Module Name: src
Committed By: christos
Date: Mon Mar 8 17:54:23 UTC 2021
Modified Files:
src/sys/netinet: in_var.h
Log Message:
Use a random IPv4 ID because the shuffling algorithm used before could expose
information (Amit Klein)
To generate a diff of this commit:
cvs rdiff -u -r1.98 -r1.99 src/sys/netinet/in_var.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/in_var.h
diff -u src/sys/netinet/in_var.h:1.98 src/sys/netinet/in_var.h:1.99
--- src/sys/netinet/in_var.h:1.98 Fri Sep 11 11:22:12 2020
+++ src/sys/netinet/in_var.h Mon Mar 8 12:54:23 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: in_var.h,v 1.98 2020/09/11 15:22:12 roy Exp $ */
+/* $NetBSD: in_var.h,v 1.99 2021/03/08 17:54:23 christos Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -65,6 +65,7 @@
#define _NETINET_IN_VAR_H_
#include <sys/queue.h>
+#include <sys/cprng.h>
#define IN_IFF_TENTATIVE 0x01 /* tentative address */
#define IN_IFF_DUPLICATED 0x02 /* DAD detected duplicate */
@@ -469,7 +470,8 @@ ip_newid_range(const struct in_ifaddr *i
if (ip_do_randomid) {
/* XXX ignore num */
- return ip_randomid(ip_ids, ia ? ia->ia_idsalt : 0);
+ id = (uint16_t)cprng_fast32();
+ return id ? id : 1;
}
/* Never allow an IP ID of 0 (detect wrap). */
