[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[usagi-announce] 2002/01/21 snapshot



Hi,

We release new snapshot dated on 21st Jan 2002 (20020121).

Here's the changelog:

2002/01/21	takamiya, yoshfuji
	* kernel/linux24: sync with HUT's MIPv6 implementation
	as of 2001/12/26 based on draft-15.
	XXX: maybe broken.  userland is not included.

2002/01/21	miyazawa
	* kernel/linux24/include/linux/calc_hmac.h,
	  kernel/linux24/net/key/{Makefile,calc_hmac.c},
	  kernel/linux24/net/netsyms.c,
	remove original calc_hmac

2002/01/21	miyazawa
	* kernel/linux24/crypto/cryptoapi,crypto/digest/{digest-md5.c,digest-sha1.c,gen-hmac.h},
	  kernel/linux24/net/ipv6/{ipsec6_input.c,ipsec6_utils.c},
	  kernel/linux24/include/linux/crypto.h:
	merge calc_hmac routine to cryptoapi

2002/01/16	mk
	* kernel/linux24/net/key/{pfkey_v2_msg.c,pfkey_v2_msg.h,sadb_utils.c},
	  usagi/usagi/pfkey_util/{pfkey.c,pfkeylib.c}:
	support AES(128-bit key) <see draft-ietf-ipsec-ciph-aes-cbc-03.txt>
	and also I added AES definitions in linux24/pfkeyv2.h (rev 1.5).
	NOTE: currently not yet well tested.


2002/01/15	miyazawa
	* kernel/linux24/include/net/{pfkeyv2.h,sadb.h}
	  kernel/linux24/net/key/{af_key.c,pfkey_v2_msg.h,pfkey_v2_msg.c,sadb.c}
	  usagi/pfkey_util/{pfkey.c,pfkeylib.h,pfkeylib.c}:
	make flush message specify SATYPE and add flush Policy with 
	SADB_X_FLUSH_SP.

2002/01/12	mk
	* kernel/linux24/net/ipv6/{ipsec6_input.c, ipsec6_utils.c},
	  kernel/linux24/net/pfkey/sadb.c: 
	keep IV value in esp_algo_info {} because cryptoapi removed iv in cx{}.

2002/01/11	miyazawa
	* kernel/linux24/net/key/{pfkey_v2_msg_add.c,pfkey_v2_msg_getspi.c}
	add restriction for reserved SPI by IANA.

2002/01/11	miyazawa
	* kernel/linux24/net/key/{sa_index.c,sadb.c}
	Support SPI=any in policy. If you specify SPI=any(0xFFFFFFFF), IPsec's 
	behavior is:
	OUTBOUND:
		Policy searches a SA by the Destination Address and IPsec 
		protocol.  If there are two or more SAs matched the policy 
		condition in SADB, Policy use the first configured one
		till the SA expires.
	INBOUND:
		Policy searches a SA by the Destination Address and IPsec 
		protocol.  If there are two or more SAs matched the policy 
		condition in SADB, Policy accepts those SAs to process 
		INBOUND packets.

2002/01/10	yoshfuji
	* kernel/linux24/net/ipv6/{ip6_output,tcp_ipv6}.c: fixed typo;
	packet was not encrypted if AH had been already added.

2002/01/09      miyazawa
        * kernel/linux24/net/key/{pfkey_v2_msg_flow.c,sa_index.c,spd.c}:
	fixed prefixlen_d handling in sa_index of ipsec_sp.

2002/01/08	mk
	* kernel/linux24/crypto, kernel/linux24/drivers/block/loop.c: 
	updated cryptoapi 2.4.17.0 and loop-hvr-2.4.16.0.

--yoshfuji