X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/b38f324af9dd953a661b9f35910f8c6d8eb2cc06..c39d40a767a1ae36171e5bcbf6f157ff3e80fb6c:/print-eap.c diff --git a/print-eap.c b/print-eap.c index ea081d19..b0542ad9 100644 --- a/print-eap.c +++ b/print-eap.c @@ -21,10 +21,10 @@ /* \summary: Extensible Authentication Protocol (EAP) printer */ #ifdef HAVE_CONFIG_H -#include "config.h" +#include #endif -#include +#include "netdissect-stdinc.h" #include "netdissect.h" #include "extract.h" @@ -36,9 +36,9 @@ #define EAP_FRAME_TYPE_ENCAP_ASF_ALERT 4 struct eap_frame_t { - unsigned char version; - unsigned char type; - unsigned char length[2]; + nd_uint8_t version; + nd_uint8_t type; + nd_uint16_t length; }; static const struct tok eap_frame_type_values[] = { @@ -52,9 +52,9 @@ static const struct tok eap_frame_type_values[] = { /* RFC 3748 */ struct eap_packet_t { - unsigned char code; - unsigned char id; - unsigned char length[2]; + nd_uint8_t code; + nd_uint8_t id; + nd_uint16_t length; }; #define EAP_REQUEST 1 @@ -148,68 +148,44 @@ static const struct tok eap_aka_subtype_values[] = { */ void eap_print(netdissect_options *ndo, - register const u_char *cp, - u_int length _U_) + const u_char *cp, + u_int length) { - const struct eap_frame_t *eap; - const u_char *tptr; - u_int tlen, type, subtype; - int count=0, len; + u_int type, subtype, len; + int count; - tptr = cp; - tlen = length; - eap = (const struct eap_frame_t *)cp; - ND_TCHECK(*eap); - - /* in non-verbose mode just lets print the basic info */ - if (ndo->ndo_vflag < 1) { - ND_PRINT((ndo, "%s (%u) v%u, len %u", - tok2str(eap_frame_type_values, "unknown", eap->type), - eap->type, - eap->version, - EXTRACT_16BITS(eap->length))); - return; + type = GET_U_1(cp); + len = GET_BE_U_2(cp + 2); + if(len != length) { + goto trunc; } - - ND_PRINT((ndo, "%s (%u) v%u, len %u", - tok2str(eap_frame_type_values, "unknown", eap->type), - eap->type, - eap->version, - EXTRACT_16BITS(eap->length))); - - tptr += sizeof(const struct eap_frame_t); - tlen -= sizeof(const struct eap_frame_t); - - switch (eap->type) { - case EAP_FRAME_TYPE_PACKET: - type = *(tptr); - len = EXTRACT_16BITS(tptr+2); - ND_PRINT((ndo, ", %s (%u), id %u, len %u", - tok2str(eap_code_values, "unknown", type), - type, - *(tptr+1), - len)); - - ND_TCHECK2(*tptr, len); - - if (type <= 2) { /* For EAP_REQUEST and EAP_RESPONSE only */ - subtype = *(tptr+4); - ND_PRINT((ndo, "\n\t\t Type %s (%u)", - tok2str(eap_type_values, "unknown", *(tptr+4)), - *(tptr + 4))); - - switch (subtype) { + ND_PRINT("%s (%u), id %u, len %u", + tok2str(eap_code_values, "unknown", type), + type, + GET_U_1((cp + 1)), + len); + + ND_TCHECK_LEN(cp, len); + + if (type == EAP_REQUEST || type == EAP_RESPONSE) { + /* RFC 3748 Section 4.1 */ + subtype = GET_U_1(cp + 4); + ND_PRINT("\n\t\t Type %s (%u)", + tok2str(eap_type_values, "unknown", subtype), + subtype); + + switch (subtype) { case EAP_TYPE_IDENTITY: if (len - 5 > 0) { - ND_PRINT((ndo, ", Identity: ")); - safeputs(ndo, tptr + 5, len - 5); + ND_PRINT(", Identity: "); + nd_printjnp(ndo, cp + 5, len - 5); } break; case EAP_TYPE_NOTIFICATION: if (len - 5 > 0) { - ND_PRINT((ndo, ", Notification: ")); - safeputs(ndo, tptr + 5, len - 