Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:19:13 UTC 2020
Modified Files:
src/sys/netinet: ip_input.c ip_output.c ip_var.h
src/sys/netinet6: ip6_forward.c ip6_input.c ip6_output.c ip6_var.h
src/sys/netipsec: ipsec.c ipsec.h
Log Message:
inet,
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:20:44 UTC 2020
Modified Files:
src/sys/netinet: ip_input.c
src/sys/netinet6: ip6_input.c
src/sys/netipsec: ipsec.c ipsec.h
src/sys/rump/librump/rumpnet: net_stub.c
Log Message:
ipsec: rename
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:22:26 UTC 2020
Modified Files:
src/sys/netinet: ip_output.c
Log Message:
inet: reduce indents of a normal path to improve readability (NFCI)
To generate a diff of this commit:
cvs rdiff -u -r1.316 -r1.317 src/sys/
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:23:42 UTC 2020
Modified Files:
src/sys/net: if.h if_arcsubr.c if_ethersubr.c if_ieee1394subr.c
Log Message:
net: introduce IFQ_ENQUEUE_ISR to assemble packet queuing routines (NFCI)
To generate a diff of this comm
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:25:52 UTC 2020
Modified Files:
src/sys/net: if_ethersubr.c
Log Message:
ether: separate handling of LLC frames as ether_input_llc (NFCI)
To generate a diff of this commit:
cvs rdiff -u -r1.285 -r1.286 src/sys/net/
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:27:16 UTC 2020
Modified Files:
src/sys/net: if_ethersubr.c
Log Message:
ether: count dropped packets on input
To generate a diff of this commit:
cvs rdiff -u -r1.286 -r1.287 src/sys/net/if_ethersubr.c
Please note
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:27:49 UTC 2020
Modified Files:
src/sys/net: if_ethersubr.c
Log Message:
ether: count dropped packets on output
To generate a diff of this commit:
cvs rdiff -u -r1.287 -r1.288 src/sys/net/if_ethersubr.c
Please not
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:28:58 UTC 2020
Modified Files:
src/sys/netinet6: ip6_forward.c ip6_input.c ip6_var.h
Log Message:
inet6: pass rcvif to ip6_forward to avoid extra psref_acquire
To generate a diff of this commit:
cvs rdiff -u -r1.1
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:30:08 UTC 2020
Modified Files:
src/sys/netinet: ip_input.c
Log Message:
inet: pull m_get_rcvif_psref out of ip_input for simplicity
Same as ip6_input.
To generate a diff of this commit:
cvs rdiff -u -r1.395 -r1.3
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:32:24 UTC 2020
Modified Files:
src/sys/netinet6: in6_src.c ip6_forward.c ip6_input.c ip6_output.c
ip6_var.h
Log Message:
inet6: reduce silent packet discards
To generate a diff of this commit:
cvs rdif
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:31:42 UTC 2020
Modified Files:
src/sys/netinet: ip_input.c ip_output.c ip_var.h
Log Message:
inet: reduce silent packet discards
To generate a diff of this commit:
cvs rdiff -u -r1.396 -r1.397 src/sys/netinet/ip_i
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 06:34:17 UTC 2020
Modified Files:
src/usr.bin/netstat: inet.c inet6.c
Log Message:
netstat: support new packet counters
To generate a diff of this commit:
cvs rdiff -u -r1.111 -r1.112 src/usr.bin/netstat/inet.c
cvs r
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 07:23:48 UTC 2020
Modified Files:
src/usr.bin/netstat: atalk.c bpf.c inet.c inet6.c pfkey.c pfsync.c
Log Message:
netstat: strengthen against kernel changes
netstat uses sysctlbyname to get counter data from the kerne
Module Name:src
Committed By: ozaki-r
Date: Fri Aug 28 07:29:12 UTC 2020
Modified Files:
src/sys/sys: param.h
Log Message:
Bump the version for entry additions to IP_STAT and IP6_STAT
Welcome to 9.99.72
