* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-#ifndef lint
-static const char rcsid[] _U_ =
- "@(#) $Header: /tcpdump/master/tcpdump/print-ip6.c,v 1.52 2007-09-21 07:05:33 hannes Exp $";
-#endif
+/* \summary: IPv6 printer */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#ifdef INET6
-
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
-#include <stdio.h>
-#include <stdlib.h>
#include <string.h>
#include "netdissect.h"
-#include "interface.h"
#include "addrtoname.h"
#include "extract.h"
#include "ip6.h"
#include "ipproto.h"
+/*
+ * If routing headers are presend and valid, set dst to the final destination.
+ * Otherwise, set it to the IPv6 destination.
+ *
+ * This is used for UDP and TCP pseudo-header in the checksum
+ * calculation.
+ */
+static void
+ip6_finddst(netdissect_options *ndo, struct in6_addr *dst,
+ const struct ip6_hdr *ip6)
+{
+ const u_char *cp;
+ u_int advance;
+ u_int nh;
+ const void *dst_addr;
+ const struct ip6_rthdr *dp;
+ const struct ip6_rthdr0 *dp0;
+ const struct in6_addr *addr;
+ int i, len;
+
+ cp = (const u_char *)ip6;
+ advance = sizeof(struct ip6_hdr);
+ nh = ip6->ip6_nxt;
+ dst_addr = (const void *)&ip6->ip6_dst;
+
+ while (cp < ndo->ndo_snapend) {
+ cp += advance;
+
+ switch (nh) {
+
+ case IPPROTO_HOPOPTS:
+ case IPPROTO_DSTOPTS:
+ case IPPROTO_MOBILITY_OLD:
+ case IPPROTO_MOBILITY:
+ /*
+ * These have a header length byte, following
+ * the next header byte, giving the length of
+ * the header, in units of 8 octets, excluding
+ * the first 8 octets.
+ */
+ ND_TCHECK_2(cp);
+ advance = (EXTRACT_U_1(cp + 1) + 1) << 3;
+ nh = *cp;
+ break;
+
+ case IPPROTO_FRAGMENT:
+ /*
+ * The byte following the next header byte is
+ * marked as reserved, and the header is always
+ * the same size.
+ */
+ ND_TCHECK_1(cp);
+ advance = sizeof(struct ip6_frag);
+ nh = *cp;
+ break;
+
+ case IPPROTO_ROUTING:
+ /*
+ * OK, we found it.
+ */
+ dp = (const struct ip6_rthdr *)cp;
+ ND_TCHECK(*dp);
+ len = dp->ip6r_len;
+ switch (dp->ip6r_type) {
+
+ case IPV6_RTHDR_TYPE_0:
+ case IPV6_RTHDR_TYPE_2: /* Mobile IPv6 ID-20 */
+ dp0 = (const struct ip6_rthdr0 *)dp;
+ if (len % 2 == 1)
+ goto trunc;
+ len >>= 1;
+ addr = &dp0->ip6r0_addr[0];
+ for (i = 0; i < len; i++) {
+ if ((const u_char *)(addr + 1) > ndo->ndo_snapend)
+ goto trunc;
+
+ dst_addr = (const void *)addr;
+ addr++;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ /*
+ * Only one routing header to a customer.
+ */
+ goto done;
+
+ case IPPROTO_AH:
+ case IPPROTO_ESP:
+ case IPPROTO_IPCOMP:
+ default:
+ /*
+ * AH and ESP are, in the RFCs that describe them,
+ * described as being "viewed as an end-to-end
+ * payload" "in the IPv6 context, so that they
+ * "should appear after hop-by-hop, routing, and
+ * fragmentation extension headers". We assume
+ * that's the case, and stop as soon as we see
+ * one. (We can't handle an ESP header in
+ * the general case anyway, as its length depends
+ * on the encryption algorithm.)
+ *
+ * IPComp is also "viewed as an end-to-end
+ * payload" "in the IPv6 context".
+ *
+ * All other protocols are assumed to be the final
+ * protocol.
+ */
+ goto done;
+ }
+ }
+
+done:
+trunc:
+ UNALIGNED_MEMCPY(dst, dst_addr, sizeof(struct in6_addr));
+}
+
/*
* Compute a V6-style checksum by building a pseudoheader.
