to mention here. notable changes are like below.
kernel:
- make PF_KEY kernel interface more robust against broken input stream.
it includes complete internal structure change in sys/netkey/key.c.
- remove non-RFC compliant change in PF_KEY API, in particular,
in struct sadb_msg. we cannot just change these standard structs.
sadb_x_sa2 is introduced instead.
- remove prototypes for pfkey_xx functions from /usr/include/net/pfkeyv2.h.
these functions are not supplied in /usr/lib.
setkey(8):
- get/delete does not require "-m mode" (ignored with warning, if you
specify it)
- spddelete takes direction specification
When complaining about a long option which requires an argument,
print the actual option, not some pointer-garbage.
(Hint: "%c" and "%s" are different.)
When connecting to a version 2 portmapper, don't use the "udp" nettype,
since that includes udp on ipv6, but just use the "udp" netconfig entry
directly.
in sockets bound to reserved ports in the old code. Since old binaries
will still expect this, always try to bind to a reserved port in
clnt_cli_create and svc_tli_create, unless we're already bound.
mostly-MI floating-point implementation for use by gcc -msoft-float.
It's currently only used by arm26, but should be usable by other ports
without too much hacking, assuming doubles and u_int64_ts are passed and
returned the same way, and FP formats are IEEEish.
the listen socket properly. This caused spurious rpcbind(8)
failures.
- Don't define a "credmsg" structure. Instead, dynamically
allocate a buffer of the correct size of the message with
CMSG_SPACE() and free it when we're done. This gets the
size of the buffer right on LP64 platforms, which has padding
for alignment thrown in.
- Check for non-present or truncated cred messages when recvmsg(2)
returns.
these capabilities and stashes them in "struct tinfo" for t_goto to
use. This makes the t_goto call more efficient and plugs a memory
leak that was present in the original t_goto implementation.
Thanks to Itojun for spotting this one too!
