117680Spst/* 239297Sfenner * Copyright (c) 1995, 1996, 1997 317680Spst * The Regents of the University of California. All rights reserved. 417680Spst * 517680Spst * Redistribution and use in source and binary forms, with or without 617680Spst * modification, are permitted provided that: (1) source code distributions 717680Spst * retain the above copyright notice and this paragraph in its entirety, (2) 817680Spst * distributions including binary code include the above copyright notice and 917680Spst * this paragraph in its entirety in the documentation or other materials 1017680Spst * provided with the distribution, and (3) all advertising materials mentioning 1117680Spst * features or use of this software display the following acknowledgement: 1217680Spst * ``This product includes software developed by the University of California, 1317680Spst * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 1417680Spst * the University nor the names of its contributors may be used to endorse 1517680Spst * or promote products derived from this software without specific prior 1617680Spst * written permission. 1717680Spst * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 1817680Spst * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 1917680Spst * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 2017680Spst * 2117680Spst * Initial contribution from John Hawkinson (jhawk@mit.edu). 2217680Spst */ 2317680Spst 2417680Spst#ifndef lint 25127668Sbmsstatic const char rcsid[] _U_ = 26190207Srpaulo "@(#) $Header: /tcpdump/master/tcpdump/print-krb.c,v 1.23 2003-11-16 09:36:26 guy Exp $"; 2717680Spst#endif 2817680Spst 2956893Sfenner#ifdef HAVE_CONFIG_H 3056893Sfenner#include "config.h" 3156893Sfenner#endif 3256893Sfenner 33127668Sbms#include <tcpdump-stdinc.h> 3417680Spst 3517680Spst#include <stdio.h> 3617680Spst 3717680Spst#include "interface.h" 3817680Spst#include "addrtoname.h" 39127668Sbms#include "extract.h" 4017680Spst 41127668Sbmsstatic const u_char *c_print(register const u_char *, register const u_char *); 42127668Sbmsstatic const u_char *krb4_print_hdr(const u_char *); 43127668Sbmsstatic void krb4_print(const u_char *); 4417680Spst 4517680Spst#define AUTH_MSG_KDC_REQUEST 1<<1 4617680Spst#define AUTH_MSG_KDC_REPLY 2<<1 4717680Spst#define AUTH_MSG_APPL_REQUEST 3<<1 4817680Spst#define AUTH_MSG_APPL_REQUEST_MUTUAL 4<<1 4917680Spst#define AUTH_MSG_ERR_REPLY 5<<1 5017680Spst#define AUTH_MSG_PRIVATE 6<<1 5117680Spst#define AUTH_MSG_SAFE 7<<1 5217680Spst#define AUTH_MSG_APPL_ERR 8<<1 5317680Spst#define AUTH_MSG_DIE 63<<1 5417680Spst 5517680Spst#define KERB_ERR_OK 0 5617680Spst#define KERB_ERR_NAME_EXP 1 5717680Spst#define KERB_ERR_SERVICE_EXP 2 5817680Spst#define KERB_ERR_AUTH_EXP 3 5917680Spst#define KERB_ERR_PKT_VER 4 6017680Spst#define KERB_ERR_NAME_MAST_KEY_VER 5 6117680Spst#define KERB_ERR_SERV_MAST_KEY_VER 6 6217680Spst#define KERB_ERR_BYTE_ORDER 7 6317680Spst#define KERB_ERR_PRINCIPAL_UNKNOWN 8 6417680Spst#define KERB_ERR_PRINCIPAL_NOT_UNIQUE 9 6517680Spst#define KERB_ERR_NULL_KEY 