X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/0c0fca776b174b66460c3f8430b56e663abc4221..HEAD:/print-rt6.c?ds=sidebyside diff --git a/print-rt6.c b/print-rt6.c index 096a9628..edbcd96d 100644 --- a/print-rt6.c +++ b/print-rt6.c @@ -21,25 +21,112 @@ /* \summary: IPv6 routing header printer */ -#ifdef HAVE_CONFIG_H #include -#endif #include "netdissect-stdinc.h" +#define ND_LONGJMP_FROM_TCHECK #include "netdissect.h" #include "addrtoname.h" #include "extract.h" #include "ip6.h" +static const struct tok srh_tlv_type[] = { + { IPV6_SRH_TLV_PAD1, "Pad1"}, + { IPV6_SRH_TLV_PADN, "PadN"}, + { IPV6_SRH_TLV_HMAC, "HMAC"}, + { 0, NULL } +}; + +static int +srh_tlv_print(netdissect_options *ndo, const u_char *p, u_int bytes_left) +{ + u_int tlv_type, tlv_len; + while (bytes_left != 0) { + tlv_type = GET_U_1(p); + ND_PRINT(", TLV-type=%s(%u)", + tok2str(srh_tlv_type, "Unknown", tlv_type), + tlv_type); + ND_ICHECKMSG_U("remaining length", bytes_left, <, 1); + p += 1; + bytes_left -= 1; + if (bytes_left == 0) + break; + if (tlv_type == IPV6_SRH_TLV_PAD1) + continue; + + tlv_len = GET_U_1(p); + ND_PRINT(", TLV-len=%u", tlv_len); + ND_ICHECKMSG_U("remaining length", bytes_left, <, 1); + p += 1; + bytes_left -= 1; + + switch (tlv_type) { + case IPV6_SRH_TLV_PADN: + ND_ICHECKMSG_U("PadN length", tlv_len, >, 5); /* RFC 8754 */ + ND_ICHECKMSG_U("remaining length", bytes_left, <, tlv_len); + ND_TCHECK_LEN(p, tlv_len); + p += tlv_len; + bytes_left -= tlv_len; + break; + case IPV6_SRH_TLV_HMAC: + ND_ICHECKMSG_U("remaining length", bytes_left, <, 6); + uint16_t reserved; + uint32_t key_id; + uint8_t hmac_byte; + reserved = GET_BE_U_2(p); + p += 2; + if (ndo->ndo_vflag) + ND_PRINT(", D=%u", reserved >> 15); + if (ndo->ndo_vflag && (reserved & 0x7fff) != 0) + ND_PRINT(", reserved MBZ %u", reserved & 0x7fff); + key_id = GET_BE_U_4(p); + p += 4; + if (ndo->ndo_vflag) + ND_PRINT(", HMAC-key-ID=0x%02x", key_id); + bytes_left -= 6; + if (ndo->ndo_vflag) + ND_PRINT(", HMAC=0x"); + for (u_int i = 0; i < tlv_len; i++) { + hmac_byte = GET_U_1(p); + ND_ICHECKMSG_U("remaining length", bytes_left, <, 1); + p += 1; + bytes_left -= 1; + if (ndo->ndo_vflag) + ND_PRINT("%02x", hmac_byte); + } + break; + default: /* Unknown type */ + if (ndo->ndo_vflag) + ND_PRINT(", TLV-value=0x"); + ND_ICHECKMSG_U("remaining length", bytes_left, <, tlv_len); + uint8_t tlv_byte; + for (u_int i = 0; i < tlv_len; i++) { + tlv_byte = GET_U_1(p); + p += 1; + bytes_left -= 1; + if (ndo->ndo_vflag) + ND_PRINT("%02x", tlv_byte); + } + break; + } + } + return 0; + +invalid: + return -1; +} + + int rt6_print(netdissect_options *ndo, const u_char *bp, const u_char *bp2 _U_) { const struct ip6_rthdr *dp; const struct ip6_rthdr0 *dp0; const struct ip6_srh *srh; - u_int i, len, type; + u_int i, len, type, seg_list_len, last_entry; + int err; const u_char *p; ndo->ndo_protocol = "rt6"; @@ -66,7 +153,7 @@ rt6_print(netdissect_options *ndo, const u_char *bp, const u_char *bp2 _U_) } if (len % 2 == 1) { - ND_PRINT(" (invalid length %u)", len); + ND_PRINT(" [length %u]", len); goto invalid; } len >>= 1; @@ -78,10 +165,10 @@ rt6_print(netdissect_options *ndo, const u_char *bp, const u_char *bp2 _U_) /*(*/ ND_PRINT(") "); return((GET_U_1(dp0->ip6r0_len) + 1) << 3); - break; case IPV6_RTHDR_TYPE_4: srh = (const struct ip6_srh *)dp; - ND_PRINT(", last-entry=%u", GET_U_1(srh->srh_last_ent)); + last_entry = GET_U_1(srh->srh_last_ent); + ND_PRINT(", last-entry=%u", last_entry); if (GET_U_1(srh->srh_flags) || ndo->ndo_vflag) { ND_PRINT(", flags=0x%0x", @@ -89,21 +176,24 @@ rt6_print(netdissect_options *ndo, const u_char *bp, const u_char *bp2 _U_) } ND_PRINT(", tag=%x", GET_BE_U_2(srh->srh_tag)); - - if (len % 2 == 1) { - ND_PRINT(" (invalid length %u)", len); - goto invalid; - } - len >>= 1; p = (const u_char *) srh->srh_segments; - for (i = 0; i < len; i++) { + for (i = 0; i < last_entry + 1; i++) { ND_PRINT(", [%u]%s", i, GET_IP6ADDR_STRING(p)); p += 16; } + seg_list_len = (last_entry + 1) * 2; + if (seg_list_len < len) { + /* there is TLV */ + u_int bytes_left; + bytes_left = (len - seg_list_len) * 8; + err = srh_tlv_print(ndo, p, bytes_left); + if (err) + goto invalid; + } + /*(*/ ND_PRINT(") "); return((GET_U_1(srh->srh_len) + 1) << 3); - break; default: ND_PRINT(" (unknown type)"); goto invalid;