TCP‐MD5 (rfc2385) implementation in DragonFlyBSD

David BÉRARD david at nfrance.com
Wed Aug 25 02:50:34 PDT 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

For archive, I forgot to reply to list.


On 23/08/2010 21:44, David BÉRARD wrote:
> Hi Kernel list !
> 
> Alex Hornung wrote:
>> This is definitely not my expertise, but it seems, from looking at our
>> code, that we don't currently support tcp-md5 in kernel, and that's why
>> setkey doesn't accept it either.
> 
> Is rfc2385 planned to be implemented in the DragonFlyBSD Kernel, or should I
> start to hacking the Kernel to include FreeBSD patchs r125680 [1] and r125681 [2] ?
> 
> Are there any precautions to do this ?
> 
> Best regards,
> 
> [1] http://svn.freebsd.org/viewvc/base?view=revision&revision=125680
> [2] http://svn.freebsd.org/viewvc/base?view=revision&revision=125681
> 

Well, first off there seems to be something missing in those commits;
the file xform_tcp.c. It was seemingly introduced later (at rev 127785):
"This file was erroneously removed from HEAD when TCP-MD5 support was
MFC'd; correct this lameness."

Other than that, considering that the commit is quite old, as is our
code, it shouldn't be too hard to hack it in. If you require any
assistance, feel free to ask on the list or, for a faster response, on IRC.

Cheers,
Alex Hornung


- -- 
David BERARD
- ---------------------------------------
NFrance Conseil, Toulouse, France
david(at)nfrance.com
GPG|PGP KeyId 0x7FC68EB8
GPG|PGP Key http://tinyurl.com/gpgdavid
- ---------------------------------------
*     No electrons were harmed in     *
*    the transmission of this email   *
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAkx05kQACgkQYIAREn/Gjri6aQCfUSbfYs+NZJpizUZ8KyFeyzxi
WdIAn3H5cvDS5lM56A/6qau0G+dF2NQs
=9UOx
-----END PGP SIGNATURE-----





More information about the Kernel mailing list