GH-2183: Rework Packet checksummed variable naming

NEWS

@@ -9,6 +9,11 @@ Zeek 5.1.0
 Breaking Changes
 ----------------
 
+- The ``Packet::{l2,l3}_checksummed`` variables were reworked to correctly match
+  the network layers that they apply to. A new ``Packet::l4_checksummed``
+  variable was added to cover the transport layer. See this GitHub issue for
+  more detail: https://github.com/zeek/zeek/issues/2183.
+
 New Functionality
 -----------------
 

src/iosource/Packet.cc

@@ -61,6 +61,8 @@ void Packet::Init(int arg_link_type, pkt_timeval* arg_ts, uint32_t arg_caplen, u
 	l3_proto = L3_UNKNOWN;
 	l3_checksummed = false;
 
+	l4_checksummed = false;
+
 	encap.reset();
 	ip_hdr.reset();
 

src/iosource/Packet.h

@@ -186,18 +186,28 @@ public:
 	 */
 	bool is_orig = false;
 
+	// Note: The following checksummed variables only apply to packets
+	// received via a packet source, and not to packets contained inside
+	// tunnels, etc.
+
 	/**
-	 * Indicates whether the layer 2 checksum was validated by the
+	 * Indicates whether the data link layer/layer 2 checksum was validated
-	 * hardware/kernel before being received by zeek.
+	 * the hardware/kernel before being received by zeek.
 	 */
 	bool l2_checksummed = false;
 
 	/**
-	 * Indicates whether the layer 3 checksum was validated by the
+	 * Indicates whether the network layer/layer 3 checksum was validated by
-	 * hardware/kernel before being received by zeek.
+	 * the hardware/kernel before being received by zeek.
 	 */
 	bool l3_checksummed = false;
 
+	/**
+	 * Indicates whether the transport layer/layer 4 checksum was validated
+	 * by the hardware/kernel before being received by zeek.
+	 */
+	bool l4_checksummed = false;
+
 	/**
 	 * Indicates whether this packet should be recorded.
 	 */

src/packet_analysis/protocol/icmp/ICMP.cc

@@ -347,7 +347,7 @@ zeek::RecordValPtr ICMPAnalyzer::ExtractICMP4Context(int len, const u_char*& dat
 		{
 		bad_hdr_len = 0;
 		ip_len = ip_hdr->TotalLen();
-		bad_checksum = ! run_state::current_pkt->l3_checksummed &&
+		bad_checksum = ! run_state::current_pkt->l4_checksummed &&
 		               (detail::in_cksum(reinterpret_cast<const uint8_t*>(ip_hdr->IP4_Hdr()),
 		                                 ip_hdr_len) != 0xffff);
 

src/packet_analysis/protocol/ip/IP.cc

@@ -142,7 +142,7 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 	if ( packet_filter && packet_filter->Match(packet->ip_hdr, total_len, len) )
 		return false;
 
-	if ( ! packet->l2_checksummed && ! detail::ignore_checksums && ip4 &&
+	if ( ! packet->l3_checksummed && ! detail::ignore_checksums && ip4 &&
 	     ! IPBasedAnalyzer::GetIgnoreChecksumsNets()->Contains(packet->ip_hdr->IPHeaderSrcAddr()) &&
 	     detail::in_cksum(reinterpret_cast<const uint8_t*>(ip4), ip_hdr_len) != 0xffff )
 		{

src/packet_analysis/protocol/tcp/TCP.cc

@@ -163,7 +163,7 @@ bool TCPAnalyzer::ValidateChecksum(const IP_Hdr* ip, const struct tcphdr* tp,
                                    analyzer::tcp::TCP_Endpoint* endpoint, int len, int caplen,
                                    TCPSessionAdapter* adapter)
 	{
-	if ( ! run_state::current_pkt->l3_checksummed && ! detail::ignore_checksums &&
+	if ( ! run_state::current_pkt->l4_checksummed && ! detail::ignore_checksums &&
 	     ! GetIgnoreChecksumsNets()->Contains(ip->IPHeaderSrcAddr()) && caplen >= len &&
 	     ! endpoint->ValidChecksum(tp, len, ip->IP4_Hdr()) )
 		{

src/packet_analysis/protocol/udp/UDP.cc

@@ -106,7 +106,7 @@ void UDPAnalyzer::DeliverPacket(Connection* c, double t, bool is_orig, int remai
 
 	int chksum = up->uh_sum;
 
-	auto validate_checksum = ! run_state::current_pkt->l3_checksummed &&
+	auto validate_checksum = ! run_state::current_pkt->l4_checksummed &&
 	                         ! zeek::detail::ignore_checksums &&
 	                         ! GetIgnoreChecksumsNets()->Contains(ip->IPHeaderSrcAddr()) &&
 	                         remaining >= len;