The Tcpdump Group git mirrors - tcpdump/blobdiff

* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

*/

* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

*/

-#ifndef lint

-static const char rcsid[] =

- "@(#) $Header: /tcpdump/master/tcpdump/print-esp.c,v 1.25 2002-06-11 17:08:45 itojun Exp $ (LBL)";

-#endif

-

#ifdef HAVE_CONFIG_H

#include "config.h"

#endif

#ifdef HAVE_CONFIG_H

#include "config.h"

#endif

+#include <netdissect-stdinc.h>

+

#include <string.h>

-#include <sys/param.h>

-#include <sys/time.h>

-#include <sys/types.h>

-#include <sys/socket.h>

#include <stdlib.h>

-#include <netinet/in.h>

-

+/* Any code in this file that depends on HAVE_LIBCRYPTO depends on

+ * HAVE_OPENSSL_EVP_H too. Undefining the former when the latter isn't defined

+ * is the simplest way of handling the dependency.

+ */

#ifdef HAVE_LIBCRYPTO

-#include <openssl/des.h>

-#include <openssl/blowfish.h>

-#ifdef HAVE_OPENSSL_RC5_H

-#include <openssl/rc5.h>

-#endif

-#ifdef HAVE_OPENSSL_CAST_H

-#include <openssl/cast.h>

+#ifdef HAVE_OPENSSL_EVP_H

+#include <openssl/evp.h>

+#else

+#undef HAVE_LIBCRYPTO

#endif

-#include <stdio.h>

-

#include "ip.h"

-#include "esp.h"

-#ifdef INET6

#include "ip6.h"

-#endif

-

-#define AVOID_CHURN 1

-#include "interface.h"

-#include "addrtoname.h"

-

-static struct esp_algorithm *espsecret_xform=NULL; /* cache of decoded alg. */

-static char *espsecret_key=NULL;

+#include "netdissect.h"

+#include "strtoaddr.h"

+#include "extract.h"

-enum cipher { NONE,

- DESCBC,

- BLOWFISH,

- RC5,

- CAST128,

- DES3CBC};

+#include "ascii_strcasecmp.h"

+/*

+ *

+ * Redistribution and use in source and binary forms, with or without

+ * modification, are permitted provided that the following conditions

+ * are met:

+ * 1. Redistributions of source code must retain the above copyright

+ * notice, this list of conditions and the following disclaimer.

+ * 2. Redistributions in binary form must reproduce the above copyright

+ * notice, this list of conditions and the following disclaimer in the

+ * documentation and/or other materials provided with the distribution.

+ * 3. Neither the name of the project nor the names of its contributors

+ * may be used to endorse or promote products derived from this software

+ * without specific prior written permission.

+ *

+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND

+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE

+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

+ * SUCH DAMAGE.

+ */

+/*

+ * RFC1827/2406 Encapsulated Security Payload.

+ */

-struct esp_algorithm {

- char *name;

- enum cipher algo;

- int ivlen;

- int authlen;

- int replaysize;

+struct newesp {

+ uint32_t esp_spi; /* ESP */

+ uint32_t esp_seq; /* Sequence number */

+ /*variable size*/ /* (IV and) Payload data */

+ /*variable size*/ /* padding */

+ /*8bit*/ /* pad size */

+ /*8bit*/ /* next header */

+ /*variable size, 32bit bound*/ /* Authentication data */

};

-struct esp_algorithm esp_xforms[]={

- {"none", NONE, 0, 0, 0},

- {"des-cbc", DESCBC, 8, 0, 0},

- {"des-cbc-hmac96", DESCBC, 8, 12, 4},

- {"blowfish-cbc", BLOWFISH,8, 0, 0},

- {"blowfish-cbc-hmac96", BLOWFISH,8, 12, 4},

- {"rc5-cbc", RC5, 8, 0, 0},

- {"rc5-cbc-hmac96", RC5, 8, 12, 4},

- {"cast128-cbc", CAST128, 8, 0, 0},

- {"cast128-cbc-hmac96", CAST128, 8, 12, 4},

- {"3des-cbc-hmac96", DES3CBC, 8, 12, 4},

+#ifdef HAVE_LIBCRYPTO

+union inaddr_u {

+ struct in_addr in4;

