2 * Routines for the Internet Security Association and Key Management Protocol (ISAKMP)
3 * Brad Robel-Forrest <brad.robel-forrest@watchguard.com>
5 * $Id: packet-isakmp.c,v 1.1 1999/06/11 15:30:38 gram Exp $
7 * Ethereal - Network traffic analyzer
8 * By Gerald Combs <gerald@unicom.net>
9 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
31 #ifdef HAVE_SYS_TYPES_H
32 # include <sys/types.h>
36 #include <netinet/in.h>
40 #define NUM_PROTO_TYPES 5
41 #define proto2str(t) \
42 ((t < NUM_PROTO_TYPES) ? prototypestr[t] : "UNKNOWN-PROTO-TYPE")
44 static const char *prototypestr[NUM_PROTO_TYPES] = {
52 #define NUM_ATT_TYPES 13
53 #define atttype2str(t) \
54 ((t < NUM_ATT_TYPES) ? atttypestr[t] : "UNKNOWN-ATTRIBUTE-TYPE")
56 static const char *atttypestr[NUM_ATT_TYPES] = {
57 "UNKNOWN-ATTRIBUTE-TYPE",
62 "Authentication-Algorithm",
65 "Compress-Dictinary-Size",
66 "Compress-Private-Algorithm"
67 "UNKNOWN-ATTRIBUTE-TYPE",
70 "Oakley-Life-Duration"
73 #define NUM_TRANS_TYPES 2
74 #define trans2str(t) \
75 ((t < NUM_TRANS_TYPES) ? transtypestr[t] : "UNKNOWN-TRANS-TYPE")
77 static const char *transtypestr[NUM_TRANS_TYPES] = {
82 #define NUM_ID_TYPES 12
84 ((t < NUM_ID_TYPES) ? idtypestr[t] : "UNKNOWN-ID-TYPE")
86 static const char *idtypestr[NUM_ID_TYPES] = {
123 struct proposal_hdr {
130 guint8 num_transforms;
137 guint8 transform_num;
142 #define TRANS_LEN(p) (pntohs(&((struct trans_hdr *)(p))->length))
217 static void dissect_none(const u_char *, int, frame_data *, proto_tree *);
218 static void dissect_sa(const u_char *, int, frame_data *, proto_tree *);
219 static void dissect_proposal(const u_char *, int, frame_data *, proto_tree *);
220 static void dissect_transform(const u_char *, int, frame_data *, proto_tree *);
221 static void dissect_key_exch(const u_char *, int, frame_data *, proto_tree *);
222 static void dissect_id(const u_char *, int, frame_data *, proto_tree *);
223 static void dissect_cert(const u_char *, int, frame_data *, proto_tree *);
224 static void dissect_certreq(const u_char *, int, frame_data *, proto_tree *);
225 static void dissect_hash(const u_char *, int, frame_data *, proto_tree *);
226 static void dissect_sig(const u_char *, int, frame_data *, proto_tree *);
227 static void dissect_nonce(const u_char *, int, frame_data *, proto_tree *);
228 static void dissect_notif(const u_char *, int, frame_data *, proto_tree *);
229 static void dissect_delete(const u_char *, int, frame_data *, proto_tree *);
230 static void dissect_vid(const u_char *, int, frame_data *, proto_tree *);
232 static const char *payloadtype2str(guint8);
233 static const char *exchtype2str(guint8);
234 static const char *doitype2str(guint32);
235 static const char *msgtype2str(guint16);
236 static const char *situation2str(guint32);
237 static const char *value2str(guint16, guint16);
238 static const char *num2str(const guint8 *, guint16);
240 #define NUM_LOAD_TYPES 14
241 #define loadtype2str(t) \
242 ((t < NUM_LOAD_TYPES) ? strfuncs[t].str : "Unknown payload type")
244 static struct strfunc {
246 void (*func)(const u_char *, int, frame_data *, proto_tree *);
247 } strfuncs[NUM_LOAD_TYPES] = {
248 {"NONE", dissect_none },
249 {"Security Association", dissect_sa },
250 {"Proposal", dissect_proposal },
251 {"Transform", dissect_transform },
252 {"Key Exchange", dissect_key_exch },
253 {"Identification", dissect_id },
254 {"Certificate", dissect_cert },
255 {"Certificate Request", dissect_certreq },
256 {"Hash", dissect_hash },
257 {"Signature", dissect_sig },
258 {"Nonce", dissect_nonce },
259 {"Notification", dissect_notif },
260 {"Delete", dissect_delete },
261 {"Vendor ID", dissect_vid }
264 void dissect_isakmp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
