diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2017-02-09 15:00:19 +0100 |
|---|---|---|
| committer | Peter Wu <peter@lekensteyn.nl> | 2017-02-13 18:35:47 +0000 |
| commit | 6b84ddee83e70aff944da084129624226b7a32fa (patch) | |
| tree | 7cac052f5b5adb25c301b9974e79a334aa36b13b /epan/dissectors | |
| parent | b5610a0436f332c664a91b86cb5326f24601bbf1 (diff) | |
| download | wireshark-6b84ddee83e70aff944da084129624226b7a32fa.tar.gz | |
Make Libgcrypt a mandatory dependency
Removed all guards for HAVE_LIBGCRYPT, change autotools and CMake to
error out if it is not available. Update release notes, developer
documentation and README with the new status. Clarify relation with
GnuTLS in macosx-setup.sh. Install Libgcrypt via brew script.
Motivation for this change is that many dissectors depend on Libgcrypt
and having it optional increases the maintenance burden (there have been
several compile issues in the past due to the optional status).
Furthermore, wsutil has crypto code that can be replaced by Libgcrypt.
Change-Id: Idf0021b8c4cd5db70b8766f7dcc2a8b3acbf042f
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20030
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/dissectors')
| -rw-r--r-- | epan/dissectors/asn1/c1222/c1222.cnf | 2 | ||||
| -rw-r--r-- | epan/dissectors/asn1/c1222/packet-c1222-template.c | 33 | ||||
| -rw-r--r-- | epan/dissectors/asn1/pkcs12/packet-pkcs12-template.c | 10 | ||||
| -rw-r--r-- | epan/dissectors/asn1/snmp/packet-snmp-template.c | 30 | ||||
| -rw-r--r-- | epan/dissectors/packet-c1222.c | 43 | ||||
| -rw-r--r-- | epan/dissectors/packet-dof.c | 4 | ||||
| -rw-r--r-- | epan/dissectors/packet-dtls.c | 10 | ||||
| -rw-r--r-- | epan/dissectors/packet-dvbci.c | 18 | ||||
| -rw-r--r-- | epan/dissectors/packet-ieee802154.c | 17 | ||||
| -rw-r--r-- | epan/dissectors/packet-ipsec.c | 30 | ||||
| -rw-r--r-- | epan/dissectors/packet-isakmp.c | 105 | ||||
| -rw-r--r-- | epan/dissectors/packet-lwm.c | 10 | ||||
| -rw-r--r-- | epan/dissectors/packet-pdcp-lte.c | 11 | ||||
| -rw-r--r-- | epan/dissectors/packet-pkcs12.c | 18 | ||||
| -rw-r--r-- | epan/dissectors/packet-smb2.c | 16 | ||||
| -rw-r--r-- | epan/dissectors/packet-snmp.c | 36 | ||||
| -rw-r--r-- | epan/dissectors/packet-ssl-utils.c | 115 | ||||
| -rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 25 | ||||
| -rw-r--r-- | epan/dissectors/packet-ssl.c | 8 | ||||
| -rw-r--r-- | epan/dissectors/packet-zbee-security.c | 26 |
20 files changed, 52 insertions, 515 deletions
diff --git a/epan/dissectors/asn1/c1222/c1222.cnf b/epan/dissectors/asn1/c1222/c1222.cnf index d3d4fb8da5..07c2af8e73 100644 --- a/epan/dissectors/asn1/c1222/c1222.cnf +++ b/epan/dissectors/asn1/c1222/c1222.cnf @@ -97,9 +97,7 @@ AE-qualifier TYPE=FT_UINT32 FILL_TABLE(iv_element); #.FN_BODY MESSAGE -/**/#ifdef HAVE_LIBGCRYPT clear_canon(); -/**/#endif %(DEFAULT_BODY)s #.END diff --git a/epan/dissectors/asn1/c1222/packet-c1222-template.c b/epan/dissectors/asn1/c1222/packet-c1222-template.c index 7fdea6f5b1..cb9174824d 100644 --- a/epan/dissectors/asn1/c1222/packet-c1222-template.c +++ b/epan/dissectors/asn1/c1222/packet-c1222-template.c @@ -146,7 +146,6 @@ static int ett_c1222_flags = -1; static int ett_c1222_crypto = -1; static int ett_c1222_cmd = -1; -#ifdef HAVE_LIBGCRYPT /* these pointers are for the header elements that may be needed to verify the crypto */ static guint8 *aSO_context = NULL; static guint8 *called_AP_title = NULL; @@ -172,18 +171,13 @@ static guint32 user_information_len = 0; static guint32 calling_AP_title_len = 0; static guint32 key_id_element_len = 0; static guint32 iv_element_len = 0; -#endif /* HAVE_LIBGCRYPT */ #include "packet-c1222-ett.c" static expert_field ei_c1222_command_truncated = EI_INIT; static expert_field ei_c1222_bad_checksum = EI_INIT; static expert_field ei_c1222_epsem_missing = EI_INIT; -#ifdef HAVE_LIBGCRYPT static expert_field ei_c1222_epsem_failed_authentication = EI_INIT; -#else -static expert_field ei_c1222_epsem_not_authenticated = EI_INIT; -#endif static expert_field ei_c1222_epsem_not_decryped = EI_INIT; static expert_field ei_c1222_ed_class_missing = EI_INIT; static expert_field ei_c1222_epsem_ber_length_error = EI_INIT; @@ -192,9 +186,7 @@ static expert_field ei_c1222_mac_missing = EI_INIT; /* Preferences */ static gboolean c1222_desegment = TRUE; -#ifdef HAVE_LIBGCRYPT static gboolean c1222_decrypt = TRUE; -#endif static const gchar *c1222_baseoid_str = NULL; static guint8 *c1222_baseoid = NULL; static guint c1222_baseoid_len = 0; @@ -283,7 +275,6 @@ static const value_string commandnames[] = { { 0, NULL } }; -#ifdef HAVE_LIBGCRYPT /* these are for the key tables */ typedef struct _c1222_uat_data { guint keynum; @@ -326,12 +317,6 @@ static uat_t *c1222_uat; fieldname##_len = length; \ break; \ } -#else /* HAVE_LIBGCRYPT */ -#define FILL_TABLE(fieldname) -#define FILL_TABLE_TRUNCATE(fieldname, len) -#define FILL_TABLE_APTITLE(fieldname) -#define FILL_START -#endif /* HAVE_LIBGCRYPT */ /*------------------------------ * Function Prototypes @@ -629,7 +614,6 @@ parse_c1222_detailed(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int cm } } -#ifdef HAVE_LIBGCRYPT typedef struct tagTOP_ELEMENT_CONTROL { /* TRUE if this tag is required */ @@ -850,7 +834,6 @@ decrypt_packet(guchar *buffer, guint32 length, gboolean decrypt) } return status; } -#endif /* HAVE_LIBGCRYPT */ /** * Checks to make sure that a complete, valid BER-encoded length is in the buffer. @@ -914,9 +897,7 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ gint len2; int cmd_err; gboolean ind; -#ifdef HAVE_LIBGCRYPT guchar *buffer; -#endif tvbuff_t *epsem_buffer = NULL; gboolean crypto_good = FALSE; gboolean crypto_bad = FALSE; @@ -939,7 +920,6 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ if (len2 <= 0) return offset; encrypted = TRUE; -#ifdef HAVE_LIBGCRYPT if (c1222_decrypt) { buffer = (guchar *)tvb_memdup(pinfo->pool, tvb, offset, len2); if (!decrypt_packet(buffer, len2, TRUE)) { @@ -952,7 +932,6 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ encrypted = FALSE; } } -#endif break; case EAX_MODE_CLEARTEXT_AUTH: /* mode is cleartext with authentication */ @@ -961,7 +940,6 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ if (len2 <= 0) return offset; epsem_buffer = tvb_new_subset_remaining(tvb, offset); -#ifdef HAVE_LIBGCRYPT buffer = (guchar *)tvb_memdup(wmem_packet_scope(), tvb, offset, len2); if (c1222_decrypt) { if (!decrypt_packet(buffer, len2, FALSE)) { @@ -971,9 +949,6 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ crypto_good = TRUE; } } -#else /* HAVE_LIBGCRYPT */ - expert_add_info(pinfo, tree, &ei_c1222_epsem_not_authenticated); -#endif /* HAVE_LIBGCRYPT */ break; default: /* it's not encrypted */ @@ -1341,11 +1316,7 @@ void proto_register_c1222(void) { { &ei_c1222_command_truncated, { "c1222.command_truncated", PI_MALFORMED, PI_ERROR, "C12.22 command truncated", EXPFILL }}, { &ei_c1222_bad_checksum, { "c1222.bad_checksum", PI_CHECKSUM, PI_ERROR, "Bad checksum", EXPFILL }}, { &ei_c1222_epsem_missing, { "c1222.epsem.missing", PI_MALFORMED, PI_ERROR, "C12.22 EPSEM missing", EXPFILL }}, -#ifdef HAVE_LIBGCRYPT { &ei_c1222_epsem_failed_authentication, { "c1222.epsem.failed_authentication", PI_SECURITY, PI_ERROR, "C12.22 EPSEM failed authentication", EXPFILL }}, -#else - { &ei_c1222_epsem_not_authenticated, { "c1222.epsem.not_authenticated", PI_SECURITY, PI_WARN, "C12.22 EPSEM could not be authenticated", EXPFILL }}, -#endif { &ei_c1222_epsem_not_decryped, { "c1222.epsem.not_decryped", PI_UNDECODED, PI_WARN, "C12.22 EPSEM could not be decrypted", EXPFILL }}, { &ei_c1222_ed_class_missing, { "c1222.ed_class_missing", PI_SECURITY, PI_ERROR, "C12.22 ED Class missing", EXPFILL }}, { &ei_c1222_epsem_ber_length_error, { "c1222.epsem.ber_length_error", PI_MALFORMED, PI_ERROR, "C12.22 EPSEM BER length error", EXPFILL }}, @@ -1356,13 +1327,11 @@ void proto_register_c1222(void) { expert_module_t* expert_c1222; module_t *c1222_module; -#ifdef HAVE_LIBGCRYPT static uat_field_t c1222_uat_flds[] = { UAT_FLD_HEX(c1222_users,keynum,"Key ID","Key identifier in hexadecimal"), UAT_FLD_BUFFER(c1222_users, key, "Key", "Encryption key as 16-byte hex string"), UAT_END_FIELDS }; -#endif /* HAVE_LIBGCRYPT */ /* Register protocol */ proto_c1222 = proto_register_protocol(PNAME, PSNAME, PFNAME); @@ -1379,7 +1348,6 @@ void proto_register_c1222(void) { prefs_register_string_preference(c1222_module, "baseoid", "Base OID to use for relative OIDs", "Base object identifier for use in resolving relative object identifiers", &c1222_baseoid_str); -#ifdef HAVE_LIBGCRYPT prefs_register_bool_preference(c1222_module, "decrypt", "Verify crypto for all applicable C12.22 messages", "Whether the C12.22 dissector should verify the crypto for all relevant messages", @@ -1405,7 +1373,6 @@ void proto_register_c1222(void) { "Decryption Table", "Table of security parameters for decryption of C12.22 packets", c1222_uat); -#endif /* HAVE_LIBGCRYPT */ } /*--- proto_reg_handoff_c1222 ---------------------------------------*/ diff --git a/epan/dissectors/asn1/pkcs12/packet-pkcs12-template.c b/epan/dissectors/asn1/pkcs12/packet-pkcs12-template.c