1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
From: Christopher Martin <chrsmrtn@gmail.com>
Date: Tue, 16 Oct 2018 19:16:53 -0400
Subject: Adding option to randomize interface id
Please find attached a patch that adds a new feature to
wide-dhcpv6-client, namely an option ("ifid-random") in the
prefix-interface section of dhcp6c.conf to generate a random interface
id on startup. This is useful if you wish to have the final 64 bits of
your IPv6 address change from time to time - a sort of very rough
equivalent of IPv6 Privacy Extensions. If you do not add "ifid-random"
to the config file, then nothing about the client's current behaviour
changes.
Note that if your prefix-interface section has both the current "ifid
X" option (where X is whatever number you want to manually assign as
your interface id) and the new "ifid-random" option, then the
interface id is randomized and "ifid X" is ignored.
Thanks,
Christopher Martin
---
cfparse.y | 9 ++++++++-
cftoken.l | 1 +
config.c | 9 +++++++++
config.h | 2 +-
dhcp6c.conf.5 | 9 +++++++++
5 files changed, 28 insertions(+), 2 deletions(-)
diff --git a/cfparse.y b/cfparse.y
index e83ecf7..9e685f4 100644
--- a/cfparse.y
+++ b/cfparse.y
@@ -104,7 +104,7 @@ static void cleanup_cflist __P((struct cf_list *));
%token INTERFACE IFNAME
%token PROFILE PROFILENAME
-%token PREFIX_INTERFACE SLA_ID SLA_LEN IFID DUID_ID
+%token PREFIX_INTERFACE SLA_ID SLA_LEN IFID IFID_RAND DUID_ID
%token ID_ASSOC IA_PD IAID IA_NA
%token ADDRESS
%token REQUEST SEND ALLOW PREFERENCE
@@ -1064,6 +1064,13 @@ ifparam:
l->num = (u_int64_t)$2;
$$ = l;
}
+ | IFID_RAND EOS
+ {
+ struct cf_list *l;
+
+ MAKE_CFLIST(l, IFPARAM_IFID_RAND, NULL, NULL);
+ $$ = l;
+ }
;
ianaconf_list:
diff --git a/cftoken.l b/cftoken.l
index f35b59f..e266ac2 100644
--- a/cftoken.l
+++ b/cftoken.l
@@ -244,6 +244,7 @@ ecl \}
<S_CNF>sla-id { DECHO; return (SLA_ID); }
<S_CNF>sla-len { DECHO; return (SLA_LEN); }
<S_CNF>ifid { DECHO; return (IFID); }
+<S_CNF>ifid-random { DECHO; return (IFID_RAND); }
/* duration */
<S_CNF>infinity { DECHO; return (INFINITY); }
diff --git a/config.c b/config.c
index 2c5ad5d..5829d92 100644
--- a/config.c
+++ b/config.c
@@ -521,6 +521,15 @@ add_pd_pif(iapdc, cfl0)
}
break;
case IFPARAM_IFID:
+ if (use_default_ifid) {
+ for (i = sizeof(pif->ifid) - 1; i >= 0; i--)
+ pif->ifid[i] = (cfl->num >> 8*(sizeof(pif->ifid) - 1 - i)) & 0xff;
+ use_default_ifid = 0;
+ }
+ break;
+ case IFPARAM_IFID_RAND:
+ for (i = 0; i < pif->ifid_len ; i++)
+ cfl->num = cfl->num*2 + rand()%2;
for (i = sizeof(pif->ifid) -1; i >= 0; i--)
pif->ifid[i] = (cfl->num >> 8*(sizeof(pif->ifid) - 1 - i)) & 0xff;
use_default_ifid = 0;
diff --git a/config.h b/config.h
index 64ce9e8..36a5aa3 100644
--- a/config.h
+++ b/config.h
@@ -266,7 +266,7 @@ enum { DECL_SEND, DECL_ALLOW, DECL_INFO_ONLY, DECL_REQUEST, DECL_DUID,
DECL_PREFIX, DECL_PREFERENCE, DECL_SCRIPT, DECL_DELAYEDKEY,
DECL_ADDRESS,
DECL_RANGE, DECL_ADDRESSPOOL,
- IFPARAM_SLA_ID, IFPARAM_SLA_LEN, IFPARAM_IFID,
+ IFPARAM_SLA_ID, IFPARAM_SLA_LEN, IFPARAM_IFID, IFPARAM_IFID_RAND,
DHCPOPT_RAPID_COMMIT, DHCPOPT_AUTHINFO,
DHCPOPT_DNS, DHCPOPT_DNSNAME,
DHCPOPT_IA_PD, DHCPOPT_IA_NA, DHCPOPT_NTP,
diff --git a/dhcp6c.conf.5 b/dhcp6c.conf.5
index 1c91d72..5693fb8 100644
--- a/dhcp6c.conf.5
+++ b/dhcp6c.conf.5
@@ -453,6 +453,15 @@ must be a decimal integer. It will be combined with the delegated
prefix and the sla-id to form a complete interface address. The
default is to use the EUI-64 address of the
.Ar interface .
+.It Xo
+.Ic ifid-random ;
+.Xc
+This statement instructs the client to generate a completely random
+interface id. This will override the
+.Ic ifid
+statement, if present. The resulting random interface id will be combined
+with the delegated prefix and the sla-id to form a complete interface
+address.
.El
.El
.\"
|
