/* \summary: IPv6 routing header printer */
-#ifdef HAVE_CONFIG_H
#include <config.h>
-#endif
#include "netdissect-stdinc.h"
+#define ND_LONGJMP_FROM_TCHECK
#include "netdissect.h"
#include "addrtoname.h"
#include "extract.h"
#include "ip6.h"
+static const struct tok srh_tlv_type[] = {
+ { IPV6_SRH_TLV_PAD1, "Pad1"},
+ { IPV6_SRH_TLV_PADN, "PadN"},
+ { IPV6_SRH_TLV_HMAC, "HMAC"},
+ { 0, NULL }
+};
+
+static int
+srh_tlv_print(netdissect_options *ndo, const u_char *p, u_int bytes_left)
+{
+ u_int tlv_type, tlv_len;
+ while (bytes_left != 0) {
+ tlv_type = GET_U_1(p);
+ ND_PRINT(", TLV-type=%s(%u)",
+ tok2str(srh_tlv_type, "Unknown", tlv_type),
+ tlv_type);
+ ND_ICHECKMSG_U("remaining length", bytes_left, <, 1);
+ p += 1;
+ bytes_left -= 1;
+ if (bytes_left == 0)
+ break;
+ if (tlv_type == IPV6_SRH_TLV_PAD1)
+ continue;
+
+ tlv_len = GET_U_1(p);
+ ND_PRINT(", TLV-len=%u", tlv_len);
+ ND_ICHECKMSG_U("remaining length", bytes_left, <, 1);
+ p += 1;
+ bytes_left -= 1;
+
+ switch (tlv_type) {
+ case IPV6_SRH_TLV_PADN:
+ ND_ICHECKMSG_U("PadN length", tlv_len, >, 5); /* RFC 8754 */
+ ND_ICHECKMSG_U("remaining length", bytes_left, <, tlv_len);
+ ND_TCHECK_LEN(p, tlv_len);
+ p += tlv_len;
+ bytes_left -= tlv_len;
+ break;
+ case IPV6_SRH_TLV_HMAC:
+ ND_ICHECKMSG_U("remaining length", bytes_left, <, 6);
+ uint16_t reserved;
+ uint32_t key_id;
+ uint8_t hmac_byte;
+ reserved = GET_BE_U_2(p);
+ p += 2;
+ if (ndo->ndo_vflag)
+ ND_PRINT(", D=%u", reserved >> 15);
+ if (ndo->ndo_vflag && (reserved & 0x7fff) != 0)
+ ND_PRINT(", reserved MBZ %u", reserved & 0x7fff);
+ key_id = GET_BE_U_4(p);
+ p += 4;
+ if (ndo->ndo_vflag)
+ ND_PRINT(", HMAC-key-ID=0x%02x", key_id);
+ bytes_left -= 6;
+ if (ndo->ndo_vflag)
+ ND_PRINT(", HMAC=0x");
+ for (u_int i = 0; i < tlv_len; i++) {
+ hmac_byte = GET_U_1(p);
+ ND_ICHECKMSG_U("remaining length", bytes_left, <, 1);
+ p += 1;
+ bytes_left -= 1;
+ if (ndo->ndo_vflag)
+ ND_PRINT("%02x", hmac_byte);
+ }
+ break;
+ default: /* Unknown type */
+ if (ndo->ndo_vflag)
+ ND_PRINT(", TLV-value=0x");
+ ND_ICHECKMSG_U("remaining length", bytes_left, <, tlv_len);
+ uint8_t tlv_byte;
+ for (u_int i = 0; i < tlv_len; i++) {
+ tlv_byte = GET_U_1(p);
+ p += 1;
+ bytes_left -= 1;
+ if (ndo->ndo_vflag)
+ ND_PRINT("%02x", tlv_byte);
+ }
+ break;
+ }
+ }
+ return 0;
+
+invalid:
+ return -1;
+}
+
+
int
rt6_print(netdissect_options *ndo, const u_char *bp, const u_char *bp2 _U_)
{
const struct ip6_rthdr *dp;
const struct ip6_rthdr0 *dp0;
const struct ip6_srh *srh;
- u_int i, len, type;
+ u_int i, len, type, seg_list_len, last_entry;
+ int err;
const u_char *p;
ndo->ndo_protocol = "rt6";
}
if (len % 2 == 1) {
- ND_PRINT(" (invalid length %u)", len);
+ ND_PRINT(" [length %u]", len);
goto invalid;
}
len >>= 1;
/*(*/
ND_PRINT(") ");
return((GET_U_1(dp0->ip6r0_len) + 1) << 3);
- break;
case IPV6_RTHDR_TYPE_4:
srh = (const struct ip6_srh *)dp;
- ND_PRINT(", last-entry=%u", GET_U_1(srh->srh_last_ent));
+ last_entry = GET_U_1(srh->srh_last_ent);
+ ND_PRINT(", last-entry=%u", last_entry);
if (GET_U_1(srh->srh_flags) || ndo->ndo_vflag) {
ND_PRINT(", flags=0x%0x",
}
ND_PRINT(", tag=%x", GET_BE_U_2(srh->srh_tag));
-
- if (len % 2 == 1) {
- ND_PRINT(" (invalid length %u)", len);
- goto invalid;
- }
- len >>= 1;
p = (const u_char *) srh->srh_segments;
- for (i = 0; i < len; i++) {
+ for (i = 0; i < last_entry + 1; i++) {
ND_PRINT(", [%u]%s", i, GET_IP6ADDR_STRING(p));
p += 16;
}
+ seg_list_len = (last_entry + 1) * 2;
+ if (seg_list_len < len) {
+ /* there is TLV */
+ u_int bytes_left;
+ bytes_left = (len - seg_list_len) * 8;
+ err = srh_tlv_print(ndo, p, bytes_left);
+ if (err)
+ goto invalid;
+ }
+
/*(*/
ND_PRINT(") ");
return((GET_U_1(srh->srh_len) + 1) << 3);
- break;
default:
ND_PRINT(" (unknown type)");
goto invalid;
projects / tcpdump / blobdiff