X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/ad7a38341c19e71e3595c17368ac18f08b71482d..5ef0bcb5edd748de9d9af13c40da0395dfdd94e8:/print-rsvp.c diff --git a/print-rsvp.c b/print-rsvp.c index ed228d9e..23b6d5a7 100644 --- a/print-rsvp.c +++ b/print-rsvp.c @@ -12,25 +12,20 @@ * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE. * - * Original code by Hannes Gredler (hannes@juniper.net) + * Original code by Hannes Gredler (hannes@gredler.at) */ -#ifndef lint -static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-rsvp.c,v 1.50 2008-08-16 11:36:20 hannes Exp $"; -#endif +/* \summary: Resource ReSerVation Protocol (RSVP) printer */ + +/* specification: RFC 2205 */ #ifdef HAVE_CONFIG_H -#include "config.h" +#include #endif -#include - -#include -#include -#include +#include "netdissect-stdinc.h" -#include "interface.h" +#include "netdissect.h" #include "extract.h" #include "addrtoname.h" #include "ethertype.h" @@ -38,6 +33,7 @@ static const char rcsid[] _U_ = #include "af.h" #include "signature.h" + /* * RFC 2205 common header * @@ -51,12 +47,12 @@ static const char rcsid[] _U_ = */ struct rsvp_common_header { - u_int8_t version_flags; - u_int8_t msg_type; - u_int8_t checksum[2]; - u_int8_t ttl; - u_int8_t reserved; - u_int8_t length[2]; + nd_uint8_t version_flags; + nd_uint8_t msg_type; + nd_uint16_t checksum; + nd_uint8_t ttl; + nd_byte reserved[1]; + nd_uint16_t length; }; /* @@ -74,9 +70,9 @@ struct rsvp_common_header { */ struct rsvp_object_header { - u_int8_t length[2]; - u_int8_t class_num; - u_int8_t ctype; + nd_uint16_t length; + nd_uint8_t class_num; + nd_uint8_t ctype; }; #define RSVP_VERSION 1 @@ -90,7 +86,7 @@ struct rsvp_object_header { #define RSVP_MSGTYPE_PATHTEAR 5 #define RSVP_MSGTYPE_RESVTEAR 6 #define RSVP_MSGTYPE_RESVCONF 7 -#define RSVP_MSGTYPE_AGGREGATE 12 +#define RSVP_MSGTYPE_BUNDLE 12 #define RSVP_MSGTYPE_ACK 13 #define RSVP_MSGTYPE_HELLO_OLD 14 /* ancient Hellos */ #define RSVP_MSGTYPE_SREFRESH 15 @@ -104,7 +100,7 @@ static const struct tok rsvp_msg_type_values[] = { { RSVP_MSGTYPE_PATHTEAR, "PathTear" }, { RSVP_MSGTYPE_RESVTEAR, "ResvTear" }, { RSVP_MSGTYPE_RESVCONF, "ResvConf" }, - { RSVP_MSGTYPE_AGGREGATE, "Aggregate" }, + { RSVP_MSGTYPE_BUNDLE, "Bundle" }, { RSVP_MSGTYPE_ACK, "Acknowledgement" }, { RSVP_MSGTYPE_HELLO_OLD, "Hello (Old)" }, { RSVP_MSGTYPE_SREFRESH, "Refresh" }, @@ -117,6 +113,13 @@ static const struct tok rsvp_header_flag_values[] = { { 0, NULL} }; +static const struct tok rsvp_obj_capability_flag_values[] = { + { 0x0004, "RecoveryPath Transmit Enabled" }, + { 0x0002, "RecoveryPath Desired" }, + { 0x0001, "RecoveryPath Srefresh Capable" }, + { 0, NULL} +}; + #define RSVP_OBJ_SESSION 1 /* rfc2205 */ #define RSVP_OBJ_RSVP_HOP 3 /* rfc2205, rfc3473 */ #define RSVP_OBJ_INTEGRITY 4 /* rfc2747 */ @@ -144,16 +147,17 @@ static const struct tok rsvp_header_flag_values[] = { #define RSVP_OBJ_LABEL_SET 36 /* rfc3473 */ #define