Problem providing ExtendedKeyUsage information to CSR during generation in golang - go

I've stumbled upon a strange problem.
I'm writing a small golang tool, which generates a CSR based on some user-provided input. I'm mostly successful at achieving my goal, but have a problem with ExtendedKeyUsage. Simply put it does not work.
A bit of code with asn1 marshalling of x509 fields:
var oidEmailAddress = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 1}
var OidExtensionKeyUsage = asn1.ObjectIdentifier{2, 5, 29, 15}
var OidExtensionExtendedKeyUsage = asn1.ObjectIdentifier{2, 5, 29, 37}
asn1KeyUsageDigSig, err := asn1.Marshal(asn1.BitString{
Bytes: []byte{byte(x509.KeyUsageDigitalSignature)},
BitLength: 8,
})
asn1KeyUsageDatEnc, err := asn1.Marshal(asn1.BitString{
Bytes: []byte{byte(x509.KeyUsageDataEncipherment)},
BitLength: 8,
})
asn1KeyUsageCAuth, err := asn1.Marshal(asn1.BitString{
Bytes: []byte{byte(x509.ExtKeyUsageClientAuth)},
BitLength: 8,
})
if err != nil {
Error.Fatalf("Can't serialize Extended Key Usage %s", err)
}
Then I create a template and successful at generating and saving a CSR, well almost:
template := x509.CertificateRequest{
RawSubject: asn1Subj,
EmailAddresses: []string{emailAddress},
SignatureAlgorithm: _sigAlg,
ExtraExtensions: []pkix.Extension{
{
Id: OidExtensionExtendedKeyUsage,
Value: asn1KeyUsageCAuth,
},
{
Id: OidExtensionKeyUsage,
Critical: true,
Value: asn1KeyUsageDatEnc,
},
{
Id: OidExtensionKeyUsage,
Critical: true,
Value: asn1KeyUsageDigSig,
},
},
}
csrBytes, _ := x509.CreateCertificateRequest(rand.Reader, &template, privateKey)
And here is an openssl req -in MY_OUTPUT.csr -text -noout
******
ASN1 OID: prime256v1
NIST CURVE: P-256
Attributes:
Requested Extensions:
X509v3 Subject Alternative Name:
email:someone#somewhere.com
X509v3 Extended Key Usage:
....
X509v3 Key Usage: critical
Key Agreement
X509v3 Key Usage: critical
Encipher Only
Signature Algorithm: ecdsa-with-SHA256
******
My ExtendedKeyUsage is empty, while it should be ClientAuthentication. What am I doing wrong?
I'm expecting to see:
X509v3 Extended Key Usage: ClientAuthentication
I'm seeing empty field. I tried using different set of bytes from another oid, but still nothing. It is as if ExtendedKeyUsage field doesn't allow anything to be written (while it should)
If it is imported:
go ver: go1.19.3 darwin/amd64

