This patchset adds support for IPsec extended (64-bit) sequence numbers for esp as defined in RFC 4303. Also it adds support for anti-replay windows bigger than 32 packets. To make use of big anti-replay windows and extended sequence numbers, new userspace tools are needed. An example patch for iproute2 is provided with this patchset. Known issues: - Not tested against another implementation of IPsec extended sequence numbers. Changes from v1: - Use a SG list with three 4 byte entries for the associated data. - Fix the sequence number to be in network byte order when using AEAD algorithms. - Rebased to net-next-2.6 current. The patchset is also available at branch 'net-next-esn' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/linux-2.6-stk.git Steffen -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
