diff options
author | kris <kris@FreeBSD.org> | 2001-06-01 10:02:28 +0000 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2001-06-01 10:02:28 +0000 |
commit | e1524eb20ca44614d4942a0b92929a02e67dce44 (patch) | |
tree | 9bd8aa0fc8cabc5d0cc01510f30e42d4a12277e2 /sys | |
parent | 83f8b7087fd25f91158a6a096fad46b33b513773 (diff) | |
download | FreeBSD-src-e1524eb20ca44614d4942a0b92929a02e67dce44.zip FreeBSD-src-e1524eb20ca44614d4942a0b92929a02e67dce44.tar.gz |
Add ``options RANDOM_IP_ID'' which randomizes the ID field of IP packets.
This closes a minor information leak which allows a remote observer to
determine the rate at which the machine is generating packets, since the
default behaviour is to increment a counter for each packet sent.
Reviewed by: -net
Obtained from: OpenBSD
Diffstat (limited to 'sys')
-rw-r--r-- | sys/conf/NOTES | 7 | ||||
-rw-r--r-- | sys/conf/files | 1 | ||||
-rw-r--r-- | sys/conf/options | 1 | ||||
-rw-r--r-- | sys/i386/conf/NOTES | 7 | ||||
-rw-r--r-- | sys/netinet/ip_id.c | 210 | ||||
-rw-r--r-- | sys/netinet/ip_input.c | 3 | ||||
-rw-r--r-- | sys/netinet/ip_mroute.c | 5 | ||||
-rw-r--r-- | sys/netinet/ip_output.c | 5 | ||||
-rw-r--r-- | sys/netinet/ip_var.h | 6 | ||||
-rw-r--r-- | sys/netinet/raw_ip.c | 5 | ||||
-rw-r--r-- | sys/netinet6/ipsec.c | 4 |
11 files changed, 254 insertions, 0 deletions
diff --git a/sys/conf/NOTES b/sys/conf/NOTES index fae6298..1485762 100644 --- a/sys/conf/NOTES +++ b/sys/conf/NOTES @@ -590,6 +590,13 @@ options IPFILTER_DEFAULT_BLOCK #block all packets by default options IPSTEALTH #support for stealth forwarding options TCPDEBUG +# RANDOM_IP_ID causes the ID field in IP packets to be randomized +# instead of incremented by 1 with each packet generated. This +# option closes a minor information leak which allows remote +# observers to determine the rate of packet generation on the +# machine by watching the counter. +options RANDOM_IP_ID + # Statically Link in accept filters options ACCEPT_FILTER_DATA options ACCEPT_FILTER_HTTP diff --git a/sys/conf/files b/sys/conf/files index 872cbe9..22d4cb7 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -1037,6 +1037,7 @@ netinet/igmp.c optional inet netinet/in.c optional inet netinet/in_gif.c optional gif inet #netinet/in_hostcache.c optional inet +netinet/ip_id.c optional inet netinet/in_pcb.c optional inet netinet/in_proto.c optional inet netinet/in_rmx.c optional inet diff --git a/sys/conf/options b/sys/conf/options index d4349c3..f6315d1 100644 --- a/sys/conf/options +++ b/sys/conf/options @@ -278,6 +278,7 @@ NETATALK opt_atalk.h PPP_BSDCOMP opt_ppp.h PPP_DEFLATE opt_ppp.h PPP_FILTER opt_ppp.h +RANDOM_IP_ID SLIP_IFF_OPTS opt_slip.h TCPDEBUG TCP_DROP_SYNFIN opt_tcp_input.h diff --git a/sys/i386/conf/NOTES b/sys/i386/conf/NOTES index fae6298..1485762 100644 --- a/sys/i386/conf/NOTES +++ b/sys/i386/conf/NOTES @@ -590,6 +590,13 @@ options IPFILTER_DEFAULT_BLOCK #block all packets by default options IPSTEALTH #support for stealth forwarding options TCPDEBUG +# RANDOM_IP_ID causes the ID field in IP packets to be randomized +# instead of incremented by 1 with each packet generated. This +# option closes a minor information leak which allows remote +# observers to determine the rate of packet generation on the +# machine by watching the counter. +options RANDOM_IP_ID + # Statically Link in accept filters options ACCEPT_FILTER_DATA options ACCEPT_FILTER_HTTP diff --git a/sys/netinet/ip_id.c b/sys/netinet/ip_id.c new file mode 100644 index 0000000..f440159 --- /dev/null +++ b/sys/netinet/ip_id.c @@ -0,0 +1,210 @@ +/* $OpenBSD: ip_id.c,v 1.2 1999/08/26 13:37:01 provos Exp $ */ + +/* + * Copyright 1998 Niels Provos <provos@citi.umich.edu> + * All rights reserved. + * + * Theo de Raadt <deraadt@openbsd.org> came up with the idea of using + * such a mathematical system to generate more random (yet non-repeating) + * ids to solve the resolver/named problem. But Niels designed the + * actual system based on the constraints. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Niels Provos. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * $FreeBSD$ + */ + +/* + * seed = random 15bit + * n = prime, g0 = generator to n, + * j = random so that gcd(j,n-1) == 1 + * g = g0^j mod n will be a generator again. + * + * X[0] = random seed. + * X[n] = a*X[n-1]+b mod m is a Linear Congruential Generator + * with a = 7^(even random) mod m, + * b = random with gcd(b,m) == 1 + * m = 31104 and a maximal period of m-1. + * + * The transaction id is determined by: + * id[n] = seed xor (g^X[n] mod n) + * + * Effectivly the id is restricted to the lower 15 bits, thus + * yielding two different cycles by toggling the msb on and off. + * This avoids reuse issues caused by reseeding. + */ + +#include "opt_random_ip_id.h" +#include <sys/param.h> +#include <sys/time.h> +#include <sys/kernel.h> +#include <sys/random.h> + +#ifdef RANDOM_IP_ID +#define RU_OUT 180 /* Time after wich will be reseeded */ +#define RU_MAX 30000 /* Uniq cycle, avoid blackjack prediction */ +#define RU_GEN 2 /* Starting generator */ +#define RU_N 32749 /* RU_N-1 = 2*2*3*2729 */ +#define RU_AGEN 7 /* determine ru_a as RU_AGEN^(2*rand) */ +#define RU_M 31104 /* RU_M = 2^7*3^5 - don't change */ + +#define PFAC_N 3 +const static u_int16_t pfacts[PFAC_N] = { + 2, + 3, + 2729 +}; + +static u_int16_t ru_x; +static u_int16_t ru_seed, ru_seed2; +static u_int16_t ru_a, ru_b; +static u_int16_t ru_g; +static u_int16_t ru_counter = 0; +static u_int16_t ru_msb = 0; +static long ru_reseed; +static u_int32_t tmp; /* Storage for unused random */ + +static u_int16_t pmod __P((u_int16_t, u_int16_t, u_int16_t)); +static void ip_initid __P((void)); +u_int16_t ip_randomid __P((void)); + +/* + * Do a fast modular exponation, returned value will be in the range + * of 0 - (mod-1) + */ + +#ifdef __STDC__ +static u_int16_t +pmod(u_int16_t gen, u_int16_t exp, u_int16_t mod) +#else +static u_int16_t +pmod(gen, exp, mod) + u_int16_t gen, exp, mod; +#endif +{ + u_int16_t s, t, u; + + s = 1; + t = gen; + u = exp; + + while (u) { + if (u & 1) + s = (s*t) % mod; + u >>= 1; + t = (t*t) % mod; + } + return (s); +} + +/* + * Initalizes the seed and chooses a suitable generator. Also toggles + * the msb flag. The msb flag is used to generate two distinct + * cycles of random numbers and thus avoiding reuse of ids. + * + * This function is called from id_randomid() when needed, an + * application does not have to worry about it. + */ +static void +ip_initid(void) +{ + u_int16_t j, i; + int noprime = 1; + struct timeval time; + + getmicrotime(&time); + read_random((void *) &tmp, sizeof(tmp)); + ru_x = (tmp & 0xFFFF) % RU_M; + + /* 15 bits of random seed */ + ru_seed = (tmp >> 16) & 0x7FFF; + read_random((void *) &tmp, sizeof(tmp)); + ru_seed2 = tmp & 0x7FFF; + + read_random((void *) &tmp, sizeof(tmp)); + + /* Determine the LCG we use */ + ru_b = (tmp & 0xfffe) | 1; + ru_a = pmod(RU_AGEN, (tmp >> 16) & 0xfffe, RU_M); + while (ru_b % 3 == 0) + ru_b += 2; + + read_random((void *) &tmp, sizeof(tmp)); + j = tmp % RU_N; + tmp = tmp >> 16; + + /* + * Do a fast gcd(j,RU_N-1), so we can find a j with + * gcd(j, RU_N-1) == 1, giving a new generator for + * RU_GEN^j mod RU_N + */ + + while (noprime) { + for (i=0; i<PFAC_N; i++) + if (j%pfacts[i] == 0) + break; + + if (i>=PFAC_N) + noprime = 0; + else + j = (j+1) % RU_N; + } + + ru_g = pmod(RU_GEN,j,RU_N); + ru_counter = 0; + + ru_reseed = time.tv_sec + RU_OUT; + ru_msb = ru_msb == 0x8000 ? 