]> The Tcpdump Group git mirrors - tcpdump/blob - print-ppp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
More EXTRACT_U_1() and ND_TCHECK_n, clean up signedness, add length checks.
[tcpdump] / print-ppp.c
1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
22 * complete PPP support.
23 */
24
25 /* \summary: Point to Point Protocol (PPP) printer */
26
27 /*
28 * TODO:
29 * o resolve XXX as much as possible
30 * o MP support
31 * o BAP support
32 */
33
34 #ifdef HAVE_CONFIG_H
35 #include "config.h"
36 #endif
37
38 #include <netdissect-stdinc.h>
39
40 #ifdef __bsdi__
41 #include <net/slcompress.h>
42 #include <net/if_ppp.h>
43 #endif
44
45 #include <stdlib.h>
46
47 #include "netdissect.h"
48 #include "extract.h"
49 #include "addrtoname.h"
50 #include "ppp.h"
51 #include "chdlc.h"
52 #include "ethertype.h"
53 #include "oui.h"
54
55 /*
56 * The following constatns are defined by IANA. Please refer to
57 * http://www.isi.edu/in-notes/iana/assignments/ppp-numbers
58 * for the up-to-date information.
59 */
60
61 /* Protocol Codes defined in ppp.h */
62
63 static const struct tok ppptype2str[] = {
64 { PPP_IP, "IP" },
65 { PPP_OSI, "OSI" },
66 { PPP_NS, "NS" },
67 { PPP_DECNET, "DECNET" },
68 { PPP_APPLE, "APPLE" },
69 { PPP_IPX, "IPX" },
70 { PPP_VJC, "VJC IP" },
71 { PPP_VJNC, "VJNC IP" },
72 { PPP_BRPDU, "BRPDU" },
73 { PPP_STII, "STII" },
74 { PPP_VINES, "VINES" },
75 { PPP_MPLS_UCAST, "MPLS" },
76 { PPP_MPLS_MCAST, "MPLS" },
77 { PPP_COMP, "Compressed"},
78 { PPP_ML, "MLPPP"},
79 { PPP_IPV6, "IP6"},
80
81 { PPP_HELLO, "HELLO" },
82 { PPP_LUXCOM, "LUXCOM" },
83 { PPP_SNS, "SNS" },
84 { PPP_IPCP, "IPCP" },
85 { PPP_OSICP, "OSICP" },
86 { PPP_NSCP, "NSCP" },
87 { PPP_DECNETCP, "DECNETCP" },
88 { PPP_APPLECP, "APPLECP" },
89 { PPP_IPXCP, "IPXCP" },
90 { PPP_STIICP, "STIICP" },
91 { PPP_VINESCP, "VINESCP" },
92 { PPP_IPV6CP, "IP6CP" },
93 { PPP_MPLSCP, "MPLSCP" },
94
95 { PPP_LCP, "LCP" },
96 { PPP_PAP, "PAP" },
97 { PPP_LQM, "LQM" },
98 { PPP_CHAP, "CHAP" },
99 { PPP_EAP, "EAP" },
100 { PPP_SPAP, "SPAP" },
101 { PPP_SPAP_OLD, "Old-SPAP" },
102 { PPP_BACP, "BACP" },
103 { PPP_BAP, "BAP" },
104 { PPP_MPCP, "MLPPP-CP" },
105 { PPP_CCP, "CCP" },
106 { 0, NULL }
107 };
108
109 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
110
111 #define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */
112 #define CPCODES_CONF_REQ 1 /* Configure-Request */
113 #define CPCODES_CONF_ACK 2 /* Configure-Ack */
114 #define CPCODES_CONF_NAK 3 /* Configure-Nak */
115 #define CPCODES_CONF_REJ 4 /* Configure-Reject */
116 #define CPCODES_TERM_REQ 5 /* Terminate-Request */
117 #define CPCODES_TERM_ACK 6 /* Terminate-Ack */
118 #define CPCODES_CODE_REJ 7 /* Code-Reject */
119 #define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */
120 #define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */
121 #define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */
122 #define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */
123 #define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */
124 #define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */
125 #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */
126 #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */
127
128 static const struct tok cpcodes[] = {
129 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */
130 {CPCODES_CONF_REQ, "Conf-Request"},
131 {CPCODES_CONF_ACK, "Conf-Ack"},
132 {CPCODES_CONF_NAK, "Conf-Nack"},
133 {CPCODES_CONF_REJ, "Conf-Reject"},
134 {CPCODES_TERM_REQ, "Term-Request"},
135 {CPCODES_TERM_ACK, "Term-Ack"},
136 {CPCODES_CODE_REJ, "Code-Reject"},
137 {CPCODES_PROT_REJ, "Prot-Reject"},
138 {CPCODES_ECHO_REQ, "Echo-Request"},
139 {CPCODES_ECHO_RPL, "Echo-Reply"},
140 {CPCODES_DISC_REQ, "Disc-Req"},
141 {CPCODES_ID, "Ident"}, /* RFC1570 */
142 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */
143 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */
144 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */
145 {0, NULL}
146 };
147
148 /* LCP Config Options */
149
150 #define LCPOPT_VEXT 0
151 #define LCPOPT_MRU 1
152 #define LCPOPT_ACCM 2
153 #define LCPOPT_AP 3
154 #define LCPOPT_QP 4
155 #define LCPOPT_MN 5
156 #define LCPOPT_DEP6 6
157 #define LCPOPT_PFC 7
158 #define LCPOPT_ACFC 8
159 #define LCPOPT_FCSALT 9
160 #define LCPOPT_SDP 10
161 #define LCPOPT_NUMMODE 11
162 #define LCPOPT_DEP12 12
163 #define LCPOPT_CBACK 13
164 #define LCPOPT_DEP14 14
165 #define LCPOPT_DEP15 15
166 #define LCPOPT_DEP16 16
167 #define LCPOPT_MLMRRU 17
168 #define LCPOPT_MLSSNHF 18
169 #define LCPOPT_MLED 19
170 #define LCPOPT_PROP 20
171 #define LCPOPT_DCEID 21
172 #define LCPOPT_MPP 22
173 #define LCPOPT_LD 23
174 #define LCPOPT_LCPAOPT 24
175 #define LCPOPT_COBS 25
176 #define LCPOPT_PE 26
177 #define LCPOPT_MLHF 27
178 #define LCPOPT_I18N 28
179 #define LCPOPT_SDLOS 29
180 #define LCPOPT_PPPMUX 30
181
182 #define LCPOPT_MIN LCPOPT_VEXT
183 #define LCPOPT_MAX LCPOPT_PPPMUX
184
185 static const char *lcpconfopts[] = {
186 "Vend-Ext", /* (0) */
187 "MRU", /* (1) */
188 "ACCM", /* (2) */
189 "Auth-Prot", /* (3) */
190 "Qual-Prot", /* (4) */
191 "Magic-Num", /* (5) */
192 "deprecated(6)", /* used to be a Quality Protocol */
193 "PFC", /* (7) */
194 "ACFC", /* (8) */
195 "FCS-Alt", /* (9) */
196 "SDP", /* (10) */
197 "Num-Mode", /* (11) */
198 "deprecated(12)", /* used to be a Multi-Link-Procedure*/
199 "Call-Back", /* (13) */
200 "deprecated(14)", /* used to be a Connect-Time */
201 "deprecated(15)", /* used to be a Compund-Frames */
202 "deprecated(16)", /* used to be a Nominal-Data-Encap */
203 "MRRU", /* (17) */
204 "12-Bit seq #", /* (18) */
205 "End-Disc", /* (19) */
206 "Proprietary", /* (20) */
207 "DCE-Id", /* (21) */
208 "MP+", /* (22) */
209 "Link-Disc", /* (23) */
210 "LCP-Auth-Opt", /* (24) */
211 "COBS", /* (25) */
212 "Prefix-elision", /* (26) */
213 "Multilink-header-Form",/* (27) */
214 "I18N", /* (28) */
215 "SDL-over-SONET/SDH", /* (29) */
216 "PPP-Muxing", /* (30) */
217 };
218
219 /* ECP - to be supported */
220
221 /* CCP Config Options */
222
223 #define CCPOPT_OUI 0 /* RFC1962 */
224 #define CCPOPT_PRED1 1 /* RFC1962 */
225 #define CCPOPT_PRED2 2 /* RFC1962 */
226 #define CCPOPT_PJUMP 3 /* RFC1962 */
227 /* 4-15 unassigned */
228 #define CCPOPT_HPPPC 16 /* RFC1962 */
229 #define CCPOPT_STACLZS 17 /* RFC1974 */
230 #define CCPOPT_MPPC 18 /* RFC2118 */
231 #define CCPOPT_GFZA 19 /* RFC1962 */
232 #define CCPOPT_V42BIS 20 /* RFC1962 */
233 #define CCPOPT_BSDCOMP 21 /* RFC1977 */
234 /* 22 unassigned */
235 #define CCPOPT_LZSDCP 23 /* RFC1967 */
236 #define CCPOPT_MVRCA 24 /* RFC1975 */
237 #define CCPOPT_DEC 25 /* RFC1976 */
238 #define CCPOPT_DEFLATE 26 /* RFC1979 */
239 /* 27-254 unassigned */
240 #define CCPOPT_RESV 255 /* RFC1962 */
241
242 static const struct tok ccpconfopts_values[] = {
243 { CCPOPT_OUI, "OUI" },
244 { CCPOPT_PRED1, "Pred-1" },
245 { CCPOPT_PRED2, "Pred-2" },
246 { CCPOPT_PJUMP, "Puddle" },
247 { CCPOPT_HPPPC, "HP-PPC" },
248 { CCPOPT_STACLZS, "Stac-LZS" },
249 { CCPOPT_MPPC, "MPPC" },
250 { CCPOPT_GFZA, "Gand-FZA" },
251 { CCPOPT_V42BIS, "V.42bis" },
252 { CCPOPT_BSDCOMP, "BSD-Comp" },
253 { CCPOPT_LZSDCP, "LZS-DCP" },
