| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Update comments about IVs used in IPsec ESP. | John Baldwin | 2020-04-20 | 1 | -16/+30 |
| * | Generate IVs directly in esp_output. | John Baldwin | 2020-04-20 | 1 | -4/+4 |
| * | Refactor driver and consumer interfaces for OCF (in-kernel crypto). | John Baldwin | 2020-03-27 | 1 | -106/+67 |
| * | Fix m_pullup() problem after removing PULLDOWN_TESTs and KAME EXT_*macros. | Bjoern A. Zeeb | 2019-12-01 | 1 | -6/+8 |
| * | Add support for dummy ESP packets with next header field equal to | Andrey V. Elsukov | 2019-11-27 | 1 | -0/+7 |
| * | netinet*: replace IP6_EXTHDR_GET() | Bjoern A. Zeeb | 2019-11-15 | 1 | -2/+9 |
| * | Make the warning intervals for deprecated crypto algorithms tunable. | John Baldwin | 2019-06-11 | 1 | -5/+4 |
| * | Add deprecation warnings for IPsec algorithms deprecated in RFC 8221. | John Baldwin | 2019-05-23 | 1 | -0/+23 |
| * | Replace read_random(9) with more appropriate arc4rand(9) KPIs | Conrad Meyer | 2019-04-04 | 1 | -1/+1 |
| * | OpenCrypto: Convert sessions to opaque handles instead of integers | Conrad Meyer | 2018-07-18 | 1 | -6/+6 |
| * | OCF: Add a typedef for session identifiers | Conrad Meyer | 2018-07-13 | 1 | -4/+5 |
| * | Set the proper vnet in IPsec callback functions. | John Baldwin | 2018-03-20 | 1 | -0/+10 |
| * | Do pass removing some write-only variables from the kernel. | Alexander Kabaev | 2017-12-25 | 1 | -2/+0 |
| * | crypto(9) is called from ipsec in CRYPTO_F_CBIFSYNC mode. This is working | Fabien Thomas | 2017-11-03 | 1 | -0/+4 |
| * | Disable IPsec debugging code by default when IPSEC_DEBUG kernel option | Andrey V. Elsukov | 2017-05-29 | 1 | -3/+3 |
| * | Fix possible double releasing for SA and SP references. | Andrey V. Elsukov | 2017-05-23 | 1 | -0/+2 |
| * | Fix possible double releasing for SA reference. | Andrey V. Elsukov | 2017-05-23 | 1 | -11/+14 |
| * | Merge projects/ipsec into head/. | Andrey V. Elsukov | 2017-02-06 | 1 | -195/+130 |
| * | IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets. | Fabien Thomas | 2016-11-25 | 1 | -0/+2 |
| * | Use explicitly specified ivsize instead of blocksize when we mean IV size. | Andrey V. Elsukov | 2015-11-16 | 1 | -7/+1 |
| * | Take extra reference to security policy before calling crypto_dispatch(). | Andrey V. Elsukov | 2015-09-30 | 1 | -0/+1 |
| * | Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec | John-Mark Gurney | 2015-08-04 | 1 | -81/+89 |
| * | these are comparing authenticators and need to be constant time... | John-Mark Gurney | 2015-07-31 | 1 | -1/+1 |
| * | Clean up this header file... | John-Mark Gurney | 2015-07-31 | 1 | -2/+0 |
| * | RFC4868 section 2.3 requires that the output be half... This fixes | John-Mark Gurney | 2015-07-29 | 1 | -24/+6 |
| * | Summary: Fix LINT build. The names of the new AES modes were not | George V. Neville-Neil | 2015-07-10 | 1 | -3/+3 |
| * | Add support for AES modes to IPSec. These modes work both in software only | George V. Neville-Neil | 2015-07-09 | 1 | -48/+89 |
| * | Fix possible use after free due to security policy deletion. | Andrey V. Elsukov | 2015-04-27 | 1 | -2/+5 |
| * | Change ipsec_address() and ipsec_logsastr() functions to take two | Andrey V. Elsukov | 2015-04-18 | 1 | -29/+30 |
| * | Remove now unused mtag argument from ipsec*_common_input_cb. | Andrey V. Elsukov | 2014-12-11 | 1 | -2/+2 |
| * | Remove code related to PACKET_TAG_IPSEC_IN_CRYPTO_DONE mbuf tag. | Andrey V. Elsukov | 2014-12-11 | 1 | -72/+34 |
| * | Remove route chaching support from ipsec code. It isn't used for some time. | Andrey V. Elsukov | 2014-12-02 | 1 | -1/+0 |
| * | Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed. | Gleb Smirnoff | 2014-11-07 | 1 | -2/+2 |
| * | Provide includes that are needed in these files, and before were read | Gleb Smirnoff | 2013-10-26 | 1 | -0/+2 |
| * | Migrate structs ahstat, espstat, ipcompstat, ipipstat, pfkeystat, | Andrey V. Elsukov | 2013-07-09 | 1 | -3/+9 |
| * | Use corresponding macros to update statistics for AH, ESP, IPIP, IPCOMP, | Andrey V. Elsukov | 2013-06-20 | 1 | -28/+28 |
| * | Remove unused 'plen' variable. | Pawel Jakub Dawidek | 2011-11-26 | 1 | -2/+1 |
| * | The esp_max_ivlen global variable is not needed, we can just use | Pawel Jakub Dawidek | 2011-11-26 | 1 | -16/+1 |
| * | malloc(M_WAITOK) never fails, so there is no need to check for NULL. | Pawel Jakub Dawidek | 2011-11-26 | 1 | -4/+0 |
| * | Eliminate 'err' variable and just use existing 'error'. | Pawel Jakub Dawidek | 2011-11-26 | 1 | -3/+3 |
| * | Simplify code a bit. | Pawel Jakub Dawidek | 2011-11-26 | 1 | -6/+3 |
| * | There is no need to virtualize esp_max_ivlen. | Pawel Jakub Dawidek | 2011-11-26 | 1 | -6/+5 |
| * | Make IPsec compile without INET adding appropriate #ifdef checks. | Bjoern A. Zeeb | 2011-04-27 | 1 | -14/+15 |
| * | Optimisation in IPSEC(4): | Fabien Thomas | 2011-03-31 | 1 | -15/+9 |
| * | Fixed IPsec's HMAC_SHA256-512 support to be RFC4868 compliant. | VANHULLEBUS Yvan | 2011-02-18 | 1 | -10/+53 |
| * | After some off-list discussion, revert a number of changes to the | Dimitry Andric | 2010-11-22 | 1 | -1/+1 |
| * | Apply the STATIC_VNET_DEFINE and STATIC_DPCPU_DEFINE macros throughout | Dimitry Andric | 2010-11-14 | 1 | -1/+1 |
| * | MFP4: @176978-176982, 176984, 176990-176994, 177441 | Bjoern A. Zeeb | 2010-04-29 | 1 | -2/+1 |
| * | Changed an IPSEC_ASSERT to a simple test, as such invalid packets | VANHULLEBUS Yvan | 2009-10-01 | 1 | -3/+9 |
| * | Merge the remainder of kern_vimage.c and vimage.h into vnet.c and | Robert Watson | 2009-08-01 | 1 | -1/+0 |
