Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tag: freebsd3_snap_…
Fetching contributors…

Octocat-spinner-32-eaf2f5

Cannot retrieve contributors at this time

file 4108 lines (3344 sloc) 174.118 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 2210 2211 2212 2213 2214 2215 2216 2217 2218 2219 2220 2221 2222 2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 2262 2263 2264 2265 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 2310 2311 2312 2313 2314 2315 2316 2317 2318 2319 2320 2321 2322 2323 2324 2325 2326 2327 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 2388 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 2399 2400 2401 2402 2403 2404 2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419 2420 2421 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432 2433 2434 2435 2436 2437 2438 2439 2440 2441 2442 2443 2444 2445 2446 2447 2448 2449 2450 2451 2452 2453 2454 2455 2456 2457 2458 2459 2460 2461 2462 2463 2464 2465 2466 2467 2468 2469 2470 2471 2472 2473 2474 2475 2476 2477 2478 2479 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 2491 2492 2493 2494 2495 2496 2497 2498 2499 2500 2501 2502 2503 2504 2505 2506 2507 2508 2509 2510 2511 2512 2513 2514 2515 2516 2517 2518 2519 2520 2521 2522 2523 2524 2525 2526 2527 2528 2529 2530 2531 2532 2533 2534 2535 2536 2537 2538 2539 2540 2541 2542 2543 2544 2545 2546 2547 2548 2549 2550 2551 2552 2553 2554 2555 2556 2557 2558 2559 2560 2561 2562 2563 2564 2565 2566 2567 2568 2569 2570 2571 2572 2573 2574 2575 2576 2577 2578 2579 2580 2581 2582 2583 2584 2585 2586 2587 2588 2589 2590 2591 2592 2593 2594 2595 2596 2597 2598 2599 2600 2601 2602 2603 2604 2605 2606 2607 2608 2609 2610 2611 2612 2613 2614 2615 2616 2617 2618 2619 2620 2621 2622 2623 2624 2625 2626 2627 2628 2629 2630 2631 2632 2633 2634 2635 2636 2637 2638 2639 2640 2641 2642 2643 2644 2645 2646 2647 2648 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 2660 2661 2662 2663 2664 2665 2666 2667 2668 2669 2670 2671 2672 2673 2674 2675 2676 2677 2678 2679 2680 2681 2682 2683 2684 2685 2686 2687 2688 2689 2690 2691 2692 2693 2694 2695 2696 2697 2698 2699 2700 2701 2702 2703 2704 2705 2706 2707 2708 2709 2710 2711 2712 2713 2714 2715 2716 2717 2718 2719 2720 2721 2722 2723 2724 2725 2726 2727 2728 2729 2730 2731 2732 2733 2734 2735 2736 2737 2738 2739 2740 2741 2742 2743 2744 2745 2746 2747 2748 2749 2750 2751 2752 2753 2754 2755 2756 2757 2758 2759 2760 2761 2762 2763 2764 2765 2766 2767 2768 2769 2770 2771 2772 2773 2774 2775 2776 2777 2778 2779 2780 2781 2782 2783 2784 2785 2786 2787 2788 2789 2790 2791 2792 2793 2794 2795 2796 2797 2798 2799 2800 2801 2802 2803 2804 2805 2806 2807 2808 2809 2810 2811 2812 2813 2814 2815 2816 2817 2818 2819 2820 2821 2822 2823 2824 2825 2826 2827 2828 2829 2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2840 2841 2842 2843 2844 2845 2846 2847 2848 2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 2862 2863 2864 2865 2866 2867 2868 2869 2870 2871 2872 2873 2874 2875 2876 2877 2878 2879 2880 2881 2882 2883 2884 2885 2886 2887 2888 2889 2890 2891 2892 2893 2894 2895 2896 2897 2898 2899 2900 2901 2902 2903 2904 2905 2906 2907 2908 2909 2910 2911 2912 2913 2914 2915 2916 2917 2918 2919 2920 2921 2922 2923 2924 2925 2926 2927 2928 2929 2930 2931 2932 2933 2934 2935 2936 2937 2938 2939 2940 2941 2942 2943 2944 2945 2946 2947 2948 2949 2950 2951 2952 2953 2954 2955 2956 2957 2958 2959 2960 2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 2971 2972 2973 2974 2975 2976 2977 2978 2979 2980 2981 2982 2983 2984 2985 2986 2987 2988 2989 2990 2991 2992 2993 2994 2995 2996 2997 2998 2999 3000 3001 3002 3003 3004 3005 3006 3007 3008 3009 3010 3011 3012 3013 3014 3015 3016 3017 3018 3019 3020 3021 3022 3023 3024 3025 3026 3027 3028 3029 3030 3031 3032 3033 3034 3035 3036 3037 3038 3039 3040 3041 3042 3043 3044 3045 3046 3047 3048 3049 3050 3051 3052 3053 3054 3055 3056 3057 3058 3059 3060 3061 3062 3063 3064 3065 3066 3067 3068 3069 3070 3071 3072 3073 3074 3075 3076 3077 3078 3079 3080 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 3096 3097 3098 3099 3100 3101 3102 3103 3104 3105 3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 3119 3120 3121 3122 3123 3124 3125 3126 3127 3128 3129 3130 3131 3132 3133 3134 3135 3136 3137 3138 3139 3140 3141 3142 3143 3144 3145 3146 3147 3148 3149 3150 3151 3152 3153 3154 3155 3156 3157 3158 3159 3160 3161 3162 3163 3164 3165 3166 3167 3168 3169 3170 3171 3172 3173 3174 3175 3176 3177 3178 3179 3180 3181 3182 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 3195 3196 3197 3198 3199 3200 3201 3202 3203 3204 3205 3206 3207 3208 3209 3210 3211 3212 3213 3214 3215 3216 3217 3218 3219 3220 3221 3222 3223 3224 3225 3226 3227 3228 3229 3230 3231 3232 3233 3234 3235 3236 3237 3238 3239 3240 3241 3242 3243 3244 3245 3246 3247 3248 3249 3250 3251 3252 3253 3254 3255 3256 3257 3258 3259 3260 3261 3262 3263 3264 3265 3266 3267 3268 3269 3270 3271 3272 3273 3274 3275 3276 3277 3278 3279 3280 3281 3282 3283 3284 3285 3286 3287 3288 3289 3290 3291 3292 3293 3294 3295 3296 3297 3298 3299 3300 3301 3302 3303 3304 3305 3306 3307 3308 3309 3310 3311 3312 3313 3314 3315 3316 3317 3318 3319 3320 3321 3322 3323 3324 3325 3326 3327 3328 3329 3330 3331 3332 3333 3334 3335 3336 3337 3338 3339 3340 3341 3342 3343 3344 3345 3346 3347 3348 3349 3350 3351 3352 3353 3354 3355 3356 3357 3358 3359 3360 3361 3362 3363 3364 3365 3366 3367 3368 3369 3370 3371 3372 3373 3374 3375 3376 3377 3378 3379 3380 3381 3382 3383 3384 3385 3386 3387 3388 3389 3390 3391 3392 3393 3394 3395 3396 3397 3398 3399 3400 3401 3402 3403 3404 3405 3406 3407 3408 3409 3410 3411 3412 3413 3414 3415 3416 3417 3418 3419 3420 3421 3422 3423 3424 3425 3426 3427 3428 3429 3430 3431 3432 3433 3434 3435 3436 3437 3438 3439 3440 3441 3442 3443 3444 3445 3446 3447 3448 3449 3450 3451 3452 3453 3454 3455 3456 3457 3458 3459 3460 3461 3462 3463 3464 3465 3466 3467 3468 3469 3470 3471 3472 3473 3474 3475 3476 3477 3478 3479 3480 3481 3482 3483 3484 3485 3486 3487 3488 3489 3490 3491 3492 3493 3494 3495 3496 3497 3498 3499 3500 3501 3502 3503 3504 3505 3506 3507 3508 3509 3510 3511 3512 3513 3514 3515 3516 3517 3518 3519 3520 3521 3522 3523 3524 3525 3526 3527 3528 3529 3530 3531 3532 3533 3534 3535 3536 3537 3538 3539 3540 3541 3542 3543 3544 3545 3546 3547 3548 3549 3550 3551 3552 3553 3554 3555 3556 3557 3558 3559 3560 3561 3562 3563 3564 3565 3566 3567 3568 3569 3570 3571 3572 3573 3574 3575 3576 3577 3578 3579 3580 3581 3582 3583 3584 3585 3586 3587 3588 3589 3590 3591 3592 3593 3594 3595 3596 3597 3598 3599 3600 3601 3602 3603 3604 3605 3606 3607 3608 3609 3610 3611 3612 3613 3614 3615 3616 3617 3618 3619 3620 3621 3622 3623 3624 3625 3626 3627 3628 3629 3630 3631 3632 3633 3634 3635 3636 3637 3638 3639 3640 3641 3642 3643 3644 3645 3646 3647 3648 3649 3650 3651 3652 3653 3654 3655 3656 3657 3658 3659 3660 3661 3662 3663 3664 3665 3666 3667 3668 3669 3670 3671 3672 3673 3674 3675 3676 3677 3678 3679 3680 3681 3682 3683 3684 3685 3686 3687 3688 3689 3690 3691 3692 3693 3694 3695 3696 3697 3698 3699 3700 3701 3702 3703 3704 3705 3706 3707 3708 3709 3710 3711 3712 3713 3714 3715 3716 3717 3718 3719 3720 3721 3722 3723 3724 3725 3726 3727 3728 3729 3730 3731 3732 3733 3734 3735 3736 3737 3738 3739 3740 3741 3742 3743 3744 3745 3746 3747 3748 3749 3750 3751 3752 3753 3754 3755 3756 3757 3758 3759 3760 3761 3762 3763 3764 3765 3766 3767 3768 3769 3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 3802 3803 3804 3805 3806 3807 3808 3809 3810 3811 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3834 3835 3836 3837 3838 3839 3840 3841 3842 3843 3844 3845 3846 3847 3848 3849 3850 3851 3852 3853 3854 3855 3856 3857 3858 3859 3860 3861 3862 3863 3864 3865 3866 3867 3868 3869 3870 3871 3872 3873 3874 3875 3876 3877 3878 3879 3880 3881 3882 3883 3884 3885 3886 3887 3888 3889 3890 3891 3892 3893 3894 3895 3896 3897 3898 3899 3900 3901 3902 3903 3904 3905 3906 3907 3908 3909 3910 3911 3912 3913 3914 3915 3916 3917 3918 3919 3920 3921 3922 3923 3924 3925 3926 3927 3928 3929 3930 3931 3932 3933 3934 3935 3936 3937 3938 3939 3940 3941 3942 3943 3944 3945 3946 3947 3948 3949 3950 3951 3952 3953 3954 3955 3956 3957 3958 3959 3960 3961 3962 3963 3964 3965 3966 3967 3968 3969 3970 3971 3972 3973 3974 3975 3976 3977 3978 3979 3980 3981 3982 3983 3984 3985 3986 3987 3988 3989 3990 3991 3992 3993 3994 3995 3996 3997 3998 3999 4000 4001 4002 4003 4004 4005 4006 4007 4008 4009 4010 4011 4012 4013 4014 4015 4016 4017 4018 4019 4020 4021 4022 4023 4024 4025 4026 4027 4028 4029 4030 4031 4032 4033 4034 4035 4036 4037 4038 4039 4040 4041 4042 4043 4044 4045 4046 4047 4048 4049 4050 4051 4052 4053 4054 4055 4056 4057 4058 4059 4060 4061 4062 4063 4064 4065 4066 4067 4068 4069 4070 4071 4072 4073 4074 4075 4076 4077 4078 4079 4080 4081 4082 4083 4084 4085 4086 4087 4088 4089 4090 4091 4092 4093 4094 4095 4096 4097 4098 4099 4100 4101 4102 4103 4104 4105 4106 4107
CHANGELOG for KAME kit

$Id: CHANGELOG,v 1.261 1999/11/05 13:04:36 itojun Exp $

<199911>
Fri Nov 5 22:02:00 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/{ip6_input,icmp6,route6}.c: clarify mbuf
chain requirements. add m_pulldown experimental code (#ifdef'ed).

Fri Nov 5 19:52:28 JST 1999 itojun@iijlab.net
* freebsd[23]/usr.bin/netstat/route.c: show MTU on netstat -rnl
(you may need to specify "-a" as well to see cached result of
path MTU discovery).

Fri Nov 5 18:15:36 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/ipcomp_core.c: do not use default memory window
size for zlib, it is too big. let user choose memory window size.
no sysctl access is provided right now, you need to rewrite
the value by modifying source code, or by using kmem/bpatch.

From: Laine Stump <lainestump@rcn.com>

Fri Nov 5 10:41:26 JST 1999 itojun@iijlab.net
* netbsd/sys/dev/pcmcia/if_awi_pcmcia.c (and others):
bring in awi driver for BayStack 650 card from NetBSD-currnt.
we need this for IETF washington DC:-)

Fri Nov 5 01:22:42 JST 1999 itojun@iijlab.net
* kame/sys/netinet: rename in_cksum4() into in4_cksum(), to match
in6_cksum().

1999-11-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_rtrequest): changed the initial
state when creating a neighbor cache entry from INCOMPLETE to
NOSTATE, in order to avoid unexpected NSes.

1999-11-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (icmp6_redirect_output): do not
include a target link-layer address option unless the address is
resolved.
Thanks to: the TAHI project for finding the problem.

Thu Nov 4 18:08:00 JST 1999 itojun@iijlab.net
* kame/etc/rc.net6: install reject route for scoped address without
scope identifiers. this will raise icmp6 error on, say,
"ping6 fe80::1" (this is invalid since there's no scope identifier).

Thu Nov 4 17:22:05 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* netbsd/pkgsrc/net/pchar, freebsd[23]/ports/pchar,
openbsd/ports/net/pchar: pathchar reimplementation.

Thu Nov 4 09:40:08 JST 1999 sakane@ydc.co.jp
* kame/sys/{netkey,netinet6}:
* kame/kame/{libipsec,setkey,racoon}:
Implemented a policy level of `unique' for strict use of SA.
The decimal number named `reqid' is used as the identifier in order to
relate between a SA and SA requests in some policy.
Manual keying may need explicitly to specify the identifier. You can
put the decimal number as the identifier after keyword `unique' of
policy level followed by colon(:). For example, "unique:1225".
The value is:
0 are reserved.
1 - 32767 are reserved for manual keying.
Others are for kernel use.
Note that this id doesn't identify a SA by only itself.
XXX To be implemented the inbound policy check by level of `unique'
after a implement of holding SA used to decode.
XXX The field of reqid on PF_KEY message is in sadb_msg structure.
It may not be adequated for portablity.
XXX racoon has not been supported yet.

Thu Nov 4 05:52:12 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd[23]/ucd-snmp:
use latest IPv6 patch.
* openbsd/ports/net/zebra: upgrade to 0.81.
* openbsd/ports/net/ucd-snmp: add ucd-snmp (4.0.1 + IPv6 patch).

Wed Nov 3 22:11:16 JST 1999 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
key_msg2sp() returns suitable error code.

Wed Nov 3 21:48:29 JST 1999 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
Toss up a policy index as identity of SA user when kernel acquired SA.
This is used extended identity type, that is SADB_X_IDENTTYPE_ADDR,
included in the SADB_EXT_IDENTITY extension.

Tue Nov 2 13:27:36 JST 1999 itojun@iijlab.net
* freebsd2/ports/sendmail.beta, netbsd/pkgsrc/mail/sendmail.beta:
add port directory for sendmail 8.10.0beta6, to stress-test IPv6
part of it.

Tue Nov 2 01:46:01 JST 1999 itojun@iijlab.net
* bsdi3/bin/ping6: move bsdi3/sbin/ping6 into bsdi3/bin/ping6, as
bsdi3 puts ping into bin/ping. You may want to remove
/usr/local/v6/sbin/ping6 to get rid of old binary.

Mon Nov 1 21:29:59 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/mrt, freebsd[23]/ports/mrt: upgrade to 2.0.1a.

Mon Nov 1 13:34:07 JST 1999 itojun@iijlab.net
* freebsd2/ports/openssl: port directory for OpenSSL 0.9.4. required
for freebsd2/ports/v6eval (and useful for building tcpdump and
racoon).
* freebsd2/ports/{ct,v6eval}: port directory for TAHI IPv6 conformance
test kit, version 0.4.

<199910>
Fri Oct 29 21:17:10 JST 1999 itojun@iijlab.net
* kame/libinet6/getaddinfo.c: Bunch of cleanups.
(1) When servname == 0 and protocol == 0, return addrinfo structure
for both DGRAM/UDP and STREAM/TCP.
For example, if you ask for localhost/echo without specifying
servname nor protocol, the following four addrinfo structure will
be returned (the order may vary):
::1 dgram/udp port 7
::1 stream/tcp port 7
127.0.0.1 dgram/udp port 7
127.0.0.1 stream/tcp port 7
This fixes KAME PR 141.
(2) fix memory leak on failure cases
(3) clarify non-udp/tcp protocol cases. at this moment SOCK_RAW
is the only one allowed. we may need to loosen the restriction
further.
* kame/libinet6/getnamenfo.c: clarify non-udp/tcp protocol cases.

1999-10-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd: config parser was rewritten using lex and
yacc. According to this change, each line MUST now be terminated
by a semi-colon ';', and hence older configuration files will
cause parsing errors. Please be careful in updating.

Thu Oct 28 19:39:02 JST 1999 itojun@iijlab.net
* openbsd/sys/sys/socket.h: fix alignment constraint for
ancillary data.

Thu Oct 28 14:00:45 JST 1999 itojun@iijlab.net
* freebsd3/ports/ucd-snmp: upgrade to 4.0.1 with IPv6 patch.
it looks tcb/udb dump is not working.
* freebsd3/ports/zebra: upgrade to 0.80.

1999-10-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd[23]/ports/wwwoffle: was added with IPv6 patch developed
by Feico Dillema <dillema@acm.org>

Thu Oct 28 09:24:14 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd2/ports/ucd-snmp:
upgrade to latest IPv6 patch.

Thu Oct 28 01:41:00 JST 1999 sakane@ydc.co.jp
* kame/kame/netinet6/ipsec.c:
Fix mbuf memory leak.
- Policy buffer was not freed when PCB was free.
- PF_KEY message buffer was not freed when key_parse() returned zero.

1999-10-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6dd: applied several fixes from sumikawa@hitachi

Wed Oct 27 20:58:42 JST 1999 itojun@iijlab.net
* netbsd/usr.bin/netstat: use getnameinfo() with KAME hack.
add support for -v into interface info and pcb info printing,
which avoids address truncation on printing.

1999-10-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/rp.c (delete_grp_mask_entry):
fixed a bug of rearraging the group list.
I believe the bug was derived from original pimd.

Wed Oct 27 14:49:09 JST 1999 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
We don't always try to allocate new SA. It's no need if the state
of SA in the holder is SADB_SASTATE_MATURE, and if this is newer one.

1999-10-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/in6.c (mask2len): changed the argument from
in6_addr{} to sockaddr_in6{} so that the function could handle
a shortened netmask. The change solves the problem that bgpd
misunderstands the prefix length of an interface direct route.
Thanks to: the TAHI project for finding the problem.

Wed Oct 27 10:14:07 JST 1999 itojun@iijlab.net
* freebsd2/ports/ucd-snmp: upgrade to 4.0.1 with IPv6 fixes.

Wed Oct 27 03:27:13 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/sys/conf/newver.sh: RELEASE="${REVISION}-${BRANCH}"
instead of specified keywords, such as 2.2.8-RELEASE.

Submitted by: Martti Kuparinen <martti@research.zopps.fi>

Tue Oct 26 23:45:15 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* bsdi3/libexec/ftpd/ftpd/ftpcmd.y: appllied Y2K patch of
ftpd(wu-ftpd)
From: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html#QA35

* bsdi3/usr.bin/ftp/cmds.c: One more Y2K patch. M310-055 is not
enough for newer checking. e.g.:
% touch -t 200107221100 tmp/test
% touch -t 199907221130 test
% ftp 127.0.0.1
Connected to 127.0.0.1.
220 rapunzel.net.ebina.hitachi.co.jp FTP server (Version wu-2.4(1)\
Fri Jan 17 12:05:30 MST 1997) ready.
Name (127.0.0.1:sumikawa):
331 Password required for sumikawa.
Password:
230 User sumikawa logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd tmp
250 CWD command successful.
ftp> newer test
Local file "test" is newer than remote file "test"

Reported by: takenaka@ebina.hitachi.co.jp

Tue Oct 26 18:50:16 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/ip_input.c: disable ipflow (IPv4 fast forwading)
if IPsec is configured in the kernel.

From: Hans-Joachim Knobloch <hansi@xlink.net>

Tue Oct 26 17:52:12 JST 1999 itojun@iijlab.net
* (bunch of source code): fix inet_pton() error check. we need to
check if the return value equals to 1, or not equal to 1.
"<= 0" or "!= 0" does not really make sense.

Tue Oct 26 17:30:43 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/vat6: Tcl initialization patch.
Submitted by: Kenjiro Cho <kjc@csl.sony.co.jp> (kame-snap 1471)

Tue Oct 26 13:27:43 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/www/wwwoffle: add wwwoffle 2.5 with IPv6 patch.
* netbsd/pkgsrc/net/zebra, freebsd2/ports/zebra: upgrade to 0.80.

Tue Oct 26 02:58:19 JST 1999 sakane@ydc.co.jp
* freebsd3/sys/netinet tcp_input.c udp_usrreq.c
Modify m_len before and after calling ipsec_in_reject().
FreeBSD3 cuts out IP header from mbuf before pcb lookupping.

Tue Oct 26 02:44:51 JST 1999 sakane@ydc.co.jp
* kame/sys/netinet6/ipsec.c:
Fixed a bug that sa_len wasn't updated in spidx.
Improved to make spidx which is used as key to search SPD.

Mon Oct 25 22:30:47 JST 1999 sakane@ydc.co.jp
* kame/sys/netkey/key.c:
* kame/kame/libipsec:
- Improved to set IP addresses into the ipsec request structure
from PF_KEY msgs.
- Fixed to print IP addresses in ipsec policy request.
- Fixed a bit to print protocol name.

Sat Oct 23 17:11:39 PDT 1999 itojun@iijlab.net
* {netbsd,freebsd2,bsdi3}/sbin/ifconfig: show IPv6 link-local
addresses in KAME extended IPv6 numeric address format, like
fe80::1@ne0 (experimental).
The change may require you to update rc.net6.

1999-10-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd: added a configuration option to handle
site-local addresses in RIPng. See bgpd.conf(5).

Fri Oct 22 13:35:23 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/lib/libftpio: fix getaddrinfo() loop, so that the code
will try to explore all the addresses returned after query.

Thu Oct 21 15:00:15 PDT 1999 itojun@iijlab.net
* kame/sys/netinet/in_cksum4.c: fix computation algorithm for big
packet.

Thu Oct 21 08:40:24 PDT 1999 itojun@iijlab.net
* netbsd/sys/netinet/udp_usrreq.c: advanced API has been broken for
IPv6 UDP due to a one-letter typo. it is now fixed.

Thu Oct 21 07:57:02 PDT 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp: upgrade to 4.0.1 with IPv6 fixes.

1999-10-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.sbin/traceroute/Makefile: added OS-specific
compilation options, one of which would fix a problem of bad
checksums for probe packets.

Thu Oct 21 15:12:16 JST 1999 skane@ydc.co.jp
* kame/kame/racoon:
Make it compilable on INRIA stack.
Patch from <Francis.Dupont@inria.fr>.

Wed Oct 20 23:05:52 PDT 1999 itojun@iijlab.net
* freebsd2/lib/libftpio: fix getaddrinfo() loop, so that the code
will try to explore all the addresses returned after query.

Wed Oct 20 09:01:53 PDT 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/wu-ftpd: upgrade to 2.5.0 with IPv6 patch.

