1 /* 2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more 22 * complete PPP support. 23 */ 24 25 /* \summary: Point to Point Protocol (PPP) printer */ 26 27 /* 28 * TODO: 29 * o resolve XXX as much as possible 30 * o MP support 31 * o BAP support 32 */ 33 34 #include <sys/cdefs.h> 35 #ifndef lint 36 __RCSID("$NetBSD: print-ppp.c,v 1.11 2024/09/02 16:15:32 christos Exp $"); 37 #endif 38 39 #include <config.h> 40 41 #include "netdissect-stdinc.h" 42 43 #include <stdlib.h> 44 45 #ifdef __bsdi__ 46 #include <net/slcompress.h> 47 #include <net/if_ppp.h> 48 #endif 49 50 #include "netdissect.h" 51 #include "extract.h" 52 #include "addrtoname.h" 53 #include "ppp.h" 54 #include "chdlc.h" 55 #include "ethertype.h" 56 #include "oui.h" 57 #include "netdissect-alloc.h" 58 59 /* 60 * The following constants are defined by IANA. Please refer to 61 * https://www.isi.edu/in-notes/iana/assignments/ppp-numbers 62 * for the up-to-date information. 63 */ 64 65 /* Protocol Codes defined in ppp.h */ 66 67 static const struct tok ppptype2str[] = { 68 { PPP_IP, "IP" }, 69 { PPP_OSI, "OSI" }, 70 { PPP_NS, "NS" }, 71 { PPP_DECNET, "DECNET" }, 72 { PPP_APPLE, "APPLE" }, 73 { PPP_IPX, "IPX" }, 74 { PPP_VJC, "VJC IP" }, 75 { PPP_VJNC, "VJNC IP" }, 76 { PPP_BRPDU, "BRPDU" }, 77 { PPP_STII, "STII" }, 78 { PPP_VINES, "VINES" }, 79 { PPP_MPLS_UCAST, "MPLS" }, 80 { PPP_MPLS_MCAST, "MPLS" }, 81 { PPP_COMP, "Compressed"}, 82 { PPP_ML, "MLPPP"}, 83 { PPP_IPV6, "IP6"}, 84 85 { PPP_HELLO, "HELLO" }, 86 { PPP_LUXCOM, "LUXCOM" }, 87 { PPP_SNS, "SNS" }, 88 { PPP_IPCP, "IPCP" }, 89 { PPP_OSICP, "OSICP" }, 90 { PPP_NSCP, "NSCP" }, 91 { PPP_DECNETCP, "DECNETCP" }, 92 { PPP_APPLECP, "APPLECP" }, 93 { PPP_IPXCP, "IPXCP" }, 94 { PPP_STIICP, "STIICP" }, 95 { PPP_VINESCP, "VINESCP" }, 96 { PPP_IPV6CP, "IP6CP" }, 97 { PPP_MPLSCP, "MPLSCP" }, 98 99 { PPP_LCP, "LCP" }, 100 { PPP_PAP, "PAP" }, 101 { PPP_LQM, "LQM" }, 102 { PPP_CHAP, "CHAP" }, 103 { PPP_EAP, "EAP" }, 104 { PPP_SPAP, "SPAP" }, 105 { PPP_SPAP_OLD, "Old-SPAP" }, 106 { PPP_BACP, "BACP" }, 107 { PPP_BAP, "BAP" }, 108 { PPP_MPCP, "MLPPP-CP" }, 109 { PPP_CCP, "CCP" }, 110 { 0, NULL } 111 }; 112 113 /* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */ 114 115 #define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */ 116 #define CPCODES_CONF_REQ 1 /* Configure-Request */ 117 #define CPCODES_CONF_ACK 2 /* Configure-Ack */ 118 #define CPCODES_CONF_NAK 3 /* Configure-Nak */ 119 #define CPCODES_CONF_REJ 4 /* Configure-Reject */ 120 #define CPCODES_TERM_REQ 5 /* Terminate-Request */ 121 #define CPCODES_TERM_ACK 6 /* Terminate-Ack */ 122 #define CPCODES_CODE_REJ 7 /* Code-Reject */ 123 #define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */ 124 #define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */ 125 #define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */ 126 #define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */ 127 #define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */ 128 #define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */ 129 #define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */ 130 #define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */ 131 132 static const struct tok cpcodes[] = { 133 {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */ 134 {CPCODES_CONF_REQ, "Conf-Request"}, 135 {CPCODES_CONF_ACK, "Conf-Ack"}, 136 {CPCODES_CONF_NAK, "Conf-Nack"}, 137 {CPCODES_CONF_REJ, "Conf-Reject"}, 138 {CPCODES_TERM_REQ, "Term-Request"}, 139 {CPCODES_TERM_ACK, "Term-Ack"}, 140 {CPCODES_CODE_REJ, "Code-Reject"}, 141 {CPCODES_PROT_REJ, "Prot-Reject"}, 142 {CPCODES_ECHO_REQ, "Echo-Request"}, 143 {CPCODES_ECHO_RPL, "Echo-Reply"}, 144 {CPCODES_DISC_REQ, "Disc-Req"}, 145 {CPCODES_ID, "Ident"}, /* RFC1570 */ 146 {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */ 147 {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */ 148 {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */ 149 {0, NULL} 150 }; 151 152 /* LCP Config Options */ 153 154 #define LCPOPT_VEXT 0 155 #define LCPOPT_MRU 1 156 #define LCPOPT_ACCM 2 157 #define LCPOPT_AP 3 158 #define LCPOPT_QP 4 159 #define LCPOPT_MN 5 160 #define LCPOPT_DEP6 6 161 #define LCPOPT_PFC 7 162 #define LCPOPT_ACFC 8 163 #define LCPOPT_FCSALT 9 164 #define LCPOPT_SDP 10 165 #define LCPOPT_NUMMODE 11 166 #define LCPOPT_DEP12 12 167 #define LCPOPT_CBACK 13 168 #define LCPOPT_DEP14 14 169 #define LCPOPT_DEP15 15 170 #define LCPOPT_DEP16 16 171 #define LCPOPT_MLMRRU 17 172 #define LCPOPT_MLSSNHF 18 173 #define LCPOPT_MLED 19 174 #define LCPOPT_PROP 20 175 #define LCPOPT_DCEID 21 176 #define LCPOPT_MPP 22 177 #define LCPOPT_LD 23 178 #define LCPOPT_LCPAOPT 24 179 #define LCPOPT_COBS 25 180 #define LCPOPT_PE 26 181 #define LCPOPT_MLHF 27 182 #define LCPOPT_I18N 28 183 #define LCPOPT_SDLOS 29 184 #define LCPOPT_PPPMUX 30 185 186 static const char *lcpconfopts[] = { 187 "Vend-Ext", /* (0) */ 188 "MRU", /* (1) */ 189 "ACCM", /* (2) */ 190 "Auth-Prot", /* (3) */ 191 "Qual-Prot", /* (4) */ 192 "Magic-Num", /* (5) */ 193 "deprecated(6)", /* used to be a Quality Protocol */ 194 "PFC", /* (7) */ 195 "ACFC", /* (8) */ 196 "FCS-Alt", /* (9) */ 197 "SDP", /* (10) */ 198 "Num-Mode", /* (11) */ 199 "deprecated(12)", /* used to be a Multi-Link-Procedure*/ 200 "Call-Back", /* (13) */ 201 "deprecated(14)", /* used to be a Connect-Time */ 202 "deprecated(15)", /* used to be a Compound-Frames */ 203 "deprecated(16)", /* used to be a Nominal-Data-Encap */ 204 "MRRU", /* (17) */ 205 "12-Bit seq #", /* (18) */ 206 "End-Disc", /* (19) */ 207 "Proprietary", /* (20) */ 208 "DCE-Id", /* (21) */ 209 "MP+", /* (22) */ 210 "Link-Disc", /* (23) */ 211 "LCP-Auth-Opt", /* (24) */ 212 "COBS", /* (25) */ 213 "Prefix-elision", /* (26) */ 214 "Multilink-header-Form",/* (27) */ 215 "I18N", /* (28) */ 216 "SDL-over-SONET/SDH", /* (29) */ 217 "PPP-Muxing", /* (30) */ 218 }; 219 220 #define NUM_LCPOPTS (sizeof(lcpconfopts) / sizeof(lcpconfopts[0])) 221 222 /* ECP - to be supported */ 223 224 /* CCP Config Options */ 225 226 #define CCPOPT_OUI 0 /* RFC1962 */ 227 #define CCPOPT_PRED1 1 /* RFC1962 */ 228 #define CCPOPT_PRED2 2 /* RFC1962 */ 229 #define CCPOPT_PJUMP 3 /* RFC1962 */ 230 /* 4-15 unassigned */ 231 #define CCPOPT_HPPPC 16 /* RFC1962 */ 232 #define CCPOPT_STACLZS 17 /* RFC1974 */ 233 #define CCPOPT_MPPC 18 /* RFC2118 */ 234 #define CCPOPT_GFZA 19 /* RFC1962 */ 235 #define CCPOPT_V42BIS 20 /* RFC1962 */ 236 #define CCPOPT_BSDCOMP 21 /* RFC1977 */ 237 /* 22 unassigned */ 238 #define CCPOPT_LZSDCP 23 /* RFC1967 */ 239 #define CCPOPT_MVRCA 24 /* RFC1975 */ 240 #define CCPOPT_DEC 25 /* RFC1976 */ 241 #define CCPOPT_DEFLATE 26 /* RFC1979 */ 242 /* 27-254 unassigned */ 243 #define CCPOPT_RESV 255 /* RFC1962 */ 244 245 static const struct tok ccpconfopts_values[] = { 246 { CCPOPT_OUI, "OUI" }, 247 { CCPOPT_PRED1, "Pred-1" }, 248 { CCPOPT_PRED2, "Pred-2" }, 249 { CCPOPT_PJUMP, "Puddle" }, 250 { CCPOPT_HPPPC, "HP-PPC" }, 251 { CCPOPT_STACLZS, "Stac-LZS" }, 252 { CCPOPT_MPPC, "MPPC" }, 253 { CCPOPT_GFZA, "Gand-FZA" }, 254 { CCPOPT_V42BIS, "V.42bis" }, 255 { CCPOPT_BSDCOMP, "BSD-Comp" }, 256 { CCPOPT_LZSDCP, "LZS-DCP" }, 257 { CCPOPT_MVRCA, "MVRCA" }, 258 { CCPOPT_DEC, "DEC" }, 259 { CCPOPT_DEFLATE, "Deflate" }, 260 { CCPOPT_RESV, "Reserved"}, 261 {0, NULL} 262 }; 263 264 /* BACP Config Options */ 265 266 #define BACPOPT_FPEER 1 /* RFC2125 */ 267 268 static const struct tok bacconfopts_values[] = { 269 { BACPOPT_FPEER, "Favored-Peer" }, 270 {0, NULL} 271 }; 272 273 274 /* SDCP - to be supported */ 275 276 /* IPCP Config Options */ 277 #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */ 278 #define IPCPOPT_IPCOMP 2 /* RFC1332 */ 279 #define IPCPOPT_ADDR 3 /* RFC1332 */ 280 #define IPCPOPT_MOBILE4 4 /* RFC2290 */ 281 #define IPCPOPT_PRIDNS 129 /* RFC1877 */ 282 #define IPCPOPT_PRINBNS 130 /* RFC1877 */ 283 #define IPCPOPT_SECDNS 131 /* RFC1877 */ 284 #define IPCPOPT_SECNBNS 132 /* RFC1877 */ 285 286 static const struct tok ipcpopt_values[] = { 287 { IPCPOPT_2ADDR, "IP-Addrs" }, 288 { IPCPOPT_IPCOMP, "IP-Comp" }, 289 { IPCPOPT_ADDR, "IP-Addr" }, 290 { IPCPOPT_MOBILE4, "Home-Addr" }, 291 { IPCPOPT_PRIDNS, "Pri-DNS" }, 292 { IPCPOPT_PRINBNS, "Pri-NBNS" }, 293 { IPCPOPT_SECDNS, "Sec-DNS" }, 294 { IPCPOPT_SECNBNS, "Sec-NBNS" }, 295 { 0, NULL } 296 }; 297 298 #define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */ 299 #define IPCPOPT_IPCOMP_MINLEN 14 300 301 static const struct tok ipcpopt_compproto_values[] = { 302 { PPP_VJC, "VJ-Comp" }, 303 { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" }, 304 { 0, NULL } 305 }; 306 307 static const struct tok ipcpopt_compproto_subopt_values[] = { 308 { 1, "RTP-Compression" }, 309 { 2, "Enhanced RTP-Compression" }, 310 { 0, NULL } 311 }; 312 313 /* IP6CP Config Options */ 314 #define IP6CP_IFID 1 315 316 static const struct tok ip6cpopt_values[] = { 317 { IP6CP_IFID, "Interface-ID" }, 318 { 0, NULL } 319 }; 320 321 /* ATCP - to be supported */ 322 /* OSINLCP - to be supported */ 323 /* BVCP - to be supported */ 324 /* BCP - to be supported */ 325 /* IPXCP - to be supported */ 326 /* MPLSCP - to be supported */ 327 328 /* Auth Algorithms */ 329 330 /* 0-4 Reserved (RFC1994) */ 331 #define AUTHALG_CHAPMD5 5 /* RFC1994 */ 332 #define AUTHALG_MSCHAP1 128 /* RFC2433 */ 333 #define AUTHALG_MSCHAP2 129 /* RFC2795 */ 334 335 static const struct tok authalg_values[] = { 336 { AUTHALG_CHAPMD5, "MD5" }, 337 { AUTHALG_MSCHAP1, "MS-CHAPv1" }, 338 { AUTHALG_MSCHAP2, "MS-CHAPv2" }, 339 { 0, NULL } 340 }; 341 342 /* FCS Alternatives - to be supported */ 343 344 /* Multilink Endpoint Discriminator (RFC1717) */ 345 #define MEDCLASS_NULL 0 /* Null Class */ 346 #define MEDCLASS_LOCAL 1 /* Locally Assigned */ 347 #define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */ 348 #define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */ 349 #define MEDCLASS_MNB 4 /* PPP Magic Number Block */ 350 #define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */ 351 352 /* PPP LCP Callback */ 353 #define CALLBACK_AUTH 0 /* Location determined by user auth */ 354 #define CALLBACK_DSTR 1 /* Dialing string */ 355 #define CALLBACK_LID 2 /* Location identifier */ 356 #define CALLBACK_E164 3 /* E.164 number */ 357 #define CALLBACK_X500 4 /* X.500 distinguished name */ 358 #define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */ 359 360 static const struct tok ppp_callback_values[] = { 361 { CALLBACK_AUTH, "UserAuth" }, 362 { CALLBACK_DSTR, "DialString" }, 363 { CALLBACK_LID, "LocalID" }, 364 { CALLBACK_E164, "E.164" }, 365 { CALLBACK_X500, "X.500" }, 366 { CALLBACK_CBCP, "CBCP" }, 367 { 0, NULL } 368 }; 369 370 /* CHAP */ 371 372 #define CHAP_CHAL 1 373 #define CHAP_RESP 2 374 #define CHAP_SUCC 3 375 #define CHAP_FAIL 4 376 377 static const struct tok chapcode_values[] = { 378 { CHAP_CHAL, "Challenge" }, 379 { CHAP_RESP, "Response" }, 380 { CHAP_SUCC, "Success" }, 381 { CHAP_FAIL, "Fail" }, 382 { 0, NULL} 383 }; 384 385 /* PAP */ 386 387 #define PAP_AREQ 1 388 #define PAP_AACK 2 389 #define PAP_ANAK 3 390 391 static const struct tok papcode_values[] = { 392 { PAP_AREQ, "Auth-Req" }, 393 { PAP_AACK, "Auth-ACK" }, 394 { PAP_ANAK, "Auth-NACK" }, 395 { 0, NULL } 396 }; 397 398 /* BAP */ 399 #define BAP_CALLREQ 1 400 #define BAP_CALLRES 2 401 #define BAP_CBREQ 3 402 #define BAP_CBRES 4 403 #define BAP_LDQREQ 5 404 #define BAP_LDQRES 6 405 #define BAP_CSIND 7 406 #define BAP_CSRES 8 407 408 static u_int print_lcp_config_options(netdissect_options *, const u_char *p, u_int); 409 static u_int print_ipcp_config_options(netdissect_options *, const u_char *p, u_int); 410 static u_int print_ip6cp_config_options(netdissect_options *, const u_char *p, u_int); 411 static u_int print_ccp_config_options(netdissect_options *, const u_char *p, u_int); 412 static u_int print_bacp_config_options(netdissect_options *, const u_char *p, u_int); 413 static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, u_int length); 414 415 /* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */ 416 static void 417 handle_ctrl_proto(netdissect_options *ndo, 418 u_int