print-krb.c revision 26180 
117680Spst/*
239300Sfenner * Copyright (c) 1995, 1996
317680Spst *	The Regents of the University of California.  All rights reserved.
417680Spst *
517680Spst * Redistribution and use in source and binary forms, with or without
617680Spst * modification, are permitted provided that: (1) source code distributions
717680Spst * retain the above copyright notice and this paragraph in its entirety, (2)
817680Spst * distributions including binary code include the above copyright notice and
917680Spst * this paragraph in its entirety in the documentation or other materials
1017680Spst * provided with the distribution, and (3) all advertising materials mentioning
1117680Spst * features or use of this software display the following acknowledgement:
1217680Spst * ``This product includes software developed by the University of California,
1317680Spst * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
1417680Spst * the University nor the names of its contributors may be used to endorse
1517680Spst * or promote products derived from this software without specific prior
1617680Spst * written permission.
1717680Spst * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
1817680Spst * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
1917680Spst * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
2056896Sfenner *
2156896Sfenner * Initial contribution from John Hawkinson (jhawk@mit.edu).
2217680Spst */
2317680Spst
2417680Spst#ifndef lint
25127675Sbmsstatic const char rcsid[] =
26190207Srpaulo    "@(#) $Header: print-krb.c,v 1.8 96/12/10 23:17:39 leres Exp $";
2717680Spst#endif
2817680Spst
2956896Sfenner#include <sys/param.h>
3056896Sfenner#include <sys/time.h>
3156896Sfenner#include <sys/socket.h>
3256896Sfenner
33127675Sbms#include <netinet/in.h>
3417680Spst#include <netinet/in_systm.h>
3517680Spst#include <netinet/ip.h>
3617680Spst#include <netinet/ip_var.h>
3717680Spst#include <netinet/udp.h>
38146778Ssam#include <netinet/udp_var.h>
3917680Spst
4075118Sfenner#include <ctype.h>
4117680Spst#include <errno.h>
4217680Spst#include <stdio.h>
4317680Spst
4475118Sfenner#include "interface.h"
4575118Sfenner#include "addrtoname.h"
4675118Sfenner
4775118Sfennerconst u_char *c_print(register const u_char *, register const u_char *);
4875118Sfennerconst u_char *krb4_print_hdr(const u_char *);
4975118Sfennervoid krb4_print(const u_char *);
5075118Sfennervoid krb_print(const u_char *, u_int);
5175118Sfenner
5275118Sfenner
5375118Sfenner#define AUTH_MSG_KDC_REQUEST			1<<1
54190207Srpaulo#define AUTH_MSG_KDC_REPLY			2<<1
55190207Srpaulo#define AUTH_MSG_APPL_REQUEST			3<<1
56190207Srpaulo#define AUTH_MSG_APPL_REQUEST_MUTUAL		4<<1
57190207Srpaulo#define AUTH_MSG_ERR_REPLY			5<<1
58190207Srpaulo#define AUTH_MSG_PRIVATE			6<<1
59190207Srpaulo#define AUTH_MSG_SAFE				7<<1
