Re: [Wireshark-dev] [Wireshark-commits] rev 20353: /trunk/ /trunk/epan/crypt/: Makefile.common hmac.c hmac.h /trunk/epan/dissectors/: packet-snmp.c packet-snmp.h /trunk/epan/: Makefile.am Makefile.common /trunk/asn1/snmp/: packet-snmp-template.c ...

Tue, 09 Jan 2007 10:43:19 -0800 

Here we go!

what's missing is:

* auth SHA1 -- RFC3414 section 7
* crypt AES -- RFC3826

* localized key cahching -- so that if a (mentally stable) system
administrator uses the same username/password for all nodes in a
network he has to add just one line to the users file, instead of one
for each authoritative engine as it works now. We want to do caching
instead of calculating the localized key every time because key
localization is a very intensive task)

sha1 and aes are (relatively) simple implementations (one function
mimics md5 the other one does  the same with des), if you (or someone
else) takes care of those I'll go for the caching and we can get it
out complete very soon.

Testing with broken packets is welcome too, fuzz testing it against a
wide capture library would help but hand-crafted malformed packets
tests would have better aim.

However the most important test to be done is that it does no harm
while disabled. Weird runtime linking problems disallow me to build
with net-snmp so I cannot test it that way. I do not think that
net-snmp changes anything for this but verifying that everything that
worked before works afterwards it's a must.

Luis

On 1/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=20353
>
> User: lego
> Date: 2007/01/09 06:38 PM
>
> Log:
>  SNMPv3 USM decryption/authentication phase 1
>
> Directory: /trunk/epan/crypt/
>   Changes    Path               Action
>   +3 -1      Makefile.common    Modified
>   +120 -0    hmac.c             Added
>   +34 -0     hmac.h             Added
>
> Directory: /trunk/epan/dissectors/
>   Changes    Path             Action
>   +603 -122  packet-snmp.c    Modified
>   +73 -0     packet-snmp.h    Modified
>
> Directory: /trunk/epan/
>   Changes    Path               Action
>   +5 -0      Makefile.am        Modified
>   +1 -0      Makefile.common    Modified
>
> Directory: /trunk/asn1/snmp/
>   Changes    Path                      Action
>   +436 -8    packet-snmp-template.c    Modified
>   +73 -0     packet-snmp-template.h    Modified
>   +103 -20   snmp.cnf                  Modified
>
> _______________________________________________
> Wireshark-commits mailing list
> Wireshark-commits@wireshark.org
> http://www.wireshark.org/mailman/listinfo/wireshark-commits
>


-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Reply via email to