I think the problem is when you print the data. The key/value is actually present in the data.
From the code:
var OidExtensionExtendedKeyUsage = asn1.ObjectIdentifier{2, 5, 29, 37}
asn1KeyUsageCAuth, err := asn1.Marshal(asn1.BitString{
Bytes: []byte{byte(x509.ExtKeyUsageClientAuth)},
BitLength: 8,
})
ExtraExtensions: []pkix.Extension{
{
Id: OidExtensionExtendedKeyUsage,
//Critical: true,
Value: asn1KeyUsageCAuth,
//Value: {2, 5, 29, 15},
},
OidExtensionExtendedKeyUsage is ASN.1 OID 2.5.29.37 and will be '55 1D 25' when encoded with a DER encoder
You can encode it online to see what binary it will produce (e.g. https://misc.daniel-marschall.de/asn.1/oid-converter/online.php)
asn1KeyUsageCAuth value is 2 (constant defined in x509.go) and will be '00 02' when encoded as ASN.1 BIT STRING with a DER encoder (first 00 is the number of padding bits (none), 02 is the value 2)
Now take the Base64 value of your Certificate Request and decode it with an ASN.1 DER Decoder (for example: https://asn1.io/asn1playground)
MIIBtzCCAV0CAQAwgZwxCzAJBgNVBAYTAkFVMQ8wDQYDVQQIEwZTeWRuZXkxDzAN
BgNVBAcTBlN5ZG5leTETMBEGA1UEChMKc210aENsaWVudDELMAkGA1UECxMCSVQx
JTAjBgNVBAMTHHNtdGgtQ2xpZW50LVk4cDg1bk1pSVNzMGlIZ0ExIjAgBgkqhkiG
9w0BCQEME3NtdGhjbGllbnRAc210aC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMB
BwNCAAR4rIgUOxSyXdaML9F9e2gRjuMUK8Q0jiloTb2kAdmbz1RoCEdsZUUxKQcr
0Vud2aW3VIDph1ar4hkqWkM43hxqoF4wXAYJKoZIhvcNAQkOMU8wTTAeBgNVHREE
FzAVgRNzbXRoY2xpZW50QHNtdGguY29tMAsGA1UdJQQEAwIAAjAOBgNVHQ8BAf8E
BAMCAAgwDgYDVR0PAQH/BAQDAgABMAoGCCqGSM49BAMCA0gAMEUCIQDTBj+0Atjy
F1GY8AM2Mv7/X3tsEbmMVdszKw8l6rVsEQIgMiH8CO9nkP0aXdMgp9x4kVjJZK9X
rW3ROydT89D73OA=
Try the full power of OSS' ASN-1Step by downloading a free trial
OSS Nokalva TLV Print Utility Version 8.6.1
Copyright (C) 1997-2022 OSS Nokalva, Inc. All rights reserved.
30 8201B7(439)
30 82015D(349)
02 01 00
30 819C(156)
31 0B
30 09
06 03 550406
13 02 4155
31 0F
30 0D
06 03 550408
13 06 5379646E6579
31 0F
30 0D
06 03 550407
13 06 5379646E6579
31 13
30 11
06 03 55040A
13 0A 736D7468436C69656E74
31 0B
30 09
06 03 55040B
13 02 4954
31 25
30 23
06 03 550403
13 1C 736D74682D436C69656E742D59387038356E4D694953733069486741
31 22
30 20
06 09 2A864886F70D010901
0C 13 736D7468636C69656E7440736D74682E636F6D
30 59
30 13
06 07 2A8648CE3D0201
06 08 2A8648CE3D030107
03 42 000478AC88143B14B25DD68C2FD17D7B68118EE3142BC4348E29684DBDA401D9...
A0 5E
30 5C
06 09 2A864886F70D01090E
31 4F
30 4D
30 1E
06 03 551D11
04 17 30158113736D7468636C69656E7440736D74682E636F6D
30 0B -- HERE IT IS!
06 03 551D25
04 04 03020002
30 0E
06 03 551D0F
01 01 FF
04 04 03020008
30 0E
06 03 551D0F
01 01 FF
04 04 03020001
30 0A
06 08 2A8648CE3D040302
03 48 003045022100D3063FB402D8F2175198F0033632FEFF5F7B6C11B98C55DB332B0F25...
Results
To get more details, please provide/compile a schema for your data.
Scroll down the output above until you find HERE IT IS!
Your key/value is:
30 0B -- a SEQUENCE of 11 bytes
06 03 551D25 -- an item of 3 bytes (551D25 ... OidExtensionExtendedKeyUsage)
04 04 03020002 -- an item of 4 bytes (03 02 0002 ... an item of 2 bytes 0002 ... asn1KeyUsageCAuth)
I would have loved to decode the CSR againt the ASN.1 specification ... but I could not find it :(

