summaryrefslogtreecommitdiffstats
path: root/usr.bin/diff/diffdir.c
diff options
context:
space:
mode:
authordlg <dlg@openbsd.org>2019-01-23 02:02:04 +0000
committerdlg <dlg@openbsd.org>2019-01-23 02:02:04 +0000
commit7ee91690249e42a5bf33a780035fc47278ffda1a (patch)
tree688411cba7ef66e9f3206516c1a410a632a06870 /usr.bin/diff/diffdir.c
parentswitch mainloop from select(2) to poll(2); ok deraadt@ (diff)
downloadwireguard-openbsd-7ee91690249e42a5bf33a780035fc47278ffda1a.tar.xz
wireguard-openbsd-7ee91690249e42a5bf33a780035fc47278ffda1a.zip
rework how tcp md5 signatures are configured.
previously ldpd only allowed tcp md5 to be configured against a neighbor (by ldp router id), but other vendors supported configuring tcp md5sig by prefix as well as neighbor. this reworks the config so auth is maintained globally as a list of prefixes that you do and do not want to do tcp md5sig auth with. the config statements look more like what is in bgpd.conf now too. an example of the new config for interoperating with my baby cisco test network: on ios: mpls ldp password required for MPLS mpls ldp password option 1 for MPLS key-chain LDPAUTH key chain LDPAUTH key 1 key-string secret interface Loopback0 ip address 192.168.0.0 255.255.255.255 end ip prefix-list MPLS seq 5 permit 192.168.0.0/24 ip access-list standard MPLS mpls ldp router-id Loopback0 force and in ldpd.conf: router-id 192.168.0.25 tcp md5sig password secret 192.168.0.0/24 address-family ipv4 { interface vmx1 } this still supports specifying tcp md5sig on neighbors, but that is syntactic sugar around adding entries to the list of auths. ok (and lots of help from) claudio@
Diffstat (limited to 'usr.bin/diff/diffdir.c')
0 files changed, 0 insertions, 0 deletions