| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
| |
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal
userland key management applications when security services are requested.
this is only for outgoing connections at the moment, incoming packets
are not yet checked against the selected socket policy.
|
| | |
|
| |
|
|
| |
and suseconds_t types for XPG4.2.
|
| |
|
|
| |
in_addr_t is for (same basic type so we don't break anything).
|
| |
|
|
| |
not rpc-specific and other stuff uses it now.
|
| | |
|
| |
|
|
| |
Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"... Allow the user to nominate one of three ranges of port numbers as
candidates for selecting a local address to replace a zero port number.
The ranges are selected via a setsockopt(s, IPPROTO_IP, IP_PORTRANGE, &arg)
call. The three ranges are: default, high (to bypass firewalls) and
low (to get a port below 1024).
The default and high port ranges are sysctl settable under sysctl
net.inet.ip.portrange.* [net.inet.ip.portfirst, net.inet.ip.portlast,
net.inet.ip.porthifirst, and net.inet.ip.porthilast currently in OpenBSD.]
This code also fixes a potential deadlock if the system accidently ran out
of local port addresses. It'd drop into an infinite while loop.
The secure port selection (for root) should reduce overheads and increase
reliability of rlogin/rlogind/rsh/rshd if they are modified to take
advantage of it."
|
| | |
|
| |
|
|
| |
and gated wants it to there ;)
|
| | |
|
| | |
|
| |
|
deraadt
provos
millert
angelos
downsj
niklas
mickey