]> The Tcpdump Group git mirrors - tcpdump/blob - print-stp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Revert "Clean a bunch of fuzzed files not to fuzz the container."
[tcpdump] / print-stp.c
1 /*
2 * Copyright (c) 2000 Lennert Buytenhek
3 *
4 * This software may be distributed either under the terms of the
5 * BSD-style license that accompanies tcpdump or the GNU General
6 * Public License
7 *
8 * Contributed by Lennert Buytenhek <buytenh@gnu.org>
9 */
10
11 /* \summary: IEEE 802.1d Spanning Tree Protocol (STP) printer */
12
13 #ifdef HAVE_CONFIG_H
14 #include <config.h>
15 #endif
16
17 #include "netdissect-stdinc.h"
18
19 #include <stdio.h>
20
21 #include "netdissect.h"
22 #include "extract.h"
23
24 #define RSTP_EXTRACT_PORT_ROLE(x) (((x)&0x0C)>>2)
25 /* STP timers are expressed in multiples of 1/256th second */
26 #define STP_TIME_BASE 256
27 #define STP_BPDU_MSTP_MIN_LEN 102
28
29 struct stp_bpdu_ {
30 nd_uint16_t protocol_id;
31 nd_uint8_t protocol_version;
32 nd_uint8_t bpdu_type;
33 nd_uint8_t flags;
34 nd_byte root_id[8];
35 nd_uint32_t root_path_cost;
36 nd_byte bridge_id[8];
37 nd_uint16_t port_id;
38 nd_uint16_t message_age;
39 nd_uint16_t max_age;
40 nd_uint16_t hello_time;
41 nd_uint16_t forward_delay;
42 nd_uint8_t v1_length;
43 };
44
45 #define STP_PROTO_REGULAR 0x00
46 #define STP_PROTO_RAPID 0x02
47 #define STP_PROTO_MSTP 0x03
48 #define STP_PROTO_SPB 0x04
49
50 static const struct tok stp_proto_values[] = {
51 { STP_PROTO_REGULAR, "802.1d" },
52 { STP_PROTO_RAPID, "802.1w" },
53 { STP_PROTO_MSTP, "802.1s" },
54 { STP_PROTO_SPB, "802.1aq" },
55 { 0, NULL}
56 };
57
58 #define STP_BPDU_TYPE_CONFIG 0x00
59 #define STP_BPDU_TYPE_RSTP 0x02
60 #define STP_BPDU_TYPE_TOPO_CHANGE 0x80
61
62 static const struct tok stp_bpdu_flag_values[] = {
63 { 0x01, "Topology change" },
64 { 0x02, "Proposal" },
65 { 0x10, "Learn" },
66 { 0x20, "Forward" },
67 { 0x40, "Agreement" },
68 { 0x80, "Topology change ACK" },
69 { 0, NULL}
70 };
71
72 static const struct tok stp_bpdu_type_values[] = {
73 { STP_BPDU_TYPE_CONFIG, "Config" },
74 { STP_BPDU_TYPE_RSTP, "Rapid STP" },
75 { STP_BPDU_TYPE_TOPO_CHANGE, "Topology Change" },
76 { 0, NULL}
77 };
78
79 static const struct tok rstp_obj_port_role_values[] = {
80 { 0x00, "Unknown" },
81 { 0x01, "Alternate" },
82 { 0x02, "Root" },
83 { 0x03, "Designated" },
84 { 0, NULL}
85 };
86
87 static char *
88 stp_print_bridge_id(netdissect_options *ndo, const u_char *p)
89 {
90 static char bridge_id_str[sizeof("pppp.aa:bb:cc:dd:ee:ff")];
91
92 snprintf(bridge_id_str, sizeof(bridge_id_str),
93 "%.2x%.2x.%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",
94 GET_U_1(p), GET_U_1(p + 1), GET_U_1(p + 2),
95 GET_U_1(p + 3), GET_U_1(p + 4), GET_U_1(p + 5),
96 GET_U_1(p + 6), GET_U_1(p + 7));
97
98 return bridge_id_str;
99 }
100
101 static void
102 stp_print_config_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu,
103 u_int length)
104 {
105 uint8_t bpdu_flags;
106
107 bpdu_flags = GET_U_1(stp_bpdu->flags);
108 ND_PRINT(", Flags [%s]",
109 bittok2str(stp_bpdu_flag_values, "none", bpdu_flags));
110
111 ND_PRINT(", bridge-id %s.%04x, length %u",
112 stp_print_bridge_id(ndo, stp_bpdu->bridge_id),
113 GET_BE_U_2(stp_bpdu->port_id), length);
114
115 /* in non-verbose mode just print the bridge-id */
116 if (!ndo->ndo_vflag) {
117 return;
118 }
119
120 ND_PRINT("\n\tmessage-age %.2fs, max-age %.2fs"
121 ", hello-time %.2fs, forwarding-delay %.2fs",
122 (float) GET_BE_U_2(stp_bpdu->message_age) / STP_TIME_BASE,
123 (float) GET_BE_U_2(stp_bpdu->max_age) / STP_TIME_BASE,
124 (float) GET_BE_U_2(stp_bpdu->hello_time) / STP_TIME_BASE,
125 (float) GET_BE_U_2(stp_bpdu->forward_delay) / STP_TIME_BASE);
126
127 ND_PRINT("\n\troot-id %s, root-pathcost %u",
128 stp_print_bridge_id(ndo, stp_bpdu->root_id),
129 GET_BE_U_4(stp_bpdu->root_path_cost));
130
131 /* Port role is only valid for 802.1w */
132 if (GET_U_1(stp_bpdu->protocol_version) == STP_PROTO_RAPID) {
133 ND_PRINT(", port-role %s",
134 tok2str(rstp_obj_port_role_values, "Unknown",
135 RSTP_EXTRACT_PORT_ROLE(bpdu_flags)));
136 }
137 }
138
139 /*
140 * MSTP packet format
141 * Ref. IEEE 802.1Q 2003 Ed. Section 14
142 *
143 * MSTP BPDU
144 *
145 * 2 - bytes Protocol Id
146 * 1 - byte Protocol Ver.
147 * 1 - byte BPDU tye
148 * 1 - byte Flags
149 * 8 - bytes CIST Root Identifier
150 * 4 - bytes CIST External Path Cost
151 * 8 - bytes CIST Regional Root Identifier
152 * 2 - bytes CIST Port Identifier
153 * 2 - bytes Message Age
154 * 2 - bytes Max age
155 * 2 - bytes Hello Time
156 * 2 - bytes Forward delay
157 * 1 - byte Version 1 length. Must be 0
158 * 2 - bytes Version 3 length
159 * 1 - byte Config Identifier
160 * 32 - bytes Config Name
161 * 2 - bytes Revision level
162 * 16 - bytes Config Digest [MD5]
163 * 4 - bytes CIST Internal Root Path Cost
164 * 8 - bytes CIST Bridge Identifier
165 * 1 - byte CIST Remaining Hops
166 * 16 - bytes MSTI information [Max 64 MSTI, each 16 bytes]
167 *
168 *
169 * SPB BPDU
170 * Ref. IEEE 802.1aq. Section 14
171 *
172 * 2 - bytes Version 4 length
173 * 1 - byte Aux Config Identifier
174 * 32 - bytes Aux Config Name
175 * 2 - bytes Aux Revision level
176 * 16 - bytes Aux Config Digest [MD5]
177 * 1 - byte (1 - 2) Agreement Number
178 * (3 - 4) Discarded Agreement Number
179 * (5) Agreement Valid Flag
180 * (6) Restricted Role Flag
181 * (7 - 8) Unused sent zero
182 * 1 - byte Unused
183 * 1 - byte (1 - 4) Agreement Digest Format Identifier
184 * (5 - 8) Agreement Digest Format Capabilities
185 * 1 - byte (1 - 4) Agreement Digest Convention Identifier
186 * (5 - 8) Agreement Digest Convention Capabilities
187 * 2 - bytes Agreement Digest Edge Count
188 * 8 - byte Reserved Set
189 * 20 - bytes Computed Topology Digest
190 *
191 *
192 * MSTI Payload
193 *
194 * 1 - byte MSTI flag
195 * 8 - bytes MSTI Regional Root Identifier
196 * 4 - bytes MSTI Regional Path Cost
197 * 1 - byte MSTI Bridge Priority
198 * 1 - byte MSTI Port Priority
199 * 1 - byte MSTI Remaining Hops
200 *
201 */
202
203 #define MST_BPDU_MSTI_LENGTH 16
204 #define MST_BPDU_CONFIG_INFO_LENGTH 64
205
206 /* Offsets of fields from the beginning for the packet */
207 #define MST_BPDU_VER3_LEN_OFFSET 36
208 #define MST_BPDU_CONFIG_NAME_OFFSET 39
209 #define MST_BPDU_CONFIG_DIGEST_OFFSET 73
210 #define MST_BPDU_CIST_INT_PATH_COST_OFFSET 89
211 #define MST_BPDU_CIST_BRIDGE_ID_OFFSET 93
212 #define MST_BPDU_CIST_REMAIN_HOPS_OFFSET 101
213 #define MST_BPDU_MSTI_OFFSET 102
214 /* Offsets within an MSTI */
215 #define MST_BPDU_MSTI_ROOT_PRIO_OFFSET 1
216 #define MST_BPDU_MSTI_ROOT_PATH_COST_OFFSET 9
