Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
142,818 Commits 606 Branches 0 Tags 3.1 GiB
9178119484
Commit Graph

872 Commits

Author SHA1 Message Date
itojun
3236f238b3 increase AH_MAXSUMSIZE to 512/8, for hmac-sha2-512 2003-08-05 12:20:35 +00:00
itojun
d6c4b6beb6 minor KNF 2003-07-25 10:17:36 +00:00
itojun
969d6f5037 typo 2003-07-25 10:16:28 +00:00
itojun
1270423572 add AH/ESP algorithms: hmac-ripemd160 (AH), AES XCBC MAC (AH), 
AES counter mode (ESP)
 2003-07-25 10:00:49 +00:00
itojun
4fc37746bf AES XCBC MAC (for AH) 
AES counter mode (for ESP)
 2003-07-25 09:48:17 +00:00
itojun
ee7d78825a comment typo, from markus@openbsd 2003-07-23 00:27:25 +00:00
itojun
c8ebadb000 unifdef -U_IP_VHL 2003-07-22 11:18:24 +00:00
itojun
0d84200c22 clear scheduled key before freeing, for safety 2003-07-22 08:54:27 +00:00
itojun
77283a8429 sha2 is needed for AH, not ESP 2003-07-22 03:26:16 +00:00
itojun
d64e1c8d6a add hmac-sha2 support. various cleanups (like avoid hardcoding '16'). 
from kame
 2003-07-22 03:24:23 +00:00
itojun
409ba7efc4 cosmetic 2003-07-22 03:21:21 +00:00
itojun
0445f65670 avoid assuming result buffer size in AH logic. sync w/kame 2003-07-20 18:01:41 +00:00
itojun
92a1800c4d due to previous type change, sav->schedlen never go negative. sync w/kame 2003-07-20 17:17:20 +00:00
itojun
d1931d3717 change ESP xx_schedlen() return type to size_t. sync w/kame 2003-07-20 03:24:03 +00:00
itojun
74182febed remove #if 0 portion 2003-07-18 06:45:33 +00:00
kleink
43694e8d74 assymetric -> asymmetric 2003-07-15 17:37:00 +00:00
itojun
7b74887942 rijndael is assymmetric, correction from markus@openbsd 2003-07-15 15:25:13 +00:00
itojun
281d9d13a5 simplify and update rijndael code. markus@openbsd 2003-07-15 11:00:36 +00:00
itojun
8e90cd9ce4 KNF 2003-07-12 15:16:50 +00:00
itojun
3eaa5b9c93 no longer needed (#define _KERNEL) 2003-07-12 15:12:45 +00:00
itojun
7649b12429 remove obsolete comment on the use of m_pullup 2003-07-09 04:05:59 +00:00
itojun
0463e41004 on interface detach, clear multicast forwarding table. from kame 2003-07-08 10:20:45 +00:00
itojun
91b11e1eba prototype must not have variable name 2003-07-08 07:13:50 +00:00
itojun
fc401b7586 fix missing check for taillen against pkthdr.len. markus@openbsd 2003-07-04 00:49:18 +00:00
itojun
022df20c75 minor KNF 2003-07-03 05:03:53 +00:00
itojun
d8976f36ac typo. found by markus@openbsd 2003-07-02 13:55:13 +00:00
itojun
2317e81b85 avoid ICMPv6 redirect if the packet filter rewrite dst addr to an address 
on the incoming interface.  cedric@openbsd
 2003-06-30 08:00:59 +00:00
itojun
842d3bee32 KNF 2003-06-30 03:30:50 +00:00
fvdl
d5aece61d6 Back out the lwp/ktrace changes. They contained a lot of colateral damage, 
and need to be examined and discussed more.
 2003-06-29 22:28:00 +00:00
darrenr
960df3c8d1 Pass lwp pointers throughtout the kernel, as required, so that the lwpid can 
be inserted into ktrace records.  The general change has been to replace
"struct proc *" with "struct lwp *" in various function prototypes, pass
the lwp through and use l_proc to get the process pointer when needed.

Bump the kernel rev up to 1.6V
 2003-06-28 14:20:43 +00:00
itojun
2cadb8ca7a split ND6 cache timer management to per-entry. increased accuracy, 
no O(N) loop.   sync w/ kame
 2003-06-27 08:41:08 +00:00
itojun
6d4a3c4191 remove unneeded checks of accept_rtadv. from kame 2003-06-24 07:54:47 +00:00
itojun
adb5d5afb4 * kame/sys/netinet6/nd6.c (nd6_rtrequest): changed a condition to 
decide whether to create an empty llinfo stricter so that a user
can manually change the link-layer address of an existing neighbor
cache.
Pointed out by: KIU Shueng Chuan

