d505b18964
Make sure to include opt_foo.h if a defflag option FOO is used.
2003-06-23 11:00:59 +00:00
7a5741651c
- sync up MLD declaration with RFC3542 (s/MLD6/MLD/)
...
- routing header declaration with RFC3542
(note: sizeof(ip6_rthdr0) has changed!)
also, sync up with RFC2460 routing header definition (no "strict" source
routing mode any more)
part of advanced API update (RFC2292 -> 3542).
2003-06-06 08:13:43 +00:00
a07ae6a9df
don't try to forward multicast packet to mif that went away; kame
2003-06-06 06:52:29 +00:00
5c0f142820
remove assumption on redirect header option processing. from kame
2003-06-03 05:20:06 +00:00
f46a719b5c
can't use M_WAIT here, i believe.
2003-05-27 22:36:38 +00:00
63715bec6b
backout previous. (sys/net/if.c fixed)
2003-05-16 16:57:35 +00:00
d36e610a01
nd6_rtmsg: If called during if_detach(), TAILQ_FIRST(if_addrlist)
...
could be NULL. This is not a common case, but as nd6_rtmsg()
will be called during if_detach(), we need to check for the
case. reported by kanaoka-san.
2003-05-16 16:19:45 +00:00
4008ec1218
use strlcpy
2003-05-16 03:56:49 +00:00
4d9a92e2a2
remove duplicate. masanori kanaoka
2003-05-16 02:53:28 +00:00
9cf18f13b5
rt->rt_ifp may not always be available. masanori kanaoka via kame
2003-05-15 14:57:58 +00:00
a5d8a0a4f6
check version before computing checksum. checksum is more expensive operation.
2003-05-15 13:46:15 +00:00
19b1e87da3
KNF
2003-05-14 17:02:59 +00:00
6e0f23e7f6
KNF
2003-05-14 17:00:22 +00:00
f77518e2f5
KNF
2003-05-14 14:41:33 +00:00
5eaf3c3113
do not use m_pulldown() to parse intermediate extension headers (like routing).
...
we don't want to drop packets due to extension header parsing. KAME rev 1.59.
(performance may suck, but it is slowpath anyways)
2003-05-14 14:34:14 +00:00
de87ca793d
constant usually has two n.
2003-05-14 12:45:06 +00:00
346e0198f0
always use PULLDOWN_TEST codepath.
2003-05-14 06:47:33 +00:00
9787457fbe
bring a small amount of code out of an if() statement that was doing
...
the same thing for both cases.
2003-05-10 13:23:07 +00:00
874e6573c4
fix invalid pointer setting on RA reception. from kiu shueng chuan via kame
2003-05-08 20:08:52 +00:00
a617975d48
print how big the mtu needs to be for ipv6 ppp.
2003-05-04 13:43:09 +00:00
4be7a2dcf3
Add a new feature-test macro, _NETBSD_SOURCE. If this is defined
...
by the application, all NetBSD interfaces are made visible, even
if some other feature-test macro (like _POSIX_C_SOURCE) is defined.
<sys/featuretest.h> defined _NETBSD_SOURCE if none of _ANSI_SOURCE,
_POSIX_C_SOURCE and _XOPEN_SOURCE is defined, so as to preserve
existing behaviour.
This has two major advantages:
+ Programs that require non-POSIX facilities but define _POSIX_C_SOURCE
can trivially be overruled by putting -D_NETBSD_SOURCE in their CFLAGS.
+ It makes most of the #ifs simpler, in that they're all now ORs of the
various macros, rather than having checks for (!defined(_ANSI_SOURCE) ||
!defined(_POSIX_C_SOURCE) || !defined(_XOPEN_SOURCE)) all over the place.
I've tried not to change the semantics of the headers in any case where
_NETBSD_SOURCE wasn't defined, but there were some places where the
current semantics were clearly mad, and retaining them was harder than
correcting them. In particular, I've mostly normalised things so that
_ANSI_SOURCE gets you the smallest set of stuff, then _POSIX_C_SOURCE,
_XOPEN_SOURCE and _NETBSD_SOURCE in that order.
Tested by building for vax, encouraged by thorpej, and uncontested in
tech-userlevel for a week.
2003-04-28 23:16:11 +00:00
b2fcce1997
style
2003-04-22 10:08:33 +00:00
ee5b1a7c61
Protect the definition of offsetof().
2003-04-17 19:58:57 +00:00
a81c2be8be
avoid mbuf leak in redirect header option attachment. more complete
...
fix to come. from kame
2003-03-31 23:55:46 +00:00
452610ea39
Add in6_localaddr(). From KAME via FreeBSD.
2003-02-27 22:06:38 +00:00
eb5e5b35c1
Make sure to initialize callout structs.
