]> The Tcpdump Group git mirrors - tcpdump/blob - print-icmp6.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
More bounds checking when fetching addresses and converting to strings.
[tcpdump] / print-icmp6.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: IPv6 Internet Control Message Protocol (ICMPv6) printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "addrtostr.h"
36 #include "extract.h"
37
38 #include "ip6.h"
39 #include "ipproto.h"
40
41 #include "udp.h"
42 #include "ah.h"
43
44 /* NetBSD: icmp6.h,v 1.13 2000/08/03 16:30:37 itojun Exp */
45 /* $KAME: icmp6.h,v 1.22 2000/08/03 15:25:16 jinmei Exp $ */
46
47 /*
48 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
49 * All rights reserved.
50 *
51 * Redistribution and use in source and binary forms, with or without
52 * modification, are permitted provided that the following conditions
53 * are met:
54 * 1. Redistributions of source code must retain the above copyright
55 * notice, this list of conditions and the following disclaimer.
56 * 2. Redistributions in binary form must reproduce the above copyright
57 * notice, this list of conditions and the following disclaimer in the
58 * documentation and/or other materials provided with the distribution.
59 * 3. Neither the name of the project nor the names of its contributors
60 * may be used to endorse or promote products derived from this software
61 * without specific prior written permission.
62 *
63 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
64 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
65 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
66 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
67 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
68 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
69 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
70 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
71 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
72 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
73 * SUCH DAMAGE.
74 */
75
76 struct icmp6_hdr {
77 nd_uint8_t icmp6_type; /* type field */
78 nd_uint8_t icmp6_code; /* code field */
79 nd_uint16_t icmp6_cksum; /* checksum field */
80 union {
81 nd_uint32_t icmp6_un_data32[1]; /* type-specific field */
82 nd_uint16_t icmp6_un_data16[2]; /* type-specific field */
83 nd_uint8_t icmp6_un_data8[4]; /* type-specific field */
84 nd_byte icmp6_un_data[1]; /* type-specific field */
85 } icmp6_dataun;
86 };
87
88 #define icmp6_data32 icmp6_dataun.icmp6_un_data32
89 #define icmp6_data16 icmp6_dataun.icmp6_un_data16
90 #define icmp6_data8 icmp6_dataun.icmp6_un_data8
91 #define icmp6_data icmp6_dataun.icmp6_un_data
92 #define icmp6_pptr icmp6_data32[0] /* parameter prob */
93 #define icmp6_mtu icmp6_data32[0] /* packet too big */
94 #define icmp6_id icmp6_data16[0] /* echo request/reply */
95 #define icmp6_seq icmp6_data16[1] /* echo request/reply */
96 #define icmp6_maxdelay icmp6_data16[0] /* mcast group membership */
97
98 #define ICMP6_DST_UNREACH 1 /* dest unreachable, codes: */
99 #define ICMP6_PACKET_TOO_BIG 2 /* packet too big */
100 #define ICMP6_TIME_EXCEEDED 3 /* time exceeded, code: */
101 #define ICMP6_PARAM_PROB 4 /* ip6 header bad */
102
103 #define ICMP6_ECHO_REQUEST 128 /* echo service */
104 #define ICMP6_ECHO_REPLY 129 /* echo reply */
105 #define ICMP6_MEMBERSHIP_QUERY 130 /* group membership query */
106 #define MLD6_LISTENER_QUERY 130 /* multicast listener query */
107 #define ICMP6_MEMBERSHIP_REPORT 131 /* group membership report */
108 #define MLD6_LISTENER_REPORT 131 /* multicast listener report */
109 #define ICMP6_MEMBERSHIP_REDUCTION 132 /* group membership termination */
110 #define MLD6_LISTENER_DONE 132 /* multicast listener done */
111
112 #define ND_ROUTER_SOLICIT 133 /* router solicitation */
113 #define ND_ROUTER_ADVERT 134 /* router advertisement */
114 #define ND_NEIGHBOR_SOLICIT 135 /* neighbor solicitation */
115 #define ND_NEIGHBOR_ADVERT 136 /* neighbor advertisement */
116 #define ND_REDIRECT 137 /* redirect */
117
118 #define ICMP6_ROUTER_RENUMBERING 138 /* router renumbering */
119
120 #define ICMP6_WRUREQUEST 139 /* who are you request */
121 #define ICMP6_WRUREPLY 140 /* who are you reply */
122 #define ICMP6_FQDN_QUERY 139 /* FQDN query */
123 #define ICMP6_FQDN_REPLY 140 /* FQDN reply */
124 #define ICMP6_NI_QUERY 139 /* node information request - RFC 4620 */
125 #define ICMP6_NI_REPLY 140 /* node information reply - RFC 4620 */
126 #define IND_SOLICIT 141 /* inverse neighbor solicitation */
127 #define IND_ADVERT 142 /* inverse neighbor advertisement */
128
129 #define ICMP6_V2_MEMBERSHIP_REPORT 143 /* v2 membership report */
130 #define MLDV2_LISTENER_REPORT 143 /* v2 multicast listener report */
131 #define ICMP6_HADISCOV_REQUEST 144
132 #define ICMP6_HADISCOV_REPLY 145
133 #define ICMP6_MOBILEPREFIX_SOLICIT 146
134 #define ICMP6_MOBILEPREFIX_ADVERT 147
135
136 #define MLD6_MTRACE_RESP 200 /* mtrace response(to sender) */
137 #define MLD6_MTRACE 201 /* mtrace messages */
138
139 #define ICMP6_MAXTYPE 201
140
141 #define ICMP6_DST_UNREACH_NOROUTE 0 /* no route to destination */
142 #define ICMP6_DST_UNREACH_ADMIN 1 /* administratively prohibited */
143 #define ICMP6_DST_UNREACH_NOTNEIGHBOR 2 /* not a neighbor(obsolete) */
144 #define ICMP6_DST_UNREACH_BEYONDSCOPE 2 /* beyond scope of source address */
145 #define ICMP6_DST_UNREACH_ADDR 3 /* address unreachable */
146 #define ICMP6_DST_UNREACH_NOPORT 4 /* port unreachable */
147
148 #define ICMP6_TIME_EXCEED_TRANSIT 0 /* ttl==0 in transit */
149 #define ICMP6_TIME_EXCEED_REASSEMBLY 1 /* ttl==0 in reass */
150
151 #define ICMP6_PARAMPROB_HEADER 0 /* erroneous header field */
152 #define ICMP6_PARAMPROB_NEXTHEADER 1 /* unrecognized next header */
153 #define ICMP6_PARAMPROB_OPTION 2 /* unrecognized option */
154 #define ICMP6_PARAMPROB_FRAGHDRCHAIN 3 /* incomplete header chain */
155
156 #define ICMP6_INFOMSG_MASK 0x80 /* all informational messages */
157
158 #define ICMP6_NI_SUBJ_IPV6 0 /* Query Subject is an IPv6 address */
159 #define ICMP6_NI_SUBJ_FQDN 1 /* Query Subject is a Domain name */
160 #define ICMP6_NI_SUBJ_IPV4 2 /* Query Subject is an IPv4 address */
161
162 #define ICMP6_NI_SUCCESS 0 /* node information successful reply */
163 #define ICMP6_NI_REFUSED 1 /* node information request is refused */
164 #define ICMP6_NI_UNKNOWN 2 /* unknown Qtype */
165
166 #define ICMP6_ROUTER_RENUMBERING_COMMAND 0 /* rr command */
167 #define ICMP6_ROUTER_RENUMBERING_RESULT 1 /* rr result */
168 #define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255 /* rr seq num reset */
169
170 /* Used in kernel only */
171 #define ND_REDIRECT_ONLINK 0 /* redirect to an on-link node */
172 #define ND_REDIRECT_ROUTER 1 /* redirect to a better router */
173
174 /*
175 * Multicast Listener Discovery
176 */
177 struct mld6_hdr {
178 struct icmp6_hdr mld6_hdr;
179 nd_ipv6 mld6_addr; /* multicast address */
180 };
181
182 #define mld6_type mld6_hdr.icmp6_type
183 #define mld6_code mld6_hdr.icmp6_code
184 #define mld6_cksum mld6_hdr.icmp6_cksum
185 #define mld6_maxdelay mld6_hdr.icmp6_data16[0]
186 #define mld6_reserved mld6_hdr.icmp6_data16[1]
187
188 #define MLD_MINLEN 24
189 #define MLDV2_MINLEN 28
190
191 /*
192 * Neighbor Discovery
193 */
194
195 struct nd_router_solicit { /* router solicitation */
196 struct icmp6_hdr nd_rs_hdr;
197 /* could be followed by options */
198 };
199
200 #define nd_rs_type nd_rs_hdr.icmp6_type
201 #define nd_rs_code nd_rs_hdr.icmp6_code
202 #define nd_rs_cksum nd_rs_hdr.icmp6_cksum
203 #define nd_rs_reserved nd_rs_hdr.icmp6_data32[0]
204
205 struct nd_router_advert { /* router advertisement */
206 struct icmp6_hdr nd_ra_hdr;
207 nd_uint32_t nd_ra_reachable; /* reachable time */
208 nd_uint32_t nd_ra_retransmit; /* retransmit timer */
209 /* could be followed by options */
210 };
211
212 #define nd_ra_type nd_ra_hdr.icmp6_type
213 #define nd_ra_code nd_ra_hdr.icmp6_code
214 #define nd_ra_cksum nd_ra_hdr.icmp6_cksum
215 #define nd_ra_curhoplimit nd_ra_hdr.icmp6_data8[0]
216 #define nd_ra_flags_reserved nd_ra_hdr.icmp6_data8[1]
217 #define ND_RA_FLAG_MANAGED 0x80
218 #define ND_RA_FLAG_OTHER 0x40
219 #define ND_RA_FLAG_HOME_AGENT 0x20
220 #define ND_RA_FLAG_IPV6ONLY 0x02
221
222 /*
223 * Router preference values based on draft-draves-ipngwg-router-selection-01.
224 * These are non-standard definitions.
