aboutsummaryrefslogtreecommitdiff
path: root/sys/netipsec
Commit message (Expand)AuthorAgeFilesLines
* drop key_sa_stir_iv as it isn't used...John-Mark Gurney2015-06-112-9/+0
* CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than tenJung-uk Kim2015-05-221-1/+1
* In the reply to SADB_X_SPDGET message use the same sequence number thatAndrey V. Elsukov2015-05-201-2/+3
* Remove unneded mbuf length adjustment, M_PREPEND() already did that.Andrey V. Elsukov2015-05-191-2/+0
* Change SA's state before sending SADB_EXPIRE message. This state willAndrey V. Elsukov2015-05-191-2/+2
* Teach key_expire() send SADB_EXPIRE message with the SADB_EXT_LIFETIME_HARDAndrey V. Elsukov2015-05-191-40/+38
* Summary: Remove spurious, extra, next header comments.George V. Neville-Neil2015-05-151-4/+2
* Fix the comment. We will not do SPD lookup again, becauseAndrey V. Elsukov2015-04-281-2/+1
* Since PFIL can change mbuf pointer, we should update pointers afterAndrey V. Elsukov2015-04-282-0/+3
* Make ipsec_in_reject() static. We use ipsec[46]_in_reject() instead.Andrey V. Elsukov2015-04-272-2/+2
* Fix possible use after free due to security policy deletion.Andrey V. Elsukov2015-04-274-8/+30
* Change ipsec_address() and ipsec_logsastr() functions to take twoAndrey V. Elsukov2015-04-187-132/+105
* Requeue mbuf via netisr when we use IPSec tunnel mode and IPv6.Andrey V. Elsukov2015-04-181-1/+30
* Fix handling of scoped IPv6 addresses in IPSec code.Andrey V. Elsukov2015-04-183-36/+21
* Remove xform_ipip.c and code related to XF_IP4.Andrey V. Elsukov2015-04-183-404/+129
* o Use new function ip_fillid() in all places throughout the kernel,Gleb Smirnoff2015-04-011-3/+1
* Remove extra '&'. sin6 is already a pointer.Andrey V. Elsukov2015-03-071-1/+1
* Fix possible memory leak and several races in the IPsec policy managementAndrey V. Elsukov2015-02-242-1/+18
* key_spdget uses key_setdumpsp() without SPTREE_RLOCK held (it usesAndrey V. Elsukov2015-01-271-2/+0
* In order to reduce use of M_EXT outside of the mbuf allocator andRobert Watson2015-01-062-12/+6
* Fix VIMAGE build.Andrey V. Elsukov2014-12-251-1/+1
* Rename ip4_def_policy variable to def_policy. It is used by both IPv4 andAndrey V. Elsukov2014-12-244-209/+140
* Treat errors when retrieving security policy as policy violation.Andrey V. Elsukov2014-12-111-2/+4
* Initialize error variable.Andrey V. Elsukov2014-12-111-0/+1
* Remove flag/flags argument from the following functions:Andrey V. Elsukov2014-12-112-23/+12
* Remove flags and tunalready arguments from ipsec4_process_packet()Andrey V. Elsukov2014-12-112-94/+54
* Remove now unused mtag argument from ipsec*_common_input_cb.Andrey V. Elsukov2014-12-116-31/+16
* Remove code related to PACKET_TAG_IPSEC_IN_CRYPTO_DONE mbuf tag.Andrey V. Elsukov2014-12-112-153/+71
* Remove unused mtag variable.Andrey V. Elsukov2014-12-111-2/+0
* key_getspacq() returns holding the spacq_lock. Unlock it in all cases.Andrey V. Elsukov2014-12-071-1/+2
* Fix style(9) and remove m_freem(NULL).Andrey V. Elsukov2014-12-041-4/+3
* Remove __P() macro.Andrey V. Elsukov2014-12-0310-206/+202
* ANSIfy function declarations.Andrey V. Elsukov2014-12-033-257/+103
* Remove unneded check. No need to do m_pullup to the size that we prepended.Andrey V. Elsukov2014-12-021-2/+0
* Remove route chaching support from ipsec code. It isn't used for some time.Andrey V. Elsukov2014-12-0215-47/+4
* Remove unused structure declarations.Andrey V. Elsukov2014-12-021-11/+0
* Remove unused declartations.Andrey V. Elsukov2014-12-021-10/+0
* Remove ip4_input() declaration. It was removed in r275133.Andrey V. Elsukov2014-11-271-1/+0
* Do not use xform_ipip as decapsulation fallback.Andrey V. Elsukov2014-11-263-433/+6
* Count statistics for the specific address family.Andrey V. Elsukov2014-11-131-1/+2
* Strip IP header only when we act in tunnel mode.Andrey V. Elsukov2014-11-131-29/+30
* Remove redundant ip6_plen initialization.Andrey V. Elsukov2014-11-131-3/+0
* ipsec6_process_packet is called before ip6_output fixes ip6_plen.Andrey V. Elsukov2014-11-121-5/+2
* Fix ips_out_nosa errors accounting.Andrey V. Elsukov2014-11-121-1/+10
* Pass mbuf to pfil processing before stripping outer IP header as itAndrey V. Elsukov2014-11-071-17/+6
* Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed.Gleb Smirnoff2014-11-076-74/+74
* When mode isn't explicitly specified (wildcard) and inner protocol isn'tAndrey V. Elsukov2014-11-061-1/+10
* Use in_localip() instead of handmade implementation.Andrey V. Elsukov2014-10-311-21/+2
* Use a static callout to drive key_timehandler() instead of timeout().John Baldwin2014-10-232-5/+9
* Fix multiple incorrect SYSCTL arguments in the kernel:Hans Petter Selasky2014-10-211-1/+1
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-24 20:45:41 +0000