| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Store local-address by address family. This allows to configure both |   claudio | 2020-04-23 | 1 | -10/+23 |
| * | Add some TCP MD5SUM specific calls needed by protable. On Linux systems | claudio | 2019-10-01 | 1 | -2/+17 |
| * | Pass a struct listen_addr pointer to tcp_md5_listen and not just the fd, | claudio | 2019-09-30 | 1 | -3/+3 |
| * | cleanup return code checks for the pfkey_*() functions. |   benno | 2019-06-25 | 1 | -31/+31 |
| * | Cleanup, remove some unneded spaces add some other where needed. | claudio | 2019-06-17 | 1 | -2/+1 |
| * | Rework pfkey handling a bit. The old remove then add way of inserting md5sig | claudio | 2019-05-29 | 1 | -74/+122 |
| * | Rework the TCP md5sig and IKE handling. Move the pfkey socket to the parent | claudio | 2019-05-08 | 1 | -36/+102 |
| * | Forgot to set the sockaddr length field which is mandatory on the pfkey socket. | claudio | 2019-02-20 | 1 | -3/+7 |
| * | Do not depend on the length field of struct sockaddr instead pass the | claudio | 2019-02-18 | 1 | -5/+6 |
| * | whitespace cleanup, ok claudio@ | benno | 2018-09-20 | 1 | -2/+3 |
| * | undo unintentional commits |   phessler | 2017-08-21 | 1 | -1/+3 |
| * | /* $OpenBSD: parse.y,v 1.314 2017/08/12 16:47:50 phessler Exp $ */ | phessler | 2017-08-21 | 1 | -3/+1 |
| * | use freezero() |   deraadt | 2017-04-18 | 1 | -7/+4 |
| * | Fix breakage of md5 authentication. |   renato | 2017-03-02 | 1 | -4/+4 |
| * | Add missing htonl for IPsec SPI. | renato | 2017-02-22 | 1 | -2/+2 |
| * | sync log.c from relayd et al to bgpd. | benno | 2017-01-24 | 1 | -1/+2 |
| * | explicit_bzero() from Michael McConville, thanks! |   florian | 2015-09-13 | 1 | -4/+4 |
| * | Make also the special sockets SOCK_NONBLOCK. For the routing socket add | claudio | 2015-02-10 | 1 | -2/+7 |
| * | Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or | claudio | 2015-02-09 | 1 | -2/+2 |
| * | Use reallocarray() throughout to spot multiplicative int overflow. | deraadt | 2014-10-08 | 1 | -3/+3 |
| * | The PF_KEY socket is like the routing socket. It must be polled all the | claudio | 2010-12-09 | 1 | -21/+36 |
| * | addr2sa() will return NULL for AID_UNSPEC and pfkey_send() may end up with | claudio | 2009-12-14 | 1 | -3/+6 |
| * | Doh, switch src and dst in memcpy calls or the wrong thing gets copied. | claudio | 2009-12-06 | 1 | -3/+3 |
| * | Use an artificial address family id in struct bgpd_addr and almost everywhere | claudio | 2009-12-01 | 1 | -29/+17 |
| * | instead of calling getpid() all over the place do it once, claudio ok |   henning | 2009-04-21 | 1 | -3/+7 |
| * | ignore pfkey replies not for us and discard them | henning | 2009-04-21 | 1 | -6/+19 |
| * | add a stupid workaround for a race somewhere in the crypto code in the | henning | 2009-02-25 | 1 | -1/+3 |
| * | * make sure we keep copies of everything we need to | henning | 2006-10-26 | 1 | -37/+53 |
| * | storing the dynamically acquired SPIs for tcpmd5 inside the conf struct | henning | 2006-10-26 | 1 | -14/+14 |
| * | writing to the pfkey socket can give EAGAIN and we must retry. | henning | 2006-08-30 | 1 | -10/+9 |
| * | "not reached" does not help LINT use NOTREACHED instead and use it only in | claudio | 2004-11-10 | 1 | -3/+1 |
| * | detect absence of PF_KEY interface and/or the TCP_MD5SIG setsockopts | henning | 2004-05-28 | 1 | -6/+9 |
| * | actually reset p->auth_established to 0 in pfkey_[md5sig|ipsec]_remove | henning | 2004-05-06 | 1 | -1/+4 |
| * | we need a seperate field for the md5 key len, can't use strlen, noticed | henning | 2004-05-06 | 1 | -7/+9 |
| * | support for AH flows and SAs |   markus | 2004-04-28 | 1 | -17/+48 |
| * | do not give up on ESRCH, someone might have mucked with ipsecadm behind | henning | 2004-04-28 | 1 | -1/+1 |
| * | make this at least compile | henning | 2004-04-28 | 1 | -3/+7 |
| * | make sure send and reply are in sync; ok henning | markus | 2004-04-28 | 1 | -1/+25 |
| * | keep track of which ipsec/md5 SAs we inserted - ESRCH on blind removal | henning | 2004-04-28 | 1 | -2/+5 |
| * | don't load SAs into the kernel if IKE is used. | markus | 2004-04-28 | 1 | -50/+47 |
| * | prefix the auth related defines by AUTH_, we had a name clash, markus ok | henning | 2004-04-28 | 1 | -3/+3 |
| * | rename the ipsec struct to auth, move all tcpmd5 related fields in there, and | henning | 2004-04-27 | 1 | -22/+25 |
| * | two missing breaks, repairs tcpmd5, with markus | henning | 2004-04-27 | 1 | -1/+3 |
| * | restrict the ipsec flows to BGP only; ok henning | markus | 2004-04-27 | 1 | -43/+127 |
| * | crud stripping; henning ok | deraadt | 2004-04-27 | 1 | -2/+2 |
| * | load ipsec SAs into the kernel and enable them. | markus | 2004-04-26 | 1 | -28/+224 |
| * | allow empty (wildcard) sockaddr for src or dst | henning | 2004-03-31 | 1 | -1/+7 |
| * | use switch instead of if { } else if { } else { } | henning | 2004-03-15 | 1 | -7/+15 |
| * | missing free() in an error path that should be unreachable | henning | 2004-01-30 | 1 | -2/+5 |
| * | implement | henning | 2004-01-28 | 1 | -20/+6 |
