[IPV6]: ADDRCONF: Use our standard algorithm for randomized ifid.

RFC 3041 describes an algorithm to generate random interface
identifier.  In RFC 3041bis, it is allowed to use different
algorithm than one described in RFC 3041.

So, let's use our standard pseudo random algorithm to simplify
our implementation.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
YOSHIFUJI Hideaki 2006-03-20 16:54:09 -08:00 коммит произвёл David S. Miller
Родитель 955aaa2fe3
Коммит 955189efb4
3 изменённых файлов: 5 добавлений и 50 удалений

Просмотреть файл

@ -180,11 +180,8 @@ struct inet6_dev
#ifdef CONFIG_IPV6_PRIVACY
u8 rndid[8];
u8 entropy[8];
struct timer_list regen_timer;
struct inet6_ifaddr *tempaddr_list;
__u8 work_eui64[8];
__u8 work_digest[16];
#endif
struct neigh_parms *nd_parms;

Просмотреть файл

@ -6,8 +6,6 @@
config IPV6
tristate "The IPv6 protocol"
default m
select CRYPTO if IPV6_PRIVACY
select CRYPTO_MD5 if IPV6_PRIVACY
---help---
This is complemental support for the IP version 6.
You will still be able to do traditional IPv4 networking as well.
@ -22,7 +20,7 @@ config IPV6
module will be called ipv6.
config IPV6_PRIVACY
bool "IPv6: Privacy Extensions (RFC 3041) support"
bool "IPv6: Privacy Extensions support"
depends on IPV6
---help---
Privacy Extensions for Stateless Address Autoconfiguration in IPv6
@ -30,6 +28,9 @@ config IPV6_PRIVACY
pseudo-random global-scope unicast address(es) will assigned to
your interface(s).
We use our standard pseudo random algorithm to generate randomized
interface identifier, instead of one described in RFC 3041.
By default, kernel do not generate temporary addresses.
To use temporary addresses, do

Просмотреть файл

@ -78,8 +78,6 @@
#ifdef CONFIG_IPV6_PRIVACY
#include <linux/random.h>
#include <linux/crypto.h>
#include <linux/scatterlist.h>
#endif
#include <asm/uaccess.h>
@ -110,8 +108,6 @@ static int __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpad
static void ipv6_regen_rndid(unsigned long data);
static int desync_factor = MAX_DESYNC_FACTOR * HZ;
static struct crypto_tfm *md5_tfm;
static DEFINE_SPINLOCK(md5_tfm_lock);
#endif
static int ipv6_count_addresses(struct inet6_dev *idev);
@ -371,8 +367,6 @@ static struct inet6_dev * ipv6_add_dev(struct net_device *dev)
in6_dev_hold(ndev);
#ifdef CONFIG_IPV6_PRIVACY
get_random_bytes(ndev->rndid, sizeof(ndev->rndid));
get_random_bytes(ndev->entropy, sizeof(ndev->entropy));
init_timer(&ndev->regen_timer);
ndev->regen_timer.function = ipv6_regen_rndid;
ndev->regen_timer.data = (unsigned long) ndev;
@ -1376,34 +1370,9 @@ static int ipv6_inherit_eui64(u8 *eui, struct inet6_dev *idev)
/* (re)generation of randomized interface identifier (RFC 3041 3.2, 3.5) */
static int __ipv6_regen_rndid(struct inet6_dev *idev)
{
struct net_device *dev;
struct scatterlist sg[2];
sg_set_buf(&sg[0], idev->entropy, 8);
sg_set_buf(&sg[1], idev->work_eui64, 8);
dev = idev->dev;
if (ipv6_generate_eui64(idev->work_eui64, dev)) {
printk(KERN_INFO
"__ipv6_regen_rndid(idev=%p): cannot get EUI64 identifier; use random bytes.\n",
idev);
get_random_bytes(idev->work_eui64, sizeof(idev->work_eui64));
}
regen:
spin_lock(&md5_tfm_lock);
if (unlikely(md5_tfm == NULL)) {
spin_unlock(&md5_tfm_lock);
return -1;
}
crypto_digest_init(md5_tfm);
crypto_digest_update(md5_tfm, sg, 2);
crypto_digest_final(md5_tfm, idev->work_digest);
spin_unlock(&md5_tfm_lock);
memcpy(idev->rndid, &idev->work_digest[0], 8);
get_random_bytes(idev->rndid, sizeof(idev->rndid));
idev->rndid[0] &= ~0x02;
memcpy(idev->entropy, &idev->work_digest[8], 8);
/*
* <draft-ietf-ipngwg-temp-addresses-v2-00.txt>:
@ -3759,13 +3728,6 @@ int __init addrconf_init(void)
register_netdevice_notifier(&ipv6_dev_notf);
#ifdef CONFIG_IPV6_PRIVACY
md5_tfm = crypto_alloc_tfm("md5", 0);
if (unlikely(md5_tfm == NULL))
printk(KERN_WARNING
"failed to load transform for md5\n");
#endif
addrconf_verify(0);
rtnetlink_links[PF_INET6] = inet6_rtnetlink_table;
#ifdef CONFIG_SYSCTL
@ -3828,11 +3790,6 @@ void __exit addrconf_cleanup(void)
rtnl_unlock();
#ifdef CONFIG_IPV6_PRIVACY
crypto_free_tfm(md5_tfm);
md5_tfm = NULL;
#endif
#ifdef CONFIG_PROC_FS
proc_net_remove("if_inet6");
#endif