225 */
226 #define ND_RA_FLAG_RTPREF_MASK 0x18 /* 00011000 */
227
228 #define ND_RA_FLAG_RTPREF_HIGH 0x08 /* 00001000 */
229 #define ND_RA_FLAG_RTPREF_MEDIUM 0x00 /* 00000000 */
230 #define ND_RA_FLAG_RTPREF_LOW 0x18 /* 00011000 */
231 #define ND_RA_FLAG_RTPREF_RSV 0x10 /* 00010000 */
232
233 #define nd_ra_router_lifetime nd_ra_hdr.icmp6_data16[1]
234
235 struct nd_neighbor_solicit { /* neighbor solicitation */
236 struct icmp6_hdr nd_ns_hdr;
237 nd_ipv6 nd_ns_target; /*target address */
238 /* could be followed by options */
239 };
240
241 #define nd_ns_type nd_ns_hdr.icmp6_type
242 #define nd_ns_code nd_ns_hdr.icmp6_code
243 #define nd_ns_cksum nd_ns_hdr.icmp6_cksum
244 #define nd_ns_reserved nd_ns_hdr.icmp6_data32[0]
245
246 struct nd_neighbor_advert { /* neighbor advertisement */
247 struct icmp6_hdr nd_na_hdr;
248 nd_ipv6 nd_na_target; /* target address */
249 /* could be followed by options */
250 };
251
252 #define nd_na_type nd_na_hdr.icmp6_type
253 #define nd_na_code nd_na_hdr.icmp6_code
254 #define nd_na_cksum nd_na_hdr.icmp6_cksum
255 #define nd_na_flags_reserved nd_na_hdr.icmp6_data32[0]
256
257 #define ND_NA_FLAG_ROUTER 0x80000000
258 #define ND_NA_FLAG_SOLICITED 0x40000000
259 #define ND_NA_FLAG_OVERRIDE 0x20000000
260
261 struct nd_redirect { /* redirect */
262 struct icmp6_hdr nd_rd_hdr;
263 nd_ipv6 nd_rd_target; /* target address */
264 nd_ipv6 nd_rd_dst; /* destination address */
265 /* could be followed by options */
266 };
267
268 #define nd_rd_type nd_rd_hdr.icmp6_type
269 #define nd_rd_code nd_rd_hdr.icmp6_code
270 #define nd_rd_cksum nd_rd_hdr.icmp6_cksum
271 #define nd_rd_reserved nd_rd_hdr.icmp6_data32[0]
272
273 struct nd_opt_hdr { /* Neighbor discovery option header */
274 nd_uint8_t nd_opt_type;
275 nd_uint8_t nd_opt_len;
276 /* followed by option specific data*/
277 };
278
279 #define ND_OPT_SOURCE_LINKADDR 1
280 #define ND_OPT_TARGET_LINKADDR 2
281 #define ND_OPT_PREFIX_INFORMATION 3
282 #define ND_OPT_REDIRECTED_HEADER 4
283 #define ND_OPT_MTU 5
284 #define ND_OPT_ADVINTERVAL 7
285 #define ND_OPT_HOMEAGENT_INFO 8
286 #define ND_OPT_ROUTE_INFO 24 /* RFC4191 */
287 #define ND_OPT_RDNSS 25
288 #define ND_OPT_DNSSL 31
289
290 struct nd_opt_prefix_info { /* prefix information */
291 nd_uint8_t nd_opt_pi_type;
292 nd_uint8_t nd_opt_pi_len;
293 nd_uint8_t nd_opt_pi_prefix_len;
294 nd_uint8_t nd_opt_pi_flags_reserved;
295 nd_uint32_t nd_opt_pi_valid_time;
296 nd_uint32_t nd_opt_pi_preferred_time;
297 nd_uint32_t nd_opt_pi_reserved2;
298 nd_ipv6 nd_opt_pi_prefix;
299 };
300
301 #define ND_OPT_PI_FLAG_ONLINK 0x80
302 #define ND_OPT_PI_FLAG_AUTO 0x40
303 #define ND_OPT_PI_FLAG_ROUTER 0x20 /*2292bis*/
304
305 struct nd_opt_rd_hdr { /* redirected header */
306 nd_uint8_t nd_opt_rh_type;
307 nd_uint8_t nd_opt_rh_len;
308 nd_uint16_t nd_opt_rh_reserved1;
309 nd_uint32_t nd_opt_rh_reserved2;
310 /* followed by IP header and data */
311 };
312
313 struct nd_opt_mtu { /* MTU option */
314 nd_uint8_t nd_opt_mtu_type;
315 nd_uint8_t nd_opt_mtu_len;
316 nd_uint16_t nd_opt_mtu_reserved;
317 nd_uint32_t nd_opt_mtu_mtu;
318 };
319
320 struct nd_opt_rdnss { /* RDNSS RFC 6106 5.1 */
321 nd_uint8_t nd_opt_rdnss_type;
322 nd_uint8_t nd_opt_rdnss_len;
323 nd_uint16_t nd_opt_rdnss_reserved;
324 nd_uint32_t nd_opt_rdnss_lifetime;
325 nd_ipv6 nd_opt_rdnss_addr[1]; /* variable-length */
326 };
327
328 struct nd_opt_dnssl { /* DNSSL RFC 6106 5.2 */
329 nd_uint8_t nd_opt_dnssl_type;
330 nd_uint8_t nd_opt_dnssl_len;
331 nd_uint16_t nd_opt_dnssl_reserved;
332 nd_uint32_t nd_opt_dnssl_lifetime;
333 /* followed by list of DNS search domains, variable-length */
334 };
335
336 struct nd_opt_advinterval { /* Advertisement interval option */
337 nd_uint8_t nd_opt_adv_type;
338 nd_uint8_t nd_opt_adv_len;
339 nd_uint16_t nd_opt_adv_reserved;
340 nd_uint32_t nd_opt_adv_interval;
341 };
342
343 struct nd_opt_homeagent_info { /* Home Agent info */
344 nd_uint8_t nd_opt_hai_type;
345 nd_uint8_t nd_opt_hai_len;
346 nd_uint16_t nd_opt_hai_reserved;
347 nd_uint16_t nd_opt_hai_preference;
348 nd_uint16_t nd_opt_hai_lifetime;
349 };
350
351 struct nd_opt_route_info { /* route info */
352 nd_uint8_t nd_opt_rti_type;
353 nd_uint8_t nd_opt_rti_len;
354 nd_uint8_t nd_opt_rti_prefixlen;
355 nd_uint8_t nd_opt_rti_flags;
356 nd_uint32_t nd_opt_rti_lifetime;
357 /* prefix follows */
358 };
359
360 /*
361 * icmp6 namelookup
362 */
363
364 struct icmp6_namelookup {
365 struct icmp6_hdr icmp6_nl_hdr;
366 nd_byte icmp6_nl_nonce[8];
367 nd_int32_t icmp6_nl_ttl;
368 #if 0
369 nd_uint8_t icmp6_nl_len;
370 nd_byte icmp6_nl_name[3];
371 #endif
372 /* could be followed by options */
373 };
374
375 /*
376 * icmp6 node information
377 */
378 struct icmp6_nodeinfo {
379 struct icmp6_hdr icmp6_ni_hdr;
380 nd_byte icmp6_ni_nonce[8];
381 /* could be followed by reply data */
382 };
383
384 #define ni_type icmp6_ni_hdr.icmp6_type
385 #define ni_code icmp6_ni_hdr.icmp6_code
386 #define ni_cksum icmp6_ni_hdr.icmp6_cksum
387 #define ni_qtype icmp6_ni_hdr.icmp6_data16[0]
388 #define ni_flags icmp6_ni_hdr.icmp6_data16[1]
389
390 #define NI_QTYPE_NOOP 0 /* NOOP */
391 #define NI_QTYPE_SUPTYPES 1 /* Supported Qtypes (drafts up to 09) */
392 #define NI_QTYPE_FQDN 2 /* FQDN (draft 04) */
393 #define NI_QTYPE_DNSNAME 2 /* DNS Name */
394 #define NI_QTYPE_NODEADDR 3 /* Node Addresses */
395 #define NI_QTYPE_IPV4ADDR 4 /* IPv4 Addresses */
396
397 /* network endian */
398 #define NI_SUPTYPE_FLAG_COMPRESS ((uint16_t)htons(0x1))
399 #define NI_FQDN_FLAG_VALIDTTL ((uint16_t)htons(0x1))
400
401 /* network endian */
402 #define NI_NODEADDR_FLAG_TRUNCATE ((uint16_t)htons(0x1))
403 #define NI_NODEADDR_FLAG_ALL ((uint16_t)htons(0x2))
404 #define NI_NODEADDR_FLAG_COMPAT ((uint16_t)htons(0x4))
405 #define NI_NODEADDR_FLAG_LINKLOCAL ((uint16_t)htons(0x8))
406 #define NI_NODEADDR_FLAG_SITELOCAL ((uint16_t)htons(0x10))
407 #define NI_NODEADDR_FLAG_GLOBAL ((uint16_t)htons(0x20))
408 #define NI_NODEADDR_FLAG_ANYCAST ((uint16_t)htons(0x40)) /* just experimental. not in spec */
409
410 struct ni_reply_fqdn {
411 nd_uint32_t ni_fqdn_ttl; /* TTL */
412 nd_uint8_t ni_fqdn_namelen; /* length in octets of the FQDN */
413 nd_byte ni_fqdn_name[3]; /* XXX: alignment */
414 };
415
416 /*
417 * Router Renumbering. as router-renum-08.txt
418 */
419 struct icmp6_router_renum { /* router renumbering header */
420 struct icmp6_hdr rr_hdr;
421 nd_uint8_t rr_segnum;
422 nd_uint8_t rr_flags;
423 nd_uint16_t rr_maxdelay;
424 nd_uint32_t rr_reserved;
425 };
426 #define ICMP6_RR_FLAGS_TEST 0x80
427 #define ICMP6_RR_FLAGS_REQRESULT 0x40
428 #define ICMP6_RR_FLAGS_FORCEAPPLY 0x20
429 #define ICMP6_RR_FLAGS_SPECSITE 0x10
430 #define ICMP6_RR_FLAGS_PREVDONE 0x08
431
432 #define rr_type rr_hdr.icmp6_type
433 #define rr_code rr_hdr.icmp6_code
434 #define rr_cksum rr_hdr.icmp6_cksum
435 #define rr_seqnum rr_hdr.icmp6_data32[0]
436
437 struct rr_pco_match { /* match prefix part */
438 nd_uint8_t rpm_code;
439 nd_uint8_t rpm_len;
440 nd_uint8_t rpm_ordinal;
441 nd_uint8_t rpm_matchlen;
442 nd_uint8_t rpm_minlen;
443 nd_uint8_t rpm_maxlen;
444 nd_uint16_t rpm_reserved;
445 nd_ipv6 rpm_prefix;
446 };
447
448 #define RPM_PCO_ADD 1
449 #define RPM_PCO_CHANGE 2
450 #define RPM_PCO_SETGLOBAL 3
451 #define RPM_PCO_MAX 4
452
453 struct rr_pco_use { /* use prefix part */
454 nd_uint8_t rpu_uselen;
455 nd_uint8_t rpu_keeplen;
456 nd_uint8_t rpu_ramask;
457 nd_uint8_t rpu_raflags;
458 nd_uint32_t rpu_vltime;
459 nd_uint32_t rpu_pltime;
460 nd_uint32_t rpu_flags;
461 nd_ipv6 rpu_prefix;
462 };
463 #define ICMP6_RR_PCOUSE_RAFLAGS_ONLINK 0x80
464 #define ICMP6_RR_PCOUSE_RAFLAGS_AUTO 0x40
465
466 /* network endian */
467 #define ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME ((uint32_t)htonl(0x80000000))
468 #define ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME ((uint32_t)htonl(0x40000000))