RSVP_OBJ_PROTECTION 37 /* rfc3473 */ #define RSVP_OBJ_S2L 50 /* rfc4875 */ -#define RSVP_OBJ_DETOUR 63 /* draft-ietf-mpls-rsvp-lsp-fastreroute-07 */ +#define RSVP_OBJ_DETOUR 63 /* rfc4090 */ #define RSVP_OBJ_CLASSTYPE 66 /* rfc4124 */ #define RSVP_OBJ_CLASSTYPE_OLD 125 /* draft-ietf-tewg-diff-te-proto-07 */ #define RSVP_OBJ_SUGGESTED_LABEL 129 /* rfc3473 */ #define RSVP_OBJ_ACCEPT_LABEL_SET 130 /* rfc3473 */ #define RSVP_OBJ_RESTART_CAPABILITY 131 /* rfc3473 */ +#define RSVP_OBJ_CAPABILITY 134 /* rfc5063 */ #define RSVP_OBJ_NOTIFY_REQ 195 /* rfc3473 */ #define RSVP_OBJ_ADMIN_STATUS 196 /* rfc3473 */ #define RSVP_OBJ_PROPERTIES 204 /* juniper proprietary */ -#define RSVP_OBJ_FASTREROUTE 205 /* draft-ietf-mpls-rsvp-lsp-fastreroute-07 */ +#define RSVP_OBJ_FASTREROUTE 205 /* rfc4090 */ #define RSVP_OBJ_SESSION_ATTRIBUTE 207 /* rfc3209 */ #define RSVP_OBJ_GENERALIZED_UNI 229 /* OIF RSVP extensions UNI 1.0 Signaling, Rel. 2 */ #define RSVP_OBJ_CALL_ID 230 /* rfc3474 */ @@ -197,6 +201,7 @@ static const struct tok rsvp_obj_values[] = { { RSVP_OBJ_CALL_ID, "Call-ID" }, { RSVP_OBJ_CALL_OPS, "Call Capability" }, { RSVP_OBJ_RESTART_CAPABILITY, "Restart Capability" }, + { RSVP_OBJ_CAPABILITY, "Capability" }, { RSVP_OBJ_NOTIFY_REQ, "Notify Request" }, { RSVP_OBJ_PROTECTION, "Protection" }, { RSVP_OBJ_ADMIN_STATUS, "Administrative Status" }, @@ -284,6 +289,7 @@ static const struct tok rsvp_ctype_values[] = { { 256*RSVP_OBJ_ERROR_SPEC+RSVP_CTYPE_3, "IPv4 plus opt. TLVs" }, { 256*RSVP_OBJ_ERROR_SPEC+RSVP_CTYPE_4, "IPv6 plus opt. TLVs" }, { 256*RSVP_OBJ_RESTART_CAPABILITY+RSVP_CTYPE_1, "IPv4" }, + { 256*RSVP_OBJ_CAPABILITY+RSVP_CTYPE_1, "1" }, { 256*RSVP_OBJ_SESSION_ATTRIBUTE+RSVP_CTYPE_TUNNEL_IPV4, "Tunnel IPv4" }, { 256*RSVP_OBJ_FASTREROUTE+RSVP_CTYPE_TUNNEL_IPV4, "Tunnel IPv4" }, /* old style*/ { 256*RSVP_OBJ_FASTREROUTE+RSVP_CTYPE_1, "1" }, /* new style */ @@ -299,12 +305,20 @@ static const struct tok rsvp_ctype_values[] = { { 0, NULL} }; +/* + * XXX - this assumes a 16-byte digest, which is true for HMAC-MD5, but + * isn't necessarily the case for other hash algorithms. + * + * Unless I've missed something, there's nothing in RFC 2747 to indicate + * the hash algorithm being used, so it's presumably something set up + * out-of-band, or negotiated by other RSVP objects. + */ struct rsvp_obj_integrity_t { - u_int8_t flags; - u_int8_t res; - u_int8_t key_id[6]; - u_int8_t sequence[8]; - u_int8_t digest[16]; + uint8_t flags; + uint8_t res; + uint8_t key_id[6]; + uint8_t sequence[8]; + uint8_t digest[16]; }; static const struct tok rsvp_obj_integrity_flag_values[] = { @@ -313,20 +327,22 @@ static const struct tok rsvp_obj_integrity_flag_values[] = { }; struct rsvp_obj_frr_t { - u_int8_t setup_prio; - u_int8_t hold_prio; - u_int8_t hop_limit; - u_int8_t flags; - u_int8_t bandwidth[4]; - u_int8_t include_any[4]; - u_int8_t exclude_any[4]; - u_int8_t include_all[4]; + uint8_t setup_prio; + uint8_t