			CHANGELOG for KAME kit
$KAME: CHANGELOG,v 1.2796 2005/08/25 07:46:13 jinmei Exp $

<200508>
Thu Aug 25 14:21:44 JST 2005	keiichi@iijlab.net
	* kame/sys/net/pfkeyv2.h,kame/sys/netinet6/ipsec.c,
	  kame/sys/netkey/key,c,key.h,key_debug.c
	- added SADB_X_PACKET message type to deliver the information
	  of triggering packet of IKE negotiation when sending a
	  KEY_ACQUIRE message.  This change should not cause any
	  binary compatibility issues, but if you found any, let us
	  know.

	  Great thanks to Francis Dupont for this extension.

2005-08-10  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/ip6_mroute.c: fixed a kernel crash at the 
	  start-up time of an IPv6 multicast program (pim6[sd]d, mfc)

2005-08-02  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sys/netinet/igmp.c: fixed a kernel crash due to a 
	  IN_MULTI locking failure.  supports IN_MULTI locking in igmpv3

<200507>
2005-07-29  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/*: 
	- introduced a fine-grain-locking for interface-address list and 
	  in_multi list.
	- use malloc() with M_NOWAIT when joining a multicast group in layer2,
	  drivers.  Error handling routine is also added when malloc() fails.
	  This is to prevent unnecessary locking failure. (e.g. nd-proxy)
	Obtained from: freebsd-net
	ToDo: support it on IGMPv3

2005-07-26  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/{in6_msf.c, in6_var.c, mldv2.c, ip6_output.c}:
	ports some MLDv1 enhancements into MLDv2.
	- use callout timer mechanism for protocol timer
	- impose a random delay (when necessary) according to rfc2462bis

2005-07-26  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/route6d: route6d now does not care about the kernel
	internal form for scoped addresses at all.  In particular, it can
	transparently specify the source of a RIPng response as a gateway
	address through the routing socket.

2005-07-26  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* netbsd/openbsd: applied the same changes for routing sockets as
	those for FreeBSD (see the next entry).

2005-07-23  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* freebsd5/sys/net/rtsock.c: added support for IPv6 scoped
	  addresses for routing sockets:
	- route_output() now accepts IPv6 addresses with non-0
	  sin6_scope_id field and converts those into the kernel internal
	  form.
	- rt_msg[12]() recovers the embedded scope zone ID and set the
	  sin6_scope_id field appropriately.
	* freebsd5/sbin/{ifconfig,route}: got rid of ugly (but still
	incomplete) special cases for IPv6 link-local addresses thanks to
	this change.

2005-07-22  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sys/fs/devfs/devfs_vnops.c: 
	  FreeBSD Security Advisory FreeBSD-SA-05:17.devfs

2005-07-22  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/dhcp6: fixed memory leak for renew/rebind event data.
	(KAME PR 872 reported by Meng Huan Hsieh)

2005-07-22  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/sys/netinet6/in6_src.c: allowed an application to send a
	packet to a scoped address without explicitly disambiguating the
	scope zone but with specifying the outgoing interface.  It's a bad
	practice and should be discouraged, but such code has been spread,
	unfortunately.

2005-07-16  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/sys/netinet6/ip6_output.c (ip6_output): do not send
	ctlinput notification unconditionally when an outgoing packet is
	larger than the link MTU.  From FreeBSD.

2005-07-15  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/ah_aesxcbcmac.c: fixed an 
	interoperability problem in AES-XCBC-MAC96.
	(encryption was always done with the same key)

	Submitted from: Yukiyo Akisada <akisada@64translator.com>
	
2005-07-14  SUZUKI, Shinsuke <suz@kame.net>
	* kame/kame/pim6sd/{cfparse.y, cftoken.l, pim6sd.conf.5, 
	  routesock.c, routesock.h}: implemented a static MRIB
	  for RPF calculation.

Wed Jul 13 20:26:31 JST 2005	keiichi@iijlab.net
	* kame/kame/ndp/ndp.c
	fixed the proxy directive to work properly.

2005-07-04  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sys/netinet/ip_fw2.c
	  FreeBSD Security Advisory FreeBSD-SA-05:13.ipfw
	* freebsd5/sys/netinet/{tcp_input.c, tcp_var.h}:
	  FreeBSD Security Advisory FreeBSD-SA-05:15.tcp

<200506>
2005-06-22  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* freebsd5/sys/netinet6/in6_pcb.c (init_sin6): corrected argument
	to sa6_recoverscope().  The previous code since June 17th's change
	could modify invalid memory space (while the possibility should be
	very rare) so upgrading is necessary.