from kame
 2003-06-24 07:49:03 +00:00
itojun
455b7679d4 typo 2003-06-24 07:43:44 +00:00
itojun
194f048bd9 use time.tv_sec directly 2003-06-24 07:39:24 +00:00
itojun
5b0c3f9506 clear ln_hold earlier. from kame 2003-06-24 07:32:03 +00:00
martin
d505b18964 Make sure to include opt_foo.h if a defflag option FOO is used. 2003-06-23 11:00:59 +00:00
itojun
7a5741651c - sync up MLD declaration with RFC3542 (s/MLD6/MLD/) 
- routing header declaration with RFC3542
  (note: sizeof(ip6_rthdr0) has changed!)
  also, sync up with RFC2460 routing header definition (no "strict" source
  routing mode any more)

part of advanced API update (RFC2292 -> 3542).
 2003-06-06 08:13:43 +00:00
itojun
a07ae6a9df don't try to forward multicast packet to mif that went away; kame 2003-06-06 06:52:29 +00:00
itojun
5c0f142820 remove assumption on redirect header option processing. from kame 2003-06-03 05:20:06 +00:00
itojun
f46a719b5c can't use M_WAIT here, i believe. 2003-05-27 22:36:38 +00:00
itojun
63715bec6b backout previous. (sys/net/if.c fixed) 2003-05-16 16:57:35 +00:00
itojun
d36e610a01 nd6_rtmsg: If called during if_detach(), TAILQ_FIRST(if_addrlist) 
could be NULL.  This is not a common case, but as nd6_rtmsg()
will be called during if_detach(), we need to check for the
case.  reported by kanaoka-san.
 2003-05-16 16:19:45 +00:00
itojun
4008ec1218 use strlcpy 2003-05-16 03:56:49 +00:00
itojun
4d9a92e2a2 remove duplicate. masanori kanaoka 2003-05-16 02:53:28 +00:00
itojun
9cf18f13b5 rt->rt_ifp may not always be available. masanori kanaoka via kame 2003-05-15 14:57:58 +00:00
itojun
a5d8a0a4f6 check version before computing checksum. checksum is more expensive operation. 2003-05-15 13:46:15 +00:00
itojun
19b1e87da3 KNF 2003-05-14 17:02:59 +00:00
itojun
6e0f23e7f6 KNF 2003-05-14 17:00:22 +00:00
itojun
f77518e2f5 KNF 2003-05-14 14:41:33 +00:00
itojun
5eaf3c3113 do not use m_pulldown() to parse intermediate extension headers (like routing). 
we don't want to drop packets due to extension header parsing.  KAME rev 1.59.
(performance may suck, but it is slowpath anyways)
 2003-05-14 14:34:14 +00:00
wiz
de87ca793d constant usually has two n. 2003-05-14 12:45:06 +00:00
itojun
346e0198f0 always use PULLDOWN_TEST codepath. 2003-05-14 06:47:33 +00:00
darrenr
9787457fbe bring a small amount of code out of an if() statement that was doing 
the same thing for both cases.
 2003-05-10 13:23:07 +00:00
itojun
874e6573c4 fix invalid pointer setting on RA reception. from kiu shueng chuan via kame 2003-05-08 20:08:52 +00:00
christos
a617975d48 print how big the mtu needs to be for ipv6 ppp. 2003-05-04 13:43:09 +00:00
bjh21
4be7a2dcf3 Add a new feature-test macro, _NETBSD_SOURCE. If this is defined 
by the application, all NetBSD interfaces are made visible, even
if some other feature-test macro (like _POSIX_C_SOURCE) is defined.
<sys/featuretest.h> defined _NETBSD_SOURCE if none of _ANSI_SOURCE,
_POSIX_C_SOURCE and _XOPEN_SOURCE is defined, so as to preserve
existing behaviour.

This has two major advantages:
+ Programs that require non-POSIX facilities but define _POSIX_C_SOURCE
  can trivially be overruled by putting -D_NETBSD_SOURCE in their CFLAGS.
+ It makes most of the #ifs simpler, in that they're all now ORs of the
  various macros, rather than having checks for (!defined(_ANSI_SOURCE) ||
  !defined(_POSIX_C_SOURCE) || !defined(_XOPEN_SOURCE)) all over the place.

I've tried not to change the semantics of the headers in any case where
_NETBSD_SOURCE wasn't defined, but there were some places where the
current semantics were clearly mad, and retaining them was harder than
correcting them.  In particular, I've mostly normalised things so that
_ANSI_SOURCE gets you the smallest set of stuff, then _POSIX_C_SOURCE,
_XOPEN_SOURCE and _NETBSD_SOURCE in that order.