266 struct isakmp_hdr * hdr = (struct isakmp_hdr *)(pd + offset);
269 if (check_col(fd, COL_PROTOCOL))
270 col_add_str(fd, COL_PROTOCOL, "ISAKMP");
272 len = pntohl(&hdr->length);
274 if (check_col(fd, COL_INFO))
275 col_add_fstr(fd, COL_INFO, "%s", exchtype2str(hdr->exch_type));
277 if (fd->cap_len > offset && tree) {
279 proto_tree * isakmp_tree;
281 ti = proto_tree_add_item(tree, offset, len,
282 "Internet Security Association and Key Management Protocol");
283 isakmp_tree = proto_tree_new();
284 proto_item_add_subtree(ti, isakmp_tree, ETT_ISAKMP);
286 proto_tree_add_item(isakmp_tree, offset, sizeof(hdr->icookie),
288 offset += sizeof(hdr->icookie);
290 proto_tree_add_item(isakmp_tree, offset, sizeof(hdr->rcookie),
292 offset += sizeof(hdr->rcookie);
294 proto_tree_add_item(isakmp_tree, offset, sizeof(hdr->next_payload),
295 "Next payload: %s (%u)",
296 payloadtype2str(hdr->next_payload), hdr->next_payload);
297 offset += sizeof(hdr->next_payload);
299 proto_tree_add_item(isakmp_tree, offset, sizeof(hdr->version),
301 hi_nibble(hdr->version), lo_nibble(hdr->version));
302 offset += sizeof(hdr->version);
304 proto_tree_add_item(isakmp_tree, offset, sizeof(hdr->exch_type),
305 "Exchange type: %s (%u)",
306 exchtype2str(hdr->exch_type), hdr->exch_type);
307 offset += sizeof(hdr->exch_type);
313 fti = proto_tree_add_item(isakmp_tree, offset, sizeof(hdr->flags), "Flags");
314 ftree = proto_tree_new();
315 proto_item_add_subtree(fti, ftree, ETT_ISAKMP_FLAGS);
317 proto_tree_add_item(ftree, offset, 1, "%s",
318 decode_boolean_bitfield(hdr->flags, E_FLAG, sizeof(hdr->flags)*8,
319 "Encryption", "No encryption"));
320 proto_tree_add_item(ftree, offset, 1, "%s",
321 decode_boolean_bitfield(hdr->flags, C_FLAG, sizeof(hdr->flags)*8,
322 "Commit", "No commit"));
323 proto_tree_add_item(ftree, offset, 1, "%s",
324 decode_boolean_bitfield(hdr->flags, A_FLAG, sizeof(hdr->flags)*8,
325 "Authentication", "No authentication"));
326 offset += sizeof(hdr->flags);
329 proto_tree_add_item(isakmp_tree, offset, sizeof(hdr->message_id), "Message ID");
330 offset += sizeof(hdr->message_id);
332 proto_tree_add_item(isakmp_tree, offset, sizeof(hdr->length),
334 offset += sizeof(hdr->length);
336 if (hdr->next_payload < NUM_LOAD_TYPES)
337 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, isakmp_tree);
339 dissect_data(pd, offset, fd, isakmp_tree);
344 dissect_none(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
348 dissect_sa(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
350 struct sa_hdr * hdr = (struct sa_hdr *)(pd + offset);
351 guint16 length = pntohs(&hdr->length);
352 guint32 doi = pntohl(&hdr->doi);
353 guint32 situation = pntohl(&hdr->situation);
354 proto_item * ti = proto_tree_add_item(tree, offset, length, "Security Association payload");
355 proto_tree * ntree = proto_tree_new();
357 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
359 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
360 "Next payload: %s (%u)",
361 payloadtype2str(hdr->next_payload), hdr->next_payload);
362 offset += sizeof(hdr->next_payload) * 2;
364 proto_tree_add_item(ntree, offset, sizeof(length),
365 "Length: %u", length);
366 offset += sizeof(length);
368 proto_tree_add_item(ntree, offset, sizeof(doi),
369 "Domain of interpretation: %s (%u)",
370 doitype2str(doi), doi);
371 offset += sizeof(doi);
373 proto_tree_add_item(ntree, offset, sizeof(situation),
374 "Situation: %s (%u)",
375 situation2str(situation), situation);
376 offset += sizeof(situation);
378 dissect_proposal(pd, offset, fd, ntree);
379 offset += (length - sizeof(*hdr));
381 if (hdr->next_payload < NUM_LOAD_TYPES)
382 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
384 dissect_data(pd, offset, fd, tree);
