X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/8234cdad9b3f82b4fadd2fd882f8b7280d412b1b..ad87e9495c5c5ecdbb38b7ad76e9c54d7e9852ac:/print-tcp.c

diff --git a/print-tcp.c b/print-tcp.c
index 6cce9e21..6f5d433d 100644
--- a/print-tcp.c
+++ b/print-tcp.c
@@ -2,6 +2,8 @@
  * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
  *	The Regents of the University of California.  All rights reserved.
  *
+ * Copyright (c) 1999-2004 The tcpdump.org project
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that: (1) source code distributions
  * retain the above copyright notice and this paragraph in its entirety, (2)
@@ -21,7 +23,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-tcp.c,v 1.111 2004-03-23 07:15:36 guy Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/print-tcp.c,v 1.122 2005-04-21 06:35:52 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -30,8 +32,6 @@ static const char rcsid[] _U_ =
 
 #include <tcpdump-stdinc.h>
 
-#include <rpc/rpc.h>
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -47,13 +47,19 @@ static const char rcsid[] _U_ =
 #include "ip6.h"
 #endif
 #include "ipproto.h"
+#include "rpc_auth.h"
+#include "rpc_msg.h"
 
 #include "nameser.h"
 
 #ifdef HAVE_LIBCRYPTO
 #include <openssl/md5.h>
 
-static int tcp_verify_signature(const struct ip *ip, struct tcphdr *tp,
+#define SIGNATURE_VALID		0
+#define SIGNATURE_INVALID	1
+#define CANT_CHECK_SIGNATURE	2
+
+static int tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
     const u_char *data, int length, const u_char *rcvsig);
 #endif
 
@@ -219,17 +225,18 @@ tcp_print(register const u_char *bp, register u_int length,
 	hlen = TH_OFF(tp) * 4;
 
 	/*
-	 * If data present and NFS port used, assume NFS.
+	 * If data present, header length valid, and NFS port used,
+	 * assume NFS.
 	 * Pass offset of data plus 4 bytes for RPC TCP msg length
 	 * to NFS print routines.
 	 */
-	if (!qflag) {
-		if ((u_char *)tp + 4 + sizeof(struct rpc_msg) <= snapend &&
+	if (!qflag && hlen >= sizeof(*tp) && hlen <= length) {
+		if ((u_char *)tp + 4 + sizeof(struct sunrpc_msg) <= snapend &&
 		    dport == NFS_PORT) {
 			nfsreq_print((u_char *)tp + hlen + 4, length - hlen,
 				     (u_char *)ip);
 			return;
-		} else if ((u_char *)tp + 4 + sizeof(struct rpc_msg)
+		} else if ((u_char *)tp + 4 + sizeof(struct sunrpc_msg)
 			   <= snapend &&
 			   sport == NFS_PORT) {
 			nfsreply_print((u_char *)tp + hlen + 4, length - hlen,
@@ -264,6 +271,12 @@ tcp_print(register const u_char *bp, register u_int length,
 		}
 	}
 
+	if (hlen < sizeof(*tp)) {
+		(void)printf(" tcp %d [bad hdr length %u - too short, < %lu]",
+		    length - hlen, hlen, (unsigned long)sizeof(*tp));
+		return;
+	}
+
 	TCHECK(*tp);
 
 	seq = EXTRACT_32BITS(&tp->th_seq);
@@ -272,7 +285,11 @@ tcp_print(register const u_char *bp, register u_int length,
 	urp = EXTRACT_16BITS(&tp->th_urp);
 
 	if (qflag) {
-		(void)printf("tcp %d", length - TH_OFF(tp) * 4);
+		(void)printf("tcp %d", length - hlen);
+		if (hlen > length) {
+			(void)printf(" [bad hdr length %u - too long, > %u]",
+			    hlen, length);
+		}
 		return;
 	}
 	if ((flags = tp->th_flags) & (TH_SYN|TH_FIN|TH_RST|TH_PUSH|
@@ -398,7 +415,8 @@ tcp_print(register const u_char *bp, register u_int length,
 		thseq = thack = threv = 0;
 	}
 	if (hlen > length) {
-		(void)printf(" [bad hdr length]");
+		(void)printf(" [bad hdr length %u - too long, > %u]",
+		    hlen, length);
 		return;
 	}
 