Related

(HANDSHAKE_FAILURE): Received fatal alert: handshake_failure

I am getting ssl handshake exception after "Produced client Finished handshake message" Step in my java spring boot application (openjdk version "11.0.12").
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://server/api/": Received fatal alert: handshake_failure; nested exception is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
Can someone help? I referred multiple articles in stackoverflow and tried all the steps. I am not sure if I missed any step?
I am writing a java spring boot application to test 2 way SSL connection. I have done the below steps
Followed the below article and then created the application using RestTemplate in the same way like https://www.aurigait.com/blog/how-to-implement-2-way-ssl-using-spring-boot/ (I didnt create self signed certificate instead, I use the one which was created for our project)
I have the JKS file of my client application. Added the server public certificate as trust source to the client JKS file. I added the root CA also as trust source.
Provided the below settings in the IntelliJ Run -> Edit Configurations -> VM Options
-Djavax.net.debug=all
-Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1 (Tried without this line also)
-Djavax.net.ssl.trustStore=C:\certificate\keystore.jks
-Djavax.net.ssl.trustStorePassword=pass
-Djavax.net.ssl.trustStore=C:\certificate\keystore.jks
-Djavax.net.ssl.trustStorePassword=pass
server added the client public certificate as well as trust source.
error:
)
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.190 UTC|Finished.java:398|Produced client Finished handshake message (
"Finished": {
"verify data": {
0000: AA 4E 76 43 21 C8 E4 D5 4A 5F B6 4F
}'}
)
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.190 UTC|SSLSocketOutputRecord.java:241|WRITE: TLS12 handshake, length = 24
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.206 UTC|SSLCipher.java:1743|Plaintext before ENCRYPTION (
0000: 14 00 00 0C AA 4E 68 43 84 C8 E4 D5 4A 5F B6 4F .....NhC....J_.O
)
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.206 UTC|SSLSocketOutputRecord.java:255|Raw write (
0000: 16 03 03 00 34 00 00 00 00 00 00 00 00 DE 91 8F ....(...........
0010: 18 3B DC D0 84 2C 39 35 B0 3C C3 7E 9E 1C BF 27 .;...,95.<.....'
0020: 10 23 E3 D0 D0 32 B8 D1 D2 5C C4 DA CC .#.......\...
)
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.206 UTC|SSLSocketInputRecord.java:488|Raw read (
0000: 15 03 03 00 02 .....
)
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.206 UTC|SSLSocketInputRecord.java:214|READ: TLSv1.2 alert, length = 2
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.206 UTC|SSLSocketInputRecord.java:488|Raw read (
0000: 02 28 .(
)
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.206 UTC|SSLSocketInputRecord.java:247|READ: TLSv1.2 alert, length = 2
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 10:30:01.206 UTC|Alert.java:238|Received alert message (
"Alert": {
"level" : "fatal",
"description": "handshake_failure"
}
)
javax.net.ssl|ERROR|16|scheduling-1|2022-08-26 10:30:01.206 UTC|TransportContext.java:341|Fatal (HANDSHAKE_FAILURE): Received fatal alert: handshake_failure (
"throwable" : {
.
.
.
javax.net.ssl|ALL|16|scheduling-1|2022-08-26 09:42:15.234 UTC|SSLSessionImpl.java:784|Invalidated session: Session(1661506935062|SSL_NULL_WITH_NULL_NULL)
javax.net.ssl|ALL|16|scheduling-1|2022-08-26 09:42:15.234 UTC|SSLSessionImpl.java:784|Invalidated session: Session(1661506935124|TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 09:42:15.234 UTC|SSLSocketImpl.java:1656|close the underlying socket
javax.net.ssl|DEBUG|16|scheduling-1|2022-08-26 09:42:15.234 UTC|SSLSocketImpl.java:1675|close the SSL connection (initiative)
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://server/api/": Received fatal alert: handshake_failure; nested exception is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
The root cause for this issue is the certificate (JKS) which I passed didn't have the certificate chain (Issuer details). So the SSL handshake failed after the "Produced client Finished handshake message". I took another JKS which has the entire chain and I added the server certificate as trust source. SSL handshake and the HTTPS call is working as expected.

Why Encode a string in Base64 (based on the Microsoft Crypto API) using PowerBuilder produce a result differ than Convert.ToBase64String() in .Net?

