12949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 22949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 32949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * All rights reserved. 42949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 52949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Redistribution and use in source and binary forms, with or without 62949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * modification, are permitted provided that the following conditions 72949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * are met: 82949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 1. Redistributions of source code must retain the above copyright 92949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * notice, this list of conditions and the following disclaimer. 102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * notice, this list of conditions and the following disclaimer in the 122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * documentation and/or other materials provided with the distribution. 132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 3. Neither the name of the project nor the names of its contributors 142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * may be used to endorse or promote products derived from this software 152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * without specific prior written permission. 162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * SUCH DAMAGE. 282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 31e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes/* \summary: Internet Security Association and Key Management Protocol (ISAKMP) printer */ 32e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes 332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_CONFIG_H 342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "config.h" 352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 3753f17a9db278d33517d9888dd77848f554522a38JP Abgrall/* The functions from print-esp.c used in this file are only defined when both 3853f17a9db278d33517d9888dd77848f554522a38JP Abgrall * OpenSSL and evp.h are detected. Employ the same preprocessor device here. 3953f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 4053f17a9db278d33517d9888dd77848f554522a38JP Abgrall#ifndef HAVE_OPENSSL_EVP_H 4153f17a9db278d33517d9888dd77848f554522a38JP Abgrall#undef HAVE_LIBCRYPTO 4253f17a9db278d33517d9888dd77848f554522a38JP Abgrall#endif 4353f17a9db278d33517d9888dd77848f554522a38JP Abgrall 44e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes#include <netdissect-stdinc.h> 452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <string.h> 472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 48e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes#include "netdissect.h" 492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "addrtoname.h" 50e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes#include "extract.h" 512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "ip.h" 532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "ip6.h" 542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 55892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* refer to RFC 2408 */ 56892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 57892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughestypedef u_char cookie_t[8]; 58892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughestypedef u_char msgid_t[4]; 59892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 60892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define PORT_ISAKMP 500 61892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 62892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.1 ISAKMP Header Format (IKEv1 and IKEv2) 63892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 64892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 65892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ! Initiator ! 66892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ! Cookie ! 67892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 68892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ! Responder ! 69892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ! Cookie ! 70892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 71892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ! Next Payload ! MjVer ! MnVer ! Exchange Type ! Flags ! 72892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 73892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ! Message ID ! 74892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 75892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ! Length ! 76892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 77892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes*/ 78892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct isakmp { 79892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes cookie_t i_ck; /* Initiator Cookie */ 80892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes cookie_t r_ck; /* Responder Cookie */ 81892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t np; /* Next Payload Type */ 82892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t vers; 83892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_VERS_MAJOR 0xf0 84892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_VERS_MAJOR_SHIFT 4 85892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_VERS_MINOR 0x0f 86892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_VERS_MINOR_SHIFT 0 87892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t etype; /* Exchange Type */ 88892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t flags; /* Flags */ 89892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes msgid_t msgid; 90892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t len; /* Length */ 91892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 92892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 93892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* Next Payload Type */ 94892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_NONE 0 /* NONE*/ 95892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_SA 1 /* Security Association */ 96892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_P 2 /* Proposal */ 97892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_T 3 /* Transform */ 98892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_KE 4 /* Key Exchange */ 99892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_ID 5 /* Identification */ 100892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_CERT 6 /* Certificate */ 101892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_CR 7 /* Certificate Request */ 102892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_HASH 8 /* Hash */ 103892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_SIG 9 /* Signature */ 104892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_NONCE 10 /* Nonce */ 105892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_N 11 /* Notification */ 106892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_D 12 /* Delete */ 107892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_VID 13 /* Vendor ID */ 108892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NPTYPE_v2E 46 /* v2 Encrypted payload */ 109892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 110892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IKEv1_MAJOR_VERSION 1 111892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IKEv1_MINOR_VERSION 0 112892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 113892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IKEv2_MAJOR_VERSION 2 114892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IKEv2_MINOR_VERSION 0 115892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 116892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* Flags */ 117892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_FLAG_E 0x01 /* Encryption Bit */ 118892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_FLAG_C 0x02 /* Commit Bit */ 119892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_FLAG_extra 0x04 120892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 121892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* IKEv2 */ 122892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_FLAG_I (1 << 3) /* (I)nitiator */ 123892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_FLAG_V (1 << 4) /* (V)ersion */ 124892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_FLAG_R (1 << 5) /* (R)esponse */ 125892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 126892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 127892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.2 Payload Generic Header 128892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 129892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 130892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ! Next Payload ! RESERVED ! Payload Length ! 131892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 132892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes*/ 133892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct isakmp_gen { 134892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t np; /* Next Payload */ 135892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t critical; /* bit 7 - critical, rest is RESERVED */ 136892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t len; /* Payload Length */ 137892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 138892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 139892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.3 Data Attributes 140892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 141892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 142892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes !A! Attribute Type ! AF=0 Attribute Length ! 143892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes !F! ! AF=1 Attribute Value ! 144892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 145892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes . AF=0 Attribute Value . 146892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes . AF=1 Not Transmitted . 147892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 148892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes*/ 149892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct isakmp_data { 150892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t type; /* defined by DOI-spec, and Attribute Format */ 151892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t lorv; /* if f equal 1, Attribute Length */ 152892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* if f equal 0, Attribute Value */ 153892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* if f equal 1, Attribute Value */ 154892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 155892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 156892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.4 Security Association Payload */ 157892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* MAY NOT be used, because of being defined in ipsec-doi. */ 158892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 159892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes If the current payload is the last in the message, 160892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes then the value of the next payload field will be 0. 161892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes This field MUST NOT contain the 162892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes values for the Proposal or Transform payloads as they are considered 163892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes part of the security association negotiation. For example, this 164892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes field would contain the value "10" (Nonce payload) in the first 165892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes message of a Base Exchange (see Section 4.4) and the value "0" in the 166892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes first message of an Identity Protect Exchange (see Section 4.5). 167892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes */ 168892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_sa { 169892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 170892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi; /* Domain of Interpretation */ 171892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t sit; /* Situation */ 172892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 173892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 174892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.5 Proposal Payload */ 175892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 176892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes The value of the next payload field MUST only contain the value "2" 177892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes or "0". If there are additional Proposal payloads in the message, 178892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes then this field will be 2. If the current Proposal payload is the 179892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes last within the security association proposal, then this field will 180892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes be 0. 181892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes */ 182892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_p { 183892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 184892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t p_no; /* Proposal # */ 185892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t prot_id; /* Protocol */ 186892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t spi_size; /* SPI Size */ 187892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t num_t; /* Number of Transforms */ 188892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* SPI */ 189892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 190892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 191892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.6 Transform Payload */ 192892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 193892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes The value of the next payload field MUST only contain the value "3" 194892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes or "0". If there are additional Transform payloads in the proposal, 195892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes then this field will be 3. If the current Transform payload is the 196892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes last within the proposal, then this field will be 0. 197892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes */ 198892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_t { 199892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 200892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t t_no; /* Transform # */ 201892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t t_id; /* Transform-Id */ 202892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t reserved; /* RESERVED2 */ 203892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* SA Attributes */ 204892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 205892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 206892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.7 Key Exchange Payload */ 207892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_ke { 208892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 209892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Key Exchange Data */ 210892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 211892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 212892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.8 Identification Payload */ 213892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* MUST NOT to be used, because of being defined in ipsec-doi. */ 214892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_id { 215892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 216892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes union { 217892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t id_type; /* ID Type */ 218892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi_data; /* DOI Specific ID Data */ 219892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes } d; 220892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Identification Data */ 221892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 222892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 223892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.9 Certificate Payload */ 224892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_cert { 225892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 226892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t encode; /* Cert Encoding */ 227892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes char cert; /* Certificate Data */ 228892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 229892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes This field indicates the type of 230892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes certificate or certificate-related information contained in the 231892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes Certificate Data field. 232892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes */ 233892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 234892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 235892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.10 Certificate Request Payload */ 236892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_cr { 237892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 238892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t num_cert; /* # Cert. Types */ 239892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 240892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes Certificate Types (variable length) 241892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes -- Contains a list of the types of certificates requested, 242892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes sorted in order of preference. Each individual certificate 243892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes type is 1 octet. This field is NOT requiredo 244892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes */ 245892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* # Certificate Authorities (1 octet) */ 246892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Certificate Authorities (variable length) */ 247892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 248892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 249892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.11 Hash Payload */ 250892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* may not be used, because of having only data. */ 251892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_hash { 252892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 253892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Hash Data */ 254892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 255892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 256892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.12 Signature Payload */ 257892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* may not be used, because of having only data. */ 258892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_sig { 259892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 260892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Signature Data */ 261892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 262892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 263892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.13 Nonce Payload */ 264892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* may not be used, because of having only data. */ 265892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_nonce { 266892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 267892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Nonce Data */ 268892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 269892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 270892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.14 Notification Payload */ 271892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_n { 272892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 273892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi; /* Domain of Interpretation */ 274892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t prot_id; /* Protocol-ID */ 275892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t spi_size; /* SPI Size */ 276892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t type; /* Notify Message Type */ 277892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* SPI */ 278892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Notification Data */ 279892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 280892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 281892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.14.1 Notify Message Types */ 282892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* NOTIFY MESSAGES - ERROR TYPES */ 283892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE 1 284892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_DOI_NOT_SUPPORTED 2 285892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_SITUATION_NOT_SUPPORTED 3 286892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_COOKIE 4 287892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_MAJOR_VERSION 5 288892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_MINOR_VERSION 6 289892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE 7 290892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_FLAGS 8 291892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_MESSAGE_ID 9 292892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_PROTOCOL_ID 10 293892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_SPI 11 294892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_TRANSFORM_ID 12 295892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED 13 296892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN 14 297892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX 15 298892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_PAYLOAD_MALFORMED 16 299892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_KEY_INFORMATION 17 300892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_ID_INFORMATION 18 301892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_CERT_ENCODING 19 302892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_CERTIFICATE 20 303892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_BAD_CERT_REQUEST_SYNTAX 21 304892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_CERT_AUTHORITY 22 305892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_HASH_INFORMATION 23 306892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_AUTHENTICATION_FAILED 24 307892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_INVALID_SIGNATURE 25 308892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define ISAKMP_NTYPE_ADDRESS_NOTIFICATION 26 309892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 310892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.15 Delete Payload */ 311892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_pl_d { 312892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 313892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi; /* Domain of Interpretation */ 314892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t prot_id; /* Protocol-Id */ 315892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t spi_size; /* SPI Size */ 316892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t num_spi; /* # of SPIs */ 317892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* SPI(es) */ 318892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 319892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 320892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev1_ph1tab { 321892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct ikev1_ph1 *head; 322892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct ikev1_ph1 *tail; 323892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes int len; 324892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 325892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 326892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct isakmp_ph2tab { 327892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct ikev1_ph2 *head; 328892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct ikev1_ph2 *tail; 329892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes int len; 330892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 331892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 332892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* IKEv2 (RFC4306) */ 333892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 334892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.3 Security Association Payload -- generic header */ 335892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.3.1. Proposal Substructure */ 336892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev2_p { 337892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 338892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t p_no; /* Proposal # */ 339892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t prot_id; /* Protocol */ 340892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t spi_size; /* SPI Size */ 341892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t num_t; /* Number of Transforms */ 342892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 343892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 344892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.3.2. Transform Substructure */ 345892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev2_t { 346892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 347892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t t_type; /* Transform Type (ENCR,PRF,INTEG,etc.