]> The Tcpdump Group git mirrors - tcpdump/blob - print-ppp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Use more the EXTRACT_8BITS() macro to fetch a one-byte value (18/n)
[tcpdump] / print-ppp.c
1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
22 * complete PPP support.
23 */
24
25 /* \summary: Point to Point Protocol (PPP) printer */
26
27 /*
28 * TODO:
29 * o resolve XXX as much as possible
30 * o MP support
31 * o BAP support
32 */
33
34 #ifdef HAVE_CONFIG_H
35 #include "config.h"
36 #endif
37
38 #include <netdissect-stdinc.h>
39
40 #ifdef __bsdi__
41 #include <net/slcompress.h>
42 #include <net/if_ppp.h>
43 #endif
44
45 #include <stdlib.h>
46
47 #include "netdissect.h"
48 #include "extract.h"
49 #include "addrtoname.h"
50 #include "ppp.h"
51 #include "chdlc.h"
52 #include "ethertype.h"
53 #include "oui.h"
54
55 /*
56 * The following constatns are defined by IANA. Please refer to
57 * http://www.isi.edu/in-notes/iana/assignments/ppp-numbers
58 * for the up-to-date information.
59 */
60
61 /* Protocol Codes defined in ppp.h */
62
63 static const struct tok ppptype2str[] = {
64 { PPP_IP, "IP" },
65 { PPP_OSI, "OSI" },
66 { PPP_NS, "NS" },
67 { PPP_DECNET, "DECNET" },
68 { PPP_APPLE, "APPLE" },
69 { PPP_IPX, "IPX" },
70 { PPP_VJC, "VJC IP" },
71 { PPP_VJNC, "VJNC IP" },
72 { PPP_BRPDU, "BRPDU" },
73 { PPP_STII, "STII" },
74 { PPP_VINES, "VINES" },
75 { PPP_MPLS_UCAST, "MPLS" },
76 { PPP_MPLS_MCAST, "MPLS" },
77 { PPP_COMP, "Compressed"},
78 { PPP_ML, "MLPPP"},
79 { PPP_IPV6, "IP6"},
80
81 { PPP_HELLO, "HELLO" },
82 { PPP_LUXCOM, "LUXCOM" },
83 { PPP_SNS, "SNS" },
84 { PPP_IPCP, "IPCP" },
85 { PPP_OSICP, "OSICP" },
86 { PPP_NSCP, "NSCP" },
87 { PPP_DECNETCP, "DECNETCP" },
88 { PPP_APPLECP, "APPLECP" },
89 { PPP_IPXCP, "IPXCP" },
90 { PPP_STIICP, "STIICP" },
91 { PPP_VINESCP, "VINESCP" },
92 { PPP_IPV6CP, "IP6CP" },
93 { PPP_MPLSCP, "MPLSCP" },
94
95 { PPP_LCP, "LCP" },
96 { PPP_PAP, "PAP" },
97 { PPP_LQM, "LQM" },
98 { PPP_CHAP, "CHAP" },
99 { PPP_EAP, "EAP" },
100 { PPP_SPAP, "SPAP" },
101 { PPP_SPAP_OLD, "Old-SPAP" },
102 { PPP_BACP, "BACP" },
103 { PPP_BAP, "BAP" },
104 { PPP_MPCP, "MLPPP-CP" },
105 { PPP_CCP, "CCP" },
106 { 0, NULL }
107 };
108
109 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
110
111 #define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */
112 #define CPCODES_CONF_REQ 1 /* Configure-Request */
113 #define CPCODES_CONF_ACK 2 /* Configure-Ack */
114 #define CPCODES_CONF_NAK 3 /* Configure-Nak */
115 #define CPCODES_CONF_REJ 4 /* Configure-Reject */
116 #define CPCODES_TERM_REQ 5 /* Terminate-Request */
117 #define CPCODES_TERM_ACK 6 /* Terminate-Ack */
118 #define CPCODES_CODE_REJ 7 /* Code-Reject */
119 #define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */
120 #define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */
121 #define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */
122 #define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */
123 #define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */
124 #define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */
125 #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */
126 #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */
127
128 static const struct tok cpcodes[] = {
129 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */
130 {CPCODES_CONF_REQ, "Conf-Request"},
131 {CPCODES_CONF_ACK, "Conf-Ack"},
132 {CPCODES_CONF_NAK, "Conf-Nack"},
133 {CPCODES_CONF_REJ, "Conf-Reject"},
134 {CPCODES_TERM_REQ, "Term-Request"},
135 {CPCODES_TERM_ACK, "Term-Ack"},
136 {CPCODES_CODE_REJ, "Code-Reject"},
137 {CPCODES_PROT_REJ, "Prot-Reject"},
138 {CPCODES_ECHO_REQ, "Echo-Request"},
139 {CPCODES_ECHO_RPL, "Echo-Reply"},
140 {CPCODES_DISC_REQ, "Disc-Req"},
141 {CPCODES_ID, "Ident"}, /* RFC1570 */
142 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */
143 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */
144 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */
145 {0, NULL}
146 };
147
148 /* LCP Config Options */
149
150 #define LCPOPT_VEXT 0
151 #define LCPOPT_MRU 1
152 #define LCPOPT_ACCM 2
153 #define LCPOPT_AP 3
154 #define LCPOPT_QP 4
155 #define LCPOPT_MN 5
156 #define LCPOPT_DEP6 6
157 #define LCPOPT_PFC 7
158 #define LCPOPT_ACFC 8
159 #define LCPOPT_FCSALT 9
160 #define LCPOPT_SDP 10
161 #define LCPOPT_NUMMODE 11
162 #define LCPOPT_DEP12 12
163 #define LCPOPT_CBACK 13
164 #define LCPOPT_DEP14 14
165 #define LCPOPT_DEP15 15
166 #define LCPOPT_DEP16 16
167 #define LCPOPT_MLMRRU 17
168 #define LCPOPT_MLSSNHF 18
169 #define LCPOPT_MLED 19
170 #define LCPOPT_PROP 20
171 #define LCPOPT_DCEID 21
172 #define LCPOPT_MPP 22
173 #define LCPOPT_LD 23
174 #define LCPOPT_LCPAOPT 24
175 #define LCPOPT_COBS 25
176 #define LCPOPT_PE 26
177 #define LCPOPT_MLHF 27
178 #define LCPOPT_I18N 28
179 #define LCPOPT_SDLOS 29
180 #define LCPOPT_PPPMUX 30
181
182 #define LCPOPT_MIN LCPOPT_VEXT
183 #define LCPOPT_MAX LCPOPT_PPPMUX
184
185 static const char *lcpconfopts[] = {
186 "Vend-Ext", /* (0) */
187 "MRU", /* (1) */
188 "ACCM", /* (2) */
189 "Auth-Prot", /* (3) */
190 "Qual-Prot", /* (4) */
191 "Magic-Num", /* (5) */
192 "deprecated(6)", /* used to be a Quality Protocol */
193 "PFC", /* (7) */
194 "ACFC", /* (8) */
195 "FCS-Alt", /* (9) */
196 "SDP", /* (10) */
197 "Num-Mode", /* (11) */
198 "deprecated(12)", /* used to be a Multi-Link-Procedure*/
199 "Call-Back", /* (13) */
200 "deprecated(14)", /* used to be a Connect-Time */
201 "deprecated(15)", /* used to be a Compund-Frames */
202 "deprecated(16)", /* used to be a Nominal-Data-Encap */
203 "MRRU", /* (17) */
204 "12-Bit seq #", /* (18) */
205 "End-Disc", /* (19) */
206 "Proprietary", /* (20) */
207 "DCE-Id", /* (21) */
208 "MP+", /* (22) */
209 "Link-Disc", /* (23) */
210 "LCP-Auth-Opt", /* (24) */
211 "COBS", /* (25) */
212 "Prefix-elision", /* (26) */
213 "Multilink-header-Form",/* (27) */
214 "I18N", /* (28) */
215 "SDL-over-SONET/SDH", /* (29) */
