From 2f5d9bd4dab8285abadfc3f5cba38a2a3f082246 Mon Sep 17 00:00:00 2001 From: Pierre LALET Date: Tue, 20 Nov 2018 08:35:52 +0100 Subject: [PATCH] PPP: protocol field can be limited to one byte --- scapy/layers/ppp.py | 324 +++++++++++++++++++++++--------------------- test/regression.uts | 9 ++ 2 files changed, 179 insertions(+), 154 deletions(-) diff --git a/scapy/layers/ppp.py b/scapy/layers/ppp.py index a7470fefbd3..38a3de97bbf 100644 --- a/scapy/layers/ppp.py +++ b/scapy/layers/ppp.py @@ -22,7 +22,7 @@ ConditionalField, FieldLenField, IntField, IPField, \ PacketListField, PacketField, ShortEnumField, ShortField, \ StrFixedLenField, StrLenField, XByteField, XShortField, XStrLenField -import scapy.modules.six as six +from scapy.modules import six class PPPoE(Packet): @@ -50,155 +50,157 @@ class PPPoED(PPPoE): ShortField("len", None)] -_PPP_proto = {0x0001: "Padding Protocol", - 0x0003: "ROHC small-CID [RFC3095]", - 0x0005: "ROHC large-CID [RFC3095]", - 0x0021: "Internet Protocol version 4", - 0x0023: "OSI Network Layer", - 0x0025: "Xerox NS IDP", - 0x0027: "DECnet Phase IV", - 0x0029: "Appletalk", - 0x002b: "Novell IPX", - 0x002d: "Van Jacobson Compressed TCP/IP", - 0x002f: "Van Jacobson Uncompressed TCP/IP", - 0x0031: "Bridging PDU", - 0x0033: "Stream Protocol (ST-II)", - 0x0035: "Banyan Vines", - 0x0037: "reserved (until 1993) [Typo in RFC1172]", - 0x0039: "AppleTalk EDDP", - 0x003b: "AppleTalk SmartBuffered", - 0x003d: "Multi-Link [RFC1717]", - 0x003f: "NETBIOS Framing", - 0x0041: "Cisco Systems", - 0x0043: "Ascom Timeplex", - 0x0045: "Fujitsu Link Backup and Load Balancing (LBLB)", - 0x0047: "DCA Remote Lan", - 0x0049: "Serial Data Transport Protocol (PPP-SDTP)", - 0x004b: "SNA over 802.2", - 0x004d: "SNA", - 0x004f: "IPv6 Header Compression", - 0x0051: "KNX Bridging Data [ianp]", - 0x0053: "Encryption [Meyer]", - 0x0055: "Individual Link Encryption [Meyer]", - 0x0057: "Internet Protocol version 6 [Hinden]", - 0x0059: "PPP Muxing [RFC3153]", - 0x005b: "Vendor-Specific Network Protocol (VSNP) [RFC3772]", - 0x0061: "RTP IPHC Full Header [RFC3544]", - 0x0063: "RTP IPHC Compressed TCP [RFC3544]", - 0x0065: "RTP IPHC Compressed Non TCP [RFC3544]", - 0x0067: "RTP IPHC Compressed UDP 8 [RFC3544]", - 0x0069: "RTP IPHC Compressed RTP 8 [RFC3544]", - 0x006f: "Stampede Bridging", - 0x0071: "Reserved [Fox]", - 0x0073: "MP+ Protocol [Smith]", - 0x007d: "reserved (Control Escape) [RFC1661]", - 0x007f: "reserved (compression inefficient [RFC1662]", - 0x0081: "Reserved Until 20-Oct-2000 [IANA]", - 0x0083: "Reserved Until 20-Oct-2000 [IANA]", - 0x00c1: "NTCITS IPI [Ungar]", - 0x00cf: "reserved (PPP NLID)", - 0x00fb: "single link compression in multilink [RFC1962]", - 0x00fd: "compressed datagram [RFC1962]", - 0x00ff: "reserved (compression inefficient)", - 0x0201: "802.1d Hello Packets", - 0x0203: "IBM Source Routing BPDU", - 0x0205: "DEC LANBridge100 Spanning Tree", - 0x0207: "Cisco Discovery Protocol [Sastry]", - 0x0209: "Netcs Twin Routing [Korfmacher]", - 0x020b: "STP - Scheduled Transfer Protocol [Segal]", - 0x020d: "EDP - Extreme Discovery Protocol [Grosser]", - 0x0211: "Optical Supervisory Channel Protocol (OSCP)[Prasad]", - 