git: b73183d1a243 - main - ipv6: disable RFC 4620 nodeinfo by default
Date: Wed, 26 Apr 2023 17:48:10 UTC
The branch main has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=b73183d1a243d486e3889bd71800e94812f5fa17
commit b73183d1a243d486e3889bd71800e94812f5fa17
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2023-04-24 19:41:45 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-04-26 17:47:59 +0000
ipv6: disable RFC 4620 nodeinfo by default
RFC 4620 is an experimental RFC that can be used to request information
about a host, including:
- the fully-qualified or single-component name
- some set of the Responder's IPv6 unicast addresses
- some set of the Responder's IPv4 unicast addresses
This is not something that should be made available by default.
PR: 257709
Submitted by: ruben@verweg.com
Reviewed by: melifaro
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39778
---
sys/netinet6/in6_proto.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c
index 971b61c74899..557edaf2e7e1 100644
--- a/sys/netinet6/in6_proto.c
+++ b/sys/netinet6/in6_proto.c
@@ -193,8 +193,7 @@ VNET_DEFINE(int, icmp6_rediraccept) = 1;/* accept and process redirects */
VNET_DEFINE(int, icmp6_redirtimeout) = 10 * 60; /* 10 minutes */
VNET_DEFINE(int, icmp6errppslim) = 100; /* 100pps */
/* control how to respond to NI queries */
-VNET_DEFINE(int, icmp6_nodeinfo) =
- (ICMP6_NODEINFO_FQDNOK|ICMP6_NODEINFO_NODEADDROK);
+VNET_DEFINE(int, icmp6_nodeinfo) = 0;
VNET_DEFINE(int, icmp6_nodeinfo_oldmcprefix) = 1;
VNET_DEFINE_STATIC(int, ip6_log_interval) = 5;