1 /* 2 * Copyright (c) 1991, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * L2TP support contributed by Motonori Shindo (mshindo@mshindo.net) 22 */ 23 24 #include <sys/cdefs.h> 25 #ifndef lint 26 __RCSID("$NetBSD: print-l2tp.c,v 1.8 2017/09/08 14:01:13 christos Exp $"); 27 #endif 28 29 /* \summary: Layer Two Tunneling Protocol (L2TP) printer */ 30 31 #ifdef HAVE_CONFIG_H 32 #include "config.h" 33 #endif 34 35 #include <netdissect-stdinc.h> 36 37 #include "netdissect.h" 38 #include "extract.h" 39 40 #define L2TP_FLAG_TYPE 0x8000 /* Type (0=Data, 1=Control) */ 41 #define L2TP_FLAG_LENGTH 0x4000 /* Length */ 42 #define L2TP_FLAG_SEQUENCE 0x0800 /* Sequence */ 43 #define L2TP_FLAG_OFFSET 0x0200 /* Offset */ 44 #define L2TP_FLAG_PRIORITY 0x0100 /* Priority */ 45 46 #define L2TP_VERSION_MASK 0x000f /* Version Mask */ 47 #define L2TP_VERSION_L2F 0x0001 /* L2F */ 48 #define L2TP_VERSION_L2TP 0x0002 /* L2TP */ 49 50 #define L2TP_AVP_HDR_FLAG_MANDATORY 0x8000 /* Mandatory Flag */ 51 #define L2TP_AVP_HDR_FLAG_HIDDEN 0x4000 /* Hidden Flag */ 52 #define L2TP_AVP_HDR_LEN_MASK 0x03ff /* Length Mask */ 53 54 #define L2TP_FRAMING_CAP_SYNC_MASK 0x00000001 /* Synchronous */ 55 #define L2TP_FRAMING_CAP_ASYNC_MASK 0x00000002 /* Asynchronous */ 56 57 #define L2TP_FRAMING_TYPE_SYNC_MASK 0x00000001 /* Synchronous */ 58 #define L2TP_FRAMING_TYPE_ASYNC_MASK 0x00000002 /* Asynchronous */ 59 60 #define L2TP_BEARER_CAP_DIGITAL_MASK 0x00000001 /* Digital */ 61 #define L2TP_BEARER_CAP_ANALOG_MASK 0x00000002 /* Analog */ 62 63 #define L2TP_BEARER_TYPE_DIGITAL_MASK 0x00000001 /* Digital */ 64 #define L2TP_BEARER_TYPE_ANALOG_MASK 0x00000002 /* Analog */ 65 66 /* Authen Type */ 67 #define L2TP_AUTHEN_TYPE_RESERVED 0x0000 /* Reserved */ 68 #define L2TP_AUTHEN_TYPE_TEXTUAL 0x0001 /* Textual username/password exchange */ 69 #define L2TP_AUTHEN_TYPE_CHAP 0x0002 /* PPP CHAP */ 70 #define L2TP_AUTHEN_TYPE_PAP 0x0003 /* PPP PAP */ 71 #define L2TP_AUTHEN_TYPE_NO_AUTH 0x0004 /* No Authentication */ 72 #define L2TP_AUTHEN_TYPE_MSCHAPv1 0x0005 /* MSCHAPv1 */ 73 74 #define L2TP_PROXY_AUTH_ID_MASK 0x00ff 75 76 static const char tstr[] = " [|l2tp]"; 77 78 #define L2TP_MSGTYPE_SCCRQ 1 /* Start-Control-Connection-Request */ 79 #define L2TP_MSGTYPE_SCCRP 2 /* Start-Control-Connection-Reply */ 80 #define L2TP_MSGTYPE_SCCCN 3 /* Start-Control-Connection-Connected */ 81 #define L2TP_MSGTYPE_STOPCCN 4 /* Stop-Control-Connection-Notification */ 82 #define L2TP_MSGTYPE_HELLO 6 /* Hello */ 83 #define L2TP_MSGTYPE_OCRQ 7 /* Outgoing-Call-Request */ 84 #define L2TP_MSGTYPE_OCRP 8 /* Outgoing-Call-Reply */ 85 #define L2TP_MSGTYPE_OCCN 9 /* Outgoing-Call-Connected */ 86 #define L2TP_MSGTYPE_ICRQ 10 /* Incoming-Call-Request */ 87 #define L2TP_MSGTYPE_ICRP 11 /* Incoming-Call-Reply */ 88 #define L2TP_MSGTYPE_ICCN 12 /* Incoming-Call-Connected */ 89 #define L2TP_MSGTYPE_CDN 14 /* Call-Disconnect-Notify */ 90 #define L2TP_MSGTYPE_WEN 15 /* WAN-Error-Notify */ 91 #define L2TP_MSGTYPE_SLI 16 /* Set-Link-Info */ 92 93 static const struct tok l2tp_msgtype2str[] = { 94 { L2TP_MSGTYPE_SCCRQ, "SCCRQ" }, 95 { L2TP_MSGTYPE_SCCRP, "SCCRP" }, 96 { L2TP_MSGTYPE_SCCCN, "SCCCN" }, 97 { L2TP_MSGTYPE_STOPCCN, "StopCCN" }, 98 { L2TP_MSGTYPE_HELLO, "HELLO" }, 99 { L2TP_MSGTYPE_OCRQ, "OCRQ" }, 100 { L2TP_MSGTYPE_OCRP, "OCRP" }, 101 { L2TP_MSGTYPE_OCCN, "OCCN" }, 102 { L2TP_MSGTYPE_ICRQ, "ICRQ" }, 