external/tcpdump/print-802_15_4.c

*05b00f60SXin Li/*
*05b00f60SXin Li * Copyright (c) 2009
*05b00f60SXin Li *	Siemens AG, All rights reserved.
*05b00f60SXin Li *	Dmitry Eremin-Solenikov ([email protected])
*05b00f60SXin Li *
*05b00f60SXin Li * Redistribution and use in source and binary forms, with or without
*05b00f60SXin Li * modification, are permitted provided that: (1) source code distributions
*05b00f60SXin Li * retain the above copyright notice and this paragraph in its entirety, (2)
*05b00f60SXin Li * distributions including binary code include the above copyright notice and
*05b00f60SXin Li * this paragraph in its entirety in the documentation or other materials
*05b00f60SXin Li * provided with the distribution, and (3) all advertising materials mentioning
*05b00f60SXin Li * features or use of this software display the following acknowledgement:
*05b00f60SXin Li * ``This product includes software developed by the University of California,
*05b00f60SXin Li * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
*05b00f60SXin Li * the University nor the names of its contributors may be used to endorse
*05b00f60SXin Li * or promote products derived from this software without specific prior
*05b00f60SXin Li * written permission.
*05b00f60SXin Li * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
*05b00f60SXin Li * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
*05b00f60SXin Li * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*05b00f60SXin Li */
*05b00f60SXin Li
*05b00f60SXin Li/* \summary: IEEE 802.15.4 printer */
*05b00f60SXin Li
*05b00f60SXin Li#ifdef HAVE_CONFIG_H
*05b00f60SXin Li#include <config.h>
*05b00f60SXin Li#endif
*05b00f60SXin Li
*05b00f60SXin Li#include "netdissect-stdinc.h"
*05b00f60SXin Li
*05b00f60SXin Li#define ND_LONGJMP_FROM_TCHECK
*05b00f60SXin Li#include "netdissect.h"
*05b00f60SXin Li#include "addrtoname.h"
*05b00f60SXin Li
*05b00f60SXin Li#include "extract.h"
*05b00f60SXin Li
*05b00f60SXin Li#define CHECK_BIT(num,bit) (((num) >> (bit)) & 0x1)
*05b00f60SXin Li
*05b00f60SXin Li#define BROKEN_6TISCH_PAN_ID_COMPRESSION 0
*05b00f60SXin Li
*05b00f60SXin Li/* Frame types from Table 7-1 of 802.15.4-2015 */
*05b00f60SXin Listatic const char *ftypes[] = {
*05b00f60SXin Li	"Beacon",			/* 0 */
*05b00f60SXin Li	"Data",				/* 1 */
*05b00f60SXin Li	"ACK",				/* 2 */
*05b00f60SXin Li	"Command",			/* 3 */
*05b00f60SXin Li	"Reserved",			/* 4 */
*05b00f60SXin Li	"Multipurpose",			/* 5 */
*05b00f60SXin Li	"Fragment",			/* 6 */
*05b00f60SXin Li	"Extended"			/* 7 */
*05b00f60SXin Li};
*05b00f60SXin Li
*05b00f60SXin Li/* Element IDs for Header IEs from Table 7-7 of 802.15.4-2015 */
*05b00f60SXin Listatic const char *h_ie_names[] = {
*05b00f60SXin Li	"Vendor Specific Header IE",			/* 0x00 */
*05b00f60SXin Li	"Reserved 0x01",				/* 0x01 */
*05b00f60SXin Li	"Reserved 0x02",				/* 0x02 */
*05b00f60SXin Li	"Reserved 0x03",				/* 0x03 */
*05b00f60SXin Li	"Reserved 0x04",				/* 0x04 */
*05b00f60SXin Li	"Reserved 0x05",				/* 0x05 */
*05b00f60SXin Li	"Reserved 0x06",				/* 0x06 */
*05b00f60SXin Li	"Reserved 0x07",				/* 0x07 */
*05b00f60SXin Li	"Reserved 0x08",				/* 0x08 */
*05b00f60SXin Li	"Reserved 0x09",				/* 0x09 */
*05b00f60SXin Li	"Reserved 0x0a",				/* 0x0a */
*05b00f60SXin Li	"Reserved 0x0b",				/* 0x0b */
*05b00f60SXin Li	"Reserved 0x0c",				/* 0x0c */
*05b00f60SXin Li	"Reserved 0x0d",				/* 0x0d */
*05b00f60SXin Li	"Reserved 0x0e",				/* 0x0e */
*05b00f60SXin Li	"Reserved 0x0f",				/* 0x0f */
*05b00f60SXin Li	"Reserved 0x10",				/* 0x10 */
*05b00f60SXin Li	"Reserved 0x11",				/* 0x11 */
*05b00f60SXin Li	"Reserved 0x12",				/* 0x12 */
*05b00f60SXin Li	"Reserved 0x13",				/* 0x13 */
*05b00f60SXin Li	"Reserved 0x14",				/* 0x14 */
*05b00f60SXin Li	"Reserved 0x15",				/* 0x15 */
*05b00f60SXin Li	"Reserved 0x16",				/* 0x16 */
*05b00f60SXin Li	"Reserved 0x17",				/* 0x17 */
*05b00f60SXin Li	"Reserved 0x18",				/* 0x18 */
*05b00f60SXin Li	"Reserved 0x19",				/* 0x19 */
*05b00f60SXin Li	"LE CSL IE",					/* 0x1a */
*05b00f60SXin Li	"LE RIT IE",					/* 0x1b */
*05b00f60SXin Li	"DSME PAN descriptor IE",			/* 0x1c */
*05b00f60SXin Li	"Rendezvous Time IE",				/* 0x1d */
*05b00f60SXin Li	"Time Correction IE",				/* 0x1e */
*05b00f60SXin Li	"Reserved 0x1f",				/* 0x1f */
*05b00f60SXin Li	"Reserved 0x20",				/* 0x20 */
*05b00f60SXin Li	"Extended DSME PAN descriptor IE",		/* 0x21 */
*05b00f60SXin Li	"Fragment Sequence Context Description IE",	/* 0x22 */
*05b00f60SXin Li	"Simplified Superframe Specification IE",	/* 0x23 */
*05b00f60SXin Li	"Simplified GTS Specification IE",		/* 0x24 */
*05b00f60SXin Li	"LECIM Capabilities IE",			/* 0x25 */
*05b00f60SXin Li	"TRLE Descriptor IE",				/* 0x26 */
*05b00f60SXin Li	"RCC Capabilities IE",				/* 0x27 */
*05b00f60SXin Li	"RCCN Descriptor IE",				/* 0x28 */
*05b00f60SXin Li	"Global Time IE",				/* 0x29 */
*05b00f60SXin Li	"Omnibus Header IE",				/* 0x2a */
*05b00f60SXin Li	"DA IE",					/* 0x2b */
*05b00f60SXin Li	"Reserved 0x2c",				/* 0x2c */
*05b00f60SXin Li	"Reserved 0x2d",				/* 0x2d */
*05b00f60SXin Li	"Reserved 0x2e",				/* 0x2e */
*05b00f60SXin Li	"Reserved 0x2f",				/* 0x2f */
*05b00f60SXin Li	"Reserved 0x30",				/* 0x30 */
*05b00f60SXin Li	"Reserved 0x31",				/* 0x31 */
*05b00f60SXin Li	"Reserved 0x32",				/* 0x32 */
*05b00f60SXin Li	"Reserved 0x33",				/* 0x33 */
*05b00f60SXin Li	"Reserved 0x34",				/* 0x34 */
*05b00f60SXin Li	"Reserved 0x35",				/* 0x35 */
*05b00f60SXin Li	"Reserved 0x36",				/* 0x36 */
*05b00f60SXin Li	"Reserved 0x37",				/* 0x37 */
*05b00f60SXin Li	"Reserved 0x38",				/* 0x38 */
*05b00f60SXin Li	"Reserved 0x39",				/* 0x39 */
*05b00f60SXin Li	"Reserved 0x3a",				/* 0x3a */
*05b00f60SXin Li	"Reserved 0x3b",				/* 0x3b */
*05b00f60SXin Li	"Reserved 0x3c",				/* 0x3c */
*05b00f60SXin Li	"Reserved 0x3d",				/* 0x3d */
*05b00f60SXin Li	"Reserved 0x3e",				/* 0x3e */
*05b00f60SXin Li	"Reserved 0x3f",				/* 0x3f */
*05b00f60SXin Li	"Reserved 0x40",				/* 0x40 */
*05b00f60SXin Li	"Reserved 0x41",				/* 0x41 */
*05b00f60SXin Li	"Reserved 0x42",				/* 0x42 */
*05b00f60SXin Li	"Reserved 0x43",				/* 0x43 */
*05b00f60SXin Li	"Reserved 0x44",				/* 0x44 */
*05b00f60SXin Li	"Reserved 0x45",				/* 0x45 */
*05b00f60SXin Li	"Reserved 0x46",				/* 0x46 */
*05b00f60SXin Li	"Reserved 0x47",				/* 0x47 */
*05b00f60SXin Li	"Reserved 0x48",				/* 0x48 */
*05b00f60SXin Li	"Reserved 0x49",				/* 0x49 */
*05b00f60SXin Li	"Reserved 0x4a",				/* 0x4a */
*05b00f60SXin Li	"Reserved 0x4b",				/* 0x4b */
*05b00f60SXin Li	"Reserved 0x4c",				/* 0x4c */
*05b00f60SXin Li	"Reserved 0x4d",				/* 0x4d */
*05b00f60SXin Li	"Reserved 0x4e",				/* 0x4e */
*05b00f60SXin Li	"Reserved 0x4f",				/* 0x4f */
*05b00f60SXin Li	"Reserved 0x50",				/* 0x50 */
*05b00f60SXin Li	"Reserved 0x51",				/* 0x51 */
*05b00f60SXin Li	"Reserved 0x52",				/* 0x52 */
*05b00f60SXin Li	"Reserved 0x53",				/* 0x53 */
*05b00f60SXin Li	"Reserved 0x54",				/* 0x54 */
*05b00f60SXin Li	"Reserved 0x55",				/* 0x55 */
*05b00f60SXin Li	"Reserved 0x56",				/* 0x56 */
*05b00f60SXin Li	"Reserved 0x57",				/* 0x57 */
*05b00f60SXin Li	"Reserved 0x58",				/* 0x58 */
*05b00f60SXin Li	"Reserved 0x59",				/* 0x59 */
*05b00f60SXin Li	"Reserved 0x5a",				/* 0x5a */
*05b00f60SXin Li	"Reserved 0x5b",				/* 0x5b */
*05b00f60SXin Li	"Reserved 0x5c",				/* 0x5c */
*05b00f60SXin Li	"Reserved 0x5d",				/* 0x5d */
*05b00f60SXin Li	"Reserved 0x5e",				/* 0x5e */
*05b00f60SXin Li	"Reserved 0x5f",				/* 0x5f */
*05b00f60SXin Li	"Reserved 0x60",				/* 0x60 */
*05b00f60SXin Li	"Reserved 0x61",				/* 0x61 */
*05b00f60SXin Li	"Reserved 0x62",				/* 0x62 */
*05b00f60SXin Li	"Reserved 0x63",				/* 0x63 */
*05b00f60SXin Li	"Reserved 0x64",				/* 0x64 */
*05b00f60SXin Li	"Reserved 0x65",				/* 0x65 */
*05b00f60SXin Li	"Reserved 0x66",				/* 0x66 */
*05b00f60SXin Li	"Reserved 0x67",				/* 0x67 */
*05b00f60SXin Li	"Reserved 0x68",				/* 0x68 */
*05b00f60SXin Li	"Reserved 0x69",				/* 0x69 */
*05b00f60SXin Li	"Reserved 0x6a",				/* 0x6a */
*05b00f60SXin Li	"Reserved 0x6b",				/* 0x6b */
*05b00f60SXin Li	"Reserved 0x6c",				/* 0x6c */
*05b00f60SXin Li	"Reserved 0x6d",				/* 0x6d */
*05b00f60SXin Li	"Reserved 0x6e",				/* 0x6e */
*05b00f60SXin Li	"Reserved 0x6f",				/* 0x6f */
*05b00f60SXin Li	"Reserved 0x70",				/* 0x70 */
*05b00f60SXin Li	"Reserved 0x71",				/* 0x71 */
*05b00f60SXin Li	"Reserved 0x72",				/* 0x72 */
*05b00f60SXin Li	"Reserved 0x73",				/* 0x73 */
*05b00f60SXin Li	"Reserved 0x74",				/* 0x74 */
*05b00f60SXin Li	"Reserved 0x75",				/* 0x75 */
*05b00f60SXin Li	"Reserved 0x76",				/* 0x76 */
*05b00f60SXin Li	"Reserved 0x77",				/* 0x77 */
*05b00f60SXin Li	"Reserved 0x78",				/* 0x78 */
*05b00f60SXin Li	"Reserved 0x79",				/* 0x79 */
*05b00f60SXin Li	"Reserved 0x7a",				/* 0x7a */
*05b00f60SXin Li	"Reserved 0x7b",				/* 0x7b */
*05b00f60SXin Li	"Reserved 0x7c",				/* 0x7c */
*05b00f60SXin Li	"Reserved 0x7d",				/* 0x7d */
*05b00f60SXin Li	"Header Termination 1 IE",			/* 0x7e */
*05b00f60SXin Li	"Header Termination 2 IE"			/* 0x7f */
*05b00f60SXin Li};
*05b00f60SXin Li
*05b00f60SXin Li/* Payload IE Group IDs from Table 7-15 of 802.15.4-2015 */
*05b00f60SXin Listatic const char *p_ie_names[] = {
*05b00f60SXin Li	"ESDU IE",			/* 0x00 */
*05b00f60SXin Li	"MLME IE",			/* 0x01 */
*05b00f60SXin Li	"Vendor Specific Nested IE",	/* 0x02 */
*05b00f60SXin Li	"Multiplexed IE (802.15.9)",	/* 0x03 */
*05b00f60SXin Li	"Omnibus Payload Group IE",	/* 0x04 */
*05b00f60SXin Li	"IETF IE",			/* 0x05 */
*05b00f60SXin Li	"Reserved 0x06",		/* 0x06 */
*05b00f60SXin Li	"Reserved 0x07",		/* 0x07 */
*05b00f60SXin Li	"Reserved 0x08",		/* 0x08 */
*05b00f60SXin Li	"Reserved 0x09",		/* 0x09 */
*05b00f60SXin Li	"Reserved 0x0a",		/* 0x0a */
*05b00f60SXin Li	"Reserved 0x0b",		/* 0x0b */
*05b00f60SXin Li	"Reserved 0x0c",		/* 0x0c */
*05b00f60SXin Li	"Reserved 0x0d",		/* 0x0d */
*05b00f60SXin Li	"Reserved 0x0e",		/* 0x0e */
*05b00f60SXin Li	"List termination"		/* 0x0f */
*05b00f60SXin Li};
*05b00f60SXin Li
*05b00f60SXin Li/* Sub-ID for short format from Table 7-16 of 802.15.4-2015 */
*05b00f60SXin Listatic const char *p_mlme_short_names[] = {
*05b00f60SXin Li	"Reserved for long format 0x0",			/* 0x00 */
*05b00f60SXin Li	"Reserved for long format 0x1",			/* 0x01 */
*05b00f60SXin Li	"Reserved for long format 0x2",			/* 0x02 */
*05b00f60SXin Li	"Reserved for long format 0x3",			/* 0x03 */
*05b00f60SXin Li	"Reserved for long format 0x4",			/* 0x04 */
*05b00f60SXin Li	"Reserved for long format 0x5",			/* 0x05 */
*05b00f60SXin Li	"Reserved for long format 0x6",			/* 0x06 */
*05b00f60SXin Li	"Reserved for long format 0x7",			/* 0x07 */
*05b00f60SXin Li	"Reserved for long format 0x8",			/* 0x08 */
