SUZUKI Shinsuke
7014e0eb11
fixed a kernel crash at the initialization time of PIM-SM register interface
...
MFC after: 2 days
2005-12-09 04:42:19 +00:00
Hajimu UMEMOTO
4a3df7fe7b
the response NS to a DAD NS was not sent correctly due to the
...
invalid destination address.
Submitted by: JINMEI Tatuya <jinmei__at__isl.rdc.toshiba.co.jp>
MFC after: 1 day
2005-12-08 06:43:39 +00:00
SUZUKI Shinsuke
a829cf5765
fixed a kernel crash due to an improper removal of callout-timer
...
(ToDo: similar fix is necessary for other NDP-related callout-timers
in netinet6/nd6*.c)
PR: kern/88725
MFC after: 1 month
2005-11-16 12:36:08 +00:00
Ruslan Ermilov
303989a2f3
Use sparse initializers for "struct domain" and "struct protosw",
...
so they are easier to follow for the human being.
2005-11-09 13:29:16 +00:00
SUZUKI Shinsuke
797df30d75
statically configured IPv6 address is properly added/deleted now
...
Obtained from: KAME
Reported in: freebsd-net@freebsd
MFC after: 1 day
2005-10-31 23:06:04 +00:00
SUZUKI Shinsuke
36dc24e61e
fixed a compilation failure on amd64/sparc64/ia64
...
Submitted by: max
MFC after: 2 month
2005-10-22 05:07:16 +00:00
SUZUKI Shinsuke
200caaf0c0
nuked non-existing commands
2005-10-21 16:31:39 +00:00
SUZUKI Shinsuke
743eee666f
sync with KAME regarding NDP
...
- introduced fine-grain-timer to manage ND-caches and IPv6 Multicast-Listeners
- supports Router-Preference <draft-ietf-ipv6-router-selection-07.txt>
- better prefix lifetime management
- more spec-comformant DAD advertisement
- updated RFC/internet-draft revisions
Obtained from: KAME
Reviewed by: ume, gnn
MFC after: 2 month
2005-10-21 16:23:01 +00:00
SUZUKI Shinsuke
9c8aab3e0b
perform NUD on an IPv6-aware point-to-point interface
...
Obtained from: KAME
MFC after: 1 week
2005-10-21 15:59:00 +00:00
SUZUKI Shinsuke
4ecbe3316a
sync with KAME (renamed a macro IPV6_DADOUTPUT to IPV6_UNSPECSRC)
...
Obtained from: KAME
2005-10-21 15:45:13 +00:00
SUZUKI Shinsuke
7aa5949375
sync with KAME (nuked unused code, use NULL to denote a NULL pointer)
...
Obtained from: KAME
Reviewed by: ume, gnn
2005-10-19 17:18:49 +00:00
SUZUKI Shinsuke
c1a049ac20
sync with KAME (removed a unnecesary non-standard macro)
...
Obtained from: KAME
Reviewd by: ume, gnn
2005-10-19 16:53:24 +00:00
SUZUKI Shinsuke
d28bde669a
sync with KAME regarding the following clarification in RFC3542:
...
- disable IPv6 operation if DAD fails for some EUI-64 link-local addresses.
- export get_hw_ifid() (and rename it) as a subroutine for this process.
Obtained from: KAME
Reviewd by: ume, gnn
MFC after: 2 week
2005-10-19 16:43:57 +00:00
SUZUKI Shinsuke
a22adbc68c
sync with KAME (don't respond to NI_QTYPE_IPV4ADDR)
...
Obtained from: KAME
Reviewed by: ume, gnn
2005-10-19 16:27:33 +00:00
SUZUKI Shinsuke
5b27b04579
supported an ndp command suboption to disable IPv6 in the given interface
...
Obtained from: KAME
Reviewd by: ume, gnn
MFC after: 2 week
2005-10-19 16:20:18 +00:00
SUZUKI Shinsuke
b9204379a1
added an ioctl option in kernel so that ndp/rtadvd can change some NDP-related kernel variables based on their configurations (RFC2461 p.43 6.2.1 mandates this for IPv6 routers)
...
Obtained from: KAME
Reviewd by: ume, gnn
MFC after: 2 weeks
2005-10-19 15:05:42 +00:00
SUZUKI Shinsuke
2ce62dce17
sync with KAME in the following points:
...
