initial

author: Root THC 2026-02-24 12:42:47 +0000
committer: Root THC 2026-02-24 12:42:47 +0000
commit: c9cbeced5b3f2bdd7407e29c0811e65954132540 (patch)
tree: aefc355416b561111819de159ccbd86c3004cf88 /other/b-scan/tmp/src/network_raw.c
parent: 073fe4bf9fca6bf40cef2886d75df832ef4b6fca (diff)
1 files changed, 497 insertions, 0 deletions
diff --git a/other/b-scan/tmp/src/network_raw.c b/other/b-scan/tmp/src/network_raw.c
new file mode 100644
index 0000000..1b87eaa
--- /dev/null
+++ b/other/b-scan/tmp/src/network_raw.c
@@ -0,0 +1,497 @@
+/*
+ * raw network routines
+ * libnet based (not yet ..but maybe in the future :>
+ */
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+#ifndef __FAVOR_BSD
+#define __FAVOR_BSD
+#endif
+#ifndef __USE_BSD
+#define __USE_BSD
+#endif
+#ifndef __BSD_SOURCE
+#define __BSD_SOURCE
+#endif
+#include <libnet.h>
+#include <bscan/network_raw.h>
+static int netraw_lrand = 0;
+#define LAME_RANDOM     (netraw_lrand = (netraw_lrand + (netraw_lrand>>1)))
+/*
+ * init all the network_raw stuff
+ * return 0 on success, -1 on error
+ */
+int
+init_network_raw ()
+{
+    /* seeded by init_vars/bscan.c */
+    netraw_lrand = 1 + (int) (65335.0 * rand () / (RAND_MAX + 1.0));
+    return (0);
+}
+/*
+ * calc. checksum WITH carry flag.
+ * call cksum = CKSUM_CARRY(sum);
+ * we calculate only the initial checksum here.
+ * we can use the result for all further packets
+ */
+int
+in_cksum (unsigned short *addr, int len)
+{
+    int nleft = len;
+    int sum = 0;
+    u_short *w = addr;
+    u_short answer = 0;
+    while (nleft > 1)
+    {
+        sum += *w++;
+        nleft -= 2;
+    }
+    if (nleft == 1)             /* padding */
+    {
+        *(u_char *) (&answer) = *(u_char *) w;
+        sum += answer;
+    }
+    return (sum);
+}
+/*
+ * add ICMP_ECHO or ICMP_TSTAMP
+ * len = len of payload
+ * add ICMP-header to pkt
+ */
+void
+add_icmpping (unsigned char *pkt, int len, int which)
+{
+    struct icmp *icmp = (struct icmp *) pkt;
+    int sum;
+    struct timeval tv;
+    memset (icmp, 0, sizeof (*icmp));   /* sizeof(*icmp) = 28 */
+    if (which == ICMP_ECHO)
+      {
+        icmp->icmp_type = ICMP_ECHO;
+      }
+    else if (which == ICMP_TSTAMP)
+      {
+        if (len < 13)
+          printf ("packet too small for timestamp request, lets blast the packets out anyway\n");
+        icmp->icmp_type = ICMP_TSTAMP;
+      }
+    else
+      printf ("Your kung-fu is bad!\n"); 
+    icmp->icmp_hun.ih_idseq.icd_id = LAME_RANDOM;
+    gettimeofday (&tv, NULL);
+    memcpy (icmp->icmp_dun.id_data, &tv, sizeof (tv));
+    sum = in_cksum ((u_short *) icmp, ICMP_SIZE + len);
+    icmp->icmp_cksum = CKSUM_CARRY (sum);
+}
+/*
+ * add udp-header [no checksum]
+ * len = len of payload
+ */
+void
+add_udphdr(unsigned char *pkt, struct net_tuple *nt, int len)
+{
+    struct udphdr udp;
+    memset(&udp, 0, sizeof(udp));
+    udp.uh_sport = nt->sport;
+    udp.uh_dport = nt->dport;
+    udp.uh_ulen = htons(len + UDP_SIZE);
+    udp.uh_sum = 0;     /* no checksum !*/
+    memcpy(pkt, &udp, sizeof(udp));
+}
+/*
+ * len = len of payload
+ */
+void
+add_tcphdr (unsigned char *pkt, struct net_tuple *nt, uint8_t flags, int len,
+            tcp_seq * seq, tcp_seq * ack)
+{
+    struct tcphdr tcp;
+    struct tcphdr *tcpptr;
+    struct _fakehead fakehead;
+    int sum;
+    memset (&tcp, 0, sizeof (tcp));
+    memset (&fakehead, 0, sizeof (fakehead));
+    tcp.th_dport = nt->dport;
