Skip to content
Fetching contributors…
Cannot retrieve contributors at this time
454 lines (379 sloc) 19.5 KB
$KAME: CHANGELOG,v 1.2104 2002/03/17 22:04:56 jinmei Exp $
2002-03-18 JINMEI, Tatuya <>
* kame/sys/netinet6/ah_input.c (ah6_ctlinput):
* kame/sys/netinet6/esp_input.c (esp6_ctlinput):
corrected arguments to key_allocsa(). This fix is very important
if you use IPsec, because key_allocsa() in recent snaps has a
strong validation check which will cause kernel panic against
bogus values.
2002-03-18 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_output.c (ip6_output): do not update the
"dst" address, which is the next-hop address, for multicast
destinations. Otherwise, the layer 2 destination address would be
2002-03-17 JINMEI, Tatuya <>
* freebsd4/sys/netinet6/udp6_usrreq.c (udp6_input): corrected
address matching rules for incoming multicast packets, as
suggested by Konstantin KABASSANOV <>
Without the change, multicast applications that binds the
receiving socket with the multicast address would fail to accept
incoming packets.
Fri Mar 15 19:45:40 JST 2002
* sys/netinet6/frag6.c: implement real lock around IPv6 reassembly code.
(netbsd/openbsd only)
Fri Mar 15 18:28:20 JST 2002
* netbsd/sys/netinet/tcp_subr.c: have tcp6_drain().
2002-03-10 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_mroute.c:
- made sure to attach packet addresses to every mbuf even after
- added a supplement function m_copy_withpktaddrs() for this
Thanks to: "Konstantin KABASSANOV" <>
for finding the problem and testing patches.
2002-03-03 JINMEI, Tatuya <>
* kame/kame/wru: added the -z option to specify the zone of the
destination, particularly for the default destination, ff02::1.
2002-03-03 JINMEI, Tatuya <>
* bsdi4/sys/netinet/tcp_subr.c (tcp6_ctlinput): loosened the
assertion check for the "inner" source. The check was so strong
that it caused kernel panic when the function called from
ip6_output() via pfctlinput2().
bsdi4 KAME snap users are recommended to apply this fix.
Sun Mar 3 01:51:54 JST 2002 Keiichi SHIMA <>
* kame/sys/netinet6/{in6.c|mip6.c|mip_var.h|nd6_rtr.c}
check the CoA when p2p address (like gif) is set. this enables
you to use MIP6 with molec.
2002-03-02 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_output.c (ip6_ctloutput, and related
- applied recent clarifications in rfc2292bis:
+ ignored IPV6_DONTFRAG and IPV6_RECVPATHMTU for TCP sockets
+ disallowed to set non-unspecified address by IPV6_PKTINFO for
TCP sockets
- corrected the return value from getsocketopt for IPV6_DONTFRAG and
2002-03-02 JINMEI, Tatuya <>
* kame/sys/netinet6/icmp6.c (icmp6_redirect_output): included
a target link layer address option in the redirect message for an
on-link destination as well as for a better router. This behavior
should be correct according to the specification.
Tue Feb 26 16:05:53 2002 SUMIKAWA Munechika <>
* freebsd4/ports/ppp: awkhulhak ppp
2002-02-26 JINMEI, Tatuya <>
* freebsd4/sys/netinet6/in6_pcb.c (in6_mapped_sockaddr,
in6_mapped_peeraddr): do not convert the unspecified address (::)
to the mapped address form. Otherwise, get{peer, sock}name(2) for
an AF_INET6 wildcard address would return ::ffff:
2002-02-26 JINMEI, Tatuya <>
* freebsd4/sys/netinet/tcp_syncache.c (syncache_socket): when
making a PCB entry from a syn cache, do not forget to copy
* freebsd4/sys/netinet/tcp_usrreq.c (tcp6_usr_connect): set
inc_isipv6 when connecting to a non-mapped AF_INET6 address.
All FreeBSD users are recommended to apply this fix. Without
these changes, we would fail to update a stale cached route.
2002-02-25 SUZUKI, Shinsuke <>
* sys/netinet6/in6_src.c (in6_selectsrc):
fixed a bug that sendmsg() on raw socket sometimes fails by ENXIO,
due to the inconsistency between embedded zone-id and the calculated
outgoing interface-id.
Mon Feb 25 10:58:09 JST 2002
* sys/netinet/ip_input.c: enforce ipsec policy checking on forwarding
case (the portion was lost during transition to PR_LASTHDR).
From: Greg Troxel <>
2002-02-24 SUZUKI, Shinsuke <>
* kame/route6d/route6d.c:
not remove global addresses on loopback interface from routing
table by route aging.
2002-02-23 JINMEI, Tatuya <>
* kame/sys/netinet6/nd6.c (nd6_rtrequest): rejected the process of
RESOLVE when the interface does not need neighbor caches.