+ struct in6_addr in6;

+};

+struct sa_list {

+ struct sa_list *next;

+ u_int daddr_version;

+ union inaddr_u daddr;

+ uint32_t spi; /* if == 0, then IKEv2 */

+ int initiator;

+ u_char spii[8]; /* for IKEv2 */

+ u_char spir[8];

+ const EVP_CIPHER *evp;

+ int ivlen;

+ int authlen;

+ u_char authsecret[256];

+ int authsecret_len;

+ u_char secret[256]; /* is that big enough for all secrets? */

+ int secretlen;

};

-static int hexdigit(char hex)

+/*

+ * this will adjust ndo_packetp and ndo_snapend to new buffer!

+ */

+USES_APPLE_DEPRECATED_API

+int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,

+ int initiator,

+ u_char spii[8], u_char spir[8],

+ const u_char *buf, const u_char *end)

{

- if(hex >= '0' && hex <= '9') {

+ struct sa_list *sa;

+ const u_char *iv;

+ int len;

+ EVP_CIPHER_CTX ctx;

+

+ /* initiator arg is any non-zero value */

+ if(initiator) initiator=1;

+

+ /* see if we can find the SA, and if so, decode it */

+ for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) {

+ if (sa->spi == 0

+ && initiator == sa->initiator

+ && memcmp(spii, sa->spii, 8) == 0

+ && memcmp(spir, sa->spir, 8) == 0)

+ break;

+ }

+

+ if(sa == NULL) return 0;

+ if(sa->evp == NULL) return 0;

+

+ /*

+ * remove authenticator, and see if we still have something to

+ * work with

+ */

+ end = end - sa->authlen;

+ iv = buf;

+ buf = buf + sa->ivlen;

+ len = end-buf;

+

+ if(end <= buf) return 0;

+

+ memset(&ctx, 0, sizeof(ctx));

+ if (EVP_CipherInit(&ctx, sa->evp, sa->secret, NULL, 0) < 0)

+ (*ndo->ndo_warning)(ndo, "espkey init failed");

+ EVP_CipherInit(&ctx, NULL, NULL, iv, 0);

+ EVP_Cipher(&ctx, buf, buf, len);

+ EVP_CIPHER_CTX_cleanup(&ctx);

+

+ ndo->ndo_packetp = buf;

+ ndo->ndo_snapend = end;

+

+ return 1;

+

+}

+USES_APPLE_RST

+

+static void esp_print_addsa(netdissect_options *ndo,

+ struct sa_list *sa, int sa_def)

+{

+ /* copy the "sa" */

+

+ struct sa_list *nsa;

+

+ nsa = (struct sa_list *)malloc(sizeof(struct sa_list));

+ if (nsa == NULL)

+ (*ndo->ndo_error)(ndo, "ran out of memory to allocate sa structure");

+

+ *nsa = *sa;

+

+ if (sa_def)

+ ndo->ndo_sa_default = nsa;

+

+ nsa->next = ndo->ndo_sa_list_head;

+ ndo->ndo_sa_list_head = nsa;

+}

+

+static u_int hexdigit(netdissect_options *ndo, char hex)

+{

+ if (hex >= '0' && hex <= '9')

return (hex - '0');

- } else if(hex >= 'A' && hex <= 'F') {

+ else if (hex >= 'A' && hex <= 'F')

return (hex - 'A' + 10);

- } else if(hex >= 'a' && hex <= 'f') {

+ else if (hex >= 'a' && hex <= 'f')

return (hex - 'a' + 10);

- } else {

- printf("invalid hex digit %c in espsecret\n", hex);

+ else {

+ (*ndo->ndo_error)(ndo, "invalid hex digit %c in espsecret\n", hex);

return 0;

}

return 0;

}

-static int hex2byte(char *hexstring)

+static u_int hex2byte(netdissect_options *ndo, char *hexstring)

{

- int byte;

+ u_int byte;

- byte = (hexdigit(hexstring[0]) << 4) +

- hexdigit(hexstring[1]);

+ byte = (hexdigit(ndo, hexstring[0]) << 4) + hexdigit(ndo, hexstring[1]);

return byte;

}

return byte;

}

+/*

+ * returns size of binary, 0 on failure.