*/
int
-nextproto6_cksum(const struct ip6_hdr *ip6, const u_short *data,
- u_int len, u_int next_proto)
+nextproto6_cksum(netdissect_options *ndo,
+ const struct ip6_hdr *ip6, const uint8_t *data,
+ u_int len, u_int covlen, u_int next_proto)
{
- size_t i;
- u_int32_t sum = 0;
- union ip6_pseudo_hdr phu;
+ struct {
+ struct in6_addr ph_src;
+ struct in6_addr ph_dst;
+ uint32_t ph_len;
+ uint8_t ph_zero[3];
+ uint8_t ph_nxt;
+ } ph;
+ struct cksum_vec vec[2];
/* pseudo-header */
- memset(&phu, 0, sizeof(phu));
- phu.ph.ph_src = ip6->ip6_src;
- phu.ph.ph_dst = ip6->ip6_dst;
- phu.ph.ph_len = htonl(len);
- phu.ph.ph_nxt = next_proto;
-
- for (i = 0; i < sizeof(phu.pa) / sizeof(phu.pa[0]); i++) {
- sum += phu.pa[i];
- }
+ memset(&ph, 0, sizeof(ph));
+ UNALIGNED_MEMCPY(&ph.ph_src, &ip6->ip6_src, sizeof (struct in6_addr));
+ switch (ip6->ip6_nxt) {
+
+ case IPPROTO_HOPOPTS:
+ case IPPROTO_DSTOPTS:
+ case IPPROTO_MOBILITY_OLD:
+ case IPPROTO_MOBILITY:
+ case IPPROTO_FRAGMENT:
+ case IPPROTO_ROUTING:
+ /*
+ * The next header is either a routing header or a header
+ * after which there might be a routing header, so scan
+ * for a routing header.
+ */
+ ip6_finddst(ndo, &ph.ph_dst, ip6);
+ break;
+
+ default:
+ UNALIGNED_MEMCPY(&ph.ph_dst, &ip6->ip6_dst, sizeof (struct in6_addr));
+ break;
+ }
+ ph.ph_len = htonl(len);
+ ph.ph_nxt = next_proto;
+
+ vec[0].ptr = (const uint8_t *)(void *)&ph;
+ vec[0].len = sizeof(ph);
+ vec[1].ptr = data;
+ vec[1].len = covlen;
- return in_cksum(data, len, sum);
+ return in_cksum(vec, 2);
}
/*
* print an IP6 datagram.
*/
void
-ip6_print(register const u_char *bp, register u_int length)
+ip6_print(netdissect_options *ndo, const u_char *bp, u_int length)
{
register const struct ip6_hdr *ip6;
register int advance;
const u_char *ipend;
register const u_char *cp;
register u_int payload_len;
- int nh;
+ u_int nh;
int fragmented = 0;
u_int flow;
ip6 = (const struct ip6_hdr *)bp;
- TCHECK(*ip6);
+ ND_TCHECK(*ip6);
if (length < sizeof (struct ip6_hdr)) {
- (void)printf("truncated-ip6 %u", length);
+ ND_PRINT((ndo, "truncated-ip6 %u", length));
return;
}
- if (!eflag)
- printf("IP6 ");
+ if (!ndo->ndo_eflag)
+ ND_PRINT((ndo, "IP6 "));
+
+ if (IP6_VERSION(ip6) != 6) {
+ ND_PRINT((ndo,"version error: %u != 6", IP6_VERSION(ip6)));
+ return;
+ }
- payload_len = EXTRACT_16BITS(&ip6->ip6_plen);
+ payload_len = EXTRACT_BE_U_2(&ip6->ip6_plen);
len = payload_len + sizeof(struct ip6_hdr);
if (length < len)
- (void)printf("truncated-ip6 - %u bytes missing!",
- len - length);
+ ND_PRINT((ndo, "truncated-ip6 - %u bytes missing!",
+ len - length));
- if (vflag) {
- flow = EXTRACT_32BITS(&ip6->ip6_flow);
- printf("(");
+ if (ndo->ndo_vflag) {
