forked from osmocom/wireshark
Simplify the preference string allocation code. Shorten the comments,
which (as Ulf pointed out) reduces the size of the prefs file significantly. svn path=/trunk/; revision=19486
This commit is contained in:
parent
d307493eb5
commit
b07b29f711
|
@ -189,7 +189,6 @@ struct ipcomp {
|
|||
#ifdef HAVE_LIBGCRYPT
|
||||
/* SA Paramaters and SAD */
|
||||
static guint g_esp_nb_sa = IPSEC_NB_SA;
|
||||
static guint g_max_esp_size_nb_sa = 3;
|
||||
static guint g_max_esp_nb_sa = 100;
|
||||
|
||||
typedef struct {
|
||||
|
@ -2536,7 +2535,15 @@ proto_register_ipsec(void)
|
|||
};
|
||||
|
||||
#ifdef HAVE_LIBGCRYPT
|
||||
char *str_sa_num;
|
||||
GString *name_str, *title_str;
|
||||
|
||||
#define PREF_STR_INIT() \
|
||||
name_str = g_string_new(""); \
|
||||
title_str = g_string_new("")
|
||||
|
||||
#define PREF_STR_FREE() \
|
||||
g_string_free(name_str, FALSE); \
|
||||
g_string_free(title_str, FALSE)
|
||||
|
||||
static enum_val_t esp_encryption_algo[] = {
|
||||
|
||||
|
@ -2629,104 +2636,77 @@ proto_register_ipsec(void)
|
|||
"Number of Security Associations in the SAD",
|
||||
10, &g_esp_nb_sa); */
|
||||
|
||||
str_sa_num = (char *) g_malloc (g_max_esp_size_nb_sa + 1);
|
||||
|
||||
for (i = 0; i < g_esp_nb_sa; i++)
|
||||
{
|
||||
char *str_sa, *str_sa_comment;
|
||||
char *str_encryption_algorithm, *str_encryption_algorithm_comment;
|
||||
char *str_authentication_algorithm, *str_authentication_algorithm_comment;
|
||||
char *str_encryption_key, *str_encryption_key_comment;
|
||||
char *str_authentication_key, *str_authentication_key_comment;
|
||||
|
||||
if (i >= g_max_esp_nb_sa)
|
||||
{
|
||||
break;
|
||||
}
|
||||
g_snprintf(str_sa_num, g_max_esp_size_nb_sa + 1, "%i", i + 1);
|
||||
|
||||
str_sa = (char *) g_malloc(3 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_sa,3 + g_max_esp_size_nb_sa + 2,"%s%s","sa_",str_sa_num);
|
||||
str_sa_comment = (char *) g_malloc(4 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_sa_comment,4 + g_max_esp_size_nb_sa + 2,"%s%s","SA #",str_sa_num);
|
||||
PREF_STR_INIT();
|
||||
g_string_sprintf(name_str,"sa_%d", i + 1);
|
||||
g_string_sprintf(title_str,"SA #%d", i + 1);
|
||||
|
||||
prefs_register_string_preference(esp_module, str_sa,
|
||||
str_sa_comment,
|
||||
"This field uses the following syntax : \042Protocol|Source Address|Destination Adress|SPI\042. "
|
||||
"<Protocol>: either IPv4, IPv6 (upper and/or lowercase letters). <SPI> : the Security Parameter Index "
|
||||
"of the Security Association. You may indicate it in decimal (ex: 123) or in hexadecimal (ex: 0x45). "
|
||||
"The special keywords '*' may be used to match any SPI. Nevertheless, if you use more than one '*', "
|
||||
"it will restrict the length of the SPI in decimal to as many '*' as indicated. For example '**' will "
|
||||
"match 23 but not 234. 234 will be match by '***'. No checking will be done on the SPI value. Thus you"
|
||||
"have to take into account that the SPI is 4 bytes length. <Addresses> : In this field we may have IPv6 "
|
||||
"or IPv4 address. Any address is a combination of an address or a prefix and a Prefixlen/Netmask separated "
|
||||
"by '/'. You may omit the Prefixlen/Netmask, assuming that the Address is 128 bits length for IPv6 and 32 "
|
||||
"bits length for IPv4. The character '*' used at the Prefixlen/Netmask position will be as if you had omit it."
