*/
-#ifndef lint
-static const char rcsid[] _U_ =
- "@(#) $Header: /tcpdump/master/tcpdump/print-ospf6.c,v 1.15 2006-09-13 06:31:11 guy Exp $ (LBL)";
-#endif
-
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "extract.h"
#include "ospf.h"
-#include "ospf6.h"
+
+#define OSPF_TYPE_HELLO 1 /* Hello */
+#define OSPF_TYPE_DD 2 /* Database Description */
+#define OSPF_TYPE_LS_REQ 3 /* Link State Request */
+#define OSPF_TYPE_LS_UPDATE 4 /* Link State Update */
+#define OSPF_TYPE_LS_ACK 5 /* Link State Ack */
+
+/* Options *_options */
+#define OSPF6_OPTION_V6 0x01 /* V6 bit: A bit for peeping tom */
+#define OSPF6_OPTION_E 0x02 /* E bit: External routes advertised */
+#define OSPF6_OPTION_MC 0x04 /* MC bit: Multicast capable */
+#define OSPF6_OPTION_N 0x08 /* N bit: For type-7 LSA */
+#define OSPF6_OPTION_R 0x10 /* R bit: Router bit */
+#define OSPF6_OPTION_DC 0x20 /* DC bit: Demand circuits */
+/* The field is actually 24-bit (RFC5340 Section A.2). */
+#define OSPF6_OPTION_AF 0x0100 /* AF bit: Multiple address families */
+#define OSPF6_OPTION_L 0x0200 /* L bit: Link-local signaling (LLS) */
+#define OSPF6_OPTION_AT 0x0400 /* AT bit: Authentication trailer */
+
+
+/* db_flags */
+#define OSPF6_DB_INIT 0x04 /* */
+#define OSPF6_DB_MORE 0x02
+#define OSPF6_DB_MASTER 0x01
+#define OSPF6_DB_M6 0x10 /* IPv6 MTU */
+
+/* ls_type */
+#define LS_TYPE_ROUTER 1 /* router link */
+#define LS_TYPE_NETWORK 2 /* network link */
+#define LS_TYPE_INTER_AP 3 /* Inter-Area-Prefix */
+#define LS_TYPE_INTER_AR 4 /* Inter-Area-Router */
+#define LS_TYPE_ASE 5 /* ASE */
+#define LS_TYPE_GROUP 6 /* Group membership */
+#define LS_TYPE_NSSA 7 /* NSSA */
+#define LS_TYPE_LINK 8 /* Link LSA */
+#define LS_TYPE_INTRA_AP 9 /* Intra-Area-Prefix */
+#define LS_TYPE_INTRA_ATE 10 /* Intra-Area-TE */
+#define LS_TYPE_GRACE 11 /* Grace LSA */
+#define LS_TYPE_RI 12 /* Router information */
+#define LS_TYPE_INTER_ASTE 13 /* Inter-AS-TE */
+#define LS_TYPE_L1VPN 14 /* L1VPN */
+#define LS_TYPE_MASK 0x1fff
+
+#define LS_SCOPE_LINKLOCAL 0x0000
+#define LS_SCOPE_AREA 0x2000
+#define LS_SCOPE_AS 0x4000
+#define LS_SCOPE_MASK 0x6000
+#define LS_SCOPE_U 0x8000
+
+/* rla_link.link_type */
+#define RLA_TYPE_ROUTER 1 /* point-to-point to another router */
+#define RLA_TYPE_TRANSIT 2 /* connection to transit network */
+#define RLA_TYPE_VIRTUAL 4 /* virtual link */
+
+/* rla_flags */
+#define RLA_FLAG_B 0x01
+#define RLA_FLAG_E 0x02
+#define RLA_FLAG_V 0x04
+#define RLA_FLAG_W 0x08
+#define RLA_FLAG_N 0x10
+
+/* lsa_prefix options */
+#define LSA_PREFIX_OPT_NU 0x01
+#define LSA_PREFIX_OPT_LA 0x02
+#define LSA_PREFIX_OPT_MC 0x04
+#define LSA_PREFIX_OPT_P 0x08
+#define LSA_PREFIX_OPT_DN 0x10
+
+/* sla_tosmetric breakdown */
+#define SLA_MASK_TOS 0x7f000000
+#define SLA_MASK_METRIC 0x00ffffff
+#define SLA_SHIFT_TOS 24
+
+/* asla_metric */
+#define ASLA_FLAG_FWDADDR 0x02000000
+#define ASLA_FLAG_ROUTETAG 0x01000000
+#define ASLA_MASK_METRIC 0x00ffffff
+
+/* RFC6506 Section 4.1 */
+#define OSPF6_AT_HDRLEN 16U
+#define OSPF6_AUTH_TYPE_HMAC 0x0001
+
+typedef u_int32_t rtrid_t;
+
+/* link state advertisement header */