I have a text contains a hexadecimal bytes as follows:
01 1b 42 61 6b 68 73 68 5f 48 6f 73 70 69 74 61 6c 5f 41 6c 2d 53 68 61 72 61 66 69 61 02 0f 33 30 30 31 37 34 37 36 39 35 31 30 30 30 33 03 10 30 32 2f 30 31 2f 31 37 5f 30 35 3a 31 32 5f 50 04 05 31 34 2e 30 30 05 01 30
, when I am encrypting it to BASE64 using the of_encode64() function in powerbuilder winsock user object, I got the below result:
MDExQjQyNjE2QjY4NzM2ODVGNDg2RjczNzA2OTc0NjE2QzVGNDE2QzJENTM2ODYx
NzI2MTY2Njk2MTAyMEYzMzMwMzAzMTM3MzQzNzM2MzkzNTMxMzAzMDMwMzMwMzEw
MzAzMjJGMzAzMTJGMzEzNzVGMzAzNTNBMzEzMjVGNTAwNDA1MzEzNDJFMzAzMDA1
MDEzMA==
, but when my friend encodes it using the Convert.ToBase64String() in Dot Net, he got a totally different result as below:
ARtCYWtoc2hfSG9zcGl0YWxfQWwtU2hhcmFmaWECDzMwMDE3NDc2OTUxMDAwMwMQMDIvMDEvMTdfMDU6MTJfUAQFMTQuMDAFATA=
, I played with all possible parameters: CRYPT_STRING_BASE64HEADER, CRYPT_STRING_BASE64REQUESTHEADER, CRYPT_STRING_BASE64X509CRLHEADER but not help!
The of_encode64() function code as below:
[local function declaration]
Function boolean CryptBinaryToString ( &
Blob pbBinary, &
ulong cbBinary, &
ulong dwFlags, &
Ref string pszString, &
Ref ulong pcchString &
) Library "crypt32.dll" Alias For "CryptBinaryToStringW"
[instance variables]
// Base64, with certificate beginning and ending headers
CONSTANT Ulong CRYPT_STRING_BASE64HEADER = 0
// Base64, without headers
CONSTANT Ulong CRYPT_STRING_BASE64 = 1
// Base64, with request beginning and ending headers
CONSTANT Ulong CRYPT_STRING_BASE64REQUESTHEADER = 3
// Base64, with X.509 CRL beginning and ending headers
CONSTANT Ulong CRYPT_STRING_BASE64X509CRLHEADER = 9
Encode a String to Base64:
// -----------------------------------------------------------------------------
// SCRIPT: n_winsock.of_Encode64
//
// PURPOSE: This function converts binary data to a Base64 encoded string.
//
// Note: Requires Windows XP or Server 2003
//
// ARGUMENTS: ablob_data - Blob containing data
//
// RETURN: String containing encoded data
//
// DATE PROG/ID DESCRIPTION OF CHANGE / REASON
// ---------- -------- -----------------------------------------------------
// 08/20/2010 RolandS Initial coding
// 09/27/2010 RolandS Changed to remove trailing CRLF characters
// 03/17/2012 RolandS Changed argument to read-only
// -----------------------------------------------------------------------------
String ls_encoded
ULong lul_len, lul_buflen
Boolean lb_rtn
lul_len = Len(ablob_data)
lul_buflen = lul_len * 3
//lul_buflen = lul_len * 2
ls_encoded = Space(lul_buflen)
lb_rtn = CryptBinaryToString(ablob_data, lul_len, &
CRYPT_STRING_BASE64, ls_encoded, lul_buflen)
If lb_rtn Then
ls_encoded = Left(ls_encoded, lul_buflen - 2)
Else
SetNull(ls_encoded)
End If
Return ls_encoded
I am calling it using this code: Where as_data is the Hexadecimal Bytes String above
Return of_Encode64(Blob(as_data, EncodingAnsi!))
The full code for Encode/decode a string in Base64 in PowerBuilder using the winsock user object in this below URL:
https://www.rgagnon.com/pbdetails/pb-0258.html
Thank you in advance. Keep Safe.

"go build -buildmode=c-shared" compiled dll, how to hide the exported goruntime function?

