as requested here is a patch in order to take into account Encryption
and Authentication keys for ESP in hexa.
You only have to write your key with 0x first. In this case if the key
is not in 8-bit unit, it will be considered as starting with a "0" (4 bits). Excepted this case, the key should be completely written, even if it
starts with "0x00".
svn path=/trunk/; revision=19181
protocol has a lot of preference items. Change the number of
configurable ESP SAs to 16 (in case someone needs do decrypt many
sessions in a single trace file). Fix up whitespace.
svn path=/trunk/; revision=18903
libgcrypt, enable it in the Windows build.
In packet-ipsec.c:
- Remove non-constants from variable declaration initializations.
- Use ep_alloc() in a couple of places.
- Fix an off-by-one error.
- Reduce the number of SAs in the preferences from 4 to 2. 4 made the
preferences window absolutely enormous. This is probably the wrong
way to fix this.
- Fix up whitespace.
svn path=/trunk/; revision=18856
Check for libgcrypt 1.1.0 (note: I don't know which version
is required, so maybe the version number needs to be changed
for this test to work reliably).
packet-ipsec.c:
- Replace __USE_LIBGCRYPT__ by HAVE_LIBGCRYPT to follow
conventions.
- Warning fixes: signedness in sscanf (%i -> %u)
- Warning fixes: mixed declaration and code
svn path=/trunk/; revision=18460
I updated my previous patch of ESP :
* It now check authentication for (similar to the ICMP checksum):
- NULL Authentication
- HMAC-SHA1-96 [RFC2404]
- HMAC-SHA256
- HMAC-MD5-96 [RFC2403] (2)
I put aside AES-XCBC-MAC-96 [RFC3566] because I did not succeed to have
a working implementation.
I added a field for any authenticator of 12bytes length (without
authentication process)
* I also correct the printing of this authenticator field which was
decrypted :-[ .
Thus, with this patch if libgcrypt is linked withe ethereal you should
have the availability to :
- decrypt packets
- check authentication
at the same time or not.
If noone of these options are set (or libgcrypt is not available) you
also may use the previous heuristic.
svn path=/trunk/; revision=17858
With a change :
#ifdef HAVE_LIBCRYPT
#define __USE_LIBGCRYPT__
#endif
>> > finally, I have updated my dissector using libgcrypt.
>> > It does not use openssl anymore.
>> > If gnutls is installed, all should work.
>> > Thus, now it should decrypt and dissect (transport/tunnel/several
>> > encapsulations ...) :
>> >
>> > - NULL Encryption Algorithm
>> > - TripleDES-CBC [RFC2451] : keylen 192 bits.
>> > - AES-CBC with 128-bit keys [RFC3602] : keylen 128 and 192/256
>> > bits.
>> > - AES-CTR [RFC3686] : keylen 160/224/288 bits. The remaining
>> > 32 bits will be used as nonce.
>> > - DES-CBC [RFC2405] : keylen 64 bits
>> >
>> > I also have added :
>> >
>> > - BLOWFISH-CBC : keylen 128 bits.
>> > - TWOFISH-CBC : keylen 128/256 bits.
>> >
>> > You have to indicate the Authentication algorithm even if all
>> > Algorithms since it uses 12 bytes in the Auth field should work
>> > (have a look to the README to understand why I put it
>> > ;-) ). If you consider I have to throw it away please tell me.
>> >
>> > HMAC-SHA1-96 [RFC2404]
>> > NULL
>> > AES-XCBC-MAC-96 [RFC3566]
>> > HMAC-MD5-96 [RFC2403]
svn path=/trunk/; revision=17734
add a "match_strval_idx()" routine that does the same thing, and have
"match_strval()" call it.
Make those routines, and "val_to_str()", return a "const" pointer.
Update dissectors as necessary to squelch compiler warnings produced by
that.
Use "val_to_str()" rather than using "match_strval()" and then, if the
result is null, substituting a specific string. Clean up some other
"match_strval()"/"val_to_str()" usages.
Add a null pointer check in the NDPS dissector's "attribute_value()"
routine, as it's not clear that "global_attribute_name" won't be null at
that point.
Make some global variables in the AFS4INT dissector local.
Make some routines not used outside the module they're in static.
Make some tables "static const".
Clean up white space.
Fix Gerald's address in some files.
svn path=/trunk/; revision=14786
include of <resolv.h> in any system header file gets the system
<resolv.h> (needed for builds on Tru64 with GTK+ 1.2[.x]).
svn path=/trunk/; revision=11615
Also move ncp222.py, x11-fields, process-x11-fields.pl,
make-reg-dotc, and make-reg-dotc.py.
Adjust #include lines in files that include packet-*.h
files.
svn path=/trunk/; revision=11410
Anders Broman