Skip to content

Commit c2ef693

Browse files
guyharrisinfrastation
authored andcommitted
CVE-2017-12990/Fix printing of ISAKMPv1 Notification payload data.
The closest thing to a specification for the contents of the payload data is draft-ietf-ipsec-notifymsg-04, and nothing in there says that it is ever a complete ISAKMP message, so don't dissect types we don't have specific code for as a complete ISAKMP message. While we're at it, fix a comment, and clean up printing of V1 Nonce, V2 Authentication payloads, and v2 Notice payloads. This fixes an infinite loop discovered by Forcepoint's security researchers Otto Airamo & Antti Levomäki. Add a test using the capture file supplied by the reporter(s).
1 parent 50a44b6 commit c2ef693

File tree

4 files changed

+139
-52
lines changed

4 files changed

+139
-52
lines changed

Diff for: print-isakmp.c

+60-52
Original file line numberDiff line numberDiff line change
@@ -428,7 +428,7 @@ struct notify_messages {
428428
char *msg;
429429
};
430430

431-
/* 3.8 Notification Payload */
431+
/* 3.8 Authentication Payload */
432432
struct ikev2_auth {
433433
struct isakmp_gen h;
434434
uint8_t auth_method; /* Protocol-ID */
@@ -1590,15 +1590,20 @@ ikev1_nonce_print(netdissect_options *ndo, u_char tpay _U_,
15901590

15911591
ND_TCHECK(*ext);
15921592
UNALIGNED_MEMCPY(&e, ext, sizeof(e));
1593-
ND_PRINT((ndo," n len=%d", ntohs(e.len) - 4));
1594-
if (2 < ndo->ndo_vflag && 4 < ntohs(e.len)) {
1595-
ND_PRINT((ndo," "));
1596-
if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4))
1597-
goto trunc;
1598-
} else if (1 < ndo->ndo_vflag && 4 < ntohs(e.len)) {
1599-
ND_PRINT((ndo," "));
1600-
if (!ike_show_somedata(ndo, (const u_char *)(const uint8_t *)(ext + 1), ep))
1601-
goto trunc;
1593+
/*
1594+
* Our caller has ensured that the length is >= 4.
1595+
*/
1596+
ND_PRINT((ndo," n len=%u", ntohs(e.len) - 4));
1597+
if (ntohs(e.len) > 4) {
1598+
if (ndo->ndo_vflag > 2) {
1599+
ND_PRINT((ndo, " "));
1600+
if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4))
1601+
goto trunc;
1602+
} else if (ndo->ndo_vflag > 1) {
1603+
ND_PRINT((ndo, " "));
1604+
if (!ike_show_somedata(ndo, (const u_char *)(ext + 1), ep))
1605+
goto trunc;
1606+
}
16021607
}
16031608
return (const u_char *)ext + ntohs(e.len);
16041609
trunc:
@@ -1609,8 +1614,8 @@ ikev1_nonce_print(netdissect_options *ndo, u_char tpay _U_,
16091614
static const u_char *
16101615
ikev1_n_print(netdissect_options *ndo, u_char tpay _U_,
16111616
const struct isakmp_gen *ext, u_int item_len,
1612-
const u_char *ep, uint32_t phase, uint32_t doi0 _U_,
1613-
uint32_t proto0 _U_, int depth)
1617+
const u_char *ep, uint32_t phase _U_, uint32_t doi0 _U_,
1618+
uint32_t proto0 _U_, int depth _U_)
16141619
{
16151620
const struct ikev1_pl_n *p;
16161621
struct ikev1_pl_n n;
@@ -1712,35 +1717,41 @@ ikev1_n_print(netdissect_options *ndo, u_char tpay _U_,
17121717
ep2 = (const u_char *)p + item_len;
17131718

