Module Name: src Committed By: christos Date: Mon Mar 8 17:54:23 UTC 2021
Modified Files: src/sys/netinet: in_var.h Log Message: Use a random IPv4 ID because the shuffling algorithm used before could expose information (Amit Klein) To generate a diff of this commit: cvs rdiff -u -r1.98 -r1.99 src/sys/netinet/in_var.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/netinet/in_var.h diff -u src/sys/netinet/in_var.h:1.98 src/sys/netinet/in_var.h:1.99 --- src/sys/netinet/in_var.h:1.98 Fri Sep 11 11:22:12 2020 +++ src/sys/netinet/in_var.h Mon Mar 8 12:54:23 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: in_var.h,v 1.98 2020/09/11 15:22:12 roy Exp $ */ +/* $NetBSD: in_var.h,v 1.99 2021/03/08 17:54:23 christos Exp $ */ /*- * Copyright (c) 1998 The NetBSD Foundation, Inc. @@ -65,6 +65,7 @@ #define _NETINET_IN_VAR_H_ #include <sys/queue.h> +#include <sys/cprng.h> #define IN_IFF_TENTATIVE 0x01 /* tentative address */ #define IN_IFF_DUPLICATED 0x02 /* DAD detected duplicate */ @@ -469,7 +470,8 @@ ip_newid_range(const struct in_ifaddr *i if (ip_do_randomid) { /* XXX ignore num */ - return ip_randomid(ip_ids, ia ? ia->ia_idsalt : 0); + id = (uint16_t)cprng_fast32(); + return id ? id : 1; } /* Never allow an IP ID of 0 (detect wrap). */