| Commit message (Expand) | Author | Age | Files | Lines |
* | Store local-address by address family. This allows to configure both | claudio | 2020-04-23 | 1 | -10/+23 |
* | Add some TCP MD5SUM specific calls needed by protable. On Linux systems | claudio | 2019-10-01 | 1 | -2/+17 |
* | Pass a struct listen_addr pointer to tcp_md5_listen and not just the fd, | claudio | 2019-09-30 | 1 | -3/+3 |
* | cleanup return code checks for the pfkey_*() functions. | benno | 2019-06-25 | 1 | -31/+31 |
* | Cleanup, remove some unneded spaces add some other where needed. | claudio | 2019-06-17 | 1 | -2/+1 |
* | Rework pfkey handling a bit. The old remove then add way of inserting md5sig | claudio | 2019-05-29 | 1 | -74/+122 |
* | Rework the TCP md5sig and IKE handling. Move the pfkey socket to the parent | claudio | 2019-05-08 | 1 | -36/+102 |
* | Forgot to set the sockaddr length field which is mandatory on the pfkey socket. | claudio | 2019-02-20 | 1 | -3/+7 |
* | Do not depend on the length field of struct sockaddr instead pass the | claudio | 2019-02-18 | 1 | -5/+6 |
* | whitespace cleanup, ok claudio@ | benno | 2018-09-20 | 1 | -2/+3 |
* | undo unintentional commits | phessler | 2017-08-21 | 1 | -1/+3 |
* | /* $OpenBSD: parse.y,v 1.314 2017/08/12 16:47:50 phessler Exp $ */ | phessler | 2017-08-21 | 1 | -3/+1 |
* | use freezero() | deraadt | 2017-04-18 | 1 | -7/+4 |
* | Fix breakage of md5 authentication. | renato | 2017-03-02 | 1 | -4/+4 |
* | Add missing htonl for IPsec SPI. | renato | 2017-02-22 | 1 | -2/+2 |
* | sync log.c from relayd et al to bgpd. | benno | 2017-01-24 | 1 | -1/+2 |
* | explicit_bzero() from Michael McConville, thanks! | florian | 2015-09-13 | 1 | -4/+4 |
* | Make also the special sockets SOCK_NONBLOCK. For the routing socket add | claudio | 2015-02-10 | 1 | -2/+7 |
* | Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or | claudio | 2015-02-09 | 1 | -2/+2 |
* | Use reallocarray() throughout to spot multiplicative int overflow. | deraadt | 2014-10-08 | 1 | -3/+3 |
* | The PF_KEY socket is like the routing socket. It must be polled all the | claudio | 2010-12-09 | 1 | -21/+36 |
* | addr2sa() will return NULL for AID_UNSPEC and pfkey_send() may end up with | claudio | 2009-12-14 | 1 | -3/+6 |
* | Doh, switch src and dst in memcpy calls or the wrong thing gets copied. | claudio | 2009-12-06 | 1 | -3/+3 |
* | Use an artificial address family id in struct bgpd_addr and almost everywhere | claudio | 2009-12-01 | 1 | -29/+17 |
* | instead of calling getpid() all over the place do it once, claudio ok | henning | 2009-04-21 | 1 | -3/+7 |
* | ignore pfkey replies not for us and discard them | henning | 2009-04-21 | 1 | -6/+19 |
* | add a stupid workaround for a race somewhere in the crypto code in the | henning | 2009-02-25 | 1 | -1/+3 |
* | * make sure we keep copies of everything we need to | henning | 2006-10-26 | 1 | -37/+53 |
* | storing the dynamically acquired SPIs for tcpmd5 inside the conf struct | henning | 2006-10-26 | 1 | -14/+14 |
* | writing to the pfkey socket can give EAGAIN and we must retry. | henning | 2006-08-30 | 1 | -10/+9 |
* | "not reached" does not help LINT use NOTREACHED instead and use it only in | claudio | 2004-11-10 | 1 | -3/+1 |
* | detect absence of PF_KEY interface and/or the TCP_MD5SIG setsockopts | henning | 2004-05-28 | 1 | -6/+9 |
* | actually reset p->auth_established to 0 in pfkey_[md5sig|ipsec]_remove | henning | 2004-05-06 | 1 | -1/+4 |
* | we need a seperate field for the md5 key len, can't use strlen, noticed | henning | 2004-05-06 | 1 | -7/+9 |
* | support for AH flows and SAs | markus | 2004-04-28 | 1 | -17/+48 |
* | do not give up on ESRCH, someone might have mucked with ipsecadm behind | henning | 2004-04-28 | 1 | -1/+1 |
* | make this at least compile | henning | 2004-04-28 | 1 | -3/+7 |
* | make sure send and reply are in sync; ok henning | markus | 2004-04-28 | 1 | -1/+25 |
* | keep track of which ipsec/md5 SAs we inserted - ESRCH on blind removal | henning | 2004-04-28 | 1 | -2/+5 |
* | don't load SAs into the kernel if IKE is used. | markus | 2004-04-28 | 1 | -50/+47 |
* | prefix the auth related defines by AUTH_, we had a name clash, markus ok | henning | 2004-04-28 | 1 | -3/+3 |
* | rename the ipsec struct to auth, move all tcpmd5 related fields in there, and | henning | 2004-04-27 | 1 | -22/+25 |
* | two missing breaks, repairs tcpmd5, with markus | henning | 2004-04-27 | 1 | -1/+3 |
* | restrict the ipsec flows to BGP only; ok henning | markus | 2004-04-27 | 1 | -43/+127 |
* | crud stripping; henning ok | deraadt | 2004-04-27 | 1 | -2/+2 |
* | load ipsec SAs into the kernel and enable them. | markus | 2004-04-26 | 1 | -28/+224 |
* | allow empty (wildcard) sockaddr for src or dst | henning | 2004-03-31 | 1 | -1/+7 |
* | use switch instead of if { } else if { } else { } | henning | 2004-03-15 | 1 | -7/+15 |
* | missing free() in an error path that should be unreachable | henning | 2004-01-30 | 1 | -2/+5 |
* | implement | henning | 2004-01-28 | 1 | -20/+6 |