Hey! Here are a few patches for FreeBSD. They are targeted to the "legacy" branch, but the two last ones can be applied to the master branch as well.
--- INSTALL | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INSTALL b/INSTALL index b3f66f135122..e48a53f7e8c6 100644 --- a/INSTALL +++ b/INSTALL @@ -15,7 +15,7 @@ To compile current development BIRD source code from Git repository, you also need Git (to download the source code) and Autoconf (to generate the configure script and associated files using 'autoreconf' tool): -$ git clone https://gitlab.labs.nic.cz/labs/bird/ +$ git clone https://gitlab.labs.nic.cz/labs/bird/ -b legacy $ cd bird $ autoreconf -- 2.23.0.rc1
FreeBSD use the same value as IPv4, set with IP_MINTTL, for IPv6. See: <http://fxr.watson.org/fxr/source/netinet/tcp_input.c?v=FREEBSD-12-0#L937> --- sysdep/bsd/sysio.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sysdep/bsd/sysio.h b/sysdep/bsd/sysio.h index 545276a37c3a..f02b80945ba2 100644 --- a/sysdep/bsd/sysio.h +++ b/sysdep/bsd/sysio.h @@ -245,9 +245,9 @@ sk_set_min_ttl4(sock *s, int ttl) } static inline int -sk_set_min_ttl6(sock *s, int ttl UNUSED) +sk_set_min_ttl6(sock *s, int ttl) { - ERR_MSG("Kernel does not support IPv6 TTL security"); + return sk_set_min_ttl4(s, ttl); } static inline int -- 2.23.0.rc1
Hi Vincent, thank you very much. I will add it. Ondrej On 12. 08. 19 13:57, Vincent Bernat wrote:
FreeBSD use the same value as IPv4, set with IP_MINTTL, for IPv6. See: <http://fxr.watson.org/fxr/source/netinet/tcp_input.c?v=FREEBSD-12-0#L937> --- sysdep/bsd/sysio.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sysdep/bsd/sysio.h b/sysdep/bsd/sysio.h index 545276a37c3a..f02b80945ba2 100644 --- a/sysdep/bsd/sysio.h +++ b/sysdep/bsd/sysio.h @@ -245,9 +245,9 @@ sk_set_min_ttl4(sock *s, int ttl) }
static inline int -sk_set_min_ttl6(sock *s, int ttl UNUSED) +sk_set_min_ttl6(sock *s, int ttl) { - ERR_MSG("Kernel does not support IPv6 TTL security"); + return sk_set_min_ttl4(s, ttl); }
static inline int
On Mon, Aug 12, 2019 at 01:57:40PM +0200, Vincent Bernat wrote:
FreeBSD use the same value as IPv4, set with IP_MINTTL, for IPv6. See: <http://fxr.watson.org/fxr/source/netinet/tcp_input.c?v=FREEBSD-12-0#L937>
This seems strange to me, i would expect thate the setsockopt() would be rejected just because it is IPPROTO_IP and not IPPROTO_IPV6. Was it tested, does it really work? Also, it seems that OpenBSD has IPV6_MINHOPCOUNT like Linux.
--- sysdep/bsd/sysio.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sysdep/bsd/sysio.h b/sysdep/bsd/sysio.h index 545276a37c3a..f02b80945ba2 100644 --- a/sysdep/bsd/sysio.h +++ b/sysdep/bsd/sysio.h @@ -245,9 +245,9 @@ sk_set_min_ttl4(sock *s, int ttl) }
static inline int -sk_set_min_ttl6(sock *s, int ttl UNUSED) +sk_set_min_ttl6(sock *s, int ttl) { - ERR_MSG("Kernel does not support IPv6 TTL security"); + return sk_set_min_ttl4(s, ttl); }
static inline int -- 2.23.0.rc1
-- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On 12. 08. 19 15:13, Ondrej Zajicek wrote:
On Mon, Aug 12, 2019 at 01:57:40PM +0200, Vincent Bernat wrote:
FreeBSD use the same value as IPv4, set with IP_MINTTL, for IPv6. See: <http://fxr.watson.org/fxr/source/netinet/tcp_input.c?v=FREEBSD-12-0#L937>
This seems strange to me, i would expect thate the setsockopt() would be rejected just because it is IPPROTO_IP and not IPPROTO_IPV6.
Was it tested, does it really work?
I am dealing with the patch and just I wanted to raise the same question. :-) You are quicker Santiago... Ondrej
Also, it seems that OpenBSD has IPV6_MINHOPCOUNT like Linux.
--- sysdep/bsd/sysio.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sysdep/bsd/sysio.h b/sysdep/bsd/sysio.h index 545276a37c3a..f02b80945ba2 100644 --- a/sysdep/bsd/sysio.h +++ b/sysdep/bsd/sysio.h @@ -245,9 +245,9 @@ sk_set_min_ttl4(sock *s, int ttl) }
static inline int -sk_set_min_ttl6(sock *s, int ttl UNUSED) +sk_set_min_ttl6(sock *s, int ttl) { - ERR_MSG("Kernel does not support IPv6 TTL security"); + return sk_set_min_ttl4(s, ttl); }
static inline int -- 2.23.0.rc1
participants (3)
-
Ondrej Filip -
Ondrej Zajicek -
Vincent Bernat