diff options
author | Henning Brauer <henning@cvs.openbsd.org> | 2004-02-10 13:34:07 +0000 |
---|---|---|
committer | Henning Brauer <henning@cvs.openbsd.org> | 2004-02-10 13:34:07 +0000 |
commit | 4ec507a87a5443cffa1c6aa8cd6aae1e7ee9584e (patch) | |
tree | db54f0830e7eee9fc9162afeaf5c95fc95b5defa /share/man/man4/tcp.4 | |
parent | 56ee24a9a1411d39a6d2c8abdc48bbb82b0cc1d8 (diff) |
explain the behaviour with TCP_MD5SIG on listening sockets
with markus and jmc
Diffstat (limited to 'share/man/man4/tcp.4')
-rw-r--r-- | share/man/man4/tcp.4 | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/share/man/man4/tcp.4 b/share/man/man4/tcp.4 index 0a9fc550557..9096f792cc2 100644 --- a/share/man/man4/tcp.4 +++ b/share/man/man4/tcp.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tcp.4,v 1.15 2004/02/02 17:09:36 henning Exp $ +.\" $OpenBSD: tcp.4,v 1.16 2004/02/10 13:34:06 henning Exp $ .\" $NetBSD: tcp.4,v 1.3 1994/11/30 16:22:35 jtc Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 @@ -142,6 +142,17 @@ This requires .Em Security Associations to be set up, which can be done using .Xr ipsecadm 8 . +When a listening socket has +.Em TCP_MD5SIG +set, it accepts connections with MD5 signatures only from sources for which a +.Em Security Association +is set up. +Connections without MD5 signatures are only accepted from sources for which no +.Em Security Association +is set up. +The connected socket only has +.Em TCP_MD5SIG +set if the connection is protected with MD5 signatures. .El .Pp The option level for the |