|
||||
" <IPv6 Addresses> : Any valid IPv6 address is accepted. ex: 3FFE::1/128, 3FFE:4:5:6666::/64, ::1/128, 3FFE:4::5 ."
|
||||
"If your address is incorrect and longer than 16 bytes, only the last 16 bytes will be taken into account. You also "
|
||||
"may use the special character '*' to indicate any 4 bits block. ie : 3ffe::45*6. If you use only one '*' in the "
|
||||
"Address field it will accept any IPv6 address. <IPv4 Addresses> : Any valid IPv4 address is accepted."
|
||||
" ex : 190.0.0.1/24, 10.0.0.2 .You also may use the special character '*' to indicate any 8 bits block."
|
||||
" ie : 190.*.*.3. If you use only one '*' in the Address field it will accept any IPv4 address. No checking "
|
||||
"of correct IPv4 address will be done. For example 456.345.567.890 will be accepted. Thus you have to take care "
|
||||
"about what you write. Nevertheless only 3 characters will be taken into account for one byte. "
|
||||
"Ex : 190.0.0.0184 will not be considered correct. (Instead a kind of LRU Mechanism will be used and the address taken into "
|
||||
"account will be 190.0.0.418). Moreover only the four first values will be used (Ie 190.0.0.12.13 will be considered as 190.0.0.12).",
|
||||
&g_esp_sad.table[i].sa);
|
||||
prefs_register_string_preference(esp_module, name_str->str, title_str->str,
|
||||
"SA identifier. Must have the form "
|
||||
"\"Protocol|Source Address|Destination Adress|SPI\". "
|
||||
"Example: \"IPv4|192.168.0.45|10.1.2.7|*\" "
|
||||
"See the ESP Preferences page on the Wireshark wiki "
|
||||
"(http://wiki.wireshark.org/ESP_Preferences) for "
|
||||
"more details.",
|
||||
&g_esp_sad.table[i].sa);
|
||||
PREF_STR_FREE();
|
||||
|
||||
|
||||
str_encryption_algorithm = (char *) g_malloc(21 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_encryption_algorithm,21 + g_max_esp_size_nb_sa + 2,"%s%s","encryption_algorithm_",str_sa_num);
|
||||
str_encryption_algorithm_comment = (char *) g_malloc(22 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_encryption_algorithm_comment,22 + g_max_esp_size_nb_sa + 2,"%s%s","Encryption Algorithm #",str_sa_num);
|
||||
PREF_STR_INIT();
|
||||
g_string_sprintf(name_str, "encryption_algorithm_%d", i + 1);
|
||||
g_string_sprintf(title_str, "Encryption Algorithm #%d", i + 1);
|
||||
|
||||
prefs_register_enum_preference(esp_module, str_encryption_algorithm,
|
||||
str_encryption_algorithm_comment,
|
||||
"According to RFC 4305 Encryption Algorithms Requirements are the following : NULL (MUST), TripleDES-CBC [RFC2451] (MUST-), AES-CBC [RFC3602] (SHOULD+), AES-CTR [RFC3686] (SHOULD), DES-CBC [RFC2405] (SHOULD NOT). It will also decrypt BLOWFISH-CBC [RFC2451] and TWOFISH-CBC",
|
||||
&g_esp_sad.table[i].encryption_algo, esp_encryption_algo, FALSE);
|
||||
prefs_register_enum_preference(esp_module, name_str->str, title_str->str,
|
||||
"Encryption algorithm",
|
||||
&g_esp_sad.table[i].encryption_algo, esp_encryption_algo, FALSE);
|
||||
PREF_STR_FREE();
|
||||
|
||||
str_authentication_algorithm = (char *) g_malloc(25 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_authentication_algorithm,25 + g_max_esp_size_nb_sa + 2,"%s%s","authentication_algorithm_",str_sa_num);
|
||||
PREF_STR_INIT();
|
||||
g_string_sprintf(name_str, "authentication_algorithm_%d", i + 1);
|
||||
g_string_sprintf(title_str, "Authentication Algorithm #%d", i + 1);
|
||||
|
||||
str_authentication_algorithm_comment = (char *) g_malloc(26 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_authentication_algorithm_comment,26 + g_max_esp_size_nb_sa + 2,"%s%s","Authentication Algorithm #",str_sa_num);
|
||||
|
