From e19c28f1db826244140d75296023d58b91bc4a02 Mon Sep 17 00:00:00 2001 From: David Gwynne Date: Fri, 6 Jul 2018 05:47:23 +0000 Subject: Rework UDP parsing, particularly around IP addresses. This originally started as trying to put a consistent space between the UDP header information and the payload parsing, but while doing that I noticed inconsistent IPv4 vs IPv6 handling. Apart from the default "srcip.srcport > dstip.dstpor" output, all the other places that IP addresses were printed assumed IPv4. It looks like it is possible that udp_print() can be called without an IP header, which made these blind IPv4 prints turn into NULL derefs. This fixes the problem above by only having a single place that prints the addresses out, and makes sure to get the difference between IPv4, IPv6 and no IP correct. This changes how the checksum is calculated. It incrementally builds the UDP checksum by feeding the IPv4 and v6 addresses in separately, then using common code for the rest of the pseudo header and actual payload. Lastly, this does make printing the space between the UDP header and its payload consistent. The UDP code is now responsible for adding a space after itself so the payload parsers don't have to. They got it wrong in some cases anyway, so this should be a lot more uniform. help and ok sthen@ --- usr.sbin/tcpdump/print-ipsec.c | 24 +++--------------------- 1 file changed, 3 insertions(+), 21 deletions(-) (limited to 'usr.sbin/tcpdump/print-ipsec.c') diff --git a/usr.sbin/tcpdump/print-ipsec.c b/usr.sbin/tcpdump/print-ipsec.c index 32b9d177393..733ecdb75cc 100644 --- a/usr.sbin/tcpdump/print-ipsec.c +++ b/usr.sbin/tcpdump/print-ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-ipsec.c,v 1.23 2015/11/16 00:16:39 mmcc Exp $ */ +/* $OpenBSD: print-ipsec.c,v 1.24 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999 @@ -201,33 +201,15 @@ esp_decrypt (const u_char *bp, u_int len, const u_char *bp2) void esp_print (const u_char *bp, u_int len, const u_char *bp2) { - const struct ip *ip; const struct esp_hdr *esp; - u_int plen = len; -#ifdef INET6 - const struct ip6_hdr *ip6; -#endif - - ip = (const struct ip *)bp2; -#ifdef INET6 - if (ip->ip_v == 6) { - ip6 = (const struct ip6_hdr *)bp2; - printf("esp %s > %s", ip6addr_string(&ip6->ip6_src), - ip6addr_string(&ip6->ip6_dst)); - } else -#endif - { - printf("esp %s > %s", - ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); - } - if (plen < sizeof(struct esp_hdr)) { + if (len < sizeof(struct esp_hdr)) { printf("[|esp]"); return; } esp = (const struct esp_hdr *)bp; - printf(" spi 0x%08x seq %u len %d", + printf("esp spi 0x%08x seq %u len %d", ntohl(esp->esp_spi), ntohl(esp->esp_seq), len); if (espinit) -- cgit v1.2.3