]> The Tcpdump Group git mirrors - tcpdump/blob - print-ip6.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Use ND_TTEST_SIZE()/ND_TCHECK_SIZE() macros (1/n)
[tcpdump] / print-ip6.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: IPv6 printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include "config.h"
26 #endif
27
28 #include <netdissect-stdinc.h>
29
30 #include <string.h>
31
32 #include "netdissect.h"
33 #include "addrtoname.h"
34 #include "extract.h"
35
36 #include "ip6.h"
37 #include "ipproto.h"
38
39 /*
40 * If routing headers are presend and valid, set dst to the final destination.
41 * Otherwise, set it to the IPv6 destination.
42 *
43 * This is used for UDP and TCP pseudo-header in the checksum
44 * calculation.
45 */
46 static void
47 ip6_finddst(netdissect_options *ndo, struct in6_addr *dst,
48 const struct ip6_hdr *ip6)
49 {
50 const u_char *cp;
51 u_int advance;
52 u_int nh;
53 const void *dst_addr;
54 const struct ip6_rthdr *dp;
55 const struct ip6_rthdr0 *dp0;
56 const struct in6_addr *addr;
57 int i, len;
58
59 cp = (const u_char *)ip6;
60 advance = sizeof(struct ip6_hdr);
61 nh = EXTRACT_U_1(ip6->ip6_nxt);
62 dst_addr = (const void *)&ip6->ip6_dst;
63
64 while (cp < ndo->ndo_snapend) {
65 cp += advance;
66
67 switch (nh) {
68
69 case IPPROTO_HOPOPTS:
70 case IPPROTO_DSTOPTS:
71 case IPPROTO_MOBILITY_OLD:
72 case IPPROTO_MOBILITY:
73 /*
74 * These have a header length byte, following
75 * the next header byte, giving the length of
76 * the header, in units of 8 octets, excluding
77 * the first 8 octets.
78 */
79 ND_TCHECK_2(cp);
80 advance = (EXTRACT_U_1(cp + 1) + 1) << 3;
81 nh = EXTRACT_U_1(cp);
82 break;
83
84 case IPPROTO_FRAGMENT:
85 /*
86 * The byte following the next header byte is
87 * marked as reserved, and the header is always
88 * the same size.
89 */
90 ND_TCHECK_1(cp);
91 advance = sizeof(struct ip6_frag);
92 nh = EXTRACT_U_1(cp);
93 break;
94
95 case IPPROTO_ROUTING:
96 /*
97 * OK, we found it.
98 */
99 dp = (const struct ip6_rthdr *)cp;
100 ND_TCHECK_SIZE(dp);
101 len = EXTRACT_U_1(dp->ip6r_len);
102 switch (EXTRACT_U_1(dp->ip6r_type)) {
103
104 case IPV6_RTHDR_TYPE_0:
105 case IPV6_RTHDR_TYPE_2: /* Mobile IPv6 ID-20 */
106 dp0 = (const struct ip6_rthdr0 *)dp;
107 if (len % 2 == 1)
108 goto trunc;
109 len >>= 1;
110 addr = &dp0->ip6r0_addr[0];
111 for (i = 0; i < len; i++) {
112 if ((const u_char *)(addr + 1) > ndo->ndo_snapend)
113 goto trunc;
114
115 dst_addr = (const void *)addr;
116 addr++;
117 }
118 break;
119
120 default:
121 break;
122 }
123
124 /*
125 * Only one routing header to a customer.
126 */
127 goto done;
128
129 case IPPROTO_AH:
130 case IPPROTO_ESP:
131 case IPPROTO_IPCOMP:
132 default:
133 /*
134 * AH and ESP are, in the RFCs that describe them,
135 * described as being "viewed as an end-to-end
136 * payload" "in the IPv6 context, so that they
137 * "should appear after hop-by-hop, routing, and
138 * fragmentation extension headers". We assume
139 * that's the case, and stop as soon as we see
140 * one. (We can't handle an ESP header in
141 * the general case anyway, as its length depends
142 * on the encryption algorithm.)
143 *
144 * IPComp is also "viewed as an end-to-end
145 * payload" "in the IPv6 context".
146 *
147 * All other protocols are assumed to be the final
148 * protocol.
149 */
150 goto done;
151 }
152 }
153
154 done:
155 trunc:
156 UNALIGNED_MEMCPY(dst, dst_addr, sizeof(struct in6_addr));
157 }
158
159 /*
160 * Compute a V6-style checksum by building a pseudoheader.
