/
CHANGELOG
904 lines (743 loc) · 36.7 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
$KAME: CHANGELOG,v 1.2457 2003/08/15 06:06:57 suz Exp $
<200308>
2003-08-15 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* kame/kame/pim6sd/{cfparse.y, mrt.[ch], pim6_proto.c, rp.c}
Now static-RP configuration can work together with bootstrap-
message-based RP configuration
2003-08-10 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* kame/{freebsd5, kame}
sync with FreeBSD-5.1 RELEASE (behaviour is not confirmed yet)
2003-08-07 MOMOSE Tsuyoshi <t-momose@netlab.nec.co.jp>
* kame/kame/had/mpa.c,haadisc.c
A home address should be passed in the source address of a mobile
solicit pakcet. This problem was reported and donated the code by
Kenichi Yajima <yajima@netlab.nec.co.jp>
2003-08-07 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/cftoken.l: use a stronger lexical check for
interface names.
From: Hajimu UMEMOTO <ume@mahoroba.org>
* kame/kame/dhcp6/config.c (configure_interface): check interfaces
specified in the configuration file really exist.
2003-08-05 Hideki ONO <ono@soft.net.fujitsu.co.jp>
* removed vrrp6 support because it might be a patent infringement.
http://www.ietf.org/ietf/IPR/cisco-ipr-draft-ietf-vrrp-ipv6-spec.txt
2003-08-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: implemented various clarifications and some new
features:
- supported DNS name and NTP servers options
- dhcp6s now uses the server/relay port to send a relay-rely
message
- dhcp6s now ignores a rebind message when it cannot find a
binding, according to prefix-delegation-04
- dhcp6relay now accepts relay-reply messages on the socket
listening on the server/relay port
* The DHCPv6 implementation is now built by default under
*bsd/usr.sbin/.
<200307>
Thu Jul 31 19:19:48 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_mncore.c,mip6_cncore.c
sending/receiving a binding refresh request message is supported.
Tue Jul 29 17:09:15 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_mncore.[hc]
select a CoA using the source address selection like algorithm.
suggested by Francis.Dupont@enst-bretagne.fr.
2003-07-28 MOMOSE Tsuyoshi <t-momose@netlab.nec.co.jp>
* sys/netinet6/{ip6_output.c, ip6_var.h, mip6_cncore.c,
mip6_hacore.[ch], nd6.c}:
CN or HA dosen't add a type2 routing header to a Binding
Acknowledgement packet when a deregistration packet was issued
on home link and it was failed by some reasons.
reported by Yukiyo.Akisada@jp.yokogawa.com and v6pc cert.
team.
Mon Jul 28 20:03:46 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_cncore.c,mip6_mncore.[hc],in6.c,nd6_rtr.c
kame/sys/net/if_hif.[hc]
assign a CoA separately for each home interface, since a home
interface is logically independent from each other.
Mon Jul 28 14:38:11 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_hacore.c,mip6_cncore.c:
- fixed a bug not sending a binding ack when DAD for a link-local
address is failed. (en-bugged during re-structuring BC logic.)
- fixed a bug using RTHDR2 with Mobility Headers other than
a binding ack.
reported by Yukiyo.Akisada@jp.yokogawa.com.
Fri Jul 25 19:12:15 JST 2003 itojun@iijlab.net
* sys/netinet/ah_core.c: hmac-ripemd160 support
Fri Jul 25 18:07:43 JST 2003 sakane@kame.net
* kame/sys/netkey/key.c
fixed that the kernel crashed when key_spdacquire() was called
because key_spdacquire() had been implemented imcopletely.
Thu Jul 24 16:11:06 JST 2003 keiichi@iij.ad.jp
* mip6 related files.
simplify the prefix and advertising router list management
mechanism on a mobile node.
2003-07-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/config.c (configure_duid): fixed a bug of
allocating short memory. Upgrading is required if you configure
dhcp6s with the duid statement.
Sat Jul 19 18:12:01 JST 2003 itojun@iijlab.net
* sys/netinet6/esp_aesctr.c: support draft-ietf-ipsec-ciph-aes-ctr-03
as there's no official DOI assignment yet, we use private DOI number.
* sys/netinet6/ah_aesxcbcmac.c: support
draft-ietf-ipsec-ciph-aes-xcbc-mac-03.
as there's no official DOI assignment yet, we use private DOI number.
Tue Jul 15 20:02:05 JST 2003 itojun@iijlab.net
* sys/netinet6/esp_rijndael.c: simplify and update rijndael code.
markus@openbsd
2003-07-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: revised the relay agent implementation
based on dhcpv6-28.
- dhcp6relay now relays packets between clients and servers using
relay forward/reply messages.
- dhcp6s now accepts relay forward messages and replies with relay
reply messages.