+ */

+static

+int espprint_decode_hex(netdissect_options *ndo,

+ u_char *binbuf, unsigned int binbuf_len,

+ char *hex)

+{

+ unsigned int len;

+ int i;

-static void esp_print_decodesecret(void)

+ len = strlen(hex) / 2;

+

+ if (len > binbuf_len) {

+ (*ndo->ndo_warning)(ndo, "secret is too big: %d\n", len);

+ return 0;

+ }

+

+ i = 0;

+ while (hex[0] != '\0' && hex[1]!='\0') {

+ binbuf[i] = hex2byte(ndo, hex);

+ hex += 2;

+ i++;

+ }

+

+ return i;

+}

+

+/*

+ * decode the form: SPINUM@IP <tab> ALGONAME:0xsecret

+ */

+

+USES_APPLE_DEPRECATED_API

+static int

+espprint_decode_encalgo(netdissect_options *ndo,

+ char *decode, struct sa_list *sa)

+{

+ size_t i;

+ const EVP_CIPHER *evp;

+ int authlen = 0;

+ char *colon, *p;

+

+ colon = strchr(decode, ':');

+ if (colon == NULL) {

+ (*ndo->ndo_warning)(ndo, "failed to decode espsecret: %s\n", decode);

+ return 0;

+ }

+ *colon = '\0';

+

+ if (strlen(decode) > strlen("-hmac96") &&

+ !strcmp(decode + strlen(decode) - strlen("-hmac96"),

+ "-hmac96")) {

+ p = strstr(decode, "-hmac96");

+ *p = '\0';

+ authlen = 12;

+ }

+ if (strlen(decode) > strlen("-cbc") &&

+ !strcmp(decode + strlen(decode) - strlen("-cbc"), "-cbc")) {

+ p = strstr(decode, "-cbc");

+ *p = '\0';

+ }

+ evp = EVP_get_cipherbyname(decode);

+

+ if (!evp) {

+ (*ndo->ndo_warning)(ndo, "failed to find cipher algo %s\n", decode);

+ sa->evp = NULL;

+ sa->authlen = 0;

+ sa->ivlen = 0;

+ return 0;

+ }

+

+ sa->evp = evp;

+ sa->authlen = authlen;

+ sa->ivlen = EVP_CIPHER_iv_length(evp);

+

+ colon++;

+ if (colon[0] == '0' && colon[1] == 'x') {

+ /* decode some hex! */

+

+ colon += 2;

+ sa->secretlen = espprint_decode_hex(ndo, sa->secret, sizeof(sa->secret), colon);

+ if(sa->secretlen == 0) return 0;

+ } else {

+ i = strlen(colon);

+

+ if (i < sizeof(sa->secret)) {

+ memcpy(sa->secret, colon, i);

+ sa->secretlen = i;

+ } else {

+ memcpy(sa->secret, colon, sizeof(sa->secret));

+ sa->secretlen = sizeof(sa->secret);

+ }

+

+ return 1;

+}

+USES_APPLE_RST

+

+/*

+ * for the moment, ignore the auth algorith, just hard code the authenticator

+ * length. Need to research how openssl looks up HMAC stuff.

