]> git.pld-linux.org Git - packages/tcpdump.git/blame - tcpdump-isakmp-CAN-2003-0989.patch
projects / packages / tcpdump.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
This commit was manufactured by cvs2git to create tag 'STABLE'.
[packages/tcpdump.git] / tcpdump-isakmp-CAN-2003-0989.patch
CommitLineData
bf122080 1--- Makefile.in
2+++ Makefile.in
3@@ -43,7 +43,7 @@
4 PROG = tcpdump
5 CCOPT = @V_CCOPT@
6 INCLS = -I. @V_INCLS@
7-DEFS = @DEFS@
8+DEFS = @DEFS@ @V_DEFS@
9
10 # Standard CFLAGS
11 CFLAGS = $(CCOPT) $(DEFS) $(INCLS)
12--- aclocal.m4
13+++ aclocal.m4
14@@ -1091,6 +1091,9 @@
15 ac_cv___attribute__=no)])
16 if test "$ac_cv___attribute__" = "yes"; then
17 AC_DEFINE(HAVE___ATTRIBUTE__, 1, [define if your compiler has __attribute__])
18+ V_DEFS="$V_DEFS -D_U_=\"__attribute__((unused))\""
19+else
20+ V_DEFS="$V_DEFS -D_U_=\"\""
21 fi
22 AC_MSG_RESULT($ac_cv___attribute__)
23 ])
24--- configure.in
25+++ configure.in
26@@ -639,6 +639,7 @@
27 AC_CHECK_HEADERS(rc5.h)
28
29 AC_SUBST(V_CCOPT)
30+AC_SUBST(V_DEFS)
31 AC_SUBST(V_GROUP)
32 AC_SUBST(V_INCLS)
33 AC_SUBST(V_PCAPDEP)
34--- isakmp.h
35+++ isakmp.h
36@@ -1,7 +1,7 @@
37 /*
38 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
39 * All rights reserved.
40- *
41+ *
42 * Redistribution and use in source and binary forms, with or without
43 * modification, are permitted provided that the following conditions
44 * are met:
45@@ -13,7 +13,7 @@
46 * 3. Neither the name of the project nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
49- *
50+ *
51 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
54@@ -26,7 +26,7 @@
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56 * SUCH DAMAGE.
57 */
58-/* YIPS @(#)$Id$ */
59+/* YIPS @(#)$Id$ */
60
61 /* refer to RFC 2408 */
62
63--- print-isakmp.c
64+++ print-isakmp.c
65@@ -1,7 +1,7 @@
66 /*
67 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
68 * All rights reserved.
69- *
70+ *
71 * Redistribution and use in source and binary forms, with or without
72 * modification, are permitted provided that the following conditions
73 * are met:
74@@ -13,7 +13,7 @@
75 * 3. Neither the name of the project nor the names of its contributors
76 * may be used to endorse or promote products derived from this software
77 * without specific prior written permission.
78- *
79+ *
80 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
81 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
82 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
83@@ -29,24 +29,19 @@
84 */
85
86 #ifndef lint
87-static const char rcsid[] =
88- "@(#) $Header$ (LBL)";
89+static const char rcsid[] _U_ =
90+ "@(#) $Header$ (LBL)";
91 #endif
92
93 #ifdef HAVE_CONFIG_H
94 #include "config.h"
95 #endif
96
97-#include <string.h>
98-#include <ctype.h>
99-#include <sys/param.h>
100-#include <sys/time.h>
101-#include <sys/socket.h>
102+#include <tcpdump-stdinc.h>
103
104-#include <netinet/in.h>
105+#include <string.h>
106
107 #include <stdio.h>
108-#include <netdb.h>
109
110 #include "isakmp.h"
111 #include "ipsec_doi.h"
112@@ -64,38 +59,38 @@
113 #define sockaddr_storage sockaddr
114 #endif
115
116-static u_char *isakmp_sa_print(struct isakmp_gen *, u_char *, u_int32_t,
117- u_int32_t, u_int32_t);
118-static u_char *isakmp_p_print(struct isakmp_gen *, u_char *, u_int32_t,
119- u_int32_t, u_int32_t);
120-static u_char *isakmp_t_print(struct isakmp_gen *, u_char *, u_int32_t,
121- u_int32_t, u_int32_t);
122-static u_char *isakmp_ke_print(struct isakmp_gen *, u_char *, u_int32_t,
123- u_int32_t, u_int32_t);
124-static u_char *isakmp_id_print(struct isakmp_gen *, u_char *, u_int32_t,
125- u_int32_t, u_int32_t);
126-static u_char *isakmp_cert_print(struct isakmp_gen *, u_char *, u_int32_t,
127- u_int32_t, u_int32_t);
128-static u_char *isakmp_cr_print(struct isakmp_gen *, u_char *, u_int32_t,
129- u_int32_t, u_int32_t);
130-static u_char *isakmp_sig_print(struct isakmp_gen *, u_char *, u_int32_t,
131- u_int32_t, u_int32_t);
132-static u_char *isakmp_hash_print(struct isakmp_gen *, u_char *,
133- u_int32_t, u_int32_t, u_int32_t);
134-static u_char *isakmp_nonce_print(struct isakmp_gen *, u_char *,
135- u_int32_t, u_int32_t, u_int32_t);
136-static u_char *isakmp_n_print(struct isakmp_gen *, u_char *, u_int32_t,
137- u_int32_t, u_int32_t);
138-static u_char *isakmp_d_print(struct isakmp_gen *, u_char *, u_int32_t,
