The Tcpdump Group git mirrors - tcpdump/blobdiff

index 6a94ad932dd5c9f1a481c15c3f2f3ca93fedd288..18449fc24bc2ff016612e9434dcdec039f1c52f8 100644 (file)

--- a/signature.c

+++ b/signature.c

@@ -1,4 +1,4 @@

-/*

+/*

* Redistribution and use in source and binary forms, with or without

* modification, are permitted provided that: (1) source code

* distributions retain the above copyright notice and this paragraph

@@ -11,31 +11,26 @@

* FOR A PARTICULAR PURPOSE.

* Functions for signature and digest verification.

- *

+ *

* Original code by Hannes Gredler ([email protected])

-#ifndef lint

-static const char rcsid[] _U_ =

- "@(#) $Header: /tcpdump/master/tcpdump/signature.c,v 1.1 2008-08-16 11:36:20 hannes Exp $ (LBL)";

-#endif

#ifdef HAVE_CONFIG_H

#include "config.h"

#endif

-#include <tcpdump-stdinc.h>

+#include <netdissect-stdinc.h>

#include <string.h>

-#include "interface.h"

+#include "netdissect.h"

#include "signature.h"

#ifdef HAVE_LIBCRYPTO

#include <openssl/md5.h>

#endif

-struct tok signature_check_values[] = {

+const struct tok signature_check_values[] = {

{ SIGNATURE_VALID, "valid"},

{ SIGNATURE_INVALID, "invalid"},

{ CANT_CHECK_SIGNATURE, "unchecked"},

@@ -48,9 +43,10 @@ struct tok signature_check_values[] = {

* Compute a HMAC MD5 sum.

* Taken from rfc2104, Appendix.

+USES_APPLE_DEPRECATED_API

static void

-signature_compute_hmac_md5(const u_int8_t *text, int text_len, unsigned char *key,

- unsigned int key_len, u_int8_t *digest)

+signature_compute_hmac_md5(const uint8_t *text, int text_len, unsigned char *key,

+ unsigned int key_len, uint8_t *digest)

{

MD5_CTX context;

unsigned char k_ipad[65]; /* inner padding - key XORd with ipad */

@@ -83,10 +79,10 @@ signature_compute_hmac_md5(const u_int8_t *text, int text_len, unsigned char *ke

/* start out by storing key in pads */

- bzero(k_ipad, sizeof k_ipad);

- bzero(k_opad, sizeof k_opad);

- bcopy(key, k_ipad, key_len);

- bcopy(key, k_opad, key_len);

+ memset(k_ipad, 0, sizeof k_ipad);

+ memset(k_opad, 0, sizeof k_opad);

+ memcpy(k_ipad, key, key_len);

+ memcpy(k_opad, key, key_len);

/* XOR key with ipad and opad values */

for (i=0; i<64; i++) {

@@ -110,6 +106,7 @@ signature_compute_hmac_md5(const u_int8_t *text, int text_len, unsigned char *ke

MD5_Update(&context, digest, 16); /* then results of 1st hash */

MD5_Final(digest, &context); /* finish up 2nd pass */

}

+USES_APPLE_RST

#endif

#ifdef HAVE_LIBCRYPTO

@@ -118,24 +115,25 @@ signature_compute_hmac_md5(const u_int8_t *text, int text_len, unsigned char *ke

* Currently only MD5 is supported.

int

-signature_verify (const u_char *pptr, u_int plen, u_char *sig_ptr)

+signature_verify(netdissect_options *ndo,

+ const u_char *pptr, u_int plen, u_char *sig_ptr)

{

- u_int8_t rcvsig[16];

- u_int8_t sig[16];

+ uint8_t rcvsig[16];

+ uint8_t sig[16];

unsigned int i;

* Save the signature before clearing it.

- bcopy(sig_ptr, rcvsig, sizeof(rcvsig));

- bzero(sig_ptr, sizeof(rcvsig));

+ memcpy(rcvsig, sig_ptr, sizeof(rcvsig));

+ memset(sig_ptr, 0, sizeof(rcvsig));

- if (!sigsecret) {

+ if (!ndo->ndo_sigsecret) {

return (CANT_CHECK_SIGNATURE);

}

- signature_compute_hmac_md5(pptr, plen, (unsigned char *)sigsecret,

- strlen(sigsecret), sig);

+ signature_compute_hmac_md5(pptr, plen, (unsigned char *)ndo->ndo_sigsecret,

+ strlen(ndo->ndo_sigsecret), sig);

if (memcmp(rcvsig, sig, sizeof(sig)) == 0) {

return (SIGNATURE_VALID);

@@ -143,7 +141,7 @@ signature_verify (const u_char *pptr, u_int plen, u_char *sig_ptr)

} else {

for (i = 0; i < sizeof(sig); ++i) {

- (void)printf("%02x", sig[i]);

+ ND_PRINT((ndo, "%02x", sig[i]));

}

return (SIGNATURE_INVALID);