*05b00f60SXin Li	"Reserved for long format 0x9",			/* 0x09 */
*05b00f60SXin Li	"Reserved for long format 0xa",			/* 0x0a */
*05b00f60SXin Li	"Reserved for long format 0xb",			/* 0x0b */
*05b00f60SXin Li	"Reserved for long format 0xc",			/* 0x0c */
*05b00f60SXin Li	"Reserved for long format 0xd",			/* 0x0d */
*05b00f60SXin Li	"Reserved for long format 0xe",			/* 0x0e */
*05b00f60SXin Li	"Reserved for long format 0xf",			/* 0x0f */
*05b00f60SXin Li	"Reserved 0x10",				/* 0x10 */
*05b00f60SXin Li	"Reserved 0x11",				/* 0x11 */
*05b00f60SXin Li	"Reserved 0x12",				/* 0x12 */
*05b00f60SXin Li	"Reserved 0x13",				/* 0x13 */
*05b00f60SXin Li	"Reserved 0x14",				/* 0x14 */
*05b00f60SXin Li	"Reserved 0x15",				/* 0x15 */
*05b00f60SXin Li	"Reserved 0x16",				/* 0x16 */
*05b00f60SXin Li	"Reserved 0x17",				/* 0x17 */
*05b00f60SXin Li	"Reserved 0x18",				/* 0x18 */
*05b00f60SXin Li	"Reserved 0x19",				/* 0x19 */
*05b00f60SXin Li	"TSCH Synchronization IE",			/* 0x1a */
*05b00f60SXin Li	"TSCH Slotframe and Link IE",			/* 0x1b */
*05b00f60SXin Li	"TSCH Timeslot IE",				/* 0x1c */
*05b00f60SXin Li	"Hopping timing IE",				/* 0x1d */
*05b00f60SXin Li	"Enhanced Beacon Filter IE",			/* 0x1e */
*05b00f60SXin Li	"MAC Metrics IE",				/* 0x1f */
*05b00f60SXin Li	"All MAC Metrics IE",				/* 0x20 */
*05b00f60SXin Li	"Coexistence Specification IE",			/* 0x21 */
*05b00f60SXin Li	"SUN Device Capabilities IE",			/* 0x22 */
*05b00f60SXin Li	"SUN FSK Generic PHY IE",			/* 0x23 */
*05b00f60SXin Li	"Mode Switch Parameter IE",			/* 0x24 */
*05b00f60SXin Li	"PHY Parameter Change IE",			/* 0x25 */
*05b00f60SXin Li	"O-QPSK PHY Mode IE",				/* 0x26 */
*05b00f60SXin Li	"PCA Allocation IE",				/* 0x27 */
*05b00f60SXin Li	"LECIM DSSS Operating Mode IE",			/* 0x28 */
*05b00f60SXin Li	"LECIM FSK Operating Mode IE",			/* 0x29 */
*05b00f60SXin Li	"Reserved 0x2a",				/* 0x2a */
*05b00f60SXin Li	"TVWS PHY Operating Mode Description IE",	/* 0x2b */
*05b00f60SXin Li	"TVWS Device Capabilities IE",			/* 0x2c */
*05b00f60SXin Li	"TVWS Device Category IE",			/* 0x2d */
*05b00f60SXin Li	"TVWS Device Identiication IE",			/* 0x2e */
*05b00f60SXin Li	"TVWS Device Location IE",			/* 0x2f */
*05b00f60SXin Li	"TVWS Channel Information Query IE",		/* 0x30 */
*05b00f60SXin Li	"TVWS Channel Information Source IE",		/* 0x31 */
*05b00f60SXin Li	"CTM IE",					/* 0x32 */
*05b00f60SXin Li	"Timestamp IE",					/* 0x33 */
*05b00f60SXin Li	"Timestamp Difference IE",			/* 0x34 */
*05b00f60SXin Li	"TMCTP Specification IE",			/* 0x35 */
*05b00f60SXin Li	"RCC PHY Operating Mode IE",			/* 0x36 */
*05b00f60SXin Li	"Reserved 0x37",				/* 0x37 */
*05b00f60SXin Li	"Reserved 0x38",				/* 0x38 */
*05b00f60SXin Li	"Reserved 0x39",				/* 0x39 */
*05b00f60SXin Li	"Reserved 0x3a",				/* 0x3a */
*05b00f60SXin Li	"Reserved 0x3b",				/* 0x3b */
*05b00f60SXin Li	"Reserved 0x3c",				/* 0x3c */
*05b00f60SXin Li	"Reserved 0x3d",				/* 0x3d */
*05b00f60SXin Li	"Reserved 0x3e",				/* 0x3e */
*05b00f60SXin Li	"Reserved 0x3f",				/* 0x3f */
*05b00f60SXin Li	"Reserved 0x40",				/* 0x40 */
*05b00f60SXin Li	"Reserved 0x41",				/* 0x41 */
*05b00f60SXin Li	"Reserved 0x42",				/* 0x42 */
*05b00f60SXin Li	"Reserved 0x43",				/* 0x43 */
*05b00f60SXin Li	"Reserved 0x44",				/* 0x44 */
*05b00f60SXin Li	"Reserved 0x45",				/* 0x45 */
*05b00f60SXin Li	"Reserved 0x46",				/* 0x46 */
*05b00f60SXin Li	"Reserved 0x47",				/* 0x47 */
*05b00f60SXin Li	"Reserved 0x48",				/* 0x48 */
*05b00f60SXin Li	"Reserved 0x49",				/* 0x49 */
*05b00f60SXin Li	"Reserved 0x4a",				/* 0x4a */
*05b00f60SXin Li	"Reserved 0x4b",				/* 0x4b */
*05b00f60SXin Li	"Reserved 0x4c",				/* 0x4c */
*05b00f60SXin Li	"Reserved 0x4d",				/* 0x4d */
*05b00f60SXin Li	"Reserved 0x4e",				/* 0x4e */
*05b00f60SXin Li	"Reserved 0x4f",				/* 0x4f */
*05b00f60SXin Li	"Reserved 0x50",				/* 0x50 */
*05b00f60SXin Li	"Reserved 0x51",				/* 0x51 */
*05b00f60SXin Li	"Reserved 0x52",				/* 0x52 */
*05b00f60SXin Li	"Reserved 0x53",				/* 0x53 */
*05b00f60SXin Li	"Reserved 0x54",				/* 0x54 */
*05b00f60SXin Li	"Reserved 0x55",				/* 0x55 */
*05b00f60SXin Li	"Reserved 0x56",				/* 0x56 */
*05b00f60SXin Li	"Reserved 0x57",				/* 0x57 */
*05b00f60SXin Li	"Reserved 0x58",				/* 0x58 */
*05b00f60SXin Li	"Reserved 0x59",				/* 0x59 */
*05b00f60SXin Li	"Reserved 0x5a",				/* 0x5a */
*05b00f60SXin Li	"Reserved 0x5b",				/* 0x5b */
*05b00f60SXin Li	"Reserved 0x5c",				/* 0x5c */
*05b00f60SXin Li	"Reserved 0x5d",				/* 0x5d */
*05b00f60SXin Li	"Reserved 0x5e",				/* 0x5e */
*05b00f60SXin Li	"Reserved 0x5f",				/* 0x5f */
*05b00f60SXin Li	"Reserved 0x60",				/* 0x60 */
*05b00f60SXin Li	"Reserved 0x61",				/* 0x61 */
*05b00f60SXin Li	"Reserved 0x62",				/* 0x62 */
*05b00f60SXin Li	"Reserved 0x63",				/* 0x63 */
*05b00f60SXin Li	"Reserved 0x64",				/* 0x64 */
*05b00f60SXin Li	"Reserved 0x65",				/* 0x65 */
*05b00f60SXin Li	"Reserved 0x66",				/* 0x66 */
*05b00f60SXin Li	"Reserved 0x67",				/* 0x67 */
*05b00f60SXin Li	"Reserved 0x68",				/* 0x68 */
*05b00f60SXin Li	"Reserved 0x69",				/* 0x69 */
*05b00f60SXin Li	"Reserved 0x6a",				/* 0x6a */
*05b00f60SXin Li	"Reserved 0x6b",				/* 0x6b */
*05b00f60SXin Li	"Reserved 0x6c",				/* 0x6c */
*05b00f60SXin Li	"Reserved 0x6d",				/* 0x6d */
*05b00f60SXin Li	"Reserved 0x6e",				/* 0x6e */
*05b00f60SXin Li	"Reserved 0x6f",				/* 0x6f */
*05b00f60SXin Li	"Reserved 0x70",				/* 0x70 */
*05b00f60SXin Li	"Reserved 0x71",				/* 0x71 */
*05b00f60SXin Li	"Reserved 0x72",				/* 0x72 */
*05b00f60SXin Li	"Reserved 0x73",				/* 0x73 */
*05b00f60SXin Li	"Reserved 0x74",				/* 0x74 */
*05b00f60SXin Li	"Reserved 0x75",				/* 0x75 */
*05b00f60SXin Li	"Reserved 0x76",				/* 0x76 */
*05b00f60SXin Li	"Reserved 0x77",				/* 0x77 */
*05b00f60SXin Li	"Reserved 0x78",				/* 0x78 */
*05b00f60SXin Li	"Reserved 0x79",				/* 0x79 */
*05b00f60SXin Li	"Reserved 0x7a",				/* 0x7a */
*05b00f60SXin Li	"Reserved 0x7b",				/* 0x7b */
*05b00f60SXin Li	"Reserved 0x7c",				/* 0x7c */
*05b00f60SXin Li	"Reserved 0x7d",				/* 0x7d */
*05b00f60SXin Li	"Reserved 0x7e",				/* 0x7e */
*05b00f60SXin Li	"Reserved 0x7f"					/* 0x7f */
*05b00f60SXin Li};
*05b00f60SXin Li
*05b00f60SXin Li/* Sub-ID for long format from Table 7-17 of 802.15.4-2015 */
*05b00f60SXin Listatic const char *p_mlme_long_names[] = {
*05b00f60SXin Li	"Reserved 0x00",			/* 0x00 */
*05b00f60SXin Li	"Reserved 0x01",			/* 0x01 */
*05b00f60SXin Li	"Reserved 0x02",			/* 0x02 */
*05b00f60SXin Li	"Reserved 0x03",			/* 0x03 */
*05b00f60SXin Li	"Reserved 0x04",			/* 0x04 */
*05b00f60SXin Li	"Reserved 0x05",			/* 0x05 */
*05b00f60SXin Li	"Reserved 0x06",			/* 0x06 */
*05b00f60SXin Li	"Reserved 0x07",			/* 0x07 */
*05b00f60SXin Li	"Vendor Specific MLME Nested IE",	/* 0x08 */
*05b00f60SXin Li	"Channel Hopping IE",			/* 0x09 */
*05b00f60SXin Li	"Reserved 0x0a",			/* 0x0a */
*05b00f60SXin Li	"Reserved 0x0b",			/* 0x0b */
*05b00f60SXin Li	"Reserved 0x0c",			/* 0x0c */
*05b00f60SXin Li	"Reserved 0x0d",			/* 0x0d */
*05b00f60SXin Li	"Reserved 0x0e",			/* 0x0e */
*05b00f60SXin Li	"Reserved 0x0f"				/* 0x0f */
*05b00f60SXin Li};
*05b00f60SXin Li
*05b00f60SXin Li/* MAC commands from Table 7-49 of 802.15.4-2015 */
*05b00f60SXin Listatic const char *mac_c_names[] = {
*05b00f60SXin Li	"Reserved 0x00",				/* 0x00 */
*05b00f60SXin Li	"Association Request command",			/* 0x01 */
*05b00f60SXin Li	"Association Response command",			/* 0x02 */
*05b00f60SXin Li	"Disassociation Notification command",		/* 0x03 */
*05b00f60SXin Li	"Data Request command",				/* 0x04 */
*05b00f60SXin Li	"PAN ID Conflict Notification command",		/* 0x05 */
*05b00f60SXin Li	"Orphan Notification command",			/* 0x06 */
*05b00f60SXin Li	"Beacon Request command",			/* 0x07 */
*05b00f60SXin Li	"Coordinator realignment command",		/* 0x08 */
*05b00f60SXin Li	"GTS request command",				/* 0x09 */
*05b00f60SXin Li	"TRLE Management Request command",		/* 0x0a */
*05b00f60SXin Li	"TRLE Management Response command",		/* 0x0b */
*05b00f60SXin Li	"Reserved 0x0c",				/* 0x0c */
*05b00f60SXin Li	"Reserved 0x0d",				/* 0x0d */
*05b00f60SXin Li	"Reserved 0x0e",				/* 0x0e */
*05b00f60SXin Li	"Reserved 0x0f",				/* 0x0f */
*05b00f60SXin Li	"Reserved 0x10",				/* 0x10 */
*05b00f60SXin Li	"Reserved 0x11",				/* 0x11 */
*05b00f60SXin Li	"Reserved 0x12",				/* 0x12 */
*05b00f60SXin Li	"DSME Association Request command",		/* 0x13 */
*05b00f60SXin Li	"DSME Association Response command",		/* 0x14 */
*05b00f60SXin Li	"DSME GTS Request command",			/* 0x15 */
*05b00f60SXin Li	"DSME GTS Response command",			/* 0x16 */
*05b00f60SXin Li	"DSME GTS Notify command",			/* 0x17 */
*05b00f60SXin Li	"DSME Information Request command",		/* 0x18 */
*05b00f60SXin Li	"DSME Information Response command",		/* 0x19 */
*05b00f60SXin Li	"DSME Beacon Allocation Notification command",	/* 0x1a */
*05b00f60SXin Li	"DSME Beacon Collision Notification command",	/* 0x1b */
*05b00f60SXin Li	"DSME Link Report command",			/* 0x1c */
*05b00f60SXin Li	"Reserved 0x1d",				/* 0x1d */
*05b00f60SXin Li	"Reserved 0x1e",				/* 0x1e */
*05b00f60SXin Li	"Reserved 0x1f",				/* 0x1f */
*05b00f60SXin Li	"RIT Data Request command",			/* 0x20 */
*05b00f60SXin Li	"DBS Request command",				/* 0x21 */
*05b00f60SXin Li	"DBS Response command",				/* 0x22 */
*05b00f60SXin Li	"RIT Data Response command",			/* 0x23 */
*05b00f60SXin Li	"Vendor Specific command",			/* 0x24 */
*05b00f60SXin Li	"Reserved 0x25",				/* 0x25 */
*05b00f60SXin Li	"Reserved 0x26",				/* 0x26 */
*05b00f60SXin Li	"Reserved 0x27",				/* 0x27 */
*05b00f60SXin Li	"Reserved 0x28",				/* 0x28 */
*05b00f60SXin Li	"Reserved 0x29",				/* 0x29 */
*05b00f60SXin Li	"Reserved 0x2a",				/* 0x2a */
*05b00f60SXin Li	"Reserved 0x2b",				/* 0x2b */
*05b00f60SXin Li	"Reserved 0x2c",				/* 0x2c */
*05b00f60SXin Li	"Reserved 0x2d",				/* 0x2d */
*05b00f60SXin Li	"Reserved 0x2e",				/* 0x2e */
*05b00f60SXin Li	"Reserved 0x2f"					/* 0x2f */
*05b00f60SXin Li};
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Frame Control subfields.
*05b00f60SXin Li */
*05b00f60SXin Li#define FC_FRAME_TYPE(fc)              ((fc) & 0x7)
*05b00f60SXin Li#define FC_FRAME_VERSION(fc)           (((fc) >> 12) & 0x3)
*05b00f60SXin Li
*05b00f60SXin Li#define FC_ADDRESSING_MODE_NONE         0x00
*05b00f60SXin Li#define FC_ADDRESSING_MODE_RESERVED     0x01
*05b00f60SXin Li#define FC_ADDRESSING_MODE_SHORT        0x02
*05b00f60SXin Li#define FC_ADDRESSING_MODE_LONG         0x03
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * IEEE 802.15.4 CRC 16 function. This is using CCITT polynomical of 0x1021,
*05b00f60SXin Li * but the initial value is 0, and the bits are reversed for both in and out.
*05b00f60SXin Li * See section 7.2.10 of 802.15.4-2015 for more information.
