Ethereal-dev: [Ethereal-dev] patch for packet-isakmp.c to fix decoding ikev2 payload

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Shoichi Sakane <sakane@xxxxxxxx>
Date: Sat, 24 Sep 2005 11:53:33 +0900
Hi, I fixed some bugs to decoding IKEv2 payloads.  the following things
have been checked at the IPsec bake off in Toronto this week.

	- fixed decoding IP address in TS payload
	- fixed decoding IPv6 address in ID payload
	- fixed decoding IKEv2 Delete payload
	- SPI printing

the attached file is the diff file from
epan/dissectors/packet-isakmp.c of 0.10.12

regards,

*** packet-isakmp.c.orig	Fri Sep 23 23:36:37 2005
--- packet-isakmp.c	Sat Sep 24 02:42:33 2005
***************
*** 676,682 ****
    length -= 1;
  
    if (spi_size) {
!     proto_tree_add_text(tree, tvb, offset, spi_size, "SPI: %s",
  			tvb_bytes_to_str(tvb, offset, spi_size));
      offset += spi_size;
      length -= spi_size;
--- 676,682 ----
    length -= 1;
  
    if (spi_size) {
!     proto_tree_add_text(tree, tvb, offset, spi_size, "SPI: 0x%s",
  			tvb_bytes_to_str(tvb, offset, spi_size));
      offset += spi_size;
      length -= spi_size;
***************
*** 1120,1142 ****
    length -= 2;
  
    switch (id_type) {
!     case 1:
        proto_tree_add_text(tree, tvb, offset, length,
  			  "Identification data: %s",
  			  ip_to_str(tvb_get_ptr(tvb, offset, 4)));
        break;
!     case 2:
!     case 3:
        proto_tree_add_text(tree, tvb, offset, length,
  			  "Identification data: %.*s", length,
  			  tvb_get_ptr(tvb, offset, length));
        break;
!     case 4:
        proto_tree_add_text(tree, tvb, offset, length,
  			  "Identification data: %s/%s",
  			  ip_to_str(tvb_get_ptr(tvb, offset, 4)),
  			  ip_to_str(tvb_get_ptr(tvb, offset+4, 4)));
        break;
      case 9:
        dissect_x509if_Name(FALSE, tvb, offset, pinfo, tree,
  			  hf_ike_certificate_authority);
--- 1120,1155 ----
    length -= 2;
  
    switch (id_type) {
!     case 1:	/* ID_IPV4_ADDR */
        proto_tree_add_text(tree, tvb, offset, length,
  			  "Identification data: %s",
  			  ip_to_str(tvb_get_ptr(tvb, offset, 4)));
        break;
!     case 2:	/* ID_FQDN */
!     case 3:	/* ID_USER_FQDN */
        proto_tree_add_text(tree, tvb, offset, length,
  			  "Identification data: %.*s", length,
  			  tvb_get_ptr(tvb, offset, length));
        break;
!     case 4:	/* ID_IPV4_ADDR_SUBNET */
!     case 7:	/* ID_IPV4_ADDR_RANGE */
        proto_tree_add_text(tree, tvb, offset, length,
  			  "Identification data: %s/%s",
  			  ip_to_str(tvb_get_ptr(tvb, offset, 4)),
  			  ip_to_str(tvb_get_ptr(tvb, offset+4, 4)));
        break;
+     case 5:	/* ID_IPV6_ADDR */
+       proto_tree_add_text(tree, tvb, offset, length,
+ 			  "Identification data: %s",
+ 			  ip6_to_str(tvb_get_ptr(tvb, offset, 16)));
+       break;
+     case 6:	/* ID_IPV6_ADDR_SUBNET */
+     case 8:	/* ID_IPV6_ADDR_RANGE */
+       proto_tree_add_text(tree, tvb, offset, length,
+ 			  "Identification data: %s/%s",
+ 			  ip6_to_str(tvb_get_ptr(tvb, offset, 16)),
+ 			  ip6_to_str(tvb_get_ptr(tvb, offset+16, 16)));
+       break;
      case 9:
        dissect_x509if_Name(FALSE, tvb, offset, pinfo, tree,
  			  hf_ike_certificate_authority);
***************
*** 1302,1308 ****
    length -= 2;
  
    if (spi_size) {
!     proto_tree_add_text(tree, tvb, offset, spi_size, "Security Parameter Index");
      offset += spi_size;
      length -= spi_size;
    }
--- 1315,1322 ----
    length -= 2;
  
    if (spi_size) {
!     proto_tree_add_text(tree, tvb, offset, spi_size, "SPI: 0x%s",
! 			tvb_bytes_to_str(tvb, offset, spi_size));
      offset += spi_size;
      length -= spi_size;
    }
***************
*** 1335,1346 ****
    guint16		num_spis;
    guint16		i;
  