Tested by building for vax, encouraged by thorpej, and uncontested in
tech-userlevel for a week.
 2003-04-28 23:16:11 +00:00
itojun
b2fcce1997 style 2003-04-22 10:08:33 +00:00
thorpej
ee5b1a7c61 Protect the definition of offsetof(). 2003-04-17 19:58:57 +00:00
itojun
a81c2be8be avoid mbuf leak in redirect header option attachment. more complete 
fix to come.  from kame
 2003-03-31 23:55:46 +00:00
thorpej
452610ea39 Add in6_localaddr(). From KAME via FreeBSD. 2003-02-27 22:06:38 +00:00
he
eb5e5b35c1 Make sure to initialize callout structs. 2003-02-25 22:17:47 +00:00
matt
8c1eaadb7a automatic aggregates are evil. make it static const. 2003-02-24 03:01:03 +00:00
thorpej
b193480908 Add extensible malloc types, adapted from FreeBSD. This turns 
malloc types into a structure, a pointer to which is passed around,
instead of an int constant.  Allow the limit to be adjusted when the
malloc type is defined, or with a function call, as suggested by
Jonathan Stone.
 2003-02-01 06:23:35 +00:00
wiz
9115df8c49 success, not sucess. Noted by mjl. 2003-01-28 22:35:02 +00:00
simonb
276fd1665c The Double-Semi-Colon Police. 2003-01-20 05:29:53 +00:00
simonb
0efc092563 Remove variable that is only assigned too but not referenced. 2003-01-20 00:39:30 +00:00
itojun
40606ab8f2 switch from kame-based m_aux mbuf auxiliary data, to openbsd m_tag 
implementation.  it will simplify porting across *bsd (such as kame/altq),
and make us more synchronized.  from Joel Wilsson
 2003-01-17 08:11:49 +00:00
itojun
177ed24b8b allocate route_in6 in struct secashead, to avoid mistakenly overrun 
the end of secashead.  Fixes PR18751.
 2003-01-08 05:46:49 +00:00
itojun
be9a8d8e2f recover original stanford copyright. sync w/kame 2002-11-27 05:09:36 +00:00
lukem
0635de35a3 Remove KDIR=, since SYS_INCLUDE=symlinks and KDIR are not supported any more. 2002-11-26 23:30:07 +00:00
thorpej
d6f8cc841d Avoid strict-alias warnings. 2002-11-25 01:55:21 +00:00
itojun
c8a8326600 make USE_ENCAPCHECK (in netinet*/*gif.c) to global option, GIF_ENCAPCHECK. 
#ifdef out unneeded code when possible.
From: Krister Walfridsson <cato@df.lth.se>
 2002-11-11 18:35:27 +00:00
itojun
1e8dadc8f9 pmtu_probe is not used anywhere (it is used in KAME TCP6-only code). 
From: Krister Walfridsson <cato@df.lth.se>
 2002-11-11 18:26:42 +00:00
itojun
6f28503927 need icmp6.h for MULTICAST_PMTUD case. sync w/kame 2002-11-09 03:12:05 +00:00
perry
eab4bb9593 include opt_inet.h -- found by David Laight 2002-11-05 21:46:42 +00:00
itojun
29ef3e950d improve gif lookup performance, when there are many of those, 
by using radix tree for lookups.  tested by yshimizu@iij.
 2002-11-05 16:58:11 +00:00
perry
4f27ab21b8 /*CONTCOND*/ while (0)'ed macros 2002-11-02 07:30:55 +00:00
itojun
ad337ee31a plug a memory leak. from sam leffler. sync w/kame 2002-10-31 17:36:16 +00:00
itojun
02a04fd9fc increase correct stat. KAME pr 445 2002-10-28 16:42:44 +00:00
itojun
5fc1c3b058 do not differentiate manually configured address from autoconfigured ones 
wrt prefix management;
- always earn a reference to the prefix when an address is configured
 (by ioctl).
- always delete the prefix when an address that has the last referene
  is manually removed.

The change should solve the problem raised in KAME-snap 6989.

sync w/kame
 2002-10-17 00:07:44 +00:00
thorpej
d9ae0a6eb1 IPSEC_ESP depends on the "des", "blowfish", "cast128", and "rijndael" 
attributes.
 2002-10-12 15:41:24 +00:00
thorpej
5b2b587c85 Move netinet, netinet6, ipsec, and ipfilter config defns to 
netinet/files.ipfilter, etinet/files.netinet, netinet6/files.netinet6,
and netinet6/files.netipsec.

