X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/01cd3621f1ded1d0ec5cb55a87bcc3d735d59422..296d466cd6bbf2f7e75e15bb6a01268e88c76ed0:/print-mptcp.c diff --git a/print-mptcp.c b/print-mptcp.c index 8cca477e..79a79ca0 100644 --- a/print-mptcp.c +++ b/print-mptcp.c @@ -36,11 +36,9 @@ /* specification: RFC 6824 */ -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif +#include -#include +#include "netdissect-stdinc.h" #include "netdissect.h" #include "extract.h" @@ -58,20 +56,20 @@ #define MPTCP_SUB_FCLOSE 0x7 struct mptcp_option { - uint8_t kind; - uint8_t len; - uint8_t sub_etc; /* subtype upper 4 bits, other stuff lower 4 bits */ + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub_etc; /* subtype upper 4 bits, other stuff lower 4 bits */ }; #define MPTCP_OPT_SUBTYPE(sub_etc) (((sub_etc) >> 4) & 0xF) struct mp_capable { - uint8_t kind; - uint8_t len; - uint8_t sub_ver; - uint8_t flags; - uint8_t sender_key[8]; - uint8_t receiver_key[8]; + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub_ver; + nd_uint8_t flags; + nd_uint64_t sender_key; + nd_uint64_t receiver_key; }; #define MP_CAPABLE_OPT_VERSION(sub_ver) (((sub_ver) >> 0) & 0xF) @@ -79,21 +77,21 @@ struct mp_capable { #define MP_CAPABLE_S 0x01 struct mp_join { - uint8_t kind; - uint8_t len; - uint8_t sub_b; - uint8_t addr_id; + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub_b; + nd_uint8_t addr_id; union { struct { - uint8_t token[4]; - uint8_t nonce[4]; + nd_uint32_t token; + nd_uint32_t nonce; } syn; struct { - uint8_t mac[8]; - uint8_t nonce[4]; + nd_uint64_t mac; + nd_uint32_t nonce; } synack; struct { - uint8_t mac[20]; + nd_byte mac[20]; } ack; } u; }; @@ -101,10 +99,10 @@ struct mp_join { #define MP_JOIN_B 0x01 struct mp_dss { - uint8_t kind; - uint8_t len; - uint8_t sub; - uint8_t flags; + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub; + nd_uint8_t flags; }; #define MP_DSS_F 0x10 @@ -113,54 +111,70 @@ struct mp_dss { #define MP_DSS_a 0x02 #define MP_DSS_A 0x01 +static const struct tok mptcp_addr_subecho_bits[] = { + { 0x6, "v0-ip6" }, + { 0x4, "v0-ip4" }, + { 0x1, "v1-echo" }, + { 0x0, "v1" }, + { 0, NULL } +}; + struct mp_add_addr { - uint8_t kind; - uint8_t len; - uint8_t sub_ipver; - uint8_t addr_id; + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub_echo; + nd_uint8_t addr_id; union { struct { - uint8_t addr[4]; - uint8_t port[2]; + nd_ipv4 addr; + nd_uint16_t port; + nd_uint64_t mac; } v4; struct { - uint8_t addr[16]; - uint8_t port[2]; + nd_ipv4 addr; + nd_uint64_t mac; + } v4np; + struct { + nd_ipv6 addr; + nd_uint16_t port; + nd_uint64_t mac; } v6; + struct { + nd_ipv6 addr; + nd_uint64_t mac; + } v6np; } u; }; -#define MP_ADD_ADDR_IPVER(sub_ipver) (((sub_ipver) >> 0) & 0xF) - struct mp_remove_addr { - uint8_t kind; - uint8_t len; - uint8_t sub; + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub; /* list of addr_id */ - uint8_t addrs_id; + nd_uint8_t addrs_id[1]; }; struct mp_fail { - uint8_t kind; - uint8_t len; - uint8_t sub; - uint8_t resv; - uint8_t data_seq[8]; + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub; + nd_uint8_t