/
CHANGELOG
3818 lines (3126 loc) · 161 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
CHANGELOG for KAME kit
$KAME: CHANGELOG,v 1.1194 2000/08/13 19:08:30 sumikawa Exp $
<200008>
Mon Aug 14 13:05:11 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd3/ports/mozilla: upgrade to M17.
Sun Aug 13 11:09:44 JST 2000 itojun@iijlab.net
* kame/rtsold/rtsold.c: add -a flag, to autoprobe interface.
suggested by thorpej@netbsd.org
Sun Aug 13 09:45:09 JST 2000 itojun@iijlab.net
* kame/route6d: repair LP64 problem. from thorpej@netbsd.org
2000-08-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd: implemented an experimental (and KAME
proprietary) hello option "additional addresses".
* kame/kame/pim6sd/route.c (set_incoming): when upstream router
determination, consider neighbor's additional addresses got
through the new option. This solves a case of mismatch between RP
and PIM neighbor.
2000-08-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/main.c (cleanup): upon receipt of SIGTERM,
inform all neighbors the termination by sending a hello message
with 0 holdtime.
2000-08-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd3/usr.bin/netstat/if.c (intpr): supported IPv6 scoped
addresses format.
2000-08-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/pim6_proto.c (receive_pim6_bootstrap): added a
pair of braces to avoid unintentional failure.
In response to the PR kit/279 from Daniel Elphick
<de@ecs.soton.ac.uk>
2000-08-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd3/ports/bind9/: upgraded to 9.0.0rc2.
2000-08-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd4/include/.prepare: was added to ignore ifaddrs.h
conflict between the FreeBSD's original version and the KAME's
shared version.
In response to a report from Tetsuya Isaki
<isaki@net.ipc.hiroshima-u.ac.jp>
2000-08-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ping6/ping6.c (pr_pack): printed multple sets of
bitmaps for NI supported QTYPEs.
(from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>)
Fri Aug 11 12:00:47 JST 2000 suz@kame.net
* bsdi3/sys/netiso: if NEW_STRUCT_ROUTE is defined, just use
`struct route' instead of struct route_iso.
(compilable, but not tested)
Thu Aug 10 04:42:35 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Implemented responder lifetime selection. It does not conform to
the description of RFC2407 completely. There are three type of the
behavior by specifing the value of "proposal_check" in "remote"
directive.
In phase 2 case, a RESPONDER-LIFETIME notify payload includes into
the exchange if needed. To send the payload is not processed in
phase 1 case yet.
Thu Aug 10 01:19:58 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/bind9: upgrade to 9.0.0rc2.
Wed Aug 9 22:37:14 JST 2000 itojun@iijlab.net
* kame/ping6/ping6.c: support compresed DNS label string. be more
picky about DNS label validation.
Mon Aug 7 23:59:51 JST 2000 itojun@iijlab.net
* libinet6/resolv/res_send.c: correct sendto() timeout retry loop.
old code made infinite loop in EINTR-busy environment.
NetBSD PR 6410.
2000-08-07 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi4/sys/netiso: if NEW_STRUCT_ROUTE is defined, just use
`struct route' instead of struct route_iso.
(compilable, but not tested)
Sun Aug 6 05:41:47 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd4: we now start to support 4.1-RELEASE.
Fri Aug 4 00:16:00 JST 2000 itojun@iijlab.net
* kame/ping6/ping6.c: support icmp6 node information
"supported query types" query, by ping6 -t.
Thu Aug 3 05:36:23 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Improved to check a packet which is processed or not. The way is
to compare between the hash of a packet has been processed and the
list of hashs which are processed before.
Thu Aug 3 03:00:36 JST 2000 sakane@ydc.co.jp
* kame/sys/{netkey/{key.c,keydb.h},netinet6/ipsec.h}:
Improved lifetime handling. It uses real time instead of tick.
XXX year 2038 problem remains.
Thu Aug 3 00:49:58 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Tryed sending DELETE message against ISAKMP/IPsec SAs deleted
before racoon terminates.
Thu Aug 2 JST 2000 itojun@iijlab.net
* sys/netinet6/icmp6.c: implement icmp6 nodeinfo "supported qtypes".
* sys/netinet6: remove bogus DIAGNOSTIC cases for sizeof(ro.ro_dst).
Tue Aug 1 23:53:36 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/ja-mnews: upgrade to 1.22PL4.
2000-08-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi4/sys/netiso/tp_inet.c (tpip_output_dg):
* bsdi4/sys/netiso/tp_inet.c (tpip_ctlinput):
adjusted arguments to ip_output() and in_pcbnotify() for the
KAME code.
Tue Aug 1 04:03:29 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
No weak key check perform on racoon. She leaves this check to kernel.
Tue Aug 1 00:20:44 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd3/lib/libftpio: try IPv4 if IPv6 connecting was
failed.
From: FreeBSD-current
<200007>
Mon Jul 31 23:26:19 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/freebsd4/sys/net/if_types.h: move private use IFT_xx to
0xf0 for syncing FreeBSD-current.
* kame/freebsd3/sys/net/if_types.h: sort IFT_xx for syncing
FreeBSD-current.
WARNING: you must recomplie all KAME applications.
2000-07-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/(various files): made FAKE_LOOPBACK_IF default
(as previously announced). At this moment, the older behavior can
be specified by the "OLD_LOOPBACK_IF" kernel compilation option.
