1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
22 * complete PPP support.
23 */
24
25 /* \summary: Point to Point Protocol (PPP) printer */
26
27 /*
28 * TODO:
29 * o resolve XXX as much as possible
30 * o MP support
31 * o BAP support
32 */
33
34 #include <config.h>
35
36 #include "netdissect-stdinc.h"
37
38 #include <stdlib.h>
39
40 #ifdef __bsdi__
41 #include <net/slcompress.h>
42 #include <net/if_ppp.h>
43 #endif
44
45 #include <stdlib.h>
46
47 #include "netdissect.h"
48 #include "extract.h"
49 #include "addrtoname.h"
50 #include "ppp.h"
51 #include "chdlc.h"
52 #include "ethertype.h"
53 #include "oui.h"
54 #include "netdissect-alloc.h"
55
56 /*
57 * The following constants are defined by IANA. Please refer to
58 * https://www.isi.edu/in-notes/iana/assignments/ppp-numbers
59 * for the up-to-date information.
60 */
61
62 /* Protocol Codes defined in ppp.h */
63
64 static const struct tok ppptype2str[] = {
65 { PPP_IP, "IP" },
66 { PPP_OSI, "OSI" },
67 { PPP_NS, "NS" },
68 { PPP_DECNET, "DECNET" },
69 { PPP_APPLE, "APPLE" },
70 { PPP_IPX, "IPX" },
71 { PPP_VJC, "VJC IP" },
72 { PPP_VJNC, "VJNC IP" },
73 { PPP_BRPDU, "BRPDU" },
74 { PPP_STII, "STII" },
75 { PPP_VINES, "VINES" },
76 { PPP_MPLS_UCAST, "MPLS" },
77 { PPP_MPLS_MCAST, "MPLS" },
78 { PPP_COMP, "Compressed"},
79 { PPP_ML, "MLPPP"},
80 { PPP_IPV6, "IP6"},
81
82 { PPP_HELLO, "HELLO" },
83 { PPP_LUXCOM, "LUXCOM" },
84 { PPP_SNS, "SNS" },
85 { PPP_IPCP, "IPCP" },
86 { PPP_OSICP, "OSICP" },
87 { PPP_NSCP, "NSCP" },
88 { PPP_DECNETCP, "DECNETCP" },
89 { PPP_APPLECP, "APPLECP" },
90 { PPP_IPXCP, "IPXCP" },
91 { PPP_STIICP, "STIICP" },
92 { PPP_VINESCP, "VINESCP" },
93 { PPP_IPV6CP, "IP6CP" },
94 { PPP_MPLSCP, "MPLSCP" },
95
96 { PPP_LCP, "LCP" },
97 { PPP_PAP, "PAP" },
98 { PPP_LQM, "LQM" },
99 { PPP_CHAP, "CHAP" },
100 { PPP_EAP, "EAP" },
101 { PPP_SPAP, "SPAP" },
102 { PPP_SPAP_OLD, "Old-SPAP" },
103 { PPP_BACP, "BACP" },
104 { PPP_BAP, "BAP" },
105 { PPP_MPCP, "MLPPP-CP" },
106 { PPP_CCP, "CCP" },
107 { 0, NULL }
108 };
109
110 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
111
112 #define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */
113 #define CPCODES_CONF_REQ 1 /* Configure-Request */
114 #define CPCODES_CONF_ACK 2 /* Configure-Ack */
115 #define CPCODES_CONF_NAK 3 /* Configure-Nak */
116 #define CPCODES_CONF_REJ 4 /* Configure-Reject */
117 #define CPCODES_TERM_REQ 5 /* Terminate-Request */
118 #define CPCODES_TERM_ACK 6 /* Terminate-Ack */
119 #define CPCODES_CODE_REJ 7 /* Code-Reject */
120 #define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */
121 #define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */
122 #define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */
123 #define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */
124 #define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */
125 #define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */
126 #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */
127 #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */
128
129 static const struct tok cpcodes[] = {
130 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */
131 {CPCODES_CONF_REQ, "Conf-Request"},
132 {CPCODES_CONF_ACK, "Conf-Ack"},
133 {CPCODES_CONF_NAK, "Conf-Nack"},
134 {CPCODES_CONF_REJ, "Conf-Reject"},
135 {CPCODES_TERM_REQ, "Term-Request"},
136 {CPCODES_TERM_ACK, "Term-Ack"},
137 {CPCODES_CODE_REJ, "Code-Reject"},
138 {CPCODES_PROT_REJ, "Prot-Reject"},
139 {CPCODES_ECHO_REQ, "Echo-Request"},
140 {CPCODES_ECHO_RPL, "Echo-Reply"},
141 {CPCODES_DISC_REQ, "Disc-Req"},
142 {CPCODES_ID, "Ident"}, /* RFC1570 */
143 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */
144 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */
145 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */
146 {0, NULL}
147 };
148
149 /* LCP Config Options */
150
151 #define LCPOPT_VEXT 0
152 #define LCPOPT_MRU 1
153 #define LCPOPT_ACCM 2
154 #define LCPOPT_AP 3
155 #define LCPOPT_QP 4
156 #define LCPOPT_MN 5
157 #define LCPOPT_DEP6 6
158 #define LCPOPT_PFC 7
159 #define LCPOPT_ACFC 8
160 #define LCPOPT_FCSALT 9
161 #define LCPOPT_SDP 10
162 #define LCPOPT_NUMMODE 11
163 #define LCPOPT_DEP12 12
164 #define LCPOPT_CBACK 13
165 #define LCPOPT_DEP14 14
166 #define LCPOPT_DEP15 15
167 #define LCPOPT_DEP16 16
168 #define LCPOPT_MLMRRU 17
169 #define LCPOPT_MLSSNHF 18
170 #define LCPOPT_MLED 19
171 #define LCPOPT_PROP 20
172 #define LCPOPT_DCEID 21
173 #define LCPOPT_MPP 22
174 #define LCPOPT_LD 23
175 #define LCPOPT_LCPAOPT 24
176 #define LCPOPT_COBS 25
177 #define LCPOPT_PE 26
178 #define LCPOPT_MLHF 27
179 #define LCPOPT_I18N 28
180 #define LCPOPT_SDLOS 29
181 #define LCPOPT_PPPMUX 30
182
183 static const char *lcpconfopts[] = {
184 "Vend-Ext", /* (0) */
185 "MRU", /* (1) */
186 "ACCM", /* (2) */
187 "Auth-Prot", /* (3) */
188 "Qual-Prot", /* (4) */
189 "Magic-Num", /* (5) */
190 "deprecated(6)", /* used to be a Quality Protocol */
191 "PFC", /* (7) */
192 "ACFC", /* (8) */
193 "FCS-Alt", /* (9) */
194 "SDP", /* (10) */
195 "Num-Mode", /* (11) */
196 "deprecated(12)", /* used to be a Multi-Link-Procedure*/
197 "Call-Back", /* (13) */
198 "deprecated(14)", /* used to be a Connect-Time */
199 "deprecated(15)", /* used to be a Compound-Frames */
200 "deprecated(16)", /* used to be a Nominal-Data-Encap */
201 "MRRU", /* (17) */
202 "12-Bit seq #", /* (18) */
203 "End-Disc", /* (19) */
204 "Proprietary", /* (20) */
205 "DCE-Id", /* (21) */
206 "MP+", /* (22) */
207 "Link-Disc", /* (23) */
208 "LCP-Auth-Opt", /* (24) */
209 "COBS", /* (25) */
210 "Prefix-elision", /* (26) */
211 "Multilink-header-Form",/* (27) */
212 "I18N", /* (28) */
213 "SDL-over-SONET/SDH", /* (29) */
214 "PPP-Muxing", /* (30) */
215 };
216
217 #define NUM_LCPOPTS (sizeof(lcpconfopts) / sizeof(lcpconfopts[0]))
218
219 /* ECP - to be supported */
220
221 /* CCP Config Options */
222
223 #define CCPOPT_OUI 0 /* RFC1962 */
224 #define CCPOPT_PRED1 1 /* RFC1962 */
225 #define CCPOPT_PRED2 2 /* RFC1962 */
226 #define CCPOPT_PJUMP 3 /* RFC1962 */
227 /* 4-15 unassigned */
228 #define CCPOPT_HPPPC 16 /* RFC1962 */
229 #define CCPOPT_STACLZS 17 /* RFC1974 */
230 #define CCPOPT_MPPC 18 /* RFC2118 */
231 #define CCPOPT_GFZA 19 /* RFC1962 */
232 #define CCPOPT_V42BIS 20 /* RFC1962 */
233 #define CCPOPT_BSDCOMP 21 /* RFC1977 */
234 /* 22 unassigned */
235 #define CCPOPT_LZSDCP 23 /* RFC1967 */
236 #define CCPOPT_MVRCA 24 /* RFC1975 */