139- u_int32_t, u_int32_t);
140-static u_char *isakmp_vid_print(struct isakmp_gen *, u_char *, u_int32_t,
141- u_int32_t, u_int32_t);
142-static u_char *isakmp_sub0_print(u_char, struct isakmp_gen *, u_char *,
143- u_int32_t, u_int32_t, u_int32_t);
144-static u_char *isakmp_sub_print(u_char, struct isakmp_gen *, u_char *,
145- u_int32_t, u_int32_t, u_int32_t);
146+static const u_char *isakmp_sa_print(const struct isakmp_gen *,
147+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
148+static const u_char *isakmp_p_print(const struct isakmp_gen *,
149+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
150+static const u_char *isakmp_t_print(const struct isakmp_gen *,
151+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
152+static const u_char *isakmp_ke_print(const struct isakmp_gen *,
153+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
154+static const u_char *isakmp_id_print(const struct isakmp_gen *,
155+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
156+static const u_char *isakmp_cert_print(const struct isakmp_gen *,
157+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
158+static const u_char *isakmp_cr_print(const struct isakmp_gen *,
159+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
160+static const u_char *isakmp_sig_print(const struct isakmp_gen *,
161+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
162+static const u_char *isakmp_hash_print(const struct isakmp_gen *,
163+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
164+static const u_char *isakmp_nonce_print(const struct isakmp_gen *,
165+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
166+static const u_char *isakmp_n_print(const struct isakmp_gen *,
167+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
168+static const u_char *isakmp_d_print(const struct isakmp_gen *,
169+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
170+static const u_char *isakmp_vid_print(const struct isakmp_gen *,
171+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
172+static const u_char *isakmp_sub0_print(u_char, const struct isakmp_gen *,
173+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
174+static const u_char *isakmp_sub_print(u_char, const struct isakmp_gen *,
175+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
176 static char *numstr(int);
177-static void safememcpy(void *, void *, size_t);
178+static void safememcpy(void *, const void *, size_t);
179
180 #define MAXINITIATORS 20
181 int ninitiator = 0;
182@@ -106,19 +101,19 @@
183 } cookiecache[MAXINITIATORS];
184
185 /* protocol id */
186-static char *protoidstr[] = {
187+static const char *protoidstr[] = {
188 NULL, "isakmp", "ipsec-ah", "ipsec-esp", "ipcomp",
189 };
190
191 /* isakmp->np */
192-static char *npstr[] = {
193+static const char *npstr[] = {
194 "none", "sa", "p", "t", "ke", "id", "cert", "cr", "hash",
195 "sig", "nonce", "n", "d", "vid"
196 };
197
198 /* isakmp->np */
199-static u_char *(*npfunc[])(struct isakmp_gen *, u_char *, u_int32_t,
200- u_int32_t, u_int32_t) = {
201+static const u_char *(*npfunc[])(const struct isakmp_gen *, const u_char *,
202+ u_int32_t, u_int32_t, u_int32_t, int) = {
203 NULL,
204 isakmp_sa_print,
205 isakmp_p_print,
206@@ -136,7 +131,7 @@
207 };
208
209 /* isakmp->etype */
210-static char *etypestr[] = {
211+static const char *etypestr[] = {
212 "none", "base", "ident", "auth", "agg", "inf", NULL, NULL,
213 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
214 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
215@@ -330,7 +325,7 @@
216 rawprint(caddr_t loc, size_t len)
217 {
218 static u_char *p;
219- int i;
220+ size_t i;
221
222 p = (u_char *)loc;
223 for (i = 0; i < len; i++)
224@@ -338,13 +333,14 @@
225 }
226
227 struct attrmap {
228- char *type;
229- int nvalue;
230- char *value[30]; /*XXX*/
231+ const char *type;
232+ u_int nvalue;
233+ const char *value[30]; /*XXX*/
234 };
235
236-static u_char *
237-isakmp_attrmap_print(u_char *p, u_char *ep, struct attrmap *map, size_t nmap)
238+static const u_char *
239+isakmp_attrmap_print(const u_char *p, const u_char *ep,
240+ const struct attrmap *map, size_t nmap)
241 {
242 u_int16_t *q;
243 int totlen;
244@@ -354,35 +350,35 @@
245 if (p[0] & 0x80)
246 totlen = 4;
247 else
248- totlen = 4 + ntohs(q[1]);
249+ totlen = 4 + EXTRACT_16BITS(&q[1]);
250 if (ep < p + totlen) {