resv; + nd_uint64_t data_seq; }; struct mp_close { - uint8_t kind; - uint8_t len; - uint8_t sub; - uint8_t rsv; - uint8_t key[8]; + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub; + nd_uint8_t rsv; + nd_byte key[8]; }; struct mp_prio { - uint8_t kind; - uint8_t len; - uint8_t sub_b; - uint8_t addr_id; + nd_uint8_t kind; + nd_uint8_t len; + nd_uint8_t sub_b; + nd_uint8_t addr_id; }; #define MP_PRIO_B 0x01 @@ -177,22 +191,32 @@ mp_capable_print(netdissect_options *ndo, const u_char *opt, u_int opt_len, u_char flags) { const struct mp_capable *mpc = (const struct mp_capable *) opt; + uint8_t version; - if (!(opt_len == 12 && (flags & TH_SYN)) && - !(opt_len == 20 && (flags & (TH_SYN | TH_ACK)) == TH_ACK)) + if (!((opt_len == 12 || opt_len == 4) && flags & TH_SYN) && + !((opt_len == 20 || opt_len == 22) && (flags & (TH_SYN | TH_ACK)) == + TH_ACK)) return 0; - if (MP_CAPABLE_OPT_VERSION(mpc->sub_ver) != 0) { - ND_PRINT((ndo, " Unknown Version (%d)", MP_CAPABLE_OPT_VERSION(mpc->sub_ver))); - return 1; + version = MP_CAPABLE_OPT_VERSION(GET_U_1(mpc->sub_ver)); + switch (version) { + case 0: /* fall through */ + case 1: + ND_PRINT(" v%u", version); + break; + default: + ND_PRINT(" Unknown Version (%u)", version); + return 1; } - if (mpc->flags & MP_CAPABLE_C) - ND_PRINT((ndo, " csum")); - ND_PRINT((ndo, " {0x%" PRIx64, EXTRACT_BE_64BITS(mpc->sender_key))); - if (opt_len == 20) /* ACK */ - ND_PRINT((ndo, ",0x%" PRIx64, EXTRACT_BE_64BITS(mpc->receiver_key))); - ND_PRINT((ndo, "}")); + if (GET_U_1(mpc->flags) & MP_CAPABLE_C) + ND_PRINT(" csum"); + if (opt_len == 12 || opt_len >= 20) { + ND_PRINT(" {0x%" PRIx64, GET_BE_U_8(mpc->sender_key)); + if (opt_len >= 20) + ND_PRINT(",0x%" PRIx64, GET_BE_U_8(mpc->receiver_key)); + ND_PRINT("}"); + } return 1; } @@ -208,27 +232,27 @@ mp_join_print(netdissect_options *ndo, return 0; if (opt_len != 24) { - if (mpj->sub_b & MP_JOIN_B) - ND_PRINT((ndo, " backup")); - ND_PRINT((ndo, " id %u", mpj->addr_id)); + if (GET_U_1(mpj->sub_b) & MP_JOIN_B) + ND_PRINT(" backup"); + ND_PRINT(" id %u", GET_U_1(mpj->addr_id)); } switch (opt_len) { case 12: /* SYN */ - ND_PRINT((ndo, " token 0x%x" " nonce 0x%x", - EXTRACT_BE_32BITS(mpj->u.syn.token), - EXTRACT_BE_32BITS(mpj->u.syn.nonce))); + ND_PRINT(" token 0x%x" " nonce 0x%x", + GET_BE_U_4(mpj->u.syn.token), + GET_BE_U_4(mpj->u.syn.nonce)); break; case 16: /* SYN/ACK */ - ND_PRINT((ndo, " hmac 0x%" PRIx64 " nonce 0x%x", - EXTRACT_BE_64BITS(mpj->u.synack.mac), - EXTRACT_BE_32BITS(mpj->u.synack.nonce))); + ND_PRINT(" hmac 0x%" PRIx64 " nonce 0x%x", + GET_BE_U_8(mpj->u.synack.mac), + GET_BE_U_4(mpj->u.synack.nonce)); break; case 24: {/* ACK */ size_t i; - ND_PRINT((ndo, " hmac 0x")); + ND_PRINT(" hmac 0x"); for (i = 0; i < sizeof(mpj->u.ack.mac); ++i) - ND_PRINT((ndo, "%02x", mpj->u.ack.mac[i])); + ND_PRINT("%02x", mpj->u.ack.mac[i]); } default: break; @@ -241,6 +265,7 @@ mp_dss_print(netdissect_options *ndo, const u_char *opt, u_int opt_len, u_char flags) { const struct mp_dss *mdss = (const struct mp_dss *) opt; + uint8_t mdss_flags; /* We need the flags, at a minimum. */ if (opt_len < 