]> The Tcpdump Group git mirrors - tcpdump/blob - print-bfd.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add more nd_print_trunc() calls
[tcpdump] / print-bfd.c
1 /*
2 * Redistribution and use in source and binary forms, with or without
3 * modification, are permitted provided that: (1) source code
4 * distributions retain the above copyright notice and this paragraph
5 * in its entirety, and (2) distributions including binary code include
6 * the above copyright notice and this paragraph in its entirety in
7 * the documentation or other materials provided with the distribution.
8 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
9 * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
10 * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
11 * FOR A PARTICULAR PURPOSE.
12 *
13 * Original code by Hannes Gredler (hannes@gredler.at)
14 */
15
16 /* \summary: Bidirectional Forwarding Detection (BFD) printer */
17
18 /* specification: RFC 5880 (for version 1) and RFC 5881 */
19
20 #ifdef HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23
24 #include "netdissect-stdinc.h"
25
26 #include "netdissect.h"
27 #include "extract.h"
28
29 #include "udp.h"
30
31 /*
32 * Control packet, BFDv0, draft-katz-ward-bfd-01.txt
33 *
34 * 0 1 2 3
35 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
36 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
37 * |Vers | Diag |H|D|P|F| Rsvd | Detect Mult | Length |
38 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
39 * | My Discriminator |
40 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
41 * | Your Discriminator |
42 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
43 * | Desired Min TX Interval |
44 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
45 * | Required Min RX Interval |
46 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
47 * | Required Min Echo RX Interval |
48 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
49 */
50
51 /*
52 * Control packet, BFDv1, RFC 5880
53 *
54 * 0 1 2 3
55 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
56 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
57 * |Vers | Diag |Sta|P|F|C|A|D|M| Detect Mult | Length |
58 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
59 * | My Discriminator |
60 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
61 * | Your Discriminator |
62 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
63 * | Desired Min TX Interval |
64 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
65 * | Required Min RX Interval |
66 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
67 * | Required Min Echo RX Interval |
68 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
69 */
70
71 struct bfd_header_t {
72 nd_uint8_t version_diag;
73 nd_uint8_t flags;
74 nd_uint8_t detect_time_multiplier;
75 nd_uint8_t length;
76 nd_uint32_t my_discriminator;
77 nd_uint32_t your_discriminator;
78 nd_uint32_t desired_min_tx_interval;
79 nd_uint32_t required_min_rx_interval;
80 nd_uint32_t required_min_echo_interval;
81 };
82
83 /*
84 * An optional Authentication Header may be present
85 *
86 * 0 1 2 3
87 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
88 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
89 * | Auth Type | Auth Len | Authentication Data... |
90 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
91 */
92
93 struct bfd_auth_header_t {