proto, const u_char *pptr, u_int length) 419 { 420 const char *typestr; 421 u_int code, len; 422 u_int (*pfunc)(netdissect_options *, const u_char *, u_int); 423 u_int tlen, advance; 424 const u_char *tptr; 425 426 tptr=pptr; 427 428 typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto); 429 ND_PRINT("%s, ", typestr); 430 431 if (length < 4) /* FIXME weak boundary checking */ 432 goto trunc; 433 ND_TCHECK_2(tptr); 434 435 code = GET_U_1(tptr); 436 tptr++; 437 438 ND_PRINT("%s (0x%02x), id %u, length %u", 439 tok2str(cpcodes, "Unknown Opcode",code), 440 code, 441 GET_U_1(tptr), /* ID */ 442 length + 2); 443 tptr++; 444 445 if (!ndo->ndo_vflag) 446 return; 447 448 len = GET_BE_U_2(tptr); 449 tptr += 2; 450 451 if (len < 4) { 452 ND_PRINT("\n\tencoded length %u (< 4))", len); 453 return; 454 } 455 456 if (len > length) { 457 ND_PRINT("\n\tencoded length %u (> packet length %u))", len, length); 458 return; 459 } 460 length = len; 461 462 ND_PRINT("\n\tencoded length %u (=Option(s) length %u)", len, len - 4); 463 464 if (length == 4) 465 return; /* there may be a NULL confreq etc. */ 466 467 if (ndo->ndo_vflag > 1) 468 print_unknown_data(ndo, pptr - 2, "\n\t", 6); 469 470 471 switch (code) { 472 case CPCODES_VEXT: 473 if (length < 11) 474 break; 475 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); 476 tptr += 4; 477 ND_PRINT(" Vendor: %s (%u)", 478 tok2str(oui_values,"Unknown",GET_BE_U_3(tptr)), 479 GET_BE_U_3(tptr)); 480 /* XXX: need to decode Kind and Value(s)? */ 481 break; 482 case CPCODES_CONF_REQ: 483 case CPCODES_CONF_ACK: 484 case CPCODES_CONF_NAK: 485 case CPCODES_CONF_REJ: 486 tlen = len - 4; /* Code(1), Identifier(1) and Length(2) */ 487 do { 488 switch (proto) { 489 case PPP_LCP: 490 pfunc = print_lcp_config_options; 491 break; 492 case PPP_IPCP: 493 pfunc = print_ipcp_config_options; 494 break; 495 case PPP_IPV6CP: 496 pfunc = print_ip6cp_config_options; 497 break; 498 case PPP_CCP: 499 pfunc = print_ccp_config_options; 500 break; 501 case PPP_BACP: 502 pfunc = print_bacp_config_options; 503 break; 504 default: 505 /* 506 * No print routine for the options for 507 * this protocol. 508 */ 509 pfunc = NULL; 510 break; 511 } 512 513 if (pfunc == NULL) /* catch the above null pointer if unknown CP */ 514 break; 515 516 if ((advance = (*pfunc)(ndo, tptr, len)) == 0) 517 break; 518 if (tlen < advance) { 519 ND_PRINT(" [remaining options length %u < %u]", 520 tlen, advance); 521 nd_print_invalid(ndo); 522 break; 523 } 524 tlen -= advance; 525 tptr += advance; 526 } while (tlen != 0); 527 break; 528 529 case CPCODES_TERM_REQ: 530 case CPCODES_TERM_ACK: 531 /* XXX: need to decode Data? */ 532 break; 533 case CPCODES_CODE_REJ: 534 /* XXX: need to decode Rejected-Packet? */ 535 break; 536 case CPCODES_PROT_REJ: 537 if (length < 6) 538 break; 539 ND_PRINT("\n\t Rejected %s Protocol (0x%04x)", 540 tok2str(ppptype2str,"unknown", GET_BE_U_2(tptr)), 541 GET_BE_U_2(tptr)); 542 /* XXX: need to decode Rejected-Information? - hexdump for now */ 543 if (len > 6) { 544 ND_PRINT("\n\t Rejected Packet"); 545 print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2); 546 } 547 break; 548 case CPCODES_ECHO_REQ: 549 case CPCODES_ECHO_RPL: 550 case CPCODES_DISC_REQ: 551 if (length < 8) 552 break; 553 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); 554 /* XXX: need to decode Data? - hexdump for now */ 555 if (len > 8) { 556 ND_PRINT("\n\t -----trailing data-----"); 557 ND_TCHECK_LEN(tptr + 4, len - 8); 558 print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8); 559 } 560 break; 561 case CPCODES_ID: 562 if (length < 8) 563 break; 564 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); 565 /* RFC 1661 says this is intended to be human readable */ 566 if (len > 8) { 567 ND_PRINT("\n\t Message\n\t "); 568 if (nd_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend)) 569 goto trunc; 570 } 571 break; 572 case CPCODES_TIME_REM: 573 if (length < 12) 574 break; 575 ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr)); 576 ND_PRINT(", Seconds-Remaining %us", GET_BE_U_4(tptr + 4)); 577 /* XXX: need to decode Message? */ 578 break; 579 default: 580 /* XXX this is dirty but we do not get the 581 * original pointer passed to the begin 582 * the PPP packet */ 583 if (ndo->ndo_vflag <= 1) 584 print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2); 585 break; 586 } 587 return; 588 589 trunc: 590 ND_PRINT("[|%s]", typestr); 591 } 592 593 /* LCP config options */ 594 static u_int 595 print_lcp_config_options(netdissect_options *ndo, 596 const u_char *p, u_int length) 597 { 598 u_int opt, len; 599 600 if (length < 2) 601 return 0; 602 ND_TCHECK_2(p); 603 opt = GET_U_1(p); 604 len = GET_U_1(p + 1); 605 if (length < len) 606 return 0; 607 if (len < 2) { 608 if (opt < NUM_LCPOPTS) 609 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 610 lcpconfopts[opt], opt, len); 611 else 612 ND_PRINT("\n\tunknown LCP option 0x%02x", opt); 613 return 0; 614 } 615 if (opt < NUM_LCPOPTS) 616 ND_PRINT("\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len); 617 else { 618 ND_PRINT("\n\tunknown LCP option 0x%02x", opt); 619 return len; 620 } 621 622 switch (opt) { 623 case LCPOPT_VEXT: 624 if (len < 6) { 625 ND_PRINT(" (length bogus, should be >= 6)"); 626 return len; 627 } 628 ND_PRINT(": Vendor: %s (%u)", 629 tok2str(oui_values,"Unknown",GET_BE_U_3(p + 2)), 630 GET_BE_U_3(p + 2)); 631 #if 0 632 ND_PRINT(", kind: 0x%02x", GET_U_1(p + 5)); 633 ND_PRINT(", Value: 0x"); 634 for (i = 0; i < len - 6; i++) { 635 ND_PRINT("%02x", GET_U_1(p + 6 + i)); 636 } 637 #endif 638 break; 639 case LCPOPT_MRU: 640 if (len != 4) { 641 ND_PRINT(" (length bogus, should be = 4)"); 642 return len; 643 } 644 ND_PRINT(": %u", GET_BE_U_2(p + 2)); 645 break; 646 case LCPOPT_ACCM: 647 if (len != 6) { 648 ND_PRINT(" (length bogus, should be = 6)"); 649 return len; 650 } 651 ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2)); 652 break; 653 case LCPOPT_AP: 654 if (len < 4) { 655 ND_PRINT(" (length bogus, should be >= 4)"); 656 return len; 657 } 658 ND_PRINT(": %s", 