103 { L2TP_MSGTYPE_ICRP, "ICRP" }, 104 { L2TP_MSGTYPE_ICCN, "ICCN" }, 105 { L2TP_MSGTYPE_CDN, "CDN" }, 106 { L2TP_MSGTYPE_WEN, "WEN" }, 107 { L2TP_MSGTYPE_SLI, "SLI" }, 108 { 0, NULL } 109 }; 110 111 #define L2TP_AVP_MSGTYPE 0 /* Message Type */ 112 #define L2TP_AVP_RESULT_CODE 1 /* Result Code */ 113 #define L2TP_AVP_PROTO_VER 2 /* Protocol Version */ 114 #define L2TP_AVP_FRAMING_CAP 3 /* Framing Capabilities */ 115 #define L2TP_AVP_BEARER_CAP 4 /* Bearer Capabilities */ 116 #define L2TP_AVP_TIE_BREAKER 5 /* Tie Breaker */ 117 #define L2TP_AVP_FIRM_VER 6 /* Firmware Revision */ 118 #define L2TP_AVP_HOST_NAME 7 /* Host Name */ 119 #define L2TP_AVP_VENDOR_NAME 8 /* Vendor Name */ 120 #define L2TP_AVP_ASSND_TUN_ID 9 /* Assigned Tunnel ID */ 121 #define L2TP_AVP_RECV_WIN_SIZE 10 /* Receive Window Size */ 122 #define L2TP_AVP_CHALLENGE 11 /* Challenge */ 123 #define L2TP_AVP_Q931_CC 12 /* Q.931 Cause Code */ 124 #define L2TP_AVP_CHALLENGE_RESP 13 /* Challenge Response */ 125 #define L2TP_AVP_ASSND_SESS_ID 14 /* Assigned Session ID */ 126 #define L2TP_AVP_CALL_SER_NUM 15 /* Call Serial Number */ 127 #define L2TP_AVP_MINIMUM_BPS 16 /* Minimum BPS */ 128 #define L2TP_AVP_MAXIMUM_BPS 17 /* Maximum BPS */ 129 #define L2TP_AVP_BEARER_TYPE 18 /* Bearer Type */ 130 #define L2TP_AVP_FRAMING_TYPE 19 /* Framing Type */ 131 #define L2TP_AVP_PACKET_PROC_DELAY 20 /* Packet Processing Delay (OBSOLETE) */ 132 #define L2TP_AVP_CALLED_NUMBER 21 /* Called Number */ 133 #define L2TP_AVP_CALLING_NUMBER 22 /* Calling Number */ 134 #define L2TP_AVP_SUB_ADDRESS 23 /* Sub-Address */ 135 #define L2TP_AVP_TX_CONN_SPEED 24 /* (Tx) Connect Speed */ 136 #define L2TP_AVP_PHY_CHANNEL_ID 25 /* Physical Channel ID */ 137 #define L2TP_AVP_INI_RECV_LCP 26 /* Initial Received LCP CONFREQ */ 138 #define L2TP_AVP_LAST_SENT_LCP 27 /* Last Sent LCP CONFREQ */ 139 #define L2TP_AVP_LAST_RECV_LCP 28 /* Last Received LCP CONFREQ */ 140 #define L2TP_AVP_PROXY_AUTH_TYPE 29 /* Proxy Authen Type */ 141 #define L2TP_AVP_PROXY_AUTH_NAME 30 /* Proxy Authen Name */ 142 #define L2TP_AVP_PROXY_AUTH_CHAL 31 /* Proxy Authen Challenge */ 143 #define L2TP_AVP_PROXY_AUTH_ID 32 /* Proxy Authen ID */ 144 #define L2TP_AVP_PROXY_AUTH_RESP 33 /* Proxy Authen Response */ 145 #define L2TP_AVP_CALL_ERRORS 34 /* Call Errors */ 146 #define L2TP_AVP_ACCM 35 /* ACCM */ 147 #define L2TP_AVP_RANDOM_VECTOR 36 /* Random Vector */ 148 #define L2TP_AVP_PRIVATE_GRP_ID 37 /* Private Group ID */ 149 #define L2TP_AVP_RX_CONN_SPEED 38 /* (Rx) Connect Speed */ 150 #define L2TP_AVP_SEQ_REQUIRED 39 /* Sequencing Required */ 151 #define L2TP_AVP_PPP_DISCON_CC 46 /* PPP Disconnect Cause Code */ 152 153 static const struct tok l2tp_avp2str[] = { 154 { L2TP_AVP_MSGTYPE, "MSGTYPE" }, 155 { L2TP_AVP_RESULT_CODE, "RESULT_CODE" }, 156 { L2TP_AVP_PROTO_VER, "PROTO_VER" }, 157 { L2TP_AVP_FRAMING_CAP, "FRAMING_CAP" }, 158 { L2TP_AVP_BEARER_CAP, "BEARER_CAP" }, 159 { L2TP_AVP_TIE_BREAKER, "TIE_BREAKER" }, 160 { L2TP_AVP_FIRM_VER, "FIRM_VER" }, 161 { L2TP_AVP_HOST_NAME, "HOST_NAME" }, 162 { L2TP_AVP_VENDOR_NAME, "VENDOR_NAME" }, 163 { L2TP_AVP_ASSND_TUN_ID, "ASSND_TUN_ID" }, 164 { L2TP_AVP_RECV_WIN_SIZE, "RECV_WIN_SIZE" }, 165 { L2TP_AVP_CHALLENGE, "CHALLENGE" }, 166 { L2TP_AVP_Q931_CC, "Q931_CC", }, 167 { L2TP_AVP_CHALLENGE_RESP, "CHALLENGE_RESP" }, 168 { L2TP_AVP_ASSND_SESS_ID, "ASSND_SESS_ID" }, 169 { L2TP_AVP_CALL_SER_NUM, "CALL_SER_NUM" }, 170 { L2TP_AVP_MINIMUM_BPS, "MINIMUM_BPS" }, 171 { L2TP_AVP_MAXIMUM_BPS, "MAXIMUM_BPS" }, 172 { L2TP_AVP_BEARER_TYPE, "BEARER_TYPE" }, 173 { L2TP_AVP_FRAMING_TYPE, "FRAMING_TYPE" }, 174 { L2TP_AVP_PACKET_PROC_DELAY, "PACKET_PROC_DELAY" }, 175 { L2TP_AVP_CALLED_NUMBER, "CALLED_NUMBER" }, 176 { L2TP_AVP_CALLING_NUMBER, "CALLING_NUMBER" }, 177 { L2TP_AVP_SUB_ADDRESS, "SUB_ADDRESS" }, 178 { L2TP_AVP_TX_CONN_SPEED, "TX_CONN_SPEED" }, 179 { L2TP_AVP_PHY_CHANNEL_ID, "PHY_CHANNEL_ID" }, 180 { L2TP_AVP_INI_RECV_LCP, "INI_RECV_LCP" }, 181 { L2TP_AVP_LAST_SENT_LCP, "LAST_SENT_LCP" }, 182 { L2TP_AVP_LAST_RECV_LCP, "LAST_RECV_LCP" }, 183 { L2TP_AVP_PROXY_AUTH_TYPE, "PROXY_AUTH_TYPE" }, 184 { L2TP_AVP_PROXY_AUTH_NAME, "PROXY_AUTH_NAME" }, 185 { L2TP_AVP_PROXY_AUTH_CHAL, "PROXY_AUTH_CHAL" }, 186 { L2TP_AVP_PROXY_AUTH_ID, "PROXY_AUTH_ID" }, 187 { L2TP_AVP_PROXY_AUTH_RESP, "PROXY_AUTH_RESP" }, 188 { L2TP_AVP_CALL_ERRORS, "CALL_ERRORS" }, 189 { L2TP_AVP_ACCM, "ACCM" }, 190 { L2TP_AVP_RANDOM_VECTOR, "RANDOM_VECTOR" }, 191 { L2TP_AVP_PRIVATE_GRP_ID, "PRIVATE_GRP_ID" }, 192 { L2TP_AVP_RX_CONN_SPEED, "RX_CONN_SPEED" }, 193 { L2TP_AVP_SEQ_REQUIRED, "SEQ_REQUIRED" }, 194 { L2TP_AVP_PPP_DISCON_CC, "PPP_DISCON_CC" }, 195 { 0, NULL } 196 }; 197 198 static const struct tok l2tp_authentype2str[] = { 199 { L2TP_AUTHEN_TYPE_RESERVED, "Reserved" }, 200 { L2TP_AUTHEN_TYPE_TEXTUAL, "Textual" }, 201 { L2TP_AUTHEN_TYPE_CHAP, "CHAP" }, 202 { L2TP_AUTHEN_TYPE_PAP, "PAP" }, 203 { L2TP_AUTHEN_TYPE_NO_AUTH, "No Auth" }, 204 { L2TP_AUTHEN_TYPE_MSCHAPv1, "MS-CHAPv1" }, 205 { 0, NULL } 206 }; 207 208 #define L2TP_PPP_DISCON_CC_DIRECTION_GLOBAL 0 209 #define L2TP_PPP_DISCON_CC_DIRECTION_AT_PEER 1 210 #define L2TP_PPP_DISCON_CC_DIRECTION_AT_LOCAL 2 211 212 static const struct tok l2tp_cc_direction2str[] = { 213 { L2TP_PPP_DISCON_CC_DIRECTION_GLOBAL, "global error" }, 214 { L2TP_PPP_DISCON_CC_DIRECTION_AT_PEER, "at peer" }, 215 { L2TP_PPP_DISCON_CC_DIRECTION_AT_LOCAL,"at local" }, 216 { 0, NULL } 217 }; 218 219 #if 0 220 static char *l2tp_result_code_StopCCN[] = { 221 "Reserved", 222 "General request to clear control connection", 223 "General error--Error Code indicates the problem", 224 "Control channel already exists", 225 "Requester is not authorized to establish a control channel", 226 "The protocol version of the requester is not supported", 227 "Requester is being shut down", 228 "Finite State Machine error" 229 #define L2TP_MAX_RESULT_CODE_STOPCC_INDEX 8 230 }; 231 #endif 232 233 #if 0 234 static char *l2tp_result_code_CDN[] = { 235 "Reserved", 236 "Call disconnected due to loss of carrier", 237 "Call disconnected for the reason indicated in error code", 238 "Call disconnected for administrative reasons", 239 "Call failed due to lack of appropriate facilities being " \ 240 "available (temporary condition)", 241 "Call failed due to lack of appropriate facilities being " \ 242 "available (permanent condition)", 243 "Invalid destination", 244 "Call failed due to no carrier detected", 245 "Call failed due to detection of a busy signal", 246 "Call failed due to lack of a dial tone", 247 "Call was not established within time allotted by LAC", 248 "Call was connected but no appropriate framing was detected" 249 #define L2TP_MAX_RESULT_CODE_CDN_INDEX 12 250 }; 251 #endif 252 253 #if 0 254 static char *l2tp_error_code_general[] = { 255 "No general error", 256 "No control connection exists yet for this LAC-LNS pair", 257 "Length is wrong", 258 "One of the field values was out of range or " \ 259 "reserved field was non-zero" 260 "Insufficient resources to handle this operation now", 261 "The Session ID is invalid in this context", 262 "A generic vendor-specific error occurred in the LAC", 263 "Try another" 264 #define L2TP_MAX_ERROR_CODE_GENERAL_INDEX 8 265 }; 266 #endif 267 268 /******************************/ 269 /* generic print out routines */ 270 /******************************/ 271 static void 272 print_string(netdissect_options *ndo, const u_char *dat, u_int length) 273 { 274 u_int i; 275 for (i=0; i<length; i++) { 276 ND_PRINT((ndo, "%c", *dat++)); 277 } 278 } 279 280 static void 281 print_octets(netdissect_options *ndo, const u_char *dat, u_int length) 282 { 283 u_int i; 284 for (i=0; i<length; i++) { 285 ND_PRINT((ndo, "%02x", *dat++)); 286 } 287 } 288 289 static void 290 print_16bits_val(netdissect_options *ndo, const uint16_t *dat) 291 { 292 ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat))); 293 } 294 295 static void 296 print_32bits_val(netdissect_options *ndo, const uint32_t *dat) 297 { 298 ND_PRINT((ndo, "%lu", (u_long)EXTRACT_32BITS(dat))); 299 } 300 301 /***********************************/ 302 /* AVP-specific print out routines */ 303 /***********************************/ 304 static void 305 l2tp_msgtype_print(netdissect_options *ndo, const u_char *dat, u_int length) 306 { 307 const uint16_t *ptr = (const uint16_t *)dat; 308 309 if (length < 2) { 310 ND_PRINT((ndo, "AVP too short")); 311 return; 312 } 313 ND_PRINT((ndo, "%s", tok2str(l2tp_msgtype2str, "MSGTYPE-#%u", 314 EXTRACT_16BITS(ptr)))); 315 } 316 317 static void 318 l2tp_result_code_print(netdissect_options *ndo, const u_char *dat, u_int length) 319 { 320 const uint16_t *ptr = (const uint16_t *)dat; 321 322 /* Result Code */ 323 if (length < 2) { 324 ND_PRINT((ndo, "AVP too short")); 325 return; 326 } 327 ND_PRINT((ndo, "%u", EXTRACT_16BITS(ptr))); 328 ptr++; 329 length -= 2; 330 331 /* Error Code (opt) */ 332 if (length == 0) 333 return; 334 if (length < 2) { 335 ND_PRINT((ndo, " AVP too short")); 336 return; 337 } 338 ND_PRINT((ndo, "/%u", EXTRACT_16BITS(ptr))); 339 ptr++; 340 length -= 2; 341 342 /* Error Message (opt) */ 343 if (length == 0) 344 return; 345 ND_PRINT((ndo, " ")); 346 print_string(ndo, (const u_char *)ptr, length); 347 } 348 349 static void 350 l2tp_proto_ver_print(netdissect_options *ndo, const uint16_t *dat, u_int length) 351 { 352 if (length < 2) { 353 ND_PRINT((ndo, "AVP too short")); 354 return; 355 } 356 ND_PRINT((ndo, "%u.%u", (EXTRACT_16BITS(dat) >> 8), 357 (EXTRACT_16BITS(dat) & 0xff))); 358 } 359 360 static void 361 l2tp_framing_cap_print(netdissect_options *ndo, const u_char *dat, u_int length) 362 { 363 const uint32_t *ptr = (const uint32_t *)dat; 364 365 if (length < 4) { 366 ND_PRINT((ndo, "AVP too short")); 367 return; 368 } 369 if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_CAP_ASYNC_MASK) { 370 ND_PRINT((ndo, "A")); 371 } 372 if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_CAP_SYNC_MASK) { 373 ND_PRINT((ndo, "S")); 374 } 375 } 376 377 static void 378 l2tp_bearer_cap_print(netdissect_options *ndo, const u_char *dat, u_int length) 379 { 380 const uint32_t *ptr = (const uint32_t *)dat; 381 382 if (length < 4) { 383 