#
733070a0 |
| 14-Feb-2013 |
mikeb <mikeb@openbsd.org> |
Merge of an original work by markus@ and gerhard@ to increase the anti-replay window size to 2100 entries; plus small ESN related improvements. ok markus
|
#
e2a50b06 |
| 18-Oct-2012 |
markus <markus@openbsd.org> |
simplify checkreplaywindow() API; make call/return code handling consistent ok mikeb@
|
#
fb4f30fc |
| 20-Sep-2012 |
blambert <blambert@openbsd.org> |
spltdb() was really just #define'd to be splsoftnet(); replace the former with the latter
no change in md5 checksum of generated files
ok claudio@ henning@
|
#
8639b6ee |
| 18-Sep-2012 |
markus <markus@openbsd.org> |
remove the SADB_X_SAFLAGS_{HALFIV,RANDOMPADDING,NOREPLAY} pfkey-API (not set anywhere) as well as the matching TDBF_{HALFIV,RANDOMPADDING,NOREPLAY} code. ok mikeb@
|
#
6b4cbaf1 |
| 29-Jun-2012 |
mikeb <mikeb@openbsd.org> |
Add support for the Extended (64-bit) Sequence Number as defined in RFC4302 and RFC4303. Right now only software crypto engine is capable of doing it.
Replay check was rewritten to implement algori
Add support for the Extended (64-bit) Sequence Number as defined in RFC4302 and RFC4303. Right now only software crypto engine is capable of doing it.
Replay check was rewritten to implement algorithm described in the Appendix A of RFC4303 and the window size was increased to 64.
Tested against OpenBSD, Linux (strongswan) and Windows.
No objection from the usual suspects.
show more ...
|
#
fa2d22af |
| 11-Jan-2011 |
deraadt <deraadt@openbsd.org> |
for key material that is being being discarded, convert bzero() to explicit_bzero() where required ok markus mikeb
|
#
26620d19 |
| 21-Dec-2010 |
markus <markus@openbsd.org> |
don't leak mbuf if padding failes; ok mikeb@
|
#
9e43f3a0 |
| 06-Oct-2010 |
mikeb <mikeb@openbsd.org> |
Retire Skipjack
There's not much use for the declassified cipher from the 80's with a questionable license these days. According to the FIPS drafts, Skipjack reaches its EOL in December 2010.
The
Retire Skipjack
There's not much use for the declassified cipher from the 80's with a questionable license these days. According to the FIPS drafts, Skipjack reaches its EOL in December 2010.
The libc portion will be removed after the ports hackathon.
djm and thib agree, no objections from deraadt Thanks to jsg for digging up FIPS drafts.
show more ...
|
#
548e5859 |
| 23-Sep-2010 |
mikeb <mikeb@openbsd.org> |
remove m_pad in favor of m_inject as it's equivalent to m_inject with an offset equal to the actual data length.
ok henning blambert
|
#
e3ee6b51 |
| 22-Sep-2010 |
mikeb <mikeb@openbsd.org> |
Support for AES-GCM-16 and ENCR_NULL_AUTH_AES_GMAC in ESP as per RFC 4106 and 4543.
Authentication hash key is set to be the same as an encryption key.
The length that is specified for the authenti
Support for AES-GCM-16 and ENCR_NULL_AUTH_AES_GMAC in ESP as per RFC 4106 and 4543.
Authentication hash key is set to be the same as an encryption key.
The length that is specified for the authentication hash descriptor denotes the the length of Additional Authentication Data (AAD). The encryption transformation descriptor length denotes the length of the payload (to be encrypted and authenticated).
ENCR_NULL_AUTH_AES_GMAC treats all input as AAD, thus the encryption length is set to zero.
This also fixes padding for stream ciphers, so that payload will be 4-byte aligned.
show more ...
|
#
e1212bed |
| 20-Jul-2010 |
matthew <matthew@openbsd.org> |
Switch some obvious network stack MAC comparisons from bcmp() to timingsafe_bcmp().
ok deraadt@; committed over WPA.
|
#
05d65ec4 |
| 09-Jul-2010 |
reyk <reyk@openbsd.org> |
Add support for using IPsec in multiple rdomains.
This allows to run isakmpd/iked/ipsecctl in multiple rdomains independently (with "route exec"); the kernel will pickup the rdomain from the process
Add support for using IPsec in multiple rdomains.
This allows to run isakmpd/iked/ipsecctl in multiple rdomains independently (with "route exec"); the kernel will pickup the rdomain from the process context of the pfkey socket and load the flows and SAs into the matching rdomain encap routing table. The network stack also needs to pass the rdomain to the ipsec stack to lookup the correct rdomain that belongs to an interface/mbuf/... You can now run individual IPsec configs per rdomain or create IPsec VPNs between multiple rdomains on the same machine ;). Note that a primary enc(4) in addition to enc0 interface is required per rdomain, eg. enc1 rdomain 1.
Test by some people, mostly on existing "rdomain 0" setups. Was in snaps for some days and people didn't complain.
ok claudio@ naddy@
show more ...
|
#
41b18b7e |
| 02-Jul-2010 |
blambert <blambert@openbsd.org> |
m_copyback can fail to allocate memory, but is a void fucntion so gymnastics are required to detect that.