0x0213: "Optical Supervisory Channel Protocol (OSCP)[Prasad]", - 0x0231: "Luxcom", - 0x0233: "Sigma Network Systems", - 0x0235: "Apple Client Server Protocol [Ridenour]", - 0x0281: "MPLS Unicast [RFC3032] ", - 0x0283: "MPLS Multicast [RFC3032]", - 0x0285: "IEEE p1284.4 standard - data packets [Batchelder]", - 0x0287: "ETSI TETRA Network Protocol Type 1 [Nieminen]", - 0x0289: "Multichannel Flow Treatment Protocol [McCann]", - 0x2063: "RTP IPHC Compressed TCP No Delta [RFC3544]", - 0x2065: "RTP IPHC Context State [RFC3544]", - 0x2067: "RTP IPHC Compressed UDP 16 [RFC3544]", - 0x2069: "RTP IPHC Compressed RTP 16 [RFC3544]", - 0x4001: "Cray Communications Control Protocol [Stage]", - 0x4003: "CDPD Mobile Network Registration Protocol [Quick]", - 0x4005: "Expand accelerator protocol [Rachmani]", - 0x4007: "ODSICP NCP [Arvind]", - 0x4009: "DOCSIS DLL [Gaedtke]", - 0x400B: "Cetacean Network Detection Protocol [Siller]", - 0x4021: "Stacker LZS [Simpson]", - 0x4023: "RefTek Protocol [Banfill]", - 0x4025: "Fibre Channel [Rajagopal]", - 0x4027: "EMIT Protocols [Eastham]", - 0x405b: "Vendor-Specific Protocol (VSP) [RFC3772]", - 0x8021: "Internet Protocol Control Protocol", - 0x8023: "OSI Network Layer Control Protocol", - 0x8025: "Xerox NS IDP Control Protocol", - 0x8027: "DECnet Phase IV Control Protocol", - 0x8029: "Appletalk Control Protocol", - 0x802b: "Novell IPX Control Protocol", - 0x802d: "reserved", - 0x802f: "reserved", - 0x8031: "Bridging NCP", - 0x8033: "Stream Protocol Control Protocol", - 0x8035: "Banyan Vines Control Protocol", - 0x8037: "reserved (until 1993)", - 0x8039: "reserved", - 0x803b: "reserved", - 0x803d: "Multi-Link Control Protocol", - 0x803f: "NETBIOS Framing Control Protocol", - 0x8041: "Cisco Systems Control Protocol", - 0x8043: "Ascom Timeplex", - 0x8045: "Fujitsu LBLB Control Protocol", - 0x8047: "DCA Remote Lan Network Control Protocol (RLNCP)", - 0x8049: "Serial Data Control Protocol (PPP-SDCP)", - 0x804b: "SNA over 802.2 Control Protocol", - 0x804d: "SNA Control Protocol", - 0x804f: "IP6 Header Compression Control Protocol", - 0x8051: "KNX Bridging Control Protocol [ianp]", - 0x8053: "Encryption Control Protocol [Meyer]", - 0x8055: "Individual Link Encryption Control Protocol [Meyer]", - 0x8057: "IPv6 Control Protovol [Hinden]", - 0x8059: "PPP Muxing Control Protocol [RFC3153]", - 0x805b: "Vendor-Specific Network Control Protocol (VSNCP) [RFC3772]", # noqa: E501 - 0x806f: "Stampede Bridging Control Protocol", - 0x8073: "MP+ Control Protocol [Smith]", - 0x8071: "Reserved [Fox]", - 0x807d: "Not Used - reserved [RFC1661]", - 0x8081: "Reserved Until 20-Oct-2000 [IANA]", - 0x8083: "Reserved Until 20-Oct-2000 [IANA]", - 0x80c1: "NTCITS IPI Control Protocol [Ungar]", - 0x80cf: "Not Used - reserved [RFC1661]", - 0x80fb: "single link compression in multilink control [RFC1962]", - 0x80fd: "Compression Control Protocol [RFC1962]", - 0x80ff: "Not Used - reserved [RFC1661]", - 0x8207: "Cisco Discovery Protocol Control [Sastry]", - 0x8209: "Netcs Twin Routing [Korfmacher]", - 0x820b: "STP - Control Protocol [Segal]", - 0x820d: "EDPCP - Extreme Discovery Protocol Ctrl Prtcl [Grosser]", # noqa: E501 - 0x8235: "Apple Client Server Protocol Control [Ridenour]", - 0x8281: "MPLSCP [RFC3032]", - 0x8285: "IEEE p1284.4 standard - Protocol Control [Batchelder]", - 0x8287: "ETSI TETRA TNP1 Control Protocol [Nieminen]", - 0x8289: "Multichannel Flow Treatment Protocol [McCann]", - 0xc021: "Link Control Protocol", - 0xc023: "Password Authentication Protocol", - 0xc025: "Link Quality Report", - 0xc027: "Shiva Password Authentication Protocol", - 0xc029: "CallBack Control Protocol (CBCP)", - 0xc02b: "BACP Bandwidth Allocation Control Protocol [RFC2125]", - 0xc02d: "BAP [RFC2125]", - 0xc05b: "Vendor-Specific Authentication Protocol (VSAP) [RFC3772]", # noqa: E501 - 0xc081: "Container Control Protocol [KEN]", - 0xc223: "Challenge Handshake Authentication Protocol", - 0xc225: "RSA Authentication Protocol [Narayana]", - 0xc227: "Extensible Authentication Protocol [RFC2284]", - 0xc229: "Mitsubishi Security Info Exch Ptcl (SIEP) [Seno]", - 0xc26f: "Stampede Bridging Authorization Protocol", - 0xc281: "Proprietary Authentication Protocol [KEN]", - 0xc283: "Proprietary Authentication Protocol [Tackabury]", - 0xc481: "Proprietary Node ID Authentication Protocol [KEN]"} +_PPP_PROTOCOLS = { + 0x0001: "Padding Protocol", + 0x0003: "ROHC small-CID [RFC3095]", + 0x0005: "ROHC large-CID [RFC3095]", + 0x0021: "Internet Protocol version 4", + 0x0023: "OSI Network Layer", + 0x0025: "Xerox NS IDP", + 0x0027: "DECnet Phase IV", + 0x0029: "Appletalk", + 0x002b: "Novell IPX", + 0x002d: "Van Jacobson Compressed TCP/IP", + 0x002f: "Van Jacobson Uncompressed TCP/IP", + 0x0031: "Bridging PDU", + 0x0033: "Stream Protocol (ST-II)", + 0x0035: "Banyan Vines", + 0x0037: "reserved (until 1993) [Typo in RFC1172]", + 0x0039: "AppleTalk EDDP", + 0x003b: "AppleTalk SmartBuffered", + 0x003d: "Multi-Link [RFC1717]", + 0x003f: "NETBIOS Framing", + 0x0041: "Cisco Systems", + 0x0043: "Ascom Timeplex", + 0x0045: "Fujitsu Link Backup and Load Balancing (LBLB)", + 0x0047: "DCA Remote Lan", + 0x0049: "Serial Data Transport Protocol (PPP-SDTP)", + 0x004b: "SNA over 802.2", + 0x004d: "SNA", + 0x004f: "IPv6 Header Compression", + 0x0051: "KNX Bridging Data [ianp]", + 0x0053: "Encryption [Meyer]", + 0x0055: "Individual Link Encryption [Meyer]", + 0x0057: "Internet Protocol version 6 [Hinden]", + 0x0059: "PPP Muxing [RFC3153]", + 0x005b: "Vendor-Specific Network Protocol (VSNP) [RFC3772]", + 0x0061: "RTP IPHC Full Header [RFC3544]", + 0x0063: "RTP IPHC Compressed TCP [RFC3544]", + 0x0065: "RTP IPHC Compressed Non TCP [RFC3544]", + 0x0067: "RTP IPHC Compressed UDP 8 [RFC3544]", + 0x0069: "RTP IPHC Compressed RTP 8 [RFC3544]", + 0x006f: "Stampede Bridging", + 0x0071: "Reserved [Fox]", + 0x0073: "MP+ Protocol [Smith]", + 0x007d: "reserved (Control Escape) [RFC1661]", + 0x007f: "reserved (compression inefficient [RFC1662]", + 0x0081: "Reserved Until 20-Oct-2000 [IANA]", + 0x0083: "Reserved Until 20-Oct-2000 [IANA]", + 0x00c1: "NTCITS IPI [Ungar]", + 0x00cf: "reserved (PPP NLID)", + 0x00fb: "single link compression in multilink [RFC1962]", + 0x00fd: "compressed datagram [RFC1962]", + 0x00ff: "reserved (compression inefficient)", + 0x0201: "802.1d Hello Packets", + 0x0203: "IBM Source Routing BPDU", + 0x0205: "DEC LANBridge100 Spanning Tree", + 0x0207: "Cisco Discovery Protocol [Sastry]", + 0x0209: "Netcs Twin Routing [Korfmacher]", + 0x020b: "STP - Scheduled Transfer Protocol [Segal]", + 0x020d: "EDP - Extreme Discovery Protocol [Grosser]", + 0x0211: "Optical Supervisory Channel Protocol (OSCP)[Prasad]", + 0x0213: "Optical Supervisory Channel Protocol (OSCP)[Prasad]", + 0x0231: "Luxcom", + 0x0233: "Sigma Network Systems", + 0x0235: "Apple Client Server Protocol [Ridenour]", + 0x0281: "MPLS Unicast [RFC3032] ", + 0x0283: "MPLS Multicast [RFC3032]", + 0x0285: "IEEE p1284.4 standard - data packets [Batchelder]", + 0x0287: "ETSI TETRA Network Protocol Type 1 [Nieminen]", + 0x0289: "Multichannel Flow Treatment Protocol [McCann]", + 0x2063: "RTP IPHC Compressed TCP No Delta [RFC3544]", + 0x2065: "RTP IPHC Context State [RFC3544]", + 0x2067: "RTP IPHC Compressed UDP 16 [RFC3544]", + 0x2069: "RTP IPHC Compressed RTP 16 [RFC3544]", + 0x4001: "Cray Communications Control Protocol [Stage]", + 0x4003: "CDPD Mobile Network Registration Protocol [Quick]", + 0x4005: "Expand accelerator protocol [Rachmani]", + 0x4007: "ODSICP NCP [Arvind]", + 0x4009: "DOCSIS DLL [Gaedtke]", + 0x400B: "Cetacean Network Detection Protocol [Siller]", + 0x4021: "Stacker LZS [Simpson]", + 0x4023: "RefTek Protocol [Banfill]", + 0x4025: "Fibre Channel [Rajagopal]", + 0x4027: "EMIT Protocols [Eastham]", + 0x405b: "Vendor-Specific Protocol (VSP) [RFC3772]", + 0x8021: "Internet Protocol Control Protocol", + 0x8023: "OSI Network Layer Control Protocol", + 0x8025: "Xerox NS IDP Control Protocol", + 0x8027: "DECnet Phase IV Control Protocol", + 0x8029: "Appletalk Control Protocol", + 0x802b: "Novell IPX Control Protocol", + 0x802d: "reserved", + 0x802f: "reserved", + 0x8031: "Bridging NCP", + 0x8033: "Stream Protocol Control Protocol", + 0x8035: "Banyan Vines Control Protocol", + 0x8037: "reserved (until 1993)", + 0x8039: "reserved", + 0x803b: "reserved", + 0x803d: "Multi-Link Control Protocol", + 0x803f: "NETBIOS Framing Control Protocol", + 0x8041: "Cisco Systems Control Protocol", + 0x8043: "Ascom Timeplex", + 0x8045: "Fujitsu LBLB Control Protocol", + 0x8047: "DCA Remote Lan Network Control Protocol (RLNCP)", + 0x8049: "Serial Data Control Protocol (PPP-SDCP)", + 0x804b: "SNA over 802.2 Control Protocol", + 0x804d: "SNA Control Protocol", + 0x804f: "IP6 Header Compression Control Protocol", + 0x8051: "KNX Bridging Control Protocol [ianp]", + 0x8053: "Encryption Control Protocol [Meyer]", + 0x8055: "Individual Link Encryption Control Protocol [Meyer]", + 0x8057: "IPv6 Control Protovol [Hinden]", + 0x8059: "PPP Muxing Control Protocol [RFC3153]", + 0x805b: "Vendor-Specific Network Control Protocol (VSNCP) [RFC3772]", # noqa: E501 + 0x806f: "Stampede Bridging Control Protocol", + 0x8073: "MP+ Control Protocol [Smith]", + 0x8071: "Reserved [Fox]", + 0x807d: "Not Used - reserved [RFC1661]", + 0x8081: "Reserved Until 20-Oct-2000 [IANA]", + 0x8083: "Reserved Until 20-Oct-2000 [IANA]", + 0x80c1: "NTCITS IPI Control Protocol [Ungar]", + 0x80cf: "Not Used - reserved [RFC1661]", + 0x80fb: "single link compression in multilink control [RFC1962]", + 0x80fd: "Compression