search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
kernel: avoid possible sysctl integer overflow in acpi_thinkpad(4)
[dragonfly.git] / contrib / tcpdump / print-telnet.c
blob10fad9fef7f6a5b8c9a045c8f59eeeccb0873829
1 /* $NetBSD: print-telnet.c,v 1.2 1999/10/11 12:40:12 sjg Exp $ */
2
3 /*-
4 * Copyright (c) 1997, 1998 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Simon J. Gerraty.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the NetBSD
21 * Foundation, Inc. and its contributors.
22 * 4. Neither the name of The NetBSD Foundation nor the names of its
23 * contributors may be used to endorse or promote products derived
24 * from this software without specific prior written permission.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 * POSSIBILITY OF SUCH DAMAGE.
37 */
38 /*
39 * @(#)Copyright (c) 1994, Simon J. Gerraty.
40 *
41 * This is free software. It comes with NO WARRANTY.
42 * Permission to use, modify and distribute this source code
43 * is granted subject to the following conditions.
44 * 1/ that the above copyright notice and this notice
45 * are preserved in all copies.
46 */
47
48 /* \summary: Telnet option printer */
49
50 #ifdef HAVE_CONFIG_H
51 #include "config.h"
52 #endif
53
54 #include <netdissect-stdinc.h>
55
56 #include <stdio.h>
57
58 #include "netdissect.h"
59
60 static const char tstr[] = " [|telnet]";
61
62 #define TELCMDS
63 #define TELOPTS
64
65 /* NetBSD: telnet.h,v 1.9 2001/06/11 01:50:50 wiz Exp */
66
67 /*
68 * Definitions for the TELNET protocol.
69 */
70 #define IAC 255 /* interpret as command: */
71 #define DONT 254 /* you are not to use option */
72 #define DO 253 /* please, you use option */
73 #define WONT 252 /* I won't use option */
74 #define WILL 251 /* I will use option */
75 #define SB 250 /* interpret as subnegotiation */
76 #define GA 249 /* you may reverse the line */
77 #define EL 248 /* erase the current line */
78 #define EC 247 /* erase the current character */
79 #define AYT 246 /* are you there */
80 #define AO 245 /* abort output--but let prog finish */
81 #define IP 244 /* interrupt process--permanently */
82 #define BREAK 243 /* break */
83 #define DM 242 /* data mark--for connect. cleaning */
84 #define NOP 241 /* nop */
85 #define SE 240 /* end sub negotiation */
86 #define EOR 239 /* end of record (transparent mode) */
87 #define ABORT 238 /* Abort process */
88 #define SUSP 237 /* Suspend process */
89 #define xEOF 236 /* End of file: EOF is already used... */
90
91 #define SYNCH 242 /* for telfunc calls */
92
93 #ifdef TELCMDS
94 static const char *telcmds[] = {
95 "EOF", "SUSP", "ABORT", "EOR",
96 "SE", "NOP", "DMARK", "BRK", "IP", "AO", "AYT", "EC",
97 "EL", "GA", "SB", "WILL", "WONT", "DO", "DONT", "IAC", 0,
98 };
99 #else
100 extern char *telcmds[];
101 #endif
102
103 #define TELCMD_FIRST xEOF
104 #define TELCMD_LAST IAC
105 #define TELCMD_OK(x) ((unsigned int)(x) <= TELCMD_LAST && \
106 (unsigned int)(x) >= TELCMD_FIRST)
107 #define TELCMD(x) telcmds[(x)-TELCMD_FIRST]
108
109 /* telnet options */
