Re: [PATCH v2 2/2] tcp: md5: extend the tcp_md5sig struct to specify a key address prefix

From: David Miller
Date: Sat Jun 10 2017 - 18:58:47 EST

Next message: Stafford Horne: "Re: [PATCH 20/35] openrisc: defconfig: Cleanup from old Kconfig options"
Previous message: Heiner Kallweit: "[PATCH] genirq: fix error path in __setup_irq"
In reply to: Ivan Delalande: "[PATCH v2 2/2] tcp: md5: extend the tcp_md5sig struct to specify a key address prefix"
Next in thread: Ivan Delalande: "Re: [PATCH v2 2/2] tcp: md5: extend the tcp_md5sig struct to specify a key address prefix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Ivan Delalande <colona@xxxxxxxxxx>
Date: Fri, 9 Jun 2017 19:14:49 -0700

> Add a flag field and address prefix length at the end of the tcp_md5sig
> structure so users can configure an address prefix length along with a
> key. Make sure shorter option values are still accepted in
> tcp_v4_parse_md5_keys and tcp_v6_parse_md5_keys to maintain backward
> compatibility.
>
> Signed-off-by: Bob Gilligan <gilligan@xxxxxxxxxx>
> Signed-off-by: Eric Mowat <mowat@xxxxxxxxxx>
> Signed-off-by: Ivan Delalande <colona@xxxxxxxxxx>

As I believe was previously stated, the problem with this approach is
that if a new tool requests the prefix length and is run on an older
kernel, the kernel will return success even though the prefix length
was not taken into account.

We do not want to get a success back when the operation requested was
not performed.

Next message: Stafford Horne: "Re: [PATCH 20/35] openrisc: defconfig: Cleanup from old Kconfig options"
Previous message: Heiner Kallweit: "[PATCH] genirq: fix error path in __setup_irq"
In reply to: Ivan Delalande: "[PATCH v2 2/2] tcp: md5: extend the tcp_md5sig struct to specify a key address prefix"
Next in thread: Ivan Delalande: "Re: [PATCH v2 2/2] tcp: md5: extend the tcp_md5sig struct to specify a key address prefix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]