2000-07-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c: made ND6_USE_RTSOCK option default.
2000-07-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/vif.c (init_vifs):
* kame/kame/pim6sd/cfparse.y (phyint_config):
made sure to check if a valid global address exists after parsing
the configuration file, in order to avoid unexpected hang up.
From: Kengo NAGAHASHI <kenken@wide.ad.jp>
Sat Jul 29 JST 2000 itojun@iijlab.net
* freebsd2/bsdi3: repair NEW_STRUCT_ROUTE support.
Sat Jul 29 07:57:41 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/{libpcap,tcpdump}: use 2000/7/24 weekly snap
from tcpdump.org.
Fri 28 Jul 18:56:23 JST 2000 kjc@csl.sony.co.jp
* make altqd aware of token bucket regulators
- install a token bucket regulator when an interface is
attached unless there is already one installed.
- remove the installed tbr when the interface is detached.
Fri Jul 28 12:46:55 JST 2000 itojun@iijlab.net
* netbsd/sys/netinet/tcp_output.c: add missing call to tcp6_quench().
* GENERIC.v6 config file for all *BSD:
enable NEW_STRUCT_ROUTE and FAKE_LOOPBACK_IF for torture-testing,
which will be enabled by default soon.
Thu Jul 27 22:40:51 JST 2000 itojun@iijlab.net
* sys/netinet6/ip6_forward.c: do not forward packets with unspecified
IPv6 source. this is not on the documents, but it seems to have got
rough consensus on ipngwg (July 2000).
Thu Jul 27 12:16:52 JST 2000 itojun@iijlab.net
* tcp6 layer (all *BSD):
be proactive about unspecified IPv6 source address. pcb layer uses
unspecified address (::) to mean "unbounded" or "unconnected",
and can be confused by packets from outside.
Wed Jul 26 JST 2000 itojun@iijlab.net
* sys/netinet6: repair faith support. there are couple of mistakes
we had: (1) m->m_pkthdr.rcvif no longer points to faith* interface,
however, tcp/udp/icmp6 layer tried to check rcvif. this results in
mysterious icmp6 reply from faith relaying node, for translated
destinations. (2) in many places "faith.h" was not included
Wed 26 Jul 19:55:19 JST 2000 kjc@csl.sony.co.jp
* add tbrconfig(8), a tool to configure a token bucket regulator
for an interface.
(need ALTQ configured in the kernel. A SMP box should have
ALTQ_NOPCC not to use processor cycle counter)
tbrconfig(8) is originally written for tuning ALTQ, but
can be used as a handy tool to rate-limit an interface.
for example, to rate-limit the fxp0 interface up to 25Mbps,
# tbrconfig fxp0 25M auto
see tbrconfig(8) for more details.
Wed Jul 26 12:52:50 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Fixed to get a destination address when a packet is received from
a peer. It happened when a interface had similar multiple addresses.
Wed Jul 26 11:08:23 JST 2000 itojun@iijlab.net
* sys/netinet6/ip6_input.c: reject IPv6 packet with IPv4 mapped
address in the header. this makes more sense as we cannot be
put into SIIT environment (no BSD supports non-INET kernel
compilation). This is an undo for a change on Mar 28 2000.
Wed Jul 26 11:01:41 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/{libpcap,tcpdump}: use 2000/7/24 weekly snap
from tcpdump.org.
2000-07-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd3/usr.bin/telnet/commands.c (tn): set the source address
specfied by the -s option correctly.
KAME PR sys/272.
Tue 25 Jul 19:12:42 JST 2000 kjc@csl.sony.co.jp
* the first round of ALTQ interface mega cleanup:
- cleanup the system interface to the rest of the kernel.
(the second round cleans up altq internals.)
* bring in the new output queue model.
the new model removes "#ifdef ALTQ" from most of the
drivers, and thus, touches all the drivers used by ALTQ.
- the type of if_snd in struct ifnet is changed from
struct ifqueue to struct ifaltq.
- the altq related fields are moved from struct ifnet
to struct ifaltq.
- use the newly introduced IFQ_XXX macros instead of
IF_XXX macros
* the new altq mechanism consists of classifier, queueing
discipline, and token bucket regulator.
- add token bucket regulator to control network devices.
tbr decouples driver tuning from disciplines.
* other changes:
- removed 2 kernel config options
ALTQ_ACCOUNT: should be part of classifier
AFMAP: doesn't really belong to altq
- added kernel option
ALTQ_NOPPC: do not use processor cycle counter
- support alpha architecture on netbsd/openbsd.
make use of alpha_rpcc() for a high resolution clock.
- add new driver support: ex, wi, tun, ppp
- some other style(9) cleanup
Mon Jul 24 23:34:26 JST 2000 itojun@iijlab.net
* *bsd*/usr.bin/telnet/commands.c: do not use IPV6_PKTOPTIONS in
2292bis API environment. IPv6 source route is temporarily disabled.
* libinet6/if_nameindex.c: malloc length computation bug. from kjc.
Mon Jul 24 09:31:25 JST 2000 itojun@iijlab.net
* sys/netinet6/in6.h: try to provide binary backward compatibility for
RFC2292 API, deployed into freebsd40/netbsd15/openbsd27.