388 dissect_proposal(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
390 struct proposal_hdr * hdr = (struct proposal_hdr *)(pd + offset);
391 guint16 length = pntohs(&hdr->length);
392 proto_item * ti = proto_tree_add_item(tree, offset, length, "Proposal payload");
393 proto_tree * ntree = proto_tree_new();
396 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
398 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
399 "Next payload: %s (%u)",
400 payloadtype2str(hdr->next_payload), hdr->next_payload);
401 offset += sizeof(hdr->next_payload) * 2;
403 proto_tree_add_item(ntree, offset, sizeof(length),
404 "Length: %u", length);
405 offset += sizeof(length);
407 proto_tree_add_item(ntree, offset, sizeof(hdr->proposal_num),
408 "Proposal number: %u", hdr->proposal_num);
409 offset += sizeof(hdr->proposal_num);
411 proto_tree_add_item(ntree, offset, sizeof(hdr->protocol_id),
412 "Protocol ID: %s (%u)",
413 proto2str(hdr->protocol_id), hdr->protocol_id);
414 offset += sizeof(hdr->protocol_id);
416 proto_tree_add_item(ntree, offset, sizeof(hdr->spi_size),
417 "SPI size: %u", hdr->spi_size);
418 offset += sizeof(hdr->spi_size);
421 proto_tree_add_item(ntree, offset, hdr->spi_size, "SPI");
422 offset += hdr->spi_size;
425 proto_tree_add_item(ntree, offset, sizeof(hdr->num_transforms),
426 "Number of transforms: %u", hdr->num_transforms);
427 offset += sizeof(hdr->num_transforms);
429 for (i = 0; i < hdr->num_transforms; ++i) {
430 dissect_transform(pd, offset, fd, ntree);
431 offset += TRANS_LEN(pd+offset);
434 if (hdr->next_payload < NUM_LOAD_TYPES)
435 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
437 dissect_data(pd, offset, fd, tree);
441 dissect_transform(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
443 struct trans_hdr * hdr = (struct trans_hdr *)(pd + offset);
444 guint16 length = pntohs(&hdr->length);
445 proto_item * ti = proto_tree_add_item(tree, offset, length, "Transform payload");
446 proto_tree * ntree = proto_tree_new();
448 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
450 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
451 "Next payload: %s (%u)",
452 payloadtype2str(hdr->next_payload), hdr->next_payload);
453 offset += sizeof(hdr->next_payload) * 2;
455 proto_tree_add_item(ntree, offset, sizeof(length),
456 "Length: %u", length);
457 offset += sizeof(length);
459 proto_tree_add_item(ntree, offset, sizeof(hdr->transform_num),
460 "Transform number: %u", hdr->transform_num);
461 offset += sizeof(hdr->transform_num);
463 proto_tree_add_item(ntree, offset, sizeof(hdr->transform_id),
464 "Transform ID: %s (%u)",
465 trans2str(hdr->transform_id), hdr->transform_id);
466 offset += sizeof(hdr->transform_id) + sizeof(hdr->reserved2);
468 length -= sizeof(*hdr);
470 guint16 type = pntohs(pd + offset) & 0x7fff;
471 guint16 val_len = pntohs(pd + offset + 2);
473 if (pd[offset] & 0xf0) {
474 proto_tree_add_item(ntree, offset, 4,
476 atttype2str(type), type,
477 value2str(type, val_len), val_len);
482 guint16 pack_len = 4 + val_len;
484 proto_tree_add_item(ntree, offset, pack_len,
486 atttype2str(type), type,
487 num2str(pd + offset + 4, val_len));
493 if (hdr->next_payload < NUM_LOAD_TYPES)
494 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
496 dissect_data(pd, offset, fd, tree);
500 dissect_key_exch(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
502 struct ke_hdr * hdr = (struct ke_hdr *)(pd + offset);
503 guint16 length = pntohs(&hdr->length);
504 proto_item * ti = proto_tree_add_item(tree, offset, length, "Key Exchange payload");
505 proto_tree * ntree = proto_tree_new();
507 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
509 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
510 "Next payload: %s (%u)",
