Date: Fri, 04 Feb 2005 09:13:00 +0500 From: Boris Kovalenko <boris@tagnet.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/77086: [MAINTAINER UPDATE] net/quagga: update to 0.98.2 Message-ID: <E1Cwuq4-000ICe-9E@boris.nikom.ru> Resent-Message-ID: <200502040420.j144KMLb081110@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 77086
>Category: ports
>Synopsis: [MAINTAINER UPDATE] net/quagga: update to 0.98.2
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Fri Feb 04 04:20:21 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Boris Kovalenko
>Release: FreeBSD 5.3-STABLE i386
>Organization:
JSC "TAGNet"
>Environment:
System: FreeBSD boris.nikom.ru 5.3-STABLE FreeBSD 5.3-STABLE #2: Fri Jan 28 09:16:34 YEKT 2005
>Description:
This obsoletes PR 76997.
- Update to 0.98.2
Added file(s):
- files/extra-tcpmd5-patch-bgpd::bgp_network.c
- files/extra-tcpmd5-patch-bgpd::bgp_vty.c
- files/extra-tcpmd5-patch-bgpd::bgpd.c
- files/extra-tcpmd5-patch-bgpd::bgpd.h
- files/extra-tcpmd5-patch-configure.ac
- files/extra-tcpmd5-patch-lib::sockopt.c
- files/extra-tcpmd5-patch-lib::sockopt.h
Removed file(s):
- files/extra-patch-zebra.h
Generated with FreeBSD Port Tools 0.63
>How-To-Repeat:
>Fix:
--- quagga-0.98.2.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/net/quagga/Makefile /usr/ports/net/quagga.new/Makefile
--- /usr/ports/net/quagga/Makefile Sat Jan 15 08:01:27 2005
+++ /usr/ports/net/quagga.new/Makefile Fri Feb 4 09:05:12 2005
@@ -6,7 +6,7 @@
#
PORTNAME= quagga
-PORTVERSION= 0.98.0
+PORTVERSION= 0.98.2
PORTREVISION= 0
CATEGORIES= net ipv6
MASTER_SITES= http://quagga.net/download/
@@ -18,12 +18,13 @@
CONFLICTS= zebra-devel-[0-9]* zebra-0*
-GNU_CONFIGURE= yes
-USE_GMAKE= yes
-USE_REINPLACE= yes
-INSTALLS_SHLIB= yes
-USE_LIBTOOL_VER=15
-USE_PERL5_BUILD=yes
+GNU_CONFIGURE= yes
+USE_GMAKE= yes
+USE_REINPLACE= yes
+INSTALLS_SHLIB= yes
+USE_AUTOCONF_VER= 259
+USE_LIBTOOL_VER= 15
+USE_PERL5_BUILD= yes
MAN1= vtysh.1
MAN8= bgpd.8 ospf6d.8 ospfd.8 ripd.8 ripngd.8 zebra.8
@@ -34,7 +35,8 @@
OSPF_OPAQUE_LSA "OSPF Opaque-LSA support (RFC2370)" off \
RTADV "IPv6 Router Advertisements" off \
SNMP "SNMP support" off \
- TCPSOCKETS "Use TCP/IP sockets for protocol daemons" off
+ TCPSOCKETS "Use TCP/IP sockets for protocol daemons" off \
