Permalink
Commits on Jul 16, 2000
  1. upgrade to 1.4.5

    sumikawa committed Jul 16, 2000
  2. changed the static buffer in if_name() to an array of array

    jinmei committed Jul 16, 2000
    to be more context safe.
  3. cleanup receiver side processing a bit.

    itojun committed Jul 16, 2000
    make sure to check error code from getnameinfo.
  4. about nonce size.

    sakane committed Jul 16, 2000
  5. added some description about the padding.

    sakane committed Jul 16, 2000
    added initial_contact.
  6. more sync with netbsd

    itojun committed Jul 16, 2000
  7. sync better with netbsd (no rc5 in kernel)

    itojun committed Jul 16, 2000
  8. %d->%u.

    sakane committed Jul 16, 2000
  9. added a option to randomize values in a padding.

    sakane committed Jul 16, 2000
    clarified to randomize length.
  10. s/IPSEC_IPV6FWD/IPSEC/

    itojun committed Jul 16, 2000
    include opt_ipsec for netbsd
  11. * sys/netinet6/ip6_forward.c: enable IPSEC_IPV6FWD case by default.

    itojun committed Jul 16, 2000
      (actually, previous default behavior was wrong as it transmits
      forwarded packets in clear, even though the policy asks for
      encryption)
  12. enable IPSEC_IPV6FWD by default. the default behavior (no IPSEC_IPV6FWD)

    itojun committed Jul 16, 2000
    was harmful as it forwards IPv6 packet in clear.
  13. * kame/ping6:

    itojun committed Jul 16, 2000
      - check duplicated replies for node information query (*)
      - fill nonce field for node information query (*)
      - use generic icmp6 printer for echo/echo reply/ni reply/ni reply,
        when ident/nonce does not match
      - clarlify outgoign packet construction a bit
      (*) based on patch from yoshfuji, cleaned up by itojun
  14. - check duplicated replies for node information query (*)

    itojun committed Jul 16, 2000
    - fill nonce field for node information query (*)
    - use generic icmp6 printer for echo/echo reply/ni reply/ni reply,
      when ident/nonce does not match
    - clarlify outgoign packet construction a bit
    
    (*) based on patch from yoshfuji, cleaned up by itojun
  15. name-lookup 05 -> 06

    itojun committed Jul 16, 2000
  16. * sys/netinet6/icmp6.c: ICMPv6 node information query now based on

    itojun committed Jul 16, 2000
      06 draft (ping6 -w).
  17. support name-lookups-06 draft.

    itojun committed Jul 16, 2000
    - link-local queries are now permitted, so "ping6 -w ff02::1" is now legal
      (we still have some issue with Subject address validation)
    - "code" field for NOOP/supported-qtype is now clarified
  18. o support DN type of ID payload.

    sakane committed Jul 16, 2000
  19. cope with old kame headers

    itojun committed Jul 16, 2000
Commits on Jul 15, 2000
  1. fixed some of message when a error happens.

    sakane committed Jul 15, 2000
  2. add kazuo horikawa

    itojun committed Jul 15, 2000
  3. KAME PR 271

    itojun committed Jul 15, 2000
  4. * sys/netinet6/in6.h; do not pull sys/queue.h in (it is not

    itojun committed Jul 15, 2000
      necessary anyways)
    * sys/net/pfkeyv2.h: correct conformance to RFC2367 (SADB_[EA]ALG_xx
      symbol name).  beware: the change breaks backward compatibility.
      setkey and racoon MUST be recompiled after updating include files.
  5. update RFC2367 PF_KEY conformance (SADB_[EA]ALG_xx symbol). beware of…

    itojun committed Jul 15, 2000
    … binary backward compatibility breakage
  6. in6.h should not pull sys/queue.h (netbsd PR)

    itojun committed Jul 15, 2000
  7. delete a tab space.

    sakane committed Jul 15, 2000
  8. o support RESPONDER-LIFETIME and rekeying

    sakane committed Jul 15, 2000
  9. wording.

    sakane committed Jul 15, 2000
  10. unused varibale

    itojun committed Jul 15, 2000
  11. cleared reallocated buffer.

    sakane committed Jul 15, 2000
  12. - Fixed the place of checking whether delete payload is protected whe…

    sakane committed Jul 15, 2000
    …n delete
    
      notification is received.
    - When a delete payload is received, SAs to be deleted are in outbound only.
      So destination IP address have to check before SA will be deleted.
    - Delete phase 1 handler when a delete notification has been received.
      Renamed purge_spi() to purge_ipsec_spi() accompanied with above chanege.
  13. * kame/route6d: if a routing entry exists for aggregate prefix (-A),

    itojun committed Jul 15, 2000
      do not overwrite it (exit with error).  it should be a safer behavir.
  14. if a routing entry exists for aggregate prefix (-A), do not overwrite…

    itojun committed Jul 15, 2000
    … it.
    
    two guys made exactly the same mistake.  it is a good reason to take more
    safer side...
    (by specifying interface prefix to -A, route6d nukes interface prefix)
Commits on Jul 14, 2000
  1. commented about the reason why we don't send delete payload for outbo…

    sakane committed Jul 14, 2000
    …und SAs.