* SUCH DAMAGE.
*/
-#define NETDISSECT_REWORKED
+/* \summary: IPv6 mobility printer */
+/* RFC 3775 */
+
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#ifdef INET6
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
-#include "ip6.h"
-#include "interface.h"
+#include "netdissect.h"
#include "addrtoname.h"
-#include "extract.h" /* must come after interface.h */
+#include "extract.h"
+
+#include "ip6.h"
+
+static const char tstr[] = "[|MOBILITY]";
/* Mobility header */
struct ip6_mobility {
uint16_t ip6m_cksum; /* sum of IPv6 pseudo-header and MH */
union {
uint16_t ip6m_un_data16[1]; /* type-specific field */
- uint8_t ip6m_un_data8[2]; /* type-specific fiedl */
+ uint8_t ip6m_un_data8[2]; /* type-specific field */
} ip6m_dataun;
};
#define IP6M_BINDING_UPDATE 5 /* Binding Update */
#define IP6M_BINDING_ACK 6 /* Binding Acknowledgement */
#define IP6M_BINDING_ERROR 7 /* Binding Error */
+#define IP6M_MAX 7
+
+static const struct tok ip6m_str[] = {
+ { IP6M_BINDING_REQUEST, "BRR" },
+ { IP6M_HOME_TEST_INIT, "HoTI" },
+ { IP6M_CAREOF_TEST_INIT, "CoTI" },
+ { IP6M_HOME_TEST, "HoT" },
+ { IP6M_CAREOF_TEST, "CoT" },
+ { IP6M_BINDING_UPDATE, "BU" },
+ { IP6M_BINDING_ACK, "BA" },
+ { IP6M_BINDING_ERROR, "BE" },
+ { 0, NULL }
+};
-/* XXX: unused */
-#define IP6MOPT_BU_MINLEN 10
-#define IP6MOPT_BA_MINLEN 13
-#define IP6MOPT_BR_MINLEN 2
+static const unsigned ip6m_hdrlen[IP6M_MAX + 1] = {
+ IP6M_MINLEN, /* IP6M_BINDING_REQUEST */
+ IP6M_MINLEN + 8, /* IP6M_HOME_TEST_INIT */
+ IP6M_MINLEN + 8, /* IP6M_CAREOF_TEST_INIT */
+ IP6M_MINLEN + 16, /* IP6M_HOME_TEST */
+ IP6M_MINLEN + 16, /* IP6M_CAREOF_TEST */
+ IP6M_MINLEN + 4, /* IP6M_BINDING_UPDATE */
+ IP6M_MINLEN + 4, /* IP6M_BINDING_ACK */
+ IP6M_MINLEN + 16, /* IP6M_BINDING_ERROR */
+};
/* Mobility Header Options */
#define IP6MOPT_MINLEN 2
#define IP6MOPT_AUTH 0x5 /* Binding Authorization Data */
#define IP6MOPT_AUTH_MINLEN 12
-static void
+static int
mobility_opt_print(netdissect_options *ndo,
const u_char *bp, const unsigned len)
{
unsigned i, optlen;
for (i = 0; i < len; i += optlen) {
+ ND_TCHECK(bp[i]);
if (bp[i] == IP6MOPT_PAD1)
optlen = 1;
else {
- if (i + 1 < len)
+ if (i + 1 < len) {
+ ND_TCHECK(bp[i + 1]);
optlen = bp[i + 1] + 2;
+ }
else
goto trunc;
}
if (i + optlen > len)
goto trunc;
+ ND_TCHECK(bp[i + optlen]);
switch (bp[i]) {
case IP6MOPT_PAD1:
goto trunc;
}
/* units of 4 secs */
+ ND_TCHECK_2(bp + i + 2);
ND_PRINT((ndo, "(refresh: %u)",
- EXTRACT_16BITS(&bp[i+2]) << 2));
+ EXTRACT_BE_U_2(bp + i + 2) << 2));
break;
case IP6MOPT_ALTCOA:
if (len - i < IP6MOPT_ALTCOA_MINLEN) {
ND_PRINT((ndo, "(altcoa: trunc)"));
goto trunc;
}
- ND_PRINT((ndo, "(alt-CoA: %s)", ip6addr_string(ndo, &bp[i+2])));
+ ND_TCHECK_16(bp + i + 2);
+ ND_PRINT((ndo, "(alt-CoA: %s)", ip6addr_string(ndo, bp + i + 2)));
break;
case IP6MOPT_NONCEID:
if (len - i < IP6MOPT_NONCEID_MINLEN) {
ND_PRINT((ndo, "(ni: trunc)"));
goto trunc;
}
+ ND_TCHECK_2(bp + i + 2);
+ ND_TCHECK_2(bp + i + 4);
ND_PRINT((ndo, "(ni: ho=0x%04x co=0x%04x)",
- EXTRACT_16BITS(&bp[i+2]),
- EXTRACT_16BITS(&bp[i+4])));
+ EXTRACT_BE_U_2(bp + i + 2),
+ EXTRACT_BE_U_2(bp + i + 4)));
break;
case IP6MOPT_AUTH:
if (len - i < IP6MOPT_AUTH_MINLEN) {
break;
default:
if (len - i < IP6MOPT_MINLEN) {
- ND_PRINT((ndo, "(sopt_type %u: trunc)", bp[i]));
+ ND_PRINT((ndo, "(sopt_type %u: trunc)", EXTRACT_U_1(bp + i)));
goto trunc;
}
- ND_PRINT((ndo, "(type-0x%02x: len=%u)", bp[i], bp[i + 1]));
+ ND_PRINT((ndo, "(type-0x%02x: len=%u)", EXTRACT_U_1(bp + i), EXTRACT_U_1(bp + i + 1)));
break;
}
}
- return;
+ return 0;
trunc:
- ND_PRINT((ndo, "[trunc] "));
+ return 1;
}
/*
unsigned mhlen, hlen;
uint8_t type;
- mh = (struct ip6_mobility *)bp;
+ mh = (const struct ip6_mobility *)bp;
/* 'ep' points to the end of available data. */
ep = ndo->ndo_snapend;
ND_TCHECK(mh->ip6m_type);
type = mh->ip6m_type;
+ if (type <= IP6M_MAX && mhlen < ip6m_hdrlen[type]) {
+ ND_PRINT((ndo, "(header length %u is too small for type %u)", mhlen, type));
+ goto trunc;
+ }
+ ND_PRINT((ndo, "mobility: %s", tok2str(ip6m_str, "type-#%u", type)));
switch (type) {
case IP6M_BINDING_REQUEST:
- ND_PRINT((ndo, "mobility: BRR"));
hlen = IP6M_MINLEN;
break;
case IP6M_HOME_TEST_INIT:
case IP6M_CAREOF_TEST_INIT:
- ND_PRINT((ndo, "mobility: %soTI",
- type == IP6M_HOME_TEST_INIT ? "H" : "C"));
hlen = IP6M_MINLEN;
- if (ndo->ndo_vflag) {
- ND_TCHECK2(*mh, hlen + 8);
+ if (ndo->ndo_vflag) {
+ ND_TCHECK_4(bp + hlen + 4);
ND_PRINT((ndo, " %s Init Cookie=%08x:%08x",
type == IP6M_HOME_TEST_INIT ? "Home" : "Care-of",
- EXTRACT_32BITS(&bp[hlen]),
- EXTRACT_32BITS(&bp[hlen + 4])));
+ EXTRACT_BE_U_4(bp + hlen),
+ EXTRACT_BE_U_4(bp + hlen + 4)));
}
hlen += 8;
break;
case IP6M_HOME_TEST:
case IP6M_CAREOF_TEST:
- ND_PRINT((ndo, "mobility: %soT",
- type == IP6M_HOME_TEST ? "H" : "C"));
ND_TCHECK(mh->ip6m_data16[0]);
- ND_PRINT((ndo, " nonce id=0x%x", EXTRACT_16BITS(&mh->ip6m_data16[0])));
+ ND_PRINT((ndo, " nonce id=0x%x", EXTRACT_BE_U_2(&mh->ip6m_data16[0])));
hlen = IP6M_MINLEN;
- if (ndo->ndo_vflag) {
- ND_TCHECK2(*mh, hlen + 8);
+ if (ndo->ndo_vflag) {
+ ND_TCHECK_4(bp + hlen + 4);
ND_PRINT((ndo, " %s Init Cookie=%08x:%08x",
type == IP6M_HOME_TEST ? "Home" : "Care-of",
- EXTRACT_32BITS(&bp[hlen]),
- EXTRACT_32BITS(&bp[hlen + 4])));
+ EXTRACT_BE_U_4(bp + hlen),
+ EXTRACT_BE_U_4(bp + hlen + 4)));
}
hlen += 8;
- if (ndo->ndo_vflag) {
- ND_TCHECK2(*mh, hlen + 8);
+ if (ndo->ndo_vflag) {
+ ND_TCHECK_4(bp + hlen + 4);
ND_PRINT((ndo, " %s Keygen Token=%08x:%08x",
type == IP6M_HOME_TEST ? "Home" : "Care-of",