237 #define CCPOPT_DEC 25 /* RFC1976 */
238 #define CCPOPT_DEFLATE 26 /* RFC1979 */
239 /* 27-254 unassigned */
240 #define CCPOPT_RESV 255 /* RFC1962 */
241
242 static const struct tok ccpconfopts_values[] = {
243 { CCPOPT_OUI, "OUI" },
244 { CCPOPT_PRED1, "Pred-1" },
245 { CCPOPT_PRED2, "Pred-2" },
246 { CCPOPT_PJUMP, "Puddle" },
247 { CCPOPT_HPPPC, "HP-PPC" },
248 { CCPOPT_STACLZS, "Stac-LZS" },
249 { CCPOPT_MPPC, "MPPC" },
250 { CCPOPT_GFZA, "Gand-FZA" },
251 { CCPOPT_V42BIS, "V.42bis" },
252 { CCPOPT_BSDCOMP, "BSD-Comp" },
253 { CCPOPT_LZSDCP, "LZS-DCP" },
254 { CCPOPT_MVRCA, "MVRCA" },
255 { CCPOPT_DEC, "DEC" },
256 { CCPOPT_DEFLATE, "Deflate" },
257 { CCPOPT_RESV, "Reserved"},
258 {0, NULL}
259 };
260
261 /* BACP Config Options */
262
263 #define BACPOPT_FPEER 1 /* RFC2125 */
264
265 static const struct tok bacconfopts_values[] = {
266 { BACPOPT_FPEER, "Favored-Peer" },
267 {0, NULL}
268 };
269
270
271 /* SDCP - to be supported */
272
273 /* IPCP Config Options */
274 #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
275 #define IPCPOPT_IPCOMP 2 /* RFC1332 */
276 #define IPCPOPT_ADDR 3 /* RFC1332 */
277 #define IPCPOPT_MOBILE4 4 /* RFC2290 */
278 #define IPCPOPT_PRIDNS 129 /* RFC1877 */
279 #define IPCPOPT_PRINBNS 130 /* RFC1877 */
280 #define IPCPOPT_SECDNS 131 /* RFC1877 */
281 #define IPCPOPT_SECNBNS 132 /* RFC1877 */
282
283 static const struct tok ipcpopt_values[] = {
284 { IPCPOPT_2ADDR, "IP-Addrs" },
285 { IPCPOPT_IPCOMP, "IP-Comp" },
286 { IPCPOPT_ADDR, "IP-Addr" },
287 { IPCPOPT_MOBILE4, "Home-Addr" },
288 { IPCPOPT_PRIDNS, "Pri-DNS" },
289 { IPCPOPT_PRINBNS, "Pri-NBNS" },
290 { IPCPOPT_SECDNS, "Sec-DNS" },
291 { IPCPOPT_SECNBNS, "Sec-NBNS" },
292 { 0, NULL }
293 };
294
295 #define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */
296 #define IPCPOPT_IPCOMP_MINLEN 14
297
298 static const struct tok ipcpopt_compproto_values[] = {
299 { PPP_VJC, "VJ-Comp" },
300 { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" },
301 { 0, NULL }
302 };
303
304 static const struct tok ipcpopt_compproto_subopt_values[] = {
305 { 1, "RTP-Compression" },
306 { 2, "Enhanced RTP-Compression" },
307 { 0, NULL }
308 };
309
310 /* IP6CP Config Options */
311 #define IP6CP_IFID 1
312
313 static const struct tok ip6cpopt_values[] = {
314 { IP6CP_IFID, "Interface-ID" },
315 { 0, NULL }
316 };
317
318 /* ATCP - to be supported */
319 /* OSINLCP - to be supported */
320 /* BVCP - to be supported */
321 /* BCP - to be supported */
322 /* IPXCP - to be supported */
323 /* MPLSCP - to be supported */
324
325 /* Auth Algorithms */
326
327 /* 0-4 Reserved (RFC1994) */
328 #define AUTHALG_CHAPMD5 5 /* RFC1994 */
329 #define AUTHALG_MSCHAP1 128 /* RFC2433 */
330 #define AUTHALG_MSCHAP2 129 /* RFC2795 */
331
332 static const struct tok authalg_values[] = {
333 { AUTHALG_CHAPMD5, "MD5" },
334 { AUTHALG_MSCHAP1, "MS-CHAPv1" },
335 { AUTHALG_MSCHAP2, "MS-CHAPv2" },
336 { 0, NULL }
337 };
338
339 /* FCS Alternatives - to be supported */
340
341 /* Multilink Endpoint Discriminator (RFC1717) */
342 #define MEDCLASS_NULL 0 /* Null Class */
343 #define MEDCLASS_LOCAL 1 /* Locally Assigned */
344 #define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */
345 #define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */
346 #define MEDCLASS_MNB 4 /* PPP Magic Number Block */
347 #define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */
348
349 /* PPP LCP Callback */
350 #define CALLBACK_AUTH 0 /* Location determined by user auth */
351 #define CALLBACK_DSTR 1 /* Dialing string */
352 #define CALLBACK_LID 2 /* Location identifier */
353 #define CALLBACK_E164 3 /* E.164 number */
354 #define CALLBACK_X500 4 /* X.500 distinguished name */
355 #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */
356
357 static const struct tok ppp_callback_values[] = {
358 { CALLBACK_AUTH, "UserAuth" },
359 { CALLBACK_DSTR, "DialString" },
360 { CALLBACK_LID, "LocalID" },
361 { CALLBACK_E164, "E.164" },
362 { CALLBACK_X500, "X.500" },
363 { CALLBACK_CBCP, "CBCP" },
364 { 0, NULL }
365 };
366
367 /* CHAP */
368
369 #define CHAP_CHAL 1
370 #define CHAP_RESP 2
371 #define CHAP_SUCC 3
372 #define CHAP_FAIL 4
373
374 static const struct tok chapcode_values[] = {
375 { CHAP_CHAL, "Challenge" },
376 { CHAP_RESP, "Response" },
377 { CHAP_SUCC, "Success" },
378 { CHAP_FAIL, "Fail" },
379 { 0, NULL}
380 };
381
382 /* PAP */
383
384 #define PAP_AREQ 1
385 #define PAP_AACK 2
386 #define PAP_ANAK 3
387
388 static const struct tok papcode_values[] = {
389 { PAP_AREQ, "Auth-Req" },
390 { PAP_AACK, "Auth-ACK" },
391 { PAP_ANAK, "Auth-NACK" },
392 { 0, NULL }
393 };
394
395 /* BAP */
396 #define BAP_CALLREQ 1
397 #define BAP_CALLRES 2
398 #define BAP_CBREQ 3
399 #define BAP_CBRES 4
400 #define BAP_LDQREQ 5
401 #define BAP_LDQRES 6
402 #define BAP_CSIND 7
403 #define BAP_CSRES 8
404
405 static u_int print_lcp_config_options(netdissect_options *, const u_char *p, u_int);
406 static u_int print_ipcp_config_options(netdissect_options *, const u_char *p, u_int);
407 static u_int print_ip6cp_config_options(netdissect_options *, const u_char *p, u_int);
408 static u_int print_ccp_config_options(netdissect_options *, const u_char *p, u_int);
409 static u_int print_bacp_config_options(netdissect_options *, const u_char *p, u_int);
410 static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, u_int length);
411
412 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
413 static void
handle_ctrl_proto(netdissect_options * ndo,u_int proto,const u_char * pptr,u_int length)414 handle_ctrl_proto(netdissect_options *ndo,
415 u_int proto, const u_char *pptr, u_int length)
416 {
417 const char *typestr;
418 u_int code, len;
419 u_int (*pfunc)(netdissect_options *, const u_char *, u_int);
420 u_int tlen, advance;
421 const u_char *tptr;
422
423 tptr=pptr;
424
425 typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
426 ND_PRINT("%s, ", typestr);
427
428 if (length < 4) /* FIXME weak boundary checking */
429 goto trunc;
430 ND_TCHECK_2(tptr);
431
432 code = GET_U_1(tptr);
433 tptr++;
434
435 ND_PRINT("%s (0x%02x), id %u, length %u",
436 tok2str(cpcodes, "Unknown Opcode",code),
437 code,
438 GET_U_1(tptr), /* ID */
439 length + 2);
440 tptr++;
441
442 if (!ndo->ndo_vflag)
443 return;
444
445 len = GET_BE_U_2(tptr);
446 tptr += 2;
447
448 if (len < 4) {
449 ND_PRINT("\n\tencoded length %u (< 4))", len);
450 return;
451 }
452
