Date: Wed, 02 Feb 2005 12:38:42 +0500 From: Boris Kovalenko <boris@tagnet.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/76997: [MAINTAINER UPDATE] net/quagga: update to 0.98.1 Message-ID: <E1CwF62-00023b-EU@boris.nikom.ru> Resent-Message-ID: <200502020740.j127eLlU025928@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 76997
>Category: ports
>Synopsis: [MAINTAINER UPDATE] net/quagga: update to 0.98.1
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Wed Feb 02 07:40:20 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Boris Kovalenko
>Release: FreeBSD 5.3-STABLE i386
>Organization:
JSC "TAGNet"
>Environment:
System: FreeBSD boris.nikom.ru 5.3-STABLE FreeBSD 5.3-STABLE #2: Fri Jan 28 09:16:34 YEKT 2005
>Description:
- Update to 0.98.1
Added file(s):
- files/extra-tcpmd5-patch-bgpd::bgp_network.c
- files/extra-tcpmd5-patch-bgpd::bgp_vty.c
- files/extra-tcpmd5-patch-bgpd::bgpd.c
- files/extra-tcpmd5-patch-bgpd::bgpd.h
- files/extra-tcpmd5-patch-configure.ac
- files/extra-tcpmd5-patch-lib::sockopt.c
- files/extra-tcpmd5-patch-lib::sockopt.h
Removed file(s):
- files/extra-patch-zebra.h
With this release BGP MD5 support is back. Special thanks to Scott E. Campbell
for his hard work on integration of original patches from Bruce M. Simpson.
Generated with FreeBSD Port Tools 0.63
>How-To-Repeat:
>Fix:
--- quagga-0.98.1.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/net/quagga/Makefile /usr/ports/net/quagga.new/Makefile
--- /usr/ports/net/quagga/Makefile Sat Jan 15 08:01:27 2005
+++ /usr/ports/net/quagga.new/Makefile Wed Feb 2 11:31:18 2005
@@ -6,7 +6,7 @@
#
PORTNAME= quagga
-PORTVERSION= 0.98.0
+PORTVERSION= 0.98.1
PORTREVISION= 0
CATEGORIES= net ipv6
MASTER_SITES= http://quagga.net/download/
@@ -18,12 +18,13 @@
CONFLICTS= zebra-devel-[0-9]* zebra-0*
-GNU_CONFIGURE= yes
-USE_GMAKE= yes
-USE_REINPLACE= yes
-INSTALLS_SHLIB= yes
-USE_LIBTOOL_VER=15
-USE_PERL5_BUILD=yes
+GNU_CONFIGURE= yes
+USE_GMAKE= yes
+USE_REINPLACE= yes
+INSTALLS_SHLIB= yes
+USE_AUTOCONF_VER= 259
+USE_LIBTOOL_VER= 15
+USE_PERL5_BUILD= yes
MAN1= vtysh.1
MAN8= bgpd.8 ospf6d.8 ospfd.8 ripd.8 ripngd.8 zebra.8
@@ -34,7 +35,8 @@
OSPF_OPAQUE_LSA "OSPF Opaque-LSA support (RFC2370)" off \
RTADV "IPv6 Router Advertisements" off \
SNMP "SNMP support" off \
- TCPSOCKETS "Use TCP/IP sockets for protocol daemons" off
+ TCPSOCKETS "Use TCP/IP sockets for protocol daemons" off \
+ TCPMD5 "Use experimental MD5 patch for BGP" off
.if !defined(BATCH)
SEL_OPTIONS= yes
@@ -43,14 +45,13 @@
.include <bsd.port.pre.mk>
CONFIGURE_ARGS+=--includedir=${PREFIX}/include --enable-exampledir=${PREFIX}/share/examples/quagga
+CONFIGURE_ENV+= CFLAGS="${CFLAGS} -I${LOCALBASE}/include" \
+ LDFLAGS="${LDFLAGS} -L${LOCALBASE}/lib"
+
SCRIPTS_ENV= PREFIX=${PREFIX} \
SYSCONF_DIR=${SYSCONF_DIR} SYSSTATE_DIR=${SYSSTATE_DIR} \
ENABLE_USER=${ENABLE_USER} ENABLE_GROUP=${ENABLE_GROUP}
-.if ${OSVERSION} < 500000
-EXTRA_PATCHES+=${PATCHDIR}/extra-patch-zebra.h
-.endif
-
.if defined(WITH_ISISD) && !defined(WITHOUT_ISISD)
CONFIGURE_ARGS+=--enable-isisd
PLIST_SUB+= ISISD_SBIN=sbin/isisd
@@ -78,12 +79,12 @@
PLIST_SUB+= OSPFAPI_LIBSO0="lib/libospfapiclient.so.0"
PLIST_SUB+= OSPFAPI_SBIN="sbin/ospfclient"
.else
-PLIST_SUB+= OSPFAPI_HEADER=
-PLIST_SUB+= OSPFAPI_PATH=
-PLIST_SUB+= OSPFAPI_LIBA=
-PLIST_SUB+= OSPFAPI_LIBSO=
-PLIST_SUB+= OSPFAPI_LIBSO0=
-PLIST_SUB+= OSPFAPI_SBIN=
+PLIST_SUB+= OSPFAPI_HEADER="@comment"
+PLIST_SUB+= OSPFAPI_PATH="@comment"
+PLIST_SUB+= OSPFAPI_LIBA="@comment"
+PLIST_SUB+= OSPFAPI_LIBSO="@comment"
+PLIST_SUB+= OSPFAPI_LIBSO0="@comment"
+PLIST_SUB+= OSPFAPI_SBIN="@comment"
.endif
.if defined(WITH_RTADV) && !defined(WITHOUT_RTADV)
@@ -99,6 +100,14 @@
.endif
.endif
+.if defined(WITH_TCPMD5) && !defined(WITHOUT_TCPMD5)
+.if ${OSVERSION} < 491000
+BROKEN= This version of FreeBSD does not have TCP MD5 signature support
+.endif
+CONFIGURE_ARGS+=--enable-tcp-signature
+EXTRA_PATCHES+=${PATCHDIR}/extra-tcpmd5-patch-bgpd::bgp_network.c ${PATCHDIR}/extra-tcpmd5-patch-bgpd::bgp_vty.c ${PATCHDIR}/extra-tcpmd5-patch-bgpd::bgpd.c ${PATCHDIR}/extra-tcpmd5-patch-bgpd::bgpd.h ${PATCHDIR}/extra-tcpmd5-patch-configure.ac ${PATCHDIR}/extra-tcpmd5-patch-lib::sockopt.c ${PATCHDIR}/extra-tcpmd5-patch-lib::sockopt.h
+.endif
+
.if !defined(ENABLE_USER)
ENABLE_USER=quagga
.endif
@@ -167,14 +176,7 @@
@${ECHO} " WITH_RTADV IPv6 Router Advertisements"
@${ECHO} " WITH_SNMP SNMP support"
@${ECHO} " WITH_TCPSOCKETS Use TCP/IP sockets for protocol daemons"
-
-pre-configure:
-# disable AUTO* tools
- @${FIND} -E ${WRKSRC} -type f \
- -iregex ".*(Makefile.in|configure)" \
- | ${XARGS} -x -n 10 \
- ${REINPLACE_CMD} -E \
- -e 's!^(AUTOCONF|AUTOHEADER|AUTOMAKE|ACLOCAL).*$$!\1=${TRUE}!'
+ @${ECHO} " WITH_TCPMD5 Use experimental MD5 patch for BGP"
post-build:
@${SED} ${SED_SCRIPT} ${FILESDIR}/quagga.sh > ${WRKDIR}/quagga.sh
@@ -205,6 +207,15 @@
@${ECHO} " if You had never do this before. Or run"
@${ECHO} " make changeuser"
@${ECHO} ""
+.if defined(WITH_TCPMD5) && !defined(WITHOUT_TCPMD5)
+ @${ECHO} "Note!!! To use MD5 passwords on BGP sessions, your kernel must"
+ @${ECHO} "be built with the following options:"
+ @${ECHO} " options TCP_SIGNATURE"
+ @${ECHO} " options FAST_IPSEC"
+ @${ECHO} " device crypto"
+ @${ECHO} " device cryptodev"
+ @${ECHO} ""
+.endif
.if !defined(BATCH)
post-clean:
diff -ruN --exclude=CVS /usr/ports/net/quagga/distinfo /usr/ports/net/quagga.new/distinfo
--- /usr/ports/net/quagga/distinfo Sat Jan 15 08:01:27 2005
+++ /usr/ports/net/quagga.new/distinfo Wed Feb 2 08:28:10 2005
@@ -1,2 +1,2 @@
-MD5 (quagga-0.98.0.tar.gz) = 938cdf15f0ff79f797fc08316b94f449
-SIZE (quagga-0.98.0.tar.gz) = 1997631
+MD5 (quagga-0.98.1.tar.gz) = 2262eebae593ef4b7739b16c66242c75
+SIZE (quagga-0.98.1.tar.gz) = 2001471
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-patch-zebra.h /usr/ports/net/quagga.new/files/extra-patch-zebra.h
--- /usr/ports/net/quagga/files/extra-patch-zebra.h Sat Jan 15 08:01:27 2005
+++ /usr/ports/net/quagga.new/files/extra-patch-zebra.h Thu Jan 1 05:00:00 1970
@@ -1,27 +0,0 @@
-Index: lib/zebra.h
-===================================================================
-RCS file: /var/cvsroot/quagga/lib/zebra.h,v
-retrieving revision 1.27
-diff -u -b -r1.27 zebra.h
---- lib/zebra.h 4 Jan 2005 16:24:43 -0000 1.27
-+++ lib/zebra.h 10 Jan 2005 15:35:47 -0000
-@@ -97,9 +97,17 @@
- #include <stdarg.h>
- #if !(defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L)
- /* Not C99; do we need to define va_copy? */
--#if !defined(va_copy) && defined(__va_copy)
-+#ifndef va_copy
-+#ifdef __va_copy
- #define va_copy(DST,SRC) __va_copy(DST,SRC)
--#endif /* need va_copy */
-+#else
-+/* Now we are desperate; this should work on many typical platforms.
-+ But this is slightly dangerous, because the standard does not require
-+ va_copy to be a macro. */
-+#define va_copy(DST,SRC) (DST) = (SRC)
-+#warning "Not C99 and no va_copy macro available, using simple assignment..."
-+#endif /* __va_copy */
-+#endif /* !va_copy */
- #endif /* !C99 */
- #include "zassert.h"
-
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgp_network.c /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgp_network.c
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgp_network.c Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgp_network.c Wed Feb 2 11:50:18 2005
@@ -0,0 +1,42 @@
+--- bgpd/bgp_network.c.orig Wed Dec 8 12:41:23 2004
++++ bgpd/bgp_network.c Fri Jan 28 17:52:57 2005
+@@ -35,6 +35,10 @@
+ #include "bgpd/bgp_debug.h"
+ #include "bgpd/bgp_network.h"
+
++#ifndef TCP_SIG_SPI_BASE
++#define TCP_SIG_SPI_BASE 1000 /* XXX this will go away */
++#endif
++
+ extern struct zebra_privs_t bgpd_privs;
+
+
+@@ -148,6 +152,15 @@
+ return ret;
+ }
+ #endif /* SO_BINDTODEVICE */
++
++#ifdef QUAGGA_TCP_MD5SIG
++ if (CHECK_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE))
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd,
++ TCP_SIG_SPI_BASE + peer->port);
++ else
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd, 0);
++#endif /* QUAGGA_TCP_MD5SIG */
++
+ return 0;
+ }
+
+@@ -250,6 +263,12 @@
+ if (peer->ifname)
+ ifindex = if_nametoindex (peer->ifname);
+ #endif /* HAVE_IPV6 */
++
++#ifdef QUAGGA_TCP_MD5SIG
++ if (CHECK_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE))
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd,
++ TCP_SIG_SPI_BASE + peer->port);
++#endif /* QUAGGA_TCP_MD5SIG */
+
+ if (BGP_DEBUG (events, EVENTS))
+ plog_debug (peer->log, "%s [Event] Connect start to %s fd %d",
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgp_vty.c /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgp_vty.c
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgp_vty.c Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgp_vty.c Wed Feb 2 11:50:39 2005
@@ -0,0 +1,59 @@
+--- bgpd/bgp_vty.c.orig Tue Oct 12 22:06:09 2004
++++ bgpd/bgp_vty.c Fri Jan 28 17:52:57 2005
+@@ -1386,6 +1386,45 @@
+ "AS number used as local AS\n"
+ "Do not prepend local-as to updates from ebgp peers\n")
+
++#ifdef QUAGGA_TCP_MD5SIG
++DEFUN (neighbor_password,
++ neighbor_password_cmd,
++ NEIGHBOR_CMD2 "password WORD",
++ NEIGHBOR_STR
++ NEIGHBOR_ADDR_STR2
++ "Specify a password for TCPMD5 authentication with this peer\n")
++{
++ struct peer *peer;
++ int ret;
++
++ peer = peer_and_group_lookup_vty (vty, argv[0]);
++ if (! peer)
++ return CMD_WARNING;
++
++ ret = peer_password_set (peer, argv[1]);
++ return bgp_vty_return (vty, ret);
++}
++
++DEFUN (no_neighbor_password,
++ no_neighbor_password_cmd,
++ NO_NEIGHBOR_CMD2 "password",
++ NO_STR
++ NEIGHBOR_STR
++ NEIGHBOR_ADDR_STR2
++ "Disable TCPMD5 authentication with this peer\n")
++{
++ struct peer *peer;
++ int ret;
++
++ peer = peer_and_group_lookup_vty (vty, argv[0]);
++ if (! peer)
++ return CMD_WARNING;
++
++ ret = peer_password_unset (peer);
++ return bgp_vty_return (vty, ret);
++}
++#endif /* QUAGGA_TCP_MD5SIG */
++
+ DEFUN (neighbor_activate,
+ neighbor_activate_cmd,
+ NEIGHBOR_CMD2 "activate",
+@@ -8530,6 +8569,10 @@
+ install_element (BGP_NODE, &no_neighbor_local_as_cmd);
+ install_element (BGP_NODE, &no_neighbor_local_as_val_cmd);
+ install_element (BGP_NODE, &no_neighbor_local_as_val2_cmd);
++
++ /* "neighbor password" commands. */
++ install_element (BGP_NODE, &neighbor_password_cmd);
++ install_element (BGP_NODE, &no_neighbor_password_cmd);
+
+ /* "neighbor activate" commands. */
+ install_element (BGP_NODE, &neighbor_activate_cmd);
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgpd.c /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgpd.c
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgpd.c Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgpd.c Wed Feb 2 11:51:08 2005
@@ -0,0 +1,90 @@
+--- bgpd/bgpd.c.orig Thu Dec 9 06:46:46 2004
++++ bgpd/bgpd.c Sat Jan 29 11:29:26 2005
+@@ -59,6 +59,9 @@
+ #ifdef HAVE_SNMP
+ #include "bgpd/bgp_snmp.h"
+ #endif /* HAVE_SNMP */
++#ifndef TCP_SIG_SPI_BASE
++#define TCP_SIG_SPI_BASE 1000 /* XXX this will go away */
++#endif
+
+ /* BGP process wide configuration. */
+ static struct bgp_master bgp_master;
+@@ -707,6 +710,7 @@
+ peer->ostatus = Idle;
+ peer->version = BGP_VERSION_4;
+ peer->weight = 0;
++ peer->password[0] = '\0';
+
+ /* Set default flags. */
+ for (afi = AFI_IP; afi < AFI_MAX; afi++)
+@@ -3270,6 +3274,55 @@
+ return 0;
+ }
+
++#ifdef QUAGGA_TCP_MD5SIG
++/* Set password for authenticating with the peer. */
++int
++peer_password_set (struct peer *peer, char *password)
++{
++ struct bgp *bgp = peer->bgp;
++ int len;
++
++ len = strlen(password);
++
++ if ((len < PEER_PASSWORD_MINLEN) || (len > PEER_PASSWORD_MAXLEN))
++ return BGP_ERR_INVALID_VALUE;
++
++ memcpy(peer->password, password, len);
++
++ /*
++ * XXX Need to do PF_KEY operation here to add an SA entry,
++ * and add an SP entry for this peer's packet flows also.
++ */
++
++ SET_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE);
++
++ if (peer->fd >= 0)
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd, TCP_SIG_SPI_BASE +
++ peer->port);
++
++ return 0;
++}
++
++int
++peer_password_unset (struct peer *peer)
++{
++ struct bgp *bgp = peer->bgp;
++
++ UNSET_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE);
++ /* Paranoia. */
++ memset(peer->password, 0, sizeof(peer->password));
++
++ if (peer->fd >= 0)
++ sockopt_tcp_signature (peer->su.sa.sa_family, peer->fd, 0);
++
++ /*
++ * XXX Need to do PF_KEY operation here to remove the SA and SP.
++ */
++
++ return 0;
++}
++#endif /* QUAGGA_TCP_MD5SIG */
++
+ /* Set distribute list to the peer. */
+ int
+ peer_distribute_set (struct peer *peer, afi_t afi, safi_t safi, int direct,
+@@ -4279,6 +4332,13 @@
+ if (peer->desc)
+ vty_out (vty, " neighbor %s description %s%s", addr, peer->desc,
+ VTY_NEWLINE);
++
++#ifdef QUAGGA_TCP_MD5SIG
++ /* tcp-md5 session password. XXX the password should be obfuscated */
++ if (CHECK_FLAG (peer->flags, PEER_FLAG_TCP_SIGNATURE))
++ vty_out (vty, " neighbor %s password %s%s", addr, peer->password,
++ VTY_NEWLINE);
++#endif /* QUAGGA_TCP_MD5SIG */
+
+ /* Shutdown. */
+ if (CHECK_FLAG (peer->flags, PEER_FLAG_SHUTDOWN))
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgpd.h /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgpd.h
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-bgpd::bgpd.h Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-bgpd::bgpd.h Wed Feb 2 11:51:53 2005
@@ -0,0 +1,38 @@
+--- bgpd/bgpd.h.orig Tue Oct 12 22:06:09 2004
++++ bgpd/bgpd.h Fri Jan 28 21:03:40 2005
+@@ -335,6 +335,9 @@
+ #define PEER_FLAG_DYNAMIC_CAPABILITY (1 << 6) /* dynamic capability */
+ #define PEER_FLAG_ENFORCE_MULTIHOP (1 << 7) /* enforce-multihop */
+ #define PEER_FLAG_LOCAL_AS_NO_PREPEND (1 << 8) /* local-as no-prepend */
++#ifdef QUAGGA_TCP_MD5SIG /* XXX should move to AF_INET/SFI_UNICAST below */
++#define PEER_FLAG_TCP_SIGNATURE (1 << 9) /* use TCP-MD5 digest */
++#endif /* QUAGGA_TCP_MD5SIG */
+
+ /* Per AF configuration flags. */
+ u_int32_t af_flags[AFI_MAX][SAFI_MAX];
+@@ -496,6 +499,13 @@
+ #define PEER_RMAP_TYPE_NOSET (1 << 5) /* not allow to set commands */
+ #define PEER_RMAP_TYPE_IMPORT (1 << 6) /* neighbor route-map import */
+ #define PEER_RMAP_TYPE_EXPORT (1 << 7) /* neighbor route-map export */
++
++#ifdef QUAGGA_TCP_MD5SIG
++ /* TCP-MD5 Password Support -- bms */
++#define PEER_PASSWORD_MINLEN 1
++#define PEER_PASSWORD_MAXLEN 80 /* width of password field */
++ char password[PEER_PASSWORD_MAXLEN];
++#endif /* QUAGGA_TCP_MD5SIG */
+ };
+
+ /* This structure's member directly points incoming packet data
+@@ -879,6 +889,11 @@
+
+ int peer_local_as_set (struct peer *, as_t, int);
+ int peer_local_as_unset (struct peer *);
++
++#ifdef QUAGGA_TCP_MD5SIG
++int peer_password_set (struct peer *, char *);
++int peer_password_unset (struct peer *);
++#endif /* QUAGGA_TCP_MD5SIG */
