diff options
author | Ivan Delalande <colona@arista.com> | 2017-06-16 04:07:06 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2017-06-19 20:50:55 +0300 |
commit | 6797318e623da68dfbacd0cb5c246f5ecd2baf6e (patch) | |
tree | 64cb66cb77576371cd085f8208f86e2be91cb9db /include/net/tcp.h | |
parent | 910603818c6c0558fe9b5e056a3bd5195aaae1a5 (diff) | |
download | linux-6797318e623da68dfbacd0cb5c246f5ecd2baf6e.tar.xz |
tcp: md5: add an address prefix for key lookup
This allows the keys used for TCP MD5 signature to be used for whole
range of addresses, specified with a prefix length, instead of only one
address as it currently is.
Signed-off-by: Bob Gilligan <gilligan@arista.com>
Signed-off-by: Eric Mowat <mowat@arista.com>
Signed-off-by: Ivan Delalande <colona@arista.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/tcp.h')
-rw-r--r-- | include/net/tcp.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h index e17ec286e8df..8f4076d31669 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -1441,6 +1441,7 @@ struct tcp_md5sig_key { u8 keylen; u8 family; /* AF_INET or AF_INET6 */ union tcp_md5_addr addr; + u8 prefixlen; u8 key[TCP_MD5SIG_MAXKEYLEN]; struct rcu_head rcu; }; @@ -1484,9 +1485,10 @@ struct tcp_md5sig_pool { int tcp_v4_md5_hash_skb(char *md5_hash, const struct tcp_md5sig_key *key, const struct sock *sk, const struct sk_buff *skb); int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr, - int family, const u8 *newkey, u8 newkeylen, gfp_t gfp); + int family, u8 prefixlen, const u8 *newkey, u8 newkeylen, + gfp_t gfp); int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr, - int family); + int family, u8 prefixlen); struct tcp_md5sig_key *tcp_v4_md5_lookup(const struct sock *sk, const struct sock *addr_sk); |