NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kern/47100: IPv6 temporary addresses are broken (RFC 4941/RFC 3041)
The following reply was made to PR kern/47100; it has been noted by GNATS.
From: dieter roelants <dieter.NetBSD%pandora.be@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: Taylor R Campbell <campbell+netbsd%mumble.net@localhost>
Subject: Re: kern/47100: IPv6 temporary addresses are broken (RFC 4941/RFC
3041)
Date: Sun, 21 Oct 2012 22:15:39 +0200
On Sun, 21 Oct 2012 18:55:00 +0000 (UTC)
Taylor R Campbell <campbell+netbsd%mumble.net@localhost> wrote:
>
> We have a sysctl knob net.inet6.ip6.use_tempaddr, which
> controls whether NetBSD will generate IPv6 temporary addresses
> according to RFC 3041 (obsoleted by RFC 4941), but this never
> got wired up to the source address selection code. Other
> operating systems, such as FreeBSD, have another sysctl knob,
> net.inet6.ip6.prefer_tempaddr, which instructs the kernel to
> prefer temporary addresses for new outgoing connections, but we
> don't have that either.
A couple of weeks (or months?) ago, I patched my tree with the Kame
code for this. I think it still needs some cleanup (I notice I put a
define in there with TTT in its name), and there are no man page
updates.
kind regards
dieter
--
Index: sys/netinet6/in6.h
===================================================================
RCS file: /cvsroot/src/sys/netinet6/in6.h,v
retrieving revision 1.70
diff -u -u -r1.70 in6.h
--- sys/netinet6/in6.h 22 Jun 2012 14:54:35 -0000 1.70
+++ sys/netinet6/in6.h 21 Oct 2012 20:00:27 -0000
@@ -437,6 +437,11 @@
#define IPV6_TCLASS 61 /* int; send traffic class value */
#define IPV6_DONTFRAG 62 /* bool; disable IPv6 fragmentation */
+
+#define IPV6_PREFER_TEMPADDR 63 /* int; prefer temporary addresses as
+ * the source address.
+ */
+
/* to define items, should talk with KAME guys first, for *BSD compatibility
*/
#define IPV6_RTHDR_LOOSE 0 /* this hop need not be a neighbor. XXX old
spec */
Index: sys/netinet6/in6_src.c
===================================================================
RCS file: /cvsroot/src/sys/netinet6/in6_src.c,v
retrieving revision 1.53
diff -u -u -r1.53 in6_src.c
--- sys/netinet6/in6_src.c 25 Jun 2012 15:28:39 -0000 1.53
+++ sys/netinet6/in6_src.c 21 Oct 2012 20:00:27 -0000
@@ -118,7 +118,9 @@
#define ADDR_LABEL_NOTAPP (-1)
struct in6_addrpolicy defaultaddrpolicy;
-#ifdef notyet /* until introducing ND extensions and address selection */
+#define TTT_ADDR_SEL 1
+
+#ifdef TTT_ADDR_SEL /* until introducing ND extensions and address selection
*/
int ip6_prefer_tempaddr = 0;
#endif
@@ -184,7 +186,7 @@
struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL;
u_int32_t odstzone;
int error;
-#ifdef notyet /* until introducing ND extensions and address selection */
+#ifdef TTT_ADDR_SEL /* until introducing ND extensions and address selection
*/
int prefer_tempaddr;
#endif
#if defined(MIP6) && NMIP > 0
@@ -458,7 +460,7 @@
* a sysctl variable, so that privacy conscious users can
* always prefer temporary addresses.
*/
-#ifdef notyet /* until introducing ND extensions and address selection */
+#ifdef TTT_ADDR_SEL /* until introducing ND extensions and address selection
*/
if (opts == NULL ||
opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) {
prefer_tempaddr = ip6_prefer_tempaddr;
@@ -498,7 +500,7 @@
* Rule 9: prefer addresses on "preferred" interfaces.
* This is a KAME specific rule.