+    tcp.th_sport = nt->sport;
+    fakehead.saddr = nt->src;
+    fakehead.daddr = nt->dst;
+    fakehead.zero = 0;
+    fakehead.protocol = IPPROTO_TCP;
+    fakehead.tot_len = htons (TCP_SIZE + len);
+    sum = in_cksum ((u_short *) & fakehead, sizeof (fakehead));
+    tcp.th_off = TCP_SIZE >> 2;
+    if (seq != NULL)
+        tcp.th_seq = *seq;
+    else
+        tcp.th_seq = LAME_RANDOM;
+    if (ack != NULL)
+        tcp.th_ack = *ack;
+    tcp.th_flags |= flags;      /* ADD the flags */
+    tcp.th_win = htons (0x3fff);
+    memcpy (pkt, &tcp, sizeof (tcp));
+    sum += in_cksum ((u_short *) pkt, sizeof (tcp) + len);
+    tcpptr = (struct tcphdr *)pkt;
+    tcpptr->th_sum = CKSUM_CARRY (sum);
+}
+/*
+ * add's ipv4-header of 20 bytes without any options
+ * - IPPROTO_TCP and 40 bytes total length
+ */
+void
+add_iphdr (unsigned char *pkt, uint8_t ip_p, struct net_tuple *nt, int len)
+{
+    struct ip ip;
+    memset (&ip, 0, IP_SIZE);
+    ip.ip_hl = sizeof (ip) >> 2;
+    ip.ip_v = 4;
+    /*ip->tos = 0; */
+    ip.ip_len = htons (len + IP_SIZE);  /* htons ? */
+    /*ip->id = 0;                  done by kernel */
+    /*ip->frag_off = 0; */
+    ip.ip_ttl = 0xff;
+    ip.ip_p = ip_p;
+    /*.ip->check = 0;      done by kernel */
+    ip.ip_src.s_addr = nt->src;
+    ip.ip_dst.s_addr = nt->dst;
+    memcpy (pkt, &ip, sizeof (ip));
+}
+/*
+ * send out ipv4-packet
+ * with data 'pkt' of length 'len'
+ * returns the number of characters sent, or -1 if an error occured
+ */
+int
+send_ipv4 (int sox, u_char * pkt, size_t len)
+{
+    struct sockaddr_in to;
+    to.sin_family = AF_INET;
+    memcpy (&to.sin_addr.s_addr, (pkt + 4 * 4), sizeof (u_long));
+    return (sendto (sox, pkt, len, 0, (struct sockaddr *) &to, sizeof (to)));
+}
+/*
+ * small/lame tcp userland stack
+ * give 'best' tcp-answer to a tcp-packet
+ * return 0 on success
+ * payload + len are optional
+ */
+int
+answer_tcp (int sox, struct ip *ip, struct tcphdr *tcp, uint8_t flags,
+            u_char * payload, uint len)
+{
+    static u_char *outpkt = NULL;
+    static int msize = 0;
+    struct net_tuple nt;
+    tcp_seq outack;
+    if (TCP_SIZE + IP_SIZE + len > msize)
+    {
+        outpkt = realloc (outpkt, TCP_SIZE + IP_SIZE + len);
+        msize = TCP_SIZE + IP_SIZE + len;
+    }
+    if (outpkt == NULL)
+        return (-1);
+    if (ip == NULL)
+        return (-1);
+    if (tcp == NULL)
+        return (-1);
+    memset (outpkt, 0, TCP_SIZE + IP_SIZE + len);
+    nt.sport = tcp->th_dport;
+    nt.dport = tcp->th_sport;
+    nt.src = ip->ip_dst.s_addr;
+    nt.dst = ip->ip_src.s_addr;
+    if (payload != NULL)
+        memcpy (outpkt + TCP_SIZE + IP_SIZE, payload, len);
+    outack = ntohl (tcp->th_seq) + ntohs (ip->ip_len) - (tcp->th_off << 2) -
+        (ip->ip_hl << 2);
+    if (tcp->th_flags & (TH_SYN | TH_FIN))
+        outack++;
+    outack = htonl (outack);
+    add_tcphdr (outpkt + IP_SIZE, &nt, flags, len, &tcp->th_ack, &outack);
+    add_iphdr (outpkt, IPPROTO_TCP, &nt, TCP_SIZE + len);
+    send_ipv4 (sox, outpkt, IP_SIZE + TCP_SIZE + len);
+    return (0);
+}
+/*
+ * return 0 if ip-header is valid [length only]
+ * len = length from the begin of the ip-header [20 for normal ip header]
+ */
+int
+vrfy_ip (struct ip *ip, uint32_t len, u_short * ip_options)
+{
+    u_short _ip_options;
+    if (len < sizeof (*ip))
+        return (-1);
+    _ip_options = ip->ip_hl << 2;
+    if (_ip_options > len)