Thu Oct 21 00:19:23 JST 1999 sakane@ydc.co.jp
* kame/kame/libipsec:
Improved IPsec policy parser. Following requests are allowed:
protocol/mode/src-dst/level
protocol/mode/src-dst
protocol/mode/src-dst/
protocol/transport
protocol/transport//level
See policy_parse.y for detail.

Wed Oct 20 20:13:50 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/ncftp3, netbsd/pkgsrc/net/ncftp3: upgrade to
3.0 beta 21.

1999-10-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ndp/ndp.c (dump): enabled the NI_WITHSCOPEID flag for
getnameinfo when printing a neighbor cache entry for a link-local
scope address. So, for example, `ndp -an' would provide the
following result:
Neighbor Linklayer Address
        fe80::210:4bff:fe32:93d1@ef0 0:10:4b:32:93:d1
        fe80::210:5aff:fe5c:6b5c@ef0 0:10:5a:5c:6b:5c
        fe80::2a0:24ff:fe66:1350@ef0 0:a0:24:66:13:50
(some fields were ommited in the example.)

1999-10-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_ioctl): in the case of
SIOCGNBRINFO_IN6, embeded the interface index of a link-local
scope address into the address before calling nd6_lookup().
With this hack, applications would not have to care about the
KAME's hack for scoped addresses.

1999-10-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_lookup): use rt->rt_ifa->ifa_ifp
instead of rt->rt_ifp for validation of the interface. This change
would solve a problem that `ndp -a[n]' barks at a neighbor cache
entry for the node's own address.

Tue Oct 19 13:43:27 JST 1999 sakane@ydc.co.jp
* kame/sys/netinet,netinet6,netkey:
- Save uid who created socket, and decision socket based policy
with this uid. At FreeBSD3, so->so_cred->p_svuid is saved
as this uid.
- New identify type; SADB_X_IDENTTYPE_ADDR. This is suitable
to identify clients of SA, not SA peers, rather than using
SADB_IDENTTYPE_FQDN when kernel send SADB_ACQUIRE.

Tue Oct 19 07:13:02 JST 1999 itojun@iijlab.net
* kame/dhcp6: server passes timezone information to clients.

Tue Oct 19 00:53:51 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/wu-ftpd: upgrade to 2.5.0 with security
patches. If you use old wu-ftpd, you should upgrade it because of
several security holes.

Mon Oct 18 13:43:40 JST 1999 itojun@iijlab.net
* kame/tcpdump/print-bgp.c: decode BGP packets. BGP data that crosses
packet boundary will not be decoded (it does not reassemble TCP
segments).

1999-10-18 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd: added various improvements and changes
including:
- reflection of change of an IGP route to IBGP routes that use
the IGP route for BGP next-hop resolution.
- show per-prefix sorted BGP routes in the dump file.
- show various timers in the dump file.
- increased the default size of output socket buffers used for BGP
connections. Also, made the size configurable.

1999-10-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_lookup): added a sanity check for
the interface at the end of the function. This will prevent
invalid redirect messages when there is routing loop with an
adjacent router.

1999-10-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/ripng.c (rip_process_response): logged prefix and
interface for non-routable prefixes or for a prefix with an
invalid metric.
Adviced by: Tetsuya Isaki <isaki@net.ipc.hiroshima-u.ac.jp>

Fri Oct 15 16:53:20 JST 1999 itojun@iijlab.net
* kame/tcpdump/print-{tcp,udp}.c: print IP address properly when
intermediate headers or IP option is present.
* kame/sys/netinet/in_cksum4.c: more clever IPv4 pseudo header
checksum routine.
* netbsd/sys: experimental use of m_pulldown() in tcp and udp.
m_pulldown() guarantees contiguous allocation of intermediate
headers (like tcp header) on mbuf chain.

Thu Oct 14 17:27:26 JST 1999 itojun@iijlab.net
* kame/tcpdump: fix endian-ness problem in big endian machines.
From: KOIE Hidetaka <hide@koie.org>

1999-10-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (icmp6_ctloutput): fixed mbuf leak on
setsockopt(ICMP6_FILTER).
(found by: k-sugyo@kame)

1999-10-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/bgp_util.c (bgp_peerstr): was added to print a
BGP-peer address (link-local or global).
* kame/kame/bgpd/in6.c (ip6str): took a new argument (ifindex) to
print link-identifier as well for a link-local address.
* the way to treat the dump file was also changed. See bgpd(8) in
detail.

Tue Oct 12 19:14:53 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ethereal: ethereal port for version 0.7.5.

Mon Oct 11 00:40:52 JST 1999 itojun@iijlab.net
* freebsd2/ports/fwtk6: use latest IPv6 patch.
From: Hajimu UMEMOTO <ume@mahoroba.org>

Sun Oct 10 15:44:07 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/{icmp6.c,tcp6_subr.c,udp6_usrreq.c},
openbsd/sys/netinet/{tcp_subr.c,udp_usrreq.c},
netbsd/sys/netinet/tcp_subr.c,
freebsd3/sys/netinet/tcp_subr.c, freebsd3/sys/netinet6/udp6_usrreq.c:
Revisit xx_ctlinput(). We added extra args to xx6_ctlinput(),
but it was wrong. We cannot just invent function prototype for
xx_ctlinput() as they will be called across protocol types
(for example, see pfctlinput() in sys/kern).
Made last arg of xx6_ctlinput() into void *, to meet standard
practice.
For passing info from icmp6 handler to xx6_ctlinput(), introduced
struct ip6ctlparam.

Sat Oct 9 11:35:32 JST 1999 itojun@iijlab.net
* openbsd/ports/net/bind8, netbsd/pkgsrc/net/bind8,
freebsd[23]/ports/bind8: upgrade IPv6 patch. AAAA dynamic update
is now available.
why do I have to commit it FOUR times... :-(

Fri Oct 8 17:26:09 JST 1999 itojun@iijlab.net
* openbsd/ports/net/bind8: bind 812 with IPv6 support.
* openbsd/ports/net/zebra: zebra 0.79.
* openbsd/ports/mail/sendmail6: sendmail 8.9.2 with IPv6 support.

Fri Oct 8 12:21:39 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/audio/mpg123, freebsd2/ports/mpg123:
upgrade to latest IPv6 patch.
* netbsd/pkgsrc/www/lynx, freebsd2/ports/lynx:
upgrade to 2.8.2 + latest IPv6 patch.
From: Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>

Fri Oct 8 08:42:12 JST 1999 itojun@iijlab.net
* openbsd/sys/net/route.[ch], kame/sys/netinet6/icmp6.c:
synchronize ipv6 pmtud code for openbsd with netbsd.
this includes change to openbsd/sys/net/route.[ch] for
route entry timer code.

this should fix possible dangling pointer problem in previous code.

Fri Oct 8 01:40:23 JST 1999 itojun@iijlab.net
* openbsd/ports/security/ssh: ssh 1.2.27 with IPv6 patch.
* netbsd/pkgsrc/mail/fetchmail: upgrade to 5.1.1.
* openbsd/ports/mail/fetchmail: added, IPv6-enable config with 5.1.1.

Thu Oct 7 22:05:10 JST 1999 itojun@iijlab.net
* openbsd: issue first snapshot for KAME/OpenBSD25.
there still are many issues to be fixed. see openbsd/TODO for
details. report any experiences to snap-users@kame.net.

Thu Oct 7 14:08:24 JST 1999 itojun@iijlab.net
* kame/etc/rc.net6: disallow "internal" addresses like ::ffff:127.0.0.1
to appear on the wire. This is done by configuring reject route
onto the routing table, so you can always re-enable it if you have
some special need for experiments.

1999-10-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/netstat/route.c (netname6, routename6): were changed to
use getnameinfo in order to accomodate to the new format for
scoped addresses.
Now link-local gateways when invoking `netstat -rn' are shown like
fe80::5254:ff:fedc:5217@ne0.

Wed Oct 6 19:50:37 JST 1999 k-sugyou@kame.net
* freebsd[23]/ports/perl5: update to latest IPv6 patch.

Wed Oct 6 19:42:56 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/totd, freebsd[23]/ports/totd:
totd, a DNS server for translation services like faithd(8).
NetBSD PR: 8563
From: Feico Dillema <dillema@acm.org>

Wed Oct 6 17:28:05 JST 1999 itojun@iijlab.net
* kame/bindtest: tests how the kernel implements bind(2) on IPv4/v6
socket. is not compiled in default compilation.

1999-10-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/pim6sd.conf.5: was added for configuration
guide.

1999-10-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/v6test/v6test.c (bpf_open): use pcap_lookupdev (if
possible) to choose the outgoing interface when the user does not
specify one.

Tue Oct 5 20:46:33 JST 1999 itojun@iijlab.net
* bsdi3/sys/i386/isa/if_mz.c: drop faulty multicast loopback packet
on promiscuous mode. this is to make the driver always behave as
IFF_SIMPLEX.

1999-10-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/*/netstat/inet6.c (ip6_ifstats): added the case of
ifs6_in_truncated to be printed, which was just forgotten so far.

1999-10-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/v6test/getconfig.c (make_padnopt): added a new
attribute(padoptreallen) for the PadN option so that v6test could
fake the option length.
* kame/kame/v6test/conf/ext.conf (illhdrlen): added a new test.

Mon Oct 4 18:59:06 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/www/w3m: new port for W3M, simple text based WWW
client.
* netbsd/pkgsrc/devel/boehm-gc: conservative garbage collector for C
programs. needed for pkgsrc/www/w3m.

Sat Oct 2 16:18:35 JST 1999 itojun@iijlab.net
* freebsd[23], netbsd: import ALTQ 2.0. ALTQ on bsdi3 is not
supported yet. IPv6 support needs improvement. Not really tested,
Testers wanted.
* freebsd[23]/ports/altq, netbsd/pkgsrc/net/altq:
update ALTQ userland to 2.0.

Fri Oct 1 09:02:23 JST 1999 itojun@iijlab.net
* freebsd[23]/lib/libftpio: fix EPSV case. this should fix
usr.bin/fetch.

<199909>
1999-09-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6.h (IP6_EXTHDR_CHECK): added a sanity check
for the case where m_next is NULL and m does not contain enough
data. This fix will prevent the kernel from referring to illegal
memory space when receiving a packet with bogus header length.

Thu Sep 30 10:57:22 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/w3m: new port W3M, simple text based WWW client.

1999-09-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtsold/dump.c: was added to dump internal status
of the running rtsold to a file by sending the SIGUSR1 signal.

Wed Sep 29 17:09:15 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* kame/kame/ndp/ndp.c: use getnameinfo() instead of inet_ntop().
you should use -n option if you don't want to reverse lookup.

1999-09-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/if.c (get_32id): fixed a bug that 127.0.0.1 was
chosen as the BGP identifier if it was the only IPv4 address on
the router.

Mon Sep 27 22:25:00 JST 1999 itojun@iijlab.net
* kame/{libpcap,tcpdump}: support OpenBSD.

Mon Sep 27 12:28:13 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/ports/ethereal: upgrade to 0.7.5.

Mon Sep 27 04:33:31 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd[23]/ports/tcp_wrapper, netbsd/ports/tcp_wrapper:
upgraded to latest IPv6 patch made by ume@mahoroba.org.

1999-09-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/libinet6: made the code as much portable as possible.
Some macros were added to aclocal.m4 and were used in configure.in
for compilation on other platforms than KAME.

Sun Sep 26 12:08:28 JST 1999 itojun@iijlab.net
* freebsd[23]/ports/vic6: upgrade to new IPv6 patch.
From: isaki@net.ipc.hiroshima-u.ac.jp

Fri Sep 24 21:15:02 JST 1999 itojun@iijlab.net
* freebsd2/sys/netinet/ip_output.c: prevent kernel panic on
per-socket IPsec policy specification, like:
# ping -P 'out ipsec ah/transport/x-x/use' x
(the cause was only a pair of parens, we'd better have -Wall in
kernel Makefile...)

Fri Sep 24 00:36:05 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/in6_ifattach.c: do not allow all-zero EUI64/
IEEE802 to be used as interface id source for pseudo interfaces.
without this, all-zero IEEE802 address will be mistakingly used as
interface id source, on bsdi/wildboar pcmcia device driver
(when in6_ifattach_getifid is get called from ether_ifattach).

Fri Sep 24 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/ip6_output.c: append destination header 2 to the
outgoing packet. the code was broken a long time ago.
From: Conny Larsson <conny@verkstad.net>

Thu Sep 23 15:24:45 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/sys/i386/if_wi.c: WaveLAN/IEEE speaks IPv6. It is new
official supported device.

Wed Sep 22 20:42:25 JST 1999 sakane@ydc.co.jp
* kame/kame/mchat:
Added two new command, /file and /log. `/file' is to send file
specified. `/log' is to log data received into file specified.
If `/log' is typed again, logging will be finished.

Wed Sep 22 15:22:21 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp* (tcp4/6)
* bsdi3/sys/netinet/tcp* (tcp4)
* freebsd2/sys/netinet/tcp* (tcp4)
* kame/sys/netinet6/tcp6* (tcp6 for bsdi3/freebsd2)
* freebsd3/sys/netinet/tcp* (tcp4/6)
fix TCP MSS computation with IPsec headers. (1) TCP MSS option
must be mtu - iphdrlen - tcphdrlen. it is a violation of protocol
spec to decrement option value further. (2) simplify IPsec header
size offset handling. this may, or may not come with some
performance hit.

Wed Sep 22 14:43:20 1999 SUMIKAWA Munechika <sumikawa@ebina.hitachi.co.jp>
* freebsd3/sys: upgraded base version to FreeBSD 3.3-RELEASE.
TODO: tcp_getcred() and udp_getcred() need more work to support
IPv6 socket.

Wed Sep 22 JST 1999 itojun@iijlab.net
* openbsd: bunch of fixes and merges for KAME/openbsd.
basic operations are IPv6 ready but still needs more work.
* netbsd/pkgsrc/www/squid11: upgrade to latest IPv6 patch.
* kame/tcpdump/print-frag6.c: print fragment length, instead of
ipv6 whole payload length, as property of fragment header.

1999-09-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* openbsd/sys/dev/ic/elink3.c (epget): prevented the input routine
from deviding two (small) mbufs; the new routine always stores an
incoming packet either in a single mbuf or in a chain of mbuf
clusters.

Mon Sep 20 17:38:03 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/in6_ifattach.c: allow MD5(hostname) to be used
as interface id for pseudo interfaces, when no other choices are
available (need to be revisited).
* kame/sys/netinet6/*: merge in ARCnet support from NetBSD-current.
* netbsd/sys/netinet/udp_usrreq.c: support IPv4 mapped address on
udp6 socket.

1999-09-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.bin/Makefile: added v6test to SUBDIR.
*bsd*/usr.bin/v6test/Makefile: added to install v6test.

1999-09-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi3/usr.bin/ppp/ppp_ipv6cp.c: was rewritten not to use
s6_addr{16, 32}, which might cause portability problems.

1999-09-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi3/usr.bin/Makefile (SUBDIR): directory ppp was added to
SUBDIR. Note, however, ipv6cp was not fully tested.

Thu Sep 16 13:50:42 JST 1999 itojun@iijlab.net
* kame/libipsec/pfkey.c: Temporary workaround against KAME PR 154.
If you use setkey to dump many keys in the kernel, or to add
many keys at one time, PF_KEY socket buffer will overflow
(because PF_KEY socket is SOCK_DGRAM, there's no flow control).

To address this issue we added setsockopt(SO_{SND,RCV}BUF) into
pfkey_open(). This allows the PF_KEY socket to hold roughly 1000
keys in the buffer. More fundamental fix should follow.

Thu Sep 16 09:44:03 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/tcptrace, freebsd[23]/pkgsrc/net/tcptrace:
upgrade to 5.2.1.

1999-09-15 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6.c (in6_control): removed a redundant
sanity check for ifp in the SIOCGIFSTAT_IN6 case. The check was
even harmful to freebsd3.

1999-09-15 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_mroute.c (add_m6if, del_m6if):
for fbsd3, use if_allmulti() instead of calling if_ioctl directly
to set/unset the multicast-promiscuous mode.
This fix would be essential if you want to use your kame-freebsd3
box as an IPv6 multicast router. Please do not forget apply the
fix.

1999-09-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.sbin/pim6sd/pim6sd/Makefile:
* *bsd*/usr.sbin/pim6sd/Makefile.inc:
install directory and ld path were corrected.

1999-09-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/bgpd/bgp_output.c (bgp_send_update): added a sanity
check of the origin of a route before sending UPDATE for the
route. This will prevent SEGV when sending update of a non-BGP
route. It is strongly recommended to apply this fix if you use
the KAME bgpd as an EBGP router.
Thanks to: Nobumichi Ozoe <nobumichi_ozoe@ydc.co.jp> for reporting
the problem.

Tue Sep 14 01:37:37 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra, freebsd[23]/ports/zebra:
upgrade to 0.79.

Mon Sep 13 20:42:07 JST 1999 itojun@iijlab.net
* kame/sys/netinet6/in6_ifattach.c: do not use IEEE802/EUI64 addr
with u bit != 0, as source of interface id for pseudo interfaces.
this is because IEEE802/EUI64 addr with u bit != 0 is not globally
unique (there are such ethernet cards exist - yes, I have one).
NOTE: this change may affect your "gif" interface configuration

Mon Sep 13 20:41:07 JST 1999 shin@kame.net
* */sys/netinet/raw_ip.c, */sys/netinet/udp_usrreq.c,
kame/sys/netinet6/raw_ip6.c, kame/sys/netinet6/udp6_usrreq.c:
on PRU_ATTACH, call in6_pcbdetach if ipsec policy initialization
is failed. this fixes memory leakage during heavy use of socket
interface.

Mon Sep 13 12:26:07 JST 1999 itojun@iijlab.net
* netbsd/sys/dev/pcmcia/if_wi*, netbsd/usr.sbin/wiconfig:
WaveLan driver from NetBSD-current. Works fine with IPv6 as we've
fixed it. (This may be (1) a bad idea to bring some drivers in
from *-current, for some of version controlling issues, or (2) a
good idea for reducing people's labor for merging. I'm not really
sure...)

1999-09-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/mtrace6: implemented in order to trace IPv6
multicast routing.
Notes:
- kernel and multicast routing daemons should be updated as well.
- if you use cvsup, please be sure to `make clean' on the
directory `pim6sd' before update.
- mtrace6 feature is currently VERY experimental (we have no
official specification). You can't expect interoperability with
other implementations.

Sun Sep 12 23:44:00 JST 1999 itojun@iijlab.net
* kame/dhcp6: experimental DHCPv6 client/server. many restrictions
due to incomplete implementation (and we may not be improving this
in the future). not included in default compilation tree.
use at your own risk.

Sat Sep 11 13:51:25 JST 1999 itojun@iijlab.net
* kame/tcpdump: add support for dhcp6.

1999-09-09 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/rtsold/rtsol.c (sendpacket): not call warnmsg even if
sendmsg fails (unless the error is a serious one). This change is
for a situation where a node has multiple interface cards and some
of the cards may be disabled.

Thu Sep 9 02:10:21 JST 1999 itojun@iijlab.net
* netbsd/sys/net/if_ethersubr.c: grab IEEE802 MAC address as
seed of IPv6 interface index, on ether_ifattach().
this is for pcmcia ethernet cards inserted after bootstrap time.
(commits for other operating systems should follow)

From: sakane@kame.net

Wed Sep 8 19:34:57 JST 1999 itojun@iijlab.net
* netbsd/sys/dev/ic/sm91cxx.c: avoid duplicated multicast packet
reception on promiscuous mode. this fixes DAD failure during
promiscuous mode.
* sys/netinet6/in6_pcb.c: allow bind(2) to non-interface address,
if the socket is configured as FAITH socket. this is for allowing
ftp relay daemon to perform bind(2) on behalf of fake IPv4 address
on active data connection.

v6 ftp client --control---> ftp translator ----> v4 ftp server
<---data----*

"*" needs to be fake IPv4 address generated from translation pool
prefix and the address for v4 ftp server.
From: yasuoka@iij.ad.jp

1999-09-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* bsdi3/sbin/ifconfig/ifconfig.c (findaddr): used AF dependent
comparison functions instead of simple binary comparison. With
this fix, you can use ifconfig add, remove and modify commands for
IPv6 link-local addresses without embedding an interface
identifier. That is, you can do
# ifconfig ef0 inet6 remove fe80::1
instead of
# ifconfig ef0 inet6 remove fe80:2::1

Tue Sep 7 16:42:41 JST 1999 itojun@iijlab.net
* kame/rip6query: use getaddrinfo() and getnameinfo(), not inet_pton()
and alike. allow interface to be specified with -I.
* netbsd/usr.bin/whois: fix getaddrinfo() loop.
* kame/racoon: fix compilation with --disable-ipv6 (include path).
* sys/netinet6/ipsec.c: support IPsec-only kernel compilation again.
* sys/netkey/key.c: allow any SPI value to be put into kernel,
for IPComp SA that uses well-known CPI field.
* kame/libipsec: allow "setkey -D" on IPComp SA.
* kame/tcpdump/print-ripng.c: format ripng information better
if -v is specified (but it eats more lines on screen).

Tue Sep 7 13:09:06 JST 1999 sakane@kame.net
* kame/kame/sys/netinet6:
Implemented IPv6 forwarding with IPsec slightly.
It's enable if you define IPSEC_IPV6FWD option in kernel
configuration file.
XXX ICMPv6 for IPsec tunnel should be considered.

Tue Sep 7 10:09:53 JST 1999 sakane@kame.net
* kame/sys/netkey/key.c:
Fixed kernel crash when you set SP by spdadd command of setkey.

Sun Sep 5 04:00:08 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd[23]/ports/ucd-snmp:
upgrade to latest IPv6 patch. icmp6 per-if stat is now available.

Sun Sep 4 JST 1999 shin@kame.net
* sys/netinet6/in6_ifattach.c: invert "u bit" on interface id for
pseudo interfaces, as suggested in RFC2373. This was mistakingly
dropped during migration to new repository.
NOTE: interface id for pseudo interfaces (faith*, gif*, and alike)
will change after this fix. Please be sure to update your config
file if you have explicit link-local address embedded in rc files.

1999-09-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ping6: changed the semantics of `-a A' option. It now
specifies to require the responder's anycast addresses.

1999-09-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.h (NI_NODEADDR_FLAG_ANYCAST): added
in order to get/tell a node's anycast addresses.
Note that this is not in the specification, just for experimental
use.

1999-09-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/udp6_usrreq.c (udp6_output): embedded
interface index to a link-local destination. This fix solved a
bug that you can't send a UDP packet to a link-local destination
even when specifying its interface.
XXX: the code is almost same as rip6_output.

Fri Sep 3 11:19:45 JST 1999 itojun@iijlab.net
* kame/traceroute, kame/traceroute6: do not bark even if IPsec
configuration (for bypassing IPsec) is failed. now both programs
should work fine on kernel without IPsec support compiled in.

Fri Sep 3 01:06:47 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/mtr, freebsd[23]/ports/mtr:
mtr network diagnose tool, version 0.41 with IPv6 support.
http://www.BitWizard.nl/mtr/
* netbsd/pkgsrc/net/rsync, freebsd[23]/ports/rsync:
upgrade to latest IPv6 patch.

Thu Sep 2 17:35:13 JST 1999 itojun@iijlab.net
Fix alignment problem for routing socket on NetBSD/alpha.
* kame/ndp/ndp.c: Be more struct about alignment constraint in routing
socket messages (is aligned to sizeof(long) by ROUNDUP() in
sys/net/rtsock.c).
* netbsd/sbin/route, kame/route6d, kame/bgpd, netbsd/usr.bin/netstat:
Fix alignment constraint for routing socket messages.

1999-09-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/: changed hop limit selection algorithm;
hop limit stored in the template header is not considered.
Also, TCP6 was changed to always select hop limit when sending
segment in order to reflect IPV6_UNICAST_HOPS setsockopt and
current hop limit advertised via router advertisements.

