]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-tcp.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
do not use gcc-ism for macro, instead abuse C-syntax
[tcpdump] / print-tcp.c
diff --git a/print-tcp.c b/print-tcp.c
index 1561cdc3a01edfa32af1d0059382bf2aa15a4f7b..86195a856086405f0ae1c78da8f3f3f7c76e41e7 100644 (file)
--- a/print-tcp.c
+++ b/print-tcp.c
@@ -20,68 +20,48 @@
  */
 
 #ifndef lint
  */
 
 #ifndef lint
-static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-tcp.c,v 1.62 1999-12-22 06:27:23 itojun Exp $ (LBL)";
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/print-tcp.c,v 1.112 2004-04-05 00:12:54 mcr Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
 #endif
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
-#include <sys/param.h>
-#include <sys/time.h>
+#include <tcpdump-stdinc.h>
 
 
-#include <netinet/in.h>
-#include <netinet/in_systm.h>
-#include <netinet/ip.h>
-#include <netinet/ip_var.h>
-#include <netinet/tcp.h>
+#include <rpc/rpc.h>
 
 
-#ifdef HAVE_MEMORY_H
-#include <memory.h>
-#endif
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <unistd.h>
-
-#ifdef INET6
-#include <netinet/ip6.h>
-#endif
 
 #include "interface.h"
 #include "addrtoname.h"
 #include "extract.h"
 
 
 #include "interface.h"
 #include "addrtoname.h"
 #include "extract.h"
 
-/* Compatibility */
-#ifndef TCPOPT_WSCALE
-#define        TCPOPT_WSCALE           3       /* window scale factor (rfc1072) */
-#endif
-#ifndef TCPOPT_SACKOK
-#define        TCPOPT_SACKOK           4       /* selective ack ok (rfc1072) */
-#endif
-#ifndef TCPOPT_SACK
-#define        TCPOPT_SACK             5       /* selective ack (rfc1072) */
-#endif
-#ifndef TCPOPT_ECHO
-#define        TCPOPT_ECHO             6       /* echo (rfc1072) */
-#endif
-#ifndef TCPOPT_ECHOREPLY
-#define        TCPOPT_ECHOREPLY        7       /* echo (rfc1072) */
-#endif
-#ifndef TCPOPT_TIMESTAMP
-#define TCPOPT_TIMESTAMP       8       /* timestamps (rfc1323) */
-#endif
-#ifndef TCPOPT_CC
-#define TCPOPT_CC              11      /* T/TCP CC options (rfc1644) */
-#endif
-#ifndef TCPOPT_CCNEW
-#define TCPOPT_CCNEW           12      /* T/TCP CC options (rfc1644) */
+#include "tcp.h"
+
+#include "ip.h"
+#ifdef INET6
+#include "ip6.h"
 #endif
 #endif
-#ifndef TCPOPT_CCECHO
-#define TCPOPT_CCECHO          13      /* T/TCP CC options (rfc1644) */
+#include "ipproto.h"
+
+#include "nameser.h"
+
+#ifdef HAVE_LIBCRYPTO
+#include <openssl/md5.h>
+
+static int tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
+    const u_char *data, int length, const u_char *rcvsig);
 #endif
 
 #endif
 
+static void print_tcp_rst_data(register const u_char *sp, u_int length);
+
+#define MAX_RST_DATA_LEN       30
+
+
 struct tha {
 #ifndef INET6
        struct in_addr src;
 struct tha {
 #ifndef INET6
        struct in_addr src;
@@ -108,21 +88,109 @@ struct tcp_seq_hash {
 static struct tcp_seq_hash tcp_seq_hash[TSEQ_HASHSIZE];
 
 
 static struct tcp_seq_hash tcp_seq_hash[TSEQ_HASHSIZE];
 
