summaryrefslogtreecommitdiffstats
path: root/print-ppp.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:41:34 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:41:34 +0000
commitf7b5fc832288fae3f5a0f3d24b96782252aabbaf (patch)
tree711bd849ca1348d3c97dc9bbbd157b80e9c410aa /print-ppp.c
parentInitial commit. (diff)
downloadtcpdump-upstream.tar.xz
tcpdump-upstream.zip
Adding upstream version 4.99.3.upstream/4.99.3upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'print-ppp.c')
-rw-r--r--print-ppp.c1897
1 files changed, 1897 insertions, 0 deletions
diff --git a/print-ppp.c b/print-ppp.c
new file mode 100644
index 0000000..aba243d
--- /dev/null
+++ b/print-ppp.c
@@ -0,0 +1,1897 @@
+/*
+ * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more
+ * complete PPP support.
+ */
+
+/* \summary: Point to Point Protocol (PPP) printer */
+
+/*
+ * TODO:
+ * o resolve XXX as much as possible
+ * o MP support
+ * o BAP support
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include "netdissect-stdinc.h"
+
+#ifdef __bsdi__
+#include <net/slcompress.h>
+#include <net/if_ppp.h>
+#endif
+
+#include "netdissect.h"
+#include "extract.h"
+#include "addrtoname.h"
+#include "ppp.h"
+#include "chdlc.h"
+#include "ethertype.h"
+#include "oui.h"
+#include "netdissect-alloc.h"
+
+/*
+ * The following constants are defined by IANA. Please refer to
+ * https://www.isi.edu/in-notes/iana/assignments/ppp-numbers
+ * for the up-to-date information.
+ */
+
+/* Protocol Codes defined in ppp.h */
+
+static const struct tok ppptype2str[] = {
+ { PPP_IP, "IP" },
+ { PPP_OSI, "OSI" },
+ { PPP_NS, "NS" },
+ { PPP_DECNET, "DECNET" },
+ { PPP_APPLE, "APPLE" },
+ { PPP_IPX, "IPX" },
+ { PPP_VJC, "VJC IP" },
+ { PPP_VJNC, "VJNC IP" },
+ { PPP_BRPDU, "BRPDU" },
+ { PPP_STII, "STII" },
+ { PPP_VINES, "VINES" },
+ { PPP_MPLS_UCAST, "MPLS" },
+ { PPP_MPLS_MCAST, "MPLS" },
+ { PPP_COMP, "Compressed"},
+ { PPP_ML, "MLPPP"},
+ { PPP_IPV6, "IP6"},
+
+ { PPP_HELLO, "HELLO" },
+ { PPP_LUXCOM, "LUXCOM" },
+ { PPP_SNS, "SNS" },
+ { PPP_IPCP, "IPCP" },
+ { PPP_OSICP, "OSICP" },
+ { PPP_NSCP, "NSCP" },
+ { PPP_DECNETCP, "DECNETCP" },
+ { PPP_APPLECP, "APPLECP" },
+ { PPP_IPXCP, "IPXCP" },
+ { PPP_STIICP, "STIICP" },
+ { PPP_VINESCP, "VINESCP" },
+ { PPP_IPV6CP, "IP6CP" },
+ { PPP_MPLSCP, "MPLSCP" },
+
+ { PPP_LCP, "LCP" },
+ { PPP_PAP, "PAP" },
+ { PPP_LQM, "LQM" },
+ { PPP_CHAP, "CHAP" },
+ { PPP_EAP, "EAP" },
+ { PPP_SPAP, "SPAP" },
+ { PPP_SPAP_OLD, "Old-SPAP" },
+ { PPP_BACP, "BACP" },
+ { PPP_BAP, "BAP" },
+ { PPP_MPCP, "MLPPP-CP" },
+ { PPP_CCP, "CCP" },
+ { 0, NULL }
+};
+
+/* Control Protocols (LCP/IPCP/CCP etc.) Codes defined in RFC 1661 */
+
+#define CPCODES_VEXT 0 /* Vendor-Specific (RFC2153) */
+#define CPCODES_CONF_REQ 1 /* Configure-Request */
+#define CPCODES_CONF_ACK 2 /* Configure-Ack */
+#define CPCODES_CONF_NAK 3 /* Configure-Nak */
+#define CPCODES_CONF_REJ 4 /* Configure-Reject */
+#define CPCODES_TERM_REQ 5 /* Terminate-Request */
+#define CPCODES_TERM_ACK 6 /* Terminate-Ack */
+#define CPCODES_CODE_REJ 7 /* Code-Reject */
+#define CPCODES_PROT_REJ 8 /* Protocol-Reject (LCP only) */
+#define CPCODES_ECHO_REQ 9 /* Echo-Request (LCP only) */
+#define CPCODES_ECHO_RPL 10 /* Echo-Reply (LCP only) */
+#define CPCODES_DISC_REQ 11 /* Discard-Request (LCP only) */
+#define CPCODES_ID 12 /* Identification (LCP only) RFC1570 */
+#define CPCODES_TIME_REM 13 /* Time-Remaining (LCP only) RFC1570 */
+#define CPCODES_RESET_REQ 14 /* Reset-Request (CCP only) RFC1962 */
+#define CPCODES_RESET_REP 15 /* Reset-Reply (CCP only) */
+
+static const struct tok cpcodes[] = {
+ {CPCODES_VEXT, "Vendor-Extension"}, /* RFC2153 */
+ {CPCODES_CONF_REQ, "Conf-Request"},
+ {CPCODES_CONF_ACK, "Conf-Ack"},
+ {CPCODES_CONF_NAK, "Conf-Nack"},
+ {CPCODES_CONF_REJ, "Conf-Reject"},
+ {CPCODES_TERM_REQ, "Term-Request"},
+ {CPCODES_TERM_ACK, "Term-Ack"},
+ {CPCODES_CODE_REJ, "Code-Reject"},
+ {CPCODES_PROT_REJ, "Prot-Reject"},
+ {CPCODES_ECHO_REQ, "Echo-Request"},
+ {CPCODES_ECHO_RPL, "Echo-Reply"},
+ {CPCODES_DISC_REQ, "Disc-Req"},
+ {CPCODES_ID, "Ident"}, /* RFC1570 */
+ {CPCODES_TIME_REM, "Time-Rem"}, /* RFC1570 */
+ {CPCODES_RESET_REQ, "Reset-Req"}, /* RFC1962 */
+ {CPCODES_RESET_REP, "Reset-Ack"}, /* RFC1962 */
+ {0, NULL}
+};
+
+/* LCP Config Options */
+
+#define LCPOPT_VEXT 0
+#define LCPOPT_MRU 1
+#define LCPOPT_ACCM 2
+#define LCPOPT_AP 3
+#define LCPOPT_QP 4
+#define LCPOPT_MN 5
+#define LCPOPT_DEP6 6
+#define LCPOPT_PFC 7
+#define LCPOPT_ACFC 8
+#define LCPOPT_FCSALT 9
+#define LCPOPT_SDP 10
+#define LCPOPT_NUMMODE 11
+#define LCPOPT_DEP12 12
+#define LCPOPT_CBACK 13
+#define LCPOPT_DEP14 14
+#define LCPOPT_DEP15 15
+#define LCPOPT_DEP16 16
+#define LCPOPT_MLMRRU 17
+#define LCPOPT_MLSSNHF 18
+#define LCPOPT_MLED 19
+#define LCPOPT_PROP 20
+#define LCPOPT_DCEID 21
+#define LCPOPT_MPP 22
+#define LCPOPT_LD 23
+#define LCPOPT_LCPAOPT 24
+#define LCPOPT_COBS 25
+#define LCPOPT_PE 26
+#define LCPOPT_MLHF 27
+#define LCPOPT_I18N 28
+#define LCPOPT_SDLOS 29
+#define LCPOPT_PPPMUX 30
+
+static const char *lcpconfopts[] = {
+ "Vend-Ext", /* (0) */
+ "MRU", /* (1) */
+ "ACCM", /* (2) */
+ "Auth-Prot", /* (3) */
+ "Qual-Prot", /* (4) */
+ "Magic-Num", /* (5) */
+ "deprecated(6)", /* used to be a Quality Protocol */
+ "PFC", /* (7) */
+ "ACFC", /* (8) */
+ "FCS-Alt", /* (9) */
+ "SDP", /* (10) */
+ "Num-Mode", /* (11) */