+ TCPMD5 "Use experimental MD5 patch for BGP" off
.if !defined(BATCH)
SEL_OPTIONS= yes
@@ -43,14 +45,13 @@
.include <bsd.port.pre.mk>
CONFIGURE_ARGS+=--includedir=${PREFIX}/include --enable-exampledir=${PREFIX}/share/examples/quagga
+CONFIGURE_ENV+= CFLAGS="${CFLAGS} -I${LOCALBASE}/include" \
+ LDFLAGS="${LDFLAGS} -L${LOCALBASE}/lib"
+
SCRIPTS_ENV= PREFIX=${PREFIX} \
SYSCONF_DIR=${SYSCONF_DIR} SYSSTATE_DIR=${SYSSTATE_DIR} \
ENABLE_USER=${ENABLE_USER} ENABLE_GROUP=${ENABLE_GROUP}
-.if ${OSVERSION} < 500000
-EXTRA_PATCHES+=${PATCHDIR}/extra-patch-zebra.h
-.endif
-
.if defined(WITH_ISISD) && !defined(WITHOUT_ISISD)
CONFIGURE_ARGS+=--enable-isisd
PLIST_SUB+= ISISD_SBIN=sbin/isisd
@@ -78,12 +79,12 @@
PLIST_SUB+= OSPFAPI_LIBSO0="lib/libospfapiclient.so.0"
PLIST_SUB+= OSPFAPI_SBIN="sbin/ospfclient"
.else
-PLIST_SUB+= OSPFAPI_HEADER=
-PLIST_SUB+= OSPFAPI_PATH=
-PLIST_SUB+= OSPFAPI_LIBA=
-PLIST_SUB+= OSPFAPI_LIBSO=
-PLIST_SUB+= OSPFAPI_LIBSO0=
-PLIST_SUB+= OSPFAPI_SBIN=
+PLIST_SUB+= OSPFAPI_HEADER="@comment"
+PLIST_SUB+= OSPFAPI_PATH="@comment"
+PLIST_SUB+= OSPFAPI_LIBA="@comment"
+PLIST_SUB+= OSPFAPI_LIBSO="@comment"
+PLIST_SUB+= OSPFAPI_LIBSO0="@comment"
+PLIST_SUB+= OSPFAPI_SBIN="@comment"
.endif
.if defined(WITH_RTADV) && !defined(WITHOUT_RTADV)
@@ -99,6 +100,14 @@
.endif
.endif
+.if defined(WITH_TCPMD5) && !defined(WITHOUT_TCPMD5)
+.if ${OSVERSION} < 491000
+BROKEN= This version of FreeBSD does not have TCP MD5 signature support
+.endif
+CONFIGURE_ARGS+=--enable-tcp-signature
+EXTRA_PATCHES+=${PATCHDIR}/extra-tcpmd5-patch-bgpd::bgp_network.c ${PATCHDIR}/extra-tcpmd5-patch-bgpd::bgp_vty.c ${PATCHDIR}/extra-tcpmd5-patch-bgpd::bgpd.c ${PATCHDIR}/extra-tcpmd5-patch-bgpd::bgpd.h ${PATCHDIR}/extra-tcpmd5-patch-configure.ac ${PATCHDIR}/extra-tcpmd5-patch-lib::sockopt.c ${PATCHDIR}/extra-tcpmd5-patch-lib::sockopt.h
+.endif
+
.if !defined(ENABLE_USER)
ENABLE_USER=quagga
.endif
@@ -167,14 +176,7 @@
@${ECHO} " WITH_RTADV IPv6 Router Advertisements"
@${ECHO} " WITH_SNMP SNMP support"
@${ECHO} " WITH_TCPSOCKETS Use TCP/IP sockets for protocol daemons"
-
-pre-configure:
-# disable AUTO* tools
- @${FIND} -E ${WRKSRC} -type f \
- -iregex ".*(Makefile.in|configure)" \
- | ${XARGS} -x -n 10 \
- ${REINPLACE_CMD} -E \
- -e 's!^(AUTOCONF|AUTOHEADER|AUTOMAKE|ACLOCAL).*$$!\1=${TRUE}!'
