Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
101,828 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

577 Commits

Author SHA1 Message Date
itojun 37bd81ba1e allow "deprecated" bit to be manually set. PR 18163 2002-09-04 07:22:28 +00:00
itojun c7b00b4ce4 pass proc * to in6_pcbsetport. PR 18073 2002-08-26 14:25:00 +00:00
itojun 967cf54a67 check packet length before fetching ESP crypto checksum. sync w/kame 2002-08-21 23:12:01 +00:00
itojun e5df0242ce sync up use_deprecated handling with latest kame. 
- bind(deprecated) is allowed, trusting userland app is doing the right thing
- use_deprecated default to 1
 2002-08-20 22:06:04 +00:00
itojun ddbeae9874 check error from copyout 2002-08-19 23:23:22 +00:00
itojun bec19ac64c typo in comment 2002-08-19 23:21:11 +00:00
itojun 041c651838 fix copyout() logic. more proper fix to be done on kame tree. 2002-08-19 23:14:39 +00:00
itojun 8b2ed6900d copyout only if oldp is non-null 2002-08-19 07:23:22 +00:00
itojun cc0fa7bc37 need explicit copyout(), apparently 2002-08-19 06:50:22 +00:00
itojun e89be6a279 set default value for use_deprecated to 0, to avoid consequences with ftpd. 2002-08-17 22:15:58 +00:00
itojun c00fa8dfd9 avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE 
optimization made last year.  should solve PR 17867 and 10195.

IP_HDRINCL behavior of raw ip socket is kept unchanged.  we may want to
provide IP_HDRINCL variant that does not swap endian.
 2002-08-14 00:23:27 +00:00
itojun ed12d77e43 avoid hardcoded "16" for max AH sum size. use AH_MAXSUMSIZE. 2002-08-09 07:01:21 +00:00
itojun 68e52f0ace use correct padding boundary, to correctly estimate ESP header size. 
problem found by Arto Selonen <arto@selonen.org>
 2002-08-09 06:38:12 +00:00
itojun bb92058a0f cut and paste error in comment. From: Arto Selonen <arto@selonen.org> 2002-08-09 06:29:01 +00:00
itojun af8ad017f7 typo. From: Arto Selonen <arto@selonen.org>, sync w/kame 2002-08-01 05:17:47 +00:00
itojun a919a4c628 no need to check NULL mbuf, as we touch it already. 
From: tedu <grendel@zeitbombe.org>
 2002-07-30 23:27:15 +00:00
itojun d337ab206e no need to handle NULL argument in defrouter_delreq. 
From: tedu <grendel@zeitbombe.org>
 2002-07-30 23:24:21 +00:00
itojun d08a33e8b1 correct multicast packet MTU check. sync w/kame 2002-07-25 12:41:51 +00:00
itojun 8b02a8b924 remove unneeded extern decl (commented out). sync w/kame 2002-07-20 21:11:55 +00:00
wiz e00173a7f2 Spell 'should' correctly. 2002-07-18 11:59:06 +00:00
itojun d67bce4593 no need to bzero() twice. from he@netbsd 2002-07-13 21:04:55 +00:00
itojun 51bd9285d5 correct ping6 -w result wth hostname with [A-Z]. PR 17540. sync w/kame 2002-07-10 05:05:01 +00:00
thorpej 10c252ba47 Changes to allow the IPv4 and IPv6 layers to align headers themseves, 
as necessary:
* Implement a new mbuf utility routine, m_copyup(), is is like
  m_pullup(), except that it always prepends and copies, rather
  than only doing so if the desired length is larger than m->m_len.
  m_copyup() also allows an offset into the destination mbuf, which
  allows space for packet headers, in the forwarding case.
* Add *_HDR_ALIGNED_P() macros for IP, IPv6, ICMP, and IGMP.  These
  macros expand to 1 if __NO_STRICT_ALIGNMENT is defined, so that
  architectures which do not have strict alignment constraints don't
  pay for the test or visit the new align-if-needed path.
* Use the new macros to check if a header needs to be aligned, or to
  assert that it already is, as appropriate.