17141719
if (cp < ep) {
1715-
ND_PRINT((ndo," orig=("));
17161720
switch (ntohs(n.type)) {
17171721
case IPSECDOI_NTYPE_RESPONDER_LIFETIME:
17181722
{
17191723
const struct attrmap *map = oakley_t_map;
17201724
size_t nmap = sizeof(oakley_t_map)/sizeof(oakley_t_map[0]);
1725+
ND_PRINT((ndo," attrs=("));
17211726
while (cp < ep && cp < ep2) {
17221727
cp = ikev1_attrmap_print(ndo, cp,
17231728
(ep < ep2) ? ep : ep2, map, nmap);
17241729
}
1730+
ND_PRINT((ndo,")"));
17251731
break;
17261732
}
17271733
case IPSECDOI_NTYPE_REPLAY_STATUS:
1734+
ND_PRINT((ndo," status=("));
17281735
ND_PRINT((ndo,"replay detection %sabled",
17291736
EXTRACT_32BITS(cp) ? "en" : "dis"));
1730-
break;
1731-
case ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN:
1732-
if (ikev1_sub_print(ndo, ISAKMP_NPTYPE_SA,
1733-
(const struct isakmp_gen *)cp, ep, phase, doi, proto,
1734-
depth) == NULL)
1735-
return NULL;
1737+
ND_PRINT((ndo,")"));
17361738
break;
17371739
default:
1738-
/* NULL is dummy */
1739-
isakmp_print(ndo, cp,
1740-
item_len - sizeof(*p) - n.spi_size,
1741-
NULL);
1740+
/*
1741+
* XXX - fill in more types here; see, for example,
1742+
* draft-ietf-ipsec-notifymsg-04.
1743+
*/
1744+
if (ndo->ndo_vflag > 3) {
1745+
ND_PRINT((ndo," data=("));
1746+
if (!rawprint(ndo, (const uint8_t *)(cp), ep - cp))
1747+
goto trunc;
1748+
ND_PRINT((ndo,")"));
1749+
} else {
1750+
if (!ike_show_somedata(ndo, cp, ep))
1751+
goto trunc;
1752+
}
1753+
break;
17421754
}
1743-
ND_PRINT((ndo,")"));
17441755
}
17451756
return (const u_char *)ext + item_len;
17461757
trunc:
@@ -2264,16 +2275,21 @@ ikev2_auth_print(netdissect_options *ndo, u_char tpay,
22642275
ikev2_pay_print(ndo, NPSTR(tpay), a.h.critical);
22652276
len = ntohs(a.h.len);
22662277

2267-
ND_PRINT((ndo," len=%d method=%s", len-4,
2278+
/*
2279+
* Our caller has ensured that the length is >= 4.
2280+
*/
2281+
ND_PRINT((ndo," len=%u method=%s", len-4,
22682282
STR_OR_ID(a.auth_method, v2_auth)));
2269-
2270-
if (1 < ndo->ndo_vflag && 4 < len) {
2271-
ND_PRINT((ndo," authdata=("));
2272-
if (!rawprint(ndo, (const uint8_t *)authdata, len - sizeof(a)))
2273-
goto trunc;
2274-
ND_PRINT((ndo,") "));
2275-
} else if(ndo->ndo_vflag && 4 < len) {
2276-
if(!ike_show_somedata(ndo, authdata, ep)) goto trunc;
2283+
if (len > 4) {
2284+
if (ndo->ndo_vflag > 1) {
2285+
ND_PRINT((ndo, " authdata=("));
2286+
if (!rawprint(ndo, (const uint8_t *)authdata, len - sizeof(a)))
2287+
goto trunc;
2288+
ND_PRINT((ndo, ") "));
2289+
} else if (ndo->ndo_vflag) {
2290+
if (!ike_show_somedata(ndo, authdata, ep))
2291+
goto trunc;
2292+
}
22772293
}
22782294

22792295
return (const u_char *)ext + len;
@@ -2322,7 +2338,7 @@ ikev2_n_print(netdissect_options *ndo, u_char tpay _U_,
23222338
const struct ikev2_n *p;
23232339
struct ikev2_n n;
23242340
const u_char *cp;
2325-
u_char showspi, showdata, showsomedata;
2341+
u_char showspi, showsomedata;
23262342
const char *notify_name;
23272343
uint32_t type;
23282344

@@ -2332,7 +2348,6 @@ ikev2_n_print(netdissect_options *ndo, u_char tpay _U_,
23322348
ikev2_pay_print(ndo, NPSTR(ISAKMP_NPTYPE_N), n.h.critical);
23332349

23342350
showspi = 1;
2335-
showdata = 0;
23362351
showsomedata=0;
23372352
notify_name=NULL;
23382353

@@ -2446,7 +2461,6 @@ ikev2_n_print(netdissect_options *ndo, u_char tpay _U_,
24462461
notify_name = "cookie";
24472462
showspi = 1;
24482463
showsomedata= 1;
2449-
showdata= 0;
24502464
break;
24512465