+ */

+static int

+espprint_decode_authalgo(netdissect_options *ndo,

+ char *decode, struct sa_list *sa)

{

char *colon;

{

char *colon;

- int len, i;

- struct esp_algorithm *xf;

- if(espsecret == NULL) {

- /* set to NONE transform */

- espsecret_xform = esp_xforms;

- return;

+ colon = strchr(decode, ':');

+ if (colon == NULL) {

+ (*ndo->ndo_warning)(ndo, "failed to decode espsecret: %s\n", decode);

+ return 0;

}

+ *colon = '\0';

+

+ if(ascii_strcasecmp(colon,"sha1") == 0 ||

+ ascii_strcasecmp(colon,"md5") == 0) {

+ sa->authlen = 12;

+ }

+ return 1;

+}

+

+static void esp_print_decode_ikeline(netdissect_options *ndo, char *line,

+ const char *file, int lineno)

+{

+ /* it's an IKEv2 secret, store it instead */

+ struct sa_list sa1;

+

+ char *init;

+ char *icookie, *rcookie;

+ int ilen, rlen;

+ char *authkey;

+ char *enckey;

+

+ init = strsep(&line, " \t");

+ icookie = strsep(&line, " \t");

+ rcookie = strsep(&line, " \t");

+ authkey = strsep(&line, " \t");

+ enckey = strsep(&line, " \t");

+

+ /* if any fields are missing */

+ if(!init || !icookie || !rcookie || !authkey || !enckey) {

+ (*ndo->ndo_warning)(ndo, "print_esp: failed to find all fields for ikev2 at %s:%u",

+ file, lineno);

- if(espsecret_key != NULL) {

return;

}

return;

}

- colon = strchr(espsecret, ':');

- if(colon == NULL) {

- printf("failed to decode espsecret: %s\n",

- espsecret);

- /* set to NONE transform */

- espsecret_xform = esp_xforms;

+ ilen = strlen(icookie);

+ rlen = strlen(rcookie);

+

+ if((init[0]!='I' && init[0]!='R')

+ || icookie[0]!='0' || icookie[1]!='x'

+ || rcookie[0]!='0' || rcookie[1]!='x'

+ || ilen!=18

+ || rlen!=18) {

+ (*ndo->ndo_warning)(ndo, "print_esp: line %s:%u improperly formatted.",

+ file, lineno);

+

+ (*ndo->ndo_warning)(ndo, "init=%s icookie=%s(%u) rcookie=%s(%u)",

+ init, icookie, ilen, rcookie, rlen);

+

+ return;

}

- len = colon - espsecret;

- xf = esp_xforms;

- while(xf->name && strncasecmp(espsecret, xf->name, len)!=0) {

- xf++;

+ sa1.spi = 0;

+ sa1.initiator = (init[0] == 'I');

+ if(espprint_decode_hex(ndo, sa1.spii, sizeof(sa1.spii), icookie+2)!=8)

+ return;

+

+ if(espprint_decode_hex(ndo, sa1.spir, sizeof(sa1.spir), rcookie+2)!=8)

+ return;

+

+ if(!espprint_decode_encalgo(ndo, enckey, &sa1)) return;

+

+ if(!espprint_decode_authalgo(ndo, authkey, &sa1)) return;

+

+ esp_print_addsa(ndo, &sa1, FALSE);

+}

+

+/*

+ *

+ * special form: file /name

+ * causes us to go read from this file instead.

+ *

+ */

+static void esp_print_decode_onesecret(netdissect_options *ndo, char *line,

+ const char *file, int lineno)

+{

+ struct sa_list sa1;

+ int sa_def;

+

+ char *spikey;

+ char *decode;

+

+ spikey = strsep(&line, " \t");

+ sa_def = 0;

+ memset(&sa1, 0, sizeof(struct sa_list));

+

+ /* if there is only one token, then it is an algo:key token */

+ if (line == NULL) {

+ decode = spikey;

+ spikey = NULL;

+ /* sa1.daddr.version = 0; */

+ /* memset(&sa1.daddr, 0, sizeof(sa1.daddr)); */

+ /* sa1.spi = 0; */

+ sa_def = 1;