To generate a diff of this commit:
cvs rdiff -u -r1.674 -r1.675 src
Module Name:src
Committed By: ozaki-r
Date: Fri Jun 30 07:57:13 UTC 2017
Modified Files:
src/tests/net/route: t_flags.sh t_flags6.sh
Log Message:
Check if ARP/NDP entries are purged when a related route is deleted
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r
Module Name:src
Committed By: ozaki-r
Date: Fri Jun 30 09:11:22 UTC 2017
Modified Files:
src/sys/net: rtsock.c
Log Message:
Restore the original length of a sockaddr for netmask
route(8) passes a sockaddr for netmask that is truncated with its
prefixlen. However the kerne
Module Name:src
Committed By: ozaki-r
Date: Mon Jul 3 06:01:16 UTC 2017
Modified Files:
src/distrib/sets/lists/tests: mi
src/tests/net/ipsec: Makefile algorithms.sh common.sh
t_ipsec_transport.sh
Added Files:
src/tests/net/ipsec: t_ipsec_tunnel_
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 4 06:45:05 UTC 2017
Modified Files:
src/sys/netipsec: ipsec_output.c
Log Message:
Simplify IPSEC_OSTAT macro (NFC)
To generate a diff of this commit:
cvs rdiff -u -r1.48 -r1.49 src/sys/netipsec/ipsec_output.c
Please n
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 4 08:09:19 UTC 2017
Modified Files:
src/sys/netipsec: ipsec_netbsd.c
Log Message:
KNF; replace leading whitespaces with hard tabs
To generate a diff of this commit:
cvs rdiff -u -r1.40 -r1.41 src/sys/netipsec/ipsec_net
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 4 08:11:32 UTC 2017
Modified Files:
src/sys/net: pfkeyv2.h
src/sys/netipsec: ipsec_netbsd.c key.c
Log Message:
Introduce and use SADB_SASTATE_USABLE_P
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 4 08:12:28 UTC 2017
Modified Files:
src/sys/netipsec: ipsec_netbsd.c
Log Message:
KNF
To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.43 src/sys/netipsec/ipsec_netbsd.c
Please note that diffs are not public
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 5 01:22:40 UTC 2017
Modified Files:
src/crypto/dist/ipsec-tools/src/setkey: parse.y token.l
Log Message:
Add update command for testing
Updating an SA (SADB_UPDATE) requires that a process issuing
SADB_UPDATE is the sam
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 5 01:25:03 UTC 2017
Modified Files:
src/tests/net/ipsec: t_ipsec_misc.sh
Log Message:
Add test cases for updating SA/SP
The tests require newly-added udpate command of setkey.
To generate a diff of this commit:
cvs rd
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 5 03:44:59 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.h ipsec6.h ipsec_input.c xform.h xform_ah.c
xform_esp.c xform_ipcomp.c
Log Message:
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 6 08:22:45 UTC 2017
Modified Files:
src/sys/opencrypto: xform.h
Log Message:
KNF
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 src/sys/opencrypto/xform.h
Please note that diffs are not public domain; t
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 6 08:27:07 UTC 2017
Modified Files:
src/sys/opencrypto: xform.c
Log Message:
Apply C99-style struct initialization to enc_xform, auth_hash and comp_algo
To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 src
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 6 09:04:26 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Fix usages of sadb_msg_errno
To generate a diff of this commit:
cvs rdiff -u -r1.165 -r1.166 src/sys/netipsec/key.c
Please note that diffs are n
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 6 09:48:42 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Avoid updating sav directly
On SADB_UPDATE a target sav was updated directly, which was unsafe.
