| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Add per-TDB counters and a new SADB extension to export them to |   mpi | 2018-08-28 | 1 | -3/+6 |
| * | Introduce ipsec_output_cb() to merge duplicate code and account for | mpi | 2018-07-12 | 1 | -57/+9 |
| * | Convert AH & IPcomp to ipsec_input_cb() and count drops on input. | mpi | 2018-07-11 | 1 | -2/+2 |
| * | Introduce new IPsec (per-CPU) statistics and refactor ESP input | mpi | 2018-07-10 | 1 | -47/+8 |
| * | Cleanup IPsec ESP error handling with consistent goto drop. |   bluhm | 2018-05-09 | 1 | -84/+79 |
| * | Do not assume that mbufs within a chain do not have M_PKTHDR set. | bluhm | 2018-05-02 | 1 | -7/+20 |
| * | Make {ah,esp,ipcomp}stat use percpu counters. |   visa | 2017-11-08 | 1 | -36/+34 |
| * | Use %s and __func__ in DPRINTF() to reduce false positive with grep(1). | mpi | 2017-11-06 | 1 | -49/+48 |
| * | Remove NET_LOCK()'s argument. | mpi | 2017-08-11 | 1 | -14/+13 |
| * | add sizes to free() calls |   deraadt | 2017-05-30 | 1 | -3/+3 |
| * | Switch OCF and IPsec over to the new AES |   mikeb | 2017-05-02 | 1 | -2/+2 |
| * | Convert bcopy to memcpy where the memory does not overlap, otherwise, |   dhill | 2017-04-06 | 1 | -6/+7 |
| * | IPsec packets could be dropped unaccounted if output after crypto | bluhm | 2017-02-07 | 1 | -3/+3 |
| * | Reduce the per-packet allocation costs for crypto operations (cryptop) |   patrick | 2017-02-07 | 1 | -7/+7 |
| * | The return code of crp_callback is never checked, so it is not | bluhm | 2017-02-07 | 1 | -31/+21 |
| * | Grab the NET_LOCK() in various callbacks. | mpi | 2017-01-09 | 1 | -8/+8 |
| * | Grab the NET_LOCK() before calling ipsp_process_done() as it ends up | mpi | 2016-12-24 | 1 | -5/+5 |
| * | convert bcopy to memcpy. from david hill. |   tedu | 2016-09-19 | 1 | -8/+8 |
| * | avoid extensive mbuf allocation for IPsec by replacing m_inject(4) |   markus | 2016-09-13 | 1 | -8/+9 |
| * | fix panics caused by replacing m_copym2 with m_dup_pkt. |   dlg | 2016-08-18 | 1 | -14/+6 |
| * | replace the last uses of m_copym2 with m_dup_pkt. | dlg | 2016-08-15 | 1 | -2/+2 |
| * | Sync no-argument function declaration and definition by adding (void). |   naddy | 2016-03-07 | 1 | -2/+2 |
| * | Remove plain DES encryption from IPsec. | naddy | 2015-12-09 | 1 | -5/+1 |
| * | Plumb Chacha20-Poly1305 into the IPsec/ESP and PF_KEY frameworks | mikeb | 2015-11-03 | 1 | -3/+19 |
| * | m_freem() can handle NULL, do not check for this condition beforehands. | deraadt | 2015-07-15 | 1 | -5/+3 |
| * | No need for an extra local variable; no functional change. | mikeb | 2015-06-15 | 1 | -11/+9 |
| * | Use proper argument type for crp_callback functions; no functional change. | mikeb | 2015-06-15 | 1 | -15/+11 |
| * | Stubs and support code for NIC-enabled IPsec bite the dust. | mikeb | 2015-04-17 | 1 | -58/+22 |
| * | make ipsp_address thread safe; ok mpi | mikeb | 2015-04-14 | 1 | -33/+74 |
| * | unifdef INET in net code as a precursor to removing the pretend option. | tedu | 2014-12-19 | 1 | -8/+1 |
| * | Explicitly include <net/if_var.h> instead of pulling it in <net/if.h>. | mpi | 2014-12-05 | 1 | -1/+2 |
| * | move arc4random prototype to systm.h. more appropriate for most code | tedu | 2014-11-18 | 1 | -3/+1 |
| * | Fewer <netinet/in_systm.h> ! | mpi | 2014-07-22 | 1 | -2/+1 |
| * | add a size argument to free. will be used soon, but for now default to 0. | tedu | 2014-07-12 | 1 | -12/+12 |
| * | bpf code surgery / shuffling / simplification. |   henning | 2014-07-09 | 1 | -2/+2 |
| * | bzero/bcmp -> memset/memcmp. ok matthew | tedu | 2014-01-09 | 1 | -8/+8 |
| * | Remove the extern keyword from function declarations, document | mpi | 2013-04-11 | 1 | -1/+4 |
| * | Merge of an original work by markus@ and gerhard@ to increase | mikeb | 2013-02-14 | 1 | -52/+43 |
| * | simplify checkreplaywindow() API; make call/return code handling consistent | markus | 2012-10-18 | 1 | -22/+44 |
| * | spltdb() was really just #define'd to be splsoftnet(); replace the former |   blambert | 2012-09-20 | 1 | -3/+3 |
| * | remove the SADB_X_SAFLAGS_{HALFIV,RANDOMPADDING,NOREPLAY} pfkey-API (not set | markus | 2012-09-18 | 1 | -82/+25 |
| * | Add support for the Extended (64-bit) Sequence Number as defined | mikeb | 2012-06-29 | 1 | -45/+137 |
| * | for key material that is being being discarded, convert bzero() to | deraadt | 2011-01-11 | 1 | -3/+3 |
| * | don't leak mbuf if padding failes; ok mikeb@ | markus | 2010-12-21 | 1 | -1/+2 |
| * | Retire Skipjack | mikeb | 2010-10-06 | 1 | -5/+1 |
| * | remove m_pad in favor of m_inject as it's equivalent to m_inject | mikeb | 2010-09-23 | 1 | -77/+5 |
| * | Support for AES-GCM-16 and ENCR_NULL_AUTH_AES_GMAC in ESP as per | mikeb | 2010-09-22 | 1 | -9/+61 |
| * | Switch some obvious network stack MAC comparisons from bcmp() to |   matthew | 2010-07-20 | 1 | -2/+2 |
| * | Add support for using IPsec in multiple rdomains. |   reyk | 2010-07-09 | 1 | -5/+8 |
| * | m_copyback can fail to allocate memory, but is a void fucntion so gymnastics | blambert | 2010-07-02 | 1 | -4/+4 |
