10Sstevel@tonic-gate /* 20Sstevel@tonic-gate * CDDL HEADER START 30Sstevel@tonic-gate * 40Sstevel@tonic-gate * The contents of this file are subject to the terms of the 50Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 60Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 70Sstevel@tonic-gate * with the License. 80Sstevel@tonic-gate * 90Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 100Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 110Sstevel@tonic-gate * See the License for the specific language governing permissions 120Sstevel@tonic-gate * and limitations under the License. 130Sstevel@tonic-gate * 140Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 150Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 160Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 170Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 180Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 190Sstevel@tonic-gate * 200Sstevel@tonic-gate * CDDL HEADER END 210Sstevel@tonic-gate */ 220Sstevel@tonic-gate /* 23*410Skcpoon * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 240Sstevel@tonic-gate * Use is subject to license terms. 250Sstevel@tonic-gate */ 260Sstevel@tonic-gate 270Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 280Sstevel@tonic-gate 290Sstevel@tonic-gate #include <stdio.h> 300Sstevel@tonic-gate #include <ctype.h> 310Sstevel@tonic-gate #include <string.h> 320Sstevel@tonic-gate #include <fcntl.h> 330Sstevel@tonic-gate #include <string.h> 340Sstevel@tonic-gate #include <sys/types.h> 350Sstevel@tonic-gate #include <sys/time.h> 360Sstevel@tonic-gate #include <sys/stat.h> 370Sstevel@tonic-gate #include <sys/uio.h> 380Sstevel@tonic-gate #include <unistd.h> 390Sstevel@tonic-gate #include <signal.h> 400Sstevel@tonic-gate #include <errno.h> 410Sstevel@tonic-gate #include <stdlib.h> 420Sstevel@tonic-gate #include <sys/wait.h> 430Sstevel@tonic-gate #include <sys/socket.h> 440Sstevel@tonic-gate #include <sys/sockio.h> 450Sstevel@tonic-gate #include <net/if.h> 460Sstevel@tonic-gate #include <netinet/in_systm.h> 470Sstevel@tonic-gate #include <netinet/in.h> 480Sstevel@tonic-gate #include <netinet/ip.h> 490Sstevel@tonic-gate #include <netinet/if_ether.h> 500Sstevel@tonic-gate #include <netinet/udp.h> 510Sstevel@tonic-gate #include "snoop.h" 520Sstevel@tonic-gate 530Sstevel@tonic-gate #ifndef MIN 540Sstevel@tonic-gate #define MIN(a, b) ((a) < (b) ? (a) : (b)) 550Sstevel@tonic-gate #endif 560Sstevel@tonic-gate 570Sstevel@tonic-gate extern char *src_name; 580Sstevel@tonic-gate extern char *dst_name; 590Sstevel@tonic-gate #define MAX_CTX (10) 600Sstevel@tonic-gate #define LINE_LEN (255) 610Sstevel@tonic-gate #define BUF_SIZE (16000) 62*410Skcpoon static int ldap = 0; /* flag to control initialization */ 630Sstevel@tonic-gate struct ctx { 640Sstevel@tonic-gate int src; 650Sstevel@tonic-gate int dst; 660Sstevel@tonic-gate char *src_name; 670Sstevel@tonic-gate char *dst_name; 680Sstevel@tonic-gate }; 690Sstevel@tonic-gate char *osibuff = NULL; 700Sstevel@tonic-gate int osilen = 0; 710Sstevel@tonic-gate char scrbuffer[BUF_SIZE]; /* buffer to accumulate data until a */ 720Sstevel@tonic-gate /* complete LDAPmessage is received */ 730Sstevel@tonic-gate char resultcode[LINE_LEN]; /* These are used */ 740Sstevel@tonic-gate char operation[LINE_LEN]; /* by -V option. */ 750Sstevel@tonic-gate char bb[LINE_LEN]; 760Sstevel@tonic-gate 770Sstevel@tonic-gate int gi_osibuf[MAX_CTX]; 780Sstevel@tonic-gate int otyp[MAX_CTX]; 790Sstevel@tonic-gate int olen[MAX_CTX]; 800Sstevel@tonic-gate int level[MAX_CTX]; 810Sstevel@tonic-gate 820Sstevel@tonic-gate void decode_ldap(char *buf, int len); 830Sstevel@tonic-gate 840Sstevel@tonic-gate #define X unsigned char 850Sstevel@tonic-gate typedef X * A; 860Sstevel@tonic-gate #define INT(a) ((int)(a)) 870Sstevel@tonic-gate #define SCRUB (void) strcat(scrbuffer, bb); 880Sstevel@tonic-gate 89*410Skcpoon static X hex; /* input hex octet */ 900Sstevel@tonic-gate static A *PTRaclass; /* application tag table pointer */ 910Sstevel@tonic-gate 920Sstevel@tonic-gate /* 93*410Skcpoon * ASN.1 Message Printing Macros 94*410Skcpoon */ 950Sstevel@tonic-gate 960Sstevel@tonic-gate #define asnshw1(a) {(void)sprintf(bb, a); SCRUB } 970Sstevel@tonic-gate #define asnshw2(a, b) {(void)sprintf(bb, a, b); SCRUB } 980Sstevel@tonic-gate #define asnshw3(a, b, c) {(void)sprintf(bb, a, b, c); SCRUB } 990Sstevel@tonic-gate #define asnshw4(a, b, c, d) {(void)sprintf(bb, a, b, c, d); SCRUB } 1000Sstevel@tonic-gate #define asnshw5(a, b, c, d, e) {(void)sprintf(bb, a, b, c, d, e); SCRUB } 1010Sstevel@tonic-gate 1020Sstevel@tonic-gate /* 103*410Skcpoon * Local Types And Variables 104*410Skcpoon */ 1050Sstevel@tonic-gate 1060Sstevel@tonic-gate /* 107*410Skcpoon * Object identifier oid to name mapping description type 108*410Skcpoon */ 1090Sstevel@tonic-gate 1100Sstevel@tonic-gate typedef struct { 111*410Skcpoon A oidname; /* object identifier string name */ 1120Sstevel@tonic-gate X oidcode[16]; /* object identifier hexa code */ 1130Sstevel@tonic-gate } oidelmT; 1140Sstevel@tonic-gate typedef oidelmT *oidelmTp; 1150Sstevel@tonic-gate 1160Sstevel@tonic-gate /* 117*410Skcpoon * Snoop's entry point to ldap decoding 118*410Skcpoon */ 1190Sstevel@tonic-gate 1200Sstevel@tonic-gate void 1210Sstevel@tonic-gate interpret_ldap(flags, data, fraglen, src, dst) 1220Sstevel@tonic-gate int flags; 1230Sstevel@tonic-gate char *data; 1240Sstevel@tonic-gate int fraglen; 1250Sstevel@tonic-gate int src; 1260Sstevel@tonic-gate int dst; 1270Sstevel@tonic-gate { 1280Sstevel@tonic-gate 1290Sstevel@tonic-gate if (!ldap) { 1300Sstevel@tonic-gate init_ldap(); 1310Sstevel@tonic-gate ldap = 1; 1320Sstevel@tonic-gate } 1330Sstevel@tonic-gate 1340Sstevel@tonic-gate (void) decode_ldap(data, fraglen); 1350Sstevel@tonic-gate 1360Sstevel@tonic-gate if (flags & F_DTAIL) { 1370Sstevel@tonic-gate /* i.e. when snoop is run with -v (verbose) */ 1380Sstevel@tonic-gate show_header("LDAP: ", 1390Sstevel@tonic-gate "Lightweight Directory Access Protocol Header", fraglen); 1400Sstevel@tonic-gate show_space(); 1410Sstevel@tonic-gate printf("%s", scrbuffer); 1420Sstevel@tonic-gate } 1430Sstevel@tonic-gate 1440Sstevel@tonic-gate if (flags & F_SUM) { 1450Sstevel@tonic-gate /* i.e. when snoop is run with -V (summary) */ 1460Sstevel@tonic-gate (void) strcpy(data, ""); 1470Sstevel@tonic-gate 1480Sstevel@tonic-gate if (strlen(operation) != 0) { 1490Sstevel@tonic-gate (void) strcat(data, " "); 1500Sstevel@tonic-gate (void) strncat(data, operation, 30); 1510Sstevel@tonic-gate (void) strcpy(operation, ""); 1520Sstevel@tonic-gate } 1530Sstevel@tonic-gate 1540Sstevel@tonic-gate if (strlen(resultcode) != 0) { 1550Sstevel@tonic-gate (void) strcat(data, " "); 1560Sstevel@tonic-gate (void) strncat(data, resultcode, 30); 1570Sstevel@tonic-gate (void) strcpy(resultcode, ""); 1580Sstevel@tonic-gate } 1590Sstevel@tonic-gate 1600Sstevel@tonic-gate if (dst == 389) { 1610Sstevel@tonic-gate (void) sprintf(get_sum_line(), 1620Sstevel@tonic-gate "LDAP C port=%d%s", src, data); 1630Sstevel@tonic-gate } 1640Sstevel@tonic-gate if (src == 389) { 1650Sstevel@tonic-gate (void) sprintf(get_sum_line(), 1660Sstevel@tonic-gate "LDAP R port=%d%s", dst, data); 1670Sstevel@tonic-gate } 1680Sstevel@tonic-gate } 1690Sstevel@tonic-gate 1700Sstevel@tonic-gate (void) strcpy(scrbuffer, ""); 1710Sstevel@tonic-gate } 1720Sstevel@tonic-gate 1730Sstevel@tonic-gate /* 174*410Skcpoon * Known object identifiers: customize to add your own oids 175*410Skcpoon */ 1760Sstevel@tonic-gate 1770Sstevel@tonic-gate static oidelmT OidTab[] = { 1780Sstevel@tonic-gate /* 179*410Skcpoon * X.500 Standardized Attribute Types 180*410Skcpoon */ 1810Sstevel@tonic-gate {(A)"ObjectClass", { 0x03, 0x55, 0x04, 0x00 }}, 1820Sstevel@tonic-gate {(A)"AliasObjectName", { 0x03, 0x55, 0x04, 0x01 }}, 1830Sstevel@tonic-gate {(A)"KnowledgeInfo", { 0x03, 0x55, 0x04, 0x02 }}, 1840Sstevel@tonic-gate {(A)"CommonName", { 0x03, 0x55, 0x04, 0x03 }}, 1850Sstevel@tonic-gate {(A)"Surname", { 0x03, 0x55, 0x04, 0x04 }}, 1860Sstevel@tonic-gate {(A)"SerialNumber", { 0x03, 0x55, 0x04, 0x05 }}, 1870Sstevel@tonic-gate {(A)"CountryName", { 0x03, 0x55, 0x04, 0x06 }}, 1880Sstevel@tonic-gate {(A)"LocalityName", { 0x03, 0x55, 0x04, 0x07 }}, 1890Sstevel@tonic-gate {(A)"StateOrProvinceName", { 