217 #define MST_BPDU_MSTI_BRIDGE_PRIO_OFFSET 13
218 #define MST_BPDU_MSTI_PORT_PRIO_OFFSET 14
219 #define MST_BPDU_MSTI_REMAIN_HOPS_OFFSET 15
220
221 #define SPB_BPDU_MIN_LEN 87
222 #define SPB_BPDU_CONFIG_NAME_OFFSET 3
223 #define SPB_BPDU_CONFIG_REV_OFFSET SPB_BPDU_CONFIG_NAME_OFFSET + 32
224 #define SPB_BPDU_CONFIG_DIGEST_OFFSET SPB_BPDU_CONFIG_REV_OFFSET + 2
225 #define SPB_BPDU_AGREEMENT_OFFSET SPB_BPDU_CONFIG_DIGEST_OFFSET + 16
226 #define SPB_BPDU_AGREEMENT_UNUSED_OFFSET SPB_BPDU_AGREEMENT_OFFSET + 1
227 #define SPB_BPDU_AGREEMENT_FORMAT_OFFSET SPB_BPDU_AGREEMENT_UNUSED_OFFSET + 1
228 #define SPB_BPDU_AGREEMENT_CON_OFFSET SPB_BPDU_AGREEMENT_FORMAT_OFFSET + 1
229 #define SPB_BPDU_AGREEMENT_EDGE_OFFSET SPB_BPDU_AGREEMENT_CON_OFFSET + 1
230 #define SPB_BPDU_AGREEMENT_RES1_OFFSET SPB_BPDU_AGREEMENT_EDGE_OFFSET + 2
231 #define SPB_BPDU_AGREEMENT_RES2_OFFSET SPB_BPDU_AGREEMENT_RES1_OFFSET + 4
232 #define SPB_BPDU_AGREEMENT_DIGEST_OFFSET SPB_BPDU_AGREEMENT_RES2_OFFSET + 4
233
234 static void
235 stp_print_mstp_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu,
236 u_int length)
237 {
238 const u_char *ptr;
239 uint8_t bpdu_flags;
240 uint16_t v3len;
241 uint16_t len;
242 uint16_t msti;
243 u_int offset;
244
245 ptr = (const u_char *)stp_bpdu;
246 bpdu_flags = GET_U_1(stp_bpdu->flags);
247 ND_PRINT(", CIST Flags [%s], length %u",
248 bittok2str(stp_bpdu_flag_values, "none", bpdu_flags), length);
249
250 /*
251 * in non-verbose mode just print the flags.
252 */
253 if (!ndo->ndo_vflag) {
254 return;
255 }
256
257 ND_PRINT("\n\tport-role %s, ",
258 tok2str(rstp_obj_port_role_values, "Unknown",
259 RSTP_EXTRACT_PORT_ROLE(bpdu_flags)));
260
261 ND_PRINT("CIST root-id %s, CIST ext-pathcost %u",
262 stp_print_bridge_id(ndo, stp_bpdu->root_id),
263 GET_BE_U_4(stp_bpdu->root_path_cost));
264
265 ND_PRINT("\n\tCIST regional-root-id %s, ",
266 stp_print_bridge_id(ndo, stp_bpdu->bridge_id));
267
268 ND_PRINT("CIST port-id %04x,", GET_BE_U_2(stp_bpdu->port_id));
269
270 ND_PRINT("\n\tmessage-age %.2fs, max-age %.2fs"
271 ", hello-time %.2fs, forwarding-delay %.2fs",
272 (float) GET_BE_U_2(stp_bpdu->message_age) / STP_TIME_BASE,
273 (float) GET_BE_U_2(stp_bpdu->max_age) / STP_TIME_BASE,
274 (float) GET_BE_U_2(stp_bpdu->hello_time) / STP_TIME_BASE,
275 (float) GET_BE_U_2(stp_bpdu->forward_delay) / STP_TIME_BASE);
276
277 ND_PRINT("\n\tv3len %u, ", GET_BE_U_2(ptr + MST_BPDU_VER3_LEN_OFFSET));
278 ND_PRINT("MCID Name ");
279 nd_printjnp(ndo, ptr + MST_BPDU_CONFIG_NAME_OFFSET, 32);
280 ND_PRINT(", rev %u,"
281 "\n\t\tdigest %08x%08x%08x%08x, ",
282 GET_BE_U_2(ptr + MST_BPDU_CONFIG_NAME_OFFSET + 32),
283 GET_BE_U_4(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET),
284 GET_BE_U_4(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 4),
285 GET_BE_U_4(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 8),
286 GET_BE_U_4(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 12));
287
288 ND_PRINT("CIST int-root-pathcost %u,",
289 GET_BE_U_4(ptr + MST_BPDU_CIST_INT_PATH_COST_OFFSET));
290
291 ND_PRINT("\n\tCIST bridge-id %s, ",
292 stp_print_bridge_id(ndo, ptr + MST_BPDU_CIST_BRIDGE_ID_OFFSET));
293
294 ND_PRINT("CIST remaining-hops %u",
295 GET_U_1(ptr + MST_BPDU_CIST_REMAIN_HOPS_OFFSET));
296
297 /* Dump all MSTI's */
