]> The Tcpdump Group git mirrors - tcpdump/blob - print-ppp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
dismiss NETDISSECT_REWORKED macro
[tcpdump] / print-ppp.c
1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
22 * complete PPP support.
23 */
24
25 /*
26 * TODO:
27 * o resolve XXX as much as possible
28 * o MP support
29 * o BAP support
30 */
31
32 #ifdef HAVE_CONFIG_H
33 #include "config.h"
34 #endif
35
36 #include <tcpdump-stdinc.h>
37
38 #ifdef __bsdi__
39 #include <net/slcompress.h>
40 #include <net/if_ppp.h>
41 #endif
42
43 #include <stdlib.h>
44
45 #include "interface.h"
46 #include "extract.h"
47 #include "addrtoname.h"
48 #include "ppp.h"
49 #include "chdlc.h"
50 #include "ethertype.h"
51 #include "oui.h"
52
53 /*
54 * The following constatns are defined by IANA. Please refer to
55 * http://www.isi.edu/in-notes/iana/assignments/ppp-numbers
56 * for the up-to-date information.
57 */
58
59 /* Protocol Codes defined in ppp.h */
60
61 static const struct tok ppptype2str[] = {
62 { PPP_IP, "IP" },
63 { PPP_OSI, "OSI" },
64 { PPP_NS, "NS" },
65 { PPP_DECNET, "DECNET" },
66 { PPP_APPLE, "APPLE" },
67 { PPP_IPX, "IPX" },
68 { PPP_VJC, "VJC IP" },
69 { PPP_VJNC, "VJNC IP" },
70 { PPP_BRPDU, "BRPDU" },
71 { PPP_STII, "STII" },
72 { PPP_VINES, "VINES" },
73 { PPP_MPLS_UCAST, "MPLS" },
74 { PPP_MPLS_MCAST, "MPLS" },
75 { PPP_COMP, "Compressed"},
76 { PPP_ML, "MLPPP"},
77 { PPP_IPV6, "IP6"},
78
79 { PPP_HELLO, "HELLO" },
80 { PPP_LUXCOM, "LUXCOM" },
81 { PPP_SNS, "SNS" },
82 { PPP_IPCP, "IPCP" },
83 { PPP_OSICP, "OSICP" },
84 { PPP_NSCP, "NSCP" },
85 { PPP_DECNETCP, "DECNETCP" },
86 { PPP_APPLECP, "APPLECP" },
87 { PPP_IPXCP, "IPXCP" },
88 { PPP_STIICP, "STIICP" },
89 { PPP_VINESCP, "VINESCP" },
90 { PPP_IPV6CP, "IP6CP" },
91 { PPP_MPLSCP, "MPLSCP" },
92
93 { PPP_LCP, "LCP" },
94 { PPP_PAP, "PAP" },
95 { PPP_LQM, "LQM" },
96 { PPP_CHAP, "CHAP" },
97 { PPP_EAP, "EAP" },
98 { PPP_SPAP, "SPAP" },
99 { PPP_SPAP_OLD, "Old-SPAP" },
100 { PPP_BACP, "BACP" },
101 { PPP_BAP, "BAP" },
102 { PPP_MPCP, "MLPPP-CP" },
103 { PPP_CCP, "CCP" },
104 { 0, NULL }
105 };
106
107 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
108
109 #define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */
110 #define CPCODES_CONF_REQ 1 /* Configure-Request */
111 #define CPCODES_CONF_ACK 2 /* Configure-Ack */
112 #define CPCODES_CONF_NAK 3 /* Configure-Nak */
113 #define CPCODES_CONF_REJ 4 /* Configure-Reject */
114 #define CPCODES_TERM_REQ 5 /* Terminate-Request */
115 #define CPCODES_TERM_ACK 6 /* Terminate-Ack */
116 #define CPCODES_CODE_REJ 7 /* Code-Reject */
117 #define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */
118 #define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */
119 #define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */
120 #define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */
121 #define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */
122 #define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */
123 #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */
124 #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */
125
126 static const struct tok cpcodes[] = {
127 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */
128 {CPCODES_CONF_REQ, "Conf-Request"},
129 {CPCODES_CONF_ACK, "Conf-Ack"},
130 {CPCODES_CONF_NAK, "Conf-Nack"},
131 {CPCODES_CONF_REJ, "Conf-Reject"},
132 {CPCODES_TERM_REQ, "Term-Request"},
133 {CPCODES_TERM_ACK, "Term-Ack"},
134 {CPCODES_CODE_REJ, "Code-Reject"},
135 {CPCODES_PROT_REJ, "Prot-Reject"},
136 {CPCODES_ECHO_REQ, "Echo-Request"},
137 {CPCODES_ECHO_RPL, "Echo-Reply"},
138 {CPCODES_DISC_REQ, "Disc-Req"},
139 {CPCODES_ID, "Ident"}, /* RFC1570 */
140 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */
141 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */
142 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */
143 {0, NULL}
144 };
145
146 /* LCP Config Options */
147
148 #define LCPOPT_VEXT 0
149 #define LCPOPT_MRU 1
150 #define LCPOPT_ACCM 2
151 #define LCPOPT_AP 3
152 #define LCPOPT_QP 4
153 #define LCPOPT_MN 5
154 #define LCPOPT_DEP6 6
155 #define LCPOPT_PFC 7
156 #define LCPOPT_ACFC 8
157 #define LCPOPT_FCSALT 9
158 #define LCPOPT_SDP 10
159 #define LCPOPT_NUMMODE 11
160 #define LCPOPT_DEP12 12
161 #define LCPOPT_CBACK 13
162 #define LCPOPT_DEP14 14
163 #define LCPOPT_DEP15 15
164 #define LCPOPT_DEP16 16
165 #define LCPOPT_MLMRRU 17
166 #define LCPOPT_MLSSNHF 18
167 #define LCPOPT_MLED 19
168 #define LCPOPT_PROP 20
169 #define LCPOPT_DCEID 21
170 #define LCPOPT_MPP 22
171 #define LCPOPT_LD 23
172 #define LCPOPT_LCPAOPT 24
173 #define LCPOPT_COBS 25
174 #define LCPOPT_PE 26
175 #define LCPOPT_MLHF 27
176 #define LCPOPT_I18N 28
177 #define LCPOPT_SDLOS 29
178 #define LCPOPT_PPPMUX 30
179
180 #define LCPOPT_MIN LCPOPT_VEXT
181 #define LCPOPT_MAX LCPOPT_PPPMUX
182
183 static const char *lcpconfopts[] = {
184 "Vend-Ext", /* (0) */
185 "MRU", /* (1) */
186 "ACCM", /* (2) */
187 "Auth-Prot", /* (3) */
188 "Qual-Prot", /* (4) */
189 "Magic-Num", /* (5) */
190 "deprecated(6)", /* used to be a Quality Protocol */
191 "PFC", /* (7) */
192 "ACFC", /* (8) */
193 "FCS-Alt", /* (9) */
194 "SDP", /* (10) */
195 "Num-Mode", /* (11) */
196 "deprecated(12)", /* used to be a Multi-Link-Procedure*/
197 "Call-Back", /* (13) */
198 "deprecated(14)", /* used to be a Connect-Time */
199 "deprecated(15)", /* used to be a Compund-Frames */
200 "deprecated(16)", /* used to be a Nominal-Data-Encap */
201 "MRRU", /* (17) */
202 "12-Bit seq #", /* (18) */
203 "End-Disc", /* (19) */
204 "Proprietary", /* (20) */
205 "DCE-Id", /* (21) */
206 "MP+", /* (22) */
207 "Link-Disc", /* (23) */
208 "LCP-Auth-Opt", /* (24) */
209 "COBS", /* (25) */
210 "Prefix-elision", /* (26) */
211 "Multilink-header-Form",/* (27) */
212 "I18N", /* (28) */
213 "SDL-over-SONET/SDH", /* (29) */