 
+#ifndef TELNET_PORT
+#define TELNET_PORT    23
+#endif
 #ifndef BGP_PORT
 #define BGP_PORT       179
 #endif
 #define NETBIOS_SSN_PORT 139
 #ifndef BGP_PORT
 #define BGP_PORT       179
 #endif
 #define NETBIOS_SSN_PORT 139
+#ifndef PPTP_PORT
+#define PPTP_PORT      1723
+#endif
+#define BEEP_PORT        10288
+#ifndef NFS_PORT
+#define NFS_PORT       2049
+#endif
+#define MSDP_PORT      639
+#define LDP_PORT        646
+
+static int tcp_cksum(register const struct ip *ip,
+                    register const struct tcphdr *tp,
+                    register u_int len)
+{
+       union phu {
+               struct phdr {
+                       u_int32_t src;
+                       u_int32_t dst;
+                       u_char mbz;
+                       u_char proto;
+                       u_int16_t len;
+               } ph;
+               u_int16_t pa[6];
+       } phu;
+       const u_int16_t *sp;
+
+       /* pseudo-header.. */
+       phu.ph.len = htons((u_int16_t)len);
+       phu.ph.mbz = 0;
+       phu.ph.proto = IPPROTO_TCP;
+       memcpy(&phu.ph.src, &ip->ip_src.s_addr, sizeof(u_int32_t));
+       if (IP_HL(ip) == 5)
+               memcpy(&phu.ph.dst, &ip->ip_dst.s_addr, sizeof(u_int32_t));
+       else
+               phu.ph.dst = ip_finddst(ip);
+
+       sp = &phu.pa[0];
+       return in_cksum((u_short *)tp, len,
+                       sp[0]+sp[1]+sp[2]+sp[3]+sp[4]+sp[5]);
+}
+
+#ifdef INET6
+static int tcp6_cksum(const struct ip6_hdr *ip6, const struct tcphdr *tp,
+       u_int len)
+{
+       size_t i;
+       register const u_int16_t *sp;
+       u_int32_t sum;
+       union {
+               struct {
+                       struct in6_addr ph_src;
+                       struct in6_addr ph_dst;
+                       u_int32_t       ph_len;
+                       u_int8_t        ph_zero[3];
+                       u_int8_t        ph_nxt;
+               } ph;
+               u_int16_t pa[20];
+       } phu;
+
+       /* pseudo-header */
+       memset(&phu, 0, sizeof(phu));
+       phu.ph.ph_src = ip6->ip6_src;
+       phu.ph.ph_dst = ip6->ip6_dst;
+       phu.ph.ph_len = htonl(len);
+       phu.ph.ph_nxt = IPPROTO_TCP;
+
+       sum = 0;
+       for (i = 0; i < sizeof(phu.pa) / sizeof(phu.pa[0]); i++)
+               sum += phu.pa[i];
+
+       sp = (const u_int16_t *)tp;
+
+       for (i = 0; i < (len & ~1); i += 2)
+               sum += *sp++;
+
+       if (len & 1)
+               sum += htons((*(const u_int8_t *)sp) << 8);
+
+       while (sum > 0xffff)
+               sum = (sum & 0xffff) + (sum >> 16);
+       sum = ~sum & 0xffff;
+
+       return (sum);
+}
+#endif
 
 void
 tcp_print(register const u_char *bp, register u_int length,
 
 void
 tcp_print(register const u_char *bp, register u_int length,
-         register const u_char *bp2)
+         register const u_char *bp2, int fragmented)
 {
        register const struct tcphdr *tp;
        register const struct ip *ip;
        register u_char flags;
 {
        register const struct tcphdr *tp;
        register const struct ip *ip;
        register u_char flags;
-       register int hlen;
+       register u_int hlen;
        register char ch;
        register char ch;
-       u_short sport, dport, win, urp;
+       u_int16_t sport, dport, win, urp;
        u_int32_t seq, ack, thseq, thack;
        int threv;
 #ifdef INET6
        u_int32_t seq, ack, thseq, thack;
        int threv;
 #ifdef INET6
@@ -132,7 +200,7 @@ tcp_print(register const u_char *bp, register u_int length,
        tp = (struct tcphdr *)bp;
        ip = (struct ip *)bp2;
 #ifdef INET6
        tp = (struct tcphdr *)bp;
        ip = (struct ip *)bp2;
 #ifdef INET6
-       if (ip->ip_v == 6)
+       if (IP_V(ip) == 6)
                ip6 = (struct ip6_hdr *)bp2;
        else
                ip6 = NULL;
                ip6 = (struct ip6_hdr *)bp2;
        else
                ip6 = NULL;
@@ -145,9 +213,30 @@ tcp_print(register const u_char *bp, register u_int length,
                return;
        }
 
