NetBSD Problem Report #47100
From campbell@mumble.net Sun Oct 21 18:52:11 2012
Return-Path: <campbell@mumble.net>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
by www.NetBSD.org (Postfix) with ESMTP id 025CC63CA81
for <gnats-bugs@gnats.NetBSD.org>; Sun, 21 Oct 2012 18:52:10 +0000 (UTC)
Message-Id: <20121021185133.7C74C604BD@jupiter.mumble.net>
Date: Sun, 21 Oct 2012 18:51:33 +0000 (UTC)
From: Taylor R Campbell <campbell+netbsd@mumble.net>
Reply-To: Taylor R Campbell <campbell+netbsd@mumble.net>
To: gnats-bugs@gnats.NetBSD.org
Subject: IPv6 temporary addresses are broken (RFC 4941/RFC 3041)
X-Send-Pr-Version: 3.95
>Number: 47100
>Category: kern
>Synopsis: IPv6 temporary addresses are broken (RFC 4941/RFC 3041)
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Oct 21 18:55:00 +0000 2012
>Closed-Date: Sun May 29 23:46:58 +0000 2016
>Last-Modified: Sun May 29 23:46:58 +0000 2016
>Originator: Taylor R Campbell <campbell+netbsd@mumble.net>
>Release: NetBSD 6.99.12
>Organization:
>Environment:
Architecture: amd64
Machine: amd64
>Description:
We have a sysctl knob net.inet6.ip6.use_tempaddr, which
controls whether NetBSD will generate IPv6 temporary addresses
according to RFC 3041 (obsoleted by RFC 4941), but this never
got wired up to the source address selection code. Other
operating systems, such as FreeBSD, have another sysctl knob,
net.inet6.ip6.prefer_tempaddr, which instructs the kernel to
prefer temporary addresses for new outgoing connections, but we
don't have that either.
>How-To-Repeat:
Set net.inet6.ip6.use_tempaddr=1. Watch your MAC address get
broadcast on the IPv6 internet nevertheless. Grumble.
>Fix:
Yes, please!
>Release-Note:
>Audit-Trail:
From: dieter roelants <dieter.NetBSD@pandora.be>
To: gnats-bugs@NetBSD.org
Cc: Taylor R Campbell <campbell+netbsd@mumble.net>
Subject: Re: kern/47100: IPv6 temporary addresses are broken (RFC 4941/RFC
3041)
Date: Sun, 21 Oct 2012 22:15:39 +0200
On Sun, 21 Oct 2012 18:55:00 +0000 (UTC)
Taylor R Campbell <campbell+netbsd@mumble.net> wrote:
>
> We have a sysctl knob net.inet6.ip6.use_tempaddr, which
> controls whether NetBSD will generate IPv6 temporary addresses
> according to RFC 3041 (obsoleted by RFC 4941), but this never
> got wired up to the source address selection code. Other
> operating systems, such as FreeBSD, have another sysctl knob,
> net.inet6.ip6.prefer_tempaddr, which instructs the kernel to
> prefer temporary addresses for new outgoing connections, but we
> don't have that either.
A couple of weeks (or months?) ago, I patched my tree with the Kame
code for this. I think it still needs some cleanup (I notice I put a
define in there with TTT in its name), and there are no man page
updates.
kind regards
dieter
--
Index: sys/netinet6/in6.h
===================================================================
RCS file: /cvsroot/src/sys/netinet6/in6.h,v
retrieving revision 1.70
diff -u -u -r1.70 in6.h
--- sys/netinet6/in6.h 22 Jun 2012 14:54:35 -0000 1.70
+++ sys/netinet6/in6.h 21 Oct 2012 20:00:27 -0000
@@ -437,6 +437,11 @@
#define IPV6_TCLASS 61 /* int; send traffic class value */
#define IPV6_DONTFRAG 62 /* bool; disable IPv6 fragmentation */
+
+#define IPV6_PREFER_TEMPADDR 63 /* int; prefer temporary addresses as
+ * the source address.
+ */
+
/* to define items, should talk with KAME guys first, for *BSD compatibility */
#define IPV6_RTHDR_LOOSE 0 /* this hop need not be a neighbor. XXX old spec */
Index: sys/netinet6/in6_src.c
===================================================================
RCS file: /cvsroot/src/sys/netinet6/in6_src.c,v
retrieving revision 1.53
diff -u -u -r1.53 in6_src.c
--- sys/netinet6/in6_src.c 25 Jun 2012 15:28:39 -0000 1.53
+++ sys/netinet6/in6_src.c 21 Oct 2012 20:00:27 -0000
@@ -118,7 +118,9 @@
#define ADDR_LABEL_NOTAPP (-1)
struct in6_addrpolicy defaultaddrpolicy;
-#ifdef notyet /* until introducing ND extensions and address selection */
+#define TTT_ADDR_SEL 1
+
+#ifdef TTT_ADDR_SEL /* until introducing ND extensions and address selection */
int ip6_prefer_tempaddr = 0;
#endif
@@ -184,7 +186,7 @@
struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL;
u_int32_t odstzone;
int error;
-#ifdef notyet /* until introducing ND extensions and address selection */
+#ifdef TTT_ADDR_SEL /* until introducing ND extensions and address selection */
int prefer_tempaddr;
#endif
#if defined(MIP6) && NMIP > 0
@@ -458,7 +460,7 @@
* a sysctl variable, so that privacy conscious users can
* always prefer temporary addresses.