+        return (-1);
+    if (_ip_options > 0xefff)
+        return -1;
+    if (_ip_options < sizeof (*ip))
+        _ip_options = 0;
+    else
+        _ip_options -= sizeof (*ip);
+    *ip_options = _ip_options;
+    return (0);
+}
+/*
+ * len = len of tcp-header + tcp_options + tcp_data (from wire).
+ * returns 0 if tcp-header is valid [length check only]
+ * returns options
+ * != 0 if something went wrong [header size etc]
+ */
+int
+vrfy_tcp (struct tcphdr *tcp, uint32_t plen, u_short * tcp_options)
+{
+    u_short _tcp_options;
+    if (plen < sizeof (*tcp))
+        return (-1);
+    _tcp_options = tcp->th_off << 2;
+    if (_tcp_options > plen)
+        return (-1);
+    if (_tcp_options > 0xefff)   /* this is quite to large for me */
+        return -1;
+    if (_tcp_options <= sizeof (*tcp))
+        _tcp_options = 0;
+    else
+        _tcp_options -= sizeof (*tcp);
+    *tcp_options = _tcp_options;
+    return (0);
+}
+int 
+vrfy_udp (struct udphdr *udp, uint32_t len)
+{
+    if (len < sizeof(*udp))
+        return (-1);
+    return (0);
+}
+/*
+ * decode NetworkVirtualTerminal Data 
+ * data = the raw (nvt)-input
+ * len = length of 'data'
+ * ans = the nvt-answer (IAC don't)
+ * anslen = the calculated anser length
+ * res = the decoded nvt data (login: prompt etc)
+ * reslen = the calculates decoded data length
+ * All parameters must be given (NULL is not allowed)
+ * and initialized
+ * return -1 on failure
+ * return 0 on success
+ * rfc-will: anslen, reslen < len
+ */
+#define IACFOUND        0x01
+#define DOFOUND         0x02
+#define UNKNOWNOPT      0x04
+#define SUBNEGO         0x08
+#define CRFOUND         0x10
+#define NVT_SE          0xf0
+#define NVT_SB          0xfa
+#define NVT_WILL        0xfb
+#define NVT_WONT        0xfc
+#define NVT_DO          0xfd
+#define NVT_DONT        0xfe
+#define IAC             0xff
+int
+decode_nvt(u_char *data, uint len, u_char *ans, uint *anslen, 
+                                                 u_char *res, uint *reslen)
+{
+    u_char *ptr = data;
+    u_char *ansptr = ans;
+    u_char *resptr = res;
+    u_char flags = 0;
+    int i = 0;
+    u_char c;
+    if ( (data == NULL) || (ans == NULL) || (res == NULL))
+        return(0);
+    *anslen = 0;
+    *reslen = 0;
+    while (1)
+    {
+        if (i++ >= len)
+             break;
+        c = *ptr++;
+        if (flags & UNKNOWNOPT)
+        {
+            flags = 0;
+            continue;
+        }
+        if (flags & IACFOUND)
+        {
+            if (c == IAC)       /* IAC IAC */
+            {
+                *resptr++ = IAC;
+                flags = 0;      /* reset */
+                continue;
+            }
+            if (flags & SUBNEGO)
+            {
+                if (c == NVT_SE)        /* subnegotiation end */
+                    flags = 0;
+                continue;
+            }
+            if (flags & DOFOUND)
+            {
+/* 3com switch test             if (c == 0x03)
+                {
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_DO;
+                        *ansptr++ = 0x03;
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_WILL;
+                        *ansptr++ = 0x18;
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_WILL;
+                        *ansptr++ = 0x1f;
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_WILL;
+                        *ansptr++ = 0x20;
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_WILL;