60190207Srpaulo#define AUTH_MSG_APPL_ERR			8<<1
61190207Srpaulo#define AUTH_MSG_DIE				63<<1
62190207Srpaulo
63190207Srpaulo#define KERB_ERR_OK				0
64190207Srpaulo#define KERB_ERR_NAME_EXP			1
65190207Srpaulo#define KERB_ERR_SERVICE_EXP			2
66190207Srpaulo#define KERB_ERR_AUTH_EXP			3
67190207Srpaulo#define KERB_ERR_PKT_VER			4
68190207Srpaulo#define KERB_ERR_NAME_MAST_KEY_VER		5
69190207Srpaulo#define KERB_ERR_SERV_MAST_KEY_VER		6
70190207Srpaulo#define KERB_ERR_BYTE_ORDER			7
71190207Srpaulo#define KERB_ERR_PRINCIPAL_UNKNOWN		8
72190207Srpaulo#define KERB_ERR_PRINCIPAL_NOT_UNIQUE		9
73190207Srpaulo#define KERB_ERR_NULL_KEY			10
74190207Srpaulo
7575118Sfennerstruct krb {
7675118Sfenner    u_char pvno;		/* Protocol Version */
7775118Sfenner    u_char type;		/* Type+B */
7875118Sfenner};
7975118Sfenner
8075118Sfennerstatic char tstr[] = " [|kerberos]";
8175118Sfenner
8275118Sfennerstatic struct tok type2str[] = {
8375118Sfenner    { AUTH_MSG_KDC_REQUEST,		"KDC_REQUEST" },
8475118Sfenner    { AUTH_MSG_KDC_REPLY,		"KDC_REPLY" },
85111729Sfenner    { AUTH_MSG_APPL_REQUEST,		"APPL_REQUEST" },
86111729Sfenner    { AUTH_MSG_APPL_REQUEST_MUTUAL,	"APPL_REQUEST_MUTUAL" },
87111729Sfenner    { AUTH_MSG_ERR_REPLY,		"ERR_REPLY" },
88111729Sfenner    { AUTH_MSG_PRIVATE,			"PRIVATE" },
8975118Sfenner    { AUTH_MSG_SAFE,			"SAFE" },
9075118Sfenner    { AUTH_MSG_APPL_ERR,		"APPL_ERR" },
9175118Sfenner    { AUTH_MSG_DIE,			"DIE" },
9275118Sfenner    { 0,				NULL }
93127675Sbms};
94190207Srpaulo
95190207Srpaulostatic struct tok kerr2str[] = {
96127675Sbms    { KERB_ERR_OK,			"OK" },
97127675Sbms    { KERB_ERR_NAME_EXP,		"NAME_EXP" },
9898527Sfenner    { KERB_ERR_SERVICE_EXP,		"SERVICE_EXP" },
9998527Sfenner    { KERB_ERR_AUTH_EXP,		"AUTH_EXP" },
10098527Sfenner    { KERB_ERR_PKT_VER,			"PKT_VER" },
10198527Sfenner    { KERB_ERR_NAME_MAST_KEY_VER,	"NAME_MAST_KEY_VER" },
10275118Sfenner    { KERB_ERR_SERV_MAST_KEY_VER,	"SERV_MAST_KEY_VER" },
103190207Srpaulo    { KERB_ERR_BYTE_ORDER,		"BYTE_ORDER" },
104190207Srpaulo    { KERB_ERR_PRINCIPAL_UNKNOWN,	"PRINCIPAL_UNKNOWN" },
105190207Srpaulo    { KERB_ERR_PRINCIPAL_NOT_UNIQUE,	"PRINCIPAL_NOT_UNIQUE" },
106190207Srpaulo    { KERB_ERR_NULL_KEY,		"NULL_KEY"},
107190207Srpaulo    { 0,				NULL}
108190207Srpaulo};
109190207Srpaulo
110190207Srpaulo
111190207Srpaulo/* little endian (unaligned) to host byte order */
112190207Srpaulo/* XXX need to look at this... */
113190207Srpaulo#define vtohlp(x)	    ((( ((char *)(x))[0] )      )  | \
114190207Srpaulo			     (( ((char *)(x))[1] ) <<  8)  | \
115190207Srpaulo			     (( ((char *)(x))[2] ) << 16)  | \
116190207Srpaulo			     (( ((char *)(x))[3] ) << 24))
117190207Srpaulo#define vtohsp(x)          ((( ((char *)(x))[0] )      )  | \
118190207Srpaulo			     (( ((char *)(x))[1] ) <<  8))