161 */
162 int
163 nextproto6_cksum(netdissect_options *ndo,
164 const struct ip6_hdr *ip6, const uint8_t *data,
165 u_int len, u_int covlen, u_int next_proto)
166 {
167 struct {
168 struct in6_addr ph_src;
169 struct in6_addr ph_dst;
170 uint32_t ph_len;
171 uint8_t ph_zero[3];
172 uint8_t ph_nxt;
173 } ph;
174 struct cksum_vec vec[2];
175 u_int nh;
176
177 /* pseudo-header */
178 memset(&ph, 0, sizeof(ph));
179 UNALIGNED_MEMCPY(&ph.ph_src, &ip6->ip6_src, sizeof (struct in6_addr));
180 nh = EXTRACT_U_1(ip6->ip6_nxt);
181 switch (nh) {
182
183 case IPPROTO_HOPOPTS:
184 case IPPROTO_DSTOPTS:
185 case IPPROTO_MOBILITY_OLD:
186 case IPPROTO_MOBILITY:
187 case IPPROTO_FRAGMENT:
188 case IPPROTO_ROUTING:
189 /*
190 * The next header is either a routing header or a header
191 * after which there might be a routing header, so scan
192 * for a routing header.
193 */
194 ip6_finddst(ndo, &ph.ph_dst, ip6);
195 break;
196
197 default:
198 UNALIGNED_MEMCPY(&ph.ph_dst, &ip6->ip6_dst, sizeof (struct in6_addr));
199 break;
200 }
201 ph.ph_len = htonl(len);
202 ph.ph_nxt = next_proto;
203
204 vec[0].ptr = (const uint8_t *)(void *)&ph;
205 vec[0].len = sizeof(ph);
206 vec[1].ptr = data;
207 vec[1].len = covlen;
208
209 return in_cksum(vec, 2);
210 }
211
212 /*
213 * print an IP6 datagram.
214 */
215 void
216 ip6_print(netdissect_options *ndo, const u_char *bp, u_int length)
217 {
218 const struct ip6_hdr *ip6;
219 int advance;
220 u_int len;
221 const u_char *ipend;
222 const u_char *cp;
223 u_int payload_len;
224 u_int nh;
225 int fragmented = 0;
226 u_int flow;
227
228 ip6 = (const struct ip6_hdr *)bp;
229
230 ND_TCHECK_SIZE(ip6);
231 if (length < sizeof (struct ip6_hdr)) {
232 ND_PRINT((ndo, "truncated-ip6 %u", length));
233 return;
234 }
235
236 if (!ndo->ndo_eflag)
237 ND_PRINT((ndo, "IP6 "));
238
239 if (IP6_VERSION(ip6) != 6) {
240 ND_PRINT((ndo,"version error: %u != 6", IP6_VERSION(ip6)));
241 return;
242 }
243
244 payload_len = EXTRACT_BE_U_2(ip6->ip6_plen);
245 len = payload_len + sizeof(struct ip6_hdr);
246 if (length < len)
247 ND_PRINT((ndo, "truncated-ip6 - %u bytes missing!",
248 len - length));
249
250 nh = EXTRACT_U_1(ip6->ip6_nxt);
251 if (ndo->ndo_vflag) {
252 flow = EXTRACT_BE_U_4(ip6->ip6_flow);
253 ND_PRINT((ndo, "("));
254 #if 0
255 /* rfc1883 */
256 if (flow & 0x0f000000)
257 ND_PRINT((ndo, "pri 0x%02x, ", (flow & 0x0f000000) >> 24));
258 if (flow & 0x00ffffff)
259 ND_PRINT((ndo, "flowlabel 0x%06x, ", flow & 0x00ffffff));
260 #else
261 /* RFC 2460 */
262 if (flow & 0x0ff00000)
263 ND_PRINT((ndo, "class 0x%02x, ", (flow & 0x0ff00000) >> 20));
264 if (flow & 0x000fffff)
265 ND_PRINT((ndo, "flowlabel 0x%05x, ", flow & 0x000fffff));
266 #endif
267
268 ND_PRINT((ndo, "hlim %u, next-header %s (%u) payload length: %u) ",
269 EXTRACT_U_1(ip6->ip6_hlim),
270 tok2str(ipproto_values,"unknown",nh),
271 nh,
272 payload_len));
273 }
274
275 /*
276 * Cut off the snapshot length to the end of the IP payload.
