1 /* 2 * Copyright (c) 2000 Lennert Buytenhek 3 * 4 * This software may be distributed either under the terms of the 5 * BSD-style license that accompanies tcpdump or the GNU General 6 * Public License 7 * 8 * Format and print IEEE 802.1d spanning tree protocol packets. 9 * Contributed by Lennert Buytenhek <buytenh@gnu.org> 10 */ 11 12 #include <sys/cdefs.h> 13 #ifndef lint 14 __RCSID("$NetBSD: print-stp.c,v 1.5 2014/11/20 03:05:03 christos Exp $"); 15 #endif 16 17 #define NETDISSECT_REWORKED 18 #ifdef HAVE_CONFIG_H 19 #include "config.h" 20 #endif 21 22 #include <tcpdump-stdinc.h> 23 24 #include <stdio.h> 25 26 #include "interface.h" 27 #include "extract.h" 28 29 #define RSTP_EXTRACT_PORT_ROLE(x) (((x)&0x0C)>>2) 30 /* STP timers are expressed in multiples of 1/256th second */ 31 #define STP_TIME_BASE 256 32 #define STP_BPDU_MSTP_MIN_LEN 102 33 34 struct stp_bpdu_ { 35 uint8_t protocol_id[2]; 36 uint8_t protocol_version; 37 uint8_t bpdu_type; 38 uint8_t flags; 39 uint8_t root_id[8]; 40 uint8_t root_path_cost[4]; 41 uint8_t bridge_id[8]; 42 uint8_t port_id[2]; 43 uint8_t message_age[2]; 44 uint8_t max_age[2]; 45 uint8_t hello_time[2]; 46 uint8_t forward_delay[2]; 47 uint8_t v1_length; 48 }; 49 50 #define STP_PROTO_REGULAR 0x00 51 #define STP_PROTO_RAPID 0x02 52 #define STP_PROTO_MSTP 0x03 53 #define STP_PROTO_SPB 0x04 54 55 static const struct tok stp_proto_values[] = { 56 { STP_PROTO_REGULAR, "802.1d" }, 57 { STP_PROTO_RAPID, "802.1w" }, 58 { STP_PROTO_MSTP, "802.1s" }, 59 { STP_PROTO_SPB, "802.1aq" }, 60 { 0, NULL} 61 }; 62 63 #define STP_BPDU_TYPE_CONFIG 0x00 64 #define STP_BPDU_TYPE_RSTP 0x02 65 #define STP_BPDU_TYPE_TOPO_CHANGE 0x80 66 67 static const struct tok stp_bpdu_flag_values[] = { 68 { 0x01, "Topology change" }, 69 { 0x02, "Proposal" }, 70 { 0x10, "Learn" }, 71 { 0x20, "Forward" }, 72 { 0x40, "Agreement" }, 73 { 0x80, "Topology change ACK" }, 74 { 0, NULL} 75 }; 76 77 static const struct tok stp_bpdu_type_values[] = { 78 { STP_BPDU_TYPE_CONFIG, "Config" }, 79 { STP_BPDU_TYPE_RSTP, "Rapid STP" }, 80 { STP_BPDU_TYPE_TOPO_CHANGE, "Topology Change" }, 81 { 0, NULL} 82 }; 83 84 static const struct tok rstp_obj_port_role_values[] = { 85 { 0x00, "Unknown" }, 86 { 0x01, "Alternate" }, 87 { 0x02, "Root" }, 88 { 0x03, "Designated" }, 89 { 0, NULL} 90 }; 91 92 static char * 93 stp_print_bridge_id(const u_char *p) 94 { 95 static char bridge_id_str[sizeof("pppp.aa:bb:cc:dd:ee:ff")]; 96 97 snprintf(bridge_id_str, sizeof(bridge_id_str), 98 "%.2x%.2x.%.2x:%.2x:%.2x:%.2x:%.2x:%.2x", 99 p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]); 100 101 return bridge_id_str; 102 } 103 104 static void 105 stp_print_config_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu, 106 u_int length) 107 { 108 ND_PRINT((ndo, ", Flags [%s]", 109 bittok2str(stp_bpdu_flag_values, "none", stp_bpdu->flags))); 110 111 ND_PRINT((ndo, ", bridge-id %s.