Age | Commit message (Collapse) | Author | |
---|---|---|---|
1998-10-28 | - fix three bugs pointed out in Stevens, i.a. updating timestamps correctly | Niels Provos | |
- fix a 4.4bsd-lite2 bug, when tcp options are present the maximum segment size is not updated correctly, so that fast recovery forces out a segment which is split in two segments by tcp_output(), the fix is adpated from FreeBSD, the effective mss is recorded after option negotiation in 3way handshake. [I was able to fix this on time spent at Center for Information Technology Integration (citi.umich.edu)] | |||
1998-10-13 | Remove NULL deref condition | Niklas Hallqvist | |
1998-10-11 | bad ioctls return EINVAL; garath@code.ridgefield.org | Theo de Raadt | |
1998-09-15 | Updated to v3.2.9 of Darren's codebase. His code reimplements variable | pattonme | |
locking, replaces u_long's with u_32_t to properly handle 64bit archs. Wrapped OpenBSD specific preprocessor logic. | |||
1998-09-09 | Make RMD160Update a little less overzealous when fed small crumbs. | janjaap | |
1998-08-02 | cleanup ipsec error handling | Niels Provos | |
1998-08-01 | more careful error handling, some simplification and beautification. | Niels Provos | |
1998-07-30 | fixing a stupid bug I introduced when trying to improve the encryption | Niels Provos | |
performance by avoiding unnecessary copies. There was a problem when two subsequent mbufs were != 0 mod blocksize and the next < blocksize, so we lost the rest of the last mbuf as IV. | |||
1998-07-30 | Forgot this one with the previous batch of commits; use ip4_input() | Angelos D. Keromytis | |
instead of ipip_input() whenever possible, it seems more stable. | |||
1998-07-29 | Proper handling of IP in IP and checksumming. | Angelos D. Keromytis | |
1998-07-29 | Don't do checksumming unless we're doing IP-in-IP. | Angelos D. Keromytis | |
1998-07-03 | wrong endian conversion caused vif stats to be wrong; jonny@jonny.eng.br | Theo de Raadt | |
1998-06-30 | remove unnecessary assignment | Niels Provos | |
1998-06-27 | delete extra KFREE(); d@openbsd.org | Theo de Raadt | |
1998-06-27 | indent | Theo de Raadt | |
1998-06-27 | indent | Theo de Raadt | |
1998-06-27 | Disallow TCP connect() to multicast addresses; cmetz@inner.net | Angelos D. Keromytis | |
1998-06-26 | indent | Theo de Raadt | |
1998-06-11 | indent | Theo de Raadt | |
1998-06-11 | fix a mbuf chain corruption which happened when m_pullup was called on an | Niels Provos | |
mbuf in the middle of the chain and had to MGET a new one. | |||
1998-06-10 | make the packets which were successfully processed by IPSec available to | Niels Provos | |
bpf via the enc0 interface, using linktype DLT_ENC. | |||
1998-06-10 | wasteland quality control cleanup | Theo de Raadt | |
1998-06-10 | New TCPCTL_IDENT sysctl for identd without kmem insanity. | Bob Beck | |
1998-06-03 | request only auth in notify when vpn ipsec route is found with a different | Niels Provos | |
security protocol than IPPROTO_ESP. | |||
1998-06-03 | cleanup debug printfs | Niels Provos | |
1998-06-02 | nbytes - ofs should never be less than 0 (Oops on me) | janjaap | |
1998-05-27 | for icmpbmcastecho, block all of them | Theo de Raadt | |
1998-05-24 | allow SAs with non-specified source address | Niels Provos | |
1998-05-24 | allow the use of blowfish and cast encryption with implicit iv | Niels Provos | |
1998-05-24 | avoid source address spoofing for mutual hostile hosts which have SAs to | Niels Provos | |
us, reported by Craig Metz <cmetz@inner.net>. | |||
1998-05-24 | add support for Virtual Private Networks (VPN). | Niels Provos | |
1998-05-22 | Set the outter IP header's ttl, not the inner. | Angelos D. Keromytis | |
1998-05-19 | Wall for non-IPSEC case | Theo de Raadt | |
1998-05-18 | first step to the setsockopt/getsockopt interface as described in | Niels Provos | |
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal userland key management applications when security services are requested. this is only for outgoing connections at the moment, incoming packets are not yet checked against the selected socket policy. | |||
1998-05-17 | fix tdb_delete() when using SPI chains. | Niels Provos | |
1998-05-05 | check for invalid padding length, reported by Dan McDonald (Sun Microsystems) | Niels Provos | |
<danmcd@eng.sun.com> | |||
1998-04-25 | close PR 459 | David Leonard | |
1998-03-27 | Fix bug (I introduced) with aliases and in_broadcast(). | Angelos D. Keromytis | |
1998-03-23 | Also digest the leftovers. | janjaap | |
1998-03-20 | for SIOCGIF{NETMASK,DSTADDR,BRDADDR} calls match address to if aliases entries | Theo de Raadt | |
so that correct information is returned (previously information about the primary address was returned). If the address cannot be found on the interface, return information about the primary (for OSIOC* compatibility). work by angelos and myself. | |||
1998-03-19 | This should fix some problems with the aliases. | Angelos D. Keromytis | |
1998-03-18 | adapt function arguments to get the expected prototype. | Niels Provos | |
1998-03-18 | Fix tunnel mode input processing (use ip4_input instead of ipe4_input), | Niels Provos | |
fix some old code leftovers in ah_new_input (adjust to variable hash length), avoid double ip encapsulation in tunnel mode. Problems reportd by Petr Novak <petr@internet.cz>. | |||
1998-03-18 | Add FreeBSD patch (check for SYN packets arriving at a socket in | Angelos D. Keromytis | |
LISTEN state with source address/port == destination address/port). | |||
1998-03-07 | improve performance by avoiding unnecessary copies. | Niels Provos | |
1998-03-04 | don't print "IP Filter: initialized" | dgregor | |
1998-03-02 | improve blowfish performance. | Niels Provos | |
1998-02-28 | Another shot at disallowing TCP connections to 255.255.255.255, | Angelos D. Keromytis | |
0.0.0.0 and any local broadcast addresses. Tested. | |||
1998-02-25 | patch could not have been tested. panics machine on boot | Theo de Raadt | |
1998-02-25 | please indent as the file is currently indented | Theo de Raadt | |