Sat Jul 12 15:05:23 JST 2003 suz@crl.hitachi.co.jp
* openbsd/sys/netinet/igmp_var.h
makes IGMPV3-kernel compilable on openbsd.
Thu Jul 10 21:35:04 JST 2003 keiichi@iij.ad.jp
* kame/kame/had/halist.c
fixed a bug that a DHAAD reply message only includes one global
address per home agent. the message must include all global
addresses of all home agents.
reported by Yukiyo.Akisada@jp.yokogawa.com.
2003/07/10 21:07:50 JST kjc@csl.sony.co.jp
the first step for transition to pf/altq.
marge pf/altq into the existing altq-3.
allow both pf/altq and altq-3 to coexit.
currently, ALTQ3_COMPAT and ALTQ3_CLFIER_COMPAT are defined
in sys/altq/altq.h to support altq-3.
altq-3 will remain in kame for research experiments but will
not be merged into bsd releases.
2003-07-08 Hideki ONO <ono@soft.net.fujitsu.co.jp>
* kame/sys/netinet6/{in6_ifattach.c,ip6_mroute.c,ip6_mroute.h}
protect against interface removal.
Tue Jul 8 18:51:06 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_mncore.c
insert alternate careof address sub-option when creating a
binding update for the home registration. This sub-option is
MUST when we protect the message with ESP and strictly speaking,
it is not necessary if we use AH. for now, we always include
this option, though...
Tue Jul 8 17:11:20 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_cncore.c,mip6_hacore.c,mip6_var.h,
kame/kame/mip6control/mip6control.c
better handling for a cloned binding cache for link-local
address of a mobile node, when a binding update has a L flag on.
Tue Jul 8 12:04:14 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_mncore.c
a mobile node must send a multicast neighbor advertisement
for its link-local address when returning to home.
reported by Yaskawa Information Corp.
Mon Jul 7 20:23:00 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_cncore.c,kame/sys/netkey/key.[ch]
made draft-ietf-mip6-ha-ipsec as a default configuration.
you must explicitly define MIP6_NOHAIPSEC to disable this feature.
Fri Jul 4 10:00:51 JST 2003 itojun@iijlab.net
* sys/netinet6/{ipcomp,esp}_input.c: critical missing length check/typo
found by markus@openbsd.
Tue Jul 1 11:56:46 JST 2003 itojun@iijlab.net
* kame/sys/net/pf.c: PF now available on freebsd4 too.
* {net,open}bsd/sys/netinet/ip_mroute.c: better protection against
interface removal, by ono@kame
<200306>
Mon Jun 30 20:01:18 2003 JST sakane@kame.net
* kame/racoon
racoon left a re-send schedule, but called unbindph12() after it
finished IPsec-SA negotiation. the re-send routine would use ph1
handler, but it would be NULL, then it caused a crush. the report
from <robert_kw@yahoo.com>
Sun Jun 29 16:01:35 JST 2003 sakane@kame.net
* kame/sys/netkey/{key.[ch],keydb.[ch]}
* kame/sys/netinet6/ipsec.[ch]:
an user can define a policy-id between 1 and IPSEC_MANUAL_POLICYID_MAX.
when an user specifies 0 as a policy-id, the kernel assigns a policy-id
for the security policy.
Sun Jun 29 13:51:55 JST 2003 sakane@kame.net
* kame/racoon
- fixed to get a subjectaltname from a x509 certificate.
it did not work with racoon if the openssl version
was 0x00906002L or later.
Sat Jun 28 12:54:50 JST 2003 itojun@iijlab.net
* netbsd/openbsd: no longer uses NEW_STRUCT_ROUTE
Sat Jun 28 08:13:55 JST 2003 itojun@iijlab.net
* sys/netinet6/ipsec.c: policy can be looked up by PF tags. see
(KAME-snap 7878) for more complete example.
* setkey: syntax addition: "spdadd taggged" for PF-and-IPsec interaction
Fri Jun 27 20:47:07 JST 2003 sakane@kame.net
* kame/racoon
- fixed that the configure program did not work.
- the configure program checks if racoon's sha2 can work on an openssl.
- racoon supports the "proxy mode" SA negotiation. it is useful
for MIP6 security. patch from <Francis.Dupont@enst-bretagne.fr>
Fri Jun 27 11:16:32 JST 2003 itojun@iijlab.net
* kame/sys/net/pf.c: PF from openbsd-current 2002/6/26.
compilable on openbsd/netbsd. the goal would be to integrate PF
into KAME IPsec policy lookup engine.
2003-06-26 Tsuyoshi MOMOSE <t-momose@netlab.nec.co.jp>
* kame/sys/netinet6/{mip6_cncore.c, dest6.c}: Several bugs related
mobile ipv6 correspondent node functinonalyty was fixed. Thease
problems are found and reported by v6pc certification WG
conformance testing.
- shouldn't check care-of nonce index on deregistration.