*05b00f60SXin Li */
*05b00f60SXin Listatic uint16_t
*05b00f60SXin Liieee802_15_4_crc16(netdissect_options *ndo, const u_char *p,
*05b00f60SXin Li		   u_int data_len)
*05b00f60SXin Li{
*05b00f60SXin Li	uint16_t crc;
*05b00f60SXin Li	u_char x, y;
*05b00f60SXin Li
*05b00f60SXin Li	crc = 0x0000; /* Note, initial value is 0x0000 not 0xffff. */
*05b00f60SXin Li
*05b00f60SXin Li	while (data_len != 0){
*05b00f60SXin Li		y = GET_U_1(p);
*05b00f60SXin Li		p++;
*05b00f60SXin Li		/* Reverse bits on input */
*05b00f60SXin Li		y = (((y & 0xaa) >> 1) | ((y & 0x55) << 1));
*05b00f60SXin Li		y = (((y & 0xcc) >> 2) | ((y & 0x33) << 2));
*05b00f60SXin Li		y = (((y & 0xf0) >> 4) | ((y & 0x0f) << 4));
*05b00f60SXin Li		/* Update CRC */
*05b00f60SXin Li		x = crc >> 8 ^ y;
*05b00f60SXin Li		x ^= x >> 4;
*05b00f60SXin Li		crc = ((uint16_t)(crc << 8)) ^
*05b00f60SXin Li			((uint16_t)(x << 12)) ^
*05b00f60SXin Li			((uint16_t)(x << 5)) ^
*05b00f60SXin Li			((uint16_t)x);
*05b00f60SXin Li		data_len--;
*05b00f60SXin Li	}
*05b00f60SXin Li	/* Reverse bits on output */
*05b00f60SXin Li	crc = (((crc & 0xaaaa) >> 1) | ((crc & 0x5555) << 1));
*05b00f60SXin Li	crc = (((crc & 0xcccc) >> 2) | ((crc & 0x3333) << 2));
*05b00f60SXin Li	crc = (((crc & 0xf0f0) >> 4) | ((crc & 0x0f0f) << 4));
*05b00f60SXin Li	crc = (((crc & 0xff00) >> 8) | ((crc & 0x00ff) << 8));
*05b00f60SXin Li	return crc;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Reverses the bits of the 32-bit word.
*05b00f60SXin Li */
*05b00f60SXin Listatic uint32_t
*05b00f60SXin Liieee802_15_4_reverse32(uint32_t x)
*05b00f60SXin Li{
*05b00f60SXin Li	x = ((x & 0x55555555) <<  1) | ((x >>  1) & 0x55555555);
*05b00f60SXin Li	x = ((x & 0x33333333) <<  2) | ((x >>  2) & 0x33333333);
*05b00f60SXin Li	x = ((x & 0x0F0F0F0F) <<  4) | ((x >>  4) & 0x0F0F0F0F);
*05b00f60SXin Li	x = (x << 24) | ((x & 0xFF00) << 8) |
*05b00f60SXin Li		((x >> 8) & 0xFF00) | (x >> 24);
*05b00f60SXin Li	return x;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * IEEE 802.15.4 CRC 32 function. This is using ANSI X3.66-1979 polynomical of
*05b00f60SXin Li * 0x04C11DB7, but the initial value is 0, and the bits are reversed for both
*05b00f60SXin Li * in and out. See section 7.2.10 of 802.15.4-2015 for more information.
*05b00f60SXin Li */
*05b00f60SXin Listatic uint32_t
*05b00f60SXin Liieee802_15_4_crc32(netdissect_options *ndo, const u_char *p,
*05b00f60SXin Li		   u_int data_len)
*05b00f60SXin Li{
*05b00f60SXin Li	uint32_t crc, byte;
*05b00f60SXin Li	int b;
*05b00f60SXin Li
*05b00f60SXin Li	crc = 0x00000000; /* Note, initial value is 0x00000000 not 0xffffffff */
*05b00f60SXin Li
*05b00f60SXin Li	while (data_len != 0){
*05b00f60SXin Li		byte = GET_U_1(p);
*05b00f60SXin Li		p++;
*05b00f60SXin Li		/* Reverse bits on input */
*05b00f60SXin Li		byte = ieee802_15_4_reverse32(byte);
*05b00f60SXin Li		/* Update CRC */
*05b00f60SXin Li		for(b = 0; b <= 7; b++) {
*05b00f60SXin Li		  if ((int) (crc ^ byte) < 0)
*05b00f60SXin Li		    crc = (crc << 1) ^ 0x04C11DB7;
*05b00f60SXin Li		  else
*05b00f60SXin Li		    crc = crc << 1;
*05b00f60SXin Li		  byte = byte << 1;
*05b00f60SXin Li		}
*05b00f60SXin Li		data_len--;
*05b00f60SXin Li	}
*05b00f60SXin Li	/* Reverse bits on output */
*05b00f60SXin Li	crc = ieee802_15_4_reverse32(crc);
*05b00f60SXin Li	return crc;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Find out the address length based on the address type. See table 7-3 of
*05b00f60SXin Li * 802.15.4-2015. Returns the address length.
*05b00f60SXin Li */
*05b00f60SXin Listatic int
*05b00f60SXin Liieee802_15_4_addr_len(uint16_t addr_type)
*05b00f60SXin Li{
*05b00f60SXin Li	switch (addr_type) {
*05b00f60SXin Li	case FC_ADDRESSING_MODE_NONE: /* None. */
*05b00f60SXin Li		return 0;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case FC_ADDRESSING_MODE_RESERVED: /* Reserved, there used to be 8-bit
*05b00f60SXin Li					   * address type in one amendment, but
*05b00f60SXin Li					   * that and the feature using it was
*05b00f60SXin Li					   * removed during 802.15.4-2015
*05b00f60SXin Li					   * maintenance process. */
*05b00f60SXin Li		return -1;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case FC_ADDRESSING_MODE_SHORT: /* Short. */
*05b00f60SXin Li		return 2;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case FC_ADDRESSING_MODE_LONG: /* Extended. */
*05b00f60SXin Li		return 8;
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li	return 0;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Print out the ieee 802.15.4 address.
*05b00f60SXin Li */
*05b00f60SXin Listatic void
*05b00f60SXin Liieee802_15_4_print_addr(netdissect_options *ndo, const u_char *p,
*05b00f60SXin Li			int dst_addr_len)
*05b00f60SXin Li{
*05b00f60SXin Li	switch (dst_addr_len) {
*05b00f60SXin Li	case 0:
*05b00f60SXin Li		ND_PRINT("none");
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 2:
*05b00f60SXin Li		ND_PRINT("%04x", GET_LE_U_2(p));
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 8:
*05b00f60SXin Li		ND_PRINT("%s", GET_LE64ADDR_STRING(p));
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Beacon frame superframe specification structure. Used in the old Beacon
*05b00f60SXin Li * frames, and in the DSME PAN Descriptor IE. See section 7.3.1.3 of the
*05b00f60SXin Li * 802.15.4-2015.
*05b00f60SXin Li */
*05b00f60SXin Listatic void
*05b00f60SXin Liieee802_15_4_print_superframe_specification(netdissect_options *ndo,
*05b00f60SXin Li					    uint16_t ss)
*05b00f60SXin Li{
*05b00f60SXin Li	if (ndo->ndo_vflag < 1) {
*05b00f60SXin Li		return;
*05b00f60SXin Li	}
*05b00f60SXin Li	ND_PRINT("\n\tBeacon order = %d, Superframe order = %d, ",
*05b00f60SXin Li		 (ss & 0xf), ((ss >> 4) & 0xf));
*05b00f60SXin Li	ND_PRINT("Final CAP Slot = %d",
*05b00f60SXin Li		 ((ss >> 8) & 0xf));
*05b00f60SXin Li	if (CHECK_BIT(ss, 12)) { ND_PRINT(", BLE enabled"); }
*05b00f60SXin Li	if (CHECK_BIT(ss, 14)) { ND_PRINT(", PAN Coordinator"); }
*05b00f60SXin Li	if (CHECK_BIT(ss, 15)) { ND_PRINT(", Association Permit"); }
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Beacon frame gts info structure. Used in the old Beacon frames, and
*05b00f60SXin Li * in the DSME PAN Descriptor IE. See section 7.3.1.4 of 802.15.4-2015.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns number of byts consumed from the packet or -1 in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic int
*05b00f60SXin Liieee802_15_4_print_gts_info(netdissect_options *ndo,
*05b00f60SXin Li			    const u_char *p,
*05b00f60SXin Li			    u_int data_len)
*05b00f60SXin Li{
*05b00f60SXin Li	uint8_t gts_spec, gts_cnt;
*05b00f60SXin Li	u_int len;
*05b00f60SXin Li	int i;
*05b00f60SXin Li
*05b00f60SXin Li	gts_spec = GET_U_1(p);
*05b00f60SXin Li	gts_cnt = gts_spec & 0x7;
*05b00f60SXin Li
*05b00f60SXin Li	if (gts_cnt == 0) {
*05b00f60SXin Li		if (ndo->ndo_vflag > 0) {
*05b00f60SXin Li			ND_PRINT("\n\tGTS Descriptor Count = %d, ", gts_cnt);
*05b00f60SXin Li		}
*05b00f60SXin Li		return 1;
*05b00f60SXin Li	}
*05b00f60SXin Li	len = 1 + 1 + gts_cnt * 3;
*05b00f60SXin Li
*05b00f60SXin Li	if (data_len < len) {
*05b00f60SXin Li		ND_PRINT(" [ERROR: Truncated GTS Info List]");
*05b00f60SXin Li		return -1;
*05b00f60SXin Li	}
*05b00f60SXin Li	if (ndo->ndo_vflag < 2) {
*05b00f60SXin Li		return len;
*05b00f60SXin Li	}
*05b00f60SXin Li	ND_PRINT("GTS Descriptor Count = %d, ", gts_cnt);
*05b00f60SXin Li	ND_PRINT("GTS Directions Mask = %02x, [ ",
*05b00f60SXin Li		 GET_U_1(p + 1) & 0x7f);
*05b00f60SXin Li
*05b00f60SXin Li	for(i = 0; i < gts_cnt; i++) {
*05b00f60SXin Li		ND_PRINT("[ ");
*05b00f60SXin Li		ieee802_15_4_print_addr(ndo, p + 2 + i * 3, 2);
*05b00f60SXin Li		ND_PRINT(", Start slot = %d, Length = %d ] ",
*05b00f60SXin Li			 GET_U_1(p + 2 + i * 3 + 1) & 0x0f,
*05b00f60SXin Li			 (GET_U_1(p + 2 + i * 3 + 1) >> 4) & 0x0f);
*05b00f60SXin Li	}
*05b00f60SXin Li	ND_PRINT("]");
*05b00f60SXin Li	return len;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Beacon frame pending address structure. Used in the old Beacon frames, and
*05b00f60SXin Li * in the DSME PAN Descriptor IE. See section 7.3.1.5 of 802.15.4-2015.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns number of byts consumed from the packet or -1 in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic int16_t
*05b00f60SXin Liieee802_15_4_print_pending_addresses(netdissect_options *ndo,
*05b00f60SXin Li				     const u_char *p,
*05b00f60SXin Li				     u_int data_len)
*05b00f60SXin Li{
*05b00f60SXin Li	uint8_t pas, s_cnt, e_cnt, len, i;
*05b00f60SXin Li
*05b00f60SXin Li	pas = GET_U_1(p);
*05b00f60SXin Li	s_cnt = pas & 0x7;
*05b00f60SXin Li	e_cnt = (pas >> 4) & 0x7;
*05b00f60SXin Li	len = 1 + s_cnt * 2 + e_cnt * 8;
*05b00f60SXin Li	if (ndo->ndo_vflag > 0) {
*05b00f60SXin Li		ND_PRINT("\n\tPending address list, "
*05b00f60SXin Li			 "# short addresses = %d, # extended addresses = %d",
*05b00f60SXin Li			 s_cnt, e_cnt);
*05b00f60SXin Li	}
*05b00f60SXin Li	if (data_len < len) {
*05b00f60SXin Li		ND_PRINT(" [ERROR: Pending address list truncated]");
*05b00f60SXin Li		return -1;
*05b00f60SXin Li	}
*05b00f60SXin Li	if (ndo->ndo_vflag < 2) {
*05b00f60SXin Li		return len;
*05b00f60SXin Li	}
*05b00f60SXin Li	if (s_cnt != 0) {
*05b00f60SXin Li		ND_PRINT(", Short address list = [ ");
*05b00f60SXin Li		for(i = 0; i < s_cnt; i++) {
*05b00f60SXin Li			ieee802_15_4_print_addr(ndo, p + 1 + i * 2, 2);
*05b00f60SXin Li			ND_PRINT(" ");
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("]");
*05b00f60SXin Li	}
*05b00f60SXin Li	if (e_cnt != 0) {
*05b00f60SXin Li		ND_PRINT(", Extended address list = [ ");
*05b00f60SXin Li		for(i = 0; i < e_cnt; i++) {
*05b00f60SXin Li			ieee802_15_4_print_addr(ndo, p + 1 + s_cnt * 2 +
*05b00f60SXin Li						i * 8, 8);
*05b00f60SXin Li			ND_PRINT(" ");
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("]");
*05b00f60SXin Li	}
*05b00f60SXin Li	return len;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Print header ie content.
*05b00f60SXin Li */
*05b00f60SXin Listatic void
*05b00f60SXin Liieee802_15_4_print_header_ie(netdissect_options *ndo,
*05b00f60SXin Li			     const u_char *p,
*05b00f60SXin Li			     uint16_t ie_len,
*05b00f60SXin Li			     int element_id)
*05b00f60SXin Li{
*05b00f60SXin Li	int i;
*05b00f60SXin Li
*05b00f60SXin Li	switch (element_id) {
*05b00f60SXin Li	case 0x00: /* Vendor Specific Header IE */
*05b00f60SXin Li		if (ie_len < 3) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Vendor OUI missing]");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("OUI = 0x%02x%02x%02x, ", GET_U_1(p),
*05b00f60SXin Li				 GET_U_1(p + 1), GET_U_1(p + 2));
*05b00f60SXin Li			ND_PRINT("Data = ");
*05b00f60SXin Li			for(i = 3; i < ie_len; i++) {
*05b00f60SXin Li				ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1a: /* LE CSL IE */
*05b00f60SXin Li		if (ie_len < 4) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated CSL IE]");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("CSL Phase = %d, CSL Period = %d",
*05b00f60SXin Li				 GET_LE_U_2(p), GET_LE_U_2(p + 2));
*05b00f60SXin Li			if (ie_len >= 6) {
*05b00f60SXin Li				ND_PRINT(", Rendezvous time = %d",
*05b00f60SXin Li					 GET_LE_U_2(p + 4));
*05b00f60SXin Li			}
*05b00f60SXin Li			if (ie_len != 4 && ie_len != 6) {
*05b00f60SXin Li				ND_PRINT(" [ERROR: CSL IE length wrong]");
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1b: /* LE RIT IE */
*05b00f60SXin Li		if (ie_len < 4) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated RIT IE]");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("Time to First Listen = %d, # of Repeat Listen = %d, Repeat Listen Interval = %d",
*05b00f60SXin Li				 GET_U_1(p),
*05b00f60SXin Li				 GET_U_1(p + 1),
*05b00f60SXin Li				 GET_LE_U_2(p + 2));
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1c: /* DSME PAN Descriptor IE */
*05b00f60SXin Li		/*FALLTHROUGH*/
*05b00f60SXin Li	case 0x21: /* Extended DSME PAN descriptor IE */
*05b00f60SXin Li		if (ie_len < 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated DSME PAN IE]");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			uint16_t ss, ptr, ulen;
*05b00f60SXin Li			int16_t len;
*05b00f60SXin Li			int hopping_present;
*05b00f60SXin Li
*05b00f60SXin Li			hopping_present = 0;
*05b00f60SXin Li
*05b00f60SXin Li			ss = GET_LE_U_2(p);
*05b00f60SXin Li			ieee802_15_4_print_superframe_specification(ndo, ss);
*05b00f60SXin Li			if (ie_len < 3) {
*05b00f60SXin Li				ND_PRINT("[ERROR: Truncated before pending addresses field]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			ptr = 2;
*05b00f60SXin Li			len = ieee802_15_4_print_pending_addresses(ndo,
*05b00f60SXin Li								   p + ptr,
*05b00f60SXin Li								   ie_len -
*05b00f60SXin Li								   ptr);
*05b00f60SXin Li			if (len < 0) {
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			ptr += len;
*05b00f60SXin Li
*05b00f60SXin Li			if (element_id == 0x21) {
*05b00f60SXin Li				/* Extended version. */
*05b00f60SXin Li				if (ie_len < ptr + 2) {
*05b00f60SXin Li					ND_PRINT("[ERROR: Truncated before DSME Superframe Specification]");
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li				ss = GET_LE_U_2(p + ptr);
*05b00f60SXin Li				ptr += 2;
*05b00f60SXin Li				ND_PRINT("Multi-superframe Order = %d", ss & 0xff);
*05b00f60SXin Li				ND_PRINT(", %s", ((ss & 0x100) ?
