aboutsummaryrefslogtreecommitdiff
path: root/sys/netipsec/key.c
Commit message (Expand)AuthorAgeFilesLines
* ipsec: only update lastused when it changesMateusz Guzik2023-02-161-1/+4
* ipsec: Clear pad bytes in PF_KEY messagesMark Johnston2023-01-161-40/+29
* ipsec: add key_havesp_anyMateusz Guzik2022-11-221-0/+7
* ipsec: prohibit unknown directions in key_havespMateusz Guzik2022-11-221-2/+3
* ipsec: add support for CHACHA20POLY1305Kristof Provost2022-11-021-0/+2
* keysock: do not use raw socket codeGleb Smirnoff2022-08-111-6/+3
* Adjust function definitions in netipsec's key.c to avoid clang 15 warningsDimitry Andric2022-07-261-2/+2
* ipsec: replace SECASVAR mtx by rmlockKristof Provost2022-07-191-20/+29
* ipsec: sprinkle CURVNET_ASSERT_SETMateusz Guzik2022-02-191-0/+4
* netipsec: use SYSINIT(9) instead of dom_init/dom_destroyGleb Smirnoff2022-01-031-10/+24
* crypto: Consistently use AES instead of Rijndael128 for the AES-CBC cipher.John Baldwin2021-12-161-1/+1
* ipsec: fix a logic error in key_do_getnewspiWenfeng Liu2021-12-141-1/+1
* ipsec: fix a panic with INVARIANTSRobert Wing2021-12-031-1/+1
* ipsec: make sure the lock allocated in key_newsav does not false-shareMateusz Guzik2021-11-141-2/+2
* ipsec: fix edge case detection in key_getnewspidMateusz Guzik2021-11-141-3/+5
* ipsec: add a lock encompassing SPI allocationMateusz Guzik2021-11-031-0/+22
* ipsec: fix edge case detection in key_do_getnewspiMateusz Guzik2021-11-031-5/+6
* ipsec: fix race condition in key.cWojciech Macek2021-08-131-16/+37
* netipsec/key.c: Use ANSI C definition for key_random()Konstantin Belousov2021-08-101-1/+1
* ipsec: globalize lft zone and zero out buffers at allocation timeMateusz Guzik2021-06-281-12/+11
* Trigger soft lifetime expiration on sequence numberMarcin Wojtas2020-10-161-1/+6
* net: clean up empty lines in .c and .h filesMateusz Guzik2020-09-011-7/+1
* Simplify IPsec transform-specific teardown.John Baldwin2020-06-251-4/+1
* Use zfree() to explicitly zero IPsec keys.John Baldwin2020-06-251-11/+3
* Remove support for IPsec algorithms deprecated in r348205 and r360202.John Baldwin2020-05-021-12/+0
* Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many)Pawel Biernacki2020-02-261-1/+3
* netipsec: fix a mismatched uma_zfree -> uma_zfree_pcpuMateusz Guzik2020-02-121-1/+1
* Add missing new line in several log messages.Andrey V. Elsukov2019-08-091-6/+6
* netipsec key_register: check for M_NOWAIT alloc failureRyan Libby2019-06-251-1/+1
* Replace read_random(9) with more appropriate arc4rand(9) KPIsConrad Meyer2019-04-041-25/+1
* Add sadb_x_sa2 extension to SADB_ACQUIRE requests.Andrey V. Elsukov2018-10-211-1/+15
* Fix witness warning in xform_init().Andrey V. Elsukov2018-09-261-80/+1
* Use the new VNET_DEFINE_STATIC macro when we are defining static VNETAndrew Turner2018-07-241-37/+37
* uma: implement provisional api for per-cpu zonesMateusz Guzik2018-06-081-2/+2
* Temporary disable SPDCACHE statistic accounting until proper fix will beAndrey V. Elsukov2018-05-281-2/+2
* netipsec/!VIMAGE: don't declare/define spdcache_destroy on non-VIMAGE buildsMatt Macy2018-05-241-2/+4
* Add a SPD cache to speed up lookups.Fabien Thomas2018-05-221-20/+255
* Do pass removing some write-only variables from the kernel.Alexander Kabaev2017-12-251-5/+0
* Do better cleaning in key_destroy() for VIMAGE case.Andrey V. Elsukov2017-12-011-0/+19
* sys: further adoption of SPDX licensing ID tags.Pedro F. Giffuni2017-11-201-0/+2
* ipsec: Use the same keysize values for HMAC as prior to r324017Conrad Meyer2017-11-151-1/+1
* Use correct pointer in key_updateaddresses() when updating NAT-T config.Andrey V. Elsukov2017-11-031-1/+1
* Make user supplied data checks a bit stricter.Andrey V. Elsukov2017-08-091-5/+21
* When we are doing SA lookup for TCP-MD5, check both source andAndrey V. Elsukov2017-04-041-2/+4
* Fix bug in r308972 that leads to panic when non-compressed IPCompAndrey V. Elsukov2017-03-291-2/+2
* Introduce the concept of IPsec security policies scope.Andrey V. Elsukov2017-03-071-71/+112
* Merge projects/ipsec into head/.Andrey V. Elsukov2017-02-061-2752/+3093
* IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets.Fabien Thomas2016-11-251-14/+116
* netipsec: Fix minor style nitConrad Meyer2016-05-101-1/+1
* sys/net*: minor spelling fixes.Pedro F. Giffuni2016-05-031-6/+6
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 07:44:18 +0000