Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tag: freebsd2_snap_…
Fetching contributors…

Cannot retrieve contributors at this time

4208 lines (3426 sloc) 178.551 kb
CHANGELOG for KAME kit
$Id: CHANGELOG,v 1.282 1999/11/21 13:30:03 itojun Exp $
<199911>
Sun Nov 21 22:01:25 JST 1999 itojun@iijlab.net
* openbsd/sbin/ifconfig/ifconfig.c: support KAME scopeid hack.
this will make the behavior slightly incompatible
(we can't use getnetbyname due to library conflict). Be warned.
* openbsd/usr.bin/netstat: support KAME scopeid hack.
Sun Nov 21 05:49:14 JST 1999 itojun@iijlab.net
* openbsd/sys/dev/ic/am7990.c: for inbound packets, allocate mbuf
cluster whenever desired. this is to make "le" driver conform to
KAME mbuf chain requirement.
Sat Nov 20 21:43:26 JST 1999 itojun@iijlab.net
* openbsd/sys/netinet/udp_usrreq.c: fix panic on interface down
in udp6_ctlinput(). fixes KAME PR 175.
* kame/sys/netinet6/ip6protosw.h: fix panic on big endian openbsd
machines (short/int mismatch with struct protosw).
1999-11-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/config.c (config_vifs_from_kernel): considers
loopback and non multicast-capable interfaces, since some routers
have global addresses only on such interfaces.
Also, anycast addresses are now ignored.
Fri Nov 19 13:20:24 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/kame/{pim6dd, pim6sd, rtadvd, rtsold}: in looking up
interface information, comparing interface name between IFs which
duplicate name partly, such as 'gif1' and 'gif10', fails. It's
caused by lack of length comparation.
Tue Nov 16 20:17:22 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/openssh: IPv6-enable openssh.
obtained from fujiwara@rcac.tdi.co.jp
Thu Nov 18 06:45:45 GMT 1999 itojun@iijlab.net
* openbsd: upgrade base version to OpenBSD 2.6.
Thu Nov 18 12:20:02 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd[23]/ports/ucd-snmp,
openbsd/ports/net/ucd-snmp: upgrade to latest IPv6 patch.
tcp/udp MIB number is fixed.
From: Niels Baggesen <Niels.Baggesen@uni-c.dk>
1999-11-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/tcpdump/print-pim.c (pimv2_print):
corrected offset check and calculation for the RP holdtime and
priority fields of Bootstraps.
Wed Nov 17 13:38:40 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/apache13: upgrade to 1.3.9.
1999-11-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ndp/ndp.c (plist): improved information about
adveritising routers:
- show each router's reachability.
- show each router in the new scopedaddr format.
1999-11-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/dump.c (dump_if_rtable): was added to dump
more information about each inteface including local addresses.
print_ifrt_dump() was removed according to this change.
1999-11-15 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd3/sys/netinet/tcp_subr.c (tcp_newtcpcb): always
initialize inp_ip_ttl in tcp_newtcpcb() in order to avoid
zero ttl when matching an incoming IPv4-maaped IPv6 address.
This fix was in response to a problem report from
kurotsu@violet.plala.or.jp.
Wed Nov 10 22:42:37 JST 1999 sakane@ydc.co.jp
Support a behavior of kernel when policy description is omited peer's
addresses in transport mode case. If you define protocol/mode//level
as policy then kernel get addresses from IP header to match SPD.
XXX should be considered the relative between inner and outer IP
addresses when packet will launch from own interface by tunnel mode.
Tue Nov 9 EST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp_input.c: backout previous change for
tcp_pullup(), as it degraded stability and made some wrong
assumptions (see below, Nov 6).
Tue Nov 9 07:14:23 EST 1999 itojun@iijlab.net
* kame/libpcap/scanner.l: make IPv6 parsing more strict.
this makes arp[0:1] to work again ("0:1" was mistakingly
considered as IPv6 address). Uses very ugly regex...
Sun Nov 7 10:40:55 EST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp_input.c: implement tcp_pullup(),
which ensures mbuf alignment match with what tcp_input() assumes.
the routine is kind of ugly because, in most architectures,
MHLEN < ip + tcp + tcp opt
with IPv6.
Sun Nov 6 JST 1999 itojun@iijlab.net
* freebsd2/release: improvements to IPv6+PAO boot floppy. add
isc dhcp client for easier network configuration.
From: Takahiro Yugawa <yugawa@itjit.ad.jp>
* netbsd/distrib: IPv6-ready boot floppy generator code.
At this moment for i386 only.
From: ichiro@ichiro.org
Fri Nov 5 22:02:00 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/{ip6_input,icmp6,route6}.c: clarify mbuf
chain requirements. add m_pulldown experimental code (#ifdef'ed).
Fri Nov 5 19:52:28 JST 1999 itojun@iijlab.net
* freebsd[23]/usr.bin/netstat/route.c: show MTU on netstat -rnl
(you may need to specify "-a" as well to see cached result of
path MTU discovery).
Fri Nov 5 18:15:36 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/ipcomp_core.c: do not use default memory window
size for zlib, it is too big. let user choose memory window size.
no sysctl access is provided right now, you need to rewrite
the value by modifying source code, or by using kmem/bpatch.
From: Laine Stump <lainestump@rcn.com>
Fri Nov 5 10:41:26 JST 1999 itojun@iijlab.net
* netbsd/sys/dev/pcmcia/if_awi_pcmcia.c (and others):
bring in awi driver for BayStack 650 card from NetBSD-currnt.
we need this for IETF washington DC:-)
Fri Nov 5 01:22:42 JST 1999 itojun@iijlab.net
* kame/sys/netinet: rename in_cksum4() into in4_cksum(), to match
in6_cksum().
1999-11-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_rtrequest): changed the initial
state when creating a neighbor cache entry from INCOMPLETE to
NOSTATE, in order to avoid unexpected NSes.
1999-11-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (icmp6_redirect_output): do not
include a target link-layer address option unless the address is
resolved.
Thanks to: the TAHI project for finding the problem.
Thu Nov 4 18:08:00 JST 1999 itojun@iijlab.net
* kame/etc/rc.net6: install reject route for scoped address without
scope identifiers. this will raise icmp6 error on, say,
"ping6 fe80::1" (this is invalid since there's no scope identifier).
Thu Nov 4 17:22:05 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* netbsd/pkgsrc/net/pchar, freebsd[23]/ports/pchar,
openbsd/ports/net/pchar: pathchar reimplementation.
Thu Nov 4 09:40:08 JST 1999 sakane@ydc.co.jp
* kame/sys/{netkey,netinet6}:
* kame/kame/{libipsec,setkey,racoon}:
Implemented a policy level of `unique' for strict use of SA.
The decimal number named `reqid' is used as the identifier in order to
relate between a SA and SA requests in some policy.
Manual keying may need explicitly to specify the identifier. You can
put the decimal number as the identifier after keyword `unique' of
policy level followed by colon(:). For example, "unique:1225".
The value is:
0 are reserved.
1 - 32767 are reserved for manual keying.
Others are for kernel use.
Note that this id doesn't identify a SA by only itself.
XXX To be implemented the inbound policy check by level of `unique'
after a implement of holding SA used to decode.
XXX The field of reqid on PF_KEY message is in sadb_msg structure.
It may not be adequated for portablity.
XXX racoon has not been supported yet.
Thu Nov 4 05:52:12 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd[23]/ucd-snmp:
use latest IPv6 patch.
* openbsd/ports/net/zebra: upgrade to 0.81.
* openbsd/ports/net/ucd-snmp: add ucd-snmp (4.0.1 + IPv6 patch).
Wed Nov 3 22:11:16 JST 1999 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
key_msg2sp() returns suitable error code.
Wed Nov 3 21:48:29 JST 1999 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
Toss up a policy index as identity of SA user when kernel acquired SA.
This is used extended identity type, that is SADB_X_IDENTTYPE_ADDR,
included in the SADB_EXT_IDENTITY extension.
Tue Nov 2 13:27:36 JST 1999 itojun@iijlab.net
* freebsd2/ports/sendmail.beta, netbsd/pkgsrc/mail/sendmail.beta:
add port directory for sendmail 8.10.0beta6, to stress-test IPv6
part of it.
Tue Nov 2 01:46:01 JST 1999 itojun@iijlab.net
* bsdi3/bin/ping6: move bsdi3/sbin/ping6 into bsdi3/bin/ping6, as
bsdi3 puts ping into bin/ping. You may want to remove
/usr/local/v6/sbin/ping6 to get rid of old binary.
Mon Nov 1 21:29:59 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/mrt, freebsd[23]/ports/mrt: upgrade to 2.0.1a.
Mon Nov 1 13:34:07 JST 1999 itojun@iijlab.net
* freebsd2/ports/openssl: port directory for OpenSSL 0.9.4. required
for freebsd2/ports/v6eval (and useful for building tcpdump and
racoon).
* freebsd2/ports/{ct,v6eval}: port directory for TAHI IPv6 conformance
test kit, version 0.4.
<199910>
Fri Oct 29 21:17:10 JST 1999 itojun@iijlab.net
* kame/libinet6/getaddinfo.c: Bunch of cleanups.
(1) When servname == 0 and protocol == 0, return addrinfo structure
for both DGRAM/UDP and STREAM/TCP.
For example, if you ask for localhost/echo without specifying
servname nor protocol, the following four addrinfo structure will
be returned (the order may vary):
::1 dgram/udp port 7
::1 stream/tcp port 7
127.0.0.1 dgram/udp port 7
127.0.0.1 stream/tcp port 7
This fixes KAME PR 141.
(2) fix memory leak on failure cases
(3) clarify non-udp/tcp protocol cases. at this moment SOCK_RAW
is the only one allowed. we may need to loosen the restriction
further.
* kame/libinet6/getnamenfo.c: clarify non-udp/tcp protocol cases.
1999-10-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd: config parser was rewritten using lex and
yacc. According to this change, each line MUST now be terminated
by a semi-colon ';', and hence older configuration files will
cause parsing errors. Please be careful in updating.
Thu Oct 28 19:39:02 JST 1999 itojun@iijlab.net
* openbsd/sys/sys/socket.h: fix alignment constraint for
ancillary data.
Thu Oct 28 14:00:45 JST 1999 itojun@iijlab.net
* freebsd3/ports/ucd-snmp: upgrade to 4.0.1 with IPv6 patch.
it looks tcb/udb dump is not working.
* freebsd3/ports/zebra: upgrade to 0.80.
1999-10-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd[23]/ports/wwwoffle: was added with IPv6 patch developed
by Feico Dillema <dillema@acm.org>
Thu Oct 28 09:24:14 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd2/ports/ucd-snmp:
upgrade to latest IPv6 patch.
Thu Oct 28 01:41:00 JST 1999 sakane@ydc.co.jp
* kame/kame/netinet6/ipsec.c:
Fix mbuf memory leak.
- Policy buffer was not freed when PCB was free.
- PF_KEY message buffer was not freed when key_parse() returned zero.
1999-10-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6dd: applied several fixes from sumikawa@hitachi
Wed Oct 27 20:58:42 JST 1999 itojun@iijlab.net
* netbsd/usr.bin/netstat: use getnameinfo() with KAME hack.
add support for -v into interface info and pcb info printing,
which avoids address truncation on printing.
1999-10-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/rp.c (delete_grp_mask_entry):
fixed a bug of rearraging the group list.
I believe the bug was derived from original pimd.
Wed Oct 27 14:49:09 JST 1999 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
We don't always try to allocate new SA. It's no need if the state
of SA in the holder is SADB_SASTATE_MATURE, and if this is newer one.
1999-10-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/in6.c (mask2len): changed the argument from
in6_addr{} to sockaddr_in6{} so that the function could handle
a shortened netmask. The change solves the problem that bgpd
misunderstands the prefix length of an interface direct route.
Thanks to: the TAHI project for finding the problem.
Wed Oct 27 10:14:07 JST 1999 itojun@iijlab.net
* freebsd2/ports/ucd-snmp: upgrade to 4.0.1 with IPv6 fixes.
Wed Oct 27 03:27:13 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/sys/conf/newver.sh: RELEASE="${REVISION}-${BRANCH}"
instead of specified keywords, such as 2.2.8-RELEASE.
Submitted by: Martti Kuparinen <martti@research.zopps.fi>
Tue Oct 26 23:45:15 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* bsdi3/libexec/ftpd/ftpd/ftpcmd.y: appllied Y2K patch of
ftpd(wu-ftpd)
From: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html#QA35
* bsdi3/usr.bin/ftp/cmds.c: One more Y2K patch. M310-055 is not
enough for newer checking. e.g.:
% touch -t 200107221100 tmp/test
% touch -t 199907221130 test
% ftp 127.0.0.1
Connected to 127.0.0.1.
220 rapunzel.net.ebina.hitachi.co.jp FTP server (Version wu-2.4(1)\
Fri Jan 17 12:05:30 MST 1997) ready.
Name (127.0.0.1:sumikawa):
331 Password required for sumikawa.
Password:
230 User sumikawa logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd tmp
250 CWD command successful.
ftp> newer test
Local file "test" is newer than remote file "test"
Reported by: takenaka@ebina.hitachi.co.jp
Tue Oct 26 18:50:16 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/ip_input.c: disable ipflow (IPv4 fast forwading)
if IPsec is configured in the kernel.
From: Hans-Joachim Knobloch <hansi@xlink.net>
Tue Oct 26 17:52:12 JST 1999 itojun@iijlab.net
* (bunch of source code): fix inet_pton() error check. we need to
check if the return value equals to 1, or not equal to 1.
"<= 0" or "!= 0" does not really make sense.
Tue Oct 26 17:30:43 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/vat6: Tcl initialization patch.
Submitted by: Kenjiro Cho <kjc@csl.sony.co.jp> (kame-snap 1471)
Tue Oct 26 13:27:43 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/www/wwwoffle: add wwwoffle 2.5 with IPv6 patch.
* netbsd/pkgsrc/net/zebra, freebsd2/ports/zebra: upgrade to 0.80.
Tue Oct 26 02:58:19 JST 1999 sakane@ydc.co.jp
* freebsd3/sys/netinet tcp_input.c udp_usrreq.c
Modify m_len before and after calling ipsec_in_reject().
FreeBSD3 cuts out IP header from mbuf before pcb lookupping.
Tue Oct 26 02:44:51 JST 1999 sakane@ydc.co.jp
* kame/sys/netinet6/ipsec.c:
Fixed a bug that sa_len wasn't updated in spidx.
Improved to make spidx which is used as key to search SPD.
Mon Oct 25 22:30:47 JST 1999 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
* kame/kame/libipsec:
- Improved to set IP addresses into the ipsec request structure
from PF_KEY msgs.
- Fixed to print IP addresses in ipsec policy request.
- Fixed a bit to print protocol name.
Sat Oct 23 17:11:39 PDT 1999 itojun@iijlab.net
* {netbsd,freebsd2,bsdi3}/sbin/ifconfig: show IPv6 link-local
addresses in KAME extended IPv6 numeric address format, like
fe80::1@ne0 (experimental).
The change may require you to update rc.net6.
1999-10-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd: added a configuration option to handle
site-local addresses in RIPng. See bgpd.conf(5).
Fri Oct 22 13:35:23 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/lib/libftpio: fix getaddrinfo() loop, so that the code
will try to explore all the addresses returned after query.
Thu Oct 21 15:00:15 PDT 1999 itojun@iijlab.net
* kame/sys/netinet/in_cksum4.c: fix computation algorithm for big
packet.
Thu Oct 21 08:40:24 PDT 1999 itojun@iijlab.net
* netbsd/sys/netinet/udp_usrreq.c: advanced API has been broken for
IPv6 UDP due to a one-letter typo. it is now fixed.
Thu Oct 21 07:57:02 PDT 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp: upgrade to 4.0.1 with IPv6 fixes.
1999-10-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.sbin/traceroute/Makefile: added OS-specific
compilation options, one of which would fix a problem of bad
checksums for probe packets.
Thu Oct 21 15:12:16 JST 1999 skane@ydc.co.jp
* kame/kame/racoon:
Make it compilable on INRIA stack.
Patch from <Francis.Dupont@inria.fr>.
Wed Oct 20 23:05:52 PDT 1999 itojun@iijlab.net
* freebsd2/lib/libftpio: fix getaddrinfo() loop, so that the code
will try to explore all the addresses returned after query.
Wed Oct 20 09:01:53 PDT 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/wu-ftpd: upgrade to 2.5.0 with IPv6 patch.
Thu Oct 21 00:19:23 JST 1999 sakane@ydc.co.jp
* kame/kame/libipsec:
Improved IPsec policy parser. Following requests are allowed:
protocol/mode/src-dst/level
protocol/mode/src-dst
protocol/mode/src-dst/
protocol/transport
protocol/transport//level
See policy_parse.y for detail.