hold_prio; + uint8_t hop_limit; + uint8_t flags; + uint8_t bandwidth[4]; + uint8_t include_any[4]; + uint8_t exclude_any[4]; + uint8_t include_all[4]; }; #define RSVP_OBJ_XRO_MASK_SUBOBJ(x) ((x)&0x7f) #define RSVP_OBJ_XRO_MASK_LOOSE(x) ((x)&0x80) +#define RSVP_OBJ_CAPABILITY_FLAGS_MASK 0x7U + #define RSVP_OBJ_XRO_RES 0 #define RSVP_OBJ_XRO_IPV4 1 #define RSVP_OBJ_XRO_IPV6 2 @@ -344,7 +360,7 @@ static const struct tok rsvp_obj_xro_values[] = { { 0, NULL} }; -/* draft-ietf-mpls-rsvp-lsp-fastreroute-07.txt */ +/* RFC4090 */ static const struct tok rsvp_obj_rro_flag_values[] = { { 0x01, "Local protection available" }, { 0x02, "Local protection in use" }, @@ -486,33 +502,32 @@ static const struct tok rsvp_obj_generalized_uni_values[] = { { 0, NULL} }; -static int rsvp_intserv_print(const u_char *, u_short); - /* * this is a dissector for all the intserv defined * specs as defined per rfc2215 * it is called from various rsvp objects; * returns the amount of bytes being processed */ -static int -rsvp_intserv_print(const u_char *tptr, u_short obj_tlen) { - - int parameter_id,parameter_length; +static u_int +rsvp_intserv_print(netdissect_options *ndo, + const u_char *tptr, u_int obj_tlen) +{ + u_int parameter_id,parameter_length; union { float f; - u_int32_t i; + uint32_t i; } bw; if (obj_tlen < 4) return 0; - parameter_id = *(tptr); - parameter_length = EXTRACT_16BITS(tptr+2)<<2; /* convert wordcount to bytecount */ + parameter_id = GET_U_1(tptr); + parameter_length = GET_BE_U_2(tptr + 2)<<2; /* convert wordcount to bytecount */ - printf("\n\t Parameter ID: %s (%u), length: %u, Flags: [0x%02x]", + ND_PRINT("\n\t Parameter ID: %s (%u), length: %u, Flags: [0x%02x]", tok2str(rsvp_intserv_parameter_id_values,"unknown",parameter_id), parameter_id, parameter_length, - *(tptr+1)); + GET_U_1(tptr + 1)); if (obj_tlen < parameter_length+4) return 0; @@ -526,8 +541,9 @@ rsvp_intserv_print(const u_char *tptr, u_short obj_tlen) { * | IS hop cnt (32-bit unsigned integer) | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ - if (parameter_length == 4) - printf("\n\t\tIS hop count: %u", EXTRACT_32BITS(tptr+4)); + if (parameter_length == 4) { + ND_PRINT("\n\t\tIS hop count: %u", GET_BE_U_4(tptr + 4)); + } break; case 6: @@ -539,8 +555,8 @@ rsvp_intserv_print(const u_char *tptr, u_short obj_tlen) { * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ if (parameter_length == 4) { - bw.i = EXTRACT_32BITS(tptr+4); - printf("\n\t\tPath b/w estimate: %.10g Mbps", bw.f/125000); + bw.i = GET_BE_U_4(tptr + 4); + ND_PRINT("\n\t\tPath b/w estimate: %.10g Mbps", bw.f / 125000); } break; @@ -553,11 +569,11 @@ rsvp_intserv_print(const u_char *tptr, u_short obj_tlen) { * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ if (parameter_length == 4) { - printf("\n\t\tMinimum path latency: "); - if (EXTRACT_32BITS(tptr+4) == 0xffffffff) - printf("don't care"); + ND_PRINT("\n\t\tMinimum path latency: "); + if (GET_BE_U_4(tptr + 4) == 0xffffffff) + ND_PRINT("don't care"); else - printf("%u", EXTRACT_32BITS(tptr+4)); + ND_PRINT("%u", GET_BE_U_4(tptr + 4)); } break; @@ -570,8 +586,9 @@ rsvp_intserv_print(const u_char *tptr, u_short obj_tlen) { * | Composed MTU (32-bit unsigned integer) | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ - if (parameter_length == 4) - printf("\n\t\tComposed MTU: %u bytes", EXTRACT_32BITS(tptr+4)); + if (parameter_length == 4) { + ND_PRINT("\n\t\tComposed MTU: %u bytes", GET_BE_U_4(tptr + 4)); + } break; case 127: /* @@ -591,14 +608,17 @@ rsvp_intserv_print(const u_char *tptr, u_short obj_tlen) { */ if (parameter_length == 20) { - bw.i = EXTRACT_32BITS(tptr+4); - printf("\n\t\tToken Bucket Rate: %.10g Mbps", bw.f/125000); - bw.i = EXTRACT_32BITS(tptr+8); - printf("\n\t\tToken Bucket Size: %.10g bytes", bw.f); - bw.i = EXTRACT_32BITS(tptr+12); - printf("\n\t\tPeak Data Rate: %.10g Mbps", bw.f/125000); - printf("\n\t\tMinimum Policed Unit: %u bytes", EXTRACT_32BITS(tptr+16)); - printf("\n\t\tMaximum Packet Size: %u bytes", EXTRACT_32BITS(tptr+20)); + ND_TCHECK_LEN(tptr + 4, 20); + bw.i = GET_BE_U_4(tptr + 4); + ND_PRINT("\n\t\tToken Bucket Rate: %.10g Mbps", bw.f / 125000); + bw.i = GET_BE_U_4(tptr + 8); + ND_PRINT("\n\t\tToken Bucket Size: %.10g bytes", bw.f); + bw.i = GET_BE_U_4(tptr + 12); + ND_PRINT("\n\t\tPeak Data Rate: %.10g Mbps", bw.f / 125000); + ND_PRINT("\n\t\tMinimum Policed Unit: %u bytes", + GET_BE_U_4(tptr + 16)); + ND_PRINT("\n\t\tMaximum Packet Size: %u bytes", + GET_BE_U_4(tptr + 20)); } break; @@ -614,9 +634,10 @@ rsvp_intserv_print(const u_char *tptr, u_short obj_tlen) { */ if (parameter_length == 8) { - bw.i = EXTRACT_32BITS(tptr+4); - printf("\n\t\tRate: %.10g Mbps", bw.f/125000); - printf("\n\t\tSlack Term: %u", EXTRACT_32BITS(tptr+8)); + ND_TCHECK_8(tptr + 4); + bw.i = GET_BE_U_4(tptr + 4); + ND_PRINT("\n\t\tRate: %.10g Mbps", bw.f / 125000); + ND_PRINT("\n\t\tSlack Term: %u", GET_BE_U_4(tptr + 8)); } break; @@ -624,29 +645,40 @@ rsvp_intserv_print(const u_char *tptr, u_short obj_tlen) { case 134: case 135: case 136: - if (parameter_length == 4) - printf("\n\t\tValue: %u", EXTRACT_32BITS(tptr+4)); + if (parameter_length == 4) { + ND_PRINT("\n\t\tValue: %u", GET_BE_U_4(tptr + 4)); + } break; default: - if (vflag <= 1) - print_unknown_data(gndo,tptr+4,"\n\t\t",parameter_length); + if (ndo->ndo_vflag <= 1) + print_unknown_data(ndo, tptr + 4, "\n\t\t", parameter_length); } return (parameter_length+4); /* header length 4 bytes */ + +trunc: + nd_print_trunc(ndo); + return 0; } -static int -rsvp_obj_print (const u_char *pptr -#ifndef HAVE_LIBCRYPTO -_U_ -#endif -, u_int plen -#ifndef HAVE_LIBCRYPTO -_U_ -#endif -, const u_char *tptr, - const char *ident, u_int tlen) { +/* + * Clear checksum prior to signature verification. + */ +static void +rsvp_clear_checksum(void *header) +{ + struct rsvp_common_header *rsvp_com_header = (struct rsvp_common_header *) header; + + rsvp_com_header->checksum[0] = 0; + rsvp_com_header->checksum[1] = 0; +} +static int +rsvp_obj_print(netdissect_options *ndo, + const u_char *pptr, u_int plen, const u_char *tptr, + const char *indent, u_int tlen, + const struct rsvp_common_header *rsvp_com_header) +{ const struct rsvp_object_header *rsvp_obj_header; const u_char *obj_tptr; union { @@ -654,56 +686,57 @@ _U_ const struct rsvp_obj_frr_t *rsvp_obj_frr; } obj_ptr; - u_short rsvp_obj_len,rsvp_obj_ctype,obj_tlen,intserv_serv_tlen; - int hexdump,processed,padbytes,error_code,error_value,i,sigcheck; + u_short rsvp_obj_len,rsvp_obj_ctype,rsvp_obj_class_num; + u_int obj_tlen,intserv_serv_tlen; + int hexdump; + u_int processed,padbytes,error_code,error_value,i,sigcheck; union { float f; - u_int32_t i; + uint32_t i; } bw; - u_int8_t namelen; + u_int namelen; u_int action, subchannel; while(tlen>=sizeof(struct rsvp_object_header)) { /* did we capture enough for fully decoding the object header ? */ - if (!TTEST2(*tptr, sizeof(struct rsvp_object_header))) - goto trunc; + ND_TCHECK_LEN(tptr, sizeof(struct rsvp_object_header)); rsvp_obj_header = (const struct rsvp_object_header *)tptr; - rsvp_obj_len=EXTRACT_16BITS(rsvp_obj_header->length); - rsvp_obj_ctype=rsvp_obj_header->ctype; + rsvp_obj_len=GET_BE_U_2(rsvp_obj_header->length); + rsvp_obj_ctype=GET_U_1(rsvp_obj_header->ctype); if(rsvp_obj_len % 4) { - printf("%sERROR: object header size %u not a multiple of 4", ident, rsvp_obj_len); + ND_PRINT("%sERROR: object header size %u not a multiple of 4", indent, rsvp_obj_len); return -1; } if(rsvp_obj_len < sizeof(struct rsvp_object_header)) { - printf("%sERROR: object header too short %u < %lu", ident, rsvp_obj_len, - (unsigned long)sizeof(const struct rsvp_object_header)); + ND_PRINT("%sERROR: object header too short %u < %zu", indent, rsvp_obj_len, + sizeof(struct rsvp_object_header)); return -1; } - printf("%s%s Object (%u) Flags: [%s", - ident, + rsvp_obj_class_num = GET_U_1(rsvp_obj_header->class_num); + ND_PRINT("%s%s Object (%u) Flags: [%s", + indent, tok2str(rsvp_obj_values, "Unknown", - rsvp_obj_header->class_num), - rsvp_obj_header->class_num, - ((rsvp_obj_header->class_num)&0x80) ? "ignore" : "reject"); - - if (rsvp_obj_header->class_num > 128) - printf(" %s", - ((rsvp_obj_header->class_num)&0x40) ? "and forward" : "silently"); - - printf(" if unknown], Class-Type: %s (%u), length: %u", + rsvp_obj_class_num), + rsvp_obj_class_num, + (rsvp_obj_class_num & 0x80) ? + ((rsvp_obj_class_num & 0x40) ? "ignore and forward" : + "ignore silently") : + "reject"); + + ND_PRINT(" if unknown], Class-Type: %s (%u), length: %u", tok2str(rsvp_ctype_values, "Unknown", - ((rsvp_obj_header->class_num)<<8)+rsvp_obj_ctype), + (rsvp_obj_class_num<<8)+rsvp_obj_ctype), rsvp_obj_ctype, rsvp_obj_len); if(tlen < rsvp_obj_len) { - printf("%sERROR: object goes past end of objects TLV", ident); + ND_PRINT("%sERROR: object goes past end