216 "PPP-Muxing", /* (30) */
217 };
218
219 /* ECP - to be supported */
220
221 /* CCP Config Options */
222
223 #define CCPOPT_OUI 0 /* RFC1962 */
224 #define CCPOPT_PRED1 1 /* RFC1962 */
225 #define CCPOPT_PRED2 2 /* RFC1962 */
226 #define CCPOPT_PJUMP 3 /* RFC1962 */
227 /* 4-15 unassigned */
228 #define CCPOPT_HPPPC 16 /* RFC1962 */
229 #define CCPOPT_STACLZS 17 /* RFC1974 */
230 #define CCPOPT_MPPC 18 /* RFC2118 */
231 #define CCPOPT_GFZA 19 /* RFC1962 */
232 #define CCPOPT_V42BIS 20 /* RFC1962 */
233 #define CCPOPT_BSDCOMP 21 /* RFC1977 */
234 /* 22 unassigned */
235 #define CCPOPT_LZSDCP 23 /* RFC1967 */
236 #define CCPOPT_MVRCA 24 /* RFC1975 */
237 #define CCPOPT_DEC 25 /* RFC1976 */
238 #define CCPOPT_DEFLATE 26 /* RFC1979 */
239 /* 27-254 unassigned */
240 #define CCPOPT_RESV 255 /* RFC1962 */
241
242 static const struct tok ccpconfopts_values[] = {
243 { CCPOPT_OUI, "OUI" },
244 { CCPOPT_PRED1, "Pred-1" },
245 { CCPOPT_PRED2, "Pred-2" },
246 { CCPOPT_PJUMP, "Puddle" },
247 { CCPOPT_HPPPC, "HP-PPC" },
248 { CCPOPT_STACLZS, "Stac-LZS" },
249 { CCPOPT_MPPC, "MPPC" },
250 { CCPOPT_GFZA, "Gand-FZA" },
251 { CCPOPT_V42BIS, "V.42bis" },
252 { CCPOPT_BSDCOMP, "BSD-Comp" },
253 { CCPOPT_LZSDCP, "LZS-DCP" },
254 { CCPOPT_MVRCA, "MVRCA" },
255 { CCPOPT_DEC, "DEC" },
256 { CCPOPT_DEFLATE, "Deflate" },
257 { CCPOPT_RESV, "Reserved"},
258 {0, NULL}
259 };
260
261 /* BACP Config Options */
262
263 #define BACPOPT_FPEER 1 /* RFC2125 */
264
265 static const struct tok bacconfopts_values[] = {
266 { BACPOPT_FPEER, "Favored-Peer" },
267 {0, NULL}
268 };
269
270
271 /* SDCP - to be supported */
272
273 /* IPCP Config Options */
274 #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
275 #define IPCPOPT_IPCOMP 2 /* RFC1332 */
276 #define IPCPOPT_ADDR 3 /* RFC1332 */
277 #define IPCPOPT_MOBILE4 4 /* RFC2290 */
278 #define IPCPOPT_PRIDNS 129 /* RFC1877 */
279 #define IPCPOPT_PRINBNS 130 /* RFC1877 */
280 #define IPCPOPT_SECDNS 131 /* RFC1877 */
281 #define IPCPOPT_SECNBNS 132 /* RFC1877 */
282
283 static const struct tok ipcpopt_values[] = {
284 { IPCPOPT_2ADDR, "IP-Addrs" },
285 { IPCPOPT_IPCOMP, "IP-Comp" },
286 { IPCPOPT_ADDR, "IP-Addr" },
287 { IPCPOPT_MOBILE4, "Home-Addr" },
288 { IPCPOPT_PRIDNS, "Pri-DNS" },
289 { IPCPOPT_PRINBNS, "Pri-NBNS" },
290 { IPCPOPT_SECDNS, "Sec-DNS" },
291 { IPCPOPT_SECNBNS, "Sec-NBNS" },
292 { 0, NULL }
293 };
294
295 #define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */
296 #define IPCPOPT_IPCOMP_MINLEN 14
297
298 static const struct tok ipcpopt_compproto_values[] = {
299 { PPP_VJC, "VJ-Comp" },
300 { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" },
301 { 0, NULL }
302 };
303
304 static const struct tok ipcpopt_compproto_subopt_values[] = {
305 { 1, "RTP-Compression" },
306 { 2, "Enhanced RTP-Compression" },
307 { 0, NULL }
308 };
309
310 /* IP6CP Config Options */
311 #define IP6CP_IFID 1
312
313 static const struct tok ip6cpopt_values[] = {
314 { IP6CP_IFID, "Interface-ID" },
315 { 0, NULL }
316 };
317
318 /* ATCP - to be supported */
319 /* OSINLCP - to be supported */
320 /* BVCP - to be supported */
321 /* BCP - to be supported */
322 /* IPXCP - to be supported */
323 /* MPLSCP - to be supported */
324
325 /* Auth Algorithms */
326
327 /* 0-4 Reserved (RFC1994) */
328 #define AUTHALG_CHAPMD5 5 /* RFC1994 */
329 #define AUTHALG_MSCHAP1 128 /* RFC2433 */
330 #define AUTHALG_MSCHAP2 129 /* RFC2795 */
331
332 static const struct tok authalg_values[] = {
333 { AUTHALG_CHAPMD5, "MD5" },
334 { AUTHALG_MSCHAP1, "MS-CHAPv1" },
335 { AUTHALG_MSCHAP2, "MS-CHAPv2" },
336 { 0, NULL }
337 };
338
339 /* FCS Alternatives - to be supported */
340
341 /* Multilink Endpoint Discriminator (RFC1717) */
342 #define MEDCLASS_NULL 0 /* Null Class */
343 #define MEDCLASS_LOCAL 1 /* Locally Assigned */
344 #define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */
345 #define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */
346 #define MEDCLASS_MNB 4 /* PPP Magic Number Block */
347 #define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */
348
349 /* PPP LCP Callback */
350 #define CALLBACK_AUTH 0 /* Location determined by user auth */
351 #define CALLBACK_DSTR 1 /* Dialing string */
352 #define CALLBACK_LID 2 /* Location identifier */
353 #define CALLBACK_E164 3 /* E.164 number */
354 #define CALLBACK_X500 4 /* X.500 distinguished name */
355 #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */
356
357 static const struct tok ppp_callback_values[] = {
358 { CALLBACK_AUTH, "UserAuth" },
359 { CALLBACK_DSTR, "DialString" },
360 { CALLBACK_LID, "LocalID" },
361 { CALLBACK_E164, "E.164" },
362 { CALLBACK_X500, "X.500" },
363 { CALLBACK_CBCP, "CBCP" },
364 { 0, NULL }
365 };
366
367 /* CHAP */
368
369 #define CHAP_CHAL 1
370 #define CHAP_RESP 2
371 #define CHAP_SUCC 3
372 #define CHAP_FAIL 4
373
374 static const struct tok chapcode_values[] = {
375 { CHAP_CHAL, "Challenge" },
376 { CHAP_RESP, "Response" },
377 { CHAP_SUCC, "Success" },
378 { CHAP_FAIL, "Fail" },
379 { 0, NULL}
380 };
381
382 /* PAP */
383
384 #define PAP_AREQ 1
385 #define PAP_AACK 2
386 #define PAP_ANAK 3
387
388 static const struct tok papcode_values[] = {
389 { PAP_AREQ, "Auth-Req" },
390 { PAP_AACK, "Auth-ACK" },
391 { PAP_ANAK, "Auth-NACK" },
392 { 0, NULL }
393 };
394
395 /* BAP */
396 #define BAP_CALLREQ 1
397 #define BAP_CALLRES 2
398 #define BAP_CBREQ 3
399 #define BAP_CBRES 4
400 #define BAP_LDQREQ 5
401 #define BAP_LDQRES 6
402 #define BAP_CSIND 7
403 #define BAP_CSRES 8
404
405 static int print_lcp_config_options(netdissect_options *, const u_char *p, int);
406 static int print_ipcp_config_options(netdissect_options *, const u_char *p, int);
407 static int print_ip6cp_config_options(netdissect_options *, const u_char *p, int);
408 static int print_ccp_config_options(netdissect_options *, const u_char *p, int);
409 static int print_bacp_config_options(netdissect_options *, const u_char *p, int);
