When RFC 8981 obsoleted RFC 4941 the terminology changed from

"privacy extensions" to "temporary address extensions"

Change ifconfig(8) to output temporary after temporary addresses and
add "temporary" option which is an alias for autoconfprivacy for now.

Also make AUTOCONF6TEMP a positiv flag that is set by default.
Previously the negative flag "INET6_NOPRIVACY" was set when privacy
addresses were disabled. This makes the flags output less ugly and
will allow us to disable autoconf addresses while having temporary
addresses enabled in the future.

More work is needed in slaacd.

input benno, jmc, deraadt
previous verison OK benno
OK jmc, kn

diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index caa8c45..1cb1227 100644 (file)
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -1,4 +1,4 @@
-.\"    $OpenBSD: ifconfig.8,v 1.367 2021/03/11 10:12:51 kn Exp $
+.\"    $OpenBSD: ifconfig.8,v 1.368 2021/03/11 19:53:39 florian Exp $
 .\"    $NetBSD: ifconfig.8,v 1.11 1996/01/04 21:27:29 pk Exp $
 .\"     $FreeBSD: ifconfig.8,v 1.16 1998/02/01 07:03:29 steve Exp $
 .\"
@@ -1321,7 +1321,7 @@ protocol when supported by the access point.
 .Ar interface
 .Cm inet6
 .Op Oo Fl Oc Ns Cm anycast
-.Op Oo Fl Oc Ns Cm autoconfprivacy
+.Op Oo Fl Oc Ns Cm temporary
 .Op Cm eui64
 .Op Cm pltime Ar n
 .Op Oo Fl Oc Ns Cm soii
@@ -1338,9 +1338,9 @@ interface:
 Set the IPv6 anycast address bit.
 .It Cm -anycast
 Clear the IPv6 anycast address bit.
-.It Cm autoconfprivacy
-Enable privacy extensions for stateless IPv6 address autoconfiguration
-(RFC 4941) on the interface.
+.It Cm temporary
+Enable temporary address  extensions for stateless IPv6 address
+autoconfiguration (RFC 8981) on the interface.
 These extensions are enabled by default.
 The purpose of these extensions is to prevent tracking of individual
 devices which connect to the IPv6 internet from different networks
@@ -1362,8 +1362,8 @@ Deprecated addresses will not be used for new connections as long as a
 non-deprecated address remains available.
 Temporary addresses become invalid after another 24 hours, at which time they
 will be removed from the interface.
-.It Cm -autoconfprivacy
-Disable IPv6 autoconf privacy extensions on the interface.
+.It Cm -temporary
+Disable IPv6 autoconf temporary address extensions on the interface.
 Currently configured addresses will not be removed until they become
 invalid.
 .It Cm eui64

diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c
index 859ee4a..5a274d1 100644 (file)
--- a/sbin/ifconfig/ifconfig.c
+++ b/sbin/ifconfig/ifconfig.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ifconfig.c,v 1.435 2021/03/04 07:46:26 jsg Exp $      */
+/*     $OpenBSD: ifconfig.c,v 1.436 2021/03/11 19:53:39 florian Exp $  */
 /*     $NetBSD: ifconfig.c,v 1.40 1997/10/01 02:19:43 enami Exp $      */
 
 /*
@@ -464,8 +464,10 @@ const struct       cmd {
        { "pltime",     NEXTARG,        0,              setia6pltime },
        { "vltime",     NEXTARG,        0,              setia6vltime },
        { "eui64",      0,              0,              setia6eui64 },
-       { "autoconfprivacy",    -IFXF_INET6_NOPRIVACY,  0,      setifxflags },
-       { "-autoconfprivacy",   IFXF_INET6_NOPRIVACY,   0,      setifxflags },
+       { "autoconfprivacy",    IFXF_AUTOCONF6TEMP,     0,      setifxflags },
+       { "-autoconfprivacy",   -IFXF_AUTOCONF6TEMP,    0,      setifxflags },
+       { "temporary",  IFXF_AUTOCONF6TEMP,     0,      setifxflags },
+       { "-temporary", -IFXF_AUTOCONF6TEMP,    0,      setifxflags },
        { "soii",       -IFXF_INET6_NOSOII,     0,      setifxflags },
        { "-soii",      IFXF_INET6_NOSOII,      0,      setifxflags },
        { "monitor",    IFXF_MONITOR,   0,              setifxflags },
@@ -676,7 +678,7 @@ const struct        cmd {
        "\024\1UP\2BROADCAST\3DEBUG\4LOOPBACK\5POINTOPOINT\6STATICARP"  \
        "\7RUNNING\10NOARP\11PROMISC\12ALLMULTI\13OACTIVE\14SIMPLEX"    \
        "\15LINK0\16LINK1\17LINK2\20MULTICAST"                          \
-       "\23INET6_NOPRIVACY\24MPLS\25WOL\26AUTOCONF6\27INET6_NOSOII"    \
+       "\23AUTOCONF6TEMP\24MPLS\25WOL\26AUTOCONF6\27INET6_NOSOII"      \
        "\30AUTOCONF4" "\31MONITOR"
 