659 tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", GET_BE_U_2(p + 2))); 660 661 switch (GET_BE_U_2(p + 2)) { 662 case PPP_CHAP: 663 ND_PRINT(", %s", 664 tok2str(authalg_values, "Unknown Auth Alg %u", GET_U_1(p + 4))); 665 break; 666 case PPP_PAP: /* fall through */ 667 case PPP_EAP: 668 case PPP_SPAP: 669 case PPP_SPAP_OLD: 670 break; 671 default: 672 print_unknown_data(ndo, p, "\n\t", len); 673 } 674 break; 675 case LCPOPT_QP: 676 if (len < 4) { 677 ND_PRINT(" (length bogus, should be >= 4)"); 678 return 0; 679 } 680 if (GET_BE_U_2(p + 2) == PPP_LQM) 681 ND_PRINT(": LQR"); 682 else 683 ND_PRINT(": unknown"); 684 break; 685 case LCPOPT_MN: 686 if (len != 6) { 687 ND_PRINT(" (length bogus, should be = 6)"); 688 return 0; 689 } 690 ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2)); 691 break; 692 case LCPOPT_PFC: 693 break; 694 case LCPOPT_ACFC: 695 break; 696 case LCPOPT_LD: 697 if (len != 4) { 698 ND_PRINT(" (length bogus, should be = 4)"); 699 return 0; 700 } 701 ND_PRINT(": 0x%04x", GET_BE_U_2(p + 2)); 702 break; 703 case LCPOPT_CBACK: 704 if (len < 3) { 705 ND_PRINT(" (length bogus, should be >= 3)"); 706 return 0; 707 } 708 ND_PRINT(": Callback Operation %s (%u)", 709 tok2str(ppp_callback_values, "Unknown", GET_U_1(p + 2)), 710 GET_U_1(p + 2)); 711 break; 712 case LCPOPT_MLMRRU: 713 if (len != 4) { 714 ND_PRINT(" (length bogus, should be = 4)"); 715 return 0; 716 } 717 ND_PRINT(": %u", GET_BE_U_2(p + 2)); 718 break; 719 case LCPOPT_MLED: 720 if (len < 3) { 721 ND_PRINT(" (length bogus, should be >= 3)"); 722 return 0; 723 } 724 switch (GET_U_1(p + 2)) { /* class */ 725 case MEDCLASS_NULL: 726 ND_PRINT(": Null"); 727 break; 728 case MEDCLASS_LOCAL: 729 ND_PRINT(": Local"); /* XXX */ 730 break; 731 case MEDCLASS_IPV4: 732 if (len != 7) { 733 ND_PRINT(" (length bogus, should be = 7)"); 734 return 0; 735 } 736 ND_PRINT(": IPv4 %s", GET_IPADDR_STRING(p + 3)); 737 break; 738 case MEDCLASS_MAC: 739 if (len != 9) { 740 ND_PRINT(" (length bogus, should be = 9)"); 741 return 0; 742 } 743 ND_PRINT(": MAC %s", GET_ETHERADDR_STRING(p + 3)); 744 break; 745 case MEDCLASS_MNB: 746 ND_PRINT(": Magic-Num-Block"); /* XXX */ 747 break; 748 case MEDCLASS_PSNDN: 749 ND_PRINT(": PSNDN"); /* XXX */ 750 break; 751 default: 752 ND_PRINT(": Unknown class %u", GET_U_1(p + 2)); 753 break; 754 } 755 break; 756 757 /* XXX: to be supported */ 758 #if 0 759 case LCPOPT_DEP6: 760 case LCPOPT_FCSALT: 761 case LCPOPT_SDP: 762 case LCPOPT_NUMMODE: 763 case LCPOPT_DEP12: 764 case LCPOPT_DEP14: 765 case LCPOPT_DEP15: 766 case LCPOPT_DEP16: 767 case LCPOPT_MLSSNHF: 768 case LCPOPT_PROP: 769 case LCPOPT_DCEID: 770 case LCPOPT_MPP: 771 case LCPOPT_LCPAOPT: 772 case LCPOPT_COBS: 773 case LCPOPT_PE: 774 case LCPOPT_MLHF: 775 case LCPOPT_I18N: 776 case LCPOPT_SDLOS: 777 case LCPOPT_PPPMUX: 778 break; 779 #endif 780 default: 781 /* 782 * Unknown option; dump it as raw bytes now if we're 783 * not going to do so below. 784 */ 785 if (ndo->ndo_vflag < 2) 786 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 787 break; 788 } 789 790 if (ndo->ndo_vflag > 1) 791 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 792 793 return len; 794 795 trunc: 796 ND_PRINT("[|lcp]"); 797 return 0; 798 } 799 800 /* ML-PPP*/ 801 static const struct tok ppp_ml_flag_values[] = { 802 { 0x80, "begin" }, 803 { 0x40, "end" }, 804 { 0, NULL } 805 }; 806 807 static void 808 handle_mlppp(netdissect_options *ndo, 809 const u_char *p, u_int length) 810 { 811 if (!ndo->ndo_eflag) 812 ND_PRINT("MLPPP, "); 813 814 if (length < 2) { 815 ND_PRINT("[|mlppp]"); 816 return; 817 } 818 if (!ND_TTEST_2(p)) { 819 ND_PRINT("[|mlppp]"); 820 return; 821 } 822 823 ND_PRINT("seq 0x%03x, Flags [%s], length %u", 824 (GET_BE_U_2(p))&0x0fff, 825 /* only support 12-Bit sequence space for now */ 826 bittok2str(ppp_ml_flag_values, "none", GET_U_1(p) & 0xc0), 827 length); 828 } 829 830 /* CHAP */ 831 static void 832 handle_chap(netdissect_options *ndo, 833 const u_char *p, u_int length) 834 { 835 u_int code, len; 836 u_int val_size, name_size, msg_size; 837 const u_char *p0; 838 u_int i; 839 840 p0 = p; 841 if (length < 1) { 842 ND_PRINT("[|chap]"); 843 return; 844 } else if (length < 4) { 845 ND_PRINT("[|chap 0x%02x]", GET_U_1(p)); 846 return; 847 } 848 849 code = GET_U_1(p); 850 ND_PRINT("CHAP, %s (0x%02x)", 851 tok2str(chapcode_values,"unknown",code), 852 code); 853 p++; 854 855 ND_PRINT(", id %u", GET_U_1(p)); /* ID */ 856 p++; 857 858 len = GET_BE_U_2(p); 859 p += 2; 860 861 /* 862 * Note that this is a generic CHAP decoding routine. Since we 863 * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1, 864 * MS-CHAPv2) is used at this point, we can't decode packet 865 * specifically to each algorithms. Instead, we simply decode 866 * the GCD (Greatest Common Denominator) for all algorithms. 867 */ 868 switch (code) { 869 case CHAP_CHAL: 870 case CHAP_RESP: 871 if (length - (p - p0) < 1) 872 return; 873 val_size = GET_U_1(p); /* value size */ 874 p++; 875 if (length - (p - p0) < val_size) 876 return; 877 ND_PRINT(", Value "); 878 for (i = 0; i < val_size; i++) { 879 ND_PRINT("%02x", GET_U_1(p)); 880 p++; 881 } 882 name_size = len - (u_int)(p - p0); 883 ND_PRINT(", Name "); 884 for (i = 0; i < name_size; i++) { 885 fn_print_char(ndo, GET_U_1(p)); 886 p++; 887 } 888 break; 889 case CHAP_SUCC: 890 case CHAP_FAIL: 891 msg_size = len - (u_int)(p - p0); 892 ND_PRINT(", Msg "); 893 for (i = 0; i< msg_size; i++) { 894 fn_print_char(ndo, GET_U_1(p)); 895 p++; 896 } 897 break; 898 } 899 } 900 901 /* PAP (see RFC 1334) */ 902 static void 903 handle_pap(netdissect_options *ndo, 904 const u_char *p, u_int length) 905 { 906 u_int code, len; 907 u_int peerid_len, passwd_len, msg_len; 908 const u_char *p0; 909 u_int i; 910 911 p0 = p; 912 if (length < 1) { 913 ND_PRINT("[|pap]"); 914 return; 915 } else if (length < 4) { 916 ND_PRINT("[|pap 0x%02x]", GET_U_1(p)); 917 return; 918 } 919 920 code = GET_U_1(p); 921 ND_PRINT("PAP, %s (0x%02x)", 922 tok2str(papcode_values, "unknown", code), 923 code); 924 