511 payloadtype2str(hdr->next_payload), hdr->next_payload);
512 offset += sizeof(hdr->next_payload) * 2;
514 proto_tree_add_item(ntree, offset, sizeof(length),
515 "Length: %u", length);
516 offset += sizeof(length);
518 proto_tree_add_item(ntree, offset, length - sizeof(*hdr), "Key Exchange Data");
519 offset += (length - sizeof(*hdr));
521 if (hdr->next_payload < NUM_LOAD_TYPES)
522 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
524 dissect_data(pd, offset, fd, tree);
528 dissect_id(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
530 struct id_hdr * hdr = (struct id_hdr *)(pd + offset);
531 guint16 length = pntohs(&hdr->length);
532 proto_item * ti = proto_tree_add_item(tree, offset, length, "Identification payload");
533 proto_tree * ntree = proto_tree_new();
535 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
537 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
538 "Next payload: %s (%u)",
539 payloadtype2str(hdr->next_payload), hdr->next_payload);
540 offset += sizeof(hdr->next_payload) * 2;
542 proto_tree_add_item(ntree, offset, sizeof(length),
543 "Length: %u", length);
544 offset += sizeof(length);
546 proto_tree_add_item(ntree, offset, sizeof(hdr->id_type),
547 "ID type: %s (%u)", id2str(hdr->id_type), hdr->id_type);
548 offset += sizeof(hdr->id_type);
550 proto_tree_add_item(ntree, offset, sizeof(hdr->protocol_id),
551 "Protocol ID: %u", hdr->protocol_id);
552 offset += sizeof(hdr->protocol_id);
554 proto_tree_add_item(ntree, offset, sizeof(hdr->port),
555 "Port: %u", pntohs(&hdr->port));
556 offset += sizeof(hdr->port);
558 switch (hdr->id_type) {
561 proto_tree_add_item(ntree, offset, length-sizeof(*hdr),
562 "Identification data: %s", ip_to_str(pd+offset));
566 proto_tree_add_item(ntree, offset, length-sizeof(*hdr),
567 "Identification data: %s", (char *)(pd+offset));
570 proto_tree_add_item(ntree, offset, length - sizeof(*hdr), "Identification Data");
572 offset += (length - sizeof(*hdr));
574 if (hdr->next_payload < NUM_LOAD_TYPES)
575 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
577 dissect_data(pd, offset, fd, tree);
581 dissect_cert(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
583 struct cert_hdr * hdr = (struct cert_hdr *)(pd + offset);
584 guint16 length = pntohs(&hdr->length);
585 proto_item * ti = proto_tree_add_item(tree, offset, length, "Certificate payload");
586 proto_tree * ntree = proto_tree_new();
588 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
590 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
591 "Next payload: %s (%u)",
592 payloadtype2str(hdr->next_payload), hdr->next_payload);
593 offset += sizeof(hdr->next_payload) * 2;
595 proto_tree_add_item(ntree, offset, sizeof(length),
596 "Length: %u", length);
597 offset += sizeof(length);
599 proto_tree_add_item(ntree, offset, sizeof(hdr->cert_enc),
600 "Certificate encoding: %u", hdr->cert_enc);
601 offset += sizeof(hdr->cert_enc);
603 proto_tree_add_item(ntree, offset, length - sizeof(*hdr), "Certificate Data");
604 offset += (length - sizeof(*hdr));
606 if (hdr->next_payload < NUM_LOAD_TYPES)
607 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
609 dissect_data(pd, offset, fd, tree);
613 dissect_certreq(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
615 struct certreq_hdr * hdr = (struct certreq_hdr *)(pd + offset);
616 guint16 length = pntohs(&hdr->length);
617 proto_item * ti = proto_tree_add_item(tree, offset, length, "Certificate Request payload");
618 proto_tree * ntree = proto_tree_new();
620 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
622 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
623 "Next payload: %s (%u)",
624 payloadtype2str(hdr->next_payload), hdr->next_payload);
625 offset += sizeof(hdr->next_payload) * 2;