110 #define TELOPT_BINARY 0 /* 8-bit data path */
111 #define TELOPT_ECHO 1 /* echo */
112 #define TELOPT_RCP 2 /* prepare to reconnect */
113 #define TELOPT_SGA 3 /* suppress go ahead */
114 #define TELOPT_NAMS 4 /* approximate message size */
115 #define TELOPT_STATUS 5 /* give status */
116 #define TELOPT_TM 6 /* timing mark */
117 #define TELOPT_RCTE 7 /* remote controlled transmission and echo */
118 #define TELOPT_NAOL 8 /* negotiate about output line width */
119 #define TELOPT_NAOP 9 /* negotiate about output page size */
120 #define TELOPT_NAOCRD 10 /* negotiate about CR disposition */
121 #define TELOPT_NAOHTS 11 /* negotiate about horizontal tabstops */
122 #define TELOPT_NAOHTD 12 /* negotiate about horizontal tab disposition */
123 #define TELOPT_NAOFFD 13 /* negotiate about formfeed disposition */
124 #define TELOPT_NAOVTS 14 /* negotiate about vertical tab stops */
125 #define TELOPT_NAOVTD 15 /* negotiate about vertical tab disposition */
126 #define TELOPT_NAOLFD 16 /* negotiate about output LF disposition */
127 #define TELOPT_XASCII 17 /* extended ascic character set */
128 #define TELOPT_LOGOUT 18 /* force logout */
129 #define TELOPT_BM 19 /* byte macro */
130 #define TELOPT_DET 20 /* data entry terminal */
131 #define TELOPT_SUPDUP 21 /* supdup protocol */
132 #define TELOPT_SUPDUPOUTPUT 22 /* supdup output */
133 #define TELOPT_SNDLOC 23 /* send location */
134 #define TELOPT_TTYPE 24 /* terminal type */
135 #define TELOPT_EOR 25 /* end or record */
136 #define TELOPT_TUID 26 /* TACACS user identification */
137 #define TELOPT_OUTMRK 27 /* output marking */
138 #define TELOPT_TTYLOC 28 /* terminal location number */
139 #define TELOPT_3270REGIME 29 /* 3270 regime */
140 #define TELOPT_X3PAD 30 /* X.3 PAD */
141 #define TELOPT_NAWS 31 /* window size */
142 #define TELOPT_TSPEED 32 /* terminal speed */
143 #define TELOPT_LFLOW 33 /* remote flow control */
144 #define TELOPT_LINEMODE 34 /* Linemode option */
145 #define TELOPT_XDISPLOC 35 /* X Display Location */
146 #define TELOPT_OLD_ENVIRON 36 /* Old - Environment variables */
147 #define TELOPT_AUTHENTICATION 37/* Authenticate */
148 #define TELOPT_ENCRYPT 38 /* Encryption option */
149 #define TELOPT_NEW_ENVIRON 39 /* New - Environment variables */
150 #define TELOPT_EXOPL 255 /* extended-options-list */
151
152
153 #define NTELOPTS (1+TELOPT_NEW_ENVIRON)
154 #ifdef TELOPTS
155 static const char *telopts[NTELOPTS+1] = {
156 "BINARY", "ECHO", "RCP", "SUPPRESS GO AHEAD", "NAME",
157 "STATUS", "TIMING MARK", "RCTE", "NAOL", "NAOP",
158 "NAOCRD", "NAOHTS", "NAOHTD", "NAOFFD", "NAOVTS",
159 "NAOVTD", "NAOLFD", "EXTEND ASCII", "LOGOUT", "BYTE MACRO",
160 "DATA ENTRY TERMINAL", "SUPDUP", "SUPDUP OUTPUT",
161 "SEND LOCATION", "TERMINAL TYPE", "END OF RECORD",
162 "TACACS UID", "OUTPUT MARKING", "TTYLOC",
163 "3270 REGIME", "X.3 PAD", "NAWS", "TSPEED", "LFLOW",
164 "LINEMODE", "XDISPLOC", "OLD-ENVIRON", "AUTHENTICATION",
165 "ENCRYPT", "NEW-ENVIRON",
166 0,
167 };
168 #define TELOPT_FIRST TELOPT_BINARY