- fixed typos
- improved some comment descriptions
- use NULL, instead of 0, to denote a NULL pointer
- avoid embedding a magic number in the code
- use nd6log() instead of log() to record NDP-specific logs
- nuked an unnecessay white space
Obtained from: KAME
MFC after: 1 day
2005-10-19 10:09:19 +00:00
SUZUKI Shinsuke
4350fcab1b
Raw IPv6 checksum must use the protocol number of the last header, instead of the first next-header value.
...
Obtained from: KAME
MFC after: 1 day
2005-10-19 01:21:49 +00:00
SUZUKI Shinsuke
2d70ebe43d
fixed a kernel crash when IPv6 PIM-SM routing is enabled and a PIM register message is received
...
Obtained from: KAME
MFC After: 3 days
2005-10-17 13:47:31 +00:00
SUZUKI Shinsuke
971b154cd3
added a missing unlock
...
Submitted by: JINMEI Tatuya
MFC After: 1 day
2005-10-15 08:49:49 +00:00
Hajimu UMEMOTO
9129d539e2
AES counter mode uses 8byte IV, not 16 bytes.
...
Obtained from: NetBSD
2005-10-12 09:13:48 +00:00
Andre Oppermann
fe53256dc2
Use monotonic 'time_uptime' instead of 'time_second' as timebase
...
for rt->rt_rmx.rmx_expire.
2005-09-19 22:54:55 +00:00
SUZUKI Shinsuke
9689258fb5
plugged a possible memory leak
...
Obtained from: KAME
MFC after: 1 day
2005-09-16 01:42:50 +00:00
David E. O'Brien
7ba26d99d8
IPv6 was improperly defining its malloc type the same as IPv4 (M_IPMADDR,
...
M_IPMOPTS, M_MRTABLE). Thus we had conflicting instantiations.
Create an IPv6-specific type to overcome this.
2005-09-07 10:11:49 +00:00
Andrew Thompson
59280079d3
Add support for multicast to the bridge and allow inet6 addresses to be
...
assigned to the interface.
IPv6 auto-configuration is disabled. An IPv6 link-local address has a
link-local scope within one link, the spec is unclear for the bridge case and
it may cause scope violation.
An address can be assigned in the usual way;
ifconfig bridge0 inet6 xxxx:...
Tested by: bmah
Reviewed by: ume (netinet6)
Approved by: mlaier (mentor)
MFC after: 1 week
2005-09-06 21:11:59 +00:00
Andre Oppermann
e0aec68255
Use the correct mbuf type for MGET().
2005-08-30 16:35:27 +00:00
SUZUKI Shinsuke
2af9b91993
added a missing unlock (just do the same thing as in netinet/raw_ip.c)
...
Obtained from: KAME
MFC after: 3 days
2005-08-18 11:11:27 +00:00
Hajimu UMEMOTO
5d52565396
- fix race condition using sx lock.
...
- use TAILQ_FOREACH() for readability.
Suggested by: jhb
2005-08-17 16:46:55 +00:00
Hajimu UMEMOTO
1c44678637
avoid exclusive sleep mutex.
2005-08-16 19:49:10 +00:00
Hajimu UMEMOTO
5af09736a8
added a knob to enable path MTU discovery for multicast packets.
...
(by default, it is disabled)
Submitted by: suz
Obtained from: KAME
2005-08-13 19:55:06 +00:00
Hajimu UMEMOTO
cd0fdcf7a7
- fix typo in comment.
...
- nuke unused code.
Submitted by: suz
Obtained from: KAME
2005-08-12 15:27:25 +00:00
Gleb Smirnoff
530f95fc08
o Make rt_check() function more strict:
...
- rt0 passed to rt_check() must not be NULL, assert this.
- rt returned by rt_check() must be valid locked rtentry,
if no error occured.
o Modify callers, so that they never pass NULL rt0
to rt_check().
Reviewed by: sam, ume (nd6.c)
2005-08-11 08:14:53 +00:00
Hajimu UMEMOTO
ae12c6579e
create sysctl tree dynamically. it is required to share
...
net.inet6.ip6.fw with upcomming ipfw2 improvement for IPv6.
Requested by: bz
2005-08-11 07:28:01 +00:00
Hajimu UMEMOTO
31c8e3fbec
removed RFC1885-related code. it was obsoleted by RFC2463, and the
...
code was #ifdef'ed out for a long time.
Submitted by: suz
Obtained from: KAME
2005-08-10 17:30:10 +00:00
SUZUKI Shinsuke
f8a8f9ca5e
supports stealth forwarding in IPv6, as well as in IPv4
...
