From: Guy Harris <gharris@sonic.net>
Date: Sun, 6 Mar 2022 22:42:43 +0000 (-0800)
Subject: Update a comment to reflect the addition of TLS support. [skip ci]
X-Git-Tag: libpcap-1.10.2~210
X-Git-Url: https://git.tcpdump.org/libpcap/commitdiff_plain/85e810a69af2fb27ef25b172eef1a0c19dd2f5d9

Update a comment to reflect the addition of TLS support. [skip ci]

If TLS is used with rpcap, user names and pasword don't go over the wire
in clear text.

(cherry picked from commit 19802b3f6ef7502a3fb33ce298af8e13d5878dae)
---

diff --git a/pcap/pcap.h b/pcap/pcap.h
index e66abb04..aa03856e 100644
--- a/pcap/pcap.h
+++ b/pcap/pcap.h
@@ -1013,10 +1013,11 @@ PCAP_API const char *pcap_lib_version(void);
  * authentication is successful (and the user has the right to open network
  * devices) the RPCAP connection will continue; otherwise it will be dropped.
  *
- * *******NOTE********: the username and password are sent over the network
- * to the capture server *IN CLEAR TEXT*.  Don't use this on a network
- * that you don't completely control!  (And be *really* careful in your
- * definition of "completely"!)
+ * *******NOTE********: unless TLS is being used, the username and password
+ * are sent over the network to the capture server *IN CLEAR TEXT*.  Don't
+ * use this, without TLS (i.e., with rpcap:// rather than rpcaps://) on
+ * a network that you don't completely control!  (And be *really* careful
+ * in your definition of "completely"!)
  */
 #define RPCAP_RMTAUTH_PWD 1