tcpdump mailing list archives
tcpdump -E doesn't work for 3des-cbc/hmac-md5
From: Michael Mueller <m.mueller99 () kay-mueller de>
Date: Fri, 24 Sep 2004 14:22:12 +0200
Hi,Tcpdump -E doesn't work for 3des-cbc encryption with hmac-md5 authentication (tested with tcpdump-2004.09.22 on Linux 2.6). The reason is that in esp_print_decode_onesecret(), print-esp.c authlen is left 0 instead of setting it to 12 for *-cbc encryptions. The 12 byte authlen is required for
hmac-md5 by rfc2403 hmac-sha1 by rfc2404and seems to have the same value for other authentication algorithms too. I don't think that authlen should depend on the encryption algorithm used. I append a patch that sets it to 12. I hope that this is good for all cases. Otherwise specifying authlen on the command line would be an alternative.
Michael - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- tcpdump -E doesn't work for 3des-cbc/hmac-md5 Michael Mueller (Sep 24)
- Re: tcpdump -E doesn't work for 3des-cbc/hmac-md5 Michael Mueller (Sep 24)