Otherwise, this function would mistakenly try to make a neighbor
cache for an stf interface.
Based on a report from Ross Finlayson <> at the
freebsd-net ML.
2002-02-23 SUZUKI, Shinsuke <>
* kame/pim6sd/{pim6_proto.c, route.c}:
pim6sd doesn't crash now when receiving (*,*,RP) entry.
Thu Feb 21 23:48:38 JST 2002
* kame/kame/racoon:
to specify the identifier in "sainfo" directive is deprecated.
the identifier should be always made from SPD.
2002-02-20 SUZUKI, Shinsuke <>
* freebsd4/sys/net/if.c ():
fixed a kernel crash that occurs when you enable IPv6 Multicast
on VLAN interface.
2002-02-19 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_output.c (ip6_setmoptions): fixed kernel
panic in the case of IPV6_LEAVE_GROUP without an interface.
The kernel would choose the group based on the address only with
Note, however, that ambiguity on the scope zone of the address
would not be allowed by default. This particularly means that you
should always specify the interface for interface or link local
Based on: a report from Tomomi Suzuki <>
2002-02-19 JINMEI, Tatuya <>
* kame/sys/netinet6/tcp6_subr.c (tcp6_respond): called
ip6_getpktaddrs() correctly. NULL pointers would be referred to
without this fix.
Based on: a report from Tomomi Suzuki <>
2002-02-19 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_input.c (ip6_init2): called nd6_ifattach()
for the loopback interface, in order to make sure to initialize
the nd_ifinfo structure for the interface.
2002/02/19 16:05:42 JST
* reduce differences from netbsd-current and openbsd-3.0:
- use ALTQ_DECL() for altq only variables.
- make IFQ_ENQUEUE() take 4 args even for the non-altq case
- the return type of altq_etherclassify() is changed from
int to void.
the function prototype is moved to if_altq.h.
* add more altq supported drivers and link types.
most of the remaining drivers are supported by now.
2002-02-18 JINMEI, Tatuya <>
* kame/sys/netinet6/in6.h: stopped defining the route_in6{}
structure for bsdi4 regardless of local configuration options.
We'll never need this because BSD/OS has merged the "new" route{}
structure, which can store all socket addresses.
* kame/sys/netinet6/{mld6.c, route6.h}: always included route.h
based on the change above.
2002-02-18 Shin'ichi Fujisawa <>
* kame/sys/netinet6/natpt_*.[ch]:
* kame/kame/natptconfig/*.[chly58]:
- About natptcofig command
- Add "-q" option to suppress error message.
- Change it to return non ZERO value when detects syntax error.
- NAT-PT rule has rule number.
You can omit rule number when setting NAT-PT. In this case,
behaviour of natptconfig command is same as previous.
Rules can be deleted individually; Rule number can be
- see natptconfig(8) and natpt.conf(5) for more detail.
2002-02-14 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_input.c (ip6_input): cleanup; removed a
duplicated check for mapped source or destination addresses.
2002-02-14 JINMEI, Tatuya <>
* kame/sys/netinet6/mld6.c (mld6_start_listening): added an
assertion in the case of this function was called before
2002-02-14 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_input.c (ip6_init2): stopped calling
in6_ifattach(lo0). We in fact do not need to call in6_ifattach()
at this stage. Additionally, in6_ifattach() has a bad effect of
sending packets even though some parts of the kernel are not ready
for sending.
2002-02-09 JINMEI, Tatuya <>
* kame/sys/{netinet6, netkey}/: changed the definition of
in6_multi{} to contain a full sockaddr_in6 of the multicast
address. Related functions were also modified accordingly.
* kame/kame/ifmcstat/ifmcstat.c (in6_multientry):
* {netbsd, openbsd}/usr.bin/netstat/if.c (intpr):
Modified according to the change above. These tools should
be rebuilt as well as the kernel.
Mon Feb 8 JST 2002
* freebsd4: sync with 4.5-RELEASE
2002-02-04 JINMEI, Tatuya <>
* bsdi4/sys/netinet6/in6_pcb.c (in6_pcbbind): correctly separated
IPv4-mapped address case in in6_pcbbind(). Reported from bsdi.
2002-02-04 JINMEI, Tatuya <>
* kame/kame/ping6: supported a new option '-g gateway' to allow a
specific next hop.
2002-02-03 JINMEI, Tatuya <>
* bsdi4/sbin/sysctl/sysctl.c (sysctl_key): supported net.key.*
2002-02-02 JINMEI, Tatuya <>
* freebsd4/sys/netinet6/udp6_usrreq.c (udp6_ctlinput):
* openbsd/sys/netinet/udp_usrreq.c (udp6_ctlinput):
* bsdi4/sys/netinet/udp_usrreq.c (udp6_ctlinput):
corrected arguments to ip6_pcbnotify().