469
470 struct rr_result { /* router renumbering result message */
471 nd_uint16_t rrr_flags;
472 nd_uint8_t rrr_ordinal;
473 nd_uint8_t rrr_matchedlen;
474 nd_uint32_t rrr_ifid;
475 nd_ipv6 rrr_prefix;
476 };
477 /* network endian */
478 #define ICMP6_RR_RESULT_FLAGS_OOB ((uint16_t)htons(0x0002))
479 #define ICMP6_RR_RESULT_FLAGS_FORBIDDEN ((uint16_t)htons(0x0001))
480
481 static const char *get_rtpref(u_int);
482 static const char *get_lifetime(uint32_t);
483 static void print_lladdr(netdissect_options *ndo, const u_char *, size_t);
484 static int icmp6_opt_print(netdissect_options *ndo, const u_char *, int);
485 static void mld6_print(netdissect_options *ndo, const u_char *);
486 static void mldv2_report_print(netdissect_options *ndo, const u_char *, u_int);
487 static void mldv2_query_print(netdissect_options *ndo, const u_char *, u_int);
488 static const struct udphdr *get_upperlayer(netdissect_options *ndo, const u_char *, u_int *);
489 static void dnsname_print(netdissect_options *ndo, const u_char *, const u_char *);
490 static void icmp6_nodeinfo_print(netdissect_options *ndo, u_int, const u_char *, const u_char *);
491 static void icmp6_rrenum_print(netdissect_options *ndo, const u_char *, const u_char *);
492
493 #ifndef abs
494 #define abs(a) ((0 < (a)) ? (a) : -(a))
495 #endif
496
497 /*
498 * DIO: Updated to RFC6550, as published in 2012: section 6. (page 30)
499 */
500
501 #define ND_RPL_MESSAGE 155 /* 0x9B */
502
503 enum ND_RPL_CODE {
504 ND_RPL_DAG_IS=0x00,
505 ND_RPL_DAG_IO=0x01,
506 ND_RPL_DAO =0x02,
507 ND_RPL_DAO_ACK=0x03,
508 ND_RPL_SEC_DAG_IS = 0x80,
509 ND_RPL_SEC_DAG_IO = 0x81,
510 ND_RPL_SEC_DAG = 0x82,
511 ND_RPL_SEC_DAG_ACK= 0x83,
512 ND_RPL_SEC_CONSIST= 0x8A
513 };
514
515 enum ND_RPL_DIO_FLAGS {
516 ND_RPL_DIO_GROUNDED = 0x80,
517 ND_RPL_DIO_DATRIG = 0x40,
518 ND_RPL_DIO_DASUPPORT= 0x20,
519 ND_RPL_DIO_RES4 = 0x10,
520 ND_RPL_DIO_RES3 = 0x08,
521 ND_RPL_DIO_PRF_MASK = 0x07 /* 3-bit preference */
522 };
523
524 #define DAGID_LEN 16
525
526 /* section 6 of draft-ietf-roll-rpl-19 */
527 struct nd_rpl_security {
528 nd_uint8_t rpl_sec_t_reserved; /* bit 7 is T-bit */
529 nd_uint8_t rpl_sec_algo;
530 nd_uint16_t rpl_sec_kim_lvl_flags; /* bit 15/14, KIM */
531 /* bit 10-8, LVL, bit 7-0 flags */
532 nd_uint32_t rpl_sec_counter;
533 #if 0
534 nd_byte rpl_sec_ki[0]; /* depends upon kim */
535 #endif
536 };
537
538 /* section 6.2.1, DODAG Information Solication (DIS_IS) */
539 struct nd_rpl_dis_is {
540 nd_uint8_t rpl_dis_flags;
541 nd_uint8_t rpl_dis_reserved;
542 #if 0
543 nd_byte rpl_dis_options[0];
544 #endif
545 };
546
547 /* section 6.3.1, DODAG Information Object (DIO) */
548 struct nd_rpl_dio {
549 nd_uint8_t rpl_instanceid;
550 nd_uint8_t rpl_version;
551 nd_uint16_t rpl_dagrank;
552 nd_uint8_t rpl_mopprf; /* bit 7=G, 5-3=MOP, 2-0=PRF */
553 nd_uint8_t rpl_dtsn; /* Dest. Advertisement Trigger Sequence Number */
554 nd_uint8_t rpl_flags; /* no flags defined yet */
555 nd_uint8_t rpl_resv1;
556 nd_byte rpl_dagid[DAGID_LEN];
557 };
558 #define RPL_DIO_GROUND_FLAG 0x80
559 #define RPL_DIO_MOP_SHIFT 3
560 #define RPL_DIO_MOP_MASK (7 << RPL_DIO_MOP_SHIFT)
561 #define RPL_DIO_PRF_SHIFT 0
562 #define RPL_DIO_PRF_MASK (7 << RPL_DIO_PRF_SHIFT)
563 #define RPL_DIO_GROUNDED(X) ((X)&RPL_DIO_GROUND_FLAG)
564 #define RPL_DIO_MOP(X) (enum RPL_DIO_MOP)(((X)&RPL_DIO_MOP_MASK) >> RPL_DIO_MOP_SHIFT)
565 #define RPL_DIO_PRF(X) (((X)&RPL_DIO_PRF_MASK) >> RPL_DIO_PRF_SHIFT)
566
567 enum RPL_DIO_MOP {
568 RPL_DIO_NONSTORING= 0x0,
569 RPL_DIO_STORING = 0x1,
570 RPL_DIO_NONSTORING_MULTICAST = 0x2,
571 RPL_DIO_STORING_MULTICAST = 0x3
572 };
573
574 enum RPL_SUBOPT {
575 RPL_OPT_PAD1 = 0,
576 RPL_OPT_PADN = 1,
577 RPL_DIO_METRICS = 2,
578 RPL_DIO_ROUTINGINFO = 3,
579 RPL_DIO_CONFIG = 4,
580 RPL_DAO_RPLTARGET = 5,
581 RPL_DAO_TRANSITINFO = 6,
582 RPL_DIO_DESTPREFIX = 8,
583 RPL_DAO_RPLTARGET_DESC=9
584 };
585
586 struct rpl_genoption {
587 nd_uint8_t rpl_dio_type;
588 nd_uint8_t rpl_dio_len; /* suboption length, not including type/len */
589 };
590 #define RPL_GENOPTION_LEN 2
591
592 #define RPL_DIO_LIFETIME_INFINITE 0xffffffff
593 #define RPL_DIO_LIFETIME_DISCONNECT 0
594
595 struct rpl_dio_destprefix {
596 nd_uint8_t rpl_dio_type;
597 nd_uint8_t rpl_dio_len;
598 nd_uint8_t rpl_dio_prefixlen; /* in bits */
599 nd_uint8_t rpl_dio_prf; /* flags, including Route Preference */
600 nd_uint32_t rpl_dio_prefixlifetime; /* in seconds */
601 #if 0
602 nd_byte rpl_dio_prefix[0]; /* variable number of bytes */
603 #endif
604 };
605
606 /* section 6.4.1, DODAG Information Object (DIO) */
607 struct nd_rpl_dao {
608 nd_uint8_t rpl_instanceid;
609 nd_uint8_t rpl_flags; /* bit 7=K, 6=D */
610 nd_uint8_t rpl_resv;
611 nd_uint8_t rpl_daoseq;
612 nd_byte rpl_dagid[DAGID_LEN]; /* present when D set. */
613 };
614 #define ND_RPL_DAO_MIN_LEN 4 /* length without DAGID */
615
616 /* indicates if this DAO is to be acK'ed */
617 #define RPL_DAO_K_SHIFT 7
618 #define RPL_DAO_K_MASK (1 << RPL_DAO_K_SHIFT)
619 #define RPL_DAO_K(X) (((X)&RPL_DAO_K_MASK) >> RPL_DAO_K_SHIFT)
620
621 /* indicates if the DAGID is present */
622 #define RPL_DAO_D_SHIFT 6
623 #define RPL_DAO_D_MASK (1 << RPL_DAO_D_SHIFT)
624 #define RPL_DAO_D(X) (((X)&RPL_DAO_D_MASK) >> RPL_DAO_D_SHIFT)
625
626 struct rpl_dao_target {
627 nd_uint8_t rpl_dao_type;
628 nd_uint8_t rpl_dao_len;
629 nd_uint8_t rpl_dao_flags; /* unused */
630 nd_uint8_t rpl_dao_prefixlen; /* in bits */
631 #if 0
632 nd_byte rpl_dao_prefix[0]; /* variable number of bytes */
633 #endif
634 };
635
636 /* section 6.5.1, Destination Advertisement Object Acknowledgement (DAO-ACK) */
637 struct nd_rpl_daoack {
638 nd_uint8_t rpl_instanceid;
639 nd_uint8_t rpl_flags; /* bit 7=D */
640 nd_uint8_t rpl_daoseq;
641 nd_uint8_t rpl_status;
642 nd_byte rpl_dagid[DAGID_LEN]; /* present when D set. */
643 };
644 #define ND_RPL_DAOACK_MIN_LEN 4 /* length without DAGID */
645 /* indicates if the DAGID is present */
646 #define RPL_DAOACK_D_SHIFT 7
647 #define RPL_DAOACK_D_MASK (1 << RPL_DAOACK_D_SHIFT)
648 #define RPL_DAOACK_D(X) (((X)&RPL_DAOACK_D_MASK) >> RPL_DAOACK_D_SHIFT)
649
650 static const struct tok icmp6_type_values[] = {
651 { ICMP6_DST_UNREACH, "destination unreachable"},
652 { ICMP6_PACKET_TOO_BIG, "packet too big"},
653 { ICMP6_TIME_EXCEEDED, "time exceeded in-transit"},
654 { ICMP6_PARAM_PROB, "parameter problem"},
655 { ICMP6_ECHO_REQUEST, "echo request"},
656 { ICMP6_ECHO_REPLY, "echo reply"},
657 { MLD6_LISTENER_QUERY, "multicast listener query"},
658 { MLD6_LISTENER_REPORT, "multicast listener report"},
659 { MLD6_LISTENER_DONE, "multicast listener done"},
660 { ND_ROUTER_SOLICIT, "router solicitation"},
661 { ND_ROUTER_ADVERT, "router advertisement"},
662 { ND_NEIGHBOR_SOLICIT, "neighbor solicitation"},
663 { ND_NEIGHBOR_ADVERT, "neighbor advertisement"},
664 { ND_REDIRECT, "redirect"},
665 { ICMP6_ROUTER_RENUMBERING, "router renumbering"},
666 { IND_SOLICIT, "inverse neighbor solicitation"},
667 { IND_ADVERT, "inverse neighbor advertisement"},
668 { MLDV2_LISTENER_REPORT, "multicast listener report v2"},
669 { ICMP6_HADISCOV_REQUEST, "ha discovery request"},
670 { ICMP6_HADISCOV_REPLY, "ha discovery reply"},
671 { ICMP6_MOBILEPREFIX_SOLICIT, "mobile router solicitation"},
672 { ICMP6_MOBILEPREFIX_ADVERT, "mobile router advertisement"},
673 { ICMP6_WRUREQUEST, "who-are-you request"},
674 { ICMP6_WRUREPLY, "who-are-you reply"},
675 { ICMP6_NI_QUERY, "node information query"},
676 { ICMP6_NI_REPLY, "node information reply"},
677 { MLD6_MTRACE, "mtrace message"},
678 { MLD6_MTRACE_RESP, "mtrace response"},
679 { ND_RPL_MESSAGE, "RPL"},
680 { 0, NULL }
681 };
682
683 static const struct tok icmp6_dst_unreach_code_values[] = {
684 { ICMP6_DST_UNREACH_NOROUTE, "unreachable route" },