410 static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, int length);
411
412 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
413 static void
414 handle_ctrl_proto(netdissect_options *ndo,
415 u_int proto, const u_char *pptr, int length)
416 {
417 const char *typestr;
418 u_int code, len;
419 int (*pfunc)(netdissect_options *, const u_char *, int);
420 int x, j;
421 const u_char *tptr;
422
423 tptr=pptr;
424
425 typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
426 ND_PRINT((ndo, "%s, ", typestr));
427
428 if (length < 4) /* FIXME weak boundary checking */
429 goto trunc;
430 ND_TCHECK2(*tptr, 2);
431
432 code = EXTRACT_8BITS(tptr);
433 tptr++;
434
435 ND_PRINT((ndo, "%s (0x%02x), id %u, length %u",
436 tok2str(cpcodes, "Unknown Opcode",code),
437 code,
438 EXTRACT_8BITS(tptr), /* ID */
439 length + 2));
440 tptr++;
441
442 if (!ndo->ndo_vflag)
443 return;
444
445 if (length <= 4)
446 return; /* there may be a NULL confreq etc. */
447
448 ND_TCHECK2(*tptr, 2);
449 len = EXTRACT_BE_16BITS(tptr);
450 tptr += 2;
451
452 ND_PRINT((ndo, "\n\tencoded length %u (=Option(s) length %u)", len, len - 4));
453
454 if (ndo->ndo_vflag > 1)
455 print_unknown_data(ndo, pptr - 2, "\n\t", 6);
456
457
458 switch (code) {
459 case CPCODES_VEXT:
460 if (length < 11)
461 break;
462 ND_TCHECK2(*tptr, 4);
463 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_BE_32BITS(tptr)));
464 tptr += 4;
465 ND_TCHECK2(*tptr, 3);
466 ND_PRINT((ndo, " Vendor: %s (%u)",
467 tok2str(oui_values,"Unknown",EXTRACT_BE_24BITS(tptr)),
468 EXTRACT_BE_24BITS(tptr)));
469 /* XXX: need to decode Kind and Value(s)? */
470 break;
471 case CPCODES_CONF_REQ:
472 case CPCODES_CONF_ACK:
473 case CPCODES_CONF_NAK:
474 case CPCODES_CONF_REJ:
475 x = len - 4; /* Code(1), Identifier(1) and Length(2) */
476 do {
477 switch (proto) {
478 case PPP_LCP:
479 pfunc = print_lcp_config_options;
480 break;
481 case PPP_IPCP:
482 pfunc = print_ipcp_config_options;
483 break;
484 case PPP_IPV6CP:
485 pfunc = print_ip6cp_config_options;
486 break;
487 case PPP_CCP:
488 pfunc = print_ccp_config_options;
489 break;
490 case PPP_BACP:
491 pfunc = print_bacp_config_options;
492 break;
493 default:
494 /*
495 * No print routine for the options for
496 * this protocol.
497 */
498 pfunc = NULL;
499 break;
500 }
501
502 if (pfunc == NULL) /* catch the above null pointer if unknown CP */
503 break;
504
505 if ((j = (*pfunc)(ndo, tptr, len)) == 0)
506 break;
507 x -= j;
508 tptr += j;
509 } while (x > 0);
510 break;
511
512 case CPCODES_TERM_REQ:
513 case CPCODES_TERM_ACK:
514 /* XXX: need to decode Data? */
515 break;
516 case CPCODES_CODE_REJ:
517 /* XXX: need to decode Rejected-Packet? */
518 break;
519 case CPCODES_PROT_REJ:
520 if (length < 6)
521 break;
522 ND_TCHECK2(*tptr, 2);
523 ND_PRINT((ndo, "\n\t Rejected %s Protocol (0x%04x)",
524 tok2str(ppptype2str,"unknown", EXTRACT_BE_16BITS(tptr)),
525 EXTRACT_BE_16BITS(tptr)));
526 /* XXX: need to decode Rejected-Information? - hexdump for now */
527 if (len > 6) {
528 ND_PRINT((ndo, "\n\t Rejected Packet"));
529 print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2);
530 }
531 break;
532 case CPCODES_ECHO_REQ:
533 case CPCODES_ECHO_RPL:
534 case CPCODES_DISC_REQ:
535 if (length < 8)
536 break;
537 ND_TCHECK2(*tptr, 4);
538 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_BE_32BITS(tptr)));
539 /* XXX: need to decode Data? - hexdump for now */
540 if (len > 8) {
541 ND_PRINT((ndo, "\n\t -----trailing data-----"));
542 ND_TCHECK2(tptr[4], len - 8);
543 print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8);
544 }
545 break;
546 case CPCODES_ID:
547 if (length < 8)
548 break;
549 ND_TCHECK2(*tptr, 4);
550 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_BE_32BITS(tptr)));
551 /* RFC 1661 says this is intended to be human readable */
552 if (len > 8) {
553 ND_PRINT((ndo, "\n\t Message\n\t "));
554 if (fn_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend))
555 goto trunc;
556 }
557 break;
558 case CPCODES_TIME_REM:
559 if (length < 12)
560 break;
561 ND_TCHECK2(*tptr, 4);
562 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_BE_32BITS(tptr)));
563 ND_TCHECK2(*(tptr + 4), 4);
564 ND_PRINT((ndo, ", Seconds-Remaining %us", EXTRACT_BE_32BITS(tptr + 4)));
565 /* XXX: need to decode Message? */
566 break;
567 default:
568 /* XXX this is dirty but we do not get the
569 * original pointer passed to the begin
570 * the PPP packet */
571 if (ndo->ndo_vflag <= 1)
572 print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2);
573 break;
574 }
575 return;
576
577 trunc:
578 ND_PRINT((ndo, "[|%s]", typestr));
579 }
580
581 /* LCP config options */
582 static int
583 print_lcp_config_options(netdissect_options *ndo,
584 const u_char *p, int length)
585 {
586 int len, opt;
587
588 if (length < 2)
589 return 0;
590 ND_TCHECK2(*p, 2);
591 len = p[1];
592 opt = p[0];
593 if (length < len)
594 return 0;
595 if (len < 2) {
596 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
597 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
598 lcpconfopts[opt], opt, len));
599 else
600 ND_PRINT((ndo, "\n\tunknown LCP option 0x%02x", opt));
601 return 0;
602 }
603 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
604 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len));
605 else {
606 ND_PRINT((ndo, "\n\tunknown LCP option 0x%02x", opt));
607 return len;
608 }
609
610 switch (opt) {
611 case LCPOPT_VEXT:
612 if (len < 6) {
613 ND_PRINT((ndo, " (length bogus, should be >= 6)"));
614 return len;
615 }
616 ND_TCHECK_24BITS(p + 2);
617 ND_PRINT((ndo, ": Vendor: %s (%u)",
618 tok2str(oui_values,"Unknown",EXTRACT_BE_24BITS(p + 2)),
619 EXTRACT_BE_24BITS(p + 2)));
620 #if 0
621 ND_TCHECK(p[5]);
622 ND_PRINT((ndo, ", kind: 0x%02x", p[5]));
623 ND_PRINT((ndo, ", Value: 0x"));
624 for (i = 0; i < len - 6; i++) {
625 ND_TCHECK(p[6 + i]);
626 ND_PRINT((ndo, "%02x", p[6 + i]));
627 }
628 #endif
629 break;
