From: florian <florian@openbsd.org>
Date: Sat, 6 Mar 2021 19:02:53 +0000 (+0000)
Subject: Implement last remaining bits to update from RFC 4941 to RFC 8981.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=79e3154eabfaa2ba3db77734492e318adae01116;p=openbsd

Implement last remaining bits to update from RFC 4941 to RFC 8981.
The desync factor is now tracked per temporary IP and the max value
has been increased to about 9 hours.
While here fix a bug where the minimum acceptable pltime in a router
advertisement should be bigger than PRIV_REGEN_ADVANCE not the desync
factor (which didn't make any sense at all).

From Fernando Gont, thanks!
OK sthen
---

diff --git a/sbin/slaacd/engine.c b/sbin/slaacd/engine.c
index 4160d798261..2d19ab8f8e1 100644
--- a/sbin/slaacd/engine.c
+++ b/sbin/slaacd/engine.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: engine.c,v 1.61 2021/03/02 17:17:15 florian Exp $	*/
+/*	$OpenBSD: engine.c,v 1.62 2021/03/06 19:02:53 florian Exp $	*/
 
 /*
  * Copyright (c) 2017 Florian Obser <florian@openbsd.org>
@@ -88,10 +88,14 @@
 #define	RTR_SOLICITATION_INTERVAL	4
 #define	MAX_RTR_SOLICITATIONS		3
 
-/* constants for RFC 4941 autoconf privacy extension */
-#define PRIV_MAX_DESYNC_FACTOR	600	/* 10 minutes */
+/*
+ * Constants for RFC 8981 autoconf privacy extensions
+ *
+ * PRIV_PREFERRED_LIFETIME > (PRIV_MAX_DESYNC_FACTOR + PRIV_REGEN_ADVANCE)
+ */
 #define PRIV_VALID_LIFETIME	172800	/* 2 days */
 #define PRIV_PREFERRED_LIFETIME	86400	/* 1 day */
+#define PRIV_MAX_DESYNC_FACTOR	34560	/* PRIV_PREFERRED_LIFETIME * 0.4 */
 #define	PRIV_REGEN_ADVANCE	5	/* 5 seconds */
 
 enum if_state {
@@ -198,6 +202,7 @@ struct address_proposal {
 	uint8_t				 prefix_len;
 	uint32_t			 vltime;
 	uint32_t			 pltime;
+	uint32_t			 desync_factor;
 	uint8_t				 soiikey[SLAACD_SOIIKEY_LEN];
 	uint32_t			 mtu;
 };
@@ -327,8 +332,6 @@ static struct imsgev	*iev_frontend;
 static struct imsgev	*iev_main;
 int64_t			 proposal_id;
 
-uint32_t		 desync_factor;
-
 void
 engine_sig_handler(int sig, short event, void *arg)
 {
@@ -399,8 +402,6 @@ engine(int debug, int verbose)
 
 	LIST_INIT(&slaacd_interfaces);
 
-	desync_factor = arc4random_uniform(PRIV_MAX_DESYNC_FACTOR);
-
 	event_dispatch();
 
 	engine_shutdown();
@@ -1858,14 +1859,18 @@ update_iface_ra_prefix(struct slaacd_iface *iface, struct radv *ra,
 
 		if (addr_proposal->privacy) {
 			struct timespec	now;
-			int64_t		ltime;
+			int64_t		ltime, mtime;
 
 			if (clock_gettime(CLOCK_MONOTONIC, &now))
 				fatal("clock_gettime");
 
-			ltime = MINIMUM(addr_proposal->created.tv_sec +
-			    PRIV_PREFERRED_LIFETIME - desync_factor,
-			    now.tv_sec + prefix->pltime) - now.tv_sec;
+			mtime = addr_proposal->created.tv_sec +
+			    PRIV_PREFERRED_LIFETIME -
+			    addr_proposal->desync_factor;
+
+			ltime = MINIMUM(mtime, now.tv_sec + prefix->pltime) -
+			    now.tv_sec;
+
 			pltime = ltime > 0 ? ltime : 0;
 
 			ltime = MINIMUM(addr_proposal->created.tv_sec +
@@ -1873,7 +1878,7 @@ update_iface_ra_prefix(struct slaacd_iface *iface, struct radv *ra,
 			    now.tv_sec;
 			vltime = ltime > 0 ? ltime : 0;
 