Thu Sep 1 17:00:14 JST 1999 sakane@ydc.co.jp
* kame/kame/ping6,traceroute,traceroute6,rrenumd,mchat and so on.
Fixed policy specification due to the modification of policy
management.
XXX In rrenumd, not implemented to specify inbound policy.
I must consider rrenumd's behavior.
XXX In inetd, What should i take deal of in/out ? #@ in/out ?

Thu Sep 1 16:53:14 JST 1999 sakane@ydc.co.jp
* kame/kame/racoon:
Fixed argument of pfkey function call due to the modification
of libipsec. But I have not tested, so probably racoon can't run.

Thu Sep 1 16:50:14 JST 1999 sakane@ydc.co.jp
* kame/kame/setkey,libipsec
- Changed SA specification,
NEW; add a::1 b::1 esp 0x1111 ...
OLD; add a::1 b::1 0x1111 -p esp ...
- Changed SP specification,
NEW; spdadd a::1/64[32] b::1/64[24] tcp
-P in ipsec esp/transport/::1-::1/require ;
NOTE: SEE SAMPLE.CF FOR DETAIL.
- Changed some function in libipsec due to above modification.
- Added some function into libipsec for policy management.

Thu Sep 1 16:43:14 JST 1999 sakane@ydc.co.jp
Modified IPsec policy management. As this modification, it's
enabled to,
1. make a SA to use both transport mode and tunnel mode.
2. make a SA to assign multiple SP entries.
3. check separately inbound SP and outbound SP.

Abstract of modification is
- Deleted a policy holder from pcb, alternatively added two policy
holders that are inbound and outbound respectively.
- IP{V6,}_IPSEC_POLICY is divided two optname, IP{V6,}_IPSEC_POLICY_IN
and IP{V6,}_IPSEC_POLICY_OUT
- "proxy" address has gone away. SA is always specified by both
source and destination address without prefix, port number and
upper layer protocol.
- It's always use IPPROTO_XX as security protocol type internal.
So when using PF_KEY I/F, must map internal type to SADB_SATYPE_XX.
- changed the meaning of value of protocol and port. 0 is one of
the number of each value.
- Begin to add IPsec processing into ip6_forward.

Wed Sep 1 14:14:43 JST 1999 itojun@iijlab.net
* usr.bin/ftp (all platforms): On data connection establishment,
warn if scoped address is used. If peer (ftp daemon) does not
handle scoped address, data connection may not work right.
* libexec/ftpd (all platforms): Copy sin6_scope_id from control
connection to active data connection destination, hoping
this to help ftpd's behavior with scoped IPv6 addresses.
I'm not sure if it is the right way, but it is the best way
available to us. LPRT or EPRT command gives no information
about which interface (or scope) to be used for new data connection.

This seems to be sort of protocol spec twist.

<199908>
Tue Aug 31 18:37:00 JST 1999 itojun@iijlab.net
* openbsd: made GENERIC.v6 at least compilable.
GENERIC.v6 kernel boots okay, replies to ping6.
transport layer (AF_INET6 raw/tcp/udp socket) needs more work.
IPSEC support is completely broken (we have NRL/OpenBSD/KAME IPSEC
code in the tree, I am not quite sure how to solve this).

Tue Aug 31 03:07:16 JST 1999 itojun@iijlab.net
* netbsd: Upgrade base version to 1.4.1. There's not too many
changes between NetBSD 1.4 and 1.4.1, so it should be possible
to install KAME/NetBSD141 on top of NetBSD 1.4 installation.
To get 1.4.1 libc and other important portions, I'd suggest
upgrading to 1.4.1, however.
Updated files are:
sys sbin/ifconfig sbin/ping usr.bin/ftp libexec/tftpd

1999-08-30 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6: changed to use nd6_output() instead of
ifp->if_output() when sending a packet to a link-layer in various
cases. This change might affect some fundamental parts of sending
IPv6 packets such as forwarding a packet and neighbor
discovery. If you find instability, please let me know.

Mon Aug 30 13:10:15 JST 1999 itojun@iijlab.net
* kame/rtsold: check for invalid RAs, like non-zero icmp6 code or
non-linklocal source address. Found by TAHI team.

Mon Aug 30 11:48:41 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra, freebsd[23]/ports/zebra: upgrade to 0.78a.

Sat Aug 28 16:32:29 JST 1999 itojun@iijlab.net
* netbsd/usr.bin/whois: IPv6-ready whois client.

From: seirios@iri.co.jp

Sat Aug 28 15:28:16 JST 1999 itojun@iijlab.net
* kame/rtsold: fix rtsol's behavior when link-local address is
considered a duplicated address (by DAD).

Fri Aug 27 12:23:19 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp_subr.c: fix IPsec header size consideration
during TCP mss computation. you will see no fragmentation on
IPsec'ed TCP packets.

Thu Aug 26 22:36:07 JST 1999 itojun@iijlab.net
* kame/tcpdump/print-ip.c: fix length printer for IPv4 first fragment.
variable was broken during onion peeling and garbled value was
printed.

1999-08-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6sd/vif.c: changed the type of return value of
vif_forwarder() from if_set * to int.
Also, introduced a new function vif_and(), which is intended to be
called from age_routes() instead of vif_forwarder(). The new
function is added in order to prevent bcopy from a NULL pointer,
which causes pim6sd hang up.

Thu Aug 26 18:01:27 JST 1999 sumikawa@ebina.hitachi.co.jp
* kame/sys/netinet6/frag6.c (frag6_init): changed ip6_id setting
algorithm. it is borrowed from ip6_init(). ip6_id(initialized
fragmentation value) was always 0 on FreeBSD/NetBSD(was 3 on BSDI)
since it seems tv/time_second is not set when calling
frag6_init().

Thu Aug 26 05:07:49 JST 1999 sumikawa@ebina.hitachi.co.jp
* kame/tcpdump: print the identification of fragment headers when
using -v flag

1999-08-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ah_core.c (ah6_calccksum): fixed a bug
of pointer adjustment to chase options. The bug might cause
kernel panic when trying to calculate ICV for a HbH or a Dst options
header including an immutable option.
Thanks to the TAHI project(http://www.tahi.org/) for finding the
bug.

1999-08-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* sys/netinet6/in6_pcb.c (in6_selecthlim): added to select hop
limit for an outgoing packet in various situations. The algorithm
is as follows:
1. The hop limit field of the template header.
2. Hoplimit value specified via ioctl.
3. (If the outgoing interface is detected) the current
hop limit of the interface specified by router advertisement.
4. The system default hoplimit.
UDP6 and raw IP6 directory use this function. TCP6 uses this via
in6_pcbconnect.
This change fixes the problem that IPV6_UNICAST_HOPS did not work
for a UDP6 and a raw IP6 socket.
Thanks to Tetsuya Isaki <isaki@v6.ipc.hiroshima-u.ac.jp> for
finding the problem.

Wed Aug 25 22:45:15 JST 1999 itojun@iijlab.net
* kame/rtsold: Fix segv when invoked as normal user, not root.
do not wait forever if -1 is specified (or invoked as rtsol).
From: Takashi_Tanaka@yokogawa.co.jp

Wed Aug 25 19:59:49 JST 1999 sumikawa@ebina.hitachi.co.jp
* freebsd[23]/ports/ncftp3, netbsd/pkgsrc/net/ncftp3: upgrade to
latest IPv6 patch

Wed Aug 25 18:46:48 JST 1999 itojun@iijlab.net
* freebsd[23]/ports/inn: update IPv6 patch.
From: Satosi KOBAYASI <kobayasi@north.ad.jp>

1999-08-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ah_core.c (ah6_calccksum): corrected the
length parameter for auth. data calculation at the end of
IPPROTO_HOPOPTS and IPPROTO_DSTOPTS cases.
Problem reported by the TAHI project(http://www.tahi.org/).

Wed Aug 25 11:24:43 JST 1999 itojun@iijlab.net
* kame/racoon: Fix compilation on NetBSD/alpha.
Fix portability issue with ssleay/openssl. However, we cast
most of parameters to des_xx() into void *, which is not a very
good way to solve this issue.

Wed Aug 25 02:31:54 JST 1999 sumikawa@ebina.hitachi.co.jp
* freebsd3/ports/pfs: add pfs(personal file system)
* freebsd[23]/ports/emacs20: more sophisticated IPv6
supporting. Patched by: wolfgang@wsrcc.com

1999-08-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6dd/debug.c (dump_lcl_grp): added to show status of
local listeners with some timer values.

Wed Aug 25 00:12:56 JST 1999 sumikawa@ebina.hitachi.co.jp
* freebsd[23]/ports/netperf, netbsd/pkgsrc/net/netperf: upgrade to
latest IPv6 patch

Tue Aug 24 23:45:36 JST 1999 itojun@iijlab.net
* freebsd[23]/ports/mrt, netbsd/pkgsrc/net/mrt: upgrade to mrt 2.0.0a.

1999-08-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6dd: fixed a bug that pim6dd with a local listener
didn't correctly stop forwarding when it became an assert looser.
(The bug seemed to be derived from the original pimdd.)
Thanks to Mickael Hoerdt<mhoerdt@iutsud.u-strasbg.fr> for finding
the problem.

Tue Aug 24 18:19:19 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp*.c: Improve syn cache cleanup again.
When listening socket goes away, syn cache entries associated to the
listening socket will never be used. Therefore, it makes more sense
to nuke all assockated syn cache entries when listening socket
goes away.

NOTE: On 4.4BSD, it was possible to run SYN-SYNACK-ACK handshake even
if listening socket goes away in the middle (as sonewconn is called
right after SYN reception). After introduction of syn cache,
the behavior was changed (if listening socket goes away in the
middle, no negotiation will be successful).
KAME change will keep the latter behavior.

Suggested by: Jason Thorpe

Tue Aug 24 08:18:00 GMT 1999 itojun@iijlab.net
* bsdi3: fix manpage installation procedure to conform to
BSDI3 practice.

Tue Aug 24 16:42:54 JST 1999 itojun@iijlab.net
* usr.sbin/rtsold, sbin/rtsol: Integrate rtsold and rtsol source code.
Behavior is switched by argv[0]. sbin/rtsol needs to be statically
linked for most of the platforms, so they are compiled separately.
This change will improve IPv6 spec conformance of rtsol(8).

Tue Aug 24 02:11:54 JST 1999 itojun@iijlab.net
* etc/rc.net6: disallow multiple interfaces from being autoconfigured
on host case, added some comment on it.
IPv6 specification assumes, in many places, that autoconfigured
node has only single externally-visible network interface.
Autoconfiguring a node with multiple interfaces can cause unexpected
behavior.

1999-08-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* *bsd*/usr.{bin,sbin}/netstat: supported per-interface
statistics. Try
% netstat [-p [ip6|icmp6] | -f inet6] -s -I if_name
for printing statistics on a specified interface, or
% netstat [-p [ip6|icmp6] | -f inet6] -s -i
for all interfaces.

1999-08-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6: implemented per-interface ICMPv6 statistics
based on RFC2466. ioctl(SIOCGIFSTAT_ICMP6) is available as API.
Note that this changes affect the size of struct in6_ifreq,
which means you have to recompile some applications using the
structure like ifconfig.

1999-08-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* sys/netinet6/udp6_usrreq.c (udp6_output): now got rid of
in6_pcbconnect, which needs splnet and affects performance, since
we saw no essential reason for calling in6_pcbconnect.
Instead, in6_selectsrc and in6_pcbsetport are used in order to
fill in the local address and in the local port.

Fri Aug 20 20:27:34 JST 1999 itojun@iijlab.net
* bsdi3/usr.sbin/inetd: inetd with IPv6 and IPsec support.
inet6d will be left uncompiled for good.

Fri Aug 20 18:13:36 JST 1999 itojun@iijlab.net
* sys/netinet/in_gif.c, sys/netinet6/in6_gif.c:
do not capture tunnelled packet when gif interface is down
(not IFF_UP).

Fri Aug 20 15:26:59 JST 1999 itojun@iijlab.net
* netbsd/sys/netinet/tcp_input.c: tentative fix to dangling pointer
problem in syn cache. may need updates.

Fri Aug 20 09:11:20 JST 1999 itojun@iijlab.net
* freebsd[23]/ports/apache13, netbsd/pkgsrc/www/apache13:
* freebsd[23]/ports/bind8, netbsd/pkgsrc/www/bind8:
upgrade to new IPv6 patch.

Fri Aug 20 08:57:01 JST 1999 itojun@iijlab.net
* sys/netinet6/in6.h: remove, or hide nonstandard macros/struct defs
from the userland programmers. if your code breaks with this change,
your program assumes something outside of RFC2553.

some of programs under "ports" or "packages" directory may fail to
compile. Please report if you find one.

Fri Aug 20 04:16:11 JST 1999 sumikawa@ebina.hitachi.co.jp
* freebsd[23]/ports/newbie, netbsd/pkgsrc/net/newbie: update to 0.22.

Fri Aug 20 00:23:42 JST 1999 itojun@iijlab.net
* usr.sbin/racoon/racoon: fix SEGV due to duplicated free().
From: "Heiko W.Rupp" <hwr@pilhuhn.de>

Thu Aug 19 21:59:08 JST 1999 itojun@iijlab.net
* sys/netinet/in_gif.c: if you run KAME/NetBSD prior to the change
as router, sometimes kernel panicked due to failure to include
opt_ipsec.h into this file. I really hate opt_xx.h...
From: Kazuto Ushioda <x-y-z@3si.co.jp>

1999-08-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/{ip6_output.c, nd6.c}: use nd6_output by
default. Note that some files under sys/net must be updated,
too. I believe the behavior is now quite stable, but if not,
please let me know.

Thu Aug 19 15:02:35 JST 1999 itojun@iijlab.net
* lib/libinet6: compile inet_pton() into libinet6. The code
is from ISC BIND821. This is to avoid bugs in OS-supplied
inet_pton() (the source of bug is BIND version < 8.2).

NOTE: KAME/NetBSD needs inet_addr.c into libinet6 as well, because
inet_pton() and inet_addr() are supplied as single object file in
libc.a.

Thu Aug 19 00:38:02 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/ucd-snmp, freebsd2/ports/ucd-snmp:
upgrade to 3.6.2. freebsd3/ports/ucd-snmp is not buildable.

Wed Aug 18 22:02:14 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_var.h: Based on RFC2465, IPv6 per-interface
statistics framework is implemented. Actual statistics support
is ongoing. ioctl(SIOCGIFSTAT_IN6) will let you peek the
statistics from the userland.

NOTE: rebuild all userland tools as struct in6_ifreq is changed
its size.
NOTE: in some cases we are unable to increment counter, because
there's no route for packet (hence interface).

1999-08-17 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/libinet6/ip6opt.c (inet6_option_append, inet6_option_alloc):
adjust pad length to avoid unnecessary pad.
Thanks to Frederic SOULIER for pointing it out.

Tue Aug 17 19:46:52 JST 1999 itojun@iijlab.net
* sys/netinet6/in6.h: make IN6_IS_SCOPE_LINKLOCAL() invisible from
userland.
We will gradually remove nonstandard (and uncommon) defs as much as
possible from netinet/in.h. Some of your userland apps may
fail to compile during the process. Please stick to standard
defines (see RFC2553 and RFC2292).

Tue Aug 17 13:01:50 JST 1999 itojun@iijlab.net
* kame/ndp: fix cases when no link-layer address information is
cached in the kernel.

1999-08-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/libinet6/name6.c (gethostbyname2): reinitialized saved_hp
right after freehostent() in order to avoid possible duplicate
free the variable.
Suggested by Frederic SOULIER.

Mon Aug 16 01:34:36 JST 1999 itojun@iijlab.net
* netbsd/pkgsrc/net/zebra, freebsd[23]/ports/zebra: upgrade to 0.77.

1999-08-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/pim6sd: correctly supported restarting by SIGHUP.
Thanks to <mhoerdt@iutsud.u-strasbg.fr> for sending patch.

Sat Aug 14 00:18:57 JST 1999 sakane@ydc.co.jp
* kame/kame/racoon:
Added man page of racoon.conf.
Changed default directory placed racoon.conf.
new directory is /usr/local/etc.

1999-08-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/in6_pcb.c (in6_selectsrc):
added an argument to pass the local address of the PCB in order to
prefer the optionally specified address to the local address.

Fri Aug 13 23:01:15 JST 1999 itojun@iijlab.net
* freebsd2/usr.sbin/inetd: support tcp6, udp6 as protocol type.
now inetd is able to support both address families, so there's no
need to run separate inet6d. you just need to (1) kill
/usr/sbin/inetd, and (2) run /usr/local/v6/sbin/inetd instead.
/etc/inetd.conf will be used.

Fri Aug 13 21:34:39 JST 1999 itojun@iijlab.net
* sys/netinet6: Add net.inet6.ip6.use_deprecated sysctl MIB.
This is for RFC2462 5.5.4, which specifies the use of deprecated
address as the source address for new connection when no other choice
is available.
Default value is 1 (allows deprecated address as a last resort).
By making it 0, deprecated address will never be used, even as a
last resort, when selecting source address for new connection
(past KAME code always behaved like this).
Note that explicit bind(2) is disallowed against deprecated address.

Fri Aug 13 19:39:33 JST 1999 sakane@ydc.co.jp
* kame/kame/racoon/cfparse.h:
change default directory placed configuration file.
new directory is /usr/local/v6/etc.

1999-08-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/pim6dd: correctly supported restarting by SIGHUP.
Thanks to <mhoerdt@iutsud.u-strasbg.fr> for sending patch.

1999-08-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* pim6dd/pim6_proto.c (receive_pim6_assert): added a sanity check
in order to prevent core dump when receiving an assert message from a
router that the receiving node doesn't regard as a PIM neighbor.

1999-08-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/bgpd: made sure to transit an optional transitive path
attribute even if it's unrecognized.

Fri Aug 13 11:40:55 JST 1999 itojun@iijlab.net
* freebsd2/ports/{ct,v6eval}: upgrade to 0.3. from ftp.tahi.org.

Fri Aug 13 00:41:12 JST 1999 itojun@iijlab.net
* netbsd/usr.sbin/{tcpdmatch,tcpdchk}: made libwrap utilities
IPv6 ready.

Thu Aug 12 14:42:25 JST 1999 itojun@iijlab.net
* kame/kame/racoon: make idea.h optional. now you can install SSLeay
without idea, and build racoon (some users need this for patent
issues).

Wed Aug 11 21:18:08 JST 1999 itojun@iijlab.net
* netbsd/lib/libwrap: libwrap that handles IPv6 correctly.
IPv6 address should be wrapped in square bracket to avoid
confusion about colon, like this:
telnetd: [::1/128] [3ffe::/ffff::] 127.0.0.1

Tue Aug 9 JST 1999 itojun@iijlab.net
* repository reorganization: NetBSD and FreeBSD228 uses
new repository at this moment.

Sun Aug 8 01:50:14 JST 1999 itojun@iijlab.net
* kit/ports/vic6 (FreeBSD228): vic video conference system.
From: ichiro@ichiro.org

Fri Aug 6 JST 1999 itojun@iijlab.net
* sys/netinet6/{tcp6,udp6}* (platforms with TCP6):
respect SO_TIMESTAMP.
* sys/netinet6/ip6_fw.[ch]: IPv6 packet filter ported from
KAME/FreeBSD228 to all platforms.

1999-08-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* raw_ip6.c (rip6_usrreq): when attaching, initialized
in6p_ip6.ip6_hlim. Without this fix, kernel might send a packet
with 0 hop limit.

Thu Aug 5 20:51:31 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/emacs20: add emacs-20.4
patched by: wolfgang@wsrcc.com

Tue Aug 3 23:26:17 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/netperf: add netperf-2.1pl3
a part of patch by: suz@sdl.hitachi.co.jp

Tue Aug 3 19:29:28 JST 1999 itojun@iijlab.net
* kit/src/mchat: tiny multicast chat program, for testing your
multicast IPv6 network.

Mon Aug 2 19:14:58 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.76.

<199907>
Sat Jul 31 12:14:07 JST 1999 itojun@iijlab.net
* kit/src/libinet6/getnameinfo.c: NI_NUMERICHOST and NI_HOSTREQD
conflict with each other (NI_HOSTREQD requires DNS lookup while
NI_NUMERICHOST prohibits that) so raise error if both are specified.

From: Hajimu UMEMOTO <ume@mahoroba.org>

1999/07/31 06:31:34 JST shin@nd.net.fujitsu.co.jp
sys/netinet6/tcp6_subr.c, udp6_usrreq.c (FreeBSD228, BSDI3):
-consider interface id at link local address connect error

Fri Jul 30 10:15:56 JST 1999 itojun@iijlab.net
* kit/src/traceroute6: allow "traceroute6 -q1 foo".
KAME PR: 135

Fri Jul 30 01:16:40 JST 1999 itojun@iijlab.net
* kit/sbin/ifconfig, kit/usr.bin/telnet, sys/netinet6,
kit/src/traceroute, kit/src/pim6sd, kit/src/rrenumd, kit/src/inet6d,
kit/src/libinet6, kit/src/libpcap, kit/src/gifconfig:
(NetBSD14) 64bit CPU friendly. Basically, be more strict about types.
(1) size_t may not be int (cast to u_long on printing)
(2) time_t is not the same type as tv_sec
(3) SIOCGIFCONF returns unaligned structures so memcpy() before
touching content
(4) always need proper header file for mem* and str*
(5) do not touch unaligned structures. fill aligned structure
then perform memcpy().
(6) libpcap/net/bpf.h must be in sync with sys/net/bpf.h.
(7) 2nd arg to ioctl() must be u_long, not int.

1999-07-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd/aspath.c (aspath2cost): not assert even if AS path
segment is NULL, which means an empty AS path. This fix is
essential when an IBGP peer sends an UPDATE message with an empty
AS path.

Thu Jul 29 18:18:07 JST 1999 itojun@iijlab.net
* kit/src/rtsol: warn if net.inet6.ip6.accept_rtadv is false
(if it is false, rtsol will have no effect at all).

Wed Jul 28 16:32:02 JST 1999 itojun@iijlab.net
* kit/src/rtsol: Sleep for a short period of random time before
sending the first RS.
(actually we check for tentative/non-tentative before sending the
first one, so this may not be needed)
Sleep RTR_SOLICITATION_INTERVAL seconds between resends.
(RFC2461 6.3.7, SHOULD)

1999/07/28 17:05:26 JST shin@nd.net.fujitsu.co.jp
* usr.sbin/inetd (FreeBSD32):
-fixed command names in man
-added new protocol type tcp46 and udp46 for future compatibility

1999/07/28 14:22:12 JST shin@nd.net.fujitsu.co.jp
* netinet/tcp_input.c,udp_usrreq.c
netinet6/tcp6_input.c,udp6_usrreq.c (FreeBSD228):
added "log_in_vain" for TCP and UDP over IPv6

1999-07-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6sd/pim6stat: added to show status of a PIM6 daemon.

Tue Jul 27 23:06:12 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/mpg123, kit/pkgsrc/audio/mpg123: upgrade to 0.59r.

Tue Jul 27 22:51:49 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.74.

1999/07/27 15:14:30 JST shin@nd.net.fujitsu.co.jp
* etc/rc.net6:
changed KAME/FreeBSD32 inetd's name to inet46d and
enable it by default, if it exists.

1999/07/27 15:10:37 JST shin@nd.net.fujitsu.co.jp
* usr.sbin/inetd (FreeBSD32):
-merged IPSEC support from kame_228
-changed the name from "inetd" to "inet46d" because the
non FreeBSD32 inetd(v4-only) commands name conflict
with this command

1999/07/27 13:58:06 JST shin@nd.net.fujitsu.co.jp
* net/route.c:
changed M_WAIT to M_DONTWAIT because this could be
called from splnet() level in KAME.

