diff --git a/net/ipv6-toolkit/Makefile b/net/ipv6-toolkit/Makefile index c676816034c..115f0672f78 100644 --- a/net/ipv6-toolkit/Makefile +++ b/net/ipv6-toolkit/Makefile @@ -1,11 +1,10 @@ -# $OpenBSD: Makefile,v 1.2 2013/09/26 21:52:35 bluhm Exp $ +# $OpenBSD: Makefile,v 1.3 2015/04/28 23:16:20 bluhm Exp $ COMMENT = SI6 networks IPv6 toolkit -VERSION = 1.4b -REVISION = 1 -DISTNAME = ipv6-toolkit-v${VERSION} -PKGNAME = ipv6-toolkit-${VERSION} +VERSION = 2.0 +DISTNAME = ipv6toolkit-v${VERSION} +PKGNAME = ipv6toolkit-${VERSION} CATEGORIES = net @@ -23,11 +22,11 @@ MASTER_SITES = http://www.si6networks.com/tools/ipv6toolkit/ MAKE_FLAGS = CC=${CC} FAKE_FLAGS = PREFIX=${PREFIX} \ MANPREFIX=${PREFIX} \ - ETCPATH=${DESTDIR}/${PREFIX}/share/examples/ipv6-toolkit + ETCPATH=${DESTDIR}/${PREFIX}/share/examples/ipv6toolkit NO_TEST = Yes pre-install: - ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/ipv6-toolkit + ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/ipv6toolkit .include diff --git a/net/ipv6-toolkit/distinfo b/net/ipv6-toolkit/distinfo index 7089ce9921e..737302cbe0d 100644 --- a/net/ipv6-toolkit/distinfo +++ b/net/ipv6-toolkit/distinfo @@ -1,2 +1,2 @@ -SHA256 (ipv6-toolkit-v1.4b.tar.gz) = zf0akG4ttV0lcN1Qab3qXe3wD+bT1cP3LdNMDlyN4YY= -SIZE (ipv6-toolkit-v1.4b.tar.gz) = 481916 +SHA256 (ipv6toolkit-v2.0.tar.gz) = FvE9Pn0XlA/1PwKO8AkOSqOhk6IkyXcosH6m4moZ6Yc= +SIZE (ipv6toolkit-v2.0.tar.gz) = 725628 diff --git a/net/ipv6-toolkit/patches/patch-tools_addr6_c b/net/ipv6-toolkit/patches/patch-tools_addr6_c deleted file mode 100644 index bfb5a2f1c2d..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_addr6_c +++ /dev/null @@ -1,14 +0,0 @@ -$OpenBSD: patch-tools_addr6_c,v 1.1 2013/09/26 21:52:35 bluhm Exp $ ---- tools/addr6.c.orig Sat Aug 10 08:43:26 2013 -+++ tools/addr6.c Sun Sep 8 20:37:06 2013 -@@ -1437,8 +1437,8 @@ int init_host_list(struct host_list *hlist){ - - hlist->nhosts= 0; - hlist->maxhosts= MAX_HOST_ENTRIES; -- hlist->key_l= rand(); -- hlist->key_h= rand(); -+ hlist->key_l= arc4random(); -+ hlist->key_h= arc4random(); - return(1); - } - diff --git a/net/ipv6-toolkit/patches/patch-tools_flow6_c b/net/ipv6-toolkit/patches/patch-tools_flow6_c index cd60206b0cd..5caeefde23e 100644 --- a/net/ipv6-toolkit/patches/patch-tools_flow6_c +++ b/net/ipv6-toolkit/patches/patch-tools_flow6_c @@ -1,56 +1,12 @@ -$OpenBSD: patch-tools_flow6_c,v 1.1 2013/09/26 21:52:35 bluhm Exp $ ---- tools/flow6.c.orig Fri Aug 16 07:35:41 2013 -+++ tools/flow6.c Sun Sep 8 20:49:58 2013 -@@ -227,8 +227,7 @@ int main(int argc, char **argv){ +$OpenBSD: patch-tools_flow6_c,v 1.2 2015/04/28 23:16:20 bluhm Exp $ +--- tools/flow6.c.orig Sun Apr 5 16:00:06 2015 ++++ tools/flow6.c Mon Apr 27 22:59:14 2015 +@@ -681,7 +681,7 @@ int send_fid_probe(void){ + dlt_null->family= PF_INET6; } - - -- srandom(time(NULL)); -- hoplimit=64+random()%180; -+ hoplimit=64+arc4random_uniform(180); - init_iface_data(&idata); - - while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { -@@ -536,9 +535,9 @@ int main(int argc, char **argv){ - puts("Identifying the 'Flow ID' generation policy of the target node...."); - - if(protocol == IPPROTO_TCP){ -- tcpwin= ((u_int16_t) random() + 1500) & (u_int16_t)0x7f00; -- tcpseq= random(); -- baseport= 50000+ random()%10000; -+ tcpwin= ((u_int16_t) arc4random() + 1500) & (u_int16_t)0x7f00; -+ tcpseq= arc4random(); -+ baseport= 50000+ arc4random_uniform(10000); - lastport= baseport; - } - -@@ -585,8 +584,8 @@ int main(int argc, char **argv){ - - if( testtype==FIXED_ORIGIN && ((curtime - start) >= ID_ASSESS_TIMEOUT || ntest1 >= NSAMPLES)){ - testtype= MULTI_ORIGIN; -- addr_sig= random(); -- addr_key= random(); -+ addr_sig= arc4random(); -+ addr_key= arc4random(); - start= curtime; - continue; - } -@@ -1173,7 +1172,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - ipv6addr->s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6addr->s6_addr16[i]=random(); -+ ipv6addr->s6_addr16[i]=arc4random(); - - if(preflen%16){ - mask=0xffff; -@@ -1198,8 +1197,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - */ - - void randomize_ether_addr(struct ether_addr *ethaddr){ -- for(i=0; i<6; i++) -- ethaddr->a[i]= random(); -+ arc4random_buf(ethaddr, sizeof(struct ether_addr)); - - ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; - } + #if defined (__OpenBSD__) +- else if(idata->type == DLT_LOOP){ ++ else if(idata.type == DLT_LOOP){ + dlt_null->family= htonl(PF_INET6); + } + #endif diff --git a/net/ipv6-toolkit/patches/patch-tools_frag6_c b/net/ipv6-toolkit/patches/patch-tools_frag6_c deleted file mode 100644 index 820f568ecc6..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_frag6_c +++ /dev/null @@ -1,213 +0,0 @@ -$OpenBSD: patch-tools_frag6_c,v 1.1 2013/09/26 21:52:35 bluhm Exp $ ---- tools/frag6.c.orig Fri Aug 16 07:36:52 2013 -+++ tools/frag6.c Sun Sep 8 21:03:41 2013 -@@ -263,8 +263,7 @@ int main(int argc, char **argv){ - } - - -- srandom(time(NULL)); -- hoplimit=64+random()%180; -+ hoplimit=64+arc4random_uniform(180); - init_iface_data(&idata); - - while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { -@@ -822,7 +821,7 @@ int main(int argc, char **argv){ - if(verbose_f) - puts("Sending Fragments for Test #1...."); - -- id= random(); -+ id= arc4random(); - - if(send_fragment2(sizeof(struct icmp6_hdr)+minfragsize*2-overlap, id, 0, minfragsize, \ - FIRST_FRAGMENT, block1) == -1){ -@@ -840,7 +839,7 @@ int main(int argc, char **argv){ - if(verbose_f) - puts("Sending Fragments for Test #2...."); - -- id= random(); -+ id= arc4random(); - - if(send_fragment2(sizeof(struct icmp6_hdr)+minfragsize * 3-overlap, id, 0, minfragsize, \ - FIRST_FRAGMENT, block2) == -1){ -@@ -862,7 +861,7 @@ int main(int argc, char **argv){ - if(verbose_f) - puts("Sending Fragments for Test #3...."); - -- id= random(); -+ id= arc4random(); - - if(send_fragment2(sizeof(struct icmp6_hdr)+minfragsize * 3-overlap, id, 0, minfragsize, \ - FIRST_FRAGMENT, block3) == -1){ -@@ -885,7 +884,7 @@ int main(int argc, char **argv){ - if(verbose_f) - puts("Sending Fragments for Test #4...."); - -- id= random(); -+ id= arc4random(); - - if(send_fragment2(sizeof(struct icmp6_hdr)+minfragsize *4, id, 0, minfragsize, FIRST_FRAGMENT, \ - block4) == -1){ -@@ -908,7 +907,7 @@ int main(int argc, char **argv){ - if(verbose_f) - puts("Sending Fragments for Test #5...."); - -- id= random(); -+ id= arc4random(); - - if(send_fragment2(sizeof(struct