*/ 348892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t res2; /* reserved byte */ 349892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t t_id; /* Transform ID */ 350892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 351892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 352892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesenum ikev2_t_type { 353892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_T_ENCR = 1, 354892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_T_PRF = 2, 355892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_T_INTEG= 3, 356892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_T_DH = 4, 357e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes IV2_T_ESN = 5 358892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 359892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 360892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.4. Key Exchange Payload */ 361892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev2_ke { 362892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 363892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t ke_group; 364892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t ke_res1; 365892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* KE data */ 366892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 367892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 368892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 369892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.5. Identification Payloads */ 370892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesenum ikev2_id_type { 371892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ID_IPV4_ADDR=1, 372892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ID_FQDN=2, 373892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ID_RFC822_ADDR=3, 374892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ID_IPV6_ADDR=5, 375892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ID_DER_ASN1_DN=9, 376892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ID_DER_ASN1_GN=10, 377e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ID_KEY_ID=11 378892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 379892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev2_id { 380892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 381892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t type; /* ID type */ 382892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t res1; 383892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t res2; 384892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* SPI */ 385892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Notification Data */ 386892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 387892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 388892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.10 Notification Payload */ 389892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev2_n { 390892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 391892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t prot_id; /* Protocol-ID */ 392892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t spi_size; /* SPI Size */ 393892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t type; /* Notify Message Type */ 394892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 395892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 396892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesenum ikev2_n_type { 397892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_UNSUPPORTED_CRITICAL_PAYLOAD = 1, 398892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INVALID_IKE_SPI = 4, 399892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INVALID_MAJOR_VERSION = 5, 400892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INVALID_SYNTAX = 7, 401892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INVALID_MESSAGE_ID = 9, 402892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INVALID_SPI =11, 403892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_NO_PROPOSAL_CHOSEN =14, 404892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INVALID_KE_PAYLOAD =17, 405892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_AUTHENTICATION_FAILED =24, 406892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_SINGLE_PAIR_REQUIRED =34, 407892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_NO_ADDITIONAL_SAS =35, 408892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INTERNAL_ADDRESS_FAILURE =36, 409892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_FAILED_CP_REQUIRED =37, 410892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INVALID_SELECTORS =39, 411892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_INITIAL_CONTACT =16384, 412892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_SET_WINDOW_SIZE =16385, 413892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_ADDITIONAL_TS_POSSIBLE =16386, 414892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_IPCOMP_SUPPORTED =16387, 415892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_NAT_DETECTION_SOURCE_IP =16388, 416892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_NAT_DETECTION_DESTINATION_IP =16389, 417892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_COOKIE =16390, 418892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_USE_TRANSPORT_MODE =16391, 419892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_HTTP_CERT_LOOKUP_SUPPORTED =16392, 420892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_REKEY_SA =16393, 421892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_ESP_TFC_PADDING_NOT_SUPPORTED =16394, 422892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_NOTIFY_NON_FIRST_FRAGMENTS_ALSO =16395 423892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 424892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 425892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct notify_messages { 426892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t type; 427892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes char *msg; 428892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 429892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 430892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 3.8 Notification Payload */ 431892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ikev2_auth { 432892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 433892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t auth_method; /* Protocol-ID */ 434892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t reserved[3]; 435892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* authentication data */ 436892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 437892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 438892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesenum ikev2_auth_type { 439892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_RSA_SIG = 1, 440892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes IV2_SHARED = 2, 441e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes IV2_DSS_SIG = 3 442892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 443892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 444892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* refer to RFC 2409 */ 445892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 446892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#if 0 447892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* isakmp sa structure */ 448892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct oakley_sa { 449892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t proto_id; /* OAKLEY */ 450892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes vchar_t *spi; /* spi */ 451892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t dhgrp; /* DH; group */ 452892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t auth_t; /* method of authentication */ 453892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t prf_t; /* type of prf */ 454892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t hash_t; /* type of hash */ 455892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t enc_t; /* type of cipher */ 456892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t life_t; /* type of duration of lifetime */ 457892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t ldur; /* life duration */ 458892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 4592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 4602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 461892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* refer to RFC 2407 */ 462892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 463892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSEC_DOI 1 464892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 465892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.2 IPSEC Situation Definition */ 466892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_SIT_IDENTITY_ONLY 0x00000001 467892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_SIT_SECRECY 0x00000002 468892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_SIT_INTEGRITY 0x00000004 469892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 470892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.4.1 IPSEC Security Protocol Identifiers */ 471892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 4.4.2 IPSEC ISAKMP Transform Values */ 472892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_PROTO_ISAKMP 1 473892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_KEY_IKE 1 474892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 475892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.4.1 IPSEC Security Protocol Identifiers */ 476892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_PROTO_IPSEC_AH 2 477892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 4.4.3 IPSEC AH Transform Values */ 478892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_AH_MD5 2 479892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_AH_SHA 3 480892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_AH_DES 4 481892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_AH_SHA2_256 5 482892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_AH_SHA2_384 6 483892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_AH_SHA2_512 7 484892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 485892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.4.1 IPSEC Security Protocol Identifiers */ 486892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_PROTO_IPSEC_ESP 3 487892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 4.4.4 IPSEC ESP Transform Identifiers */ 488892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_DES_IV64 1 489892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_DES 2 490892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_3DES 3 491892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_RC5 4 492892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_IDEA 5 493892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_CAST 6 494892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_BLOWFISH 7 495892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_3IDEA 8 496892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_DES_IV32 9 497892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_RC4 10 498892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_NULL 11 499892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_RIJNDAEL 12 500892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ESP_AES 12 501892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 502892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.4.1 IPSEC Security Protocol Identifiers */ 503892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_PROTO_IPCOMP 4 504892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 4.4.5 IPSEC IPCOMP Transform Identifiers */ 505892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_IPCOMP_OUI 1 506892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_IPCOMP_DEFLATE 2 507892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_IPCOMP_LZS 3 508892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 509892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.5 IPSEC Security Association Attributes */ 510892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_SA_LTYPE 1 /* B */ 511892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_SA_LTYPE_DEFAULT 1 512892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_SA_LTYPE_SEC 1 513892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_SA_LTYPE_KB 2 514892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_SA_LDUR 2 /* V */ 515892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_SA_LDUR_DEFAULT 28800 /* 8 hours */ 516892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_GRP_DESC 3 /* B */ 517892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_ENC_MODE 4 /* B */ 518892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* default value: host dependent */ 519892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_ENC_MODE_TUNNEL 1 520892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_ENC_MODE_TRNS 2 521892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_AUTH 5 /* B */ 522892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 0 means not to use authentication. */ 523892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_AUTH_HMAC_MD5 1 524892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_AUTH_HMAC_SHA1 2 525892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_AUTH_DES_MAC 3 526892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_AUTH_KPDK 4 /*RFC-1826(Key/Pad/Data/Key)*/ 527892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* 528892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes * When negotiating ESP without authentication, the Auth 529892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes * Algorithm attribute MUST NOT be included in the proposal. 530892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes * When negotiating ESP without confidentiality, the Auth 531892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes * Algorithm attribute MUST be included in the proposal and 532892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes * the ESP transform ID must be ESP_NULL. 533892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes */ 534892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_KEY_LENGTH 6 /* B */ 535892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_KEY_ROUNDS 7 /* B */ 536892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_COMP_DICT_SIZE 8 /* B */ 537892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ATTR_COMP_PRIVALG 9 /* V */ 538892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 539892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.6.1 Security Association Payload */ 540892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ipsecdoi_sa { 541892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 542892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi; /* Domain of Interpretation */ 543892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t sit; /* Situation */ 544892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 545892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 546892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ipsecdoi_secrecy_h { 547892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t len; 548892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t reserved; 549892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 550892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 551892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.6.2.1 Identification Type Values */ 552892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstruct ipsecdoi_id { 553892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct isakmp_gen h; 554892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t type; /* ID Type */ 555892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint8_t proto_id; /* Protocol ID */ 556892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t port; /* Port */ 557892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* Identification Data */ 558892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 559892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 560892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_IPV4_ADDR 1 561892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_FQDN 2 562892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_USER_FQDN 3 563892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_IPV4_ADDR_SUBNET 4 564892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_IPV6_ADDR 5 565892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_IPV6_ADDR_SUBNET 6 566892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_IPV4_ADDR_RANGE 7 567892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_IPV6_ADDR_RANGE 8 568892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_DER_ASN1_DN 9 569892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_DER_ASN1_GN 10 570892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_ID_KEY_ID 11 571892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 572892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* 4.6.3 IPSEC DOI Notify Message Types */ 573892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes/* Notify Messages - Status Types */ 574892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_NTYPE_RESPONDER_LIFETIME 24576 575892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_NTYPE_REPLAY_STATUS 24577 576892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes#define IPSECDOI_NTYPE_INITIAL_CONTACT 24578 577892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 57853f17a9db278d33517d9888dd77848f554522a38JP Abgrall#define DECLARE_PRINTER(func) static const u_char *ike##func##_print( \ 57953f17a9db278d33517d9888dd77848f554522a38JP Abgrall netdissect_options *ndo, u_char tpay, \ 58053f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, \ 58153f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len, \ 58253f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *end_pointer, \ 583892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase,\ 584892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi0, \ 585892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0, int depth) 58653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 58753f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_sa); 58853f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_p); 58953f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_t); 59053f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_ke); 59153f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_id); 59253f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_cert); 59353f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_cr); 59453f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_sig); 59553f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_hash); 59653f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_nonce); 59753f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_n); 59853f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_d); 59953f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v1_vid); 60053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 60153f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_sa); 60253f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_ke); 60353f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_ID); 60453f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_cert); 60553f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_cr); 60653f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_auth); 60753f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_nonce); 60853f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_n); 60953f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_d); 61053f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_vid); 61153f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_TS); 61253f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_cp); 61353f17a9db278d33517d9888dd77848f554522a38JP AbgrallDECLARE_PRINTER(v2_eap); 61453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 61553f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char *ikev2_e_print(netdissect_options *ndo, 61653f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp *base, 61753f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_char tpay, 61853f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 619892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes u_int item_len, 620892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *end_pointer, 621892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase, 622892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi0, 623892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0, int depth); 62453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 62553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 62653f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char *ike_sub0_print(netdissect_options *ndo,u_char, const struct isakmp_gen *, 627892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *, uint32_t, uint32_t, uint32_t, int); 62853f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char *ikev1_sub_print(netdissect_options *ndo,u_char, const struct isakmp_gen *, 629892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *, uint32_t, uint32_t, uint32_t, int); 63053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 63153f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char *ikev2_sub_print(netdissect_options *ndo, 63253f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp *base, 63353f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_char np, const struct isakmp_gen *ext, 634892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep, uint32_t phase, 635892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi, uint32_t proto, 63653f17a9db278d33517d9888dd77848f554522a38JP Abgrall int depth); 63753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 63853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 6392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic char *numstr(int); 64053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 64153f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic void 64253f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_print(netdissect_options *ndo, 64353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp, u_int length, 64453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp2, struct isakmp *base); 6452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 6462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define MAXINITIATORS 20 647e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughesstatic int ninitiator = 0; 648892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesunion inaddr_u { 649892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct in_addr in4; 650892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes struct in6_addr in6; 651892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes}; 652e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughesstatic struct { 6532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project cookie_t initiator; 654892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes u_int version; 655892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes union inaddr_u iaddr; 656892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes union inaddr_u raddr; 6572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} cookiecache[MAXINITIATORS]; 6582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 6592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* protocol id */ 6602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const char *protoidstr[] = { 6612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL, "isakmp", "ipsec-ah", "ipsec-esp", "ipcomp", 6622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 6632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 6642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* isakmp->np */ 6652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const char *npstr[] = { 66653f17a9db278d33517d9888dd77848f554522a38JP Abgrall "none", "sa", "p", "t", "ke", "id", "cert", "cr", "hash", /* 0 - 8 */ 66753f17a9db278d33517d9888dd77848f554522a38JP Abgrall "sig", "nonce", "n", "d", "vid", /* 9 - 13 */ 66853f17a9db278d33517d9888dd77848f554522a38JP Abgrall "pay14", "pay15", "pay16", "pay17", "pay18", /* 14- 18 */ 66953f17a9db278d33517d9888dd77848f554522a38JP Abgrall "pay19", "pay20", "pay21", "pay22", "pay23", /* 19- 23 */ 67053f17a9db278d33517d9888dd77848f554522a38JP Abgrall "pay24", "pay25", "pay26", "pay27", "pay28", /* 24- 28 */ 67153f17a9db278d33517d9888dd77848f554522a38JP Abgrall "pay29", "pay30", "pay31", "pay32", /* 29- 32 */ 67253f17a9db278d33517d9888dd77848f554522a38JP Abgrall "v2sa", "v2ke", "v2IDi", "v2IDr", "v2cert",/* 33- 37 */ 67353f17a9db278d33517d9888dd77848f554522a38JP Abgrall "v2cr", "v2auth","v2nonce", "v2n", "v2d", /* 38- 42 */ 67453f17a9db278d33517d9888dd77848f554522a38JP Abgrall "v2vid", "v2TSi", "v2TSr", "v2e", "v2cp", /* 43- 47 */ 67553f17a9db278d33517d9888dd77848f554522a38JP Abgrall "v2eap", /* 48 */ 676892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 6772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 6782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 6792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* isakmp->np */ 680892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstatic const u_char *(*npfunc[])(netdissect_options *ndo, u_char tpay, 68153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 68253f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len, 68353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *end_pointer, 684892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase, 685892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi0, 686892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0, int depth) = { 6872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL, 68853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_sa_print, 68953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_p_print, 69053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_t_print, 69153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_ke_print, 69253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_id_print, 69353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_cert_print, 69453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_cr_print, 69553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_hash_print, 69653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_sig_print, 69753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_nonce_print, 69853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_n_print, 69953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_d_print, 70053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_vid_print, /* 13 */ 70153f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, NULL, NULL, NULL, NULL, /* 14- 18 */ 70253f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, NULL, NULL, NULL, NULL, /* 19- 23 */ 70353f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, NULL, NULL, NULL, NULL, /* 24- 28 */ 70453f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, NULL, NULL, NULL, /* 29- 32 */ 70553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_sa_print, /* 33 */ 70653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_ke_print, /* 34 */ 70753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_ID_print, /* 35 */ 70853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_ID_print, /* 36 */ 70953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_cert_print, /* 37 */ 71053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_cr_print, /* 38 */ 71153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_auth_print, /* 39 */ 71253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_nonce_print, /* 40 */ 71353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_n_print, /* 41 */ 71453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_d_print, /* 42 */ 71553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_vid_print, /* 43 */ 71653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_TS_print, /* 44 */ 71753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_TS_print, /* 45 */ 71853f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, /* ikev2_e_print,*/ /* 46 - special */ 71953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_cp_print, /* 47 */ 72053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_eap_print, /* 48 */ 7212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 7222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 7232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* isakmp->etype */ 7242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const char *etypestr[] = { 72553f17a9db278d33517d9888dd77848f554522a38JP Abgrall/* IKEv1 exchange types */ 72653f17a9db278d33517d9888dd77848f554522a38JP Abgrall "none", "base", "ident", "auth", "agg", "inf", NULL, NULL, /* 0-7 */ 72753f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, /* 8-15 */ 72853f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, /* 16-23 */ 72953f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, /* 24-31 */ 73053f17a9db278d33517d9888dd77848f554522a38JP Abgrall "oakley-quick", "oakley-newgroup", /* 32-33 */ 73153f17a9db278d33517d9888dd77848f554522a38JP Abgrall/* IKEv2 exchange types */ 73253f17a9db278d33517d9888dd77848f554522a38JP Abgrall "ikev2_init", "ikev2_auth", "child_sa", "inf2" /* 34-37 */ 7332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 7342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 7352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define STR_OR_ID(x, tab) \ 7362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (((x) < sizeof(tab)/sizeof(tab[0]) && tab[(x)]) ? tab[(x)] : numstr(x)) 7372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define PROTOIDSTR(x) STR_OR_ID(x, protoidstr) 7382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define NPSTR(x) STR_OR_ID(x, npstr) 7392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define ETYPESTR(x) STR_OR_ID(x, etypestr) 7402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 74153f17a9db278d33517d9888dd77848f554522a38JP Abgrall#define CHECKLEN(p, np) \ 742e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (ep < (const u_char *)(p)) { \ 74353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(np))); \ 74453f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto done; \ 74553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 746892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 74753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 7482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define NPFUNC(x) \ 7492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (((x) < sizeof(npfunc)/sizeof(npfunc[0]) && npfunc[(x)]) \ 7502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ? npfunc[(x)] : NULL) 7512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 7522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic int 753e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughesiszero(const u_char *p, size_t l) 7542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 7552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project while (l--) { 7562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (*p++) 7572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return 