+ "deprecated(12)", /* used to be a Multi-Link-Procedure*/
+ "Call-Back", /* (13) */
+ "deprecated(14)", /* used to be a Connect-Time */
+ "deprecated(15)", /* used to be a Compund-Frames */
+ "deprecated(16)", /* used to be a Nominal-Data-Encap */
+ "MRRU", /* (17) */
+ "12-Bit seq #", /* (18) */
+ "End-Disc", /* (19) */
+ "Proprietary", /* (20) */
+ "DCE-Id", /* (21) */
+ "MP+", /* (22) */
+ "Link-Disc", /* (23) */
+ "LCP-Auth-Opt", /* (24) */
+ "COBS", /* (25) */
+ "Prefix-elision", /* (26) */
+ "Multilink-header-Form",/* (27) */
+ "I18N", /* (28) */
+ "SDL-over-SONET/SDH", /* (29) */
+ "PPP-Muxing", /* (30) */
+};
+
+#define NUM_LCPOPTS (sizeof(lcpconfopts) / sizeof(lcpconfopts[0]))
+
+/* ECP - to be supported */
+
+/* CCP Config Options */
+
+#define CCPOPT_OUI 0 /* RFC1962 */
+#define CCPOPT_PRED1 1 /* RFC1962 */
+#define CCPOPT_PRED2 2 /* RFC1962 */
+#define CCPOPT_PJUMP 3 /* RFC1962 */
+/* 4-15 unassigned */
+#define CCPOPT_HPPPC 16 /* RFC1962 */
+#define CCPOPT_STACLZS 17 /* RFC1974 */
+#define CCPOPT_MPPC 18 /* RFC2118 */
+#define CCPOPT_GFZA 19 /* RFC1962 */
+#define CCPOPT_V42BIS 20 /* RFC1962 */
+#define CCPOPT_BSDCOMP 21 /* RFC1977 */
+/* 22 unassigned */
+#define CCPOPT_LZSDCP 23 /* RFC1967 */
+#define CCPOPT_MVRCA 24 /* RFC1975 */
+#define CCPOPT_DEC 25 /* RFC1976 */
+#define CCPOPT_DEFLATE 26 /* RFC1979 */
+/* 27-254 unassigned */
+#define CCPOPT_RESV 255 /* RFC1962 */
+
+static const struct tok ccpconfopts_values[] = {
+ { CCPOPT_OUI, "OUI" },
+ { CCPOPT_PRED1, "Pred-1" },
+ { CCPOPT_PRED2, "Pred-2" },
+ { CCPOPT_PJUMP, "Puddle" },
+ { CCPOPT_HPPPC, "HP-PPC" },
+ { CCPOPT_STACLZS, "Stac-LZS" },
+ { CCPOPT_MPPC, "MPPC" },
+ { CCPOPT_GFZA, "Gand-FZA" },
+ { CCPOPT_V42BIS, "V.42bis" },
+ { CCPOPT_BSDCOMP, "BSD-Comp" },
+ { CCPOPT_LZSDCP, "LZS-DCP" },
+ { CCPOPT_MVRCA, "MVRCA" },
+ { CCPOPT_DEC, "DEC" },
+ { CCPOPT_DEFLATE, "Deflate" },
+ { CCPOPT_RESV, "Reserved"},
+ {0, NULL}
+};
+
+/* BACP Config Options */
+
+#define BACPOPT_FPEER 1 /* RFC2125 */
+
+static const struct tok bacconfopts_values[] = {
+ { BACPOPT_FPEER, "Favored-Peer" },
+ {0, NULL}
+};
+
+
+/* SDCP - to be supported */
+
+/* IPCP Config Options */
+#define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
+#define IPCPOPT_IPCOMP 2 /* RFC1332 */
+#define IPCPOPT_ADDR 3 /* RFC1332 */
+#define IPCPOPT_MOBILE4 4 /* RFC2290 */
+#define IPCPOPT_PRIDNS 129 /* RFC1877 */
+#define IPCPOPT_PRINBNS 130 /* RFC1877 */
+#define IPCPOPT_SECDNS 131 /* RFC1877 */
+#define IPCPOPT_SECNBNS 132 /* RFC1877 */
+
+static const struct tok ipcpopt_values[] = {
+ { IPCPOPT_2ADDR, "IP-Addrs" },
+ { IPCPOPT_IPCOMP, "IP-Comp" },
+ { IPCPOPT_ADDR, "IP-Addr" },
+ { IPCPOPT_MOBILE4, "Home-Addr" },
+ { IPCPOPT_PRIDNS, "Pri-DNS" },
+ { IPCPOPT_PRINBNS, "Pri-NBNS" },
+ { IPCPOPT_SECDNS, "Sec-DNS" },
+ { IPCPOPT_SECNBNS, "Sec-NBNS" },
+ { 0, NULL }
+};
+
+#define IPCPOPT_IPCOMP_HDRCOMP 0x61 /* rfc3544 */
+#define IPCPOPT_IPCOMP_MINLEN 14
+
+static const struct tok ipcpopt_compproto_values[] = {
+ { PPP_VJC, "VJ-Comp" },
+ { IPCPOPT_IPCOMP_HDRCOMP, "IP Header Compression" },
+ { 0, NULL }
+};
+
+static const struct tok ipcpopt_compproto_subopt_values[] = {
+ { 1, "RTP-Compression" },
+ { 2, "Enhanced RTP-Compression" },
+ { 0, NULL }
+};
+
+/* IP6CP Config Options */
+#define IP6CP_IFID 1
+
+static const struct tok ip6cpopt_values[] = {
+ { IP6CP_IFID, "Interface-ID" },
+ { 0, NULL }
+};
+
+/* ATCP - to be supported */
+/* OSINLCP - to be supported */
+/* BVCP - to be supported */
+/* BCP - to be supported */
+/* IPXCP - to be supported */
+/* MPLSCP - to be supported */
+
+/* Auth Algorithms */
+
+/* 0-4 Reserved (RFC1994) */
+#define AUTHALG_CHAPMD5 5 /* RFC1994 */
+#define AUTHALG_MSCHAP1 128 /* RFC2433 */
+#define AUTHALG_MSCHAP2 129 /* RFC2795 */
+
+static const struct tok authalg_values[] = {
+ { AUTHALG_CHAPMD5, "MD5" },
+ { AUTHALG_MSCHAP1, "MS-CHAPv1" },
+ { AUTHALG_MSCHAP2, "MS-CHAPv2" },
+ { 0, NULL }
+};
+
+/* FCS Alternatives - to be supported */
+
+/* Multilink Endpoint Discriminator (RFC1717) */
+#define MEDCLASS_NULL 0 /* Null Class */
+#define MEDCLASS_LOCAL 1 /* Locally Assigned */
+#define MEDCLASS_IPV4 2 /* Internet Protocol (IPv4) */
+#define MEDCLASS_MAC 3 /* IEEE 802.1 global MAC address */
+#define MEDCLASS_MNB 4 /* PPP Magic Number Block */
+#define MEDCLASS_PSNDN 5 /* Public Switched Network Director Number */
+
+/* PPP LCP Callback */
+#define CALLBACK_AUTH 0 /* Location determined by user auth */
+#define CALLBACK_DSTR 1 /* Dialing string */
+#define CALLBACK_LID 2 /* Location identifier */
+#define CALLBACK_E164 3 /* E.164 number */
+#define CALLBACK_X500 4 /* X.500 distinguished name */
+#define CALLBACK_CBCP 6 /* Location is determined during CBCP nego */
+
+static const struct tok ppp_callback_values[] = {
+ { CALLBACK_AUTH, "UserAuth" },
+ { CALLBACK_DSTR, "DialString" },
+ { CALLBACK_LID, "LocalID" },
+ { CALLBACK_E164, "E.164" },
+ { CALLBACK_X500, "X.500" },
+ { CALLBACK_CBCP, "CBCP" },
+ { 0, NULL }
+};
+
+/* CHAP */
+
+#define CHAP_CHAL 1
+#define CHAP_RESP 2
+#define CHAP_SUCC 3
+#define CHAP_FAIL 4
+
+static const struct tok chapcode_values[] = {
+ { CHAP_CHAL, "Challenge" },
+ { CHAP_RESP, "Response" },
+ { CHAP_SUCC, "Success" },
+ { CHAP_FAIL, "Fail" },
+ { 0, NULL}
+};
+
+/* PAP */
+
+#define PAP_AREQ 1
+#define PAP_AACK 2
+#define PAP_ANAK 3
+
+static const struct tok papcode_values[] = {
+ { PAP_AREQ, "Auth-Req" },
