Age | Commit message (Expand) | Author |
2018-08-28 | Add per-TDB counters and a new SADB extension to export them to | Martin Pieuchot |
2018-07-12 | Introduce ipsec_output_cb() to merge duplicate code and account for | Martin Pieuchot |
2018-07-11 | Convert AH & IPcomp to ipsec_input_cb() and count drops on input. | Martin Pieuchot |
2018-07-10 | Introduce new IPsec (per-CPU) statistics and refactor ESP input | Martin Pieuchot |
2018-05-09 | Cleanup IPsec ESP error handling with consistent goto drop. | Alexander Bluhm |
2018-05-02 | Do not assume that mbufs within a chain do not have M_PKTHDR set. | Alexander Bluhm |
2017-11-08 | Make {ah,esp,ipcomp}stat use percpu counters. | Visa Hankala |
2017-11-06 | Use %s and __func__ in DPRINTF() to reduce false positive with grep(1). | Martin Pieuchot |
2017-08-11 | Remove NET_LOCK()'s argument. | Martin Pieuchot |
2017-05-30 | add sizes to free() calls | Theo de Raadt |
2017-05-02 | Switch OCF and IPsec over to the new AES | Mike Belopuhov |
2017-04-06 | Convert bcopy to memcpy where the memory does not overlap, otherwise, | David Hill |
2017-02-07 | IPsec packets could be dropped unaccounted if output after crypto | Alexander Bluhm |
2017-02-07 | Reduce the per-packet allocation costs for crypto operations (cryptop) | Patrick Wildt |
2017-02-07 | The return code of crp_callback is never checked, so it is not | Alexander Bluhm |
2017-01-09 | Grab the NET_LOCK() in various callbacks. | Martin Pieuchot |
2016-12-24 | Grab the NET_LOCK() before calling ipsp_process_done() as it ends up | Martin Pieuchot |
2016-09-19 | convert bcopy to memcpy. from david hill. | Ted Unangst |
2016-09-13 | avoid extensive mbuf allocation for IPsec by replacing m_inject(4) | Markus Friedl |
2016-08-18 | fix panics caused by replacing m_copym2 with m_dup_pkt. | David Gwynne |
2016-08-15 | replace the last uses of m_copym2 with m_dup_pkt. | David Gwynne |
2016-03-07 | Sync no-argument function declaration and definition by adding (void). | Christian Weisgerber |
2015-12-09 | Remove plain DES encryption from IPsec. | Christian Weisgerber |
2015-11-03 | Plumb Chacha20-Poly1305 into the IPsec/ESP and PF_KEY frameworks | Mike Belopuhov |
2015-07-15 | m_freem() can handle NULL, do not check for this condition beforehands. | Theo de Raadt |
2015-06-15 | No need for an extra local variable; no functional change. | Mike Belopuhov |
2015-06-15 | Use proper argument type for crp_callback functions; no functional change. | Mike Belopuhov |
2015-04-17 | Stubs and support code for NIC-enabled IPsec bite the dust. | Mike Belopuhov |
2015-04-14 | make ipsp_address thread safe; ok mpi | Mike Belopuhov |
2014-12-19 | unifdef INET in net code as a precursor to removing the pretend option. | Ted Unangst |
2014-12-05 | Explicitly include <net/if_var.h> instead of pulling it in <net/if.h>. | Martin Pieuchot |
2014-11-18 | move arc4random prototype to systm.h. more appropriate for most code | Ted Unangst |
2014-07-22 | Fewer <netinet/in_systm.h> ! | Martin Pieuchot |
2014-07-12 | add a size argument to free. will be used soon, but for now default to 0. | Ted Unangst |
2014-07-09 | bpf code surgery / shuffling / simplification. | Henning Brauer |
2014-01-09 | bzero/bcmp -> memset/memcmp. ok matthew | Ted Unangst |
2013-04-11 | Remove the extern keyword from function declarations, document | Martin Pieuchot |
2013-02-14 | Merge of an original work by markus@ and gerhard@ to increase | Mike Belopuhov |
2012-10-18 | simplify checkreplaywindow() API; make call/return code handling consistent | Markus Friedl |
2012-09-20 | spltdb() was really just #define'd to be splsoftnet(); replace the former | Bret Lambert |
2012-09-18 | remove the SADB_X_SAFLAGS_{HALFIV,RANDOMPADDING,NOREPLAY} pfkey-API (not set | Markus Friedl |
2012-06-29 | Add support for the Extended (64-bit) Sequence Number as defined | Mike Belopuhov |
2011-01-11 | for key material that is being being discarded, convert bzero() to | Theo de Raadt |
2010-12-21 | don't leak mbuf if padding failes; ok mikeb@ | Markus Friedl |
2010-10-06 | Retire Skipjack | Mike Belopuhov |
2010-09-23 | remove m_pad in favor of m_inject as it's equivalent to m_inject | Mike Belopuhov |
2010-09-22 | Support for AES-GCM-16 and ENCR_NULL_AUTH_AES_GMAC in ESP as per | Mike Belopuhov |
2010-07-20 | Switch some obvious network stack MAC comparisons from bcmp() to | Matthew Dempsky |
2010-07-09 | Add support for using IPsec in multiple rdomains. | Reyk Floeter |
2010-07-02 | m_copyback can fail to allocate memory, but is a void fucntion so gymnastics | Bret Lambert |