251 printf("[|attr]");
252 return ep + 1;
253 }
254
255 printf("(");
256- t = ntohs(q[0]) & 0x7fff;
257+ t = EXTRACT_16BITS(&q[0]) & 0x7fff;
258 if (map && t < nmap && map[t].type)
259 printf("type=%s ", map[t].type);
260 else
261 printf("type=#%d ", t);
262 if (p[0] & 0x80) {
263 printf("value=");
264- v = ntohs(q[1]);
265+ v = EXTRACT_16BITS(&q[1]);
266 if (map && t < nmap && v < map[t].nvalue && map[t].value[v])
267 printf("%s", map[t].value[v]);
268 else
269 rawprint((caddr_t)&q[1], 2);
270 } else {
271- printf("len=%d value=", ntohs(q[1]));
272- rawprint((caddr_t)&p[4], ntohs(q[1]));
273+ printf("len=%d value=", EXTRACT_16BITS(&q[1]));
274+ rawprint((caddr_t)&p[4], EXTRACT_16BITS(&q[1]));
275 }
276 printf(")");
277 return p + totlen;
278 }
279
280-static u_char *
281-isakmp_attr_print(u_char *p, u_char *ep)
282+static const u_char *
283+isakmp_attr_print(const u_char *p, const u_char *ep)
284 {
285 u_int16_t *q;
286 int totlen;
287@@ -392,35 +388,36 @@
288 if (p[0] & 0x80)
289 totlen = 4;
290 else
291- totlen = 4 + ntohs(q[1]);
292+ totlen = 4 + EXTRACT_16BITS(&q[1]);
293 if (ep < p + totlen) {
294 printf("[|attr]");
295 return ep + 1;
296 }
297
298 printf("(");
299- t = ntohs(q[0]) & 0x7fff;
300+ t = EXTRACT_16BITS(&q[0]) & 0x7fff;
301 printf("type=#%d ", t);
302 if (p[0] & 0x80) {
303 printf("value=");
304 t = q[1];
305 rawprint((caddr_t)&q[1], 2);
306 } else {
307- printf("len=%d value=", ntohs(q[1]));
308- rawprint((caddr_t)&p[2], ntohs(q[1]));
309+ printf("len=%d value=", EXTRACT_16BITS(&q[1]));
310+ rawprint((caddr_t)&p[2], EXTRACT_16BITS(&q[1]));
311 }
312 printf(")");
313 return p + totlen;
314 }
315
316-static u_char *
317-isakmp_sa_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
318- u_int32_t doi0, u_int32_t proto0)
319-{
320- struct isakmp_pl_sa *p, sa;
321- u_int32_t *q;
322+static const u_char *
323+isakmp_sa_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
324+ u_int32_t doi0 _U_, u_int32_t proto0, int depth)
325+{
326+ const struct isakmp_pl_sa *p;
327+ struct isakmp_pl_sa sa;
328+ const u_int32_t *q;
329 u_int32_t doi, sit, ident;
330- u_char *cp, *np;
331+ const u_char *cp, *np;
332 int t;
333
334 printf("%s:", NPSTR(ISAKMP_NPTYPE_SA));
335@@ -459,17 +456,19 @@
336
337 ext = (struct isakmp_gen *)np;
338
339- cp = isakmp_sub_print(ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0);
340+ cp = isakmp_sub_print(ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0,
341+ depth);
342
343 return cp;
344 }
345
346-static u_char *
347-isakmp_p_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
348- u_int32_t doi0, u_int32_t proto0)
349-{
350- struct isakmp_pl_p *p, prop;
351- u_char *cp;
352+static const u_char *
353+isakmp_p_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
354+ u_int32_t doi0, u_int32_t proto0 _U_, int depth)
355+{
356+ const struct isakmp_pl_p *p;
357+ struct isakmp_pl_p prop;
358+ const u_char *cp;
359
360 printf("%s:", NPSTR(ISAKMP_NPTYPE_P));
361
362@@ -485,45 +484,45 @@
363 ext = (struct isakmp_gen *)((u_char *)(p + 1) + prop.spi_size);
364
365 cp = isakmp_sub_print(ISAKMP_NPTYPE_T, ext, ep, phase, doi0,
366- prop.prot_id);
367+ prop.prot_id, depth);
368
369 return cp;
370 }
371
372-static char *isakmp_p_map[] = {
373+static const char *isakmp_p_map[] = {
374 NULL, "ike",
375 };
376
377-static char *ah_p_map[] = {
378+static const char *ah_p_map[] = {
379 NULL, "(reserved)", "md5", "sha", "1des",
380 "sha2-256", "sha2-384", "sha2-512",
381 };
382
383-static char *esp_p_map[] = {
384+static const char *esp_p_map[] = {
385 NULL, "1des-iv64", "1des", "3des", "rc5", "idea", "cast",
386 "blowfish", "3idea", "1des-iv32", "rc4", "null", "aes"
387 };
388
389-static char *ipcomp_p_map[] = {
390+static const char *ipcomp_p_map[] = {
391 NULL, "oui", "deflate", "lzs",
392 };
393
394-struct attrmap ipsec_t_map[] = {
395- { NULL, 0, },
396+const struct attrmap ipsec_t_map[] = {
397+ { NULL, 0, { NULL } },
398 { "lifetype", 3, { NULL, "sec", "kb", }, },
399- { "life", 0, },
400+ { "life", 0, { NULL } },
401 { "group desc", 5, { NULL, "modp768", "modp1024", "EC2N 2^155",
402 "EC2N 2^185", }, },
403 { "enc mode", 3, { NULL, "tunnel", "transport", }, },
404 { "auth", 5, { NULL, "hmac-md5", "hmac-sha1", "1des-mac", "keyed", }, },
405- { "keylen", 0, },
406- { "rounds", 0, },
407- { "dictsize", 0, },
408- { "privalg", 0, },