+struct lsa6_hdr {
+ u_int16_t ls_age;
+ u_int16_t ls_type;
+ rtrid_t ls_stateid;
+ rtrid_t ls_router;
+ u_int32_t ls_seq;
+ u_int16_t ls_chksum;
+ u_int16_t ls_length;
+};
+
+struct lsa6_prefix {
+ u_int8_t lsa_p_len;
+ u_int8_t lsa_p_opt;
+ u_int16_t lsa_p_metric;
+ u_int8_t lsa_p_prefix[4];
+};
+
+/* link state advertisement */
+struct lsa6 {
+ struct lsa6_hdr ls_hdr;
+
+ /* Link state types */
+ union {
+ /* Router links advertisements */
+ struct {
+ union {
+ u_int8_t flg;
+ u_int32_t opt;
+ } rla_flgandopt;
+#define rla_flags rla_flgandopt.flg
+#define rla_options rla_flgandopt.opt
+ struct rlalink6 {
+ u_int8_t link_type;
+ u_int8_t link_zero[1];
+ u_int16_t link_metric;
+ u_int32_t link_ifid;
+ u_int32_t link_nifid;
+ rtrid_t link_nrtid;
+ } rla_link[1]; /* may repeat */
+ } un_rla;
+
+ /* Network links advertisements */
+ struct {
+ u_int32_t nla_options;
+ rtrid_t nla_router[1]; /* may repeat */
+ } un_nla;
+
+ /* Inter Area Prefix LSA */
+ struct {
+ u_int32_t inter_ap_metric;
+ struct lsa6_prefix inter_ap_prefix[1];
+ } un_inter_ap;
+
+ /* AS external links advertisements */
+ struct {
+ u_int32_t asla_metric;
+ struct lsa6_prefix asla_prefix[1];
+ /* some optional fields follow */
+ } un_asla;
+
+#if 0
+ /* Summary links advertisements */
+ struct {
+ struct in_addr sla_mask;
+ u_int32_t sla_tosmetric[1]; /* may repeat */
+ } un_sla;
+
+ /* Multicast group membership */
+ struct mcla {
+ u_int32_t mcla_vtype;
+ struct in_addr mcla_vid;
+ } un_mcla[1];
+#endif
+
+ /* Type 7 LSA */
+
+ /* Link LSA */
+ struct llsa {
+ union {
+ u_int8_t pri;
+ u_int32_t opt;
+ } llsa_priandopt;
+#define llsa_priority llsa_priandopt.pri
+#define llsa_options llsa_priandopt.opt
+ struct in6_addr llsa_lladdr;
+ u_int32_t llsa_nprefix;
+ struct lsa6_prefix llsa_prefix[1];
+ } un_llsa;
+
+ /* Intra-Area-Prefix */
+ struct {
+ u_int16_t intra_ap_nprefix;
+ u_int16_t intra_ap_lstype;
+ rtrid_t intra_ap_lsid;
+ rtrid_t intra_ap_rtid;
+ struct lsa6_prefix intra_ap_prefix[1];
+ } un_intra_ap;
+ } lsa_un;
+};
+
+/*
+ * the main header
+ */
+struct ospf6hdr {
+ u_int8_t ospf6_version;
+ u_int8_t ospf6_type;
+ u_int16_t ospf6_len;
+ rtrid_t ospf6_routerid;
+ rtrid_t ospf6_areaid;
+ u_int16_t ospf6_chksum;
+ u_int8_t ospf6_instanceid;
+ u_int8_t ospf6_rsvd;
+ union {
+
+ /* Hello packet */
+ struct {
+ u_int32_t hello_ifid;
+ union {
+ u_int8_t pri;
+ u_int32_t opt;
+ } hello_priandopt;
+#define hello_priority hello_priandopt.pri
+#define hello_options hello_priandopt.opt
+ u_int16_t hello_helloint;
+ u_int16_t hello_deadint;
+ rtrid_t hello_dr;
+ rtrid_t hello_bdr;
+ rtrid_t hello_neighbor[1]; /* may repeat */
+ } un_hello;
+
+ /* Database Description packet */
+ struct {
+ u_int32_t db_options;
+ u_int16_t db_mtu;
+ u_int8_t db_mbz;
+ u_int8_t db_flags;
+ u_int32_t db_seq;
+ struct lsa6_hdr db_lshdr[1]; /* may repeat */
+ } un_db;
+
+ /* Link State Request */
+ struct lsr6 {
+ u_int16_t ls_mbz;
+ u_int16_t ls_type;
+ rtrid_t ls_stateid;
+ rtrid_t ls_router;
+ } un_lsr[1]; /* may repeat */
+
+ /* Link State Update */
+ struct {
+ u_int32_t lsu_count;
