#include #include #include #include "dat.h" #include "protos.h" typedef struct Hdr Hdr; struct Hdr { uchar code; uchar id; uchar len[2]; /* length including this header */ uchar tp; /* optional, only for Request/Response */ }; enum { EAPHDR= 4, /* sizeof(code)+sizeof(id)+sizeof(len) */ TPHDR= 1, /* sizeof(tp) */ /* eap types */ Request = 1, Response, Success, Fail, /* eap request/response sub-types */ Identity = 1, /* Identity */ Notify, /* Notification */ Nak, /* Nak (Response only) */ Md5, /* MD5-challenge */ Otp, /* one time password */ Gtc, /* generic token card */ Ttls = 21, /* tunneled TLS */ Xpnd = 254, /* expanded types */ Xprm, /* experimental use */ }; enum { Ot, }; static Mux p_mux[] = { { "eap_identity", Identity, }, { "eap_notify", Notify, }, { "eap_nak", Nak, }, { "eap_md5", Md5, }, { "eap_otp", Otp, }, { "eap_gtc", Gtc, }, { "ttls", Ttls, }, { "eap_xpnd", Xpnd, }, { "eap_xprm", Xprm, }, { 0 } }; static char *eapsubtype[256] = { [Identity] "Identity", [Notify] "Notify", [Nak] "Nak", [Md5] "Md5", [Otp] "Otp", [Gtc] "Gtc", [Ttls] "Ttls", [Xpnd] "Xpnd", [Xprm] "Xprm", }; static void p_compile(Filter *f) { Mux *m; for(m = p_mux; m->name != nil; m++) if(strcmp(f->s, m->name) == 0){ f->pr = m->pr; f->ulv = m->val; f->subop = Ot; return; } sysfatal("unknown eap field or type: %s", f->s); } static int p_filter(Filter *f, Msg *m) { Hdr *h; int len; if(f->subop != Ot) return 0; if(m->pe - m->ps < EAPHDR) return -1; h = (Hdr*)m->ps; /* truncate the message if there's extra */ /* len includes header */ len = NetS(h->len); if(m->ps+len < m->pe) m->pe = m->ps+len; else if(m->ps+len > m->pe) return -1; m->ps += EAPHDR; if(h->code != Request && h->code != Response) return 0; m->ps += TPHDR; if(h->tp == f->ulv) return 1; return 0; } static char* op(int i) { static char x[20]; switch(i){ case Request: return "Request"; case Response: return "Response"; case Success: return "Success"; case Fail: return "Fail"; default: sprint(x, "%1d", i); return x; } } static char* subop(uchar val) { static char x[20], *p; p = eapsubtype[val]; if(p != nil) return p; else { sprint(x, "%1d", val); return x; } } static int p_seprint(Msg *m) { Hdr *h; int len; char *p, *e; if(m->pe - m->ps < EAPHDR) return -1; p = m->p; e = m->e; h = (Hdr*)m->ps; /* resize packet (should already be done by eapol) */ /* len includes header */ len = NetS(h->len); if(m->ps+len < m->pe) m->pe = m->ps+len; else if(m->ps+len > m->pe) return -1; m->ps += EAPHDR; p = seprint(p, e, "id=%1d code=%s", h->id, op(h->code)); switch(h->code) { case Request: case Response: m->ps += TPHDR; p = seprint(p, e, " type=%s", subop(h->tp)); /* special case needed to print eap_notify notification as unicode */ demux(p_mux, h->tp, h->tp, m, &dump); break; default: demux(p_mux, 0, 0, m, &dump); break; } m->p = seprint(p, e, " len=%1d", len); return 0; } static int p_seprintidentity(Msg *m) { char *ps, *pe, *z; int len; m->pr = nil; ps = (char*)m->ps; pe = (char*)m->pe; /* we would like to do this depending on the 'context': * - one for eap_identity request and * - one for eap_identity response * but we've lost the context, or haven't we? * so we treat them the same, so we might erroneously * print a response as if it was a request. too bad. - axel */ for (z=ps; *z != '\0' && z+1 < pe; z++) ; if (*z == '\0' && z+1 < pe) { m->p = seprint(m->p, m->e, "prompt=(%s)", ps); len = pe - (z+1); m->p = seprint(m->p, m->e, " options=(%.*s)", len, z+1); } else { len = pe - ps; m->p = seprint(m->p, m->e, "%.*s", len, ps); } return 0; } Proto eap = { "eap", p_compile, p_filter, p_seprint, p_mux, "%lud", nil, defaultframer, }; Proto eap_identity = { "eap_identity", p_compile, p_filter, p_seprintidentity, nil, nil, nil, defaultframer, };