kernel: deprecate Internet Class A/B/C

Hide historical Class A/B/C macros unless IN_HISTORICAL_NETS is defined;
define it for user level.  Define IN_MULTICAST separately from IN_CLASSD,
and use it in pf instead of IN_CLASSD.  Stop using class for setting
default masks when not specified; instead, define new default mask
(24 bits).  Warn when an Internet address is set without a mask.

MFC after:	1 month
Reviewed by:	cy
Differential Revision: https://reviews.freebsd.org/D32708

sys/contrib/ipfilter/netinet/fil.c

@@ -1715,7 +1715,7 @@ ipf_pr_ipv4hdr(fin)
 	fin->fin_crc += fi->fi_saddr;
 	fi->fi_daddr = ip->ip_dst.s_addr;
 	fin->fin_crc += fi->fi_daddr;
-	if (IN_CLASSD(ntohl(fi->fi_daddr)))
+	if (IN_MULTICAST(ntohl(fi->fi_daddr)))
 		fin->fin_flx |= FI_MULTICAST|FI_MBCAST;
 
 	/*

sys/netinet/in.c

@@ -449,18 +449,17 @@ in_aifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, struct thread *td)
 		ia->ia_sockmask = *mask;
 		ia->ia_subnetmask = ntohl(ia->ia_sockmask.sin_addr.s_addr);
 	} else {
-		in_addr_t i = ntohl(addr->sin_addr.s_addr);
-
 		/*
-	 	 * Be compatible with network classes, if netmask isn't
-		 * supplied, guess it based on classes.
+	 	 * If netmask isn't supplied, use default for now.
+		 * This is deprecated for interfaces other than loopback
+		 * or point-to-point; warn in other cases.  In the future
+		 * we should return an error rather than warning.
 	 	 */
-		if (IN_CLASSA(i))
-			ia->ia_subnetmask = IN_CLASSA_NET;
-		else if (IN_CLASSB(i))
-			ia->ia_subnetmask = IN_CLASSB_NET;
-		else
-			ia->ia_subnetmask = IN_CLASSC_NET;
+		if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) == 0)
+			printf("%s: set address: WARNING: network mask"
+			     " should be specified; using default mask\n",
+			     ifp->if_xname);
+		ia->ia_subnetmask = IN_NETMASK_DEFAULT;
 		ia->ia_sockmask.sin_addr.s_addr = htonl(ia->ia_subnetmask);
 	}
 	ia->ia_subnet = ntohl(addr->sin_addr.s_addr) & ia->ia_subnetmask;

sys/netinet/in.h

@@ -342,10 +342,15 @@ __END_DECLS
 #define	IPPORT_MAX		65535
 
 /*
- * Definitions of bits in internet address integers.
- * On subnets, the decomposition of addresses to host and net parts
- * is done according to subnet mask, not the masks here.
+ * Historical definitions of bits in internet address integers
+ * (pre-CIDR).  Class A/B/C are long obsolete, and now deprecated.
+ * Hide these definitions from the kernel unless IN_HISTORICAL_NETS
+ * is defined.  Provide the historical definitions to user level for now.
  */
+#ifndef _KERNEL
+#define IN_HISTORICAL_NETS
+#endif
+#ifdef IN_HISTORICAL_NETS
 #define	IN_CLASSA(i)		(((in_addr_t)(i) & 0x80000000) == 0)
 #define	IN_CLASSA_NET		0xff000000
 #define	IN_CLASSA_NSHIFT	24
@@ -362,12 +367,17 @@ __END_DECLS
 #define	IN_CLASSC_NET		0xffffff00
 #define	IN_CLASSC_NSHIFT	8
 #define	IN_CLASSC_HOST		0x000000ff
+#endif /* IN_HISTORICAL_NETS */
 
