X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/5fa8fc69b23ca302382f07b8ab3de69072fdb68b..2b4965f56167dfda7c60fc9db2d145698d948fd5:/print-isakmp.c

diff --git a/print-isakmp.c b/print-isakmp.c
index 2a4c56fe..4f96afe3 100644
--- a/print-isakmp.c
+++ b/print-isakmp.c
@@ -30,7 +30,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-isakmp.c,v 1.58 2007-11-24 18:13:33 mcr Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/print-isakmp.c,v 1.61 2008-02-05 19:34:25 guy Exp $ (LBL)";
 #endif
 
 #define NETDISSECT_REWORKED
@@ -1542,21 +1542,21 @@ ikev2_sa_print(netdissect_options *ndo, u_char tpay,
 		u_int32_t proto _U_, int depth _U_)
 {
 	struct isakmp_gen e;
-	int    osa_len, sa_len;
+	int    osa_length, sa_length;
 
 	ND_TCHECK(*ext1);
 	safememcpy(&e, ext1, sizeof(e));
 	ikev2_pay_print(ndo, "sa", e.critical);
 
-	osa_len= ntohs(e.len);
-	sa_len = osa_len - 4;
-	ND_PRINT((ndo," len=%d", sa_len));
+	osa_length= ntohs(e.len);
+	sa_length = osa_length - 4;
+	ND_PRINT((ndo," len=%d", sa_length));
 
 	ikev2_sub_print(ndo, NULL, ISAKMP_NPTYPE_P,
 			ext1+1, ep,
 			0, 0, 0, depth);
 
-	return (u_char *)ext1 + osa_len;
+	return (u_char *)ext1 + osa_length;
 trunc:
 	ND_PRINT((ndo," [|%s]", NPSTR(tpay)));
 	return NULL;
@@ -1663,7 +1663,7 @@ ikev2_ID_print(netdissect_options *ndo, u_char tpay,
 		}
 	}
 	if(dumphex) {
-		if (!rawprint(ndo, typedata, idtype_len))
+		if (!rawprint(ndo, (caddr_t)typedata, idtype_len))
 			goto trunc;
 	}
 
@@ -1700,27 +1700,30 @@ ikev2_auth_print(netdissect_options *ndo, u_char tpay,
 		u_int32_t phase _U_, u_int32_t doi _U_,
 		u_int32_t proto _U_, int depth _U_)
 {
-	struct ikev2_auth e;
+	struct ikev2_auth a;
 	const char *v2_auth[]={ "invalid", "rsasig",
 				"shared-secret", "dsssig" };
+	u_char *authdata = (u_char*)ext + sizeof(a);
+	unsigned int len;
 
 	ND_TCHECK(*ext);
-	safememcpy(&e, ext, sizeof(e));
-	ikev2_pay_print(ndo, NPSTR(tpay), e.h.critical);
+	safememcpy(&a, ext, sizeof(a));
+	ikev2_pay_print(ndo, NPSTR(tpay), a.h.critical);
+	len = ntohs(a.h.len);
 
-	ND_PRINT((ndo," len=%d method=%s", ntohs(e.h.len) - 4, 
-		  STR_OR_ID(e.auth_method, v2_auth)));
+	ND_PRINT((ndo," len=%d method=%s", len-4, 
+		  STR_OR_ID(a.auth_method, v2_auth)));
 
-	if (1 < ndo->ndo_vflag && 4 < ntohs(e.h.len)) {
+	if (1 < ndo->ndo_vflag && 4 < len) {
 		ND_PRINT((ndo," authdata=("));
-		if (!rawprint(ndo, (caddr_t)(ext + 1), ntohs(e.h.len) - 4))
+		if (!rawprint(ndo, (caddr_t)authdata, len - sizeof(a)))
 			goto trunc;
 		ND_PRINT((ndo,") "));
-	} else if(ndo->ndo_vflag && 4 < ntohs(e.h.len)) {
-		if(!ike_show_somedata(ndo, (const u_char *)(ext+1), ep)) goto trunc;
+	} else if(ndo->ndo_vflag && 4 < len) {
+		if(!ike_show_somedata(ndo, authdata, ep)) goto trunc;
 	}
 