*05b00f60SXin Li						  "Channel hopping mode" :
*05b00f60SXin Li						  "Channel adaptation mode"));
*05b00f60SXin Li				if (ss & 0x400) {
*05b00f60SXin Li					ND_PRINT(", CAP reduction enabled");
*05b00f60SXin Li				}
*05b00f60SXin Li				if (ss & 0x800) {
*05b00f60SXin Li					ND_PRINT(", Deferred beacon enabled");
*05b00f60SXin Li				}
*05b00f60SXin Li				if (ss & 0x1000) {
*05b00f60SXin Li					ND_PRINT(", Hopping Sequence Present");
*05b00f60SXin Li					hopping_present = 1;
*05b00f60SXin Li				}
*05b00f60SXin Li			} else {
*05b00f60SXin Li				if (ie_len < ptr + 1) {
*05b00f60SXin Li					ND_PRINT("[ERROR: Truncated before DSME Superframe Specification]");
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li				ss = GET_U_1(p + ptr);
*05b00f60SXin Li				ptr++;
*05b00f60SXin Li				ND_PRINT("Multi-superframe Order = %d",
*05b00f60SXin Li					 ss & 0x0f);
*05b00f60SXin Li				ND_PRINT(", %s", ((ss & 0x10) ?
*05b00f60SXin Li						  "Channel hopping mode" :
*05b00f60SXin Li						  "Channel adaptation mode"));
*05b00f60SXin Li				if (ss & 0x40) {
*05b00f60SXin Li					ND_PRINT(", CAP reduction enabled");
*05b00f60SXin Li				}
*05b00f60SXin Li				if (ss & 0x80) {
*05b00f60SXin Li					ND_PRINT(", Deferred beacon enabled");
*05b00f60SXin Li				}
*05b00f60SXin Li			}
*05b00f60SXin Li			if (ie_len < ptr + 8) {
*05b00f60SXin Li				ND_PRINT(" [ERROR: Truncated before Time synchronization specification]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			ND_PRINT("Beacon timestamp = %" PRIu64 ", offset = %d",
*05b00f60SXin Li				 GET_LE_U_6(p + ptr),
*05b00f60SXin Li				 GET_LE_U_2(p + ptr + 6));
*05b00f60SXin Li			ptr += 8;
*05b00f60SXin Li			if (ie_len < ptr + 4) {
*05b00f60SXin Li				ND_PRINT(" [ERROR: Truncated before Beacon Bitmap]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li
*05b00f60SXin Li			ulen = GET_LE_U_2(p + ptr + 2);
*05b00f60SXin Li			ND_PRINT("SD Index = %d, Bitmap len = %d, ",
*05b00f60SXin Li				 GET_LE_U_2(p + ptr), ulen);
*05b00f60SXin Li			ptr += 4;
*05b00f60SXin Li			if (ie_len < ptr + ulen) {
*05b00f60SXin Li				ND_PRINT(" [ERROR: Truncated in SD bitmap]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			ND_PRINT(" SD Bitmap = ");
*05b00f60SXin Li			for(i = 0; i < ulen; i++) {
*05b00f60SXin Li				ND_PRINT("%02x ", GET_U_1(p + ptr + i));
*05b00f60SXin Li			}
*05b00f60SXin Li			ptr += ulen;
*05b00f60SXin Li
*05b00f60SXin Li			if (ie_len < ptr + 5) {
*05b00f60SXin Li				ND_PRINT(" [ERROR: Truncated before Channel hopping specification]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li
*05b00f60SXin Li			ulen = GET_LE_U_2(p + ptr + 4);
*05b00f60SXin Li			ND_PRINT("Hopping Seq ID = %d, PAN Coordinator BSN = %d, "
*05b00f60SXin Li				 "Channel offset = %d, Bitmap length = %d, ",
*05b00f60SXin Li				 GET_U_1(p + ptr),
*05b00f60SXin Li				 GET_U_1(p + ptr + 1),
*05b00f60SXin Li				 GET_LE_U_2(p + ptr + 2),
*05b00f60SXin Li				 ulen);
*05b00f60SXin Li			ptr += 5;
*05b00f60SXin Li			if (ie_len < ptr + ulen) {
*05b00f60SXin Li				ND_PRINT(" [ERROR: Truncated in Channel offset bitmap]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			ND_PRINT(" Channel offset bitmap = ");
*05b00f60SXin Li			for(i = 0; i < ulen; i++) {
*05b00f60SXin Li				ND_PRINT("%02x ", GET_U_1(p + ptr + i));
*05b00f60SXin Li			}
*05b00f60SXin Li			ptr += ulen;
*05b00f60SXin Li			if (hopping_present) {
*05b00f60SXin Li				if (ie_len < ptr + 1) {
*05b00f60SXin Li					ND_PRINT(" [ERROR: Truncated in Hopping Sequence length]");
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li				ulen = GET_U_1(p + ptr);
*05b00f60SXin Li				ptr++;
*05b00f60SXin Li				ND_PRINT("Hopping Seq length = %d [ ", ulen);
*05b00f60SXin Li
*05b00f60SXin Li				/* The specification is not clear how the
*05b00f60SXin Li				   hopping sequence is encoded, I assume two
*05b00f60SXin Li				   octet unsigned integers for each channel. */
*05b00f60SXin Li
*05b00f60SXin Li				if (ie_len < ptr + ulen * 2) {
*05b00f60SXin Li					ND_PRINT(" [ERROR: Truncated in Channel offset bitmap]");
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li				for(i = 0; i < ulen; i++) {
*05b00f60SXin Li					ND_PRINT("%02x ",
*05b00f60SXin Li						 GET_LE_U_2(p + ptr + i * 2));
*05b00f60SXin Li				}
*05b00f60SXin Li				ND_PRINT("]");
*05b00f60SXin Li				ptr += ulen * 2;
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1d: /* Rendezvous Tome IE */
*05b00f60SXin Li		if (ie_len != 4) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Length != 2]");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			uint16_t r_time, w_u_interval;
*05b00f60SXin Li			r_time = GET_LE_U_2(p);
*05b00f60SXin Li			w_u_interval = GET_LE_U_2(p + 2);
*05b00f60SXin Li
*05b00f60SXin Li			ND_PRINT("Rendezvous time = %d, Wake-up Interval = %d",
*05b00f60SXin Li				 r_time, w_u_interval);
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1e: /* Time correction IE */
*05b00f60SXin Li		if (ie_len != 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Length != 2]");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			uint16_t val;
*05b00f60SXin Li			int16_t timecorr;
*05b00f60SXin Li
*05b00f60SXin Li			val = GET_LE_U_2(p);
*05b00f60SXin Li			if (val & 0x8000) { ND_PRINT("Negative "); }
*05b00f60SXin Li			val &= 0xfff;
*05b00f60SXin Li			val <<= 4;
*05b00f60SXin Li			timecorr = val;
*05b00f60SXin Li			timecorr >>= 4;
*05b00f60SXin Li
*05b00f60SXin Li			ND_PRINT("Ack time correction = %d, ", timecorr);
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x22: /* Fragment Sequence Content Description IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x23: /* Simplified Superframe Specification IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x24: /* Simplified GTS Specification IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x25: /* LECIM Capabilities IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x26: /* TRLE Descriptor IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x27: /* RCC Capabilities IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x28: /* RCCN Descriptor IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x29: /* Global Time IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x2b: /* DA IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	default:
*05b00f60SXin Li		ND_PRINT("IE Data = ");
*05b00f60SXin Li		for(i = 0; i < ie_len; i++) {
*05b00f60SXin Li			ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Parse and print Header IE list. See 7.4.2 of 802.15.4-2015 for
*05b00f60SXin Li * more information.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns number of byts consumed from the packet or -1 in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic int
*05b00f60SXin Liieee802_15_4_print_header_ie_list(netdissect_options *ndo,
*05b00f60SXin Li				  const u_char *p,
*05b00f60SXin Li				  u_int caplen,
*05b00f60SXin Li				  int *payload_ie_present)
*05b00f60SXin Li{
*05b00f60SXin Li	int len, ie, element_id, i;
*05b00f60SXin Li	uint16_t ie_len;
*05b00f60SXin Li
*05b00f60SXin Li	*payload_ie_present = 0;
*05b00f60SXin Li	len = 0;
*05b00f60SXin Li	do {
*05b00f60SXin Li		if (caplen < 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated header IE]");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		}
*05b00f60SXin Li		/* Extract IE Header */
*05b00f60SXin Li		ie = GET_LE_U_2(p);
*05b00f60SXin Li		if (CHECK_BIT(ie, 15)) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Header IE with type 1] ");
*05b00f60SXin Li		}
*05b00f60SXin Li		/* Get length and Element ID */
*05b00f60SXin Li		ie_len = ie & 0x7f;
*05b00f60SXin Li		element_id = (ie >> 7) & 0xff;
*05b00f60SXin Li		if (element_id > 127) {
*05b00f60SXin Li			ND_PRINT("Reserved Element ID %02x, length = %d ",
*05b00f60SXin Li				 element_id, ie_len);
*05b00f60SXin Li		} else {
*05b00f60SXin Li			if (ie_len == 0) {
*05b00f60SXin Li				ND_PRINT("\n\t%s [", h_ie_names[element_id]);
*05b00f60SXin Li			} else {
*05b00f60SXin Li				ND_PRINT("\n\t%s [ length = %d, ",
*05b00f60SXin Li					 h_ie_names[element_id], ie_len);
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		if (caplen < 2U + ie_len) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated IE data]");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		}
*05b00f60SXin Li		/* Skip header */
*05b00f60SXin Li		p += 2;
*05b00f60SXin Li
*05b00f60SXin Li		/* Parse and print content. */
*05b00f60SXin Li		if (ndo->ndo_vflag > 3 && ie_len != 0) {
*05b00f60SXin Li			ieee802_15_4_print_header_ie(ndo, p,
*05b00f60SXin Li						     ie_len, element_id);
*05b00f60SXin Li		} else {
*05b00f60SXin Li			if (ie_len != 0) {
*05b00f60SXin Li				ND_PRINT("IE Data = ");
*05b00f60SXin Li				for(i = 0; i < ie_len; i++) {
*05b00f60SXin Li					ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li				}
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("] ");
*05b00f60SXin Li		len += 2 + ie_len;
*05b00f60SXin Li		p += ie_len;
*05b00f60SXin Li		caplen -= 2 + ie_len;
*05b00f60SXin Li		if (element_id == 0x7e) {
*05b00f60SXin Li			*payload_ie_present = 1;
*05b00f60SXin Li			break;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (element_id == 0x7f) {
*05b00f60SXin Li			break;
*05b00f60SXin Li		}
*05b00f60SXin Li	} while (caplen != 0);
*05b00f60SXin Li	return len;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Print MLME ie content.
*05b00f60SXin Li */
*05b00f60SXin Listatic void
*05b00f60SXin Liieee802_15_4_print_mlme_ie(netdissect_options *ndo,
*05b00f60SXin Li			   const u_char *p,
*05b00f60SXin Li			   uint16_t sub_ie_len,
*05b00f60SXin Li			   int sub_id)
*05b00f60SXin Li{
*05b00f60SXin Li	int i, j;
*05b00f60SXin Li	uint16_t len;
*05b00f60SXin Li
*05b00f60SXin Li	/* Note, as there is no overlap with the long and short
*05b00f60SXin Li	   MLME sub IDs, we can just use one switch here. */
*05b00f60SXin Li	switch (sub_id) {
*05b00f60SXin Li	case 0x08: /* Vendor Specific Nested IE */
*05b00f60SXin Li		if (sub_ie_len < 3) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Vendor OUI missing]");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("OUI = 0x%02x%02x%02x, ",
*05b00f60SXin Li				 GET_U_1(p),
*05b00f60SXin Li				 GET_U_1(p + 1),
*05b00f60SXin Li				 GET_U_1(p + 2));
*05b00f60SXin Li			ND_PRINT("Data = ");
*05b00f60SXin Li			for(i = 3; i < sub_ie_len; i++) {
*05b00f60SXin Li				ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x09: /* Channel Hopping IE */
*05b00f60SXin Li		if (sub_ie_len < 1) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Hopping sequence ID missing]");
*05b00f60SXin Li		} else if (sub_ie_len == 1) {
*05b00f60SXin Li			ND_PRINT("Hopping Sequence ID = %d", GET_U_1(p));
*05b00f60SXin Li			p++;
*05b00f60SXin Li			sub_ie_len--;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			uint16_t channel_page, number_of_channels;
*05b00f60SXin Li
*05b00f60SXin Li			ND_PRINT("Hopping Sequence ID = %d", GET_U_1(p));
*05b00f60SXin Li			p++;
*05b00f60SXin Li			sub_ie_len--;
*05b00f60SXin Li			if (sub_ie_len < 7) {
*05b00f60SXin Li				ND_PRINT("[ERROR: IE truncated]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			channel_page = GET_U_1(p);
*05b00f60SXin Li			number_of_channels = GET_LE_U_2(p + 1);
*05b00f60SXin Li			ND_PRINT("Channel Page = %d, Number of Channels = %d, ",
*05b00f60SXin Li				 channel_page, number_of_channels);
*05b00f60SXin Li			ND_PRINT("Phy Configuration = 0x%08x, ",
*05b00f60SXin Li				 GET_LE_U_4(p + 3));
*05b00f60SXin Li			p += 7;
*05b00f60SXin Li			sub_ie_len -= 7;
*05b00f60SXin Li			if (channel_page == 9 || channel_page == 10) {
*05b00f60SXin Li				len = (number_of_channels + 7) / 8;
*05b00f60SXin Li				if (sub_ie_len < len) {
*05b00f60SXin Li					ND_PRINT("[ERROR: IE truncated]");
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li				ND_PRINT("Extended bitmap = 0x");
*05b00f60SXin Li				for(i = 0; i < len; i++) {
*05b00f60SXin Li					ND_PRINT("%02x", GET_U_1(p + i));
*05b00f60SXin Li				}
*05b00f60SXin Li				ND_PRINT(", ");
*05b00f60SXin Li				p += len;
*05b00f60SXin Li				sub_ie_len -= len;
*05b00f60SXin Li			}
*05b00f60SXin Li			if (sub_ie_len < 2) {
*05b00f60SXin Li				ND_PRINT("[ERROR: IE truncated]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			len = GET_LE_U_2(p);
*05b00f60SXin Li			p += 2;
*05b00f60SXin Li			sub_ie_len -= 2;
*05b00f60SXin Li			ND_PRINT("Hopping Seq length = %d [ ", len);
*05b00f60SXin Li
*05b00f60SXin Li			if (sub_ie_len < len * 2) {
*05b00f60SXin Li				ND_PRINT(" [ERROR: IE truncated]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			for(i = 0; i < len; i++) {
*05b00f60SXin Li				ND_PRINT("%02x ", GET_LE_U_2(p + i * 2));
*05b00f60SXin Li			}
*05b00f60SXin Li			ND_PRINT("]");
*05b00f60SXin Li			p += len * 2;
*05b00f60SXin Li			sub_ie_len -= len * 2;
*05b00f60SXin Li			if (sub_ie_len < 2) {
*05b00f60SXin Li				ND_PRINT("[ERROR: IE truncated]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			ND_PRINT("Current hop = %d", GET_LE_U_2(p));
*05b00f60SXin Li		}
*05b00f60SXin Li