p++; 925 926 ND_PRINT(", id %u", GET_U_1(p)); /* ID */ 927 p++; 928 929 len = GET_BE_U_2(p); 930 p += 2; 931 932 if (len > length) { 933 ND_PRINT(", length %u > packet size", len); 934 return; 935 } 936 length = len; 937 if (length < (size_t)(p - p0)) { 938 ND_PRINT(", length %u < PAP header length", length); 939 return; 940 } 941 942 switch (code) { 943 case PAP_AREQ: 944 /* A valid Authenticate-Request is 6 or more octets long. */ 945 if (len < 6) 946 goto trunc; 947 if (length - (p - p0) < 1) 948 return; 949 peerid_len = GET_U_1(p); /* Peer-ID Length */ 950 p++; 951 if (length - (p - p0) < peerid_len) 952 return; 953 ND_PRINT(", Peer "); 954 for (i = 0; i < peerid_len; i++) { 955 fn_print_char(ndo, GET_U_1(p)); 956 p++; 957 } 958 959 if (length - (p - p0) < 1) 960 return; 961 passwd_len = GET_U_1(p); /* Password Length */ 962 p++; 963 if (length - (p - p0) < passwd_len) 964 return; 965 ND_PRINT(", Name "); 966 for (i = 0; i < passwd_len; i++) { 967 fn_print_char(ndo, GET_U_1(p)); 968 p++; 969 } 970 break; 971 case PAP_AACK: 972 case PAP_ANAK: 973 /* Although some implementations ignore truncation at 974 * this point and at least one generates a truncated 975 * packet, RFC 1334 section 2.2.2 clearly states that 976 * both AACK and ANAK are at least 5 bytes long. 977 */ 978 if (len < 5) 979 goto trunc; 980 if (length - (p - p0) < 1) 981 return; 982 msg_len = GET_U_1(p); /* Msg-Length */ 983 p++; 984 if (length - (p - p0) < msg_len) 985 return; 986 ND_PRINT(", Msg "); 987 for (i = 0; i< msg_len; i++) { 988 fn_print_char(ndo, GET_U_1(p)); 989 p++; 990 } 991 break; 992 } 993 return; 994 995 trunc: 996 ND_PRINT("[|pap]"); 997 } 998 999 /* BAP */ 1000 static void 1001 handle_bap(netdissect_options *ndo _U_, 1002 const u_char *p _U_, u_int length _U_) 1003 { 1004 /* XXX: to be supported!! */ 1005 } 1006 1007 1008 /* IPCP config options */ 1009 static u_int 1010 print_ipcp_config_options(netdissect_options *ndo, 1011 const u_char *p, u_int length) 1012 { 1013 u_int opt, len; 1014 u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen; 1015 1016 if (length < 2) 1017 return 0; 1018 ND_TCHECK_2(p); 1019 opt = GET_U_1(p); 1020 len = GET_U_1(p + 1); 1021 if (length < len) 1022 return 0; 1023 if (len < 2) { 1024 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 1025 tok2str(ipcpopt_values,"unknown",opt), 1026 opt, 1027 len); 1028 return 0; 1029 } 1030 1031 ND_PRINT("\n\t %s Option (0x%02x), length %u", 1032 tok2str(ipcpopt_values,"unknown",opt), 1033 opt, 1034 len); 1035 1036 switch (opt) { 1037 case IPCPOPT_2ADDR: /* deprecated */ 1038 if (len != 10) { 1039 ND_PRINT(" (length bogus, should be = 10)"); 1040 return len; 1041 } 1042 ND_PRINT(": src %s, dst %s", 1043 GET_IPADDR_STRING(p + 2), 1044 GET_IPADDR_STRING(p + 6)); 1045 break; 1046 case IPCPOPT_IPCOMP: 1047 if (len < 4) { 1048 ND_PRINT(" (length bogus, should be >= 4)"); 1049 return 0; 1050 } 1051 compproto = GET_BE_U_2(p + 2); 1052 1053 ND_PRINT(": %s (0x%02x):", 1054 tok2str(ipcpopt_compproto_values, "Unknown", compproto), 1055 compproto); 1056 1057 switch (compproto) { 1058 case PPP_VJC: 1059 /* XXX: VJ-Comp parameters should be decoded */ 1060 break; 1061 case IPCPOPT_IPCOMP_HDRCOMP: 1062 if (len < IPCPOPT_IPCOMP_MINLEN) { 1063 ND_PRINT(" (length bogus, should be >= %u)", 1064 IPCPOPT_IPCOMP_MINLEN); 1065 return 0; 1066 } 1067 1068 ND_TCHECK_LEN(p + 2, IPCPOPT_IPCOMP_MINLEN); 1069 ND_PRINT("\n\t TCP Space %u, non-TCP Space %u" 1070 ", maxPeriod %u, maxTime %u, maxHdr %u", 1071 GET_BE_U_2(p + 4), 1072 GET_BE_U_2(p + 6), 1073 GET_BE_U_2(p + 8), 1074 GET_BE_U_2(p + 10), 1075 GET_BE_U_2(p + 12)); 1076 1077 /* suboptions present ? */ 1078 if (len > IPCPOPT_IPCOMP_MINLEN) { 1079 ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN; 1080 p += IPCPOPT_IPCOMP_MINLEN; 1081 1082 ND_PRINT("\n\t Suboptions, length %u", ipcomp_subopttotallen); 1083 1084 while (ipcomp_subopttotallen >= 2) { 1085 ND_TCHECK_2(p); 1086 ipcomp_subopt = GET_U_1(p); 1087 ipcomp_suboptlen = GET_U_1(p + 1); 1088 1089 /* sanity check */ 1090 if (ipcomp_subopt == 0 || 1091 ipcomp_suboptlen == 0 ) 1092 break; 1093 1094 /* XXX: just display the suboptions for now */ 1095 ND_PRINT("\n\t\t%s Suboption #%u, length %u", 1096 tok2str(ipcpopt_compproto_subopt_values, 1097 "Unknown", 1098 ipcomp_subopt), 1099 ipcomp_subopt, 1100 ipcomp_suboptlen); 1101 if (ipcomp_subopttotallen < ipcomp_suboptlen) { 1102 ND_PRINT(" [remaining suboptions length %u < %u]", 1103 ipcomp_subopttotallen, ipcomp_suboptlen); 1104 nd_print_invalid(ndo); 1105 break; 1106 } 1107 ipcomp_subopttotallen -= ipcomp_suboptlen; 1108 p += ipcomp_suboptlen; 1109 } 1110 } 1111 break; 1112 default: 1113 break; 1114 } 1115 break; 1116 1117 case IPCPOPT_ADDR: /* those options share the same format - fall through */ 1118 case IPCPOPT_MOBILE4: 1119 case IPCPOPT_PRIDNS: 1120 case IPCPOPT_PRINBNS: 1121 case IPCPOPT_SECDNS: 1122 case IPCPOPT_SECNBNS: 1123 if (len != 6) { 1124 ND_PRINT(" (length bogus, should be = 6)"); 1125 return 0; 1126 } 1127 ND_PRINT(": %s", GET_IPADDR_STRING(p + 2)); 1128 break; 1129 default: 1130 /* 1131 * Unknown option; dump it as raw bytes now if we're 1132 * not going to do so below. 1133 */ 1134 if (ndo->ndo_vflag < 2) 1135 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 1136 break; 1137 } 1138 if (ndo->ndo_vflag > 1 && ND_TTEST_LEN(p + 2, len - 2)) 1139 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 1140 return len; 1141 1142 trunc: 1143 ND_PRINT("[|ipcp]"); 1144 return 0; 1145 } 1146 1147 /* IP6CP config options */ 1148 static u_int 1149 print_ip6cp_config_options(netdissect_options *ndo, 1150 const u_char *p, u_int length) 1151 { 1152 u_int opt, len; 1153 1154 if (length < 2) 1155 return 0; 1156 ND_TCHECK_2(p); 1157 opt = GET_U_1(p); 1158 len = GET_U_1(p + 1); 1159 if (length < len) 1160 return 0; 1161 if (len < 2) { 1162 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 1163 tok2str(ip6cpopt_values,"unknown",opt), 1164 opt, 1165 len); 1166 return 0; 1167 } 1168 1169 ND_PRINT("\n\t %s Option (0x%02x), length %u", 1170 tok2str(ip6cpopt_values,"unknown",opt), 1171 opt, 1172 len); 1173 1174 switch (opt) { 1175 case IP6CP_IFID: 1176 if (len != 10) { 1177 ND_PRINT(" (length bogus, should be = 10)"); 1178 return len; 1179 } 1180 ND_TCHECK_8(p + 2); 1181 ND_PRINT(": %04x:%04x:%04x:%04x", 1182 GET_BE_U_2(p + 2), 1183 GET_BE_U_2(p + 4), 1184 GET_BE_U_2(p + 6), 1185 GET_BE_U_2(p + 8)); 1186 break; 1187 default: 1188 /* 1189 * Unknown option; dump it as raw bytes now if we're 1190 * not going to do so below. 