|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
|
| #
1.13 |
|
13-Sep-2016 |
mikeb |
Disable the timer event before attempting to change it
Report and fix by Nikolay Edigaryev <edigaryev at gmail ! com>,
thanks! OK reyk@
|
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
|
| #
1.12 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
|
| #
1.11 |
|
24-Jan-2014 |
mikeb |
use a bit saner timer api
|
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
|
| #
1.10 |
|
08-Jan-2013 |
reyk |
Remove private CVS tag from an obsolete repository and bump copyright
to 2013 while I'm here... this is my way of saying "happy new year!".
|
| #
1.9 |
|
18-Sep-2012 |
reyk |
update email addresses to match reality.
sure jsg@ mikeb@
|
|
Revision tags: OPENBSD_5_2_BASE
|
|
| #
1.8 |
|
22-Jun-2012 |
mikeb |
decouple timer initialization from timer_register
|
| #
1.7 |
|
30-May-2012 |
mikeb |
more timer changes
|
| #
1.6 |
|
29-May-2012 |
mikeb |
improve timer framework; will be needed soon
|
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
|
| #
1.5 |
|
27-May-2011 |
reyk |
spacing
|
|
Revision tags: OPENBSD_4_9_BASE
|
|
| #
1.4 |
|
26-Jan-2011 |
reyk |
Don't initiate any connections in passive mode, not even for ACQUIRE messages
from the PFKEY socket. This is needed for sasyncd.
ok mikeb@
|
| #
1.3 |
|
21-Jan-2011 |
reyk |
Reimplement the iked(8) policy evaluation for incoming connections to
use the last matching semantics of PF. The previous rbtree-based
implementation was broken and tried to do a longest prefix match. But
instead of prefix match and using radix-trees to fix it I decided with
mikeb@ to implement it as last matching policy evaluation. The last
matching policy wins; the "quick" keyword can enforce first matching;
additional keywords like "skip" are specific to iked(8). See
iked.conf(5) for more details.
The implementation also uses skip steps based on PF's code. It
significantly speeds up the evaluation of many policies but also adds
a little delay when loading them (only noticeable with thousands of
policies). This allows iked(8) to scale well with thousands of
configured policies but I also liked the fact to have skip steps in
another piece of code.
ok dhartmei@ for using his skip step code under the ISC license in policy.c
ok mikeb@, jmc@
|
|
Revision tags: OPENBSD_4_8_BASE
|
|
| #
1.2 |
|
14-Jun-2010 |
reyk |
More code for initiator mode (not finished yet)
|
| #
1.1 |
|
11-Jun-2010 |
reyk |
add some infrastructure to support timers and initiator mode later.
|