- shouldn't send binding errors with Home Address optino in HoTI,
or CoTI packet
- should send a binding error when an address included in home
address option is not a routable unicast address.
- should send binding error with status code 2 when received
a packet which has a unknown mobility header type.
Tue Jun 24 14:52:16 JST 2003 itojun@iijlab.net
* sys/netinet/sctp*: sctp patch 9 from rrs@cisco.com. (7) is disabled
by default, as there's no floating point in kernel land.
1) Xiaodan Tang found an interesting bug in the netBSD code
having to do with getsockopt. Now a failed return will
not generate a panic via a double mbuf mfree.
2) Changes to match the socket API next release including
sctp_recvmsg(), sctp_connectx().
3) New state SCTP_UNCONFIRMED for addresses and increased
HB's to unconfirmed addresses.
4) Major bug and panic fixes when memory gets short as we
stress the number of mbufs and raise the number of associations.
5) A stop to handle excess associations. I can now easily get
20,000 assoc up on my laptop :>
6) Shrinking of PCB size and assoc structure sizes.
7) Support for High Speed TCP draft in SCTP. Note if you
don't have a processor that supports floating point in
the kernel (PIII and PIV should be ok) you need to
go in to sctp_structs.h and comment out the define
of SCTP_HIGH_SPEED. This will move to a compile option
next patch.. but for now it is hard coded :-0
8) Some re-entrancy issues fixed (again especially when stressing
the limits of things).
9) Configurable compile switch to get either Mark Allmans burst
limit OR Kacheong Poon's :> Default is Kacheongs... If you
want to use HIGH SPEED option probably you are best NOT
to use Mark's since I don't think HIGH SPEED could ever
take effect...
2003-06-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_output.c (ip6_setpktoption): deprecated
the IPV6_REACHCONF socket option and ancillary data item. It was
once introduced during the migration from RFC 2292 to RFC 3542,
but was dropped in the migration process.
2003-06-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_rtrequest): changed a condition to
decide whether to create an empty llinfo stricter so that a user
can manually change the link-layer address of an existing neighbor
cache.
Pointed out by: KIU Shueng Chuan
Wed Jun 18 17:29:31 JST 2003 itojun@iijlab.net
* sys/netinet6/nd6.c: have separate timer in each llinfo_nd6
(neighor cache); should allow timeout control in finer granurality.
ln->ln_expire is kept just for backward compat (i.e. ndp(8))
Mon Jun 16 18:49:02 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/icmp6.c
fixed a bug that ICMP error may be sent to mobile node's home
address instead of its care-of address.
reported by Yukiyo Akisada <Yukiyo.Akisada@jp.yokogawa.com>.
2003-06-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd4/sys/net/if.c (if_detach): be sure to free the link
ifaddr at the end of the function. (A supplement fix to another
one by ono on June 9th)
Wed Jun 11 20:39:57 JST 2003 keiichi@iij.ad.jp
* tcp_output()
the length of extension headers, which are created and inserted
by the MIP6 kernel automatically if bindings exist, is taken
into account when sending TCP segments to avoid fragmentation.
pointed out by A. Dev pramil <dev.dhas@kcl.ac.uk> and others.
2003-06-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (icmp6_redirect_output): do not check
ip6_accept_rtadv to decide whether redirects should be sent. This
parameter is irrelevant to sending redirects.
2003-06-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_nbr.c (nd6_na_input):
* kame/sys/netinet6/nd6.c (nd6_free):
loosened the check requiring ip6_accept_rtadv where we needed to
consider redirect cases.
Pointed out by: KIU Shueng Chuan
<200305>
Fri May 30 10:25:33 JST 2003 itojun@iijlab.net
* netbsd/sys/netinet/tcp_input.c: inherit IPV6_V6ONLY bit from
listening socket. NetBSD PR 21713
Thu May 29 18:01:28 JST 2003 sakane@kame.net
* kame/racoon
the patches from <Francis.Dupont@enst-bretagne.fr>
- racoon must use the source addresss of the phase 1 negotiation
that is in the acquire message.
- the missing in pk_recvspdupdate() was added.
2003-05-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/setkey/{token.l, parse.y}: added a new keyword "null"
as the null encryption algorithm. The old keyword "simple" was
obsolete. Backward compatibility is provided with a warning
message. [KAME PR 475]
Fri May 23 16:00:26 JST 2003 sakane@kame.net
* kame/racoon
applyed RFC compliance patches from <toml@us.ibm.com>.
- only single proposal and single transform are allowed to be received
during phase 1 by a initiator.
- ESP with NULL encryption must specify authentication.
Fri May 23 16:00:26 JST 2003 sakane@kame.net
* kame/racoon
- a regular expression can be used as a include file name
in a configuratoin file.
- some memory leaks are fixed.
they are from <jgraessley@apple.com>.
