*/
+/* \summary: Kerberos printer */
+
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
-#include "interface.h"
+#include "netdissect.h"
#include "extract.h"
+/*
+ * Kerberos 4:
+ *
+ * Athena Technical Plan
+ * Section E.2.1
+ * Kerberos Authentication and Authorization System
+ * by S. P. Miller, B. C. Neuman, J. I. Schiller, and J. H. Saltzer
+ *
+ * http://web.mit.edu/Saltzer/www/publications/athenaplan/e.2.1.pdf
+ *
+ * 7. Appendix I Design Specifications
+ *
+ * Kerberos 5:
+ *
+ * RFC 1510, RFC 2630, etc.
+ */
+
static const char tstr[] = " [|kerberos]";
-static const u_char *c_print(netdissect_options *, register const u_char *, register const u_char *);
+static const u_char *c_print(netdissect_options *, const u_char *, const u_char *);
static const u_char *krb4_print_hdr(netdissect_options *, const u_char *);
static void krb4_print(netdissect_options *, const u_char *);
#define KERB_ERR_NULL_KEY 10
struct krb {
- uint8_t pvno; /* Protocol Version */
- uint8_t type; /* Type+B */
+ nd_uint8_t pvno; /* Protocol Version */
+ nd_uint8_t type; /* Type+B */
};
static const struct tok type2str[] = {
static const u_char *
c_print(netdissect_options *ndo,
- register const u_char *s, register const u_char *ep)
+ const u_char *s, const u_char *ep)
{
- register u_char c;
- register int flag;
+ u_char c;
+ int flag;
flag = 1;
while (s < ep) {
- c = *s++;
+ c = EXTRACT_U_1(s);
+ s++;
if (c == '\0') {
flag = 0;
break;
krb4_print(netdissect_options *ndo,
const u_char *cp)
{
- register const struct krb *kp;
+ const struct krb *kp;
u_char type;
u_short len;
#define PRINT if ((cp = c_print(ndo, cp, ndo->ndo_snapend)) == NULL) goto trunc
/* True if struct krb is little endian */
-#define IS_LENDIAN(kp) (((kp)->type & 0x01) != 0)
-#define KTOHSP(kp, cp) (IS_LENDIAN(kp) ? EXTRACT_LE_16BITS(cp) : EXTRACT_16BITS(cp))
+#define IS_LENDIAN(kp) ((EXTRACT_U_1((kp)->type) & 0x01) != 0)
+#define KTOHSP(kp, cp) (IS_LENDIAN(kp) ? EXTRACT_LE_U_2(cp) : EXTRACT_BE_U_2(cp))
- kp = (struct krb *)cp;
+ kp = (const struct krb *)cp;
- if ((&kp->type) >= ndo->ndo_snapend) {
+ if (!ND_TTEST_1(kp->type)) {
ND_PRINT((ndo, "%s", tstr));
return;
}
- type = kp->type & (0xFF << 1);
+ type = EXTRACT_U_1(kp->type) & (0xFF << 1);
ND_PRINT((ndo, " %s %s: ",
IS_LENDIAN(kp) ? "le" : "be", tok2str(type2str, NULL, type)));
if ((cp = krb4_print_hdr(ndo, cp)) == NULL)
return;
cp += 4; /* ctime */
- ND_TCHECK(*cp);
- ND_PRINT((ndo, " %dmin ", *cp++ * 5));
+ ND_TCHECK_1(cp);
+ ND_PRINT((ndo, " %umin ", EXTRACT_U_1(cp) * 5));
+ cp++;
PRINT;
ND_PRINT((ndo, "."));
PRINT;
case AUTH_MSG_APPL_REQUEST:
cp += 2;
- ND_TCHECK(*cp);
- ND_PRINT((ndo, "v%d ", *cp++));
+ ND_TCHECK_1(cp);
+ ND_PRINT((ndo, "v%u ", EXTRACT_U_1(cp)));
+ cp++;
PRINT;
- ND_TCHECK(*cp);
- ND_PRINT((ndo, " (%d)", *cp++));
- ND_TCHECK(*cp);
- ND_PRINT((ndo, " (%d)", *cp));
+ ND_TCHECK_1(cp);
+ ND_PRINT((ndo, " (%u)", EXTRACT_U_1(cp)));
+ cp++;
+ ND_TCHECK_1(cp);
+ ND_PRINT((ndo, " (%u)", EXTRACT_U_1(cp)));
break;
case AUTH_MSG_KDC_REPLY:
if ((cp = krb4_print_hdr(ndo, cp)) == NULL)
return;
cp += 10; /* timestamp + n + exp + kvno */
- ND_TCHECK2(*cp, sizeof(short));
+ ND_TCHECK_LEN(cp, sizeof(short));
len = KTOHSP(kp, cp);
- ND_PRINT((ndo, " (%d)", len));
+ ND_PRINT((ndo, " (%u)", len));
break;
case AUTH_MSG_ERR_REPLY:
if ((cp = krb4_print_hdr(ndo, cp)) == NULL)
return;
cp += 4; /* timestamp */
- ND_TCHECK2(*cp, sizeof(short));
+ ND_TCHECK_LEN(cp, sizeof(short));
ND_PRINT((ndo, " %s ", tok2str(kerr2str, NULL, KTOHSP(kp, cp))));
cp += 4;
PRINT;
krb_print(netdissect_options *ndo,
const u_char *dat)
{
- register const struct krb *kp;
+ const struct krb *kp;
- kp = (struct krb *)dat;
+ kp = (const struct krb *)dat;
if (dat >= ndo->ndo_snapend) {
ND_PRINT((ndo, "%s", tstr));
return;
}
- switch (kp->pvno) {
+ switch (EXTRACT_U_1(kp->pvno)) {
case 1:
case 2:
case 3:
- ND_PRINT((ndo, " v%d", kp->pvno));
+ ND_PRINT((ndo, " v%u", EXTRACT_U_1(kp->pvno)));
break;
case 4:
- ND_PRINT((ndo, " v%d", kp->pvno));
+ ND_PRINT((ndo, " v%u", EXTRACT_U_1(kp->pvno)));
krb4_print(ndo, (const u_char *)kp);
break;
projects / tcpdump / blobdiff