diff options
| author | Ondrej Zajicek <santiago@crfreenet.org> | 2009-05-21 09:26:59 +0200 |
|---|---|---|
| committer | Ondrej Zajicek <santiago@crfreenet.org> | 2009-05-21 09:26:59 +0200 |
| commit | 6c84554b671fce473fe333ab3d8b548a0768882b (patch) | |
| tree | fff55c05f21325230e5470825bd03d48742875c1 /sysdep/bsd | |
| parent | f434d19174cb2d3054a00248ca609aa87bf8c263 (diff) | |
| parent | 4d176e14509c71823a539b3c8b6103e254296d4f (diff) | |
| download | bird-6c84554b671fce473fe333ab3d8b548a0768882b.tar bird-6c84554b671fce473fe333ab3d8b548a0768882b.zip | |
Merge branch 'master' into dev
Diffstat (limited to 'sysdep/bsd')
| -rw-r--r-- | sysdep/bsd/sysio.h | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/sysdep/bsd/sysio.h b/sysdep/bsd/sysio.h index b2dc3a2..b0ec456 100644 --- a/sysdep/bsd/sysio.h +++ b/sysdep/bsd/sysio.h @@ -74,3 +74,48 @@ sysio_mcast_join(sock * s) } #endif + + +#include <netinet/tcp.h> +#ifndef TCP_KEYLEN_MAX +#define TCP_KEYLEN_MAX 80 +#endif +#ifndef TCP_SIG_SPI +#define TCP_SIG_SPI 0x1000 +#endif + +/* + * FIXME: Passwords has to be set by setkey(8) command. This is the same + * behaviour like Quagga. We need to add code for SA/SP entries + * management. + */ + +static int +sk_set_md5_auth_int(sock *s, sockaddr *sa, char *passwd) +{ + int enable = 0; + if (passwd) + { + int len = strlen(passwd); + + enable = len ? TCP_SIG_SPI : 0; + + if (len > TCP_KEYLEN_MAX) + { + log(L_ERR "MD5 password too long"); + return -1; + } + } + + int rv = setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &enable, sizeof(enable)); + + if (rv < 0) + { + if (errno == ENOPROTOOPT) + log(L_ERR "Kernel does not support TCP MD5 signatures"); + else + log(L_ERR "sk_set_md5_auth_int: setsockopt: %m"); + } + + return rv; +} |