2003-02-25 22:17:47 +00:00
8c1eaadb7a
automatic aggregates are evil. make it static const.
2003-02-24 03:01:03 +00:00
b193480908
Add extensible malloc types, adapted from FreeBSD. This turns
...
malloc types into a structure, a pointer to which is passed around,
instead of an int constant. Allow the limit to be adjusted when the
malloc type is defined, or with a function call, as suggested by
Jonathan Stone.
2003-02-01 06:23:35 +00:00
9115df8c49
success, not sucess. Noted by mjl.
2003-01-28 22:35:02 +00:00
276fd1665c
The Double-Semi-Colon Police.
2003-01-20 05:29:53 +00:00
0efc092563
Remove variable that is only assigned too but not referenced.
2003-01-20 00:39:30 +00:00
40606ab8f2
switch from kame-based m_aux mbuf auxiliary data, to openbsd m_tag
...
implementation. it will simplify porting across *bsd (such as kame/altq),
and make us more synchronized. from Joel Wilsson
2003-01-17 08:11:49 +00:00
177ed24b8b
allocate route_in6 in struct secashead, to avoid mistakenly overrun
...
the end of secashead. Fixes PR18751.
2003-01-08 05:46:49 +00:00
be9a8d8e2f
recover original stanford copyright. sync w/kame
2002-11-27 05:09:36 +00:00
0635de35a3
Remove KDIR=, since SYS_INCLUDE=symlinks and KDIR are not supported any more.
2002-11-26 23:30:07 +00:00
d6f8cc841d
Avoid strict-alias warnings.
2002-11-25 01:55:21 +00:00
c8a8326600
make USE_ENCAPCHECK (in netinet*/*gif.c) to global option, GIF_ENCAPCHECK.
...
#ifdef out unneeded code when possible.
From: Krister Walfridsson <cato@df.lth.se>
2002-11-11 18:35:27 +00:00
1e8dadc8f9
pmtu_probe is not used anywhere (it is used in KAME TCP6-only code).
...
From: Krister Walfridsson <cato@df.lth.se>
2002-11-11 18:26:42 +00:00
6f28503927
need icmp6.h for MULTICAST_PMTUD case. sync w/kame
2002-11-09 03:12:05 +00:00
eab4bb9593
include opt_inet.h -- found by David Laight
2002-11-05 21:46:42 +00:00
29ef3e950d
improve gif lookup performance, when there are many of those,
...
by using radix tree for lookups. tested by yshimizu@iij.
2002-11-05 16:58:11 +00:00
4f27ab21b8
/*CONTCOND*/ while (0)'ed macros
2002-11-02 07:30:55 +00:00
ad337ee31a
plug a memory leak. from sam leffler. sync w/kame
2002-10-31 17:36:16 +00:00
02a04fd9fc
increase correct stat. KAME pr 445
2002-10-28 16:42:44 +00:00
5fc1c3b058
do not differentiate manually configured address from autoconfigured ones
...
wrt prefix management;
- always earn a reference to the prefix when an address is configured
(by ioctl).
- always delete the prefix when an address that has the last referene
is manually removed.
The change should solve the problem raised in KAME-snap 6989.
sync w/kame
2002-10-17 00:07:44 +00:00
d9ae0a6eb1
IPSEC_ESP depends on the "des", "blowfish", "cast128", and "rijndael"
...
attributes.
2002-10-12 15:41:24 +00:00
5b2b587c85
Move netinet, netinet6, ipsec, and ipfilter config defns to
...
netinet/files.ipfilter, etinet/files.netinet, netinet6/files.netinet6,
and netinet6/files.netipsec.
XXX There are still a few stragglers in conf/files, which are entangled
with other network protocols.
2002-10-10 22:45:45 +00:00
b15fea2610
suppress too noisy log by default (can be re-enabled by sysctl). sync w/kame
2002-10-09 20:22:16 +00:00
0f09ed48a5
remove trailing \n in panic(). approved perry.
2002-09-27 15:35:29 +00:00
ce1bd42a2c
length field on PADN option, before jumbo payload option was wrong.
...
sync w/kame
2002-09-23 13:28:55 +00:00
0a734b348e
better fix to PR 18163 ("deprecated" flag manipulation). sync w/kame
2002-09-23 13:16:52 +00:00
4e3613273b
Remove breaks after returns, unreachable returns and returns after
...
returns(!).
2002-09-23 05:51:10 +00:00
03d61a28e4
Remove an extern declaration for the "pim6stat" variable; the only other
...
occurance of this is a static variable in ip6_mroute.c.
2002-09-23 04:56:58 +00:00
d694b45f9d
remove extra blank line
2002-09-15 01:18:59 +00:00
255121cf44
avoid from applying IPsec transport mode to the packets when the kernel
...
forwards the packets.
sync w/kame
2002-09-11 08:15:37 +00:00
8808abb7b8
correct pointer signedness mixups. sync w/kame
2002-09-11 03:45:44 +00:00
75e1911429
reduce diff w/kame
2002-09-11 03:23:24 +00:00
9401012487
KNF - return is not a function. sync w/kame.
2002-09-11 02:46:42 +00:00
6dedde045a
correct signedness mixup in pointer passing. sync w/kame
2002-09-11 02:41:19 +00:00
37bd81ba1e
allow "deprecated" bit to be manually set. PR 18163
2002-09-04 07:22:28 +00:00
c7b00b4ce4
pass proc * to in6_pcbsetport. PR 18073
2002-08-26 14:25:00 +00:00
967cf54a67
check packet length before fetching ESP crypto checksum. sync w/kame
2002-08-21 23:12:01 +00:00
e5df0242ce
sync up use_deprecated handling with latest kame.
...
- bind(deprecated) is allowed, trusting userland app is doing the right thing
- use_deprecated default to 1
2002-08-20 22:06:04 +00:00
ddbeae9874
check error from copyout
2002-08-19 23:23:22 +00:00
bec19ac64c
typo in comment
2002-08-19 23:21:11 +00:00
041c651838
fix copyout() logic. more proper fix to be done on kame tree.
2002-08-19 23:14:39 +00:00
8b2ed6900d
copyout only if oldp is non-null
2002-08-19 07:23:22 +00:00
cc0fa7bc37
need explicit copyout(), apparently
2002-08-19 06:50:22 +00:00
e89be6a279
set default value for use_deprecated to 0, to avoid consequences with ftpd.
2002-08-17 22:15:58 +00:00
c00fa8dfd9
avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE
...
optimization made last year. should solve PR 17867 and 10195.
IP_HDRINCL behavior of raw ip socket is kept unchanged. we may want to
provide IP_HDRINCL variant that does not swap endian.
2002-08-14 00:23:27 +00:00
ed12d77e43
avoid hardcoded "16" for max AH sum size. use AH_MAXSUMSIZE.
2002-08-09 07:01:21 +00:00
68e52f0ace
use correct padding boundary, to correctly estimate ESP header size.
...
problem found by Arto Selonen <arto@selonen.org>
2002-08-09 06:38:12 +00:00
bb92058a0f
cut and paste error in comment. From: Arto Selonen <arto@selonen.org>
2002-08-09 06:29:01 +00:00
af8ad017f7
typo. From: Arto Selonen <arto@selonen.org>, sync w/kame
2002-08-01 05:17:47 +00:00
a919a4c628
no need to check NULL mbuf, as we touch it already.
...
From: tedu <grendel@zeitbombe.org>
2002-07-30 23:27:15 +00:00
d337ab206e
no need to handle NULL argument in defrouter_delreq.
...
From: tedu <grendel@zeitbombe.org>
2002-07-30 23:24:21 +00:00
d08a33e8b1
correct multicast packet MTU check. sync w/kame
2002-07-25 12:41:51 +00:00
8b02a8b924
remove unneeded extern decl (commented out). sync w/kame
2002-07-20 21:11:55 +00:00
e00173a7f2
Spell 'should' correctly.
2002-07-18 11:59:06 +00:00
d67bce4593
no need to bzero() twice. from he@netbsd
2002-07-13 21:04:55 +00:00
51bd9285d5
correct ping6 -w result wth hostname with [A-Z]. PR 17540. sync w/kame
2002-07-10 05:05:01 +00:00
10c252ba47
Changes to allow the IPv4 and IPv6 layers to align headers themseves,
...
as necessary:
* Implement a new mbuf utility routine, m_copyup(), is is like
m_pullup(), except that it always prepends and copies, rather
than only doing so if the desired length is larger than m->m_len.
m_copyup() also allows an offset into the destination mbuf, which
allows space for packet headers, in the forwarding case.
* Add *_HDR_ALIGNED_P() macros for IP, IPv6, ICMP, and IGMP. These
macros expand to 1 if __NO_STRICT_ALIGNMENT is defined, so that
architectures which do not have strict alignment constraints don't
pay for the test or visit the new align-if-needed path.
* Use the new macros to check if a header needs to be aligned, or to
assert that it already is, as appropriate.
Note: This code is still somewhat experimental. However, the new
code path won't be visited if individual device drivers continue
to guarantee that packets are delivered to layer 3 already properly
aligned (which are rules that are already in use).
2002-06-30 22:40:32 +00:00
3973cdf049
typo in name
2002-06-29 12:33:33 +00:00
d7006267f3
reduce kernel stack usage by separating struct secasindex. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-27 12:12:49 +00:00
61f28217c4
move sanity check upwards. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-22 12:27:09 +00:00
cfb9a4a799
avoid listening socket from mistakenly use incorrect cached policy.
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp> sync w/kame
2002-06-22 12:04:07 +00:00
69d65da8c6
sizeof mistake in DIAGNOSTIC path. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-21 23:15:35 +00:00
3033187db0
previous commit cached pcb policy too much (when pcb points to
...
SPD entry that is not ipsec - like "none"). back it out. sync w/kame
2002-06-16 16:28:36 +00:00
c1808f02bf
cache pcb policy as much as possible. in fact, if policy is not
...
IPSEC_POLICY_IPSEC we don't need to compare spidx. sync w/kame
2002-06-14 14:47:24 +00:00
813344bfbe
remove redundant line
2002-06-14 14:17:55 +00:00
a8dde3fa57
free secpolicy on deepcopy failure
2002-06-13 05:10:13 +00:00
dc96111483
deep-copy pcb policy if it is an ipsec policy. assign ID field to all
...
SPD entries. make it possible for racoon to grab SPD entry on pcb
(racoon side needs some changes). sync w/kame
2002-06-12 17:56:45 +00:00
3489976392
do not copy policy-on-socket at all. avoid copying packet header value to
...
struct spindex. should reduce memory usage per socket/pcb, and should speedup
ipsec processing. sync w/kame
2002-06-12 01:47:34 +00:00
fa53d749ff
share policy-on-pcb for listening socket. sync w/kame
...
todo: share even more, avoid frequent updates of spidx
2002-06-11 19:39:59 +00:00
2533e1f81f
avoid variable name confusion. sync w/kame
2002-06-11 17:26:52 +00:00
9b2ae3537c
silence some of log(), as the codepath will be visited for IPv6-non-capable
...
interfaces too and can be annoying. net.inet6.icmp6.nd6_debug will
re-enable them.
2002-06-11 07:28:05 +00:00
b05ff066a7
whitespace cleanup
2002-06-09 14:43:10 +00:00
e55d3b6782
indent cleanup
2002-06-08 21:32:55 +00:00
7316bc595b
KNF
2002-06-08 21:29:26 +00:00
2495e99fc7
gc
2002-06-08 21:28:18 +00:00
6d8d0d63d8
sync with latest KAME in6_ifaddr/prefix/default router manipulation.
...
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.
2002-06-08 21:22:29 +00:00
fc5800e3fd
whitespace cleanup
2002-06-08 20:06:44 +00:00
2f88f76db1
in6_len2mask is a duplicate of in6_prefixlen2mask. unify. sync w/kame
2002-06-08 00:07:00 +00:00
9736fd7f05
on SIOCAIFADDR_IN6 check if sin6_len is sane. sync w/kame
2002-06-08 00:01:30 +00:00
e4f39ff86f
panic() if NULL is passed to ah_sumsiz_xx. suggested by sam leffler, sync w/kame
2002-06-07 23:42:41 +00:00
36f10d3196
some KNF
2002-06-07 22:08:41 +00:00
acf7dffae4
some KNF
2002-06-07 22:07:38 +00:00
0026ddd6dd
no need for offsetof()
2002-06-07 22:06:48 +00:00
edcbce7c37
typo
2002-06-07 22:05:37 +00:00
a1e0f0f9a7
sync IPV6_CHECKSUM handling with kame.
2002-06-07 22:03:02 +00:00
2aae9aee46
Fix mistakes in previous.
2002-06-07 18:19:30 +00:00
09342cdd61
typo
2002-06-07 18:19:05 +00:00
fc16676d8e
If there has been no NS for the neighbor after entering the
...
INCOMPLETE state, send the first solicitation in nd6_output(), regardless
of the timer value.
revised comments about rate-limiting accordingly.
sync w/kame
2002-06-07 17:15:12 +00:00
4e9401b698
comment
2002-06-07 17:13:56 +00:00
ac03214470
whitespace
2002-06-07 14:48:56 +00:00
3e3b75590b
remove #if 0'ed portion
2002-06-07 14:43:11 +00:00
c889402ba0
style
2002-06-07 14:37:38 +00:00
3c11868be8
consistency
2002-06-07 14:35:55 +00:00
05f0c3e705
KNF a bit
2002-06-07 14:29:10 +00:00
a11e34efc5
whitespace
2002-06-07 07:38:51 +00:00
e2ce1896bd
whitespace
2002-06-07 07:35:39 +00:00
9b39e24802
minor KNF to sync w/kame
2002-06-07 04:30:40 +00:00
06ed16c31d
typo
2002-06-07 04:18:11 +00:00
922b4012cc
'fall through' is not a valid LINT keyword.
2002-06-07 04:07:55 +00:00
83aff37a0f
remove support for deprecated ioctls (EINVAL). sync w/kame
2002-06-07 04:03:53 +00:00
88a8e0dd9e
cope with ndi->maxmtu == 0 case. sync w/kame
2002-06-07 03:05:18 +00:00
fb6078474d
cope with cases when maxmtu == 0 (this shoulnd't happen!)
2002-06-07 02:31:04 +00:00
1eb402e813
be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)
2002-06-05 01:10:54 +00:00
ad4cab117d
whitespace at EOL
2002-06-03 02:09:37 +00:00
ed45b704ac
do not hardcode if_mtu values in here, except for IFT_{ARC,FDDI} -
...
they need special handling. makes it possible to take advantage of 9k ether
frames.
2002-06-03 00:51:47 +00:00
5625d3b849
do not mistakenly lock PMTUD route entry with RTV_MTU.
2002-05-31 04:26:19 +00:00
3449ca6d23
do not try to update rmx_mtu if rmx_mtu == 0 (obey ifmtu)
2002-05-31 03:18:54 +00:00
87fc46bce9
improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame
2002-05-30 05:06:28 +00:00
a3e4fbdf14
use M_READONLY where possible. minor cleanup/sync with kame.
2002-05-30 04:39:15 +00:00
c7f67f1479
make this compile again.
2002-05-29 19:50:48 +00:00
cfc6c918de
missing bzero
2002-05-29 13:56:14 +00:00
050c5b5b7c
receivedra field is gone
2002-05-29 13:52:56 +00:00
913276174b
"receivedra" field name is obsolete.
2002-05-29 09:32:01 +00:00
14dafa8f6a
avoid unneeded malloc/free. sync w/kame
2002-05-29 09:05:18 +00:00
5c1df51d53
attach nd_ifinfo structure into if_afdata.
...
split IPv6 link MTU (advertised by RA) from real link MTU.
sync with kame
2002-05-29 07:53:39 +00:00
9ea1dc0d36
correct rmx_mtu value after PMTUD entry timeout (should be set to 0)
2002-05-29 06:55:48 +00:00
ede265fffd
move per-interface ip6/icmp6 stat to ifnet->if_afdata. sync w/kame
2002-05-29 02:58:28 +00:00
a15e664f71
rm obsolete comment
2002-05-29 01:43:25 +00:00
3be26b82ef
use arc4random
2002-05-28 11:19:17 +00:00
4121fa09fc
correct in*_pcbrtentry. check cached value correctly.
2002-05-28 11:10:52 +00:00
d208a22daa
use arc4random() where possible.
...
XXX is it necessary to do microtime() on tcp syn cache?
2002-05-28 10:11:49 +00:00
7410ea60ca
in in*_pcbrtentry(), check if route is still valid (RTF_UP),
...
and address family is still valid.
2002-05-28 10:07:51 +00:00
10c5914022
limit number of IPv6 fragments (not the fragment queue size) to
...
fight against lots-of-frags DoS attacks. sync w/kame
2002-05-28 03:04:05 +00:00
9a1a825873
we have no IFT_DUMMY. kame merge mistake
2002-05-25 22:18:49 +00:00
e3c4951b26
re-enable ipsec policy caching onto pcb. refcnt fix and workarounds based on ymmt-san.
2002-05-25 10:01:01 +00:00
6f589cb1b2
extra blank line
2002-05-24 09:21:30 +00:00
c3015f8b5d
make a strict check before sending FQDN node information reply. sync w/kame
2002-05-24 09:13:59 +00:00
7e7fcd1df4
remove wrong "break" statement
2002-05-23 06:53:13 +00:00
64a1cfbf83
no longer need IFT_PROPVIRTUAL "bridge[0-9]+" check.
2002-05-23 06:40:03 +00:00
970757edd8
simplify conditions to do DAD. sync w/kame
2002-05-23 06:35:18 +00:00
e1d17f512b
should perform DAD for IFT_GIF.
2002-05-23 06:28:25 +00:00
5a51285f02
do not have link-local address for IFT_BRIDGE
2002-05-23 06:25:25 +00:00
d2fd814987
in sp caching code, check if sp is still alive. sync w/kame
2002-05-19 00:46:40 +00:00
b5f1426ee0
rename: net.inet6.ip6.bindv6only -> net.inet6.ip6.v6only
...
sync w/kame.
2002-05-14 10:27:28 +00:00
0dc8ee943d
Eliminate more commons or redundant declarations.
2002-05-14 02:58:32 +00:00
241f6932ee
* Use uint{8,32}_t from <netinet/in.h> where applicable; use private
...
fixed-width integer types otherwise.
* Protect RFC 2292 prototypes, which are not XNS5.2/POSIX-2001; also, define
size_t for inet6_rthdr_space().
2002-05-13 15:20:30 +00:00
0f1faf8e09
IPV6PORT_* aren't in the reserved namespace either.
2002-05-13 14:25:13 +00:00
d258299876
Check _POSIX_C_SOURCE as well.
2002-05-13 14:15:34 +00:00
a317e750c3
Update two comments.
2002-05-13 13:52:31 +00:00
602066c0d6
Provide local definitions of in_{addr,port}_t in <netinet/in.h> and use
...
them where deemed appropriate by XNS5.2/POSIX-2001.
2002-05-12 23:04:15 +00:00
c03e11f081
Eliminate commons.
2002-05-12 20:33:50 +00:00
d30d25dc1a
Spelling fixes, from Sergey Svishchev in kern/16650.
2002-05-12 15:48:36 +00:00
861dfdc294
disable ipsec policy caching on pcb, as it seems that there's some reference-
...
counting mistake that causes panic - see PR 15953 and 13813.
i am unable to find the real cause of problem, so it is a shortterm workaround,
hopefully.
2002-05-10 05:49:21 +00:00
d7669537a8
remove unneeded #ifdef __FreeBSD__ portion.
2002-05-10 05:38:29 +00:00
dc12059c9e
Use M_READONLY() rathern than testing to see if ext_free is set
...
or MCLISREFERENCED().
2002-04-28 00:54:41 +00:00
64109d267c
make sure to check address family in route cache
...
(I really hate IPv4 mapped address...)
2002-03-28 01:33:50 +00:00
bb1e9bbcd8
double m_free() - niklas@openbsd
2002-03-24 20:46:56 +00:00
714618fb98
fix arg to bcmp() - need to compare 15 bytes, not 3 bytes. sync w/kame
2002-03-23 00:43:59 +00:00
8cbb556660
protect in6pcb queue operation by splnet, as pcb queue will be touched
...
by in6_pcbpurgeif() under splnet.
2002-03-21 02:11:39 +00:00
007db8b52a
remove obsolete comment
2002-03-20 22:47:59 +00:00
d31217b639
check sa_len and sa_family strictly. (NOTE: rtsol/rtsold older than Nov2001
...
will stop working, upgrade them first)
2002-03-19 01:21:19 +00:00
f3279050b2
esp/ah_ctlinput: pass useful address to key_alloc.
2002-03-18 15:30:03 +00:00
766a6d874e
have a real lock around IPv6 reassembly.
2002-03-15 10:44:07 +00:00
3faedc3f92
s/0/NULL/ as ln_hold is a pointer. sync w/ kame
2002-03-15 09:36:27 +00:00
38f3d28842
have tcp6_drain
2002-03-15 09:25:41 +00:00
4b327fb1f3
zlib 1.1.4 dislikes Z_FLUSH at the end of inflate().
2002-03-14 05:18:10 +00:00
2246ec4a66
on redirect output, always try to attach target link layer address option.
2002-03-05 08:13:56 +00:00
ef49bcac3c
Nuke out-of-synch comment.
2002-03-04 15:18:32 +00:00
2ff9b43758
sync blowfish function prototype between i386 assembly and C.
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-02-27 01:32:17 +00:00
ae1b9c29e9
make sure to check address family on route cache. with IPv4 mapped
...
address we can see both AF_INET/INET6.
2002-01-22 03:53:55 +00:00
b0e82d3005
do not log() in per-packet input path. sync w/kame
2002-01-08 04:37:32 +00:00
e6834b7b5c
make it compile even if NGIF=0
2001-12-22 01:40:03 +00:00
a225c3930f
whitespace/costmetic sync w/kame
2001-12-21 08:54:52 +00:00
1536628a1f
call encap6_ctlinput on icmp6 against tunnelled packet. sync w/kame
2001-12-21 08:54:19 +00:00
df8adebac1
remove obsolete #if 0'ed section. sync w/kame
2001-12-21 07:16:58 +00:00
28922b9973
use radix table for inbound tunnel lookup (would increase performance
...
for machines with a lot of tunnels).
update route cache for IPvX-over-IPv6 tunnel on path MTU discovery.
snyc with kame
2001-12-21 06:30:43 +00:00
9aaffcfde8
move in6_gif_hlim decl to in6_gif.c. sync with kame
2001-12-21 03:58:15 +00:00
745e191850
move protosw fragment for gif/stf to their own source code.
...
reduce #ifdef in stf code. sync with kame
2001-12-21 03:21:50 +00:00
ebb1c82ec5
centralize multicast group management (in6_join/leavegroup).
...
have a flag for ip6_output() to fragment to minimum MTU.
sync with kame
2001-12-20 07:26:36 +00:00
1cad8e6085
reduce white space/cosmetic diffs w/kame.
2001-12-18 03:04:02 +00:00
29064a3fdb
remove obsolete #if 0'ed portion.
2001-12-18 01:42:04 +00:00
33429d0612
correct timing to increment icmp6 MIB variables. sync with kame
2001-12-07 10:10:43 +00:00
f8321e02a6
fix cast128 with shorter key length. sync with kame
2001-11-27 11:19:36 +00:00
c23ea6c341
update outgoing ifp, only if tunnel mode ipsec is used. this is to
...
honor IP_MULTICAST_IF setsockopt on ipsec-over-multicast. sync with kame
2001-11-21 06:28:08 +00:00
c8549493da
(minor) delint
2001-11-17 18:55:11 +00:00
4f2ad95259
add RCSIDs
2001-11-13 00:56:55 +00:00
d54922c799
check offset overrun in ip6_nexthdr.
2001-11-02 08:05:48 +00:00
5f717f7c33
Don't need to include <uvm/uvm_extern.h> just to include <sys/sysctl.h>
...
anymore.
2001-10-29 07:02:30 +00:00
7b1918bdc8
always check extension header length.
2001-10-29 05:23:17 +00:00
eecba85f88
no tcp_fasttimo any more. PR 14333
2001-10-24 09:37:00 +00:00
73f4e5001f
more whitespace sync with kame
2001-10-24 06:36:37 +00:00
c7e6405a34
remove unused codepath (unifdef -UUDP6)
2001-10-24 06:04:08 +00:00
68fbfa26e8
gather stats on raw ip6 socket. sync with kame
2001-10-18 09:12:13 +00:00
51a9c75998
simplify per-if stats.
2001-10-18 09:09:25 +00:00
ae5499819c
reduce diffs with kame (mostly cosmetic).
...
move IPV6_CHECKSUM processing to sys/netinet6/raw_ip6.c.
constify a couple of places.
2001-10-18 07:44:33 +00:00
1990d680c4
do not change neighbor cache state on entry timeout,
...
if the cache entry is for outgoing router.
perform on-linkness check before default router (re-)seletion.
do not play with interface direct route on nd6_rtrequest.
sync a lot of cosmetic changes. sync with kame
2001-10-17 10:55:09 +00:00
dfb1429789
unifdef OLDIP6OUTPUT
2001-10-17 08:23:05 +00:00
7dcf45fbd8
more whitespace/comment sync with kame
2001-10-16 06:24:44 +00:00
45c8a6a57e
remove unused #define. sync whitespace/comment with kame.
2001-10-16 04:57:38 +00:00
9bff6fde4c
reduce diff with kame. whitespace only
2001-10-16 04:17:54 +00:00
149aafe6ad
sync with kame.
...
net.inet6.icmp6.nodeinfo is now a bitmap (2^0 = ping6 -w, 2^1 = ping6 -a).
give up local if there's mbuf alloc failures.
cope with ".." in hostname.
sync comments/whitespaces.
2001-10-15 11:12:44 +00:00
91498ffec5
implement IPV6_V6ONLY socket option from draft-ietf-ipngwg-rfc2553bis-03.txt.
...
IPV6_BINDV6ONLY (netbsd only) is deprecated, but still work just like before.
2001-10-15 09:51:15 +00:00
99d25b4e8a
reduce diff with kame. whitespace changes only.
2001-10-15 03:55:37 +00:00
456dff6cb8
Spell 'occurred' with two 'r's.
2001-09-16 16:34:23 +00:00
bf45c09959
fix SA lookup when IPsec transport mode and tunnel mode over IPv6 is used
...
at the same time. sync with kame
(like "IP AH ESP IP", policy = "esp/tunnel/a-b/use ah/transport//use")
2001-09-13 06:30:57 +00:00
080d73b4a3
minor style
2001-09-10 03:08:18 +00:00
3d4146e21f
Add asm versions of blowfish and des transforms for i386.
...
This also involved updating the in-kernel DES functions to correspond
to the versions in our in-tree OpenSSL, because the des_SPtrans table
has changed; the asm code will not work with the old permutation table!
C and i386 asm code for the DES, 3DES, and Blowfish CBC modes is also
included; it is not currently built as the ESP processing in esp_core.c
splits the CBC operation and the cipher transform apart. Hopefully that
will be fixed as there is a substantial performance improvement to be had
from doing so. It will remain necessary to use the C version of the
Blowfish CBC function on some i386 machines, however, as the asm version
uses bswapl, which ony 486 and later processors have. The DES CBC code
doesn't have this problem.
Finally, change esp_core.c to use the ecb3_encrypt function instead of
calling ecb_encrypt three times; this improves performance a bit, in
particular in the asm case.
2001-09-09 11:00:59 +00:00
4d1509970e
do not try to bring IPv6 up on bridge*.
