s32 ldp_md5_set_socket(s32 sock, union sockunion *su, const s8 *passwd) { int ret = -1; int en = ENOSYS; ret = sockopt_tcp_signature(sock, su, passwd); en = errno; if (ret < 0) LDP_DEBUG_PKT("can't set TCP_MD5SIG option on socket %d: %s",sock, safe_strerror (en)); return ret; }
/* * Set MD5 key for the socket, for the given IPv4 peer address. * If the password is NULL or zero-length, the option will be disabled. */ static int bgp_md5_set_socket(int socket, union sockunion *su, uint16_t prefixlen, const char *password) { int ret = -1; int en = ENOSYS; #if HAVE_DECL_TCP_MD5SIG union sockunion su2; #endif /* HAVE_TCP_MD5SIG */ assert(socket >= 0); #if HAVE_DECL_TCP_MD5SIG /* Ensure there is no extraneous port information. */ memcpy(&su2, su, sizeof(union sockunion)); if (su2.sa.sa_family == AF_INET) su2.sin.sin_port = 0; else su2.sin6.sin6_port = 0; /* For addresses, use the non-extended signature functionality */ if ((su2.sa.sa_family == AF_INET && prefixlen == IPV4_MAX_PREFIXLEN) || (su2.sa.sa_family == AF_INET6 && prefixlen == IPV6_MAX_PREFIXLEN)) ret = sockopt_tcp_signature(socket, &su2, password); else ret = sockopt_tcp_signature_ext(socket, &su2, prefixlen, password); en = errno; #endif /* HAVE_TCP_MD5SIG */ if (ret < 0) { char sabuf[SU_ADDRSTRLEN]; sockunion2str(su, sabuf, sizeof(sabuf)); switch (ret) { case -2: flog_warn( EC_BGP_NO_TCP_MD5, "Unable to set TCP MD5 option on socket for peer %s (sock=%d): This platform does not support MD5 auth for prefixes", sabuf, socket); break; default: flog_warn( EC_BGP_NO_TCP_MD5, "Unable to set TCP MD5 option on socket for peer %s (sock=%d): %s", sabuf, socket, safe_strerror(en)); } } return ret; }
/* * Set MD5 key for the socket, for the given IPv4 peer address. * If the password is NULL or zero-length, the option will be disabled. */ static int bgp_md5_set_socket (int socket, union sockunion *su, const char *password) { int ret = -1; int en = ENOSYS; assert (socket >= 0); #if HAVE_DECL_TCP_MD5SIG ret = sockopt_tcp_signature (socket, su, password); en = errno; #endif /* HAVE_TCP_MD5SIG */ if (ret < 0) zlog (NULL, LOG_WARNING, "can't set TCP_MD5SIG option on socket %d: %s", socket, safe_strerror (en)); return ret; }