4) @@ -249,64 +274,65 @@ mp_dss_print(netdissect_options *ndo, if (flags & TH_SYN) return 0; - if (mdss->flags & MP_DSS_F) - ND_PRINT((ndo, " fin")); + mdss_flags = GET_U_1(mdss->flags); + if (mdss_flags & MP_DSS_F) + ND_PRINT(" fin"); opt += 4; opt_len -= 4; - if (mdss->flags & MP_DSS_A) { + if (mdss_flags & MP_DSS_A) { /* Ack present */ - ND_PRINT((ndo, " ack ")); + ND_PRINT(" ack "); /* * If the a flag is set, we have an 8-byte ack; if it's * clear, we have a 4-byte ack. */ - if (mdss->flags & MP_DSS_a) { + if (mdss_flags & MP_DSS_a) { if (opt_len < 8) return 0; - ND_PRINT((ndo, "%" PRIu64, EXTRACT_BE_64BITS(opt))); + ND_PRINT("%" PRIu64, GET_BE_U_8(opt)); opt += 8; opt_len -= 8; } else { if (opt_len < 4) return 0; - ND_PRINT((ndo, "%u", EXTRACT_BE_32BITS(opt))); + ND_PRINT("%u", GET_BE_U_4(opt)); opt += 4; opt_len -= 4; } } - if (mdss->flags & MP_DSS_M) { + if (mdss_flags & MP_DSS_M) { /* * Data Sequence Number (DSN), Subflow Sequence Number (SSN), * Data-Level Length present, and Checksum possibly present. */ - ND_PRINT((ndo, " seq ")); - /* + ND_PRINT(" seq "); + /* * If the m flag is set, we have an 8-byte NDS; if it's clear, * we have a 4-byte DSN. */ - if (mdss->flags & MP_DSS_m) { + if (mdss_flags & MP_DSS_m) { if (opt_len < 8) return 0; - ND_PRINT((ndo, "%" PRIu64, EXTRACT_BE_64BITS(opt))); + ND_PRINT("%" PRIu64, GET_BE_U_8(opt)); opt += 8; opt_len -= 8; } else { if (opt_len < 4) return 0; - ND_PRINT((ndo, "%u", EXTRACT_BE_32BITS(opt))); + ND_PRINT("%u", GET_BE_U_4(opt)); opt += 4; opt_len -= 4; } if (opt_len < 4) return 0; - ND_PRINT((ndo, " subseq %u", EXTRACT_BE_32BITS(opt))); + ND_PRINT(" subseq %u", GET_BE_U_4(opt)); opt += 4; opt_len -= 4; if (opt_len < 2) return 0; - ND_PRINT((ndo, " len %u", EXTRACT_BE_16BITS(opt))); + ND_PRINT(" len %u", GET_BE_U_2(opt)); opt += 2; opt_len -= 2; @@ -316,7 +342,7 @@ mp_dss_print(netdissect_options *ndo, * bytes as the Checksum. */ if (opt_len >= 2) { - ND_PRINT((ndo, " csum 0x%x", EXTRACT_BE_16BITS(opt))); + ND_PRINT(" csum 0x%x", GET_BE_U_2(opt)); opt_len -= 2; } } @@ -330,26 +356,33 @@ add_addr_print(netdissect_options *ndo, const u_char *opt, u_int opt_len, u_char flags _U_) { const struct mp_add_addr *add_addr = (const struct mp_add_addr *) opt; - u_int ipver = MP_ADD_ADDR_IPVER(add_addr->sub_ipver); - if (!((opt_len == 8 || opt_len == 10) && ipver == 4) && - !((opt_len == 20 || opt_len == 22) && ipver == 6)) + if (!(opt_len == 8 || opt_len == 10 || opt_len == 16 || opt_len == 18 || + opt_len == 20 || opt_len == 22 || opt_len == 28 || opt_len == 30)) return 0; - ND_PRINT((ndo, " id %u", add_addr->addr_id)); - switch (ipver) { - case 4: - ND_PRINT((ndo, " %s", ipaddr_string(ndo, add_addr->u.v4.addr))); - if (opt_len == 10) - ND_PRINT((ndo, ":%u", EXTRACT_BE_16BITS(add_addr->u.v4.port))); - break; - case 6: - ND_PRINT((ndo, " %s", ip6addr_string(ndo, add_addr->u.v6.addr))); - if (opt_len == 22) - ND_PRINT((ndo, ":%u", EXTRACT_BE_16BITS(add_addr->u.v6.port))); - break; - default: - return 0; + ND_PRINT(" %s", + tok2str(mptcp_addr_subecho_bits, "[bad version/echo]", + GET_U_1(add_addr->sub_echo) & 