projects / OpenSPARC-T2-DV / blame
| Commit | Line | Data |
|---|---|---|
| 86530b38 AT |
1 | /* |
| 2 | * $Id: libnet_build_ipsec.c,v 1.19 2005/11/29 22:41:39 carlosc Exp $ | |
| 3 | * | |
| 4 | * libnet | |
| 5 | * libnet_build_ipsec.c - IP packet assembler | |
| 6 | * | |
| 7 | * Copyright (c) 1998 - 2004 Mike D. Schiffman <mike@infonexus.com> | |
| 8 | * Copyright (c) 2002 Jose Nazario <jose@crimelabs.net> | |
| 9 | * All rights reserved. | |
| 10 | * | |
| 11 | * Redistribution and use in source and binary forms, with or without | |
| 12 | * modification, are permitted provided that the following conditions | |
| 13 | * are met: | |
| 14 | * 1. Redistributions of source code must retain the above copyright | |
| 15 | * notice, this list of conditions and the following disclaimer. | |
| 16 | * 2. Redistributions in binary form must reproduce the above copyright | |
| 17 | * notice, this list of conditions and the following disclaimer in the | |
| 18 | * documentation and/or other materials provided with the distribution. | |
| 19 | * | |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND | |
| 21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
| 22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
| 23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
| 24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
| 25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
| 26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
| 27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
| 28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
| 29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
| 30 | * SUCH DAMAGE. | |
| 31 | * | |
| 32 | */ | |
| 33 | ||
| 34 | #if (HAVE_CONFIG_H) | |
| 35 | #include "../include/config.h" | |
| 36 | #endif | |
| 37 | #if (!(_WIN32) || (__CYGWIN__)) | |
| 38 | #include "../include/libnet.h" | |
| 39 | #else | |
| 40 | #include "../include/win32/libnet.h" | |
| 41 | #endif | |
| 42 | ||
| 43 | ||
| 44 | libnet_ptag_t | |
| 45 | libnet_build_ipsec_esp_hdr(u_int32_t spi, u_int32_t seq, u_int32_t iv, | |
| 46 | u_int8_t *payload, u_int32_t payload_s, libnet_t *l, libnet_ptag_t ptag) | |
| 47 | { | |
| 48 | u_int32_t n, h; | |
| 49 | libnet_pblock_t *p; | |
| 50 | struct libnet_esp_hdr esp_hdr; | |
| 51 | ||
| 52 | if (l == NULL) | |
| 53 | { | |
| 54 | return (-1); | |
| 55 | } | |
| 56 | ||
| 57 | n = LIBNET_IPSEC_ESP_HDR_H + payload_s;/* size of memory block */ | |
| 58 | h = 0; | |
| 59 | ||
| 60 | memset(&esp_hdr, 0, sizeof(esp_hdr)); | |
| 61 | esp_hdr.esp_spi = htonl(spi); /* SPI */ | |
| 62 | esp_hdr.esp_seq = htonl(seq); /* ESP sequence number */ | |
| 63 | esp_hdr.esp_iv = htonl(iv); /* initialization vector */ | |
| 64 | ||
| 65 | /* | |
| 66 | * Find the existing protocol block if a ptag is specified, or create | |
| 67 | * a new one. | |
| 68 | */ | |
| 69 | p = libnet_pblock_probe(l, ptag, n, LIBNET_PBLOCK_IPSEC_ESP_HDR_H); | |
| 70 | if (p == NULL) | |
| 71 | { | |
| 72 | return (-1); | |
| 73 | } | |
| 74 | ||
| 75 | n = libnet_pblock_append(l, p, (u_int8_t *)&esp_hdr, LIBNET_IPSEC_ESP_HDR_H); | |
| 76 | if (n == -1) | |
| 77 | { | |
| 78 | goto bad; | |
| 79 | } | |
| 80 | ||
| 81 | if ((payload && !payload_s) || (!payload && payload_s)) | |
| 82 | { | |
| 83 | snprintf(l->err_buf, LIBNET_ERRBUF_SIZE, | |
| 84 | "%s(): payload inconsistency\n", __func__); | |
| 85 | goto bad; | |
| 86 | } | |
| 87 | ||
| 88 | if (payload && payload_s) | |
| 89 | { | |
| 90 | n = libnet_pblock_append(l, p, payload, payload_s); | |
| 91 | if (n == -1) | |
| 92 | { | |
| 93 | goto bad; | |
| 94 | } | |
| 95 | } | |
| 96 | ||
| 97 | return (ptag ? ptag : libnet_pblock_update(l, p, h, | |
| 98 | LIBNET_PBLOCK_IPSEC_ESP_HDR_H)); | |
| 99 | bad: | |
| 100 | libnet_pblock_delete(l, p); | |
| 101 | return (-1); | |
| 102 | } | |
| 103 | ||
| 104 | ||
| 105 | libnet_ptag_t | |
| 106 | libnet_build_ipsec_esp_ftr(u_int8_t len, u_int8_t nh, int8_t *auth, | |