+ flow = EXTRACT_BE_U_4(&ip6->ip6_flow);
+ ND_PRINT((ndo, "("));
#if 0
/* rfc1883 */
if (flow & 0x0f000000)
- (void)printf("pri 0x%02x, ", (flow & 0x0f000000) >> 24);
+ ND_PRINT((ndo, "pri 0x%02x, ", (flow & 0x0f000000) >> 24));
if (flow & 0x00ffffff)
- (void)printf("flowlabel 0x%06x, ", flow & 0x00ffffff);
+ ND_PRINT((ndo, "flowlabel 0x%06x, ", flow & 0x00ffffff));
#else
/* RFC 2460 */
if (flow & 0x0ff00000)
- (void)printf("class 0x%02x, ", (flow & 0x0ff00000) >> 20);
+ ND_PRINT((ndo, "class 0x%02x, ", (flow & 0x0ff00000) >> 20));
if (flow & 0x000fffff)
- (void)printf("flowlabel 0x%05x, ", flow & 0x000fffff);
+ ND_PRINT((ndo, "flowlabel 0x%05x, ", flow & 0x000fffff));
#endif
- (void)printf("hlim %u, next-header %s (%u) payload length: %u) ",
+ ND_PRINT((ndo, "hlim %u, next-header %s (%u) payload length: %u) ",
ip6->ip6_hlim,
tok2str(ipproto_values,"unknown",ip6->ip6_nxt),
ip6->ip6_nxt,
- payload_len);
+ payload_len));
}
/*
* Cut off the snapshot length to the end of the IP payload.
*/
ipend = bp + len;
- if (ipend < snapend)
- snapend = ipend;
+ if (ipend < ndo->ndo_snapend)
+ ndo->ndo_snapend = ipend;
cp = (const u_char *)ip6;
advance = sizeof(struct ip6_hdr);
nh = ip6->ip6_nxt;
- while (cp < snapend && advance > 0) {
+ while (cp < ndo->ndo_snapend && advance > 0) {
+ if (len < (u_int)advance)
+ goto trunc;
cp += advance;
len -= advance;
if (cp == (const u_char *)(ip6 + 1) &&
nh != IPPROTO_TCP && nh != IPPROTO_UDP &&
nh != IPPROTO_DCCP && nh != IPPROTO_SCTP) {
- (void)printf("%s > %s: ", ip6addr_string(&ip6->ip6_src),
- ip6addr_string(&ip6->ip6_dst));
+ ND_PRINT((ndo, "%s > %s: ", ip6addr_string(ndo, &ip6->ip6_src),
+ ip6addr_string(ndo, &ip6->ip6_dst)));
}
switch (nh) {
case IPPROTO_HOPOPTS:
- advance = hbhopt_print(cp);
- nh = *cp;
+ advance = hbhopt_print(ndo, cp);
+ if (advance < 0)
+ return;
+ nh = EXTRACT_U_1(cp);
break;
case IPPROTO_DSTOPTS:
- advance = dstopt_print(cp);
- nh = *cp;
+ advance = dstopt_print(ndo, cp);
+ if (advance < 0)
+ return;
+ nh = EXTRACT_U_1(cp);
break;
case IPPROTO_FRAGMENT:
- advance = frag6_print(cp, (const u_char *)ip6);
- if (snapend <= cp + advance)
+ advance = frag6_print(ndo, cp, (const u_char *)ip6);
+ if (advance < 0 || ndo->ndo_snapend <= cp + advance)
return;
- nh = *cp;
+ nh = EXTRACT_U_1(cp);
fragmented = 1;
break;
case IPPROTO_MOBILITY_OLD:
case IPPROTO_MOBILITY:
/*
- * XXX - we don't use "advance"; the current
- * "Mobility Support in IPv6" draft
- * (draft-ietf-mobileip-ipv6-24) says that
+ * XXX - we don't use "advance"; RFC 3775 says that
* the next header field in a mobility header
* should be IPPROTO_NONE, but speaks of
* the possiblity of a future extension in
* which payload can be piggybacked atop a
* mobility header.
