? ping6
? ping6.8.manlint
Index: ping6.c
===================================================================
RCS file: /cvs/src/sbin/ping6/ping6.c,v
retrieving revision 1.108
diff -u -p -r1.108 ping6.c
--- ping6.c	2 May 2015 17:19:42 -0000	1.108
+++ ping6.c	27 Aug 2015 13:23:55 -0000
@@ -110,6 +110,8 @@
 
 #include <md5.h>
 #include <siphash.h>
+#define KEYSTREAM_ONLY
+#include <crypto/chacha_private.h>
 
 struct tv64 {
 	u_int64_t tv64_sec;
@@ -205,6 +207,7 @@ double tsum = 0.0;		/* sum of all times,
 double tsumsq = 0.0;		/* sum of all times squared, for std. dev. */
 struct tv64 tv64_offset;	/* random offset for time values */
 SIPHASH_KEY mac_key;
+chacha_ctx fill_stream;
 
 /* for node addresses */
 u_short naflags;
@@ -253,7 +256,7 @@ main(int argc, char *argv[])
 	struct itimerval itimer;
 	struct sockaddr_in6 from;
 	struct addrinfo hints;
-	int ch, i, packlen, preload, optval, ret_ga;
+	int ch, packlen, preload, optval, ret_ga;
 	u_char *datap, *packet;
 	char *e, *target, *ifname = NULL, *gateway = NULL;
 	const char *errstr;
@@ -597,9 +600,11 @@ main(int argc, char *argv[])
 
 	if (!(packet = malloc(packlen)))
 		err(1, "Unable to allocate packet");
-	if (!(options & F_PINGFILLED))
-		for (i = ICMP6ECHOLEN; i < packlen; ++i)
-			*datap++ = i;
+	if (!(options & F_PINGFILLED)) {
+		uint8_t key[32];
+		arc4random_buf(key, sizeof(key));
+		chacha_keysetup(&fill_stream, key, sizeof(key) * 8, 0);
+	}
 
 	ident = getpid() & 0xFFFF;
 	arc4random_buf(nonce, sizeof(nonce));
@@ -1096,6 +1101,16 @@ pinger(void)
 
 			memcpy(&outpack[ICMP6ECHOLEN],
 			    &payload, sizeof(payload));
+
+			if (!(options & F_PINGFILLED) &&
+			    datalen >= sizeof(payload)) {
+				u_int8_t *dp = &outpack[ICMP6ECHOLEN +
+				    sizeof(payload)];
+
+				chacha_ivsetup(&fill_stream, payload.mac);
+				chacha_encrypt_bytes(&fill_stream, dp, dp,
+				    datalen - sizeof(payload));
+			}
 		}
 		cc = ICMP6ECHOLEN + datalen;
 	}
@@ -1347,6 +1362,13 @@ pr_pack(u_char *buf, int cc, struct msgh
 				(void)printf(" (%d bytes %s)",
 				    abs(delta), delta > 0 ? "extra" : "short");
 				end = buf + MINIMUM(cc, ICMP6ECHOLEN + datalen);
+			}
+			memset(dp, 0, datalen - sizeof(payload));
+			if (!(options & F_PINGFILLED) &&
+			    datalen >= sizeof(payload)) {
+				chacha_ivsetup(&fill_stream, payload.mac);
+				chacha_encrypt_bytes(&fill_stream, dp, dp,
+				    datalen - sizeof(payload));
 			}
 			for (i = 8; cp < end; ++i, ++cp, ++dp) {
 				if (*cp != *dp) {