Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

241 lines (197 sloc) 10.188 kb
CHANGELOG for KAME kit
$KAME: CHANGELOG,v 1.2565 2004/03/14 10:39:14 jinmei Exp $
<200403>
2004-03-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd4/sys/kern/uipc_syscalls.c (sockargs): allow more than
MLEN bytes for ancillary data to meet the requirement in Section
20.1 of RFC3542. (Still not large enough though, because the new
upper limit is MCLBYTES).
2004-03-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/mld6.c (mld_input): use a local sockaddr_in6
structure to match multicast addresses in order to handle
multicast scope correctly.
In response to a report from Kentarou.Oohara@jp.yokogawa.com.
2004-03-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/nd6.c (nd6_output): fixed overkilling about
the "dst" argument to this function. The caller side were fixed
accordingly. This change also contains a bug fix about incorrect
arguments to rtalloc1().
2004-03-12 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_output. (ip6_output): recovered some
features related address scope lost for a while:
- use scope6_check_id() for the first hop of a routing header in
case the default scope zone is specified and the 1st hop is a
scoped address.
- recovered scope zone boundary check in ip6_output(). Without
this, an application can originate a packet that breaks the
scope boundary for the source or destination address.
2004-03-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet/icmp6.h (MLD_LISTENER_REDUCTION): defined
as an alias of MLD_LISTENER_DONE to be compliant to RFC3542.
2004-03-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_mroute.c (ip6_mdq): recovered scope zone
check.
2004-03-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (icmp6_reflect): made sure to provide
a valid sockaddr_in6 structure with regards to scope zone. With
the previous code, multicasted echo requests were not properly
responded. Additionally, a forwarding node could not return an
ICMPv6 error if the source of the erroneous packet was link-local.
2004-03-10 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_forward.c (ip6_forward): recovered scope
zone boundary check for the destination address.
2004-03-09 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_output.c (ip6_setmoptions): disallowed the
use of the unspecified address for IPV6_JOIN_GROUP and
IPV6_LEAVE_GROUP. The special case is not documented in the
official API specification, and for whatever purpose, this should
actually have not been working for a long time.
2004-03-04 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* freebsd4/sys/netinet/tcp*.c:
FreeBSD Security Advisory: FreeBSD-SA-04:04.tcp
<200402>
2004-02-28 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/ip6_output.c (ip6_setmoptions): explicitly
handle the case where a non-0 interface index points to a NULL
ifp in the process of IPV6_LEAVE_GROUP.
Fri Feb 20 03:00:51 JST 2004 itojun@iijlab.net
* kame/sys/netinet6/ipsec.c: implement ipcomp tunnel mode (outbound)
for IPv6. inbound processing is not implemented yet.
2004-02-17 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* kame/sys/netinet6/icmp6.c, ip6_input.c,
freebsd4/sys/netinet6/raw_ip6.c: applies per-socket MSF at
ICMPv6 layer, instead of IPv6 layer, to stop rejecting
MLDv2 Group/Source-Group-Specific Queries.
(ToDo: *BSDs, IGMPv3, confirm behaviour...)
2004-02-14 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ifmcstat/ifmcstat.c (in[6]_multientry): avoid
inserting redundant blank lines.
2004-02-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* freebsd4/sys/netinet6/in6_pcb.c (in6_setsockaddr):
* freebsd4/sys/netinet6/in6_pcb.c (in6_setpeeraddr):
corrected the behavior of these functions for scoped addresses
(had been buggy for a very short period).
2004-02-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/ping6/ping6.c (pr_pack): printed the arriving
interface index explicitly with the -v option, instead of setting
sin6_scope_id to the index automatically (the latter is not always
correct).
2004-02-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (icmp6_error2): introduced as a
wrapper for icmp6_error() to recover lost scope zone information
(if any). This also fixed a recent bug that an ICMPv6 error when
ND failed cannot be returned for a scoped destination.
2004-02-13 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/icmp6.c (icmp6_reflect): fixed a very recent
bug that source address selection did not check the correct
address.
Fri Feb 13 12:03:32 JST 2004 keiichi@iij.ad.jp
draft-ietf-mip6-mipext-advapi-00 support.
2004-02-06 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* freebsd[45]/sys/kern/sysv_shm.c:
FreeBSD Security Advisory: FreeBSD-SA-04:02.shmat
2004-02-06 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* kame/sys/netinet6/in6_msf.[ch]
freebsd4/sys/netinet6/udp6_usrreq.c: implemented per-socket/interface
MSF-check functions, instead of embedding in UDP layer.
2004-02-05 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* kame/sys/netinet6/{in6.c, mld6.c, mldv2.c}: creates mldv2.c to
concentrate almost all the MLDv2-related functions on this file
(just for maintenance convenience); mld6.c or mldv2.c are used
exclusively depending on your kernel configuration.