+                        *ansptr++ = 0x21;
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_WILL;
+                        *ansptr++ = 0x22;
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_WILL;
+                        *ansptr++ = 0x27;
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_DO;
+                        *ansptr++ = 0x05;
+                        *ansptr++ = IAC;
+                        *ansptr++ = NVT_WILL;
+                        *ansptr++ = 0x23;
+                        *anslen = *anslen + 24;
+                }
+*/
+                *ansptr++ = IAC;
+                *ansptr++ = NVT_WONT;   /* me is dump - im a kid */
+                *ansptr++ = c;
+                *anslen = *anslen + 3;
+                flags = 0;
+                continue;
+            }
+            if (c == NVT_SB)    /* subnegotiation */
+            {
+                flags = SUBNEGO;
+                continue;
+            }
+            if (c == NVT_DO)    /* DO ... */
+            { 
+                flags |= DOFOUND;
+                continue;
+            } else {
+                flags = ~(IACFOUND | DOFOUND);
+                flags |= UNKNOWNOPT;    /* skip next */
+                continue;
+            }
+        }
+        if (flags & SUBNEGO)
+            continue;
+        if (c == IAC)
+        {
+            flags = IACFOUND;   /* just IAC */
+            continue;
+        }
+        if (flags & CRFOUND)
+        {
+            if (c == '\0')
+            {
+                flags &= ~CRFOUND;
+                *res++ = '\r';
+                *reslen = *reslen + 1;
+                continue;
+            }
+            if (c == '\n')
+            {
+                flags &= ~CRFOUND;
+                *res++ = '\n';
+                *reslen = *reslen + 1;
+                continue;
+            }
+        }
+        if (c == '\r')
+        {
+            flags |= CRFOUND;
+            continue;
+        }
+        
+        *res++ = c;
+        *reslen = *reslen + 1;
+    }
+    return(0);
+}
author	Root THC	2026-02-24 12:42:47 +0000
committer	Root THC	2026-02-24 12:42:47 +0000
commit	c9cbeced5b3f2bdd7407e29c0811e65954132540 (patch)
tree	aefc355416b561111819de159ccbd86c3004cf88 /other/b-scan/tmp/src/network_raw.c
parent	073fe4bf9fca6bf40cef2886d75df832ef4b6fca (diff)

diff --git a/other/b-scan/tmp/src/network_raw.c b/other/b-scan/tmp/src/network_raw.c new file mode 100644 index 0000000..1b87eaa --- /dev/null +++ b/other/b-scan/tmp/src/network_raw.c
@@ -0,0 +1,497 @@
	1	/*
	2	* raw network routines
	3	* libnet based (not yet ..but maybe in the future :>
	4	*/
	5
	6	#include <stdio.h>
	7	#include <stdarg.h>
	8	#include <stdlib.h>
	9	#include <sys/types.h>
	10	#include <sys/socket.h>
	11	#include <sys/wait.h>
	12	#ifndef __FAVOR_BSD
	13	#define __FAVOR_BSD
	14	#endif
	15	#ifndef __USE_BSD
	16	#define __USE_BSD
	17	#endif
	18	#ifndef __BSD_SOURCE
	19	#define __BSD_SOURCE
	20	#endif
	21	#include <libnet.h>
	22	#include <bscan/network_raw.h>
	23
	24	static int netraw_lrand = 0;
	25	#define LAME_RANDOM (netraw_lrand = (netraw_lrand + (netraw_lrand>>1)))
	26
	27	/*
	28	* init all the network_raw stuff
	29	* return 0 on success, -1 on error
	30	*/
	31	int
	32	init_network_raw ()
	33	{
	34	/* seeded by init_vars/bscan.c */
	35	netraw_lrand = 1 + (int) (65335.0 * rand () / (RAND_MAX + 1.0));
	36	return (0);
	37	}
	38
	39	/*
	40	* calc. checksum WITH carry flag.
