Commit Graph

217 Commits

Author SHA1 Message Date
rwatson
1bd16d78e2 Introduce support for Mandatory Access Control and extensible
kernel access control.

When generating nd6 output on an interface, label the packet
appropriately.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-02 20:49:14 +00:00
ume
39f0e5c176 correct comment for setsockopt arg size.
Reported by:	Martin Laabs <martin@martin.erfurt.thur.de>
Obtained from:	KAME
MFC after:	1 week
2002-07-25 20:40:09 +00:00
ume
e96d7f2205 cleanup usage of ip6_mapped_addr_on and ip6_v6only. now,
ip6_mapped_addr_on is unified into ip6_v6only.

MFC after:	1 week
2002-07-25 17:40:45 +00:00
ume
afcf651cf8 Change the default setting of an IPv4-mapped IPv6 address to off.
Requested by:	many people
2002-07-25 15:44:01 +00:00
ume
ed0d6e9ce4 make sure to set/unset INP_IPV4 according to a value
of IN6P_IPV6_V6ONLY

Reviewed by:	Keiichi SHIMA <keiichi@iij.ad.jp>
2002-07-24 19:19:53 +00:00
ume
cd3f29ae66 do not refer to IN6P_BINDV6ONLY anymore.
Obtained from:	KAME
MFC after:	1 week
2002-07-22 15:51:02 +00:00
ume
881112a66c sin6_len is not an address family. I believe this doesn't
break compatibility with POSIX.1-2001.
2002-07-22 15:13:55 +00:00
ume
68bf681e90 fixed to make mbuf chain.
Obtained from:	KAME
MFC after:	1 week
2002-07-18 04:18:56 +00:00
ume
fd0b2bb03e - fixed a bug that we can't send a packet to ipv4mapped ipv6 address
using a udp6 socket without bind(2)ing.
- fbsd4/430 reported from the FreeBSD team.
- this fix is different from the fix reported in the above PR.  i think
  this better, but we need some test.

Obtained from:	KAME
MFC after:	3 weeks
2002-07-15 19:25:46 +00:00
hsu
abda76de0b Notify functions can destroy the pcb, so they have to return an
indication of whether this happenned so the calling function
knows whether or not to unlock the pcb.

Submitted by:	Jennifer Yang (yangjihui@yahoo.com)
Bug reported by:  Sid Carter (sidcarter@symonds.net)
2002-06-14 08:35:21 +00:00
hsu
561391ed94 As a stop-gap measure, add one INP_LOCK_DESTROY() to in6_pcbdetach() to
get kernel compiled with INET6 to boot.
2002-06-12 06:01:22 +00:00
hsu
cd25d4648f Lock up inpcb.
Submitted by:	Jennifer Yang <yangjihui@yahoo.com>
2002-06-10 20:05:46 +00:00
ume
21239aacf9 __FreeBSD__ is not a compiler constant. We must use
__FreeBSD_version here.

Submitted by:	rwatson
2002-05-31 17:56:45 +00:00
tanimura
e6fa9b9e92 Back out my lats commit of locking down a socket, it conflicts with hsu's work.
Requested by:	hsu
2002-05-31 11:52:35 +00:00
mike
b0b9b58ef8 o Conditionalize sections for POSIX.1-2001 compatibility.
o Use POSIX spelling for types, where possible.
o Define size_t in the __BSD_VISIBLE case (this isn't really needed
  for standards conformance, but follows the tradition of not
  requiring <sys/types.h> as a prerequisite).
o Use _BYTE_ORDER and friends instead of BYTE_ORDER and friends, since
  there may not be enough pollution in order for the latter to work.
o Add an XXX note about the missing IPPROTO_IPV6 macro.
2002-05-23 18:48:27 +00:00
tanimura
92d8381dd5 Lock down a socket, milestone 1.
o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a
  socket buffer. The mutex in the receive buffer also protects the data
  in struct socket.

o Determine the lock strategy for each members in struct socket.

o Lock down the following members:

  - so_count
  - so_options
  - so_linger
  - so_state

o Remove *_locked() socket APIs.  Make the following socket APIs
  touching the members above now require a locked socket:

 - sodisconnect()
 - soisconnected()
 - soisconnecting()
 - soisdisconnected()
 - soisdisconnecting()
 - sofree()
 - soref()
 - sorele()
 - sorwakeup()
 - sotryfree()
 - sowakeup()
 - sowwakeup()

