aboutsummaryrefslogtreecommitdiff
path: root/sys/netipsec
Commit message (Expand)AuthorAgeFilesLines
* uma: implement provisional api for per-cpu zonesMateusz Guzik2018-06-081-2/+2
* Rework IP encapsulation handling code.Andrey V. Elsukov2018-06-051-37/+27
* Correctly handle the padding for IPv6-AH, as specified by RFC4302Conrad Meyer2018-06-041-20/+36
* Temporary disable SPDCACHE statistic accounting until proper fix will beAndrey V. Elsukov2018-05-281-2/+2
* netipsec/!VIMAGE: don't declare/define spdcache_destroy on non-VIMAGE buildsMatt Macy2018-05-241-2/+4
* Add a SPD cache to speed up lookups.Fabien Thomas2018-05-222-22/+258
* Merge r1.22-1.23 from NetBSD:Andrey V. Elsukov2018-04-261-6/+10
* Set the proper vnet in IPsec callback functions.John Baldwin2018-03-204-0/+31
* Rework key_sendup_mbuf() a bit:Andrey V. Elsukov2018-03-111-40/+20
* Add KASSERT to check that proper targed was used.Andrey V. Elsukov2018-03-111-0/+2
* Replace panic() with KASSERTs.Andrey V. Elsukov2018-03-111-4/+3
* Check that we have PF_KEY sockets before iterating over all RAW sockets.Andrey V. Elsukov2018-03-111-0/+5
* Remove obsoleted and unused key_sendup() function.Andrey V. Elsukov2018-03-112-90/+2
* Remove unused variables and sysctl declaration.Andrey V. Elsukov2018-02-192-9/+0
* Check packet length to do not make out of bounds access. Also save ah_nxtAndrey V. Elsukov2018-02-191-1/+14
* Adopt revision 1.76 and 1.77 from NetBSD:Andrey V. Elsukov2018-01-241-42/+26
* Merge revision 1.35 from NetBSD:Andrey V. Elsukov2018-01-241-2/+2
* Do pass removing some write-only variables from the kernel.Alexander Kabaev2017-12-254-15/+0
* Do better cleaning in key_destroy() for VIMAGE case.Andrey V. Elsukov2017-12-011-0/+19
* sys: general adoption of SPDX licensing ID tags.Pedro F. Giffuni2017-11-274-0/+8
* sys: further adoption of SPDX licensing ID tags.Pedro F. Giffuni2017-11-2015-0/+30
* ipsec: Use the same keysize values for HMAC as prior to r324017Conrad Meyer2017-11-151-1/+1
* Use correct pointer in key_updateaddresses() when updating NAT-T config.Andrey V. Elsukov2017-11-031-1/+1
* crypto(9) is called from ipsec in CRYPTO_F_CBIFSYNC mode. This is workingFabien Thomas2017-11-034-0/+22
* opencrypto: Loosen restriction on HMAC key sizesConrad Meyer2017-09-261-2/+2
* Fix possible double releasing for SA reference.Andrey V. Elsukov2017-09-011-5/+2
* Remove stale comments.Andrey V. Elsukov2017-08-211-2/+0
* Fix the regression introduced in r275710.Andrey V. Elsukov2017-08-214-14/+18
* Make user supplied data checks a bit stricter.Andrey V. Elsukov2017-08-091-5/+21
* Add inpcb pointer to struct ipsec_ctx_data and pass it to the pfil hookAndrey V. Elsukov2017-07-313-15/+20
* Build kdebug_secreplay() function only when IPSEC_DEBUG is defined.Andrey V. Elsukov2017-06-011-4/+2
* Disable IPsec debugging code by default when IPSEC_DEBUG kernel optionAndrey V. Elsukov2017-05-297-26/+28
* Fix possible double releasing for SA and SP references.Andrey V. Elsukov2017-05-234-8/+6
* Fix possible double releasing for SA reference.Andrey V. Elsukov2017-05-234-31/+41
* Remove register keyword from sys/ and ANSIfy prototypesEd Maste2017-05-171-2/+2
* Fix SP refcount leak.Andrey V. Elsukov2017-04-261-2/+6
* Add large replay widow support to setkey(8) and libipsec.Andrey V. Elsukov2017-04-131-25/+78
* When we are doing SA lookup for TCP-MD5, check both source andAndrey V. Elsukov2017-04-041-2/+4
* GC some unused declarations.Andrey V. Elsukov2017-04-031-22/+0
* Fix bug in r308972 that leads to panic when non-compressed IPCompAndrey V. Elsukov2017-03-291-2/+2
* Introduce the concept of IPsec security policies scope.Andrey V. Elsukov2017-03-072-71/+118
* For translated packets do not adjust UDP checksum if it is zero.Andrey V. Elsukov2017-02-181-0/+3
* Fix LINT build for powerpc.Andrey V. Elsukov2017-02-161-26/+30
* Move tcp_fields_to_net() static inline into tcp_var.h, just below itsGleb Smirnoff2017-02-101-10/+0
* Merge projects/ipsec into head/.Andrey V. Elsukov2017-02-0622-5489/+7256
* Add direction argument to ipsec_setspidx_inpcb() function.Andrey V. Elsukov2017-01-081-7/+10
* Add a missing headerScott Long2016-11-261-0/+1
* netipsec: fix build after 309144Ed Maste2016-11-261-0/+2
* IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets.Fabien Thomas2016-11-256-119/+217
* Remove the 4.3BSD compatible macro m_copy(), use m_copym() instead.Kevin Lo2016-09-151-2/+2
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 08:15:06 +0000