2002-02-02 JINMEI, Tatuya <>
* freebsd4/sys/netinet/tcp_subr.c (tcp_respond): correctly reset
returned IPv6 header. This is essential when the original packet
contains an IPv6 extension header.
2002-02-02 JINMEI, Tatuya <>
* bsdi4/usr.sbin/netstat/inet.c (ipsec6_stats): supported printing
statistics for IPsec over IPv6.
2002-02-02 JINMEI, Tatuya <>
* many kernel files: totally revised IPv6 scoped address
architecture in the kernel.
- sticked to use sockaddr_in6, not in6_addr, as much as possible
- did not refer to ip6_src/ip6_dst (which may have ambiguity on
scope zones), but used full sockaddr_in6 structures attached to
the packet
- replaced special cases for link-local addresses with code that
used generic functions such as in6_addr2zoneid()
- additional cleanups mainly for scoped address handling
The change is so big and we'll need some more time to stabilize
the code. It is not recommended to use the latest code for
purposes that need stable behavior.
2002-01-29 Shin'ichi Fujisawa <>
* kame/sys/netinet6/natpt_{defs,rule,soctl,usrreq}.[ch]:
* kame/kame/natptconfig/misc.c:
- Change NATPT related ioctl macro name which begin with
"SIOC" to name which begin with "NATPT". "SIOC" as ioctl
macro name prefix is too general.
Mon Jan 28 17:19:19 JST 2002
* kame/sys/netnet6/{mip6.c,mip6_binding.c,mip6.h}
- fix a bug in the processing routine of the authentication data
- change the default security policy for protecting bu/ba.
if compiled for ID-15, IPsec = 0 and authdata = 1.
if compiled for ID-13, IPsec = 1.
Mon Jan 28 14:09:21 JST 2002
* bsdi4: upgrade base version to BSD/OS 4.3.
2002-01-26 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_output.c (ip6_ctloutput): handled
getsockopt(IPV6_RTHDR) correctly.
In response to: KAME PR 403 from
Sat Jan 26 11:50:54 JST 2002
* kame/kame/racoon:
the port number in the phase1 identifier is set 500
when the identifier type is the ip address
although it is described ambiguity in RFC2407 4.6.2.
2002-01-23 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_output.c (ip6_output): checked the
IPV6_MINMTU flag in ip6_output as well as the IP6PO_MINMTU flag in
the outgoing packet options. The former can still be set by
icmp6_reflect or gif_output.
Mon Jan 21 21:07:25 JST 2002
* kame/sys/netinet6/mip6*,kame/kame/mip6control/
add swithces to enable/disable
- the check code of bu/ba if they are protected by the ipsec.
- the check code of bu/ba if they are protected by the authdata.
to enable/disable those switches, use mip6cotrol.
2002-01-21 JINMEI, Tatuya <>
* kame/sys/netinet6/in6_pcb.h:
* {bsdi4, freebsd, openbsd}/sys/netinet/in_pcb.h:
- added foreign/local socket address structures to in[6]pcb{} in order
to have scope zone information of IPv6 addresses
- changed [fl]addr and [fl]port as shortcut macro
* kame/sys/netinet6/in6_pcb.c (in6_pcballoc):
* {bsdi4, freebsd, openbsd}/sys/netinet/in_pcb.c (in_pcballoc):
- set sin6_family and sin6_len when allocating an AF_INET6 pcb
Note: this change implicitly affected applications that referred
to the in[6]pcb structure (e.g. netstat). Be sure to update
header files and recompile all KAME applications.
2002-01-21 JINMEI, Tatuya <>
* kame/kame/wru: allowed the user to omit the hostname, in which
case the command used ff02::1 disambiguating the link zone using
the default interface.
2002-01-21 JINMEI, Tatuya <>
* kame/sys/netinet6/route6.c (ip6_rthdr0): made the source routing
code more scope-aware:
- it now considers all type of scopes (i.e. not only link-local
- it conforms to the forwarding rule described in the scoping arch
2002-01-21 SUZUKI, Shinsuke <>
* kame/kame/pim6sd/mldv2_proto.c:
- fixed a bug that MLDv2 Report crashes pim6sd.
2002-01-20 JINMEI, Tatuya <>
improved the support of IPv6 scoped addresses:
* kame/sys/netinet6/ip6_var.h: added sockaddr_in6 structures to
record source and destinaion addresses with scope information.
* kame/sys/netinet6/ip6_input.c (ip6_input): recorded the
* kame/sys/netinet6/ip6_forward.c(ip6_forward): used the recorded
addresses to check scope breakage and to get a route.
2002-01-20 JINMEI, Tatuya <>
* kame/sys/netinet6/udp6_output.c (udp6_output): corrected the
length argument to in_cksum (bsdi4 only).
