Date: Wed, 21 Sep 2005 10:26:11 -0700 From: othermark <atkin901@yahoo.com> To: freebsd-net@freebsd.org Subject: Re: rfc2385 (tcp md5 checksums) in -current broken? Message-ID: <dgs53j$348$1@sea.gmane.org> References: <dgp7lk$sov$1@sea.gmane.org> <20050921.012626.74752754.Noritoshi@Demizu.ORG> <20050921.161113.59648691.Noritoshi@Demizu.ORG> <20050921.184114.115904070.Noritoshi@Demizu.ORG>
next in thread | previous in thread | raw e-mail | index | archive | help
Noritoshi Demizu wrote: > --- print-tcp.c-ORG Thu Apr 21 15:36:05 2005 > +++ print-tcp.c Wed Sep 21 18:43:51 2005 > @@ -799,7 +799,7 @@ > MD5_Update(&ctx, tcpmd5secret, strlen(tcpmd5secret)); > MD5_Final(sig, &ctx); > > - if (memcmp(rcvsig, sig, 16)) > + if (memcmp(rcvsig, sig, TCP_SIGLEN) == 0) > return (SIGNATURE_VALID); > else > return (SIGNATURE_INVALID); The original code there certainly looks wrong! After patching, FreeBSD's checksum returns valid. I'll have to see what's up with the originating checksum. Many Thanks! -- othermark atkin901 at nospam dot yahoo dot com (!wired)?(coffee++):(wired);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?dgs53j$348$1>