169 #define TELOPT_LAST TELOPT_NEW_ENVIRON
170 #define TELOPT_OK(x) ((unsigned int)(x) <= TELOPT_LAST)
171 #define TELOPT(x) telopts[(x)-TELOPT_FIRST]
172 #endif
173
174 /* sub-option qualifiers */
175 #define TELQUAL_IS 0 /* option is... */
176 #define TELQUAL_SEND 1 /* send option */
177 #define TELQUAL_INFO 2 /* ENVIRON: informational version of IS */
178 #define TELQUAL_REPLY 2 /* AUTHENTICATION: client version of IS */
179 #define TELQUAL_NAME 3 /* AUTHENTICATION: client version of IS */
180
181 #define LFLOW_OFF 0 /* Disable remote flow control */
182 #define LFLOW_ON 1 /* Enable remote flow control */
183 #define LFLOW_RESTART_ANY 2 /* Restart output on any char */
184 #define LFLOW_RESTART_XON 3 /* Restart output only on XON */
185
186 /*
187 * LINEMODE suboptions
188 */
189
190 #define LM_MODE 1
191 #define LM_FORWARDMASK 2
192 #define LM_SLC 3
193
194 #define MODE_EDIT 0x01
195 #define MODE_TRAPSIG 0x02
196 #define MODE_ACK 0x04
197 #define MODE_SOFT_TAB 0x08
198 #define MODE_LIT_ECHO 0x10
199
200 #define MODE_MASK 0x1f
201
202 #define SLC_SYNCH 1
203 #define SLC_BRK 2
204 #define SLC_IP 3
205 #define SLC_AO 4
206 #define SLC_AYT 5
207 #define SLC_EOR 6
208 #define SLC_ABORT 7
209 #define SLC_EOF 8
210 #define SLC_SUSP 9
211 #define SLC_EC 10
212 #define SLC_EL 11
213 #define SLC_EW 12
214 #define SLC_RP 13
215 #define SLC_LNEXT 14
216 #define SLC_XON 15
217 #define SLC_XOFF 16
218 #define SLC_FORW1 17
219 #define SLC_FORW2 18
220 #define SLC_MCL 19
221 #define SLC_MCR 20
222 #define SLC_MCWL 21
223 #define SLC_MCWR 22
224 #define SLC_MCBOL 23
225 #define SLC_MCEOL 24
226 #define SLC_INSRT 25
227 #define SLC_OVER 26
228 #define SLC_ECR 27
229 #define SLC_EWR 28
230 #define SLC_EBOL 29
231 #define SLC_EEOL 30
232
233 #define NSLC 30
234
235 /*
236 * For backwards compatibility, we define SLC_NAMES to be the
237 * list of names if SLC_NAMES is not defined.
238 */
239 #define SLC_NAMELIST "0", "SYNCH", "BRK", "IP", "AO", "AYT", "EOR", \
240 "ABORT", "EOF", "SUSP", "EC", "EL", "EW", "RP", \
241 "LNEXT", "XON", "XOFF", "FORW1", "FORW2", \
242 "MCL", "MCR", "MCWL", "MCWR", "MCBOL", \
243 "MCEOL", "INSRT", "OVER", "ECR", "EWR", \
244 "EBOL", "EEOL", \
245 0,
246
247 #ifdef SLC_NAMES
248 const char *slc_names[] = {
249 SLC_NAMELIST
250 };
251 #else
252 extern char *slc_names[];
253 #define SLC_NAMES SLC_NAMELIST
254 #endif
255
256 #define SLC_NAME_OK(x) ((unsigned int)(x) <= NSLC)
257 #define SLC_NAME(x) slc_names[x]
258
259 #define SLC_NOSUPPORT 0
260 #define SLC_CANTCHANGE 1
261 #define SLC_VARIABLE 2
262 #define SLC_DEFAULT 3
263 #define SLC_LEVELBITS 0x03
264
265 #define SLC_FUNC 0
266 #define SLC_FLAGS 1
267 #define SLC_VALUE 2
268
269 #define SLC_ACK 0x80
270 #define SLC_FLUSHIN 0x40
271 #define SLC_FLUSHOUT 0x20
272
273 #define OLD_ENV_VAR 1
274 #define OLD_ENV_VALUE 0
275 #define NEW_ENV_VAR 0
276 #define NEW_ENV_VALUE 1
277 #define ENV_ESC 2
278 #define ENV_USERVAR 3
279
280 /*
281 * AUTHENTICATION suboptions
282 */
283
284 /*
285 * Who is authenticating who ...