*/
- advance = mobility_print(cp, (const u_char *)ip6);
- nh = *cp;
+ advance = mobility_print(ndo, cp, (const u_char *)ip6);
+ if (advance < 0)
+ return;
+ nh = EXTRACT_U_1(cp);
return;
case IPPROTO_ROUTING:
- advance = rt6_print(cp, (const u_char *)ip6);
- nh = *cp;
+ ND_TCHECK(*cp);
+ advance = rt6_print(ndo, cp, (const u_char *)ip6);
+ if (advance < 0)
+ return;
+ nh = EXTRACT_U_1(cp);
break;
case IPPROTO_SCTP:
- sctp_print(cp, (const u_char *)ip6, len);
+ sctp_print(ndo, cp, (const u_char *)ip6, len);
return;
case IPPROTO_DCCP:
- dccp_print(cp, (const u_char *)ip6, len);
+ dccp_print(ndo, cp, (const u_char *)ip6, len);
return;
case IPPROTO_TCP:
- tcp_print(cp, len, (const u_char *)ip6, fragmented);
+ tcp_print(ndo, cp, len, (const u_char *)ip6, fragmented);
return;
case IPPROTO_UDP:
- udp_print(cp, len, (const u_char *)ip6, fragmented);
+ udp_print(ndo, cp, len, (const u_char *)ip6, fragmented);
return;
case IPPROTO_ICMPV6:
- icmp6_print(gndo, cp, len, (const u_char *)ip6, fragmented);
+ icmp6_print(ndo, cp, len, (const u_char *)ip6, fragmented);
return;
case IPPROTO_AH:
- advance = ah_print(cp);
- nh = *cp;
+ advance = ah_print(ndo, cp);
+ if (advance < 0)
+ return;
+ nh = EXTRACT_U_1(cp);
break;
case IPPROTO_ESP:
{
- int enh, padlen;
- advance = esp_print(gndo, cp, len, (const u_char *)ip6, &enh, &padlen);
+ u_int enh, padlen;
+ advance = esp_print(ndo, cp, len, (const u_char *)ip6, &enh, &padlen);
+ if (advance < 0)
+ return;
nh = enh & 0xff;
len -= padlen;
break;
}
case IPPROTO_IPCOMP:
{
- int enh;
- advance = ipcomp_print(cp, &enh);
- nh = enh & 0xff;
+ ipcomp_print(ndo, cp);
+ /*
+ * Either this has decompressed the payload and
+ * printed it, in which case there's nothing more
+ * to do, or it hasn't, in which case there's
+ * nothing more to do.
+ */
+ advance = -1;
break;
}
case IPPROTO_PIM:
- pim_print(cp, len, nextproto6_cksum(ip6, (u_short *)cp, len,
- IPPROTO_PIM));
+ pim_print(ndo, cp, len, (const u_char *)ip6);
return;
case IPPROTO_OSPF:
- ospf6_print(cp, len);
+ ospf6_print(ndo, cp, len);
return;
case IPPROTO_IPV6:
- ip6_print(cp, len);
+ ip6_print(ndo, cp, len);
return;
case IPPROTO_IPV4:
- ip_print(gndo, cp, len);
+ ip_print(ndo, cp, len);
return;
case IPPROTO_PGM:
- pgm_print(cp, len, (const u_char *)ip6);
+ pgm_print(ndo, cp, len, (const u_char *)ip6);
return;
case IPPROTO_GRE:
- gre_print(cp, len);
+ gre_print(ndo, cp, len);
return;
case IPPROTO_RSVP:
- rsvp_print(cp, len);
+ rsvp_print(ndo, cp, len);
+ return;
+
+ case IPPROTO_EIGRP:
+ eigrp_print(ndo, cp, len);
return;
case IPPROTO_NONE:
- (void)printf("no next header");
+ ND_PRINT((ndo, "no next header"));
return;
default:
- (void)printf("ip-proto-%d %d", nh, len);
+ ND_PRINT((ndo, "ip-proto-%d %d", nh, len));
return;
}
}
return;
trunc:
- (void)printf("[|ip6]");
+ ND_PRINT((ndo, "[|ip6]"));
}
-
-#endif /* INET6 */
projects / tcpdump / blobdiff