10 6617680Spst 6717680Spststruct krb { 68127668Sbms u_int8_t pvno; /* Protocol Version */ 69127668Sbms u_int8_t type; /* Type+B */ 7017680Spst}; 7117680Spst 7217680Spststatic char tstr[] = " [|kerberos]"; 7317680Spst 7417680Spststatic struct tok type2str[] = { 7539297Sfenner { AUTH_MSG_KDC_REQUEST, "KDC_REQUEST" }, 7639297Sfenner { AUTH_MSG_KDC_REPLY, "KDC_REPLY" }, 7739297Sfenner { AUTH_MSG_APPL_REQUEST, "APPL_REQUEST" }, 7839297Sfenner { AUTH_MSG_APPL_REQUEST_MUTUAL, "APPL_REQUEST_MUTUAL" }, 7939297Sfenner { AUTH_MSG_ERR_REPLY, "ERR_REPLY" }, 8039297Sfenner { AUTH_MSG_PRIVATE, "PRIVATE" }, 8139297Sfenner { AUTH_MSG_SAFE, "SAFE" }, 8239297Sfenner { AUTH_MSG_APPL_ERR, "APPL_ERR" }, 8339297Sfenner { AUTH_MSG_DIE, "DIE" }, 8439297Sfenner { 0, NULL } 8517680Spst}; 8617680Spst 8717680Spststatic struct tok kerr2str[] = { 8839297Sfenner { KERB_ERR_OK, "OK" }, 8939297Sfenner { KERB_ERR_NAME_EXP, "NAME_EXP" }, 9039297Sfenner { KERB_ERR_SERVICE_EXP, "SERVICE_EXP" }, 9139297Sfenner { KERB_ERR_AUTH_EXP, "AUTH_EXP" }, 9239297Sfenner { KERB_ERR_PKT_VER, "PKT_VER" }, 9339297Sfenner { KERB_ERR_NAME_MAST_KEY_VER, "NAME_MAST_KEY_VER" }, 9439297Sfenner { KERB_ERR_SERV_MAST_KEY_VER, "SERV_MAST_KEY_VER" }, 9539297Sfenner { KERB_ERR_BYTE_ORDER, "BYTE_ORDER" }, 9639297Sfenner { KERB_ERR_PRINCIPAL_UNKNOWN, "PRINCIPAL_UNKNOWN" }, 9739297Sfenner { KERB_ERR_PRINCIPAL_NOT_UNIQUE,"PRINCIPAL_NOT_UNIQUE" }, 9839297Sfenner { KERB_ERR_NULL_KEY, "NULL_KEY"}, 9939297Sfenner { 0, NULL} 10017680Spst}; 10117680Spst 102127668Sbmsstatic const u_char * 10317680Spstc_print(register const u_char *s, register const u_char *ep) 10417680Spst{ 10517680Spst register u_char c; 10617680Spst register int flag; 10717680Spst 10817680Spst flag = 1; 10939297Sfenner while (s < ep) { 11017680Spst c = *s++; 11117680Spst if (c == '\0') { 11217680Spst flag = 0; 11317680Spst break; 11417680Spst } 11517680Spst if (!isascii(c)) { 11617680Spst c = toascii(c); 11717680Spst putchar('M'); 11817680Spst putchar('-'); 11917680Spst } 12017680Spst if (!isprint(c)) { 12117680Spst c ^= 0x40; /* DEL to ?, others to alpha */ 12217680Spst putchar('^'); 12317680Spst } 12417680Spst putchar(c); 12517680Spst } 12617680Spst if (flag) 12717680Spst return NULL; 12839297Sfenner return (s); 12917680Spst} 13017680Spst 131127668Sbmsstatic const u_char * 13217680Spstkrb4_print_hdr(const u_char *cp) 13317680Spst{ 13439297Sfenner cp += 2; 13517680Spst 13639297Sfenner#define PRINT if ((cp = c_print(cp, snapend)) == NULL) goto trunc 13717680Spst 13817680Spst PRINT; 13939297Sfenner putchar('.'); 14039297Sfenner PRINT; 14139297Sfenner putchar('@'); 14239297Sfenner PRINT; 14339297Sfenner return (cp); 14417680Spst 14517680Spsttrunc: 14617680Spst fputs(tstr, stdout); 14739297Sfenner return (NULL); 14817680Spst 14917680Spst#undef PRINT 15017680Spst} 15117680Spst 152127668Sbmsstatic void 15317680Spstkrb4_print(const u_char *cp) 15417680Spst{ 15517680Spst register const struct krb *kp; 15617680Spst u_char type; 15717680Spst u_short len; 15817680Spst 15939297Sfenner#define