-			if (pltime > PRIV_REGEN_ADVANCE)
+			if ((mtime - now.tv_sec) > PRIV_REGEN_ADVANCE)
 				found_privacy = 1;
 		} else {
 			pltime = prefix->pltime;
@@ -1919,11 +1924,11 @@ update_iface_ra_prefix(struct slaacd_iface *iface, struct radv *ra,
 
 	/* privacy addresses do not depend on eui64 */
 	if (!found_privacy && iface->autoconfprivacy) {
-		if (prefix->pltime < desync_factor) {
+		if (prefix->pltime < PRIV_REGEN_ADVANCE) {
 			log_warnx("%s: pltime from %s is too small: %d < %d; "
 			    "not generating privacy address", __func__,
 			    sin6_to_str(&ra->from), prefix->pltime,
-			    desync_factor);
+			    PRIV_REGEN_ADVANCE);
 		} else
 			/* new privacy proposal */
 			gen_address_proposal(iface, ra, prefix, 1);
@@ -2055,8 +2060,11 @@ gen_address_proposal(struct slaacd_iface *iface, struct radv *ra, struct
 	if (privacy) {
 		addr_proposal->vltime = MINIMUM(prefix->vltime,
 		    PRIV_VALID_LIFETIME);
+		addr_proposal->desync_factor =
+		    arc4random_uniform(PRIV_MAX_DESYNC_FACTOR);
+
 		addr_proposal->pltime = MINIMUM(prefix->pltime,
-		    PRIV_PREFERRED_LIFETIME - desync_factor);
+		    PRIV_PREFERRED_LIFETIME - addr_proposal->desync_factor);
 	} else {
 		addr_proposal->vltime = prefix->vltime;
 		addr_proposal->pltime = prefix->pltime;
diff --git a/sbin/slaacd/slaacd.8 b/sbin/slaacd/slaacd.8
index fb9bb3d0c60..eec7187f438 100644
--- a/sbin/slaacd/slaacd.8
+++ b/sbin/slaacd/slaacd.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: slaacd.8,v 1.10 2018/07/23 11:51:38 florian Exp $
+.\"	$OpenBSD: slaacd.8,v 1.11 2021/03/06 19:02:53 florian Exp $
 .\"
 .\" Copyright (c) 2017 Florian Obser <florian@openbsd.org>
 .\" Copyright (c) 2016 Kenneth R Westerback <kwesterback@gmail.com>
@@ -15,7 +15,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: July 23 2018 $
+.Dd $Mdocdate: March 6 2021 $
 .Dt SLAACD 8
 .Os
 .Sh NAME
@@ -110,15 +110,6 @@ socket used for communication with
 .Re
 .Pp
 .Rs
-.%A T. Narten
-.%A R. Draves
-.%A S. Krishnan
-.%D September 2007
-.%R RFC 4941
-.%T Privacy Extensions for Stateless Address Autoconfiguration in IPv6
-.Re
-.Pp
-.Rs
 .%A F. Gont
 .%D April 2014
 .%R RFC 7217
@@ -152,6 +143,16 @@ socket used for communication with
 .%R RFC 8106
 .%T IPv6 Router Advertisement Options for DNS Configuration
 .Re
+.Pp
+.Rs
+.%A F. Gont
+.%A S. Krishnan
+.%A T. Narten
+.%A R. Draves
+.%D February 2021
+.%R RFC 8981
+.%T Temporary Address Extensions for Stateless Address Autoconfiguration in IPv6
+.Re
 .Sh HISTORY
 The
 .Nm