630 case LCPOPT_MRU:
631 if (len != 4) {
632 ND_PRINT((ndo, " (length bogus, should be = 4)"));
633 return len;
634 }
635 ND_TCHECK_16BITS(p + 2);
636 ND_PRINT((ndo, ": %u", EXTRACT_BE_16BITS(p + 2)));
637 break;
638 case LCPOPT_ACCM:
639 if (len != 6) {
640 ND_PRINT((ndo, " (length bogus, should be = 6)"));
641 return len;
642 }
643 ND_TCHECK_32BITS(p + 2);
644 ND_PRINT((ndo, ": 0x%08x", EXTRACT_BE_32BITS(p + 2)));
645 break;
646 case LCPOPT_AP:
647 if (len < 4) {
648 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
649 return len;
650 }
651 ND_TCHECK_16BITS(p + 2);
652 ND_PRINT((ndo, ": %s", tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", EXTRACT_BE_16BITS(p + 2))));
653
654 switch (EXTRACT_BE_16BITS(p + 2)) {
655 case PPP_CHAP:
656 ND_TCHECK(p[4]);
657 ND_PRINT((ndo, ", %s", tok2str(authalg_values, "Unknown Auth Alg %u", p[4])));
658 break;
659 case PPP_PAP: /* fall through */
660 case PPP_EAP:
661 case PPP_SPAP:
662 case PPP_SPAP_OLD:
663 break;
664 default:
665 print_unknown_data(ndo, p, "\n\t", len);
666 }
667 break;
668 case LCPOPT_QP:
669 if (len < 4) {
670 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
671 return 0;
672 }
673 ND_TCHECK_16BITS(p+2);
674 if (EXTRACT_BE_16BITS(p + 2) == PPP_LQM)
675 ND_PRINT((ndo, ": LQR"));
676 else
677 ND_PRINT((ndo, ": unknown"));
678 break;
679 case LCPOPT_MN:
680 if (len != 6) {
681 ND_PRINT((ndo, " (length bogus, should be = 6)"));
682 return 0;
683 }
684 ND_TCHECK_32BITS(p + 2);
685 ND_PRINT((ndo, ": 0x%08x", EXTRACT_BE_32BITS(p + 2)));
686 break;
687 case LCPOPT_PFC:
688 break;
689 case LCPOPT_ACFC:
690 break;
691 case LCPOPT_LD:
692 if (len != 4) {
693 ND_PRINT((ndo, " (length bogus, should be = 4)"));
694 return 0;
695 }
696 ND_TCHECK_16BITS(p + 2);
697 ND_PRINT((ndo, ": 0x%04x", EXTRACT_BE_16BITS(p + 2)));
698 break;
699 case LCPOPT_CBACK:
700 if (len < 3) {
701 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
702 return 0;
703 }
704 ND_PRINT((ndo, ": "));
705 ND_TCHECK(p[2]);
706 ND_PRINT((ndo, ": Callback Operation %s (%u)",
707 tok2str(ppp_callback_values, "Unknown", p[2]),
708 p[2]));
709 break;
710 case LCPOPT_MLMRRU:
711 if (len != 4) {
712 ND_PRINT((ndo, " (length bogus, should be = 4)"));
713 return 0;
714 }
715 ND_TCHECK_16BITS(p + 2);
716 ND_PRINT((ndo, ": %u", EXTRACT_BE_16BITS(p + 2)));
717 break;
718 case LCPOPT_MLED:
719 if (len < 3) {
720 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
721 return 0;
722 }
723 ND_TCHECK(p[2]);
724 switch (p[2]) { /* class */
725 case MEDCLASS_NULL:
726 ND_PRINT((ndo, ": Null"));
727 break;
728 case MEDCLASS_LOCAL:
729 ND_PRINT((ndo, ": Local")); /* XXX */
730 break;
731 case MEDCLASS_IPV4:
732 if (len != 7) {
733 ND_PRINT((ndo, " (length bogus, should be = 7)"));
734 return 0;
735 }
736 ND_TCHECK2(*(p + 3), 4);
737 ND_PRINT((ndo, ": IPv4 %s", ipaddr_string(ndo, p + 3)));
738 break;
739 case MEDCLASS_MAC:
740 if (len != 9) {
741 ND_PRINT((ndo, " (length bogus, should be = 9)"));
742 return 0;
743 }
744 ND_TCHECK2(*(p + 3), 6);
745 ND_PRINT((ndo, ": MAC %s", etheraddr_string(ndo, p + 3)));
746 break;
747 case MEDCLASS_MNB:
748 ND_PRINT((ndo, ": Magic-Num-Block")); /* XXX */
749 break;
750 case MEDCLASS_PSNDN:
751 ND_PRINT((ndo, ": PSNDN")); /* XXX */
752 break;
753 default:
754 ND_PRINT((ndo, ": Unknown class %u", p[2]));
755 break;
756 }
757 break;
758
759 /* XXX: to be supported */
760 #if 0
761 case LCPOPT_DEP6:
762 case LCPOPT_FCSALT:
763 case LCPOPT_SDP:
764 case LCPOPT_NUMMODE:
765 case LCPOPT_DEP12:
766 case LCPOPT_DEP14:
767 case LCPOPT_DEP15:
768 case LCPOPT_DEP16:
769 case LCPOPT_MLSSNHF:
770 case LCPOPT_PROP:
771 case LCPOPT_DCEID:
772 case LCPOPT_MPP:
773 case LCPOPT_LCPAOPT:
774 case LCPOPT_COBS:
775 case LCPOPT_PE:
776 case LCPOPT_MLHF:
777 case LCPOPT_I18N:
778 case LCPOPT_SDLOS:
779 case LCPOPT_PPPMUX:
780 break;
781 #endif
782 default:
783 /*
784 * Unknown option; dump it as raw bytes now if we're
785 * not going to do so below.
786 */
787 if (ndo->ndo_vflag < 2)
788 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
789 break;
790 }
791
792 if (ndo->ndo_vflag > 1)
793 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
794
795 return len;
796
797 trunc:
798 ND_PRINT((ndo, "[|lcp]"));
799 return 0;
800 }
801
802 /* ML-PPP*/
803 static const struct tok ppp_ml_flag_values[] = {
804 { 0x80, "begin" },
805 { 0x40, "end" },
806 { 0, NULL }
807 };
808
809 static void
810 handle_mlppp(netdissect_options *ndo,
811 const u_char *p, int length)
812 {
813 if (!ndo->ndo_eflag)
814 ND_PRINT((ndo, "MLPPP, "));
815
816 if (length < 2) {
817 ND_PRINT((ndo, "[|mlppp]"));
818 return;
819 }
820 if (!ND_TTEST_16BITS(p)) {
821 ND_PRINT((ndo, "[|mlppp]"));
822 return;
823 }
824
825 ND_PRINT((ndo, "seq 0x%03x, Flags [%s], length %u",
826 (EXTRACT_BE_16BITS(p))&0x0fff, /* only support 12-Bit sequence space for now */
827 bittok2str(ppp_ml_flag_values, "none", EXTRACT_8BITS(p) & 0xc0),
828 length));
829 }
830
831 /* CHAP */
832 static void
833 handle_chap(netdissect_options *ndo,
834 const u_char *p, int length)
835 {
836 u_int code, len;
837 int val_size, name_size, msg_size;
838 const u_char *p0;
839 int i;
840
841 p0 = p;
842 if (length < 1) {
843 ND_PRINT((ndo, "[|chap]"));
844 return;
845 } else if (length < 4) {
846 ND_TCHECK(*p);
847 ND_PRINT((ndo, "[|chap 0x%02x]", *p));
848 return;
849 }
850
851 ND_TCHECK(*p);
852 code = *p;
853 ND_PRINT((ndo, "CHAP, %s (0x%02x)",
854 tok2str(chapcode_values,"unknown",code),
855 code));
856 p++;
857
858 ND_TCHECK(*p);
859 ND_PRINT((ndo, ", id %u", *p)); /* ID */
860 p++;
861
862 ND_TCHECK2(*p, 2);
863 len = EXTRACT_BE_16BITS(p);
864 p += 2;
865
866 /*
867 * Note that this is a generic CHAP decoding routine. Since we
868 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
869 * MS-CHAPv2) is used at this point, we can't decode packet
870 * specifically to each algorithms. Instead, we simply decode
871 * the GCD (Gratest Common Denominator) for all algorithms.
