]> The Tcpdump Group git mirrors - tcpdump/blob - print-cdp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
cdp: support CDP TLV 0x001a.
[tcpdump] / print-cdp.c
1 /*
2 * Copyright (c) 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Code by Gert Doering, SpaceNet GmbH, gert@space.net
22 *
23 * Reference documentation:
24 * https://web.archive.org/web/20000914194913/http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/frames.pdf
25 */
26
27 /* \summary: Cisco Discovery Protocol (CDP) printer */
28
29 #ifdef HAVE_CONFIG_H
30 #include <config.h>
31 #endif
32
33 #include "netdissect-stdinc.h"
34
35 #include <string.h>
36
37 #define ND_LONGJMP_FROM_TCHECK
38 #include "netdissect.h"
39 #include "addrtoname.h"
40 #include "extract.h"
41 #include "nlpid.h"
42
43
44 #define CDP_HEADER_LEN 4
45 #define CDP_HEADER_VERSION_OFFSET 0
46 #define CDP_HEADER_TTL_OFFSET 1
47 #define CDP_HEADER_CHECKSUM_OFFSET 2
48
49 #define CDP_TLV_HEADER_LEN 4
50 #define CDP_TLV_TYPE_OFFSET 0
51 #define CDP_TLV_LEN_OFFSET 2
52
53 static const struct tok cdp_capability_values[] = {
54 { 0x01, "Router" },
55 { 0x02, "Transparent Bridge" },
56 { 0x04, "Source Route Bridge" },
57 { 0x08, "L2 Switch" },
58 { 0x10, "L3 capable" },
59 { 0x20, "IGMP snooping" },
60 { 0x40, "L1 capable" },
61 { 0, NULL }
62 };
63
64 static void cdp_print_addr(netdissect_options *, const u_char *, u_int);
65 static void cdp_print_prefixes(netdissect_options *, const u_char *, u_int);
66
67 static void
68 cdp_print_string(netdissect_options *ndo,
69 const u_char *cp, const u_int len)
70 {
71 ND_PRINT("'");
72 nd_printjn(ndo, cp, len);
73 ND_PRINT("'");
74 }
75
76 static void
77 cdp_print_power(netdissect_options *ndo,
78 const u_char *cp, const u_int len)
79 {
80 u_int val = 0;
81
82 switch (len) {
83 case 1:
84 val = GET_U_1(cp);
85 break;
86 case 2:
87 val = GET_BE_U_2(cp);
88 break;
89 case 3:
90 val = GET_BE_U_3(cp);
91 break;
92 }
93 ND_PRINT("%1.2fW", val / 1000.0);
94 }
95
96 static void
97 cdp_print_capability(netdissect_options *ndo,
98 const u_char *cp, const u_int len _U_)
99 {
100 uint32_t val = GET_BE_U_4(cp);
101
102 ND_PRINT("(0x%08x): %s", val,
103 bittok2str(cdp_capability_values, "none", val));
104 }
105
106 /* Rework the version string to get a nice indentation. */
107 static void
108 cdp_print_version(netdissect_options *ndo,
109 const u_char *cp, const u_int len)
110 {
111 unsigned i;
112
113 ND_PRINT("\n\t ");
114 for (i = 0; i < len; i++) {
115 u_char c = GET_U_1(cp + i);
116
117 if (c == '\n')
118 ND_PRINT("\n\t ");
119 else
120 fn_print_char(ndo, c);
121 }
122 }
123
124 static void
125 cdp_print_uint16(netdissect_options *ndo,
126 const u_char *cp, const u_int len _U_)
127 {
128 ND_PRINT("%u", GET_BE_U_2(cp));
129 }
130
131 static void
132 cdp_print_duplex(netdissect_options *ndo,
133 const u_char *cp, const u_int len _U_)
134 {
135 ND_PRINT("%s", GET_U_1(cp) ? "full": "half");
136 }
137
138 /* https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cata/186/2_12_m/english/release/notes/186rn21m.html
139 * plus more details from other sources
140 *
141 * There are apparently versions of the request with both
142 * 2 bytes and 3 bytes of value. The 3 bytes of value
143 * appear to be a 1-byte application type followed by a
144 * 2-byte VLAN ID; the 2 bytes of value are unknown
145 * (they're 0x20 0x00 in some captures I've seen; that
146 * is not a valid VLAN ID, as VLAN IDs are 12 bits).
147 *
148 * The replies all appear to be 3 bytes long.
