Bugzilla – Full Text Bug Listing
|Summary:||Support TCP MD5SIG option for bgp md5 password auth (when using openSUSE as a router)|
|Product:||[openSUSE] openSUSE Tumbleweed||Reporter:||Grover Chou <groverchout>|
|Component:||Kernel||Assignee:||Michal Kubeček <mkubecek>|
|Status:||RESOLVED FIXED||QA Contact:||E-mail List <qa-bugs>|
|Priority:||P4 - Low||CC:||jcheung, mkubecek|
|Found By:||---||Services Priority:|
|Marketing QA Status:||---||IT Deployment:||---|
Description Grover Chou 2018-04-19 07:51:33 UTC
I use bird on openSUSE to manage BGP routing. One of my peer using TCP MD5 Signature to protect BGP session. But it requires MD5SIG enabled in the kernel. I did a simple check to be sure that this was not enabled in openSUSE Tumbleweed (even Leap series). grep MD5SIG /boot/config-4.16.1-1-default So please consider its coverage.  http://bird.network.cz  https://www.ietf.org/rfc/rfc2385.txt
Comment 1 Michal Kubeček 2018-04-20 07:24:47 UTC
I'm going to enable TCP_MD5SIG in master and stable branches. It's too late for Leap 15.0, though, as it would change kABI which is already frozen.
Comment 2 Michal Kubeček 2018-05-07 08:25:42 UTC
CONFIG_TCP_MD5SIG is now enabled in master and stable branches (so that the change is going to propagate into Tumbleweed package soon). It's also going to be enabled in openSUSE Leap 15.1 kernel (not 15.0, though). Closing.