X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/4bec97f457e593be925e92fa28d73af6a57d81cf..refs/heads/master:/print-ppp.c diff --git a/print-ppp.c b/print-ppp.c index 274e0e32..f7af42a5 100644 --- a/print-ppp.c +++ b/print-ppp.c @@ -22,6 +22,8 @@ * complete PPP support. */ +/* \summary: Point to Point Protocol (PPP) printer */ + /* * TODO: * o resolve XXX as much as possible @@ -29,54 +31,46 @@ * o BAP support */ -#ifndef lint -static const char rcsid[] = - "@(#) $Header: /tcpdump/master/tcpdump/print-ppp.c,v 1.80 2002-12-19 09:39:14 guy Exp $ (LBL)"; -#endif - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include +#include -#ifdef __bsdi__ -#include -#include -#endif +#include "netdissect-stdinc.h" -#include -#include +#include -#include "interface.h" +#include "netdissect.h" #include "extract.h" #include "addrtoname.h" #include "ppp.h" #include "chdlc.h" #include "ethertype.h" +#include "oui.h" +#include "netdissect-alloc.h" /* - * The following constatns are defined by IANA. Please refer to - * http://www.isi.edu/in-notes/iana/assignments/ppp-numbers + * The following constants are defined by IANA. Please refer to + * https://www.isi.edu/in-notes/iana/assignments/ppp-numbers * for the up-to-date information. */ /* Protocol Codes defined in ppp.h */ -struct tok ppptype2str[] = { +static const struct tok ppptype2str[] = { { PPP_IP, "IP" }, { PPP_OSI, "OSI" }, { PPP_NS, "NS" }, { PPP_DECNET, "DECNET" }, { PPP_APPLE, "APPLE" }, { PPP_IPX, "IPX" }, - { PPP_VJC, "VJC" }, - { PPP_VJNC, "VJNC" }, + { PPP_VJC, "VJC IP" }, + { PPP_VJNC, "VJNC IP" }, { PPP_BRPDU, "BRPDU" }, { PPP_STII, "STII" }, { PPP_VINES, "VINES" }, { PPP_MPLS_UCAST, "MPLS" }, { PPP_MPLS_MCAST, "MPLS" }, + { PPP_COMP, "Compressed"}, + { PPP_ML, "MLPPP"}, + { PPP_IPV6, "IP6"}, { PPP_HELLO, "HELLO" }, { PPP_LUXCOM, "LUXCOM" }, @@ -89,15 +83,20 @@ struct tok ppptype2str[] = { { PPP_IPXCP, "IPXCP" }, { PPP_STIICP, "STIICP" }, { PPP_VINESCP, "VINESCP" }, + { PPP_IPV6CP, "IP6CP" }, { PPP_MPLSCP, "MPLSCP" }, { PPP_LCP, "LCP" }, { PPP_PAP, "PAP" }, { PPP_LQM, "LQM" }, { PPP_CHAP, "CHAP" }, + { PPP_EAP, "EAP" }, + { PPP_SPAP, "SPAP" }, + { PPP_SPAP_OLD, "Old-SPAP" }, { PPP_BACP, "BACP" }, { PPP_BAP, "BAP" }, - { PPP_MP, "ML" }, + { PPP_MPCP, "MLPPP-CP" }, + { PPP_CCP, "CCP" }, { 0, NULL } }; @@ -120,7 +119,7 @@ struct tok ppptype2str[] = { #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */ #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */ -struct tok cpcodes[] = { +static const struct tok cpcodes[] = { {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */ {CPCODES_CONF_REQ, "Conf-Request"}, {CPCODES_CONF_ACK, "Conf-Ack"}, @@ -174,9 +173,6 @@ struct tok cpcodes[] = { #define LCPOPT_SDLOS 29 #define LCPOPT_PPPMUX 30 -#define LCPOPT_MIN LCPOPT_VEXT -#define LCPOPT_MAX LCPOPT_PPPMUX - static const char *lcpconfopts[] = { "Vend-Ext", /* (0) */ "MRU", /* (1) */ @@ -193,10 +189,10 @@ static const char *lcpconfopts[] = { "deprecated(12)", /* used to be a Multi-Link-Procedure*/ "Call-Back", /* (13) */ "deprecated(14)", /* used to be a Connect-Time */ - "deprecated(15)", /* used to be a Compund-Frames */ + "deprecated(15)", /* used to be a Compound-Frames */ "deprecated(16)", /* used to be a Nominal-Data-Encap */ "MRRU", /* (17) */ - "SSNHF", /* (18) */ + "12-Bit seq #", /* (18) */ "End-Disc", /* (19) */ "Proprietary", /* (20) */ "DCE-Id", /* (21) */ @@ -211,7 +207,8 @@ static const char *lcpconfopts[] = { "PPP-Muxing", /* (30) */ }; -/* IPV6CP - to be supported */ +#define NUM_LCPOPTS (sizeof(lcpconfopts) / sizeof(lcpconfopts[0])) + /* ECP - to be supported */ /* CCP Config Options */ @@ -235,57 +232,82 @@ static const char *lcpconfopts[] = { /* 27-254 unassigned */ #define CCPOPT_RESV 255 /* RFC1962 */ -#define CCPOPT_MIN CCPOPT_OUI -#define CCPOPT_MAX CCPOPT_DEFLATE /* XXX: should be CCPOPT_RESV but... */ - -static const char *ccpconfopts[] = { - "OUI", /* (0) */ - "Pred-1", /* (1) */ - "Pred-2", /* (2) */ - "Puddle", /* (3) */ - "unassigned(4)", /* (4) */ - "unassigned(5)", /* (5) */ - "unassigned(6)", /* (6) */ - "unassigned(7)", /* (7) */ - "unassigned(8)", /* (8) */ - "unassigned(9)", /* (9) */ - "unassigned(10)", /* (10) */ - "unassigned(11)", /* (11) */ - "unassigned(12)", /* (12) */ - "unassigned(13)", /* (13) */ - "unassigned(14)", /* (14) */ - "unassigned(15)", /* (15) */ - "HP-PPC", /* (16) */ - "Stac-LZS", /* (17) */ - "MPPC", /* (18) */ - "Gand-FZA", /* (19) */ - "V.42bis", /* (20) */ - "BSD-Comp", /* (21) */ - "unassigned(22)", /* (22) */ - "LZS-DCP", /* (23) */ - "MVRCA", /* (24) */ - "DEC", /* (25) */ - "Deflate", /* (26) */ +static const struct tok ccpconfopts_values[] = { + { CCPOPT_OUI, "OUI" }, + { CCPOPT_PRED1, "Pred-1" }, + { CCPOPT_PRED2, "Pred-2" }, + { CCPOPT_PJUMP, "Puddle" }, + { CCPOPT_HPPPC, "HP-PPC" }, + { CCPOPT_STACLZS, "Stac-LZS" }, + { CCPOPT_MPPC, "MPPC" }, + { CCPOPT_GFZA, "Gand-FZA" }, + { CCPOPT_V42BIS, "V.42bis" }, + { CCPOPT_BSDCOMP, "BSD-Comp" }, + { CCPOPT_LZSDCP, "LZS-DCP" }, + { CCPOPT_MVRCA, "MVRCA" }, + { CCPOPT_DEC, "DEC" }, + { CCPOPT_DEFLATE, "Deflate" }, + { CCPOPT_RESV, "Reserved"}, + {0, NULL} }; /* BACP Config Options */ #define BACPOPT_FPEER 1 /* RFC2125 */ +static const struct tok bacconfopts_values[] = { + { BACPOPT_FPEER, "Favored-Peer" }, + {0, NULL} +}; + + /* SDCP - to be supported */ /* IPCP Config Options */ - #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */ #define IPCPOPT_IPCOMP 2 /* RFC1332 */ #define IPCPOPT_ADDR 3 /* RFC1332 */ #define IPCPOPT_MOBILE4 4 /* RFC2290 */ - #define IPCPOPT_PRIDNS 129 /* RFC1877 */ #define IPCPOPT_PRINBNS 130 /* RFC1877 */ #define IPCPOPT_SECDNS 131 /* RFC1877 */ #define IPCPOPT_SECNBNS 132 /* RFC1877 */ +static const struct tok ipcpopt_values[] = { + { IPCPOPT_2ADDR, "IP-Addrs" }, + { IPCPOPT_IPCOMP, "IP-Comp" }, + { IPCPOPT_ADDR, "IP-Addr" }, + { IPCPOPT_MOBILE4, "Home-Addr" }, + { IPCPOPT_PRIDNS, "Pri-DNS" }, + { IPCPOPT_PRINBNS, "Pri-NBNS" }, + { IPCPOPT_SECDNS, "Sec-DNS" }, + { IPCPOPT_SECNBNS, "Sec-NBNS" }, + { 