perry
4f27ab21b8
/*CONTCOND*/ while (0)'ed macros
2002-11-02 07:30:55 +00:00
itojun
ad337ee31a
plug a memory leak. from sam leffler. sync w/kame
2002-10-31 17:36:16 +00:00
itojun
02a04fd9fc
increase correct stat. KAME pr 445
2002-10-28 16:42:44 +00:00
itojun
5fc1c3b058
do not differentiate manually configured address from autoconfigured ones
...
wrt prefix management;
- always earn a reference to the prefix when an address is configured
(by ioctl).
- always delete the prefix when an address that has the last referene
is manually removed.
The change should solve the problem raised in KAME-snap 6989.
sync w/kame
2002-10-17 00:07:44 +00:00
thorpej
d9ae0a6eb1
IPSEC_ESP depends on the "des", "blowfish", "cast128", and "rijndael"
...
attributes.
2002-10-12 15:41:24 +00:00
thorpej
5b2b587c85
Move netinet, netinet6, ipsec, and ipfilter config defns to
...
netinet/files.ipfilter, etinet/files.netinet, netinet6/files.netinet6,
and netinet6/files.netipsec.
XXX There are still a few stragglers in conf/files, which are entangled
with other network protocols.
2002-10-10 22:45:45 +00:00
itojun
b15fea2610
suppress too noisy log by default (can be re-enabled by sysctl). sync w/kame
2002-10-09 20:22:16 +00:00
provos
0f09ed48a5
remove trailing \n in panic(). approved perry.
2002-09-27 15:35:29 +00:00
itojun
ce1bd42a2c
length field on PADN option, before jumbo payload option was wrong.
...
sync w/kame
2002-09-23 13:28:55 +00:00
itojun
0a734b348e
better fix to PR 18163 ("deprecated" flag manipulation). sync w/kame
2002-09-23 13:16:52 +00:00
simonb
4e3613273b
Remove breaks after returns, unreachable returns and returns after
...
returns(!).
2002-09-23 05:51:10 +00:00
simonb
03d61a28e4
Remove an extern declaration for the "pim6stat" variable; the only other
...
occurance of this is a static variable in ip6_mroute.c.
2002-09-23 04:56:58 +00:00
itojun
d694b45f9d
remove extra blank line
2002-09-15 01:18:59 +00:00
itojun
255121cf44
avoid from applying IPsec transport mode to the packets when the kernel
...
forwards the packets.
sync w/kame
2002-09-11 08:15:37 +00:00
itojun
8808abb7b8
correct pointer signedness mixups. sync w/kame
2002-09-11 03:45:44 +00:00
itojun
75e1911429
reduce diff w/kame
2002-09-11 03:23:24 +00:00
itojun
9401012487
KNF - return is not a function. sync w/kame.
2002-09-11 02:46:42 +00:00
itojun
6dedde045a
correct signedness mixup in pointer passing. sync w/kame
2002-09-11 02:41:19 +00:00
itojun
37bd81ba1e
allow "deprecated" bit to be manually set. PR 18163
2002-09-04 07:22:28 +00:00
itojun
c7b00b4ce4
pass proc * to in6_pcbsetport. PR 18073
2002-08-26 14:25:00 +00:00
itojun
967cf54a67
check packet length before fetching ESP crypto checksum. sync w/kame
2002-08-21 23:12:01 +00:00
itojun
e5df0242ce
sync up use_deprecated handling with latest kame.
...
- bind(deprecated) is allowed, trusting userland app is doing the right thing
- use_deprecated default to 1
2002-08-20 22:06:04 +00:00
itojun
ddbeae9874
check error from copyout
2002-08-19 23:23:22 +00:00
itojun
bec19ac64c
typo in comment
2002-08-19 23:21:11 +00:00
itojun
041c651838
fix copyout() logic. more proper fix to be done on kame tree.
2002-08-19 23:14:39 +00:00
itojun
8b2ed6900d
copyout only if oldp is non-null
2002-08-19 07:23:22 +00:00
itojun
cc0fa7bc37
need explicit copyout(), apparently
2002-08-19 06:50:22 +00:00
itojun
e89be6a279
set default value for use_deprecated to 0, to avoid consequences with ftpd.
