]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-tcp.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Cast "sizeof" to a "u_int"; it's not guaranteed to be "int" in size (it
[tcpdump] / print-tcp.c
diff --git a/print-tcp.c b/print-tcp.c
index c2fcd83817fb3516a9876d6d2a29cd92afc07c9c..8a3e293aee810703eca955c7a48dd94be962a311 100644 (file)
--- a/print-tcp.c
+++ b/print-tcp.c
@@ -23,7 +23,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-tcp.c,v 1.121 2005-04-18 00:22:40 guy Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/print-tcp.c,v 1.125 2006-05-05 23:13:00 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -420,7 +420,7 @@ tcp_print(register const u_char *bp, register u_int length,
                return;
        }
 
-       if (IP_V(ip) == 4 && vflag && !fragmented) {
+       if (IP_V(ip) == 4 && vflag && !Kflag && !fragmented) {
                u_int16_t sum, tcp_sum;
                if (TTEST2(tp->th_sport, length)) {
                        sum = tcp_cksum(ip, tp, length);
@@ -434,7 +434,7 @@ tcp_print(register const u_char *bp, register u_int length,
                }
        }
 #ifdef INET6
-       if (IP_V(ip) == 6 && ip6->ip6_plen && vflag && !fragmented) {
+       if (IP_V(ip) == 6 && ip6->ip6_plen && vflag && !Kflag && !fragmented) {
                u_int16_t sum,tcp_sum;
                if (TTEST2(tp->th_sport, length)) {
                        sum = tcp6_cksum(ip6, tp, length);
@@ -616,6 +616,15 @@ tcp_print(register const u_char *bp, register u_int length,
 #endif
                                break;
 
+                        case TCPOPT_AUTH:
+                                (void)printf("Enhanced Auth: keyid %d", *cp++);
+                                datalen = len - 3;
+                                for (i = 0; i < datalen; ++i) {
+                                    LENCHECK(i);
+                                    (void)printf("%02x", cp[i]);
+                                }
+                            break;
+
                        default:
                                (void)printf("opt-%u:", opt);
                                datalen = len - 2;
@@ -736,7 +745,7 @@ tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
     const u_char *data, int length, const u_char *rcvsig)
 {
         struct tcphdr tp1;
-       char sig[TCP_SIGLEN];
+       u_char sig[TCP_SIGLEN];
        char zero_proto = 0;
        MD5_CTX ctx;
        u_int16_t savecsum, tlen;
@@ -799,7 +808,7 @@ tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
        MD5_Update(&ctx, tcpmd5secret, strlen(tcpmd5secret));
        MD5_Final(sig, &ctx);
 
-       if (memcmp(rcvsig, sig, 16))
+       if (memcmp(rcvsig, sig, TCP_SIGLEN) == 0)
                return (SIGNATURE_VALID);
        else
                return (SIGNATURE_INVALID);
[mirror] the TCPdump network dissector