of objects TLV", indent); return -1; } @@ -711,87 +744,84 @@ _U_ obj_tlen=rsvp_obj_len-sizeof(struct rsvp_object_header); /* did we capture enough for fully decoding the object ? */ - if (!TTEST2(*tptr, rsvp_obj_len)) - return -1; + ND_TCHECK_LEN(tptr, rsvp_obj_len); hexdump=FALSE; - switch(rsvp_obj_header->class_num) { + switch(rsvp_obj_class_num) { case RSVP_OBJ_SESSION: switch(rsvp_obj_ctype) { case RSVP_CTYPE_IPV4: if (obj_tlen < 8) - return -1; - printf("%s IPv4 DestAddress: %s, Protocol ID: 0x%02x", - ident, - ipaddr_string(obj_tptr), - *(obj_tptr+sizeof(struct in_addr))); - printf("%s Flags: [0x%02x], DestPort %u", - ident, - *(obj_tptr+5), - EXTRACT_16BITS(obj_tptr+6)); + goto obj_tooshort; + ND_PRINT("%s IPv4 DestAddress: %s, Protocol ID: 0x%02x", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_U_1(obj_tptr + sizeof(nd_ipv4))); + ND_PRINT("%s Flags: [0x%02x], DestPort %u", + indent, + GET_U_1((obj_tptr + 5)), + GET_BE_U_2(obj_tptr + 6)); obj_tlen-=8; obj_tptr+=8; break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < 20) - return -1; - printf("%s IPv6 DestAddress: %s, Protocol ID: 0x%02x", - ident, - ip6addr_string(obj_tptr), - *(obj_tptr+sizeof(struct in6_addr))); - printf("%s Flags: [0x%02x], DestPort %u", - ident, - *(obj_tptr+sizeof(struct in6_addr)+1), - EXTRACT_16BITS(obj_tptr+sizeof(struct in6_addr)+2)); + goto obj_tooshort; + ND_PRINT("%s IPv6 DestAddress: %s, Protocol ID: 0x%02x", + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_U_1(obj_tptr + sizeof(nd_ipv6))); + ND_PRINT("%s Flags: [0x%02x], DestPort %u", + indent, + GET_U_1((obj_tptr + sizeof(nd_ipv6) + 1)), + GET_BE_U_2(obj_tptr + sizeof(nd_ipv6) + 2)); obj_tlen-=20; obj_tptr+=20; break; case RSVP_CTYPE_TUNNEL_IPV6: if (obj_tlen < 36) - return -1; - printf("%s IPv6 Tunnel EndPoint: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18), - ip6addr_string(obj_tptr+20)); + goto obj_tooshort; + ND_PRINT("%s IPv6 Tunnel EndPoint: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 18), + GET_IP6ADDR_STRING(obj_tptr + 20)); obj_tlen-=36; obj_tptr+=36; break; case RSVP_CTYPE_14: /* IPv6 p2mp LSP Tunnel */ if (obj_tlen < 26) - return -1; - printf("%s IPv6 P2MP LSP ID: 0x%08x, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", - ident, - EXTRACT_32BITS(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ip6addr_string(obj_tptr+8)); + goto obj_tooshort; + ND_PRINT("%s IPv6 P2MP LSP ID: 0x%08x, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", + indent, + GET_BE_U_4(obj_tptr), + GET_BE_U_2(obj_tptr + 6), + GET_IP6ADDR_STRING(obj_tptr + 8)); obj_tlen-=26; obj_tptr+=26; break; -#endif case RSVP_CTYPE_13: /* IPv4 p2mp LSP Tunnel */ if (obj_tlen < 12) - return -1; - printf("%s IPv4 P2MP LSP ID: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ipaddr_string(obj_tptr+8)); + goto obj_tooshort; + ND_PRINT("%s IPv4 P2MP LSP ID: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 