149 */
150 static void
151 cdp_print_ata186(netdissect_options *ndo,
152 const u_char *cp, const u_int len)
153 {
154 if (len == 2)
155 ND_PRINT("unknown 0x%04x", GET_BE_U_2(cp));
156 else
157 ND_PRINT("app %u, vlan %u", GET_U_1(cp), GET_BE_U_2(cp + 1));
158 }
159
160 static void
161 cdp_print_mtu(netdissect_options *ndo,
162 const u_char *cp, const u_int len _U_)
163 {
164 ND_PRINT("%u bytes", GET_BE_U_4(cp));
165 }
166
167 static void
168 cdp_print_uint8x(netdissect_options *ndo,
169 const u_char *cp, const u_int len _U_)
170 {
171 ND_PRINT("0x%02x", GET_U_1(cp));
172 }
173
174 static void
175 cdp_print_phys_loc(netdissect_options *ndo,
176 const u_char *cp, const u_int len)
177 {
178 ND_PRINT("0x%02x", GET_U_1(cp));
179 if (len > 1) {
180 ND_PRINT("/");
181 nd_printjn(ndo, cp + 1, len - 1);
182 }
183 }
184
185 static void
186 cdp_print_power_avail(netdissect_options *ndo,
187 const u_char *cp, const u_int len)
188 {
189 ND_PRINT("reqid %u, mgmtid %u", GET_BE_U_2(cp), GET_BE_U_2(cp + 2));
190 if (len > 4) {
191 const u_char *powerp;
192 u_int powerlen;
193
194 ND_PRINT(", pwravail");
195 for (powerp = cp + 4, powerlen = len - 4;
196 powerlen >= 4; powerp += 4, powerlen -= 4)
197 ND_PRINT(" %u mW", GET_BE_U_4(powerp));
198 }
199 }
200
201 typedef enum {
202 VERBOSE_OR_NOT_VERBOSE,
203 VERBOSE_ONLY
204 } when_to_print_t;
205
206 struct cdp_tlvinfo {
207 const char *name;
208 void (*printer)(netdissect_options *ndo, const u_char *, u_int);
209 when_to_print_t when_to_print;
210 int min_len, max_len;
211 };
212
213 static const struct cdp_tlvinfo cdptlvs[] = {
214 /* 0x00 */
215 [ 0x01 ] = { "Device-ID", cdp_print_string, VERBOSE_OR_NOT_VERBOSE, -1, -1 },
216 [ 0x02 ] = { "Address", cdp_print_addr, VERBOSE_ONLY, -1, -1 },
217 [ 0x03 ] = { "Port-ID", cdp_print_string, VERBOSE_ONLY, -1, -1 },
218 [ 0x04 ] = { "Capability", cdp_print_capability, VERBOSE_ONLY, 4, 4 },
219 [ 0x05 ] = { "Version String", cdp_print_version, VERBOSE_ONLY, -1, -1 },
220 [ 0x06 ] = { "Platform", cdp_print_string, VERBOSE_ONLY, -1, -1 },
221 [ 0x07 ] = { "Prefixes", cdp_print_prefixes, VERBOSE_ONLY, -1, -1 },
222 /* not documented */
223 [ 0x08 ] = { "Protocol-Hello option", NULL, VERBOSE_ONLY, -1, -1 },
224 /* CDPv2 */
225 [ 0x09 ] = { "VTP Management Domain", cdp_print_string, VERBOSE_ONLY, -1, -1 },
226 /* CDPv2 */
227 [ 0x0a ] = { "Native VLAN ID", cdp_print_uint16, VERBOSE_ONLY, 2, 2 },
228 /* CDPv2 */
229 [ 0x0b ] = { "Duplex", cdp_print_duplex, VERBOSE_ONLY, 1, 1 },
230 /* 0x0c */
231 /* 0x0d */
232 /* incomplete doc. */
233 [ 0x0e ] = { "ATA-186 VoIP VLAN assignment", cdp_print_ata186, VERBOSE_ONLY, 3, 3 },
234 /* incomplete doc. */
235 [ 0x0f ] = { "ATA-186 VoIP VLAN request", cdp_print_ata186, VERBOSE_ONLY, 2, 3 },
236 /* not documented */
237 [ 0x10 ] = { "power consumption", cdp_print_power, VERBOSE_ONLY, 1, 3 },
238 /* not documented */
239 [ 0x11 ] = { "MTU", cdp_print_mtu, VERBOSE_ONLY, 4, 4 },
240 /* not documented */
241 [ 0x12 ] = { "AVVID trust bitmap", cdp_print_uint8x, VERBOSE_ONLY, 1, 1 },
242 /* not documented */
243 [ 0x13 ] = { "AVVID untrusted ports CoS", cdp_print_uint8x, VERBOSE_ONLY, 1, 1 },
244 /* not documented */
245 [ 0x14 ] = { "System Name", cdp_print_string, VERBOSE_ONLY, -1, -1 },
246 /* not documented */
247 [ 0x15 ] = { "System Object ID (not decoded)", NULL, VERBOSE_ONLY, -1, -1 },