2002-08-17 22:15:58 +00:00
itojun
c00fa8dfd9
avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE
...
optimization made last year. should solve PR 17867 and 10195.
IP_HDRINCL behavior of raw ip socket is kept unchanged. we may want to
provide IP_HDRINCL variant that does not swap endian.
2002-08-14 00:23:27 +00:00
itojun
ed12d77e43
avoid hardcoded "16" for max AH sum size. use AH_MAXSUMSIZE.
2002-08-09 07:01:21 +00:00
itojun
68e52f0ace
use correct padding boundary, to correctly estimate ESP header size.
...
problem found by Arto Selonen <arto@selonen.org>
2002-08-09 06:38:12 +00:00
itojun
bb92058a0f
cut and paste error in comment. From: Arto Selonen <arto@selonen.org>
2002-08-09 06:29:01 +00:00
itojun
af8ad017f7
typo. From: Arto Selonen <arto@selonen.org>, sync w/kame
2002-08-01 05:17:47 +00:00
itojun
a919a4c628
no need to check NULL mbuf, as we touch it already.
...
From: tedu <grendel@zeitbombe.org>
2002-07-30 23:27:15 +00:00
itojun
d337ab206e
no need to handle NULL argument in defrouter_delreq.
...
From: tedu <grendel@zeitbombe.org>
2002-07-30 23:24:21 +00:00
itojun
d08a33e8b1
correct multicast packet MTU check. sync w/kame
2002-07-25 12:41:51 +00:00
itojun
8b02a8b924
remove unneeded extern decl (commented out). sync w/kame
2002-07-20 21:11:55 +00:00
wiz
e00173a7f2
Spell 'should' correctly.
2002-07-18 11:59:06 +00:00
itojun
d67bce4593
no need to bzero() twice. from he@netbsd
2002-07-13 21:04:55 +00:00
itojun
51bd9285d5
correct ping6 -w result wth hostname with [A-Z]. PR 17540. sync w/kame
2002-07-10 05:05:01 +00:00
thorpej
10c252ba47
Changes to allow the IPv4 and IPv6 layers to align headers themseves,
...
as necessary:
* Implement a new mbuf utility routine, m_copyup(), is is like
m_pullup(), except that it always prepends and copies, rather
than only doing so if the desired length is larger than m->m_len.
m_copyup() also allows an offset into the destination mbuf, which
allows space for packet headers, in the forwarding case.
* Add *_HDR_ALIGNED_P() macros for IP, IPv6, ICMP, and IGMP. These
macros expand to 1 if __NO_STRICT_ALIGNMENT is defined, so that
architectures which do not have strict alignment constraints don't
pay for the test or visit the new align-if-needed path.
* Use the new macros to check if a header needs to be aligned, or to
assert that it already is, as appropriate.
Note: This code is still somewhat experimental. However, the new
code path won't be visited if individual device drivers continue
to guarantee that packets are delivered to layer 3 already properly
aligned (which are rules that are already in use).
2002-06-30 22:40:32 +00:00
itojun
3973cdf049
typo in name
2002-06-29 12:33:33 +00:00
itojun
d7006267f3
reduce kernel stack usage by separating struct secasindex. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-27 12:12:49 +00:00
itojun
61f28217c4
move sanity check upwards. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-22 12:27:09 +00:00
itojun
cfb9a4a799
avoid listening socket from mistakenly use incorrect cached policy.
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp> sync w/kame
2002-06-22 12:04:07 +00:00
itojun
69d65da8c6
sizeof mistake in DIAGNOSTIC path. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-21 23:15:35 +00:00
itojun
3033187db0
previous commit cached pcb policy too much (when pcb points to
...
SPD entry that is not ipsec - like "none"). back it out. sync w/kame
2002-06-16 16:28:36 +00:00
itojun
c1808f02bf
cache pcb policy as much as possible. in fact, if policy is not
...
IPSEC_POLICY_IPSEC we don't need to compare spidx. sync w/kame
2002-06-14 14:47:24 +00:00
itojun
813344bfbe
remove redundant line
2002-06-14 14:17:55 +00:00
itojun
a8dde3fa57
free secpolicy on deepcopy failure
2002-06-13 05:10:13 +00:00