-
Notifications
You must be signed in to change notification settings - Fork 22
/
CHANGELOG
4095 lines (3351 loc) · 173 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
CHANGELOG for KAME kit
$KAME: CHANGELOG,v 1.1247 2000/08/31 17:33:15 itojun Exp $
<200008>
Fri Sep 1 02:30:02 JST 2000 itojun@iijlab.net
* netbsd/lib/libinet6/getaddrinfo.c: on /etc/hosts lookup, set
"official host name" (the leftmost hostname) into ai_canonname.
this is to synchronize with practice in gethostby*.
comment from ume.
* sys/crypto: repair behavior on LP64 architecture. blowfish and
des did not work at all (or behave strange), due to issues in SSLeay.
* kame/racoon: allow comment line in pre-shared key setting.
Thu Aug 31 20:04:27 JST 2000 itojun@iijlab.net
* freebsd2/ports/sendmail.beta: upgrade to 8.11.0.
Thu Aug 31 15:18:39 JST 2000 sakane@ydc.co.jp
* kame/kame/pfkey.c:
- Fixed to check if kernel supports the algorithm. the routine
overrided the map of algorithms supported whenever a user calls
pfkey_recv_register().
- added ipsec_check_keylen2(). It's called with sa-type instead
supported-type.
- added pfkey_set_supported(). It's called with sadb_msg buffer,
and make the map.
Thu Aug 31 01:57:06 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/heimdal: upgrade to 0.3b but now it is broken due
to use old 2292API.
2000-08-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi4/sys/netinet/ip_input.c (ip_forward): made the code
friendly with a BSDI's official patch.
From: Takashi Taniguchi <tani@iij.ad.jp>
2000-08-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (ni6_input):
* kame/sys/netinet6/icmp6.c (ni6_addrs):
* kame/sys/netinet6/icmp6.c (ni6_store_addrs):
some corrections and clarfications about nodeinfo node addresses:
- fixed misuse of the A flag
- fixed a bug to produce truncated responses
- checked the subject address instead of ip6_dst in ni6_addrs
- updated comment based on the latest draft(06)
Wed Aug 30 15:02:27 JST 2000 itojun@iijlab.net
* kame/ping6/ping6.c, sys/netinet6/in6_ifattach.c:
downcase hostname/DNS name, before computing NI group address.
From: yoshfuji
2000-08-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (prelist_update): reverted the
original two-hour rule for updating address lifetime in RFC 2462.
We've adopted the "Jim Bound algorithm", but we found no strong
reason to do so through recent discussions.
Tue Aug 29 16:29:49 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/{libpcap,tcpdump}: use 2000/8/28 weekly snap
from tcpdump.org.
* freebsd2/ports/{libpcap,tcpdump}: use 2000/8/28 weekly snap
from tcpdump.org.
2000-08-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (prelist_update): clarification
about the "two-hour" rule in RFC 2462 (currently disabled,
though)
- do not take into account if the pakcet is authenticated unless
storedlifetime <= TWOHOUR.
- changed the semantics of storedlifetime
from "Valid Lifetime in the previously received advertisement"
to "*remaining* lifetime of the stored entry".
Tue Aug 29 01:45:33 JST 2000 itojun@iijlab.net
* sys/netinet6/esp_core.c: experimental twofish/rijndael (AES
candidate) support in kernel IPsec, based on
draft-ietf-ipsec-ciph-aes-cbc-00.txt. only either of them can be
enabled. by default, rijndael is used. if you define
IPSEC_ESP_TWOFISH in your kernel configuration file, twofish is used.
(this is due to library namespace issue - we are using the sample
code submitted to AES, and they use conflicting symbols)
TODO: racoon support
Mon Aug 28 23:22:59 JST 2000 itojun@iijlab.net
* sys/netinet6/esp_core.c: revisit ESP crypto algorithm handling.
use block cipher code from esp_cbc_{en,de}crypt(), so that we can
easily switch the block cipher code, and reuse mbuf chasing part.
* sys/netinet6/esp_core.c: it looks that the old blowfish support code
has some bug. switch to the new codebase. old codebase and
new codebase does not interop with each other. the code will be
bringed into *BSD after we go through real interop tests.
Mon Aug 28 02:25:14 JST 2000 itojun@iijlab.net
* sys/netkey/key.c: stir ESP IV better. on some of operating system
platforms, kernel malloc() gives region with almost constant content.
IPSEC USERS ARE STRONGLY SUGGESTED TO UPDATE.
Sun Aug 27 21:25:44 JST 2000 itojun@iijlab.net
* sys/netinet6/esp_core.c: ESP internal function API change;
algo->{en,de}crypt frees mbuf on error.
2000-08-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_lifaddr_ioctl): made
SIOC[DG]LIFADDR scope-aware; fe80::/64 (not /10) will be accepted
to specify a link-local address.
In response to a report from Francis Dupont
<Francis.Dupont@enst-bretagne.fr>.
Thu Aug 24 20:17:26 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
It is possible to verify the signer chain in the certificate.
You must have all of the certificate of each authorities before
the certificate verification.
Also racoon can output a readable certificate to the logfile during
debugging.
XXX the caomparison between ID value and Subject{,Alt}Name is not yet.
Thu Aug 24 16:07:40 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/bind9, freebsd3/ports/bind9: use bind
9.0.0rc4.