409+ { "keylen", 0, { NULL } },
410+ { "rounds", 0, { NULL } },
411+ { "dictsize", 0, { NULL } },
412+ { "privalg", 0, { NULL } },
413 };
414
415-struct attrmap oakley_t_map[] = {
416- { NULL, 0 },
417+const struct attrmap oakley_t_map[] = {
418+ { NULL, 0, { NULL } },
419 { "enc", 8, { NULL, "1des", "idea", "blowfish", "rc5",
420 "3des", "cast", "aes", }, },
421 { "hash", 7, { NULL, "md5", "sha1", "tiger",
422@@ -533,29 +532,31 @@
423 { "group desc", 5, { NULL, "modp768", "modp1024", "EC2N 2^155",
424 "EC2N 2^185", }, },
425 { "group type", 4, { NULL, "MODP", "ECP", "EC2N", }, },
426- { "group prime", 0, },
427- { "group gen1", 0, },
428- { "group gen2", 0, },
429- { "group curve A", 0, },
430- { "group curve B", 0, },
431+ { "group prime", 0, { NULL } },
432+ { "group gen1", 0, { NULL } },
433+ { "group gen2", 0, { NULL } },
434+ { "group curve A", 0, { NULL } },
435+ { "group curve B", 0, { NULL } },
436 { "lifetype", 3, { NULL, "sec", "kb", }, },
437- { "lifeduration", 0, },
438- { "prf", 0, },
439- { "keylen", 0, },
440- { "field", 0, },
441- { "order", 0, },
442+ { "lifeduration", 0, { NULL } },
443+ { "prf", 0, { NULL } },
444+ { "keylen", 0, { NULL } },
445+ { "field", 0, { NULL } },
446+ { "order", 0, { NULL } },
447 };
448
449-static u_char *
450-isakmp_t_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
451- u_int32_t doi, u_int32_t proto)
452-{
453- struct isakmp_pl_t *p, t;
454- u_char *cp;
455- char *idstr;
456- struct attrmap *map;
457+static const u_char *
458+isakmp_t_print(const struct isakmp_gen *ext, const u_char *ep,
459+ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto,
460+ int depth _U_)
461+{
462+ const struct isakmp_pl_t *p;
463+ struct isakmp_pl_t t;
464+ const u_char *cp;
465+ const char *idstr;
466+ const struct attrmap *map;
467 size_t nmap;
468- u_char *ep2;
469+ const u_char *ep2;
470
471 printf("%s:", NPSTR(ISAKMP_NPTYPE_T));
472
473@@ -608,9 +609,10 @@
474 return cp;
475 }
476
477-static u_char *
478-isakmp_ke_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
479- u_int32_t doi, u_int32_t proto)
480+static const u_char *
481+isakmp_ke_print(const struct isakmp_gen *ext, const u_char *ep _U_,
482+ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
483+ int depth _U_)
484 {
485 struct isakmp_gen e;
486
487@@ -625,22 +627,24 @@
488 return (u_char *)ext + ntohs(e.len);
489 }
490
491-static u_char *
492-isakmp_id_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
493- u_int32_t doi, u_int32_t proto)
494+static const u_char *
495+isakmp_id_print(const struct isakmp_gen *ext, const u_char *ep _U_,
496+ u_int32_t phase, u_int32_t doi _U_, u_int32_t proto _U_,
497+ int depth _U_)
498 {
499 #define USE_IPSECDOI_IN_PHASE1 1
500- struct isakmp_pl_id *p, id;
501- static char *idtypestr[] = {
502+ const struct isakmp_pl_id *p;
503+ struct isakmp_pl_id id;
504+ static const char *idtypestr[] = {
505 "IPv4", "IPv4net", "IPv6", "IPv6net",
506 };
507- static char *ipsecidtypestr[] = {
508+ static const char *ipsecidtypestr[] = {
509 NULL, "IPv4", "FQDN", "user FQDN", "IPv4net", "IPv6",
510 "IPv6net", "IPv4range", "IPv6range", "ASN1 DN", "ASN1 GN",
511 "keyid",
512 };
513 int len;
514- u_char *data;
515+ const u_char *data;
516
517 printf("%s:", NPSTR(ISAKMP_NPTYPE_ID));
518
519@@ -670,18 +674,23 @@
520 #endif
521 case 2:
522 {
523- struct ipsecdoi_id *p, id;
524+ const struct ipsecdoi_id *p;
525+ struct ipsecdoi_id id;
526 struct protoent *pe;
527
528 p = (struct ipsecdoi_id *)ext;
529 safememcpy(&id, ext, sizeof(id));
530 printf(" idtype=%s", STR_OR_ID(id.type, ipsecidtypestr));
531 if (id.proto_id) {
532+#ifndef WIN32
533 setprotoent(1);
534+#endif /* WIN32 */
535 pe = getprotobynumber(id.proto_id);
536 if (pe)
537 printf(" protoid=%s", pe->p_name);
538+#ifndef WIN32
539 endprotoent();
540+#endif /* WIN32 */
541 } else {
542 /* it DOES NOT mean IPPROTO_IP! */
543 printf(" protoid=%s", "0");
544@@ -706,7 +715,7 @@
545 }
546 case IPSECDOI_ID_IPV4_ADDR_SUBNET:
547 {
548- u_char *mask;
549+ const u_char *mask;
550 mask = data + sizeof(struct in_addr);
551 printf(" len=%d %s/%u.%u.%u.%u", len,
552 ipaddr_string(data),
553@@ -721,7 +730,7 @@
554 break;
555 case IPSECDOI_ID_IPV6_ADDR_SUBNET:
556 {
557- u_int32_t *mask;
558+ const u_int32_t *mask;
559 mask = (u_int32_t *)(data + sizeof(struct in6_addr));
560 /*XXX*/
561 printf(" len=%d %s/0x%08x%08x%08x%08x", len,