+ struct lsa6 lsu_lsa[1]; /* may repeat */
+ } un_lsu;
+
+ /* Link State Acknowledgement */
+ struct {
+ struct lsa6_hdr lsa_lshdr[1]; /* may repeat */
+ } un_lsa ;
+ } ospf6_un ;
+};
+
+#define ospf6_hello ospf6_un.un_hello
+#define ospf6_db ospf6_un.un_db
+#define ospf6_lsr ospf6_un.un_lsr
+#define ospf6_lsu ospf6_un.un_lsu
+#define ospf6_lsa ospf6_un.un_lsa
+
+static const char tstr[] = " [|ospf3]";
static const struct tok ospf6_option_values[] = {
{ OSPF6_OPTION_V6, "V6" },
{ OSPF6_OPTION_E, "External" },
- { OSPF6_OPTION_MC, "Multicast" },
+ { OSPF6_OPTION_MC, "Deprecated" },
{ OSPF6_OPTION_N, "NSSA" },
{ OSPF6_OPTION_R, "Router" },
{ OSPF6_OPTION_DC, "Demand Circuit" },
+ { OSPF6_OPTION_AF, "AFs Support" },
+ { OSPF6_OPTION_L, "LLS" },
+ { OSPF6_OPTION_AT, "Authentication Trailer" },
{ 0, NULL }
};
static const struct tok ospf6_asla_flag_values[] = {
{ ASLA_FLAG_EXTERNAL, "External Type 2" },
- { ASLA_FLAG_FWDADDR, "Fforwarding" },
+ { ASLA_FLAG_FWDADDR, "Forwarding" },
{ ASLA_FLAG_ROUTETAG, "Tag" },
{ 0, NULL }
};
-static struct tok ospf6_type_values[] = {
+static const struct tok ospf6_type_values[] = {
{ OSPF_TYPE_HELLO, "Hello" },
{ OSPF_TYPE_DD, "Database Description" },
{ OSPF_TYPE_LS_REQ, "LS-Request" },
{ 0, NULL }
};
-static struct tok ospf6_lsa_values[] = {
+static const struct tok ospf6_lsa_values[] = {
{ LS_TYPE_ROUTER, "Router" },
{ LS_TYPE_NETWORK, "Network" },
{ LS_TYPE_INTER_AP, "Inter-Area Prefix" },
{ LS_TYPE_INTER_AR, "Inter-Area Router" },
{ LS_TYPE_ASE, "External" },
- { LS_TYPE_GROUP, "Multicast Group" },
+ { LS_TYPE_GROUP, "Deprecated" },
{ LS_TYPE_NSSA, "NSSA" },
{ LS_TYPE_LINK, "Link" },
{ LS_TYPE_INTRA_AP, "Intra-Area Prefix" },
{ LS_TYPE_INTRA_ATE, "Intra-Area TE" },
{ LS_TYPE_GRACE, "Grace" },
+ { LS_TYPE_RI, "Router Information" },
+ { LS_TYPE_INTER_ASTE, "Inter-AS-TE" },
+ { LS_TYPE_L1VPN, "Layer 1 VPN" },
{ 0, NULL }
};
-static struct tok ospf6_ls_scope_values[] = {
+static const struct tok ospf6_ls_scope_values[] = {
{ LS_SCOPE_LINKLOCAL, "Link Local" },
{ LS_SCOPE_AREA, "Area Local" },
{ LS_SCOPE_AS, "Domain Wide" },
{ 0, NULL }
};
-static struct tok ospf6_dd_flag_values[] = {
+static const struct tok ospf6_dd_flag_values[] = {
{ OSPF6_DB_INIT, "Init" },
{ OSPF6_DB_MORE, "More" },
{ OSPF6_DB_MASTER, "Master" },
+ { OSPF6_DB_M6, "IPv6 MTU" },
{ 0, NULL }
};
-static struct tok ospf6_lsa_prefix_option_values[] = {
+static const struct tok ospf6_lsa_prefix_option_values[] = {
{ LSA_PREFIX_OPT_NU, "No Unicast" },
{ LSA_PREFIX_OPT_LA, "Local address" },
- { LSA_PREFIX_OPT_MC, "Multicast" },
+ { LSA_PREFIX_OPT_MC, "Deprecated" },
{ LSA_PREFIX_OPT_P, "Propagate" },
{ LSA_PREFIX_OPT_DN, "Down" },
{ 0, NULL }
};
-static char tstr[] = " [|ospf3]";
-
-#ifdef WIN32
-#define inline __inline
-#endif /* WIN32 */
-
-/* Forwards */
-static void ospf6_print_ls_type(u_int, const rtrid_t *);
-static int ospf6_print_lshdr(const struct lsa6_hdr *);
-static int ospf6_print_lsa(const struct lsa6 *);
-static int ospf6_decode_v3(const struct ospf6hdr *, const u_char *);
-
+static const struct tok ospf6_auth_type_str[] = {
+ { OSPF6_AUTH_TYPE_HMAC, "HMAC" },