Change the function to take a wait argument (used in nfs server, but M_NOWAIT everywhere els
m_copyback can fail to allocate memory, but is a void fucntion so gymnastics are required to detect that.
Change the function to take a wait argument (used in nfs server, but M_NOWAIT everywhere else for now) and to return an error
ok claudio@ henning@ krw@
show more ...
|
#
a43d4d9b |
| 01-Jul-2010 |
reyk <reyk@openbsd.org> |
Allow to specify an alternative enc(4) interface for an SA. All traffic for this SA will appear on the specified enc interface instead of enc0 and can be filtered and monitored separately. This will
Allow to specify an alternative enc(4) interface for an SA. All traffic for this SA will appear on the specified enc interface instead of enc0 and can be filtered and monitored separately. This will allow to group individual ipsec policies to virtual interfaces and simplifies monitoring and pf filtering with many ipsec policies a lot.
This diff includes the following changes: - Store the enc interface unit (default 0) in the TDB of an SA and pass it to the enc_getif() lookup when running the bpf or pf_test() handlers. - Add the pfkey SADB_X_EXT_TAP extension to communicate the encX interface unit for a specified SA between userland and kernel. - Update enc(4) again to use an allocate array instead of the TAILQ to lookup the matching enc interface in enc_getif() quickly.
Discussed with many, tested by a few, will need more testing & review.
ok deraadt@
show more ...
|
#
8ddcae73 |
| 29-Jun-2010 |
reyk <reyk@openbsd.org> |
Replace enc(4) with a new implementation as a cloner device. We still create enc0 by default, but it is possible to add additional enc interfaces. This will be used later to allow alternative encs
Replace enc(4) with a new implementation as a cloner device. We still create enc0 by default, but it is possible to add additional enc interfaces. This will be used later to allow alternative encs per policy or to have an enc per rdomain when IPsec becomes rdomain-aware.
manpage bits ok jmc@ input from henning@ deraadt@ toby@ naddy@ ok henning@ claudio@
show more ...
|
#
8688c78c |
| 10-Jan-2010 |
markus <markus@openbsd.org> |
Fix two bugs in IPsec/HMAC-SHA2: (1) use correct (message) block size of 128 byte (instead of 64 bytes) for HMAC-SHA512/384 (RFC4634). (2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncat
Fix two bugs in IPsec/HMAC-SHA2: (1) use correct (message) block size of 128 byte (instead of 64 bytes) for HMAC-SHA512/384 (RFC4634). (2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncated to nnn/2 bits, while we still use 96 bits. 96 bits have been specified in draft-ietf-ipsec-ciph-sha-256-00 while draft-ietf-ipsec-ciph-sha-256-01 changed it to 128 bits.
WARNING: this change makes IPsec with SHA-256 (the default) incompatible with older OpenBSD versions and other IPsec-implementations that share this bug.
ok+tests naddy, fries; requested by reyk/deraadt
show more ...
|
#
780f39a5 |
| 09-Jun-2008 |
djm <djm@openbsd.org> |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1ea1e202 |
| 19-Nov-2007 |
mpf <mpf@openbsd.org> |
Remove the #define ENCDEBUG that slipped through somehow. OK hshoexer@
|
#
8c834508 |
| 17-Oct-2007 |
hshoexer <hshoexer@openbsd.org> |
Convert MALLOC/FREE to malloc/free.
ok gilles@
|
#
2f33a180 |
| 06-Oct-2007 |
krw <krw@openbsd.org> |
Oops. Forgot to do FREE -> free when I did MALLOC -> malloc.
|
#
c86f0003 |
| 03-Oct-2007 |
krw <krw@openbsd.org> |
MALLOC+bzero -> malloc+M_ZERO.
In ip_esp.c all allocated memory is now zero'd in the "malloc(sizeof(*tc) + alen ..." case. The +alen memory was not initialized by the bzero() call. Noticed by chl@.
MALLOC+bzero -> malloc+M_ZERO.
In ip_esp.c all allocated memory is now zero'd in the "malloc(sizeof(*tc) + alen ..." case. The +alen memory was not initialized by the bzero() call. Noticed by chl@.
"Looks good" art@ "seems ok" chl@
show more ...
|
#
8a9ffae8 |
| 15-Dec-2006 |
otto <otto@openbsd.org> |
make enc(4) count; ok markus@ henning@ deraadt@
|
#
0e9fa1b9 |
| 21-Sep-2006 |
otto <otto@openbsd.org> |
ugly trailing ws; from bret dot lambert at gmail
|
#
79a6b5c5 |
| 28-May-2006 |
mcbride <mcbride@openbsd.org> |
Only preemptively increase the replay counter for outbound TDBs.
Another ipsec failover fix from nathanael at polymorpheus dot com.
ok hshoexer@
|
#
c4acdf64 |
| 25-Mar-2006 |
djm <djm@openbsd.org> |
allow bpf(4) to ignore packets based on their direction (inbound or outbound), using a new BIOCSDIRFILT ioctl; guidance, feedback and ok canacar@
|