[src/trunk]: src/sys/netinet Use a random IPv4 ID because the shuffling algor...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/a47daf7136ed
branches:  trunk
changeset: 953416:a47daf7136ed
user:      christos <christos%NetBSD.org@localhost>
date:      Mon Mar 08 17:54:23 2021 +0000

description:
Use a random IPv4 ID because the shuffling algorithm used before could expose
information (Amit Klein)

diffstat:

 sys/netinet/in_var.h |  6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diffs (27 lines):

diff -r e92ea3cbe568 -r a47daf7136ed sys/netinet/in_var.h
--- a/sys/netinet/in_var.h      Mon Mar 08 17:53:20 2021 +0000
+++ b/sys/netinet/in_var.h      Mon Mar 08 17:54:23 2021 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in_var.h,v 1.98 2020/09/11 15:22:12 roy Exp $  */
+/*     $NetBSD: in_var.h,v 1.99 2021/03/08 17:54:23 christos Exp $     */
 
 /*-
  * Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -65,6 +65,7 @@
 #define _NETINET_IN_VAR_H_
 
 #include <sys/queue.h>
+#include <sys/cprng.h>
 
 #define IN_IFF_TENTATIVE       0x01    /* tentative address */
 #define IN_IFF_DUPLICATED      0x02    /* DAD detected duplicate */
@@ -469,7 +470,8 @@
 
        if (ip_do_randomid) {
                /* XXX ignore num */
-               return ip_randomid(ip_ids, ia ? ia->ia_idsalt : 0);
+               id = (uint16_t)cprng_fast32();
+               return id ? id : 1;
        }
 
        /* Never allow an IP ID of 0 (detect wrap). */