*/
-#ifdef notyet /* until introducing address selection */
+#ifdef notyet /* until introducing ND extensions */
#define NDI_BEST ND_IFINFO(ia_best->ia_ifp)
#define NDI_NEW ND_IFINFO(ia->ia_ifp)
if ((NDI_BEST->flags & ND6_IFF_PREFER_SOURCE) &&
Index: sys/netinet6/ip6_input.c
===================================================================
RCS file: /cvsroot/src/sys/netinet6/ip6_input.c,v
retrieving revision 1.140
diff -u -u -r1.140 ip6_input.c
--- sys/netinet6/ip6_input.c 25 Jun 2012 15:28:40 -0000 1.140
+++ sys/netinet6/ip6_input.c 21 Oct 2012 20:00:27 -0000
@@ -1915,6 +1915,14 @@
CTL_CREATE, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+ CTLTYPE_INT, "prefer_tempaddr",
+ SYSCTL_DESCR("Prefer temporary address as source "
+ "address"),
+ NULL, 0, &ip6_prefer_tempaddr, 0,
+ CTL_NET, PF_INET6, IPPROTO_IPV6,
+ CTL_CREATE, CTL_EOL);
+ sysctl_createv(clog, 0, NULL, NULL,
+ CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
CTLTYPE_INT, "maxfrags",
SYSCTL_DESCR("Maximum fragments in reassembly queue"),
NULL, 0, &ip6_maxfrags, 0,
Index: sys/netinet6/ip6_output.c
===================================================================
RCS file: /cvsroot/src/sys/netinet6/ip6_output.c,v
retrieving revision 1.150
diff -u -u -r1.150 ip6_output.c
--- sys/netinet6/ip6_output.c 21 Jul 2012 14:52:40 -0000 1.150
+++ sys/netinet6/ip6_output.c 21 Oct 2012 20:00:27 -0000
@@ -1507,6 +1507,7 @@
case IPV6_TCLASS:
case IPV6_DONTFRAG:
case IPV6_USE_MIN_MTU:
+ case IPV6_PREFER_TEMPADDR:
error = sockopt_getint(sopt, &optval);
if (error)
break;
@@ -1819,6 +1820,7 @@
case IPV6_TCLASS:
case IPV6_DONTFRAG:
case IPV6_USE_MIN_MTU:
+ case IPV6_PREFER_TEMPADDR:
error = ip6_getpcbopt(in6p->in6p_outputopts,
optname, sopt);
break;
@@ -1996,6 +1998,7 @@
opt->ip6po_hlim = -1; /* -1 means default hop limit */
opt->ip6po_tclass = -1; /* -1 means default traffic class */
opt->ip6po_minmtu = IP6PO_MINMTU_MCASTONLY;
+ opt->ip6po_prefer_tempaddr = IP6PO_TEMPADDR_SYSTEM;
}
#define sin6tosa(sin6) ((struct sockaddr *)(sin6)) /* XXX */
@@ -2028,6 +2031,7 @@
struct in6_pktinfo null_pktinfo;
int deftclass = 0, on;
int defminmtu = IP6PO_MINMTU_MCASTONLY;
+ int defpreftemp = IP6PO_TEMPADDR_SYSTEM;
switch (optname) {
case IPV6_PKTINFO:
@@ -2099,6 +2103,13 @@
optdata = (void *)&on;
optdatalen = sizeof(on);
break;
+ case IPV6_PREFER_TEMPADDR:
+ if (pktopt)
+ optdata = (void *)&pktopt->ip6po_prefer_tempaddr;
+ else
+ optdata = (void *)&defpreftemp;
+ optdatalen = sizeof(int);
+ break;
default: /* should not happen */
#ifdef DIAGNOSTIC
panic("ip6_getpcbopt: unexpected option\n");
@@ -2658,7 +2669,7 @@
ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt,
kauth_cred_t cred, int sticky, int cmsg, int uproto)
{
- int minmtupolicy;
+ int minmtupolicy, preftemp;
int error;
if (!sticky && !cmsg) {
@@ -2698,6 +2709,7 @@
case IPV6_DONTFRAG:
case IPV6_OTCLASS:
case IPV6_TCLASS:
+ case IPV6_PREFER_TEMPADDR: /* XXX not an RFC3542 option */
return (ENOPROTOOPT);
}
}
@@ -3034,6 +3046,18 @@
opt->ip6po_flags |= IP6PO_DONTFRAG;
break;
+ case IPV6_PREFER_TEMPADDR:
+ if (len != sizeof(int))
+ return (EINVAL);
+ preftemp = *(int *)buf;
+ if (preftemp != IP6PO_TEMPADDR_SYSTEM &&
+ preftemp != IP6PO_TEMPADDR_NOTPREFER &&
+ preftemp != IP6PO_TEMPADDR_PREFER) {
+ return (EINVAL);
+ }
+ opt->ip6po_prefer_tempaddr = preftemp;
+ break;
+
default:
return (ENOPROTOOPT);
} /* end of switch */
Index: sys/netinet6/ip6_var.h
===================================================================
RCS file: /cvsroot/src/sys/netinet6/ip6_var.h,v
retrieving revision 1.59
diff -u -u -r1.59 ip6_var.h
--- sys/netinet6/ip6_var.h 23 Jun 2012 03:14:04 -0000 1.59
+++ sys/netinet6/ip6_var.h 21 Oct 2012 20:00:27 -0000
@@ -148,6 +148,13 @@
#define IP6PO_MINMTU_MCASTONLY -1 /* default; send at min MTU for
multicast*/
#define IP6PO_MINMTU_DISABLE 0 /* always perform pmtu disc */
#define IP6PO_MINMTU_ALL 1 /* always send at min MTU */
+
+ int ip6po_prefer_tempaddr; /* whether temporary addresses are
+ preferred as source address */
+#define IP6PO_TEMPADDR_SYSTEM -1 /* follow the system default */
+#define IP6PO_TEMPADDR_NOTPREFER 0 /* not prefer temporary address */
+#define IP6PO_TEMPADDR_PREFER 1 /* prefer temporary address */
+
int ip6po_flags;
#if 0 /* parameters in this block is obsolete. do not reuse the values. */
#define IP6PO_REACHCONF 0x01 /* upper-layer reachability
confirmation. */
Home |
Main Index |
Thread Index |
Old Index