-	return (u_char *)ext + ntohs(e.h.len);
+	return (u_char *)ext + len;
 trunc:
 	ND_PRINT((ndo," [|%s]", NPSTR(tpay)));
 	return NULL;
@@ -1996,7 +1999,7 @@ ikev2_vid_print(netdissect_options *ndo, u_char tpay,
 	ND_TCHECK2(*vid, len);
 	for(i=0; i<len; i++) {
 		if(isprint(vid[i])) ND_PRINT((ndo, "%c", vid[i]));
-		else ND_PRINT((ndo, ".", vid[i]));
+		else ND_PRINT((ndo, "."));
 	}
 	if (2 < ndo->ndo_vflag && 4 < len) {
 		ND_PRINT((ndo," "));
@@ -2020,12 +2023,30 @@ ikev2_TS_print(netdissect_options *ndo, u_char tpay,
 }
 
 static const u_char *
-ikev2_e_print(netdissect_options *ndo, struct isakmp *base,
+ikev2_e_print(netdissect_options *ndo,
+#ifndef HAVE_LIBCRYPTO
+	      _U_
+#endif
+	      struct isakmp *base,
 	      u_char tpay, 
-		const struct isakmp_gen *ext,
-		u_int item_len _U_, const u_char *ep _U_,
-		u_int32_t phase, u_int32_t doi,
-		u_int32_t proto, int depth)
+	      const struct isakmp_gen *ext,
+	      u_int item_len _U_, const u_char *ep _U_,
+#ifndef HAVE_LIBCRYPTO
+	      _U_
+#endif
+	      u_int32_t phase,
+#ifndef HAVE_LIBCRYPTO
+	      _U_
+#endif
+	      u_int32_t doi,
+#ifndef HAVE_LIBCRYPTO
+	      _U_
+#endif
+	      u_int32_t proto,
+#ifndef HAVE_LIBCRYPTO
+	      _U_
+#endif
+	      int depth)
 {
 	struct isakmp_gen e;
 	u_char *dat;
@@ -2047,6 +2068,7 @@ ikev2_e_print(netdissect_options *ndo, struct isakmp *base,
 	dat = (u_char *)(ext+1);
 	ND_TCHECK2(*dat, dlen);
 	
+#ifdef HAVE_LIBCRYPTO
 	/* try to decypt it! */
 	if(esp_print_decrypt_buffer_by_ikev2(ndo,
 					     base->flags & ISAKMP_FLAG_I,
@@ -2059,6 +2081,7 @@ ikev2_e_print(netdissect_options *ndo, struct isakmp *base,
 		ikev2_sub_print(ndo, base, e.np, ext, ndo->ndo_snapend,
 				phase, doi, proto, depth+1);
 	}
+#endif
 	
 
 	/* always return NULL, because E must be at end, and NP refers
@@ -2191,7 +2214,7 @@ safememcpy(void *p, const void *q, size_t l)
 	memcpy(p, q, l);
 }
 
-void
+static void
 ikev1_print(netdissect_options *ndo,
 	    const u_char *bp,  u_int length,
 	    const u_char *bp2, struct isakmp *base)
@@ -2384,7 +2407,7 @@ ikev2_print(netdissect_options *ndo,
 
 	ND_PRINT((ndo, " %s", ETYPESTR(base->etype)));
 	if (base->flags) {
-		ND_PRINT((ndo, "[%s%s]",
+		ND_PRINT((ndo, "[%s%s%s]",
 			  base->flags & ISAKMP_FLAG_I ? "I" : "",
 			  base->flags & ISAKMP_FLAG_V ? "V" : "",
 			  base->flags & ISAKMP_FLAG_R ? "R" : ""));
@@ -2433,11 +2456,13 @@ isakmp_print(netdissect_options *ndo,
 	const u_char *ep;
 	int major, minor;
 
-	/* initiailize SAs */
+#ifdef HAVE_LIBCRYPTO
+	/* initialize SAs */
 	if (ndo->ndo_sa_list_head == NULL) {
 		if (ndo->ndo_espsecret)
 			esp_print_decodesecret(ndo);
 	}
+#endif
 
 	p = (const struct isakmp *)bp;
 	ep = ndo->ndo_snapend;