0x03, 0x55, 0x04, 0x08 }}, 1900Sstevel@tonic-gate {(A)"StreetAddress", { 0x03, 0x55, 0x04, 0x09 }}, 1910Sstevel@tonic-gate {(A)"OrganizationName", { 0x03, 0x55, 0x04, 0x0a }}, 1920Sstevel@tonic-gate {(A)"OrganizationUnitName", { 0x03, 0x55, 0x04, 0x0b }}, 1930Sstevel@tonic-gate {(A)"Title", { 0x03, 0x55, 0x04, 0x0c }}, 1940Sstevel@tonic-gate {(A)"Description", { 0x03, 0x55, 0x04, 0x0d }}, 1950Sstevel@tonic-gate {(A)"SearchGuide", { 0x03, 0x55, 0x04, 0x0e }}, 1960Sstevel@tonic-gate {(A)"BusinessCategory", { 0x03, 0x55, 0x04, 0x0f }}, 1970Sstevel@tonic-gate {(A)"PostalAddress", { 0x03, 0x55, 0x04, 0x10 }}, 1980Sstevel@tonic-gate {(A)"PostalCode", { 0x03, 0x55, 0x04, 0x11 }}, 1990Sstevel@tonic-gate {(A)"PostOfficeBox", { 0x03, 0x55, 0x04, 0x12 }}, 2000Sstevel@tonic-gate {(A)"PhysicalDeliveryOffice", { 0x03, 0x55, 0x04, 0x13 }}, 2010Sstevel@tonic-gate {(A)"TelephoneNUmber", { 0x03, 0x55, 0x04, 0x14 }}, 2020Sstevel@tonic-gate {(A)"TelexNumber", { 0x03, 0x55, 0x04, 0x15 }}, 2030Sstevel@tonic-gate {(A)"TeletexTerminalId", { 0x03, 0x55, 0x04, 0x16 }}, 2040Sstevel@tonic-gate {(A)"FaxTelephoneNumber", { 0x03, 0x55, 0x04, 0x17 }}, 2050Sstevel@tonic-gate {(A)"X121Address", { 0x03, 0x55, 0x04, 0x18 }}, 2060Sstevel@tonic-gate {(A)"IsdnAddress", { 0x03, 0x55, 0x04, 0x19 }}, 2070Sstevel@tonic-gate {(A)"RegisteredAddress", { 0x03, 0x55, 0x04, 0x1a }}, 2080Sstevel@tonic-gate {(A)"DestinationIndicator", { 0x03, 0x55, 0x04, 0x1b }}, 2090Sstevel@tonic-gate {(A)"PreferDeliveryMethod", { 0x03, 0x55, 0x04, 0x1c }}, 2100Sstevel@tonic-gate {(A)"PresentationAddress", { 0x03, 0x55, 0x04, 0x1d }}, 2110Sstevel@tonic-gate {(A)"SupportedApplContext", { 0x03, 0x55, 0x04, 0x1e }}, 2120Sstevel@tonic-gate {(A)"Member", { 0x03, 0x55, 0x04, 0x1f }}, 2130Sstevel@tonic-gate {(A)"Owner", { 0x03, 0x55, 0x04, 0x20 }}, 2140Sstevel@tonic-gate {(A)"RoleOccupant", { 0x03, 0x55, 0x04, 0x21 }}, 2150Sstevel@tonic-gate {(A)"SeeAlso", { 0x03, 0x55, 0x04, 0x22 }}, 2160Sstevel@tonic-gate {(A)"Password", { 0x03, 0x55, 0x04, 0x23 }}, 2170Sstevel@tonic-gate {(A)"UserCertificate", { 0x03, 0x55, 0x04, 0x24 }}, 2180Sstevel@tonic-gate {(A)"CaCertificate", { 0x03, 0x55, 0x04, 0x25 }}, 2190Sstevel@tonic-gate {(A)"AuthorityRevList", { 0x03, 0x55, 0x04, 0x26 }}, 2200Sstevel@tonic-gate {(A)"CertificateRevList", { 0x03, 0x55, 0x04, 0x27 }}, 2210Sstevel@tonic-gate {(A)"CrossCertificatePair", { 0x03, 0x55, 0x04, 0x28 }}, 2220Sstevel@tonic-gate 2230Sstevel@tonic-gate /* 224*410Skcpoon * X.500 Standardized Object Classes 225*410Skcpoon */ 2260Sstevel@tonic-gate {(A)"Top", { 0x03, 0x55, 0x06, 0x00 }}, 2270Sstevel@tonic-gate {(A)"Alias", { 0x03, 0x55, 0x06, 0x01 }}, 2280Sstevel@tonic-gate {(A)"Country", { 0x03, 0x55, 0x06, 0x02 }}, 2290Sstevel@tonic-gate {(A)"Locality", { 0x03, 0x55, 0x06, 0x03 }}, 2300Sstevel@tonic-gate {(A)"Organization", { 0x03, 0x55, 0x06, 0x04 }}, 2310Sstevel@tonic-gate {(A)"OrganizationUnit", { 0x03, 0x55, 0x06, 0x05 }}, 2320Sstevel@tonic-gate {(A)"Person", { 0x03, 0x55, 0x06, 0x06 }}, 2330Sstevel@tonic-gate {(A)"OrganizationPersion", { 0x03, 0x55, 0x06, 0x07 }}, 2340Sstevel@tonic-gate {(A)"OrganizationRole", { 0x03, 0x55, 0x06, 0x08 }}, 2350Sstevel@tonic-gate {(A)"Group", { 0x03, 0x55, 0x06, 0x09 }}, 2360Sstevel@tonic-gate {(A)"ResidentialPerson", { 0x03, 0x55, 0x06, 0x0A }}, 2370Sstevel@tonic-gate {(A)"ApplicationProcess", { 0x03, 0x55, 0x06, 0x0B }}, 2380Sstevel@tonic-gate {(A)"ApplicationEntity", { 0x03, 0x55, 0x06, 0x0C }}, 2390Sstevel@tonic-gate {(A)"Dsa", { 0x03, 0x55, 0x06, 0x0D }}, 2400Sstevel@tonic-gate {(A)"Device", { 0x03, 0x55, 0x06, 0x0E }}, 2410Sstevel@tonic-gate {(A)"StrongAuthenticUser", { 0x03, 0x55, 0x06, 0x0F }}, 2420Sstevel@tonic-gate {(A)"CaAuthority", { 0x03, 0x55, 0x06, 0x10 }}, 2430Sstevel@tonic-gate 2440Sstevel@tonic-gate /* 245*410Skcpoon * ACSE Protocol Object Identifiers 246*410Skcpoon */ 2470Sstevel@tonic-gate {(A)"Asn1BER-TS", { 0x02, 0x51, 0x01 }}, 2480Sstevel@tonic-gate {(A)"Private-TS", { 0x06, 0x2b, 0xce, 0x06, 0x01, 0x04, 0x06 }}, 2490Sstevel@tonic-gate {(A)"ACSE-AS", { 0x04, 0x52, 0x01, 0x00, 0x01 }}, 2500Sstevel@tonic-gate 2510Sstevel@tonic-gate /* 252*410Skcpoon * Directory Protocol Oids 253*410Skcpoon */ 2540Sstevel@tonic-gate {(A)"DirAccess-AC", { 0x03, 0x55, 0x03, 0x01 }}, 2550Sstevel@tonic-gate {(A)"DirSystem-AC", { 0x03, 0x55, 0x03, 0x02 }}, 2560Sstevel@tonic-gate 2570Sstevel@tonic-gate {(A)"DirAccess-AS", { 0x03, 0x55, 0x09, 0x01 }}, 2580Sstevel@tonic-gate {(A)"DirSystem-AS", { 0x03, 0x55, 0x09, 0x02 }}, 2590Sstevel@tonic-gate 2600Sstevel@tonic-gate /* 261*410Skcpoon * and add your private object identifiers here ... 262*410Skcpoon */ 2630Sstevel@tonic-gate }; 2640Sstevel@tonic-gate 2650Sstevel@tonic-gate #define OIDNB (sizeof (OidTab) / sizeof (oidelmT)) /* total oid nb */ 2660Sstevel@tonic-gate 2670Sstevel@tonic-gate /* 268*410Skcpoon * asn.1 tag class definition 269*410Skcpoon */ 2700Sstevel@tonic-gate 2710Sstevel@tonic-gate static A class[] = { /* tag class */ 2720Sstevel@tonic-gate (A)"UNIV ", 2730Sstevel@tonic-gate (A)"APPL ", 2740Sstevel@tonic-gate (A)"CTXs ", 2750Sstevel@tonic-gate (A)"PRIV " 2760Sstevel@tonic-gate }; 2770Sstevel@tonic-gate 2780Sstevel@tonic-gate /* 279*410Skcpoon * universal tag definition 280*410Skcpoon */ 2810Sstevel@tonic-gate 2820Sstevel@tonic-gate static A uclass[] = { /* universal tag assignment */ 2830Sstevel@tonic-gate (A)"EndOfContents", /* 0 */ 2840Sstevel@tonic-gate (A)"Boolean", /* 1 */ 2850Sstevel@tonic-gate (A)"Integer", /* 2 */ 2860Sstevel@tonic-gate (A)"BitString", /* 3 */ 2870Sstevel@tonic-gate (A)"OctetString", /* 4 */ 288*410Skcpoon (A)"Null", /* 5 */ 289*410Skcpoon (A)"Oid", /* 6 */ 2900Sstevel@tonic-gate (A)"ObjDescriptor", /* 7 */ 2910Sstevel@tonic-gate (A)"External", /* 8 */ 292*410Skcpoon (A)"Real", /* 9 */ 2930Sstevel@tonic-gate (A)"Enumerated", /* 10 */ 2940Sstevel@tonic-gate (A)"Reserved", /* 11 */ 2950Sstevel@tonic-gate (A)"Reserved", /* 12 */ 2960Sstevel@tonic-gate (A)"Reserved", /* 13 */ 2970Sstevel@tonic-gate (A)"Reserved", /* 14 */ 2980Sstevel@tonic-gate (A)"Reserved", /* 15 */ 2990Sstevel@tonic-gate (A)"Sequence", /* 16 */ 300*410Skcpoon (A)"Set", /* 17 */ 3010Sstevel@tonic-gate (A)"NumericString", /* 18 */ 302*410Skcpoon (A)"PrintableString", /* 19 */ 3030Sstevel@tonic-gate (A)"T.61String", /* 20 */ 304*410Skcpoon (A)"VideotexString", /* 21 */ 3050Sstevel@tonic-gate (A)"IA5String", /* 22 */ 3060Sstevel@tonic-gate (A)"UTCTime", /* 23 */ 307*410Skcpoon (A)"GeneralizedTime", /* 24 */ 3080Sstevel@tonic-gate (A)"GraphicString", /* 25 */ 3090Sstevel@tonic-gate (A)"VisibleString", /* 26 */ 3100Sstevel@tonic-gate (A)"GeneralString", /* 27 */ 3110Sstevel@tonic-gate (A)"Reserved", /* 28 */ 3120Sstevel@tonic-gate (A)"Reserved", /* 29 */ 3130Sstevel@tonic-gate (A)"Reserved", /* 30 */ 3140Sstevel@tonic-gate (A)"Reserved" /* 31 */ 3150Sstevel@tonic-gate }; 3160Sstevel@tonic-gate 3170Sstevel@tonic-gate static A MHSaclass[] = { /* mhs application tag assignment */ 318*410Skcpoon (A)"Bind Request", /* 0 */ 3190Sstevel@tonic-gate (A)"Bind Response", 3200Sstevel@tonic-gate (A)"Unbind Request", 3210Sstevel@tonic-gate (A)"Search Request", 3220Sstevel@tonic-gate (A)"Search ResEntry", 323*410Skcpoon (A)"Search ResDone", /* 5 */ 3240Sstevel@tonic-gate (A)"Modify Request", 3250Sstevel@tonic-gate (A)"Modify Response", 3260Sstevel@tonic-gate (A)"Add Request", 327*410Skcpoon (A)"Add Response", /* 9 */ 3280Sstevel@tonic-gate (A)"Del Request", 3290Sstevel@tonic-gate (A)"Del Response", 3300Sstevel@tonic-gate (A)"ModDN Request", 3310Sstevel@tonic-gate (A)"ModDN Response", 332*410Skcpoon (A)"Compare Request", /* 14 */ 3330Sstevel@tonic-gate (A)"Compare Response", 3340Sstevel@tonic-gate (A)"Abandon Request", 3350Sstevel@tonic-gate (A)"", /* 17 */ 3360Sstevel@tonic-gate (A)"", /* 18 */ 337*410Skcpoon (A)"Search ResRef", /* 19 */ 3380Sstevel@tonic-gate (A)"", /* 20 */ 3390Sstevel@tonic-gate (A)"", /* 21 */ 3400Sstevel@tonic-gate (A)"", /* 22 */ 3410Sstevel@tonic-gate (A)"Extended Request", 3420Sstevel@tonic-gate (A)"Extended Response", 3430Sstevel@tonic-gate (A)"", /* 25 */ 3440Sstevel@tonic-gate (A)"", /* 26 */ 3450Sstevel@tonic-gate (A)"", /* 27 */ 3460Sstevel@tonic-gate (A)"", /* 28 */ 3470Sstevel@tonic-gate (A)"", /* 29 */ 3480Sstevel@tonic-gate (A)"", /* 30 */ 3490Sstevel@tonic-gate (A)"" /* 31 */ 