xref: /openbsd-src/usr.sbin/tcpdump/print-ipsec.c (revision ce7e0fc6a9d74d25b78fb6ad846387717f5172b6) 
1 /*	$OpenBSD: print-ipsec.c,v 1.6 2001/06/27 03:34:44 angelos Exp $	*/
2 
3 /*
4  * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999
5  *      The Regents of the University of California.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that: (1) source code distributions
9  * retain the above copyright notice and this paragraph in its entirety, (2)
10  * distributions including binary code include the above copyright notice and
11  * this paragraph in its entirety in the documentation or other materials
12  * provided with the distribution, and (3) all advertising materials mentioning
13  * features or use of this software display the following acknowledgement:
14  * ``This product includes software developed by the University of California,
15  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
16  * the University nor the names of its contributors may be used to endorse
17  * or promote products derived from this software without specific prior
18  * written permission.
19  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
20  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
21  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
22  *
23  * Format and print IPsec (ESP/AH) packets.
24  *      By Tero Kivinen <kivinen@ssh.fi>, Tero Mononen <tmo@ssh.fi>,
25  *         Tatu Ylonen <ylo@ssh.fi> and Timo J. Rinne <tri@ssh.fi>
26  *         in co-operation with SSH Communications Security, Espoo, Finland
27  */
28 
29 #ifndef lint
30 static const char rcsid[] =
31     "@(#) $Header: /home/cvs/src/usr.sbin/tcpdump/print-ipsec.c,v 1.6 2001/06/27 03:34:44 angelos Exp $ (XXX)";
32 #endif
33 
34 #include <sys/param.h>
35 #include <sys/time.h>
36 #include <sys/socket.h>
37 
38 #include <netinet/in.h>
39 #include <netinet/in_systm.h>
40 #include <netinet/ip.h>
41 #include <netinet/ip_var.h>
42 #include <netinet/udp.h>
43 #include <netinet/udp_var.h>
44 #include <netinet/tcp.h>
45 #include <netinet/tcpip.h>
46 
47 #include <stdio.h>
48 #include <stdlib.h>
49 #include <string.h>
50 #include <unistd.h>
51 
52 #include "addrtoname.h"
53 #include "interface.h"
54 #include "extract.h"		    /* must come after interface.h */
55 
56 /*
57  * IPsec/ESP header
58  */
59 struct esp_hdr {
60 	u_int esp_spi;
61 	u_int esp_seq;
62 };
63 
64 void
65 esp_print (register const u_char *bp, register u_int len,
66 	   register const u_char *bp2)
67 {
68 	const struct ip *ip;
69 	const struct esp_hdr *esp;
70 
71 	ip = (const struct ip *)bp2;
72 	esp = (const struct esp_hdr *)bp;
73 
74 	(void)printf("esp %s > %s spi 0x%08X seq %d len %d",
75 		     ipaddr_string(&ip->ip_src),
76 		     ipaddr_string(&ip->ip_dst),
77 		     ntohl(esp->esp_spi), ntohl(esp->esp_seq), len);
78 
79 }
80 
81 /*
82  * IPsec/AH header
83  */
84 struct ah_hdr {
85 	u_char  ah_nxt_hdr;
86 	u_char  ah_pl_len;
87 	u_short ah_reserved;
88 	u_int   ah_spi;
89 	u_int   ah_seq;
90 };
91 
92 void
93 ah_print (register const u_char *bp, register u_int len,
94 	  register const u_char *bp2)
95 {
96 	const struct ip *ip;
97 	const struct ah_hdr *ah;
98 	u_int pl_len;
99 
100 	ip = (const struct ip *)bp2;
101 	ah = (const struct ah_hdr *)bp;
102 
103 	(void)printf("ah %s > %s spi 0x%08X seq %d len %d",
104 		     ipaddr_string(&ip->ip_src),
105 		     ipaddr_string(&ip->ip_dst),
106 		     ntohl(ah->ah_spi), ntohl(ah->ah_seq), len);
107 
108 	if (vflag) {
109 	        (void)printf("\n\t[ ");
110 
111 	        pl_len = (ah->ah_pl_len + 2) << 2; /* RFC2402, sec 2.2 */
112 
113 		if (len - pl_len <= 0) {
114 		        (void)printf("truncated");
115 			goto out;
116 		}
117 
118 		switch (ah->ah_nxt_hdr) {
119 
120 		case IPPROTO_IPIP: /* Tunnel Mode, IP-in-IP */
121 		        ip_print(bp + pl_len, len - pl_len);
122 			break;
123 
124 	        case IPPROTO_ICMP: /* From here and down; Transport mode */
125 		        icmp_print(bp + pl_len, (const u_char *) ip);
126 			break;
127 
128 	        case IPPROTO_TCP:
129 		        tcp_print(bp + pl_len, len - pl_len,
130 				  (const u_char *) ip);
131 			break;
132 
133 	        case IPPROTO_UDP:
134 		        udp_print(bp + pl_len, len - pl_len,
135 				  (const u_char *) ip);
136 			break;
137 
138 		case IPPROTO_ESP:
139 		        esp_print(bp + pl_len, len - pl_len,
140 				  (const u_char *) ip);
141 			break;
142 
143 		case IPPROTO_AH:
144 		        ah_print(bp + pl_len, len - pl_len,
145 				 (const u_char *) ip);
146 			break;
147 
148 		default:
149 		        (void)printf("ip-proto-%d len %d", ah->ah_nxt_hdr,
150 				     len - pl_len);
151 		}
152 out:
153 		(void)printf(" ]");
154 	}
155 
156 }
157