Bug 257709
| Summary: | netinet6: Set net.inet6.icmp6.nodeinfo default to 0 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Base System | Reporter: | ruben | ||||
| Component: | kern | Assignee: | freebsd-net (Nobody) <net> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Many People | CC: | emaste, henrichhartzer, jlduran, kaktus, net, pi, secteam, zlei | ||||
| Priority: | --- | Keywords: | needs-patch, needs-qa, security | ||||
| Version: | 13.0-RELEASE | Flags: | koobs:
maintainer-feedback?
(secteam) koobs: mfc-stable13? koobs: mfc-stable12? koobs: mfc-stable11? |
||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
|
Description
ruben
2021-08-09 12:32:14 UTC
Created attachment 227077 [details]
Set net.inet6.icmp6.nodeinfo to 0 by default
patch against release 13.0p3 for sys/netinet6/in6_proto.c
after building a kernel and booting it sysctl will report '0' instead of '3'
$ sysctl net.inet6.icmp6.nodeinfo
net.inet6.icmp6.nodeinfo: 0
I think this would be a great idea to get in for 13.2. RFC 4620 is still experimental then I thinks it is safe to set `net.inet6.icmp6.nodeinfo` default to 0 . Making it into 13.2-R is out of question because it: 1) changes default in minor release 2) it's too late as the RC1 is behind the corner 14.0 is a good target release for this change. It'd require RELNOTES entry though. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=b73183d1a243d486e3889bd71800e94812f5fa17 commit b73183d1a243d486e3889bd71800e94812f5fa17 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-04-24 19:41:45 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-04-26 17:47:59 +0000 ipv6: disable RFC 4620 nodeinfo by default RFC 4620 is an experimental RFC that can be used to request information about a host, including: - the fully-qualified or single-component name - some set of the Responder's IPv6 unicast addresses - some set of the Responder's IPv4 unicast addresses This is not something that should be made available by default. PR: 257709 Submitted by: ruben@verweg.com Reviewed by: melifaro Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D39778 sys/netinet6/in6_proto.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=5c4e8a6310973f22eb76835f1b0d5ba5dd9df2f7 commit 5c4e8a6310973f22eb76835f1b0d5ba5dd9df2f7 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-04-24 19:41:45 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-05-01 12:15:08 +0000 ipv6: disable RFC 4620 nodeinfo by default RFC 4620 is an experimental RFC that can be used to request information about a host, including: - the fully-qualified or single-component name - some set of the Responder's IPv6 unicast addresses - some set of the Responder's IPv4 unicast addresses This is not something that should be made available by default. PR: 257709 Submitted by: ruben@verweg.com Reviewed by: melifaro Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D39778 (cherry picked from commit b73183d1a243d486e3889bd71800e94812f5fa17) sys/netinet6/in6_proto.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) Now merged to stable/13, and will be in FreeBSD 13.3 and FreeBSD 14.0. Thanks for the report. |