                return;
        }
 
-       sport = ntohs(tp->th_sport);
-       dport = ntohs(tp->th_dport);
+       sport = EXTRACT_16BITS(&tp->th_sport);
+       dport = EXTRACT_16BITS(&tp->th_dport);
+
+       hlen = TH_OFF(tp) * 4;
 
 
+       /*
+        * If data present and NFS port used, assume NFS.
+        * Pass offset of data plus 4 bytes for RPC TCP msg length
+        * to NFS print routines.
+        */
+       if (!qflag) {
+               if ((u_char *)tp + 4 + sizeof(struct rpc_msg) <= snapend &&
+                   dport == NFS_PORT) {
+                       nfsreq_print((u_char *)tp + hlen + 4, length - hlen,
+                                    (u_char *)ip);
+                       return;
+               } else if ((u_char *)tp + 4 + sizeof(struct rpc_msg)
+                          <= snapend &&
+                          sport == NFS_PORT) {
+                       nfsreply_print((u_char *)tp + hlen + 4, length - hlen,
+                                      (u_char *)ip);
+                       return;
+               }
+       }
 #ifdef INET6
        if (ip6) {
                if (ip6->ip6_nxt == IPPROTO_TCP) {
 #ifdef INET6
        if (ip6) {
                if (ip6->ip6_nxt == IPPROTO_TCP) {
@@ -177,21 +266,17 @@ tcp_print(register const u_char *bp, register u_int length,
 
        TCHECK(*tp);
 
 
        TCHECK(*tp);
 
-       seq = ntohl(tp->th_seq);
-       ack = ntohl(tp->th_ack);
-       win = ntohs(tp->th_win);
-       urp = ntohs(tp->th_urp);
+       seq = EXTRACT_32BITS(&tp->th_seq);
+       ack = EXTRACT_32BITS(&tp->th_ack);
+       win = EXTRACT_16BITS(&tp->th_win);
+       urp = EXTRACT_16BITS(&tp->th_urp);
 
        if (qflag) {
 
        if (qflag) {
-               (void)printf("tcp %d", length - tp->th_off * 4);
+               (void)printf("tcp %d", length - TH_OFF(tp) * 4);
                return;
        }
                return;
        }
-#ifdef TH_ECN
-       if ((flags = tp->th_flags) & (TH_SYN|TH_FIN|TH_RST|TH_PUSH|TH_ECN))
-#else
-       if ((flags = tp->th_flags) & (TH_SYN|TH_FIN|TH_RST|TH_PUSH))
-#endif
-       {
+       if ((flags = tp->th_flags) & (TH_SYN|TH_FIN|TH_RST|TH_PUSH|
+                                     TH_ECNECHO|TH_CWR)) {
                if (flags & TH_SYN)
                        putchar('S');
                if (flags & TH_FIN)
                if (flags & TH_SYN)
                        putchar('S');
                if (flags & TH_FIN)
@@ -200,24 +285,16 @@ tcp_print(register const u_char *bp, register u_int length,
                        putchar('R');
                if (flags & TH_PUSH)
                        putchar('P');
                        putchar('R');
                if (flags & TH_PUSH)
                        putchar('P');
-#ifdef TH_ECN
-               if (flags & TH_ECN)
-                       putchar('C');
-#endif
+               if (flags & TH_CWR)
+                       putchar('W');   /* congestion _W_indow reduced (ECN) */
+               if (flags & TH_ECNECHO)
+                       putchar('E');   /* ecn _E_cho sent (ECN) */
        } else
                putchar('.');
 
        } else
                putchar('.');
 