+ { 0, NULL }
+};
static void
ospf6_print_ls_type(register u_int ls_type, register const rtrid_t *ls_stateid)
}
static int
-ospf6_print_lshdr(register const struct lsa6_hdr *lshp)
+ospf6_print_lshdr(register const struct lsa6_hdr *lshp, const u_char *dataend)
{
-
+ if ((u_char *)(lshp + 1) > dataend)
+ goto trunc;
TCHECK(lshp->ls_type);
TCHECK(lshp->ls_seq);
}
static int
-ospf6_print_lsaprefix(register const struct lsa6_prefix *lsapp)
+ospf6_print_lsaprefix(const u_int8_t *tptr, u_int lsa_length)
{
+ const struct lsa6_prefix *lsapp = (struct lsa6_prefix *)tptr;
u_int wordlen;
struct in6_addr prefix;
- TCHECK(*lsapp);
+ if (lsa_length < sizeof (*lsapp) - 4)
+ goto trunc;
+ lsa_length -= sizeof (*lsapp) - 4;
+ TCHECK2(*lsapp, sizeof (*lsapp) - 4);
wordlen = (lsapp->lsa_p_len + 31) / 32;
if (wordlen * 4 > sizeof(struct in6_addr)) {
printf(" bogus prefixlen /%d", lsapp->lsa_p_len);
goto trunc;
}
+ if (lsa_length < wordlen * 4)
+ goto trunc;
+ lsa_length -= wordlen * 4;
+ TCHECK2(lsapp->lsa_p_prefix, wordlen * 4);
memset(&prefix, 0, sizeof(prefix));
memcpy(&prefix, lsapp->lsa_p_prefix, wordlen * 4);
printf("\n\t\t%s/%d", ip6addr_string(&prefix),
* Print a single link state advertisement. If truncated return 1, else 0.
*/
static int
-ospf6_print_lsa(register const struct lsa6 *lsap)
+ospf6_print_lsa(register const struct lsa6 *lsap, const u_char *dataend)
{
- register const u_char *ls_end, *ls_opt;
register const struct rlalink6 *rlp;
#if 0
register const struct tos_metric *tosp;
register const u_int32_t *lp;
#endif
register u_int prefixes;
- register int bytelen, length, lsa_length;
+ register int bytelen;
+ register u_int length, lsa_length;
u_int32_t flags32;
- u_int8_t *tptr;
+ const u_int8_t *tptr;
- if (ospf6_print_lshdr(&lsap->ls_hdr))
+ if (ospf6_print_lshdr(&lsap->ls_hdr, dataend))
return (1);
TCHECK(lsap->ls_hdr.ls_length);
length = EXTRACT_16BITS(&lsap->ls_hdr.ls_length);
+
+ /*
+ * The LSA length includes the length of the header;
+ * it must have a value that's at least that length.
+ * If it does, find the length of what follows the
+ * header.
+ */
+ if (length < sizeof(struct lsa6_hdr) || (u_char *)lsap + length > dataend)
+ return (1);
lsa_length = length - sizeof(struct lsa6_hdr);
- ls_end = (u_char *)lsap + length;
tptr = (u_int8_t *)lsap+sizeof(struct lsa6_hdr);
switch (EXTRACT_16BITS(&lsap->ls_hdr.ls_type)) {
case LS_TYPE_ROUTER | LS_SCOPE_AREA:
+ if (lsa_length < sizeof (lsap->lsa_un.un_rla.rla_options))
+ return (1);
+ lsa_length -= sizeof (lsap->lsa_un.un_rla.rla_options);
TCHECK(lsap->lsa_un.un_rla.rla_options);
printf("\n\t Options [%s]",
bittok2str(ospf6_option_values, "none",
EXTRACT_32BITS(&lsap->lsa_un.un_rla.rla_options)));
-
- TCHECK(lsap->lsa_un.un_rla.rla_flags);
printf(", RLA-Flags [%s]",
bittok2str(ospf6_rla_flag_values, "none",
lsap->lsa_un.un_rla.rla_flags));
-
- TCHECK(lsap->lsa_un.un_rla.rla_link);
rlp = lsap->lsa_un.un_rla.rla_link;
- while (rlp + 1 <= (struct rlalink6 *)ls_end) {
+ while (lsa_length != 0) {
+ if (lsa_length < sizeof (*rlp))
+ return (1);
+ lsa_length -= sizeof (*rlp);
TCHECK(*rlp);