%04x, length %u", 112 stp_print_bridge_id((const u_char *)&stp_bpdu->bridge_id), 113 EXTRACT_16BITS(&stp_bpdu->port_id), length)); 114 115 /* in non-verbose mode just print the bridge-id */ 116 if (!ndo->ndo_vflag) { 117 return; 118 } 119 120 ND_PRINT((ndo, "\n\tmessage-age %.2fs, max-age %.2fs" 121 ", hello-time %.2fs, forwarding-delay %.2fs", 122 (float)EXTRACT_16BITS(&stp_bpdu->message_age) / STP_TIME_BASE, 123 (float)EXTRACT_16BITS(&stp_bpdu->max_age) / STP_TIME_BASE, 124 (float)EXTRACT_16BITS(&stp_bpdu->hello_time) / STP_TIME_BASE, 125 (float)EXTRACT_16BITS(&stp_bpdu->forward_delay) / STP_TIME_BASE)); 126 127 ND_PRINT((ndo, "\n\troot-id %s, root-pathcost %u", 128 stp_print_bridge_id((const u_char *)&stp_bpdu->root_id), 129 EXTRACT_32BITS(&stp_bpdu->root_path_cost))); 130 131 /* Port role is only valid for 802.1w */ 132 if (stp_bpdu->protocol_version == STP_PROTO_RAPID) { 133 ND_PRINT((ndo, ", port-role %s", 134 tok2str(rstp_obj_port_role_values, "Unknown", 135 RSTP_EXTRACT_PORT_ROLE(stp_bpdu->flags)))); 136 } 137 } 138 139 /* 140 * MSTP packet format 141 * Ref. IEEE 802.1Q 2003 Ed. Section 14 142 * 143 * MSTP BPDU 144 * 145 * 2 - bytes Protocol Id 146 * 1 - byte Protocol Ver. 147 * 1 - byte BPDU tye 148 * 1 - byte Flags 149 * 8 - bytes CIST Root Identifier 150 * 4 - bytes CIST External Path Cost 151 * 8 - bytes CIST Regional Root Identifier 152 * 2 - bytes CIST Port Identifier 153 * 2 - bytes Message Age 154 * 2 - bytes Max age 155 * 2 - bytes Hello Time 156 * 2 - bytes Forward delay 157 * 1 - byte Version 1 length. Must be 0 158 * 2 - bytes Version 3 length 159 * 1 - byte Config Identifier 160 * 32 - bytes Config Name 161 * 2 - bytes Revision level 162 * 16 - bytes Config Digest [MD5] 163 * 4 - bytes CIST Internal Root Path Cost 164 * 8 - bytes CIST Bridge Identifier 165 * 1 - byte CIST Remaining Hops 166 * 16 - bytes MSTI information [Max 64 MSTI, each 16 bytes] 167 * 168 * 169 * SPB BPDU 170 * Ref. IEEE 802.1aq. Section 14 171 * 172 * 2 - bytes Version 4 length 173 * 1 - byte Aux Config Identifier 174 * 32 - bytes Aux Config Name 175 * 2 - bytes Aux Revision level 176 * 16 - bytes Aux Config Digest [MD5] 177 * 1 - byte (1 - 2) Agreement Number 178 * (3 - 4) Discarded Agreement Number 179 * (5) Agreement Valid Flag 180 * (6) Restricted Role Flag 181 * (7 - 8) Unused sent zero 182 * 1 - byte Unused 183 * 1 - byte (1 - 4) Agreement Digest Format Identifier 184 * (5 - 8) Agreement Digest Format Capabilities 185 * 1 - byte (1 - 4) Agreement Digest Convention Identifier 186 * (5 - 8) Agreement Digest Convention Capabilities 187 * 2 - bytes Agreement Digest Edge Count 188 * 8 - byte Reserved Set 189 * 20 - bytes Computed Topology Digest 190 * 191 * 192 * MSTI Payload 193 * 194 * 1 - byte MSTI flag 195 * 8 - bytes MSTI Regional Root Identifier 196 * 4 - bytes MSTI Regional Path Cost 197 * 1 - byte MSTI Bridge Priority 198 * 1 - byte MSTI Port Priority 199 * 1 - byte MSTI Remaining Hops 200 * 201 */ 202 203 #define MST_BPDU_MSTI_LENGTH 16 204 #define MST_BPDU_CONFIG_INFO_LENGTH 64 205 206 /* Offsets of fields from the begginning for the packet */ 207 #define MST_BPDU_VER3_LEN_OFFSET 36 208 #define MST_BPDU_CONFIG_NAME_OFFSET 39 209 #define MST_BPDU_CONFIG_DIGEST_OFFSET 73 210 #define MST_BPDU_CIST_INT_PATH_COST_OFFSET 89 211 #define MST_BPDU_CIST_BRIDGE_ID_OFFSET 