@@ -406,23 +424,27 @@ tcp_print(register const u_char *bp, register u_int length,
 		u_int16_t sum, tcp_sum;
 		if (TTEST2(tp->th_sport, length)) {
 			sum = tcp_cksum(ip, tp, length);
+
+                        (void)printf(", cksum 0x%04x",EXTRACT_16BITS(&tp->th_sum));
 			if (sum != 0) {
 				tcp_sum = EXTRACT_16BITS(&tp->th_sum);
-				(void)printf(" [bad tcp cksum %x (->%x)!]",
-				    tcp_sum, in_cksum_shouldbe(tcp_sum, sum));
+				(void)printf(" (incorrect (-> 0x%04x),",in_cksum_shouldbe(tcp_sum, sum));
 			} else
-				(void)printf(" [tcp sum ok]");
+				(void)printf(" (correct),");
 		}
 	}
 #ifdef INET6
 	if (IP_V(ip) == 6 && ip6->ip6_plen && vflag && !fragmented) {
-		int sum;
+		u_int16_t sum,tcp_sum;
 		if (TTEST2(tp->th_sport, length)) {
 			sum = tcp6_cksum(ip6, tp, length);
-			if (sum != 0)
-				(void)printf(" [bad tcp cksum %x!]", sum);
-			else
-				(void)printf(" [tcp sum ok]");
+                        (void)printf(", cksum 0x%04x",EXTRACT_16BITS(&tp->th_sum));
+			if (sum != 0) {
+				tcp_sum = EXTRACT_16BITS(&tp->th_sum);
+				(void)printf(" (incorrect (-> 0x%04x),",in_cksum_shouldbe(tcp_sum, sum));
+			} else
+				(void)printf(" (correct),");
+
 		}
 	}
 #endif
@@ -498,14 +520,13 @@ tcp_print(register const u_char *bp, register u_int length,
 				break;
 
 			case TCPOPT_SACK:
-				(void)printf("sack");
 				datalen = len - 2;
 				if (datalen % 8 != 0) {
-					(void)printf(" malformed sack ");
+					(void)printf("malformed sack");
 				} else {
 					u_int32_t s, e;
 
-					(void)printf(" sack %d ", datalen / 8);
+					(void)printf("sack %d ", datalen / 8);
 					for (i = 0; i < datalen; i += 8) {
 						LENCHECK(i + 4);
 						s = EXTRACT_32BITS(cp + i);
@@ -520,7 +541,6 @@ tcp_print(register const u_char *bp, register u_int length,
 						}
 						(void)printf("{%u:%u}", s, e);
 					}
-					(void)printf(" ");
 				}
 				break;
 
@@ -570,18 +590,26 @@ tcp_print(register const u_char *bp, register u_int length,
 
 			case TCPOPT_SIGNATURE:
 				(void)printf("md5:");
-				if (IP_V(ip) != 4) {
-					(void)printf("!ipv4");
-					break;
-				}
 				datalen = TCP_SIGLEN;
 				LENCHECK(datalen);
 #ifdef HAVE_LIBCRYPTO
-				if (tcp_verify_signature(ip, tp,
-				    bp + TH_OFF(tp) * 4, length, cp) == 0)
+				switch (tcp_verify_signature(ip, tp,
+				    bp + TH_OFF(tp) * 4, length, cp)) {
+
+				case SIGNATURE_VALID:
 					(void)printf("valid");
-				else
+					break;
+
+				case SIGNATURE_INVALID:
 					(void)printf("invalid");
+					break;
+
+				case CANT_CHECK_SIGNATURE:
+					(void)printf("can't check - ");
+					for (i = 0; i < TCP_SIGLEN; ++i)
+						(void)printf("%02x", cp[i]);
+					break;
+				}
 #else
 				for (i = 0; i < TCP_SIGLEN; ++i)
 					(void)printf("%02x", cp[i]);
@@ -650,8 +678,9 @@ tcp_print(register const u_char *bp, register u_int length,
 		} else if (sport == MSDP_PORT || dport == MSDP_PORT) {
 			msdp_print(bp, length);
 		}
-                else if (sport == LDP_PORT || dport == LDP_PORT)
-                        printf(": LDP, length: %u", length);
+                else if (length > 0 && (sport == LDP_PORT || dport == LDP_PORT)) {
+                        ldp_print(bp, length);
+		}
 	}
 	return;
 bad:
@@ -703,36 +732,62 @@ print_tcp_rst_data(register const u_char *sp, u_int length)
 
