git.baikalelectronics.ru Git - kernel.git/commit

author	Leonard Crestez <cdleonard@gmail.com>
	Fri, 15 Oct 2021 07:26:05 +0000 (10:26 +0300)
committer	David S. Miller <davem@davemloft.net>
	Fri, 15 Oct 2021 13:36:57 +0000 (14:36 +0100)
commit	30527168e322443c1f89b6669c7304d34a3e0934
tree	a981e21276f7fac7082078a3d80a55854aafa181	tree \| snapshot
parent	d68ff49b0b2399ec5cf3668cb4b7c30e8977c5ff	commit \| diff

tcp: md5: Allow MD5SIG_FLAG_IFINDEX with ifindex=0

Multiple VRFs are generally meant to be "separate" but right now md5
keys for the default VRF also affect connections inside VRFs if the IP
addresses happen to overlap.

So far the combination of TCP_MD5SIG_FLAG_IFINDEX with tcpm_ifindex == 0
was an error, accept this to mean "key only applies to default VRF".
This is what applications using VRFs for traffic separation want.

Signed-off-by: Leonard Crestez <cdleonard@gmail.com>
Reviewed-by: David Ahern <dsahern@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/tcp.h		diff \| blob \| history
net/ipv4/tcp_ipv4.c		diff \| blob \| history
net/ipv6/tcp_ipv6.c		diff \| blob \| history