+ @${ECHO} " WITH_TCPMD5 Use experimental MD5 patch for BGP"
post-build:
@${SED} ${SED_SCRIPT} ${FILESDIR}/quagga.sh > ${WRKDIR}/quagga.sh
@@ -205,6 +207,15 @@
@${ECHO} " if You had never do this before. Or run"
@${ECHO} " make changeuser"
@${ECHO} ""
+.if defined(WITH_TCPMD5) && !defined(WITHOUT_TCPMD5)
+ @${ECHO} "Note!!! To use MD5 passwords on BGP sessions, your kernel must"
+ @${ECHO} "be built with the following options:"
+ @${ECHO} " options TCP_SIGNATURE"
+ @${ECHO} " options FAST_IPSEC"
+ @${ECHO} " device crypto"
+ @${ECHO} " device cryptodev"
+ @${ECHO} ""
+.endif
.if !defined(BATCH)
post-clean:
diff -ruN --exclude=CVS /usr/ports/net/quagga/distinfo /usr/ports/net/quagga.new/distinfo
--- /usr/ports/net/quagga/distinfo Sat Jan 15 08:01:27 2005
+++ /usr/ports/net/quagga.new/distinfo Fri Feb 4 09:06:15 2005
@@ -1,2 +1,2 @@
-MD5 (quagga-0.98.0.tar.gz) = 938cdf15f0ff79f797fc08316b94f449
-SIZE (quagga-0.98.0.tar.gz) = 1997631
+MD5 (quagga-0.98.2.tar.gz) = 6839842a96b1551fd1cba80e1477b5c9
+SIZE (quagga-0.98.2.tar.gz) = 2006606
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-patch-zebra.h /usr/ports/net/quagga.new/files/extra-patch-zebra.h
--- /usr/ports/net/quagga/files/extra-patch-zebra.h Sat Jan 15 08:01:27 2005
+++ /usr/ports/net/quagga.new/files/extra-patch-zebra.h Thu Jan 1 05:00:00 1970
@@ -1,27 +0,0 @@
-Index: lib/zebra.h
-===================================================================
-RCS file: /var/cvsroot/quagga/lib/zebra.h,v
-retrieving revision 1.27
-diff -u -b -r1.27 zebra.h
---- lib/zebra.h 4 Jan 2005 16:24:43 -0000 1.27
-+++ lib/zebra.h 10 Jan 2005 15:35:47 -0000
-@@ -97,9 +97,17 @@
- #include <stdarg.h>
- #if !(defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L)
- /* Not C99; do we need to define va_copy? */
--#if !defined(va_copy) && defined(__va_copy)
-+#ifndef va_copy
-+#ifdef __va_copy
- #define va_copy(DST,SRC) __va_copy(DST,SRC)
--#endif /* need va_copy */
-+#else
-+/* Now we are desperate; this should work on many typical platforms.
-+ But this is slightly dangerous, because the standard does not require
-+ va_copy to be a macro. */
-+#define va_copy(DST,SRC) (DST) = (SRC)
-+#warning "Not C99 and no va_copy macro available, using simple assignment..."
-+#endif /* __va_copy */
-+#endif /* !va_copy */
- #endif /* !C99 */
- #include "zassert.h"
-
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgp_network.c /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgp_network.c
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgp_network.c Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgp_network.c Wed Feb 2 11:57:00 2005
@@ -0,0 +1,42 @@
+--- bgpd/bgp_network.c.orig Wed Dec 8 12:41:23 2004
++++ bgpd/bgp_network.c Fri Jan 28 17:52:57 2005
+@@ -35,6 +35,10 @@
+ #include "bgpd/bgp_debug.h"
+ #include "bgpd/bgp_network.h"
+
++#ifndef TCP_SIG_SPI_BASE
++#define TCP_SIG_SPI_BASE 1000 /* XXX this will go away */
++#endif
++
+ extern struct zebra_privs_t bgpd_privs;
+
+
+@@ -148,6 +152,15 @@
+ return ret;
+ }
+ #endif /* SO_BINDTODEVICE */
++
++#ifdef QUAGGA_TCP_MD5SIG
++ if (CHECK_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE))
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd,
++ TCP_SIG_SPI_BASE + peer->port);
++ else
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd, 0);
++#endif /* QUAGGA_TCP_MD5SIG */
++
+ return 0;
+ }
+
+@@ -250,6 +263,12 @@
+ if (peer->ifname)
+ ifindex = if_nametoindex (peer->ifname);
+ #endif /* HAVE_IPV6 */
++
++#ifdef QUAGGA_TCP_MD5SIG
++ if (CHECK_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE))
