![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / net
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: jruoho-x86intr
Revision 1.27.2.1 / (download) - annotate - [select for diffs], Mon Jun 6 09:09:53 2011 UTC (12 years, 10 months ago) by jruoho
Branch: jruoho-x86intr
Changes since 1.27: +11 -3
lines
Diff to previous 1.27 (colored) next main 1.28 (colored)
Sync with HEAD.
Revision 1.27 / (download) - annotate - [select for diffs], Sun Sep 5 06:52:53 2010 UTC (13 years, 7 months ago) by spz
Branch: MAIN
CVS Tags: yamt-nfs-mp-base11,
uebayasi-xip-base4,
uebayasi-xip-base3,
matt-mips64-premerge-20101231,
jruoho-x86intr-base,
bouyer-quota2-nbase,
bouyer-quota2-base,
bouyer-quota2
Branch point for: jruoho-x86intr
Changes since 1.26: +6 -4
lines
Diff to previous 1.26 (colored)
fix two bugs in the PFKEY interface: 1) RFC2367 says in 2.3.3 Address Extension: "All non-address information in the sockaddrs, such as sin_zero for AF_INET sockaddrs, and sin6_flowinfo for AF_INET6 sockaddrs, MUST be zeroed out." the IPSEC_NAT_T code was expecting the port information it needs to be conveyed in the sockaddr instead of exclusively by SADB_X_EXT_NAT_T_SPORT and SADB_X_EXT_NAT_T_DPORT, and was not zeroing out the port information in the non-nat-traversal case. Since it was expecting the port information to reside in the sockaddr it could get away with (re)setting the ports after starting to use them. -> Set the natt ports before setting the SA mature. 2) RFC3947 has two Original Address fields, initiator and responder, so we need SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR and not just SADB_X_EXT_NAT_T_OA The change has been created using vanhu's patch for FreeBSD as reference. Note that establishing actual nat-t sessions has not yet been tested. Likely fixes the following: PR bin/41757 PR net/42592 PR net/42606