ND_PRINT((ndo, "AVP too short")); 384 return; 385 } 386 if (EXTRACT_32BITS(ptr) & L2TP_BEARER_CAP_ANALOG_MASK) { 387 ND_PRINT((ndo, "A")); 388 } 389 if (EXTRACT_32BITS(ptr) & L2TP_BEARER_CAP_DIGITAL_MASK) { 390 ND_PRINT((ndo, "D")); 391 } 392 } 393 394 static void 395 l2tp_q931_cc_print(netdissect_options *ndo, const u_char *dat, u_int length) 396 { 397 if (length < 3) { 398 ND_PRINT((ndo, "AVP too short")); 399 return; 400 } 401 print_16bits_val(ndo, (const uint16_t *)dat); 402 ND_PRINT((ndo, ", %02x", dat[2])); 403 dat += 3; 404 length -= 3; 405 if (length != 0) { 406 ND_PRINT((ndo, " ")); 407 print_string(ndo, dat, length); 408 } 409 } 410 411 static void 412 l2tp_bearer_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 413 { 414 const uint32_t *ptr = (const uint32_t *)dat; 415 416 if (length < 4) { 417 ND_PRINT((ndo, "AVP too short")); 418 return; 419 } 420 if (EXTRACT_32BITS(ptr) & L2TP_BEARER_TYPE_ANALOG_MASK) { 421 ND_PRINT((ndo, "A")); 422 } 423 if (EXTRACT_32BITS(ptr) & L2TP_BEARER_TYPE_DIGITAL_MASK) { 424 ND_PRINT((ndo, "D")); 425 } 426 } 427 428 static void 429 l2tp_framing_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 430 { 431 const uint32_t *ptr = (const uint32_t *)dat; 432 433 if (length < 4) { 434 ND_PRINT((ndo, "AVP too short")); 435 return; 436 } 437 if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_TYPE_ASYNC_MASK) { 438 ND_PRINT((ndo, "A")); 439 } 440 if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_TYPE_SYNC_MASK) { 441 ND_PRINT((ndo, "S")); 442 } 443 } 444 445 static void 446 l2tp_packet_proc_delay_print(netdissect_options *ndo) 447 { 448 ND_PRINT((ndo, "obsolete")); 449 } 450 451 static void 452 l2tp_proxy_auth_type_print(netdissect_options *ndo, const u_char *dat, u_int length) 453 { 454 const uint16_t *ptr = (const uint16_t *)dat; 455 456 if (length < 2) { 457 ND_PRINT((ndo, "AVP too short")); 458 return; 459 } 460 ND_PRINT((ndo, "%s", tok2str(l2tp_authentype2str, 461 "AuthType-#%u", EXTRACT_16BITS(ptr)))); 462 } 463 464 static void 465 l2tp_proxy_auth_id_print(netdissect_options *ndo, const u_char *dat, u_int length) 466 { 467 const uint16_t *ptr = (const uint16_t *)dat; 468 469 if (length < 2) { 470 ND_PRINT((ndo, "AVP too short")); 471 return; 472 } 473 ND_PRINT((ndo, "%u", EXTRACT_16BITS(ptr) & L2TP_PROXY_AUTH_ID_MASK)); 474 } 475 476 static void 477 l2tp_call_errors_print(netdissect_options *ndo, const u_char *dat, u_int length) 478 { 479 const uint16_t *ptr = (const uint16_t *)dat; 480 uint16_t val_h, val_l; 481 482 if (length < 2) { 483 ND_PRINT((ndo, "AVP too short")); 484 return; 485 } 486 ptr++; /* skip "Reserved" */ 487 length -= 2; 488 489 if (length < 4) { 490 ND_PRINT((ndo, "AVP too short")); 491 return; 492 } 493 val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2; 494 val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2; 495 ND_PRINT((ndo, "CRCErr=%u ", (val_h<<16) + val_l)); 496 497 if (length < 4) { 498 ND_PRINT((ndo, "AVP too short")); 499 return; 500 } 501 val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2; 502 val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2; 503 ND_PRINT((ndo, "FrameErr=%u ", (val_h<<16) + val_l)); 504 505 if (length < 4) { 506 ND_PRINT((ndo, "AVP too short")); 507 return; 508 } 509 val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2; 510 val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2; 