TODO: check 2292/bis-on-TCP behavior.
PLEASE RECOMPILE ALL KAME USERLAND BINARIES.
Mon Jul 24 08:22:29 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/netperf: use the latest IPv6 patch (7/21).
Sat Jul 22 01:05:03 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Trying to conform with draft-ietf-mobileip-ipv6-12. If "support_mip6"
in remote directive is on, both values of ID payloads in phase 2
exchange are always used as the addresses of end-point of IPsec-SAs.
Sat Jul 22 JST 2000 itojun@iijlab.net
* sys/netinet6/esp_core.c: cache intermediate key for ESP encryption
algorithms, into SAs. this will drastically improve performance
for algorithms with long key setup time (blowfish).
KAME PR 229. suggested by sommerfeld.
Fri Jul 21 22:37:44 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/mail/sendmail.beta: use 8.11.0.
* netbsd/pkgsrc/net/netperf: use the latest IPv6 patch (7/21).
2000-07-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/bgp.c: clarification about the advanced API;
do not use IPV6_PKTOPTIONS in pure RFC2292 (i.e. not 2292bis)
paths.
Thu Jul 20 01:52:59 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/{libpcap,tcpdump}: use 7/17 weekly snap.
* freebsd3/ports/mtr: use latest IPv6 patch.
Wed Jul 19 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- when racoon is running local test mode, AND initial contact is
received, don't delete phase 2 SA.
- more improve to delete phase 1 SA on receiving initial contact.
Wed Jul 19 22:22:47 JST 2000 itojun@iiljab.net
* kame/rtsold/rtsol.c, kame/rtadvd/rtadvd.c: ip6_var.h requires
sys/queue.h.
* netbsd/pkgsrc/net/{libpcap,tcpdump}: use 7/17 weekly snap.
Tue Jul 18 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- don't send notify message in processing of information exchange.
- fixed a possible memory leak when error occure.
- added some message about comparing each values in proposal.
- improved to delete phase1 SA when delete message is received OR
initial contact is received.
Mon Jul 17 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- commented when id payload of subnet type with full bit masked.
Mon Jul 17 18:45:11 JST 2000 itojun@iijlab.net
* sys/netkey/key.c: allow ESP with no authentication. it was
mistakenly forbidden with the recent key.c change.
Mon Jul 17 03:31:47 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/ruby: upgrade to 1.4.5.
Sun Jul 16 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- commented when id payload of subnet type with full bit masked.
- racoon.conf are updated about padding option.
Sun Jul 16 16:44:24 JST 2000 itojun@iijlab.net
* sys/netinet6/ip6_forward.c: enable IPSEC_IPV6FWD case by default.
(actually, previous default behavior was wrong as it transmits
forwarded packets in clear, even though the policy asks for
encryption)
Sun Jul 16 14:32:58 JST 2000 itojun@iijlab.net
* kame/ping6:
- check duplicated replies for node information query (*)
- fill nonce field for node information query (*)
- use generic icmp6 printer for echo/echo reply/ni reply/ni reply,
when ident/nonce does not match
- clarlify outgoing packet construction a bit
(*) based on patch from yoshfuji, cleaned up by itojun
Sun Jul 16 13:26:12 JST 2000 itojun@iijlab.net
* sys/netinet6/icmp6.c: ICMPv6 node information query now based on
06 draft (ping6 -w).
Sun Jul 16 00:57:23 JST 2000 itojun@iijlab.net
* sys/netinet6/in6.h; do not pull sys/queue.h in (it is not
necessary anyways)
* sys/net/pfkeyv2.h: correct conformance to RFC2367 (SADB_[EA]ALG_xx
symbol name). beware: the change breaks backward compatibility.
setkey and racoon MUST be recompiled after updating include files.
Sat Jul 15 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- fixed the place of checking whether delete payload is protected
when delete notification is received.
- When a IKE node receive a delete payload, the node always delete
outbount SAs only. So destination IP address have to check before
SA will be deleted.
- Delete phase 1 handler when a delete notification has been received.
Renamed purge_spi() to purge_ipsec_spi() accompanied with above
chanege.
- commented about the reason why we don't send delete payload
for outbound SAs.
- added a option to randomize values in a padding. clarified to
randomize length.
- fixed some of memory leak.
Sat Jul 15 13:51:59 JST 2000 itojun@iijlab.net
* kame/route6d: if a routing entry exists for aggregate prefix (-A),
do not overwrite it (exit with error). it should be a safer behavir.
Fri Jul 14 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- enable to switch sending initial contact.
- try to send delete payload on phase 1 when phase 1 sa is deleted
- fixed to compare address family in two sockaddrs.
- fixed making a length of IPv6 ID payload. it was used a length of
struct in_addr.
- fixed a part of sending a notification on phase 2.
- fixed making a ID payload of type of IPv4 address. There was
unnecessary space in a address part.
Thu Jul 13 22:27:18 JST 2000 itojun@iijlab.net
* openbsd/sys/netinet6/raw_ipv6.c: enable IPv6 multicast routing
related setsockopt.
* kame/sys/netinet6/ip6_mroute.c: to enable openbsd users to perform
netstat -g, make mif6table a non-static variable. on openbsd
file static variables will not appear in kernel symbol table.