-       if (flags&0xc0) {
-               printf(" [");
-               if (flags&0x40)
-                       printf("ECN-Echo");
-               if (flags&0x80)
-                       printf("%sCWR", (flags&0x40) ? "," : "");
-               printf("]");
-       }
-
        if (!Sflag && (flags & TH_ACK)) {
                register struct tcp_seq_hash *th;
        if (!Sflag && (flags & TH_ACK)) {
                register struct tcp_seq_hash *th;
+               const void *src, *dst;
                register int rev;
                struct tha tha;
                /*
                register int rev;
                struct tha tha;
                /*
@@ -227,69 +304,74 @@ tcp_print(register const u_char *bp, register u_int length,
                 * both directions).
                 */
 #ifdef INET6
                 * both directions).
                 */
 #ifdef INET6
-               bzero(&tha, sizeof(tha));
+               memset(&tha, 0, sizeof(tha));
                rev = 0;
                if (ip6) {
                rev = 0;
                if (ip6) {
-                       if (sport > dport) {
+                       src = &ip6->ip6_src;
+                       dst = &ip6->ip6_dst;
+                       if (sport > dport)
                                rev = 1;
                                rev = 1;
-                       } else if (sport == dport) {
-                           int i;
-
-                           for (i = 0; i < 4; i++) {
-                               if (((u_int32_t *)(&ip6->ip6_src))[i] >
-                                   ((u_int32_t *)(&ip6->ip6_dst))[i]) {
+                       else if (sport == dport) {
+                               if (memcmp(src, dst, sizeof ip6->ip6_dst) > 0)
                                        rev = 1;
                                        rev = 1;
-                                       break;
-                               }
-                           }
                        }
                        if (rev) {
                        }
                        if (rev) {
-                               tha.src = ip6->ip6_dst;
-                               tha.dst = ip6->ip6_src;
+                               memcpy(&tha.src, dst, sizeof ip6->ip6_dst);
+                               memcpy(&tha.dst, src, sizeof ip6->ip6_src);
                                tha.port = dport << 16 | sport;
                        } else {
                                tha.port = dport << 16 | sport;
                        } else {
-                               tha.dst = ip6->ip6_dst;
-                               tha.src = ip6->ip6_src;
+                               memcpy(&tha.dst, dst, sizeof ip6->ip6_dst);
+                               memcpy(&tha.src, src, sizeof ip6->ip6_src);
                                tha.port = sport << 16 | dport;
                        }
                } else {
                                tha.port = sport << 16 | dport;
                        }
                } else {
-                       if (sport > dport ||
-                           (sport == dport &&
-                            ip->ip_src.s_addr > ip->ip_dst.s_addr)) {
+                       src = &ip->ip_src;
+                       dst = &ip->ip_dst;
+                       if (sport > dport)
                                rev = 1;
                                rev = 1;
+                       else if (sport == dport) {
+                               if (memcmp(src, dst, sizeof ip->ip_dst) > 0)
+                                       rev = 1;
                        }
                        if (rev) {
                        }
                        if (rev) {
-                               *(struct in_addr *)&tha.src = ip->ip_dst;
-                               *(struct in_addr *)&tha.dst = ip->ip_src;
+                               memcpy(&tha.src, dst, sizeof ip->ip_dst);
+                               memcpy(&tha.dst, src, sizeof ip->ip_src);
                                tha.port = dport << 16 | sport;
                        } else {
                                tha.port = dport << 16 | sport;
                        } else {
-                               *(struct in_addr *)&tha.dst = ip->ip_dst;
-                               *(struct in_addr *)&tha.src = ip->ip_src;
+                               memcpy(&tha.dst, dst, sizeof ip->ip_dst);
+                               memcpy(&tha.src, src, sizeof ip->ip_src);
                                tha.port = sport << 16 | dport;
                        }
                }
 #else
                                tha.port = sport << 16 | dport;
                        }
                }
 #else
-               if (sport < dport ||
-                   (sport == dport &&
-                    ip->ip_src.s_addr < ip->ip_dst.s_addr)) {
-                       tha.src = ip->ip_src, tha.dst = ip->ip_dst;
-                       tha.port = sport << 16 | dport;
-                       rev = 0;
-               } else {
-                       tha.src = ip->ip_dst, tha.dst = ip->ip_src;
-                       tha.port = dport << 16 | sport;
+               rev = 0;
+               src = &ip->ip_src;
+               dst = &ip->ip_dst;
+               if (sport > dport)
                        rev = 1;
                        rev = 1;
+               else if (sport == dport) {
+                       if (memcmp(src, dst, sizeof ip->ip_dst) > 0)
+                               rev = 1;
+               }
+               if (rev) {
+                       memcpy(&tha.src, dst, sizeof ip->ip_dst);
+                       memcpy(&tha.dst, src, sizeof ip->ip_src);
+                       tha.port = dport << 16 | sport;
+               } else {
+                       memcpy(&tha.dst, dst, sizeof ip->ip_dst);
+                       memcpy(&tha.src, src, sizeof ip->ip_src);
+                       tha.port = sport << 16 | dport;
                }
 #endif
 