214 "PPP-Muxing", /* (30) */
215 };
216
217 /* ECP - to be supported */
218
219 /* CCP Config Options */
220
221 #define CCPOPT_OUI 0 /* RFC1962 */
222 #define CCPOPT_PRED1 1 /* RFC1962 */
223 #define CCPOPT_PRED2 2 /* RFC1962 */
224 #define CCPOPT_PJUMP 3 /* RFC1962 */
225 /* 4-15 unassigned */
226 #define CCPOPT_HPPPC 16 /* RFC1962 */
227 #define CCPOPT_STACLZS 17 /* RFC1974 */
228 #define CCPOPT_MPPC 18 /* RFC2118 */
229 #define CCPOPT_GFZA 19 /* RFC1962 */
230 #define CCPOPT_V42BIS 20 /* RFC1962 */
231 #define CCPOPT_BSDCOMP 21 /* RFC1977 */
232 /* 22 unassigned */
233 #define CCPOPT_LZSDCP 23 /* RFC1967 */
234 #define CCPOPT_MVRCA 24 /* RFC1975 */
235 #define CCPOPT_DEC 25 /* RFC1976 */
236 #define CCPOPT_DEFLATE 26 /* RFC1979 */
237 /* 27-254 unassigned */
238 #define CCPOPT_RESV 255 /* RFC1962 */
239
240 static const struct tok ccpconfopts_values[] = {
241 { CCPOPT_OUI, "OUI" },
242 { CCPOPT_PRED1, "Pred-1" },
243 { CCPOPT_PRED2, "Pred-2" },
244 { CCPOPT_PJUMP, "Puddle" },
245 { CCPOPT_HPPPC, "HP-PPC" },
246 { CCPOPT_STACLZS, "Stac-LZS" },
247 { CCPOPT_MPPC, "MPPC" },
248 { CCPOPT_GFZA, "Gand-FZA" },
249 { CCPOPT_V42BIS, "V.42bis" },
250 { CCPOPT_BSDCOMP, "BSD-Comp" },
251 { CCPOPT_LZSDCP, "LZS-DCP" },
252 { CCPOPT_MVRCA, "MVRCA" },
253 { CCPOPT_DEC, "DEC" },
254 { CCPOPT_DEFLATE, "Deflate" },
255 { CCPOPT_RESV, "Reserved"},
256 {0, NULL}
257 };
258
259 /* BACP Config Options */
260
261 #define BACPOPT_FPEER 1 /* RFC2125 */
262
263 static const struct tok bacconfopts_values[] = {
264 { BACPOPT_FPEER, "Favored-Peer" },
265 {0, NULL}
266 };
267
268
269 /* SDCP - to be supported */
270
271 /* IPCP Config Options */
272 #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
273 #define IPCPOPT_IPCOMP 2 /* RFC1332 */
274 #define IPCPOPT_ADDR 3 /* RFC1332 */
275 #define IPCPOPT_MOBILE4 4 /* RFC2290 */
276 #define IPCPOPT_PRIDNS 129 /* RFC1877 */
277 #define IPCPOPT_PRINBNS 130 /* RFC1877 */
278 #define IPCPOPT_SECDNS 131 /* RFC1877 */
279 #define IPCPOPT_SECNBNS 132 /* RFC1877 */
280
281 static const struct tok ipcpopt_values[] = {
282 { IPCPOPT_2ADDR, "IP-Addrs" },
283 { IPCPOPT_IPCOMP, "IP-Comp" },
284 { IPCPOPT_ADDR, "IP-Addr" },
285 { IPCPOPT_MOBILE4, "Home-Addr" },
286 { IPCPOPT_PRIDNS, "Pri-DNS" },
287 { IPCPOPT_PRINBNS, "Pri-NBNS" },
288 { IPCPOPT_SECDNS, "Sec-DNS" },
289 { IPCPOPT_SECNBNS, "Sec-NBNS" },
290 { 0, NULL }
291 };
292
293 #define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */
294 #define IPCPOPT_IPCOMP_MINLEN 14
295
296 static const struct tok ipcpopt_compproto_values[] = {
297 { PPP_VJC, "VJ-Comp" },
298 { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" },
299 { 0, NULL }
300 };
301
302 static const struct tok ipcpopt_compproto_subopt_values[] = {
303 { 1, "RTP-Compression" },
304 { 2, "Enhanced RTP-Compression" },
305 { 0, NULL }
306 };
307
308 /* IP6CP Config Options */
309 #define IP6CP_IFID 1
310
311 static const struct tok ip6cpopt_values[] = {
312 { IP6CP_IFID, "Interface-ID" },
313 { 0, NULL }
314 };
315
316 /* ATCP - to be supported */
317 /* OSINLCP - to be supported */
318 /* BVCP - to be supported */
319 /* BCP - to be supported */
320 /* IPXCP - to be supported */
321 /* MPLSCP - to be supported */
322
323 /* Auth Algorithms */
324
325 /* 0-4 Reserved (RFC1994) */
326 #define AUTHALG_CHAPMD5 5 /* RFC1994 */
327 #define AUTHALG_MSCHAP1 128 /* RFC2433 */
328 #define AUTHALG_MSCHAP2 129 /* RFC2795 */
329
330 static const struct tok authalg_values[] = {
331 { AUTHALG_CHAPMD5, "MD5" },
332 { AUTHALG_MSCHAP1, "MS-CHAPv1" },
333 { AUTHALG_MSCHAP2, "MS-CHAPv2" },
334 { 0, NULL }
335 };
336
337 /* FCS Alternatives - to be supported */
338
339 /* Multilink Endpoint Discriminator (RFC1717) */
340 #define MEDCLASS_NULL 0 /* Null Class */
341 #define MEDCLASS_LOCAL 1 /* Locally Assigned */
342 #define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */
343 #define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */
344 #define MEDCLASS_MNB 4 /* PPP Magic Number Block */
345 #define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */
346
347 /* PPP LCP Callback */
348 #define CALLBACK_AUTH 0 /* Location determined by user auth */
349 #define CALLBACK_DSTR 1 /* Dialing string */
350 #define CALLBACK_LID 2 /* Location identifier */
351 #define CALLBACK_E164 3 /* E.164 number */
352 #define CALLBACK_X500 4 /* X.500 distinguished name */
353 #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */
354
355 static const struct tok ppp_callback_values[] = {
356 { CALLBACK_AUTH, "UserAuth" },
357 { CALLBACK_DSTR, "DialString" },
358 { CALLBACK_LID, "LocalID" },
359 { CALLBACK_E164, "E.164" },
360 { CALLBACK_X500, "X.500" },
361 { CALLBACK_CBCP, "CBCP" },
362 { 0, NULL }
363 };
364
365 /* CHAP */
366
367 #define CHAP_CHAL 1
368 #define CHAP_RESP 2
369 #define CHAP_SUCC 3
370 #define CHAP_FAIL 4
371
372 static const struct tok chapcode_values[] = {
373 { CHAP_CHAL, "Challenge" },
374 { CHAP_RESP, "Response" },
375 { CHAP_SUCC, "Success" },
376 { CHAP_FAIL, "Fail" },
377 { 0, NULL}
378 };
379
380 /* PAP */
381
382 #define PAP_AREQ 1
383 #define PAP_AACK 2
384 #define PAP_ANAK 3
385
386 static const struct tok papcode_values[] = {
387 { PAP_AREQ, "Auth-Req" },
388 { PAP_AACK, "Auth-ACK" },
389 { PAP_ANAK, "Auth-NACK" },
390 { 0, NULL }
391 };
392
393 /* BAP */
394 #define BAP_CALLREQ 1
395 #define BAP_CALLRES 2
396 #define BAP_CBREQ 3
397 #define BAP_CBRES 4
398 #define BAP_LDQREQ 5
399 #define BAP_LDQRES 6
400 #define BAP_CSIND 7
401 #define BAP_CSRES 8
402
403 static int print_lcp_config_options(netdissect_options *, const u_char *p, int);
404 static int print_ipcp_config_options(netdissect_options *, const u_char *p, int);
405 static int print_ip6cp_config_options(netdissect_options *, const u_char *p, int);
406 static int print_ccp_config_options(netdissect_options *, const u_char *p, int);
