]> The Tcpdump Group git mirrors - tcpdump/blob - print-krb.c
projects / tcpdump / blob


15d596dad15723fbfc47522db0f7198deee1e31c
[tcpdump] / print-krb.c
1 /*
2 * Copyright (c) 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Initial contribution from John Hawkinson (jhawk@mit.edu).
22 */
23
24 #ifndef lint
25 static const char rcsid[] =
26 "@(#) $Header: /tcpdump/master/tcpdump/print-krb.c,v 1.14 2000-09-23 08:54:34 guy Exp $";
27 #endif
28
29 #ifdef HAVE_CONFIG_H
30 #include "config.h"
31 #endif
32
33 #include <sys/param.h>
34 #include <sys/time.h>
35 #include <sys/socket.h>
36
37 #include <netinet/in.h>
38 #include <netinet/in_systm.h>
39
40 #include <ctype.h>
41 #include <errno.h>
42 #include <stdio.h>
43
44 #include "interface.h"
45 #include "addrtoname.h"
46
47 const u_char *c_print(register const u_char *, register const u_char *);
48 const u_char *krb4_print_hdr(const u_char *);
49 void krb4_print(const u_char *);
50 void krb_print(const u_char *, u_int);
51
52
53 #define AUTH_MSG_KDC_REQUEST 1<<1
54 #define AUTH_MSG_KDC_REPLY 2<<1
55 #define AUTH_MSG_APPL_REQUEST 3<<1
56 #define AUTH_MSG_APPL_REQUEST_MUTUAL 4<<1
57 #define AUTH_MSG_ERR_REPLY 5<<1
58 #define AUTH_MSG_PRIVATE 6<<1
59 #define AUTH_MSG_SAFE 7<<1
60 #define AUTH_MSG_APPL_ERR 8<<1
61 #define AUTH_MSG_DIE 63<<1
62
63 #define KERB_ERR_OK 0
64 #define KERB_ERR_NAME_EXP 1
65 #define KERB_ERR_SERVICE_EXP 2
66 #define KERB_ERR_AUTH_EXP 3
67 #define KERB_ERR_PKT_VER 4
68 #define KERB_ERR_NAME_MAST_KEY_VER 5
69 #define KERB_ERR_SERV_MAST_KEY_VER 6
70 #define KERB_ERR_BYTE_ORDER 7
71 #define KERB_ERR_PRINCIPAL_UNKNOWN 8
72 #define KERB_ERR_PRINCIPAL_NOT_UNIQUE 9
73 #define KERB_ERR_NULL_KEY 10
74
75 struct krb {
76 u_char pvno; /* Protocol Version */
77 u_char type; /* Type+B */
78 };
79
80 static char tstr[] = " [|kerberos]";
81
82 static struct tok type2str[] = {
83 { AUTH_MSG_KDC_REQUEST, "KDC_REQUEST" },
84 { AUTH_MSG_KDC_REPLY, "KDC_REPLY" },
85 { AUTH_MSG_APPL_REQUEST, "APPL_REQUEST" },
86 { AUTH_MSG_APPL_REQUEST_MUTUAL, "APPL_REQUEST_MUTUAL" },
87 { AUTH_MSG_ERR_REPLY, "ERR_REPLY" },
88 { AUTH_MSG_PRIVATE, "PRIVATE" },
89 { AUTH_MSG_SAFE, "SAFE" },
90 { AUTH_MSG_APPL_ERR, "APPL_ERR" },
91 { AUTH_MSG_DIE, "DIE" },
92 { 0, NULL }
93 };
94
95 static struct tok kerr2str[] = {
96 { KERB_ERR_OK, "OK" },
97 { KERB_ERR_NAME_EXP, "NAME_EXP" },
98 { KERB_ERR_SERVICE_EXP, "SERVICE_EXP" },
99 { KERB_ERR_AUTH_EXP, "AUTH_EXP" },
100 { KERB_ERR_PKT_VER, "PKT_VER" },
101 { KERB_ERR_NAME_MAST_KEY_VER, "NAME_MAST_KEY_VER" },
102 { KERB_ERR_SERV_MAST_KEY_VER, "SERV_MAST_KEY_VER" },
103 { KERB_ERR_BYTE_ORDER, "BYTE_ORDER" },
104 { KERB_ERR_PRINCIPAL_UNKNOWN, "PRINCIPAL_UNKNOWN" },
105 { KERB_ERR_PRINCIPAL_NOT_UNIQUE,"PRINCIPAL_NOT_UNIQUE" },
106 { KERB_ERR_NULL_KEY, "NULL_KEY"},
107 { 0, NULL}
108 };
109
110
111 /* little endian (unaligned) to host byte order */
112 /* XXX need to look at this... */
113 #define vtohlp(x) ((( ((char *)(x))[0] ) ) | \
114 (( ((char *)(x))[1] ) << 8) | \
115 (( ((char *)(x))[2] ) << 16) | \
116 (( ((char *)(x))[3] ) << 24))
117 #define vtohsp(x) ((( ((char *)(x))[0] ) ) | \
118 (( ((char *)(x))[1] ) << 8))
119 /* network (big endian) (unaligned) to host byte order */
120 #define ntohlp(x) ((( ((char *)(x))[3] ) ) | \