Thu Aug 24 16:01:26 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Fixed IV processing. IV mismatching happened when a peer sent a
encrypted informational exchange on phase 1. Also added a comment
about IV processing in handler.h. And deleted ivd in IV hander
because it is useless.
Wed Aug 23 22:42:19 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Added the behavior of PFS selection in the case of "strict"/"claim".
If PFS is not required by the responder, the responder obeys the
proposal. If PFS is required by both sides and if the responder's
group is not equal to the initiator's one, then the responder reject
the proposal.
Wed Aug 23 18:13:50 JST 2000 kjc@csl.sony.co.jp
* add ALTQ support to the dc driver and ethernet bridging of openbsd.
Wed Aug 23 15:20:59 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Added a level of "exact" to "proposal_check" directive. When the
responder define it, the responder will reject the proposal if each
lifetime/lifebytes/pfs are not same between the initiator and the
responder.
Wed Aug 23 14:18:44 JST 2000 itojun@iijlab.net
* netbsd/sbin/ping6: provide stddev value at the end, to follow
practice in netbsd ping(8).
Wed Aug 23 13:19:59 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd3/ports/squid11: use latest IPv6 patch.
Wed Aug 23 12:30:02 JST 2000 itojun@iijlab.net
* sys/netinet6/route6.c: dropped COMPAT_RFC2292 clause.
it still have binary backward compatible behavior with RFC2292,
modulo strict/loose bit.
Wed Aug 23 10:43:07 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Enabled to check PFS group strictly. It can be done by
defining "strict" to "proposal_check" in "remote" directive.
Tue Aug 22 17:19:46 JST 2000 suz@sdl.hitachi.co.jp
* kame/sys/netinet6/in6_ifattach.c (in6_ifattach): application
using routing-socket (e.g. zebra) can detect automatic addition
of linklocal I/F address by RTM_NEWADDR message.
Mon Aug 21 13:33:12 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd4/ports/{ct, v6eval}: TAHI test tools
Mon Aug 21 19:17:17 JST 2000 sakane@ydc.co.jp
* freebsd3/ports/apache13: apache 1.3.12 + latest IPv6 patch
2000-08-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/route6.c (ip6_rthdr0): made the code friendly
with the old advanced API (RFC2292). Note that the kernel
compilation option "COMPAT_RFC2292" is necessary to enable this.
2000-08-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (prelist_update): corrected the
interpretation of "StoredLifetime" in the "Jim Bound algorithm".
Pointed out by OKABE Nobuo <Nobuo_Okabe@yokogawa.co.jp>.
Mon Aug 21 13:33:12 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd3/ports/{ct, v6eval}: upgrade to 1.1
2000-08-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_mroute.c (ip6_mforward): do not forward
packets with the unspecified source address. This is rather more
serious than unicast cases, because some MLD packets can be sent
with the unspecified source address (although such packets must
normally set 1 to the hop limit field).
Sun Aug 20 20:14:36 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/zebra: upgrade to 0.88.
Sun Aug 20 20:23:03 JST 2000 itojun@iijlab.net
* freebsd3/ports/rsync, netbsd/pkgsrc/net/rsync: upgrade to 2.4.5.
Sun Aug 19 JST 2000 itojun@iijlab.net
* sys/netinet6/ip6_output.c: repair mbuf manipulation in outgoing
jumbogram support
* sys/netinet6: some pedant fix for memory access alignment constraint.
* sys/netinet6/ip6_output.c: add diagnostic code for advanced API
memory allocation (there seem to be some memory leak, need
correction)
Fri Aug 18 23:53:15 JST 2000 itojun@iijlab.net
* sys/crypto/rc5: drop IPsec RC5 support.
Fri Aug 18 20:29:23 2000 Shin'ichi Fujisawa <fujisawa@kame.net>
* remove kame/kame/sys/netpm/*.[ch] because this code is obsolete.
NOTICE: If you want to cleanup old symlinks,
perform "make TARGET=netbsd clean", in the top directory.
Of course, you should select TARGET name for proper one.
Fri Aug 18 14:22:15 JST 2000 suz@sdl.hitachi.co.jp
* kame/sys/netinet6/in6.c: always assign prefixlen 128
for non-linklocal prefix of P2P and loopback I/F.
This feature is enabled only when you define
"USE_FIXED_P2P_PLEN" macro.
Fri Aug 18 11:34:01 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra: upgrade to 0.88.
Thu Aug 17 19:27:34 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra: upgrade to 0.88pre2.
Thu Aug 17 10:19:13 JST 2000 itojun@iijlab.net
* openbsd: change kernel headers to use "NEW_STRUCT_ROUTE" definition.
kernel can panic if you don't define it in kernel configuration file.
Wed Aug 16 15:41:28 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/wget: upgrade to latest IPv6 patch.
IPv6 FTP is now available.
2000-08-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi4/sbin/ifconfig/ifconfig.c: set some IPv6 related parameters
to a correct variable. Without this fix, for example, an IPv6
anycast address couldn't be configured with the ifconfing command.
Tue Aug 15 22:28:09 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/apache13: apache 1.3.12 + latest IPv6 patch
* freebsd3/ports/mrt: mrt 2.2.2a-Aug11
* freebsd3/ports/lynx: upgrade to 2.7.4dev7 which IPv6 patch was
merged.
