| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 1999-07-18 | use proper C | Theo de Raadt | |
| 1999-07-17 | revert tcp_input.c to before 07/01/1999 - this seems to solve the mysterious | Niels Provos | |
| data corruptions and panics that people have experienced. by reverting we loose tcp signatures and ipv6 cleanups, the code looked correct to me. | |||
| 1999-07-17 | A good hashing function for IPsec SAs that should remove the risks | Niklas Hallqvist | |
| of running out of memory when adding SPIs. | |||
| 1999-07-15 | Protect better against rehashing make the kernel run out of resources | Niklas Hallqvist | |
| 1999-07-15 | From angelos@, edits by me, demand keying for PF_KEY | Niklas Hallqvist | |
| 1999-07-13 | correct non-STDC case | Theo de Raadt | |
| 1999-07-06 | ipsec_in_use could get out of sync. (Also niklas@. angelos@ ok) | Hakan Olsson | |
| 1999-07-06 | Added support for TCP MD5 option (RFC 2385). | cmetz | |
| 1999-07-06 | Fixed compilation problems when INET6 is enabled. | cmetz | |
| 1999-07-06 | Removed bogus ifdef/define lines that resulted from an over-aggressive M-x. | cmetz | |
| 1999-07-05 | remove bogus entry from if_enc address list; and rename enc_softc to encif | Theo de Raadt | |
| 1999-07-03 | indent | Theo de Raadt | |
| 1999-07-02 | rename SADB_foo_X_bar to SADB_X_foo_bar | Theo de Raadt | |
| 1999-07-02 | Fixed a #ifdef defined()... typo that turned into a compilation failure. | cmetz | |
| 1999-07-02 | Significant cleanups in the way TCP is made to handle multiple network | cmetz | |
| protocols. "struct tcpiphdr" is now gone from much of the code, as are separate pointers for ti and ti6. The result is fewer variables, which is generally a good thing. Simple if(is_ipv6) ... else ... tests are gone in favor of a switch(protocol family), which allows future new protocols to be added easily. This also makes it possible for someone so inclined to re-implement TUBA (TCP over CLNP?) and do it right instead of the kluged way it was done in 4.4. The TCP header template is now referenced through a mbuf rather than done through a data pointer and dtom()ed as needed. This is partly because dtom() is evil and partly because max_linkhdr + IPv6 + TCP + MSS/TS/SACK opts won't fit inside a packet header mbuf, so we need to grab a cluster for that (which the code now does, if needed). | |||
| 1999-06-30 | remove final low-level crypto knowledge from base ipsec code | Theo de Raadt | |
| 1999-06-18 | split out transforms; some debugging done but there may still be bugs in | Theo de Raadt | |
| the new key init/zero functions | |||
| 1999-06-15 | handle multicast packets inside ipf too; darren | Theo de Raadt | |
| 1999-06-11 | removed TCPCOOKIE support. | pattonme | |
| 1999-06-07 | I do not believe this | Theo de Raadt | |
| 1999-06-07 | return a ICMP_UNREACH_PROTOCOL for protocols we do not support; discussion ↵ | Theo de Raadt | |
| with cmetz | |||
| 1999-06-07 | Fix use of uninitialized TDB hash table in tdb_delete(), introduced | Angelos D. Keromytis | |
| along with the dynamically-resized TDB table (report and fix suggestion by henric@ncal.verio.com) | |||
| 1999-06-06 | Ident. | Angelos D. Keromytis | |
| 1999-06-06 | avoid a future problem inside an #ifdef notyet | Theo de Raadt | |
| 1999-06-04 | forgot to zero sunion | Niels Provos | |
| 1999-05-24 | instead of dropping out of window SYNs, send an ACK and drop afterwards. | Niels Provos | |
| fixes a problem with NFS over TCP reported by Jason Thorpe, fix from klm@netbsd.org | |||
| 1999-05-23 | SA hash table resizing | Niklas Hallqvist | |
