From: cvs2git Date: Wed, 31 Mar 2004 12:12:05 +0000 (+0000) Subject: This commit was manufactured by cvs2git to create tag 'STABLE'. X-Git-Tag: STABLE X-Git-Url: https://git.pld-linux.org/?p=packages%2Ftcpdump.git;a=commitdiff_plain;h=bf12208018deef0c2e93eb2f69cda92c8eeccd8c This commit was manufactured by cvs2git to create tag 'STABLE'. Sprout from master 2003-01-11 01:29:03 UTC kloczek '- fix sigsegv during decode NFS (patch from Conectiva).' Cherrypick from master 2004-02-03 15:39:23 UTC Jakub Bogusz '- security fixes for 3.7.2 (Ra) and 3.8.1 (current)': tcpdump-isakmp-CAN-2004-0057.patch -> 1.1 tcpdump-radius-CAN-2004-0055.patch -> 1.1 Cherrypick from RA-branch 2004-03-31 12:12:05 UTC Jakub Bogusz '- added isakmp-security patch (CAN-2004-0057, CAN-2004-0183, CAN-2004-0184': tcpdump-acfix.patch -> 1.1.2.1 tcpdump-isakmp-CAN-2003-0989.patch -> 1.1.2.1 tcpdump-isakmp-security.patch -> 1.1.2.1 tcpdump-l2tp-CAN-2003-1029.patch -> 1.1.2.1 tcpdump.spec -> 1.47.2.6 Delete: tcpdump-libsmi.patch --- diff --git a/tcpdump-acfix.patch b/tcpdump-acfix.patch new file mode 100644 index 0000000..3768235 --- /dev/null +++ b/tcpdump-acfix.patch @@ -0,0 +1,65 @@ +--- tcpdump-3.7.2/configure.in.orig Tue Feb 3 16:23:14 2004 ++++ tcpdump-3.7.2/configure.in Tue Feb 3 16:24:47 2004 +@@ -150,7 +150,7 @@ + case $i in + inria) + dnl http://www.kame.net/ +- AC_EGREP_CPP(yes, [dnl ++ AC_EGREP_CPP(yes, [ + #include + #ifdef IPV6_INRIA_VERSION + yes +@@ -160,7 +160,7 @@ + ;; + kame) + dnl http://www.kame.net/ +- AC_EGREP_CPP(yes, [dnl ++ AC_EGREP_CPP(yes, [ + #include + #ifdef __KAME__ + yes +@@ -173,7 +173,7 @@ + ;; + linux-glibc) + dnl http://www.v6.linux.or.jp/ +- AC_EGREP_CPP(yes, [dnl ++ AC_EGREP_CPP(yes, [ + #include + #if defined(__GLIBC__) && __GLIBC__ >= 2 && __GLIBC_MINOR__ >= 1 + yes +@@ -192,7 +192,7 @@ + fi + ;; + toshiba) +- AC_EGREP_CPP(yes, [dnl ++ AC_EGREP_CPP(yes, [ + #include + #ifdef _TOSHIBA_INET6 + yes +@@ -203,7 +203,7 @@ + CFLAGS="-DINET6 $CFLAGS"]) + ;; + v6d) +- AC_EGREP_CPP(yes, [dnl ++ AC_EGREP_CPP(yes, [ + #include + #ifdef __V6D__ + yes +@@ -214,7 +214,7 @@ + CFLAGS="-I/usr/local/v6/include $CFLAGS"]) + ;; + zeta) +- AC_EGREP_CPP(yes, [dnl ++ AC_EGREP_CPP(yes, [ + #include + #ifdef _ZETA_MINAMI_INET6 + yes +@@ -507,7 +507,7 @@ + AC_CHECK_FUNCS(vsnprintf snprintf,, + [needsnprintf=yes]) + if test $needsnprintf = yes; then +- LIBOBJS="$LIBOBJS snprintf.o" ++ AC_LIBOBJ([snprintf]) + fi + + AC_LBL_TYPE_SIGNAL diff --git a/tcpdump-isakmp-CAN-2003-0989.patch b/tcpdump-isakmp-CAN-2003-0989.patch new file mode 100644 index 0000000..23b8f9e --- /dev/null +++ b/tcpdump-isakmp-CAN-2003-0989.patch @@ -0,0 +1,1105 @@ +--- Makefile.in ++++ Makefile.in +@@ -43,7 +43,7 @@ + PROG = tcpdump + CCOPT = @V_CCOPT@ + INCLS = -I. @V_INCLS@ +-DEFS = @DEFS@ ++DEFS = @DEFS@ @V_DEFS@ + + # Standard CFLAGS + CFLAGS = $(CCOPT) $(DEFS) $(INCLS) +--- aclocal.m4 ++++ aclocal.m4 +@@ -1091,6 +1091,9 @@ + ac_cv___attribute__=no)]) + if test "$ac_cv___attribute__" = "yes"; then + AC_DEFINE(HAVE___ATTRIBUTE__, 1, [define if your compiler has __attribute__]) ++ V_DEFS="$V_DEFS -D_U_=\"__attribute__((unused))\"" ++else ++ V_DEFS="$V_DEFS -D_U_=\"\"" + fi + AC_MSG_RESULT($ac_cv___attribute__) + ]) +--- configure.in ++++ configure.in +@@ -639,6 +639,7 @@ + AC_CHECK_HEADERS(rc5.h) + + AC_SUBST(V_CCOPT) ++AC_SUBST(V_DEFS) + AC_SUBST(V_GROUP) + AC_SUBST(V_INCLS) + AC_SUBST(V_PCAPDEP) +--- isakmp.h ++++ isakmp.h +@@ -1,7 +1,7 @@ + /* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. +- * ++ * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: +@@ -13,7 +13,7 @@ + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. +- * ++ * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +@@ -26,7 +26,7 @@ + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +-/* YIPS @(#)$Id$ */ ++/* YIPS @(#)$Id$ */ + + /* refer to RFC 2408 */ + +--- print-isakmp.c ++++ print-isakmp.c +@@ -1,7 +1,7 @@ + /* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. +- * ++ * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: +@@ -13,7 +13,7 @@ + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. +- * ++ * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +@@ -29,24 +29,19 @@ + */ + + #ifndef lint +-static const char rcsid[] = +- "@(#) $Header$ (LBL)"; ++static const char rcsid[] _U_ = ++ "@(#) $Header$ (LBL)"; + #endif + + #ifdef HAVE_CONFIG_H + #include "config.h" + #endif + +-#include +-#include +-#include +-#include +-#include ++#include + +-#include ++#include + + #include +-#include + + #include "isakmp.h" + #include "ipsec_doi.h" +@@ -64,38 +59,38 @@ + #define sockaddr_storage sockaddr + #endif + +-static u_char *isakmp_sa_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_p_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_t_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_ke_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_id_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_cert_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_cr_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_sig_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_hash_print(struct isakmp_gen *, u_char *, +- u_int32_t, u_int32_t, u_int32_t); +-static u_char *isakmp_nonce_print(struct isakmp_gen *, u_char *, +- u_int32_t, u_int32_t, u_int32_t); +-static u_char *isakmp_n_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_d_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_vid_print(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t); +-static u_char *isakmp_sub0_print(u_char, struct isakmp_gen *, u_char *, +- u_int32_t, u_int32_t, u_int32_t); +-static u_char *isakmp_sub_print(u_char, struct isakmp_gen *, u_char *, +- u_int32_t, u_int32_t, u_int32_t); ++static const u_char *isakmp_sa_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_p_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_t_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_ke_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_id_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_cert_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_cr_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_sig_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_hash_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_nonce_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_n_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_d_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_vid_print(const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_sub0_print(u_char, const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++static const u_char *isakmp_sub_print(u_char, const struct isakmp_gen *, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static char *numstr(int); +-static void safememcpy(void *, void *, size_t); ++static void safememcpy(void *, const void *, size_t); + + #define MAXINITIATORS 20 + int ninitiator = 0; +@@ -106,19 +101,19 @@ + } cookiecache[MAXINITIATORS]; + + /* protocol id */ +-static char *protoidstr[] = { ++static const char *protoidstr[] = { + NULL, "isakmp", "ipsec-ah", "ipsec-esp", "ipcomp", + }; + + /* isakmp->np */ +-static char *npstr[] = { ++static const char *npstr[] = { + "none", "sa", "p", "t", "ke", "id", "cert", "cr", "hash", + "sig", "nonce", "n", "d", "vid" + }; + + /* isakmp->np */ +-static u_char *(*npfunc[])(struct isakmp_gen *, u_char *, u_int32_t, +- u_int32_t, u_int32_t) = { ++static const u_char *(*npfunc[])(const struct isakmp_gen *, const u_char *, ++ u_int32_t, u_int32_t, u_int32_t, int) = { + NULL, + isakmp_sa_print, + isakmp_p_print, +@@ -136,7 +131,7 @@ + }; + + /* isakmp->etype */ +-static char *etypestr[] = { ++static const char *etypestr[] = { + "none", "base", "ident", "auth", "agg", "inf", NULL, NULL, + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, +@@ -330,7 +325,7 @@ + rawprint(caddr_t loc, size_t len) + { + static u_char *p; +- int i; ++ size_t i; + + p = (u_char *)loc; + for (i = 0; i < len; i++) +@@ -338,13 +333,14 @@ + } + + struct attrmap { +- char *type; +- int nvalue; +- char *value[30]; /*XXX*/ ++ const char *type; ++ u_int nvalue; ++ const char *value[30]; /*XXX*/ + }; + +-static u_char * +-isakmp_attrmap_print(u_char *p, u_char *ep, struct attrmap *map, size_t nmap) ++static const u_char * ++isakmp_attrmap_print(const u_char *p, const u_char *ep, ++ const struct attrmap *map, size_t nmap) + { + u_int16_t *q; + int totlen; +@@ -354,35 +350,35 @@ + if (p[0] & 0x80) + totlen = 4; + else +- totlen = 4 + ntohs(q[1]); ++ totlen = 4 + EXTRACT_16BITS(&q[1]); + if (ep < p + totlen) { + printf("[|attr]"); + return ep + 1; + } + + printf("("); +- t = ntohs(q[0]) & 0x7fff; ++ t = EXTRACT_16BITS(&q[0]) & 0x7fff; + if (map && t < nmap && map[t].type) + printf("type=%s ", map[t].type); + else + printf("type=#%d ", t); + if (p[0] & 0x80) { + printf("value="); +- v = ntohs(q[1]); ++ v = EXTRACT_16BITS(&q[1]); + if (map && t < nmap && v < map[t].nvalue && map[t].value[v]) + printf("%s", map[t].value[v]); + else + rawprint((caddr_t)&q[1], 2); + } else { +- printf("len=%d value=", ntohs(q[1])); +- rawprint((caddr_t)&p[4], ntohs(q[1])); ++ printf("len=%d value=", EXTRACT_16BITS(&q[1])); ++ rawprint((caddr_t)&p[4], EXTRACT_16BITS(&q[1])); + } + printf(")"); + return p + totlen; + } + +-static u_char * +-isakmp_attr_print(u_char *p, u_char *ep) ++static const u_char * ++isakmp_attr_print(const u_char *p, const u_char *ep) + { + u_int16_t *q; + int totlen; +@@ -392,35 +388,36 @@ + if (p[0] & 0x80) + totlen = 4; + else +- totlen = 4 + ntohs(q[1]); ++ totlen = 4 + EXTRACT_16BITS(&q[1]); + if (ep < p + totlen) { + printf("[|attr]"); + return ep + 1; + } + + printf("("); +- t = ntohs(q[0]) & 0x7fff; ++ t = EXTRACT_16BITS(&q[0]) & 0x7fff; + printf("type=#%d ", t); + if (p[0] & 0x80) { + printf("value="); + t = q[1]; + rawprint((caddr_t)&q[1], 2); + } else { +- printf("len=%d value=", ntohs(q[1])); +- rawprint((caddr_t)&p[2], ntohs(q[1])); ++ printf("len=%d value=", EXTRACT_16BITS(&q[1])); ++ rawprint((caddr_t)&p[2], EXTRACT_16BITS(&q[1])); + } + printf(")"); + return p + totlen; + } + +-static u_char * +-isakmp_sa_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi0, u_int32_t proto0) +-{ +- struct isakmp_pl_sa *p, sa; +- u_int32_t *q; ++static const u_char * ++isakmp_sa_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase, ++ u_int32_t doi0 _U_, u_int32_t proto0, int depth) ++{ ++ const struct isakmp_pl_sa *p; ++ struct isakmp_pl_sa sa; ++ const u_int32_t *q; + u_int32_t doi, sit, ident; +- u_char *cp, *np; ++ const u_char *cp, *np; + int t; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_SA)); +@@ -459,17 +456,19 @@ + + ext = (struct isakmp_gen *)np; + +- cp = isakmp_sub_print(ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0); ++ cp = isakmp_sub_print(ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0, ++ depth); + + return cp; + } + +-static u_char * +-isakmp_p_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi0, u_int32_t proto0) +-{ +- struct isakmp_pl_p *p, prop; +- u_char *cp; ++static const u_char * ++isakmp_p_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase, ++ u_int32_t doi0, u_int32_t proto0 _U_, int depth) ++{ ++ const struct isakmp_pl_p *p; ++ struct isakmp_pl_p prop; ++ const u_char *cp; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_P)); + +@@ -485,45 +484,45 @@ + ext = (struct isakmp_gen *)((u_char *)(p + 1) + prop.spi_size); + + cp = isakmp_sub_print(ISAKMP_NPTYPE_T, ext, ep, phase, doi0, +- prop.prot_id); ++ prop.prot_id, depth); + + return cp; + } + +-static char *isakmp_p_map[] = { ++static const char *isakmp_p_map[] = { + NULL, "ike", + }; + +-static char *ah_p_map[] = { ++static const char *ah_p_map[] = { + NULL, "(reserved)", "md5", "sha", "1des", + "sha2-256", "sha2-384", "sha2-512", + }; + +-static char *esp_p_map[] = { ++static const char *esp_p_map[] = { + NULL, "1des-iv64", "1des", "3des", "rc5", "idea", "cast", + "blowfish", "3idea", "1des-iv32", "rc4", "null", "aes" + }; + +-static char *ipcomp_p_map[] = { ++static const char *ipcomp_p_map[] = { + NULL, "oui", "deflate", "lzs", + }; + +-struct attrmap ipsec_t_map[] = { +- { NULL, 0, }, ++const struct attrmap ipsec_t_map[] = { ++ { NULL, 0, { NULL } }, + { "lifetype", 3, { NULL, "sec", "kb", }, }, +- { "life", 0, }, ++ { "life", 0, { NULL } }, + { "group desc", 5, { NULL, "modp768", "modp1024", "EC2N 2^155", + "EC2N 2^185", }, }, + { "enc mode", 3, { NULL, "tunnel", "transport", }, }, + { "auth", 5, { NULL, "hmac-md5", "hmac-sha1", "1des-mac", "keyed", }, }, +- { "keylen", 0, }, +- { "rounds", 0, }, +- { "dictsize", 0, }, +- { "privalg", 0, }, ++ { "keylen", 0, { NULL } }, ++ { "rounds", 0, { NULL } }, ++ { "dictsize", 0, { NULL } }, ++ { "privalg", 0, { NULL } }, + }; + +-struct attrmap oakley_t_map[] = { +- { NULL, 0 }, ++const struct attrmap oakley_t_map[] = { ++ { NULL, 0, { NULL } }, + { "enc", 8, { NULL, "1des", "idea", "blowfish", "rc5", + "3des", "cast", "aes", }, }, + { "hash", 7, { NULL, "md5", "sha1", "tiger", +@@ -533,29 +532,31 @@ + { "group desc", 5, { NULL, "modp768", "modp1024", "EC2N 2^155", + "EC2N 2^185", }, }, + { "group type", 4, { NULL, "MODP", "ECP", "EC2N", }, }, +- { "group prime", 0, }, +- { "group gen1", 0, }, +- { "group gen2", 0, }, +- { "group curve A", 0, }, +- { "group curve B", 0, }, ++ { "group prime", 0, { NULL } }, ++ { "group gen1", 0, { NULL } }, ++ { "group gen2", 0, { NULL } }, ++ { "group curve A", 0, { NULL } }, ++ { "group curve B", 0, { NULL } }, + { "lifetype", 3, { NULL, "sec", "kb", }, }, +- { "lifeduration", 0, }, +- { "prf", 0, }, +- { "keylen", 0, }, +- { "field", 0, }, +- { "order", 0, }, ++ { "lifeduration", 0, { NULL } }, ++ { "prf", 0, { NULL } }, ++ { "keylen", 0, { NULL } }, ++ { "field", 0, { NULL } }, ++ { "order", 0, { NULL } }, + }; + +-static u_char * +-isakmp_t_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi, u_int32_t proto) +-{ +- struct isakmp_pl_t *p, t; +- u_char *cp; +- char *idstr; +- struct attrmap *map; ++static const u_char * ++isakmp_t_print(const struct isakmp_gen *ext, const u_char *ep, ++ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto, ++ int depth _U_) ++{ ++ const