XXX There are still a few stragglers in conf/files, which are entangled
with other network protocols.
 2002-10-10 22:45:45 +00:00
itojun
b15fea2610 suppress too noisy log by default (can be re-enabled by sysctl). sync w/kame 2002-10-09 20:22:16 +00:00
provos
0f09ed48a5 remove trailing \n in panic(). approved perry. 2002-09-27 15:35:29 +00:00
itojun
ce1bd42a2c length field on PADN option, before jumbo payload option was wrong. 
sync w/kame
 2002-09-23 13:28:55 +00:00
itojun
0a734b348e better fix to PR 18163 ("deprecated" flag manipulation). sync w/kame 2002-09-23 13:16:52 +00:00
simonb
4e3613273b Remove breaks after returns, unreachable returns and returns after 
returns(!).
 2002-09-23 05:51:10 +00:00
simonb
03d61a28e4 Remove an extern declaration for the "pim6stat" variable; the only other 
occurance of this is a static variable in ip6_mroute.c.
 2002-09-23 04:56:58 +00:00
itojun
d694b45f9d remove extra blank line 2002-09-15 01:18:59 +00:00
itojun
255121cf44 avoid from applying IPsec transport mode to the packets when the kernel 
forwards the packets.
sync w/kame
 2002-09-11 08:15:37 +00:00
itojun
8808abb7b8 correct pointer signedness mixups. sync w/kame 2002-09-11 03:45:44 +00:00
itojun
75e1911429 reduce diff w/kame 2002-09-11 03:23:24 +00:00
itojun
9401012487 KNF - return is not a function. sync w/kame. 2002-09-11 02:46:42 +00:00
itojun
6dedde045a correct signedness mixup in pointer passing. sync w/kame 2002-09-11 02:41:19 +00:00
itojun
37bd81ba1e allow "deprecated" bit to be manually set. PR 18163 2002-09-04 07:22:28 +00:00
itojun
c7b00b4ce4 pass proc * to in6_pcbsetport. PR 18073 2002-08-26 14:25:00 +00:00
itojun
967cf54a67 check packet length before fetching ESP crypto checksum. sync w/kame 2002-08-21 23:12:01 +00:00
itojun
e5df0242ce sync up use_deprecated handling with latest kame. 
- bind(deprecated) is allowed, trusting userland app is doing the right thing
- use_deprecated default to 1
 2002-08-20 22:06:04 +00:00
itojun
ddbeae9874 check error from copyout 2002-08-19 23:23:22 +00:00
itojun
bec19ac64c typo in comment 2002-08-19 23:21:11 +00:00
itojun
041c651838 fix copyout() logic. more proper fix to be done on kame tree. 2002-08-19 23:14:39 +00:00
itojun
8b2ed6900d copyout only if oldp is non-null 2002-08-19 07:23:22 +00:00
itojun
cc0fa7bc37 need explicit copyout(), apparently 2002-08-19 06:50:22 +00:00
itojun
e89be6a279 set default value for use_deprecated to 0, to avoid consequences with ftpd. 2002-08-17 22:15:58 +00:00
itojun
c00fa8dfd9 avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE 
optimization made last year.  should solve PR 17867 and 10195.

IP_HDRINCL behavior of raw ip socket is kept unchanged.  we may want to
provide IP_HDRINCL variant that does not swap endian.
 2002-08-14 00:23:27 +00:00
itojun
ed12d77e43 avoid hardcoded "16" for max AH sum size. use AH_MAXSUMSIZE. 2002-08-09 07:01:21 +00:00
itojun
68e52f0ace use correct padding boundary, to correctly estimate ESP header size. 
problem found by Arto Selonen <arto@selonen.org>
 2002-08-09 06:38:12 +00:00
itojun
bb92058a0f cut and paste error in comment. From: Arto Selonen <arto@selonen.org> 2002-08-09 06:29:01 +00:00
itojun
af8ad017f7 typo. From: Arto Selonen <arto@selonen.org>, sync w/kame 2002-08-01 05:17:47 +00:00
itojun
a919a4c628 no need to check NULL mbuf, as we touch it already. 
From: tedu <grendel@zeitbombe.org>
 2002-07-30 23:27:15 +00:00
itojun
d337ab206e no need to handle NULL argument in defrouter_delreq. 
From: tedu <grendel@zeitbombe.org>
 2002-07-30 23:24:21 +00:00
itojun
d08a33e8b1 correct multicast packet MTU check. sync w/kame 2002-07-25 12:41:51 +00:00
itojun
8b02a8b924 remove unneeded extern decl (commented out). sync w/kame 2002-07-20 21:11:55 +00:00
wiz
e00173a7f2 Spell 'should' correctly. 2002-07-18 11:59:06 +00:00
itojun
d67bce4593 no need to bzero() twice. from he@netbsd 2002-07-13 21:04:55 +00:00
itojun
51bd9285d5 correct ping6 -w result wth hostname with [A-Z]. PR 17540. sync w/kame 2002-07-10 05:05:01 +00:00
thorpej
10c252ba47 Changes to allow the IPv4 and IPv6 layers to align headers themseves, 
as necessary:
* Implement a new mbuf utility routine, m_copyup(), is is like
  m_pullup(), except that it always prepends and copies, rather
  than only doing so if the desired length is larger than m->m_len.
  m_copyup() also allows an offset into the destination mbuf, which
  allows space for packet headers, in the forwarding case.
* Add *_HDR_ALIGNED_P() macros for IP, IPv6, ICMP, and IGMP.  These
  macros expand to 1 if __NO_STRICT_ALIGNMENT is defined, so that
  architectures which do not have strict alignment constraints don't
  pay for the test or visit the new align-if-needed path.
* Use the new macros to check if a header needs to be aligned, or to
  assert that it already is, as appropriate.