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1a: /* TSCH Synchronization IE. */
*05b00f60SXin Li		if (sub_ie_len < 6) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Length != 6]");
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("ASN = %010" PRIx64 ", Join Metric = %d ",
*05b00f60SXin Li			 GET_LE_U_5(p), GET_U_1(p + 5));
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1b: /* TSCH Slotframe and Link IE. */
*05b00f60SXin Li		{
*05b00f60SXin Li			int sf_num, off, links, opts;
*05b00f60SXin Li
*05b00f60SXin Li			if (sub_ie_len < 1) {
*05b00f60SXin Li				ND_PRINT("[ERROR: Truncated IE]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			sf_num = GET_U_1(p);
*05b00f60SXin Li			ND_PRINT("Slotframes = %d ", sf_num);
*05b00f60SXin Li			off = 1;
*05b00f60SXin Li			for(i = 0; i < sf_num; i++) {
*05b00f60SXin Li				if (sub_ie_len < off + 4) {
*05b00f60SXin Li					ND_PRINT("[ERROR: Truncated IE before slotframes]");
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li				links = GET_U_1(p + off + 3);
*05b00f60SXin Li				ND_PRINT("\n\t\t\t[ Handle %d, size = %d, links = %d ",
*05b00f60SXin Li					 GET_U_1(p + off),
*05b00f60SXin Li					 GET_LE_U_2(p + off + 1),
*05b00f60SXin Li					 links);
*05b00f60SXin Li				off += 4;
*05b00f60SXin Li				for(j = 0; j < links; j++) {
*05b00f60SXin Li					if (sub_ie_len < off + 5) {
*05b00f60SXin Li						ND_PRINT("[ERROR: Truncated IE links]");
*05b00f60SXin Li						break;
*05b00f60SXin Li					}
*05b00f60SXin Li					opts = GET_U_1(p + off + 4);
*05b00f60SXin Li					ND_PRINT("\n\t\t\t\t[ Timeslot =  %d, Offset = %d, Options = ",
*05b00f60SXin Li						 GET_LE_U_2(p + off),
*05b00f60SXin Li						 GET_LE_U_2(p + off + 2));
*05b00f60SXin Li					if (opts & 0x1) { ND_PRINT("TX "); }
*05b00f60SXin Li					if (opts & 0x2) { ND_PRINT("RX "); }
*05b00f60SXin Li					if (opts & 0x4) { ND_PRINT("Shared "); }
*05b00f60SXin Li					if (opts & 0x8) {
*05b00f60SXin Li						ND_PRINT("Timekeeping ");
*05b00f60SXin Li					}
*05b00f60SXin Li					if (opts & 0x10) {
*05b00f60SXin Li						ND_PRINT("Priority ");
*05b00f60SXin Li					}
*05b00f60SXin Li					off += 5;
*05b00f60SXin Li					ND_PRINT("] ");
*05b00f60SXin Li				}
*05b00f60SXin Li				ND_PRINT("] ");
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1c: /* TSCH Timeslot IE. */
*05b00f60SXin Li		if (sub_ie_len == 1) {
*05b00f60SXin Li			ND_PRINT("Time slot ID = %d ", GET_U_1(p));
*05b00f60SXin Li		} else if (sub_ie_len == 25) {
*05b00f60SXin Li			ND_PRINT("Time slot ID = %d, CCA Offset = %d, CCA = %d, TX Offset = %d, RX Offset = %d, RX Ack Delay = %d, TX Ack Delay = %d, RX Wait = %d, Ack Wait = %d, RX TX = %d, Max Ack = %d, Max TX = %d, Time slot Length = %d ",
*05b00f60SXin Li				 GET_U_1(p),
*05b00f60SXin Li				 GET_LE_U_2(p + 1),
*05b00f60SXin Li				 GET_LE_U_2(p + 3),
*05b00f60SXin Li				 GET_LE_U_2(p + 5),
*05b00f60SXin Li				 GET_LE_U_2(p + 7),
*05b00f60SXin Li				 GET_LE_U_2(p + 9),
*05b00f60SXin Li				 GET_LE_U_2(p + 11),
*05b00f60SXin Li				 GET_LE_U_2(p + 13),
*05b00f60SXin Li				 GET_LE_U_2(p + 15),
*05b00f60SXin Li				 GET_LE_U_2(p + 17),
*05b00f60SXin Li				 GET_LE_U_2(p + 19),
*05b00f60SXin Li				 GET_LE_U_2(p + 21),
*05b00f60SXin Li				 GET_LE_U_2(p + 23));
*05b00f60SXin Li		} else if (sub_ie_len == 27) {
*05b00f60SXin Li			ND_PRINT("Time slot ID = %d, CCA Offset = %d, CCA = %d, TX Offset = %d, RX Offset = %d, RX Ack Delay = %d, TX Ack Delay = %d, RX Wait = %d, Ack Wait = %d, RX TX = %d, Max Ack = %d, Max TX = %d, Time slot Length = %d ",
*05b00f60SXin Li				 GET_U_1(p),
*05b00f60SXin Li				 GET_LE_U_2(p + 1),
*05b00f60SXin Li				 GET_LE_U_2(p + 3),
*05b00f60SXin Li				 GET_LE_U_2(p + 5),
*05b00f60SXin Li				 GET_LE_U_2(p + 7),
*05b00f60SXin Li				 GET_LE_U_2(p + 9),
*05b00f60SXin Li				 GET_LE_U_2(p + 11),
*05b00f60SXin Li				 GET_LE_U_2(p + 13),
*05b00f60SXin Li				 GET_LE_U_2(p + 15),
*05b00f60SXin Li				 GET_LE_U_2(p + 17),
*05b00f60SXin Li				 GET_LE_U_2(p + 19),
*05b00f60SXin Li				 GET_LE_U_3(p + 21),
*05b00f60SXin Li				 GET_LE_U_3(p + 24));
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("[ERROR: Length not 1, 25, or 27]");
*05b00f60SXin Li			ND_PRINT("\n\t\t\tIE Data = ");
*05b00f60SXin Li			for(i = 0; i < sub_ie_len; i++) {
*05b00f60SXin Li				ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x1d: /* Hopping timing IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x1e: /* Enhanced Beacon Filter IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x1f: /* MAC Metrics IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x20: /* All MAC Metrics IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x21: /* Coexistence Specification IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x22: /* SUN Device Capabilities IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x23: /* SUN FSK Generic PHY IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x24: /* Mode Switch Parameter IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x25: /* PHY Parameter Change IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x26: /* O-QPSK PHY Mode IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x27: /* PCA Allocation IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x28: /* LECIM DSSS Operating Mode IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x29: /* LECIM FSK Operating Mode IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x2b: /* TVWS PHY Operating Mode Description IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x2c: /* TVWS Device Capabilities IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x2d: /* TVWS Device Category IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x2e: /* TVWS Device Identification IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x2f: /* TVWS Device Location IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x30: /* TVWS Channel Information Query IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x31: /* TVWS Channel Information Source IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x32: /* CTM IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x33: /* Timestamp IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x34: /* Timestamp Difference IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x35: /* TMCTP Specification IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x36: /* TCC PHY Operating Mode IE */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	default:
*05b00f60SXin Li		ND_PRINT("IE Data = ");
*05b00f60SXin Li		for(i = 0; i < sub_ie_len; i++) {
*05b00f60SXin Li			ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * MLME IE list parsing and printing. See 7.4.3.2 of 802.15.4-2015
*05b00f60SXin Li * for more information.
*05b00f60SXin Li */
*05b00f60SXin Listatic void
*05b00f60SXin Liieee802_15_4_print_mlme_ie_list(netdissect_options *ndo,
*05b00f60SXin Li				const u_char *p,
*05b00f60SXin Li				uint16_t ie_len)
*05b00f60SXin Li{
*05b00f60SXin Li	int ie, sub_id, i, type;
*05b00f60SXin Li	uint16_t sub_ie_len;
*05b00f60SXin Li
*05b00f60SXin Li	do {
*05b00f60SXin Li		if (ie_len < 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated MLME IE]");
*05b00f60SXin Li			return;
*05b00f60SXin Li		}
*05b00f60SXin Li		/* Extract IE header */
*05b00f60SXin Li		ie = GET_LE_U_2(p);
*05b00f60SXin Li		type = CHECK_BIT(ie, 15);
*05b00f60SXin Li		if (type) {
*05b00f60SXin Li			/* Long type */
*05b00f60SXin Li			sub_ie_len = ie & 0x3ff;
*05b00f60SXin Li			sub_id = (ie >> 11) & 0x0f;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			sub_ie_len = ie & 0xff;
*05b00f60SXin Li			sub_id = (ie >> 8) & 0x7f;
*05b00f60SXin Li		}
*05b00f60SXin Li
*05b00f60SXin Li		/* Skip the IE header */
*05b00f60SXin Li		p += 2;
*05b00f60SXin Li
*05b00f60SXin Li		if (type == 0) {
*05b00f60SXin Li			ND_PRINT("\n\t\t%s [ length = %d, ",
*05b00f60SXin Li				 p_mlme_short_names[sub_id], sub_ie_len);
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("\n\t\t%s [ length = %d, ",
*05b00f60SXin Li				 p_mlme_long_names[sub_id], sub_ie_len);
*05b00f60SXin Li		}
*05b00f60SXin Li
*05b00f60SXin Li		if (ie_len < 2 + sub_ie_len) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated IE data]");
*05b00f60SXin Li			return;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (sub_ie_len != 0) {
*05b00f60SXin Li			if (ndo->ndo_vflag > 3) {
*05b00f60SXin Li				ieee802_15_4_print_mlme_ie(ndo, p, sub_ie_len, sub_id);
*05b00f60SXin Li			} else if (ndo->ndo_vflag > 2) {
*05b00f60SXin Li				ND_PRINT("IE Data = ");
*05b00f60SXin Li				for(i = 0; i < sub_ie_len; i++) {
*05b00f60SXin Li					ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li				}
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("] ");
*05b00f60SXin Li		p += sub_ie_len;
*05b00f60SXin Li		ie_len -= 2 + sub_ie_len;
*05b00f60SXin Li	} while (ie_len > 0);
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Multiplexd IE (802.15.9) parsing and printing.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns number of bytes consumed from packet or -1 in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic void
*05b00f60SXin Liieee802_15_4_print_mpx_ie(netdissect_options *ndo,
*05b00f60SXin Li			  const u_char *p,
*05b00f60SXin Li			  uint16_t ie_len)
*05b00f60SXin Li{
*05b00f60SXin Li	int transfer_type, tid;
*05b00f60SXin Li	int fragment_number, data_start;
*05b00f60SXin Li	int i;
*05b00f60SXin Li
*05b00f60SXin Li	data_start = 0;
*05b00f60SXin Li	if (ie_len < 1) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Transaction control byte missing]");
*05b00f60SXin Li		return;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	transfer_type = GET_U_1(p) & 0x7;
*05b00f60SXin Li	tid = GET_U_1(p) >> 3;
*05b00f60SXin Li	switch (transfer_type) {
*05b00f60SXin Li	case 0x00: /* Full upper layer frame. */
*05b00f60SXin Li	case 0x01: /* Full upper layer frame with small Multiplex ID. */
*05b00f60SXin Li		ND_PRINT("Type = Full upper layer fragment%s, ",
*05b00f60SXin Li			 (transfer_type == 0x01 ?
*05b00f60SXin Li			  " with small Multiplex ID" : ""));
*05b00f60SXin Li		if (transfer_type == 0x00) {
*05b00f60SXin Li			if (ie_len < 3) {
*05b00f60SXin Li				ND_PRINT("[ERROR: Multiplex ID missing]");
*05b00f60SXin Li				return;
*05b00f60SXin Li			}
*05b00f60SXin Li			data_start = 3;
*05b00f60SXin Li			ND_PRINT("tid = 0x%02x, Multiplex ID = 0x%04x, ",
*05b00f60SXin Li				 tid, GET_LE_U_2(p + 1));
*05b00f60SXin Li		} else {
*05b00f60SXin Li			data_start = 1;
*05b00f60SXin Li			ND_PRINT("Multiplex ID = 0x%04x, ", tid);
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x02: /* First, or middle, Fragments */
*05b00f60SXin Li	case 0x04: /* Last fragment */
*05b00f60SXin Li		if (ie_len < 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: fragment number missing]");
*05b00f60SXin Li			return;
*05b00f60SXin Li		}
*05b00f60SXin Li
*05b00f60SXin Li		fragment_number = GET_U_1(p + 1);
*05b00f60SXin Li		ND_PRINT("Type = %s, tid = 0x%02x, fragment = 0x%02x, ",
*05b00f60SXin Li			 (transfer_type == 0x02 ?
*05b00f60SXin Li			  (fragment_number == 0 ?
*05b00f60SXin Li			   "First fragment" : "Middle fragment") :
*05b00f60SXin Li			  "Last fragment"), tid,
*05b00f60SXin Li			 fragment_number);
*05b00f60SXin Li		data_start = 2;
*05b00f60SXin Li		if (fragment_number == 0) {
*05b00f60SXin Li			int total_size, multiplex_id;
*05b00f60SXin Li
*05b00f60SXin Li			if (ie_len < 6) {
*05b00f60SXin Li				ND_PRINT("[ERROR: Total upper layer size or multiplex ID missing]");
*05b00f60SXin Li				return;
*05b00f60SXin Li			}
*05b00f60SXin Li			total_size = GET_LE_U_2(p + 2);
*05b00f60SXin Li			multiplex_id = GET_LE_U_2(p + 4);
*05b00f60SXin Li			ND_PRINT("Total upper layer size = 0x%04x, Multiplex ID = 0x%04x, ",
*05b00f60SXin Li				 total_size, multiplex_id);
*05b00f60SXin Li			data_start = 6;
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x06: /* Abort code */
*05b00f60SXin Li		if (ie_len == 1) {
*05b00f60SXin Li			ND_PRINT("Type = Abort, tid = 0x%02x, no max size given",
*05b00f60SXin Li				 tid);
*05b00f60SXin Li		} else if (ie_len == 3) {
*05b00f60SXin Li			ND_PRINT("Type = Abort, tid = 0x%02x, max size = 0x%04x",
*05b00f60SXin Li				 tid, GET_LE_U_2(p + 1));
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("Type = Abort, tid = 0x%02x, invalid length = %d (not 1 or 3)",
*05b00f60SXin Li				 tid, ie_len);
*05b00f60SXin Li			ND_PRINT("Abort data = ");
*05b00f60SXin Li			for(i = 1; i < ie_len; i++) {
*05b00f60SXin Li				ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		return;
*05b00f60SXin Li		/* NOTREACHED */
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x03: /* Reserved */
*05b00f60SXin Li	case 0x05: /* Reserved */
*05b00f60SXin Li	case 0x07: /* Reserved */
*05b00f60SXin Li		ND_PRINT("Type = %d (Reserved), tid = 0x%02x, ",
*05b00f60SXin Li			 transfer_type, tid);
*05b00f60SXin Li		data_start = 1;
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	ND_PRINT("Upper layer data = ");
*05b00f60SXin Li	for(i = data_start; i < ie_len; i++) {