254 { CCPOPT_MVRCA, "MVRCA" },
255 { CCPOPT_DEC, "DEC" },
256 { CCPOPT_DEFLATE, "Deflate" },
257 { CCPOPT_RESV, "Reserved"},
258 {0, NULL}
259 };
260
261 /* BACP Config Options */
262
263 #define BACPOPT_FPEER 1 /* RFC2125 */
264
265 static const struct tok bacconfopts_values[] = {
266 { BACPOPT_FPEER, "Favored-Peer" },
267 {0, NULL}
268 };
269
270
271 /* SDCP - to be supported */
272
273 /* IPCP Config Options */
274 #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
275 #define IPCPOPT_IPCOMP 2 /* RFC1332 */
276 #define IPCPOPT_ADDR 3 /* RFC1332 */
277 #define IPCPOPT_MOBILE4 4 /* RFC2290 */
278 #define IPCPOPT_PRIDNS 129 /* RFC1877 */
279 #define IPCPOPT_PRINBNS 130 /* RFC1877 */
280 #define IPCPOPT_SECDNS 131 /* RFC1877 */
281 #define IPCPOPT_SECNBNS 132 /* RFC1877 */
282
283 static const struct tok ipcpopt_values[] = {
284 { IPCPOPT_2ADDR, "IP-Addrs" },
285 { IPCPOPT_IPCOMP, "IP-Comp" },
286 { IPCPOPT_ADDR, "IP-Addr" },
287 { IPCPOPT_MOBILE4, "Home-Addr" },
288 { IPCPOPT_PRIDNS, "Pri-DNS" },
289 { IPCPOPT_PRINBNS, "Pri-NBNS" },
290 { IPCPOPT_SECDNS, "Sec-DNS" },
291 { IPCPOPT_SECNBNS, "Sec-NBNS" },
292 { 0, NULL }
293 };
294
295 #define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */
296 #define IPCPOPT_IPCOMP_MINLEN 14
297
298 static const struct tok ipcpopt_compproto_values[] = {
299 { PPP_VJC, "VJ-Comp" },
300 { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" },
301 { 0, NULL }
302 };
303
304 static const struct tok ipcpopt_compproto_subopt_values[] = {
305 { 1, "RTP-Compression" },
306 { 2, "Enhanced RTP-Compression" },
307 { 0, NULL }
308 };
309
310 /* IP6CP Config Options */
311 #define IP6CP_IFID 1
312
313 static const struct tok ip6cpopt_values[] = {
314 { IP6CP_IFID, "Interface-ID" },
315 { 0, NULL }
316 };
317
318 /* ATCP - to be supported */
319 /* OSINLCP - to be supported */
320 /* BVCP - to be supported */
321 /* BCP - to be supported */
322 /* IPXCP - to be supported */
323 /* MPLSCP - to be supported */
324
325 /* Auth Algorithms */
326
327 /* 0-4 Reserved (RFC1994) */
328 #define AUTHALG_CHAPMD5 5 /* RFC1994 */
329 #define AUTHALG_MSCHAP1 128 /* RFC2433 */
330 #define AUTHALG_MSCHAP2 129 /* RFC2795 */
331
332 static const struct tok authalg_values[] = {
333 { AUTHALG_CHAPMD5, "MD5" },
334 { AUTHALG_MSCHAP1, "MS-CHAPv1" },
335 { AUTHALG_MSCHAP2, "MS-CHAPv2" },
336 { 0, NULL }
337 };
338
339 /* FCS Alternatives - to be supported */
340
341 /* Multilink Endpoint Discriminator (RFC1717) */
342 #define MEDCLASS_NULL 0 /* Null Class */
343 #define MEDCLASS_LOCAL 1 /* Locally Assigned */
344 #define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */
345 #define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */
346 #define MEDCLASS_MNB 4 /* PPP Magic Number Block */
347 #define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */
348
349 /* PPP LCP Callback */
350 #define CALLBACK_AUTH 0 /* Location determined by user auth */
351 #define CALLBACK_DSTR 1 /* Dialing string */
352 #define CALLBACK_LID 2 /* Location identifier */
353 #define CALLBACK_E164 3 /* E.164 number */
354 #define CALLBACK_X500 4 /* X.500 distinguished name */
355 #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */
356
357 static const struct tok ppp_callback_values[] = {
358 { CALLBACK_AUTH, "UserAuth" },
359 { CALLBACK_DSTR, "DialString" },
360 { CALLBACK_LID, "LocalID" },
361 { CALLBACK_E164, "E.164" },
362 { CALLBACK_X500, "X.500" },
363 { CALLBACK_CBCP, "CBCP" },
364 { 0, NULL }
365 };
366
367 /* CHAP */
368
369 #define CHAP_CHAL 1
370 #define CHAP_RESP 2
371 #define CHAP_SUCC 3
372 #define CHAP_FAIL 4
373
374 static const struct tok chapcode_values[] = {
375 { CHAP_CHAL, "Challenge" },
376 { CHAP_RESP, "Response" },
377 { CHAP_SUCC, "Success" },
378 { CHAP_FAIL, "Fail" },
379 { 0, NULL}
380 };
381
382 /* PAP */
383
384 #define PAP_AREQ 1
385 #define PAP_AACK 2
386 #define PAP_ANAK 3
387
388 static const struct tok papcode_values[] = {
389 { PAP_AREQ, "Auth-Req" },
390 { PAP_AACK, "Auth-ACK" },
391 { PAP_ANAK, "Auth-NACK" },
392 { 0, NULL }
393 };
394
395 /* BAP */
396 #define BAP_CALLREQ 1
397 #define BAP_CALLRES 2
398 #define BAP_CBREQ 3
399 #define BAP_CBRES 4
400 #define BAP_LDQREQ 5
401 #define BAP_LDQRES 6
402 #define BAP_CSIND 7
403 #define BAP_CSRES 8
404
405 static u_int print_lcp_config_options(netdissect_options *, const u_char *p, u_int);
406 static u_int print_ipcp_config_options(netdissect_options *, const u_char *p, u_int);
407 static u_int print_ip6cp_config_options(netdissect_options *, const u_char *p, u_int);
408 static u_int print_ccp_config_options(netdissect_options *, const u_char *p, u_int);
409 static u_int print_bacp_config_options(netdissect_options *, const u_char *p, u_int);
410 static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, u_int length);
411
412 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
413 static void
414 handle_ctrl_proto(netdissect_options *ndo,
415 u_int proto, const u_char *pptr, u_int length)
416 {
417 const char *typestr;
418 u_int code, len;
419 u_int (*pfunc)(netdissect_options *, const u_char *, u_int);
420 u_int x, j;
421 const u_char *tptr;
422
423 tptr=pptr;
424
425 typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
426 ND_PRINT((ndo, "%s, ", typestr));
427
428 if (length < 4) /* FIXME weak boundary checking */
429 goto trunc;
430 ND_TCHECK2(*tptr, 2);
431
432 code = EXTRACT_U_1(tptr);
433 tptr++;
434
435 ND_PRINT((ndo, "%s (0x%02x), id %u, length %u",
436 tok2str(cpcodes, "Unknown Opcode",code),
437 code,
438 EXTRACT_U_1(tptr), /* ID */
439 length + 2));
440 tptr++;
441
442 if (!ndo->ndo_vflag)
443 return;
444
445 ND_TCHECK_2(tptr);
446 len = EXTRACT_BE_U_2(tptr);
447 tptr += 2;
448
449 if (len < 4) {
450 ND_PRINT((ndo, "\n\tencoded length %u (< 4))", len));
451 return;
452 }
453
454 if (len > length) {
455 ND_PRINT((ndo, "\n\tencoded length %u (> packet length %u))", len, length));
456 return;
457 }
458 length = len;
459
460 ND_PRINT((ndo, "\n\tencoded length %u (=Option(s) length %u)", len, len - 4));
461
462 if (length == 4)
463 return; /* there may be a NULL confreq etc. */
464
465 if (ndo->ndo_vflag > 1)
466 print_unknown_data(ndo, pptr - 2, "\n\t", 6);
467
468
469 switch (code) {
470 case CPCODES_VEXT:
471 if (length < 11)
472 break;
473 ND_TCHECK_4(tptr);
474 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_BE_U_4(tptr)));
475 tptr += 4;
476 ND_TCHECK_3(tptr);
477 ND_PRINT((ndo, " Vendor: %s (%u)",
478 tok2str(oui_values,"Unknown",EXTRACT_BE_U_3(tptr)),
479 EXTRACT_BE_U_3(tptr)));
480 /* XXX: need to decode Kind and Value(s)? */
481 break;
482 case CPCODES_CONF_REQ:
483 case CPCODES_CONF_ACK:
484 case CPCODES_CONF_NAK:
485 case CPCODES_CONF_REJ:
486 x = len - 4; /* Code(1), Identifier(1) and Length(2) */
487 do {
488 switch (proto) {
489 case PPP_LCP:
490 pfunc = print_lcp_config_options;
491 break;
492 case PPP_IPCP:
493 pfunc = print_ipcp_config_options;
494 break;
495 case PPP_IPV6CP:
496 pfunc = print_ip6cp_config_options;
497 break;
498 case PPP_CCP:
499 pfunc = print_ccp_config_options;
500 break;
501 case PPP_BACP:
502 pfunc = print_bacp_config_options;
503 break;
504 default:
505 /*
506 * No print routine for the options for
507 * this protocol.
