| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Reported by: jhay
|
| |
|
|
| |
Obtained from: KAME
|
| | |
|
| |
|
|
|
|
| |
- transition to use ifp->if_afdata.
Obtained from: KAME
|
| | |
|
| |
|
|
|
|
|
|
| |
address has been changed when PFIL_HOOKS is enabled and, if it has,
arrange for the proper action by ip*_forward.
Submitted by: Pyun YongHyeon
Supported by: FreeBSD Foundation
|
| |
|
|
| |
Supported by: FreeBSD Foundation
|
| |
|
|
| |
Obtained from: KAME
|
| |
|
|
|
|
|
|
| |
- use size_t as return type of schedlen(), as there's no error
check needed.
- clear key schedule buffer before freeing.
Obtained from: KAME
|
| |
|
|
| |
Obtained from: KAME
|
| |
|
|
|
|
| |
- correct SADB_X_AALG_RIPEMD160HMAC to 8
Obtained from: KAME
|
| | |
|
| |
|
|
| |
Obtained from: KAME
|
| |
|
|
|
|
|
|
|
|
|
| |
- correct signedness mixups.
- log fix.
- preparation for 64bit sequence number.
introduce SA id (unique ID for SA - SPI is useless as duplicated
SPI is allowed)
- no need to malloc/free cksum buffer.
Obtained from: KAME
|
| |
|
|
|
|
|
| |
- panic if NULL is passed to ah_sumsiz (as we never do it,
and callers do not properly check negative returns).
Obtained from: KAME
|
| |
|
|
|
|
| |
- avoid assuming result buffer size
Obtained from: KAME
|
| |
|
|
| |
Obtained from: KAME
|
| |
|
|
|
|
| |
- pass size arg to ah->result (avoid assuming result buffer size)
Obtained from: KAME
|
| |
|
|
| |
Obtained from: KAME
|
| |
|
|
| |
it was never enabled.
|
| |
|
|
|
|
| |
smaller footprint.
Obtained from: KAME
|
| |
|
|
|
|
|
| |
- correct signedness mixup in pointer passing.
- drop meaningless variable.
Obtained from: KAME
|
| |
|
|
|
|
|
|
| |
- style
- ANSIfy
(there is no functional change.)
Obtained from: KAME
|
| |
|
|
|
|
|
|
|
|
| |
- style.
- NULL is not 0.
- some variables were renamed.
- nuke unused logic.
(there is no functional change.)
Obtained from: KAME
|
| |
|
|
|
|
|
| |
an interface; otherwise the subsequent unlock blows up
Suffered by: Marcel Moolenaar <marcel@xcllnt.net>
Supported by: FreeBSD Foundation
|
| | |
|
| |
|
|
| |
Obtained from: KAME
|
| |
|
|
|
|
| |
- style.
Obtained from: KAME
|
| | |
|
| |
|
|
| |
(reduce diffs against KAME)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
that covers updates to the contents. Note this is separate from holding
a reference and/or locking the routing table itself.
Other/related changes:
o rtredirect loses the final parameter by which an rtentry reference
may be returned; this was never used and added unwarranted complexity
for locking.
o minor style cleanups to routing code (e.g. ansi-fy function decls)
o remove the logic to bump the refcnt on the parent of cloned routes,
we assume the parent will remain as long as the clone; doing this avoids
a circularity in locking during delete
o convert some timeouts to MPSAFE callouts
Notes:
1. rt_mtx in struct rtentry is guarded by #ifdef _KERNEL as user-level
applications cannot/do-no know about mutex's. Doing this requires
that the mutex be the last element in the structure. A better solution
is to introduce an externalized version of struct rtentry but this is
a major task because of the intertwining of rtentry and other data
structures that are visible to user applications.
2. There are known LOR's that are expected to go away with forthcoming
work to eliminate many held references. If not these will be resolved
prior to release.
3. ATM changes are untested.
Sponsored by: FreeBSD Foundation
Obtained from: BSD/OS (partly)
|
| |
|
|
| |
Obtained from: KAME
|
| |
|
|
| |
Obtained from: KAME
|
| | |
|
| |
|
|
| |
- we don't need to obtain microtime when using ip6_randomid.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Requested by: sam
|
| |
|
|
| |
Obtained from: KAME
|
| |
|
|
|
|
|
|
|
| |
then the mbuf has been consumed by a hook; otherwise beware of a null
mbuf return (gack). In particular the bridge was doing the wrong thing.
While in the ipv6 code make it's handling of pfil_run_hooks identical
to netbsd.
Pointed out by: Pyun YongHyeon <yongari@kt-is.co.kr>
|
| |
|
|
|
|
|
|
|
|
|
| |
o revamp IPv4+IPv6+bridge usage to match API changes
o remove pfil_head instances from protosw entries (no longer used)
o add locking
o bump FreeBSD version for 3rd party modules
Heavy lifting by: "Max Laier" <max@love2party.net>
Supported by: FreeBSD Foundation
Obtained from: NetBSD (bits of pfil.h and pfil.c)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
in6_pcbpurgeif0(LIST_FIRST(udbinfo.listhead), ifp);
in6_pcbpurgeif0(LIST_FIRST(ripcbinfo.listhead), ifp);
The problem here is that udbinfo.listhead and ripcbinfo.listhead are
not initialized during the device probe/attach phase of the kernel
boot process. So if, for example, a network driver calls ether_ifattach()
in its foo_attach() routine and then decides that something is wrong
and calls ether_ifdetach() to reverse the process, we will panic trying
to dereference the uninitialized list head pointers. (Though the
same sequence of events performed after the kernel has come up works
file, i.e. doing kldload if_foo from multiuser.)
Change this to:
if (udbinfo.listhead != NULL)
in6_pcbpurgeif0(LIST_FIRST(udbinfo.listhead), ifp);
if (ripcbinfo.listhead != NULL)
in6_pcbpurgeif0(LIST_FIRST(ripcbinfo.listhead), ifp);
to avoid the NULL pointer dereferences.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
control whether to accept RAs per-interface basis.
the new stuff ensures the backward compatibility;
- the kernel does not accept RAs on any interfaces by default.
- since the default value of the flag bit is on, the kernel accepts RAs
on all interfaces when net.inet6.ip6.accept_rtadv is 1.
Obtained from: KAME
MFC after: 1 week
|
| |
|
|
| |
Submitted by: JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp>
|
| |
|
|
|
|
| |
PR: kern/54874
Submitted by: JINMEI Tatuya <jinmei@shuttle.wide.toshiba.co.jp>
MFC after: 1 week
|
| |
|
|
|
|
| |
state, as inp_socket will then be NULL. This fixes a panic that occurs when one
tries to bind a port that was previously binded with remaining TIME_WAIT
sockets.
|
| | |
|