+ { PAP_AACK, "Auth-ACK" },
+ { PAP_ANAK, "Auth-NACK" },
+ { 0, NULL }
+};
+
+/* BAP */
+#define BAP_CALLREQ 1
+#define BAP_CALLRES 2
+#define BAP_CBREQ 3
+#define BAP_CBRES 4
+#define BAP_LDQREQ 5
+#define BAP_LDQRES 6
+#define BAP_CSIND 7
+#define BAP_CSRES 8
+
+static u_int print_lcp_config_options(netdissect_options *, const u_char *p, u_int);
+static u_int print_ipcp_config_options(netdissect_options *, const u_char *p, u_int);
+static u_int print_ip6cp_config_options(netdissect_options *, const u_char *p, u_int);
+static u_int print_ccp_config_options(netdissect_options *, const u_char *p, u_int);
+static u_int print_bacp_config_options(netdissect_options *, const u_char *p, u_int);
+static void handle_ppp(netdissect_options *, u_int proto, const u_char *p, u_int length);
+
+/* generic Control Protocol (e.g. LCP, IPCP, CCP, etc.) handler */
+static void
+handle_ctrl_proto(netdissect_options *ndo,
+ u_int proto, const u_char *pptr, u_int length)
+{
+ const char *typestr;
+ u_int code, len;
+ u_int (*pfunc)(netdissect_options *, const u_char *, u_int);
+ u_int tlen, advance;
+ const u_char *tptr;
+
+ tptr=pptr;
+
+ typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
+ ND_PRINT("%s, ", typestr);
+
+ if (length < 4) /* FIXME weak boundary checking */
+ goto trunc;
+ ND_TCHECK_2(tptr);
+
+ code = GET_U_1(tptr);
+ tptr++;
+
+ ND_PRINT("%s (0x%02x), id %u, length %u",
+ tok2str(cpcodes, "Unknown Opcode",code),
+ code,
+ GET_U_1(tptr), /* ID */
+ length + 2);
+ tptr++;
+
+ if (!ndo->ndo_vflag)
+ return;
+
+ len = GET_BE_U_2(tptr);
+ tptr += 2;
+
+ if (len < 4) {
+ ND_PRINT("\n\tencoded length %u (< 4))", len);
+ return;
+ }
+
+ if (len > length) {
+ ND_PRINT("\n\tencoded length %u (> packet length %u))", len, length);
+ return;
+ }
+ length = len;
+
+ ND_PRINT("\n\tencoded length %u (=Option(s) length %u)", len, len - 4);
+
+ if (length == 4)
+ return; /* there may be a NULL confreq etc. */
+
+ if (ndo->ndo_vflag > 1)
+ print_unknown_data(ndo, pptr - 2, "\n\t", 6);
+
+
+ switch (code) {
+ case CPCODES_VEXT:
+ if (length < 11)
+ break;
+ ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr));
+ tptr += 4;
+ ND_PRINT(" Vendor: %s (%u)",
+ tok2str(oui_values,"Unknown",GET_BE_U_3(tptr)),
+ GET_BE_U_3(tptr));
+ /* XXX: need to decode Kind and Value(s)? */
+ break;
+ case CPCODES_CONF_REQ:
+ case CPCODES_CONF_ACK:
+ case CPCODES_CONF_NAK:
+ case CPCODES_CONF_REJ:
+ tlen = len - 4; /* Code(1), Identifier(1) and Length(2) */
+ do {
+ switch (proto) {
+ case PPP_LCP:
+ pfunc = print_lcp_config_options;
+ break;
+ case PPP_IPCP:
+ pfunc = print_ipcp_config_options;
+ break;
+ case PPP_IPV6CP:
+ pfunc = print_ip6cp_config_options;
+ break;
+ case PPP_CCP:
+ pfunc = print_ccp_config_options;
+ break;
+ case PPP_BACP:
+ pfunc = print_bacp_config_options;
+ break;
+ default:
+ /*
+ * No print routine for the options for
+ * this protocol.
+ */
+ pfunc = NULL;
+ break;
+ }
+
+ if (pfunc == NULL) /* catch the above null pointer if unknown CP */
+ break;
+
+ if ((advance = (*pfunc)(ndo, tptr, len)) == 0)
+ break;
+ if (tlen < advance) {
+ ND_PRINT(" [remaining options length %u < %u]",
+ tlen, advance);
+ nd_print_invalid(ndo);
+ break;
+ }
+ tlen -= advance;
+ tptr += advance;
+ } while (tlen != 0);
+ break;
+
+ case CPCODES_TERM_REQ:
+ case CPCODES_TERM_ACK:
+ /* XXX: need to decode Data? */
+ break;
+ case CPCODES_CODE_REJ:
+ /* XXX: need to decode Rejected-Packet? */
+ break;
+ case CPCODES_PROT_REJ:
+ if (length < 6)
+ break;
+ ND_PRINT("\n\t Rejected %s Protocol (0x%04x)",
+ tok2str(ppptype2str,"unknown", GET_BE_U_2(tptr)),
+ GET_BE_U_2(tptr));
+ /* XXX: need to decode Rejected-Information? - hexdump for now */
+ if (len > 6) {
+ ND_PRINT("\n\t Rejected Packet");
+ print_unknown_data(ndo, tptr + 2, "\n\t ", len - 2);
+ }
+ break;
+ case CPCODES_ECHO_REQ:
+ case CPCODES_ECHO_RPL:
+ case CPCODES_DISC_REQ:
+ if (length < 8)
+ break;
+ ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr));
+ /* XXX: need to decode Data? - hexdump for now */
+ if (len > 8) {
+ ND_PRINT("\n\t -----trailing data-----");
+ ND_TCHECK_LEN(tptr + 4, len - 8);
+ print_unknown_data(ndo, tptr + 4, "\n\t ", len - 8);
+ }
+ break;
+ case CPCODES_ID:
+ if (length < 8)
+ break;
+ ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr));
+ /* RFC 1661 says this is intended to be human readable */
+ if (len > 8) {
+ ND_PRINT("\n\t Message\n\t ");
+ if (nd_printn(ndo, tptr + 4, len - 4, ndo->ndo_snapend))
+ goto trunc;
+ }
+ break;
+ case CPCODES_TIME_REM:
+ if (length < 12)
+ break;
+ ND_PRINT("\n\t Magic-Num 0x%08x", GET_BE_U_4(tptr));
+ ND_PRINT(", Seconds-Remaining %us", GET_BE_U_4(tptr + 4));
+ /* XXX: need to decode Message? */
+ break;
+ default:
+ /* XXX this is dirty but we do not get the
+ * original pointer passed to the begin
+ * the PPP packet */
+ if (ndo->ndo_vflag <= 1)
+ print_unknown_data(ndo, pptr - 2, "\n\t ", length + 2);
+ break;
+ }
+ return;
+
+trunc:
+ ND_PRINT("[|%s]", typestr);
+}
+
+/* LCP config options */
+static u_int
+print_lcp_config_options(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int opt, len;
+
+ if (length < 2)
+ return 0;
+ ND_TCHECK_2(p);
+ opt = GET_U_1(p);
+ len = GET_U_1(p + 1);
+ if (length < len)
+ return 0;
+ if (len < 2) {
+ if (opt < NUM_LCPOPTS)
+ ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
+ lcpconfopts[opt], opt, len);
+ else
+ ND_PRINT("\n\tunknown LCP option 0x%02x", opt);