93 212 #define MST_BPDU_CIST_REMAIN_HOPS_OFFSET 101 213 #define MST_BPDU_MSTI_OFFSET 102 214 /* Offsets within an MSTI */ 215 #define MST_BPDU_MSTI_ROOT_PRIO_OFFSET 1 216 #define MST_BPDU_MSTI_ROOT_PATH_COST_OFFSET 9 217 #define MST_BPDU_MSTI_BRIDGE_PRIO_OFFSET 13 218 #define MST_BPDU_MSTI_PORT_PRIO_OFFSET 14 219 #define MST_BPDU_MSTI_REMAIN_HOPS_OFFSET 15 220 221 #define SPB_BPDU_MIN_LEN 87 222 #define SPB_BPDU_CONFIG_NAME_OFFSET 3 223 #define SPB_BPDU_CONFIG_REV_OFFSET SPB_BPDU_CONFIG_NAME_OFFSET + 32 224 #define SPB_BPDU_CONFIG_DIGEST_OFFSET SPB_BPDU_CONFIG_REV_OFFSET + 2 225 #define SPB_BPDU_AGREEMENT_OFFSET SPB_BPDU_CONFIG_DIGEST_OFFSET + 16 226 #define SPB_BPDU_AGREEMENT_UNUSED_OFFSET SPB_BPDU_AGREEMENT_OFFSET + 1 227 #define SPB_BPDU_AGREEMENT_FORMAT_OFFSET SPB_BPDU_AGREEMENT_UNUSED_OFFSET + 1 228 #define SPB_BPDU_AGREEMENT_CON_OFFSET SPB_BPDU_AGREEMENT_FORMAT_OFFSET + 1 229 #define SPB_BPDU_AGREEMENT_EDGE_OFFSET SPB_BPDU_AGREEMENT_CON_OFFSET + 1 230 #define SPB_BPDU_AGREEMENT_RES1_OFFSET SPB_BPDU_AGREEMENT_EDGE_OFFSET + 2 231 #define SPB_BPDU_AGREEMENT_RES2_OFFSET SPB_BPDU_AGREEMENT_RES1_OFFSET + 4 232 #define SPB_BPDU_AGREEMENT_DIGEST_OFFSET SPB_BPDU_AGREEMENT_RES2_OFFSET + 4 233 234 235 static void 236 stp_print_mstp_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu, 237 u_int length) 238 { 239 const u_char *ptr; 240 uint16_t v3len; 241 uint16_t len; 242 uint16_t msti; 243 u_int offset; 244 245 ptr = (const u_char *)stp_bpdu; 246 ND_PRINT((ndo, ", CIST Flags [%s], length %u", 247 bittok2str(stp_bpdu_flag_values, "none", stp_bpdu->flags), length)); 248 249 /* 250 * in non-verbose mode just print the flags. 251 */ 252 if (!ndo->ndo_vflag) { 253 return; 254 } 255 256 ND_PRINT((ndo, "\n\tport-role %s, ", 257 tok2str(rstp_obj_port_role_values, "Unknown", 258 RSTP_EXTRACT_PORT_ROLE(stp_bpdu->flags)))); 259 260 ND_PRINT((ndo, "CIST root-id %s, CIST ext-pathcost %u ", 261 stp_print_bridge_id((const u_char *)&stp_bpdu->root_id), 262 EXTRACT_32BITS(&stp_bpdu->root_path_cost))); 263 264 ND_PRINT((ndo, "\n\tCIST regional-root-id %s, ", 265 stp_print_bridge_id((const u_char *)&stp_bpdu->bridge_id))); 266 267 ND_PRINT((ndo, "CIST port-id %04x, ", EXTRACT_16BITS(&stp_bpdu->port_id))); 268 269 ND_PRINT((ndo, "\n\tmessage-age %.2fs, max-age %.2fs" 270 ", hello-time %.2fs, forwarding-delay %.2fs", 271 (float)EXTRACT_16BITS(&stp_bpdu->message_age) / STP_TIME_BASE, 272 (float)EXTRACT_16BITS(&stp_bpdu->max_age) / STP_TIME_BASE, 273 (float)EXTRACT_16BITS(&stp_bpdu->hello_time) / STP_TIME_BASE, 274 (float)EXTRACT_16BITS(&stp_bpdu->forward_delay) / STP_TIME_BASE)); 275 276 ND_PRINT((ndo, "\n\tv3len %d, ", EXTRACT_16BITS(ptr + MST_BPDU_VER3_LEN_OFFSET))); 277 ND_PRINT((ndo, "MCID Name %s, rev %u, " 278 "\n\t\tdigest %08x%08x%08x%08x, ", 279 ptr + MST_BPDU_CONFIG_NAME_OFFSET, 280 EXTRACT_16BITS(ptr + MST_BPDU_CONFIG_NAME_OFFSET + 32), 281 EXTRACT_32BITS(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET), 282 EXTRACT_32BITS(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 4), 283 EXTRACT_32BITS(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 