1/* 2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more 22 * complete PPP support. 23 */ 24 25/* \summary: Point to Point Protocol (PPP) printer */ 26 27/* 28 * TODO: 29 * o resolve XXX as much as possible 30 * o MP support 31 * o BAP support 32 */ 33 34#include <sys/cdefs.h> 35#ifndef lint 36__RCSID("$NetBSD: print-ppp.c,v 1.10 2023/08/17 20:19:40 christos Exp $"); 37#endif 38 39#ifdef HAVE_CONFIG_H 40#include <config.h> 41#endif 42 43#include "netdissect-stdinc.h" 44 45#ifdef __bsdi__ 46#include <net/slcompress.h> 47#include <net/if_ppp.h> 48#endif 49 50#include "netdissect.h" 51#include "extract.h" 52#include "addrtoname.h" 53#include "ppp.h" 54#include "chdlc.h" 55#include "ethertype.h" 56#include "oui.h" 57#include "netdissect-alloc.h" 58 59/* 60 * The following constants are defined by IANA. Please refer to 61 * https://www.isi.edu/in-notes/iana/assignments/ppp-numbers 62 * for the up-to-date information. 63 */ 64 65/* Protocol Codes defined in ppp.h */ 66 67static const struct tok ppptype2str[] = { 68 { PPP_IP, "IP" }, 69 { PPP_OSI, "OSI" }, 70 { PPP_NS, "NS" }, 71 { PPP_DECNET, "DECNET" }, 72 { PPP_APPLE, "APPLE" }, 73 { PPP_IPX, "IPX" }, 74 { PPP_VJC, "VJC IP" }, 75 { PPP_VJNC, "VJNC IP" }, 76 { PPP_BRPDU, "BRPDU" }, 77 { PPP_STII, "STII" }, 78 { PPP_VINES, "VINES" }, 79 { PPP_MPLS_UCAST, "MPLS" }, 80 { PPP_MPLS_MCAST, "MPLS" }, 81 { PPP_COMP, "Compressed"}, 82 { PPP_ML, "MLPPP"}, 83 { PPP_IPV6, "IP6"}, 84 85 { PPP_HELLO, "HELLO" }, 86 { PPP_LUXCOM, "LUXCOM" }, 87 { PPP_SNS, "SNS" }, 88 { PPP_IPCP, "IPCP" }, 89 { PPP_OSICP, "OSICP" }, 90 { PPP_NSCP, "NSCP" }, 91 { PPP_DECNETCP, "DECNETCP" }, 92 { PPP_APPLECP, "APPLECP" }, 93 { PPP_IPXCP, "IPXCP" }, 94 { PPP_STIICP, "STIICP" }, 95 { PPP_VINESCP, "VINESCP" }, 96 { PPP_IPV6CP, "IP6CP" }, 97 { PPP_MPLSCP, "MPLSCP" }, 98 99 { PPP_LCP, "LCP" }, 100 { PPP_PAP, "PAP" }, 101 { PPP_LQM, "LQM" }, 102 { PPP_CHAP, "CHAP" }, 103 { PPP_EAP, "EAP" }, 104 { PPP_SPAP, "SPAP" }, 105 { PPP_SPAP_OLD, "Old-SPAP" }, 106 { PPP_BACP, "BACP" }, 107 { PPP_BAP, "BAP" }, 108 { PPP_MPCP, "MLPPP-CP" }, 109 { PPP_CCP, "CCP" }, 110 { 0, NULL } 111}; 112 113/* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */ 114 115#define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */ 116#define CPCODES_CONF_REQ 1 /* Configure-Request */ 117#define CPCODES_CONF_ACK 2 /* Configure-Ack */ 118#define CPCODES_CONF_NAK 3 /* Configure-Nak */ 119#define CPCODES_CONF_REJ 4 /* Configure-Reject */ 120#define CPCODES_TERM_REQ 5 /* Terminate-Request */ 121#define CPCODES_TERM_ACK 6 /* Terminate-Ack */ 122#define CPCODES_CODE_REJ 7 /* Code-Reject */ 123#define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */ 124#define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */ 125#define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */ 126#define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */ 127#define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */ 128#define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */ 129#define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */ 130#define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */ 131 132static const struct tok cpcodes[] = { 133 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */ 134 {CPCODES_CONF_REQ, "Conf-Request"}, 135 {CPCODES_CONF_ACK, "Conf-Ack"}, 136 {CPCODES_CONF_NAK, "Conf-Nack"}, 137 {CPCODES_CONF_REJ, "Conf-Reject"}, 138 {CPCODES_TERM_REQ, "Term-Request"}, 139 {CPCODES_TERM_ACK, "Term-Ack"}, 140 {CPCODES_CODE_REJ, "Code-Reject"}, 141 {CPCODES_PROT_REJ, "Prot-Reject"}, 142 {CPCODES_ECHO_REQ, "Echo-Request"}, 143 {CPCODES_ECHO_RPL, "Echo-Reply"}, 144 {CPCODES_DISC_REQ, "Disc-Req"}, 145 {CPCODES_ID, "Ident"}, /* RFC1570 */ 146 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */ 147 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */ 148 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */ 149 {0, NULL} 150}; 151 152/* LCP Config Options */ 153 154#define LCPOPT_VEXT 0 155#define LCPOPT_MRU 1 156#define LCPOPT_ACCM 2 157#define LCPOPT_AP 3 158#define LCPOPT_QP 4 159#define LCPOPT_MN 5 160#define LCPOPT_DEP6 6 161#define LCPOPT_PFC 7 162#define LCPOPT_ACFC 8 163#define LCPOPT_FCSALT 9 164#define LCPOPT_SDP 10 165#define LCPOPT_NUMMODE 11 166#define LCPOPT_DEP12 12 167#define LCPOPT_CBACK 13 168#define LCPOPT_DEP14 14 169#define LCPOPT_DEP15 15 170#define LCPOPT_DEP16 16 171#define LCPOPT_MLMRRU 17 172#define LCPOPT_MLSSNHF 18 173#define LCPOPT_MLED 19 174#define LCPOPT_PROP 20 175#define LCPOPT_DCEID 21 176#define LCPOPT_MPP 22 177#define LCPOPT_LD 23 178#define LCPOPT_LCPAOPT 24 179#define LCPOPT_COBS 25 180#define LCPOPT_PE 26 181#define LCPOPT_MLHF 27 182#define LCPOPT_I18N 28 183#define LCPOPT_SDLOS 29 184#define LCPOPT_PPPMUX 30 185 186static const char *lcpconfopts[] = { 187 "Vend-Ext", /* (0) */ 188 "MRU", /* (1) */ 189 "ACCM", /* (2) */ 190 "Auth-Prot", /* (3) */ 191 "Qual-Prot", /* (4) */ 192 "Magic-Num", /* (5) */ 193 "deprecated(6)", /* used to be a Quality Protocol */ 194 "PFC", /* (7) */ 195 "ACFC", /* (8) */ 196 "FCS-Alt", /* (9) */ 197 "SDP", /* (10) */ 198 "Num-Mode", /* (11) */ 199 "deprecated(12)", /* used to be a Multi-Link-Procedure*/ 200 "Call-Back", /* (13) */ 201 "deprecated(14)", /* used to be a Connect-Time */ 202 "deprecated(15)", /* used to be a Compund-Frames */ 203 "deprecated(16)", /* used to be a Nominal-Data-Encap */ 204 "MRRU", /* (17) */ 205 "12-Bit seq #", /* (18) */ 206 "End-Disc", /* (19) */ 207 "Proprietary", /* (20) */ 208 "DCE-Id", /* (21) */ 209 "MP+", /* (22) */ 210 "Link-Disc", /* (23) */ 211 "LCP-Auth-Opt", /* (24) */ 212 "COBS", /* (25) */ 213 "Prefix-elision", /* (26) */ 214 "Multilink-header-Form",/* (27) */ 215 "I18N", /* (28) */ 216 "SDL-over-SONET/SDH", /* (29) */ 217 "PPP-Muxing", /* (30) */ 218}; 219 220#define NUM_LCPOPTS (sizeof(lcpconfopts) / sizeof(lcpconfopts[0])) 221 222/* ECP - to be supported */ 223 224/* CCP Config Options */ 225 226#define CCPOPT_OUI 0 /* RFC1962 */ 227#define