From: Roy Marples Date: Fri, 17 Jan 2020 17:18:45 +0000 (+0000) Subject: OpenBSD: Support privacy extensions X-Git-Tag: v9.0.0~102 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=af464019ab2f04b3db186a7a7210934c956edb2c;p=thirdparty%2Fdhcpcd.git OpenBSD: Support privacy extensions If course, OpenBSD is really different from other BSD's. IN6_IFF_PRIVACY is their IN6_IFF_TEMPORARY. Temporary addresses are on by default, you need to turn them off on OpenBSD via ifconfig. Temporary addresss timings are not configurable and the address itself is always preferred over non temporary addresses within the same scope. --- diff --git a/src/if-bsd.c b/src/if-bsd.c index 717c49e0..7fbd73ce 100644 --- a/src/if-bsd.c +++ b/src/if-bsd.c @@ -1634,7 +1634,7 @@ if_applyra(const struct ra *rap) } #ifdef IPV6_MANAGETEMPADDR -#ifndef IPV6CTL_TEMPVLTIME +#if defined(IPV6CTL_TEMPVLTIME) && !defined(__OpenBSD__) #define get_inet6_sysctlbyname(code) inet6_sysctlbyname(code, 0, 0) #define set_inet6_sysctlbyname(code, val) inet6_sysctlbyname(code, val, 1) static int @@ -1654,6 +1654,40 @@ inet6_sysctlbyname(const char *name, int val, int action) } #endif +#ifdef __OpenBSD__ +int +ip6_use_tempaddr(const char *ifname) +{ + int s, r; + struct ifreq ifr; + + s = socket(PF_INET6, SOCK_DGRAM, 0); /* XXX Not efficient */ + if (s == -1) + return -1; + strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); + r = ioctl(s, SIOCGIFXFLAGS, &ifr); + close(s); + if (r == -1) + return -1; + return ifr.ifr_flags & IFXF_INET6_NOPRIVACY ? 0 : 1; +} + +int +ip6_temp_preferred_lifetime(__unused const char *ifname) +{ + + return ND6_PRIV_PREFERRED_LIFETIME; +} + +int +ip6_temp_valid_lifetime(__unused const char *ifname) +{ + + return ND6_PRIV_VALID_LIFETIME; +} + +#else /* __OpenBSD__ */ + int ip6_use_tempaddr(__unused const char *ifname) { @@ -1692,6 +1726,7 @@ ip6_temp_valid_lifetime(__unused const char *ifname) #endif return val < 0 ? TEMP_VALID_LIFETIME : val; } +#endif /* !__OpenBSD__ */ #endif int diff --git a/src/ipv6.h b/src/ipv6.h index 3158de34..95f9022b 100644 --- a/src/ipv6.h +++ b/src/ipv6.h @@ -108,6 +108,11 @@ # undef IPV6_POLLADDRFLAG #endif +/* Of course OpenBSD has their own special name. */ +#if !defined(IN6_IFF_TEMPORARY) && defined(IN6_IFF_PRIVACY) +#define IN6_IFF_TEMPORARY IN6_IFF_PRIVACY +#endif + #ifdef __sun /* Solaris lacks these defines. * While it supports DaD, to seems to only expose IFF_DUPLICATE