icmp6_hdr)+minfragsize * 4 - overlap, id, 0, minfragsize, \ - FIRST_FRAGMENT, block5) == -1){ -@@ -1066,7 +1065,7 @@ int main(int argc, char **argv){ - lastfrag1=0; - ntest1=0; - ntest2=0; -- icmp6_sig= random(); -+ icmp6_sig= arc4random(); - testtype= FIXED_ORIGIN; - - if(srcprefix_f){ -@@ -1084,8 +1083,8 @@ int main(int argc, char **argv){ - - if( testtype==FIXED_ORIGIN && ((curtime - start) >= ID_ASSESS_TIMEOUT || ntest1 >= NSAMPLES)){ - testtype= MULTI_ORIGIN; -- addr_sig= random(); -- addr_key= random(); -+ addr_sig= arc4random(); -+ addr_key= arc4random(); - start= curtime; - continue; - } -@@ -1317,7 +1316,7 @@ int main(int argc, char **argv){ - pcap_freecode(&pcap_filter); - - maxsizedchunk= idata.mtu - sizeof(struct ip6_hdr) - sizeof(struct ip6_frag); -- id=random(); -+ id=arc4random(); - foffset=0; - i=0; - -@@ -1399,7 +1398,7 @@ int main(int argc, char **argv){ - frags=0; - - if(!foffset_f){ -- foffset= random(); -+ foffset= arc4random(); - } - - if(forder != LAST_FRAGMENT){ -@@ -1407,7 +1406,7 @@ int main(int argc, char **argv){ - } - - while(frags < nfrags){ -- if(send_fragment(fid_f?fid:random(), foffset, fsize_f?fsize:( ((MIN_FRAG_SIZE+(random()%400))>>3)<<3), \ -+ if(send_fragment(fid_f?fid:arc4random(), foffset, fsize_f?fsize:( ((MIN_FRAG_SIZE+(arc4random_uniform(400)))>>3)<<3), \ - forder, tstamp_f) == -1){ - - puts("Error sending packet"); -@@ -1932,7 +1931,7 @@ int send_fragment2(u_int16_t ip6len, unsigned int id, - icmp6->icmp6_code = 0; - icmp6->icmp6_cksum = 0; - icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ -- icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ -+ icmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - ptr+= sizeof(struct icmp6_hdr); - -@@ -1993,7 +1992,6 @@ int send_fragment2(u_int16_t ip6len, unsigned int id, - */ - int send_fragment(unsigned int id, unsigned int offset, unsigned int fsize, unsigned int forder, unsigned int tstamp_f){ - time_t tstamp; -- unsigned int i; - - ethernet= (struct ether_header *) buffer; - dlt_null= (struct dlt_null *) buffer; -@@ -2126,7 +2124,7 @@ int send_fragment(unsigned int id, unsigned int offset - icmp6->icmp6_code = 0; - icmp6->icmp6_cksum = 0; - icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ -- icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ -+ icmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - ptr+= sizeof(struct icmp6_hdr); - fsize-= sizeof(struct icmp6_hdr); -@@ -2153,10 +2151,8 @@ int send_fragment(unsigned int id, unsigned int offset - fsize=0; - } - -- for(i=0; i< (fsize/4); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, fsize & ~3); -+ ptr += fsize & ~3; - - ipv6->ip6_plen= htons(ptr-(v6buffer + MIN_IPV6_HLEN)); - icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); -@@ -2193,10 +2189,8 @@ int send_fragment(unsigned int id, unsigned int offset - return(-1); - } - -- for(i=0; i<(fsize/4); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, fsize & ~3); -+ ptr += fsize & ~3; - - ipv6->ip6_plen= htons(ptr-(v6buffer + MIN_IPV6_HLEN)); - } -@@ -2227,7 +2221,6 @@ int send_fid_probe(void){ - struct ether_header *ethernet; - struct ip6_hdr *ipv6; - unsigned char *fptr, *fptrend; -- unsigned int i; - - ethernet= (struct ether_header *) buffer; - v6buffer = buffer + linkhsize; -@@ -2266,16 +2259,14 @@ int send_fid_probe(void){ - icmp6->icmp6_code = 0; - icmp6->icmp6_cksum = 0; - icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ -- icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ -+ icmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - ptr+= sizeof(struct icmp6_hdr); - *(u_int32_t *)ptr= icmp6_sig; - ptr+= sizeof(u_int32_t); - -- for(i=0;i<400; i++){ -- *(u_int32_t *)ptr= random(); -- ptr+=sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, 1600); -+ ptr += 1600; - - icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-(unsigned char *)icmp6, IPPROTO_ICMPV6); - -@@ -2293,7 +2284,7 @@ int send_fid_probe(void){ - fptr = fptr + (fragpart-buffer); - - fh= (struct ip6_frag *) (fragbuffer + linkhsize + sizeof(struct ip6_hdr)); -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr; - - /* We'll be sending packets of at most 1280 bytes (the IPv6 minimum MTU) */ -@@ -2648,7 +2639,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - ipv6addr->s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6addr->s6_addr16[i]=random(); -+ ipv6addr->s6_addr16[i]=arc4random(); - - if(preflen%16){ - mask=0xffff; -@@ -2673,8 +2664,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - */ - - void randomize_ether_addr(struct ether_addr *ethaddr){ -- for(i=0; i<6; i++) -- ethaddr->a[i]= random(); -+ arc4random_buf(ethaddr, sizeof(struct ether_addr)); - - ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; - } diff --git a/net/ipv6-toolkit/patches/patch-tools_icmp6_c b/net/ipv6-toolkit/patches/patch-tools_icmp6_c deleted file mode 100644 index 2b22e0a94e5..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_icmp6_c +++ /dev/null @@ -1,222 +0,0 @@ -$OpenBSD: patch-tools_icmp6_c,v 1.2 2013/09/26 21:52:35 bluhm Exp $ ---- tools/icmp6.c.orig Fri Aug 16 08:00:40 2013 -+++ tools/icmp6.c Sun Sep 8 22:09:53 2013 -@@ -41,6 +41,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -54,7 +55,6 @@ - #elif defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) - #include - #endif --#include - #include "icmp6.h" - #include "ipv6toolkit.h" - #include -@@ -290,7 +290,7 @@ int main(int argc, char **argv){ - } - - init_iface_data(&idata); -- hoplimit=64+random()%180; -+ hoplimit=64+arc4random_uniform(180); - - while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { - option= r; -@@ -1108,8 +1108,6 @@ int main(int argc, char **argv){ - hsrcaddr= idata.ether; - } - -- srandom(time(NULL)); -- - if(!srcaddr_f || srcprefix_f){ - if(srcprefix_f){ - randprefix=srcaddr; -@@ -1154,7 +1152,7 @@ int main(int argc, char **argv){ - rhdefault_f=1; - - if(!ip6hoplimit_f) -- ip6hoplimit=64+random()%180; -+ ip6hoplimit=64+arc4random_uniform(180); - - if(!ip6length_f) - ip6length=1460; -@@ -1177,21 +1175,21 @@ int main(int argc, char **argv){ - tcpflags= tcpflags | TH_ACK; - - if(!tcpack_f) -- tcpack= random(); -+ tcpack= arc4random(); - - if(!tcpseq_f) -- tcpseq= random(); -+ tcpseq= arc4random(); - - if(!tcpwin_f) -- tcpwin= ((u_int16_t) random() + 1500) & (u_int16_t)0x7f00; -+ tcpwin= ((u_int16_t) arc4random() + 1500) & (u_int16_t)0x7f00; - - if(!peerportl_f){ -- peerportl= random(); -+ peerportl= arc4random(); - peerporth= peerportl; - } - - if(!targetportl_f){ -- targetportl= random(); -+ targetportl= arc4random(); - targetporth= targetportl; - } - -@@ -1201,22 +1199,22 @@ int main(int argc, char **argv){ - - if(rhudp_f){ - if(!peerportl_f){ -- peerportl= random(); -+ peerportl= arc4random(); - peerporth= peerportl; - } - - if(!targetportl_f){ -- targetportl= random(); -+ targetportl= arc4random(); - targetporth= targetportl; - } - } - - if(rhicmp6_f){ - if(!icmp6id_f) -- icmp6id= random(); -+ icmp6id= arc4random(); - - if(!icmp6seq_f) -- icmp6seq= random(); -+ icmp6seq= arc4random(); - } - - if(!icmp6type_f){ -@@ -1232,7 +1230,7 @@ int main(int argc, char **argv){ - - case ICMP6_PARAM_PROB: - if(pointer_f) -- pointer= random()%40; -+ pointer= arc4random_uniform(40); - break; - - case ICMP6_DST_UNREACH: -@@ -1758,7 +1756,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - rhtcp->th_urp= htons(tcpurg); - rhtcp->th_win= htons(tcpwin); - rhtcp->th_off= MIN_TCP_HLEN >> 2; -- rhtcp->th_sum = random(); -+ rhtcp->th_sum = arc4random(); - - if(rhbytes <= (MIN_IPV6_HLEN + MIN_TCP_HLEN)){ - bcopy(rhbuff, ptr, rhbytes); -@@ -1769,11 +1767,9 @@ void send_packet(const u_char *pktdata, struct pcap_pk - ptr += MIN_IPV6_HLEN+MIN_TCP_HLEN; - rhbytes -= MIN_IPV6_HLEN+MIN_TCP_HLEN; - -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - } - } - -@@ -1783,7 +1779,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - rhudp->uh_sport= htons(targetport); - rhudp->uh_dport= htons(peerport); - rhudp->uh_ulen= rhipv6->ip6_plen; -- rhudp->uh_sum= random(); -+ rhudp->uh_sum= arc4random(); - - if(rhbytes <= (MIN_IPV6_HLEN + MIN_UDP_HLEN)){ - bcopy(rhbuff, ptr, rhbytes); -@@ -1793,11 +1789,9 @@ void send_packet(const u_char *pktdata, struct pcap_pk - bcopy(rhbuff, ptr, MIN_IPV6_HLEN+MIN_UDP_HLEN); - ptr += MIN_IPV6_HLEN+MIN_UDP_HLEN; - rhbytes -= MIN_IPV6_HLEN+MIN_UDP_HLEN; -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - } - } - else if(rhicmp6_f){ -@@ -1805,9 +1799,9 @@ void send_packet(const u_char *pktdata, struct pcap_pk - rhicmp6 = (struct icmp6_hdr *) (rhbuff + sizeof(struct ip6_hdr)); - rhicmp6->icmp6_type = ICMP6_ECHO_REQUEST; - rhicmp6->icmp6_code = 0; -- rhicmp6->icmp6_cksum = random(); -- rhicmp6->icmp6_data16[0]= random(); /* Identifier */ -- rhicmp6->icmp6_data16[1]= random(); /* Sequence Number */ -+ rhicmp6->icmp6_cksum = arc4random(); -+ rhicmp6->icmp6_data16[0]= arc4random(); /* Identifier */ -+ rhicmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - if(rhbytes <= (MIN_IPV6_HLEN + MIN_ICMP6_HLEN)){ - bcopy(rhbuff, ptr, rhbytes); -@@ -1817,11 +1811,9 @@ void send_packet(const u_char *pktdata, struct pcap_pk - bcopy(rhbuff, ptr, MIN_IPV6_HLEN+MIN_ICMP6_HLEN); - ptr += MIN_IPV6_HLEN+MIN_ICMP6_HLEN; - rhbytes -= MIN_IPV6_HLEN+MIN_ICMP6_HLEN; -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - } - } - } -@@ -1860,7 +1852,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* -@@ -2589,7 +2581,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - ipv6addr->s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6addr->s6_addr16[i]=random(); -+ ipv6addr->s6_addr16[i]=arc4random(); - - if(preflen%16){ - mask=0xffff; -@@ -2614,8 +2606,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - */ - - void randomize_ether_addr(struct ether_addr *ethaddr){ -- for(i=0; i<6; i++) -- ethaddr->a[i]= random(); -+ arc4random_buf(ethaddr, sizeof(struct ether_addr)); - - ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; - } -@@ -3519,7 +3510,7 @@ int send_neighbor_advert(struct iface_data *idata, pca - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* diff --git a/net/ipv6-toolkit/patches/patch-tools_jumbo6_c b/net/ipv6-toolkit/patches/patch-tools_jumbo6_c deleted file mode 100644 index e77428df96d..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_jumbo6_c +++ /dev/null @@ -1,67 +0,0 @@ -$OpenBSD: patch-tools_jumbo6_c,v 1.1 2013/09/26 21:52:35 bluhm Exp $ ---- tools/jumbo6.c.orig Fri Aug 16 07:33:28 2013 -+++ tools/jumbo6.c Sun Sep 8 21:15:17 2013 -@@ -246,7 +246,7 @@ int main(int argc, char **argv){ - exit(1); - } - -- hoplimit=64+random()%180; -+ hoplimit=64+arc4random_uniform(180); - init_iface_data(&idata); - - while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { -@@ -807,8 +807,6 @@ int main(int argc, char **argv){ - exit(1); - } - -- srandom(time(NULL)); -- - if(!dstaddr_f && !listen_f){ /* Must specify IPv6 Destination Address if listening mode not used */ - puts("IPv6 Destination Address not specified (and listening mode not selected)"); - exit(1); -@@ -1237,14 +1235,12 @@ void init_packet_data(void){ - icmp6->icmp6_code = 0; - icmp6->icmp6_cksum = 0; - icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ -- icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ -+ icmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - ptr+= sizeof(struct icmp6_hdr); - -- for(i=0; i< (icmp6psize/4); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, icmp6psize); -+ ptr += icmp6psize; - - icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); - -@@ -1304,7 +1300,7 @@ int send_packet(struct pcap_pkthdr *pkthdr, const u_ch - /* Copy the Fragmentation Header */ - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* -@@ -1851,7 +1847,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - ipv6addr->s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6addr->s6_addr16[i]=random(); -+ ipv6addr->s6_addr16[i]=arc4random(); - - if(preflen%16){ - mask=0xffff; -@@ -1876,8 +1872,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - */ - - void randomize_ether_addr(struct ether_addr *ethaddr){ -- for(i=0; i<6; i++) -- ethaddr->a[i]= random(); -+ arc4random_buf(ethaddr, sizeof(struct ether_addr)); - - ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; - } diff --git a/net/ipv6-toolkit/patches/patch-tools_na6_c b/net/ipv6-toolkit/patches/patch-tools_na6_c deleted file mode 100644 index 2d093a1c44a..