298 v3len = GET_BE_U_2(ptr + MST_BPDU_VER3_LEN_OFFSET);
299 if (v3len > MST_BPDU_CONFIG_INFO_LENGTH) {
300 len = v3len - MST_BPDU_CONFIG_INFO_LENGTH;
301 offset = MST_BPDU_MSTI_OFFSET;
302 while (len >= MST_BPDU_MSTI_LENGTH) {
303 msti = GET_BE_U_2(ptr + offset + MST_BPDU_MSTI_ROOT_PRIO_OFFSET);
304 msti = msti & 0x0FFF;
305
306 ND_PRINT("\n\tMSTI %u, Flags [%s], port-role %s",
307 msti,
308 bittok2str(stp_bpdu_flag_values, "none", GET_U_1(ptr + offset)),
309 tok2str(rstp_obj_port_role_values, "Unknown",
310 RSTP_EXTRACT_PORT_ROLE(GET_U_1(ptr + offset))));
311 ND_PRINT("\n\t\tMSTI regional-root-id %s, pathcost %u",
312 stp_print_bridge_id(ndo, ptr + offset +
313 MST_BPDU_MSTI_ROOT_PRIO_OFFSET),
314 GET_BE_U_4(ptr + offset + MST_BPDU_MSTI_ROOT_PATH_COST_OFFSET));
315 ND_PRINT("\n\t\tMSTI bridge-prio %u, port-prio %u, hops %u",
316 GET_U_1(ptr + offset + MST_BPDU_MSTI_BRIDGE_PRIO_OFFSET) >> 4,
317 GET_U_1(ptr + offset + MST_BPDU_MSTI_PORT_PRIO_OFFSET) >> 4,
318 GET_U_1(ptr + offset + MST_BPDU_MSTI_REMAIN_HOPS_OFFSET));
319
320 len -= MST_BPDU_MSTI_LENGTH;
321 offset += MST_BPDU_MSTI_LENGTH;
322 }
323 }
324 }
325
326 static void
327 stp_print_spb_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu,
328 u_int offset)
329 {
330 const u_char *ptr;
331
332 /*
333 * in non-verbose mode don't print anything.
334 */
335 if (!ndo->ndo_vflag) {
336 return;
337 }
338
339 ptr = (const u_char *)stp_bpdu;
340
341 ND_PRINT("\n\tv4len %u, ", GET_BE_U_2(ptr + offset));
342 ND_PRINT("AUXMCID Name ");
343 nd_printjnp(ndo, ptr + offset + SPB_BPDU_CONFIG_NAME_OFFSET, 32);
344 ND_PRINT(", Rev %u,\n\t\tdigest %08x%08x%08x%08x",
345 GET_BE_U_2(ptr + offset + SPB_BPDU_CONFIG_REV_OFFSET),
346 GET_BE_U_4(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET),
347 GET_BE_U_4(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 4),
348 GET_BE_U_4(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 8),
349 GET_BE_U_4(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 12));
350
351 ND_PRINT("\n\tAgreement num %u, Discarded Agreement num %u, Agreement valid-"
352 "flag %u,\n\tRestricted role-flag: %u, Format id %u cap %u, "
353 "Convention id %u cap %u,\n\tEdge count %u, "
354 "Agreement digest %08x%08x%08x%08x%08x",
355 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_OFFSET)>>6,
356 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_OFFSET)>>4 & 0x3,
357 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_OFFSET)>>3 & 0x1,
358 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_OFFSET)>>2 & 0x1,
359 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_FORMAT_OFFSET)>>4,
360 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_FORMAT_OFFSET)&0x00ff,
361 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_CON_OFFSET)>>4,
362 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_CON_OFFSET)&0x00ff,
363 GET_BE_U_2(ptr + offset + SPB_BPDU_AGREEMENT_EDGE_OFFSET),
364 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET),
365 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET + 4),
366 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET + 8),
367 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET + 12),
368 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET + 16));
369 }
370
371 /*
372 * Print 802.1d / 802.1w / 802.1q (mstp) / 802.1aq (spb) packets.
