Age | Commit message (Expand) | Author |
2013-04-11 | Remove the extern keyword from function declarations, document | Martin Pieuchot |
2013-02-14 | Merge of an original work by markus@ and gerhard@ to increase | Mike Belopuhov |
2012-10-18 | simplify checkreplaywindow() API; make call/return code handling consistent | Markus Friedl |
2012-09-20 | spltdb() was really just #define'd to be splsoftnet(); replace the former | Bret Lambert |
2012-09-18 | remove the SADB_X_SAFLAGS_{HALFIV,RANDOMPADDING,NOREPLAY} pfkey-API (not set | Markus Friedl |
2012-06-29 | Add support for the Extended (64-bit) Sequence Number as defined | Mike Belopuhov |
2011-01-11 | for key material that is being being discarded, convert bzero() to | Theo de Raadt |
2010-12-21 | don't leak mbuf if padding failes; ok mikeb@ | Markus Friedl |
2010-10-06 | Retire Skipjack | Mike Belopuhov |
2010-09-23 | remove m_pad in favor of m_inject as it's equivalent to m_inject | Mike Belopuhov |
2010-09-22 | Support for AES-GCM-16 and ENCR_NULL_AUTH_AES_GMAC in ESP as per | Mike Belopuhov |
2010-07-20 | Switch some obvious network stack MAC comparisons from bcmp() to | Matthew Dempsky |
2010-07-09 | Add support for using IPsec in multiple rdomains. | Reyk Floeter |
2010-07-02 | m_copyback can fail to allocate memory, but is a void fucntion so gymnastics | Bret Lambert |
2010-07-01 | Allow to specify an alternative enc(4) interface for an SA. All | Reyk Floeter |
2010-06-29 | Replace enc(4) with a new implementation as a cloner device. We still | Reyk Floeter |
2010-01-10 | Fix two bugs in IPsec/HMAC-SHA2: | Markus Friedl |
2008-06-09 | rename arc4random_bytes => arc4random_buf to match libc's nicer name; | Damien Miller |
2007-11-19 | Remove the #define ENCDEBUG that slipped through somehow. | Marco Pfatschbacher |
2007-10-17 | Convert MALLOC/FREE to malloc/free. | Hans-Joerg Hoexer |
2007-10-06 | Oops. Forgot to do FREE -> free when I did MALLOC -> malloc. | Kenneth R Westerback |
2007-10-03 | MALLOC+bzero -> malloc+M_ZERO. | Kenneth R Westerback |
2006-12-15 | make enc(4) count; ok markus@ henning@ deraadt@ | Otto Moerbeek |
2006-09-21 | ugly trailing ws; from bret dot lambert at gmail | Otto Moerbeek |
2006-05-28 | Only preemptively increase the replay counter for outbound TDBs. | Ryan Thomas McBride |
2006-03-25 | allow bpf(4) to ignore packets based on their direction (inbound or | Damien Miller |
2005-12-20 | use M_READONLY when trying to find out whether we have to copy | Markus Friedl |
2005-08-05 | don't panic for SADB_ADD w/o enc/auth, with and ok hshoexer@ | Markus Friedl |
2005-08-02 | use arc4random for random packet padding (largely acedemic because it is | Damien Miller |
2005-07-31 | Introduce bpf_mtap_af and bpf_mtap_hdr to be used when passing a mbuf chain | Christopher Pascoe |
2005-05-28 | Add SA replay counter synchronization to pfsync(4). Required for IPsec | Hakan Olsson |
2005-05-27 | comment out unused PACKET_TAG_IPSEC_IN_CRYPTO_DONE code; ok hshoexer | Markus Friedl |
2005-05-25 | AESCTR support for ESP (RFC 3686); ok hshoexer | Markus Friedl |
2005-05-10 | support NULL encryption for ESP; ok hshoexer, ho | Markus Friedl |
2003-12-10 | de-register. deraadt ok | Jun-ichiro itojun Hagino |
2003-08-14 | m_copyback()'s 4th arg is const void *, nuke (caddr_t) casts. | Jason Wright |
2003-07-24 | conform to RFC2367 on SADB_xx naming (local name must be prefixed with | Jun-ichiro itojun Hagino |
2003-07-24 | hmac-sha2-{256,384,512} support in AH/ESP auth. markus ok | Jun-ichiro itojun Hagino |
2003-07-09 | fix whitespace | Markus Friedl |
2003-05-03 | just as a safety measure, set m_flags to 0 for mbufs allocated on stack. | Jun-ichiro itojun Hagino |
2003-04-02 | o sanity check mbuf earlier. | Todd C. Miller |
2003-03-31 | Avoid using FREEd data when we get a crypto error; Patrick Latifi | Todd C. Miller |
2003-02-28 | Based on several comments from tedu: | Jason Wright |
2003-02-21 | kill unused variables | Ted Unangst |
2003-02-12 | Remove commons; inspired by netbsd. | Jason Wright |
2003-02-01 | m_pad() is expected to have free'd the mbuf if it returns NULL, so | Daniel Hartmeier |
2002-11-07 | Check for invalid payload lengths also for NULL enc. markus@, angelos@ ok. | Hakan Olsson |
2002-07-30 | Be sure to check the integrity verifier for packets that didn't have it done | Jason Wright |
2002-07-05 | Free crp_opaque only after we've determined we're not going to | Angelos D. Keromytis |
2002-06-18 | KNF | Angelos D. Keromytis |