872 */
873 switch (code) {
874 case CHAP_CHAL:
875 case CHAP_RESP:
876 if (length - (p - p0) < 1)
877 return;
878 ND_TCHECK(*p);
879 val_size = *p; /* value size */
880 p++;
881 if (length - (p - p0) < val_size)
882 return;
883 ND_PRINT((ndo, ", Value "));
884 for (i = 0; i < val_size; i++) {
885 ND_TCHECK(*p);
886 ND_PRINT((ndo, "%02x", *p++));
887 }
888 name_size = len - (p - p0);
889 ND_PRINT((ndo, ", Name "));
890 for (i = 0; i < name_size; i++) {
891 ND_TCHECK(*p);
892 safeputchar(ndo, *p++);
893 }
894 break;
895 case CHAP_SUCC:
896 case CHAP_FAIL:
897 msg_size = len - (p - p0);
898 ND_PRINT((ndo, ", Msg "));
899 for (i = 0; i< msg_size; i++) {
900 ND_TCHECK(*p);
901 safeputchar(ndo, *p++);
902 }
903 break;
904 }
905 return;
906
907 trunc:
908 ND_PRINT((ndo, "[|chap]"));
909 }
910
911 /* PAP (see RFC 1334) */
912 static void
913 handle_pap(netdissect_options *ndo,
914 const u_char *p, int length)
915 {
916 u_int code, len;
917 int peerid_len, passwd_len, msg_len;
918 const u_char *p0;
919 int i;
920
921 p0 = p;
922 if (length < 1) {
923 ND_PRINT((ndo, "[|pap]"));
924 return;
925 } else if (length < 4) {
926 ND_TCHECK(*p);
927 ND_PRINT((ndo, "[|pap 0x%02x]", *p));
928 return;
929 }
930
931 ND_TCHECK(*p);
932 code = *p;
933 ND_PRINT((ndo, "PAP, %s (0x%02x)",
934 tok2str(papcode_values, "unknown", code),
935 code));
936 p++;
937
938 ND_TCHECK(*p);
939 ND_PRINT((ndo, ", id %u", *p)); /* ID */
940 p++;
941
942 ND_TCHECK2(*p, 2);
943 len = EXTRACT_BE_16BITS(p);
944 p += 2;
945
946 if ((int)len > length) {
947 ND_PRINT((ndo, ", length %u > packet size", len));
948 return;
949 }
950 length = len;
951 if (length < (p - p0)) {
952 ND_PRINT((ndo, ", length %u < PAP header length", length));
953 return;
954 }
955
956 switch (code) {
957 case PAP_AREQ:
958 /* A valid Authenticate-Request is 6 or more octets long. */
959 if (len < 6)
960 goto trunc;
961 if (length - (p - p0) < 1)
962 return;
963 ND_TCHECK(*p);
964 peerid_len = *p; /* Peer-ID Length */
965 p++;
966 if (length - (p - p0) < peerid_len)
967 return;
968 ND_PRINT((ndo, ", Peer "));
969 for (i = 0; i < peerid_len; i++) {
970 ND_TCHECK(*p);
971 safeputchar(ndo, *p++);
972 }
973
974 if (length - (p - p0) < 1)
975 return;
976 ND_TCHECK(*p);
977 passwd_len = *p; /* Password Length */
978 p++;
979 if (length - (p - p0) < passwd_len)
980 return;
981 ND_PRINT((ndo, ", Name "));
982 for (i = 0; i < passwd_len; i++) {
983 ND_TCHECK(*p);
984 safeputchar(ndo, *p++);
985 }
986 break;
987 case PAP_AACK:
988 case PAP_ANAK:
989 /* Although some implementations ignore truncation at
990 * this point and at least one generates a truncated
991 * packet, RFC 1334 section 2.2.2 clearly states that
992 * both AACK and ANAK are at least 5 bytes long.
993 */
994 if (len < 5)
995 goto trunc;
996 if (length - (p - p0) < 1)
997 return;
998 ND_TCHECK(*p);
999 msg_len = *p; /* Msg-Length */
1000 p++;
1001 if (length - (p - p0) < msg_len)
1002 return;
1003 ND_PRINT((ndo, ", Msg "));
1004 for (i = 0; i< msg_len; i++) {
1005 ND_TCHECK(*p);
1006 safeputchar(ndo, *p++);
1007 }
1008 break;
1009 }
1010 return;
1011
1012 trunc:
1013 ND_PRINT((ndo, "[|pap]"));
1014 }
1015
1016 /* BAP */
1017 static void
1018 handle_bap(netdissect_options *ndo _U_,
1019 const u_char *p _U_, int length _U_)
1020 {
1021 /* XXX: to be supported!! */
1022 }
1023
1024
1025 /* IPCP config options */
1026 static int
1027 print_ipcp_config_options(netdissect_options *ndo,
1028 const u_char *p, int length)
1029 {
1030 int len, opt;
1031 u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen;
1032
1033 if (length < 2)
1034 return 0;
1035 ND_TCHECK2(*p, 2);
1036 len = p[1];
1037 opt = p[0];
1038 if (length < len)
1039 return 0;
1040 if (len < 2) {
1041 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1042 tok2str(ipcpopt_values,"unknown",opt),
1043 opt,
1044 len));
1045 return 0;
1046 }
1047
1048 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1049 tok2str(ipcpopt_values,"unknown",opt),
1050 opt,
1051 len));
1052
1053 switch (opt) {
1054 case IPCPOPT_2ADDR: /* deprecated */
1055 if (len != 10) {
1056 ND_PRINT((ndo, " (length bogus, should be = 10)"));
1057 return len;
1058 }
1059 ND_TCHECK2(*(p + 6), 4);
1060 ND_PRINT((ndo, ": src %s, dst %s",
1061 ipaddr_string(ndo, p + 2),
1062 ipaddr_string(ndo, p + 6)));
1063 break;
1064 case IPCPOPT_IPCOMP:
1065 if (len < 4) {
1066 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1067 return 0;
1068 }
1069 ND_TCHECK_16BITS(p+2);
1070 compproto = EXTRACT_BE_16BITS(p + 2);
1071
1072 ND_PRINT((ndo, ": %s (0x%02x):",
1073 tok2str(ipcpopt_compproto_values, "Unknown", compproto),
1074 compproto));
1075
1076 switch (compproto) {
1077 case PPP_VJC:
1078 /* XXX: VJ-Comp parameters should be decoded */
1079 break;
1080 case IPCPOPT_IPCOMP_HDRCOMP:
1081 if (len < IPCPOPT_IPCOMP_MINLEN) {
1082 ND_PRINT((ndo, " (length bogus, should be >= %u)",
1083 IPCPOPT_IPCOMP_MINLEN));
1084 return 0;
1085 }
1086
1087 ND_TCHECK2(*(p + 2), IPCPOPT_IPCOMP_MINLEN);
1088 ND_PRINT((ndo, "\n\t TCP Space %u, non-TCP Space %u" \
1089 ", maxPeriod %u, maxTime %u, maxHdr %u",
1090 EXTRACT_BE_16BITS(p + 4),
1091 EXTRACT_BE_16BITS(p + 6),
1092 EXTRACT_BE_16BITS(p + 8),
1093 EXTRACT_BE_16BITS(p + 10),
1094 EXTRACT_BE_16BITS(p + 12)));
1095
1096 /* suboptions present ? */
1097 if (len > IPCPOPT_IPCOMP_MINLEN) {
1098 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN;
1099 p += IPCPOPT_IPCOMP_MINLEN;
1100
1101 ND_PRINT((ndo, "\n\t Suboptions, length %u", ipcomp_subopttotallen));
1102
1103 while (ipcomp_subopttotallen >= 2) {
1104 ND_TCHECK2(*p, 2);
1105 ipcomp_subopt = *p;
1106 ipcomp_suboptlen = EXTRACT_8BITS(p + 1);
1107
1108 /* sanity check */
1109 if (ipcomp_subopt == 0 ||
1110 ipcomp_suboptlen == 0 )
1111 break;
1112
1113 /* XXX: just display the suboptions for now */
1114 ND_PRINT((ndo, "\n\t\t%s Suboption #%u, length %u",
1115 tok2str(ipcpopt_compproto_subopt_values,
1116 "Unknown",
1117 ipcomp_subopt),
1118 ipcomp_subopt,
1119 ipcomp_suboptlen));
1120
1121 ipcomp_subopttotallen -= ipcomp_suboptlen;
1122 p += ipcomp_suboptlen;
1123 }
1124 }
1125 break;
1126 default:
1127 break;
1128 }
1129 break;
1130
1131 case IPCPOPT_ADDR: /* those options share the same format - fall through */
1132 case IPCPOPT_MOBILE4:
1133 case IPCPOPT_PRIDNS:
1134 case IPCPOPT_PRINBNS:
1135 case IPCPOPT_SECDNS:
1136 case IPCPOPT_SECNBNS:
1137 if (len != 6) {
1138 ND_PRINT((ndo, " (length bogus, should be = 6)"));
1139 return 0;
1140 }
1141 ND_TCHECK2(*(p + 2), 4);
1142 ND_PRINT((ndo, ": %s", ipaddr_string(ndo, p + 2)));
1143 break;
1144 default:
1145 /*
1146 * Unknown option; dump it as raw bytes now if we're
1147 * not going to do so below.