562@@ -761,12 +770,14 @@
563 return (u_char *)ext + ntohs(id.h.len);
564 }
565
566-static u_char *
567-isakmp_cert_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
568- u_int32_t doi0, u_int32_t proto0)
569-{
570- struct isakmp_pl_cert *p, cert;
571- static char *certstr[] = {
572+static const u_char *
573+isakmp_cert_print(const struct isakmp_gen *ext, const u_char *ep _U_,
574+ u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
575+ int depth _U_)
576+{
577+ const struct isakmp_pl_cert *p;
578+ struct isakmp_pl_cert cert;
579+ static const char *certstr[] = {
580 "none", "pkcs7", "pgp", "dns",
581 "x509sign", "x509ke", "kerberos", "crl",
582 "arl", "spki", "x509attr",
583@@ -785,12 +796,14 @@
584 return (u_char *)ext + ntohs(cert.h.len);
585 }
586
587-static u_char *
588-isakmp_cr_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
589- u_int32_t doi0, u_int32_t proto0)
590-{
591- struct isakmp_pl_cert *p, cert;
592- static char *certstr[] = {
593+static const u_char *
594+isakmp_cr_print(const struct isakmp_gen *ext, const u_char *ep _U_,
595+ u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
596+ int depth _U_)
597+{
598+ const struct isakmp_pl_cert *p;
599+ struct isakmp_pl_cert cert;
600+ static const char *certstr[] = {
601 "none", "pkcs7", "pgp", "dns",
602 "x509sign", "x509ke", "kerberos", "crl",
603 "arl", "spki", "x509attr",
604@@ -809,9 +822,10 @@
605 return (u_char *)ext + ntohs(cert.h.len);
606 }
607
608-static u_char *
609-isakmp_hash_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
610- u_int32_t doi, u_int32_t proto)
611+static const u_char *
612+isakmp_hash_print(const struct isakmp_gen *ext, const u_char *ep _U_,
613+ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
614+ int depth _U_)
615 {
616 struct isakmp_gen e;
617
618@@ -826,9 +840,10 @@
619 return (u_char *)ext + ntohs(e.len);
620 }
621
622-static u_char *
623-isakmp_sig_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
624- u_int32_t doi, u_int32_t proto)
625+static const u_char *
626+isakmp_sig_print(const struct isakmp_gen *ext, const u_char *ep _U_,
627+ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
628+ int depth _U_)
629 {
630 struct isakmp_gen e;
631
632@@ -843,9 +858,10 @@
633 return (u_char *)ext + ntohs(e.len);
634 }
635
636-static u_char *
637-isakmp_nonce_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
638- u_int32_t doi, u_int32_t proto)
639+static const u_char *
640+isakmp_nonce_print(const struct isakmp_gen *ext, const u_char *ep _U_,
641+ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
642+ int depth _U_)
643 {
644 struct isakmp_gen e;
645
646@@ -860,16 +876,16 @@
647 return (u_char *)ext + ntohs(e.len);
648 }
649
650-static u_char *
651-isakmp_n_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
652- u_int32_t doi0, u_int32_t proto0)
653+static const u_char *
654+isakmp_n_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
655+ u_int32_t doi0 _U_, u_int32_t proto0 _U_, int depth)
656 {
657 struct isakmp_pl_n *p, n;
658- u_char *cp;
659+ const u_char *cp;
660 u_char *ep2;
661 u_int32_t doi;
662 u_int32_t proto;
663- static char *notifystr[] = {
664+ static const char *notify_error_str[] = {
665 NULL, "INVALID-PAYLOAD-TYPE",
666 "DOI-NOT-SUPPORTED", "SITUATION-NOT-SUPPORTED",
667 "INVALID-COOKIE", "INVALID-MAJOR-VERSION",
668@@ -887,15 +903,33 @@
669 "CERTIFICATE-UNAVAILABLE", "UNSUPPORTED-EXCHANGE-TYPE",
670 "UNEQUAL-PAYLOAD-LENGTHS",
671 };
672- static char *ipsecnotifystr[] = {
673+ static const char *ipsec_notify_error_str[] = {
674+ "RESERVED",
675+ };
676+ static const char *notify_status_str[] = {
677+ "CONNECTED",
678+ };
679+ static const char *ipsec_notify_status_str[] = {
680 "RESPONDER-LIFETIME", "REPLAY-STATUS",
681 "INITIAL-CONTACT",
682 };
683 /* NOTE: these macro must be called with x in proper range */
684-#define NOTIFYSTR(x) \
685- (((x) == 16384) ? "CONNECTED" : STR_OR_ID((x), notifystr))
686-#define IPSECNOTIFYSTR(x) \
687- (((x) == 8192) ? "RESERVED" : STR_OR_ID(((x) - 24576), ipsecnotifystr))
688+
689+/* 0 - 8191 */
690+#define NOTIFY_ERROR_STR(x) \
691+ STR_OR_ID((x), notify_error_str)
692+
693+/* 8192 - 16383 */
694+#define IPSEC_NOTIFY_ERROR_STR(x) \
695+ STR_OR_ID((u_int)((x) - 8192), ipsec_notify_error_str)
696+
697+/* 16384 - 24575 */
698+#define NOTIFY_STATUS_STR(x) \