1191 */ 1192 if (ndo->ndo_vflag < 2) 1193 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 1194 break; 1195 } 1196 if (ndo->ndo_vflag > 1) 1197 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 1198 1199 return len; 1200 1201 trunc: 1202 ND_PRINT("[|ip6cp]"); 1203 return 0; 1204 } 1205 1206 1207 /* CCP config options */ 1208 static u_int 1209 print_ccp_config_options(netdissect_options *ndo, 1210 const u_char *p, u_int length) 1211 { 1212 u_int opt, len; 1213 1214 if (length < 2) 1215 return 0; 1216 ND_TCHECK_2(p); 1217 opt = GET_U_1(p); 1218 len = GET_U_1(p + 1); 1219 if (length < len) 1220 return 0; 1221 if (len < 2) { 1222 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 1223 tok2str(ccpconfopts_values, "Unknown", opt), 1224 opt, 1225 len); 1226 return 0; 1227 } 1228 1229 ND_PRINT("\n\t %s Option (0x%02x), length %u", 1230 tok2str(ccpconfopts_values, "Unknown", opt), 1231 opt, 1232 len); 1233 1234 switch (opt) { 1235 case CCPOPT_BSDCOMP: 1236 if (len < 3) { 1237 ND_PRINT(" (length bogus, should be >= 3)"); 1238 return len; 1239 } 1240 ND_PRINT(": Version: %u, Dictionary Bits: %u", 1241 GET_U_1(p + 2) >> 5, 1242 GET_U_1(p + 2) & 0x1f); 1243 break; 1244 case CCPOPT_MVRCA: 1245 if (len < 4) { 1246 ND_PRINT(" (length bogus, should be >= 4)"); 1247 return len; 1248 } 1249 ND_PRINT(": Features: %u, PxP: %s, History: %u, #CTX-ID: %u", 1250 (GET_U_1(p + 2) & 0xc0) >> 6, 1251 (GET_U_1(p + 2) & 0x20) ? "Enabled" : "Disabled", 1252 GET_U_1(p + 2) & 0x1f, 1253 GET_U_1(p + 3)); 1254 break; 1255 case CCPOPT_DEFLATE: 1256 if (len < 4) { 1257 ND_PRINT(" (length bogus, should be >= 4)"); 1258 return len; 1259 } 1260 ND_PRINT(": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u", 1261 (GET_U_1(p + 2) & 0xf0) >> 4, 1262 ((GET_U_1(p + 2) & 0x0f) == 8) ? "zlib" : "unknown", 1263 GET_U_1(p + 2) & 0x0f, 1264 (GET_U_1(p + 3) & 0xfc) >> 2, 1265 GET_U_1(p + 3) & 0x03); 1266 break; 1267 1268 /* XXX: to be supported */ 1269 #if 0 1270 case CCPOPT_OUI: 1271 case CCPOPT_PRED1: 1272 case CCPOPT_PRED2: 1273 case CCPOPT_PJUMP: 1274 case CCPOPT_HPPPC: 1275 case CCPOPT_STACLZS: 1276 case CCPOPT_MPPC: 1277 case CCPOPT_GFZA: 1278 case CCPOPT_V42BIS: 1279 case CCPOPT_LZSDCP: 1280 case CCPOPT_DEC: 1281 case CCPOPT_RESV: 1282 break; 1283 #endif 1284 default: 1285 /* 1286 * Unknown option; dump it as raw bytes now if we're 1287 * not going to do so below. 1288 */ 1289 if (ndo->ndo_vflag < 2) 1290 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 1291 break; 1292 } 1293 if (ndo->ndo_vflag > 1) 1294 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 1295 1296 return len; 1297 1298 trunc: 1299 ND_PRINT("[|ccp]"); 1300 return 0; 1301 } 1302 1303 /* BACP config options */ 1304 static u_int 1305 print_bacp_config_options(netdissect_options *ndo, 1306 const u_char *p, u_int length) 1307 { 1308 u_int opt, len; 1309 1310 if (length < 2) 1311 return 0; 1312 ND_TCHECK_2(p); 1313 opt = GET_U_1(p); 1314 len = GET_U_1(p + 1); 1315 if (length < len) 1316 return 0; 1317 if (len < 2) { 1318 ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)", 1319 tok2str(bacconfopts_values, "Unknown", opt), 1320 opt, 1321 len); 1322 return 0; 1323 } 1324 1325 ND_PRINT("\n\t %s Option (0x%02x), length %u", 1326 tok2str(bacconfopts_values, "Unknown", opt), 1327 opt, 1328 len); 1329 1330 switch (opt) { 1331 case BACPOPT_FPEER: 1332 if (len != 6) { 1333 ND_PRINT(" (length bogus, should be = 6)"); 1334 return len; 1335 } 1336 ND_PRINT(": Magic-Num 0x%08x", GET_BE_U_4(p + 2)); 1337 break; 1338 default: 1339 /* 1340 * Unknown option; dump it as raw bytes now if we're 1341 * not going to do so below. 1342 */ 1343 if (ndo->ndo_vflag < 2) 1344 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); 1345 break; 1346 } 1347 if (ndo->ndo_vflag > 1) 1348 print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */ 1349 1350 return len; 1351 1352 trunc: 1353 ND_PRINT("[|bacp]"); 1354 return 0; 1355 } 1356 1357 /* 1358 * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes. 1359 * The length argument is the on-the-wire length, not the captured 1360 * length; we can only un-escape the captured part. 1361 */ 1362 static void 1363 ppp_hdlc(netdissect_options *ndo, 1364 const u_char *p, u_int length) 1365 { 1366 u_int caplen = ND_BYTES_AVAILABLE_AFTER(p); 1367 u_char *b, *t, c; 1368 const u_char *s; 1369 u_int i, proto; 1370 1371 if (caplen == 0) 1372 return; 1373 1374 if (length == 0) 1375 return; 1376 1377 b = (u_char *)malloc(caplen); 1378 if (b == NULL) { 1379 (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, 1380 "%s: malloc", __func__); 1381 } 1382 1383 /* 1384 * Unescape all the data into a temporary, private, buffer. 1385 * Do this so that we don't overwrite the original packet 1386 * contents. 