Wireshark · Ethereal-dev: SV: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload

["Anders Broman" <a.broman@xxxxxxxxx>]

Hi,
I have checked in your patch with a change:
#ifdef HAVE_LIBCRYPT
#define __USE_LIBGCRYPT__ 
#endif
(Please check if that's correct).

Can you please put the information from the readme file on the wiki protocol
pages.
Brg
Anders

-----Ursprungligt meddelande-----
Från: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] För Frederic Roudaut
Skickat: den 25 februari 2006 14:02
Till: Ethereal development
Kopia: Ethereal development
Ämne: RE: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload


Hi


I just add a #define __USE_LIBGCRYPT__ that you have to set to be able to
decrypt ESP payload. Otherwise if not, the original IPSEC dissector is
compiled. I also notice that on current stable Ethereal versions gnutls is
not linked.
Thus you have to install libgcrypt and do:

LDFLAGS=-lgcrypt ./configure && make

For windows you should get:

http://gnunet.org/download/win/libgcrypt-1.2.1.zip

and do something similar.

Best regards
---
Frederic


> Paolo,
>
> is there a way to compile the dissector with windows. The sourceforge rep
> (gnutls-win32-msvc.tgz) does not include the winposixtype.h and the
> gcrypt.h.
>
> TIA
>
> Thomas
>
>
>> --- Ursprüngliche Nachricht ---
>> Von: "Filonenko Alexander-AAF013" <AAF013@xxxxxxxxxxxx>
>> An: "Ethereal development" <ethereal-dev@xxxxxxxxxxxx>
>> Betreff: RE: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload
>> Datum: Fri, 24 Feb 2006 17:42:44 -0500
>>
>> Frederic,
>>
>> I find IPsec functionality you have added to the dissector very useful.
>> Hope I can provide you with some feedback in a few weeks.
>>
>> Thank you,
>> Alex Filonenko
>>
>> > -----Original Message-----
>> > From: ethereal-dev-bounces@xxxxxxxxxxxx
>> > [mailto:ethereal-dev-bounces@xxxxxxxxxxxx] On Behalf Of
>> > Frederic Roudaut
>> > Sent: Friday, February 24, 2006 10:01 AM
>> > To: Ethereal development
>> > Subject: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload
>> >
>> >
>> > Hi,
>> >
>> > finally, I have updated my dissector using libgcrypt.
>> > It does not use openssl anymore.
>> > If gnutls is installed, all should work.
>> > Thus, now it should decrypt and dissect
>> > (transport/tunnel/several encapsulations ...) :
>> >
>> > - NULL Encryption Algorithm
>> > - TripleDES-CBC [RFC2451] : keylen 192 bits.
>> > - AES-CBC with 128-bit keys [RFC3602] : keylen 128 and 192/256 bits.
>> > - AES-CTR [RFC3686] : keylen 160/224/288 bits. The remaining
>> > 32 bits will be used as nonce.
>> > - DES-CBC [RFC2405] : keylen 64 bits
>> >
>> > I also have added :
>> >
>> > - BLOWFISH-CBC : keylen 128 bits.
>> > - TWOFISH-CBC : keylen 128/256 bits.
>> >
>> > You have to indicate the Authentication algorithm even if all
>> > Algorithms since it uses 12 bytes in the Auth field should
>> > work (have a look to the README to understand why I put it
>> > ;-) ). If you consider I have to throw it away please tell me.
>> >
>> > HMAC-SHA1-96 [RFC2404]
>> > NULL
>> > AES-XCBC-MAC-96 [RFC3566]
>> > HMAC-MD5-96 [RFC2403]
>> >
>> > In the attachment you will get :
>> > - this dissector
>> > - a new README
>> > - some example capture files with associated preferences
>> > files (and setkey config files)
>> >
>> >
>> > Best Regards,
>> >
>> >
>> > ----
>> > Frederic
>> >
>> >
>> >
>> >
>> >
>> >
>> > --
>> > Frédéric ROUDAUT
>> > IRISA-INRIA, Campus de Beaulieu, 35042 Rennes cedex, France
>> > Tl: +33 (0) 2 99 84 71 44, Fax: +33 (0) 2 99 84 71 71
>> >
>> >
>> _______________________________________________
>> Ethereal-dev mailing list
>> Ethereal-dev@xxxxxxxxxxxx
>> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>>
>
> --
> DSL-Aktion wegen großer Nachfrage bis 28.2.2006 verlängert:
> GMX DSL-Flatrate 1 Jahr kostenlos* http://www.gmx.net/de/go/dsl
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>