diff options
author | Ivan Delalande <colona@arista.com> | 2017-06-15 18:07:07 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2017-06-19 13:51:34 -0400 |
commit | 8917a777be3ba566377be05117f71b93a5fd909d (patch) | |
tree | 5ac57647291329d724de78027aab6125d7c13700 /include | |
parent | 6797318e623da68dfbacd0cb5c246f5ecd2baf6e (diff) | |
download | linux-8917a777be3ba566377be05117f71b93a5fd909d.tar.bz2 |
tcp: md5: add TCP_MD5SIG_EXT socket option to set a key address prefix
Replace first padding in the tcp_md5sig structure with a new flag field
and address prefix length so it can be specified when configuring a new
key for TCP MD5 signature. The tcpm_flags field will only be used if the
socket option is TCP_MD5SIG_EXT to avoid breaking existing programs, and
tcpm_prefixlen only when the TCP_MD5SIG_FLAG_PREFIX flag is set.
Signed-off-by: Bob Gilligan <gilligan@arista.com>
Signed-off-by: Eric Mowat <mowat@arista.com>
Signed-off-by: Ivan Delalande <colona@arista.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/net/tcp.h | 1 | ||||
-rw-r--r-- | include/uapi/linux/tcp.h | 11 |
2 files changed, 9 insertions, 3 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h index 8f4076d31669..d0751b79d99c 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -1848,6 +1848,7 @@ struct tcp_sock_af_ops { const struct sock *sk, const struct sk_buff *skb); int (*md5_parse)(struct sock *sk, + int optname, char __user *optval, int optlen); #endif diff --git a/include/uapi/linux/tcp.h b/include/uapi/linux/tcp.h index 8204dcebc6f3..a5507c977497 100644 --- a/include/uapi/linux/tcp.h +++ b/include/uapi/linux/tcp.h @@ -117,7 +117,8 @@ enum { #define TCP_SAVED_SYN 28 /* Get SYN headers recorded for connection */ #define TCP_REPAIR_WINDOW 29 /* Get/set window parameters */ #define TCP_FASTOPEN_CONNECT 30 /* Attempt FastOpen with connect */ -#define TCP_ULP 31 /* Attach a ULP to a TCP connection */ +#define TCP_ULP 31 /* Attach a ULP to a TCP connection */ +#define TCP_MD5SIG_EXT 32 /* TCP MD5 Signature with extensions */ struct tcp_repair_opt { __u32 opt_code; @@ -235,11 +236,15 @@ enum { /* for TCP_MD5SIG socket option */ #define TCP_MD5SIG_MAXKEYLEN 80 +/* tcp_md5sig extension flags for TCP_MD5SIG_EXT */ +#define TCP_MD5SIG_FLAG_PREFIX 1 /* address prefix length */ + struct tcp_md5sig { struct __kernel_sockaddr_storage tcpm_addr; /* address associated */ - __u16 __tcpm_pad1; /* zero */ + __u8 tcpm_flags; /* extension flags */ + __u8 tcpm_prefixlen; /* address prefix */ __u16 tcpm_keylen; /* key length */ - __u32 __tcpm_pad2; /* zero */ + __u32 __tcpm_pad; /* zero */ __u8 tcpm_key[TCP_MD5SIG_MAXKEYLEN]; /* key (binary) */ }; |