685 { ICMP6_DST_UNREACH_ADMIN, " unreachable prohibited"},
686 { ICMP6_DST_UNREACH_BEYONDSCOPE, "beyond scope"},
687 { ICMP6_DST_UNREACH_ADDR, "unreachable address"},
688 { ICMP6_DST_UNREACH_NOPORT, "unreachable port"},
689 { 0, NULL }
690 };
691
692 static const struct tok icmp6_opt_pi_flag_values[] = {
693 { ND_OPT_PI_FLAG_ONLINK, "onlink" },
694 { ND_OPT_PI_FLAG_AUTO, "auto" },
695 { ND_OPT_PI_FLAG_ROUTER, "router" },
696 { 0, NULL }
697 };
698
699 static const struct tok icmp6_opt_ra_flag_values[] = {
700 { ND_RA_FLAG_MANAGED, "managed" },
701 { ND_RA_FLAG_OTHER, "other stateful"},
702 { ND_RA_FLAG_HOME_AGENT, "home agent"},
703 { ND_RA_FLAG_IPV6ONLY, "ipv6 only"},
704 { 0, NULL }
705 };
706
707 static const struct tok icmp6_nd_na_flag_values[] = {
708 { ND_NA_FLAG_ROUTER, "router" },
709 { ND_NA_FLAG_SOLICITED, "solicited" },
710 { ND_NA_FLAG_OVERRIDE, "override" },
711 { 0, NULL }
712 };
713
714
715 static const struct tok icmp6_opt_values[] = {
716 { ND_OPT_SOURCE_LINKADDR, "source link-address"},
717 { ND_OPT_TARGET_LINKADDR, "destination link-address"},
718 { ND_OPT_PREFIX_INFORMATION, "prefix info"},
719 { ND_OPT_REDIRECTED_HEADER, "redirected header"},
720 { ND_OPT_MTU, "mtu"},
721 { ND_OPT_RDNSS, "rdnss"},
722 { ND_OPT_DNSSL, "dnssl"},
723 { ND_OPT_ADVINTERVAL, "advertisement interval"},
724 { ND_OPT_HOMEAGENT_INFO, "homeagent information"},
725 { ND_OPT_ROUTE_INFO, "route info"},
726 { 0, NULL }
727 };
728
729 /* mldv2 report types */
730 static const struct tok mldv2report2str[] = {
731 { 1, "is_in" },
732 { 2, "is_ex" },
733 { 3, "to_in" },
734 { 4, "to_ex" },
735 { 5, "allow" },
736 { 6, "block" },
737 { 0, NULL }
738 };
739
740 static const char *
741 get_rtpref(u_int v)
742 {
743 static const char *rtpref_str[] = {
744 "medium", /* 00 */
745 "high", /* 01 */
746 "rsv", /* 10 */
747 "low" /* 11 */
748 };
749
750 return rtpref_str[((v & ND_RA_FLAG_RTPREF_MASK) >> 3) & 0xff];
751 }
752
753 static const char *
754 get_lifetime(uint32_t v)
755 {
756 static char buf[20];
757
758 if (v == (uint32_t)~0UL)
759 return "infinity";
760 else {
761 snprintf(buf, sizeof(buf), "%us", v);
762 return buf;
763 }
764 }
765
766 static void
767 print_lladdr(netdissect_options *ndo, const uint8_t *p, size_t l)
768 {
769 const uint8_t *ep, *q;
770
771 q = p;
772 ep = p + l;
773 while (l > 0 && q < ep) {
774 if (q > p)
775 ND_PRINT(":");
776 ND_PRINT("%02x", GET_U_1(q));
777 q++;
778 l--;
779 }
780 }
781
782 static uint16_t icmp6_cksum(netdissect_options *ndo, const struct ip6_hdr *ip6,
783 const struct icmp6_hdr *icp, u_int len)
784 {
785 return nextproto6_cksum(ndo, ip6, (const uint8_t *)(const void *)icp, len, len,
786 IPPROTO_ICMPV6);
787 }
788
789 static const struct tok rpl_mop_values[] = {
790 { RPL_DIO_NONSTORING, "nonstoring"},
791 { RPL_DIO_STORING, "storing"},
792 { RPL_DIO_NONSTORING_MULTICAST, "nonstoring-multicast"},
793 { RPL_DIO_STORING_MULTICAST, "storing-multicast"},
794 { 0, NULL},
795 };
796
797 static const struct tok rpl_subopt_values[] = {
798 { RPL_OPT_PAD1, "pad1"},
799 { RPL_OPT_PADN, "padN"},
800 { RPL_DIO_METRICS, "metrics"},
801 { RPL_DIO_ROUTINGINFO, "routinginfo"},
802 { RPL_DIO_CONFIG, "config"},
803 { RPL_DAO_RPLTARGET, "rpltarget"},
804 { RPL_DAO_TRANSITINFO, "transitinfo"},
805 { RPL_DIO_DESTPREFIX, "destprefix"},
806 { RPL_DAO_RPLTARGET_DESC, "rpltargetdesc"},
807 { 0, NULL},
808 };
809
810 static void
811 rpl_printopts(netdissect_options *ndo, const uint8_t *opts, u_int length)
812 {
813 const struct rpl_genoption *opt;
814 uint8_t dio_type;
815 u_int optlen;
816
817 while (length != 0) {
818 opt = (const struct rpl_genoption *)opts;
819 ND_TCHECK_1(opt->rpl_dio_type);
820 dio_type = GET_U_1(opt->rpl_dio_type);
821 if (dio_type == RPL_OPT_PAD1) {
822 optlen = 1;
823 ND_PRINT(" opt:pad1");
824 } else {
825 if (length < RPL_GENOPTION_LEN)
826 goto trunc;
827 optlen = GET_U_1(opt->rpl_dio_len)+RPL_GENOPTION_LEN;
828 ND_PRINT(" opt:%s len:%u ",
829 tok2str(rpl_subopt_values, "subopt:%u", dio_type),
830 optlen);
831 ND_TCHECK_LEN(opt, optlen);
832 if (length < optlen)
833 goto trunc;
834 if (ndo->ndo_vflag > 2) {
835 hex_print(ndo,
836 " ",
837 opts + RPL_GENOPTION_LEN, /* content of DIO option */
838 optlen - RPL_GENOPTION_LEN);
839 }
840 }
841 opts += optlen;
842 length -= optlen;
843 }
844 return;
845 trunc:
846 nd_print_trunc(ndo);
847 return;
848 }
849
850 static void
851 rpl_dio_print(netdissect_options *ndo,
852 const u_char *bp, u_int length)
853 {
854 const struct nd_rpl_dio *dio = (const struct nd_rpl_dio *)bp;
855 const char *dagid_str;
856
857 ND_TCHECK_SIZE(dio);
858 dagid_str = ip6addr_string (ndo, dio->rpl_dagid);
859
860 ND_PRINT(" [dagid:%s,seq:%u,instance:%u,rank:%u,%smop:%s,prf:%u]",
861 dagid_str,
862 GET_U_1(dio->rpl_dtsn),
863 GET_U_1(dio->rpl_instanceid),
864 GET_BE_U_2(dio->rpl_dagrank),
865 RPL_DIO_GROUNDED(GET_U_1(dio->rpl_mopprf)) ? "grounded,":"",
866 tok2str(rpl_mop_values, "mop%u", RPL_DIO_MOP(GET_U_1(dio->rpl_mopprf))),
867 RPL_DIO_PRF(GET_U_1(dio->rpl_mopprf)));
868
869 if(ndo->ndo_vflag > 1) {
870 rpl_printopts(ndo, bp + sizeof(struct nd_rpl_dio),
871 length - sizeof(struct nd_rpl_dio));
872 }
873 return;
874 trunc:
875 nd_print_trunc(ndo);
876 return;
877 }
878
879 static void
880 rpl_dao_print(netdissect_options *ndo,
881 const u_char *bp, u_int length)
882 {
883 const struct nd_rpl_dao *dao = (const struct nd_rpl_dao *)bp;
884 const char *dagid_str = "<elided>";
885 uint8_t rpl_flags;
886
887 ND_TCHECK_SIZE(dao);
888 if (length < ND_RPL_DAO_MIN_LEN)
889 goto tooshort;
890
891 bp += ND_RPL_DAO_MIN_LEN;
892 length -= ND_RPL_DAO_MIN_LEN;
893 rpl_flags = GET_U_1(dao->rpl_flags);
894 if(RPL_DAO_D(rpl_flags)) {
895 ND_TCHECK_LEN(dao->rpl_dagid, DAGID_LEN);
896 if (length < DAGID_LEN)
897 goto tooshort;
898 dagid_str = ip6addr_string (ndo, dao->rpl_dagid);
899 bp += DAGID_LEN;
900 length -= DAGID_LEN;
901 }
902
903 ND_PRINT(" [dagid:%s,seq:%u,instance:%u%s%s,%02x]",
904 dagid_str,
905 GET_U_1(dao->rpl_daoseq),
906 GET_U_1(dao->rpl_instanceid),
907 RPL_DAO_K(rpl_flags) ? ",acK":"",
908 RPL_DAO_D(rpl_flags) ? ",Dagid":"",
909 rpl_flags);
910
911 if(ndo->ndo_vflag > 1) {
912 rpl_printopts(ndo, bp, length);
913 }
914 return;
915
916 trunc:
917 nd_print_trunc(ndo);
918 return;
919
920 tooshort:
921 ND_PRINT(" [|length too short]");
922 return;
923 }
924
925 static void
926 rpl_daoack_print(netdissect_options *ndo,
927 const u_char *bp, u_int length)
928 {
929 const struct nd_rpl_daoack *daoack = (const struct nd_rpl_daoack *)bp;
930 const char *dagid_str = "<elided>";
931
932 ND_TCHECK_LEN(daoack, ND_RPL_DAOACK_MIN_LEN);
933 if (length < ND_RPL_DAOACK_MIN_LEN)
934 goto tooshort;
935
936 bp += ND_RPL_DAOACK_MIN_LEN;
937 length -= ND_RPL_DAOACK_MIN_LEN;
938 if(RPL_DAOACK_D(GET_U_1(daoack->rpl_flags))) {
939 ND_TCHECK_LEN(daoack->rpl_dagid, DAGID_LEN);
940 if (length < DAGID_LEN)
941 goto tooshort;
942 dagid_str = ip6addr_string (ndo, daoack->rpl_dagid);
943 bp += DAGID_LEN;
944 length -= DAGID_LEN;
945 }
946
947 ND_PRINT(" [dagid:%s,seq:%u,instance:%u,status:%u]",
948 dagid_str,
949 GET_U_1(daoack->rpl_daoseq),
950 GET_U_1(daoack->rpl_instanceid),
951 GET_U_1(daoack->rpl_status));
952
953 /* no officially defined options for DAOACK, but print any we find */
954 if(ndo->ndo_vflag > 1) {
955 rpl_printopts(ndo, bp, length);
956 }
957 return;
958
959 trunc:
960 nd_print_trunc(ndo);
961 return;
962
963 tooshort:
964 ND_PRINT(" [|dao-length too short]");
965 return;
966 }
967
968 static void
969 rpl_print(netdissect_options *ndo,
970 uint8_t icmp6_code,
971 const u_char *bp, u_int length)
972 {
973 int secured = icmp6_code & 0x80;
974 int basecode= icmp6_code & 0x7f;
975
976 if(secured) {
977 ND_PRINT(", (SEC) [worktodo]");
978 /* XXX
979 * the next header pointer needs to move forward to
980 * skip the secure part.
