Michael> Are you sure you tested 3des-cbc with hmac-md5 or with some
Michael> other authentication algorithm? I don't doubt that for some
Michael> other authentication algorithms where authlen is set
Michael> correctly your code works fine.
every night, 170 different test cases f
Michael,
Are you sure you tested 3des-cbc with hmac-md5 or with some other
authentication algorithm? I don't doubt that for some other
authentication algorithms where authlen is set correctly your code works
fine.
For *-cbc algorithms the problem seems to be that decryption starts at
the end o
Michael Richardson wrote:
-BEGIN PGP SIGNED MESSAGE-
"Michael" == Michael Mueller <[EMAIL PROTECTED]> writes:
Michael> Is this a Linux or tcpdump / libpcap problem? Does anybody
Michael> have some further details about it? Is there a more
Michael>
ename' case too. If authlen is not given, it should
default to 12.
I also would try and update the man page. The current description of -E
is already kind of cryptic and an example would be helpful. (I learned
the -E syntax from the sources.)
Michael
Guy Harris wrote:
Michael Mueller wrote:
Hi,
Are there any positive or negative reactions to this? Will somebody fix it?
Michael
Michael Mueller wrote:
Sorry, I forgot to append the patch.
Tcpdump -E doesn't work for 3des-cbc encryption with hmac-md5
authentication (tested with tcpdump-2004.09.22 on Linux 2.6). The
reason is th
Hi,
On Linux 2.6 Intel with a ipsec connection in tunnel mode I found that
tcpdump shows incoming and outgoing ESP packets as expected. It also
shows the incoming packets after they are decrypted (starting from
behind the ESP header). But it does not show outgoing unencrypted
packets which is a
You can use tcpdump -E to decrypt ESP headers. (The tcpdump man page is
also kind of cryptic at this point though. Contact me if you have
trouble.) For *-cbc (3des-cbc for example) encryption algorithms you
will need the patch I just sent to this list. See "tcpdump -E doesn't
work for 3des-cbc/
Sorry, I forgot to append the patch.
Tcpdump -E doesn't work for 3des-cbc encryption with hmac-md5
authentication (tested with tcpdump-2004.09.22 on Linux 2.6). The reason
is that in esp_print_decode_onesecret(), print-esp.c authlen is left 0
instead of setting it to 12 for *-cbc encryptions. T
Hi,
Tcpdump -E doesn't work for 3des-cbc encryption with hmac-md5
authentication (tested with tcpdump-2004.09.22 on Linux 2.6). The reason
is that in esp_print_decode_onesecret(), print-esp.c authlen is left 0
instead of setting it to 12 for *-cbc encryptions. The 12 byte authlen
is required fo
