2 * netsniff-ng - the packet sniffing beast
3 * Copyright 2012 Markus Amend <markus@netsniff-ng.org>, Deutsche Flugsicherung GmbH
4 * Subject to the GPL, version 2.
6 * IP Authentication Header described in RFC4302
11 #include <netinet/in.h> /* for ntohs() */
14 #include "dissector_eth.h"
19 uint8_t h_next_header
;
20 uint8_t h_payload_len
;
26 static void auth_hdr(struct pkt_buff
*pkt
)
29 struct auth_hdr
*auth_ops
;
31 auth_ops
= (struct auth_hdr
*) pkt_pull(pkt
, sizeof(*auth_ops
));
35 hdr_len
= (auth_ops
->h_payload_len
* 4) + 8;
37 tprintf(" [ Authentication Header ");
38 tprintf("NextHdr (%u), ", auth_ops
->h_next_header
);
39 if (hdr_len
> pkt_len(pkt
)) {
40 tprintf("HdrLen (%u, %zd Bytes %s), ",
41 auth_ops
->h_payload_len
, hdr_len
,
42 colorize_start_full(black
, red
)
43 "invalid" colorize_end());
46 tprintf("HdrLen (%u, %zd Bytes), ",auth_ops
->h_payload_len
, hdr_len
);
47 tprintf("Reserved (0x%x), ", ntohs(auth_ops
->h_reserved
));
49 * Upgrade for Extended (64-bit) Sequence Number
50 * http://tools.ietf.org/html/rfc4302#section-2.5.1
52 tprintf("SPI (0x%x), ", ntohl(auth_ops
->h_spi
));
53 tprintf("SNF (0x%x), ", ntohl(auth_ops
->h_snf
));
55 for (i
= sizeof(struct auth_hdr
); i
< hdr_len
; i
++) {
56 uint8_t *data
= pkt_pull(pkt
, 1);
59 tprintf("%sinvalid%s", colorize_start_full(black
, red
),
64 tprintf("%02x", *data
);
68 pkt_set_proto(pkt
, ð_lay3
, auth_ops
->h_next_header
);
71 static void auth_hdr_less(struct pkt_buff
*pkt
)
74 struct auth_hdr
*auth_ops
;
76 auth_ops
= (struct auth_hdr
*) pkt_pull(pkt
, sizeof(*auth_ops
));
80 hdr_len
= (auth_ops
->h_payload_len
* 4) + 8;
81 if (hdr_len
> pkt_len(pkt
) || hdr_len
< 0)
86 pkt_pull(pkt
, hdr_len
- sizeof(*auth_ops
));
87 pkt_set_proto(pkt
, ð_lay3
, auth_ops
->h_next_header
);
90 struct protocol ip_auth_ops
= {
92 .print_full
= auth_hdr
,
93 .print_less
= auth_hdr_less
,