* freebsd3/ports/python: use latest IPv6 patch.
Tue Aug 15 18:16:14 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/lang/python: use latest IPv6 patch.
* netbsd/pkgsrc/lang/python-current: python 1.6b1 + IPv6 patch
* netbsd/pkgsrc/www/apache13: apache 1.3.12 + latest IPv6 patch
* netbsd/pkgsrc/net/mrt: mrt 2.2.2a-Aug11
Tue Aug 15 16:41:23 JST 2000 itojun@iijlab.net
* netbsd: change kernel headers to use "NEW_STRUCT_ROUTE" definition.
kernel can panic if you don't define it in kernel configuration file.
Tue Aug 15 16:39:43 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/postfix: postfix 20000531 + IPv6 patch.
Tue Aug 15 16:24:51 JST 2000 itojun@iijlab.net
* kame/sys/net/if_stf.c, kame/sys/netinet/in_gif.c:
repair IN_MULTICAST() check for bsdi/freebsd.
IN_MULTICAST() and IN_CLASS[A-D] macro has different endianness
in *BSDs.
Mon Aug 14 21:22:20 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/devel/boehm-gc: upgrade to 5.0a7
* netbsd/pkgsrc/www/w3m: upgrade to 0.1.10
Mon Aug 14 18:15:54 JST 2000 suz@kame.net
* freebsd{2,3}/sbin/ifconfig/ifconfig.c
+ don't assign dummy address to an interface when it's brought
up by "ifconfig up". (same fix has to be done on FreeBSD-4.0)
Mon Aug 14 16:07:45 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/security/openssl: update to 0.9.5a.
* netbsd/pkgsrc/mail/postfix-current: postfix 20000531 + IPv6 patch.
Mon Aug 14 13:05:11 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd3/ports/mozilla: upgrade to M17.
Sun Aug 13 11:09:44 JST 2000 itojun@iijlab.net
* kame/rtsold/rtsold.c: add -a flag, to autoprobe interface.
suggested by thorpej@netbsd.org
Sun Aug 13 09:45:09 JST 2000 itojun@iijlab.net
* kame/route6d: repair LP64 problem. from thorpej@netbsd.org
2000-08-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd: implemented an experimental (and KAME
proprietary) hello option "additional addresses".
* kame/kame/pim6sd/route.c (set_incoming): when upstream router
determination, consider neighbor's additional addresses got
through the new option. This solves a case of mismatch between RP
and PIM neighbor.
2000-08-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/main.c (cleanup): upon receipt of SIGTERM,
inform all neighbors the termination by sending a hello message
with 0 holdtime.
2000-08-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd3/usr.bin/netstat/if.c (intpr): supported IPv6 scoped
addresses format.
2000-08-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/pim6_proto.c (receive_pim6_bootstrap): added a
pair of braces to avoid unintentional failure.
In response to the PR kit/279 from Daniel Elphick
<de@ecs.soton.ac.uk>
2000-08-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd3/ports/bind9/: upgraded to 9.0.0rc2.
2000-08-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd4/include/.prepare: was added to ignore ifaddrs.h
conflict between the FreeBSD's original version and the KAME's
shared version.
In response to a report from Tetsuya Isaki
<isaki@net.ipc.hiroshima-u.ac.jp>
2000-08-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ping6/ping6.c (pr_pack): printed multple sets of
bitmaps for NI supported QTYPEs.
(from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>)
Fri Aug 11 12:00:47 JST 2000 suz@kame.net
* bsdi3/sys/netiso: if NEW_STRUCT_ROUTE is defined, just use
`struct route' instead of struct route_iso.
(compilable, but not tested)
Thu Aug 10 04:42:35 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Implemented responder lifetime selection. It does not conform to
the description of RFC2407 completely. There are three type of the
behavior by specifing the value of "proposal_check" in "remote"
directive.
In phase 2 case, a RESPONDER-LIFETIME notify payload includes into
the exchange if needed. To send the payload is not processed in
phase 1 case yet.
Thu Aug 10 01:19:58 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/bind9: upgrade to 9.0.0rc2.
Wed Aug 9 22:37:14 JST 2000 itojun@iijlab.net
* kame/ping6/ping6.c: support compresed DNS label string. be more
picky about DNS label validation.
Mon Aug 7 23:59:51 JST 2000 itojun@iijlab.net
* libinet6/resolv/res_send.c: correct sendto() timeout retry loop.
old code made infinite loop in EINTR-busy environment.
NetBSD PR 6410.
2000-08-07 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi4/sys/netiso: if NEW_STRUCT_ROUTE is defined, just use
`struct route' instead of struct route_iso.
(compilable, but not tested)
Sun Aug 6 05:41:47 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd4: we now start to support 4.1-RELEASE.
Fri Aug 4 00:16:00 JST 2000 itojun@iijlab.net
* kame/ping6/ping6.c: support icmp6 node information
"supported query types" query, by ping6 -t.
Thu Aug 3 05:36:23 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Improved to check a packet which is processed or not. The way is
to compare between the hash of a packet has been processed and the
list of hashs which are processed before.
Thu Aug 3 03:00:36 JST 2000 sakane@ydc.co.jp
* kame/sys/{netkey/{key.c,keydb.h},netinet6/ipsec.h}:
Improved lifetime handling. It uses real time instead of tick.
XXX year 2038 problem remains.
Thu Aug 3 00:49:58 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Tryed sending DELETE message against ISAKMP/IPsec SAs deleted
before racoon terminates.
Thu Aug 2 JST 2000 itojun@iijlab.net
* sys/netinet6/icmp6.c: implement icmp6 nodeinfo "supported qtypes".
* sys/netinet6: remove bogus DIAGNOSTIC cases for sizeof(ro.ro_dst).
Tue Aug 1 23:53:36 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/ja-mnews: upgrade to 1.22PL4.
2000-08-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi4/sys/netiso/tp_inet.c (tpip_output_dg):
* bsdi4/sys/netiso/tp_inet.c (tpip_ctlinput):
adjusted arguments to ip_output() and in_pcbnotify() for the
KAME code.
Tue Aug 1 04:03:29 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
No weak key check perform on racoon. She leaves this check to kernel.
Tue Aug 1 00:20:44 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd3/lib/libftpio: try IPv4 if IPv6 connecting was
failed.
From: FreeBSD-current
<200007>
Mon Jul 31 23:26:19 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd4/sys/net/if_types.h: move private use IFT_xx to
0xf0 for syncing FreeBSD-current.
* kame/freebsd3/sys/net/if_types.h: sort IFT_xx for syncing
FreeBSD-current.
WARNING: you must recomplie all KAME applications.
2000-07-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/(various files): made FAKE_LOOPBACK_IF default
(as previously announced). At this moment, the older behavior can
be specified by the "OLD_LOOPBACK_IF" kernel compilation option.
2000-07-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c: made ND6_USE_RTSOCK option default.
2000-07-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/vif.c (init_vifs):
* kame/kame/pim6sd/cfparse.y (phyint_config):
made sure to check if a valid global address exists after parsing
the configuration file, in order to avoid unexpected hang up.
From: Kengo NAGAHASHI <kenken@wide.ad.jp>
Sat Jul 29 JST 2000 itojun@iijlab.net
* freebsd2/bsdi3: repair NEW_STRUCT_ROUTE support.
Sat Jul 29 07:57:41 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/{libpcap,tcpdump}: use 2000/7/24 weekly snap
from tcpdump.org.
Fri 28 Jul 18:56:23 JST 2000 kjc@csl.sony.co.jp
* make altqd aware of token bucket regulators
- install a token bucket regulator when an interface is
attached unless there is already one installed.
- remove the installed tbr when the interface is detached.
Fri Jul 28 12:46:55 JST 2000 itojun@iijlab.net
* netbsd/sys/netinet/tcp_output.c: add missing call to tcp6_quench().
* GENERIC.v6 config file for all *BSD:
enable NEW_STRUCT_ROUTE and FAKE_LOOPBACK_IF for torture-testing,
which will be enabled by default soon.
Thu Jul 27 22:40:51 JST 2000 itojun@iijlab.net
* sys/netinet6/ip6_forward.c: do not forward packets with unspecified
IPv6 source. this is not on the documents, but it seems to have got
rough consensus on ipngwg (July 2000).
Thu Jul 27 12:16:52 JST 2000 itojun@iijlab.net
* tcp6 layer (all *BSD):
be proactive about unspecified IPv6 source address. pcb layer uses
unspecified address (::) to mean "unbounded" or "unconnected",
and can be confused by packets from outside.
Wed Jul 26 JST 2000 itojun@iijlab.net
* sys/netinet6: repair faith support. there are couple of mistakes
we had: (1) m->m_pkthdr.rcvif no longer points to faith* interface,
however, tcp/udp/icmp6 layer tried to check rcvif. this results in
mysterious icmp6 reply from faith relaying node, for translated
destinations. (2) in many places "faith.h" was not included
Wed 26 Jul 19:55:19 JST 2000 kjc@csl.sony.co.jp
* add tbrconfig(8), a tool to configure a token bucket regulator
for an interface.
(need ALTQ configured in the kernel. A SMP box should have
ALTQ_NOPCC not to use processor cycle counter)
tbrconfig(8) is originally written for tuning ALTQ, but
can be used as a handy tool to rate-limit an interface.
for example, to rate-limit the fxp0 interface up to 25Mbps,
# tbrconfig fxp0 25M auto
see tbrconfig(8) for more details.
Wed Jul 26 12:52:50 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Fixed to get a destination address when a packet is received from
a peer. It happened when a interface had similar multiple addresses.
Wed Jul 26 11:08:23 JST 2000 itojun@iijlab.net
* sys/netinet6/ip6_input.c: reject IPv6 packet with IPv4 mapped
address in the header. this makes more sense as we cannot be
put into SIIT environment (no BSD supports non-INET kernel
compilation). This is an undo for a change on Mar 28 2000.
Wed Jul 26 11:01:41 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/{libpcap,tcpdump}: use 2000/7/24 weekly snap
from tcpdump.org.
2000-07-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd3/usr.bin/telnet/commands.c (tn): set the source address
specfied by the -s option correctly.
KAME PR sys/272.
Tue 25 Jul 19:12:42 JST 2000 kjc@csl.sony.co.jp
* the first round of ALTQ interface mega cleanup:
- cleanup the system interface to the rest of the kernel.
(the second round cleans up altq internals.)
* bring in the new output queue model.
the new model removes "#ifdef ALTQ" from most of the
drivers, and thus, touches all the drivers used by ALTQ.
