Add a ND_BYTES_AVAILABLE_AFTER() macro to find the number of bytes
available in the captured data, starting at the byte pointed to by the
argument. It returns a u_int rather than a ptrdiff_t, so it'll be
32 bits on LP64 and LLP64 platforms as well as on ILP32 platforms. Use
that macro.
Make size-of-buffer arguments size_t.
Cast some size_t and ptrdiff_t values to u_int or int.
MSVC says a const object should be initialized, so initialize it.
Use nd_ipv6 as the type, while we're at it (it shouldn't make a
difference, but this means we know the type - array of 16 octets - so we
can just initialize it with { 0 }).
InfiniBand support for tcpdump.
This is an in-house patch. Sent upstream for potential inclusion in future
versions of tcpdump.
(also adding print-ipoib.c to CMakeLists.txt, asked by @guyharris)
(s/u_int16_t/uint16_t asked by @guyharris)
MEDSA (which unofficially stands for Marvell EDSA) relies on the
unregistered 0xDADA ethertype value that was randomly choosen and
currently used by the kernel. But with EDSA this value is programmable,
hence can be changed anytime.
Now that a reliable DLT parser is implemented for both DSA and EDSA
tagged master interfaces, let's get rid for the MEDSA ethertype parser.
Similarly to commit 6eaebfe adding support for the Broadcom tagging
format supported by the DSA kernel subsystem, this commit adds support
for the Marvell DSA and Ethertype DSA (EDSA) tagging formats.
Marvell DSA is a 4-byte proprietary tag placed between the ether source
address and the ether length/type. It contains data such as the switch
device and port IDs from which a frame came from, or to which port
a frame is targetting. It also contains additional FPri and IEEE bits.
EDSA is a 8-byte variant including a programmable ethertype, two null
bytes and a standard DSA tag.
Same bugfixes than in previous commit, based on a code inspection.
Update the output of a test accordingly.
Moreover:
Clean up whitespaces/indentation.
The error was:
print-isoclns.c:2822:7: runtime error: unsigned integer overflow:
4 - 6 cannot be represented in type 'unsigned int'
Update the output of a test accordingly.
Moreover:
Clean up whitespaces/indentation.
Add two shortcuts (as long-options) for setting the time stamp
precision: --micro and --nano. While adding these options, reshuffle
the usage message to group up the options related to time stamp, and
removing the macro TIME_STAMP_PRECISION_USAGE.
If setting the time stamp precision is not supported by the available
libpcap, the usage won't mention these options (including
--time-stamp-precision), but they will still be presented in the
manpage.
The warnings were:
implicit declaration of function 'malloc' [-Wimplicit-function-declaration]
incompatible implicit declaration of built-in function 'malloc'
implicit declaration of function 'free' [-Wimplicit-function-declaration]
incompatible implicit declaration of built-in function 'free'
If a dissector has to process its input - decryption, decompression,
etc. - rather than dissect the raw input, it should push the processed
input onto the buffer stack. As soon as the dissection is done, the
stack should be popped, to free the buffer into which the processing was
done, and restore the "pointer to packet data" and "pointer to end of
packet data" members of the netdissect_options structure, so the code
can go back to dissecting the original data.
The stack will get everything popped off it when dissection is done.
Use this mechanism in the ESP decryption code rather than scribbling on
top of the input packet data.
"ivoff" is a pointer to the IV, not the offset of the IV; call it ivptr.
Have a variable that points to the beginning of the ciphertext, and use
that.
Fix the check that makes sure the authentication data/integrity check
value length isn't too big - it needs to make sure that it doesn't go
before the beginning of the ciphertext, i.e. doesn't overlap with the
IV.
Don't bother with a variable pointing to the secret, just pass
sa->secret.
Fix the check that makes sure the padding length isn't too big - make
sure it, plus 2 for the padding length and next header bytes, isn't
bigger than the ciphertext length.
Update a test to reflect the stricter length checks.
Just check whether the pointer to it is within the available packet data
- and, if it's not, report truncation.
While we're at it:
Make the initialization vector length unsigned; it's either zero or a
positive number.
Rename a variable used for the ciphertext len to ctlen.
If we can't decrypt the payload, we can't dissect it, so don't try -
just give up immediately.
While we're at it:
If EVP_CIPHER_CTX_new() fails, it means a memory allocation failed;
treat that as such.
Use some of the arguments we're passed rather than re-fetching them from
the IP header.
Add some comments.
Call nd_print_trunc() for failed length sanity checks, and note that
they can fail due to the decryption being done with the wrong key.
Update one test's output; it is, I think, being decrypted with the wrong
key.
The checksum calculation for IPv6 packets is based on a pseudo
header that includes the packet's final Destination Address (DA).
If the IPv6 packet contains a Routing header, the final DA is the
last element of the Routing header [RFC8200].
Currently, tcpdump supports Routing header types 0 and 2.
IPv6 Segment Routing Header (SRH) is a new Routing header type (4).
SRH is defined in draft-ietf-6man-segment-routing-header [1].
This patch fix the checksum calculation for SRv6 packets. It allows
tcpdump to get the final DA value from SRv6 packets.
[1] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-17