+ return 0;
+ }
+ if (opt < NUM_LCPOPTS)
+ ND_PRINT("\n\t %s Option (0x%02x), length %u", lcpconfopts[opt], opt, len);
+ else {
+ ND_PRINT("\n\tunknown LCP option 0x%02x", opt);
+ return len;
+ }
+
+ switch (opt) {
+ case LCPOPT_VEXT:
+ if (len < 6) {
+ ND_PRINT(" (length bogus, should be >= 6)");
+ return len;
+ }
+ ND_PRINT(": Vendor: %s (%u)",
+ tok2str(oui_values,"Unknown",GET_BE_U_3(p + 2)),
+ GET_BE_U_3(p + 2));
+#if 0
+ ND_PRINT(", kind: 0x%02x", GET_U_1(p + 5));
+ ND_PRINT(", Value: 0x");
+ for (i = 0; i < len - 6; i++) {
+ ND_PRINT("%02x", GET_U_1(p + 6 + i));
+ }
+#endif
+ break;
+ case LCPOPT_MRU:
+ if (len != 4) {
+ ND_PRINT(" (length bogus, should be = 4)");
+ return len;
+ }
+ ND_PRINT(": %u", GET_BE_U_2(p + 2));
+ break;
+ case LCPOPT_ACCM:
+ if (len != 6) {
+ ND_PRINT(" (length bogus, should be = 6)");
+ return len;
+ }
+ ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2));
+ break;
+ case LCPOPT_AP:
+ if (len < 4) {
+ ND_PRINT(" (length bogus, should be >= 4)");
+ return len;
+ }
+ ND_PRINT(": %s",
+ tok2str(ppptype2str, "Unknown Auth Proto (0x04x)", GET_BE_U_2(p + 2)));
+
+ switch (GET_BE_U_2(p + 2)) {
+ case PPP_CHAP:
+ ND_PRINT(", %s",
+ tok2str(authalg_values, "Unknown Auth Alg %u", GET_U_1(p + 4)));
+ break;
+ case PPP_PAP: /* fall through */
+ case PPP_EAP:
+ case PPP_SPAP:
+ case PPP_SPAP_OLD:
+ break;
+ default:
+ print_unknown_data(ndo, p, "\n\t", len);
+ }
+ break;
+ case LCPOPT_QP:
+ if (len < 4) {
+ ND_PRINT(" (length bogus, should be >= 4)");
+ return 0;
+ }
+ if (GET_BE_U_2(p + 2) == PPP_LQM)
+ ND_PRINT(": LQR");
+ else
+ ND_PRINT(": unknown");
+ break;
+ case LCPOPT_MN:
+ if (len != 6) {
+ ND_PRINT(" (length bogus, should be = 6)");
+ return 0;
+ }
+ ND_PRINT(": 0x%08x", GET_BE_U_4(p + 2));
+ break;
+ case LCPOPT_PFC:
+ break;
+ case LCPOPT_ACFC:
+ break;
+ case LCPOPT_LD:
+ if (len != 4) {
+ ND_PRINT(" (length bogus, should be = 4)");
+ return 0;
+ }
+ ND_PRINT(": 0x%04x", GET_BE_U_2(p + 2));
+ break;
+ case LCPOPT_CBACK:
+ if (len < 3) {
+ ND_PRINT(" (length bogus, should be >= 3)");
+ return 0;
+ }
+ ND_PRINT(": ");
+ ND_PRINT(": Callback Operation %s (%u)",
+ tok2str(ppp_callback_values, "Unknown", GET_U_1(p + 2)),
+ GET_U_1(p + 2));
+ break;
+ case LCPOPT_MLMRRU:
+ if (len != 4) {
+ ND_PRINT(" (length bogus, should be = 4)");
+ return 0;
+ }
+ ND_PRINT(": %u", GET_BE_U_2(p + 2));
+ break;
+ case LCPOPT_MLED:
+ if (len < 3) {
+ ND_PRINT(" (length bogus, should be >= 3)");
+ return 0;
+ }
+ switch (GET_U_1(p + 2)) { /* class */
+ case MEDCLASS_NULL:
+ ND_PRINT(": Null");
+ break;
+ case MEDCLASS_LOCAL:
+ ND_PRINT(": Local"); /* XXX */
+ break;
+ case MEDCLASS_IPV4:
+ if (len != 7) {
+ ND_PRINT(" (length bogus, should be = 7)");
+ return 0;
+ }
+ ND_PRINT(": IPv4 %s", GET_IPADDR_STRING(p + 3));
+ break;
+ case MEDCLASS_MAC:
+ if (len != 9) {
+ ND_PRINT(" (length bogus, should be = 9)");
+ return 0;
+ }
+ ND_PRINT(": MAC %s", GET_ETHERADDR_STRING(p + 3));
+ break;
+ case MEDCLASS_MNB:
+ ND_PRINT(": Magic-Num-Block"); /* XXX */
+ break;
+ case MEDCLASS_PSNDN:
+ ND_PRINT(": PSNDN"); /* XXX */
+ break;
+ default:
+ ND_PRINT(": Unknown class %u", GET_U_1(p + 2));
+ break;
+ }
+ break;
+
+/* XXX: to be supported */
+#if 0
+ case LCPOPT_DEP6:
+ case LCPOPT_FCSALT:
+ case LCPOPT_SDP:
+ case LCPOPT_NUMMODE:
+ case LCPOPT_DEP12:
+ case LCPOPT_DEP14:
+ case LCPOPT_DEP15:
+ case LCPOPT_DEP16:
+ case LCPOPT_MLSSNHF:
+ case LCPOPT_PROP:
+ case LCPOPT_DCEID:
+ case LCPOPT_MPP:
+ case LCPOPT_LCPAOPT:
+ case LCPOPT_COBS:
+ case LCPOPT_PE:
+ case LCPOPT_MLHF:
+ case LCPOPT_I18N:
+ case LCPOPT_SDLOS:
+ case LCPOPT_PPPMUX:
+ break;
+#endif
+ default:
+ /*
+ * Unknown option; dump it as raw bytes now if we're
+ * not going to do so below.
+ */
+ if (ndo->ndo_vflag < 2)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
+ break;
+ }
+
+ if (ndo->ndo_vflag > 1)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
+
+ return len;
+
+trunc:
+ ND_PRINT("[|lcp]");
+ return 0;
+}
+
+/* ML-PPP*/
+static const struct tok ppp_ml_flag_values[] = {
+ { 0x80, "begin" },
+ { 0x40, "end" },
+ { 0, NULL }
+};
+
+static void
+handle_mlppp(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ if (!ndo->ndo_eflag)
+ ND_PRINT("MLPPP, ");
+
+ if (length < 2) {
+ ND_PRINT("[|mlppp]");
+ return;
+ }
+ if (!ND_TTEST_2(p)) {
+ ND_PRINT("[|mlppp]");
+ return;
+ }
+
+ ND_PRINT("seq 0x%03x, Flags [%s], length %u",
+ (GET_BE_U_2(p))&0x0fff,
+ /* only support 12-Bit sequence space for now */
+ bittok2str(ppp_ml_flag_values, "none", GET_U_1(p) & 0xc0),
+ length);
+}
+
+/* CHAP */
+static void
+handle_chap(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int code, len;
+ u_int val_size, name_size, msg_size;
+ const u_char *p0;
+ u_int i;
+
+ p0 = p;
+ if (length < 1) {
+ ND_PRINT("[|chap]");
+ return;
+ } else if (length < 4) {
+ ND_PRINT("[|chap 0x%02x]", GET_U_1(p));
+ return;
+ }
+
+ code = GET_U_1(p);
+ ND_PRINT("CHAP, %s (0x%02x)",
+ tok2str(chapcode_values,"unknown",code),
+ code);
+ p++;
+
+ ND_PRINT(", id %u", GET_U_1(p)); /* ID */
+ p++;
+
+ len = GET_BE_U_2(p);
+ p += 2;
+
+ /*
+ * Note that this is a generic CHAP decoding routine. Since we
+ * don't know which flavor of CHAP (i.e. CHAP-MD5, MS-CHAPv1,
+ * MS-CHAPv2) is used at this point, we can't decode packet
+ * specifically to each algorithms. Instead, we simply decode
+ * the GCD (Gratest Common Denominator) for all algorithms.
