1 /* 2 * Copyright (c) 1991, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * L2TP support contributed by Motonori Shindo (mshindo@mshindo.net) 22 */ 23 24 #include <sys/cdefs.h> 25 #ifndef lint 26 __RCSID("$NetBSD: print-l2tp.c,v 1.9 2019/10/01 16:06:16 christos Exp $"); 27 #endif 28 29 /* \summary: Layer Two Tunneling Protocol (L2TP) printer */ 30 31 /* specification: RFC 2661 */ 32 33 #ifdef HAVE_CONFIG_H 34 #include "config.h" 35 #endif 36 37 #include <netdissect-stdinc.h> 38 39 #include "netdissect.h" 40 #include "extract.h" 41 42 #define L2TP_FLAG_TYPE 0x8000 /* Type (0=Data, 1=Control) */ 43 #define L2TP_FLAG_LENGTH 0x4000 /* Length */ 44 #define L2TP_FLAG_SEQUENCE 0x0800 /* Sequence */ 45 #define L2TP_FLAG_OFFSET 0x0200 /* Offset */ 46 #define L2TP_FLAG_PRIORITY 0x0100 /* Priority */ 47 48 #define L2TP_VERSION_MASK 0x000f /* Version Mask */ 49 #define L2TP_VERSION_L2F 0x0001 /* L2F */ 50 #define L2TP_VERSION_L2TP 0x0002 /* L2TP */ 51 52 #define L2TP_AVP_HDR_FLAG_MANDATORY 0x8000 /* Mandatory Flag */ 53 #define L2TP_AVP_HDR_FLAG_HIDDEN 0x4000 /* Hidden Flag */ 54 #define L2TP_AVP_HDR_LEN_MASK 0x03ff /* Length Mask */ 55 56 #define L2TP_FRAMING_CAP_SYNC_MASK 0x00000001 /* Synchronous */ 57 #define L2TP_FRAMING_CAP_ASYNC_MASK 0x00000002 /* Asynchronous */ 58 59 #define L2TP_FRAMING_TYPE_SYNC_MASK 0x00000001 /* Synchronous */ 60 #define L2TP_FRAMING_TYPE_ASYNC_MASK 0x00000002 /* Asynchronous */ 61 62 #define L2TP_BEARER_CAP_DIGITAL_MASK 0x00000001 /* Digital */ 63 #define L2TP_BEARER_CAP_ANALOG_MASK 0x00000002 /* Analog */ 64 65 #define L2TP_BEARER_TYPE_DIGITAL_MASK 0x00000001 /* Digital */ 66 #define L2TP_BEARER_TYPE_ANALOG_MASK 0x00000002 /* Analog */ 67 68 /* Authen Type */ 69 #define L2TP_AUTHEN_TYPE_RESERVED 0x0000 /* Reserved */ 70 #define L2TP_AUTHEN_TYPE_TEXTUAL 0x0001 /* Textual username/password exchange */ 71 #define L2TP_AUTHEN_TYPE_CHAP 0x0002 /* PPP CHAP */ 72 #define L2TP_AUTHEN_TYPE_PAP 0x0003 /* PPP PAP */ 73 #define L2TP_AUTHEN_TYPE_NO_AUTH 0x0004 /* No Authentication */ 74 #define L2TP_AUTHEN_TYPE_MSCHAPv1 0x0005 /* MSCHAPv1 */ 75 76 #define L2TP_PROXY_AUTH_ID_MASK 0x00ff 77 78 static const char tstr[] = " [|l2tp]"; 79 80 #define L2TP_MSGTYPE_SCCRQ 1 /* Start-Control-Connection-Request */ 81 #define L2TP_MSGTYPE_SCCRP 2 /* Start-Control-Connection-Reply */ 82 #define L2TP_MSGTYPE_SCCCN 3 /* Start-Control-Connection-Connected */ 83 #define L2TP_MSGTYPE_STOPCCN 4 /* Stop-Control-Connection-Notification */ 84 #define L2TP_MSGTYPE_HELLO 6 /* Hello */ 85 #define L2TP_MSGTYPE_OCRQ 7 /* Outgoing-Call-Request */ 86 #define L2TP_MSGTYPE_OCRP 8 /* Outgoing-Call-Reply */ 87 #define L2TP_MSGTYPE_OCCN 9 /* Outgoing-Call-Connected */ 88 #define L2TP_MSGTYPE_ICRQ 10 /* Incoming-Call-Request */ 89 #define L2TP_MSGTYPE_ICRP 11 /* Incoming-Call-Reply */ 90 #define L2TP_MSGTYPE_ICCN 12 /* Incoming-Call-Connected */ 91 #define L2TP_MSGTYPE_CDN 14 /* Call-Disconnect-Notify */ 92 #define L2TP_MSGTYPE_WEN 15 /* WAN-Error-Notify */ 93 #define L2TP_MSGTYPE_SLI 16 /* Set-Link-Info */ 94 95 static const struct tok l2tp_msgtype2str[] = { 96 { L2TP_MSGTYPE_SCCRQ, "SCCRQ" }, 97 { L2TP_MSGTYPE_SCCRP, "SCCRP" }, 98 { L2TP_MSGTYPE_SCCCN, "SCCCN" }, 99 { L2TP_MSGTYPE_STOPCCN, "StopCCN" }, 100 { L2TP_MSGTYPE_HELLO, "HELLO" }, 101 { L2TP_MSGTYPE_OCRQ, "OCRQ" }, 102 { L2TP_MSGTYPE_OCRP, "OCRP" }, 103 { L2TP_MSGTYPE_OCCN, "OCCN" }, 104 { L2TP_MSGTYPE_ICRQ, "ICRQ" }, 105 { L2TP_MSGTYPE_ICRP, "ICRP" }, 106 { L2TP_MSGTYPE_ICCN, "ICCN" }, 107 { L2TP_MSGTYPE_CDN, "CDN" }, 108 { L2TP_MSGTYPE_WEN, "WEN" }, 109 { L2TP_MSGTYPE_SLI, "SLI" }, 110 { 0, NULL } 111 }; 112 113 #define L2TP_AVP_MSGTYPE 0 /* Message Type */ 114 #define L2TP_AVP_RESULT_CODE 1 /* Result Code */ 115 #define L2TP_AVP_PROTO_VER 2 /* Protocol Version */ 116 #define L2TP_AVP_FRAMING_CAP 3 /* Framing Capabilities */ 117 #define L2TP_AVP_BEARER_CAP 4 /* Bearer Capabilities */ 118 #define L2TP_AVP_TIE_BREAKER 5 /* Tie Breaker */ 119 #define L2TP_AVP_FIRM_VER 6 /* Firmware Revision */ 120 #define L2TP_AVP_HOST_NAME 7 /* Host Name */ 121 #define L2TP_AVP_VENDOR_NAME 8 /* Vendor Name */ 122 #define L2TP_AVP_ASSND_TUN_ID 9 /* Assigned Tunnel ID */ 123 #define L2TP_AVP_RECV_WIN_SIZE 10 /* Receive Window Size */ 124 #define L2TP_AVP_CHALLENGE 11 /* Challenge */ 125 #define L2TP_AVP_Q931_CC 12 /* Q.931 Cause Code */ 126 #define L2TP_AVP_CHALLENGE_RESP 13 /* Challenge Response */ 127 #define L2TP_AVP_ASSND_SESS_ID 14 /* Assigned Session ID */ 128 #define L2TP_AVP_CALL_SER_NUM 15 /* Call Serial Number */ 129 #define L2TP_AVP_MINIMUM_BPS 16 /* Minimum BPS */ 130 #define L2TP_AVP_MAXIMUM_BPS 17 /* Maximum BPS */ 131 #define L2TP_AVP_BEARER_TYPE 18 /* Bearer Type */ 132 #define L2TP_AVP_FRAMING_TYPE 19 /* Framing Type */ 133 #define L2TP_AVP_PACKET_PROC_DELAY 20 /* Packet Processing Delay (OBSOLETE) */ 134 #define L2TP_AVP_CALLED_NUMBER 21 /* Called Number */ 135 #define L2TP_AVP_CALLING_NUMBER 22 /* Calling Number */ 136 #define L2TP_AVP_SUB_ADDRESS 23 /* Sub-Address */ 137 #define L2TP_AVP_TX_CONN_SPEED 24 /* (Tx) Connect Speed */ 138 #define L2TP_AVP_PHY_CHANNEL_ID 25 /* Physical Channel ID */ 139 #define L2TP_AVP_INI_RECV_LCP 26 /* Initial Received LCP CONFREQ */ 140 #define L2TP_AVP_LAST_SENT_LCP 27 /* Last Sent LCP CONFREQ */ 141 #define L2TP_AVP_LAST_RECV_LCP 28 /* Last Received LCP CONFREQ */ 142 #define L2TP_AVP_PROXY_AUTH_TYPE 29 /* Proxy Authen Type */ 143 #define L2TP_AVP_PROXY_AUTH_NAME 30 /* Proxy Authen Name */ 144 #define L2TP_AVP_PROXY_AUTH_CHAL 31 /* Proxy Authen Challenge */ 145 #define L2TP_AVP_PROXY_AUTH_ID 32 /* Proxy Authen ID */ 146 #define L2TP_AVP_PROXY_AUTH_RESP 33 /* Proxy Authen Response */ 147 #define L2TP_AVP_CALL_ERRORS 34 /* Call Errors */ 148 #define L2TP_AVP_ACCM 35 /* ACCM */ 149 #define L2TP_AVP_RANDOM_VECTOR 36 /* Random Vector */ 150 #define L2TP_AVP_PRIVATE_GRP_ID 37 /* Private Group ID */ 151 #define L2TP_AVP_RX_CONN_SPEED 38 /* (Rx) Connect Speed */ 152 #define L2TP_AVP_SEQ_REQUIRED 39 /* Sequencing Required */ 153 #define L2TP_AVP_PPP_DISCON_CC 46 /* PPP Disconnect Cause Code - RFC 3145 */ 154 155 static const struct tok l2tp_avp2str[] = { 156 { L2TP_AVP_MSGTYPE, "MSGTYPE" }, 157 { L2TP_AVP_RESULT_CODE, "RESULT_CODE" }, 158 { L2TP_AVP_PROTO_VER, "PROTO_VER" }, 159 { L2TP_AVP_FRAMING_CAP, "FRAMING_CAP" }, 160 { L2TP_AVP_BEARER_CAP, "BEARER_CAP" }, 161 { L2TP_AVP_TIE_BREAKER, "TIE_BREAKER" }, 162 { L2TP_AVP_FIRM_VER, "FIRM_VER" }, 163 { L2TP_AVP_HOST_NAME, "HOST_NAME" }, 164 { L2TP_AVP_VENDOR_NAME, "VENDOR_NAME" }, 165 { L2TP_AVP_ASSND_TUN_ID, "ASSND_TUN_ID" }, 166 { L2TP_AVP_RECV_WIN_SIZE, "RECV_WIN_SIZE" }, 167 { L2TP_AVP_CHALLENGE, "CHALLENGE" }, 168 { L2TP_AVP_Q931_CC, "Q931_CC", }, 169 { L2TP_AVP_CHALLENGE_RESP, "CHALLENGE_RESP" }, 170 { L2TP_AVP_ASSND_SESS_ID, "ASSND_SESS_ID" }, 171 { L2TP_AVP_CALL_SER_NUM, "CALL_SER_NUM" }, 172 { L2TP_AVP_MINIMUM_BPS, "MINIMUM_BPS" }, 173 { L2TP_AVP_MAXIMUM_BPS, "MAXIMUM_BPS" }, 174 { L2TP_AVP_BEARER_TYPE, "BEARER_TYPE" }, 175 { L2TP_AVP_FRAMING_TYPE, "FRAMING_TYPE" }, 176 { L2TP_AVP_PACKET_PROC_DELAY, "PACKET_PROC_DELAY" }, 177 { L2TP_AVP_CALLED_NUMBER, "CALLED_NUMBER" }, 178 { L2TP_AVP_CALLING_NUMBER, "CALLING_NUMBER" }, 179 { L2TP_AVP_SUB_ADDRESS, "SUB_ADDRESS" }, 180 { L2TP_AVP_TX_CONN_SPEED, "TX_CONN_SPEED" }, 181 { L2TP_AVP_PHY_CHANNEL_ID, "PHY_CHANNEL_ID" }, 182 { L2TP_AVP_INI_RECV_LCP, "INI_RECV_LCP" }, 183 { L2TP_AVP_LAST_SENT_LCP, "LAST_SENT_LCP" }, 184 { L2TP_AVP_LAST_RECV_LCP, "LAST_RECV_LCP" }, 185 { L2TP_AVP_PROXY_AUTH_TYPE, "PROXY_AUTH_TYPE" }, 186 { L2TP_AVP_PROXY_AUTH_NAME, "PROXY_AUTH_NAME" }, 187 { L2TP_AVP_PROXY_AUTH_CHAL, "PROXY_AUTH_CHAL" }, 188 { L2TP_AVP_PROXY_AUTH_ID, "PROXY_AUTH_ID" }, 189 { L2TP_AVP_PROXY_AUTH_RESP, "PROXY_AUTH_RESP" }, 190 { L2TP_AVP_CALL_ERRORS, "CALL_ERRORS" }, 191 { L2TP_AVP_ACCM, "ACCM" }, 192 { L2TP_AVP_RANDOM_VECTOR, "RANDOM_VECTOR" }, 193 { L2TP_AVP_PRIVATE_GRP_ID, "PRIVATE_GRP_ID" }, 194 { L2TP_AVP_RX_CONN_SPEED, "RX_CONN_SPEED" }, 195 { L2TP_AVP_SEQ_REQUIRED, "SEQ_REQUIRED" }, 196 { L2TP_AVP_PPP_DISCON_CC, "PPP_DISCON_CC" }, 197 { 0, NULL } 198 }; 199 200 static const struct tok l2tp_authentype2str[] = { 201 { L2TP_AUTHEN_TYPE_RESERVED, "Reserved" }, 202 { L2TP_AUTHEN_TYPE_TEXTUAL, "Textual" }, 203 { L2TP_AUTHEN_TYPE_CHAP, "CHAP" }, 204 { L2TP_AUTHEN_TYPE_PAP, "PAP" }, 205 { L2TP_AUTHEN_TYPE_NO_AUTH, "No Auth" }, 206 { L2TP_AUTHEN_TYPE_MSCHAPv1, "MS-CHAPv1" }, 207 { 0, NULL } 208 }; 209 210 #define L2TP_PPP_DISCON_CC_DIRECTION_GLOBAL 0 211 #define L2TP_PPP_DISCON_CC_DIRECTION_AT_PEER 1 212 #define L2TP_PPP_DISCON_CC_DIRECTION_AT_LOCAL 2 213 214 static const struct tok l2tp_cc_direction2str[] = { 215 { L2TP_PPP_DISCON_CC_DIRECTION_GLOBAL, "global error" }, 216 { L2TP_PPP_DISCON_CC_DIRECTION_AT_PEER, "at peer" }, 217 { L2TP_PPP_DISCON_CC_DIRECTION_AT_LOCAL,"at local" }, 218 { 0, NULL } 219 }; 220 221 #if 0 222 static char *l2tp_result_code_StopCCN[] = { 223 "Reserved", 224 "General request to clear control connection", 225 "General error--Error Code indicates the problem", 226 "Control channel already exists", 227 "Requester is not authorized to establish a control channel", 228 "The protocol version of the requester is not supported", 229 "Requester is being shut down", 230 "Finite State Machine error" 231 #define L2TP_MAX_RESULT_CODE_STOPCC_INDEX 8 232 }; 233 #endif 234 235 #if 0 236 static char *l2tp_result_code_CDN[] = { 237 "Reserved", 238 "Call disconnected due to loss of carrier", 239 "Call disconnected for the reason indicated in error code", 240 "Call disconnected for administrative reasons", 241 "Call failed due to lack of appropriate facilities