Update tcpdump to 4.1.1.vendor/tcpdump/4.1.1

Changes:

Thu.    April 1, 2010.  guy@alum.mit.edu.
  Summary for 4.1.1 tcpdump release
        Fix build on systems with PF, such as FreeBSD and OpenBSD.
        Don't blow up if a zero-length link-layer address is passed to
          linkaddr_string().

Thu.    March 11, 2010.  ken@netfunctional.ca/guy@alum.mit.edu.
  Summary for 4.1.0 tcpdump release
        Fix printing of MAC addresses for VLAN frames with a length
          field
        Add some additional bounds checks and use the EXTRACT_ macros
          more
        Add a -b flag to print the AS number in BGP packets in ASDOT
          notation rather than ASPLAIN notation
        Add ICMPv6 RFC 5006 support
        Decode the access flags in NFS access requests
        Handle the new DLT_ for memory-mapped USB captures on Linux
        Make the default snapshot (-s) the maximum
        Print name of device (when -L is used)
        Support for OpenSolaris (and SXCE build 125 and later)
        Print new TCP flags
        Add support for RPL DIO
        Add support for TCP User Timeout (UTO)
        Add support for non-standard Ethertypes used by 3com PPPoE gear
        Add support for 802.11n and 802.11s
        Add support for Transparent Ethernet Bridge ethertype in GRE
        Add 4 byte AS support for BGP printer
        Add support for the MDT SAFI 66 BG printer
        Add basic IPv6 support to print-olsr
        Add USB printer
        Add printer for ForCES
        Handle frames with an FCS
        Handle 802.11n Control Wrapper, Block Acq Req and Block Ack frames
        Fix TCP sequence number printing
        Report 802.2 packets as 802.2 instead of 802.3
        Don't include -L/usr/lib in LDFLAGS
        On x86_64 Linux, look in lib64 directory too
        Lots of code clean ups
        Autoconf clean ups
        Update testcases to make output changes
        Fix compiling with/out smi (--with{,out}-smi)
        Fix compiling without IPv6 support (--disable-ipv6)

1 files changed, 30 insertions, 10 deletions

diff --git a/print-isoclns.c b/print-isoclns.c
index 4f8c347b8113..ea58d8a3d098 100644
--- a/print-isoclns.c
+++ b/print-isoclns.c
@@ -26,7 +26,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-isoclns.c,v 1.163 2007-03-02 09:16:19 hannes Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/print-isoclns.c,v 1.165 2008-08-16 13:38:15 hannes Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -46,6 +46,7 @@ static const char rcsid[] _U_ =
 #include "extract.h"
 #include "gmpls.h"
 #include "oui.h"
+#include "signature.h"
 
 /*
  * IS-IS is defined in ISO 10589.  Look there for protocol definitions.
@@ -1764,7 +1765,7 @@ static int isis_print (const u_int8_t *p, u_int length)
 
     const struct isis_iih_lan_header *header_iih_lan;
     const struct isis_iih_ptp_header *header_iih_ptp;
-    const struct isis_lsp_header *header_lsp;
+    struct isis_lsp_header *header_lsp;
     const struct isis_csnp_header *header_csnp;
     const struct isis_psnp_header *header_psnp;
 
@@ -1778,16 +1779,18 @@ static int isis_print (const u_int8_t *p, u_int length)
     const u_int8_t *optr, *pptr, *tptr;
     u_short packet_len,pdu_len;
     u_int i,vendor_id;
+    int sigcheck;
 
     packet_len=length;
     optr = p; /* initialize the _o_riginal pointer to the packet start -
-                 need it for parsing the checksum TLV */
+                 need it for parsing the checksum TLV and authentication
+                 TLV verification */
     isis_header = (const struct isis_common_header *)p;
     TCHECK(*isis_header);
     pptr = p+(ISIS_COMMON_HEADER_SIZE);
     header_iih_lan = (const struct isis_iih_lan_header *)pptr;
     header_iih_ptp = (const struct isis_iih_ptp_header *)pptr;
-    header_lsp = (const struct isis_lsp_header *)pptr;
+    header_lsp = (struct isis_lsp_header *)pptr;
     header_csnp = (const struct isis_csnp_header *)pptr;
     header_psnp = (const struct isis_psnp_header *)pptr;
 
@@ -2013,6 +2016,15 @@ static int isis_print (const u_int8_t *p, u_int length)
         osi_print_cksum((u_int8_t *)header_lsp->lsp_id,
                         EXTRACT_16BITS(header_lsp->checksum), 12, length-12);
 
+        /*
+         * Clear checksum and lifetime prior to signature verification.
+         */
+        header_lsp->checksum[0] = 0;
+        header_lsp->checksum[1] = 0;
+        header_lsp->remaining_lifetime[0] = 0;
+        header_lsp->remaining_lifetime[1] = 0;
+        
+
 	printf(", PDU length: %u, Flags: [ %s",
                pdu_len,
                ISIS_MASK_LSP_OL_BIT(header_lsp->typeblock) ? "Overload bit set, " : "");
@@ -2188,13 +2200,12 @@ static int isis_print (const u_int8_t *p, u_int length)
 	    break;
 
         case ISIS_TLV_MT_IS_REACH:
+            mt_len = isis_print_mtid(tptr, "\n\t      ");
+            if (mt_len == 0) /* did something go wrong ? */
+                goto trunctlv;
+            tptr+=mt_len;
+            tmp-=mt_len;
             while (tmp >= 2+NODE_ID_LEN+3+1) {
-                mt_len = isis_print_mtid(tptr, "\n\t      ");
-                if (mt_len == 0) /* did something go wrong ? */
-                    goto trunctlv;
-                tptr+=mt_len;
-                tmp-=mt_len;
-
                 ext_is_len = isis_print_ext_is_reach(tptr,"\n\t      ",tlv_type);
                 if (ext_is_len == 0) /* did something go wrong ? */
                     goto trunctlv;
@@ -2355,6 +2366,15 @@ static int isis_print (const u_int8_t *p, u_int length)
 		}
 		if (tlv_len != ISIS_SUBTLV_AUTH_MD5_LEN+1)
                     printf(", (malformed subTLV) ");
+
+#ifdef HAVE_LIBCRYPTO
+                sigcheck = signature_verify(optr, length,
+                                            (unsigned char *)tptr + 1);
+#else
+                sigcheck = CANT_CHECK_SIGNATURE;
+#endif
+                printf(" (%s)", tok2str(signature_check_values, "Unknown", sigcheck));
+
 		break;
 	    case ISIS_SUBTLV_AUTH_PRIVATE:
 	    default: