12949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* $NetBSD: print-ah.c,v 1.4 1996/05/20 00:41:16 fvdl Exp $ */ 22949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 32949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 42949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994 52949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * The Regents of the University of California. All rights reserved. 62949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 72949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Redistribution and use in source and binary forms, with or without 82949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * modification, are permitted provided that: (1) source code distributions 92949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * retain the above copyright notice and this paragraph in its entirety, (2) 102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * distributions including binary code include the above copyright notice and 112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * this paragraph in its entirety in the documentation or other materials 122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * provided with the distribution, and (3) all advertising materials mentioning 132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * features or use of this software display the following acknowledgement: 142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * ``This product includes software developed by the University of California, 152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * the University nor the names of its contributors may be used to endorse 172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * or promote products derived from this software without specific prior 182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * written permission. 192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef lint 252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const char rcsid[] _U_ = 262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "@(#) $Header: /tcpdump/master/tcpdump/print-esp.c,v 1.55.2.1 2005/04/21 06:44:57 guy Exp $ (LBL)"; 272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_CONFIG_H 302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "config.h" 312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <string.h> 342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <tcpdump-stdinc.h> 362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <stdlib.h> 382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_LIBCRYPTO 402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_OPENSSL_EVP_H 412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <openssl/evp.h> 422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <stdio.h> 462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "ip.h" 482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "esp.h" 492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef INET6 502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "ip6.h" 512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "netdissect.h" 542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "addrtoname.h" 552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "extract.h" 562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef HAVE_SOCKADDR_STORAGE 582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef INET6 592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstruct sockaddr_storage { 602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project union { 612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sockaddr_in sin; 622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sockaddr_in6 sin6; 632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } un; 642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#else 662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define sockaddr_storage sockaddr 672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif /* HAVE_SOCKADDR_STORAGE */ 692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_LIBCRYPTO 712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstruct sa_list { 722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sa_list *next; 732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sockaddr_storage daddr; 742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int32_t spi; 752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const EVP_CIPHER *evp; 762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int ivlen; 772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int authlen; 782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_char secret[256]; /* is that big enough for all secrets? */ 792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int secretlen; 802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic void esp_print_addsa(netdissect_options *ndo, 832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sa_list *sa, int sa_def) 842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* copy the "sa" */ 862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sa_list *nsa; 882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nsa = (struct sa_list *)malloc(sizeof(struct sa_list)); 902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (nsa == NULL) 912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_error)(ndo, "ran out of memory to allocate sa structure"); 922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project *nsa = *sa; 942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sa_def) 962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ndo->ndo_sa_default = nsa; 972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nsa->next = ndo->ndo_sa_list_head; 992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ndo->ndo_sa_list_head = nsa; 1002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 1012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic u_int hexdigit(netdissect_options *ndo, char hex) 1042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 1052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (hex >= '0' && hex <= '9') 1062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return (hex - '0'); 1072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else if (hex >= 'A' && hex <= 'F') 1082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return (hex - 'A' + 10); 1092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else if (hex >= 'a' && hex <= 'f') 1102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return (hex - 'a' + 10); 1112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else { 1122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_error)(ndo, "invalid hex digit %c in espsecret\n", hex); 1132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return 0; 1142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 1162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic u_int hex2byte(netdissect_options *ndo, char *hexstring) 1182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 1192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int byte; 1202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project byte = (hexdigit(ndo, hexstring[0]) << 4) + hexdigit(ndo, hexstring[1]); 1222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return byte; 1232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 1242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 1262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * decode the form: SPINUM@IP <tab> ALGONAME:0xsecret 1272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 1282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * special form: file /name 1292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * causes us to go read from this file instead. 