Note: This code is still somewhat experimental.  However, the new
code path won't be visited if individual device drivers continue
to guarantee that packets are delivered to layer 3 already properly
aligned (which are rules that are already in use).
 2002-06-30 22:40:32 +00:00
itojun
3973cdf049 typo in name 2002-06-29 12:33:33 +00:00
itojun
d7006267f3 reduce kernel stack usage by separating struct secasindex. sync w/kame 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
 2002-06-27 12:12:49 +00:00
itojun
61f28217c4 move sanity check upwards. sync w/kame 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
 2002-06-22 12:27:09 +00:00
itojun
cfb9a4a799 avoid listening socket from mistakenly use incorrect cached policy. 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>  sync w/kame
 2002-06-22 12:04:07 +00:00
itojun
69d65da8c6 sizeof mistake in DIAGNOSTIC path. sync w/kame 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
 2002-06-21 23:15:35 +00:00
itojun
3033187db0 previous commit cached pcb policy too much (when pcb points to 
SPD entry that is not ipsec - like "none").  back it out.  sync w/kame
 2002-06-16 16:28:36 +00:00
itojun
c1808f02bf cache pcb policy as much as possible. in fact, if policy is not 
IPSEC_POLICY_IPSEC we don't need to compare spidx.  sync w/kame
 2002-06-14 14:47:24 +00:00
itojun
813344bfbe remove redundant line 2002-06-14 14:17:55 +00:00
itojun
a8dde3fa57 free secpolicy on deepcopy failure 2002-06-13 05:10:13 +00:00
itojun
dc96111483 deep-copy pcb policy if it is an ipsec policy. assign ID field to all 
SPD entries.  make it possible for racoon to grab SPD entry on pcb
(racoon side needs some changes).  sync w/kame
 2002-06-12 17:56:45 +00:00
itojun
3489976392 do not copy policy-on-socket at all. avoid copying packet header value to 
struct spindex.  should reduce memory usage per socket/pcb, and should speedup
ipsec processing.  sync w/kame
 2002-06-12 01:47:34 +00:00
itojun
fa53d749ff share policy-on-pcb for listening socket. sync w/kame 
todo: share even more, avoid frequent updates of spidx
 2002-06-11 19:39:59 +00:00
itojun
2533e1f81f avoid variable name confusion. sync w/kame 2002-06-11 17:26:52 +00:00
itojun
9b2ae3537c silence some of log(), as the codepath will be visited for IPv6-non-capable 
interfaces too and can be annoying.  net.inet6.icmp6.nd6_debug will
re-enable them.
 2002-06-11 07:28:05 +00:00
itojun
b05ff066a7 whitespace cleanup 2002-06-09 14:43:10 +00:00
itojun
e55d3b6782 indent cleanup 2002-06-08 21:32:55 +00:00
itojun
7316bc595b KNF 2002-06-08 21:29:26 +00:00
itojun
2495e99fc7 gc 2002-06-08 21:28:18 +00:00
itojun
6d8d0d63d8 sync with latest KAME in6_ifaddr/prefix/default router manipulation. 
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
  use sysctl path instead.
- lo0 does not get ::1 automatically.  it will get ::1 when lo0 comes up.
 2002-06-08 21:22:29 +00:00
itojun
fc5800e3fd whitespace cleanup 2002-06-08 20:06:44 +00:00
itojun
2f88f76db1 in6_len2mask is a duplicate of in6_prefixlen2mask. unify. sync w/kame 2002-06-08 00:07:00 +00:00
itojun
9736fd7f05 on SIOCAIFADDR_IN6 check if sin6_len is sane. sync w/kame 2002-06-08 00:01:30 +00:00
itojun
e4f39ff86f panic() if NULL is passed to ah_sumsiz_xx. suggested by sam leffler, sync w/kame 2002-06-07 23:42:41 +00:00
itojun
36f10d3196 some KNF 2002-06-07 22:08:41 +00:00
itojun
acf7dffae4 some KNF 2002-06-07 22:07:38 +00:00
itojun
0026ddd6dd no need for offsetof() 2002-06-07 22:06:48 +00:00
itojun
edcbce7c37 typo 2002-06-07 22:05:37 +00:00
itojun
a1e0f0f9a7 sync IPV6_CHECKSUM handling with kame. 2002-06-07 22:03:02 +00:00
fvdl
2aae9aee46 Fix mistakes in previous. 2002-06-07 18:19:30 +00:00
itojun
09342cdd61 typo 2002-06-07 18:19:05 +00:00
itojun
fc16676d8e If there has been no NS for the neighbor after entering the 
INCOMPLETE state, send the first solicitation in nd6_output(), regardless
of the timer value.
revised comments about rate-limiting accordingly.