+ */
+ switch (code) {
+ case CHAP_CHAL:
+ case CHAP_RESP:
+ if (length - (p - p0) < 1)
+ return;
+ val_size = GET_U_1(p); /* value size */
+ p++;
+ if (length - (p - p0) < val_size)
+ return;
+ ND_PRINT(", Value ");
+ for (i = 0; i < val_size; i++) {
+ ND_PRINT("%02x", GET_U_1(p));
+ p++;
+ }
+ name_size = len - (u_int)(p - p0);
+ ND_PRINT(", Name ");
+ for (i = 0; i < name_size; i++) {
+ fn_print_char(ndo, GET_U_1(p));
+ p++;
+ }
+ break;
+ case CHAP_SUCC:
+ case CHAP_FAIL:
+ msg_size = len - (u_int)(p - p0);
+ ND_PRINT(", Msg ");
+ for (i = 0; i< msg_size; i++) {
+ fn_print_char(ndo, GET_U_1(p));
+ p++;
+ }
+ break;
+ }
+}
+
+/* PAP (see RFC 1334) */
+static void
+handle_pap(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int code, len;
+ u_int peerid_len, passwd_len, msg_len;
+ const u_char *p0;
+ u_int i;
+
+ p0 = p;
+ if (length < 1) {
+ ND_PRINT("[|pap]");
+ return;
+ } else if (length < 4) {
+ ND_PRINT("[|pap 0x%02x]", GET_U_1(p));
+ return;
+ }
+
+ code = GET_U_1(p);
+ ND_PRINT("PAP, %s (0x%02x)",
+ tok2str(papcode_values, "unknown", code),
+ code);
+ p++;
+
+ ND_PRINT(", id %u", GET_U_1(p)); /* ID */
+ p++;
+
+ len = GET_BE_U_2(p);
+ p += 2;
+
+ if (len > length) {
+ ND_PRINT(", length %u > packet size", len);
+ return;
+ }
+ length = len;
+ if (length < (size_t)(p - p0)) {
+ ND_PRINT(", length %u < PAP header length", length);
+ return;
+ }
+
+ switch (code) {
+ case PAP_AREQ:
+ /* A valid Authenticate-Request is 6 or more octets long. */
+ if (len < 6)
+ goto trunc;
+ if (length - (p - p0) < 1)
+ return;
+ peerid_len = GET_U_1(p); /* Peer-ID Length */
+ p++;
+ if (length - (p - p0) < peerid_len)
+ return;
+ ND_PRINT(", Peer ");
+ for (i = 0; i < peerid_len; i++) {
+ fn_print_char(ndo, GET_U_1(p));
+ p++;
+ }
+
+ if (length - (p - p0) < 1)
+ return;
+ passwd_len = GET_U_1(p); /* Password Length */
+ p++;
+ if (length - (p - p0) < passwd_len)
+ return;
+ ND_PRINT(", Name ");
+ for (i = 0; i < passwd_len; i++) {
+ fn_print_char(ndo, GET_U_1(p));
+ p++;
+ }
+ break;
+ case PAP_AACK:
+ case PAP_ANAK:
+ /* Although some implementations ignore truncation at
+ * this point and at least one generates a truncated
+ * packet, RFC 1334 section 2.2.2 clearly states that
+ * both AACK and ANAK are at least 5 bytes long.
+ */
+ if (len < 5)
+ goto trunc;
+ if (length - (p - p0) < 1)
+ return;
+ msg_len = GET_U_1(p); /* Msg-Length */
+ p++;
+ if (length - (p - p0) < msg_len)
+ return;
+ ND_PRINT(", Msg ");
+ for (i = 0; i< msg_len; i++) {
+ fn_print_char(ndo, GET_U_1(p));
+ p++;
+ }
+ break;
+ }
+ return;
+
+trunc:
+ ND_PRINT("[|pap]");
+}
+
+/* BAP */
+static void
+handle_bap(netdissect_options *ndo _U_,
+ const u_char *p _U_, u_int length _U_)
+{
+ /* XXX: to be supported!! */
+}
+
+
+/* IPCP config options */
+static u_int
+print_ipcp_config_options(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int opt, len;
+ u_int compproto, ipcomp_subopttotallen, ipcomp_subopt, ipcomp_suboptlen;
+
+ if (length < 2)
+ return 0;
+ ND_TCHECK_2(p);
+ opt = GET_U_1(p);
+ len = GET_U_1(p + 1);
+ if (length < len)
+ return 0;
+ if (len < 2) {
+ ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
+ tok2str(ipcpopt_values,"unknown",opt),
+ opt,
+ len);
+ return 0;
+ }
+
+ ND_PRINT("\n\t %s Option (0x%02x), length %u",
+ tok2str(ipcpopt_values,"unknown",opt),
+ opt,
+ len);
+
+ switch (opt) {
+ case IPCPOPT_2ADDR: /* deprecated */
+ if (len != 10) {
+ ND_PRINT(" (length bogus, should be = 10)");
+ return len;
+ }
+ ND_PRINT(": src %s, dst %s",
+ GET_IPADDR_STRING(p + 2),
+ GET_IPADDR_STRING(p + 6));
+ break;
+ case IPCPOPT_IPCOMP:
+ if (len < 4) {
+ ND_PRINT(" (length bogus, should be >= 4)");
+ return 0;
+ }
+ compproto = GET_BE_U_2(p + 2);
+
+ ND_PRINT(": %s (0x%02x):",
+ tok2str(ipcpopt_compproto_values, "Unknown", compproto),
+ compproto);
+
+ switch (compproto) {
+ case PPP_VJC:
+ /* XXX: VJ-Comp parameters should be decoded */
+ break;
+ case IPCPOPT_IPCOMP_HDRCOMP:
+ if (len < IPCPOPT_IPCOMP_MINLEN) {
+ ND_PRINT(" (length bogus, should be >= %u)",
+ IPCPOPT_IPCOMP_MINLEN);
+ return 0;
+ }
+
+ ND_TCHECK_LEN(p + 2, IPCPOPT_IPCOMP_MINLEN);
+ ND_PRINT("\n\t TCP Space %u, non-TCP Space %u"
+ ", maxPeriod %u, maxTime %u, maxHdr %u",
+ GET_BE_U_2(p + 4),
+ GET_BE_U_2(p + 6),
+ GET_BE_U_2(p + 8),
+ GET_BE_U_2(p + 10),
+ GET_BE_U_2(p + 12));
+
+ /* suboptions present ? */
+ if (len > IPCPOPT_IPCOMP_MINLEN) {
+ ipcomp_subopttotallen = len - IPCPOPT_IPCOMP_MINLEN;
+ p += IPCPOPT_IPCOMP_MINLEN;
+
+ ND_PRINT("\n\t Suboptions, length %u", ipcomp_subopttotallen);
+
+ while (ipcomp_subopttotallen >= 2) {
+ ND_TCHECK_2(p);
+ ipcomp_subopt = GET_U_1(p);
+ ipcomp_suboptlen = GET_U_1(p + 1);
+
+ /* sanity check */
+ if (ipcomp_subopt == 0 ||
+ ipcomp_suboptlen == 0 )
+ break;
+
+ /* XXX: just display the suboptions for now */
+ ND_PRINT("\n\t\t%s Suboption #%u, length %u",
+ tok2str(ipcpopt_compproto_subopt_values,
+ "Unknown",
+ ipcomp_subopt),
+ ipcomp_subopt,
+ ipcomp_suboptlen);
+ if (ipcomp_subopttotallen < ipcomp_suboptlen) {
+ ND_PRINT(" [remaining suboptions length %u < %u]",
+ ipcomp_subopttotallen, ipcomp_suboptlen);
+ nd_print_invalid(ndo);
+ break;
+ }
+ ipcomp_subopttotallen -= ipcomp_suboptlen;
+ p += ipcomp_suboptlen;
+ }
+ }
+ break;
+ default:
+ break;
+ }
+ break;
+
+ case IPCPOPT_ADDR: /* those options share the same format - fall through */
+ case IPCPOPT_MOBILE4:
+ case IPCPOPT_PRIDNS:
+ case IPCPOPT_PRINBNS:
+ case IPCPOPT_SECDNS:
+ case IPCPOPT_SECNBNS:
+ if (len != 6) {
+ ND_PRINT(" (length bogus, should be = 6)");
+ return 0;
+ }
+ ND_PRINT(": %s", GET_IPADDR_STRING(p + 2));
+ break;
+ default:
+ /*
+ * Unknown option; dump it as raw bytes now if we're
+ * not going to do so below.
