summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorIvan Delalande <colona@arista.com>2017-06-15 18:07:07 -0700
committerDavid S. Miller <davem@davemloft.net>2017-06-19 13:51:34 -0400
commit8917a777be3ba566377be05117f71b93a5fd909d (patch)
tree5ac57647291329d724de78027aab6125d7c13700 /include
parent6797318e623da68dfbacd0cb5c246f5ecd2baf6e (diff)
downloadlinux-8917a777be3ba566377be05117f71b93a5fd909d.tar.bz2
tcp: md5: add TCP_MD5SIG_EXT socket option to set a key address prefix
Replace first padding in the tcp_md5sig structure with a new flag field and address prefix length so it can be specified when configuring a new key for TCP MD5 signature. The tcpm_flags field will only be used if the socket option is TCP_MD5SIG_EXT to avoid breaking existing programs, and tcpm_prefixlen only when the TCP_MD5SIG_FLAG_PREFIX flag is set. Signed-off-by: Bob Gilligan <gilligan@arista.com> Signed-off-by: Eric Mowat <mowat@arista.com> Signed-off-by: Ivan Delalande <colona@arista.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r--include/net/tcp.h1
-rw-r--r--include/uapi/linux/tcp.h11
2 files changed, 9 insertions, 3 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 8f4076d31669..d0751b79d99c 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1848,6 +1848,7 @@ struct tcp_sock_af_ops {
const struct sock *sk,
const struct sk_buff *skb);
int (*md5_parse)(struct sock *sk,
+ int optname,
char __user *optval,
int optlen);
#endif
diff --git a/include/uapi/linux/tcp.h b/include/uapi/linux/tcp.h
index 8204dcebc6f3..a5507c977497 100644
--- a/include/uapi/linux/tcp.h
+++ b/include/uapi/linux/tcp.h
@@ -117,7 +117,8 @@ enum {
#define TCP_SAVED_SYN 28 /* Get SYN headers recorded for connection */
#define TCP_REPAIR_WINDOW 29 /* Get/set window parameters */
#define TCP_FASTOPEN_CONNECT 30 /* Attempt FastOpen with connect */
-#define TCP_ULP 31 /* Attach a ULP to a TCP connection */
+#define TCP_ULP 31 /* Attach a ULP to a TCP connection */
+#define TCP_MD5SIG_EXT 32 /* TCP MD5 Signature with extensions */
struct tcp_repair_opt {
__u32 opt_code;
@@ -235,11 +236,15 @@ enum {
/* for TCP_MD5SIG socket option */
#define TCP_MD5SIG_MAXKEYLEN 80
+/* tcp_md5sig extension flags for TCP_MD5SIG_EXT */
+#define TCP_MD5SIG_FLAG_PREFIX 1 /* address prefix length */
+
struct tcp_md5sig {
struct __kernel_sockaddr_storage tcpm_addr; /* address associated */
- __u16 __tcpm_pad1; /* zero */
+ __u8 tcpm_flags; /* extension flags */
+ __u8 tcpm_prefixlen; /* address prefix */
__u16 tcpm_keylen; /* key length */
- __u32 __tcpm_pad2; /* zero */
+ __u32 __tcpm_pad; /* zero */
__u8 tcpm_key[TCP_MD5SIG_MAXKEYLEN]; /* key (binary) */
};