511 ND_PRINT((ndo, "HardOver=%u ", (val_h<<16) + val_l)); 512 513 if (length < 4) { 514 ND_PRINT((ndo, "AVP too short")); 515 return; 516 } 517 val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2; 518 val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2; 519 ND_PRINT((ndo, "BufOver=%u ", (val_h<<16) + val_l)); 520 521 if (length < 4) { 522 ND_PRINT((ndo, "AVP too short")); 523 return; 524 } 525 val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2; 526 val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2; 527 ND_PRINT((ndo, "Timeout=%u ", (val_h<<16) + val_l)); 528 529 if (length < 4) { 530 ND_PRINT((ndo, "AVP too short")); 531 return; 532 } 533 val_h = EXTRACT_16BITS(ptr); ptr++; 534 val_l = EXTRACT_16BITS(ptr); ptr++; 535 ND_PRINT((ndo, "AlignErr=%u ", (val_h<<16) + val_l)); 536 } 537 538 static void 539 l2tp_accm_print(netdissect_options *ndo, const u_char *dat, u_int length) 540 { 541 const uint16_t *ptr = (const uint16_t *)dat; 542 uint16_t val_h, val_l; 543 544 if (length < 2) { 545 ND_PRINT((ndo, "AVP too short")); 546 return; 547 } 548 ptr++; /* skip "Reserved" */ 549 length -= 2; 550 551 if (length < 4) { 552 ND_PRINT((ndo, "AVP too short")); 553 return; 554 } 555 val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2; 556 val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2; 557 ND_PRINT((ndo, "send=%08x ", (val_h<<16) + val_l)); 558 559 if (length < 4) { 560 ND_PRINT((ndo, "AVP too short")); 561 return; 562 } 563 val_h = EXTRACT_16BITS(ptr); ptr++; 564 val_l = EXTRACT_16BITS(ptr); ptr++; 565 ND_PRINT((ndo, "recv=%08x ", (val_h<<16) + val_l)); 566 } 567 568 static void 569 l2tp_ppp_discon_cc_print(netdissect_options *ndo, const u_char *dat, u_int length) 570 { 571 const uint16_t *ptr = (const uint16_t *)dat; 572 573 if (length < 5) { 574 ND_PRINT((ndo, "AVP too short")); 575 return; 576 } 577 /* Disconnect Code */ 578 ND_PRINT((ndo, "%04x, ", EXTRACT_16BITS(dat))); 579 dat += 2; 580 length -= 2; 581 /* Control Protocol Number */ 582 ND_PRINT((ndo, "%04x ", EXTRACT_16BITS(dat))); 583 dat += 2; 584 length -= 2; 585 /* Direction */ 586 ND_PRINT((ndo, "%s", tok2str(l2tp_cc_direction2str, 587 "Direction-#%u", EXTRACT_8BITS(ptr)))); 588 ptr++; 589 length--; 590 591 if (length != 0) { 592 ND_PRINT((ndo, " ")); 593 print_string(ndo, (const u_char *)ptr, length); 594 } 595 } 596 597 static void 598 l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length) 599 { 600 u_int len; 601 const uint16_t *ptr = (const uint16_t *)dat; 602 uint16_t attr_type; 603 int hidden = FALSE; 604 605 if (length <= 0) { 606 return; 607 } 608 609 ND_PRINT((ndo, " ")); 610 611 ND_TCHECK(*ptr); /* Flags & Length */ 612 len = EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_LEN_MASK; 613 614 /* If it is not long enough to contain the header, we'll give up. */ 615 if (len < 6) 616 goto trunc; 617 618 /* If it goes past the end of the remaining length of the packet, 619 we'll give up. */ 620 if (len > (u_int)length) 621 goto trunc; 622 623 /* If it goes past the end of the remaining length of the captured 624 data, we'll give up. */ 625 ND_TCHECK2(*ptr, len); 626 627 /* 628 * After this point, we don't need to check whether we go past 629 * the length of the captured data; however, we *do* need to 630 * check whether we go past the end of the AVP. 631 */ 632 633 if (EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_FLAG_MANDATORY) { 