453 if (len > length) {
454 ND_PRINT("\n\tencoded length %u (> packet length %u))", len, length);
455 return;
456 }
457 length = len;
458
459 ND_PRINT("\n\tencoded length %u (=Option(s) length %u)", len, len - 4);
460
461 if (length == 4)
462 return; /* there may be a NULL confreq etc. */
463
464 if (ndo->ndo_vflag > 1)
465 print_unknown_data(ndo, pptr - 2, "\n\t", 6);
466
467
468 switch (code) {
469 case CPCODES_VEXT:
470 if (length < 11)
471 break;
472 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr));
473 tptr += 4;
474 ND_PRINT(" Vendor: %s (%u)",
475 tok2str(oui_values,"Unknown",GET_BE_U_3(tptr)),
476 GET_BE_U_3(tptr));
477 /* XXX: need to decode Kind and Value(s)? */
478 break;
479 case CPCODES_CONF_REQ:
480 case CPCODES_CONF_ACK:
481 case CPCODES_CONF_NAK:
482 case CPCODES_CONF_REJ:
483 tlen = len - 4; /* Code(1), Identifier(1) and Length(2) */
484 do {
485 switch (proto) {
486 case PPP_LCP:
487 pfunc = print_lcp_config_options;
488 break;
489 case PPP_IPCP:
490 pfunc = print_ipcp_config_options;
491 break;
492 case PPP_IPV6CP:
493 pfunc = print_ip6cp_config_options;
494 break;
495 case PPP_CCP:
496 pfunc = print_ccp_config_options;
497 break;
498 case PPP_BACP:
499 pfunc = print_bacp_config_options;
500 break;
501 default:
502 /*
503 * No print routine for the options for
504 * this protocol.
505 */
506 pfunc = NULL;
507 break;
508 }
509
510 if (pfunc == NULL) /* catch the above null pointer if unknown CP */
511 break;
512
513 if ((advance = (*pfunc)(ndo, tptr, len)) == 0)
514 break;
515 if (tlen < advance) {
516 ND_PRINT(" [remaining options length %u < %u]",
517 tlen, advance);
518 nd_print_invalid(ndo);
519 break;
520 }
521 tlen -= advance;
522 tptr += advance;
523 } while (tlen != 0);
524 break;
525
526 case CPCODES_TERM_REQ:
527 case CPCODES_TERM_ACK:
528 /* XXX: need to decode Data? */
529 break;
530 case CPCODES_CODE_REJ:
531 /* XXX: need to decode Rejected-Packet? */
532 break;
533 case CPCODES_PROT_REJ:
534 if (length < 6)
535 break;
536 ND_PRINT("\n\t Rejected %s Protocol (0x%04x)",
537 tok2str(ppptype2str,"unknown", GET_BE_U_2(tptr)),
538 GET_BE_U_2(tptr));
539 /* XXX: need to decode Rejected-Information? - hexdump for now */
540 if (len > 6) {
541 ND_PRINT("\n\t Rejected Packet");
542 print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2);
543 }
544 break;
545 case CPCODES_ECHO_REQ:
546 case CPCODES_ECHO_RPL:
547 case CPCODES_DISC_REQ:
548 if (length < 8)
549 break;
550 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr));
551 /* XXX: need to decode Data? - hexdump for now */
552 if (len > 8) {
553 ND_PRINT("\n\t -----trailing data-----");
554 ND_TCHECK_LEN(tptr + 4, len - 8);
555 print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8);
556 }
557 break;
558 case CPCODES_ID:
559 if (length < 8)
560 break;
561 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr));
562 /* RFC 1661 says this is intended to be human readable */
563 if (len > 8) {
564 ND_PRINT("\n\t Message\n\t ");
565 if (nd_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend))
566 goto trunc;
567 }
568 break;
569 case CPCODES_TIME_REM:
570 if (length < 12)
571 break;
572 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr));
573 ND_PRINT(", Seconds-Remaining %us", GET_BE_U_4(tptr + 4));
574 /* XXX: need to decode Message? */
575 break;
576 default:
577 /* XXX this is dirty but we do not get the
578 * original pointer passed to the begin
579 * the PPP packet */
580 if (ndo->ndo_vflag <= 1)
581 print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2);
582 break;
583 }
584 return;
585
586 trunc:
587 ND_PRINT("[|%s]", typestr);
588 }
589
590 /* LCP config options */
591 static u_int
print_lcp_config_options(netdissect_options * ndo,const u_char * p,u_int length)592 print_lcp_config_options(netdissect_options *ndo,
593 const u_char *p, u_int length)
594 {
595 u_int opt, len;
596
597 if (length < 2)
598 return 0;
599 ND_TCHECK_2(p);
600 opt = GET_U_1(p);
601 len = GET_U_1(p + 1);
602 if (length < len)
603 return 0;
604 if (len < 2) {
605 if (opt < NUM_LCPOPTS)
606 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
607 lcpconfopts[opt], opt, len);
608 else
609 ND_PRINT("\n\tunknown LCP option 0x%02x", opt);
610 return 0;
611 }
612 if (opt < NUM_LCPOPTS)
613 ND_PRINT("\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len);
614 else {
615 ND_PRINT("\n\tunknown LCP option 0x%02x", opt);
616 return len;
617 }
618
619 switch (opt) {
620 case LCPOPT_VEXT:
621 if (len < 6) {
622 ND_PRINT(" (length bogus, should be >= 6)");
623 return len;
624 }
625 ND_PRINT(": Vendor: %s (%u)",
626 tok2str(oui_values,"Unknown",GET_BE_U_3(p + 2)),
627 GET_BE_U_3(p + 2));
628 #if 0
629 ND_PRINT(", kind: 0x%02x", GET_U_1(p + 5));
630 ND_PRINT(", Value: 0x");
631 for (i = 0; i < len - 6; i++) {
632 ND_PRINT("%02x", GET_U_1(p + 6 + i));
633 }
634 #endif
635 break;
636 case LCPOPT_MRU:
637 if (len != 4) {
638 ND_PRINT(" (length bogus, should be = 4)");
639 return len;
640 }
641 ND_PRINT(": %u", GET_BE_U_2(p + 2));
642 break;
643 case LCPOPT_ACCM:
644 if (len != 6) {
645 ND_PRINT(" (length bogus, should be = 6)");
646 return len;
647 }
648 ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2));
649 break;
650 case LCPOPT_AP:
651 if (len < 4) {
652 ND_PRINT(" (length bogus, should be >= 4)");
653 return len;
654 }
655 ND_PRINT(": %s",
656 tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", GET_BE_U_2(p + 2)));
657
658 switch (GET_BE_U_2(p + 2)) {
659 case PPP_CHAP:
660 ND_PRINT(", %s",
661 tok2str(authalg_values, "Unknown Auth Alg %u", GET_U_1(p + 4)));
662 break;
663 case PPP_PAP: /* fall through */
664 case PPP_EAP:
665 case PPP_SPAP:
666 case PPP_SPAP_OLD:
667 break;
668 default:
669 print_unknown_data(ndo, p, "\n\t", len);
670 }
671 break;
672 case LCPOPT_QP:
673 if (len < 4) {
674 ND_PRINT(" (length bogus, should be >= 4)");
675 return 0;
676 }
677 if (GET_BE_U_2(p + 2) == PPP_LQM)
678 ND_PRINT(": LQR");
679 else
680 ND_PRINT(": unknown");
681 break;
682 case LCPOPT_MN:
683 if (len != 6) {
684 ND_PRINT(" (length bogus, should be = 6)");
685 return 0;
686 }
687 ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2));
688 break;
689 case LCPOPT_PFC:
690 break;
691 case LCPOPT_ACFC:
692 break;
693 case LCPOPT_LD:
694 if (len != 4) {
695 ND_PRINT(" (length bogus, should be = 4)");
696 return 0;
697 }
698 ND_PRINT(": 0x%04x", GET_BE_U_2(p + 2));
699 break;
700 case LCPOPT_CBACK:
701 if (len < 3) {