286 */
287 #define AUTH_WHO_CLIENT 0 /* Client authenticating server */
288 #define AUTH_WHO_SERVER 1 /* Server authenticating client */
289 #define AUTH_WHO_MASK 1
290
291 #define AUTHTYPE_NULL 0
292 #define AUTHTYPE_KERBEROS_V4 1
293 #define AUTHTYPE_KERBEROS_V5 2
294 #define AUTHTYPE_SPX 3
295 #define AUTHTYPE_MINK 4
296 #define AUTHTYPE_CNT 5
297
298 #define AUTHTYPE_TEST 99
299
300 #ifdef AUTH_NAMES
301 const char *authtype_names[] = {
302 "NULL", "KERBEROS_V4", "KERBEROS_V5", "SPX", "MINK", 0,
303 };
304 #else
305 extern char *authtype_names[];
306 #endif
307
308 #define AUTHTYPE_NAME_OK(x) ((unsigned int)(x) < AUTHTYPE_CNT)
309 #define AUTHTYPE_NAME(x) authtype_names[x]
310
311 /*
312 * ENCRYPTion suboptions
313 */
314 #define ENCRYPT_IS 0 /* I pick encryption type ... */
315 #define ENCRYPT_SUPPORT 1 /* I support encryption types ... */
316 #define ENCRYPT_REPLY 2 /* Initial setup response */
317 #define ENCRYPT_START 3 /* Am starting to send encrypted */
318 #define ENCRYPT_END 4 /* Am ending encrypted */
319 #define ENCRYPT_REQSTART 5 /* Request you start encrypting */
320 #define ENCRYPT_REQEND 6 /* Request you send encrypting */
321 #define ENCRYPT_ENC_KEYID 7
322 #define ENCRYPT_DEC_KEYID 8
323 #define ENCRYPT_CNT 9
324
325 #define ENCTYPE_ANY 0
326 #define ENCTYPE_DES_CFB64 1
327 #define ENCTYPE_DES_OFB64 2
328 #define ENCTYPE_CNT 3
329
330 #ifdef ENCRYPT_NAMES
331 const char *encrypt_names[] = {
332 "IS", "SUPPORT", "REPLY", "START", "END",
333 "REQUEST-START", "REQUEST-END", "ENC-KEYID", "DEC-KEYID",
334 0,
335 };
336 const char *enctype_names[] = {
337 "ANY", "DES_CFB64", "DES_OFB64", 0,
338 };
339 #else
340 extern char *encrypt_names[];
341 extern char *enctype_names[];
342 #endif
343
344 #define ENCRYPT_NAME_OK(x) ((unsigned int)(x) < ENCRYPT_CNT)
345 #define ENCRYPT_NAME(x) encrypt_names[x]
346
347 #define ENCTYPE_NAME_OK(x) ((unsigned int)(x) < ENCTYPE_CNT)
348 #define ENCTYPE_NAME(x) enctype_names[x]
349
350 /* normal */
351 static const char *cmds[] = {
352 "IS", "SEND", "INFO",
353 };
354
355 /* 37: Authentication */
356 static const char *authcmd[] = {
357 "IS", "SEND", "REPLY", "NAME",
358 };
359 static const char *authtype[] = {
360 "NULL", "KERBEROS_V4", "KERBEROS_V5", "SPX", "MINK",
361 "SRP", "RSA", "SSL", NULL, NULL,
362 "LOKI", "SSA", "KEA_SJ", "KEA_SJ_INTEG", "DSS",
363 "NTLM",
364 };
365
366 /* 38: Encryption */
367 static const char *enccmd[] = {
368 "IS", "SUPPORT", "REPLY", "START", "END",
369 "REQUEST-START", "REQUEST-END", "END_KEYID", "DEC_KEYID",
370 };
371 static const char *enctype[] = {
372 "NULL", "DES_CFB64", "DES_OFB64", "DES3_CFB64", "DES3_OFB64",
373 NULL, "CAST5_40_CFB64", "CAST5_40_OFB64", "CAST128_CFB64", "CAST128_OFB64",
374 };
375
376 #define STR_OR_ID(x, tab) \
377 (((x) < sizeof(tab)/sizeof(tab[0]) && tab[(x)]) ? tab[(x)] : numstr(x))
378
379 static char *
380 numstr(int x)
381 {
382 static char buf[20];
383
384 snprintf(buf, sizeof(buf), "%#x", x);
385 return buf;
386 }
387
388 /* sp points to IAC byte */
389 static int
390 telnet_parse(netdissect_options *ndo, const u_char *sp, u_int length, int print)
391 {
392 int i, x;
393 u_int c;
394 const u_char *osp, *p;
395 #define FETCH(c, sp, length) \
396 do { \