8), 284 EXTRACT_32BITS(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 12))); 285 286 ND_PRINT((ndo, "CIST int-root-pathcost %u, ", 287 EXTRACT_32BITS(ptr + MST_BPDU_CIST_INT_PATH_COST_OFFSET))); 288 289 ND_PRINT((ndo, "\n\tCIST bridge-id %s, ", 290 stp_print_bridge_id(ptr + MST_BPDU_CIST_BRIDGE_ID_OFFSET))); 291 292 ND_PRINT((ndo, "CIST remaining-hops %d", ptr[MST_BPDU_CIST_REMAIN_HOPS_OFFSET])); 293 294 /* Dump all MSTI's */ 295 v3len = EXTRACT_16BITS(ptr + MST_BPDU_VER3_LEN_OFFSET); 296 if (v3len > MST_BPDU_CONFIG_INFO_LENGTH) { 297 len = v3len - MST_BPDU_CONFIG_INFO_LENGTH; 298 offset = MST_BPDU_MSTI_OFFSET; 299 while (len >= MST_BPDU_MSTI_LENGTH) { 300 msti = EXTRACT_16BITS(ptr + offset + 301 MST_BPDU_MSTI_ROOT_PRIO_OFFSET); 302 msti = msti & 0x0FFF; 303 304 ND_PRINT((ndo, "\n\tMSTI %d, Flags [%s], port-role %s", 305 msti, bittok2str(stp_bpdu_flag_values, "none", ptr[offset]), 306 tok2str(rstp_obj_port_role_values, "Unknown", 307 RSTP_EXTRACT_PORT_ROLE(ptr[offset])))); 308 ND_PRINT((ndo, "\n\t\tMSTI regional-root-id %s, pathcost %u", 309 stp_print_bridge_id(ptr + offset + 310 MST_BPDU_MSTI_ROOT_PRIO_OFFSET), 311 EXTRACT_32BITS(ptr + offset + 312 MST_BPDU_MSTI_ROOT_PATH_COST_OFFSET))); 313 ND_PRINT((ndo, "\n\t\tMSTI bridge-prio %d, port-prio %d, hops %d", 314 ptr[offset + MST_BPDU_MSTI_BRIDGE_PRIO_OFFSET] >> 4, 315 ptr[offset + MST_BPDU_MSTI_PORT_PRIO_OFFSET] >> 4, 316 ptr[offset + MST_BPDU_MSTI_REMAIN_HOPS_OFFSET])); 317 318 len -= MST_BPDU_MSTI_LENGTH; 319 offset += MST_BPDU_MSTI_LENGTH; 320 } 321 } 322 } 323 324 static void 325 stp_print_spb_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu, 326 u_int offset) 327 { 328 const u_char *ptr; 329 330 /* 331 * in non-verbose mode don't print anything. 332 */ 333 if (!ndo->ndo_vflag) { 334 return; 335 } 336 337 ptr = (const u_char *)stp_bpdu; 338 ND_PRINT((ndo, "\n\tv4len %d AUXMCID Name %s, Rev %u, \n\t\tdigest %08x%08x%08x%08x", 339 EXTRACT_16BITS (ptr + offset), 340 ptr + offset + SPB_BPDU_CONFIG_NAME_OFFSET, 341 EXTRACT_16BITS(ptr + offset + SPB_BPDU_CONFIG_REV_OFFSET), 342 EXTRACT_32BITS(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET), 343 EXTRACT_32BITS(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 4), 344 EXTRACT_32BITS(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 8), 345 EXTRACT_32BITS(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 12))); 346 347 ND_PRINT((ndo, "\n\tAgreement num %d, Discarded Agreement num %d, Agreement valid-" 348 "flag %d, \n\tRestricted role-flag: %d, Format id %d cap %d, " 349 "Convention id %d cap %d, \n\tEdge count %d, " 350 "Agreement digest %08x%08x%08x%08x%08x\n", 351 ptr[offset + SPB_BPDU_AGREEMENT_OFFSET]>>6, 352 ptr[offset + SPB_BPDU_AGREEMENT_OFFSET]>>4 & 0x3, 353 ptr[offset + SPB_BPDU_AGREEMENT_OFFSET]>>3 & 0x1, 354 ptr[offset + SPB_BPDU_AGREEMENT_OFFSET]>>2 & 0x1, 355 ptr[offset + SPB_BPDU_AGREEMENT_FORMAT_OFFSET]>>4, 356 ptr[offset + SPB_BPDU_AGREEMENT_FORMAT_OFFSET]&0x00ff, 357 ptr[offset + SPB_BPDU_AGREEMENT_CON_OFFSET]>>4, 358 ptr[offset + SPB_BPDU_AGREEMENT_CON_OFFSET]&0x00ff, 