119190207Srpaulo/* network (big endian) (unaligned) to host byte order */
120190207Srpaulo#define ntohlp(x)	    ((( ((char *)(x))[3] )      )  | \
121190207Srpaulo			     (( ((char *)(x))[2] ) <<  8)  | \
122190207Srpaulo			     (( ((char *)(x))[1] ) << 16)  | \
123190207Srpaulo			     (( ((char *)(x))[0] ) << 24))
124190207Srpaulo#define ntohsp(x)          ((( ((char *)(x))[1] )      )  | \
125190207Srpaulo			     (( ((char *)(x))[0] ) <<  8))
126127675Sbms
127127675Sbms
128127675Sbms
129127675Sbmsconst u_char *
130127675Sbmsc_print(register const u_char *s, register const u_char *ep)
131127675Sbms{
132127675Sbms	register u_char c;
133127675Sbms	register int flag;
134127675Sbms
135190207Srpaulo	flag = 1;
136190207Srpaulo	while (ep == NULL || s < ep) {
137190207Srpaulo		c = *s++;
138190207Srpaulo		if (c == '\0') {
139190207Srpaulo			flag = 0;
140190207Srpaulo			break;
141190207Srpaulo		}
142190207Srpaulo		if (!isascii(c)) {
143190207Srpaulo			c = toascii(c);
144190207Srpaulo			putchar('M');
145190207Srpaulo			putchar('-');
146190207Srpaulo		}
147127675Sbms		if (!isprint(c)) {
148127675Sbms			c ^= 0x40;	/* DEL to ?, others to alpha */
149127675Sbms			putchar('^');
150127675Sbms		}
151127675Sbms		putchar(c);
152127675Sbms	}
153127675Sbms	if (flag)
154127675Sbms		return NULL;
155127675Sbms	return(s);
156127675Sbms}
157127675Sbms
158127675Sbmsconst u_char *
159127675Sbmskrb4_print_hdr(const u_char *cp)
160127675Sbms{
161190207Srpaulo	cp+=2;
162127675Sbms
163190207Srpaulo#define PRINT		if ((cp=c_print(cp, snapend))==NULL) goto trunc
164127675Sbms
165127675Sbms	TCHECK2(cp, 0);
166190207Srpaulo	PRINT;
167127675Sbms	TCHECK2(cp, 0);
168190207Srpaulo	putchar('.'); PRINT;
169127675Sbms	TCHECK2(cp, 0);
170190207Srpaulo	putchar('@'); PRINT;
171127675Sbms	return(cp);
172190207Srpaulo
173190207Srpaulotrunc:
174127675Sbms	fputs(tstr, stdout);
175127675Sbms	return(NULL);
176127675Sbms
177127675Sbms#undef PRINT
178127675Sbms}
179127675Sbms
180127675Sbmsvoid
181127675Sbmskrb4_print(const u_char *cp)
182127675Sbms{
183127675Sbms	register const struct krb *kp;
18417680Spst	u_char type;
18517680Spst	u_short len;
186127675Sbms
187146778Ssam#define PRINT		if ((cp=c_print(cp, snapend))==NULL) goto trunc
188146778Ssam/*  True if struct krb is little endian */
189127675Sbms#define IS_LENDIAN(kp)	(((kp)->type & 0x01) != 0)
190127675Sbms#define KTOHSP(kp, cp)	(IS_LENDIAN(kp) ? vtohsp(cp) : ntohsp(cp))
191127675Sbms
192146778Ssam	kp = (struct krb *)cp;
193127675Sbms
194190207Srpaulo	if ((&kp->type) >= snapend) {
195146778Ssam		fputs(tstr, stdout);
196146778Ssam		return;
197190207Srpaulo	}
198127675Sbms
199127675Sbms	type = kp->type & (0xFF << 1);
200127675Sbms
201127675Sbms	printf(" %s %s: ",
202146778Ssam	    IS_LENDIAN(kp) ? "le" : "be", tok2str(type2str, NULL, type));
203146778Ssam