3500Sstevel@tonic-gate }; 3510Sstevel@tonic-gate 3520Sstevel@tonic-gate 3530Sstevel@tonic-gate static A DFTaclass[] = { /* Default Application Tag Assignment */ 3540Sstevel@tonic-gate (A)"", /* 0 */ 3550Sstevel@tonic-gate (A)"", /* 1 */ 3560Sstevel@tonic-gate (A)"", /* 2 */ 3570Sstevel@tonic-gate (A)"", /* 3 */ 3580Sstevel@tonic-gate (A)"", /* 4 */ 3590Sstevel@tonic-gate (A)"", /* 5 */ 3600Sstevel@tonic-gate (A)"", /* 6 */ 3610Sstevel@tonic-gate (A)"", /* 7 */ 3620Sstevel@tonic-gate (A)"", /* 8 */ 3630Sstevel@tonic-gate (A)"", /* 9 */ 3640Sstevel@tonic-gate (A)"", /* 10 */ 3650Sstevel@tonic-gate (A)"", /* 11 */ 3660Sstevel@tonic-gate (A)"", /* 12 */ 3670Sstevel@tonic-gate (A)"", /* 13 */ 3680Sstevel@tonic-gate (A)"", /* 14 */ 3690Sstevel@tonic-gate (A)"", /* 15 */ 3700Sstevel@tonic-gate (A)"", /* 16 */ 3710Sstevel@tonic-gate (A)"", /* 17 */ 3720Sstevel@tonic-gate (A)"", /* 18 */ 3730Sstevel@tonic-gate (A)"", /* 19 */ 3740Sstevel@tonic-gate (A)"", /* 20 */ 3750Sstevel@tonic-gate (A)"", /* 21 */ 3760Sstevel@tonic-gate (A)"", /* 22 */ 3770Sstevel@tonic-gate (A)"", /* 23 */ 3780Sstevel@tonic-gate (A)"", /* 24 */ 3790Sstevel@tonic-gate (A)"", /* 25 */ 3800Sstevel@tonic-gate (A)"", /* 26 */ 3810Sstevel@tonic-gate (A)"", /* 27 */ 3820Sstevel@tonic-gate (A)"", /* 28 */ 3830Sstevel@tonic-gate (A)"", /* 29 */ 3840Sstevel@tonic-gate (A)"", /* 30 */ 3850Sstevel@tonic-gate (A)"" /* 31 */ 3860Sstevel@tonic-gate }; 3870Sstevel@tonic-gate 3880Sstevel@tonic-gate typedef struct asndefS { 3890Sstevel@tonic-gate char *name; 3900Sstevel@tonic-gate int type; 3910Sstevel@tonic-gate int application; 3920Sstevel@tonic-gate int nbson; 3930Sstevel@tonic-gate struct { 3940Sstevel@tonic-gate char *sonname; 3950Sstevel@tonic-gate struct asndefS *sondef; 3960Sstevel@tonic-gate long tag; 3970Sstevel@tonic-gate } son[50]; 3980Sstevel@tonic-gate } asndefT, * asndefTp; 3990Sstevel@tonic-gate 4000Sstevel@tonic-gate #define SEQUENCE 0x0002 4010Sstevel@tonic-gate #define SEQUENCEOF 0x0003 4020Sstevel@tonic-gate #define SET 0x0004 4030Sstevel@tonic-gate #define PRINTABLE 0x0008 4040Sstevel@tonic-gate #define ENUM 0x0010 4050Sstevel@tonic-gate #define BITSTRING 0x0020 4060Sstevel@tonic-gate #define EXTENSION 0x0040 4070Sstevel@tonic-gate #define CONTENTTYPE 0x0080 4080Sstevel@tonic-gate #define CONTENT 0x0100 4090Sstevel@tonic-gate #define CHOICE 0x0200 4100Sstevel@tonic-gate 4110Sstevel@tonic-gate static asndefT RTSpasswd = { "RTS Authentification data", SET, -1, 2, { 4120Sstevel@tonic-gate {"MTA Name", 0, 0}, 4130Sstevel@tonic-gate {"MTA Password", 0, 1}}}; 4140Sstevel@tonic-gate static asndefT RTSudata = { "RTS User data", SET, -1, 1, { 4150Sstevel@tonic-gate {0, &RTSpasswd, 1}}}; 4160Sstevel@tonic-gate 4170Sstevel@tonic-gate static asndefT baseObject = {"Base Object", PRINTABLE, -1, 0, {0}}; 4180Sstevel@tonic-gate 4190Sstevel@tonic-gate static asndefT scope = {"Scope", ENUM, -1, 3, { 4200Sstevel@tonic-gate {"BaseObject", 0, 0}, 4210Sstevel@tonic-gate {"singleLevel", 0, 1}, 4220Sstevel@tonic-gate {"wholeSubtree", 0, 2}}}; 4230Sstevel@tonic-gate 4240Sstevel@tonic-gate static asndefT derefAliases = {"DerefAliases", ENUM, -1, 4, { 4250Sstevel@tonic-gate {"neverDerefAliases", 0, 0}, 4260Sstevel@tonic-gate {"derefInSearching", 0, 1}, 4270Sstevel@tonic-gate {"derefFindingBaseObj", 0, 2}, 4280Sstevel@tonic-gate {"derefAlways", 0, 3}}}; 4290Sstevel@tonic-gate 4300Sstevel@tonic-gate static asndefT filter; 4310Sstevel@tonic-gate static asndefT and = {"And", SET, -1, 1, { 4320Sstevel@tonic-gate {0, &filter, -1}}}; 4330Sstevel@tonic-gate static asndefT or = {"Or", SET, -1, 1, { 4340Sstevel@tonic-gate {0, &filter, -1}}}; 4350Sstevel@tonic-gate static asndefT not = {"Not", SET, -1, 1, { 4360Sstevel@tonic-gate {0, &filter, -1}}}; 4370Sstevel@tonic-gate static asndefT equalityMatch = {"Equality Match", SEQUENCE, -1, 2, { 4380Sstevel@tonic-gate {"Attr Descr", 0, -1}, 4390Sstevel@tonic-gate {"Value", 0, -1}}}; 4400Sstevel@tonic-gate static asndefT substrings = {"Substring", SEQUENCE, -1, 2, { 4410Sstevel@tonic-gate {"Type", 0, -1}, 4420Sstevel@tonic-gate {"Substrings (initial)", 0, 0}, 4430Sstevel@tonic-gate {"Substrings (any)", 0, 1}, 4440Sstevel@tonic-gate {"Substring (final)", 0, 2}}}; 4450Sstevel@tonic-gate static asndefT greaterOrEqual = {"Greater Or Equal", SEQUENCE, -1, 2, { 4460Sstevel@tonic-gate {"Attr Descr", 0, -1}, 4470Sstevel@tonic-gate {"Value", 0, -1}}}; 4480Sstevel@tonic-gate static asndefT lessOrEqual = {"Less Or Equal", SEQUENCE, -1, 2, { 4490Sstevel@tonic-gate {"Attr Descr", 0, -1}, 4500Sstevel@tonic-gate {"Value", 0, -1}}}; 4510Sstevel@tonic-gate static asndefT approxMatch = {"Approx Match", SEQUENCE, -1, 2, { 4520Sstevel@tonic-gate {"Attr Descr", 0, -1}, 4530Sstevel@tonic-gate {"Value", 0, -1}}}; 4540Sstevel@tonic-gate static asndefT extensibleMatch = {"Extensible Match", SEQUENCE, -1, 4, { 4550Sstevel@tonic-gate {"MatchingRule", 0, 1}, 4560Sstevel@tonic-gate {"Type", 0, 2}, 4570Sstevel@tonic-gate {"MatchValue", 0, 3}, 4580Sstevel@tonic-gate {"dnAttributes", 0, 4}}}; 4590Sstevel@tonic-gate 4600Sstevel@tonic-gate static asndefT filter = {"Filter", CHOICE, -1, 10, { 4610Sstevel@tonic-gate {0, &and, 0}, 4620Sstevel@tonic-gate {0, &or, 1}, 4630Sstevel@tonic-gate {0, ¬, 2}, 4640Sstevel@tonic-gate {0, &equalityMatch, 3}, 4650Sstevel@tonic-gate {0, &substrings, 4}, 4660Sstevel@tonic-gate {0, &greaterOrEqual, 5}, 4670Sstevel@tonic-gate {0, &lessOrEqual, 6}, 4680Sstevel@tonic-gate {"Filter: Present", 0, 7}, 4690Sstevel@tonic-gate {0, &approxMatch, 8}, 4700Sstevel@tonic-gate {0, &extensibleMatch, 9}}}; 4710Sstevel@tonic-gate 4720Sstevel@tonic-gate static asndefT attributedescription = \ 4730Sstevel@tonic-gate {"Attribute Description", PRINTABLE, -1, 0, {0}}; 4740Sstevel@tonic-gate static asndefT attributes = {"Attribute List", SEQUENCEOF, -1, 1, { 4750Sstevel@tonic-gate {0, &attributedescription, -1}}}; 4760Sstevel@tonic-gate 4770Sstevel@tonic-gate static asndefT searchRequest = {"Operation", SEQUENCE, 3, 8, { 4780Sstevel@tonic-gate {0, &baseObject, -1}, 4790Sstevel@tonic-gate {0, &scope, -1}, 4800Sstevel@tonic-gate {0, &derefAliases, -1}, 4810Sstevel@tonic-gate {"SizeLimit", 0, -1}, 4820Sstevel@tonic-gate {"TimeLimit", 0, -1}, 4830Sstevel@tonic-gate {"TypesOnly", 0, -1}, 4840Sstevel@tonic-gate {0, &filter, -1}, 4850Sstevel@tonic-gate {0, &attributes, -1}}}; 4860Sstevel@tonic-gate 4870Sstevel@tonic-gate static asndefT objectName = {"Object Name", PRINTABLE, -1, 0, {0}}; 4880Sstevel@tonic-gate 4890Sstevel@tonic-gate static asndefT ldapEntry = {"Entry", PRINTABLE, -1, 0, {0}}; 4900Sstevel@tonic-gate static asndefT relativeLdapEntry = \ 4910Sstevel@tonic-gate {"Relative LDAP Entry", PRINTABLE, -1, 0, {0}}; 4920Sstevel@tonic-gate static asndefT newSuperior = {"New Superior", PRINTABLE, -1, 0, {0}}; 4930Sstevel@tonic-gate 4940Sstevel@tonic-gate static asndefT vals = {"Vals", SET, -1, 1, { 4950Sstevel@tonic-gate {"Value", 0, -1}}}; 4960Sstevel@tonic-gate 4970Sstevel@tonic-gate static asndefT attribute = {"Attribute", SEQUENCE, -1, 2, { 4980Sstevel@tonic-gate {"Type", 0, -1}, 4990Sstevel@tonic-gate {0, &vals, -1}}}; 5000Sstevel@tonic-gate 5010Sstevel@tonic-gate static asndefT partialAttributes = {"Partial Attributes", SEQUENCEOF, -1, 1, { 5020Sstevel@tonic-gate {0, &attribute, -1}}}; 5030Sstevel@tonic-gate 5040Sstevel@tonic-gate static asndefT searchResEntry = {"Operation", SEQUENCE, 4, 2, { 5050Sstevel@tonic-gate {0, &objectName, -1}, 5060Sstevel@tonic-gate {0, &partialAttributes, -1}}}; 5070Sstevel@tonic-gate 5080Sstevel@tonic-gate static asndefT authChoice = {"Authentication Choice", CHOICE, -1, 2, { 5090Sstevel@tonic-gate {"Authentication: Simple", 0, 0}, 5100Sstevel@tonic-gate {"Authentication: SASL", 0, 3}}}; 5110Sstevel@tonic-gate 5120Sstevel@tonic-gate static asndefT bindRequest = {"Operation", SEQUENCE, 0, 3, { 5130Sstevel@tonic-gate {"Version", 0, -1}, 5140Sstevel@tonic-gate {0, &objectName, -1}, 5150Sstevel@tonic-gate {0, &authChoice, -1}}}; 5160Sstevel@tonic-gate 5170Sstevel@tonic-gate static asndefT resultCode = {"Result Code", ENUM, -1, 39, { 5180Sstevel@tonic-gate {"Success", 0, 0}, 5190Sstevel@tonic-gate {"Operation Error", 0, 1}, 5200Sstevel@tonic-gate {"Protocol Error", 0, 2}, 5210Sstevel@tonic-gate {"Time Limit Exceeded", 0, 3}, 5220Sstevel@tonic-gate {"Size Limit Exceeded", 