netdev
[Top] [All Lists]

Re: TCP MD5 signature option (RFC2385)

To: netdev@xxxxxxxxxxx
Subject: Re: TCP MD5 signature option (RFC2385)
From: Sandy Harris <sandy@xxxxxxxx>
Date: Fri, 25 Jan 2002 21:39:43 -0500
References: <1012009515.1850.36.camel@localhost.localdomain>
Sender: owner-netdev@xxxxxxxxxxx
Frank Solensky wrote:
> 
> I noticed that Linux stack doesn't currently support for RFC2385 (MD5
> signatures for TCP packets).  This could be useful for the zebra project
> for authenticating BGP connections with other implementations.

Can you use IPsec authentication? 
See www.freeswan.org for the Linux implementation.
 
> I checked various list archives and didn't see any mention of work being
> underway on this -- what's the best way for me to proceed, download code
> and just start implementing?

I don't know how useful these are, but some things to consider:

The /dev/random driver includes MD5 and some code for generating TCP
sequence numbers. I'm inclined to doubt a device driver is the right
place to put what you want to do, but you might want to look at that
code.

<Prev in Thread] Current Thread [Next in Thread>