702 ND_PRINT(" (length bogus, should be >= 3)");
703 return 0;
704 }
705 ND_PRINT(": Callback Operation %s (%u)",
706 tok2str(ppp_callback_values, "Unknown", GET_U_1(p + 2)),
707 GET_U_1(p + 2));
708 break;
709 case LCPOPT_MLMRRU:
710 if (len != 4) {
711 ND_PRINT(" (length bogus, should be = 4)");
712 return 0;
713 }
714 ND_PRINT(": %u", GET_BE_U_2(p + 2));
715 break;
716 case LCPOPT_MLED:
717 if (len < 3) {
718 ND_PRINT(" (length bogus, should be >= 3)");
719 return 0;
720 }
721 switch (GET_U_1(p + 2)) { /* class */
722 case MEDCLASS_NULL:
723 ND_PRINT(": Null");
724 break;
725 case MEDCLASS_LOCAL:
726 ND_PRINT(": Local"); /* XXX */
727 break;
728 case MEDCLASS_IPV4:
729 if (len != 7) {
730 ND_PRINT(" (length bogus, should be = 7)");
731 return 0;
732 }
733 ND_PRINT(": IPv4 %s", GET_IPADDR_STRING(p + 3));
734 break;
735 case MEDCLASS_MAC:
736 if (len != 9) {
737 ND_PRINT(" (length bogus, should be = 9)");
738 return 0;
739 }
740 ND_PRINT(": MAC %s", GET_ETHERADDR_STRING(p + 3));
741 break;
742 case MEDCLASS_MNB:
743 ND_PRINT(": Magic-Num-Block"); /* XXX */
744 break;
745 case MEDCLASS_PSNDN:
746 ND_PRINT(": PSNDN"); /* XXX */
747 break;
748 default:
749 ND_PRINT(": Unknown class %u", GET_U_1(p + 2));
750 break;
751 }
752 break;
753
754 /* XXX: to be supported */
755 #if 0
756 case LCPOPT_DEP6:
757 case LCPOPT_FCSALT:
758 case LCPOPT_SDP:
759 case LCPOPT_NUMMODE:
760 case LCPOPT_DEP12:
761 case LCPOPT_DEP14:
762 case LCPOPT_DEP15:
763 case LCPOPT_DEP16:
764 case LCPOPT_MLSSNHF:
765 case LCPOPT_PROP:
766 case LCPOPT_DCEID:
767 case LCPOPT_MPP:
768 case LCPOPT_LCPAOPT:
769 case LCPOPT_COBS:
770 case LCPOPT_PE:
771 case LCPOPT_MLHF:
772 case LCPOPT_I18N:
773 case LCPOPT_SDLOS:
774 case LCPOPT_PPPMUX:
775 break;
776 #endif
777 default:
778 /*
779 * Unknown option; dump it as raw bytes now if we're
780 * not going to do so below.
781 */
782 if (ndo->ndo_vflag < 2)
783 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
784 break;
785 }
786
787 if (ndo->ndo_vflag > 1)
788 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
789
790 return len;
791
792 trunc:
793 ND_PRINT("[|lcp]");
794 return 0;
795 }
796
797 /* ML-PPP*/
798 static const struct tok ppp_ml_flag_values[] = {
799 { 0x80, "begin" },
800 { 0x40, "end" },
801 { 0, NULL }
802 };
803
804 static void
handle_mlppp(netdissect_options * ndo,const u_char * p,u_int length)805 handle_mlppp(netdissect_options *ndo,
806 const u_char *p, u_int length)
807 {
808 if (!ndo->ndo_eflag)
809 ND_PRINT("MLPPP, ");
810
811 if (length < 2) {
812 ND_PRINT("[|mlppp]");
813 return;
814 }
815 if (!ND_TTEST_2(p)) {
816 ND_PRINT("[|mlppp]");
817 return;
818 }
819
820 ND_PRINT("seq 0x%03x, Flags [%s], length %u",
821 (GET_BE_U_2(p))&0x0fff,
822 /* only support 12-Bit sequence space for now */
823 bittok2str(ppp_ml_flag_values, "none", GET_U_1(p) & 0xc0),
824 length);
825 }
826
827 /* CHAP */
828 static void
handle_chap(netdissect_options * ndo,const u_char * p,u_int length)829 handle_chap(netdissect_options *ndo,
830 const u_char *p, u_int length)
831 {
832 u_int code, len;
833 u_int val_size, name_size, msg_size;
834 const u_char *p0;
835 u_int i;
836
837 p0 = p;
838 if (length < 1) {
839 ND_PRINT("[|chap]");
840 return;
841 } else if (length < 4) {
842 ND_PRINT("[|chap 0x%02x]", GET_U_1(p));
843 return;
844 }
845
846 code = GET_U_1(p);
847 ND_PRINT("CHAP, %s (0x%02x)",
848 tok2str(chapcode_values,"unknown",code),
849 code);
850 p++;
851
852 ND_PRINT(", id %u", GET_U_1(p)); /* ID */
853 p++;
854
855 len = GET_BE_U_2(p);
856 p += 2;
857
858 /*
859 * Note that this is a generic CHAP decoding routine. Since we
860 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
861 * MS-CHAPv2) is used at this point, we can't decode packet
862 * specifically to each algorithms. Instead, we simply decode
863 * the GCD (Greatest Common Denominator) for all algorithms.
864 */
865 switch (code) {
866 case CHAP_CHAL:
867 case CHAP_RESP:
868 if (length - (p - p0) < 1)
869 return;
870 val_size = GET_U_1(p); /* value size */
871 p++;
872 if (length - (p - p0) < val_size)
873 return;
874 ND_PRINT(", Value ");
875 for (i = 0; i < val_size; i++) {
876 ND_PRINT("%02x", GET_U_1(p));
877 p++;
878 }
879 name_size = len - (u_int)(p - p0);
880 ND_PRINT(", Name ");
881 for (i = 0; i < name_size; i++) {
882 fn_print_char(ndo, GET_U_1(p));
883 p++;
884 }
885 break;
886 case CHAP_SUCC:
887 case CHAP_FAIL:
888 msg_size = len - (u_int)(p - p0);
889 ND_PRINT(", Msg ");
890 for (i = 0; i< msg_size; i++) {
891 fn_print_char(ndo, GET_U_1(p));
892 p++;
893 }
894 break;
895 }
896 }
897
898 /* PAP (see RFC 1334) */
899 static void
handle_pap(netdissect_options * ndo,const u_char * p,u_int length)900 handle_pap(netdissect_options *ndo,
901 const u_char *p, u_int length)
902 {
903 u_int code, len;
904 u_int peerid_len, passwd_len, msg_len;
905 const u_char *p0;
906 u_int i;
907
908 p0 = p;
909 if (length < 1) {
910 ND_PRINT("[|pap]");
911 return;
912 } else if (length < 4) {
913 ND_PRINT("[|pap 0x%02x]", GET_U_1(p));
914 return;
915 }
916
917 code = GET_U_1(p);
918 ND_PRINT("PAP, %s (0x%02x)",
919 tok2str(papcode_values, "unknown", code),
920 code);
921 p++;
922
923 ND_PRINT(", id %u", GET_U_1(p)); /* ID */
924 p++;
925
926 len = GET_BE_U_2(p);
927 p += 2;
928
929 if (len > length) {
930 ND_PRINT(", length %u > packet size", len);
931 return;
932 }
933 length = len;
934 if (length < (size_t)(p - p0)) {
935 ND_PRINT(", length %u < PAP header length", length);
936 return;
937 }
938
939 switch (code) {
940 case PAP_AREQ:
941 /* A valid Authenticate-Request is 6 or more octets long. */
942 if (len < 6)
943 goto trunc;
944 if (length - (p - p0) < 1)
945 return;
946 peerid_len = GET_U_1(p); /* Peer-ID Length */
947 p++;
948 if (length - (p - p0) < peerid_len)
949 return;
950 ND_PRINT(", Peer ");
951 for (i = 0; i < peerid_len; i++) {
952 fn_print_char(ndo, GET_U_1(p));
953 p++;
954 }
955
956 if (length - (p - p0) < 1)
957 return;
958 passwd_len = GET_U_1(p); /* Password Length */
959 p++;
960 if (length - (p - p0) < passwd_len)
961 return;
962 ND_PRINT(", Name ");
963 for (i = 0; i < passwd_len; i++) {
964 fn_print_char(ndo, GET_U_1(p));
965 p++;
966 }
967 break;
968 case PAP_AACK:
969 case PAP_ANAK:
970 /* Although some implementations ignore truncation at
971 * this point and at least one generates a truncated
972 * packet, RFC 1334 section 2.2.2 clearly states that
973 * both AACK and ANAK are at least 5 bytes long.
