diff options
author | Guy Harris <gharris@sonic.net> | 2020-05-28 01:25:09 -0700 |
---|---|---|
committer | Guy Harris <gharris@sonic.net> | 2020-05-28 01:25:09 -0700 |
commit | df2d7be173d4a34dd5b39850da6addf44c952401 (patch) | |
tree | 9069eee22224ad5cf523d78f5d931c9f7a5d0913 /print-ether.c | |
parent | fc1f0e7e582c75239590da976b91d0568c6f9d57 (diff) | |
download | tcpdump-df2d7be173d4a34dd5b39850da6addf44c952401.tar.gz |
ether: clean up MACsec processing.
Print the length early if we're printing the link-layer header.
If the payload is encrypted or otherwise modified, print it out as raw
data.
If the payload is not encrypted or otherwise modified, and we didn't
have a problem printing the header, fetch the type/length field
following the MACsec header, skip past it, and continue, rather than
looping back - there shouldn't be multiple MACsec headers, as far as I
know. (If that's not the case, go back to looping.)
Diffstat (limited to 'print-ether.c')
-rw-r--r-- | print-ether.c | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/print-ether.c b/print-ether.c index 0d8dbba9..f8399b40 100644 --- a/print-ether.c +++ b/print-ether.c @@ -204,16 +204,28 @@ recurse: p += 2; hdrlen += 2; + /* + * Process 802.1AE MACsec headers. + */ + printed_length = 0; if (length_type == ETHERTYPE_MACSEC) { /* * MACsec, aka IEEE 802.1AE-2006 * Print the header, and try to print the payload if it's not encrypted */ + if (ndo->ndo_eflag) { + ether_type_print(ndo, length_type); + ND_PRINT(", length %u: ", orig_length); + printed_length = 1; + } + int ret = macsec_print(ndo, &p, &length, &caplen, &hdrlen); if (ret == 0) { - /* Payload is encrypted; just quit. */ - return (hdrlen + caplen); + /* Payload is encrypted; print it as raw data. */ + if (!ndo->ndo_suppress_default_print) + ND_DEFAULTPRINT(p, caplen); + return (hdrlen); } else if (ret > 0) { /* Problem printing the header; just quit. */ return (ret); @@ -221,14 +233,18 @@ recurse: /* * Keep processing type/length fields. */ - goto recurse; + length_type = GET_BE_U_2(p); + + length -= 2; + caplen -= 2; + p += 2; + hdrlen += 2; } } /* * Process VLAN tag types. */ - printed_length = 0; while (length_type == ETHERTYPE_8021Q || length_type == ETHERTYPE_8021Q9100 || length_type == ETHERTYPE_8021Q9200 || |