struct isakmp_pl_t *p; ++ struct isakmp_pl_t t; ++ const u_char *cp; ++ const char *idstr; ++ const struct attrmap *map; + size_t nmap; +- u_char *ep2; ++ const u_char *ep2; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_T)); + +@@ -608,9 +609,10 @@ + return cp; + } + +-static u_char * +-isakmp_ke_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi, u_int32_t proto) ++static const u_char * ++isakmp_ke_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, ++ int depth _U_) + { + struct isakmp_gen e; + +@@ -625,22 +627,24 @@ + return (u_char *)ext + ntohs(e.len); + } + +-static u_char * +-isakmp_id_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi, u_int32_t proto) ++static const u_char * ++isakmp_id_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase, u_int32_t doi _U_, u_int32_t proto _U_, ++ int depth _U_) + { + #define USE_IPSECDOI_IN_PHASE1 1 +- struct isakmp_pl_id *p, id; +- static char *idtypestr[] = { ++ const struct isakmp_pl_id *p; ++ struct isakmp_pl_id id; ++ static const char *idtypestr[] = { + "IPv4", "IPv4net", "IPv6", "IPv6net", + }; +- static char *ipsecidtypestr[] = { ++ static const char *ipsecidtypestr[] = { + NULL, "IPv4", "FQDN", "user FQDN", "IPv4net", "IPv6", + "IPv6net", "IPv4range", "IPv6range", "ASN1 DN", "ASN1 GN", + "keyid", + }; + int len; +- u_char *data; ++ const u_char *data; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_ID)); + +@@ -670,18 +674,23 @@ + #endif + case 2: + { +- struct ipsecdoi_id *p, id; ++ const struct ipsecdoi_id *p; ++ struct ipsecdoi_id id; + struct protoent *pe; + + p = (struct ipsecdoi_id *)ext; + safememcpy(&id, ext, sizeof(id)); + printf(" idtype=%s", STR_OR_ID(id.type, ipsecidtypestr)); + if (id.proto_id) { ++#ifndef WIN32 + setprotoent(1); ++#endif /* WIN32 */ + pe = getprotobynumber(id.proto_id); + if (pe) + printf(" protoid=%s", pe->p_name); ++#ifndef WIN32 + endprotoent(); ++#endif /* WIN32 */ + } else { + /* it DOES NOT mean IPPROTO_IP! */ + printf(" protoid=%s", "0"); +@@ -706,7 +715,7 @@ + } + case IPSECDOI_ID_IPV4_ADDR_SUBNET: + { +- u_char *mask; ++ const u_char *mask; + mask = data + sizeof(struct in_addr); + printf(" len=%d %s/%u.%u.%u.%u", len, + ipaddr_string(data), +@@ -721,7 +730,7 @@ + break; + case IPSECDOI_ID_IPV6_ADDR_SUBNET: + { +- u_int32_t *mask; ++ const u_int32_t *mask; + mask = (u_int32_t *)(data + sizeof(struct in6_addr)); + /*XXX*/ + printf(" len=%d %s/0x%08x%08x%08x%08x", len, +@@ -761,12 +770,14 @@ + return (u_char *)ext + ntohs(id.h.len); + } + +-static u_char * +-isakmp_cert_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi0, u_int32_t proto0) +-{ +- struct isakmp_pl_cert *p, cert; +- static char *certstr[] = { ++static const u_char * ++isakmp_cert_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_, ++ int depth _U_) ++{ ++ const struct isakmp_pl_cert *p; ++ struct isakmp_pl_cert cert; ++ static const char *certstr[] = { + "none", "pkcs7", "pgp", "dns", + "x509sign", "x509ke", "kerberos", "crl", + "arl", "spki", "x509attr", +@@ -785,12 +796,14 @@ + return (u_char *)ext + ntohs(cert.h.len); + } + +-static u_char * +-isakmp_cr_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi0, u_int32_t proto0) +-{ +- struct isakmp_pl_cert *p, cert; +- static char *certstr[] = { ++static const u_char * ++isakmp_cr_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_, ++ int depth _U_) ++{ ++ const struct isakmp_pl_cert *p; ++ struct isakmp_pl_cert cert; ++ static const char *certstr[] = { + "none", "pkcs7", "pgp", "dns", + "x509sign", "x509ke", "kerberos", "crl", + "arl", "spki", "x509attr", +@@ -809,9 +822,10 @@ + return (u_char *)ext + ntohs(cert.h.len); + } + +-static u_char * +-isakmp_hash_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi, u_int32_t proto) ++static const u_char * ++isakmp_hash_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, ++ int depth _U_) + { + struct isakmp_gen e; + +@@ -826,9 +840,10 @@ + return (u_char *)ext + ntohs(e.len); + } + +-static u_char * +-isakmp_sig_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi, u_int32_t proto) ++static const u_char * ++isakmp_sig_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, ++ int depth _U_) + { + struct isakmp_gen e; + +@@ -843,9 +858,10 @@ + return (u_char *)ext + ntohs(e.len); + } + +-static u_char * +-isakmp_nonce_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi, u_int32_t proto) ++static const u_char * ++isakmp_nonce_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, ++ int depth _U_) + { + struct isakmp_gen e; + +@@ -860,16 +876,16 @@ + return (u_char *)ext + ntohs(e.len); + } + +-static u_char * +-isakmp_n_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi0, u_int32_t proto0) ++static const u_char * ++isakmp_n_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase, ++ u_int32_t doi0 _U_, u_int32_t proto0 _U_, int depth) + { + struct isakmp_pl_n *p, n; +- u_char *cp; ++ const u_char *cp; + u_char *ep2; + u_int32_t doi; + u_int32_t proto; +- static char *notifystr[] = { ++ static const char *notify_error_str[] = { + NULL, "INVALID-PAYLOAD-TYPE", + "DOI-NOT-SUPPORTED", "SITUATION-NOT-SUPPORTED", + "INVALID-COOKIE", "INVALID-MAJOR-VERSION", +@@ -887,15 +903,33 @@ + "CERTIFICATE-UNAVAILABLE", "UNSUPPORTED-EXCHANGE-TYPE", + "UNEQUAL-PAYLOAD-LENGTHS", + }; +- static char *ipsecnotifystr[] = { ++ static const char *ipsec_notify_error_str[] = { ++ "RESERVED", ++ }; ++ static const char *notify_status_str[] = { ++ "CONNECTED", ++ }; ++ static const char *ipsec_notify_status_str[] = { + "RESPONDER-LIFETIME", "REPLAY-STATUS", + "INITIAL-CONTACT", + }; + /* NOTE: these macro must be called with x in proper range */ +-#define NOTIFYSTR(x) \ +- (((x) == 16384) ? "CONNECTED" : STR_OR_ID((x), notifystr)) +-#define IPSECNOTIFYSTR(x) \ +- (((x) == 8192) ? "RESERVED" : STR_OR_ID(((x) - 24576), ipsecnotifystr)) ++ ++/* 0 - 8191 */ ++#define NOTIFY_ERROR_STR(x) \ ++ STR_OR_ID((x), notify_error_str) ++ ++/* 8192 - 16383 */ ++#define IPSEC_NOTIFY_ERROR_STR(x) \ ++ STR_OR_ID((u_int)((x) - 8192), ipsec_notify_error_str) ++ ++/* 16384 - 24575 */ ++#define NOTIFY_STATUS_STR(x) \ ++ STR_OR_ID((u_int)((x) - 16384), notify_status_str) ++ ++/* 24576 - 32767 */ ++#define IPSEC_NOTIFY_STATUS_STR(x) \ ++ STR_OR_ID((u_int)((x) - 24576), ipsec_notify_status_str) + + printf("%s:", NPSTR(ISAKMP_NPTYPE_N)); + +@@ -906,7 +940,14 @@ + if (doi != 1) { + printf(" doi=%d", doi); + printf(" proto=%d", proto); +- printf(" type=%s", NOTIFYSTR(ntohs(n.type))); ++ if (ntohs(n.type) < 8192) ++ printf(" type=%s", NOTIFY_ERROR_STR(ntohs(n.type))); ++ else if (ntohs(n.type) < 16384) ++ printf(" type=%s", numstr(ntohs(n.type))); ++ else if (ntohs(n.type) < 24576) ++ printf(" type=%s", NOTIFY_STATUS_STR(ntohs(n.type))); ++ else ++ printf(" type=%s", numstr(ntohs(n.type))); + if (n.spi_size) { + printf(" spi="); + rawprint((caddr_t)(p + 1), n.spi_size); +@@ -917,15 +958,15 @@ + printf(" doi=ipsec"); + printf(" proto=%s", PROTOIDSTR(proto)); + if (ntohs(n.type) < 8192) +- printf(" type=%s", NOTIFYSTR(ntohs(n.type))); ++ printf(" type=%s", NOTIFY_ERROR_STR(ntohs(n.type))); + else if (ntohs(n.type) < 16384) +- printf(" type=%s", IPSECNOTIFYSTR(ntohs(n.type))); ++ printf(" type=%s", IPSEC_NOTIFY_ERROR_STR(ntohs(n.type))); + else if (ntohs(n.type) < 24576) +- printf(" type=%s", NOTIFYSTR(ntohs(n.type))); +- else if (ntohs(n.type) < 40960) +- printf(" type=%s", IPSECNOTIFYSTR(ntohs(n.type))); ++ printf(" type=%s", NOTIFY_STATUS_STR(ntohs(n.type))); ++ else if (ntohs(n.type) < 32768) ++ printf(" type=%s", IPSEC_NOTIFY_STATUS_STR(ntohs(n.type))); + else +- printf(" type=%s", NOTIFYSTR(ntohs(n.type))); ++ printf(" type=%s", numstr(ntohs(n.type))); + if (n.spi_size) { + printf(" spi="); + rawprint((caddr_t)(p + 1), n.spi_size); +@@ -939,7 +980,7 @@ + switch (ntohs(n.type)) { + case IPSECDOI_NTYPE_RESPONDER_LIFETIME: + { +- struct attrmap *map = oakley_t_map; ++ const struct attrmap *map = oakley_t_map; + size_t nmap = sizeof(oakley_t_map)/sizeof(oakley_t_map[0]); + while (cp < ep && cp < ep2) { + cp = isakmp_attrmap_print(cp, +@@ -952,8 +993,10 @@ + (*(u_int32_t *)cp) ? "en" : "dis"); + break; + case ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN: +- isakmp_sub_print(ISAKMP_NPTYPE_SA, +- (struct isakmp_gen *)cp, ep, phase, doi, proto); ++ if (isakmp_sub_print(ISAKMP_NPTYPE_SA, ++ (struct isakmp_gen *)cp, ep, phase, doi, proto, ++ depth) == NULL) ++ return NULL; + break; + default: + /* NULL is dummy */ +@@ -966,12 +1009,14 @@ + return (u_char *)ext + ntohs(n.h.len); + } + +-static u_char * +-isakmp_d_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi0, u_int32_t proto0) +-{ +- struct isakmp_pl_d *p, d; +- u_int8_t *q; ++static const u_char * ++isakmp_d_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_, ++ int depth _U_) ++{ ++ const struct isakmp_pl_d *p; ++ struct isakmp_pl_d d; ++ const u_int8_t *q; + u_int32_t doi; + u_int32_t proto; + int i; +@@ -1002,9 +1047,10 @@ + return q; + } + +-static u_char * +-isakmp_vid_print(struct isakmp_gen *ext, u_char *ep, u_int32_t phase, +- u_int32_t doi, u_int32_t proto) ++static const u_char * ++isakmp_vid_print(const struct isakmp_gen *ext, const u_char *ep _U_, ++ u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, ++ int depth _U_) + { + struct isakmp_gen e; + +@@ -1019,45 +1065,50 @@ + return (u_char *)ext + ntohs(e.len); + } + +-static u_char * +-isakmp_sub0_print(u_char np, struct isakmp_gen *ext, u_char *ep, +- u_int32_t phase, u_int32_t doi, u_int32_t proto) ++static const u_char * ++isakmp_sub0_print(u_char np, const struct isakmp_gen *ext, const u_char *ep, ++ u_int32_t phase, u_int32_t doi, u_int32_t proto, int depth) + { +- u_char *cp; ++ const u_char *cp; + struct isakmp_gen e; + u_int item_len; + + cp = (u_char *)ext; + safememcpy(&e, ext, sizeof(e)); + +- if (NPFUNC(np)) +- cp = (*NPFUNC(np))(ext, ep, phase, doi, proto); +- else { ++ /* ++ * Since we can't have a payload length of less than 4 bytes, ++ * we need to bail out here if the generic header is nonsensical ++ * or truncated, otherwise we could loop forever processing ++ * zero-length items or otherwise misdissect the packet. ++ */ ++ item_len = ntohs(e.len); ++ if (item_len <= 4) ++ return NULL; ++ ++ if (NPFUNC(np)) { ++ /* ++ * XXX - what if item_len is too short, or too long, ++ * for this payload type? ++ */ ++ cp = (*NPFUNC(np))(ext, ep, phase, doi, proto, depth); ++ } else { + printf("%s", NPSTR(np)); +- item_len = ntohs(e.len); +- if (item_len == 0) { +- /* +- * We don't want to loop forever processing this +- * bogus (zero-length) item; return NULL so that +- * we stop dissecting. +- */ +- cp = NULL; +- } else +- cp += item_len; ++ cp += item_len; + } ++ + return cp; + } + +-static u_char * +-isakmp_sub_print(u_char np, struct isakmp_gen *ext, u_char *ep, +- u_int32_t phase, u_int32_t doi, u_int32_t proto) ++static const u_char * ++isakmp_sub_print(u_char np, const struct isakmp_gen *ext, const u_char *ep, ++ u_int32_t phase, u_int32_t doi, u_int32_t proto, int depth) + { +- u_char *cp; +- static int depth = 0; ++ const u_char *cp; + int i; + struct isakmp_gen e; + +- cp = (u_char *)ext; ++ cp = (const u_char *)ext; + + while (np) { + safememcpy(&e, ext, sizeof(e)); +@@ -1072,7 +1123,7 @@ + for (i = 0; i < depth; i++) + printf(" "); + printf("("); +- cp = isakmp_sub0_print(np, ext, ep, phase, doi, proto); ++ cp = isakmp_sub0_print(np, ext, ep, phase, doi, proto, depth); + printf(")"); + depth--; + +@@ -1101,7 +1152,7 @@ + * optimization. + */ + static void +-safememcpy(void *p, void *q, size_t l) ++safememcpy(void *p, const void *q, size_t l) + { + memcpy(p, q, l); + } +@@ -1109,15 +1160,16 @@ + void + isakmp_print(const u_char *bp, u_int length, const u_char *bp2) + { +- struct isakmp *p, base; +- u_char *ep; ++ const struct isakmp *p; ++ struct isakmp base; ++ const u_char *ep; + u_char np; + int i; + int phase; + int major, minor; + +- p = (struct isakmp *)bp; +- ep = (u_char *)snapend; ++ p = (const struct isakmp *)bp; ++ ep = snapend; + + if ((struct isakmp *)ep < p + 1) { + printf("[|isakmp]"); +@@ -1177,35 +1229,36 @@ + printf("[%s%s]", base.flags & ISAKMP_FLAG_E ? "E" : "", + base.flags & ISAKMP_FLAG_C ? "C" : ""); + } +- printf(":"); + +- { +- struct isakmp_gen *ext; +- int nparen; ++ if (vflag) { ++ const struct isakmp_gen *ext; ++ int nparen; + + #define CHECKLEN(p, np) \ +- if (ep < (u_char *)(p)) { \ +- printf(" [|%s]", NPSTR(np)); \ +- goto done; \ +- } ++ if (ep < (u_char *)(p)) { \ ++ printf(" [|%s]", NPSTR(np)); \ ++ goto done; \ ++ } + +- /* regardless of phase... */ +- if (base.flags & ISAKMP_FLAG_E) { +- /* +- * encrypted, nothing we can do right now. +- * we hope to decrypt the packet in the future... +- */ +- printf(" [encrypted %s]", NPSTR(base.np)); +- goto done; +- } ++ printf(":"); + +- nparen = 0; +- CHECKLEN(p + 1, base.np) ++ /* regardless of phase... */ ++ if (base.flags & ISAKMP_FLAG_E) { ++ /* ++ * encrypted, nothing we can do right now. ++ * we hope to decrypt the packet in the future... ++ */ ++ printf(" [encrypted %s]", NPSTR(base.np)); ++ goto done; ++ } + +- np = base.np; +- ext = (struct isakmp_gen *)(p + 1); +- isakmp_sub_print(np, ext, ep, phase, 0, 0); +- } ++ nparen = 0; ++ CHECKLEN(p + 1, base.np) ++ ++ np = base.np; ++ ext = (struct isakmp_gen *)(p + 1); ++ isakmp_sub_print(np, ext, ep, phase, 0, 0, 0); ++ } + + done: + if (vflag) { +--- tcpdump-stdinc.h ++++ tcpdump-stdinc.h +@@ -0,0 +1,128 @@ ++/* ++ * Copyright (c) 2002 - 2003 ++ * NetGroup, Politecnico di Torino (Italy) ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. Neither the name of the Politecnico di Torino nor the names of its ++ * contributors may be used to endorse or promote products derived from ++ * this software without specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT ++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR ++ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT ++ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT ++ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, ++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY ++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ++ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ * ++ * @(#) $Header$ (LBL) ++ */ ++ ++/* ++ * Include the appropriate OS header files on Windows and various flavors ++ * of UNIX, and also define some additional items and include various ++ * non-OS header files on Windows, and; this isolates most of the platform ++ * differences to this one file. ++ */ ++ ++#ifndef tcpdump_stdinc_h ++#define tcpdump_stdinc_h ++ ++#ifdef WIN32 ++ ++#include ++#include ++#include "bittypes.h" ++#include ++#include ++#include ++#include "IP6_misc.h" ++#include ++ ++#ifdef __MINGW32__ ++#include ++int* _errno(); ++#define errno (*_errno()) ++ ++#define INET_ADDRSTRLEN 16 ++#define INET6_ADDRSTRLEN 46 ++ ++#endif /* __MINGW32__ */ ++ ++#ifndef toascii ++#define toascii(c) ((c) & 0x7f) ++#endif ++ ++#ifndef caddr_t ++typedef char* caddr_t; ++#endif /* caddr_t */ ++ ++#define MAXHOSTNAMELEN 64 ++#define NI_MAXHOST 1025 ++#define snprintf _snprintf ++#define vsnprintf _vsnprintf ++#define RETSIGTYPE void ++ ++#if !defined(__MINGW32__) && !defined(__WATCOMC__) ++#undef toascii ++#define isascii __isascii ++#define toascii __toascii ++#define stat _stat ++#define open _open ++#define fstat _fstat ++#define read _read ++#define O_RDONLY _O_RDONLY ++ ++typedef short ino_t; ++#endif /* __MINGW32__ */ ++ ++#else /* WIN32 */ ++ ++#include ++#include ++#include ++#include ++#include /* concession to AIX */ ++#include ++#include ++#include ++ ++#ifdef TIME_WITH_SYS_TIME ++#include ++#endif ++ ++#include ++ ++#endif /* WIN32 */ ++ ++#ifdef INET6 ++#include "ip6.h" ++#endif ++ ++#if defined(WIN32) || defined(MSDOS) ++ #define FOPEN_READ_TXT "rt" ++ #define FOPEN_READ_BIN "rb" ++ #define FOPEN_WRITE_TXT "wt" ++ #define FOPEN_WRITE_BIN "wb" ++#else ++ #define FOPEN_READ_TXT "r" ++ #define FOPEN_READ_BIN FOPEN_READ_TXT ++ #define FOPEN_WRITE_TXT "w" ++ #define FOPEN_WRITE_BIN FOPEN_WRITE_TXT ++#endif ++ ++#endif /* tcpdump_stdinc_h */ diff --git a/tcpdump-isakmp-CAN-2004-0057.patch b/tcpdump-isakmp-CAN-2004-0057.patch new file mode 100644 index 0000000..7e50399 --- /dev/null +++ b/tcpdump-isakmp-CAN-2004-0057.patch @@ -0,0 +1,43 @@ +--- print-isakmp.c ++++ print-isakmp.c +@@ -30,7 +30,7 @@ + + #ifndef lint + static const char rcsid[] _U_ = +- "@(#) $Header$ (LBL)"; ++ "@(#) $Header$ (LBL)"; + #endif + + #ifdef HAVE_CONFIG_H +@@ -327,9 +327,13 @@ + static u_char *p; + size_t i; + ++ TCHECK2(*loc, len); ++ + p = (u_char *)loc; + for (i = 0; i < len; i++) + printf("%02x", p[i] & 0xff); ++trunc: ++ + } + + struct attrmap { +@@ -1111,6 +1115,8 @@ + cp = (const u_char *)ext; + + while (np) { ++ TCHECK2(*ext, sizeof(e)); ++ + safememcpy(&e, ext, sizeof(e)); + + if (ep < (u_char *)ext + ntohs(e.len)) { +@@ -1136,6 +1142,8 @@ + ext = (struct isakmp_gen *)cp; + } + return cp; ++trunc: ++ return NULL; + } + + static char * diff --git a/tcpdump-isakmp-security.patch b/tcpdump-isakmp-security.patch new file mode 100644 index 0000000..d9110ba --- /dev/null +++ b/tcpdump-isakmp-security.patch @@ -0,0 +1,702 @@ +Backport from tcpdump-3.8.3, fixes CAN-2004-0057, CAN-2004-0183, CAN-2004-0184. +--- tcpdump-3.8.1/print-isakmp.c Sat Dec 20 11:02:46 2003 ++++ tcpdump-3.8.3/print-isakmp.c Wed Mar 24 02:32:42 2004 +@@ -60,31 +60,31 @@ + #endif + + static const u_char *isakmp_sa_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_p_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_t_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_ke_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_id_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_cert_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_cr_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_sig_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_hash_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_nonce_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_n_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_d_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_vid_print(const struct isakmp_gen *, +- const u_char *, u_int32_t, u_int32_t, u_int32_t, int); ++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_sub0_print(u_char, const struct isakmp_gen *, + const u_char *, u_int32_t, u_int32_t, u_int32_t, int); + static const u_char *isakmp_sub_print(u_char, const struct isakmp_gen *, +@@ -112,8 +112,8 @@ + }; + + /* isakmp->np */ +-static const u_char *(*npfunc[])(const struct isakmp_gen *, const u_char *, +- u_int32_t, u_int32_t, u_int32_t, int) = { ++static const u_char *(*npfunc[])(const struct isakmp_gen *, u_int, ++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int) = { + NULL, + isakmp_sa_print, + isakmp_p_print, +@@ -321,15 +321,20 @@ + return 0; + } + +-static void ++static int + rawprint(caddr_t loc, size_t len) + { + static u_char *p; + size_t i; + ++ TCHECK2(*loc, len); ++ + p = (u_char *)loc; + for (i = 0; i < len; i++) + printf("%02x", p[i] & 0xff); ++ return 1; ++trunc: ++ return 0; + } + + struct attrmap { +@@ -410,8 +415,9 @@ + } + + static const u_char * +-isakmp_sa_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase, +- u_int32_t doi0 _U_, u_int32_t proto0, int depth) ++isakmp_sa_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase, u_int32_t doi0 _U_, ++ u_int32_t proto0, int depth) + { + const struct isakmp_pl_sa *p; + struct isakmp_pl_sa sa; +@@ -423,6 +429,7 @@ + printf("%s:", NPSTR(ISAKMP_NPTYPE_SA)); + + p = (struct isakmp_pl_sa *)ext; ++ TCHECK(*p); + safememcpy(&sa, ext, sizeof(sa)); + doi = ntohl(sa.doi); + sit = ntohl(sa.sit); +@@ -449,22 +456,28 @@ + + np = (u_char *)ext + sizeof(sa); + if (sit != 0x01) { ++ TCHECK2(*(ext + 1), sizeof(ident)); + safememcpy(&ident, ext + 1, sizeof(ident)); + printf(" ident=%u", (u_int32_t)ntohl(ident)); + np += sizeof(ident); + } + + ext = (struct isakmp_gen *)np; ++ TCHECK(*ext); + + cp = isakmp_sub_print(ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0, + depth); + + return cp; ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_SA)); ++ return NULL; + } + + static const u_char * +-isakmp_p_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase, +- u_int32_t doi0, u_int32_t proto0 _U_, int depth) ++isakmp_p_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase, u_int32_t doi0, ++ u_int32_t proto0 _U_, int depth) + { + const struct isakmp_pl_p *p; + struct isakmp_pl_p prop; +@@ -473,20 +486,26 @@ + printf("%s:", NPSTR(ISAKMP_NPTYPE_P)); + + p = (struct isakmp_pl_p *)ext; ++ TCHECK(*p); + safememcpy(&prop, ext, sizeof(prop)); + printf(" #%d protoid=%s transform=%d", + prop.p_no, PROTOIDSTR(prop.prot_id), prop.num_t); + if (prop.spi_size) { + printf(" spi="); +- rawprint((caddr_t)(p + 1), prop.spi_size); ++ if (!rawprint((caddr_t)(p + 1), prop.spi_size)) ++ goto trunc; + } + + ext = (struct isakmp_gen *)((u_char *)(p + 1) + prop.spi_size); ++ TCHECK(*ext); + + cp = isakmp_sub_print(ISAKMP_NPTYPE_T, ext, ep, phase, doi0, + prop.prot_id, depth); + + return cp; ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_P)); ++ return NULL; + } + + static const char *isakmp_p_map[] = { +@@ -546,9 +565,9 @@ + }; + + static const u_char * +-isakmp_t_print(const