                threv = rev;
                for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
                     th->nxt; th = th->nxt)
                }
 #endif
 
                threv = rev;
                for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
                     th->nxt; th = th->nxt)
-                       if (!memcmp((char *)&tha, (char *)&th->addr,
-                                 sizeof(th->addr)))
+                       if (memcmp((char *)&tha, (char *)&th->addr,
+                                 sizeof(th->addr)) == 0)
                                break;
 
                                break;
 
-               if (!th->nxt || flags & TH_SYN) {
+               if (!th->nxt || (flags & TH_SYN)) {
                        /* didn't find it or new conversation */
                        if (th->nxt == NULL) {
                                th->nxt = (struct tcp_seq_hash *)
                        /* didn't find it or new conversation */
                        if (th->nxt == NULL) {
                                th->nxt = (struct tcp_seq_hash *)
@@ -303,24 +385,51 @@ tcp_print(register const u_char *bp, register u_int length,
                        else
                                th->seq = seq, th->ack = ack - 1;
                } else {
                        else
                                th->seq = seq, th->ack = ack - 1;
                } else {
-         
-                       thseq = th->seq;
-                       thack = th->ack;
-
                        if (rev)
                                seq -= th->ack, ack -= th->seq;
                        else
                                seq -= th->seq, ack -= th->ack;
                }
                        if (rev)
                                seq -= th->ack, ack -= th->seq;
                        else
                                seq -= th->seq, ack -= th->ack;
                }
+
+               thseq = th->seq;
+               thack = th->ack;
+       } else {
+               /*fool gcc*/
+               thseq = thack = threv = 0;
        }
        }
-       hlen = tp->th_off * 4;
        if (hlen > length) {
                (void)printf(" [bad hdr length]");
                return;
        }
        if (hlen > length) {
                (void)printf(" [bad hdr length]");
                return;
        }
+
+       if (IP_V(ip) == 4 && vflag && !fragmented) {
+               u_int16_t sum, tcp_sum;
+               if (TTEST2(tp->th_sport, length)) {
+                       sum = tcp_cksum(ip, tp, length);
+                       if (sum != 0) {
+                               tcp_sum = EXTRACT_16BITS(&tp->th_sum);
+                               (void)printf(" [bad tcp cksum %x (->%x)!]",
+                                   tcp_sum, in_cksum_shouldbe(tcp_sum, sum));
+                       } else
+                               (void)printf(" [tcp sum ok]");
+               }
+       }
+#ifdef INET6
+       if (IP_V(ip) == 6 && ip6->ip6_plen && vflag && !fragmented) {
+               int sum;
+               if (TTEST2(tp->th_sport, length)) {
+                       sum = tcp6_cksum(ip6, tp, length);
+                       if (sum != 0)
+                               (void)printf(" [bad tcp cksum %x!]", sum);
+                       else
+                               (void)printf(" [tcp sum ok]");
+               }
+       }
+#endif
+
        length -= hlen;
        if (vflag > 1 || length > 0 || flags & (TH_SYN | TH_FIN | TH_RST))
        length -= hlen;
        if (vflag > 1 || length > 0 || flags & (TH_SYN | TH_FIN | TH_RST))
-               (void)printf(" %u:%u(%d)", seq, seq + length, length);
+               (void)printf(" %u:%u(%u)", seq, seq + length, length);
        if (flags & TH_ACK)
                (void)printf(" ack %u", ack);
 
        if (flags & TH_ACK)
                (void)printf(" ack %u", ack);
 