Thu Jul 13 16:09:57 JST 2000 itojun@iiljab.net
* netbsd/pkgsrc/net/bind9: upgrade to 9.0.0rc1.
Thu Jul 13 01:39:26 JST 2000 itojun@iijlab.net
* sys/kern/uipc_mbuf2.c: cleanup m_pulldown statistics.
(1) PULLDOWN_STAT is now a global compilation option (should be
put into kernel configuration file). (2) m_pulldown statistics
now belong to mbstat, and available via netstat -m (instead of
netstat -sn -f inet6). suggested by jinmei.
2000-07-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/sys/net/route.h: redefined the route structure so that it
can support protcols that have large socket address (e.g. IPv6).
Currently, this is enabled only with the NEW_STRUCT_ROUTE kernel
compilation option, but will be default once stabilized.
* many files mainly under the netinet and netinet6 directories
were also modified with this change.
2000-07-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_ifloop_request):
do not force rtrequest() to return an rtentry when executing the
DELETE operation, in order to avoid overdecreasing the refcnt.
Older versions might cause leak of rtentry when you delete an IPv6
address (via ifconfig, ndp -P, or something).
Fortunately, address deletion is not issued so often, the bug is
effectively not very serious. However, if you have chance to
update your kernel, it is of course recommended to apply this fix.
In particular, KAME's dtcp or ppp (for IPv6) users are highly
recommended to upgrade the kernel.
2000-07-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.h: commented out the definition of
ND6_LLINFO_WAITDELETE, which is not used any more.
* kame/sys/netinet6/nd6.c:
* kame/sys/netinet6/mip6_md.c:
* kame/kame/ndp/ndp.c:
removed ND6_LLINFO_WAITDELETE cases according to the above change.
2000-07-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_mroute.h: corrected the type of a member
of if_set{} from fd_mask to if_mask.
In response to PR sys/266 from pavlin@catarina.usc.edu.
2000-07-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (rt6_deleteroute): do not
(automatically) delete the static route in rt6_deleteroute(), even
if it uses a dead router.
2000-07-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c: some clarifications about neighbor
cache manipulation (this change does not affect behavior from the
user side, though):
- removed the ND6_LLINFO_WAITDELETE status. Actually, we can just
call rtrequest(RTM_DELETE) for an unreachable
neighbor. Reference to the neighbor cache entry from a cahced
route will be freed at the next time the route is used.
- also, we do not have to call pfctlinput(PRC_HOSTDEAD) in
nd6_free() for the same reason.
- do not set/refer the RTF_REJECT flag in neighbor cache
manipulation. It was just for (IPv4) arp-flooding prevention,
which is not necessary ND for IPv6.
2000-07-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/route6d/route6d.c: removed "ifndef ADVAPI"
parts. Since the advanced API has already been standardized,
implemented, and deployed, we don't need to take care of the older
kernel behavior (which is even confusing).
* *BSD/usr.sbin/route6d/Makefile: removed the -DADVAPI flag
according the change.
Mon Jul 10 14:43:40 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/{libpcap,tcpdump}: use 7/3 snapshot.
* freebsd3/ports/w3m: upgrade to 0.1.11.p.
Sun Jul 9 21:50:54 JST 2000 itojun@iijlab.net
* *bsd*/sys/netinet/tcp_input.c, kame/sys/netinet6/tcp6_input.c:
be more cautious about tcp option length field. drop bogus ones
earlier.
not sure if there is a real threat or not, but it seems that there's
possibility for overrun/underrun (like non-NOP option with
optlen > cnt). the bug is from 4.4BSD.
Sun Jul 9 13:39:22 JST 2000 itojun@iijlab.net
* libinet6/getaddrinfo.c: do not mistakenly accept empty scopeid.
Sun Jul 9 12:29:24 JST 2000 itojun@iijlab.net
* freebsd4/sys/net/if_ethersubr.c: repair IPV6_JOIN_GROUP(::).
Sat Jul 8 12:11:34 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/bind9: use bind 9.0.0b5
* netbsd/pkgsrc/net/{libpcap,tcpdump}: use 7/3 snapshot.
Sat Jul 8 10:57:36 JST 2000 itojun@iijlab.net
* {netbsd,openbsd}/usr.sbin/inetd: allow square-bracket for the first
element on inetd.conf, to disambiguate IPv6 address and colon
separator.
* openbsd/usr.sbin/inetd: handle IPv6 address in first element on
inetd.conf line.
Sat Jul 8 09:43:26 JST 2000 itojun@iijlab.net
* {bsdi3,openbsd,netbsd}/libexec/ftpd: plug setproctitle issue in
CERT Advisory CA-2000-13. NOTE: bsdi3 uses wu-ftpd. it may have
other vulnerabilities left in the code.
* netbsd/usr.sbin/inetd: improve error handling on getaddrinfo
(determine listening socket address). hints from enami.
Fri Jul 7 21:39:33 JST 2000 itojun@iijlab.net
* various places: audit use of printf-like functions, including
errx?, warnx?, setproctitle, and syslog. if we pass user-supplied
variable alone to these functions, they can be hosed by malicious
%-format string. from openbsd.
Thu Jul 6 20:43:57 JST 2000 itojun@iijlab.net
* openbsd/sys/netinet/tcp_*.c: remove IPv4 mapped support completely
from inbound packet processing. there were some corner cases not
covered by the code, and it caused SEGV due to inconsistency in
address family. sync with openbsd-current.
