1 /*
2  * Copyright (c) 1998-2006 The TCPDUMP project
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that: (1) source code
6  * distributions retain the above copyright notice and this paragraph
7  * in its entirety, and (2) distributions including binary code include
8  * the above copyright notice and this paragraph in its entirety in
9  * the documentation or other materials provided with the distribution.
10  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
11  * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
12  * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
13  * FOR A PARTICULAR PURPOSE.
14  *
15  * Original code by Carles Kishimoto <Carles.Kishimoto@bsc.es>
16  */
17 
18 /* \summary: Cisco VLAN Query Protocol (VQP) printer */
19 
20 #include <config.h>
21 
22 #include "netdissect-stdinc.h"
23 
24 #define ND_LONGJMP_FROM_TCHECK
25 #include "netdissect.h"
26 #include "extract.h"
27 #include "addrtoname.h"
28 
29 #define VQP_VERSION 1
30 
31 /*
32  * VQP common header
33  *
34  *  0                   1                   2                   3
35  *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
36  * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
37  * |   Constant    | Packet type   |  Error Code   |    nitems     |
38  * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
39  * |                Packet Sequence Number (4 bytes)               |
40  * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
41  */
42 
43 struct vqp_common_header_t {
44     nd_uint8_t  version;
45     nd_uint8_t  msg_type;
46     nd_uint8_t  error_code;
47     nd_uint8_t  nitems;
48     nd_uint32_t sequence;
49 };
50 
51 struct vqp_obj_tlv_t {
52     nd_uint32_t obj_type;
53     nd_uint16_t obj_length;
54 };
55 
56 #define VQP_OBJ_REQ_JOIN_PORT  0x01
57 #define VQP_OBJ_RESP_VLAN      0x02
58 #define VQP_OBJ_REQ_RECONFIRM  0x03
59 #define VQP_OBJ_RESP_RECONFIRM 0x04
60 
61 static const struct tok vqp_msg_type_values[] = {
62     { VQP_OBJ_REQ_JOIN_PORT, "Request, Join Port"},
63     { VQP_OBJ_RESP_VLAN, "Response, VLAN"},
64     { VQP_OBJ_REQ_RECONFIRM, "Request, Reconfirm"},
65     { VQP_OBJ_RESP_RECONFIRM, "Response, Reconfirm"},
66     { 0, NULL}
67 };
68 
69 static const struct tok vqp_error_code_values[] = {
70     { 0x00, "No error"},
71     { 0x03, "Access denied"},
72     { 0x04, "Shutdown port"},
73     { 0x05, "Wrong VTP domain"},
74     { 0, NULL}
75 };
76 
77 /* FIXME the heading 0x0c looks ugly - those must be flags etc. */
78 #define VQP_OBJ_IP_ADDRESS    0x0c01
79 #define VQP_OBJ_PORT_NAME     0x0c02
80 #define VQP_OBJ_VLAN_NAME     0x0c03
81 #define VQP_OBJ_VTP_DOMAIN    0x0c04
82 #define VQP_OBJ_ETHERNET_PKT  0x0c05
83 #define VQP_OBJ_MAC_NULL      0x0c06
84 #define VQP_OBJ_MAC_ADDRESS   0x0c08
85 
86 static const struct tok vqp_obj_values[] = {
87     { VQP_OBJ_IP_ADDRESS, "Client IP Address" },
88     { VQP_OBJ_PORT_NAME, "Port Name" },
89     { VQP_OBJ_VLAN_NAME, "VLAN Name" },
90     { VQP_OBJ_VTP_DOMAIN, "VTP Domain" },
91     { VQP_OBJ_ETHERNET_PKT, "Ethernet Packet" },
92     { VQP_OBJ_MAC_NULL, "MAC Null" },
93     { VQP_OBJ_MAC_ADDRESS, "MAC Address" },
94     { 0, NULL}
95 };
96 
97 void
vqp_print(netdissect_options * ndo,const u_char * pptr,u_int len)98 vqp_print(netdissect_options *ndo, const u_char *pptr, u_int len)
99 {
100     const struct vqp_common_header_t *vqp_common_header;
101     const struct vqp_obj_tlv_t *vqp_obj_tlv;
102 
103     const u_char *tptr;
104     uint8_t version;
105     uint16_t vqp_obj_len;
106     uint32_t vqp_obj_type;
107     u_int tlen;
108     uint8_t nitems;
109 
110     ndo->ndo_protocol = "vqp";
111     tptr=pptr;
112     tlen = len;
113     vqp_common_header = (const struct vqp_common_header_t *)pptr;
114     ND_TCHECK_SIZE(vqp_common_header);
115     if (sizeof(struct vqp_common_header_t) > tlen)
116         goto invalid;
117     version = GET_U_1(vqp_common_header->version);
118 
119     /*
120      * Sanity checking of the header.
