05da173d52
abstain from typecasting the LHS of an assignment;
...
gcc-3.4.x doesn't like it
2004-06-24 16:49:51 +00:00
f7abb16323
Fix per-PCB IPsec policy cache for FAST_IPSEC:
...
The sys/netipsec policy-cache (added by Jason Thorpe as a rewrite of
the KAME per-PCB policy cache) assumes that policy-cacheable PCBs
always has a non-NULL inph_sp in the common PCB header. So we must
do all the per-PCB policy cache calls when either (KAME) IPSEC, or
FAST_IPSEC is defined. ``Make it so''.
We can now support non-IPsec'ed IPv6 traffic, when both
``options FAST_IPSEC'' and ``options INET6'' are configured.
2004-04-26 01:53:59 +00:00
b5d0e6bf06
Initialise (most) pools from a link set instead of explicit calls
...
to pool_init. Untouched pools are ones that either in arch-specific
code, or aren't initialiased during initial system startup.
Convert struct session, ucred and lockf to pools.
2004-04-25 16:42:40 +00:00
83b193a052
Make these compile without INET. tcp_input probably needs a lot more
...
work...
2004-03-29 04:59:02 +00:00
3ffdb9507a
avoid deref-after-free.
...
http://sources.zabbadoz.net/freebsd/patchset/106-ipsec-pcb-discon.diff
2004-01-13 06:17:14 +00:00
60dac07656
use hash table for in6_pcbbind(). similar to in_pcb 1.89 -> 1.90
2003-11-05 01:20:56 +00:00
36b4e0b6e7
Fix off-by-one in PRC_NCMDS check. From FreeBSD via OpenBSD
2003-09-30 00:01:18 +00:00
32e3deae21
randomize IPv4/v6 fragment ID and IPv6 flowlabel. avoids predictability
...
of these fields. ip_id.c is from openbsd. ip6_id.c is adapted by kame.
2003-09-06 03:36:30 +00:00
175c9afa3f
clarify flowlabel handling
2003-09-06 03:12:51 +00:00
495906ca8e
revamp inpcb/in6pcb so that they are more aligned with each other.
...
in6pcb lookup now uses hash(9).
2003-09-04 09:16:57 +00:00
4d754cb259
in6_pcbrtentry() now returns IPv4 rtentry if in6pcb is connected to IPv4 mapped
...
address. PR kern/22431 from Andreas Gustafsson
2003-08-13 04:59:34 +00:00
aad01611e7
Move UCB-licensed code from 4-clause to 3-clause licence.
...
Patches provided by Joel Baker in PR 22364, verified by myself.
2003-08-07 16:26:28 +00:00
eab4bb9593
include opt_inet.h -- found by David Laight
2002-11-05 21:46:42 +00:00
9401012487
KNF - return is not a function. sync w/kame.
2002-09-11 02:46:42 +00:00
c7b00b4ce4
pass proc * to in6_pcbsetport. PR 18073
2002-08-26 14:25:00 +00:00
e5df0242ce
sync up use_deprecated handling with latest kame.
...
- bind(deprecated) is allowed, trusting userland app is doing the right thing
- use_deprecated default to 1
2002-08-20 22:06:04 +00:00
fa53d749ff
share policy-on-pcb for listening socket. sync w/kame
...
todo: share even more, avoid frequent updates of spidx
2002-06-11 19:39:59 +00:00
4121fa09fc
correct in*_pcbrtentry. check cached value correctly.
2002-05-28 11:10:52 +00:00
7410ea60ca
in in*_pcbrtentry(), check if route is still valid (RTF_UP),
...
and address family is still valid.
2002-05-28 10:07:51 +00:00
8cbb556660
protect in6pcb queue operation by splnet, as pcb queue will be touched
...
by in6_pcbpurgeif() under splnet.
2002-03-21 02:11:39 +00:00
a225c3930f
whitespace/costmetic sync w/kame
2001-12-21 08:54:52 +00:00
4f2ad95259
add RCSIDs
2001-11-13 00:56:55 +00:00
73f4e5001f
more whitespace sync with kame
2001-10-24 06:36:37 +00:00
45c8a6a57e
remove unused #define. sync whitespace/comment with kame.
2001-10-16 04:57:38 +00:00
91498ffec5
implement IPV6_V6ONLY socket option from draft-ietf-ipngwg-rfc2553bis-03.txt.
...
IPV6_BINDV6ONLY (netbsd only) is deprecated, but still work just like before.
2001-10-15 09:51:15 +00:00
57030e2f12
cache IPsec policy on in6?pcb. most of the lookup operations can be bypassed,
...
especially when it is a connected SOCK_STREAM in6?pcb. sync with kame.