*05b00f60SXin Li		ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li	}
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Payload IE list parsing and printing. See 7.4.3 of 802.15.4-2015
*05b00f60SXin Li * for more information.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns number of byts consumed from the packet or -1 in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic int
*05b00f60SXin Liieee802_15_4_print_payload_ie_list(netdissect_options *ndo,
*05b00f60SXin Li				   const u_char *p,
*05b00f60SXin Li				   u_int caplen)
*05b00f60SXin Li{
*05b00f60SXin Li	int len, ie, group_id, i;
*05b00f60SXin Li	uint16_t ie_len;
*05b00f60SXin Li
*05b00f60SXin Li	len = 0;
*05b00f60SXin Li	do {
*05b00f60SXin Li		if (caplen < 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated header IE]");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		}
*05b00f60SXin Li		/* Extract IE header */
*05b00f60SXin Li		ie = GET_LE_U_2(p);
*05b00f60SXin Li		if ((CHECK_BIT(ie, 15)) == 0) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Payload IE with type 0] ");
*05b00f60SXin Li		}
*05b00f60SXin Li		ie_len = ie & 0x3ff;
*05b00f60SXin Li		group_id = (ie >> 11) & 0x0f;
*05b00f60SXin Li
*05b00f60SXin Li		/* Skip the IE header */
*05b00f60SXin Li		p += 2;
*05b00f60SXin Li		if (ie_len == 0) {
*05b00f60SXin Li			ND_PRINT("\n\t%s [", p_ie_names[group_id]);
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("\n\t%s [ length = %d, ",
*05b00f60SXin Li				 p_ie_names[group_id], ie_len);
*05b00f60SXin Li		}
*05b00f60SXin Li		if (caplen < 2U + ie_len) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated IE data]");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (ndo->ndo_vflag > 3 && ie_len != 0) {
*05b00f60SXin Li			switch (group_id) {
*05b00f60SXin Li			case 0x1: /* MLME IE */
*05b00f60SXin Li				ieee802_15_4_print_mlme_ie_list(ndo, p, ie_len);
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x2: /* Vendor Specific Nested IE */
*05b00f60SXin Li				if (ie_len < 3) {
*05b00f60SXin Li					ND_PRINT("[ERROR: Vendor OUI missing]");
*05b00f60SXin Li				} else {
*05b00f60SXin Li					ND_PRINT("OUI = 0x%02x%02x%02x, ",
*05b00f60SXin Li						 GET_U_1(p),
*05b00f60SXin Li						 GET_U_1(p + 1),
*05b00f60SXin Li						 GET_U_1(p + 2));
*05b00f60SXin Li					ND_PRINT("Data = ");
*05b00f60SXin Li					for(i = 3; i < ie_len; i++) {
*05b00f60SXin Li						ND_PRINT("%02x ",
*05b00f60SXin Li							 GET_U_1(p + i));
*05b00f60SXin Li					}
*05b00f60SXin Li				}
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x3: /* Multiplexed IE (802.15.9) */
*05b00f60SXin Li				ieee802_15_4_print_mpx_ie(ndo, p, ie_len);
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x5: /* IETF IE */
*05b00f60SXin Li				if (ie_len < 1) {
*05b00f60SXin Li					ND_PRINT("[ERROR: Subtype ID missing]");
*05b00f60SXin Li				} else {
*05b00f60SXin Li					ND_PRINT("Subtype ID = 0x%02x, Subtype content = ",
*05b00f60SXin Li						 GET_U_1(p));
*05b00f60SXin Li					for(i = 1; i < ie_len; i++) {
*05b00f60SXin Li						ND_PRINT("%02x ",
*05b00f60SXin Li							 GET_U_1(p + i));
*05b00f60SXin Li					}
*05b00f60SXin Li				}
*05b00f60SXin Li				break;
*05b00f60SXin Li			default:
*05b00f60SXin Li				ND_PRINT("IE Data = ");
*05b00f60SXin Li				for(i = 0; i < ie_len; i++) {
*05b00f60SXin Li					ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li				}
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li		} else {
*05b00f60SXin Li			if (ie_len != 0) {
*05b00f60SXin Li				ND_PRINT("IE Data = ");
*05b00f60SXin Li				for(i = 0; i < ie_len; i++) {
*05b00f60SXin Li					ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li				}
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("]\n\t");
*05b00f60SXin Li		len += 2 + ie_len;
*05b00f60SXin Li		p += ie_len;
*05b00f60SXin Li		caplen -= 2 + ie_len;
*05b00f60SXin Li		if (group_id == 0xf) {
*05b00f60SXin Li			break;
*05b00f60SXin Li		}
*05b00f60SXin Li	} while (caplen > 0);
*05b00f60SXin Li	return len;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Parse and print auxiliary security header.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns number of byts consumed from the packet or -1 in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic int
*05b00f60SXin Liieee802_15_4_print_aux_sec_header(netdissect_options *ndo,
*05b00f60SXin Li				  const u_char *p,
*05b00f60SXin Li				  u_int caplen,
*05b00f60SXin Li				  int *security_level)
*05b00f60SXin Li{
*05b00f60SXin Li	int sc, key_id_mode, len;
*05b00f60SXin Li
*05b00f60SXin Li	if (caplen < 1) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Truncated before Aux Security Header]");
*05b00f60SXin Li		return -1;
*05b00f60SXin Li	}
*05b00f60SXin Li	sc = GET_U_1(p);
*05b00f60SXin Li	len = 1;
*05b00f60SXin Li	*security_level = sc & 0x7;
*05b00f60SXin Li	key_id_mode = (sc >> 3) & 0x3;
*05b00f60SXin Li
*05b00f60SXin Li	caplen -= 1;
*05b00f60SXin Li	p += 1;
*05b00f60SXin Li
*05b00f60SXin Li	if (ndo->ndo_vflag > 0) {
*05b00f60SXin Li		ND_PRINT("\n\tSecurity Level %d, Key Id Mode %d, ",
*05b00f60SXin Li			 *security_level, key_id_mode);
*05b00f60SXin Li	}
*05b00f60SXin Li	if ((CHECK_BIT(sc, 5)) == 0) {
*05b00f60SXin Li		if (caplen < 4) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before Frame Counter]");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (ndo->ndo_vflag > 1) {
*05b00f60SXin Li			ND_PRINT("Frame Counter 0x%08x ",
*05b00f60SXin Li				 GET_LE_U_4(p));
*05b00f60SXin Li		}
*05b00f60SXin Li		p += 4;
*05b00f60SXin Li		caplen -= 4;
*05b00f60SXin Li		len += 4;
*05b00f60SXin Li	}
*05b00f60SXin Li	switch (key_id_mode) {
*05b00f60SXin Li	case 0x00: /* Implicit. */
*05b00f60SXin Li		if (ndo->ndo_vflag > 1) {
*05b00f60SXin Li			ND_PRINT("Implicit");
*05b00f60SXin Li		}
*05b00f60SXin Li		return len;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x01: /* Key Index, nothing to print here. */
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x02: /* PAN and Short address Key Source, and Key Index. */
*05b00f60SXin Li		if (caplen < 4) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before Key Source]");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (ndo->ndo_vflag > 1) {
*05b00f60SXin Li			ND_PRINT("KeySource 0x%04x:%0x4x, ",
*05b00f60SXin Li				 GET_LE_U_2(p), GET_LE_U_2(p + 2));
*05b00f60SXin Li		}
*05b00f60SXin Li		p += 4;
*05b00f60SXin Li		caplen -= 4;
*05b00f60SXin Li		len += 4;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x03: /* Extended address and Key Index. */
*05b00f60SXin Li		if (caplen < 8) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before Key Source]");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (ndo->ndo_vflag > 1) {
*05b00f60SXin Li			ND_PRINT("KeySource %s, ", GET_LE64ADDR_STRING(p));
*05b00f60SXin Li		}
*05b00f60SXin Li		p += 4;
*05b00f60SXin Li		caplen -= 4;
*05b00f60SXin Li		len += 4;
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li	if (caplen < 1) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Truncated before Key Index]");
*05b00f60SXin Li		return -1;
*05b00f60SXin Li	}
*05b00f60SXin Li	if (ndo->ndo_vflag > 1) {
*05b00f60SXin Li		ND_PRINT("KeyIndex 0x%02x, ", GET_U_1(p));
*05b00f60SXin Li	}
*05b00f60SXin Li	caplen -= 1;
*05b00f60SXin Li	p += 1;
*05b00f60SXin Li	len += 1;
*05b00f60SXin Li	return len;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Print command data.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns number of byts consumed from the packet or -1 in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic int
*05b00f60SXin Liieee802_15_4_print_command_data(netdissect_options *ndo,
*05b00f60SXin Li				uint8_t command_id,
*05b00f60SXin Li				const u_char *p,
*05b00f60SXin Li				u_int caplen)
*05b00f60SXin Li{
*05b00f60SXin Li	u_int i;
*05b00f60SXin Li
*05b00f60SXin Li	switch (command_id) {
*05b00f60SXin Li	case 0x01: /* Association Request */
*05b00f60SXin Li		if (caplen != 1) {
*05b00f60SXin Li			ND_PRINT("Invalid Association request command length");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			uint8_t cap_info;
*05b00f60SXin Li			cap_info = GET_U_1(p);
*05b00f60SXin Li			ND_PRINT("%s%s%s%s%s%s",
*05b00f60SXin Li				 ((cap_info & 0x02) ?
*05b00f60SXin Li				  "FFD, " : "RFD, "),
*05b00f60SXin Li				 ((cap_info & 0x04) ?
*05b00f60SXin Li				  "AC powered, " : ""),
*05b00f60SXin Li				 ((cap_info & 0x08) ?
*05b00f60SXin Li				  "Receiver on when idle, " : ""),
*05b00f60SXin Li				 ((cap_info & 0x10) ?
*05b00f60SXin Li				  "Fast association, " : ""),
*05b00f60SXin Li				 ((cap_info & 0x40) ?
*05b00f60SXin Li				  "Security supported, " : ""),
*05b00f60SXin Li				 ((cap_info & 0x80) ?
*05b00f60SXin Li				  "Allocate address, " : ""));
*05b00f60SXin Li			return caplen;
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x02: /* Association Response */
*05b00f60SXin Li		if (caplen != 3) {
*05b00f60SXin Li			ND_PRINT("Invalid Association response command length");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("Short address = ");
*05b00f60SXin Li			ieee802_15_4_print_addr(ndo, p, 2);
*05b00f60SXin Li			switch (GET_U_1(p + 2)) {
*05b00f60SXin Li			case 0x00:
*05b00f60SXin Li				ND_PRINT(", Association successful");
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x01:
*05b00f60SXin Li				ND_PRINT(", PAN at capacity");
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x02:
*05b00f60SXin Li				ND_PRINT(", PAN access denied");
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x03:
*05b00f60SXin Li				ND_PRINT(", Hooping sequence offset duplication");
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x80:
*05b00f60SXin Li				ND_PRINT(", Fast association successful");
*05b00f60SXin Li				break;
*05b00f60SXin Li			default:
*05b00f60SXin Li				ND_PRINT(", Status = 0x%02x",
*05b00f60SXin Li					 GET_U_1(p + 2));
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			return caplen;
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x03: /* Diassociation Notification command */
*05b00f60SXin Li		if (caplen != 1) {
*05b00f60SXin Li			ND_PRINT("Invalid Disassociation Notification command length");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			switch (GET_U_1(p)) {
*05b00f60SXin Li			case 0x00:
*05b00f60SXin Li				ND_PRINT("Reserved");
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x01:
*05b00f60SXin Li				ND_PRINT("Reason = The coordinator wishes the device to leave PAN");
*05b00f60SXin Li				break;
*05b00f60SXin Li			case 0x02:
*05b00f60SXin Li				ND_PRINT("Reason = The device wishes to leave the PAN");
*05b00f60SXin Li				break;
*05b00f60SXin Li			default:
*05b00f60SXin Li				ND_PRINT("Reason = 0x%02x", GET_U_1(p + 2));
*05b00f60SXin Li				break;
*05b00f60SXin Li			}
*05b00f60SXin Li			return caplen;
*05b00f60SXin Li		}
*05b00f60SXin Li
*05b00f60SXin Li		/* Following ones do not have any data. */
*05b00f60SXin Li	case 0x04: /* Data Request command */
*05b00f60SXin Li	case 0x05: /* PAN ID Conflict Notification command */
*05b00f60SXin Li	case 0x06: /* Orphan Notification command */
*05b00f60SXin Li	case 0x07: /* Beacon Request command */
*05b00f60SXin Li		/* Should not have any data. */
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	case 0x08: /* Coordinator Realignment command */
*05b00f60SXin Li		if (caplen < 7 || caplen > 8) {
*05b00f60SXin Li			ND_PRINT("Invalid Coordinator Realignment command length");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			uint16_t channel, page;
*05b00f60SXin Li
*05b00f60SXin Li			ND_PRINT("Pan ID = 0x%04x, Coordinator short address = ",
*05b00f60SXin Li				 GET_LE_U_2(p));
*05b00f60SXin Li			ieee802_15_4_print_addr(ndo, p + 2, 2);
*05b00f60SXin Li			channel = GET_U_1(p + 4);
*05b00f60SXin Li
*05b00f60SXin Li			if (caplen == 8) {
*05b00f60SXin Li				page = GET_U_1(p + 7);
*05b00f60SXin Li			} else {
*05b00f60SXin Li				page = 0x80;
*05b00f60SXin Li			}
*05b00f60SXin Li			if (CHECK_BIT(page, 7)) {
*05b00f60SXin Li				/* No page present, instead we have msb of
*05b00f60SXin Li				   channel in the page. */
*05b00f60SXin Li				channel |= (page & 0x7f) << 8;
*05b00f60SXin Li				ND_PRINT(", Channel Number = %d", channel);
*05b00f60SXin Li			} else {
*05b00f60SXin Li				ND_PRINT(", Channel Number = %d, page = %d",
*05b00f60SXin Li					 channel, page);
*05b00f60SXin Li			}
*05b00f60SXin Li			ND_PRINT(", Short address = ");
*05b00f60SXin Li			ieee802_15_4_print_addr(ndo, p + 5, 2);
*05b00f60SXin Li			return caplen;
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x09: /* GTS Request command */
*05b00f60SXin Li		if (caplen != 1) {
*05b00f60SXin Li			ND_PRINT("Invalid GTS Request command length");
*05b00f60SXin Li			return -1;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			uint8_t gts;
*05b00f60SXin Li
*05b00f60SXin Li			gts = GET_U_1(p);
*05b00f60SXin Li			ND_PRINT("GTS Length = %d, %s, %s",
*05b00f60SXin Li				 gts & 0xf,
*05b00f60SXin Li				 (CHECK_BIT(gts, 4) ?
*05b00f60SXin Li				  "Receive-only GTS" : "Transmit-only GTS"),
*05b00f60SXin Li				 (CHECK_BIT(gts, 5) ?
