summaryrefslogtreecommitdiff
path: root/sys/netinet6
AgeCommit message (Collapse)Author
2004-08-24revert. itojun notes that 128 is ok because of bitlen check.Ted Unangst
add a comment to this effect since many of us were confused. ok deraadt@
2004-08-23make sure we do not overwrite checksum field on shared mbuf.Jun-ichiro itojun Hagino
markus, henning, deraadt, mcbride ok
2004-08-21correct bounds checks. found at/by Coverity.Ted Unangst
ok deraadt@
2004-07-14completely revert to r1.31, there were still problems on the forwardingDaniel Hartmeier
path
2004-07-12remove PF_FORWARD (which was introduced by ipv6 reass-on-scrub).Jun-ichiro itojun Hagino
daniel found it.
2004-06-25IPv6 reassembly on "scrub" directive.Jun-ichiro itojun Hagino
caveats: (to be addressed soon) - "scrub in" should queue fragments back into ip6intrq again, but somehow it does not happen - the packet is kept inside reass queue. need investigation - ip6_forwarding path is not tested - does not use red-black tree. somehow red-black tree behaved badly and was not robust. performance issue, the above one is more important. good things: - "scrub out" is perfectly ok - i think now we can inspect upper-layer protocol fields (tcp port) even if ip6 packet is fragmented. - reass queue will be cleaned up properly by timeout (60sec). we might want to impose pool limit as well
2004-06-24"error" could be left uninitializedJun-ichiro itojun Hagino
2004-06-21First step towards more sane time handling in the kernel -- this changesThorsten Lockert
things such that code that only need a second-resolution uptime or wall time, and used to get that from time.tv_secs or mono_time.tv_secs now get this from separate time_t globals time_second and time_uptime. ok art@ niklas@ nordin@
2004-06-21Get rid of pf_test_eh() wrapper.Ryan Thomas McBride
ok cedric@ henning@
2004-06-17correct multicast handling for special groups (like solicited node multicast).Jun-ichiro itojun Hagino
from jinmei@kame
2004-06-16missing paren in macro def. Patrick LatifiJun-ichiro itojun Hagino
2004-06-15avoid creating multiple multicast filter entry for the same group.Jun-ichiro itojun Hagino
notified from Patrick Latifi, deraadt ok
2004-06-12support IPV6_USE_MIN_MTU, to make BIND9 better.Jun-ichiro itojun Hagino
(sorry about the mess yesterday)
2004-06-11back out tree breakage. Like, come onTheo de Raadt
2004-06-11support IPV6_USE_MIN_MTU, which is needed to run BIND9 well. from kameJun-ichiro itojun Hagino
markus ok
2004-06-01there's no use in checking curproc privilege in input path.Jun-ichiro itojun Hagino
equivalent to http://orange.kame.net/dev/cvsweb2.cgi/kame/kame/sys/netinet6/ip6_input.c.diff?r1=1.344&r2=1.345. jinmei@kame
2004-05-19do not loop on nd6_output() when transmission fails. from kameJun-ichiro itojun Hagino
2004-05-07Replace RSA-derived md5 code with code derived from Colin Plumb's PD version.Todd C. Miller
This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@
2004-04-25radix tree with multipath support. from kame. deraadt okJun-ichiro itojun Hagino
user visible changes: - you can add multiple routes with same key (route add A B then route add A C) - you have to specify gateway address if there are multiple entries on the table (route delete A B, instead of route delete A) kernel change: - radix_node_head has an extra entry - rnh_deladdr takes extra argument TODO: - actually take advantage of multipath (rtalloc -> rtalloc_mpath)
2004-04-22correct arg to in6_cksum. keiichi@kameJun-ichiro itojun Hagino
2004-03-25Don't use mbuf pointer in error case, when it has been set to NULL.Daniel Hartmeier
From Patrick Latifi. ok markus@, henning@, deraadt@