508 */
509 pfunc = NULL;
510 break;
511 }
512
513 if (pfunc == NULL) /* catch the above null pointer if unknown CP */
514 break;
515
516 if ((j = (*pfunc)(ndo, tptr, len)) == 0)
517 break;
518 x -= j;
519 tptr += j;
520 } while (x != 0);
521 break;
522
523 case CPCODES_TERM_REQ:
524 case CPCODES_TERM_ACK:
525 /* XXX: need to decode Data? */
526 break;
527 case CPCODES_CODE_REJ:
528 /* XXX: need to decode Rejected-Packet? */
529 break;
530 case CPCODES_PROT_REJ:
531 if (length < 6)
532 break;
533 ND_TCHECK_2(tptr);
534 ND_PRINT((ndo, "\n\t Rejected %s Protocol (0x%04x)",
535 tok2str(ppptype2str,"unknown", EXTRACT_BE_U_2(tptr)),
536 EXTRACT_BE_U_2(tptr)));
537 /* XXX: need to decode Rejected-Information? - hexdump for now */
538 if (len > 6) {
539 ND_PRINT((ndo, "\n\t Rejected Packet"));
540 print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2);
541 }
542 break;
543 case CPCODES_ECHO_REQ:
544 case CPCODES_ECHO_RPL:
545 case CPCODES_DISC_REQ:
546 if (length < 8)
547 break;
548 ND_TCHECK_4(tptr);
549 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_BE_U_4(tptr)));
550 /* XXX: need to decode Data? - hexdump for now */
551 if (len > 8) {
552 ND_PRINT((ndo, "\n\t -----trailing data-----"));
553 ND_TCHECK2(tptr[4], len - 8);
554 print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8);
555 }
556 break;
557 case CPCODES_ID:
558 if (length < 8)
559 break;
560 ND_TCHECK_4(tptr);
561 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_BE_U_4(tptr)));
562 /* RFC 1661 says this is intended to be human readable */
563 if (len > 8) {
564 ND_PRINT((ndo, "\n\t Message\n\t "));
565 if (fn_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend))
566 goto trunc;
567 }
568 break;
569 case CPCODES_TIME_REM:
570 if (length < 12)
571 break;
572 ND_TCHECK_4(tptr);
573 ND_PRINT((ndo, "\n\t Magic-Num 0x%08x", EXTRACT_BE_U_4(tptr)));
574 ND_TCHECK_4(tptr + 4);
575 ND_PRINT((ndo, ", Seconds-Remaining %us", EXTRACT_BE_U_4(tptr + 4)));
576 /* XXX: need to decode Message? */
577 break;
578 default:
579 /* XXX this is dirty but we do not get the
580 * original pointer passed to the begin
581 * the PPP packet */
582 if (ndo->ndo_vflag <= 1)
583 print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2);
584 break;
585 }
586 return;
587
588 trunc:
589 ND_PRINT((ndo, "[|%s]", typestr));
590 }
591
592 /* LCP config options */
593 static u_int
594 print_lcp_config_options(netdissect_options *ndo,
595 const u_char *p, u_int length)
596 {
597 u_int opt, len;
598
599 if (length < 2)
600 return 0;
601 ND_TCHECK2(*p, 2);
602 opt = EXTRACT_U_1(p);
603 len = EXTRACT_U_1(p + 1);
604 if (length < len)
605 return 0;
606 if (len < 2) {
607 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
608 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
609 lcpconfopts[opt], opt, len));
610 else
611 ND_PRINT((ndo, "\n\tunknown LCP option 0x%02x", opt));
612 return 0;
613 }
614 if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX))
615 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len));
616 else {
617 ND_PRINT((ndo, "\n\tunknown LCP option 0x%02x", opt));
618 return len;
619 }
620
621 switch (opt) {
622 case LCPOPT_VEXT:
623 if (len < 6) {
624 ND_PRINT((ndo, " (length bogus, should be >= 6)"));
625 return len;
626 }
627 ND_TCHECK_3(p + 2);
628 ND_PRINT((ndo, ": Vendor: %s (%u)",
629 tok2str(oui_values,"Unknown",EXTRACT_BE_U_3(p + 2)),
630 EXTRACT_BE_U_3(p + 2)));
631 #if 0
632 ND_TCHECK_1(p + 5);
633 ND_PRINT((ndo, ", kind: 0x%02x", EXTRACT_U_1(p + 5)));
634 ND_PRINT((ndo, ", Value: 0x"));
635 for (i = 0; i < len - 6; i++) {
636 ND_TCHECK_1(p + 6 + i);
637 ND_PRINT((ndo, "%02x", EXTRACT_U_1(p + 6 + i)));
638 }
639 #endif
640 break;
641 case LCPOPT_MRU:
642 if (len != 4) {
643 ND_PRINT((ndo, " (length bogus, should be = 4)"));
644 return len;
645 }
646 ND_TCHECK_2(p + 2);
647 ND_PRINT((ndo, ": %u", EXTRACT_BE_U_2(p + 2)));
648 break;
649 case LCPOPT_ACCM:
650 if (len != 6) {
651 ND_PRINT((ndo, " (length bogus, should be = 6)"));
652 return len;
653 }
654 ND_TCHECK_4(p + 2);
655 ND_PRINT((ndo, ": 0x%08x", EXTRACT_BE_U_4(p + 2)));
656 break;
657 case LCPOPT_AP:
658 if (len < 4) {
659 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
660 return len;
661 }
662 ND_TCHECK_2(p + 2);
663 ND_PRINT((ndo, ": %s", tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", EXTRACT_BE_U_2(p + 2))));
664
665 switch (EXTRACT_BE_U_2(p + 2)) {
666 case PPP_CHAP:
667 ND_TCHECK_1(p + 4);
668 ND_PRINT((ndo, ", %s", tok2str(authalg_values, "Unknown Auth Alg %u", EXTRACT_U_1(p + 4))));
669 break;
670 case PPP_PAP: /* fall through */
671 case PPP_EAP:
672 case PPP_SPAP:
673 case PPP_SPAP_OLD:
674 break;
675 default:
676 print_unknown_data(ndo, p, "\n\t", len);
677 }
678 break;
679 case LCPOPT_QP:
680 if (len < 4) {
681 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
682 return 0;
