v4 and v6 destination TDBs. | Angelos D. Keromytis | |
| 1999-12-25 | Change some function prototypes, dont unnecessarily initialize some | Angelos D. Keromytis | |
| variables. | |||
| 1999-12-25 | Move the IPsec packet-processing loop to a separate routine, so we can | Angelos D. Keromytis | |
| reuse it in ip6_output and the bridge. The policy-lookup code will probably follow suit in a separate routine sometime soon. | |||
| 1999-12-24 | Return EINVAL instead of ENOBUFS if the source address is not specified. | Angelos D. Keromytis | |
| 1999-12-21 | compile without INET6, okay angelos@ | Niels Provos | |
| 1999-12-21 | option TCP_NEWRENO goes away, its the default case for TCP_SACK if | Niels Provos | |
| SACK is disabled for the connection or via sysctl | |||
| 1999-12-21 | be paranoid about malicious use of v4 mapped addr on v6 packet. | Jun-ichiro itojun Hagino | |
| malicious party may try to use v4 mapped addr as source/dest to confuse tcp/udp layer, or to bypass security checks, for example, naive stack can mistakingly think a packet with src = ::ffff:127.0.0.1 is from local node. (sync with kame) | |||
| 1999-12-21 | enable SACK again | Niels Provos | |
| 1999-12-21 | fix non-IPsec compilation. (too complex #ifdef...) | Jun-ichiro itojun Hagino | |
| 1999-12-21 | reuse encapsulate/decapsulate routine in ip_ip4.c from gif interface | Jun-ichiro itojun Hagino | |
| (outer=IPv4 case). tested with (inner=IPv6, outer=IPv4) case. BUG ALERT: in_gif_output() assumes about ipe4_output()'s behavior too much. I mean, "tdb" is configured with certain knowledge about ipe4_output()'s behavior. | |||
| 1999-12-21 | Initialize variable. | Angelos D. Keromytis | |
| 1999-12-20 | decide address family for {set,get}sockopt() by domain table, | Jun-ichiro itojun Hagino | |
| not from tcb. it will present more natural behavior. af for socket option obeys address family passed to bind(2). | |||
| 1999-12-19 | disallow AF mismatch on inbound. | Jun-ichiro itojun Hagino | |
| 1999-12-19 | reject AF mismatch for inbonud multicast traffic. | Jun-ichiro itojun Hagino | |
| 1999-12-19 | Remove PCB protocol checks rendered unnecessary by the previous commit. | Angelos D. Keromytis | |
| 1999-12-19 | Be a bit more paranoid when searching for a PCB in the presence of IPv6. | Angelos D. Keromytis | |
| 1999-12-18 | Fix kernel panic involving multicast packet (patch different from the | Angelos D. Keromytis | |
| one provided by pavlin@catarina.usc.edu) | |||
| 1999-12-18 | too much software forgets to include sys/socket.h, SIGH | Theo de Raadt | |
| 1999-12-17 | do not accept IPv4 traffic by AF_INET6 socket. IPv4 mapped address is | Jun-ichiro itojun Hagino | |
| bad for access controls. (quickhack fix, need sysctl/setsockopt knob to enable this functionality) | |||
| 1999-12-17 | Patch to fix ipmon -F. /dev/ipnat and /dev/ipstate now handle SIOCIPFFB. | Kjell Wooding | |
| from darrenr@pobox.com | |||
| 1999-12-17 | Update to Darren Reed's IPFilter 3.3.5 | Kjell Wooding | |
| Fixes: realaudio proxy issues, "log level" printing, and source address for icmp replies (was reversed). Thoughtfully submitted by techs@obfuscation.org | |||
| 1999-12-16 | rresvport_af() and bindresvport_af() | Theo de Raadt | |
| 1999-12-15 | never go into persist mode if there are still segments to be retransmitted. | Niels Provos | |
| set retransmit timer again if it was cleared, that can happen in SACK when there are no elligble SACK holes to be retransmitted and the receiver window is full. | |||
| 1999-12-15 | do not overwrite traffic class portion when filling in IPv6 version field. | Jun-ichiro itojun Hagino | |
| 1999-12-15 | don't check INET too much, it will make trouble with lkm compilation. | Jun-ichiro itojun Hagino | |
| 1999-12-15 | Import of Darren Reed's IPFilter 3.3.4, including OpenBSD patches. | Kjell Wooding | |
| Many, many enhancements and improvements, including new in-kernel proxies, enhancements to logging, and many bugfixes. Note: Man pages have not yet been re-converted to mdoc. | |||
| 1999-12-14 | sack.end may not be > tp->snd_max but can be equal. | Niels Provos | |
| 1999-12-14 | New ipfilter files. Preparing for merge of ipfilter 3.3.4. | Kjell Wooding | |
| 1999-12-13 | remove extra checks for #define INET (merged mistakingly from kame). | Jun-ichiro itojun Hagino | |
| this is harmful against some of lkm compilation. | |||
| 1999-12-12 | make it easier to synchronize INP_xx flags and IN6P_xx flags. | Jun-ichiro itojun Hagino | |
| 1999-12-12 | fix IPv6 advanced API (RFC2292) for udp socket. | Jun-ichiro itojun Hagino | |
| TODO: ditto for raw and tcp socket | |||
| 1999-12-10 | sync DIAGNOSTIC code with reality. we always get cluster mbuf so | Jun-ichiro itojun Hagino | |
| max_linkhdr + hdrlen <= MCLBYTES is safe. | |||
| 1999-12-10 | Add code to allow for IPv6 IPsec destinations in IPv4 IPsec flows (e.g., | Angelos D. Keromytis | |
| packets from 10.0.0.1 going to 11.0.0.1 should be ESP encrypted to host 1:2:3:4:5:6:7:8). ip6_output() needs to be modified to honor IP_RAWOUTPUT (or some such) and IP_ENCAPSULATED, to not prepend an IPv6 header to the packet, and to not do IPsec processing respectively. | |||
| 1999-12-09 | Use otos rather than writing directly to ip_tos in the IPv4 header | Angelos D. Keromytis | |
| (bitfields can be a pain). | |||
| 1999-12-09 | Fix comment typos. | Angelos D. Keromytis | |
| 1999-12-09 | Move variable decls into the appropriate #ifdefs so GENERIC compiles... | Jason Downs | |
| 1999-12-09 | So I was lying...unify ESP and AH wrapper-input processing. The new | Angelos D. Keromytis | |
| file contains a common routine for massaging the packet, doing peripheral checks, update statistics, etc. common for both AH/ESP, both IPv4/IPv6. Also wrapper routines for AH/ESP-v4/v6, and the sysctl routines from ip_ah.c/ip_esp.c | |||
| 1999-12-09 | Ok, no more IPsec for OpenBSD...I've had enough with it. | Angelos D. Keromytis | |
| 1999-12-09 | Add v4/v6 wrapper routine definitions. | Angelos D. Keromytis | |
| 1999-12-09 | Couple of paranoid ifdefs... | Angelos D. Keromytis | |
| 1999-12-09 | ip4e_output() can now generate any combination of IP{4,6}-in-IP{4,6} | Angelos D. Keromytis | |
| tunnels. | |||
| 1999-12-09 | Unspecified tunnel endpoint use statistic. | Angelos D. Keromytis | |
| 1999-12-09 | Protocol family mismatch counter. | Angelos D. Keromytis | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |