[quagga-dev 5484] Re: [quagga-users 9626] MD5 Support - 0.99.10

paul at clubi.ie paul at clubi.ie
Fri Jun 13 16:09:55 BST 2008

Hi Michael,

On Fri, 13 Jun 2008, Michael H. Warfield wrote:

> 	Already done.

I've made all those suggestions in the diff I sent ;)

> 	Will check this next.  This should be fairly straightforward to do if
> we are not worried about disabling passwords on existing sessions.  That
> will simplify the code.

See my minor re-edit of your patch, which I had attached :)

> 	Ok.  I'll look that over and get it done.

See diff! :)

> 	Uh...  You mean remove the bug avoidance code entirely or 
> chop it out so it's only included when needed?  Right now that code 
> is conditionalized on the IPV6_V6ONLY define, which is present in 
> Linux, OpenBSD and FreeBSD.  I could further tighten that condition 
> to Linux only.

Well, do we need to have this in the initial revision of the TCP-MD5 
support that we put into CVS? I.e. lets treat this is a seperate bug, 
distinct from the RFE work of getting TCP-MD5SIG into Quagga - and 
solve it seperately.

It could be its a simple bug to fix in the kernels concerned.

> I tested this out without the separate sockets on Linux and it does 
> not work.

Ah, oops - my re-edit sets TCP-MD5SIG on the peer->fd, but not the 
listen socket. My bad. I just tested with multiple local bgpds on a 
Fedora box here and it doesnt work (I presume TCP-MD5SIG works on 
local sockets on Linux).

Let me add that back in.

> 	I know the Quagga site has a route server up (strange - that page is
> blank for me right now).

Oops, my bad.

> Would we want to connect up one ore more of my bgp daemons up to 
> that for both v4 and v6 and add passwords for testing?

Solaris doesn't support TCP-MD5 at the moment. Though, wouldn't be 
too hard to hack it on though (Solaris already has code to run MD5 
over TCP, for ISN, and storing a password with the socket would be 

Paul Jakma	paul at clubi.ie	paul at jakma.org	Key ID: 64A2FF6A
linux: because a PC is a terrible thing to waste
(ksh at cis.ufl.edu put this on Tshirts in '93)

More information about the Quagga-dev mailing list