being " \ 242 "available (temporary condition)", 243 "Call failed due to lack of appropriate facilities being " \ 244 "available (permanent condition)", 245 "Invalid destination", 246 "Call failed due to no carrier detected", 247 "Call failed due to detection of a busy signal", 248 "Call failed due to lack of a dial tone", 249 "Call was not established within time allotted by LAC", 250 "Call was connected but no appropriate framing was detected" 251 #define L2TP_MAX_RESULT_CODE_CDN_INDEX 12 252 }; 253 #endif 254 255 #if 0 256 static char *l2tp_error_code_general[] = { 257 "No general error", 258 "No control connection exists yet for this LAC-LNS pair", 259 "Length is wrong", 260 "One of the field values was out of range or " \ 261 "reserved field was non-zero" 262 "Insufficient resources to handle this operation now", 263 "The Session ID is invalid in this context", 264 "A generic vendor-specific error occurred in the LAC", 265 "Try another" 266 #define L2TP_MAX_ERROR_CODE_GENERAL_INDEX 8 267 }; 268 #endif 269 270 /******************************/ 271 /* generic print out routines */ 272 /******************************/ 273 static void 274 print_string(netdissect_options *ndo, const u_char *dat, u_int length) 275 { 276 u_int i; 277 for (i=0; i<length; i++) { 278 ND_PRINT((ndo, "%c", *dat++)); 279 } 280 } 281 282 static void 283 print_octets(netdissect_options *ndo, const u_char *dat, u_int length) 284 { 285 u_int i; 286 for (i=0; i<length; i++) { 287 ND_PRINT((ndo, "%02x", *dat++)); 288 } 289 } 290 291 static void 292 print_16bits_val(netdissect_options *ndo, const uint8_t *dat) 293 { 294 ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat))); 295 } 296 297 static void 298 print_32bits_val(netdissect_options *ndo, const uint8_t *dat) 299 { 300 ND_PRINT((ndo, "%u", EXTRACT_32BITS(dat))); 301 } 302 303 /***********************************/ 304 /* AVP-specific print out routines */ 305 /***********************************/ 306 static void 307 l2tp_msgtype_print(netdissect_options *ndo, const u_char *dat, u_int length) 308 { 309 if (length < 2) { 310 ND_PRINT((ndo, "AVP too short")); 311 return; 312 } 313 ND_PRINT((ndo, "%s", tok2str(l2tp_msgtype2str, "MSGTYPE-#%u", 314 EXTRACT_16BITS(dat)))); 315 } 316 317 static void 318 l2tp_result_code_print(netdissect_options *ndo, const u_char *dat, u_int length) 319 { 320 /* Result Code */ 321 if (length < 2) { 322 ND_PRINT((ndo, "AVP too short")); 323 return; 324 } 325 ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat))); 326 dat += 2; 327 length -= 2; 328 329 /* Error Code (opt) */ 330 if (length == 0) 331 return; 332 if (length < 2) { 333 ND_PRINT((ndo, " AVP too short")); 334 return; 335 } 336 ND_PRINT((ndo, "/%u", EXTRACT_16BITS(dat))); 337 dat += 2; 338 length -= 2; 339 340 /* Error Message (opt) */ 341 if (length == 0) 342 return; 343 ND_PRINT((ndo, " ")); 344 print_string(ndo, dat, length); 345 } 346 347 static void 348 l2tp_proto_ver_print(netdissect_options *ndo, const u_char *dat, u_int length) 349 { 350 if (length < 2) { 351 ND_PRINT((ndo, "AVP too short")); 352 return; 353 } 354 ND_PRINT((ndo, "%u.%u", (EXTRACT_16BITS(dat) >> 8), 355 (EXTRACT_16BITS(dat) & 0xff))); 356 } 357 358 static void 359 l2tp_framing_cap_print(netdissect_options *ndo, const u_char *dat, u_int length) 360 { 361 if (length < 4) { 362 ND_PRINT((ndo, "AVP too short")); 363 return; 364 } 365 if (EXTRACT_32BITS(dat) & L2TP_FRAMING_CAP_ASYNC_MASK) { 366 ND_PRINT((ndo, "A")); 367 } 368 if (EXTRACT_32BITS(dat) & L2TP_FRAMING_CAP_SYNC_MASK) { 369 ND_PRINT((ndo, "S")); 370 } 371 } 372 373 static void 374 l2tp_bearer_cap_print(netdissect_options *ndo, const u_char *dat, u_int length) 375 { 376 if (length < 4) { 377 ND_PRINT((ndo, "AVP too short")); 378 return; 379 } 380 if (EXTRACT_32BITS(dat) & L2TP_BEARER_CAP_ANALOG_MASK) { 381 ND_PRINT((ndo, "A")); 382 } 383 if (EXTRACT_32BITS(dat) & L2TP_BEARER_CAP_DIGITAL_MASK) { 384 ND_PRINT((ndo, "D")); 385 } 386 } 387 388 static void 389 l2tp_q931_cc_print(netdissect_options *ndo, const u_char *dat, u_int length) 390 { 391 if (length < 3) { 392 ND_PRINT((ndo, "AVP too short")); 393 return; 394 } 395 print_16bits_val(ndo, dat); 396 ND_PRINT((ndo, ", %02x", EXTRACT_8BITS(dat + 2))); 397 dat += 3; 398 length -= 3; 399 if (length != 0) { 400 ND_PRINT((ndo, " ")); 401 print_string(ndo, dat, length); 402 } 403 } 404 405 static void 406 l2tp_bearer_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 407 { 408 if (length < 4) { 409 ND_PRINT((ndo, "AVP too short")); 410 return; 411 } 412 if (EXTRACT_32BITS(dat) & L2TP_BEARER_TYPE_ANALOG_MASK) { 413 ND_PRINT((ndo, "A")); 414 } 415 if (EXTRACT_32BITS(dat) & L2TP_BEARER_TYPE_DIGITAL_MASK) { 416 ND_PRINT((ndo, "D")); 417 } 418 } 419 420 static void 421 l2tp_framing_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 422 { 423 if (length < 4) { 424 ND_PRINT((ndo, "AVP too short")); 425 return; 426 } 427 if (EXTRACT_32BITS(dat) & L2TP_FRAMING_TYPE_ASYNC_MASK) { 428 ND_PRINT((ndo, "A")); 429 } 430 if (EXTRACT_32BITS(dat) & L2TP_FRAMING_TYPE_SYNC_MASK) { 431 ND_PRINT((ndo, "S")); 432 } 433 } 434 435 static void 436 l2tp_packet_proc_delay_print(netdissect_options *ndo) 437 { 438 ND_PRINT((ndo, "obsolete")); 439 } 440 441 static void 442 l2tp_proxy_auth_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 443 { 444 if (length < 2) { 445 ND_PRINT((ndo, "AVP too short")); 446 return; 447 } 448 ND_PRINT((ndo, "%s", tok2str(l2tp_authentype2str, 449 "AuthType-#%u", EXTRACT_16BITS(dat)))); 450 } 451 452 static void 453 l2tp_proxy_auth_id_print(netdissect_options *ndo, const u_char *dat, u_int length) 454 { 455 if (length < 2) { 456 ND_PRINT((ndo, "AVP too short")); 457 return; 458 } 459 ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat) & L2TP_PROXY_AUTH_ID_MASK)); 460 } 461 462 static void 463 l2tp_call_errors_print(netdissect_options *ndo, const u_char *dat, u_int length) 464 { 465 uint32_t val; 466 467 if (length < 2) { 468 ND_PRINT((ndo, "AVP too short")); 469 return; 470 } 471 dat += 2; /* skip "Reserved" */ 472 length -= 2; 473 474 if (length < 4) { 475 ND_PRINT((ndo, "AVP too short")); 476 return; 477 } 478 val = EXTRACT_32BITS(dat); dat += 4; length -= 4; 479 ND_PRINT((ndo, "CRCErr=%u ", val)); 480 481 if (length < 4) { 482 ND_PRINT((ndo, "AVP too short")); 483 return; 484 } 485 val = EXTRACT_32BITS(dat); dat += 4; length -= 4; 486 ND_PRINT((ndo, "FrameErr=%u ", val)); 487 488 if (length < 4) { 489 ND_PRINT((ndo, "AVP too short")); 490 return; 491 } 492 val = EXTRACT_32BITS(dat); dat += 4; length -= 4; 493 ND_PRINT((ndo, "HardOver=%u ", val)); 494 495 if (length < 4) { 496 ND_PRINT((ndo, "AVP too short")); 497 return; 498 } 499 val = EXTRACT_32BITS(dat); dat += 4; length -= 4; 500 ND_PRINT((ndo, "BufOver=%u ", val)); 501 502 if (length < 4) { 503 ND_PRINT((ndo, "AVP too short")); 504 return; 505 } 506 val = EXTRACT_32BITS(dat); dat += 4; length -= 4; 507 ND_PRINT((ndo, "Timeout=%u ", val)); 508 509 if (length < 4) { 510 ND_PRINT((ndo, "AVP too short")); 511 return; 512 } 513 val = EXTRACT_32BITS(dat); dat += 4; length -= 4; 514 ND_PRINT((ndo, "AlignErr=%u ", val)); 515 } 516 517 static void 518 l2tp_accm_print(netdissect_options *ndo, const u_char *dat, u_int length) 519 { 520 uint32_t val; 521 522 if (length < 2) { 523 ND_PRINT((ndo, "AVP too short")); 524 return; 525 } 526 dat += 2; /* skip "Reserved" */ 527 length -= 2; 528 529 if (length < 4) { 530 ND_PRINT((ndo, "AVP too short")); 531 return; 532 } 533 val = EXTRACT_32BITS(dat); dat += 4; length -= 4; 534 ND_PRINT((ndo, "send=%08x ", val)); 535 536 if (length < 4) { 537 ND_PRINT((ndo, "AVP too short")); 538 return; 539 } 540 val = EXTRACT_32BITS(dat); dat += 4; length -= 4; 541 ND_PRINT((ndo, "recv=%08x ", val)); 542 } 543 544 static void 545 l2tp_ppp_discon_cc_print(netdissect_options *ndo, const u_char *dat, u_int length) 546 { 547 if (length < 5) { 548 ND_PRINT((ndo, "AVP too short")); 549 return; 550 } 551 /* Disconnect Code */ 552 ND_PRINT((ndo, "%04x, ", EXTRACT_16BITS(dat))); 553 dat += 2; 554 length -= 2; 555 /* Control Protocol Number */ 556 ND_PRINT((ndo, "%04x ", EXTRACT_16BITS(dat))); 557 dat += 2; 558 length -= 2; 559 /* Direction */ 560 ND_PRINT((ndo, "%s", tok2str(l2tp_cc_direction2str, 561 "Direction-#%u", EXTRACT_8BITS(dat)))); 562 dat++; 563 length--; 564 565 if (length != 0) { 566 ND_PRINT((ndo, " ")); 567 print_string(ndo, (const u_char *)dat, length); 568 } 569 } 570 571 static u_int 572 l2tp_avp_print(netdissect_options *ndo, const u_char *dat, u_int length) 573 { 574 u_int len; 575 uint16_t attr_type; 576 int hidden = FALSE; 577 578 ND_PRINT((ndo, " ")); 579 580 ND_TCHECK_16BITS(dat); /* Flags & Length */ 581 len = EXTRACT_16BITS(dat) & L2TP_AVP_HDR_LEN_MASK; 582 583 /* If it is not long enough to contain the header, we'll give up. */ 584 if (len < 6) 585 goto trunc; 586 587 /* If it goes past the end of the remaining length of the packet, 588 we'll give up. */ 589 if (len > (u_int)length) 590 goto trunc; 591 592 /* If it goes past the end of the remaining length of the captured 593 data, we'll give up. */ 594 ND_TCHECK2(*dat, len); 595 596 /* 597 * After this point, we don't need to check whether we go past 598 * the length of the captured data; however, we *do* need to 599 * check whether we go past the end of the AVP. 600 */ 601 602 if (EXTRACT_16BITS(dat) & L2TP_AVP_HDR_FLAG_MANDATORY) { 603 ND_PRINT((ndo, "*")); 604 } 605 if (EXTRACT_16BITS(dat) & L2TP_AVP_HDR_FLAG_HIDDEN) { 606 hidden = TRUE; 607 ND_PRINT((ndo, "?")); 608 } 609 dat += 2; 610 611 if (EXTRACT_16BITS(dat)) { 612 /* Vendor Specific Attribute */ 613 