1148 */
1149 if (ndo->ndo_vflag < 2)
1150 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1151 break;
1152 }
1153 if (ndo->ndo_vflag > 1)
1154 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1155 return len;
1156
1157 trunc:
1158 ND_PRINT((ndo, "[|ipcp]"));
1159 return 0;
1160 }
1161
1162 /* IP6CP config options */
1163 static int
1164 print_ip6cp_config_options(netdissect_options *ndo,
1165 const u_char *p, int length)
1166 {
1167 int len, opt;
1168
1169 if (length < 2)
1170 return 0;
1171 ND_TCHECK2(*p, 2);
1172 len = p[1];
1173 opt = p[0];
1174 if (length < len)
1175 return 0;
1176 if (len < 2) {
1177 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1178 tok2str(ip6cpopt_values,"unknown",opt),
1179 opt,
1180 len));
1181 return 0;
1182 }
1183
1184 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1185 tok2str(ip6cpopt_values,"unknown",opt),
1186 opt,
1187 len));
1188
1189 switch (opt) {
1190 case IP6CP_IFID:
1191 if (len != 10) {
1192 ND_PRINT((ndo, " (length bogus, should be = 10)"));
1193 return len;
1194 }
1195 ND_TCHECK2(*(p + 2), 8);
1196 ND_PRINT((ndo, ": %04x:%04x:%04x:%04x",
1197 EXTRACT_BE_16BITS(p + 2),
1198 EXTRACT_BE_16BITS(p + 4),
1199 EXTRACT_BE_16BITS(p + 6),
1200 EXTRACT_BE_16BITS(p + 8)));
1201 break;
1202 default:
1203 /*
1204 * Unknown option; dump it as raw bytes now if we're
1205 * not going to do so below.
1206 */
1207 if (ndo->ndo_vflag < 2)
1208 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1209 break;
1210 }
1211 if (ndo->ndo_vflag > 1)
1212 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1213
1214 return len;
1215
1216 trunc:
1217 ND_PRINT((ndo, "[|ip6cp]"));
1218 return 0;
1219 }
1220
1221
1222 /* CCP config options */
1223 static int
1224 print_ccp_config_options(netdissect_options *ndo,
1225 const u_char *p, int length)
1226 {
1227 int len, opt;
1228
1229 if (length < 2)
1230 return 0;
1231 ND_TCHECK2(*p, 2);
1232 len = p[1];
1233 opt = p[0];
1234 if (length < len)
1235 return 0;
1236 if (len < 2) {
1237 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1238 tok2str(ccpconfopts_values, "Unknown", opt),
1239 opt,
1240 len));
1241 return 0;
1242 }
1243
1244 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1245 tok2str(ccpconfopts_values, "Unknown", opt),
1246 opt,
1247 len));
1248
1249 switch (opt) {
1250 case CCPOPT_BSDCOMP:
1251 if (len < 3) {
1252 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
1253 return len;
1254 }
1255 ND_TCHECK(p[2]);
1256 ND_PRINT((ndo, ": Version: %u, Dictionary Bits: %u",
1257 p[2] >> 5, p[2] & 0x1f));
1258 break;
1259 case CCPOPT_MVRCA:
1260 if (len < 4) {
1261 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1262 return len;
1263 }
1264 ND_TCHECK(p[3]);
1265 ND_PRINT((ndo, ": Features: %u, PxP: %s, History: %u, #CTX-ID: %u",
1266 (p[2] & 0xc0) >> 6,
1267 (p[2] & 0x20) ? "Enabled" : "Disabled",
1268 p[2] & 0x1f, p[3]));
1269 break;
1270 case CCPOPT_DEFLATE:
1271 if (len < 4) {
1272 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1273 return len;
1274 }
1275 ND_TCHECK(p[3]);
1276 ND_PRINT((ndo, ": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u",
1277 (p[2] & 0xf0) >> 4,
1278 ((p[2] & 0x0f) == 8) ? "zlib" : "unknown",
1279 p[2] & 0x0f, (p[3] & 0xfc) >> 2, p[3] & 0x03));
1280 break;
1281
1282 /* XXX: to be supported */
1283 #if 0
1284 case CCPOPT_OUI:
1285 case CCPOPT_PRED1:
1286 case CCPOPT_PRED2:
1287 case CCPOPT_PJUMP:
1288 case CCPOPT_HPPPC:
1289 case CCPOPT_STACLZS:
1290 case CCPOPT_MPPC:
1291 case CCPOPT_GFZA:
1292 case CCPOPT_V42BIS:
1293 case CCPOPT_LZSDCP:
1294 case CCPOPT_DEC:
1295 case CCPOPT_RESV:
1296 break;
1297 #endif
1298 default:
1299 /*
1300 * Unknown option; dump it as raw bytes now if we're
1301 * not going to do so below.
1302 */
1303 if (ndo->ndo_vflag < 2)
1304 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1305 break;
1306 }
1307 if (ndo->ndo_vflag > 1)
1308 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1309
1310 return len;
1311
1312 trunc:
1313 ND_PRINT((ndo, "[|ccp]"));
1314 return 0;
1315 }
1316
1317 /* BACP config options */
1318 static int
1319 print_bacp_config_options(netdissect_options *ndo,
1320 const u_char *p, int length)
1321 {
1322 int len, opt;
1323
1324 if (length < 2)
1325 return 0;
1326 ND_TCHECK2(*p, 2);
1327 len = p[1];
1328 opt = p[0];
1329 if (length < len)
1330 return 0;
1331 if (len < 2) {
1332 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1333 tok2str(bacconfopts_values, "Unknown", opt),
1334 opt,
1335 len));
1336 return 0;
1337 }
1338
1339 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1340 tok2str(bacconfopts_values, "Unknown", opt),
1341 opt,
1342 len));
1343
1344 switch (opt) {
1345 case BACPOPT_FPEER:
1346 if (len != 6) {
1347 ND_PRINT((ndo, " (length bogus, should be = 6)"));
1348 return len;
1349 }
1350 ND_TCHECK_32BITS(p + 2);
1351 ND_PRINT((ndo, ": Magic-Num 0x%08x", EXTRACT_BE_32BITS(p + 2)));
1352 break;
1353 default:
1354 /*
1355 * Unknown option; dump it as raw bytes now if we're
1356 * not going to do so below.
1357 */
1358 if (ndo->ndo_vflag < 2)
1359 print_unknown_data(ndo, &p[2], "\n\t ", len - 2);
1360 break;
1361 }
1362 if (ndo->ndo_vflag > 1)
1363 print_unknown_data(ndo, &p[2], "\n\t ", len - 2); /* exclude TLV header */
1364
1365 return len;
1366
1367 trunc:
1368 ND_PRINT((ndo, "[|bacp]"));
1369 return 0;
1370 }
1371
1372 static void
1373 ppp_hdlc(netdissect_options *ndo,
1374 const u_char *p, int length)
1375 {
1376 u_char *b, *t, c;
1377 const u_char *s;
1378 int i, proto;
1379 const void *se;
1380
1381 if (length <= 0)
1382 return;
1383
1384 b = (u_char *)malloc(length);
1385 if (b == NULL)
1386 return;
1387
1388 /*
1389 * Unescape all the data into a temporary, private, buffer.
1390 * Do this so that we dont overwrite the original packet
1391 * contents.
