| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 23 Jun 2007 19:51:55 +0300
From: Rémi Denis-Courmont <rdenis@...phalempin.com>
To: David Stevens <dlstevens@...ibm.com>
Cc: "C. Scott Ananian" <cscott@...top.org>, cananian@...il.com,
netdev@...r.kernel.org
Subject: Re: [RFD] First draft of RDNSS-in-RA support for IPv6 DNS autoconfiguration
Le samedi 23 juin 2007, David Stevens a écrit :
> No, in fact! I didn't hear anyone suggesting that all of
> neighbor discovery be pushed out of the kernel. All I suggested is
> that you read a raw ICMPv6 socket for RA's that have the RDNS header
> and the app _process_the_RDNS_header. The kernel should still
> continue to do everything it needs to with the kernel data in the RA.
> Then you just need a hash table (or maybe just a list -- there
> shouldn't be a lot of them) and a timer to delete them when the RDNS
> expiration hits. Easy, right?
The exact thing I pointed out does not work. I *DID* write RA parsing in
userland in the past.
> You might have to change the icmp6_filter, if RA's are not
> already copied to raw sockets (I don't know either way offhand),
> but that's a trivial kernel patch; otherwise, I don't believe you
> have to do anything but read the socket and process the RDNS header
> on RAs you receive.
To reiterate:
How do I authenticate SeND RA? How do I deal with the link going down
before the expiration? How do I know "this" interface is doing autoconf
at all?
--
Rémi Denis-Courmont
http://www.remlab.net/
Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists