harvey/sys/src/cmd/ip/snoopy/eap.c

#include <u.h>
#include <libc.h>
#include <ip.h>
#include "dat.h"
#include "protos.h"

typedef struct Hdr	Hdr;
struct Hdr
{
	uchar	code;
	uchar	id;
	uchar	len[2];	/* length including this header */

	uchar	tp;	/* optional, only for Request/Response */
};

enum
{
	EAPHDR=	4,	/* sizeof(code)+sizeof(id)+sizeof(len) */
	TPHDR= 1,	/* sizeof(tp) */

	/* eap types */
	Request = 1,
	Response,
	Success,
	Fail,

	/* eap request/response sub-types */
	Identity = 1,		/* Identity */
	Notify,		/* Notification */
	Nak,			/* Nak (Response only) */
	Md5,		/* MD5-challenge */
	Otp,			/* one time password */
	Gtc,			/* generic token card */
	Ttls = 21,		/* tunneled TLS */
	Xpnd = 254,	/* expanded types */
	Xprm,		/* experimental use */
};

enum
{
	Ot,
};

static Mux p_mux[] =
{
	{ "eap_identity", Identity, },
	{ "eap_notify", Notify, },
	{ "eap_nak", Nak, },
	{ "eap_md5", Md5, },
	{ "eap_otp", Otp, },
	{ "eap_gtc", Gtc, },
	{ "ttls", Ttls, },
	{ "eap_xpnd", Xpnd, },
	{ "eap_xprm", Xprm, }, 
	{ 0 }
};

static char *eapsubtype[256] =
{
[Identity]	"Identity",
[Notify]	"Notify",
[Nak]		"Nak",
[Md5]	"Md5",
[Otp]		"Otp",
[Gtc]		"Gtc",
[Ttls]		"Ttls",
[Xpnd]	"Xpnd",
[Xprm]	"Xprm",
};


static void
p_compile(Filter *f)
{
	Mux *m;

	for(m = p_mux; m->name != nil; m++)
		if(strcmp(f->s, m->name) == 0){
			f->pr = m->pr;
			f->ulv = m->val;
			f->subop = Ot;
			return;
		}
	sysfatal("unknown eap field or type: %s", f->s);
}

static int
p_filter(Filter *f, Msg *m)
{
	Hdr *h;
	int len;

	if(f->subop != Ot)
		return 0;

	if(m->pe - m->ps < EAPHDR)
		return -1;

	h = (Hdr*)m->ps;

	/* truncate the message if there's extra */
	/* len includes header */
	len = NetS(h->len);
	if(m->ps+len < m->pe)
		m->pe = m->ps+len;
	else if(m->ps+len > m->pe)
		return -1;
	m->ps += EAPHDR;

	if(h->code != Request && h->code != Response)
		return 0;
	m->ps += TPHDR;

	if(h->tp == f->ulv)
		return 1;

	return 0;
}

static char*
op(int i)
{
	static char x[20];

	switch(i){
	case Request:
		return "Request";
	case Response:
		return "Response";
	case Success:
		return "Success";
	case Fail:
		return "Fail";
	default:
		sprint(x, "%1d", i);
		return x;
	}
}

static char*
subop(uchar val)
{
	static char x[20], *p;

	p = eapsubtype[val];
	if(p != nil)
		return p;
	else {
		sprint(x, "%1d", val);
		return x;
	}
}

static int
p_seprint(Msg *m)
{
	Hdr *h;
	int len;
	char *p, *e;

	if(m->pe - m->ps < EAPHDR)
		return -1;

	p = m->p;
	e = m->e;
	h = (Hdr*)m->ps;

	/* resize packet (should already be done by eapol) */
	/* len includes header */
	len = NetS(h->len);
	if(m->ps+len < m->pe)
		m->pe = m->ps+len;
	else if(m->ps+len > m->pe)
		return -1;
	m->ps += EAPHDR;

	p = seprint(p, e, "id=%1d code=%s", h->id, op(h->code));
	switch(h->code) {
	case Request:
	case Response:
		m->ps += TPHDR;
		p = seprint(p, e, " type=%s", subop(h->tp));
		/* special case needed to print eap_notify notification as unicode */
		demux(p_mux, h->tp, h->tp, m, &dump);
		break;
	default:
		demux(p_mux, 0, 0, m, &dump);
		break;
	}
	m->p = seprint(p, e, " len=%1d", len);
	return 0;
}

static int
p_seprintidentity(Msg *m)
{
	char *ps, *pe, *z;
	int len;

	m->pr = nil;
	ps = (char*)m->ps;
	pe = (char*)m->pe;

	/* we would like to do this depending on the 'context':
	 *  - one for eap_identity request and
	 *  - one for eap_identity response
	 * but we've lost the context, or haven't we?
	 * so we treat them the same, so we might erroneously
	 * print a response as if it was a request. too bad. - axel
	 */
	for (z=ps; *z != '\0' && z+1 < pe; z++)
		;
	if (*z == '\0' && z+1 < pe) {
		m->p = seprint(m->p, m->e, "prompt=(%s)", ps);
		len = pe - (z+1);
		m->p = seprint(m->p, m->e, " options=(%.*s)", len, z+1);
	} else {
		len = pe - ps;
		m->p = seprint(m->p, m->e, "%.*s", len, ps);
	}
	return 0;
}

Proto eap =
{
	"eap",
	p_compile,
	p_filter,
	p_seprint,
	p_mux,
	"%lud",
	nil,
	defaultframer,
};

Proto eap_identity =
{
	"eap_identity",
	p_compile,
	p_filter,
	p_seprintidentity,
	nil,
	nil,
	nil,
	defaultframer,
};