Tue May 20 19:44:50 JST 2003 suz@crl.hitachi.co.jp
* freebsd[45]/sys/netinet6/udp6_usrreq.c,
* {netbsd,openbsd}/sys/netinet/udp_usrreq.c: fixed a bug that UDP
packet cannot be received if it's bound for linklocal multicast.
(introduced in Apr 28)
Mon May 19 18:47:38 JST 2003 keiichi@iij.ad.jp
* kame/kame/rtadvd/advcap.c,config.c,dump.c,rtadvd.[hc]
implemented the rapid router advertisement which is defined in the
mobile ipv6 spec.
2003-05-15 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd4/sys/net/if.c (if_detach): be sure to reset the
ifindex2ifnet[] entry for the detached interface.
Fri May 9 14:19:07 JST 2003 suz@crl.hitachi.co.jp
* kame/pim6[sd]d: moved the default location of the configuration file
from /usr/local/v6/etc/... to /etc/..., for the convenience of
ports/pkgsrc maintenance.
People using pim6[sd]d MUST move their pim6[sd]d configuration file
to /etc.
Fri May 9 13:09:00 JST 2003 suz@crl.hitachi.co.jp
* kame/pim6sd/cfparse.y: fixed a bug that cand_bsr or cand_rp
configuration is regarded as a syntax error (introduced by
my patch on Apr 30)
Pointed out by: SHIBATA Takeshi
* kame/pim6sd/pim6_proto.c: stopped BSR message advertisement
to the incoming interface for the time being (introduced on Apr 30)
2003-05-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (nd6_rtmsg): corrected the pointer
value for RTAX_IFP.
Pointed out by: KIU Shueng Chuan
Thu May 1 15:53:10 JST 2003 itojun@iijlab.net
* openbsd: switch to 3.3. note that we now use openbsd/sys/altq,
not kame/sys/altq (via symlinks), since ALTQ is integrated into
OpenBSD PF. therefore, before you upgrade, you'd need to cleanup
the symbolic links by
% /bin/rm -fr kame openbsd/sys/altq
also we no longer build some of ALTQ tools.
<200304>
Wed Apr 30 14:08:18 JST 2003 suz@crl.hitachi.co.jp
* kame/pim6sd/{cfparse.y cftoken.l pim6_proto.c, pim6sd.conf.5,
rp.[ch] timer.h}: implemented static group-to-RP mapping
configuration.
* kame/pim6sd/{rp.c, pim6_proto.c}: sync with draft-ietf-pim-sm-bsr-03.txt
- BSR message's Randomized Override Interval
- BSR message is advertised to the incoming interface, too
Mon Apr 28 14:46:47 JST 2003 suz@crl.hitachi.co.jp
* kame/sys/netinet/in_msf.h, kame/sys/netinet6/{in6.c, in6_ifattach.c,
ip6_input.c , ip6_output.c, mld6.c, nd6.c}
- answers to MLD query for link-local multicast group address.
(stopped embedding the ifindex of group address in struct in6_multi)
Reported by: Kentaro Ohara <Kentarou.Oohara@jp.yokogawa.com>
(users@jp.ipv6.org #3055)
Wed Apr 23 18:22:53 JST 2003 keiichi@iij.ad.jp
* mip6 related part restructuring.
codes are divided into three parts based on node types.
a user can build CN only, MN only and HA only kernel now.
Wed Apr 23 01:24:32 JST 2003 itojun@iijlab.net
* netbsd: use 1.6.1
Mon Apr 21 16:39:26 JST 2003 itojun@iijlab.net
* sctp patch 8 from randall
1) Problem with source address selection for v6
found by Itojun when sending to ::1
2) Security upgrade to report addresses in three
states ACTIVE/IN-ACTIVE and UN-CONFIRMED. This
also includes fixes to HB un-confirmed address
more rapidly. The idea behind this is to
keep folks from specifying addresses that are
not theres to do a "masqurade". This fix is
a result of discussions with Steve Bellovin.
3) Same issue, #2 but also added in is when a
user sends to an address, if the address is
un-cofirmed we treat it just like a MSG_OVERIDE
so we will send to the address the user thinks
OR we get an abort from the peer if the association
that had the address was really masqurading.
4) Minor formatting problems to match BSD style
5) Implementors Guide update. We had failed to
send a INIT-ACK back to the same place we sent
the INIT to when we had a collision scenario.
Missed this issue in putting all the IG in
the code. This comes as a result of the LONG
discussion with B B on the sctp-impl list.
6) Michael Tuexen found that user caused abort
when the user did a SO_LINGER = 0 and a close
has incorrect lengths in the TLV. This was
through ANY code that did a optional param
on the ABORT.. the m_len's were not properly
set.
7) When sending to a loopback in V6 we listed
all Link Locals... but none of these are
really sendable since the peer (on our
host) has no scope. Found while investaging
Itojuns ::1 send issue. Now we will never
list link-local address so the only way
they can show up is as a source address.