981 */
982 return;
983 } else {
984 ND_PRINT(", (CLR)");
985 }
986
987 switch(basecode) {
988 case ND_RPL_DAG_IS:
989 ND_PRINT("DODAG Information Solicitation");
990 if(ndo->ndo_vflag) {
991 }
992 break;
993 case ND_RPL_DAG_IO:
994 ND_PRINT("DODAG Information Object");
995 if(ndo->ndo_vflag) {
996 rpl_dio_print(ndo, bp, length);
997 }
998 break;
999 case ND_RPL_DAO:
1000 ND_PRINT("Destination Advertisement Object");
1001 if(ndo->ndo_vflag) {
1002 rpl_dao_print(ndo, bp, length);
1003 }
1004 break;
1005 case ND_RPL_DAO_ACK:
1006 ND_PRINT("Destination Advertisement Object Ack");
1007 if(ndo->ndo_vflag) {
1008 rpl_daoack_print(ndo, bp, length);
1009 }
1010 break;
1011 default:
1012 ND_PRINT("RPL message, unknown code %u",icmp6_code);
1013 break;
1014 }
1015 return;
1016
1017 #if 0
1018 trunc:
1019 nd_print_trunc(ndo);
1020 return;
1021 #endif
1022
1023 }
1024
1025
1026 void
1027 icmp6_print(netdissect_options *ndo,
1028 const u_char *bp, u_int length, const u_char *bp2, int fragmented)
1029 {
1030 const struct icmp6_hdr *dp;
1031 uint8_t icmp6_type, icmp6_code;
1032 const struct ip6_hdr *ip;
1033 const struct ip6_hdr *oip;
1034 const struct udphdr *ouh;
1035 uint16_t dport;
1036 const u_char *ep;
1037 u_int prot;
1038
1039 ndo->ndo_protocol = "icmp6";
1040 dp = (const struct icmp6_hdr *)bp;
1041 ip = (const struct ip6_hdr *)bp2;
1042 oip = (const struct ip6_hdr *)(dp + 1);
1043 /* 'ep' points to the end of available data. */
1044 ep = ndo->ndo_snapend;
1045 if (length == 0) {
1046 ND_PRINT("ICMP6, length 0");
1047 nd_print_invalid(ndo);
1048 return;
1049 }
1050
1051 if (ndo->ndo_vflag && !fragmented) {
1052 uint16_t sum, udp_sum;
1053
1054 if (ND_TTEST_LEN(bp, length)) {
1055 ND_TCHECK_2(dp->icmp6_cksum);
1056 udp_sum = GET_BE_U_2(dp->icmp6_cksum);
1057 sum = icmp6_cksum(ndo, ip, dp, length);
1058 if (sum != 0)
1059 ND_PRINT("[bad icmp6 cksum 0x%04x -> 0x%04x!] ",
1060 udp_sum,
1061 in_cksum_shouldbe(udp_sum, sum));
1062 else
1063 ND_PRINT("[icmp6 sum ok] ");
1064 }
1065 }
1066
1067 ND_TCHECK_1(dp->icmp6_type);
1068 icmp6_type = GET_U_1(dp->icmp6_type);
1069 ND_PRINT("ICMP6, %s", tok2str(icmp6_type_values,"unknown icmp6 type (%u)",icmp6_type));
1070
1071 /* display cosmetics: print the packet length for printer that use the vflag now */
1072 if (ndo->ndo_vflag && (icmp6_type == ND_ROUTER_SOLICIT ||
1073 icmp6_type == ND_ROUTER_ADVERT ||
1074 icmp6_type == ND_NEIGHBOR_ADVERT ||
1075 icmp6_type == ND_NEIGHBOR_SOLICIT ||
1076 icmp6_type == ND_REDIRECT ||
1077 icmp6_type == ICMP6_HADISCOV_REPLY ||
1078 icmp6_type == ICMP6_MOBILEPREFIX_ADVERT ))
1079 ND_PRINT(", length %u", length);
1080
1081 ND_TCHECK_1(dp->icmp6_code);
1082 icmp6_code = GET_U_1(dp->icmp6_code);
1083
1084 switch (icmp6_type) {
1085 case ICMP6_DST_UNREACH:
1086 ND_TCHECK_16(oip->ip6_dst);
1087 ND_PRINT(", %s", tok2str(icmp6_dst_unreach_code_values,"unknown unreach code (%u)",icmp6_code));
1088 switch (icmp6_code) {
1089
1090 case ICMP6_DST_UNREACH_NOROUTE: /* fall through */
1091 case ICMP6_DST_UNREACH_ADMIN:
1092 case ICMP6_DST_UNREACH_ADDR:
1093 ND_PRINT(" %s",GET_IP6ADDR_STRING(oip->ip6_dst));
1094 break;
1095 case ICMP6_DST_UNREACH_BEYONDSCOPE:
1096 ND_PRINT(" %s, source address %s",
1097 GET_IP6ADDR_STRING(oip->ip6_dst),
1098 GET_IP6ADDR_STRING(oip->ip6_src));
1099 break;
1100 case ICMP6_DST_UNREACH_NOPORT:
1101 if ((ouh = get_upperlayer(ndo, (const u_char *)oip, &prot))
1102 == NULL)
1103 goto trunc;
1104
1105 dport = GET_BE_U_2(ouh->uh_dport);
1106 switch (prot) {
1107 case IPPROTO_TCP:
1108 ND_PRINT(", %s tcp port %s",
1109 GET_IP6ADDR_STRING(oip->ip6_dst),
1110 tcpport_string(ndo, dport));
1111 break;
1112 case IPPROTO_UDP:
1113 ND_PRINT(", %s udp port %s",
1114 GET_IP6ADDR_STRING(oip->ip6_dst),
1115 udpport_string(ndo, dport));
1116 break;
1117 default:
1118 ND_PRINT(", %s protocol %u port %u unreachable",
1119 GET_IP6ADDR_STRING(oip->ip6_dst),
1120 prot, dport);
1121 break;
1122 }
1123 break;
1124 default:
1125 if (ndo->ndo_vflag <= 1) {
1126 print_unknown_data(ndo, bp,"\n\t",length);
1127 return;
1128 }
1129 break;
1130 }
1131 break;
1132 case ICMP6_PACKET_TOO_BIG:
1133 ND_TCHECK_4(dp->icmp6_mtu);
1134 ND_PRINT(", mtu %u", GET_BE_U_4(dp->icmp6_mtu));
1135 break;
1136 case ICMP6_TIME_EXCEEDED:
1137 ND_TCHECK_16(oip->ip6_dst);
1138 switch (icmp6_code) {
1139 case ICMP6_TIME_EXCEED_TRANSIT:
1140 ND_PRINT(" for %s",
1141 GET_IP6ADDR_STRING(oip->ip6_dst));
1142 break;
1143 case ICMP6_TIME_EXCEED_REASSEMBLY:
1144 ND_PRINT(" (reassembly)");
1145 break;
1146 default:
1147 ND_PRINT(", unknown code (%u)", icmp6_code);
1148 break;
1149 }
1150 break;
1151 case ICMP6_PARAM_PROB:
1152 ND_TCHECK_16(oip->ip6_dst);
1153 switch (icmp6_code) {
1154 case ICMP6_PARAMPROB_HEADER:
1155 ND_PRINT(", erroneous - octet %u",
1156 GET_BE_U_4(dp->icmp6_pptr));
1157 break;
1158 case ICMP6_PARAMPROB_NEXTHEADER:
1159 ND_PRINT(", next header - octet %u",
1160 GET_BE_U_4(dp->icmp6_pptr));
1161 break;
1162 case ICMP6_PARAMPROB_OPTION:
1163 ND_PRINT(", option - octet %u",
1164 GET_BE_U_4(dp->icmp6_pptr));
1165 break;
1166 case ICMP6_PARAMPROB_FRAGHDRCHAIN:
1167 ND_PRINT(", incomplete header chain - octet %u",
1168 GET_BE_U_4(dp->icmp6_pptr));
1169 break;
1170 default:
1171 ND_PRINT(", code-#%u",
1172 icmp6_code);
1173 break;
1174 }
1175 break;
1176 case ICMP6_ECHO_REQUEST:
1177 case ICMP6_ECHO_REPLY:
1178 /* The check below covers both icmp6_id and icmp6_seq. */
1179 ND_TCHECK_2(dp->icmp6_seq);
1180 ND_PRINT(", id %u, seq %u", GET_BE_U_2(dp->icmp6_id),
1181 GET_BE_U_2(dp->icmp6_seq));
1182 break;
1183 case ICMP6_MEMBERSHIP_QUERY:
1184 if (length == MLD_MINLEN) {
1185 mld6_print(ndo, (const u_char *)dp);
1186 } else if (length >= MLDV2_MINLEN) {
1187 ND_PRINT(" v2");
1188 mldv2_query_print(ndo, (const u_char *)dp, length);
1189 } else {
1190 ND_PRINT(" unknown-version (len %u) ", length);
1191 }
1192 break;
1193 case ICMP6_MEMBERSHIP_REPORT:
1194 mld6_print(ndo, (const u_char *)dp);
1195 break;
1196 case ICMP6_MEMBERSHIP_REDUCTION:
1197 mld6_print(ndo, (const u_char *)dp);
1198 break;
1199 case ND_ROUTER_SOLICIT:
1200 #define RTSOLLEN 8
1201 if (ndo->ndo_vflag) {
1202 if (icmp6_opt_print(ndo, (const u_char *)dp + RTSOLLEN,
1203 length - RTSOLLEN) == -1)
1204 goto trunc;
1205 }
1206 break;
1207 case ND_ROUTER_ADVERT:
1208 #define RTADVLEN 16
1209 if (ndo->ndo_vflag) {
1210 const struct nd_router_advert *p;
1211
1212 p = (const struct nd_router_advert *)dp;
1213 ND_TCHECK_4(p->nd_ra_retransmit);
1214 ND_PRINT("\n\thop limit %u, Flags [%s]"
1215 ", pref %s, router lifetime %us, reachable time %ums, retrans timer %ums",
1216 GET_U_1(p->nd_ra_curhoplimit),
1217 bittok2str(icmp6_opt_ra_flag_values,"none",GET_U_1(p->nd_ra_flags_reserved)),
1218 get_rtpref(GET_U_1(p->nd_ra_flags_reserved)),
1219 GET_BE_U_2(p->nd_ra_router_lifetime),
1220 GET_BE_U_4(p->nd_ra_reachable),
1221 GET_BE_U_4(p->nd_ra_retransmit));
1222
1223 if (icmp6_opt_print(ndo, (const u_char *)dp + RTADVLEN,
1224 length - RTADVLEN) == -1)
1225 goto trunc;
1226 }
1227 break;
1228 case ND_NEIGHBOR_SOLICIT:
1229 {
1230 const struct nd_neighbor_solicit *p;
1231 p = (const struct nd_neighbor_solicit *)dp;
1232 ND_TCHECK_16(p->nd_ns_target);
1233 ND_PRINT(", who has %s", GET_IP6ADDR_STRING(p->nd_ns_target));
1234 if (ndo->ndo_vflag) {
1235 #define NDSOLLEN 24
1236 if (icmp6_opt_print(ndo, (const u_char *)dp + NDSOLLEN,
1237 length - NDSOLLEN) == -1)
1238 goto trunc;
1239 }
1240 }
1241 break;
1242 case ND_NEIGHBOR_ADVERT:
1243 {
1244 const struct nd_neighbor_advert *p;
1245
1246 p = (const struct nd_neighbor_advert *)dp;
1247 ND_TCHECK_16(p->nd_na_target);
1248 ND_PRINT(", tgt is %s",
1249 GET_IP6ADDR_STRING(p->nd_na_target));
1250 if (ndo->ndo_vflag) {
1251 ND_PRINT(", Flags [%s]",
1252 bittok2str(icmp6_nd_na_flag_values,
1253 "none",
1254 GET_BE_U_4(p->nd_na_flags_reserved)));
1255 #define NDADVLEN 24
1256 if (icmp6_opt_print(ndo, (const u_char *)dp + NDADVLEN,
1257 length - NDADVLEN) == -1)
1258 goto trunc;
1259 #undef NDADVLEN
1260 }
1261 }
1262 break;
1263 case ND_REDIRECT:
1264 {
1265 const struct nd_redirect *p;
1266