Wed Oct 20 20:13:50 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/ncftp3, netbsd/pkgsrc/net/ncftp3: upgrade to
3.0 beta 21.
1999-10-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ndp/ndp.c (dump): enabled the NI_WITHSCOPEID flag for
getnameinfo when printing a neighbor cache entry for a link-local
scope address. So, for example, `ndp -an' would provide the
following result:
Neighbor Linklayer Address
fe80::210:4bff:fe32:93d1@ef0 0:10:4b:32:93:d1
fe80::210:5aff:fe5c:6b5c@ef0 0:10:5a:5c:6b:5c
fe80::2a0:24ff:fe66:1350@ef0 0:a0:24:66:13:50
(some fields were ommited in the example.)
1999-10-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_ioctl): in the case of
SIOCGNBRINFO_IN6, embeded the interface index of a link-local
scope address into the address before calling nd6_lookup().
With this hack, applications would not have to care about the
KAME's hack for scoped addresses.
1999-10-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_lookup): use rt->rt_ifa->ifa_ifp
instead of rt->rt_ifp for validation of the interface. This change
would solve a problem that `ndp -a[n]' barks at a neighbor cache
entry for the node's own address.
Tue Oct 19 13:43:27 JST 1999 sakane@ydc.co.jp
* kame/sys/netinet,netinet6,netkey:
- Save uid who created socket, and decision socket based policy
with this uid. At FreeBSD3, so->so_cred->p_svuid is saved
as this uid.
- New identify type; SADB_X_IDENTTYPE_ADDR. This is suitable
to identify clients of SA, not SA peers, rather than using
SADB_IDENTTYPE_FQDN when kernel send SADB_ACQUIRE.
Tue Oct 19 07:13:02 JST 1999 itojun@iijlab.net
* kame/dhcp6: server passes timezone information to clients.
Tue Oct 19 00:53:51 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/wu-ftpd: upgrade to 2.5.0 with security
patches. If you use old wu-ftpd, you should upgrade it because of
several security holes.
Mon Oct 18 13:43:40 JST 1999 itojun@iijlab.net
* kame/tcpdump/print-bgp.c: decode BGP packets. BGP data that crosses
packet boundary will not be decoded (it does not reassemble TCP
segments).
1999-10-18 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd: added various improvements and changes
including:
- reflection of change of an IGP route to IBGP routes that use
the IGP route for BGP next-hop resolution.
- show per-prefix sorted BGP routes in the dump file.
- show various timers in the dump file.
- increased the default size of output socket buffers used for BGP
connections. Also, made the size configurable.
1999-10-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_lookup): added a sanity check for
the interface at the end of the function. This will prevent
invalid redirect messages when there is routing loop with an
adjacent router.
1999-10-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/ripng.c (rip_process_response): logged prefix and
interface for non-routable prefixes or for a prefix with an
invalid metric.
Adviced by: Tetsuya Isaki <isaki@net.ipc.hiroshima-u.ac.jp>
Fri Oct 15 16:53:20 JST 1999 itojun@iijlab.net
* kame/tcpdump/print-{tcp,udp}.c: print IP address properly when
intermediate headers or IP option is present.
* kame/sys/netinet/in_cksum4.c: more clever IPv4 pseudo header
checksum routine.
* netbsd/sys: experimental use of m_pulldown() in tcp and udp.
m_pulldown() guarantees contiguous allocation of intermediate
headers (like tcp header) on mbuf chain.
Thu Oct 14 17:27:26 JST 1999 itojun@iijlab.net
* kame/tcpdump: fix endian-ness problem in big endian machines.
From: KOIE Hidetaka <hide@koie.org>
1999-10-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (icmp6_ctloutput): fixed mbuf leak on
setsockopt(ICMP6_FILTER).
(found by: k-sugyo@kame)
1999-10-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/bgp_util.c (bgp_peerstr): was added to print a
BGP-peer address (link-local or global).
* kame/kame/bgpd/in6.c (ip6str): took a new argument (ifindex) to
print link-identifier as well for a link-local address.
* the way to treat the dump file was also changed. See bgpd(8) in
detail.
Tue Oct 12 19:14:53 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ethereal: ethereal port for version 0.7.5.
Mon Oct 11 00:40:52 JST 1999 itojun@iijlab.net
* freebsd2/ports/fwtk6: use latest IPv6 patch.
From: Hajimu UMEMOTO <ume@mahoroba.org>
Sun Oct 10 15:44:07 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/{icmp6.c,tcp6_subr.c,udp6_usrreq.c},
openbsd/sys/netinet/{tcp_subr.c,udp_usrreq.c},
netbsd/sys/netinet/tcp_subr.c,
freebsd3/sys/netinet/tcp_subr.c, freebsd3/sys/netinet6/udp6_usrreq.c:
Revisit xx_ctlinput(). We added extra args to xx6_ctlinput(),
but it was wrong. We cannot just invent function prototype for
xx_ctlinput() as they will be called across protocol types
(for example, see pfctlinput() in sys/kern).
Made last arg of xx6_ctlinput() into void *, to meet standard
practice.
For passing info from icmp6 handler to xx6_ctlinput(), introduced
struct ip6ctlparam.
Sat Oct 9 11:35:32 JST 1999 itojun@iijlab.net
* openbsd/ports/net/bind8, netbsd/pkgsrc/net/bind8,
freebsd[23]/ports/bind8: upgrade IPv6 patch. AAAA dynamic update
is now available.
why do I have to commit it FOUR times... :-(
Fri Oct 8 17:26:09 JST 1999 itojun@iijlab.net
* openbsd/ports/net/bind8: bind 812 with IPv6 support.
* openbsd/ports/net/zebra: zebra 0.79.
* openbsd/ports/mail/sendmail6: sendmail 8.9.2 with IPv6 support.
Fri Oct 8 12:21:39 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/audio/mpg123, freebsd2/ports/mpg123:
upgrade to latest IPv6 patch.
* netbsd/pkgsrc/www/lynx, freebsd2/ports/lynx:
upgrade to 2.8.2 + latest IPv6 patch.
From: Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
Fri Oct 8 08:42:12 JST 1999 itojun@iijlab.net
* openbsd/sys/net/route.[ch], kame/sys/netinet6/icmp6.c:
synchronize ipv6 pmtud code for openbsd with netbsd.
this includes change to openbsd/sys/net/route.[ch] for
route entry timer code.
this should fix possible dangling pointer problem in previous code.
Fri Oct 8 01:40:23 JST 1999 itojun@iijlab.net
* openbsd/ports/security/ssh: ssh 1.2.27 with IPv6 patch.
* netbsd/pkgsrc/mail/fetchmail: upgrade to 5.1.1.
* openbsd/ports/mail/fetchmail: added, IPv6-enable config with 5.1.1.
Thu Oct 7 22:05:10 JST 1999 itojun@iijlab.net
* openbsd: issue first snapshot for KAME/OpenBSD25.
there still are many issues to be fixed. see openbsd/TODO for
details. report any experiences to snap-users@kame.net.
Thu Oct 7 14:08:24 JST 1999 itojun@iijlab.net
* kame/etc/rc.net6: disallow "internal" addresses like ::ffff:127.0.0.1
to appear on the wire. This is done by configuring reject route
onto the routing table, so you can always re-enable it if you have
some special need for experiments.
1999-10-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/netstat/route.c (netname6, routename6): were changed to
use getnameinfo in order to accomodate to the new format for
scoped addresses.
Now link-local gateways when invoking `netstat -rn' are shown like
fe80::5254:ff:fedc:5217@ne0.
Wed Oct 6 19:50:37 JST 1999 k-sugyou@kame.net
* freebsd[23]/ports/perl5: update to latest IPv6 patch.
Wed Oct 6 19:42:56 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/totd, freebsd[23]/ports/totd:
totd, a DNS server for translation services like faithd(8).
NetBSD PR: 8563
From: Feico Dillema <dillema@acm.org>
Wed Oct 6 17:28:05 JST 1999 itojun@iijlab.net
* kame/bindtest: tests how the kernel implements bind(2) on IPv4/v6
socket. is not compiled in default compilation.
1999-10-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/pim6sd.conf.5: was added for configuration
guide.
1999-10-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/v6test/v6test.c (bpf_open): use pcap_lookupdev (if
possible) to choose the outgoing interface when the user does not
specify one.
Tue Oct 5 20:46:33 JST 1999 itojun@iijlab.net
* bsdi3/sys/i386/isa/if_mz.c: drop faulty multicast loopback packet
on promiscuous mode. this is to make the driver always behave as
IFF_SIMPLEX.
1999-10-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/*/netstat/inet6.c (ip6_ifstats): added the case of
ifs6_in_truncated to be printed, which was just forgotten so far.
1999-10-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/v6test/getconfig.c (make_padnopt): added a new
attribute(padoptreallen) for the PadN option so that v6test could
fake the option length.
* kame/kame/v6test/conf/ext.conf (illhdrlen): added a new test.
Mon Oct 4 18:59:06 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/www/w3m: new port for W3M, simple text based WWW
client.
* netbsd/pkgsrc/devel/boehm-gc: conservative garbage collector for C
programs. needed for pkgsrc/www/w3m.
Sat Oct 2 16:18:35 JST 1999 itojun@iijlab.net
* freebsd[23], netbsd: import ALTQ 2.0. ALTQ on bsdi3 is not
supported yet. IPv6 support needs improvement. Not really tested,
Testers wanted.
* freebsd[23]/ports/altq, netbsd/pkgsrc/net/altq:
update ALTQ userland to 2.0.
Fri Oct 1 09:02:23 JST 1999 itojun@iijlab.net
* freebsd[23]/lib/libftpio: fix EPSV case. this should fix
usr.bin/fetch.
<199909>
1999-09-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6.h (IP6_EXTHDR_CHECK): added a sanity check
for the case where m_next is NULL and m does not contain enough
data. This fix will prevent the kernel from referring to illegal
memory space when receiving a packet with bogus header length.
Thu Sep 30 10:57:22 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/w3m: new port W3M, simple text based WWW client.
1999-09-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtsold/dump.c: was added to dump internal status
of the running rtsold to a file by sending the SIGUSR1 signal.
Wed Sep 29 17:09:15 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/kame/ndp/ndp.c: use getnameinfo() instead of inet_ntop().
you should use -n option if you don't want to reverse lookup.
1999-09-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/if.c (get_32id): fixed a bug that 127.0.0.1 was
chosen as the BGP identifier if it was the only IPv4 address on
the router.
Mon Sep 27 22:25:00 JST 1999 itojun@iijlab.net
* kame/{libpcap,tcpdump}: support OpenBSD.
Mon Sep 27 12:28:13 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/ethereal: upgrade to 0.7.5.
Mon Sep 27 04:33:31 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/tcp_wrapper, netbsd/ports/tcp_wrapper:
upgraded to latest IPv6 patch made by ume@mahoroba.org.
1999-09-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/libinet6: made the code as much portable as possible.
Some macros were added to aclocal.m4 and were used in configure.in
for compilation on other platforms than KAME.
Sun Sep 26 12:08:28 JST 1999 itojun@iijlab.net
* freebsd[23]/ports/vic6: upgrade to new IPv6 patch.
From: isaki@net.ipc.hiroshima-u.ac.jp
Fri Sep 24 21:15:02 JST 1999 itojun@iijlab.net
* freebsd2/sys/netinet/ip_output.c: prevent kernel panic on
per-socket IPsec policy specification, like:
# ping -P 'out ipsec ah/transport/x-x/use' x
(the cause was only a pair of parens, we'd better have -Wall in
kernel Makefile...)
Fri Sep 24 00:36:05 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/in6_ifattach.c: do not allow all-zero EUI64/
IEEE802 to be used as interface id source for pseudo interfaces.
without this, all-zero IEEE802 address will be mistakingly used as
interface id source, on bsdi/wildboar pcmcia device driver
(when in6_ifattach_getifid is get called from ether_ifattach).
Fri Sep 24 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/ip6_output.c: append destination header 2 to the
outgoing packet. the code was broken a long time ago.
From: Conny Larsson <conny@verkstad.net>
Thu Sep 23 15:24:45 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/sys/i386/if_wi.c: WaveLAN/IEEE speaks IPv6. It is new
official supported device.
Wed Sep 22 20:42:25 JST 1999 sakane@ydc.co.jp
* kame/kame/mchat:
Added two new command, /file and /log. `/file' is to send file
specified. `/log' is to log data received into file specified.
If `/log' is typed again, logging will be finished.
Wed Sep 22 15:22:21 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp* (tcp4/6)
* bsdi3/sys/netinet/tcp* (tcp4)
* freebsd2/sys/netinet/tcp* (tcp4)
* kame/sys/netinet6/tcp6* (tcp6 for bsdi3/freebsd2)
* freebsd3/sys/netinet/tcp* (tcp4/6)
fix TCP MSS computation with IPsec headers. (1) TCP MSS option
must be mtu - iphdrlen - tcphdrlen. it is a violation of protocol
spec to decrement option value further. (2) simplify IPsec header
size offset handling. this may, or may not come with some
performance hit.
Wed Sep 22 14:43:20 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/sys: upgraded base version to FreeBSD 3.3-RELEASE.
TODO: tcp_getcred() and udp_getcred() need more work to support
IPv6 socket.
Wed Sep 22 JST 1999 itojun@iijlab.net
* openbsd: bunch of fixes and merges for KAME/openbsd.
basic operations are IPv6 ready but still needs more work.
* netbsd/pkgsrc/www/squid11: upgrade to latest IPv6 patch.
* kame/tcpdump/print-frag6.c: print fragment length, instead of
ipv6 whole payload length, as property of fragment header.
1999-09-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* openbsd/sys/dev/ic/elink3.c (epget): prevented the input routine
from deviding two (small) mbufs; the new routine always stores an
incoming packet either in a single mbuf or in a chain of mbuf
clusters.
Mon Sep 20 17:38:03 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/in6_ifattach.c: allow MD5(hostname) to be used
as interface id for pseudo interfaces, when no other choices are
available (need to be revisited).
* kame/sys/netinet6/*: merge in ARCnet support from NetBSD-current.
* netbsd/sys/netinet/udp_usrreq.c: support IPv4 mapped address on
udp6 socket.
1999-09-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.bin/Makefile: added v6test to SUBDIR.
*bsd*/usr.bin/v6test/Makefile: added to install v6test.
1999-09-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi3/usr.bin/ppp/ppp_ipv6cp.c: was rewritten not to use
s6_addr{16, 32}, which might cause portability problems.
1999-09-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi3/usr.bin/Makefile (SUBDIR): directory ppp was added to
SUBDIR. Note, however, ipv6cp was not fully tested.
Thu Sep 16 13:50:42 JST 1999 itojun@iijlab.net
* kame/libipsec/pfkey.c: Temporary workaround against KAME PR 154.
If you use setkey to dump many keys in the kernel, or to add
many keys at one time, PF_KEY socket buffer will overflow
(because PF_KEY socket is SOCK_DGRAM, there's no flow control).
To address this issue we added setsockopt(SO_{SND,RCV}BUF) into
pfkey_open(). This allows the PF_KEY socket to hold roughly 1000
keys in the buffer. More fundamental fix should follow.
Thu Sep 16 09:44:03 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/tcptrace, freebsd[23]/pkgsrc/net/tcptrace:
upgrade to 5.2.1.
1999-09-15 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_control): removed a redundant
sanity check for ifp in the SIOCGIFSTAT_IN6 case. The check was
even harmful to freebsd3.
1999-09-15 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_mroute.c (add_m6if, del_m6if):
for fbsd3, use if_allmulti() instead of calling if_ioctl directly
to set/unset the multicast-promiscuous mode.
This fix would be essential if you want to use your kame-freebsd3
box as an IPv6 multicast router. Please do not forget apply the
fix.
1999-09-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.sbin/pim6sd/pim6sd/Makefile:
* *bsd*/usr.sbin/pim6sd/Makefile.inc:
install directory and ld path were corrected.
1999-09-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/bgp_output.c (bgp_send_update): added a sanity
check of the origin of a route before sending UPDATE for the
route. This will prevent SEGV when sending update of a non-BGP
route. It is strongly recommended to apply this fix if you use
the KAME bgpd as an EBGP router.
Thanks to: Nobumichi Ozoe <nobumichi_ozoe@ydc.co.jp> for reporting
the problem.
Tue Sep 14 01:37:37 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra, freebsd[23]/ports/zebra:
upgrade to 0.79.
Mon Sep 13 20:42:07 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/in6_ifattach.c: do not use IEEE802/EUI64 addr
with u bit != 0, as source of interface id for pseudo interfaces.
this is because IEEE802/EUI64 addr with u bit != 0 is not globally
unique (there are such ethernet cards exist - yes, I have one).
