From: hannes Date: Thu, 4 Oct 2007 08:34:28 +0000 (+0000) Subject: from Carles Kishimoto : make the EAP printer more verbose X-Git-Tag: tcpdump-4.0.0~68 X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/8005b9c8a61d1ee1662afb44f961284d1c0fe35a from Carles Kishimoto : make the EAP printer more verbose --- diff --git a/print-eap.c b/print-eap.c index 95a2c97e..3c63ec35 100644 --- a/print-eap.c +++ b/print-eap.c @@ -17,12 +17,13 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * Format and print bootp packets. + * Format and print EAP packets. + * */ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-eap.c,v 1.3 2004-04-23 19:03:39 mcr Exp $"; + "@(#) $Header: /tcpdump/master/tcpdump/print-eap.c,v 1.4 2007-10-04 08:34:28 hannes Exp $"; #endif #ifdef HAVE_CONFIG_H @@ -35,37 +36,186 @@ static const char rcsid[] _U_ = #include #include "netdissect.h" +#include "interface.h" #include "addrtoname.h" #include "extract.h" #include "ether.h" +#define EAP_FRAME_TYPE_PACKET 0 +#define EAP_FRAME_TYPE_START 1 +#define EAP_FRAME_TYPE_LOGOFF 2 +#define EAP_FRAME_TYPE_KEY 3 +#define EAP_FRAME_TYPE_ENCAP_ASF_ALERT 4 + +struct eap_frame_t { + unsigned char version; + unsigned char type; + unsigned char length[2]; +}; + +static const struct tok eap_frame_type_values[] = { + { EAP_FRAME_TYPE_PACKET, "EAP packet" }, + { EAP_FRAME_TYPE_START, "EAPOL start" }, + { EAP_FRAME_TYPE_LOGOFF, "EAPOL logoff" }, + { EAP_FRAME_TYPE_KEY, "EAPOL key" }, + { EAP_FRAME_TYPE_ENCAP_ASF_ALERT, "Encapsulated ASF alert" }, + { 0, NULL} +}; + +/* RFC 3748 */ struct eap_packet_t { - unsigned char code; - unsigned char id; - unsigned char length[2]; - unsigned char data[1]; + unsigned char code; + unsigned char id; + unsigned char length[2]; }; +#define EAP_REQUEST 1 +#define EAP_RESPONSE 2 +#define EAP_SUCCESS 3 +#define EAP_FAILURE 4 + +static const struct tok eap_code_values[] = { + { EAP_REQUEST, "Request" }, + { EAP_RESPONSE, "Response" }, + { EAP_SUCCESS, "Success" }, + { EAP_FAILURE, "Failure" }, + { 0, NULL} +}; + +#define EAP_TYPE_NO_PROPOSED 0 +#define EAP_TYPE_IDENTITY 1 +#define EAP_TYPE_NOTIFICATION 2 +#define EAP_TYPE_NAK 3 +#define EAP_TYPE_MD5_CHALLENGE 4 +#define EAP_TYPE_OTP 5 +#define EAP_TYPE_GTC 6 +#define EAP_TYPE_EXPANDED_TYPES 254 +#define EAP_TYPE_EXPERIMENTAL 255 + +static const struct tok eap_type_values[] = { + { EAP_TYPE_NO_PROPOSED, "No proposed" }, + { EAP_TYPE_IDENTITY, "Identity" }, + { EAP_TYPE_NOTIFICATION, "Notification" }, + { EAP_TYPE_NAK, "Nak" }, + { EAP_TYPE_MD5_CHALLENGE, "MD5-challenge" }, + { EAP_TYPE_OTP, "OTP" }, + { EAP_TYPE_GTC, "GTC" }, + { EAP_TYPE_EXPANDED_TYPES, "Expanded types" }, + { EAP_TYPE_EXPERIMENTAL, "Experimental" }, + { 0, NULL} +}; + /* - * Print bootp requests + * Print EAP requests / responses */ void -eap_print(netdissect_options *ndo, - register const u_char *cp, - u_int length _U_) +eap_print(netdissect_options *ndo _U_, + register const u_char *cp, + u_int length _U_) { - const struct eap_packet_t *eap; + const struct eap_frame_t *eap; + const u_char *tptr; + u_int tlen, type, subtype; + int count=0, len; + + tptr = cp; + tlen = length; + eap = (const struct eap_frame_t *)cp; + TCHECK(*eap); - eap = (const struct eap_packet_t *)cp; - ND_TCHECK(eap->data); + /* in non-verbose mode just lets print the basic info */ + if (vflag < 1) { + printf("%s (%u) v%u, len %u", + tok2str(eap_frame_type_values, "unknown", eap->type), + eap->type, + eap->version, + EXTRACT_16BITS(eap->length)); + return; + } + + printf("%s (%u) v%u, len %u", + tok2str(eap_frame_type_values, "unknown", eap->type), + eap->type, + eap->version, + EXTRACT_16BITS(eap->length)); - ND_PRINT((ndo, "EAP code=%u id=%u length=%u ", - eap->code, eap->id, (eap->length[0]<<8) + eap->length[1])); + tptr += sizeof(const struct eap_frame_t); + tlen -= sizeof(const struct eap_frame_t); - if (!ndo->ndo_vflag) - return; + switch (eap->type) { + case EAP_FRAME_TYPE_PACKET: + type = *(tptr); + len = EXTRACT_16BITS(tptr+2); + printf(", %s (%u), id %u, len %u", + tok2str(eap_code_values, "unknown", type), + type, + *(tptr+1), + len); -trunc: - ; + if (!TTEST2(*tptr, len)) + goto trunc; + + if (type <= 2) { /* For EAP_REQUEST and EAP_RESPONSE only */ + subtype = *(tptr+4); + printf("\n\t\t Type %s (%u)", + tok2str(eap_type_values, "unknown", *(tptr+4)), + *(tptr+4)); + + switch (subtype) { + case EAP_TYPE_IDENTITY: + if (len - 5 > 0) { + printf(", Identity: "); + safeputs((const char *)tptr+5, len-5); + } + break; + + case EAP_TYPE_NOTIFICATION: + if (len - 5 > 0) { + printf(", Notification: "); + safeputs((const char *)tptr+5, len-5); + } + break; + + case EAP_TYPE_NAK: + count = 5; + + /* + * one or more octets indicating + * the desired authentication + * type one octet per type + */ + while (count < len) { + printf(" %s (%u),", + tok2str(eap_type_values, "unknown", *(tptr+count)), + *(tptr+count)); + count++; + } + break; + + case EAP_TYPE_MD5_CHALLENGE: + case EAP_TYPE_OTP: + case EAP_TYPE_GTC: + case EAP_TYPE_EXPANDED_TYPES: + case EAP_TYPE_EXPERIMENTAL: + default: + break; + } + } + break; + + case EAP_FRAME_TYPE_LOGOFF: + case EAP_FRAME_TYPE_ENCAP_ASF_ALERT: + default: + break; + } + return; + + trunc: + printf("\n\t[|EAP]"); } +/* + * Local Variables: + * c-basic-offset: 4 + * End: + */