Re: [tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

Michael> Are you sure you tested 3des-cbc with hmac-md5 or with some Michael> other authentication algorithm? I don't doubt that for some Michael> other authentication algorithms where authlen is set Michael> correctly your code works fine. every night, 170 different test cases f

Re: [tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

-BEGIN PGP SIGNED MESSAGE- > "Michael" == Michael Mueller <[EMAIL PROTECTED]> writes: Michael> Are you sure you tested 3des-cbc with hmac-md5 or with some Michael> other authentication algorithm? I don't doubt that for some Michael> other authentication algorithms where au

Re: [tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

Michael, Are you sure you tested 3des-cbc with hmac-md5 or with some other authentication algorithm? I don't doubt that for some other authentication algorithms where authlen is set correctly your code works fine. For *-cbc algorithms the problem seems to be that decryption starts at the end o

Re: [tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

-BEGIN PGP SIGNED MESSAGE- > "Guy" == Guy Harris <[EMAIL PROTECTED]> writes: >> Are there any positive or negative reactions to this? Will >> somebody fix it? Guy> I'd check in the patch if somebody resolved the issue Guy> either by saying that 12 is the right authle

Re: [tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

authlen depends on the authentication algorithm used by esp. But on the command line we only have the encryption algorithm. Unfortunately the decryption at least for the *-cbc algorithms fails completely if authlen is wrong. The two algorithms can be chosen independently of each other in princi

Re: [tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

Michael Mueller wrote: Are there any positive or negative reactions to this? Will somebody fix it? I'd check in the patch if somebody resolved the issue Tcpdump -E doesn't work for 3des-cbc encryption with hmac-md5 authentication (tested with tcpdump-2004.09.22 on Linux 2.6). The reason is that i

Re: [tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

Hi, Are there any positive or negative reactions to this? Will somebody fix it? Michael Michael Mueller wrote: Sorry, I forgot to append the patch. Tcpdump -E doesn't work for 3des-cbc encryption with hmac-md5 authentication (tested with tcpdump-2004.09.22 on Linux 2.6). The reason is that in es

Re: [tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

Sorry, I forgot to append the patch. Tcpdump -E doesn't work for 3des-cbc encryption with hmac-md5 authentication (tested with tcpdump-2004.09.22 on Linux 2.6). The reason is that in esp_print_decode_onesecret(), print-esp.c authlen is left 0 instead of setting it to 12 for *-cbc encryptions. T

[tcpdump-workers] tcpdump -E doesn't work for 3des-cbc/hmac-md5

Hi, Tcpdump -E doesn't work for 3des-cbc encryption with hmac-md5 authentication (tested with tcpdump-2004.09.22 on Linux 2.6). The reason is that in esp_print_decode_onesecret(), print-esp.c authlen is left 0 instead of setting it to 12 for *-cbc encryptions. The 12 byte authlen is required fo