aboutsummaryrefslogtreecommitdiff
path: root/sys/netipsec
Commit message (Expand)AuthorAgeFilesLines
* ipsec: fix typo part2Wojciech Macek2021-09-271-1/+1
* ipsec: fix typo in commentWojciech Macek2021-09-271-2/+2
* ipsec: Add support for PMTUD for IPv6 tunnelsBartlomiej Grzesik2021-09-242-34/+133
* ipsec: If no PMTU in hostcache assume it's equal to link's MTUBartlomiej Grzesik2021-09-241-4/+18
* ipsec: Add PMTUD support for IPsec IPv4 over IPv6 tunnelBartlomiej Grzesik2021-09-241-6/+12
* ipsec: enter epoch before calling into ipsec_run_hhooksMateusz Guzik2021-09-211-11/+16
* ipsec: Validate the protocol identifier in ipsec4_ctlinput()Mark Johnston2021-09-101-1/+7
* ipsec: fix race condition in key.cWojciech Macek2021-08-131-16/+37
* ipsec: Return error code if no matching SA was foundKornel Duleba2021-08-131-0/+6
* ipsec: Check PMTU before sending a frame.Kornel Duleba2021-08-133-1/+90
* netipsec/key.c: Use ANSI C definition for key_random()Konstantin Belousov2021-08-101-1/+1
* netipsec/keydb.h: fix typoKonstantin Belousov2021-08-101-1/+1
* ipsec: Handle ICMP NEEDFRAG message.Wojciech Macek2021-08-097-0/+64
* socket: Implement SO_RERRORRoy Marples2021-07-281-5/+5
* ipsec: globalize lft zone and zero out buffers at allocation timeMateusz Guzik2021-06-281-12/+11
* Add missing sockaddr length and family validation to various protocolsMark Johnston2021-05-031-1/+1
* Revert "SO_RERROR indicates that receive buffer overflows should be handled a...Alexander V. Chernikov2021-02-081-5/+5
* SO_RERROR indicates that receive buffer overflows should be handled as errors.Alexander V. Chernikov2021-02-081-5/+5
* opencrypto: Introduce crypto_dispatch_async()Mark Johnston2021-02-082-12/+16
* Convert unmapped mbufs before computing checksums in IPsec.John Baldwin2021-01-191-2/+27
* Trigger soft lifetime expiration on sequence numberMarcin Wojtas2020-10-161-1/+6
* Add support for IPsec ESN and pass relevant information to crypto layerMarcin Wojtas2020-10-163-14/+122
* Implement anti-replay algorithm with ESN supportMarcin Wojtas2020-10-166-96/+222
* net: clean up empty lines in .c and .h filesMateusz Guzik2020-09-018-17/+2
* Simplify IPsec transform-specific teardown.John Baldwin2020-06-256-37/+18
* Enter and exit the network epoch for async IPsec callbacks.John Baldwin2020-06-252-6/+23
* Use zfree() to explicitly zero IPsec keys.John Baldwin2020-06-254-19/+4
* Add the SCTP_SUPPORT kernel option.Mark Johnston2020-06-181-3/+3
* Consistently include opt_ipsec.h for consumers of <netipsec/ipsec.h>.John Baldwin2020-05-295-5/+5
* Fix AES-CTR compatibility issue in ipsecMarcin Wojtas2020-05-261-1/+12
* Add support for optional separate output buffers to in-kernel crypto.John Baldwin2020-05-253-24/+12
* Don't pass bogus keys down for NULL algorithms.John Baldwin2020-05-022-5/+9
* Remove support for IPsec algorithms deprecated in r348205 and r360202.John Baldwin2020-05-025-69/+1
* Fix name of 3DES cipher in deprecation warning.John Baldwin2020-04-221-1/+1
* Deprecate 3des support in IPsec for FreeBSD 13.John Baldwin2020-04-221-1/+5
* Update comments about IVs used in IPsec ESP.John Baldwin2020-04-201-16/+30
* Generate IVs directly in esp_output.John Baldwin2020-04-201-4/+4
* Refactor driver and consumer interfaces for OCF (in-kernel crypto).John Baldwin2020-03-274-194/+141
* Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many)Pawel Biernacki2020-02-263-6/+11
* netipsec: fix a mismatched uma_zfree -> uma_zfree_pcpuMateusz Guzik2020-02-121-1/+1
* Fix m_pullup() problem after removing PULLDOWN_TESTs and KAME EXT_*macros.Bjoern A. Zeeb2019-12-012-12/+16
* Add support for dummy ESP packets with next header field equal toAndrey V. Elsukov2019-11-271-0/+7
* netinet*: replace IP6_EXTHDR_GET()Bjoern A. Zeeb2019-11-152-5/+12
* Widen NET_EPOCH coverage.Gleb Smirnoff2019-10-071-0/+4
* Fix broken window replay check that will allow old packet to be accepted.Fabien Thomas2019-09-061-0/+2
* Add missing new line in several log messages.Andrey V. Elsukov2019-08-091-6/+6
* netipsec key_register: check for M_NOWAIT alloc failureRyan Libby2019-06-251-1/+1
* Make the warning intervals for deprecated crypto algorithms tunable.John Baldwin2019-06-114-10/+15
* Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.John Baldwin2019-05-232-0/+45
* Replace read_random(9) with more appropriate arc4rand(9) KPIsConrad Meyer2019-04-043-27/+2
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-15 16:28:15 +0000