359 EXTRACT_16BITS(ptr + offset + SPB_BPDU_AGREEMENT_EDGE_OFFSET), 360 EXTRACT_32BITS(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET), 361 EXTRACT_32BITS(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET)+4, 362 EXTRACT_32BITS(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET)+8, 363 EXTRACT_32BITS(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET)+12, 364 EXTRACT_32BITS(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET)+16)); 365 } 366 367 /* 368 * Print 802.1d / 802.1w / 802.1q (mstp) / 802.1aq (spb) packets. 369 */ 370 void 371 stp_print(netdissect_options *ndo, const u_char *p, u_int length) 372 { 373 const struct stp_bpdu_ *stp_bpdu; 374 u_int mstp_len; 375 u_int spb_len; 376 377 stp_bpdu = (struct stp_bpdu_*)p; 378 379 /* Minimum STP Frame size. */ 380 if (length < 4) 381 goto trunc; 382 383 if (EXTRACT_16BITS(&stp_bpdu->protocol_id)) { 384 ND_PRINT((ndo, "unknown STP version, length %u", length)); 385 return; 386 } 387 388 ND_PRINT((ndo, "STP %s", tok2str(stp_proto_values, "Unknown STP protocol (0x%02x)", 389 stp_bpdu->protocol_version))); 390 391 switch (stp_bpdu->protocol_version) { 392 case STP_PROTO_REGULAR: 393 case STP_PROTO_RAPID: 394 case STP_PROTO_MSTP: 395 case STP_PROTO_SPB: 396 break; 397 default: 398 return; 399 } 400 401 ND_PRINT((ndo, ", %s", tok2str(stp_bpdu_type_values, "Unknown BPDU Type (0x%02x)", 402 stp_bpdu->bpdu_type))); 403 404 switch (stp_bpdu->bpdu_type) { 405 case STP_BPDU_TYPE_CONFIG: 406 if (length < sizeof(struct stp_bpdu_) - 1) { 407 goto trunc; 408 } 409 stp_print_config_bpdu(ndo, stp_bpdu, length); 410 break; 411 412 case STP_BPDU_TYPE_RSTP: 413 if (stp_bpdu->protocol_version == STP_PROTO_RAPID) { 414 if (length < sizeof(struct stp_bpdu_)) { 415 goto trunc; 416 } 417 stp_print_config_bpdu(ndo, stp_bpdu, length); 418 } else if (stp_bpdu->protocol_version == STP_PROTO_MSTP || 419 stp_bpdu->protocol_version == STP_PROTO_SPB) { 420 if (length < STP_BPDU_MSTP_MIN_LEN) { 421 goto trunc; 422 } 423 424 if (stp_bpdu->v1_length != 0) { 425 /* FIX ME: Emit a message here ? */ 426 goto trunc; 427 } 428 429 /* Validate v3 length */ 430 mstp_len = EXTRACT_16BITS(p + MST_BPDU_VER3_LEN_OFFSET); 431 mstp_len += 2; /* length encoding itself is 2 bytes */ 432 if (length < (sizeof(struct stp_bpdu_) + mstp_len)) { 433 goto trunc; 434 } 435 stp_print_mstp_bpdu(ndo, stp_bpdu, length); 436 437 if (stp_bpdu->protocol_version == STP_PROTO_SPB) 438 { 439 /* Validate v4 length */ 440 spb_len = EXTRACT_16BITS (p + MST_BPDU_VER3_LEN_OFFSET + mstp_len); 441 spb_len += 2; 442 if (length < (sizeof(struct stp_bpdu_) + mstp_len + spb_len) || 443 spb_len < SPB_BPDU_MIN_LEN) { 444 goto trunc; 445 } 446 stp_print_spb_bpdu(ndo, stp_bpdu, (sizeof(struct stp_bpdu_) + mstp_len)); 447 } 448 } 449 break; 450 451 case STP_BPDU_TYPE_TOPO_CHANGE: 452 /* always empty message - just break out */ 453 break; 454 455 default: 456 break; 457 } 458 459 return; 460 trunc: 461 ND_PRINT((ndo, "[|stp %d]", length)); 462 } 463 464 /* 465 * Local Variables: 466 * c-style: whitesmith 467 * c-basic-offset: 4 468 * End: 469 */ 470