Age | Commit message (Collapse) | Author | |
---|---|---|---|
2002-08-16 | fix size in MALLOC/bzero call, from sam@errno.com, ok deraadt@ | Daniel Hartmeier | |
2002-07-17 | I don't know why this breaks things for me when sshd starts on sparc64. | Artur Grabowski | |
But after wasting the whole day trying to just locate the problem I don't care. Back out since this wasn't tested and showed to anyone else. | |||
2002-07-16 | Double-pass over drivers, first hardware only, then software (if we | Angelos D. Keromytis | |
are interested in software). | |||
2002-07-16 | Fix a typo, cleanup on session migration code in crypto_invoke(), and | Angelos D. Keromytis | |
add a convention that if the driver returns ERESTART as an error message of its process method, the crypto framework will unregister the driver and migrate all its sessions. After discussion with Sam Leffler and Jason Wright. | |||
2002-07-16 | Add CRYPTO_ALGORITHM_ALL | Angelos D. Keromytis | |
2002-07-10 | proper cdev_decl(crypto) and no private protos | Michael Shalayeff | |
2002-07-10 | use right sizeof in memcpy; markus ok | Theo de Raadt | |
2002-07-02 | inital -> initial | Nathan Binkert | |
2002-06-19 | ansi | Theo de Raadt | |
2002-06-19 | re-enable both crypto operations | Theo de Raadt | |
2002-06-12 | looks slightly better | Theo de Raadt | |
2002-06-12 | undo 1.46; fixes double free (the keys are freed on session close). | Markus Friedl | |
passes regress/sys/crypto | |||
2002-06-12 | so let us analyse the development process here: | Theo de Raadt | |
- complete breakage of symmetric userland crypto - fast commit without review by other developers - no regression test run (markus points out regression crash kernel) Hence, we must disable userland crypto for now, until it gets repaired by these people who don't follow process.... | |||
2002-06-11 | kernel changes to make asymmetric crypto work in userland | Bob Beck | |
- modify getfeat to return something more useful to us on devices (like lofn and everything else until jason fixes it) that can't do rsa stuff, etc and can only do mod_exp.. - error handling fixes so we correctly fail to software when we can't deal with a particular key size - add sysctl kern.userasymcrypto to turn on/off userland asymmetric crypto via /dev/crypto - 1 == on, 0 == off, default is off | |||
2002-06-10 | fix ivory tower greek fix. ok angelos@ | Bob Beck | |
2002-06-10 | You should always free the keys, not just on error --- the crypto | Angelos D. Keromytis | |
framework doesn't hold on to these. | |||
2002-06-10 | __FUNCTION__ -> __func__ | Marc Espie | |
2002-06-09 | Don't use an int for the flags, when the structure uses | Angelos D. Keromytis | |
u_int8_t. Also, make sure the logic is correct (bad theo!) | |||
2002-06-07 | Handle csecreate errors. deraadt@ and beck@ | Thomas Nordin | |
2002-05-18 | not ready to export fcrypt to userland yet; spotted by lebel | Theo de Raadt | |
2002-05-18 | export struct fcrypt to userland | Theo de Raadt | |
2002-05-08 | Don't deref null pointer in failure case. | Jason Wright | |
2002-04-27 | 32 bit constraint is wrong, we think | Theo de Raadt | |
2002-04-26 | minor tweaks | Theo de Raadt | |
2002-04-26 | disable cryptodevallowsoft again; constrain key bit sizes to % 32cryptodev.c | Theo de Raadt | |
2002-04-24 | kernel API does not need the userland addresses, make them go away | Theo de Raadt | |
2002-04-23 | initial hack at a CIOCSYMFEAT ioctl | Theo de Raadt | |
2002-04-23 | driver queueing & callback code for keying operations | Theo de Raadt | |
2002-04-22 | KNF | Theo de Raadt | |
2002-04-08 | Credit DARPA/USAF appropriately. | Jason Wright | |