1392 */
1393 for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) {
1394 c = EXTRACT_8BITS(s);
1395 s++;
1396 if (c == 0x7d) {
1397 if (i <= 1 || !ND_TTEST(*s))
1398 break;
1399 i--;
1400 c = EXTRACT_8BITS(s) ^ 0x20;
1401 s++;
1402 }
1403 *t++ = c;
1404 }
1405
1406 se = ndo->ndo_snapend;
1407 ndo->ndo_snapend = t;
1408 length = t - b;
1409
1410 /* now lets guess about the payload codepoint format */
1411 if (length < 1)
1412 goto trunc;
1413 proto = *b; /* start with a one-octet codepoint guess */
1414
1415 switch (proto) {
1416 case PPP_IP:
1417 ip_print(ndo, b + 1, length - 1);
1418 goto cleanup;
1419 case PPP_IPV6:
1420 ip6_print(ndo, b + 1, length - 1);
1421 goto cleanup;
1422 default: /* no luck - try next guess */
1423 break;
1424 }
1425
1426 if (length < 2)
1427 goto trunc;
1428 proto = EXTRACT_BE_16BITS(b); /* next guess - load two octets */
1429
1430 switch (proto) {
1431 case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */
1432 if (length < 4)
1433 goto trunc;
1434 proto = EXTRACT_BE_16BITS(b + 2); /* load the PPP proto-id */
1435 handle_ppp(ndo, proto, b + 4, length - 4);
1436 break;
1437 default: /* last guess - proto must be a PPP proto-id */
1438 handle_ppp(ndo, proto, b + 2, length - 2);
1439 break;
1440 }
1441
1442 cleanup:
1443 ndo->ndo_snapend = se;
1444 free(b);
1445 return;
1446
1447 trunc:
1448 ndo->ndo_snapend = se;
1449 free(b);
1450 ND_PRINT((ndo, "[|ppp]"));
1451 }
1452
1453
1454 /* PPP */
1455 static void
1456 handle_ppp(netdissect_options *ndo,
1457 u_int proto, const u_char *p, int length)
1458 {
1459 if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */
1460 ppp_hdlc(ndo, p - 1, length);
1461 return;
1462 }
1463
1464 switch (proto) {
1465 case PPP_LCP: /* fall through */
1466 case PPP_IPCP:
1467 case PPP_OSICP:
1468 case PPP_MPLSCP:
1469 case PPP_IPV6CP:
1470 case PPP_CCP:
1471 case PPP_BACP:
1472 handle_ctrl_proto(ndo, proto, p, length);
1473 break;
1474 case PPP_ML:
1475 handle_mlppp(ndo, p, length);
1476 break;
1477 case PPP_CHAP:
1478 handle_chap(ndo, p, length);
1479 break;
1480 case PPP_PAP:
1481 handle_pap(ndo, p, length);
1482 break;
1483 case PPP_BAP: /* XXX: not yet completed */
1484 handle_bap(ndo, p, length);
1485 break;
1486 case ETHERTYPE_IP: /*XXX*/
1487 case PPP_VJNC:
1488 case PPP_IP:
1489 ip_print(ndo, p, length);
1490 break;
1491 case ETHERTYPE_IPV6: /*XXX*/
1492 case PPP_IPV6:
1493 ip6_print(ndo, p, length);
1494 break;
1495 case ETHERTYPE_IPX: /*XXX*/
1496 case PPP_IPX:
1497 ipx_print(ndo, p, length);
1498 break;
1499 case PPP_OSI:
1500 isoclns_print(ndo, p, length);
1501 break;
1502 case PPP_MPLS_UCAST:
1503 case PPP_MPLS_MCAST:
1504 mpls_print(ndo, p, length);
1505 break;
1506 case PPP_COMP:
1507 ND_PRINT((ndo, "compressed PPP data"));
1508 break;
1509 default:
1510 ND_PRINT((ndo, "%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)));
1511 print_unknown_data(ndo, p, "\n\t", length);
1512 break;
1513 }
1514 }
1515
1516 /* Standard PPP printer */
1517 u_int
1518 ppp_print(netdissect_options *ndo,
1519 register const u_char *p, u_int length)
1520 {
1521 u_int proto,ppp_header;
1522 u_int olen = length; /* _o_riginal length */
1523 u_int hdr_len = 0;
1524
1525 /*
1526 * Here, we assume that p points to the Address and Control
1527 * field (if they present).
1528 */
1529 if (length < 2)
1530 goto trunc;
1531 ND_TCHECK2(*p, 2);
1532 ppp_header = EXTRACT_BE_16BITS(p);
1533
1534 switch(ppp_header) {
1535 case (PPP_WITHDIRECTION_IN << 8 | PPP_CONTROL):
1536 if (ndo->ndo_eflag) ND_PRINT((ndo, "In "));
1537 p += 2;
1538 length -= 2;
1539 hdr_len += 2;
1540 break;
1541 case (PPP_WITHDIRECTION_OUT << 8 | PPP_CONTROL):
1542 if (ndo->ndo_eflag) ND_PRINT((ndo, "Out "));
1543 p += 2;
1544 length -= 2;
1545 hdr_len += 2;
1546 break;
1547 case (PPP_ADDRESS << 8 | PPP_CONTROL):
1548 p += 2; /* ACFC not used */
1549 length -= 2;
1550 hdr_len += 2;
1551 break;
1552
1553 default:
1554 break;
1555 }
1556
1557 if (length < 2)
1558 goto trunc;
1559 ND_TCHECK(*p);
1560 if (*p % 2) {
1561 proto = *p; /* PFC is used */
1562 p++;
1563 length--;
1564 hdr_len++;
1565 } else {
1566 ND_TCHECK2(*p, 2);
1567 proto = EXTRACT_BE_16BITS(p);
1568 p += 2;
1569 length -= 2;
1570 hdr_len += 2;
1571 }
1572
1573 if (ndo->ndo_eflag)
1574 ND_PRINT((ndo, "%s (0x%04x), length %u: ",
1575 tok2str(ppptype2str, "unknown", proto),
1576 proto,
1577 olen));
1578
1579 handle_ppp(ndo, proto, p, length);
1580 return (hdr_len);
1581 trunc:
1582 ND_PRINT((ndo, "[|ppp]"));
1583 return (0);
1584 }
1585
1586
1587 /* PPP I/F printer */
1588 u_int
1589 ppp_if_print(netdissect_options *ndo,
1590 const struct pcap_pkthdr *h, register const u_char *p)
1591 {
1592 register u_int length = h->len;
1593 register u_int caplen = h->caplen;
1594
1595 if (caplen < PPP_HDRLEN) {
1596 ND_PRINT((ndo, "[|ppp]"));
1597 return (caplen);
1598 }
1599
1600 #if 0
1601 /*
1602 * XXX: seems to assume that there are 2 octets prepended to an
1603 * actual PPP frame. The 1st octet looks like Input/Output flag
1604 * while 2nd octet is unknown, at least to me
1605 * (mshindo@mshindo.net).
1606 *
1607 * That was what the original tcpdump code did.
1608 *
1609 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
1610 * packets and 0 for inbound packets - but only if the
1611 * protocol field has the 0x8000 bit set (i.e., it's a network
1612 * control protocol); it does so before running the packet through
1613 * "bpf_filter" to see if it should be discarded, and to see
1614 * if we should update the time we sent the most recent packet...
1615 *
1616 * ...but it puts the original address field back after doing
1617 * so.
1618 *
1619 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
1620 *
1621 * I don't know if any PPP implementation handed up to a BPF
1622 * device packets with the first octet being 1 for outbound and
1623 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
1624 * whether that ever needs to be checked or not.
1625 *
1626 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
1627 * and its tcpdump appears to assume that the frame always
1628 * begins with an address field and a control field, and that
1629 * the address field might be 0x0f or 0x8f, for Cisco
1630 * point-to-point with HDLC framing as per section 4.3.1 of RFC
1631 * 1547, as well as 0xff, for PPP in HDLC-like framing as per
1632 * RFC 1662.
1633 *
1634 * (Is the Cisco framing in question what DLT_C_HDLC, in
1635 * BSD/OS, is?)
