From 339cd94f68ff9ebab19061ba538191e3718ddeca Mon Sep 17 00:00:00 2001
From: Markus Amend <markus@netsniff-ng.org>
Date: Mon, 23 Apr 2012 10:36:03 +0200
Subject: [PATCH] proto_ip_authentication_hdr.h:Usable with pkt_buff

---
 src/proto_ip_authentication_hdr.h | 161 ++++++++++++++++++--------------------
 1 file changed, 77 insertions(+), 84 deletions(-)
 rewrite src/proto_ip_authentication_hdr.h (63%)

diff --git a/src/proto_ip_authentication_hdr.h b/src/proto_ip_authentication_hdr.h
dissimilarity index 63%
index 51cf779a..98dd6cf5 100644
--- a/src/proto_ip_authentication_hdr.h
+++ b/src/proto_ip_authentication_hdr.h
@@ -1,84 +1,77 @@
-/*
- * IP Authentication Header described in RFC4302
- * programmed by Markus Amend 2012 as a contribution to
- * netsniff-ng - the packet sniffing beast
- * Copyright 2012 Markus Amend.
- * Subject to the GPL, version 2.
- */
-
-#ifndef PROTO_IP_AUTHENTICATION_HDR_H
-#define PROTO_IP_AUTHENTICATION_HDR_H
-
-#include <stdio.h>
-#include <stdint.h>
-#include <netinet/in.h>    /* for ntohs() */
-
-#include "proto_struct.h"
-#include "dissector_eth.h"
-#include "built_in.h"
-
-struct auth_hdrhdr {
-	uint8_t h_next_header;
-	uint8_t h_payload_len;
-	uint16_t h_reserved;
-	uint32_t h_spi;
-	uint32_t h_snf;
-} __packed;
-
-static inline void auth_hdr(uint8_t *packet, size_t len)
-{
-	uint8_t hdr_payload_len;	
-	struct auth_hdrhdr *auth_hdr = (struct auth_hdrhdr *) packet;
-
-	hdr_payload_len = (auth_hdr->h_payload_len * 4) + 8;
-	if (len < hdr_payload_len || len < sizeof(struct auth_hdrhdr))
-		return;
-
-	tprintf(" [ Authentication Header ");
-	tprintf("NextHdr (%u), ", auth_hdr->h_next_header);
-	tprintf("HdrLen (%u), ", hdr_payload_len);
-	tprintf("Reserved (0x%x), ", ntohs(auth_hdr->h_reserved));
-	tprintf("SPI (0x%x), ", ntohl(auth_hdr->h_spi));
-	tprintf("SNF (0x%x), ", ntohl(auth_hdr->h_snf));
-	tprintf("ICV 0x");
-	for (uint8_t i = sizeof(struct auth_hdrhdr); i < hdr_payload_len; i++)
-		tprintf("%02x",(uint8_t) packet[i]);
-	tprintf(" ]\n");
-}
-
-static inline void auth_hdr_less(uint8_t *packet, size_t len)
-{
-  	uint8_t hdr_payload_len;
-	struct auth_hdrhdr *auth_hdr = (struct auth_hdrhdr *) packet;
-
-	hdr_payload_len = (auth_hdr->h_payload_len * 4) + 8;
-	if (len < hdr_payload_len || len < sizeof(struct auth_hdrhdr))
-		return;
-
-	tprintf(" AH");
-}
-
-static inline void auth_hdr_next(uint8_t *packet, size_t len,
-				 struct hash_table **table,
-				 unsigned int *key, size_t *off)
-{
-    	uint8_t hdr_payload_len;
-	struct auth_hdrhdr *auth_hdr = (struct auth_hdrhdr *) packet;
-
-	hdr_payload_len = (auth_hdr->h_payload_len * 4) + 8;
-	if (len < hdr_payload_len || len < sizeof(struct auth_hdrhdr))
-		return;
-
-	(*off) = hdr_payload_len;
-	(*key) = auth_hdr->h_next_header;
-	(*table) = &eth_lay3;
-}
-
-struct protocol ip_auth_hdr_ops = {
-	.key = 0x33,
-	.print_full = auth_hdr,
-	.print_less = auth_hdr_less,
-	.proto_next = auth_hdr_next,
-};
-
-#endif /* PROTO_IP_AUTHENTICATION_HDR_H */
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Copyright 2012 Markus Amend <markus@netsniff-ng.org>
+ * Subject to the GPL, version 2.
+ *
+ * IP Authentication Header described in RFC4302
+ */
+
+#ifndef PROTO_IP_AUTHENTICATION_HDR_H
+#define PROTO_IP_AUTHENTICATION_HDR_H
+
+#include <stdio.h>
+#include <stdint.h>
+#include <netinet/in.h>    /* for ntohs() */
+
+#include "proto_struct.h"
+#include "dissector_eth.h"
+#include "built_in.h"
+
+struct auth_hdr {
+	uint8_t h_next_header;
+	uint8_t h_payload_len;
+	uint16_t h_reserved;
+	uint32_t h_spi;
+	uint32_t h_snf;
+} __packed;
+
+static inline void auth_hdr(struct pkt_buff *pkt)
+{
+	size_t hdr_payload_len;
+	struct auth_hdr *auth_ops;
+
+	auth_ops = (struct auth_hdr *) pkt_pull(pkt, sizeof(*auth_ops));
+	hdr_payload_len = (auth_ops->h_payload_len * 4) + 8;
+	if (auth_ops == NULL || hdr_payload_len > pkt_len(pkt))
+		return;
+
+	tprintf(" [ Authentication Header ");
+	tprintf("NextHdr (%u), ", auth_ops->h_next_header);
+	tprintf("HdrLen (%u), ", hdr_payload_len);
+	tprintf("Reserved (0x%x), ", ntohs(auth_ops->h_reserved));
+	/* TODO
+	 * Upgrade for Extended (64-bit) Sequence Number
+	 * http://tools.ietf.org/html/rfc4302#section-2.5.1
+	 */
+	tprintf("SPI (0x%x), ", ntohl(auth_ops->h_spi));
+	tprintf("SNF (0x%x), ", ntohl(auth_ops->h_snf));
+	tprintf("ICV 0x");
+	for (size_t i = sizeof(struct auth_hdr); i < hdr_payload_len; i++)
+		tprintf("%02x", *pkt_pull(pkt, 1));
+	tprintf(" ]\n");
+
+	pkt_set_proto(pkt, &eth_lay3, auth_ops->h_next_header);
+}
+
+static inline void auth_hdr_less(struct pkt_buff *pkt)
+{
+  	size_t hdr_payload_len;
+	struct auth_hdr *auth_ops;
+
+	auth_ops = (struct auth_hdr *) pkt_pull(pkt, sizeof(*auth_ops));
+	hdr_payload_len = (auth_ops->h_payload_len * 4) + 8;
+	if (auth_ops == NULL || hdr_payload_len > pkt_len(pkt))
+		return;
+
+	tprintf(" AH");
+
+	pkt_set_proto(pkt, &eth_lay3, hdr_payload_len);
+}
+
+struct protocol ip_auth_hdr_ops = {
+	.key = 0x33,
+	.print_full = auth_hdr,
+	.print_less = auth_hdr_less,
+};
+
+#endif /* PROTO_IP_AUTHENTICATION_HDR_H */
-- 
2.11.4.GIT