8 +DEFS = @DEFS@ @V_DEFS@
11 CFLAGS = $(CCOPT) $(DEFS) $(INCLS)
15 ac_cv___attribute__=no)])
16 if test "$ac_cv___attribute__" = "yes"; then
17 AC_DEFINE(HAVE___ATTRIBUTE__, 1, [define if your compiler has __attribute__])
18 + V_DEFS="$V_DEFS -D_U_=\"__attribute__((unused))\""
20 + V_DEFS="$V_DEFS -D_U_=\"\""
22 AC_MSG_RESULT($ac_cv___attribute__)
27 AC_CHECK_HEADERS(rc5.h)
38 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
39 * All rights reserved.
42 * Redistribution and use in source and binary forms, with or without
43 * modification, are permitted provided that the following conditions
46 * 3. Neither the name of the project nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
51 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
61 /* refer to RFC 2408 */
67 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
68 * All rights reserved.
71 * Redistribution and use in source and binary forms, with or without
72 * modification, are permitted provided that the following conditions
75 * 3. Neither the name of the project nor the names of its contributors
76 * may be used to endorse or promote products derived from this software
77 * without specific prior written permission.
80 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
81 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
82 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
87 -static const char rcsid[] =
88 - "@(#) $Header$ (LBL)";
89 +static const char rcsid[] _U_ =
90 + "@(#) $Header$ (LBL)";
99 -#include <sys/param.h>
100 -#include <sys/time.h>
101 -#include <sys/socket.h>
102 +#include <tcpdump-stdinc.h>
104 -#include <netinet/in.h>
111 #include "ipsec_doi.h"
113 #define sockaddr_storage sockaddr
116 -static u_char *isakmp_sa_print(struct isakmp_gen *, u_char *, u_int32_t,
117 - u_int32_t, u_int32_t);
118 -static u_char *isakmp_p_print(struct isakmp_gen *, u_char *, u_int32_t,
119 - u_int32_t, u_int32_t);
120 -static u_char *isakmp_t_print(struct isakmp_gen *, u_char *, u_int32_t,
121 - u_int32_t, u_int32_t);
122 -static u_char *isakmp_ke_print(struct isakmp_gen *, u_char *, u_int32_t,
123 - u_int32_t, u_int32_t);
124 -static u_char *isakmp_id_print(struct isakmp_gen *, u_char *, u_int32_t,
125 - u_int32_t, u_int32_t);
126 -static u_char *isakmp_cert_print(struct isakmp_gen *, u_char *, u_int32_t,
127 - u_int32_t, u_int32_t);
128 -static u_char *isakmp_cr_print(struct isakmp_gen *, u_char *, u_int32_t,
129 - u_int32_t, u_int32_t);
130 -static u_char *isakmp_sig_print(struct isakmp_gen *, u_char *, u_int32_t,
131 - u_int32_t, u_int32_t);
132 -static u_char *isakmp_hash_print(struct isakmp_gen *, u_char *,
133 - u_int32_t, u_int32_t, u_int32_t);
134 -static u_char *isakmp_nonce_print(struct isakmp_gen *, u_char *,
135 - u_int32_t, u_int32_t, u_int32_t);
136 -static u_char *isakmp_n_print(struct isakmp_gen *, u_char *, u_int32_t,
137 - u_int32_t, u_int32_t);
138 -static u_char *isakmp_d_print(struct isakmp_gen *, u_char *, u_int32_t,
139 - u_int32_t, u_int32_t);
140 -static u_char *isakmp_vid_print(struct isakmp_gen *, u_char *, u_int32_t,
141 - u_int32_t, u_int32_t);
142 -static u_char *isakmp_sub0_print(u_char, struct isakmp_gen *, u_char *,
143 - u_int32_t, u_int32_t, u_int32_t);
144 -static u_char *isakmp_sub_print(u_char, struct isakmp_gen *, u_char *,