2000-07-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtadvd/if.c (if_getflags): made sure to close a
temporary socket to avoid making garbage sockets.
Wed Jul 5 12:08:16 JST 2000 suz@kame.net
* bsdi3/sys/conf/files.i386, bsdi3/sys/conf/GENERIC.KAME,
bsdi3/sys/i386/isa/{if_wi.c,if_wireg.h,wiioctl.h}
bsdi3/usr.sbin/wiconfig, bsdi3/usr.sbin/Makefile
ported WaveLAN driver and its configuration program from bsdi4
(geertj permitted it. Thanks!)
Wed Jul 5 11:30:39 JST 2000 itojun@iiljab.net
* {netbsd,openbsd,freebsd4}/lib/libinet6/getaddrinfo.c,
kame/libinet6/getaddrinfo.c:
return EAI_NODATA, instead of EAI_NONAME, on name resolution errors.
EAI_NONAME does not make sense in these situations
From: enami
Wed Jul 5 11:02:03 JST 2000 itojun@iijlab.net
* freebsd4: add netstat -sn -f pfkey.
Wed Jul 5 10:40:53 JST 2000 itojun@iijlab.net
* freebsd[234]: split IPv6 path MTU discovery-related sysctl from
net.inet.ip tree. FreeBSD SYSCTL_xxx does not have a way to report
duplicated definition into the same variable, it bites us many
times...
Wed Jul 5 02:25:11 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Implemented INITIAL-CONTACT.
This message is sent by single notify message after phase 1 established
immediately. It means the message is not included last exchange on
phase 1. So it can be sent by responder on aggressive/base mode.
If there is no remote address in contacted list, racoon sends the
message to peer. If the message is received, racoon deletes all
IPsec-SAs relatived to peer's address. It takes place both initiator
and responder side.
Tue Jul 4 21:36:16 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Racoon usually runs in background. If you specify -F option, you make
her running in foreground.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/mip6.c (mip6_add_ifaddr): use in6_update_ifa()
to assign an address instead of coping code from in6.c
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_update_ifa): newly added to update
parameters of an IPv6 interface address.
Basically, this function does nothing new, but made in6_control()
simple.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_control): completely obsoleted
SIOCSIFADDR_IN6, SIOCSIFDSTADDR_IN6, and SIOCSIFNETMASK_IN6.
We are quite confident there is no application that used these
commands, but if one exists, please let us know.
Tue Jul 4 18:33:20 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
don't delete phase 1/2 handler if some internal error occurs.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_is_ifloop_auto): removed an `ifdef'
part for openbsd, which made the function always return 0.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_unlink_ifa): newly added to release
various links for in6_ifaddr when deleting an address.
This function is also called from in6_control(), in order to
prevent the kernel from keeping a garbage structure on failure of
address addition.
Tue Jul 4 13:26:56 JST 2000 sakane@ydc.co.jp
* kame/sys/key.c:
A patch from <Francis.Dupont@enst-bretagne.fr> applied.
- fixed a interval to call key_timehandler.
- fixed a typo.
- added a value to be returned when some error happen.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_control): added several
improvements for sharing a single prefix with multiple addresses:
- install an interface direct route only when there's no shared
prefix. We'll never see unexpected EEXIST errors with this fix.
- call in6_ifaddloop()/in6_ifremloop() whenever necessary.
- do not call in6_ifaddloop()/in6_ifremloop() unless necessary.
- added several clarifications according to the ipv6 address
architecture.
2000-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/main.c (main_listen_accept): set the receiving
interface when accepting an on-link bgp connection.
* kame/kame/bgpd/bgp.c (bgp_process_open): detected a proper peer
for an incoming IBGP open message with link-local address.
These changes enabled an IBGP peer using link-local addresses.
Suggested by: Tomomi Suzuki <stomomi@ebina.hitachi.co.jp>
Tue Jul 4 10:25:13 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
- Process to send a delete notify message only when phase 2 has
been established.
- added "dead" flag to a schedule. It is used to mark a schedule
already dead. don't delete a schedule at multiple place.
Tue Jul 4 08:44:11 JST 2000 itojun@iijlab.net
* netbsd/usr.sbin/inetd: remove duplicated ipsec initialization code
(used on SIGHUP).
2000-07-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/bgp.c (connect_try): made sure to zero-clear a
newly allocated buffer.
Report from: Tomomi Suzuki <stomomi@ebina.hitachi.co.jp>
Mon Jul 3 11:50:12 JST 2000 itojun@iijlab.net
* kame/sys/netinet/icmp6.h: avoid bitfields in router renumbering packet
declaration. XXX standards?
2000-07-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_input.c (ip6_input): immediately discarded
a packet to an unready (i.e. tentative or duplicated) address with
logging.
This change reflected recent discussion in the ipngwg ML.
Sun Jul 2 11:24:52 JST 2000 itojun@iijlab.net
* netbsd/sys/netinet/tcp_input.c, kame/sys/netinet6/in6_pcb.c:
repair netbsd faith support. (1) tcp6_input dropped faith'ed
connections (2) in6_pcblookup_connect() was too strict.