NOTE: this change may affect your "gif" interface configuration
Mon Sep 13 20:41:07 JST 1999 shin@kame.net
* */sys/netinet/raw_ip.c, */sys/netinet/udp_usrreq.c,
kame/sys/netinet6/raw_ip6.c, kame/sys/netinet6/udp6_usrreq.c:
on PRU_ATTACH, call in6_pcbdetach if ipsec policy initialization
is failed. this fixes memory leakage during heavy use of socket
interface.
Mon Sep 13 12:26:07 JST 1999 itojun@iijlab.net
* netbsd/sys/dev/pcmcia/if_wi*, netbsd/usr.sbin/wiconfig:
WaveLan driver from NetBSD-current. Works fine with IPv6 as we've
fixed it. (This may be (1) a bad idea to bring some drivers in
from *-current, for some of version controlling issues, or (2) a
good idea for reducing people's labor for merging. I'm not really
sure...)
1999-09-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/mtrace6: implemented in order to trace IPv6
multicast routing.
Notes:
- kernel and multicast routing daemons should be updated as well.
- if you use cvsup, please be sure to `make clean' on the
directory `pim6sd' before update.
- mtrace6 feature is currently VERY experimental (we have no
official specification). You can't expect interoperability with
other implementations.
Sun Sep 12 23:44:00 JST 1999 itojun@iijlab.net
* kame/dhcp6: experimental DHCPv6 client/server. many restrictions
due to incomplete implementation (and we may not be improving this
in the future). not included in default compilation tree.
use at your own risk.
Sat Sep 11 13:51:25 JST 1999 itojun@iijlab.net
* kame/tcpdump: add support for dhcp6.
1999-09-09 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtsold/rtsol.c (sendpacket): not call warnmsg even if
sendmsg fails (unless the error is a serious one). This change is
for a situation where a node has multiple interface cards and some
of the cards may be disabled.
Thu Sep 9 02:10:21 JST 1999 itojun@iijlab.net
* netbsd/sys/net/if_ethersubr.c: grab IEEE802 MAC address as
seed of IPv6 interface index, on ether_ifattach().
this is for pcmcia ethernet cards inserted after bootstrap time.
(commits for other operating systems should follow)
From: sakane@kame.net
Wed Sep 8 19:34:57 JST 1999 itojun@iijlab.net
* netbsd/sys/dev/ic/sm91cxx.c: avoid duplicated multicast packet
reception on promiscuous mode. this fixes DAD failure during
promiscuous mode.
* sys/netinet6/in6_pcb.c: allow bind(2) to non-interface address,
if the socket is configured as FAITH socket. this is for allowing
ftp relay daemon to perform bind(2) on behalf of fake IPv4 address
on active data connection.
v6 ftp client --control---> ftp translator ----> v4 ftp server
<---data----*
"*" needs to be fake IPv4 address generated from translation pool
prefix and the address for v4 ftp server.
From: yasuoka@iij.ad.jp
1999-09-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi3/sbin/ifconfig/ifconfig.c (findaddr): used AF dependent
comparison functions instead of simple binary comparison. With
this fix, you can use ifconfig add, remove and modify commands for
IPv6 link-local addresses without embedding an interface
identifier. That is, you can do
# ifconfig ef0 inet6 remove fe80::1
instead of
# ifconfig ef0 inet6 remove fe80:2::1
Tue Sep 7 16:42:41 JST 1999 itojun@iijlab.net
* kame/rip6query: use getaddrinfo() and getnameinfo(), not inet_pton()
and alike. allow interface to be specified with -I.
* netbsd/usr.bin/whois: fix getaddrinfo() loop.
* kame/racoon: fix compilation with --disable-ipv6 (include path).
* sys/netinet6/ipsec.c: support IPsec-only kernel compilation again.
* sys/netkey/key.c: allow any SPI value to be put into kernel,
for IPComp SA that uses well-known CPI field.
* kame/libipsec: allow "setkey -D" on IPComp SA.
* kame/tcpdump/print-ripng.c: format ripng information better
if -v is specified (but it eats more lines on screen).
Tue Sep 7 13:09:06 JST 1999 sakane@kame.net
* kame/kame/sys/netinet6:
Implemented IPv6 forwarding with IPsec slightly.
It's enable if you define IPSEC_IPV6FWD option in kernel
configuration file.
XXX ICMPv6 for IPsec tunnel should be considered.
Tue Sep 7 10:09:53 JST 1999 sakane@kame.net
* kame/sys/netkey/key.c:
Fixed kernel crash when you set SP by spdadd command of setkey.
Sun Sep 5 04:00:08 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd[23]/ports/ucd-snmp:
upgrade to latest IPv6 patch. icmp6 per-if stat is now available.
Sun Sep 4 JST 1999 shin@kame.net
* sys/netinet6/in6_ifattach.c: invert "u bit" on interface id for
pseudo interfaces, as suggested in RFC2373. This was mistakingly
dropped during migration to new repository.
NOTE: interface id for pseudo interfaces (faith*, gif*, and alike)
will change after this fix. Please be sure to update your config
file if you have explicit link-local address embedded in rc files.
1999-09-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ping6: changed the semantics of `-a A' option. It now
specifies to require the responder's anycast addresses.
1999-09-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.h (NI_NODEADDR_FLAG_ANYCAST): added
in order to get/tell a node's anycast addresses.
Note that this is not in the specification, just for experimental
use.
1999-09-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/udp6_usrreq.c (udp6_output): embedded
interface index to a link-local destination. This fix solved a
bug that you can't send a UDP packet to a link-local destination
even when specifying its interface.
XXX: the code is almost same as rip6_output.
Fri Sep 3 11:19:45 JST 1999 itojun@iijlab.net
* kame/traceroute, kame/traceroute6: do not bark even if IPsec
configuration (for bypassing IPsec) is failed. now both programs
should work fine on kernel without IPsec support compiled in.
Fri Sep 3 01:06:47 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/mtr, freebsd[23]/ports/mtr:
mtr network diagnose tool, version 0.41 with IPv6 support.
http://www.BitWizard.nl/mtr/
* netbsd/pkgsrc/net/rsync, freebsd[23]/ports/rsync:
upgrade to latest IPv6 patch.
Thu Sep 2 17:35:13 JST 1999 itojun@iijlab.net
Fix alignment problem for routing socket on NetBSD/alpha.
* kame/ndp/ndp.c: Be more struct about alignment constraint in routing
socket messages (is aligned to sizeof(long) by ROUNDUP() in
sys/net/rtsock.c).
* netbsd/sbin/route, kame/route6d, kame/bgpd, netbsd/usr.bin/netstat:
Fix alignment constraint for routing socket messages.
1999-09-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/: changed hop limit selection algorithm;
hop limit stored in the template header is not considered.
Also, TCP6 was changed to always select hop limit when sending
segment in order to reflect IPV6_UNICAST_HOPS setsockopt and
current hop limit advertised via router advertisements.
Thu Sep 1 17:00:14 JST 1999 sakane@ydc.co.jp
* kame/kame/ping6,traceroute,traceroute6,rrenumd,mchat and so on.
Fixed policy specification due to the modification of policy
management.
XXX In rrenumd, not implemented to specify inbound policy.
I must consider rrenumd's behavior.
XXX In inetd, What should i take deal of in/out ? #@ in/out ?
Thu Sep 1 16:53:14 JST 1999 sakane@ydc.co.jp
* kame/kame/racoon:
Fixed argument of pfkey function call due to the modification
of libipsec. But I have not tested, so probably racoon can't run.
Thu Sep 1 16:50:14 JST 1999 sakane@ydc.co.jp
* kame/kame/setkey,libipsec
- Changed SA specification,
NEW; add a::1 b::1 esp 0x1111 ...
OLD; add a::1 b::1 0x1111 -p esp ...
- Changed SP specification,
NEW; spdadd a::1/64[32] b::1/64[24] tcp
-P in ipsec esp/transport/::1-::1/require ;
NOTE: SEE SAMPLE.CF FOR DETAIL.
- Changed some function in libipsec due to above modification.
- Added some function into libipsec for policy management.
Thu Sep 1 16:43:14 JST 1999 sakane@ydc.co.jp
Modified IPsec policy management. As this modification, it's
enabled to,
1. make a SA to use both transport mode and tunnel mode.
2. make a SA to assign multiple SP entries.
3. check separately inbound SP and outbound SP.
Abstract of modification is
- Deleted a policy holder from pcb, alternatively added two policy
holders that are inbound and outbound respectively.
- IP{V6,}_IPSEC_POLICY is divided two optname, IP{V6,}_IPSEC_POLICY_IN
and IP{V6,}_IPSEC_POLICY_OUT
- "proxy" address has gone away. SA is always specified by both
source and destination address without prefix, port number and
upper layer protocol.
- It's always use IPPROTO_XX as security protocol type internal.
So when using PF_KEY I/F, must map internal type to SADB_SATYPE_XX.
- changed the meaning of value of protocol and port. 0 is one of
the number of each value.
- Begin to add IPsec processing into ip6_forward.
Wed Sep 1 14:14:43 JST 1999 itojun@iijlab.net
* usr.bin/ftp (all platforms): On data connection establishment,
warn if scoped address is used. If peer (ftp daemon) does not
handle scoped address, data connection may not work right.
* libexec/ftpd (all platforms): Copy sin6_scope_id from control
connection to active data connection destination, hoping
this to help ftpd's behavior with scoped IPv6 addresses.
I'm not sure if it is the right way, but it is the best way
available to us. LPRT or EPRT command gives no information
about which interface (or scope) to be used for new data connection.
This seems to be sort of protocol spec twist.
<199908>
Tue Aug 31 18:37:00 JST 1999 itojun@iijlab.net
* openbsd: made GENERIC.v6 at least compilable.
GENERIC.v6 kernel boots okay, replies to ping6.
transport layer (AF_INET6 raw/tcp/udp socket) needs more work.
IPSEC support is completely broken (we have NRL/OpenBSD/KAME IPSEC
code in the tree, I am not quite sure how to solve this).
Tue Aug 31 03:07:16 JST 1999 itojun@iijlab.net
* netbsd: Upgrade base version to 1.4.1. There's not too many
changes between NetBSD 1.4 and 1.4.1, so it should be possible
to install KAME/NetBSD141 on top of NetBSD 1.4 installation.
To get 1.4.1 libc and other important portions, I'd suggest
upgrading to 1.4.1, however.
Updated files are:
sys sbin/ifconfig sbin/ping usr.bin/ftp libexec/tftpd
1999-08-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6: changed to use nd6_output() instead of
ifp->if_output() when sending a packet to a link-layer in various
cases. This change might affect some fundamental parts of sending
IPv6 packets such as forwarding a packet and neighbor
discovery. If you find instability, please let me know.
Mon Aug 30 13:10:15 JST 1999 itojun@iijlab.net
* kame/rtsold: check for invalid RAs, like non-zero icmp6 code or
non-linklocal source address. Found by TAHI team.
Mon Aug 30 11:48:41 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra, freebsd[23]/ports/zebra: upgrade to 0.78a.
Sat Aug 28 16:32:29 JST 1999 itojun@iijlab.net
* netbsd/usr.bin/whois: IPv6-ready whois client.
From: seirios@iri.co.jp
Sat Aug 28 15:28:16 JST 1999 itojun@iijlab.net
* kame/rtsold: fix rtsol's behavior when link-local address is
considered a duplicated address (by DAD).
Fri Aug 27 12:23:19 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp_subr.c: fix IPsec header size consideration
during TCP mss computation. you will see no fragmentation on
IPsec'ed TCP packets.
Thu Aug 26 22:36:07 JST 1999 itojun@iijlab.net
* kame/tcpdump/print-ip.c: fix length printer for IPv4 first fragment.
variable was broken during onion peeling and garbled value was
printed.
1999-08-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/vif.c: changed the type of return value of
vif_forwarder() from if_set * to int.
Also, introduced a new function vif_and(), which is intended to be
called from age_routes() instead of vif_forwarder(). The new
function is added in order to prevent bcopy from a NULL pointer,
which causes pim6sd hang up.
Thu Aug 26 18:01:27 JST 1999 sumikawa@ebina.hitachi.co.jp
* kame/sys/netinet6/frag6.c (frag6_init): changed ip6_id setting
algorithm. it is borrowed from ip6_init(). ip6_id(initialized
fragmentation value) was always 0 on FreeBSD/NetBSD(was 3 on BSDI)
since it seems tv/time_second is not set when calling
frag6_init().
Thu Aug 26 05:07:49 JST 1999 sumikawa@ebina.hitachi.co.jp
* kame/tcpdump: print the identification of fragment headers when
using -v flag
1999-08-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ah_core.c (ah6_calccksum): fixed a bug
of pointer adjustment to chase options. The bug might cause
kernel panic when trying to calculate ICV for a HbH or a Dst options
header including an immutable option.
Thanks to the TAHI project(http://www.tahi.org/) for finding the
bug.
1999-08-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* sys/netinet6/in6_pcb.c (in6_selecthlim): added to select hop
limit for an outgoing packet in various situations. The algorithm
is as follows:
1. The hop limit field of the template header.
2. Hoplimit value specified via ioctl.
3. (If the outgoing interface is detected) the current
hop limit of the interface specified by router advertisement.
4. The system default hoplimit.
UDP6 and raw IP6 directory use this function. TCP6 uses this via
in6_pcbconnect.
This change fixes the problem that IPV6_UNICAST_HOPS did not work
for a UDP6 and a raw IP6 socket.
Thanks to Tetsuya Isaki <isaki@v6.ipc.hiroshima-u.ac.jp> for
finding the problem.
Wed Aug 25 22:45:15 JST 1999 itojun@iijlab.net
* kame/rtsold: Fix segv when invoked as normal user, not root.
do not wait forever if -1 is specified (or invoked as rtsol).
From: Takashi_Tanaka@yokogawa.co.jp
Wed Aug 25 19:59:49 JST 1999 sumikawa@ebina.hitachi.co.jp
* freebsd[23]/ports/ncftp3, netbsd/pkgsrc/net/ncftp3: upgrade to
latest IPv6 patch
Wed Aug 25 18:46:48 JST 1999 itojun@iijlab.net
* freebsd[23]/ports/inn: update IPv6 patch.
From: Satosi KOBAYASI <kobayasi@north.ad.jp>
1999-08-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ah_core.c (ah6_calccksum): corrected the
length parameter for auth. data calculation at the end of
IPPROTO_HOPOPTS and IPPROTO_DSTOPTS cases.
Problem reported by the TAHI project(http://www.tahi.org/).
Wed Aug 25 11:24:43 JST 1999 itojun@iijlab.net
* kame/racoon: Fix compilation on NetBSD/alpha.
Fix portability issue with ssleay/openssl. However, we cast
most of parameters to des_xx() into void *, which is not a very
good way to solve this issue.
Wed Aug 25 02:31:54 JST 1999 sumikawa@ebina.hitachi.co.jp
* freebsd3/ports/pfs: add pfs(personal file system)
* freebsd[23]/ports/emacs20: more sophisticated IPv6
supporting. Patched by: wolfgang@wsrcc.com
1999-08-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6dd/debug.c (dump_lcl_grp): added to show status of
local listeners with some timer values.
Wed Aug 25 00:12:56 JST 1999 sumikawa@ebina.hitachi.co.jp
* freebsd[23]/ports/netperf, netbsd/pkgsrc/net/netperf: upgrade to
latest IPv6 patch
Tue Aug 24 23:45:36 JST 1999 itojun@iijlab.net
* freebsd[23]/ports/mrt, netbsd/pkgsrc/net/mrt: upgrade to mrt 2.0.0a.
1999-08-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6dd: fixed a bug that pim6dd with a local listener
didn't correctly stop forwarding when it became an assert looser.
(The bug seemed to be derived from the original pimdd.)
Thanks to Mickael Hoerdt<mhoerdt@iutsud.u-strasbg.fr> for finding
the problem.
Tue Aug 24 18:19:19 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp*.c: Improve syn cache cleanup again.
When listening socket goes away, syn cache entries associated to the
listening socket will never be used. Therefore, it makes more sense
to nuke all assockated syn cache entries when listening socket
goes away.
NOTE: On 4.4BSD, it was possible to run SYN-SYNACK-ACK handshake even
if listening socket goes away in the middle (as sonewconn is called
right after SYN reception). After introduction of syn cache,
the behavior was changed (if listening socket goes away in the
middle, no negotiation will be successful).
KAME change will keep the latter behavior.
Suggested by: Jason Thorpe
Tue Aug 24 08:18:00 GMT 1999 itojun@iijlab.net
* bsdi3: fix manpage installation procedure to conform to
BSDI3 practice.