ND_PRINT((ndo, "VENDOR%04x:", EXTRACT_16BITS(dat))); dat += 2; 614 ND_PRINT((ndo, "ATTR%04x", EXTRACT_16BITS(dat))); dat += 2; 615 ND_PRINT((ndo, "(")); 616 print_octets(ndo, dat, len-6); 617 ND_PRINT((ndo, ")")); 618 } else { 619 /* IETF-defined Attributes */ 620 dat += 2; 621 attr_type = EXTRACT_16BITS(dat); dat += 2; 622 ND_PRINT((ndo, "%s", tok2str(l2tp_avp2str, "AVP-#%u", attr_type))); 623 ND_PRINT((ndo, "(")); 624 if (hidden) { 625 ND_PRINT((ndo, "???")); 626 } else { 627 switch (attr_type) { 628 case L2TP_AVP_MSGTYPE: 629 l2tp_msgtype_print(ndo, dat, len-6); 630 break; 631 case L2TP_AVP_RESULT_CODE: 632 l2tp_result_code_print(ndo, dat, len-6); 633 break; 634 case L2TP_AVP_PROTO_VER: 635 l2tp_proto_ver_print(ndo, dat, len-6); 636 break; 637 case L2TP_AVP_FRAMING_CAP: 638 l2tp_framing_cap_print(ndo, dat, len-6); 639 break; 640 case L2TP_AVP_BEARER_CAP: 641 l2tp_bearer_cap_print(ndo, dat, len-6); 642 break; 643 case L2TP_AVP_TIE_BREAKER: 644 if (len-6 < 8) { 645 ND_PRINT((ndo, "AVP too short")); 646 break; 647 } 648 print_octets(ndo, dat, 8); 649 break; 650 case L2TP_AVP_FIRM_VER: 651 case L2TP_AVP_ASSND_TUN_ID: 652 case L2TP_AVP_RECV_WIN_SIZE: 653 case L2TP_AVP_ASSND_SESS_ID: 654 if (len-6 < 2) { 655 ND_PRINT((ndo, "AVP too short")); 656 break; 657 } 658 print_16bits_val(ndo, dat); 659 break; 660 case L2TP_AVP_HOST_NAME: 661 case L2TP_AVP_VENDOR_NAME: 662 case L2TP_AVP_CALLING_NUMBER: 663 case L2TP_AVP_CALLED_NUMBER: 664 case L2TP_AVP_SUB_ADDRESS: 665 case L2TP_AVP_PROXY_AUTH_NAME: 666 case L2TP_AVP_PRIVATE_GRP_ID: 667 print_string(ndo, dat, len-6); 668 break; 669 case L2TP_AVP_CHALLENGE: 670 case L2TP_AVP_INI_RECV_LCP: 671 case L2TP_AVP_LAST_SENT_LCP: 672 case L2TP_AVP_LAST_RECV_LCP: 673 case L2TP_AVP_PROXY_AUTH_CHAL: 674 case L2TP_AVP_PROXY_AUTH_RESP: 675 case L2TP_AVP_RANDOM_VECTOR: 676 print_octets(ndo, dat, len-6); 677 break; 678 case L2TP_AVP_Q931_CC: 679 l2tp_q931_cc_print(ndo, dat, len-6); 680 break; 681 case L2TP_AVP_CHALLENGE_RESP: 682 if (len-6 < 16) { 683 ND_PRINT((ndo, "AVP too short")); 684 break; 685 } 686 print_octets(ndo, dat, 16); 687 break; 688 case L2TP_AVP_CALL_SER_NUM: 689 case L2TP_AVP_MINIMUM_BPS: 690 case L2TP_AVP_MAXIMUM_BPS: 691 case L2TP_AVP_TX_CONN_SPEED: 692 case L2TP_AVP_PHY_CHANNEL_ID: 693 case L2TP_AVP_RX_CONN_SPEED: 694 if (len-6 < 4) { 695 ND_PRINT((ndo, "AVP too short")); 696 break; 697 } 698 print_32bits_val(ndo, dat); 699 break; 700 case L2TP_AVP_BEARER_TYPE: 701 l2tp_bearer_type_print(ndo, dat, len-6); 702 break; 703 case L2TP_AVP_FRAMING_TYPE: 704 l2tp_framing_type_print(ndo, dat, len-6); 705 break; 706 case L2TP_AVP_PACKET_PROC_DELAY: 707 l2tp_packet_proc_delay_print(ndo); 708 break; 709 case L2TP_AVP_PROXY_AUTH_TYPE: 710 l2tp_proxy_auth_type_print(ndo, dat, len-6); 711 break; 712 case L2TP_AVP_PROXY_AUTH_ID: 713 l2tp_proxy_auth_id_print(ndo, dat, len-6); 714 break; 715 case L2TP_AVP_CALL_ERRORS: 716 l2tp_call_errors_print(ndo, dat, len-6); 717 break; 718 case L2TP_AVP_ACCM: 719 l2tp_accm_print(ndo, dat, len-6); 720 break; 721 case L2TP_AVP_SEQ_REQUIRED: 722 break; /* No Attribute Value */ 723 case L2TP_AVP_PPP_DISCON_CC: 724 l2tp_ppp_discon_cc_print(ndo, dat, len-6); 725 break; 726 default: 727 break; 728 } 729 } 730 