Commit Graph

593 Commits

Author SHA1 Message Date
itojun
6b9bfc0691 - Call in{,6}_pcbdetach if ipsec initialization is failed during PRU_ATTACH.
This situation happens on severe memory shortage.  We may need more
  improvements here and there.
- Grab IEEE802 address from IFT_ETHER card, even if the card is
  inserted after bootup time.  Is there any other card that can be
  inserted afterwards?  pcmcia fddi card? :-P
- RFC2373 u bit handling suggests that we SHOULD NOT copy interface id from
  ethernet card to pseudo interface, when ethernet card has IEEE802/EUI64
  with u bit != 0 (this means that IEEE802/EUI64 is not universally unique).
  Do not use such address as, for example, interface id for gif interface.
  (I have such an ethernet card myself)
  This may change interface id for your gif interface.  be careful upgrading
  rc files.

(sync with recent KAME)
1999-09-13 12:15:54 +00:00
itojun
770a224d1e fix ipcomp behavior against -R to meet documentation.
From: Laine Stump <lainestump@rcn.com>
1999-09-10 02:05:24 +00:00
itojun
a00c3d5ea1 fix u bit in interface identifier for ether and p2p-802 interfacde. 1999-09-08 00:50:15 +00:00
itojun
45538437d9 - invert u bit on interface id for pseudo interfaces, as suggested in RFC2373.
- do not perform IPv6 initialization for faith* interface, as they become
  mistakingly IFF_UP.  we are wondering if we should nuke in6_ifattach_p2p().
(sync with recent kame)
1999-09-05 01:57:10 +00:00
itojun
5a219342f2 sync with kame; typo in comment. 1999-08-26 11:11:51 +00:00
itojun
0647902fc8 fix IPv6 fragment ID initialization - random() does not return
random value when frag6_init() is called, so use microtime() to stir
the value better.
1999-08-26 11:10:49 +00:00
itojun
4e69e908fe fix AH computation for HbB options. 1999-08-25 17:47:47 +00:00
itojun
ad853adad7 sync with recent kame: fix source address selection on IPv6 tunnel ipsec. 1999-08-25 12:56:38 +00:00
itojun
d48c55f4f0 ctlinput handling must look at ip6_src, not ip6_dst.
(this makes path mtu handling wrong)
1999-08-25 12:38:14 +00:00
itojun
00cf8638cb do not capture packets by gif, when gif interface is down. 1999-08-20 10:07:40 +00:00
itojun
b0ad0eaf51 typo fix (from koji@dti.ad.jp).
remove things that are already done.
1999-08-14 19:17:19 +00:00
itojun
8dba61e664 fix multicast demux.
From: Matthias Drochner <drochner@zel459.zel.kfa-juelich.de>
1999-08-13 10:57:05 +00:00
itojun
a9b7fe4621 return with doing nothing from xx_ctlinput(), when sa->sa_family
is not the expected one.

I see PRC_REDIRECT_HOST with sa->sa_family == AF_UNIX coming to
{tcp,udp}_ctlinput() when I use dhclient, and I feel like adding
more sanity checks, without logging - if we log it it is too noisy.
1999-08-09 10:55:29 +00:00
itojun
7a60aa28c2 log() needs "\n" at the end. 1999-08-09 02:24:52 +00:00
itojun
e5d7b92a94 remove invalid initialization if in6_iflladdr. 1999-08-07 12:33:04 +00:00
itojun
6d8996ba49 import recent kAME fixes.
- initialize hoplimit for raw6 socket properly.
- respect SO_TIMESTAMP on udp6.
- more sanity checks.
1999-08-05 16:01:07 +00:00
itojun
6f3fbf1ce6 remove sys/netinet6/in6_systm.h, as it is very empty.
crypto-us IPSEC build will be broken.
could someone please update?
1999-08-02 11:04:38 +00:00
itojun
70ada0957e sync with recent KAME.
- loosen ipsec restriction on packet diredtion.
- revise icmp6 redirect handling on IsRouter bit.
- tcp/udp notification processing (link-local address case)
- cosmetic fixes (better code share across *BSD).
1999-07-31 18:41:15 +00:00
itojun
06c350054d remove reference to in6_systm.h (file itself will be removed afterwords) 1999-07-30 10:35:34 +00:00
explorer
ed3b6d5791 Fix a problem where tcp_slowtimo was called twice, once for ipv4 tcp and
once for ipv6.  This patch makes the ipv6 case pass NULLs in for fast
and slow timeouts iff defined(INET) and passes in the right function
if !defined(INET).