CCPOPT_PRED1 1 /* RFC1962 */ 228#define CCPOPT_PRED2 2 /* RFC1962 */ 229#define CCPOPT_PJUMP 3 /* RFC1962 */ 230/* 4-15 unassigned */ 231#define CCPOPT_HPPPC 16 /* RFC1962 */ 232#define CCPOPT_STACLZS 17 /* RFC1974 */ 233#define CCPOPT_MPPC 18 /* RFC2118 */ 234#define CCPOPT_GFZA 19 /* RFC1962 */ 235#define CCPOPT_V42BIS 20 /* RFC1962 */ 236#define CCPOPT_BSDCOMP 21 /* RFC1977 */ 237/* 22 unassigned */ 238#define CCPOPT_LZSDCP 23 /* RFC1967 */ 239#define CCPOPT_MVRCA 24 /* RFC1975 */ 240#define CCPOPT_DEC 25 /* RFC1976 */ 241#define CCPOPT_DEFLATE 26 /* RFC1979 */ 242/* 27-254 unassigned */ 243#define CCPOPT_RESV 255 /* RFC1962 */ 244 245static const struct tok ccpconfopts_values[] = { 246 { CCPOPT_OUI, "OUI" }, 247 { CCPOPT_PRED1, "Pred-1" }, 248 { CCPOPT_PRED2, "Pred-2" }, 249 { CCPOPT_PJUMP, "Puddle" }, 250 { CCPOPT_HPPPC, "HP-PPC" }, 251 { CCPOPT_STACLZS, "Stac-LZS" }, 252 { CCPOPT_MPPC, "MPPC" }, 253 { CCPOPT_GFZA, "Gand-FZA" }, 254 { CCPOPT_V42BIS, "V.42bis" }, 255 { CCPOPT_BSDCOMP, "BSD-Comp" }, 256 { CCPOPT_LZSDCP, "LZS-DCP" }, 257 { CCPOPT_MVRCA, "MVRCA" }, 258 { CCPOPT_DEC, "DEC" }, 259 { CCPOPT_DEFLATE, "Deflate" }, 260 { CCPOPT_RESV, "Reserved"}, 261 {0, NULL} 262}; 263 264/* BACP Config Options */ 265 266#define BACPOPT_FPEER 1 /* RFC2125 */ 267 268static const struct tok bacconfopts_values[] = { 269 { BACPOPT_FPEER, "Favored-Peer" }, 270 {0, NULL} 271}; 272 273 274/* SDCP - to be supported */ 275 276/* IPCP Config Options */ 277#define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */ 278#define IPCPOPT_IPCOMP 2 /* RFC1332 */ 279#define IPCPOPT_ADDR 3 /* RFC1332 */ 280#define IPCPOPT_MOBILE4 4 /* RFC2290 */ 281#define IPCPOPT_PRIDNS 129 /* RFC1877 */ 282#define IPCPOPT_PRINBNS 130 /* RFC1877 */ 283#define IPCPOPT_SECDNS 131 /* RFC1877 */ 284#define IPCPOPT_SECNBNS 132 /* RFC1877 */ 285 286static const struct tok ipcpopt_values[] = { 287 { IPCPOPT_2ADDR, "IP-Addrs" }, 288 { IPCPOPT_IPCOMP, "IP-Comp" }, 289 { IPCPOPT_ADDR, "IP-Addr" }, 290 { IPCPOPT_MOBILE4, "Home-Addr" }, 291 { IPCPOPT_PRIDNS, "Pri-DNS" }, 292 { IPCPOPT_PRINBNS, "Pri-NBNS" }, 293 { IPCPOPT_SECDNS, "Sec-DNS" }, 294 { IPCPOPT_SECNBNS, "Sec-NBNS" }, 295 { 0, NULL } 296}; 297 298#define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */ 299#define IPCPOPT_IPCOMP_MINLEN 14 300 301static const struct tok ipcpopt_compproto_values[] = { 302 { PPP_VJC, "VJ-Comp" }, 303 { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" }, 304 { 0, NULL } 305}; 306 307static const struct tok ipcpopt_compproto_subopt_values[] = { 308 { 1, "RTP-Compression" }, 309 { 2, "Enhanced RTP-Compression" }, 310 { 0, NULL } 311}; 312 313/* IP6CP Config Options */ 314#define IP6CP_IFID 1 315 316static const struct tok ip6cpopt_values[] = { 317 { IP6CP_IFID, "Interface-ID" }, 318 { 0, NULL } 319}; 320 321/* ATCP - to be supported */ 322/* OSINLCP - to be supported */ 323/* BVCP - to be supported */ 324/* BCP - to be supported */ 325/* IPXCP - to be supported */ 326/* MPLSCP - to be supported */ 327 328/* Auth Algorithms */ 329 330/* 0-4 Reserved (RFC1994) */ 331#define AUTHALG_CHAPMD5 5 /* RFC1994 */ 332#define AUTHALG_MSCHAP1 128 /* RFC2433 */ 333#define AUTHALG_MSCHAP2 129 /* RFC2795 */ 334 335static const struct tok authalg_values[] = { 336 { AUTHALG_CHAPMD5, "MD5" }, 337 { AUTHALG_MSCHAP1, "MS-CHAPv1" }, 338 { AUTHALG_MSCHAP2, "MS-CHAPv2" }, 339 { 0, NULL } 340}; 341 342/* FCS Alternatives - to be supported */ 343 344/* Multilink Endpoint Discriminator (RFC1717) */ 345#define MEDCLASS_NULL 0 /* Null Class */ 346#define MEDCLASS_LOCAL 1 /* Locally Assigned */ 347#define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */ 348#define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */ 349#define MEDCLASS_MNB 4 /* PPP Magic Number Block */ 350#define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */ 351 352/* PPP LCP Callback */ 353#define CALLBACK_AUTH 0 /* Location determined by user auth */ 354#define CALLBACK_DSTR 1 /* Dialing string */ 355#define CALLBACK_LID 2 /* Location identifier */ 356#define CALLBACK_E164 3 /* E.164 number */ 357#define CALLBACK_X500 4 /* X.500 distinguished name */ 358#define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */ 359 360static const struct tok ppp_callback_values[] = { 361 { CALLBACK_AUTH, "UserAuth" }, 362 { CALLBACK_DSTR, "DialString" }, 363 { CALLBACK_LID, "LocalID" }, 364 { CALLBACK_E164, "E.164" }, 365 { CALLBACK_X500, "X.500" }, 366 { CALLBACK_CBCP, "CBCP" }, 367 { 0, NULL } 368}; 369 370/* CHAP */ 371 372#define CHAP_CHAL 1 373#define CHAP_RESP 2 374#define CHAP_SUCC 3 375#define CHAP_FAIL 4 376 377static const struct tok chapcode_values[] = { 378 { CHAP_CHAL, "Challenge" }, 379 { CHAP_RESP, "Response" }, 380 { CHAP_SUCC, "Success" }, 381 { CHAP_FAIL, "Fail" }, 382 { 0, NULL} 383}; 384 385/* PAP */ 386 387#define PAP_AREQ 1 388#define PAP_AACK 2 389#define PAP_ANAK 3 390 391static const struct tok papcode_values[] = { 392 { PAP_AREQ, "Auth-Req" }, 393 { PAP_AACK, "Auth-ACK" }, 394 { PAP_ANAK, "Auth-NACK" }, 395 { 0, NULL } 396}; 397 398/* BAP */ 399#define BAP_CALLREQ 1 400#define BAP_CALLRES 2 401#define BAP_CBREQ 3 402#define BAP_CBRES 4 403#define BAP_LDQREQ 5 404#define BAP_LDQRES 6 405#define BAP_CSIND 7 406#define BAP_CSRES 8 407 408static u_int print_lcp_config_options(netdissect_options *, const u_char *p, u_int); 409static u_int print_ipcp_config_options(netdissect_options *, const u_char *p, u_int); 410static u_int print_ip6cp_config_options(netdissect_options *, const u_char *p, u_int); 411static u_int print_ccp_config_options(netdissect_options *, const u_char *p, u_int); 412static u_int print_bacp_config_options(netdissect_options *, const u_char *p, u_int); 413static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, u_int length); 414 415/* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */ 416static void 417handle_ctrl_proto(netdissect_options *ndo, 418 u_int proto, const u_char *pptr, u_int length) 419{ 420 const char *typestr; 421 u_int code, len; 422 u_int (*pfunc)(netdissect_options *, const u_char *, u_int); 423 u_int tlen, advance; 424 const u_char *tptr; 425 426 tptr=pptr; 427 428 typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto); 429 ND_PRINT("%s, ", typestr); 430 431 if (length < 4) /* FIXME weak boundary checking */ 432 goto trunc; 433 ND_TCHECK_2(tptr); 434 435 code = GET_U_1(tptr); 436 tptr++; 437 438 ND_PRINT("%s (0x%02x), id %u, length %u", 439 tok2str(cpcodes, "Unknown Opcode",code), 440 code, 441 GET_U_1(tptr), /* ID */ 442 length + 2); 443 tptr++; 444 445 if (!ndo->ndo_vflag) 446 return; 447 448 len = GET_BE_U_2(tptr); 449 tptr += 2; 450 451 if (len < 4) { 452 ND_PRINT("\n\tencoded length %u (< 4))", len); 453 return; 454 } 455 456 if (len > length) { 457 ND_PRINT("\n\tencoded length %u (> packet length %u))", len, length); 458 return; 459 } 460 length = len; 461 462 ND_PRINT("\n\tencoded length %u (=Option(s) length %u)", len, len - 4); 463 464 if (length == 4) 465 return; /* there may be a NULL confreq etc. */ 466 467 if (ndo->ndo_vflag > 1) 468 print_unknown_data(ndo, pptr - 2, "\n\t", 6); 469 470 471 switch (code) { 472 case CPCODES_VEXT: 473 if (length < 11) 474 break; 475 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); 476 tptr += 4; 477 ND_PRINT(" Vendor: %s (%u)", 478 tok2str(oui_values,"Unknown",GET_BE_U_3(tptr)), 479 GET_BE_U_3(tptr)); 480 /* XXX: need to decode Kind and Value(s)? */ 481 break; 482 case CPCODES_CONF_REQ: 483 case CPCODES_CONF_ACK: 484 case CPCODES_CONF_NAK: 485 case CPCODES_CONF_REJ: 486 tlen = len - 4; /* Code(1), Identifier(1) and Length(2) */ 487 do { 488 switch (proto) { 489 case PPP_LCP: 490 pfunc = print_lcp_config_options; 491 break; 492 case PPP_IPCP: 493 pfunc = print_ipcp_config_options; 494 break; 495 case PPP_IPV6CP: 496 pfunc = print_ip6cp_config_options; 497 break; 498 case PPP_CCP: 499 pfunc = print_ccp_config_options; 500 break; 501 case PPP_BACP: 502 pfunc = print_bacp_config_options; 503 break; 504 default: 505 /* 506 * No print routine for the options for 507 * this protocol. 508 */ 509 pfunc = NULL; 510 break; 511 } 512 513 if (pfunc == NULL) /* catch the above null pointer if unknown CP */ 514 break; 515 516 if ((advance = (*pfunc)(ndo, tptr, len)) == 0) 517 break; 518 if (tlen < advance) { 519 ND_PRINT(" [remaining options length %u < %u]", 520 tlen, advance); 521 nd_print_invalid(ndo); 522 break; 523 } 524 tlen -= advance; 525 tptr += advance; 526 } while (tlen != 0); 527 break; 528 529 case CPCODES_TERM_REQ: 530 case CPCODES_TERM_ACK: 531 /* XXX: need to decode Data? */ 532 break; 533 case CPCODES_CODE_REJ: 534 /* XXX: need to decode Rejected-Packet? */ 535 break; 536 case CPCODES_PROT_REJ: 537 if (length < 6) 538 break; 539 ND_PRINT("\n\t Rejected %s Protocol (0x%04x)", 540 tok2str(ppptype2str,"unknown", GET_BE_U_2(tptr)), 541 GET_BE_U_2(tptr)); 542 /* XXX: need to decode Rejected-Information? - hexdump for now */ 543 if (len > 6) { 544 ND_PRINT("\n\t Rejected Packet"); 545 print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2); 546 } 547 break; 548 case CPCODES_ECHO_REQ: 549 case CPCODES_ECHO_RPL: 550 case CPCODES_DISC_REQ: 551 if (length < 8) 552 break; 553 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); 554 /* XXX: need to decode Data? - hexdump for now */ 555 if (len > 8) { 556 ND_PRINT("\n\t -----trailing data-----"); 557 ND_TCHECK_LEN(tptr + 4, len - 8); 558 print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8); 559 } 560 break; 561 case CPCODES_ID: 562 if (length < 8) 563 break; 564 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); 565 /* RFC 1661 says this is intended to be human readable */ 566 if (len > 8) { 567 ND_PRINT("\n\t Message\n\t "); 568 if (nd_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend)) 569 goto trunc; 570 } 571 break; 572 case CPCODES_TIME_REM: 573 if (length < 12) 574 break; 575 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); 576 ND_PRINT(", Seconds-Remaining %us", GET_BE_U_4(tptr + 4)); 577 /* XXX: need to decode Message? */ 578 break; 579 default: 580 /* XXX this is dirty but we do not get the 581 * original pointer passed to the begin 582 * the PPP packet */ 583 if (ndo->ndo_vflag <= 1) 584 print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2); 585 break; 586 } 587 return; 588 589trunc: 590 ND_PRINT("[|%s]", typestr); 591} 592 593/* LCP config options */ 594static u_int 595print_lcp_config_options(netdissect_options *ndo, 596 const u_char *p, u_int length) 597{ 598 u_int opt, len; 599 600 if (length < 2) 601 return 0; 602 ND_TCHECK_2(p); 603 opt = GET_U_1(p); 604 len = GET_U_1(p + 1); 605 if (length < len) 606 return 0; 607 if (len < 2) { 608 if (opt < NUM_LCPOPTS) 609 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 610 lcpconfopts[opt], opt, len); 611 else 612 ND_PRINT("\n\tunknown LCP option 0x%02x", opt); 613 return 0; 614 } 615 if (opt < NUM_LCPOPTS) 616 ND_PRINT("\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len); 617 else { 618 ND_PRINT("\n\tunknown LCP option 0x%02x", opt); 619 return len; 620 } 621 622 switch (opt) { 623 case LCPOPT_VEXT: 624 if (len < 6) { 625 ND_PRINT(" (length bogus, should be >= 6)"); 626 return len; 627 } 628 ND_PRINT(": Vendor: %s (%u)", 629 tok2str(oui_values,"Unknown",GET_BE_U_3(p + 2)), 630 GET_BE_U_3(p + 2)); 631#if 0 632 ND_PRINT(", kind: 0x%02x", GET_U_1(p + 5)); 633 ND_PRINT(", Value: 0x"); 634 for (i = 0; i < len - 6; i++) { 635 ND_PRINT("%02x", GET_U_1(p + 6 + i)); 636 } 637#endif 638 break; 639 case LCPOPT_MRU: 640 if (len != 4) { 641 ND_PRINT(" (length bogus, should be = 4)"); 642 return len; 643 } 644 ND_PRINT(": %u", GET_BE_U_2(p + 2)); 645 break; 646 case LCPOPT_ACCM: 647 if (len != 6) { 648 ND_PRINT(" (length bogus, should be = 6)"); 649 return len; 650 } 651 ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2)); 652 break; 653 case LCPOPT_AP: 654 if (len < 4) { 655 ND_PRINT(" (length bogus, should be >= 4)"); 656 return len; 657 } 658 ND_PRINT(": %s", 659 tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", GET_BE_U_2(p + 2))); 660 661 switch (GET_BE_U_2(p + 2)) { 662 case PPP_CHAP: 663 ND_PRINT(", %s", 664 tok2str(authalg_values, "Unknown Auth Alg %u", GET_U_1(p + 4))); 665 break; 666 case PPP_PAP: /* fall through */ 667 case PPP_EAP: 668 case PPP_SPAP: 669 case PPP_SPAP_OLD: 670 break; 671 default: 672 print_unknown_data(ndo, p, "\n\t", len); 673 } 674 break; 675 case LCPOPT_QP: 676 if (len < 4) { 677 ND_PRINT(" (length bogus, should be >= 4)"); 678 return 0; 679 } 680 if (GET_BE_U_2(p + 2) == PPP_LQM) 681 ND_PRINT(": LQR"); 682 else 683 ND_PRINT(": unknown"); 684 break; 685 case LCPOPT_MN: 686 if (len != 6) { 687 ND_PRINT(" (length bogus, should be = 6)"); 688 return 0; 689 } 690 ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2)); 691 break; 692 case LCPOPT_PFC: 693 break; 694 case LCPOPT_ACFC: 695 break; 696 case LCPOPT_LD: 697 if (len != 4) { 698 ND_PRINT(" (length bogus, should be = 4)"); 699 return 0; 700 } 701 ND_PRINT(": 0x%04x", GET_BE_U_2(p + 2)); 702 break; 703 case LCPOPT_CBACK: 704 if (len < 3) { 705 ND_PRINT(" (length bogus, should be >= 3)"); 706 return 0; 707 } 708 ND_PRINT(": "); 709 ND_PRINT(": Callback Operation %s (%u)", 710 tok2str(ppp_callback_values, "Unknown", GET_U_1(p + 2)), 711 GET_U_1(p + 2)); 712 break; 713 case LCPOPT_MLMRRU: 714 if (len != 4) { 715 ND_PRINT(" (length bogus, should be = 4)"); 716 return 0; 717 } 718 ND_PRINT(": %u", GET_BE_U_2(p + 2)); 719 break; 720 case LCPOPT_MLED: 721 if (len < 3) { 722 ND_PRINT(" (length bogus, should be >= 3)"); 723 return 0; 724 } 725 switch (GET_U_1(p + 2)) { /* class */ 726 case MEDCLASS_NULL: 727 ND_PRINT(": Null"); 728 break; 729 case MEDCLASS_LOCAL: 730 ND_PRINT(": Local"); /* XXX */ 731 break; 732 case MEDCLASS_IPV4: 733 if (len != 7) { 734 ND_PRINT(" (length bogus, should be = 7)"); 735 return 0; 736 } 737 ND_PRINT(": IPv4 %s", GET_IPADDR_STRING(p + 3)); 738 break; 739 case MEDCLASS_MAC: 740 if (len != 9) { 741 ND_PRINT(" (length bogus, should be = 9)"); 742 return 0; 743 } 744 ND_PRINT(": MAC %s", GET_ETHERADDR_STRING(p + 3)); 745 break; 746 case MEDCLASS_MNB: 747 ND_PRINT(": Magic-Num-Block"); /* XXX */ 748 break; 749 case MEDCLASS_PSNDN: 750 ND_PRINT(": PSNDN"); /* XXX */ 751 break; 752 default: 753 ND_PRINT(": Unknown class %u", GET_U_1(p + 2)); 754 break; 755 } 756 break; 757 758/* XXX: to be supported */ 759#if 0 760 case LCPOPT_DEP6: 761 case LCPOPT_FCSALT: 762 case LCPOPT_SDP: 763 case LCPOPT_NUMMODE: 764 case LCPOPT_DEP12: 765 case LCPOPT_DEP14: 766 case LCPOPT_DEP15: 767 case LCPOPT_DEP16: 768 case LCPOPT_MLSSNHF: 769 case LCPOPT_PROP: 770 case LCPOPT_DCEID: 771 case LCPOPT_MPP: 772 case LCPOPT_LCPAOPT: 773 case LCPOPT_COBS: 774 case LCPOPT_PE: 775 case LCPOPT_MLHF: 776 case LCPOPT_I18N: 777 case LCPOPT_SDLOS: 778 case LCPOPT_PPPMUX: 779 break; 780#endif 781 default: 782 /* 783 * Unknown option; dump it as raw bytes now if we're 784 * not going to do so below. 785 */ 786 if (ndo->ndo_vflag < 2) 787 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 788 break; 789 } 790 791 if (ndo->ndo_vflag > 1) 792 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 793 794 return len; 795 796trunc: 797 ND_PRINT("[|lcp]"); 798 return 0; 799} 800 801/* ML-PPP*/ 802static const struct tok ppp_ml_flag_values[] = { 803 { 0x80, "begin" }, 804 { 0x40, "end" }, 805 { 0, NULL } 806}; 807 808static void 809handle_mlppp(netdissect_options *ndo, 810 const u_char *p, u_int length) 811{ 812 if (!ndo->ndo_eflag) 813 ND_PRINT("MLPPP, "); 814 815 if (length < 2) { 816 ND_PRINT("[|mlppp]"); 817 return; 818 } 819 if (!ND_TTEST_2(p)) { 820 ND_PRINT("[|mlppp]"); 821 return; 822 } 823 824 ND_PRINT("seq 0x%03x, Flags [%s], length %u", 825 (GET_BE_U_2(p))&0x0fff, 826 /* only support 12-Bit sequence space for now */ 827 bittok2str(ppp_ml_flag_values, "none", GET_U_1(p) & 0xc0), 828 length); 829} 830 831/* CHAP */ 832static void 833handle_chap(netdissect_options *ndo, 834 const u_char *p, u_int length) 835{ 836 u_int code, len; 837 u_int val_size, name_size, msg_size; 838 const u_char *p0; 839 u_int i; 840 841 p0 = p; 842 if (length < 1) { 843 ND_PRINT("[|chap]"); 844 return; 845 } else if (length < 4) { 846 ND_PRINT("[|chap 0x%02x]", GET_U_1(p)); 847 return; 848 } 849 850 code = GET_U_1(p); 851 ND_PRINT("CHAP, %s (0x%02x)", 852 tok2str(chapcode_values,"unknown",code), 853 code); 854 p++; 855 856 ND_PRINT(", id %u", GET_U_1(p)); /* ID */ 857 p++; 858 859 len = GET_BE_U_2(p); 860 p += 2; 861 862 /* 863 * Note that this is a generic CHAP decoding routine. Since we 864 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1, 865 * MS-CHAPv2) is used at this point, we can't decode packet 866 * specifically to each algorithms. Instead, we simply decode 867 * the GCD (Gratest Common Denominator) for all algorithms. 868 */ 869 switch (code) { 870 case CHAP_CHAL: 871 case CHAP_RESP: 872 if (length - (p - p0) < 1) 873 return; 874 val_size = GET_U_1(p); /* value size */ 875 p++; 876 if (length - (p - p0) < val_size) 877 return; 878 ND_PRINT(", Value "); 879 for (i = 0; i < val_size; i++) { 880 ND_PRINT("%02x", GET_U_1(p)); 881 p++; 882 } 883 name_size = len - (u_int)(p - p0); 884 ND_PRINT(", Name "); 885 for (i = 0; i < name_size; i++) { 886 fn_print_char(ndo, GET_U_1(p)); 887 p++; 888 } 889 break; 890 case CHAP_SUCC: 891 case CHAP_FAIL: 892 msg_size = len - (u_int)(p - p0); 893 ND_PRINT(", Msg "); 894 for (i = 0; i< msg_size; i++) { 895 fn_print_char(ndo, GET_U_1(p)); 896 p++; 897 } 898 break; 899 } 900} 901 902/* PAP (see RFC 1334) */ 903static void 904handle_pap(netdissect_options *ndo, 905 const u_char *p, u_int length) 906{ 907 u_int code, len; 908 u_int peerid_len, passwd_len, msg_len; 909 const u_char *p0; 910 u_int i; 911 912 p0 = p; 913 if (length < 1) { 914 ND_PRINT("[|pap]"); 915 return; 916 } else if (length < 4) { 917 ND_PRINT("[|pap 0x%02x]", GET_U_1(p)); 918 return; 919 } 920 921 code = GET_U_1(p); 922 ND_PRINT("PAP, %s (0x%02x)", 923 tok2str(papcode_values, "unknown", code), 924 code); 925 p++; 926 927 ND_PRINT(", id %u", GET_U_1(p)); /* ID */ 928 p++; 929 930 len = GET_BE_U_2(p); 931 p += 2; 932 933 if (len > length) { 934 ND_PRINT(", length %u > packet size", len); 935 return; 936 } 937 length = len; 938 if (length < (size_t)(p - p0)) { 939 ND_PRINT(", length %u < PAP header length", length); 940 return; 941 } 942 943 switch (code) { 944 case PAP_AREQ: 945 /* A valid Authenticate-Request is 6 or more octets long. */ 946 if (len < 6) 947 goto trunc; 948 if (length - (p - p0) < 1) 949 return; 950 peerid_len = GET_U_1(p); /* Peer-ID Length */ 951 p++; 952 if (length - (p - p0) < peerid_len) 953 return; 954 ND_PRINT(", Peer "); 955 for (i = 0; i < peerid_len; i++) { 956 fn_print_char(ndo, GET_U_1(p)); 957 p++; 958 } 959 960 if (length - (p - p0) < 1) 961 return; 962 passwd_len = GET_U_1(p); /* Password Length */ 963 p++; 964 if (length - (p - p0) < passwd_len) 965 return; 966 ND_PRINT(", Name "); 967 for (i = 0; i < passwd_len; i++) { 968 fn_print_char(ndo, GET_U_1(p)); 969 p++; 970 } 971 break; 972 case PAP_AACK: 973 case PAP_ANAK: 974 /* Although some implementations ignore truncation at 975 * this point and at least one generates a truncated 976 * packet, RFC 1334 section 2.2.2 clearly states that 977 * both AACK and ANAK are at least 5 bytes long. 978 */ 979 if (len < 5) 980 goto trunc; 981 if (length - (p - p0) < 1) 982 return; 983 msg_len = GET_U_1(p); /* Msg-Length */ 984 p++; 985 if (length - (p - p0) < msg_len) 986 return; 987 ND_PRINT(", Msg "); 988 for (i = 0; i< msg_len; i++) { 989 fn_print_char(ndo, GET_U_1(p)); 990 p++; 991 } 992 break; 993 } 994 return; 995 996trunc: 997 ND_PRINT("[|pap]"); 998} 999 1000/* BAP */ 1001static void 1002handle_bap(netdissect_options *ndo _U_, 1003 const u_char *p _U_, u_int length _U_) 1004{ 1005 /* XXX: to be supported!! */ 1006} 1007 1008 1009/* IPCP config options */ 1010static u_int 1011print_ipcp_config_options(netdissect_options *ndo, 1012 const u_char *p, u_int length) 1013{ 1014 u_int opt, len; 1015 u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen; 1016 1017 if (length < 2) 1018 return 0; 1019 ND_TCHECK_2(p); 1020 opt = GET_U_1(p); 1021 len = GET_U_1(p + 1); 1022 if (length < len) 1023 return 0; 1024 if (len < 2) { 1025 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 1026 tok2str(ipcpopt_values,"unknown",opt), 1027 opt, 1028 len); 1029 return 0; 1030 } 1031 1032 ND_PRINT("\n\t %s Option (0x%02x), length %u", 1033 tok2str(ipcpopt_values,"unknown",opt), 1034 opt, 1035 len); 1036 1037 switch (opt) { 1038 case IPCPOPT_2ADDR: /* deprecated */ 1039 if (len != 10) { 1040 ND_PRINT(" (length bogus, should be = 10)"); 1041 return len; 1042 } 1043 ND_PRINT(": src %s, dst %s", 1044 GET_IPADDR_STRING(p + 2), 1045 GET_IPADDR_STRING(p + 6)); 1046 break; 1047 case IPCPOPT_IPCOMP: 1048 if (len < 4) { 1049 ND_PRINT(" (length bogus, should be >= 4)"); 1050 return 0; 1051 } 1052 compproto = GET_BE_U_2(p + 2); 1053 1054 ND_PRINT(": %s (0x%02x):", 1055 tok2str(ipcpopt_compproto_values, "Unknown", compproto), 1056 compproto); 1057 1058 switch (compproto) { 1059 case PPP_VJC: 1060 /* XXX: VJ-Comp parameters should be decoded */ 1061 break; 1062 case IPCPOPT_IPCOMP_HDRCOMP: 1063 if (len < IPCPOPT_IPCOMP_MINLEN) { 1064 ND_PRINT(" (length bogus, should be >= %u)", 1065 IPCPOPT_IPCOMP_MINLEN); 1066 return 0; 1067 } 1068 1069 ND_TCHECK_LEN(p + 2, IPCPOPT_IPCOMP_MINLEN); 1070 ND_PRINT("\n\t TCP Space %u, non-TCP Space %u" 1071 ", maxPeriod %u, maxTime %u, maxHdr %u", 1072 GET_BE_U_2(p + 4), 1073 GET_BE_U_2(p + 6), 1074 GET_BE_U_2(p + 8), 1075 GET_BE_U_2(p + 10), 1076 GET_BE_U_2(p + 12)); 1077 1078 /* suboptions present ? */ 1079 if (len > IPCPOPT_IPCOMP_MINLEN) { 1080 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN; 1081 p += IPCPOPT_IPCOMP_MINLEN; 1082 1083 ND_PRINT("\n\t Suboptions, length %u", ipcomp_subopttotallen); 1084 1085 while (ipcomp_subopttotallen >= 2) { 1086 ND_TCHECK_2(p); 1087 ipcomp_subopt = GET_U_1(p); 1088 ipcomp_suboptlen = GET_U_1(p + 1); 1089 1090 /* sanity check */ 1091 if (ipcomp_subopt == 0 || 1092 ipcomp_suboptlen == 0 ) 1093 break; 1094 1095 /* XXX: just display the suboptions for now */ 1096 ND_PRINT("\n\t\t%s Suboption #%u, length %u", 1097 tok2str(ipcpopt_compproto_subopt_values, 1098 "Unknown", 1099 ipcomp_subopt), 1100 ipcomp_subopt, 1101 ipcomp_suboptlen); 1102 if (ipcomp_subopttotallen < ipcomp_suboptlen) { 1103 ND_PRINT(" [remaining suboptions length %u < %u]", 1104 ipcomp_subopttotallen, ipcomp_suboptlen); 1105 nd_print_invalid(ndo); 1106 break; 1107 } 1108 ipcomp_subopttotallen -= ipcomp_suboptlen; 1109 p += ipcomp_suboptlen; 1110 } 1111 } 1112 break; 1113 default: 1114 break; 1115 } 1116 break; 1117 1118 case IPCPOPT_ADDR: /* those options share the same format - fall through */ 1119 case IPCPOPT_MOBILE4: 1120 case IPCPOPT_PRIDNS: 1121 case IPCPOPT_PRINBNS: 1122 case IPCPOPT_SECDNS: 1123 case IPCPOPT_SECNBNS: 1124 if (len != 6) { 1125 ND_PRINT(" (length bogus, should be = 6)"); 1126 return 0; 1127 } 1128 ND_PRINT(": %s", GET_IPADDR_STRING(p + 2)); 1129 break; 1130 default: 1131 /* 1132 * Unknown option; dump it as raw bytes now if we're 1133 * not going to do so below. 1134 */ 1135 if (ndo->ndo_vflag < 2) 1136 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 1137 break; 1138 } 1139 if (ndo->ndo_vflag > 1) 1140 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 1141 return len; 1142 1143trunc: 1144 ND_PRINT("[|ipcp]"); 1145 return 0; 1146} 1147 1148/* IP6CP config options */ 1149static u_int 1150print_ip6cp_config_options(netdissect_options *ndo, 1151 const u_char *p, u_int length) 1152{ 1153 u_int opt, len; 1154 1155 if (length < 2) 1156 return 0; 1157 ND_TCHECK_2(p); 1158 opt = GET_U_1(p); 1159 len = GET_U_1(p + 1); 1160 if (length < len) 1161 return 0; 1162 if (len < 2) { 1163 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 1164 tok2str(ip6cpopt_values,"unknown",opt), 1165 opt, 1166 len); 1167 return 0; 1168 } 1169 1170 ND_PRINT("\n\t %s Option (0x%02x), length %u", 1171 tok2str(ip6cpopt_values,"unknown",opt), 1172 opt, 1173 len); 1174 1175 switch (opt) { 1176 case IP6CP_IFID: 1177 if (len != 10) { 1178 ND_PRINT(" (length bogus, should be = 10)"); 1179 return len; 1180 } 1181 ND_TCHECK_8(p + 2); 1182 ND_PRINT(": %04x:%04x:%04x:%04x", 1183 GET_BE_U_2(p + 2), 1184 GET_BE_U_2(p + 4), 1185 GET_BE_U_2(p + 6), 1186 GET_BE_U_2(p + 8)); 1187 break; 1188 default: 1189 /* 1190 * Unknown option; dump it as raw bytes now if we're 1191 * not going to do so below. 