Mon Jul 26 21:32:33 JST 1999 itojun@iijlab.net
* kit/src/tcpdump: a bit of cleanups. add print-mobile.c (RFC2004)
from NetBSD. add print-l2tp.c by mshindo@ascendo.co.jp.

NOTE: you may need to remove kit/src/tcpdump/Makefile manually,
or perform "make clean" in kit/, to build the userland.

Mon Jul 26 18:18:36 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/irc, kit/pkgsrc/net/irc: add irc-2.10.2p1, The
'Internet Relay Chat' Server. compiles but not tested.

1999/07/26 05:38:48 JST shin@nd.net.fujitsu.co.jp
*sys/netinet/tcp_subr.c
sys/netinet6/in6_pcb.c,udp6_usrreq.c (FreeBSD32):
-Fix the :: connect problem on FreeBSD 3.2
-Also fix the link local address connect problem

1999-07-23 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6.c (nd6_cache_lladdr): changed the logic of setting the
IsRouter bit; always set the bit for an entry of a `better router'
learned from a redirect message. I believe this is the intention
of RFC 2461, section 8.3.

The fix responded to a conformance test by the TAHI project.

Mon Jul 25 JST 1999 itojun@iijlab.net
* kit/ports/apache13, kit/pkgsrc/www/apache13:
upgrade to use latest IPv6 patch. now filtering based on domain
name works properly.

Fri Jul 23 00:48:18 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/rsync, kit/ports/rsync: upgrade to latest IPv6 patch.

Fri Jul 23 JST 1999 itojun@iijlab.net
* sys/netinet6 (NetBSD 1.4): implement IPv6 path mtu discovery.
Now long distance TCP should work fine.

Thu Jul 22 11:55:14 JST 1999
* sys/netkey/key.c:
remove to check SA direction.

Thu Jul 22 11:30:07 JST 1999
* netinet6/ipsec.c:
give up to check transport mode restriction for forwarding packet.
But, this check should be done somewhere.

Wed Jul 21 02:45:07 JST 1999 itojun@iijlab.net
* kit/usr.bin/ftp/ftp.c: BSDI4 ftpd returns junk reply against EPSV.
try to handle the situation properly by becoming more restrictive
against return code.

1999-07-20 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* raw_ip6.c (rip6_input): changed not to use ip6->ip6_plen(which
will be zero for a jumbo payload) in checksum calculation.
The fix was based on a bug report from <gchelius@ens-lyon.fr>.

Tue Jul 20 02:15:38 JST 1999 itojun@iijlab.net
* kit/libexec/tftpd, kit/usr.bin/tftp (NetBSD 1.4):
add IPv6 support.

Tue Jul 20 01:47:06 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.73.

Mon Jul 19 23:01:13 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/ncftp3, kit/pkgsrc/net/ncftp3: upgrade to 3.0beta19

1999-07-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* [bsdi3] sys/i386/isa/if_wl.c (wl_cse_handler): changed to call
in6_ifattach in CSE_CARD_INSERTION case in order to support IPv6.
Patch from: Masahiro Ishiyama <masahiro@isl.rdc.toshiba.co.jp>

Thu Jul 8 12:16:55 JST 1999 shin@nd.net.fujitsu.co.jp
* ports/ppp (FreeBSD3.2, 228):
updated to use 990708 IPv6 patch.

Fri Jul 9 16:38:01 JST 1999 sumikawa@ebina.hitachi.co.jp
* ports/apache13(FreeBSD3.2): sync with ports-current.
* src/v6test:
- forgot to install v6test.1
- supported construction of udp headers.
* usr.bin/ftp(BSDI): fix Y2K problem in using 'reget' command.
(applied M310-055 patch from BSDI)

Fri Jul 9 01:24:20 JST 1999 itojun@iijlab.net
* kit/src/route6d: /16 routes were mistakingly added as host route.
From: Bill Sommerfeld <sommerfeld@netbsd.org>

Wed Jul 1999/07/07 13:40:18 JST shin@nd.net.fujitsu.co.jp
* net/*, netinet6/*, netpm/*, sys/malloc.h
merged from FreeBSD3.2.
-prefix related extension
Now you can renumber prefix and addrs belong to it
at th same time, using "prefix" commmand or "rrenumd".
-fixed some IPv6 macro
-source code sync

Wed Jul 7 JST 1999 itojun@iijlab.net
* bunch of portability fixes and clarifications,
including 64bit-architecture support and more strict type (for
example, use of time_t instead of long). Merged from KAME on
NetBSD-current.

Wed Jul 7 01:18:16 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.71.

Tue Jul 6 18:28:30 JST 1999 itojun@iijlab.net
* kit/src/{route6d,rtadvd,tcpdump}: fix 64bit CPU issues, like
sizeof(void *) != sizeof(int), sizeof(size_t) != sizeof(int).
* sys/netinet6: fix IPsec-only (and non-IPv6) build.
(found during NetBSD-current merge: thanks!)

Mon Jul 5 07:47:03 JST 1999 itojun@iijlab.net
* kit/src/rtadvd: partial fix to signedness issue.
* kit/src/route6d.c: fix for signedness issue.
* kit/usr.bin/ftp (NetBSD14): fix junk pointer free during URL parsing.

(all found during NetBSD-current merge: thanks!)

1999-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in_gif.c (in_gif_output) (FreeBSD3): made sure to use the
configurable variable ip_gif_ttl as iphdr.ip_ttl.

1999-07-04 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in_proto.c(BSDI): set default value(GIF_TTL) of ip_gif_ttl.

Sun Jul 4 11:10:54 JST 1999 itojun@iijlab.net
* sys (NetBSD 1.4): s/splnet/splsoftnet/ in IPv6/IPsec code.

Sun Jul 4 10:41:48 JST 1999 itojun@iijlab.net
* GENERIC.v6 (NetBSD14): remove TCP6 as it needs many twist in userland
compilation if we try to support both. merged tcp (in netinet/tcp*)
is now stable enough.

NOTE: be sure to remove "options TCP6" from kernel config file,
otherwise kernel will not compile.

Sat Jul 3 21:11:05 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_pcb.c (NetBSD14): try to avoid reuse of port # when
opening listening socket. This fixes trouble when you perform
active ftp data transfer with the same server.
(client side always get the same port # and the server side need
to wait till TIME_WAIT state finishes)
* sys/netinet*/in{,6}.h: move IPsec sysctl index from IPPROTO_ESP
to IPPROTO_AH, so that it can be used even when the kernel does not
have IPSEC_ESP compilation option.
* kit/src/*: Makefile cleanups. (1) CPPFLAGS must be used for -D and
-I on NetBSD. (2) several lint fixes.

Sat Jul 3 05:43:18 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/src/pma,ptrconfig
* sys/net,netinet,netinet6,netkey,netpm,sys
FreeBSD32 is generally synced to FreeBSD228.
mainly added items are,
-v4 nat
-v4<->v6 protocol translation
-faith related extensions
-some more ipsec related sync

Fri Jul 2 23:57:45 JST 1999 itojun@iijlab.net
* kit/src/ping6.c, sys/netkey/key_debug.c: fix for 64bit architecture.
From: Jason Thrope
* kit/src: avoid warnings.
* kit/usr.bin/telnet (NetBSD14): make source routing work.
* kit/usr.sbin/inetd (NetBSD14): dual stack inetd. "tcp6" gets
tcp6 socket for childs.

1999-07-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.c (icmp6_redirect_output): added source address check
before sending ND6 redirect according to RFC 2461, sec 8.2.
A new function nd6_is_addr_neighbor is implemented in nd6.c for
this purpose, although it is currently called only from
icmp6_redirect_output.

Fri Jul 2 08:23:05 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Fixed SA selection. When there was tunnel mode SA, not transport
mode SA, and you send transport mode, kernel selected tunnel mode SA
for your packet.

Fri Jul 2 05:23:44 JST 1999 sakane@ydc.co.jp
* sys/netinet6/esp_core.c,kit/src/setkey:
Disabled new ESP with 3des-cbc mode and derived IV.
Enabled old ESP with des-cbc and 32bit IV.

Fri Jul 2 03:09:30 JST 1999 itojun@iijlab.net
* kit/src/libinet6/get{addr,name}info.c:
get{addr,name}info.c works better in environment without
getipnodeby{addr,name}. It can perform queries for both
IPv4 and IPv6 (previously it performed only IPv4 query if
INET6 is not defined).

1999-07-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* [BSDI]ip6_forward.c: experimentally added code to check
site-local source and to return an ICMP6 error if it breaks scope.

1999-07-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.h (ICMP6_DST_UNREACH_BEYONDSCOPE): was added according to
the new ICMP6 draft.
ping6, icmp6dump, traceroute6, and tcpdump were also rewritten to
use the new type.

1999-07-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6.h (IP6OPT_RTALERT_ACTNET): added a macro for as a new router
alert option value, which specifies that the datagram contains an
Atcitve Networks message.

1999-07-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_mroute.c (ip6_mdq): moved M_LOOP flag check just before
sending a wrong-IF report. The older position was wrong since it
discarded a valid packet encapsulated in a PIM register message.
Thanks to: <hoerdt@clarinet.u-strasbg.fr>

<199906>
Wed Jun 30 14:24:23 JST 1999 itojun@iijlab.net
* sys (NetBSD14): bunch of cleanups, removing code that are not used,
comment fixes. MAPPED_ADDR_ENABLE is removed (this never worked).
tcp6 mapped address behavior was slightly changed.
Please read kit/IMPLEMENTATION for details.
* sys/i386/isa/if_ed.c (FreeBSD32): include opt_inet.h for INET6.
I REALLY HATE opt_inet.h. there is no way to check if I have
included enough header files.
From: momo@iij.ad.jp
* sys/netinet6/in6.h: uncomment prototype for inet6_options_*.
Fix typo.
From: koji@dti.ad.jp

Wed Jun 30 09:21:17 JST 1999 itojun@iijlab.net
* sys/netinet6/esp_input.c: IPv4 esp tunnel packets were mistakingly
dropped by a typo. now it is fixed.

Found by: sumikawa@kame.net

Mon Jun 28 13:17:13 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.70.

Mon Jun 28 05:14:49 JST 1999 shin@nd.net.fujitsu.co.jp
*kit, src/sys/netkey,crypt,netinet,netinet6 (FreeBSD32):
merged new ipsec and recent ipsec related changes.

Sat Jun 26 17:29:06 JST 1999 itojun@iijlab.net
* kit/src/route6d: add -l option, which enables exchange of site local
routes. This option needs a great care as the semantics for site
local address space is quite vague.

Sat Jun 26 16:51:32 JST 1999 itojun@iijlab.net
* kit/usr.bin/ftp (NetBSD14): fix ftp URL parsing in numeric IPv6
address case, like ftp://[::1]:9999/.

Sat Jun 26 15:37:23 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_pcb.c (NetBSD14): fix in6pcb lookup for listening
socket (this is for kenrels without "options TCP6").

From: Koji Kondo <koji@dti.ad.jp>

Thu Jun 24 17:07:24 JST 1999 itojun@iijlab.net
* sys/netinet6/udp6_usrreq.c: pass IPv6 extension header properly
to the user level. (call m_adj() after extension header
reception processing)
* kit/pkgsrc/www/apache13, kit/ports/apache13: upgrade to latest
IPv6 patch. This fixes domain name-based access control like
"allow .kame.net".

Wed Jun 23 22:35:06 JST 1999 itojun@iijlab.net
* sys/netinet6: define net.inet6.ip6.kame_version sysctl MIB.
this shows KAME kit version as string. if you got the tree
from anoncvs or cvsup, it will be "from cvs repository".
if this is from SNAP kit, it will be like "SNAP 19991231".

Wed Jun 23 19:32:47 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.69.

Wed Jun 23 15:41:03 JST 1999 itojun@iijlab.net
* sys/netinet6/ipsec* (NetBSD14/FreeBSD228/BSDI3):
define additional kernel config option "options IPSEC_ESP", which
enables ESP part of the kernel.
This is for US export regulation friendliness (I hate to have this)

Now,
"options IPSEC + options IPSEC_ESP" will build complete IPsec
(AH + ESP + IPComp)
"options IPSEC" will build IPsec kernel without crypto
(AH + IPComp)
without "options IPSEC", you'll get no IPsec.

NOTE: You need to add IPSEC_ESP if you want ESP code.

* sys/netinet6/ah_core.c (NetBSD14/FreeBSD228/BSDI3):
use OS-supplied MD5/SHA1 code, if the OS supplies that in libkern.

Tue Jun 22 JST 1999 itojun@iijlab.net
* sys/netinet/tcp* (NetBSD 1.4): stabilize tcp6 when "options TCP6"
is NOT defined. IPv4 mapped address (::ffff:127.0.0.1) can be
handled properly. inpcb and in6pcb are separate.
* kit/src/route6d: add more sanity check against command line option.

Mon Jun 21 05:54:37 JST 1999 itojun@iijlab.net
* sys/netinet/tcp* (NetBSD 1.4): add "options TCP6". If you would
like a stable IPv6 TCP (in netinet6/tcp6*, the one we have been
using), add "options TCP6". If you would like to test dual stack
tcp (in netinet/tcp*), do not add "options TCP6".
IPv6 TCP using netinet/tcp* is not stable yet.
* kit/usr.sbin/trpt (NetBSD 1.4): trpt with dual stack tcp support.
(if you build the kernel with separate tcp6 code, trpt will not
be able to show the trace for tcp6)

Sun Jun 20 05:38:26 JST 1999 itojun@iijlab.net
* sys/netinet/tcp* (NetBSD 1.4): changes toward address family
independent tcp (so that we can share tcp4 and tcp6 source code).
nuked tcpiphdr. no IPv6 support yet.
* sys/netinet6 (NetBSD 1.4): tiny cleanups.

Fri Jun 18 03:04:55 JST 1999 sakane@ydc.co.jp
* kit/ports/icecast:
Fixed to connect with encrypted password between icecast and shout.
You can define --with-crypt.

Thu Jun 17 22:09:00 JST 1999 itojun@iijlab.net
* kit/ports/ethereal (FreeBSD 228): upgrade to use 0.6.2.
sorry for the delay.

Thu Jun 17 21:37:05 JST 1999 itojun@iijlab.net
* kit/src/route6d: reorganize directory to use bsd.prog.mk.
now we have kit/src/{route6d,ifmcstat,rip6query}.
NOTE: "make clean" before cvs update, if you use anoncvs

Wed Jun 16 13:58:08 JST 1999 itojun@iijlab.net
* kit/ports/apache13, kit/pkgsrc/www/apache13: use latest IPv6 patch.
bugs in mod_access were fixed.

From: "Chris P. Ross" <cross@eng.us.uu.net>

1999-06-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/tcpdump/print-pim.c (pimv2_print): supported more detailed
analysis for PIM sparse related messages.

Tue Jun 15 08:31:31 JST 1999 itojun@iijlab.net
* kit/ports/bind8, kit/pkgsrc/net/bind8: use latest IPv6 patch.
* kit/ports/apache13, kit/pkgsrc/www/apache13: use latest IPv6 patch.

Tue Jun 15 07:18:06 JST 1999 itojun@iijlab.net
* sys (BSDI): merge in ALTQ 1.1.3 patch for BSDI.
You'll need altq-1.1.3-bsdi-19990615.diff.gz in
ftp://ftp.kame.net/pub/kame/misc/, for building userland.

  From: Hideaki Imaizumi <hiddy@sfc.wide.ad.jp>

Tue Jun 15 05:01:13 JST 1999 shin@nd.net.fujitsu.co.jp
* src/sys/netinet6/in6_prefix.c, in6_prefix.h, in6_proto.c,
in6_var.h, nd6.h, nd6_rtr.c (FreeBSD32):
-BUG fix of router renumbering (touched undefined pointer at prefix
allocation)
-removed RR prefix related code from ND prefix related code
(Because, now ND prefix and RR prefix is separated)
-set net.inet6.ip6.forwarding and net.inet6.ip6.accept_rtadv
by function.
When, net.inet6.ip6.forwarding change from 0 to 1, clear all
ND prefixes, and set net.inet6.ip6.accept_rtadv to 0
When, net.inet6.ip6.forwarding change from 1 to 0, clear all
RR prefixes, and try to recover original net.inet6.ip6.accept_rtadv
value as much as possible.

Mon Jun 14 04:24:56 JST 1999 itojun@iijlab.net
* kit/ports/pfs (FreeBSD228): add pfs portable file system.
compiles but not tested.

Mon Jun 14 03:46:36 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.68.
* sys/netkey/key.c, kit/src/racoon: racoon is now able to exchange
IPComp SA. NOTE: need more checking on keydb management code.

Sun Jun 13 20:14:26 JST 1999 itojun@iijlab.net
* sys/netinet6/tcp6_subr.c: when transmissing RST packet,
initialize flowlabel field properly.

1999-06-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6sd: many serious bugs were fixed. Though it has still
some bugs, we believe it's now worth trying.

Fri Jun 11 10:27:37 JST 1999 shin@nd.net.fujtsu.co.jp
* sys/net, sys/neinet6 (FreeBSD 3.2):
updated router renumbering
-separete RR prefix list from ND prefix list
-addrs assigned by ifconfig is linked to correspondent prefix,
and it is also controled by the prefix change.
-now, prefix command can be used only if
         net.inet6.ip6.forwarding=1

TODO: -remove RR prefix related code from ND prefix part
-when net.inet6.ip6.forwarding is become 1,
clear ND prefix list
-when net.inet6.ip6.forwarding is become 0,
clear RR prefix list
              -merge onto other platform

1999-06-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6sd: imported PIM6 sparse mode daemon developed by
Mickael Hoerdt at LSIIT Laboratory.
Though it can be compiled and work to some extent, it still
contains some serious problems.
So, please be careful when you try it. We also very much welcome
bug reports and patches.

1999-06-09 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/mld6_proto.c (accept_listener_report):
if the group of a received MLD report is link-local, simply
discard the report, instead of creating and maintaining a group
entry for the group. It would be a bit more efficient.
Suggested by: Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>

Wed Jun 9 16:00:14 JST 1999 itojun@iijlab.net
* kit/ports/{ct,v6eval} (FreeBSD228): upgrade to 0.2.

From: Takashi_Tanaka@yokogawa.co.jp

1999-06-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* netstat/mroute6.c (mroute6pr): printed "reg0" as `physical
interface' for an interface to receive PIM register messages.
Advised by: Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>

1999-06-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_mroute.c: enabled PIM sparse mode related part.
Advised by: Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>

Tue Jun 8 16:04:49 JST 1999 itojun@iijlab.net
* sys/netinet6/tcp6_subr.c (NetBSD 1.4): avoid using dtom()
for tcp header template. use "pool" allocator instead.

Tue Jun 8 15:24:51 JST 1999 itojun@iijlab.net
* kit/pkgsrc/mail/fetchmail (NetBSD 1.4): upgrade to 5.0.3.

Tue Jun 8 14:58:35 JST 1999 itojun@iijlab.net
* kit/pkgsrc/www/apache (NetBSD 1.4): changed daemon installtion
directory from /usr/pkg/bin to /usr/pkg/sbin. NetBSD pkgsrc for
apache does this so we'd better follow that practice.

Sun Jun 6 15:45:31 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_ifattach.c (NetBSD14):
when attaching link-local address to an interface, defer routing
table setup to prevent danglink pointer to be recorded in routing
table.
related to, or fixes, PR 109.

1999-06-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd: made administrative scope filter more generic.
The following two types can be specified:
- Group1-Group2: specifies a numerical range of a scope.
- GroupPrefix/Prefixlen: specifies a prefix of a scope.

Sat Jun 5 07:40:48 JST 1999 itojun@iijlab.net
* sys/netinet6 (FreeBSD228/NetBSD14/BSDI): IPComp (IP payload
compression protocol) support.
See section 5 in IMPLEMENTATION for detalis.

Sat Jun 5 00:11:38 JST 1999 itojun@iijlab.net
* kit/src/tcpdump: support IPComp (ip payload compression, RFC2393)
message decoding.
* kit/src/tcpdump: fix pim6 Register-Stop message decoding bug.
From: mhoerdt <mhoerdt@iutsud.u-strasbg.fr>

NOTE: be sure to perform "make clean" in kit directory.
(or "make distclean" in kit/src/tcpdump)

1999-06-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* mld6.c (mld6_input): use the M_LOOP flag in order to detect if
an MLD6 report is looped back.
IFF_LOOPBACK was used in the older versions, but it was wrong
since ip6_mloopback faked ifp.

1999-06-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in_gif.c, in6_gif.c[FreeBSD 2, 3]:
- included gif.h for appropriate initialization
- included sys/kernel.h, which is necessary for SYSCTL_INT
Thanks to: Koji Kondo <koji@dti.ad.jp> for reporting the problem.

Tue Jun 1 22:34:46 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.67.
* kit/pkgsrc/net/bind8, kit/ports/bind8: use latest IPv6 patch.
now listen-on and some other directives work with IPv6 address.

<199905>
Mon May 31 19:02:27 JST 1999 shin@nd.net.fujitsu.co.jp
upgrade KAME FreeBSD 3.1 to 3.2
upgrade ALTQ from 1.1.3 to 1.2 (FreeBSD 3.2)

1999-05-31 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_output): zero-clear the reserved field of a
Fragment header in an outgoing packet.

Mon May 31 01:18:04 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Added more checking the ID payload in phase 2. Draft said that IDr2
must be immediatelly followed by IDi2. We allow the illegal case,
but logged.

1999-05-31 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* (kernel): added new sysctls, net.inet.ip.gifttl and
net.inet6.ip6.gifhlim. They specify TTL or hop limit for a gif
encapsulated packet.
Notes:
   BSDI users should update /usr/local/v6/sbin/sysctl to access
these sysctl names.

1999-05-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/timer.c (age_routes): reflect changes even if the
unicast routing table does not change. I believe this is a bug of
the original pimdd.
This fix is necessary in order to handle expiration of the prune timer
when the forwarding cache entry still exists.

Fri May 28 1999 itojun@iijlab.net, sakane@ydc.co.jp
The following changes affect FreeBSD228, NetBSD14, BSDI version of
KAME, not others.
* sys/netinet6/ipsec.c: On IPsec operation on listening socket, do
not share security policy structure among sockets. This is better
because it allows more efficient SAD entry lookup, and it will
leave less obsolete SPDs kept in the kernel.
* kit/src/setkey: add -l option (to be used with -D), which generate
summary of SAD every 1 seconds. This is good for tracing IKE daemon.
* kit/src/racoon: so many changes and fixes.
- At this moment racoon does not support proposal group with multiple
proposal (say, ESP proposal and AH proposal with same proposal
ID #). Now racoon ignores such proposal from initiator when it
behaves as responder, and filters out such proposal in
configuration file when behaves as initiator.
- Transmit INVALID_COOKIE informational exchange when no matching
ISAKMP SA is found for phase 2 packet.
- Reload of configuration (on SIGHUP) now works correctly.
- Be more strict about configuration file. Die if there's no
required items listed on configuration file.
- Fix lifetime attribute parsing. if the lifetime value is out of
range (due to malformed packet, maybe), use default lifetime.
Previously it sets lifetime to 0 and this caused problems.
- Clarify many of internal structures, such as diffie-hellman
primes and keys (mainly for future support of new group mode).
- racoon now checks phase 2 soft lifetime. Now rekey can be done
more smoothly (TODO: phase 1 soft lifetime check).
- racoon is now more robust against duplicated packets (due to
resend from the peer).
- Phase 1 now supports various encryption algorithms, incl. Blowfish
and CAST128. Key length can be negotiated properly.
- Delete payload support. racoon accepts delete payload from peer.
racoon transmits delete payload if SADB_DELETE is received,
thus SAD delete operation from setkey command will generate delete
payload. Need more support in other occasions.
- Many improvements in debugging output.
- So many minor bug fixes.

Fri May 28 07:34:54 JST 1999 itojun@iijlab.net
* kit/src/setkey: Setkey no longer display dead SAs in the kenrel with
-D. To see dead SAs as well, specify -a with -D.