1302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 1312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 1322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic void esp_print_decode_onesecret(netdissect_options *ndo, char *line) 1332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 1342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sa_list sa1; 1352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int sa_def; 1362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project char *spikey; 1382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project char *decode; 1392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project spikey = strsep(&line, " \t"); 1412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa_def = 0; 1422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project memset(&sa1, 0, sizeof(struct sa_list)); 1432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* if there is only one token, then it is an algo:key token */ 1452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (line == NULL) { 1462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project decode = spikey; 1472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project spikey = NULL; 1482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* memset(&sa1.daddr, 0, sizeof(sa1.daddr)); */ 1492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* sa1.spi = 0; */ 1502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa_def = 1; 1512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else 1522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project decode = line; 1532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (spikey && strcasecmp(spikey, "file") == 0) { 1552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* open file and read it */ 1562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project FILE *secretfile; 1572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project char fileline[1024]; 1582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project char *nl; 1592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project secretfile = fopen(line, FOPEN_READ_TXT); 1612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (secretfile == NULL) { 1622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project perror(line); 1632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project exit(3); 1642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project while (fgets(fileline, sizeof(fileline)-1, secretfile) != NULL) { 1672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* remove newline from the line */ 1682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nl = strchr(fileline, '\n'); 1692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (nl) 1702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project *nl = '\0'; 1712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (fileline[0] == '#') continue; 1722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (fileline[0] == '\0') continue; 1732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project esp_print_decode_onesecret(ndo, fileline); 1752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project fclose(secretfile); 1772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 1792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (spikey) { 1822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project char *spistr, *foo; 1832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int32_t spino; 1842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sockaddr_in *sin; 1852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef INET6 1862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sockaddr_in6 *sin6; 1872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 1882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project spistr = strsep(&spikey, "@"); 1902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project spino = strtoul(spistr, &foo, 0); 1922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (spistr == foo || !spikey) { 1932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_warning)(ndo, "print_esp: failed to decode spi# %s\n", foo); 1942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 1952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.spi = spino; 1982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin = (struct sockaddr_in *)&sa1.daddr; 2002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef INET6 2012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin6 = (struct sockaddr_in6 *)&sa1.daddr; 2022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (inet_pton(AF_INET6, spikey, &sin6->sin6_addr) == 1) { 2032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_SOCKADDR_SA_LEN 2042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin6->sin6_len = sizeof(struct sockaddr_in6); 2052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 2062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin6->sin6_family = AF_INET6; 2072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else 2082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 2092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (inet_pton(AF_INET, spikey, &sin->sin_addr) == 1) { 2102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_SOCKADDR_SA_LEN 2112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin->sin_len = sizeof(struct sockaddr_in); 2122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 2132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin->sin_family = AF_INET; 2142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else { 2152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_warning)(ndo, "print_esp: can not decode IP# %s\n", spikey); 2162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 2172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (decode) { 2212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project char *colon, *p; 2222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_char espsecret_key[256]; 2232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int len; 2242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project size_t i; 2252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const EVP_CIPHER *evp; 2262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int authlen = 0; 2272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* skip any blank spaces */ 2292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project while (isspace((unsigned char)*decode)) 2302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project decode++; 2312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project colon = strchr(decode, ':'); 2332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (colon == NULL) { 2342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_warning)(ndo, "failed to decode espsecret: %s\n", decode); 2352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 2362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project *colon = '\0'; 2382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = colon - decode; 2402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (strlen(decode) > strlen("-hmac96") && 2412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project !strcmp(decode + strlen(decode) - strlen("-hmac96"), 2422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "-hmac96")) { 2432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project p = strstr(decode, "-hmac96"); 2442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project *p = '\0'; 2452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project authlen = 12; 2462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (strlen(decode) > strlen("-cbc") && 2482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project !strcmp(decode + strlen(decode) - strlen("-cbc"), "-cbc")) { 2492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project p = strstr(decode, "-cbc"); 2502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project *p = '\0'; 2512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project evp = EVP_get_cipherbyname(decode); 2532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (!evp) { 2542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_warning)(ndo, "failed to find cipher algo %s\n", decode); 2552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.evp = NULL; 2562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.authlen = 0; 2572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.ivlen = 0; 2582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 2592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.evp = evp; 2622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.authlen = authlen; 2632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.ivlen = EVP_CIPHER_iv_length(evp); 2642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project colon++; 2662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (colon[0] == '0' && colon[1] == 'x') { 2672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* decode some hex! */ 2682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project colon += 2; 2692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = strlen(colon) / 2; 2702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (len > 256) { 2722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_warning)(ndo, "secret is too big: %d\n", len); 2732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 2742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project i = 0; 2772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project while (colon[0] != '\0' && colon[1]!