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd,
++ TCP_SIG_SPI_BASE + peer->port);
++#endif /* QUAGGA_TCP_MD5SIG */
+
+ if (BGP_DEBUG (events, EVENTS))
+ plog_debug (peer->log, "%s [Event] Connect start to %s fd %d",
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgp_vty.c /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgp_vty.c
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgp_vty.c Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgp_vty.c Wed Feb 2 11:57:00 2005
@@ -0,0 +1,59 @@
+--- bgpd/bgp_vty.c.orig Tue Oct 12 22:06:09 2004
++++ bgpd/bgp_vty.c Fri Jan 28 17:52:57 2005
+@@ -1386,6 +1386,45 @@
+ "AS number used as local AS\n"
+ "Do not prepend local-as to updates from ebgp peers\n")
+
++#ifdef QUAGGA_TCP_MD5SIG
++DEFUN (neighbor_password,
++ neighbor_password_cmd,
++ NEIGHBOR_CMD2 "password WORD",
++ NEIGHBOR_STR
++ NEIGHBOR_ADDR_STR2
++ "Specify a password for TCPMD5 authentication with this peer\n")
++{
++ struct peer *peer;
++ int ret;
++
++ peer = peer_and_group_lookup_vty (vty, argv[0]);
++ if (! peer)
++ return CMD_WARNING;
++
++ ret = peer_password_set (peer, argv[1]);
++ return bgp_vty_return (vty, ret);
++}
++
++DEFUN (no_neighbor_password,
++ no_neighbor_password_cmd,
++ NO_NEIGHBOR_CMD2 "password",
++ NO_STR
++ NEIGHBOR_STR
++ NEIGHBOR_ADDR_STR2
++ "Disable TCPMD5 authentication with this peer\n")
++{
++ struct peer *peer;
++ int ret;
++
++ peer = peer_and_group_lookup_vty (vty, argv[0]);
++ if (! peer)
++ return CMD_WARNING;
++
++ ret = peer_password_unset (peer);
++ return bgp_vty_return (vty, ret);
++}
++#endif /* QUAGGA_TCP_MD5SIG */
++
+ DEFUN (neighbor_activate,
+ neighbor_activate_cmd,
+ NEIGHBOR_CMD2 "activate",
+@@ -8530,6 +8569,10 @@
+ install_element (BGP_NODE, &no_neighbor_local_as_cmd);
+ install_element (BGP_NODE, &no_neighbor_local_as_val_cmd);
+ install_element (BGP_NODE, &no_neighbor_local_as_val2_cmd);
++
++ /* "neighbor password" commands. */
++ install_element (BGP_NODE, &neighbor_password_cmd);
++ install_element (BGP_NODE, &no_neighbor_password_cmd);
+
+ /* "neighbor activate" commands. */
+ install_element (BGP_NODE, &neighbor_activate_cmd);
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgpd.c /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgpd.c
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgpd.c Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgpd.c Wed Feb 2 11:57:00 2005
@@ -0,0 +1,90 @@
+--- bgpd/bgpd.c.orig Thu Dec 9 06:46:46 2004
++++ bgpd/bgpd.c Sat Jan 29 11:29:26 2005
+@@ -59,6 +59,9 @@
+ #ifdef HAVE_SNMP
+ #include "bgpd/bgp_snmp.h"
+ #endif /* HAVE_SNMP */
++#ifndef TCP_SIG_SPI_BASE
++#define TCP_SIG_SPI_BASE 1000 /* XXX this will go away */
++#endif
+
+ /* BGP process wide configuration. */
+ static struct bgp_master bgp_master;
+@@ -707,6 +710,7 @@
+ peer->ostatus = Idle;
+ peer->version = BGP_VERSION_4;
+ peer->weight = 0;
++ peer->password[0] = '\0';
+
+ /* Set default flags. */
+ for (afi = AFI_IP; afi < AFI_MAX; afi++)
+@@ -3270,6 +3274,55 @@
+ return 0;
+ }
+
++#ifdef QUAGGA_TCP_MD5SIG
++/* Set password for authenticating with the peer. */
++int
++peer_password_set (struct peer *peer, char *password)
++{
++ struct bgp *bgp = peer->bgp;
++ int len;
++
++ len = strlen(password);
++
++ if ((len < PEER_PASSWORD_MINLEN) || (len > PEER_PASSWORD_MAXLEN))
++ return BGP_ERR_INVALID_VALUE;
++
++ memcpy(peer->password, password, len);
++
++ /*
++ * XXX Need to do PF_KEY operation here to add an SA entry,
++ * and add an SP entry for this peer's packet flows also.