0 : 0x8000; +} + +u_int16_t +ip_randomid(void) +{ + int i, n; + struct timeval time; + + getmicrotime(&time); + if (ru_counter >= RU_MAX || time.tv_sec > ru_reseed) + ip_initid(); + + if (!tmp) + read_random((void *) &tmp, sizeof(tmp)); + + /* Skip a random number of ids */ + n = tmp & 0x3; tmp = tmp >> 2; + if (ru_counter + n >= RU_MAX) + ip_initid(); + + for (i = 0; i <= n; i++) + /* Linear Congruential Generator */ + ru_x = (ru_a*ru_x + ru_b) % RU_M; + + ru_counter += i; + + return (ru_seed ^ pmod(ru_g,ru_seed2 ^ ru_x,RU_N)) | ru_msb; +} + +#endif /* RANDOM_IP_ID */ diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 0963a0a..f0f4a20 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -44,6 +44,7 @@ #include "opt_ipstealth.h" #include "opt_ipsec.h" #include "opt_pfil_hooks.h" +#include "opt_random_ip_id.h" #include <sys/param.h> #include <sys/systm.h> @@ -249,7 +250,9 @@ ip_init() maxnipq = nmbclusters/4; +#ifndef RANDOM_IP_ID ip_id = time_second & 0xffff; +#endif ipintrq.ifq_maxlen = ipqmaxlen; mtx_init(&ipintrq.ifq_mtx, "ip_inq", MTX_DEF); diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c index b6a9fca..62da7dd 100644 --- a/sys/netinet/ip_mroute.c +++ b/sys/netinet/ip_mroute.c @@ -13,6 +13,7 @@ */ #include "opt_mrouting.h" +#include "opt_random_ip_id.h" #include <sys/param.h> #include <sys/systm.h> @@ -1581,7 +1582,11 @@ encap_send(ip, vifp, m) */ ip_copy = mtod(mb_copy, struct ip *); *ip_copy = multicast_encap_iphdr; +#ifdef RANDOM_IP_ID + ip_copy->ip_id = ip_randomid(); +#else ip_copy->ip_id = htons(ip_id++); +#endif ip_copy->ip_len += len; ip_copy->ip_src = vifp->v_lcl_addr; ip_copy->ip_dst = vifp->v_rmt_addr; diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index ed20168..1025e37 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -42,6 +42,7 @@ #include "opt_ipfilter.h" #include "opt_ipsec.h" #include "opt_pfil_hooks.h" +#include "opt_random_ip_id.h" #include <sys/param.h> #include <sys/systm.h> @@ -208,7 +209,11 @@ ip_output(m0, opt, ro, flags, imo) if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) { ip->ip_vhl = IP_MAKE_VHL(IPVERSION, hlen >> 2); ip->ip_off &= IP_DF; +#ifdef RANDOM_IP_ID + ip->ip_id = ip_randomid(); +#else ip->ip_id = htons(ip_id++); +#endif ipstat.ips_localout++; } else { hlen = IP_VHL_HL(ip->ip_vhl) << 2; diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index bc8b797..6354d84 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -138,7 +138,9 @@ struct route; struct sockopt; extern struct ipstat ipstat; +#ifndef RANDOM_IP_ID extern u_short ip_id; /* ip packet ctr, for ids */ +#endif extern int ip_defttl; /* default IP ttl */ extern int ipforwarding; /* ip forwarding */ extern struct route ipforward_rt; /* ip forwarding cached route */ @@ -164,6 +166,10 @@ void ip_slowtimo __P((void)); struct mbuf * ip_srcroute __P((void)); void ip_stripoptions __P((struct mbuf *, struct mbuf *)); +#ifdef RANDOM_IP_ID +u_int16_t + ip_randomid __P((void)); +#endif int rip_ctloutput __P((struct socket *, struct sockopt *)); void rip_ctlinput __P((int, struct sockaddr *, void *)); void rip_init __P((void)); diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 50bbf32..4fdcf95 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -36,6 +36,7 @@ #include "opt_inet6.h" #include "opt_ipsec.h" +#include "opt_random_ip_id.h" #include <sys/param.h> #include <sys/systm.h> @@ -220,7 +221,11 @@ rip_output(m, so, dst) return EINVAL; } if (ip->ip_id == 0) +#ifdef RANDOM_IP_ID + ip->ip_id = ip_randomid(); +#else ip->ip_id = htons(ip_id++); +#endif /* XXX prevent ip_output from overwriting header fields */ flags |= IP_RAWOUTPUT; ipstat.ips_rawout++; diff --git a/sys/netinet6/ipsec.c b/sys/netinet6/ipsec.c index 8715cfc..b8a2447 100644 --- a/sys/netinet6/ipsec.c +++ b/sys/netinet6/ipsec.c @@ -2045,7 +2045,11 @@ ipsec4_encapsulate(m, sav) ipseclog((LOG_ERR, "IPv4 ipsec: size exceeds limit: " "leave ip_len as is (invalid packet)\n")); } +#ifdef RANDOM_IP_ID + ip->ip_id = ip_randomid(); +#else ip->ip_id = htons(ip_id++); +#endif bcopy(&((struct sockaddr_in *)&sav->sah->saidx.src)->sin_addr, &ip->ip_src, sizeof(ip->ip_src)); bcopy(&((struct sockaddr_in *)&sav->sah->saidx.dst)->sin_addr, |