SPECIFICATION
For outgoing messages, the MD5 protocol calculates a 16 byte checksum
and pushes it onto the front of the message. For incoming messages,
a 16 byte checksum is popped from the front of the message, and
compared against the computed checksum of the rest of the message.
No special action is taken when the compare fails; the shortened
message is passed on as usual to the next higher protocol.
If tracing is enabled, a message is printed when the compare fails.
There is an option to use an implicit prefix at the front of each
packet when computing the checksum; separate prefixes may be used
for incoming and outgoing packets.
The checksum algorithm is Ron Rivest's MD5 algorithm. It is believed to have various good cryptographic qualities.
REALM
MD5 is in the ASYNC realm.
PARTICIPANTS
MD5 passes participants to the lower protocols without manipulating them.
CONTROL OPERATIONS
MD5 recognizes the following control operations; all others are passed
unchanged to the lower protocol or session.
GETMAXPACKET and GETOPTPACKET: The packet size returned by the lower protocol/session is diminished by 16 bytes and passed on.
IP_PSEUDOHDR: This control operation turns on the IP pseudoheader
length-fixup flag, either for a session or the entire protocol.
The control operation is also passed to the lower session or protocol.
See IP (page 
) for an explanation of this kludge.
The PREFIX control operations apply only to sessions, not the protocol.
HASH_SETLOCALPREFIXsets the implicit prefix used in computing the checksum for each outgoing packet. The prefix may be reset as desired, or turned off by setting a prefix of length 0.
HASH_SETREMOTEPREFIXsets the implicit prefix for incoming packets.
HASH_SETPREFIXsets the implicit prefix for both directions.
CONFIGURATION
MD5 expects to be configured on top of a transport protocol that
preserves packet boundaries (i.e. MD5 will not work on top of TCP).
Example of a graph.comp file:
--------------------------------- @; name=simeth/0; name=eth protocols=simeth/0; name=arp protocols=eth; name=vnet protocols=eth,arp; name=ip protocols=vnet; name=md5 protocols=ip; name=udp protocols=md5; name=udptest protocols=udp; @; prottbl = ../../../etc/prottbl.nonstd; ---------------------------------
AUTHOR
Richard Schroeppel