summaryrefslogtreecommitdiffstats
path: root/sysdep
diff options
context:
space:
mode:
Diffstat (limited to 'sysdep')
-rw-r--r--sysdep/autoconf.h.in4
-rw-r--r--sysdep/bsd/sysio.h45
-rw-r--r--sysdep/linux/sysio.h35
-rw-r--r--sysdep/unix/endian.h3
-rw-r--r--sysdep/unix/io.c37
-rw-r--r--sysdep/unix/krt.c2
6 files changed, 88 insertions, 38 deletions
diff --git a/sysdep/autoconf.h.in b/sysdep/autoconf.h.in
index 6cf90aa..66e66a8 100644
--- a/sysdep/autoconf.h.in
+++ b/sysdep/autoconf.h.in
@@ -54,3 +54,7 @@
/* struct sockaddr_in(6) */
#undef HAVE_SIN_LEN
+
+/* We have stdint.h */
+#undef HAVE_STDINT_H
+
diff --git a/sysdep/bsd/sysio.h b/sysdep/bsd/sysio.h
index b2dc3a2..b0ec456 100644
--- a/sysdep/bsd/sysio.h
+++ b/sysdep/bsd/sysio.h
@@ -74,3 +74,48 @@ sysio_mcast_join(sock * s)
}
#endif
+
+
+#include <netinet/tcp.h>
+#ifndef TCP_KEYLEN_MAX
+#define TCP_KEYLEN_MAX 80
+#endif
+#ifndef TCP_SIG_SPI
+#define TCP_SIG_SPI 0x1000
+#endif
+
+/*
+ * FIXME: Passwords has to be set by setkey(8) command. This is the same
+ * behaviour like Quagga. We need to add code for SA/SP entries
+ * management.
+ */
+
+static int
+sk_set_md5_auth_int(sock *s, sockaddr *sa, char *passwd)
+{
+ int enable = 0;
+ if (passwd)
+ {
+ int len = strlen(passwd);
+
+ enable = len ? TCP_SIG_SPI : 0;
+
+ if (len > TCP_KEYLEN_MAX)
+ {
+ log(L_ERR "MD5 password too long");
+ return -1;
+ }
+ }
+
+ int rv = setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &enable, sizeof(enable));
+
+ if (rv < 0)
+ {
+ if (errno == ENOPROTOOPT)
+ log(L_ERR "Kernel does not support TCP MD5 signatures");
+ else
+ log(L_ERR "sk_set_md5_auth_int: setsockopt: %m");
+ }
+
+ return rv;
+}
diff --git a/sysdep/linux/sysio.h b/sysdep/linux/sysio.h
index 6e54110..2fa5f0a 100644
--- a/sysdep/linux/sysio.h
+++ b/sysdep/linux/sysio.h
@@ -160,3 +160,38 @@ struct tcp_md5sig {
};
#endif
+
+static int
+sk_set_md5_auth_int(sock *s, sockaddr *sa, char *passwd)
+{
+ struct tcp_md5sig md5;
+
+ memset(&md5, 0, sizeof(md5));
+ memcpy(&md5.tcpm_addr, (struct sockaddr *) sa, sizeof(*sa));
+
+ if (passwd)
+ {
+ int len = strlen(passwd);
+
+ if (len > TCP_MD5SIG_MAXKEYLEN)
+ {
+ log(L_ERR "MD5 password too long");
+ return -1;
+ }
+
+ md5.tcpm_keylen = len;
+ memcpy(&md5.tcpm_key, passwd, len);
+ }
+
+ int rv = setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &md5, sizeof(md5));
+
+ if (rv < 0)
+ {
+ if (errno == ENOPROTOOPT)
+ log(L_ERR "Kernel does not support TCP MD5 signatures");
+ else
+ log(L_ERR "sk_set_md5_auth_int: setsockopt: %m");
+ }
+
+ return rv;
+}
diff --git a/sysdep/unix/endian.h b/sysdep/unix/endian.h
index 58c746f..bc48631 100644
--- a/sysdep/unix/endian.h
+++ b/sysdep/unix/endian.h
@@ -13,5 +13,8 @@
#include <sys/types.h>
#include <netinet/in.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
#endif
diff --git a/sysdep/unix/io.c b/sysdep/unix/io.c
index b6c7f84..50992fb 100644
--- a/sysdep/unix/io.c
+++ b/sysdep/unix/io.c
@@ -738,43 +738,6 @@ sk_set_ttl(sock *s, int ttl)
}
-/* FIXME: check portability */
-
-static int
-sk_set_md5_auth_int(sock *s, sockaddr *sa, char *passwd)
-{
- struct tcp_md5sig md5;
-
- memset(&md5, 0, sizeof(md5));
- memcpy(&md5.tcpm_addr, (struct sockaddr *) sa, sizeof(*sa));
-
- if (passwd)
- {
- int len = strlen(passwd);
-
- if (len > TCP_MD5SIG_MAXKEYLEN)
- {
- log(L_ERR "MD5 password too long");
- return -1;
- }
-
- md5.tcpm_keylen = len;
- memcpy(&md5.tcpm_key, passwd, len);
- }
-
- int rv = setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &md5, sizeof(md5));
-
- if (rv < 0)
- {
- if (errno == ENOPROTOOPT)
- log(L_ERR "Kernel does not support TCP MD5 signatures");
- else
- log(L_ERR "sk_set_md5_auth_int: setsockopt: %m");
- }
-
- return rv;
-}
-
/**
* sk_set_md5_auth - add / remove MD5 security association for given socket.
* @s: socket
diff --git a/sysdep/unix/krt.c b/sysdep/unix/krt.c
index 83456b0..6208f68 100644
--- a/sysdep/unix/krt.c
+++ b/sysdep/unix/krt.c
@@ -637,8 +637,8 @@ krt_got_route_async(struct krt_proto *p, rte *e, int new UNUSED)
DBG("It's a redirect, kill him! Kill! Kill!\n");
krt_set_notify(p, net, NULL, e);
break;
- case KRT_SRC_ALIEN:
#ifdef KRT_ALLOW_LEARN
+ case KRT_SRC_ALIEN:
if (KRT_CF->learn)
{
krt_learn_async(p, e, new);