ND_PRINT((ndo, ")")); 731 } 732 733 return (len); 734 735 trunc: 736 ND_PRINT((ndo, "|...")); 737 return (0); 738 } 739 740 741 void 742 l2tp_print(netdissect_options *ndo, const u_char *dat, u_int length) 743 { 744 const u_char *ptr = dat; 745 u_int cnt = 0; /* total octets consumed */ 746 uint16_t pad; 747 int flag_t, flag_l, flag_s, flag_o; 748 uint16_t l2tp_len; 749 750 flag_t = flag_l = flag_s = flag_o = FALSE; 751 752 ND_TCHECK2(*ptr, 2); /* Flags & Version */ 753 if ((EXTRACT_16BITS(ptr) & L2TP_VERSION_MASK) == L2TP_VERSION_L2TP) { 754 ND_PRINT((ndo, " l2tp:")); 755 } else if ((EXTRACT_16BITS(ptr) & L2TP_VERSION_MASK) == L2TP_VERSION_L2F) { 756 ND_PRINT((ndo, " l2f:")); 757 return; /* nothing to do */ 758 } else { 759 ND_PRINT((ndo, " Unknown Version, neither L2F(1) nor L2TP(2)")); 760 return; /* nothing we can do */ 761 } 762 763 ND_PRINT((ndo, "[")); 764 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_TYPE) { 765 flag_t = TRUE; 766 ND_PRINT((ndo, "T")); 767 } 768 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_LENGTH) { 769 flag_l = TRUE; 770 ND_PRINT((ndo, "L")); 771 } 772 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_SEQUENCE) { 773 flag_s = TRUE; 774 ND_PRINT((ndo, "S")); 775 } 776 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_OFFSET) { 777 flag_o = TRUE; 778 ND_PRINT((ndo, "O")); 779 } 780 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_PRIORITY) 781 ND_PRINT((ndo, "P")); 782 ND_PRINT((ndo, "]")); 783 784 ptr += 2; 785 cnt += 2; 786 787 if (flag_l) { 788 ND_TCHECK2(*ptr, 2); /* Length */ 789 l2tp_len = EXTRACT_16BITS(ptr); 790 ptr += 2; 791 cnt += 2; 792 } else { 793 l2tp_len = 0; 794 } 795 796 ND_TCHECK2(*ptr, 2); /* Tunnel ID */ 797 ND_PRINT((ndo, "(%u/", EXTRACT_16BITS(ptr))); 798 ptr += 2; 799 cnt += 2; 800 ND_TCHECK2(*ptr, 2); /* Session ID */ 801 ND_PRINT((ndo, "%u)", EXTRACT_16BITS(ptr))); 802 ptr += 2; 803 cnt += 2; 804 805 if (flag_s) { 806 ND_TCHECK2(*ptr, 2); /* Ns */ 807 ND_PRINT((ndo, "Ns=%u,", EXTRACT_16BITS(ptr))); 808 ptr += 2; 809 cnt += 2; 810 ND_TCHECK2(*ptr, 2); /* Nr */ 811 ND_PRINT((ndo, "Nr=%u", EXTRACT_16BITS(ptr))); 812 ptr += 2; 813 cnt += 2; 814 } 815 816 if (flag_o) { 817 ND_TCHECK2(*ptr, 2); /* Offset Size */ 818 pad = EXTRACT_16BITS(ptr); 819 ptr += (2 + pad); 820 cnt += (2 + pad); 821 } 822 823 if (flag_l) { 824 if (length < l2tp_len) { 825 ND_PRINT((ndo, " Length %u larger than packet", l2tp_len)); 826 return; 827 } 828 length = l2tp_len; 829 } 830 if (length < cnt) { 831 ND_PRINT((ndo, " Length %u smaller than header length", length)); 832 return; 833 } 834 if (flag_t) { 835 if (!flag_l) { 836 ND_PRINT((ndo, " No length")); 837 return; 838 } 839 if (length - cnt == 0) { 840 ND_PRINT((ndo, " ZLB")); 841 } else { 842 /* 843 * Print AVPs. 844 */ 845 while (length - cnt != 0) { 846 u_int avp_length; 847 848 avp_length = l2tp_avp_print(ndo, ptr, length - cnt); 849 if (avp_length == 0) { 850 /* 851 * Truncated. 852 */ 853 break; 854 } 855 cnt += avp_length; 856 ptr += avp_length; 857 } 858 } 859 } else { 860 ND_PRINT((ndo, " {")); 861 ppp_print(ndo, ptr, length - cnt); 862 ND_PRINT((ndo, "}")); 863 } 864 865 return; 866 867 trunc: 868 ND_PRINT((ndo, "%s", tstr)); 869 } 870