683 }
684 ND_TCHECK_2(p + 2);
685 if (EXTRACT_BE_U_2(p + 2) == PPP_LQM)
686 ND_PRINT((ndo, ": LQR"));
687 else
688 ND_PRINT((ndo, ": unknown"));
689 break;
690 case LCPOPT_MN:
691 if (len != 6) {
692 ND_PRINT((ndo, " (length bogus, should be = 6)"));
693 return 0;
694 }
695 ND_TCHECK_4(p + 2);
696 ND_PRINT((ndo, ": 0x%08x", EXTRACT_BE_U_4(p + 2)));
697 break;
698 case LCPOPT_PFC:
699 break;
700 case LCPOPT_ACFC:
701 break;
702 case LCPOPT_LD:
703 if (len != 4) {
704 ND_PRINT((ndo, " (length bogus, should be = 4)"));
705 return 0;
706 }
707 ND_TCHECK_2(p + 2);
708 ND_PRINT((ndo, ": 0x%04x", EXTRACT_BE_U_2(p + 2)));
709 break;
710 case LCPOPT_CBACK:
711 if (len < 3) {
712 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
713 return 0;
714 }
715 ND_PRINT((ndo, ": "));
716 ND_TCHECK_1(p + 2);
717 ND_PRINT((ndo, ": Callback Operation %s (%u)",
718 tok2str(ppp_callback_values, "Unknown", EXTRACT_U_1(p + 2)),
719 EXTRACT_U_1(p + 2)));
720 break;
721 case LCPOPT_MLMRRU:
722 if (len != 4) {
723 ND_PRINT((ndo, " (length bogus, should be = 4)"));
724 return 0;
725 }
726 ND_TCHECK_2(p + 2);
727 ND_PRINT((ndo, ": %u", EXTRACT_BE_U_2(p + 2)));
728 break;
729 case LCPOPT_MLED:
730 if (len < 3) {
731 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
732 return 0;
733 }
734 ND_TCHECK_1(p + 2);
735 switch (EXTRACT_U_1(p + 2)) { /* class */
736 case MEDCLASS_NULL:
737 ND_PRINT((ndo, ": Null"));
738 break;
739 case MEDCLASS_LOCAL:
740 ND_PRINT((ndo, ": Local")); /* XXX */
741 break;
742 case MEDCLASS_IPV4:
743 if (len != 7) {
744 ND_PRINT((ndo, " (length bogus, should be = 7)"));
745 return 0;
746 }
747 ND_TCHECK2(*(p + 3), 4);
748 ND_PRINT((ndo, ": IPv4 %s", ipaddr_string(ndo, p + 3)));
749 break;
750 case MEDCLASS_MAC:
751 if (len != 9) {
752 ND_PRINT((ndo, " (length bogus, should be = 9)"));
753 return 0;
754 }
755 ND_TCHECK2(*(p + 3), 6);
756 ND_PRINT((ndo, ": MAC %s", etheraddr_string(ndo, p + 3)));
757 break;
758 case MEDCLASS_MNB:
759 ND_PRINT((ndo, ": Magic-Num-Block")); /* XXX */
760 break;
761 case MEDCLASS_PSNDN:
762 ND_PRINT((ndo, ": PSNDN")); /* XXX */
763 break;
764 default:
765 ND_PRINT((ndo, ": Unknown class %u", EXTRACT_U_1(p + 2)));
766 break;
767 }
768 break;
769
770 /* XXX: to be supported */
771 #if 0
772 case LCPOPT_DEP6:
773 case LCPOPT_FCSALT:
774 case LCPOPT_SDP:
775 case LCPOPT_NUMMODE:
776 case LCPOPT_DEP12:
777 case LCPOPT_DEP14:
778 case LCPOPT_DEP15:
779 case LCPOPT_DEP16:
780 case LCPOPT_MLSSNHF:
781 case LCPOPT_PROP:
782 case LCPOPT_DCEID:
783 case LCPOPT_MPP:
784 case LCPOPT_LCPAOPT:
785 case LCPOPT_COBS:
786 case LCPOPT_PE:
787 case LCPOPT_MLHF:
788 case LCPOPT_I18N:
789 case LCPOPT_SDLOS:
790 case LCPOPT_PPPMUX:
791 break;
792 #endif
793 default:
794 /*
795 * Unknown option; dump it as raw bytes now if we're
796 * not going to do so below.
797 */
798 if (ndo->ndo_vflag < 2)
799 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
800 break;
801 }
802
803 if (ndo->ndo_vflag > 1)
804 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
805
806 return len;
807
808 trunc:
809 ND_PRINT((ndo, "[|lcp]"));
810 return 0;
811 }
812
813 /* ML-PPP*/
814 static const struct tok ppp_ml_flag_values[] = {
815 { 0x80, "begin" },
816 { 0x40, "end" },
817 { 0, NULL }
818 };
819
820 static void
821 handle_mlppp(netdissect_options *ndo,
822 const u_char *p, u_int length)
823 {
824 if (!ndo->ndo_eflag)
825 ND_PRINT((ndo, "MLPPP, "));
826
827 if (length < 2) {
828 ND_PRINT((ndo, "[|mlppp]"));
829 return;
830 }
831 if (!ND_TTEST_2(p)) {
832 ND_PRINT((ndo, "[|mlppp]"));
833 return;
834 }
835
836 ND_PRINT((ndo, "seq 0x%03x, Flags [%s], length %u",
837 (EXTRACT_BE_U_2(p))&0x0fff, /* only support 12-Bit sequence space for now */
838 bittok2str(ppp_ml_flag_values, "none", EXTRACT_U_1(p) & 0xc0),
839 length));
840 }
841
842 /* CHAP */
843 static void
844 handle_chap(netdissect_options *ndo,
845 const u_char *p, u_int length)
846 {
847 u_int code, len;
848 u_int val_size, name_size, msg_size;
849 const u_char *p0;
850 u_int i;
851
852 p0 = p;
853 if (length < 1) {
854 ND_PRINT((ndo, "[|chap]"));
855 return;
856 } else if (length < 4) {
857 ND_TCHECK_1(p);
858 ND_PRINT((ndo, "[|chap 0x%02x]", EXTRACT_U_1(p)));
859 return;
860 }
861
862 ND_TCHECK_1(p);
863 code = EXTRACT_U_1(p);
864 ND_PRINT((ndo, "CHAP, %s (0x%02x)",
865 tok2str(chapcode_values,"unknown",code),
866 code));
867 p++;
868
869 ND_TCHECK_1(p);
870 ND_PRINT((ndo, ", id %u", EXTRACT_U_1(p))); /* ID */
871 p++;
872
873 ND_TCHECK_2(p);
874 len = EXTRACT_BE_U_2(p);
875 p += 2;
876
877 /*
878 * Note that this is a generic CHAP decoding routine. Since we
879 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
880 * MS-CHAPv2) is used at this point, we can't decode packet
881 * specifically to each algorithms. Instead, we simply decode
882 * the GCD (Gratest Common Denominator) for all algorithms.
