1/* 2 * Copyright (c) 2000 Lennert Buytenhek 3 * 4 * This software may be distributed either under the terms of the 5 * BSD-style license that accompanies tcpdump or the GNU General 6 * Public License 7 * 8 * Contributed by Lennert Buytenhek <buytenh@gnu.org> 9 */ 10 11/* \summary: IEEE 802.1d Spanning Tree Protocol (STP) printer */ 12 13#ifdef HAVE_CONFIG_H 14#include <config.h> 15#endif 16 17#include "netdissect-stdinc.h" 18 19#include <stdio.h> 20 21#include "netdissect.h" 22#include "extract.h" 23 24#define RSTP_EXTRACT_PORT_ROLE(x) (((x)&0x0C)>>2) 25/* STP timers are expressed in multiples of 1/256th second */ 26#define STP_TIME_BASE 256 27#define STP_BPDU_MSTP_MIN_LEN 102 28 29struct stp_bpdu_ { 30 nd_uint16_t protocol_id; 31 nd_uint8_t protocol_version; 32 nd_uint8_t bpdu_type; 33 nd_uint8_t flags; 34 nd_byte root_id[8]; 35 nd_uint32_t root_path_cost; 36 nd_byte bridge_id[8]; 37 nd_uint16_t port_id; 38 nd_uint16_t message_age; 39 nd_uint16_t max_age; 40 nd_uint16_t hello_time; 41 nd_uint16_t forward_delay; 42 nd_uint8_t v1_length; 43}; 44 45#define STP_PROTO_REGULAR 0x00 46#define STP_PROTO_RAPID 0x02 47#define STP_PROTO_MSTP 0x03 48#define STP_PROTO_SPB 0x04 49 50static const struct tok stp_proto_values[] = { 51 { STP_PROTO_REGULAR, "802.1d" }, 52 { STP_PROTO_RAPID, "802.1w" }, 53 { STP_PROTO_MSTP, "802.1s" }, 54 { STP_PROTO_SPB, "802.1aq" }, 55 { 0, NULL} 56}; 57 58#define STP_BPDU_TYPE_CONFIG 0x00 59#define STP_BPDU_TYPE_RSTP 0x02 60#define STP_BPDU_TYPE_TOPO_CHANGE 0x80 61 62static const struct tok stp_bpdu_flag_values[] = { 63 { 0x01, "Topology change" }, 64 { 0x02, "Proposal" }, 65 { 0x10, "Learn" }, 66 { 0x20, "Forward" }, 67 { 0x40, "Agreement" }, 68 { 0x80, "Topology change ACK" }, 69 { 0, NULL} 70}; 71 72static const struct tok stp_bpdu_type_values[] = { 73 { STP_BPDU_TYPE_CONFIG, "Config" }, 74 { STP_BPDU_TYPE_RSTP, "Rapid STP" }, 75 { STP_BPDU_TYPE_TOPO_CHANGE, "Topology Change" }, 76 { 0, NULL} 77}; 78 79static const struct tok rstp_obj_port_role_values[] = { 80 { 0x00, "Unknown" }, 81 { 0x01, "Alternate" }, 82 { 0x02, "Root" }, 83 { 0x03, "Designated" }, 84 { 0, NULL} 85}; 86 87static char * 88stp_print_bridge_id(netdissect_options *ndo, const u_char *p) 89{ 90 static char bridge_id_str[sizeof("pppp.aa:bb:cc:dd:ee:ff")]; 91 92 snprintf(bridge_id_str, sizeof(bridge_id_str), 93 "%.2x%.2x.%.2x:%.2x:%.2x:%.2x:%.2x:%.2x", 94 GET_U_1(p), GET_U_1(p + 1), GET_U_1(p + 2), 95 GET_U_1(p + 3), GET_U_1(p + 4), GET_U_1(p + 5), 96 GET_U_1(p + 6), GET_U_1(p + 7)); 97 98 return bridge_id_str; 99} 100 101static void 102stp_print_config_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu, 103 u_int length) 104{ 105 uint8_t bpdu_flags; 106 107 bpdu_flags = GET_U_1(stp_bpdu->flags); 108 ND_PRINT(", Flags [%s]", 109 bittok2str(stp_bpdu_flag_values, "none", bpdu_flags)); 110 111 ND_PRINT(", bridge-id %s.