	41	* call cksum = CKSUM_CARRY(sum);
	42	* we calculate only the initial checksum here.
	43	* we can use the result for all further packets
	44	*/
	45	int
	46	in_cksum (unsigned short *addr, int len)
	47	{
	48	int nleft = len;
	49	int sum = 0;
	50	u_short *w = addr;
	51	u_short answer = 0;
	52
	53	while (nleft > 1)
	54	{
	55	sum += *w++;
	56	nleft -= 2;
	57	}
	58
	59	if (nleft == 1) /* padding */
	60	{
	61	(u_char ) (&answer) = (u_char ) w;
	62	sum += answer;
	63	}
	64
	65	return (sum);
	66	}
	67
	68
	69	/*
	70	* add ICMP_ECHO or ICMP_TSTAMP
	71	* len = len of payload
	72	* add ICMP-header to pkt
	73	*/
	74	void
	75	add_icmpping (unsigned char *pkt, int len, int which)
	76	{
	77	struct icmp icmp = (struct icmp ) pkt;
	78	int sum;
	79	struct timeval tv;
	80	memset (icmp, 0, sizeof (icmp)); / sizeof(icmp) = 28 /
	81
	82	if (which == ICMP_ECHO)
	83	{
	84	icmp->icmp_type = ICMP_ECHO;
	85	}
	86	else if (which == ICMP_TSTAMP)
	87	{
	88	if (len < 13)
	89	printf ("packet too small for timestamp request, lets blast the packets out anyway\n");
	90	icmp->icmp_type = ICMP_TSTAMP;
	91	}
	92	else
	93	printf ("Your kung-fu is bad!\n");
	94
	95	icmp->icmp_hun.ih_idseq.icd_id = LAME_RANDOM;
	96	gettimeofday (&tv, NULL);
	97	memcpy (icmp->icmp_dun.id_data, &tv, sizeof (tv));
	98
	99	sum = in_cksum ((u_short *) icmp, ICMP_SIZE + len);
	100	icmp->icmp_cksum = CKSUM_CARRY (sum);
	101	}
	102
	103
	104	/*
	105	* add udp-header [no checksum]
	106	* len = len of payload
	107	*/
	108	void
	109	add_udphdr(unsigned char pkt, struct net_tuple nt, int len)
	110	{
	111	struct udphdr udp;
	112
	113	memset(&udp, 0, sizeof(udp));
	114	udp.uh_sport = nt->sport;
	115	udp.uh_dport = nt->dport;
	116	udp.uh_ulen = htons(len + UDP_SIZE);
	117	udp.uh_sum = 0; /* no checksum !*/
	118	memcpy(pkt, &udp, sizeof(udp));
	119	}
	120
	121
	122	/*
	123	* len = len of payload
	124	*/
	125	void
	126	add_tcphdr (unsigned char pkt, struct net_tuple nt, uint8_t flags, int len,
	127	tcp_seq * seq, tcp_seq * ack)
	128	{
	129	struct tcphdr tcp;
	130	struct tcphdr *tcpptr;
	131	struct _fakehead fakehead;
	132	int sum;
	133
	134	memset (&tcp, 0, sizeof (tcp));
	135	memset (&fakehead, 0, sizeof (fakehead));
	136	tcp.th_dport = nt->dport;
	137	tcp.th_sport = nt->sport;
	138	fakehead.saddr = nt->src;
	139	fakehead.daddr = nt->dst;
	140	fakehead.zero = 0;
	141	fakehead.protocol = IPPROTO_TCP;
	142	fakehead.tot_len = htons (TCP_SIZE + len);
	143	sum = in_cksum ((u_short *) & fakehead, sizeof (fakehead));
	144	tcp.th_off = TCP_SIZE >> 2;
	145	if (seq != NULL)
	146	tcp.th_seq = *seq;
	147	else
	148	tcp.th_seq = LAME_RANDOM;