883 */
884 switch (code) {
885 case CHAP_CHAL:
886 case CHAP_RESP:
887 if (length - (p - p0) < 1)
888 return;
889 ND_TCHECK_1(p);
890 val_size = EXTRACT_U_1(p); /* value size */
891 p++;
892 if (length - (p - p0) < val_size)
893 return;
894 ND_PRINT((ndo, ", Value "));
895 for (i = 0; i < val_size; i++) {
896 ND_TCHECK_1(p);
897 ND_PRINT((ndo, "%02x", EXTRACT_U_1(p)));
898 p++;
899 }
900 name_size = len - (p - p0);
901 ND_PRINT((ndo, ", Name "));
902 for (i = 0; i < name_size; i++) {
903 ND_TCHECK_1(p);
904 safeputchar(ndo, EXTRACT_U_1(p));
905 p++;
906 }
907 break;
908 case CHAP_SUCC:
909 case CHAP_FAIL:
910 msg_size = len - (p - p0);
911 ND_PRINT((ndo, ", Msg "));
912 for (i = 0; i< msg_size; i++) {
913 ND_TCHECK_1(p);
914 safeputchar(ndo, EXTRACT_U_1(p));
915 p++;
916 }
917 break;
918 }
919 return;
920
921 trunc:
922 ND_PRINT((ndo, "[|chap]"));
923 }
924
925 /* PAP (see RFC 1334) */
926 static void
927 handle_pap(netdissect_options *ndo,
928 const u_char *p, u_int length)
929 {
930 u_int code, len;
931 u_int peerid_len, passwd_len, msg_len;
932 const u_char *p0;
933 u_int i;
934
935 p0 = p;
936 if (length < 1) {
937 ND_PRINT((ndo, "[|pap]"));
938 return;
939 } else if (length < 4) {
940 ND_TCHECK_1(p);
941 ND_PRINT((ndo, "[|pap 0x%02x]", EXTRACT_U_1(p)));
942 return;
943 }
944
945 ND_TCHECK_1(p);
946 code = EXTRACT_U_1(p);
947 ND_PRINT((ndo, "PAP, %s (0x%02x)",
948 tok2str(papcode_values, "unknown", code),
949 code));
950 p++;
951
952 ND_TCHECK_1(p);
953 ND_PRINT((ndo, ", id %u", EXTRACT_U_1(p))); /* ID */
954 p++;
955
956 ND_TCHECK_2(p);
957 len = EXTRACT_BE_U_2(p);
958 p += 2;
959
960 if (len > length) {
961 ND_PRINT((ndo, ", length %u > packet size", len));
962 return;
963 }
964 length = len;
965 if (length < (p - p0)) {
966 ND_PRINT((ndo, ", length %u < PAP header length", length));
967 return;
968 }
969
970 switch (code) {
971 case PAP_AREQ:
972 /* A valid Authenticate-Request is 6 or more octets long. */
973 if (len < 6)
974 goto trunc;
975 if (length - (p - p0) < 1)
976 return;
977 ND_TCHECK_1(p);
978 peerid_len = EXTRACT_U_1(p); /* Peer-ID Length */
979 p++;
980 if (length - (p - p0) < peerid_len)
981 return;
982 ND_PRINT((ndo, ", Peer "));
983 for (i = 0; i < peerid_len; i++) {
984 ND_TCHECK_1(p);
985 safeputchar(ndo, EXTRACT_U_1(p));
986 p++;
987 }
988
989 if (length - (p - p0) < 1)
990 return;
991 ND_TCHECK_1(p);
992 passwd_len = EXTRACT_U_1(p); /* Password Length */
993 p++;
994 if (length - (p - p0) < passwd_len)
995 return;
996 ND_PRINT((ndo, ", Name "));
997 for (i = 0; i < passwd_len; i++) {
998 ND_TCHECK_1(p);
999 safeputchar(ndo, EXTRACT_U_1(p));
1000 p++;
1001 }
1002 break;
1003 case PAP_AACK:
1004 case PAP_ANAK:
1005 /* Although some implementations ignore truncation at
1006 * this point and at least one generates a truncated
1007 * packet, RFC 1334 section 2.2.2 clearly states that
1008 * both AACK and ANAK are at least 5 bytes long.
1009 */
1010 if (len < 5)
1011 goto trunc;
1012 if (length - (p - p0) < 1)
1013 return;
1014 ND_TCHECK_1(p);
1015 msg_len = EXTRACT_U_1(p); /* Msg-Length */
1016 p++;
1017 if (length - (p - p0) < msg_len)
1018 return;
1019 ND_PRINT((ndo, ", Msg "));
1020 for (i = 0; i< msg_len; i++) {
1021 ND_TCHECK_1(p);
1022 safeputchar(ndo, EXTRACT_U_1(p));
1023 p++;
1024 }
1025 break;
1026 }
1027 return;
1028
1029 trunc:
1030 ND_PRINT((ndo, "[|pap]"));
1031 }
1032
1033 /* BAP */
1034 static void
1035 handle_bap(netdissect_options *ndo _U_,
1036 const u_char *p _U_, u_int length _U_)
1037 {
1038 /* XXX: to be supported!! */
1039 }
1040
1041
1042 /* IPCP config options */
1043 static u_int
1044 print_ipcp_config_options(netdissect_options *ndo,
1045 const u_char *p, u_int length)
1046 {
1047 u_int opt, len;
1048 u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen;
1049
1050 if (length < 2)
1051 return 0;
1052 ND_TCHECK2(*p, 2);
1053 opt = EXTRACT_U_1(p);
1054 len = EXTRACT_U_1(p + 1);
1055 if (length < len)
1056 return 0;
1057 if (len < 2) {
1058 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1059 tok2str(ipcpopt_values,"unknown",opt),
1060 opt,
1061 len));
1062 return 0;
1063 }
1064
1065 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1066 tok2str(ipcpopt_values,"unknown",opt),
1067 opt,
1068 len));
1069
1070 switch (opt) {
1071 case IPCPOPT_2ADDR: /* deprecated */
1072 if (len != 10) {
1073 ND_PRINT((ndo, " (length bogus, should be = 10)"));
1074 return len;
1075 }
1076 ND_TCHECK2(*(p + 6), 4);
1077 ND_PRINT((ndo, ": src %s, dst %s",
1078 ipaddr_string(ndo, p + 2),
1079 ipaddr_string(ndo, p + 6)));
1080 break;
1081 case IPCPOPT_IPCOMP:
1082 if (len < 4) {
1083 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1084 return 0;
1085 }
1086 ND_TCHECK_2(p + 2);
1087 compproto = EXTRACT_BE_U_2(p + 2);
1088
1089 ND_PRINT((ndo, ": %s (0x%02x):",
1090 tok2str(ipcpopt_compproto_values, "Unknown", compproto),
1091 compproto));
1092
1093 switch (compproto) {
1094 case PPP_VJC:
1095 /* XXX: VJ-Comp parameters should be decoded */
1096 break;
1097 case IPCPOPT_IPCOMP_HDRCOMP:
1098 if (len < IPCPOPT_IPCOMP_MINLEN) {
1099 ND_PRINT((ndo, " (length bogus, should be >= %u)",
1100 IPCPOPT_IPCOMP_MINLEN));
1101 return 0;
1102 }
1103
1104 ND_TCHECK2(*(p + 2), IPCPOPT_IPCOMP_MINLEN);
1105 ND_PRINT((ndo, "\n\t TCP Space %u, non-TCP Space %u" \
1106 ", maxPeriod %u, maxTime %u, maxHdr %u",
1107 EXTRACT_BE_U_2(p + 4),
1108 EXTRACT_BE_U_2(p + 6),
1109 EXTRACT_BE_U_2(p + 8),
1110 EXTRACT_BE_U_2(p + 10),
1111 EXTRACT_BE_U_2(p + 12)));
1112
1113 /* suboptions present ? */
1114 if (len > IPCPOPT_IPCOMP_MINLEN) {
1115 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN;
1116 p += IPCPOPT_IPCOMP_MINLEN;
1117
1118 ND_PRINT((ndo, "\n\t Suboptions, length %u", ipcomp_subopttotallen));
1119
1120 while (ipcomp_subopttotallen >= 2) {
1121 ND_TCHECK2(*p, 2);
1122 ipcomp_subopt = EXTRACT_U_1(p);
1123 ipcomp_suboptlen = EXTRACT_U_1(p + 1);
1124
1125 /* sanity check */
1126 if (ipcomp_subopt == 0 ||
1127 ipcomp_suboptlen == 0 )
1128 break;
1129
1130 /* XXX: just display the suboptions for now */
1131 ND_PRINT((ndo, "\n\t\t%s Suboption #%u, length %u",
1132 tok2str(ipcpopt_compproto_subopt_values,
1133 "Unknown",
1134 ipcomp_subopt),
1135 ipcomp_subopt,
1136 ipcomp_suboptlen));
1137
1138 ipcomp_subopttotallen -= ipcomp_suboptlen;
1139 p += ipcomp_suboptlen;
1140 }
1141 }
1142 break;
1143 default:
1144 break;
1145 }
1146 break;
1147
1148 case IPCPOPT_ADDR: /* those options share the same format - fall through */
1149 case IPCPOPT_MOBILE4:
1150 case IPCPOPT_PRIDNS:
1151 case IPCPOPT_PRINBNS:
1152 case IPCPOPT_SECDNS:
1153 case IPCPOPT_SECNBNS:
1154 if (len != 6) {
1155 ND_PRINT((ndo, " (length bogus, should be = 6)"));
1156 return 0;
1157 }
1158 ND_TCHECK2(*(p + 2), 4);
1159 ND_PRINT((ndo, ": %s", ipaddr_string(ndo, p + 2)));
1160 break;
1161 default:
1162 /*
1163 * Unknown option; dump it as raw bytes now if we're
1164 * not going to do so below.
1165 */
1166 if (ndo->ndo_vflag < 2)
1167 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
1168 break;
1169 }
1170 if (ndo->ndo_vflag > 1)
1171 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
1172 return len;
1173
1174 trunc:
1175 ND_PRINT((ndo, "[|ipcp]"));
1176 return 0;
1177 }
1178
1179 /* IP6CP config options */
1180 static u_int
1181 print_ip6cp_config_options(netdissect_options *ndo,
1182 const u_char *p, u_int length)
1183 {
1184 u_int opt, len;
1185
1186 if (length < 2)
1187 return 0;
1188 ND_TCHECK2(*p, 2);
1189 opt = EXTRACT_U_1(p);
1190 len = EXTRACT_U_1(p + 1);
1191 if (length < len)
1192 return 0;
1193 if (len < 2) {
1194 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1195 tok2str(ip6cpopt_values,"unknown",opt),
1196 opt,
1197 len));
1198 return 0;
1199 }
1200
1201 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1202 tok2str(ip6cpopt_values,"unknown",opt),
1203 opt,
1204 len));
1205
1206 switch (opt) {
1207 case IP6CP_IFID:
1208 if (len != 10) {
1209 ND_PRINT((ndo, " (length bogus, should be = 10)"));
1210 return len;
1211 }
1212 ND_TCHECK2(*(p + 2), 8);
1213 ND_PRINT((ndo, ": %04x:%04x:%04x:%04x",
1214 EXTRACT_BE_U_2(p + 2),
1215 EXTRACT_BE_U_2(p + 4),
1216 EXTRACT_BE_U_2(p + 6),
1217 EXTRACT_BE_U_2(p + 8)));
1218 break;
1219 default:
1220 /*
1221 * Unknown option; dump it as raw bytes now if we're
1222 * not going to do so below.
1223 */
1224 if (ndo->ndo_vflag < 2)
1225 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
1226 break;
1227 }
1228 if (ndo->ndo_vflag > 1)
1229 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
1230
1231 return len;
1232
1233 trunc:
1234 ND_PRINT((ndo, "[|ip6cp]"));
1235 return 0;
1236 }
1237
1238
1239 /* CCP config options */
1240 static u_int
1241 print_ccp_config_options(netdissect_options *ndo,
1242 const u_char *p, u_int length)
1243 {
1244 u_int opt, len;
1245
1246 if (length < 2)
1247 return 0;
1248 ND_TCHECK2(*p, 2);
1249 opt = EXTRACT_U_1(p);
1250 len = EXTRACT_U_1(p + 1);
1251 if (length < len)
1252 return 0;
1253 if (len < 2) {
1254 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1255 tok2str(ccpconfopts_values, "Unknown", opt),
1256 opt,
1257 len));
1258 return 0;
1259 }
1260
1261 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1262 tok2str(ccpconfopts_values, "Unknown", opt),
1263 opt,
1264 len));
1265
1266 switch (opt) {
1267 case CCPOPT_BSDCOMP:
1268 if (len < 3) {
1269 ND_PRINT((ndo, " (length bogus, should be >= 3)"));
1270 return len;
1271 }
1272 ND_TCHECK_1(p + 2);
1273 ND_PRINT((ndo, ": Version: %u, Dictionary Bits: %u",
1274 EXTRACT_U_1(p + 2) >> 5,
1275 EXTRACT_U_1(p + 2) & 0x1f));
1276 break;
1277 case CCPOPT_MVRCA:
1278 if (len < 4) {
1279 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1280 return len;
1281 }
1282 ND_TCHECK_1(p + 3);
1283 ND_PRINT((ndo, ": Features: %u, PxP: %s, History: %u, #CTX-ID: %u",
1284 (EXTRACT_U_1(p + 2) & 0xc0) >> 6,
1285 (EXTRACT_U_1(p + 2) & 0x20) ? "Enabled" : "Disabled",
1286 EXTRACT_U_1(p + 2) & 0x1f,
1287 EXTRACT_U_1(p + 3)));
1288 break;
1289 case CCPOPT_DEFLATE:
1290 if (len < 4) {
1291 ND_PRINT((ndo, " (length bogus, should be >= 4)"));
1292 return len;
1293 }
1294 ND_TCHECK_1(p + 3);
1295 ND_PRINT((ndo, ": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u",
1296 (EXTRACT_U_1(p + 2) & 0xf0) >> 4,
1297 ((EXTRACT_U_1(p + 2) & 0x0f) == 8) ? "zlib" : "unknown",
1298 EXTRACT_U_1(p + 2) & 0x0f,
1299 (EXTRACT_U_1(p + 3) & 0xfc) >> 2,
1300 EXTRACT_U_1(p + 3) & 0x03));
1301 break;
1302
1303 /* XXX: to be supported */
1304 #if 0
1305 case CCPOPT_OUI:
1306 case CCPOPT_PRED1:
1307 case CCPOPT_PRED2:
1308 case CCPOPT_PJUMP:
1309 case CCPOPT_HPPPC:
1310 case CCPOPT_STACLZS:
1311 case CCPOPT_MPPC:
1312 case CCPOPT_GFZA:
1313 case CCPOPT_V42BIS:
1314 case CCPOPT_LZSDCP:
1315 case CCPOPT_DEC:
1316 case CCPOPT_RESV:
1317 break;
1318 #endif
1319 default:
1320 /*
1321 * Unknown option; dump it as raw bytes now if we're
1322 * not going to do so below.
1323 */
1324 if (ndo->ndo_vflag < 2)
1325 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
1326 break;
1327 }
1328 if (ndo->ndo_vflag > 1)
1329 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
1330
1331 return len;
1332
1333 trunc:
1334 ND_PRINT((ndo, "[|ccp]"));
1335 return 0;
1336 }
1337
1338 /* BACP config options */
1339 static u_int
1340 print_bacp_config_options(netdissect_options *ndo,
1341 const u_char *p, u_int length)
1342 {
1343 u_int opt, len;
1344
1345 if (length < 2)
1346 return 0;
1347 ND_TCHECK2(*p, 2);
1348 opt = EXTRACT_U_1(p);
1349 len = EXTRACT_U_1(p + 1);
1350 if (length < len)
1351 return 0;
1352 if (len < 2) {
1353 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1354 tok2str(bacconfopts_values, "Unknown", opt),
1355 opt,
1356 len));
1357 return 0;
1358 }
1359
1360 ND_PRINT((ndo, "\n\t %s Option (0x%02x), length %u",
1361 tok2str(bacconfopts_values, "Unknown", opt),
1362 opt,
1363 len));
1364
1365 switch (opt) {
1366 case BACPOPT_FPEER:
1367 if (len != 6) {
1368 ND_PRINT((ndo, " (length bogus, should be = 6)"));
1369 return len;
1370 }
1371 ND_TCHECK_4(p + 2);
1372 ND_PRINT((ndo, ": Magic-Num 0x%08x", EXTRACT_BE_U_4(p + 2)));
1373 break;
1374 default:
1375 /*
1376 * Unknown option; dump it as raw bytes now if we're
1377 * not going to do so below.
1378 */
1379 if (ndo->ndo_vflag < 2)
1380 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
1381 break;
1382 }
1383 if (ndo->ndo_vflag > 1)
1384 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
1385
1386 return len;
1387
1388 trunc:
1389 ND_PRINT((ndo, "[|bacp]"));
1390 return 0;
1391 }
1392
1393 static void
1394 ppp_hdlc(netdissect_options *ndo,
1395 const u_char *p, u_int length)
1396 {
1397 u_char *b, *t, c;
1398 const u_char *s;
1399 u_int i, proto;
1400 const void *se;
1401
1402 if (length == 0)
1403 return;
1404
1405 b = (u_char *)malloc(length);
1406 if (b == NULL)
1407 return;
1408
1409 /*
1410 * Unescape all the data into a temporary, private, buffer.
1411 * Do this so that we dont overwrite the original packet
1412 * contents.
1413 */
1414 for (s = p, t = b, i = length; i != 0 && ND_TTEST(*s); i--) {
1415 c = EXTRACT_U_1(s);
1416 s++;
1417 if (c == 0x7d) {
1418 if (i <= 1 || !ND_TTEST_1(s))
1419 break;
1420 i--;
1421 c = EXTRACT_U_1(s) ^ 0x20;
1422 s++;
1423 }
1424 *t++ = c;
1425 }
1426
1427 /*
1428 * Change the end pointer, so bounds checks work.