+ } else

+ decode = line;

+

+ if (spikey && ascii_strcasecmp(spikey, "file") == 0) {

+ /* open file and read it */

+ FILE *secretfile;

+ char fileline[1024];

+ int subfile_lineno=0;

+ char *nl;

+ char *filename = line;

+

+ secretfile = fopen(filename, FOPEN_READ_TXT);

+ if (secretfile == NULL) {

+ perror(filename);

+ exit(3);

+ }

+

+ while (fgets(fileline, sizeof(fileline)-1, secretfile) != NULL) {

+ subfile_lineno++;

+ /* remove newline from the line */

+ nl = strchr(fileline, '\n');

+ if (nl)

+ *nl = '\0';

+ if (fileline[0] == '#') continue;

+ if (fileline[0] == '\0') continue;

+

+ esp_print_decode_onesecret(ndo, fileline, filename, subfile_lineno);

+ }

+ fclose(secretfile);

+

+ return;

}

- if(xf->name == NULL) {

- printf("failed to find cipher algo %s\n",

- espsecret);

- espsecret_xform = esp_xforms;

+

+ if (spikey && ascii_strcasecmp(spikey, "ikev2") == 0) {

+ esp_print_decode_ikeline(ndo, line, file, lineno);

return;

}

return;

}

- espsecret_xform = xf;

- colon++;

- if(colon[0]=='0' && colon[1]=='x') {

- /* decode some hex! */

- colon+=2;

- len = strlen(colon) / 2;

- espsecret_key = (char *)malloc(len);

- if(espsecret_key == NULL) {

- fprintf(stderr, "%s: ran out of memory (%d) to allocate secret key\n",

- program_name, len);

- exit(2);

+ if (spikey) {

+

+ char *spistr, *foo;

+ uint32_t spino;

+

+ spistr = strsep(&spikey, "@");

+

+ spino = strtoul(spistr, &foo, 0);

+ if (spistr == foo || !spikey) {

+ (*ndo->ndo_warning)(ndo, "print_esp: failed to decode spi# %s\n", foo);

+ return;

}

- i = 0;

- while(colon[0] != '\0' && colon[1]!='\0') {

- espsecret_key[i]=hex2byte(colon);

- colon+=2;

- i++;

+

+ sa1.spi = spino;

+

+ if (strtoaddr6(spikey, &sa1.daddr.in6) == 1) {

+ sa1.daddr_version = 6;

+ } else if (strtoaddr(spikey, &sa1.daddr.in4) == 1) {

+ sa1.daddr_version = 4;

+ } else {

+ (*ndo->ndo_warning)(ndo, "print_esp: can not decode IP# %s\n", spikey);

+ return;

}

- } else {

- espsecret_key = colon;

}

+

+ if (decode) {

+ /* skip any blank spaces */

+ while (isspace((unsigned char)*decode))

+ decode++;

+

+ if(!espprint_decode_encalgo(ndo, decode, &sa1)) {

+ return;

+ }

+

+ esp_print_addsa(ndo, &sa1, sa_def);

}

+USES_APPLE_DEPRECATED_API

+static void esp_init(netdissect_options *ndo _U_)

+{

+

+ OpenSSL_add_all_algorithms();

+ EVP_add_cipher_alias(SN_des_ede3_cbc, "3des");

+}

+USES_APPLE_RST

+

+void esp_print_decodesecret(netdissect_options *ndo)

+{

+ char *line;

+ char *p;

+ static int initialized = 0;

+

+ if (!initialized) {

+ esp_init(ndo);

+ initialized = 1;

+ }

+

+ p = ndo->ndo_espsecret;

+

+ while (p && p[0] != '\0') {

+ /* pick out the first line or first thing until a comma */

+ if ((line = strsep(&p, "\n,")) == NULL) {

+ line = p;

+ p = NULL;

+ }

+

+ esp_print_decode_onesecret(ndo, line, "cmdline", 0);

