Bug 1090162 - Support TCP MD5SIG option for bgp md5 password auth (when using openSUSE as a router)
Support TCP MD5SIG option for bgp md5 password auth (when using openSUSE as a...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Kernel
Current
Other Other
: P4 - Low : Enhancement (vote)
: ---
Assigned To: Michal Kubeček
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-04-19 07:51 UTC by Grover Chou
Modified: 2022-07-21 17:22 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Grover Chou 2018-04-19 07:51:33 UTC
I use bird[1] on openSUSE to manage BGP routing.
One of my peer using TCP MD5 Signature[2] to protect BGP session.
But it requires MD5SIG enabled in the kernel.
I did a simple check to be sure that this was not enabled in
openSUSE Tumbleweed (even Leap series).

    grep MD5SIG /boot/config-4.16.1-1-default

So please consider its coverage.

[1] http://bird.network.cz
[2] https://www.ietf.org/rfc/rfc2385.txt
Comment 1 Michal Kubeček 2018-04-20 07:24:47 UTC
I'm going to enable TCP_MD5SIG in master and stable branches. It's too late
for Leap 15.0, though, as it would change kABI which is already frozen.
Comment 2 Michal Kubeček 2018-05-07 08:25:42 UTC
CONFIG_TCP_MD5SIG is now enabled in master and stable branches (so that the
change is going to propagate into Tumbleweed package soon). It's also going to
be enabled in openSUSE Leap 15.1 kernel (not 15.0, though).

Closing.
Comment 3 Swamp Workflow Management 2019-02-28 18:00:20 UTC
This is an autogenerated message for OBS integration:
This bug (1090162) was mentioned in
https://build.opensuse.org/request/show/680183 15.1 / kernel-source