Sat Jul 1 20:57:57 JST 2000 itojun@iijlab.net
* kame/faithd: make it possible to invoke faithd(8) from inetd(8).
benefits: allows us to access-control inbound traffic by using
hosts.allow(5).
possible drawbacks: inetd mode has no chance for multi-connection-
per-single-process enhancement. current faithd(8) needs 1
process per 1 connection anyways.
<200006>
Fri Jun 30 17:45:23 JST 2000 sakane@ydc.co.jp
* freebsd[34]/usr.bin/whois.c:
ported whois for IPv6/4.
Thu Jun 29 16:24:35 JST 2000 itojun@iijlab.net
*/sys/netinet/in.c, kame/sys/netinet6/in6.c:
inhibit EEXIST from in{,6}_ifinit(). history: (1) 4.4BSD ignores
return value from in_ifinit() completely. (2) previous kame code
tried to handle error case better, the change raised bogus EEXIST
to the userland on two-address-from-same-prefix assignment.
Thu Jun 29 10:14:47 JST 2000 itojun@iijlab.net
* faithd/faithd.c, natptd/main.c, natptlog/natptlog.c: be more careful
about arg to syslog(3), to prevent possible buffer overrun.
From: deraadt@openbsd.org
2000-06-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: several minor improvements:
- daemonized dhcp6c.
- reactivated dhcp6c agains a SIGHUP signal or change of the
default route.
- changed logging based on syslog(8).
2000-06-28 SUZUKI Shinsuke <suz@kame.net>
* kame/sys/netinet6/ip6_fw.c
ip6fw works on FreeBSD-4.0 + KAME, too.
Wed Jun 28 15:01:09 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
improved sending a notify message including delete payload.
It's sent when one of below situations happens:
o receiving SADB_DELETE message from kernel.
o receiving SADB_FLUSH message from kernel.
o flushing phase2 handler.
Wed Jun 28 01:16:41 JST 2000 SUZUKI Shinsuke <suz@sdl.hitachi.co.jp>
* freebsd4/INSTALL
write up configuration-related matters for FreeBSD-4.0
Wed Jun 28 01:12:59 JST 2000 itojun@iijlab.net
* libinet6/name6.c: correct error handling in DNS name lookups.
Tue Jun 27 23:12:54 JST 2000 SUZUKI Shinsuke <suz@sdl.hitachi.co.jp>
* bsdi3/sbin/ifconfig/ifconfig.c: fixed error trap when given name
corresponds to multiple v6 addresses.
Tue Jun 27 14:01:39 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/emacs: upgrade to 20.7
Tue Jun 27 00:32:20 JST 2000 itojun@iijlab.net
* netbsd/sys/arch/*/conf/GENERIC.v6: enable PULLDOWN_TEST for all
architectures. this is done because mbuf pullup code in
sys/net/if_loop.c has been found to be a source of performance hit,
and PULLDOWN_TEST code is found to be stable enough.
* netbsd/sys/sys/mbuf.h: recover 4.4BSD MINCLSIZE.
Sun Jun 25 21:11:19 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* start to support FreeBSD 3.5-RELEASE. 3.4-RELEASE is obsolete.
Sat Jun 24 23:41:31 JST 2000 itojun@iijlab.net
* freebsd4/lib/libinet6/getnameinfo.c: correct NIS lookup. from ume.
Sat Jun 24 16:43:58 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/{libpcap,tcpdump}: upgrade to 6/19.
Sat Jun 24 02:20:33 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/wyvern: new port, a simple web server
* freebsd3/ports/tcpd: new tcpd from Artur Frysiak <wiget@pld.org.pl>
* freebsd3/ports/wget: fix security hole and use latest IPv6 patch
* freebsd3/ports/vnc: use latest IPv6 patch
Fri Jun 23 19:49:28 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/gbatnav: new port, a battleship game
* freebsd3/ports/mmosaic: upgrade to 3.6.2.
Thu Jun 22 17:40:37 JST 2000 sakane@ydc.co.jp
* kame/sys/netkey:
delete sadb_x_ident_id_addr. don't send a pair of addresses
by including acquire message to a user.
* kame/kame/racoon/pfkey.c:
SADB_EXT_IDENTITY_{SRC,DST} is not required to parse SADB_ACQUIRE
message any more.
Thu Jun 22 17:45:40 JST 2000 itojun@iijlab.net
* openbsd/sys/dev/ic/xl.c: disable multicast hash filer setup on 905B,
since the code does not do the right thing. (sync with
openbsd-current)
Thu Jun 22 03:45:41 JST 2000 itojun@iijlab.net
* kame/sys/netinet6/raw_ip6.c, {bsdi4,openbsd}/sys/netinet6/raw_ipv6.c:
correct RFC2292bis interface selection support for
multicast packets. KAME PR261.
Wed Jun 21 17:07:55 JST 2000 itojun@iijlab.net
* sys/netinet6/in6_src.c: make in6_recoverscope() friendly with
!FAKE_LOOPBACK_IF compilation. with previous code in6_recoverscope()
may fail to convert kernel internal representation into sockaddr_in6.
Wed Jun 21 03:18:47 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/leafnode+: IPv6 enabled leafnode+-2.10
From: yoshfuji@ecei.tohoku.ac.jp
Wed Jun 21 03:00:16 JST 2000 itojun@iijlab.net
* openbsd/sys/dev/pcmcia/if_wi.c: make IPv6 work on wavelan cards.
