xref: /openbsd-src/usr.sbin/tcpdump/print-ipsec.c (revision 1fc27e414118cd8922c6b93fbaeb7a5246bfd593) 
1 /*
2  * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999
3  *      The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that: (1) source code distributions
7  * retain the above copyright notice and this paragraph in its entirety, (2)
8  * distributions including binary code include the above copyright notice and
9  * this paragraph in its entirety in the documentation or other materials
10  * provided with the distribution, and (3) all advertising materials mentioning
11  * features or use of this software display the following acknowledgement:
12  * ``This product includes software developed by the University of California,
13  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14  * the University nor the names of its contributors may be used to endorse
15  * or promote products derived from this software without specific prior
16  * written permission.
17  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20  *
21  * Format and print ipsec (esp/ah) packets.
22  *      By Tero Kivinen <kivinen@ssh.fi>, Tero Mononen <tmo@ssh.fi>,
23  *         Tatu Ylonen <ylo@ssh.fi> and Timo J. Rinne <tri@ssh.fi>
24  *         in co-operation with SSH Communications Security, Espoo, Finland
25  */
26 
27 #ifndef lint
28 static const char rcsid[] =
29     "@(#) $Header: /home/cvs/src/usr.sbin/tcpdump/print-ipsec.c,v 1.3 1999/10/29 09:44:07 ho Exp $ (XXX)";
30 #endif
31 
32 #include <sys/param.h>
33 #include <sys/time.h>
34 #include <sys/socket.h>
35 
36 #include <netinet/in.h>
37 #include <netinet/in_systm.h>
38 #include <netinet/ip.h>
39 #include <netinet/ip_var.h>
40 #include <netinet/udp.h>
41 #include <netinet/udp_var.h>
42 #include <netinet/tcp.h>
43 #include <netinet/tcpip.h>
44 
45 #ifdef HAVE_MALLOC_H
46 #include <malloc.h>
47 #endif
48 #include <stdio.h>
49 #include <stdlib.h>
50 #include <string.h>
51 #include <unistd.h>
52 
53 #include "addrtoname.h"
54 #include "interface.h"
55 #include "extract.h"		    /* must come after interface.h */
56 
57 /*
58  * IPSec/ESP header
59  */
60 struct esp_hdr {
61 	u_int esp_spi;
62 	u_int esp_seq;
63 };
64 
65 void esp_print(register const u_char *bp, register u_int len,
66 	       register const u_char *bp2)
67 {
68 	const struct ip *ip;
69 	const struct esp_hdr *esp;
70 
71 	ip = (const struct ip *)bp2;
72 	esp = (const struct esp_hdr *)bp;
73 
74 	(void)printf("esp %s > %s spi 0x%08X seq %d len %d",
75 		     ipaddr_string(&ip->ip_src),
76 		     ipaddr_string(&ip->ip_dst),
77 		     ntohl(esp->esp_spi), ntohl(esp->esp_seq), len);
78 
79 }
80 
81 /*
82  * IPSec/AH header
83  */
84 struct ah_hdr {
85 	u_char  ah_nxt_hdr;
86 	u_char  ah_pl_len;
87 	u_short ah_reserved;
88 	u_int   ah_spi;
89 	u_int   ah_seq;
90 };
91 
92 ah_print(register const u_char *bp, register u_int len,
93 	 register const u_char *bp2)
94 {
95 	const struct ip *ip;
96 	const struct ah_hdr *ah;
97 	u_int pl_len;
98 
99 	ip = (const struct ip *)bp2;
100 	ah = (const struct ah_hdr *)bp;
101 
102 	(void)printf("ah %s > %s spi 0x%08X seq %d len %d",
103 		     ipaddr_string(&ip->ip_src),
104 		     ipaddr_string(&ip->ip_dst),
105 		     ntohl(ah->ah_spi), ntohl(ah->ah_seq), len);
106 
107 	if (vflag) {
108 	        (void)printf("\n\t[ ");
109 
110 	        pl_len = (ah->ah_pl_len + 2) << 2; /* RFC2402, sec 2.2 */
111 
112 		if (len - pl_len <= 0) {
113 		        (void)printf("truncated");
114 			goto out;
115 		}
116 
117 		switch (ah->ah_nxt_hdr) {
118 
119 		case IPPROTO_IPIP: /* Tunnel Mode, IP-in-IP */
120 		        ip_print(bp + pl_len, len - pl_len);
121 			break;
122 
123 	        case IPPROTO_ICMP: /* From here and down; Transport mode */
124 		        icmp_print(bp + pl_len, (const u_char *) ip);
125 			break;
126 
127 	        case IPPROTO_TCP:
128 		        tcp_print(bp + pl_len, len - pl_len,
129 				  (const u_char *) ip);
130 			break;
131 
132 	        case IPPROTO_UDP:
133 		        udp_print(bp + pl_len, len - pl_len,
134 				  (const u_char *) ip);
135 			break;
136 
137 		case IPPROTO_ESP:
138 		        esp_print(bp + pl_len, len - pl_len,
139 				  (const u_char *) ip);
140 			break;
141 
142 		case IPPROTO_AH:
143 		        ah_print(bp + pl_len, len - pl_len,
144 				 (const u_char *) ip);
145 			break;
146 
147 		default:
148 		        (void)printf("ip-proto-%d len %d", ah->ah_nxt_hdr,
149 				     len - pl_len);
150 		}
151 out:
152 		(void)printf(" ]");
153 	}
154 
155 }
156