94 nd_uint8_t auth_type;
95 nd_uint8_t auth_len;
96 nd_uint8_t auth_data;
97 nd_uint8_t dummy; /* minimum 4 bytes */
98 };
99
100 enum auth_type {
101 AUTH_PASSWORD = 1,
102 AUTH_MD5 = 2,
103 AUTH_MET_MD5 = 3,
104 AUTH_SHA1 = 4,
105 AUTH_MET_SHA1 = 5
106 };
107
108 static const struct tok bfd_v1_authentication_values[] = {
109 { AUTH_PASSWORD, "Simple Password" },
110 { AUTH_MD5, "Keyed MD5" },
111 { AUTH_MET_MD5, "Meticulous Keyed MD5" },
112 { AUTH_SHA1, "Keyed SHA1" },
113 { AUTH_MET_SHA1, "Meticulous Keyed SHA1" },
114 { 0, NULL }
115 };
116
117 enum auth_length {
118 AUTH_PASSWORD_FIELD_MIN_LEN = 4, /* header + password min: 3 + 1 */
119 AUTH_PASSWORD_FIELD_MAX_LEN = 19, /* header + password max: 3 + 16 */
120 AUTH_MD5_FIELD_LEN = 24,
121 AUTH_MD5_HASH_LEN = 16,
122 AUTH_SHA1_FIELD_LEN = 28,
123 AUTH_SHA1_HASH_LEN = 20
124 };
125
126 #define BFD_EXTRACT_VERSION(x) (((x)&0xe0)>>5)
127 #define BFD_EXTRACT_DIAG(x) ((x)&0x1f)
128
129 static const struct tok bfd_port_values[] = {
130 { BFD_CONTROL_PORT, "Control" },
131 { BFD_ECHO_PORT, "Echo" },
132 { 0, NULL }
133 };
134
135 static const struct tok bfd_diag_values[] = {
136 { 0, "No Diagnostic" },
137 { 1, "Control Detection Time Expired" },
138 { 2, "Echo Function Failed" },
139 { 3, "Neighbor Signaled Session Down" },
140 { 4, "Forwarding Plane Reset" },
141 { 5, "Path Down" },
142 { 6, "Concatenated Path Down" },
143 { 7, "Administratively Down" },
144 { 8, "Reverse Concatenated Path Down" },
145 { 0, NULL }
146 };
147
148 static const struct tok bfd_v0_flag_values[] = {
149 { 0x80, "I Hear You" },
150 { 0x40, "Demand" },
151 { 0x20, "Poll" },
152 { 0x10, "Final" },
153 { 0x08, "Reserved" },
154 { 0x04, "Reserved" },
155 { 0x02, "Reserved" },
156 { 0x01, "Reserved" },
157 { 0, NULL }
158 };
159
160 #define BFD_FLAG_AUTH 0x04
161
162 static const struct tok bfd_v1_flag_values[] = {
163 { 0x20, "Poll" },
164 { 0x10, "Final" },
165 { 0x08, "Control Plane Independent" },
166 { BFD_FLAG_AUTH, "Authentication Present" },
167 { 0x02, "Demand" },
168 { 0x01, "Multipoint" },
169 { 0, NULL }
170 };
171
172 static const struct tok bfd_v1_state_values[] = {
173 { 0, "AdminDown" },
174 { 1, "Down" },
175 { 2, "Init" },
176 { 3, "Up" },
177 { 0, NULL }
178 };
179
180 static int
181 auth_print(netdissect_options *ndo, const u_char *pptr)
182 {
183 const struct bfd_auth_header_t *bfd_auth_header;
184 uint8_t auth_type, auth_len;
185 int i;
186
187 pptr += sizeof (struct bfd_header_t);
188 bfd_auth_header = (const struct bfd_auth_header_t *)pptr;
189 ND_TCHECK_SIZE(bfd_auth_header);
190 auth_type = EXTRACT_U_1(bfd_auth_header->auth_type);
191 auth_len = EXTRACT_U_1(bfd_auth_header->auth_len);
192 ND_PRINT("\n\tAuthentication: %s (%u), length: %u",
193 tok2str(bfd_v1_authentication_values,"Unknown",auth_type),
194 auth_type, auth_len);
195 pptr += 2;
196 ND_PRINT("\n\t Auth Key ID: %u", EXTRACT_U_1(pptr));
197
198 switch(auth_type) {
199 case AUTH_PASSWORD:
200 /*
201 * Simple Password Authentication Section Format
202 *
203 * 0 1 2 3
204 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
205 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
206 * | Auth Type | Auth Len | Auth Key ID | Password... |
207 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
208 * | ... |
209 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
210 */
