Avoid -E and -M options inconsistencies with no libcrypto

[tcpdump] / signature.c

diff --git a/signature.c b/signature.c
index c97b853421e1c8f4fd2bab1d96ed0b225b42c807..f10a90b94ee90cef0fd70671828396f8e248eb39 100644 (file)
--- a/signature.c
+++ b/signature.c
@@ -12,20 +12,19 @@
  *
  * Functions for signature and digest verification.
  *
- * Original code by Hannes Gredler (hannes@juniper.net)
+ * Original code by Hannes Gredler (hannes@gredler.at)
  */
 
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
+#include <config.h>
 
-#include <netdissect-stdinc.h>
+#include "netdissect-stdinc.h"
 
 #include <string.h>
 #include <stdlib.h>
 
 #include "netdissect.h"
 #include "signature.h"
+#include "diag-control.h"
 
 #ifdef HAVE_LIBCRYPTO
 #include <openssl/md5.h>
@@ -45,7 +44,7 @@ const struct tok signature_check_values[] = {
  * Compute a HMAC MD5 sum.
  * Taken from rfc2104, Appendix.
  */
-USES_APPLE_DEPRECATED_API
+DIAG_OFF_DEPRECATION
 static void
 signature_compute_hmac_md5(const uint8_t *text, int text_len, unsigned char *key,
                            unsigned int key_len, uint8_t *digest)
@@ -81,8 +80,8 @@ signature_compute_hmac_md5(const uint8_t *text, int text_len, unsigned char *key
      */
 
     /* start out by storing key in pads */
-    memset(k_ipad, 0, sizeof k_ipad);
-    memset(k_opad, 0, sizeof k_opad);
+    memset(k_ipad, 0, sizeof(k_ipad));
+    memset(k_opad, 0, sizeof(k_opad));
     memcpy(k_ipad, key, key_len);
     memcpy(k_opad, key, key_len);
 
@@ -108,7 +107,7 @@ signature_compute_hmac_md5(const uint8_t *text, int text_len, unsigned char *key
     MD5_Update(&context, digest, 16);     /* then results of 1st hash */
     MD5_Final(digest, &context);          /* finish up 2nd pass */
 }
-USES_APPLE_RST
+DIAG_ON_DEPRECATION
 
 /*
  * Verify a cryptographic signature of the packet.
@@ -130,7 +129,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
     /*
      * Do we have all the packet data to be checked?
      */
-    if (!ND_TTEST2(pptr, plen)) {
+    if (!ND_TTEST_LEN(pptr, plen)) {
         /* No. */
         return (CANT_CHECK_SIGNATURE);
     }
@@ -138,11 +137,11 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
     /*
      * Do we have the entire signature to check?
      */
-    if (!ND_TTEST2(sig_ptr, sizeof(sig))) {
+    if (!ND_TTEST_LEN(sig_ptr, sizeof(sig))) {
         /* No. */
         return (CANT_CHECK_SIGNATURE);
     }
-    if ((sig_ptr + sizeof(sig) - pptr) > plen) {
+    if (sig_ptr + sizeof(sig) > pptr + plen) {
         /* No. */
         return (CANT_CHECK_SIGNATURE);
     }
@@ -167,7 +166,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
      * Clear anything else that needs to be cleared in the copy.
      * Our caller is assumed to have vetted the clear_arg pointer.
      */
-    (*clear_rtn)((void *)(packet_copy + ((const u_int8_t *)clear_arg - pptr)));
+    (*clear_rtn)((void *)(packet_copy + ((const uint8_t *)clear_arg - pptr)));
 
     /*
      * Compute the signature.
@@ -190,7 +189,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
     } else {
         /* No - print the computed signature. */
         for (i = 0; i < sizeof(sig); ++i) {
-            ND_PRINT((ndo, "%02x", sig[i]));
+            ND_PRINT("%02x", sig[i]);
         }
 
         return (SIGNATURE_INVALID);
@@ -205,10 +204,3 @@ signature_verify(netdissect_options *ndo _U_, const u_char *pptr _U_,
     return (CANT_CHECK_SIGNATURE);
 }
 #endif
-
-/*
- * Local Variables:
- * c-style: whitesmith
- * c-basic-offset: 4
- * End:
- */