2002-04-03 | fix possible alignment problem; with markus@, angelos@ deraadt@ ok. | Federico G. Schwindt | |
2002-04-03 | disable userland crypto for 3.1 | Theo de Raadt | |
2002-03-19 | Don't keep the last blocksize-bytes of ciphertext for use as the next | Angelos D. Keromytis | |
plaintext's IV, in CBC mode. Use arc4random() to acquire fresh IVs per message instead (particularly useful for IPsec). This avoids the CBC oracle attack. provos@ ok | |||
2002-03-15 | Kill #if __STDC__ used to do K&R vs. ANSI varargs/stdarg; just do things | Todd C. Miller | |
the ANSI way. | |||
2002-03-14 | First round of __P removal in sys | Todd C. Miller | |
2002-03-05 | export MD5/SHA1 via /dev/crypto; ok provos@, beck@ | Markus Friedl | |
tested with cryptosoft and kern.cryptodevallowsoft=1 | |||
2002-03-04 | parts that copy in PK parameters | Theo de Raadt | |
2002-03-04 | remove old PK stuff | Theo de Raadt | |
2002-03-04 | crypto_check_alg() is not needed | Theo de Raadt | |
2002-03-02 | do some more renaming | Theo de Raadt | |
2002-03-02 | initial cut at crypto_sop definitions for symmetric crypto | Theo de Raadt | |
2002-03-01 | sysctl for cryptodevallowsoft - /dev/crypto will allow the software engine | Niels Provos | |
to be used if there are no hardware cards. mostly for debugging and regression. | |||
2002-03-01 | remove CRYPTO_BUF_CONTIG and convert to handle iovs. okay deraadt@ | Niels Provos | |
2002-03-01 | helper functions for uio (cuio_apply and cuio_getptr) okay deraadt@ | Niels Provos | |
2002-02-24 | license repair, angelos ok | Theo de Raadt | |
2002-02-23 | sysctl kern.usercrypto | Theo de Raadt | |
2002-02-08 | - Rename FILE_{,UN}USE to FREF and FRELE. USE is a bad verb and we don't have | Artur Grabowski | |
the same semantics as NetBSD anyway, so it's good to avoid name collissions. - Always fdremove before freeing the file, not the other way around. - falloc FREFs the file. - have FILE_SET_MATURE FRELE the file (It feels like a good ortogonality to falloc FREFing the file). - Use closef as much as possible instead of ffree in error paths of falloc:ing functions. closef is much more careful with the fd and can deal with the fd being forcibly closed by dup2. Also try to avoid manually calling *fo_close when closef can do that for us (this makes some error paths mroe complicated (sys_socketpair and sys_pipe), but others become simpler (sys_open)). | |||
2002-01-29 | Remove the iov2pages/mbuf2pages API... All of the relevant arch's support | Jason Wright | |
bus_dma(9) which actually does this job correctly. | |||
2002-01-23 | It looks like there has been one crack smoking and a few cut and pastes. | Artur Grabowski | |
PR_FREEHEADER should not be set in pool_init by the caller. It shouldn't be set in pool_init at all. Besides, it's going away soon anyway. | |||
2002-01-23 | Pool deals fairly well with physical memory shortage, but it doesn't deal | Artur Grabowski | |
well (not at all) with shortages of the vm_map where the pages are mapped (usually kmem_map). Try to deal with it: - group all information the backend allocator for a pool in a separate struct. The pool will only have a pointer to that struct. - change the pool_init API to reflect that. - link all pools allocating from the same allocator on a linked list. - Since an allocator is responsible to wait for physical memory it will only fail (waitok) when it runs out of its backing vm_map, carefully drain pools using the same allocator so that va space is freed. (see comments in code for caveats and details). - change pool_reclaim to return if it actually succeeded to free some memory, use that information to make draining easier and more efficient. - get rid of PR_URGENT, noone uses it. |