- the type of if_snd in struct ifnet is changed from
struct ifqueue to struct ifaltq.
- the altq related fields are moved from struct ifnet
to struct ifaltq.
- use the newly introduced IFQ_XXX macros instead of
IF_XXX macros
* the new altq mechanism consists of classifier, queueing
discipline, and token bucket regulator.
- add token bucket regulator to control network devices.
tbr decouples driver tuning from disciplines.
* other changes:
- removed 2 kernel config options
ALTQ_ACCOUNT: should be part of classifier
AFMAP: doesn't really belong to altq
- added kernel option
ALTQ_NOPPC: do not use processor cycle counter
- support alpha architecture on netbsd/openbsd.
make use of alpha_rpcc() for a high resolution clock.
- add new driver support: ex, wi, tun, ppp
- some other style(9) cleanup
Mon Jul 24 23:34:26 JST 2000 itojun@iijlab.net
* *bsd*/usr.bin/telnet/commands.c: do not use IPV6_PKTOPTIONS in
2292bis API environment. IPv6 source route is temporarily disabled.
* libinet6/if_nameindex.c: malloc length computation bug. from kjc.
Mon Jul 24 09:31:25 JST 2000 itojun@iijlab.net
* sys/netinet6/in6.h: try to provide binary backward compatibility for
RFC2292 API, deployed into freebsd40/netbsd15/openbsd27.
TODO: check 2292/bis-on-TCP behavior.
PLEASE RECOMPILE ALL KAME USERLAND BINARIES.
Mon Jul 24 08:22:29 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/netperf: use the latest IPv6 patch (7/21).
Sat Jul 22 01:05:03 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Trying to conform with draft-ietf-mobileip-ipv6-12. If "support_mip6"
in remote directive is on, both values of ID payloads in phase 2
exchange are always used as the addresses of end-point of IPsec-SAs.
Sat Jul 22 JST 2000 itojun@iijlab.net
* sys/netinet6/esp_core.c: cache intermediate key for ESP encryption
algorithms, into SAs. this will drastically improve performance
for algorithms with long key setup time (blowfish).
KAME PR 229. suggested by sommerfeld.
Fri Jul 21 22:37:44 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/mail/sendmail.beta: use 8.11.0.
* netbsd/pkgsrc/net/netperf: use the latest IPv6 patch (7/21).
2000-07-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/bgp.c: clarification about the advanced API;
do not use IPV6_PKTOPTIONS in pure RFC2292 (i.e. not 2292bis)
paths.
Thu Jul 20 01:52:59 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/{libpcap,tcpdump}: use 7/17 weekly snap.
* freebsd3/ports/mtr: use latest IPv6 patch.
Wed Jul 19 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- when racoon is running local test mode, AND initial contact is
received, don't delete phase 2 SA.
- more improve to delete phase 1 SA on receiving initial contact.
Wed Jul 19 22:22:47 JST 2000 itojun@iiljab.net
* kame/rtsold/rtsol.c, kame/rtadvd/rtadvd.c: ip6_var.h requires
sys/queue.h.
* netbsd/pkgsrc/net/{libpcap,tcpdump}: use 7/17 weekly snap.
Tue Jul 18 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- don't send notify message in processing of information exchange.
- fixed a possible memory leak when error occure.
- added some message about comparing each values in proposal.
- improved to delete phase1 SA when delete message is received OR
initial contact is received.
Mon Jul 17 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- commented when id payload of subnet type with full bit masked.
Mon Jul 17 18:45:11 JST 2000 itojun@iijlab.net
* sys/netkey/key.c: allow ESP with no authentication. it was
mistakenly forbidden with the recent key.c change.
Mon Jul 17 03:31:47 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/ruby: upgrade to 1.4.5.
Sun Jul 16 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- commented when id payload of subnet type with full bit masked.
- racoon.conf are updated about padding option.
Sun Jul 16 16:44:24 JST 2000 itojun@iijlab.net
* sys/netinet6/ip6_forward.c: enable IPSEC_IPV6FWD case by default.
(actually, previous default behavior was wrong as it transmits
forwarded packets in clear, even though the policy asks for
encryption)
Sun Jul 16 14:32:58 JST 2000 itojun@iijlab.net
* kame/ping6:
- check duplicated replies for node information query (*)
- fill nonce field for node information query (*)
- use generic icmp6 printer for echo/echo reply/ni reply/ni reply,
when ident/nonce does not match
- clarlify outgoing packet construction a bit
(*) based on patch from yoshfuji, cleaned up by itojun
Sun Jul 16 13:26:12 JST 2000 itojun@iijlab.net
* sys/netinet6/icmp6.c: ICMPv6 node information query now based on
06 draft (ping6 -w).
Sun Jul 16 00:57:23 JST 2000 itojun@iijlab.net
* sys/netinet6/in6.h; do not pull sys/queue.h in (it is not
necessary anyways)
* sys/net/pfkeyv2.h: correct conformance to RFC2367 (SADB_[EA]ALG_xx
symbol name). beware: the change breaks backward compatibility.
setkey and racoon MUST be recompiled after updating include files.
Sat Jul 15 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- fixed the place of checking whether delete payload is protected
when delete notification is received.
- When a IKE node receive a delete payload, the node always delete
outbount SAs only. So destination IP address have to check before
SA will be deleted.