sync w/kame
 2002-06-07 17:15:12 +00:00
itojun
4e9401b698 comment 2002-06-07 17:13:56 +00:00
itojun
ac03214470 whitespace 2002-06-07 14:48:56 +00:00
itojun
3e3b75590b remove #if 0'ed portion 2002-06-07 14:43:11 +00:00
itojun
c889402ba0 style 2002-06-07 14:37:38 +00:00
itojun
3c11868be8 consistency 2002-06-07 14:35:55 +00:00
itojun
05f0c3e705 KNF a bit 2002-06-07 14:29:10 +00:00
itojun
a11e34efc5 whitespace 2002-06-07 07:38:51 +00:00
itojun
e2ce1896bd whitespace 2002-06-07 07:35:39 +00:00
itojun
9b39e24802 minor KNF to sync w/kame 2002-06-07 04:30:40 +00:00
itojun
06ed16c31d typo 2002-06-07 04:18:11 +00:00
itojun
922b4012cc 'fall through' is not a valid LINT keyword. 2002-06-07 04:07:55 +00:00
itojun
83aff37a0f remove support for deprecated ioctls (EINVAL). sync w/kame 2002-06-07 04:03:53 +00:00
itojun
88a8e0dd9e cope with ndi->maxmtu == 0 case. sync w/kame 2002-06-07 03:05:18 +00:00
itojun
fb6078474d cope with cases when maxmtu == 0 (this shoulnd't happen!) 2002-06-07 02:31:04 +00:00
itojun
1eb402e813 be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet) 2002-06-05 01:10:54 +00:00
itojun
ad4cab117d whitespace at EOL 2002-06-03 02:09:37 +00:00
itojun
ed45b704ac do not hardcode if_mtu values in here, except for IFT_{ARC,FDDI} - 
they need special handling.  makes it possible to take advantage of 9k ether
frames.
 2002-06-03 00:51:47 +00:00
itojun
5625d3b849 do not mistakenly lock PMTUD route entry with RTV_MTU. 2002-05-31 04:26:19 +00:00
itojun
3449ca6d23 do not try to update rmx_mtu if rmx_mtu == 0 (obey ifmtu) 2002-05-31 03:18:54 +00:00
itojun
87fc46bce9 improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame 2002-05-30 05:06:28 +00:00
itojun
a3e4fbdf14 use M_READONLY where possible. minor cleanup/sync with kame. 2002-05-30 04:39:15 +00:00
christos
c7f67f1479 make this compile again. 2002-05-29 19:50:48 +00:00
itojun
cfc6c918de missing bzero 2002-05-29 13:56:14 +00:00
itojun
050c5b5b7c receivedra field is gone 2002-05-29 13:52:56 +00:00
itojun
913276174b "receivedra" field name is obsolete. 2002-05-29 09:32:01 +00:00
itojun
14dafa8f6a avoid unneeded malloc/free. sync w/kame 2002-05-29 09:05:18 +00:00
itojun
5c1df51d53 attach nd_ifinfo structure into if_afdata. 
split IPv6 link MTU (advertised by RA) from real link MTU.
sync with kame
 2002-05-29 07:53:39 +00:00
itojun
9ea1dc0d36 correct rmx_mtu value after PMTUD entry timeout (should be set to 0) 2002-05-29 06:55:48 +00:00
itojun
ede265fffd move per-interface ip6/icmp6 stat to ifnet->if_afdata. sync w/kame 2002-05-29 02:58:28 +00:00
itojun
a15e664f71 rm obsolete comment 2002-05-29 01:43:25 +00:00
itojun
3be26b82ef use arc4random 2002-05-28 11:19:17 +00:00
itojun
