[src/trunk]: src/sys/netinet Patch back support for (badly) randomized IP ids...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/netinet Patch back support for (badly) randomized IP ids...
From: jonathan <jonathan%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 14:04:06 +0000

details:   https://anonhg.NetBSD.org/src/rev/444464cdcb4e
branches:  trunk
changeset: 555508:444464cdcb4e
user:      jonathan <jonathan%NetBSD.org@localhost>
date:      Wed Nov 19 18:39:34 2003 +0000

description:
Patch back support for (badly) randomized IP ids, by request:

* Include "opt_inet.h" everywhere IP-ids are generated with ip_newid(),
  so the RANDOM_IP_ID option is visible. Also in ip_id(), to ensure
  the prototype for ip_randomid() is made visible.

* Add new sysctl to enable randomized IP-ids, provided the kernel was
  configured with RANDOM_IP_ID. (The sysctl defaults to zero, and is
  a read-only zero if RANDOM_IP_ID is not configured).

Note that the implementation of randomized IP ids is still defective,
and should not be enabled at all (even if configured) without
very careful deliberation. Caveat emptor.

diffstat:

 sys/netinet/in.h        |   6 ++++--
 sys/netinet/ip_id.c     |   6 ++++--
 sys/netinet/ip_input.c  |  18 ++++++++++++++++--
 sys/netinet/ip_mroute.c |   5 +++--
 sys/netinet/ip_output.c |   5 +++--
 sys/netinet/raw_ip.c    |   5 +++--
 6 files changed, 33 insertions(+), 12 deletions(-)

diffs (155 lines):

diff -r 1b0fd97b9f19 -r 444464cdcb4e sys/netinet/in.h
--- a/sys/netinet/in.h  Wed Nov 19 18:06:13 2003 +0000
+++ b/sys/netinet/in.h  Wed Nov 19 18:39:34 2003 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in.h,v 1.63 2003/11/10 20:50:29 jonathan Exp $ */
+/*     $NetBSD: in.h,v 1.64 2003/11/19 18:39:34 jonathan Exp $ */
 
 /*
  * Copyright (c) 1982, 1986, 1990, 1993
@@ -381,7 +381,8 @@
 #define        IPCTL_GRE_TTL          19       /* default TTL for gre encap packet */
 #define        IPCTL_CHECKINTERFACE   20       /* drop pkts in from 'wrong' iface */
 #define        IPCTL_IFQ              21       /* ipintrq node */
-#define        IPCTL_MAXID            22
+#define        IPCTL_RANDOMID         22       /* use random IP ids (if configured) */
+#define        IPCTL_MAXID            23
 
 #define        IPCTL_NAMES { \
        { 0, 0 }, \
@@ -406,6 +407,7 @@
        { "grettl", CTLTYPE_INT }, \
        { "checkinterface", CTLTYPE_INT }, \
        { "ifq", CTLTYPE_NODE }, \
+       { "random_id", CTLTYPE_INT }, \
 }
 #endif /* _NETBSD_SOURCE */
 
diff -r 1b0fd97b9f19 -r 444464cdcb4e sys/netinet/ip_id.c
--- a/sys/netinet/ip_id.c       Wed Nov 19 18:06:13 2003 +0000
+++ b/sys/netinet/ip_id.c       Wed Nov 19 18:39:34 2003 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_id.c,v 1.2 2003/09/16 00:31:55 itojun Exp $ */
+/*     $NetBSD: ip_id.c,v 1.3 2003/11/19 18:39:34 jonathan Exp $       */
 /*     $OpenBSD: ip_id.c,v 1.6 2002/03/15 18:19:52 millert Exp $       */
 
 /*
@@ -57,7 +57,9 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_id.c,v 1.2 2003/09/16 00:31:55 itojun Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_id.c,v 1.3 2003/11/19 18:39:34 jonathan Exp $");
+
+#include "opt_inet.h"
 
 #include <sys/types.h>
 #include <sys/param.h>
diff -r 1b0fd97b9f19 -r 444464cdcb4e sys/netinet/ip_input.c
--- a/sys/netinet/ip_input.c    Wed Nov 19 18:06:13 2003 +0000
+++ b/sys/netinet/ip_input.c    Wed Nov 19 18:39:34 2003 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_input.c,v 1.183 2003/11/17 22:34:16 jonathan Exp $  */
+/*     $NetBSD: ip_input.c,v 1.184 2003/11/19 18:39:34 jonathan Exp $  */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -98,8 +98,9 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.183 2003/11/17 22:34:16 jonathan Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.184 2003/11/19 18:39:34 jonathan Exp $");
 