407 static int print_bacp_config_options(netdissect_options *, const u_char *p, int);
408 static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, int length);
409
410 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
411 static void
412 handle_ctrl_proto(netdissect_options *ndo,
413 u_int proto, const u_char *pptr, int length)
414 {
415 const char *typestr;
416 u_int code, len;
417 int (*pfunc)(netdissect_options *, const u_char *, int);
418 int x, j;
419 const u_char *tptr;
420
421 tptr=pptr;
422
423 typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
424 ND_PRINT((ndo, "%s, ", typestr));
425
426 if (length < 4) /* FIXME weak boundary checking */
427 goto trunc;
428 ND_TCHECK2(*tptr, 2);
429
430 code = *tptr++;
431
432 ND_PRINT((ndo, "%s (0x%02x), id %u, length %u",
433 tok2str(cpcodes, "Unknown Opcode",code),
434 code,
435 *tptr++, /* ID */
436 length + 2));
437
438 if (!ndo->ndo_vflag)
439 return;
440
441 if (length <= 4)
442 return; /* there may be a NULL confreq etc. */
443
444 ND_TCHECK2(*tptr, 2);
445 len = EXTRACT_16BITS(tptr);
446 tptr += 2;
447
448 ND_PRINT((ndo, "\n\tencoded length %u (=Option(s) length %u)", len, len - 4));
449
450 if (ndo->ndo_vflag > 1)
451 print_unknown_data(ndo, pptr - 2, "\n\t", 6);
452
453
454 switch (code) {
455 case CPCODES_VEXT:
456 if (length < 11)
457 break;
458 ND_TCHECK2(*tptr, 4);
459 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr)));
460 tptr += 4;
461 ND_TCHECK2(*tptr, 3);
462 ND_PRINT((ndo, " Vendor: %s (%u)",
463 tok2str(oui_values,"Unknown",EXTRACT_24BITS(tptr)),
464 EXTRACT_24BITS(tptr)));
465 /* XXX: need to decode Kind and Value(s)? */
466 break;
467 case CPCODES_CONF_REQ:
468 case CPCODES_CONF_ACK:
469 case CPCODES_CONF_NAK:
470 case CPCODES_CONF_REJ:
471 x = len - 4; /* Code(1), Identifier(1) and Length(2) */
472 do {
473 switch (proto) {
474 case PPP_LCP:
475 pfunc = print_lcp_config_options;
476 break;
477 case PPP_IPCP:
478 pfunc = print_ipcp_config_options;
479 break;
480 case PPP_IPV6CP:
481 pfunc = print_ip6cp_config_options;
482 break;
483 case PPP_CCP:
484 pfunc = print_ccp_config_options;
485 break;
486 case PPP_BACP:
487 pfunc = print_bacp_config_options;
488 break;
489 default:
490 /*
491 * No print routine for the options for
492 * this protocol.
493 */
494 pfunc = NULL;
495 break;
496 }
497
498 if (pfunc == NULL) /* catch the above null pointer if unknown CP */
499 break;
500
501 if ((j = (*pfunc)(ndo, tptr, len)) == 0)
502 break;
503 x -= j;
504 tptr += j;
505 } while (x > 0);
506 break;
507
508 case CPCODES_TERM_REQ:
509 case CPCODES_TERM_ACK:
510 /* XXX: need to decode Data? */
511 break;
512 case CPCODES_CODE_REJ:
513 /* XXX: need to decode Rejected-Packet? */
514 break;
515 case CPCODES_PROT_REJ:
516 if (length < 6)
517 break;
518 ND_TCHECK2(*tptr, 2);
519 ND_PRINT((ndo, "\n\t Rejected %s Protocol (0x%04x)",
520 tok2str(ppptype2str,"unknown", EXTRACT_16BITS(tptr)),
521 EXTRACT_16BITS(tptr)));
522 /* XXX: need to decode Rejected-Information? - hexdump for now */
523 if (len > 6) {
524 ND_PRINT((ndo, "\n\t Rejected Packet"));
525 print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2);
526 }
527 break;
528 case CPCODES_ECHO_REQ:
529 case CPCODES_ECHO_RPL:
530 case CPCODES_DISC_REQ:
531 if (length < 8)
532 break;
533 ND_TCHECK2(*tptr, 4);
534 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr)));
535 /* XXX: need to decode Data? - hexdump for now */
536 if (len > 8) {
537 ND_PRINT((ndo, "\n\t -----trailing data-----"));
538 ND_TCHECK2(tptr[4], len - 8);
539 print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8);
540 }
541 break;
542 case CPCODES_ID:
543 if (length < 8)
544 break;
545 ND_TCHECK2(*tptr, 4);
546 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr)));
547 /* RFC 1661 says this is intended to be human readable */
548 if (len > 8) {
549 ND_PRINT((ndo, "\n\t Message\n\t "));
550 if (fn_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend))
551 goto trunc;
552 }
553 break;
554 case CPCODES_TIME_REM:
555 if (length < 12)
556 break;
557 ND_TCHECK2(*tptr, 4);
558 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_32BITS(tptr)));
559 ND_TCHECK2(*(tptr + 4), 4);
560 ND_PRINT((ndo, ", Seconds-Remaining %us", EXTRACT_32BITS(tptr + 4)));
561 /* XXX: need to decode Message? */
562 break;
563 default:
564 /* XXX this is dirty but we do not get the
565 * original pointer passed to the begin
566 * the PPP packet */
567 if (ndo->ndo_vflag <= 1)
568 print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2);
569 break;
570 }
571 return;
572
573 trunc:
574 ND_PRINT((ndo, "[|%s]", typestr));
575 }
576
577 /* LCP config options */
578 static int
579 print_lcp_config_options(netdissect_options *ndo,
580 const u_char *p, int length)
581 {
582 int len, opt;
583
584 if (length < 2)
585 return 0;
586 ND_TCHECK2(*p, 2);
587 len = p[1];
588 opt = p[0];
589 if (length < len)
590 return 0;
591 if (len < 2) {
592 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
593 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
594 lcpconfopts[opt], opt, len));
595 else
596 ND_PRINT((ndo, "\n\tunknown LCP option 0x%02x", opt));
597 return 0;
598 }
599 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
600 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len));
601 else {
602 ND_PRINT((ndo, "\n\tunknown LCP option 0x%02x", opt));
603 return len;
604 }
605
606 switch (opt) {
607 case LCPOPT_VEXT:
608 if (len < 6) {
609 ND_PRINT((ndo, " (length bogus, should be >= 6)"));
610 return len;
611 }
612 ND_TCHECK2(*(p + 2), 3);
613 ND_PRINT((ndo, ": Vendor: %s (%u)",
614 tok2str(oui_values,"Unknown",EXTRACT_24BITS(p+2)),
615 EXTRACT_24BITS(p + 2)));
616 #if 0
617 ND_TCHECK(p[5]);
618 ND_PRINT((ndo, ", kind: 0x%02x", p[5]));
619 ND_PRINT((ndo, ", Value: 0x"));
620 for (i = 0; i < len - 6; i++) {