='\0') { 2782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project espsecret_key[i] = hex2byte(ndo, colon); 2792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project colon += 2; 2802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project i++; 2812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project memcpy(sa1.secret, espsecret_key, i); 2842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.secretlen = i; 2852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else { 2862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project i = strlen(colon); 2872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (i < sizeof(sa1.secret)) { 2892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project memcpy(sa1.secret, colon, i); 2902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.secretlen = i; 2912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else { 2922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project memcpy(sa1.secret, colon, sizeof(sa1.secret)); 2932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa1.secretlen = sizeof(sa1.secret); 2942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project esp_print_addsa(ndo, &sa1, sa_def); 2992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 3002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic void esp_print_decodesecret(netdissect_options *ndo) 3022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 3032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project char *line; 3042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project char *p; 3052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project p = ndo->ndo_espsecret; 3072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project while (ndo->ndo_espsecret && ndo->ndo_espsecret[0] != '\0') { 3092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* pick out the first line or first thing until a comma */ 3102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if ((line = strsep(&ndo->ndo_espsecret, "\n,")) == NULL) { 3112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project line = ndo->ndo_espsecret; 3122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ndo->ndo_espsecret = NULL; 3132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 3142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project esp_print_decode_onesecret(ndo, line); 3162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 3172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 3182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic void esp_init(netdissect_options *ndo _U_) 3202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 3212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project OpenSSL_add_all_algorithms(); 3232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project EVP_add_cipher_alias(SN_des_ede3_cbc, "3des"); 3242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 3252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 3262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectint 3282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectesp_print(netdissect_options *ndo, 3292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *bp, const int length, const u_char *bp2 3302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef HAVE_LIBCRYPTO 3312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project _U_ 3322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 3332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project , 3342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int *nhdr 3352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef HAVE_LIBCRYPTO 3362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project _U_ 3372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 3382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project , 3392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int *padlen 3402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef HAVE_LIBCRYPTO 3412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project _U_ 3422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 3432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ) 3442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 3452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project register const struct newesp *esp; 3462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project register const u_char *ep; 3472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_LIBCRYPTO 3482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct ip *ip; 3492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sa_list *sa = NULL; 3502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int espsecret_keylen; 3512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef INET6 3522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct ip6_hdr *ip6 = NULL; 3532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 3542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int advance; 3552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int len; 3562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_char *secret; 3572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int ivlen = 0; 3582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_char *ivoff; 3592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_char *p; 3602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project EVP_CIPHER_CTX ctx; 3612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int blocksz; 3622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static int initialized = 0; 3632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 3642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project esp = (struct newesp *)bp; 3662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_LIBCRYPTO 3682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project secret = NULL; 3692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project advance = 0; 3702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (!initialized) { 3722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project esp_init(ndo); 3732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project initialized = 1; 3742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 3752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 3762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#if 0 3782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* keep secret out of a register */ 3792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project p = (u_char *)&secret; 3802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 3812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* 'ep' points to the end of available data. */ 3832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ep = ndo->ndo_snapend; 3842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if ((u_char *)(esp + 1) >= ep) { 3862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project fputs("[|ESP]", stdout); 3872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 3882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 3892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_printf)(ndo, "ESP(spi=0x%08x", EXTRACT_32BITS(&esp->esp_spi)); 3902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_printf)(ndo, ",seq=0x%x)", EXTRACT_32BITS(&esp->esp_seq)); 