git: kernel - Port TCP-MD5 (RFC 2385) implementation.
Matthew Dillon
dillon at crater.dragonflybsd.org
Mon Sep 6 11:06:37 PDT 2010
commit b19929283b69fe2facf3900846620a3b688de8df
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Mon Sep 6 11:01:49 2010 -0700
kernel - Port TCP-MD5 (RFC 2385) implementation.
I have imported FreeBSD commits r125680, r125681 and r183001 into the
DragonFlyBSD code, it works well for both IPv4 and IPv6 BGP sessions.
This adds TCP_SIGNATURE to IPSEC.
For the uninitiated, this is a TCP option which provides for a means of
authenticating TCP sessions which came into being before IPSEC. It is
still relevant today, however, as it is used by many commercial router
vendors, particularly with BGP, and as such has become a requirement for
interconnect at many major Internet points of presence.
Tested with a Cisco 2611XM running IOS 12.3(24), and Quagga 0.99.17
Submitted-by: David =?iso-8859-1?Q?B=C9RARD?= <david at nfrance.com>
Ported-from: FreeBSD
Summary of changes:
sys/conf/options | 1 +
sys/config/LINT | 8 ++
sys/netinet/ip.h | 12 +++
sys/netinet/ip_output.c | 1 +
sys/netinet/tcp.h | 3 +
sys/netinet/tcp_input.c | 17 ++++-
sys/netinet/tcp_output.c | 32 +++++++++
sys/netinet/tcp_subr.c | 164 ++++++++++++++++++++++++++++++++++++++++++++
sys/netinet/tcp_syncache.c | 42 +++++++++++
sys/netinet/tcp_usrreq.c | 14 ++++
sys/netinet/tcp_var.h | 25 +++++++-
sys/netinet6/ipsec.h | 2 +
sys/netproto/key/key.c | 17 +++++
13 files changed, 336 insertions(+), 2 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b19929283b69fe2facf3900846620a3b688de8df
--
DragonFly BSD source repository
More information about the Commits
mailing list