CVS commit: src/usr.sbin/ldpd

[Mihai Chelaru]

Module Name:    src
Committed By:   kefren
Date:           Sun Jan 27 05:53:21 UTC 2013

Modified Files:
        src/usr.sbin/ldpd: ldp_peer.c

Log Message:
re-enable peer authentication


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/usr.sbin/ldpd/ldp_peer.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/usr.sbin/ldpd/ldp_peer.c
diff -u src/usr.sbin/ldpd/ldp_peer.c:1.5 src/usr.sbin/ldpd/ldp_peer.c:1.6
--- src/usr.sbin/ldpd/ldp_peer.c:1.5	Sat Jan 26 17:29:55 2013
+++ src/usr.sbin/ldpd/ldp_peer.c	Sun Jan 27 05:53:21 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: ldp_peer.c,v 1.5 2013/01/26 17:29:55 kefren Exp $ */
+/* $NetBSD: ldp_peer.c,v 1.6 2013/01/27 05:53:21 kefren Exp $ */
 
 /*
  * Copyright (c) 2010 The NetBSD Foundation, Inc.
@@ -81,9 +81,8 @@ ldp_peer_new(const struct in_addr * ldp_
 	struct ldp_peer *p;
 	int s = soc;
 	struct sockaddr *connecting_sa = NULL;
-	/* disabled - see below
 	struct conf_neighbour *cn;
-	*/
+
 	if (tradd != NULL)
 		assert(tradd->sa_family == padd->sa_family);
 
@@ -112,17 +111,16 @@ ldp_peer_new(const struct in_addr * ldp_
 	}
 
 	/* MD5 authentication needed ? */
-/* XXX: disabled for now - need to make sure NetBSD handles TCPSIG correctly
 	SLIST_FOREACH(cn, &conei_head, neilist)
-		if (cn->authenticate != 0 && (a->s_addr == cn->address.s_addr ||
-		    (tradd && tradd->s_addr == cn->address.s_addr))) {
+		if (cn->authenticate != 0 &&
+		    ldp_id->s_addr == cn->address.s_addr) {
 			if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, &(int){1},
 			    sizeof(int)) != 0)
 				fatalp("setsockopt TCP_MD5SIG: %s\n",
 				    strerror(errno));
 			break;
 		}
-*/
+
 	/* Set the peer in CONNECTING/CONNECTED state */
 	p = calloc(1, sizeof(*p));