From 6c2482c466aa420875f330893dc36101c3e7fd46 Mon Sep 17 00:00:00 2001
From: Chris Hall <GMCH@hestia.halldom.com>
Date: Wed, 28 Apr 2010 12:09:58 +0100
Subject: Don't return "Not Supported" when setting NULL MD5 password

If TCP MD5 signature is not supported, sockopt_tcp_signature()
returns ENOSYS.

This change means that if the given password is NULL or an empty
string, then returns OK, even when TCP MD5 signature is not
supported.

If the password is being cleared, it doesn't matter that it
could never have bee set in the first place !

This means that unless a password is required, it is safe to call
sockopt_tcp_signature() whether the facility is supported or not.
Which further means that only this function needs to worry about
the circumstances under which it is supported !
---
 lib/sockopt.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/sockopt.c b/lib/sockopt.c
index bf3c5d50..a8fae4f1 100644
--- a/lib/sockopt.c
+++ b/lib/sockopt.c
@@ -674,9 +674,14 @@ sockopt_tcp_signature (int sock_fd, union sockunion *su, const char *password)
 
   return (err == 0) ? 0 : -1 ;
 
-#else /* HAVE_TCP_MD5SIG */
+#else
+
+  /* TCP MD5 is not supported                                           */
+
+  if ((password == NULL) || (*password == '\0'))
+    return 0 ;                  /* OK if not required !         */
 
-  errno = ENOSYS ;              /* TCP MD5 is not supported     */
+  errno = ENOSYS ;              /* manufactured error           */
   return -1 ;
 
 #endif /* !HAVE_TCP_MD5SIG */
-- 
cgit v1.2.3