struct isakmp_gen *ext, const u_char *ep, +- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto, +- int depth _U_) ++isakmp_t_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi _U_, ++ u_int32_t proto, int depth _U_) + { + const struct isakmp_pl_t *p; + struct isakmp_pl_t t; +@@ -561,6 +580,7 @@ + printf("%s:", NPSTR(ISAKMP_NPTYPE_T)); + + p = (struct isakmp_pl_t *)ext; ++ TCHECK(*p); + safememcpy(&t, ext, sizeof(t)); + + switch (proto) { +@@ -596,7 +616,7 @@ + else + printf(" #%d id=%d ", t.t_no, t.t_id); + cp = (u_char *)(p + 1); +- ep2 = (u_char *)p + ntohs(t.h.len); ++ ep2 = (u_char *)p + item_len; + while (cp < ep && cp < ep2) { + if (map && nmap) { + cp = isakmp_attrmap_print(cp, (ep < ep2) ? ep : ep2, +@@ -607,30 +627,38 @@ + if (ep < ep2) + printf("..."); + return cp; ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_T)); ++ return NULL; + } + + static const u_char * +-isakmp_ke_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, +- int depth _U_) ++isakmp_ke_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi _U_, ++ u_int32_t proto _U_, int depth _U_) + { + struct isakmp_gen e; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_KE)); + ++ TCHECK(*ext); + safememcpy(&e, ext, sizeof(e)); + printf(" key len=%d", ntohs(e.len) - 4); + if (2 < vflag && 4 < ntohs(e.len)) { + printf(" "); +- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4); ++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4)) ++ goto trunc; + } + return (u_char *)ext + ntohs(e.len); ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_KE)); ++ return NULL; + } + + static const u_char * +-isakmp_id_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase, u_int32_t doi _U_, u_int32_t proto _U_, +- int depth _U_) ++isakmp_id_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase, u_int32_t doi _U_, ++ u_int32_t proto _U_, int depth _U_) + { + #define USE_IPSECDOI_IN_PHASE1 1 + const struct isakmp_pl_id *p; +@@ -649,12 +677,15 @@ + printf("%s:", NPSTR(ISAKMP_NPTYPE_ID)); + + p = (struct isakmp_pl_id *)ext; ++ TCHECK(*p); + safememcpy(&id, ext, sizeof(id)); +- if (sizeof(*p) < id.h.len) ++ if (sizeof(*p) < item_len) { + data = (u_char *)(p + 1); +- else ++ len = item_len - sizeof(*p); ++ } else { + data = NULL; +- len = ntohs(id.h.len) - sizeof(*p); ++ len = 0; ++ } + + #if 0 /*debug*/ + printf(" [phase=%d doi=%d proto=%d]", phase, doi, proto); +@@ -679,6 +710,7 @@ + struct protoent *pe; + + p = (struct ipsecdoi_id *)ext; ++ TCHECK(*p); + safememcpy(&id, ext, sizeof(id)); + printf(" idtype=%s", STR_OR_ID(id.type, ipsecidtypestr)); + if (id.proto_id) { +@@ -698,9 +730,15 @@ + printf(" port=%d", ntohs(id.port)); + if (!len) + break; ++ if (data == NULL) ++ goto trunc; ++ TCHECK2(*data, len); + switch (id.type) { + case IPSECDOI_ID_IPV4_ADDR: +- printf(" len=%d %s", len, ipaddr_string(data)); ++ if (len < 4) ++ printf(" len=%d [bad: < 4]", len); ++ else ++ printf(" len=%d %s", len, ipaddr_string(data)); + len = 0; + break; + case IPSECDOI_ID_FQDN: +@@ -716,39 +754,60 @@ + case IPSECDOI_ID_IPV4_ADDR_SUBNET: + { + const u_char *mask; +- mask = data + sizeof(struct in_addr); +- printf(" len=%d %s/%u.%u.%u.%u", len, +- ipaddr_string(data), +- mask[0], mask[1], mask[2], mask[3]); ++ if (len < 8) ++ printf(" len=%d [bad: < 8]", len); ++ else { ++ mask = data + sizeof(struct in_addr); ++ printf(" len=%d %s/%u.%u.%u.%u", len, ++ ipaddr_string(data), ++ mask[0], mask[1], mask[2], mask[3]); ++ } + len = 0; + break; + } + #ifdef INET6 + case IPSECDOI_ID_IPV6_ADDR: +- printf(" len=%d %s", len, ip6addr_string(data)); ++ if (len < 16) ++ printf(" len=%d [bad: < 16]", len); ++ else ++ printf(" len=%d %s", len, ip6addr_string(data)); + len = 0; + break; + case IPSECDOI_ID_IPV6_ADDR_SUBNET: + { + const u_int32_t *mask; +- mask = (u_int32_t *)(data + sizeof(struct in6_addr)); +- /*XXX*/ +- printf(" len=%d %s/0x%08x%08x%08x%08x", len, +- ip6addr_string(data), +- mask[0], mask[1], mask[2], mask[3]); ++ if (len < 20) ++ printf(" len=%d [bad: < 20]", len); ++ else { ++ mask = (u_int32_t *)(data + sizeof(struct in6_addr)); ++ /*XXX*/ ++ printf(" len=%d %s/0x%08x%08x%08x%08x", len, ++ ip6addr_string(data), ++ mask[0], mask[1], mask[2], mask[3]); ++ } + len = 0; + break; + } + #endif /*INET6*/ + case IPSECDOI_ID_IPV4_ADDR_RANGE: +- printf(" len=%d %s-%s", len, ipaddr_string(data), +- ipaddr_string(data + sizeof(struct in_addr))); ++ if (len < 8) ++ printf(" len=%d [bad: < 8]", len); ++ else { ++ printf(" len=%d %s-%s", len, ++ ipaddr_string(data), ++ ipaddr_string(data + sizeof(struct in_addr))); ++ } + len = 0; + break; + #ifdef INET6 + case IPSECDOI_ID_IPV6_ADDR_RANGE: +- printf(" len=%d %s-%s", len, ip6addr_string(data), +- ip6addr_string(data + sizeof(struct in6_addr))); ++ if (len < 32) ++ printf(" len=%d [bad: < 32]", len); ++ else { ++ printf(" len=%d %s-%s", len, ++ ip6addr_string(data), ++ ip6addr_string(data + sizeof(struct in6_addr))); ++ } + len = 0; + break; + #endif /*INET6*/ +@@ -764,16 +823,20 @@ + printf(" len=%d", len); + if (2 < vflag) { + printf(" "); +- rawprint((caddr_t)data, len); ++ if (!rawprint((caddr_t)data, len)) ++ goto trunc; + } + } +- return (u_char *)ext + ntohs(id.h.len); ++ return (u_char *)ext + item_len; ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_ID)); ++ return NULL; + } + + static const u_char * +-isakmp_cert_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_, +- int depth _U_) ++isakmp_cert_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi0 _U_, ++ u_int32_t proto0 _U_, int depth _U_) + { + const struct isakmp_pl_cert *p; + struct isakmp_pl_cert cert; +@@ -786,20 +849,25 @@ + printf("%s:", NPSTR(ISAKMP_NPTYPE_CERT)); + + p = (struct isakmp_pl_cert *)ext; ++ TCHECK(*p); + safememcpy(&cert, ext, sizeof(cert)); +- printf(" len=%d", ntohs(cert.h.len) - 4); ++ printf(" len=%d", item_len - 4); + printf(" type=%s", STR_OR_ID((cert.encode), certstr)); +- if (2 < vflag && 4 < ntohs(cert.h.len)) { ++ if (2 < vflag && 4 < item_len) { + printf(" "); +- rawprint((caddr_t)(ext + 1), ntohs(cert.h.len) - 4); ++ if (!rawprint((caddr_t)(ext + 1), item_len - 4)) ++ goto trunc; + } +- return (u_char *)ext + ntohs(cert.h.len); ++ return (u_char *)ext + item_len; ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_CERT)); ++ return NULL; + } + + static const u_char * +-isakmp_cr_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_, +- int depth _U_) ++isakmp_cr_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi0 _U_, ++ u_int32_t proto0 _U_, int depth _U_) + { + const struct isakmp_pl_cert *p; + struct isakmp_pl_cert cert; +@@ -812,73 +880,94 @@ + printf("%s:", NPSTR(ISAKMP_NPTYPE_CR)); + + p = (struct isakmp_pl_cert *)ext; ++ TCHECK(*p); + safememcpy(&cert, ext, sizeof(cert)); +- printf(" len=%d", ntohs(cert.h.len) - 4); ++ printf(" len=%d", item_len - 4); + printf(" type=%s", STR_OR_ID((cert.encode), certstr)); +- if (2 < vflag && 4 < ntohs(cert.h.len)) { ++ if (2 < vflag && 4 < item_len) { + printf(" "); +- rawprint((caddr_t)(ext + 1), ntohs(cert.h.len) - 4); ++ if (!rawprint((caddr_t)(ext + 1), item_len - 4)) ++ goto trunc; + } +- return (u_char *)ext + ntohs(cert.h.len); ++ return (u_char *)ext + item_len; ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_CR)); ++ return NULL; + } + + static const u_char * +-isakmp_hash_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, +- int depth _U_) ++isakmp_hash_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi _U_, ++ u_int32_t proto _U_, int depth _U_) + { + struct isakmp_gen e; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_HASH)); + ++ TCHECK(*ext); + safememcpy(&e, ext, sizeof(e)); + printf(" len=%d", ntohs(e.len) - 4); + if (2 < vflag && 4 < ntohs(e.len)) { + printf(" "); +- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4); ++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4)) ++ goto trunc; + } + return (u_char *)ext + ntohs(e.len); ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_HASH)); ++ return NULL; + } + + static const u_char * +-isakmp_sig_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, +- int depth _U_) ++isakmp_sig_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi _U_, ++ u_int32_t proto _U_, int depth _U_) + { + struct isakmp_gen e; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_SIG)); + ++ TCHECK(*ext); + safememcpy(&e, ext, sizeof(e)); + printf(" len=%d", ntohs(e.len) - 4); + if (2 < vflag && 4 < ntohs(e.len)) { + printf(" "); +- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4); ++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4)) ++ goto trunc; + } + return (u_char *)ext + ntohs(e.len); ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_SIG)); ++ return NULL; + } + + static const u_char * +-isakmp_nonce_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, +- int depth _U_) ++isakmp_nonce_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi _U_, ++ u_int32_t proto _U_, int depth _U_) + { + struct isakmp_gen e; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_NONCE)); + ++ TCHECK(*ext); + safememcpy(&e, ext, sizeof(e)); + printf(" n len=%d", ntohs(e.len) - 4); + if (2 < vflag && 4 < ntohs(e.len)) { + printf(" "); +- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4); ++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4)) ++ goto trunc; + } + return (u_char *)ext + ntohs(e.len); ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_NONCE)); ++ return NULL; + } + + static const u_char * +-isakmp_n_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase, +- u_int32_t doi0 _U_, u_int32_t proto0 _U_, int depth) ++isakmp_n_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase, u_int32_t doi0 _U_, ++ u_int32_t proto0 _U_, int depth) + { + struct isakmp_pl_n *p, n; + const u_char *cp; +@@ -934,6 +1023,7 @@ + printf("%s:", NPSTR(ISAKMP_NPTYPE_N)); + + p = (struct isakmp_pl_n *)ext; ++ TCHECK(*p); + safememcpy(&n, ext, sizeof(n)); + doi = ntohl(n.doi); + proto = n.prot_id; +@@ -950,7 +1040,8 @@ + printf(" type=%s", numstr(ntohs(n.type))); + if (n.spi_size) { + printf(" spi="); +- rawprint((caddr_t)(p + 1), n.spi_size); ++ if (!rawprint((caddr_t)(p + 1), n.spi_size)) ++ goto trunc; + } + return (u_char *)(p + 1) + n.spi_size; + } +@@ -969,11 +1060,12 @@ + printf(" type=%s", numstr(ntohs(n.type))); + if (n.spi_size) { + printf(" spi="); +- rawprint((caddr_t)(p + 1), n.spi_size); ++ if (!rawprint((caddr_t)(p + 1), n.spi_size)) ++ goto trunc; + } + + cp = (u_char *)(p + 1) + n.spi_size; +- ep2 = (u_char *)p + ntohs(n.h.len); ++ ep2 = (u_char *)p + item_len; + + if (cp < ep) { + printf(" orig=("); +@@ -1000,19 +1092,21 @@ + break; + default: + /* NULL is dummy */ +- isakmp_print(cp, +- ntohs(n.h.len) - sizeof(*p) - n.spi_size, ++ isakmp_print(cp, item_len - sizeof(*p) - n.spi_size, + NULL); + } + printf(")"); + } +- return (u_char *)ext + ntohs(n.h.len); ++ return (u_char *)ext + item_len; ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_N)); ++ return NULL; + } + + static const u_char * +-isakmp_d_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_, +- int depth _U_) ++isakmp_d_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi0 _U_, ++ u_int32_t proto0 _U_, int depth _U_) + { + const struct isakmp_pl_d *p; + struct isakmp_pl_d d; +@@ -1024,6 +1118,7 @@ + printf("%s:", NPSTR(ISAKMP_NPTYPE_D)); + + p = (struct isakmp_pl_d *)ext; ++ TCHECK(*p); + safememcpy(&d, ext, sizeof(d)); + doi = ntohl(d.doi); + proto = d.prot_id; +@@ -1041,28 +1136,37 @@ + for (i = 0; i < ntohs(d.num_spi); i++) { + if (i != 0) + printf(","); +- rawprint((caddr_t)q, d.spi_size); ++ if (!rawprint((caddr_t)q, d.spi_size)) ++ goto trunc; + q += d.spi_size; + } + return q; ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_D)); ++ return NULL; + } + + static const u_char * +-isakmp_vid_print(const struct isakmp_gen *ext, const u_char *ep _U_, +- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_, +- int depth _U_) ++isakmp_vid_print(const struct isakmp_gen *ext, u_int item_len, ++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi _U_, ++ u_int32_t proto _U_, int depth _U_) + { + struct isakmp_gen e; + + printf("%s:", NPSTR(ISAKMP_NPTYPE_VID)); + ++ TCHECK(*ext); + safememcpy(&e, ext, sizeof(e)); + printf(" len=%d", ntohs(e.len) - 4); + if (2 < vflag && 4 < ntohs(e.len)) { + printf(" "); +- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4); ++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4)) ++ goto trunc; + } + return (u_char *)ext + ntohs(e.len); ++trunc: ++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_VID)); ++ return NULL; + } + + static const u_char * +@@ -1074,6 +1178,7 @@ + u_int item_len; + + cp = (u_char *)ext; ++ TCHECK(*ext); + safememcpy(&e, ext, sizeof(e)); + + /* +@@ -1091,13 +1196,16 @@ + * XXX - what if item_len is too short, or too long, + * for this payload type? + */ +- cp = (*NPFUNC(np))(ext, ep, phase, doi, proto, depth); ++ cp = (*NPFUNC(np))(ext, item_len, ep, phase, doi, proto, depth); + } else { + printf("%s", NPSTR(np)); + cp += item_len; + } + + return cp; ++trunc: ++ printf(" [|isakmp]"); ++ return NULL; + } + + static const u_char * +@@ -1111,13 +1219,12 @@ + cp = (const u_char *)ext; + + while (np) { ++ TCHECK(*ext); ++ + safememcpy(&e, ext, sizeof(e)); + +- if (ep < (u_char *)ext + ntohs(e.len)) { +- printf(" [|%s]", NPSTR(np)); +- cp = ep + 1; +- break; +- } ++ TCHECK2(*ext, ntohs(e.len)); ++ + depth++; + printf("\n"); + for (i = 0; i < depth; i++) +@@ -1136,6 +1243,9 @@ + ext = (struct isakmp_gen *)cp; + } + return cp; ++trunc: ++ printf(" [|%s]", NPSTR(np)); ++ return NULL; + } + + static char * +@@ -1263,7 +1373,7 @@ + done: + if (vflag) { + if (ntohl(base.len) != length) { +- printf(" (len mismatch: isakmp %u/ip %d)", ++ printf(" (len mismatch: isakmp %u/ip %u)", + (u_int32_t)ntohl(base.len), length); + } + } diff --git a/tcpdump-l2tp-CAN-2003-1029.patch b/tcpdump-l2tp-CAN-2003-1029.patch new file mode 100644 index 0000000..e14df55 --- /dev/null +++ b/tcpdump-l2tp-CAN-2003-1029.patch @@ -0,0 +1,23 @@ +--- print-l2tp.c ++++ print-l2tp.c +@@ -476,8 +476,18 @@ + TCHECK(*ptr); /* Flags & Length */ + len = EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_LEN_MASK; + +- /* If