/* sp points to IAC byte */
static int
telnet_parse(netdissect_options *ndo, const u_char *sp, u_int length, int print)
{
int i, x;
u_int c;
const u_char *osp, *p;
#define FETCH(c, sp, length) \
do { \
if (length < 1) \
goto pktend; \
ND_TCHECK(*sp); \
c = *sp++; \
length--; \
} while (0)
osp = sp;
FETCH(c, sp, length);
if (c != IAC)
goto pktend;
FETCH(c, sp, length);
if (c == IAC) { /* <IAC><IAC>! */
if (print)
ND_PRINT((ndo, "IAC IAC"));
goto done;
}
i = c - TELCMD_FIRST;
if (i < 0 || i > IAC - TELCMD_FIRST)
goto pktend;
switch (c) {
case DONT:
case DO:
case WONT:
case WILL:
case SB:
/* DONT/DO/WONT/WILL x */
FETCH(x, sp, length);
if (x >= 0 && x < NTELOPTS) {
if (print)
ND_PRINT((ndo, "%s %s", telcmds[i], telopts[x]));
} else {
if (print)
ND_PRINT((ndo, "%s %#x", telcmds[i], x));
}
if (c != SB)
break;
/* IAC SB .... IAC SE */
p = sp;
while (length > (u_int)(p + 1 - sp)) {
ND_TCHECK2(*p, 2);
if (p[0] == IAC && p[1] == SE)
break;
p++;
}
if (*p != IAC)
goto pktend;
switch (x) {
case TELOPT_AUTHENTICATION:
if (p <= sp)
break;
FETCH(c, sp, length);
if (print)
ND_PRINT((ndo, " %s", STR_OR_ID(c, authcmd)));
if (p <= sp)
break;
FETCH(c, sp, length);
if (print)
ND_PRINT((ndo, " %s", STR_OR_ID(c, authtype)));
break;
case TELOPT_ENCRYPT:
if (p <= sp)
break;
FETCH(c, sp, length);
if (print)
ND_PRINT((ndo, " %s", STR_OR_ID(c, enccmd)));
if (p <= sp)
break;
FETCH(c, sp, length);
if (print)
ND_PRINT((ndo, " %s", STR_OR_ID(c, enctype)));
break;
default:
if (p <= sp)
break;
FETCH(c, sp, length);
if (print)
ND_PRINT((ndo, " %s", STR_OR_ID(c, cmds)));
break;
}
while (p > sp) {
FETCH(x, sp, length);
if (print)
ND_PRINT((ndo, " %#x", x));
}
/* terminating IAC SE */
if (print)
ND_PRINT((ndo, " SE"));
sp += 2;
break;
default:
if (print)
ND_PRINT((ndo, "%s", telcmds[i]));
goto done;
}
done:
return sp - osp;
trunc:
ND_PRINT((ndo, "%s", tstr));
pktend:
return -1;
#undef FETCH
}
static const u_char *
isakmp_t_print(const struct isakmp_gen *ext, u_int item_len,
const u_char *ep, u_int32_t phase _U_, u_int32_t doi _U_,
u_int32_t proto, int depth _U_)
{
const struct isakmp_pl_t *p;
struct isakmp_pl_t t;
const u_char *cp;
const char *idstr;
const struct attrmap *map;
size_t nmap;
const u_char *ep2;
printf("%s:", NPSTR(ISAKMP_NPTYPE_T));
p = (struct isakmp_pl_t *)ext;
TCHECK(*p);
safememcpy(&t, ext, sizeof(t));
switch (proto) {
case 1:
idstr = STR_OR_ID(t.t_id, isakmp_p_map);
map = oakley_t_map;
nmap = sizeof(oakley_t_map)/sizeof(oakley_t_map[0]);
break;
case 2:
idstr = STR_OR_ID(t.t_id, ah_p_map);
map = ipsec_t_map;
nmap = sizeof(ipsec_t_map)/sizeof(ipsec_t_map[0]);
break;
case 3:
idstr = STR_OR_ID(t.t_id, esp_p_map);
map = ipsec_t_map;
nmap = sizeof(ipsec_t_map)/sizeof(ipsec_t_map[0]);
break;
case 4:
idstr = STR_OR_ID(t.t_id, ipcomp_p_map);