0, NULL } +}; + +#define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */ +#define IPCPOPT_IPCOMP_MINLEN 14 + +static const struct tok ipcpopt_compproto_values[] = { + { PPP_VJC, "VJ-Comp" }, + { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" }, + { 0, NULL } +}; + +static const struct tok ipcpopt_compproto_subopt_values[] = { + { 1, "RTP-Compression" }, + { 2, "Enhanced RTP-Compression" }, + { 0, NULL } +}; + +/* IP6CP Config Options */ +#define IP6CP_IFID 1 + +static const struct tok ip6cpopt_values[] = { + { IP6CP_IFID, "Interface-ID" }, + { 0, NULL } +}; + /* ATCP - to be supported */ /* OSINLCP - to be supported */ /* BVCP - to be supported */ @@ -300,6 +322,13 @@ static const char *ccpconfopts[] = { #define AUTHALG_MSCHAP1 128 /* RFC2433 */ #define AUTHALG_MSCHAP2 129 /* RFC2795 */ +static const struct tok authalg_values[] = { + { AUTHALG_CHAPMD5, "MD5" }, + { AUTHALG_MSCHAP1, "MS-CHAPv1" }, + { AUTHALG_MSCHAP2, "MS-CHAPv2" }, + { 0, NULL } +}; + /* FCS Alternatives - to be supported */ /* Multilink Endpoint Discriminator (RFC1717) */ @@ -318,6 +347,16 @@ static const char *ccpconfopts[] = { #define CALLBACK_X500 4 /* X.500 distinguished name */ #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */ +static const struct tok ppp_callback_values[] = { + { CALLBACK_AUTH, "UserAuth" }, + { CALLBACK_DSTR, "DialString" }, + { CALLBACK_LID, "LocalID" }, + { CALLBACK_E164, "E.164" }, + { CALLBACK_X500, "X.500" }, + { CALLBACK_CBCP, "CBCP" }, + { 0, NULL } +}; + /* CHAP */ #define CHAP_CHAL 1 @@ -325,14 +364,12 @@ static const char *ccpconfopts[] = { #define CHAP_SUCC 3 #define CHAP_FAIL 4 -#define CHAP_CODEMIN CHAP_CHAL -#define CHAP_CODEMAX CHAP_FAIL - -static const char *chapcode[] = { - "Chal", /* (1) */ - "Resp", /* (2) */ - "Succ", /* (3) */ - "Fail", /* (4) */ +static const struct tok chapcode_values[] = { + { CHAP_CHAL, "Challenge" }, + { CHAP_RESP, "Response" }, + { CHAP_SUCC, "Success" }, + { CHAP_FAIL, "Fail" }, + { 0, NULL} }; /* PAP */ @@ -341,13 +378,11 @@ static const char *chapcode[] = { #define PAP_AACK 2 #define PAP_ANAK 3 -#define PAP_CODEMIN PAP_AREQ -#define PAP_CODEMAX PAP_ANAK - -static const char *papcode[] = { - "Auth-Req", /* (1) */ - "Auth-Ack", /* (2) */ - "Auth-Nak", /* (3) */ +static const struct tok papcode_values[] = { + { PAP_AREQ, "Auth-Req" }, + { PAP_AACK, "Auth-ACK" }, + { PAP_ANAK, "Auth-NACK" }, + { 0, NULL } }; /* BAP */ @@ -360,59 +395,85 @@ static const char *papcode[] = { #define BAP_CSIND 7 #define BAP_CSRES 8 -static void handle_ctrl_proto (u_int proto,const u_char *p, int length); -static void handle_chap (const u_char *p, int length); -static void handle_pap (const u_char *p, int length); -static void handle_bap (const u_char *p, int length); -static int print_lcp_config_options (const u_char *p, int); -static int print_ipcp_config_options (const u_char *p, int); -static int print_ccp_config_options (const u_char *p, int); -static int print_bacp_config_options (const u_char *p, int); -static void handle_ppp (u_int proto, const u_char *p, int length); +static u_int print_lcp_config_options(netdissect_options *, const u_char *p, u_int); +static u_int print_ipcp_config_options(netdissect_options *, const u_char *p, u_int); +static u_int print_ip6cp_config_options(netdissect_options *, const u_char *p, u_int); +static u_int print_ccp_config_options(netdissect_options *, const u_char *p, u_int); +static u_int print_bacp_config_options(netdissect_options *, const u_char *p, u_int); +static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, u_int length); /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */ static void -handle_ctrl_proto(u_int proto, const u_char *pptr, int length) +handle_ctrl_proto(netdissect_options *ndo, + u_int proto, const u_char *pptr, u_int length) { + const char *typestr; u_int code, len; - int (*pfunc)(const u_char *, int); - int x, j; + u_int (*pfunc)(netdissect_options *, const u_char *, u_int); + u_int tlen, advance; const u_char *tptr; tptr=pptr; - if (!vflag) /* omit the proto id as we already have printed it */ - printf("%s: ",tok2str(ppptype2str, "unknown", proto)); + typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto); + ND_PRINT("%s, ", typestr); if (length < 4) /* FIXME weak boundary checking */ - return; + goto trunc; + ND_TCHECK_2(tptr); + + code = GET_U_1(tptr); + tptr++; - code = *tptr++; - - printf("%s (%u)", - tok2str(cpcodes, "Unknown Opcode 0x%02x",code), - *tptr++); /* ID */ + ND_PRINT("%s (0x%02x), id %u, length %u", + tok2str(cpcodes, "Unknown Opcode",code), + code, + GET_U_1(tptr), /* ID */ + length + 2); + tptr++; - len = EXTRACT_16BITS(tptr); + if (!ndo->ndo_vflag) + return; + + len = GET_BE_U_2(tptr); tptr += 2; - if (length <= 4) - return; /* there may be a NULL confreq etc. */ + if (len < 4) { + ND_PRINT("\n\tencoded length %u (< 4))", len); + return; + } + + if (len > length) { + ND_PRINT("\n\tencoded length %u (> packet length %u))", len, length); + return; + } + length = len; + + ND_PRINT("\n\tencoded length %u (=Option(s) length %u)", len, len - 4); + + if (length == 4) + return; /* there may be a NULL confreq etc. */ + + if (ndo->ndo_vflag > 1) + print_unknown_data(ndo, pptr - 2, "\n\t", 6); + switch (code) { case CPCODES_VEXT: if (length < 11) break; - printf(", Magic-Num=%08x", EXTRACT_32BITS(tptr)); + ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); tptr += 4; - printf(" OUI=%02x%02x%02x", tptr[0], tptr[1], tptr[2]); + ND_PRINT(" Vendor: %s (%u)", + tok2str(oui_values,"Unknown",GET_BE_U_3(tptr)), + GET_BE_U_3(tptr)); /* XXX: need to decode Kind and Value(s)? */ break; case CPCODES_CONF_REQ: case CPCODES_CONF_ACK: case CPCODES_CONF_NAK: case CPCODES_CONF_REJ: - x = len - 4; /* Code(1), Identifier(1) and Length(2) */ + tlen = len - 4; /* Code(1), Identifier(1) and Length(2) */ do { switch (proto) { case PPP_LCP: @@ -421,6 +482,9 @@ handle_ctrl_proto(u_int proto, const u_char *pptr, int length) case PPP_IPCP: pfunc = print_ipcp_config_options; break; + case PPP_IPV6CP: + pfunc = print_ip6cp_config_options; + break; case PPP_CCP: pfunc = print_ccp_config_options; break; @@ -429,18 +493,27 @@ handle_ctrl_proto(u_int proto, const u_char *pptr, int length) break; default: /* - * This should never happen, but we set - * "pfunc" to squelch uninitialized - * variable warnings from compilers. + * No print routine for the options for + * this protocol. */ pfunc = NULL; break; } - if ((j = (*pfunc)(tptr, len)) == 0) + + if (pfunc == NULL) /* catch the above null pointer if unknown CP */ + break; + + if ((advance = (*pfunc)(ndo, tptr, len)) == 0) break; - x -= j; - tptr += j; - } while (x > 0); + if (tlen < advance) { + ND_PRINT(" [remaining options length %u < %u]", + tlen, advance); + nd_print_invalid(ndo); + break; + } + tlen -= advance; + tptr += advance; + } while (tlen != 0); break; case CPCODES_TERM_REQ: @@ -453,186 +526,220 @@ handle_ctrl_proto(u_int proto, const u_char *pptr, int length) case CPCODES_PROT_REJ: if (length < 6) break; - printf(", Rejected-Protocol=%04x", EXTRACT_16BITS(tptr)); - /* XXX: need to decode Rejected-Information? */ + ND_PRINT("\n\t Rejected %s Protocol (0x%04x)", + tok2str(ppptype2str,"unknown", GET_BE_U_2(tptr)), + GET_BE_U_2(tptr)); + /* XXX: need to decode Rejected-Information? - hexdump for now */ + if (len > 6) { + ND_PRINT("\n\t Rejected Packet"); + print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2); + } break; case CPCODES_ECHO_REQ: case CPCODES_ECHO_RPL: case CPCODES_DISC_REQ: + if (length < 8) + break; + ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); + /* XXX: need to decode Data? - hexdump for now */ + if (len > 8) { + ND_PRINT("\n\t -----trailing data-----"); + ND_TCHECK_LEN(tptr + 4, len - 8); + print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8); + } + break; case CPCODES_ID: if (length < 8) break; - printf(", Magic-Num=%08x", EXTRACT_32BITS(tptr)); - /* XXX: need to decode Data? */ + ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); + /* RFC 1661 says this is intended to be human readable */ + if (len > 8) { + ND_PRINT("\n\t Message\n\t "); + if (nd_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend)) + goto trunc; + } break; case CPCODES_TIME_REM: if (length < 12) break; - printf(", Magic-Num=%08x", EXTRACT_32BITS(tptr)); - printf(" Seconds-Remaining=%u", EXTRACT_32BITS(tptr + 4)); + ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); + ND_PRINT(", Seconds-Remaining %us", GET_BE_U_4(tptr + 4)); /* XXX: need to decode Message? */ break; default: - /* XXX this is dirty but we do not get the - * original pointer passed to the begin - * the PPP packet */ - if (vflag <= 1) - print_unknown_data(pptr-2,"\n\t",length+2); + /* XXX this is dirty but we do not get the + * original pointer passed to the begin + * the PPP packet */ + if (ndo->ndo_vflag <= 1) + print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2); break; } + return; - if (vflag >1) - print_unknown_data(pptr-2,"\n\t",length+2); +trunc: + ND_PRINT("[|%s]", typestr); } /* LCP config options */ -static int -print_lcp_config_options(const u_char *p, int length) +static u_int +print_lcp_config_options(netdissect_options *ndo, + const u_char *p, u_int length) { - int len, opt; + u_int opt, len; if (length < 2) return 0; - len = p[1]; - opt = p[0]; + ND_TCHECK_2(p); + opt = GET_U_1(p); + len = GET_U_1(p + 1); if (length < len) return 0; - if ((opt >= LCPOPT_MIN) && (opt <= LCPOPT_MAX)) - printf(", %s ", lcpconfopts[opt]); + if (len < 2) { + if (opt < NUM_LCPOPTS) + ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", + lcpconfopts[opt], opt, len); + else + ND_PRINT("\n\tunknown LCP option 0x%02x", opt); + return 0; + } + if (opt < NUM_LCPOPTS) + ND_PRINT("\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len); else { - printf(", unknown LCP option 0x%02x", opt); + ND_PRINT("\n\tunknown LCP option 0x%02x", opt); return len; } switch (opt) { case LCPOPT_VEXT: - if (len >= 6) { - printf(" OUI=%02x%02x%02x", p[2], p[3], p[4]); + if (len < 6) { + ND_PRINT(" (length bogus, should be >= 6)"); + return len; + } + ND_PRINT(": Vendor: %s (%u)", + tok2str(oui_values,"Unknown",GET_BE_U_3(p + 2)), + GET_BE_U_3(p + 2)); #if 0 - printf(" kind=%02x", p[5]); - printf(" val=") - for (i = 0; i < len - 6; i++) { - printf("%02x", p[6 + i]); - } -#endif + ND_PRINT(", kind: 0x%02x", GET_U_1(p + 5)); + ND_PRINT(", Value: 0x"); + for (i = 0; i < len - 6; i++) { + ND_PRINT("%02x", GET_U_1(p + 6 + i)); } +#endif break; case LCPOPT_MRU: - if (len == 4) - printf("=%u", EXTRACT_16BITS(p + 2)); + if (len != 4) { + ND_PRINT(" (length bogus, should be = 4)"); + return len; + } + ND_PRINT(": %u", GET_BE_U_2(p + 2)); break; case LCPOPT_ACCM: - if (len == 6) - printf("=%08x", EXTRACT_32BITS(p + 2)); + if (len != 6) { + ND_PRINT(" (length bogus, should be = 6)"); + return len; + } + ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2)); break; case LCPOPT_AP: - if (len >= 4) { - if (p[2] == 0xc0 && p[3] == 0x23) - printf(" PAP"); - else if (p[2] == 0xc2 && p[3] == 0x23) { - printf(" CHAP/"); - switch (p[4]) { - default: - printf("unknown-algorithm-%u", p[4]); - break; - case AUTHALG_CHAPMD5: - printf("MD5"); - break; - case AUTHALG_MSCHAP1: - printf("MSCHAPv1"); - break; - case AUTHALG_MSCHAP2: - printf("MSCHAPv2"); - break; - } - } - else if (p[2] == 0xc2 && p[3] == 0x27) - printf(" EAP"); - else if (p[2] == 0xc0 && p[3] == 0x27) - printf(" SPAP"); - else if (p[2] == 0xc1 && p[3] == 0x23) - printf(" Old-SPAP"); - else - printf("unknown"); + if (len < 4) { + ND_PRINT(" (length bogus, should be >= 4)"); + return len; + } + ND_PRINT(": %s", + tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", GET_BE_U_2(p + 2))); + + switch (GET_BE_U_2(p + 2)) { + case PPP_CHAP: + ND_PRINT(", %s", + tok2str(authalg_values, "Unknown Auth Alg %u", GET_U_1(p + 4))); + break; + case PPP_PAP: /* fall through */ + case PPP_EAP: + case PPP_SPAP: + case PPP_SPAP_OLD: + break; + default: + print_unknown_data(ndo, p, "\n\t", len); } break; case LCPOPT_QP: - if (len >= 4) { - if (p[2] == 0xc0 && p[3] == 0x25) - printf(" LQR"); - else - printf(" unknown"); + if (len < 4) { + ND_PRINT(" (length bogus, should be >= 4)"); + return 0; } + if (GET_BE_U_2(p + 2) == PPP_LQM) + ND_PRINT(": LQR"); + else + ND_PRINT(": unknown"); break; case LCPOPT_MN: - if (len == 6) - printf("=%08x", EXTRACT_32BITS(p + 2)); + if (len != 6) { + ND_PRINT(" (length bogus, should be = 6)"); + return 0; + } + ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2)); break; case LCPOPT_PFC: break; case LCPOPT_ACFC: break; case LCPOPT_LD: - if (len == 4) - printf("=%04x", EXTRACT_16BITS(p + 2)); + if (len != 4) { + ND_PRINT(" (length bogus, should be = 4)"); + return 0; + } + ND_PRINT(": 0x%04x", GET_BE_U_2(p + 2)); break; case LCPOPT_CBACK: - if (len < 3) - break; - switch (p[2]) { /* Operation */ - case CALLBACK_AUTH: - printf(" UserAuth"); - break; - case CALLBACK_DSTR: - printf(" DialString"); - break; - case CALLBACK_LID: - printf(" LocalID"); - break; - case CALLBACK_E164: - printf(" E.164"); - break; - case CALLBACK_X500: - printf(" X.500"); - break; - case CALLBACK_CBCP: - printf(" CBCP"); - break; - default: - printf(" unknown-operation=%u", p[2]); - break; + if (len < 3) { + ND_PRINT(" (length bogus, should be >= 3)"); + return 0; } + ND_PRINT(": Callback Operation %s (%u)", + tok2str(ppp_callback_values, "Unknown", GET_U_1(p + 2)), + GET_U_1(p + 2)); break; case LCPOPT_MLMRRU: - if (len == 4) - printf("=%u", EXTRACT_16BITS(p + 2)); + if (len != 4) { + ND_PRINT(" (length bogus, should be = 4)"); + return 0; + } + ND_PRINT(": %u", GET_BE_U_2(p + 2)); break; case LCPOPT_MLED: - if (len < 3) - break; - switch (p[2]) { /* class */ + if (len < 3) { + ND_PRINT(" (length bogus, should be >= 3)"); + return 0; + } + switch (GET_U_1(p + 2)) { /* class */ case MEDCLASS_NULL: - printf(" Null"); + ND_PRINT(": Null"); break; case MEDCLASS_LOCAL: - printf(" Local"); /* XXX */ + ND_PRINT(": Local"); /* XXX */ break; case MEDCLASS_IPV4: - if (len != 7) - break; - printf(" IPv4=%s", ipaddr_string(p + 3)); + if (len != 7) { + ND_PRINT(" (length bogus, should be = 7)"); + return 0; + } + ND_PRINT(": IPv4 %s", GET_IPADDR_STRING(p + 3)); break; case MEDCLASS_MAC: - if (len != 9) - break; - printf(" MAC=%02x:%02x:%02x:%02x:%02x:%02x", - p[3], p[4], p[5], p[6], p[7], p[8]); + if (len != 9) { + ND_PRINT(" (length bogus, should be = 9)"); + return 0; + } + ND_PRINT(": MAC %s", GET_MAC48_STRING(p + 3)); break; case MEDCLASS_MNB: - printf(" Magic-Num-Block"); /* XXX */ + ND_PRINT(": Magic-Num-Block"); /* XXX */ break; case MEDCLASS_PSNDN: - printf(" PSNDN"); /* XXX */ + ND_PRINT(": PSNDN"); /* XXX */ + break; + default: + ND_PRINT(": Unknown class %u", GET_U_1(p + 2)); break; } break; @@ -647,7 +754,7 @@ print_lcp_config_options(const u_char *p, int length) case LCPOPT_DEP14: case LCPOPT_DEP15: case LCPOPT_DEP16: - case LCPOPT_MLSSNHF: + case LCPOPT_MLSSNHF: case LCPOPT_PROP: case LCPOPT_DCEID: case LCPOPT_MPP: @@ -660,41 +767,85 @@ print_lcp_config_options(const u_char *p, int length) case LCPOPT_PPPMUX: break; #endif + default: + /* + * Unknown option; dump it as raw bytes now if we're + * not going to do so below. + */ + if (ndo->ndo_vflag < 2) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); + break; } + + if (ndo->ndo_vflag > 1) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ + return len; + +trunc: + ND_PRINT("[|lcp]"); + return 0; +} + +/* ML-PPP*/ +static const struct tok ppp_ml_flag_values[] = { + { 0x80, "begin" }, + { 0x40, "end" }, + { 0, NULL } +}; + +static void +handle_mlppp(netdissect_options *ndo, + const u_char *p, u_int length) +{ + if (!ndo->ndo_eflag) + ND_PRINT("MLPPP, "); + + if (length < 2) { + ND_PRINT("[|mlppp]"); + return; + } + if (!ND_TTEST_2(p)) { + ND_PRINT("[|mlppp]"); + return; + } + + ND_PRINT("seq 0x%03x, Flags [%s], length %u", + (GET_BE_U_2(p))&0x0fff, + /* only support 12-Bit sequence space for now */ + bittok2str(ppp_ml_flag_values, "none", GET_U_1(p) & 0xc0), + length); } /* CHAP */ static void -handle_chap(const u_char *p, int length) +handle_chap(netdissect_options *ndo, + const u_char *p, u_int length) { u_int code, len; - int val_size, name_size, msg_size; + u_int val_size, name_size, msg_size; const u_char *p0; - int i; + u_int i; p0 = p; if (length < 1) { - printf("[|chap]"); + ND_PRINT("[|chap]"); return; } else if (length < 4) { - printf("[|chap 0x%02x]", *p); + ND_PRINT("[|chap 0x%02x]", GET_U_1(p)); return; } - code = *p; - if ((code >= CHAP_CODEMIN) && (code <= CHAP_CODEMAX)) - printf("%s", chapcode[code - 1]); - else { - printf("0x%02x", code); - return; - } + code = GET_U_1(p); + ND_PRINT("CHAP, %s (0x%02x)", + tok2str(chapcode_values,"unknown",code), + code); p++; - printf("(%u)", *p); /* ID */ + ND_PRINT(", id %u", GET_U_1(p)); /* ID */ p++; - len = EXTRACT_16BITS(p); + len = GET_BE_U_2(p); p += 2; /* @@ -702,201 +853,395 @@ handle_chap(const u_char *p, int length) * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1, * MS-CHAPv2) is used at this point, we can't decode packet * specifically to each algorithms. Instead, we simply decode - * the GCD (Gratest Common Denominator) for all algorithms. + * the GCD (Greatest Common Denominator) for all algorithms. */ switch (code) { case CHAP_CHAL: case CHAP_RESP: if (length - (p - p0) < 1) return; - val_size = *p; /* value size */ + val_size = GET_U_1(p); /* value size */ p++; if (length - (p - p0) < val_size) return; - printf(", Value="); - for (i = 0; i < val_size; i++) - printf("%02x", *p++); - name_size = len - (p - p0); - printf(", Name="); - for (i = 0; i < name_size; i++) - safeputchar(*p++); + ND_PRINT(", Value "); + for (i = 0; i < val_size; i++) { + ND_PRINT("%02x", GET_U_1(p)); + p++; + } + name_size = len - (u_int)(p - p0); + ND_PRINT(", Name "); + nd_printjn(ndo, p, name_size); break; case CHAP_SUCC: case CHAP_FAIL: - msg_size = len - (p - p0); - printf(", Msg="); - for (i = 0; i< msg_size; i++) - safeputchar(*p++); + msg_size = len - (u_int)(p - p0); + ND_PRINT(", Msg "); + nd_printjn(ndo, p, msg_size); break; } } /* PAP (see RFC 1334) */ static void -handle_pap(const u_char *p, int length) +handle_pap(netdissect_options *ndo, + const u_char *p, u_int length) { u_int code, len; - int peerid_len, passwd_len, msg_len; + u_int peerid_len, passwd_len, msg_len; const u_char *p0; - int i; p0 = p; if (length < 1) { - printf("[|pap]"); + ND_PRINT("[|pap]"); return; } else if (length < 4) { - printf("[|pap 0x%02x]", *p); + ND_PRINT("[|pap 0x%02x]", GET_U_1(p)); return; } - code = *p; - if ((code >= PAP_CODEMIN) && (code <= PAP_CODEMAX)) - printf("%s", papcode[code - 1]); - else { - printf("0x%02x", code); - return; - } + code = GET_U_1(p); + ND_PRINT("PAP, %s (0x%02x)", + tok2str(papcode_values, "unknown", code), + code); p++; - printf("(%u)", *p); /* ID */ + ND_PRINT(", id %u", GET_U_1(p)); /* ID */ p++; - len = EXTRACT_16BITS(p); + len = GET_BE_U_2(p); p += 2; + if (len > length) { + ND_PRINT(", length %u > packet size", len); + return; + } + length = len; + if (length < (size_t)(p - p0)) { + ND_PRINT(", length %u < PAP header length", length); + return; + } + switch (code) { case PAP_AREQ: + /* A valid Authenticate-Request is 6 or more octets long. */ + if (len < 6) + goto trunc; if (length - (p - p0) < 1) return; - peerid_len = *p; /* Peer-ID Length */ + peerid_len = GET_U_1(p); /* Peer-ID Length */ p++; if (length - (p - p0) < peerid_len) return; - printf(", Peer="); - for (i = 0; i < peerid_len; i++) - safeputchar(*p++); + ND_PRINT(", Peer "); + nd_printjn(ndo, p, peerid_len); + p += peerid_len; if (length - (p - p0) < 1) return; - passwd_len = *p; /* Password Length */ + passwd_len = GET_U_1(p); /* Password Length */ p++; if (length - (p - p0) < passwd_len) return; - printf(", Name="); - for (i = 0; i < passwd_len; i++) - safeputchar(*p++); + ND_PRINT(", Name "); + nd_printjn(ndo, p, passwd_len); break; case PAP_AACK: case PAP_ANAK: + /* Although some implementations ignore truncation at + * this point and at least one generates a truncated + * packet, RFC 1334 section 2.2.2 clearly states that + * both AACK and ANAK are at least 5 bytes long. + */ + if (len < 5) + goto trunc; if (length - (p - p0) < 1) return; - msg_len = *p; /* Msg-Length */ + msg_len = GET_U_1(p); /* Msg-Length */ p++; if (length - (p - p0) < msg_len) return; - printf(", Msg="); - for (i = 0; i< msg_len; i++) - safeputchar(*p++); + ND_PRINT(", Msg "); + nd_printjn(ndo, p, msg_len); break; } return; + +trunc: + ND_PRINT("[|pap]"); } /* BAP */ static void -handle_bap(const u_char *p _U_, int length _U_) +handle_bap(netdissect_options *ndo _U_, + const u_char *p _U_, u_int length _U_) { /* XXX: to be supported!! */ } /* IPCP config options */ -static int -print_ipcp_config_options(const u_char *p, int length) +static u_int +print_ipcp_config_options(netdissect_options *ndo, + const u_char *p, u_int length) { - int len, opt; + u_int opt, len; + u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen; if (length < 2) return 0; - len = p[1]; - opt = p[0]; + ND_TCHECK_2(p); + opt = GET_U_1(p); + len = GET_U_1(p + 1); if (length < len) return 0; + if (len < 2) { + ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", + tok2str(ipcpopt_values,"unknown",opt), + opt, + len); + return 0; + } + + ND_PRINT("\n\t %s Option (0x%02x), length %u", + tok2str(ipcpopt_values,"unknown",opt), + opt, + len); + switch (opt) { case IPCPOPT_2ADDR: /* deprecated */ - if (len != 10) - goto invlen; - printf(", IP-Addrs src=%s dst=%s", - ipaddr_string(p + 2), - ipaddr_string(p + 6)); + if (len != 10) { + ND_PRINT(" (length bogus, should be = 10)"); + return len; + } + ND_PRINT(": src %s, dst %s", + GET_IPADDR_STRING(p + 2), + GET_IPADDR_STRING(p + 6)); break; case IPCPOPT_IPCOMP: - if (len < 4) - goto invlen; - printf(", IP-Comp"); - if (EXTRACT_16BITS(p + 2) == PPP_VJC) { - printf(" VJ-Comp"); + if (len < 4) { + ND_PRINT(" (length bogus, should be >= 4)"); + return 0; + } + compproto = GET_BE_U_2(p + 2); + + ND_PRINT(": %s (0x%02x):", + tok2str(ipcpopt_compproto_values, "Unknown", compproto), + compproto); + + switch (compproto) { + case PPP_VJC: /* XXX: VJ-Comp parameters should be decoded */ - } else - printf(" unknown-comp-proto=%04x", EXTRACT_16BITS(p + 2)); - break; - case IPCPOPT_ADDR: - if (len != 6) - goto invlen; - printf(", IP-Addr=%s", ipaddr_string(p + 2)); + break; + case IPCPOPT_IPCOMP_HDRCOMP: + if (len < IPCPOPT_IPCOMP_MINLEN) { + ND_PRINT(" (length bogus, should be >= %u)", + IPCPOPT_IPCOMP_MINLEN); + return 0; + } + + ND_TCHECK_LEN(p + 2, IPCPOPT_IPCOMP_MINLEN); + ND_PRINT("\n\t TCP Space %u, non-TCP Space %u" + ", maxPeriod %u, maxTime %u, maxHdr %u", + GET_BE_U_2(p + 4), + GET_BE_U_2(p + 6), + GET_BE_U_2(p + 8), + GET_BE_U_2(p + 10), + GET_BE_U_2(p + 12)); + + /* suboptions present ? */ + if (len > IPCPOPT_IPCOMP_MINLEN) { + ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN; + p += IPCPOPT_IPCOMP_MINLEN; + + ND_PRINT("\n\t Suboptions, length %u", ipcomp_subopttotallen); + + while (ipcomp_subopttotallen >= 2) { + ND_TCHECK_2(p); + ipcomp_subopt = GET_U_1(p); + ipcomp_suboptlen = GET_U_1(p + 1); + + /* sanity check */ + if (ipcomp_subopt == 0 || + ipcomp_suboptlen == 0 ) + break; + + /* XXX: just display the suboptions for now */ + ND_PRINT("\n\t\t%s Suboption #%u, length %u", + tok2str(ipcpopt_compproto_subopt_values, + "Unknown", + ipcomp_subopt), + ipcomp_subopt, + ipcomp_suboptlen); + if (ipcomp_subopttotallen < ipcomp_suboptlen) { + ND_PRINT(" [remaining suboptions length %u < %u]", + ipcomp_subopttotallen, ipcomp_suboptlen); + nd_print_invalid(ndo); + break; + } + ipcomp_subopttotallen -= ipcomp_suboptlen; + p += ipcomp_suboptlen; + } + } + break; + default: + break; + } break; + + case IPCPOPT_ADDR: /* those options share the same format - fall through */ case IPCPOPT_MOBILE4: - if (len != 6) - goto invlen; - printf(", Home-Addr=%s", ipaddr_string(p + 2)); - break; case IPCPOPT_PRIDNS: - if (len != 6) - goto invlen; - printf(", Pri-DNS=%s", ipaddr_string(p + 2)); - break; case IPCPOPT_PRINBNS: - if (len != 6) - goto invlen; - printf(", Pri-NBNS=%s", ipaddr_string(p + 2)); - break; case IPCPOPT_SECDNS: - if (len != 6) - goto invlen; - printf(", Sec-DNS=%s", ipaddr_string(p + 2)); - break; case IPCPOPT_SECNBNS: - if (len != 6) - goto invlen; - printf(", Sec-NBNS=%s", ipaddr_string(p + 2)); + if (len != 6) { + ND_PRINT(" (length bogus, should be = 6)"); + return 0; + } + ND_PRINT(": %s", GET_IPADDR_STRING(p + 2)); break; default: - printf(", unknown-%d", opt); + /* + * Unknown option; dump it as raw bytes now if we're + * not going to do so below. + */ + if (ndo->ndo_vflag < 2) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); break; } + if (ndo->ndo_vflag > 1 && ND_TTEST_LEN(p + 2, len - 2)) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ return len; -invlen: - printf(", invalid-length-%d", opt); +trunc: + ND_PRINT("[|ipcp]"); return 0; } +/* IP6CP config options */ +static u_int +print_ip6cp_config_options(netdissect_options *ndo, + const u_char *p, u_int length) +{ + u_int opt, len; + + if (length < 2) + return 0; + ND_TCHECK_2(p); + opt = GET_U_1(p); + len = GET_U_1(p + 1); + if (length < len) + return 0; + if (len < 2) { + ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", + tok2str(ip6cpopt_values,"unknown",opt), + opt, + len); + return 0; + } + + ND_PRINT("\n\t %s Option (0x%02x), length %u", + tok2str(ip6cpopt_values,"unknown",opt), + opt, + len); + + switch (opt) { + case IP6CP_IFID: + if (len != 10) { + ND_PRINT(" (length bogus, should be = 10)"); + return len; + } + ND_TCHECK_8(p + 2); + ND_PRINT(": %04x:%04x:%04x:%04x", + GET_BE_U_2(p + 2), + GET_BE_U_2(p + 4), + GET_BE_U_2(p + 6), + GET_BE_U_2(p + 8)); + break; + default: + /* + * Unknown option; dump it as raw bytes now if we're + * not going to do so below. + */ + if (ndo->ndo_vflag < 2) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); + break; + } + if (ndo->ndo_vflag > 1) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ + + return len; + +trunc: + ND_PRINT("[|ip6cp]"); + return 0; +} + + /* CCP config options */ -static int -print_ccp_config_options(const u_char *p, int length) +static u_int +print_ccp_config_options(netdissect_options *ndo, + const u_char *p, u_int length) { - int len, opt; + u_int opt, len; if (length < 2) return 0; - len = p[1]; - opt = p[0]; + ND_TCHECK_2(p); + opt = GET_U_1(p); + len = GET_U_1(p + 1); if (length < len) return 0; - if ((opt >= CCPOPT_MIN) && (opt <= CCPOPT_MAX)) - printf(", %s", ccpconfopts[opt]); -#if 0 /* XXX */ + if (len < 2) { + ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", + tok2str(ccpconfopts_values, "Unknown", opt), + opt, + len); + return 0; + } + + ND_PRINT("\n\t %s Option (0x%02x), length %u", + tok2str(ccpconfopts_values, "Unknown", opt), + opt, + len); + switch (opt) { + case CCPOPT_BSDCOMP: + if (len < 3) { + ND_PRINT(" (length bogus, should be >= 3)"); + return len; + } + ND_PRINT(": Version: %u, Dictionary Bits: %u", + GET_U_1(p + 2) >> 5, + GET_U_1(p + 2) & 0x1f); + break; + case CCPOPT_MVRCA: + if (len < 4) { + ND_PRINT(" (length bogus, should be >= 4)"); + return len; + } + ND_PRINT(": Features: %u, PxP: %s, History: %u, #CTX-ID: %u", + (GET_U_1(p + 2) & 0xc0) >> 6, + (GET_U_1(p + 2) & 0x20) ? "Enabled" : "Disabled", + GET_U_1(p + 2) & 0x1f, + GET_U_1(p + 3)); + break; + case CCPOPT_DEFLATE: + if (len < 4) { + ND_PRINT(" (length bogus, should be >= 4)"); + return len; + } + ND_PRINT(": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u", + (GET_U_1(p + 2) & 0xf0) >> 4, + ((GET_U_1(p + 2) & 0x0f) == 8) ? "zlib" : "unknown", + GET_U_1(p + 2) & 0x0f, + (GET_U_1(p + 3) & 0xfc) >> 2, + GET_U_1(p + 3) & 0x03); + break; + +/* XXX: to be supported */ +#if 0 case CCPOPT_OUI: case CCPOPT_PRED1: case CCPOPT_PRED2: @@ -906,150 +1251,341 @@ print_ccp_config_options(const u_char *p, int length) case CCPOPT_MPPC: case CCPOPT_GFZA: case CCPOPT_V42BIS: - case CCPOPT_BSDCOMP: case CCPOPT_LZSDCP: - case CCPOPT_MVRCA: case CCPOPT_DEC: - case CCPOPT_DEFLATE: case CCPOPT_RESV: break; - +#endif default: - printf(", unknown-%d", opt); + /* + * Unknown option; dump it as raw bytes now if we're + * not going to do so below. + */ + if (ndo->ndo_vflag < 2) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); break; } -#endif + if (ndo->ndo_vflag > 1) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ + return len; + +trunc: + ND_PRINT("[|ccp]"); + return 0; } /* BACP config options */ -static int -print_bacp_config_options(const u_char *p, int length) +static u_int +print_bacp_config_options(netdissect_options *ndo, + const u_char *p, u_int length) { - int len, opt; + u_int opt, len; if (length < 2) return 0; - len = p[1]; - opt = p[0]; + ND_TCHECK_2(p); + opt = GET_U_1(p); + len = GET_U_1(p + 1); if (length < len) return 0; - if (opt == BACPOPT_FPEER) { - printf(", Favored-Peer"); - printf(" Magic-Num=%08x", EXTRACT_32BITS(p + 2)); - } else { - printf(", unknown-option-%d", opt); + if (len < 2) { + ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", + tok2str(bacconfopts_values, "Unknown", opt), + opt, + len); + return 0; + } + + ND_PRINT("\n\t %s Option (0x%02x), length %u", + tok2str(bacconfopts_values, "Unknown", opt), + opt, + len); + + switch (opt) { + case BACPOPT_FPEER: + if (len != 6) { + ND_PRINT(" (length bogus, should be = 6)"); + return len; + } + ND_PRINT(": Magic-Num 0x%08x", GET_BE_U_4(p + 2)); + break; + default: + /* + * Unknown option; dump it as raw bytes now if we're + * not going to do so below. + */ + if (ndo->ndo_vflag < 2) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); + break; } + if (ndo->ndo_vflag > 1) + print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ + return len; + +trunc: + ND_PRINT("[|bacp]"); + return 0; +} + +/* + * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes. + * The length argument is the on-the-wire length, not the captured + * length; we can only un-escape the captured part. + */ +static void +ppp_hdlc(netdissect_options *ndo, + const u_char *p, u_int length) +{ + u_int caplen = ND_BYTES_AVAILABLE_AFTER(p); + u_char *b, *t, c; + const u_char *s; + u_int i, proto; + + if (caplen == 0) + return; + + if (length == 0) + return; + + b = (u_char *)malloc(caplen); + if (b == NULL) { + (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, + "%s: malloc", __func__); + } + + /* + * Unescape all the data into a temporary, private, buffer. + * Do this so that we don't overwrite the original packet + * contents. + */ + for (s = p, t = b, i = caplen; i != 0; i--) { + c = GET_U_1(s); + s++; + if (c == 0x7d) { + if (i <= 1) + break; + i--; + c = GET_U_1(s) ^ 0x20; + s++; + } + *t++ = c; + } + + /* + * Switch to the output buffer for dissection, and save it + * on the buffer stack so it can be freed; our caller must + * pop it when done. + */ + if (!nd_push_buffer(ndo, b, b, (u_int)(t - b))) { + free(b); + (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, + "%s: can't push buffer on buffer stack", __func__); + } + length = ND_BYTES_AVAILABLE_AFTER(b); + + /* now lets guess about the payload codepoint format */ + if (length < 1) + goto trunc; + proto = GET_U_1(b); /* start with a one-octet codepoint guess */ + + switch (proto) { + case PPP_IP: + ip_print(ndo, b + 1, length - 1); + goto cleanup; + case PPP_IPV6: + ip6_print(ndo, b + 1, length - 1); + goto cleanup; + default: /* no luck - try next guess */ + break; + } + + if (length < 2) + goto trunc; + proto = GET_BE_U_2(b); /* next guess - load two octets */ + + switch (proto) { + case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */ + if (length < 4) + goto trunc; + proto = GET_BE_U_2(b + 2); /* load the PPP proto-id */ + if ((proto & 0xff00) == 0x7e00) + ND_PRINT("(protocol 0x%04x invalid)", proto); + else + handle_ppp(ndo, proto, b + 4, length - 4); + break; + default: /* last guess - proto must be a PPP proto-id */ + if ((proto & 0xff00) == 0x7e00) + ND_PRINT("(protocol 0x%04x invalid)", proto); + else + handle_ppp(ndo, proto, b + 2, length - 2); + break; + } + +cleanup: + nd_pop_packet_info(ndo); + return; + +trunc: + nd_pop_packet_info(ndo); + nd_print_trunc(ndo); } /* PPP */ static void -handle_ppp(u_int proto, const u_char *p, int length) +handle_ppp(netdissect_options *ndo, + u_int proto, const u_char *p, u_int length) { + if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */ + ppp_hdlc(ndo, p - 1, length); + return; + } + switch (proto) { - case PPP_LCP: + case PPP_LCP: /* fall through */ case PPP_IPCP: + case PPP_OSICP: + case PPP_MPLSCP: + case PPP_IPV6CP: case PPP_CCP: case PPP_BACP: - handle_ctrl_proto(proto, p, length); + handle_ctrl_proto(ndo, proto, p, length); + break; + case PPP_ML: + handle_mlppp(ndo, p, length); break; case PPP_CHAP: - handle_chap(p, length); + handle_chap(ndo, p, length); break; case PPP_PAP: - handle_pap(p, length); + handle_pap(ndo, p, length); break; case PPP_BAP: /* XXX: not yet completed */ - handle_bap(p, length); + handle_bap(ndo, p, length); break; case ETHERTYPE_IP: /*XXX*/ + case PPP_VJNC: case PPP_IP: - ip_print(p, length); + ip_print(ndo, p, length); break; -#ifdef INET6 case ETHERTYPE_IPV6: /*XXX*/ case PPP_IPV6: - ip6_print(p, length); + ip6_print(ndo, p, length); break; -#endif case ETHERTYPE_IPX: /*XXX*/ case PPP_IPX: - ipx_print(p, length); + ipx_print(ndo, p, length); break; case PPP_OSI: - isoclns_print(p, length, length, NULL, NULL); - break; + isoclns_print(ndo, p, length); + break; case PPP_MPLS_UCAST: case PPP_MPLS_MCAST: - mpls_print(p, length); + mpls_print(ndo, p, length); + break; + case PPP_COMP: + ND_PRINT("compressed PPP data"); break; default: - printf("unknown PPP protocol (0x%04x)", proto); - print_unknown_data(p,"\n\t",length); - break; + ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)); + print_unknown_data(ndo, p, "\n\t", length); + break; } } /* Standard PPP printer */ u_int -ppp_print(register const u_char *p, u_int length) +ppp_print(netdissect_options *ndo, + const u_char *p, u_int length) { - u_int proto; + u_int proto,ppp_header; u_int olen = length; /* _o_riginal length */ u_int hdr_len = 0; + ndo->ndo_protocol = "ppp"; /* * Here, we assume that p points to the Address and Control * field (if they present). */ if (length < 2) goto trunc; - if (*p == PPP_ADDRESS && *(p + 1) == PPP_CONTROL) { - p += 2; /* ACFC not used */ - length -= 2; - hdr_len += 2; - } + ppp_header = GET_BE_U_2(p); + + switch(ppp_header) { + case (PPP_PPPD_IN << 8 | PPP_CONTROL): + if (ndo->ndo_eflag) ND_PRINT("In "); + p += 2; + length -= 2; + hdr_len += 2; + break; + case (PPP_PPPD_OUT << 8 | PPP_CONTROL): + if (ndo->ndo_eflag) ND_PRINT("Out "); + p += 2; + length -= 2; + hdr_len += 2; + break; + case (PPP_ADDRESS << 8 | PPP_CONTROL): + p += 2; /* ACFC not used */ + length -= 2; + hdr_len += 2; + break; + + default: + break; + } if (length < 2) goto trunc; - if (*p % 2) { - proto = *p; /* PFC is used */ + if (GET_U_1(p) % 2) { + proto = GET_U_1(p); /* PFC is used */ p++; length--; hdr_len++; } else { - proto = EXTRACT_16BITS(p); + proto = GET_BE_U_2(p); p += 2; length -= 2; hdr_len += 2; } - if (vflag) - printf("PPP-%s (length: %u): ", - tok2str(ppptype2str, "unknown (0x%04x)", proto), - olen); + if (ndo->ndo_eflag) { + const char *typestr; + typestr = tok2str(ppptype2str, "unknown", proto); + ND_PRINT("%s (0x%04x), length %u", + typestr, + proto, + olen); + if (*typestr == 'u') /* "unknown" */ + return hdr_len; + + ND_PRINT(": "); + } - handle_ppp(proto, p, length); + handle_ppp(ndo, proto, p, length); return (hdr_len); trunc: - printf("[|ppp]"); + nd_print_trunc(ndo); return (0); } /* PPP I/F printer */ -u_int -ppp_if_print(const struct pcap_pkthdr *h, register const u_char *p) +void +ppp_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { - register u_int length = h->len; - register u_int caplen = h->caplen; + u_int length = h->len; + u_int caplen = h->caplen; + ndo->ndo_protocol = "ppp"; if (caplen < PPP_HDRLEN) { - printf("[|ppp]"); - return (caplen); + nd_print_trunc(ndo); + ndo->ndo_ll_hdr_len += caplen; + return; } + ndo->ndo_ll_hdr_len += PPP_HDRLEN; #if 0 /* @@ -1088,13 +1624,12 @@ ppp_if_print(const struct pcap_pkthdr *h, register const u_char *p) * (Is the Cisco framing in question what DLT_C_HDLC, in * BSD/OS, is?) */ - if (eflag) - printf("%c %4d %02x ", p[0] ? 