145 - u_int32_t, u_int32_t, u_int32_t);
146 +static const u_char *isakmp_sa_print(const struct isakmp_gen *,
147 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
148 +static const u_char *isakmp_p_print(const struct isakmp_gen *,
149 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
150 +static const u_char *isakmp_t_print(const struct isakmp_gen *,
151 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
152 +static const u_char *isakmp_ke_print(const struct isakmp_gen *,
153 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
154 +static const u_char *isakmp_id_print(const struct isakmp_gen *,
155 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
156 +static const u_char *isakmp_cert_print(const struct isakmp_gen *,
157 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
158 +static const u_char *isakmp_cr_print(const struct isakmp_gen *,
159 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
160 +static const u_char *isakmp_sig_print(const struct isakmp_gen *,
161 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
162 +static const u_char *isakmp_hash_print(const struct isakmp_gen *,
163 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
164 +static const u_char *isakmp_nonce_print(const struct isakmp_gen *,
165 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
166 +static const u_char *isakmp_n_print(const struct isakmp_gen *,
167 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
168 +static const u_char *isakmp_d_print(const struct isakmp_gen *,
169 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
170 +static const u_char *isakmp_vid_print(const struct isakmp_gen *,
171 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
172 +static const u_char *isakmp_sub0_print(u_char, const struct isakmp_gen *,
173 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
174 +static const u_char *isakmp_sub_print(u_char, const struct isakmp_gen *,
175 + const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
176 static char *numstr(int);
177 -static void safememcpy(void *, void *, size_t);
178 +static void safememcpy(void *, const void *, size_t);
180 #define MAXINITIATORS 20
182 @@ -106,19 +101,19 @@
183 } cookiecache[MAXINITIATORS];
186 -static char *protoidstr[] = {
187 +static const char *protoidstr[] = {
188 NULL, "isakmp", "ipsec-ah", "ipsec-esp", "ipcomp",
192 -static char *npstr[] = {
193 +static const char *npstr[] = {
194 "none", "sa", "p", "t", "ke", "id", "cert", "cr", "hash",
195 "sig", "nonce", "n", "d", "vid"
199 -static u_char *(*npfunc[])(struct isakmp_gen *, u_char *, u_int32_t,
200 - u_int32_t, u_int32_t) = {
201 +static const u_char *(*npfunc[])(const struct isakmp_gen *, const u_char *,
202 + u_int32_t, u_int32_t, u_int32_t, int) = {
210 -static char *etypestr[] = {
211 +static const char *etypestr[] = {
212 "none", "base", "ident", "auth", "agg", "inf", NULL, NULL,
213 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
214 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
216 rawprint(caddr_t loc, size_t len)
223 for (i = 0; i < len; i++)
224 @@ -338,13 +333,14 @@
230 - char *value[30]; /*XXX*/
233 + const char *value[30]; /*XXX*/
237 -isakmp_attrmap_print(u_char *p, u_char *ep, struct attrmap *map, size_t nmap)