2000-06-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/net/if_gif.c (gif_ioctl): made sure to cast the
argument to in6_aliasreq{} for the SIOCSIFPHYADDR_IN6 command.
Without this, the validation check would reject correct requests;
i.e. you couldn't configure IPv6 physical addresses.
In response to a report from FUJIURA Toyonori <toyo@jp.freebsd.org>
2000-06-20 SUZUKI Shinsuke <suz@sdl.hitachi.co.jp>
* kame/kame/ndp/ndp.c (delete, get)
supported <link-local_addr>%<link ID> on "ndp -d" and "ndp (addr)".
Tue Jun 20 14:55:10 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/openssh: upgrade to 2.1.0
* freebsd3/ports/bind9: upgrade to 9.0.0b4
* freebsd3/ports/lftp: upgrade to 2.2.3
* freebsd3/ports/mozilla: upgrade to M16
Tue Jun 20 12:49:28 JST 2000 itojun@iijlab.net
* sys/netinet6/in6_proto.c: disable rate limitation for ICMPv6 error,
since (1) it makes no sense to put less-than-10ms value to here
due to UNIX timer resolution, and (2) it seems wrong to rate-limit
without considering content of the payload (like ICMPV6 type/code).
we still have pps limitation. based on comments from kjc.
Tue Jun 20 11:44:19 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/bind9: use bind 9.0.0b4.
2000-06-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_output.c (ip6_ctloutput): corrected logic
of error detection for sooptcopyin(). This will fix the problem
that traditional RFC2292 compatible mode did not work for some
socket options (e.g. IPV6_PKTINFO) on freebsd[34].
Mon Jun 19 18:23:15 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
A path name in configuration file is always complemented if it is
not begin from slash(/). If it's begin from slash, a path name
never be complemented.
Mon Jun 19 16:51:24 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
If "non_auth" is defined in racoon.conf, any transform of AH proposal
including "non_auth" is not sent to the peer.
2000-06-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_output.c (ip6_output): jumped to the
"freehdrs" label before making the header chain in order to avoid
possible memory leak.
In response to the KAME problem report sys/259.
Mon Jun 19 07:41:31 JST 2000 itojun@iijlab.net
* libinet6/resolv/res_{init,send}.c: be more backward-compatible with
past behavior. some userland code may not initialize
nsaddr_list.sa_len.
Mon Jun 19 04:42:55 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/{libpcap,tcpdump}: use 6/12 snapshot from
tcpdump.org.
Mon Jun 19 04:15:23 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd4/sys: Security fix "FreeBSD-SA-00:25 FreeBSD/Alpha
platform lacks kernel pseudo-random number generator, some
applications fail to detect this."
From: http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-08&msg=20000612215144.D1A3B37BBF7@hub.freebsd.org
2000-06-18 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd[34]/sys/netinet6/udp6_usrreq.c (udp6_attach):
initialized inp_ip_ttl in udp6_attach for mapped addresses.
in response to a report from Hideaki YOSHIFUJI
<yoshfuji@ecei.tohoku.ac.jp> (KAME-snap 2738)
2000-06-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* {netbsd, openbsd}/usr.bin/netstat/inet6.c (icmp6_stats):
printed number of icmp6 error messages not sent due to rate
limitation.
Fri Jun 16 05:01:24 JST 2000 itojun@iijlab.net
* openbsd/sys: sync with OpenBSD 2.7
TODO: userland cleanup. tests (i386/conf/GENERIC.KAME compiles but
not tested).
kame/openbsd/ports does not work. we may want to remove those.
If you wish to upgrade to KAME-on-OpenBSD 2.7, make sure to
perform "make clean" at the top level to nuke symlinks, like:
% make TARGET=openbsd clean update prepare
make VERY sure that you use kame-supplied tools (like
/usr/local/v6/sbin/ping6) instead of normal ones (/sbin/ping6)
if you use KAME-enabled kernel. there are API changes between them.
Thu Jun 15 22:41:16 JST 2000 itojun@iijlab.net
* kame/sys/netkey/key.c: correct compilation without IPSEC_ESP.
From: Matthias Drochner <M.Drochner@fz-juelich.de>
Thu Jun 15 21:22:35 JST 2000 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
Fixed extension length of two key extension when dumping SA.
setkey was failed to print keys if SA has both encryption and
authentication keys.
Thu Jun 15 14:44:30 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
CR payload is only made if signature authentication method is applied.
Thu Jun 15 13:29:29 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon/cfparse.y:
In racoon.conf, the path of configuration file is complemented by
include directive only if there is no '/' in the path.
Thu Jun 15 13:08:25 JST 2000 iotjun@iijlab.net
* sys/netinet6/ipsec.[ch]: net.inet.ipsec.inbound_call_ike sysctl
MIB is now gone for good.
Thu Jun 15 10:01:47 JST 2000 itojun@iijlab.net
* libinet6/resolv/res_init.c: make _res.nsaddr_list initialization
more conservative when resolv.conf is missing (or there is no
"nameserver" line). previous code chokes on IPv4-only kernel.
merge from netbsd-current.
2000-06-15 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (defrouter_msg): was added to tell
user processes changes about the default router (including
deletion). This function would be called from defrouter_addreq,
defrouter_addifreq, and defrouter_delreq.