8) Include file and various other issues reported
by kame. We kill off the sysctrls that somehow
historically got in and are not used. Only ones
now are the ASCONF, RECV Buf default and Snd
buf default.
9) Will now send up to max-bursts hb's to unconfirmed
addresses and we use only the RTO for HB setting
when we are in a unconfirmed mode.. aka not
all addresses have HB'd yet.
10) Fixes to better recognize the various ICMP's during
initial INIT sending. If the assoc is up we better
recognize unreachable host messages too (reported
by kame-core group).
2003-04-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/libinet6/getaddrinfo.c (getaddrinfo): when AI_PASSIVE
is specified, put non-SCTP protocols before SCTP not to break
buggy-but-deployed applications.
2003-04-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/libinet6/getaddrinfo.c (getaddrinfo): corrected the
initial check for socktype/protocol combination of hints.
the previous code could reject {AF_INET6, SOCK_STREAM,
IPPROTO_TCP} when we had IPPROTO_SCTP before TCP in the explore
structure.
2003-04-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd4/ports/openssh-portable-sctp: added a port kit to
support other stream protocols than TCP (mainly intending SCTP) in
OpenSSH 3.6.1p1.
2003-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtsold/rtsold.c (main): corrected over-killing
pid-file generation.
2003-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/dhcp6c: added the -p pid-file option.
2003-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtsold/if.c (interface_status): considered IEEE 802.11
interfaces correctly.
2003-04-11 MOMOSE Tsuyoshi <t-momose@netlab.nec.co.jp>
* kame/kame/had: a part of handling MPA is divided to another
file. Current handling MPA code prevents to port 'had' to
other MIP6 implementations due to accessing kernel internal
structures.
2003-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtsold: added the "O-bit" support. When rtsold
receives a router advertisement with the OtherConfig flag being
set, it will invoke a script file (if specified by the -O option)
to kick a separate protocol for the "other" configuration.
2003-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: supported the ability for the client to call a
configuration script when the client receives a reply message. A
new configuration statement to specify the script was provided.
2003-04-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtadvd/config.c (getconfig): supported a string
notation for flag parameters. For example, raflags="o" specifies
the daemon to set the "O bit" of the router advertisement header.
This change is backward compatible; the traditional numeric
notation is also accepted.
Wed Apr 9 17:19:41 JST 2003 suz@crl.hitachi.co.jp
* kame/freebsd4: sync with FreeBSD 4.8-RELEASE
Wed Apr 2 20:29:23 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/mld6query: always advertise group-specific query from
link-local address
<200303>
Mon Mar 31 11:19:31 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6.c,mip6_var.h,nd6_rtr.c:
fixed a bug in a update routine of mip6 related data structure
(prefix list and home agent list) when receiving a router
advertisement.
2003-03-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/libinet6/name6.c: upgraded the support of ICMPv6
nodeinfo for address to name mapping to recent versions of the
specification.
Note that:
- this version sends queries to non-link-local addresses
- this version does not cache the results
Fri Mar 28 17:18:29 JST 2003 suz@crl.hitachi.co.jp
* freebsd5/sys/conf/file, kame/sys/netinet6/mip6*, mobility6.c:
makes MIP6 compilable on freebsd5
Fri Mar 28 14:27:07 JST 2003 suz@crl.hitachi.co.jp
* freebsd5/sys/sys/kernel.h, freebsd5/sys/net/if_var.h,
kame/sys/net/if_{dummy,faith,gif,stf}.c: KAME-origined
logical-interfaces(gif, dummy, faith, and stf for the time being)
are now working on freebsd5.
Wed Mar 26 19:43:16 JST 2003 suz@crl.hitachi.co.jp
* freebsd[45]/sys/conf/options:
supported LARGE_LOMTU kernel configuration option for
Jumbogram testing.
Tue Mar 25 19:07:53 JST 2003 suz@crl.hitachi.co.jp
* kame/sys/netinet6/in6_msf.c
fixed a bug that MSF does not work properly when changing its mode
by advanced API.
* kame/sys/netinet/in_msf.c
{freebsd4,freebsd5,netbsd,openbsd}/sys/netinet/ip_output.c
When the gap in the IPv4 multicast membership array is removed,
multicast-socket-filter must be removed as well as multicast
membership array. (specific to IGMPv3 extension)
Reported by: Hitoshi Asaeda <Hitoshi.Asaeda@sophia.inria.fr>
2003-03-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6_rtr.c (prelist_update): made sure to keep
the current stored lifetime when it was not updated by an RA.
Discovered through a periodic TAHI test by Ozoe Nobumichi
<ozoe@tahi.org>.