it is not long enough to decode the entire AVP, we'll +- abandon. */ ++ /* If it is not long enough to contain the header, we'll give up. */ ++ if (len < 6) ++ goto trunc; ++ ++ /* If it goes past the end of the remaining length of the packet, ++ we'll give up. */ ++ if (len > (u_int)length) ++ goto trunc; ++ ++ /* If it goes past the end of the remaining length of the captured ++ data, we'll give up. */ ++ + TCHECK2(*ptr, len); + /* After this point, no need to worry about truncation */ + diff --git a/tcpdump-libsmi.patch b/tcpdump-libsmi.patch deleted file mode 100644 index 79fd221..0000000 --- a/tcpdump-libsmi.patch +++ /dev/null @@ -1,128 +0,0 @@ -; From: Bill Fenner -; Subject: Re: libsmi 0.2.6 && tcpdump from cvs -; -;Care to try these diffs? I didn't see any documentation on the API -;change so I mostly just looked around for similar-looking functions. -;It at least compiles now. (Juergen, can you look these over?) -; -; Bill -; -Index: print-snmp.c -=================================================================== -RCS file: /tcpdump/master/tcpdump/print-snmp.c,v -retrieving revision 1.42 -diff -u -r1.42 print-snmp.c ---- print-snmp.c 2000/10/06 05:54:51 1.42 -+++ print-snmp.c 2000/11/04 20:43:09 -@@ -947,25 +947,18 @@ - SmiRange *smiRange; - int ok = 1; - -- for (smiRange = smiGetFirstRange(smiType->module, smiType->name); -+ for (smiRange = smiGetFirstRange(smiType); - smiRange; - smiRange = smiGetNextRange(smiRange)) { - - ok = smi_check_a_range(smiType, smiRange, elem); -- -- if (ok) { -- smiFreeRange(smiRange); -- break; -- } - } - -- if (ok && smiType->parentmodule && smiType->parentname) { -+ if (ok) { - SmiType *parentType; -- parentType = smiGetType(smiType->parentmodule, -- smiType->parentname); -+ parentType = smiGetParentType(smiType); - if (parentType) { - ok = smi_check_range(parentType, elem); -- smiFreeType(parentType); - } - } - -@@ -985,7 +978,7 @@ - return NULL; - } - if (vflag) { -- fputs(smiNode->module, stdout); -+ fputs(smiGetNodeModule(smiNode)->name, stdout); - fputs("::", stdout); - } - fputs(smiNode->name, stdout); -@@ -1026,17 +1019,17 @@ - && smiNode->access == SMI_ACCESS_NOT_ACCESSIBLE) { - fputs("[noAccess]", stdout); - } -- -- if (! smi_check_type(smiNode->basetype, elem->type)) { -- fputs("[wrongType]", stdout); -- } - -- smiType = smiGetType(smiNode->typemodule, smiNode->typename); -+ smiType = smiGetNodeType(smiNode); - if (! smiType) { - asn1_print(elem); - return; - } - -+ if (! smi_check_type(smiType->basetype, elem->type)) { -+ fputs("[wrongType]", stdout); -+ } -+ - if (! smi_check_range(smiType, elem)) { - fputs("[wrongLength]", stdout); - } -@@ -1051,15 +1044,14 @@ - - switch (elem->type) { - case BE_OID: -- if (smiNode->basetype == SMI_BASETYPE_BITS -- && smiNode->typemodule && smiNode->typename) { -+ if (smiType->basetype == SMI_BASETYPE_BITS) { - /* print bit labels */ - } else { - smi_decode_oid(elem, oid, &oidlen); - smiNode = smiGetNodeByOID(oidlen, oid); - if (smiNode) { - if (vflag) { -- fputs(smiNode->module, stdout); -+ fputs(smiGetNodeModule(smiNode)->name, stdout); - fputs("::", stdout); - } - fputs(smiNode->name, stdout); -@@ -1075,10 +1067,8 @@ - break; - - case BE_INT: -- if (smiNode->basetype == SMI_BASETYPE_ENUM -- && smiNode->typemodule && smiNode->typename) { -- for (nn = smiGetFirstNamedNumber(smiNode->typemodule, -- smiNode->typename); -+ if (smiType->basetype == SMI_BASETYPE_ENUM) { -+ for (nn = smiGetFirstNamedNumber(smiType); - nn; - nn = smiGetNextNamedNumber(nn)) { - if (nn->value.value.integer32 -@@ -1096,10 +1086,6 @@ - if (! done) { - asn1_print(elem); - } -- -- if (smiType) { -- smiFreeType(smiType); -- } - } - #endif - -@@ -1215,7 +1201,6 @@ - if (elem.type != BE_NULL) { - #ifdef LIBSMI - smi_print_value(smiNode, pduid, &elem); -- smiFreeNode(smiNode); - #else - asn1_print(&elem); - #endif - diff --git a/tcpdump-radius-CAN-2004-0055.patch b/tcpdump-radius-CAN-2004-0055.patch new file mode 100644 index 0000000..5ef3250 --- /dev/null +++ b/tcpdump-radius-CAN-2004-0055.patch @@ -0,0 +1,11 @@ +--- print-radius.c ++++ print-radius.c +@@ -474,7 +474,7 @@ + break; + } + +- for (i=0; i < length ; i++, data++) ++ for (i=0; *data && i < length ; i++, data++) + printf("%c",(*data < 32 || *data > 128) ? '.' : *data ); + + printf("}"); diff --git a/tcpdump.spec b/tcpdump.spec index 5cb6e16..393caed 100644 --- a/tcpdump.spec +++ b/tcpdump.spec @@ -1,23 +1,35 @@ +# +# Conditional build: +# _without_libsmi - without libsmi support +# Summary: dumps packets that are sent or received over a network interface Summary(de): deponiert Pakete, die über eine Netzwerkschnittstelle gesandt oder empfangen werden Summary(es): Enseña los paquetes que son enviados o recibidos a través de una interface de red Summary(fr): vide les paquets émis ou reçus sur une interface réseau Summary(pl): Pokazuje pakiety przechodz±ce przez interfejsy sieciowe Summary(pt_BR): Mostra os pacotes que são enviados ou recebidos através de uma interface de rede +Summary(ru): éÎÓÔÒÕÍÅÎÔ ÄÌÑ ÍÏÎÉÔÏÒÉÎÇÁ ÓÅÔÅ×ÏÇÏ ÔÒÁÆÆÉËÁ Summary(tr): Bir að arabirimi üzerinden gelen ya da giden paketleri listeler +Summary(uk): ¶ÎÓÔÒÕÍÅÎÔ ÄÌÑ ÍÏΦÔÏÒÉÎÇÕ ÍÅÒÅÖÅ×ÏÇÏ ÔÒÁƦËÕ Name: tcpdump -Version: 3.7.1 -Release: 1 +Version: 3.7.2 +Release: 3 Epoch: 1 License: BSD Group: Applications/Networking Source0: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz +# Source0-md5: 1e44b59abba39a48e3680bc2cffb8a6a URL: http://www.tcpdump.org/ Patch0: %{name}-ssl.patch -Patch1: %{name}-no-libsmi.patch +Patch1: %{name}-isakmp-CAN-2003-0989.patch +Patch2: %{name}-isakmp-security.patch +Patch3: %{name}-l2tp-CAN-2003-1029.patch +Patch4: %{name}-radius-CAN-2004-0055.patch +Patch5: %{name}-acfix.patch +BuildRequires: autoconf BuildRequires: libpcap-devel >= 2:0.6.1 %{!?_without_libsmi:BuildRequires: libsmi-devel} -BuildRequires: openssl-devel >= 0.9.6a +BuildRequires: openssl-devel >= 0.9.6m BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) %description @@ -47,18 +59,32 @@ Tcpdump imprime os cabe Ele é muito prático para resolver problemas na rede e para operações de segurança. +%description -l ru +Tcpdump ×Ù×ÏÄÉÔ ÈÅÄÅÒÙ ÐÁËÅÔÏ×, ÐÒÏÈÏÄÑÝÉÈ ÞÅÒÅÚ ÓÅÔÅ×ÏÊ ÉÎÔÅÒÆÅÊÓ. +îÅÚÁÍÅÎÉÍ ÄÌÑ ÄÉÁÇÎÏÓÔÉËÉ ÓÅÔÅ×ÙÈ ÐÒÏÂÌÅÍ É ÎÁÒÕÛÅÎÉÊ ÂÅÚÏÐÁÓÎÏÓÔÉ. + %description -l tr Tcpdump, bir að arabirimi üzerinden geçen paketlerin baþlýklarýný döker. Güvenlik iþlemleri ve að problemlerinin irdelenmesi konularýnda son derece yararlýdýr. +%description -l uk +Tcpdump ×É×ÏÄÉÔØ ÈÅÄÅÒÉ ÐÁËÅÔ¦×, ÝÏ ÐÒÏÈÏÄÑÔØ ÞÅÒÅÚ ÍÅÒÅÖÉ×ÎÉÊ +¦ÎÔÅÒÆÅÊÓ. îÅÚÁͦÎÎÉÊ ÄÌÑ Ä¦ÁÇÎÏÓÔÉËÉ ÍÅÒÅÖÉ×ÎÉÈ ÐÒÏÂÌÅÍ ÔÁ ÐÏÒÕÛÅÎØ +ÂÅÚÐÅËÉ. + %prep -%setup -q -n %{name}-%{version} +%setup -q %patch0 -p1 -%{!?_without_libsmi:#}%patch1 -p1 +%patch1 -p0 +%patch2 -p1 +%patch3 -p0 +%patch4 -p0 +%patch5 -p1 %build -%configure2_13 \ +%{__autoconf} +%configure \ --enable-ipv6 %{__make} @@ -66,9 +92,8 @@ son derece yararl rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man1} -%{__make} \ - DESTDIR=$RPM_BUILD_ROOT \ - install +%{__make} install \ + DESTDIR=$RPM_BUILD_ROOT %clean rm -rf $RPM_BUILD_ROOT