Wireshark-bugs: [Wireshark-bugs] [Bug 3112] CDP Checksum Calculation Incorrect

Date: Mon, 5 Jan 2009 11:37:23 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3112





--- Comment #22 from Greg Neujahr <wireshark@xxxxxxxxxxxxxxxxxxxxx>  2009-01-05 11:37:21 PDT ---
(In reply to comment #21)

Thanks! The latest stable wireshark is indeed calculating checksums
incorrectly. There is a patch attached to the source here that fixes the
calculations when run against CDP from a cisco router, but the 2950 switch
seems to be doing some odd things. 

The interesting thing to note here, is that the router accepts all of the
switch's CDP packets regardless of length, even though both wireshark stable
and wireshark with patch are claiming they are incorrect. I'm building a
program right now that uses winpcap to send out some CDP packets so that I can
manipulate the checksum before sending them out in an effort to see what is and
isn't accepted. I get the distinctly funny feeling that switches prime the
checksum with -1 (0xFFFF) and the routers use 0, and that both of these
calculations are considered valid by both devices. Not sure how I'm going to go
about confirming this, but I'm going to try and run a few different checksum
calculations over a generic CDP packet and see what the switch and router do.

Hope to have this tool fixed up by the end of the day.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.