974 */
975 if (len < 5)
976 goto trunc;
977 if (length - (p - p0) < 1)
978 return;
979 msg_len = GET_U_1(p); /* Msg-Length */
980 p++;
981 if (length - (p - p0) < msg_len)
982 return;
983 ND_PRINT(", Msg ");
984 for (i = 0; i< msg_len; i++) {
985 fn_print_char(ndo, GET_U_1(p));
986 p++;
987 }
988 break;
989 }
990 return;
991
992 trunc:
993 ND_PRINT("[|pap]");
994 }
995
996 /* BAP */
997 static void
handle_bap(netdissect_options * ndo _U_,const u_char * p _U_,u_int length _U_)998 handle_bap(netdissect_options *ndo _U_,
999 const u_char *p _U_, u_int length _U_)
1000 {
1001 /* XXX: to be supported!! */
1002 }
1003
1004
1005 /* IPCP config options */
1006 static u_int
print_ipcp_config_options(netdissect_options * ndo,const u_char * p,u_int length)1007 print_ipcp_config_options(netdissect_options *ndo,
1008 const u_char *p, u_int length)
1009 {
1010 u_int opt, len;
1011 u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen;
1012
1013 if (length < 2)
1014 return 0;
1015 ND_TCHECK_2(p);
1016 opt = GET_U_1(p);
1017 len = GET_U_1(p + 1);
1018 if (length < len)
1019 return 0;
1020 if (len < 2) {
1021 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1022 tok2str(ipcpopt_values,"unknown",opt),
1023 opt,
1024 len);
1025 return 0;
1026 }
1027
1028 ND_PRINT("\n\t %s Option (0x%02x), length %u",
1029 tok2str(ipcpopt_values,"unknown",opt),
1030 opt,
1031 len);
1032
1033 switch (opt) {
1034 case IPCPOPT_2ADDR: /* deprecated */
1035 if (len != 10) {
1036 ND_PRINT(" (length bogus, should be = 10)");
1037 return len;
1038 }
1039 ND_PRINT(": src %s, dst %s",
1040 GET_IPADDR_STRING(p + 2),
1041 GET_IPADDR_STRING(p + 6));
1042 break;
1043 case IPCPOPT_IPCOMP:
1044 if (len < 4) {
1045 ND_PRINT(" (length bogus, should be >= 4)");
1046 return 0;
1047 }
1048 compproto = GET_BE_U_2(p + 2);
1049
1050 ND_PRINT(": %s (0x%02x):",
1051 tok2str(ipcpopt_compproto_values, "Unknown", compproto),
1052 compproto);
1053
1054 switch (compproto) {
1055 case PPP_VJC:
1056 /* XXX: VJ-Comp parameters should be decoded */
1057 break;
1058 case IPCPOPT_IPCOMP_HDRCOMP:
1059 if (len < IPCPOPT_IPCOMP_MINLEN) {
1060 ND_PRINT(" (length bogus, should be >= %u)",
1061 IPCPOPT_IPCOMP_MINLEN);
1062 return 0;
1063 }
1064
1065 ND_TCHECK_LEN(p + 2, IPCPOPT_IPCOMP_MINLEN);
1066 ND_PRINT("\n\t TCP Space %u, non-TCP Space %u"
1067 ", maxPeriod %u, maxTime %u, maxHdr %u",
1068 GET_BE_U_2(p + 4),
1069 GET_BE_U_2(p + 6),
1070 GET_BE_U_2(p + 8),
1071 GET_BE_U_2(p + 10),
1072 GET_BE_U_2(p + 12));
1073
1074 /* suboptions present ? */
1075 if (len > IPCPOPT_IPCOMP_MINLEN) {
1076 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN;
1077 p += IPCPOPT_IPCOMP_MINLEN;
1078
1079 ND_PRINT("\n\t Suboptions, length %u", ipcomp_subopttotallen);
1080
1081 while (ipcomp_subopttotallen >= 2) {
1082 ND_TCHECK_2(p);
1083 ipcomp_subopt = GET_U_1(p);
1084 ipcomp_suboptlen = GET_U_1(p + 1);
1085
1086 /* sanity check */
1087 if (ipcomp_subopt == 0 ||
1088 ipcomp_suboptlen == 0 )
1089 break;
1090
1091 /* XXX: just display the suboptions for now */
1092 ND_PRINT("\n\t\t%s Suboption #%u, length %u",
1093 tok2str(ipcpopt_compproto_subopt_values,
1094 "Unknown",
1095 ipcomp_subopt),
1096 ipcomp_subopt,
1097 ipcomp_suboptlen);
1098 if (ipcomp_subopttotallen < ipcomp_suboptlen) {
1099 ND_PRINT(" [remaining suboptions length %u < %u]",
1100 ipcomp_subopttotallen, ipcomp_suboptlen);
1101 nd_print_invalid(ndo);
1102 break;
1103 }
1104 ipcomp_subopttotallen -= ipcomp_suboptlen;
1105 p += ipcomp_suboptlen;
1106 }
1107 }
1108 break;
1109 default:
1110 break;
1111 }
1112 break;
1113
1114 case IPCPOPT_ADDR: /* those options share the same format - fall through */
1115 case IPCPOPT_MOBILE4:
1116 case IPCPOPT_PRIDNS:
1117 case IPCPOPT_PRINBNS:
1118 case IPCPOPT_SECDNS:
1119 case IPCPOPT_SECNBNS:
1120 if (len != 6) {
1121 ND_PRINT(" (length bogus, should be = 6)");
1122 return 0;
1123 }
1124 ND_PRINT(": %s", GET_IPADDR_STRING(p + 2));
1125 break;
1126 default:
1127 /*
1128 * Unknown option; dump it as raw bytes now if we're
1129 * not going to do so below.
1130 */
1131 if (ndo->ndo_vflag < 2)
1132 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
1133 break;
1134 }
1135 if (ndo->ndo_vflag > 1 && ND_TTEST_LEN(p + 2, len - 2))
1136 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
1137 return len;
1138
1139 trunc:
1140 ND_PRINT("[|ipcp]");
1141 return 0;
1142 }
1143
1144 /* IP6CP config options */
1145 static u_int
print_ip6cp_config_options(netdissect_options * ndo,const u_char * p,u_int length)1146 print_ip6cp_config_options(netdissect_options *ndo,
1147 const u_char *p, u_int length)
1148 {
1149 u_int opt, len;
1150
1151 if (length < 2)
1152 return 0;
1153 ND_TCHECK_2(p);
1154 opt = GET_U_1(p);
1155 len = GET_U_1(p + 1);
1156 if (length < len)
1157 return 0;
1158 if (len < 2) {
1159 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1160 tok2str(ip6cpopt_values,"unknown",opt),
1161 opt,
1162 len);
1163 return 0;
1164 }
1165
1166 ND_PRINT("\n\t %s Option (0x%02x), length %u",
1167 tok2str(ip6cpopt_values,"unknown",opt),
1168 opt,
1169 len);
1170
1171 switch (opt) {
1172 case IP6CP_IFID:
1173 if (len != 10) {
1174 ND_PRINT(" (length bogus, should be = 10)");
1175 return len;
1176 }
1177 ND_TCHECK_8(p + 2);
1178 ND_PRINT(": %04x:%04x:%04x:%04x",
1179 GET_BE_U_2(p + 2),
1180 GET_BE_U_2(p + 4),
1181 GET_BE_U_2(p + 6),
1182 GET_BE_U_2(p + 8));
1183 break;
1184 default:
1185 /*
1186 * Unknown option; dump it as raw bytes now if we're
1187 * not going to do so below.