switch (rlp->link_type) {
"\n\t Neighbor Interface-ID %s, Interface %s",
ipaddr_string(&rlp->link_nrtid),
ipaddr_string(&rlp->link_nifid),
- ipaddr_string(&rlp->link_ifid));
+ ipaddr_string(&rlp->link_ifid));
break;
case RLA_TYPE_ROUTER:
"\n\t Neighbor Interface-ID %s, Interface %s",
ipaddr_string(&rlp->link_nrtid),
ipaddr_string(&rlp->link_nifid),
- ipaddr_string(&rlp->link_ifid));
+ ipaddr_string(&rlp->link_ifid));
break;
case RLA_TYPE_TRANSIT:
break;
case LS_TYPE_NETWORK | LS_SCOPE_AREA:
+ if (lsa_length < sizeof (lsap->lsa_un.un_nla.nla_options))
+ return (1);
+ lsa_length -= sizeof (lsap->lsa_un.un_nla.nla_options);
TCHECK(lsap->lsa_un.un_nla.nla_options);
printf("\n\t Options [%s]",
bittok2str(ospf6_option_values, "none",
EXTRACT_32BITS(&lsap->lsa_un.un_nla.nla_options)));
+
printf("\n\t Connected Routers:");
ap = lsap->lsa_un.un_nla.nla_router;
- while ((u_char *)ap < ls_end) {
+ while (lsa_length != 0) {
+ if (lsa_length < sizeof (*ap))
+ return (1);
+ lsa_length -= sizeof (*ap);
TCHECK(*ap);
printf("\n\t\t%s", ipaddr_string(ap));
++ap;
break;
case LS_TYPE_INTER_AP | LS_SCOPE_AREA:
+ if (lsa_length < sizeof (lsap->lsa_un.un_inter_ap.inter_ap_metric))
+ return (1);
+ lsa_length -= sizeof (lsap->lsa_un.un_inter_ap.inter_ap_metric);
TCHECK(lsap->lsa_un.un_inter_ap.inter_ap_metric);
printf(", metric %u",
EXTRACT_32BITS(&lsap->lsa_un.un_inter_ap.inter_ap_metric) & SLA_MASK_METRIC);
- lsapp = lsap->lsa_un.un_inter_ap.inter_ap_prefix;
- while (lsapp + sizeof(lsapp) <= (struct lsa6_prefix *)ls_end) {
- bytelen = ospf6_print_lsaprefix(lsapp);
- if (bytelen)
+
+ tptr = (u_int8_t *)lsap->lsa_un.un_inter_ap.inter_ap_prefix;
+ while (lsa_length != 0) {
+ bytelen = ospf6_print_lsaprefix(tptr, lsa_length);
+ if (bytelen < 0)
goto trunc;
- lsapp = (struct lsa6_prefix *)(((u_char *)lsapp) + bytelen);
+ lsa_length -= bytelen;
+ tptr += bytelen;
}
break;
- case LS_SCOPE_AS | LS_TYPE_ASE:
+
+ case LS_TYPE_ASE | LS_SCOPE_AS:
+ if (lsa_length < sizeof (lsap->lsa_un.un_asla.asla_metric))
+ return (1);
+ lsa_length -= sizeof (lsap->lsa_un.un_asla.asla_metric);
TCHECK(lsap->lsa_un.un_asla.asla_metric);
flags32 = EXTRACT_32BITS(&lsap->lsa_un.un_asla.asla_metric);
printf("\n\t Flags [%s]",
printf(" metric %u",
EXTRACT_32BITS(&lsap->lsa_un.un_asla.asla_metric) &
ASLA_MASK_METRIC);
- lsapp = lsap->lsa_un.un_asla.asla_prefix;
- bytelen = ospf6_print_lsaprefix(lsapp);
+
+ tptr = (u_int8_t *)lsap->lsa_un.un_asla.asla_prefix;
+ lsapp = (struct lsa6_prefix *)tptr;
+ bytelen = ospf6_print_lsaprefix(tptr, lsa_length);
if (bytelen < 0)
goto trunc;
- if ((ls_opt = (u_char *)(((u_char *)lsapp) + bytelen)) < ls_end) {
- struct in6_addr *fwdaddr6;
-
- if ((flags32 & ASLA_FLAG_FWDADDR) != 0) {
- fwdaddr6 = (struct in6_addr *)ls_opt;
- TCHECK(*fwdaddr6);
- printf(" forward %s",
- ip6addr_string(fwdaddr6));
+ lsa_length -= bytelen;
+ tptr += bytelen;
- ls_opt += sizeof(struct in6_addr);
- }
-
- if ((flags32 & ASLA_FLAG_ROUTETAG) != 0) {
- TCHECK(*(u_int32_t *)ls_opt);
- printf(" tag %s",
- ipaddr_string((u_int32_t *)ls_opt));
+ if ((flags32 & ASLA_FLAG_FWDADDR) != 0) {
+ struct in6_addr *fwdaddr6;