| 1999-05-20 | Fix a bug where the ordered expiration list could get out of order. Add | Niklas Hallqvist | |
| invariant checking of the lists when DIAGNOSTIC compiled. Extend the critical region to cover all of tdb_expiration so the tdb won't disappear behind our back. | |||
| 1999-05-16 | Don't judge locally generated tunnel packets as spoof attempts. indent. | Niklas Hallqvist | |
| 1999-05-16 | spltdb introduced, protection for tdb lists and related structures, so | Niklas Hallqvist | |
| they won't disappear behind our back by an expiration. Cleanup expiration logic too. | |||
| 1999-05-16 | Add support for static ARP entries that cannot be overwritten. | Hakan Olsson | |
| Ordinary static ARPs that are overwritten will no longer still be static. | |||
| 1999-05-14 | A new scalable IPsec SA expiration model. | Niklas Hallqvist | |
| 1999-05-12 | Obvious pasto | Niklas Hallqvist | |
| 1999-05-12 | Follow local indentation style. | Hakan Olsson | |
| 1999-05-12 | Fix problem with data corruption for retransmitted TCP packets | Hakan Olsson | |
| in an IPSec ESP tunnel. OpenBSD PR 819. | |||
| 1999-05-11 | Remove cruft that wasted space en masse in the IPsec subsystem | Niklas Hallqvist | |
| 1999-04-28 | zap the newhashinit hack. | Artur Grabowski | |
| Add an extra flag to hashinit telling if it should wait in malloc. update all calls to hashinit. | |||
| 1999-04-23 | dont accept packets with the destination address of a down interface; | Niels Provos | |
| proff@netbsd.org. | |||
| 1999-04-22 | Heh, this was definitely not tested. cpp sytax errors. | Niklas Hallqvist | |
| 1999-04-21 | From Tom Henderson <tomh@cs.berkeley.edu>: | Niels Provos | |
| Fixed a sequence wraparound bug in the snd_recover variable discovered in very large (multiple GByte) transfers (in loss free conditions, snd_recover was not sufficiently tracking snd_una). Thanks to Mark Smith for finding this. Fixed a bug in tcp_newreno that was preventing retransmission of data due to partial acks. (Discovered by Jayanth Vijayaraghavan) | |||
| 1999-04-20 | messup, learn to test *all* variants of compile options when | Niklas Hallqvist | |
| altering the logic round such. | |||
| 1999-04-20 | use open() with O_EXCL.. but also move to /var/run to avoid the 2nd-level ↵ | Theo de Raadt | |
| /tmp race which darren obviously does not think important | |||
| 1999-04-20 | Merge MROUTING and IPSEC wrt handling of IP-in-IP tunnelled packets. | Niklas Hallqvist | |
| Fix a panic case in the MROUTING code too. Drop M_TUNNEL support, nothing ever uses it. | |||
| 1999-04-16 | fix ipf return-rst panic bug; beck | Theo de Raadt | |
| 1999-04-12 | move encdebug to a useful place | Theo de Raadt | |
| 1999-04-11 | Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default. | Niklas Hallqvist | |
| If you are going to use either of AH or ESP or both, enable these in /etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now named net.inet.ip.encdebug. Some corrected function signatures too. | |||
| 1999-04-09 | The kernel parts of a sysctl that can switch on/off IP-in-IP (protocol 4) | Niklas Hallqvist | |
| support, when IPSEC is compiled in. The default is disabled. Turn on with: sysctl -w net.inet.ip4.allow=1 ***Only*** do this if you are really knowing what you do! This control does not control the tunnel modes of ESP and AH. | |||
| 1999-04-09 | Make the tdbi handling more robust, removes a panic case | Niklas Hallqvist | |
| 1999-04-09 | Check for local address spoofing on encapsulated packets. | Angelos D. Keromytis | |
| 1999-04-04 | fix tunnelling; provos | Theo de Raadt | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |