63715bec6b
backout previous. (sys/net/if.c fixed)
2003-05-16 16:57:35 +00:00
d36e610a01
nd6_rtmsg: If called during if_detach(), TAILQ_FIRST(if_addrlist)
...
could be NULL. This is not a common case, but as nd6_rtmsg()
will be called during if_detach(), we need to check for the
case. reported by kanaoka-san.
2003-05-16 16:19:45 +00:00
4008ec1218
use strlcpy
2003-05-16 03:56:49 +00:00
4d9a92e2a2
remove duplicate. masanori kanaoka
2003-05-16 02:53:28 +00:00
9cf18f13b5
rt->rt_ifp may not always be available. masanori kanaoka via kame
2003-05-15 14:57:58 +00:00
a5d8a0a4f6
check version before computing checksum. checksum is more expensive operation.
2003-05-15 13:46:15 +00:00
19b1e87da3
KNF
2003-05-14 17:02:59 +00:00
6e0f23e7f6
KNF
2003-05-14 17:00:22 +00:00
f77518e2f5
KNF
2003-05-14 14:41:33 +00:00
5eaf3c3113
do not use m_pulldown() to parse intermediate extension headers (like routing).
...
we don't want to drop packets due to extension header parsing. KAME rev 1.59.
(performance may suck, but it is slowpath anyways)
2003-05-14 14:34:14 +00:00
de87ca793d
constant usually has two n.
2003-05-14 12:45:06 +00:00
346e0198f0
always use PULLDOWN_TEST codepath.
2003-05-14 06:47:33 +00:00
9787457fbe
bring a small amount of code out of an if() statement that was doing
...
the same thing for both cases.
2003-05-10 13:23:07 +00:00
874e6573c4
fix invalid pointer setting on RA reception. from kiu shueng chuan via kame
2003-05-08 20:08:52 +00:00
a617975d48
print how big the mtu needs to be for ipv6 ppp.
2003-05-04 13:43:09 +00:00
4be7a2dcf3
Add a new feature-test macro, _NETBSD_SOURCE. If this is defined
...
by the application, all NetBSD interfaces are made visible, even
if some other feature-test macro (like _POSIX_C_SOURCE) is defined.
<sys/featuretest.h> defined _NETBSD_SOURCE if none of _ANSI_SOURCE,
_POSIX_C_SOURCE and _XOPEN_SOURCE is defined, so as to preserve
existing behaviour.
This has two major advantages:
+ Programs that require non-POSIX facilities but define _POSIX_C_SOURCE
can trivially be overruled by putting -D_NETBSD_SOURCE in their CFLAGS.
+ It makes most of the #ifs simpler, in that they're all now ORs of the
various macros, rather than having checks for (!defined(_ANSI_SOURCE) ||
!defined(_POSIX_C_SOURCE) || !defined(_XOPEN_SOURCE)) all over the place.
I've tried not to change the semantics of the headers in any case where
_NETBSD_SOURCE wasn't defined, but there were some places where the
current semantics were clearly mad, and retaining them was harder than
correcting them. In particular, I've mostly normalised things so that
_ANSI_SOURCE gets you the smallest set of stuff, then _POSIX_C_SOURCE,
_XOPEN_SOURCE and _NETBSD_SOURCE in that order.
Tested by building for vax, encouraged by thorpej, and uncontested in
tech-userlevel for a week.
2003-04-28 23:16:11 +00:00
b2fcce1997
style
2003-04-22 10:08:33 +00:00
ee5b1a7c61
Protect the definition of offsetof().
2003-04-17 19:58:57 +00:00
a81c2be8be
avoid mbuf leak in redirect header option attachment. more complete
...
fix to come. from kame
2003-03-31 23:55:46 +00:00
452610ea39
Add in6_localaddr(). From KAME via FreeBSD.
2003-02-27 22:06:38 +00:00
eb5e5b35c1
Make sure to initialize callout structs.
2003-02-25 22:17:47 +00:00
8c1eaadb7a
automatic aggregates are evil. make it static const.
2003-02-24 03:01:03 +00:00
b193480908
Add extensible malloc types, adapted from FreeBSD. This turns
...
malloc types into a structure, a pointer to which is passed around,
instead of an int constant. Allow the limit to be adjusted when the
malloc type is defined, or with a function call, as suggested by
Jonathan Stone.
2003-02-01 06:23:35 +00:00
9115df8c49
success, not sucess. Noted by mjl.
2003-01-28 22:35:02 +00:00
276fd1665c
The Double-Semi-Colon Police.
2003-01-20 05:29:53 +00:00
0efc092563
Remove variable that is only assigned too but not referenced.
2003-01-20 00:39:30 +00:00
40606ab8f2
switch from kame-based m_aux mbuf auxiliary data, to openbsd m_tag
...
implementation. it will simplify porting across *bsd (such as kame/altq),
and make us more synchronized. from Joel Wilsson
2003-01-17 08:11:49 +00:00
177ed24b8b
allocate route_in6 in struct secashead, to avoid mistakenly overrun
...
the end of secashead. Fixes PR18751.
2003-01-08 05:46:49 +00:00
be9a8d8e2f
recover original stanford copyright. sync w/kame
2002-11-27 05:09:36 +00:00
0635de35a3
Remove KDIR=, since SYS_INCLUDE=symlinks and KDIR are not supported any more.
2002-11-26 23:30:07 +00:00
d6f8cc841d
Avoid strict-alias warnings.
2002-11-25 01:55:21 +00:00
c8a8326600
make USE_ENCAPCHECK (in netinet*/*gif.c) to global option, GIF_ENCAPCHECK.
...
#ifdef out unneeded code when possible.
From: Krister Walfridsson <cato@df.lth.se>
2002-11-11 18:35:27 +00:00
1e8dadc8f9
pmtu_probe is not used anywhere (it is used in KAME TCP6-only code).
...
From: Krister Walfridsson <cato@df.lth.se>
2002-11-11 18:26:42 +00:00
6f28503927
need icmp6.h for MULTICAST_PMTUD case. sync w/kame
2002-11-09 03:12:05 +00:00
eab4bb9593
include opt_inet.h -- found by David Laight
2002-11-05 21:46:42 +00:00
29ef3e950d
improve gif lookup performance, when there are many of those,
...
by using radix tree for lookups. tested by yshimizu@iij.
2002-11-05 16:58:11 +00:00
4f27ab21b8
/*CONTCOND*/ while (0)'ed macros
2002-11-02 07:30:55 +00:00
ad337ee31a
plug a memory leak. from sam leffler. sync w/kame
2002-10-31 17:36:16 +00:00
02a04fd9fc
increase correct stat. KAME pr 445
2002-10-28 16:42:44 +00:00
5fc1c3b058
do not differentiate manually configured address from autoconfigured ones
...
wrt prefix management;
- always earn a reference to the prefix when an address is configured
(by ioctl).
- always delete the prefix when an address that has the last referene
is manually removed.
The change should solve the problem raised in KAME-snap 6989.
sync w/kame
2002-10-17 00:07:44 +00:00
d9ae0a6eb1
IPSEC_ESP depends on the "des", "blowfish", "cast128", and "rijndael"
...
attributes.
2002-10-12 15:41:24 +00:00
5b2b587c85
Move netinet, netinet6, ipsec, and ipfilter config defns to
...
netinet/files.ipfilter, etinet/files.netinet, netinet6/files.netinet6,
and netinet6/files.netipsec.
XXX There are still a few stragglers in conf/files, which are entangled
with other network protocols.
2002-10-10 22:45:45 +00:00
b15fea2610
suppress too noisy log by default (can be re-enabled by sysctl). sync w/kame
2002-10-09 20:22:16 +00:00
0f09ed48a5
remove trailing \n in panic(). approved perry.
2002-09-27 15:35:29 +00:00
ce1bd42a2c
length field on PADN option, before jumbo payload option was wrong.
...
sync w/kame
2002-09-23 13:28:55 +00:00
0a734b348e
better fix to PR 18163 ("deprecated" flag manipulation). sync w/kame
2002-09-23 13:16:52 +00:00
4e3613273b
Remove breaks after returns, unreachable returns and returns after
...
returns(!).
2002-09-23 05:51:10 +00:00
03d61a28e4
Remove an extern declaration for the "pim6stat" variable; the only other
...
occurance of this is a static variable in ip6_mroute.c.
2002-09-23 04:56:58 +00:00
d694b45f9d
remove extra blank line
2002-09-15 01:18:59 +00:00
255121cf44
avoid from applying IPsec transport mode to the packets when the kernel
...
forwards the packets.
sync w/kame
2002-09-11 08:15:37 +00:00
8808abb7b8
correct pointer signedness mixups. sync w/kame
2002-09-11 03:45:44 +00:00
75e1911429
reduce diff w/kame
2002-09-11 03:23:24 +00:00
9401012487
KNF - return is not a function. sync w/kame.
2002-09-11 02:46:42 +00:00
6dedde045a
correct signedness mixup in pointer passing. sync w/kame
2002-09-11 02:41:19 +00:00
37bd81ba1e
allow "deprecated" bit to be manually set. PR 18163
2002-09-04 07:22:28 +00:00
c7b00b4ce4
pass proc * to in6_pcbsetport. PR 18073
2002-08-26 14:25:00 +00:00
967cf54a67
check packet length before fetching ESP crypto checksum. sync w/kame
2002-08-21 23:12:01 +00:00
e5df0242ce
sync up use_deprecated handling with latest kame.
...
- bind(deprecated) is allowed, trusting userland app is doing the right thing
- use_deprecated default to 1
2002-08-20 22:06:04 +00:00
ddbeae9874
check error from copyout
2002-08-19 23:23:22 +00:00
bec19ac64c
typo in comment
2002-08-19 23:21:11 +00:00
041c651838
fix copyout() logic. more proper fix to be done on kame tree.
2002-08-19 23:14:39 +00:00
8b2ed6900d
copyout only if oldp is non-null
2002-08-19 07:23:22 +00:00
cc0fa7bc37
need explicit copyout(), apparently
2002-08-19 06:50:22 +00:00
e89be6a279
set default value for use_deprecated to 0, to avoid consequences with ftpd.
2002-08-17 22:15:58 +00:00
c00fa8dfd9
avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE
...
optimization made last year. should solve PR 17867 and 10195.
IP_HDRINCL behavior of raw ip socket is kept unchanged. we may want to
provide IP_HDRINCL variant that does not swap endian.
2002-08-14 00:23:27 +00:00
ed12d77e43
avoid hardcoded "16" for max AH sum size. use AH_MAXSUMSIZE.
2002-08-09 07:01:21 +00:00
68e52f0ace
use correct padding boundary, to correctly estimate ESP header size.
...
problem found by Arto Selonen <arto@selonen.org>
2002-08-09 06:38:12 +00:00
bb92058a0f
cut and paste error in comment. From: Arto Selonen <arto@selonen.org>
2002-08-09 06:29:01 +00:00
af8ad017f7
typo. From: Arto Selonen <arto@selonen.org>, sync w/kame
2002-08-01 05:17:47 +00:00
a919a4c628
no need to check NULL mbuf, as we touch it already.
...
From: tedu <grendel@zeitbombe.org>
2002-07-30 23:27:15 +00:00
d337ab206e
no need to handle NULL argument in defrouter_delreq.
...
From: tedu <grendel@zeitbombe.org>
2002-07-30 23:24:21 +00:00
d08a33e8b1
correct multicast packet MTU check. sync w/kame
2002-07-25 12:41:51 +00:00
8b02a8b924
remove unneeded extern decl (commented out). sync w/kame
2002-07-20 21:11:55 +00:00
e00173a7f2
Spell 'should' correctly.
2002-07-18 11:59:06 +00:00
d67bce4593
no need to bzero() twice. from he@netbsd
2002-07-13 21:04:55 +00:00
51bd9285d5
correct ping6 -w result wth hostname with [A-Z]. PR 17540. sync w/kame
2002-07-10 05:05:01 +00:00
10c252ba47
Changes to allow the IPv4 and IPv6 layers to align headers themseves,
...
as necessary:
* Implement a new mbuf utility routine, m_copyup(), is is like
m_pullup(), except that it always prepends and copies, rather
than only doing so if the desired length is larger than m->m_len.
m_copyup() also allows an offset into the destination mbuf, which
allows space for packet headers, in the forwarding case.
* Add *_HDR_ALIGNED_P() macros for IP, IPv6, ICMP, and IGMP. These
macros expand to 1 if __NO_STRICT_ALIGNMENT is defined, so that
architectures which do not have strict alignment constraints don't
pay for the test or visit the new align-if-needed path.
* Use the new macros to check if a header needs to be aligned, or to
assert that it already is, as appropriate.
Note: This code is still somewhat experimental. However, the new
code path won't be visited if individual device drivers continue
to guarantee that packets are delivered to layer 3 already properly
aligned (which are rules that are already in use).
2002-06-30 22:40:32 +00:00
3973cdf049
typo in name
2002-06-29 12:33:33 +00:00
d7006267f3
reduce kernel stack usage by separating struct secasindex. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-27 12:12:49 +00:00
61f28217c4
move sanity check upwards. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-22 12:27:09 +00:00
cfb9a4a799
avoid listening socket from mistakenly use incorrect cached policy.
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp> sync w/kame
2002-06-22 12:04:07 +00:00
69d65da8c6
sizeof mistake in DIAGNOSTIC path. sync w/kame
...
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-21 23:15:35 +00:00
3033187db0
previous commit cached pcb policy too much (when pcb points to
...
SPD entry that is not ipsec - like "none"). back it out. sync w/kame
2002-06-16 16:28:36 +00:00
c1808f02bf
cache pcb policy as much as possible. in fact, if policy is not
...
IPSEC_POLICY_IPSEC we don't need to compare spidx. sync w/kame
2002-06-14 14:47:24 +00:00
813344bfbe
remove redundant line
2002-06-14 14:17:55 +00:00
a8dde3fa57
free secpolicy on deepcopy failure
2002-06-13 05:10:13 +00:00
dc96111483
deep-copy pcb policy if it is an ipsec policy. assign ID field to all
...
SPD entries. make it possible for racoon to grab SPD entry on pcb
(racoon side needs some changes). sync w/kame
2002-06-12 17:56:45 +00:00
3489976392
do not copy policy-on-socket at all. avoid copying packet header value to
...
struct spindex. should reduce memory usage per socket/pcb, and should speedup
ipsec processing. sync w/kame
2002-06-12 01:47:34 +00:00
fa53d749ff
share policy-on-pcb for listening socket. sync w/kame
...
todo: share even more, avoid frequent updates of spidx
2002-06-11 19:39:59 +00:00
2533e1f81f
avoid variable name confusion. sync w/kame
2002-06-11 17:26:52 +00:00
9b2ae3537c
silence some of log(), as the codepath will be visited for IPv6-non-capable
...
interfaces too and can be annoying. net.inet6.icmp6.nd6_debug will
re-enable them.
2002-06-11 07:28:05 +00:00
b05ff066a7
whitespace cleanup
2002-06-09 14:43:10 +00:00
e55d3b6782
indent cleanup
2002-06-08 21:32:55 +00:00
7316bc595b
KNF
2002-06-08 21:29:26 +00:00
2495e99fc7
gc
2002-06-08 21:28:18 +00:00
6d8d0d63d8
sync with latest KAME in6_ifaddr/prefix/default router manipulation.
...
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.
2002-06-08 21:22:29 +00:00
fc5800e3fd
whitespace cleanup
2002-06-08 20:06:44 +00:00
2f88f76db1
in6_len2mask is a duplicate of in6_prefixlen2mask. unify. sync w/kame
2002-06-08 00:07:00 +00:00
9736fd7f05
on SIOCAIFADDR_IN6 check if sin6_len is sane. sync w/kame
2002-06-08 00:01:30 +00:00
e4f39ff86f
panic() if NULL is passed to ah_sumsiz_xx. suggested by sam leffler, sync w/kame
2002-06-07 23:42:41 +00:00
36f10d3196
some KNF
2002-06-07 22:08:41 +00:00
acf7dffae4
some KNF
2002-06-07 22:07:38 +00:00
0026ddd6dd
no need for offsetof()
2002-06-07 22:06:48 +00:00
edcbce7c37
typo
2002-06-07 22:05:37 +00:00
a1e0f0f9a7
sync IPV6_CHECKSUM handling with kame.
2002-06-07 22:03:02 +00:00
2aae9aee46
Fix mistakes in previous.
2002-06-07 18:19:30 +00:00
09342cdd61
typo
2002-06-07 18:19:05 +00:00
fc16676d8e
If there has been no NS for the neighbor after entering the
...
INCOMPLETE state, send the first solicitation in nd6_output(), regardless
of the timer value.
revised comments about rate-limiting accordingly.
sync w/kame
2002-06-07 17:15:12 +00:00
4e9401b698
comment
2002-06-07 17:13:56 +00:00
ac03214470
whitespace
2002-06-07 14:48:56 +00:00
3e3b75590b
remove #if 0'ed portion
2002-06-07 14:43:11 +00:00
c889402ba0
style
2002-06-07 14:37:38 +00:00
3c11868be8
consistency
2002-06-07 14:35:55 +00:00
05f0c3e705
KNF a bit
2002-06-07 14:29:10 +00:00
a11e34efc5
whitespace
2002-06-07 07:38:51 +00:00
e2ce1896bd
whitespace
2002-06-07 07:35:39 +00:00
9b39e24802
minor KNF to sync w/kame
2002-06-07 04:30:40 +00:00
06ed16c31d
typo
2002-06-07 04:18:11 +00:00
922b4012cc
'fall through' is not a valid LINT keyword.
2002-06-07 04:07:55 +00:00
83aff37a0f
remove support for deprecated ioctls (EINVAL). sync w/kame
2002-06-07 04:03:53 +00:00
88a8e0dd9e
cope with ndi->maxmtu == 0 case. sync w/kame
2002-06-07 03:05:18 +00:00
fb6078474d
cope with cases when maxmtu == 0 (this shoulnd't happen!)
2002-06-07 02:31:04 +00:00
1eb402e813
be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)
2002-06-05 01:10:54 +00:00
ad4cab117d
whitespace at EOL
2002-06-03 02:09:37 +00:00
ed45b704ac
do not hardcode if_mtu values in here, except for IFT_{ARC,FDDI} -
...
they need special handling. makes it possible to take advantage of 9k ether
frames.
2002-06-03 00:51:47 +00:00
5625d3b849
do not mistakenly lock PMTUD route entry with RTV_MTU.
2002-05-31 04:26:19 +00:00
3449ca6d23
do not try to update rmx_mtu if rmx_mtu == 0 (obey ifmtu)
2002-05-31 03:18:54 +00:00
87fc46bce9
improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame
2002-05-30 05:06:28 +00:00
a3e4fbdf14
use M_READONLY where possible. minor cleanup/sync with kame.
2002-05-30 04:39:15 +00:00
c7f67f1479
make this compile again.
2002-05-29 19:50:48 +00:00
cfc6c918de
missing bzero
2002-05-29 13:56:14 +00:00
050c5b5b7c
receivedra field is gone
2002-05-29 13:52:56 +00:00
913276174b
"receivedra" field name is obsolete.
2002-05-29 09:32:01 +00:00
14dafa8f6a
avoid unneeded malloc/free. sync w/kame
2002-05-29 09:05:18 +00:00
5c1df51d53
attach nd_ifinfo structure into if_afdata.
...
split IPv6 link MTU (advertised by RA) from real link MTU.
sync with kame
2002-05-29 07:53:39 +00:00
9ea1dc0d36
correct rmx_mtu value after PMTUD entry timeout (should be set to 0)
2002-05-29 06:55:48 +00:00
ede265fffd
move per-interface ip6/icmp6 stat to ifnet->if_afdata. sync w/kame
2002-05-29 02:58:28 +00:00
a15e664f71
rm obsolete comment
2002-05-29 01:43:25 +00:00
3be26b82ef
use arc4random
2002-05-28 11:19:17 +00:00
4121fa09fc
correct in*_pcbrtentry. check cached value correctly.
2002-05-28 11:10:52 +00:00
d208a22daa
use arc4random() where possible.
...
XXX is it necessary to do microtime() on tcp syn cache?
2002-05-28 10:11:49 +00:00
7410ea60ca
in in*_pcbrtentry(), check if route is still valid (RTF_UP),
...
and address family is still valid.
2002-05-28 10:07:51 +00:00
10c5914022
limit number of IPv6 fragments (not the fragment queue size) to
...
fight against lots-of-frags DoS attacks. sync w/kame
2002-05-28 03:04:05 +00:00
9a1a825873
we have no IFT_DUMMY. kame merge mistake
2002-05-25 22:18:49 +00:00
e3c4951b26
re-enable ipsec policy caching onto pcb. refcnt fix and workarounds based on ymmt-san.
2002-05-25 10:01:01 +00:00
6f589cb1b2
extra blank line
2002-05-24 09:21:30 +00:00
c3015f8b5d
make a strict check before sending FQDN node information reply. sync w/kame
2002-05-24 09:13:59 +00:00
7e7fcd1df4
remove wrong "break" statement
2002-05-23 06:53:13 +00:00
64a1cfbf83
no longer need IFT_PROPVIRTUAL "bridge[0-9]+" check.
2002-05-23 06:40:03 +00:00
970757edd8
simplify conditions to do DAD. sync w/kame
2002-05-23 06:35:18 +00:00
itojun