- Delete phase 1 handler when a delete notification has been received.
Renamed purge_spi() to purge_ipsec_spi() accompanied with above
chanege.
- commented about the reason why we don't send delete payload
for outbound SAs.
- added a option to randomize values in a padding. clarified to
randomize length.
- fixed some of memory leak.
Sat Jul 15 13:51:59 JST 2000 itojun@iijlab.net
* kame/route6d: if a routing entry exists for aggregate prefix (-A),
do not overwrite it (exit with error). it should be a safer behavir.
Fri Jul 14 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- enable to switch sending initial contact.
- try to send delete payload on phase 1 when phase 1 sa is deleted
- fixed to compare address family in two sockaddrs.
- fixed making a length of IPv6 ID payload. it was used a length of
struct in_addr.
- fixed a part of sending a notification on phase 2.
- fixed making a ID payload of type of IPv4 address. There was
unnecessary space in a address part.
Thu Jul 13 22:27:18 JST 2000 itojun@iijlab.net
* openbsd/sys/netinet6/raw_ipv6.c: enable IPv6 multicast routing
related setsockopt.
* kame/sys/netinet6/ip6_mroute.c: to enable openbsd users to perform
netstat -g, make mif6table a non-static variable. on openbsd
file static variables will not appear in kernel symbol table.
Thu Jul 13 16:09:57 JST 2000 itojun@iiljab.net
* netbsd/pkgsrc/net/bind9: upgrade to 9.0.0rc1.
Thu Jul 13 01:39:26 JST 2000 itojun@iijlab.net
* sys/kern/uipc_mbuf2.c: cleanup m_pulldown statistics.
(1) PULLDOWN_STAT is now a global compilation option (should be
put into kernel configuration file). (2) m_pulldown statistics
now belong to mbstat, and available via netstat -m (instead of
netstat -sn -f inet6). suggested by jinmei.
2000-07-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/sys/net/route.h: redefined the route structure so that it
can support protcols that have large socket address (e.g. IPv6).
Currently, this is enabled only with the NEW_STRUCT_ROUTE kernel
compilation option, but will be default once stabilized.
* many files mainly under the netinet and netinet6 directories
were also modified with this change.
2000-07-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_ifloop_request):
do not force rtrequest() to return an rtentry when executing the
DELETE operation, in order to avoid overdecreasing the refcnt.
Older versions might cause leak of rtentry when you delete an IPv6
address (via ifconfig, ndp -P, or something).
Fortunately, address deletion is not issued so often, the bug is
effectively not very serious. However, if you have chance to
update your kernel, it is of course recommended to apply this fix.
In particular, KAME's dtcp or ppp (for IPv6) users are highly
recommended to upgrade the kernel.
2000-07-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.h: commented out the definition of
ND6_LLINFO_WAITDELETE, which is not used any more.
* kame/sys/netinet6/nd6.c:
* kame/sys/netinet6/mip6_md.c:
* kame/kame/ndp/ndp.c:
removed ND6_LLINFO_WAITDELETE cases according to the above change.
2000-07-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_mroute.h: corrected the type of a member
of if_set{} from fd_mask to if_mask.
In response to PR sys/266 from pavlin@catarina.usc.edu.
2000-07-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (rt6_deleteroute): do not
(automatically) delete the static route in rt6_deleteroute(), even
if it uses a dead router.
2000-07-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c: some clarifications about neighbor
cache manipulation (this change does not affect behavior from the
user side, though):
- removed the ND6_LLINFO_WAITDELETE status. Actually, we can just
call rtrequest(RTM_DELETE) for an unreachable
neighbor. Reference to the neighbor cache entry from a cahced
route will be freed at the next time the route is used.
- also, we do not have to call pfctlinput(PRC_HOSTDEAD) in
nd6_free() for the same reason.
- do not set/refer the RTF_REJECT flag in neighbor cache
manipulation. It was just for (IPv4) arp-flooding prevention,
which is not necessary ND for IPv6.
2000-07-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/route6d/route6d.c: removed "ifndef ADVAPI"
parts. Since the advanced API has already been standardized,
implemented, and deployed, we don't need to take care of the older
kernel behavior (which is even confusing).
* *BSD/usr.sbin/route6d/Makefile: removed the -DADVAPI flag
according the change.
Mon Jul 10 14:43:40 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/{libpcap,tcpdump}: use 7/3 snapshot.
* freebsd3/ports/w3m: upgrade to 0.1.11.p.
Sun Jul 9 21:50:54 JST 2000 itojun@iijlab.net
* *bsd*/sys/netinet/tcp_input.c, kame/sys/netinet6/tcp6_input.c:
be more cautious about tcp option length field. drop bogus ones
earlier.
not sure if there is a real threat or not, but it seems that there's
possibility for overrun/underrun (like non-NOP option with
optlen > cnt). the bug is from 4.4BSD.
Sun Jul 9 13:39:22 JST 2000 itojun@iijlab.net
* libinet6/getaddrinfo.c: do not mistakenly accept empty scopeid.
Sun Jul 9 12:29:24 JST 2000 itojun@iijlab.net
* freebsd4/sys/net/if_ethersubr.c: repair IPV6_JOIN_GROUP(::).