Tue Aug 24 16:42:54 JST 1999 itojun@iijlab.net
* usr.sbin/rtsold, sbin/rtsol: Integrate rtsold and rtsol source code.
Behavior is switched by argv[0]. sbin/rtsol needs to be statically
linked for most of the platforms, so they are compiled separately.
This change will improve IPv6 spec conformance of rtsol(8).
Tue Aug 24 02:11:54 JST 1999 itojun@iijlab.net
* etc/rc.net6: disallow multiple interfaces from being autoconfigured
on host case, added some comment on it.
IPv6 specification assumes, in many places, that autoconfigured
node has only single externally-visible network interface.
Autoconfiguring a node with multiple interfaces can cause unexpected
behavior.
1999-08-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.{bin,sbin}/netstat: supported per-interface
statistics. Try
% netstat [-p [ip6|icmp6] | -f inet6] -s -I if_name
for printing statistics on a specified interface, or
% netstat [-p [ip6|icmp6] | -f inet6] -s -i
for all interfaces.
1999-08-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6: implemented per-interface ICMPv6 statistics
based on RFC2466. ioctl(SIOCGIFSTAT_ICMP6) is available as API.
Note that this changes affect the size of struct in6_ifreq,
which means you have to recompile some applications using the
structure like ifconfig.
1999-08-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* sys/netinet6/udp6_usrreq.c (udp6_output): now got rid of
in6_pcbconnect, which needs splnet and affects performance, since
we saw no essential reason for calling in6_pcbconnect.
Instead, in6_selectsrc and in6_pcbsetport are used in order to
fill in the local address and in the local port.
Fri Aug 20 20:27:34 JST 1999 itojun@iijlab.net
* bsdi3/usr.sbin/inetd: inetd with IPv6 and IPsec support.
inet6d will be left uncompiled for good.
Fri Aug 20 18:13:36 JST 1999 itojun@iijlab.net
* sys/netinet/in_gif.c, sys/netinet6/in6_gif.c:
do not capture tunnelled packet when gif interface is down
(not IFF_UP).
Fri Aug 20 15:26:59 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp_input.c: tentative fix to dangling pointer
problem in syn cache. may need updates.
Fri Aug 20 09:11:20 JST 1999 itojun@iijlab.net
* freebsd[23]/ports/apache13, netbsd/pkgsrc/www/apache13:
* freebsd[23]/ports/bind8, netbsd/pkgsrc/www/bind8:
upgrade to new IPv6 patch.
Fri Aug 20 08:57:01 JST 1999 itojun@iijlab.net
* sys/netinet6/in6.h: remove, or hide nonstandard macros/struct defs
from the userland programmers. if your code breaks with this change,
your program assumes something outside of RFC2553.
some of programs under "ports" or "packages" directory may fail to
compile. Please report if you find one.
Fri Aug 20 04:16:11 JST 1999 sumikawa@ebina.hitachi.co.jp
* freebsd[23]/ports/newbie, netbsd/pkgsrc/net/newbie: update to 0.22.
Fri Aug 20 00:23:42 JST 1999 itojun@iijlab.net
* usr.sbin/racoon/racoon: fix SEGV due to duplicated free().
From: "Heiko W.Rupp" <hwr@pilhuhn.de>
Thu Aug 19 21:59:08 JST 1999 itojun@iijlab.net
* sys/netinet/in_gif.c: if you run KAME/NetBSD prior to the change
as router, sometimes kernel panicked due to failure to include
opt_ipsec.h into this file. I really hate opt_xx.h...
From: Kazuto Ushioda <x-y-z@3si.co.jp>
1999-08-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/{ip6_output.c, nd6.c}: use nd6_output by
default. Note that some files under sys/net must be updated,
too. I believe the behavior is now quite stable, but if not,
please let me know.
Thu Aug 19 15:02:35 JST 1999 itojun@iijlab.net
* lib/libinet6: compile inet_pton() into libinet6. The code
is from ISC BIND821. This is to avoid bugs in OS-supplied
inet_pton() (the source of bug is BIND version < 8.2).
NOTE: KAME/NetBSD needs inet_addr.c into libinet6 as well, because
inet_pton() and inet_addr() are supplied as single object file in
libc.a.
Thu Aug 19 00:38:02 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd2/ports/ucd-snmp:
upgrade to 3.6.2. freebsd3/ports/ucd-snmp is not buildable.
Wed Aug 18 22:02:14 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_var.h: Based on RFC2465, IPv6 per-interface
statistics framework is implemented. Actual statistics support
is ongoing. ioctl(SIOCGIFSTAT_IN6) will let you peek the
statistics from the userland.
NOTE: rebuild all userland tools as struct in6_ifreq is changed
its size.
NOTE: in some cases we are unable to increment counter, because
there's no route for packet (hence interface).
1999-08-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/libinet6/ip6opt.c (inet6_option_append, inet6_option_alloc):
adjust pad length to avoid unnecessary pad.
Thanks to Frederic SOULIER for pointing it out.
Tue Aug 17 19:46:52 JST 1999 itojun@iijlab.net
* sys/netinet6/in6.h: make IN6_IS_SCOPE_LINKLOCAL() invisible from
userland.
We will gradually remove nonstandard (and uncommon) defs as much as
possible from netinet/in.h. Some of your userland apps may
fail to compile during the process. Please stick to standard
defines (see RFC2553 and RFC2292).
Tue Aug 17 13:01:50 JST 1999 itojun@iijlab.net
* kame/ndp: fix cases when no link-layer address information is
cached in the kernel.
1999-08-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/libinet6/name6.c (gethostbyname2): reinitialized saved_hp
right after freehostent() in order to avoid possible duplicate
free the variable.
Suggested by Frederic SOULIER.
Mon Aug 16 01:34:36 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra, freebsd[23]/ports/zebra: upgrade to 0.77.
1999-08-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/pim6sd: correctly supported restarting by SIGHUP.
Thanks to <mhoerdt@iutsud.u-strasbg.fr> for sending patch.
Sat Aug 14 00:18:57 JST 1999 sakane@ydc.co.jp
* kame/kame/racoon:
Added man page of racoon.conf.
Changed default directory placed racoon.conf.
new directory is /usr/local/etc.
1999-08-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6_pcb.c (in6_selectsrc):
added an argument to pass the local address of the PCB in order to
prefer the optionally specified address to the local address.
Fri Aug 13 23:01:15 JST 1999 itojun@iijlab.net
* freebsd2/usr.sbin/inetd: support tcp6, udp6 as protocol type.
now inetd is able to support both address families, so there's no
need to run separate inet6d. you just need to (1) kill
/usr/sbin/inetd, and (2) run /usr/local/v6/sbin/inetd instead.
/etc/inetd.conf will be used.
Fri Aug 13 21:34:39 JST 1999 itojun@iijlab.net
* sys/netinet6: Add net.inet6.ip6.use_deprecated sysctl MIB.
This is for RFC2462 5.5.4, which specifies the use of deprecated
address as the source address for new connection when no other choice
is available.
Default value is 1 (allows deprecated address as a last resort).
By making it 0, deprecated address will never be used, even as a
last resort, when selecting source address for new connection
(past KAME code always behaved like this).
Note that explicit bind(2) is disallowed against deprecated address.
Fri Aug 13 19:39:33 JST 1999 sakane@ydc.co.jp
* kame/kame/racoon/cfparse.h:
change default directory placed configuration file.
new directory is /usr/local/v6/etc.
1999-08-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6dd: correctly supported restarting by SIGHUP.
Thanks to <mhoerdt@iutsud.u-strasbg.fr> for sending patch.
1999-08-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* pim6dd/pim6_proto.c (receive_pim6_assert): added a sanity check
in order to prevent core dump when receiving an assert message from a
router that the receiving node doesn't regard as a PIM neighbor.
1999-08-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/bgpd: made sure to transit an optional transitive path
attribute even if it's unrecognized.
Fri Aug 13 11:40:55 JST 1999 itojun@iijlab.net
* freebsd2/ports/{ct,v6eval}: upgrade to 0.3. from ftp.tahi.org.
Fri Aug 13 00:41:12 JST 1999 itojun@iijlab.net
* netbsd/usr.sbin/{tcpdmatch,tcpdchk}: made libwrap utilities
IPv6 ready.
Thu Aug 12 14:42:25 JST 1999 itojun@iijlab.net
* kame/kame/racoon: make idea.h optional. now you can install SSLeay
without idea, and build racoon (some users need this for patent
issues).
Wed Aug 11 21:18:08 JST 1999 itojun@iijlab.net
* netbsd/lib/libwrap: libwrap that handles IPv6 correctly.
IPv6 address should be wrapped in square bracket to avoid
confusion about colon, like this:
telnetd: [::1/128] [3ffe::/ffff::] 127.0.0.1
Tue Aug 9 JST 1999 itojun@iijlab.net
* repository reorganization: NetBSD and FreeBSD228 uses
new repository at this moment.
Sun Aug 8 01:50:14 JST 1999 itojun@iijlab.net
* kit/ports/vic6 (FreeBSD228): vic video conference system.
From: ichiro@ichiro.org
Fri Aug 6 JST 1999 itojun@iijlab.net
* sys/netinet6/{tcp6,udp6}* (platforms with TCP6):
respect SO_TIMESTAMP.
* sys/netinet6/ip6_fw.[ch]: IPv6 packet filter ported from
KAME/FreeBSD228 to all platforms.
1999-08-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* raw_ip6.c (rip6_usrreq): when attaching, initialized
in6p_ip6.ip6_hlim. Without this fix, kernel might send a packet
with 0 hop limit.
Thu Aug 5 20:51:31 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/emacs20: add emacs-20.4
patched by: wolfgang@wsrcc.com
Tue Aug 3 23:26:17 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/netperf: add netperf-2.1pl3
a part of patch by: suz@sdl.hitachi.co.jp
Tue Aug 3 19:29:28 JST 1999 itojun@iijlab.net
* kit/src/mchat: tiny multicast chat program, for testing your
multicast IPv6 network.
Mon Aug 2 19:14:58 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.76.
<199907>
Sat Jul 31 12:14:07 JST 1999 itojun@iijlab.net
* kit/src/libinet6/getnameinfo.c: NI_NUMERICHOST and NI_HOSTREQD
conflict with each other (NI_HOSTREQD requires DNS lookup while
NI_NUMERICHOST prohibits that) so raise error if both are specified.
From: Hajimu UMEMOTO <ume@mahoroba.org>
1999/07/31 06:31:34 JST shin@nd.net.fujitsu.co.jp
sys/netinet6/tcp6_subr.c, udp6_usrreq.c (FreeBSD228, BSDI3):
-consider interface id at link local address connect error
Fri Jul 30 10:15:56 JST 1999 itojun@iijlab.net
* kit/src/traceroute6: allow "traceroute6 -q1 foo".
KAME PR: 135
Fri Jul 30 01:16:40 JST 1999 itojun@iijlab.net
* kit/sbin/ifconfig, kit/usr.bin/telnet, sys/netinet6,
kit/src/traceroute, kit/src/pim6sd, kit/src/rrenumd, kit/src/inet6d,
kit/src/libinet6, kit/src/libpcap, kit/src/gifconfig:
(NetBSD14) 64bit CPU friendly. Basically, be more strict about types.
(1) size_t may not be int (cast to u_long on printing)
(2) time_t is not the same type as tv_sec
(3) SIOCGIFCONF returns unaligned structures so memcpy() before
touching content
(4) always need proper header file for mem* and str*
(5) do not touch unaligned structures. fill aligned structure
then perform memcpy().
(6) libpcap/net/bpf.h must be in sync with sys/net/bpf.h.
(7) 2nd arg to ioctl() must be u_long, not int.
1999-07-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd/aspath.c (aspath2cost): not assert even if AS path
segment is NULL, which means an empty AS path. This fix is
essential when an IBGP peer sends an UPDATE message with an empty
AS path.
Thu Jul 29 18:18:07 JST 1999 itojun@iijlab.net
* kit/src/rtsol: warn if net.inet6.ip6.accept_rtadv is false
(if it is false, rtsol will have no effect at all).
Wed Jul 28 16:32:02 JST 1999 itojun@iijlab.net
* kit/src/rtsol: Sleep for a short period of random time before
sending the first RS.
(actually we check for tentative/non-tentative before sending the
first one, so this may not be needed)
Sleep RTR_SOLICITATION_INTERVAL seconds between resends.
(RFC2461 6.3.7, SHOULD)
1999/07/28 17:05:26 JST shin@nd.net.fujitsu.co.jp
* usr.sbin/inetd (FreeBSD32):
-fixed command names in man
-added new protocol type tcp46 and udp46 for future compatibility
1999/07/28 14:22:12 JST shin@nd.net.fujitsu.co.jp
* netinet/tcp_input.c,udp_usrreq.c
netinet6/tcp6_input.c,udp6_usrreq.c (FreeBSD228):
added "log_in_vain" for TCP and UDP over IPv6
1999-07-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6sd/pim6stat: added to show status of a PIM6 daemon.
Tue Jul 27 23:06:12 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/mpg123, kit/pkgsrc/audio/mpg123: upgrade to 0.59r.
Tue Jul 27 22:51:49 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.74.
1999/07/27 15:14:30 JST shin@nd.net.fujitsu.co.jp
* etc/rc.net6:
changed KAME/FreeBSD32 inetd's name to inet46d and
enable it by default, if it exists.
1999/07/27 15:10:37 JST shin@nd.net.fujitsu.co.jp
* usr.sbin/inetd (FreeBSD32):
-merged IPSEC support from kame_228
-changed the name from "inetd" to "inet46d" because the
non FreeBSD32 inetd(v4-only) commands name conflict
with this command
1999/07/27 13:58:06 JST shin@nd.net.fujitsu.co.jp
* net/route.c:
changed M_WAIT to M_DONTWAIT because this could be
called from splnet() level in KAME.
Mon Jul 26 21:32:33 JST 1999 itojun@iijlab.net
* kit/src/tcpdump: a bit of cleanups. add print-mobile.c (RFC2004)
from NetBSD. add print-l2tp.c by mshindo@ascendo.co.jp.
NOTE: you may need to remove kit/src/tcpdump/Makefile manually,
or perform "make clean" in kit/, to build the userland.
Mon Jul 26 18:18:36 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/irc, kit/pkgsrc/net/irc: add irc-2.10.2p1, The
'Internet Relay Chat' Server. compiles but not tested.
1999/07/26 05:38:48 JST shin@nd.net.fujitsu.co.jp
*sys/netinet/tcp_subr.c
sys/netinet6/in6_pcb.c,udp6_usrreq.c (FreeBSD32):
-Fix the :: connect problem on FreeBSD 3.2
-Also fix the link local address connect problem
1999-07-23 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6.c (nd6_cache_lladdr): changed the logic of setting the
IsRouter bit; always set the bit for an entry of a `better router'
learned from a redirect message. I believe this is the intention
of RFC 2461, section 8.3.
The fix responded to a conformance test by the TAHI project.
Mon Jul 25 JST 1999 itojun@iijlab.net
* kit/ports/apache13, kit/pkgsrc/www/apache13:
upgrade to use latest IPv6 patch. now filtering based on domain
name works properly.
Fri Jul 23 00:48:18 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/rsync, kit/ports/rsync: upgrade to latest IPv6 patch.
Fri Jul 23 JST 1999 itojun@iijlab.net
* sys/netinet6 (NetBSD 1.4): implement IPv6 path mtu discovery.
Now long distance TCP should work fine.
Thu Jul 22 11:55:14 JST 1999
* sys/netkey/key.c:
remove to check SA direction.
Thu Jul 22 11:30:07 JST 1999
* netinet6/ipsec.c:
give up to check transport mode restriction for forwarding packet.
But, this check should be done somewhere.
Wed Jul 21 02:45:07 JST 1999 itojun@iijlab.net
* kit/usr.bin/ftp/ftp.c: BSDI4 ftpd returns junk reply against EPSV.
try to handle the situation properly by becoming more restrictive
against return code.
1999-07-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* raw_ip6.c (rip6_input): changed not to use ip6->ip6_plen(which
will be zero for a jumbo payload) in checksum calculation.
The fix was based on a bug report from <gchelius@ens-lyon.fr>.
Tue Jul 20 02:15:38 JST 1999 itojun@iijlab.net
* kit/libexec/tftpd, kit/usr.bin/tftp (NetBSD 1.4):
add IPv6 support.
Tue Jul 20 01:47:06 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.73.
Mon Jul 19 23:01:13 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/ncftp3, kit/pkgsrc/net/ncftp3: upgrade to 3.0beta19
1999-07-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* [bsdi3] sys/i386/isa/if_wl.c (wl_cse_handler): changed to call
in6_ifattach in CSE_CARD_INSERTION case in order to support IPv6.
Patch from: Masahiro Ishiyama <masahiro@isl.rdc.toshiba.co.jp>
Thu Jul 8 12:16:55 JST 1999 shin@nd.net.fujitsu.co.jp
* ports/ppp (FreeBSD3.2, 228):
updated to use 990708 IPv6 patch.
Fri Jul 9 16:38:01 JST 1999 sumikawa@ebina.hitachi.co.jp
* ports/apache13(FreeBSD3.2): sync with ports-current.
* src/v6test:
- forgot to install v6test.1
- supported construction of udp headers.
* usr.bin/ftp(BSDI): fix Y2K problem in using 'reget' command.
(applied M310-055 patch from BSDI)
Fri Jul 9 01:24:20 JST 1999 itojun@iijlab.net
* kit/src/route6d: /16 routes were mistakingly added as host route.
From: Bill Sommerfeld <sommerfeld@netbsd.org>
Wed Jul 1999/07/07 13:40:18 JST shin@nd.net.fujitsu.co.jp
* net/*, netinet6/*, netpm/*, sys/malloc.h
merged from FreeBSD3.2.
-prefix related extension
Now you can renumber prefix and addrs belong to it
at th same time, using "prefix" commmand or "rrenumd".
-fixed some IPv6 macro
-source code sync
Wed Jul 7 JST 1999 itojun@iijlab.net
* bunch of portability fixes and clarifications,
including 64bit-architecture support and more strict type (for
example, use of time_t instead of long). Merged from KAME on
NetBSD-current.
Wed Jul 7 01:18:16 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.71.
Tue Jul 6 18:28:30 JST 1999 itojun@iijlab.net
* kit/src/{route6d,rtadvd,tcpdump}: fix 64bit CPU issues, like
sizeof(void *) != sizeof(int), sizeof(size_t) != sizeof(int).
* sys/netinet6: fix IPsec-only (and non-IPv6) build.
(found during NetBSD-current merge: thanks!)
Mon Jul 5 07:47:03 JST 1999 itojun@iijlab.net
* kit/src/rtadvd: partial fix to signedness issue.
* kit/src/route6d.c: fix for signedness issue.
* kit/usr.bin/ftp (NetBSD14): fix junk pointer free during URL parsing.
(all found during NetBSD-current merge: thanks!)
1999-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in_gif.c (in_gif_output) (FreeBSD3): made sure to use the
configurable variable ip_gif_ttl as iphdr.ip_ttl.
1999-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in_proto.c(BSDI): set default value(GIF_TTL) of ip_gif_ttl.
Sun Jul 4 11:10:54 JST 1999 itojun@iijlab.net
* sys (NetBSD 1.4): s/splnet/splsoftnet/ in IPv6/IPsec code.
Sun Jul 4 10:41:48 JST 1999 itojun@iijlab.net
* GENERIC.v6 (NetBSD14): remove TCP6 as it needs many twist in userland
compilation if we try to support both. merged tcp (in netinet/tcp*)
is now stable enough.
NOTE: be sure to remove "options TCP6" from kernel config file,
otherwise kernel will not compile.
Sat Jul 3 21:11:05 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_pcb.c (NetBSD14): try to avoid reuse of port # when
opening listening socket. This fixes trouble when you perform
active ftp data transfer with the same server.
(client side always get the same port # and the server side need
to wait till TIME_WAIT state finishes)
* sys/netinet*/in{,6}.h: move IPsec sysctl index from IPPROTO_ESP
to IPPROTO_AH, so that it can be used even when the kernel does not
have IPSEC_ESP compilation option.
* kit/src/*: Makefile cleanups. (1) CPPFLAGS must be used for -D and
-I on NetBSD. (2) several lint fixes.
Sat Jul 3 05:43:18 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/src/pma,ptrconfig
* sys/net,netinet,netinet6,netkey,netpm,sys
FreeBSD32 is generally synced to FreeBSD228.
mainly added items are,
-v4 nat
-v4<->v6 protocol translation
-faith related extensions
-some more ipsec related sync
Fri Jul 2 23:57:45 JST 1999 itojun@iijlab.net
* kit/src/ping6.c, sys/netkey/key_debug.c: fix for 64bit architecture.
From: Jason Thrope
* kit/src: avoid warnings.
* kit/usr.bin/telnet (NetBSD14): make source routing work.
* kit/usr.sbin/inetd (NetBSD14): dual stack inetd. "tcp6" gets
tcp6 socket for childs.
1999-07-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.c (icmp6_redirect_output): added source address check
before sending ND6 redirect according to RFC 2461, sec 8.2.
A new function nd6_is_addr_neighbor is implemented in nd6.c for
this purpose, although it is currently called only from
icmp6_redirect_output.
Fri Jul 2 08:23:05 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Fixed SA selection. When there was tunnel mode SA, not transport
mode SA, and you send transport mode, kernel selected tunnel mode SA
for your packet.
Fri Jul 2 05:23:44 JST 1999 sakane@ydc.co.jp
* sys/netinet6/esp_core.c,kit/src/setkey:
Disabled new ESP with 3des-cbc mode and derived IV.
Enabled old ESP with des-cbc and 32bit IV.
Fri Jul 2 03:09:30 JST 1999 itojun@iijlab.net
* kit/src/libinet6/get{addr,name}info.c:
get{addr,name}info.c works better in environment without
getipnodeby{addr,name}. It can perform queries for both
IPv4 and IPv6 (previously it performed only IPv4 query if
INET6 is not defined).
1999-07-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* [BSDI]ip6_forward.c: experimentally added code to check
site-local source and to return an ICMP6 error if it breaks scope.
1999-07-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.h (ICMP6_DST_UNREACH_BEYONDSCOPE): was added according to
the new ICMP6 draft.
ping6, icmp6dump, traceroute6, and tcpdump were also rewritten to
use the new type.
1999-07-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6.h (IP6OPT_RTALERT_ACTNET): added a macro for as a new router
alert option value, which specifies that the datagram contains an
Atcitve Networks message.
1999-07-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_mroute.c (ip6_mdq): moved M_LOOP flag check just before
sending a wrong-IF report. The older position was wrong since it
discarded a valid packet encapsulated in a PIM register message.
Thanks to: <hoerdt@clarinet.u-strasbg.fr>
<199906>
Wed Jun 30 14:24:23 JST 1999 itojun@iijlab.net
* sys (NetBSD14): bunch of cleanups, removing code that are not used,
comment fixes. MAPPED_ADDR_ENABLE is removed (this never worked).
tcp6 mapped address behavior was slightly changed.
Please read kit/IMPLEMENTATION for details.
* sys/i386/isa/if_ed.c (FreeBSD32): include opt_inet.h for INET6.
I REALLY HATE opt_inet.h. there is no way to check if I have
included enough header files.
From: momo@iij.ad.jp
* sys/netinet6/in6.h: uncomment prototype for inet6_options_*.
Fix typo.
From: koji@dti.ad.jp
Wed Jun 30 09:21:17 JST 1999 itojun@iijlab.net
* sys/netinet6/esp_input.c: IPv4 esp tunnel packets were mistakingly
dropped by a typo. now it is fixed.
Found by: sumikawa@kame.net
Mon Jun 28 13:17:13 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.70.
Mon Jun 28 05:14:49 JST 1999 shin@nd.net.fujitsu.co.jp
*kit, src/sys/netkey,crypt,netinet,netinet6 (FreeBSD32):
merged new ipsec and recent ipsec related changes.
Sat Jun 26 17:29:06 JST 1999 itojun@iijlab.net
* kit/src/route6d: add -l option, which enables exchange of site local
routes. This option needs a great care as the semantics for site
local address space is quite vague.
Sat Jun 26 16:51:32 JST 1999 itojun@iijlab.net
* kit/usr.bin/ftp (NetBSD14): fix ftp URL parsing in numeric IPv6
address case, like ftp://[::1]:9999/.
Sat Jun 26 15:37:23 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_pcb.c (NetBSD14): fix in6pcb lookup for listening
socket (this is for kenrels without "options TCP6").
From: Koji Kondo <koji@dti.ad.jp>
Thu Jun 24 17:07:24 JST 1999 itojun@iijlab.net
* sys/netinet6/udp6_usrreq.c: pass IPv6 extension header properly
to the user level. (call m_adj() after extension header
reception processing)
* kit/pkgsrc/www/apache13, kit/ports/apache13: upgrade to latest
IPv6 patch. This fixes domain name-based access control like
"allow .kame.net".
Wed Jun 23 22:35:06 JST 1999 itojun@iijlab.net
* sys/netinet6: define net.inet6.ip6.kame_version sysctl MIB.
this shows KAME kit version as string. if you got the tree
from anoncvs or cvsup, it will be "from cvs repository".
if this is from SNAP kit, it will be like "SNAP 19991231".
Wed Jun 23 19:32:47 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.69.
Wed Jun 23 15:41:03 JST 1999 itojun@iijlab.net
* sys/netinet6/ipsec* (NetBSD14/FreeBSD228/BSDI3):
define additional kernel config option "options IPSEC_ESP", which
enables ESP part of the kernel.
This is for US export regulation friendliness (I hate to have this)
Now,
"options IPSEC + options IPSEC_ESP" will build complete IPsec
(AH + ESP + IPComp)
"options IPSEC" will build IPsec kernel without crypto
(AH + IPComp)
without "options IPSEC", you'll get no IPsec.
NOTE: You need to add IPSEC_ESP if you want ESP code.
* sys/netinet6/ah_core.c (NetBSD14/FreeBSD228/BSDI3):
use OS-supplied MD5/SHA1 code, if the OS supplies that in libkern.
Tue Jun 22 JST 1999 itojun@iijlab.net
* sys/netinet/tcp* (NetBSD 1.4): stabilize tcp6 when "options TCP6"
is NOT defined. IPv4 mapped address (::ffff:127.0.0.1) can be
handled properly. inpcb and in6pcb are separate.
* kit/src/route6d: add more sanity check against command line option.
Mon Jun 21 05:54:37 JST 1999 itojun@iijlab.net
* sys/netinet/tcp* (NetBSD 1.4): add "options TCP6". If you would
like a stable IPv6 TCP (in netinet6/tcp6*, the one we have been
using), add "options TCP6". If you would like to test dual stack
tcp (in netinet/tcp*), do not add "options TCP6".
IPv6 TCP using netinet/tcp* is not stable yet.
* kit/usr.sbin/trpt (NetBSD 1.4): trpt with dual stack tcp support.
(if you build the kernel with separate tcp6 code, trpt will not
be able to show the trace for tcp6)
Sun Jun 20 05:38:26 JST 1999 itojun@iijlab.net
* sys/netinet/tcp* (NetBSD 1.4): changes toward address family
independent tcp (so that we can share tcp4 and tcp6 source code).
nuked tcpiphdr. no IPv6 support yet.
* sys/netinet6 (NetBSD 1.4): tiny cleanups.
Fri Jun 18 03:04:55 JST 1999 sakane@ydc.co.jp
* kit/ports/icecast:
Fixed to connect with encrypted password between icecast and shout.
You can define --with-crypt.
Thu Jun 17 22:09:00 JST 1999 itojun@iijlab.net
* kit/ports/ethereal (FreeBSD 228): upgrade to use 0.6.2.
sorry for the delay.
Thu Jun 17 21:37:05 JST 1999 itojun@iijlab.net
* kit/src/route6d: reorganize directory to use bsd.prog.mk.
now we have kit/src/{route6d,ifmcstat,rip6query}.
NOTE: "make clean" before cvs update, if you use anoncvs
Wed Jun 16 13:58:08 JST 1999 itojun@iijlab.net
* kit/ports/apache13, kit/pkgsrc/www/apache13: use latest IPv6 patch.
bugs in mod_access were fixed.
From: "Chris P. Ross" <cross@eng.us.uu.net>
1999-06-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/tcpdump/print-pim.c (pimv2_print): supported more detailed
analysis for PIM sparse related messages.
Tue Jun 15 08:31:31 JST 1999 itojun@iijlab.net
* kit/ports/bind8, kit/pkgsrc/net/bind8: use latest IPv6 patch.
* kit/ports/apache13, kit/pkgsrc/www/apache13: use latest IPv6 patch.
Tue Jun 15 07:18:06 JST 1999 itojun@iijlab.net
* sys (BSDI): merge in ALTQ 1.1.3 patch for BSDI.
You'll need altq-1.1.3-bsdi-19990615.diff.gz in
ftp://ftp.kame.net/pub/kame/misc/, for building userland.
From: Hideaki Imaizumi <hiddy@sfc.wide.ad.jp>
Tue Jun 15 05:01:13 JST 1999 shin@nd.net.fujitsu.co.jp
* src/sys/netinet6/in6_prefix.c, in6_prefix.h, in6_proto.c,
in6_var.h, nd6.h, nd6_rtr.c (FreeBSD32):
-BUG fix of router renumbering (touched undefined pointer at prefix
allocation)
-removed RR prefix related code from ND prefix related code
(Because, now ND prefix and RR prefix is separated)
-set net.inet6.ip6.forwarding and net.inet6.ip6.accept_rtadv
by function.
When, net.inet6.ip6.forwarding change from 0 to 1, clear all
ND prefixes, and set net.inet6.ip6.accept_rtadv to 0
When, net.inet6.ip6.forwarding change from 1 to 0, clear all
RR prefixes, and try to recover original net.inet6.ip6.accept_rtadv
value as much as possible.
Mon Jun 14 04:24:56 JST 1999 itojun@iijlab.net
* kit/ports/pfs (FreeBSD228): add pfs portable file system.
compiles but not tested.
Mon Jun 14 03:46:36 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.68.
* sys/netkey/key.c, kit/src/racoon: racoon is now able to exchange
IPComp SA. NOTE: need more checking on keydb management code.
Sun Jun 13 20:14:26 JST 1999 itojun@iijlab.net
* sys/netinet6/tcp6_subr.c: when transmissing RST packet,
initialize flowlabel field properly.
1999-06-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6sd: many serious bugs were fixed. Though it has still
some bugs, we believe it's now worth trying.
Fri Jun 11 10:27:37 JST 1999 shin@nd.net.fujtsu.co.jp
* sys/net, sys/neinet6 (FreeBSD 3.2):
updated router renumbering
-separete RR prefix list from ND prefix list
-addrs assigned by ifconfig is linked to correspondent prefix,
and it is also controled by the prefix change.
-now, prefix command can be used only if
net.inet6.ip6.forwarding=1
TODO: -remove RR prefix related code from ND prefix part
-when net.inet6.ip6.forwarding is become 1,
clear ND prefix list
-when net.inet6.ip6.forwarding is become 0,
clear RR prefix list
-merge onto other platform
1999-06-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6sd: imported PIM6 sparse mode daemon developed by
Mickael Hoerdt at LSIIT Laboratory.
Though it can be compiled and work to some extent, it still
contains some serious problems.
So, please be careful when you try it. We also very much welcome
bug reports and patches.
1999-06-09 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/mld6_proto.c (accept_listener_report):
if the group of a received MLD report is link-local, simply
discard the report, instead of creating and maintaining a group
entry for the group. It would be a bit more efficient.
Suggested by: Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>
Wed Jun 9 16:00:14 JST 1999 itojun@iijlab.net
* kit/ports/{ct,v6eval} (FreeBSD228): upgrade to 0.2.
From: Takashi_Tanaka@yokogawa.co.jp
1999-06-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* netstat/mroute6.c (mroute6pr): printed "reg0" as `physical
interface' for an interface to receive PIM register messages.
Advised by: Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>
1999-06-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_mroute.c: enabled PIM sparse mode related part.
Advised by: Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>
Tue Jun 8 16:04:49 JST 1999 itojun@iijlab.net
* sys/netinet6/tcp6_subr.c (NetBSD 1.4): avoid using dtom()
for tcp header template. use "pool" allocator instead.
Tue Jun 8 15:24:51 JST 1999 itojun@iijlab.net
* kit/pkgsrc/mail/fetchmail (NetBSD 1.4): upgrade to 5.0.3.
Tue Jun 8 14:58:35 JST 1999 itojun@iijlab.net
* kit/pkgsrc/www/apache (NetBSD 1.4): changed daemon installtion
directory from /usr/pkg/bin to /usr/pkg/sbin. NetBSD pkgsrc for
apache does this so we'd better follow that practice.
Sun Jun 6 15:45:31 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_ifattach.c (NetBSD14):
when attaching link-local address to an interface, defer routing
table setup to prevent danglink pointer to be recorded in routing
table.
related to, or fixes, PR 109.
1999-06-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd: made administrative scope filter more generic.
The following two types can be specified:
- Group1-Group2: specifies a numerical range of a scope.
- GroupPrefix/Prefixlen: specifies a prefix of a scope.
Sat Jun 5 07:40:48 JST 1999 itojun@iijlab.net
* sys/netinet6 (FreeBSD228/NetBSD14/BSDI): IPComp (IP payload
compression protocol) support.