699+ STR_OR_ID((u_int)((x) - 16384), notify_status_str)
700+
701+/* 24576 - 32767 */
702+#define IPSEC_NOTIFY_STATUS_STR(x) \
703+ STR_OR_ID((u_int)((x) - 24576), ipsec_notify_status_str)
704
705 printf("%s:", NPSTR(ISAKMP_NPTYPE_N));
706
707@@ -906,7 +940,14 @@
708 if (doi != 1) {
709 printf(" doi=%d", doi);
710 printf(" proto=%d", proto);
711- printf(" type=%s", NOTIFYSTR(ntohs(n.type)));
712+ if (ntohs(n.type) < 8192)
713+ printf(" type=%s", NOTIFY_ERROR_STR(ntohs(n.type)));
714+ else if (ntohs(n.type) < 16384)
715+ printf(" type=%s", numstr(ntohs(n.type)));
716+ else if (ntohs(n.type) < 24576)
717+ printf(" type=%s", NOTIFY_STATUS_STR(ntohs(n.type)));
718+ else
719+ printf(" type=%s", numstr(ntohs(n.type)));
720 if (n.spi_size) {
721 printf(" spi=");
722 rawprint((caddr_t)(p + 1), n.spi_size);
723@@ -917,15 +958,15 @@
724 printf(" doi=ipsec");
725 printf(" proto=%s", PROTOIDSTR(proto));
726 if (ntohs(n.type) < 8192)
727- printf(" type=%s", NOTIFYSTR(ntohs(n.type)));
728+ printf(" type=%s", NOTIFY_ERROR_STR(ntohs(n.type)));
729 else if (ntohs(n.type) < 16384)
730- printf(" type=%s", IPSECNOTIFYSTR(ntohs(n.type)));
731+ printf(" type=%s", IPSEC_NOTIFY_ERROR_STR(ntohs(n.type)));
732 else if (ntohs(n.type) < 24576)
733- printf(" type=%s", NOTIFYSTR(ntohs(n.type)));
734- else if (ntohs(n.type) < 40960)
735- printf(" type=%s", IPSECNOTIFYSTR(ntohs(n.type)));
736+ printf(" type=%s", NOTIFY_STATUS_STR(ntohs(n.type)));
737+ else if (ntohs(n.type) < 32768)
738+ printf(" type=%s", IPSEC_NOTIFY_STATUS_STR(ntohs(n.type)));
739 else
740- printf(" type=%s", NOTIFYSTR(ntohs(n.type)));
741+ printf(" type=%s", numstr(ntohs(n.type)));
742 if (n.spi_size) {
743 printf(" spi=");
744 rawprint((caddr_t)(p + 1), n.spi_size);
745@@ -939,7 +980,7 @@
746 switch (ntohs(n.type)) {
747 case IPSECDOI_NTYPE_RESPONDER_LIFETIME:
748 {
749- struct attrmap *map = oakley_t_map;
750+ const struct attrmap *map = oakley_t_map;
751 size_t nmap = sizeof(oakley_t_map)/sizeof(oakley_t_map[0]);
752 while (cp < ep && cp < ep2) {
753 cp = isakmp_attrmap_print(cp,
754@@ -952,8 +993,10 @@
755 (*(u_int32_t *)cp) ? "en" : "dis");
756 break;
757 case ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN:
758- isakmp_sub_print(ISAKMP_NPTYPE_SA,
759- (struct isakmp_gen *)cp, ep, phase, doi, proto);
760+ if (isakmp_sub_print(ISAKMP_NPTYPE_SA,
761+ (struct isakmp_gen *)cp, ep, phase, doi, proto,
762+ depth) == NULL)
763+ return NULL;
764 break;
765 default:
766 /* NULL is dummy */
767@@ -966,12 +1009,14 @@
768 return (u_char *)ext + ntohs(n.h.len);
769 }
770
771-static u_char *
772-isakmp_d_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
773- u_int32_t doi0, u_int32_t proto0)
774-{
775- struct isakmp_pl_d *p, d;
776- u_int8_t *q;
777+static const u_char *
778+isakmp_d_print(const struct isakmp_gen *ext, const u_char *ep _U_,
779+ u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
780+ int depth _U_)
781+{
782+ const struct isakmp_pl_d *p;
783+ struct isakmp_pl_d d;
784+ const u_int8_t *q;
785 u_int32_t doi;
786 u_int32_t proto;
787 int i;
788@@ -1002,9 +1047,10 @@
789 return q;
790 }
791
792-static u_char *
793-isakmp_vid_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase,
794- u_int32_t doi, u_int32_t proto)
795+static const u_char *
796+isakmp_vid_print(const struct isakmp_gen *ext, const u_char *ep _U_,
797+ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
798+ int depth _U_)
799 {
800 struct isakmp_gen e;
801
802@@ -1019,45 +1065,50 @@
803 return (u_char *)ext + ntohs(e.len);
804 }
805
806-static u_char *
807-isakmp_sub0_print(u_char np, struct isakmp_gen *ext, u_char *ep,
808- u_int32_t phase, u_int32_t doi, u_int32_t proto)
809+static const u_char *
810+isakmp_sub0_print(u_char np, const struct isakmp_gen *ext, const u_char *ep,
811+ u_int32_t phase, u_int32_t doi, u_int32_t proto, int depth)
812 {
813- u_char *cp;
814+ const u_char *cp;
815 struct isakmp_gen e;
816 u_int item_len;
817
818 cp = (u_char *)ext;
819 safememcpy(&e, ext, sizeof(e));
820
821- if (NPFUNC(np))
822- cp = (*NPFUNC(np))(ext, ep, phase, doi, proto);
823- else {
824+ /*
825+ * Since we can't have a payload length of less than 4 bytes,
826+ * we need to bail out here if the generic header is nonsensical
827+ * or truncated, otherwise we could loop forever processing
828+ * zero-length items or otherwise misdissect the packet.