1636 */
1637 if (ndo->ndo_eflag)
1638 ND_PRINT((ndo, "%c %4d %02x ", p[0] ? 'O' : 'I', length, p[1]));
1639 #endif
1640
1641 ppp_print(ndo, p, length);
1642
1643 return (0);
1644 }
1645
1646 /*
1647 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
1648 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
1649 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
1650 * discard them *if* those are the first two octets, and parse the remaining
1651 * packet as a PPP packet, as "ppp_print()" does).
1652 *
1653 * This handles, for example, DLT_PPP_SERIAL in NetBSD.
1654 */
1655 u_int
1656 ppp_hdlc_if_print(netdissect_options *ndo,
1657 const struct pcap_pkthdr *h, register const u_char *p)
1658 {
1659 register u_int length = h->len;
1660 register u_int caplen = h->caplen;
1661 u_int proto;
1662 u_int hdrlen = 0;
1663
1664 if (caplen < 2) {
1665 ND_PRINT((ndo, "[|ppp]"));
1666 return (caplen);
1667 }
1668
1669 switch (p[0]) {
1670
1671 case PPP_ADDRESS:
1672 if (caplen < 4) {
1673 ND_PRINT((ndo, "[|ppp]"));
1674 return (caplen);
1675 }
1676
1677 if (ndo->ndo_eflag)
1678 ND_PRINT((ndo, "%02x %02x %d ", p[0], p[1], length));
1679 p += 2;
1680 length -= 2;
1681 hdrlen += 2;
1682
1683 proto = EXTRACT_BE_16BITS(p);
1684 p += 2;
1685 length -= 2;
1686 hdrlen += 2;
1687 ND_PRINT((ndo, "%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)));
1688
1689 handle_ppp(ndo, proto, p, length);
1690 break;
1691
1692 case CHDLC_UNICAST:
1693 case CHDLC_BCAST:
1694 return (chdlc_if_print(ndo, h, p));
1695
1696 default:
1697 if (caplen < 4) {
1698 ND_PRINT((ndo, "[|ppp]"));
1699 return (caplen);
1700 }
1701
1702 if (ndo->ndo_eflag)
1703 ND_PRINT((ndo, "%02x %02x %d ", p[0], p[1], length));
1704 p += 2;
1705 hdrlen += 2;
1706
1707 /*
1708 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
1709 * the next two octets as an Ethernet type; does that
1710 * ever happen?
1711 */
1712 ND_PRINT((ndo, "unknown addr %02x; ctrl %02x", p[0], p[1]));
1713 break;
1714 }
1715
1716 return (hdrlen);
1717 }
1718
1719 #define PPP_BSDI_HDRLEN 24
1720
1721 /* BSD/OS specific PPP printer */
1722 u_int
1723 ppp_bsdos_if_print(netdissect_options *ndo _U_,
1724 const struct pcap_pkthdr *h _U_, register const u_char *p _U_)
1725 {
1726 register int hdrlength;
1727 #ifdef __bsdi__
1728 register u_int length = h->len;
1729 register u_int caplen = h->caplen;
1730 uint16_t ptype;
1731 const u_char *q;
1732 int i;
1733
1734 if (caplen < PPP_BSDI_HDRLEN) {
1735 ND_PRINT((ndo, "[|ppp]"));
1736 return (caplen)
1737 }
1738
1739 hdrlength = 0;
1740
1741 #if 0
1742 if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) {
1743 if (ndo->ndo_eflag)
1744 ND_PRINT((ndo, "%02x %02x ", p[0], p[1]));
1745 p += 2;
1746 hdrlength = 2;
1747 }
1748
1749 if (ndo->ndo_eflag)
1750 ND_PRINT((ndo, "%d ", length));
1751 /* Retrieve the protocol type */
1752 if (*p & 01) {
1753 /* Compressed protocol field */
1754 ptype = *p;
1755 if (ndo->ndo_eflag)
1756 ND_PRINT((ndo, "%02x ", ptype));
1757 p++;
1758 hdrlength += 1;
1759 } else {
1760 /* Un-compressed protocol field */
1761 ptype = EXTRACT_16BITS(p);
1762 if (ndo->ndo_eflag)
1763 ND_PRINT((ndo, "%04x ", ptype));
1764 p += 2;
1765 hdrlength += 2;
1766 }
1767 #else
1768 ptype = 0; /*XXX*/
1769 if (ndo->ndo_eflag)
1770 ND_PRINT((ndo, "%c ", p[SLC_DIR] ? 'O' : 'I'));
1771 if (p[SLC_LLHL]) {
1772 /* link level header */
1773 struct ppp_header *ph;
1774
1775 q = p + SLC_BPFHDRLEN;
1776 ph = (struct ppp_header *)q;
1777 if (ph->phdr_addr == PPP_ADDRESS
1778 && ph->phdr_ctl == PPP_CONTROL) {
1779 if (ndo->ndo_eflag)
1780 ND_PRINT((ndo, "%02x %02x ", q[0], q[1]));
1781 ptype = EXTRACT_16BITS(&ph->phdr_type);
1782 if (ndo->ndo_eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
1783 ND_PRINT((ndo, "%s ", tok2str(ppptype2str,
1784 "proto-#%d", ptype)));
1785 }
1786 } else {
1787 if (ndo->ndo_eflag) {
1788 ND_PRINT((ndo, "LLH=["));
1789 for (i = 0; i < p[SLC_LLHL]; i++)
1790 ND_PRINT((ndo, "%02x", q[i]));
1791 ND_PRINT((ndo, "] "));
1792 }
1793 }
1794 }
1795 if (ndo->ndo_eflag)
1796 ND_PRINT((ndo, "%d ", length));
1797 if (p[SLC_CHL]) {
1798 q = p + SLC_BPFHDRLEN + p[SLC_LLHL];
1799
1800 switch (ptype) {
1801 case PPP_VJC:
1802 ptype = vjc_print(ndo, q, ptype);
1803 hdrlength = PPP_BSDI_HDRLEN;
1804 p += hdrlength;
1805 switch (ptype) {
1806 case PPP_IP:
1807 ip_print(ndo, p, length);
1808 break;
1809 case PPP_IPV6:
1810 ip6_print(ndo, p, length);
1811 break;
1812 case PPP_MPLS_UCAST:
1813 case PPP_MPLS_MCAST:
1814 mpls_print(ndo, p, length);
1815 break;
1816 }
1817 goto printx;
1818 case PPP_VJNC:
1819 ptype = vjc_print(ndo, q, ptype);
1820 hdrlength = PPP_BSDI_HDRLEN;
1821 p += hdrlength;
1822 switch (ptype) {
1823 case PPP_IP:
1824 ip_print(ndo, p, length);
1825 break;
1826 case PPP_IPV6:
1827 ip6_print(ndo, p, length);
1828 break;
1829 case PPP_MPLS_UCAST:
1830 case PPP_MPLS_MCAST:
1831 mpls_print(ndo, p, length);
1832 break;
1833 }
1834 goto printx;
1835 default:
1836 if (ndo->ndo_eflag) {
1837 ND_PRINT((ndo, "CH=["));
1838 for (i = 0; i < p[SLC_LLHL]; i++)
1839 ND_PRINT((ndo, "%02x", q[i]));
1840 ND_PRINT((ndo, "] "));
1841 }
1842 break;
1843 }
1844 }
1845
1846 hdrlength = PPP_BSDI_HDRLEN;
1847 #endif
1848
1849 length -= hdrlength;
1850 p += hdrlength;
1851
1852 switch (ptype) {
1853 case PPP_IP:
1854 ip_print(p, length);
1855 break;
1856 case PPP_IPV6:
1857 ip6_print(ndo, p, length);
1858 break;
1859 case PPP_MPLS_UCAST:
1860 case PPP_MPLS_MCAST:
1861 mpls_print(ndo, p, length);
1862 break;
1863 default:
1864 ND_PRINT((ndo, "%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype)));
1865 }
1866
1867 printx:
1868 #else /* __bsdi */
1869 hdrlength = 0;
1870 #endif /* __bsdi__ */
1871 return (hdrlength);
1872 }
1873
1874
1875 /*
1876 * Local Variables:
1877 * c-style: whitesmith
1878 * c-basic-offset: 8
1879 * End:
1880 */
[mirror] the TCPdump network dissector