tcpdump mailing list archives

little fix for print-esp.c

From: Francis Dupont <Francis.Dupont () enst-bretagne fr>
Date: Fri, 09 Apr 2004 17:06:59 +0200

ESP decryption should not be performed on the authentication trailer...

Regards

Francis.Dupont () enst-bretagne fr

PS: here is the fix (for tcpdump 3.8.3 release):

*** print-esp.c-orig    Wed Nov 19 06:36:40 2003
--- print-esp.c Thu Apr  8 12:15:37 2004
***************
*** 475,480 ****
--- 475,481 ----
        ivlen = sa->ivlen;
        secret = sa->secret;
        espsecret_keylen = sa->secretlen;
+       ep = ep - sa->authlen;
  
        if (sa->evp) {
                memset(&ctx, 0, sizeof(ctx));
***************
*** 490,496 ****
        } else
                advance = sizeof(struct newesp);
  
-       ep = ep - sa->authlen;
        /* sanity check for pad length */
        if (ep - bp < *(ep - 2))
                goto fail;
--- 491,496 ----
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.

Current thread:

little fix for print-esp.c Francis Dupont (Apr 09)
- Re: little fix for print-esp.c Guy Harris (Apr 10)
- Re: little fix for print-esp.c Michael Richardson (Apr 20)