Sat Jul 8 12:11:34 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/bind9: use bind 9.0.0b5
* netbsd/pkgsrc/net/{libpcap,tcpdump}: use 7/3 snapshot.
Sat Jul 8 10:57:36 JST 2000 itojun@iijlab.net
* {netbsd,openbsd}/usr.sbin/inetd: allow square-bracket for the first
element on inetd.conf, to disambiguate IPv6 address and colon
separator.
* openbsd/usr.sbin/inetd: handle IPv6 address in first element on
inetd.conf line.
Sat Jul 8 09:43:26 JST 2000 itojun@iijlab.net
* {bsdi3,openbsd,netbsd}/libexec/ftpd: plug setproctitle issue in
CERT Advisory CA-2000-13. NOTE: bsdi3 uses wu-ftpd. it may have
other vulnerabilities left in the code.
* netbsd/usr.sbin/inetd: improve error handling on getaddrinfo
(determine listening socket address). hints from enami.
Fri Jul 7 21:39:33 JST 2000 itojun@iijlab.net
* various places: audit use of printf-like functions, including
errx?, warnx?, setproctitle, and syslog. if we pass user-supplied
variable alone to these functions, they can be hosed by malicious
%-format string. from openbsd.
Thu Jul 6 20:43:57 JST 2000 itojun@iijlab.net
* openbsd/sys/netinet/tcp_*.c: remove IPv4 mapped support completely
from inbound packet processing. there were some corner cases not
covered by the code, and it caused SEGV due to inconsistency in
address family. sync with openbsd-current.
2000-07-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtadvd/if.c (if_getflags): made sure to close a
temporary socket to avoid making garbage sockets.
Wed Jul 5 12:08:16 JST 2000 suz@kame.net
* bsdi3/sys/conf/files.i386, bsdi3/sys/conf/GENERIC.KAME,
bsdi3/sys/i386/isa/{if_wi.c,if_wireg.h,wiioctl.h}
bsdi3/usr.sbin/wiconfig, bsdi3/usr.sbin/Makefile
ported WaveLAN driver and its configuration program from bsdi4
(geertj permitted it. Thanks!)
Wed Jul 5 11:30:39 JST 2000 itojun@iiljab.net
* {netbsd,openbsd,freebsd4}/lib/libinet6/getaddrinfo.c,
kame/libinet6/getaddrinfo.c:
return EAI_NODATA, instead of EAI_NONAME, on name resolution errors.
EAI_NONAME does not make sense in these situations
From: enami
Wed Jul 5 11:02:03 JST 2000 itojun@iijlab.net
* freebsd4: add netstat -sn -f pfkey.
Wed Jul 5 10:40:53 JST 2000 itojun@iijlab.net
* freebsd[234]: split IPv6 path MTU discovery-related sysctl from
net.inet.ip tree. FreeBSD SYSCTL_xxx does not have a way to report
duplicated definition into the same variable, it bites us many
times...
Wed Jul 5 02:25:11 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Implemented INITIAL-CONTACT.
This message is sent by single notify message after phase 1 established
immediately. It means the message is not included last exchange on
phase 1. So it can be sent by responder on aggressive/base mode.
If there is no remote address in contacted list, racoon sends the
message to peer. If the message is received, racoon deletes all
IPsec-SAs relatived to peer's address. It takes place both initiator
and responder side.
Tue Jul 4 21:36:16 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Racoon usually runs in background. If you specify -F option, you make
her running in foreground.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/mip6.c (mip6_add_ifaddr): use in6_update_ifa()
to assign an address instead of coping code from in6.c
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_update_ifa): newly added to update
parameters of an IPv6 interface address.
Basically, this function does nothing new, but made in6_control()
simple.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_control): completely obsoleted
SIOCSIFADDR_IN6, SIOCSIFDSTADDR_IN6, and SIOCSIFNETMASK_IN6.
We are quite confident there is no application that used these
commands, but if one exists, please let us know.
Tue Jul 4 18:33:20 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
don't delete phase 1/2 handler if some internal error occurs.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_is_ifloop_auto): removed an `ifdef'
part for openbsd, which made the function always return 0.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_unlink_ifa): newly added to release
various links for in6_ifaddr when deleting an address.
This function is also called from in6_control(), in order to
prevent the kernel from keeping a garbage structure on failure of
address addition.
Tue Jul 4 13:26:56 JST 2000 sakane@ydc.co.jp
* kame/sys/key.c:
A patch from <Francis.Dupont@enst-bretagne.fr> applied.
- fixed a interval to call key_timehandler.
- fixed a typo.
- added a value to be returned when some error happen.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_control): added several
improvements for sharing a single prefix with multiple addresses:
- install an interface direct route only when there's no shared
prefix. We'll never see unexpected EEXIST errors with this fix.
- call in6_ifaddloop()/in6_ifremloop() whenever necessary.
- do not call in6_ifaddloop()/in6_ifremloop() unless necessary.
- added several clarifications according to the ipv6 address
architecture.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/main.c (main_listen_accept): set the receiving
interface when accepting an on-link bgp connection.
* kame/kame/bgpd/bgp.c (bgp_process_open): detected a proper peer
for an incoming IBGP open message with link-local address.
These changes enabled an IBGP peer using link-local addresses.
Suggested by: Tomomi Suzuki <stomomi@ebina.hitachi.co.jp>
Tue Jul 4 10:25:13 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- Process to send a delete notify message only when phase 2 has
been established.