238 +static const u_char *
239 +isakmp_attrmap_print(const u_char *p, const u_char *ep,
240 + const struct attrmap *map, size_t nmap)
244 @@ -354,35 +350,35 @@
248 - totlen = 4 + ntohs(q[1]);
249 + totlen = 4 + EXTRACT_16BITS(&q[1]);
250 if (ep < p + totlen) {
256 - t = ntohs(q[0]) & 0x7fff;
257 + t = EXTRACT_16BITS(&q[0]) & 0x7fff;
258 if (map && t < nmap && map[t].type)
259 printf("type=%s ", map[t].type);
261 printf("type=#%d ", t);
265 + v = EXTRACT_16BITS(&q[1]);
266 if (map && t < nmap && v < map[t].nvalue && map[t].value[v])
267 printf("%s", map[t].value[v]);
269 rawprint((caddr_t)&q[1], 2);
271 - printf("len=%d value=", ntohs(q[1]));
272 - rawprint((caddr_t)&p[4], ntohs(q[1]));
273 + printf("len=%d value=", EXTRACT_16BITS(&q[1]));
274 + rawprint((caddr_t)&p[4], EXTRACT_16BITS(&q[1]));
281 -isakmp_attr_print(u_char *p, u_char *ep)
282 +static const u_char *
283 +isakmp_attr_print(const u_char *p, const u_char *ep)
287 @@ -392,35 +388,36 @@
291 - totlen = 4 + ntohs(q[1]);
292 + totlen = 4 + EXTRACT_16BITS(&q[1]);
293 if (ep < p + totlen) {
299 - t = ntohs(q[0]) & 0x7fff;
300 + t = EXTRACT_16BITS(&q[0]) & 0x7fff;
301 printf("type=#%d ", t);
305 rawprint((caddr_t)&q[1], 2);
307 - printf("len=%d value=", ntohs(q[1]));
308 - rawprint((caddr_t)&p[2], ntohs(q[1]));
309 + printf("len=%d value=", EXTRACT_16BITS(&q[1]));
310 + rawprint((caddr_t)&p[2], EXTRACT_16BITS(&q[1]));
317 -isakmp_sa_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
318 - u_int32_t doi0, u_int32_t proto0)
320 - struct isakmp_pl_sa *p, sa;
322 +static const u_char *
323 +isakmp_sa_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
324 + u_int32_t doi0 _U_, u_int32_t proto0, int depth)
326 + const struct isakmp_pl_sa *p;
327 + struct isakmp_pl_sa sa;
328 + const u_int32_t *q;
329 u_int32_t doi, sit, ident;
331 + const u_char *cp, *np;
334 printf("%s:", NPSTR(ISAKMP_NPTYPE_SA));
335 @@ -459,17 +456,19 @@
337 ext = (struct isakmp_gen *)np;
339 - cp = isakmp_sub_print(ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0);
340 + cp = isakmp_sub_print(ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0,
347 -isakmp_p_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
348 - u_int32_t doi0, u_int32_t proto0)
350 - struct isakmp_pl_p *p, prop;
352 +static const u_char *
353 +isakmp_p_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
354 + u_int32_t doi0, u_int32_t proto0 _U_, int depth)
356 + const struct isakmp_pl_p *p;
357 + struct isakmp_pl_p prop;
360 printf("%s:", NPSTR(ISAKMP_NPTYPE_P));
362 @@ -485,45 +484,45 @@
363 ext = (struct isakmp_gen *)((u_char *)(p + 1) + prop.spi_size);
365 cp = isakmp_sub_print(ISAKMP_NPTYPE_T, ext, ep, phase, doi0,
367 + prop.prot_id, depth);
372 -static char *isakmp_p_map[] = {
373 +static const char *isakmp_p_map[] = {
377 -static char *ah_p_map[] = {
378 +static const char *ah_p_map[] = {
379 NULL, "(reserved)", "md5", "sha", "1des",
380 "sha2-256", "sha2-384", "sha2-512",
383 -static char *esp_p_map[] = {
384 +static const char *esp_p_map[] = {
385 NULL, "1des-iv64", "1des", "3des", "rc5", "idea", "cast",
386 "blowfish", "3idea", "1des-iv32", "rc4", "null", "aes"
389 -static char *ipcomp_p_map[] = {
390 +static const char *ipcomp_p_map[] = {
391 NULL, "oui", "deflate", "lzs",
394 -struct attrmap ipsec_t_map[] = {