Reveiwed by itojun@iijlab.net.
1999-07-27 06:23:57 +00:00
itojun
86ef461e35 avoid u_long and hardcoded numbers. 1999-07-22 15:46:13 +00:00
itojun
7fee35f579 - implement IPv6 pmtud, which is necessary for TCP6.
- fix memory leak on SO_DEBUG over TCP.
1999-07-22 12:56:56 +00:00
itojun
76fc599a8d change unnecessary u_long/long into u_int32_t or something relevant.
more fixes should follow.
1999-07-22 03:59:42 +00:00
itojun
869f140395 fix IPV6_CHECKSUM socket option (length computation was wrong). 1999-07-19 18:37:19 +00:00
itojun
c74f79d16f fix faith interface support. need testing.
(i understand this is a dirty hack, of course)
1999-07-17 07:07:08 +00:00
itojun
4502752019 fix compilation/runtime problem on alpha.
PR: 7952, 7953
From: Dave Huang <khym@bga.com>
1999-07-11 17:45:11 +00:00
thorpej
011b02e348 Clean up some printfs(), and mark a few for possible later nuking,
since they appear to be for debugging purposes only.
1999-07-10 19:46:10 +00:00
thorpej
267920eb1a defopt INET6, and put it in opt_inet.h (most places already include this
file, which is why the file list is so short).
1999-07-09 23:41:16 +00:00
thorpej
f9a7668b3f defopt IPSEC and IPSEC_ESP (both into opt_ipsec.h). 1999-07-09 22:57:15 +00:00
itojun
dcc13cdd33 sync with KAME/NetBSD 1.4, SNAP kit 19990705.
key changes are:
- icmp6 redirect fix (dst check)
- revised ip6 multicast check for loopback i/f
- several RCS ID cleanups
1999-07-06 12:23:19 +00:00
itojun
6ea6ccf105 checked build on alpha and i386, with GENERIC.v6.
fixed several sizeof(void *) and sizeof(size_t) issues on alpha.

Thanks to: Dave Huang and Tim Rightnour
1999-07-06 08:55:56 +00:00
itojun
f3c72d8503 fix IPSEC (but not INET6) build.
PR: 7921, 7922, 7924
From: rafal@mediaone.net
1999-07-06 05:09:22 +00:00
itojun
9b74747370 s/splnet/splsoftnet/ in IPv6/IPsec part.
hope I made no mistake (the kernel works fine but I need a regress test)

Suggested by: thorpej
1999-07-04 02:01:15 +00:00
thorpej
cd3a345ea0 RCS ID police. 1999-07-03 21:24:45 +00:00
kleink
dd24133620 Take a stab at namespace protection. For now, only the obvious problems are
addressed, the culprit being the lack of a namespace definition for an IPv6-
extended <netinet/in.h> in XNS5.2 D2.0; I'll try to work something out and
submit it to the review WG.
1999-07-03 14:04:57 +00:00
itojun
af58d5709d try to get a non-conflicting port # when bind(2) to port number 0
is called.
1999-07-02 19:57:05 +00:00
itojun
243585320c expand insque/remque (quick hack). fundamental fix should be done
while clarifying relationship between inpcb and in6pcb.

PR: 7891
1999-07-02 12:43:42 +00:00
itojun
f8346292af move ipsec sysctl index to IPPROTO_AH (instead of IPPROTO_ESP),
so that you can perform sysctl operation when ESP is not compiled in.
1999-07-02 08:46:47 +00:00
itojun
932ab72aee remove TIME_WAIT issue, it was false. 1999-07-02 07:36:33 +00:00
itojun
8ebf9f7039 add tcp6 port # oddity.
add splnet/splsoftnet issue.
1999-07-02 07:16:29 +00:00
itojun
c74aeb8363 document issues in libc extensions. 1999-07-01 18:28:55 +00:00
itojun
118d2b1d4f IPv6 kernel code, based on KAME/NetBSD 1.4, SNAP kit 19990628.
(Sorry for a big commit, I can't separate this into several pieces...)
Pls check sys/netinet6/TODO and sys/netinet6/IMPLEMENTATION for details.

- sys/kern: do not assume single mbuf, accept chained mbuf on passing
  data from userland to kernel (or other way round).
- "midway" ATM card: ATM PVC pseudo device support, like those done in ALTQ
  package (ftp://ftp.csl.sony.co.jp/pub/kjc/).
- sys/netinet/tcp*: IPv4/v6 dual stack tcp support.
- sys/netinet/{ip6,icmp6}.h, sys/net/pfkeyv2.h: IETF document assumes those
  file to be there so we patch it up.
- sys/netinet: IPsec additions are here and there.
- sys/netinet6/*: most of IPv6 code sits here.
- sys/netkey: IPsec key management code
- dev/pci/pcidevs: regen

In my understanding no code here is subject to export control so it
should be safe.
1999-07-01 08:12:45 +00:00
itojun
74d3c214ec KAME/NetBSD 1.4 SNAP kit, dated 19990628.
NOTE: this branch (kame) is used just for refernce.  this may not compile
due to multiple reasons.
1999-06-28 06:36:47 +00:00