Fri May 28 02:09:23 JST 1999 itojun@iijlab.net
* kit/src/racoon:
- Do not listen to wildcard socket (grab list of addresses and
perform specific bind(2)). This is to prevent broadcast DoS attack
to IKE daemon. If you specify wildcard address in the config file,
warning will appear.

Thu May 27 05:16:34 JST 1999 itojun@iijlab.net
* sys/net{inet6,key}/Makefile (NetBSD 1.4): include files can be
installed by "cd kame/sys; make incinstall".
(NOTE: this does not follow kame/kit/INSTALL)

Subject: (KAME-snap 632) header file installation on NetBSD 1.4
From: Erik Bertelsen <erik@mediator.uni-c.dk>

Thu May 27 01:51:14 JST 1999 itojun@iijlab.net
* kit/ports/icecast, kit/pkgsrc/audio/icecast: upgrade IPv6 patch.
now instructions on configuring IPv6 UDP multicast audio streaming
is provided.

Wed May 26 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 0.66.

Wed May 26 1999 itojun@iijlab.net
* kit/src/traceroute: fix order of privilege control. (IPsec
setsockopt must be performed with root privilege)
* kit/sbin/ping (NetBSD 1.4): clarification on IPsec policy
configuration. NetBSD ping command transmits dummy ping toward
loopback address (for flushing route cache in ip_output). We do
not need IPsec for this operation so we specify "bypass" policy
for the operation.

Tue May 25 03:32:12 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Fixed to manage the exchange status. i.e. There is no limit really
for payload ordering.
- Supported idea, blowfish, rc5, cast. But not tested.
- Called libcrypt for checking weak key.
- clean up

Sun May 23 06:51:35 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Check Notify messages in phase 1, but still ignore.
- Ignore multiple SA in phase 2.
- Fixed sending localport number in ISAKMP packet. It was a constant
of 500.
- Insert actual port in use into ID payload.
- Delete ADMIN_PROTO_IKE from admin.h. IKE is not protocol.
- Improved kmpstat. print the information if error.
- Improved PF_KEY messaging by timer.
pfkey_send_{timer,try}: is to send PFKEY message.
pfkey_acquire_{timer,try}: is to wait to get IKE.
- Fixed remote directive in racoon.conf more than tree. cftab was
broken when there was not anonymous entry in the first remote entry.
- Fixed local test mode. There is a bit strange, but it works.
- Fixed some of crash problems.
- clean up. There are same processing in various places.
They should be merged.

CAUTION: There is rekeying issue.
There may be crash problem in aggressive mode.

Sat May 22 21:44:09 JST 1999 itojun@iijlab.net
* sys/dev/ic/midway.c (NetBSD 1.4): import changes in ALTQ 1.2 PVC ATM
code (only for Adaptec/ENI ATM driver - no ALTQ support in NetBSD).
NOTE: compiles but not checked
* sys/i386/pci/midway.c (BSDI): import changes in ALTQ 1.2 PVC ATM
code (only for Adaptec/ENI ATM driver - no ALTQ support in BSDI).
NOTE: currently broken
* sys, kit/ports/altq (FreeBSD228): update ALTQ to 1.2. userland
tools must be installed by using kit/ports/altq.

From: Kenjiro Cho <kjc@csl.sony.co.jp>

Sat May 22 21:13:47 JST 1999 itojun@iijlab.net
* sys/net/if_gif.c: call if_up() on positive edge of IFF_UP,
to send up RTM_IFINFO to the userland.

TOOD: more checks to other drivers (sometimes non-KAME issue
but we need RTM_IFINFO message for routing daemons).

1999-05-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kit/src/pim6dd: supported group-basis output filter. See
pim6dd.conf(5), which is also updated.

Sat May 22 14:34:59 JST 1999 itojun@iijlab.net
* sys/dev/pci/aeon.c (NetBSD 1.4): fix aeon crypto pci card driver
for NetBSD 1.4. No test performed yet (I don't have encryption-
enabled card anyway, I can't buy one in Japan!).

Sat May 22 1999 itojun@iijlab.net
* sys/netinet6/in6_ifattach.c (NetBSD 1.4): fix dangling pointer
on link-local address addition failures.

Sat May 22 04:17:01 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_rtr.c (NetBSD 1.4): Simply call rtrequest() from
defrouter_addreq(), rather than re-implement the behavior. This is
much simpler and avoids bug due to misuse of memory allocator.
TODO: check if it was the right fix, there may be special requirement
in defrouter_addreq(), which we have forgotten.

This fixes misterious "panic on long suspend/resume session" bug.
This was generated when aged routes, which were generated by
defrouter_addreq, are get purged (so kernel panic can be raised
by ndp -R).
defrouter_addreq() allocated struct rtentry by R_Malloc, but
NetBSD 1.4 now uses "pool" allocator in net/route.c.
Then defrouter_addreq() inserted struct rtentry allocated by
R_Malloc onto the routing table. Kernel panic'ed if you try to
call pool_put() with pointer to non-pool region (happens on route
purge).

The bug was a bit hard to track. I spent few days to find a
repeatable steps to make the kernel panic, spent 4 hours to find the
cause. IMHO new allocators/deallocators (like pool_{get,put})
should provide more sanity checks (especially for alloc/free pool
mismatches) when DIAGNOSTIC is defined. Current DIAGNOSTIC code did
not help me much. I should do this next time...

Fri May 21 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c (NetBSD 1.4): synchronized ND6 code
with BSDI. This includes experimental fix for duplicated ND6
detection (see CHANGELOG entry on Fri Apr 8 1999).

Thu May 20 16:36:20 JST 1999 itojun@iijlab.net
* kit/pkgsrc/www/lynx, kit/ports/lynx: use latest IPv6 patch.
now numeric IPv6 address is supported under "http://[::1]:80/"
format.

Thu May 20 16:05:27 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/rsync, kit/ports/rsync: IPv6-ready rsync 2.3.1.

Thu May 20 12:12:09 JST 1999 itojun@iijlab.net
* kit/src/libinet6/getaddrinfo.c: filter out AFs that are not
supported by the kernel. This takes effect when you use AI_PASSIVE
on IPv4 only node (previously both :: and 0.0.0.0 are returned)

NOTE: this change requires full rebuild of "kit" tree. be sure
to remove /usr/local/v6/lib/*.a before rebuild.

From: Alexander Fung <amfung@bbn.com>

Thu May 20 06:18:11 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Check the each values of lifetime. If the value is zero then
kernel ignores its lifetime. Actually, we do check the addtime
and bytes.

Thu May 20 04:38:44 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Don't use the sockets failed to call socket().

Thu May 20 01:42:24 JST 1999 itojun@iijlab.net
* kit/usr.bin/finger, kit/libexec/fingerd (NetBSD 1.4):
dual-stack fingerd/finger.

Wed May 19 21:48:12 JST 1999 itojun@iijlab.net
* sys/netinet{,6}/ip{,6}_output.c (F228/N14/BSDI):
hide some of IPsec error code from the userland. (need elaborate)
some of IPsec errors (such as "no SA") should be shown as packet loss
to the users.

Wed May 19 15:17:11 JST 1999 itojun@iijlab.net
* sys/netinet6/frag6.c: Do not use mbuf to keep fragment queue, as
this does not contain messages. use malloc() instead.
This avoids dtom().

From: Craig Metz <cmetz@inner.net>

Tue May 18 22:13:59 JST 1999 itojun@iijlab.net
* sys/netinet/ip_output.c (BSDI/NetBSD14/FreeBSD228):
even if SO_DONTROUTE is speicfied, we need to use struct route and
route the packet, for IPsec tunnel mode processing. handle struct
route accordingly.

Tue May 18 22:06:29 JST 1999 shin@nd.net.fujitsu.co.jp
* kern/uipc_socket.c, sys/socketvar.h, netinet6/ip6_output.c
(FreeBSD 3.1):
-moved sooptmcopyout to ip6_output.c with some modification.
-added ip6_soooptmcopyin().
-use those functions in ip6_ctloutput() when coping option data between
soopt and mbuf chain.

Tue May 18 02:17:06 JST 1999 itojun@iijlab.net
* sys/netinet6, sys/netkey (NetBSD 1.4): merge in new IPsec policy
engine. Now (1) racoon is usable, (2) IPv6 IPsec including tunnel
mode is available, (3) policy engine is much more flexible.
* kit/src: enable build of IPsec-supporting programs on NetBSD.
* kit/sbin/ping (NetBSD 1.4): support ipsec policy specification
by -E option (-P was already occupied).

Sun May 16 22:33:41 JST 1999 itojun@iijlab.net
* kit/sbin/ifconfig (NetBSD 1.4): change behavior of "ifconfig
interface" to print all the interface address available, not just
inet addresses. The behavior looks more natural to me.

Sun May 16 03:38:03 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_ifattach.c (NetBSD 1.4):
Add link-local address to the ethernet interfaces (and join
mandatory multicast groups), when the interface is made IFF_UP.
In NetBSD, pcmcia interfaces are not initialized until IFF_UP,
so there seems to be no other option.
Good thing is that now we do not need to call in6_ifattach() from
drivers. It is of course okay to call in6_ifattach() from drivers,
if you are sure that the driver is proprely initialized.

NOTE: this change may break some of the userland tools, which checks
IPv6 interface address BEFORE bringing the interface up.

Sun May 16 01:01:24 JST 1999 itojun@iijlab.net
* kit/pkgsrc/security/ssh, kit/ports/ssh: upgrade to 1.2.27 with
latest IPv6 patch.

Sun May 16 00:32:52 JST 1999 itojun@iijlab.net
* KAME/NetBSD-1.4 is now buildable (both kernel and userland).
* kit/usr.bin/netstat: add support for "netstat -p tcp6 -P
<tcp6cb address>".

Sat May 15 08:20:30 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/zebra, kit/ports/zebra: upgrade to 0.65.

Fri May 14 21:18:45 JST 1999 itojun@iijlab.net
* sys/netkey/key.c (BSDI, FreeBSD228): To transmit SADB_ACQUIRE
messages correctly from the kernel, changed the mbuf allocation
policy in key_sendup(). Now we allocate non-cluster mbuf chain
for most cases.

Previously we allocated cluster mbuf for most of the cases, and
this caused PF_KEY socket to be considered full and sbappendaddr()
to fail. This is due to wasted space on cluster mbufs
(sbspace() checks both actual data size and mbuf area size).

Fri May 14 11:50:15 JST 1999 itojun@iijlab.net
* sys/netinet6 (BSDI, FreeBSD228): in IPv6 IPsec, tunnel mode now
works as well.

Note: IPv6 spec suggests the originating node to process HBH option
on the packet from the node itself (the originating node is
considered as "first hop"). However, we do not do this when
you apply IPv6 IPsec tunel onto the packet, since HBH option is
already encrypted when it is to be processed. This should be
fixed, however, IMHO this is very rare case.

Thu May 13 22:56:06 JST 1999 itojun@iijlab.net
* kit/src/v6test/v6test.c: support interface with DLT_NULL
bpf encapsulation (i.e. loopback interfaces).

1999-05-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/v6test/getconfig.c (make_ah): added to support
authentication header.
Also added some new tests in ext.conf.

Thu May 13 21:25:51 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Aggressive mode was supported, but not tested sufficiently.
XXX There must be Vender ID in fixed place of payload. TO BE MODIFIED.

1999-05-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* uipc_socket2.c (sbcreatecontrol): if a given control message
is larger than MLEN, allocate an mbuf cluster and store the
message into the cluster.
Also, implemented more strict length check.
This fix is only for FreeBSD(2 and 3) and NetBSD. A similar fix
for BSDI was already done.

Thu May 13 20:18:37 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet6/ip6_fw.c, sys/i386/conf/GENERIC.v6 (FreeBSD3.1):
made compilabel and bootable with ip6fw enabled.
not tested well enough.

Thu May 13 20:04:35 JST 1999 itojun@iijlab.net
* sys/netinet6/ah_core.c: drop IPv6 AH packet with too many
extension headers, to avoid DoS attacks.
Use net.inet6.ip6.hdrnestlimit to configure the number of extension
headers allowed.

1999-05-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/trace.c (accept_mtrace): added to support the
response part of mtrace(not tested yet).

1999-05-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_setpktoptions): added the IPV6_DSTOPTS case,
which allowed user to specify destination options headers for an
outgoing packet.
(compilable, but not tested yet)

1999-05-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in6_pcb.c (in6_pcbbind): prevented binding a socket to an
address if it's anycast, notready, detached or deprecated.

1999-05-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* netstat/inet6.c: sync icmp6names[] with the latest kernel.

1999-05-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.h: changed the size of icmp6stat.icp6s_{in, out}hist from
ICMP6_MAXTYPE + 1 to 256 since the former made the kernel
vulnerable.

1999-05-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* added a sysctl net.inet6.ip6.defmcasthlim, which gets or
specifies the default hop limit for an outgoing IPv6 multicast
packet.
Note that BSDI users must update both kernel and kit/sbin/sysctl
to enable the new sysctl.

Wed May 12 14:57:54 JST 1999 itojun@iijlab.net
* kit/libexec/fingerd, kit/usr.bin/finger (FreeBSD228): finger daemon/
client fixed for dualstack support.

Wed May 12 14:12:44 JST 1999 itojun@iijlab.net
* kit/ports/inn (FreeBSD228/31): IPv6-enabled netnews server,
version 2.2.
From: Satosi KOBAYASI <kobayasi@north.ad.jp>

Wed May 12 10:33:32 JST 1999 itojun@iijlab.net
* sys/netinet6/icmp6.h: node information query/response got the
official ICMPv6 type, so use the official number.
NOTE: need recompilation in userland (ping6), and old KAME and new
KAME will not interoperate due to the overwrap in number...

Wed May 12 02:29:13 JST 1999 sakane@kame.net
* sys/netkey/key.c (FreeBSD228/BSDI):
Fixed to expire SA. It can't be sent SADB_EXPIRE message due
to my mistake.
Added test implement for lifetime by byte counts.
You must be careful to set its value otherwise it causes many
SA to be set.
e.g. time limit = 22896000(s)
byte limit = 100(KB)

Tue May 11 18:48:37 JST 1999 sakane@kame.net
* kit/ports/icecast, kit/pkgsrc/audio/icecast: upgrade to latest
IPv6 patch, with song name broadcasting/request hack.

Tue May 11 18:26:06 JST 1999 itojun@iijlab.net
* sys/netkey (FreeBSD228/BSDI): strictly perform reference count on
SPD/SAD. Now netkey seems to have almost no memory leaks.
* sys/netkey/key.c, kit/src/setkey/setkey.c (FreeBSD228/BSDI):
throw results of SADB_DUMP and SADB_X_SPDDUMP message as separate
message to pfkey socket. This should be more reasonable as each
of the result (for single SAD/SPD entry) has sadb_msg header.

Mon May 10 03:16:49 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to zebra 0.64.1.

Sun May 9 16:39:31 JST 1999 itojun@iijlab.net
* kit/ports/ruby, kit/pkgsrc/lang/ruby: update to use latest IPv6
patch.

Sun May 9 03:51:09 JST 1999 itojun@iijlab.net
* kit/src/racoon: get/set proper source/destination address for IKE
packets, using IP_RECVDSTADDR and IPv6 advanced API.
this is needed to support hosts with more than 1 IP addresses
(i.e. most of IPv6 node needs this).
TODO: scoped IPv6 addresses support (link-local and site-local).

Sat May 8 23:13:53 JST 1999 sakane@ydc.co.jp
* sys/netkey:
Fixed tick counter problem, that is timeout() re-sets lifetime to 1(s)
when you use too big lifetime. Now the timer about IPsec key
management is processed in key_timehandler().

Sat May 8 18:53:29 JST 1999 itojun@iijlab.net
* sys/netinet, sys/netinet6 (BSDI, FreeBSD228): Inherit IPsec policy
configuration on tcp socket, across accept() operation (in the past
IPsec policy must be configured after accept()).
Now, you can configure IPsec policy onto listening tcp socket,
and wait for new conncection to come by accept(). The new socket
returned by accept() has the same IPsec policy as the listening tcp
socket. This should be more natural behavior to the programmers,
and this behavior is inevitable for protecting SYN/SYN ACK packet
from attackers.

Sat May 8 15:21:01 JST 1999 itojun@iijlab.net
* kit/src/inet6d: Add quickhack to specify IPsec policy by specially
formatted comment line (starting with "#@"). Experimental and
is subject to change in the near future.
* sys/netinet, sys/netkey (BSDI, FreeBSD228): fixed IPsec policy
engine for IPv6 IPsec via IKE.

Fri May 7 13:59:16 JST 1999 itojun@iijlab.net
* kit/src/tcpdump/print-ospf6.c: decode ospf6 packets.
NOTE: do not forget to perform "make distclean" (or, "make clean"
in kit directory). otherwise, old Makefile calls build failure.

Fri May 7 02:25:23 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to zebra 0.64.
now OSPF6 is ready for testing (but not for actual use - kernel
routing table will NOT be updated).

Thu May 6 14:18:12 JST 1999 itojun@iijlab.net
* kit/src/tcpdump/print-pim.c: added pim dm decode routines.
(need pim-noisy network to debug this...)

Thu May 6 17:32:06 JST 1999 itojun@iijlab.net
* sys/netinet6 (FreeBSD228): (1) separate IPv6 IPsec (transport-mode)
output processing into ipsec6_output_trans(), for cross-OS
portability.
(2) Multiple transport-mode IPsec headers can be inserted, in any
order.
(3) Most of IPsec output functions now returns int, instead of
struct mbuf * (no mbuf head pointer will be modified).
It is for better uniformity, and better error code handling.
(4) Some of the IPsec fuctions assume certain property from mbuf
chain. See comments for those assumptions.

TODO: tunnel mode

Wed May 5 13:31:28 JST 1999 itojun@iijlab.net
* kit/ports/tcp_wrapper: IPv6-ready tcp_wrappers_7.6.tar.gz
NOTE: this is separate from kit/ports/tcpd. kit/ports/tcpd is a
rewrite of tcp_wrappers for IPv6 (similar functionality but
completely separate codebase). kit/ports/tcp_wrapper is IPv6-
enabled tcp_wrapper.

From: Hajimu UMEMOTO <ume@mahoroba.org>

1999-05-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/tcpdump/print-pim.c (pimv2_print): fixed a bug that a wrong
position was referred as the PIM version field.
Repored by Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>

Wed May 5 06:03:59 JST 1999 itojun@iijlab.net
* sys/dev/en/midway.c (FreeBSD3): pvc interface did not have the
IPv6 link-local address. There was some patch slipped off during
the merge.

From: Scott Mace <smace@intt.org>
PR: 95

1999-05-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/libpcap: supported a new protocol type `pim';
you can now invoke tcpdump like `tcpdump pim'.

Tue May 4 14:38:58 JST 1999 itojun@iijlab.net
* sys/netinet6/ip6_output.c (FreeBSD228): make multiple transport-mode
AH on IPv6 work corretly.
add some sanity check to forbid inbound/outbound jumbogram packet
with AH (jumbogram and AH is ill-suited, spec-wise).

Tue May 4 13:25:51 JST 1999 itojun@iijlab.net
* sys/netinet6/ip6_output.c (FreeBSD228): support IPv6 IPsec
(transport mode only) with new policy engine. To do this I've
changed some part of IPv6 option header construction routines,
so kick me if I've added any bugs.

Sun May 2 12:34:26 JST 1999 itojun@iijlab.net
* kit/src/route6d/route6d.c: implement inbound route filter option (-L).

Sat May 1 13:45:36 JST 1999 itojun@iijlab.net
* kit/usr.sbin/inetd (FreeBSD 2.2.8): Add quickhack to specify
IPsec policy by specially formatted comment line (starting with
"#@"). Experimental and is subject to change in the near future.

Sat May 1 JST 1999 itojun@iijlab.net
* kit/src/libipsec/ipsec_policy.c: Added 2nd argument (int len) to
ipsec_set_policy(), to make it safer against buffer overflow.
Update the parser to be more strict about the IPsec policy string
grammar.

<199904>
Fri Apr 30 18:57:48 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Modified that kernel DOESN'T send SADB_EXPIRE message to user land
if SA is not used until expiration soft lifetime. Otherwise kernel
sends SADB_EXPIRE message with the values of current lifetime.

Fri Apr 30 17:53:43 JST 1999 itojun@iijlab.net
* kit/src/route6d/route6d.c: Take care of dynamic interface adress
addition/removal, interface state change, and static route change.
Sideeffect: You can specify interfaces which are down, into the
command line options (like -N). Those interfaces can be used by
"ifconfig up" later.

Fri Apr 30 03:44:48 JST 1999 itojun@iijlab.net
* kit/ports/apache13, kit/pkgsrc/www/apache13: upgrade IPv6 patch to
the latest one.
* kit/ports/zebra, kit/pkgsrc/net/zebra: use master distribution 0.63.

Thu Apr 29 22:26:34 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Fixed proposal length when transform payload was created.
- Fixed the way to deal with nonces. When phase 2 rekeying happened,
and to reverse initiator and responder happened, then I dealed with
nonces reversely. Those effected to compute hash and keymat.
- Merged isakmp_compute_hash1() and isakmp_compute_hash2().

Thu Apr 29 17:26:48 JST 1999 sakane@ydc.co.jp
* kit/src/tcpdump/print-isakmp.c:
Fixed a trivial bugs. It was mistaken to print transform id.

Thu Apr 29 16:26:44 JST 1999 itojun@iijlab.net
* kit/sbin/ifconfig (BSDI): make "prefixlen" keyword work properly
as expected (sorry I'm embarrassed).

1999-04-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* netstat/mroute6.c (mroute6pr): when printing the multicast
forwarding cache whose incoming interface is unknown, print
`---' instead of the magic number itself.
Note that the kernel source should also be updated.

1999-04-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/vif.c (start_vif): set random delay before sending
the 1st PIM hello message in order to avoid hello message storm in
a bootstrap phase.
suggested by: Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr>

Thu Apr 29 01:25:36 JST 1999 itojun@iijlab.net
* kit/src/dtcp: Dynamic Tunnel Configuration Protocol daemon/client.
It will let you configure IPv6-over-IPv4 tunnel dynamically with
APOP-like authentication.
The protocol was proposed by Peter Tattam of Trumpet.
NOTE: you'll need to install IPv6-ready ruby interpreter, by using
kit/ports/ruby (or kit/pkgsrc/lang/ruby).

From: Peter Tattam <peter@jazz-1.trumpet.com.au>

1999-04-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/pim6.c (send_pim6): used sendmsg() with IPV6_PKTINFO
cmsg instead of sendto in order to specify the outgoing interface
and the source address.
Thanks to:
Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr> for finding a
problem in the old version and sending a patch.

1999-04-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/pim6dd/main.c (main): modified to call init_routesock after
making a child process, since the pid to access the routing socket
must be consistent.
Thanks to:
David PATE <pate@dpt-info.u-strasbg.fr> for finding the problem.
Mickael Hoerdt <mhoerdt@iutsud.u-strasbg.fr> for sending a patch.

1999-04-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_mroute.c (del_m6if): added a sanity check in del_m6if to
prevent kernel hangups, and modified to use in6_ifreq{} instead of
ifreq{} to avoid invalid memory access.

Wed Apr 28 19:26:48 JST 1999 itojun@iijlab.net
* kit/pkgsrc/audio/icecast, kit/ports/icecast:
use new IPv6 patch. It is now possible to transfer mp3 files
over UDPv[46] multicast packets. This is really fun!

Wed Apr 28 14:30:22 JST 1999 itojun@iijlab.net
* sys/netinet{,6} (BSDI 3.1): sync IPsec policy management code with
FreeBSD 2.2.8. This automatically removes many bugs in IPsec code,
simplifies policy management (but SPD is now mandatory), and adds
flexibility in packet formats.
However, IPv6 IPsec is now broken. Also, IPv4 IPsec is unstable
due to memory management bugs.
TODO: regress tests

Wed Apr 28 14:28:28 JST 1999 itojun@iijlab.net
* sys/netinet{,6} (FreeBSD 2.2.8): do not strip TCP/UDP header from
mbuf, until ipsec policy engine checks the headers.

