4 * Gregory Detal <gregory.detal@uclouvain.be>
5 * Christoph Paasch <christoph.paasch@uclouvain.be>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor of the Laboratory may be used
19 * to endorse or promote products derived from this software without
20 * specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 /* \summary: Multipath TCP (MPTCP) printer */
37 /* specification: RFC 6824 */
43 #include "netdissect-stdinc.h"
45 #include "netdissect.h"
47 #include "addrtoname.h"
51 #define MPTCP_SUB_CAPABLE 0x0
52 #define MPTCP_SUB_JOIN 0x1
53 #define MPTCP_SUB_DSS 0x2
54 #define MPTCP_SUB_ADD_ADDR 0x3
55 #define MPTCP_SUB_REMOVE_ADDR 0x4
56 #define MPTCP_SUB_PRIO 0x5
57 #define MPTCP_SUB_FAIL 0x6
58 #define MPTCP_SUB_FCLOSE 0x7
59 #define MPTCP_SUB_TCPRST 0x8
64 nd_uint8_t sub_etc
; /* subtype upper 4 bits, other stuff lower 4 bits */
67 #define MPTCP_OPT_SUBTYPE(sub_etc) (((sub_etc) >> 4) & 0xF)
74 nd_uint64_t sender_key
;
75 nd_uint64_t receiver_key
;
79 #define MP_CAPABLE_OPT_VERSION(sub_ver) (((sub_ver) >> 0) & 0xF)
80 #define MP_CAPABLE_C 0x80
81 #define MP_CAPABLE_S 0x01
103 #define MP_JOIN_B 0x01
112 #define MP_DSS_F 0x10
113 #define MP_DSS_m 0x08
114 #define MP_DSS_M 0x04
115 #define MP_DSS_a 0x02
116 #define MP_DSS_A 0x01
118 static const struct tok mptcp_addr_subecho_bits
[] = {
153 struct mp_remove_addr
{
157 /* list of addr_id */
158 nd_uint8_t addrs_id
[1];
166 nd_uint64_t data_seq
;
184 #define MP_PRIO_B 0x01
186 static const struct tok mp_tcprst_flags
[] = {
194 static const struct tok mp_tcprst_reasons
[] = {
195 { 0x06, "Middlebox interference" },
196 { 0x05, "Unacceptable performance" },
197 { 0x04, "Too much outstanding data" },
198 { 0x03, "Administratively prohibited" },
199 { 0x02, "Lack of resources" },
200 { 0x01, "MPTCP-specific error" },
201 { 0x00, "Unspecified error" },
213 dummy_print(netdissect_options
*ndo _U_
,
214 const u_char
*opt _U_
, u_int opt_len _U_
, u_char flags _U_
)
220 mp_capable_print(netdissect_options
*ndo
,
221 const u_char
*opt
, u_int opt_len
, u_char flags
)
223 const struct mp_capable
*mpc
= (const struct mp_capable
*) opt
;
224 uint8_t version
, csum_enabled
;
226 if (!((opt_len
== 12 || opt_len
== 4) && flags
& TH_SYN
) &&
227 !((opt_len
== 20 || opt_len
== 22 || opt_len
== 24) && (flags
& (TH_SYN
| TH_ACK
)) ==
231 version
= MP_CAPABLE_OPT_VERSION(GET_U_1(mpc
->sub_ver
));
233 case 0: /* fall through */
