| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
It's "the name of the top source directory, assuming that the working
directory is the top build directory"; when running the configure
script, the working directory will, in fact, be the top build directory.
|
| |
|
|
|
| |
If you're doing an out-of-tree build, that's *not* the current
directory.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At least as I read RFC 5996 section 3.14 and RFC 4303 section 2.4, if
the cipher has a block size of which the ciphertext's size must be a
multiple, the payload must be padded to make that happen, so the
ciphertext length must be a multiple of the block size. Instead of
allocating a buffer, copying the ciphertext to it, and padding it to the
block size, fail if its size isn't a multiple of the block size.
(Note also that the old padding code added a block's worth of padding to
the end of a ciphertext block that *was* a multiple of the cipher block
size; this might have caused problems.)
Don't use the undocumented EVP_Cipher(); the lack of documentation means
a lack of information about whatever requirements it might impose. Use
EVP_DecryptUpdate() instead.
Before calling it, use EVP_CIPHER_CTX_set_padding() to say "don't do
your own padding, this block is a multiple of the cipher block size".
Instead of using EVP_CipherInit() or EVP_CipherInit_ex(), use
EVP_DecryptInit() or EVP_DecryptInit_ex(). as we're always doing
decryption and never doing encryption - the extra parameter to
EVP_CipherInit() and EVP_CipherInit_ex() is always 0.
This may address GitHub issue #814.
It may also make it a bit easier to have the code use Common Crypto on
macOS (rather than requiring that OpenSSL be installed - macOS ships
with an OpenSSL shared library for binary compatibility with older
releases, but doesn't ship with the headers, because Apple wants you
using their crypto code) and use Cryptography API: Next Generation on
Windows (Vista/Server 2008 and later) (rather than requiring a Windows
build of OpenSSL).
(Hopefully this will all work with LibreSSL.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The only function tcpdump used in libdnet was dnet_htoa(), which tries
to translate a binary DECnet address to a nodename through a lookup in
/etc/decnet.conf. The translation is slow and has a bug, so stop using
the function and remove the dependency on libdnet.
This makes tcpdump always print DECnet addresses in numeric format, if
anybody needs the translation back they are welcome to fix libdnet or
(more realistically) add an implementation of dnet_htoa() to the tcpdump
source code and use it.
(This is a forward-port of commit 9a6eb27 from tcpdump-4.9 to master.
Sadly, together with libdnet this change removes the fine work that Guy
had done in the master branch in commits ebf3f19 and 4ef8d63 to put
libdnet usage right whilst my original "do not use libdnet" commit was
aging in the pipeline.)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We require an environment with a C99-compatible snprintf(), so we don't
need to work around older implementations. Make the configuration
process fail if we don't have snprintf() and vsnprintf().
We require at least VS 2015, so we don't have to check for _MSC_VER >=
1400. Make the build fail if we don't have at least VS 2015.
We apparently do, however, have to use __inline, as the VS 2015
documentation doesn't meaning plain old "inline". Update a comment.
|
| |
|
|
| |
with_sandbox-capsicum -> with_sandbox_capsicum
|
| |
|
|
|
|
| |
My PC-BSD 9.1 VM, at least, has sys/capability.h but not sys/capsicum.h;
we now use sys/capsicum.h, so require it to be present (which it is in
FreeBSD 10 and later).
|
| |
|
|
|
| |
We now allow them, and require a compiler that supports them, so there's
no need to warn about them.
|
| |
|
|
|
|
| |
In the last couple years it had been proved that any decoder can
potentially have buffer overflows, hence let's not emphasize one of them
more than the others.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently, the test for pcap_dump_ftell() cannot succeed if the test
program isn't linked with libpcap, this depending on the output of
pcap-config. That's why all pcap_* function checks come after the
pcap-config check.
This explains why in my working copy a ./configure build of the previous
commit tree with the master branch of libpcap found that the function
was "missing" and tried to substitute it with the local implementation
and eventually failed trying to link with libpcap that actually had the
function.