*/
-#ifdef notyet /* until introducing ND extensions and address selection */
+#ifdef TTT_ADDR_SEL /* until introducing ND extensions and address selection */
if (opts == NULL ||
opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) {
prefer_tempaddr = ip6_prefer_tempaddr;
@@ -498,7 +500,7 @@
* Rule 9: prefer addresses on "preferred" interfaces.
* This is a KAME specific rule.
*/
-#ifdef notyet /* until introducing address selection */
+#ifdef notyet /* until introducing ND extensions */
#define NDI_BEST ND_IFINFO(ia_best->ia_ifp)
#define NDI_NEW ND_IFINFO(ia->ia_ifp)
if ((NDI_BEST->flags & ND6_IFF_PREFER_SOURCE) &&
Index: sys/netinet6/ip6_input.c
===================================================================
RCS file: /cvsroot/src/sys/netinet6/ip6_input.c,v
retrieving revision 1.140
diff -u -u -r1.140 ip6_input.c
--- sys/netinet6/ip6_input.c 25 Jun 2012 15:28:40 -0000 1.140
+++ sys/netinet6/ip6_input.c 21 Oct 2012 20:00:27 -0000
@@ -1915,6 +1915,14 @@
CTL_CREATE, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+ CTLTYPE_INT, "prefer_tempaddr",
+ SYSCTL_DESCR("Prefer temporary address as source "
+ "address"),
+ NULL, 0, &ip6_prefer_tempaddr, 0,
+ CTL_NET, PF_INET6, IPPROTO_IPV6,
+ CTL_CREATE, CTL_EOL);
+ sysctl_createv(clog, 0, NULL, NULL,
+ CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
CTLTYPE_INT, "maxfrags",
SYSCTL_DESCR("Maximum fragments in reassembly queue"),
NULL, 0, &ip6_maxfrags, 0,
Index: sys/netinet6/ip6_output.c
===================================================================
RCS file: /cvsroot/src/sys/netinet6/ip6_output.c,v
retrieving revision 1.150
diff -u -u -r1.150 ip6_output.c
--- sys/netinet6/ip6_output.c 21 Jul 2012 14:52:40 -0000 1.150
+++ sys/netinet6/ip6_output.c 21 Oct 2012 20:00:27 -0000
@@ -1507,6 +1507,7 @@
case IPV6_TCLASS:
case IPV6_DONTFRAG:
case IPV6_USE_MIN_MTU:
+ case IPV6_PREFER_TEMPADDR:
error = sockopt_getint(sopt, &optval);
if (error)
break;
@@ -1819,6 +1820,7 @@
case IPV6_TCLASS:
case IPV6_DONTFRAG:
case IPV6_USE_MIN_MTU:
+ case IPV6_PREFER_TEMPADDR:
error = ip6_getpcbopt(in6p->in6p_outputopts,
optname, sopt);
break;
@@ -1996,6 +1998,7 @@
opt->ip6po_hlim = -1; /* -1 means default hop limit */
opt->ip6po_tclass = -1; /* -1 means default traffic class */
opt->ip6po_minmtu = IP6PO_MINMTU_MCASTONLY;
+ opt->ip6po_prefer_tempaddr = IP6PO_TEMPADDR_SYSTEM;
}
#define sin6tosa(sin6) ((struct sockaddr *)(sin6)) /* XXX */
@@ -2028,6 +2031,7 @@
struct in6_pktinfo null_pktinfo;
int deftclass = 0, on;
int defminmtu = IP6PO_MINMTU_MCASTONLY;
+ int defpreftemp = IP6PO_TEMPADDR_SYSTEM;
switch (optname) {
case IPV6_PKTINFO:
@@ -2099,6 +2103,13 @@
optdata = (void *)&on;
optdatalen = sizeof(on);
break;
+ case IPV6_PREFER_TEMPADDR:
+ if (pktopt)
+ optdata = (void *)&pktopt->ip6po_prefer_tempaddr;
+ else
+ optdata = (void *)&defpreftemp;
+ optdatalen = sizeof(int);
+ break;
default: /* should not happen */
#ifdef DIAGNOSTIC
panic("ip6_getpcbopt: unexpected option\n");
@@ -2658,7 +2669,7 @@
ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt,
kauth_cred_t cred, int sticky, int cmsg, int uproto)
{
- int minmtupolicy;
+ int minmtupolicy, preftemp;
int error;
if (!sticky && !cmsg) {
@@ -2698,6 +2709,7 @@
case IPV6_DONTFRAG:
case IPV6_OTCLASS:
case IPV6_TCLASS:
+ case IPV6_PREFER_TEMPADDR: /* XXX not an RFC3542 option */
return (ENOPROTOOPT);
}
}
@@ -3034,6 +3046,18 @@
opt->ip6po_flags |= IP6PO_DONTFRAG;
break;
+ case IPV6_PREFER_TEMPADDR:
+ if (len != sizeof(int))
+ return (EINVAL);
+ preftemp = *(int *)buf;
+ if (preftemp != IP6PO_TEMPADDR_SYSTEM &&
+ preftemp != IP6PO_TEMPADDR_NOTPREFER &&