829+ */
830+ item_len = ntohs(e.len);
831+ if (item_len <= 4)
832+ return NULL;
833+
834+ if (NPFUNC(np)) {
835+ /*
836+ * XXX - what if item_len is too short, or too long,
837+ * for this payload type?
838+ */
839+ cp = (*NPFUNC(np))(ext, ep, phase, doi, proto, depth);
840+ } else {
841 printf("%s", NPSTR(np));
842- item_len = ntohs(e.len);
843- if (item_len == 0) {
844- /*
845- * We don't want to loop forever processing this
846- * bogus (zero-length) item; return NULL so that
847- * we stop dissecting.
848- */
849- cp = NULL;
850- } else
851- cp += item_len;
852+ cp += item_len;
853 }
854+
855 return cp;
856 }
857
858-static u_char *
859-isakmp_sub_print(u_char np, struct isakmp_gen *ext, u_char *ep,
860- u_int32_t phase, u_int32_t doi, u_int32_t proto)
861+static const u_char *
862+isakmp_sub_print(u_char np, const struct isakmp_gen *ext, const u_char *ep,
863+ u_int32_t phase, u_int32_t doi, u_int32_t proto, int depth)
864 {
865- u_char *cp;
866- static int depth = 0;
867+ const u_char *cp;
868 int i;
869 struct isakmp_gen e;
870
871- cp = (u_char *)ext;
872+ cp = (const u_char *)ext;
873
874 while (np) {
875 safememcpy(&e, ext, sizeof(e));
876@@ -1072,7 +1123,7 @@
877 for (i = 0; i < depth; i++)
878 printf(" ");
879 printf("(");
880- cp = isakmp_sub0_print(np, ext, ep, phase, doi, proto);
881+ cp = isakmp_sub0_print(np, ext, ep, phase, doi, proto, depth);
882 printf(")");
883 depth--;
884
885@@ -1101,7 +1152,7 @@
886 * optimization.
887 */
888 static void
889-safememcpy(void *p, void *q, size_t l)
890+safememcpy(void *p, const void *q, size_t l)
891 {
892 memcpy(p, q, l);
893 }
894@@ -1109,15 +1160,16 @@
895 void
896 isakmp_print(const u_char *bp, u_int length, const u_char *bp2)
897 {
898- struct isakmp *p, base;
899- u_char *ep;
900+ const struct isakmp *p;
901+ struct isakmp base;
902+ const u_char *ep;
903 u_char np;
904 int i;
905 int phase;
906 int major, minor;
907
908- p = (struct isakmp *)bp;
909- ep = (u_char *)snapend;
910+ p = (const struct isakmp *)bp;
911+ ep = snapend;
912
913 if ((struct isakmp *)ep < p + 1) {
914 printf("[|isakmp]");
915@@ -1177,35 +1229,36 @@
916 printf("[%s%s]", base.flags & ISAKMP_FLAG_E ? "E" : "",
917 base.flags & ISAKMP_FLAG_C ? "C" : "");
918 }
919- printf(":");
920
921- {
922- struct isakmp_gen *ext;
923- int nparen;
924+ if (vflag) {
925+ const struct isakmp_gen *ext;
926+ int nparen;
927
928 #define CHECKLEN(p, np) \
929- if (ep < (u_char *)(p)) { \
930- printf(" [|%s]", NPSTR(np)); \
931- goto done; \
932- }
933+ if (ep < (u_char *)(p)) { \
934+ printf(" [|%s]", NPSTR(np)); \
935+ goto done; \
936+ }
937
938- /* regardless of phase... */
939- if (base.flags & ISAKMP_FLAG_E) {
940- /*
941- * encrypted, nothing we can do right now.
942- * we hope to decrypt the packet in the future...
943- */
944- printf(" [encrypted %s]", NPSTR(base.np));
945- goto done;
946- }
947+ printf(":");
948
949- nparen = 0;
950- CHECKLEN(p + 1, base.np)
951+ /* regardless of phase... */
952+ if (base.flags & ISAKMP_FLAG_E) {
953+ /*
954+ * encrypted, nothing we can do right now.