+ }

+

+ ndo->ndo_espsecret = NULL;

+}

+

+#endif

+

+#ifdef HAVE_LIBCRYPTO

+USES_APPLE_DEPRECATED_API

+#endif

int

-esp_print(register const u_char *bp, register const u_char *bp2,

- int *nhdr, int *padlen)

+esp_print(netdissect_options *ndo,

+ const u_char *bp, const int length, const u_char *bp2

+#ifndef HAVE_LIBCRYPTO

+ _U_

+#endif

+ ,

+ int *nhdr

+#ifndef HAVE_LIBCRYPTO

+ _U_

+#endif

+ ,

+ int *padlen

+#ifndef HAVE_LIBCRYPTO

+ _U_

+#endif

+ )

{

- register const struct esp *esp;

+ register const struct newesp *esp;

register const u_char *ep;

- u_int32_t spi;

- struct ip *ip = NULL;

-#ifdef INET6

- struct ip6_hdr *ip6 = NULL;

-#endif

+#ifdef HAVE_LIBCRYPTO

+ const struct ip *ip;

+ struct sa_list *sa = NULL;

+ const struct ip6_hdr *ip6 = NULL;

int advance;

int len;

int advance;

int len;

- char *secret;

+ u_char *secret;

int ivlen = 0;

- u_char *ivoff;

-#ifdef HAVE_LIBCRYPTO

- u_char *p;

+ const u_char *ivoff;

+ const u_char *p;

+ EVP_CIPHER_CTX ctx;

#endif

- esp = (struct esp *)bp;

- spi = (u_int32_t)ntohl(esp->esp_spi);

+ esp = (const struct newesp *)bp;

+

+#ifdef HAVE_LIBCRYPTO

secret = NULL;

+ advance = 0;

+#endif

#if 0

/* keep secret out of a register */

#if 0

/* keep secret out of a register */

#endif

/* 'ep' points to the end of available data. */

#endif

/* 'ep' points to the end of available data. */

- ep = snapend;

+ ep = ndo->ndo_snapend;

- if ((u_char *)(esp + 1) >= ep - sizeof(struct esp)) {

- fputs("[|ESP]", stdout);

+ if ((const u_char *)(esp + 1) >= ep) {

+ ND_PRINT((ndo, "[|ESP]"));

goto fail;

}

goto fail;

}

- printf("ESP(spi=0x%08x", spi);

- printf(",seq=0x%x", (u_int32_t)ntohl(*(u_int32_t *)(esp + 1)));

- printf(")");

+ ND_PRINT((ndo, "ESP(spi=0x%08x", EXTRACT_32BITS(&esp->esp_spi)));

+ ND_PRINT((ndo, ",seq=0x%x)", EXTRACT_32BITS(&esp->esp_seq)));

+ ND_PRINT((ndo, ", length %u", length));

- /* if we don't have decryption key, we can't decrypt this packet. */

- if (!espsecret)

- goto fail;

+#ifndef HAVE_LIBCRYPTO

+ goto fail;

+#else

+ /* initiailize SAs */

+ if (ndo->ndo_sa_list_head == NULL) {

+ if (!ndo->ndo_espsecret)

+ goto fail;

- if(!espsecret_xform) {

- esp_print_decodesecret();

+ esp_print_decodesecret(ndo);

}

- if(espsecret_xform->algo == NONE) {

+

+ if (ndo->ndo_sa_list_head == NULL)

goto fail;

- }

- ip = (struct ip *)bp2;

+ ip = (const struct ip *)bp2;

switch (IP_V(ip)) {

-#ifdef INET6

case 6:

- ip6 = (struct ip6_hdr *)bp2;

- ip = NULL;

+ ip6 = (const struct ip6_hdr *)bp2;

/* we do not attempt to decrypt jumbograms */

- if (!ntohs(ip6->ip6_plen))

+ if (!EXTRACT_16BITS(&ip6->ip6_plen))

goto fail;