634 ND_PRINT((ndo, "*")); 635 } 636 if (EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_FLAG_HIDDEN) { 637 hidden = TRUE; 638 ND_PRINT((ndo, "?")); 639 } 640 ptr++; 641 642 if (EXTRACT_16BITS(ptr)) { 643 /* Vendor Specific Attribute */ 644 ND_PRINT((ndo, "VENDOR%04x:", EXTRACT_16BITS(ptr))); ptr++; 645 ND_PRINT((ndo, "ATTR%04x", EXTRACT_16BITS(ptr))); ptr++; 646 ND_PRINT((ndo, "(")); 647 print_octets(ndo, (const u_char *)ptr, len-6); 648 ND_PRINT((ndo, ")")); 649 } else { 650 /* IETF-defined Attributes */ 651 ptr++; 652 attr_type = EXTRACT_16BITS(ptr); ptr++; 653 ND_PRINT((ndo, "%s", tok2str(l2tp_avp2str, "AVP-#%u", attr_type))); 654 ND_PRINT((ndo, "(")); 655 if (hidden) { 656 ND_PRINT((ndo, "???")); 657 } else { 658 switch (attr_type) { 659 case L2TP_AVP_MSGTYPE: 660 l2tp_msgtype_print(ndo, (const u_char *)ptr, len-6); 661 break; 662 case L2TP_AVP_RESULT_CODE: 663 l2tp_result_code_print(ndo, (const u_char *)ptr, len-6); 664 break; 665 case L2TP_AVP_PROTO_VER: 666 l2tp_proto_ver_print(ndo, ptr, len-6); 667 break; 668 case L2TP_AVP_FRAMING_CAP: 669 l2tp_framing_cap_print(ndo, (const u_char *)ptr, len-6); 670 break; 671 case L2TP_AVP_BEARER_CAP: 672 l2tp_bearer_cap_print(ndo, (const u_char *)ptr, len-6); 673 break; 674 case L2TP_AVP_TIE_BREAKER: 675 if (len-6 < 8) { 676 ND_PRINT((ndo, "AVP too short")); 677 break; 678 } 679 print_octets(ndo, (const u_char *)ptr, 8); 680 break; 681 case L2TP_AVP_FIRM_VER: 682 case L2TP_AVP_ASSND_TUN_ID: 683 case L2TP_AVP_RECV_WIN_SIZE: 684 case L2TP_AVP_ASSND_SESS_ID: 685 if (len-6 < 2) { 686 ND_PRINT((ndo, "AVP too short")); 687 break; 688 } 689 print_16bits_val(ndo, ptr); 690 break; 691 case L2TP_AVP_HOST_NAME: 692 case L2TP_AVP_VENDOR_NAME: 693 case L2TP_AVP_CALLING_NUMBER: 694 case L2TP_AVP_CALLED_NUMBER: 695 case L2TP_AVP_SUB_ADDRESS: 696 case L2TP_AVP_PROXY_AUTH_NAME: 697 case L2TP_AVP_PRIVATE_GRP_ID: 698 print_string(ndo, (const u_char *)ptr, len-6); 699 break; 700 case L2TP_AVP_CHALLENGE: 701 case L2TP_AVP_INI_RECV_LCP: 702 case L2TP_AVP_LAST_SENT_LCP: 703 case L2TP_AVP_LAST_RECV_LCP: 704 case L2TP_AVP_PROXY_AUTH_CHAL: 705 case L2TP_AVP_PROXY_AUTH_RESP: 706 case L2TP_AVP_RANDOM_VECTOR: 707 print_octets(ndo, (const u_char *)ptr, len-6); 708 break; 709 case L2TP_AVP_Q931_CC: 710 l2tp_q931_cc_print(ndo, (const u_char *)ptr, len-6); 711 break; 712 case L2TP_AVP_CHALLENGE_RESP: 713 if (len-6 < 16) { 714 ND_PRINT((ndo, "AVP too short")); 715 break; 716 } 717 print_octets(ndo, (const u_char *)ptr, 16); 718 break; 719 case L2TP_AVP_CALL_SER_NUM: 720 case L2TP_AVP_MINIMUM_BPS: 721 case L2TP_AVP_MAXIMUM_BPS: 722 case L2TP_AVP_TX_CONN_SPEED: 723 case L2TP_AVP_PHY_CHANNEL_ID: 724 case L2TP_AVP_RX_CONN_SPEED: 725 if (len-6 < 4) { 726 ND_PRINT((ndo, "AVP too short")); 727 break; 728 } 729 print_32bits_val(ndo, (const uint32_t *)ptr); 730 break; 731 case L2TP_AVP_BEARER_TYPE: 732 l2tp_bearer_type_print(ndo, (const u_char *)ptr, len-6); 733 break; 734 case L2TP_AVP_FRAMING_TYPE: 735 l2tp_framing_type_print(ndo, (const u_char *)ptr, len-6); 736 break; 737 case L2TP_AVP_PACKET_PROC_DELAY: 738 l2tp_packet_proc_delay_print(ndo); 739 break; 740 case L2TP_AVP_PROXY_AUTH_TYPE: 741 l2tp_proxy_auth_type_print(ndo, (const u_char *)ptr, len-6); 742 break; 743 case L2TP_AVP_PROXY_AUTH_ID: 744 l2tp_proxy_auth_id_print(ndo, (const u_char *)ptr, len-6); 745 break; 746 case