source-changes: CVS commit: [netbsd-4] src/sys

Subject: CVS commit: [netbsd-4] src/sys
To: None <source-changes@NetBSD.org>
From: Pavel Cahyna <pavel@netbsd.org>
List: source-changes
Date: 05/24/2007 19:13:17
Module Name:	src
Committed By:	pavel
Date:		Thu May 24 19:13:17 UTC 2007

Modified Files:
	src/sys/netinet [netbsd-4]: tcp_input.c tcp_output.c tcp_subr.c
	src/sys/netinet6 [netbsd-4]: icmp6.c in6_proto.c ip6_forward.c
	    ip6_input.c ip6_output.c raw_ip6.c
	src/sys/netipsec [netbsd-4]: ipcomp_var.h ipsec.c ipsec6.h
	    ipsec_input.c ipsec_netbsd.c ipsec_output.c key.c xform_ipcomp.c
	    xform_ipip.c
	src/sys/opencrypto [netbsd-4]: deflate.c

Log Message:
Pull up following revision(s) (requested by degroote in ticket #667):
	sys/netinet/tcp_input.c: revision 1.260
	sys/netinet/tcp_output.c: revision 1.154
	sys/netinet/tcp_subr.c: revision 1.210
	sys/netinet6/icmp6.c: revision 1.129
	sys/netinet6/in6_proto.c: revision 1.70
	sys/netinet6/ip6_forward.c: revision 1.54
	sys/netinet6/ip6_input.c: revision 1.94
	sys/netinet6/ip6_output.c: revision 1.114
	sys/netinet6/raw_ip6.c: revision 1.81
	sys/netipsec/ipcomp_var.h: revision 1.4
	sys/netipsec/ipsec.c: revision 1.26 via patch,1.31-1.32
	sys/netipsec/ipsec6.h: revision 1.5
	sys/netipsec/ipsec_input.c: revision 1.14
	sys/netipsec/ipsec_netbsd.c: revision 1.18,1.26
	sys/netipsec/ipsec_output.c: revision 1.21 via patch
	sys/netipsec/key.c: revision 1.33,1.44
	sys/netipsec/xform_ipcomp.c: revision 1.9
	sys/netipsec/xform_ipip.c: revision 1.15
	sys/opencrypto/deflate.c: revision 1.8
Commit my SoC work
Add ipv6 support for fast_ipsec
Note that currently, packet with extensions headers are not correctly
supported
Change the ipcomp logic

Add sysctl tree to modify the fast_ipsec options related to ipv6. Similar
to the sysctl kame interface.

Choose the good default policy, depending of the adress family of the
desired policy

Increase the refcount for the default ipv6 policy so nobody can reclaim it

Always compute the sp index even if we don't have any sp in spd. It will
let us to choose the right default policy (based on the adress family
requested).
While here, fix an error message

Use dynamic array instead of an static array to decompress. It lets us to
decompress any data, whatever is the radio decompressed data / compressed
data.
It fixes the last issues with fast_ipsec and ipcomp.
While here, bzero -> memset, bcopy -> memcpy, FREE -> free
Reviewed a long time ago by sam@


To generate a diff of this commit:
cvs rdiff -r1.255 -r1.255.2.1 src/sys/netinet/tcp_input.c
cvs rdiff -r1.153 -r1.153.2.1 src/sys/netinet/tcp_output.c
cvs rdiff -r1.208 -r1.208.2.1 src/sys/netinet/tcp_subr.c
cvs rdiff -r1.123.2.1 -r1.123.2.2 src/sys/netinet6/icmp6.c
cvs rdiff -r1.68 -r1.68.2.1 src/sys/netinet6/in6_proto.c
cvs rdiff -r1.49 -r1.49.8.1 src/sys/netinet6/ip6_forward.c
cvs rdiff -r1.90.2.1 -r1.90.2.2 src/sys/netinet6/ip6_input.c
cvs rdiff -r1.106 -r1.106.2.1 src/sys/netinet6/ip6_output.c
cvs rdiff -r1.78 -r1.78.8.1 src/sys/netinet6/raw_ip6.c
cvs rdiff -r1.3 -r1.3.24.1 src/sys/netipsec/ipcomp_var.h
cvs rdiff -r1.25.2.1 -r1.25.2.2 src/sys/netipsec/ipsec.c
cvs rdiff -r1.4 -r1.4.24.1 src/sys/netipsec/ipsec6.h
cvs rdiff -r1.13 -r1.13.2.1 src/sys/netipsec/ipsec_input.c
cvs rdiff -r1.17 -r1.17.12.1 src/sys/netipsec/ipsec_netbsd.c
cvs rdiff -r1.17 -r1.17.2.1 src/sys/netipsec/ipsec_output.c
cvs rdiff -r1.30.2.1 -r1.30.2.2 src/sys/netipsec/key.c
cvs rdiff -r1.8 -r1.8.2.1 src/sys/netipsec/xform_ipcomp.c
cvs rdiff -r1.14 -r1.14.2.1 src/sys/netipsec/xform_ipip.c
cvs rdiff -r1.7 -r1.7.2.1 src/sys/opencrypto/deflate.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.