]> git.ipfire.org Git - thirdparty/bird.git/commit
projects / thirdparty / bird.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5daec23) | patch
RPKI: Add TCP-MD5 authentication option
authorJob Snijders <job@fastly.com>
Thu, 3 Oct 2024 13:43:12 +0000 (15:43 +0200)
committerOndrej Zajicek <santiago@crfreenet.org>
Thu, 3 Oct 2024 14:25:29 +0000 (16:25 +0200)
commit8dc2a36ae545d13fdf201b0891185f98852584ee
tree0bb7a50c411fc0060cf0e10df7e7fb744202b0a1tree
parent5daec239c4c62dd508a3cd8f7ca82d3666becbe6commit | diff
RPKI: Add TCP-MD5 authentication option

RPKI-To-Router (RTR) sessions seem to be similar security-sensitivity as
IBGP sessions. BIRD already offered a choice of either "plain TCP" (meh)
or "SSH" (secure, albeit a bit more hassle to set up than TCP-MD5).
The patch adds TCP-MD5 as another option. TCP-MD5 for RTR is specified
through RFC 6810 section 7.3 and RFC 8210 section 9.3.

Minor changes by committer.
doc/bird.sgml diff | blob | blame | history
proto/rpki/config.Y diff | blob | blame | history
proto/rpki/rpki.c diff | blob | blame | history
proto/rpki/tcp_transport.c diff | blob | blame | history
proto/rpki/transport.h diff | blob | blame | history
Mirror of https://gitlab.labs.nic.cz/labs/bird.git