However, this does not explain why all 32 Travis CI builds of the same
tree passed, including the builds that used autotools.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It looks like CMake after commit 3e9e2b6 started to use the newly added
missing/pcap_dump_ftell.c to make pcap_dump_ftell() available in tcpdump
if libpcap does not have it. However, autotools continued to use the
previously existing ./pcap_dump_ftell.c for the same purpose. Remove the
previously existing file and amend autotools files to cover
pcap_dump_ftell() the same way as the other functions in the missing/
directory files.
Amend missing/pcap_dump_ftell.c not to use pcap_dump_file(), as it may be
unavailable.
This has been tested to work with libpcap 0.6.1.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Index is displayed always, name only if available.
Warn about possible wrong interfaces when in reading mode
(pcap file can be displayed on a different host then where
was captured) [1].
See: GH the-tcpdump-group/libpcap#127
[1] https://lists.sandelman.ca/pipermail/tcpdump-workers/2018-July/001019.html
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Suggested-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Denis Ovsienko <denis@ovsienko.info>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
| |
|
|
|
|
|
|
|
|
| |
It's not specified by a libpcap header that might have a different
layout in different pcap releases, it's specified on the list of
link-layer header types and must remain the same forever (except for
getting additional bits defined), so we don't need to pick it up from
libpcap.
This means we get to use tcpdump's nd_ types; do so.
|
| |
|
|
|
|
|
|
|
|
| |
It's not specified by a libpcap header that might have a different
layout in different pcap releases, it's specified on the list of
link-layer header types and must remain the same forever (except for
getting additional bits defined), so we don't need to pick it up from
libpcap.
This means we get to use tcpdump's nd_ types; do so.
|
| |
|
|
|
| |
Check for the same header files that declare it, and handle the results
of those checks in a similar fashion.
|
| |
|
|
|
|
| |
We only use it in addrtoname.c to declare ether_ntohost(), so there's no
need to check for it unless we have ether_ntohost() and there's no other
header that declares it.
|
| |
|
|
| |
Clean up some comments while we're at it.
|
| | |
|
| |
|
|
|
|
| |
1988 called; it wants its pre-standard version of C back. As the
comment in vfprintf.c said, "Stock 4.3 doesn't have vfprintf."; it's
been a while since 4.3BSD was the latest shiniest BSD-flavored OS.
|
| |
|
|
|
|
|
|
|
| |
Instead, use compiler test macros to check whether *particular*
attributes are supported, and set various #defines appropriately, in
header files.
Rename the UNALIGNED structure attribute to ND_UNALIGNED, and ask
whether we still need it.
|
| |
|
|
|
| |
We now define the structures for Linux USB headers in print-usb.c, so it
doesn't need to include <pcap/usb.h>; don't check for it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
At one point, I remember a discussion resulting in the official name of
the next-generation replacement for pcap format being changed to
"pcapng", with no hyphen.
Make tcpdump reflect that.
While we're at it, uppdate to use "macOS" as the name of Apple's
UNIX-for-Macs, as appropriate (don't use it for versions that were still
called Mac OS X or OS X).
|
| |
|
|
|
|
| |
Use AC_PROG_CC_C99, to try to get the appropriate flags to make C99 the
C version for which we compile. (XXX - should we fail if we don't get
support for C99?)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we don't have dnet_htoa(), we don't need any of the headers. Check
for them only if we have dnet_htoa().
Use AC_CHECK_DECL to see if netdnet/dnetdb.h declares dnet_htoa().
Check for netdnet/dn.h and, if we have it, check whether it declares
struct dn_naddr; if so, include it, rather than defining the structure
ourselves.
Don't define union etheraddr ourselves; we only need to define an
etheraddr typedef. That avoids colliding with a libdnet header
definition of union etheraddr. (When we use etheraddr, we care about
what's on the wire, and we don't rely on system headers to tell us
what's on the wire.)
|
|
|
This matches what was done with libpcap; it's what autoconf prefers.
|