@@ -331,10 +440,12 @@ tcp_print(register const u_char *bp, register u_int length,
        /*
         * Handle any options.
         */
        /*
         * Handle any options.
         */
-       if ((hlen -= sizeof(*tp)) > 0) {
+       if (hlen > sizeof(*tp)) {
                register const u_char *cp;
                register const u_char *cp;
-               register int i, opt, len, datalen;
+               register u_int i, opt, datalen;
+               register u_int len;
 
 
+               hlen -= sizeof(*tp);
                cp = (const u_char *)tp + sizeof(*tp);
                putchar(' ');
                ch = '<';
                cp = (const u_char *)tp + sizeof(*tp);
                putchar(' ');
                ch = '<';
@@ -457,8 +568,28 @@ tcp_print(register const u_char *bp, register u_int length,
                                (void)printf(" %u", EXTRACT_32BITS(cp));
                                break;
 
                                (void)printf(" %u", EXTRACT_32BITS(cp));
                                break;
 
+                       case TCPOPT_SIGNATURE:
+                               (void)printf("md5:");
+                               if (IP_V(ip) != 4) {
+                                       (void)printf("!ipv4");
+                                       break;
+                               }
+                               datalen = TCP_SIGLEN;
+                               LENCHECK(datalen);
+#ifdef HAVE_LIBCRYPTO
+                               if (tcp_verify_signature(ip, tp,
+                                   bp + TH_OFF(tp) * 4, length, cp) == 0)
+                                       (void)printf("valid");
+                               else
+                                       (void)printf("invalid");
+#else
+                               for (i = 0; i < TCP_SIGLEN; ++i)
+                                       (void)printf("%02x", cp[i]);
+#endif
+                               break;
+
                        default:
                        default:
-                               (void)printf("opt-%d:", opt);
+                               (void)printf("opt-%u:", opt);
                                datalen = len - 2;
                                for (i = 0; i < datalen; ++i) {
                                        LENCHECK(i);
                                datalen = len - 2;
                                for (i = 0; i < datalen; ++i) {
                                        LENCHECK(i);
@@ -490,11 +621,38 @@ tcp_print(register const u_char *bp, register u_int length,
        /*
         * Decode payload if necessary.
         */
        /*
         * Decode payload if necessary.
         */
-       bp += (tp->th_off * 4);
-       if (sport == BGP_PORT || dport == BGP_PORT)
-               bgp_print(bp, length);
-       if (sport == NETBIOS_SSN_PORT || dport == NETBIOS_SSN_PORT)
-               nbt_tcp_print(bp, length);
+       bp += TH_OFF(tp) * 4;
+       if (flags & TH_RST) {
+               if (vflag)
+                       print_tcp_rst_data(bp, length);
+       } else {
+               if (sport == TELNET_PORT || dport == TELNET_PORT) {
+                       if (!qflag && vflag)
+                               telnet_print(bp, length);
+               } else if (sport == BGP_PORT || dport == BGP_PORT)
+                       bgp_print(bp, length);
+               else if (sport == PPTP_PORT || dport == PPTP_PORT)
+                       pptp_print(bp);
+#ifdef TCPDUMP_DO_SMB
+               else if (sport == NETBIOS_SSN_PORT || dport == NETBIOS_SSN_PORT)
+                       nbt_tcp_print(bp, length);
+#endif
+               else if (sport == BEEP_PORT || dport == BEEP_PORT)
+                       beep_print(bp, length);
+               else if (length > 2 &&
+                   (sport == NAMESERVER_PORT || dport == NAMESERVER_PORT ||
+                    sport == MULTICASTDNS_PORT || dport == MULTICASTDNS_PORT)) {
+                       /*
+                        * TCP DNS query has 2byte length at the head.
+                        * XXX packet could be unaligned, it can go strange
+                        */
+                       ns_print(bp + 2, length - 2, 0);
+               } else if (sport == MSDP_PORT || dport == MSDP_PORT) {
+                       msdp_print(bp, length);
+               }
+                else if (sport == LDP_PORT || dport == LDP_PORT)
+                        printf(": LDP, length: %u", length);
+       }
        return;
 bad:
        fputs("[bad opt]", stdout);
        return;
 bad:
        fputs("[bad opt]", stdout);
@@ -507,3 +665,89 @@ trunc:
                putchar('>');
 }
 