%04x, length %u", 112 stp_print_bridge_id(ndo, stp_bpdu->bridge_id), 113 GET_BE_U_2(stp_bpdu->port_id), length); 114 115 /* in non-verbose mode just print the bridge-id */ 116 if (!ndo->ndo_vflag) { 117 return; 118 } 119 120 ND_PRINT("\n\tmessage-age %.2fs, max-age %.2fs" 121 ", hello-time %.2fs, forwarding-delay %.2fs", 122 (float) GET_BE_U_2(stp_bpdu->message_age) / STP_TIME_BASE, 123 (float) GET_BE_U_2(stp_bpdu->max_age) / STP_TIME_BASE, 124 (float) GET_BE_U_2(stp_bpdu->hello_time) / STP_TIME_BASE, 125 (float) GET_BE_U_2(stp_bpdu->forward_delay) / STP_TIME_BASE); 126 127 ND_PRINT("\n\troot-id %s, root-pathcost %u", 128 stp_print_bridge_id(ndo, stp_bpdu->root_id), 129 GET_BE_U_4(stp_bpdu->root_path_cost)); 130 131 /* Port role is only valid for 802.1w */ 132 if (GET_U_1(stp_bpdu->protocol_version) == STP_PROTO_RAPID) { 133 ND_PRINT(", port-role %s", 134 tok2str(rstp_obj_port_role_values, "Unknown", 135 RSTP_EXTRACT_PORT_ROLE(bpdu_flags))); 136 } 137} 138 139/* 140 * MSTP packet format 141 * Ref. IEEE 802.1Q 2003 Ed. Section 14 142 * 143 * MSTP BPDU 144 * 145 * 2 - bytes Protocol Id 146 * 1 - byte Protocol Ver. 147 * 1 - byte BPDU type 148 * 1 - byte Flags 149 * 8 - bytes CIST Root Identifier 150 * 4 - bytes CIST External Path Cost 151 * 8 - bytes CIST Regional Root Identifier 152 * 2 - bytes CIST Port Identifier 153 * 2 - bytes Message Age 154 * 2 - bytes Max age 155 * 2 - bytes Hello Time 156 * 2 - bytes Forward delay 157 * 1 - byte Version 1 length. Must be 0 158 * 2 - bytes Version 3 length 159 * 1 - byte Config Identifier 160 * 32 - bytes Config Name 161 * 2 - bytes Revision level 162 * 16 - bytes Config Digest [MD5] 163 * 4 - bytes CIST Internal Root Path Cost 164 * 8 - bytes CIST Bridge Identifier 165 * 1 - byte CIST Remaining Hops 166 * 16 - bytes MSTI information [Max 64 MSTI, each 16 bytes] 167 * 168 * 169 * SPB BPDU 170 * Ref. IEEE 802.1aq. Section 14 171 * 172 * 2 - bytes Version 4 length 173 * 1 - byte Aux Config Identifier 174 * 32 - bytes Aux Config Name 175 * 2 - bytes Aux Revision level 176 * 16 - bytes Aux Config Digest [MD5] 177 * 1 - byte (1 - 2) Agreement Number 178 * (3 - 4) Discarded Agreement Number 179 * (5) Agreement Valid Flag 180 * (6) Restricted Role Flag 181 * (7 - 8) Unused sent zero 182 * 1 - byte Unused 183 * 1 - byte (1 - 4) Agreement Digest Format Identifier 184 * (5 - 8) Agreement Digest Format Capabilities 185 * 1 - byte (1 - 4) Agreement Digest Convention Identifier 186 * (5 - 8) Agreement Digest Convention Capabilities 187 * 2 - bytes Agreement Digest Edge Count 188 * 8 - byte Reserved Set 189 * 20 - bytes Computed Topology Digest 190 * 191 * 192 * MSTI Payload 193 * 194 * 1 - byte MSTI flag 195 * 8 - bytes MSTI Regional Root Identifier 196 * 4 - bytes MSTI Regional Path Cost 197 * 1 - byte MSTI Bridge Priority 198 * 1 - byte MSTI Port Priority 199 * 1 - byte MSTI Remaining Hops 200 * 201 */ 202 203#define MST_BPDU_MSTI_LENGTH 16 204#define MST_BPDU_CONFIG_INFO_LENGTH 64 205 206/* Offsets of fields from the beginning for the packet */ 207#define MST_BPDU_VER3_LEN_OFFSET 36 208#define MST_BPDU_CONFIG_NAME_OFFSET 39 209#define MST_BPDU_CONFIG_DIGEST_OFFSET 73 210#define MST_BPDU_CIST_INT_PATH_COST_OFFSET 89 211#define MST_BPDU_CIST_BRIDGE_ID_OFFSET 93 212#define MST_BPDU_CIST_REMAIN_HOPS_OFFSET 101 