Note: This code is still somewhat experimental.  However, the new
code path won't be visited if individual device drivers continue
to guarantee that packets are delivered to layer 3 already properly
aligned (which are rules that are already in use).
 2002-06-30 22:40:32 +00:00
itojun 3973cdf049 typo in name 2002-06-29 12:33:33 +00:00
itojun d7006267f3 reduce kernel stack usage by separating struct secasindex. sync w/kame 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
 2002-06-27 12:12:49 +00:00
itojun 61f28217c4 move sanity check upwards. sync w/kame 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
 2002-06-22 12:27:09 +00:00
itojun cfb9a4a799 avoid listening socket from mistakenly use incorrect cached policy. 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>  sync w/kame
 2002-06-22 12:04:07 +00:00
itojun 69d65da8c6 sizeof mistake in DIAGNOSTIC path. sync w/kame 
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
 2002-06-21 23:15:35 +00:00
itojun 3033187db0 previous commit cached pcb policy too much (when pcb points to 
SPD entry that is not ipsec - like "none").  back it out.  sync w/kame
 2002-06-16 16:28:36 +00:00
itojun c1808f02bf cache pcb policy as much as possible. in fact, if policy is not 
IPSEC_POLICY_IPSEC we don't need to compare spidx.  sync w/kame
 2002-06-14 14:47:24 +00:00
itojun 813344bfbe remove redundant line 2002-06-14 14:17:55 +00:00
itojun a8dde3fa57 free secpolicy on deepcopy failure 2002-06-13 05:10:13 +00:00
itojun dc96111483 deep-copy pcb policy if it is an ipsec policy. assign ID field to all 
SPD entries.  make it possible for racoon to grab SPD entry on pcb
(racoon side needs some changes).  sync w/kame
 2002-06-12 17:56:45 +00:00
itojun 3489976392 do not copy policy-on-socket at all. avoid copying packet header value to 
struct spindex.  should reduce memory usage per socket/pcb, and should speedup
ipsec processing.  sync w/kame
 2002-06-12 01:47:34 +00:00
itojun fa53d749ff share policy-on-pcb for listening socket. sync w/kame 
todo: share even more, avoid frequent updates of spidx
 2002-06-11 19:39:59 +00:00
itojun 2533e1f81f avoid variable name confusion. sync w/kame 2002-06-11 17:26:52 +00:00
itojun 9b2ae3537c silence some of log(), as the codepath will be visited for IPv6-non-capable 
interfaces too and can be annoying.  net.inet6.icmp6.nd6_debug will
re-enable them.
 2002-06-11 07:28:05 +00:00
itojun b05ff066a7 whitespace cleanup 2002-06-09 14:43:10 +00:00
itojun e55d3b6782 indent cleanup 2002-06-08 21:32:55 +00:00
itojun 7316bc595b KNF 2002-06-08 21:29:26 +00:00
itojun 2495e99fc7 gc 2002-06-08 21:28:18 +00:00
itojun 6d8d0d63d8 sync with latest KAME in6_ifaddr/prefix/default router manipulation. 
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
  use sysctl path instead.
- lo0 does not get ::1 automatically.  it will get ::1 when lo0 comes up.
 2002-06-08 21:22:29 +00:00
itojun fc5800e3fd whitespace cleanup 2002-06-08 20:06:44 +00:00
itojun 2f88f76db1 in6_len2mask is a duplicate of in6_prefixlen2mask. unify. sync w/kame 2002-06-08 00:07:00 +00:00
itojun 9736fd7f05 on SIOCAIFADDR_IN6 check if sin6_len is sane. sync w/kame 2002-06-08 00:01:30 +00:00
itojun e4f39ff86f panic() if NULL is passed to ah_sumsiz_xx. suggested by sam leffler, sync w/kame 2002-06-07 23:42:41 +00:00
itojun 36f10d3196 some KNF 2002-06-07 22:08:41 +00:00
itojun acf7dffae4 some KNF 2002-06-07 22:07:38 +00:00
itojun 0026ddd6dd no need for offsetof() 2002-06-07 22:06:48 +00:00
itojun edcbce7c37 typo 2002-06-07 22:05:37 +00:00