0, 4}, 5230Sstevel@tonic-gate {"Compare False", 0, 5}, 5240Sstevel@tonic-gate {"Compare True", 0, 6}, 5250Sstevel@tonic-gate {"Auth Method Not supported", 0, 7}, 5260Sstevel@tonic-gate {"Strong Auth Required", 0, 8}, 5270Sstevel@tonic-gate {"Referral", 0, 10}, 5280Sstevel@tonic-gate {"Admin Limit Exceeded", 0, 11}, 5290Sstevel@tonic-gate {"Unavailable Critical Extension", 0, 12}, 5300Sstevel@tonic-gate {"Confidentiality required", 0, 13}, 5310Sstevel@tonic-gate {"SASL Bind In Progress", 0, 14}, 5320Sstevel@tonic-gate {"No Such Attribute", 0, 16}, 5330Sstevel@tonic-gate {"Undefined Attribute Type", 0, 17}, 5340Sstevel@tonic-gate {"Inappropriate Matching", 0, 18}, 5350Sstevel@tonic-gate {"Constraint violation", 0, 19}, 5360Sstevel@tonic-gate {"Attribute or Value Exists", 0, 20}, 5370Sstevel@tonic-gate {"Invalid Attribute Syntax", 0, 21}, 5380Sstevel@tonic-gate {"No Such Object", 0, 32}, 5390Sstevel@tonic-gate {"Alias Problem", 0, 33}, 5400Sstevel@tonic-gate {"Invalid DN Syntax", 0, 34}, 5410Sstevel@tonic-gate {"Alias Dereferencing Problem", 0, 36}, 5420Sstevel@tonic-gate {"Inappropriate Authentication", 0, 48}, 5430Sstevel@tonic-gate {"Invalid Credentials", 0, 49}, 5440Sstevel@tonic-gate {"Insufficient Access Rights", 0, 50}, 5450Sstevel@tonic-gate {"Busy", 0, 51}, 5460Sstevel@tonic-gate {"Unavailable", 0, 52}, 5470Sstevel@tonic-gate {"Unwilling To Perform", 0, 53}, 5480Sstevel@tonic-gate {"Loop Detect", 0, 54}, 5490Sstevel@tonic-gate {"Naming Violation", 0, 64}, 5500Sstevel@tonic-gate {"ObjectClass violation", 0, 65}, 5510Sstevel@tonic-gate {"Not Allowed On Non Leaf", 0, 66}, 5520Sstevel@tonic-gate {"Not Allowed On RDN", 0, 67}, 5530Sstevel@tonic-gate {"Entry Already Exists", 0, 68}, 5540Sstevel@tonic-gate {"ObjectClass Mods Prohibited", 0, 69}, 5550Sstevel@tonic-gate {"Affects Multiple DSAs", 0, 71}, 5560Sstevel@tonic-gate {"Other", 0, 80}}}; 5570Sstevel@tonic-gate 5580Sstevel@tonic-gate 5590Sstevel@tonic-gate static asndefT referral = {"Referral", SEQUENCEOF, -1, 1, { 5600Sstevel@tonic-gate {"LDAP URL", 0, -1}}}; 5610Sstevel@tonic-gate 5620Sstevel@tonic-gate static asndefT ldapResult = {"LDAP Result", SEQUENCE, -1, 4, { 5630Sstevel@tonic-gate {0, &resultCode, -1}, 5640Sstevel@tonic-gate {"Matched DN", 0, -1}, 5650Sstevel@tonic-gate {"Error Message", 0, -1}, 5660Sstevel@tonic-gate {0, &referral, 3}}}; 5670Sstevel@tonic-gate 5680Sstevel@tonic-gate static asndefT bindResponse = {"Operation", SEQUENCE, 1, 5, { 5690Sstevel@tonic-gate {0, &resultCode, -1}, 5700Sstevel@tonic-gate {"Matched DN", 0, -1}, 5710Sstevel@tonic-gate {"Error Message", 0, -1}, 5720Sstevel@tonic-gate {0, &referral, 3}, 5730Sstevel@tonic-gate {"SASL Credentials", 0, 7}}}; 5740Sstevel@tonic-gate 5750Sstevel@tonic-gate static asndefT unbindRequest = {"Operation", SEQUENCE, 2, 0, {0}}; 5760Sstevel@tonic-gate 5770Sstevel@tonic-gate static asndefT searchResDone = {"Operation", SEQUENCE, 5, 4, { 5780Sstevel@tonic-gate {0, &resultCode, -1}, 5790Sstevel@tonic-gate {"Matched DN", 0, -1}, 5800Sstevel@tonic-gate {"Error Message", 0, -1}, 5810Sstevel@tonic-gate {0, &referral, 3}}}; 5820Sstevel@tonic-gate 5830Sstevel@tonic-gate static asndefT seqModOperation = {"Operation", ENUM, -1, 4, { 5840Sstevel@tonic-gate {"Add", 0, 0}, 5850Sstevel@tonic-gate {"Delete", 0, 1}, 5860Sstevel@tonic-gate {"Replace", 0, 2}}}; 5870Sstevel@tonic-gate 5880Sstevel@tonic-gate static asndefT seqModModification = {"Modification", SEQUENCE, -1, 1, { 5890Sstevel@tonic-gate {0, &attribute, -1}}}; 5900Sstevel@tonic-gate 5910Sstevel@tonic-gate static asndefT seqModification = {"", SEQUENCE, -1, 2, { 5920Sstevel@tonic-gate {0, &seqModOperation, -1}, 5930Sstevel@tonic-gate {0, &seqModModification, -1}}}; 5940Sstevel@tonic-gate 5950Sstevel@tonic-gate static asndefT modification = {"Modification", SEQUENCEOF, -1, 1, { 5960Sstevel@tonic-gate {0, &seqModification, -1}}}; 5970Sstevel@tonic-gate 5980Sstevel@tonic-gate static asndefT modifyRequest = {"Operation", SEQUENCE, 6, 2, { 5990Sstevel@tonic-gate {0, &objectName, -1}, 6000Sstevel@tonic-gate {0, &modification, -1}}}; 6010Sstevel@tonic-gate 6020Sstevel@tonic-gate static asndefT modifyResponse = {"Operation", SEQUENCE, 7, 4, { 6030Sstevel@tonic-gate {0, &resultCode, -1}, 6040Sstevel@tonic-gate {"Matched DN", 0, -1}, 6050Sstevel@tonic-gate {"Error Message", 0, -1}, 6060Sstevel@tonic-gate {0, &referral, 3}}}; 6070Sstevel@tonic-gate 6080Sstevel@tonic-gate static asndefT addAttributes = {"Attributes", SEQUENCEOF, -1, 1, { 6090Sstevel@tonic-gate {0, &attribute, -1}}}; 6100Sstevel@tonic-gate 6110Sstevel@tonic-gate static asndefT addRequest = {"Operation", SEQUENCE, 8, 2, { 6120Sstevel@tonic-gate {0, &ldapEntry, -1}, 6130Sstevel@tonic-gate {0, &addAttributes, -1}}}; 6140Sstevel@tonic-gate 6150Sstevel@tonic-gate static asndefT addResponse = {"Operation", SEQUENCE, 9, 4, { 6160Sstevel@tonic-gate {0, &resultCode, -1}, 6170Sstevel@tonic-gate {"Matched DN", 0, -1}, 6180Sstevel@tonic-gate {"Error Message", 0, -1}, 6190Sstevel@tonic-gate {0, &referral, 3}}}; 6200Sstevel@tonic-gate 6210Sstevel@tonic-gate static asndefT delRequest = {"Operation", SEQUENCE, 10, 1, { 6220Sstevel@tonic-gate {0, &ldapEntry, -1}}}; 6230Sstevel@tonic-gate 6240Sstevel@tonic-gate static asndefT delResponse = {"Operation", SEQUENCE, 11, 4, { 6250Sstevel@tonic-gate {0, &resultCode, -1}, 6260Sstevel@tonic-gate {"Matched DN", 0, -1}, 6270Sstevel@tonic-gate {"Error Message", 0, -1}, 6280Sstevel@tonic-gate {0, &referral, 3}}}; 6290Sstevel@tonic-gate 6300Sstevel@tonic-gate static asndefT modifyDNRequest = {"Operation", SEQUENCE, 12, 4, { 6310Sstevel@tonic-gate {0, &ldapEntry, -1}, 6320Sstevel@tonic-gate {0, &relativeLdapEntry, -1}, 6330Sstevel@tonic-gate {"Delete Old RDN", 0, -1}, 6340Sstevel@tonic-gate {0, &newSuperior, 0}}}; 6350Sstevel@tonic-gate 6360Sstevel@tonic-gate static asndefT modifyDNResponse = {"Operation", SEQUENCE, 13, 4, { 6370Sstevel@tonic-gate {0, &resultCode, -1}, 6380Sstevel@tonic-gate {"Matched DN", 0, -1}, 6390Sstevel@tonic-gate {"Error Message", 0, -1}, 6400Sstevel@tonic-gate {0, &referral, 3}}}; 6410Sstevel@tonic-gate 6420Sstevel@tonic-gate static asndefT ava = {"Ava", SEQUENCE, -1, 2, { 6430Sstevel@tonic-gate {"Attr Descr", 0, -1}, 6440Sstevel@tonic-gate {"Value", 0, -1}}}; 6450Sstevel@tonic-gate 6460Sstevel@tonic-gate static asndefT compareRequest = {"Operation", SEQUENCE, 14, 2, { 6470Sstevel@tonic-gate {0, &ldapEntry, -1}, 6480Sstevel@tonic-gate {0, &ava, 0}}}; 6490Sstevel@tonic-gate 6500Sstevel@tonic-gate static asndefT compareResponse = {"Operation", SEQUENCE, 15, 4, { 6510Sstevel@tonic-gate {0, &resultCode, -1}, 6520Sstevel@tonic-gate {"Matched DN", 0, -1}, 6530Sstevel@tonic-gate {"Error Message", 0, -1}, 6540Sstevel@tonic-gate {0, &referral, 3}}}; 6550Sstevel@tonic-gate 6560Sstevel@tonic-gate static asndefT abandonRequest = {"Operation", SEQUENCE, 16, 1, { 6570Sstevel@tonic-gate {"Message ID", 0, -1}}}; 6580Sstevel@tonic-gate 6590Sstevel@tonic-gate static asndefT searchResRef = {"Operation", SEQUENCEOF, 19, 1, { 6600Sstevel@tonic-gate {"LDAP URL", 0, -1}}}; 6610Sstevel@tonic-gate 6620Sstevel@tonic-gate static asndefT extendedRequest = {"Operation", SEQUENCE, 14, 2, { 6630Sstevel@tonic-gate {"Request Name", 0, 0}, 6640Sstevel@tonic-gate {"Request Value", 0, 1}}}; 6650Sstevel@tonic-gate 6660Sstevel@tonic-gate static asndefT extendedResponse = {"Operation", SEQUENCE, 24, 6, { 6670Sstevel@tonic-gate {0, &resultCode, -1}, 6680Sstevel@tonic-gate {"Matched DN", 0, -1}, 6690Sstevel@tonic-gate {"Error Message", 0, -1}, 6700Sstevel@tonic-gate {0, &referral, 3}, 6710Sstevel@tonic-gate {"Response Name", 0, 10}, 6720Sstevel@tonic-gate {"Response", 0, 11}}}; 6730Sstevel@tonic-gate 6740Sstevel@tonic-gate static asndefT protocolOp = {"Protocol Op", CHOICE, -1, 20, { 6750Sstevel@tonic-gate {0, &bindRequest, 0}, 6760Sstevel@tonic-gate {0, &bindResponse, 1}, 6770Sstevel@tonic-gate {0, &unbindRequest, 2}, 6780Sstevel@tonic-gate {0, &searchRequest, 3}, 6790Sstevel@tonic-gate {0, &searchResEntry, 4}, 6800Sstevel@tonic-gate {0, &searchResDone, 5}, 6810Sstevel@tonic-gate {0, &modifyRequest, 6}, 6820Sstevel@tonic-gate {0, &modifyResponse, 7}, 6830Sstevel@tonic-gate {0, &addRequest, 8}, 6840Sstevel@tonic-gate {0, &addResponse, 9}, 6850Sstevel@tonic-gate {0, &delRequest, 10}, 6860Sstevel@tonic-gate {0, &delResponse, 11}, 6870Sstevel@tonic-gate {0, &modifyDNRequest, 12}, 6880Sstevel@tonic-gate {0, &modifyDNResponse, 13}, 6890Sstevel@tonic-gate {0, &compareRequest, 14}, 6900Sstevel@tonic-gate {0, &compareResponse, 15}, 6910Sstevel@tonic-gate {0, &abandonRequest, 16}, 6920Sstevel@tonic-gate {0, &searchResRef, 19}, 6930Sstevel@tonic-gate {0, &extendedRequest, 23}, 6940Sstevel@tonic-gate {0, &extendedResponse, 24}}}; 6950Sstevel@tonic-gate 6960Sstevel@tonic-gate static asndefT control = {"Control", SEQUENCE, -1, 3, { 6970Sstevel@tonic-gate {"LDAP OID", 0, -1}, 6980Sstevel@tonic-gate {"Criticality", 0, -1}, 6990Sstevel@tonic-gate {"Control value", 0, -1}}}; 7000Sstevel@tonic-gate 7010Sstevel@tonic-gate static asndefT controls = {"Controls List", SEQUENCEOF, -1, 1, { 7020Sstevel@tonic-gate {0, &control, -1}}}; 7030Sstevel@tonic-gate 7040Sstevel@tonic-gate static asndefT LDAPMessage = { "LDAPMessage", SEQUENCE, -1, 3, { 7050Sstevel@tonic-gate {"Message ID", 0, -1}, 7060Sstevel@tonic-gate {0, &protocolOp, -1}, 7070Sstevel@tonic-gate {0, &controls, 0}}}; 7080Sstevel@tonic-gate 7090Sstevel@tonic-gate static asndefT MPDU = { "MPDU", SET, -1, 1, 7100Sstevel@tonic-gate {{0, &LDAPMessage, 0}}}; 7110Sstevel@tonic-gate 7120Sstevel@tonic-gate static int mytype[] = { 7130Sstevel@tonic-gate 0, /* EndOfContents */ 7140Sstevel@tonic-gate 0, /* Boolean */ 7150Sstevel@tonic-gate 0, /* Integer */ 7160Sstevel@tonic-gate BITSTRING, /* BitString */ 7170Sstevel@tonic-gate 0, /* OctetString */ 7180Sstevel@tonic-gate 0, /* Null */ 7190Sstevel@tonic-gate 0, /* Oid */ 7200Sstevel@tonic-gate 0, /* ObjDescriptor */ 7210Sstevel@tonic-gate 0, /* External */ 7220Sstevel@tonic-gate 0, /* Real */ 7230Sstevel@tonic-gate ENUM, /* Enumerated */ 7240Sstevel@tonic-gate 0, /* Reserved */ 7250Sstevel@tonic-gate 0, /* Reserved */ 7260Sstevel@tonic-gate 0, /* Reserved */ 7270Sstevel@tonic-gate 0, /* Reserved */ 7280Sstevel@tonic-gate 0, /* Reserved */ 7290Sstevel@tonic-gate SEQUENCE, /* Sequence */ 7300Sstevel@tonic-gate SET, /* Set */ 7310Sstevel@tonic-gate 0, /* NumericString */ 7320Sstevel@tonic-gate 0, /* PrintableString */ 7330Sstevel@tonic-gate 0, /* T.61String */ 7340Sstevel@tonic-gate 0, /* VideotexString */ 7350Sstevel@tonic-gate 0, /* IA5String */ 7360Sstevel@tonic-gate 0, /* UTCTime */ 7370Sstevel@tonic-gate 0, /* GeneralizedTime */ 7380Sstevel@tonic-gate 0, /* GraphicString */ 7390Sstevel@tonic-gate 0, /* VisibleString */ 7400Sstevel@tonic-gate 0, /* GeneralString */ 7410Sstevel@tonic-gate 0, /* Reserved */ 7420Sstevel@tonic-gate 0, /* Reserved */ 7430Sstevel@tonic-gate 0, /* Reserved */ 7440Sstevel@tonic-gate 0, /* Reserved */ 7450Sstevel@tonic-gate }; 7460Sstevel@tonic-gate 7470Sstevel@tonic-gate /* 748*410Skcpoon * Find object identifier in known oid table 749*410Skcpoon * A oid - oid hexa string 750*410Skcpoon * int olg - oid length 751*410Skcpoon */ 752*410Skcpoon static int 753*410Skcpoon oidmap(A oid, int olg) 7540Sstevel@tonic-gate { 7550Sstevel@tonic-gate register int ix, goon; 7560Sstevel@tonic-gate register A oidptr, tabptr, tabend; 7570Sstevel@tonic-gate 7580Sstevel@tonic-gate /* returns (oid table size) if not found */ 7590Sstevel@tonic-gate 7600Sstevel@tonic-gate for (ix = 0; ix < OIDNB; ix++) { 7610Sstevel@tonic-gate oidptr = oid; tabptr = (&(OidTab[ix].oidcode[0])); 7620Sstevel@tonic-gate if (olg == INT(*tabptr++)) { 763*410Skcpoon tabend = tabptr + olg; 764*410Skcpoon goon = 1; 765*410Skcpoon while (goon != 0 && tabptr < tabend) { 766*410Skcpoon if (*tabptr++ != *oidptr++) 767*410Skcpoon goon = 0; 7680Sstevel@tonic-gate } 769*410Skcpoon if (goon != 0) 7700Sstevel@tonic-gate return (ix); 7710Sstevel@tonic-gate } 7720Sstevel@tonic-gate } 7730Sstevel@tonic-gate return (OIDNB); 7740Sstevel@tonic-gate } 7750Sstevel@tonic-gate 7760Sstevel@tonic-gate /* 777*410Skcpoon * Read an hexacode and convert it into ASCII 778*410Skcpoon */ 7790Sstevel@tonic-gate static int getnext(int ctxnum) 7800Sstevel@tonic-gate { 7810Sstevel@tonic-gate static X c[3]; /* c[0-3] will contain ascii values on exit */ 7820Sstevel@tonic-gate hex = 0; 7830Sstevel@tonic-gate if (gi_osibuf[ctxnum] == osilen) 7840Sstevel@tonic-gate return (-1); 7850Sstevel@tonic-gate hex = osibuff[gi_osibuf[ctxnum]++]; 7860Sstevel@tonic-gate (void) sprintf((char *)c, "%02x", (hex&0x00FF)); 7870Sstevel@tonic-gate return (0); 7880Sstevel@tonic-gate } 7890Sstevel@tonic-gate 7900Sstevel@tonic-gate /* 791*410Skcpoon * Skip everything that is not an LDAPMessage 792*410Skcpoon */ 7930Sstevel@tonic-gate static char *skipjunk(len, pdu) 7940Sstevel@tonic-gate int len; 7950Sstevel@tonic-gate char *pdu; 7960Sstevel@tonic-gate { 7970Sstevel@tonic-gate int tag; 7980Sstevel@tonic-gate char *buf = pdu; 7990Sstevel@tonic-gate int offset = 0; 8000Sstevel@tonic-gate while (len > 0) { 8010Sstevel@tonic-gate /* size minumum for a sequence + integer = 5 */ 8020Sstevel@tonic-gate /* LDAPMessage::= SEQUENCE */ 8030Sstevel@tonic-gate if ((len > 5) && (buf[0] == 0x30)) { 8040Sstevel@tonic-gate tag = buf[1]&0x00ff; 8050Sstevel@tonic-gate if (tag < 0x80) { 8060Sstevel@tonic-gate /* length is one one octet */ 8070Sstevel@tonic-gate offset = 1; 8080Sstevel@tonic-gate } else { 8090Sstevel@tonic-gate /* length is multiple octet. */ 8100Sstevel@tonic-gate offset = 1+ tag&0x007f; 8110Sstevel@tonic-gate } 8120Sstevel@tonic-gate /* Make sure we don't read past the end */ 8130Sstevel@tonic-gate /* of the buffer */ 8140Sstevel@tonic-gate if (len - (1+offset) > 0) { 8150Sstevel@tonic-gate /* skip after the length */ 8160Sstevel@tonic-gate tag = buf[1+offset]&0x00ff; 8170Sstevel@tonic-gate if (tag == 0x02) { /* INTEGER */ 8180Sstevel@tonic-gate /* looks like a valid PDU */ 8190Sstevel@tonic-gate return (buf); 8200Sstevel@tonic-gate } 8210Sstevel@tonic-gate } 8220Sstevel@tonic-gate } 8230Sstevel@tonic-gate len --; 8240Sstevel@tonic-gate buf++; 8250Sstevel@tonic-gate } 8260Sstevel@tonic-gate return (buf); 8270Sstevel@tonic-gate } 828*410Skcpoon 829*410Skcpoon 830*410Skcpoon #define GETNEXT(a) (void)getnext(a); 831*410Skcpoon 8320Sstevel@tonic-gate /* 833*410Skcpoon * main routine: decode a TLV; to be called recursively 834*410Skcpoon * 835*410Skcpoon * pdulen: current pdu's length 836*410Skcpoon */ 837*410Skcpoon static int 838*410Skcpoon decpdu(int pdulen, asndefTp ASNDESC, int ctxnum) 8390Sstevel@tonic-gate { 8400Sstevel@tonic-gate X scrlin[99]; /* screen line */ 8410Sstevel@tonic-gate X oidstr[80]; /* oid hexa string */ 8420Sstevel@tonic-gate int slen; /* screen line length */ 8430Sstevel@tonic-gate int stlv; /* sub-tlv length */ 8440Sstevel@tonic-gate int oix; /* oid table index */ 8450Sstevel@tonic-gate int effnb; /* effectively traced octet nb */ 8460Sstevel@tonic-gate int i, j; 8470Sstevel@tonic-gate int ai = -2; 8480Sstevel@tonic-gate asndefTp SASNDESC = 0; 8490Sstevel@tonic-gate asndefTp TMPDESC = 0; 8500Sstevel@tonic-gate asndefTp GR_TMPDESC = 0; 8510Sstevel@tonic-gate int tmpai = 0; 8520Sstevel@tonic-gate int gr_tmpai = 0; 8530Sstevel@tonic-gate int dontprint = 0; 8540Sstevel@tonic-gate int already = 0; 8550Sstevel@tonic-gate static int rlen = 0; /* tlv's real length */ 8560Sstevel@tonic-gate 8570Sstevel@tonic-gate ++level[ctxnum]; /* level indicator */ 8580Sstevel@tonic-gate effnb = 0; 8590Sstevel@tonic-gate 8600Sstevel@tonic-gate /* 861*410Skcpoon * Decode the current TLV segment 862*410Skcpoon */ 8630Sstevel@tonic-gate while (pdulen > 1) { 8640Sstevel@tonic-gate 8650Sstevel@tonic-gate if (getnext(ctxnum)) { 8660Sstevel@tonic-gate break; 8670Sstevel@tonic-gate } 8680Sstevel@tonic-gate if (strlen(scrbuffer)) asnshw2("%s ", "LDAP:"); 8690Sstevel@tonic-gate /* screen printing according to level indicator */ 8700Sstevel@tonic-gate for (i = 1; i < level[ctxnum]; ++i) asnshw1(" "); 8710Sstevel@tonic-gate 8720Sstevel@tonic-gate /* get tag */ 8730Sstevel@tonic-gate otyp[ctxnum] = INT(hex); /* single octet type only */ 8740Sstevel@tonic-gate --pdulen; 8750Sstevel@tonic-gate ++effnb; 8760Sstevel@tonic-gate 8770Sstevel@tonic-gate /* get length */ 8780Sstevel@tonic-gate GETNEXT(ctxnum); 8790Sstevel@tonic-gate olen[ctxnum] = INT(hex); /* tlv length */ 8800Sstevel@tonic-gate --pdulen; 8810Sstevel@tonic-gate ++effnb; 8820Sstevel@tonic-gate 8830Sstevel@tonic-gate /* Continuing decoding of current TLV... */ 8840Sstevel@tonic-gate /* 885*410Skcpoon * Snoop's lower layers do not allow us 886*410Skcpoon * to know the true length for 887*410Skcpoon * datastream protocols like LDAP. 888*410Skcpoon */ 8890Sstevel@tonic-gate 890*410Skcpoon /* 891*410Skcpoon * if length is less than 128, we 892*410Skcpoon * already have the real TLV length. 