277 */
278 ipend = bp + len;
279 if (ipend < ndo->ndo_snapend)
280 ndo->ndo_snapend = ipend;
281
282 cp = (const u_char *)ip6;
283 advance = sizeof(struct ip6_hdr);
284 while (cp < ndo->ndo_snapend && advance > 0) {
285 if (len < (u_int)advance)
286 goto trunc;
287 cp += advance;
288 len -= advance;
289
290 if (cp == (const u_char *)(ip6 + 1) &&
291 nh != IPPROTO_TCP && nh != IPPROTO_UDP &&
292 nh != IPPROTO_DCCP && nh != IPPROTO_SCTP) {
293 ND_PRINT((ndo, "%s > %s: ", ip6addr_string(ndo, &ip6->ip6_src),
294 ip6addr_string(ndo, &ip6->ip6_dst)));
295 }
296
297 switch (nh) {
298 case IPPROTO_HOPOPTS:
299 advance = hbhopt_print(ndo, cp);
300 if (advance < 0)
301 return;
302 nh = EXTRACT_U_1(cp);
303 break;
304 case IPPROTO_DSTOPTS:
305 advance = dstopt_print(ndo, cp);
306 if (advance < 0)
307 return;
308 nh = EXTRACT_U_1(cp);
309 break;
310 case IPPROTO_FRAGMENT:
311 advance = frag6_print(ndo, cp, (const u_char *)ip6);
312 if (advance < 0 || ndo->ndo_snapend <= cp + advance)
313 return;
314 nh = EXTRACT_U_1(cp);
315 fragmented = 1;
316 break;
317
318 case IPPROTO_MOBILITY_OLD:
319 case IPPROTO_MOBILITY:
320 /*
321 * XXX - we don't use "advance"; RFC 3775 says that
322 * the next header field in a mobility header
323 * should be IPPROTO_NONE, but speaks of
324 * the possiblity of a future extension in
325 * which payload can be piggybacked atop a
326 * mobility header.
327 */
328 advance = mobility_print(ndo, cp, (const u_char *)ip6);
329 if (advance < 0)
330 return;
331 nh = EXTRACT_U_1(cp);
332 return;
333 case IPPROTO_ROUTING:
334 ND_TCHECK_1(cp);
335 advance = rt6_print(ndo, cp, (const u_char *)ip6);
336 if (advance < 0)
337 return;
338 nh = EXTRACT_U_1(cp);
339 break;
340 case IPPROTO_SCTP:
341 sctp_print(ndo, cp, (const u_char *)ip6, len);
342 return;
343 case IPPROTO_DCCP:
344 dccp_print(ndo, cp, (const u_char *)ip6, len);
345 return;
346 case IPPROTO_TCP:
347 tcp_print(ndo, cp, len, (const u_char *)ip6, fragmented);
348 return;
349 case IPPROTO_UDP:
350 udp_print(ndo, cp, len, (const u_char *)ip6, fragmented);
351 return;
352 case IPPROTO_ICMPV6:
353 icmp6_print(ndo, cp, len, (const u_char *)ip6, fragmented);
354 return;
355 case IPPROTO_AH:
356 advance = ah_print(ndo, cp);
357 if (advance < 0)
358 return;
359 nh = EXTRACT_U_1(cp);
360 break;
361 case IPPROTO_ESP:
362 {
363 u_int enh, padlen;
364 advance = esp_print(ndo, cp, len, (const u_char *)ip6, &enh, &padlen);
365 if (advance < 0)
366 return;
367 nh = enh & 0xff;
368 len -= padlen;
369 break;
370 }
371 case IPPROTO_IPCOMP:
372 {
373 ipcomp_print(ndo, cp);
374 /*
375 * Either this has decompressed the payload and
376 * printed it, in which case there's nothing more
377 * to do, or it hasn't, in which case there's
378 * nothing more to do.
379 */
380 advance = -1;
381 break;
382 }
383
384 case IPPROTO_PIM:
385 pim_print(ndo, cp, len, (const u_char *)ip6);
386 return;
387
388 case IPPROTO_OSPF:
389 ospf6_print(ndo, cp, len);
390 return;
391
392 case IPPROTO_IPV6:
393 ip6_print(ndo, cp, len);
394 return;
395
396 case IPPROTO_IPV4:
397 ip_print(ndo, cp, len);
398 return;
399
400 case IPPROTO_PGM:
401 pgm_print(ndo, cp, len, (const u_char *)ip6);
402 return;
403
404 case IPPROTO_GRE:
405 gre_print(ndo, cp, len);
406 return;
407
408 case IPPROTO_RSVP:
409 rsvp_print(ndo, cp, len);
410 return;
411
412 case IPPROTO_EIGRP:
413 eigrp_print(ndo, cp, len);
414 return;
415
416 case IPPROTO_NONE:
417 ND_PRINT((ndo, "no next header"));
418 return;
419
420 default:
421 ND_PRINT((ndo, "ip-proto-%d %d", nh, len));
422 return;
423 }
424 }
425
426 return;
427 trunc:
428 ND_PRINT((ndo, "[|ip6]"));
429 }
[mirror] the TCPdump network dissector