0; 7582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 7592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return 1; 7602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 7612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 7622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* find cookie from initiator cache */ 7632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic int 7642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectcookie_find(cookie_t *in) 7652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 7662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int i; 7672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 7682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project for (i = 0; i < MAXINITIATORS; i++) { 7692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (memcmp(in, &cookiecache[i].initiator, sizeof(*in)) == 0) 7702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return i; 7712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 7722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 7732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return -1; 7742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 7752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 7762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* record initiator */ 7772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic void 7782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectcookie_record(cookie_t *in, const u_char *bp2) 7792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 7802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int i; 781e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct ip *ip; 782e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct ip6_hdr *ip6; 7832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 7842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project i = cookie_find(in); 7852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (0 <= i) { 7862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ninitiator = (i + 1) % MAXINITIATORS; 7872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 7882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 7892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 790e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ip = (const struct ip *)bp2; 7912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project switch (IP_V(ip)) { 7922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 4: 793892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes cookiecache[ninitiator].version = 4; 794892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes UNALIGNED_MEMCPY(&cookiecache[ninitiator].iaddr.in4, &ip->ip_src, sizeof(struct in_addr)); 795892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes UNALIGNED_MEMCPY(&cookiecache[ninitiator].raddr.in4, &ip->ip_dst, sizeof(struct in_addr)); 7962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 7972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 6: 798e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ip6 = (const struct ip6_hdr *)bp2; 799892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes cookiecache[ninitiator].version = 6; 800892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes UNALIGNED_MEMCPY(&cookiecache[ninitiator].iaddr.in6, &ip6->ip6_src, sizeof(struct in6_addr)); 801892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes UNALIGNED_MEMCPY(&cookiecache[ninitiator].raddr.in6, &ip6->ip6_dst, sizeof(struct in6_addr)); 8022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 8032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project default: 8042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 8052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 80653f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&cookiecache[ninitiator].initiator, in, sizeof(*in)); 8072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ninitiator = (ninitiator + 1) % MAXINITIATORS; 8082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 8092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 8102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define cookie_isinitiator(x, y) cookie_sidecheck((x), (y), 1) 8112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define cookie_isresponder(x, y) cookie_sidecheck((x), (y), 0) 8122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic int 8132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectcookie_sidecheck(int i, const u_char *bp2, int initiator) 8142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 815e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct ip *ip; 816e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct ip6_hdr *ip6; 8172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 818e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ip = (const struct ip *)bp2; 8192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project switch (IP_V(ip)) { 8202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 4: 821892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (cookiecache[i].version != 4) 822892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes return 0; 823892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (initiator) { 824892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (UNALIGNED_MEMCMP(&ip->ip_src, &cookiecache[i].iaddr.in4, sizeof(struct in_addr)) == 0) 825892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes return 1; 826892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes } else { 827892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (UNALIGNED_MEMCMP(&ip->ip_src, &cookiecache[i].raddr.in4, sizeof(struct in_addr)) == 0) 828892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes return 1; 829892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes } 8302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 8312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 6: 832892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (cookiecache[i].version != 6) 833892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes return 0; 834e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ip6 = (const struct ip6_hdr *)bp2; 835892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (initiator) { 836892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (UNALIGNED_MEMCMP(&ip6->ip6_src, &cookiecache[i].iaddr.in6, sizeof(struct in6_addr)) == 0) 837892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes return 1; 838892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes } else { 839892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (UNALIGNED_MEMCMP(&ip6->ip6_src, &cookiecache[i].raddr.in6, sizeof(struct in6_addr)) == 0) 840892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes return 1; 841892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes } 8422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 8432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project default: 844892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes break; 8452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 8462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 8472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return 0; 8482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 8492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 85053f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic void 851e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hugheshexprint(netdissect_options *ndo, const uint8_t *loc, size_t len) 8522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 853e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const uint8_t *p; 8542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project size_t i; 8552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 856e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = loc; 8572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project for (i = 0; i < len; i++) 85853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%02x", p[i] & 0xff)); 85953f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 86053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 86153f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic int 862e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughesrawprint(netdissect_options *ndo, const uint8_t *loc, size_t len) 86353f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 86453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK2(*loc, len); 86553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 86653f17a9db278d33517d9888dd77848f554522a38JP Abgrall hexprint(ndo, loc, len); 86753f17a9db278d33517d9888dd77848f554522a38JP Abgrall return 1; 86853f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 86953f17a9db278d33517d9888dd77848f554522a38JP Abgrall return 0; 87053f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 87153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 87253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 87353f17a9db278d33517d9888dd77848f554522a38JP Abgrall/* 87453f17a9db278d33517d9888dd77848f554522a38JP Abgrall * returns false if we run out of data buffer 87553f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 876892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstatic int ike_show_somedata(netdissect_options *ndo, 87753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *cp, const u_char *ep) 87853f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 87953f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* there is too much data, just show some of it */ 88053f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *end = ep - 20; 88153f17a9db278d33517d9888dd77848f554522a38JP Abgrall int elen = 20; 88253f17a9db278d33517d9888dd77848f554522a38JP Abgrall int len = ep - cp; 88353f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(len > 10) { 88453f17a9db278d33517d9888dd77848f554522a38JP Abgrall len = 10; 88553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 886892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 88753f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* really shouldn't happen because of above */ 88853f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(end < cp + len) { 88953f17a9db278d33517d9888dd77848f554522a38JP Abgrall end = cp+len; 89053f17a9db278d33517d9888dd77848f554522a38JP Abgrall elen = ep - end; 89153f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 892892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 89353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," data=(")); 894e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if(!rawprint(ndo, (const uint8_t *)(cp), len)) goto trunc; 89553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, "...")); 89653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(elen) { 897e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if(!rawprint(ndo, (const uint8_t *)(end), elen)) goto trunc; 89853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 89953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,")")); 9002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return 1; 90153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 9022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 9032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return 0; 9042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 9052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 9062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstruct attrmap { 9072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const char *type; 9082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int nvalue; 9092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const char *value[30]; /*XXX*/ 9102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 9112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 9122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 91353f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_attrmap_print(netdissect_options *ndo, 91453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *p, const u_char *ep, 91553f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct attrmap *map, size_t nmap) 9162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 9172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int totlen; 918892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t t, v; 9192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 9202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (p[0] & 0x80) 9212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project totlen = 4; 9222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 92353f17a9db278d33517d9888dd77848f554522a38JP Abgrall totlen = 4 + EXTRACT_16BITS(&p[2]); 9242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ep < p + totlen) { 92553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"[|attr]")); 9262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return ep + 1; 9272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 9282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 92953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"(")); 93053f17a9db278d33517d9888dd77848f554522a38JP Abgrall t = EXTRACT_16BITS(&p[0]) & 0x7fff; 9312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (map && t < nmap && map[t].type) 93253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"type=%s ", map[t].type)); 9332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 93453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"type=#%d ", t)); 9352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (p[0] & 0x80) { 93653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"value=")); 93753f17a9db278d33517d9888dd77848f554522a38JP Abgrall v = EXTRACT_16BITS(&p[2]); 9382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (map && t < nmap && v < map[t].nvalue && map[t].value[v]) 93953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s", map[t].value[v])); 9402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 941e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes rawprint(ndo, (const uint8_t *)&p[2], 2); 9422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else { 94353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"len=%d value=", EXTRACT_16BITS(&p[2]))); 944e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes rawprint(ndo, (const uint8_t *)&p[4], EXTRACT_16BITS(&p[2])); 9452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 94653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,")")); 9472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return p + totlen; 9482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 9492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 9502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 95153f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_attr_print(netdissect_options *ndo, const u_char *p, const u_char *ep) 9522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 9532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int totlen; 954892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t t; 9552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 9562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (p[0] & 0x80) 9572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project totlen = 4; 9582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 95953f17a9db278d33517d9888dd77848f554522a38JP Abgrall totlen = 4 + EXTRACT_16BITS(&p[2]); 9602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ep < p + totlen) { 96153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"[|attr]")); 9622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return ep + 1; 9632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 9642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 96553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"(")); 96653f17a9db278d33517d9888dd77848f554522a38JP Abgrall t = EXTRACT_16BITS(&p[0]) & 0x7fff; 96753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"type=#%d ", t)); 9682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (p[0] & 0x80) { 96953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"value=")); 97053f17a9db278d33517d9888dd77848f554522a38JP Abgrall t = p[2]; 971e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes rawprint(ndo, (const uint8_t *)&p[2], 2); 9722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else { 97353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"len=%d value=", EXTRACT_16BITS(&p[2]))); 974e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes rawprint(ndo, (const uint8_t *)&p[4], EXTRACT_16BITS(&p[2])); 9752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 97653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,")")); 9772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return p + totlen; 9782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 9792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 9802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 98153f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_sa_print(netdissect_options *ndo, u_char tpay _U_, 98253f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 9832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int item_len _U_, 984892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep, uint32_t phase, uint32_t doi0 _U_, 985892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0, int depth) 9862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 98753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev1_pl_sa *p; 98853f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev1_pl_sa sa; 989892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi, sit, ident; 9902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *cp, *np; 9912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int t; 9922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 99353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_SA))); 9942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 995e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev1_pl_sa *)ext; 99653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 99753f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&sa, ext, sizeof(sa)); 9982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project doi = ntohl(sa.doi); 9992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project sit = ntohl(sa.sit); 10002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (doi != 1) { 100153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," doi=%d", doi)); 1002892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ND_PRINT((ndo," situation=%u", (uint32_t)ntohl(sa.sit))); 1003e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)(p + 1); 10042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 10052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 100653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," doi=ipsec")); 100753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," situation=")); 10082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project t = 0; 10092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sit & 0x01) { 101053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"identity")); 10112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project t++; 10122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 10132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sit & 0x02) { 101453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%ssecrecy", t ? "+" : "")); 10152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project t++; 10162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 10172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sit & 0x04) 101853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%sintegrity", t ? "+" : "")); 10192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1020e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes np = (const u_char *)ext + sizeof(sa); 10212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sit != 0x01) { 102253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK2(*(ext + 1), sizeof(ident)); 102353f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&ident, ext + 1, sizeof(ident)); 1024892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ND_PRINT((ndo," ident=%u", (uint32_t)ntohl(ident))); 10252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project np += sizeof(ident); 10262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 10272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1028e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ext = (const struct isakmp_gen *)np; 102953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 10302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 103153f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ikev1_sub_print(ndo, ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0, 10322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project depth); 10332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 10342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return cp; 10352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 103653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_SA))); 10372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 10382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 10392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 10402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 104153f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_p_print(netdissect_options *ndo, u_char tpay _U_, 104253f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, u_int item_len _U_, 1043892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep, uint32_t phase, uint32_t doi0, 1044892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0 _U_, int depth) 10452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 104653f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev1_pl_p *p; 104753f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev1_pl_p prop; 10482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *cp; 10492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 105053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_P))); 10512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1052e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev1_pl_p *)ext; 105353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 105453f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&prop, ext, sizeof(prop)); 105553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," #%d protoid=%s transform=%d", 105653f17a9db278d33517d9888dd77848f554522a38JP Abgrall prop.p_no, PROTOIDSTR(prop.prot_id), prop.num_t)); 10572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (prop.spi_size) { 105853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," spi=")); 1059e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(p + 1), prop.spi_size)) 10602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 10612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 10622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1063e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ext = (const struct isakmp_gen *)((const u_char *)(p + 1) + prop.spi_size); 106453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 1065892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 106653f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ikev1_sub_print(ndo, ISAKMP_NPTYPE_T, ext, ep, phase, doi0, 106753f17a9db278d33517d9888dd77848f554522a38JP Abgrall prop.prot_id, depth); 1068892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 10692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return cp; 10702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 107153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_P))); 10722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 10732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 10742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 107553f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const char *ikev1_p_map[] = { 10762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL, "ike", 10772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 10782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 107953f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const char *ikev2_t_type_map[]={ 108053f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, "encr", "prf", "integ", "dh", "esn" 108153f17a9db278d33517d9888dd77848f554522a38JP Abgrall}; 108253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 10832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const char *ah_p_map[] = { 10842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL, "(reserved)", "md5", "sha", "1des", 10852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "sha2-256", "sha2-384", "sha2-512", 10862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 10872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 108853f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const char *prf_p_map[] = { 108953f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, "hmac-md5", "hmac-sha", "hmac-tiger", 109053f17a9db278d33517d9888dd77848f554522a38JP Abgrall "aes128_xcbc" 109153f17a9db278d33517d9888dd77848f554522a38JP Abgrall}; 109253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 109353f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const char *integ_p_map[] = { 109453f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, "hmac-md5", "hmac-sha", "dec-mac", 109553f17a9db278d33517d9888dd77848f554522a38JP Abgrall "kpdk-md5", "aes-xcbc" 109653f17a9db278d33517d9888dd77848f554522a38JP Abgrall}; 109753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 109853f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const char *esn_p_map[] = { 109953f17a9db278d33517d9888dd77848f554522a38JP Abgrall "no-esn", "esn" 110053f17a9db278d33517d9888dd77848f554522a38JP Abgrall}; 110153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 110253f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const char *dh_p_map[] = { 110353f17a9db278d33517d9888dd77848f554522a38JP Abgrall NULL, "modp768", 110453f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp1024", /* group 2 */ 110553f17a9db278d33517d9888dd77848f554522a38JP Abgrall "EC2N 2^155", /* group 3 */ 110653f17a9db278d33517d9888dd77848f554522a38JP Abgrall "EC2N 2^185", /* group 4 */ 110753f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp1536", /* group 5 */ 110853f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp06", "iana-grp07", /* reserved */ 110953f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp08", "iana-grp09", 111053f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp10", "iana-grp11", 111153f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp12", "iana-grp13", 111253f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp2048", /* group 14 */ 111353f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp3072", /* group 15 */ 111453f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp4096", /* group 16 */ 111553f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp6144", /* group 17 */ 111653f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp8192", /* group 18 */ 111753f17a9db278d33517d9888dd77848f554522a38JP Abgrall}; 111853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 11192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const char *esp_p_map[] = { 11202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL, "1des-iv64", "1des", "3des", "rc5", "idea", "cast", 11212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "blowfish", "3idea", "1des-iv32", "rc4", "null", "aes" 11222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 11232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 11242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const char *ipcomp_p_map[] = { 11252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL, "oui", "deflate", "lzs", 11262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 11272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1128892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstatic const struct attrmap ipsec_t_map[] = { 11292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { NULL, 0, { NULL } }, 11302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "lifetype", 3, { NULL, "sec", "kb", }, }, 11312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "life", 0, { NULL } }, 113253f17a9db278d33517d9888dd77848f554522a38JP Abgrall { "group desc", 18, { NULL, "modp768", 113353f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp1024", /* group 2 */ 113453f17a9db278d33517d9888dd77848f554522a38JP Abgrall "EC2N 2^155", /* group 3 */ 113553f17a9db278d33517d9888dd77848f554522a38JP Abgrall "EC2N 2^185", /* group 4 */ 113653f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp1536", /* group 5 */ 113753f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp06", "iana-grp07", /* reserved */ 113853f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp08", "iana-grp09", 