627 proto_tree_add_item(ntree, offset, sizeof(length),
628 "Length: %u", length);
629 offset += sizeof(length);
631 proto_tree_add_item(ntree, offset, sizeof(hdr->cert_type),
632 "Certificate type: %u", hdr->cert_type);
633 offset += sizeof(hdr->cert_type);
635 proto_tree_add_item(ntree, offset, length - sizeof(*hdr), "Certificate Authority");
636 offset += (length - sizeof(*hdr));
638 if (hdr->next_payload < NUM_LOAD_TYPES)
639 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
641 dissect_data(pd, offset, fd, tree);
645 dissect_hash(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
647 struct hash_hdr * hdr = (struct hash_hdr *)(pd + offset);
648 guint16 length = pntohs(&hdr->length);
649 proto_item * ti = proto_tree_add_item(tree, offset, length, "Hash payload");
650 proto_tree * ntree = proto_tree_new();
652 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
654 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
655 "Next payload: %s (%u)",
656 payloadtype2str(hdr->next_payload), hdr->next_payload);
657 offset += sizeof(hdr->next_payload) * 2;
659 proto_tree_add_item(ntree, offset, sizeof(length),
660 "Length: %u", length);
661 offset += sizeof(length);
663 proto_tree_add_item(ntree, offset, length - sizeof(*hdr), "Hash Data");
664 offset += (length - sizeof(*hdr));
666 if (hdr->next_payload < NUM_LOAD_TYPES)
667 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
669 dissect_data(pd, offset, fd, tree);
673 dissect_sig(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
675 struct sig_hdr * hdr = (struct sig_hdr *)(pd + offset);
676 guint16 length = pntohs(&hdr->length);
677 proto_item * ti = proto_tree_add_item(tree, offset, length, "Signature payload");
678 proto_tree * ntree = proto_tree_new();
680 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
682 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
683 "Next payload: %s (%u)",
684 payloadtype2str(hdr->next_payload), hdr->next_payload);
685 offset += sizeof(hdr->next_payload) * 2;
687 proto_tree_add_item(ntree, offset, sizeof(length),
688 "Length: %u", length);
689 offset += sizeof(length);
691 proto_tree_add_item(ntree, offset, length - sizeof(*hdr), "Signature Data");
692 offset += (length - sizeof(*hdr));
694 if (hdr->next_payload < NUM_LOAD_TYPES)
695 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
697 dissect_data(pd, offset, fd, tree);
701 dissect_nonce(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
703 struct nonce_hdr * hdr = (struct nonce_hdr *)(pd + offset);
704 guint16 length = pntohs(&hdr->length);
705 proto_item * ti = proto_tree_add_item(tree, offset, length, "Nonce payload");
706 proto_tree * ntree = proto_tree_new();
708 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
710 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
711 "Next payload: %s (%u)",
712 payloadtype2str(hdr->next_payload), hdr->next_payload);
713 offset += sizeof(hdr->next_payload) * 2;
715 proto_tree_add_item(ntree, offset, sizeof(length),
716 "Length: %u", length);
717 offset += sizeof(length);
719 proto_tree_add_item(ntree, offset, length - sizeof(*hdr), "Nonce Data");
720 offset += (length - sizeof(*hdr));
722 if (hdr->next_payload < NUM_LOAD_TYPES)
723 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
725 dissect_data(pd, offset, fd, tree);
729 dissect_notif(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
731 struct notif_hdr * hdr = (struct notif_hdr *)(pd + offset);
732 guint16 length = pntohs(&hdr->length);
733 guint32 doi = pntohl(&hdr->doi);
734 guint16 msgtype = pntohs(&hdr->msgtype);
735 proto_item * ti = proto_tree_add_item(tree, offset, length, "Notification payload");
736 proto_tree * ntree = proto_tree_new();
738 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