PRINT if ((cp = c_print(cp, snapend)) == NULL) goto trunc 16017680Spst/* True if struct krb is little endian */ 16117680Spst#define IS_LENDIAN(kp) (((kp)->type & 0x01) != 0) 162127668Sbms#define KTOHSP(kp, cp) (IS_LENDIAN(kp) ? EXTRACT_LE_16BITS(cp) : EXTRACT_16BITS(cp)) 16317680Spst 16417680Spst kp = (struct krb *)cp; 16517680Spst 16617680Spst if ((&kp->type) >= snapend) { 16717680Spst fputs(tstr, stdout); 16817680Spst return; 16917680Spst } 17017680Spst 17117680Spst type = kp->type & (0xFF << 1); 17217680Spst 17317680Spst printf(" %s %s: ", 17417680Spst IS_LENDIAN(kp) ? "le" : "be", tok2str(type2str, NULL, type)); 17517680Spst 17617680Spst switch (type) { 17717680Spst 17817680Spst case AUTH_MSG_KDC_REQUEST: 17917680Spst if ((cp = krb4_print_hdr(cp)) == NULL) 18017680Spst return; 18139297Sfenner cp += 4; /* ctime */ 18239297Sfenner TCHECK(*cp); 18339297Sfenner printf(" %dmin ", *cp++ * 5); 18439297Sfenner PRINT; 18539297Sfenner putchar('.'); 18639297Sfenner PRINT; 18739297Sfenner break; 18817680Spst 18917680Spst case AUTH_MSG_APPL_REQUEST: 19017680Spst cp += 2; 19139297Sfenner TCHECK(*cp); 19217680Spst printf("v%d ", *cp++); 19317680Spst PRINT; 19439297Sfenner TCHECK(*cp); 19517680Spst printf(" (%d)", *cp++); 19639297Sfenner TCHECK(*cp); 19717680Spst printf(" (%d)", *cp); 19817680Spst break; 19917680Spst 20017680Spst case AUTH_MSG_KDC_REPLY: 20117680Spst if ((cp = krb4_print_hdr(cp)) == NULL) 20217680Spst return; 20317680Spst cp += 10; /* timestamp + n + exp + kvno */ 20439297Sfenner TCHECK2(*cp, sizeof(short)); 20517680Spst len = KTOHSP(kp, cp); 20617680Spst printf(" (%d)", len); 20717680Spst break; 20817680Spst 20917680Spst case AUTH_MSG_ERR_REPLY: 21017680Spst if ((cp = krb4_print_hdr(cp)) == NULL) 21117680Spst return; 21217680Spst cp += 4; /* timestamp */ 21339297Sfenner TCHECK2(*cp, sizeof(short)); 21417680Spst printf(" %s ", tok2str(kerr2str, NULL, KTOHSP(kp, cp))); 21517680Spst cp += 4; 21617680Spst PRINT; 21717680Spst break; 21817680Spst 21917680Spst default: 22017680Spst fputs("(unknown)", stdout); 22117680Spst break; 22217680Spst } 22317680Spst 22417680Spst return; 22517680Spsttrunc: 22617680Spst fputs(tstr, stdout); 22717680Spst} 22817680Spst 22917680Spstvoid 230127668Sbmskrb_print(const u_char *dat) 23117680Spst{ 23217680Spst register const struct krb *kp; 23317680Spst 23417680Spst kp = (struct krb *)dat; 23517680Spst 23617680Spst if (dat >= snapend) { 23717680Spst fputs(tstr, stdout); 23817680Spst return; 23917680Spst } 24017680Spst 24117680Spst switch (kp->pvno) { 24217680Spst 24317680Spst case 1: 24417680Spst case 2: 24517680Spst case 3: 24617680Spst printf(" v%d", kp->pvno); 24717680Spst break; 24817680Spst 24917680Spst case 4: 25017680Spst printf(" v%d", kp->pvno); 25126180Sfenner krb4_print((const u_char *)kp); 25217680Spst break; 25317680Spst 25417680Spst case 106: 25517680Spst case 107: 25617680Spst fputs(" v5", stdout); 25717680Spst /* Decode ASN.1 here "someday" */ 25817680Spst break; 25917680Spst } 26017680Spst return; 26117680Spst} 262