Missing MFC of Silbersack/Klein IP id generation?
sthaug at nethelp.no
sthaug at nethelp.no
Wed Jul 8 12:43:12 UTC 2009
According to the comments for rev. 1.10 of netinet/ip_id.c, from
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c
this is to be MFCed after 2 weeks (i.e. 2 weeks after 6. February 2008).
And yet here we are in July 2009, and 7-STABLE shows no sign of this
version of the IP id generation code but instead has the version that
Amit Klein showed had problems,
http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf
Is this a deliberate choice?
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the freebsd-net
mailing list