freebsd-dev

History

Fabien Thomas bf4356266d IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets. Since the previous algorithm, based on bit shifting, does not scale with large replay windows, the algorithm used here is based on RFC 6479: IPsec Anti-Replay Algorithm without Bit Shifting. The replay window will be fast to be updated, but will cost as many bits in RAM as its size. The previous implementation did not provide a lock on the replay window, which may lead to replay issues. Reviewed by: ae Obtained from: emeric.poupon@stormshield.eu Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D8468		2016-11-25 14:44:49 +00:00
..
ipsec_dump_policy.c
ipsec_get_policylen.c
ipsec_set_policy.3
ipsec_strerror.3
ipsec_strerror.c
ipsec_strerror.h
libpfkey.h
Makefile	First pass through library packaging.	2016-02-04 21:16:35 +00:00
Makefile.depend	DIRDEPS_BUILD: Regenerate without local dependencies.	2016-02-24 17:20:11 +00:00
pfkey_dump.c	IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets.	2016-11-25 14:44:49 +00:00
pfkey.c	IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets.	2016-11-25 14:44:49 +00:00
policy_parse.y
policy_token.l
test-policy.c