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_na6_c +++ /dev/null @@ -1,68 +0,0 @@ -$OpenBSD: patch-tools_na6_c,v 1.1 2013/09/26 21:52:35 bluhm Exp $ ---- tools/na6.c.orig Thu Aug 22 11:48:49 2013 -+++ tools/na6.c Sun Sep 8 21:20:06 2013 -@@ -880,8 +880,6 @@ int main(int argc, char **argv){ - - pcap_freecode(&pcap_filter); - -- srandom(time(NULL)); -- - - if(!floods_f && !srcaddr_f){ - /* When randomizing a link-local IPv6 address, select addresses that belong to the -@@ -895,7 +893,7 @@ int main(int argc, char **argv){ - srcaddr.s6_addr16[i]=0x0000; - - for(i=4; i<8; i++) -- srcaddr.s6_addr16[i]=random(); -+ srcaddr.s6_addr16[i]=arc4random(); - } - - /* -@@ -919,8 +917,7 @@ int main(int argc, char **argv){ - } - - if(!hsrcaddr_f) /* Source link-layer address is randomized by default */ -- for(i=0; i<6; i++) -- hsrcaddr.a[i]= random(); -+ arc4random_buf(&hsrcaddr, sizeof(struct ether_addr)); - - if(!hdstaddr_f) /* Destination link-layer address defaults to all-nodes */ - if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &hdstaddr, sizeof(hdstaddr)) == 0){ -@@ -1361,7 +1358,7 @@ void send_packet(const u_char *pktdata){ - ipv6->ip6_src.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6->ip6_src.s6_addr16[i]=random(); -+ ipv6->ip6_src.s6_addr16[i]=arc4random(); - - if(srcpreflen%16){ - mask=0xffff; -@@ -1377,8 +1374,7 @@ void send_packet(const u_char *pktdata){ - ipv6->ip6_src.s6_addr16[i]= ipv6->ip6_src.s6_addr16[i] | srcaddr.s6_addr16[i]; - - if(!hsrcaddr_f){ -- for(i=0; i<6; i++) -- ethernet->src.a[i]= random(); -+ arc4random_buf(ðernet->src, sizeof(struct ether_addr)); - } - - if(tllaopt_f && !tllaopta_f){ -@@ -1400,7 +1396,7 @@ void send_packet(const u_char *pktdata){ - na->nd_na_target.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- na->nd_na_target.s6_addr16[i]=random(); -+ na->nd_na_target.s6_addr16[i]=arc4random(); - - if(targetpreflen%16){ - mask=0xffff; -@@ -1475,7 +1471,7 @@ void send_packet(const u_char *pktdata){ - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* diff --git a/net/ipv6-toolkit/patches/patch-tools_ni6_c b/net/ipv6-toolkit/patches/patch-tools_ni6_c deleted file mode 100644 index cdc568955c0..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_ni6_c +++ /dev/null @@ -1,112 +0,0 @@ -$OpenBSD: patch-tools_ni6_c,v 1.1 2013/09/26 21:52:36 bluhm Exp $ ---- tools/ni6.c.orig Thu Aug 22 11:40:01 2013 -+++ tools/ni6.c Sun Sep 8 21:24:43 2013 -@@ -294,8 +294,7 @@ int main(int argc, char **argv){ - exit(1); - } - -- srandom(time(NULL)); -- hoplimit=64+random()%180; -+ hoplimit=64+arc4random_uniform(180); - - if(init_iface_data(&idata) == -1){ - puts("Error initializing internal data structure"); -@@ -2151,10 +2150,8 @@ int send_packet(const u_char *pktdata, struct pcap_pkt - bzero(ptr, 4); - ptr+= 4; - -- for(i=0; ini_qtype= htons(qtype); - ni->ni_flags= htons(flags); - -- for(i=0; i<8; i++) -- ni->icmp6_ni_nonce[i]= random(); -+ arc4random_buf(ni->icmp6_ni_nonce, 8); - - ptr= ptr + sizeof(struct icmp6_nodeinfo); - -@@ -2351,10 +2343,8 @@ int send_packet(const u_char *pktdata, struct pcap_pkt - return(-1); - } - -- for(i=0; i (v6buffer+max_packet_size)){ -@@ -2403,7 +2393,7 @@ int send_packet(const u_char *pktdata, struct pcap_pkt - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* -@@ -3098,7 +3088,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - ipv6addr->s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6addr->s6_addr16[i]=random(); -+ ipv6addr->s6_addr16[i]=arc4random(); - - if(preflen%16){ - mask=0xffff; -@@ -3123,8 +3113,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - */ - - void randomize_ether_addr(struct ether_addr *ethaddr){ -- for(i=0; i<6; i++) -- ethaddr->a[i]= random(); -+ arc4random_buf(ethaddr, sizeof(struct ether_addr)); - - ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; - } -@@ -4017,7 +4006,7 @@ int send_neighbor_advert(struct iface_data *idata, pca - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* diff --git a/net/ipv6-toolkit/patches/patch-tools_ns6_c b/net/ipv6-toolkit/patches/patch-tools_ns6_c deleted file mode 100644 index 71fda18a164..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_ns6_c +++ /dev/null @@ -1,68 +0,0 @@ -$OpenBSD: patch-tools_ns6_c,v 1.1 2013/09/26 21:52:36 bluhm Exp $ ---- tools/ns6.c.orig Wed Jul 24 02:48:38 2013 -+++ tools/ns6.c Sun Sep 8 21:25:54 2013 -@@ -538,8 +538,6 @@ int main(int argc, char **argv){ - - pcap_freecode(&pcap_filter); - -- srandom(time(NULL)); -- - /* - If the IPv6 Source Address has not been specified, and the "-F" (flood) option has - not been specified, select a random link-local unicast address. -@@ -557,7 +555,7 @@ int main(int argc, char **argv){ - srcaddr.s6_addr16[i]=0x0000; - - for(i=4; i<8; i++) -- srcaddr.s6_addr16[i]=random(); -+ srcaddr.s6_addr16[i]=arc4random(); - } - - -@@ -598,8 +596,7 @@ int main(int argc, char **argv){ - } - - if(!hsrcaddr_f && !floods_f) /* Source link-layer address is randomized by default */ -- for(i=0; i<6; i++) -- hsrcaddr.a[i]= random(); -+ arc4random_buf(&hsrcaddr, sizeof(struct ether_addr)); - - if(sllopt_f && !sllopta_f){ /* The value of the source link-layer address option */ - linkaddr[0]= hsrcaddr; /* defaults to the source Ethernet address */ -@@ -808,7 +805,7 @@ void send_packet(void){ - ipv6->ip6_src.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6->ip6_src.s6_addr16[i]=random(); -+ ipv6->ip6_src.s6_addr16[i]=arc4random(); - - - if(srcpreflen%16){ -@@ -824,8 +821,7 @@ void send_packet(void){ - ipv6->ip6_src.s6_addr16[i]= ipv6->ip6_src.s6_addr16[i] | srcaddr.s6_addr16[i]; - - if(!hsrcaddr_f){ -- for(i=0; i<6; i++) -- ethernet->src.a[i]= random(); -+ arc4random_buf(ðernet->src, sizeof(struct ether_addr)); - - /* - If the source-link layer address must be included, but no value was -@@ -851,7 +847,7 @@ void send_packet(void){ - ns->nd_ns_target.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ns->nd_ns_target.s6_addr16[i]=random(); -+ ns->nd_ns_target.s6_addr16[i]=arc4random(); - - if(targetpreflen%16){ - mask=0xffff; -@@ -921,7 +917,7 @@ void send_packet(void){ - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* diff --git a/net/ipv6-toolkit/patches/patch-tools_ra6_c b/net/ipv6-toolkit/patches/patch-tools_ra6_c deleted file mode 100644 index bfd262b20f2..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_ra6_c +++ /dev/null @@ -1,88 +0,0 @@ -$OpenBSD: patch-tools_ra6_c,v 1.1 2013/09/26 21:52:36 bluhm Exp $ ---- tools/ra6.c.orig Wed Jul 24 02:48:38 2013 -+++ tools/ra6.c Sun Sep 8 21:34:09 2013 -@@ -254,7 +254,6 @@ int main(int argc, char **argv){ - lifetime= DEFAULT_ROUTER_LIFETIME; - reachable= DEFAULT_ROUTER_REACHABLE; - retrans= DEFAULT_ROUTER_RETRANS; -- srandom(time(NULL)); - - while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { - option= r; -@@ -1093,7 +1092,7 @@ int main(int argc, char **argv){ - srcaddr.s6_addr16[i]=0x0000; - - for(i=4; i<8; i++) -- srcaddr.s6_addr16[i]=random(); -+ srcaddr.s6_addr16[i]=arc4random(); - } - - /* -@@ -1116,8 +1115,7 @@ int main(int argc, char **argv){ - } - - if(!hsrcaddr_f) /* Source link-layer address is randomized by default */ -- for(i=0; i<6; i++) -- hsrcaddr.a[i]= random(); -+ arc4random_buf(&hsrcaddr, sizeof(struct ether_addr)); - - if(!hdstaddr_f) /* Destination link-layer address defaults to all-nodes */ - if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &hdstaddr, sizeof(hdstaddr)) == 0){ -@@ -1542,7 +1540,7 @@ void send_packet(const u_char *pktdata){ - ipv6->ip6_src.