213#define MST_BPDU_MSTI_OFFSET 102 214/* Offsets within an MSTI */ 215#define MST_BPDU_MSTI_ROOT_PRIO_OFFSET 1 216#define MST_BPDU_MSTI_ROOT_PATH_COST_OFFSET 9 217#define MST_BPDU_MSTI_BRIDGE_PRIO_OFFSET 13 218#define MST_BPDU_MSTI_PORT_PRIO_OFFSET 14 219#define MST_BPDU_MSTI_REMAIN_HOPS_OFFSET 15 220 221#define SPB_BPDU_MIN_LEN 87 222#define SPB_BPDU_CONFIG_NAME_OFFSET 3 223#define SPB_BPDU_CONFIG_REV_OFFSET SPB_BPDU_CONFIG_NAME_OFFSET + 32 224#define SPB_BPDU_CONFIG_DIGEST_OFFSET SPB_BPDU_CONFIG_REV_OFFSET + 2 225#define SPB_BPDU_AGREEMENT_OFFSET SPB_BPDU_CONFIG_DIGEST_OFFSET + 16 226#define SPB_BPDU_AGREEMENT_UNUSED_OFFSET SPB_BPDU_AGREEMENT_OFFSET + 1 227#define SPB_BPDU_AGREEMENT_FORMAT_OFFSET SPB_BPDU_AGREEMENT_UNUSED_OFFSET + 1 228#define SPB_BPDU_AGREEMENT_CON_OFFSET SPB_BPDU_AGREEMENT_FORMAT_OFFSET + 1 229#define SPB_BPDU_AGREEMENT_EDGE_OFFSET SPB_BPDU_AGREEMENT_CON_OFFSET + 1 230#define SPB_BPDU_AGREEMENT_RES1_OFFSET SPB_BPDU_AGREEMENT_EDGE_OFFSET + 2 231#define SPB_BPDU_AGREEMENT_RES2_OFFSET SPB_BPDU_AGREEMENT_RES1_OFFSET + 4 232#define SPB_BPDU_AGREEMENT_DIGEST_OFFSET SPB_BPDU_AGREEMENT_RES2_OFFSET + 4 233 234static void 235stp_print_mstp_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu, 236 u_int length) 237{ 238 const u_char *ptr; 239 uint8_t bpdu_flags; 240 uint16_t v3len; 241 uint16_t len; 242 uint16_t msti; 243 u_int offset; 244 245 ptr = (const u_char *)stp_bpdu; 246 bpdu_flags = GET_U_1(stp_bpdu->flags); 247 ND_PRINT(", CIST Flags [%s], length %u", 248 bittok2str(stp_bpdu_flag_values, "none", bpdu_flags), length); 249 250 /* 251 * in non-verbose mode just print the flags. 252 */ 253 if (!ndo->ndo_vflag) { 254 return; 255 } 256 257 ND_PRINT("\n\tport-role %s, ", 258 tok2str(rstp_obj_port_role_values, "Unknown", 259 RSTP_EXTRACT_PORT_ROLE(bpdu_flags))); 260 261 ND_PRINT("CIST root-id %s, CIST ext-pathcost %u", 262 stp_print_bridge_id(ndo, stp_bpdu->root_id), 263 GET_BE_U_4(stp_bpdu->root_path_cost)); 264 265 ND_PRINT("\n\tCIST regional-root-id %s, ", 266 stp_print_bridge_id(ndo, stp_bpdu->bridge_id)); 267 268 ND_PRINT("CIST port-id %04x,", GET_BE_U_2(stp_bpdu->port_id)); 269 270 ND_PRINT("\n\tmessage-age %.2fs, max-age %.2fs" 271 ", hello-time %.2fs, forwarding-delay %.2fs", 272 (float) GET_BE_U_2(stp_bpdu->message_age) / STP_TIME_BASE, 273 (float) GET_BE_U_2(stp_bpdu->max_age) / STP_TIME_BASE, 274 (float) GET_BE_U_2(stp_bpdu->hello_time) / STP_TIME_BASE, 275 (float) GET_BE_U_2(stp_bpdu->forward_delay) / STP_TIME_BASE); 276 277 ND_PRINT("\n\tv3len %u, ", GET_BE_U_2(ptr + MST_BPDU_VER3_LEN_OFFSET)); 278 ND_PRINT("MCID Name "); 279 nd_printjnp(ndo, ptr + MST_BPDU_CONFIG_NAME_OFFSET, 32); 280 ND_PRINT(", rev %u," 281 "\n\t\tdigest %08x%08x%08x%08x, ", 282 GET_BE_U_2(ptr + MST_BPDU_CONFIG_NAME_OFFSET + 32), 283 GET_BE_U_4(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET), 284 GET_BE_U_4(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 4), 285 GET_BE_U_4(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 8), 286 GET_BE_U_4(ptr + MST_BPDU_CONFIG_DIGEST_OFFSET + 12)); 287 288 ND_PRINT("CIST