PR: kern/54625
MFC after: 1 week
2005-08-10 09:13:35 +00:00
David E. O'Brien
c11ba30c9a
Remove public declarations of variables that were forgotten when they were
...
made static.
2005-08-10 07:10:02 +00:00
David E. O'Brien
6ca6f60b07
Style nit.
2005-08-10 06:38:46 +00:00
SUZUKI Shinsuke
05b697ddcb
fixed a kernel crash at the start-up time of an IPv6 multicast daemons o
...
(e.g. pim6dd, pim6sd)
MFC after: 3 days
2005-08-10 05:28:11 +00:00
Hajimu UMEMOTO
c66b5fea43
corrected the fourth argument to ni6_addrs().
2005-08-09 12:24:11 +00:00
Robert Watson
13f4c340ae
Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and
...
IFF_DRV_RUNNING, as well as the move from ifnet.if_flags to
ifnet.if_drv_flags. Device drivers are now responsible for
synchronizing access to these flags, as they are in if_drv_flags. This
helps prevent races between the network stack and device driver in
maintaining the interface flags field.
Many __FreeBSD__ and __FreeBSD_version checks maintained and continued;
some less so.
Reviewed by: pjd, bz
MFC after: 7 days
2005-08-09 10:20:02 +00:00
Gleb Smirnoff
9bd8ca3014
In preparation for fixing races in ARP (and probably in other
...
L2/L3 mappings) make rt_check() return a locked rtentry.
2005-08-09 08:39:56 +00:00
Gleb Smirnoff
401df2f296
- Use 'error' variable to store error value, instead of 'i'.
...
- Push 'i' into the only block where it is used.
- Remove redundant check for rt being NULL. If rt_check() hasn't
returned an error, then rt is valid.
Reviewed by: gnn
2005-08-09 08:37:28 +00:00
Robert Watson
bccb41014a
Modify network protocol consumers of the ifnet multicast address lists
...
to lock if_addr_mtx.
Problem reported by: Ed Maste <emaste at phaedrus dot sandvine dot ca>
MFC after: 1 week
2005-08-02 23:51:22 +00:00
Hajimu UMEMOTO
e770771a78
simplied the fix to FreeBSD-SA-04:06.ipv6. The previous one worried
...
too much even though we actually validate the parameters. This code
also is more compatible with other *BSDs, which do copyin within
setsockopt().
Submitted by: Keiichi SHIMA <keiichi__at__iijlab.net>
Reviewed by: security-officer (nectar)
Obtained from: KAME
2005-07-28 18:07:07 +00:00
Colin Percival
1fcc990954
Correct a buffer overflow which can occur when decompressing a
...
carefully crafted deflated data stream. [1]
Correct problems in the AES-XCBC-MAC IPsec authentication algorithm. [2]
Submitted by: suz [2]
Security: FreeBSD-SA-05:18.zlib [1], FreeBSD-SA-05:19.ipsec [2]
2005-07-27 08:41:17 +00:00
Hajimu UMEMOTO
d6bb0cb7eb
nuke duplicate inclusion of scope6_var.h.
2005-07-26 11:46:15 +00:00
Hajimu UMEMOTO
336a1a7b37
oops, make it compilable. i need sleep. X-(
2005-07-25 17:28:39 +00:00
Hajimu UMEMOTO
a7734b4bfd
restore locks which disappeared wrongly by my previous commit.
2005-07-25 17:05:37 +00:00
Hajimu UMEMOTO
a1f7e5f8ee
scope cleanup. with this change
...
- most of the kernel code will not care about the actual encoding of
scope zone IDs and won't touch "s6_addr16[1]" directly.
- similarly, most of the kernel code will not care about link-local
scoped addresses as a special case.
- scope boundary check will be stricter. For example, the current
*BSD code allows a packet with src=::1 and dst=(some global IPv6
address) to be sent outside of the node, if the application do:
s = socket(AF_INET6);
bind(s, "::1");
sendto(s, some_global_IPv6_addr);
This is clearly wrong, since ::1 is only meaningful within a single
node, but the current implementation of the *BSD kernel cannot
reject this attempt.
Submitted by: JINMEI Tatuya <jinmei__at__isl.rdc.toshiba.co.jp>
Obtained from: KAME
2005-07-25 12:31:43 +00:00
Hajimu UMEMOTO
885adbfa81
always copy ip6_pktopt. remove needcopy and needfree
...
argument/structure member accordingly.
Submitted by: Keiichi SHIMA <keiichi__at__iijlab.net>
Obtained from: KAME
2005-07-21 16:39:23 +00:00