See section 5 in IMPLEMENTATION for detalis.
Sat Jun 5 00:11:38 JST 1999 itojun@iijlab.net
* kit/src/tcpdump: support IPComp (ip payload compression, RFC2393)
message decoding.
* kit/src/tcpdump: fix pim6 Register-Stop message decoding bug.
From: mhoerdt <mhoerdt@iutsud.u-strasbg.fr>
NOTE: be sure to perform "make clean" in kit directory.
(or "make distclean" in kit/src/tcpdump)
1999-06-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* mld6.c (mld6_input): use the M_LOOP flag in order to detect if
an MLD6 report is looped back.
IFF_LOOPBACK was used in the older versions, but it was wrong
since ip6_mloopback faked ifp.
1999-06-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in_gif.c, in6_gif.c[FreeBSD 2, 3]:
- included gif.h for appropriate initialization
- included sys/kernel.h, which is necessary for SYSCTL_INT
Thanks to: Koji Kondo <koji@dti.ad.jp> for reporting the problem.
Tue Jun 1 22:34:46 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.67.
* kit/pkgsrc/net/bind8, kit/ports/bind8: use latest IPv6 patch.
now listen-on and some other directives work with IPv6 address.
<199905>
Mon May 31 19:02:27 JST 1999 shin@nd.net.fujitsu.co.jp
upgrade KAME FreeBSD 3.1 to 3.2
upgrade ALTQ from 1.1.3 to 1.2 (FreeBSD 3.2)
1999-05-31 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_output): zero-clear the reserved field of a
Fragment header in an outgoing packet.
Mon May 31 01:18:04 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Added more checking the ID payload in phase 2. Draft said that IDr2
must be immediatelly followed by IDi2. We allow the illegal case,
but logged.
1999-05-31 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* (kernel): added new sysctls, net.inet.ip.gifttl and
net.inet6.ip6.gifhlim. They specify TTL or hop limit for a gif
encapsulated packet.
Notes:
BSDI users should update /usr/local/v6/sbin/sysctl to access
these sysctl names.
1999-05-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/timer.c (age_routes): reflect changes even if the
unicast routing table does not change. I believe this is a bug of
the original pimdd.
This fix is necessary in order to handle expiration of the prune timer
when the forwarding cache entry still exists.
Fri May 28 1999 itojun@iijlab.net, sakane@ydc.co.jp
The following changes affect FreeBSD228, NetBSD14, BSDI version of
KAME, not others.
* sys/netinet6/ipsec.c: On IPsec operation on listening socket, do
not share security policy structure among sockets. This is better
because it allows more efficient SAD entry lookup, and it will
leave less obsolete SPDs kept in the kernel.
* kit/src/setkey: add -l option (to be used with -D), which generate
summary of SAD every 1 seconds. This is good for tracing IKE daemon.
* kit/src/racoon: so many changes and fixes.
- At this moment racoon does not support proposal group with multiple
proposal (say, ESP proposal and AH proposal with same proposal
ID #). Now racoon ignores such proposal from initiator when it
behaves as responder, and filters out such proposal in
configuration file when behaves as initiator.
- Transmit INVALID_COOKIE informational exchange when no matching
ISAKMP SA is found for phase 2 packet.
- Reload of configuration (on SIGHUP) now works correctly.
- Be more strict about configuration file. Die if there's no
required items listed on configuration file.
- Fix lifetime attribute parsing. if the lifetime value is out of
range (due to malformed packet, maybe), use default lifetime.
Previously it sets lifetime to 0 and this caused problems.
- Clarify many of internal structures, such as diffie-hellman
primes and keys (mainly for future support of new group mode).
- racoon now checks phase 2 soft lifetime. Now rekey can be done
more smoothly (TODO: phase 1 soft lifetime check).
- racoon is now more robust against duplicated packets (due to
resend from the peer).
- Phase 1 now supports various encryption algorithms, incl. Blowfish
and CAST128. Key length can be negotiated properly.
- Delete payload support. racoon accepts delete payload from peer.
racoon transmits delete payload if SADB_DELETE is received,
thus SAD delete operation from setkey command will generate delete
payload. Need more support in other occasions.
- Many improvements in debugging output.
- So many minor bug fixes.
Fri May 28 07:34:54 JST 1999 itojun@iijlab.net
* kit/src/setkey: Setkey no longer display dead SAs in the kenrel with
-D. To see dead SAs as well, specify -a with -D.
Fri May 28 02:09:23 JST 1999 itojun@iijlab.net
* kit/src/racoon:
- Do not listen to wildcard socket (grab list of addresses and
perform specific bind(2)). This is to prevent broadcast DoS attack
to IKE daemon. If you specify wildcard address in the config file,
warning will appear.
Thu May 27 05:16:34 JST 1999 itojun@iijlab.net
* sys/net{inet6,key}/Makefile (NetBSD 1.4): include files can be
installed by "cd kame/sys; make incinstall".
(NOTE: this does not follow kame/kit/INSTALL)
Subject: (KAME-snap 632) header file installation on NetBSD 1.4
From: Erik Bertelsen <erik@mediator.uni-c.dk>
Thu May 27 01:51:14 JST 1999 itojun@iijlab.net
* kit/ports/icecast, kit/pkgsrc/audio/icecast: upgrade IPv6 patch.
now instructions on configuring IPv6 UDP multicast audio streaming
is provided.
Wed May 26 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.66.
Wed May 26 1999 itojun@iijlab.net
* kit/src/traceroute: fix order of privilege control. (IPsec
setsockopt must be performed with root privilege)
* kit/sbin/ping (NetBSD 1.4): clarification on IPsec policy
configuration. NetBSD ping command transmits dummy ping toward
loopback address (for flushing route cache in ip_output). We do
not need IPsec for this operation so we specify "bypass" policy
for the operation.
Tue May 25 03:32:12 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Fixed to manage the exchange status. i.e. There is no limit really
for payload ordering.
- Supported idea, blowfish, rc5, cast. But not tested.
- Called libcrypt for checking weak key.
- clean up
Sun May 23 06:51:35 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Check Notify messages in phase 1, but still ignore.
- Ignore multiple SA in phase 2.
- Fixed sending localport number in ISAKMP packet. It was a constant
of 500.
- Insert actual port in use into ID payload.
- Delete ADMIN_PROTO_IKE from admin.h. IKE is not protocol.
- Improved kmpstat. print the information if error.
- Improved PF_KEY messaging by timer.
pfkey_send_{timer,try}: is to send PFKEY message.
pfkey_acquire_{timer,try}: is to wait to get IKE.
- Fixed remote directive in racoon.conf more than tree. cftab was
broken when there was not anonymous entry in the first remote entry.
- Fixed local test mode. There is a bit strange, but it works.
- Fixed some of crash problems.
- clean up. There are same processing in various places.
They should be merged.
CAUTION: There is rekeying issue.
There may be crash problem in aggressive mode.
Sat May 22 21:44:09 JST 1999 itojun@iijlab.net
* sys/dev/ic/midway.c (NetBSD 1.4): import changes in ALTQ 1.2 PVC ATM
code (only for Adaptec/ENI ATM driver - no ALTQ support in NetBSD).
NOTE: compiles but not checked
* sys/i386/pci/midway.c (BSDI): import changes in ALTQ 1.2 PVC ATM
code (only for Adaptec/ENI ATM driver - no ALTQ support in BSDI).
NOTE: currently broken
* sys, kit/ports/altq (FreeBSD228): update ALTQ to 1.2. userland
tools must be installed by using kit/ports/altq.
From: Kenjiro Cho <kjc@csl.sony.co.jp>
Sat May 22 21:13:47 JST 1999 itojun@iijlab.net
* sys/net/if_gif.c: call if_up() on positive edge of IFF_UP,
to send up RTM_IFINFO to the userland.
TOOD: more checks to other drivers (sometimes non-KAME issue
but we need RTM_IFINFO message for routing daemons).
1999-05-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kit/src/pim6dd: supported group-basis output filter. See
pim6dd.conf(5), which is also updated.
Sat May 22 14:34:59 JST 1999 itojun@iijlab.net
* sys/dev/pci/aeon.c (NetBSD 1.4): fix aeon crypto pci card driver
for NetBSD 1.4. No test performed yet (I don't have encryption-
enabled card anyway, I can't buy one in Japan!).
Sat May 22 1999 itojun@iijlab.net
* sys/netinet6/in6_ifattach.c (NetBSD 1.4): fix dangling pointer
on link-local address addition failures.
Sat May 22 04:17:01 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_rtr.c (NetBSD 1.4): Simply call rtrequest() from
defrouter_addreq(), rather than re-implement the behavior. This is
much simpler and avoids bug due to misuse of memory allocator.
TODO: check if it was the right fix, there may be special requirement
in defrouter_addreq(), which we have forgotten.
This fixes misterious "panic on long suspend/resume session" bug.
This was generated when aged routes, which were generated by
defrouter_addreq, are get purged (so kernel panic can be raised
by ndp -R).
defrouter_addreq() allocated struct rtentry by R_Malloc, but
NetBSD 1.4 now uses "pool" allocator in net/route.c.
Then defrouter_addreq() inserted struct rtentry allocated by
R_Malloc onto the routing table. Kernel panic'ed if you try to
call pool_put() with pointer to non-pool region (happens on route
purge).
The bug was a bit hard to track. I spent few days to find a
repeatable steps to make the kernel panic, spent 4 hours to find the
cause. IMHO new allocators/deallocators (like pool_{get,put})
should provide more sanity checks (especially for alloc/free pool
mismatches) when DIAGNOSTIC is defined. Current DIAGNOSTIC code did
not help me much. I should do this next time...
Fri May 21 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c (NetBSD 1.4): synchronized ND6 code
with BSDI. This includes experimental fix for duplicated ND6
detection (see CHANGELOG entry on Fri Apr 8 1999).
Thu May 20 16:36:20 JST 1999 itojun@iijlab.net
* kit/pkgsrc/www/lynx, kit/ports/lynx: use latest IPv6 patch.
now numeric IPv6 address is supported under "http://[::1]:80/"
format.
Thu May 20 16:05:27 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/rsync, kit/ports/rsync: IPv6-ready rsync 2.3.1.
Thu May 20 12:12:09 JST 1999 itojun@iijlab.net
* kit/src/libinet6/getaddrinfo.c: filter out AFs that are not
supported by the kernel. This takes effect when you use AI_PASSIVE
on IPv4 only node (previously both :: and 0.0.0.0 are returned)
NOTE: this change requires full rebuild of "kit" tree. be sure
to remove /usr/local/v6/lib/*.a before rebuild.
From: Alexander Fung <amfung@bbn.com>
Thu May 20 06:18:11 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Check the each values of lifetime. If the value is zero then
kernel ignores its lifetime. Actually, we do check the addtime
and bytes.
Thu May 20 04:38:44 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Don't use the sockets failed to call socket().
Thu May 20 01:42:24 JST 1999 itojun@iijlab.net
* kit/usr.bin/finger, kit/libexec/fingerd (NetBSD 1.4):
dual-stack fingerd/finger.
Wed May 19 21:48:12 JST 1999 itojun@iijlab.net
* sys/netinet{,6}/ip{,6}_output.c (F228/N14/BSDI):
hide some of IPsec error code from the userland. (need elaborate)
some of IPsec errors (such as "no SA") should be shown as packet loss
to the users.
Wed May 19 15:17:11 JST 1999 itojun@iijlab.net
* sys/netinet6/frag6.c: Do not use mbuf to keep fragment queue, as
this does not contain messages. use malloc() instead.
This avoids dtom().
From: Craig Metz <cmetz@inner.net>
Tue May 18 22:13:59 JST 1999 itojun@iijlab.net
* sys/netinet/ip_output.c (BSDI/NetBSD14/FreeBSD228):
even if SO_DONTROUTE is speicfied, we need to use struct route and
route the packet, for IPsec tunnel mode processing. handle struct
route accordingly.
Tue May 18 22:06:29 JST 1999 shin@nd.net.fujitsu.co.jp
* kern/uipc_socket.c, sys/socketvar.h, netinet6/ip6_output.c
(FreeBSD 3.1):
-moved sooptmcopyout to ip6_output.c with some modification.
-added ip6_soooptmcopyin().
-use those functions in ip6_ctloutput() when coping option data between
soopt and mbuf chain.
Tue May 18 02:17:06 JST 1999 itojun@iijlab.net
* sys/netinet6, sys/netkey (NetBSD 1.4): merge in new IPsec policy
engine. Now (1) racoon is usable, (2) IPv6 IPsec including tunnel
mode is available, (3) policy engine is much more flexible.
* kit/src: enable build of IPsec-supporting programs on NetBSD.
* kit/sbin/ping (NetBSD 1.4): support ipsec policy specification
by -E option (-P was already occupied).
Sun May 16 22:33:41 JST 1999 itojun@iijlab.net
* kit/sbin/ifconfig (NetBSD 1.4): change behavior of "ifconfig
interface" to print all the interface address available, not just
inet addresses. The behavior looks more natural to me.
Sun May 16 03:38:03 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_ifattach.c (NetBSD 1.4):
Add link-local address to the ethernet interfaces (and join
mandatory multicast groups), when the interface is made IFF_UP.
In NetBSD, pcmcia interfaces are not initialized until IFF_UP,
so there seems to be no other option.
Good thing is that now we do not need to call in6_ifattach() from
drivers. It is of course okay to call in6_ifattach() from drivers,
if you are sure that the driver is proprely initialized.
NOTE: this change may break some of the userland tools, which checks
IPv6 interface address BEFORE bringing the interface up.
Sun May 16 01:01:24 JST 1999 itojun@iijlab.net
* kit/pkgsrc/security/ssh, kit/ports/ssh: upgrade to 1.2.27 with
latest IPv6 patch.
Sun May 16 00:32:52 JST 1999 itojun@iijlab.net
* KAME/NetBSD-1.4 is now buildable (both kernel and userland).
* kit/usr.bin/netstat: add support for "netstat -p tcp6 -P
<tcp6cb address>".
Sat May 15 08:20:30 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.65.
Fri May 14 21:18:45 JST 1999 itojun@iijlab.net
* sys/netkey/key.c (BSDI, FreeBSD228): To transmit SADB_ACQUIRE
messages correctly from the kernel, changed the mbuf allocation
policy in key_sendup(). Now we allocate non-cluster mbuf chain
for most cases.
Previously we allocated cluster mbuf for most of the cases, and
this caused PF_KEY socket to be considered full and sbappendaddr()
to fail. This is due to wasted space on cluster mbufs
(sbspace() checks both actual data size and mbuf area size).
Fri May 14 11:50:15 JST 1999 itojun@iijlab.net
* sys/netinet6 (BSDI, FreeBSD228): in IPv6 IPsec, tunnel mode now
works as well.
Note: IPv6 spec suggests the originating node to process HBH option
on the packet from the node itself (the originating node is
considered as "first hop"). However, we do not do this when
you apply IPv6 IPsec tunel onto the packet, since HBH option is
already encrypted when it is to be processed. This should be
fixed, however, IMHO this is very rare case.
Thu May 13 22:56:06 JST 1999 itojun@iijlab.net
* kit/src/v6test/v6test.c: support interface with DLT_NULL
bpf encapsulation (i.e. loopback interfaces).
1999-05-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/v6test/getconfig.c (make_ah): added to support
authentication header.
Also added some new tests in ext.conf.
Thu May 13 21:25:51 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Aggressive mode was supported, but not tested sufficiently.
XXX There must be Vender ID in fixed place of payload. TO BE MODIFIED.
1999-05-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* uipc_socket2.c (sbcreatecontrol): if a given control message
is larger than MLEN, allocate an mbuf cluster and store the
message into the cluster.
Also, implemented more strict length check.
This fix is only for FreeBSD(2 and 3) and NetBSD. A similar fix
for BSDI was already done.
Thu May 13 20:18:37 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet6/ip6_fw.c, sys/i386/conf/GENERIC.v6 (FreeBSD3.1):
made compilabel and bootable with ip6fw enabled.
not tested well enough.
Thu May 13 20:04:35 JST 1999 itojun@iijlab.net
* sys/netinet6/ah_core.c: drop IPv6 AH packet with too many
extension headers, to avoid DoS attacks.
Use net.inet6.ip6.hdrnestlimit to configure the number of extension
headers allowed.
1999-05-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/trace.c (accept_mtrace): added to support the
response part of mtrace(not tested yet).
1999-05-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_setpktoptions): added the IPV6_DSTOPTS case,
which allowed user to specify destination options headers for an
outgoing packet.
(compilable, but not tested yet)
1999-05-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in6_pcb.c (in6_pcbbind): prevented binding a socket to an
address if it's anycast, notready, detached or deprecated.
