contrib/ipfilter/ipsend/ipsopt.c

   1 /*      $FreeBSD$       */
   2
   3 /*
   4  * Copyright (C) 2012 by Darren Reed.
   5  *
   6  * See the IPFILTER.LICENCE file for details on licencing.
   7  *
   8  */
   9 #if !defined(lint)
  10 static const char sccsid[] = "@(#)ipsopt.c      1.2 1/11/96 (C)1995 Darren Reed";
  11 static const char rcsid[] = "@(#)$Id$";
  12 #endif
  13 #include <sys/param.h>
  14 #include <sys/types.h>
  15 #include <sys/time.h>
  16 #include <sys/socket.h>
  17 #include <netinet/in.h>
  18 #include <netinet/in_systm.h>
  19 #include <netinet/ip.h>
  20 #include <stdio.h>
  21 #include <string.h>
  22 #include <stdlib.h>
  23 #include <netinet/ip_var.h>
  24 #include <netinet/tcp.h>
  25 #include <arpa/inet.h>
  26 #include "ipsend.h"
  27
  28
  29 #ifndef __P
  30 #  define       __P(x)  x
  31 #endif
  32
  33
  34 struct ipopt_names ionames[] = {
  35         { IPOPT_EOL,    0x01,   1, "eol" },
  36         { IPOPT_NOP,    0x02,   1, "nop" },
  37         { IPOPT_RR,     0x04,   3, "rr" },      /* 1 route */
  38         { IPOPT_TS,     0x08,   8, "ts" },      /* 1 TS */
  39         { IPOPT_SECURITY, 0x08, 11, "sec-level" },
  40         { IPOPT_LSRR,   0x10,   7, "lsrr" },    /* 1 route */
  41         { IPOPT_SATID,  0x20,   4, "satid" },
  42         { IPOPT_SSRR,   0x40,   7, "ssrr" },    /* 1 route */
  43         { 0, 0, 0, NULL }       /* must be last */
  44 };
  45
  46 struct  ipopt_names secnames[] = {
  47         { IPOPT_SECUR_UNCLASS,  0x0100, 0, "unclass" },
  48         { IPOPT_SECUR_CONFID,   0x0200, 0, "confid" },
  49         { IPOPT_SECUR_EFTO,     0x0400, 0, "efto" },
  50         { IPOPT_SECUR_MMMM,     0x0800, 0, "mmmm" },
  51         { IPOPT_SECUR_RESTR,    0x1000, 0, "restr" },
  52         { IPOPT_SECUR_SECRET,   0x2000, 0, "secret" },
  53         { IPOPT_SECUR_TOPSECRET, 0x4000,0, "topsecret" },
  54         { 0, 0, 0, NULL }       /* must be last */
  55 };
  56
  57
  58 u_short ipseclevel(slevel)
  59         char *slevel;
  60 {
  61         struct ipopt_names *so;
  62
  63         for (so = secnames; so->on_name; so++)
  64                 if (!strcasecmp(slevel, so->on_name))
  65                         break;
  66
  67         if (!so->on_name) {
  68                 fprintf(stderr, "no such security level: %s\n", slevel);
  69                 return 0;
  70         }
  71         return so->on_value;
  72 }
  73
  74
  75 int addipopt(op, io, len, class)
  76         char *op;
  77         struct ipopt_names *io;
  78         int len;
  79         char *class;
  80 {
  81         struct in_addr ipadr;
  82         int olen = len, srr = 0;
  83         u_short val;
  84         u_char lvl;
  85         char *s = op, *t;
  86
  87         if ((len + io->on_siz) > 48) {
  88                 fprintf(stderr, "options too long\n");
  89                 return 0;
  90         }
  91         len += io->on_siz;
  92         *op++ = io->on_value;
  93         if (io->on_siz > 1) {
  94                 /*
  95                  * Allow option to specify RR buffer length in bytes.
  96                  */
  97                 if (io->on_value == IPOPT_RR) {
  98                         val = (class && *class) ? atoi(class) : 4;
  99                         *op++ = val + io->on_siz;
 100                         len += val;
 101                 } else
 102                         *op++ = io->on_siz;
 103                 if (io->on_value == IPOPT_TS)
 104                         *op++ = IPOPT_MINOFF + 1;
 105                 else
 106                         *op++ = IPOPT_MINOFF;
 107
 108                 while (class && *class) {
 109                         t = NULL;
 110                         switch (io->on_value)
 111                         {
 112                         case IPOPT_SECURITY :
 113                                 lvl = ipseclevel(class);
 114                                 *(op - 1) = lvl;
 115                                 break;
 116                         case IPOPT_LSRR :
 117                         case IPOPT_SSRR :
 118                                 if ((t = strchr(class, ',')))
 119                                         *t = '\0';
 120                                 ipadr.s_addr = inet_addr(class);
 121                                 srr++;
 122                                 bcopy((char *)&ipadr, op, sizeof(ipadr));
 123                                 op += sizeof(ipadr);
 124                                 break;
 125                         case IPOPT_SATID :
 126                                 val = atoi(class);
 127                                 bcopy((char *)&val, op, 2);
 128                                 break;
 129                         }
 130
 131                         if (t)
 132                                 *t++ = ',';
 133                         class = t;
 134                 }
 135                 if (srr)
 136                         s[IPOPT_OLEN] = IPOPT_MINOFF - 1 + 4 * srr;
 137                 if (io->on_value == IPOPT_RR)
 138                         op += val;
 139                 else
 140                         op += io->on_siz - 3;
 141         }
 142         return len - olen;
 143 }
 144
 145
 146 u_32_t buildopts(cp, op, len)
 147         char *cp, *op;
 148         int len;
 149 {
 150         struct ipopt_names *io;
 151         u_32_t msk = 0;
 152         char *s, *t;
 153         int inc, lastop = -1;
 154
 155         for (s = strtok(cp, ","); s; s = strtok(NULL, ",")) {
 156                 if ((t = strchr(s, '=')))
 157                         *t++ = '\0';
 158                 for (io = ionames; io->on_name; io++) {
 159                         if (strcasecmp(s, io->on_name) || (msk & io->on_bit))
 160                                 continue;
 161                         lastop = io->on_value;
 162                         if ((inc = addipopt(op, io, len, t))) {
 163                                 op += inc;
 164                                 len += inc;
 165                         }
 166                         msk |= io->on_bit;
 167                         break;
 168                 }
 169                 if (!io->on_name) {
 170                         fprintf(stderr, "unknown IP option name %s\n", s);
 171                         return 0;
 172                 }
 173         }
 174
 175         if (len & 3) {
 176                 while (len & 3) {
 177                         *op++ = ((len & 3) == 3) ? IPOPT_EOL : IPOPT_NOP;
 178                         len++;
 179                 }
 180         } else {
 181                 if (lastop != IPOPT_EOL) {
 182                         if (lastop == IPOPT_NOP)
 183                                 *(op - 1) = IPOPT_EOL;
 184                         else {
 185                                 *op++ = IPOPT_NOP;
 186                                 *op++ = IPOPT_NOP;
 187                                 *op++ = IPOPT_NOP;
 188                                 *op = IPOPT_EOL;
 189                                 len += 4;
 190                         }
 191                 }
 192         }
 193         return len;
 194 }