- EXTRACT_32BITS(&bp[hlen]),
- EXTRACT_32BITS(&bp[hlen + 4])));
+ EXTRACT_BE_U_4(bp + hlen),
+ EXTRACT_BE_U_4(bp + hlen + 4)));
}
hlen += 8;
break;
case IP6M_BINDING_UPDATE:
- ND_PRINT((ndo, "mobility: BU"));
ND_TCHECK(mh->ip6m_data16[0]);
- ND_PRINT((ndo, " seq#=%u", EXTRACT_16BITS(&mh->ip6m_data16[0])));
+ ND_PRINT((ndo, " seq#=%u", EXTRACT_BE_U_2(&mh->ip6m_data16[0])));
hlen = IP6M_MINLEN;
- ND_TCHECK2(*mh, hlen + 1);
- if (bp[hlen] & 0xf0)
+ ND_TCHECK_2(bp + hlen);
+ if (bp[hlen] & 0xf0) {
ND_PRINT((ndo, " "));
- if (bp[hlen] & 0x80)
- ND_PRINT((ndo, "A"));
- if (bp[hlen] & 0x40)
- ND_PRINT((ndo, "H"));
- if (bp[hlen] & 0x20)
- ND_PRINT((ndo, "L"));
- if (bp[hlen] & 0x10)
- ND_PRINT((ndo, "K"));
+ if (bp[hlen] & 0x80)
+ ND_PRINT((ndo, "A"));
+ if (bp[hlen] & 0x40)
+ ND_PRINT((ndo, "H"));
+ if (bp[hlen] & 0x20)
+ ND_PRINT((ndo, "L"));
+ if (bp[hlen] & 0x10)
+ ND_PRINT((ndo, "K"));
+ }
/* Reserved (4bits) */
hlen += 1;
/* Reserved (8bits) */
hlen += 1;
- ND_TCHECK2(*mh, hlen + 2);
+ ND_TCHECK_2(bp + hlen);
/* units of 4 secs */
- ND_PRINT((ndo, " lifetime=%u", EXTRACT_16BITS(&bp[hlen]) << 2));
+ ND_PRINT((ndo, " lifetime=%u", EXTRACT_BE_U_2(bp + hlen) << 2));
hlen += 2;
break;
case IP6M_BINDING_ACK:
- ND_PRINT((ndo, "mobility: BA"));
ND_TCHECK(mh->ip6m_data8[0]);
ND_PRINT((ndo, " status=%u", mh->ip6m_data8[0]));
+ ND_TCHECK(mh->ip6m_data8[1]);
if (mh->ip6m_data8[1] & 0x80)
ND_PRINT((ndo, " K"));
/* Reserved (7bits) */
hlen = IP6M_MINLEN;
- ND_TCHECK2(*mh, hlen + 2);
- ND_PRINT((ndo, " seq#=%u", EXTRACT_16BITS(&bp[hlen])));
+ ND_TCHECK_2(bp + hlen);
+ ND_PRINT((ndo, " seq#=%u", EXTRACT_BE_U_2(bp + hlen)));
hlen += 2;
- ND_TCHECK2(*mh, hlen + 2);
+ ND_TCHECK_2(bp + hlen);
/* units of 4 secs */
- ND_PRINT((ndo, " lifetime=%u", EXTRACT_16BITS(&bp[hlen]) << 2));
+ ND_PRINT((ndo, " lifetime=%u", EXTRACT_BE_U_2(bp + hlen) << 2));
hlen += 2;
break;
case IP6M_BINDING_ERROR:
- ND_PRINT((ndo, "mobility: BE"));
ND_TCHECK(mh->ip6m_data8[0]);
ND_PRINT((ndo, " status=%u", mh->ip6m_data8[0]));
/* Reserved */
hlen = IP6M_MINLEN;
- ND_TCHECK2(*mh, hlen + 16);
- ND_PRINT((ndo, " homeaddr %s", ip6addr_string(ndo, &bp[hlen])));
+ ND_TCHECK_16(bp + hlen);
+ ND_PRINT((ndo, " homeaddr %s", ip6addr_string(ndo, bp + hlen)));
hlen += 16;
break;
default:
- ND_PRINT((ndo, "mobility: type-#%u len=%u", type, mh->ip6m_len));
+ ND_PRINT((ndo, " len=%u", mh->ip6m_len));
return(mhlen);
break;
}
- if (ndo->ndo_vflag)
- mobility_opt_print(ndo, &bp[hlen], mhlen - hlen);
+ if (ndo->ndo_vflag)
+ if (mobility_opt_print(ndo, &bp[hlen], mhlen - hlen))
+ goto trunc;
return(mhlen);
trunc:
- ND_PRINT((ndo, "[|MOBILITY]"));
- return(mhlen);
+ ND_PRINT((ndo, "%s", tstr));
+ return(-1);
}
-#endif /* INET6 */
projects / tcpdump / blobdiff