src - OpenBSD base system

Age	Commit message (Collapse)	Author
1999-10-29	Support multiple enc interfaces.	Angelos D. Keromytis

1999-10-29	New field in tdb, to be used with bridging.	Angelos D. Keromytis

1999-10-29	Get rid of unnecessary third argument in *_output routines of IPsec.	Angelos D. Keromytis

1999-10-29	Remove unused third argument from ipe4_output()	Angelos D. Keromytis

1999-10-29	Remove unnecessary argument from ipe4_output() and etherip_output()	Angelos D. Keromytis

1999-10-29	Queue on the bridge interface.	Angelos D. Keromytis

1999-10-29	Fix some comments.	Angelos D. Keromytis

1999-10-28	Add etherip.allow sysctl node entry.	Angelos D. Keromytis

1999-10-28	Add IPPROTO_ETHERIP in the protocol switch; comment out INET6 IPv4-IPv4	Angelos D. Keromytis
	handling that was re-using ipv4_input() instead of using ip4_input() from netinet/ip_ip4.c
1999-10-28	Add Ethernet-IP encapsulation handling.	Angelos D. Keromytis

1999-10-28	Define IPPROTO_ETHERIP.	Angelos D. Keromytis

1999-10-06	M_EXT isn't the only test for a cluster any more: also test ext_ref	Jason Wright

1999-09-29	Critical reliability fix for IPsec. On i386 splsoftclock is not	Niklas Hallqvist
	a perfect emulation of a "real" architecture's splsoftclock, as it assumes it is only invoked from higher spl levels. Use splsoftnet instead.
1999-09-26	the mbuf copy was still being modified; now totally correct that.	Theo de Raadt

1999-09-25	line not needed	Theo de Raadt

1999-09-23	fix same-interface-out-as-in and packet gets corrupted bug noted by	Theo de Raadt
	james@oaktree.co.uk by re-working icmp embedded-packet code so that ip_forward() m_copy()-aliased packet can be forwarded to ip_output and icmp_error() safely, because no packet tweaking is needed before calling icmp_error()
1999-09-03	inet_ntoa4 should manage 4-calls, not just 2	Hakan Olsson

1999-09-01	increase tcp_iss increment	Niels Provos

1999-08-31	correctly update window information	Niels Provos

1999-08-27	more SACK hole validity testing; fix a tcp seq arithmetic bug. cmetz and me.	Niels Provos

1999-08-27	Disable SACK for now, it has problems, deraadt@	Todd C. Miller

1999-08-26	add an inner xor to make prediction attacks against the ids harder, due	Niels Provos
	to an attack pointed out by David Wagner.
1999-08-10	Add tdb_satype (PF_KEY SADB_SATYPE_<XXX>) to struct tdb	Hakan Olsson

1999-08-08	undeclared variable	Niklas Hallqvist

1999-08-08	Fix cases when wanting to communicate with the bridge'	Niklas Hallqvist
	s remote interfaces, both ARP and local delivery had bugs
1999-08-08	Support detaching of network interfaces. Still work to do in ipf, and	Niklas Hallqvist
	other families than inet.
1999-08-06	back out all recent changes, which continue to be a source for nasty bugs	Theo de Raadt

1999-08-05	Add tdb_walk. tdb_delete() should clean up routes when deleting flows.	Hakan Olsson

1999-08-02	Ethernet, not 10 Mb/s Ethernet	Theo de Raadt

1999-07-28	Moved the m_data/m_len shave of IP and TCP headers back to its original	cmetz
	location, as attempts to do it differently have caused too many problems.
1999-07-22	Revert to 1.21	Niklas Hallqvist

1999-07-22	Reintroduce rev 1.41 which brings us TCP signatures again, but this time	Niklas Hallqvist
	hopefully without random kernel data corruption.
1999-07-18	Prevent host on one interface from overwriting ARP route entry for a	Hakan Olsson
	host on a different interface. Also add interface name to other overwrite diagnostic messages.
1999-07-18	use proper C	Theo de Raadt

1999-07-17	revert tcp_input.c to before 07/01/1999 - this seems to solve the mysterious	Niels Provos
	data corruptions and panics that people have experienced. by reverting we loose tcp signatures and ipv6 cleanups, the code looked correct to me.
1999-07-17	A good hashing function for IPsec SAs that should remove the risks	Niklas Hallqvist
	of running out of memory when adding SPIs.
1999-07-15	Protect better against rehashing make the kernel run out of resources	Niklas Hallqvist

1999-07-15	From angelos@, edits by me, demand keying for PF_KEY	Niklas Hallqvist

1999-07-13	correct non-STDC case	Theo de Raadt

1999-07-06	ipsec_in_use could get out of sync. (Also niklas@. angelos@ ok)	Hakan Olsson

1999-07-06	Added support for TCP MD5 option (RFC 2385).	cmetz

1999-07-06	Fixed compilation problems when INET6 is enabled.	cmetz

1999-07-06	Removed bogus ifdef/define lines that resulted from an over-aggressive M-x.	cmetz

1999-07-05	remove bogus entry from if_enc address list; and rename enc_softc to encif	Theo de Raadt

1999-07-03	indent	Theo de Raadt

1999-07-02	rename SADB_foo_X_bar to SADB_X_foo_bar	Theo de Raadt

1999-07-02	Fixed a #ifdef defined()... typo that turned into a compilation failure.	cmetz

1999-07-02	Significant cleanups in the way TCP is made to handle multiple network	cmetz
	protocols. "struct tcpiphdr" is now gone from much of the code, as are separate pointers for ti and ti6. The result is fewer variables, which is generally a good thing. Simple if(is_ipv6) ... else ... tests are gone in favor of a switch(protocol family), which allows future new protocols to be added easily. This also makes it possible for someone so inclined to re-implement TUBA (TCP over CLNP?) and do it right instead of the kluged way it was done in 4.4. The TCP header template is now referenced through a mbuf rather than done through a data pointer and dtom()ed as needed. This is partly because dtom() is evil and partly because max_linkhdr + IPv6 + TCP + MSS/TS/SACK opts won't fit inside a packet header mbuf, so we need to grab a cluster for that (which the code now does, if needed).
1999-06-30	remove final low-level crypto knowledge from base ipsec code	Theo de Raadt

1999-06-18	split out transforms; some debugging done but there may still be bugs in	Theo de Raadt
	the new key init/zero functions