diff options
| author | Guy Harris <guy@alum.mit.edu> | 2000-07-02 03:25:48 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2000-07-02 03:25:48 +0000 |
| commit | 3cc5187b0c5d9c3d00a79ff5a34caadb01f1b76e (patch) | |
| tree | 6ae34ac5c1fe0c1fee4243448d95d88f2329140d /packet-isakmp.c | |
| parent | c3587ce540ea5ec1967a9160d58aaaa995817a56 (diff) | |
Fix the comment at the beginning of the routine to give the right file
name, and add the RFC number for ISAKMP to it.
Fix the structures for headers to treat all multi-byte quantities as
arrays of bytes; the certificate request header needs to be done that
way, so that it's *not* padded to a multiple of the size of the longest
integral element (the longest integral element is 2 bytes, but the size
of the header is 5 bytes, so certificate requests were being
misdissected), and other structures might require this as well - it also
catches code that doesn't use "pntohl()" or "pntohs()" to get the values
of integral fields bigger than 1 byte.
In fact, it *did* catch some; the configuration attribute header's
"identifier" field was being used without being put in host byte order.
In addition, that field required padding to be aligned on its natural
boundary, but the padding wasn't given as a structure member; given that
the length field was specified as one byte but extracted with
"pntohs()", and that the length field is 2 bytes in the other headers,
it probably should be 2 bytes in this header as well - make it so.
svn path=/trunk/; revision=2101
Diffstat (limited to 'packet-isakmp.c')
| -rw-r--r-- | packet-isakmp.c | 59 |
1 files changed, 30 insertions, 29 deletions
diff --git a/packet-isakmp.c b/packet-isakmp.c index 0d86879b92..b08e1cc97b 100644 --- a/packet-isakmp.c +++ b/packet-isakmp.c @@ -1,8 +1,9 @@ -/* packet-gre.c - * Routines for the Internet Security Association and Key Management Protocol (ISAKMP) +/* packet-isakmp.c + * Routines for the Internet Security Association and Key Management Protocol + * (ISAKMP) (RFC 2408) * Brad Robel-Forrest <brad.robel-forrest@watchguard.com> * - * $Id: packet-isakmp.c,v 1.22 2000/05/31 05:07:11 guy Exp $ + * $Id: packet-isakmp.c,v 1.23 2000/07/02 03:25:48 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -180,22 +181,22 @@ struct isakmp_hdr { #define E_FLAG 0x01 #define C_FLAG 0x02 #define A_FLAG 0x04 - guint32 message_id; - guint32 length; + guint8 message_id[4]; + guint8 length[4]; }; struct sa_hdr { guint8 next_payload; guint8 reserved; - guint16 length; - guint32 doi; - guint32 situation; + guint8 length[2]; + guint8 doi[4]; + guint8 situation[4]; }; struct proposal_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; guint8 proposal_num; guint8 protocol_id; guint8 spi_size; @@ -205,10 +206,10 @@ struct proposal_hdr { struct trans_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; guint8 transform_num; guint8 transform_id; - guint16 reserved2; + guint8 reserved2[2]; }; #define TRANS_LEN(p) (pntohs(&((struct trans_hdr *)(p))->length)) @@ -216,83 +217,83 @@ struct trans_hdr { struct ke_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; }; struct id_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; guint8 id_type; guint8 protocol_id; - guint16 port; + guint8 port[2]; }; struct cert_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; guint8 cert_enc; }; struct certreq_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; guint8 cert_type; }; struct hash_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; }; struct sig_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; }; struct nonce_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; }; struct notif_hdr { guint8 next_payload; guint8 reserved; - guint16 length; - guint32 doi; + guint8 length[2]; + guint8 doi[4]; guint8 protocol_id; guint8 spi_size; - guint16 msgtype; + guint8 msgtype[2]; }; struct delete_hdr { guint8 next_payload; guint8 reserved; - guint16 length; - guint32 doi; + guint8 length[2]; + guint8 doi[4]; guint8 protocol_id; guint8 spi_size; - guint16 num_spis; + guint8 num_spis[2]; }; struct vid_hdr { guint8 next_payload; guint8 reserved; - guint16 length; + guint8 length[2]; }; struct cfg_hdr { guint8 next_payload; guint8 reserved; - guint8 length; + guint8 length[2]; guint8 type; guint8 reserved2; - guint16 identifier; + guint8 identifier[2]; }; static void dissect_none(const u_char *, int, frame_data *, proto_tree *); @@ -1059,7 +1060,7 @@ dissect_config(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) { offset += (sizeof(hdr->type) + sizeof(hdr->reserved2)); proto_tree_add_text(ntree, NullTVB, offset, sizeof(hdr->identifier), - "Identifier: %u",hdr->identifier); + "Identifier: %u", pntohs(&hdr->identifier)); offset += sizeof(hdr->identifier); length -= sizeof(*hdr); |