1188 */
1189 if (ndo->ndo_vflag < 2)
1190 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
1191 break;
1192 }
1193 if (ndo->ndo_vflag > 1)
1194 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
1195
1196 return len;
1197
1198 trunc:
1199 ND_PRINT("[|ip6cp]");
1200 return 0;
1201 }
1202
1203
1204 /* CCP config options */
1205 static u_int
print_ccp_config_options(netdissect_options * ndo,const u_char * p,u_int length)1206 print_ccp_config_options(netdissect_options *ndo,
1207 const u_char *p, u_int length)
1208 {
1209 u_int opt, len;
1210
1211 if (length < 2)
1212 return 0;
1213 ND_TCHECK_2(p);
1214 opt = GET_U_1(p);
1215 len = GET_U_1(p + 1);
1216 if (length < len)
1217 return 0;
1218 if (len < 2) {
1219 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1220 tok2str(ccpconfopts_values, "Unknown", opt),
1221 opt,
1222 len);
1223 return 0;
1224 }
1225
1226 ND_PRINT("\n\t %s Option (0x%02x), length %u",
1227 tok2str(ccpconfopts_values, "Unknown", opt),
1228 opt,
1229 len);
1230
1231 switch (opt) {
1232 case CCPOPT_BSDCOMP:
1233 if (len < 3) {
1234 ND_PRINT(" (length bogus, should be >= 3)");
1235 return len;
1236 }
1237 ND_PRINT(": Version: %u, Dictionary Bits: %u",
1238 GET_U_1(p + 2) >> 5,
1239 GET_U_1(p + 2) & 0x1f);
1240 break;
1241 case CCPOPT_MVRCA:
1242 if (len < 4) {
1243 ND_PRINT(" (length bogus, should be >= 4)");
1244 return len;
1245 }
1246 ND_PRINT(": Features: %u, PxP: %s, History: %u, #CTX-ID: %u",
1247 (GET_U_1(p + 2) & 0xc0) >> 6,
1248 (GET_U_1(p + 2) & 0x20) ? "Enabled" : "Disabled",
1249 GET_U_1(p + 2) & 0x1f,
1250 GET_U_1(p + 3));
1251 break;
1252 case CCPOPT_DEFLATE:
1253 if (len < 4) {
1254 ND_PRINT(" (length bogus, should be >= 4)");
1255 return len;
1256 }
1257 ND_PRINT(": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u",
1258 (GET_U_1(p + 2) & 0xf0) >> 4,
1259 ((GET_U_1(p + 2) & 0x0f) == 8) ? "zlib" : "unknown",
1260 GET_U_1(p + 2) & 0x0f,
1261 (GET_U_1(p + 3) & 0xfc) >> 2,
1262 GET_U_1(p + 3) & 0x03);
1263 break;
1264
1265 /* XXX: to be supported */
1266 #if 0
1267 case CCPOPT_OUI:
1268 case CCPOPT_PRED1:
1269 case CCPOPT_PRED2:
1270 case CCPOPT_PJUMP:
1271 case CCPOPT_HPPPC:
1272 case CCPOPT_STACLZS:
1273 case CCPOPT_MPPC:
1274 case CCPOPT_GFZA:
1275 case CCPOPT_V42BIS:
1276 case CCPOPT_LZSDCP:
1277 case CCPOPT_DEC:
1278 case CCPOPT_RESV:
1279 break;
1280 #endif
1281 default:
1282 /*
1283 * Unknown option; dump it as raw bytes now if we're
1284 * not going to do so below.
1285 */
1286 if (ndo->ndo_vflag < 2)
1287 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
1288 break;
1289 }
1290 if (ndo->ndo_vflag > 1)
1291 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
1292
1293 return len;
1294
1295 trunc:
1296 ND_PRINT("[|ccp]");
1297 return 0;
1298 }
1299
1300 /* BACP config options */
1301 static u_int
print_bacp_config_options(netdissect_options * ndo,const u_char * p,u_int length)1302 print_bacp_config_options(netdissect_options *ndo,
1303 const u_char *p, u_int length)
1304 {
1305 u_int opt, len;
1306
1307 if (length < 2)
1308 return 0;
1309 ND_TCHECK_2(p);
1310 opt = GET_U_1(p);
1311 len = GET_U_1(p + 1);
1312 if (length < len)
1313 return 0;
1314 if (len < 2) {
1315 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
1316 tok2str(bacconfopts_values, "Unknown", opt),
1317 opt,
1318 len);
1319 return 0;
1320 }
1321
1322 ND_PRINT("\n\t %s Option (0x%02x), length %u",
1323 tok2str(bacconfopts_values, "Unknown", opt),
1324 opt,
1325 len);
1326
1327 switch (opt) {
1328 case BACPOPT_FPEER:
1329 if (len != 6) {
1330 ND_PRINT(" (length bogus, should be = 6)");
1331 return len;
1332 }
1333 ND_PRINT(": Magic-Num 0x%08x", GET_BE_U_4(p + 2));
1334 break;
1335 default:
1336 /*
1337 * Unknown option; dump it as raw bytes now if we're
1338 * not going to do so below.
1339 */
1340 if (ndo->ndo_vflag < 2)
1341 print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
1342 break;
1343 }
1344 if (ndo->ndo_vflag > 1)
1345 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
1346
1347 return len;
1348
1349 trunc:
1350 ND_PRINT("[|bacp]");
1351 return 0;
1352 }
1353
1354 /*
1355 * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes.
1356 * The length argument is the on-the-wire length, not the captured
1357 * length; we can only un-escape the captured part.
1358 */
1359 static void
ppp_hdlc(netdissect_options * ndo,const u_char * p,u_int length)1360 ppp_hdlc(netdissect_options *ndo,
1361 const u_char *p, u_int length)
1362 {
1363 u_int caplen = ND_BYTES_AVAILABLE_AFTER(p);
1364 u_char *b, *t, c;
1365 const u_char *s;
1366 u_int i, proto;
1367
1368 if (caplen == 0)
1369 return;
1370
1371 if (length == 0)
1372 return;
1373
1374 b = (u_char *)malloc(caplen);
1375 if (b == NULL) {
1376 (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
1377 "%s: malloc", __func__);
1378 }
1379
1380 /*
1381 * Unescape all the data into a temporary, private, buffer.
1382 * Do this so that we don't overwrite the original packet
1383 * contents.
1384 */
1385 for (s = p, t = b, i = caplen; i != 0; i--) {
1386 c = GET_U_1(s);
1387 s++;
1388 if (c == 0x7d) {
1389 if (i <= 1)
1390 break;
1391 i--;
1392 c = GET_U_1(s) ^ 0x20;
1393 s++;
1394 }
1395 *t++ = c;
1396 }
1397
1398 /*
1399 * Switch to the output buffer for dissection, and save it
1400 * on the buffer stack so it can be freed; our caller must
1401 * pop it when done.