2003-03-19 Hideki ONO <ono@soft.net.fujitsu.co.jp>
* kame/kame/vrrp6d,
kame/sys/net/{if_vrrp.c,if_vrrp_var.h},kame/sys/netinet6/mld6.c,
openbsd/sbin/ifconfig, openbsd/sys/net/{if_ethersubr.c,if_types.h},
openbsd/sys/sys/mbuf.h
VRRP6 implementation for OpenBSD
Wed Mar 19 17:17:55 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/icmp6.c
fixed a mbuf leak when generating an ICMPv6 redirect message.
2003-03-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: C99 compliance; avoid using __func__ with
concatenating other strings since it is a const char variable.
2003-03-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rafixd: this is a new application. The rafixd daemon
invalidates bogus RAs by overriding them with the 0 router
lifetime. This is particularly useful on an event network that
contains mis-configured "routers".
Mon Mar 10 15:02:05 JST 2003 itojun@iijlab.net
* sctp: merged patch 7 from randall.
2003-03-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/dhcp6c.c (client6_send): made sure that the
elapsed time does not overflow, according to dhcpv6-interop-00.
<200302>
Tue Feb 25 19:50:40 JST 2003 suz@crl.hitachi.co.jp
* freebsd{4,5}/sys/netinet/tcp_syncache.c
reflected FreeBSD-SA-03:03.syncookies (Brute force attack on SYN
cookies)
2003-02-19 Hideki ONO <ono@soft.net.fujitsu.co.jp>
* kame/kame/vrrp6d,
kame/sys/net/{if_vrrp.c,if_vrrp_var.h},kame/sys/netinet6/mld6.c,
netbsd/sbin/ifconfig, netbsd/sys/net/{if_ethersubr.c,if_types.h},
netbsd/sys/sys/mbuf.h
VRRP6 implementation for NetBSD
* freebsd4/sbin/ifconfig, freebsd4/sys/net/{if_ethersubr.c,if_types.h},
freebsd4/sys/sys/mbuf.h
changed VRRP6 implementation for FreeBSD4
Wed Feb 19 17:26:11 JST 2003 keiichi@iij.ad.jp
more mtag leaks are fidex. M_MOVE_PKTHDR is introduced to
NetBSD (ported from OpenBSD).
TODO: KAME/freebsd5
Wed Feb 19 12:15:00 JST 2003 keiichi@iij.ad.jp
* kame/sys/netkey/key.c
MIP6: flush a cached route of a SA when the destaddr of the SA
has been changed.
2003-02-18 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd4/sys/sys/mbuf.h (M_MOVE_PKTHDR): ported from OpenBSD to
"move" mtag from one mbuf to another.
* kame/sys/netinet6/{icmp6.c, ip6_output, ipsec.c}: used
M_MOVE_PKTHDR instead of M_COPY_PKTHDR when appropriate, in order
to avoid mtag leakage.
(We may need to change more, including support for other OSes)
Tue Feb 18 20:43:42 JST 2003 suz@crl.hitachi.co.jp
* {freebsd4,netbsd,openbsd}/sys/netinet/udp_usrreq.c
properly handles IPv4 UDP packet for IPv4 broadcast address
(only for IGMPv3 kernel)
Tue Feb 18 12:19:53 JST 2003 suz@crl.hitachi.co.jp
* {freebsd4,freebsd5,netbsd,openbsd}/sys/netinet/udp_usrreq.c
{freebsd4,freebsd5,kame}/sys/netinet6/udp6_usrreq.c:
fixed an IGMPv3 or MLDv2 kernel crash by a UDP multicast packet to
addr:port, when some application joins to the addr and another
application listens to the UDP port by unicast.
Reported by: Hitoshi Asaeda <Hitoshi.Asaeda@sophia.inria.fr>
2003-02-14 MOMOSE Tsuyoshi <t-momose@netlab.nec.co.jp>
* kame/kame/sys/netinet6/{mobility6.c,mip6_pktproc.c},
kame/kame/sys/netinet/ip6.h
- Changed some codes to be MIP6 ID-20 compliant.
+ Binding Auth. Option no longer require alignments
+ Changed Binding Refresh Advice option type
+ Send Parameter Problem if received mobility header is too small
or it's next header value is not no next header.
Thu Feb 13 18:37:58 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/ifmcstat: ifmcstat works on freebsd5 now
2003-02-12 MOMOSE Tsuyoshi <t-momose@netlab.nec.co.jp>
* kame/sys/netinet6/{mip6.c,mip6_pktproc.c,mip6_var.h}: Only Home
nonce is used for calculation Kbm when a binding update message
tells to delete a binding cache.(HoA==CoA || lifetime==0)
One of Known bugs in TODO.mobile-ip6 is fixed.
Wed Feb 12 19:09:04 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/pim6sd: fixed a pim6sd crash by SIGHUP
2003-02-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/dhcp6c_ia.c (reestablish_ia): prevented the
client from crashing when receiving a NoBinding code in response
to a Rebind.
