diff options
author | Ondrej Zajicek (work) <santiago@crfreenet.org> | 2016-05-12 17:49:12 +0200 |
---|---|---|
committer | Ondrej Zajicek (work) <santiago@crfreenet.org> | 2016-05-12 18:03:23 +0200 |
commit | af678af0d5c9ef3d8afdc0789b33dd0c40b6d6e5 (patch) | |
tree | 4d786cd3fecdbb370f1ceee5daecd3aa62fc205b /sysdep/bsd/sysio.h | |
parent | 286e2011d22ea6914d5f2db5de3f11911a1fb663 (diff) | |
parent | 8e433d6a529a883d566dc1d5a4afe0f1e2750baf (diff) |
Merge remote-tracking branch 'origin/master' into int-new
Diffstat (limited to 'sysdep/bsd/sysio.h')
-rw-r--r-- | sysdep/bsd/sysio.h | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/sysdep/bsd/sysio.h b/sysdep/bsd/sysio.h index c82d7a1e..6c20733f 100644 --- a/sysdep/bsd/sysio.h +++ b/sysdep/bsd/sysio.h @@ -189,30 +189,26 @@ sk_prepare_ip_header(sock *s, void *hdr, int dlen) #ifndef TCP_KEYLEN_MAX #define TCP_KEYLEN_MAX 80 #endif + #ifndef TCP_SIG_SPI #define TCP_SIG_SPI 0x1000 #endif -/* - * FIXME: Passwords has to be set by setkey(8) command. This is the same - * behaviour like Quagga. We need to add code for SA/SP entries - * management. - */ +#if defined(__FreeBSD__) +#define USE_MD5SIG_SETKEY +#include "lib/setkey.h" +#endif int -sk_set_md5_auth(sock *s, ip_addr a, struct iface *ifa, char *passwd) +sk_set_md5_auth(sock *s, ip_addr local, ip_addr remote, struct iface *ifa, char *passwd, int setkey UNUSED) { - int enable = 0; - - if (passwd && *passwd) - { - int len = strlen(passwd); - enable = TCP_SIG_SPI; - - if (len > TCP_KEYLEN_MAX) - ERR_MSG("MD5 password too long"); - } +#ifdef USE_MD5SIG_SETKEY + if (setkey) + if (sk_set_md5_in_sasp_db(s, local, remote, ifa, passwd) < 0) + return -1; +#endif + int enable = (passwd && *passwd) ? TCP_SIG_SPI : 0; if (setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &enable, sizeof(enable)) < 0) { if (errno == ENOPROTOOPT) |