2001-08-06 10:25:00 +00:00
fd5e7077a3
allocate ipsec policy buffer attached to pcb in in*_pcballoc, before
...
giving anyone accesses to pcb (do not reveal an inconsistent ones).
sync with kame
2001-07-25 23:28:02 +00:00
1ff38f4d03
on interface removal, remove multicast groups joined from pcb, before
...
removing interface addresses. without the change, we may deref
NULL pointer in in_pcbpurgeif(). from jinmei@kame, sync with kame
2001-07-02 15:25:34 +00:00
9ccf08b3c5
netbsd; on interface removal, force pcbs to leave from multicast groups
...
pointing toward the interface about to be removed. sync with kame
XXX still need more discussions on semantics. the behavior should be safer
2001-06-27 15:53:14 +00:00
f4d5905544
there's no need to #if NFAITH here. IN6P_FAITH can be set even on
...
NFAITH == 0 kernel, it is safer to always check the condition.
sync with kame.
2001-05-11 18:38:03 +00:00
bc5a6e2482
pull latest kame pcbnotify code. synchronizes ICMPv6 path mtu discovery
...
behavior with other protocols (i.e. validation, use of hiwat/lowat).
2001-02-11 06:49:49 +00:00
e1f4f77960
to sync with kame better, (1) remove register declaration for variables,
...
(2) sync whitespaces, (3) update comments. (4) bring in some of portability
and logging enhancements. no functional changes here.
2001-02-10 04:14:26 +00:00
b05acc70f8
make sure we notify of routing changes, even if we have net route pointed
...
to by inpcb.
2000-12-21 00:46:20 +00:00
9183e2dc4e
remove #ifdef TCP6. it is not likely for us to bring in sys/netinet6/tcp6*.c
...
(separate TCP/IPv6 stack) into netbsd-current.
2000-10-19 20:22:59 +00:00
dcfe05e7c1
fix compilation without INET. fix confusion between ipsecstat and ipsec6stat.
...
sync with kame.
2000-10-02 03:55:41 +00:00
152da24bd9
implement net.inet6.ip6.{anon,low}port{min,max} sysctl variable.
2000-08-26 11:03:45 +00:00
ec67eee51f
sync with kame.
...
introduce in6_{recover,embed}scope, for in-kernel scoped-address manipulation.
improve in6_pcbnotify.
2000-07-07 15:54:16 +00:00
210a3e2f80
remove unnecessary #include <netkey/key_debug.h>. from kame.
2000-07-06 12:51:39 +00:00
8ff902fca1
repair kernel faithd(8) support. there were two mistakes:
...
(1) tcp6_input dropped packets for translation
(2) in6_pcblookup_connect was too strict
2000-07-02 08:04:10 +00:00
ffedfcb68d
make sure not to overwrite sockaddr on PRU_SEND/PRU_CONNECT to
...
link-local address. From: frank
2000-06-08 13:51:33 +00:00
af6b403d46
backout change to in6_pcbnotify(). the change seems premature
...
(may cause trouble with advanced API in certain situation).
2000-06-05 08:09:48 +00:00
8987054176
pass struct proc * down to udp6_output and in6_pcbbind.
2000-06-05 06:38:22 +00:00
9d853e8a4f
sync with kame.
...
- use latest source address selection code - in6_src.c.
- correct frag header insertion.
- deep copy ip6 header portion in ip6_mloopback to avoid overwrite.
- do not bark when we forward packet to loopback.
- some cosmetics.
2000-06-03 14:36:32 +00:00
4308599c5a
disallow bind(2) with IPv4 mapped address for now. port number check is
...
insufficient at this moment and we can bind(2) two sockets listen on same
port number.
for real fix, we need to check inpcb table with in6pcb. we can't
find inpcb chain from particular in6pcb chain (like finding tcbtable from tcb6)
luckily RFC2553 does not talk about bind(2) behavior for IPv4 mapped.
IPv4 mapped brings in too much complexities...
2000-05-29 00:03:18 +00:00
52c11b789a
bump kame revision id
2000-03-02 07:15:39 +00:00
ded4e9540a
properly handle notifies from icmp6, so that we can properly reflect
...
redirects/unreach to transport layer. (sync with latest kame)
2000-03-02 06:42:52 +00:00
90736ab608
fix include pathname for better rfc2292 compliance.
2000-02-06 12:49:37 +00:00
03993c84d3
use u_int16_t, not u_short, for port #.
2000-02-03 13:17:39 +00:00
54cb3be873
remove #if 0'ed code
2000-02-03 12:50:05 +00:00
c1185c1020
PRU_PURGEADDR -> PRU_PURGEIF, per a discussion w/ itojun. In the IPv4
...
and IPv6 code, also use this to traverse PCB tables, looking for cached
routes referencing the dying ifnet, forcing them to be refreshed.
2000-02-02 23:28:08 +00:00
drochner