summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_esp.c
AgeCommit message (Expand)Author
2018-08-28Add per-TDB counters and a new SADB extension to export them toMartin Pieuchot
2018-07-12Introduce ipsec_output_cb() to merge duplicate code and account forMartin Pieuchot
2018-07-11Convert AH & IPcomp to ipsec_input_cb() and count drops on input.Martin Pieuchot
2018-07-10Introduce new IPsec (per-CPU) statistics and refactor ESP inputMartin Pieuchot
2018-05-09Cleanup IPsec ESP error handling with consistent goto drop.Alexander Bluhm
2018-05-02Do not assume that mbufs within a chain do not have M_PKTHDR set.Alexander Bluhm
2017-11-08Make {ah,esp,ipcomp}stat use percpu counters.Visa Hankala
2017-11-06Use %s and __func__ in DPRINTF() to reduce false positive with grep(1).Martin Pieuchot
2017-08-11Remove NET_LOCK()'s argument.Martin Pieuchot
2017-05-30add sizes to free() callsTheo de Raadt
2017-05-02Switch OCF and IPsec over to the new AESMike Belopuhov
2017-04-06Convert bcopy to memcpy where the memory does not overlap, otherwise,David Hill
2017-02-07IPsec packets could be dropped unaccounted if output after cryptoAlexander Bluhm
2017-02-07Reduce the per-packet allocation costs for crypto operations (cryptop)Patrick Wildt
2017-02-07The return code of crp_callback is never checked, so it is notAlexander Bluhm
2017-01-09Grab the NET_LOCK() in various callbacks.Martin Pieuchot
2016-12-24Grab the NET_LOCK() before calling ipsp_process_done() as it ends upMartin Pieuchot
2016-09-19convert bcopy to memcpy. from david hill.Ted Unangst
2016-09-13avoid extensive mbuf allocation for IPsec by replacing m_inject(4)Markus Friedl
2016-08-18fix panics caused by replacing m_copym2 with m_dup_pkt.David Gwynne
2016-08-15replace the last uses of m_copym2 with m_dup_pkt.David Gwynne
2016-03-07Sync no-argument function declaration and definition by adding (void).Christian Weisgerber
2015-12-09Remove plain DES encryption from IPsec.Christian Weisgerber
2015-11-03Plumb Chacha20-Poly1305 into the IPsec/ESP and PF_KEY frameworksMike Belopuhov
2015-07-15m_freem() can handle NULL, do not check for this condition beforehands.Theo de Raadt
2015-06-15No need for an extra local variable; no functional change.Mike Belopuhov
2015-06-15Use proper argument type for crp_callback functions; no functional change.Mike Belopuhov
2015-04-17Stubs and support code for NIC-enabled IPsec bite the dust.Mike Belopuhov
2015-04-14make ipsp_address thread safe; ok mpiMike Belopuhov
2014-12-19unifdef INET in net code as a precursor to removing the pretend option.Ted Unangst
2014-12-05Explicitly include <net/if_var.h> instead of pulling it in <net/if.h>.Martin Pieuchot
2014-11-18move arc4random prototype to systm.h. more appropriate for most codeTed Unangst
2014-07-22Fewer <netinet/in_systm.h> !Martin Pieuchot
2014-07-12add a size argument to free. will be used soon, but for now default to 0.Ted Unangst
2014-07-09bpf code surgery / shuffling / simplification.Henning Brauer
2014-01-09bzero/bcmp -> memset/memcmp. ok matthewTed Unangst
2013-04-11Remove the extern keyword from function declarations, documentMartin Pieuchot
2013-02-14Merge of an original work by markus@ and gerhard@ to increaseMike Belopuhov
2012-10-18simplify checkreplaywindow() API; make call/return code handling consistentMarkus Friedl
2012-09-20spltdb() was really just #define'd to be splsoftnet(); replace the formerBret Lambert
2012-09-18remove the SADB_X_SAFLAGS_{HALFIV,RANDOMPADDING,NOREPLAY} pfkey-API (not setMarkus Friedl
2012-06-29Add support for the Extended (64-bit) Sequence Number as definedMike Belopuhov
2011-01-11for key material that is being being discarded, convert bzero() toTheo de Raadt
2010-12-21don't leak mbuf if padding failes; ok mikeb@Markus Friedl
2010-10-06Retire SkipjackMike Belopuhov
2010-09-23remove m_pad in favor of m_inject as it's equivalent to m_injectMike Belopuhov
2010-09-22Support for AES-GCM-16 and ENCR_NULL_AUTH_AES_GMAC in ESP as perMike Belopuhov
2010-07-20Switch some obvious network stack MAC comparisons from bcmp() toMatthew Dempsky
2010-07-09Add support for using IPsec in multiple rdomains.Reyk Floeter
2010-07-02m_copyback can fail to allocate memory, but is a void fucntion so gymnasticsBret Lambert