621 ND_TCHECK(p[6 + i]);
622 ND_PRINT((ndo, "%02x", p[6 + i]));
623 }
624 #endif
625 break;
626 case LCPOPT_MRU:
627 if (len != 4) {
628 ND_PRINT((ndo, " (length bogus, should be = 4)"));
629 return len;
630 }
631 ND_TCHECK2(*(p + 2), 2);
632 ND_PRINT((ndo, ": %u", EXTRACT_16BITS(p + 2)));
633 break;
634 case LCPOPT_ACCM:
635 if (len != 6) {
636 ND_PRINT((ndo, " (length bogus, should be = 6)"));
637 return len;
638 }
639 ND_TCHECK2(*(p + 2), 4);
640 ND_PRINT((ndo, ": 0x%08x", EXTRACT_32BITS(p + 2)));
641 break;
642 case LCPOPT_AP:
643 if (len < 4) {
644 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
645 return len;
646 }
647 ND_TCHECK2(*(p + 2), 2);
648 ND_PRINT((ndo, ": %s", tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", EXTRACT_16BITS(p + 2))));
649
650 switch (EXTRACT_16BITS(p+2)) {
651 case PPP_CHAP:
652 ND_TCHECK(p[4]);
653 ND_PRINT((ndo, ", %s", tok2str(authalg_values, "Unknown Auth Alg %u", p[4])));
654 break;
655 case PPP_PAP: /* fall through */
656 case PPP_EAP:
657 case PPP_SPAP:
658 case PPP_SPAP_OLD:
659 break;
660 default:
661 print_unknown_data(ndo, p, "\n\t", len);
662 }
663 break;
664 case LCPOPT_QP:
665 if (len < 4) {
666 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
667 return 0;
668 }
669 ND_TCHECK2(*(p + 2), 2);
670 if (EXTRACT_16BITS(p+2) == PPP_LQM)
671 ND_PRINT((ndo, ": LQR"));
672 else
673 ND_PRINT((ndo, ": unknown"));
674 break;
675 case LCPOPT_MN:
676 if (len != 6) {
677 ND_PRINT((ndo, " (length bogus, should be = 6)"));
678 return 0;
679 }
680 ND_TCHECK2(*(p + 2), 4);
681 ND_PRINT((ndo, ": 0x%08x", EXTRACT_32BITS(p + 2)));
682 break;
683 case LCPOPT_PFC:
684 break;
685 case LCPOPT_ACFC:
686 break;
687 case LCPOPT_LD:
688 if (len != 4) {
689 ND_PRINT((ndo, " (length bogus, should be = 4)"));
690 return 0;
691 }
692 ND_TCHECK2(*(p + 2), 2);
693 ND_PRINT((ndo, ": 0x%04x", EXTRACT_16BITS(p + 2)));
694 break;
695 case LCPOPT_CBACK:
696 if (len < 3) {
697 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
698 return 0;
699 }
700 ND_PRINT((ndo, ": "));
701 ND_TCHECK(p[2]);
702 ND_PRINT((ndo, ": Callback Operation %s (%u)",
703 tok2str(ppp_callback_values, "Unknown", p[2]),
704 p[2]));
705 break;
706 case LCPOPT_MLMRRU:
707 if (len != 4) {
708 ND_PRINT((ndo, " (length bogus, should be = 4)"));
709 return 0;
710 }
711 ND_TCHECK2(*(p + 2), 2);
712 ND_PRINT((ndo, ": %u", EXTRACT_16BITS(p + 2)));
713 break;
714 case LCPOPT_MLED:
715 if (len < 3) {
716 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
717 return 0;
718 }
719 ND_TCHECK(p[2]);
720 switch (p[2]) { /* class */
721 case MEDCLASS_NULL:
722 ND_PRINT((ndo, ": Null"));
723 break;
724 case MEDCLASS_LOCAL:
725 ND_PRINT((ndo, ": Local")); /* XXX */
726 break;
727 case MEDCLASS_IPV4:
728 if (len != 7) {
729 ND_PRINT((ndo, " (length bogus, should be = 7)"));
730 return 0;
731 }
732 ND_TCHECK2(*(p + 3), 4);
733 ND_PRINT((ndo, ": IPv4 %s", ipaddr_string(ndo, p + 3)));
734 break;
735 case MEDCLASS_MAC:
736 if (len != 9) {
737 ND_PRINT((ndo, " (length bogus, should be = 9)"));
738 return 0;
739 }
740 ND_TCHECK2(*(p + 3), 6);
741 ND_PRINT((ndo, ": MAC %s", etheraddr_string(ndo, p + 3)));
742 break;
743 case MEDCLASS_MNB:
744 ND_PRINT((ndo, ": Magic-Num-Block")); /* XXX */
745 break;
746 case MEDCLASS_PSNDN:
747 ND_PRINT((ndo, ": PSNDN")); /* XXX */
748 break;
749 default:
750 ND_PRINT((ndo, ": Unknown class %u", p[2]));
751 break;
752 }
753 break;
754
755 /* XXX: to be supported */
756 #if 0
757 case LCPOPT_DEP6:
758 case LCPOPT_FCSALT:
759 case LCPOPT_SDP:
760 case LCPOPT_NUMMODE:
761 case LCPOPT_DEP12:
762 case LCPOPT_DEP14:
763 case LCPOPT_DEP15:
764 case LCPOPT_DEP16:
765 case LCPOPT_MLSSNHF:
766 case LCPOPT_PROP:
767 case LCPOPT_DCEID:
768 case LCPOPT_MPP:
769 case LCPOPT_LCPAOPT:
770 case LCPOPT_COBS:
771 case LCPOPT_PE:
772 case LCPOPT_MLHF:
773 case LCPOPT_I18N:
774 case LCPOPT_SDLOS:
775 case LCPOPT_PPPMUX:
776 break;
777 #endif
778 default:
779 /*
780 * Unknown option; dump it as raw bytes now if we're
781 * not going to do so below.
782 */
783 if (ndo->ndo_vflag < 2)
784 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
785 break;
786 }
787
788 if (ndo->ndo_vflag > 1)
789 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
790
791 return len;
792
793 trunc:
794 ND_PRINT((ndo, "[|lcp]"));
795 return 0;
796 }
797
798 /* ML-PPP*/
799 static const struct tok ppp_ml_flag_values[] = {
800 { 0x80, "begin" },
801 { 0x40, "end" },
802 { 0, NULL }
803 };
804
805 static void
806 handle_mlppp(netdissect_options *ndo,
807 const u_char *p, int length)
808 {
809 if (!ndo->ndo_eflag)
810 ND_PRINT((ndo, "MLPPP, "));
811
812 ND_PRINT((ndo, "seq 0x%03x, Flags [%s], length %u",
813 (EXTRACT_16BITS(p))&0x0fff, /* only support 12-Bit sequence space for now */
814 bittok2str(ppp_ml_flag_values, "none", *p & 0xc0),
815 length));
816 }
817
818 /* CHAP */
819 static void
820 handle_chap(netdissect_options *ndo,
821 const u_char *p, int length)
822 {
823 u_int code, len;
824 int val_size, name_size, msg_size;
825 const u_char *p0;
826 int i;
827
828 p0 = p;
829 if (length < 1) {
830 ND_PRINT((ndo, "[|chap]"));
831 return;
832 } else if (length < 4) {
833 ND_TCHECK(*p);
834 ND_PRINT((ndo, "[|chap 0x%02x]", *p));
835 return;
836 }
837
838 ND_TCHECK(*p);
839 code = *p;
840 ND_PRINT((ndo, "CHAP, %s (0x%02x)",
841 tok2str(chapcode_values,"unknown",code),
842 code));
843 p++;
844
845 ND_TCHECK(*p);
846 ND_PRINT((ndo, ", id %u", *p)); /* ID */
847 p++;
848
849 ND_TCHECK2(*p, 2);
850 len = EXTRACT_16BITS(p);
851 p += 2;
852
853 /*
854 * Note that this is a generic CHAP decoding routine. Since we
855 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
856 * MS-CHAPv2) is used at this point, we can't decode packet
857 * specifically to each algorithms. Instead, we simply decode
858 * the GCD (Gratest Common Denominator) for all algorithms.