121      */
122     if (version != VQP_VERSION) {
123 	ND_PRINT("VQP version %u packet not supported",
124                version);
125 	return;
126     }
127 
128     /* in non-verbose mode just lets print the basic Message Type */
129     if (ndo->ndo_vflag < 1) {
130         ND_PRINT("VQPv%u %s Message, error-code %s (%u), length %u",
131                version,
132                tok2str(vqp_msg_type_values, "unknown (%u)",GET_U_1(vqp_common_header->msg_type)),
133                tok2str(vqp_error_code_values, "unknown", GET_U_1(vqp_common_header->error_code)),
134                GET_U_1(vqp_common_header->error_code),
135                len);
136         return;
137     }
138 
139     /* ok they seem to want to know everything - lets fully decode it */
140     nitems = GET_U_1(vqp_common_header->nitems);
141     ND_PRINT("\n\tVQPv%u, %s Message, error-code %s (%u), seq 0x%08x, items %u, length %u",
142            version,
143 	   tok2str(vqp_msg_type_values, "unknown (%u)",GET_U_1(vqp_common_header->msg_type)),
144 	   tok2str(vqp_error_code_values, "unknown", GET_U_1(vqp_common_header->error_code)),
145 	   GET_U_1(vqp_common_header->error_code),
146 	   GET_BE_U_4(vqp_common_header->sequence),
147 	   nitems,
148            len);
149 
150     /* skip VQP Common header */
151     tptr+=sizeof(struct vqp_common_header_t);
152     tlen-=sizeof(struct vqp_common_header_t);
153 
154     while (nitems != 0 && tlen != 0) {
155 
156         vqp_obj_tlv = (const struct vqp_obj_tlv_t *)tptr;
157         ND_TCHECK_SIZE(vqp_obj_tlv);
158         if (sizeof(struct vqp_obj_tlv_t) > tlen)
159             goto invalid;
160         vqp_obj_type = GET_BE_U_4(vqp_obj_tlv->obj_type);
161         vqp_obj_len = GET_BE_U_2(vqp_obj_tlv->obj_length);
162         tptr+=sizeof(struct vqp_obj_tlv_t);
163         tlen-=sizeof(struct vqp_obj_tlv_t);
164 
165         ND_PRINT("\n\t  %s Object (0x%08x), length %u, value: ",
166                tok2str(vqp_obj_values, "Unknown", vqp_obj_type),
167                vqp_obj_type, vqp_obj_len);
168 
169         /* basic sanity check */
170         if (vqp_obj_type == 0 || vqp_obj_len ==0) {
171             return;
172         }
173 
174         /* did we capture enough for fully decoding the object ? */
175         ND_TCHECK_LEN(tptr, vqp_obj_len);
176         if (vqp_obj_len > tlen)
177             goto invalid;
178 
179         switch(vqp_obj_type) {
180 	case VQP_OBJ_IP_ADDRESS:
181             if (vqp_obj_len != 4)
182                 goto invalid;
183             ND_PRINT("%s (0x%08x)", GET_IPADDR_STRING(tptr),
184                      GET_BE_U_4(tptr));
185             break;
186             /* those objects have similar semantics - fall through */
187         case VQP_OBJ_PORT_NAME:
188 	case VQP_OBJ_VLAN_NAME:
189 	case VQP_OBJ_VTP_DOMAIN:
190 	case VQP_OBJ_ETHERNET_PKT:
191             nd_printjnp(ndo, tptr, vqp_obj_len);
192             break;
193             /* those objects have similar semantics - fall through */
194 	case VQP_OBJ_MAC_ADDRESS:
195 	case VQP_OBJ_MAC_NULL:
196             if (vqp_obj_len != MAC_ADDR_LEN)
197                 goto invalid;
198 	      ND_PRINT("%s", GET_ETHERADDR_STRING(tptr));
199               break;
200         default:
201             if (ndo->ndo_vflag <= 1)
202                 print_unknown_data(ndo,tptr, "\n\t    ", vqp_obj_len);
203             break;
204         }
205 	tptr += vqp_obj_len;
206 	tlen -= vqp_obj_len;
207 	nitems--;
208     }
209     return;
210 invalid:
211     nd_print_invalid(ndo);
212 }
213