2004-02-23avoid touching out-of-bound memory if len == 128.Jun-ichiro itojun Hagino
Ted Unangst via Colin Percival
2004-02-15switch to sysctl_int_arr(); ok itojun, henning, miod, deraadtMarkus Friedl
2004-02-06permit IPv6-only operation (permit AF_INET6 bind(2) without IPv4 address).Jun-ichiro itojun Hagino
found by todd fries. markus ok
2004-02-05remove never-to-be-used codepath (IPv4 mapped address). ok mcbrideJun-ichiro itojun Hagino
2004-02-04typo within comment, deilver -> deliverDaniel Hartmeier
2004-02-04remove kludge now that proper IPV6_MMTU handling is inDaniel Hartmeier
2004-02-04strictly follow RFC2460 section 5, last paragraph (sender behavior whenJun-ichiro itojun Hagino
path MTU < 1280). bug found by Georgi Guninski. ok dhartmei
2004-02-02make the stack compile if NPF=0. ok deraadt@ markus@Cedric Berger
2004-02-01ignore too small MTUs (below 296 octets), similar to IPv4.Daniel Hartmeier
2004-01-15Provide explicit function argument declarations.Miod Vallat
2004-01-13Expose in6_ifremloop() and in6_ifaddloop() so that they can be used by carp.Ryan Thomas McBride
ok henning@ millert@ itojun@
2004-01-03put an mi wrapper around stdarg.h/varargs.h. gcc3 moved stdarg/varargs macrosMarc Espie
to built-ins, so eventually we will have one version of these files. Special adjustments for the kernel to cope: machine/stdarg.h -> sys/stdarg.h and machine/ansi.h needs to have a _BSD_VA_LIST_ for syslog* prototypes. okay millert@, drahn@, miod@.
2003-12-21change in*_pcbnotify to return numbers of matches; ok itojun, mcbride, henningMarkus Friedl
2003-12-21use CIRCLEQ* for pcb's; ok deraadt, henning, mcbride, with help from canacarMarkus Friedl
2003-12-12niels kindly dropped clause 3/4 from the license. tnx!Jun-ichiro itojun Hagino
2003-12-10validate set/getsockopt arg more strictly. local privileged user could causeJun-ichiro itojun Hagino
a kernel panic with previous code. from kame
2003-12-10correct non-repetitive ID code, based on comments from niels provos.Jun-ichiro itojun Hagino
- seed2 is necessary, but use it as "seed2 + x" not "seed2 ^ x". - skipping number is not needed, so disable it for 16bit generator (makes the repetition period to 30000)
2003-12-10use if_indexlim (instead of if_index) and ifindex2ifnet[x] != NULLJun-ichiro itojun Hagino
to check if interface exists, as (1) if_index will have different meaning (2) ifindex2ifnet could become NULL when interface gets destroyed, when we introduce dynamically-created interfaces. markus ok
2003-12-08move pf_test6() call below loopback (and mapped-ipv4) tests, so rdr -> ::1Daniel Hartmeier
works without additional route-to lo0, just like for ipv4. ok itojun@, henning@
2003-12-03add support for ifconfig clone/destroy; ok henning deraadtMarkus Friedl
2003-11-16convert __attribute__((__packed__)) to __packed so that parsers unawareAnil Madhavapeddy
of gcc extensions have more of a chance. ok mcbride@, no objections from millert@, deraadt@
2003-11-07fix behavior when ipv6mr_interface is 0. reported on netbsd listJun-ichiro itojun Hagino
2003-11-04don't call in_pcbrehash twice; ok itojun@Markus Friedl
2003-10-31Add IPv6 support to CARP.Ryan Thomas McBride
ok deraadt@
2003-10-15c++ friendly, sync w/kame. pvalchev okJun-ichiro itojun Hagino
2003-10-14oops, i did not mean to commit this portion (IPSEC mod), sorryJun-ichiro itojun Hagino
2003-10-14IP6F_OFF_MASK is already endian-flipped; sync w/ kameJun-ichiro itojun Hagino
2003-10-01use random number generator to generate IPv6 fragment ID/flowlabel.Jun-ichiro itojun Hagino
cleanup IPv6 flowlabel handling. deraadt ok
2003-10-01correct m_cat misuse. i remember it was ok'ed by someone but don't remember ↵Jun-ichiro itojun Hagino
who...