Reported by: Ozoe Nobumichi <ozoe@intap.or.jp>
Mon 10 Feb 2002 14:11:46 JST suz@crl.hitachi.co.jp
* freebsd5/sys/netinet6/in6_pcb.c: getsockname()/getpeername()
now returns proper port number for IPv6 socket.
(this makes rpcbind work properly on freebsd5)
2003/02/09 03:33:58 JST kjc@csl.sony.co.jp
merge altq support into the freebsd5 tree.
the original code was made for 5.0-dp1 and it hasn't been fully
tested on 5.0 yet.
2003-02-07 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/dhcp6c: obsoleted 'prefix-delegation' as a
DHCPv6 option name.
2003-02-07 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_input.c (ip6_getpktaddrs): changed the 2nd
and the 3rd arguments from 'sockaddr_in6 **' to 'sockaddr_in6 *'.
The change will avoid sharing pointer in an mbuf with the caller
of the function, and will be considered as less error-prone.
* {*bsd, kame}/sys/netinet[6]/: all the points that called
ip6_getpktaddrs() were modified accordingly. There should be no
change on behavior, but we may need some time to stabilize the
code.
Fri Feb 7 19:40:36 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/pim6sd/{main.c, route_sock.h}: fixed file descriptor
leak by SIGHUP (reported by SUDOH Yoshiaki <sudo@iij.ad.jp>)
Fri Feb 7 19:17:12 JST 2003 suz@crl.hitachi.co.jp
* freebsd5/*, kame/*: KAME for FreeBSD 5-RELEASE. (not supported
officially yet, as the merge work is not completely finished)
2003-02-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: the client now sends a Request to reestablish
an IA when receiving a NoBinding for the IA in response to a Renew
or Rebind. The behavior is compliant to Section 18.1.8 of
dhcpv6-28.
Thu Feb 6 01:36:12 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/pim6sd/vif.c: fixed pim6sd crash by SIGHUP
(reported by SUDOH Yoshiaki <sudo@iij.ad.jp>)
Wed Feb 5 20:25:32 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet/icmp6.h,ip6.h
* kame/sys/netinet6/mip6_binding.c,mip6_pktproc.c
* kame/kame/mip6control/mip6control.c
- support for the MIP6 ID20 draft has been added.
2003-02-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* {freebsd4,kame}/sys/netinet6/udp6_usrreq.c (udp6_input)
* {freebsd4,kame}/sys/netinet6/raw_ip6.c (rip6_input)
removed redundant code fragments; we do not have to copy mtag back
to the source any more.
(There should be no change on behavior.)
Wed Feb 5 10:31:48 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/ip6_forward.c,ip6_output.c
* freebsd4/sys/sys/mbuf.h
- changed m_copy() behavior of freebsd4. m_copy() now copies
mtags.
2003-02-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/dhcp6c.c (client6_timo): changed the upper bound
of retransmissions according to Section 14 of dhcpv6-28, so that
the total number of transmissions (including the first one) is
limited up to MRC.
pointed out by: Ozoe Nobumichi <ozoe@intap.or.jp>
Mon Feb 3 18:53:50 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/{mip6_binding.c|ipsec.c}
* kame/sys/netkey/key.[hc]
- added partial support for the mip6-ha-ipsec draft.
define MIP6_HAIPSEC macro in your kernel config file to
enable optimized tunneling format.
<200301>
Fri Jan 31 21:28:08 JST 2003 keiichi@iij.ad.jp
* kame/kame/mip6control:
- the file format for mip6makeconfig.sh has been changed.
Thu Jan 30 15:52:05 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/pim6sd/mld6_proto.c:
fixed a bug that MLD-compat-mode never switches back to MLDv2
from MLDv1-compatible mode.
Thu Jan 30 13:04:25 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/pim6sd/{rp.c, cfparse.y}:
fixed a bug that "cand_bsr/cand_rp (ifname)" does not work.
(reported by Pekka Savola in snap-users ML #7516)
2003-01-29 MOMOSE Tsuyoshi <t-momose@netlab.nec.co.jp>
* kame/kame/sys/netinet6/mip6.c, mip6_var.h, mip6_pktpro.c:
supports returning binding ack. status of expired nonce index when
the nonces indicated in a binding update are already expired.
2003-01-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: added some minor bug fixes and clarifications:
- let the event structure to have IA for solicit and request so
that it is easier to handle each IA separately
- fixed a bug that the server ID was not copied to request when
receiving an advertisement with the highest preference
- fixed a bug of moving tailq list entries. Introduced a new
library dhcp6_move_list() to address this problem.
Thu Jan 23 18:09:14 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/ip6_output.c:
leave mtags in the original mbuf when copying the mbuf in
ip6_mloopback(). the aux information stored in the mtags
may be needed in the later process of the output routine.
Thu Jan 23 14:37:46 JST 2003 itojun@iijlab.net
* sys/net/if_gif.c: detect encapsulation loop by using m_tag,
just like openbsd-current does.