859 */
860 switch (code) {
861 case CHAP_CHAL:
862 case CHAP_RESP:
863 if (length - (p - p0) < 1)
864 return;
865 ND_TCHECK(*p);
866 val_size = *p; /* value size */
867 p++;
868 if (length - (p - p0) < val_size)
869 return;
870 ND_PRINT((ndo, ", Value "));
871 for (i = 0; i < val_size; i++) {
872 ND_TCHECK(*p);
873 ND_PRINT((ndo, "%02x", *p++));
874 }
875 name_size = len - (p - p0);
876 ND_PRINT((ndo, ", Name "));
877 for (i = 0; i < name_size; i++) {
878 ND_TCHECK(*p);
879 safeputchar(ndo, *p++);
880 }
881 break;
882 case CHAP_SUCC:
883 case CHAP_FAIL:
884 msg_size = len - (p - p0);
885 ND_PRINT((ndo, ", Msg "));
886 for (i = 0; i< msg_size; i++) {
887 ND_TCHECK(*p);
888 safeputchar(ndo, *p++);
889 }
890 break;
891 }
892 return;
893
894 trunc:
895 ND_PRINT((ndo, "[|chap]"));
896 }
897
898 /* PAP (see RFC 1334) */
899 static void
900 handle_pap(netdissect_options *ndo,
901 const u_char *p, int length)
902 {
903 u_int code, len;
904 int peerid_len, passwd_len, msg_len;
905 const u_char *p0;
906 int i;
907
908 p0 = p;
909 if (length < 1) {
910 ND_PRINT((ndo, "[|pap]"));
911 return;
912 } else if (length < 4) {
913 ND_TCHECK(*p);
914 ND_PRINT((ndo, "[|pap 0x%02x]", *p));
915 return;
916 }
917
918 ND_TCHECK(*p);
919 code = *p;
920 ND_PRINT((ndo, "PAP, %s (0x%02x)",
921 tok2str(papcode_values, "unknown", code),
922 code));
923 p++;
924
925 ND_TCHECK(*p);
926 ND_PRINT((ndo, ", id %u", *p)); /* ID */
927 p++;
928
929 ND_TCHECK2(*p, 2);
930 len = EXTRACT_16BITS(p);
931 p += 2;
932
933 if ((int)len > length) {
934 ND_PRINT((ndo, ", length %u > packet size", len));
935 return;
936 }
937 length = len;
938 if (length < (p - p0)) {
939 ND_PRINT((ndo, ", length %u < PAP header length", length));
940 return;
941 }
942
943 switch (code) {
944 case PAP_AREQ:
945 if (length - (p - p0) < 1)
946 return;
947 ND_TCHECK(*p);
948 peerid_len = *p; /* Peer-ID Length */
949 p++;
950 if (length - (p - p0) < peerid_len)
951 return;
952 ND_PRINT((ndo, ", Peer "));
953 for (i = 0; i < peerid_len; i++) {
954 ND_TCHECK(*p);
955 safeputchar(ndo, *p++);
956 }
957
958 if (length - (p - p0) < 1)
959 return;
960 ND_TCHECK(*p);
961 passwd_len = *p; /* Password Length */
962 p++;
963 if (length - (p - p0) < passwd_len)
964 return;
965 ND_PRINT((ndo, ", Name "));
966 for (i = 0; i < passwd_len; i++) {
967 ND_TCHECK(*p);
968 safeputchar(ndo, *p++);
969 }
970 break;
971 case PAP_AACK:
972 case PAP_ANAK:
973 if (length - (p - p0) < 1)
974 return;
975 ND_TCHECK(*p);
976 msg_len = *p; /* Msg-Length */
977 p++;
978 if (length - (p - p0) < msg_len)
979 return;
980 ND_PRINT((ndo, ", Msg "));
981 for (i = 0; i< msg_len; i++) {
982 ND_TCHECK(*p);
983 safeputchar(ndo, *p++);
984 }
985 break;
986 }
987 return;
988
989 trunc:
990 ND_PRINT((ndo, "[|pap]"));
991 }
992
993 /* BAP */
994 static void
995 handle_bap(netdissect_options *ndo _U_,
996 const u_char *p _U_, int length _U_)
997 {
998 /* XXX: to be supported!! */
999 }
1000
1001
1002 /* IPCP config options */
1003 static int
1004 print_ipcp_config_options(netdissect_options *ndo,
1005 const u_char *p, int length)
1006 {
1007 int len, opt;
1008 u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen;
1009
1010 if (length < 2)
1011 return 0;
1012 ND_TCHECK2(*p, 2);
1013 len = p[1];
1014 opt = p[0];
1015 if (length < len)
1016 return 0;
1017 if (len < 2) {
1018 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1019 tok2str(ipcpopt_values,"unknown",opt),
1020 opt,
1021 len));
1022 return 0;
1023 }
1024
1025 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1026 tok2str(ipcpopt_values,"unknown",opt),
1027 opt,
1028 len));
1029
1030 switch (opt) {
1031 case IPCPOPT_2ADDR: /* deprecated */
1032 if (len != 10) {
1033 ND_PRINT((ndo, " (length bogus, should be = 10)"));
1034 return len;
1035 }
1036 ND_TCHECK2(*(p + 6), 4);
1037 ND_PRINT((ndo, ": src %s, dst %s",
1038 ipaddr_string(ndo, p + 2),
1039 ipaddr_string(ndo, p + 6)));
1040 break;
1041 case IPCPOPT_IPCOMP:
1042 if (len < 4) {
1043 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1044 return 0;
1045 }
1046 ND_TCHECK2(*(p + 2), 2);
1047 compproto = EXTRACT_16BITS(p+2);
1048
1049 ND_PRINT((ndo, ": %s (0x%02x):",
1050 tok2str(ipcpopt_compproto_values, "Unknown", compproto),
1051 compproto));
1052
1053 switch (compproto) {
1054 case PPP_VJC:
1055 /* XXX: VJ-Comp parameters should be decoded */
1056 break;
1057 case IPCPOPT_IPCOMP_HDRCOMP:
1058 if (len < IPCPOPT_IPCOMP_MINLEN) {
1059 ND_PRINT((ndo, " (length bogus, should be >= %u)",
1060 IPCPOPT_IPCOMP_MINLEN));
1061 return 0;
1062 }
1063
1064 ND_TCHECK2(*(p + 2), IPCPOPT_IPCOMP_MINLEN);
1065 ND_PRINT((ndo, "\n\t TCP Space %u, non-TCP Space %u" \
1066 ", maxPeriod %u, maxTime %u, maxHdr %u",
1067 EXTRACT_16BITS(p+4),
1068 EXTRACT_16BITS(p+6),
1069 EXTRACT_16BITS(p+8),
1070 EXTRACT_16BITS(p+10),
1071 EXTRACT_16BITS(p+12)));
1072
1073 /* suboptions present ? */
1074 if (len > IPCPOPT_IPCOMP_MINLEN) {
1075 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN;
1076 p += IPCPOPT_IPCOMP_MINLEN;
1077
1078 ND_PRINT((ndo, "\n\t Suboptions, length %u", ipcomp_subopttotallen));
1079
1080 while (ipcomp_subopttotallen >= 2) {
1081 ND_TCHECK2(*p, 2);
1082 ipcomp_subopt = *p;
1083 ipcomp_suboptlen = *(p+1);
1084
1085 /* sanity check */
1086 if (ipcomp_subopt == 0 ||
1087 ipcomp_suboptlen == 0 )
1088 break;
1089
1090 /* XXX: just display the suboptions for now */
1091 ND_PRINT((ndo, "\n\t\t%s Suboption #%u, length %u",
1092 tok2str(ipcpopt_compproto_subopt_values,
1093 "Unknown",
1094 ipcomp_subopt),
1095 ipcomp_subopt,
1096 ipcomp_suboptlen));
1097
1098 ipcomp_subopttotallen -= ipcomp_suboptlen;
1099 p += ipcomp_suboptlen;
1100 }
1101 }
1102 break;
1103 default:
1104 break;
1105 }
1106 break;
1107
1108 case IPCPOPT_ADDR: /* those options share the same format - fall through */
1109 case IPCPOPT_MOBILE4:
1110 case IPCPOPT_PRIDNS:
1111 case IPCPOPT_PRINBNS:
1112 case IPCPOPT_SECDNS:
1113 case IPCPOPT_SECNBNS:
1114 if (len != 6) {
1115 ND_PRINT((ndo, " (length bogus, should be = 6)"));
1116 return 0;
1117 }
1118 ND_TCHECK2(*(p + 2), 4);
1119 ND_PRINT((ndo, ": %s", ipaddr_string(ndo, p + 2)));
1120 break;
1121 default:
1122 /*
1123 * Unknown option; dump it as raw bytes now if we're
1124 * not going to do so below.