Wed Apr 28 05:19:07 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Fixed the way to search SPD. It always searched outbound SPD.

Tue Apr 27 02:59:50 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Racoon become to do exchange tunnel mode. She gets the
encryption mode from kernel by PF_KEY and set to SA payload later,
so ignores the directive "encryption mode".
XXX: There have been rekeying problems yet.
I believe that it's local address of phase 1 as proxy address
whenever doing pfkey_update, and it's remote address of phase 1
as proxy address whenever doing pfkey_update.

- Added IPSECDOI_ATTR_ENC_MODE_DEFAULT as transport mode
for the default of encryption mode.

- Arranged the function to set SA attribute.

Tue Apr 27 02:13:26 JST 1999 sakane@ydc.co.jp
* sys/netinet/ip_input.c,sys/netinet6/ip6_input.c:
Stoped to remove M_AUTHIPDGM, not M_AUTHIPHDR, from m_flags.
It caused checking policy of ESP inbound tunnel to be failed.

NOTE: I believe that M_AUTHIPHDR will obstruct as such above
when checking AH inbound tunnel policy, too.

Mon Apr 26 09:35:34 JST 1999 itojun@iijlab.net
* sys/i386/isa/kms.c (BSDI): Keyboard mouse driver implemented by
Keisuke Uehara <kei@wide.ad.jp>. Makes cursor keypad behave as
mouse cursor movement. /dev/kms0 will speak bus mouse protocol.

Not very KAME thing, but is really useful addition for notebooks.

1999-04-23 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd/bgp.c: for passively opened BGP4+ connection, use
the configured value of local preference.
Thanks to fujisaki@nttslb.slab.ntt.co.jp for pointing it out.

Fri Apr 23 15:32:45 JST 1999 itojun@iijlab.net
* kit/ports/fwtk6 (FreeBSD 2.2.8): TIS firewall toolkit, modified for
IPv6 connections. NOTE: you'll need to get original fwtk 2.1 by
yourself (you must read and agree the license agreement from TIS).

From: Hajimu UMEMOTO <ume@mahoroba.org>

Fri Apr 23 01:07:41 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Fixed the problem that key_get(), and rarely key_dump(), return error
code but error didn't happen.

Thu Apr 22 18:16:06 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
'path' directive is added for post-command execution.
NOTE: This do update PATH, not to be added.

Thu Apr 22 17:45:16 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Before post-command excution, set local and remote addresses of
phase 1 to environment value named RACOON_INFO.

1999-04-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6_rtr.c (in6_ifdel): made sure that leave the solicited-node
multicast address associated with the deleted address. Also
call in6_savemkludge() before freeing the ifaddr structure.

1999-04-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* mld6.c (mld6_sendpkt): looped an MLD6 packet back to the sending
node if the node is a multicast router, which has been disabled by
`ifdef notyet' although we already have multicast routing.

1999-04-22 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in6.c (in6_control): automatically embed a link-local interface
index of a destination address specified via the
SIOCAIFADDR_IN6 command.

1999/04/22 16:36:54 JST shin@nd.net.fujitsu.co.jp
* sys/netinet/tcp_input.c (FreeBSD3.1):
Bug Fix: call ip6_savecontrol() also other than when
accepting the connection.

Thu Apr 22 12:41:14 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Fixed the problem of phase 2 negotiation. Now it gets success
the negotiation of phase 2.
XXX: There is phase *1* rekeying problem while phase *2*
negotiation.

Thu Apr 22 06:10:52 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- Added new directive "post-command" for racoon configuration. When
IKE phase 1 negotiation has been finished, then this is excuted.
"post-command" consists three directive;
"exec" defines to excute command when phase 1
negotiation has been completed.
"success" defines to excute command when `exec' command
was success.
"failure" defines to excute command when `exec' command
was failure.
- kmpstat can trigger to start negotiation of phase 1. Usage is
that, e.g.
# kmpstat establish-sa ike inet 192.168.0.1

1999-04-21 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/rtadvd/config.c (getconfig): clear the configuration buffer
if the specified does not exist in the configuration file, which
is necessary to avoid to use a configuration for another interface
by mistake.
* src/rtadvd/if.c (get_next_msg): added RTM_GET case in the search
loop.

Wed Apr 21 11:44:11 JST 1999 itojun@iijlab.net
* kit/src/rtsol: bring interface down, then up, before sending RS.
This is a workaround for pcmcia ethernet card drivers (used on
notebooks). It looks that some of the drivers do not initialize
multicast packet filter properly on suspend/resume session, and
RA (to ff02::1) cannot be received on the interface after resume.
It looks that down-then-up solves most of the cases.

TODO: if this solves the problem, /etc/pccard.conf (or
/etc/card.conf) should perform down-then-up on resume.

Wed Apr 21 04:01:21 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
- TODO has been updated.

- With port numbers and prefixes, phase 2 exchange is available.
We need some time for the stability. It's on testing to do
exchanging IPsec tunnel mode.
- It's became to begin phase 2 negotiation by IPsec-SA expiration.

- s/LDUR/LD/ and s/LTYPE/LD_TYPE/, because of clarification.
- Begin the trying to manage IPsec SA by queue(3). But I have no
idea to manage the SA parameters directly.
- Begin the trying to manage the IPsec-SA exchange by IPsec SA list.
XXX MUST support multi SA exchange.
- Modified some code for ANSI-C.
- A lot of modification.

Wed Apr 21 00:58:39 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/src/rrenumd:
-parser fix for recognizing match{-,_}prefix and use{-,_}prefix
-cmsghdr related msglen operaton bug fix
-enabled sending to IPv4 destination
(though, receiver side is also need to be enhanced to receive it)

Tue Apr 20 21:19:16 JST 1999 itojun@iijlab.net
* kit/sys/netinet/altq_red.c: fix IPv6 header parsing code.

From: hiddy@sfc.wide.ad.jp

1999/04/20 17:55:31 JST shin@nd.net.fujitsu.co.jp
* sys/netinet/in_gif.c, sys/netinet6/in6_gif.c
synced between BSDs

Tue Apr 20 15:26:49 JST 1999 itojun@iijlab.net
* kit/usr.bin/vmstat (BSDI, FreeBSD 2.2.8, NetBSD): source code
included in the tree (just need a recompilation, to make "vmstat -m"
work).

Tue Apr 20 10:45:44 JST 1999 itojun@iijlab.net
* kit/ports/zebra (FreeBSD 2.2.8/3.1):
* kit/pkgsrc/net/zebra (NetBSD): upgraded to 19990420 snapshot.

Tue Apr 20 10:36:52 JST 1999 sakane@ydc.co.jp
* sys/netkey/key.c:
Modified a bit of ipsec_setsecidx() to get IP address
and port from mbuf.
ASSUMED: basic header is placed continuously in a mbuf.

Mon Apr 19 21:02:24 JST 1999 itojun@iijlab.net
* kit/ports/mpg123 (FreeBSD 2.2.8, 3.1):
* kit/pkgsrc/audio/mpg123 (NetBSD): MPEG audio layer 3 player.
(embeded HTTP support code is updated for IPv6 HTTP)

Mon Apr 19 19:35:35 JST 1999 itojun@iijlab.net
* kit/ports/icecast (FreeBSD 2.2.8, 3.1):
* kit/pkgsrc/audio/icecast (NetBSD): icecast MP3 broadcasting system.
based on version 1.1.3 of the original distribution.

Mon Apr 19 19:32:44 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet/tcp.h,tcp_input.c,tcp_output.c,tcp_subr.c, tcp_var.h
sys/netinet6/ip6_output.c,ip6_var.h (FreeBSD3.1):
mainly fixes for considering IPv6 more enough on mss calcuration.
-added v6mssdflt
-added sysctl for setting v6mssdflt
-added ip6_exthdrsiz() and let it check supposed sending v6 ext
headers total len, and remove that from mss
-made output checksum part more clear(I belive essentially no change)

Mon Apr 19 15:04:43 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/rev_v6_address (FreeBSD 2.2.8): a representing PTR
records tool for mainting DNS.
* kit/ports/geta (FreeBSD 2.2.8): GET Address - simple IPv4/IPv6
address resolver

Mon Apr 19 14:24:43 JST 1999 itojun@iijlab.net
* sys/netinet6: Add automatic flow-labelling support in kernel,
for all operating systems.
(see CHANGELOG entry on Sun Apr 4 02:24:00 JST 1999)

Sun Apr 18 16:45:18 JST 1999 sakane@ydc.co.jp
* sys/netkey/keyv2.h
Added PFKEY_ADDR_PREFIX() for convenience.
Fixed the word, s/PFKEY_ADDR_PORT/PFKEY_ADDR_PROTO/

Sun Apr 18 09:39:25 JST 1999 itojun@iijlab.net
* kit/ports/libident6 (FreeBSD 2.2.8): identd library for
IPv6 connetions.
* kit/ports/pident6d (FreeBSD 2.2.8): identd for IPv6 connetions.

From: Hajimu UMEMOTO <ume@mahoroba.org>

Sat Apr 17 13:13:41 JST 1999 itojun@iijlab.net
* kit/pkgsrc/lang/python (NetBSD): python 1.5.2 with IPv6 support.

Sat Apr 17 11:22:29 JST 1999 itojun@iijlab.net
* kit/ports/python (FreeBSD 2.2.8): python 1.5.1 with IPv6 support.

Sat Apr 17 01:33:01 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade to 1999/4/16 snapshot.

Fri Apr 16 18:16:04 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/, kit/ports/altq (FreeBSD31):
updated ALTQ to 1.1.3

Fri Apr 16 10:20:39 JST 1999 itojun@iijlab.net
* kit/ports/sendmail6, kit/pkgsrc/mail/sendmail6:
upgrade to 8.9.3 + IPv6 patch version W3.2.

Thu Apr 15 18:04:49 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet/tcp_input.c, tcp_subr.c (FreeBSD3.1):
rewrite tcp_respond() because it has incorrect pointer
reference bug. this caused keep alive packet with incorrect
checksum, and let long lived tcp connection die.
now tcp should become more stable.

Thu Apr 15 14:53:34 JST 1999 itojun@iijlab.net
* kit/ports/mediator: added port directory for Mediator DNS relay
resolver daemon. NOTE: the master distribution is restricted so
most of you will not be able to compile this.
* kit/ports/kaffe: port for IPv6-ready kaffe (IPv6 patch by INRIA
guys). Not finished yet.

Thu Apr 15 08:57:24 JST 1999 shigeya@foretune.co.jp
* kit/src/man: add kame(4).

Thu Apr 14 JST 1999 itojun@iijlab.net
* kit/src/libinet6: Made getaddrinfo.c and getnameinfo.c compilable
on most platforms (do not define INET6). This should be useful
when making applications IPv6-aware (supply KAME getaddrinfo.c in
"missing" directory and use AC_REPLACE_FUNCS(getaddrinfo) in
configure.in).

Wed Apr 14 20:57:13 JST 1999 sakane@ydc.co.jp
* kit/src/racoon:
Added the sending some administration commands to kmpstat.
reload config, show schedule, show several SA,
delete several SA, flush several SAs, establish several SA
Added to handle some administration commands to admin.c. There are
some commands have not been supported yet, and these aren't tested
sufficiently.
XXX: should be specified the efficient formats for
the communication which is between racoon and kmpstat.
Changed default port for administration.
racoon.conf is obsoleted by ibm.conf.

Wed Apr 14 18:26:14 JST 1999 itojun@iijlab.net
* kit/ports/{ct,v6eval} (FreeBSD 2.2.8): TAHI IPv6 conformance test
kit, released today (0.1). See http://www.tahi.org/ for details.

1999-04-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* raw_ip6.c (rip6_usrreq): fixed a bug of (possible) NULL pointer
access in PRU_CONNECT case in rip6_usrreq. FreeBSD 3.1 version
has the same problem in rip6_connect(), which was fixed as well.

Wed Apr 14 01:20:23 JST 1999 itojun@iijlab.net
* kit/ports/ruby, kit/pkgsrc/lang/ruby:
upgrade to ruby 1.2.5 with latest IPv6 patch.

Tue Apr 13 18:06:03 JST 1999 itojun@iijlab.net
* kit/ports/ruby, kit/pkgsrc/lang/ruby:
object oriented scripting language "ruby" 1.2.4 with IPv6 support.

Tue Apr 13 10:45:00 JST 1999 sakane@ydc.co.jp
* kit/src/libipsec:
Added EIPSEC_INVAL_PREFIXLEN into ipsec_strerror.h.
To handle prefix, added `prefixlen' to the parameter
in pfkey_send_{add,update,delete,get}().

Mon Apr 12 21:21:59 JST 1999 itojun@iijlab.net
* sys/netinet/in_gif.c, sys/netinet6/in6_gif.c:
(1) check IFF_LINK0 on ingress, as specified in the manpage.
(2) do not encapsulate if IFF_LINK0 is down and physical destination
address is not configured.
(3) check if physical source equals to dst on the packet, on egress
when IFF_LINK is enabled.

Mon Apr 12 11:34:02 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c: clear tentative bit without DAD, when
net.inet6.ip6.dad_count equals 0. (this is a bug - sorry)

Sun Apr 11 21:04:05 JST 1999 shin@nd.net.fujitsu.co.jp
* usr.sbin/inetd (FreeBSD3.1):
enabled to specify tcp6 as protocol type in inet6d.conf.
when it is specified, the opened AF_INET6 socket don't accept
IPv4 connection.

Sun Apr 11 18:18:56 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/ports/ppp (FreeBSD):
IPv6 patch level upgrade.
-filter specification bug fix
-added debug mode(never become daemon in any mode)
-when using ppp created ifid, try to use common ifid at first
on any ppp connection.

1999-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/libinet6/ip6opt.c : implemented inet6_option_alloc(),
inet6_option_next() and inet6_option_find() functions.

1999-04-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_input.c (ip6_savecontrol): implemented IN6P_HOPOPTS,
IN6P_DSTOPTS and IN6P_RTHDR options in order to get Hop-by-hop
options, destination options and routing headers by a userland
application.

Sat Apr 10 12:17:08 JST 1999 itojun@iijlab.net
* sys/netinet6/in6_gif.c, sys/netinet/in_gif.c:
Add ECN friendly mode to gif interface. "ifconfig gifX ilnk1"
should enable "ECN allowed" behavior (see draft-ipsec-ecn-00),
and ECN bits will be copied on ingress and egress.

"Copying ECN bit on ingress" violates of RFC1933 (which says
that outer IPv4 TOS bit should be 0). This should be used under
mutual agreement with tunnel endpoint.

Fri Apr 9 22:53:28 JST 1999 itojun@iijlab.net
* kit/ports/zebra, kit/pkgsrc/net/zebra: upgrade original distribution
to 1999/4/8 snapshot. ospf6d is in the tree but not compilable.
we really are looking forward to test ospf6d!

Fri Apr 9 22:24:44 JST 1999 itojun@iijlab.net
* kit/src/route6d/route6d.c: avoid hardcoding # of interfaces.
now you should be able to handle as many interfaces as you can.
# of interfaces is obtained on startup time, so it cannot handle
dynamically added interfaces at runtime.

Fri Apr 9 JST 1999 itojun@iijlab.net
* sys/netinet6: implement setsockopt(IPV6_FAITH) for NetBSD and BSDI.
(see CHANGELOG on Fri Apr 2 20:00:23 JST 1999)

Fri Apr 9 20:44:55 JST 1999 itojun@iijlab.net
* sys/netinet/ip_ecn.[ch]: move ECN friendly ingress/egress code into
separate function, for better code reuse.
Populate ECN friendly IPsec tunnel code to all the platforms.

1999/04/09 20:26:03 JST shin@nd.net.fujitsu.co.jp
    usr.bin/netstat (FreeBSD3.1):
-print only inet socket at "-f inet"
-print inet6 socket at "-f inet6"
-print inet6 addr correctly for inet6 socket

Fri Apr 8 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c (BSDI): (experimental)
Implement heuristics against DAD NS loopback. See source code
for detail; it may be better than dad_ignore_ns, but not very
perfect and may violate spec anyway.

1999-04-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6.c (nd6_output): if the interface is other than Ethernet and
FDDI, simply put the packet into the interface instead of tring
to resolve the next hop.

1999-04-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* raw_ip6.c (rip6_usrreq): for PRU_BIND, added a check to see
if the specified address is valid(e.g. not deprececated).
For PRU_CONNECT, used in6_selectsrc() in order to fill in the
source address field.

Thu Apr 8 20:14:45 JST 1999 itojun@iijlab.net
* kit/src/faithd: get # of interfaces by using if_nameindex().

Thu Apr 8 19:39:01 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c (BSDI): (experimental)
ignore incoming DAD NS packet, if dad_ignore_ns is set to 1.

By setting dad_ignore_ns to 1 (by bpatch maybe), you'll be able to
ignore DAD faults by drivers which loops packets back to itself
on promisc mode.
However, (1) you'll not be able to detect simultaneous DAD activity
on the subnet, nor same MAC address on the subnet (-> SparcStation2)
(2) it is not spec conformant behavior.

I dunno how many drivers are faulty, but at least BSDI mz driver
(which is my favorite) is broken, so would like to test this code.

Thu Apr 8 17:06:32 JST 1999 itojun@iijlab.net
* kit/src/v6test: changed config file directory to PREFIX/share/v6test.

Thu Apr 8 17:01:42 JST 1999 itojun@iijlab.net
* kit/src/libinet6/getaddrinfo.c: (1) do not attach canonname
"localhost" to ::1 and 127.0.0.1. The name may not be ubiquitously
available.
(2) add comment about get_addr() call when AI_CANONNAME is given for
numeric address. it is a bit strange that we do addr->name
translation here...

1999-04-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_output): If a hop-by-hop options header is
contained in an outgoing packet, examine and process it,
which behavior is required in the base IPv6 spec(RFC 2460).
Note that some other code relating to option processing was
also modified.

1999-04-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_insert_jumboopt): fixed a bug that
the function does not adjust the length field of an already
existing hop-by-hop header.
Thanks to Kenjiro Komaki <komaki@mt.cs.keio.ac.jp> for finding the
problem.

Wed Apr 7 23:42:55 JST 1999 itojun@iijlab.net
* kit/etc/rc.net6: add "sleep" after interface configuration. now
DAD will be performed for global addresses too, and we have to
wait till DAD's completion before invoking daemons.

Wed Apr 7 18:46:17 JST 1999 itojun@iijlab.net
* kit/lib/libftpio(FreeBSD 2.2.8): try EPSV in IPv4 case too,
because EPSV behaves better for translators. Also, try EPRT in
IPv4 case too.

Wed Apr 7 18:02:28 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet6/nd6_rtr.c: don't care link local addr
state and every time do DAD in in6_ifadd().

Wed Apr 7 17:28:17 JST 1999 itojun@iijlab.net
* kit/src/ndp: Print out expired prefix as "expired",
not by negative lifetime value.
* kit/sbin/ifconfig: Do not print negative value for interface address
lifetime. This sometimes happens if you invoke ifconfig on the
expiration time.
* sys/netinet6/nd6*.c: Fix RA prefix information validation for
lifetime values. It now works as expected (RFC2462 5.5.3 (e) or
Jim Bound's rule - default is Jim Bound's rule).
(1) Do not remove prefix information in the kernel (struct
nd6_prefix) on expiration. Will be removed after
NDPR_KEEP_EXPIRED seconds. We need old prefix information for
validation purposes.
(2) Do not remove interface address when prefix information is
removed. Their lifetime is managed separately.
(3) Clarify validation rules for lifetime fields in RA prefix
information.

Wed Apr 7 14:29:46 JST 1999 itojun@iijlab.net
* sys/net/if.c (except BSDI 3.1): fix where we call in6_if_up() on
ioctls. (this is a routine to trap IFF_UP positive edge -
mainly for DAD)

1999-04-07 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6.c (nd6_output): was newly implemented, which is called from
ip6_output instead of ifp->if_output. The change mainly aims to
perform neighbor unreachability detection even if the outgoing
interface is not up.
NOTE: The change is still experimental and needs more tests.
So, it is not enabled unless the `NEWIP6OUTPUT' kernel
configuration option is specified.

Wed Apr 7 03:06:54 JST 1999 itojun@iijlab.net
* kit/libexec/ftpd (NetBSD): fix EPRT.
* kit/usr.bin/ftp (NetBSD, FreeBSD2): try EPSV in IPv4 case too,
because EPSV behaves better for translators. Also, try EPRT in
IPv4 case too.

1999-04-06 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* FreeBSD 2.2.8: merged Alteon Gigabit Ether driver from
http://www.freebsd.org/~wpaul/Alteon/
We believe that it supports IPv6 as well, but we have not
tested yet.

Tue Apr 6 22:25:41 JST 1999 itojun@iijlab.net
* kit/src/libpcap: Allow tcpdump on ATM interface for FreeBSD.
DLT type for ATM is defined in OS-supplied bpf.h, so follow that
value in libpcap/net/bpf.h.

Tue Apr 6 19:40:52 JST 1999 itojun@iijlab.net
* kit/etc/rc.net6: on router, perform "ifconfig up" before configuring
interface to wait for DAD's completion.

Tue Apr 6 18:50:27 JST 1999 itojun@iijlab.net
* kit/ports/ucd-snmp, kit/pkgsrc/net/ucd-snmp:
upgrade to 3.6.1 with latest IPv6 patch.
NOTE: on NetBSD, snmpnetstat is not working right. this is a bug in
original distribution (ucd-snmp 3.6.1).

Tue Apr 6 18:00:08 JST 1999 itojun@iijlab.net
* kit/Makefile: install documents in kit/* into
$(PREFIX)/share/doc/kame (usually PREFIX = /usr/local/v6).

Tue Apr 6 12:45:51 JST 1999 itojun@iijlab.net
* kit/src/rtadvd: If old prefix configuration directive ("addr"
without "addrs") appears on rtadvd.conf, show warning to syslog and
exit. This should help people who forgot to update old
configuration file.

1999-04-05 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* [NetBSD]in6.c (in6_control): fixed a bug that `ifconfig delete'
does not work correctly.

Mon Apr 5 17:39:54 JST 1999 itojun@iijlab.net
* kit/ports/lynx (FreeBSD 2.2.8/3.1)
* kit/pkgsrc/www/lynx (NetBSD 1.3.3): updated IPv6 patch.
IPv4 numeric address in URL is now handled correctly.
(this was broken by IPv6 patch...)

Mon Apr 5 13:00:48 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/ucd-snmp: (NetBSD 1.3.3)
GNU_CONFIGURE settings in bsd.pkg.mk caused trouble with ucd-snmp,
and snmpd hanged up on some specific queries. Now it is fixed and
working fine.
From: yuo@nui.org

Mon Apr 5 04:17:51 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/ports/ppp (FreeBSD):
IPv6 patch level upgrade.
some more debug, improvement, and man fix.
-set ifid only for link local addr
-search MYADDRINET6 first, and then MYADDR

Sun Apr 4 02:24:00 JST 1999 itojun@iijlab.net
* sys/netinet6: Add automatic flow-labelling support in kernel.
tcp6 inbound and outbound connection, and udp6 outbound packets
after connect(), will have flow label field filled in with a sequence
number (will be unique for 2^20 connections). Flow label portion
of sin6_flowinfo will be ignored.
This can be turned off by setting net.inet6.ip6.auto_flowlabel sysctl
variable into 0 (default is 1). If the value is 0, the value
in sin6_flowinfo will be used.
(experimental, KAME/FreeBSD 2.2.8 only)

Background:
Semantics of flow label is still rather vague. The semantics of
sin6_flowinfo field is also vabue. Some of us fear that,
if we leave it as is, nobody will be using flow label. We would
like to start by (1) marking as many connections as possible
with flow labels, then (2) try some QoS/diffserv things with the
marked traffic, then (3) think about how we should go forward.

