Commit Graph

21 Commits

Author SHA1 Message Date
ume
6e230b39ea - m_cat() may free the mbuf on 2nd arg, so m_pkthdr manipulation has
to happen before the call to m_cat().
- correct signedness mixups.
- remove variable that is only assigned too but not referenced.

Obtained from:	KAME
2003-11-15 06:18:09 +00:00
ume
13591e26f2 enable aes-xcbc-mac and aes-ctr, again. 2003-11-10 10:39:14 +00:00
ume
8ff2c775d4 - revert to old rijndael code. new rijndael code broke gbde.
- since aes-xcbc-mac and aes-ctr require functions in new
  rijndael code, aes-xcbc-mac and aes-ctr are disabled for now.
2003-10-19 21:28:34 +00:00
ume
a89e9b5e91 use BF_ecb_encrypt().
Obtained from:	KAME
2003-10-13 19:26:08 +00:00
ume
fd41336ef5 - support AES counter mode for ESP.
- use size_t as return type of schedlen(), as there's no error
  check needed.
- clear key schedule buffer before freeing.

Obtained from:	KAME
2003-10-13 14:57:41 +00:00
ume
2da6bcd326 - RIPEMD160 support
- pass size arg to ah->result (avoid assuming result buffer size)

Obtained from:	KAME
2003-10-12 09:41:42 +00:00
ume
8df937af7e switch cast128 implementation to implementation by Steve Reid;
smaller footprint.

Obtained from:	KAME
2003-10-10 15:06:16 +00:00
ume
399a4e7221 - fix typo in comment.
- style.

Obtained from:	KAME
2003-10-07 17:46:18 +00:00
imp
cf874b345d Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
alfred
bf8e8a6e8f Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
bmilekic
514c635ee6 o Untangle the confusion with the malloc flags {M_WAITOK, M_NOWAIT} and
the mbuf allocator flags {M_TRYWAIT, M_DONTWAIT}.
o Fix a bpf_compat issue where malloc() was defined to just call
  bpf_alloc() and pass the 'canwait' flag(s) along.  It's been changed
  to call bpf_alloc() but pass the corresponding M_TRYWAIT or M_DONTWAIT
  flag (and only one of those two).

Submitted by: Hiten Pandya <hiten@unixdaemons.com> (hiten->commit_count++)
2002-12-19 22:58:27 +00:00
ume
981ea9e4ae - use des_ecb3_encrypt().
- style: added spaces after /* and before */

Obtained from:	KAME
MFC after:	2 weeks
2002-03-05 21:12:41 +00:00
ume
e0782fc24b Oops, now, encription and decription are separate function.
MFC after:	2 weeks
2002-03-05 20:32:49 +00:00
ume
92361f6aad - Speedup 3DES by using assembly code for i386.
- Sync des/blowfish to more recent openssl.

Obtained from:	KAME/NetBSD
MFC after:	2 weeks
2002-03-05 09:19:02 +00:00
ume
8ee8d7c8d6 fixed the cast128 calculation with a short cipher key length.
the memory was overridden when the key length was less than 16 bytes.

Obtained from:	KAME
MFC after:	1 week
2001-11-27 14:11:47 +00:00
fenner
1a9e5ae59a Fix fencepost error causing creation of 0-length mbufs when the boundary
between header and data fell on the boundary between two mbufs.
2001-08-20 17:58:46 +00:00
ume
832f8d2249 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00
itojun
5f4e854de1 sync with kame tree as of july00. tons of bug fixes/improvements.
API changes:
- additional IPv6 ioctls
- IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8).
  (also syntax change)
2000-07-04 16:35:15 +00:00
phk
ce2aa22c93 Remove unneeded #include <sys/kernel.h> 2000-04-29 15:36:14 +00:00
phk
6be1308ad1 Remove ~25 unneeded #include <sys/conf.h>
Remove ~60 unneeded #include <sys/malloc.h>
2000-04-19 14:58:28 +00:00
shin
50ba589c66 IPSEC support in the kernel.
pr_input() routines prototype is also changed to support IPSEC and IPV6
chained protocol headers.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-12-22 19:13:38 +00:00