1402 */
1403 if (!nd_push_buffer(ndo, b, b, (u_int)(t - b))) {
1404 free(b);
1405 (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
1406 "%s: can't push buffer on buffer stack", __func__);
1407 }
1408 length = ND_BYTES_AVAILABLE_AFTER(b);
1409
1410 /* now lets guess about the payload codepoint format */
1411 if (length < 1)
1412 goto trunc;
1413 proto = GET_U_1(b); /* start with a one-octet codepoint guess */
1414
1415 switch (proto) {
1416 case PPP_IP:
1417 ip_print(ndo, b + 1, length - 1);
1418 goto cleanup;
1419 case PPP_IPV6:
1420 ip6_print(ndo, b + 1, length - 1);
1421 goto cleanup;
1422 default: /* no luck - try next guess */
1423 break;
1424 }
1425
1426 if (length < 2)
1427 goto trunc;
1428 proto = GET_BE_U_2(b); /* next guess - load two octets */
1429
1430 switch (proto) {
1431 case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */
1432 if (length < 4)
1433 goto trunc;
1434 proto = GET_BE_U_2(b + 2); /* load the PPP proto-id */
1435 if ((proto & 0xff00) == 0x7e00)
1436 ND_PRINT("(protocol 0x%04x invalid)", proto);
1437 else
1438 handle_ppp(ndo, proto, b + 4, length - 4);
1439 break;
1440 default: /* last guess - proto must be a PPP proto-id */
1441 if ((proto & 0xff00) == 0x7e00)
1442 ND_PRINT("(protocol 0x%04x invalid)", proto);
1443 else
1444 handle_ppp(ndo, proto, b + 2, length - 2);
1445 break;
1446 }
1447
1448 cleanup:
1449 nd_pop_packet_info(ndo);
1450 return;
1451
1452 trunc:
1453 nd_pop_packet_info(ndo);
1454 nd_print_trunc(ndo);
1455 }
1456
1457
1458 /* PPP */
1459 static void
handle_ppp(netdissect_options * ndo,u_int proto,const u_char * p,u_int length)1460 handle_ppp(netdissect_options *ndo,
1461 u_int proto, const u_char *p, u_int length)
1462 {
1463 if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */
1464 ppp_hdlc(ndo, p - 1, length);
1465 return;
1466 }
1467
1468 switch (proto) {
1469 case PPP_LCP: /* fall through */
1470 case PPP_IPCP:
1471 case PPP_OSICP:
1472 case PPP_MPLSCP:
1473 case PPP_IPV6CP:
1474 case PPP_CCP:
1475 case PPP_BACP:
1476 handle_ctrl_proto(ndo, proto, p, length);
1477 break;
1478 case PPP_ML:
1479 handle_mlppp(ndo, p, length);
1480 break;
1481 case PPP_CHAP:
1482 handle_chap(ndo, p, length);
1483 break;
1484 case PPP_PAP:
1485 handle_pap(ndo, p, length);
1486 break;
1487 case PPP_BAP: /* XXX: not yet completed */
1488 handle_bap(ndo, p, length);
1489 break;
1490 case ETHERTYPE_IP: /*XXX*/
1491 case PPP_VJNC:
1492 case PPP_IP:
1493 ip_print(ndo, p, length);
1494 break;
1495 case ETHERTYPE_IPV6: /*XXX*/
1496 case PPP_IPV6:
1497 ip6_print(ndo, p, length);
1498 break;
1499 case ETHERTYPE_IPX: /*XXX*/
1500 case PPP_IPX:
1501 ipx_print(ndo, p, length);
1502 break;
1503 case PPP_OSI:
1504 isoclns_print(ndo, p, length);
1505 break;
1506 case PPP_MPLS_UCAST:
1507 case PPP_MPLS_MCAST:
1508 mpls_print(ndo, p, length);
1509 break;
1510 case PPP_COMP:
1511 ND_PRINT("compressed PPP data");
1512 break;
1513 default:
1514 ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
1515 print_unknown_data(ndo, p, "\n\t", length);
1516 break;
1517 }
1518 }
1519
1520 /* Standard PPP printer */
1521 u_int
ppp_print(netdissect_options * ndo,const u_char * p,u_int length)1522 ppp_print(netdissect_options *ndo,
1523 const u_char *p, u_int length)
1524 {
1525 u_int proto,ppp_header;
1526 u_int olen = length; /* _o_riginal length */
1527 u_int hdr_len = 0;
1528
1529 ndo->ndo_protocol = "ppp";
1530 /*
1531 * Here, we assume that p points to the Address and Control
1532 * field (if they present).
1533 */
1534 if (length < 2)
1535 goto trunc;
1536 ppp_header = GET_BE_U_2(p);
1537
1538 switch(ppp_header) {
1539 case (PPP_PPPD_IN << 8 | PPP_CONTROL):
1540 if (ndo->ndo_eflag) ND_PRINT("In ");
1541 p += 2;
1542 length -= 2;
1543 hdr_len += 2;
1544 break;
1545 case (PPP_PPPD_OUT << 8 | PPP_CONTROL):
1546 if (ndo->ndo_eflag) ND_PRINT("Out ");
1547 p += 2;
1548 length -= 2;
1549 hdr_len += 2;
1550 break;
1551 case (PPP_ADDRESS << 8 | PPP_CONTROL):
1552 p += 2; /* ACFC not used */
1553 length -= 2;
1554 hdr_len += 2;
1555 break;
1556
1557 default:
1558 break;
1559 }
1560
1561 if (length < 2)
1562 goto trunc;
1563 if (GET_U_1(p) % 2) {
1564 proto = GET_U_1(p); /* PFC is used */
1565 p++;
1566 length--;
1567 hdr_len++;
1568 } else {
1569 proto = GET_BE_U_2(p);
1570 p += 2;
1571 length -= 2;
1572 hdr_len += 2;
1573 }
1574
1575 if (ndo->ndo_eflag) {
1576 const char *typestr;
1577 typestr = tok2str(ppptype2str, "unknown", proto);
1578 ND_PRINT("%s (0x%04x), length %u",
1579 typestr,
1580 proto,
1581 olen);
1582 if (*typestr == 'u') /* "unknown" */
1583 return hdr_len;
1584
1585 ND_PRINT(": ");
1586 }
1587
1588 handle_ppp(ndo, proto, p, length);
1589 return (hdr_len);
1590 trunc:
1591 nd_print_trunc(ndo);
1592 return (0);
1593 }
1594
1595
1596 /* PPP I/F printer */
1597 void
ppp_if_print(netdissect_options * ndo,const struct pcap_pkthdr * h,const u_char * p)1598 ppp_if_print(netdissect_options *ndo,
1599 const struct pcap_pkthdr *h, const u_char *p)
1600 {
1601 u_int length = h->len;
1602 u_int caplen = h->caplen;
1603
1604 ndo->ndo_protocol = "ppp";
1605 if (caplen < PPP_HDRLEN) {
1606 nd_print_trunc(ndo);
1607 ndo->ndo_ll_hdr_len += caplen;
1608 return;
1609 }
1610 ndo->ndo_ll_hdr_len += PPP_HDRLEN;
1611
1612 #if 0
1613 /*
1614 * XXX: seems to assume that there are 2 octets prepended to an
1615 * actual PPP frame. The 1st octet looks like Input/Output flag
1616 * while 2nd octet is unknown, at least to me
1617 * (mshindo@mshindo.net).
1618 *
1619 * That was what the original tcpdump code did.
1620 *
1621 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
1622 * packets and 0 for inbound packets - but only if the
1623 * protocol field has the 0x8000 bit set (i.e., it's a network
1624 * control protocol); it does so before running the packet through
1625 * "bpf_filter" to see if it should be discarded, and to see
1626 * if we should update the time we sent the most recent packet...
1627 *
1628 * ...but it puts the original address field back after doing
1629 * so.
1630 *
1631 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
1632 *
1633 * I don't know if any PPP implementation handed up to a BPF
1634 * device packets with the first octet being 1 for outbound and
1635 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
1636 * whether that ever needs to be checked or not.
1637 *
1638 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
1639 * and its tcpdump appears to assume that the frame always
1640 * begins with an address field and a control field, and that
1641 * the address field might be 0x0f or 0x8f, for Cisco
1642 * point-to-point with HDLC framing as per section 4.3.1 of RFC
1643 * 1547, as well as 0xff, for PPP in HDLC-like framing as per
1644 * RFC 1662.
1645 *
1646 * (Is the Cisco framing in question what DLT_C_HDLC, in
1647 * BSD/OS, is?)
1648 */
1649 if (ndo->ndo_eflag)
1650 ND_PRINT("%c %4d %02x ", GET_U_1(p) ? 'O' : 'I',
1651 length, GET_U_1(p + 1));
1652 #endif
1653
1654 ppp_print(ndo, p, length);
1655 }
1656
1657 /*
1658 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
1659 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
1660 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
1661 * discard them *if* those are the first two octets, and parse the remaining
1662 * packet as a PPP packet, as "ppp_print()" does).
1663 *
1664 * This handles, for example, DLT_PPP_SERIAL in NetBSD.