740 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
741 "Next payload: %s (%u)",
742 payloadtype2str(hdr->next_payload), hdr->next_payload);
743 offset += sizeof(hdr->next_payload) * 2;
745 proto_tree_add_item(ntree, offset, sizeof(length),
746 "Length: %u", length);
747 offset += sizeof(length);
749 proto_tree_add_item(ntree, offset, sizeof(doi),
750 "Domain of Interpretation: %s (%u)", doitype2str(doi), doi);
751 offset += sizeof(doi);
753 proto_tree_add_item(ntree, offset, sizeof(hdr->protocol_id),
754 "Protocol ID: %s (%u)",
755 proto2str(hdr->protocol_id), hdr->protocol_id);
756 offset += sizeof(hdr->protocol_id);
758 proto_tree_add_item(ntree, offset, sizeof(hdr->spi_size),
759 "SPI size: %u", hdr->spi_size);
760 offset += sizeof(hdr->spi_size);
762 proto_tree_add_item(ntree, offset, sizeof(msgtype),
763 "Message type: %s (%u)", msgtype2str(msgtype), msgtype);
764 offset += sizeof(msgtype);
767 proto_tree_add_item(ntree, offset, hdr->spi_size, "Security Parameter Index");
768 offset += hdr->spi_size;
771 if (length - sizeof(*hdr)) {
772 proto_tree_add_item(ntree, offset, length - sizeof(*hdr) - hdr->spi_size,
773 "Notification Data");
774 offset += (length - sizeof(*hdr) - hdr->spi_size);
777 if (hdr->next_payload < NUM_LOAD_TYPES)
778 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
780 dissect_data(pd, offset, fd, tree);
784 dissect_delete(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
786 struct delete_hdr * hdr = (struct delete_hdr *)(pd + offset);
787 guint16 length = pntohs(&hdr->length);
788 guint32 doi = pntohl(&hdr->doi);
789 guint16 num_spis = pntohs(&hdr->num_spis);
790 proto_item * ti = proto_tree_add_item(tree, offset, length, "Delete payload");
791 proto_tree * ntree = proto_tree_new();
794 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
796 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
797 "Next payload: %s (%u)",
798 payloadtype2str(hdr->next_payload), hdr->next_payload);
799 offset += sizeof(hdr->next_payload) * 2;
801 proto_tree_add_item(ntree, offset, sizeof(length),
802 "Length: %u", length);
803 offset += sizeof(length);
805 proto_tree_add_item(ntree, offset, sizeof(doi),
806 "Domain of Interpretation: %s (%u)", doitype2str(doi), doi);
807 offset += sizeof(doi);
809 proto_tree_add_item(ntree, offset, sizeof(hdr->protocol_id),
810 "Protocol ID: %s (%u)",
811 proto2str(hdr->protocol_id), hdr->protocol_id);
812 offset += sizeof(hdr->protocol_id);
814 proto_tree_add_item(ntree, offset, sizeof(hdr->spi_size),
815 "SPI size: %u", hdr->spi_size);
816 offset += sizeof(hdr->spi_size);
818 proto_tree_add_item(ntree, offset, num_spis,
819 "Number of SPIs: %u", num_spis);
820 offset += sizeof(hdr->num_spis);
822 for (i = 0; i < num_spis; ++i) {
823 proto_tree_add_item(ntree, offset, hdr->spi_size,
825 offset += hdr->spi_size;
828 if (hdr->next_payload < NUM_LOAD_TYPES)
829 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
831 dissect_data(pd, offset, fd, tree);
835 dissect_vid(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) {
837 struct vid_hdr * hdr = (struct vid_hdr *)(pd + offset);
838 guint16 length = pntohs(&hdr->length);
839 proto_item * ti = proto_tree_add_item(tree, offset, length, "Vendor ID payload");
840 proto_tree * ntree = proto_tree_new();
842 proto_item_add_subtree(ti, ntree, ETT_ISAKMP_PAYLOAD);
844 proto_tree_add_item(ntree, offset, sizeof(hdr->next_payload),
845 "Next payload: %s (%u)",
846 payloadtype2str(hdr->next_payload), hdr->next_payload);
847 offset += sizeof(hdr->next_payload) * 2;
849 proto_tree_add_item(ntree, offset, sizeof(length),
850 "Length: %u", length);
851 offset += sizeof(length);
853 proto_tree_add_item(ntree, offset, length - sizeof(*hdr), "Vendor ID");
