JINMEI Tatuya [Mon, 14 May 2007 17:56:13 +0000 (17:56 +0000)]
handle IPv6 router alert option contained in an incoming packet per
option value so that unrecognized options are ignored as specified in RFC2711.
(packets containing an MLD router alert option are passed to the upper layer
as before).
Backout revisions 1.16-1.14.
Backwards compatibility with the new acct(5) format will be
implemented through the explicit versioning of acct records,
not through an export/import procedure.
Colin Percival [Mon, 14 May 2007 05:00:37 +0000 (05:00 +0000)]
Use unsigned comparisons. Prior to this commit, SHA1_Update and
RIPEMD160_Update were broken when all of the following conditions
applied:
(1) The platform is i386.
(2) The program calling *_Update is statically linked to libmd.
(3) The buffer provided to *_Update is aligned modulo 4 bytes.
(4) The buffer extends beyond 2GB.
Due to the design of this code, SHA1_Update and RIPEMD160_Update will
still be broken if conditions (1)-(3) apply AND the buffer extends
beyond 4GB (i.e., there is an integer overflow in computing "data + len").
Since this remaining bug simply replaces SIGSEGV with a bogus hash (and
non-broken programs should never provide such operands) I don't consider
it to be a serious problem.
Daniel Eischen [Sun, 13 May 2007 14:12:40 +0000 (14:12 +0000)]
Enable symbol versioning by default. Use WITHOUT_SYMVER to disable it.
Warning, after symbol versioning is enabled, going back is not easy
(use WITHOUT_SYMVER at your own risk).
Change the default thread library to libthr.
There most likely still needs to be a version bump for at least the
thread libraries. If necessary, this will happen later.
Robert Watson [Sun, 13 May 2007 13:57:45 +0000 (13:57 +0000)]
Add and document ether_ntoa_r() and ether_aton_r() functions, which accept
passed storage buffers rather than using static storage. Reimplement
ether_ntoa() and ether_aton() in terms of these functions. These variants
are thread-safe.
Bump config(8) version and build requirement for config(8) to 600006. This
is caused by my latest changes to config(8). You're supposed to install new
config(8) in order to prevent yourself from seeing a warning about old
version of that tool.
You should configure the kernel with a new config(8) then.
Remember about tricky cases, where options contain unfriendly characters,
from the ANSI-C string point of view ('"' in this case). The x09 build
breakage was caused by SC_CUT_SEPCHARS options.
I did test this patch number of times; each time unprofessionally and
inappropriately.
This change will let us to have full configuration of a running kernel
available in sysctl:
sysctl -b kern.conftxt
The same configuration is also contained within the kernel image. It can be
obtained with:
config -x <kernelfile>
Current functionality lets you to quickly recover kernel configuration, by
simply redirecting output from commands presented above and starting kernel
build procedure. "include" statements are also honored, which means options
and devices from included files are also included.
Please note that comments from configuration files are not preserved by
default. In order to preserve them, you can use -C flag for config(8). This
will bring configuration file and included files literally; however,
redirection to a file no longer works directly.
This commit was followed by discussion, that took place on freebsd-current@.
For more details, look here:
Alexander Motin [Fri, 11 May 2007 14:36:02 +0000 (14:36 +0000)]
Performance optimization of the "encryption without compression" case by
avoiding memory allocation and data copying.
Encrypting directly at the original mbuf chain.
Robert Watson [Fri, 11 May 2007 12:10:45 +0000 (12:10 +0000)]
Clarify and update quite a few comments to reflect locking optimizations,
the addition of unpcb refcounts, and bug fixes. Some of these fixes are
appropriate for MFC.
strlcpy() may be faster than snprintf(), but it is less portable, and this
is not performance critical code anyway. Also, avoid using strlen() to
obtain information which we already have.
Robert Watson [Fri, 11 May 2007 10:20:51 +0000 (10:20 +0000)]
Reduce network stack oddness: implement .pru_sockaddr and .pru_peeraddr
protocol entry points using functions named proto_getsockaddr and
proto_getpeeraddr rather than proto_setsockaddr and proto_setpeeraddr.
While it's true that sockaddrs are allocated and set, the net effect is
to retrieve (get) the socket address or peer address from a socket, not
set it, so align names to that intent.
Robert Watson [Fri, 11 May 2007 09:54:53 +0000 (09:54 +0000)]
Remove unneeded wrappers for in_setsockaddr() and in_setpeeraddr(), which
used to exist so pcbinfo locks could be acquired, but are no longer
required as a result of socket/pcb reference model refinements.
Andre Oppermann [Thu, 10 May 2007 23:11:29 +0000 (23:11 +0000)]
Fix an incorrect replace of a timer reference made during the TCP timer
rewrite in rev. 1.132. This unmasked yet another bug that causes certain
connections to get indefinately stuck in LAST_ACK state.
Scott Long [Thu, 10 May 2007 15:36:58 +0000 (15:36 +0000)]
The version string scheme embeds the freebsd major release version,
something that I wasn't aware of with the last import. Adjust the
string accordingly for 7-CURRENT.