+#include "opt_inet.h"
 #include "opt_gateway.h"
 #include "opt_pfil_hooks.h"
 #include "opt_ipsec.h"
@@ -197,6 +198,11 @@
 #ifdef DIAGNOSTIC
 int    ipprintfs = 0;
 #endif
+
+#ifdef RANDOM_IP_ID
+int    ip_do_randomid = 0;
+#endif
+
 /*
  * XXX - Setting ip_checkinterface mostly implements the receive side of
  * the Strong ES model described in RFC 1122, but since the routing table
@@ -2066,6 +2072,14 @@
                return (sysctl_ifq(name + 1, namelen - 1, oldp, oldlenp,
                    newp, newlen, &ipintrq));
 
+       case IPCTL_RANDOMID:
+#ifdef RANDOM_IP_ID
+               return (sysctl_int(oldp, oldlenp, newp, newlen,
+                   &ip_do_randomid));
+#else
+               return (sysctl_rdint(oldp, oldlenp, newp, newlen, 0));
+#endif
+
        default:
                return (EOPNOTSUPP);
        }
diff -r 1b0fd97b9f19 -r 444464cdcb4e sys/netinet/ip_mroute.c
--- a/sys/netinet/ip_mroute.c   Wed Nov 19 18:06:13 2003 +0000
+++ b/sys/netinet/ip_mroute.c   Wed Nov 19 18:39:34 2003 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_mroute.c,v 1.81 2003/11/17 21:34:27 jonathan Exp $  */
+/*     $NetBSD: ip_mroute.c,v 1.82 2003/11/19 18:39:34 jonathan Exp $  */
 
 /*
  * Copyright (c) 1992, 1993
@@ -86,8 +86,9 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_mroute.c,v 1.81 2003/11/17 21:34:27 jonathan Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_mroute.c,v 1.82 2003/11/19 18:39:34 jonathan Exp $");
 
+#include "opt_inet.h"
 #include "opt_ipsec.h"
 
 #include <sys/param.h>
diff -r 1b0fd97b9f19 -r 444464cdcb4e sys/netinet/ip_output.c
--- a/sys/netinet/ip_output.c   Wed Nov 19 18:06:13 2003 +0000
+++ b/sys/netinet/ip_output.c   Wed Nov 19 18:39:34 2003 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_output.c,v 1.127 2003/11/17 21:34:27 jonathan Exp $ */
+/*     $NetBSD: ip_output.c,v 1.128 2003/11/19 18:39:34 jonathan Exp $ */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -98,9 +98,10 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.127 2003/11/17 21:34:27 jonathan Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.128 2003/11/19 18:39:34 jonathan Exp $");
 
 #include "opt_pfil_hooks.h"
+#include "opt_inet.h"
 #include "opt_ipsec.h"
 #include "opt_mrouting.h"
 
diff -r 1b0fd97b9f19 -r 444464cdcb4e sys/netinet/raw_ip.c
--- a/sys/netinet/raw_ip.c      Wed Nov 19 18:06:13 2003 +0000
+++ b/sys/netinet/raw_ip.c      Wed Nov 19 18:39:34 2003 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: raw_ip.c,v 1.77 2003/11/17 21:34:27 jonathan Exp $     */
+/*     $NetBSD: raw_ip.c,v 1.78 2003/11/19 18:39:34 jonathan Exp $     */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,8 +61,9 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.77 2003/11/17 21:34:27 jonathan Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.78 2003/11/19 18:39:34 jonathan Exp $");
 
+#include "opt_inet.h"
 #include "opt_ipsec.h"
 #include "opt_mrouting.h"

Prev by Date: [src/trunk]: src/lib/libossaudio drop whitespace
Next by Date: [src/trunk]: src/sys/arch/i386/conf Add opencrypto and drivers for PCI crypto...
Previous by Thread: [src/trunk]: src/lib/libossaudio drop whitespace
Next by Thread: [src/trunk]: src/sys/arch/i386/conf Add opencrypto and drivers for PCI crypto...
Indexes:

Home | Main Index | Thread Index | Old Index