3912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_printf)(ndo, ", length %u", length); 3922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef HAVE_LIBCRYPTO 3942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 3952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#else 3962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* initiailize SAs */ 3972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ndo->ndo_sa_list_head == NULL) { 3982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (!ndo->ndo_espsecret) 3992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 4002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project esp_print_decodesecret(ndo); 4022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 4032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ndo->ndo_sa_list_head == NULL) 4052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 4062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ip = (struct ip *)bp2; 4082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project switch (IP_V(ip)) { 4092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef INET6 4102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 6: 4112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ip6 = (struct ip6_hdr *)bp2; 4122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* we do not attempt to decrypt jumbograms */ 4132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (!EXTRACT_16BITS(&ip6->ip6_plen)) 4142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 4152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* if we can't get nexthdr, we do not need to decrypt it */ 4162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = sizeof(struct ip6_hdr) + EXTRACT_16BITS(&ip6->ip6_plen); 4172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* see if we can find the SA, and if so, decode it */ 4192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) { 4202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&sa->daddr; 4212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sa->spi == ntohl(esp->esp_spi) && 4222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin6->sin6_family == AF_INET6 && 4232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project memcmp(&sin6->sin6_addr, &ip6->ip6_dst, 4242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sizeof(struct in6_addr)) == 0) { 4252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 4262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 4272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 4282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 4292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif /*INET6*/ 4302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 4: 4312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* nexthdr & padding are in the last fragment */ 4322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (EXTRACT_16BITS(&ip->ip_off) & IP_MF) 4332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 4342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = EXTRACT_16BITS(&ip->ip_len); 4352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* see if we can find the SA, and if so, decode it */ 4372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) { 4382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct sockaddr_in *sin = (struct sockaddr_in *)&sa->daddr; 4392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sa->spi == ntohl(esp->esp_spi) && 4402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin->sin_family == AF_INET && 4412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sin->sin_addr.s_addr == ip->ip_dst.s_addr) { 4422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 4432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 4442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 4452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 4462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project default: 4472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 4482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 4492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* if we didn't find the specific one, then look for 4512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * an unspecified one. 4522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 4532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sa == NULL) 4542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sa = ndo->ndo_sa_default; 4552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* if not found fail */ 4572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sa == NULL) 4582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 4592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* if we can't get nexthdr, we do not need to decrypt it */ 4612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ep - bp2 < len) 4622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 4632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ep - bp2 > len) { 4642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* FCS included at end of frame (NetBSD 1.6 or later) */ 4652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ep = bp2 + len; 4662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 4672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ivoff = (u_char *)(esp + 1) + 0; 4692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ivlen = sa->ivlen; 4702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project secret = sa->secret; 4712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project espsecret_keylen = sa->secretlen; 4722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ep = ep - sa->authlen; 4732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sa->evp) { 4752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project memset(&ctx, 0, sizeof(ctx)); 4762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (EVP_CipherInit(&ctx, sa->evp, secret, NULL, 0) < 0) 4772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (*ndo->ndo_warning)(ndo, "espkey init failed"); 4782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project blocksz = EVP_CIPHER_CTX_block_size(&ctx); 4802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project p = ivoff; 4822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project EVP_CipherInit(&ctx, NULL, NULL, p, 0); 4832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project EVP_Cipher(&ctx, p + ivlen, p + ivlen, ep - (p + ivlen)); 4842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project advance = ivoff - (u_char *)esp + ivlen; 4852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else 4862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project advance = sizeof(struct newesp); 4872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* sanity check for pad length */ 4892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ep - bp < *(ep - 2)) 4902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto fail; 4912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (padlen) 4932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project *padlen = *(ep - 2) + 2; 4942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (nhdr) 4962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project *nhdr = *(ep - 1); 4972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 4982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (ndo->ndo_printf)(ndo, ": "); 4992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return advance; 5002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 5012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 5022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectfail: 5032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return -1; 5042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 5052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 5062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 5072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Local Variables: 5082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * c-style: whitesmith 5092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * c-basic-offset: 8 5102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * End: 5112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 512