On Fri, Sep 01, 2017 at 01:21:31PM +0000, Florian Obser wrote:
> *prod*
As author of in6_get_rand_ifid(), I approve.
Your diff shall be blessed.
Even more blessed if get_last_resort_ifid() were granted the in6_ prefix.
But there are more of its brothers squatting the get_ namespace, so
perhaps these shall all be fixed together and separately?
> On Tue, Aug 15, 2017 at 09:31:26AM +0000, Florian Obser wrote:
> >
> > Rename in6_get_rand_ifi() to get_last_resort_ifid() and delete the old
> > get_last_resort_ifid() function because eww.
> > Also if your system is so constraint that you end up in
> > get_last_resort_ifid() you don't deserve a random ifid that stays
> > stable over reboots.
> > Simplify code a bit since get_ifid() can no longer fail.
> > It couldn't fail before either because that code path was #if 0'ed.
> >
> > OK?
> >
> > diff --git netinet6/in6.h netinet6/in6.h
> > index 0caae1f586a..d80bff21370 100644
> > --- netinet6/in6.h
> > +++ netinet6/in6.h
> > @@ -418,7 +418,6 @@ void in6_proto_cksum_out(struct mbuf *, struct ifnet
> > *);
> > int in6_localaddr(struct in6_addr *);
> > int in6_addrscope(struct in6_addr *);
> > struct in6_ifaddr *in6_ifawithscope(struct ifnet *, struct in6_addr *,
> > u_int);
> > -void in6_get_rand_ifid(struct ifnet *, struct in6_addr *);
> > int in6_mask2len(struct in6_addr *, u_char *);
> > int in6_nam2sin6(const struct mbuf *, struct sockaddr_in6 **);
> >
> > diff --git netinet6/in6_ifattach.c netinet6/in6_ifattach.c
> > index 89acde9c6a4..a8abf5fa695 100644
> > --- netinet6/in6_ifattach.c
> > +++ netinet6/in6_ifattach.c
> > @@ -56,9 +56,9 @@
> > #include <netinet6/ip6_mroute.h>
> > #endif
> >
> > -int get_last_resort_ifid(struct ifnet *, struct in6_addr *);
> > +void get_last_resort_ifid(struct ifnet *, struct in6_addr *);
> > int get_hw_ifid(struct ifnet *, struct in6_addr *);
> > -int get_ifid(struct ifnet *, struct in6_addr *);
> > +void get_ifid(struct ifnet *, struct in6_addr *);
> > int in6_ifattach_loopback(struct ifnet *);
> >
> > #define EUI64_GBIT 0x01
> > @@ -72,52 +72,13 @@ int in6_ifattach_loopback(struct ifnet *);
> > #define IFID_LOCAL(in6) (!EUI64_LOCAL(in6))
> > #define IFID_UNIVERSAL(in6) (!EUI64_UNIVERSAL(in6))
> >
> > -/*
> > - * Generate a last-resort interface identifier, when the machine has no
> > - * IEEE802/EUI64 address sources.
> > - * The goal here is to get an interface identifier that is
> > - * (1) random enough and (2) does not change across reboot.
> > - * We currently use SHA512(hostname) for it.
> > - *
> > - * in6 - upper 64bits are preserved
> > - */
> > -int
> > -get_last_resort_ifid(struct ifnet *ifp, struct in6_addr *in6)
> > -{
> > - SHA2_CTX ctx;
> > - u_int8_t digest[SHA512_DIGEST_LENGTH];
> > -
> > -#if 0
> > - /* we need at least several letters as seed for ifid */
> > - if (hostnamelen < 3)
> > - return -1;
> > -#endif
> > -
> > - /* generate 8 bytes of pseudo-random value. */
> > - SHA512Init(&ctx);
> > - SHA512Update(&ctx, hostname, hostnamelen);
> > - SHA512Final(digest, &ctx);
> > -
> > - /* assumes sizeof(digest) > sizeof(ifid) */
> > - bcopy(digest, &in6->s6_addr[8], 8);
> > -
> > - /* make sure to set "u" bit to local, and "g" bit to individual. */
> > - in6->s6_addr[8] &= ~EUI64_GBIT; /* g bit to "individual" */
> > - in6->s6_addr[8] |= EUI64_UBIT; /* u bit to "local" */
> > -
> > - /* convert EUI64 into IPv6 interface identifier */
> > - EUI64_TO_IFID(in6);
> > -
> > - return 0;
> > -}
> > -
> > /*
> > * Generate a random interface identifier.
> > *
> > * in6 - upper 64bits are preserved
> > */
> > void
> > -in6_get_rand_ifid(struct ifnet *ifp, struct in6_addr *in6)
> > +get_last_resort_ifid(struct ifnet *ifp, struct in6_addr *in6)
> > {
> > arc4random_buf(&in6->s6_addr32[2], 8);
> >
> > @@ -235,7 +196,7 @@ get_hw_ifid(struct ifnet *ifp, struct in6_addr *in6)
> > * available on ifp0, borrow interface identifier from other information
> > * sources.
> > */
> > -int
> > +void
> > get_ifid(struct ifnet *ifp0, struct in6_addr *in6)
> > {
> > struct ifnet *ifp;
> > @@ -267,22 +228,15 @@ get_ifid(struct ifnet *ifp0, struct in6_addr *in6)
> > }
> >
> > /* last resort: get from random number source */
> > - if (get_last_resort_ifid(ifp, in6) == 0) {
> > - nd6log((LOG_DEBUG,
> > - "%s: interface identifier generated by random number\n",
> > - ifp0->if_xname));
> > - goto success;
> > - }
> > -
> > - printf("%s: failed to get interface identifier\n", ifp0->if_xname);
> > - return -1;
> > -
> > + get_last_resort_ifid(ifp, in6);
> > + nd6log((LOG_DEBUG,
> > + "%s: interface identifier generated by random number\n",
> > + ifp0->if_xname));
> > success:
> > nd6log((LOG_INFO, "%s: ifid: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n",
> > ifp0->if_xname, in6->s6_addr[8], in6->s6_addr[9], in6->s6_addr[10],
> > in6->s6_addr[11], in6->s6_addr[12], in6->s6_addr[13],
> > in6->s6_addr[14], in6->s6_addr[15]));
> > - return 0;
> > }
> >
> > /*
> > @@ -318,13 +272,8 @@ in6_ifattach_linklocal(struct ifnet *ifp, struct
> > in6_addr *ifid)
> > ifra.ifra_addr.sin6_addr.s6_addr32[1] = 0;
> > ifra.ifra_addr.sin6_addr.s6_addr[8] &= ~EUI64_GBIT;
> > ifra.ifra_addr.sin6_addr.s6_addr[8] |= EUI64_UBIT;
> > - } else {
> > - if (get_ifid(ifp, &ifra.ifra_addr.sin6_addr) != 0) {
> > - nd6log((LOG_ERR,
> > - "%s: no ifid available\n", ifp->if_xname));
> > - return (-1);
> > - }
> > - }
> > + } else
> > + get_ifid(ifp, &ifra.ifra_addr.sin6_addr);
> >
> > ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
> > ifra.ifra_prefixmask.sin6_family = AF_INET6;
> >
> > --
> > I'm not entirely sure you are real.
> >
>
> --
> I'm not entirely sure you are real.
>