1125 */
1126 if (ndo->ndo_vflag < 2)
1127 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1128 break;
1129 }
1130 if (ndo->ndo_vflag > 1)
1131 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1132 return len;
1133
1134 trunc:
1135 ND_PRINT((ndo, "[|ipcp]"));
1136 return 0;
1137 }
1138
1139 /* IP6CP config options */
1140 static int
1141 print_ip6cp_config_options(netdissect_options *ndo,
1142 const u_char *p, int length)
1143 {
1144 int len, opt;
1145
1146 if (length < 2)
1147 return 0;
1148 ND_TCHECK2(*p, 2);
1149 len = p[1];
1150 opt = p[0];
1151 if (length < len)
1152 return 0;
1153 if (len < 2) {
1154 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1155 tok2str(ip6cpopt_values,"unknown",opt),
1156 opt,
1157 len));
1158 return 0;
1159 }
1160
1161 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1162 tok2str(ip6cpopt_values,"unknown",opt),
1163 opt,
1164 len));
1165
1166 switch (opt) {
1167 case IP6CP_IFID:
1168 if (len != 10) {
1169 ND_PRINT((ndo, " (length bogus, should be = 10)"));
1170 return len;
1171 }
1172 ND_TCHECK2(*(p + 2), 8);
1173 ND_PRINT((ndo, ": %04x:%04x:%04x:%04x",
1174 EXTRACT_16BITS(p + 2),
1175 EXTRACT_16BITS(p + 4),
1176 EXTRACT_16BITS(p + 6),
1177 EXTRACT_16BITS(p + 8)));
1178 break;
1179 default:
1180 /*
1181 * Unknown option; dump it as raw bytes now if we're
1182 * not going to do so below.
1183 */
1184 if (ndo->ndo_vflag < 2)
1185 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1186 break;
1187 }
1188 if (ndo->ndo_vflag > 1)
1189 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1190
1191 return len;
1192
1193 trunc:
1194 ND_PRINT((ndo, "[|ip6cp]"));
1195 return 0;
1196 }
1197
1198
1199 /* CCP config options */
1200 static int
1201 print_ccp_config_options(netdissect_options *ndo,
1202 const u_char *p, int length)
1203 {
1204 int len, opt;
1205
1206 if (length < 2)
1207 return 0;
1208 ND_TCHECK2(*p, 2);
1209 len = p[1];
1210 opt = p[0];
1211 if (length < len)
1212 return 0;
1213 if (len < 2) {
1214 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1215 tok2str(ccpconfopts_values, "Unknown", opt),
1216 opt,
1217 len));
1218 return 0;
1219 }
1220
1221 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1222 tok2str(ccpconfopts_values, "Unknown", opt),
1223 opt,
1224 len));
1225
1226 switch (opt) {
1227 case CCPOPT_BSDCOMP:
1228 if (len < 3) {
1229 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
1230 return len;
1231 }
1232 ND_TCHECK2(*(p + 2), 1);
1233 ND_PRINT((ndo, ": Version: %u, Dictionary Bits: %u",
1234 p[2] >> 5, p[2] & 0x1f));
1235 break;
1236 case CCPOPT_MVRCA:
1237 if (len < 4) {
1238 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1239 return len;
1240 }
1241 ND_TCHECK2(*(p + 2), 1);
1242 ND_PRINT((ndo, ": Features: %u, PxP: %s, History: %u, #CTX-ID: %u",
1243 (p[2] & 0xc0) >> 6,
1244 (p[2] & 0x20) ? "Enabled" : "Disabled",
1245 p[2] & 0x1f, p[3]));
1246 break;
1247 case CCPOPT_DEFLATE:
1248 if (len < 4) {
1249 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1250 return len;
1251 }
1252 ND_TCHECK2(*(p + 2), 1);
1253 ND_PRINT((ndo, ": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u",
1254 (p[2] & 0xf0) >> 4,
1255 ((p[2] & 0x0f) == 8) ? "zlib" : "unkown",
1256 p[2] & 0x0f, (p[3] & 0xfc) >> 2, p[3] & 0x03));
1257 break;
1258
1259 /* XXX: to be supported */
1260 #if 0
1261 case CCPOPT_OUI:
1262 case CCPOPT_PRED1:
1263 case CCPOPT_PRED2:
1264 case CCPOPT_PJUMP:
1265 case CCPOPT_HPPPC:
1266 case CCPOPT_STACLZS:
1267 case CCPOPT_MPPC:
1268 case CCPOPT_GFZA:
1269 case CCPOPT_V42BIS:
1270 case CCPOPT_LZSDCP:
1271 case CCPOPT_DEC:
1272 case CCPOPT_RESV:
1273 break;
1274 #endif
1275 default:
1276 /*
1277 * Unknown option; dump it as raw bytes now if we're
1278 * not going to do so below.
1279 */
1280 if (ndo->ndo_vflag < 2)
1281 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1282 break;
1283 }
1284 if (ndo->ndo_vflag > 1)
1285 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1286
1287 return len;
1288
1289 trunc:
1290 ND_PRINT((ndo, "[|ccp]"));
1291 return 0;
1292 }
1293
1294 /* BACP config options */
1295 static int
1296 print_bacp_config_options(netdissect_options *ndo,
1297 const u_char *p, int length)
1298 {
1299 int len, opt;
1300
1301 if (length < 2)
1302 return 0;
1303 ND_TCHECK2(*p, 2);
1304 len = p[1];
1305 opt = p[0];
1306 if (length < len)
1307 return 0;
1308 if (len < 2) {
1309 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1310 tok2str(bacconfopts_values, "Unknown", opt),
1311 opt,
1312 len));
1313 return 0;
1314 }
1315
1316 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1317 tok2str(bacconfopts_values, "Unknown", opt),
1318 opt,
1319 len));
1320
1321 switch (opt) {
1322 case BACPOPT_FPEER:
1323 if (len != 6) {
1324 ND_PRINT((ndo, " (length bogus, should be = 6)"));
1325 return len;
1326 }
1327 ND_TCHECK2(*(p + 2), 4);
1328 ND_PRINT((ndo, ": Magic-Num 0x%08x", EXTRACT_32BITS(p + 2)));
1329 break;
1330 default:
1331 /*
1332 * Unknown option; dump it as raw bytes now if we're
1333 * not going to do so below.
1334 */
1335 if (ndo->ndo_vflag < 2)
1336 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1337 break;
1338 }
1339 if (ndo->ndo_vflag > 1)
1340 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1341
1342 return len;
1343
1344 trunc:
1345 ND_PRINT((ndo, "[|bacp]"));
1346 return 0;
1347 }
1348
1349 static void
1350 ppp_hdlc(netdissect_options *ndo,
1351 const u_char *p, int length)
1352 {
1353 u_char *b, *t, c;
1354 const u_char *s;
1355 int i, proto;
1356 const void *se;
1357
1358 if (length <= 0)
1359 return;
1360
1361 b = (u_char *)malloc(length);
1362 if (b == NULL)
1363 return;
1364
1365 /*
1366 * Unescape all the data into a temporary, private, buffer.
1367 * Do this so that we dont overwrite the original packet
1368 * contents.