235 ND_PRINT(" v%u", version
);
238 ND_PRINT(" Unknown Version (%u)", version
);
242 csum_enabled
= GET_U_1(mpc
->flags
) & MP_CAPABLE_C
;
245 if (opt_len
== 12 || opt_len
>= 20) {
246 ND_PRINT(" {0x%" PRIx64
, GET_BE_U_8(mpc
->sender_key
));
248 ND_PRINT(",0x%" PRIx64
, GET_BE_U_8(mpc
->receiver_key
));
250 /* RFC 8684 Section 3.1 */
251 if ((opt_len
== 22 && !csum_enabled
) || opt_len
== 24)
252 ND_PRINT(",data_len=%u", GET_BE_U_2(mpc
->data_len
));
259 mp_join_print(netdissect_options
*ndo
,
260 const u_char
*opt
, u_int opt_len
, u_char flags
)
262 const struct mp_join
*mpj
= (const struct mp_join
*) opt
;
264 if (!(opt_len
== 12 && (flags
& TH_SYN
)) &&
265 !(opt_len
== 16 && (flags
& (TH_SYN
| TH_ACK
)) == (TH_SYN
| TH_ACK
)) &&
266 !(opt_len
== 24 && (flags
& TH_ACK
)))
270 if (GET_U_1(mpj
->sub_b
) & MP_JOIN_B
)
272 ND_PRINT(" id %u", GET_U_1(mpj
->addr_id
));
277 ND_PRINT(" token 0x%x" " nonce 0x%x",
278 GET_BE_U_4(mpj
->u
.syn
.token
),
279 GET_BE_U_4(mpj
->u
.syn
.nonce
));
281 case 16: /* SYN/ACK */
282 ND_PRINT(" hmac 0x%" PRIx64
" nonce 0x%x",
283 GET_BE_U_8(mpj
->u
.synack
.mac
),
284 GET_BE_U_4(mpj
->u
.synack
.nonce
));
288 ND_PRINT(" hmac 0x");
289 for (i
= 0; i
< sizeof(mpj
->u
.ack
.mac
); ++i
)
290 ND_PRINT("%02x", mpj
->u
.ack
.mac
[i
]);
299 mp_dss_print(netdissect_options
*ndo
,
300 const u_char
*opt
, u_int opt_len
, u_char flags
)
302 const struct mp_dss
*mdss
= (const struct mp_dss
*) opt
;
305 /* We need the flags, at a minimum. */
312 mdss_flags
= GET_U_1(mdss
->flags
);
313 if (mdss_flags
& MP_DSS_F
)
318 if (mdss_flags
& MP_DSS_A
) {
322 * If the a flag is set, we have an 8-byte ack; if it's
323 * clear, we have a 4-byte ack.
325 if (mdss_flags
& MP_DSS_a
) {
328 ND_PRINT("%" PRIu64
, GET_BE_U_8(opt
));
334 ND_PRINT("%u", GET_BE_U_4(opt
));
340 if (mdss_flags
& MP_DSS_M
) {
342 * Data Sequence Number (DSN), Subflow Sequence Number (SSN),
343 * Data-Level Length present, and Checksum possibly present.
347 * If the m flag is set, we have an 8-byte NDS; if it's clear,
348 * we have a 4-byte DSN.
350 if (mdss_flags
& MP_DSS_m
) {
353 ND_PRINT("%" PRIu64
, GET_BE_U_8(opt
));
359 ND_PRINT("%u", GET_BE_U_4(opt
));
365 ND_PRINT(" subseq %u", GET_BE_U_4(opt
));
370 ND_PRINT(" len %u", GET_BE_U_2(opt
));
375 * The Checksum is present only if negotiated.
376 * If there are at least 2 bytes left, process the next 2
377 * bytes as the Checksum.
