From owner-freebsd-net@FreeBSD.ORG  Fri Apr 17 11:01:52 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B1F4B1065675
	for <freebsd-net@freebsd.org>; Fri, 17 Apr 2009 11:01:52 +0000 (UTC)
	(envelope-from xdsgrrr@consultcommerce.com)
Received: from mail.consultcommerce.com (ns.consultcommerce.com [87.246.2.254])
	by mx1.freebsd.org (Postfix) with ESMTP id E2E898FC31
	for <freebsd-net@freebsd.org>; Fri, 17 Apr 2009 11:01:51 +0000 (UTC)
	(envelope-from xdsgrrr@consultcommerce.com)
Received: (qmail 56384 invoked by uid 0); 17 Apr 2009 13:35:09 +0300
Received: from 85.118.192.131 by ns.consultcommerce.com (envelope-from
	<xdsgrrr@consultcommerce.com>, uid 0) with qmail-scanner-1.25 
	(clamdscan: 0.87/1102. spamassassin: 3.1.0.  
	Clear:RC:0(85.118.192.131):SA:0(2.4/4.5):. 
	Processed in 3.323055 secs); 17 Apr 2009 10:35:09 -0000
X-Spam-Status: No, hits=2.4 required=4.5
X-Spam-Level: ++
X-Qmail-Scanner-Mail-From: xdsgrrr@consultcommerce.com via
	ns.consultcommerce.com
X-Qmail-Scanner: 1.25 (Clear:RC:0(85.118.192.131):SA:0(2.4/4.5):. Processed in
	3.323055 secs)
Received: from unknown (HELO ?172.16.3.221?)
	(xdsgrrr@consultcommerce.com@85.118.192.131)
	by ns.consultcommerce.com with SMTP; 17 Apr 2009 13:35:05 +0300
From: xdsgrrr <xdsgrrr@consultcommerce.com>
To: =?koi8-r?Q?=E1=CC=C5=CB=D3=C5=CA_?= =?koi8-r?Q?=E2=CC=C9=CE=CB=CF=D7?=
	<alexey.blinkov@gmail.com>
In-Reply-To: <2d934d80904160052u70980215v1a32b07d4b1168f@mail.gmail.com>
References: <2d934d80904150642r585049b4wadfdfc82a3d8c7fc@mail.gmail.com>
	<20090415144956.T15361@maildrop.int.zabbadoz.net>
	<2d934d80904150807p732bce43gc110fe6ae042507d@mail.gmail.com>
	<49E678E6.102@incunabulum.net>
	<2d934d80904160052u70980215v1a32b07d4b1168f@mail.gmail.com>
Content-Type: text/plain; charset="koi8-r"
Date: Fri, 17 Apr 2009 13:34:17 +0300
Message-Id: <1239964457.46223.2.camel@so1-ay279.globul.bg>
Mime-Version: 1.0
X-Mailer: Evolution 2.24.5 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 8bit
Cc: freebsd-net <freebsd-net@freebsd.org>
Subject: Re: MD5 authentication in quagga
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Apr 2009 11:01:54 -0000

Its depends on what protocol you talking i use md5 auth for quagga ospfd
for more than 5-6 years without problems  you maybe talk about bgpd ?
md5 peer auth ? 
On Thu, 2009-04-16 at 10:52 +0300, Алексей Блинков wrote:
> 16 апреля 2009 г. 3:16 пользователь Bruce Simpson <bms@incunabulum.net> написал:
> > Алексей Блинков wrote:
> >>
> >> If modelling ideal situation, then:
> >>
> >> md5 password doesn`t match or empty, then peering must be closed...
> >>
> >> Now md5 working only for outgoing packets, not for input. And peering
> >> not closed if password miss or not match. because bsd not check
> >> incoming packets, i think...
> >>
> >
> > I thought someone had fixed this ages ago?
> > I seem to remember someone had merged some changes to what I'd originally
> > done for Sentex from NetBSD... but I could be wrong.
> >
> > cheers,
> > BMS
> >
> 
> I don`t know about how kernel works with md5 hashing, because i`m
> newly in bsd...
> 
> 
> 
-- 
br,
Atanas Yankov
Network Engineer, IT Division
CCIE # 21756

mobile: (+359 89) 8400734
e-mail:  ayankov@globul.bg
www.globul.bg