++ */
++
++ SET_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE);
++
++ if (peer->fd >= 0)
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd, TCP_SIG_SPI_BASE +
++ peer->port);
++
++ return 0;
++}
++
++int
++peer_password_unset (struct peer *peer)
++{
++ struct bgp *bgp = peer->bgp;
++
++ UNSET_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE);
++ /* Paranoia. */
++ memset(peer->password, 0, sizeof(peer->password));
++
++ if (peer->fd >= 0)
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd, 0);
++
++ /*
++ * XXX Need to do PF_KEY operation here to remove the SA and SP.
++ */
++
++ return 0;
++}
++#endif /* QUAGGA_TCP_MD5SIG */
++
+ /* Set distribute list to the peer. */
+ int
+ peer_distribute_set (struct peer *peer, afi_t afi, safi_t safi, int direct,
+@@ -4279,6 +4332,13 @@
+ if (peer->desc)
+ vty_out (vty, " neighbor %s description %s%s", addr, peer->desc,
+ VTY_NEWLINE);
++
++#ifdef QUAGGA_TCP_MD5SIG
++ /* tcp-md5 session password. XXX the password should be obfuscated */
++ if (CHECK_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE))
++ vty_out (vty, " neighbor %s password %s%s", addr, peer->password,
++ VTY_NEWLINE);
++#endif /* QUAGGA_TCP_MD5SIG */
+
+ /* Shutdown. */
+ if (CHECK_FLAG (peer->flags, PEER_FLAG_SHUTDOWN))
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgpd.h /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgpd.h
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgpd.h Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgpd.h Wed Feb 2 11:57:00 2005
@@ -0,0 +1,38 @@
+--- bgpd/bgpd.h.orig Tue Oct 12 22:06:09 2004
++++ bgpd/bgpd.h Fri Jan 28 21:03:40 2005
+@@ -335,6 +335,9 @@
+ #define PEER_FLAG_DYNAMIC_CAPABILITY (1 << 6) /* dynamic capability */
+ #define PEER_FLAG_ENFORCE_MULTIHOP (1 << 7) /* enforce-multihop */
+ #define PEER_FLAG_LOCAL_AS_NO_PREPEND (1 << 8) /* local-as no-prepend */
++#ifdef QUAGGA_TCP_MD5SIG /* XXX should move to AF_INET/SFI_UNICAST below */
++#define PEER_FLAG_TCP_SIGNATURE (1 << 9) /* use TCP-MD5 digest */
++#endif /* QUAGGA_TCP_MD5SIG */
+
+ /* Per AF configuration flags. */
+ u_int32_t af_flags[AFI_MAX][SAFI_MAX];
+@@ -496,6 +499,13 @@
+ #define PEER_RMAP_TYPE_NOSET (1 << 5) /* not allow to set commands */
+ #define PEER_RMAP_TYPE_IMPORT (1 << 6) /* neighbor route-map import */
+ #define PEER_RMAP_TYPE_EXPORT (1 << 7) /* neighbor route-map export */
++
++#ifdef QUAGGA_TCP_MD5SIG
++ /* TCP-MD5 Password Support -- bms */
++#define PEER_PASSWORD_MINLEN 1
++#define PEER_PASSWORD_MAXLEN 80 /* width of password field */
++ char password[PEER_PASSWORD_MAXLEN];
++#endif /* QUAGGA_TCP_MD5SIG */
+ };
+
+ /* This structure's member directly points incoming packet data
+@@ -879,6 +889,11 @@
+
+ int peer_local_as_set (struct peer *, as_t, int);
+ int peer_local_as_unset (struct peer *);
++
++#ifdef QUAGGA_TCP_MD5SIG
++int peer_password_set (struct peer *, char *);
++int peer_password_unset (struct peer *);
