aboutsummaryrefslogtreecommitdiff
path: root/sys/netipsec
Commit message (Expand)AuthorAgeFilesLines
* add include now required for crypto flagsSam Leffler2007-03-221-0/+2
* Overhaul driver/subsystem api's:Sam Leffler2007-03-211-1/+1
* s,#if INET6,#ifdef INET6,Bjoern A. Zeeb2006-12-142-2/+2
* MFp4: 92972, 98913 + one more changeBjoern A. Zeeb2006-12-122-3/+15
* Add priv.h include required to build FAST_IPSEC, which is not present inRobert Watson2006-11-071-0/+1
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningRobert Watson2006-11-061-1/+3
* Fix build breakage from previous commit which confused key_abort and key_close.George V. Neville-Neil2006-07-221-1/+1
* Change semantics of socket close and detach. Add a new protocol switchRobert Watson2006-07-211-0/+12
* - Use suser_cred(9) instead of directly comparing cr_uid.Pawel Jakub Dawidek2006-06-271-2/+3
* Add a pseudo interface for packet filtering IPSec connections before or afterAndrew Thompson2006-06-264-0/+35
* Change '#if INET' and '#if INET6' to '#ifdef INET' and '#ifdef INET6'.Pawel Jakub Dawidek2006-06-042-3/+3
* Extend the notdef #ifdef to cover the packet copy as there is no point in doi...George V. Neville-Neil2006-06-041-8/+4
* Prevent disappearing SAD entries by implementing MPsafe refcounting.Pawel Jakub Dawidek2006-05-201-20/+33
* - The authsize field from auth_hash structure was removed.Pawel Jakub Dawidek2006-05-172-10/+11
* Hide net.inet.ipsec.test_{replay,integrity} sysctls under #ifdef REGRESSION.Pawel Jakub Dawidek2006-04-104-0/+12
* Introduce two new sysctls:Pawel Jakub Dawidek2006-04-094-2/+54
* Be consistent with the rest of the code.Pawel Jakub Dawidek2006-04-091-1/+1
* Remove unused variables s and error in key_detach. The previousDima Dorfman2006-04-041-1/+0
* Remove unintended DEBUG flag setting.George V. Neville-Neil2006-04-041-1/+0
* Chance protocol switch method pru_detach() so that it returns voidRobert Watson2006-04-011-12/+8
* Change protocol switch pru_abort() API so that it returns void ratherRobert Watson2006-04-011-6/+3
* Fix more stack corruptions on amd64.Bjoern A. Zeeb2006-03-302-19/+11
* First steps towards IPSec cleanup.George V. Neville-Neil2006-03-257-105/+257
* Allow to use fast_ipsec(4) on debug.mpsafenet=0 and INVARIANTS-enabledPawel Jakub Dawidek2006-03-233-11/+44
* Add missing code needed for the detection of IPSec packet replays. [1]Colin Percival2006-03-221-0/+17
* promote fast ipsec's m_clone routine for public use; it is renamedSam Leffler2006-03-155-153/+3
* Fix stack corruptions on amd64.Bjoern A. Zeeb2006-01-212-15/+3
* Fix -Wundef warnings found when compiling i386 LINT, GENERIC andRuslan Ermilov2005-12-051-1/+1
* Use sparse initializers for "struct domain" and "struct protosw",Ruslan Ermilov2005-11-091-8/+16
* Retire MT_HEADER mbuf type and change its users to use MT_DATA.Andre Oppermann2005-11-021-1/+1
* Replace custom mbuf writeability test with generic M_WRITABLE() testAndre Oppermann2005-09-261-1/+1
* Correct typo in a comment describing vshiftl().Hiten Pandya2005-06-021-1/+1
* correct space checkSam Leffler2005-03-091-1/+1
* /* -> /*- for license, minor formatting changesWarner Losh2005-01-0726-26/+26
* Initialize struct pr_userreqs in new/sparse style and fill in commonPoul-Henning Kamp2004-11-081-8/+10
* Remove extraneous SECPOLICY_LOCK_DESTROY calls that cause the mutex to beSam Leffler2004-10-021-2/+0
* Add missing locking for secpolicy refcnt manipulations.Sam Leffler2004-09-303-3/+16
* Correct handling of SADB_UPDATE and SADB_ADD requests. key_align may splitSam Leffler2004-09-261-5/+0
* Protect sockaddr_union definitions with a protecting define. This allows toMax Laier2004-09-231-0/+3
* Apply error and success logic consistently to the function netisr_queue() andAndre Oppermann2004-08-272-3/+3
* Get rid of the RANDOM_IP_ID option and make it a sysctl. NetBSDDavid Malone2004-08-141-6/+1
* Add required includes for post-sorwakeup() change to fix FAST_IPSECBruce M Simpson2004-06-231-0/+2
* Fix a paste-o in key_cmpspidx_withmask().Bruce M Simpson2004-06-221-2/+2
* use correct address for SADB_EXT_ADDRESS_DST in key_do_allocsa_policySam Leffler2004-05-031-2/+2
* correct behaviour of key_getsavbyspi broken in rev 1.7; corrects problems withSam Leffler2004-05-031-2/+2
* add support to prefer old SA to new SA during allocationSam Leffler2004-05-031-18/+27
* Fix a debugging printf snafu.Bruce M Simpson2004-04-201-1/+1
* use native names for if_link, ifa_link, if_addrhead.Luigi Rizzo2004-04-171-4/+2
* Unbreak FAST_IPSEC build on 64 bit archs with INVARIANTS.Pawel Jakub Dawidek2004-04-071-1/+1
* This file was erroneously removed from HEAD when TCP-MD5 support was MFC'd;Bruce M Simpson2004-04-031-0/+169