git: 5c4e8a631097 - stable/13 - ipv6: disable RFC 4620 nodeinfo by default
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 01 May 2023 12:15:24 UTC
The branch stable/13 has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=5c4e8a6310973f22eb76835f1b0d5ba5dd9df2f7
commit 5c4e8a6310973f22eb76835f1b0d5ba5dd9df2f7
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2023-04-24 19:41:45 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-05-01 12:15:08 +0000
ipv6: disable RFC 4620 nodeinfo by default
RFC 4620 is an experimental RFC that can be used to request information
about a host, including:
- the fully-qualified or single-component name
- some set of the Responder's IPv6 unicast addresses
- some set of the Responder's IPv4 unicast addresses
This is not something that should be made available by default.
PR: 257709
Submitted by: ruben@verweg.com
Reviewed by: melifaro
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39778
(cherry picked from commit b73183d1a243d486e3889bd71800e94812f5fa17)
---
sys/netinet6/in6_proto.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c
index fb4f76dd698c..07ce80b6ea68 100644
--- a/sys/netinet6/in6_proto.c
+++ b/sys/netinet6/in6_proto.c
@@ -413,8 +413,7 @@ VNET_DEFINE(int, icmp6_rediraccept) = 1;/* accept and process redirects */
VNET_DEFINE(int, icmp6_redirtimeout) = 10 * 60; /* 10 minutes */
VNET_DEFINE(int, icmp6errppslim) = 100; /* 100pps */
/* control how to respond to NI queries */
-VNET_DEFINE(int, icmp6_nodeinfo) =
- (ICMP6_NODEINFO_FQDNOK|ICMP6_NODEINFO_NODEADDROK);
+VNET_DEFINE(int, icmp6_nodeinfo) = 0;
VNET_DEFINE(int, icmp6_nodeinfo_oldmcprefix) = 1;
/*