||||
prefs_register_enum_preference(esp_module, str_authentication_algorithm,
|
||||
str_authentication_algorithm_comment,
|
||||
"According to RFC 4305 Authentication Algorithms Requirements are the following : HMAC-SHA1-96 [RFC2404] (MUST), NULL (MUST), AES-XCBC-MAC-96 [RFC3566] (SHOULD+/Not Available), HMAC-MD5-96 [RFC2403] (MAY). It will also Check authentication for HMAC-SHA256",
|
||||
&g_esp_sad.table[i].authentication_algo, esp_authentication_algo, FALSE);
|
||||
prefs_register_enum_preference(esp_module, name_str->str, title_str->str,
|
||||
"Authentication algorithm",
|
||||
&g_esp_sad.table[i].authentication_algo, esp_authentication_algo, FALSE);
|
||||
PREF_STR_FREE();
|
||||
|
||||
|
||||
str_encryption_key = (char *) g_malloc(15 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_encryption_key,15 + g_max_esp_size_nb_sa + 2,"%s%s","encryption_key_",str_sa_num);
|
||||
PREF_STR_INIT();
|
||||
g_string_sprintf(name_str, "encryption_key_%d", i + 1);
|
||||
g_string_sprintf(title_str, "Encryption Key #", i + 1);
|
||||
|
||||
str_encryption_key_comment = (char *) g_malloc(16 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_encryption_key_comment,16 + g_max_esp_size_nb_sa + 2,"%s%s","Encryption Key #",str_sa_num);
|
||||
|
||||
prefs_register_string_preference(esp_module, str_encryption_key,
|
||||
str_encryption_key_comment,
|
||||
"The key sizes supported are the following : [TripleDES-CBC] : 192 bits. [AES-CBC] : 128/192/256 bits. [AES-CTR] : 160/224/288 bits. The remaining 32 bits will be used as nonce. [DES-CBC] : 64 bits. [BLOWFISH-CBC] : 128 bits. [TWOFISH-CBC] : 128/256 bits."
|
||||
"Keys may be written in Ascii or in Hexadecimal beginning with 0x.",
|
||||
&g_esp_sad.table[i].encryption_key);
|
||||
prefs_register_string_preference(esp_module, name_str->str, title_str->str,
|
||||
"Encryption key. May be ASCII or hexadecimal (if "
|
||||
"prepended with 0x)."
|
||||
"See the ESP Preferences page on the Wireshark wiki "
|
||||
"(http://wiki.wireshark.org/ESP_Preferences) for "
|
||||
"supported sizes.",
|
||||
&g_esp_sad.table[i].encryption_key);
|
||||
PREF_STR_FREE();
|
||||
|
||||
|
||||
str_authentication_key = (char *) g_malloc(19 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_authentication_key,19 + g_max_esp_size_nb_sa + 2,"%s%s","authentication_key_",str_sa_num);
|
||||
PREF_STR_INIT();
|
||||
g_string_sprintf(name_str, "authentication_key_%d", i + 1);
|
||||
g_string_sprintf(title_str, "Authentication Key #%d", i + 1);
|
||||
|
||||
str_authentication_key_comment = (char *)g_malloc(20 + g_max_esp_size_nb_sa + 2);
|
||||
g_snprintf(str_authentication_key_comment,21 + g_max_esp_size_nb_sa + 2,"%s%s","Authentication Key #",str_sa_num);
|
||||
|
||||
prefs_register_string_preference(esp_module, str_authentication_key,
|
||||
str_authentication_key_comment,
|
||||
"The key sizes supported are the following : [HMAC-SHA1-96] : Any. [HMAC-SHA256] : Any. [HMAC-MD5] : Any."
|
||||
"Keys may be written in Ascii or in Hexadecimal beginning with 0x."
|
||||
,
|
||||
&g_esp_sad.table[i].authentication_key);
|
||||
prefs_register_string_preference(esp_module, name_str->str, title_str->str,
|
||||
"Authentication key. May be ASCII or hexadecimal (if "
|
||||
"prepended with 0x)."
|
||||
"See the ESP Preferences page on the Wireshark wiki "
|
||||
"(http://wiki.wireshark.org/ESP_Preferences) for "
|
||||
"supported sizes.",
|
||||
&g_esp_sad.table[i].authentication_key);
|
||||
PREF_STR_FREE();
|
||||
|
||||
}
|
||||
|
||||
g_free(str_sa_num);
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
|
|
Loading…
Reference in New Issue