Use dumpbin view export functions, I found a lot of goruntime functions export, hoping to hide them.
example:
// file hello.go
package main
// //Needed for build
import "C"
import (
"fmt"
)
//export SayHello
func SayHello(name string) {
fmt.Printf("func in Golang SayHello says: Hello, %s!\n", name)
}
//export SayHelloByte
func SayHelloByte(name []byte) {
fmt.Printf("func in Golang SayHelloByte says: Hello, %s!\n", string(name))
}
//export SayBye
func SayBye() {
fmt.Println("func in Golang SayBye says: Bye!")
}
func main() {
// We need the main function to make possible
// CGO compiler to compile the package as C shared library
}
>go build -buildmode=c-shared -o libhello.dll hello.go
>dumpbin -exports libhello.dll
Microsoft (R) COFF/PE Dumper Version 14.00.24215.1
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file libhello.dll
File Type: DLL
Section contains the following exports for libhello.dll
00000000 characteristics
5C7FB64A time date stamp Wed Mar 6 20:00:10 2019
0.00 version
1 ordinal base
3320 number of functions
3320 number of names
ordinal hint RVA name
1 0 00092F50 SayBye
2 1 00092EA0 SayHello
3 2 00092EF0 SayHelloByte
4 3 00093240 _cgo_get_context_function
5 4 000A1A68 _cgo_init
6 5 000930E0 _cgo_is_runtime_initialized
7 6 00093020 _cgo_maybe_run_preinit
8 7 000A1A70 _cgo_notify_runtime_init_done
9 8 00058970 _cgo_panic
10 9 00092FC0 _cgo_preinit_init
11 A 00092F90 _cgo_release_context
12 B 000A1A78 _cgo_sys_thread_create
13 C 00093330 _cgo_sys_thread_start
14 D 000A1A80 _cgo_thread_start
15 E 00052090 _cgo_topofstack
16 F 00093110 _cgo_wait_runtime_init_done
17 10 0016E070 _cgo_yield
18 11 00092D20 _cgoexp_fd8bec644a00_SayBye
19 12 00092AA0 _cgoexp_fd8bec644a00_SayHello
20 13 00092BD0 _cgoexp_fd8bec644a00_SayHelloByte
21 14 000538A0 _rt0_amd64_windows_lib
22 15 000A1A40 _rt0_amd64_windows_lib.ptr
23 16 00053900 _rt0_amd64_windows_lib_go
24 17 000589C0 crosscall2
25 18 00093380 crosscall_amd64
26 19 0005B450 errors.(*errorString).Error
27 1A 0005B3C0 errors.New
28 1B 0008A230 fmt.(*buffer).WriteRune
29 1C 000884A0 fmt.(*fmt).fmtBoolean
30 1D 00089030 fmt.(*fmt).fmtBs
31 1E 00089870 fmt.(*fmt).fmtC
32 1F 00089A40 fmt.(*fmt).fmtFloat
33 20 000888B0 fmt.(*fmt).fmtInteger
34 21 00089660 fmt.(*fmt).fmtQ
35 22 00089930 fmt.(*fmt).fmtQc
36 23 00088FB0 fmt.(*fmt).fmtS
37 24 000890C0 fmt.(*fmt).fmtSbx
38 25 00088530 fmt.(*fmt).fmtUnicode
39 26 00087DF0 fmt.(*fmt).pad
40 27 00088150 fmt.(*fmt).padString
41 28 00088E70 fmt.(*fmt).truncate
42 29 00088D80 fmt.(*fmt).truncateString
43 2A 00087C60 fmt.(*fmt).writePadding
44 2B 0008A620 fmt.(*pp).Flag
45 2C 0008A600 fmt.(*pp).Precision
46 2D 0008A5E0 fmt.(*pp).Width
47 2E 0008A6B0 fmt.(*pp).Write
48 2F 00091000 fmt.(*pp).argNumber
49 30 00091120 fmt.(*pp).badArgNum
50 31 0008AEF0 fmt.(*pp).badVerb
51 32 0008CDB0 fmt.(*pp).catchPanic
52 33 00091440 fmt.(*pp).doPrintf
53 34 000925A0 fmt.(*pp).doPrintln
...
I want to export only the SayHello, SayHelloByte, SayBye functions instead of exporting the goruntime function.
What should I do? I searched for a few hours and didn't find a way to get golang.
thank you very much.
This issue was fixed in Go 1.16 and backported to Go 1.15.