893*410Skcpoon */ 8940Sstevel@tonic-gate if (olen[ctxnum] < 128) { /* short length form */ 8950Sstevel@tonic-gate rlen = olen[ctxnum]; 8960Sstevel@tonic-gate } else { /* long and any form length */ 8970Sstevel@tonic-gate /* else we do more getnext()'s */ 8980Sstevel@tonic-gate for (rlen = 0, olen[ctxnum] &= 0x0F; 8990Sstevel@tonic-gate (olen[ctxnum]) && (pdulen > 0); 9000Sstevel@tonic-gate --olen[ctxnum], --pdulen, ++effnb) { 9010Sstevel@tonic-gate GETNEXT(ctxnum); 9020Sstevel@tonic-gate rlen = (rlen << 8) | INT(hex); 9030Sstevel@tonic-gate } 9040Sstevel@tonic-gate if (!rlen) { 9050Sstevel@tonic-gate pdulen = 0x7fffffff; 9060Sstevel@tonic-gate } 9070Sstevel@tonic-gate } 9080Sstevel@tonic-gate 9090Sstevel@tonic-gate /* 910*410Skcpoon * print the tag class and number 911*410Skcpoon */ 9120Sstevel@tonic-gate i = otyp[ctxnum]&0x1F; 9130Sstevel@tonic-gate switch (otyp[ctxnum] >> 6) { /* class */ 9140Sstevel@tonic-gate case 0: /* universal */ 9150Sstevel@tonic-gate if (ASNDESC && i != 0) { 9160Sstevel@tonic-gate int dobreak = 0; 9170Sstevel@tonic-gate switch (ASNDESC->type) { 9180Sstevel@tonic-gate case CONTENT: 9190Sstevel@tonic-gate SASNDESC = ASNDESC; 9200Sstevel@tonic-gate break; 9210Sstevel@tonic-gate case SET: 9220Sstevel@tonic-gate for (ai = 0; 9230Sstevel@tonic-gate ai < ASNDESC->nbson && i < 32 && 9240Sstevel@tonic-gate ASNDESC->son[ai].sondef && 9250Sstevel@tonic-gate /* 926*410Skcpoon * For this test SEQUENCE & SEQUENCE OF 927*410Skcpoon * are same, so suppress the last bit 928*410Skcpoon */ 9290Sstevel@tonic-gate (ASNDESC->son[ai].sondef 9300Sstevel@tonic-gate ->type&0xFE) 9310Sstevel@tonic-gate != mytype[i]; ++ai); 9320Sstevel@tonic-gate if (ai < ASNDESC->nbson) { 9330Sstevel@tonic-gate SASNDESC = 934*410Skcpoon ASNDESC->son[ai].sondef; 935*410Skcpoon if (ASNDESC->son[ai].sonname != NULL) { 936*410Skcpoon 937*410Skcpoon if (ASNDESC->son[ai].sondef != NULL && 938*410Skcpoon ASNDESC->son[ai].sondef->name != 939*410Skcpoon NULL) { 940*410Skcpoon asnshw2("%s ", "LDAP:"); 941*410Skcpoon asnshw4(" %c[%s %s]", 942*410Skcpoon ((otyp[ctxnum]&0x20)?'*':' '), 943*410Skcpoon ASNDESC->son[ai].sonname, 944*410Skcpoon ASNDESC->son[ai].sondef->name); 945*410Skcpoon } else { 946*410Skcpoon asnshw2("%s ", ""); 947*410Skcpoon asnshw3(" %c[%s]", 948*410Skcpoon ((otyp[ctxnum]&0x20)?'*':' '), 949*410Skcpoon ASNDESC->son[ai].sonname); 950*410Skcpoon } /* end if */ 951*410Skcpoon 952*410Skcpoon dobreak = 1; 953*410Skcpoon 954*410Skcpoon } else if (ASNDESC->son[ai].sondef != 955*410Skcpoon NULL && 956*410Skcpoon ASNDESC->son[ai].sondef->name != 957*410Skcpoon NULL) { 958*410Skcpoon asnshw2("%s ", "LDAP:"); 959*410Skcpoon asnshw3(" %c[%s]", 960*410Skcpoon ((otyp[ctxnum]&0x20)?'*':' '), 961*410Skcpoon ASNDESC->son[ai].sondef->name); 962*410Skcpoon dobreak = 1; 963*410Skcpoon } /* end if */ 9640Sstevel@tonic-gate } /* end if */ 9650Sstevel@tonic-gate break; 9660Sstevel@tonic-gate case CHOICE: 9670Sstevel@tonic-gate if (GR_TMPDESC) { 9680Sstevel@tonic-gate ASNDESC = TMPDESC; 9690Sstevel@tonic-gate TMPDESC = GR_TMPDESC; 9700Sstevel@tonic-gate GR_TMPDESC = 0; 9710Sstevel@tonic-gate } else if (TMPDESC) { 9720Sstevel@tonic-gate ASNDESC = TMPDESC; 9730Sstevel@tonic-gate TMPDESC = 0; 9740Sstevel@tonic-gate } 9750Sstevel@tonic-gate if (gr_tmpai) { 9760Sstevel@tonic-gate ai = tmpai; 9770Sstevel@tonic-gate tmpai = gr_tmpai; 9780Sstevel@tonic-gate gr_tmpai = 0; 9790Sstevel@tonic-gate } else if (tmpai) { 9800Sstevel@tonic-gate ai = tmpai; 9810Sstevel@tonic-gate tmpai = 0; 9820Sstevel@tonic-gate } 9830Sstevel@tonic-gate break; 9840Sstevel@tonic-gate 9850Sstevel@tonic-gate case SEQUENCE: 9860Sstevel@tonic-gate if (ai == -2) { 9870Sstevel@tonic-gate ai = 0; 9880Sstevel@tonic-gate } else { 9890Sstevel@tonic-gate do { 9900Sstevel@tonic-gate ai++; 9910Sstevel@tonic-gate } while \ 9920Sstevel@tonic-gate (ai < ASNDESC->nbson && i < 32 && mytype[i] && \ 9930Sstevel@tonic-gate ASNDESC->son[ai].sondef && 9940Sstevel@tonic-gate /* 995*410Skcpoon * For this test SEQUENCE & SEQUENCE OF 996*410Skcpoon * are the same, so suppress last bit 997*410Skcpoon */ 9980Sstevel@tonic-gate (ASNDESC->son[ai].sondef->type&0xFE) != mytype[i]); 9990Sstevel@tonic-gate } /* end if */ 10000Sstevel@tonic-gate if (ai < ASNDESC->nbson) { 10010Sstevel@tonic-gate SASNDESC = \ 10020Sstevel@tonic-gate ASNDESC->son[ai].sondef; 10030Sstevel@tonic-gate if (ASNDESC->son[ai].sonname) { 10040Sstevel@tonic-gate if \ 10050Sstevel@tonic-gate (ASNDESC->son[ai].sondef && 10060Sstevel@tonic-gate ASNDESC->son[ai].sondef->name) { 10070Sstevel@tonic-gate asnshw4 \ 10080Sstevel@tonic-gate (" %c[%s %s]", ((otyp[ctxnum]&0x20)?'*':' '), 10090Sstevel@tonic-gate ASNDESC->son[ai].sonname, 10100Sstevel@tonic-gate ASNDESC->son[ai].sondef->name); 10110Sstevel@tonic-gate } else { 10120Sstevel@tonic-gate asnshw3 \ 10130Sstevel@tonic-gate (" %c[%s]", ((otyp[ctxnum]&0x20)?'*':' '), 10140Sstevel@tonic-gate ASNDESC->son[ai].sonname); 10150Sstevel@tonic-gate } /* end if */ 10160Sstevel@tonic-gate dobreak = 1; 10170Sstevel@tonic-gate } else if \ 10180Sstevel@tonic-gate (ASNDESC->son[ai].sondef && 10190Sstevel@tonic-gate ASNDESC->son[ai].sondef->name) { 10200Sstevel@tonic-gate asnshw3 \ 10210Sstevel@tonic-gate (" %c[%s]", ((otyp[ctxnum]&0x20)?'*':' '), 10220Sstevel@tonic-gate ASNDESC->son[ai].sondef->name); 10230Sstevel@tonic-gate dobreak = 1; 10240Sstevel@tonic-gate } /* end if */ 10250Sstevel@tonic-gate } /* end if */ 10260Sstevel@tonic-gate break; 10270Sstevel@tonic-gate case SEQUENCEOF: 10280Sstevel@tonic-gate ai = 0; 10290Sstevel@tonic-gate SASNDESC = ASNDESC->son[ai].sondef; 10300Sstevel@tonic-gate if (ASNDESC->son[ai].sonname) { 10310Sstevel@tonic-gate if (ASNDESC->son[ai].sondef && \ 10320Sstevel@tonic-gate ASNDESC->son[ai].sondef->name) { 10330Sstevel@tonic-gate asnshw4 \ 10340Sstevel@tonic-gate (" %c[%s %s]", ((otyp[ctxnum]&0x20)?'*':' '), 10350Sstevel@tonic-gate ASNDESC->son[ai].sonname, 10360Sstevel@tonic-gate ASNDESC->son[ai].sondef->name); 10370Sstevel@tonic-gate } else { 10380Sstevel@tonic-gate asnshw3 \ 10390Sstevel@tonic-gate (" %c[%s]", ((otyp[ctxnum]&0x20)?'*':' '), 10400Sstevel@tonic-gate ASNDESC->son[ai].sonname); 10410Sstevel@tonic-gate } /* end if */ 10420Sstevel@tonic-gate dobreak = 1; 10430Sstevel@tonic-gate } else if \ 10440Sstevel@tonic-gate (ASNDESC->son[ai].sondef && 10450Sstevel@tonic-gate ASNDESC->son[ai].sondef->name) { 10460Sstevel@tonic-gate asnshw3 \ 10470Sstevel@tonic-gate (" %c[%s]", ((otyp[ctxnum]&0x20)?'*':' '), 10480Sstevel@tonic-gate ASNDESC->son[ai].sondef->name); 10490Sstevel@tonic-gate dobreak = 1; 10500Sstevel@tonic-gate } /* end if */ 10510Sstevel@tonic-gate } /* end switch */ 10520Sstevel@tonic-gate if (dobreak) { 10530Sstevel@tonic-gate break; 10540Sstevel@tonic-gate } /* end if */ 10550Sstevel@tonic-gate } /* end if */ 10560Sstevel@tonic-gate if (uclass[i]) { 10570Sstevel@tonic-gate asnshw3 \ 10580Sstevel@tonic-gate (" %c[%s]", ((otyp[ctxnum]&0x20)?'*':' '), uclass[i]); 10590Sstevel@tonic-gate } else { 10600Sstevel@tonic-gate asnshw4 \ 10610Sstevel@tonic-gate (" %c[%s%d]", ((otyp[ctxnum]&0x20)?'