1369 */
1370 for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) {
1371 c = *s++;
1372 if (c == 0x7d) {
1373 if (i <= 1 || !ND_TTEST(*s))
1374 break;
1375 i--;
1376 c = *s++ ^ 0x20;
1377 }
1378 *t++ = c;
1379 }
1380
1381 se = ndo->ndo_snapend;
1382 ndo->ndo_snapend = t;
1383 length = t - b;
1384
1385 /* now lets guess about the payload codepoint format */
1386 if (length < 1)
1387 goto trunc;
1388 proto = *b; /* start with a one-octet codepoint guess */
1389
1390 switch (proto) {
1391 case PPP_IP:
1392 ip_print(ndo, b + 1, length - 1);
1393 goto cleanup;
1394 case PPP_IPV6:
1395 ip6_print(ndo, b + 1, length - 1);
1396 goto cleanup;
1397 default: /* no luck - try next guess */
1398 break;
1399 }
1400
1401 if (length < 2)
1402 goto trunc;
1403 proto = EXTRACT_16BITS(b); /* next guess - load two octets */
1404
1405 switch (proto) {
1406 case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */
1407 if (length < 4)
1408 goto trunc;
1409 proto = EXTRACT_16BITS(b+2); /* load the PPP proto-id */
1410 handle_ppp(ndo, proto, b + 4, length - 4);
1411 break;
1412 default: /* last guess - proto must be a PPP proto-id */
1413 handle_ppp(ndo, proto, b + 2, length - 2);
1414 break;
1415 }
1416
1417 cleanup:
1418 ndo->ndo_snapend = se;
1419 free(b);
1420 return;
1421
1422 trunc:
1423 ndo->ndo_snapend = se;
1424 free(b);
1425 ND_PRINT((ndo, "[|ppp]"));
1426 }
1427
1428
1429 /* PPP */
1430 static void
1431 handle_ppp(netdissect_options *ndo,
1432 u_int proto, const u_char *p, int length)
1433 {
1434 if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */
1435 ppp_hdlc(ndo, p - 1, length);
1436 return;
1437 }
1438
1439 switch (proto) {
1440 case PPP_LCP: /* fall through */
1441 case PPP_IPCP:
1442 case PPP_OSICP:
1443 case PPP_MPLSCP:
1444 case PPP_IPV6CP:
1445 case PPP_CCP:
1446 case PPP_BACP:
1447 handle_ctrl_proto(ndo, proto, p, length);
1448 break;
1449 case PPP_ML:
1450 handle_mlppp(ndo, p, length);
1451 break;
1452 case PPP_CHAP:
1453 handle_chap(ndo, p, length);
1454 break;
1455 case PPP_PAP:
1456 handle_pap(ndo, p, length);
1457 break;
1458 case PPP_BAP: /* XXX: not yet completed */
1459 handle_bap(ndo, p, length);
1460 break;
1461 case ETHERTYPE_IP: /*XXX*/
1462 case PPP_VJNC:
1463 case PPP_IP:
1464 ip_print(ndo, p, length);
1465 break;
1466 case ETHERTYPE_IPV6: /*XXX*/
1467 case PPP_IPV6:
1468 ip6_print(ndo, p, length);
1469 break;
1470 case ETHERTYPE_IPX: /*XXX*/
1471 case PPP_IPX:
1472 ipx_print(ndo, p, length);
1473 break;
1474 case PPP_OSI:
1475 isoclns_print(ndo, p, length, length);
1476 break;
1477 case PPP_MPLS_UCAST:
1478 case PPP_MPLS_MCAST:
1479 mpls_print(ndo, p, length);
1480 break;
1481 case PPP_COMP:
1482 ND_PRINT((ndo, "compressed PPP data"));
1483 break;
1484 default:
1485 ND_PRINT((ndo, "%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)));
1486 print_unknown_data(ndo, p, "\n\t", length);
1487 break;
1488 }
1489 }
1490
1491 /* Standard PPP printer */
1492 u_int
1493 ppp_print(netdissect_options *ndo,
1494 register const u_char *p, u_int length)
1495 {
1496 u_int proto,ppp_header;
1497 u_int olen = length; /* _o_riginal length */
1498 u_int hdr_len = 0;
1499
1500 /*
1501 * Here, we assume that p points to the Address and Control
1502 * field (if they present).
1503 */
1504 if (length < 2)
1505 goto trunc;
1506 ND_TCHECK2(*p, 2);
1507 ppp_header = EXTRACT_16BITS(p);
1508
1509 switch(ppp_header) {
1510 case (PPP_WITHDIRECTION_IN << 8 | PPP_CONTROL):
1511 if (ndo->ndo_eflag) ND_PRINT((ndo, "In "));
1512 p += 2;
1513 length -= 2;
1514 hdr_len += 2;
1515 break;
1516 case (PPP_WITHDIRECTION_OUT << 8 | PPP_CONTROL):
1517 if (ndo->ndo_eflag) ND_PRINT((ndo, "Out "));
1518 p += 2;
1519 length -= 2;
1520 hdr_len += 2;
1521 break;
1522 case (PPP_ADDRESS << 8 | PPP_CONTROL):
1523 p += 2; /* ACFC not used */
1524 length -= 2;
1525 hdr_len += 2;
1526 break;
1527
1528 default:
1529 break;
1530 }
1531
1532 if (length < 2)
1533 goto trunc;
1534 ND_TCHECK(*p);
1535 if (*p % 2) {
1536 proto = *p; /* PFC is used */
1537 p++;
1538 length--;
1539 hdr_len++;
1540 } else {
1541 ND_TCHECK2(*p, 2);
1542 proto = EXTRACT_16BITS(p);
1543 p += 2;
1544 length -= 2;
1545 hdr_len += 2;
1546 }
1547
1548 if (ndo->ndo_eflag)
1549 ND_PRINT((ndo, "%s (0x%04x), length %u: ",
1550 tok2str(ppptype2str, "unknown", proto),
1551 proto,
1552 olen));
1553
1554 handle_ppp(ndo, proto, p, length);
1555 return (hdr_len);
1556 trunc:
1557 ND_PRINT((ndo, "[|ppp]"));
1558 return (0);
1559 }
1560
1561
1562 /* PPP I/F printer */
1563 u_int
1564 ppp_if_print(netdissect_options *ndo,
1565 const struct pcap_pkthdr *h, register const u_char *p)
1566 {
1567 register u_int length = h->len;
1568 register u_int caplen = h->caplen;
1569
1570 if (caplen < PPP_HDRLEN) {
1571 ND_PRINT((ndo, "[|ppp]"));
1572 return (caplen);
1573 }
1574
1575 #if 0
1576 /*
1577 * XXX: seems to assume that there are 2 octets prepended to an
1578 * actual PPP frame. The 1st octet looks like Input/Output flag
1579 * while 2nd octet is unknown, at least to me
1580 * (mshindo@mshindo.net).
1581 *
1582 * That was what the original tcpdump code did.
1583 *
1584 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
1585 * packets and 0 for inbound packets - but only if the
1586 * protocol field has the 0x8000 bit set (i.e., it's a network
1587 * control protocol); it does so before running the packet through
1588 * "bpf_filter" to see if it should be discarded, and to see
1589 * if we should update the time we sent the most recent packet...
1590 *
1591 * ...but it puts the original address field back after doing
1592 * so.
1593 *
1594 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
1595 *
1596 * I don't know if any PPP implementation handed up to a BPF
1597 * device packets with the first octet being 1 for outbound and
1598 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
1599 * whether that ever needs to be checked or not.
1600 *
1601 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
1602 * and its tcpdump appears to assume that the frame always
1603 * begins with an address field and a control field, and that
1604 * the address field might be 0x0f or 0x8f, for Cisco
1605 * point-to-point with HDLC framing as per section 4.3.1 of RFC
1606 * 1547, as well as 0xff, for PPP in HDLC-like framing as per
1607 * RFC 1662.
1608 *
1609 * (Is the Cisco framing in question what DLT_C_HDLC, in
1610 * BSD/OS, is?)