!   doi = tvb_get_ntohl(tvb, offset);
!   proto_tree_add_text(tree, tvb, offset, 4,
! 		      "Domain of Interpretation: %s (%u)",
! 		      doitype2str(doi), doi);
!   offset += 4;
!   length -= 4;
  
    protocol_id = tvb_get_guint8(tvb, offset);
    proto_tree_add_text(tree, tvb, offset, 1,
--- 1349,1362 ----
    guint16		num_spis;
    guint16		i;
  
!   if (isakmp_version == 1) {
!     doi = tvb_get_ntohl(tvb, offset);
!     proto_tree_add_text(tree, tvb, offset, 4,
! 		        "Domain of Interpretation: %s (%u)",
! 		        doitype2str(doi), doi);
!     offset += 4;
!     length -= 4;
!   }
  
    protocol_id = tvb_get_guint8(tvb, offset);
    proto_tree_add_text(tree, tvb, offset, 1,
***************
*** 1367,1374 ****
            "Not enough room in payload for all SPI's");
        break;
      }
!     proto_tree_add_text(tree, tvb, offset, spi_size,
! 			"SPI (%d)", i);
      offset += spi_size;
      length -= spi_size;
    }
--- 1383,1390 ----
            "Not enough room in payload for all SPI's");
        break;
      }
!     proto_tree_add_text(tree, tvb, offset, spi_size, "SPI: 0x%s",
! 			tvb_bytes_to_str(tvb, offset, spi_size));
      offset += spi_size;
      length -= spi_size;
    }
***************
*** 1735,1742 ****
        addrlen = 16;
        break;
      default:
!       addrlen = 255;
      }
      /*
       * XXX should the remaining of the length check be done here ?
       * it seems other routines don't check the length.
--- 1751,1761 ----
        addrlen = 16;
        break;
      default:
!       proto_item_append_text(tree, "unknown TS data (aborted decoding): 0x%s",
! 			tvb_bytes_to_str(tvb, offset, length));
!       return;
      }
+ 
      /*
       * XXX should the remaining of the length check be done here ?
       * it seems other routines don't check the length.
***************
*** 1773,1789 ****
      offset += 2;
      length -= 2;
  
!     proto_tree_add_text(tree, tvb, offset, length,
!   			  "Starting Address: %s",
!   			  ip_to_str(tvb_get_ptr(tvb, offset, addrlen)));
!     offset += addrlen;
!     length -= addrlen;
! 
!     proto_tree_add_text(tree, tvb, offset, length,
!   			  "Starting Address: %s",
    			  ip_to_str(tvb_get_ptr(tvb, offset, addrlen)));
!     offset += addrlen;
!     length -= addrlen;
    }
  }
  
--- 1792,1824 ----
      offset += 2;
      length -= 2;
  
!     switch (tstype) {
!     case 7:
! 	proto_tree_add_text(tree, tvb, offset, length,
! 			  "Starting Address: %s",
! 			  ip_to_str(tvb_get_ptr(tvb, offset, addrlen)));
! 	offset += addrlen;
! 	length -= addrlen;
! 	proto_tree_add_text(tree, tvb, offset, length,
!   			  "Ending Address: %s",
    			  ip_to_str(tvb_get_ptr(tvb, offset, addrlen)));
! 	offset += addrlen;
! 	length -= addrlen;
! 	break;
!     case 8:
! 	proto_tree_add_text(tree, tvb, offset, length,
! 			  "Starting Address: %s",
! 			  ip6_to_str(tvb_get_ptr(tvb, offset, addrlen)));
! 	offset += addrlen;
! 	length -= addrlen;
! 	proto_tree_add_text(tree, tvb, offset, length,
!   			  "Ending Address: %s",
!   			  ip6_to_str(tvb_get_ptr(tvb, offset, addrlen)));
! 	offset += addrlen;
! 	length -= addrlen;
! 	break;
!     defaul:
!     }
    }
  }