248 [ 0x16 ] = { "Management Addresses", cdp_print_addr, VERBOSE_ONLY, 4, -1 },
249 /* not documented */
250 [ 0x17 ] = { "Physical Location", cdp_print_phys_loc, VERBOSE_ONLY, 1, -1 },
251 /* not documented */
252 [ 0x1a ] = { "Power available", cdp_print_power_avail, VERBOSE_ONLY, 8, -1 },
253 };
254
255 #define T_MAX (sizeof cdptlvs / sizeof cdptlvs[0])
256
257 void
258 cdp_print(netdissect_options *ndo,
259 const u_char *tptr, u_int length)
260 {
261 u_int orig_length = length;
262 uint16_t checksum;
263
264 ndo->ndo_protocol = "cdp";
265
266 if (length < CDP_HEADER_LEN) {
267 ND_PRINT(" (packet length %u < %u)", length, CDP_HEADER_LEN);
268 goto invalid;
269 }
270 ND_PRINT("CDPv%u, ttl: %us",
271 GET_U_1(tptr + CDP_HEADER_VERSION_OFFSET),
272 GET_U_1(tptr + CDP_HEADER_TTL_OFFSET));
273 checksum = GET_BE_U_2(tptr + CDP_HEADER_CHECKSUM_OFFSET);
274 if (ndo->ndo_vflag)
275 ND_PRINT(", checksum: 0x%04x (unverified), length %u",
276 checksum, orig_length);
277 tptr += CDP_HEADER_LEN;
278 length -= CDP_HEADER_LEN;
279
280 while (length) {
281 u_int type, len;
282 const struct cdp_tlvinfo *info;
283 const char *name;
284 int print_if_not_verbose;
285 int covered = 0;
286
287 if (length < CDP_TLV_HEADER_LEN) {
288 ND_PRINT(" (remaining packet length %u < %u)",
289 length, CDP_TLV_HEADER_LEN);
290 goto invalid;
291 }
292 type = GET_BE_U_2(tptr + CDP_TLV_TYPE_OFFSET);
293 len = GET_BE_U_2(tptr + CDP_TLV_LEN_OFFSET); /* object length includes the 4 bytes header length */
294 info = type < T_MAX ? &cdptlvs[type] : NULL;
295 name = (info && info->name) ? info->name : "unknown field type";
296 print_if_not_verbose =
297 (info ? (info->when_to_print == VERBOSE_OR_NOT_VERBOSE) : 0);
298 if (len < CDP_TLV_HEADER_LEN) {
299 if (ndo->ndo_vflag)
300 ND_PRINT("\n\t%s (0x%02x), TLV length: %u byte%s (too short)",
301 name, type, len, PLURAL_SUFFIX(len));
302 else
303 ND_PRINT(", %s TLV length %u too short",
304 name, len);
305 goto invalid;
306 }
307 if (len > length) {
308 ND_PRINT(" (TLV length %u > %u)", len, length);
309 goto invalid;
310 }
311 tptr += CDP_TLV_HEADER_LEN;
312 length -= CDP_TLV_HEADER_LEN;
313 len -= CDP_TLV_HEADER_LEN;
314
315 if (ndo->ndo_vflag) {
316 /* Print all TLVs when in verbose mode */
317 ND_PRINT("\n\t%s (0x%02x), value length: %u byte%s: ",
318 name, type, len, PLURAL_SUFFIX(len));
319 } else {
320 /* Print only some TLVs when not in verbose mode */
321 if (print_if_not_verbose)
322 ND_PRINT(", %s ", name);
323 }
324
325 if (info) {
326 if ((info->min_len > 0 && len < (unsigned)info->min_len) ||
327 (info->max_len > 0 && len > (unsigned)info->max_len))
328 ND_PRINT(" (malformed TLV)");
329 else if (ndo->ndo_vflag || print_if_not_verbose) {
330 if (info->printer)
331 info->printer(ndo, tptr, len);
332 else
333 ND_TCHECK_LEN(tptr, len);
334 /*
335 * When the type is defined without a printer,
336 * do not print the hex dump.
337 */
338 covered = 1;
339 }
340 }
341
342 if (ndo->ndo_vflag && !covered) {
343 ND_TCHECK_LEN(tptr, len);
344 print_unknown_data(ndo, tptr, "\n\t ", len);
345 }
346 tptr += len;
347 length -= len;
348 }
349 if (ndo->ndo_vflag < 1)
350 ND_PRINT(", length %u", orig_length);
351
352 return;
353 invalid:
354 nd_print_invalid(ndo);
355 ND_TCHECK_LEN(tptr, length);
356 }
357
358 /*
359 * Protocol type values.