+ */
+ if (ndo->ndo_vflag < 2)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
+ break;
+ }
+ if (ndo->ndo_vflag > 1)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
+ return len;
+
+trunc:
+ ND_PRINT("[|ipcp]");
+ return 0;
+}
+
+/* IP6CP config options */
+static u_int
+print_ip6cp_config_options(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int opt, len;
+
+ if (length < 2)
+ return 0;
+ ND_TCHECK_2(p);
+ opt = GET_U_1(p);
+ len = GET_U_1(p + 1);
+ if (length < len)
+ return 0;
+ if (len < 2) {
+ ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
+ tok2str(ip6cpopt_values,"unknown",opt),
+ opt,
+ len);
+ return 0;
+ }
+
+ ND_PRINT("\n\t %s Option (0x%02x), length %u",
+ tok2str(ip6cpopt_values,"unknown",opt),
+ opt,
+ len);
+
+ switch (opt) {
+ case IP6CP_IFID:
+ if (len != 10) {
+ ND_PRINT(" (length bogus, should be = 10)");
+ return len;
+ }
+ ND_TCHECK_8(p + 2);
+ ND_PRINT(": %04x:%04x:%04x:%04x",
+ GET_BE_U_2(p + 2),
+ GET_BE_U_2(p + 4),
+ GET_BE_U_2(p + 6),
+ GET_BE_U_2(p + 8));
+ break;
+ default:
+ /*
+ * Unknown option; dump it as raw bytes now if we're
+ * not going to do so below.
+ */
+ if (ndo->ndo_vflag < 2)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
+ break;
+ }
+ if (ndo->ndo_vflag > 1)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
+
+ return len;
+
+trunc:
+ ND_PRINT("[|ip6cp]");
+ return 0;
+}
+
+
+/* CCP config options */
+static u_int
+print_ccp_config_options(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int opt, len;
+
+ if (length < 2)
+ return 0;
+ ND_TCHECK_2(p);
+ opt = GET_U_1(p);
+ len = GET_U_1(p + 1);
+ if (length < len)
+ return 0;
+ if (len < 2) {
+ ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
+ tok2str(ccpconfopts_values, "Unknown", opt),
+ opt,
+ len);
+ return 0;
+ }
+
+ ND_PRINT("\n\t %s Option (0x%02x), length %u",
+ tok2str(ccpconfopts_values, "Unknown", opt),
+ opt,
+ len);
+
+ switch (opt) {
+ case CCPOPT_BSDCOMP:
+ if (len < 3) {
+ ND_PRINT(" (length bogus, should be >= 3)");
+ return len;
+ }
+ ND_PRINT(": Version: %u, Dictionary Bits: %u",
+ GET_U_1(p + 2) >> 5,
+ GET_U_1(p + 2) & 0x1f);
+ break;
+ case CCPOPT_MVRCA:
+ if (len < 4) {
+ ND_PRINT(" (length bogus, should be >= 4)");
+ return len;
+ }
+ ND_PRINT(": Features: %u, PxP: %s, History: %u, #CTX-ID: %u",
+ (GET_U_1(p + 2) & 0xc0) >> 6,
+ (GET_U_1(p + 2) & 0x20) ? "Enabled" : "Disabled",
+ GET_U_1(p + 2) & 0x1f,
+ GET_U_1(p + 3));
+ break;
+ case CCPOPT_DEFLATE:
+ if (len < 4) {
+ ND_PRINT(" (length bogus, should be >= 4)");
+ return len;
+ }
+ ND_PRINT(": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u",
+ (GET_U_1(p + 2) & 0xf0) >> 4,
+ ((GET_U_1(p + 2) & 0x0f) == 8) ? "zlib" : "unknown",
+ GET_U_1(p + 2) & 0x0f,
+ (GET_U_1(p + 3) & 0xfc) >> 2,
+ GET_U_1(p + 3) & 0x03);
+ break;
+
+/* XXX: to be supported */
+#if 0
+ case CCPOPT_OUI:
+ case CCPOPT_PRED1:
+ case CCPOPT_PRED2:
+ case CCPOPT_PJUMP:
+ case CCPOPT_HPPPC:
+ case CCPOPT_STACLZS:
+ case CCPOPT_MPPC:
+ case CCPOPT_GFZA:
+ case CCPOPT_V42BIS:
+ case CCPOPT_LZSDCP:
+ case CCPOPT_DEC:
+ case CCPOPT_RESV:
+ break;
+#endif
+ default:
+ /*
+ * Unknown option; dump it as raw bytes now if we're
+ * not going to do so below.
+ */
+ if (ndo->ndo_vflag < 2)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
+ break;
+ }
+ if (ndo->ndo_vflag > 1)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
+
+ return len;
+
+trunc:
+ ND_PRINT("[|ccp]");
+ return 0;
+}
+
+/* BACP config options */
+static u_int
+print_bacp_config_options(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int opt, len;
+
+ if (length < 2)
+ return 0;
+ ND_TCHECK_2(p);
+ opt = GET_U_1(p);
+ len = GET_U_1(p + 1);
+ if (length < len)
+ return 0;
+ if (len < 2) {
+ ND_PRINT("\n\t %s Option (0x%02x), length %u (length bogus, should be >= 2)",
+ tok2str(bacconfopts_values, "Unknown", opt),
+ opt,
+ len);
+ return 0;
+ }
+
+ ND_PRINT("\n\t %s Option (0x%02x), length %u",
+ tok2str(bacconfopts_values, "Unknown", opt),
+ opt,
+ len);
+
+ switch (opt) {
+ case BACPOPT_FPEER:
+ if (len != 6) {
+ ND_PRINT(" (length bogus, should be = 6)");
+ return len;
+ }
+ ND_PRINT(": Magic-Num 0x%08x", GET_BE_U_4(p + 2));
+ break;
+ default:
+ /*
+ * Unknown option; dump it as raw bytes now if we're
+ * not going to do so below.
+ */
+ if (ndo->ndo_vflag < 2)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2);
+ break;
+ }
+ if (ndo->ndo_vflag > 1)
+ print_unknown_data(ndo, p + 2, "\n\t ", len - 2); /* exclude TLV header */
+
+ return len;
+
+trunc:
+ ND_PRINT("[|bacp]");
+ return 0;
+}
+
+/*
+ * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes.
+ * The length argument is the on-the-wire length, not the captured
+ * length; we can only un-escape the captured part.
+ */
+static void
+ppp_hdlc(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int caplen = ND_BYTES_AVAILABLE_AFTER(p);
+ u_char *b, *t, c;
+ const u_char *s;
+ u_int i, proto;
+ const void *sb, *se;
+
+ if (caplen == 0)
+ return;
+
+ if (length == 0)
+ return;
+
+ b = (u_char *)nd_malloc(ndo, caplen);
+ if (b == NULL)
+ return;
+
+ /*
+ * Unescape all the data into a temporary, private, buffer.
+ * Do this so that we don't overwrite the original packet
+ * contents.
+ */
+ for (s = p, t = b, i = caplen; i != 0; i--) {
+ c = GET_U_1(s);
+ s++;
+ if (c == 0x7d) {
+ if (i <= 1)
+ break;
+ i--;
+ c = GET_U_1(s) ^ 0x20;
+ s++;
+ }
+ *t++ = c;
+ }
+
+ /*
+ * Change the end pointer, so bounds checks work.
+ * Change the pointer to packet data to help debugging.