1192 */ 1193 if (ndo->ndo_vflag < 2) 1194 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 1195 break; 1196 } 1197 if (ndo->ndo_vflag > 1) 1198 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 1199 1200 return len; 1201 1202trunc: 1203 ND_PRINT("[|ip6cp]"); 1204 return 0; 1205} 1206 1207 1208/* CCP config options */ 1209static u_int 1210print_ccp_config_options(netdissect_options *ndo, 1211 const u_char *p, u_int length) 1212{ 1213 u_int opt, len; 1214 1215 if (length < 2) 1216 return 0; 1217 ND_TCHECK_2(p); 1218 opt = GET_U_1(p); 1219 len = GET_U_1(p + 1); 1220 if (length < len) 1221 return 0; 1222 if (len < 2) { 1223 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 1224 tok2str(ccpconfopts_values, "Unknown", opt), 1225 opt, 1226 len); 1227 return 0; 1228 } 1229 1230 ND_PRINT("\n\t %s Option (0x%02x), length %u", 1231 tok2str(ccpconfopts_values, "Unknown", opt), 1232 opt, 1233 len); 1234 1235 switch (opt) { 1236 case CCPOPT_BSDCOMP: 1237 if (len < 3) { 1238 ND_PRINT(" (length bogus, should be >= 3)"); 1239 return len; 1240 } 1241 ND_PRINT(": Version: %u, Dictionary Bits: %u", 1242 GET_U_1(p + 2) >> 5, 1243 GET_U_1(p + 2) & 0x1f); 1244 break; 1245 case CCPOPT_MVRCA: 1246 if (len < 4) { 1247 ND_PRINT(" (length bogus, should be >= 4)"); 1248 return len; 1249 } 1250 ND_PRINT(": Features: %u, PxP: %s, History: %u, #CTX-ID: %u", 1251 (GET_U_1(p + 2) & 0xc0) >> 6, 1252 (GET_U_1(p + 2) & 0x20) ? "Enabled" : "Disabled", 1253 GET_U_1(p + 2) & 0x1f, 1254 GET_U_1(p + 3)); 1255 break; 1256 case CCPOPT_DEFLATE: 1257 if (len < 4) { 1258 ND_PRINT(" (length bogus, should be >= 4)"); 1259 return len; 1260 } 1261 ND_PRINT(": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u", 1262 (GET_U_1(p + 2) & 0xf0) >> 4, 1263 ((GET_U_1(p + 2) & 0x0f) == 8) ? "zlib" : "unknown", 1264 GET_U_1(p + 2) & 0x0f, 1265 (GET_U_1(p + 3) & 0xfc) >> 2, 1266 GET_U_1(p + 3) & 0x03); 1267 break; 1268 1269/* XXX: to be supported */ 1270#if 0 1271 case CCPOPT_OUI: 1272 case CCPOPT_PRED1: 1273 case CCPOPT_PRED2: 1274 case CCPOPT_PJUMP: 1275 case CCPOPT_HPPPC: 1276 case CCPOPT_STACLZS: 1277 case CCPOPT_MPPC: 1278 case CCPOPT_GFZA: 1279 case CCPOPT_V42BIS: 1280 case CCPOPT_LZSDCP: 1281 case CCPOPT_DEC: 1282 case CCPOPT_RESV: 1283 break; 1284#endif 1285 default: 1286 /* 1287 * Unknown option; dump it as raw bytes now if we're 1288 * not going to do so below. 1289 */ 1290 if (ndo->ndo_vflag < 2) 1291 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 1292 break; 1293 } 1294 if (ndo->ndo_vflag > 1) 1295 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 1296 1297 return len; 1298 1299trunc: 1300 ND_PRINT("[|ccp]"); 1301 return 0; 1302} 1303 1304/* BACP config options */ 1305static u_int 1306print_bacp_config_options(netdissect_options *ndo, 1307 const u_char *p, u_int length) 1308{ 1309 u_int opt, len; 1310 1311 if (length < 2) 1312 return 0; 1313 ND_TCHECK_2(p); 1314 opt = GET_U_1(p); 1315 len = GET_U_1(p + 1); 1316 if (length < len) 1317 return 0; 1318 if (len < 2) { 1319 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 1320 tok2str(bacconfopts_values, "Unknown", opt), 1321 opt, 1322 len); 1323 return 0; 1324 } 1325 1326 ND_PRINT("\n\t %s Option (0x%02x), length %u", 1327 tok2str(bacconfopts_values, "Unknown", opt), 1328 opt, 1329 len); 1330 1331 switch (opt) { 1332 case BACPOPT_FPEER: 1333 if (len != 6) { 1334 ND_PRINT(" (length bogus, should be = 6)"); 1335 return len; 1336 } 1337 ND_PRINT(": Magic-Num 0x%08x", GET_BE_U_4(p + 2)); 1338 break; 1339 default: 1340 /* 1341 * Unknown option; dump it as raw bytes now if we're 1342 * not going to do so below. 1343 */ 1344 if (ndo->ndo_vflag < 2) 1345 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 1346 break; 1347 } 1348 if (ndo->ndo_vflag > 1) 1349 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 1350 1351 return len; 1352 1353trunc: 1354 ND_PRINT("[|bacp]"); 1355 return 0; 1356} 1357 1358/* 1359 * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes. 1360 * The length argument is the on-the-wire length, not the captured 1361 * length; we can only un-escape the captured part. 1362 */ 1363static void 1364ppp_hdlc(netdissect_options *ndo, 1365 const u_char *p, u_int length) 1366{ 1367 u_int caplen = ND_BYTES_AVAILABLE_AFTER(p); 1368 u_char *b, *t, c; 1369 const u_char *s; 1370 u_int i, proto; 1371 const void *sb, *se; 1372 1373 if (caplen == 0) 1374 return; 1375 1376 if (length == 0) 1377 return; 1378 1379 b = (u_char *)nd_malloc(ndo, caplen); 1380 if (b == NULL) 1381 return; 1382 1383 /* 1384 * Unescape all the data into a temporary, private, buffer. 1385 * Do this so that we don't overwrite the original packet 1386 * contents. 1387 */ 1388 for (s = p, t = b, i = caplen; i != 0; i--) { 1389 c = GET_U_1(s); 1390 s++; 1391 if (c == 0x7d) { 1392 if (i <= 1) 1393 break; 1394 i--; 1395 c = GET_U_1(s) ^ 0x20; 1396 s++; 1397 } 1398 *t++ = c; 1399 } 1400 1401 /* 1402 * Change the end pointer, so bounds checks work. 1403 * Change the pointer to packet data to help debugging. 1404 */ 1405 sb = ndo->ndo_packetp; 1406 se = ndo->ndo_snapend; 1407 ndo->ndo_packetp = b; 1408 ndo->ndo_snapend = t; 1409 length = ND_BYTES_AVAILABLE_AFTER(b); 1410 1411 /* now lets guess about the payload codepoint format */ 1412 if (length < 1) 1413 goto trunc; 1414 proto = GET_U_1(b); /* start with a one-octet codepoint guess */ 1415 1416 switch (proto) { 1417 case PPP_IP: 1418 ip_print(ndo, b + 1, length - 1); 1419 goto cleanup; 1420 case PPP_IPV6: 1421 ip6_print(ndo, b + 1, length - 1); 1422 goto cleanup; 1423 default: /* no luck - try next guess */ 1424 break; 1425 } 1426 1427 if (length < 2) 1428 goto trunc; 1429 proto = GET_BE_U_2(b); /* next guess - load two octets */ 1430 1431 switch (proto) { 1432 case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */ 1433 if (length < 4) 1434 goto trunc; 1435 proto = GET_BE_U_2(b + 2); /* load the PPP proto-id */ 1436 if ((proto & 0xff00) == 0x7e00) 1437 ND_PRINT("(protocol 0x%04x invalid)", proto); 1438 else 1439 handle_ppp(ndo, proto, b + 4, length - 4); 1440 break; 1441 default: /* last guess - proto must be a PPP proto-id */ 1442 if ((proto & 0xff00) == 0x7e00) 1443 ND_PRINT("(protocol 0x%04x invalid)", proto); 1444 else 1445 handle_ppp(ndo, proto, b + 2, length - 2); 1446 break; 1447 } 1448 1449cleanup: 1450 ndo->ndo_packetp = sb; 1451 ndo->ndo_snapend = se; 1452 return; 1453 1454trunc: 1455 ndo->ndo_packetp = sb; 1456 ndo->ndo_snapend = se; 1457 nd_print_trunc(ndo); 1458} 1459 1460 1461/* PPP */ 1462static void 1463handle_ppp(netdissect_options *ndo, 1464 u_int proto, const u_char *p, u_int length) 1465{ 1466 if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */ 1467 ppp_hdlc(ndo, p - 1, length); 1468 return; 1469 } 1470 1471 switch (proto) { 1472 case PPP_LCP: /* fall through */ 1473 case PPP_IPCP: 1474 case PPP_OSICP: 1475 case PPP_MPLSCP: 1476 case PPP_IPV6CP: 1477 case PPP_CCP: 1478 case PPP_BACP: 1479 handle_ctrl_proto(ndo, proto, p, length); 1480 break; 1481 case PPP_ML: 1482 handle_mlppp(ndo, p, length); 1483 break; 1484 case PPP_CHAP: 1485 handle_chap(ndo, p, length); 1486 break; 1487 case PPP_PAP: 1488 handle_pap(ndo, p, length); 1489 break; 1490 case PPP_BAP: /* XXX: not yet completed */ 1491 handle_bap(ndo, p, length); 1492 break; 1493 case ETHERTYPE_IP: /*XXX*/ 1494 case PPP_VJNC: 1495 case PPP_IP: 1496 ip_print(ndo, p, length); 1497 break; 1498 case ETHERTYPE_IPV6: /*XXX*/ 1499 case PPP_IPV6: 1500 ip6_print(ndo, p, length); 1501 break; 1502 case ETHERTYPE_IPX: /*XXX*/ 1503 case PPP_IPX: 1504 ipx_print(ndo, p, length); 1505 break; 1506 case PPP_OSI: 1507 isoclns_print(ndo, p, length); 1508 break; 1509 case PPP_MPLS_UCAST: 1510 case PPP_MPLS_MCAST: 1511 mpls_print(ndo, p, length); 1512 break; 1513 case PPP_COMP: 1514 ND_PRINT("compressed PPP data"); 1515 break; 1516 default: 1517 ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)); 1518 print_unknown_data(ndo, p, "\n\t", length); 1519 break; 1520 } 1521} 1522 1523/* Standard PPP printer */ 1524u_int 1525ppp_print(netdissect_options *ndo, 1526 const u_char *p, u_int length) 1527{ 1528 u_int proto,ppp_header; 1529 u_int olen = length; /* _o_riginal length */ 1530 u_int hdr_len = 0; 1531 1532 ndo->ndo_protocol = "ppp"; 1533 /* 1534 * Here, we assume that p points to the Address and Control 1535 * field (if they present). 1536 */ 1537 if (length < 2) 1538 goto trunc; 1539 ppp_header = GET_BE_U_2(p); 1540 1541 switch(ppp_header) { 1542 case (PPP_PPPD_IN << 8 | PPP_CONTROL): 1543 if (ndo->ndo_eflag) ND_PRINT("In "); 1544 p += 2; 1545 length -= 2; 1546 hdr_len += 2; 1547 break; 1548 case (PPP_PPPD_OUT << 8 | PPP_CONTROL): 1549 if (ndo->ndo_eflag) ND_PRINT("Out "); 1550 p += 2; 1551 length -= 2; 1552 hdr_len += 2; 1553 break; 1554 case (PPP_ADDRESS << 8 | PPP_CONTROL): 1555 p += 2; /* ACFC not used */ 1556 length -= 2; 1557 hdr_len += 2; 1558 break; 1559 1560 default: 1561 break; 1562 } 1563 1564 if (length < 2) 1565 goto trunc; 1566 if (GET_U_1(p) % 2) { 1567 proto = GET_U_1(p); /* PFC is used */ 1568 p++; 1569 length--; 1570 hdr_len++; 1571 } else { 1572 proto = GET_BE_U_2(p); 1573 p += 2; 1574 length -= 2; 1575 hdr_len += 2; 1576 } 1577 1578 if (ndo->ndo_eflag) { 1579 const char *typestr; 1580 typestr = tok2str(ppptype2str, "unknown", proto); 1581 ND_PRINT("%s (0x%04x), length %u", 1582 typestr, 1583 proto, 1584 olen); 1585 if (*typestr == 'u') /* "unknown" */ 1586 return hdr_len; 1587 1588 ND_PRINT(": "); 1589 } 1590 1591 handle_ppp(ndo, proto, p, length); 1592 return (hdr_len); 1593trunc: 1594 nd_print_trunc(ndo); 1595 return (0); 1596} 1597 1598 1599/* PPP I/F printer */ 1600void 1601ppp_if_print(netdissect_options *ndo, 1602 const struct pcap_pkthdr *h, const u_char *p) 1603{ 1604 u_int length = h->len; 1605 u_int caplen = h->caplen; 1606 1607 ndo->ndo_protocol = "ppp"; 1608 if (caplen < PPP_HDRLEN) { 1609 nd_print_trunc(ndo); 1610 ndo->ndo_ll_hdr_len += caplen; 1611 return; 1612 } 1613 ndo->ndo_ll_hdr_len += PPP_HDRLEN; 1614 1615#if 0 1616 /* 1617 * XXX: seems to assume that there are 2 octets prepended to an 1618 * actual PPP frame. The 1st octet looks like Input/Output flag 1619 * while 2nd octet is unknown, at least to me 1620 * (mshindo@mshindo.net). 1621 * 1622 * That was what the original tcpdump code did. 1623 * 1624 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound 1625 * packets and 0 for inbound packets - but only if the 1626 * protocol field has the 0x8000 bit set (i.e., it's a network 1627 * control protocol); it does so before running the packet through 1628 * "bpf_filter" to see if it should be discarded, and to see 1629 * if we should update the time we sent the most recent packet... 1630 * 1631 * ...but it puts the original address field back after doing 1632 * so. 1633 * 1634 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion. 1635 * 1636 * I don't know if any PPP implementation handed up to a BPF 1637 * device packets with the first octet being 1 for outbound and 1638 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know 1639 * whether that ever needs to be checked or not. 1640 * 1641 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP, 1642 * and its tcpdump appears to assume that the frame always 1643 * begins with an address field and a control field, and that 1644 * the address field might be 0x0f or 0x8f, for Cisco 1645 * point-to-point with HDLC framing as per section 4.3.1 of RFC 1646 * 1547, as well as 0xff, for PPP in HDLC-like framing as per 1647 * RFC 1662. 