Missing MFC of Silbersack/Klein IP id generation?
Mike Silbersack
silby at silby.com
Thu Jul 9 16:38:15 UTC 2009
On Wed, 8 Jul 2009, sthaug at nethelp.no wrote:
> According to the comments for rev. 1.10 of netinet/ip_id.c, from
>
> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c
>
> this is to be MFCed after 2 weeks (i.e. 2 weeks after 6. February 2008).
>
> And yet here we are in July 2009, and 7-STABLE shows no sign of this
> version of the IP id generation code but instead has the version that
> Amit Klein showed had problems,
>
> http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf
>
> Is this a deliberate choice?
>
> Steinar Haug, Nethelp consulting, sthaug at nethelp.no
This is a case of me losing track of time and not getting around to the
merge. As far as I know the code in question works properly. I will try
to merge it soon. If another committer would like to handle the merge for
me to get it done sooner, please speak up. :)
Sorry for the delay,
Mike "Silby" Silbersack
More information about the freebsd-net
mailing list