- ls_opt += sizeof(u_int32_t);
- }
+ fwdaddr6 = (struct in6_addr *)tptr;
+ if (lsa_length < sizeof (*fwdaddr6))
+ return (1);
+ lsa_length -= sizeof (*fwdaddr6);
+ TCHECK(*fwdaddr6);
+ printf(" forward %s",
+ ip6addr_string(fwdaddr6));
+ tptr += sizeof(*fwdaddr6);
+ }
- if (lsapp->lsa_p_metric) {
- TCHECK(*(u_int32_t *)ls_opt);
- printf(" RefLSID: %s",
- ipaddr_string((u_int32_t *)ls_opt));
+ if ((flags32 & ASLA_FLAG_ROUTETAG) != 0) {
+ if (lsa_length < sizeof (u_int32_t))
+ return (1);
+ lsa_length -= sizeof (u_int32_t);
+ TCHECK(*(u_int32_t *)tptr);
+ printf(" tag %s",
+ ipaddr_string((u_int32_t *)tptr));
+ tptr += sizeof(u_int32_t);
+ }
- ls_opt += sizeof(u_int32_t);
- }
+ if (lsapp->lsa_p_metric) {
+ if (lsa_length < sizeof (u_int32_t))
+ return (1);
+ lsa_length -= sizeof (u_int32_t);
+ TCHECK(*(u_int32_t *)tptr);
+ printf(" RefLSID: %s",
+ ipaddr_string((u_int32_t *)tptr));
+ tptr += sizeof(u_int32_t);
}
break;
case LS_TYPE_LINK:
/* Link LSA */
llsap = &lsap->lsa_un.un_llsa;
- TCHECK(llsap->llsa_options);
+ if (lsa_length < sizeof (llsap->llsa_priandopt))
+ return (1);
+ lsa_length -= sizeof (llsap->llsa_priandopt);
+ TCHECK(llsap->llsa_priandopt);
printf("\n\t Options [%s]",
bittok2str(ospf6_option_values, "none",
EXTRACT_32BITS(&llsap->llsa_options)));
- TCHECK(llsap->llsa_nprefix);
+
+ if (lsa_length < sizeof (llsap->llsa_lladdr) + sizeof (llsap->llsa_nprefix))
+ return (1);
+ lsa_length -= sizeof (llsap->llsa_lladdr) + sizeof (llsap->llsa_nprefix);
prefixes = EXTRACT_32BITS(&llsap->llsa_nprefix);
printf("\n\t Priority %d, Link-local address %s, Prefixes %d:",
llsap->llsa_priority,
prefixes);
tptr = (u_int8_t *)llsap->llsa_prefix;
- while (prefixes > 0) {
- lsapp = (struct lsa6_prefix *)tptr;
- if ((bytelen = ospf6_print_lsaprefix(lsapp)) == -1) {
- goto trunc;
- }
- prefixes--;
- tptr += bytelen;
- }
+ while (prefixes > 0) {
+ bytelen = ospf6_print_lsaprefix(tptr, lsa_length);
+ if (bytelen < 0)
+ goto trunc;
+ prefixes--;
+ lsa_length -= bytelen;
+ tptr += bytelen;
+ }
break;
case LS_TYPE_INTRA_AP | LS_SCOPE_AREA:
/* Intra-Area-Prefix LSA */
+ if (lsa_length < sizeof (lsap->lsa_un.un_intra_ap.intra_ap_rtid))
+ return (1);
+ lsa_length -= sizeof (lsap->lsa_un.un_intra_ap.intra_ap_rtid);
TCHECK(lsap->lsa_un.un_intra_ap.intra_ap_rtid);
ospf6_print_ls_type(
EXTRACT_16BITS(&lsap->lsa_un.un_intra_ap.intra_ap_lstype),
&lsap->lsa_un.un_intra_ap.intra_ap_lsid);
+
+ if (lsa_length < sizeof (lsap->lsa_un.un_intra_ap.intra_ap_nprefix))
+ return (1);
+ lsa_length -= sizeof (lsap->lsa_un.un_intra_ap.intra_ap_nprefix);
TCHECK(lsap->lsa_un.un_intra_ap.intra_ap_nprefix);
prefixes = EXTRACT_16BITS(&lsap->lsa_un.un_intra_ap.intra_ap_nprefix);
printf("\n\t Prefixes %d:", prefixes);
- tptr = (u_int8_t *)lsap->lsa_un.un_intra_ap.intra_ap_prefix;
-
- while (prefixes > 0) {
- lsapp = (struct lsa6_prefix *)tptr;
- if ((bytelen = ospf6_print_lsaprefix(lsapp)) == -1) {
- goto trunc;
- }
- prefixes--;
- tptr += bytelen;
- }
+ tptr = (u_int8_t *)lsap->lsa_un.un_intra_ap.intra_ap_prefix;
+ while (prefixes > 0) {
+ bytelen = ospf6_print_lsaprefix(tptr, lsa_length);