1665 */
1666 void
ppp_hdlc_if_print(netdissect_options * ndo,const struct pcap_pkthdr * h,const u_char * p)1667 ppp_hdlc_if_print(netdissect_options *ndo,
1668 const struct pcap_pkthdr *h, const u_char *p)
1669 {
1670 u_int length = h->len;
1671 u_int caplen = h->caplen;
1672 u_int proto;
1673 u_int hdrlen = 0;
1674
1675 ndo->ndo_protocol = "ppp_hdlc";
1676 if (caplen < 2) {
1677 nd_print_trunc(ndo);
1678 ndo->ndo_ll_hdr_len += caplen;
1679 return;
1680 }
1681
1682 switch (GET_U_1(p)) {
1683
1684 case PPP_ADDRESS:
1685 if (caplen < 4) {
1686 nd_print_trunc(ndo);
1687 ndo->ndo_ll_hdr_len += caplen;
1688 return;
1689 }
1690
1691 if (ndo->ndo_eflag)
1692 ND_PRINT("%02x %02x %u ", GET_U_1(p),
1693 GET_U_1(p + 1), length);
1694 p += 2;
1695 length -= 2;
1696 hdrlen += 2;
1697
1698 proto = GET_BE_U_2(p);
1699 p += 2;
1700 length -= 2;
1701 hdrlen += 2;
1702 ND_PRINT("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
1703
1704 handle_ppp(ndo, proto, p, length);
1705 break;
1706
1707 case CHDLC_UNICAST:
1708 case CHDLC_BCAST:
1709 chdlc_if_print(ndo, h, p);
1710 return;
1711
1712 default:
1713 if (caplen < 4) {
1714 nd_print_trunc(ndo);
1715 ndo->ndo_ll_hdr_len += caplen;
1716 return;
1717 }
1718
1719 if (ndo->ndo_eflag)
1720 ND_PRINT("%02x %02x %u ", GET_U_1(p),
1721 GET_U_1(p + 1), length);
1722 p += 2;
1723 hdrlen += 2;
1724
1725 /*
1726 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
1727 * the next two octets as an Ethernet type; does that
1728 * ever happen?
1729 */
1730 ND_PRINT("unknown addr %02x; ctrl %02x", GET_U_1(p),
1731 GET_U_1(p + 1));
1732 break;
1733 }
1734
1735 ndo->ndo_ll_hdr_len += hdrlen;
1736 }
1737
1738 #define PPP_BSDI_HDRLEN 24
1739
1740 /* BSD/OS specific PPP printer */
1741 void
ppp_bsdos_if_print(netdissect_options * ndo,const struct pcap_pkthdr * h _U_,const u_char * p _U_)1742 ppp_bsdos_if_print(netdissect_options *ndo,
1743 const struct pcap_pkthdr *h _U_, const u_char *p _U_)
1744 {
1745 u_int hdrlength;
1746 #ifdef __bsdi__
1747 u_int length = h->len;
1748 u_int caplen = h->caplen;
1749 uint16_t ptype;
1750 uint8_t llhl;
1751 const u_char *q;
1752 u_int i;
1753
1754 ndo->ndo_protocol = "ppp_bsdos";
1755 if (caplen < PPP_BSDI_HDRLEN) {
1756 nd_print_trunc(ndo);
1757 ndo->ndo_ll_hdr_len += caplen;
1758 return;
1759 }
1760
1761 hdrlength = 0;
1762
1763 #if 0
1764 if (GET_U_1(p) == PPP_ADDRESS &&
1765 GET_U_1(p + 1) == PPP_CONTROL) {
1766 if (ndo->ndo_eflag)
1767 ND_PRINT("%02x %02x ", GET_U_1(p),
1768 GET_U_1(p + 1));
1769 p += 2;
1770 hdrlength = 2;
1771 }
1772
1773 if (ndo->ndo_eflag)
1774 ND_PRINT("%u ", length);
1775 /* Retrieve the protocol type */
1776 if (GET_U_1(p) & 01) {
1777 /* Compressed protocol field */
1778 ptype = GET_U_1(p);
1779 if (ndo->ndo_eflag)
1780 ND_PRINT("%02x ", ptype);
1781 p++;
1782 hdrlength += 1;
1783 } else {
1784 /* Un-compressed protocol field */
1785 ptype = GET_BE_U_2(p);
1786 if (ndo->ndo_eflag)
1787 ND_PRINT("%04x ", ptype);
1788 p += 2;
1789 hdrlength += 2;
1790 }
1791 #else
1792 ptype = 0; /*XXX*/
1793 if (ndo->ndo_eflag)
1794 ND_PRINT("%c ", GET_U_1(p + SLC_DIR) ? 'O' : 'I');
1795 llhl = GET_U_1(p + SLC_LLHL);
1796 if (llhl) {
1797 /* link level header */
1798 struct ppp_header *ph;
1799
1800 q = p + SLC_BPFHDRLEN;
1801 ph = (struct ppp_header *)q;
1802 if (ph->phdr_addr == PPP_ADDRESS
1803 && ph->phdr_ctl == PPP_CONTROL) {
1804 if (ndo->ndo_eflag)
1805 ND_PRINT("%02x %02x ", GET_U_1(q),
1806 GET_U_1(q + 1));
1807 ptype = GET_BE_U_2(&ph->phdr_type);
1808 if (ndo->ndo_eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
1809 ND_PRINT("%s ", tok2str(ppptype2str,
1810 "proto-#%u", ptype));
1811 }
1812 } else {
1813 if (ndo->ndo_eflag) {
1814 ND_PRINT("LLH=[");
1815 for (i = 0; i < llhl; i++)
1816 ND_PRINT("%02x", GET_U_1(q + i));
1817 ND_PRINT("] ");
1818 }
1819 }
1820 }
1821 if (ndo->ndo_eflag)
1822 ND_PRINT("%u ", length);
1823 if (GET_U_1(p + SLC_CHL)) {
1824 q = p + SLC_BPFHDRLEN + llhl;
1825
1826 switch (ptype) {
1827 case PPP_VJC:
1828 ptype = vjc_print(ndo, q, ptype);
1829 hdrlength = PPP_BSDI_HDRLEN;
1830 p += hdrlength;
1831 switch (ptype) {
1832 case PPP_IP:
1833 ip_print(ndo, p, length);
1834 break;
1835 case PPP_IPV6:
1836 ip6_print(ndo, p, length);
1837 break;
1838 case PPP_MPLS_UCAST:
1839 case PPP_MPLS_MCAST:
1840 mpls_print(ndo, p, length);
1841 break;
1842 }
1843 goto printx;
1844 case PPP_VJNC:
1845 ptype = vjc_print(ndo, q, ptype);
1846 hdrlength = PPP_BSDI_HDRLEN;
1847 p += hdrlength;
1848 switch (ptype) {
1849 case PPP_IP:
1850 ip_print(ndo, p, length);
1851 break;
1852 case PPP_IPV6:
1853 ip6_print(ndo, p, length);
1854 break;
1855 case PPP_MPLS_UCAST:
1856 case PPP_MPLS_MCAST:
1857 mpls_print(ndo, p, length);
1858 break;
1859 }
1860 goto printx;
1861 default:
1862 if (ndo->ndo_eflag) {
1863 ND_PRINT("CH=[");
1864 for (i = 0; i < llhl; i++)
1865 ND_PRINT("%02x",
1866 GET_U_1(q + i));
1867 ND_PRINT("] ");
1868 }
1869 break;
1870 }
1871 }
1872
1873 hdrlength = PPP_BSDI_HDRLEN;
1874 #endif
1875
1876 length -= hdrlength;
1877 p += hdrlength;
1878
1879 switch (ptype) {
1880 case PPP_IP:
1881 ip_print(p, length);
1882 break;
1883 case PPP_IPV6:
1884 ip6_print(ndo, p, length);
1885 break;
1886 case PPP_MPLS_UCAST:
1887 case PPP_MPLS_MCAST:
1888 mpls_print(ndo, p, length);
1889 break;
1890 default:
1891 ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype));
1892 }
1893
1894 printx:
1895 #else /* __bsdi */
1896 hdrlength = 0;
1897 #endif /* __bsdi__ */
1898 ndo->ndo_ll_hdr_len += hdrlength;
1899 }
1900