map = ipsec_t_map;
nmap = sizeof(ipsec_t_map)/sizeof(ipsec_t_map[0]);
break;
default:
idstr = NULL;
map = NULL;
nmap = 0;
break;
}
if (idstr)
printf(" #%d id=%s ", t.t_no, idstr);
else
printf(" #%d id=%d ", t.t_no, t.t_id);
cp = (u_char *)(p + 1);
ep2 = (u_char *)p + item_len;
while (cp < ep && cp < ep2) {
if (map && nmap) {
cp = isakmp_attrmap_print(cp, (ep < ep2) ? ep : ep2,
map, nmap);
} else
cp = isakmp_attr_print(cp, (ep < ep2) ? ep : ep2);
}
if (ep < ep2)
printf("...");
return cp;
trunc:
printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_T));
return NULL;
}
static void
shortdump(struct sadb_msg *msg)
{
caddr_t mhp[SADB_EXT_MAX + 1];
char buf[NI_MAXHOST], pbuf[NI_MAXSERV];
struct sadb_sa *sa;
struct sadb_address *saddr;
struct sadb_lifetime *lts, *lth, *ltc;
struct sockaddr *s;
u_int t;
time_t cur = time(0);
pfkey_align(msg, mhp);
pfkey_check(mhp);
printf("%02lu%02lu", (u_long)(cur % 3600) / 60, (u_long)(cur % 60));
printf(" %-3s", STR_OR_ID(msg->sadb_msg_satype, satype));
if ((sa = (struct sadb_sa *)mhp[SADB_EXT_SA]) != NULL) {
printf(" %-1s", STR_OR_ID(sa->sadb_sa_state, sastate));
printf(" %08x", (uint32_t)ntohl(sa->sadb_sa_spi));
} else
printf("%-1s %-8s", "?", "?");
lts = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT];
lth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD];
ltc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT];
if (lts && lth && ltc) {
if (ltc->sadb_lifetime_addtime == 0)
t = (u_long)0;
else
t = (u_long)(cur - ltc->sadb_lifetime_addtime);
if (t >= 1000)
strlcpy(buf, " big/", sizeof(buf));
else
snprintf(buf, sizeof(buf), " %3lu/", (u_long)t);
printf("%s", buf);
t = (u_long)lth->sadb_lifetime_addtime;
if (t >= 1000)
strlcpy(buf, "big", sizeof(buf));
else
snprintf(buf, sizeof(buf), "%-3lu", (u_long)t);
printf("%s", buf);
} else
printf(" ??\?/???"); /* backslash to avoid trigraph ??/ */
printf(" ");
if ((saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]) != NULL) {
if (saddr->sadb_address_proto)
printf("%s ", STR_OR_ID(saddr->sadb_address_proto, ipproto));
s = (struct sockaddr *)(saddr + 1);
getnameinfo(s, sysdep_sa_len(s), buf, sizeof(buf),
pbuf, sizeof(pbuf), NI_NUMERICHOST|NI_NUMERICSERV);
if (strcmp(pbuf, "0") != 0)
printf("%s[%s]", buf, pbuf);
else
printf("%s", buf);
} else
printf("?");
printf(" -> ");
if ((saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]) != NULL) {
if (saddr->sadb_address_proto)
printf("%s ", STR_OR_ID(saddr->sadb_address_proto, ipproto));
s = (struct sockaddr *)(saddr + 1);
getnameinfo(s, sysdep_sa_len(s), buf, sizeof(buf),
pbuf, sizeof(pbuf), NI_NUMERICHOST|NI_NUMERICSERV);
if (strcmp(pbuf, "0") != 0)
printf("%s[%s]", buf, pbuf);
else
printf("%s", buf);
} else
printf("?");
printf("\n");
}