 int    getinfo(struct ifreq *, int);
@@ -1577,7 +1579,8 @@ setautoconf(const char *cmd, int val)
                setifxflags("inet", val * IFXF_AUTOCONF4);
                break;
        case AF_INET6:
-               setifxflags("inet6", val * IFXF_AUTOCONF6);
+               setifxflags("inet6", val * (IFXF_AUTOCONF6 |
+                   IFXF_AUTOCONF6TEMP));
                break;
        default:
                errx(1, "autoconf not allowed for this address family");
@@ -3676,7 +3679,7 @@ in6_alias(struct in6_ifreq *creq)
                if (ifr6.ifr_ifru.ifru_flags6 & IN6_IFF_AUTOCONF)
                        printf(" autoconf");
                if (ifr6.ifr_ifru.ifru_flags6 & IN6_IFF_TEMPORARY)
-                       printf(" autoconfprivacy");
+                       printf(" temporary");
        }
 
        if (scopeid)

diff --git a/sbin/slaacd/frontend.c b/sbin/slaacd/frontend.c
index 416a529..1a0c596 100644 (file)
--- a/sbin/slaacd/frontend.c
+++ b/sbin/slaacd/frontend.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: frontend.c,v 1.51 2021/03/07 10:31:20 florian Exp $   */
+/*     $OpenBSD: frontend.c,v 1.52 2021/03/11 19:53:40 florian Exp $   */
 
 /*
  * Copyright (c) 2017 Florian Obser <florian@openbsd.org>
@@ -532,7 +532,7 @@ update_iface(uint32_t if_index, char* if_name)
        imsg_ifinfo.rdomain = ifrdomain;
        imsg_ifinfo.running = (flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP |
            IFF_RUNNING);
-       imsg_ifinfo.autoconfprivacy = !(xflags & IFXF_INET6_NOPRIVACY);
+       imsg_ifinfo.autoconfprivacy = (xflags & IFXF_AUTOCONF6TEMP);
        imsg_ifinfo.soii = !(xflags & IFXF_INET6_NOSOII);
 
        if (getifaddrs(&ifap) != 0)

diff --git a/sys/net/if.h b/sys/net/if.h
index 15b081b..42d0328 100644 (file)
--- a/sys/net/if.h
+++ b/sys/net/if.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: if.h,v 1.207 2021/02/20 01:11:44 dlg Exp $    */
+/*     $OpenBSD: if.h,v 1.208 2021/03/11 19:53:40 florian Exp $        */
 /*     $NetBSD: if.h,v 1.23 1996/05/07 02:40:27 thorpej Exp $  */
 
 /*
@@ -224,7 +224,7 @@ struct if_status_description {
 
 #define        IFXF_MPSAFE             0x1     /* [I] if_start is mpsafe */
 #define        IFXF_CLONED             0x2     /* [I] pseudo interface */
-#define        IFXF_INET6_NOPRIVACY    0x4     /* [N] don't autoconf privacy */
+#define        IFXF_AUTOCONF6TEMP      0x4     /* [N] v6 temporary addrs enabled */
 #define        IFXF_MPLS               0x8     /* [N] supports MPLS */
 #define        IFXF_WOL                0x10    /* [N] wake on lan enabled */
 #define        IFXF_AUTOCONF6          0x20    /* [N] v6 autoconf enabled */