summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec
AgeCommit message (Expand)AuthorFilesLines
2019-06-05ipsec: ah_decrypt reworkFilip Tehlar1-167/+283
2019-06-07ipsec: remove the set_key APINeale Ranns7-371/+0
2019-06-05ipsec: fix combined counters in ah-encrypt nodeFilip Tehlar1-3/+5
2019-06-05ipsec: fix sa counters in esp-encryptDamjan Marion1-4/+7
2019-06-05ipsec: fix sa counters in esp-decryptDamjan Marion1-6/+7
2019-06-05IPSEC: some CLI fixesNeale Ranns2-6/+11
2019-06-04Fix: bug prevented IPsec ipv4 SPDs to show correctlyGuillaume Solignac1-4/+9
2019-06-02IPSec: memcpy of integ key borkNeale Ranns1-1/+1
2019-05-30IPsec: modify post-decrypt buf len calculationMatthew G Smith1-2/+2
2019-05-29ipsec: fix perf issue in esp_aad_fillDamjan Marion1-4/+7
2019-05-28ipsec: ah_encrypt reworkFilip Tehlar1-194/+280
2019-05-28Punt: socket register for exception dispatched/punted packets based on reasonNeale Ranns1-5/+5
2019-05-20IPSEC: rename default backendNeale Ranns1-2/+2
2019-05-15IPSEC: remove CLI check for unsupported IPv6-AH - it is supportedNeale Ranns1-22/+0
2019-05-14IPSEC coverity fixesNeale Ranns2-2/+4
2019-05-14IPSEC: remove unecessary pass by reference of sequence numberNeale Ranns3-4/+4
2019-05-06Add missing init fn dependency to ipsec_initDave Barach1-0/+5
2019-05-01esp_encrypt: remove unnecessary codeZhiyong Yang1-1/+1
2019-05-01ipsec: fix ipsec format overflowBenoît Ganne1-4/+3
2019-04-30crypto: enforce per-alg crypto key lengthBenoît Ganne1-0/+5
2019-04-26crypto, ipsec: change GCM IV handlingDamjan Marion2-3/+21
2019-04-25crypto: AES GCM IV length is always 12Damjan Marion1-1/+0
2019-04-25crypto_ipsecmb: use pre-expanded keysDamjan Marion1-1/+1
2019-04-25IPSEC; dpdk backend for tunnel interface encryptionNeale Ranns7-56/+92
2019-04-25ipsec: drop runts in esp-decryptDamjan Marion1-0/+8
2019-04-25crypto: improve key handlingDamjan Marion8-11/+58
2019-04-24Rearrange prefetching in ipsec_output_inlineVratko Polak1-6/+6
2019-04-23Fix a ipsec command line typoSimon Zhang1-1/+1
2019-04-23ipsec4-output: add pkt header and data prefetchingZhiyong Yang1-2/+9
2019-04-19IPSEC: IPv6 ESP transport mode incorrect packet length and checksum (VPP-1654)Neale Ranns1-7/+14
2019-04-19IPSEC: ESP IPv6 transport mode payload length incorrect (VPP-1653)Neale Ranns1-1/+3
2019-04-18IPSEC: tunnel rekey fix and test (VPP-1652)Neale Ranns1-21/+24
2019-04-17IPSEC: Pass the algorithm salt (used in GCM) over the APINeale Ranns6-10/+16
2019-04-16IPSEC: SA format; don't print keys when there's no algoNeale Ranns1-7/+8
2019-04-16IPSEC: support GCM in ESPNeale Ranns12-12/+126
2019-04-15IPSEC: crypto overflowNeale Ranns1-1/+1
2019-04-11IPSEC: ESP with ESN tests and fixesNeale Ranns2-4/+4
2019-04-11IPSEC-MB: Use random & non-repeating IV (VPP-1642)Neale Ranns2-5/+1
2019-04-10crypto: Intel IPSEC-MB engineNeale Ranns2-2/+13
2019-04-10IPSEC: for each engine and algorithm testsNeale Ranns1-1/+1
2019-04-10IPSEC: remove double byte swap of IP addressesNeale Ranns1-18/+10
2019-04-08IPSEC TEST: various hash alogrithmsNeale Ranns1-1/+1
2019-04-07crypto: add support for AEAD and AES-GCMDamjan Marion7-41/+39
2019-04-05IPSEC: punt reasons; SPI=0, no-tunnelNeale Ranns4-13/+154
2019-04-04ipsec: trunc_size -> icv_sizeDamjan Marion9-15/+15
2019-04-03IPSEC: correctly size per-thread dataNeale Ranns1-1/+1
2019-04-03IPSEC: show CLI improvementsNeale Ranns4-31/+208
2019-04-02IPSEC: tunnel scaling - don't stack the inbould SANeale Ranns4-19/+15
2019-04-02IPSEC: remove pointless feature orderingNeale Ranns1-4/+2
2019-03-29IPSEC-GRE: fixes and API update to common types.Neale Ranns10-52/+57
pan class="n">group_index; p = pg_create_edit_group (s, sizeof (p[0]), sizeof (tcp_header_t), &group_index); pg_tcp_header_init (p); /* Defaults. */ pg_edit_set_fixed (&p->seq_number, 0); pg_edit_set_fixed (&p->ack_number, 0); pg_edit_set_fixed (&p->data_offset_and_reserved, sizeof (tcp_header_t) / sizeof (u32)); pg_edit_set_fixed (&p->window, 4096); pg_edit_set_fixed (&p->urgent_pointer, 0); #define _(f) pg_edit_set_fixed (&p->f##_flag, 0); foreach_tcp_flag #undef _ p->checksum.type = PG_EDIT_UNSPECIFIED; if (!unformat (input, "TCP: %U -> %U", unformat_pg_edit, unformat_tcp_udp_port, &p->src, unformat_pg_edit, unformat_tcp_udp_port, &p->dst)) goto error; /* Parse options. */ while (1) { if (unformat (input, "window %U", unformat_pg_edit, unformat_pg_number, &p->window)) ; else if (unformat (input, "checksum %U", unformat_pg_edit, unformat_pg_number, &p->checksum)) ; else if (unformat (input, "seqnum %U", unformat_pg_edit, unformat_pg_number, &p->seq_number)) ; else if (unformat (input, "acknum %U", unformat_pg_edit, unformat_pg_number, &p->ack_number)) ; /* Flags. */ #define _(f) else if (unformat (input, #f)) pg_edit_set_fixed (&p->f##_flag, 1); foreach_tcp_flag #undef _ /* Can't parse input: try next protocol level. */ else break; } { ip_main_t *im = &ip_main; u16 dst_port; tcp_udp_port_info_t *pi; pi = 0; if (p->dst.type == PG_EDIT_FIXED) { dst_port = pg_edit_get_value (&p->dst, PG_EDIT_LO); pi = ip_get_tcp_udp_port_info (im, dst_port); } if (pi && pi->unformat_pg_edit && unformat_user (input, pi->unformat_pg_edit, s)) ; else if (!unformat_user (input, unformat_pg_payload, s)) goto error; if (p->checksum.type == PG_EDIT_UNSPECIFIED) { pg_edit_group_t *g = pg_stream_get_group (s, group_index); g->edit_function = tcp_pg_edit_function; g->edit_function_opaque = 0; } return 1; } error: /* Free up any edits we may have added. */ pg_free_edit_group (s); return 0; } /* * fd.io coding-style-patch-verification: ON * * Local Variables: * eval: (c-set-style "gnu") * End: */