397 if (length < 1) \
398 goto pktend; \
399 ND_TCHECK(*sp); \
400 c = *sp++; \
401 length--; \
402 } while (0)
403
404 osp = sp;
405
406 FETCH(c, sp, length);
407 if (c != IAC)
408 goto pktend;
409 FETCH(c, sp, length);
410 if (c == IAC) { /* <IAC><IAC>! */
411 if (print)
412 ND_PRINT((ndo, "IAC IAC"));
413 goto done;
414 }
415
416 i = c - TELCMD_FIRST;
417 if (i < 0 || i > IAC - TELCMD_FIRST)
418 goto pktend;
419
420 switch (c) {
421 case DONT:
422 case DO:
423 case WONT:
424 case WILL:
425 case SB:
426 /* DONT/DO/WONT/WILL x */
427 FETCH(x, sp, length);
428 if (x >= 0 && x < NTELOPTS) {
429 if (print)
430 ND_PRINT((ndo, "%s %s", telcmds[i], telopts[x]));
431 } else {
432 if (print)
433 ND_PRINT((ndo, "%s %#x", telcmds[i], x));
434 }
435 if (c != SB)
436 break;
437 /* IAC SB .... IAC SE */
438 p = sp;
439 while (length > (u_int)(p + 1 - sp)) {
440 ND_TCHECK2(*p, 2);
441 if (p[0] == IAC && p[1] == SE)
442 break;
443 p++;
444 }
445 ND_TCHECK(*p);
446 if (*p != IAC)
447 goto pktend;
448
449 switch (x) {
450 case TELOPT_AUTHENTICATION:
451 if (p <= sp)
452 break;
453 FETCH(c, sp, length);
454 if (print)
455 ND_PRINT((ndo, " %s", STR_OR_ID(c, authcmd)));
456 if (p <= sp)
457 break;
458 FETCH(c, sp, length);
459 if (print)
460 ND_PRINT((ndo, " %s", STR_OR_ID(c, authtype)));
461 break;
462 case TELOPT_ENCRYPT:
463 if (p <= sp)
464 break;
465 FETCH(c, sp, length);
466 if (print)
467 ND_PRINT((ndo, " %s", STR_OR_ID(c, enccmd)));
468 if (p <= sp)
469 break;
470 FETCH(c, sp, length);
471 if (print)
472 ND_PRINT((ndo, " %s", STR_OR_ID(c, enctype)));
473 break;
474 default:
475 if (p <= sp)
476 break;
477 FETCH(c, sp, length);
478 if (print)
479 ND_PRINT((ndo, " %s", STR_OR_ID(c, cmds)));
480 break;
481 }
482 while (p > sp) {
483 FETCH(x, sp, length);
484 if (print)
485 ND_PRINT((ndo, " %#x", x));
486 }
487 /* terminating IAC SE */
488 if (print)
489 ND_PRINT((ndo, " SE"));
490 sp += 2;
491 break;
492 default:
493 if (print)
494 ND_PRINT((ndo, "%s", telcmds[i]));
495 goto done;
496 }
497
498 done:
499 return sp - osp;
500
501 trunc:
502 ND_PRINT((ndo, "%s", tstr));
503 pktend:
504 return -1;
505 #undef FETCH
506 }
507
508 void
509 telnet_print(netdissect_options *ndo, const u_char *sp, u_int length)
510 {
511 int first = 1;
512 const u_char *osp;
513 int l;
514
515 osp = sp;
516
517 ND_TCHECK(*sp);
518 while (length > 0 && *sp == IAC) {
519 /*
520 * Parse the Telnet command without printing it,
521 * to determine its length.
522 */
523 l = telnet_parse(ndo, sp, length, 0);
524 if (l < 0)
525 break;
526
527 /*
528 * now print it
529 */
530 if (ndo->ndo_Xflag && 2 < ndo->ndo_vflag) {
531 if (first)
532 ND_PRINT((ndo, "\nTelnet:"));
533 hex_print_with_offset(ndo, "\n", sp, l, sp - osp);
534 if (l > 8)
535 ND_PRINT((ndo, "\n\t\t\t\t"));
536 else
537 ND_PRINT((ndo, "%*s\t", (8 - l) * 3, ""));
538 } else
539 ND_PRINT((ndo, "%s", (first) ? " [telnet " : ", "));
540
541 (void)telnet_parse(ndo, sp, length, 1);
542 first = 0;
543
544 sp += l;
545 length -= l;
546 ND_TCHECK(*sp);
547 }
548 if (!first) {
549 if (ndo->ndo_Xflag && 2 < ndo->ndo_vflag)
550 ND_PRINT((ndo, "\n"));
551 else
552 ND_PRINT((ndo, "]"));
553 }
554 return;
555 trunc:
556 ND_PRINT((ndo, "%s", tstr));
557 }
DragonFly BSD