Instead allocate another sav, copy variables of th
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 6 09:49:46 UTC 2017
Modified Files:
src/sys/netipsec: ipsec_input.c ipsec_output.c
Log Message:
Simplify; we can assume sav->tdb_xform cannot be NULL while it's valid
To generate a diff of this commit:
cvs rdiff -u -r1
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 7 01:37:34 UTC 2017
Modified Files:
src/sys/netinet: tcp_input.c tcp_var.h
src/sys/netipsec: ipsec.c ipsec_input.c ipsec_netbsd.c key.c key.h
xform_ah.c xform_esp.c xform_ipcomp.c
Log Message:
Rename
Module Name:src
Committed By: ozaki-r
Date: Mon Jul 10 07:17:12 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c xform_esp.c xform_tcp.c
Log Message:
Use explicit_memset to surely zero-clear key_auth and key_enc
To generate a diff of this commit:
cvs rdiff -u -r1.57
Module Name:src
Committed By: ozaki-r
Date: Mon Jul 10 07:27:35 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Make sure to clear keys on error paths of key_setsaval
To generate a diff of this commit:
cvs rdiff -u -r1.168 -r1.169 src/sys/netipsec/key.c
Pl
Module Name:src
Committed By: ozaki-r
Date: Mon Jul 10 07:40:23 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Add missing KEY_FREESAV
To generate a diff of this commit:
cvs rdiff -u -r1.169 -r1.170 src/sys/netipsec/key.c
Please note that diffs are not pu
Module Name:src
Committed By: ozaki-r
Date: Mon Jul 10 07:45:10 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Make sure a sav is inserted to a sah list after its initialization completes
To generate a diff of this commit:
cvs rdiff -u -r1.170 -r1.171 src/
Module Name:src
Committed By: ozaki-r
Date: Mon Jul 10 07:46:02 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Remove unnecessary zero-clearing codes from key_setsaval
key_setsaval is now used only for a newly-allocated sav. (It was
used to reset variables
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 11 04:50:59 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Correct wrong assumption of sav->refcnt in key_delsah
A sav in a list is basically not to be sav->refcnt == 0. And also
KEY_FREESAV assumes sav->r
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 11 04:55:39 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Let key_getsavbyspi take a reference of a returning sav
To generate a diff of this commit:
cvs rdiff -u -r1.173 -r1.174 src/sys/netipsec/key.c
P
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 11 09:49:15 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Use time_mono_to_wall (NFC)
To generate a diff of this commit:
cvs rdiff -u -r1.174 -r1.175 src/sys/netipsec/key.c
Please note that diffs are no
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 11 10:06:07 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Separate sending message routine (NFC)
To generate a diff of this commit:
cvs rdiff -u -r1.175 -r1.176 src/sys/netipsec/key.c
Please note that d
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 12 03:53:55 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Simplify; remove unnecessary zero-clears
key_freesaval is used only when a target sav is being destroyed.
To generate a diff of this commit:
cvs
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 12 03:59:32 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Omit NULL checks for sav->lft_c
sav->lft_c can be NULL only when initializing or destroying sav.
To generate a diff of this commit:
cvs rdiff -u
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 12 07:00:40 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c ipsec_input.c ipsec_output.c key.c
xform_ipip.c
Log Message:
Omit unnecessary NULL checks for sav->sah
To generate a diff of this commit:
cvs rd
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 12 07:33:37 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Omit unnecessary check of sav->state
key_allocsa_policy picks a sav of either MATURE or DYING so we
don't need to check its state again.
To gene
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 13 01:22:44 UTC 2017
Modified Files:
src/sys/netipsec: ipsec_output.c key.c key.h
Log Message:
Simplify; omit unnecessary saidx passing
- ipsec_nextisr returns a saidx but no caller uses it
- key_checkrequest is passed a
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 13 01:48:52 UTC 2017
Modified Files:
src/sys/netipsec: ipsec_output.c
Log Message:
Fix splx isn't called on some error paths
To generate a diff of this commit:
cvs rdiff -u -r1.52 -r1.53 src/sys/netipsec/ipsec_output.c
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 13 03:00:46 UTC 2017
Modified Files:
src/sys/netipsec: xform_esp.c
Log Message:
Fix header size calculation of esp where sav is NULL
To generate a diff of this commit:
cvs rdiff -u -r1.59 -r1.60 src/sys/netipsec/xform_e
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 13 03:25:38 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c
Log Message:
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
To generate a diff of this commit:
cvs rdiff -u
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 14 01:24:24 UTC 2017
Modified Files:
src/sys/netipsec: key.c key.h xform.h xform_ah.c xform_esp.c
xform_ipcomp.c xform_ipip.c xform_tcp.c
Log Message:
Pass sav directly to opencrypto callback
In a callback, u
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 14 01:30:09 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Avoid examining freshness of sav on packet processing
If a sav list is sorted (by lft_c->sadb_lifetime_addtime) in advance,
we don't need to exami
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 14 11:54:52 UTC 2017
Modified Files:
src/tests/net/ipsec: t_ipsec_misc.sh
Log Message:
Add test cases for SAs with different SPIs
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/tests/net/ipsec/t_ipsec_m
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 14 12:26:26 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.h ipsec_output.c key.c key.h xform.h xform_ah.c
xform_esp.c xform_ipcomp.c xform_ipip.c xform_tcp.c
Log Message:
Prepare to stop using isr->sav
isr
Module Name:src
Committed By: ozaki-r
Date: Sat Jul 15 07:26:02 UTC 2017
Modified Files:
src/tests/net/ipsec: t_ipsec_misc.sh
Log Message:
Fix wrong argument handling
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/tests/net/ipsec/t_ipsec_misc.sh
Please
Module Name:src
Committed By: ozaki-r
Date: Sun Jul 16 10:36:52 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Don't validate sav lists of LARVAL or DEAD states
We don't sort the lists so the validation will always fail.