24522466
case IV2_NOTIFY_USE_TRANSPORT_MODE:
@@ -2499,19 +2513,17 @@ ikev2_n_print(netdissect_options *ndo, u_char tpay _U_,
24992513

25002514
cp = (const u_char *)(p + 1) + n.spi_size;
25012515

2502-
if(3 < ndo->ndo_vflag) {
2503-
showdata = 1;
2504-
}
2505-
2506-
if ((showdata || (showsomedata && ep-cp < 30)) && cp < ep) {
2507-
ND_PRINT((ndo," data=("));
2508-
if (!rawprint(ndo, (const uint8_t *)(cp), ep - cp))
2509-
goto trunc;
2510-
2511-
ND_PRINT((ndo,")"));
2516+
if (cp < ep) {
2517+
if (ndo->ndo_vflag > 3 || (showsomedata && ep-cp < 30)) {
2518+
ND_PRINT((ndo," data=("));
2519+
if (!rawprint(ndo, (const uint8_t *)(cp), ep - cp))
2520+
goto trunc;
25122521

2513-
} else if(showsomedata && cp < ep) {
2514-
if(!ike_show_somedata(ndo, cp, ep)) goto trunc;
2522+
ND_PRINT((ndo,")"));
2523+
} else if (showsomedata) {
2524+
if (!ike_show_somedata(ndo, cp, ep))
2525+
goto trunc;
2526+
}
25152527
}
25162528

25172529
return (const u_char *)ext + item_len;
@@ -3091,7 +3103,3 @@ isakmp_rfc3948_print(netdissect_options *ndo,
30913103
* c-basic-offset: 8
30923104
* End:
30933105
*/
3094-
3095-
3096-
3097-

Diff for: tests/TESTLIST

+1
Original file line numberDiff line numberDiff line change
@@ -465,6 +465,7 @@ tok2str-oobr-2 tok2str-oobr-2.pcap tok2str-oobr-2.out -vvv -e
465465
eigrp-tlv-oobr eigrp-tlv-oobr.pcap eigrp-tlv-oobr.out -vvv -e
466466
zephyr-oobr zephyr-oobr.pcap zephyr-oobr.out -vvv -e
467467
bgp-as-path-oobr bgp-as-path-oobr.pcap bgp-as-path-oobr.out -vvv -e
468+
isakmp-no-none-np isakmp-no-none-np.pcap isakmp-no-none-np.out -vvv -e
468469

469470
# RTP tests
470471
# fuzzed pcap

Diff for: tests/isakmp-no-none-np.out

+78
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
00:0c:29:86:c8:36 > 00:1a:4b:6a:ce:fe, ethertype IPv4 (0x0800), length 2228: (tos 0x0, ttl 128, id 28793, offset 0, flags [none], proto UDP (17), length 2214)
2+
192.168.1.25.500 > 192.168.1.10.500: [udp sum ok] isakmp 1.0 msgid 5f724dc6 cookie 0000000000000000->0000000000000000: phase 2/others ? inf:
3+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
4+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
5+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
6+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
7+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
8+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
9+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
10+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
11+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
12+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
13+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
14+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
15+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
16+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
17+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
18+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
19+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
20+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
21+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
22+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
23+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
24+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
25+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
26+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
27+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
28+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
29+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
30+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
31+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
32+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
33+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
34+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
35+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
36+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
37+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
38+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
39+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
40+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
41+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
42+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
43+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
44+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
45+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
46+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
47+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
48+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
49+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
50+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
51+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
52+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
53+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
54+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
55+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
56+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
57+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
58+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
59+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
60+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
61+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
62+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
63+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
64+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
65+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
66+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
67+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
68+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
69+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
70+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
71+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
72+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
73+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
74+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
75+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
76+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
77+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=000000000b1005005f724dc600000054 data=(0b00001c000000010110...0100000700000000000000000000000000000000))
78+
(n: doi=ipsec proto=isakmp type=INVALID-MAJOR-VERSION spi=0000000000000000000000000010ba00 data=(00ff1d00020082001101...0100000700000000000000000000000000000000)) [|n] (len mismatch: isakmp 84/ip 2186)

Diff for: tests/isakmp-no-none-np.pcap

2.29 KB
Binary file not shown.

0 commit comments

Comments
 (0)