#
6ee513e5 |
| 05-Dec-2017 |
jca <jca@openbsd.org> |
Use clock_gettime(CLOCK_MONOTONIC) to schedule timers
From Scott Cheloha, ok tb@
|
#
baf9c2db |
| 23-Jan-2014 |
deraadt <deraadt@openbsd.org> |
Remove a mid-layer which acts like arc4random isn't fairly standard. ok mikeb
|
#
599f6aa2 |
| 22-Jan-2014 |
deraadt <deraadt@openbsd.org> |
regrand can die, from millert
|
#
60c439c7 |
| 22-Jan-2014 |
deraadt <deraadt@openbsd.org> |
improve randomization. remove some junk debugging features that are fundamentally broken. ok jsing mikeb
|
#
aa920ac7 |
| 24-Nov-2006 |
reyk <reyk@openbsd.org> |
add support to tag ipsec traffic belonging to specific IKE-initiated phase 2 traffic. this allows policy-based filtering of encrypted and unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and i
add support to tag ipsec traffic belonging to specific IKE-initiated phase 2 traffic. this allows policy-based filtering of encrypted and unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and isakmpd.conf(5) for details and examples.
this is work in progress and still needs some testing and feedback, but it is safe to put it in now.
ok hshoexer@
show more ...
|
#
a339acf4 |
| 28-Dec-2005 |
hshoexer <hshoexer@openbsd.org> |
remove some unused functions and an unused variable found by lint.
ok markus@
|
#
d6d7f0d1 |
| 15-Nov-2005 |
cloder <cloder@openbsd.org> |
Add a new raw2hex function and yank out several pieces of code in other places that were doing this. Prodding deraadt. OK hshoexer.
|
#
b71c36ac |
| 25-Jul-2005 |
hshoexer <hshoexer@openbsd.org> |
output some more information on UI command "S"
ok ho@
|
#
e789a0db |
| 08-Apr-2005 |
cloder <cloder@openbsd.org> |
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Als
Make deterministic randomness (only ever used for testing) a compile-time option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
show more ...
|
#
720c49e9 |
| 10-Mar-2005 |
hshoexer <hshoexer@openbsd.org> |
remove dead code, noted by ho@
|
#
299fd048 |
| 04-Mar-2005 |
hshoexer <hshoexer@openbsd.org> |
remove unused function udp_decode_port(), add modified version as text2port() to utilities.
ok cloder ho
|
#
e3283cbf |
| 14-Dec-2004 |
mcbride <mcbride@openbsd.org> |
Allow the Address, Network, or Netmask values of the <IPsec-ID> to be specified with an interface name (in which case the first address is used) or the keyword 'default' (in which case the address is
Allow the Address, Network, or Netmask values of the <IPsec-ID> to be specified with an interface name (in which case the first address is used) or the keyword 'default' (in which case the address is selected based on the default route). eg:
[roadwarrior-ip] ID-type= IPV4_ADDR Address= default
ok ho@ hshoexer@
show more ...
|
#
cbe56935 |
| 23-Jun-2004 |
hshoexer <hshoexer@openbsd.org> |
Avoid stat before open. Do open and fstat instead. Remove check_file_secrecy() as it is obsoleted be check_file_secrecy_fd().
ok ho@
|
#
cd6bf844 |
| 20-Jun-2004 |
ho <ho@openbsd.org> |
NAT-Traversal for isakmpd. Work in progress... hshoexer@ ok.
|
#
4516ba27 |
| 23-May-2004 |
deraadt <deraadt@openbsd.org> |
stat before open is flawed
|
#
fb9475d6 |
| 15-Apr-2004 |
deraadt <deraadt@openbsd.org> |
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our
partial move to KNF. More to come. This has happened because there are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
show more ...
|
#
6153a28b |
| 10-Mar-2004 |
hshoexer <hshoexer@openbsd.org> |
Fix payload handling flaws found by cloder@. Based on initial patch by cloder@. Testing by markus@ cloder@ hshoexer@.
ok ho@
|
#
b3d7e957 |
| 14-Dec-2003 |
ho <ho@openbsd.org> |
Log the actual port for src and dst, don't assume it's always 500.
|
#
4a2e0fb7 |
| 03-Jun-2003 |
ho <ho@openbsd.org> |
Remove clauses 3 and 4. With approval from Niklas Hallqvist and Niels Provos.
|
#
52e9f6e6 |
| 28-May-2002 |
ho <ho@openbsd.org> |
off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>
|
#
8a117210 |
| 26-Oct-2001 |
ho <ho@openbsd.org> |
Just rename sockaddr_data/len functions to sockaddr_addrdata/addrlen.
|
#
8400b568 |
| 22-Aug-2001 |
niklas <niklas@openbsd.org> |
Alphabeticize extern decls.
|
#
4c8c122b |
| 05-Jul-2001 |
ho <ho@openbsd.org> |
Add prototypes and some other various cleanup.
|
#
e152a53b |
| 01-Jul-2001 |
niklas <niklas@openbsd.org> |
strict strtol checking. text2sockaddr/sockaddr2text implementations for systems without get{addr,name}info calls. Some style police.
|
#
b7465804 |
| 29-Jun-2001 |
ho <ho@openbsd.org> |
Initial IPv6 support. (niklas@ ok)
|