4121fa09fc correct in*_pcbrtentry. check cached value correctly. 2002-05-28 11:10:52 +00:00
itojun
d208a22daa use arc4random() where possible. 
XXX is it necessary to do microtime() on tcp syn cache?
 2002-05-28 10:11:49 +00:00
itojun
7410ea60ca in in*_pcbrtentry(), check if route is still valid (RTF_UP), 
and address family is still valid.
 2002-05-28 10:07:51 +00:00
itojun
10c5914022 limit number of IPv6 fragments (not the fragment queue size) to 
fight against lots-of-frags DoS attacks.  sync w/kame
 2002-05-28 03:04:05 +00:00
itojun
9a1a825873 we have no IFT_DUMMY. kame merge mistake 2002-05-25 22:18:49 +00:00
itojun
e3c4951b26 re-enable ipsec policy caching onto pcb. refcnt fix and workarounds based on ymmt-san. 2002-05-25 10:01:01 +00:00
itojun
6f589cb1b2 extra blank line 2002-05-24 09:21:30 +00:00
itojun
c3015f8b5d make a strict check before sending FQDN node information reply. sync w/kame 2002-05-24 09:13:59 +00:00
itojun
7e7fcd1df4 remove wrong "break" statement 2002-05-23 06:53:13 +00:00
itojun
64a1cfbf83 no longer need IFT_PROPVIRTUAL "bridge[0-9]+" check. 2002-05-23 06:40:03 +00:00
itojun
970757edd8 simplify conditions to do DAD. sync w/kame 2002-05-23 06:35:18 +00:00
itojun
e1d17f512b should perform DAD for IFT_GIF. 2002-05-23 06:28:25 +00:00
itojun
5a51285f02 do not have link-local address for IFT_BRIDGE 2002-05-23 06:25:25 +00:00
itojun
d2fd814987 in sp caching code, check if sp is still alive. sync w/kame 2002-05-19 00:46:40 +00:00
itojun
b5f1426ee0 rename: net.inet6.ip6.bindv6only -> net.inet6.ip6.v6only 
sync w/kame.
 2002-05-14 10:27:28 +00:00
matt
0dc8ee943d Eliminate more commons or redundant declarations. 2002-05-14 02:58:32 +00:00
kleink
241f6932ee * Use uint{8,32}_t from <netinet/in.h> where applicable; use private 
fixed-width integer types otherwise.
* Protect RFC 2292 prototypes, which are not XNS5.2/POSIX-2001; also, define
  size_t for inet6_rthdr_space().
 2002-05-13 15:20:30 +00:00
kleink
0f1faf8e09 IPV6PORT_* aren't in the reserved namespace either. 2002-05-13 14:25:13 +00:00
kleink
d258299876 Check _POSIX_C_SOURCE as well. 2002-05-13 14:15:34 +00:00
kleink
a317e750c3 Update two comments. 2002-05-13 13:52:31 +00:00
kleink
602066c0d6 Provide local definitions of in_{addr,port}_t in <netinet/in.h> and use 
them where deemed appropriate by XNS5.2/POSIX-2001.
 2002-05-12 23:04:15 +00:00
matt
c03e11f081 Eliminate commons. 2002-05-12 20:33:50 +00:00
wiz
d30d25dc1a Spelling fixes, from Sergey Svishchev in kern/16650. 2002-05-12 15:48:36 +00:00
itojun
861dfdc294 disable ipsec policy caching on pcb, as it seems that there's some reference- 
counting mistake that causes panic - see PR 15953 and 13813.