380 ND_PRINT(" csum 0x%x", GET_BE_U_2(opt
));
390 add_addr_print(netdissect_options
*ndo
,
391 const u_char
*opt
, u_int opt_len
, u_char flags _U_
)
393 const struct mp_add_addr
*add_addr
= (const struct mp_add_addr
*) opt
;
395 if (!(opt_len
== 8 || opt_len
== 10 || opt_len
== 16 || opt_len
== 18 ||
396 opt_len
== 20 || opt_len
== 22 || opt_len
== 28 || opt_len
== 30))
400 tok2str(mptcp_addr_subecho_bits
, "[bad version/echo]",
401 GET_U_1(add_addr
->sub_echo
) & 0xF));
402 ND_PRINT(" id %u", GET_U_1(add_addr
->addr_id
));
403 if (opt_len
== 8 || opt_len
== 10 || opt_len
== 16 || opt_len
== 18) {
404 ND_PRINT(" %s", GET_IPADDR_STRING(add_addr
->u
.v4
.addr
));
405 if (opt_len
== 10 || opt_len
== 18)
406 ND_PRINT(":%u", GET_BE_U_2(add_addr
->u
.v4
.port
));
408 ND_PRINT(" hmac 0x%" PRIx64
, GET_BE_U_8(add_addr
->u
.v4np
.mac
));
410 ND_PRINT(" hmac 0x%" PRIx64
, GET_BE_U_8(add_addr
->u
.v4
.mac
));
413 if (opt_len
== 20 || opt_len
== 22 || opt_len
== 28 || opt_len
== 30) {
414 ND_PRINT(" %s", GET_IP6ADDR_STRING(add_addr
->u
.v6
.addr
));
415 if (opt_len
== 22 || opt_len
== 30)
416 ND_PRINT(":%u", GET_BE_U_2(add_addr
->u
.v6
.port
));
418 ND_PRINT(" hmac 0x%" PRIx64
, GET_BE_U_8(add_addr
->u
.v6np
.mac
));
420 ND_PRINT(" hmac 0x%" PRIx64
, GET_BE_U_8(add_addr
->u
.v6
.mac
));
427 remove_addr_print(netdissect_options
*ndo
,
428 const u_char
*opt
, u_int opt_len
, u_char flags _U_
)
430 const struct mp_remove_addr
*remove_addr
= (const struct mp_remove_addr
*) opt
;
438 for (i
= 0; i
< opt_len
; i
++)
439 ND_PRINT(" %u", GET_U_1(remove_addr
->addrs_id
[i
]));
444 mp_prio_print(netdissect_options
*ndo
,
445 const u_char
*opt
, u_int opt_len
, u_char flags _U_
)
447 const struct mp_prio
*mpp
= (const struct mp_prio
*) opt
;
449 if (opt_len
!= 3 && opt_len
!= 4)
452 if (GET_U_1(mpp
->sub_b
) & MP_PRIO_B
)
455 ND_PRINT(" non-backup");
457 ND_PRINT(" id %u", GET_U_1(mpp
->addr_id
));
463 mp_fail_print(netdissect_options
*ndo
,
464 const u_char
*opt
, u_int opt_len
, u_char flags _U_
)
469 ND_PRINT(" seq %" PRIu64
, GET_BE_U_8(opt
+ 4));
474 mp_fast_close_print(netdissect_options
*ndo
,
475 const u_char
*opt
, u_int opt_len
, u_char flags _U_
)
480 ND_PRINT(" key 0x%" PRIx64
, GET_BE_U_8(opt
+ 4));
485 mp_tcprst_print(netdissect_options
*ndo
,
486 const u_char
*opt
, u_int opt_len
, u_char flags _U_
)
488 const struct mp_tcprst
*mpr
= (const struct mp_tcprst
*)opt
;
493 ND_PRINT(" flags [%s]", bittok2str_nosep(mp_tcprst_flags
, "none",
494 GET_U_1(mpr
->sub_b
)));
496 ND_PRINT(" reason %s", tok2str(mp_tcprst_reasons
, "unknown (0x%02x)",
497 GET_U_1(mpr
->reason
)));
501 static const struct {
503 int (*print
)(netdissect_options
*, const u_char
*, u_int
, u_char
);
504 } mptcp_options
[] = {
505 { "capable", mp_capable_print
},
506 { "join", mp_join_print
},
507 { "dss", mp_dss_print
},
508 { "add-addr", add_addr_print
},
509 { "rem-addr", remove_addr_print
},
510 { "prio", mp_prio_print
},
511 { "fail", mp_fail_print
},
512 { "fast-close", mp_fast_close_print
},
513 { "tcprst", mp_tcprst_print
},
514 { "unknown", dummy_print
},
518 mptcp_print(netdissect_options
*ndo
,
519 const u_char
*cp
, u_int len
, u_char flags
)
521 const struct mptcp_option
*opt
;
524 ndo
->ndo_protocol
= "mptcp";
528 opt
= (const struct mptcp_option
*) cp
;
529 subtype
= MPTCP_OPT_SUBTYPE(GET_U_1(opt
->sub_etc
));
530 subtype
= ND_MIN(subtype
, MPTCP_SUB_TCPRST
+ 1);
532 ND_PRINT(" %u", len
);
534 ND_PRINT(" %s", mptcp_options
[subtype
].name
);
535 return mptcp_options
[subtype
].print(ndo
, cp
, len
, flags
);
projects / tcpdump / blob