2001-08-23 02:58:24 +00:00
74ad87bc53
gif interface now uses generic software interrupt
...
(on archs that support it). also, make gif ALTQ-capable on outgoing.
sync with kame, comments from thorpej.
2001-08-16 17:45:25 +00:00
57030e2f12
cache IPsec policy on in6?pcb. most of the lookup operations can be bypassed,
...
especially when it is a connected SOCK_STREAM in6?pcb. sync with kame.
2001-08-06 10:25:00 +00:00
e3d077542f
cosmetic (spacing near /* */). sync with kame
2001-08-05 22:20:44 +00:00
cad488d032
sync gif interface code with latest kame.
...
IFF_RUNNING is clearified. attach/detach logic is more clearner.
the old code mistakenly set IFF_UP by itself, now the behavior is gone.
2001-07-29 05:08:32 +00:00
fd5e7077a3
allocate ipsec policy buffer attached to pcb in in*_pcballoc, before
...
giving anyone accesses to pcb (do not reveal an inconsistent ones).
sync with kame
2001-07-25 23:28:02 +00:00
a21ce80cd6
ifindex2ifnet could return NULL if if_detach() is used (pcmcia card
...
removal and such).
2001-07-25 09:23:46 +00:00
0cd424b3ce
ifidex2ifnet could contain NULL after if_detach(). sync with kame
2001-07-25 06:59:51 +00:00
19392ee73b
fix comment on setsockopt arg size. KAME PR 369
2001-07-24 00:44:36 +00:00
bee33e3d00
repair scoped address handling in PRU_BIND. sync with kame.
2001-07-23 19:29:53 +00:00
a9356936b4
seperate -> separate
2001-07-22 13:33:58 +00:00
7f070caa75
sync rt_ifp check with IPv4 counterpart (see sys/net/if_ethersubr.c 1.27).
...
sync with kame
2001-07-20 20:26:35 +00:00
8c9f492242
do not malloc() during interrupt context for IPv6 multicast kludge table.
...
malloc() during interface initialization. sync with kame
2001-07-18 13:12:27 +00:00
fc35f336c7
sync with draft-ietf-ipngwg-p2p-pingpong-00.txt. apply special behavior
...
only if ip6_dst is "neighbor" within p2p prefix. sync with kame
2001-07-18 09:24:26 +00:00
5e920039c6
have ovbcopy() macro, for cross-BSD compatibility only.
2001-07-07 14:45:46 +00:00
193167b1eb
call in{,6}_pcbpurgeif0() before in{,6}_purgeif().
2001-07-03 08:06:19 +00:00
1ff38f4d03
on interface removal, remove multicast groups joined from pcb, before
...
removing interface addresses. without the change, we may deref
NULL pointer in in_pcbpurgeif(). from jinmei@kame, sync with kame
2001-07-02 15:25:34 +00:00
03927c60a5
call defrouter_select() only if it is autoconfigured host.
2001-06-29 16:01:47 +00:00
02c94ca414
refresh default router list on nd6_detach(), only if we are an
...
autoconfigured host. bug was that, we will lose default route on
"ifconfig gif0 destroy" even if default is not pointing to gif0.
reported by ume@mahoroba.org . sync with kame
2001-06-27 17:36:14 +00:00
9ccf08b3c5
netbsd; on interface removal, force pcbs to leave from multicast groups
...
pointing toward the interface about to be removed. sync with kame
XXX still need more discussions on semantics. the behavior should be safer
2001-06-27 15:53:14 +00:00
77a4124f7d
the documents are out of sync with the latest situation. remove them.
2001-06-24 19:40:35 +00:00
885b74c2be
select default router again, when L2 address of the router changes
2001-06-22 13:36:12 +00:00
0213b76857
remove RFC1885 compatibility code in #ifdef COMPAT_RFC1885, for icmp6
...
reply packet size consideration (obsolete, not used for a long time).
sync with kame
2001-06-22 13:01:49 +00:00
57d1913ebc
do not forward packet back to point-to-point interface, if the packet
...
matches the ipv6 prefix assigned to the p2p interface (= redirect case).
this leads to pingpong, chews bandwidth. bad thing is that bad guy from
remote can chew bandwidth. (follows upcoming internet draft)
2001-06-22 12:33:05 +00:00
ccfe29f3cf
Symmetric has one s and two m's.
2001-06-18 11:23:00 +00:00
5571e920d6
senderr needs only be declared when PFIL_HOOKS is defined
2001-06-12 17:55:52 +00:00
bdbfdf946d
run pfil_hooks for IPv6 forwarding path (note: ip6_forward() does not
...
call ip6_output()).
2001-06-12 15:12:33 +00:00
8b646a5273
remove IPV6FIREWALL case, which is never used
2001-06-11 13:49:18 +00:00
martin