diff options
Diffstat (limited to 'server/sockopt_openbsd.go')
| -rw-r--r-- | server/sockopt_openbsd.go | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/server/sockopt_openbsd.go b/server/sockopt_openbsd.go index 90eb7490..6dd26e59 100644 --- a/server/sockopt_openbsd.go +++ b/server/sockopt_openbsd.go @@ -348,7 +348,8 @@ func saDelete(address string) error { } const ( - TCP_MD5SIG = 0x4 + TCP_MD5SIG = 0x4 // TCP MD5 Signature (RFC2385) + IPV6_MINHOPCOUNT = 73 // Generalized TTL Security Mechanism (RFC5082) ) func SetTcpMD5SigSockopts(l *net.TCPListener, address string, key string) error { @@ -373,13 +374,7 @@ func SetTcpMD5SigSockopts(l *net.TCPListener, address string, key string) error return saDelete(address) } -func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error { - level := syscall.IPPROTO_IP - name := syscall.IP_TTL - if strings.Contains(conn.RemoteAddr().String(), "[") { - level = syscall.IPPROTO_IPV6 - name = syscall.IPV6_UNICAST_HOPS - } +func setTcpSockoptInt(conn *net.TCPConn, level int, name int, value int) error { fi, err := conn.File() defer fi.Close() if err != nil { @@ -388,7 +383,27 @@ func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error { if conn, err := net.FileConn(fi); err == nil { defer conn.Close() } - return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(int(fi.Fd()), level, name, ttl)) + return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(int(fi.Fd()), level, name, value)) +} + +func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error { + level := syscall.IPPROTO_IP + name := syscall.IP_TTL + if strings.Contains(conn.RemoteAddr().String(), "[") { + level = syscall.IPPROTO_IPV6 + name = syscall.IPV6_UNICAST_HOPS + } + return setTcpSockoptInt(conn, level, name, ttl) +} + +func SetTcpMinTTLSockopts(conn *net.TCPConn, ttl int) error { + level := syscall.IPPROTO_IP + name := syscall.IP_MINTTL + if strings.Contains(conn.RemoteAddr().String(), "[") { + level = syscall.IPPROTO_IPV6 + name = IPV6_MINHOPCOUNT + } + return setTcpSockoptInt(conn, level, name, ttl) } func DialTCPTimeoutWithMD5Sig(host string, port int, localAddr, key string, msec int) (*net.TCPConn, error) { |