373 */
374 void
375 stp_print(netdissect_options *ndo, const u_char *p, u_int length)
376 {
377 const struct stp_bpdu_ *stp_bpdu;
378 u_int protocol_version;
379 u_int bpdu_type;
380 u_int mstp_len;
381 u_int spb_len;
382
383 ndo->ndo_protocol = "stp";
384 stp_bpdu = (const struct stp_bpdu_*)p;
385
386 /* Minimum STP Frame size. */
387 if (length < 4)
388 goto invalid;
389
390 if (GET_BE_U_2(stp_bpdu->protocol_id)) {
391 ND_PRINT("unknown STP version, length %u", length);
392 return;
393 }
394
395 protocol_version = GET_U_1(stp_bpdu->protocol_version);
396 ND_PRINT("STP %s", tok2str(stp_proto_values, "Unknown STP protocol (0x%02x)",
397 protocol_version));
398
399 switch (protocol_version) {
400 case STP_PROTO_REGULAR:
401 case STP_PROTO_RAPID:
402 case STP_PROTO_MSTP:
403 case STP_PROTO_SPB:
404 break;
405 default:
406 return;
407 }
408
409 bpdu_type = GET_U_1(stp_bpdu->bpdu_type);
410 ND_PRINT(", %s", tok2str(stp_bpdu_type_values, "Unknown BPDU Type (0x%02x)",
411 bpdu_type));
412
413 switch (bpdu_type) {
414 case STP_BPDU_TYPE_CONFIG:
415 if (length < sizeof(struct stp_bpdu_) - 1) {
416 goto invalid;
417 }
418 stp_print_config_bpdu(ndo, stp_bpdu, length);
419 break;
420
421 case STP_BPDU_TYPE_RSTP:
422 if (protocol_version == STP_PROTO_RAPID) {
423 if (length < sizeof(struct stp_bpdu_)) {
424 goto invalid;
425 }
426 stp_print_config_bpdu(ndo, stp_bpdu, length);
427 } else if (protocol_version == STP_PROTO_MSTP ||
428 protocol_version == STP_PROTO_SPB) {
429 if (length < STP_BPDU_MSTP_MIN_LEN) {
430 goto invalid;
431 }
432
433 if (GET_U_1(stp_bpdu->v1_length) != 0) {
434 /* FIX ME: Emit a message here ? */
435 goto invalid;
436 }
437
438 /* Validate v3 length */
439 mstp_len = GET_BE_U_2(p + MST_BPDU_VER3_LEN_OFFSET);
440 mstp_len += 2; /* length encoding itself is 2 bytes */
441 if (length < (sizeof(struct stp_bpdu_) + mstp_len)) {
442 goto invalid;
443 }
444 stp_print_mstp_bpdu(ndo, stp_bpdu, length);
445
446 if (protocol_version == STP_PROTO_SPB)
447 {
448 /* Validate v4 length */
449 spb_len = GET_BE_U_2(p + MST_BPDU_VER3_LEN_OFFSET + mstp_len);
450 spb_len += 2;
451 if (length < (sizeof(struct stp_bpdu_) + mstp_len + spb_len) ||
452 spb_len < SPB_BPDU_MIN_LEN) {
453 goto invalid;
454 }
455 stp_print_spb_bpdu(ndo, stp_bpdu, (sizeof(struct stp_bpdu_) + mstp_len));
456 }
457 }
458 break;
459
460 case STP_BPDU_TYPE_TOPO_CHANGE:
461 /* always empty message - just break out */
462 break;
463
464 default:
465 break;
466 }
467 return;
468
469 invalid:
470 nd_print_invalid(ndo);
471 }
[mirror] the TCPdump network dissector