CVS commit: src/sys/netipsec

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/netipsec
From: Rui Paulo <rpaulo%netbsd.org@localhost>
Date: Tue, 11 Apr 2006 20:21:28 +0000 (UTC)

Module Name:    src
Committed By:   rpaulo
Date:           Tue Apr 11 20:21:28 UTC 2006

Modified Files:
        src/sys/netipsec: ipsec.c ipsec.h ipsec_netbsd.c xform_ah.c xform_esp.c

Log Message:
Add two new sysctls protected under IPSEC_DEBUG:

  net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with
          the same sequence number. This allows to verify if the other side
          has proper replay attacks detection.

  net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with
          corrupted HMAC. This allows to verify if the other side properly
          detects modified packets.

(a message will be printed indicating when these sysctls changed)

By Pawel Jakub Dawidek <pjd%FreeBSD.org@localhost>.
Discussed with Christos Zoulas and Jonathan Stone.


To generate a diff of this commit:
cvs rdiff -r1.20 -r1.21 src/sys/netipsec/ipsec.c
cvs rdiff -r1.14 -r1.15 src/sys/netipsec/ipsec.h
cvs rdiff -r1.15 -r1.16 src/sys/netipsec/ipsec_netbsd.c
cvs rdiff -r1.9 -r1.10 src/sys/netipsec/xform_ah.c
cvs rdiff -r1.8 -r1.9 src/sys/netipsec/xform_esp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: Re: CVS commit: src/sys/ufs/ffs
Next by Date: CVS commit: src/sys/ufs/lfs
Previous by Thread: CVS commit: src/sys/arch/sh3/sh3
Next by Thread: CVS commit: src/sys/ufs/lfs
Indexes:

Home | Main Index | Thread Index | Old Index