| 107 | u_int8_t *payload, u_int32_t payload_s, libnet_t *l, | |
| 108 | libnet_ptag_t ptag) | |
| 109 | { | |
| 110 | /* XXX we need to know the size of auth */ | |
| 111 | u_int32_t n, h; | |
| 112 | libnet_pblock_t *p; | |
| 113 | struct libnet_esp_ftr esp_ftr; | |
| 114 | ||
| 115 | if (l == NULL) | |
| 116 | { | |
| 117 | return (-1); | |
| 118 | } | |
| 119 | ||
| 120 | n = LIBNET_IPSEC_ESP_FTR_H + payload_s;/* size of memory block */ | |
| 121 | h = 0; | |
| 122 | ||
| 123 | memset(&esp_ftr, 0, sizeof(esp_ftr)); | |
| 124 | esp_ftr.esp_pad_len = len; /* pad length */ | |
| 125 | esp_ftr.esp_nh = nh; /* next header pointer */ | |
| 126 | esp_ftr.esp_auth = auth; /* authentication data */ | |
| 127 | ||
| 128 | /* | |
| 129 | * Find the existing protocol block if a ptag is specified, or create | |
| 130 | * a new one. | |
| 131 | */ | |
| 132 | p = libnet_pblock_probe(l, ptag, n, LIBNET_PBLOCK_IPSEC_ESP_FTR_H); | |
| 133 | if (p == NULL) | |
| 134 | { | |
| 135 | return (-1); | |
| 136 | } | |
| 137 | ||
| 138 | n = libnet_pblock_append(l, p, (u_int8_t *)&esp_ftr, LIBNET_IPSEC_ESP_FTR_H); | |
| 139 | if (n == -1) | |
| 140 | { | |
| 141 | goto bad; | |
| 142 | } | |
| 143 | ||
| 144 | if ((payload && !payload_s) || (!payload && payload_s)) | |
| 145 | { | |
| 146 | snprintf(l->err_buf, LIBNET_ERRBUF_SIZE, | |
| 147 | "%s(): payload inconsistency\n", __func__); | |
| 148 | goto bad; | |
| 149 | } | |
| 150 | ||
| 151 | if (payload && payload_s) | |
| 152 | { | |
| 153 | n = libnet_pblock_append(l, p, payload, payload_s); | |
| 154 | if (n == -1) | |
| 155 | { | |
| 156 | goto bad; | |
| 157 | } | |
| 158 | } | |
| 159 | ||
| 160 | return (ptag ? ptag : libnet_pblock_update(l, p, h, | |
| 161 | LIBNET_PBLOCK_IPSEC_ESP_FTR_H)); | |
| 162 | bad: | |
| 163 | libnet_pblock_delete(l, p); | |
| 164 | return (-1); | |
| 165 | } | |
| 166 | ||
| 167 | ||
| 168 | libnet_ptag_t | |
| 169 | libnet_build_ipsec_ah(u_int8_t nh, u_int8_t len, u_int16_t res, | |
| 170 | u_int32_t spi, u_int32_t seq, u_int32_t auth, u_int8_t *payload, | |
| 171 | u_int32_t payload_s, libnet_t *l, libnet_ptag_t ptag) | |
| 172 | { | |
| 173 | u_int32_t n, h; | |
| 174 | libnet_pblock_t *p; | |
| 175 | struct libnet_ah_hdr ah_hdr; | |
| 176 | ||
| 177 | if (l == NULL) | |
| 178 | { | |
| 179 | return (-1); | |
| 180 | } | |
| 181 | ||
| 182 | n = LIBNET_IPSEC_AH_H + payload_s;/* size of memory block */ | |
| 183 | h = 0; | |
| 184 | ||
| 185 | /* | |
| 186 | * Find the existing protocol block if a ptag is specified, or create | |
| 187 | * a new one. | |
| 188 | */ | |
| 189 | p = libnet_pblock_probe(l, ptag, n, LIBNET_PBLOCK_IPSEC_AH_H); | |
| 190 | if (p == NULL) | |
| 191 | { | |
| 192 | return (-1); | |
| 193 | } | |
| 194 | ||
| 195 | memset(&ah_hdr, 0, sizeof(ah_hdr)); | |
| 196 | ah_hdr.ah_nh = nh; /* next header */ | |
| 197 | ah_hdr.ah_len = len; /* length */ | |
| 198 | ah_hdr.ah_res = (res ? htons(res) : 0); | |
| 199 | ah_hdr.ah_spi = htonl(spi); /* SPI */ | |
| 200 | ah_hdr.ah_seq = htonl(seq); /* AH sequence number */ | |
| 201 | ah_hdr.ah_auth = htonl(auth); /* authentication data */ | |
| 202 | ||
| 203 | n = libnet_pblock_append(l, p, (u_int8_t *)&ah_hdr, LIBNET_IPSEC_AH_H); | |
| 204 | if (n == -1) | |
| 205 | { | |
| 206 | goto bad; | |
| 207 | } | |
| 208 | ||
| 209 | if ((payload && !payload_s) || (!payload && payload_s)) | |
| 210 | { | |
| 211 | snprintf(l->err_buf, LIBNET_ERRBUF_SIZE, | |
| 212 | "%s(): payload inconsistency\n", __func__); | |
| 213 | goto bad; | |
| 214 | } | |
| 215 | ||
| 216 | if (payload && payload_s) | |
| 217 | { | |
| 218 | n = libnet_pblock_append(l, p, payload, payload_s); | |
| 219 | if (n == -1) | |
| 220 | { | |
| 221 | goto bad; | |
| 222 | } | |
| 223 | } | |
| 224 | ||
| 225 | return (ptag ? ptag : libnet_pblock_update(l, p, h, | |
| 226 | LIBNET_PBLOCK_IPSEC_AH_H)); | |
| 227 | bad: | |
| 228 | libnet_pblock_delete(l, p); | |
| 229 | return (-1); | |
| 230 | } | |
| 231 | ||
| 232 | /* EOF */ |