121 (( ((char *)(x))[2] ) << 8) | \
122 (( ((char *)(x))[1] ) << 16) | \
123 (( ((char *)(x))[0] ) << 24))
124 #define ntohsp(x) ((( ((char *)(x))[1] ) ) | \
125 (( ((char *)(x))[0] ) << 8))
126
127
128
129 const u_char *
130 c_print(register const u_char *s, register const u_char *ep)
131 {
132 register u_char c;
133 register int flag;
134
135 flag = 1;
136 while (s < ep) {
137 c = *s++;
138 if (c == '\0') {
139 flag = 0;
140 break;
141 }
142 if (!isascii(c)) {
143 c = toascii(c);
144 putchar('M');
145 putchar('-');
146 }
147 if (!isprint(c)) {
148 c ^= 0x40; /* DEL to ?, others to alpha */
149 putchar('^');
150 }
151 putchar(c);
152 }
153 if (flag)
154 return NULL;
155 return (s);
156 }
157
158 const u_char *
159 krb4_print_hdr(const u_char *cp)
160 {
161 cp += 2;
162
163 #define PRINT if ((cp = c_print(cp, snapend)) == NULL) goto trunc
164
165 PRINT;
166 putchar('.');
167 PRINT;
168 putchar('@');
169 PRINT;
170 return (cp);
171
172 trunc:
173 fputs(tstr, stdout);
174 return (NULL);
175
176 #undef PRINT
177 }
178
179 void
180 krb4_print(const u_char *cp)
181 {
182 register const struct krb *kp;
183 u_char type;
184 u_short len;
185
186 #define PRINT if ((cp = c_print(cp, snapend)) == NULL) goto trunc
187 /* True if struct krb is little endian */
188 #define IS_LENDIAN(kp) (((kp)->type & 0x01) != 0)
189 #define KTOHSP(kp, cp) (IS_LENDIAN(kp) ? vtohsp(cp) : ntohsp(cp))
190
191 kp = (struct krb *)cp;
192
193 if ((&kp->type) >= snapend) {
194 fputs(tstr, stdout);
195 return;
196 }
197
198 type = kp->type & (0xFF << 1);
199
200 printf(" %s %s: ",
201 IS_LENDIAN(kp) ? "le" : "be", tok2str(type2str, NULL, type));
202
203 switch (type) {
204
205 case AUTH_MSG_KDC_REQUEST:
206 if ((cp = krb4_print_hdr(cp)) == NULL)
207 return;
208 cp += 4; /* ctime */
209 TCHECK(*cp);
210 printf(" %dmin ", *cp++ * 5);
211 PRINT;
212 putchar('.');
213 PRINT;
214 break;
215
216 case AUTH_MSG_APPL_REQUEST:
217 cp += 2;
218 TCHECK(*cp);
219 printf("v%d ", *cp++);
220 PRINT;
221 TCHECK(*cp);
222 printf(" (%d)", *cp++);
223 TCHECK(*cp);
224 printf(" (%d)", *cp);
225 break;
226
227 case AUTH_MSG_KDC_REPLY:
228 if ((cp = krb4_print_hdr(cp)) == NULL)
229 return;
230 cp += 10; /* timestamp + n + exp + kvno */
231 TCHECK2(*cp, sizeof(short));
232 len = KTOHSP(kp, cp);
233 printf(" (%d)", len);
234 break;
235
236 case AUTH_MSG_ERR_REPLY:
237 if ((cp = krb4_print_hdr(cp)) == NULL)
238 return;
239 cp += 4; /* timestamp */
240 TCHECK2(*cp, sizeof(short));
241 printf(" %s ", tok2str(kerr2str, NULL, KTOHSP(kp, cp)));
242 cp += 4;
243 PRINT;
244 break;
245
246 default:
247 fputs("(unknown)", stdout);
248 break;
249 }
250
251 return;
252 trunc:
253 fputs(tstr, stdout);
254 }
255
256 void
257 krb_print(const u_char *dat, u_int length)
258 {
259 register const struct krb *kp;
260
261 kp = (struct krb *)dat;
262
263 if (dat >= snapend) {
264 fputs(tstr, stdout);
265 return;
266 }
267
268 switch (kp->pvno) {
269
270 case 1:
271 case 2:
272 case 3:
273 printf(" v%d", kp->pvno);
274 break;
275
276 case 4:
277 printf(" v%d", kp->pvno);
278 krb4_print((const u_char *)kp);
279 break;
280
281 case 106:
282 case 107:
283 fputs(" v5", stdout);
284 /* Decode ASN.1 here "someday" */
285 break;
286 }
287 return;
288 }
[mirror] the TCPdump network dissector