396 +const struct attrmap ipsec_t_map[] = {
397 + { NULL, 0, { NULL } },
398 { "lifetype", 3, { NULL, "sec", "kb", }, },
400 + { "life", 0, { NULL } },
401 { "group desc", 5, { NULL, "modp768", "modp1024", "EC2N 2^155",
403 { "enc mode", 3, { NULL, "tunnel", "transport", }, },
404 { "auth", 5, { NULL, "hmac-md5", "hmac-sha1", "1des-mac", "keyed", }, },
407 - { "dictsize", 0, },
409 + { "keylen", 0, { NULL } },
410 + { "rounds", 0, { NULL } },
411 + { "dictsize", 0, { NULL } },
412 + { "privalg", 0, { NULL } },
415 -struct attrmap oakley_t_map[] = {
417 +const struct attrmap oakley_t_map[] = {
418 + { NULL, 0, { NULL } },
419 { "enc", 8, { NULL, "1des", "idea", "blowfish", "rc5",
420 "3des", "cast", "aes", }, },
421 { "hash", 7, { NULL, "md5", "sha1", "tiger",
422 @@ -533,29 +532,31 @@
423 { "group desc", 5, { NULL, "modp768", "modp1024", "EC2N 2^155",
425 { "group type", 4, { NULL, "MODP", "ECP", "EC2N", }, },
426 - { "group prime", 0, },
427 - { "group gen1", 0, },
428 - { "group gen2", 0, },
429 - { "group curve A", 0, },
430 - { "group curve B", 0, },
431 + { "group prime", 0, { NULL } },
432 + { "group gen1", 0, { NULL } },
433 + { "group gen2", 0, { NULL } },
434 + { "group curve A", 0, { NULL } },
435 + { "group curve B", 0, { NULL } },
436 { "lifetype", 3, { NULL, "sec", "kb", }, },
437 - { "lifeduration", 0, },
442 + { "lifeduration", 0, { NULL } },
443 + { "prf", 0, { NULL } },
444 + { "keylen", 0, { NULL } },
445 + { "field", 0, { NULL } },
446 + { "order", 0, { NULL } },
450 -isakmp_t_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
451 - u_int32_t doi, u_int32_t proto)
453 - struct isakmp_pl_t *p, t;
456 - struct attrmap *map;
457 +static const u_char *
458 +isakmp_t_print(const struct isakmp_gen *ext, const u_char *ep,
459 + u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto,
462 + const struct isakmp_pl_t *p;
463 + struct isakmp_pl_t t;
466 + const struct attrmap *map;
471 printf("%s:", NPSTR(ISAKMP_NPTYPE_T));
478 -isakmp_ke_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
479 - u_int32_t doi, u_int32_t proto)
480 +static const u_char *
481 +isakmp_ke_print(const struct isakmp_gen *ext, const u_char *ep _U_,
482 + u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
487 @@ -625,22 +627,24 @@
488 return (u_char *)ext + ntohs(e.len);
492 -isakmp_id_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
493 - u_int32_t doi, u_int32_t proto)
494 +static const u_char *
495 +isakmp_id_print(const struct isakmp_gen *ext, const u_char *ep _U_,
496 + u_int32_t phase, u_int32_t doi _U_, u_int32_t proto _U_,
499 #define USE_IPSECDOI_IN_PHASE1 1
500 - struct isakmp_pl_id *p, id;
501 - static char *idtypestr[] = {
502 + const struct isakmp_pl_id *p;
503 + struct isakmp_pl_id id;
504 + static const char *idtypestr[] = {
505 "IPv4", "IPv4net", "IPv6", "IPv6net",
507 - static char *ipsecidtypestr[] = {
508 + static const char *ipsecidtypestr[] = {
509 NULL, "IPv4", "FQDN", "user FQDN", "IPv4net", "IPv6",
510 "IPv6net", "IPv4range", "IPv6range", "ASN1 DN", "ASN1 GN",
515 + const u_char *data;
517 printf("%s:", NPSTR(ISAKMP_NPTYPE_ID));
519 @@ -670,18 +674,23 @@
523 - struct ipsecdoi_id *p, id;
524 + const struct ipsecdoi_id *p;
525 + struct ipsecdoi_id id;
528 p = (struct ipsecdoi_id *)ext;