-#define	IN_CLASSD(i)		(((in_addr_t)(i) & 0xf0000000) == 0xe0000000)
+#define	IN_NETMASK_DEFAULT	0xffffff00	/* mask when forced to guess */
+
+#define	IN_MULTICAST(i)		(((in_addr_t)(i) & 0xf0000000) == 0xe0000000)
+#ifdef IN_HISTORICAL_NETS
+#define	IN_CLASSD(i)		IN_MULTICAST(i)
 #define	IN_CLASSD_NET		0xf0000000	/* These ones aren't really */
 #define	IN_CLASSD_NSHIFT	28		/* net and host fields, but */
 #define	IN_CLASSD_HOST		0x0fffffff	/* routing needn't know.    */
-#define	IN_MULTICAST(i)		IN_CLASSD(i)
+#endif /* IN_HISTORICAL_NETS */
 
 #define	IN_EXPERIMENTAL(i)	(((in_addr_t)(i) & 0xf0000000) == 0xf0000000)
 #define	IN_BADCLASS(i)		(((in_addr_t)(i) & 0xf0000000) == 0xf0000000)
@@ -398,7 +408,9 @@ __END_DECLS
 #define	INADDR_ALLMDNS_GROUP	((in_addr_t)0xe00000fb)	/* 224.0.0.251 */
 #define	INADDR_MAX_LOCAL_GROUP	((in_addr_t)0xe00000ff)	/* 224.0.0.255 */
 
+#ifdef IN_HISTORICAL_NETS
 #define	IN_LOOPBACKNET		127			/* official! */
+#endif /* IN_HISTORICAL_NETS */
 
 #define	IN_RFC3021_MASK		((in_addr_t)0xfffffffe)
 

sys/nfs/bootp_subr.c

@@ -654,7 +654,7 @@ bootpc_call(struct bootpc_globalcontext *gctx, struct thread *td)
 				    error, (int )bootp_so->so_state);
 
 			/* Set netmask to 255.0.0.0 */
-			sin->sin_addr.s_addr = htonl(IN_CLASSA_NET);
+			sin->sin_addr.s_addr = htonl(0xff000000);
 			error = ifioctl(bootp_so, SIOCAIFADDR, (caddr_t)ifra,
 			    td);
 			if (error != 0)
@@ -882,7 +882,7 @@ bootpc_fakeup_interface(struct bootpc_ifcontext *ifctx, struct thread *td)
 	clear_sinaddr(sin);
 	sin = (struct sockaddr_in *)&ifra->ifra_mask;
 	clear_sinaddr(sin);
-	sin->sin_addr.s_addr = htonl(IN_CLASSA_NET);
+	sin->sin_addr.s_addr = htonl(0xff000000);
 	sin = (struct sockaddr_in *)&ifra->ifra_broadaddr;
 	clear_sinaddr(sin);
 	sin->sin_addr.s_addr = htonl(INADDR_BROADCAST);
@@ -1485,12 +1485,12 @@ bootpc_decode_reply(struct nfsv3_diskless *nd, struct bootpc_ifcontext *ifctx,
 	printf("\n");
 
 	if (ifctx->gotnetmask == 0) {
-		if (IN_CLASSA(ntohl(ifctx->myaddr.sin_addr.s_addr)))
-			ifctx->netmask.sin_addr.s_addr = htonl(IN_CLASSA_NET);
-		else if (IN_CLASSB(ntohl(ifctx->myaddr.sin_addr.s_addr)))
-			ifctx->netmask.sin_addr.s_addr = htonl(IN_CLASSB_NET);
-		else
-			ifctx->netmask.sin_addr.s_addr = htonl(IN_CLASSC_NET);
+		/*
+		 * If there is no netmask, use a default, but we really
+		 * need the right mask from the server.
+		 */
+		printf("%s: no netmask received!\n", ifctx->ireq.ifr_name);
+		ifctx->netmask.sin_addr.s_addr = htonl(IN_NETMASK_DEFAULT);
 	}
 }