From owner-cvs-all@FreeBSD.ORG  Mon Sep 29 15:57:44 2003
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id B0CCB16A4B3; Mon, 29 Sep 2003 15:57:44 -0700 (PDT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id C11F643FDF; Mon, 29 Sep 2003 15:57:43 -0700 (PDT)
	(envelope-from sam@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id h8TMvhXJ012234;
	Mon, 29 Sep 2003 15:57:43 -0700 (PDT)
	(envelope-from sam@repoman.freebsd.org)
Received: (from sam@localhost)
	by repoman.freebsd.org (8.12.9/8.12.9/Submit) id h8TMvhIs012233;
	Mon, 29 Sep 2003 15:57:43 -0700 (PDT)
	(envelope-from sam)
Message-Id: <200309292257.h8TMvhIs012233@repoman.freebsd.org>
From: Sam Leffler <sam@FreeBSD.org>
Date: Mon, 29 Sep 2003 15:57:43 -0700 (PDT)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org,
	cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/sys/netipsec ipsec.c ipsec.h ipsec_input.c
 ipsec_mbuf.c ipsec_output.c key.c key_debug.c keydb.h keysock.c
 xform_ah.c xform_esp.c xform_ipcomp.c xform_ipip.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Sep 2003 22:57:44 -0000

sam         2003/09/29 15:57:43 PDT

  FreeBSD src repository

  Modified files:
    sys/netipsec         ipsec.c ipsec.h ipsec_input.c 
                         ipsec_mbuf.c ipsec_output.c key.c 
                         key_debug.c keydb.h keysock.c xform_ah.c 
                         xform_esp.c xform_ipcomp.c xform_ipip.c 
  Log:
  MFp4: portability work, general cleanup, locking fixes
  
  change 38496
  o add ipsec_osdep.h that holds os-specific definitions for portability
  o s/KASSERT/IPSEC_ASSERT/ for portability
  o s/SPLASSERT/IPSEC_SPLASSERT/ for portability
  o remove function names from ASSERT strings since line#+file pinpints
    the location
  o use __func__ uniformly to reduce string storage
  o convert some random #ifdef DIAGNOSTIC code to assertions
  o remove some debuggging assertions no longer needed
  
  change 38498
  o replace numerous bogus panic's with equally bogus assertions
    that at least go away on a production system
  
  change 38502 + 38530
  o change explicit mtx operations to #defines to simplify
    future changes to a different lock type
  
  change 38531
  o hookup ipv4 ctlinput paths to a noop routine; we should be
    handling path mtu changes at least
  o correct potential null pointer deref in ipsec4_common_input_cb
  
  chnage 38685
  o fix locking for bundled SA's and for when key exchange is required
  
  change 38770
  o eliminate recursion on the SAHTREE lock
  
  change 38804
  o cleanup some types: long -> time_t
  o remove refrence to dead #define
  
  change 38805
  o correct some types: long -> time_t
  o add scan generation # to secpolicy to deal with locking issues
  
  change 38806
  o use LIST_FOREACH_SAFE instead of handrolled code
  o change key_flush_spd to drop the sptree lock before purging
    an entry to avoid lock recursion and to avoid holding the lock
    over a long-running operation
  o misc cleanups of tangled and twisty code
  
  There is still much to do here but for now things look to be
  working again.
  
  Supported by:   FreeBSD Foundation
  
  Revision  Changes    Path
  1.7       +105 -129  src/sys/netipsec/ipsec.c
  1.4       +27 -5     src/sys/netipsec/ipsec.h
  1.7       +147 -136  src/sys/netipsec/ipsec_input.c
  1.9       +14 -16    src/sys/netipsec/ipsec_mbuf.c
  1.9       +46 -44    src/sys/netipsec/ipsec_output.c
  1.8       +574 -562  src/sys/netipsec/key.c
  1.2       +28 -25    src/sys/netipsec/key_debug.c
  1.3       +9 -4      src/sys/netipsec/keydb.h
  1.6       +4 -4      src/sys/netipsec/keysock.c
  1.6       +72 -80    src/sys/netipsec/xform_ah.c
  1.8       +70 -71    src/sys/netipsec/xform_esp.c
  1.6       +36 -42    src/sys/netipsec/xform_ipcomp.c
  1.6       +18 -19    src/sys/netipsec/xform_ipip.c