529 safememcpy(&id, ext, sizeof(id));
530 printf(" idtype=%s", STR_OR_ID(id.type, ipsecidtypestr));
535 pe = getprotobynumber(id.proto_id);
537 printf(" protoid=%s", pe->p_name);
542 /* it DOES NOT mean IPPROTO_IP! */
543 printf(" protoid=%s", "0");
546 case IPSECDOI_ID_IPV4_ADDR_SUBNET:
549 + const u_char *mask;
550 mask = data + sizeof(struct in_addr);
551 printf(" len=%d %s/%u.%u.%u.%u", len,
555 case IPSECDOI_ID_IPV6_ADDR_SUBNET:
558 + const u_int32_t *mask;
559 mask = (u_int32_t *)(data + sizeof(struct in6_addr));
561 printf(" len=%d %s/0x%08x%08x%08x%08x", len,
562 @@ -761,12 +770,14 @@
563 return (u_char *)ext + ntohs(id.h.len);
567 -isakmp_cert_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
568 - u_int32_t doi0, u_int32_t proto0)
570 - struct isakmp_pl_cert *p, cert;
571 - static char *certstr[] = {
572 +static const u_char *
573 +isakmp_cert_print(const struct isakmp_gen *ext, const u_char *ep _U_,
574 + u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
577 + const struct isakmp_pl_cert *p;
578 + struct isakmp_pl_cert cert;
579 + static const char *certstr[] = {
580 "none", "pkcs7", "pgp", "dns",
581 "x509sign", "x509ke", "kerberos", "crl",
582 "arl", "spki", "x509attr",
583 @@ -785,12 +796,14 @@
584 return (u_char *)ext + ntohs(cert.h.len);
588 -isakmp_cr_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
589 - u_int32_t doi0, u_int32_t proto0)
591 - struct isakmp_pl_cert *p, cert;
592 - static char *certstr[] = {
593 +static const u_char *
594 +isakmp_cr_print(const struct isakmp_gen *ext, const u_char *ep _U_,
595 + u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
598 + const struct isakmp_pl_cert *p;
599 + struct isakmp_pl_cert cert;
600 + static const char *certstr[] = {
601 "none", "pkcs7", "pgp", "dns",
602 "x509sign", "x509ke", "kerberos", "crl",
603 "arl", "spki", "x509attr",
605 return (u_char *)ext + ntohs(cert.h.len);
609 -isakmp_hash_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
610 - u_int32_t doi, u_int32_t proto)
611 +static const u_char *
612 +isakmp_hash_print(const struct isakmp_gen *ext, const u_char *ep _U_,
613 + u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
619 return (u_char *)ext + ntohs(e.len);
623 -isakmp_sig_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
624 - u_int32_t doi, u_int32_t proto)
625 +static const u_char *
626 +isakmp_sig_print(const struct isakmp_gen *ext, const u_char *ep _U_,
627 + u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
633 return (u_char *)ext + ntohs(e.len);
637 -isakmp_nonce_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
638 - u_int32_t doi, u_int32_t proto)
639 +static const u_char *
640 +isakmp_nonce_print(const struct isakmp_gen *ext, const u_char *ep _U_,
641 + u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
646 @@ -860,16 +876,16 @@
647 return (u_char *)ext + ntohs(e.len);
651 -isakmp_n_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
652 - u_int32_t doi0, u_int32_t proto0)
653 +static const u_char *
654 +isakmp_n_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
655 + u_int32_t doi0 _U_, u_int32_t proto0 _U_, int depth)
657 struct isakmp_pl_n *p, n;
663 - static char *notifystr[] = {
664 + static const char *notify_error_str[] = {
665 NULL, "INVALID-PAYLOAD-TYPE",