211 if (auth_len < AUTH_PASSWORD_FIELD_MIN_LEN ||
212 auth_len > AUTH_PASSWORD_FIELD_MAX_LEN) {
213 ND_PRINT("[invalid length %u]",
214 auth_len);
215 break;
216 }
217 pptr++;
218 ND_PRINT(", Password: ");
219 /* the length is equal to the password length plus three */
220 if (nd_printn(ndo, pptr, auth_len - 3,
221 ndo->ndo_snapend))
222 goto trunc;
223 break;
224 case AUTH_MD5:
225 case AUTH_MET_MD5:
226 /*
227 * Keyed MD5 and Meticulous Keyed MD5 Authentication Section Format
228 *
229 * 0 1 2 3
230 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
231 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
232 * | Auth Type | Auth Len | Auth Key ID | Reserved |
233 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
234 * | Sequence Number |
235 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
236 * | Auth Key/Digest... |
237 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
238 * | ... |
239 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
240 */
241 if (auth_len != AUTH_MD5_FIELD_LEN) {
242 ND_PRINT("[invalid length %u]",
243 auth_len);
244 break;
245 }
246 pptr += 2;
247 ND_TCHECK_4(pptr);
248 ND_PRINT(", Sequence Number: 0x%08x", EXTRACT_BE_U_4(pptr));
249 pptr += 4;
250 ND_TCHECK_LEN(pptr, AUTH_MD5_HASH_LEN);
251 ND_PRINT("\n\t Digest: ");
252 for(i = 0; i < AUTH_MD5_HASH_LEN; i++)
253 ND_PRINT("%02x", EXTRACT_U_1(pptr + i));
254 break;
255 case AUTH_SHA1:
256 case AUTH_MET_SHA1:
257 /*
258 * Keyed SHA1 and Meticulous Keyed SHA1 Authentication Section Format
259 *
260 * 0 1 2 3
261 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
262 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
263 * | Auth Type | Auth Len | Auth Key ID | Reserved |
264 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
265 * | Sequence Number |
266 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
267 * | Auth Key/Hash... |
268 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
269 * | ... |
270 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
271 */
272 if (auth_len != AUTH_SHA1_FIELD_LEN) {
273 ND_PRINT("[invalid length %u]",
274 auth_len);
275 break;
276 }
277 pptr += 2;
278 ND_TCHECK_4(pptr);
279 ND_PRINT(", Sequence Number: 0x%08x", EXTRACT_BE_U_4(pptr));
280 pptr += 4;
281 ND_TCHECK_LEN(pptr, AUTH_SHA1_HASH_LEN);
282 ND_PRINT("\n\t Hash: ");
283 for(i = 0; i < AUTH_SHA1_HASH_LEN; i++)
284 ND_PRINT("%02x", EXTRACT_U_1(pptr + i));
285 break;
286 }
287 return 0;
288
289 trunc:
290 return 1;
291 }
292
293 void
294 bfd_print(netdissect_options *ndo, const u_char *pptr,
295 u_int len, u_int port)
296 {
297 const struct bfd_header_t *bfd_header;
298 uint8_t version_diag;
299 uint8_t version = 0;
300 uint8_t flags;
301
302 ndo->ndo_protocol = "bfd";
303 bfd_header = (const struct bfd_header_t *)pptr;
304 version_diag = EXTRACT_U_1(bfd_header->version_diag);
305 if (port == BFD_CONTROL_PORT) {
306 ND_TCHECK_SIZE(bfd_header);
307 version = BFD_EXTRACT_VERSION(version_diag);
308 } else if (port == BFD_ECHO_PORT) {
309 /* Echo is BFD v1 only */
310 version = 1;
311 }
312 flags = EXTRACT_U_1(bfd_header->flags);
313 switch ((port << 8) | version) {
314
315 /* BFDv0 */
316 case (BFD_CONTROL_PORT << 8):
317 if (ndo->ndo_vflag < 1)
318 {
319 ND_PRINT("BFDv%u, %s, Flags: [%s], length: %u",
320 version,
321 tok2str(bfd_port_values, "unknown (%u)", port),
322 bittok2str(bfd_v0_flag_values, "none", flags),