- added "dead" flag to a schedule. It is used to mark a schedule
already dead. don't delete a schedule at multiple place.
Tue Jul 4 08:44:11 JST 2000 itojun@iijlab.net
* netbsd/usr.sbin/inetd: remove duplicated ipsec initialization code
(used on SIGHUP).
2000-07-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/bgp.c (connect_try): made sure to zero-clear a
newly allocated buffer.
Report from: Tomomi Suzuki <stomomi@ebina.hitachi.co.jp>
Mon Jul 3 11:50:12 JST 2000 itojun@iijlab.net
* kame/sys/netinet/icmp6.h: avoid bitfields in router renumbering packet
declaration. XXX standards?
2000-07-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_input.c (ip6_input): immediately discarded
a packet to an unready (i.e. tentative or duplicated) address with
logging.
This change reflected recent discussion in the ipngwg ML.
Sun Jul 2 11:24:52 JST 2000 itojun@iijlab.net
* netbsd/sys/netinet/tcp_input.c, kame/sys/netinet6/in6_pcb.c:
repair netbsd faith support. (1) tcp6_input dropped faith'ed
connections (2) in6_pcblookup_connect() was too strict.
Sat Jul 1 20:57:57 JST 2000 itojun@iijlab.net
* kame/faithd: make it possible to invoke faithd(8) from inetd(8).
benefits: allows us to access-control inbound traffic by using
hosts.allow(5).
possible drawbacks: inetd mode has no chance for multi-connection-
per-single-process enhancement. current faithd(8) needs 1
process per 1 connection anyways.
<200006>
Fri Jun 30 17:45:23 JST 2000 sakane@ydc.co.jp
* freebsd[34]/usr.bin/whois.c:
ported whois for IPv6/4.
Thu Jun 29 16:24:35 JST 2000 itojun@iijlab.net
*/sys/netinet/in.c, kame/sys/netinet6/in6.c:
inhibit EEXIST from in{,6}_ifinit(). history: (1) 4.4BSD ignores
return value from in_ifinit() completely. (2) previous kame code
tried to handle error case better, the change raised bogus EEXIST
to the userland on two-address-from-same-prefix assignment.
Thu Jun 29 10:14:47 JST 2000 itojun@iijlab.net
* faithd/faithd.c, natptd/main.c, natptlog/natptlog.c: be more careful
about arg to syslog(3), to prevent possible buffer overrun.
From: deraadt@openbsd.org
2000-06-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: several minor improvements:
- daemonized dhcp6c.
- reactivated dhcp6c agains a SIGHUP signal or change of the
default route.
- changed logging based on syslog(8).
2000-06-28 SUZUKI Shinsuke <suz@kame.net>
* kame/sys/netinet6/ip6_fw.c
ip6fw works on FreeBSD-4.0 + KAME, too.
Wed Jun 28 15:01:09 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
improved sending a notify message including delete payload.
It's sent when one of below situations happens:
o receiving SADB_DELETE message from kernel.
o receiving SADB_FLUSH message from kernel.
o flushing phase2 handler.
Wed Jun 28 01:16:41 JST 2000 SUZUKI Shinsuke <suz@sdl.hitachi.co.jp>
* freebsd4/INSTALL
write up configuration-related matters for FreeBSD-4.0
Wed Jun 28 01:12:59 JST 2000 itojun@iijlab.net
* libinet6/name6.c: correct error handling in DNS name lookups.
Tue Jun 27 23:12:54 JST 2000 SUZUKI Shinsuke <suz@sdl.hitachi.co.jp>
* bsdi3/sbin/ifconfig/ifconfig.c: fixed error trap when given name
corresponds to multiple v6 addresses.
Tue Jun 27 14:01:39 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/emacs: upgrade to 20.7
Tue Jun 27 00:32:20 JST 2000 itojun@iijlab.net
* netbsd/sys/arch/*/conf/GENERIC.v6: enable PULLDOWN_TEST for all
architectures. this is done because mbuf pullup code in
sys/net/if_loop.c has been found to be a source of performance hit,
and PULLDOWN_TEST code is found to be stable enough.
* netbsd/sys/sys/mbuf.h: recover 4.4BSD MINCLSIZE.
Sun Jun 25 21:11:19 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* start to support FreeBSD 3.5-RELEASE. 3.4-RELEASE is obsolete.
Sat Jun 24 23:41:31 JST 2000 itojun@iijlab.net
* freebsd4/lib/libinet6/getnameinfo.c: correct NIS lookup. from ume.
Sat Jun 24 16:43:58 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/{libpcap,tcpdump}: upgrade to 6/19.
Sat Jun 24 02:20:33 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/wyvern: new port, a simple web server
* freebsd3/ports/tcpd: new tcpd from Artur Frysiak <wiget@pld.org.pl>
* freebsd3/ports/wget: fix security hole and use latest IPv6 patch
* freebsd3/ports/vnc: use latest IPv6 patch
Fri Jun 23 19:49:28 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/gbatnav: new port, a battleship game
* freebsd3/ports/mmosaic: upgrade to 3.6.2.
Thu Jun 22 17:40:37 JST 2000 sakane@ydc.co.jp
* kame/sys/netkey:
delete sadb_x_ident_id_addr. don't send a pair of addresses
by including acquire message to a user.