*':' '), 10620Sstevel@tonic-gate class[0], i); 10630Sstevel@tonic-gate } 10640Sstevel@tonic-gate break; 10650Sstevel@tonic-gate case 1: /* application */ 10660Sstevel@tonic-gate 10670Sstevel@tonic-gate if (ASNDESC) { 10680Sstevel@tonic-gate 10690Sstevel@tonic-gate for (ai = 0; ai < ASNDESC->nbson; ++ai) { 10700Sstevel@tonic-gate int i2 = 0; 10710Sstevel@tonic-gate 10720Sstevel@tonic-gate if \ 10730Sstevel@tonic-gate (ASNDESC->son[ai].sondef && 10740Sstevel@tonic-gate ASNDESC->son[ai].sondef->type == CHOICE) { 10750Sstevel@tonic-gate while \ 10760Sstevel@tonic-gate (i2 < ASNDESC->son[ai].sondef->nbson && 10770Sstevel@tonic-gate ASNDESC->son[ai].sondef->son[i2].sondef && \ 10780Sstevel@tonic-gate ASNDESC->son[ai].sondef->son[i2].sondef->application != i) { 10790Sstevel@tonic-gate i2++; 10800Sstevel@tonic-gate continue; 10810Sstevel@tonic-gate } 10820Sstevel@tonic-gate if \ 10830Sstevel@tonic-gate (i2 == ASNDESC->son[ai].sondef->nbson) { 10840Sstevel@tonic-gate ai = ASNDESC->nbson; 10850Sstevel@tonic-gate break; 10860Sstevel@tonic-gate } 10870Sstevel@tonic-gate if (TMPDESC) { 10880Sstevel@tonic-gate GR_TMPDESC = TMPDESC; 10890Sstevel@tonic-gate gr_tmpai = tmpai; 10900Sstevel@tonic-gate } 10910Sstevel@tonic-gate TMPDESC = ASNDESC; 10920Sstevel@tonic-gate ASNDESC = ASNDESC->son[ai].sondef; 10930Sstevel@tonic-gate tmpai = ai; 10940Sstevel@tonic-gate ai = i2; 10950Sstevel@tonic-gate } 10960Sstevel@tonic-gate 10970Sstevel@tonic-gate if (ASNDESC->son[ai].sondef && \ 10980Sstevel@tonic-gate ASNDESC->son[ai].sondef->application == i) { 10990Sstevel@tonic-gate SASNDESC = \ 11000Sstevel@tonic-gate ASNDESC->son[ai].sondef; 11010Sstevel@tonic-gate if (ASNDESC->son[ai].sonname) { 11020Sstevel@tonic-gate if \ 11030Sstevel@tonic-gate (ASNDESC->son[ai].sondef->name) { 11040Sstevel@tonic-gate asnshw3 \ 11050Sstevel@tonic-gate (" %s %s", ASNDESC->son[ai].sonname, 11060Sstevel@tonic-gate ASNDESC->son[ai].sondef->name); 11070Sstevel@tonic-gate } else { 11080Sstevel@tonic-gate asnshw2 \ 11090Sstevel@tonic-gate (" %s", ASNDESC->son[ai].sonname); 11100Sstevel@tonic-gate } /* end if */ 11110Sstevel@tonic-gate } else if \ 11120Sstevel@tonic-gate (ASNDESC->son[ai].sondef->name) { 11130Sstevel@tonic-gate asnshw2 \ 11140Sstevel@tonic-gate (" %s", ASNDESC->son[ai].sondef->name); 11150Sstevel@tonic-gate } /* end if */ 11160Sstevel@tonic-gate break; 11170Sstevel@tonic-gate } /* end if */ 11180Sstevel@tonic-gate } /* end for */ 11190Sstevel@tonic-gate if (ai >= ASNDESC->nbson) { 11200Sstevel@tonic-gate ai = -1; /* not found */ 11210Sstevel@tonic-gate } /* end if */ 11220Sstevel@tonic-gate } /* end if */ 11230Sstevel@tonic-gate if (PTRaclass[i]) { 11240Sstevel@tonic-gate asnshw5 \ 11250Sstevel@tonic-gate (" %c[%s%d: %s]", ((otyp[ctxnum]&0x20)?'*':' '), 11260Sstevel@tonic-gate class[1], i, PTRaclass[i]); 11270Sstevel@tonic-gate (void) strcpy(operation, (char *)PTRaclass[i]); 11280Sstevel@tonic-gate } else { 11290Sstevel@tonic-gate asnshw4 \ 11300Sstevel@tonic-gate (" %c[%s%d]", ((otyp[ctxnum]&0x20)?'*':' '), \ 11310Sstevel@tonic-gate class[1], i); 11320Sstevel@tonic-gate } 11330Sstevel@tonic-gate break; 11340Sstevel@tonic-gate 11350Sstevel@tonic-gate case 2: /* context-specific */ 11360Sstevel@tonic-gate 11370Sstevel@tonic-gate if (TMPDESC) { 11380Sstevel@tonic-gate ASNDESC = TMPDESC; 11390Sstevel@tonic-gate TMPDESC = GR_TMPDESC; 11400Sstevel@tonic-gate already = 1; 11410Sstevel@tonic-gate } 11420Sstevel@tonic-gate if (ASNDESC) { 11430Sstevel@tonic-gate 11440Sstevel@tonic-gate for (ai = 0; ai < ASNDESC->nbson; ++ai) { 11450Sstevel@tonic-gate if \ 11460Sstevel@tonic-gate (!already && ASNDESC->son[ai].sondef && 11470Sstevel@tonic-gate ASNDESC->son[ai].sondef->type == CHOICE) { 11480Sstevel@tonic-gate int i2 = 0; 11490Sstevel@tonic-gate while \ 11500Sstevel@tonic-gate (i2 < ASNDESC->son[ai].sondef->nbson && 11510Sstevel@tonic-gate ASNDESC->son[ai].sondef->son[i2].tag != i) { 11520Sstevel@tonic-gate i2++; 11530Sstevel@tonic-gate continue; 11540Sstevel@tonic-gate } 11550Sstevel@tonic-gate if (i2 == \ 11560Sstevel@tonic-gate ASNDESC->son[ai].sondef->nbson) { 11570Sstevel@tonic-gate ai = ASNDESC->nbson; 11580Sstevel@tonic-gate break; 11590Sstevel@tonic-gate } 11600Sstevel@tonic-gate if (TMPDESC) { 11610Sstevel@tonic-gate GR_TMPDESC = TMPDESC; 11620Sstevel@tonic-gate gr_tmpai = tmpai; 11630Sstevel@tonic-gate } 11640Sstevel@tonic-gate TMPDESC = ASNDESC; 11650Sstevel@tonic-gate ASNDESC = \ 11660Sstevel@tonic-gate ASNDESC->son[ai].sondef; 11670Sstevel@tonic-gate tmpai = ai; 11680Sstevel@tonic-gate ai = i2; 11690Sstevel@tonic-gate } 11700Sstevel@tonic-gate 11710Sstevel@tonic-gate if \ 11720Sstevel@tonic-gate (ASNDESC->son[ai].tag == i) { 11730Sstevel@tonic-gate SASNDESC = \ 11740Sstevel@tonic-gate ASNDESC->son[ai].sondef; 11750Sstevel@tonic-gate if (ASNDESC->son[ai].sonname) { 11760Sstevel@tonic-gate if \ 11770Sstevel@tonic-gate (ASNDESC->son[ai].sondef && 11780Sstevel@tonic-gate ASNDESC->son[ai].sondef->name) { 11790Sstevel@tonic-gate asnshw3 \ 11800Sstevel@tonic-gate (" %s %s", ASNDESC->son[ai].sonname, 11810Sstevel@tonic-gate ASNDESC->son[ai].sondef->name); 11820Sstevel@tonic-gate } else { 11830Sstevel@tonic-gate asnshw2 \ 11840Sstevel@tonic-gate (" %s", ASNDESC->son[ai].sonname); 11850Sstevel@tonic-gate } /* end if */ 11860Sstevel@tonic-gate } else if \ 11870Sstevel@tonic-gate (ASNDESC->son[ai].sondef && 11880Sstevel@tonic-gate ASNDESC->son[ai].sondef->name) { 11890Sstevel@tonic-gate asnshw2 \ 11900Sstevel@tonic-gate (" %s", ASNDESC->son[ai].sondef->name); 11910Sstevel@tonic-gate } /* end if */ 11920Sstevel@tonic-gate break; 11930Sstevel@tonic-gate } /* end if */ 11940Sstevel@tonic-gate } /* end for */ 11950Sstevel@tonic-gate if (ai >= ASNDESC->nbson) { 11960Sstevel@tonic-gate ai = -1; /* not found */ 11970Sstevel@tonic-gate } /* end if */ 11980Sstevel@tonic-gate } /* end if */ 11990Sstevel@tonic-gate asnshw3 \ 12000Sstevel@tonic-gate (" %c[%d]", ((otyp[ctxnum]&0x20)?'*':' '), i); 12010Sstevel@tonic-gate break; 12020Sstevel@tonic-gate 12030Sstevel@tonic-gate case 3: /* private */ 12040Sstevel@tonic-gate asnshw4 \ 12050Sstevel@tonic-gate (" %c[%s%d]", ((otyp[ctxnum]&0x20)?'*':' '), \ 12060Sstevel@tonic-gate class[3], i); 12070Sstevel@tonic-gate } /* esac: tag */ 12080Sstevel@tonic-gate 12090Sstevel@tonic-gate /* 1210*410Skcpoon * print the length - as a debug tool only. 1211*410Skcpoon */ 12120Sstevel@tonic-gate /* asnshw2(" Length=%d ",rlen); */ 12130Sstevel@tonic-gate asnshw1("\n"); 12140Sstevel@tonic-gate if (rlen > pdulen) { 12150Sstevel@tonic-gate asnshw1("*** Decode length error,"); 12160Sstevel@tonic-gate asnshw2(" PDU length = %d ***\n", pdulen); 12170Sstevel@tonic-gate rlen = pdulen; 12180Sstevel@tonic-gate } 12190Sstevel@tonic-gate 12200Sstevel@tonic-gate /* 1221*410Skcpoon * recursive interpretation of the value if constructor 1222*410Skcpoon */ 12230Sstevel@tonic-gate if (otyp[ctxnum]&0x20) { /* constructor */ 12240Sstevel@tonic-gate 12250Sstevel@tonic-gate stlv = decpdu((rlen?rlen:pdulen), \ 12260Sstevel@tonic-gate ASNDESC && ai != -1 ?(ai == -2 ? ASNDESC: 12270Sstevel@tonic-gate ASNDESC->son[ai].sondef):0, ctxnum); 12280Sstevel@tonic-gate /* recursive decoding */ 12290Sstevel@tonic-gate pdulen -= stlv; 12300Sstevel@tonic-gate effnb += stlv; 12310Sstevel@tonic-gate } else if (otyp[ctxnum] == 0x06) { 12320Sstevel@tonic-gate /* 1233*410Skcpoon * interpretation of the object identifier 1234*410Skcpoon */ 12350Sstevel@tonic-gate for (j = 0; (rlen) && (pdulen > 0); \ 12360Sstevel@tonic-gate --rlen, --pdulen, ++effnb) { 12370Sstevel@tonic-gate GETNEXT(ctxnum); 12380Sstevel@tonic-gate oidstr[j++] = hex; 12390Sstevel@tonic-gate } 12400Sstevel@tonic-gate 12410Sstevel@tonic-gate /* interpret the object identifier */ 12420Sstevel@tonic-gate oidstr[j++] = '\0'; 12430Sstevel@tonic-gate oix = oidmap(oidstr, j-1); 12440Sstevel@tonic-gate asnshw1("\n"); 12450Sstevel@tonic-gate if (oix >= 0 && oix < OIDNB) { /* recognized obj id */ 12460Sstevel@tonic-gate asnshw2("%s\n", OidTab[oix].oidname); 12470Sstevel@tonic-gate } else { 12480Sstevel@tonic-gate asnshw1("Unknown Oid\n"); 12490Sstevel@tonic-gate } 12500Sstevel@tonic-gate } else { 12510Sstevel@tonic-gate /* 1252*410Skcpoon * interpretation of other primitive tags 1253*410Skcpoon */ 12540Sstevel@tonic-gate if (!otyp[ctxnum] && !rlen) { 12550Sstevel@tonic-gate /* end of contents: any form length */ 12560Sstevel@tonic-gate pdulen = 0; 12570Sstevel@tonic-gate } else { 12580Sstevel@tonic-gate X hexstr[5]; 12590Sstevel@tonic-gate int k = 0; 12600Sstevel@tonic-gate int klen = rlen; 12610Sstevel@tonic-gate if (SASNDESC && SASNDESC->type == CONTENT && \ 12620Sstevel@tonic-gate SASNDESC->nbson && SASNDESC->son[0].sondef) { 12630Sstevel@tonic-gate (void) 12640Sstevel@tonic-gate decpdu(rlen, SASNDESC->son[0].sondef, ctxnum); 12650Sstevel@tonic-gate } else { 12660Sstevel@tonic-gate if (rlen < 200) { 12670Sstevel@tonic-gate for (j = 0, slen = 0; \ 12680Sstevel@tonic-gate (rlen) && (pdulen > 0); 1269*410Skcpoon --rlen, --pdulen, ++effnb) { 12700Sstevel@tonic-gate if (!slen) { 12710Sstevel@tonic-gate (void) \ 12720Sstevel@tonic-gate strcpy((char *)scrlin, "LDAP: "); j += 7; 12730Sstevel@tonic-gate for \ 12740Sstevel@tonic-gate (i = 0; i < level[ctxnum]; ++i) { 