int-root-pathcost %u,", 289 GET_BE_U_4(ptr + MST_BPDU_CIST_INT_PATH_COST_OFFSET)); 290 291 ND_PRINT("\n\tCIST bridge-id %s, ", 292 stp_print_bridge_id(ndo, ptr + MST_BPDU_CIST_BRIDGE_ID_OFFSET)); 293 294 ND_PRINT("CIST remaining-hops %u", 295 GET_U_1(ptr + MST_BPDU_CIST_REMAIN_HOPS_OFFSET)); 296 297 /* Dump all MSTI's */ 298 v3len = GET_BE_U_2(ptr + MST_BPDU_VER3_LEN_OFFSET); 299 if (v3len > MST_BPDU_CONFIG_INFO_LENGTH) { 300 len = v3len - MST_BPDU_CONFIG_INFO_LENGTH; 301 offset = MST_BPDU_MSTI_OFFSET; 302 while (len >= MST_BPDU_MSTI_LENGTH) { 303 msti = GET_BE_U_2(ptr + offset + MST_BPDU_MSTI_ROOT_PRIO_OFFSET); 304 msti = msti & 0x0FFF; 305 306 ND_PRINT("\n\tMSTI %u, Flags [%s], port-role %s", 307 msti, 308 bittok2str(stp_bpdu_flag_values, "none", GET_U_1(ptr + offset)), 309 tok2str(rstp_obj_port_role_values, "Unknown", 310 RSTP_EXTRACT_PORT_ROLE(GET_U_1(ptr + offset)))); 311 ND_PRINT("\n\t\tMSTI regional-root-id %s, pathcost %u", 312 stp_print_bridge_id(ndo, ptr + offset + 313 MST_BPDU_MSTI_ROOT_PRIO_OFFSET), 314 GET_BE_U_4(ptr + offset + MST_BPDU_MSTI_ROOT_PATH_COST_OFFSET)); 315 ND_PRINT("\n\t\tMSTI bridge-prio %u, port-prio %u, hops %u", 316 GET_U_1(ptr + offset + MST_BPDU_MSTI_BRIDGE_PRIO_OFFSET) >> 4, 317 GET_U_1(ptr + offset + MST_BPDU_MSTI_PORT_PRIO_OFFSET) >> 4, 318 GET_U_1(ptr + offset + MST_BPDU_MSTI_REMAIN_HOPS_OFFSET)); 319 320 len -= MST_BPDU_MSTI_LENGTH; 321 offset += MST_BPDU_MSTI_LENGTH; 322 } 323 } 324} 325 326static void 327stp_print_spb_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu, 328 u_int offset) 329{ 330 const u_char *ptr; 331 332 /* 333 * in non-verbose mode don't print anything. 334 */ 335 if (!ndo->ndo_vflag) { 336 return; 337 } 338 339 ptr = (const u_char *)stp_bpdu; 340 341 ND_PRINT("\n\tv4len %u, ", GET_BE_U_2(ptr + offset)); 342 ND_PRINT("AUXMCID Name "); 343 nd_printjnp(ndo, ptr + offset + SPB_BPDU_CONFIG_NAME_OFFSET, 32); 344 ND_PRINT(", Rev %u,\n\t\tdigest %08x%08x%08x%08x", 345 GET_BE_U_2(ptr + offset + SPB_BPDU_CONFIG_REV_OFFSET), 346 GET_BE_U_4(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET), 347 GET_BE_U_4(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 4), 348 GET_BE_U_4(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 8), 349 GET_BE_U_4(ptr + offset + SPB_BPDU_CONFIG_DIGEST_OFFSET + 12)); 350 351 ND_PRINT("\n\tAgreement num %u, Discarded Agreement num %u, Agreement valid-" 352 "flag %u,\n\tRestricted role-flag: %u, Format id %u cap %u, " 353 "Convention id %u cap %u,\n\tEdge count %u, " 354 "Agreement digest %08x%08x%08x%08x%08x", 355 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_OFFSET)>>6, 356 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_OFFSET)>>4 & 0x3, 357 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_OFFSET)>>3 & 0x1, 358 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_OFFSET)>>2 & 0x1, 359 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_FORMAT_OFFSET)>>4, 360 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_FORMAT_OFFSET)&0x00ff, 361 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_CON_OFFSET)>>4, 