+ */
+ sb = ndo->ndo_packetp;
+ se = ndo->ndo_snapend;
+ ndo->ndo_packetp = b;
+ ndo->ndo_snapend = t;
+ length = ND_BYTES_AVAILABLE_AFTER(b);
+
+ /* now lets guess about the payload codepoint format */
+ if (length < 1)
+ goto trunc;
+ proto = GET_U_1(b); /* start with a one-octet codepoint guess */
+
+ switch (proto) {
+ case PPP_IP:
+ ip_print(ndo, b + 1, length - 1);
+ goto cleanup;
+ case PPP_IPV6:
+ ip6_print(ndo, b + 1, length - 1);
+ goto cleanup;
+ default: /* no luck - try next guess */
+ break;
+ }
+
+ if (length < 2)
+ goto trunc;
+ proto = GET_BE_U_2(b); /* next guess - load two octets */
+
+ switch (proto) {
+ case (PPP_ADDRESS << 8 | PPP_CONTROL): /* looks like a PPP frame */
+ if (length < 4)
+ goto trunc;
+ proto = GET_BE_U_2(b + 2); /* load the PPP proto-id */
+ if ((proto & 0xff00) == 0x7e00)
+ ND_PRINT("(protocol 0x%04x invalid)", proto);
+ else
+ handle_ppp(ndo, proto, b + 4, length - 4);
+ break;
+ default: /* last guess - proto must be a PPP proto-id */
+ if ((proto & 0xff00) == 0x7e00)
+ ND_PRINT("(protocol 0x%04x invalid)", proto);
+ else
+ handle_ppp(ndo, proto, b + 2, length - 2);
+ break;
+ }
+
+cleanup:
+ ndo->ndo_packetp = sb;
+ ndo->ndo_snapend = se;
+ return;
+
+trunc:
+ ndo->ndo_packetp = sb;
+ ndo->ndo_snapend = se;
+ nd_print_trunc(ndo);
+}
+
+
+/* PPP */
+static void
+handle_ppp(netdissect_options *ndo,
+ u_int proto, const u_char *p, u_int length)
+{
+ if ((proto & 0xff00) == 0x7e00) { /* is this an escape code ? */
+ ppp_hdlc(ndo, p - 1, length);
+ return;
+ }
+
+ switch (proto) {
+ case PPP_LCP: /* fall through */
+ case PPP_IPCP:
+ case PPP_OSICP:
+ case PPP_MPLSCP:
+ case PPP_IPV6CP:
+ case PPP_CCP:
+ case PPP_BACP:
+ handle_ctrl_proto(ndo, proto, p, length);
+ break;
+ case PPP_ML:
+ handle_mlppp(ndo, p, length);
+ break;
+ case PPP_CHAP:
+ handle_chap(ndo, p, length);
+ break;
+ case PPP_PAP:
+ handle_pap(ndo, p, length);
+ break;
+ case PPP_BAP: /* XXX: not yet completed */
+ handle_bap(ndo, p, length);
+ break;
+ case ETHERTYPE_IP: /*XXX*/
+ case PPP_VJNC:
+ case PPP_IP:
+ ip_print(ndo, p, length);
+ break;
+ case ETHERTYPE_IPV6: /*XXX*/
+ case PPP_IPV6:
+ ip6_print(ndo, p, length);
+ break;
+ case ETHERTYPE_IPX: /*XXX*/
+ case PPP_IPX:
+ ipx_print(ndo, p, length);
+ break;
+ case PPP_OSI:
+ isoclns_print(ndo, p, length);
+ break;
+ case PPP_MPLS_UCAST:
+ case PPP_MPLS_MCAST:
+ mpls_print(ndo, p, length);
+ break;
+ case PPP_COMP:
+ ND_PRINT("compressed PPP data");
+ break;
+ default:
+ ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
+ print_unknown_data(ndo, p, "\n\t", length);
+ break;
+ }
+}
+
+/* Standard PPP printer */
+u_int
+ppp_print(netdissect_options *ndo,
+ const u_char *p, u_int length)
+{
+ u_int proto,ppp_header;
+ u_int olen = length; /* _o_riginal length */
+ u_int hdr_len = 0;
+
+ ndo->ndo_protocol = "ppp";
+ /*
+ * Here, we assume that p points to the Address and Control
+ * field (if they present).
+ */
+ if (length < 2)
+ goto trunc;
+ ppp_header = GET_BE_U_2(p);
+
+ switch(ppp_header) {
+ case (PPP_PPPD_IN << 8 | PPP_CONTROL):
+ if (ndo->ndo_eflag) ND_PRINT("In ");
+ p += 2;
+ length -= 2;
+ hdr_len += 2;
+ break;
+ case (PPP_PPPD_OUT << 8 | PPP_CONTROL):
+ if (ndo->ndo_eflag) ND_PRINT("Out ");
+ p += 2;
+ length -= 2;
+ hdr_len += 2;
+ break;
+ case (PPP_ADDRESS << 8 | PPP_CONTROL):
+ p += 2; /* ACFC not used */
+ length -= 2;
+ hdr_len += 2;
+ break;
+
+ default:
+ break;
+ }
+
+ if (length < 2)
+ goto trunc;
+ if (GET_U_1(p) % 2) {
+ proto = GET_U_1(p); /* PFC is used */
+ p++;
+ length--;
+ hdr_len++;
+ } else {
+ proto = GET_BE_U_2(p);
+ p += 2;
+ length -= 2;
+ hdr_len += 2;
+ }
+
+ if (ndo->ndo_eflag) {
+ const char *typestr;
+ typestr = tok2str(ppptype2str, "unknown", proto);
+ ND_PRINT("%s (0x%04x), length %u",
+ typestr,
+ proto,
+ olen);
+ if (*typestr == 'u') /* "unknown" */
+ return hdr_len;
+
+ ND_PRINT(": ");
+ }
+
+ handle_ppp(ndo, proto, p, length);
+ return (hdr_len);
+trunc:
+ nd_print_trunc(ndo);
+ return (0);
+}
+
+
+/* PPP I/F printer */
+void
+ppp_if_print(netdissect_options *ndo,
+ const struct pcap_pkthdr *h, const u_char *p)
+{
+ u_int length = h->len;
+ u_int caplen = h->caplen;
+
+ ndo->ndo_protocol = "ppp";
+ if (caplen < PPP_HDRLEN) {
+ nd_print_trunc(ndo);
+ ndo->ndo_ll_hdr_len += caplen;
+ return;
+ }
+ ndo->ndo_ll_hdr_len += PPP_HDRLEN;
+
+#if 0
+ /*
+ * XXX: seems to assume that there are 2 octets prepended to an
+ * actual PPP frame. The 1st octet looks like Input/Output flag
+ * while 2nd octet is unknown, at least to me
+ * (mshindo@mshindo.net).
+ *
+ * That was what the original tcpdump code did.
+ *
+ * FreeBSD's "if_ppp.c" *does* set the first octet to 1 for outbound
+ * packets and 0 for inbound packets - but only if the
+ * protocol field has the 0x8000 bit set (i.e., it's a network
+ * control protocol); it does so before running the packet through
+ * "bpf_filter" to see if it should be discarded, and to see
+ * if we should update the time we sent the most recent packet...
+ *
+ * ...but it puts the original address field back after doing
+ * so.
+ *
+ * NetBSD's "if_ppp.c" doesn't set the first octet in that fashion.
+ *
+ * I don't know if any PPP implementation handed up to a BPF
+ * device packets with the first octet being 1 for outbound and
+ * 0 for inbound packets, so I (guy@alum.mit.edu) don't know
+ * whether that ever needs to be checked or not.
+ *
+ * Note that NetBSD has a DLT_PPP_SERIAL, which it uses for PPP,
+ * and its tcpdump appears to assume that the frame always
+ * begins with an address field and a control field, and that
+ * the address field might be 0x0f or 0x8f, for Cisco
+ * point-to-point with HDLC framing as per section 4.3.1 of RFC
+ * 1547, as well as 0xff, for PPP in HDLC-like framing as per
+ * RFC 1662.
+ *
+ * (Is the Cisco framing in question what DLT_C_HDLC, in
+ * BSD/OS, is?)
