Date: Thu, 9 Jul 2009 12:11:26 -0400 (EDT) From: Mike Silbersack <silby@silby.com> To: sthaug@nethelp.no Cc: freebsd-net@freebsd.org, robert <robert@fledge.watson.org> Subject: Re: Missing MFC of Silbersack/Klein IP id generation? Message-ID: <alpine.BSF.1.00.0907091208320.26293@niwun.pair.com> In-Reply-To: <20090708.141630.78743642.sthaug@nethelp.no> References: <20090708.141630.78743642.sthaug@nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 8 Jul 2009, sthaug@nethelp.no wrote: > According to the comments for rev. 1.10 of netinet/ip_id.c, from > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c > > this is to be MFCed after 2 weeks (i.e. 2 weeks after 6. February 2008). > > And yet here we are in July 2009, and 7-STABLE shows no sign of this > version of the IP id generation code but instead has the version that > Amit Klein showed had problems, > > http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf > > Is this a deliberate choice? > > Steinar Haug, Nethelp consulting, sthaug@nethelp.no This is a case of me losing track of time and not getting around to the merge. As far as I know the code in question works properly. I will try to merge it soon. If another committer would like to handle the merge for me to get it done sooner, please speak up. :) Sorry for the delay, Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.1.00.0907091208320.26293>