                putchar('>');
 }
 
+/*
+ * RFC1122 says the following on data in RST segments:
+ *
+ *         4.2.2.12  RST Segment: RFC-793 Section 3.4
+ *
+ *            A TCP SHOULD allow a received RST segment to include data.
+ *
+ *            DISCUSSION
+ *                 It has been suggested that a RST segment could contain
+ *                 ASCII text that encoded and explained the cause of the
+ *                 RST.  No standard has yet been established for such
+ *                 data.
+ *
+ */
+
+static void
+print_tcp_rst_data(register const u_char *sp, u_int length)
+{
+       int c;
+
+       if (TTEST2(*sp, length))
+               printf(" [RST");
+       else
+               printf(" [!RST");
+       if (length > MAX_RST_DATA_LEN) {
+               length = MAX_RST_DATA_LEN;      /* can use -X for longer */
+               putchar('+');                   /* indicate we truncate */
+       }
+       putchar(' ');
+       while (length-- && sp <= snapend) {
+               c = *sp++;
+               safeputchar(c);
+       }
+       putchar(']');
+}
+
+#ifdef HAVE_LIBCRYPTO
+static int
+tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
+    const u_char *data, int length, const u_char *rcvsig)
+{
+        struct tcphdr tp1;
+       char sig[TCP_SIGLEN];
+       char zero_proto = 0;
+       MD5_CTX ctx;
+       u_short savecsum, tlen;
+
+       tp1 = *tp;
+
+       if (tcpmd5secret == NULL)
+               return (-1);
+
+       MD5_Init(&ctx);
+       /*
+        * Step 1: Update MD5 hash with IP pseudo-header.
+        */
+       MD5_Update(&ctx, (char *)&ip->ip_src, sizeof(ip->ip_src));
+       MD5_Update(&ctx, (char *)&ip->ip_dst, sizeof(ip->ip_dst));
+       MD5_Update(&ctx, (char *)&zero_proto, sizeof(zero_proto));
+       MD5_Update(&ctx, (char *)&ip->ip_p, sizeof(ip->ip_p));
+       tlen = EXTRACT_16BITS(&ip->ip_len) - IP_HL(ip) * 4;
+       tlen = htons(tlen);
+       MD5_Update(&ctx, (char *)&tlen, sizeof(tlen));
+
+       /*
+        * Step 2: Update MD5 hash with TCP header, excluding options.
+        * The TCP checksum must be set to zero.
+        */
+       savecsum = tp1.th_sum;
+       tp1.th_sum = 0;
+       MD5_Update(&ctx, (char *)&tp1, sizeof(struct tcphdr));
+       tp1.th_sum = savecsum;
+       /*
+        * Step 3: Update MD5 hash with TCP segment data, if present.
+        */
+       if (length > 0)
+               MD5_Update(&ctx, data, length);
+       /*
+        * Step 4: Update MD5 hash with shared secret.
+        */
+       MD5_Update(&ctx, tcpmd5secret, strlen(tcpmd5secret));
+       MD5_Final(sig, &ctx);
+
+       return (memcmp(rcvsig, sig, 16));
+}
+#endif /* HAVE_LIBCRYPTO */
[mirror] the TCPdump network dissector