Fix PR kern/52405
To generate a d
Module Name:src
Committed By: ozaki-r
Date: Sun Jul 16 10:46:45 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Make sure to sort the list when changing the state by key_sa_chgstate
To generate a diff of this commit:
cvs rdiff -u -r1.186 -r1.187 src/sys/net
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 18 02:10:33 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Rename key_allocsa_policy to key_lookup_sa_bysaidx
To generate a diff of this commit:
cvs rdiff -u -r1.187 -r1.188 src/sys/netipsec/key.c
Please
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 18 02:16:07 UTC 2017
Modified Files:
src/distrib/sets/lists/tests: mi
src/tests/net/ipsec: Makefile t_ipsec_misc.sh
Added Files:
src/tests/net/ipsec: t_ipsec_tcp.sh
Log Message:
Separate test files
To ge
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 18 04:01:04 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c
Log Message:
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
To generate a diff of this commit:
cvs rdiff -u -r1.61 -r1.62 src/sys/n
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 18 08:55:10 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Remove m_tag_find(PACKET_TAG_IPSEC_PENDING_TDB) because nobody sets the tag
To generate a diff of this commit:
cvs rdiff -u -r1.102 -r1.103 src
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 18 09:00:55 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Restore a comment removed in previous
The comment is valid for the below code.
To generate a diff of this commit:
cvs rdiff -u -r1.103 -r1.104
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 02:06:11 UTC 2017
Modified Files:
src/tests/net/ipsec: t_ipsec_misc.sh
Log Message:
Make tests more stable
sleep command seems to wait longer than expected on anita so
use polling to wait for a state change.
To gene
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 02:06:47 UTC 2017
Modified Files:
src/tests/net/ipsec: t_ipsec_misc.sh
Log Message:
Add tests that explicitly delete SAs instead of waiting for expirations
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.1
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 06:30:33 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Remove invalid M_AUTHIPDGM check on ESP isr->sav
M_AUTHIPDGM flag is set to a mbuf in ah_input_cb. An sav of ESP can
have AH authentication as s
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 06:31:54 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Look up sav instead of relying on unstable sp->req->sav
This code is executed only in an error path so an additional lookup
doesn't matter.
To
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 07:24:46 UTC 2017
Modified Files:
src/sys/netinet: ip_input.c
Log Message:
Correct a comment
To generate a diff of this commit:
cvs rdiff -u -r1.358 -r1.359 src/sys/netinet/ip_input.c
Please note that diffs are not
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 09:03:08 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c xform_esp.c xform_ipcomp.c
Log Message:
Don't release sav if calling crypto_dispatch again
To generate a diff of this commit:
cvs rdiff -u -r1.62 -r1.63
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 09:03:52 UTC 2017
Modified Files:
src/sys/netipsec: ipsec_output.c
Log Message:
Remove extra KEY_FREESAV from ipsec_process_done
It should be done by the caller.
