Date: Sun, 21 Sep 2025 00:17:59 +0200 From: "Herbert J. Skuhra" <herbert@gojira.at> To: Guido Falsi <madpilot@FreeBSD.org> Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: Re: git: 31ec8b6407fd - main - sys/netinet6: Implement RFC 7217 Message-ID: <874iswhip4.wl-herbert@gojira.at> In-Reply-To: <202509201231.58KCVqBC047480@gitrepo.freebsd.org> References: <202509201231.58KCVqBC047480@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 20 Sep 2025 14:31:52 +0200, Guido Falsi wrote: > > The branch main has been updated by madpilot: > > URL: https://cgit.FreeBSD.org/src/commit/?id=31ec8b6407fdd5a87d70265762457c67ce618283 > > commit 31ec8b6407fdd5a87d70265762457c67ce618283 > Author: Guido Falsi <madpilot@FreeBSD.org> > AuthorDate: 2025-09-20 12:26:41 +0000 > Commit: Guido Falsi <madpilot@FreeBSD.org> > CommitDate: 2025-09-20 12:31:44 +0000 > > sys/netinet6: Implement RFC 7217 > > Implement RFC 7217 (A Method for Generating Semantically Opaque > Interface Identifiers with IPv6 Stateless Address Autoconfiguration > (SLAAC)) in our IPv6 stack. > > A new ifconfig `stableaddr` flag is added to enable the feature on > interfaces, which defaults to on or off for new interfaces based > on the sysctl `net.inet6.ip6.use_stableaddr` (off by default, so > this commit causes no change in behavior with default settings). > > The algorithm follows the RFC in its logic, using SHA256-HMAC as > the algorithm to derive addresses so as to provide code that can > be leveraged by future implentations of RFC 8981, leveraging the > `hostuuid` as the secret. > > The source of the hostidentifier can be configured using the sysctl > `net.inet6.ip6.stableaddr_netifsource`, while the number of retries > generating a new address in case of collision can be configured > using the `net.inet6.ip6.stableaddr_maxretries` sysctl (default 3). > > Documentation about all these flags is added to the ifconfig(8) man > page. > > Reviewed by: cognet, glebius, hrs > Tested by: zarychtam@plan-b.pwste.edu.pl > Approved by: cognet, glebius > Relnotes: yes > Differential Revision: https://reviews.freebsd.org/D49681 > --- > sbin/ifconfig/af_inet6.c | 2 + > sbin/ifconfig/af_nd6.c | 1 + > sbin/ifconfig/ifconfig.8 | 30 +++++ > sys/netinet6/in6.h | 3 + > sys/netinet6/in6_ifattach.c | 275 +++++++++++++++++++++++++++++++++++++------- > sys/netinet6/in6_ifattach.h | 2 + > sys/netinet6/in6_proto.c | 10 ++ > sys/netinet6/ip6_input.c | 1 + > sys/netinet6/ip6_var.h | 12 ++ > sys/netinet6/nd6.c | 9 ++ > sys/netinet6/nd6.h | 2 + > sys/netinet6/nd6_nbr.c | 35 +++++- > sys/netinet6/nd6_rtr.c | 128 +++++++++++++-------- > usr.sbin/ndp/ndp.c | 7 ++ > 14 files changed, 423 insertions(+), 94 deletions(-) This commit breaks security/netbird: Management: Disconnected, reason: create wg interface: error creating tun device: unable to get nd6 flags for tun0: invalid argument Signal: Disconnected, reason: create wg interface: error creating tun device: unable to get nd6 flags for tun0: invalid argument
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?874iswhip4.wl-herbert>