d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3cbd4ec3e4
freebsd-dev/sys/netipsec
History
Andrey V. Elsukov 3cbd4ec3e4 Handle non-compressed packets for IPComp in tunnel mode. 
RFC3173 says that the IP datagram MUST be sent in the original
non-compressed form, when the total size of a compressed payload
and the IPComp header is not smaller than the size of the original
payload. In tunnel mode for small packets IPComp will send
encapsulated IP datagrams without IPComp header.
Add ip_encap handler for IPPROTO_IPV4 and IPPROTO_IPV6 to handle
these datagrams. The handler does lookup for SA related to IPComp
protocol and given from mbuf source and destination addresses as
tunnel endpoints. It decapsulates packets only when corresponding SA
is found.

Reported by:	gnn
Reviewed by:	gnn
Differential Revision:	https://reviews.freebsd.org/D6062
2016-04-24 09:02:17 +00:00
..
ah_var.h
ah.h
esp_var.h
esp.h Summary: Remove spurious, extra, next header comments. 2015-05-15 18:04:49 +00:00
ipcomp_var.h
ipcomp.h
ipsec6.h Constify mbuf pointer for IPSEC functions where mbuf isn't modified. 2016-04-21 10:58:07 +00:00
ipsec_input.c Overhaul if_enc(4) and make it loadable in run-time. 2015-11-25 07:31:59 +00:00
ipsec_mbuf.c sys/net* : for pointers replace 0 with NULL. 2016-04-15 17:30:33 +00:00
ipsec_output.c Fix handling of net.inet.ipsec.dfbit=2 variable. 2016-03-18 09:03:00 +00:00
ipsec.c Constify mbuf pointer for IPSEC functions where mbuf isn't modified. 2016-04-21 10:58:07 +00:00
ipsec.h Remove stale function declaration 2016-04-21 11:02:06 +00:00
key_debug.c Constify mbuf pointer for IPSEC functions where mbuf isn't modified. 2016-04-21 10:58:07 +00:00
key_debug.h Constify mbuf pointer for IPSEC functions where mbuf isn't modified. 2016-04-21 10:58:07 +00:00
key_var.h
key.c Handle non-compressed packets for IPComp in tunnel mode. 2016-04-24 09:02:17 +00:00
key.h Handle non-compressed packets for IPComp in tunnel mode. 2016-04-24 09:02:17 +00:00
keydb.h Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec 2015-08-04 17:47:11 +00:00
keysock.c kernel: use our nitems() macro when it is available through param.h. 2016-04-19 23:48:27 +00:00
keysock.h Remove __P() macro. 2014-12-03 04:08:41 +00:00
xform_ah.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
xform_esp.c Use explicitly specified ivsize instead of blocksize when we mean IV size. 2015-11-16 07:10:42 +00:00
xform_ipcomp.c Handle non-compressed packets for IPComp in tunnel mode. 2016-04-24 09:02:17 +00:00
xform_tcp.c Remove route chaching support from ipsec code. It isn't used for some time. 2014-12-02 04:20:50 +00:00
xform.h RFC4868 section 2.3 requires that the output be half... This fixes 2015-07-29 07:15:16 +00:00