1387 */ 1388 for (s = p, t = b, i = caplen; i != 0; i--) { 1389 c = GET_U_1(s); 1390 s++; 1391 if (c == 0x7d) { 1392 if (i <= 1) 1393 break; 1394 i--; 1395 c = GET_U_1(s) ^ 0x20; 1396 s++; 1397 } 1398 *t++ = c; 1399 } 1400 1401 /* 1402 * Switch to the output buffer for dissection, and save it 1403 * on the buffer stack so it can be freed; our caller must 1404 * pop it when done. 1405 */ 1406 if (!nd_push_buffer(ndo, b, b, (u_int)(t - b))) { 1407 free(b); 1408 (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, 1409 "%s: can't push buffer on buffer stack", __func__); 1410 } 1411 length = ND_BYTES_AVAILABLE_AFTER(b); 1412 1413 /* now lets guess about the payload codepoint format */ 1414 if (length < 1) 1415 goto trunc; 1416 proto = GET_U_1(b); /* start with a one-octet codepoint guess */ 1417 1418 switch (proto) { 1419 case PPP_IP: 1420 ip_print(ndo, b + 1, length - 1); 1421 goto cleanup; 1422 case PPP_IPV6: 1423 ip6_print(ndo, b + 1, length - 1); 1424 goto cleanup; 1425 default: /* no luck - try next guess */ 1426 break; 1427 } 1428 1429 if (length < 2) 1430 goto trunc; 1431 proto = GET_BE_U_2(b); /* next guess - load two octets */ 1432 1433 switch (proto) { 1434 case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */ 1435 if (length < 4) 1436 goto trunc; 1437 proto = GET_BE_U_2(b + 2); /* load the PPP proto-id */ 1438 if ((proto & 0xff00) == 0x7e00) 1439 ND_PRINT("(protocol 0x%04x invalid)", proto); 1440 else 1441 handle_ppp(ndo, proto, b + 4, length - 4); 1442 break; 1443 default: /* last guess - proto must be a PPP proto-id */ 1444 if ((proto & 0xff00) == 0x7e00) 1445 ND_PRINT("(protocol 0x%04x invalid)", proto); 1446 else 1447 handle_ppp(ndo, proto, b + 2, length - 2); 1448 break; 1449 } 1450 1451 cleanup: 1452 nd_pop_packet_info(ndo); 1453 return; 1454 1455 trunc: 1456 nd_pop_packet_info(ndo); 1457 nd_print_trunc(ndo); 1458 } 1459 1460 1461 /* PPP */ 1462 static void 1463 handle_ppp(netdissect_options *ndo, 1464 u_int proto, const u_char *p, u_int length) 1465 { 1466 if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */ 1467 ppp_hdlc(ndo, p - 1, length); 1468 return; 1469 } 1470 1471 switch (proto) { 1472 case PPP_LCP: /* fall through */ 1473 case PPP_IPCP: 1474 case PPP_OSICP: 1475 case PPP_MPLSCP: 1476 case PPP_IPV6CP: 1477 case PPP_CCP: 1478 case PPP_BACP: 1479 handle_ctrl_proto(ndo, proto, p, length); 1480 break; 1481 case PPP_ML: 1482 handle_mlppp(ndo, p, length); 1483 break; 1484 case PPP_CHAP: 1485 handle_chap(ndo, p, length); 1486 break; 1487 case PPP_PAP: 1488 handle_pap(ndo, p, length); 1489 break; 1490 case PPP_BAP: /* XXX: not yet completed */ 1491 handle_bap(ndo, p, length); 1492 break; 1493 case ETHERTYPE_IP: /*XXX*/ 1494 case PPP_VJNC: 1495 case PPP_IP: 1496 ip_print(ndo, p, length); 1497 break; 1498 case ETHERTYPE_IPV6: /*XXX*/ 1499 case PPP_IPV6: 1500 ip6_print(ndo, p, length); 1501 break; 1502 case ETHERTYPE_IPX: /*XXX*/ 1503 case PPP_IPX: 1504 ipx_print(ndo, p, length); 1505 break; 1506 case PPP_OSI: 1507 isoclns_print(ndo, p, length); 1508 break; 1509 case PPP_MPLS_UCAST: 1510 case PPP_MPLS_MCAST: 1511 mpls_print(ndo, p, length); 1512 break; 1513 case PPP_COMP: 1514 ND_PRINT("compressed PPP data"); 1515 break; 1516 default: 1517 ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)); 1518 print_unknown_data(ndo, p, "\n\t", length); 1519 break; 1520 } 1521 } 1522 1523 /* Standard PPP printer */ 1524 u_int 1525 ppp_print(netdissect_options *ndo, 1526 const u_char *p, u_int length) 1527 { 1528 u_int proto,ppp_header; 1529 u_int olen = length; /* _o_riginal length */ 1530 u_int hdr_len = 0; 1531 1532 ndo->ndo_protocol = "ppp"; 1533 /* 1534 * Here, we assume that p points to the Address and Control 1535 * field (if they present). 1536 */ 1537 if (length < 2) 1538 goto trunc; 1539 ppp_header = GET_BE_U_2(p); 1540 1541 switch(ppp_header) { 1542 case (PPP_PPPD_IN << 8 | PPP_CONTROL): 1543 if (ndo->ndo_eflag) ND_PRINT("In "); 1544 p += 2; 1545 length -= 2; 1546 hdr_len += 2; 1547 break; 1548 case (PPP_PPPD_OUT << 8 | PPP_CONTROL): 1549 if (ndo->ndo_eflag) ND_PRINT("Out "); 1550 p += 2; 1551 length -= 2; 1552 hdr_len += 2; 1553 break; 1554 case (PPP_ADDRESS << 8 | PPP_CONTROL): 1555 p += 2; /* ACFC not used */ 1556 length -= 2; 1557 hdr_len += 2; 1558 break; 1559 1560 default: 1561 break; 1562 } 1563 1564 if (length < 2) 1565 goto trunc; 1566 if (GET_U_1(p) % 2) { 1567 proto = GET_U_1(p); /* PFC is used */ 1568 p++; 1569 length--; 1570 hdr_len++; 1571 } else { 1572 proto = GET_BE_U_2(p); 1573 p += 2; 1574 length -= 2; 1575 hdr_len += 2; 1576 } 1577 1578 if (ndo->ndo_eflag) { 1579 const char *typestr; 1580 typestr = tok2str(ppptype2str, "unknown", proto); 1581 ND_PRINT("%s (0x%04x), length %u", 1582 typestr, 1583 proto, 1584 olen); 1585 if (*typestr == 'u') /* "unknown" */ 1586 return hdr_len; 1587 1588 ND_PRINT(": "); 1589 } 1590 1591 handle_ppp(ndo, proto, p, length); 1592 return (hdr_len); 1593 trunc: 1594 nd_print_trunc(ndo); 1595 return (0); 1596 } 1597 1598 1599 /* PPP I/F printer */ 1600 void 1601 ppp_if_print(netdissect_options *ndo, 1602 const struct pcap_pkthdr *h, const u_char *p) 1603 { 1604 u_int length = h->len; 1605 u_int caplen = h->caplen; 1606 1607 ndo->ndo_protocol = "ppp"; 1608 if (caplen < PPP_HDRLEN) { 1609 nd_print_trunc(ndo); 1610 ndo->ndo_ll_hdr_len += caplen; 1611 return; 1612 } 1613 ndo->ndo_ll_hdr_len += PPP_HDRLEN; 1614 1615 #if 0 1616 /* 1617 * XXX: seems to assume that there are 2 octets prepended to an 1618 * actual PPP frame. The 1st octet looks like Input/Output flag 1619 * while 2nd octet is unknown, at least to me 1620 * (mshindo@mshindo.net). 1621 * 1622 * That was what the original tcpdump code did. 1623 * 1624 * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound 1625 * packets and 0 for inbound packets - but only if the 1626 * protocol field has the 0x8000 bit set (i.e., it's a network 1627 * control protocol); it does so before running the packet through 1628 * "bpf_filter" to see if it should be discarded, and to see 1629 * if we should update the time we sent the most recent packet... 1630 * 1631 * ...but it puts the original address field back after doing 1632 * so. 1633 * 1634 * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion. 1635 * 1636 * I don't know if any PPP implementation handed up to a BPF 1637 * device packets with the first octet being 1 for outbound and 1638 * 0 for inbound packets, so I (guy@alum.mit.edu) don't know 1639 * whether that ever needs to be checked or not. 1640 * 1641 * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP, 1642 * and its tcpdump appears to assume that the frame always 1643 * begins with an address field and a control field, and that 1644 * the address field might be 0x0f or 0x8f, for Cisco 1645 * point-to-point with HDLC framing as per section 4.3.1 of RFC 1646 * 1547, as well as 0xff, for PPP in HDLC-like framing as per 1647 * RFC 1662. 