summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_spd.c
AgeCommit message (Expand)Author
2023-11-26Remove inp parameter from ip_output().Alexander Bluhm
2023-04-22Call pfkeyv2_sysctl_policydumper() with shared netlock. It performsVitaliy Makkoveev
2022-06-17The timeout for ipsec acquire does not decrement the referenceAlexander Bluhm
2022-05-04In ipsp_spd_lookup() rename the parameter tdbp to tdbin as it isAlexander Bluhm
2022-03-13Hrvoje has hit a crash with IPsec acquire while testing the parallelAlexander Bluhm
2022-03-08In IPsec policy replace integer refcount with atomic refcount.Alexander Bluhm
2022-03-06Usually we check ipsec_in_use as shortcut to avoid IPsec lookups,Alexander Bluhm
2022-02-22Delete unnecessary #includes of <sys/domain.h> and/or <sys/protosw.h>Philip Guenther
2022-01-04Add `ipsec_flows_mtx' mutex(9) to protect `ipsp_ids_*' list andYASUOKA Masahiko
2021-12-16Fix a tiny race in tdb_delete() between TDBF_DELETED, tdb_unlink()Alexander Bluhm
2021-12-14To cache lookups, the policy ipo is linked to its SA tdb. ThereAlexander Bluhm
2021-12-03Add TDB reference counting to ipsp_spd_lookup(). If an outputAlexander Bluhm
2021-12-01Let ipsp_spd_lookup() return an error instead of a TDB. The TDBAlexander Bluhm
2021-11-30Remove unused parameter from ipsp_spd_inp().Alexander Bluhm
2021-11-25Implement reference counting for IPsec tdbs. Not all cases areAlexander Bluhm
2021-07-08Initialize `ipsec_acquire_pool' pool (9) within pfkey_init() instead ofmvs
2021-05-04Initialize `ipsec_policy_pool' within pfkey_init() instead of doing thatmvs
2020-06-24kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9)cheloha
2019-12-10Make bundled IPcomp/ESP policies work with IPSEC_LEVEL_REQUIRE.tobhe
2019-07-08free(9) sizes for M_RTABLE.Martin Pieuchot
2018-10-22ipsec: use monotonic clock for SA creation/lookup timestamps; ok dlg@cheloha
2018-06-25Assert that the NET_LOCK() is held when iterating over `ipsec_acquire_head'.Martin Pieuchot
2018-05-16Fix kernel builds without IPSEC.Reyk Floeter
2017-11-20Flush flows using the radix-tree instead of a global list.Martin Pieuchot
2017-11-07Remove unused debug macro.Martin Pieuchot
2017-10-27Dump IPsec flows by iterating over the rafdix-tree.Martin Pieuchot
2017-10-16Last changes before running IPsec w/o KERNEL_LOCK().Martin Pieuchot
2017-04-06Replace bcopy with a simple assignment where both variables areDavid Hill
2016-09-27Remove empty #ifdef and #ifndef blocksFrederic Cambus
2016-09-15all pools have their ipl set via pool_setipl, so fold it into pool_init.David Gwynne
2016-09-06pool_setipl for various netinet and netinet6 bitsDavid Gwynne
2015-10-07Initialize the routing table before domains.Martin Pieuchot
2015-09-10It is time to put inet6 on a diet. Use the flensing knife and cut outClaudio Jeker
2015-07-17manage spd entries by using the radix api directly instead ofBret Lambert
2015-05-23introduce ipsec-id bundles and use them for ipsecflowinfo,Markus Friedl
2015-04-30Merge two identical if() statements in ipsp_acquire_sa(). TheTodd C. Miller
2015-04-16remove unfinished/unused support for socket-attached ipsec-policiesMarkus Friedl
2015-04-14Remove support for storing credentials and auth information in the kernel.Mike Belopuhov
2015-04-13Perform IPsec bypass check on a socket before performing TDB lookups.Mike Belopuhov
2015-04-13Rename gettdbbyaddr to gettdbbydst; OK markus, hshoexer, mpiMike Belopuhov
2015-04-13Remove unused arguments from gettdb* functions; OK markus, hshoexer, mpiMike Belopuhov
2015-03-14Remove some includes include-what-you-use claims don'tJonathan Gray
2014-12-19unifdef INET in net code as a precursor to removing the pretend option.Ted Unangst
2014-11-25The proliferation of "struct route" in all its flavors didn't makeMartin Pieuchot
2014-11-01Rename rtalloc1() into rtalloc(9) and convert its flags to only enableMartin Pieuchot
2014-10-14Use rtfree() instead of RTFREE(), NULLify some free'd route pointers andMartin Pieuchot
2014-09-27Kill rtalloc() and update rtalloc1() and rtalloc_mpath() to no longerMartin Pieuchot
2014-07-22Fewer <netinet/in_systm.h> !Martin Pieuchot
2014-04-14"struct pkthdr" holds a routing table ID, not a routing domain one.Martin Pieuchot
2014-01-09bzero/bcmp -> memset/memcmp. ok matthewTed Unangst