5); + ND_PRINT(", Notification: "); + nd_printjnp(ndo, cp + 5, len - 5); } break; @@ -221,36 +197,37 @@ eap_print(netdissect_options *ndo, * the desired authentication * type one octet per type */ - while (count < len) { - ND_PRINT((ndo, " %s (%u),", - tok2str(eap_type_values, "unknown", *(tptr+count)), - *(tptr + count))); + while (count < (int)len) { + ND_PRINT(" %s (%u),", + tok2str(eap_type_values, "unknown", GET_U_1((cp + count))), + GET_U_1(cp + count)); count++; } break; case EAP_TYPE_TTLS: - ND_PRINT((ndo, " TTLSv%u", - EAP_TTLS_VERSION(*(tptr + 5)))); /* fall through */ case EAP_TYPE_TLS: - ND_PRINT((ndo, " flags [%s] 0x%02x,", - bittok2str(eap_tls_flags_values, "none", *(tptr+5)), - *(tptr + 5))); - - if (EAP_TLS_EXTRACT_BIT_L(*(tptr+5))) { - ND_PRINT((ndo, " len %u", EXTRACT_32BITS(tptr + 6))); + if (subtype == EAP_TYPE_TTLS) + ND_PRINT(" TTLSv%u", + EAP_TTLS_VERSION(GET_U_1((cp + 5)))); + ND_PRINT(" flags [%s] 0x%02x,", + bittok2str(eap_tls_flags_values, "none", GET_U_1((cp + 5))), + GET_U_1(cp + 5)); + + if (EAP_TLS_EXTRACT_BIT_L(GET_U_1(cp + 5))) { + ND_PRINT(" len %u", GET_BE_U_4(cp + 6)); } break; case EAP_TYPE_FAST: - ND_PRINT((ndo, " FASTv%u", - EAP_TTLS_VERSION(*(tptr + 5)))); - ND_PRINT((ndo, " flags [%s] 0x%02x,", - bittok2str(eap_tls_flags_values, "none", *(tptr+5)), - *(tptr + 5))); - - if (EAP_TLS_EXTRACT_BIT_L(*(tptr+5))) { - ND_PRINT((ndo, " len %u", EXTRACT_32BITS(tptr + 6))); + ND_PRINT(" FASTv%u", + EAP_TTLS_VERSION(GET_U_1((cp + 5)))); + ND_PRINT(" flags [%s] 0x%02x,", + bittok2str(eap_tls_flags_values, "none", GET_U_1((cp + 5))), + GET_U_1(cp + 5)); + + if (EAP_TLS_EXTRACT_BIT_L(GET_U_1(cp + 5))) { + ND_PRINT(" len %u", GET_BE_U_4(cp + 6)); } /* FIXME - TLV attributes follow */ @@ -258,9 +235,9 @@ eap_print(netdissect_options *ndo, case EAP_TYPE_AKA: case EAP_TYPE_SIM: - ND_PRINT((ndo, " subtype [%s] 0x%02x,", - tok2str(eap_aka_subtype_values, "unknown", *(tptr+5)), - *(tptr + 5))); + ND_PRINT(" subtype [%s] 0x%02x,", + tok2str(eap_aka_subtype_values, "unknown", GET_U_1((cp + 5))), + GET_U_1(cp + 5)); /* FIXME - TLV attributes follow */ break; @@ -272,10 +249,43 @@ eap_print(netdissect_options *ndo, case EAP_TYPE_EXPERIMENTAL: default: break; - } } - break; + } + return; +trunc: + nd_print_trunc(ndo); +} +void +eapol_print(netdissect_options *ndo, + const u_char *cp) +{ + const struct eap_frame_t *eap; + u_int eap_type, eap_len; + + ndo->ndo_protocol = "eap"; + eap = (const struct eap_frame_t *)cp; + ND_TCHECK_SIZE(eap); + eap_type = GET_U_1(eap->type); + + ND_PRINT("%s (%u) v%u, len %u", + tok2str(eap_frame_type_values, "unknown", eap_type), + eap_type, + GET_U_1(eap->version), + GET_BE_U_2(eap->length)); + if (ndo->ndo_vflag < 1) + return; + + cp += sizeof(struct eap_frame_t); + eap_len = GET_BE_U_2(eap->length); + + switch (eap_type) { + case EAP_FRAME_TYPE_PACKET: + if (eap_len == 0) + goto trunc; + ND_PRINT(", "); + eap_print(ndo, cp, eap_len); + return; case EAP_FRAME_TYPE_LOGOFF: case EAP_FRAME_TYPE_ENCAP_ASF_ALERT: default: @@ -284,11 +294,5 @@ eap_print(netdissect_options *ndo, return; trunc: - ND_PRINT((ndo, "\n\t[|EAP]")); + nd_print_trunc(ndo); } - -/* - * Local Variables: - * c-basic-offset: 4 - * End: - */