TODO: other better support for flowlabel, such as filling
sin6_flowinfo on inbound traffic.

1999-04-03 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/rtsold: changed to watch interface flags and to probe
advertising routers when an interface becomes up or down.

Sat Apr 3 11:27:18 JST 1999 itojun@iijlab.net
* kit/ports/lynx (FreeBSD 2.2.8/3.1)
* kit/pkgsrc/www/lynx (NetBSD 1.3.3): updated IPv6 patch.

Fri Apr 2 20:00:23 JST 1999 itojun@iijlab.net
* sys/netinet6, kit/src/faithd: implement setsockopt(IPV6_FAITH).
setsockopt(IPV6_FAITH) is now required to accept TCP
conection toward FAITH-relayed prefixes. This will affect
faithd daemon only, and this will protect other daemons (like
sendmail or httpd) from mistakingly accepting FAITH'ed TCP
connections.
(experimental, KAME/FreeBSD 2.2.8 only)

Fri Apr 2 20:00:23 JST 1999 itojun@iijlab.net
* sys/netinet6/icmp6.c: Receive important ICMPv6 messages toward
FAITH'ed prefixes. This is required to make PMTUD work for
FAITH'ed TCP6 connections.

1999/04/02 16:33:03 JST shin@nd.net.fujitsu.co.jp
* kit/src/rtadvd:
Check dest interface's if_flagss and if not IFF_UP, don't send RA
to the interface. If it become IFF_UP again, restart sending RA to it.
Also, made if.h and added some common definitions to it.
Some debug on rtmsg type checking procedure.

Fri Apr 2 12:55:28 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/ports/ppp (FreeBSD 2.2.8, 3.1):
update v6 patch level. fix several bugs and man fix.

1999-04-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* if.c (ifioctl): if an interface's mtu is changed by SIOCSIFMTU,
also change the ND6 level mtu associated with the interface.

1999-04-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_output): prevented IPv6 level fragmentation
on a link that does not support link-level fragmentation.
XXX: currently we don't have any method to check if a link
supports link-level fragmentation.

<199903>
Wed Mar 31 12:42:28 JST 1999 itojun@iijlab.net
* kit/src/faithd: stabilize plain TCP relay.
- connection timeout will be measured for both diretions - timeout
won't happen if there's some data stream for either of the
directions.
TODO: tcp.c shouldn't fork(), for process table conservation...
- explicitly set SO_SNDTIMEO, to correctly detect write overflow
(= client side or server side disconnected the connection during
write)
 
Wed Mar 31 12:42:28 JST 1999 itojun@iijlab.net
* sys/netinet6: remove old FAITH implementation and user interface
knob, namely net.inet6.ip6.faith_prefix.
* kit/src/faith: make it a shell script for backward compatibility.

Tue Mar 30 23:21:05 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_rtr.c: (1) do not use tentative or duplicated
link-local address as the seed for autoconfiguration.
(2) changed how kernel detects "fresh" prefix on RA packet.

Tue Mar 30 12:32:33 JST 1999 itojun@iijlab.net
* sys/netinet6 (FreeBSD 3): merge in new faith code.
Now all operating systems are "new faith" ready.
(see changelog on Thu Mar 11 00:27:55 JST 1999 for details)

Tue Mar 30 02:04:12 JST 1999 itojun@iijlab.net
* kit/src/faithd: disconnect inactive sessions in 30 minutes,
to avoid stale connection to chewing up system resources.
TODO: should it be configurable?

Mon Mar 29 18:41:06 JST 1999 itojun@iijlab.net
* sys/netinet6/in6.c, kit/sbin/ifconfig: (NetBSD and FreeBSD 2.2.8)
Support "ifconfig vltime" and "ifconfig pltime" for altering
interface address lifetime.
See CHANGELOG on Wed Mar 24 15:06:25 JST 1999 for detail.

Mon Mar 29 17:20:23 JST 1999 itojun@iijlab.net
NetBSD pkgsrc catch-ups.
* kit/pkgsrc/net/wget: port for wget 1.5.3.
* kit/pkgsrc/net/zebra: upgraded to 19990327 snapshot.
* kit/pkgsrc/net/apache: upgraded to 1.3.6 + latest IPv6 patch.
* kit/pkgsrc/net/ncftp3: upgrade to use latest IPv6 patch
(see CHANGELOG on Thu Mar 25 16:21:11 JST 1999 by sumikawa).

1999-03-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_setmoptions): when joining a node-local scope
multicast group, choose the loopback interface as the default
interface.

1999-03-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_output.c (ip6_output), in6_pcb.c (in6_selectsrc):
   added some consideration for node-local multicast addresses:
- route outgoing packets to the loopback interface
- choose the source address from the loopback
interface(typically it's the loopback address, ::1).

1999/03/29 01:42:43 JST shin@nd.net.fujitsu.co.jp
* kit/ports/ppp:
upgrade to 990309 version.

Mon Mar 29 01:41:04 JST 1999 itojun@iijlab.net
* kit/ports/zebra (FreeBSD 2.2.8): upgrade to 19990327 snapshot.

1999/03/29 00:35:42 JST shin@nd.net.fujitsu.co.jp
* sys/net/if_tun.c (FreeBSD2.2.8, 3.1):
-Bug Fix: return ENOBUFS when M_PREPEND fails
-removed unused function

Sun Mar 28 00:37:36 JST 1999 itojun@iijlab.net
* sys/netinet{,6}/tcp{,6}_subr.c: fix mbuf length computation bug
in ipsec[46]_hdrsiz_tcp().
From: Tomomi Suzuki <suzuki@grelot.elec.ryukoku.ac.jp>

Sat Mar 27 07:17:34 JST 1999 sumikawa@ebina.hitachi.co.jp

* kit/ports/wget: (FreeBSD 2.2.8): wget 1.5.3 with IPv6 support
patch (by shimojou@ebina.hitachi.co.jp)

1999-03-27 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.c (icmp6_redirect_output): fixed memory leak, that occurs
in a case where the function is called but no redirect should be
sent.

Fri Mar 26 20:51:28 JST 1999 itojun@iijlab.net
* sys/netinet6: IPsec tunnel is now friendly with ECN (Explicit
Congestion Notification). Behavior can be configured in per-host
manner with sysctl, not per-SA manner.
http://www.aciri.org/floyd/papers/draft-ipsec-ecn-00.txt

Fri Mar 26 12:11:03 JST 1999 shin@nd.net.fujitsu.co.jp
* src/sys/netinet/in_pcb.c (FreeBSD 3.1):
Bug Fix: added necessary next list entry replacement in for loop.
Also, use LIST macro.
Now infinite loop problem should have been fixed.

Fri Mar 26 03:04:10 JST 1999 itojun@iijlab.net
* kit/ports/apache13 (FreeBSD 2.2.8): update to apache 1.3.6.
(need some regression test...)

Fri Mar 26 JST 1999 itojun@iijlab.net
* sys/netinet6/ip6_output.c: boundary check for
IPV6_{UNI,MULTI}CAST_HOPS is added as described in spec.

Thu Mar 25 16:21:11 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/ncftp3 (FreeBSD 2.2.8): update port
- try 'EPSV' connection first on IPv4 and IPv6 passive
connection
- remove hard coded number

Thu Mar 25 15:32:54 JST 1999 itojun@iijlab.net
* kit/src/faithd: fix "my address" determination. previous code
was caress about sin6_scope_id and sin6_port when comparing
interface address with getsockname().

Thu Mar 25 13:41:08 JST 1999 itojun@iijlab.net
* kit/src/faithd: -p option lets you get IPv4 privileged src port
(port < 1024).

1999/03/24 23:26:50 JST shin@nd.net.fujitsu.co.jp
* kit/ports/perl5 (FreeBSD 3.1):
upgraded to perl5.005_55.(developer release)

Wed Mar 24 15:06:25 JST 1999 itojun@iijlab.net
* sys/netinet6/in6.c, kit/sbin/ifconfig (BSDI):
ioctl interface is modified to allow (privileged) userland program
to modify interface address lifetime. ifconfig option "vltime" nad
"pltime" are implemented.

Tue Mar 23 21:56:52 JST 1999 itojun@iijlab.net
* sys/dev/pci/aeon.c (NetBSD 1.3.3): Invertex AEON crypto/compression
card driver (ported from OpenBSD).

TODO: compression support in the driver
TODO: userland interface (/dev/lzs? /dev/md5? /dev/sha1?)
TODO: hook for KAME IPsec (this is a hard one...)

Tue Mar 23 19:05:00 JST 1999 itojun@iijlab.net
* kit/sbin/ifconfig: add -L option, which displays address lifetime
for IPv6 addresses.

Tue Mar 23 18:03:41 JST 1999 itojun@iijlab.net
* sys/netinet6 (NetBSD 1.3.3): merge in new faith code.
(see changelog on Thu Mar 11 00:27:55 JST 1999 for details)

Tue Mar 23 10:30:46 JST 1999 itojun@iijlab.net
* kit/src/ndp: generate timestamp on "ndp -t -A 1", to make output
merge-able with tcpdump's output.

1999-03-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/ping6: added -a option in order to support the ICMP node
information node addresses Qtype.

1999-03-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.c: supported ICMPv6 node information the FQDN and node
addresses Qtypes.

1999-03-19 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* in6.c (in6_setmaxmtu): was newly added to recalculate the
maximum MTU for outgoing IPv6 packets. The function is called
when there is a possibility of a change of the MTU.

Fri Mar 19 04:18:00 JST 1999 sakane@ydc.co.jp
* kit/src/libipsec:
For handling tunnel mode, Added parameter for proxy address to
pfkey_send_add() and pfkey_send_update().

Thu Mar 18 17:56:19 JST 1999 itojun@iijlab.net
* kit/src/faithd: update faith_prefix determination.

if USE_ROUTE is defined, faithd will determine faith_prefix
by the following
algorithm:
- if the getsockname() matches any of my interface address,
it is toward myself (not for translator).
- otherwise, it is for translator.
This behavior is for new "faith" pseudo interface support,
implemented in BSDI and FreeBSD 2.2.8 (at this moment).
sysctl MIB for faith_prefix is meaningless in this case.

if USE_ROUTE is not defined, faithd will determine faith_prefix
by the following algorithm:
- if the getsockname() matches faith_prefix (registered
via sysctl) it is for translator.
- otherwise, it is for myself.
This behavior is for old "faith" implementation.

Thu Mar 18 15:28:28 JST 1999 itojun@iijlab.net
* kit/bin/route/route.c (BSD/OS 3.1): allow interface route to be
added by "route add -inet6 foobaa -interface if0".

Thu Mar 18 14:27:24 JST 1999 itojun@iijlab.net
* sys/netinet6 (BSD/OS 3.1): remove HYDRANGEA_COMPAT compile option,
which is VERY obsolete. If there's anybody relied on this, please
migrate to advanced API.

Thu Mar 18 14:20:56 JST 1999 itojun@iijlab.net
* sys/netinet6 (BSD/OS 3.1): merge in new faith code. userland should
be updated soon.
(see changelog on Thu Mar 11 00:27:55 JST 1999 for details)

Wed Mar 17 16:39:18 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/ports (FreeBSD 3.1): updated and made buildable many ports
as FreeBSD 2.2.8 update.
added: ncftp3, squid11, wbd
updated: apach13(to 1.3.4), mrt(to 1.5.2a), heimdal(to 0.1c),
sendmail6(to 8.9.2), gated-ipv6 (to snapshot-0399),
lynx(to 2.8.1rel.1), tcptrace(to 5.1.1), vat6(to 19981109),
vnc(to 3.3.2r3)
TODO: buildability check -> XFree86, mozilla
to be compilable -> perl5, ppp, ucd-snmp
update(also with kernel) -> altq

Wed Mar 17 09:15:12 JST 1999 sakane@ydc.co.jp
* sys/netkey/keyv2.h
Added two macros for utilization to make sadb message,
PFKEY_ADDR_PORT() and PFKEY_ADDR_SADDR().

Wed Mar 17 08:32:29 JST 1999 sakane@ydc.co.jp
* kit/src/libipsec
Fixed pfkey_sadump() to print the values of lifetime extension.

1999-03-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* sys/netinet6/ip6_output.c (ip6_output): changed to use the MTU
for fragmentation advertised via RA (if specified) instead of the
link MTU.

1999-03-16 Atsushi Onoe <onoe@sm.sony.co.jp>
* kit/src/traceroute6/traceroute6.c: support source route (-g)
option.

1999-03-16 Atsushi Onoe <onoe@sm.sony.co.jp>
* kit/src/libinet6/rthdr.c: fix return value of inet6_rthdr_getaddr().

Tue Mar 16 15:24:22 JST 1999 sakane@ydc.co.jp
* src/netinet6,netinet,netkey
* kit/src/libipsec,setkey,racoon,ping6,traceroute,traceroute6
* kit/sbin/ping:
* kit/usr.bin/telnet:

IPsec policy engine has been changed drastically.
Now it's NOT valid for old syntax to manage SPD by setkey.
You must use new syntax to configurate that.
XXX MUST be written many manuals.

The policy is managed by either setsockopt() or setkey
like following:

By calling setsockopt(3):

To set policy,
setsockopt(s, IPPROTO_IPV6, IPV6_IPSEC_POLICY, policy, len);
setsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY, policy, len);

To delete policy,
close(s);

To get policy,
getsockopt(s, IPPROTO_IPV6, IPV6_IPSEC_POLICY, policy, &len);
getsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY, policy, &len);

`policy' is the binary data formated sadb_x_policy defined
netkey/keyv2.h. You can make `policy' you want by calling
ipsec_set_policy(). for example:

ipsec_set_policy(buffer, "ipsec ah/use esp/use/10.0.0.1");
NOTE: You must allocate buffer sufficiently.

By setkey command for administrater:
spdadd 10.0.0.1 10.0.0.2 icmp -P bypass;
spdadd 3ffe:501:4819::1 3ffe:501:481d::1 tcp -P ah/use;

The argument `policy' follow to -P option is below,

policy := policy_type [ipsec_request [ipsec_reqeust[...]]]
policy_type := "discard", "none", "ipsec"
ipsec_request := protocol "/" level ["/" proxy_address]
protocol := "esp", "ah"
level := "default", "use", "require"

Some user land command can configurate policy.
i.g.
ping -P "ipsec ah/require/192.168.0.1" 10.0.0.1
telnet -P "ipsec ah/use esp/use" 10.0.0.2

The argument `policy' follow to -P option is below,

policy := policy_type [ipsec_request [ipsec_reqeust[...]]]
policy_type := "ipsec", "entrust", "bypass"
ipsec_request := protocol "/" level ["/" proxy_address]
protocol := "esp", "ah"
level := "default", "use", "require"

Be attention to `policy_type' against the case of using setkey.

XXX traceroute6 and ping6 were fixed, but don't use IPsec
XXX because kernel hasn't had IPsec code for IPv6 yet.
  
Added IPsec library for users convenience.

Racoon
synchronized new ipsec.
output warning message in configure when using OpenSSL.

Calcurated hdr size of ESP/AH that predicted along with policy.
Returned max header size if no SA present.

Modified INBOUND policy check.
Added rejecting code to icmp{,6}_input.

Added a flag of mbuf:
M_AUTHIPDGM that is set when ther is ICV in packet.

Re-arranged mbuf flags about IPsec.
M_AUTHIPDHR data origin authentication for IP header
M_DECRYPTED confidentiality
M_AUTHIPDGM data origin authentication

Merged rejecting code about INET{,6}

Fixed callout_handle for FreeBSD3.x. XXX NOT tested.
Mereged key_newsa() and key_newsa2().
Arranged the code of key_setsaval().

Taking IN_ADDR in sockaddr as network byte order.
XXX that is violate to section 2. PF_KEY Message Format in RFC2367.

Changed semantics of sadb_lifetime_usetime.
XXX expiration check.
We operate CURRENT sadb_lifetime_usetime as the time,
in seconds, when association was last used. For HARD and SOFT,
the number of seconds after the last use of the association
until it expires.

We select the number of flows as the conecpt of
sadb_lifetime_allocations. So we increment the one
whenever calling {esp,ah}_{in,out}put.

Fixed memory leak when calling key_sendup without socket registerd.
That caused kernel to be crash when using SADB_X_PROMISC or mulsti
sockets registerd by SADB_REGISTER.

Added to fix m_len in ipsec?_in_reject() when following both situation.
- internet PCB exists.
- m_pkthdr.len != m_len.
XXX It's quick hack.
XXX With either socket or pcb, we should call IPsec stack.

Enclosed the part of identity extension processing in key_acquire().
XXX identity extension must be a record per src/dst or nothing.
XXX We don't have the way to regist proper identity record, By PF_KEY ?

Tue Mar 16 13:50:26 JST 1999 itojun@iijlab.net
* kit/ports/gated-ipv6 (FreeBSD 2.2.8):
* kit/pkgsrc/net/gated-ipv6 (NetBSD 1.3.3):
update to use 99/3 snapshot. this is based on public snapshot
and should require no manual fetching (correct me if I'm wrong).

Tue Mar 16 06:30:58 JST 1999 itojun@iijlab.net
* sys/netinet6/icmp6.c: do not generate icmp6 error against redirects.
this is a bit experimental but this change is decided in ipngwg.

Mon Mar 15 19:38:54 JST 1999 shin@nd.net.fujitsu.co.jp
* src/libexec/ftpd (FreeBSD 3.1):
-enabled data connection on v4 mapped addr connection
-enabled passive mode for AF_INET (also on v4 mapped addr)
-enabled TCP_NOPUSH
-added PORTRANGE option for AF_INET6 (experimental?)

Mon Mar 15 14:39:33 JST 1999 shin@nd.net.fujitsu.co.jp
* src/sys/netinet6/in6_ifattach.c (FreeBSD 3.1):
Bug Fix: correctly link ::1 to lo0 ifaddr list.

Sun Mar 14 06:42:10 JST 1999 shin@nd.net.fujitsu.co.jp
* src/sys/netinet/tcp_subr.c (FreeBSD 3.1):
fixed ip length of reset packet at tcp_respond().

Sun Mar 14 02:07:05 JST 1999 itojun@iijlab.net
* kit/ports/apache13 (FreeBSD 2.2.8):
* kit/pkgsrc/www/apache13 (NetBSD 1.3.3):
update IPv6 patch to version 19990314.
Now NameVirtualHost accepts hostname and port separately.

1999-03-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd/bgp.c (bgp_process_update): fixed memory leak.
If you use BGP4+ using bgpd, you should apply the fix.

Fri Mar 12 14:47:57 JST 1999 shin@nd.net.fujitsu.co.jp
* src/sys/net/if_spppsubr.c (FreeBSD 3.1):
merged cisco_hdlc support for sppp.
(patch is given from fujiwara@rcac.tdi.co.jp. thanks very much!)

Fri Mar 12 14:47:12 JST 1999 shin@nd.net.fujitsu.co.jp
* src/sys/netinet6/in6.c (FreeBSD 3.1):
Bug Fix: free correct ifa pointer at SIOCDIFADDR_IN6.
Also removed ifa(not so used), and use &ia->ia_ifa instead.
(kernel panic at IPv6 address remove problem is fixed)

Thu Mar 11 19:07:50 JST 1999 shin@nd.net.fujitsu.co.jp
* src/usr.bin/netstat (FreeBSD 3.1):
enabled "netstat -s -f inet6"

Thu Mar 11 17:42:18 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet/tcp_*(FreeBSD 3.1):
Bug Fix:
-backup ip_ver after in_cksum() at tcp_input() for later ver check.
-add isipv6 arg to tcp_respond() and not check ip_ver in it.
-fixed some tcp_template related macro definitions.
(Now kernel panic problem seems to be fixed!)

Thu Mar 11 00:27:55 JST 1999 itojun@iijlab.net
* sys (FreeBSD 2.2.8): experimental update to FAITH firewall-oriented
TCP relaying code. Now we have pseudo interface called faith[0-9].

Packets routed toward faith[0-9] interface will be sent to the
upper-layers for TCP relaying. Userland part (faithd daemon) is
unchanged. There's no "faith prefix" (faith -p foo) configuration
necessary. You'll just need to set up routing table toward
faith[0-9], and then enable faith (faith -e).

For backward compatibility, the kernel will behave just as before
if you have no pseudo interface faith[0-9] configured.

Wed Mar 10 16:11:19 JST 1999 itojun@iijlab.net
* kit/lib/libskey/Makefile: (FreeBSD 2.2.8):
Do not build shlib for IPv6-ready libskey by default.
NOTE: Please remove /usr/local/v6/lib/libskey.* if you are unsure
about the side effects.

If a user installs shlib version of libskey to /usr/local/v6/lib,
and she does not add /usr/local/v6/lib into shlib search path,
ftpd will fail to communicate with ftp (because of "shlib version
too old" message they become out of sync). We go for safer side.

Tue Mar 9 11:07:40 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/netinet/tcp_subr.c (FreeBSD 3.1.0)
Bug Fix: correctly copy t_template into IPv6 or IPv4
header. (However, kernel panic problem is not seemed to be
fixed yet.)

Mon Mar 8 22:39:09 JST 1999 itojun@iijlab.net
* kit/ports/heimdal (FreeBSD 2.2.8)
* kit/pkgsrc/security/heimdal (NetBSD 1.3.3)
update master distribution to 0.1c.

Mon Mar 8 12:44:11 JST 1999 itojun@iijlab.net
* kit/ports/ethereal (FreeBSD 2.2.8): ethereal packet analyzer 0.5.1
with IPv6 support patch.

Wed Mar 3 23:05:32 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6.c: if non-host route is given to nd6_resolve(),
lookup again by itself. This case happens when non-clone route
lookup is performed in upper layers (for example, NetBSD PRU_CONNECT
code in raw_ip6.c) and the route is given all the way down to
nd6_resolve(), via ip6_output() and ether_output().

XXX check side-effects with care

Wed Mar 3 20:06:05 JST 1999 itojun@iijlab.net
* sys (FreeBSD 3.1): remove files that are removed during 3.0-RELEASE
to 3.1-RELEASE, from KAME repository. sync GENERIC.v6 to GENERIC.

1999-03-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* nd6.c (nd6_slowtimo): newly implemented. The function is called
once an hour and recomputes new random values of reachable time if
necessary.

1999-03-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* mbuf.h (MINCLSIZE) [FreeBSD 2.2.8 and BSDI 3.1]:
changed the definition from MHLEN+MLEN to MHLEN+1 in order to
conform to a KAME's requirement for device drivers.
Note: The change may cause unexpected problems. In such a case,
we'll restore the old definition.

1999-03-02 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/libinet6/ifname.c (if_nameindex): allocated enough memory
to store temporary data instead of using fixed size arrays
in order to handle arbitrary number of interfaces.
* src/libinet6/ifname.c (if_indextoname): fixed a bug about
the return value of the function.

<199902>
Sun Feb 28 12:20:11 JST 1999 itojun@iijlab.net
* kit/pkgsrc/security/heimdal (NetBSD 1.3.3):
provides easy installation for "heimdal" kerberos5 implementation.

Sat Feb 27 17:38:51 JST 1999 itojun@iijlab.net
* sys/netinet6/nd6_nbr.c: revised warning messages on neighbor
solicitation packet input. it is now more informative.

Sat Feb 27 03:13:01 JST 1999 itojun@iijlab.net
* sys/netinet/ip_output.c, sys/netinet6/ip6_output.c:
getsockopt(ipsec related policy variable) caused kernel to SEGV
due to uninitialized pointer access.

Fri Feb 26 17:12:55 JST 1999 itojun@iijlab.net
* Source-address determination for NS output is now conformant to the
spec. The kernel will try to use the source address for the
prompting packet as the source address, when possible.
This may save a NS/NA exchange roundtrip.