To generate a diff of this commit:
cvs rdiff -u -r1.5
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 09:38:58 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c xform_esp.c xform_ipcomp.c
Log Message:
Don't bother the case of crp->crp_buf == NULL in callbacks
To generate a diff of this commit:
cvs rdiff -u -r1.63
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 19 10:26:09 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c xform_esp.c xform_ipcomp.c
Log Message:
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a se
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 20 01:10:57 UTC 2017
Modified Files:
src/tests/net/ipsec: t_ipsec_misc.sh
Log Message:
Don't make SAs expired on tests that delete SAs explicitly
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/tests/n
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 20 03:12:05 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c
Log Message:
Fix a debug message
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 src/sys/netipsec/xform_ah.c
Please note that diffs are no
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 20 03:17:59 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c
Log Message:
Dedup error paths (NFC)
To generate a diff of this commit:
cvs rdiff -u -r1.66 -r1.67 src/sys/netipsec/xform_ah.c
Please note that diffs ar
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 20 08:07:14 UTC 2017
Modified Files:
src/sys/netipsec: xform_ah.c xform_esp.c xform_ipcomp.c
Log Message:
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition
to struct
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 21 02:51:12 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Don't use unstable isr->sav for header size calculations
We may need to optimize to not look up sav here for users that
don't need to know an ex
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 21 03:08:10 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c ipsec.h ipsec_output.c
Log Message:
Don't use sp->req->sav when handling NAT-T ESP fragmentation
In order to do this we need to look up a sav however an addi
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 21 04:39:08 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c ipsec.h key.c key.h
Log Message:
Don't use key_lookup_sp that depends on unstable sp->req->sav
It provided a fast look-up of SP. We will provide an alternati
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 21 04:43:42 UTC 2017
Modified Files:
src/sys/netipsec: key.c
src/tests/net/ipsec: t_ipsec_misc.sh
Log Message:
Stop setting isr->sav on looking up sav in key_checkrequest
To generate a diff of this commit:
cvs r
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 21 04:50:11 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c ipsec.h key.c key_debug.c
Log Message:
Remove ipsecrequest#sav
To generate a diff of this commit:
cvs rdiff -u -r1.109 -r1.110 src/sys/netipsec/ipsec.c
cvs
Module Name:src
Committed By: ozaki-r
Date: Fri Jul 21 04:55:36 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.h ipsec_input.c
Log Message:
Stop setting mtag of PACKET_TAG_IPSEC_IN_DONE because there is no users anymore
To generate a diff of this commit:
cvs rdiff -u -
Module Name:src
Committed By: ozaki-r
Date: Mon Jul 24 02:07:43 UTC 2017
Modified Files:
src/tests/net: net_common.sh
src/tests/net/ipsec: t_ipsec_misc.sh
Log Message:
Skip ipsec_spi_*_*_preferred_new_timeout when running on qemu
Probably due to PR 43997
To gene
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 25 05:01:25 UTC 2017
Modified Files:
src/sys/rump/librump/rumpkern: Makefile.rumpkern
Log Message:
Add localcount to rump kernels
To generate a diff of this commit:
cvs rdiff -u -r1.169 -r1.170 src/sys/rump/librump/rump
Module Name:src
Committed By: ozaki-r
Date: Tue Jul 25 08:15:57 UTC 2017
Modified Files:
src/sys/netipsec: ipsec6.h
Log Message:
Remove unused macro
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 src/sys/netipsec/ipsec6.h
Please note that diffs are not pu
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 26 01:33:35 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Fix key_getcomb_setlifetime
The fix adjusts a soft limit to be 80% of a corresponding hard limit.
I'm not sure the fix is really correct though,
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 26 03:59:59 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c key.c key.h key_debug.c
Log Message:
Provide and apply key_sp_refcnt (NFC)
It simplifies further changes.
To generate a diff of this commit:
cvs rdiff -u -
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 26 07:39:54 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Fix indentation
Pointed out by knakahara@
To generate a diff of this commit:
cvs rdiff -u -r1.111 -r1.112 src/sys/netipsec/ipsec.c
Please not
Module Name:src
Committed By: ozaki-r
Date: Wed Jul 26 09:18:15 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.h key.c
Log Message:
Use pslist(9) for sptree
To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 src/sys/netipsec/ipsec.h
cvs rdiff -u -r1.193 -r1.