1648 * 1649 * (Is the Cisco framing in question what DLT_C_HDLC, in 1650 * BSD/OS, is?) 1651 */ 1652 if (ndo->ndo_eflag) 1653 ND_PRINT("%c %4d %02x ", GET_U_1(p) ? 'O' : 'I', 1654 length, GET_U_1(p + 1)); 1655#endif 1656 1657 ppp_print(ndo, p, length); 1658} 1659 1660/* 1661 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like 1662 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547, 1663 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL, 1664 * discard them *if* those are the first two octets, and parse the remaining 1665 * packet as a PPP packet, as "ppp_print()" does). 1666 * 1667 * This handles, for example, DLT_PPP_SERIAL in NetBSD. 1668 */ 1669void 1670ppp_hdlc_if_print(netdissect_options *ndo, 1671 const struct pcap_pkthdr *h, const u_char *p) 1672{ 1673 u_int length = h->len; 1674 u_int caplen = h->caplen; 1675 u_int proto; 1676 u_int hdrlen = 0; 1677 1678 ndo->ndo_protocol = "ppp_hdlc"; 1679 if (caplen < 2) { 1680 nd_print_trunc(ndo); 1681 ndo->ndo_ll_hdr_len += caplen; 1682 return; 1683 } 1684 1685 switch (GET_U_1(p)) { 1686 1687 case PPP_ADDRESS: 1688 if (caplen < 4) { 1689 nd_print_trunc(ndo); 1690 ndo->ndo_ll_hdr_len += caplen; 1691 return; 1692 } 1693 1694 if (ndo->ndo_eflag) 1695 ND_PRINT("%02x %02x %u ", GET_U_1(p), 1696 GET_U_1(p + 1), length); 1697 p += 2; 1698 length -= 2; 1699 hdrlen += 2; 1700 1701 proto = GET_BE_U_2(p); 1702 p += 2; 1703 length -= 2; 1704 hdrlen += 2; 1705 ND_PRINT("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)); 1706 1707 handle_ppp(ndo, proto, p, length); 1708 break; 1709 1710 case CHDLC_UNICAST: 1711 case CHDLC_BCAST: 1712 chdlc_if_print(ndo, h, p); 1713 return; 1714 1715 default: 1716 if (caplen < 4) { 1717 nd_print_trunc(ndo); 1718 ndo->ndo_ll_hdr_len += caplen; 1719 return; 1720 } 1721 1722 if (ndo->ndo_eflag) 1723 ND_PRINT("%02x %02x %u ", GET_U_1(p), 1724 GET_U_1(p + 1), length); 1725 p += 2; 1726 hdrlen += 2; 1727 1728 /* 1729 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats 1730 * the next two octets as an Ethernet type; does that 1731 * ever happen? 1732 */ 1733 ND_PRINT("unknown addr %02x; ctrl %02x", GET_U_1(p), 1734 GET_U_1(p + 1)); 1735 break; 1736 } 1737 1738 ndo->ndo_ll_hdr_len += hdrlen; 1739} 1740 1741#define PPP_BSDI_HDRLEN 24 1742 1743/* BSD/OS specific PPP printer */ 1744void 1745ppp_bsdos_if_print(netdissect_options *ndo, 1746 const struct pcap_pkthdr *h _U_, const u_char *p _U_) 1747{ 1748 u_int hdrlength; 1749#ifdef __bsdi__ 1750 u_int length = h->len; 1751 u_int caplen = h->caplen; 1752 uint16_t ptype; 1753 uint8_t llhl; 1754 const u_char *q; 1755 u_int i; 1756 1757 ndo->ndo_protocol = "ppp_bsdos"; 1758 if (caplen < PPP_BSDI_HDRLEN) { 1759 nd_print_trunc(ndo); 1760 ndo->ndo_ll_hdr_len += caplen; 1761 return; 1762 } 1763 1764 hdrlength = 0; 1765 1766#if 0 1767 if (GET_U_1(p) == PPP_ADDRESS && 1768 GET_U_1(p + 1) == PPP_CONTROL) { 1769 if (ndo->ndo_eflag) 1770 ND_PRINT("%02x %02x ", GET_U_1(p), 1771 GET_U_1(p + 1)); 1772 p += 2; 1773 hdrlength = 2; 1774 } 1775 1776 if (ndo->ndo_eflag) 1777 ND_PRINT("%u ", length); 1778 /* Retrieve the protocol type */ 1779 if (GET_U_1(p) & 01) { 1780 /* Compressed protocol field */ 1781 ptype = GET_U_1(p); 1782 if (ndo->ndo_eflag) 1783 ND_PRINT("%02x ", ptype); 1784 p++; 1785 hdrlength += 1; 1786 } else { 1787 /* Un-compressed protocol field */ 1788 ptype = GET_BE_U_2(p); 1789 if (ndo->ndo_eflag) 1790 ND_PRINT("%04x ", ptype); 1791 p += 2; 1792 hdrlength += 2; 1793 } 1794#else 1795 ptype = 0; /*XXX*/ 1796 if (ndo->ndo_eflag) 1797 ND_PRINT("%c ", GET_U_1(p + SLC_DIR) ? 'O' : 'I'); 1798 llhl = GET_U_1(p + SLC_LLHL); 1799 if (llhl) { 1800 /* link level header */ 1801 struct ppp_header *ph; 1802 1803 q = p + SLC_BPFHDRLEN; 1804 ph = (struct ppp_header *)q; 1805 if (ph->phdr_addr == PPP_ADDRESS 1806 && ph->phdr_ctl == PPP_CONTROL) { 1807 if (ndo->ndo_eflag) 1808 ND_PRINT("%02x %02x ", GET_U_1(q), 1809 GET_U_1(q + 1)); 1810 ptype = GET_BE_U_2(&ph->phdr_type); 1811 if (ndo->ndo_eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) { 1812 ND_PRINT("%s ", tok2str(ppptype2str, 1813 "proto-#%u", ptype)); 1814 } 1815 } else { 1816 if (ndo->ndo_eflag) { 1817 ND_PRINT("LLH=["); 1818 for (i = 0; i < llhl; i++) 1819 ND_PRINT("%02x", GET_U_1(q + i)); 1820 ND_PRINT("] "); 1821 } 1822 } 1823 } 1824 if (ndo->ndo_eflag) 1825 ND_PRINT("%u ", length); 1826 if (GET_U_1(p + SLC_CHL)) { 1827 q = p + SLC_BPFHDRLEN + llhl; 1828 1829 switch (ptype) { 1830 case PPP_VJC: 1831 ptype = vjc_print(ndo, q, ptype); 1832 hdrlength = PPP_BSDI_HDRLEN; 1833 p += hdrlength; 1834 switch (ptype) { 1835 case PPP_IP: 1836 ip_print(ndo, p, length); 1837 break; 1838 case PPP_IPV6: 1839 ip6_print(ndo, p, length); 1840 break; 1841 case PPP_MPLS_UCAST: 1842 case PPP_MPLS_MCAST: 1843 mpls_print(ndo, p, length); 1844 break; 1845 } 1846 goto printx; 1847 case PPP_VJNC: 1848 ptype = vjc_print(ndo, q, ptype); 1849 hdrlength = PPP_BSDI_HDRLEN; 1850 p += hdrlength; 1851 switch (ptype) { 1852 case PPP_IP: 1853 ip_print(ndo, p, length); 1854 break; 1855 case PPP_IPV6: 1856 ip6_print(ndo, p, length); 1857 break; 1858 case PPP_MPLS_UCAST: 1859 case PPP_MPLS_MCAST: 1860 mpls_print(ndo, p, length); 1861 break; 1862 } 1863 goto printx; 1864 default: 1865 if (ndo->ndo_eflag) { 1866 ND_PRINT("CH=["); 1867 for (i = 0; i < llhl; i++) 1868 ND_PRINT("%02x", 1869 GET_U_1(q + i)); 1870 ND_PRINT("] "); 1871 } 1872 break; 1873 } 1874 } 1875 1876 hdrlength = PPP_BSDI_HDRLEN; 1877#endif 1878 1879 length -= hdrlength; 1880 p += hdrlength; 1881 1882 switch (ptype) { 1883 case PPP_IP: 1884 ip_print(p, length); 1885 break; 1886 case PPP_IPV6: 1887 ip6_print(ndo, p, length); 1888 break; 1889 case PPP_MPLS_UCAST: 1890 case PPP_MPLS_MCAST: 1891 mpls_print(ndo, p, length); 1892 break; 1893 default: 1894 ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype)); 1895 } 1896 1897printx: 1898#else /* __bsdi */ 1899 hdrlength = 0; 1900#endif /* __bsdi__ */ 1901 ndo->ndo_ll_hdr_len += hdrlength; 1902} 1903