Previously KAME always use scope-wise source address selection.
However, it looks that scope-wise selection is not best suitable for
NS output case. (old code is #if 0'ed and kept for a while)

Fri Feb 26 15:28:28 JST 1999 itojun@iijlab.net
* kit/ports/wbd (FreeBSD 2.2.8): use tcl/tk 8.0.
From: ishii@csl.sony.co.jp

Fri Feb 26 14:58:58 JST 1999 itojun@iijlab.net
* kit/ports/vnc: ORL is now AT&T Lab Cambridge, due to buyout.
master distribution URL has changed.
Reference: http://www.uk.research.att.com/vnc/announcement.html

Fri Feb 25 JST 1999 itojun@iijlab.net
* kit/src/man: repository for manpages that are not specific to
userland programs, such as inet6(4) or ipsec(4).

Thu Feb 25 16:20:42 JST 1999 itojun@iijlab.net
* sys/netinet/tcp_{input,output}.c (NetBSD 1.3.3):
IPv4 TCP now takes care about IPsec header sizes. Therefore,
there will be no extra fragmentation necessary.

XXX need more considerations on how to achieve this behavior

Thu Feb 25 13:27:03 JST 1999 itojun@iijlab.net
* sys/netinet/{esp,ah}_input.c: mbuf manipulation for IPsec tunnel
case is fixed. m_freem() was called twice for single mbuf,
and it made a node to hang up some time later.

1999-02-25 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* frag6.c (frag6_input): changed the processing when an incoming
fragment overlaps some existing fragments in the reassembly queue;
drop it instead of adjusting existing ones, which processing is better
from a security point of view.

Thu Feb 25 01:05:59 JST 1999 itojun@iijlab.net
* sys/netinet6/esp_output.c: merge esp4_output() and esp6_output() into
single function, esp_output(). this is for better code sharing
and less maintenance cost. cluster mbuf copying code (by jinmei)
is now used for both IPv4 and IPv6.

1999-02-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/rtadvd: added -c command line option to specify the
configuration file.

Wed Feb 24 22:26:24 JST 1999 itojun@iijlab.net
* sys/netinet/ip_icmp.c: Our code does not parse chained header
in icmp4 notification processing at this moment. Therefore, we
can't send notification to tcp layer for packet like "IPv4 AH TCP".
(The problem is NOT fixed, this log is just for memorandum)

1999-02-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* icmp6.c (icmp6_input): added `goto deliver' at the last
of the ICMP6_PACKET_TOO_BIG case.

1999-02-24 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* esp_output.c (esp6_output): before encryption, copied all mbufs
with cluster that is refereed more than once. This is inefficient,
but necessary to handle cases of TCP retransmission.
TODO: Similar process is necessary for esp4_output, too.

Wed Feb 24 19:48:09 JST 1999 itojun@iijlab.net
* sys/netinet6/icmp6.c: implement icmp6 rate limit check as separate
function. implement rate limiting in icmp6 redirect.

Tue Feb 23 17:20:10 JST 1999 itojun@iijlab.net
* kit/ports/tcptrace (FreeBSD 2.2.8)
* kit/pkgsrc/net/tcptrace (NetBSD 1.3.3): upgrade base version to 5.1.1.

Tue Feb 23 15:26:19 JST 1999 itojun@iijlab.net
* kit/pkgsrc/www/squid11 (NetBSD 1.3.3): new package for "squid" web
cache 1.1.22, with IPv6 support.

Tue Feb 23 00:12:16 JST 1999 itojun@iijlab.net
* kit/ports/heimdal (FreeBSD 2.2.8): upgrade to 0.1b.

Mon Feb 22 18:19:25 JST 1999 itojun@iijlab.net
* sys/netinet6/icmp6.c: icmp6_redirect_output():
changed handling of redirect header option, based on discussions
on IPv6imp mailing list. we now pad the original packet, if
the original packet is not 8-byte aligned.
(previously we always truncate the original packet)

Mon Feb 22 12:32:58 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/ncftp3 (FreeBSD 2.2.8): update to beta 18

Mon Feb 22 12:13:23 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/ncftp3 (NetBSD 1.3.3): Ncftp 3.0 beta 18, with IPv6
support.

Mon Feb 22 01:19:28 JST 1999 sumikawa@ebina.hitachi.co.jp
* kit/ports/ncftp3 (FreeBSD 2.2.8): IPv6 ports for Ncftp 3.0 beta 17

Sun Feb 21 07:16:44 JST 1999 itojun@iijlab.net
* kit/pkgsrc/net/mrt (NetBSD 1.3.3): update to 1.5.2a.

Sat Feb 20 01:08:22 JST 1999 itojun@iijlab.net
* kit/ports/vat6 (FreeBSD 2.2.8): library dependency path was wrong.
From: Martti Kuparinen <martti@research.zopps.fi>

Fri Feb 19 19:57:31 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/dev/ppbus/if_plip.c (FreeBSD 3.1): undefed TIMEOUT after
if.h inclusion, as temporal workaround for macro name conflict
with sys/net/if_altq.h.

Fri Feb 19 19:52:11 JST 1999 shin@nd.net.fujitsu.co.jp
* sys/i386/conf/GENERIC.v6 (FreeBSD 3.1): update as changes in
GENERIC.

Fri Feb 19 19:32:04 JST 1999 itojun@iijlab.net
* kit/ports/heimdal (FreeBSD 2.2.8): upgrade base version to 0.1a.

Fri Feb 19 16:41:49 JST 1999 shin@nd.net.fujitsu.co.jp
* (FreeBSD 3.1): 3.0 -> 3.1 diffs.

Fri Feb 19 16:11:49 JST 1999 shin@nd.net.fujitsu.co.jp
* kit/Makefile.kit (FreeBSD 3.0): changed ports tag name from
kame_300 to kame_310.

Fri Feb 19 15:48:25 JST 1999 shin@nd.net.fujitsu.co.jp
* usr.bin/telnet/commands.c
* usr.bin/netstat/main.c, mroute6.c
* libexec/rlogind/rlogind.c
fix of conflict at merging FreeBSD 3.1. (all conflicts merged
but no compile check yet)

Thu Feb 18 22:37:39 JST 1999 shin@nd.net.fujitsu.co.jp
* libexec/rshd/rshd.c
* usr.bin/Makefile
* usr.bin/fetch/fetch.1,fetch.h,ftp.c,http.c,main.c
* usr.bin/ftp/ftp.c
fixed conflicts importing from FreeBSD 3.1. (still one more)

Thu Feb 18 20:10:45 JST 1999 shin@nd.net.fujitsu.co.jp
* usr.bin/netstat/mbuf.c
* usr.bin/rsh/rsh.c
* usr.bin/telnet/telnet.1
* usr.bin/tftp/main.c,tftp.c
* sys/conf/files,
* sys/i386/conf/GENERIC,LINT,Makefile.i386
* sys/i386/isa/if_ed.c,if_ep.c,if_lnc.c,sio.c,if_fe.c
* sys/net/bridge.c
* sys/netinet/ip_input.c
fixed conflicts importing from FreeBSD 3.1. (there is still more)

Thu Feb 18 16:35:58 JST 1999 shin@nd.net.fujitsu.co.jp
* libexec/Makefile
* sys/netinet/ip_mroute.c, ip_output.c, tcp_input.c, tcp_subr.c,
tcp_var.h, udp_var.h
* sys/netkey/key.c, key_debug.c
* sys/pci/if_en_pci.c, sys/pci/if_tx.c
* sys/sys/malloc.h
fixed conflict of FreeBSD 3.1 merging. (there is still more)

Thu Feb 18 11:11:57 JST 1999 k-sugyou@kame.net
* kit/ports/squid11 (FreeBSD 2.2.8): package for squid-1.1.22 +
ipv6 patch.

1999-02-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_input.c (ip6_input, BSDI): merged the "goto ours" hack
from FreeBSD; use the routing table instead of linear search
        of ifaddrs.

1999-02-11 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd: fixed a bug that bgpd is core dumped when failing
to redistribute BGP updates.

1999-02-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_input.c (ip6_input): removed a redundant check in the
determination whether to accept an incoming packet.

Wed Feb 10 01:14:50 1999 Yoshinobu Inoue <shin@kame213.kame.net>
* sys/netinet/ip_fw.c (FreeBSD 3.0): added inclusion of
ip6.h with "ifdef INET6".

Wed Feb 10 00:26:58 1999 Yoshinobu Inoue <shin@kame213.kame.net>
* sys/net/tcp_output.c (FreeBSD 3.0): removed unused debug
code.

Tue Feb 9 22:41:36 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/net/if.c (FreeBSD 3.0): add "if 0" in ifa_ifwithnet()
to disable P2P dst check for adding route to
P2P interfaces(including gif), because usually IPv6 link local
destination address of P2P interface is unknown.
This is just a addition of same patch which had already been
applied to KAME FreeBSD2.2.X.

Fri Feb 5 16:32:16 CET 1999 itojun@iijlab.net
* kit/src/libinet6/getnameinfo.c: avoid function static variables
for better thread safe-ness.

Fri Feb 5 14:36:49 CET 1999 itojun@iijlab.net
* kit/ports/mrt (FreeBSD 2.2.8-RELEASE): update to 1.5.2a.

Wed Feb 3 19:34:54 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* kit/Makefile (FreeBSD 3.0): copy bgpd.conf.5 (sync with other
BSDs)

Wed Feb 3 19:24:20 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/pci/if_xl.c (FreeBSD 3.0): catch up to 1.22.2.1 (RELENG_3
branch in FreeBSD CVS repository, to sync with KAME FreeBSD 2.2.8.

Wed Feb 3 16:38:48 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/net/rtsock.c: work around to reset gw to correct
value at RTM_CHANGE. (this fixes IPv4 on-link communication
problem by "routed -q")

Wed Feb 3 12:47:52 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/netinet6: sync between KAME FreeBSD 2.2.8 and 3.0. (Also
changed draft reference to rfc reference)

Tue Feb 2 19:39:41 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/netkey/key.c, key_debug.c, keysock.c, keyv2.h : sync between
        KAME FreeBSD 2.2.8 and 3.0. (Also changed draft reference to rfc
        reference)

Tue Feb 2 18:58:45 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/netkey/key.c: sync between KAME FreeBSD 2.2.8 and 3.0

Tue Feb 2 18:23:26 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/netinet6/in6_var.h (FreeBSD 3.0-RELEASE): added SANITY CHECK
for IFP_TO_IA6(). (sync with KAME FreeBSD 2.2.8)

Tue Feb 2 16:40:55 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* src/prefix/prefix.c: init keeplen as (64 - uselen), because that
spec seems to be natural and easy to use.

Tue Feb 2 13:25:32 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/netinet/udp_usrreq.c (FreeBSD 3.0-RELEASE): Bug Fix:
fixed wrong pcb pointer reference in udp_input(). this will fix
the kernel halt bug at udp_input.

Mon Feb 1 01:44:46 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/i386/isa/if_lnc.h,if_lnc.c (FreeBSD 3.0-RELEASE):
Merged multicast support of 3.0 branch. Also allocate mbuf cluster
for packets which don't fit in one mbuf. However, no operational
check yet.

<199901>
Sun Jan 31 13:42:16 JST 1999 itojun@iijlab.net
* kit/ports/heimdal (FreeBSD 2.2.8-RELEASE): upgrade to 0.0u.

1999-01-29 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd/bgpd.conf.5: added an example of configuration

Fri Jan 29 14:05:06 JST 1999 itojun@iijlab.net
* kit/pkgsrc/www/lynx (NetBSD 1.3.3): package for lynx 2.8.1rel1 +
IPv6 support. ncurses is disabled for Japanese/Asian language
supports.

Fri Jan 29 13:53:30 JST 1999 itojun@iijlab.net
* kit/ports/lynx (FreeBSD 2.2.8): upgrade to lynx 2.8.1rel1 + IPv6
support. ncurses is disabled for Japanese/Asian language supports.

Thu Jan 28 18:29:03 JST 1999 sumikawa@ebina.hitachi.co.jp
* removed kit/ports/im (FreeBSD 2.2.8/3.0): our patches already
contains a standard package in FreeBSD 2.2.8/3.0

Wed Jan 27 23:20:28 JST 1999 itojun@iijlab.net
* kit/ports/wbd (FreeBSD 2.2.8): multicast shared whiteboard tool.

Tue Jan 26 15:45:19 JST 1999 itojun@iijlab.net
* sys/pci/if_xl.c (FreeBSD 2.2.8): catch up to 1.5.2.16 (RELENG_2_2
branch) in FreeBSD CVS repository.
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/pci/if_xl.c
  
this fixes bugs in xl_start() and xl_txeof(), which could lead your
machine to hangup by mbuf cluster shortage. merged in for
convenience.

Thu Jan 21 02:56:47 JST 1999 itojun@iijlab.net
* sys (FreeBSD 2.2.8): incorporate ALTQ 1.1.3.
* kit/ports/altq (FreeBSD 2.2.8): use ALTQ 1.1.3.
* kit/pkgsrc/net/altq (NetBSD 1.3.3): use ALTQ 1.1.3. However,
as the package directory only compiles ATM PVC tools, there should
be no significant changes.

Wed Jan 20 15:07:45 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* (FreeBSD 3.0): removed src/sys files that are already removed
from FreeBSD 3.0.
sys/i386/scsi 93cx6.c 93cx6.h advansys.c advansys.h
aic7xxx.c aic7xxx.h bt.c btreg.h

Tue Jan 19 20:42:17 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* (FreeBSD 3.0): removed src/sys files that are already removed
from FreeBSD 3.0.
sys/scsi README cd.c ch.c od.c pt.c scsi_all.h
                             scsi_base.c scsi_cd.h scsi_changer.h
                             scsi_debug.h scsi_disk.h scsi_driver.c
                             scsi_driver.h scsi_generic.h scsi_ioctl.c
                             scsi_message.h scsi_sense.c scsi_tape.h
                             scsi_worm.h scsiconf.c scsiconf.h
                             sctarg.c sd.c ssc.c st.c su.c uk.c worm.c
sys/kern init_sysvec.c kern_opt.c
sys/conf files.newconf
sys/dev/ppbus vpo.h
sys/dev/slice disklabel.c mbr.c slice.4 slice.h
                             slice_base.c slice_device.c
                             slices.thought
sys/i386/eisa aha1742.c aic7770.c bt74x.c
sys/i386/i386/ mountroot.c
sys/i386/include conf.h
sys/i386/isa aha1542.c bt5xx-445.c
sys/pci aic7870.c bt9xx.c
sys/sys dpt.h netbsd_syscall.h netbsd_syscall.mk
sys/vm device_pager.h

Tue Jan 19 19:23:36 JST 1999 itojun@iijlab.net
* kit/ports/tcptrace (FreeBSD 2.2.8/3.0)
* kit/pkgsrc/net/tcptrace (NetBSD): tcptrace 5.1.0, with tiny
patch for IPv6 support.

Tue Jan 19 14:00:26 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* src/sys/net/if_spppsubr.c (FreeBSD 3.0): wrapped def of macro
UNTIMEOUT and TIMEOUT by ifndef, because that is also defined
in net/if_altq.h.

Tue Jan 19 13:02:00 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* src/sys/sys/systm.h, src/sys/kern/subr_prf.c (FreeBSD 3.0):
imported from FreeBSD-current.
* src/sys/kern/init_sysvec.c, kern_opt.c (FreeBSD 3.0):
removed files which are already removed from FreeBSD 3.0.

Tue Jan 19 11:39:04 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* src/sys/net/if_sppp.h, if_spppsubr.c (FreeBSD 3.0): imported
from FreeBSD-current.

Tue Jan 19 11:03:30 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* kit/Makefile.kit (FreeBSD 3.0): removed target include-300.diff
because that is not necessary for usual developer any more.

Tue Jan 19 10:42:47 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* src/sys/netinet/ip_input.c (FreeBSD 3.0): changed ip_reass()
to return (struct mbuf *). if 0'ed m_pullup of mbuf cluster.
left m_pkthdr.len calculation part in ip_reass() as KAME patched,
to prefer readability for now.
Thank you for w.knowles@niwa.cri.nz for finding out this problem
and contributing patch.

Mon Jan 18 20:09:15 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* kit/Makefile(FreeBSD 3.0): Separate make-unnecessary dir from
SUBDIR. Added checking and linking of etc dir.

Mon Jan 18 20:03:17 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* src/include/Makefile(FreeBSD 3.0): mkdir install dir under
/usr/include, if it doesn't exist. now you can make, make install
header files under kit/usrc/include.

Mon Jan 18 19:23:57 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* src/etc(FreeBSD 3.0): import of /usr/src/etc from 3.0 RELEASE.

Mon Jan 18 18:29:09 JST 1999 itojun@iijlab.net
* kit/ports/socks64 (FreeBSD 2.2.8/3.0)
* kit/pkgsrc/net/socks64 (NetBSD)
upgrade original distribution to socks5 1.0r8 with new socks64(IPv6)
patch.
NOTE: NEC now requires you to fetch the distribution from their
webpage by yourself, with signing a form.

Mon Jan 18 11:44:12 JST 1999 itojun@iijlab.net
* sys (FreeBSD 2.2.8 and 3.0): backout KAME changes to sys/protosw.h,
and made netinet packet processing compatible with traditional BSD
way. See below (Jan 16 21:13) for more details.

Mon Jan 18 03:31:02 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/net (FreeBSD 3.0): Sync some files with kame_228.
(However, if_spppsubr.c is not yet. INET6 support for this code
will need to be reimplemented)

Mon Jan 18 03:26:28 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/netinet/ip_input.c (FreeBSD 3.0): Bug fix: Prevent kernel
panic when fragmentation occurred. Patch contributed by Wayne
Knowles. However, this might be temporal fix. Will need to change
ip_reass() to meet KAME mbuf requirement.

Sun Jan 17 21:13:44 JST 1999 itojun@iijlab.net
* sys (BSDI): backout KAME changes to sys/protosw.h, and made netinet
packet processing compatible with traditional BSD way. See
below (Jan 16 21:13) for more details.

Sat Jan 16 14:48:09 GMT 1999 itojun@iijlab.net
* kit/pkgsrc/net/altq (NetBSD): altq 1.1.2 package. This package
installs ATM PVC tools only, as there's no ALTQ support in NetBSD
yet.
* sys/net/if_atm*, sys/dev/ic/midway* (NetBSD):
ATM PVC pseudo device (pvc0) support from altq 1.1.2.
Refer to manpage and http://www.kame.net/newsletter/19980701/ for
details and usage.

Sat Jan 16 21:13:43 JST 1999 itojun@iijlab.net
* sys (NetBSD): eliminate all warnings by:
- backout KAME changes to sys/protosw.h, and
- define netinet6/ip6protosw.h for IPv6 protocol switch.
Now the kernel compiles without warnings. Even with -Werror it
compiles fine (tested on i386 architecture).
  
Good thing about the change: KAME should be more friendly with
other protocol families (such as netns, but not really tested).
Bad point: if kernel receives an IPv4 packet with too many chained
headers, input processing routine may chew up the kernel stack.
For example, if the kernel receives IPv4 packet with tons of
IPsec headers, kernel stack overflow (and panic) may result.
For IPv6, we use KAME onion-peeling mechanism and is safer
from kernel stack usage point of view.
 
1999-01-16 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd: heavy improvements;
- many bugs were fix, including backup route recovery and
search algorithm for peers.
- supported a new configuration option to specify the local address
for a BGP4+ connection.
- separated BGP input buffers per peer base and implemented
non blocking read to prevent deadlock.

1999-01-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd: bug fix;
- Some fixes about memory management(including memory leak and
duplicated free)
- Fixed a problem that bgpd sometimes mistakenly regards a doubly
opened connection as a fatal error(and stops).

Wed Jan 13 17:38:01 JST 1999 itojun@iijlab.net
* kit/ports/ucd-snmp (FreeBSD), kit/pkgsrc/net/ucd-snmp (NetBSD):
upgrade IPv6 patch for ucd-snmp 3.5.3 port. Now it is available on
NetBSD too.

Wed Jan 13 12:51:48 JST 1999 itojun@iijlab.net
* kit/ports/sendmail6: (FreeBSD) upgrade master distribution to
8.9.2+new IPv6 patch.
* kit/pkgsrc/mail/sendmail6: (NetBSD) upgrade master distribution to
8.9.2+new IPv6 patch.

Wed Jan 13 11:07:58 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/net/rtsock.c: removed unused variable. (as netbsd fix)

Wed Jan 13 00:25:43 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* kit/libexec/route6d/udp6stat.c: Bug fix: wrong pointer was freed.

Tue Jan 12 17:26:48 JST 1999 itojun@iijlab.net
* kit/libexec/ftpd, kit/usr.bin/ftp: (NetBSD) added EPRT/EPSV support.

Tue Jan 12 16:03:30 JST 1999 itojun@iijlab.net
* kit/pkgsrc/www/apache13: (NetBSD) upgrade base version to 1.3.4.
* kit/ports/apache13: (FreeBSD) upgrade base version to 1.3.4.

Tue Jan 12 02:49:57 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* kit/src/route6d/udp6stat.c
Display protocol version(v4, v6) of pcb entries.

Tue Jan 12 02:20:51 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* kit/src/route6d/udp6stat.c
Made it also work on KAME for FreeBSD 3.0.

Mon Jan 11 23:09:40 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* kit/libexec/ftpd/ftpcmd.y: Bug fix: fixed == to =.

1999-01-08 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* ip6_input.c (ip6_input): fixed a bug that prevented hosts from
receiving non-link local multicast packets.
TODO: more clarification of error codes from ip6_mforward() so that
we can accept packets unless the errors are fatal.
Thanks to: Niels Baggesen <Niels.Baggesen@uni-c.dk>

Fri Jan 8 14:36:01 JST 1999 itojun@iijlab.net
* kit/pkgsrc: (NetBSD) package building system for NetBSD. We'll be
adding IPv6-ready packages into here.
mail: fetchmail qpopper sendmail6
net: bind8 mrt socks64 v6tun wu-ftpd zebra
security: ssh tcpd6
www: apache13
are ready at this moment. Note that some of the packages are
derived from KAME/FreeBSD ports, and they may install files
into different places from standard NetBSD packages.

Thu Jan 7 23:59:24 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* kit/usr.sbin/lpr/lpd/lpd.c: changed (caddr_t *) to caddr_t.

1999-01-07 Atsushi Onoe <onoe@sm.sony.co.jp>
* sys/sys/socket.h, sys/net/if.h: change the member name of
struct sockaddr_storage: e.g. ss_family -> __ss_family;
and define IF_NAMESIZE in if.h to conform bsd-api-new-05.

NOTE: some of applications in "port" collection fails to compile
due to the change. Please be warned.

1999-01-07 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* src/bgpd/bgp.c: some bug fixes and enhancements;
- allowed the `prepend' keyword to takes an argument, which specifies
number of iteration of prepending. See bgpd.conf.5.
- fixed a bug that an off-link IBGP next-hop is mistakenly
installed to kernel in some cases.

Thu Jan 7 15:41:19 JST 1999 itojun@iijlab.net
* sys/netkey/keydb.h: KMALLOC/KFREE macro used in pfkey/ipsec conflict
with NetBSD/FreeBSD IP filter code. avoided the conflict for all
of OSes we support.

Thu Jan 7 15:13:13 1999 Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
* sys/netinet6/nd6_rtr.c:
Previous fix for address lifetime initialization was incomplete.
Added missing fixes, and put same parts into new function,
in6_init_address_ltimes().

Thu Jan 7 15:01:49 JST 1999 itojun@iijlab.net
* kit/src/send-pr: kame-send-pr is now provided so that command line
users can submit KAME problem reports at ease.

Tue Jan 5 18:26:15 JST 1999 itojun@iijlab.net
* kit/ports/vnc: upgrade base version to 3.3.2r3.
* kit/ports/mrt: upgrade base version to 1.5.1a.
* kit/ports/fetchmail: upgrade base version to 4.7.4.
* kit/ports/zebra: upgrade base version to 981222.
* kit/ports/qmail: qmail 1.03 with IPv6 support. Testers wanted
(I'm biased to sendmail).
Something went wrong with that request. Please try again.