360 *
361 * PT_NLPID means that the protocol type field contains an OSI NLPID.
362 *
363 * PT_IEEE_802_2 means that the protocol type field contains an IEEE 802.2
364 * LLC header that specifies that the payload is for that protocol.
365 */
366 #define PT_NLPID 1 /* OSI NLPID */
367 #define PT_IEEE_802_2 2 /* IEEE 802.2 LLC header */
368
369 static void
370 cdp_print_addr(netdissect_options *ndo,
371 const u_char * p, u_int l)
372 {
373 u_int num;
374 static const u_char prot_ipv6[] = {
375 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00, 0x86, 0xdd
376 };
377
378 if (l < 4) {
379 ND_PRINT(" (not enough space for num)");
380 goto invalid;
381 }
382 num = GET_BE_U_4(p);
383 p += 4;
384 l -= 4;
385
386 while (num) {
387 u_int pt, pl, al;
388
389 if (l < 2) {
390 ND_PRINT(" (not enough space for PT+PL)");
391 goto invalid;
392 }
393 pt = GET_U_1(p); /* type of "protocol" field */
394 pl = GET_U_1(p + 1); /* length of "protocol" field */
395 p += 2;
396 l -= 2;
397
398 if (l < pl + 2) {
399 ND_PRINT(" (not enough space for P+AL)");
400 goto invalid;
401 }
402 /* Skip the protocol for now. */
403 al = GET_BE_U_2(p + pl); /* address length */
404
405 if (pt == PT_NLPID && pl == 1 && GET_U_1(p) == NLPID_IP &&
406 al == 4) {
407 /*
408 * IPv4: protocol type = NLPID, protocol length = 1
409 * (1-byte NLPID), protocol = 0xcc (NLPID for IPv4),
410 * address length = 4
411 */
412 p += pl + 2;
413 l -= pl + 2;
414 /* p is just beyond al now. */
415 if (l < al) {
416 ND_PRINT(" (not enough space for A)");
417 goto invalid;
418 }
419 ND_PRINT("IPv4 (%u) %s", num, GET_IPADDR_STRING(p));
420 p += al;
421 l -= al;
422 }
423 else if (pt == PT_IEEE_802_2 && pl == 8 &&
424 memcmp(p, prot_ipv6, 8) == 0 && al == 16) {
425 /*
426 * IPv6: protocol type = IEEE 802.2 header,
427 * protocol length = 8 (size of LLC+SNAP header),
428 * protocol = LLC+SNAP header with the IPv6
429 * Ethertype, address length = 16
430 */
431 p += pl + 2;
432 l -= pl + 2;
433 /* p is just beyond al now. */
434 if (l < al) {
435 ND_PRINT(" (not enough space for A)");
436 goto invalid;
437 }
438 ND_PRINT("IPv6 (%u) %s", num, GET_IP6ADDR_STRING(p));
439 p += al;
440 l -= al;
441 }
442 else {
443 /*
444 * Generic case: just print raw data
445 */
446 ND_PRINT("pt=0x%02x, pl=%u, pb=", pt, pl);
447 while (pl != 0) {
448 ND_PRINT(" %02x", GET_U_1(p));
449 p++;
450 l--;
451 pl--;
452 }
453 ND_PRINT(", al=%u, a=", al);
454 p += 2;
455 l -= 2;
456 /* p is just beyond al now. */
457 if (l < al) {
458 ND_PRINT(" (not enough space for A)");
459 goto invalid;
460 }
461 while (al != 0) {
462 ND_PRINT(" %02x", GET_U_1(p));
463 p++;
464 l--;
465 al--;
466 }
467 }
468 num--;
469 if (num)
470 ND_PRINT(" ");
471 }
472 if (l)
473 ND_PRINT(" (%u bytes of stray data)", l);
474 return;
475
476 invalid:
477 ND_TCHECK_LEN(p, l);
478 }
479
480 static void
481 cdp_print_prefixes(netdissect_options *ndo,
482 const u_char * p, u_int l)
483 {
484 if (l % 5) {
485 ND_PRINT(" [length %u is not a multiple of 5]", l);
486 goto invalid;
487 }
488
489 ND_PRINT(" IPv4 Prefixes (%u):", l / 5);
490
491 while (l > 0) {
492 ND_PRINT(" %u.%u.%u.%u/%u",
493 GET_U_1(p), GET_U_1(p + 1), GET_U_1(p + 2),
494 GET_U_1(p + 3), GET_U_1(p + 4));
495 l -= 5;
496 p += 5;
497 }
498 return;
499
500 invalid:
501 ND_TCHECK_LEN(p, l);
502 }
[mirror] the TCPdump network dissector