Reviewed by:	alfred
2002-05-20 05:41:09 +00:00
ume
231bd65333 Recent zlib does not like Z_FLUSH at the end of inflate().
Reported by:	quak@mydiax.ch
Obtained from:	KAME
MFC after:	2 days
		and approved by re
2002-05-12 14:12:30 +00:00
ume
0dc033806b Revised MLD-related definitions
- Used mld_xxx and MLD_xxx instead of mld6_xxx and MLD6_xxx according
  to the official defintions in rfc2292bis
  (macro definitions for backward compatibility were provided)
- Changed the first member of mld_hdr{} from mld_hdr to mld_icmp6_hdr
  to avoid name space conflict in C++

This change makes ports/net/pchar compilable again under -CURRENT.

Obtained from:	KAME
2002-05-06 16:28:25 +00:00
tanimura
89ec521d91 Revert the change of #includes in sys/filedesc.h and sys/socketvar.h.
Requested by:	bde

Since locking sigio_lock is usually followed by calling pgsigio(),
move the declaration of sigio_lock and the definitions of SIGIO_*() to
sys/signalvar.h.

While I am here, sort include files alphabetically, where possible.
2002-04-30 01:54:54 +00:00
ume
d2b734fd1e Correct timer management (deprecated) in nd6_timer.
Obtained from:	KAME
MFC after:	3 days
2002-04-24 19:09:48 +00:00
suz
553226e8e1 just merged cosmetic changes from KAME to ease sync between KAME and FreeBSD.
(based on freebsd4-snap-20020128)

Reviewed by:	ume
MFC after:	1 week
2002-04-19 04:46:24 +00:00
mike
4100d7ad0f Unconditionalize the definition of INET_ADDRSTRLEN and
INET6_ADDRSTRLEN.  Doing this helps expose bogus redefinitions in 3rd
party software.
2002-04-10 11:59:02 +00:00
mdodd
ec999f8323 Use <net/fddi.h> rather than <netinet/if_fddi.h>. 2002-04-06 03:21:46 +00:00
jhb
db9aa81e23 Change callers of mtx_init() to pass in an appropriate lock type name. In
most cases NULL is passed, but in some cases such as network driver locks
(which use the MTX_NETWORK_LOCK macro) and UMA zone locks, a name is used.

Tested on:	i386, alpha, sparc64
2002-04-04 21:03:38 +00:00
jhb
dc2e474f79 Change the suser() API to take advantage of td_ucred as well as do a
general cleanup of the API.  The entire API now consists of two functions
similar to the pre-KSE API.  The suser() function takes a thread pointer
as its only argument.  The td_ucred member of this thread must be valid
so the only valid thread pointers are curthread and a few kernel threads
such as thread0.  The suser_cred() function takes a pointer to a struct
ucred as its first argument and an integer flag as its second argument.
The flag is currently only used for the PRISON_ROOT flag.

Discussed on:	smp@
2002-04-01 21:31:13 +00:00
ume
4d5783c847 In nd6_lookup(), check if rt_llinfo is non-NULL to avoid returning an
entry that has the LLINFO flag but is not a neighbor cache entry.

Obtained from:	KAME
MFC after:	1 week
2002-04-01 15:15:05 +00:00
ume
1787e9ff8d Fix cached route problem.
Submitted by:	Keiichi SHIMA <keiichi@iij.ad.jp> (KAME)
Reviewed by:	JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp> (KAME)
MFC after:	1 week
2002-03-29 15:42:44 +00:00
ume
3154e5831a double m_free() - not critical. from niklas@openbsd
Obtained from:	KAME
MFC after:	1 week
2002-03-29 05:14:58 +00:00
ume
31c9c349f8 Corrected arguments to key_allocsa called from
{esp6, ah6}_ctlinput.  Previous ones were uninitialized
auto variables, which were completely bogus.

Obtained from:	KAME
MFC after:	1 week
2002-03-25 10:46:24 +00:00
ume
37ae60983d 3rd arg to bcmp() was wrong. From: David Wang <dsw@juniper.net>
Obtained from:	KAME
MFC after:	1 week
2002-03-25 10:12:51 +00:00
jeff
3a6f53adc7 Remove references to vm_zone.h and switch over to the new uma API. 2002-03-20 08:03:54 +00:00
peter
5a70574f9c Pacify gcc-3.1. 2002-03-19 23:26:37 +00:00
alfred
f7f2a5dc47 Remove duplicate extern declarations to silence warnings. 2002-03-19 19:45:41 +00:00
darrenr
e8d1f239b7 put an extern for ip6_protox in here where it is only used for kernel compiling 2002-03-19 15:01:21 +00:00
darrenr
5d8547e590 put an extern for inet6sw in here and make it active only for kernel compiling 2002-03-19 14:56:59 +00:00
mike
b9910027dd o Add INET_ADDRSTRLEN and INET6_ADDRSTRLEN defines to <arpa/inet.h>
for POSIX.1-2001 conformance.
o Add magic to <netinet/in.h> and <netinet6/in6.h> to prevent
  redefining INET_ADDRSTRLEN and INET6_ADDRSTRLEN.
o Add a note about missing typedefs in <arpa/inet.h>.
2002-03-10 06:42:27 +00:00
ume
981ea9e4ae - use des_ecb3_encrypt().
- style: added spaces after /* and before */

Obtained from:	KAME
MFC after:	2 weeks
2002-03-05 21:12:41 +00:00
ume
e0782fc24b Oops, now, encription and decription are separate function.
MFC after:	2 weeks
2002-03-05 20:32:49 +00:00
ume
92361f6aad - Speedup 3DES by using assembly code for i386.
- Sync des/blowfish to more recent openssl.

Obtained from:	KAME/NetBSD
MFC after:	2 weeks
2002-03-05 09:19:02 +00:00
ume
7bf004382f - In nd6_rtrequest(), ignored a route when it is created by cloning and
is not a neighbor.  see comments for the detailed reason.

- Rejected the process of nd6_rtrequest() when the request is RESOLVE and
the interface does not need neighbor caches.

Obtained from:	KAME
MFC After:	1 week
2002-02-28 17:05:46 +00:00
peter
dfc212c6f1 Fix another boatload of warnings (missing include) and a cosmetic
-Wuninitialized warning.
2002-02-28 00:14:04 +00:00
dd
c8a6bd9922 Introduce a version field to `struct xucred' in place of one of the
spares (the size of the field was changed from u_short to u_int to
reflect what it really ends up being).  Accordingly, change users of
xucred to set and check this field as appropriate.  In the kernel,
this is being done inside the new cru2x() routine which takes a
`struct ucred' and fills out a `struct xucred' according to the
former.  This also has the pleasant sideaffect of removing some
duplicate code.

Reviewed by:	rwatson
2002-02-27 04:45:37 +00:00
alfred
9da4687481 Fix warnings caused by discarding const.
Hairy Eyeball At: peter
2002-02-27 02:44:45 +00:00
brooks
1187176183 Fix warnings in the gif(4) driver so it compiles with -Werror. 2002-02-26 20:11:33 +00:00
mike
bcee06d42c o Move NTOHL() and associated macros into <sys/param.h>. These are
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
  source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
  Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
  POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
  and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
  complexities associated with having MD (asm and inline) versions, and
  having to prevent exposure of these functions in other headers that
  happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
  third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.

Tested on:	alpha, i386
Reviewed by:	bde, jake, tmm
2002-02-18 20:35:27 +00:00
ume
4c31b56dc6 Corrected an argument to in6_pcbnotify().
Obtained from:	KAME
MFC after:	1 week
2002-02-04 17:40:36 +00:00
ume
ab65ed6b0b - Check the address family of a cached destination, in case of
sharing the cache with IPv4.
- Check if the cached route is up in in6_selectsrc().

Obtained from:	KAME
2002-01-21 20:02:36 +00:00
msmith
ea9c5a8d4c Initialise the intrq_present fields at runtime, not link time. This allows
us to load protocols at runtime, and avoids the use of common variables.

Also fix the ip6_intrq assignment so that it works at all.
2002-01-08 10:34:03 +00:00
msmith
2b4f430bb7 Staticise the fw chain. 2002-01-08 10:30:55 +00:00
sumikawa
21cf34e4e5 Back out cometic changes. This is for easily syncing with KAME in other BSDs. 2001-12-17 18:13:12 +00:00