*05b00f60SXin Li				  "GTS allocation" : "GTS deallocations"));
*05b00f60SXin Li			return caplen;
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x13: /* DSME Association Request command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x14: /* DSME Association Response command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x15: /* DSME GTS Request command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x16: /* DSME GTS Response command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x17: /* DSME GTS Notify command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x18: /* DSME Information Request command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x19: /* DSME Information Response command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x1a: /* DSME Beacon Allocation Notification command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x1b: /* DSME Beacon Collision Notification command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x1c: /* DSME Link Report command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x20: /* RIT Data Request command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x21: /* DBS Request command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x22: /* DBS Response command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x23: /* RIT Data Response command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x24: /* Vendor Specific command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x0a: /* TRLE Management Request command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	case 0x0b: /* TRLE Management Response command */
*05b00f60SXin Li		/* XXX Not implemented */
*05b00f60SXin Li	default:
*05b00f60SXin Li		ND_PRINT("Command Data = ");
*05b00f60SXin Li		for(i = 0; i < caplen; i++) {
*05b00f60SXin Li			ND_PRINT("%02x ", GET_U_1(p + i));
*05b00f60SXin Li		}
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li	return 0;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Parse and print frames following standard format.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns FALSE in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic u_int
*05b00f60SXin Liieee802_15_4_std_frames(netdissect_options *ndo,
*05b00f60SXin Li			const u_char *p, u_int caplen,
*05b00f60SXin Li			uint16_t fc)
*05b00f60SXin Li{
*05b00f60SXin Li	int len, frame_version, pan_id_comp;
*05b00f60SXin Li	int frame_type;
*05b00f60SXin Li	int src_pan, dst_pan, src_addr_len, dst_addr_len;
*05b00f60SXin Li	int security_level;
*05b00f60SXin Li	u_int miclen = 0;
*05b00f60SXin Li	int payload_ie_present;
*05b00f60SXin Li	uint8_t seq;
*05b00f60SXin Li	uint32_t fcs, crc_check;
*05b00f60SXin Li	const u_char *mic_start = NULL;
*05b00f60SXin Li
*05b00f60SXin Li	payload_ie_present = 0;
*05b00f60SXin Li
*05b00f60SXin Li	crc_check = 0;
*05b00f60SXin Li	/* Assume 2 octet FCS, the FCS length depends on the PHY, and we do not
*05b00f60SXin Li	   know about that. */
*05b00f60SXin Li	if (caplen < 4) {
*05b00f60SXin Li		/* Cannot have FCS, assume no FCS. */
*05b00f60SXin Li		fcs = 0;
*05b00f60SXin Li	} else {
*05b00f60SXin Li		/* Test for 4 octet FCS. */
*05b00f60SXin Li		fcs = GET_LE_U_4(p + caplen - 4);
*05b00f60SXin Li		crc_check = ieee802_15_4_crc32(ndo, p, caplen - 4);
*05b00f60SXin Li		if (crc_check == fcs) {
*05b00f60SXin Li			/* Remove FCS */
*05b00f60SXin Li			caplen -= 4;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			/* Test for 2 octet FCS. */
*05b00f60SXin Li			fcs = GET_LE_U_2(p + caplen - 2);
*05b00f60SXin Li			crc_check = ieee802_15_4_crc16(ndo, p, caplen - 2);
*05b00f60SXin Li			if (crc_check == fcs) {
*05b00f60SXin Li				/* Remove FCS */
*05b00f60SXin Li				caplen -= 2;
*05b00f60SXin Li			} else {
*05b00f60SXin Li				/* Wrong FCS, FCS might not be included in the
*05b00f60SXin Li				   captured frame, do not remove it. */
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Frame version. */
*05b00f60SXin Li	frame_version = FC_FRAME_VERSION(fc);
*05b00f60SXin Li	frame_type = FC_FRAME_TYPE(fc);
*05b00f60SXin Li	ND_PRINT("v%d ", frame_version);
*05b00f60SXin Li
*05b00f60SXin Li	if (ndo->ndo_vflag > 2) {
*05b00f60SXin Li		if (CHECK_BIT(fc, 3)) { ND_PRINT("Security Enabled, "); }
*05b00f60SXin Li		if (CHECK_BIT(fc, 4)) { ND_PRINT("Frame Pending, "); }
*05b00f60SXin Li		if (CHECK_BIT(fc, 5)) { ND_PRINT("AR, "); }
*05b00f60SXin Li		if (CHECK_BIT(fc, 6)) { ND_PRINT("PAN ID Compression, "); }
*05b00f60SXin Li		if (CHECK_BIT(fc, 8)) { ND_PRINT("Sequence Number Suppression, "); }
*05b00f60SXin Li		if (CHECK_BIT(fc, 9)) { ND_PRINT("IE present, "); }
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Check for the sequence number suppression. */
*05b00f60SXin Li	if (CHECK_BIT(fc, 8)) {
*05b00f60SXin Li		/* Sequence number is suppressed. */
*05b00f60SXin Li		if (frame_version < 2) {
*05b00f60SXin Li			/* Sequence number can only be suppressed for frame
*05b00f60SXin Li			   version 2 or higher, this is invalid frame. */
*05b00f60SXin Li			ND_PRINT("[ERROR: Sequence number suppressed on frames where version < 2]");
*05b00f60SXin Li		}
*05b00f60SXin Li		if (ndo->ndo_vflag)
*05b00f60SXin Li			ND_PRINT("seq suppressed ");
*05b00f60SXin Li		if (caplen < 2) {
*05b00f60SXin Li			nd_print_trunc(ndo);
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		p += 2;
*05b00f60SXin Li		caplen -= 2;
*05b00f60SXin Li	} else {
*05b00f60SXin Li		seq = GET_U_1(p + 2);
*05b00f60SXin Li		if (ndo->ndo_vflag)
*05b00f60SXin Li			ND_PRINT("seq %02x ", seq);
*05b00f60SXin Li		if (caplen < 3) {
*05b00f60SXin Li			nd_print_trunc(ndo);
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		p += 3;
*05b00f60SXin Li		caplen -= 3;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* See which parts of addresses we have. */
*05b00f60SXin Li	dst_addr_len = ieee802_15_4_addr_len((fc >> 10) & 0x3);
*05b00f60SXin Li	src_addr_len = ieee802_15_4_addr_len((fc >> 14) & 0x3);
*05b00f60SXin Li	if (src_addr_len < 0) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Invalid src address mode]");
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	}
*05b00f60SXin Li	if (dst_addr_len < 0) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Invalid dst address mode]");
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	}
*05b00f60SXin Li	src_pan = 0;
*05b00f60SXin Li	dst_pan = 0;
*05b00f60SXin Li	pan_id_comp = CHECK_BIT(fc, 6);
*05b00f60SXin Li
*05b00f60SXin Li	/* The PAN ID Compression rules are complicated. */
*05b00f60SXin Li
*05b00f60SXin Li	/* First check old versions, where the rules are simple. */
*05b00f60SXin Li	if (frame_version < 2) {
*05b00f60SXin Li		if (pan_id_comp) {
*05b00f60SXin Li			src_pan = 0;
*05b00f60SXin Li			dst_pan = 1;
*05b00f60SXin Li			if (dst_addr_len <= 0 || src_addr_len <= 0) {
*05b00f60SXin Li				/* Invalid frame, PAN ID Compression must be 0
*05b00f60SXin Li				   if only one address in the frame. */
*05b00f60SXin Li				ND_PRINT("[ERROR: PAN ID Compression != 0, and only one address with frame version < 2]");
*05b00f60SXin Li			}
*05b00f60SXin Li		} else {
*05b00f60SXin Li			src_pan = 1;
*05b00f60SXin Li			dst_pan = 1;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (dst_addr_len <= 0) {
*05b00f60SXin Li			dst_pan = 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (src_addr_len <= 0) {
*05b00f60SXin Li			src_pan = 0;
*05b00f60SXin Li		}
*05b00f60SXin Li	} else {
*05b00f60SXin Li		/* Frame version 2 rules are more complicated, and they depend
*05b00f60SXin Li		   on the address modes of the frame, generic rules are same,
*05b00f60SXin Li		   but then there are some special cases. */
*05b00f60SXin Li		if (pan_id_comp) {
*05b00f60SXin Li			src_pan = 0;
*05b00f60SXin Li			dst_pan = 1;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			src_pan = 1;
*05b00f60SXin Li			dst_pan = 1;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (dst_addr_len <= 0) {
*05b00f60SXin Li			dst_pan = 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (src_addr_len <= 0) {
*05b00f60SXin Li			src_pan = 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		if (pan_id_comp) {
*05b00f60SXin Li			if (src_addr_len == 0 &&
*05b00f60SXin Li			    dst_addr_len == 0) {
*05b00f60SXin Li				/* Both addresses are missing, but PAN ID
*05b00f60SXin Li				   compression set, special case we have
*05b00f60SXin Li				   destination PAN but no addresses. */
*05b00f60SXin Li				dst_pan = 1;
*05b00f60SXin Li			} else if ((src_addr_len == 0 &&
*05b00f60SXin Li				    dst_addr_len > 0) ||
*05b00f60SXin Li				   (src_addr_len > 0 &&
*05b00f60SXin Li				    dst_addr_len == 0)) {
*05b00f60SXin Li				/* Only one address present, and PAN ID
*05b00f60SXin Li				   compression is set, we do not have PAN id at
*05b00f60SXin Li				   all. */
*05b00f60SXin Li				dst_pan = 0;
*05b00f60SXin Li				src_pan = 0;
*05b00f60SXin Li			} else if (src_addr_len == 8 &&
*05b00f60SXin Li				   dst_addr_len == 8) {
*05b00f60SXin Li				/* Both addresses are Extended, and PAN ID
*05b00f60SXin Li				   compression set, we do not have PAN ID at
*05b00f60SXin Li				   all. */
*05b00f60SXin Li				dst_pan = 0;
*05b00f60SXin Li				src_pan = 0;
*05b00f60SXin Li			}
*05b00f60SXin Li		} else {
*05b00f60SXin Li			/* Special cases where PAN ID Compression is not set. */
*05b00f60SXin Li			if (src_addr_len == 8 &&
*05b00f60SXin Li			    dst_addr_len == 8) {
*05b00f60SXin Li				/* Both addresses are Extended, and PAN ID
*05b00f60SXin Li				   compression not set, we do have only one PAN
*05b00f60SXin Li				   ID (destination). */
*05b00f60SXin Li				dst_pan = 1;
*05b00f60SXin Li				src_pan = 0;
*05b00f60SXin Li			}
*05b00f60SXin Li#ifdef BROKEN_6TISCH_PAN_ID_COMPRESSION
*05b00f60SXin Li			if (src_addr_len == 8 &&
*05b00f60SXin Li			    dst_addr_len == 2) {
*05b00f60SXin Li				/* Special case for the broken 6tisch
*05b00f60SXin Li				   implementations. */
*05b00f60SXin Li				src_pan = 0;
*05b00f60SXin Li			}
*05b00f60SXin Li#endif /* BROKEN_6TISCH_PAN_ID_COMPRESSION */
*05b00f60SXin Li		}
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Print dst PAN and address. */
*05b00f60SXin Li	if (dst_pan) {
*05b00f60SXin Li		if (caplen < 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before dst_pan]");
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("%04x:", GET_LE_U_2(p));
*05b00f60SXin Li		p += 2;
*05b00f60SXin Li		caplen -= 2;
*05b00f60SXin Li	} else {
*05b00f60SXin Li		ND_PRINT("-:");
*05b00f60SXin Li	}
*05b00f60SXin Li	if (caplen < (u_int) dst_addr_len) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Truncated before dst_addr]");
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	}
*05b00f60SXin Li	ieee802_15_4_print_addr(ndo, p, dst_addr_len);
*05b00f60SXin Li	p += dst_addr_len;
*05b00f60SXin Li	caplen -= dst_addr_len;
*05b00f60SXin Li
*05b00f60SXin Li	ND_PRINT(" < ");
*05b00f60SXin Li
*05b00f60SXin Li	/* Print src PAN and address. */
*05b00f60SXin Li	if (src_pan) {
*05b00f60SXin Li		if (caplen < 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before dst_pan]");
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("%04x:", GET_LE_U_2(p));
*05b00f60SXin Li		p += 2;
*05b00f60SXin Li		caplen -= 2;
*05b00f60SXin Li	} else {
*05b00f60SXin Li		ND_PRINT("-:");
*05b00f60SXin Li	}
*05b00f60SXin Li	if (caplen < (u_int) src_addr_len) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Truncated before dst_addr]");
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	}
*05b00f60SXin Li	ieee802_15_4_print_addr(ndo, p, src_addr_len);
*05b00f60SXin Li	ND_PRINT(" ");
*05b00f60SXin Li	p += src_addr_len;
*05b00f60SXin Li	caplen -= src_addr_len;
*05b00f60SXin Li	if (CHECK_BIT(fc, 3)) {
*05b00f60SXin Li		/*
*05b00f60SXin Li		 * XXX - if frame_version is 0, this is the 2003
*05b00f60SXin Li		 * spec, and you don't have the auxiliary security
*05b00f60SXin Li		 * header, you have a frame counter and key index
*05b00f60SXin Li		 * for the AES-CTR and AES-CCM security suites but
*05b00f60SXin Li		 * not for the AES-CBC-MAC security suite.
*05b00f60SXin Li		 */
*05b00f60SXin Li		len = ieee802_15_4_print_aux_sec_header(ndo, p, caplen,
*05b00f60SXin Li							&security_level);
*05b00f60SXin Li		if (len < 0) {
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_TCHECK_LEN(p, len);
*05b00f60SXin Li		p += len;
*05b00f60SXin Li		caplen -= len;
*05b00f60SXin Li	} else {
*05b00f60SXin Li		security_level = 0;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	switch (security_level) {
*05b00f60SXin Li	case 0: /*FALLTHOUGH */
*05b00f60SXin Li	case 4:
*05b00f60SXin Li		miclen = 0;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 1: /*FALLTHOUGH */
*05b00f60SXin Li	case 5:
*05b00f60SXin Li		miclen = 4;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 2: /*FALLTHOUGH */
*05b00f60SXin Li	case 6:
*05b00f60SXin Li		miclen = 8;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 3: /*FALLTHOUGH */
*05b00f60SXin Li	case 7:
*05b00f60SXin Li		miclen = 16;
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Remove MIC */
*05b00f60SXin Li	if (miclen != 0) {
*05b00f60SXin Li		if (caplen < miclen) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before MIC]");
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		caplen -= miclen;
*05b00f60SXin Li		mic_start = p + caplen;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Parse Information elements if present */
*05b00f60SXin Li	if (CHECK_BIT(fc, 9)) {
*05b00f60SXin Li		/* Yes we have those. */
*05b00f60SXin Li		len = ieee802_15_4_print_header_ie_list(ndo, p, caplen,
*05b00f60SXin Li							&payload_ie_present);
*05b00f60SXin Li		if (len < 0) {
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		p += len;
*05b00f60SXin Li		caplen -= len;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	if (payload_ie_present) {
*05b00f60SXin Li		if (security_level >= 4) {
*05b00f60SXin Li			ND_PRINT("Payload IEs present, but encrypted, cannot print ");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			len = ieee802_15_4_print_payload_ie_list(ndo, p, caplen);
*05b00f60SXin Li			if (len < 0) {
*05b00f60SXin Li				return 0;
*05b00f60SXin Li			}
*05b00f60SXin Li			p += len;
*05b00f60SXin Li			caplen -= len;
*05b00f60SXin Li		}
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Print MIC */
*05b00f60SXin Li	if (ndo->ndo_vflag > 2 && miclen != 0) {
*05b00f60SXin Li		ND_PRINT("\n\tMIC ");
*05b00f60SXin Li
*05b00f60SXin Li		for (u_int micoffset = 0; micoffset < miclen; micoffset++) {
*05b00f60SXin Li			ND_PRINT("%02x", GET_U_1(mic_start + micoffset));
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT(" ");
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Print FCS */
*05b00f60SXin Li	if (ndo->ndo_vflag > 2) {
*05b00f60SXin Li		if (crc_check == fcs) {
*05b00f60SXin Li			ND_PRINT("FCS %x ", fcs);
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("wrong FCS %x vs %x (assume no FCS stored) ",
*05b00f60SXin Li				 fcs, crc_check);
*05b00f60SXin Li		}
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Payload print */
*05b00f60SXin Li	switch (frame_type) {
*05b00f60SXin Li	case 0x00: /* Beacon */
*05b00f60SXin Li		if (frame_version < 2) {
*05b00f60SXin Li			if (caplen < 2) {
*05b00f60SXin Li				ND_PRINT("[ERROR: Truncated before beacon information]");
*05b00f60SXin Li				break;
*05b00f60SXin Li			} else {
*05b00f60SXin Li				uint16_t ss;
*05b00f60SXin Li
*05b00f60SXin Li				ss = GET_LE_U_2(p);
*05b00f60SXin Li				ieee802_15_4_print_superframe_specification(ndo, ss);
*05b00f60SXin Li				p += 2;
*05b00f60SXin Li				caplen -= 2;
*05b00f60SXin Li
*05b00f60SXin Li				/* GTS */
*05b00f60SXin Li				if (caplen < 1) {
*05b00f60SXin Li					ND_PRINT("[ERROR: Truncated before GTS info]");
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li
*05b00f60SXin Li				len = ieee802_15_4_print_gts_info(ndo, p, caplen);