1611 */
1612 if (ndo->ndo_eflag)
1613 ND_PRINT((ndo, "%c %4d %02x ", p[0] ? 'O' : 'I', length, p[1]));
1614 #endif
1615
1616 ppp_print(ndo, p, length);
1617
1618 return (0);
1619 }
1620
1621 /*
1622 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
1623 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
1624 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
1625 * discard them *if* those are the first two octets, and parse the remaining
1626 * packet as a PPP packet, as "ppp_print()" does).
1627 *
1628 * This handles, for example, DLT_PPP_SERIAL in NetBSD.
1629 */
1630 u_int
1631 ppp_hdlc_if_print(netdissect_options *ndo,
1632 const struct pcap_pkthdr *h, register const u_char *p)
1633 {
1634 register u_int length = h->len;
1635 register u_int caplen = h->caplen;
1636 u_int proto;
1637 u_int hdrlen = 0;
1638
1639 if (caplen < 2) {
1640 ND_PRINT((ndo, "[|ppp]"));
1641 return (caplen);
1642 }
1643
1644 switch (p[0]) {
1645
1646 case PPP_ADDRESS:
1647 if (caplen < 4) {
1648 ND_PRINT((ndo, "[|ppp]"));
1649 return (caplen);
1650 }
1651
1652 if (ndo->ndo_eflag)
1653 ND_PRINT((ndo, "%02x %02x %d ", p[0], p[1], length));
1654 p += 2;
1655 length -= 2;
1656 hdrlen += 2;
1657
1658 proto = EXTRACT_16BITS(p);
1659 p += 2;
1660 length -= 2;
1661 hdrlen += 2;
1662 ND_PRINT((ndo, "%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)));
1663
1664 handle_ppp(ndo, proto, p, length);
1665 break;
1666
1667 case CHDLC_UNICAST:
1668 case CHDLC_BCAST:
1669 return (chdlc_if_print(ndo, h, p));
1670
1671 default:
1672 if (ndo->ndo_eflag)
1673 ND_PRINT((ndo, "%02x %02x %d ", p[0], p[1], length));
1674 p += 2;
1675 hdrlen += 2;
1676
1677 /*
1678 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
1679 * the next two octets as an Ethernet type; does that
1680 * ever happen?
1681 */
1682 ND_PRINT((ndo, "unknown addr %02x; ctrl %02x", p[0], p[1]));
1683 break;
1684 }
1685
1686 return (hdrlen);
1687 }
1688
1689 #define PPP_BSDI_HDRLEN 24
1690
1691 /* BSD/OS specific PPP printer */
1692 u_int
1693 ppp_bsdos_if_print(netdissect_options *ndo _U_,
1694 const struct pcap_pkthdr *h _U_, register const u_char *p _U_)
1695 {
1696 register int hdrlength;
1697 #ifdef __bsdi__
1698 register u_int length = h->len;
1699 register u_int caplen = h->caplen;
1700 uint16_t ptype;
1701 const u_char *q;
1702 int i;
1703
1704 if (caplen < PPP_BSDI_HDRLEN) {
1705 ND_PRINT((ndo, "[|ppp]"));
1706 return (caplen)
1707 }
1708
1709 hdrlength = 0;
1710
1711 #if 0
1712 if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) {
1713 if (ndo->ndo_eflag)
1714 ND_PRINT((ndo, "%02x %02x ", p[0], p[1]));
1715 p += 2;
1716 hdrlength = 2;
1717 }
1718
1719 if (ndo->ndo_eflag)
1720 ND_PRINT((ndo, "%d ", length));
1721 /* Retrieve the protocol type */
1722 if (*p & 01) {
1723 /* Compressed protocol field */
1724 ptype = *p;
1725 if (ndo->ndo_eflag)
1726 ND_PRINT((ndo, "%02x ", ptype));
1727 p++;
1728 hdrlength += 1;
1729 } else {
1730 /* Un-compressed protocol field */
1731 ptype = EXTRACT_16BITS(p);
1732 if (ndo->ndo_eflag)
1733 ND_PRINT((ndo, "%04x ", ptype));
1734 p += 2;
1735 hdrlength += 2;
1736 }
1737 #else
1738 ptype = 0; /*XXX*/
1739 if (ndo->ndo_eflag)
1740 ND_PRINT((ndo, "%c ", p[SLC_DIR] ? 'O' : 'I'));
1741 if (p[SLC_LLHL]) {
1742 /* link level header */
1743 struct ppp_header *ph;
1744
1745 q = p + SLC_BPFHDRLEN;
1746 ph = (struct ppp_header *)q;
1747 if (ph->phdr_addr == PPP_ADDRESS
1748 && ph->phdr_ctl == PPP_CONTROL) {
1749 if (ndo->ndo_eflag)
1750 ND_PRINT((ndo, "%02x %02x ", q[0], q[1]));
1751 ptype = EXTRACT_16BITS(&ph->phdr_type);
1752 if (ndo->ndo_eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
1753 ND_PRINT((ndo, "%s ", tok2str(ppptype2str,
1754 "proto-#%d", ptype)));
1755 }
1756 } else {
1757 if (ndo->ndo_eflag) {
1758 ND_PRINT((ndo, "LLH=["));
1759 for (i = 0; i < p[SLC_LLHL]; i++)
1760 ND_PRINT((ndo, "%02x", q[i]));
1761 ND_PRINT((ndo, "] "));
1762 }
1763 }
1764 }
1765 if (ndo->ndo_eflag)
1766 ND_PRINT((ndo, "%d ", length));
1767 if (p[SLC_CHL]) {
1768 q = p + SLC_BPFHDRLEN + p[SLC_LLHL];
1769
1770 switch (ptype) {
1771 case PPP_VJC:
1772 ptype = vjc_print(ndo, q, ptype);
1773 hdrlength = PPP_BSDI_HDRLEN;
1774 p += hdrlength;
1775 switch (ptype) {
1776 case PPP_IP:
1777 ip_print(ndo, p, length);
1778 break;
1779 case PPP_IPV6:
1780 ip6_print(ndo, p, length);
1781 break;
1782 case PPP_MPLS_UCAST:
1783 case PPP_MPLS_MCAST:
1784 mpls_print(ndo, p, length);
1785 break;
1786 }
1787 goto printx;
1788 case PPP_VJNC:
1789 ptype = vjc_print(ndo, q, ptype);
1790 hdrlength = PPP_BSDI_HDRLEN;
1791 p += hdrlength;
1792 switch (ptype) {
1793 case PPP_IP:
1794 ip_print(ndo, p, length);
1795 break;
1796 case PPP_IPV6:
1797 ip6_print(ndo, p, length);
1798 break;
1799 case PPP_MPLS_UCAST:
1800 case PPP_MPLS_MCAST:
1801 mpls_print(ndo, p, length);
1802 break;
1803 }
1804 goto printx;
1805 default:
1806 if (ndo->ndo_eflag) {
1807 ND_PRINT((ndo, "CH=["));
1808 for (i = 0; i < p[SLC_LLHL]; i++)
1809 ND_PRINT((ndo, "%02x", q[i]));
1810 ND_PRINT((ndo, "] "));
1811 }
1812 break;
1813 }
1814 }
1815
1816 hdrlength = PPP_BSDI_HDRLEN;
1817 #endif
1818
1819 length -= hdrlength;
1820 p += hdrlength;
1821
1822 switch (ptype) {
1823 case PPP_IP:
1824 ip_print(p, length);
1825 break;
1826 case PPP_IPV6:
1827 ip6_print(ndo, p, length);
1828 break;
1829 case PPP_MPLS_UCAST:
1830 case PPP_MPLS_MCAST:
1831 mpls_print(ndo, p, length);
1832 break;
1833 default:
1834 ND_PRINT((ndo, "%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype)));
1835 }
1836
1837 printx:
1838 #else /* __bsdi */
1839 hdrlength = 0;
1840 #endif /* __bsdi__ */
1841 return (hdrlength);
1842 }
1843
1844
1845 /*
1846 * Local Variables:
1847 * c-style: whitesmith
1848 * c-basic-offset: 8
1849 * End:
1850 */
[mirror] the TCPdump network dissector