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6->ip6_src.s6_addr16[i]=random(); -+ ipv6->ip6_src.s6_addr16[i]=arc4random(); - - - if(srcpreflen%16){ -@@ -1559,8 +1557,7 @@ void send_packet(const u_char *pktdata){ - ipv6->ip6_src.s6_addr16[i]= ipv6->ip6_src.s6_addr16[i] | srcaddr.s6_addr16[i]; - - if(!hsrcaddr_f){ -- for(i=0; i<6; i++) -- ethernet->src.a[i]= random(); -+ arc4random_buf(ðernet->src, sizeof(struct ether_addr)); - - /* - If the source-link layer address must be included, but no value was -@@ -1634,8 +1631,7 @@ void send_packet(const u_char *pktdata){ - - endrand= (prefixlen[0]+15)/16; - -- for(i=0; ind_opt_pi_prefix.s6_addr16[i]=random(); -+ arc4random_buf(&prefixopt->nd_opt_pi_prefix, endrand<<1); - - if(prefixlen[0]%16){ - mask=0; -@@ -1677,8 +1673,7 @@ void send_packet(const u_char *pktdata){ - - endrand= (routelen[0]+15)/16; - -- for(i=0; ind_opt_ri_prefix.s6_addr16[i]=random(); -+ arc4random_buf(&routeopt->nd_opt_ri_prefix, endrand<<1); - - if(routelen[0]%16){ - mask=0; -@@ -1728,8 +1723,7 @@ void send_packet(const u_char *pktdata){ - dnsopt->nd_opt_rdnss_lifetime= htonl(rdnsslife[0]); - - for(i=0; ind_opt_rdnss_addr[i].s6_addr16[j]=random(); -+ arc4random_buf(&dnsopt->nd_opt_rdnss_addr[i], 16); - - dnsopt->nd_opt_rdnss_len= (sizeof(struct nd_opt_rdnss_l) + \ - i * sizeof(struct in6_addr))/8; -@@ -1772,7 +1766,7 @@ void send_packet(const u_char *pktdata){ - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - /* - * Check that the selected fragment size is not larger than the largest fragment size diff --git a/net/ipv6-toolkit/patches/patch-tools_rd6_c b/net/ipv6-toolkit/patches/patch-tools_rd6_c deleted file mode 100644 index dd890331ed2..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_rd6_c +++ /dev/null @@ -1,212 +0,0 @@ -$OpenBSD: patch-tools_rd6_c,v 1.1 2013/09/26 21:52:36 bluhm Exp $ ---- tools/rd6.c.orig Thu Aug 22 11:49:10 2013 -+++ tools/rd6.c Sun Sep 8 21:37:46 2013 -@@ -1036,8 +1036,6 @@ int main(int argc, char **argv){ - exit(1); - } - -- srandom(time(NULL)); -- - /* - If the flood option ("-F") has been specified, but no prefix has been specified, - select the random Source Addresses from the link-local unicast prefix (fe80::/64). -@@ -1062,8 +1060,7 @@ int main(int argc, char **argv){ - } - - if(!hsrcaddr_f && !learnrouter_f) /* Source link-layer address is randomized by default */ -- for(i=0; i<6; i++) -- hsrcaddr.a[i]= random(); -+ arc4random_buf(&hsrcaddr, sizeof(struct ether_addr)); - - if(!hdstaddr_f && dstaddr_f){ - if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &hdstaddr, sizeof(hdstaddr)) == 0){ -@@ -1208,19 +1205,19 @@ int main(int argc, char **argv){ - tcpflags= tcpflags | TH_ACK; - - if(!tcpack_f) -- tcpack= random(); -+ tcpack= arc4random(); - - if(!tcpseq_f) -- tcpseq= random(); -+ tcpseq= arc4random(); - - if(!tcpwin_f) -- tcpwin= ((u_int16_t) random() + 1500) & (u_int16_t)0x7f00; -+ tcpwin= ((u_int16_t) arc4random() + 1500) & (u_int16_t)0x7f00; - - if(!peerport_f) -- peerport= random(); -+ peerport= arc4random(); - - if(!redirport_f) -- redirport= random(); -+ redirport= arc4random(); - - if(!tcpurg_f) - tcpurg= 0; -@@ -1228,18 +1225,18 @@ int main(int argc, char **argv){ - - if(rhudp_f){ - if(!peerport_f) -- peerport= random(); -+ peerport= arc4random(); - - if(!redirport_f) -- redirport= random(); -+ redirport= arc4random(); - } - - if(rhicmp6_f){ - if(!icmp6id_f) -- icmp6id= random(); -+ icmp6id= arc4random(); - - if(!icmp6seq_f) -- icmp6seq= random(); -+ icmp6seq= arc4random(); - } - - if(verbose_f){ -@@ -1601,7 +1598,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - ipv6->ip6_src.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6->ip6_src.s6_addr16[i]=random(); -+ ipv6->ip6_src.s6_addr16[i]=arc4random(); - - if(srcpreflen%16){ - mask=0xffff; -@@ -1617,8 +1614,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - ipv6->ip6_src.s6_addr16[i]= ipv6->ip6_src.s6_addr16[i] | srcaddr.s6_addr16[i]; - - if(!hsrcaddr_f){ -- for(i=0; i<6; i++) -- ethernet->src.a[i]= random(); -+ arc4random_buf(ðernet->src, sizeof(struct ether_addr)); - } - - if(tllaopt_f && !tllaopta_f){ -@@ -1640,7 +1636,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - rd->nd_rd_dst.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- rd->nd_rd_dst.s6_addr16[i]=random(); -+ rd->nd_rd_dst.s6_addr16[i]=arc4random(); - - if(redirpreflen%16){ - mask=0xffff; -@@ -1673,7 +1669,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - rd->nd_rd_target.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- rd->nd_rd_target.s6_addr16[i]=random(); -+ rd->nd_rd_target.s6_addr16[i]=arc4random(); - - if(targetpreflen%16){ - mask=0xffff; -@@ -1818,7 +1814,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - rhtcp->th_urp= htons(tcpurg); - rhtcp->th_win= htons(tcpwin); - rhtcp->th_off= MIN_TCP_HLEN >> 2; -- rhtcp->th_sum = random(); -+ rhtcp->th_sum = arc4random(); - - if(rhbytes <= (MIN_IPV6_HLEN + MIN_TCP_HLEN)){ - bcopy(rhbuff, ptr, rhbytes); -@@ -1828,12 +1824,9 @@ void send_packet(const u_char *pktdata, struct pcap_pk - bcopy(rhbuff, ptr, MIN_IPV6_HLEN+MIN_TCP_HLEN); - ptr += MIN_IPV6_HLEN+MIN_TCP_HLEN; - rhbytes -= MIN_IPV6_HLEN+MIN_TCP_HLEN; -- -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - } - } - -@@ -1843,7 +1836,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - rhudp->uh_sport= htons(peerport); - rhudp->uh_dport= htons(redirport); - rhudp->uh_ulen= rhipv6->ip6_plen; -- rhudp->uh_sum= random(); -+ rhudp->uh_sum= arc4random(); - - if(rhbytes <= (MIN_IPV6_HLEN + MIN_UDP_HLEN)){ - bcopy(rhbuff, ptr, rhbytes); -@@ -1853,11 +1846,9 @@ void send_packet(const u_char *pktdata, struct pcap_pk - bcopy(rhbuff, ptr, MIN_IPV6_HLEN+MIN_UDP_HLEN); - ptr += MIN_IPV6_HLEN+MIN_UDP_HLEN; - rhbytes -= MIN_IPV6_HLEN+MIN_UDP_HLEN; -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - } - } - else if(rhicmp6_f){ -@@ -1865,9 +1856,9 @@ void send_packet(const u_char *pktdata, struct pcap_pk - rhicmp6 = (struct icmp6_hdr *) (rhbuff + sizeof(struct ip6_hdr)); - rhicmp6->icmp6_type = ICMP6_ECHO_REQUEST; - rhicmp6->icmp6_code = 0; -- rhicmp6->icmp6_cksum = random(); -- rhicmp6->icmp6_data16[0]= random(); /* Identifier */ -- rhicmp6->icmp6_data16[1]= random(); /* Sequence Number */ -+ rhicmp6->icmp6_cksum = arc4random(); -+ rhicmp6->icmp6_data16[0]= arc4random(); /* Identifier */ -+ rhicmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - if(rhbytes <= (MIN_IPV6_HLEN + MIN_ICMP6_HLEN)){ - bcopy(rhbuff, ptr, rhbytes); -@@ -1877,11 +1868,9 @@ void send_packet(const u_char *pktdata, struct pcap_pk - bcopy(rhbuff, ptr, MIN_IPV6_HLEN+MIN_ICMP6_HLEN); - ptr += MIN_IPV6_HLEN+MIN_ICMP6_HLEN; - rhbytes -= MIN_IPV6_HLEN+MIN_ICMP6_HLEN; -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - } - } - } -@@ -1920,7 +1909,7 @@ void send_packet(const u_char *pktdata, struct pcap_pk - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* -@@ -2568,7 +2557,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - ipv6addr->s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6addr->s6_addr16[i]=random(); -+ ipv6addr->s6_addr16[i]=arc4random(); - - if(preflen%16){ - mask=0xffff; -@@ -2593,8 +2582,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - */ - - void randomize_ether_addr(struct ether_addr *ethaddr){ -- for(i=0; i<6; i++) -- ethaddr->a[i]= random(); -+ arc4random_buf(ethaddr, sizeof(struct ether_addr)); - - ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; - } diff --git a/net/ipv6-toolkit/patches/patch-tools_rs6_c b/net/ipv6-toolkit/patches/patch-tools_rs6_c deleted file mode 100644 index c67eb093769..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_rs6_c +++ /dev/null @@ -1,58 +0,0 @@ -$OpenBSD: patch-tools_rs6_c,v 1.1 2013/09/26 21:52:36 bluhm Exp $ ---- tools/rs6.c.orig Wed Jul 3 03:00:34 2013 -+++ tools/rs6.c Sun Sep 8 21:38:57 2013 -@@ -498,8 +498,6 @@ int main(int argc, char **argv){ - - pcap_freecode(&pcap_filter); - -- srandom(time(NULL)); -- - /* - If the IPv6 Source Address has not been specified, and the "-F" (flood) option has - not been specified, select a random link-local unicast address. -@@ -516,7 +514,7 @@ int main(int argc, char **argv){ - srcaddr.s6_addr16[i]=0x0000; - - for(i=4; i<8; i++) -- srcaddr.s6_addr16[i]=random(); -+ srcaddr.s6_addr16[i]=arc4random(); - - } - -@@ -543,7 +541,7 @@ int main(int argc, char **argv){ - - if(!hsrcaddr_f) /* Source link-layer address is randomized by default */ - for(i=0; i<6; i++) -- hsrcaddr.a[i]= random(); -+ arc4random_buf(&hsrcaddr, sizeof(struct ether_addr)); - - if(!hdstaddr_f) /* Destination link-layer address defaults to all-nodes */ - if(ether_pton(ETHER_ALL_ROUTERS_LINK_ADDR, &hdstaddr, sizeof(hdstaddr)) == 0){ -@@ -754,7 +752,7 @@ void send_packet(void){ - ipv6->ip6_src.s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6->ip6_src.s6_addr16[i]=random(); -+ ipv6->ip6_src.s6_addr16[i]=arc4random(); - - - if(srcpreflen%16){ -@@ -771,8 +769,7 @@ void send_packet(void){ - ipv6->ip6_src.s6_addr16[i]= ipv6->ip6_src.s6_addr16[i] | srcaddr.s6_addr16[i]; - - if(!hsrcaddr_f){ -- for(i=0; i<6; i++) -- ethernet->src.a[i]= random(); -+ arc4random_buf(ðernet->src, sizeof(struct ether_addr)); - - /* - If the source-link layer address must be included, but no value was -@@ -838,7 +835,7 @@ void send_packet(void){ - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* diff --git a/net/ipv6-toolkit/patches/patch-tools_scan6_c b/net/ipv6-toolkit/patches/patch-tools_scan6_c deleted file mode 100644 index 62d07e12475..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_scan6_c +++ /dev/null @@ -1,278 +0,0 @@ -$OpenBSD: patch-tools_scan6_c,v 1.1 2013/09/26 21:52:36 bluhm Exp $ ---- tools/scan6.c.orig Mon Aug 12 09:03:33 2013 -+++ tools/scan6.c Sun Sep 8 22:10:38 2013 -@@ -338,8 +338,7 @@ int main(int argc, char **argv){ - exit(1); - } - -- srandom(time(NULL)); -- hoplimit=64+random()%180; -+ hoplimit=64+arc4random_uniform(180); - - init_iface_data(&idata); - -@@ -954,7 +953,7 @@ int main(int argc, char **argv){ - */ - strncpy(oui_ascii, optarg, 8); - oui_ascii[8]= 0; -- strncat(oui_ascii, oui_end, ETHER_ADDR_PLEN-8); -+ strlcat(oui_ascii, oui_end, ETHER_ADDR_PLEN); - - if(ether_pton(oui_ascii, &oui, sizeof(oui)) == 0){ - puts("Error in vendor IEEE OUI"); -@@ -3003,7 +3002,7 @@ int load_vendor_entries(struct scan_list *scan, struct - /* zero-terminate the string */ - oui_ascii[8]= 0; - -- strncat(oui_ascii, oui_end, ETHER_ADDR_PLEN); -+ strlcat(oui_ascii, oui_end, ETHER_ADDR_PLEN); - - if(ether_pton(oui_ascii, &oui_list[ouis], sizeof(oui_list[ouis])) == 0){ - if(verbose_f) -@@ -3465,7 +3464,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - ipv6addr->s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6addr->s6_addr16[i]=random(); -+ ipv6addr->s6_addr16[i]=arc4random(); - - if(preflen%16){ - mask=0xffff; -@@ -3490,8 +3489,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - */ - - void randomize_ether_addr(struct ether_addr *ethaddr){ -- for(i=0; i<6; i++) -- ethaddr->a[i]= random(); -+ arc4random_buf(ethaddr, sizeof(struct ether_addr)); - - ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; - } -@@ -4298,7 +4296,6 @@ int match_ipv6_to_prefixes(struct in6_addr *ipv6addr, - - int send_probe_remote(struct iface_data *idata, struct scan_list *scan, struct in6_addr *srcaddr, unsigned char type){ - unsigned char *ptr; -- unsigned int i; - struct ether_header *ether; - struct dlt_null *dlt_null; - unsigned char *v6buffer; -@@ -4306,7 +4303,6 @@ int send_probe_remote(struct iface_data *idata, struct - struct tcphdr *tcp; - struct ip6_dest *destopth; - struct ip6_option *opt; -- u_int32_t *uint32; - - /* max_packet_size holds is equal to the link MTU, since the tool doesn't support packets larger than the link MTU */ - max_packet_size = idata->mtu; -@@ -4362,10 +4358,8 @@ int send_probe_remote(struct iface_data *idata, struct - - ptr = ptr+ sizeof(struct icmp6_hdr); - -- for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, ICMPV6_ECHO_PAYLOAD_SIZE); -+ ptr += ICMPV6_ECHO_PAYLOAD_SIZE; - - ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); - icmp6->icmp6_cksum = 0; -@@ -4392,8 +4386,7 @@ int send_probe_remote(struct iface_data *idata, struct - opt->ip6o_len= 4; - - ptr= ptr + 2; -- uint32 = (u_int32_t *) ptr; -- *uint32 = random(); -+ arc4random_buf(ptr, 4); - - ptr= ptr +4; - icmp6 = (struct icmp6_hdr *) ptr; -@@ -4404,10 +4397,8 @@ int send_probe_remote(struct iface_data *idata, struct - - ptr = ptr+ sizeof(struct icmp6_hdr); - -- for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, ICMPV6_ECHO_PAYLOAD_SIZE); -+ ptr += ICMPV6_ECHO_PAYLOAD_SIZE; - - ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); - icmp6->icmp6_cksum = 0; -@@ -4430,12 +4421,12 @@ int send_probe_remote(struct iface_data *idata, struct - if(srcport_f) - tcp->th_sport= htons(srcport); - else -- tcp->th_sport= htons(1024+ rand() % 64512); -+ tcp->th_sport= htons(1024+ arc4random_uniform(64512)); - - if(dstport_f) - tcp->th_dport= htons(dstport); - else -- tcp->th_dport= htons(1+ rand() % 1024); -+ tcp->th_dport= htons(1+ arc4random_uniform(1024)); - - if(tcpflags_f) - tcp->th_flags= tcpflags; -@@ -4443,11 +4434,11 @@ int send_probe_remote(struct iface_data *idata, struct - tcp->th_flags= TH_ACK; - - if(tcpflags & TH_ACK) -- tcp->th_ack= htonl(rand()); -+ tcp->th_ack= arc4random(); - else - tcp->th_ack= htonl(0); - -- tcp->th_win= htons( 4096 * (rand() % 9 + 1)); -+ tcp->th_win= htons( 4096 * (arc4random_uniform(9) + 1)); - - /* Current version of tcp6 does not support sending TCP options */ - tcp->th_off= sizeof(struct tcphdr) >> 2; -@@ -4458,18 +4449,10 @@ int send_probe_remote(struct iface_data *idata, struct - exit(1); - } - -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - -- while(rhbytes>0){ -- *(u_int8_t *) ptr= (u_int8_t) random(); -- ptr++; -- rhbytes--; -- } -- - ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); - tcp->th_sum = 0; - tcp->th_sum = in_chksum(v6buffer, tcp, ptr-((unsigned char *)tcp), IPPROTO_TCP); -@@ -4521,7 +4504,6 @@ int multi_scan_local(pcap_t *pfd, struct iface_data *i - struct sigaction new_sig, old_sig; - struct ip6_dest *destopth; - struct ip6_option *opt; -- u_int32_t *uint32; - unsigned char error_f=0, closefd_f=0, llocalsrc_f=0; - int result; - -@@ -4633,16 +4615,14 @@ int multi_scan_local(pcap_t *pfd, struct iface_data *i - icmp6 = (struct icmp6_hdr *) ptr; - icmp6->icmp6_type = ICMP6_ECHO_REQUEST; - icmp6->icmp6_code = 0; -- icmp6->icmp6_cksum = random(); -+ icmp6->icmp6_cksum = arc4random(); - icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ -- icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ -+ icmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - ptr = ptr+ sizeof(struct icmp6_hdr); - -- for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, ICMPV6_ECHO_PAYLOAD_SIZE); -+ ptr += ICMPV6_ECHO_PAYLOAD_SIZE; - break; - - case PROBE_UNREC_OPT: -@@ -4668,23 +4648,20 @@ int multi_scan_local(pcap_t *pfd, struct iface_data *i - opt->ip6o_len= 4; - - ptr= ptr + 2; -- uint32 = (u_int32_t *) ptr; -- *uint32 = random(); -+ arc4random_buf(ptr, 4); - - ptr= ptr +4; - icmp6 = (struct icmp6_hdr *) ptr; - icmp6->icmp6_type = ICMP6_ECHO_REQUEST; - icmp6->icmp6_code = 0; -- icmp6->icmp6_cksum = random(); -+ icmp6->icmp6_cksum = arc4random(); - icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ -- icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ -+ icmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - ptr = ptr+ sizeof(struct icmp6_hdr); - -- for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, ICMPV6_ECHO_PAYLOAD_SIZE); -+ ptr += ICMPV6_ECHO_PAYLOAD_SIZE; - break; - } - -@@ -4876,7 +4853,6 @@ int host_scan_local(pcap_t *pfd, struct iface_data *id - struct sigaction new_sig, old_sig; - struct ip6_dest *destopth; - struct ip6_option *opt; -- u_int32_t *uint32; - unsigned char foundaddr_f=0, error_f=0, closefd_f=0; - int result; - -@@ -4986,16 +4962,14 @@ int host_scan_local(pcap_t *pfd, struct iface_data *id - icmp6 = (struct icmp6_hdr *) ptr; - icmp6->icmp6_type = ICMP6_ECHO_REQUEST; - icmp6->icmp6_code = 0; -- icmp6->icmp6_cksum = random(); -+ icmp6->icmp6_cksum = arc4random(); - icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ -- icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ -+ icmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - ptr = ptr+ sizeof(struct icmp6_hdr); - -- for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf((unsigned char *)ptr, ICMPV6_ECHO_PAYLOAD_SIZE); -+ ptr += ICMPV6_ECHO_PAYLOAD_SIZE; - break; - - case PROBE_UNREC_OPT: -@@ -5022,23 +4996,20 @@ int host_scan_local(pcap_t *pfd, struct iface_data *id - opt->ip6o_len= 4; - - ptr= ptr + 2; -- uint32 = (u_int32_t *) ptr; -- *uint32 = random(); -+ arc4random_buf((unsigned char *)ptr, 4); - - ptr= ptr +4; - icmp6 = (struct icmp6_hdr *) ptr; - icmp6->icmp6_type = ICMP6_ECHO_REQUEST; - icmp6->icmp6_code = 0; -- icmp6->icmp6_cksum = random(); -+ icmp6->icmp6_cksum = arc4random(); - icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ -- icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ -+ icmp6->icmp6_data16[1]= arc4random(); /* Sequence Number */ - - ptr = ptr+ sizeof(struct icmp6_hdr); - -- for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- } -+ arc4random_buf((unsigned char *)ptr, ICMPV6_ECHO_PAYLOAD_SIZE); -+ ptr += ICMPV6_ECHO_PAYLOAD_SIZE; - break; - } - -@@ -5623,7 +5594,7 @@ int send_neighbor_advert(struct iface_data *idata, pca - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* diff --git a/net/ipv6-toolkit/patches/patch-tools_tcp6_c b/net/ipv6-toolkit/patches/patch-tools_tcp6_c deleted file mode 100644 index c8095ba4a37..00000000000 --- a/net/ipv6-toolkit/patches/patch-tools_tcp6_c +++ /dev/null @@ -1,186 +0,0 @@ -$OpenBSD: patch-tools_tcp6_c,v 1.1 2013/09/26 21:52:36 bluhm Exp $ ---- tools/tcp6.c.orig Thu Aug 22 16:34:21 2013 -+++ tools/tcp6.c Sun Sep 8 22:10:54 2013 -@@ -225,7 +225,7 @@ int main(int argc, char **argv){ - fd_set sset, rset; - int r, sel; - struct timeval timeout, stimeout, curtime, lastprobe, wmtimeout; -- unsigned long pktinterval; -+ unsigned long pktinterval = 1000; /* We Default to 1000 pps */ - struct passwd *pwdptr; - - static struct option longopts[] = { -@@ -1055,8 +1055,6 @@ int main(int argc, char **argv){ - exit(1); - } - -- srandom(time(NULL)); -- - /* - If the flood option ("-F") has been specified, but no prefix has been specified, - select the random Source Addresses from the link-local unicast prefix (fe80::/64). -@@ -1220,10 +1218,6 @@ int main(int argc, char **argv){ - pktinterval= ((packetsize * 8)/rate) * 1000000; - } - -- /* We Default to 1000 pps */ -- if(!pps_f && !bps_f) -- pktinterval= 1000; -- - if( !fragh_f && dstoptuhdr_f){ - puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); - exit(1); -@@ -1242,16 +1236,16 @@ int main(int argc, char **argv){ - tcpflags= tcpflags | TH_ACK; - - if(!tcpack_f) -- tcpack= random(); -+ tcpack= arc4random(); - - if(!tcpseq_f) -- tcpseq= random(); -+ tcpseq= arc4random(); - - if(!srcport_f) -- srcport= random(); -+ srcport= arc4random(); - - if(!dstport_f) -- dstport= random(); -+ dstport= arc4random(); - - if(!tcpurg_f) - tcpurg= 0; -@@ -1259,7 +1253,7 @@ int main(int argc, char **argv){ - - /* By default, we randomize the TCP Window */ - if(!tcpwin_f) -- tcpwin= ((u_int16_t) random() + 1500) & (u_int16_t)0x7f00; -+ tcpwin= ((u_int16_t) arc4random() + 1500) & (u_int16_t)0x7f00; - - if(!rhbytes_f) - rhbytes=0; -@@ -1285,7 +1279,7 @@ int main(int argc, char **argv){ - - /* Set initial contents of the attack packet */ - init_packet_data(&idata); -- addr_key= random(); -+ addr_key= arc4random(); - - if(sleep_f) - pktinterval= (nsleep * 1000000)/(nsources * nports); -@@ -1779,7 +1773,7 @@ void send_packet(const u_char *pktdata){ - /* If it is a pure SYN, respond with a SYN/ACK */ - if(!(pkt_tcp->th_flags & TH_ACK)){ - tcp->th_flags = tcp->th_flags | TH_SYN | TH_ACK; -- tcp->th_seq= random(); -+ tcp->th_seq= arc4random(); - tcp->th_ack= htonl(ntohl(pkt_tcp->th_seq) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); - tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ - ((pkt_tcp->th_flags & TH_SYN)?1:0)); -@@ -1789,7 +1783,7 @@ void send_packet(const u_char *pktdata){ - /* If it is a pure SYN, respond with a SYN */ - if(!(pkt_tcp->th_flags & TH_ACK)){ - tcp->th_flags = tcp->th_flags | TH_SYN; -- tcp->th_seq= random(); -+ tcp->th_seq= arc4random(); - tcp->th_ack= 0; - } - else{ -@@ -2009,17 +2003,9 @@ void send_packet(const u_char *pktdata){ - exit(1); - } - -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -- -- while(rhbytes>0){ -- *(u_int8_t *) ptr= (u_int8_t) random(); -- ptr++; -- rhbytes--; -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - } - - tcp->th_sum = 0; -@@ -2123,19 +2109,10 @@ void send_packet(const u_char *pktdata){ - exit(1); - } - -- while(rhbytes>=4){ -- *(u_int32_t *)ptr = random(); -- ptr += sizeof(u_int32_t); -- rhbytes -= sizeof(u_int32_t); -- } -+ arc4random_buf(ptr, rhbytes); -+ ptr += rhbytes; -+ rhbytes = 0; - -- while(rhbytes>0){ -- *(u_int8_t *) ptr= (u_int8_t) random(); -- ptr++; -- rhbytes--; -- } -- -- - if(pktdata == NULL && (floods_f && ports == 0)){ - /* - Randomizing the IPv6 Source address based on the prefix specified by -@@ -2149,20 +2126,19 @@ void send_packet(const u_char *pktdata){ - detect which IPv6 addresses we have used. - */ - if(listen_f && useaddrkey_f){ -- ipv6->ip6_src.s6_addr16[4]= random(); -+ ipv6->ip6_src.s6_addr16[4]= arc4random(); - ipv6->ip6_src.s6_addr16[5]= ipv6->ip6_src.s6_addr16[4] ^ addr_key; -- ipv6->ip6_src.s6_addr16[6]= random(); -+ ipv6->ip6_src.s6_addr16[6]= arc4random(); - ipv6->ip6_src.s6_addr16[7]= ipv6->ip6_src.s6_addr16[6] ^ addr_key; - } - - if(idata.type == DLT_EN10MB && idata.flags != IFACE_LOOPBACK && !hsrcaddr_f){ -- for(i=0; i<6; i++) -- ethernet->src.a[i]= random(); -+ arc4random_buf(ðernet->src, sizeof(struct ether_addr)); - } - } - - if(pktdata == NULL && floodp_f){ -- tcp->th_sport= random(); -+ tcp->th_sport= arc4random(); - } - - tcp->th_sum = 0; -@@ -2214,7 +2190,7 @@ void frag_and_send(void){ - - memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); - fh= (struct ip6_frag *) fptr; -- fh->ip6f_ident=random(); -+ fh->ip6f_ident=arc4random(); - startoffragment = fptr + FRAG_HDR_SIZE; - - /* -@@ -2856,7 +2832,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - ipv6addr->s6_addr16[i]= 0; - - for(i=startrand; i<8; i++) -- ipv6addr->s6_addr16[i]=random(); -+ ipv6addr->s6_addr16[i]=arc4random(); - - if(preflen%16){ - mask=0xffff; -@@ -2881,8 +2857,7 @@ void randomize_ipv6_addr(struct in6_addr *ipv6addr, st - */ - - void randomize_ether_addr(struct ether_addr *ethaddr){ -- for(i=0; i<6; i++) -- ethaddr->a[i]= random(); -+ arc4random_buf(ethaddr, sizeof(struct ether_addr)); - - ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; - } diff --git a/net/ipv6-toolkit/pkg/DESCR b/net/ipv6-toolkit/pkg/DESCR index e145fdd7f18..f8c41227aa8 100644 --- a/net/ipv6-toolkit/pkg/DESCR +++ b/net/ipv6-toolkit/pkg/DESCR @@ -1,2 +1,8 @@ -The SI6 Networks' IPv6 toolkit is a set of IPv6 security/trouble-shooting -tools, that can send arbitrary IPv6-based packets. +The SI6 Networks' IPv6 toolkit is a set of IPv6 security assessment +and trouble-shooting tools. It can be leveraged to perform security +assessments of IPv6 networks, assess the resiliency of IPv6 devices +by performing real-world attacks against them, and to trouble-shoot +IPv6 networking problems. The tools comprising the toolkit range +from packet-crafting tools to send arbitrary Neighbor Discovery +packets to the most comprehensive IPv6 network scanning tool out +there (our scan6 tool). diff --git a/net/ipv6-toolkit/pkg/PLIST b/net/ipv6-toolkit/pkg/PLIST index 765d91e0d9a..ec662a515b4 100644 --- a/net/ipv6-toolkit/pkg/PLIST +++ b/net/ipv6-toolkit/pkg/PLIST @@ -1,18 +1,8 @@ -@comment $OpenBSD: PLIST,v 1.1.1.1 2013/08/30 23:41:15 bluhm Exp $ +@comment $OpenBSD: PLIST,v 1.2 2015/04/28 23:16:20 bluhm Exp $ +@conflict ipv6-toolkit-* @bin bin/addr6 -@bin bin/flow6 -@bin bin/frag6 -@bin bin/icmp6 -@bin bin/jumbo6 -@bin bin/na6 -@bin bin/ni6 -@bin bin/ns6 -@bin bin/ra6 -@bin bin/rd6 -@bin bin/rs6 -@bin bin/scan6 -@bin bin/tcp6 @man man/man1/addr6.1 +@man man/man1/blackhole6.1 @man man/man1/flow6.1 @man man/man1/frag6.1 @man man/man1/icmp6.1 @@ -20,15 +10,35 @@ @man man/man1/na6.1 @man man/man1/ni6.1 @man man/man1/ns6.1 +@man man/man1/path6.1 @man man/man1/ra6.1 @man man/man1/rd6.1 @man man/man1/rs6.1 @man man/man1/scan6.1 +@man man/man1/script6.1 @man man/man1/tcp6.1 +@man man/man1/udp6.1 @man man/man5/ipv6toolkit.conf.5 @man man/man7/ipv6toolkit.7 -share/examples/ipv6-toolkit/ -share/examples/ipv6-toolkit/ipv6toolkit.conf +sbin/blackhole6 +@bin sbin/flow6 +@bin sbin/frag6 +@bin sbin/icmp6 +@bin sbin/jumbo6 +@bin sbin/na6 +@bin sbin/ni6 +@bin sbin/ns6 +@bin sbin/path6 +@bin sbin/ra6 +@bin sbin/rd6 +@bin sbin/rs6 +@bin sbin/scan6 +sbin/script6 +@bin sbin/tcp6 +@bin sbin/udp6 +share/examples/ipv6toolkit/ +share/examples/ipv6toolkit/ipv6toolkit.conf @sample ${SYSCONFDIR}/ipv6toolkit.conf share/ipv6toolkit/ share/ipv6toolkit/oui.txt +share/ipv6toolkit/service-names-port-numbers.csv