113953f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp10", "iana-grp11", 114053f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp12", "iana-grp13", 114153f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp2048", /* group 14 */ 114253f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp3072", /* group 15 */ 114353f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp4096", /* group 16 */ 114453f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp6144", /* group 17 */ 114553f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp8192", /* group 18 */ 114653f17a9db278d33517d9888dd77848f554522a38JP Abgrall }, }, 11472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "enc mode", 3, { NULL, "tunnel", "transport", }, }, 11482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "auth", 5, { NULL, "hmac-md5", "hmac-sha1", "1des-mac", "keyed", }, }, 11492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "keylen", 0, { NULL } }, 11502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "rounds", 0, { NULL } }, 11512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "dictsize", 0, { NULL } }, 11522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "privalg", 0, { NULL } }, 11532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 11542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1155892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstatic const struct attrmap encr_t_map[] = { 115653f17a9db278d33517d9888dd77848f554522a38JP Abgrall { NULL, 0, { NULL } }, { NULL, 0, { NULL } }, /* 0, 1 */ 115753f17a9db278d33517d9888dd77848f554522a38JP Abgrall { NULL, 0, { NULL } }, { NULL, 0, { NULL } }, /* 2, 3 */ 115853f17a9db278d33517d9888dd77848f554522a38JP Abgrall { NULL, 0, { NULL } }, { NULL, 0, { NULL } }, /* 4, 5 */ 115953f17a9db278d33517d9888dd77848f554522a38JP Abgrall { NULL, 0, { NULL } }, { NULL, 0, { NULL } }, /* 6, 7 */ 116053f17a9db278d33517d9888dd77848f554522a38JP Abgrall { NULL, 0, { NULL } }, { NULL, 0, { NULL } }, /* 8, 9 */ 116153f17a9db278d33517d9888dd77848f554522a38JP Abgrall { NULL, 0, { NULL } }, { NULL, 0, { NULL } }, /* 10,11*/ 116253f17a9db278d33517d9888dd77848f554522a38JP Abgrall { NULL, 0, { NULL } }, { NULL, 0, { NULL } }, /* 12,13*/ 116353f17a9db278d33517d9888dd77848f554522a38JP Abgrall { "keylen", 14, { NULL }}, 116453f17a9db278d33517d9888dd77848f554522a38JP Abgrall}; 116553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 1166892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesstatic const struct attrmap oakley_t_map[] = { 11672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { NULL, 0, { NULL } }, 11682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "enc", 8, { NULL, "1des", "idea", "blowfish", "rc5", 11692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "3des", "cast", "aes", }, }, 11702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "hash", 7, { NULL, "md5", "sha1", "tiger", 11712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "sha2-256", "sha2-384", "sha2-512", }, }, 11722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "auth", 6, { NULL, "preshared", "dss", "rsa sig", "rsa enc", 11732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "rsa enc revised", }, }, 117453f17a9db278d33517d9888dd77848f554522a38JP Abgrall { "group desc", 18, { NULL, "modp768", 117553f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp1024", /* group 2 */ 117653f17a9db278d33517d9888dd77848f554522a38JP Abgrall "EC2N 2^155", /* group 3 */ 117753f17a9db278d33517d9888dd77848f554522a38JP Abgrall "EC2N 2^185", /* group 4 */ 117853f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp1536", /* group 5 */ 117953f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp06", "iana-grp07", /* reserved */ 118053f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp08", "iana-grp09", 118153f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp10", "iana-grp11", 118253f17a9db278d33517d9888dd77848f554522a38JP Abgrall "iana-grp12", "iana-grp13", 118353f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp2048", /* group 14 */ 118453f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp3072", /* group 15 */ 118553f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp4096", /* group 16 */ 118653f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp6144", /* group 17 */ 118753f17a9db278d33517d9888dd77848f554522a38JP Abgrall "modp8192", /* group 18 */ 118853f17a9db278d33517d9888dd77848f554522a38JP Abgrall }, }, 11892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "group type", 4, { NULL, "MODP", "ECP", "EC2N", }, }, 11902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "group prime", 0, { NULL } }, 11912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "group gen1", 0, { NULL } }, 11922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "group gen2", 0, { NULL } }, 11932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "group curve A", 0, { NULL } }, 11942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "group curve B", 0, { NULL } }, 11952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "lifetype", 3, { NULL, "sec", "kb", }, }, 11962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "lifeduration", 0, { NULL } }, 11972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "prf", 0, { NULL } }, 11982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "keylen", 0, { NULL } }, 11992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "field", 0, { NULL } }, 12002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { "order", 0, { NULL } }, 12012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 12022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 12032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 120453f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_t_print(netdissect_options *ndo, u_char tpay _U_, 120553f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, u_int item_len, 1206892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep, uint32_t phase _U_, uint32_t doi _U_, 1207892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto, int depth _U_) 12082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 120953f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev1_pl_t *p; 121053f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev1_pl_t t; 12112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *cp; 12122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const char *idstr; 12132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const struct attrmap *map; 12142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project size_t nmap; 12152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *ep2; 12162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 121753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_T))); 12182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1219e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev1_pl_t *)ext; 122053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 122153f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&t, ext, sizeof(t)); 12222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 12232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project switch (proto) { 12242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 1: 122553f17a9db278d33517d9888dd77848f554522a38JP Abgrall idstr = STR_OR_ID(t.t_id, ikev1_p_map); 12262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project map = oakley_t_map; 12272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nmap = sizeof(oakley_t_map)/sizeof(oakley_t_map[0]); 12282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 12292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 2: 12302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project idstr = STR_OR_ID(t.t_id, ah_p_map); 12312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project map = ipsec_t_map; 12322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nmap = sizeof(ipsec_t_map)/sizeof(ipsec_t_map[0]); 12332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 12342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 3: 12352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project idstr = STR_OR_ID(t.t_id, esp_p_map); 12362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project map = ipsec_t_map; 12372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nmap = sizeof(ipsec_t_map)/sizeof(ipsec_t_map[0]); 12382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 12392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 4: 12402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project idstr = STR_OR_ID(t.t_id, ipcomp_p_map); 12412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project map = ipsec_t_map; 12422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nmap = sizeof(ipsec_t_map)/sizeof(ipsec_t_map[0]); 12432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 12442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project default: 12452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project idstr = NULL; 12462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project map = NULL; 12472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nmap = 0; 12482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 12492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 12502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 12512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (idstr) 125253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," #%d id=%s ", t.t_no, idstr)); 12532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 125453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," #%d id=%d ", t.t_no, t.t_id)); 1255e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (const u_char *)(p + 1); 1256e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ep2 = (const u_char *)p + item_len; 12572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project while (cp < ep && cp < ep2) { 12582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (map && nmap) { 125953f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ikev1_attrmap_print(ndo, cp, (ep < ep2) ? ep : ep2, 12602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project map, nmap); 12612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else 126253f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ikev1_attr_print(ndo, cp, (ep < ep2) ? ep : ep2); 12632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 12642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ep < ep2) 126553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"...")); 12662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return cp; 12672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 126853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_T))); 12692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 12702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 12712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 12722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 127353f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_ke_print(netdissect_options *ndo, u_char tpay _U_, 127453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, u_int item_len _U_, 1275892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep _U_, uint32_t phase _U_, uint32_t doi _U_, 1276892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 12772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 12782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct isakmp_gen e; 12792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 128053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_KE))); 12812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 128253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 128353f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 128453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," key len=%d", ntohs(e.len) - 4)); 128553f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < ntohs(e.len)) { 128653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1287e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4)) 12882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 12892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1290e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(e.len); 12912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 129253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_KE))); 12932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 12942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 12952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 12962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 129753f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_id_print(netdissect_options *ndo, u_char tpay _U_, 1298892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const struct isakmp_gen *ext, u_int item_len, 1299892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep _U_, uint32_t phase, uint32_t doi _U_, 1300892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 13012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 13022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define USE_IPSECDOI_IN_PHASE1 1 130353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev1_pl_id *p; 130453f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev1_pl_id id; 13052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static const char *idtypestr[] = { 13062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "IPv4", "IPv4net", "IPv6", "IPv6net", 13072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project }; 13082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static const char *ipsecidtypestr[] = { 13092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL, "IPv4", "FQDN", "user FQDN", "IPv4net", "IPv6", 13102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "IPv6net", "IPv4range", "IPv6range", "ASN1 DN", "ASN1 GN", 13112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "keyid", 13122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project }; 13132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int len; 13142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *data; 13152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 131653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_ID))); 13172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1318e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev1_pl_id *)ext; 131953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 132053f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&id, ext, sizeof(id)); 13212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (sizeof(*p) < item_len) { 1322e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes data = (const u_char *)(p + 1); 13232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = item_len - sizeof(*p); 13242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else { 13252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project data = NULL; 13262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = 0; 13272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 13282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 13292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#if 0 /*debug*/ 133053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [phase=%d doi=%d proto=%d]", phase, doi, proto)); 13312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 13322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project switch (phase) { 13332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef USE_IPSECDOI_IN_PHASE1 13342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 1: 13352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 13362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project default: 133753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," idtype=%s", STR_OR_ID(id.d.id_type, idtypestr))); 133853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," doi_data=%u", 1339892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes (uint32_t)(ntohl(id.d.doi_data) & 0xffffff))); 13402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 13412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 13422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef USE_IPSECDOI_IN_PHASE1 13432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 1: 13442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 13452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case 2: 13462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 1347e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct ipsecdoi_id *doi_p; 1348e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes struct ipsecdoi_id doi_id; 13492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct protoent *pe; 13502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1351e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes doi_p = (const struct ipsecdoi_id *)ext; 1352e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_TCHECK(*doi_p); 1353e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes UNALIGNED_MEMCPY(&doi_id, ext, sizeof(doi_id)); 1354e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," idtype=%s", STR_OR_ID(doi_id.type, ipsecidtypestr))); 1355892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes /* A protocol ID of 0 DOES NOT mean IPPROTO_IP! */ 1356e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes pe = doi_id.proto_id ? getprotobynumber(doi_id.proto_id) : NULL; 1357892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes if (pe) 1358892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ND_PRINT((ndo," protoid=%s", pe->p_name)); 1359892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes else 1360e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," protoid=%u", doi_id.proto_id)); 1361e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," port=%d", ntohs(doi_id.port))); 13622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (!len) 13632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 13642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (data == NULL) 13652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 136653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK2(*data, len); 1367e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes switch (doi_id.type) { 13682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_IPV4_ADDR: 13692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (len < 4) 137053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d [bad: < 4]", len)); 13712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 1372892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ND_PRINT((ndo," len=%d %s", len, ipaddr_string(ndo, data))); 13732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = 0; 13742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 13752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_FQDN: 13762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_USER_FQDN: 13772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 13782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int i; 137953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d ", len)); 13802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project for (i = 0; i < len; i++) 1381892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes safeputchar(ndo, data[i]); 13822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = 0; 13832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 13842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 13852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_IPV4_ADDR_SUBNET: 13862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 13872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *mask; 13882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (len < 8) 138953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d [bad: < 8]", len)); 13902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else { 13912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project mask = data + sizeof(struct in_addr); 139253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d %s/%u.%u.%u.%u", len, 1393892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ipaddr_string(ndo, data), 139453f17a9db278d33517d9888dd77848f554522a38JP Abgrall mask[0], mask[1], mask[2], mask[3])); 13952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 13962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = 0; 13972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 13982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 13992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_IPV6_ADDR: 14002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (len < 16) 140153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d [bad: < 16]", len)); 14022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 1403892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ND_PRINT((ndo," len=%d %s", len, ip6addr_string(ndo, data))); 14042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = 0; 14052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 14062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_IPV6_ADDR_SUBNET: 14072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 140853f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *mask; 14092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (len < 20) 141053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d [bad: < 20]", len)); 14112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else { 1412e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes mask = (const u_char *)(data + sizeof(struct in6_addr)); 14132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /*XXX*/ 141453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d %s/0x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", len, 1415892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ip6addr_string(ndo, data), 141653f17a9db278d33517d9888dd77848f554522a38JP Abgrall mask[0], mask[1], mask[2], mask[3], 141753f17a9db278d33517d9888dd77848f554522a38JP Abgrall mask[4], mask[5], mask[6], mask[7], 141853f17a9db278d33517d9888dd77848f554522a38JP Abgrall mask[8], mask[9], mask[10], mask[11], 141953f17a9db278d33517d9888dd77848f554522a38JP Abgrall mask[12], mask[13], mask[14], mask[15])); 14202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 14212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = 0; 14222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 14232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 14242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_IPV4_ADDR_RANGE: 14252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (len < 8) 142653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d [bad: < 8]", len)); 14272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else { 142853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d %s-%s", len, 1429892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ipaddr_string(ndo, data), 1430892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ipaddr_string(ndo, data + sizeof(struct in_addr)))); 14312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 14322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = 0; 14332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 14342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_IPV6_ADDR_RANGE: 14352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (len < 32) 143653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d [bad: < 32]", len)); 14372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else { 143853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d %s-%s", len, 1439892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ip6addr_string(ndo, data), 1440892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ip6addr_string(ndo, data + sizeof(struct in6_addr)))); 14412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 14422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project len = 0; 14432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 14442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_DER_ASN1_DN: 14452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_DER_ASN1_GN: 14462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_ID_KEY_ID: 14472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 14482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 14492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 14502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 14512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 14522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (data && len) { 145353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", len)); 145453f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag) { 145553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1456e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)data, len)) 14572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 14582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 14592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1460e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + item_len; 14612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 146253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_ID))); 14632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 14642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 14652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 14662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 146753f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_cert_print(netdissect_options *ndo, u_char tpay _U_, 1468e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct isakmp_gen *ext, u_int item_len, 1469892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep _U_, uint32_t phase _U_, 1470892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi0 _U_, 1471892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0 _U_, int depth _U_) 14722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 147353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev1_pl_cert *p; 147453f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev1_pl_cert cert; 14752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static const char *certstr[] = { 14762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "none", "pkcs7", "pgp", "dns", 14772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "x509sign", "x509ke", "kerberos", "crl", 14782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "arl", "spki", "x509attr", 14792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project }; 14802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 148153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_CERT))); 14822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1483e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev1_pl_cert *)ext; 148453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 148553f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&cert, ext, sizeof(cert)); 148653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", item_len - 4)); 148753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", STR_OR_ID((cert.encode), certstr))); 148853f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < item_len) { 148953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1490e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), item_len - 4)) 14912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 14922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1493e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + item_len; 14942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 149553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_CERT))); 14962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 14972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 14982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 14992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 150053f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_cr_print(netdissect_options *ndo, u_char tpay _U_, 1501e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct isakmp_gen *ext, u_int item_len, 1502892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep _U_, uint32_t phase _U_, uint32_t doi0 _U_, 1503892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0 _U_, int depth _U_) 15042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 150553f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev1_pl_cert *p; 150653f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev1_pl_cert cert; 15072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static const char *certstr[] = { 15082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "none", "pkcs7", "pgp", "dns", 15092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "x509sign", "x509ke", "kerberos", "crl", 15102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "arl", "spki", "x509attr", 15112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project }; 15122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 151353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_CR))); 