0xF)); + ND_PRINT(" id %u", GET_U_1(add_addr->addr_id)); + if (opt_len == 8 || opt_len == 10 || opt_len == 16 || opt_len == 18) { + ND_PRINT(" %s", GET_IPADDR_STRING(add_addr->u.v4.addr)); + if (opt_len == 10 || opt_len == 18) + ND_PRINT(":%u", GET_BE_U_2(add_addr->u.v4.port)); + if (opt_len == 16) + ND_PRINT(" hmac 0x%" PRIx64, GET_BE_U_8(add_addr->u.v4np.mac)); + if (opt_len == 18) + ND_PRINT(" hmac 0x%" PRIx64, GET_BE_U_8(add_addr->u.v4.mac)); + } + + if (opt_len == 20 || opt_len == 22 || opt_len == 28 || opt_len == 30) { + ND_PRINT(" %s", GET_IP6ADDR_STRING(add_addr->u.v6.addr)); + if (opt_len == 22 || opt_len == 30) + ND_PRINT(":%u", GET_BE_U_2(add_addr->u.v6.port)); + if (opt_len == 28) + ND_PRINT(" hmac 0x%" PRIx64, GET_BE_U_8(add_addr->u.v6np.mac)); + if (opt_len == 30) + ND_PRINT(" hmac 0x%" PRIx64, GET_BE_U_8(add_addr->u.v6.mac)); } return 1; @@ -360,17 +393,15 @@ remove_addr_print(netdissect_options *ndo, const u_char *opt, u_int opt_len, u_char flags _U_) { const struct mp_remove_addr *remove_addr = (const struct mp_remove_addr *) opt; - const uint8_t *addr_id = &remove_addr->addrs_id; + u_int i; if (opt_len < 4) return 0; opt_len -= 3; - ND_PRINT((ndo, " id")); - while (opt_len--) { - ND_PRINT((ndo, " %u", EXTRACT_8BITS(addr_id))); - addr_id++; - } + ND_PRINT(" id"); + for (i = 0; i < opt_len; i++) + ND_PRINT(" %u", GET_U_1(remove_addr->addrs_id[i])); return 1; } @@ -383,12 +414,12 @@ mp_prio_print(netdissect_options *ndo, if (opt_len != 3 && opt_len != 4) return 0; - if (mpp->sub_b & MP_PRIO_B) - ND_PRINT((ndo, " backup")); + if (GET_U_1(mpp->sub_b) & MP_PRIO_B) + ND_PRINT(" backup"); else - ND_PRINT((ndo, " non-backup")); + ND_PRINT(" non-backup"); if (opt_len == 4) - ND_PRINT((ndo, " id %u", mpp->addr_id)); + ND_PRINT(" id %u", GET_U_1(mpp->addr_id)); return 1; } @@ -400,7 +431,7 @@ mp_fail_print(netdissect_options *ndo, if (opt_len != 12) return 0; - ND_PRINT((ndo, " seq %" PRIu64, EXTRACT_BE_64BITS(opt + 4))); + ND_PRINT(" seq %" PRIu64, GET_BE_U_8(opt + 4)); return 1; } @@ -411,7 +442,7 @@ mp_fast_close_print(netdissect_options *ndo, if (opt_len != 12) return 0; - ND_PRINT((ndo, " key 0x%" PRIx64, EXTRACT_BE_64BITS(opt + 4))); + ND_PRINT(" key 0x%" PRIx64, GET_BE_U_8(opt + 4)); return 1; } @@ -419,7 +450,7 @@ static const struct { const char *name; int (*print)(netdissect_options *, const u_char *, u_int, u_char); } mptcp_options[] = { - { "capable", mp_capable_print}, + { "capable", mp_capable_print }, { "join", mp_join_print }, { "dss", mp_dss_print }, { "add-addr", add_addr_print }, @@ -437,12 +468,16 @@ mptcp_print(netdissect_options *ndo, const struct mptcp_option *opt; u_int subtype; + ndo->ndo_protocol = "mptcp"; if (len < 3) return 0; opt = (const struct mptcp_option *) cp; - subtype = min(MPTCP_OPT_SUBTYPE(opt->sub_etc), MPTCP_SUB_FCLOSE + 1); + subtype = MPTCP_OPT_SUBTYPE(GET_U_1(opt->sub_etc)); + subtype = ND_MIN(subtype, MPTCP_SUB_FCLOSE + 1); + + ND_PRINT(" %u", len); - ND_PRINT((ndo, " %s", mptcp_options[subtype].name)); + ND_PRINT(" %s", mptcp_options[subtype].name); return mptcp_options[subtype].print(ndo, cp, len, flags); }