+ if (bytelen < 0)
+ goto trunc;
+ prefixes--;
+ lsa_length -= bytelen;
+ tptr += bytelen;
+ }
break;
case LS_TYPE_GRACE | LS_SCOPE_LINKLOCAL:
if (ospf_print_grace_lsa(tptr, lsa_length) == -1) {
return 1;
}
-
- break;
+ break;
case LS_TYPE_INTRA_ATE | LS_SCOPE_LINKLOCAL:
- if (ospf_print_te_lsa(tptr, lsa_length) == -1) {
- return 1;
- }
- break;
+ if (ospf_print_te_lsa(tptr, lsa_length) == -1) {
+ return 1;
+ }
+ break;
default:
- if(!print_unknown_data(tptr,
- "\n\t ",
- lsa_length)) {
- return (1);
- }
+ if(!print_unknown_data(gndo,tptr,
+ "\n\t ",
+ lsa_length)) {
+ return (1);
+ }
+ break;
}
return (0);
if (op->ospf6_hello.hello_bdr != 0)
printf(", Backup Designated Router %s",
ipaddr_string(&op->ospf6_hello.hello_bdr));
- if (vflag) {
+ if (vflag > 1) {
printf("\n\t Neighbor List:");
ap = op->ospf6_hello.hello_neighbor;
while ((u_char *)ap < dataend) {
printf(", MTU %u, DD-Sequence 0x%08x",
EXTRACT_16BITS(&op->ospf6_db.db_mtu),
EXTRACT_32BITS(&op->ospf6_db.db_seq));
-
- /* Print all the LS adv's */
- lshp = op->ospf6_db.db_lshdr;
- while (!ospf6_print_lshdr(lshp)) {
- ++lshp;
- }
+ if (vflag > 1) {
+ /* Print all the LS adv's */
+ lshp = op->ospf6_db.db_lshdr;
+ while ((u_char *)lshp < dataend) {
+ if (ospf6_print_lshdr(lshp++, dataend))
+ goto trunc;
+ }
+ }
break;
case OSPF_TYPE_LS_REQ:
- if (vflag) {
+ if (vflag > 1) {
lsrp = op->ospf6_lsr;
while ((u_char *)lsrp < dataend) {
TCHECK(*lsrp);
break;
case OSPF_TYPE_LS_UPDATE:
- if (vflag) {
+ if (vflag > 1) {
lsap = op->ospf6_lsu.lsu_lsa;
TCHECK(op->ospf6_lsu.lsu_count);
i = EXTRACT_32BITS(&op->ospf6_lsu.lsu_count);
- while (i--) {
- if (ospf6_print_lsa(lsap))
+ while ((u_char *)lsap < dataend && i--) {
+ if (ospf6_print_lsa(lsap, dataend))
goto trunc;
lsap = (struct lsa6 *)((u_char *)lsap +
EXTRACT_16BITS(&lsap->ls_hdr.ls_length));
case OSPF_TYPE_LS_ACK:
- if (vflag) {
+ if (vflag > 1) {
lshp = op->ospf6_lsa.lsa_lshdr;
-
- while (!ospf6_print_lshdr(lshp)) {
- ++lshp;
+ while ((u_char *)lshp < dataend) {
+ if (ospf6_print_lshdr(lshp++, dataend))
+ goto trunc;
}
}
break;
return (1);
}
+/* RFC5613 Section 2.2 (w/o the TLVs) */
+static int
+ospf6_print_lls(const u_char *cp, const u_int len)
+{
+ uint16_t llsdatalen;
+
+ if (len == 0)
+ return 0;
+ if (len < OSPF_LLS_HDRLEN)
+ goto trunc;
+ /* Checksum */
+ TCHECK2(*cp, 2);
+ printf("\n\tLLS Checksum 0x%04x", EXTRACT_16BITS(cp));
+ cp += 2;
+ /* LLS Data Length */
+ TCHECK2(*cp, 2);
+ llsdatalen = EXTRACT_16BITS(cp);
+ printf(", Data Length %u", llsdatalen);
+ if (llsdatalen < OSPF_LLS_HDRLEN || llsdatalen > len)
+ goto trunc;
+ cp += 2;
+ /* LLS TLVs */
+ TCHECK2(*cp, llsdatalen - OSPF_LLS_HDRLEN);
+ /* FIXME: code in print-ospf.c can be reused to decode the TLVs */
+
+ return llsdatalen;
+trunc:
+ return -1;
+}
+
+/* RFC6506 Section 4.1 */
+static int
+ospf6_decode_at(const u_char *cp, const u_int len)
+{
+ uint16_t authdatalen;
+
+ if (len == 0)
+ return 0;
+ if (len < OSPF6_AT_HDRLEN)
+ goto trunc;
+ /* Authentication Type */
+ TCHECK2(*cp, 2);
+ printf("\n\tAuthentication Type %s", tok2str(ospf6_auth_type_str, "unknown (0x%04x)", EXTRACT_16BITS(cp)));