	149	if (ack != NULL)
	150	tcp.th_ack = *ack;
	151	tcp.th_flags \|= flags; /* ADD the flags */
	152	tcp.th_win = htons (0x3fff);
	153	memcpy (pkt, &tcp, sizeof (tcp));
	154	sum += in_cksum ((u_short *) pkt, sizeof (tcp) + len);
	155	tcpptr = (struct tcphdr *)pkt;
	156	tcpptr->th_sum = CKSUM_CARRY (sum);
	157	}
	158
	159
	160	/*
	161	* add's ipv4-header of 20 bytes without any options
	162	* - IPPROTO_TCP and 40 bytes total length
	163	*/
	164	void
	165	add_iphdr (unsigned char pkt, uint8_t ip_p, struct net_tuple nt, int len)
	166	{
	167	struct ip ip;
	168	memset (&ip, 0, IP_SIZE);
	169	ip.ip_hl = sizeof (ip) >> 2;
	170	ip.ip_v = 4;
	171	/ip->tos = 0; /
	172	ip.ip_len = htons (len + IP_SIZE); /* htons ? */
	173	/ip->id = 0; done by kernel /
	174	/ip->frag_off = 0; /
	175	ip.ip_ttl = 0xff;
	176	ip.ip_p = ip_p;
	177	/.ip->check = 0; done by kernel /
	178	ip.ip_src.s_addr = nt->src;
	179	ip.ip_dst.s_addr = nt->dst;
	180	memcpy (pkt, &ip, sizeof (ip));
	181	}
	182
	183	/*
	184	* send out ipv4-packet
	185	* with data 'pkt' of length 'len'
	186	* returns the number of characters sent, or -1 if an error occured
	187	*/
	188	int
	189	send_ipv4 (int sox, u_char * pkt, size_t len)
	190	{
	191	struct sockaddr_in to;
	192	to.sin_family = AF_INET;
	193	memcpy (&to.sin_addr.s_addr, (pkt + 4 * 4), sizeof (u_long));
	194	return (sendto (sox, pkt, len, 0, (struct sockaddr *) &to, sizeof (to)));
	195	}
	196
	197
	198	/*
	199	* small/lame tcp userland stack
	200	* give 'best' tcp-answer to a tcp-packet
	201	* return 0 on success
	202	* payload + len are optional
	203	*/
	204	int
	205	answer_tcp (int sox, struct ip ip, struct tcphdr tcp, uint8_t flags,
	206	u_char * payload, uint len)
	207	{
	208	static u_char *outpkt = NULL;
	209	static int msize = 0;
	210	struct net_tuple nt;
	211	tcp_seq outack;
	212
	213	if (TCP_SIZE + IP_SIZE + len > msize)
	214	{
	215	outpkt = realloc (outpkt, TCP_SIZE + IP_SIZE + len);
	216	msize = TCP_SIZE + IP_SIZE + len;
	217	}
	218
	219	if (outpkt == NULL)
	220	return (-1);
	221	if (ip == NULL)
	222	return (-1);
	223	if (tcp == NULL)
	224	return (-1);
	225
	226	memset (outpkt, 0, TCP_SIZE + IP_SIZE + len);
	227
	228	nt.sport = tcp->th_dport;
	229	nt.dport = tcp->th_sport;
	230	nt.src = ip->ip_dst.s_addr;
	231	nt.dst = ip->ip_src.s_addr;
	232
	233	if (payload != NULL)
	234	memcpy (outpkt + TCP_SIZE + IP_SIZE, payload, len);
	235
	236	outack = ntohl (tcp->th_seq) + ntohs (ip->ip_len) - (tcp->th_off << 2) -
	237	(ip->ip_hl << 2);
	238	if (tcp->th_flags & (TH_SYN \| TH_FIN))
	239	outack++;
	240
	241	outack = htonl (outack);