'O' : 'I', length, p[1]); + if (ndo->ndo_eflag) + ND_PRINT("%c %4d %02x ", GET_U_1(p) ? 'O' : 'I', + length, GET_U_1(p + 1)); #endif - ppp_print(p, length); - - return (0); + ppp_print(ndo, p, length); } /* @@ -1106,51 +1641,63 @@ ppp_if_print(const struct pcap_pkthdr *h, register const u_char *p) * * This handles, for example, DLT_PPP_SERIAL in NetBSD. */ -u_int -ppp_hdlc_if_print(const struct pcap_pkthdr *h, register const u_char *p) +void +ppp_hdlc_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { - register u_int length = h->len; - register u_int caplen = h->caplen; + u_int length = h->len; + u_int caplen = h->caplen; u_int proto; u_int hdrlen = 0; + ndo->ndo_protocol = "ppp_hdlc"; if (caplen < 2) { - printf("[|ppp]"); - return (caplen); + nd_print_trunc(ndo); + ndo->ndo_ll_hdr_len += caplen; + return; } - switch (p[0]) { + switch (GET_U_1(p)) { case PPP_ADDRESS: if (caplen < 4) { - printf("[|ppp]"); - return (caplen); + nd_print_trunc(ndo); + ndo->ndo_ll_hdr_len += caplen; + return; } - if (eflag) - printf("%02x %02x %d ", p[0], p[1], length); + if (ndo->ndo_eflag) + ND_PRINT("%02x %02x %u ", GET_U_1(p), + GET_U_1(p + 1), length); p += 2; length -= 2; hdrlen += 2; - proto = EXTRACT_16BITS(p); + proto = GET_BE_U_2(p); p += 2; length -= 2; hdrlen += 2; - printf("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)); + ND_PRINT("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)); - handle_ppp(proto, p, length); + handle_ppp(ndo, proto, p, length); break; case CHDLC_UNICAST: case CHDLC_BCAST: - return (chdlc_if_print(h, p)); + chdlc_if_print(ndo, h, p); + return; default: - if (eflag) - printf("%02x %02x %d ", p[0], p[1], length); + if (caplen < 4) { + nd_print_trunc(ndo); + ndo->ndo_ll_hdr_len += caplen; + return; + } + + if (ndo->ndo_eflag) + ND_PRINT("%02x %02x %u ", GET_U_1(p), + GET_U_1(p + 1), length); p += 2; - length -= 2; hdrlen += 2; /* @@ -1158,169 +1705,10 @@ ppp_hdlc_if_print(const struct pcap_pkthdr *h, register const u_char *p) * the next two octets as an Ethernet type; does that * ever happen? */ - printf("unknown addr %02x; ctrl %02x", p[0], p[1]); - break; - } - - return (hdrlen); -} - -#define PPP_BSDI_HDRLEN 24 - -/* BSD/OS specific PPP printer */ -u_int -ppp_bsdos_if_print(const struct pcap_pkthdr *h _U_, register const u_char *p _U_) -{ - register int hdrlength; -#ifdef __bsdi__ - register u_int length = h->len; - register u_int caplen = h->caplen; - u_int16_t ptype; - const u_char *q; - int i; - - if (caplen < PPP_BSDI_HDRLEN) { - printf("[|ppp]"); - return (caplen) - } - - hdrlength = 0; - -#if 0 - if (p[0] == PPP_ADDRESS && p[1] == PPP_CONTROL) { - if (eflag) - printf("%02x %02x ", p[0], p[1]); - p += 2; - hdrlength = 2; - } - - if (eflag) - printf("%d ", length); - /* Retrieve the protocol type */ - if (*p & 01) { - /* Compressed protocol field */ - ptype = *p; - if (eflag) - printf("%02x ", ptype); - p++; - hdrlength += 1; - } else { - /* Un-compressed protocol field */ - ptype = ntohs(*(u_int16_t *)p); - if (eflag) - printf("%04x ", ptype); - p += 2; - hdrlength += 2; - } -#else - ptype = 0; /*XXX*/ - if (eflag) - printf("%c ", p[SLC_DIR] ? 'O' : 'I'); - if (p[SLC_LLHL]) { - /* link level header */ - struct ppp_header *ph; - - q = p + SLC_BPFHDRLEN; - ph = (struct ppp_header *)q; - if (ph->phdr_addr == PPP_ADDRESS - && ph->phdr_ctl == PPP_CONTROL) { - if (eflag) - printf("%02x %02x ", q[0], q[1]); - ptype = ntohs(ph->phdr_type); - if (eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) { - printf("%s ", tok2str(ppptype2str, - "proto-#%d", ptype)); - } - } else { - if (eflag) { - printf("LLH=["); - for (i = 0; i < p[SLC_LLHL]; i++) - printf("%02x", q[i]); - printf("] "); - } - } - } - if (eflag) - printf("%d ", length); - if (p[SLC_CHL]) { - q = p + SLC_BPFHDRLEN + p[SLC_LLHL]; - - switch (ptype) { - case PPP_VJC: - ptype = vjc_print(q, ptype); - hdrlength = PPP_BSDI_HDRLEN; - p += hdrlength; - switch (ptype) { - case PPP_IP: - ip_print(p, length); - break; -#ifdef INET6 - case PPP_IPV6: - ip6_print(p, length); - break; -#endif - case PPP_MPLS_UCAST: - case PPP_MPLS_MCAST: - mpls_print(p, length); - break; - } - goto printx; - case PPP_VJNC: - ptype = vjc_print(q, ptype); - hdrlength = PPP_BSDI_HDRLEN; - p += hdrlength; - switch (ptype) { - case PPP_IP: - ip_print(p, length); - break; -#ifdef INET6 - case PPP_IPV6: - ip6_print(p, length); - break; -#endif - case PPP_MPLS_UCAST: - case PPP_MPLS_MCAST: - mpls_print(p, length); - break; - } - goto printx; - default: - if (eflag) { - printf("CH=["); - for (i = 0; i < p[SLC_LLHL]; i++) - printf("%02x", q[i]); - printf("] "); - } - break; - } - } - - hdrlength = PPP_BSDI_HDRLEN; -#endif - - length -= hdrlength; - p += hdrlength; - - switch (ptype) { - case PPP_IP: - ip_print(p, length); + ND_PRINT("unknown addr %02x; ctrl %02x", GET_U_1(p), + GET_U_1(p + 1)); break; -#ifdef INET6 - case PPP_IPV6: - ip6_print(p, length); - break; -#endif - case PPP_MPLS_UCAST: - case PPP_MPLS_MCAST: - mpls_print(p, length); - break; - default: - printf("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype)); } -printx: -#else /* __bsdi */ - hdrlength = 0; -#endif /* __bsdi__ */ - return (hdrlength); + ndo->ndo_ll_hdr_len += hdrlen; }