index bff6cee915..cce82d553b 100644 --- a/epan/dissectors/asn1/pkcs12/packet-pkcs12-template.c +++ b/epan/dissectors/asn1/pkcs12/packet-pkcs12-template.c @@ -85,8 +85,6 @@ static void append_oid(proto_tree *tree, const char *oid) proto_item_append_text(tree, " (%s)", name ? name : oid); } -#ifdef HAVE_LIBGCRYPT - static int generate_key_or_iv(unsigned int id, tvbuff_t *salt_tvb, unsigned int iter, const char *pw, unsigned int req_keylen, char * keybuf) @@ -209,8 +207,6 @@ generate_key_or_iv(unsigned int id, tvbuff_t *salt_tvb, unsigned int iter, } } -#endif - void PBE_reset_parameters(void) { iteration_count = 0; @@ -219,7 +215,6 @@ void PBE_reset_parameters(void) int PBE_decrypt_data(const char *object_identifier_id_param _U_, tvbuff_t *encrypted_tvb _U_, packet_info *pinfo _U_, asn1_ctx_t *actx _U_, proto_item *item _U_) { -#ifdef HAVE_LIBGCRYPT const char *encryption_algorithm; gcry_cipher_hd_t cipher; gcry_error_t err; @@ -373,11 +368,6 @@ int PBE_decrypt_data(const char *object_identifier_id_param _U_, tvbuff_t *encry call_ber_oid_callback(object_identifier_id_param, clear_tvb, 0, actx->pinfo, tree, NULL); return TRUE; -#else - /* we cannot decrypt */ - return FALSE; - -#endif } #include "packet-pkcs12-fn.c" diff --git a/epan/dissectors/asn1/snmp/packet-snmp-template.c b/epan/dissectors/asn1/snmp/packet-snmp-template.c index 13719286a4..3665a761fd 100644 --- a/epan/dissectors/asn1/snmp/packet-snmp-template.c +++ b/epan/dissectors/asn1/snmp/packet-snmp-template.c @@ -1649,9 +1649,8 @@ snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_a } static tvbuff_t* -snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, packet_info *pinfo _U_, gchar const** error _U_) +snmp_usm_priv_des(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) { -#ifdef HAVE_LIBGCRYPT gcry_error_t err; gcry_cipher_hd_t hd = NULL; @@ -1716,13 +1715,8 @@ on_gcry_error: *error = (const gchar *)gpg_strerror(err); if (hd) gcry_cipher_close(hd); return NULL; -#else - *error = "libgcrypt not present, cannot decrypt"; - return NULL; -#endif } -#ifdef HAVE_LIBGCRYPT static tvbuff_t* snmp_usm_priv_aes_common(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error, int algo) { @@ -1787,39 +1781,23 @@ on_gcry_error: if (hd) gcry_cipher_close(hd); return NULL; } -#endif static tvbuff_t* -snmp_usm_priv_aes128(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, packet_info *pinfo _U_, gchar const** error) +snmp_usm_priv_aes128(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) { -#ifdef HAVE_LIBGCRYPT return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES); -#else - *error = "libgcrypt not present, cannot decrypt"; - return NULL; -#endif } static tvbuff_t* -snmp_usm_priv_aes192(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, packet_info *pinfo _U_, gchar const** error) +snmp_usm_priv_aes192(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) { -#ifdef HAVE_LIBGCRYPT return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES192); -#else - *error = "libgcrypt not present, cannot decrypt"; - return NULL; -#endif } static tvbuff_t* -snmp_usm_priv_aes256(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, packet_info *pinfo _U_, gchar const** error) +snmp_usm_priv_aes256(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) { -#ifdef HAVE_LIBGCRYPT return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES256); -#else - *error = "libgcrypt not present, cannot decrypt"; - return NULL; -#endif } static gboolean diff --git a/epan/dissectors/packet-c1222.c b/epan/dissectors/packet-c1222.c index 98c8163573..a696c45a33 100644 --- a/epan/dissectors/packet-c1222.c +++ b/epan/dissectors/packet-c1222.c @@ -184,7 +184,6 @@ static int ett_c1222_flags = -1; static int ett_c1222_crypto = -1; static int ett_c1222_cmd = -1; -#ifdef HAVE_LIBGCRYPT /* these pointers are for the header elements that may be needed to verify the crypto */ static guint8 *aSO_context = NULL; static guint8 *called_AP_title = NULL; @@ -210,7 +209,6 @@ static guint32 user_information_len = 0; static guint32 calling_AP_title_len = 0; static guint32 key_id_element_len = 0; static guint32 iv_element_len = 0; -#endif /* HAVE_LIBGCRYPT */ /*--- Included file: packet-c1222-ett.c ---*/ @@ -225,16 +223,12 @@ static gint ett_c1222_Calling_authentication_value_c1222_U = -1; static gint ett_c1222_Calling_authentication_value_c1221_U = -1; /*--- End of included file: packet-c1222-ett.c ---*/ -#line 178 "./asn1/c1222/packet-c1222-template.c" +#line 176 "./asn1/c1222/packet-c1222-template.c" static expert_field ei_c1222_command_truncated = EI_INIT; static expert_field ei_c1222_bad_checksum = EI_INIT; static expert_field ei_c1222_epsem_missing = EI_INIT; -#ifdef HAVE_LIBGCRYPT static expert_field ei_c1222_epsem_failed_authentication = EI_INIT; -#else -static expert_field ei_c1222_epsem_not_authenticated = EI_INIT; -#endif static expert_field ei_c1222_epsem_not_decryped = EI_INIT; static expert_field ei_c1222_ed_class_missing = EI_INIT; static expert_field ei_c1222_epsem_ber_length_error = EI_INIT; @@ -243,9 +237,7 @@ static expert_field ei_c1222_mac_missing = EI_INIT; /* Preferences */ static gboolean c1222_desegment = TRUE; -#ifdef HAVE_LIBGCRYPT static gboolean c1222_decrypt = TRUE; -#endif static const gchar *c1222_baseoid_str = NULL; static guint8 *c1222_baseoid = NULL; static guint c1222_baseoid_len = 0; @@ -334,7 +326,6 @@ static const value_string commandnames[] = { { 0, NULL } }; -#ifdef HAVE_LIBGCRYPT /* these are for the key tables */ typedef struct _c1222_uat_data { guint keynum; @@ -377,12 +368,6 @@ static uat_t *c1222_uat; fieldname##_len = length; \ break; \ } -#else /* HAVE_LIBGCRYPT */ -#define FILL_TABLE(fieldname) -#define FILL_TABLE_TRUNCATE(fieldname, len) -#define FILL_TABLE_APTITLE(fieldname) -#define FILL_START -#endif /* HAVE_LIBGCRYPT */ /*------------------------------ * Function Prototypes @@ -680,7 +665,6 @@ parse_c1222_detailed(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int cm } } -#ifdef HAVE_LIBGCRYPT typedef struct tagTOP_ELEMENT_CONTROL { /* TRUE if this tag is required */ @@ -901,7 +885,6 @@ decrypt_packet(guchar *buffer, guint32 length, gboolean decrypt) } return status; } -#endif /* HAVE_LIBGCRYPT */ /** * Checks to make sure that a complete, valid BER-encoded length is in the buffer. @@ -965,9 +948,7 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ gint len2; int cmd_err; gboolean ind; -#ifdef HAVE_LIBGCRYPT guchar *buffer; -#endif tvbuff_t *epsem_buffer = NULL; gboolean crypto_good = FALSE; gboolean crypto_bad = FALSE; @@ -990,7 +971,6 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ if (len2 <= 0) return offset; encrypted = TRUE; -#ifdef HAVE_LIBGCRYPT if (c1222_decrypt) { buffer = (guchar *)tvb_memdup(pinfo->pool, tvb, offset, len2); if (!decrypt_packet(buffer, len2, TRUE)) { @@ -1003,7 +983,6 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ encrypted = FALSE; } } -#endif break; case EAX_MODE_CLEARTEXT_AUTH: /* mode is cleartext with authentication */ @@ -1012,7 +991,6 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ if (len2 <= 0) return offset; epsem_buffer = tvb_new_subset_remaining(tvb, offset); -#ifdef HAVE_LIBGCRYPT buffer = (guchar *)tvb_memdup(wmem_packet_scope(), tvb, offset, len2); if (c1222_decrypt) { if (!decrypt_packet(buffer, len2, FALSE)) { @@ -1022,9 +1000,6 @@ dissect_epsem(tvbuff_t *tvb, int offset, guint32 len, packet_info *pinfo, proto_ crypto_good = TRUE; } } -#else /* HAVE_LIBGCRYPT */ - expert_add_info(pinfo, tree, &ei_c1222_epsem_not_authenticated); -#endif /* HAVE_LIBGCRYPT */ break; default: /* it's not encrypted */ @@ -1536,9 +1511,7 @@ dissect_c1222_MESSAGE_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset static int dissect_c1222_MESSAGE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { #line 100 "./asn1/c1222/c1222.cnf" -/**/#ifdef HAVE_LIBGCRYPT clear_canon(); -/**/#endif offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset, hf_index, BER_CLASS_APP, 0, TRUE, dissect_c1222_MESSAGE_U); @@ -1559,7 +1532,7 @@ static int dissect_MESSAGE_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_ /*--- End of included file: packet-c1222-fn.c ---*/ -#line 1041 "./asn1/c1222/packet-c1222-template.c" +#line 1016 "./asn1/c1222/packet-c1222-template.c" /** * Dissects a a full (reassembled) C12.22 message. @@ -1951,7 +1924,7 @@ void proto_register_c1222(void) { "OCTET_STRING_SIZE_CONSTR002", HFILL }}, /*--- End of included file: packet-c1222-hfarr.c ---*/ -#line 1328 "./asn1/c1222/packet-c1222-template.c" +#line 1303 "./asn1/c1222/packet-c1222-template.c" }; /* List of subtrees */ @@ -1974,18 +1947,14 @@ void proto_register_c1222(void) { &ett_c1222_Calling_authentication_value_c1221_U, /*--- End of included file: packet-c1222-ettarr.c ---*/ -#line 1338 "./asn1/c1222/packet-c1222-template.c" +#line 1313 "./asn1/c1222/packet-c1222-template.c" }; static ei_register_info ei[] = { { &ei_c1222_command_truncated, { "c1222.command_truncated", PI_MALFORMED, PI_ERROR, "C12.22 command truncated", EXPFILL }}, { &ei_c1222_bad_checksum, { "c1222.bad_checksum", PI_CHECKSUM, PI_ERROR, "Bad checksum", EXPFILL }}, { &ei_c1222_epsem_missing, { "c1222.epsem.missing", PI_MALFORMED, PI_ERROR, "C12.22 EPSEM missing", EXPFILL }}, -#ifdef HAVE_LIBGCRYPT { &ei_c1222_epsem_failed_authentication, { "c1222.epsem.failed_authentication", PI_SECURITY, PI_ERROR, "C12.22 EPSEM failed authentication", EXPFILL }}, -#else - { &ei_c1222_epsem_not_authenticated, { "c1222.epsem.not_authenticated", PI_SECURITY, PI_WARN, "C12.22 EPSEM could not be authenticated", EXPFILL }}, -#endif { &ei_c1222_epsem_not_decryped, { "c1222.epsem.not_decryped", PI_UNDECODED, PI_WARN, "C12.22 EPSEM could not be decrypted", EXPFILL }}, { &ei_c1222_ed_class_missing, { "c1222.ed_class_missing", PI_SECURITY, PI_ERROR, "C12.22 ED Class missing", EXPFILL }}, { &ei_c1222_epsem_ber_length_error, { "c1222.epsem.ber_length_error", PI_MALFORMED, PI_ERROR, "C12.22 EPSEM BER length error", EXPFILL }}, @@ -1996,13 +1965,11 @@ void proto_register_c1222(void) { expert_module_t* expert_c1222; module_t *c1222_module; -#ifdef HAVE_LIBGCRYPT static uat_field_t c1222_uat_flds[] = { UAT_FLD_HEX(c1222_users,keynum,"Key ID","Key identifier in hexadecimal"), UAT_FLD_BUFFER(c1222_users, key, "Key", "Encryption key as 16-byte hex string"), UAT_END_FIELDS }; -#endif /* HAVE_LIBGCRYPT */ /* Register protocol */ proto_c1222 = proto_register_protocol(PNAME, PSNAME, PFNAME); @@ -2019,7 +1986,6 @@ void proto_register_c1222(void) { prefs_register_string_preference(c1222_module, "baseoid", "Base OID to use for relative OIDs", "Base object identifier for use in resolving relative object identifiers", &c1222_baseoid_str); -#ifdef HAVE_LIBGCRYPT prefs_register_bool_preference(c1222_module, "decrypt", "Verify crypto for all applicable C12.22 messages", "Whether the C12.22 dissector should verify the crypto for all relevant messages", @@ -2045,7 +2011,6 @@ void proto_register_c1222(void) { "Decryption Table", "Table of security parameters for decryption of C12.22 packets", c1222_uat); -#endif /* HAVE_LIBGCRYPT */ } /*--- proto_reg_handoff_c1222 ---------------------------------------*/ diff --git a/epan/dissectors/packet-dof.c b/epan/dissectors/packet-dof.c index 12def11191..dda9d743ee 100644 --- a/epan/dissectors/packet-dof.c +++ b/epan/dissectors/packet-dof.c @@ -193,12 +193,10 @@ #include <stdio.h> #include <glib.h> -#ifdef HAVE_LIBGCRYPT #include <wsutil/wsgcrypt.h> -#if (defined GCRYPT_VERSION_NUMBER) && (GCRYPT_VERSION_NUMBER >= 0x010600) +#if GCRYPT_VERSION_NUMBER >= 0x010600 /* 1.6.0 */ #define LIBGCRYPT_OK #endif -#endif #include <epan/packet.h> #include <epan/proto.h> diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c index 0a1be9aaac..ce56201c6f 100644 --- a/epan/dissectors/packet-dtls.c +++ b/epan/dissectors/packet-dtls.c @@ -168,9 +168,7 @@ static FILE *dtls_keylog_file = NULL; static uat_t *dtlsdecrypt_uat = NULL; static const gchar *dtls_keys_list = NULL; static ssl_common_options_t dtls_options = { NULL, NULL}; -#ifdef HAVE_LIBGCRYPT static const gchar *dtls_debug_file_name = NULL; -#endif static heur_dissector_list_t heur_subdissector_list; @@ -275,7 +273,7 @@ dtls_parse_uat(void) dissector_add_for_decode_as("udp.port", dtls_handle); } -#if defined(HAVE_LIBGCRYPT) && defined(HAVE_LIBGNUTLS) +#if defined(HAVE_LIBGNUTLS) static void dtls_reset_uat(void) { @@ -1560,7 +1558,7 @@ looks_like_dtls(tvbuff_t *tvb, guint32 offset) /* UAT */ -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) static void dtlsdecrypt_free_cb(void* r) { @@ -1582,7 +1580,7 @@ dtlsdecrypt_update_cb(void* r _U_, const char** err _U_) } #endif -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) static void * dtlsdecrypt_copy_cb(void* dest, const void* orig, size_t len _U_) { @@ -1891,7 +1889,6 @@ proto_register_dtls(void) expert_dtls = expert_register_protocol(proto_dtls); expert_register_field_array(expert_dtls, ei, array_length(ei)); -#ifdef HAVE_LIBGCRYPT { module_t *dtls_module = prefs_register_protocol(proto_dtls, proto_reg_handoff_dtls); @@ -1937,7 +1934,6 @@ proto_register_dtls(void) &dtls_keys_list); ssl_common_register_options(dtls_module, &dtls_options); } -#endif dtls_handle = register_dissector("dtls", dissect_dtls, proto_dtls); diff --git a/epan/dissectors/packet-dvbci.c b/epan/dissectors/packet-dvbci.c index 6940ad331f..1207c312ab 100644 --- a/epan/dissectors/packet-dvbci.c +++ b/epan/dissectors/packet-dvbci.c @@ -2356,7 +2356,6 @@ dissect_cc_data_payload(guint32 tag, tvbuff_t *tvb, gint offset, } -#ifdef HAVE_LIBGCRYPT /* convert a 0-terminated preference key_string that contains a hex number * into its binary representation * e.g. key_string "abcd" will be converted into two bytes 0xab, 0xcd @@ -2435,23 +2434,6 @@ end: return clear_tvb; } -#else -/* HAVE_LIBGCRYPT is not set */ -static gint -pref_key_string_to_bin(const gchar *key_string _U_, unsigned char **key_bin _U_) -{ - return 0; -} - -static tvbuff_t * -decrypt_sac_msg_body(packet_info *pinfo _U_, guint8 enc_cip _U_, - tvbuff_t *encrypted_tvb _U_, gint offset _U_, gint len _U_) -{ - return NULL; -} - -#endif - /* dissect a text string that is encoded according to DVB-SI (EN 300 468) */ static void diff --git a/epan/dissectors/packet-ieee802154.c b/epan/dissectors/packet-ieee802154.c index 7cd95e0fbb..154c01dc3c 100644 --- a/epan/dissectors/packet-ieee802154.c +++ b/epan/dissectors/packet-ieee802154.c @@ -3160,7 +3160,6 @@ ccm_init_block(gchar *block, gboolean adata, gint M, guint64 addr, ieee802154_pa *@param length Length of the buffer. *@return TRUE on SUCCESS, FALSE on error. */ -#ifdef HAVE_LIBGCRYPT static gboolean ccm_ctr_encrypt(const gchar *key, const gchar *iv, gchar *mic, gchar *data, gint length) { @@ -3196,13 +3195,6 @@ ccm_ctr_encrypt(const gchar *key, const gchar *iv, gchar *mic, gchar *data, gint gcry_cipher_close(cipher_hd); return TRUE; } /* ccm_ctr_encrypt */ -#else -static gboolean -ccm_ctr_encrypt(const gchar *key _U_, const gchar *iv _U_, gchar *mic _U_, gchar *data _U_, gint length _U_) -{ - return FALSE; -} -#endif /* HAVE_LIBGCRYPT */ /** *Generate a CBC-MAC of the decrypted payload and additional authentication headers. @@ -3215,7 +3207,6 @@ ccm_ctr_encrypt(const gchar *key _U_, const gchar *iv _U_, gchar *mic _U_, gchar *@param mic Output for CBC-MAC. *@return TRUE on SUCCESS, FALSE on error. */ -#ifdef HAVE_LIBGCRYPT static gboolean ccm_cbc_mac(const gchar *key, const gchar *iv, const gchar *a, gint a_len, const gchar *m, gint m_len, gchar *mic) { @@ -3313,14 +3304,6 @@ ccm_cbc_mac(const gchar *key, const gchar *iv, const gchar *a, gint a_len, const gcry_cipher_close(cipher_hd); return TRUE; } /* ccm_cbc_mac */ -#else -static gboolean -ccm_cbc_mac(const gchar *key _U_, const gchar *iv _U_, - const gchar *a _U_, gint a_len _U_, const gchar *m _U_, gint m_len _U_, gchar *mic _U_) -{ - return FALSE; -} -#endif /* HAVE_LIBGCRYPT */ /* Key hash function. */ guint ieee802154_short_addr_hash(gconstpointer key) diff --git a/epan/dissectors/packet-ipsec.c b/epan/dissectors/packet-ipsec.c index 3d72158857..24be677afb 100644 --- a/epan/dissectors/packet-ipsec.c +++ b/epan/dissectors/packet-ipsec.c @@ -81,12 +81,9 @@ ADD: Additional generic (non-checked) ICV length of 128, 192 and 256. #include <epan/decode_as.h> #include <epan/capture_dissectors.h> -/* If you want to be able to decrypt or Check Authentication of ESP packets you MUST define this : */ -#ifdef HAVE_LIBGCRYPT #include <stdio.h> #include <epan/uat.h> #include <wsutil/wsgcrypt.h> -#endif /* HAVE_LIBGCRYPT */ #include "packet-ipsec.h" #include "packet-ipv6.h" @@ -133,7 +130,6 @@ static dissector_handle_t data_handle; static dissector_table_t ip_dissector_table; -#ifdef HAVE_LIBGCRYPT /* Encryption algorithms defined in RFC 4305 */ #define IPSEC_ENCRYPT_NULL 0 #define IPSEC_ENCRYPT_3DES_CBC 1 @@ -176,7 +172,6 @@ static dissector_table_t ip_dissector_table; /* the maximum number of bytes (10)(including the terminating nul character(11)) */ #define IPSEC_SPI_LEN_MAX 11 -#endif /* well-known algorithm number (in CPI), from RFC2409 */ #define IPCOMP_OUI 1 /* vendor specific */ @@ -194,7 +189,6 @@ static const value_string cpi2val[] = { #define NEW_ESP_DATA_SIZE 8 -#ifdef HAVE_LIBGCRYPT /*------------------------------------- * UAT for ESP *------------------------------------- @@ -456,7 +450,6 @@ static gboolean g_esp_enable_encryption_decode = FALSE; /* Default ESP payload Authentication Checking to off */ static gboolean g_esp_enable_authentication_check = FALSE; -#endif /**************************************************/ /* Sequence number analysis */ @@ -569,7 +562,6 @@ static gboolean g_esp_do_sequence_analysis = TRUE; -#ifdef HAVE_LIBGCRYPT #if 0 /* @@ -1072,7 +1064,6 @@ get_esp_sa(gint protocol_typ, gchar *src, gchar *dst, guint spi, return found; } -#endif static void ah_prompt(packet_info *pinfo, gchar *result) { @@ -1204,7 +1195,6 @@ Params: - gboolean authentication_ok : set to true if the authentication checking has been run successfully - gboolean authentication_checking_ok : set to true if the authentication was the one expected */ -#ifdef HAVE_LIBGCRYPT static void dissect_esp_authentication(proto_tree *tree, tvbuff_t *tvb, gint len, gint esp_auth_len, guint8 *authenticator_data_computed, gboolean authentication_ok, gboolean authentication_checking_ok) @@ -1257,7 +1247,6 @@ dissect_esp_authentication(proto_tree *tree, tvbuff_t *tvb, gint len, gint esp_a tvb, len - esp_auth_len, esp_auth_len, bad); PROTO_ITEM_SET_GENERATED(item); } -#endif static int dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) @@ -1266,13 +1255,11 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) proto_item *ti; gint len = 0; -#ifdef HAVE_LIBGCRYPT gint i; /* Packet Variables related */ gchar *ip_src = NULL; gchar *ip_dst = NULL; -#endif guint32 spi = 0; guint encapsulated_protocol = 0; @@ -1281,7 +1268,6 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) dissector_handle_t dissector_handle; guint32 saved_match_uint; -#ifdef HAVE_LIBGCRYPT gboolean null_encryption_decode_heuristic = FALSE; guint8 *decrypted_data = NULL; guint8 *authenticator_data = NULL; @@ -1308,10 +1294,8 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) gboolean authentication_ok = FALSE; gboolean authentication_checking_ok = FALSE; gboolean sad_is_present = FALSE; -#endif gint esp_pad_len = 0; -#ifdef HAVE_LIBGCRYPT /* Variables for decryption and authentication checking used for libgrypt */ int decrypted_len_alloc = 0; @@ -1326,7 +1310,6 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) unsigned char ctr_block[16]; -#endif guint32 sequence_number; @@ -1363,7 +1346,6 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) tvb, esp_tree, pinfo); } -#ifdef HAVE_LIBGCRYPT /* The SAD is not activated */ if(g_esp_enable_null_encryption_decode_heuristic && !g_esp_enable_encryption_decode) @@ -2115,7 +2097,6 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) /* The packet does not belong to a security association and the field g_esp_enable_null_encryption_decode_heuristic is set */ else if(null_encryption_decode_heuristic) { -#endif if(g_esp_enable_null_encryption_decode_heuristic) { /* Get length of whole ESP packet. */ @@ -2167,9 +2148,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) } } } -#ifdef HAVE_LIBGCRYPT } -#endif return tvb_captured_length(tvb); } @@ -2235,7 +2214,6 @@ dissect_ipcomp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* dissec return tvb_captured_length(tvb); } -#ifdef HAVE_LIBGCRYPT static void ipsec_cleanup_protocol(void) { /* Free any SA records added by other dissectors */ @@ -2249,7 +2227,6 @@ static void ipsec_cleanup_protocol(void) extra_esp_sa_records.records = NULL; extra_esp_sa_records.num_records = 0; } -#endif void proto_register_ipsec(void) @@ -2335,8 +2312,6 @@ proto_register_ipsec(void) { &ei_esp_sequence_analysis_wrong_sequence_number, { "esp.sequence-analysis.wrong-sequence-number", PI_SEQUENCE, PI_WARN, "Wrong Sequence Number", EXPFILL }} }; -#ifdef HAVE_LIBGCRYPT - static const value_string esp_proto_type_vals[] = { { IPSEC_SA_IPV4, "IPv4" }, { IPSEC_SA_IPV6, "IPv6" }, @@ -2385,7 +2360,6 @@ proto_register_ipsec(void) UAT_FLD_CSTRING(uat_esp_sa_records, authentication_key_string, "Authentication Key", "Authentication Key"), UAT_END_FIELDS }; -#endif static build_valid_func ah_da_build_value[1] = {ah_value}; static decode_as_value_t ah_da_values = {ah_prompt, 1, ah_da_build_value}; @@ -2431,7 +2405,6 @@ proto_register_ipsec(void) "Check that successive frames increase sequence number by 1 within an SPI. This should work OK when only one host is sending frames on an SPI", &g_esp_do_sequence_analysis); -#ifdef HAVE_LIBGCRYPT prefs_register_bool_preference(esp_module, "enable_encryption_decode", "Attempt to detect/decode encrypted ESP payloads", "Attempt to decode based on the SAD described hereafter.", @@ -2462,13 +2435,10 @@ proto_register_ipsec(void) "ESP SAs", "Preconfigured ESP Security Associations", esp_uat); -#endif esp_sequence_analysis_hash = wmem_map_new_autoreset(wmem_epan_scope(), wmem_file_scope(), g_direct_hash, g_direct_equal); esp_sequence_analysis_report_hash = wmem_map_new_autoreset(wmem_epan_scope(), wmem_file_scope(), g_direct_hash, g_direct_equal); -#ifdef HAVE_LIBGCRYPT register_cleanup_routine(&ipsec_cleanup_protocol); -#endif register_dissector("esp", dissect_esp, proto_esp); register_dissector("ah", dissect_ah, proto_ah); diff --git a/epan/dissectors/packet-isakmp.c b/epan/dissectors/packet-isakmp.c index 7c668cdde1..d324d447fa 100644 --- a/epan/dissectors/packet-isakmp.c +++ b/epan/dissectors/packet-isakmp.c @@ -61,7 +61,6 @@ #include "packet-gsm_a_common.h" #include "packet-isakmp.h" -#ifdef HAVE_LIBGCRYPT #include <wsutil/wsgcrypt.h> #include <epan/proto_data.h> #include <epan/strutil.h> @@ -69,7 +68,6 @@ #if GCRYPT_VERSION_NUMBER >= 0x010600 #define HAVE_LIBGCRYPT_AEAD 1 #endif -#endif void proto_register_isakmp(void); void proto_reg_handoff_isakmp(void); @@ -390,11 +388,9 @@ static gint ett_isakmp_attr = -1; static gint ett_isakmp_id = -1; static gint ett_isakmp_notify_data = -1; static gint ett_isakmp_ts = -1; -#ifdef HAVE_LIBGCRYPT /* For decrypted IKEv2 Encrypted payload*/ static gint ett_isakmp_decrypted_data = -1; static gint ett_isakmp_decrypted_payloads = -1; -#endif /* HAVE_LIBGCRYPT */ static expert_field ei_isakmp_enc_iv = EI_INIT; static expert_field ei_isakmp_ikev2_integrity_checksum = EI_INIT; @@ -1644,8 +1640,6 @@ static const range_string rohc_attr_type[] = { #define ISAKMP_HDR_SIZE ((int)sizeof(struct isakmp_hdr) + (2 * COOKIE_SIZE)) -#ifdef HAVE_LIBGCRYPT - #define MAX_KEY_SIZE 256 #define MAX_DIGEST_SIZE 64 #define MAX_OAKLEY_KEY_LEN 32 @@ -2229,8 +2223,6 @@ decrypt_payload(tvbuff_t *tvb, packet_info *pinfo, const guint8 *buf, guint buf_ return encr_tvb; } -#endif /* HAVE_LIBGCRYPT */ - static proto_tree *dissect_payload_header(tvbuff_t *, packet_info *, int, int, int, guint8, guint8 *, guint16 *, proto_tree *); @@ -2263,10 +2255,8 @@ typedef struct ikev2_fragmentation_state_t { guint8 next_payload; } ikev2_fragmentation_state_t; -#ifdef HAVE_LIBGCRYPT /* frame_number -> next_payload. The key will be the frame that completes the original message */ static GHashTable *defrag_next_payload_hash = NULL; -#endif static void dissect_ikev2_fragmentation(tvbuff_t *, int, proto_tree *, packet_info *, guint32 message_id, guint8 next_payload, gboolean is_request, void* decr_info); @@ -3147,13 +3137,11 @@ dissect_isakmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ int isakmp_version; void* decr_data = NULL; guint8 flags; -#ifdef HAVE_LIBGCRYPT guint8 i_cookie[COOKIE_SIZE], *ic_key; decrypt_data_t *decr = NULL; tvbuff_t *decr_tvb; proto_tree *decr_tree; address null_addr; -#endif /* HAVE_LIBGCRYPT */ col_set_str(pinfo->cinfo, COL_PROTOCOL, "ISAKMP"); col_clear(pinfo->cinfo, COL_INFO); @@ -3184,7 +3172,6 @@ dissect_isakmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ isakmp_version = hi_nibble(hdr.version); /* save the version */ hdr.flags = tvb_get_guint8(tvb, COOKIE_SIZE + COOKIE_SIZE + 1 + 1 + 1); -#ifdef HAVE_LIBGCRYPT if (isakmp_version == 1) { clear_address(&null_addr); @@ -3231,7 +3218,6 @@ dissect_isakmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ decr_data = ikev2_dec_data; } } -#endif /* HAVE_LIBGCRYPT */ { proto_tree_add_item(isakmp_tree, hf_isakmp_ispi, tvb, offset, COOKIE_SIZE, ENC_NA); @@ -3327,7 +3313,6 @@ dissect_isakmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ ti = proto_tree_add_item(isakmp_tree, hf_isakmp_enc_data, tvb, offset, len, ENC_NA); proto_item_append_text(ti, " (%d byte%s)", len, plurality(len, "", "s")); -#ifdef HAVE_LIBGCRYPT /* Collect initialization vectors during first pass. */ if (!PINFO_FD_VISITED(pinfo)) if (prepare_decrypt(decr)) @@ -3338,7 +3323,6 @@ dissect_isakmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ dissect_payloads(decr_tvb, decr_tree, isakmp_version, hdr.next_payload, 0, tvb_reported_length(decr_tvb), pinfo, hdr.message_id, !(flags & R_FLAG), decr_data); } -#endif /* HAVE_LIBGCRYPT */ } } else { dissect_payloads(tvb, isakmp_tree, isakmp_version, hdr.next_payload, @@ -3352,7 +3336,7 @@ dissect_isakmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ static proto_tree * dissect_payload_header(tvbuff_t *tvb, packet_info *pinfo, int offset, int length, - int isakmp_version, guint8 payload _U_, guint8 *next_payload_p, + int isakmp_version, guint8 payload, guint8 *next_payload_p, guint16 *payload_length_p, proto_tree *tree) { guint8 next_payload; @@ -3810,10 +3794,7 @@ dissect_resp_lifetime_ipsec_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_t /* Returns the number of bytes consumed by this attribute. */ static int -dissect_ike_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset -#ifdef HAVE_LIBGCRYPT - , decrypt_data_t *decr -#endif +dissect_ike_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, decrypt_data_t *decr ) { guint headerlen, value_len, attr_type; @@ -3837,30 +3818,22 @@ dissect_ike_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int o case IKE_ATTR_ENCRYPTION_ALGORITHM: proto_tree_add_item(attr_tree, hf_isakmp_ike_attr_encryption_algorithm, tvb, offset, value_len, ENC_BIG_ENDIAN); proto_item_append_text(attr_item, ": %s", val_to_str(tvb_get_ntohs(tvb, offset), ike_attr_enc_algo, "Unknown %d")); -#ifdef HAVE_LIBGCRYPT decr->ike_encr_alg = tvb_get_ntohs(tvb, offset); -#endif break; case IKE_ATTR_HASH_ALGORITHM: proto_tree_add_item(attr_tree, hf_isakmp_ike_attr_hash_algorithm, tvb, offset, value_len, ENC_BIG_ENDIAN); proto_item_append_text(attr_item, ": %s", val_to_str(tvb_get_ntohs(tvb, offset), ike_attr_hash_algo, "Unknown %d")); -#ifdef HAVE_LIBGCRYPT decr->ike_hash_alg = tvb_get_ntohs(tvb, offset); -#endif break; case IKE_ATTR_AUTHENTICATION_METHOD: proto_tree_add_item(attr_tree, hf_isakmp_ike_attr_authentication_method, tvb, offset, value_len, ENC_BIG_ENDIAN); proto_item_append_text(attr_item, ": %s", val_to_str(tvb_get_ntohs(tvb, offset), ike_attr_authmeth, "Unknown %d")); -#ifdef HAVE_LIBGCRYPT decr->is_psk = tvb_get_ntohs(tvb, offset) == 0x01 ? TRUE : FALSE; -#endif break; case IKE_ATTR_GROUP_DESCRIPTION: proto_tree_add_item(attr_tree, hf_isakmp_ike_attr_group_description, tvb, offset, value_len, ENC_BIG_ENDIAN); proto_item_append_text(attr_item, ": %s", val_to_str(tvb_get_ntohs(tvb, offset), dh_group, "Unknown %d")); -#ifdef HAVE_LIBGCRYPT decr->group = tvb_get_ntohs(tvb, offset); -#endif break; case IKE_ATTR_GROUP_TYPE: proto_tree_add_item(attr_tree, hf_isakmp_ike_attr_group_type, tvb, offset, value_len, ENC_BIG_ENDIAN); @@ -3894,9 +3867,7 @@ dissect_ike_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int o case IKE_ATTR_KEY_LENGTH: proto_tree_add_item(attr_tree, hf_isakmp_ike_attr_key_length, tvb, offset, value_len, ENC_BIG_ENDIAN); proto_item_append_text(attr_item, ": %d", tvb_get_ntohs(tvb, offset)); -#ifdef HAVE_LIBGCRYPT decr->ike_encr_keylen = tvb_get_ntohs(tvb, offset); -#endif break; case IKE_ATTR_FIELD_SIZE: proto_tree_add_item(attr_tree, hf_isakmp_ike_attr_field_size, tvb, offset, value_len, ENC_NA); @@ -3984,19 +3955,13 @@ dissect_ike2_transform_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree * } static void -dissect_transform(tvbuff_t *tvb, packet_info *pinfo, int offset, int length, proto_tree *tree, int isakmp_version, int protocol_id, void* decr_data -#ifndef HAVE_LIBGCRYPT - _U_ -#endif -) +dissect_transform(tvbuff_t *tvb, packet_info *pinfo, int offset, int length, proto_tree *tree, int isakmp_version, int protocol_id, void* decr_data) { if (isakmp_version == 1) { guint8 transform_id; guint8 transform_num; -#ifdef HAVE_LIBGCRYPT decrypt_data_t *decr = (decrypt_data_t *)decr_data; -#endif /* HAVE_LIBGCRYPT */ int offset_end = 0; offset_end = offset + length; @@ -4038,20 +4003,14 @@ dissect_transform(tvbuff_t *tvb, packet_info *pinfo, int offset, int length, pro offset += 2; if (protocol_id == 1 && transform_id == 1) { -#ifdef HAVE_LIBGCRYPT /* Allow detection of missing IKE transform attributes: * Make sure their values are not carried over from another transform * dissected previously. */ decr->ike_encr_alg = 0; decr->ike_encr_keylen = 0; decr->ike_hash_alg = 0; -#endif while (offset < offset_end) { - offset += dissect_ike_attribute(tvb, pinfo, tree, offset -#ifdef HAVE_LIBGCRYPT - , decr -#endif - ); + offset += dissect_ike_attribute(tvb, pinfo, tree, offset, decr); } } else { @@ -4103,14 +4062,7 @@ dissect_transform(tvbuff_t *tvb, packet_info *pinfo, int offset, int length, pro static void dissect_key_exch(tvbuff_t *tvb, int offset, int length, proto_tree *tree, int isakmp_version, -#ifdef HAVE_LIBGCRYPT - packet_info* pinfo, - void* decr_data -#else - packet_info* pinfo _U_, - void* decr_data _U_ -#endif -) + packet_info* pinfo, void* decr_data) { if (isakmp_version == 2) { proto_tree_add_item(tree, hf_isakmp_key_exch_dh_group, tvb, offset, 2, ENC_BIG_ENDIAN); @@ -4124,7 +4076,6 @@ dissect_key_exch(tvbuff_t *tvb, int offset, int length, proto_tree *tree, int is proto_tree_add_item(tree, hf_isakmp_key_exch_data, tvb, offset, length, ENC_NA); -#ifdef HAVE_LIBGCRYPT if (isakmp_version == 1 && decr_data) { decrypt_data_t *decr = (decrypt_data_t *)decr_data; @@ -4138,7 +4089,6 @@ dissect_key_exch(tvbuff_t *tvb, int offset, int length, proto_tree *tree, int is decr->gr_len = length; } } -#endif /* HAVE_LIBGCRYPT */ } static void @@ -4425,21 +4375,15 @@ dissect_cisco_fragmentation(tvbuff_t *tvb, int offset, int length, proto_tree *t /* This is RFC7383 reassembly. */ static void dissect_ikev2_fragmentation(tvbuff_t *tvb, int offset, proto_tree *tree, -#ifdef HAVE_LIBGCRYPT packet_info *pinfo, guint message_id, guint8 next_payload, gboolean is_request, void* decr_info) -#else - packet_info *pinfo, guint message_id, guint8 next_payload, gboolean is_request _U_, void* decr_info _U_) -#endif { guint16 fragment_number, total_fragments; -#ifdef HAVE_LIBGCRYPT gboolean message_next_payload_set = FALSE; guint8 message_next_payload = 0; gint iv_len, icd_len; gint iv_offset; gint icd_offset; ikev2_decrypt_data_t *key_info; -#endif /* Fragment Number */ fragment_number = tvb_get_ntohs(tvb, offset); @@ -4478,7 +4422,6 @@ dissect_ikev2_fragmentation(tvbuff_t *tvb, int offset, proto_tree *tree, /* Show fragment summary in Info column */ col_append_fstr(pinfo->cinfo, COL_INFO, " (fragment %u/%u)", fragment_number, total_fragments); -#ifdef HAVE_LIBGCRYPT offset += 2; /* If this is the last fragment, need to know what the payload type for the reassembled message is, @@ -4589,7 +4532,6 @@ dissect_ikev2_fragmentation(tvbuff_t *tvb, int offset, proto_tree *tree, pinfo->fragmented = save_fragmented; } /* End Reassembly stuff for IKE2 fragmentation */ -#endif } @@ -5364,21 +5306,12 @@ dissect_enc(tvbuff_t *tvb, int offset, int length, proto_tree *tree, -#ifdef HAVE_LIBGCRYPT packet_info *pinfo, guint8 inner_payload, gboolean is_request, void* decr_info, gboolean dissect_payload_now) -#else - packet_info *pinfo _U_, - guint8 inner_payload _U_, - gboolean is_request _U_, - void* decr_info _U_, - gboolean dissect_payload_now _U_) -#endif { -#ifdef HAVE_LIBGCRYPT ikev2_decrypt_data_t *key_info = NULL; gint iv_len, encr_data_len, icd_len, decr_data_len, md_len, icv_len, encr_key_len, encr_iv_len; guint8 pad_len; @@ -5711,15 +5644,10 @@ dissect_enc(tvbuff_t *tvb, dissect_payloads(decr_tvb, decr_payloads_tree, 2, inner_payload, 0, payloads_len, pinfo, 0, is_request, decr_info); } }else{ -#endif /* HAVE_LIBGCRYPT */ proto_tree_add_item(tree, hf_isakmp_enc_iv, tvb, offset, 4, ENC_NA); proto_tree_add_item(tree, hf_isakmp_enc_data, tvb, offset+4 , length, ENC_NA); -#ifdef HAVE_LIBGCRYPT } return decr_tvb; -#else /* HAVE_LIBGCRYPT */ - return NULL; -#endif } static void @@ -5746,7 +5674,6 @@ dissect_gspm(tvbuff_t *tvb, int offset, int length, proto_tree *tree) * Protocol initialization */ -#ifdef HAVE_LIBGCRYPT static guint isakmp_hash_func(gconstpointer c) { const guint8 *i_cookie = (const guint8 *) c; @@ -5809,9 +5736,7 @@ static gint ikev2_key_equal_func(gconstpointer k1, gconstpointer k2) { return 1; } -#endif /* HAVE_LIBGCRYPT */ -#ifdef HAVE_LIBGCRYPT static void free_cookie_key(gpointer key_arg) { @@ -5828,16 +5753,12 @@ free_cookie_value(gpointer value) g_hash_table_destroy(decr->iv_hash); g_slice_free1(sizeof(decrypt_data_t), decr); } -#endif static void isakmp_init_protocol(void) { -#ifdef HAVE_LIBGCRYPT guint i; decrypt_data_t *decr; guint8 *ic_key; -#endif /* HAVE_LIBGCRYPT */ -#ifdef HAVE_LIBGCRYPT isakmp_hash = g_hash_table_new_full(isakmp_hash_func, isakmp_equal_func, free_cookie_key, free_cookie_value); @@ -5859,20 +5780,15 @@ isakmp_init_protocol(void) { ikev2_uat_data[i].auth_spec = ikev2_decrypt_find_auth_spec(ikev2_uat_data[i].auth_alg); } defrag_next_payload_hash = g_hash_table_new(g_direct_hash, g_direct_equal); -#endif /* HAVE_LIBGCRYPT */ } static void isakmp_cleanup_protocol(void) { -#ifdef HAVE_LIBGCRYPT g_hash_table_destroy(isakmp_hash); g_hash_table_destroy(ikev2_key_hash); g_hash_table_destroy(defrag_next_payload_hash); -#endif /* HAVE_LIBGCRYPT */ } -#ifdef HAVE_LIBGCRYPT - UAT_BUFFER_CB_DEF(ikev1_users, icookie, ikev1_uat_data_key_t, icookie, icookie_len) UAT_BUFFER_CB_DEF(ikev1_users, key, ikev1_uat_data_key_t, key, key_len) @@ -5959,14 +5875,11 @@ static gboolean ikev2_uat_data_update_cb(void* p, char** err) { return TRUE; } -#endif /* HAVE_LIBGCRYPT */ void proto_register_isakmp(void) { -#ifdef HAVE_LIBGCRYPT module_t *isakmp_module; -#endif static hf_register_info hf[] = { { &hf_isakmp_ispi, { "Initiator SPI", "isakmp.ispi", @@ -7194,10 +7107,8 @@ proto_register_isakmp(void) &ett_isakmp_id, &ett_isakmp_notify_data, &ett_isakmp_ts, -#ifdef HAVE_LIBGCRYPT &ett_isakmp_decrypted_data, &ett_isakmp_decrypted_payloads -#endif /* HAVE_LIBGCRYPT */ }; static ei_register_info ei[] = { @@ -7212,7 +7123,6 @@ proto_register_isakmp(void) expert_module_t* expert_isakmp; -#ifdef HAVE_LIBGCRYPT static uat_field_t ikev1_uat_flds[] = { UAT_FLD_BUFFER(ikev1_users, icookie, "Initiator's COOKIE", "Initiator's COOKIE"), UAT_FLD_BUFFER(ikev1_users, key, "Encryption Key", "Encryption Key"), @@ -7230,7 +7140,7 @@ proto_register_isakmp(void) UAT_FLD_VS(ikev2_users, auth_alg, "Integrity algorithm", vs_ikev2_auth_algs, "Integrity algorithm of IKE_SA"), UAT_END_FIELDS }; -#endif /* HAVE_LIBGCRYPT */ + proto_isakmp = proto_register_protocol("Internet Security Association and Key Management Protocol", "ISAKMP", "isakmp"); proto_register_field_array(proto_isakmp, hf, array_length(hf)); @@ -7246,7 +7156,6 @@ proto_register_isakmp(void) isakmp_handle = register_dissector("isakmp", dissect_isakmp, proto_isakmp); -#ifdef HAVE_LIBGCRYPT isakmp_module = prefs_register_protocol(proto_isakmp, NULL); ikev1_uat = uat_new("IKEv1 Decryption Table", sizeof(ikev1_uat_data_key_t), @@ -7289,8 +7198,6 @@ proto_register_isakmp(void) "IKEv2 Decryption Table", "Table of IKE_SA security parameters for decryption of IKEv2 packets", ikev2_uat); - -#endif /* HAVE_LIBGCRYPT */ } void diff --git a/epan/dissectors/packet-lwm.c b/epan/dissectors/packet-lwm.c index 453416d4cd..7bbcce0d12 100644 --- a/epan/dissectors/packet-lwm.c +++ b/epan/dissectors/packet-lwm.c @@ -403,7 +403,6 @@ static int dissect_lwm(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void /*An exception will occur if there are not enough bytes for the MIC */ proto_tree_add_item_ret_uint(lwm_tree, hf_lwm_mic, new_tvb, start, LWM_MIC_LEN, ENC_LITTLE_ENDIAN, &lwm_mic); -#ifdef HAVE_LIBGCRYPT if(lwmes_key_valid) { ieee802154_packet *ieee_packet = NULL; @@ -503,15 +502,6 @@ static int dissect_lwm(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void tvb_set_reported_length(new_tvb, tvb_reported_length(new_tvb) - LWM_MIC_LEN); call_data_dissector(new_tvb, pinfo, lwm_tree); } -#else /* ! HAVE_LIBGCRYPT */ - col_add_fstr(pinfo->cinfo, COL_INFO, - "Encrypted data (%i byte(s)): libgcrypt not present, cannot decrypt", - tvb_reported_length(new_tvb) - LWM_MIC_LEN); - - expert_add_info(pinfo, lwm_tree, &ei_lwm_no_decryption_key); - tvb_set_reported_length(new_tvb, tvb_reported_length(new_tvb) - LWM_MIC_LEN); - call_data_dissector(new_tvb, pinfo, lwm_tree); -#endif /* ! HAVE_LIBGCRYPT */ } /*stack command endpoint 0 and not secured*/ else if( (lwm_src_endp == 0) && (lwm_dst_endp == 0) ){ diff --git a/epan/dissectors/packet-pdcp-lte.c b/epan/dissectors/packet-pdcp-lte.c index 5e483324b7..dca2ee3c00 100644 --- a/epan/dissectors/packet-pdcp-lte.c +++ b/epan/dissectors/packet-pdcp-lte.c @@ -1514,12 +1514,7 @@ static tvbuff_t *decipher_payload(tvbuff_t *tvb, packet_info *pinfo, int *offset #endif } else - if (pdu_security_settings->ciphering == eea2) { -#ifndef HAVE_LIBGCRYPT - return tvb; -#endif - } - else { + if (pdu_security_settings->ciphering != eea2) { /* An algorithm we don't support at all! */ return tvb; } @@ -1545,7 +1540,6 @@ static tvbuff_t *decipher_payload(tvbuff_t *tvb, packet_info *pinfo, int *offset return tvb; } -#ifdef HAVE_LIBGCRYPT /* AES */ if (pdu_security_settings->ciphering == eea2) { unsigned char ctr_block[16]; @@ -1597,7 +1591,6 @@ static tvbuff_t *decipher_payload(tvbuff_t *tvb, packet_info *pinfo, int *offset /* Close gcrypt handle */ gcry_cipher_close(cypher_hd); } -#endif #ifdef HAVE_SNOW3G /* SNOW-3G */ @@ -1672,7 +1665,7 @@ static guint32 calculate_digest(pdu_security_settings_t *pdu_security_settings, } #endif -#if (defined GCRYPT_VERSION_NUMBER) && (GCRYPT_VERSION_NUMBER >= 0x010600) +#if GCRYPT_VERSION_NUMBER >= 0x010600 /* 1.6.0 */ case eia2: { gcry_mac_hd_t mac_hd; diff --git a/epan/dissectors/packet-pkcs12.c b/epan/dissectors/packet-pkcs12.c index ea21bf5861..b8bf6fe452 100644 --- a/epan/dissectors/packet-pkcs12.c +++ b/epan/dissectors/packet-pkcs12.c @@ -173,8 +173,6 @@ static void append_oid(proto_tree *tree, const char *oid) proto_item_append_text(tree, " (%s)", name ? name : oid); } -#ifdef HAVE_LIBGCRYPT - static int generate_key_or_iv(unsigned int id, tvbuff_t *salt_tvb, unsigned int iter, const char *pw, unsigned int req_keylen, char * keybuf) @@ -297,8 +295,6 @@ generate_key_or_iv(unsigned int id, tvbuff_t *salt_tvb, unsigned int iter, } } -#endif - void PBE_reset_parameters(void) { iteration_count = 0; @@ -307,7 +303,6 @@ void PBE_reset_parameters(void) int PBE_decrypt_data(const char *object_identifier_id_param _U_, tvbuff_t *encrypted_tvb _U_, packet_info *pinfo _U_, asn1_ctx_t *actx _U_, proto_item *item _U_) { -#ifdef HAVE_LIBGCRYPT const char *encryption_algorithm; gcry_cipher_hd_t cipher; gcry_error_t err; @@ -461,11 +456,6 @@ int PBE_decrypt_data(const char *object_identifier_id_param _U_, tvbuff_t *encry call_ber_oid_callback(object_identifier_id_param, clear_tvb, 0, actx->pinfo, tree, NULL); return TRUE; -#else - /* we cannot decrypt */ - return FALSE; - -#endif } @@ -1129,7 +1119,7 @@ static int dissect_PBMAC1Params_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, p /*--- End of included file: packet-pkcs12-fn.c ---*/ -#line 384 "./asn1/pkcs12/packet-pkcs12-template.c" +#line 374 "./asn1/pkcs12/packet-pkcs12-template.c" static int strip_octet_string(tvbuff_t *tvb) { @@ -1414,7 +1404,7 @@ void proto_register_pkcs12(void) { "AlgorithmIdentifier", HFILL }}, /*--- End of included file: packet-pkcs12-hfarr.c ---*/ -#line 460 "./asn1/pkcs12/packet-pkcs12-template.c" +#line 450 "./asn1/pkcs12/packet-pkcs12-template.c" }; /* List of subtrees */ @@ -1444,7 +1434,7 @@ void proto_register_pkcs12(void) { &ett_pkcs12_PBMAC1Params, /*--- End of included file: packet-pkcs12-ettarr.c ---*/ -#line 466 "./asn1/pkcs12/packet-pkcs12-template.c" +#line 456 "./asn1/pkcs12/packet-pkcs12-template.c" }; static ei_register_info ei[] = { { &ei_pkcs12_octet_string_expected, { "pkcs12.octet_string_expected", PI_PROTOCOL, PI_WARN, "BER Error: OCTET STRING expected", EXPFILL }}, @@ -1512,7 +1502,7 @@ void proto_reg_handoff_pkcs12(void) { /*--- End of included file: packet-pkcs12-dis-tab.c ---*/ -#line 505 "./asn1/pkcs12/packet-pkcs12-template.c" +#line 495 "./asn1/pkcs12/packet-pkcs12-template.c" register_ber_oid_dissector("1.2.840.113549.1.9.22.1", dissect_X509Certificate_OCTETSTRING_PDU, proto_pkcs12, "x509Certificate"); diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c index 915c547c6a..8cb8bd891c 100644 --- a/epan/dissectors/packet-smb2.c +++ b/epan/dissectors/packet-smb2.c @@ -940,12 +940,11 @@ smb2_conv_destroy(wmem_allocator_t *allocator _U_, wmem_cb_event_t event _U_, return FALSE; } -static void smb2_key_derivation(const guint8 *KI _U_, guint32 KI_len _U_, - const guint8 *Label _U_, guint32 Label_len _U_, - const guint8 *Context _U_, guint32 Context_len _U_, +static void smb2_key_derivation(const guint8 *KI, guint32 KI_len, + const guint8 *Label, guint32 Label_len, + const guint8 *Context, guint32 Context_len, guint8 KO[16]) { -#ifdef HAVE_LIBGCRYPT gcry_md_hd_t hd = NULL; guint8 buf[4]; guint8 *digest = NULL; @@ -972,9 +971,6 @@ static void smb2_key_derivation(const guint8 *KI _U_, guint32 KI_len _U_, memcpy(KO, digest, 16); gcry_md_close(hd); -#else - memset(KO, 0, 16); -#endif } /* for export-object-smb2 */ @@ -8361,7 +8357,7 @@ static smb2_function smb2_dissector[256] = { #define ENC_ALG_aes128_ccm 0x0001 static int -dissect_smb2_transform_header(packet_info *pinfo _U_, proto_tree *tree, +dissect_smb2_transform_header(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset, smb2_transform_info_t *sti, tvbuff_t **enc_tvb, tvbuff_t **plain_tvb) @@ -8371,9 +8367,7 @@ dissect_smb2_transform_header(packet_info *pinfo _U_, proto_tree *tree, smb2_sesid_info_t sesid_key; int sesid_offset; guint8 *plain_data = NULL; -#ifdef HAVE_LIBGCRYPT guint8 *decryption_key = NULL; -#endif proto_item *item; static const int *sf_fields[] = { @@ -8435,7 +8429,6 @@ dissect_smb2_transform_header(packet_info *pinfo _U_, proto_tree *tree, PROTO_ITEM_SET_GENERATED(item); } -#ifdef HAVE_LIBGCRYPT if (sti->session != NULL && sti->alg == ENC_ALG_aes128_ccm) { if (pinfo->destport == sti->session->server_port) { decryption_key = sti->session->server_decryption_key; @@ -8491,7 +8484,6 @@ dissect_smb2_transform_header(packet_info *pinfo _U_, proto_tree *tree, gcry_cipher_close(cipher_hd); } done_decryption: -#endif *enc_tvb = tvb_new_subset_length(tvb, offset, sti->size); if (plain_data != NULL) { diff --git a/epan/dissectors/packet-snmp.c b/epan/dissectors/packet-snmp.c index 772f4055e1..b7606ff532 100644 --- a/epan/dissectors/packet-snmp.c +++ b/epan/dissectors/packet-snmp.c @@ -1751,9 +1751,8 @@ snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_a } static tvbuff_t* -snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, packet_info *pinfo _U_, gchar const** error _U_) +snmp_usm_priv_des(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) { -#ifdef HAVE_LIBGCRYPT gcry_error_t err; gcry_cipher_hd_t hd = NULL; @@ -1818,13 +1817,8 @@ on_gcry_error: *error = (const gchar *)gpg_strerror(err); if (hd) gcry_cipher_close(hd); return NULL; -#else - *error = "libgcrypt not present, cannot decrypt"; - return NULL; -#endif } -#ifdef HAVE_LIBGCRYPT static tvbuff_t* snmp_usm_priv_aes_common(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error, int algo) { @@ -1889,39 +1883,23 @@ on_gcry_error: if (hd) gcry_cipher_close(hd); return NULL; } -#endif static tvbuff_t* -snmp_usm_priv_aes128(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, packet_info *pinfo _U_, gchar const** error) +snmp_usm_priv_aes128(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) { -#ifdef HAVE_LIBGCRYPT return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES); -#else - *error = "libgcrypt not present, cannot decrypt"; - return NULL; -#endif } static tvbuff_t* -snmp_usm_priv_aes192(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, packet_info *pinfo _U_, gchar const** error) +snmp_usm_priv_aes192(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) { -#ifdef