2005-06-20  NISHIDA, Yoshifumi <nishida@csl.sony.co.jp>
    * kame/sys/netinet/dccp.h kame/sys/netinet/dccp_tcplike.c
      kame/sys/netinet/dccp_tcplike.h kame/sys/netinet/dccp_usrreq.c
      kame/sys/netinet/dccp_var.h kame/sys/netinet6/dccp6_usrreq.c: 
	preliminary update to conform to the draft-ietf-dccp-spec-11.txt

2005-06-20  Tsuyoshi MOMOSE  <momose@az.jp.nec.com>
	* kame/sys/netinet6/nd6.c: Units of comparison to determine default
	router expiration are mismateched. This problem was reported and
	modified by Alan Chang <ccchang@zyxel.com.tw>.

2005-06-17  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/sys/netinet6/in6_ifattach.c (in6_ifattach): do not
	auto-configure link-local addresses on loopback or PPP interfaces.
	The latter is based on a comment from Francis Dupont.

2005-06-17  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/sys/netinet6/nd6.c (nd6_need_cache): perform NUD on PPP
	interfaces.

2005-06-17  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* {kame,*bsd}/sys/(various files): revised scope-related
	interfaces, clarifying the relationship between the
	kernel-internal form and the public sockaddr_in6 form.  Details
	are described in kame/IMPLEMENTATION.  External behavior basically
	should not change, although several bugs in minor cases were also
	fixed with the clarification.  Some scope-related functions were
	deprecated.

2005-06-08  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/nd6.c: fixed a bug that some of the subcommands
	 in 'ndp -i ..' command does not work (e.g. accept_rtadv, nud)

2005-06-06  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sys/netinet6/mldv2.c: send a Multicast-Listener-Done
	message when stop listening to a group. 
	(this fix is necessary if MLDv2 is enabled in kernel and 
	net.inet6.icmp6.mld_version is set to 1)

<200505>
Wed May 25 12:20:25 JST 2005	keiichi@iijlab.net
	* kame/kame/shisa: now shisa daemons uses configuration files
	instead of command line options.  please check sample
	configuratoin files located in the shisa directory.

2005-05-21  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/sys/netinet6/in6.c (in6_if2idlen): supported IFT_PPP.

2005-05-19  SUZUKI, Shinsuke <suz@kame.net>
	* (freebsd5|netbsd)/sys/sys/sockio.h: assign the same ioctl number 
	to MSF-API-related ioctls among all *BSDs (to keep binary 
	compatibilities as much as possible)

2005-05-14  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/libinet6/getaddrinfo.c (matchlen): corrected a wrong
	cast from sockaddr_in to sockaddr_in6.

2005-05-13  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5: sync with 5.4-RELEASE (it includes a fix for
	the FreeBSD Security Advisory FreeBSD-SA-05:06-09)
	
2005-05-03  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/dhcp6/dhcp6c_ia.c (ia_timo): kept the latest server's
	DUID even in the REBIND state in case of sending a Release message
	in that state.

2005-05-03  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/dhcp6/cfparse.y: corrected "address parameters" so
	that we don't have to specify the meaningless (but mandatory)
	prefix length in the context of IA_NA.

2005-05-03  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/dhcp6/config.c (configure_commit): made sure that
	interface parameters are initialized with the default values even
	if the interface is not explicitly configured in the configuration
	file.  This particularly made sure that the preference option is
	not included unless explicitly specified.  A memory leakage for
	the client when specifying a script file was also fixed.

<200504>
2005-04-29  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/dhcp6/dhcp6c.c (client6_mainloop): corrected error
	handling for select(2) in order to avoid unexpected blocking when
	receiving a signal.

Thu Apr 28 16:12:38 JST 2005 sakane@tanu.org
	* freebsd[45]/usr.sbin/Makefile,netbsd/usr.sbin/Makefile:
	racoon was removed from the make list.

2005-04-28  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sbin/ip6fw: stop including ip6fw in SNAP, since FreeBSD's
	ip6fw is enough (KAME's ip6fw does not have any function different 
	from ip6fw)

2005-04-27  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/sys/netinet6/in6.c (in6_update_ifa): always updated
	ia6_updatetime regardless of whether the address is created or
	updated.  This is necessary so that the expiration times will be
	updated	correctly when the lifetiems of an existing address are
	modified by hand or by a process such as a DHCPv6 client.

2005-04-26  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/dhcp6/addrconf.c (na_ifaddrconf): corrected lifetime
	arguments to ifaddrconf().