i am unable to find the real cause of problem, so it is a shortterm workaround,
hopefully.
 2002-05-10 05:49:21 +00:00
itojun
d7669537a8 remove unneeded #ifdef __FreeBSD__ portion. 2002-05-10 05:38:29 +00:00
thorpej
dc12059c9e Use M_READONLY() rathern than testing to see if ext_free is set 
or MCLISREFERENCED().
 2002-04-28 00:54:41 +00:00
itojun
64109d267c make sure to check address family in route cache 
(I really hate IPv4 mapped address...)
 2002-03-28 01:33:50 +00:00
itojun
bb1e9bbcd8 double m_free() - niklas@openbsd 2002-03-24 20:46:56 +00:00
itojun
714618fb98 fix arg to bcmp() - need to compare 15 bytes, not 3 bytes. sync w/kame 2002-03-23 00:43:59 +00:00
itojun
8cbb556660 protect in6pcb queue operation by splnet, as pcb queue will be touched 
by in6_pcbpurgeif() under splnet.
 2002-03-21 02:11:39 +00:00
itojun
007db8b52a remove obsolete comment 2002-03-20 22:47:59 +00:00
itojun
d31217b639 check sa_len and sa_family strictly. (NOTE: rtsol/rtsold older than Nov2001 
will stop working, upgrade them first)
 2002-03-19 01:21:19 +00:00
itojun
f3279050b2 esp/ah_ctlinput: pass useful address to key_alloc. 2002-03-18 15:30:03 +00:00
itojun
766a6d874e have a real lock around IPv6 reassembly. 2002-03-15 10:44:07 +00:00
itojun
3faedc3f92 s/0/NULL/ as ln_hold is a pointer. sync w/ kame 2002-03-15 09:36:27 +00:00
itojun
38f3d28842 have tcp6_drain 2002-03-15 09:25:41 +00:00
itojun
4b327fb1f3 zlib 1.1.4 dislikes Z_FLUSH at the end of inflate(). 2002-03-14 05:18:10 +00:00
itojun
2246ec4a66 on redirect output, always try to attach target link layer address option. 2002-03-05 08:13:56 +00:00
sommerfeld
ef49bcac3c Nuke out-of-synch comment. 2002-03-04 15:18:32 +00:00
itojun
2ff9b43758 sync blowfish function prototype between i386 assembly and C. 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
 2002-02-27 01:32:17 +00:00
itojun
ae1b9c29e9 make sure to check address family on route cache. with IPv4 mapped 
address we can see both AF_INET/INET6.
 2002-01-22 03:53:55 +00:00
itojun
b0e82d3005 do not log() in per-packet input path. sync w/kame 2002-01-08 04:37:32 +00:00
itojun
e6834b7b5c make it compile even if NGIF=0 2001-12-22 01:40:03 +00:00
itojun
a225c3930f whitespace/costmetic sync w/kame 2001-12-21 08:54:52 +00:00
itojun
1536628a1f call encap6_ctlinput on icmp6 against tunnelled packet. sync w/kame 2001-12-21 08:54:19 +00:00
itojun
df8adebac1 remove obsolete #if 0'ed section. sync w/kame 2001-12-21 07:16:58 +00:00
itojun
28922b9973 use radix table for inbound tunnel lookup (would increase performance 
for machines with a lot of tunnels).
update route cache for IPvX-over-IPv6 tunnel on path MTU discovery.
snyc with kame
 2001-12-21 06:30:43 +00:00
itojun
9aaffcfde8 move in6_gif_hlim decl to in6_gif.c. sync with kame 2001-12-21 03:58:15 +00:00
itojun
745e191850 move protosw fragment for gif/stf to their own source code. 
reduce #ifdef in stf code.  sync with kame
 2001-12-21 03:21:50 +00:00
itojun
ebb1c82ec5 centralize multicast group management (in6_join/leavegroup). 
have a flag for ip6_output() to fragment to minimum MTU.
sync with kame
 2001-12-20 07:26:36 +00:00
itojun
1cad8e6085 reduce white space/cosmetic diffs w/kame. 2001-12-18 03:04:02 +00:00
itojun
29064a3fdb remove obsolete #if 0'ed portion. 2001-12-18 01:42:04 +00:00
itojun
33429d0612 correct timing to increment icmp6 MIB variables. sync with kame 2001-12-07 10:10:43 +00:00
itojun
f8321e02a6 fix cast128 with shorter key length. sync with kame 2001-11-27 11:19:36 +00:00
itojun
c23ea6c341 update outgoing ifp, only if tunnel mode ipsec is used. this is to 
honor IP_MULTICAST_IF setsockopt on ipsec-over-multicast.  sync with kame
 2001-11-21 06:28:08 +00:00
perry
c8549493da (minor) delint 2001-11-17 18:55:11 +00:00
lukem
4f2ad95259 add RCSIDs 2001-11-13 00:56:55 +00:00
itojun
d54922c799 check offset overrun in ip6_nexthdr. 2001-11-02 08:05:48 +00:00
simonb
5f717f7c33 Don't need to include <uvm/uvm_extern.h> just to include <sys/sysctl.h> 
anymore.
 2001-10-29 07:02:30 +00:00
itojun
7b1918bdc8 always check extension header length. 2001-10-29 05:23:17 +00:00
itojun
eecba85f88 no tcp_fasttimo any more. PR 14333 2001-10-24 09:37:00 +00:00
itojun
73f4e5001f more whitespace sync with kame 2001-10-24 06:36:37 +00:00
itojun
c7e6405a34 remove unused codepath (unifdef -UUDP6) 2001-10-24 06:04:08 +00:00
itojun
68fbfa26e8 gather stats on raw ip6 socket. sync with kame 2001-10-18 09:12:13 +00:00
itojun
51a9c75998 simplify per-if stats. 2001-10-18 09:09:25 +00:00
itojun
ae5499819c reduce diffs with kame (mostly cosmetic). 
move IPV6_CHECKSUM processing to sys/netinet6/raw_ip6.c.
constify a couple of places.
 2001-10-18 07:44:33 +00:00
itojun
1990d680c4 do not change neighbor cache state on entry timeout, 
if the cache entry is for outgoing router.

perform on-linkness check before default router (re-)seletion.

do not play with interface direct route on nd6_rtrequest.

sync a lot of cosmetic changes.  sync with kame
 2001-10-17 10:55:09 +00:00
itojun
dfb1429789 unifdef OLDIP6OUTPUT 2001-10-17 08:23:05 +00:00
itojun
7dcf45fbd8 more whitespace/comment sync with kame 2001-10-16 06:24:44 +00:00
itojun
45c8a6a57e remove unused #define. sync whitespace/comment with kame. 2001-10-16 04:57:38 +00:00