[PATCH] First part of TCP-MD5 inbound verification

[Barney Wolff]

Just a note that, as discussion on nanog shows, it's very important to
only do the md5 check if the incoming packet is going to be accepted
and processed, rather than the intuitive order of checking the sig
first.  That's because checking first allows an easy DoS, since checking
is cpu-intensive.
Barney

-- 
Barney Wolff         http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.