summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorChris Caputo <ccaputo@alt.net>2009-06-23 05:34:29 +0000
committerPaul Jakma <paul@quagga.net>2009-06-23 14:21:40 +0100
commit2b35ae41c2c5d39801c943fa740c72fc15613141 (patch)
treeb72600ce7970f5a62a344fd7fed3f5e53779b7a2 /lib
parentb60668d092f1778395b6c10b406059b8cbf235b8 (diff)
Fixes to RFC2385/MD5 BGP
* bgpd/bgp_network.c: Fix MD5 listen in IPv4 version of bgp_socket() by adding listen socket to listen_sockets list so that MD5 passwords can get set. * lib/sockopt.c: (sockopt_tcp_signature) Fix bogus "% Error while applying TCP-Sig to session(s)" / "can't set TCP_MD5SIG option" startup error messages by not returning error when there isn't one.
Diffstat (limited to 'lib')
-rw-r--r--lib/sockopt.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/sockopt.c b/lib/sockopt.c
index 96324ffe..55c6226b 100644
--- a/lib/sockopt.c
+++ b/lib/sockopt.c
@@ -550,8 +550,8 @@ sockopt_tcp_signature (int sock, union sockunion *su, const char *password)
if (su2->sa.sa_family == AF_INET)
{
sockunion_free (susock);
- return -1;
- };
+ return 0;
+ }
#ifdef HAVE_IPV6
/* If this does not work, then all users of this sockopt will need to
@@ -580,7 +580,16 @@ sockopt_tcp_signature (int sock, union sockunion *su, const char *password)
memcpy (md5sig.tcpm_key, password, keylen);
sockunion_free (susock);
#endif /* GNU_LINUX */
- ret = setsockopt (sock, IPPROTO_TCP, TCP_MD5SIG, &md5sig, sizeof md5sig);
+ if ((ret = setsockopt (sock, IPPROTO_TCP, TCP_MD5SIG, &md5sig, sizeof md5sig)) < 0)
+ {
+ /* ENOENT is harmless. It is returned when we clear a password for which
+ one was not previously set. */
+ if (ENOENT == errno)
+ ret = 0;
+ else
+ zlog_err ("sockopt_tcp_signature: setsockopt(%d): %s",
+ sock, safe_strerror(errno));
+ }
return ret;
#else /* HAVE_TCP_MD5SIG */
return -2;