+ preftemp != IP6PO_TEMPADDR_PREFER) {
+ return (EINVAL);
+ }
+ opt->ip6po_prefer_tempaddr = preftemp;
+ break;
+
default:
return (ENOPROTOOPT);
} /* end of switch */
Index: sys/netinet6/ip6_var.h
===================================================================
RCS file: /cvsroot/src/sys/netinet6/ip6_var.h,v
retrieving revision 1.59
diff -u -u -r1.59 ip6_var.h
--- sys/netinet6/ip6_var.h 23 Jun 2012 03:14:04 -0000 1.59
+++ sys/netinet6/ip6_var.h 21 Oct 2012 20:00:27 -0000
@@ -148,6 +148,13 @@
#define IP6PO_MINMTU_MCASTONLY -1 /* default; send at min MTU for multicast*/
#define IP6PO_MINMTU_DISABLE 0 /* always perform pmtu disc */
#define IP6PO_MINMTU_ALL 1 /* always send at min MTU */
+
+ int ip6po_prefer_tempaddr; /* whether temporary addresses are
+ preferred as source address */
+#define IP6PO_TEMPADDR_SYSTEM -1 /* follow the system default */
+#define IP6PO_TEMPADDR_NOTPREFER 0 /* not prefer temporary address */
+#define IP6PO_TEMPADDR_PREFER 1 /* prefer temporary address */
+
int ip6po_flags;
#if 0 /* parameters in this block is obsolete. do not reuse the values. */
#define IP6PO_REACHCONF 0x01 /* upper-layer reachability confirmation. */
From: "Roy Marples" <roy@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/47100 CVS commit: src/sys/netinet6
Date: Tue, 20 Jan 2015 21:27:37 +0000
Module Name: src
Committed By: roy
Date: Tue Jan 20 21:27:37 UTC 2015
Modified Files:
src/sys/netinet6: in6.h in6_src.c ip6_input.c ip6_output.c ip6_var.h
mld6.c
Log Message:
Add net.inet6.ip6.prefer_tempaddr sysctl knob so that we can prefer
IPv6 temporary addresses as the source address.
Fixes PR kern/47100 based on a patch by Dieter Roelants.
To generate a diff of this commit:
cvs rdiff -u -r1.81 -r1.82 src/sys/netinet6/in6.h
cvs rdiff -u -r1.55 -r1.56 src/sys/netinet6/in6_src.c
cvs rdiff -u -r1.149 -r1.150 src/sys/netinet6/ip6_input.c
cvs rdiff -u -r1.160 -r1.161 src/sys/netinet6/ip6_output.c
cvs rdiff -u -r1.63 -r1.64 src/sys/netinet6/ip6_var.h
cvs rdiff -u -r1.61 -r1.62 src/sys/netinet6/mld6.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/47100 CVS commit: [netbsd-7] src/sys/netinet6
Date: Fri, 23 Jan 2015 09:27:15 +0000
Module Name: src
Committed By: martin
Date: Fri Jan 23 09:27:15 UTC 2015
Modified Files:
src/sys/netinet6 [netbsd-7]: in6.h in6_src.c ip6_input.c ip6_output.c
ip6_var.h mld6.c
Log Message:
Pull up following revision(s) (requested by pettai in ticket #441):
sys/netinet6/ip6_var.h: revision 1.64
sys/netinet6/in6.h: revision 1.82
sys/netinet6/in6_src.c: revision 1.56
sys/netinet6/mld6.c: revision 1.62
sys/netinet6/ip6_input.c: revision 1.150
sys/netinet6/ip6_output.c: revision 1.161
Add net.inet6.ip6.prefer_tempaddr sysctl knob so that we can prefer
IPv6 temporary addresses as the source address.
Fixes PR kern/47100 based on a patch by Dieter Roelants.
To generate a diff of this commit:
cvs rdiff -u -r1.78 -r1.78.2.1 src/sys/netinet6/in6.h
cvs rdiff -u -r1.54 -r1.54.2.1 src/sys/netinet6/in6_src.c
cvs rdiff -u -r1.149 -r1.149.2.1 src/sys/netinet6/ip6_input.c
cvs rdiff -u -r1.157.2.1 -r1.157.2.2 src/sys/netinet6/ip6_output.c
cvs rdiff -u -r1.62 -r1.62.2.1 src/sys/netinet6/ip6_var.h
cvs rdiff -u -r1.59.2.1 -r1.59.2.2 src/sys/netinet6/mld6.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->feedback
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sat, 14 Feb 2015 10:46:23 +0000
State-Changed-Why:
Is this fixed?
State-Changed-From-To: feedback->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sun, 29 May 2016 23:46:58 +0000
State-Changed-Why:
I guess this is fixed...
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.