Commit Graph

9 Commits

Author SHA1 Message Date
thorpej
b193480908 Add extensible malloc types, adapted from FreeBSD. This turns
malloc types into a structure, a pointer to which is passed around,
instead of an int constant.  Allow the limit to be adjusted when the
malloc type is defined, or with a function call, as suggested by
Jonathan Stone.
2003-02-01 06:23:35 +00:00
itojun
dc96111483 deep-copy pcb policy if it is an ipsec policy. assign ID field to all
SPD entries.  make it possible for racoon to grab SPD entry on pcb
(racoon side needs some changes).  sync w/kame
2002-06-12 17:56:45 +00:00
itojun
3489976392 do not copy policy-on-socket at all. avoid copying packet header value to
struct spindex.  should reduce memory usage per socket/pcb, and should speedup
ipsec processing.  sync w/kame
2002-06-12 01:47:34 +00:00
itojun
3edb75b9d5 unifdef -D__NetBSD__ 2002-03-01 04:16:38 +00:00
lukem
2565646230 don't need <sys/types.h> when including <sys/param.h> 2001-11-15 09:47:59 +00:00
lukem
4f2ad95259 add RCSIDs 2001-11-13 00:56:55 +00:00
itojun
92e64a4a0d sync with almost-latest KAME IPsec. full changelog would be too big
to mention here.  notable changes are like below.

kernel:
- make PF_KEY kernel interface more robust against broken input stream.
  it includes complete internal structure change in sys/netkey/key.c.
- remove non-RFC compliant change in PF_KEY API, in particular,
  in struct sadb_msg.  we cannot just change these standard structs.
  sadb_x_sa2 is introduced instead.
- remove prototypes for pfkey_xx functions from /usr/include/net/pfkeyv2.h.
  these functions are not supplied in /usr/lib.

setkey(8):
- get/delete does not require "-m mode" (ignored with warning, if you
  specify it)
- spddelete takes direction specification
2000-06-12 10:40:37 +00:00
itojun
90736ab608 fix include pathname for better rfc2292 compliance. 2000-02-06 12:49:37 +00:00
itojun
1a2a1e2b1f bring in latest KAME ipsec tree.
- interop issues in ipcomp is fixed
- padding type (after ESP) is configurable
- key database memory management (need more fixes)
- policy specification is revisited

XXX m->m_pkthdr.rcvif is still overloaded - hope to fix it soon
2000-01-31 14:18:52 +00:00