wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

	Commit message (Collapse)	Author	Age	Files	Lines
*	Use clock_gettime(CLOCK_MONOTONIC) to schedule timers	jca	2017-12-05	1	-2/+2
\| \| \| \|	From Scott Cheloha, ok tb@
*	Remove a mid-layer which acts like arc4random isn't fairly standard.	deraadt	2014-01-23	1	-3/+1
\| \| \| \|	ok mikeb
*	regrand can die, from millert	deraadt	2014-01-22	1	-2/+1
\|
*	improve randomization. remove some junk debugging features that are	deraadt	2014-01-22	1	-2/+3
\| \| \| \| \|	fundamentally broken. ok jsing mikeb
*	add support to tag ipsec traffic belonging to specific IKE-initiated	reyk	2006-11-24	1	-1/+2
\| \| \| \| \| \| \| \| \| \| \|	phase 2 traffic. this allows policy-based filtering of encrypted and unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and isakmpd.conf(5) for details and examples. this is work in progress and still needs some testing and feedback, but it is safe to put it in now. ok hshoexer@
*	remove some unused functions and an unused variable found by lint.	hshoexer	2005-12-28	1	-4/+1
\| \| \| \|	ok markus@
*	Add a new raw2hex function and yank out several pieces of code in other	cloder	2005-11-15	1	-1/+2
\| \| \| \|	places that were doing this. Prodding deraadt. OK hshoexer.
*	output some more information on UI command "S"	hshoexer	2005-07-25	1	-1/+3
\| \| \| \|	ok ho@
*	Make deterministic randomness (only ever used for testing) a compile-time	cloder	2005-04-08	1	-1/+2
\| \| \| \| \| \| \| \|	option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
*	remove dead code, noted by ho@	hshoexer	2005-03-10	1	-7/+1
\|
*	remove unused function udp_decode_port(), add modified version as text2port() to	hshoexer	2005-03-04	1	-1/+2
\| \| \| \| \| \|	utilities. ok cloder ho
*	Allow the Address, Network, or Netmask values of the <IPsec-ID> to be	mcbride	2004-12-14	1	-2/+3
\| \| \| \| \| \| \| \| \| \| \| \|	specified with an interface name (in which case the first address is used) or the keyword 'default' (in which case the address is selected based on the default route). eg: [roadwarrior-ip] ID-type= IPV4_ADDR Address= default ok ho@ hshoexer@
*	Avoid stat before open. Do open and fstat instead.	hshoexer	2004-06-23	1	-2/+1
\| \| \| \| \| \|	Remove check_file_secrecy() as it is obsoleted be check_file_secrecy_fd(). ok ho@
*	NAT-Traversal for isakmpd. Work in progress...	ho	2004-06-20	1	-2/+3
\| \| \| \|	hshoexer@ ok.
*	stat before open is flawed	deraadt	2004-05-23	1	-1/+2
\|
*	partial move to KNF. More to come. This has happened because there	deraadt	2004-04-15	1	-24/+24
\| \| \| \| \| \|	are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
*	Fix payload handling flaws found by cloder@. Based on initial patch by	hshoexer	2004-03-10	1	-3/+1
\| \| \| \| \| \|	cloder@. Testing by markus@ cloder@ hshoexer@. ok ho@
*	Log the actual port for src and dst, don't assume it's always 500.	ho	2003-12-14	1	-1/+2
\|
*	Remove clauses 3 and 4. With approval from Niklas Hallqvist and	ho	2003-06-03	1	-6/+1
\| \| \| \|	Niels Provos.
*	off_t to size_t change for printf format and malloc. Pointed out by <greg@nest.cx>	ho	2002-05-28	1	-2/+2
\|
*	Just rename sockaddr_data/len functions to sockaddr_addrdata/addrlen.	ho	2001-10-26	1	-3/+3
\|
*	Alphabeticize extern decls.	niklas	2001-08-22	1	-6/+6
\|
*	Add prototypes and some other various cleanup.	ho	2001-07-05	1	-1/+2
\|
*	strict strtol checking. text2sockaddr/sockaddr2text implementations	niklas	2001-07-01	1	-1/+3
\| \| \| \|	for systems without get{addr,name}info calls. Some style police.
*	Initial IPv6 support. (niklas@ ok)	ho	2001-06-29	1	-2/+4
\|
*	A few more functions to help with IPv6 support. By Niklas and me.	ho	2001-06-27	1	-1/+6
\|
*	policy.c: Merge with EOM 1.49	niklas	2000-11-23	1	-2/+6
\| \| \| \| \| \| \|	util.h: Merge with EOM 1.10 author: niklas style and removal of unused, unneeded code
*	Merge with EOM 1.9	niklas	2000-10-16	1	-2/+6
\| \| \| \| \|	author: angelos Correct byte-order handling in encode/decode_128, add function prototypes.
*	util.h: Merge with EOM 1.8	niklas	2000-10-13	1	-2/+3
\| \| \| \| \| \| \|	ike_auth.c: Merge with EOM 1.57 author: ho Add file permission check to private key file. Split out check function to util.c.
*	regress/rsakeygen/Makefile: Merge with EOM 1.5	niklas	1999-08-05	1	-2/+4
\| \| \| \| \| \| \| \| \| \| \|	sysdep/openbsd/sysdep.c: Merge with EOM 1.8 cookie.c: Merge with EOM 1.21 util.c: Merge with EOM 1.15 util.h: Merge with EOM 1.7 author: niklas Move regrand var to util.c, and get the decl from util.h, do not update the cookie secret if in deterministic mode.
*	Add RCS Ids from the EOM repository	niklas	1998-11-17	1	-1/+2
\|
*	openBSD RCS IDs	niklas	1998-11-15	1	-1/+1
\|
*	Initial import of isakmpd, an IKE (ISAKMP/Oakley) implementation for the	niklas	1998-11-15	1	-0/+53
	OpenBSD IPSEC stack by me, Niklas Hallqvist and Niels Provos, funded by Ericsson Radio Systems. It is not yet complete or usable in a real scenario but the missing pieces will soon be there. The early commit is for people who wants early access and who are not afraid of looking at source. isakmpd interops with Cisco, Timestep, SSH & Pluto (Linux FreeS/WAN) so far, so it is not that incomplete. It is really mostly configuration that is lacking.