666 "DOI-NOT-SUPPORTED", "SITUATION-NOT-SUPPORTED",
667 "INVALID-COOKIE", "INVALID-MAJOR-VERSION",
668 @@ -887,15 +903,33 @@
669 "CERTIFICATE-UNAVAILABLE", "UNSUPPORTED-EXCHANGE-TYPE",
670 "UNEQUAL-PAYLOAD-LENGTHS",
672 - static char *ipsecnotifystr[] = {
673 + static const char *ipsec_notify_error_str[] = {
676 + static const char *notify_status_str[] = {
679 + static const char *ipsec_notify_status_str[] = {
680 "RESPONDER-LIFETIME", "REPLAY-STATUS",
683 /* NOTE: these macro must be called with x in proper range */
684 -#define NOTIFYSTR(x) \
685 - (((x) == 16384) ? "CONNECTED" : STR_OR_ID((x), notifystr))
686 -#define IPSECNOTIFYSTR(x) \
687 - (((x) == 8192) ? "RESERVED" : STR_OR_ID(((x) - 24576), ipsecnotifystr))
690 +#define NOTIFY_ERROR_STR(x) \
691 + STR_OR_ID((x), notify_error_str)
694 +#define IPSEC_NOTIFY_ERROR_STR(x) \
695 + STR_OR_ID((u_int)((x) - 8192), ipsec_notify_error_str)
698 +#define NOTIFY_STATUS_STR(x) \
699 + STR_OR_ID((u_int)((x) - 16384), notify_status_str)
702 +#define IPSEC_NOTIFY_STATUS_STR(x) \
703 + STR_OR_ID((u_int)((x) - 24576), ipsec_notify_status_str)
705 printf("%s:", NPSTR(ISAKMP_NPTYPE_N));
709 printf(" doi=%d", doi);
710 printf(" proto=%d", proto);
711 - printf(" type=%s", NOTIFYSTR(ntohs(n.type)));
712 + if (ntohs(n.type) < 8192)
713 + printf(" type=%s", NOTIFY_ERROR_STR(ntohs(n.type)));
714 + else if (ntohs(n.type) < 16384)
715 + printf(" type=%s", numstr(ntohs(n.type)));
716 + else if (ntohs(n.type) < 24576)
717 + printf(" type=%s", NOTIFY_STATUS_STR(ntohs(n.type)));
719 + printf(" type=%s", numstr(ntohs(n.type)));
722 rawprint((caddr_t)(p + 1), n.spi_size);
723 @@ -917,15 +958,15 @@
724 printf(" doi=ipsec");
725 printf(" proto=%s", PROTOIDSTR(proto));
726 if (ntohs(n.type) < 8192)
727 - printf(" type=%s", NOTIFYSTR(ntohs(n.type)));
728 + printf(" type=%s", NOTIFY_ERROR_STR(ntohs(n.type)));
729 else if (ntohs(n.type) < 16384)
730 - printf(" type=%s", IPSECNOTIFYSTR(ntohs(n.type)));
731 + printf(" type=%s", IPSEC_NOTIFY_ERROR_STR(ntohs(n.type)));
732 else if (ntohs(n.type) < 24576)
733 - printf(" type=%s", NOTIFYSTR(ntohs(n.type)));
734 - else if (ntohs(n.type) < 40960)
735 - printf(" type=%s", IPSECNOTIFYSTR(ntohs(n.type)));
736 + printf(" type=%s", NOTIFY_STATUS_STR(ntohs(n.type)));
737 + else if (ntohs(n.type) < 32768)
738 + printf(" type=%s", IPSEC_NOTIFY_STATUS_STR(ntohs(n.type)));
740 - printf(" type=%s", NOTIFYSTR(ntohs(n.type)));
741 + printf(" type=%s", numstr(ntohs(n.type)));
744 rawprint((caddr_t)(p + 1), n.spi_size);
746 switch (ntohs(n.type)) {
747 case IPSECDOI_NTYPE_RESPONDER_LIFETIME:
749 - struct attrmap *map = oakley_t_map;
750 + const struct attrmap *map = oakley_t_map;
751 size_t nmap = sizeof(oakley_t_map)/sizeof(oakley_t_map[0]);
752 while (cp < ep && cp < ep2) {
753 cp = isakmp_attrmap_print(cp,
755 (*(u_int32_t *)cp) ? "en" : "dis");
757 case ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN:
758 - isakmp_sub_print(ISAKMP_NPTYPE_SA,
759 - (struct isakmp_gen *)cp, ep, phase, doi, proto);
760 + if (isakmp_sub_print(ISAKMP_NPTYPE_SA,
761 + (struct isakmp_gen *)cp, ep, phase, doi, proto,
767 @@ -966,12 +1009,14 @@
768 return (u_char *)ext + ntohs(n.h.len);
772 -isakmp_d_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
773 - u_int32_t doi0, u_int32_t proto0)