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 27 06:59:28 UTC 2017
Modified Files:
src/sys/netinet: ip_input.c
src/sys/netinet6: ip6_input.c
src/sys/netipsec: ipsec_output.c ipsec_private.h key.c xform_ah.c
xform_esp.c xform_ipcomp.c
Log M
Module Name:src
Committed By: ozaki-r
Date: Thu Jul 27 09:53:57 UTC 2017
Modified Files:
src/sys/net: raw_cb.c
src/sys/netipsec: key.c keysock.c keysock.h
Log Message:
Let PF_KEY socks hold their own lock instead of softnet_lock
Operations on SAD and SPD are execu
Module Name:src
Committed By: ozaki-r
Date: Wed Aug 2 01:28:03 UTC 2017
Modified Files:
src/sys/netinet6: ip6_forward.c ip6_output.c
src/sys/netipsec: ipsec.c ipsec.h key.c key.h xform_ah.c xform_esp.c
xform_ipcomp.c
src/sys/rump/librump/rumpnet
Module Name:src
Committed By: ozaki-r
Date: Wed Aug 2 01:59:26 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Fix updating ipsec_used
- key_update_used wasn't called in key_api_spddelete2 and key_api_spdflush
- key_update_used wasn't called if an SP had be
Module Name:src
Committed By: ozaki-r
Date: Wed Aug 2 02:12:42 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Fix updating ipsec_used; turn on when SPs on sockets are added
To generate a diff of this commit:
cvs rdiff -u -r1.198 -r1.199 src/sys/netipsec/k
Module Name:src
Committed By: ozaki-r
Date: Wed Aug 2 02:18:17 UTC 2017
Modified Files:
src/sys/netinet6: icmp6.c
Log Message:
Add missing IPsec policy checks to icmp6_rip6_input
icmp6_rip6_input is quite similar to rip6_input and the same checks exist
in rip6_input.
T
Module Name:src
Committed By: ozaki-r
Date: Wed Aug 2 02:19:57 UTC 2017
Modified Files:
src/distrib/sets/lists/tests: mi
src/tests/net/ipsec: Makefile
Added Files:
src/tests/net/ipsec: t_ipsec_sockopt.sh
Log Message:
Add test cases for setsockopt(IP_IPSEC_
Module Name:src
Committed By: ozaki-r
Date: Wed Aug 2 03:45:57 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c key.c
Log Message:
Don't use KEY_NEWSP for dummy SP entries
By the change KEY_NEWSP is now not called from softint anymore
and we can use kmem_zalloc with KM
Module Name:src
Committed By: ozaki-r
Date: Wed Aug 2 04:03:29 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Comment out unused functions
To generate a diff of this commit:
cvs rdiff -u -r1.114 -r1.115 src/sys/netipsec/ipsec.c
Please note that diffs a
Module Name:src
Committed By: ozaki-r
Date: Wed Aug 2 06:30:00 UTC 2017
Modified Files:
src/tests/net/ipsec: common.sh t_ipsec_misc.sh
Log Message:
Add test cases that there are SPs but no relevant SAs
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/test
Module Name:src
Committed By: ozaki-r
Date: Thu Aug 3 03:12:02 UTC 2017
Modified Files:
src/sys/netipsec: key.c
Log Message:
Don't allow sav->lft_c to be NULL
lft_c of an sav that was created by SADB_GETSPI could be NULL.
To generate a diff of this commit:
cvs rdiff -u
Module Name:src
Committed By: ozaki-r
Date: Thu Aug 3 03:16:27 UTC 2017
Modified Files:
src/tests/net/carp: t_basic.sh
src/tests/net/if_gif: t_gif.sh
src/tests/net/if_l2tp: t_l2tp.sh
src/tests/net/ipsec: t_ipsec_ah_keys.sh t_ipsec_esp_keys.sh
Module Name:src
Committed By: ozaki-r
Date: Thu Aug 3 04:42:26 UTC 2017
Modified Files:
src/sys/netipsec: ipsec_input.c
Log Message:
Remove unnecessary KEY_FREESAV in an error path
sav should be freed (unreferenced) by the caller.
To generate a diff of this commit:
cvs
Module Name:src
Committed By: ozaki-r
Date: Thu Aug 3 06:30:04 UTC 2017
Modified Files:
src/sys/netipsec: key.c keydb.h
Log Message:
Use pslist(9) for sahtree
To generate a diff of this commit:
cvs rdiff -u -r1.201 -r1.202 src/sys/netipsec/key.c
cvs rdiff -u -r1.15 -r1.
Module Name:src
Committed By: ozaki-r
Date: Thu Aug 3 06:30:40 UTC 2017
Modified Files:
src/sys/netipsec: key.c keydb.h
Log Message:
Use pslist(9) for sah->savtree
To generate a diff of this commit:
cvs rdiff -u -r1.202 -r1.203 src/sys/netipsec/key.c
cvs rdiff -u -r1.16
1 - 100 of 1592 matches
Mail list logo