	242	add_tcphdr (outpkt + IP_SIZE, &nt, flags, len, &tcp->th_ack, &outack);
	243
	244	add_iphdr (outpkt, IPPROTO_TCP, &nt, TCP_SIZE + len);
	245
	246	send_ipv4 (sox, outpkt, IP_SIZE + TCP_SIZE + len);
	247
	248	return (0);
	249	}
	250
	251
	252	/*
	253	* return 0 if ip-header is valid [length only]
	254	* len = length from the begin of the ip-header [20 for normal ip header]
	255	*/
	256	int
	257	vrfy_ip (struct ip ip, uint32_t len, u_short ip_options)
	258	{
	259	u_short _ip_options;
	260
	261	if (len < sizeof (*ip))
	262	return (-1);
	263
	264	_ip_options = ip->ip_hl << 2;
	265	if (_ip_options > len)
	266	return (-1);
	267
	268	if (_ip_options > 0xefff)
	269	return -1;
	270
	271	if (_ip_options < sizeof (*ip))
	272	_ip_options = 0;
	273	else
	274	_ip_options -= sizeof (*ip);
	275
	276	*ip_options = _ip_options;
	277	return (0);
	278	}
	279
	280
	281	/*
	282	* len = len of tcp-header + tcp_options + tcp_data (from wire).
	283	* returns 0 if tcp-header is valid [length check only]
	284	* returns options
	285	* != 0 if something went wrong [header size etc]
	286	*/
	287	int
	288	vrfy_tcp (struct tcphdr tcp, uint32_t plen, u_short tcp_options)
	289	{
	290	u_short _tcp_options;
	291
	292	if (plen < sizeof (*tcp))
	293	return (-1);
	294
	295	_tcp_options = tcp->th_off << 2;
	296	if (_tcp_options > plen)
	297	return (-1);
	298	if (_tcp_options > 0xefff) /* this is quite to large for me */
	299	return -1;
	300
	301	if (_tcp_options <= sizeof (*tcp))
	302	_tcp_options = 0;
	303	else
	304	_tcp_options -= sizeof (*tcp);
	305
	306	*tcp_options = _tcp_options;
	307
	308	return (0);
	309	}
	310
	311	int
	312	vrfy_udp (struct udphdr *udp, uint32_t len)
	313	{
	314
	315	if (len < sizeof(*udp))
	316	return (-1);
	317
	318	return (0);
	319	}
	320
	321	/*
	322	* decode NetworkVirtualTerminal Data
	323	* data = the raw (nvt)-input
	324	* len = length of 'data'
	325	* ans = the nvt-answer (IAC don't)
	326	* anslen = the calculated anser length
	327	* res = the decoded nvt data (login: prompt etc)
	328	* reslen = the calculates decoded data length
	329	* All parameters must be given (NULL is not allowed)
	330	* and initialized
	331	* return -1 on failure
	332	* return 0 on success
	333	* rfc-will: anslen, reslen < len
	334	*/
	335	#define IACFOUND 0x01
	336	#define DOFOUND 0x02
	337	#define UNKNOWNOPT 0x04
	338	#define SUBNEGO 0x08
	339	#define CRFOUND 0x10
	340
	341	#define NVT_SE 0xf0
	342	#define NVT_SB 0xfa
	343	#define NVT_WILL 0xfb
	344	#define NVT_WONT 0xfc
	345	#define NVT_DO 0xfd
	346	#define NVT_DONT 0xfe
	347	#define IAC 0xff
	348
	349	int
	350	decode_nvt(u_char data, uint len, u_char ans, uint *anslen,
