diff options
author | Ondrej Filip <feela@mamlas.feela.net> | 2009-05-04 18:17:46 +0200 |
---|---|---|
committer | Ondrej Filip <feela@mamlas.feela.net> | 2009-05-04 18:17:46 +0200 |
commit | 2b70f0742e808053f87315433a2a64c749c3ec1d (patch) | |
tree | b8aa2bfc5ad9644320442c59ee8c9c7dab5ee74d /sysdep/linux | |
parent | 1bc4b2cc840eb3f48c7e245528ef79c2b0ba50e7 (diff) | |
download | bird-2b70f0742e808053f87315433a2a64c749c3ec1d.tar bird-2b70f0742e808053f87315433a2a64c749c3ec1d.zip |
Linux specific TCP-MD5 handling moved to sysdep/linux/sysio.h
FreeBSD coded added. BSD cannot set BGP passwords itself.
This has to be done by external command.
Diffstat (limited to 'sysdep/linux')
-rw-r--r-- | sysdep/linux/sysio.h | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/sysdep/linux/sysio.h b/sysdep/linux/sysio.h index 6e54110..2fa5f0a 100644 --- a/sysdep/linux/sysio.h +++ b/sysdep/linux/sysio.h @@ -160,3 +160,38 @@ struct tcp_md5sig { }; #endif + +static int +sk_set_md5_auth_int(sock *s, sockaddr *sa, char *passwd) +{ + struct tcp_md5sig md5; + + memset(&md5, 0, sizeof(md5)); + memcpy(&md5.tcpm_addr, (struct sockaddr *) sa, sizeof(*sa)); + + if (passwd) + { + int len = strlen(passwd); + + if (len > TCP_MD5SIG_MAXKEYLEN) + { + log(L_ERR "MD5 password too long"); + return -1; + } + + md5.tcpm_keylen = len; + memcpy(&md5.tcpm_key, passwd, len); + } + + int rv = setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &md5, sizeof(md5)); + + if (rv < 0) + { + if (errno == ENOPROTOOPT) + log(L_ERR "Kernel does not support TCP MD5 signatures"); + else + log(L_ERR "sk_set_md5_auth_int: setsockopt: %m"); + } + + return rv; +} |