775 - struct isakmp_pl_d *p, d;
777 +static const u_char *
778 +isakmp_d_print(const struct isakmp_gen *ext, const u_char *ep _U_,
779 + u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
782 + const struct isakmp_pl_d *p;
783 + struct isakmp_pl_d d;
788 @@ -1002,9 +1047,10 @@
793 -isakmp_vid_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
794 - u_int32_t doi, u_int32_t proto)
795 +static const u_char *
796 +isakmp_vid_print(const struct isakmp_gen *ext, const u_char *ep _U_,
797 + u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
802 @@ -1019,45 +1065,50 @@
803 return (u_char *)ext + ntohs(e.len);
807 -isakmp_sub0_print(u_char np, struct isakmp_gen *ext, u_char *ep,
808 - u_int32_t phase, u_int32_t doi, u_int32_t proto)
809 +static const u_char *
810 +isakmp_sub0_print(u_char np, const struct isakmp_gen *ext, const u_char *ep,
811 + u_int32_t phase, u_int32_t doi, u_int32_t proto, int depth)
819 safememcpy(&e, ext, sizeof(e));
822 - cp = (*NPFUNC(np))(ext, ep, phase, doi, proto);
825 + * Since we can't have a payload length of less than 4 bytes,
826 + * we need to bail out here if the generic header is nonsensical
827 + * or truncated, otherwise we could loop forever processing
828 + * zero-length items or otherwise misdissect the packet.
830 + item_len = ntohs(e.len);
836 + * XXX - what if item_len is too short, or too long,
837 + * for this payload type?
839 + cp = (*NPFUNC(np))(ext, ep, phase, doi, proto, depth);
841 printf("%s", NPSTR(np));
842 - item_len = ntohs(e.len);
843 - if (item_len == 0) {
845 - * We don't want to loop forever processing this
846 - * bogus (zero-length) item; return NULL so that
847 - * we stop dissecting.
859 -isakmp_sub_print(u_char np, struct isakmp_gen *ext, u_char *ep,
860 - u_int32_t phase, u_int32_t doi, u_int32_t proto)
861 +static const u_char *
862 +isakmp_sub_print(u_char np, const struct isakmp_gen *ext, const u_char *ep,
863 + u_int32_t phase, u_int32_t doi, u_int32_t proto, int depth)
866 - static int depth = 0;
871 - cp = (u_char *)ext;
872 + cp = (const u_char *)ext;
875 safememcpy(&e, ext, sizeof(e));
876 @@ -1072,7 +1123,7 @@
877 for (i = 0; i < depth; i++)
880 - cp = isakmp_sub0_print(np, ext, ep, phase, doi, proto);
881 + cp = isakmp_sub0_print(np, ext, ep, phase, doi, proto, depth);
885 @@ -1101,7 +1152,7 @@
889 -safememcpy(void *p, void *q, size_t l)
890 +safememcpy(void *p, const void *q, size_t l)
894 @@ -1109,15 +1160,16 @@
896 isakmp_print(const u_char *bp, u_int length, const u_char *bp2)
898 - struct isakmp *p, base;
900 + const struct isakmp *p;
901 + struct isakmp base;
908 - p = (struct isakmp *)bp;
909 - ep = (u_char *)snapend;
910 + p = (const struct isakmp *)bp;
913 if ((struct isakmp *)ep < p + 1) {
915 @@ -1177,35 +1229,36 @@
916 printf("[%s%s]", base.flags & ISAKMP_FLAG_E ? "E" : "",
917 base.flags & ISAKMP_FLAG_C ? "C" : "");
922 - struct isakmp_gen *ext;
925 + const struct isakmp_gen *ext;
928 #define CHECKLEN(p, np) \
929 - if (ep < (u_char *)(p)) { \
930 - printf(" [|%s]", NPSTR(np)); \
933 + if (ep < (u_char *)(p)) { \
934 + printf(" [|%s]", NPSTR(np)); \
938 - /* regardless of phase... */
939 - if (base.flags & ISAKMP_FLAG_E) {
941 - * encrypted, nothing we can do right now.
942 - * we hope to decrypt the packet in the future...