	351	u_char res, uint reslen)
	352	{
	353	u_char *ptr = data;
	354	u_char *ansptr = ans;
	355	u_char *resptr = res;
	356	u_char flags = 0;
	357	int i = 0;
	358	u_char c;
	359
	360	if ( (data == NULL) \|\| (ans == NULL) \|\| (res == NULL))
	361	return(0);
	362
	363	*anslen = 0;
	364	*reslen = 0;
	365
	366	while (1)
	367	{
	368	if (i++ >= len)
	369	break;
	370	c = *ptr++;
	371
	372	if (flags & UNKNOWNOPT)
	373	{
	374	flags = 0;
	375	continue;
	376	}
	377
	378	if (flags & IACFOUND)
	379	{
	380	if (c == IAC) /* IAC IAC */
	381	{
	382	*resptr++ = IAC;
	383	flags = 0; /* reset */
	384	continue;
	385	}
	386
	387	if (flags & SUBNEGO)
	388	{
	389	if (c == NVT_SE) /* subnegotiation end */
	390	flags = 0;
	391	continue;
	392	}
	393
	394	if (flags & DOFOUND)
	395	{
	396	/* 3com switch test if (c == 0x03)
	397	{
	398	*ansptr++ = IAC;
	399	*ansptr++ = NVT_DO;
	400	*ansptr++ = 0x03;
	401	*ansptr++ = IAC;
	402	*ansptr++ = NVT_WILL;
	403	*ansptr++ = 0x18;
	404	*ansptr++ = IAC;
	405	*ansptr++ = NVT_WILL;
	406	*ansptr++ = 0x1f;
	407	*ansptr++ = IAC;
	408	*ansptr++ = NVT_WILL;
	409	*ansptr++ = 0x20;
	410	*ansptr++ = IAC;
	411	*ansptr++ = NVT_WILL;
	412	*ansptr++ = 0x21;
	413	*ansptr++ = IAC;
	414	*ansptr++ = NVT_WILL;
	415	*ansptr++ = 0x22;
	416	*ansptr++ = IAC;
	417	*ansptr++ = NVT_WILL;
	418	*ansptr++ = 0x27;
	419	*ansptr++ = IAC;
	420	*ansptr++ = NVT_DO;
	421	*ansptr++ = 0x05;
	422	*ansptr++ = IAC;
	423	*ansptr++ = NVT_WILL;
	424	*ansptr++ = 0x23;
	425	anslen = anslen + 24;
	426
	427	}
	428	*/
	429	*ansptr++ = IAC;
	430	ansptr++ = NVT_WONT; / me is dump - im a kid */
	431	*ansptr++ = c;
	432	anslen = anslen + 3;
	433	flags = 0;
	434	continue;
	435	}
	436
	437	if (c == NVT_SB) /* subnegotiation */
	438	{
	439	flags = SUBNEGO;
	440	continue;
	441	}
	442
	443	if (c == NVT_DO) /* DO ... */
	444	{
	445	flags \|= DOFOUND;
	446	continue;
	447	} else {
	448	flags = ~(IACFOUND \| DOFOUND);
	449	flags \|= UNKNOWNOPT; /* skip next */
	450	continue;
	451	}
	452
	453	}
	454
	455	if (flags & SUBNEGO)
	456	continue;
	457
	458	if (c == IAC)
	459	{
	460	flags = IACFOUND; /* just IAC */
	461	continue;
	462	}
	463
	464	if (flags & CRFOUND)
	465	{
	466	if (c == '\0')
	467	{
	468	flags &= ~CRFOUND;
	469	*res++ = '\r';
	470	reslen = reslen + 1;
	471	continue;
	472	}
	473	if (c == '\n')
	474	{
	475	flags &= ~CRFOUND;
	476	*res++ = '\n';
	477	reslen = reslen + 1;
	478	continue;
	479	}
	480	}
	481
	482	if (c == '\r')
	483	{
	484	flags \|= CRFOUND;
	485	continue;
	486	}
	487
	488	*res++ = c;
	489	reslen = reslen + 1;
	490
	491	}
	492
	493	return(0);
	494	}
	495
	496
	497