Jeff Rizzo
2007-05-17 17:06:16 UTC
(I sent a couple emails over the last 6 months to the original author of
this change with no response - I suspect I'm getting spam filtered or
something)
In revision 1.254 of tcp_input.c, the signature of tcp_dooptions() was
changed so that the 4th arg (a struct tcphdr *) is now const. This has
broken the TCP_SIGNATURE option (which implements, albeit somewhat
hackishly, RFC2385 support - md5 signed TCP sessions, to support use as
a BGP router interoperating with commercial routers with this support)
Upon further investigation, I'm not sure it's possible for
tcp_dooptions() to be constified in that way at all - the
options-handling code needs to be able to alter the TCP header to insert
the signature.
In order to fix the TCP_SIGNATURE code (which I'd REALLY like to do
prior to 4.0's release), I think tcp_dooptions() needs to be switched
back to this:
static int tcp_dooptions(struct tcpcb *, const u_char *, int,
struct tcphdr *, struct mbuf *, int, struct tcp_opt_info *);
Doing this (along with a minor fix or two to some #ifdef TCP_SIGNATURE
code) allows this code (which was broken by the change of October 21)
to work again - would people be OK with this change? If not, do you have a
counter-proposal for me?
Once this is again compilable, I'll add TCP_SIGNATURE to the i386 ALL
kernel to hopefully avoid this sort of silent breakage in the future.
Thanks,
+j
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
this change with no response - I suspect I'm getting spam filtered or
something)
In revision 1.254 of tcp_input.c, the signature of tcp_dooptions() was
changed so that the 4th arg (a struct tcphdr *) is now const. This has
broken the TCP_SIGNATURE option (which implements, albeit somewhat
hackishly, RFC2385 support - md5 signed TCP sessions, to support use as
a BGP router interoperating with commercial routers with this support)
Upon further investigation, I'm not sure it's possible for
tcp_dooptions() to be constified in that way at all - the
options-handling code needs to be able to alter the TCP header to insert
the signature.
In order to fix the TCP_SIGNATURE code (which I'd REALLY like to do
prior to 4.0's release), I think tcp_dooptions() needs to be switched
back to this:
static int tcp_dooptions(struct tcpcb *, const u_char *, int,
struct tcphdr *, struct mbuf *, int, struct tcp_opt_info *);
Doing this (along with a minor fix or two to some #ifdef TCP_SIGNATURE
code) allows this code (which was broken by the change of October 21)
to work again - would people be OK with this change? If not, do you have a
counter-proposal for me?
Once this is again compilable, I'll add TCP_SIGNATURE to the i386 ALL
kernel to hopefully avoid this sort of silent breakage in the future.
Thanks,
+j
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de