944 - printf(" [encrypted %s]", NPSTR(base.np));
950 - CHECKLEN(p + 1, base.np)
951 + /* regardless of phase... */
952 + if (base.flags & ISAKMP_FLAG_E) {
954 + * encrypted, nothing we can do right now.
955 + * we hope to decrypt the packet in the future...
957 + printf(" [encrypted %s]", NPSTR(base.np));
962 - ext = (struct isakmp_gen *)(p + 1);
963 - isakmp_sub_print(np, ext, ep, phase, 0, 0);
966 + CHECKLEN(p + 1, base.np)
969 + ext = (struct isakmp_gen *)(p + 1);
970 + isakmp_sub_print(np, ext, ep, phase, 0, 0, 0);
979 + * Copyright (c) 2002 - 2003
980 + * NetGroup, Politecnico di Torino (Italy)
981 + * All rights reserved.
983 + * Redistribution and use in source and binary forms, with or without
984 + * modification, are permitted provided that the following conditions
987 + * 1. Redistributions of source code must retain the above copyright
988 + * notice, this list of conditions and the following disclaimer.
989 + * 2. Redistributions in binary form must reproduce the above copyright
990 + * notice, this list of conditions and the following disclaimer in the
991 + * documentation and/or other materials provided with the distribution.
992 + * 3. Neither the name of the Politecnico di Torino nor the names of its
993 + * contributors may be used to endorse or promote products derived from
994 + * this software without specific prior written permission.
996 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
997 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
998 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
999 + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
1000 + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
1001 + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
1002 + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
1003 + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
1004 + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
1005 + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
1006 + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
1009 + * @(#) $Header$ (LBL)
1013 + * Include the appropriate OS header files on Windows and various flavors
1014 + * of UNIX, and also define some additional items and include various
1015 + * non-OS header files on Windows, and; this isolates most of the platform
1016 + * differences to this one file.
1019 +#ifndef tcpdump_stdinc_h
1020 +#define tcpdump_stdinc_h
1025 +#include <winsock2.h>
1026 +#include "bittypes.h"
1030 +#include "IP6_misc.h"
1034 +#include <stdint.h>
1036 +#define errno (*_errno())
1038 +#define INET_ADDRSTRLEN 16
1039 +#define INET6_ADDRSTRLEN 46
1041 +#endif /* __MINGW32__ */
1044 +#define toascii(c) ((c) & 0x7f)
1048 +typedef char* caddr_t;
1049 +#endif /* caddr_t */
1051 +#define MAXHOSTNAMELEN 64
1052 +#define NI_MAXHOST 1025
1053 +#define snprintf _snprintf
1054 +#define vsnprintf _vsnprintf
1055 +#define RETSIGTYPE void
1057 +#if !defined(__MINGW32__) && !defined(__WATCOMC__)
1059 +#define isascii __isascii
1060 +#define toascii __toascii
1063 +#define fstat _fstat
1065 +#define O_RDONLY _O_RDONLY
1067 +typedef short ino_t;
1068 +#endif /* __MINGW32__ */
1073 +#include <unistd.h>
1075 +#include <sys/param.h>
1076 +#include <sys/types.h> /* concession to AIX */
1077 +#include <sys/time.h>
1078 +#include <sys/socket.h>
1079 +#include <netinet/in.h>
1081 +#ifdef TIME_WITH_SYS_TIME
1085 +#include <arpa/inet.h>
1093 +#if defined(WIN32) || defined(MSDOS)
1094 + #define FOPEN_READ_TXT "rt"
1095 + #define FOPEN_READ_BIN "rb"
1096 + #define FOPEN_WRITE_TXT "wt"
1097 + #define FOPEN_WRITE_BIN "wb"
1099 + #define FOPEN_READ_TXT "r"
1100 + #define FOPEN_READ_BIN FOPEN_READ_TXT
1101 + #define FOPEN_WRITE_TXT "w"
1102 + #define FOPEN_WRITE_BIN FOPEN_WRITE_TXT
1105 +#endif /* tcpdump_stdinc_h */
projects / packages / tcpdump.git / blob