15142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1515e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev1_pl_cert *)ext; 151653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 151753f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&cert, ext, sizeof(cert)); 151853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", item_len - 4)); 151953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", STR_OR_ID((cert.encode), certstr))); 152053f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < item_len) { 152153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1522e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), item_len - 4)) 15232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 15242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1525e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + item_len; 15262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 152753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_CR))); 15282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 15292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 15302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 15312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 153253f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_hash_print(netdissect_options *ndo, u_char tpay _U_, 153353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, u_int item_len _U_, 1534892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep _U_, uint32_t phase _U_, uint32_t doi _U_, 1535892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 15362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 15372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct isakmp_gen e; 15382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 153953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_HASH))); 15402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 154153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 154253f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 154353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", ntohs(e.len) - 4)); 154453f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < ntohs(e.len)) { 154553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1546e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4)) 15472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 15482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1549e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(e.len); 15502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 155153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_HASH))); 15522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 15532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 15542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 15552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 155653f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_sig_print(netdissect_options *ndo, u_char tpay _U_, 155753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, u_int item_len _U_, 1558892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep _U_, uint32_t phase _U_, uint32_t doi _U_, 1559892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 15602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 15612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct isakmp_gen e; 15622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 156353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_SIG))); 15642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 156553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 156653f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 156753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", ntohs(e.len) - 4)); 156853f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < ntohs(e.len)) { 156953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1570e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4)) 15712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 15722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1573e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(e.len); 15742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 157553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_SIG))); 15762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 15772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 15782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 15792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 158053f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_nonce_print(netdissect_options *ndo, u_char tpay _U_, 158153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 158253f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, 1583e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const u_char *ep, 1584892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 1585892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 15862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 15872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct isakmp_gen e; 15882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 158953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_NONCE))); 15902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 159153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 159253f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 159353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," n len=%d", ntohs(e.len) - 4)); 159453f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < ntohs(e.len)) { 159553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1596e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4)) 159753f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 159853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else if (1 < ndo->ndo_vflag && 4 < ntohs(e.len)) { 159953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1600e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!ike_show_somedata(ndo, (const u_char *)(const uint8_t *)(ext + 1), ep)) 16012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 16022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1603e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(e.len); 16042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 160553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_NONCE))); 16062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 16072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 16082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 16092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 161053f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_n_print(netdissect_options *ndo, u_char tpay _U_, 161153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, u_int item_len, 1612892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep, uint32_t phase, uint32_t doi0 _U_, 1613892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0 _U_, int depth) 16142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 1615e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct ikev1_pl_n *p; 1616e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes struct ikev1_pl_n n; 16172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *cp; 1618e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const u_char *ep2; 1619892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi; 1620892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto; 16212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static const char *notify_error_str[] = { 16222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL, "INVALID-PAYLOAD-TYPE", 16232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "DOI-NOT-SUPPORTED", "SITUATION-NOT-SUPPORTED", 16242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INVALID-COOKIE", "INVALID-MAJOR-VERSION", 16252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INVALID-MINOR-VERSION", "INVALID-EXCHANGE-TYPE", 16262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INVALID-FLAGS", "INVALID-MESSAGE-ID", 16272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INVALID-PROTOCOL-ID", "INVALID-SPI", 16282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INVALID-TRANSFORM-ID", "ATTRIBUTES-NOT-SUPPORTED", 16292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "NO-PROPOSAL-CHOSEN", "BAD-PROPOSAL-SYNTAX", 16302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "PAYLOAD-MALFORMED", "INVALID-KEY-INFORMATION", 16312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INVALID-ID-INFORMATION", "INVALID-CERT-ENCODING", 16322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INVALID-CERTIFICATE", "CERT-TYPE-UNSUPPORTED", 16332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INVALID-CERT-AUTHORITY", "INVALID-HASH-INFORMATION", 16342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "AUTHENTICATION-FAILED", "INVALID-SIGNATURE", 16352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "ADDRESS-NOTIFICATION", "NOTIFY-SA-LIFETIME", 16362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "CERTIFICATE-UNAVAILABLE", "UNSUPPORTED-EXCHANGE-TYPE", 16372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "UNEQUAL-PAYLOAD-LENGTHS", 16382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project }; 16392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static const char *ipsec_notify_error_str[] = { 16402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "RESERVED", 16412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project }; 16422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static const char *notify_status_str[] = { 16432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "CONNECTED", 16442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project }; 16452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project static const char *ipsec_notify_status_str[] = { 16462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "RESPONDER-LIFETIME", "REPLAY-STATUS", 16472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "INITIAL-CONTACT", 16482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project }; 16492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* NOTE: these macro must be called with x in proper range */ 16502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 16512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 0 - 8191 */ 16522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define NOTIFY_ERROR_STR(x) \ 16532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project STR_OR_ID((x), notify_error_str) 16542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 16552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 8192 - 16383 */ 16562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define IPSEC_NOTIFY_ERROR_STR(x) \ 16572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project STR_OR_ID((u_int)((x) - 8192), ipsec_notify_error_str) 16582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 16592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 16384 - 24575 */ 16602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define NOTIFY_STATUS_STR(x) \ 16612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project STR_OR_ID((u_int)((x) - 16384), notify_status_str) 16622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 16632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 24576 - 32767 */ 16642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define IPSEC_NOTIFY_STATUS_STR(x) \ 16652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project STR_OR_ID((u_int)((x) - 24576), ipsec_notify_status_str) 16662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 166753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_N))); 16682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1669e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev1_pl_n *)ext; 167053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 167153f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&n, ext, sizeof(n)); 16722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project doi = ntohl(n.doi); 16732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project proto = n.prot_id; 16742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (doi != 1) { 167553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," doi=%d", doi)); 167653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," proto=%d", proto)); 16772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ntohs(n.type) < 8192) 167853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", NOTIFY_ERROR_STR(ntohs(n.type)))); 16792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else if (ntohs(n.type) < 16384) 168053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", numstr(ntohs(n.type)))); 16812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else if (ntohs(n.type) < 24576) 168253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", NOTIFY_STATUS_STR(ntohs(n.type)))); 16832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 168453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", numstr(ntohs(n.type)))); 16852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (n.spi_size) { 168653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," spi=")); 1687e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(p + 1), n.spi_size)) 16882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 16892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1690e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)(p + 1) + n.spi_size; 16912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 16922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 169353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," doi=ipsec")); 169453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," proto=%s", PROTOIDSTR(proto))); 16952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (ntohs(n.type) < 8192) 169653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", NOTIFY_ERROR_STR(ntohs(n.type)))); 16972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else if (ntohs(n.type) < 16384) 169853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", IPSEC_NOTIFY_ERROR_STR(ntohs(n.type)))); 16992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else if (ntohs(n.type) < 24576) 170053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", NOTIFY_STATUS_STR(ntohs(n.type)))); 17012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else if (ntohs(n.type) < 32768) 170253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", IPSEC_NOTIFY_STATUS_STR(ntohs(n.type)))); 17032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 170453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%s", numstr(ntohs(n.type)))); 17052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (n.spi_size) { 170653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," spi=")); 1707e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(p + 1), n.spi_size)) 17082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 17092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 17102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1711e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (const u_char *)(p + 1) + n.spi_size; 1712e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ep2 = (const u_char *)p + item_len; 17132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 17142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (cp < ep) { 171553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," orig=(")); 17162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project switch (ntohs(n.type)) { 17172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_NTYPE_RESPONDER_LIFETIME: 17182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 17192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const struct attrmap *map = oakley_t_map; 17202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project size_t nmap = sizeof(oakley_t_map)/sizeof(oakley_t_map[0]); 17212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project while (cp < ep && cp < ep2) { 172253f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ikev1_attrmap_print(ndo, cp, 17232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project (ep < ep2) ? ep : ep2, map, nmap); 17242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 17252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 17262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 17272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case IPSECDOI_NTYPE_REPLAY_STATUS: 172853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"replay detection %sabled", 172953f17a9db278d33517d9888dd77848f554522a38JP Abgrall EXTRACT_32BITS(cp) ? "en" : "dis")); 17302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 17312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN: 173253f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ikev1_sub_print(ndo, ISAKMP_NPTYPE_SA, 1733e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes (const struct isakmp_gen *)cp, ep, phase, doi, proto, 173453f17a9db278d33517d9888dd77848f554522a38JP Abgrall depth) == NULL) 17352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 17362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 17372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project default: 17382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* NULL is dummy */ 173953f17a9db278d33517d9888dd77848f554522a38JP Abgrall isakmp_print(ndo, cp, 17402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project item_len - sizeof(*p) - n.spi_size, 17412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project NULL); 17422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 174353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,")")); 17442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1745e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + item_len; 17462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 174753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_N))); 17482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 17492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 17502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 17512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 175253f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_d_print(netdissect_options *ndo, u_char tpay _U_, 175353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, u_int item_len _U_, 1754892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const u_char *ep _U_, uint32_t phase _U_, uint32_t doi0 _U_, 1755892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto0 _U_, int depth _U_) 17562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 175753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev1_pl_d *p; 175853f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev1_pl_d d; 1759892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes const uint8_t *q; 1760892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi; 1761892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto; 17622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int i; 17632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 176453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_D))); 17652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1766e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev1_pl_d *)ext; 176753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 176853f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&d, ext, sizeof(d)); 17692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project doi = ntohl(d.doi); 17702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project proto = d.prot_id; 17712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (doi != 1) { 177253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," doi=%u", doi)); 177353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," proto=%u", proto)); 17742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } else { 177553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," doi=ipsec")); 177653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," proto=%s", PROTOIDSTR(proto))); 17772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 177853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," spilen=%u", d.spi_size)); 177953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," nspi=%u", ntohs(d.num_spi))); 178053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," spi=")); 1781e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes q = (const uint8_t *)(p + 1); 17822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project for (i = 0; i < ntohs(d.num_spi); i++) { 17832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (i != 0) 178453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,",")); 1785e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)q, d.spi_size)) 17862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 17872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project q += d.spi_size; 17882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 17892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return q; 17902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 179153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_D))); 17922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 17932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 17942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 17952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 179653f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_vid_print(netdissect_options *ndo, u_char tpay _U_, 179753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 179853f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 1799892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 1800892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 18012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 18022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct isakmp_gen e; 18032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 180453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s:", NPSTR(ISAKMP_NPTYPE_VID))); 18052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 180653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 180753f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 180853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", ntohs(e.len) - 4)); 180953f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < ntohs(e.len)) { 181053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1811e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4)) 18122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 18132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1814e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(e.len); 18152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 181653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_VID))); 18172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 18182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 18192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 182053f17a9db278d33517d9888dd77848f554522a38JP Abgrall/************************************************************/ 182153f17a9db278d33517d9888dd77848f554522a38JP Abgrall/* */ 182253f17a9db278d33517d9888dd77848f554522a38JP Abgrall/* IKE v2 - rfc4306 - dissector */ 182353f17a9db278d33517d9888dd77848f554522a38JP Abgrall/* */ 182453f17a9db278d33517d9888dd77848f554522a38JP Abgrall/************************************************************/ 182553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 182653f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic void 182753f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev2_pay_print(netdissect_options *ndo, const char *payname, int critical) 182853f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 182953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s%s:", payname, critical&0x80 ? "[C]" : "")); 183053f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 183153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 18322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 183353f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev2_gen_print(netdissect_options *ndo, u_char tpay, 183453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext) 18352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 18362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project struct isakmp_gen e; 18372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 183853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 183953f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 184053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(tpay), e.critical); 18412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 184253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", ntohs(e.len) - 4)); 184353f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < ntohs(e.len)) { 184453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 1845e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4)) 184653f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 18472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1848e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(e.len); 18492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 185053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 18512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 18522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 18532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 18542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const u_char * 1855e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughesikev2_t_print(netdissect_options *ndo, int tcount, 185653f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, u_int item_len, 1857e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const u_char *ep) 18582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 185953f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev2_t *p; 186053f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev2_t t; 1861892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint16_t t_id; 18622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const u_char *cp; 186353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const char *idstr; 186453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct attrmap *map; 186553f17a9db278d33517d9888dd77848f554522a38JP Abgrall size_t nmap; 186653f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *ep2; 18672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1868e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev2_t *)ext; 186953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 187053f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&t, ext, sizeof(t)); 187153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(ISAKMP_NPTYPE_T), t.h.critical); 18722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 187353f17a9db278d33517d9888dd77848f554522a38JP Abgrall t_id = ntohs(t.t_id); 1874892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 187553f17a9db278d33517d9888dd77848f554522a38JP Abgrall map = NULL; 187653f17a9db278d33517d9888dd77848f554522a38JP Abgrall nmap = 0; 187753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 187853f17a9db278d33517d9888dd77848f554522a38JP Abgrall switch (t.t_type) { 187953f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_T_ENCR: 188053f17a9db278d33517d9888dd77848f554522a38JP Abgrall idstr = STR_OR_ID(t_id, esp_p_map); 188153f17a9db278d33517d9888dd77848f554522a38JP Abgrall map = encr_t_map; 188253f17a9db278d33517d9888dd77848f554522a38JP Abgrall nmap = sizeof(encr_t_map)/sizeof(encr_t_map[0]); 188353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 18842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 188553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_T_PRF: 188653f17a9db278d33517d9888dd77848f554522a38JP Abgrall idstr = STR_OR_ID(t_id, prf_p_map); 188753f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 18882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 188953f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_T_INTEG: 189053f17a9db278d33517d9888dd77848f554522a38JP Abgrall idstr = STR_OR_ID(t_id, integ_p_map); 189153f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 18922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 189353f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_T_DH: 189453f17a9db278d33517d9888dd77848f554522a38JP Abgrall idstr = STR_OR_ID(t_id, dh_p_map); 189553f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 18962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 189753f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_T_ESN: 189853f17a9db278d33517d9888dd77848f554522a38JP Abgrall idstr = STR_OR_ID(t_id, esn_p_map); 189953f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 190053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 190153f17a9db278d33517d9888dd77848f554522a38JP Abgrall default: 190253f17a9db278d33517d9888dd77848f554522a38JP Abgrall idstr = NULL; 190353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 190453f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 190553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 190653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (idstr) 1907e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," #%u type=%s id=%s ", tcount, 190853f17a9db278d33517d9888dd77848f554522a38JP Abgrall STR_OR_ID(t.t_type, ikev2_t_type_map), 190953f17a9db278d33517d9888dd77848f554522a38JP Abgrall idstr)); 191053f17a9db278d33517d9888dd77848f554522a38JP Abgrall else 1911e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," #%u type=%s id=%u ", tcount, 191253f17a9db278d33517d9888dd77848f554522a38JP Abgrall STR_OR_ID(t.t_type, ikev2_t_type_map), 191353f17a9db278d33517d9888dd77848f554522a38JP Abgrall t.t_id)); 1914e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (const u_char *)(p + 1); 1915e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ep2 = (const u_char *)p + item_len; 191653f17a9db278d33517d9888dd77848f554522a38JP Abgrall while (cp < ep && cp < ep2) { 191753f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (map && nmap) { 191853f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ikev1_attrmap_print(ndo, cp, (ep < ep2) ? ep : ep2, 191953f17a9db278d33517d9888dd77848f554522a38JP Abgrall map, nmap); 192053f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else 192153f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ikev1_attr_print(ndo, cp, (ep < ep2) ? ep : ep2); 19222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 192353f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ep < ep2) 192453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"...")); 19252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return cp; 19262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 192753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_T))); 19282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return NULL; 19292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 19302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 193153f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 193253f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev2_p_print(netdissect_options *ndo, u_char tpay _U_, int pcount _U_, 1933e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct isakmp_gen *ext, u_int oprop_length, 1934e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const u_char *ep, int depth) 19352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 193653f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct ikev2_p *p; 193753f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev2_p prop; 1938e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_int prop_length; 193953f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *cp; 1940e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes int i; 1941e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes int tcount; 1942e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_char np; 1943e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes struct isakmp_gen e; 1944e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_int item_len; 19452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1946e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev2_p *)ext; 194753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 194853f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&prop, ext, sizeof(prop)); 1949e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes 195053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(ISAKMP_NPTYPE_P), prop.h.critical); 19512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1952e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* 1953e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * ikev2_sa_print() guarantees that this is >= 4. 