1429 */
1430 se = ndo->ndo_snapend;
1431 ndo->ndo_snapend = t;
1432 length = t - b;
1433
1434 /* now lets guess about the payload codepoint format */
1435 if (length < 1)
1436 goto trunc;
1437 proto = EXTRACT_U_1(b); /* start with a one-octet codepoint guess */
1438
1439 switch (proto) {
1440 case PPP_IP:
1441 ip_print(ndo, b + 1, length - 1);
1442 goto cleanup;
1443 case PPP_IPV6:
1444 ip6_print(ndo, b + 1, length - 1);
1445 goto cleanup;
1446 default: /* no luck - try next guess */
1447 break;
1448 }
1449
1450 if (length < 2)
1451 goto trunc;
1452 proto = EXTRACT_BE_U_2(b); /* next guess - load two octets */
1453
1454 switch (proto) {
1455 case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */
1456 if (length < 4)
1457 goto trunc;
1458 proto = EXTRACT_BE_U_2(b + 2); /* load the PPP proto-id */
1459 handle_ppp(ndo, proto, b + 4, length - 4);
1460 break;
1461 default: /* last guess - proto must be a PPP proto-id */
1462 handle_ppp(ndo, proto, b + 2, length - 2);
1463 break;
1464 }
1465
1466 cleanup:
1467 ndo->ndo_snapend = se;
1468 free(b);
1469 return;
1470
1471 trunc:
1472 ndo->ndo_snapend = se;
1473 free(b);
1474 ND_PRINT((ndo, "[|ppp]"));
1475 }
1476
1477
1478 /* PPP */
1479 static void
1480 handle_ppp(netdissect_options *ndo,
1481 u_int proto, const u_char *p, u_int length)
1482 {
1483 if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */
1484 ppp_hdlc(ndo, p - 1, length);
1485 return;
1486 }
1487
1488 switch (proto) {
1489 case PPP_LCP: /* fall through */
1490 case PPP_IPCP:
1491 case PPP_OSICP:
1492 case PPP_MPLSCP:
1493 case PPP_IPV6CP:
1494 case PPP_CCP:
1495 case PPP_BACP:
1496 handle_ctrl_proto(ndo, proto, p, length);
1497 break;
1498 case PPP_ML:
1499 handle_mlppp(ndo, p, length);
1500 break;
1501 case PPP_CHAP:
1502 handle_chap(ndo, p, length);
1503 break;
1504 case PPP_PAP:
1505 handle_pap(ndo, p, length);
1506 break;
1507 case PPP_BAP: /* XXX: not yet completed */
1508 handle_bap(ndo, p, length);
1509 break;
1510 case ETHERTYPE_IP: /*XXX*/
1511 case PPP_VJNC:
1512 case PPP_IP:
1513 ip_print(ndo, p, length);
1514 break;
1515 case ETHERTYPE_IPV6: /*XXX*/
1516 case PPP_IPV6:
1517 ip6_print(ndo, p, length);
1518 break;
1519 case ETHERTYPE_IPX: /*XXX*/
1520 case PPP_IPX:
1521 ipx_print(ndo, p, length);
1522 break;
1523 case PPP_OSI:
1524 isoclns_print(ndo, p, length);
1525 break;
1526 case PPP_MPLS_UCAST:
1527 case PPP_MPLS_MCAST:
1528 mpls_print(ndo, p, length);
1529 break;
1530 case PPP_COMP:
1531 ND_PRINT((ndo, "compressed PPP data"));
1532 break;
1533 default:
1534 ND_PRINT((ndo, "%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)));
1535 print_unknown_data(ndo, p, "\n\t", length);
1536 break;
1537 }
1538 }
1539
1540 /* Standard PPP printer */
1541 u_int
1542 ppp_print(netdissect_options *ndo,
1543 register const u_char *p, u_int length)
1544 {
1545 u_int proto,ppp_header;
1546 u_int olen = length; /* _o_riginal length */
1547 u_int hdr_len = 0;
1548
1549 /*
1550 * Here, we assume that p points to the Address and Control
1551 * field (if they present).
1552 */
1553 if (length < 2)
1554 goto trunc;
1555 ND_TCHECK_2(p);
1556 ppp_header = EXTRACT_BE_U_2(p);
1557
1558 switch(ppp_header) {
1559 case (PPP_WITHDIRECTION_IN << 8 | PPP_CONTROL):
1560 if (ndo->ndo_eflag) ND_PRINT((ndo, "In "));
1561 p += 2;
1562 length -= 2;
1563 hdr_len += 2;
1564 break;
1565 case (PPP_WITHDIRECTION_OUT << 8 | PPP_CONTROL):
1566 if (ndo->ndo_eflag) ND_PRINT((ndo, "Out "));
1567 p += 2;
1568 length -= 2;
1569 hdr_len += 2;
1570 break;
1571 case (PPP_ADDRESS << 8 | PPP_CONTROL):
1572 p += 2; /* ACFC not used */
1573 length -= 2;
1574 hdr_len += 2;
1575 break;
1576
1577 default:
1578 break;
1579 }
1580
1581 if (length < 2)
1582 goto trunc;
1583 ND_TCHECK_1(p);
1584 if (EXTRACT_U_1(p) % 2) {
1585 proto = EXTRACT_U_1(p); /* PFC is used */
1586 p++;
1587 length--;
1588 hdr_len++;
1589 } else {
1590 ND_TCHECK_2(p);
1591 proto = EXTRACT_BE_U_2(p);
1592 p += 2;
1593 length -= 2;
1594 hdr_len += 2;
1595 }
1596
1597 if (ndo->ndo_eflag)
1598 ND_PRINT((ndo, "%s (0x%04x), length %u: ",
1599 tok2str(ppptype2str, "unknown", proto),
1600 proto,
1601 olen));
1602
1603 handle_ppp(ndo, proto, p, length);
1604 return (hdr_len);
1605 trunc:
1606 ND_PRINT((ndo, "[|ppp]"));
1607 return (0);
1608 }
1609
1610
1611 /* PPP I/F printer */
1612 u_int
1613 ppp_if_print(netdissect_options *ndo,
1614 const struct pcap_pkthdr *h, register const u_char *p)
1615 {
1616 register u_int length = h->len;
1617 register u_int caplen = h->caplen;
1618
1619 if (caplen < PPP_HDRLEN) {
1620 ND_PRINT((ndo, "[|ppp]"));
1621 return (caplen);
1622 }
1623
1624 #if 0
1625 /*
1626 * XXX: seems to assume that there are 2 octets prepended to an
1627 * actual PPP frame. The 1st octet looks like Input/Output flag
1628 * while 2nd octet is unknown, at least to me
1629 * (mshindo@mshindo.net).
1630 *
1631 * That was what the original tcpdump code did.
1632 *
1633 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
1634 * packets and 0 for inbound packets - but only if the
1635 * protocol field has the 0x8000 bit set (i.e., it's a network
1636 * control protocol); it does so before running the packet through
1637 * "bpf_filter" to see if it should be discarded, and to see
1638 * if we should update the time we sent the most recent packet...
1639 *
1640 * ...but it puts the original address field back after doing
1641 * so.
1642 *
1643 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
1644 *
1645 * I don't know if any PPP implementation handed up to a BPF
1646 * device packets with the first octet being 1 for outbound and
1647 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
1648 * whether that ever needs to be checked or not.
1649 *
1650 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
1651 * and its tcpdump appears to assume that the frame always
1652 * begins with an address field and a control field, and that
1653 * the address field might be 0x0f or 0x8f, for Cisco
1654 * point-to-point with HDLC framing as per section 4.3.1 of RFC
1655 * 1547, as well as 0xff, for PPP in HDLC-like framing as per
1656 * RFC 1662.
1657 *
1658 * (Is the Cisco framing in question what DLT_C_HDLC, in
1659 * BSD/OS, is?)
1660 */
1661 if (ndo->ndo_eflag)
1662 ND_PRINT((ndo, "%c %4d %02x ", EXTRACT_U_1(p) ? 'O' : 'I',
1663 length, EXTRACT_U_1(p + 1)));
1664 #endif
1665
1666 ppp_print(ndo, p, length);
1667
1668 return (0);
1669 }
1670
1671 /*
1672 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
1673 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
1674 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
1675 * discard them *if* those are the first two octets, and parse the remaining
1676 * packet as a PPP packet, as "ppp_print()" does).