1267 p = (const struct nd_redirect *)dp;
1268 ND_TCHECK_16(p->nd_rd_dst);
1269 ND_PRINT(", %s", GET_IP6ADDR_STRING(p->nd_rd_dst));
1270 ND_TCHECK_16(p->nd_rd_target);
1271 ND_PRINT(" to %s", GET_IP6ADDR_STRING(p->nd_rd_target));
1272 #define REDIRECTLEN 40
1273 if (ndo->ndo_vflag) {
1274 if (icmp6_opt_print(ndo, (const u_char *)dp + REDIRECTLEN,
1275 length - REDIRECTLEN) == -1)
1276 goto trunc;
1277 #undef REDIRECTLEN
1278 }
1279 }
1280 break;
1281 case ICMP6_ROUTER_RENUMBERING:
1282 icmp6_rrenum_print(ndo, bp, ep);
1283 break;
1284 case ICMP6_NI_QUERY:
1285 case ICMP6_NI_REPLY:
1286 icmp6_nodeinfo_print(ndo, length, bp, ep);
1287 break;
1288 case IND_SOLICIT:
1289 case IND_ADVERT:
1290 break;
1291 case ICMP6_V2_MEMBERSHIP_REPORT:
1292 mldv2_report_print(ndo, (const u_char *) dp, length);
1293 break;
1294 case ICMP6_MOBILEPREFIX_SOLICIT: /* fall through */
1295 case ICMP6_HADISCOV_REQUEST:
1296 ND_TCHECK_2(dp->icmp6_data16[0]);
1297 ND_PRINT(", id 0x%04x", GET_BE_U_2(dp->icmp6_data16[0]));
1298 break;
1299 case ICMP6_HADISCOV_REPLY:
1300 if (ndo->ndo_vflag) {
1301 const u_char *cp;
1302 const u_char *p;
1303
1304 ND_TCHECK_2(dp->icmp6_data16[0]);
1305 ND_PRINT(", id 0x%04x",
1306 GET_BE_U_2(dp->icmp6_data16[0]));
1307 cp = (const u_char *)dp + length;
1308 p = (const u_char *)(dp + 1);
1309 while (p < cp) {
1310 ND_TCHECK_16(p);
1311 ND_PRINT(", %s", GET_IP6ADDR_STRING(p));
1312 p += 16;
1313 }
1314 }
1315 break;
1316 case ICMP6_MOBILEPREFIX_ADVERT:
1317 if (ndo->ndo_vflag) {
1318 uint16_t flags;
1319
1320 ND_TCHECK_2(dp->icmp6_data16[0]);
1321 ND_PRINT(", id 0x%04x",
1322 GET_BE_U_2(dp->icmp6_data16[0]));
1323 ND_TCHECK_2(dp->icmp6_data16[1]);
1324 flags = GET_BE_U_2(dp->icmp6_data16[1]);
1325 if (flags & 0xc000)
1326 ND_PRINT(" ");
1327 if (flags & 0x8000)
1328 ND_PRINT("M");
1329 if (flags & 0x4000)
1330 ND_PRINT("O");
1331 #define MPADVLEN 8
1332 if (icmp6_opt_print(ndo, (const u_char *)dp + MPADVLEN,
1333 length - MPADVLEN) == -1)
1334 goto trunc;
1335 }
1336 break;
1337 case ND_RPL_MESSAGE:
1338 /* plus 4, because struct icmp6_hdr contains 4 bytes of icmp payload */
1339 rpl_print(ndo, icmp6_code, dp->icmp6_data, length-sizeof(struct icmp6_hdr)+4);
1340 break;
1341 default:
1342 ND_PRINT(", length %u", length);
1343 if (ndo->ndo_vflag <= 1)
1344 print_unknown_data(ndo, bp,"\n\t", length);
1345 return;
1346 }
1347 if (!ndo->ndo_vflag)
1348 ND_PRINT(", length %u", length);
1349 return;
1350 trunc:
1351 nd_print_trunc(ndo);
1352 }
1353
1354 static const struct udphdr *
1355 get_upperlayer(netdissect_options *ndo, const u_char *bp, u_int *prot)
1356 {
1357 const u_char *ep;
1358 const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp;
1359 const struct udphdr *uh;
1360 const struct ip6_hbh *hbh;
1361 const struct ip6_frag *fragh;
1362 const struct ah *ah;
1363 u_int nh;
1364 int hlen;
1365
1366 /* 'ep' points to the end of available data. */
1367 ep = ndo->ndo_snapend;
1368
1369 if (!ND_TTEST_1(ip6->ip6_nxt))
1370 return NULL;
1371
1372 nh = GET_U_1(ip6->ip6_nxt);
1373 hlen = sizeof(struct ip6_hdr);
1374
1375 while (bp < ep) {
1376 bp += hlen;
1377
1378 switch(nh) {
1379 case IPPROTO_UDP:
1380 case IPPROTO_TCP:
1381 uh = (const struct udphdr *)bp;
1382 if (ND_TTEST_2(uh->uh_dport)) {
1383 *prot = nh;
1384 return(uh);
1385 }
1386 else
1387 return(NULL);
1388 /* NOTREACHED */
1389
1390 case IPPROTO_HOPOPTS:
1391 case IPPROTO_DSTOPTS:
1392 case IPPROTO_ROUTING:
1393 hbh = (const struct ip6_hbh *)bp;
1394 if (!ND_TTEST_1(hbh->ip6h_len))
1395 return(NULL);
1396 nh = GET_U_1(hbh->ip6h_nxt);
1397 hlen = (GET_U_1(hbh->ip6h_len) + 1) << 3;
1398 break;
1399
1400 case IPPROTO_FRAGMENT: /* this should be odd, but try anyway */
1401 fragh = (const struct ip6_frag *)bp;
1402 if (!ND_TTEST_2(fragh->ip6f_offlg))
1403 return(NULL);
1404 /* fragments with non-zero offset are meaningless */
1405 if ((GET_BE_U_2(fragh->ip6f_offlg) & IP6F_OFF_MASK) != 0)
1406 return(NULL);
1407 nh = GET_U_1(fragh->ip6f_nxt);
1408 hlen = sizeof(struct ip6_frag);
1409 break;
1410
1411 case IPPROTO_AH:
1412 ah = (const struct ah *)bp;
1413 if (!ND_TTEST_1(ah->ah_len))
1414 return(NULL);
1415 nh = GET_U_1(ah->ah_nxt);
1416 hlen = (GET_U_1(ah->ah_len) + 2) << 2;
1417 break;
1418
1419 default: /* unknown or undecodable header */
1420 *prot = nh; /* meaningless, but set here anyway */
1421 return(NULL);
1422 }
1423 }
1424
1425 return(NULL); /* should be notreached, though */
1426 }
1427
1428 static int
1429 icmp6_opt_print(netdissect_options *ndo, const u_char *bp, int resid)
1430 {
1431 const struct nd_opt_hdr *op;
1432 uint8_t opt_type, opt_len;
1433 const struct nd_opt_prefix_info *opp;
1434 const struct nd_opt_mtu *opm;
1435 const struct nd_opt_rdnss *oprd;
1436 const struct nd_opt_dnssl *opds;
1437 const struct nd_opt_advinterval *opa;
1438 const struct nd_opt_homeagent_info *oph;
1439 const struct nd_opt_route_info *opri;
1440 const u_char *cp, *ep, *domp;
1441 nd_ipv6 in6;
1442 size_t l;
1443 u_int i;
1444
1445 cp = bp;
1446 /* 'ep' points to the end of available data. */
1447 ep = ndo->ndo_snapend;
1448
1449 while (cp < ep) {
1450 op = (const struct nd_opt_hdr *)cp;
1451
1452 ND_TCHECK_1(op->nd_opt_len);
1453 if (resid <= 0)
1454 return 0;
1455 opt_type = GET_U_1(op->nd_opt_type);
1456 opt_len = GET_U_1(op->nd_opt_len);
1457 if (opt_len == 0)
1458 goto trunc;
1459 if (cp + (opt_len << 3) > ep)
1460 goto trunc;
1461
1462 ND_PRINT("\n\t %s option (%u), length %u (%u): ",
1463 tok2str(icmp6_opt_values, "unknown", opt_type),
1464 opt_type,
1465 opt_len << 3,
1466 opt_len);
1467
1468 switch (opt_type) {
1469 case ND_OPT_SOURCE_LINKADDR:
1470 l = (opt_len << 3) - 2;
1471 print_lladdr(ndo, cp + 2, l);
1472 break;
1473 case ND_OPT_TARGET_LINKADDR:
1474 l = (opt_len << 3) - 2;
1475 print_lladdr(ndo, cp + 2, l);
1476 break;
1477 case ND_OPT_PREFIX_INFORMATION:
1478 opp = (const struct nd_opt_prefix_info *)op;
1479 ND_TCHECK_16(opp->nd_opt_pi_prefix);
1480 ND_PRINT("%s/%u%s, Flags [%s], valid time %s",
1481 GET_IP6ADDR_STRING(opp->nd_opt_pi_prefix),
1482 GET_U_1(opp->nd_opt_pi_prefix_len),
1483 (opt_len != 4) ? "badlen" : "",
1484 bittok2str(icmp6_opt_pi_flag_values, "none", GET_U_1(opp->nd_opt_pi_flags_reserved)),
1485 get_lifetime(GET_BE_U_4(opp->nd_opt_pi_valid_time)));
1486 ND_PRINT(", pref. time %s",
1487 get_lifetime(GET_BE_U_4(opp->nd_opt_pi_preferred_time)));
1488 break;
1489 case ND_OPT_REDIRECTED_HEADER:
1490 print_unknown_data(ndo, bp,"\n\t ",opt_len<<3);
1491 /* xxx */
1492 break;
1493 case ND_OPT_MTU:
1494 opm = (const struct nd_opt_mtu *)op;
1495 ND_TCHECK_4(opm->nd_opt_mtu_mtu);
1496 ND_PRINT(" %u%s",
1497 GET_BE_U_4(opm->nd_opt_mtu_mtu),
1498 (opt_len != 1) ? "bad option length" : "" );
1499 break;
1500 case ND_OPT_RDNSS:
1501 oprd = (const struct nd_opt_rdnss *)op;
1502 l = (opt_len - 1) / 2;
1503 ND_PRINT(" lifetime %us,",
1504 GET_BE_U_4(oprd->nd_opt_rdnss_lifetime));
1505 for (i = 0; i < l; i++) {
1506 ND_TCHECK_16(oprd->nd_opt_rdnss_addr[i]);
1507 ND_PRINT(" addr: %s",
1508 GET_IP6ADDR_STRING(oprd->nd_opt_rdnss_addr[i]));
1509 }
1510 break;
1511 case ND_OPT_DNSSL:
1512 opds = (const struct nd_opt_dnssl *)op;
1513 ND_PRINT(" lifetime %us, domain(s):",
1514 GET_BE_U_4(opds->nd_opt_dnssl_lifetime));
1515 domp = cp + 8; /* domain names, variable-sized, RFC1035-encoded */
1516 while (domp < cp + (opt_len << 3) && GET_U_1(domp) != '\0')
1517 {
1518 ND_PRINT(" ");
1519 if ((domp = fqdn_print(ndo, domp, bp)) == NULL)
1520 goto trunc;
1521 }
1522 break;
1523 case ND_OPT_ADVINTERVAL:
1524 opa = (const struct nd_opt_advinterval *)op;
1525 ND_TCHECK_4(opa->nd_opt_adv_interval);
1526 ND_PRINT(" %ums",
1527 GET_BE_U_4(opa->nd_opt_adv_interval));
1528 break;
1529 case ND_OPT_HOMEAGENT_INFO:
1530 oph = (const struct nd_opt_homeagent_info *)op;
1531 ND_TCHECK_2(oph->nd_opt_hai_lifetime);
1532 ND_PRINT(" preference %u, lifetime %u",
1533 GET_BE_U_2(oph->nd_opt_hai_preference),
1534 GET_BE_U_2(oph->nd_opt_hai_lifetime));
1535 break;
1536 case ND_OPT_ROUTE_INFO:
1537 opri = (const struct nd_opt_route_info *)op;
1538 ND_TCHECK_4(opri->nd_opt_rti_lifetime);
1539 memset(&in6, 0, sizeof(in6));