362 GET_U_1(ptr + offset + SPB_BPDU_AGREEMENT_CON_OFFSET)&0x00ff, 363 GET_BE_U_2(ptr + offset + SPB_BPDU_AGREEMENT_EDGE_OFFSET), 364 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET), 365 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET + 4), 366 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET + 8), 367 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET + 12), 368 GET_BE_U_4(ptr + offset + SPB_BPDU_AGREEMENT_DIGEST_OFFSET + 16)); 369} 370 371/* 372 * Print 802.1d / 802.1w / 802.1q (mstp) / 802.1aq (spb) packets. 373 */ 374void 375stp_print(netdissect_options *ndo, const u_char *p, u_int length) 376{ 377 const struct stp_bpdu_ *stp_bpdu; 378 u_int protocol_version; 379 u_int bpdu_type; 380 u_int mstp_len; 381 u_int spb_len; 382 383 ndo->ndo_protocol = "stp"; 384 stp_bpdu = (const struct stp_bpdu_*)p; 385 386 /* Minimum STP Frame size. */ 387 if (length < 4) 388 goto invalid; 389 390 if (GET_BE_U_2(stp_bpdu->protocol_id)) { 391 ND_PRINT("unknown STP version, length %u", length); 392 return; 393 } 394 395 protocol_version = GET_U_1(stp_bpdu->protocol_version); 396 ND_PRINT("STP %s", tok2str(stp_proto_values, "Unknown STP protocol (0x%02x)", 397 protocol_version)); 398 399 switch (protocol_version) { 400 case STP_PROTO_REGULAR: 401 case STP_PROTO_RAPID: 402 case STP_PROTO_MSTP: 403 case STP_PROTO_SPB: 404 break; 405 default: 406 return; 407 } 408 409 bpdu_type = GET_U_1(stp_bpdu->bpdu_type); 410 ND_PRINT(", %s", tok2str(stp_bpdu_type_values, "Unknown BPDU Type (0x%02x)", 411 bpdu_type)); 412 413 switch (bpdu_type) { 414 case STP_BPDU_TYPE_CONFIG: 415 if (length < sizeof(struct stp_bpdu_) - 1) { 416 goto invalid; 417 } 418 stp_print_config_bpdu(ndo, stp_bpdu, length); 419 break; 420 421 case STP_BPDU_TYPE_RSTP: 422 if (protocol_version == STP_PROTO_RAPID) { 423 if (length < sizeof(struct stp_bpdu_)) { 424 goto invalid; 425 } 426 stp_print_config_bpdu(ndo, stp_bpdu, length); 427 } else if (protocol_version == STP_PROTO_MSTP || 428 protocol_version == STP_PROTO_SPB) { 429 if (length < STP_BPDU_MSTP_MIN_LEN) { 430 goto invalid; 431 } 432 433 if (GET_U_1(stp_bpdu->v1_length) != 0) { 434 /* FIX ME: Emit a message here ? */ 435 goto invalid; 436 } 437 438 /* Validate v3 length */ 439 mstp_len = GET_BE_U_2(p + MST_BPDU_VER3_LEN_OFFSET); 440 mstp_len += 2; /* length encoding itself is 2 bytes */ 441 if (length < (sizeof(struct stp_bpdu_) + mstp_len)) { 442 goto invalid; 443 } 444 stp_print_mstp_bpdu(ndo, stp_bpdu, length); 445 446 if (protocol_version == STP_PROTO_SPB) 447 { 448 /* Validate v4 length */ 449 spb_len = GET_BE_U_2(p + MST_BPDU_VER3_LEN_OFFSET + mstp_len); 450 spb_len += 2; 451 if (length < (sizeof(struct stp_bpdu_) + mstp_len + spb_len) || 452 spb_len < SPB_BPDU_MIN_LEN) { 453 goto invalid; 454 } 455 stp_print_spb_bpdu(ndo, stp_bpdu, (sizeof(struct stp_bpdu_) + mstp_len)); 456 } 457 } 458 break; 459 460 case STP_BPDU_TYPE_TOPO_CHANGE: 461 /* always empty message - just break out */ 462 break; 463 464 default: 465 break; 466 } 467 return; 468 469invalid: 470 nd_print_invalid(ndo); 471} 472