Control Protocol [RFC1962]", + 0x80ff: "Not Used - reserved [RFC1661]", + 0x8207: "Cisco Discovery Protocol Control [Sastry]", + 0x8209: "Netcs Twin Routing [Korfmacher]", + 0x820b: "STP - Control Protocol [Segal]", + 0x820d: "EDPCP - Extreme Discovery Protocol Ctrl Prtcl [Grosser]", # noqa: E501 + 0x8235: "Apple Client Server Protocol Control [Ridenour]", + 0x8281: "MPLSCP [RFC3032]", + 0x8285: "IEEE p1284.4 standard - Protocol Control [Batchelder]", + 0x8287: "ETSI TETRA TNP1 Control Protocol [Nieminen]", + 0x8289: "Multichannel Flow Treatment Protocol [McCann]", + 0xc021: "Link Control Protocol", + 0xc023: "Password Authentication Protocol", + 0xc025: "Link Quality Report", + 0xc027: "Shiva Password Authentication Protocol", + 0xc029: "CallBack Control Protocol (CBCP)", + 0xc02b: "BACP Bandwidth Allocation Control Protocol [RFC2125]", + 0xc02d: "BAP [RFC2125]", + 0xc05b: "Vendor-Specific Authentication Protocol (VSAP) [RFC3772]", # noqa: E501 + 0xc081: "Container Control Protocol [KEN]", + 0xc223: "Challenge Handshake Authentication Protocol", + 0xc225: "RSA Authentication Protocol [Narayana]", + 0xc227: "Extensible Authentication Protocol [RFC2284]", + 0xc229: "Mitsubishi Security Info Exch Ptcl (SIEP) [Seno]", + 0xc26f: "Stampede Bridging Authorization Protocol", + 0xc281: "Proprietary Authentication Protocol [KEN]", + 0xc283: "Proprietary Authentication Protocol [Tackabury]", + 0xc481: "Proprietary Node ID Authentication Protocol [KEN]", +} class HDLC(Packet): @@ -208,15 +210,29 @@ class HDLC(Packet): class PPP(Packet): name = "PPP Link Layer" - fields_desc = [ShortEnumField("proto", 0x0021, _PPP_proto)] + fields_desc = [ShortEnumField("proto", 0x0021, _PPP_PROTOCOLS)] @classmethod def dispatch_hook(cls, _pkt=None, *args, **kargs): - if _pkt and orb(_pkt[0]) == 0xff: - cls = HDLC + if _pkt: + first_byte = orb(_pkt[0]) + if first_byte == 0xff: + return HDLC + # See RFC 1661 section 2 + # + if first_byte & 0x01: + return PPP_ return cls +class PPP_(PPP): + fields_desc = [ + ByteEnumField("proto", 0x21, + {k: v for k, v in six.viewitems(_PPP_PROTOCOLS) + if k < 0x100}), + ] + + _PPP_conftypes = {1: "Configure-Request", 2: "Configure-Ack", 3: "Configure-Nak", @@ -552,7 +568,7 @@ class PPP_LCP_Protocol_Reject(PPP_LCP): XByteField("id", 0), FieldLenField("len", None, fmt="H", length_of="rejected_information", # noqa: E501 adjust=lambda p, x:x + 6), - ShortEnumField("rejected_protocol", None, _PPP_proto), + ShortEnumField("rejected_protocol", None, _PPP_PROTOCOLS), PacketField("rejected_information", None, Packet)] diff --git a/test/regression.uts b/test/regression.uts index 70353d320ea..064436efacc 100644 --- a/test/regression.uts +++ b/test/regression.uts @@ -1954,6 +1954,15 @@ assert( raw(p) == raw(q) ) assert( q[PPP_ECP_Option].data == b"ABCDEFG" ) += PPP_ (PPP with only one byte for protocol) +~ ppp + +assert(len(raw(PPP_() / IP())) == 21) + +p = PPP(b'!E\x00\x00<\x00\x00@\x008\x06\xa5\xce\x85wP)\xc0\xa8Va\x01\xbbd\x8a\xe2}r\xb8O\x95\xb5\x84\xa0\x12q \xc8\x08\x00\x00\x02\x04\x02\x18\x04\x02\x08\nQ\xdf\xd6\xb0\x00\x07LH\x01\x03\x03\x07Ao') +assert(IP in p) +assert(TCP in p) + # Scapy6 Regression Test Campaign ############