323 len);
324 return;
325 }
326
327 ND_PRINT("BFDv%u, length: %u\n\t%s, Flags: [%s], Diagnostic: %s (0x%02x)",
328 version,
329 len,
330 tok2str(bfd_port_values, "unknown (%u)", port),
331 bittok2str(bfd_v0_flag_values, "none", flags),
332 tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(version_diag)),
333 BFD_EXTRACT_DIAG(version_diag));
334
335 ND_PRINT("\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
336 EXTRACT_U_1(bfd_header->detect_time_multiplier),
337 EXTRACT_U_1(bfd_header->detect_time_multiplier) * EXTRACT_BE_U_4(bfd_header->desired_min_tx_interval)/1000,
338 EXTRACT_U_1(bfd_header->length));
339
340
341 ND_PRINT("\n\tMy Discriminator: 0x%08x", EXTRACT_BE_U_4(bfd_header->my_discriminator));
342 ND_PRINT(", Your Discriminator: 0x%08x", EXTRACT_BE_U_4(bfd_header->your_discriminator));
343 ND_PRINT("\n\t Desired min Tx Interval: %4u ms", EXTRACT_BE_U_4(bfd_header->desired_min_tx_interval)/1000);
344 ND_PRINT("\n\t Required min Rx Interval: %4u ms", EXTRACT_BE_U_4(bfd_header->required_min_rx_interval)/1000);
345 ND_PRINT("\n\t Required min Echo Interval: %4u ms", EXTRACT_BE_U_4(bfd_header->required_min_echo_interval)/1000);
346 break;
347
348 /* BFDv1 */
349 case (BFD_CONTROL_PORT << 8 | 1):
350 if (ndo->ndo_vflag < 1)
351 {
352 ND_PRINT("BFDv%u, %s, State %s, Flags: [%s], length: %u",
353 version,
354 tok2str(bfd_port_values, "unknown (%u)", port),
355 tok2str(bfd_v1_state_values, "unknown (%u)", (flags & 0xc0) >> 6),
356 bittok2str(bfd_v1_flag_values, "none", flags & 0x3f),
357 len);
358 return;
359 }
360
361 ND_PRINT("BFDv%u, length: %u\n\t%s, State %s, Flags: [%s], Diagnostic: %s (0x%02x)",
362 version,
363 len,
364 tok2str(bfd_port_values, "unknown (%u)", port),
365 tok2str(bfd_v1_state_values, "unknown (%u)", (flags & 0xc0) >> 6),
366 bittok2str(bfd_v1_flag_values, "none", flags & 0x3f),
367 tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(version_diag)),
368 BFD_EXTRACT_DIAG(version_diag));
369
370 ND_PRINT("\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
371 EXTRACT_U_1(bfd_header->detect_time_multiplier),
372 EXTRACT_U_1(bfd_header->detect_time_multiplier) * EXTRACT_BE_U_4(bfd_header->desired_min_tx_interval)/1000,
373 EXTRACT_U_1(bfd_header->length));
374
375
376 ND_PRINT("\n\tMy Discriminator: 0x%08x", EXTRACT_BE_U_4(bfd_header->my_discriminator));
377 ND_PRINT(", Your Discriminator: 0x%08x", EXTRACT_BE_U_4(bfd_header->your_discriminator));
378 ND_PRINT("\n\t Desired min Tx Interval: %4u ms", EXTRACT_BE_U_4(bfd_header->desired_min_tx_interval)/1000);
379 ND_PRINT("\n\t Required min Rx Interval: %4u ms", EXTRACT_BE_U_4(bfd_header->required_min_rx_interval)/1000);
380 ND_PRINT("\n\t Required min Echo Interval: %4u ms", EXTRACT_BE_U_4(bfd_header->required_min_echo_interval)/1000);
381
382 if (flags & BFD_FLAG_AUTH) {
383 if (auth_print(ndo, pptr))
384 goto trunc;
385 }
386 break;
387
388 /* BFDv0 */
389 case (BFD_ECHO_PORT << 8): /* not yet supported - fall through */
390 /* BFDv1 */
391 case (BFD_ECHO_PORT << 8 | 1):
392
393 default:
394 ND_PRINT("BFD, %s, length: %u",
395 tok2str(bfd_port_values, "unknown (%u)", port),
396 len);
397 if (ndo->ndo_vflag >= 1) {
398 if(!print_unknown_data(ndo, pptr,"\n\t",len))
399 return;
400 }
401 break;
402 }
403 return;
404
405 trunc:
406 nd_print_trunc(ndo);
407 }
[mirror] the TCPdump network dissector