/* if we can't get nexthdr, we do not need to decrypt it */

goto fail;

/* if we can't get nexthdr, we do not need to decrypt it */

- len = sizeof(struct ip6_hdr) + ntohs(ip6->ip6_plen);

+ len = sizeof(struct ip6_hdr) + EXTRACT_16BITS(&ip6->ip6_plen);

+

+ /* see if we can find the SA, and if so, decode it */

+ for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) {

+ if (sa->spi == EXTRACT_32BITS(&esp->esp_spi) &&

+ sa->daddr_version == 6 &&

+ UNALIGNED_MEMCMP(&sa->daddr.in6, &ip6->ip6_dst,

+ sizeof(struct in6_addr)) == 0) {

+ break;

+ }

break;

-#endif /*INET6*/

case 4:

/* nexthdr & padding are in the last fragment */

case 4:

/* nexthdr & padding are in the last fragment */

- if (ntohs(ip->ip_off) & IP_MF)

+ if (EXTRACT_16BITS(&ip->ip_off) & IP_MF)

goto fail;

-#ifdef INET6

- ip6 = NULL;

-#endif

- len = ntohs(ip->ip_len);

+ len = EXTRACT_16BITS(&ip->ip_len);

+

+ /* see if we can find the SA, and if so, decode it */

+ for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) {

+ if (sa->spi == EXTRACT_32BITS(&esp->esp_spi) &&

+ sa->daddr_version == 4 &&

+ UNALIGNED_MEMCMP(&sa->daddr.in4, &ip->ip_dst,

+ sizeof(struct in_addr)) == 0) {

+ break;

+ }

break;

default:

goto fail;

}

break;

default:

goto fail;

}

- /* if we can't get nexthdr, we do not need to decrypt it */

- if (ep - bp2 < len)

- goto fail;

-

- ivoff = (u_char *)(esp + 1) + espsecret_xform->replaysize;

- ivlen = espsecret_xform->ivlen;

- secret = espsecret_key;

-

- switch (espsecret_xform->algo) {

- case DESCBC:

-#ifdef HAVE_LIBCRYPTO

- {

- u_char iv[8];

- des_key_schedule schedule;

-

- switch (ivlen) {

- case 4:

- memcpy(iv, ivoff, 4);

- memcpy(&iv[4], ivoff, 4);

- p = &iv[4];

- *p++ ^= 0xff;

- break;

- case 8:

- memcpy(iv, ivoff, 8);

- break;

- default:

- goto fail;

- }

-

- des_check_key = 0;

- des_set_key((void *)secret, schedule);

+ /* if we didn't find the specific one, then look for

+ * an unspecified one.

+ */

+ if (sa == NULL)

+ sa = ndo->ndo_sa_default;

- p = ivoff + ivlen;

- des_cbc_encrypt((void *)p, (void *)p,

- (long)(ep - p), schedule, (void *)iv,

- DES_DECRYPT);

- advance = ivoff - (u_char *)esp + ivlen;

- break;

- }

-#else

+ /* if not found fail */

+ if (sa == NULL)

goto fail;

-#endif /*HAVE_LIBCRYPTO*/

-

- case BLOWFISH:

-#ifdef HAVE_LIBCRYPTO

- {

- BF_KEY schedule;

-

- BF_set_key(&schedule, strlen(secret), secret);

-

- p = ivoff + ivlen;

- BF_cbc_encrypt(p, p, (long)(ep - p), &schedule, ivoff,

- BF_DECRYPT);

- advance = ivoff - (u_char *)esp + ivlen;

- break;

- }

-#else

- goto fail;

-#endif /*HAVE_LIBCRYPTO*/

-

- case RC5:

-#if defined(HAVE_LIBCRYPTO) && defined(HAVE_RC5_H)

- {

- RC5_32_KEY schedule;

-

- RC5_32_set_key(&schedule, strlen(secret), secret,

- RC5_16_ROUNDS);

- p = ivoff + ivlen;

