| Age | Commit message (Collapse) | Author |
|---|
|
This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.
By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.
ok bluhm@, visa@
|
|
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.
input & OK mpi
|
|
|
|
OK mpi
|
|
kernel.
OK mpi
|
|
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm
|
|
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.
Pointed out by & OK mpi
|
|
shall all be cleansed.
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.
Input & OK bluhm@, mpi@
|
|
only once during init.
OK mpi@
|
|
ok bluhm@
|
|
While here use __func__ in debug strings to reduce noise when grepping.
|
|
this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).
ok mpi@ florian@
|
|
has been moved to nd6_resolve().
ok visa@, millert@, florian@, sthen@
|
|
rename it to nd6_resolve().
This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.
ok sthen@
|
|
most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.
this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.
ok mpi@
|
|
the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.
the code was also incorrect by using a long, which isnt that long
on ILP32 machines.
ok mpi@ millert@ benno@
|
|
Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.
ok bluhm@
|
|
Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.
ok mikeb@ mpi@
|
|
Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@
ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@
|
|
While here remove unused argument and convert the route check to
rtisvalid(9).
ok bluhm@
|
|
OK millert@ mpi@
|
|
interface index directly.
ok bluhm@
|
|
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@
|
|
L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.
Discussed with bluhm@, ok claudio@
|
|
Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.
Imputs from bluhm@, ok phessler@, florian@, bluhm@
|
|
Fewer "struct rtentry" left in the wild!
|
|
|
|
AUTOCONF'd addresses.
This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.
Tested by sebastia@, ok sthen@
|
|
IN6_IFF_NODAD pseudo-flag not being set.
This was just a flag for spaghetti code that should not exist in the
first place.
Tested by sebastia@, ok sthen@
|
|
decrementing rt_refcnt just after rtrequest1(9).
While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.
Discussed with and ok bluhm@
|
|
structures into a function.
ok florian@
|
|
Tweak and ok florian@
|
|
ok claudio@
|
|
- Unicast packets sent to any local address will have their interface
set to loobpack.
- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).
- Update the icmp6 state lookup logic to match scoped MLL addresses.
- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.
Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.
This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.
Debugged, analysed and tested with mikeb@.
ok mikeb@, henning@, sthen@
|
|
Tweaks and ok florian@
|
|
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.
The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.
input stsp@
much help & OK mpi@
tweaks & OK bluhm@
|
|
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.
ok stsp@
|
|
local traffic is not optional.
ok mikeb@, stsp@, jca@
|
|
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm
|
|
includes this.
|
|
ok krw@, mikeb@
|
|
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@
|
|
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.
Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.
OK mpi@
|
|
No binary change.
OK mikeb@ mpi@
|
|
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.
ok mikeb@, bluhm@, florian@
|
|
|
|
ok deraadt henning sthen thib (though thib says he can't spell)
|
|
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.
Man page help from jmc, testing by weerd, arc4random API hints from djm.
ok deraadt, claudio
|
|
ok mpf naddy
|
|
|