854 offset += (length - sizeof(*hdr));
856 if (hdr->next_payload < NUM_LOAD_TYPES)
857 (*strfuncs[hdr->next_payload].func)(pd, offset, fd, tree);
859 dissect_data(pd, offset, fd, tree);
863 payloadtype2str(guint8 type) {
865 if (type < NUM_LOAD_TYPES) return strfuncs[type].str;
866 if (type < 128) return "RESERVED";
867 if (type < 256) return "Private USE";
869 return "Huh? You should never see this! Shame on you!";
873 exchtype2str(guint8 type) {
875 #define NUM_EXCHSTRS 6
876 static const char * exchstrs[NUM_EXCHSTRS] = {
879 "Identity Protection",
880 "Authentication Only",
885 if (type < NUM_EXCHSTRS) return exchstrs[type];
886 if (type < 32) return "ISAKMP Future Use";
887 if (type < 240) return "DOI Specific Use";
888 if (type < 256) return "Private Use";
890 return "Huh? You should never see this! Shame on you!";
894 doitype2str(guint32 type) {
895 if (type == 1) return "IPSEC";
896 return "Unknown DOI Type";
900 msgtype2str(guint16 type) {
902 #define NUM_PREDEFINED 31
903 static const char *msgs[NUM_PREDEFINED] = {
905 "INVALID-PAYLOAD-TYPE",
907 "SITUATION-NOT-SUPPORTED",
909 "INVALID-MAJOR-VERSION",
910 "INVALID-MINOR-VERSION",
911 "INVALID-EXCHANGE-TYPE",
913 "INVALID-MESSAGE-ID",
914 "INVALID-PROTOCOL-ID",
916 "INVALID-TRANSFORM-ID",
917 "ATTRIBUTES-NOT-SUPPORTED",
918 "NO-PROPOSAL-CHOSEN",
919 "BAD-PROPOSAL-SYNTAX",
921 "INVALID-KEY-INFORMATION",
922 "INVALID-ID-INFORMATION",
923 "INVALID-CERT-ENCODING",
924 "INVALID-CERTIFICATE",
925 "CERT-TYPE-UNSUPPORTED",
926 "INVALID-CERT-AUTHORITY",
927 "INVALID-HASH-INFORMATION",
928 "AUTHENTICATION-FAILED",
930 "ADDRESS-NOTIFICATION",
931 "NOTIFY-SA-LIFETIME",
932 "CERTIFICATE-UNAVAILABLE",
933 "UNSUPPORTED-EXCHANGE-TYPE",
934 "UNEQUAL-PAYLOAD-LENGTHS"
937 if (type < NUM_PREDEFINED) return msgs[type];
938 if (type < 8192) return "RESERVED (Future Use)";
939 if (type < 16384) return "Private Use";
940 if (type < 16385) return "CONNECTED";
941 if (type < 24576) return "RESERVED (Future Use) - status";
942 if (type < 24577) return "RESPONDER-LIFETIME";
943 if (type < 24578) return "REPLAY-STATUS";
944 if (type < 24579) return "INITIAL-CONTACT";
945 if (type < 32768) return "DOI-specific codes";
946 if (type < 40960) return "Private Use - status";
947 if (type < 65535) return "RESERVED (Future Use) - status (2)";
949 return "Huh? You should never see this! Shame on you!";
953 situation2str(guint32 type) {
955 #define SIT_MSG_NUM 1024
956 #define SIT_IDENTITY 0x01
957 #define SIT_SECRECY 0x02
958 #define SIT_INTEGRITY 0x04
960 static char msg[SIT_MSG_NUM];
964 if (type & SIT_IDENTITY) {
965 n += snprintf(msg, SIT_MSG_NUM-n, "%sIDENTITY", sep);
968 if (type & SIT_SECRECY) {
969 n += snprintf(msg, SIT_MSG_NUM-n, "%sSECRECY", sep);
972 if (type & SIT_INTEGRITY) {
973 n += snprintf(msg, SIT_MSG_NUM-n, "%sINTEGRITY", sep);
981 value2str(guint16 att_type, guint16 value) {
983 if (value == 0) return "RESERVED";
989 case 1: return "Seconds";
990 case 2: return "Kilobytes";
991 default: return "UNKNOWN-SA-VALUE";
994 return "Group-Value";
997 case 1: return "Tunnel";
998 case 2: return "Transport";
999 default: return "UNKNOWN-ENCAPSULATION-VALUE";
1003 case 1: return "HMAC-MD5";
1004 case 2: return "HMAC-SHA";
1005 case 3: return "DES-MAC";
1006 case 4: return "KPDK";
1007 default: return "UNKNOWN-AUTHENTICATION-VALUE";
1011 default: return "UNKNOWN-ATTRIBUTE-TYPE";
1016 num2str(const guint8 *pd, guint16 len) {
1018 #define NUMSTR_LEN 1024
1019 static char numstr[NUMSTR_LEN];
1023 snprintf(numstr, NUMSTR_LEN, "%u", *pd);
1026 snprintf(numstr, NUMSTR_LEN, "%u", pntohs(pd));
1029 snprintf(numstr, NUMSTR_LEN, "%lu", pntohl(pd) & 0x0fff);
1032 snprintf(numstr, NUMSTR_LEN, "%lu", pntohl(pd));
1035 snprintf(numstr, NUMSTR_LEN, "<too big>");