12750Sstevel@tonic-gate scrlin[j++] = ' '; 12760Sstevel@tonic-gate scrlin[j++] = ' '; 12770Sstevel@tonic-gate scrlin[j++] = ' '; 12780Sstevel@tonic-gate scrlin[j++] = ' '; 12790Sstevel@tonic-gate } 12800Sstevel@tonic-gate } 12810Sstevel@tonic-gate 12820Sstevel@tonic-gate GETNEXT(ctxnum); 12830Sstevel@tonic-gate if (k < 5) { 12840Sstevel@tonic-gate hexstr[k++] = hex; 12850Sstevel@tonic-gate } /* end if */ 12860Sstevel@tonic-gate if (!isprint(hex)) { 12870Sstevel@tonic-gate hex = '_'; 12880Sstevel@tonic-gate dontprint = 1; 12890Sstevel@tonic-gate } 12900Sstevel@tonic-gate scrlin[j++] = hex; 12910Sstevel@tonic-gate if ((slen += 2) >= \ 12920Sstevel@tonic-gate (72 - (level[ctxnum] * 3))) { 12930Sstevel@tonic-gate slen = 0; 12940Sstevel@tonic-gate scrlin[j] = 0; 12950Sstevel@tonic-gate if (!dontprint) { 12960Sstevel@tonic-gate asnshw2 \ 12970Sstevel@tonic-gate ("%s\n", scrlin); 12980Sstevel@tonic-gate } 12990Sstevel@tonic-gate j = 0; 13000Sstevel@tonic-gate } 13010Sstevel@tonic-gate } /* rof: primitive values */ 13020Sstevel@tonic-gate if (slen) { 13030Sstevel@tonic-gate scrlin[j] = 0; 13040Sstevel@tonic-gate if (!dontprint) { 13050Sstevel@tonic-gate asnshw2("%s\n", scrlin); 13060Sstevel@tonic-gate } 13070Sstevel@tonic-gate } 13080Sstevel@tonic-gate dontprint = 0; 13090Sstevel@tonic-gate } else { 13100Sstevel@tonic-gate asnshw2("%s ", "LDAP:"); 13110Sstevel@tonic-gate for (i = 0; i < level[ctxnum]; ++i) { 13120Sstevel@tonic-gate asnshw1(" "); 13130Sstevel@tonic-gate scrlin[j++] = ' '; 13140Sstevel@tonic-gate scrlin[j++] = ' '; 13150Sstevel@tonic-gate scrlin[j++] = ' '; 13160Sstevel@tonic-gate } 13170Sstevel@tonic-gate 13180Sstevel@tonic-gate for (j = 0; (rlen) && (pdulen > 0); \ 13190Sstevel@tonic-gate --rlen, --pdulen, ++effnb) { 13200Sstevel@tonic-gate GETNEXT(ctxnum); 13210Sstevel@tonic-gate if (k < 5) { 13220Sstevel@tonic-gate hexstr[k++] = hex; 13230Sstevel@tonic-gate } 13240Sstevel@tonic-gate } 13250Sstevel@tonic-gate (void) strcpy \ 13260Sstevel@tonic-gate ((char *)scrlin, \ 13270Sstevel@tonic-gate "*** NOT PRINTED - Too long value ***"); 13280Sstevel@tonic-gate asnshw2("%s\n", scrlin); 13290Sstevel@tonic-gate } 13300Sstevel@tonic-gate 13310Sstevel@tonic-gate if \ 13320Sstevel@tonic-gate (SASNDESC && SASNDESC->type == BITSTRING &&\ 13330Sstevel@tonic-gate klen <= 5) { 13340Sstevel@tonic-gate unsigned long bitstr = 0; 13350Sstevel@tonic-gate for (i = 1; i < 5; ++i) { 13360Sstevel@tonic-gate bitstr = \ 13370Sstevel@tonic-gate ((bitstr) << 8) + ((i < klen)?hexstr[i]:0); 13380Sstevel@tonic-gate } /* end for */ 13390Sstevel@tonic-gate for \ 13400Sstevel@tonic-gate (i = 0; i < SASNDESC->nbson; ++i) { 13410Sstevel@tonic-gate if ((bitstr & \ 13420Sstevel@tonic-gate ((unsigned long)SASNDESC->son[i].sondef)) == 13430Sstevel@tonic-gate ((unsigned long)SASNDESC->son[i].tag)) { 13440Sstevel@tonic-gate if \ 13450Sstevel@tonic-gate (SASNDESC->son[i].sonname) { 13460Sstevel@tonic-gate int k; 13470Sstevel@tonic-gate asnshw2 \ 13480Sstevel@tonic-gate ("%s ", "LDAP:"); 13490Sstevel@tonic-gate for \ 13500Sstevel@tonic-gate (k = 0; k < level[ctxnum]; ++k) { 13510Sstevel@tonic-gate asnshw1(" "); 13520Sstevel@tonic-gate } 13530Sstevel@tonic-gate asnshw2 \ 13540Sstevel@tonic-gate ("%s", SASNDESC->son[i].sonname); 13550Sstevel@tonic-gate } /* end if */ 13560Sstevel@tonic-gate } /* end if */ 13570Sstevel@tonic-gate } /* end for */ 13580Sstevel@tonic-gate } /* end if */ 13590Sstevel@tonic-gate if (SASNDESC && \ 13600Sstevel@tonic-gate (SASNDESC->type == ENUM || 13610Sstevel@tonic-gate SASNDESC->type == CONTENTTYPE) && klen <= 5) { 13620Sstevel@tonic-gate unsigned long value = 0; 13630Sstevel@tonic-gate for (i = 0; i < klen; ++i) { 13640Sstevel@tonic-gate value = \ 13650Sstevel@tonic-gate ((value) << 8) + hexstr[i]; 13660Sstevel@tonic-gate } /* end for */ 13670Sstevel@tonic-gate for \ 13680Sstevel@tonic-gate (i = 0; i < SASNDESC->nbson; ++i) { 13690Sstevel@tonic-gate if \ 13700Sstevel@tonic-gate (value == ((unsigned long)SASNDESC->son[i].tag)) { 13710Sstevel@tonic-gate if \ 13720Sstevel@tonic-gate (SASNDESC->son[i].sonname) { 13730Sstevel@tonic-gate int k; 13740Sstevel@tonic-gate asnshw2 \ 13750Sstevel@tonic-gate ("%s ", "LDAP:"); 13760Sstevel@tonic-gate for \ 13770Sstevel@tonic-gate (k = 0; k < level[ctxnum]; ++k) { 13780Sstevel@tonic-gate asnshw1(" "); 13790Sstevel@tonic-gate } 13800Sstevel@tonic-gate asnshw2 \ 13810Sstevel@tonic-gate ("%s\n", SASNDESC->son[i].sonname); 13820Sstevel@tonic-gate (void) \ 13830Sstevel@tonic-gate strcpy(resultcode, SASNDESC->son[i].sonname); 13840Sstevel@tonic-gate } /* end if */ 13850Sstevel@tonic-gate break; 13860Sstevel@tonic-gate } /* end if */ 13870Sstevel@tonic-gate } /* end for */ 13880Sstevel@tonic-gate } /* end if */ 13890Sstevel@tonic-gate 13900Sstevel@tonic-gate } /* end if */ 13910Sstevel@tonic-gate } /* fi: constructor/obj-id/primitive */ 13920Sstevel@tonic-gate } /* fi: tag analysis */ 13930Sstevel@tonic-gate } /* elihw: len>1 */ 13940Sstevel@tonic-gate --level[ctxnum]; 13950Sstevel@tonic-gate return (effnb); 13960Sstevel@tonic-gate } 13970Sstevel@tonic-gate 13980Sstevel@tonic-gate 13990Sstevel@tonic-gate /* init_ldap initializes various buffers and variables */ 14000Sstevel@tonic-gate /* it is called one-time (in snoop_filter.c) only. */ 14010Sstevel@tonic-gate 14020Sstevel@tonic-gate void 14030Sstevel@tonic-gate init_ldap() 14040Sstevel@tonic-gate { 14050Sstevel@tonic-gate int i; 14060Sstevel@tonic-gate 14070Sstevel@tonic-gate for (i = 0; i < MAX_CTX; i++) { 14080Sstevel@tonic-gate gi_osibuf[i] = 0; 14090Sstevel@tonic-gate level[i] = 0; 14100Sstevel@tonic-gate } 14110Sstevel@tonic-gate } 14120Sstevel@tonic-gate static void 14130Sstevel@tonic-gate ldapdump(char *data, int datalen) 14140Sstevel@tonic-gate { 14150Sstevel@tonic-gate char *p; 14160Sstevel@tonic-gate ushort_t *p16 = (ushort_t *)data; 14170Sstevel@tonic-gate char *p8 = data; 14180Sstevel@tonic-gate int i, left, len; 14190Sstevel@tonic-gate int chunk = 16; /* 16 bytes per line */ 14200Sstevel@tonic-gate 14210Sstevel@tonic-gate asnshw1("LDAP: Skipping until next full LDAPMessage\n"); 14220Sstevel@tonic-gate 14230Sstevel@tonic-gate for (p = data; p < data + datalen; p += chunk) { 14240Sstevel@tonic-gate asnshw2("LDAP:\t%4d: ", p - data); 14250Sstevel@tonic-gate left = (data + datalen) - p; 14260Sstevel@tonic-gate len = MIN(chunk, left); 14270Sstevel@tonic-gate for (i = 0; i < (len / 2); i++) 14280Sstevel@tonic-gate asnshw2("%04x ", ntohs(*p16++) & 0xffff); 14290Sstevel@tonic-gate if (len % 2) { 14300Sstevel@tonic-gate asnshw2("%02x ", *((unsigned char *)p16)); 14310Sstevel@tonic-gate } 14320Sstevel@tonic-gate for (i = 0; i < (chunk - left) / 2; i++) 14330Sstevel@tonic-gate asnshw1(" "); 14340Sstevel@tonic-gate 14350Sstevel@tonic-gate asnshw1(" "); 14360Sstevel@tonic-gate for (i = 0; i < len; i++, p8++) 14370Sstevel@tonic-gate asnshw2("%c", isprint(*p8) ? *p8 : '.'); 14380Sstevel@tonic-gate asnshw1("\n"); 14390Sstevel@tonic-gate } 14400Sstevel@tonic-gate 14410Sstevel@tonic-gate asnshw1("LDAP:\n"); 14420Sstevel@tonic-gate } 14430Sstevel@tonic-gate 14440Sstevel@tonic-gate /* decode_ldap is the entry point for the main decoding function */ 14450Sstevel@tonic-gate /* decpdu(). decode_ldap() is only called by interpret_ldap. */ 14460Sstevel@tonic-gate 14470Sstevel@tonic-gate void 14480Sstevel@tonic-gate decode_ldap(char *buf, int len) 14490Sstevel@tonic-gate { 14500Sstevel@tonic-gate asndefTp ASNDESC = 0; 14510Sstevel@tonic-gate char *newbuf; 14520Sstevel@tonic-gate int skipped = 0; 14530Sstevel@tonic-gate 14540Sstevel@tonic-gate PTRaclass = MHSaclass; 14550Sstevel@tonic-gate ASNDESC = &MPDU; 14560Sstevel@tonic-gate 14570Sstevel@tonic-gate 14580Sstevel@tonic-gate newbuf = skipjunk(len, buf); 14590Sstevel@tonic-gate if (newbuf > buf) { 14600Sstevel@tonic-gate skipped = newbuf-buf; 14610Sstevel@tonic-gate ldapdump(buf, newbuf-buf); 14620Sstevel@tonic-gate } 14630Sstevel@tonic-gate buf = newbuf; 14640Sstevel@tonic-gate len = len-skipped; 14650Sstevel@tonic-gate osibuff = buf; /* Undecoded buf is passed by interpret_ldap */ 14660Sstevel@tonic-gate osilen = len; /* length of tcp data is also passed */ 14670Sstevel@tonic-gate 14680Sstevel@tonic-gate (void) decpdu(len, ASNDESC, 0); 14690Sstevel@tonic-gate gi_osibuf[0] = 0; 14700Sstevel@tonic-gate } 1471