1999-05-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* netstat/inet6.c: sync icmp6names[] with the latest kernel.
1999-05-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.h: changed the size of icmp6stat.icp6s_{in, out}hist from
ICMP6_MAXTYPE + 1 to 256 since the former made the kernel
vulnerable.
1999-05-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* added a sysctl net.inet6.ip6.defmcasthlim, which gets or
specifies the default hop limit for an outgoing IPv6 multicast
packet.
Note that BSDI users must update both kernel and kit/sbin/sysctl
to enable the new sysctl.
Wed May 12 14:57:54 JST 1999 itojun@iijlab.net
* kit/libexec/fingerd, kit/usr.bin/finger (FreeBSD228): finger daemon/
client fixed for dualstack support.
Wed May 12 14:12:44 JST 1999 itojun@iijlab.net
* kit/ports/inn (FreeBSD228/31): IPv6-enabled netnews server,
version 2.2.
From: Satosi KOBAYASI <kobayasi@north.ad.jp>
Wed May 12 10:33:32 JST 1999 itojun@iijlab.net
* sys/netinet6/icmp6.h: node information query/response got the
official ICMPv6 type, so use the official number.
NOTE: need recompilation in userland (ping6), and old KAME and new
KAME will not interoperate due to the overwrap in number...
Wed May 12 02:29:13 JST 1999 sakane@kame.net
* sys/netkey/key.c (FreeBSD228/BSDI):
Fixed to expire SA. It can't be sent SADB_EXPIRE message due
to my mistake.
Added test implement for lifetime by byte counts.
You must be careful to set its value otherwise it causes many
SA to be set.
e.g. time limit = 22896000(s)
byte limit = 100(KB)
Tue May 11 18:48:37 JST 1999 sakane@kame.net
* kit/ports/icecast, kit/pkgsrc/audio/icecast: upgrade to latest
IPv6 patch, with song name broadcasting/request hack.
Tue May 11 18:26:06 JST 1999 itojun@iijlab.net
* sys/netkey (FreeBSD228/BSDI): strictly perform reference count on
SPD/SAD. Now netkey seems to have almost no memory leaks.
* sys/netkey/key.c, kit/src/setkey/setkey.c (FreeBSD228/BSDI):
throw results of SADB_DUMP and SADB_X_SPDDUMP message as separate
message to pfkey socket. This should be more reasonable as each
of the result (for single SAD/SPD entry) has sadb_msg header.
Mon May 10 03:16:49 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to zebra 0.64.1.
Sun May 9 16:39:31 JST 1999 itojun@iijlab.net
* kit/ports/ruby, kit/pkgsrc/lang/ruby: update to use latest IPv6
patch.
Sun May 9 03:51:09 JST 1999 itojun@iijlab.net
* kit/src/racoon: get/set proper source/destination address for IKE
packets, using IP_RECVDSTADDR and IPv6 advanced API.
this is needed to support hosts with more than 1 IP addresses
(i.e. most of IPv6 node needs this).
TODO: scoped IPv6 addresses support (link-local and site-local).
Sat May 8 23:13:53 JST 1999 sakane@ydc.co.jp
* sys/netkey:
Fixed tick counter problem, that is timeout() re-sets lifetime to 1(s)
when you use too big lifetime. Now the timer about IPsec key
management is processed in key_timehandler().
Sat May 8 18:53:29 JST 1999 itojun@iijlab.net
* sys/netinet, sys/netinet6 (BSDI, FreeBSD228): Inherit IPsec policy
configuration on tcp socket, across accept() operation (in the past
IPsec policy must be configured after accept()).
Now, you can configure IPsec policy onto listening tcp socket,
and wait for new conncection to come by accept(). The new socket
returned by accept() has the same IPsec policy as the listening tcp
socket. This should be more natural behavior to the programmers,
and this behavior is inevitable for protecting SYN/SYN ACK packet
from attackers.
Sat May 8 15:21:01 JST 1999 itojun@iijlab.net
* kit/src/inet6d: Add quickhack to specify IPsec policy by specially
formatted comment line (starting with "#@"). Experimental and
is subject to change in the near future.
* sys/netinet, sys/netkey (BSDI, FreeBSD228): fixed IPsec policy
engine for IPv6 IPsec via IKE.
Fri May 7 13:59:16 JST 1999 itojun@iijlab.net
* kit/src/tcpdump/print-ospf6.c: decode ospf6 packets.
NOTE: do not forget to perform "make distclean" (or, "make clean"
in kit directory). otherwise, old Makefile calls build failure.
Fri May 7 02:25:23 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to zebra 0.64.
now OSPF6 is ready for testing (but not for actual use - kernel
routing table will NOT be updated).
Thu May 6 14:18:12 JST 1999 itojun@iijlab.net
* kit/src/tcpdump/print-pim.c: added pim dm decode routines.
(need pim-noisy network to debug this...)
Thu May 6 17:32:06 JST 1999 itojun@iijlab.net
* sys/netinet6 (FreeBSD228): (1) separate IPv6 IPsec (transport-mode)
output processing into ipsec6_output_trans(), for cross-OS
portability.
(2) Multiple transport-mode IPsec headers can be inserted, in any
order.
(3) Most of IPsec output functions now returns int, instead of
struct mbuf * (no mbuf head pointer will be modified).
It is for better uniformity, and better error code handling.
(4) Some of the IPsec fuctions assume certain property from mbuf
chain. See comments for those assumptions.
TODO: tunnel mode
Wed May 5 13:31:28 JST 1999 itojun@iijlab.net
* kit/ports/tcp_wrapper: IPv6-ready tcp_wrappers_7.6.tar.gz
NOTE: this is separate from kit/ports/tcpd. kit/ports/tcpd is a
rewrite of tcp_wrappers for IPv6 (similar functionality but
completely separate codebase). kit/ports/tcp_wrapper is IPv6-
enabled tcp_wrapper.
From: Hajimu UMEMOTO <ume@mahoroba.org>
1999-05-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/tcpdump/print-pim.c (pimv2_print): fixed a bug that a wrong
position was referred as the PIM version field.
Repored by Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>
Wed May 5 06:03:59 JST 1999 itojun@iijlab.net
* sys/dev/en/midway.c (FreeBSD3): pvc interface did not have the
IPv6 link-local address. There was some patch slipped off during
the merge.
From: Scott Mace <smace@intt.org>
PR: 95
1999-05-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/libpcap: supported a new protocol type `pim';
you can now invoke tcpdump like `tcpdump pim'.
Tue May 4 14:38:58 JST 1999 itojun@iijlab.net
* sys/netinet6/ip6_output.c (FreeBSD228): make multiple transport-mode
AH on IPv6 work corretly.
add some sanity check to forbid inbound/outbound jumbogram packet
with AH (jumbogram and AH is ill-suited, spec-wise).
Tue May 4 13:25:51 JST 1999 itojun@iijlab.net
* sys/netinet6/ip6_output.c (FreeBSD228): support IPv6 IPsec
(transport mode only) with new policy engine. To do this I've
changed some part of IPv6 option header construction routines,
so kick me if I've added any bugs.
Sun May 2 12:34:26 JST 1999 itojun@iijlab.net
* kit/src/route6d/route6d.c: implement inbound route filter option (-L).
Sat May 1 13:45:36 JST 1999 itojun@iijlab.net
* kit/usr.sbin/inetd (FreeBSD 2.2.8): Add quickhack to specify
IPsec policy by specially formatted comment line (starting with
"#@"). Experimental and is subject to change in the near future.
Sat May 1 JST 1999 itojun@iijlab.net
* kit/src/libipsec/ipsec_policy.c: Added 2nd argument (int len) to
ipsec_set_policy(), to make it safer against buffer overflow.
Update the parser to be more strict about the IPsec policy string
grammar.
<199904>
Fri Apr 30 18:57:48 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Modified that kernel DOESN'T send SADB_EXPIRE message to user land
if SA is not used until expiration soft lifetime. Otherwise kernel
sends SADB_EXPIRE message with the values of current lifetime.
Fri Apr 30 17:53:43 JST 1999 itojun@iijlab.net
* kit/src/route6d/route6d.c: Take care of dynamic interface adress
addition/removal, interface state change, and static route change.
Sideeffect: You can specify interfaces which are down, into the
command line options (like -N). Those interfaces can be used by
"ifconfig up" later.
Fri Apr 30 03:44:48 JST 1999 itojun@iijlab.net
* kit/ports/apache13, kit/pkgsrc/www/apache13: upgrade IPv6 patch to
the latest one.
* kit/ports/zebra, kit/pkgsrc/net/zebra: use master distribution 0.63.
Thu Apr 29 22:26:34 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Fixed proposal length when transform payload was created.
- Fixed the way to deal with nonces. When phase 2 rekeying happened,
and to reverse initiator and responder happened, then I dealed with
nonces reversely. Those effected to compute hash and keymat.
- Merged isakmp_compute_hash1() and isakmp_compute_hash2().
Thu Apr 29 17:26:48 JST 1999 sakane@ydc.co.jp
* kit/src/tcpdump/print-isakmp.c:
Fixed a trivial bugs. It was mistaken to print transform id.
Thu Apr 29 16:26:44 JST 1999 itojun@iijlab.net
* kit/sbin/ifconfig (BSDI): make "prefixlen" keyword work properly
as expected (sorry I'm embarrassed).
1999-04-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* netstat/mroute6.c (mroute6pr): when printing the multicast
forwarding cache whose incoming interface is unknown, print
`---' instead of the magic number itself.
Note that the kernel source should also be updated.
1999-04-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/vif.c (start_vif): set random delay before sending
the 1st PIM hello message in order to avoid hello message storm in
a bootstrap phase.
suggested by: Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>
Thu Apr 29 01:25:36 JST 1999 itojun@iijlab.net
* kit/src/dtcp: Dynamic Tunnel Configuration Protocol daemon/client.
It will let you configure IPv6-over-IPv4 tunnel dynamically with
APOP-like authentication.
The protocol was proposed by Peter Tattam of Trumpet.
NOTE: you'll need to install IPv6-ready ruby interpreter, by using
kit/ports/ruby (or kit/pkgsrc/lang/ruby).
From: Peter Tattam <peter@jazz-1.trumpet.com.au>
1999-04-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/pim6.c (send_pim6): used sendmsg() with IPV6_PKTINFO
cmsg instead of sendto in order to specify the outgoing interface
and the source address.
Thanks to:
Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr> for finding a
problem in the old version and sending a patch.
1999-04-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/main.c (main): modified to call init_routesock after
making a child process, since the pid to access the routing socket
must be consistent.
Thanks to:
David PATE <pate@dpt-info.u-strasbg.fr> for finding the problem.
Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr> for sending a patch.
1999-04-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_mroute.c (del_m6if): added a sanity check in del_m6if to
prevent kernel hangups, and modified to use in6_ifreq{} instead of
ifreq{} to avoid invalid memory access.
Wed Apr 28 19:26:48 JST 1999 itojun@iijlab.net
* kit/pkgsrc/audio/icecast, kit/ports/icecast:
use new IPv6 patch. It is now possible to transfer mp3 files
over UDPv[46] multicast packets. This is really fun!
Wed Apr 28 14:30:22 JST 1999 itojun@iijlab.net
* sys/netinet{,6} (BSDI 3.1): sync IPsec policy management code with
FreeBSD 2.2.8. This automatically removes many bugs in IPsec code,
simplifies policy management (but SPD is now mandatory), and adds
flexibility in packet formats.
However, IPv6 IPsec is now broken. Also, IPv4 IPsec is unstable
due to memory management bugs.
TODO: regress tests
Wed Apr 28 14:28:28 JST 1999 itojun@iijlab.net
* sys/netinet{,6} (FreeBSD 2.2.8): do not strip TCP/UDP header from
mbuf, until ipsec policy engine checks the headers.
Wed Apr 28 05:19:07 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Fixed the way to search SPD. It always searched outbound SPD.
Tue Apr 27 02:59:50 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Racoon become to do exchange tunnel mode. She gets the
encryption mode from kernel by PF_KEY and set to SA payload later,
so ignores the directive "encryption mode".
XXX: There have been rekeying problems yet.
I believe that it's local address of phase 1 as proxy address
whenever doing pfkey_update, and it's remote address of phase 1
as proxy address whenever doing pfkey_update.
- Added IPSECDOI_ATTR_ENC_MODE_DEFAULT as transport mode
for the default of encryption mode.
- Arranged the function to set SA attribute.
Tue Apr 27 02:13:26 JST 1999 sakane@ydc.co.jp
* sys/netinet/ip_input.c,sys/netinet6/ip6_input.c:
Stoped to remove M_AUTHIPDGM, not M_AUTHIPHDR, from m_flags.
It caused checking policy of ESP inbound tunnel to be failed.
NOTE: I believe that M_AUTHIPHDR will obstruct as such above
when checking AH inbound tunnel policy, too.
Mon Apr 26 09:35:34 JST 1999 itojun@iijlab.net
* sys/i386/isa/kms.c (BSDI): Keyboard mouse driver implemented by
Keisuke Uehara <kei@wide.ad.jp>. Makes cursor keypad behave as
mouse cursor movement. /dev/kms0 will speak bus mouse protocol.
Not very KAME thing, but is really useful addition for notebooks.
1999-04-23 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd/bgp.c: for passively opened BGP4+ connection, use
the configured value of local preference.
Thanks to fujisaki@nttslb.slab.ntt.co.jp for pointing it out.
Fri Apr 23 15:32:45 JST 1999 itojun@iijlab.net
* kit/ports/fwtk6 (FreeBSD 2.2.8): TIS firewall toolkit, modified for
IPv6 connections. NOTE: you'll need to get original fwtk 2.1 by
yourself (you must read and agree the license agreement from TIS).
From: Hajimu UMEMOTO <ume@mahoroba.org>
Fri Apr 23 01:07:41 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Fixed the problem that key_get(), and rarely key_dump(), return error
code but error didn't happen.
Thu Apr 22 18:16:06 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
'path' directive is added for post-command execution.
NOTE: This do update PATH, not to be added.
Thu Apr 22 17:45:16 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Before post-command excution, set local and remote addresses of
phase 1 to environment value named RACOON_INFO.
1999-04-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6_rtr.c (in6_ifdel): made sure that leave the solicited-node
multicast address associated with the deleted address. Also
call in6_savemkludge() before freeing the ifaddr structure.
1999-04-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* mld6.c (mld6_sendpkt): looped an MLD6 packet back to the sending
node if the node is a multicast router, which has been disabled by
`ifdef notyet' although we already have multicast routing.
1999-04-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in6.c (in6_control): automatically embed a link-local interface
index of a destination address specified via the
SIOCAIFADDR_IN6 command.
1999/04/22 16:36:54 JST shin@nd.net.fujitsu.co.jp
* sys/netinet/tcp_input.c (FreeBSD3.1):
Bug Fix: call ip6_savecontrol() also other than when
accepting the connection.
Thu Apr 22 12:41:14 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Fixed the problem of phase 2 negotiation. Now it gets success
the negotiation of phase 2.
XXX: There is phase *1* rekeying problem while phase *2*
negotiation.
Thu Apr 22 06:10:52 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Added new directive "post-command" for racoon configuration. When
IKE phase 1 negotiation has been finished, then this is excuted.
"post-command" consists three directive;
"exec" defines to excute command when phase 1
negotiation has been completed.
"success" defines to excute command when `exec' command
was success.
"failure" defines to excute command when `exec' command
was failure.
- kmpstat can trigger to start negotiation of phase 1. Usage is
that, e.g.
# kmpstat establish-sa ike inet 192.168.0.1
1999-04-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/rtadvd/config.c (getconfig): clear the configuration buffer
if the specified does not exist in the configuration file, which
is necessary to avoid to use a configuration for another interface
by mistake.
* src/rtadvd/if.c (get_next_msg): added RTM_GET case in the search
loop.
Wed Apr 21 11:44:11 JST 1999 itojun@iijlab.net
* kit/src/rtsol: bring interface down, then up, before sending RS.
This is a workaround for pcmcia ethernet card drivers (used on
notebooks). It looks that some of the drivers do not initialize
multicast packet filter properly on suspend/resume session, and
RA (to ff02::1) cannot be received on the interface after resume.
It looks that down-then-up solves most of the cases.
TODO: if this solves the problem, /etc/pccard.conf (or
/etc/card.conf) should perform down-then-up on resume.
Wed Apr 21 04:01:21 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- TODO has been updated.
- With port numbers and prefixes, phase 2 exchange is available.
We need some time for the stability. It's on testing to do
exchanging IPsec tunnel mode.
- It's became to begin phase 2 negotiation by IPsec-SA expiration.
- s/LDUR/LD/ and s/LTYPE/LD_TYPE/, because of clarification.
