X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/9d046ee0503d4c8cbfcb200c88986de876f6cae7..0023eaa78f123676bfa9c5fba72ea4b8a59aaa70:/print-vrrp.c

diff --git a/print-vrrp.c b/print-vrrp.c
index 2739e37c..bd0bb30d 100644
--- a/print-vrrp.c
+++ b/print-vrrp.c
@@ -25,9 +25,7 @@
 
 /* \summary: Virtual Router Redundancy Protocol (VRRP) printer */
 
-#ifdef HAVE_CONFIG_H
 #include <config.h>
-#endif
 
 #include "netdissect-stdinc.h"
 
@@ -105,24 +103,23 @@ static const struct tok auth2str[] = {
 void
 vrrp_print(netdissect_options *ndo,
            const u_char *bp, u_int len,
-           const u_char *bp2, int ttl)
+           const u_char *bp2, int ttl,
+	   int ver)
 {
 	int version, type, auth_type = VRRP_AUTH_NONE; /* keep compiler happy */
 	const char *type_s;
 
 	ndo->ndo_protocol = "vrrp";
-	ND_TCHECK_1(bp);
+	nd_print_protocol_caps(ndo);
 	version = (GET_U_1(bp) & 0xf0) >> 4;
 	type = GET_U_1(bp) & 0x0f;
 	type_s = tok2str(type2str, "unknown type (%u)", type);
-	ND_PRINT("VRRPv%u, %s", version, type_s);
+	ND_PRINT("v%u, %s", version, type_s);
 	if (ttl != 255)
 		ND_PRINT(", (ttl %u)", ttl);
 	if (version < 2 || version > 3 || type != VRRP_TYPE_ADVERTISEMENT)
 		return;
-	ND_TCHECK_1(bp + 2);
 	ND_PRINT(", vrid %u, prio %u", GET_U_1(bp + 1), GET_U_1(bp + 2));
-	ND_TCHECK_1(bp + 5);
 
 	if (version == 2) {
 		auth_type = GET_U_1(bp + 4);
@@ -149,8 +146,14 @@ vrrp_print(netdissect_options *ndo,
 		}
 
 		if (version == 3 && ND_TTEST_LEN(bp, len)) {
-			uint16_t cksum = nextproto4_cksum(ndo, (const struct ip *)bp2, bp,
-				len, len, IPPROTO_VRRP);
+			uint16_t cksum;
+
+			if (ver == 4)
+				cksum = nextproto4_cksum(ndo, (const struct ip *)bp2, bp,
+					len, len, IPPROTO_VRRP);
+			else
+				cksum = nextproto6_cksum(ndo, (const struct ip6_hdr *)bp2, bp,
+					len, len, IPPROTO_VRRP);
 			if (cksum)
 				ND_PRINT(", (bad vrrp cksum %x)",
 					GET_BE_U_2(bp + 6));
@@ -163,22 +166,23 @@ vrrp_print(netdissect_options *ndo,
 		c = ' ';
 		bp += 8;
 		for (i = 0; i < naddrs; i++) {
-			ND_TCHECK_1(bp + 3);
-			ND_PRINT("%c%s", c, GET_IPADDR_STRING(bp));
+			if (ver == 4) {
+				ND_PRINT("%c%s", c, GET_IPADDR_STRING(bp));
+				bp += 4;
+			} else {
+				ND_PRINT("%c%s", c, GET_IP6ADDR_STRING(bp));
+				bp += 16;
+			}
 			c = ',';
-			bp += 4;
 		}
 		if (version == 2 && auth_type == VRRP_AUTH_SIMPLE) { /* simple text password */
-			ND_TCHECK_1(bp + 7);
 			ND_PRINT(" auth \"");
-			if (nd_printn(ndo, bp, 8, ndo->ndo_snapend)) {
-				ND_PRINT("\"");
-				goto trunc;
-			}
+			/*
+			 * RFC 2338 Section 5.3.10: "If the configured authentication string
+			 * is shorter than 8 bytes, the remaining space MUST be zero-filled.
+			 */
+			nd_printjnp(ndo, bp, 8);
 			ND_PRINT("\"");
 		}
 	}
-	return;
-trunc:
-	nd_print_trunc(ndo);
 }