1677 *
1678 * This handles, for example, DLT_PPP_SERIAL in NetBSD.
1679 */
1680 u_int
1681 ppp_hdlc_if_print(netdissect_options *ndo,
1682 const struct pcap_pkthdr *h, register const u_char *p)
1683 {
1684 register u_int length = h->len;
1685 register u_int caplen = h->caplen;
1686 u_int proto;
1687 u_int hdrlen = 0;
1688
1689 if (caplen < 2) {
1690 ND_PRINT((ndo, "[|ppp]"));
1691 return (caplen);
1692 }
1693
1694 switch (EXTRACT_U_1(p)) {
1695
1696 case PPP_ADDRESS:
1697 if (caplen < 4 || length < 4) {
1698 ND_PRINT((ndo, "[|ppp]"));
1699 return (caplen);
1700 }
1701
1702 if (ndo->ndo_eflag)
1703 ND_PRINT((ndo, "%02x %02x %u ", EXTRACT_U_1(p),
1704 EXTRACT_U_1(p + 1), length));
1705 p += 2;
1706 length -= 2;
1707 hdrlen += 2;
1708
1709 proto = EXTRACT_BE_U_2(p);
1710 p += 2;
1711 length -= 2;
1712 hdrlen += 2;
1713 ND_PRINT((ndo, "%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)));
1714
1715 handle_ppp(ndo, proto, p, length);
1716 break;
1717
1718 case CHDLC_UNICAST:
1719 case CHDLC_BCAST:
1720 return (chdlc_if_print(ndo, h, p));
1721
1722 default:
1723 if (caplen < 4) {
1724 ND_PRINT((ndo, "[|ppp]"));
1725 return (caplen);
1726 }
1727
1728 if (ndo->ndo_eflag)
1729 ND_PRINT((ndo, "%02x %02x %d ", EXTRACT_U_1(p),
1730 EXTRACT_U_1(p + 1), length));
1731 p += 2;
1732 hdrlen += 2;
1733
1734 /*
1735 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
1736 * the next two octets as an Ethernet type; does that
1737 * ever happen?
1738 */
1739 ND_PRINT((ndo, "unknown addr %02x; ctrl %02x", EXTRACT_U_1(p),
1740 EXTRACT_U_1(p + 1)));
1741 break;
1742 }
1743
1744 return (hdrlen);
1745 }
1746
1747 #define PPP_BSDI_HDRLEN 24
1748
1749 /* BSD/OS specific PPP printer */
1750 u_int
1751 ppp_bsdos_if_print(netdissect_options *ndo _U_,
1752 const struct pcap_pkthdr *h _U_, register const u_char *p _U_)
1753 {
1754 register u_int hdrlength;
1755 #ifdef __bsdi__
1756 register u_int length = h->len;
1757 register u_int caplen = h->caplen;
1758 uint16_t ptype;
1759 uint8_t llhl;
1760 const u_char *q;
1761 u_int i;
1762
1763 if (caplen < PPP_BSDI_HDRLEN) {
1764 ND_PRINT((ndo, "[|ppp]"));
1765 return (caplen)
1766 }
1767
1768 hdrlength = 0;
1769
1770 #if 0
1771 if (EXTRACT_U_1(p) == PPP_ADDRESS &&
1772 EXTRACT_U_1(p + 1) == PPP_CONTROL) {
1773 if (ndo->ndo_eflag)
1774 ND_PRINT((ndo, "%02x %02x ", EXTRACT_U_1(p),
1775 EXTRACT_U_1(p + 1)));
1776 p += 2;
1777 hdrlength = 2;
1778 }
1779
1780 if (ndo->ndo_eflag)
1781 ND_PRINT((ndo, "%d ", length));
1782 /* Retrieve the protocol type */
1783 if (EXTRACT_U_1(p) & 01) {
1784 /* Compressed protocol field */
1785 ptype = EXTRACT_U_1(p);
1786 if (ndo->ndo_eflag)
1787 ND_PRINT((ndo, "%02x ", ptype));
1788 p++;
1789 hdrlength += 1;
1790 } else {
1791 /* Un-compressed protocol field */
1792 ptype = EXTRACT_BE_U_2(p);
1793 if (ndo->ndo_eflag)
1794 ND_PRINT((ndo, "%04x ", ptype));
1795 p += 2;
1796 hdrlength += 2;
1797 }
1798 #else
1799 ptype = 0; /*XXX*/
1800 if (ndo->ndo_eflag)
1801 ND_PRINT((ndo, "%c ", EXTRACT_U_1(p + SLC_DIR) ? 'O' : 'I'));
1802 llhl = EXTRACT_U_1(p + SLC_LLHL);
1803 if (llhl) {
1804 /* link level header */
1805 struct ppp_header *ph;
1806
1807 q = p + SLC_BPFHDRLEN;
1808 ph = (struct ppp_header *)q;
1809 if (ph->phdr_addr == PPP_ADDRESS
1810 && ph->phdr_ctl == PPP_CONTROL) {
1811 if (ndo->ndo_eflag)
1812 ND_PRINT((ndo, "%02x %02x ", EXTRACT_U_1(q),
1813 EXTRACT_U_1(q + 1)));
1814 ptype = EXTRACT_BE_U_2(&ph->phdr_type);
1815 if (ndo->ndo_eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
1816 ND_PRINT((ndo, "%s ", tok2str(ppptype2str,
1817 "proto-#%d", ptype)));
1818 }
1819 } else {
1820 if (ndo->ndo_eflag) {
1821 ND_PRINT((ndo, "LLH=["));
1822 for (i = 0; i < llhl; i++)
1823 ND_PRINT((ndo, "%02x", EXTRACT_U_1(q + i)));
1824 ND_PRINT((ndo, "] "));
1825 }
1826 }
1827 }
1828 if (ndo->ndo_eflag)
1829 ND_PRINT((ndo, "%d ", length));
1830 if (EXTRACT_U_1(p + SLC_CHL)) {
1831 q = p + SLC_BPFHDRLEN + llhl;
1832
1833 switch (ptype) {
1834 case PPP_VJC:
1835 ptype = vjc_print(ndo, q, ptype);
1836 hdrlength = PPP_BSDI_HDRLEN;
1837 p += hdrlength;
1838 switch (ptype) {
1839 case PPP_IP:
1840 ip_print(ndo, p, length);
1841 break;
1842 case PPP_IPV6:
1843 ip6_print(ndo, p, length);
1844 break;
1845 case PPP_MPLS_UCAST:
1846 case PPP_MPLS_MCAST:
1847 mpls_print(ndo, p, length);
1848 break;
1849 }
1850 goto printx;
1851 case PPP_VJNC:
1852 ptype = vjc_print(ndo, q, ptype);
1853 hdrlength = PPP_BSDI_HDRLEN;
1854 p += hdrlength;
1855 switch (ptype) {
1856 case PPP_IP:
1857 ip_print(ndo, p, length);
1858 break;
1859 case PPP_IPV6:
1860 ip6_print(ndo, p, length);
1861 break;
1862 case PPP_MPLS_UCAST:
1863 case PPP_MPLS_MCAST:
1864 mpls_print(ndo, p, length);
1865 break;
1866 }
1867 goto printx;
1868 default:
1869 if (ndo->ndo_eflag) {
1870 ND_PRINT((ndo, "CH=["));
1871 for (i = 0; i < llhl; i++)
1872 ND_PRINT((ndo, "%02x",
1873 EXTRACT_U_1(q + i)));
1874 ND_PRINT((ndo, "] "));
1875 }
1876 break;
1877 }
1878 }
1879
1880 hdrlength = PPP_BSDI_HDRLEN;
1881 #endif
1882
1883 length -= hdrlength;
1884 p += hdrlength;
1885
1886 switch (ptype) {
1887 case PPP_IP:
1888 ip_print(p, length);
1889 break;
1890 case PPP_IPV6:
1891 ip6_print(ndo, p, length);
1892 break;
1893 case PPP_MPLS_UCAST:
1894 case PPP_MPLS_MCAST:
1895 mpls_print(ndo, p, length);
1896 break;
1897 default:
1898 ND_PRINT((ndo, "%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype)));
1899 }
1900
1901 printx:
1902 #else /* __bsdi */
1903 hdrlength = 0;
1904 #endif /* __bsdi__ */
1905 return (hdrlength);
1906 }
1907
1908
1909 /*
1910 * Local Variables:
1911 * c-style: whitesmith
1912 * c-basic-offset: 8
1913 * End:
1914 */
[mirror] the TCPdump network dissector