1540 switch (opt_len) {
1541 case 1:
1542 break;
1543 case 2:
1544 ND_TCHECK_8(opri + 1);
1545 memcpy(&in6, opri + 1, 8);
1546 break;
1547 case 3:
1548 ND_TCHECK_16(opri + 1);
1549 memcpy(&in6, opri + 1, 16);
1550 break;
1551 default:
1552 goto trunc;
1553 }
1554 ND_PRINT(" %s/%u", ip6addr_string(ndo, (const u_char *)&in6),
1555 GET_U_1(opri->nd_opt_rti_prefixlen));
1556 ND_PRINT(", pref=%s",
1557 get_rtpref(GET_U_1(opri->nd_opt_rti_flags)));
1558 ND_PRINT(", lifetime=%s",
1559 get_lifetime(GET_BE_U_4(opri->nd_opt_rti_lifetime)));
1560 break;
1561 default:
1562 if (ndo->ndo_vflag <= 1) {
1563 print_unknown_data(ndo,cp+2,"\n\t ", (opt_len << 3) - 2); /* skip option header */
1564 return 0;
1565 }
1566 break;
1567 }
1568 /* do we want to see an additional hexdump ? */
1569 if (ndo->ndo_vflag> 1)
1570 print_unknown_data(ndo, cp+2,"\n\t ", (opt_len << 3) - 2); /* skip option header */
1571
1572 cp += opt_len << 3;
1573 resid -= opt_len << 3;
1574 }
1575 return 0;
1576
1577 trunc:
1578 return -1;
1579 }
1580
1581 static void
1582 mld6_print(netdissect_options *ndo, const u_char *bp)
1583 {
1584 const struct mld6_hdr *mp = (const struct mld6_hdr *)bp;
1585 const u_char *ep;
1586
1587 /* 'ep' points to the end of available data. */
1588 ep = ndo->ndo_snapend;
1589
1590 if ((const u_char *)mp + sizeof(*mp) > ep)
1591 return;
1592
1593 ND_PRINT("max resp delay: %u ", GET_BE_U_2(mp->mld6_maxdelay));
1594 ND_PRINT("addr: %s", GET_IP6ADDR_STRING(mp->mld6_addr));
1595 }
1596
1597 static void
1598 mldv2_report_print(netdissect_options *ndo, const u_char *bp, u_int len)
1599 {
1600 const struct icmp6_hdr *icp = (const struct icmp6_hdr *) bp;
1601 u_int group, nsrcs, ngroups;
1602 u_int i, j;
1603
1604 /* Minimum len is 8 */
1605 if (len < 8) {
1606 ND_PRINT(" [invalid len %u]", len);
1607 return;
1608 }
1609
1610 ND_TCHECK_2(icp->icmp6_data16[1]);
1611 ngroups = GET_BE_U_2(icp->icmp6_data16[1]);
1612 ND_PRINT(", %u group record(s)", ngroups);
1613 if (ndo->ndo_vflag > 0) {
1614 /* Print the group records */
1615 group = 8;
1616 for (i = 0; i < ngroups; i++) {
1617 /* type(1) + auxlen(1) + numsrc(2) + grp(16) */
1618 if (len < group + 20) {
1619 ND_PRINT(" [invalid number of groups]");
1620 return;
1621 }
1622 ND_TCHECK_LEN(bp + 4 + group, sizeof(nd_ipv6));
1623 ND_PRINT(" [gaddr %s", GET_IP6ADDR_STRING(bp + group + 4));
1624 ND_PRINT(" %s", tok2str(mldv2report2str, " [v2-report-#%u]",
1625 GET_U_1(bp + group)));
1626 nsrcs = GET_BE_U_2(bp + group + 2);
1627 /* Check the number of sources and print them */
1628 if (len < group + 20 + (nsrcs * sizeof(nd_ipv6))) {
1629 ND_PRINT(" [invalid number of sources %u]", nsrcs);
1630 return;
1631 }
1632 if (ndo->ndo_vflag == 1)
1633 ND_PRINT(", %u source(s)", nsrcs);
1634 else {
1635 /* Print the sources */
1636 ND_PRINT(" {");
1637 for (j = 0; j < nsrcs; j++) {
1638 ND_TCHECK_LEN(bp + group + 20 + (j * sizeof(nd_ipv6)),
1639 sizeof(nd_ipv6));
1640 ND_PRINT(" %s", GET_IP6ADDR_STRING(bp + group + 20 + (j * sizeof(nd_ipv6))));
1641 }
1642 ND_PRINT(" }");
1643 }
1644 /* Next group record */
1645 group += 20 + nsrcs * sizeof(nd_ipv6);
1646 ND_PRINT("]");
1647 }
1648 }
1649 return;
1650 trunc:
1651 nd_print_trunc(ndo);
1652 return;
1653 }
1654
1655 static void
1656 mldv2_query_print(netdissect_options *ndo, const u_char *bp, u_int len)
1657 {
1658 const struct icmp6_hdr *icp = (const struct icmp6_hdr *) bp;
1659 u_int mrc;
1660 u_int mrt, qqi;
1661 u_int nsrcs;
1662 u_int i;
1663
1664 /* Minimum len is 28 */
1665 if (len < 28) {
1666 ND_PRINT(" [invalid len %u]", len);
1667 return;
1668 }
1669 ND_TCHECK_2(icp->icmp6_data16[0]);
1670 mrc = GET_BE_U_2(icp->icmp6_data16[0]);
1671 if (mrc < 32768) {
1672 mrt = mrc;
1673 } else {
1674 mrt = ((mrc & 0x0fff) | 0x1000) << (((mrc & 0x7000) >> 12) + 3);
1675 }
1676 if (ndo->ndo_vflag) {
1677 ND_PRINT(" [max resp delay=%u]", mrt);
1678 }
1679 ND_TCHECK_LEN(bp + 8, sizeof(nd_ipv6));
1680 ND_PRINT(" [gaddr %s", GET_IP6ADDR_STRING(bp + 8));
1681
1682 if (ndo->ndo_vflag) {
1683 ND_TCHECK_1(bp + 25);
1684 if (GET_U_1(bp + 24) & 0x08) {
1685 ND_PRINT(" sflag");
1686 }
1687 if (GET_U_1(bp + 24) & 0x07) {
1688 ND_PRINT(" robustness=%u", GET_U_1(bp + 24) & 0x07);
1689 }
1690 if (GET_U_1(bp + 25) < 128) {
1691 qqi = GET_U_1(bp + 25);
1692 } else {
1693 qqi = ((GET_U_1(bp + 25) & 0x0f) | 0x10) <<
1694 (((GET_U_1(bp + 25) & 0x70) >> 4) + 3);
1695 }
1696 ND_PRINT(" qqi=%u", qqi);
1697 }
1698
1699 ND_TCHECK_2(bp + 26);
1700 nsrcs = GET_BE_U_2(bp + 26);
1701 if (nsrcs > 0) {
1702 if (len < 28 + nsrcs * sizeof(nd_ipv6))
1703 ND_PRINT(" [invalid number of sources]");
1704 else if (ndo->ndo_vflag > 1) {
1705 ND_PRINT(" {");
1706 for (i = 0; i < nsrcs; i++) {
1707 ND_TCHECK_LEN(bp + 28 + (i * sizeof(nd_ipv6)),
1708 sizeof(nd_ipv6));
1709 ND_PRINT(" %s", GET_IP6ADDR_STRING(bp + 28 + (i * sizeof(nd_ipv6))));
1710 }
1711 ND_PRINT(" }");
1712 } else
1713 ND_PRINT(", %u source(s)", nsrcs);
1714 }
1715 ND_PRINT("]");
1716 return;
1717 trunc:
1718 nd_print_trunc(ndo);
1719 return;
1720 }
1721
1722 static void
1723 dnsname_print(netdissect_options *ndo, const u_char *cp, const u_char *ep)
1724 {
1725 int i;
1726
1727 /* DNS name decoding - no decompression */
1728 ND_PRINT(", \"");
1729 while (cp < ep) {
1730 i = GET_U_1(cp);
1731 cp++;
1732 if (i) {
1733 if (i > ep - cp) {
1734 ND_PRINT("???");
1735 break;
1736 }
1737 while (i-- && cp < ep) {
1738 fn_print_char(ndo, GET_U_1(cp));
1739 cp++;
1740 }
1741 if (cp + 1 < ep && GET_U_1(cp))
1742 ND_PRINT(".");
1743 } else {
1744 if (cp == ep) {
1745 /* FQDN */
1746 ND_PRINT(".");
1747 } else if (cp + 1 == ep && GET_U_1(cp) == '\0') {
1748 /* truncated */
1749 } else {
1750 /* invalid */
1751 ND_PRINT("???");
1752 }
1753 break;
1754 }
1755 }
1756 ND_PRINT("\"");
1757 }
1758
1759 static void
1760 icmp6_nodeinfo_print(netdissect_options *ndo, u_int icmp6len, const u_char *bp, const u_char *ep)
1761 {
1762 const struct icmp6_nodeinfo *ni6;
1763 const struct icmp6_hdr *dp;
1764 const u_char *cp;
1765 size_t siz, i;
1766 int needcomma;
1767
1768 if (ep < bp)
1769 return;
1770 dp = (const struct icmp6_hdr *)bp;
1771 ni6 = (const struct icmp6_nodeinfo *)bp;
1772 siz = ep - bp;
1773
1774 switch (GET_U_1(ni6->ni_type)) {
1775 case ICMP6_NI_QUERY:
1776 if (siz == sizeof(*dp) + 4) {
1777 /* KAME who-are-you */
1778 ND_PRINT(" who-are-you request");
1779 break;
1780 }
1781 ND_PRINT(" node information query");
1782
1783 ND_TCHECK_LEN(dp, sizeof(*ni6));
1784 ni6 = (const struct icmp6_nodeinfo *)dp;
1785 ND_PRINT(" ("); /*)*/
1786 switch (GET_BE_U_2(ni6->ni_qtype)) {
1787 case NI_QTYPE_NOOP:
1788 ND_PRINT("noop");
1789 break;
1790 case NI_QTYPE_SUPTYPES:
1791 ND_PRINT("supported qtypes");
1792 i = GET_BE_U_2(ni6->ni_flags);
1793 if (i)
1794 ND_PRINT(" [%s]", (i & 0x01) ? "C" : "");
1795 break;
1796 case NI_QTYPE_FQDN:
1797 ND_PRINT("DNS name");
1798 break;
1799 case NI_QTYPE_NODEADDR:
1800 ND_PRINT("node addresses");
1801 i = GET_BE_U_2(ni6->ni_flags);
1802 if (!i)
1803 break;
1804 /* NI_NODEADDR_FLAG_TRUNCATE undefined for query */
1805 ND_PRINT(" [%s%s%s%s%s%s]",
1806 (i & NI_NODEADDR_FLAG_ANYCAST) ? "a" : "",
1807 (i & NI_NODEADDR_FLAG_GLOBAL) ? "G" : "",
1808 (i & NI_NODEADDR_FLAG_SITELOCAL) ? "S" : "",
1809 (i & NI_NODEADDR_FLAG_LINKLOCAL) ? "L" : "",
1810 (i & NI_NODEADDR_FLAG_COMPAT) ? "C" : "",
1811 (i & NI_NODEADDR_FLAG_ALL) ? "A" : "");
1812 break;
1813 default:
1814 ND_PRINT("unknown");
1815 break;
1816 }
1817
1818 if (GET_BE_U_2(ni6->ni_qtype) == NI_QTYPE_NOOP ||
1819 GET_BE_U_2(ni6->ni_qtype) == NI_QTYPE_SUPTYPES) {
1820 if (siz != sizeof(*ni6))
1821 if (ndo->ndo_vflag)
1822 ND_PRINT(", invalid len");
1823 /*(*/
1824 ND_PRINT(")");
1825 break;
1826 }
1827
1828
1829 /* XXX backward compat, icmp-name-lookup-03 */
1830 if (siz == sizeof(*ni6)) {
1831 ND_PRINT(", 03 draft");
1832 /*(*/
1833 ND_PRINT(")");
1834 break;
1835 }
1836
1837 cp = (const u_char *)(ni6 + 1);
1838 switch (GET_U_1(ni6->ni_code)) {
1839 case ICMP6_NI_SUBJ_IPV6:
1840 if (!ND_TTEST_LEN(dp, sizeof(*ni6) + sizeof(nd_ipv6)))
1841 break;
1842 if (siz != sizeof(*ni6) + sizeof(nd_ipv6)) {