955+ * we hope to decrypt the packet in the future...
956+ */
957+ printf(" [encrypted %s]", NPSTR(base.np));
958+ goto done;
959+ }
960
961- np = base.np;
962- ext = (struct isakmp_gen *)(p + 1);
963- isakmp_sub_print(np, ext, ep, phase, 0, 0);
964- }
965+ nparen = 0;
966+ CHECKLEN(p + 1, base.np)
967+
968+ np = base.np;
969+ ext = (struct isakmp_gen *)(p + 1);
970+ isakmp_sub_print(np, ext, ep, phase, 0, 0, 0);
971+ }
972
973 done:
974 if (vflag) {
975--- tcpdump-stdinc.h
976+++ tcpdump-stdinc.h
977@@ -0,0 +1,128 @@
978+/*
979+ * Copyright (c) 2002 - 2003
980+ * NetGroup, Politecnico di Torino (Italy)
981+ * All rights reserved.
982+ *
983+ * Redistribution and use in source and binary forms, with or without
984+ * modification, are permitted provided that the following conditions
985+ * are met:
986+ *
987+ * 1. Redistributions of source code must retain the above copyright
988+ * notice, this list of conditions and the following disclaimer.
989+ * 2. Redistributions in binary form must reproduce the above copyright
990+ * notice, this list of conditions and the following disclaimer in the
991+ * documentation and/or other materials provided with the distribution.
992+ * 3. Neither the name of the Politecnico di Torino nor the names of its
993+ * contributors may be used to endorse or promote products derived from
994+ * this software without specific prior written permission.
995+ *
996+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
997+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
998+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
999+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
1000+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
1001+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
1002+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
1003+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
1004+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
1005+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
1006+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
1007+ *
1008+ *
1009+ * @(#) $Header$ (LBL)
1010+ */
1011+
1012+/*
1013+ * Include the appropriate OS header files on Windows and various flavors
1014+ * of UNIX, and also define some additional items and include various
1015+ * non-OS header files on Windows, and; this isolates most of the platform
1016+ * differences to this one file.
1017+ */
1018+
1019+#ifndef tcpdump_stdinc_h
1020+#define tcpdump_stdinc_h
1021+
1022+#ifdef WIN32
1023+
1024+#include <stdio.h>
1025+#include <winsock2.h>
1026+#include "bittypes.h"
1027+#include <ctype.h>
1028+#include <time.h>
1029+#include <io.h>
1030+#include "IP6_misc.h"
1031+#include <fcntl.h>
1032+
1033+#ifdef __MINGW32__
1034+#include <stdint.h>
1035+int* _errno();
1036+#define errno (*_errno())
1037+
1038+#define INET_ADDRSTRLEN 16
1039+#define INET6_ADDRSTRLEN 46
1040+
1041+#endif /* __MINGW32__ */
1042+
1043+#ifndef toascii
1044+#define toascii(c) ((c) & 0x7f)
1045+#endif
1046+
1047+#ifndef caddr_t
1048+typedef char* caddr_t;
1049+#endif /* caddr_t */
1050+
1051+#define MAXHOSTNAMELEN 64
1052+#define NI_MAXHOST 1025
1053+#define snprintf _snprintf
1054+#define vsnprintf _vsnprintf
1055+#define RETSIGTYPE void
1056+
1057+#if !defined(__MINGW32__) && !defined(__WATCOMC__)
1058+#undef toascii
1059+#define isascii __isascii
1060+#define toascii __toascii
1061+#define stat _stat
1062+#define open _open
1063+#define fstat _fstat
1064+#define read _read
1065+#define O_RDONLY _O_RDONLY
1066+
1067+typedef short ino_t;
1068+#endif /* __MINGW32__ */
1069+
1070+#else /* WIN32 */
1071+
1072+#include <ctype.h>
1073+#include <unistd.h>
1074+#include <netdb.h>
1075+#include <sys/param.h>
1076+#include <sys/types.h> /* concession to AIX */
1077+#include <sys/time.h>
1078+#include <sys/socket.h>
1079+#include <netinet/in.h>
1080+
1081+#ifdef TIME_WITH_SYS_TIME
1082+#include <time.h>
1083+#endif
1084+
1085+#include <arpa/inet.h>
1086+
1087+#endif /* WIN32 */
1088+
1089+#ifdef INET6
1090+#include "ip6.h"
1091+#endif
1092+
1093+#if defined(WIN32) || defined(MSDOS)
1094+ #define FOPEN_READ_TXT "rt"
1095+ #define FOPEN_READ_BIN "rb"
1096+ #define FOPEN_WRITE_TXT "wt"
1097+ #define FOPEN_WRITE_BIN "wb"
1098+#else
1099+ #define FOPEN_READ_TXT "r"
1100+ #define FOPEN_READ_BIN FOPEN_READ_TXT
1101+ #define FOPEN_WRITE_TXT "w"
1102+ #define FOPEN_WRITE_BIN FOPEN_WRITE_TXT
1103+#endif
1104+
1105+#endif /* tcpdump_stdinc_h */
dumps packets that are sent or received over a network interface
This page took 0.310443 seconds and 4 git commands to generate.