K6: k6 websocket - how to decode compressed text in K6

I have used K6 in websocket performance test. While the content from server is compressed, and I got "�0E�e�!�56���j0&��v!�{�:�9�^�" printed in console.
I used nodejs code to handle the same message from server. I got the right text.
So my question is how to decode compressed text in K6?
my K6 script is
socket.on('message', function (data) {
console.log(typeof (data));
console.log(data.length)
if (data.length < 200) {
// I got "�0E�e�!�56���j0&��v!�{�:�9�^�" in console
console.log(data);
}
// I tried to decode it got "incorrect header check"
let text = pako.inflate(data, { to: 'string' });
}
If I used the following JS script, I got the correct text to inflate it to plain text.
ws.on('message', function (data) {
console.log('-------- begin -------');
// I got <Buffer 1f 8b 08 00 00 00 00 00 00 00 2d 8b 4b 0a 80 20 14 45 f7 72 c7 21 f9 1b e4 6e 34 1f 14 12 49 5e 47 d1 de 33 68 7a 3e 37 f6 8c 80 c4 b5 b7 4c 4c 68 3d in console
console.log(data);
console.log('-------- end -------');
let text = pako.inflate(data, {
to: 'string'
});
// msg is " msg: {"id":"btcusdt","subbed":"market.btcusdt.depth.step0","ts":1525243319443,"status":"ok"} "
console.log('msg: ' + text);
})
As I mentioned in the GitHub issue, it seems like pako's browserify version may have some issues when you specify { to: 'string' } in the options. Instead you should be able to do something like this:
let binText = pako.inflate(data);
let strText = String.fromCharCode.apply(null, binText);
console.log(strText);

Windows 7 rejecting UDP packets

I'm writing a program that should simultaneously send and receive special RAW UDP packets. Almost all fields (except MAC-addresses) are filled by myself. And besides that I'm using some fake IP options like: FE 04 01 00 (I've tried different), but the whole IP header is right. So here is an example packet
MACs: 30 85 a9 1f b8 d6 00 25 22 62 22 07 08 00
IP header: 48 00 00 3e 03 d0 00 00 40 11 bb b7 c0 a8 89 a1 c0 a8 89 01
IP options:
fd 04 01 00
fe 08 01 11 1d 15 0a 00
UDP header, payload: c3 50 c3 55 00 1e d7 ce 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 11 22 33 44 55 66 77
Issue
Precondition: windows firewall is disabled and no other firewall is running. On Windows 7 host program is launched with "Run as Administrator".
On Windows XP user is Administrator.
When packet is sent to remote host with Windows XP (LAN), or to the localhost on Windows 7 or Windows XP then it's successfully received(on the remote host or localhost). But if the packet is sent to the remote host with Windows 7 (LAN) then it's rejected by the remote host with ICMP message "Parameter problem". This only can be seen using (for example) Wireshark: sample wireshark capture file
Here's some source code on sending
ressrc = ResolveAddress(srcAddrStr, srcPort, addressFamily, socketType, protocol);
if (ressrc == NULL) {
// handling
}
resdest = ResolveAddress(dstAddrStr, dstPort, ressrc->ai_family, ressrc->ai_socktype, ressrc->ai_protocol);
if (resdest == NULL) {
// handling
}
sendSock = socket(ressrc->ai_family, socketType, ressrc->ai_protocol);
if (sendSock == INVALID_SOCKET) {
// handling
}
int optval = 1;
rc = setsockopt(sendSock, IPPROTO_IP, IP_HDRINCL, (char *)&optval, sizeof(optval));
if (rc == SOCKET_ERROR) {
// handling
}
// packetizing
WSABUF *wbuf = ...
rc = sendto(sendSock, wbuf[0].buf, wbuf[0].len, 0, resdest->ai_addr, resdest->ai_addrlen);
and receiving
ressrc = ResolveAddress(srcAddrStr, NULL, addressFamily, socketType, protocol);
if (ressrc == NULL) {
//handling
}
recvSock = socket(ressrc->ai_family, socketType, ressrc->ai_protocol);
if (recvSock == INVALID_SOCKET) {
//handling
}
rc = bind(recvSock, ressrc->ai_addr, ressrc->ai_addrlen);
if (rc == SOCKET_ERROR) {
//handling
}
while (1)
{
fromlen = sizeof(safrom);
rc = recvfrom(recvSock, buf, MAX_PACKET, 0, (SOCKADDR *)&safrom, &fromlen);
if (rc == SOCKET_ERROR) {
//handling
}
/*
* handling received packet
*/
}
I've tried:
comparing packets received on different hosts (no differences)
putting receiving socket in promiscuous mode using WSAIoctl and ioctlsocket functions
googling, but the only thing I've found about my issue is this topic
What can cause this problem? Should I turn something on/off? Or am I doing wrong something else?

Resources