2005-04-23  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/in6_rmx.c, in6_ifattach.c: fixed a kernel crash
	by a lock-order-reversal in freebsd5

2005-04-20  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sys/net/if.c: FreeBSD Security Advisory
	 FreeBSD-SA-05:04.ifconf

2005-04-19  SUZUKI, Shinsuke <suz@kame.net>
	* *bsd/sys/netinet/igmp.c, igmp_var.h, in.[ch], ip_output.c,
	  kame/sys/netient/in_msf.c: 
	  IGMPv3 treats 224.0.0.x(x!=1) as a normal IPv4 multicast address,
	  as specified in RFC3766.

	* openbsd/sys/netinet/in.c, in_var.h, ip_output.c,
	* netbsd/sys/netinet/igmp.c, igmp_var.h, in.c, in_pcb.c, in_var.h,
	  ip_output.c: reflect the following MLDv2 changes into the 
	  NetBSD/OpenBSD's IGMPv3 implementation.
	- fixs a kernel crash by an IGMPv3 Query (2005-01-01)
	- retransmits IGMPv3 report RobustnessVariable times (2004-12-31)
	- corrects an IGMP-query handling when MaxResponseCode=0 (2004-12-27)
	- introduces a sysctl option to force IGMP version (2004-07-09)
	- renames IGMPv3-ready in_multi{} manipulation functions (2004-02-05)

	* freebsd5/sys/netinet/igmp.c: fixed a kernel crash by an IGMP packet
	(a bug introduced in the change at 2005-04-14)

2005-04-18  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sys/netinet/igmp.c, in.c, ip_output.c,
	  kame/sys/netinet/in_msf.c: fixed the byte order of an IPv4 address 
	  for IN_XXX macros (freebsd-only)

2005-04-14  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet/in_msf.c freebsd5/contrib/pf/net/if_pfsync.c,
	  freebsd5/sys/netinet/igmp.c, igmp_var.h, in.c, in_pcb.c, in_var.h,
	  ip_output.c: reflect the following MLDv2 changes into the FreeBSD5's
	  IGMPv3 implementation.
	- fixs a kernel crash by an IGMPv3 Query (2005-01-01)
	- retransmits IGMPv3 report RobustnessVariable times (2004-12-31)
	- corrects an IGMP-query handling when MaxResponseCode=0 (2004-12-27)
	- introduces a sysctl option to force IGMP version (2004-07-09)
	- renames IGMPv3-ready in_multi{} manipulation functions (2004-02-05)

	* freebsd5/sys/netinet/ip_output.c: specifies spl()s as done in 
	  original FreeBSD5

	* kame/*: remove freebsd[234]-specific code, since they are no longer
	  supported in KAME-SNAP

2005-04-05  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sys/ufs/ffs/ffs_inode.c: FreeBSD Security Advisory
	 FreeBSD-SA-05:02.sendfile

2005-04-04  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/nd6.c: when the number of the packets queued in
	  a NDP cache exceed the limit, discard the oldest packet, 
	  as specified in RFC2461 7.2.2.

2005-04-01  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet/icmp6.h, kame/sys/netinet6/icmp6.c, nd6.c: limits 
	the number of unresolved packets stored in a NDP cache.
	(To prevent a DoS attack using 2005-01-21's change)

2005-04-01  SUZUKI, Shinsuke <suz@kame.net>
	* kame/kame/rtadvd/configc, rtadvd.[ch]: reflect router-variables
	in RA configuration into host-variables in kernel.

<200503>
2005-03-30  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/kame/dhcp6/addrconf.c (update_address): make sure that
	the lifetimes of addresses are updated when the client receives a
	Reply in response to Renew or Rebind.

2005-03-23  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/net/if_ist.c: added a sanity check for the IPv4 address 
	  embedded in the configured IPv6 address

2005-03-18  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/in6.c, in6_var.h, in6_proto.c, ip6_input.c,
	  ip6_mroute.c: added a knob to enable path MTU discovery for 
	  multicast packets. (by default, it is disabled)

2005-03-14  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/ip6_output.c: fixed a kernel crash due to a LOR
	by a multicast-group join without specifying any receiving interface.

2005-03-14  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/in6.c, in6_var.h, nd6.c: introduced an ioctl option
	 to configure IPv6 host variables from userland.   (intented for a use 
	 on router to reflect RA parameter to kernel)
	* kame/kame/ndp/ndp.c: added a knob to kick this ioctl.
	
2005-03-08  SUZUKI, Shinsuke <suz@kame.net>
	* freebsd5/sys/kern/uipc_socket.c, freebsd5/sys/kern/uipc_syscalls.c,
	  freebsd5/kern/socket.h
	  makes SCTP compilable on FreeBSD5

Tue Mar  8 05:31:52 JST 2005
	* kame/kame/racoon/isakmp.c:
	one of buffer overrun problem was fixed.  from ipsec-tools team.

Mon Mar  6 2005  itojun@iijlab.net
	* kame/sys/netinet{,6}/sctp*: new patch from randall

2005-03-02  SUZUKI, Shinsuke <suz@kame.net>
	* kame/kame/dhcp6/dhcp6.c: fixed a DHCPv6-client 
	  initialization failure when a node has no IPv6 global address.

2005-03-02  SUZUKI, Shinsuke <suz@kame.net>
	* kame/kame/dhcp6/dhcp6relay.[c8]: supports multiple client-side 
	  interfaces

2005-03-02  SUZUKI, Shinsuke <suz@kame.net>
	* kame/sys/netinet6/ip6_output.c: fixed a freebsd5 kernel crash when
	  WITNESS debug option is enabled

2005-03-01  ryuji <ryuji@sfc.wide.ad.jp>
	* "mdd" is replaced by "babymdd". please see man page for details.

2005-03-01  SUZUKI, Shinsuke <suz@kame.net>
	* integrated dhcp6lc functionality into dhcp6c ('i' option)

<200502>
2005-02-28  Tsuyoshi MOMOSE  <momose@az.jp.nec.com>
	* kame/sys/net/mipsock.c, kame/kame/shisad/mnd.c: Fixed word alignment
	problems.

2005-02-22  SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
	* kame/sys/net/pf.c, freebsd5/sys/contrib/pf/net/pf.c: fixed a bug that
	  PF discards every packet with option headers.

	  Reported by: Stig Venaas

2005-02-22  SUZUKI, Shinsuke <suz@crl.hitachi.co.jp>
	* kame/sys/netinet6/ip6_input.c: fixed PF malfunction for inbound
	  IPv6 traffic on freebsd5.

2005-02-15  JINMEI, Tatuya  <jinmei@isl.rdc.toshiba.co.jp>
	* kame/sys/netinet6/ipsec.c: (ipsec[46]_in_reject): fixed
	unexpected panic on freebsd5.

Mon Feb  7 12:02:16 JST 2005	keiichi@iijlab.net
	* freebsd4: Upgrade to 4.11-RELEASE

<200501>
2005-01-31  Tsuyoshi MOMOSE  <momose@az.jp.nec.com>
	* kame/sys/netinet6/mip6.c: stop proxy ND on a home agent when 
	the home agent daemon was terminated.
	This problem was found by Christian Vogt<chvogt@tm.uka.de>.

2005-01-23  suz@crl.hitachi.co.jp
	* kame/sys/netinet6/nd6.h: fixed an IPv6 packet output failure 
	  when an ICMPv6 Redirect message announces that the destination
	  is onlink in prior to the packet output.

2005-01-21  suz@crl.hitachi.co.jp
	* kame/sys/netinet6/{nd6.c, nd6_nbr.c}: fixed a loss of fragmented 
	  packets when the corresponding NDP state is not resolved.

2005-01-17  suz@crl.hitachi.co.jp
	* kame/sys/netinet6/icmp6.c: ignores ICMPv6 code field in case of 
	  ICMPv6 Packet-Too-Big.

2005-01-15  suz@crl.hitachi.co.jp
	* kame/sys/netinet6/ip6_output: fixed a path MTU discovery failure 
	  on FreeBSD5.

2005-01-15  suz@crl.hitachi.co.jp
	* kame/sys/netinet6/icmp6.c: fixed an ICMPv6 Redirect message corruption

2005-01-12  suz@crl.hitachi.co.jp
	* kame/kame/dhcp6: implemented stateful non-temporary address 
	  assignment.

2005-01-10  suz@crl.hitachi.co.jp
	* kame/sys/netkey/key.c: fixed an unexpected addr/port matching failure
	  in SA management.

2005-01-07  suz@crl.hitachi.co.jp
	* kame/sys/netinet6/{udp6_var.h, udp6_usrreq.c}: fixed a NetBSD
	  kernel crash by referring to an uninitialized variable.

Wed Jan  5 07:58:00 UTC 2005  itojun@iijlab.net
	* switch NetBSD base version to 2.0.  todo: dccp, sctp, pf, altq

2005-01-01  suz@crl.hitachi.co.jp
	* kame/sys/netinet6/mldv2.c: fixed a kernel crash by an MLDv2
	  Query (Multicast Address and Source Specific Query).