+ */
+ if (ndo->ndo_eflag)
+ ND_PRINT("%c %4d %02x ", GET_U_1(p) ? 'O' : 'I',
+ length, GET_U_1(p + 1));
+#endif
+
+ ppp_print(ndo, p, length);
+}
+
+/*
+ * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
+ * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
+ * is being used (i.e., we don't check for PPP_ADDRESS and PPP_CONTROL,
+ * discard them *if* those are the first two octets, and parse the remaining
+ * packet as a PPP packet, as "ppp_print()" does).
+ *
+ * This handles, for example, DLT_PPP_SERIAL in NetBSD.
+ */
+void
+ppp_hdlc_if_print(netdissect_options *ndo,
+ const struct pcap_pkthdr *h, const u_char *p)
+{
+ u_int length = h->len;
+ u_int caplen = h->caplen;
+ u_int proto;
+ u_int hdrlen = 0;
+
+ ndo->ndo_protocol = "ppp_hdlc";
+ if (caplen < 2) {
+ nd_print_trunc(ndo);
+ ndo->ndo_ll_hdr_len += caplen;
+ return;
+ }
+
+ switch (GET_U_1(p)) {
+
+ case PPP_ADDRESS:
+ if (caplen < 4) {
+ nd_print_trunc(ndo);
+ ndo->ndo_ll_hdr_len += caplen;
+ return;
+ }
+
+ if (ndo->ndo_eflag)
+ ND_PRINT("%02x %02x %u ", GET_U_1(p),
+ GET_U_1(p + 1), length);
+ p += 2;
+ length -= 2;
+ hdrlen += 2;
+
+ proto = GET_BE_U_2(p);
+ p += 2;
+ length -= 2;
+ hdrlen += 2;
+ ND_PRINT("%s: ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", proto));
+
+ handle_ppp(ndo, proto, p, length);
+ break;
+
+ case CHDLC_UNICAST:
+ case CHDLC_BCAST:
+ chdlc_if_print(ndo, h, p);
+ return;
+
+ default:
+ if (caplen < 4) {
+ nd_print_trunc(ndo);
+ ndo->ndo_ll_hdr_len += caplen;
+ return;
+ }
+
+ if (ndo->ndo_eflag)
+ ND_PRINT("%02x %02x %u ", GET_U_1(p),
+ GET_U_1(p + 1), length);
+ p += 2;
+ hdrlen += 2;
+
+ /*
+ * XXX - NetBSD's "ppp_netbsd_serial_if_print()" treats
+ * the next two octets as an Ethernet type; does that
+ * ever happen?
+ */
+ ND_PRINT("unknown addr %02x; ctrl %02x", GET_U_1(p),
+ GET_U_1(p + 1));
+ break;
+ }
+
+ ndo->ndo_ll_hdr_len += hdrlen;
+}
+
+#define PPP_BSDI_HDRLEN 24
+
+/* BSD/OS specific PPP printer */
+void
+ppp_bsdos_if_print(netdissect_options *ndo,
+ const struct pcap_pkthdr *h _U_, const u_char *p _U_)
+{
+ u_int hdrlength;
+#ifdef __bsdi__
+ u_int length = h->len;
+ u_int caplen = h->caplen;
+ uint16_t ptype;
+ uint8_t llhl;
+ const u_char *q;
+ u_int i;
+
+ ndo->ndo_protocol = "ppp_bsdos";
+ if (caplen < PPP_BSDI_HDRLEN) {
+ nd_print_trunc(ndo);
+ ndo->ndo_ll_hdr_len += caplen;
+ return;
+ }
+
+ hdrlength = 0;
+
+#if 0
+ if (GET_U_1(p) == PPP_ADDRESS &&
+ GET_U_1(p + 1) == PPP_CONTROL) {
+ if (ndo->ndo_eflag)
+ ND_PRINT("%02x %02x ", GET_U_1(p),
+ GET_U_1(p + 1));
+ p += 2;
+ hdrlength = 2;
+ }
+
+ if (ndo->ndo_eflag)
+ ND_PRINT("%u ", length);
+ /* Retrieve the protocol type */
+ if (GET_U_1(p) & 01) {
+ /* Compressed protocol field */
+ ptype = GET_U_1(p);
+ if (ndo->ndo_eflag)
+ ND_PRINT("%02x ", ptype);
+ p++;
+ hdrlength += 1;
+ } else {
+ /* Un-compressed protocol field */
+ ptype = GET_BE_U_2(p);
+ if (ndo->ndo_eflag)
+ ND_PRINT("%04x ", ptype);
+ p += 2;
+ hdrlength += 2;
+ }
+#else
+ ptype = 0; /*XXX*/
+ if (ndo->ndo_eflag)
+ ND_PRINT("%c ", GET_U_1(p + SLC_DIR) ? 'O' : 'I');
+ llhl = GET_U_1(p + SLC_LLHL);
+ if (llhl) {
+ /* link level header */
+ struct ppp_header *ph;
+
+ q = p + SLC_BPFHDRLEN;
+ ph = (struct ppp_header *)q;
+ if (ph->phdr_addr == PPP_ADDRESS
+ && ph->phdr_ctl == PPP_CONTROL) {
+ if (ndo->ndo_eflag)
+ ND_PRINT("%02x %02x ", GET_U_1(q),
+ GET_U_1(q + 1));
+ ptype = GET_BE_U_2(&ph->phdr_type);
+ if (ndo->ndo_eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
+ ND_PRINT("%s ", tok2str(ppptype2str,
+ "proto-#%u", ptype));
+ }
+ } else {
+ if (ndo->ndo_eflag) {
+ ND_PRINT("LLH=[");
+ for (i = 0; i < llhl; i++)
+ ND_PRINT("%02x", GET_U_1(q + i));
+ ND_PRINT("] ");
+ }
+ }
+ }
+ if (ndo->ndo_eflag)
+ ND_PRINT("%u ", length);
+ if (GET_U_1(p + SLC_CHL)) {
+ q = p + SLC_BPFHDRLEN + llhl;
+
+ switch (ptype) {
+ case PPP_VJC:
+ ptype = vjc_print(ndo, q, ptype);
+ hdrlength = PPP_BSDI_HDRLEN;
+ p += hdrlength;
+ switch (ptype) {
+ case PPP_IP:
+ ip_print(ndo, p, length);
+ break;
+ case PPP_IPV6:
+ ip6_print(ndo, p, length);
+ break;
+ case PPP_MPLS_UCAST:
+ case PPP_MPLS_MCAST:
+ mpls_print(ndo, p, length);
+ break;
+ }
+ goto printx;
+ case PPP_VJNC:
+ ptype = vjc_print(ndo, q, ptype);
+ hdrlength = PPP_BSDI_HDRLEN;
+ p += hdrlength;
+ switch (ptype) {
+ case PPP_IP:
+ ip_print(ndo, p, length);
+ break;
+ case PPP_IPV6:
+ ip6_print(ndo, p, length);
+ break;
+ case PPP_MPLS_UCAST:
+ case PPP_MPLS_MCAST:
+ mpls_print(ndo, p, length);
+ break;
+ }
+ goto printx;
+ default:
+ if (ndo->ndo_eflag) {
+ ND_PRINT("CH=[");
+ for (i = 0; i < llhl; i++)
+ ND_PRINT("%02x",
+ GET_U_1(q + i));
+ ND_PRINT("] ");
+ }
+ break;
+ }
+ }
+
+ hdrlength = PPP_BSDI_HDRLEN;
+#endif
+
+ length -= hdrlength;
+ p += hdrlength;
+
+ switch (ptype) {
+ case PPP_IP:
+ ip_print(p, length);
+ break;
+ case PPP_IPV6:
+ ip6_print(ndo, p, length);
+ break;
+ case PPP_MPLS_UCAST:
+ case PPP_MPLS_MCAST:
+ mpls_print(ndo, p, length);
+ break;
+ default:
+ ND_PRINT("%s ", tok2str(ppptype2str, "unknown PPP protocol (0x%04x)", ptype));
+ }
+
+printx:
+#else /* __bsdi */
+ hdrlength = 0;
+#endif /* __bsdi__ */
+ ndo->ndo_ll_hdr_len += hdrlength;
+}