*05b00f60SXin Li				if (len < 0) {
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li
*05b00f60SXin Li				p += len;
*05b00f60SXin Li				caplen -= len;
*05b00f60SXin Li
*05b00f60SXin Li				/* Pending Addresses */
*05b00f60SXin Li				if (caplen < 1) {
*05b00f60SXin Li					ND_PRINT("[ERROR: Truncated before pending addresses]");
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li				len = ieee802_15_4_print_pending_addresses(ndo, p, caplen);
*05b00f60SXin Li				if (len < 0) {
*05b00f60SXin Li					break;
*05b00f60SXin Li				}
*05b00f60SXin Li				ND_TCHECK_LEN(p, len);
*05b00f60SXin Li				p += len;
*05b00f60SXin Li				caplen -= len;
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		if (!ndo->ndo_suppress_default_print)
*05b00f60SXin Li			ND_DEFAULTPRINT(p, caplen);
*05b00f60SXin Li
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x01: /* Data */
*05b00f60SXin Li	case 0x02: /* Acknowledgement */
*05b00f60SXin Li		if (!ndo->ndo_suppress_default_print)
*05b00f60SXin Li			ND_DEFAULTPRINT(p, caplen);
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x03: /* MAC Command */
*05b00f60SXin Li		if (caplen < 1) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before Command ID]");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			uint8_t command_id;
*05b00f60SXin Li
*05b00f60SXin Li			command_id = GET_U_1(p);
*05b00f60SXin Li			if (command_id >= 0x30) {
*05b00f60SXin Li				ND_PRINT("Command ID = Reserved 0x%02x ",
*05b00f60SXin Li					 command_id);
*05b00f60SXin Li			} else {
*05b00f60SXin Li				ND_PRINT("Command ID = %s ",
*05b00f60SXin Li					 mac_c_names[command_id]);
*05b00f60SXin Li			}
*05b00f60SXin Li			p++;
*05b00f60SXin Li			caplen--;
*05b00f60SXin Li			if (caplen != 0) {
*05b00f60SXin Li				len = ieee802_15_4_print_command_data(ndo, command_id, p, caplen);
*05b00f60SXin Li				if (len >= 0) {
*05b00f60SXin Li					p += len;
*05b00f60SXin Li					caplen -= len;
*05b00f60SXin Li				}
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li		if (!ndo->ndo_suppress_default_print)
*05b00f60SXin Li			ND_DEFAULTPRINT(p, caplen);
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li	return 1;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Print and parse Multipurpose frames.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns FALSE in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic u_int
*05b00f60SXin Liieee802_15_4_mp_frame(netdissect_options *ndo,
*05b00f60SXin Li		      const u_char *p, u_int caplen,
*05b00f60SXin Li		      uint16_t fc)
*05b00f60SXin Li{
*05b00f60SXin Li	int len, frame_version, pan_id_present;
*05b00f60SXin Li	int src_addr_len, dst_addr_len;
*05b00f60SXin Li	int security_level;
*05b00f60SXin Li	u_int miclen = 0;
*05b00f60SXin Li	int ie_present, payload_ie_present, security_enabled;
*05b00f60SXin Li	uint8_t seq;
*05b00f60SXin Li	uint32_t fcs, crc_check;
*05b00f60SXin Li	const u_char *mic_start = NULL;
*05b00f60SXin Li
*05b00f60SXin Li	pan_id_present = 0;
*05b00f60SXin Li	ie_present = 0;
*05b00f60SXin Li	payload_ie_present = 0;
*05b00f60SXin Li	security_enabled = 0;
*05b00f60SXin Li	crc_check = 0;
*05b00f60SXin Li
*05b00f60SXin Li	/* Assume 2 octet FCS, the FCS length depends on the PHY, and we do not
*05b00f60SXin Li	   know about that. */
*05b00f60SXin Li	if (caplen < 3) {
*05b00f60SXin Li		/* Cannot have FCS, assume no FCS. */
*05b00f60SXin Li		fcs = 0;
*05b00f60SXin Li	} else {
*05b00f60SXin Li		if (caplen > 4) {
*05b00f60SXin Li			/* Test for 4 octet FCS. */
*05b00f60SXin Li			fcs = GET_LE_U_4(p + caplen - 4);
*05b00f60SXin Li			crc_check = ieee802_15_4_crc32(ndo, p, caplen - 4);
*05b00f60SXin Li			if (crc_check == fcs) {
*05b00f60SXin Li				/* Remove FCS */
*05b00f60SXin Li				caplen -= 4;
*05b00f60SXin Li			} else {
*05b00f60SXin Li				fcs = GET_LE_U_2(p + caplen - 2);
*05b00f60SXin Li				crc_check = ieee802_15_4_crc16(ndo, p, caplen - 2);
*05b00f60SXin Li				if (crc_check == fcs) {
*05b00f60SXin Li					/* Remove FCS */
*05b00f60SXin Li					caplen -= 2;
*05b00f60SXin Li				}
*05b00f60SXin Li			}
*05b00f60SXin Li		} else {
*05b00f60SXin Li			fcs = GET_LE_U_2(p + caplen - 2);
*05b00f60SXin Li			crc_check = ieee802_15_4_crc16(ndo, p, caplen - 2);
*05b00f60SXin Li			if (crc_check == fcs) {
*05b00f60SXin Li				/* Remove FCS */
*05b00f60SXin Li				caplen -= 2;
*05b00f60SXin Li			}
*05b00f60SXin Li		}
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	if (CHECK_BIT(fc, 3)) {
*05b00f60SXin Li		/* Long Frame Control */
*05b00f60SXin Li
*05b00f60SXin Li		/* Frame version. */
*05b00f60SXin Li		frame_version = FC_FRAME_VERSION(fc);
*05b00f60SXin Li		ND_PRINT("v%d ", frame_version);
*05b00f60SXin Li
*05b00f60SXin Li		pan_id_present = CHECK_BIT(fc, 8);
*05b00f60SXin Li		ie_present = CHECK_BIT(fc, 15);
*05b00f60SXin Li		security_enabled = CHECK_BIT(fc, 9);
*05b00f60SXin Li
*05b00f60SXin Li		if (ndo->ndo_vflag > 2) {
*05b00f60SXin Li			if (security_enabled) { ND_PRINT("Security Enabled, "); }
*05b00f60SXin Li			if (CHECK_BIT(fc, 11)) { ND_PRINT("Frame Pending, "); }
*05b00f60SXin Li			if (CHECK_BIT(fc, 14)) { ND_PRINT("AR, "); }
*05b00f60SXin Li			if (pan_id_present) { ND_PRINT("PAN ID Present, "); }
*05b00f60SXin Li			if (CHECK_BIT(fc, 10)) {
*05b00f60SXin Li				ND_PRINT("Sequence Number Suppression, ");
*05b00f60SXin Li			}
*05b00f60SXin Li			if (ie_present) { ND_PRINT("IE present, "); }
*05b00f60SXin Li		}
*05b00f60SXin Li
*05b00f60SXin Li		/* Check for the sequence number suppression. */
*05b00f60SXin Li		if (CHECK_BIT(fc, 10)) {
*05b00f60SXin Li			/* Sequence number is suppressed, but long version. */
*05b00f60SXin Li			if (caplen < 2) {
*05b00f60SXin Li				nd_print_trunc(ndo);
*05b00f60SXin Li				return 0;
*05b00f60SXin Li			}
*05b00f60SXin Li			p += 2;
*05b00f60SXin Li			caplen -= 2;
*05b00f60SXin Li		} else {
*05b00f60SXin Li			seq = GET_U_1(p + 2);
*05b00f60SXin Li			if (ndo->ndo_vflag)
*05b00f60SXin Li				ND_PRINT("seq %02x ", seq);
*05b00f60SXin Li			if (caplen < 3) {
*05b00f60SXin Li				nd_print_trunc(ndo);
*05b00f60SXin Li				return 0;
*05b00f60SXin Li			}
*05b00f60SXin Li			p += 3;
*05b00f60SXin Li			caplen -= 3;
*05b00f60SXin Li		}
*05b00f60SXin Li	} else {
*05b00f60SXin Li		/* Short format of header, but with seq no */
*05b00f60SXin Li		seq = GET_U_1(p + 1);
*05b00f60SXin Li		p += 2;
*05b00f60SXin Li		caplen -= 2;
*05b00f60SXin Li		if (ndo->ndo_vflag)
*05b00f60SXin Li			ND_PRINT("seq %02x ", seq);
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* See which parts of addresses we have. */
*05b00f60SXin Li	dst_addr_len = ieee802_15_4_addr_len((fc >> 4) & 0x3);
*05b00f60SXin Li	src_addr_len = ieee802_15_4_addr_len((fc >> 6) & 0x3);
*05b00f60SXin Li	if (src_addr_len < 0) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Invalid src address mode]");
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	}
*05b00f60SXin Li	if (dst_addr_len < 0) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Invalid dst address mode]");
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Print dst PAN and address. */
*05b00f60SXin Li	if (pan_id_present) {
*05b00f60SXin Li		if (caplen < 2) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before dst_pan]");
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT("%04x:", GET_LE_U_2(p));
*05b00f60SXin Li		p += 2;
*05b00f60SXin Li		caplen -= 2;
*05b00f60SXin Li	} else {
*05b00f60SXin Li		ND_PRINT("-:");
*05b00f60SXin Li	}
*05b00f60SXin Li	if (caplen < (u_int) dst_addr_len) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Truncated before dst_addr]");
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	}
*05b00f60SXin Li	ieee802_15_4_print_addr(ndo, p, dst_addr_len);
*05b00f60SXin Li	p += dst_addr_len;
*05b00f60SXin Li	caplen -= dst_addr_len;
*05b00f60SXin Li
*05b00f60SXin Li	ND_PRINT(" < ");
*05b00f60SXin Li
*05b00f60SXin Li	/* Print src PAN and address. */
*05b00f60SXin Li	ND_PRINT(" -:");
*05b00f60SXin Li	if (caplen < (u_int) src_addr_len) {
*05b00f60SXin Li		ND_PRINT("[ERROR: Truncated before dst_addr]");
*05b00f60SXin Li		return 0;
*05b00f60SXin Li	}
*05b00f60SXin Li	ieee802_15_4_print_addr(ndo, p, src_addr_len);
*05b00f60SXin Li	ND_PRINT(" ");
*05b00f60SXin Li	p += src_addr_len;
*05b00f60SXin Li	caplen -= src_addr_len;
*05b00f60SXin Li
*05b00f60SXin Li	if (security_enabled) {
*05b00f60SXin Li		len = ieee802_15_4_print_aux_sec_header(ndo, p, caplen,
*05b00f60SXin Li							&security_level);
*05b00f60SXin Li		if (len < 0) {
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_TCHECK_LEN(p, len);
*05b00f60SXin Li		p += len;
*05b00f60SXin Li		caplen -= len;
*05b00f60SXin Li	} else {
*05b00f60SXin Li		security_level = 0;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	switch (security_level) {
*05b00f60SXin Li	case 0: /*FALLTHOUGH */
*05b00f60SXin Li	case 4:
*05b00f60SXin Li		miclen = 0;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 1: /*FALLTHOUGH */
*05b00f60SXin Li	case 5:
*05b00f60SXin Li		miclen = 4;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 2: /*FALLTHOUGH */
*05b00f60SXin Li	case 6:
*05b00f60SXin Li		miclen = 8;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 3: /*FALLTHOUGH */
*05b00f60SXin Li	case 7:
*05b00f60SXin Li		miclen = 16;
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Remove MIC */
*05b00f60SXin Li	if (miclen != 0) {
*05b00f60SXin Li		if (caplen < miclen) {
*05b00f60SXin Li			ND_PRINT("[ERROR: Truncated before MIC]");
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		caplen -= miclen;
*05b00f60SXin Li		mic_start = p + caplen;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Parse Information elements if present */
*05b00f60SXin Li	if (ie_present) {
*05b00f60SXin Li		/* Yes we have those. */
*05b00f60SXin Li		len = ieee802_15_4_print_header_ie_list(ndo, p, caplen,
*05b00f60SXin Li							&payload_ie_present);
*05b00f60SXin Li		if (len < 0) {
*05b00f60SXin Li			return 0;
*05b00f60SXin Li		}
*05b00f60SXin Li		p += len;
*05b00f60SXin Li		caplen -= len;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	if (payload_ie_present) {
*05b00f60SXin Li		if (security_level >= 4) {
*05b00f60SXin Li			ND_PRINT("Payload IEs present, but encrypted, cannot print ");
*05b00f60SXin Li		} else {
*05b00f60SXin Li			len = ieee802_15_4_print_payload_ie_list(ndo, p,
*05b00f60SXin Li								 caplen);
*05b00f60SXin Li			if (len < 0) {
*05b00f60SXin Li				return 0;
*05b00f60SXin Li			}
*05b00f60SXin Li			p += len;
*05b00f60SXin Li			caplen -= len;
*05b00f60SXin Li		}
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	/* Print MIC */
*05b00f60SXin Li	if (ndo->ndo_vflag > 2 && miclen != 0) {
*05b00f60SXin Li		ND_PRINT("\n\tMIC ");
*05b00f60SXin Li
*05b00f60SXin Li		for (u_int micoffset = 0; micoffset < miclen; micoffset++) {
*05b00f60SXin Li			ND_PRINT("%02x", GET_U_1(mic_start + micoffset));
*05b00f60SXin Li		}
*05b00f60SXin Li		ND_PRINT(" ");
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li
*05b00f60SXin Li	/* Print FCS */
*05b00f60SXin Li	if (ndo->ndo_vflag > 2) {
*05b00f60SXin Li		if (crc_check == fcs) {
*05b00f60SXin Li			ND_PRINT("FCS %x ", fcs);
*05b00f60SXin Li		} else {
*05b00f60SXin Li			ND_PRINT("wrong FCS %x vs %x (assume no FCS stored) ",
*05b00f60SXin Li				 fcs, crc_check);
*05b00f60SXin Li		}
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	if (!ndo->ndo_suppress_default_print)
*05b00f60SXin Li		ND_DEFAULTPRINT(p, caplen);
*05b00f60SXin Li
*05b00f60SXin Li	return 1;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Print frag frame.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns FALSE in case of error.
*05b00f60SXin Li */
*05b00f60SXin Listatic u_int
*05b00f60SXin Liieee802_15_4_frag_frame(netdissect_options *ndo _U_,
*05b00f60SXin Li			const u_char *p _U_,
*05b00f60SXin Li			u_int caplen _U_,
*05b00f60SXin Li			uint16_t fc _U_)
*05b00f60SXin Li{
*05b00f60SXin Li	/* Not implement yet, might be bit hard to implement, as the
*05b00f60SXin Li	 * information to set up the fragment is coming in the previous frame
*05b00f60SXin Li	 * in the Fragment Sequence Context Description IE, thus we need to
*05b00f60SXin Li	 * store information from there, so we can use it here. */
*05b00f60SXin Li	return 0;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Internal call to dissector taking packet + len instead of pcap_pkthdr.
*05b00f60SXin Li *
*05b00f60SXin Li * Returns FALSE in case of error.
*05b00f60SXin Li */
*05b00f60SXin Liu_int
*05b00f60SXin Liieee802_15_4_print(netdissect_options *ndo,
*05b00f60SXin Li		   const u_char *p, u_int caplen)
*05b00f60SXin Li{
*05b00f60SXin Li	int frame_type;
*05b00f60SXin Li	uint16_t fc;
*05b00f60SXin Li
*05b00f60SXin Li	ndo->ndo_protocol = "802.15.4";
*05b00f60SXin Li
*05b00f60SXin Li	if (caplen < 2) {
*05b00f60SXin Li		nd_print_trunc(ndo);
*05b00f60SXin Li		return caplen;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	fc = GET_LE_U_2(p);
*05b00f60SXin Li
*05b00f60SXin Li	/* First we need to check the frame type to know how to parse the rest
*05b00f60SXin Li	   of the FC. Frame type is the first 3 bit of the frame control field.
*05b00f60SXin Li	*/
*05b00f60SXin Li
*05b00f60SXin Li	frame_type = FC_FRAME_TYPE(fc);
*05b00f60SXin Li	ND_PRINT("IEEE 802.15.4 %s packet ", ftypes[frame_type]);
*05b00f60SXin Li
*05b00f60SXin Li	switch (frame_type) {
*05b00f60SXin Li	case 0x00: /* Beacon */
*05b00f60SXin Li	case 0x01: /* Data */
*05b00f60SXin Li	case 0x02: /* Acknowledgement */
*05b00f60SXin Li	case 0x03: /* MAC Command */
*05b00f60SXin Li		return ieee802_15_4_std_frames(ndo, p, caplen, fc);
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x04: /* Reserved */
*05b00f60SXin Li		return 0;
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x05: /* Multipurpose */
*05b00f60SXin Li		return ieee802_15_4_mp_frame(ndo, p, caplen, fc);
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x06: /* Fragment or Frak */
*05b00f60SXin Li		return ieee802_15_4_frag_frame(ndo, p, caplen, fc);
*05b00f60SXin Li		break;
*05b00f60SXin Li	case 0x07: /* Extended */
*05b00f60SXin Li		return 0;
*05b00f60SXin Li		break;
*05b00f60SXin Li	}
*05b00f60SXin Li	return 0;
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/*
*05b00f60SXin Li * Main function to print packets.
*05b00f60SXin Li */
*05b00f60SXin Li
*05b00f60SXin Livoid
*05b00f60SXin Liieee802_15_4_if_print(netdissect_options *ndo,
*05b00f60SXin Li                      const struct pcap_pkthdr *h, const u_char *p)
*05b00f60SXin Li{
*05b00f60SXin Li	u_int caplen = h->caplen;
*05b00f60SXin Li	ndo->ndo_protocol = "802.15.4";
*05b00f60SXin Li	ndo->ndo_ll_hdr_len += ieee802_15_4_print(ndo, p, caplen);
*05b00f60SXin Li}
*05b00f60SXin Li
*05b00f60SXin Li/* For DLT_IEEE802_15_4_TAP */
*05b00f60SXin Li/* https://github.com/jkcko/ieee802.15.4-tap */
*05b00f60SXin Livoid
*05b00f60SXin Liieee802_15_4_tap_if_print(netdissect_options *ndo,
*05b00f60SXin Li                          const struct pcap_pkthdr *h, const u_char *p)
*05b00f60SXin Li{
*05b00f60SXin Li	uint8_t version;
*05b00f60SXin Li	uint16_t length;
*05b00f60SXin Li
*05b00f60SXin Li	ndo->ndo_protocol = "802.15.4_tap";
*05b00f60SXin Li	if (h->caplen < 4) {
*05b00f60SXin Li		nd_print_trunc(ndo);
*05b00f60SXin Li		ndo->ndo_ll_hdr_len += h->caplen;
*05b00f60SXin Li		return;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	version = GET_U_1(p);
*05b00f60SXin Li	length = GET_LE_U_2(p + 2);
*05b00f60SXin Li	if (version != 0 || length < 4) {
*05b00f60SXin Li		nd_print_invalid(ndo);
*05b00f60SXin Li		return;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	if (h->caplen < length) {
*05b00f60SXin Li		nd_print_trunc(ndo);
*05b00f60SXin Li		ndo->ndo_ll_hdr_len += h->caplen;
*05b00f60SXin Li		return;
*05b00f60SXin Li	}
*05b00f60SXin Li
*05b00f60SXin Li	ndo->ndo_ll_hdr_len += ieee802_15_4_print(ndo, p+length, h->caplen-length) + length;
*05b00f60SXin Li}