Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Aug 19, 2001
  1. improvements on src addr selection:

    jinmei authored
    - add a comment about public/temporary address selection
    - explicitly prefer longer matching address, even for the case of keeping it.
      (since we may introduce other rules after that.)
  2. snprintf can return negative. from deraadt

    itojun authored
  3. cope with sa_len < sizeof(struct sockaddr).

    itojun authored
    From: Patrik Lindergren <patrik@datacom.nu>
  4. use snprintf, not sprintf

    itojun authored
Commits on Aug 18, 2001
  1. prefix(8) has been obsoleted

    jinmei authored
  2. corrected versions of the latest drafts.

    jinmei authored
  3. IPV6_NEXTHOP has been (almost) implemented.

    jinmei authored
  4. typo

    jinmei authored
  5. comment wording.

    jinmei authored
  6. 2001-08-18 JINMEI, Tatuya <jinmei@isl.rdc.toshiba.co.jp>

    jinmei authored
    	* kame/sys/netinet6/in6_src.c (in6_selectsrc): changed the number
    	of longest matching rule in source address selection from 8 to 14,
    	so that it is easy to assign smaller numbers to more preferred
    	rules.  Additionally, a new rule to prefer addresses on alive
    	(i.e. IFF_UP) interfaces, based on a suggestion from
    	kato@wide.ad.jp.
    	*bsd/netstat were also changed accordingly.
  7. sync with the latest list of source address selection

    jinmei authored
    - change "longest match" to rule 14
    - added "alive interface" as rule 8
  8. added a new rule to source address selection; prefer addresses on alive

    jinmei authored
    (i.e. IFF_UP) interfaces.
  9. changed the number of longest matching rule in source address selection

    jinmei authored
    from 8 to 14, so that it is easy to assign smaller numbers to higher preferred
    rules.  (15 is reserved for future use)
  10. correction and improvement on source address selection:

    jinmei authored
    - add validation before incrementing statistics array to prevent possible
      buffer overrun
    - corrected logic in preferring appropriate scope
Commits on Aug 17, 2001
  1. remove single space.

    sakane authored
  2. ssh

    sakane authored
  3. required exactly matching of key length. but if responder side

    sakane authored
    and peer's key length in proposal is bigger than mine, it might be accepted.
  4. typo

    itojun authored
  5. >Is there an API or other mechanism for a user level program (e.g.

    itojun authored
    >telnet) to inquire of the kernel whether AH/ESP is in use (i.e.
    >whether a security association exists between the local host and a
    >remote host)?
  6. private key should not be shown.

    sakane authored
  7. some comments.

    sakane authored
  8. fix comment. "notify" is not needed here.

    itojun authored
  9. f-secure,ashley,openbsd with rsa signature

    sakane authored
  10. have an example with FQDN.

    itojun authored
Something went wrong with that request. Please try again.