1843 if (ndo->ndo_vflag)
1844 ND_PRINT(", invalid subject len");
1845 break;
1846 }
1847 ND_PRINT(", subject=%s",
1848 GET_IP6ADDR_STRING(cp));
1849 break;
1850 case ICMP6_NI_SUBJ_FQDN:
1851 ND_PRINT(", subject=DNS name");
1852 if (GET_U_1(cp) == ep - cp - 1) {
1853 /* icmp-name-lookup-03, pascal string */
1854 if (ndo->ndo_vflag)
1855 ND_PRINT(", 03 draft");
1856 cp++;
1857 ND_PRINT(", \"");
1858 while (cp < ep) {
1859 fn_print_char(ndo, GET_U_1(cp));
1860 cp++;
1861 }
1862 ND_PRINT("\"");
1863 } else
1864 dnsname_print(ndo, cp, ep);
1865 break;
1866 case ICMP6_NI_SUBJ_IPV4:
1867 if (!ND_TTEST_LEN(dp, sizeof(*ni6) + sizeof(nd_ipv4)))
1868 break;
1869 if (siz != sizeof(*ni6) + sizeof(nd_ipv4)) {
1870 if (ndo->ndo_vflag)
1871 ND_PRINT(", invalid subject len");
1872 break;
1873 }
1874 ND_PRINT(", subject=%s",
1875 GET_IPADDR_STRING(cp));
1876 break;
1877 default:
1878 ND_PRINT(", unknown subject");
1879 break;
1880 }
1881
1882 /*(*/
1883 ND_PRINT(")");
1884 break;
1885
1886 case ICMP6_NI_REPLY:
1887 if (icmp6len > siz)
1888 goto trunc;
1889
1890 needcomma = 0;
1891
1892 ND_TCHECK_LEN(dp, sizeof(*ni6));
1893 ni6 = (const struct icmp6_nodeinfo *)dp;
1894 ND_PRINT(" node information reply");
1895 ND_PRINT(" ("); /*)*/
1896 switch (GET_U_1(ni6->ni_code)) {
1897 case ICMP6_NI_SUCCESS:
1898 if (ndo->ndo_vflag) {
1899 ND_PRINT("success");
1900 needcomma++;
1901 }
1902 break;
1903 case ICMP6_NI_REFUSED:
1904 ND_PRINT("refused");
1905 needcomma++;
1906 if (siz != sizeof(*ni6))
1907 if (ndo->ndo_vflag)
1908 ND_PRINT(", invalid length");
1909 break;
1910 case ICMP6_NI_UNKNOWN:
1911 ND_PRINT("unknown");
1912 needcomma++;
1913 if (siz != sizeof(*ni6))
1914 if (ndo->ndo_vflag)
1915 ND_PRINT(", invalid length");
1916 break;
1917 }
1918
1919 if (GET_U_1(ni6->ni_code) != ICMP6_NI_SUCCESS) {
1920 /*(*/
1921 ND_PRINT(")");
1922 break;
1923 }
1924
1925 switch (GET_BE_U_2(ni6->ni_qtype)) {
1926 case NI_QTYPE_NOOP:
1927 if (needcomma)
1928 ND_PRINT(", ");
1929 ND_PRINT("noop");
1930 if (siz != sizeof(*ni6))
1931 if (ndo->ndo_vflag)
1932 ND_PRINT(", invalid length");
1933 break;
1934 case NI_QTYPE_SUPTYPES:
1935 if (needcomma)
1936 ND_PRINT(", ");
1937 ND_PRINT("supported qtypes");
1938 i = GET_BE_U_2(ni6->ni_flags);
1939 if (i)
1940 ND_PRINT(" [%s]", (i & 0x01) ? "C" : "");
1941 break;
1942 case NI_QTYPE_FQDN:
1943 if (needcomma)
1944 ND_PRINT(", ");
1945 ND_PRINT("DNS name");
1946 cp = (const u_char *)(ni6 + 1) + 4;
1947 ND_TCHECK_1(cp);
1948 if (GET_U_1(cp) == ep - cp - 1) {
1949 /* icmp-name-lookup-03, pascal string */
1950 if (ndo->ndo_vflag)
1951 ND_PRINT(", 03 draft");
1952 cp++;
1953 ND_PRINT(", \"");
1954 while (cp < ep) {
1955 fn_print_char(ndo, GET_U_1(cp));
1956 cp++;
1957 }
1958 ND_PRINT("\"");
1959 } else
1960 dnsname_print(ndo, cp, ep);
1961 if ((GET_BE_U_2(ni6->ni_flags) & 0x01) != 0)
1962 ND_PRINT(" [TTL=%u]", GET_BE_U_4(ni6 + 1));
1963 break;
1964 case NI_QTYPE_NODEADDR:
1965 if (needcomma)
1966 ND_PRINT(", ");
1967 ND_PRINT("node addresses");
1968 i = sizeof(*ni6);
1969 while (i < siz) {
1970 if (i + sizeof(uint32_t) + sizeof(nd_ipv6) > siz)
1971 break;
1972 ND_PRINT(" %s(%u)",
1973 GET_IP6ADDR_STRING(bp + i + sizeof(uint32_t)),
1974 GET_BE_U_4(bp + i));
1975 i += sizeof(uint32_t) + sizeof(nd_ipv6);
1976 }
1977 i = GET_BE_U_2(ni6->ni_flags);
1978 if (!i)
1979 break;
1980 ND_PRINT(" [%s%s%s%s%s%s%s]",
1981 (i & NI_NODEADDR_FLAG_ANYCAST) ? "a" : "",
1982 (i & NI_NODEADDR_FLAG_GLOBAL) ? "G" : "",
1983 (i & NI_NODEADDR_FLAG_SITELOCAL) ? "S" : "",
1984 (i & NI_NODEADDR_FLAG_LINKLOCAL) ? "L" : "",
1985 (i & NI_NODEADDR_FLAG_COMPAT) ? "C" : "",
1986 (i & NI_NODEADDR_FLAG_ALL) ? "A" : "",
1987 (i & NI_NODEADDR_FLAG_TRUNCATE) ? "T" : "");
1988 break;
1989 default:
1990 if (needcomma)
1991 ND_PRINT(", ");
1992 ND_PRINT("unknown");
1993 break;
1994 }
1995
1996 /*(*/
1997 ND_PRINT(")");
1998 break;
1999 }
2000 return;
2001
2002 trunc:
2003 nd_print_trunc(ndo);
2004 }
2005
2006 static void
2007 icmp6_rrenum_print(netdissect_options *ndo, const u_char *bp, const u_char *ep)
2008 {
2009 const struct icmp6_router_renum *rr6;
2010 const char *cp;
2011 const struct rr_pco_match *match;
2012 const struct rr_pco_use *use;
2013 char hbuf[NI_MAXHOST];
2014 int n;
2015
2016 if (ep < bp)
2017 return;
2018 rr6 = (const struct icmp6_router_renum *)bp;
2019 cp = (const char *)(rr6 + 1);
2020
2021 ND_TCHECK_4(rr6->rr_reserved);
2022 switch (GET_U_1(rr6->rr_code)) {
2023 case ICMP6_ROUTER_RENUMBERING_COMMAND:
2024 ND_PRINT("router renum: command");
2025 break;
2026 case ICMP6_ROUTER_RENUMBERING_RESULT:
2027 ND_PRINT("router renum: result");
2028 break;
2029 case ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET:
2030 ND_PRINT("router renum: sequence number reset");
2031 break;
2032 default:
2033 ND_PRINT("router renum: code-#%u", GET_U_1(rr6->rr_code));
2034 break;
2035 }
2036
2037 ND_PRINT(", seq=%u", GET_BE_U_4(rr6->rr_seqnum));
2038
2039 if (ndo->ndo_vflag) {
2040 uint8_t rr_flags = GET_U_1(rr6->rr_flags);
2041 #define F(x, y) (rr_flags & (x) ? (y) : "")
2042 ND_PRINT("["); /*]*/
2043 if (rr_flags) {
2044 ND_PRINT("%s%s%s%s%s,", F(ICMP6_RR_FLAGS_TEST, "T"),
2045 F(ICMP6_RR_FLAGS_REQRESULT, "R"),
2046 F(ICMP6_RR_FLAGS_FORCEAPPLY, "A"),
2047 F(ICMP6_RR_FLAGS_SPECSITE, "S"),
2048 F(ICMP6_RR_FLAGS_PREVDONE, "P"));
2049 }
2050 ND_PRINT("seg=%u,", GET_U_1(rr6->rr_segnum));
2051 ND_PRINT("maxdelay=%u", GET_BE_U_2(rr6->rr_maxdelay));
2052 if (GET_BE_U_4(rr6->rr_reserved))
2053 ND_PRINT("rsvd=0x%x", GET_BE_U_4(rr6->rr_reserved));
2054 /*[*/
2055 ND_PRINT("]");
2056 #undef F
2057 }
2058
2059 if (GET_U_1(rr6->rr_code) == ICMP6_ROUTER_RENUMBERING_COMMAND) {
2060 match = (const struct rr_pco_match *)cp;
2061 cp = (const char *)(match + 1);
2062
2063 ND_TCHECK_16(match->rpm_prefix);
2064
2065 if (ndo->ndo_vflag > 1)
2066 ND_PRINT("\n\t");
2067 else
2068 ND_PRINT(" ");
2069 ND_PRINT("match("); /*)*/
2070 switch (GET_U_1(match->rpm_code)) {
2071 case RPM_PCO_ADD: ND_PRINT("add"); break;
2072 case RPM_PCO_CHANGE: ND_PRINT("change"); break;
2073 case RPM_PCO_SETGLOBAL: ND_PRINT("setglobal"); break;
2074 default: ND_PRINT("#%u",
2075 GET_U_1(match->rpm_code)); break;
2076 }
2077
2078 if (ndo->ndo_vflag) {
2079 ND_PRINT(",ord=%u", GET_U_1(match->rpm_ordinal));
2080 ND_PRINT(",min=%u", GET_U_1(match->rpm_minlen));
2081 ND_PRINT(",max=%u", GET_U_1(match->rpm_maxlen));
2082 }
2083 if (addrtostr6(match->rpm_prefix, hbuf, sizeof(hbuf)))
2084 ND_PRINT(",%s/%u", hbuf, GET_U_1(match->rpm_matchlen));
2085 else
2086 ND_PRINT(",?/%u", GET_U_1(match->rpm_matchlen));
2087 /*(*/
2088 ND_PRINT(")");
2089
2090 n = GET_U_1(match->rpm_len) - 3;
2091 if (n % 4)
2092 goto trunc;
2093 n /= 4;
2094 while (n-- > 0) {
2095 use = (const struct rr_pco_use *)cp;
2096 cp = (const char *)(use + 1);
2097
2098 ND_TCHECK_16(use->rpu_prefix);
2099
2100 if (ndo->ndo_vflag > 1)
2101 ND_PRINT("\n\t");
2102 else
2103 ND_PRINT(" ");
2104 ND_PRINT("use("); /*)*/
2105 if (GET_U_1(use->rpu_flags)) {
2106 #define F(x, y) (GET_U_1(use->rpu_flags) & (x) ? (y) : "")
2107 ND_PRINT("%s%s,",
2108 F(ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME, "V"),
2109 F(ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME, "P"));
2110 #undef F
2111 }
2112 if (ndo->ndo_vflag) {
2113 ND_PRINT("mask=0x%x,",
2114 GET_U_1(use->rpu_ramask));
2115 ND_PRINT("raflags=0x%x,",
2116 GET_U_1(use->rpu_raflags));
2117 if (GET_BE_U_4(use->rpu_vltime) == 0xffffffff)
2118 ND_PRINT("vltime=infty,");
2119 else
2120 ND_PRINT("vltime=%u,",
2121 GET_BE_U_4(use->rpu_vltime));
2122 if (GET_BE_U_4(use->rpu_pltime) == 0xffffffff)
2123 ND_PRINT("pltime=infty,");
2124 else
2125 ND_PRINT("pltime=%u,",
2126 GET_BE_U_4(use->rpu_pltime));
2127 }
2128 if (addrtostr6(use->rpu_prefix, hbuf, sizeof(hbuf)))
2129 ND_PRINT("%s/%u/%u", hbuf,
2130 GET_U_1(use->rpu_uselen),
2131 GET_U_1(use->rpu_keeplen));
2132 else
2133 ND_PRINT("?/%u/%u", GET_U_1(use->rpu_uselen),
2134 GET_U_1(use->rpu_keeplen));
2135 /*(*/
2136 ND_PRINT(")");
2137 }
2138 }
2139
2140 return;
2141
2142 trunc:
2143 nd_print_trunc(ndo);
2144 }
[mirror] the TCPdump network dissector