1648 * 1649 * (Is the Cisco framing in question what DLT_C_HDLC, in 1650 * BSD/OS, is?) 1651 */ 1652 if (ndo->ndo_eflag) 1653 ND_PRINT("%c %4d %02x ", GET_U_1(p) ? 'O' : 'I', 1654 length, GET_U_1(p + 1)); 1655 #endif 1656 1657 ppp_print(ndo, p, length); 1658 } 1659 1660 /* 1661 * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like 1662 * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547, 1663 * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL, 1664 * discard them *if* those are the first two octets, and parse the remaining 1665 * packet as a PPP packet, as "ppp_print()" does). 1666 * 1667 * This handles, for example, DLT_PPP_SERIAL in NetBSD. 1668 */ 1669 void 1670 ppp_hdlc_if_print(netdissect_options *ndo, 1671 const struct pcap_pkthdr *h, const u_char *p) 1672 { 1673 u_int length = h->len; 1674 u_int caplen = h->caplen; 1675 u_int proto; 1676 u_int hdrlen = 0; 1677 1678 ndo->ndo_protocol = "ppp_hdlc"; 1679 if (caplen < 2) { 1680 nd_print_trunc(ndo); 1681 ndo->ndo_ll_hdr_len += caplen; 1682 return; 1683 } 1684 1685 switch (GET_U_1(p)) { 1686 1687 case PPP_ADDRESS: 1688 if (caplen < 4) { 1689 nd_print_trunc(ndo); 1690 ndo->ndo_ll_hdr_len += caplen; 1691 return; 1692 } 1693 1694 if (ndo->ndo_eflag) 1695 ND_PRINT("%02x %02x %u ", GET_U_1(p), 1696 GET_U_1(p + 1), length); 1697 p += 2; 1698 length -= 2; 1699 hdrlen += 2; 1700 1701 proto = GET_BE_U_2(p); 1702 p += 2; 1703 length -= 2; 1704 hdrlen += 2; 1705 ND_PRINT("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto)); 1706 1707 handle_ppp(ndo, proto, p, length); 1708 break; 1709 1710 case CHDLC_UNICAST: 1711 case CHDLC_BCAST: 1712 chdlc_if_print(ndo, h, p); 1713 return; 1714 1715 default: 1716 if (caplen < 4) { 1717 nd_print_trunc(ndo); 1718 ndo->ndo_ll_hdr_len += caplen; 1719 return; 1720 } 1721 1722 if (ndo->ndo_eflag) 1723 ND_PRINT("%02x %02x %u ", GET_U_1(p), 1724 GET_U_1(p + 1), length); 1725 p += 2; 1726 hdrlen += 2; 1727 1728 /* 1729 * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats 1730 * the next two octets as an Ethernet type; does that 1731 * ever happen? 1732 */ 1733 ND_PRINT("unknown addr %02x; ctrl %02x", GET_U_1(p), 1734 GET_U_1(p + 1)); 1735 break; 1736 } 1737 1738 ndo->ndo_ll_hdr_len += hdrlen; 1739 } 1740 1741 #define PPP_BSDI_HDRLEN 24 1742 1743 /* BSD/OS specific PPP printer */ 1744 void 1745 ppp_bsdos_if_print(netdissect_options *ndo, 1746 const struct pcap_pkthdr *h _U_, const u_char *p _U_) 1747 { 1748 u_int hdrlength; 1749 #ifdef __bsdi__ 1750 u_int length = h->len; 1751 u_int caplen = h->caplen; 1752 uint16_t ptype; 1753 uint8_t llhl; 1754 const u_char *q; 1755 u_int i; 1756 1757 ndo->ndo_protocol = "ppp_bsdos"; 1758 if (caplen < PPP_BSDI_HDRLEN) { 1759 nd_print_trunc(ndo); 1760 ndo->ndo_ll_hdr_len += caplen; 1761 return; 1762 } 1763 1764 hdrlength = 0; 1765 1766 #if 0 1767 if (GET_U_1(p) == PPP_ADDRESS && 1768 GET_U_1(p + 1) == PPP_CONTROL) { 1769 if (ndo->ndo_eflag) 1770 ND_PRINT("%02x %02x ", GET_U_1(p), 1771 GET_U_1(p + 1)); 1772 p += 2; 1773 hdrlength = 2; 1774 } 1775 1776 if (ndo->ndo_eflag) 1777 ND_PRINT("%u ", length); 1778 /* Retrieve the protocol type */ 1779 if (GET_U_1(p) & 01) { 1780 /* Compressed protocol field */ 1781 ptype = GET_U_1(p); 1782 if (ndo->ndo_eflag) 1783 ND_PRINT("%02x ", ptype); 1784 p++; 1785 hdrlength += 1; 1786 } else { 1787 /* Un-compressed protocol field */ 1788 ptype = GET_BE_U_2(p); 1789 if (ndo->ndo_eflag) 1790 ND_PRINT("%04x ", ptype); 1791 p += 2; 1792 hdrlength += 2; 1793 } 1794 #else 1795 ptype = 0; /*XXX*/ 1796 if (ndo->ndo_eflag) 1797 ND_PRINT("%c ", GET_U_1(p + SLC_DIR) ? 'O' : 'I'); 1798 llhl = GET_U_1(p + SLC_LLHL); 1799 if (llhl) { 1800 /* link level header */ 1801 struct ppp_header *ph; 1802 1803 q = p + SLC_BPFHDRLEN; 1804 ph = (struct ppp_header *)q; 1805 if (ph->phdr_addr == PPP_ADDRESS 1806 && ph->phdr_ctl == PPP_CONTROL) { 1807 if (ndo->ndo_eflag) 1808 ND_PRINT("%02x %02x ", GET_U_1(q), 1809 GET_U_1(q + 1)); 1810 ptype = GET_BE_U_2(&ph->phdr_type); 1811 if (ndo->ndo_eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) { 1812 ND_PRINT("%s ", tok2str(ppptype2str, 1813 "proto-#%u", ptype)); 1814 } 1815 } else { 1816 if (ndo->ndo_eflag) { 1817 ND_PRINT("LLH=["); 1818 for (i = 0; i < llhl; i++) 1819 ND_PRINT("%02x", GET_U_1(q + i)); 1820 ND_PRINT("] "); 1821 } 1822 } 1823 } 1824 if (ndo->ndo_eflag) 1825 ND_PRINT("%u ", length); 1826 if (GET_U_1(p + SLC_CHL)) { 1827 q = p + SLC_BPFHDRLEN + llhl; 1828 1829 switch (ptype) { 1830 case PPP_VJC: 1831 ptype = vjc_print(ndo, q, ptype); 1832 hdrlength = PPP_BSDI_HDRLEN; 1833 p += hdrlength; 1834 switch (ptype) { 1835 case PPP_IP: 1836 ip_print(ndo, p, length); 1837 break; 1838 case PPP_IPV6: 1839 ip6_print(ndo, p, length); 1840 break; 1841 case PPP_MPLS_UCAST: 1842 case PPP_MPLS_MCAST: 1843 mpls_print(ndo, p, length); 1844 break; 1845 } 1846 goto printx; 1847 case PPP_VJNC: 1848 ptype = vjc_print(ndo, q, ptype); 1849 hdrlength = PPP_BSDI_HDRLEN; 1850 p += hdrlength; 1851 switch (ptype) { 1852 case PPP_IP: 1853 ip_print(ndo, p, length); 1854 break; 1855 case PPP_IPV6: 1856 ip6_print(ndo, p, length); 1857 break; 1858 case PPP_MPLS_UCAST: 1859 case PPP_MPLS_MCAST: 1860 mpls_print(ndo, p, length); 1861 break; 1862 } 1863 goto printx; 1864 default: 1865 if (ndo->ndo_eflag) { 1866 ND_PRINT("CH=["); 1867 for (i = 0; i < llhl; i++) 1868 ND_PRINT("%02x", 1869 GET_U_1(q + i)); 1870 ND_PRINT("] "); 1871 } 1872 break; 1873 } 1874 } 1875 1876 hdrlength = PPP_BSDI_HDRLEN; 1877 #endif 1878 1879 length -= hdrlength; 1880 p += hdrlength; 1881 1882 switch (ptype) { 1883 case PPP_IP: 1884 ip_print(p, length); 1885 break; 1886 case PPP_IPV6: 1887 ip6_print(ndo, p, length); 1888 break; 1889 case PPP_MPLS_UCAST: 1890 case PPP_MPLS_MCAST: 1891 mpls_print(ndo, p, length); 1892 break; 1893 default: 1894 ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype)); 1895 } 1896 1897 printx: 1898 #else /* __bsdi */ 1899 hdrlength = 0; 1900 #endif /* __bsdi__ */ 1901 ndo->ndo_ll_hdr_len += hdrlength; 1902 } 1903