L2TP_AVP_CALL_ERRORS: 747 l2tp_call_errors_print(ndo, (const u_char *)ptr, len-6); 748 break; 749 case L2TP_AVP_ACCM: 750 l2tp_accm_print(ndo, (const u_char *)ptr, len-6); 751 break; 752 case L2TP_AVP_SEQ_REQUIRED: 753 break; /* No Attribute Value */ 754 case L2TP_AVP_PPP_DISCON_CC: 755 l2tp_ppp_discon_cc_print(ndo, (const u_char *)ptr, len-6); 756 break; 757 default: 758 break; 759 } 760 } 761 ND_PRINT((ndo, ")")); 762 } 763 764 l2tp_avp_print(ndo, dat+len, length-len); 765 return; 766 767 trunc: 768 ND_PRINT((ndo, "|...")); 769 } 770 771 772 void 773 l2tp_print(netdissect_options *ndo, const u_char *dat, u_int length) 774 { 775 const u_char *ptr = dat; 776 u_int cnt = 0; /* total octets consumed */ 777 uint16_t pad; 778 int flag_t, flag_l, flag_s, flag_o; 779 uint16_t l2tp_len; 780 781 flag_t = flag_l = flag_s = flag_o = FALSE; 782 783 ND_TCHECK2(*ptr, 2); /* Flags & Version */ 784 if ((EXTRACT_16BITS(ptr) & L2TP_VERSION_MASK) == L2TP_VERSION_L2TP) { 785 ND_PRINT((ndo, " l2tp:")); 786 } else if ((EXTRACT_16BITS(ptr) & L2TP_VERSION_MASK) == L2TP_VERSION_L2F) { 787 ND_PRINT((ndo, " l2f:")); 788 return; /* nothing to do */ 789 } else { 790 ND_PRINT((ndo, " Unknown Version, neither L2F(1) nor L2TP(2)")); 791 return; /* nothing we can do */ 792 } 793 794 ND_PRINT((ndo, "[")); 795 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_TYPE) { 796 flag_t = TRUE; 797 ND_PRINT((ndo, "T")); 798 } 799 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_LENGTH) { 800 flag_l = TRUE; 801 ND_PRINT((ndo, "L")); 802 } 803 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_SEQUENCE) { 804 flag_s = TRUE; 805 ND_PRINT((ndo, "S")); 806 } 807 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_OFFSET) { 808 flag_o = TRUE; 809 ND_PRINT((ndo, "O")); 810 } 811 if (EXTRACT_16BITS(ptr) & L2TP_FLAG_PRIORITY) 812 ND_PRINT((ndo, "P")); 813 ND_PRINT((ndo, "]")); 814 815 ptr += 2; 816 cnt += 2; 817 818 if (flag_l) { 819 ND_TCHECK2(*ptr, 2); /* Length */ 820 l2tp_len = EXTRACT_16BITS(ptr); 821 ptr += 2; 822 cnt += 2; 823 } else { 824 l2tp_len = 0; 825 } 826 827 ND_TCHECK2(*ptr, 2); /* Tunnel ID */ 828 ND_PRINT((ndo, "(%u/", EXTRACT_16BITS(ptr))); 829 ptr += 2; 830 cnt += 2; 831 ND_TCHECK2(*ptr, 2); /* Session ID */ 832 ND_PRINT((ndo, "%u)", EXTRACT_16BITS(ptr))); 833 ptr += 2; 834 cnt += 2; 835 836 if (flag_s) { 837 ND_TCHECK2(*ptr, 2); /* Ns */ 838 ND_PRINT((ndo, "Ns=%u,", EXTRACT_16BITS(ptr))); 839 ptr += 2; 840 cnt += 2; 841 ND_TCHECK2(*ptr, 2); /* Nr */ 842 ND_PRINT((ndo, "Nr=%u", EXTRACT_16BITS(ptr))); 843 ptr += 2; 844 cnt += 2; 845 } 846 847 if (flag_o) { 848 ND_TCHECK2(*ptr, 2); /* Offset Size */ 849 pad = EXTRACT_16BITS(ptr); 850 ptr += (2 + pad); 851 cnt += (2 + pad); 852 } 853 854 if (flag_l) { 855 if (length < l2tp_len) { 856 ND_PRINT((ndo, " Length %u larger than packet", l2tp_len)); 857 return; 858 } 859 length = l2tp_len; 860 } 861 if (length < cnt) { 862 ND_PRINT((ndo, " Length %u smaller than header length", length)); 863 return; 864 } 865 if (flag_t) { 866 if (!flag_l) { 867 ND_PRINT((ndo, " No length")); 868 return; 869 } 870 if (length - cnt == 0) { 871 ND_PRINT((ndo, " ZLB")); 872 } else { 873 l2tp_avp_print(ndo, ptr, length - cnt); 874 } 875 } else { 876 ND_PRINT((ndo, " {")); 877 ppp_print(ndo, ptr, length - cnt); 878 ND_PRINT((ndo, "}")); 879 } 880 881 return; 882 883 trunc: 884 ND_PRINT((ndo, "%s", tstr)); 885 } 886