summaryrefslogtreecommitdiffhomepage
path: root/pkg/server/sockopt_bsd.go
diff options
context:
space:
mode:
authorFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>2018-07-07 13:48:38 +0900
committerFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>2018-07-07 20:44:25 +0900
commitc4775c42510d1f1ddd55036dc19e982712fa6a0b (patch)
tree6ec8b61d4338c809e239e3003a2d32d480898e22 /pkg/server/sockopt_bsd.go
parentb3079759aa13172fcb548a83da9a9653d8d5fed4 (diff)
follow Standard Go Project Layout
https://github.com/golang-standards/project-layout Now you can see clearly what are private and public library code. Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Diffstat (limited to 'pkg/server/sockopt_bsd.go')
-rw-r--r--pkg/server/sockopt_bsd.go89
1 files changed, 89 insertions, 0 deletions
diff --git a/pkg/server/sockopt_bsd.go b/pkg/server/sockopt_bsd.go
new file mode 100644
index 00000000..651e4e58
--- /dev/null
+++ b/pkg/server/sockopt_bsd.go
@@ -0,0 +1,89 @@
+// Copyright (C) 2016 Nippon Telegraph and Telephone Corporation.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+// implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// +build dragonfly freebsd netbsd
+
+package server
+
+import (
+ "net"
+ "os"
+ "syscall"
+)
+
+const (
+ TCP_MD5SIG = 0x10 // TCP MD5 Signature (RFC2385)
+ IPV6_MINHOPCOUNT = 73 // Generalized TTL Security Mechanism (RFC5082)
+)
+
+func setsockoptTcpMD5Sig(fd int, address string, key string) error {
+ // always enable and assumes that the configuration is done by setkey()
+ return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(fd, syscall.IPPROTO_TCP, TCP_MD5SIG, 1))
+}
+
+func setTcpMD5SigSockopt(l *net.TCPListener, address string, key string) error {
+ fi, _, err := extractFileAndFamilyFromTCPListener(l)
+ defer fi.Close()
+ if err != nil {
+ return err
+ }
+ return setsockoptTcpMD5Sig(int(fi.Fd()), address, key)
+}
+
+func setsockoptIpTtl(fd int, family int, value int) error {
+ level := syscall.IPPROTO_IP
+ name := syscall.IP_TTL
+ if family == syscall.AF_INET6 {
+ level = syscall.IPPROTO_IPV6
+ name = syscall.IPV6_UNICAST_HOPS
+ }
+ return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(fd, level, name, value))
+}
+
+func setListenTcpTTLSockopt(l *net.TCPListener, ttl int) error {
+ fi, family, err := extractFileAndFamilyFromTCPListener(l)
+ defer fi.Close()
+ if err != nil {
+ return err
+ }
+ return setsockoptIpTtl(int(fi.Fd()), family, ttl)
+}
+
+func setTcpTTLSockopt(conn *net.TCPConn, ttl int) error {
+ fi, family, err := extractFileAndFamilyFromTCPConn(conn)
+ defer fi.Close()
+ if err != nil {
+ return err
+ }
+ return setsockoptIpTtl(int(fi.Fd()), family, ttl)
+}
+
+func setsockoptIpMinTtl(fd int, family int, value int) error {
+ level := syscall.IPPROTO_IP
+ name := syscall.IP_MINTTL
+ if family == syscall.AF_INET6 {
+ level = syscall.IPPROTO_IPV6
+ name = IPV6_MINHOPCOUNT
+ }
+ return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(fd, level, name, value))
+}
+
+func setTcpMinTTLSockopt(conn *net.TCPConn, ttl int) error {
+ fi, family, err := extractFileAndFamilyFromTCPConn(conn)
+ defer fi.Close()
+ if err != nil {
+ return err
+ }
+ return setsockoptIpMinTtl(int(fi.Fd()), family, ttl)
+}