git: kernel - Port TCP-MD5 (RFC 2385) implementation.

Matthew Dillon dillon at crater.dragonflybsd.org
Mon Sep 6 11:06:37 PDT 2010


commit b19929283b69fe2facf3900846620a3b688de8df
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date:   Mon Sep 6 11:01:49 2010 -0700

    kernel - Port TCP-MD5 (RFC 2385) implementation.
    
    I have imported FreeBSD commits r125680, r125681 and r183001 into the
    DragonFlyBSD code, it works well for both IPv4 and IPv6 BGP sessions.
    
    This adds TCP_SIGNATURE to IPSEC.
    
    For the uninitiated, this is a TCP option which provides for a means of
    authenticating TCP sessions which came into being before IPSEC. It is
    still relevant today, however, as it is used by many commercial router
    vendors, particularly with BGP, and as such has become a requirement for
    interconnect at many major Internet points of presence.
    
    Tested with a Cisco 2611XM running IOS 12.3(24), and Quagga 0.99.17
    
    Submitted-by: David =?iso-8859-1?Q?B=C9RARD?= <david at nfrance.com>
    Ported-from: FreeBSD

Summary of changes:
 sys/conf/options           |    1 +
 sys/config/LINT            |    8 ++
 sys/netinet/ip.h           |   12 +++
 sys/netinet/ip_output.c    |    1 +
 sys/netinet/tcp.h          |    3 +
 sys/netinet/tcp_input.c    |   17 ++++-
 sys/netinet/tcp_output.c   |   32 +++++++++
 sys/netinet/tcp_subr.c     |  164 ++++++++++++++++++++++++++++++++++++++++++++
 sys/netinet/tcp_syncache.c |   42 +++++++++++
 sys/netinet/tcp_usrreq.c   |   14 ++++
 sys/netinet/tcp_var.h      |   25 +++++++-
 sys/netinet6/ipsec.h       |    2 +
 sys/netproto/key/key.c     |   17 +++++
 13 files changed, 336 insertions(+), 2 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b19929283b69fe2facf3900846620a3b688de8df


-- 
DragonFly BSD source repository





More information about the Commits mailing list