+
+ int peer_prefix_list_set (struct peer *, afi_t, safi_t, int, const char *);
+ int peer_prefix_list_unset (struct peer *, afi_t, safi_t, int);
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-configure.ac /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-configure.ac
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-configure.ac Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-configure.ac Wed Feb 2 11:52:04 2005
@@ -0,0 +1,16 @@
+--- configure.ac.orig Fri Jan 7 06:03:14 2005
++++ configure.ac Fri Jan 28 17:52:57 2005
+@@ -204,6 +204,13 @@
+ AC_DEFINE(HAVE_IRDP,, IRDP )
+ fi
+
++AC_ARG_ENABLE(tcp-signature,
++[ --enable-tcp-signature enable TCP MD5 checksum capability])
++
++if test "${enable_tcp_signature}" = "yes"; then
++ AC_DEFINE(QUAGGA_TCP_MD5SIG,,TCP signatures)
++fi
++
+ if test "${enable_user}" = "yes" || test x"${enable_user}" = x""; then
+ enable_user="quagga"
+ elif test "${enable_user}" = "no"; then
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-lib::sockopt.c /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-lib::sockopt.c
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-lib::sockopt.c Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-lib::sockopt.c Wed Feb 2 11:52:43 2005
@@ -0,0 +1,35 @@
+--- lib/sockopt.c.orig Tue Jan 4 10:03:36 2005
++++ lib/sockopt.c Fri Jan 28 17:52:57 2005
+@@ -243,6 +243,32 @@
+
+ }
+
++int
++sockopt_tcp_signature (int family, int sock, int enable)
++{
++ int ret;
++
++#if defined(QUAGGA_TCP_MD5SIG) && defined(TCP_MD5SIG)
++ if (family == AF_INET)
++ {
++ ret = setsockopt (sock, IPPROTO_TCP, TCP_MD5SIG,
++ (void *) &enable, sizeof (int));
++ if (ret < 0)
++ {
++ zlog (NULL, LOG_WARNING, "can't set sockopt TCP_MD5SIG %d to socket %d", enable, sock);
++ return -1;
++ }
++ return 0;
++ }
++#endif /* QUAGGA_TCP_MD5SIG */
++
++ /* fallthrough */
++
++ zlog (NULL, LOG_WARNING, "can't set sockopt TCP_MD5SIG on socket %d with family %d",
++ sock, family);
++ return -1;
++}
++
+ static int
+ setsockopt_ipv4_ifindex (int sock, int val)
+ {
diff -ruN --exclude=CVS /usr/ports/net/quagga/files/extra-tcpmd5-patch-lib::sockopt.h /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-lib::sockopt.h
--- /usr/ports/net/quagga/files/extra-tcpmd5-patch-lib::sockopt.h Thu Jan 1 05:00:00 1970
+++ /usr/ports/net/quagga.new/files/extra-tcpmd5-patch-lib::sockopt.h Wed Feb 2 11:52:50 2005
@@ -0,0 +1,12 @@
+--- lib/sockopt.h.orig Mon Nov 15 10:51:15 2004
++++ lib/sockopt.h Fri Jan 28 17:52:57 2005
+@@ -40,6 +40,9 @@
+ */
+ #define SOPT_SIZE_CMSG_PKTINFO_IPV6() (sizeof (struct in6_pktinfo));
+
++#ifdef QUAGGA_TCP_MD5SIG
++int sockopt_tcp_signature(int family, int sock, int enable);
++#endif /* TCP_MD5SIG */
+ /*
+ * Size defines for control messages used to get ifindex. We define
+ * values for each method, and define a macro that can be used by code
--- quagga-0.98.1.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1CwF62-00023b-EU>