Permalink
Commits on Jul 16, 2000
  1. changed the static buffer in if_name() to an array of array

    to be more context safe.
    jinmei committed Jul 16, 2000
  2. cleanup receiver side processing a bit.

    make sure to check error code from getnameinfo.
    itojun committed Jul 16, 2000
  3. about nonce size.

    sakane committed Jul 16, 2000
  4. added some description about the padding.

    added initial_contact.
    sakane committed Jul 16, 2000
  5. more sync with netbsd

    itojun committed Jul 16, 2000
  6. sync better with netbsd (no rc5 in kernel)

    itojun committed Jul 16, 2000
  7. %d->%u.

    sakane committed Jul 16, 2000
  8. added a option to randomize values in a padding.

    clarified to randomize length.
    sakane committed Jul 16, 2000
  9. s/IPSEC_IPV6FWD/IPSEC/

    include opt_ipsec for netbsd
    itojun committed Jul 16, 2000
  10. * sys/netinet6/ip6_forward.c: enable IPSEC_IPV6FWD case by default.

      (actually, previous default behavior was wrong as it transmits
      forwarded packets in clear, even though the policy asks for
      encryption)
    itojun committed Jul 16, 2000
  11. enable IPSEC_IPV6FWD by default. the default behavior (no IPSEC_IPV6FWD)

    was harmful as it forwards IPv6 packet in clear.
    itojun committed Jul 16, 2000
  12. * kame/ping6:

      - check duplicated replies for node information query (*)
      - fill nonce field for node information query (*)
      - use generic icmp6 printer for echo/echo reply/ni reply/ni reply,
        when ident/nonce does not match
      - clarlify outgoign packet construction a bit
      (*) based on patch from yoshfuji, cleaned up by itojun
    itojun committed Jul 16, 2000
  13. - check duplicated replies for node information query (*)

    - fill nonce field for node information query (*)
    - use generic icmp6 printer for echo/echo reply/ni reply/ni reply,
      when ident/nonce does not match
    - clarlify outgoign packet construction a bit
    
    (*) based on patch from yoshfuji, cleaned up by itojun
    itojun committed Jul 16, 2000
  14. name-lookup 05 -> 06

    itojun committed Jul 16, 2000
  15. * sys/netinet6/icmp6.c: ICMPv6 node information query now based on

      06 draft (ping6 -w).
    itojun committed Jul 16, 2000
  16. support name-lookups-06 draft.

    - link-local queries are now permitted, so "ping6 -w ff02::1" is now legal
      (we still have some issue with Subject address validation)
    - "code" field for NOOP/supported-qtype is now clarified
    itojun committed Jul 16, 2000
  17. o support DN type of ID payload.

    sakane committed Jul 16, 2000
  18. cope with old kame headers

    itojun committed Jul 16, 2000
Commits on Jul 15, 2000
  1. fixed some of message when a error happens.

    sakane committed Jul 15, 2000
  2. add kazuo horikawa

    itojun committed Jul 15, 2000
  3. KAME PR 271

    itojun committed Jul 15, 2000
  4. * sys/netinet6/in6.h; do not pull sys/queue.h in (it is not

      necessary anyways)
    * sys/net/pfkeyv2.h: correct conformance to RFC2367 (SADB_[EA]ALG_xx
      symbol name).  beware: the change breaks backward compatibility.
      setkey and racoon MUST be recompiled after updating include files.
    itojun committed Jul 15, 2000
  5. update RFC2367 PF_KEY conformance (SADB_[EA]ALG_xx symbol). beware of…

    … binary backward compatibility breakage
    itojun committed Jul 15, 2000
  6. in6.h should not pull sys/queue.h (netbsd PR)

    itojun committed Jul 15, 2000
  7. delete a tab space.

    sakane committed Jul 15, 2000
  8. o support RESPONDER-LIFETIME and rekeying

    sakane committed Jul 15, 2000
  9. wording.

    sakane committed Jul 15, 2000
  10. unused varibale

    itojun committed Jul 15, 2000
  11. cleared reallocated buffer.

    sakane committed Jul 15, 2000
  12. - Fixed the place of checking whether delete payload is protected whe…

    …n delete
    
      notification is received.
    - When a delete payload is received, SAs to be deleted are in outbound only.
      So destination IP address have to check before SA will be deleted.
    - Delete phase 1 handler when a delete notification has been received.
      Renamed purge_spi() to purge_ipsec_spi() accompanied with above chanege.
    sakane committed Jul 15, 2000
  13. * kame/route6d: if a routing entry exists for aggregate prefix (-A),

      do not overwrite it (exit with error).  it should be a safer behavir.
    itojun committed Jul 15, 2000
  14. if a routing entry exists for aggregate prefix (-A), do not overwrite…

    … it.
    
    two guys made exactly the same mistake.  it is a good reason to take more
    safer side...
    (by specifying interface prefix to -A, route6d nukes interface prefix)
    itojun committed Jul 15, 2000
Commits on Jul 14, 2000
  1. commented about the reason why we don't send delete payload for outbo…

    …und SAs.
    sakane committed Jul 14, 2000
  2. fixed making a ID payload of IPv4 address type. There was unnecessary…

    … space
    
    of a address.
    sakane committed Jul 14, 2000