- Begin the trying to manage IPsec SA by queue(3). But I have no
idea to manage the SA parameters directly.
- Begin the trying to manage the IPsec-SA exchange by IPsec SA list.
XXX MUST support multi SA exchange.
- Modified some code for ANSI-C.
- A lot of modification.
Wed Apr 21 00:58:39 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/src/rrenumd:
-parser fix for recognizing match{-,_}prefix and use{-,_}prefix
-cmsghdr related msglen operaton bug fix
-enabled sending to IPv4 destination
(though, receiver side is also need to be enhanced to receive it)
Tue Apr 20 21:19:16 JST 1999 itojun@iijlab.net
* kit/sys/netinet/altq_red.c: fix IPv6 header parsing code.
From: hiddy@sfc.wide.ad.jp
1999/04/20 17:55:31 JST shin@nd.net.fujitsu.co.jp
* sys/netinet/in_gif.c, sys/netinet6/in6_gif.c
synced between BSDs
Tue Apr 20 15:26:49 JST 1999 itojun@iijlab.net
* kit/usr.bin/vmstat (BSDI, FreeBSD 2.2.8, NetBSD): source code
included in the tree (just need a recompilation, to make "vmstat -m"
work).
Tue Apr 20 10:45:44 JST 1999 itojun@iijlab.net
* kit/ports/zebra (FreeBSD 2.2.8/3.1):
* kit/pkgsrc/net/zebra (NetBSD): upgraded to 19990420 snapshot.
Tue Apr 20 10:36:52 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Modified a bit of ipsec_setsecidx() to get IP address
and port from mbuf.
ASSUMED: basic header is placed continuously in a mbuf.
Mon Apr 19 21:02:24 JST 1999 itojun@iijlab.net
* kit/ports/mpg123 (FreeBSD 2.2.8, 3.1):
* kit/pkgsrc/audio/mpg123 (NetBSD): MPEG audio layer 3 player.
(embeded HTTP support code is updated for IPv6 HTTP)
Mon Apr 19 19:35:35 JST 1999 itojun@iijlab.net
* kit/ports/icecast (FreeBSD 2.2.8, 3.1):
* kit/pkgsrc/audio/icecast (NetBSD): icecast MP3 broadcasting system.
based on version 1.1.3 of the original distribution.
Mon Apr 19 19:32:44 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet/tcp.h,tcp_input.c,tcp_output.c,tcp_subr.c, tcp_var.h
sys/netinet6/ip6_output.c,ip6_var.h (FreeBSD3.1):
mainly fixes for considering IPv6 more enough on mss calcuration.
-added v6mssdflt
-added sysctl for setting v6mssdflt
-added ip6_exthdrsiz() and let it check supposed sending v6 ext
headers total len, and remove that from mss
-made output checksum part more clear(I belive essentially no change)
Mon Apr 19 15:04:43 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/rev_v6_address (FreeBSD 2.2.8): a representing PTR
records tool for mainting DNS.
* kit/ports/geta (FreeBSD 2.2.8): GET Address - simple IPv4/IPv6
address resolver
Mon Apr 19 14:24:43 JST 1999 itojun@iijlab.net
* sys/netinet6: Add automatic flow-labelling support in kernel,
for all operating systems.
(see CHANGELOG entry on Sun Apr 4 02:24:00 JST 1999)
Sun Apr 18 16:45:18 JST 1999 sakane@ydc.co.jp
* sys/netkey/keyv2.h
Added PFKEY_ADDR_PREFIX() for convenience.
Fixed the word, s/PFKEY_ADDR_PORT/PFKEY_ADDR_PROTO/
Sun Apr 18 09:39:25 JST 1999 itojun@iijlab.net
* kit/ports/libident6 (FreeBSD 2.2.8): identd library for
IPv6 connetions.
* kit/ports/pident6d (FreeBSD 2.2.8): identd for IPv6 connetions.
From: Hajimu UMEMOTO <ume@mahoroba.org>
Sat Apr 17 13:13:41 JST 1999 itojun@iijlab.net
* kit/pkgsrc/lang/python (NetBSD): python 1.5.2 with IPv6 support.
Sat Apr 17 11:22:29 JST 1999 itojun@iijlab.net
* kit/ports/python (FreeBSD 2.2.8): python 1.5.1 with IPv6 support.
Sat Apr 17 01:33:01 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 1999/4/16 snapshot.
Fri Apr 16 18:16:04 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/, kit/ports/altq (FreeBSD31):
updated ALTQ to 1.1.3
Fri Apr 16 10:20:39 JST 1999 itojun@iijlab.net
* kit/ports/sendmail6, kit/pkgsrc/mail/sendmail6:
upgrade to 8.9.3 + IPv6 patch version W3.2.
Thu Apr 15 18:04:49 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet/tcp_input.c, tcp_subr.c (FreeBSD3.1):
rewrite tcp_respond() because it has incorrect pointer
reference bug. this caused keep alive packet with incorrect
checksum, and let long lived tcp connection die.
now tcp should become more stable.
Thu Apr 15 14:53:34 JST 1999 itojun@iijlab.net
* kit/ports/mediator: added port directory for Mediator DNS relay
resolver daemon. NOTE: the master distribution is restricted so
most of you will not be able to compile this.
* kit/ports/kaffe: port for IPv6-ready kaffe (IPv6 patch by INRIA
guys). Not finished yet.
Thu Apr 15 08:57:24 JST 1999 shigeya@foretune.co.jp
* kit/src/man: add kame(4).
Thu Apr 14 JST 1999 itojun@iijlab.net
* kit/src/libinet6: Made getaddrinfo.c and getnameinfo.c compilable
on most platforms (do not define INET6). This should be useful
when making applications IPv6-aware (supply KAME getaddrinfo.c in
"missing" directory and use AC_REPLACE_FUNCS(getaddrinfo) in
configure.in).
Wed Apr 14 20:57:13 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Added the sending some administration commands to kmpstat.
reload config, show schedule, show several SA,
delete several SA, flush several SAs, establish several SA
Added to handle some administration commands to admin.c. There are
some commands have not been supported yet, and these aren't tested
sufficiently.
XXX: should be specified the efficient formats for
the communication which is between racoon and kmpstat.
Changed default port for administration.
racoon.conf is obsoleted by ibm.conf.
Wed Apr 14 18:26:14 JST 1999 itojun@iijlab.net
* kit/ports/{ct,v6eval} (FreeBSD 2.2.8): TAHI IPv6 conformance test
kit, released today (0.1). See http://www.tahi.org/ for details.
1999-04-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* raw_ip6.c (rip6_usrreq): fixed a bug of (possible) NULL pointer
access in PRU_CONNECT case in rip6_usrreq. FreeBSD 3.1 version
has the same problem in rip6_connect(), which was fixed as well.
Wed Apr 14 01:20:23 JST 1999 itojun@iijlab.net
* kit/ports/ruby, kit/pkgsrc/lang/ruby:
upgrade to ruby 1.2.5 with latest IPv6 patch.
Tue Apr 13 18:06:03 JST 1999 itojun@iijlab.net
* kit/ports/ruby, kit/pkgsrc/lang/ruby:
object oriented scripting language "ruby" 1.2.4 with IPv6 support.
Tue Apr 13 10:45:00 JST 1999 sakane@ydc.co.jp
* kit/src/libipsec:
Added EIPSEC_INVAL_PREFIXLEN into ipsec_strerror.h.
To handle prefix, added `prefixlen' to the parameter
in pfkey_send_{add,update,delete,get}().
Mon Apr 12 21:21:59 JST 1999 itojun@iijlab.net
* sys/netinet/in_gif.c, sys/netinet6/in6_gif.c:
(1) check IFF_LINK0 on ingress, as specified in the manpage.
(2) do not encapsulate if IFF_LINK0 is down and physical destination
address is not configured.
(3) check if physical source equals to dst on the packet, on egress
when IFF_LINK is enabled.
Mon Apr 12 11:34:02 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c: clear tentative bit without DAD, when
net.inet6.ip6.dad_count equals 0. (this is a bug - sorry)
Sun Apr 11 21:04:05 JST 1999 shin@nd.net.fujitsu.co.jp
* usr.sbin/inetd (FreeBSD3.1):
enabled to specify tcp6 as protocol type in inet6d.conf.
when it is specified, the opened AF_INET6 socket don't accept
IPv4 connection.
Sun Apr 11 18:18:56 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/ports/ppp (FreeBSD):
IPv6 patch level upgrade.
-filter specification bug fix
-added debug mode(never become daemon in any mode)
-when using ppp created ifid, try to use common ifid at first
on any ppp connection.
1999-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/libinet6/ip6opt.c : implemented inet6_option_alloc(),
inet6_option_next() and inet6_option_find() functions.
1999-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_input.c (ip6_savecontrol): implemented IN6P_HOPOPTS,
IN6P_DSTOPTS and IN6P_RTHDR options in order to get Hop-by-hop
options, destination options and routing headers by a userland
application.
Sat Apr 10 12:17:08 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_gif.c, sys/netinet/in_gif.c:
Add ECN friendly mode to gif interface. "ifconfig gifX ilnk1"
should enable "ECN allowed" behavior (see draft-ipsec-ecn-00),
and ECN bits will be copied on ingress and egress.
"Copying ECN bit on ingress" violates of RFC1933 (which says
that outer IPv4 TOS bit should be 0). This should be used under
mutual agreement with tunnel endpoint.
Fri Apr 9 22:53:28 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade original distribution
to 1999/4/8 snapshot. ospf6d is in the tree but not compilable.
we really are looking forward to test ospf6d!
Fri Apr 9 22:24:44 JST 1999 itojun@iijlab.net
* kit/src/route6d/route6d.c: avoid hardcoding # of interfaces.
now you should be able to handle as many interfaces as you can.
# of interfaces is obtained on startup time, so it cannot handle
dynamically added interfaces at runtime.
Fri Apr 9 JST 1999 itojun@iijlab.net
* sys/netinet6: implement setsockopt(IPV6_FAITH) for NetBSD and BSDI.
(see CHANGELOG on Fri Apr 2 20:00:23 JST 1999)
Fri Apr 9 20:44:55 JST 1999 itojun@iijlab.net
* sys/netinet/ip_ecn.[ch]: move ECN friendly ingress/egress code into
separate function, for better code reuse.
Populate ECN friendly IPsec tunnel code to all the platforms.
1999/04/09 20:26:03 JST shin@nd.net.fujitsu.co.jp
usr.bin/netstat (FreeBSD3.1):
-print only inet socket at "-f inet"
-print inet6 socket at "-f inet6"
-print inet6 addr correctly for inet6 socket
Fri Apr 8 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c (BSDI): (experimental)
Implement heuristics against DAD NS loopback. See source code
for detail; it may be better than dad_ignore_ns, but not very
perfect and may violate spec anyway.
1999-04-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6.c (nd6_output): if the interface is other than Ethernet and
FDDI, simply put the packet into the interface instead of tring
to resolve the next hop.
1999-04-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* raw_ip6.c (rip6_usrreq): for PRU_BIND, added a check to see
if the specified address is valid(e.g. not deprececated).
For PRU_CONNECT, used in6_selectsrc() in order to fill in the
source address field.
Thu Apr 8 20:14:45 JST 1999 itojun@iijlab.net
* kit/src/faithd: get # of interfaces by using if_nameindex().
Thu Apr 8 19:39:01 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c (BSDI): (experimental)
ignore incoming DAD NS packet, if dad_ignore_ns is set to 1.
By setting dad_ignore_ns to 1 (by bpatch maybe), you'll be able to
ignore DAD faults by drivers which loops packets back to itself
on promisc mode.
However, (1) you'll not be able to detect simultaneous DAD activity
on the subnet, nor same MAC address on the subnet (-> SparcStation2)
(2) it is not spec conformant behavior.
I dunno how many drivers are faulty, but at least BSDI mz driver
(which is my favorite) is broken, so would like to test this code.
Thu Apr 8 17:06:32 JST 1999 itojun@iijlab.net
* kit/src/v6test: changed config file directory to PREFIX/share/v6test.
Thu Apr 8 17:01:42 JST 1999 itojun@iijlab.net
* kit/src/libinet6/getaddrinfo.c: (1) do not attach canonname
"localhost" to ::1 and 127.0.0.1. The name may not be ubiquitously
available.
(2) add comment about get_addr() call when AI_CANONNAME is given for
numeric address. it is a bit strange that we do addr->name
translation here...
1999-04-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_output): If a hop-by-hop options header is
contained in an outgoing packet, examine and process it,
which behavior is required in the base IPv6 spec(RFC 2460).
Note that some other code relating to option processing was
also modified.
1999-04-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_insert_jumboopt): fixed a bug that
the function does not adjust the length field of an already
existing hop-by-hop header.
Thanks to Kenjiro Komaki <komaki@mt.cs.keio.ac.jp> for finding the
problem.
Wed Apr 7 23:42:55 JST 1999 itojun@iijlab.net
* kit/etc/rc.net6: add "sleep" after interface configuration. now
DAD will be performed for global addresses too, and we have to
wait till DAD's completion before invoking daemons.
Wed Apr 7 18:46:17 JST 1999 itojun@iijlab.net
* kit/lib/libftpio(FreeBSD 2.2.8): try EPSV in IPv4 case too,
because EPSV behaves better for translators. Also, try EPRT in
IPv4 case too.
Wed Apr 7 18:02:28 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet6/nd6_rtr.c: don't care link local addr
state and every time do DAD in in6_ifadd().
Wed Apr 7 17:28:17 JST 1999 itojun@iijlab.net
* kit/src/ndp: Print out expired prefix as "expired",
not by negative lifetime value.
* kit/sbin/ifconfig: Do not print negative value for interface address
lifetime. This sometimes happens if you invoke ifconfig on the
expiration time.
* sys/netinet6/nd6*.c: Fix RA prefix information validation for
lifetime values. It now works as expected (RFC2462 5.5.3 (e) or
Jim Bound's rule - default is Jim Bound's rule).
(1) Do not remove prefix information in the kernel (struct
nd6_prefix) on expiration. Will be removed after
NDPR_KEEP_EXPIRED seconds. We need old prefix information for
validation purposes.
(2) Do not remove interface address when prefix information is
removed. Their lifetime is managed separately.
(3) Clarify validation rules for lifetime fields in RA prefix
information.
Wed Apr 7 14:29:46 JST 1999 itojun@iijlab.net
* sys/net/if.c (except BSDI 3.1): fix where we call in6_if_up() on
ioctls. (this is a routine to trap IFF_UP positive edge -
mainly for DAD)
1999-04-07 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6.c (nd6_output): was newly implemented, which is called from
ip6_output instead of ifp->if_output. The change mainly aims to
perform neighbor unreachability detection even if the outgoing
interface is not up.
NOTE: The change is still experimental and needs more tests.
So, it is not enabled unless the `NEWIP6OUTPUT' kernel
configuration option is specified.
Wed Apr 7 03:06:54 JST 1999 itojun@iijlab.net
* kit/libexec/ftpd (NetBSD): fix EPRT.
* kit/usr.bin/ftp (NetBSD, FreeBSD2): try EPSV in IPv4 case too,
because EPSV behaves better for translators. Also, try EPRT in
IPv4 case too.
1999-04-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* FreeBSD 2.2.8: merged Alteon Gigabit Ether driver from
http://www.freebsd.org/~wpaul/Alteon/
We believe that it supports IPv6 as well, but we have not
tested yet.
Tue Apr 6 22:25:41 JST 1999 itojun@iijlab.net
* kit/src/libpcap: Allow tcpdump on ATM interface for FreeBSD.
DLT type for ATM is defined in OS-supplied bpf.h, so follow that
value in libpcap/net/bpf.h.
Tue Apr 6 19:40:52 JST 1999 itojun@iijlab.net
* kit/etc/rc.net6: on router, perform "ifconfig up" before configuring
interface to wait for DAD's completion.
Tue Apr 6 18:50:27 JST 1999 itojun@iijlab.net
* kit/ports/ucd-snmp, kit/pkgsrc/net/ucd-snmp:
upgrade to 3.6.1 with latest IPv6 patch.
NOTE: on NetBSD, snmpnetstat is not working right. this is a bug in
original distribution (ucd-snmp 3.6.1).
Tue Apr 6 18:00:08 JST 1999 itojun@iijlab.net
* kit/Makefile: install documents in kit/* into
$(PREFIX)/share/doc/kame (usually PREFIX = /usr/local/v6).
Tue Apr 6 12:45:51 JST 1999 itojun@iijlab.net
* kit/src/rtadvd: If old prefix configuration directive ("addr"
without "addrs") appears on rtadvd.conf, show warning to syslog and
exit. This should help people who forgot to update old
configuration file.
1999-04-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* [NetBSD]in6.c (in6_control): fixed a bug that `ifconfig delete'
does not work correctly.