* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-#define NETDISSECT_REWORKED
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
+/* \summary: IPSEC Authentication Header printer */
-#include <tcpdump-stdinc.h>
+#include <config.h>
-#include "ah.h"
+#include "netdissect-stdinc.h"
-#include "interface.h"
+#include "netdissect.h"
#include "extract.h"
+#include "ah.h"
+
int
-ah_print(netdissect_options *ndo, register const u_char *bp)
+ah_print(netdissect_options *ndo, const u_char *bp)
{
- register const struct ah *ah;
- register const u_char *ep;
- int sumlen;
- uint32_t spi;
+ const struct ah *ah;
+ uint8_t ah_len;
+ u_int ah_hdr_len;
+ uint16_t reserved;
+ const u_char *p;
+ ndo->ndo_protocol = "ah";
ah = (const struct ah *)bp;
- ep = ndo->ndo_snapend; /* 'ep' points to the end of available data. */
-
- ND_TCHECK(*ah);
- sumlen = ah->ah_len << 2;
- spi = EXTRACT_32BITS(&ah->ah_spi);
+ nd_print_protocol_caps(ndo);
+/*
+ * RFC4302
+ *
+ * 2.2. Payload Length
+ *
+ * This 8-bit field specifies the length of AH in 32-bit words (4-byte
+ * units), minus "2".
+ */
+ ah_len = GET_U_1(ah->ah_len);
+ ah_hdr_len = (ah_len + 2) * 4;
- ND_PRINT((ndo, "AH(spi=0x%08x", spi));
+ ND_PRINT("(");
if (ndo->ndo_vflag)
- ND_PRINT((ndo, ",sumlen=%d", sumlen));
- ND_PRINT((ndo, ",seq=0x%x", EXTRACT_32BITS(ah + 1)));
- if (bp + sizeof(struct ah) + sumlen > ep)
- ND_PRINT((ndo, "[truncated]"));
- ND_PRINT((ndo, "): "));
+ ND_PRINT("length=%u(%u-bytes),", ah_len, ah_hdr_len);
+ reserved = GET_BE_U_2(ah->ah_reserved);
+ if (reserved)
+ ND_PRINT("reserved=0x%x[MustBeZero],", reserved);
+ ND_PRINT("spi=0x%08x,", GET_BE_U_4(ah->ah_spi));
+ ND_PRINT("seq=0x%x,", GET_BE_U_4(ah->ah_seq));
+ ND_PRINT("icv=0x");
+ for (p = (const u_char *)(ah + 1); p < bp + ah_hdr_len; p++)
+ ND_PRINT("%02x", GET_U_1(p));
+ ND_PRINT("): ");
- return sizeof(struct ah) + sumlen;
- trunc:
- ND_PRINT((ndo, "[|AH]"));
- return -1;
+ return ah_hdr_len;
}
projects / tcpdump / blobdiff