2002-01-20 JINMEI, Tatuya <>
* freebsd4/sys/netinet/in_pcb.c (in_pcbladdr):
* {freebsd4, netbsd, openbsd}/sys/netinet/ip_output.c (ip_output):
* {netbsd, openbsd}/sys/netinet/in_pcb.c (in_selectsrc):
- check the address family of the destination cached in a PCB.
- clear the cached destination before getting another cached
route. Otherwise, garbage in the padding space (which might be
filled in if it was used for IPv6) could annoy rtalloc.
Note for OpenBSD: though Openbsd actually does not need these
fixes since it does not support IPv4-mapped IPv6 addresses, the
fixes are at least not harmful and will avoid possible bugs in the
future if it will ever support mapped addresses.
2002-01-20 JINMEI, Tatuya <>
* kame/sys/netinet6/in6_src.c (in6_selectroute): checked the
address family of a cached destination, in case of sharing the
cache with IPv4.
In response to: a bug report from Vineet Goel in the snap-users
2002-01-20 SUZUKI, Shinsuke <>
* kame/kame/pim6{dd,sd}/mld6.c:
fixed a bug that (*,G) entry diminishes due to a failure of
MLD Query advertisement.
2002-01-18 Shin'ichi Fujisawa <>
* kame/sys/netinet6/natpt_*.[chly]:
- Change a method of modification or reference of NAT-PT local
variable. Natptconfig show subcommand does not read
/dev/kmem any more when refer to variable.
2002-01-12 JINMEI, Tatuya <>
* kame/sys/netinet6/icmp6.c (icmp6_rip6_input): if the received
data is small enough but in an mbuf cluster, copy the data to a
separate mbuf that does not use a cluster.
This change will reduce the possiblity of packet loss in the
socket layer.
2002-01-12 JINMEI, Tatuya <>
* kame/kame/wru: was added as a separate command for ICMPv6 node
information queries. The first motivation of this command is to
provide the ability to handle the queries and responses with
platforms that do not support 'ping6 -w'. Though this command is
just a subset of 'ping6 -w' at this moment, it has some useful
properties comparing to the existing command. For example, wru
only sends a single query even for a multicast destination. In
this case, it collects replies during a certain amount of period,
prints the result, and then exits.
2002-01-11 JINMEI, Tatuya <>
* kame/sys/netinet6/in6_src.c (in6_selectif): do not use a
rejected or black hole route to pick the outgoing interface.
Otherwise, we could disambiguate a scoped destination with the
invalid route and would see some confusing results.
2002-01-11 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_input.c (ip6_input): do not accept packets
to a destination that has a rejected or blackhole host route.
2002-01-10 JINMEI, Tatuya <>
* (many kernel files): cleaned up the code to receive extension
headers (and other optional information) on TCP sockets. As a
result, the kernel TCP stack does not pass the information to
applications. All related functions were removed with this change,
while the "imputopts" member in the PCB structure was remained
just in case.
2002-01-10 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_output.c (ip6_clearpktopts): avoided NULL
pointer reference. The reference should have occurred in very
rare cases, but it is recommended to upgrade the kernel the
20011231 snap and later.
2002-01-10 JINMEI, Tatuya <>
* kame/sys/netinet6/ip6_input.c (ip6_savecontrol): do not compare
the previous value of each option to decide if the option should
be passed to application. This part has been removed from the
advanced API spec.
2002/01/07 21:26:21 JST
add ECN (Explicit Congestion Notification) support (RFC3168).
the ECN implementation consists of 3 independent components:
- marking mechanism in ALTQ
- tunnel-egress and fragment reassenbly rules in layer-3
- TCP mechanisms
to enable ECN support in TCP, build a kernel with TCP_ECN
and turn it on by sysctl -w net.inet.tcp.ecn=1
netstat(1) shows the ECN related statistics.
a simple example setup for ALTQ to mark packets on interface xl0:
interface xl0 bandwidth 3M red ecn
2002-01-03 JINMEI, Tatuya <>
* bsdi4/sys/netinet/ip_icmp.c (icmp_input): passed applications
icmp6 error packets that contained ipv6 over ipv4 packets,
even if the error packet did not have enough length to store the
whole IPv6 packets. traceroute -6 in fact needed this behavior.
2002-01-02 JINMEI, Tatuya <>
* kame/kame/traceroute: added a new option "-6" to send IPv6 over
IPv4 probe packets. This option will specifically be useful to
see if an intermediate router rejects the tunneled packets.
2002-01-02 JINMEI, Tatuya <>
* kame/sys/netinet6/in6.h: restricted the use of
IPV6_RECVRTHDRDSTOPTS in the kernel. This option was obsoleted in
Jump to Line
Something went wrong with that request. Please try again.