2 files changed, 97 insertions, 0 deletions

diff --git a/io/sockopt.go b/io/sockopt.go
new file mode 100644
index 00000000..3393a375
--- /dev/null
+++ b/io/sockopt.go
@@ -0,0 +1,45 @@
+package io
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+)
+
+const (
+	TCP_MD5SIG = 14
+)
+
+type tcpmd5sig struct {
+	ss_family uint16
+	ss        [126]byte
+	pad1      uint16
+	keylen    uint16
+	pad2      uint32
+	key       [80]byte
+}
+
+func buildTcpMD5Sig(address string, key string) (tcpmd5sig, error) {
+	t := tcpmd5sig{}
+	addr := net.ParseIP(address)
+	if addr.To4() != nil {
+		t.ss_family = syscall.AF_INET
+		copy(t.ss[2:], addr.To4())
+	} else {
+		t.ss_family = syscall.AF_INET6
+		copy(t.ss[6:], addr.To16())
+	}
+
+	t.keylen = uint16(len(key))
+	copy(t.key[0:], []byte(key))
+
+	return t, nil
+}
+
+func SetTcpMD5SigSockopts(fd int, address string, key string) error {
+	t, _ := buildTcpMD5Sig(address, key)
+	_, _, e := syscall.Syscall6(syscall.SYS_SETSOCKOPT, uintptr(fd),
+		uintptr(syscall.IPPROTO_TCP), uintptr(TCP_MD5SIG),
+		uintptr(unsafe.Pointer(&t)), unsafe.Sizeof(t), 0)
+	return e
+}
diff --git a/io/sockopt_test.go b/io/sockopt_test.go
new file mode 100644
index 00000000..6c81ec12
--- /dev/null
+++ b/io/sockopt_test.go
@@ -0,0 +1,52 @@
+package io
+
+import (
+	"bytes"
+	"syscall"
+	"testing"
+	"unsafe"
+)
+
+func Test_buildTcpMD5Sig(t *testing.T) {
+	s, _ := buildTcpMD5Sig("1.2.3.4", "hello")
+
+	if unsafe.Sizeof(s) != 216 {
+		t.Error("TCPM5Sig struct size is wrong", unsafe.Sizeof(s))
+	}
+
+	buf1 := make([]uint8, 216)
+	p := unsafe.Pointer(&s)
+	src := uintptr(p)
+	for i := uintptr(0); i < 216; i++ {
+		buf1[i] = *(*byte)(unsafe.Pointer(src + i))
+	}
+
+	buf2 := []uint8{2, 0, 0, 0, 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 104, 101, 108, 108, 111, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
+
+	if bytes.Compare(buf1, buf2) == 0 {
+		t.Log("OK")
+	} else {
+		t.Error("Something wrong v4")
+	}
+}
+
+func Test_buildTcpMD5Sigv6(t *testing.T) {
+	s, _ := buildTcpMD5Sig("fe80::4850:31ff:fe01:fc55", "helloworld")
+
+	buf1 := make([]uint8, 216)
+	p := unsafe.Pointer(&s)
+	src := uintptr(p)
+	for i := uintptr(0); i < 216; i++ {
+		buf1[i] = *(*byte)(unsafe.Pointer(src + i))
+	}
+
+	buf2 := []uint8{10, 0, 0, 0, 0, 0, 0, 0, 254, 128, 0, 0, 0, 0, 0, 0, 72, 80, 49, 255, 254, 1, 252, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 0, 0, 0, 0, 0, 104, 101, 108, 108, 111, 119, 111, 114, 108, 100, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
+
+	buf2[0] = syscall.AF_INET6
+
+	if bytes.Compare(buf1, buf2) == 0 {
+		t.Log("OK")
+	} else {
+		t.Error("Something wrong v6")
+	}
+}