++#endif /* QUAGGA_TCP_MD5SIG */
+
+ int peer_prefix_list_set (struct peer *, afi_t, safi_t, int, const char *);
+ int peer_prefix_list_unset (struct peer *, afi_t, safi_t, int);
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-configure.ac /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-configure.ac
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-configure.ac Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-configure.ac Wed Feb 2 11:57:00 2005
@@ -0,0 +1,16 @@
+--- configure.ac.orig Fri Jan 7 06:03:14 2005
++++ configure.ac Fri Jan 28 17:52:57 2005
+@@ -204,6 +204,13 @@
+ AC_DEFINE(HAVE_IRDP,, IRDP )
+ fi
+
++AC_ARG_ENABLE(tcp-signature,
++[ --enable-tcp-signature enable TCP MD5 checksum capability])
++
++if test "${enable_tcp_signature}" = "yes"; then
++ AC_DEFINE(QUAGGA_TCP_MD5SIG,,TCP signatures)
++fi
++
+ if test "${enable_user}" = "yes" || test x"${enable_user}" = x""; then
+ enable_user="quagga"
+ elif test "${enable_user}" = "no"; then
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-lib::sockopt.c /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-lib::sockopt.c
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-lib::sockopt.c Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-lib::sockopt.c Wed Feb 2 11:57:00 2005
@@ -0,0 +1,35 @@
+--- lib/sockopt.c.orig Tue Jan 4 10:03:36 2005
++++ lib/sockopt.c Fri Jan 28 17:52:57 2005
+@@ -243,6 +243,32 @@
+
+ }
+
++int
++sockopt_tcp_signature (int family, int sock, int enable)
++{
++ int ret;
++
++#if defined(QUAGGA_TCP_MD5SIG) && defined(TCP_MD5SIG)
++ if (family == AF_INET)
++ {
++ ret = setsockopt (sock, IPPROTO_TCP, TCP_MD5SIG,
++ (void *) &enable, sizeof (int));
++ if (ret < 0)
++ {
++ zlog (NULL, LOG_WARNING, "can't set sockopt TCP_MD5SIG %d to socket %d", enable, sock);
++ return -1;
++ }
++ return 0;
++ }
++#endif /* QUAGGA_TCP_MD5SIG */
++
++ /* fallthrough */
++
++ zlog (NULL, LOG_WARNING, "can't set sockopt TCP_MD5SIG on socket %d with family %d",
++ sock, family);
++ return -1;
++}
++
+ static int
+ setsockopt_ipv4_ifindex (int sock, int val)
+ {
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-lib::sockopt.h /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-lib::sockopt.h
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-lib::sockopt.h Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-lib::sockopt.h Thu Feb 3 09:12:49 2005
@@ -0,0 +1,12 @@
+--- lib/sockopt.h.orig Mon Nov 15 10:51:15 2004
++++ lib/sockopt.h Fri Jan 28 17:52:57 2005
+@@ -40,6 +40,9 @@
+ */
+ #define SOPT_SIZE_CMSG_PKTINFO_IPV6() (sizeof (struct in6_pktinfo));
+
++#ifdef QUAGGA_TCP_MD5SIG
++int sockopt_tcp_signature(int family, int sock, int enable);
++#endif /* QUAGGA_TCP_MD5SIG */
+ /*
+ * Size defines for control messages used to get ifindex. We define
+ * values for each method, and define a macro that can be used by code
--- quagga-0.98.2.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1Cwuq4-000ICe-9E>