204127675Sbms	switch (type) {
205127675Sbms
206127675Sbms	case AUTH_MSG_KDC_REQUEST:
207127675Sbms		if ((cp = krb4_print_hdr(cp)) == NULL)
208127675Sbms			return;
209146778Ssam		 cp += 4; 	  /* ctime */
210127675Sbms		 TCHECK2(cp, 0);
211127675Sbms		 printf(" %dmin ", *cp++ * 5);
212127675Sbms		 TCHECK2(cp, 0);
213127675Sbms		 PRINT;
214127675Sbms		 TCHECK2(cp, 0);
215190207Srpaulo		 putchar('.');  PRINT;
216190207Srpaulo		 break;
217146778Ssam
218127675Sbms	case AUTH_MSG_APPL_REQUEST:
219127675Sbms		cp += 2;
220127675Sbms		TCHECK2(cp, 0);
221190207Srpaulo		printf("v%d ", *cp++);
222190207Srpaulo		TCHECK2(cp, 0);
223190207Srpaulo		PRINT;
224190207Srpaulo		TCHECK2(cp, 0);
225127675Sbms		printf(" (%d)", *cp++);
226190207Srpaulo		TCHECK2(cp, 0);
227190207Srpaulo		printf(" (%d)", *cp);
228190207Srpaulo		TCHECK2(cp, 0);
229190207Srpaulo		break;
230190207Srpaulo
231190207Srpaulo	case AUTH_MSG_KDC_REPLY:
232190207Srpaulo		if ((cp = krb4_print_hdr(cp)) == NULL)
233190207Srpaulo			return;
234190207Srpaulo		cp += 10;	/* timestamp + n + exp + kvno */
235190207Srpaulo		TCHECK2(cp, 0);
236190207Srpaulo		len = KTOHSP(kp, cp);
237190207Srpaulo		printf(" (%d)", len);
238190207Srpaulo		TCHECK2(cp, 0);
239127675Sbms		break;
240190207Srpaulo
241190207Srpaulo	case AUTH_MSG_ERR_REPLY:
242190207Srpaulo		if ((cp = krb4_print_hdr(cp)) == NULL)
243190207Srpaulo			return;
244190207Srpaulo		cp += 4; 	  /* timestamp */
245190207Srpaulo		TCHECK2(cp, 0);
246127675Sbms		printf(" %s ", tok2str(kerr2str, NULL, KTOHSP(kp, cp)));
247127675Sbms		cp += 4;
248127675Sbms		TCHECK2(cp, 0);
249190207Srpaulo		PRINT;
250190207Srpaulo		break;
251146778Ssam
252190207Srpaulo	default:
253127675Sbms		fputs("(unknown)", stdout);
254146778Ssam		break;
255127675Sbms	}
256190207Srpaulo
257127675Sbms	return;
258127675Sbmstrunc:
259127675Sbms	fputs(tstr, stdout);
260190207Srpaulo}
261190207Srpaulo
262190207Srpaulovoid
263127675Sbmskrb_print(const u_char *dat, u_int length)
264127675Sbms{
265127675Sbms	register const struct krb *kp;
266190207Srpaulo
267190207Srpaulo	kp = (struct krb *)dat;
268127675Sbms
269146778Ssam	if (dat >= snapend) {
270190207Srpaulo		fputs(tstr, stdout);
271127675Sbms		return;
272127675Sbms	}
273127675Sbms
274127675Sbms	switch (kp->pvno) {
275190207Srpaulo
276127675Sbms	case 1:
277190207Srpaulo	case 2:
278127675Sbms	case 3:
279127675Sbms		printf(" v%d", kp->pvno);
280190207Srpaulo		break;
281190207Srpaulo
282127675Sbms	case 4:
283127675Sbms		printf(" v%d", kp->pvno);
284127675Sbms		krb4_print((const u_char *)kp);
285146778Ssam		break;
286127675Sbms
287127675Sbms	case 106:
288190207Srpaulo	case 107:
289190207Srpaulo		fputs(" v5", stdout);
290190207Srpaulo		/* Decode ASN.1 here "someday" */
291190207Srpaulo		break;
292190207Srpaulo	}
293127675Sbms	return;
294190207Srpaulo}
295127675Sbms