Note: this is currently experimental and is only enabled with the
ND6_USE_RTSOCK kernel compilation option.
Thu Jun 15 02:18:24 2000 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/zebra: upgrade to 0.87.
* freebsd3/ports/ruby: use 1.4.4.
Thu Jun 15 02:07:53 JST 2000 itojun@iijlab.net
* kame/man/man4/inet6.4, *bsd*/usr.sbin/inetd/inetd.8:
update wording on IPv4 mapped address and tcp4/tcp6 interaction.
Wed Jun 14 23:35:03 JST 2000 itojun@iijlab.net
* {netbsd,openbsd}/libexec/ftpd: correct STAT command output for LPSV.
* libinet6/resolv/res_query.c: change member name for struct res_target.
"class" conflicts with C++ reserved identifier.
From: Graham Wheeler <gram@cequrux.com>
2000-06-14 SUZUKI Shinsuke <suz@sdl.hitachi.co.jp>
* sys/net/if_dummy.c, freebsd4/sys/conf/files:
dummy I/F is available on FreeBSD4.0, too.
* freebsd4/sys/conf/options, freebsd4/sys/conf/files
freebsd4/sys/sys/mbuf.h
FreeBSD-4.0 KAME with MIP6 option is available.
add mbuf flag M_PROTO6 and use it for M_MIP6TUNNEL.
Wed Jun 14 20:14:47 JST 2000 itojun@iijlab.net
* sys/netinet6/esp_core.c: pass encryption failure code up to ESP
engine, just in case the encryption routine fails.
Tue Jun 13 21:11:28 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra: upgrade to 0.87.
Tue Jun 13 20:08:38 JST 2000 itojun@iijlab.net
* openbsd/sys/netinet/udp_usrreq.c, openbsd/sys/netinet6/raw_ipv6.c:
correct scoped address handling.
2000-06-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_purgeaddr): tried to restore an
interface direct route if we have an address that shares the same
prefix with the deleted address.
This would improve behavior in multi-address environments;
if you assigned multiple addresses that shared a same prefix and
then remove one of them, the interface direct route corresponding
to the address would still remain.
2000-06-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_ifremloop): always called
in6_ifloop_request regardless of the result of
in6_is_ifloop_auto(), in order to make sure to invalidate a stale
route entry for a deleted address.
Note: bsdi doesn't need this fix.
2000-06-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_input.c (ip6_input): avoided to use the
cached route for forwarding, if it is down.
This fix would prevent the input routine from accepting a packet
to already removed address.
Tue Jun 13 14:29:12 JST 2000 itojun@iijlab.net
* netbsd/sbin/setkey: move setkey from usr.sbin/setkey to sbin/setkey.
we need it for encrypted NFS (sync better with netbsd-current).
Tue Jun 13 14:07:24 JST 2000 itojun@iijlab.net
* kame/racoon/safefile.c: be more picky about secret file permission.
now pre-shared key file (psk.txt) is required to be owned by the
uid running racoon (= root), and must not be accessible by others
(like 0400).
2000-06-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (in6_ifadd): made sure to gain a
reference counter to in6_ifaddr for the autoconfigured address
in bsdi and freebsd2 cases.
This fix would be important to those OSes, since the older code
woulde cause duplicated free when the lifetime for the address
expired.
2000-06-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/common.c (getifaddr): corrected arguments to
in6_addrscopebyif().
In response to a report from Hajimu UMEMOTO<ume@bisd.hitachi.co.jp>
Tue Jun 13 03:39:42 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
send error message against sadb_acquire message to the kernel
when IPsec-SA negotiation fail.
Mon Jun 12 16:52:29 JST 2000 itojun@iijlab.net
* netbsd/pkgsrc/lang/ruby: use 1.4.4.
Mon Jun 12 14:53:22 JST 2000 sakane@ydc.co.jp
* kame/kame/racoon:
Add to handle CR payload on main/aggressive mode.
No Certificate Authority field is included to CR payload at the moment.
Becuase any certificate authority are accepted without any check.
Mon Jun 12 JST 2000 itojun@iijlab.net
* sys/netkey/key.c: transmit SADB_X_SA2 from kernel to userland
on SADB_ADD and SADB_UPDATE. without it latest racoon does not work.
Mon Jun 12 12:34:02 JST 2000 itojun@iijlab.net
* libinet6/getnameinfo.c: use EAI_xx for error code. rfc2553bis
suggests it. the commit corrects old behavior on invalid socket,
where getnameinfo returned 0 (success).
Mon Jun 12 08:51:25 JST 2000 itojun@iijlab.net
* sys/netkey/key.c: correct prefix length match on destination address.
the code used source prefix len on comparision by mistake.
From: Ronald van der Pol <Ronald.vanderPol@surfnet.nl>
2000-06-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.[s]bin/netstat/inet6.c (icmp6_stats): printed new
statistics counters about error messages (see below).
2000-06-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet/icmp6.h: added a new structure icmp6errstat{}
to count more precise statistics of error messages to be generated.
* kame/sys/netinet6/icmp6.c (icmp6_errcount): added as a new
function in order to count the precise statistics.
2000-06-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.[s]bin/netstat/inet6.c (ip6_stats): printed new
statistics counters of forward cache for incoming packets (see
below).
2000-06-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>