From owner-freebsd-current Wed Jul 5 6: 7: 9 2000 Delivered-To: freebsd-current@freebsd.org Received: from finch-post-11.mail.demon.net (finch-post-11.mail.demon.net [194.217.242.39]) by hub.freebsd.org (Postfix) with ESMTP id B301437B785; Wed, 5 Jul 2000 06:06:59 -0700 (PDT) (envelope-from n_hibma@qubesoft.com) Received: from calcaphon.demon.co.uk ([193.237.19.5] helo=bluebottle.qubesoft.com) by finch-post-11.mail.demon.net with esmtp (Exim 2.12 #1) id 139otE-0008gn-0B; Wed, 5 Jul 2000 13:06:56 +0000 Received: from henny.webweaving.org (henny.qubesoft.com [192.168.1.5]) by bluebottle.qubesoft.com (8.9.3/8.9.1) with ESMTP id OAA40208; Wed, 5 Jul 2000 14:06:54 +0100 (BST) (envelope-from n_hibma@qubesoft.com) Received: from localhost (localhost [127.0.0.1]) by henny.webweaving.org (8.9.3/8.9.3) with ESMTP id LAA27269; Wed, 5 Jul 2000 11:48:04 +0100 (BST) (envelope-from n_hibma@qubesoft.com) Date: Wed, 5 Jul 2000 11:48:04 +0100 (BST) From: Nick Hibma X-Sender: n_hibma@localhost Reply-To: Nick Hibma To: Kris Kennaway Cc: current@FreeBSD.ORG Subject: Re: KAME integration and plans In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Could you mention the locations (as in a set of paths) that are hands-off? Nick On Wed, 5 Jul 2000, Kris Kennaway wrote: > As itojun has already posted, we are in the process of updating the > KAME IPv6/IPSEC code in FreeBSD to the latest KAME sources. > > In importing the latest KAME code, we are not being too concerned about > whitespace or cosmetic diffs, unifdef'ing __NetBSD__ sections (at least in > userland) and so forth. The reason for this is that KAME is externally > maintained code, and so cosmetic differences in FreeBSD needlessly > complicate the diffs and really make life harder for merging. The KAME > team already have a difficult enough job in maintaining and developing the > code on 11 different BSD releases without us making life more difficult > for them by committing unneccessary code changes to FreeBSD. > > In this vein, I'd like to suggest a new "hands-off" policy of not > committing gratuitous changes to KAME-derived code, including manpage > changes, unless: > > a) The commit is required for operation on FreeBSD (in which case it's not > really gratuitous) > > b) The commit is suitable for the other platforms KAME supports > as well, and is submitted back to KAME to be merged into their master > repo. If there are legitimate concerns with KAME code the place to get > them fixed is upstream, not in FreeBSD. > > For example, the "hard sentence break" manpage sweeps should have been > submitted back to KAME, and the "remove unneeded #includes" should not > have touched the KAME code at all since it creates gratuitous diffs for no > functional change. X years down the line if the KAME project disbands, we > can do the FreeBSD style cleanups then. > > At the moment I am not bothering to merge in gratuitous FreeBSD changes to > things like manpages, because we want to get this code into -current and > tested as quickly as possible. Sheldon Hearn will be taking care of > passing the manpage diffs back to KAME. > > I intend to MFC this stuff in 4 or 5 days assuming it doesn't present any > problems, so this means we need everyone who is capable of doing so to > stress the new code as much as possible. IMO we *really* need to get this > into 4.1 despite the relatively short testing cycle, for the simple reason > that the newer code is much more functional, and in particular supports > the racoon IKE daemon for automatic management of IPSEFC security > associations (i.e. manually-keyed SAs are no longer required) - this is > already in ports. This is important for interoperability with other IPSEC > implementations. > > I also would quite like to see ALTQ brought in - I have had lots of > support for this and so far no objections - although I forgot to ask > itojun not to unifdef that code before it was committed :-(. Perhaps if he > has time he'll commit that as well. > > Userland binaries are not yet fully committed: the older binaries may not > work corectly with the new kernel code. > > Anyone wanting to play with this stuff to help test it should check out > www.freenet6.net, who provide a very simple way to establish a tunnel to > the 6bone. Documentation is available on www.kame.net and related links. > > Kris > > -- > In God we Trust -- all others must submit an X.509 certificate. > -- Charles Forsythe > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message > -- n_hibma@webweaving.org n_hibma@freebsd.org USB project http://www.etla.net/~n_hibma/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message