1954e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes */ 1955e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes prop_length = oprop_length - 4; 195653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," #%u protoid=%s transform=%d len=%u", 195753f17a9db278d33517d9888dd77848f554522a38JP Abgrall prop.p_no, PROTOIDSTR(prop.prot_id), 1958e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes prop.num_t, oprop_length)); 1959e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (const u_char *)(p + 1); 1960e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes 196153f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (prop.spi_size) { 1962e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (prop_length < prop.spi_size) 1963e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes goto toolong; 196453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," spi=")); 1965e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)cp, prop.spi_size)) 196653f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 1967e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp += prop.spi_size; 1968e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes prop_length -= prop.spi_size; 19692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 19702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1971e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* 1972e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * Print the transforms. 1973e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes */ 1974e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes tcount = 0; 1975e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes for (np = ISAKMP_NPTYPE_T; np != 0; np = e.np) { 1976e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes tcount++; 1977e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ext = (const struct isakmp_gen *)cp; 1978e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (prop_length < sizeof(*ext)) 1979e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes goto toolong; 1980e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_TCHECK(*ext); 19812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1982e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 1983e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes 1984e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* 1985e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * Since we can't have a payload length of less than 4 bytes, 1986e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * we need to bail out here if the generic header is nonsensical 1987e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * or truncated, otherwise we could loop forever processing 1988e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * zero-length items or otherwise misdissect the packet. 1989e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes */ 1990e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes item_len = ntohs(e.len); 1991e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (item_len <= 4) 1992e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes goto trunc; 1993e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes 1994e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (prop_length < item_len) 1995e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes goto toolong; 1996e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_TCHECK2(*cp, item_len); 1997892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 1998e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes depth++; 1999e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo,"\n")); 2000e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes for (i = 0; i < depth; i++) 2001e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," ")); 2002e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo,"(")); 2003e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (np == ISAKMP_NPTYPE_T) { 2004e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = ikev2_t_print(ndo, tcount, ext, item_len, ep); 2005e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (cp == NULL) { 2006e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* error, already reported */ 2007e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return NULL; 2008e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes } 2009e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes } else { 2010e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo, "%s", NPSTR(np))); 2011e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp += item_len; 2012e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes } 2013e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo,")")); 2014e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes depth--; 2015e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes prop_length -= item_len; 2016e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes } 2017e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return cp; 2018e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughestoolong: 2019e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* 2020e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * Skip the rest of the proposal. 2021e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes */ 2022e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp += prop_length; 2023e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_P))); 202453f17a9db278d33517d9888dd77848f554522a38JP Abgrall return cp; 202553f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 202653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_P))); 202753f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 202853f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 20292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 203053f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2031892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_sa_print(netdissect_options *ndo, u_char tpay, 203253f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext1, 2033e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_int osa_length, const u_char *ep, 2034892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2035e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes uint32_t proto _U_, int depth) 203653f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 2037e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct isakmp_gen *ext; 203853f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp_gen e; 2039e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_int sa_length; 2040e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const u_char *cp; 2041e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes int i; 2042e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes int pcount; 2043e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_char np; 2044e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_int item_len; 20452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 204653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext1); 204753f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext1, sizeof(e)); 204853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, "sa", e.critical); 20492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2050e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* 2051e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * ikev2_sub0_print() guarantees that this is >= 4. 2052e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes */ 205353f17a9db278d33517d9888dd77848f554522a38JP Abgrall osa_length= ntohs(e.len); 205453f17a9db278d33517d9888dd77848f554522a38JP Abgrall sa_length = osa_length - 4; 205553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", sa_length)); 20562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 2057e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* 2058e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * Print the payloads. 2059e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes */ 2060e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (const u_char *)(ext1 + 1); 2061e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes pcount = 0; 2062e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes for (np = ISAKMP_NPTYPE_P; np != 0; np = e.np) { 2063e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes pcount++; 2064e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ext = (const struct isakmp_gen *)cp; 2065e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (sa_length < sizeof(*ext)) 2066e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes goto toolong; 2067e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_TCHECK(*ext); 2068e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes 2069e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 2070e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes 2071e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* 2072e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * Since we can't have a payload length of less than 4 bytes, 2073e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * we need to bail out here if the generic header is nonsensical 2074e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * or truncated, otherwise we could loop forever processing 2075e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * zero-length items or otherwise misdissect the packet. 2076e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes */ 2077e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes item_len = ntohs(e.len); 2078e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (item_len <= 4) 2079e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes goto trunc; 2080e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes 2081e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (sa_length < item_len) 2082e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes goto toolong; 2083e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_TCHECK2(*cp, item_len); 208453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2085e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes depth++; 2086e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo,"\n")); 2087e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes for (i = 0; i < depth; i++) 2088e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," ")); 2089e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo,"(")); 2090e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (np == ISAKMP_NPTYPE_P) { 2091e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = ikev2_p_print(ndo, np, pcount, ext, item_len, 2092e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ep, depth); 2093e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (cp == NULL) { 2094e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* error, already reported */ 2095e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return NULL; 2096e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes } 2097e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes } else { 2098e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo, "%s", NPSTR(np))); 2099e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp += item_len; 2100e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes } 2101e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo,")")); 2102e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes depth--; 2103e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes sa_length -= item_len; 2104e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes } 2105e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return cp; 2106e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughestoolong: 2107e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes /* 2108e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes * Skip the rest of the SA. 2109e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes */ 2110e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp += sa_length; 2111e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 2112e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return cp; 211353f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 211453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 211553f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 211653f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 21172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 211853f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2119892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_ke_print(netdissect_options *ndo, u_char tpay, 212053f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 212153f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2122892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2123892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 212453f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 212553f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev2_ke ke; 2126e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct ikev2_ke *k; 212753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2128e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes k = (const struct ikev2_ke *)ext; 212953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 213053f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&ke, ext, sizeof(ke)); 213153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(tpay), ke.h.critical); 213253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 213353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%u group=%s", ntohs(ke.h.len) - 8, 213453f17a9db278d33517d9888dd77848f554522a38JP Abgrall STR_OR_ID(ntohs(ke.ke_group), dh_p_map))); 2135892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 213653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 8 < ntohs(ke.h.len)) { 213753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 2138e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(k + 1), ntohs(ke.h.len) - 8)) 213953f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 21402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 2141e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(ke.h.len); 214253f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 214353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 214453f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 214553f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 21462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 214753f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2148892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_ID_print(netdissect_options *ndo, u_char tpay, 214953f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 215053f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2151892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2152892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 215353f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 215453f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev2_id id; 215553f17a9db278d33517d9888dd77848f554522a38JP Abgrall int id_len, idtype_len, i; 215653f17a9db278d33517d9888dd77848f554522a38JP Abgrall unsigned int dumpascii, dumphex; 2157e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const unsigned char *typedata; 21582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 215953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 216053f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&id, ext, sizeof(id)); 216153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(tpay), id.h.critical); 21622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 216353f17a9db278d33517d9888dd77848f554522a38JP Abgrall id_len = ntohs(id.h.len); 21642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 216553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", id_len - 4)); 216653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < id_len) { 216753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 2168e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), id_len - 4)) 216953f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 217053f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 21712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 217253f17a9db278d33517d9888dd77848f554522a38JP Abgrall idtype_len =id_len - sizeof(struct ikev2_id); 217353f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumpascii = 0; 217453f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumphex = 0; 2175e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes typedata = (const unsigned char *)(ext)+sizeof(struct ikev2_id); 21762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 217753f17a9db278d33517d9888dd77848f554522a38JP Abgrall switch(id.type) { 217853f17a9db278d33517d9888dd77848f554522a38JP Abgrall case ID_IPV4_ADDR: 217953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " ipv4:")); 218053f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumphex=1; 218153f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 218253f17a9db278d33517d9888dd77848f554522a38JP Abgrall case ID_FQDN: 218353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " fqdn:")); 218453f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumpascii=1; 218553f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 218653f17a9db278d33517d9888dd77848f554522a38JP Abgrall case ID_RFC822_ADDR: 218753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " rfc822:")); 218853f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumpascii=1; 218953f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 219053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case ID_IPV6_ADDR: 219153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " ipv6:")); 219253f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumphex=1; 219353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 219453f17a9db278d33517d9888dd77848f554522a38JP Abgrall case ID_DER_ASN1_DN: 219553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " dn:")); 219653f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumphex=1; 219753f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 219853f17a9db278d33517d9888dd77848f554522a38JP Abgrall case ID_DER_ASN1_GN: 219953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " gn:")); 220053f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumphex=1; 220153f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 220253f17a9db278d33517d9888dd77848f554522a38JP Abgrall case ID_KEY_ID: 220353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " keyid:")); 220453f17a9db278d33517d9888dd77848f554522a38JP Abgrall dumphex=1; 220553f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 22062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 22072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 220853f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(dumpascii) { 220953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK2(*typedata, idtype_len); 221053f17a9db278d33517d9888dd77848f554522a38JP Abgrall for(i=0; i<idtype_len; i++) { 221153f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(ND_ISPRINT(typedata[i])) { 221253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, "%c", typedata[i])); 221353f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else { 221453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, ".")); 221553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 22162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 22172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 221853f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(dumphex) { 2219e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)typedata, idtype_len)) 222053f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 222153f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 222253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2223e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + id_len; 222453f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 222553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 222653f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 22272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 22282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 222953f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2230892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_cert_print(netdissect_options *ndo, u_char tpay, 223153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 223253f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2233892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2234892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 22352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 223653f17a9db278d33517d9888dd77848f554522a38JP Abgrall return ikev2_gen_print(ndo, tpay, ext); 223753f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 22382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 223953f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2240892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_cr_print(netdissect_options *ndo, u_char tpay, 224153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 224253f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2243892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2244892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 224553f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 224653f17a9db278d33517d9888dd77848f554522a38JP Abgrall return ikev2_gen_print(ndo, tpay, ext); 224753f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 224853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 224953f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2250892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_auth_print(netdissect_options *ndo, u_char tpay, 225153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 2252e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_int item_len _U_, const u_char *ep, 2253892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2254892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 225553f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 225653f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct ikev2_auth a; 225753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const char *v2_auth[]={ "invalid", "rsasig", 225853f17a9db278d33517d9888dd77848f554522a38JP Abgrall "shared-secret", "dsssig" }; 2259e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const u_char *authdata = (const u_char*)ext + sizeof(a); 226053f17a9db278d33517d9888dd77848f554522a38JP Abgrall unsigned int len; 226153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 226253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 226353f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&a, ext, sizeof(a)); 226453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(tpay), a.h.critical); 226553f17a9db278d33517d9888dd77848f554522a38JP Abgrall len = ntohs(a.h.len); 226653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2267892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes ND_PRINT((ndo," len=%d method=%s", len-4, 226853f17a9db278d33517d9888dd77848f554522a38JP Abgrall STR_OR_ID(a.auth_method, v2_auth))); 226953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 227053f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (1 < ndo->ndo_vflag && 4 < len) { 227153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," authdata=(")); 2272e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)authdata, len - sizeof(a))) 227353f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 227453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,") ")); 227553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else if(ndo->ndo_vflag && 4 < len) { 227653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(!ike_show_somedata(ndo, authdata, ep)) goto trunc; 227753f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 227853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2279e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + len; 228053f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 228153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 228253f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 228353f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 228453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 228553f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2286892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_nonce_print(netdissect_options *ndo, u_char tpay, 228753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 2288e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_int item_len _U_, const u_char *ep, 2289892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2290892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 229153f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 229253f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp_gen e; 229353f17a9db278d33517d9888dd77848f554522a38JP Abgrall 229453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 229553f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 229653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, "nonce", e.critical); 229753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 229853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", ntohs(e.len) - 