svn commit: r338053 - head/sys/netinet

Michael Tuexen tuexen at freebsd.org
Sun Aug 19 17:08:31 UTC 2018 

> On 19. Aug 2018, at 18:35, Conrad Meyer <cem at FreeBSD.org> wrote:
> 
> On Sun, Aug 19, 2018 at 7:56 AM, Michael Tuexen <tuexen at freebsd.org> wrote:
>> Author: tuexen
>> Date: Sun Aug 19 14:56:10 2018
>> New Revision: 338053
>> URL: https://svnweb.freebsd.org/changeset/base/338053
>> 
>> Log:
>>  … a keyed hash function taking
>>  the source and destination addresses and port numbers into account.
>>  The keyed hash function is the same a used for the initial TSN.
>> ...
>> Modified: head/sys/netinet/tcp_subr.c
>> ==============================================================================
>> --- head/sys/netinet/tcp_subr.c Sun Aug 19 14:48:32 2018        (r338052)
>> +++ head/sys/netinet/tcp_subr.c Sun Aug 19 14:56:10 2018        (r338053)
>> @@ -233,6 +233,9 @@ VNET_DEFINE(uma_zone_t, sack_hole_zone);
>> ...
>> 
>> +static uint32_t
>> +tcp_keyed_hash(struct in_conninfo *inc, u_char *key)
>> +{
>> +       MD5_CTX ctx;
>> +       uint32_t hash[4];
>> 
>> +       MD5Init(&ctx);
>> +       MD5Update(&ctx, &inc->inc_fport, sizeof(uint16_t));
>> +       MD5Update(&ctx, &inc->inc_lport, sizeof(uint16_t));
>> +       switch (inc->inc_flags & INC_ISIPV6) {
>> +#ifdef INET
>> +       case 0:
>> +               MD5Update(&ctx, &inc->inc_faddr, sizeof(struct in_addr));
>> +               MD5Update(&ctx, &inc->inc_laddr, sizeof(struct in_addr));
>> +               break;
>> +#endif
>> +#ifdef INET6
>> +       case INC_ISIPV6:
>> +               MD5Update(&ctx, &inc->inc6_faddr, sizeof(struct in6_addr));
>> +               MD5Update(&ctx, &inc->inc6_laddr, sizeof(struct in6_addr));
>> +               break;
>> +#endif
>> +       }
>> +       MD5Update(&ctx, key, 32);
>> +       MD5Final((unsigned char *)hash, &ctx);
>> +
>> +       return (hash[0]);
> 
> Hi Michael,
> 
> How was this particular keyed hash function construction chosen?
> (Yes, I see it is the same initial TSN, but how was that selected?)
You mean:

Why is FreeBSD using the MD5 with secret suffix as the keyed hash function?

I don't know, I have not implemented that.

However, https://tools.ietf.org/html/rfc6528#section-3 suggests this,
OpenBSD uses a similar computation, but uses SHA512 instead of MD5, NetBSD
seem to use the same computation as FreeBSD.
I guess using MD5 was an acceptable choice at the time the choice was made.

When preparing this patch I was about to choose a different keyed hash function,
but decided to separate
* Using a keyed has functions as the offset for the TCP time stamp.
* Choose a good keyed hash function.

That is why I isolated the keyed hash function. So it is simple to replace
it with a different one.

I think it would be good to change this keyed hash function to SIP-HASH (both
for the initial sequence number and the time stamp). Opinions?

Best regards
Michael
> 
> Thanks,
> Conrad

More information about the svn-src-head mailing list