+ cp += 2;
+ /* Auth Data Len */
+ TCHECK2(*cp, 2);
+ authdatalen = EXTRACT_16BITS(cp);
+ printf(", Length %u", authdatalen);
+ if (authdatalen < OSPF6_AT_HDRLEN || authdatalen > len)
+ goto trunc;
+ cp += 2;
+ /* Reserved */
+ TCHECK2(*cp, 2);
+ cp += 2;
+ /* Security Association ID */
+ TCHECK2(*cp, 2);
+ printf(", SAID %u", EXTRACT_16BITS(cp));
+ cp += 2;
+ /* Cryptographic Sequence Number (High-Order 32 Bits) */
+ TCHECK2(*cp, 4);
+ printf(", CSN 0x%08x", EXTRACT_32BITS(cp));
+ cp += 4;
+ /* Cryptographic Sequence Number (Low-Order 32 Bits) */
+ TCHECK2(*cp, 4);
+ printf(":%08x", EXTRACT_32BITS(cp));
+ cp += 4;
+ /* Authentication Data */
+ TCHECK2(*cp, authdatalen - OSPF6_AT_HDRLEN);
+ if (vflag > 1)
+ print_unknown_data(gndo,cp, "\n\tAuthentication Data ", authdatalen - OSPF6_AT_HDRLEN);
+ return 0;
+
+trunc:
+ return 1;
+}
+
+/* The trailing data may include LLS and/or AT data (in this specific order).
+ * LLS data may be present only in Hello and DBDesc packets with the L-bit set.
+ * AT data may be present in Hello and DBDesc packets with the AT-bit set or in
+ * any other packet type, thus decode the AT data regardless of the AT-bit.
+ */
+static int
+ospf6_decode_v3_trailer(const struct ospf6hdr *op, const u_char *cp, const unsigned len)
+{
+ int llslen = 0;
+ u_char lls_hello = op->ospf6_type == OSPF_TYPE_HELLO &&
+ op->ospf6_hello.hello_options & OSPF6_OPTION_L;
+ u_char lls_dd = op->ospf6_type == OSPF_TYPE_DD &&
+ op->ospf6_db.db_options & OSPF6_OPTION_L;
+
+ if ((lls_hello || lls_dd) && (llslen = ospf6_print_lls(cp, len)) < 0)
+ goto trunc;
+ return ospf6_decode_at(cp + llslen, len - llslen);
+
+trunc:
+ return 1;
+}
+
void
ospf6_print(register const u_char *bp, register u_int length)
{
register const struct ospf6hdr *op;
register const u_char *dataend;
register const char *cp;
+ uint16_t datalen;
op = (struct ospf6hdr *)bp;
/* If the type is valid translate it, or just print the type */
/* value. If it's not valid, say so and return */
TCHECK(op->ospf6_type);
- cp = tok2str(ospf6_type_values, "unknown LS-type", op->ospf6_type);
+ cp = tok2str(ospf6_type_values, "unknown packet type (%u)", op->ospf6_type);
printf("OSPFv%u, %s, length %d", op->ospf6_version, cp, length);
if (*cp == 'u') {
return;
return;
}
+ /* OSPFv3 data always comes first and optional trailing data may follow. */
TCHECK(op->ospf6_len);
- if (length != EXTRACT_16BITS(&op->ospf6_len)) {
- printf(" [len %d]", EXTRACT_16BITS(&op->ospf6_len));
+ datalen = EXTRACT_16BITS(&op->ospf6_len);
+ if (datalen > length) {
+ printf(" [len %d]", datalen);
return;
}
- dataend = bp + length;
+ dataend = bp + datalen;
- /* Print the routerid if it is not the same as the source */
TCHECK(op->ospf6_routerid);
printf("\n\tRouter-ID %s", ipaddr_string(&op->ospf6_routerid));
case 3:
/* ospf version 3 */
- if (ospf6_decode_v3(op, dataend))
+ if (ospf6_decode_v3(op, dataend) ||
+ ospf6_decode_v3_trailer(op, dataend, length - datalen))
goto trunc;
break;
-
- default:
- printf(" ospf [version %d]", op->ospf6_version);
- break;
} /* end switch on version */
return;
projects / tcpdump / blobdiff