4)); 229953f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (1 < ndo->ndo_vflag && 4 < ntohs(e.len)) { 230053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," nonce=(")); 2301e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4)) 230253f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 230353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,") ")); 230453f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else if(ndo->ndo_vflag && 4 < ntohs(e.len)) { 230553f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(!ike_show_somedata(ndo, (const u_char *)(ext+1), ep)) goto trunc; 230653f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 230753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2308e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(e.len); 230953f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 231053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 231153f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 231253f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 231353f17a9db278d33517d9888dd77848f554522a38JP Abgrall 231453f17a9db278d33517d9888dd77848f554522a38JP Abgrall/* notify payloads */ 231553f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2316892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_n_print(netdissect_options *ndo, u_char tpay _U_, 231753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 2318e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_int item_len, const u_char *ep, 2319892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2320892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 232153f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 2322e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const struct ikev2_n *p; 2323e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes struct ikev2_n n; 232453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *cp; 232553f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_char showspi, showdata, showsomedata; 232653f17a9db278d33517d9888dd77848f554522a38JP Abgrall const char *notify_name; 2327892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t type; 232853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2329e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes p = (const struct ikev2_n *)ext; 233053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*p); 233153f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&n, ext, sizeof(n)); 233253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(ISAKMP_NPTYPE_N), n.h.critical); 233353f17a9db278d33517d9888dd77848f554522a38JP Abgrall 233453f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 233553f17a9db278d33517d9888dd77848f554522a38JP Abgrall showdata = 0; 233653f17a9db278d33517d9888dd77848f554522a38JP Abgrall showsomedata=0; 233753f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name=NULL; 233853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 233953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," prot_id=%s", PROTOIDSTR(n.prot_id))); 234053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 234153f17a9db278d33517d9888dd77848f554522a38JP Abgrall type = ntohs(n.type); 234253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 234353f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* notify space is annoying sparse */ 234453f17a9db278d33517d9888dd77848f554522a38JP Abgrall switch(type) { 234553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_UNSUPPORTED_CRITICAL_PAYLOAD: 234653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "unsupported_critical_payload"; 234753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 234853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 234953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 235053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INVALID_IKE_SPI: 235153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "invalid_ike_spi"; 235253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 235353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 235453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 235553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INVALID_MAJOR_VERSION: 235653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "invalid_major_version"; 235753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 235853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 235953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 236053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INVALID_SYNTAX: 236153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "invalid_syntax"; 236253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 236353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 236453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 236553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INVALID_MESSAGE_ID: 236653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "invalid_message_id"; 236753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 236853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 236953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 237053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INVALID_SPI: 237153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "invalid_spi"; 237253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 237353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 237453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 237553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_NO_PROPOSAL_CHOSEN: 237653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "no_protocol_chosen"; 237753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 237853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 237953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 238053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INVALID_KE_PAYLOAD: 238153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "invalid_ke_payload"; 238253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 238353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 238453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 238553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_AUTHENTICATION_FAILED: 238653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "authentication_failed"; 238753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 238853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 238953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 239053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_SINGLE_PAIR_REQUIRED: 239153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "single_pair_required"; 239253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 239353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 239453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 239553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_NO_ADDITIONAL_SAS: 239653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "no_additional_sas"; 239753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 239853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 239953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 240053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INTERNAL_ADDRESS_FAILURE: 240153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "internal_address_failure"; 240253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 240353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 240453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2405892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes case IV2_NOTIFY_FAILED_CP_REQUIRED: 240653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "failed:cp_required"; 240753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 240853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 240953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 241053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INVALID_SELECTORS: 241153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "invalid_selectors"; 241253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 241353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 241453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 241553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_INITIAL_CONTACT: 241653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "initial_contact"; 241753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 241853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 241953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2420892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes case IV2_NOTIFY_SET_WINDOW_SIZE: 242153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "set_window_size"; 242253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 242353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 242453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 242553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_ADDITIONAL_TS_POSSIBLE: 242653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "additional_ts_possible"; 242753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 242853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 242953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2430892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes case IV2_NOTIFY_IPCOMP_SUPPORTED: 243153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "ipcomp_supported"; 243253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 243353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 243453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 243553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_NAT_DETECTION_SOURCE_IP: 243653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "nat_detection_source_ip"; 243753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 243853f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 243953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 244053f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_NAT_DETECTION_DESTINATION_IP: 244153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "nat_detection_destination_ip"; 244253f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 244353f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 244453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 244553f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_COOKIE: 244653f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "cookie"; 244753f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 244853f17a9db278d33517d9888dd77848f554522a38JP Abgrall showsomedata= 1; 244953f17a9db278d33517d9888dd77848f554522a38JP Abgrall showdata= 0; 245053f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 245153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 245253f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_USE_TRANSPORT_MODE: 245353f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "use_transport_mode"; 245453f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 245553f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 245653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 245753f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_HTTP_CERT_LOOKUP_SUPPORTED: 245853f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "http_cert_lookup_supported"; 245953f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 246053f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 246153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 246253f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_REKEY_SA: 246353f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "rekey_sa"; 246453f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 1; 246553f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 246653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 246753f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_ESP_TFC_PADDING_NOT_SUPPORTED: 246853f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "tfc_padding_not_supported"; 246953f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 247053f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 247153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 247253f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IV2_NOTIFY_NON_FIRST_FRAGMENTS_ALSO: 247353f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name = "non_first_fragment_also"; 247453f17a9db278d33517d9888dd77848f554522a38JP Abgrall showspi = 0; 247553f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 247653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 247753f17a9db278d33517d9888dd77848f554522a38JP Abgrall default: 247853f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (type < 8192) { 247953f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name="error"; 248053f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else if(type < 16384) { 248153f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name="private-error"; 248253f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else if(type < 40960) { 248353f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name="status"; 248453f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else { 248553f17a9db278d33517d9888dd77848f554522a38JP Abgrall notify_name="private-status"; 248653f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 248753f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 248853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 248953f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(notify_name) { 249053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," type=%u(%s)", type, notify_name)); 249153f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 2492892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 249353f17a9db278d33517d9888dd77848f554522a38JP Abgrall 249453f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (showspi && n.spi_size) { 249553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," spi=")); 2496e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(p + 1), n.spi_size)) 249753f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 249853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 249953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2500e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (const u_char *)(p + 1) + n.spi_size; 250153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 250253f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(3 < ndo->ndo_vflag) { 250353f17a9db278d33517d9888dd77848f554522a38JP Abgrall showdata = 1; 250453f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 250553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 250653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if ((showdata || (showsomedata && ep-cp < 30)) && cp < ep) { 250753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," data=(")); 2508e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(cp), ep - cp)) 250953f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 251053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 251153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,")")); 251253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 251353f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else if(showsomedata && cp < ep) { 251453f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(!ike_show_somedata(ndo, cp, ep)) goto trunc; 251553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 2516892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 2517e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + item_len; 251853f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 251953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(ISAKMP_NPTYPE_N))); 252053f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 252153f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 252253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 252353f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2524892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_d_print(netdissect_options *ndo, u_char tpay, 252553f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 252653f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2527892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2528892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 252953f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 253053f17a9db278d33517d9888dd77848f554522a38JP Abgrall return ikev2_gen_print(ndo, tpay, ext); 253153f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 253253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 253353f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2534892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_vid_print(netdissect_options *ndo, u_char tpay, 253553f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 253653f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2537892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2538892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 253953f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 254053f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp_gen e; 254153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *vid; 254253f17a9db278d33517d9888dd77848f554522a38JP Abgrall int i, len; 254353f17a9db278d33517d9888dd77848f554522a38JP Abgrall 254453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 254553f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 254653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(tpay), e.critical); 254753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d vid=", ntohs(e.len) - 4)); 254853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 254953f17a9db278d33517d9888dd77848f554522a38JP Abgrall vid = (const u_char *)(ext+1); 255053f17a9db278d33517d9888dd77848f554522a38JP Abgrall len = ntohs(e.len) - 4; 255153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK2(*vid, len); 255253f17a9db278d33517d9888dd77848f554522a38JP Abgrall for(i=0; i<len; i++) { 255353f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(ND_ISPRINT(vid[i])) ND_PRINT((ndo, "%c", vid[i])); 255453f17a9db278d33517d9888dd77848f554522a38JP Abgrall else ND_PRINT((ndo, ".")); 255553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 255653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < len) { 255753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 2558e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), ntohs(e.len) - 4)) 255953f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 256053f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 2561e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes return (const u_char *)ext + ntohs(e.len); 256253f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 256353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 256453f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 256553f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 256653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 256753f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2568892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_TS_print(netdissect_options *ndo, u_char tpay, 256953f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 257053f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2571892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2572892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 257353f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 257453f17a9db278d33517d9888dd77848f554522a38JP Abgrall return ikev2_gen_print(ndo, tpay, ext); 257553f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 257653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 257753f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 257853f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev2_e_print(netdissect_options *ndo, 257953f17a9db278d33517d9888dd77848f554522a38JP Abgrall#ifndef HAVE_LIBCRYPTO 258053f17a9db278d33517d9888dd77848f554522a38JP Abgrall _U_ 258153f17a9db278d33517d9888dd77848f554522a38JP Abgrall#endif 258253f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp *base, 2583892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes u_char tpay, 258453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 258553f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 258653f17a9db278d33517d9888dd77848f554522a38JP Abgrall#ifndef HAVE_LIBCRYPTO 258753f17a9db278d33517d9888dd77848f554522a38JP Abgrall _U_ 258853f17a9db278d33517d9888dd77848f554522a38JP Abgrall#endif 2589892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase, 259053f17a9db278d33517d9888dd77848f554522a38JP Abgrall#ifndef HAVE_LIBCRYPTO 259153f17a9db278d33517d9888dd77848f554522a38JP Abgrall _U_ 259253f17a9db278d33517d9888dd77848f554522a38JP Abgrall#endif 2593892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t doi, 259453f17a9db278d33517d9888dd77848f554522a38JP Abgrall#ifndef HAVE_LIBCRYPTO 259553f17a9db278d33517d9888dd77848f554522a38JP Abgrall _U_ 259653f17a9db278d33517d9888dd77848f554522a38JP Abgrall#endif 2597892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto, 259853f17a9db278d33517d9888dd77848f554522a38JP Abgrall#ifndef HAVE_LIBCRYPTO 259953f17a9db278d33517d9888dd77848f554522a38JP Abgrall _U_ 260053f17a9db278d33517d9888dd77848f554522a38JP Abgrall#endif 260153f17a9db278d33517d9888dd77848f554522a38JP Abgrall int depth) 260253f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 260353f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp_gen e; 2604e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes const u_char *dat; 260553f17a9db278d33517d9888dd77848f554522a38JP Abgrall volatile int dlen; 260653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 260753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 260853f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 260953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_pay_print(ndo, NPSTR(tpay), e.critical); 261053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 261153f17a9db278d33517d9888dd77848f554522a38JP Abgrall dlen = ntohs(e.len)-4; 261253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 261353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," len=%d", dlen)); 261453f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (2 < ndo->ndo_vflag && 4 < dlen) { 261553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 2616e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (!rawprint(ndo, (const uint8_t *)(ext + 1), dlen)) 261753f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto trunc; 261853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 261953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2620e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes dat = (const u_char *)(ext+1); 262153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK2(*dat, dlen); 2622892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 262353f17a9db278d33517d9888dd77848f554522a38JP Abgrall#ifdef HAVE_LIBCRYPTO 262453f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* try to decypt it! */ 262553f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(esp_print_decrypt_buffer_by_ikev2(ndo, 262653f17a9db278d33517d9888dd77848f554522a38JP Abgrall base->flags & ISAKMP_FLAG_I, 262753f17a9db278d33517d9888dd77848f554522a38JP Abgrall base->i_ck, base->r_ck, 262853f17a9db278d33517d9888dd77848f554522a38JP Abgrall dat, dat+dlen)) { 2629892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 263053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ext = (const struct isakmp_gen *)ndo->ndo_packetp; 263153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 263253f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* got it decrypted, print stuff inside. */ 263353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_sub_print(ndo, base, e.np, ext, ndo->ndo_snapend, 263453f17a9db278d33517d9888dd77848f554522a38JP Abgrall phase, doi, proto, depth+1); 263553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 263653f17a9db278d33517d9888dd77848f554522a38JP Abgrall#endif 2637892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 263853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 263953f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* always return NULL, because E must be at end, and NP refers 264053f17a9db278d33517d9888dd77848f554522a38JP Abgrall * to what was inside. 264153f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 264253f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 264353f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 264453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(tpay))); 264553f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 264653f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 264753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 264853f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2649892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_cp_print(netdissect_options *ndo, u_char tpay, 265053f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 265153f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2652892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2653892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 265453f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 265553f17a9db278d33517d9888dd77848f554522a38JP Abgrall return ikev2_gen_print(ndo, tpay, ext); 265653f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 265753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 265853f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 2659892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughesikev2_eap_print(netdissect_options *ndo, u_char tpay, 266053f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, 266153f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len _U_, const u_char *ep _U_, 2662892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase _U_, uint32_t doi _U_, 2663892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t proto _U_, int depth _U_) 266453f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 266553f17a9db278d33517d9888dd77848f554522a38JP Abgrall return ikev2_gen_print(ndo, tpay, ext); 266653f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 266753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 266853f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 266953f17a9db278d33517d9888dd77848f554522a38JP Abgrallike_sub0_print(netdissect_options *ndo, 267053f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_char np, const struct isakmp_gen *ext, const u_char *ep, 267153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2672892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase, uint32_t doi, uint32_t proto, int depth) 267353f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 267453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *cp; 267553f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp_gen e; 267653f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len; 267753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2678e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (const u_char *)ext; 267953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 268053f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 268153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 268253f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* 268353f17a9db278d33517d9888dd77848f554522a38JP Abgrall * Since we can't have a payload length of less than 4 bytes, 268453f17a9db278d33517d9888dd77848f554522a38JP Abgrall * we need to bail out here if the generic header is nonsensical 268553f17a9db278d33517d9888dd77848f554522a38JP Abgrall * or truncated, otherwise we could loop forever processing 268653f17a9db278d33517d9888dd77848f554522a38JP Abgrall * zero-length items or otherwise misdissect the packet. 