#endif
#include "netdissect.h"
-#include "strtoaddr.h"
#include "extract.h"
+#include "diag-control.h"
+
+#ifdef HAVE_LIBCRYPTO
+#include "strtoaddr.h"
#include "ascii_strcasecmp.h"
+#endif
#include "ip.h"
#include "ip6.h"
}
#endif
-#ifdef HAVE_EVP_CIPHERINIT_EX
+#ifdef HAVE_EVP_DECRYPTINIT_EX
/*
* Initialize the cipher by calling EVP_DecryptInit_ex(), because
* calling EVP_DecryptInit() will reset the cipher context, clearing
* dissecting anything in it and before it does any dissection of
* anything in the old buffer. That will free the new buffer.
*/
-USES_APPLE_DEPRECATED_API
-int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
+DIAG_OFF_DEPRECATION
+int esp_decrypt_buffer_by_ikev2_print(netdissect_options *ndo,
int initiator,
const u_char spii[8],
const u_char spir[8],
if(end <= ct) return 0;
- pt = do_decrypt(ndo, "esp_print_decrypt_buffer_by_ikev2", sa, iv,
+ pt = do_decrypt(ndo, "esp_decrypt_buffer_by_ikev2_print", sa, iv,
ct, ctlen);
if (pt == NULL)
return 0;
return 1;
}
-USES_APPLE_RST
+DIAG_ON_DEPRECATION
static void esp_print_addsa(netdissect_options *ndo,
struct sa_list *sa, int sa_def)
nsa = (struct sa_list *)malloc(sizeof(struct sa_list));
if (nsa == NULL)
(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
- "esp_print_addsa: malloc");
+ "%s: malloc", __func__);
*nsa = *sa;
* decode the form: SPINUM@IP <tab> ALGONAME:0xsecret
*/
-USES_APPLE_DEPRECATED_API
+DIAG_OFF_DEPRECATION
static int
espprint_decode_encalgo(netdissect_options *ndo,
char *decode, struct sa_list *sa)
return 1;
}
-USES_APPLE_RST
+DIAG_ON_DEPRECATION
/*
* for the moment, ignore the auth algorithm, just hard code the authenticator
secretfile = fopen(filename, FOPEN_READ_TXT);
if (secretfile == NULL) {
(*ndo->ndo_error)(ndo, S_ERR_ND_OPEN_FILE,
- "print_esp: can't open %s: %s\n",
- filename, strerror(errno));
+ "%s: can't open %s: %s\n",
+ __func__, filename, strerror(errno));
}
while (fgets(fileline, sizeof(fileline)-1, secretfile) != NULL) {
esp_print_addsa(ndo, &sa1, sa_def);
}
-USES_APPLE_DEPRECATED_API
+DIAG_OFF_DEPRECATION
static void esp_init(netdissect_options *ndo _U_)
{
/*
#endif
EVP_add_cipher_alias(SN_des_ede3_cbc, "3des");
}
-USES_APPLE_RST
+DIAG_ON_DEPRECATION
-void esp_print_decodesecret(netdissect_options *ndo)
+void esp_decodesecret_print(netdissect_options *ndo)
{
char *line;
char *p;
#endif
#ifdef HAVE_LIBCRYPTO
-USES_APPLE_DEPRECATED_API
+DIAG_OFF_DEPRECATION
#endif
void
esp_print(netdissect_options *ndo,
if (!ndo->ndo_espsecret)
return;
- esp_print_decodesecret(ndo);
+ esp_decodesecret_print(ndo);
}
if (ndo->ndo_sa_list_head == NULL)
if (!nd_push_buffer(ndo, pt, pt, ep)) {
free(pt);
(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
- "esp_print: can't push buffer on buffer stack");
+ "%s: can't push buffer on buffer stack", __func__);
}
/*
ND_PRINT(": ");
+ /*
+ * Don't put padding + padding length(1 byte) + next header(1 byte)
+ * in the buffer because they are not part of the plaintext to decode.
+ */
+ nd_push_snapend(ndo, ep - (padlen + 2));
+
/* Now dissect the plaintext. */
- ip_print_demux(ndo, pt, payloadlen - (padlen + 2), ver, fragmented,
- ttl_hl, nh, bp2);
+ ip_demux_print(ndo, pt, payloadlen - (padlen + 2), ver, fragmented,
+ ttl_hl, nh, bp2);
/* Pop the buffer, freeing it. */
nd_pop_packet_info(ndo);
+ /* Pop the nd_push_snapend */
+ nd_pop_packet_info(ndo);
#endif
}
#ifdef HAVE_LIBCRYPTO
-USES_APPLE_RST
+DIAG_ON_DEPRECATION
#endif
projects / tcpdump / blobdiff