HAVE_LIBGCRYPT return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES192); -#else - *error = "libgcrypt not present, cannot decrypt"; - return NULL; -#endif } static tvbuff_t* -snmp_usm_priv_aes256(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, packet_info *pinfo _U_, gchar const** error) +snmp_usm_priv_aes256(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) { -#ifdef HAVE_LIBGCRYPT return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES256); -#else - *error = "libgcrypt not present, cannot decrypt"; - return NULL; -#endif } static gboolean @@ -3068,7 +3046,7 @@ static int dissect_SMUX_PDUs_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, prot /*--- End of included file: packet-snmp-fn.c ---*/ -#line 1863 "./asn1/snmp/packet-snmp-template.c" +#line 1841 "./asn1/snmp/packet-snmp-template.c" guint @@ -3885,7 +3863,7 @@ void proto_register_snmp(void) { NULL, HFILL }}, /*--- End of included file: packet-snmp-hfarr.c ---*/ -#line 2415 "./asn1/snmp/packet-snmp-template.c" +#line 2393 "./asn1/snmp/packet-snmp-template.c" }; /* List of subtrees */ @@ -3925,7 +3903,7 @@ void proto_register_snmp(void) { &ett_snmp_RReqPDU_U, /*--- End of included file: packet-snmp-ettarr.c ---*/ -#line 2431 "./asn1/snmp/packet-snmp-template.c" +#line 2409 "./asn1/snmp/packet-snmp-template.c" }; static ei_register_info ei[] = { { &ei_snmp_failed_decrypted_data_pdu, { "snmp.failed_decrypted_data_pdu", PI_MALFORMED, PI_WARN, "Failed to decrypt encryptedPDU", EXPFILL }}, diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 1f2aeef216..28b49aaa61 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -54,7 +54,7 @@ #include "packet-ssl-utils.h" #include "packet-ssl.h" #include "packet-dtls.h" -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) #include <gnutls/abstract.h> #endif #if GCRYPT_VERSION_NUMBER >= 0x010600 /* 1.6.0 */ @@ -1633,7 +1633,6 @@ ssl_data_set(StringInfo* str, const guchar* data, guint len) str->data_len = len; } -#ifdef HAVE_LIBGCRYPT static gint ssl_data_realloc(StringInfo* str, guint len) { @@ -1666,7 +1665,6 @@ ssl_data_copy(StringInfo* dst, StringInfo* src) dst->data_len = src->data_len; return 0; } -#endif /* from_hex converts |hex_len| bytes of hex data from |in| and sets |*out| to * the result. |out->data| will be allocated using wmem_file_scope. Returns TRUE on @@ -1691,8 +1689,6 @@ static gboolean from_hex(StringInfo* out, const char* in, gsize hex_len) { /* StringInfo structure (len + data) functions }}} */ -#ifdef HAVE_LIBGCRYPT - /* libgcrypt wrappers for HMAC/message digest operations {{{ */ /* hmac abstraction layer */ #define SSL_HMAC gcry_md_hd_t @@ -2019,18 +2015,6 @@ out: } /* }}} */ #endif /* HAVE_LIBGNUTLS */ -#else /* ! HAVE_LIBGCRYPT */ - -gint -ssl_cipher_setiv(SSL_CIPHER_CTX *cipher _U_, guchar* iv _U_, gint iv_len _U_) -{ - ssl_debug_printf("ssl_cipher_setiv: impossible without gnutls.\n"); - return 0; -} -#endif /* ! HAVE_LIBGCRYPT */ - - -#ifdef HAVE_LIBGCRYPT /* Save space if decryption is not enabled. */ /* Digests, Ciphers and Cipher Suites registry {{{ */ static const SslDigestAlgo digests[]={ @@ -2381,27 +2365,10 @@ ssl_get_cipher_export_keymat_size(int cipher_suite_num) return 0; } } -#else /* ! HAVE_LIBGCRYPT */ -const SslCipherSuite * -ssl_find_cipher(int num) -{ - ssl_debug_printf("ssl_find_cipher: dummy without gnutls. num %d\n", - num); - return NULL; -} - -guint -ssl_get_cipher_blocksize(const SslCipherSuite *cipher_suite _U_) -{ - return 0; -} -#endif /* ! HAVE_LIBGCRYPT */ /* Digests, Ciphers and Cipher Suites registry }}} */ -#ifdef HAVE_LIBGCRYPT - /* HMAC and the Pseudorandom function {{{ */ static void tls_hash(StringInfo *secret, StringInfo *seed, gint md, @@ -2760,45 +2727,6 @@ tls13_hkdf_expand_label(int md, const StringInfo *secret, const char *label, con } /* HMAC and the Pseudorandom function }}} */ -#else /* ! HAVE_LIBGCRYPT */ -/* Stub code when decryption support is not available. {{{ */ -gboolean -ssl_generate_pre_master_secret(SslDecryptSession *ssl_session _U_, - guint32 length _U_, tvbuff_t *tvb _U_, guint32 offset _U_, - const gchar *ssl_psk _U_, const ssl_master_key_map_t *mk_map _U_) -{ - ssl_debug_printf("%s: impossible without gnutls.\n", G_STRFUNC); - return FALSE; -} -int -ssl_generate_keyring_material(SslDecryptSession*ssl) -{ - ssl_debug_printf("ssl_generate_keyring_material: impossible without gnutls. ssl %p\n", - ssl); - /* We cannot determine whether the cipher suite is valid. Fail such that - * ssl_set_master_secret bails out. */ - return -1; -} -void -ssl_change_cipher(SslDecryptSession *ssl_session, gboolean server) -{ - ssl_debug_printf("ssl_change_cipher %s: makes no sense without gnutls. ssl %p\n", - (server)?"SERVER":"CLIENT", ssl_session); -} - -int -ssl_decrypt_record(SslDecryptSession *ssl, SslDecoder *decoder, guint8 ct, guint16 record_version, - const guchar *in, guint16 inl, StringInfo *comp_str _U_, StringInfo *out_str, guint *outl) -{ - ssl_debug_printf("ssl_decrypt_record: impossible without gnutls. ssl %p" - "decoder %p ct %d version %d in %p inl %d out %p outl %p\n", ssl, decoder, ct, - record_version, in, inl, out_str, outl); - return 0; -} -/* }}} */ -#endif /* ! HAVE_LIBGCRYPT */ - -#ifdef HAVE_LIBGCRYPT /* Record Decompression (after decryption) {{{ */ #ifdef HAVE_ZLIB /* memory allocation functions for zlib initialization */ @@ -2893,9 +2821,7 @@ ssl_decompress_record(SslDecompress* decomp _U_, const guchar* in _U_, guint inl } #endif /* Record Decompression (after decryption) }}} */ -#endif /* HAVE_LIBGCRYPT */ -#ifdef HAVE_LIBGCRYPT /* Create a new structure to store decrypted chunks. {{{ */ static SslFlow* ssl_create_flow(void) @@ -4136,10 +4062,8 @@ skip_mac: } /* Record decryption glue based on security parameters }}} */ -#endif /* HAVE_LIBGCRYPT */ - -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) /* RSA private key file processing {{{ */ #define RSA_PARS 6 static gcry_sexp_t @@ -4487,12 +4411,12 @@ end: /* RSA private key file processing }}} */ -#else /* ! (defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)) */ +#else /* ! defined(HAVE_LIBGNUTLS) */ void ssl_private_key_free(gpointer key _U_) { } -#endif /* ! (defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)) */ +#endif /* ! defined(HAVE_LIBGNUTLS) */ /*--- Start of dissector-related code below ---*/ @@ -4562,7 +4486,7 @@ static void ssl_reset_session(SslSession *session, SslDecryptSession *ssl, gbool clear_flags |= SSL_SERVER_EXTENDED_MASTER_SECRET | SSL_NEW_SESSION_TICKET; ssl->server_random.data_len = 0; ssl->pre_master_secret.data_len = 0; -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) ssl->private_key = NULL; #endif ssl->psk.data_len = 0; @@ -4893,7 +4817,7 @@ ssl_common_cleanup(ssl_master_key_map_t *mk_map, FILE **ssl_keylog_file, /* }}} */ /* parse ssl related preferences (private keys and ports association strings) */ -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) /* Load a single RSA key file item from preferences. {{{ */ void ssl_parse_key_list(const ssldecrypt_assoc_t *uats, GHashTable *key_hash, const char* dissector_table_name, dissector_handle_t main_handle, gboolean tcp) @@ -4979,7 +4903,6 @@ ssl_parse_key_list(const ssldecrypt_assoc_t *uats _U_, GHashTable *key_hash _U_, #endif -#ifdef HAVE_LIBGCRYPT /* useless without decryption support. */ /* Store/load a known (pre-)master secret from/for this SSL session. {{{ */ /** store a known (pre-)master secret into cache */ static void @@ -5239,7 +5162,6 @@ tls13_key_update(SslDecryptSession *ssl, gboolean is_from_server) wmem_free(NULL, new_secret); tls13_generate_keys(ssl, app_secret, is_from_server); } -#endif /* HAVE_LIBGCRYPT */ /** SSL keylog file handling. {{{ */ @@ -5502,9 +5424,7 @@ ssl_set_debug(const gchar* name) #ifdef HAVE_LIBGNUTLS ssl_debug_printf("GnuTLS version: %s\n", gnutls_check_version(NULL)); #endif -#ifdef HAVE_LIBGCRYPT ssl_debug_printf("Libgcrypt version: %s\n", gcry_check_version(NULL)); -#endif ssl_debug_printf("\n"); } @@ -5617,7 +5537,7 @@ ssldecrypt_uat_fld_fileopen_chk_cb(void* r _U_, const char* p, guint len _U_, co gboolean ssldecrypt_uat_fld_password_chk_cb(void *r _U_, const char *p _U_, guint len _U_, const void *u1 _U_, const void *u2 _U_, char **err) { -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) ssldecrypt_assoc_t* f = (ssldecrypt_assoc_t *)r; FILE *fp = NULL; @@ -6965,8 +6885,8 @@ ssl_dissect_hnd_srv_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, void ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset, guint32 offset_end, - const SslSession *session, SslDecryptSession *ssl _U_, - GHashTable *session_hash _U_) + const SslSession *session, SslDecryptSession *ssl, + GHashTable *session_hash) { /* https://tools.ietf.org/html/rfc5077#section-3.3 (TLS >= 1.0): * struct { @@ -7013,7 +6933,6 @@ ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_i proto_tree_add_item(subtree, hf->hf.hs_session_ticket, tvb, offset, ticket_len, ENC_NA); /* save the session ticket to cache for ssl_finalize_decryption */ -#ifdef HAVE_LIBGCRYPT if (ssl && !is_tls13) { tvb_ensure_bytes_exist(tvb, offset, ticket_len); ssl->session_ticket.data = (guchar*)wmem_realloc(wmem_file_scope(), @@ -7029,7 +6948,6 @@ ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_i &ssl->session_ticket, &ssl->master_secret); ssl->state |= SSL_NEW_SESSION_TICKET; } -#endif offset += ticket_len; if (is_tls13) { @@ -7116,7 +7034,7 @@ ssl_dissect_hnd_cert(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, */ enum { CERT_X509, CERT_RPK } cert_type; asn1_ctx_t asn1_ctx; -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) gnutls_datum_t subjectPublicKeyInfo = { NULL, 0 }; #endif guint32 next_offset; @@ -7130,7 +7048,7 @@ ssl_dissect_hnd_cert(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, cert_type = CERT_X509; } -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) /* Ask the pkcs1 dissector to return the public key details */ if (ssl) asn1_ctx.private_data = &subjectPublicKeyInfo; @@ -7201,7 +7119,7 @@ ssl_dissect_hnd_cert(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, offset += 3; dissect_x509af_Certificate(FALSE, tvb, offset, &asn1_ctx, subtree, hf->hf.hs_certificate); -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) /* Only attempt to get the RSA modulus for the first cert. */ asn1_ctx.private_data = NULL; #endif @@ -7227,7 +7145,7 @@ ssl_dissect_hnd_cert(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, } } -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) if (is_from_server && ssl) ssl_find_private_key_by_pubkey(ssl, key_hash, &subjectPublicKeyInfo); #endif @@ -8142,7 +8060,6 @@ tls13_dissect_hnd_key_update(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree_add_item(tree, hf->hf.hs_key_update_request_update, tvb, offset, 1, ENC_NA); } -#ifdef HAVE_LIBGCRYPT void ssl_common_register_options(module_t *module, ssl_common_options_t *options) { @@ -8169,12 +8086,6 @@ ssl_common_register_options(module_t *module, ssl_common_options_t *options) "(All fields are in hex notation)", &(options->keylog_filename)); } -#else -void -ssl_common_register_options(module_t *module _U_, ssl_common_options_t *options _U_) -{ -} -#endif void ssl_calculate_handshake_hash(SslDecryptSession *ssl_session, tvbuff_t *tvb, guint32 offset, guint32 length) diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index bb56664e7d..9462f93f87 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -39,12 +39,9 @@ #include <gnutls/pkcs12.h> #endif /* HAVE_LIBGNUTLS */ -#ifdef HAVE_LIBGCRYPT +/* TODO inline this now that Libgcrypt is mandatory? */ #define SSL_CIPHER_CTX gcry_cipher_hd_t #define SSL_DECRYPT_DEBUG -#else /* HAVE_LIBGCRYPT */ -#define SSL_CIPHER_CTX void* -#endif /* HAVE_LIBGCRYPT */ /* other defines */ @@ -427,7 +424,7 @@ typedef struct _SslDecryptSession { SslDecoder *client; SslDecoder *server_new; SslDecoder *client_new; -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) gcry_sexp_t private_key; #endif StringInfo psk; @@ -625,7 +622,6 @@ ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, const extern void ssl_save_session(SslDecryptSession* ssl, GHashTable *session_hash); -#ifdef HAVE_LIBGCRYPT extern void ssl_finalize_decryption(SslDecryptSession *ssl, ssl_master_key_map_t *mk_map); @@ -635,23 +631,6 @@ tls13_change_key(SslDecryptSession *ssl, ssl_master_key_map_t *mk_map, extern void tls13_key_update(SslDecryptSession *ssl, gboolean is_from_server); -#else /* ! HAVE_LIBGCRYPT */ -static inline void -ssl_finalize_decryption(SslDecryptSession *ssl _U_, ssl_master_key_map_t *mk_map _U_) -{ -} - -static inline void -tls13_change_key(SslDecryptSession *ssl _U_, ssl_master_key_map_t *mk_map _U_, - gboolean is_from_server _U_, TLSRecordType type _U_) -{ -} - -static inline void -tls13_key_update(SslDecryptSession *ssl _U_, gboolean is_from_server _U_) -{ -} -#endif /* ! HAVE_LIBGCRYPT */ extern gboolean ssl_is_valid_content_type(guint8 type); diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index 3290556f86..679462908e 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -332,9 +332,7 @@ static ssl_common_options_t ssl_options = { NULL, NULL}; /* List of dissectors to call for SSL data */ static heur_dissector_list_t ssl_heur_subdissector_list; -#ifdef HAVE_LIBGCRYPT static const gchar *ssl_debug_file_name = NULL; -#endif /* Forward declaration we need below */ @@ -427,7 +425,7 @@ ssl_parse_uat(void) ssl_debug_flush(); } -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) static void ssl_reset_uat(void) { @@ -3703,7 +3701,7 @@ ssl_looks_like_valid_pct_handshake(tvbuff_t *tvb, const guint32 offset, /* UAT */ -#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) +#if defined(HAVE_LIBGNUTLS) static void ssldecrypt_free_cb(void *r) { @@ -4255,7 +4253,6 @@ proto_register_ssl(void) { module_t *ssl_module = prefs_register_protocol(proto_ssl, proto_reg_handoff_ssl); -#ifdef HAVE_LIBGCRYPT #ifdef HAVE_LIBGNUTLS static uat_field_t sslkeylist_uats_flds[] = { UAT_FLD_CSTRING_OTHER(sslkeylist_uats, ipaddr, "IP address", ssldecrypt_uat_fld_ip_chk_cb, "IPv4 or IPv6 address"), @@ -4296,7 +4293,6 @@ proto_register_ssl(void) "Semicolon-separated list of private RSA keys used for SSL decryption. " "Used by versions of Wireshark prior to 1.6", &ssl_keys_list); -#endif /* HAVE_LIBGCRYPT */ prefs_register_bool_preference(ssl_module, "desegment_ssl_records", diff --git a/epan/dissectors/packet-zbee-security.c b/epan/dissectors/packet-zbee-security.c index 76bb364bc4..905f0edbb8 100644 --- a/epan/dissectors/packet-zbee-security.c +++ b/epan/dissectors/packet-zbee-security.c @@ -45,12 +45,10 @@ #include "packet-zbee-security.h" /* Helper Functions */ -#ifdef HAVE_LIBGCRYPT static void zbee_sec_key_hash(guint8 *, guint8, guint8 *); static void zbee_sec_make_nonce (zbee_security_packet *, guint8 *); static gboolean zbee_sec_decrypt_payload(zbee_security_packet *, const gchar *, const gchar, guint8 *, guint, guint, guint8 *); -#endif static gboolean zbee_security_parse_key(const gchar *, guint8 *, gboolean); /* Field pointers. */ @@ -449,7 +447,6 @@ dissect_zbee_secure(tvbuff_t *tvb, packet_info *pinfo, proto_tree* tree, guint o gint payload_len; tvbuff_t *payload_tvb; -#ifdef HAVE_LIBGCRYPT proto_item *ti; proto_item *key_item; guint8 *enc_buffer; @@ -458,7 +455,6 @@ dissect_zbee_secure(tvbuff_t *tvb, packet_info *pinfo, proto_tree* tree, guint o GSList **nwk_keyring; GSList *GSList_i; key_record_t *key_rec = NULL; -#endif zbee_nwk_hints_t *nwk_hints; ieee802154_hints_t *ieee_hints; ieee802154_map_rec *map_rec = NULL; @@ -495,7 +491,6 @@ dissect_zbee_secure(tvbuff_t *tvb, packet_info *pinfo, proto_tree* tree, guint o * so we can fix these 3 bits. Memory allocated by tvb_memdup(wmem_packet_scope(),...) * is automatically freed before the next packet is processed. */ -#ifdef HAVE_LIBGCRYPT enc_buffer = (guint8 *)tvb_memdup(wmem_packet_scope(), tvb, 0, tvb_captured_length(tvb)); /* * Override the const qualifiers and patch the security level field, we @@ -503,7 +498,6 @@ dissect_zbee_secure(tvbuff_t *tvb, packet_info *pinfo, proto_tree* tree, guint o * allocated this memory via tvb_memdup(wmem_packet_scope(),...). */ enc_buffer[offset] = packet.control; -#endif /* HAVE_LIBGCRYPT */ packet.level = zbee_get_bit_field(packet.control, ZBEE_SEC_CONTROL_LEVEL); packet.key_id = zbee_get_bit_field(packet.control, ZBEE_SEC_CONTROL_KEY); packet.nonce = zbee_get_bit_field(packet.control, ZBEE_SEC_CONTROL_NONCE); @@ -627,7 +621,6 @@ dissect_zbee_secure(tvbuff_t *tvb, packet_info *pinfo, proto_tree* tree, guint o return tvb_new_subset_length(tvb, offset, payload_len); } -#ifdef HAVE_LIBGCRYPT /* Have we captured all the payload? */ if (tvb_captured_length_remaining(tvb, offset+mic_len) < payload_len) { /* @@ -754,7 +747,6 @@ dissect_zbee_secure(tvbuff_t *tvb, packet_info *pinfo, proto_tree* tree, guint o /* Done! */ return payload_tvb; } -#endif /* HAVE_LIBGCRYPT */ /* Add expert info. */ expert_add_info(pinfo, sec_tree, &ei_zbee_sec_encrypted_payload); @@ -766,7 +758,6 @@ dissect_zbee_secure(tvbuff_t *tvb, packet_info *pinfo, proto_tree* tree, guint o return NULL; } /* dissect_zbee_secure */ -#ifdef HAVE_LIBGCRYPT /*FUNCTION:------------------------------------------------------ * NAME * zbee_sec_decrypt_payload @@ -863,9 +854,7 @@ zbee_sec_make_nonce(zbee_security_packet *packet, guint8 *nonce) /* Next byte is the security control field. */ *(nonce) = packet->control; } /* zbee_sec_make_nonce */ -#endif -#ifdef HAVE_LIBGCRYPT /*FUNCTION:------------------------------------------------------ * NAME * zbee_sec_ccm_decrypt @@ -1235,21 +1224,6 @@ zbee_sec_key_hash(guint8 *key, guint8 input, guint8 *hash_out) /* Hash the contents of hash_in to get the final result. */ zbee_sec_hash(hash_in, 2*ZBEE_SEC_CONST_BLOCKSIZE, hash_out); } /* zbee_sec_key_hash */ -#else /* HAVE_LIBGCRYPT */ -gboolean -zbee_sec_ccm_decrypt(const gchar *key _U_, /* Input */ - const gchar *nonce _U_, /* Input */ - const gchar *a _U_, /* Input */ - const gchar *c _U_, /* Input */ - gchar *m _U_, /* Output */ - guint l_a _U_, /* sizeof(a) */ - guint l_m _U_, /* sizeof(m) */ - guint M _U_) /* sizeof(c) - sizeof(m) = sizeof(MIC) */ -{ - /* No libgcrypt, no decryption. */ - return FALSE; -} -#endif /* HAVE_LIBGCRYPT */ /* * Editor modelines - http://www.wireshark.org/tools/modelines.html |