268753f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 268853f17a9db278d33517d9888dd77848f554522a38JP Abgrall item_len = ntohs(e.len); 268953f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (item_len <= 4) 269053f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 269153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 269253f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (NPFUNC(np)) { 269353f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* 269453f17a9db278d33517d9888dd77848f554522a38JP Abgrall * XXX - what if item_len is too short, or too long, 269553f17a9db278d33517d9888dd77848f554522a38JP Abgrall * for this payload type? 269653f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 269753f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = (*npfunc[np])(ndo, np, ext, item_len, ep, phase, doi, proto, depth); 269853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else { 269953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s", NPSTR(np))); 270053f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp += item_len; 270153f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 270253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 270353f17a9db278d33517d9888dd77848f554522a38JP Abgrall return cp; 270453f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 270553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|isakmp]")); 270653f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 270753f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 270853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 270953f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 271053f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_sub_print(netdissect_options *ndo, 271153f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_char np, const struct isakmp_gen *ext, const u_char *ep, 2712892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase, uint32_t doi, uint32_t proto, int depth) 271353f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 271453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *cp; 271553f17a9db278d33517d9888dd77848f554522a38JP Abgrall int i; 271653f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp_gen e; 271753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 271853f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = (const u_char *)ext; 271953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 272053f17a9db278d33517d9888dd77848f554522a38JP Abgrall while (np) { 272153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 272253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 272353f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 272453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 272553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK2(*ext, ntohs(e.len)); 272653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 272753f17a9db278d33517d9888dd77848f554522a38JP Abgrall depth++; 272853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"\n")); 272953f17a9db278d33517d9888dd77848f554522a38JP Abgrall for (i = 0; i < depth; i++) 273053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 273153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"(")); 273253f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ike_sub0_print(ndo, np, ext, ep, phase, doi, proto, depth); 273353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,")")); 273453f17a9db278d33517d9888dd77848f554522a38JP Abgrall depth--; 273553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 273653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (cp == NULL) { 273753f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* Zero-length subitem */ 273853f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 273953f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 274053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 274153f17a9db278d33517d9888dd77848f554522a38JP Abgrall np = e.np; 2742e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ext = (const struct isakmp_gen *)cp; 274353f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 274453f17a9db278d33517d9888dd77848f554522a38JP Abgrall return cp; 274553f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 274653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(np))); 274753f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 274853f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 274953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 275053f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic char * 275153f17a9db278d33517d9888dd77848f554522a38JP Abgrallnumstr(int x) 275253f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 275353f17a9db278d33517d9888dd77848f554522a38JP Abgrall static char buf[20]; 275453f17a9db278d33517d9888dd77848f554522a38JP Abgrall snprintf(buf, sizeof(buf), "#%d", x); 275553f17a9db278d33517d9888dd77848f554522a38JP Abgrall return buf; 275653f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 275753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 275853f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic void 275953f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev1_print(netdissect_options *ndo, 276053f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp, u_int length, 276153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp2, struct isakmp *base) 276253f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 276353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp *p; 276453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *ep; 276553f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_char np; 276653f17a9db278d33517d9888dd77848f554522a38JP Abgrall int i; 276753f17a9db278d33517d9888dd77848f554522a38JP Abgrall int phase; 2768892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 276953f17a9db278d33517d9888dd77848f554522a38JP Abgrall p = (const struct isakmp *)bp; 277053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ep = ndo->ndo_snapend; 2771892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 277253f17a9db278d33517d9888dd77848f554522a38JP Abgrall phase = (EXTRACT_32BITS(base->msgid) == 0) ? 1 : 2; 277353f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (phase == 1) 277453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," phase %d", phase)); 277553f17a9db278d33517d9888dd77848f554522a38JP Abgrall else 277653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," phase %d/others", phase)); 2777892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 277853f17a9db278d33517d9888dd77848f554522a38JP Abgrall i = cookie_find(&base->i_ck); 277953f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (i < 0) { 2780e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (iszero((const u_char *)&base->r_ck, sizeof(base->r_ck))) { 278153f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* the first packet */ 278253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," I")); 278353f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (bp2) 278453f17a9db278d33517d9888dd77848f554522a38JP Abgrall cookie_record(&base->i_ck, bp2); 278553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else 278653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ?")); 278753f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else { 278853f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (bp2 && cookie_isinitiator(i, bp2)) 278953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," I")); 279053f17a9db278d33517d9888dd77848f554522a38JP Abgrall else if (bp2 && cookie_isresponder(i, bp2)) 279153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," R")); 279253f17a9db278d33517d9888dd77848f554522a38JP Abgrall else 279353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ?")); 279453f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 2795892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 279653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," %s", ETYPESTR(base->etype))); 279753f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (base->flags) { 279853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"[%s%s]", base->flags & ISAKMP_FLAG_E ? "E" : "", 279953f17a9db278d33517d9888dd77848f554522a38JP Abgrall base->flags & ISAKMP_FLAG_C ? "C" : "")); 280053f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 2801892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 280253f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ndo->ndo_vflag) { 280353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext; 2804892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 280553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,":")); 2806892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 280753f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* regardless of phase... */ 280853f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (base->flags & ISAKMP_FLAG_E) { 280953f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* 281053f17a9db278d33517d9888dd77848f554522a38JP Abgrall * encrypted, nothing we can do right now. 281153f17a9db278d33517d9888dd77848f554522a38JP Abgrall * we hope to decrypt the packet in the future... 281253f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 281353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [encrypted %s]", NPSTR(base->np))); 281453f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto done; 281553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 2816892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 281753f17a9db278d33517d9888dd77848f554522a38JP Abgrall CHECKLEN(p + 1, base->np); 281853f17a9db278d33517d9888dd77848f554522a38JP Abgrall np = base->np; 2819e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ext = (const struct isakmp_gen *)(p + 1); 282053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_sub_print(ndo, np, ext, ep, phase, 0, 0, 0); 282153f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 2822892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 282353f17a9db278d33517d9888dd77848f554522a38JP Abgralldone: 282453f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ndo->ndo_vflag) { 282553f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ntohl(base->len) != length) { 282653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," (len mismatch: isakmp %u/ip %u)", 2827892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes (uint32_t)ntohl(base->len), length)); 282853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 282953f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 283053f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 283153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 283253f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 283353f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev2_sub0_print(netdissect_options *ndo, struct isakmp *base, 2834e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes u_char np, 283553f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext, const u_char *ep, 2836892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase, uint32_t doi, uint32_t proto, int depth) 283753f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 283853f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *cp; 283953f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp_gen e; 284053f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_int item_len; 284153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2842e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (const u_char *)ext; 284353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 284453f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 284553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 284653f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* 284753f17a9db278d33517d9888dd77848f554522a38JP Abgrall * Since we can't have a payload length of less than 4 bytes, 284853f17a9db278d33517d9888dd77848f554522a38JP Abgrall * we need to bail out here if the generic header is nonsensical 284953f17a9db278d33517d9888dd77848f554522a38JP Abgrall * or truncated, otherwise we could loop forever processing 285053f17a9db278d33517d9888dd77848f554522a38JP Abgrall * zero-length items or otherwise misdissect the packet. 285153f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 285253f17a9db278d33517d9888dd77848f554522a38JP Abgrall item_len = ntohs(e.len); 285353f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (item_len <= 4) 285453f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 285553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2856e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if (np == ISAKMP_NPTYPE_v2E) { 285753f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = ikev2_e_print(ndo, base, np, ext, item_len, 285853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ep, phase, doi, proto, depth); 285953f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else if (NPFUNC(np)) { 286053f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* 286153f17a9db278d33517d9888dd77848f554522a38JP Abgrall * XXX - what if item_len is too short, or too long, 286253f17a9db278d33517d9888dd77848f554522a38JP Abgrall * for this payload type? 286353f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 2864e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = (*npfunc[np])(ndo, np, ext, item_len, 286553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ep, phase, doi, proto, depth); 286653f17a9db278d33517d9888dd77848f554522a38JP Abgrall } else { 286753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"%s", NPSTR(np))); 286853f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp += item_len; 286953f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 287053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 287153f17a9db278d33517d9888dd77848f554522a38JP Abgrall return cp; 287253f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 287353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|isakmp]")); 287453f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 287553f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 287653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 287753f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic const u_char * 287853f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev2_sub_print(netdissect_options *ndo, 287953f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp *base, 288053f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_char np, const struct isakmp_gen *ext, const u_char *ep, 2881892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes uint32_t phase, uint32_t doi, uint32_t proto, int depth) 288253f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 288353f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *cp; 288453f17a9db278d33517d9888dd77848f554522a38JP Abgrall int i; 288553f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp_gen e; 288653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 288753f17a9db278d33517d9888dd77848f554522a38JP Abgrall cp = (const u_char *)ext; 288853f17a9db278d33517d9888dd77848f554522a38JP Abgrall while (np) { 288953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK(*ext); 289053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 289153f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&e, ext, sizeof(e)); 289253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 289353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_TCHECK2(*ext, ntohs(e.len)); 289453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 289553f17a9db278d33517d9888dd77848f554522a38JP Abgrall depth++; 289653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"\n")); 289753f17a9db278d33517d9888dd77848f554522a38JP Abgrall for (i = 0; i < depth; i++) 289853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," ")); 289953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"(")); 2900e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes cp = ikev2_sub0_print(ndo, base, np, 290153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ext, ep, phase, doi, proto, depth); 290253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,")")); 290353f17a9db278d33517d9888dd77848f554522a38JP Abgrall depth--; 290453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 290553f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (cp == NULL) { 290653f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* Zero-length subitem */ 290753f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 290853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 290953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 291053f17a9db278d33517d9888dd77848f554522a38JP Abgrall np = e.np; 2911e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ext = (const struct isakmp_gen *)cp; 291253f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 291353f17a9db278d33517d9888dd77848f554522a38JP Abgrall return cp; 291453f17a9db278d33517d9888dd77848f554522a38JP Abgralltrunc: 291553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," [|%s]", NPSTR(np))); 291653f17a9db278d33517d9888dd77848f554522a38JP Abgrall return NULL; 291753f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 291853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 291953f17a9db278d33517d9888dd77848f554522a38JP Abgrallstatic void 292053f17a9db278d33517d9888dd77848f554522a38JP Abgrallikev2_print(netdissect_options *ndo, 292153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp, u_int length, 292253f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp2 _U_, struct isakmp *base) 292353f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 292453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp *p; 292553f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *ep; 292653f17a9db278d33517d9888dd77848f554522a38JP Abgrall u_char np; 292753f17a9db278d33517d9888dd77848f554522a38JP Abgrall int phase; 292853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 292953f17a9db278d33517d9888dd77848f554522a38JP Abgrall p = (const struct isakmp *)bp; 293053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ep = ndo->ndo_snapend; 293153f17a9db278d33517d9888dd77848f554522a38JP Abgrall 293253f17a9db278d33517d9888dd77848f554522a38JP Abgrall phase = (EXTRACT_32BITS(base->msgid) == 0) ? 1 : 2; 293353f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (phase == 1) 293453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " parent_sa")); 293553f17a9db278d33517d9888dd77848f554522a38JP Abgrall else 293653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " child_sa ")); 293753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 293853f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " %s", ETYPESTR(base->etype))); 293953f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (base->flags) { 294053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, "[%s%s%s]", 294153f17a9db278d33517d9888dd77848f554522a38JP Abgrall base->flags & ISAKMP_FLAG_I ? "I" : "", 294253f17a9db278d33517d9888dd77848f554522a38JP Abgrall base->flags & ISAKMP_FLAG_V ? "V" : "", 294353f17a9db278d33517d9888dd77848f554522a38JP Abgrall base->flags & ISAKMP_FLAG_R ? "R" : "")); 294453f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 294553f17a9db278d33517d9888dd77848f554522a38JP Abgrall 294653f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ndo->ndo_vflag) { 294753f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp_gen *ext; 294853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 294953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, ":")); 295053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 295153f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* regardless of phase... */ 295253f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (base->flags & ISAKMP_FLAG_E) { 295353f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* 295453f17a9db278d33517d9888dd77848f554522a38JP Abgrall * encrypted, nothing we can do right now. 295553f17a9db278d33517d9888dd77848f554522a38JP Abgrall * we hope to decrypt the packet in the future... 295653f17a9db278d33517d9888dd77848f554522a38JP Abgrall */ 295753f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " [encrypted %s]", NPSTR(base->np))); 295853f17a9db278d33517d9888dd77848f554522a38JP Abgrall goto done; 295953f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 296053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 296153f17a9db278d33517d9888dd77848f554522a38JP Abgrall CHECKLEN(p + 1, base->np) 296253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 296353f17a9db278d33517d9888dd77848f554522a38JP Abgrall np = base->np; 2964e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes ext = (const struct isakmp_gen *)(p + 1); 296553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_sub_print(ndo, base, np, ext, ep, phase, 0, 0, 0); 296653f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 296753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 296853f17a9db278d33517d9888dd77848f554522a38JP Abgralldone: 296953f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ndo->ndo_vflag) { 297053f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ntohl(base->len) != length) { 297153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, " (len mismatch: isakmp %u/ip %u)", 2972892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes (uint32_t)ntohl(base->len), length)); 297353f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 297453f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 297553f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 297653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 297753f17a9db278d33517d9888dd77848f554522a38JP Abgrallvoid 297853f17a9db278d33517d9888dd77848f554522a38JP Abgrallisakmp_print(netdissect_options *ndo, 297953f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp, u_int length, 298053f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp2) 298153f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 298253f17a9db278d33517d9888dd77848f554522a38JP Abgrall const struct isakmp *p; 298353f17a9db278d33517d9888dd77848f554522a38JP Abgrall struct isakmp base; 298453f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *ep; 298553f17a9db278d33517d9888dd77848f554522a38JP Abgrall int major, minor; 298653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 298753f17a9db278d33517d9888dd77848f554522a38JP Abgrall#ifdef HAVE_LIBCRYPTO 298853f17a9db278d33517d9888dd77848f554522a38JP Abgrall /* initialize SAs */ 298953f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ndo->ndo_sa_list_head == NULL) { 299053f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ndo->ndo_espsecret) 299153f17a9db278d33517d9888dd77848f554522a38JP Abgrall esp_print_decodesecret(ndo); 299253f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 299353f17a9db278d33517d9888dd77848f554522a38JP Abgrall#endif 299453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 299553f17a9db278d33517d9888dd77848f554522a38JP Abgrall p = (const struct isakmp *)bp; 299653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ep = ndo->ndo_snapend; 299753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 2998e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes if ((const struct isakmp *)ep < p + 1) { 299953f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"[|isakmp]")); 300053f17a9db278d33517d9888dd77848f554522a38JP Abgrall return; 300153f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 300253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 300353f17a9db278d33517d9888dd77848f554522a38JP Abgrall UNALIGNED_MEMCPY(&base, p, sizeof(base)); 300453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 300553f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"isakmp")); 300653f17a9db278d33517d9888dd77848f554522a38JP Abgrall major = (base.vers & ISAKMP_VERS_MAJOR) 300753f17a9db278d33517d9888dd77848f554522a38JP Abgrall >> ISAKMP_VERS_MAJOR_SHIFT; 300853f17a9db278d33517d9888dd77848f554522a38JP Abgrall minor = (base.vers & ISAKMP_VERS_MINOR) 300953f17a9db278d33517d9888dd77848f554522a38JP Abgrall >> ISAKMP_VERS_MINOR_SHIFT; 301053f17a9db278d33517d9888dd77848f554522a38JP Abgrall 301153f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ndo->ndo_vflag) { 301253f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," %d.%d", major, minor)); 301353f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 301453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 301553f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (ndo->ndo_vflag) { 301653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," msgid ")); 3017e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes hexprint(ndo, (const uint8_t *)&base.msgid, sizeof(base.msgid)); 301853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 301953f17a9db278d33517d9888dd77848f554522a38JP Abgrall 302053f17a9db278d33517d9888dd77848f554522a38JP Abgrall if (1 < ndo->ndo_vflag) { 302153f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo," cookie ")); 3022e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes hexprint(ndo, (const uint8_t *)&base.i_ck, sizeof(base.i_ck)); 302353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"->")); 3024e2e3bd11bd7561bc9d6686283a668fa94e1206b7Elliott Hughes hexprint(ndo, (const uint8_t *)&base.r_ck, sizeof(base.r_ck)); 302553f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 302653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,":")); 302753f17a9db278d33517d9888dd77848f554522a38JP Abgrall 302853f17a9db278d33517d9888dd77848f554522a38JP Abgrall switch(major) { 302953f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IKEv1_MAJOR_VERSION: 303053f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev1_print(ndo, bp, length, bp2, &base); 303153f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 303253f17a9db278d33517d9888dd77848f554522a38JP Abgrall 303353f17a9db278d33517d9888dd77848f554522a38JP Abgrall case IKEv2_MAJOR_VERSION: 303453f17a9db278d33517d9888dd77848f554522a38JP Abgrall ikev2_print(ndo, bp, length, bp2, &base); 303553f17a9db278d33517d9888dd77848f554522a38JP Abgrall break; 303653f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 303753f17a9db278d33517d9888dd77848f554522a38JP Abgrall} 303853f17a9db278d33517d9888dd77848f554522a38JP Abgrall 303953f17a9db278d33517d9888dd77848f554522a38JP Abgrallvoid 304053f17a9db278d33517d9888dd77848f554522a38JP Abgrallisakmp_rfc3948_print(netdissect_options *ndo, 304153f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp, u_int length, 304253f17a9db278d33517d9888dd77848f554522a38JP Abgrall const u_char *bp2) 304353f17a9db278d33517d9888dd77848f554522a38JP Abgrall{ 304453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 304553f17a9db278d33517d9888dd77848f554522a38JP Abgrall if(length == 1 && bp[0]==0xff) { 304653f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo, "isakmp-nat-keep-alive")); 304753f17a9db278d33517d9888dd77848f554522a38JP Abgrall return; 304853f17a9db278d33517d9888dd77848f554522a38JP Abgrall } 30492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 30502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if(length < 4) { 30512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project goto trunc; 30522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 3053892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 30542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* 30552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * see if this is an IKE packet 30562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 30572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if(bp[0]==0 && bp[1]==0 && bp[2]==0 && bp[3]==0) { 30582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ND_PRINT((ndo, "NONESP-encap: ")); 30592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project isakmp_print(ndo, bp+4, length-4, bp2); 30602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 30612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 30622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 30632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* must be an ESP packet */ 30642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 30652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int nh, enh, padlen; 30662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project int advance; 30672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 30682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ND_PRINT((ndo, "UDP-encap: ")); 30692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 30702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project advance = esp_print(ndo, bp, length, bp2, &enh, &padlen); 30712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if(advance <= 0) 30722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 30732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 30742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project bp += advance; 30752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project length -= advance + padlen; 30762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project nh = enh & 0xff; 3077892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 30782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ip_print_inner(ndo, bp, length, nh, bp2); 30792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 30802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 30812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 30822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 308353f17a9db278d33517d9888dd77848f554522a38JP Abgrall ND_PRINT((ndo,"[|isakmp]")); 30842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return; 30852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 30862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 30872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 30882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Local Variables: 30892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * c-style: whitesmith 30902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * c-basic-offset: 8 30912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * End: 30922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 309353f17a9db278d33517d9888dd77848f554522a38JP Abgrall 309453f17a9db278d33517d9888dd77848f554522a38JP Abgrall 3095892a68bdf2f50b40781212e4d7ee7369c8165953Elliott Hughes 309653f17a9db278d33517d9888dd77848f554522a38JP Abgrall 3097