src/proto_ip_authentication_hdr.h

   1 /*
   2  * netsniff-ng - the packet sniffing beast
   3  * Copyright 2012 Markus Amend <markus@netsniff-ng.org>
   4  * Subject to the GPL, version 2.
   5  *
   6  * IP Authentication Header described in RFC4302
   7  */
   8
   9 #ifndef PROTO_IP_AUTHENTICATION_HDR_H
  10 #define PROTO_IP_AUTHENTICATION_HDR_H
  11
  12 #include <stdio.h>
  13 #include <stdint.h>
  14 #include <netinet/in.h>    /* for ntohs() */
  15
  16 #include "proto_struct.h"
  17 #include "dissector_eth.h"
  18 #include "built_in.h"
  19
  20 struct auth_hdr {
  21         uint8_t h_next_header;
  22         uint8_t h_payload_len;
  23         uint16_t h_reserved;
  24         uint32_t h_spi;
  25         uint32_t h_snf;
  26 } __packed;
  27
  28 static inline void auth_hdr(struct pkt_buff *pkt)
  29 {
  30         uint16_t hdr_len;
  31         struct auth_hdr *auth_ops;
  32
  33         auth_ops = (struct auth_hdr *) pkt_pull(pkt, sizeof(*auth_ops));
  34         hdr_len = (auth_ops->h_payload_len * 4) + 8;
  35         if (auth_ops == NULL || hdr_len > pkt_len(pkt))
  36                 return;
  37
  38         tprintf(" [ Authentication Header ");
  39         tprintf("NextHdr (%u), ", auth_ops->h_next_header);
  40         tprintf("HdrLen (%u), ", hdr_len);
  41         tprintf("Reserved (0x%x), ", ntohs(auth_ops->h_reserved));
  42         /* TODO
  43          * Upgrade for Extended (64-bit) Sequence Number
  44          * http://tools.ietf.org/html/rfc4302#section-2.5.1
  45          */
  46         tprintf("SPI (0x%x), ", ntohl(auth_ops->h_spi));
  47         tprintf("SNF (0x%x), ", ntohl(auth_ops->h_snf));
  48         tprintf("ICV 0x");
  49         for (size_t i = sizeof(struct auth_hdr); i < hdr_len; i++)
  50                 tprintf("%02x", *pkt_pull(pkt, 1));
  51         tprintf(" ]\n");
  52
  53         pkt_set_proto(pkt, &eth_lay3, auth_ops->h_next_header);
  54 }
  55
  56 static inline void auth_hdr_less(struct pkt_buff *pkt)
  57 {
  58         uint16_t hdr_len;
  59         struct auth_hdr *auth_ops;
  60
  61         auth_ops = (struct auth_hdr *) pkt_pull(pkt, sizeof(*auth_ops));
  62         hdr_len = (auth_ops->h_payload_len * 4) + 8;
  63         if (auth_ops == NULL || hdr_len > pkt_len(pkt))
  64                 return;
  65
  66         tprintf(" AH");
  67
  68         pkt_pull(pkt, hdr_len - sizeof(*auth_ops));
  69         pkt_set_proto(pkt, &eth_lay3, auth_ops->h_next_header);
  70 }
  71
  72 struct protocol ip_auth_hdr_ops = {
  73         .key = 0x33,
  74         .print_full = auth_hdr,
  75         .print_less = auth_hdr_less,
  76 };
  77
  78 #endif /* PROTO_IP_AUTHENTICATION_HDR_H */