src - OpenBSD base system

Age	Commit message (Collapse)	Author
1999-03-27	add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing	Niels Provos
	SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
1999-03-24	Implement lifetime expiration notifications. Fix some typos. Remove statics.	Niklas Hallqvist

1999-03-24	Reworked udp_output() to minimize the number of if() statements needed to get	cmetz
	packets out. Also had the nice side effect of fewer blocks now move around by ifdefs, which makes it more readable.
1999-03-24	Removed inclusion of netinet6/in6.h. This was an artifact of when the core	cmetz
	IPv6 symbols were there rather than in netinet/in.h, and now not only is unnecessary but also could create problems (see PR library/781).
1999-03-24	Removed old NRL convention in6a_words virtual-field from struct in6_addr.	cmetz
	Let's not encourage the use of an obsolete convention.
1999-03-24	Replace 'in6a_words' (old NRL convention) with 's6_addr32' (new BSDI et al.	cmetz
	convention that is more common and more specific as to the access size)
1999-03-13	indent	Theo de Raadt

1999-03-06	Update IP pointer, when doing multiple transforms.	Angelos D. Keromytis

1999-03-04	be more careful with freeing TDBs	Theo de Raadt

1999-03-04	more paranoid maintenance	Theo de Raadt

1999-02-25	Prettier reporting, report number of flows in use per SA.	Angelos D. Keromytis

1999-02-25	Skipjack key bzero'ing case.	Angelos D. Keromytis

1999-02-25	Print more information in /kern/ipsec	Angelos D. Keromytis

1999-02-25	Bzero key information before free'ing it, just for paranoia's sake.	Angelos D. Keromytis

1999-02-25	Use M_XDATA for the key schedule, instead of M_TEMP.	Angelos D. Keromytis

1999-02-25	Clear the DF bit, so packets don't get dropped inside a tunnel.	Angelos D. Keromytis
	The real solution is probably to keep soft state; however, it's not entirely clear what a tunnel's properties with regards to fragmentation are (it may be considered a infinitely-large MTU pipe).
1999-02-25	Be a bit more paranoid before free'ing memory.	Angelos D. Keromytis

1999-02-25	Move union sockaddr_union to ip_ipsp.h	Angelos D. Keromytis

1999-02-24	Update copyright; remove a few annoying debugging printfs.	Angelos D. Keromytis
	Btw, OpenBSD hit 25000 commits a couple commits ago.
1999-02-24	add skipjack support back	Theo de Raadt

1999-02-24	Remove encap.h include; saner debugging printfs; fix buglets; work with	Angelos D. Keromytis
	pfkeyv2.
1999-02-24	Added in.h definitions required by IPv6 Basic API and Advanced API specs, and	cmetz
	a few extras that are just plain useful. Note that I used u_intxx_t instead of the POSIX p1003.1g uintxx_t that those specs mandate, so as to not increase the number of outside symbol definitions that in.h depends on.
1999-02-23	Forgot this.	Angelos D. Keromytis

1999-02-23	This one seems to work, at least in the direction Sparc->i386.	Angelos D. Keromytis
	Btw, for all the curious souls, I am in Canada at the moment (land of free commits).
1999-02-23	Turns out the patch didn't fix the problem. Reverting to old code.	Angelos D. Keromytis

1999-02-23	Fix an endianness problem (not an issue in libc).	Angelos D. Keromytis

1999-02-21	split ipintr() to create new ipv4_input() for tunnels; NRL	Theo de Raadt

1999-02-19	fix definition of plen for ICMP (ping -s73 problem)	Kjell Wooding

1999-02-19	ipq locking	Theo de Raadt

1999-02-19	when checking for weak keys compare sizeof(des_cblock) bytes insetad of ↵	Artur Grabowski
	sizeof(key) bytes
1999-02-17	add fragment flood protection; configureable using sysctl ip.maxqueue	Theo de Raadt

1999-02-17	ipsec skipjack, based on free .fi code (some .gov type will test this for me)	Theo de Raadt

1999-02-17	indent	Theo de Raadt

1999-02-17	indent; remove local types	Theo de Raadt

1999-02-17	inet6 indent	Theo de Raadt

1999-02-16	Fix a padding check bug in the experimental-padding. iliya@ericom.com	Angelos D. Keromytis

1999-02-15	when allocating sack blocks check for failing malloc(), if it fails	Niels Provos
	just ignore the sack block + fix misleading comment. tomh@CS.Berkeley.EDU
1999-02-12	angelos cannot spell small words	Theo de Raadt

1999-02-09	correct rst handling should not consult ack field here	Hugh Graham

1999-02-08	init incr tcp iss from snd_nxt, not rcv_nxt; 4.4	Theo de Raadt

1999-02-05	ipf 3.2.10; work by kjell	Theo de Raadt

1999-02-05	indent	Theo de Raadt

1999-02-05	Clear mfchashtbl after deallocation (mycroft@netbsd)	Angelos D. Keromytis

1999-02-04	indent	Theo de Raadt

1999-02-04	report on no udp checksum	Theo de Raadt

1999-02-04	use u_int32_t and u_int64_t for stats variables, instead of quad/long	Theo de Raadt

1999-02-01	remove the correct KFREE	David Leonard

1999-01-29	remove multiple free	David Leonard

1999-01-27	fix NEWRENO behaviour, the newreo code assumed that the send socket buffer has	Niels Provos
	already been cleared of the acked data, though it was called before any sbdrop() call and always called tcp_output() with 0 index in the send socket buffer and thus causing data corruption. so do not set snd_una to th_ack.
1999-01-27	reordered FIN segments caused early termination, bug introduced by ipv6 ↵	Niklas Hallqvist
	integration