* kame/sys/netinet6/{in6_ifattach.c, in6_msf.c, in6_var.h,
ip6_output.c, nd6.c}: renamed MLDv2-ready in6_multi manupulation
functions to reduce the number of 'ifdef MLDV2'
Tue Feb 3 16:26:08 JST 2004 itojun@iijlab.net
* sys: move away from in6_{get,set}pktaddrs framework, go back to
embedded scopeid in s6_addr16[1]. this is to make *BSD merge easier.
for now MLDv2, MIP6, SCTP, DCCP, non-netbsd are broken.
2004-02-02 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* kame/sys/netinet6/in6_msf.[ch], ip6_output.c: sync with
mldv2-20031021 to prohibit improper MSF delta-API call.
2004-02-01 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/kame/mcastread/mcastread.c (get_socket): set the
SO_REUSEPORT option for the receiving socket so that multiple
processes on a node can run this program for the same group and
port.
<200401>
2004-01-26 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>
* kame/sys/netinet6/mld6.c (mld6_input):
* kame/kame/pim6sd/mld6.c (accept_mld6):
discard MLD packets with the unspecified source address as
specified in RFC3590.
Jan 2004 itojun@iijlab.net
* sctp patch #17
1) Changes the hb random number to 64 bit value.
2) Expands the protection of when a peer sends a ACK
for a TSN we have not sent we abort. This used to
only be the cum-ack. It now expands to include out
of order segments.
3) Reverse the order of test for shutdown-rcv vs shutdown_pending.
M Tuexen found that we would get a shutdown, the app close the
socket, and then we would send SHUTDOWN instead of SHUTDOWN-ACK when
the queue cleared.
4) TCP model enhancment to obey so_qlimit - found by Marko Lindholm
5) IN_MULTICAST in Open and Net BSD do NOT need ntohl() - found by
Marko Lindholm
6) More enhancment of base freebsd port for the effort to get to M
Tuexen something
that can get into Max X
7) Alternate route is deleted and becomes a patch from the sctp.org web
site.
8) Kozuka-san's enhancment to TCP model association lookup.
9) SOme more FreeBSD version 5 stuff.
* sctp: fix misuse of "int" where "u_int32_t" is required
* sctp: portability issue w/ freebsd (timersub/add/cmp)
* sctp patch #18
1) Add (in addtion to your changes) the htonl()
2) Missed patch you have not gotten to with same int/u_int32_t issue
3) Patches from peter adding to BASE_FREEBSD port code.
4) Patches for OpenBSD ... a compile issue with 3.4 caught by
Kozuka-san
Sat Jan 24 18:18:27 JST 2004 keiichi@iij.ad.jp
* kame/sys/net/if_hif.[hc], kame/sys/netinet6/mip6_icmp6.c
made a mobile node send a mobile prefix solicitation message
when it receives an unsolicited mobile prefix adv message.
detected by the v6pc certification WG test suite.
Sat Jan 24 18:15:08 JST 2004 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_mncore.c
- made a mobile node send a mobile prefix solicitation message
when it receives a binding ack message with status code 1.
- made a mobile node send a home registration message before
the current binding expires even when a refresh interval
is not explicitly specified by its home agent.
detected by the v6pc certification WG test suite.
2004-01-23 MOMOSE Tsuyoshi <momose@momose.org>
* mip6control:
Add a new option '-N' to show the list of nounces that a host
maintains as a correspondent node.
2004-01-22 MOMOSE Tsuyoshi <t-momose@netlab.nec.co.jp>
* kame/kame/had/haadic.c:
A global home agent address is registerred even
if on-link flag in a prefix information option
isn't set. The problem is found and discussed at
the 5th TAHI introp test event.
2004-01-20 SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
* kame/kame/dhcp6
supported DHCPv6 option for SIP servers (RFC3319).
Mon Jan 19 16:15:48 JST 2004 keiichi@iij.ad.jp
* kame/sys/netinet6/dest6.c
send a binding error message when CN receives a home
address option which includes an inappropriate address.
detected by the v6pc certification WG test suite.
Mon Jan 19 16:14:14 JST 2004 keiichi@iij.ad.jp
* kame/sys/netinet6/mip6_hacore.c:
convert ICMPv6 time exceeded to address unreachable, when
receiving an error packet from Mobile IPv6 tunnel interface.
detected by the v6pc certification WG test suite.
Fri Jan 16 JST 2004 itojun@iijlab.net
* racoon/isakmp_inf.c: validation of hash payload was missing.
code from IIJ SEIL team. [attack script is in public knowledge,
users of racoon must upgrade]
Tue Jan 13 13:06:53 JST 2004 itojun@iijlab.net
* sys/netinet6/ipsec.c: spelling and memory leak fix.
from Bjoern A. Zeeb.
Mon Jan 4 JST 2004 itojun@iijlab.net
* rtsold: remove pidfile creation, pid was needed only for debugging
purposes.
Jump to Line
Something went wrong with that request. Please try again.