- RC5_32_cbc_encrypt(p, p, (long)(ep - p), &schedule, ivoff,

- RC5_DECRYPT);

- advance = ivoff - (u_char *)esp + ivlen;

- break;

- }

-#else

+ /* if we can't get nexthdr, we do not need to decrypt it */

+ if (ep - bp2 < len)

goto fail;

-#endif /*HAVE_LIBCRYPTO*/

-

- case CAST128:

-#if defined(HAVE_LIBCRYPTO) && defined(HAVE_CAST_H) && !defined(HAVE_BUGGY_CAST128)

- {

- CAST_KEY schedule;

-

- CAST_set_key(&schedule, strlen(secret), secret);

+ if (ep - bp2 > len) {

+ /* FCS included at end of frame (NetBSD 1.6 or later) */

+ ep = bp2 + len;

+ }

- p = ivoff + ivlen;

- CAST_cbc_encrypt(p, p, (long)(ep - p), &schedule, ivoff,

- CAST_DECRYPT);

- advance = ivoff - (u_char *)esp + ivlen;

- break;

- }

-#else

- goto fail;

-#endif /*HAVE_LIBCRYPTO*/

-

- case DES3CBC:

-#if defined(HAVE_LIBCRYPTO)

- {

- des_key_schedule s1, s2, s3;

-

- des_check_key = 1;

- des_set_odd_parity((void *)secret);

- des_set_odd_parity((void *)(secret + 8));

- des_set_odd_parity((void *)(secret + 16));

- if(des_set_key((void *)secret, s1) != 0) {

- printf("failed to schedule key 1\n");

- }

- if(des_set_key((void *)(secret + 8), s2)!=0) {

- printf("failed to schedule key 2\n");

- }

- if(des_set_key((void *)(secret + 16), s3)!=0) {

- printf("failed to schedule key 3\n");

- }

+ ivoff = (const u_char *)(esp + 1) + 0;

+ ivlen = sa->ivlen;

+ secret = sa->secret;

+ ep = ep - sa->authlen;

- p = ivoff + ivlen;

- des_ede3_cbc_encrypt((void *)p, (void *)p,

- (long)(ep - p),

- s1, s2, s3,

- (void *)ivoff, DES_DECRYPT);

- advance = ivoff - (u_char *)esp + ivlen;

- break;

- }

-#else

- goto fail;

-#endif /*HAVE_LIBCRYPTO*/

+ if (sa->evp) {

+ memset(&ctx, 0, sizeof(ctx));

+ if (EVP_CipherInit(&ctx, sa->evp, secret, NULL, 0) < 0)

+ (*ndo->ndo_warning)(ndo, "espkey init failed");

- case NONE:

- default:

- advance = sizeof(struct esp) + espsecret_xform->replaysize;

- break;

- }

+ p = ivoff;

+ EVP_CipherInit(&ctx, NULL, NULL, p, 0);

+ EVP_Cipher(&ctx, p + ivlen, p + ivlen, ep - (p + ivlen));

+ EVP_CIPHER_CTX_cleanup(&ctx);

+ advance = ivoff - (const u_char *)esp + ivlen;

+ } else

+ advance = sizeof(struct newesp);

- ep = ep - espsecret_xform->authlen;

/* sanity check for pad length */

if (ep - bp < *(ep - 2))

goto fail;

/* sanity check for pad length */

if (ep - bp < *(ep - 2))

goto fail;

if (nhdr)

*nhdr = *(ep - 1);

if (nhdr)

*nhdr = *(ep - 1);

- printf(": ");

+ ND_PRINT((ndo, ": "));

return advance;

+#endif

fail:

- if (nhdr)

- *nhdr = -1;

- return 65536;

+ return -1;

}

+#ifdef HAVE_LIBCRYPTO

+USES_APPLE_RST

+#endif

+

+/*

+ * Local Variables:

+ * c-style: whitesmith

+ * c-basic-offset: 8

+ * End:

+ */