 #ifdef HAVE_LIBCRYPTO
 static int
-tcp_verify_signature(const struct ip *ip, struct tcphdr *tp,
+tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
     const u_char *data, int length, const u_char *rcvsig)
 {
-	char sig[TCP_SIGLEN];
+        struct tcphdr tp1;
+	u_char sig[TCP_SIGLEN];
 	char zero_proto = 0;
 	MD5_CTX ctx;
-	u_short savecsum, tlen;
+	u_int16_t savecsum, tlen;
+#ifdef INET6
+	struct ip6_hdr *ip6;
+#endif
+	u_int32_t len32;
+	u_int8_t nxt;
+
+	tp1 = *tp;
 
 	if (tcpmd5secret == NULL)
-		return (-1);
+		return (CANT_CHECK_SIGNATURE);
 
 	MD5_Init(&ctx);
 	/*
 	 * Step 1: Update MD5 hash with IP pseudo-header.
 	 */
-	MD5_Update(&ctx, (char *)&ip->ip_src, sizeof(ip->ip_src));
-	MD5_Update(&ctx, (char *)&ip->ip_dst, sizeof(ip->ip_dst));
-	MD5_Update(&ctx, (char *)&zero_proto, sizeof(zero_proto));
-	MD5_Update(&ctx, (char *)&ip->ip_p, sizeof(ip->ip_p));
-	tlen = EXTRACT_16BITS(&ip->ip_len) - IP_HL(ip) * 4;
-	tlen = htons(tlen);
-	MD5_Update(&ctx, (char *)&tlen, sizeof(tlen));
+	if (IP_V(ip) == 4) {
+		MD5_Update(&ctx, (char *)&ip->ip_src, sizeof(ip->ip_src));
+		MD5_Update(&ctx, (char *)&ip->ip_dst, sizeof(ip->ip_dst));
+		MD5_Update(&ctx, (char *)&zero_proto, sizeof(zero_proto));
+		MD5_Update(&ctx, (char *)&ip->ip_p, sizeof(ip->ip_p));
+		tlen = EXTRACT_16BITS(&ip->ip_len) - IP_HL(ip) * 4;
+		tlen = htons(tlen);
+		MD5_Update(&ctx, (char *)&tlen, sizeof(tlen));
+#ifdef INET6
+	} else if (IP_V(ip) == 6) {
+		ip6 = (struct ip6_hdr *)ip;
+		MD5_Update(&ctx, (char *)&ip6->ip6_src, sizeof(ip6->ip6_src));
+		MD5_Update(&ctx, (char *)&ip6->ip6_dst, sizeof(ip6->ip6_dst));
+		len32 = htonl(ntohs(ip6->ip6_plen));
+		MD5_Update(&ctx, (char *)&len32, sizeof(len32));
+		nxt = 0;
+		MD5_Update(&ctx, (char *)&nxt, sizeof(nxt));
+		MD5_Update(&ctx, (char *)&nxt, sizeof(nxt));
+		MD5_Update(&ctx, (char *)&nxt, sizeof(nxt));
+		nxt = IPPROTO_TCP;
+		MD5_Update(&ctx, (char *)&nxt, sizeof(nxt));
+#endif
+	} else
+		return (CANT_CHECK_SIGNATURE);
+
 	/*
 	 * Step 2: Update MD5 hash with TCP header, excluding options.
 	 * The TCP checksum must be set to zero.
 	 */
-	savecsum = tp->th_sum;
-	tp->th_sum = 0;
-	MD5_Update(&ctx, (char *)tp, sizeof(struct tcphdr));
-	tp->th_sum = savecsum;
+	savecsum = tp1.th_sum;
+	tp1.th_sum = 0;
+	MD5_Update(&ctx, (char *)&tp1, sizeof(struct tcphdr));
+	tp1.th_sum = savecsum;
 	/*
 	 * Step 3: Update MD5 hash with TCP segment data, if present.
 	 */
@@ -744,6 +799,9 @@ tcp_verify_signature(const struct ip *ip, struct tcphdr *tp,
 	MD5_Update(&ctx, tcpmd5secret, strlen(tcpmd5secret));
 	MD5_Final(sig, &ctx);
 
-	return (memcmp(rcvsig, sig, 16));
+	if (memcmp(rcvsig, sig, 16))
+		return (SIGNATURE_VALID);
+	else
+		return (SIGNATURE_INVALID);
 }
 #endif /* HAVE_LIBCRYPTO */