2003-01-23 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: supported a new substatement "prefix" for the
id-assoc statement, which allows the client to require a
particular prefix(es) as a subotion of the IA_PD option in Solicit
messages.
2003-01-23 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6/dhcp6s.c (make_binding_ia): used local values
for the pltime and vltime of a prefix to be renewed/rebound, not
values in the renew/rebind message.
Thu Jan 23 09:26:35 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/pim6sd:
- fixed MLD query advertisement failure
- displayes MLD group management info in dump
2003-01-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: supported the elapsed time DHCPv6 option:
- the client now includes the option for all messages.
- the server logs the received option, though it does not care
about the option value.
2003-01-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: supported the Release message:
- client now releases stateful resources before exiting or restarting
by sending the message.
- server now accepts the message and releases the corresponding
binding.
Tue Jan 21 17:02:57 JST 2003 itojun@iijlab.net
* sys/mbuf.h: switch from m_aux framework to m_tag framework (from
openbsd) for tagging extra information to mbuf chain.
TODO: bsdi4
2003-01-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ndp/ndp.c (ifinfo): printed the max MTU for ndp -i IFNAME.
2003-01-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/(several files): clarified library interfaces
for prefix manipulation. There was no change on behavior.
Mon Jan 20 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_pktproc.c
fixed a bug that the correpondent node doesn't send back a
binding ack even when the ACK bit is on.
reported by Yukiyo Akisada <Yukiyo.Akisada@jp.yokogawa.com>.
Fri Jan 17 20:53:58 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_pktproc.c:
more sanity checks. a home test init and a care-of test init
must not contain a home address destination option.
reported by Yukiyo Akisada <Yukiyo.Akisada@jp.yokogawa.com>.
Fri Jan 17 19:28:45 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_binding.c:
fixed a bug that sending with an invalid lifetime from a home
agent when unregistering.
reported by Yukiyo Akisada <Yukiyo.Akisada@jp.yokogawa.com>.
Fri Jan 17 19:18:44 JST 2003 keiichi@iij.ad.jp
* kame/sys/netinet/icmp6.h:
corrected the dhaad reply format.
reported by Yukiyo Akisada <Yukiyo.Akisada@jp.yokogawa.com>.
Fri Jan 17 18:08:00 JST 2003 suz@crl.hitachi.co.jp
* kame/sys/netinet6/ip6_input.c:
When listening to a source-specific-multicast group, receives
IPv6 packets (e.g. ICMPv6 ECHO) as well as IPv6 UDP packets
if source and group are matched.
Fri Jan 17 12:17:39 JST 2003 suz@crl.hitachi.co.jp
* kame/sys/net/if_stf.c, kame/kame/rtsold/rtsold.{c,8}
rtsold now periodically solicites RA on ISATAP interface.
Sat Jan 11 16:25:06 JST 2003 suz@crl.hitachi.co.jp
* bsdi4/sys/conf/files, bsdi4/sys/sys/sockio.h, bsdi4/sbin/ifconfig:
ISATAP implementation for bsdi4 (just confirmed compilation)
Fri Jan 10 17:27:10 JST 2003 suz@crl.hitachi.co.jp
* kame/sys/net/if_*.c:
fixed a bug that some interfaces cannot be manipulated under
OpenBSD+KAME.
Thu Jan 9 20:10:24 JST 2003 suz@crl.hitachi.co.jp
* {netbsd,openbsd}/sys/conf/files, {netbsd,openbsd}/sys/sys/sockio.h,
{netbsd,openbsd}/sbin/ifconfig, kame/sys/net/if_stf.c:
ISATAP implementation for NetBSD/OpenBSD.
Wed Jan 8 14:33:42 JST 2003 suz@crl.hitachi.co.jp
* kame/kame/man/man4/stf.4, kame/sys/net/if_stf.[ch],
kame/sys/netinet6/in6.h, in6_ifattach.c, ip6_input.c,
freebsd4/sys/sys/sockio.h, freebsd4/sys/net/if.h:
ISATAP kernel implementation based on
draft-ietf-ngtrans-isatap-08.txt for FreeBSD-4.
* kame/kame/rtadvd, kame/kame/rtsold, freebsd4/sbin/ifconfig
ISATAP userland implementation based on
draft-ietf-ngtrans-isatap-08.txt for FreeBSD-4.
please see "man stf" for further detail.
Wed Jan 8 14:26:17 JST 2003 itojun@iijlab.net
* sys/netkey/keydb.h: in struct secashead, "struct route" is not
sufficient if !NEW_STRUCT_ROUTE. NetBSD PR 18751.
2003-01-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/dhcp6: upgraded base specification of DHCPv6 and prefix
delegation using DHCPv6 according to the latest drafts.
Note that backward compatibility to older versions of prefix
delegation was not provided.