6), + GET_IPADDR_STRING(obj_tptr + 8)); obj_tlen-=12; obj_tptr+=12; break; case RSVP_CTYPE_TUNNEL_IPV4: case RSVP_CTYPE_UNI_IPV4: if (obj_tlen < 12) - return -1; - printf("%s IPv4 Tunnel EndPoint: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ipaddr_string(obj_tptr+8)); + goto obj_tooshort; + ND_PRINT("%s IPv4 Tunnel EndPoint: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 6), + GET_IPADDR_STRING(obj_tptr + 8)); obj_tlen-=12; obj_tptr+=12; break; @@ -803,25 +833,23 @@ _U_ case RSVP_OBJ_CONFIRM: switch(rsvp_obj_ctype) { case RSVP_CTYPE_IPV4: - if (obj_tlen < sizeof(struct in_addr)) - return -1; - printf("%s IPv4 Receiver Address: %s", - ident, - ipaddr_string(obj_tptr)); - obj_tlen-=sizeof(struct in_addr); - obj_tptr+=sizeof(struct in_addr); + if (obj_tlen < sizeof(nd_ipv4)) + goto obj_tooshort; + ND_PRINT("%s IPv4 Receiver Address: %s", + indent, + GET_IPADDR_STRING(obj_tptr)); + obj_tlen-=sizeof(nd_ipv4); + obj_tptr+=sizeof(nd_ipv4); break; -#ifdef INET6 case RSVP_CTYPE_IPV6: - if (obj_tlen < sizeof(struct in6_addr)) - return -1; - printf("%s IPv6 Receiver Address: %s", - ident, - ip6addr_string(obj_tptr)); - obj_tlen-=sizeof(struct in6_addr); - obj_tptr+=sizeof(struct in6_addr); + if (obj_tlen < sizeof(nd_ipv6)) + goto obj_tooshort; + ND_PRINT("%s IPv6 Receiver Address: %s", + indent, + GET_IP6ADDR_STRING(obj_tptr)); + obj_tlen-=sizeof(nd_ipv6); + obj_tptr+=sizeof(nd_ipv6); break; -#endif default: hexdump=TRUE; } @@ -830,25 +858,23 @@ _U_ case RSVP_OBJ_NOTIFY_REQ: switch(rsvp_obj_ctype) { case RSVP_CTYPE_IPV4: - if (obj_tlen < sizeof(struct in_addr)) - return -1; - printf("%s IPv4 Notify Node Address: %s", - ident, - ipaddr_string(obj_tptr)); - obj_tlen-=sizeof(struct in_addr); - obj_tptr+=sizeof(struct in_addr); + if (obj_tlen < sizeof(nd_ipv4)) + goto obj_tooshort; + ND_PRINT("%s IPv4 Notify Node Address: %s", + indent, + GET_IPADDR_STRING(obj_tptr)); + obj_tlen-=sizeof(nd_ipv4); + obj_tptr+=sizeof(nd_ipv4); break; -#ifdef INET6 case RSVP_CTYPE_IPV6: - if (obj_tlen < sizeof(struct in6_addr)) - return-1; - printf("%s IPv6 Notify Node Address: %s", - ident, - ip6addr_string(obj_tptr)); - obj_tlen-=sizeof(struct in6_addr); - obj_tptr+=sizeof(struct in6_addr); + if (obj_tlen < sizeof(nd_ipv6)) + goto obj_tooshort; + ND_PRINT("%s IPv6 Notify Node Address: %s", + indent, + GET_IP6ADDR_STRING(obj_tptr)); + obj_tlen-=sizeof(nd_ipv6); + obj_tptr+=sizeof(nd_ipv6); break; -#endif default: hexdump=TRUE; } @@ -861,29 +887,29 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: while(obj_tlen >= 4 ) { - printf("%s Label: %u", ident, EXTRACT_32BITS(obj_tptr)); + ND_PRINT("%s Label: %u", indent, GET_BE_U_4(obj_tptr)); obj_tlen-=4; obj_tptr+=4; } break; case RSVP_CTYPE_2: if (obj_tlen < 4) - return-1; - printf("%s Generalized Label: %u", - ident, - EXTRACT_32BITS(obj_tptr)); + goto obj_tooshort; + ND_PRINT("%s Generalized Label: %u", + indent, + GET_BE_U_4(obj_tptr)); obj_tlen-=4; obj_tptr+=4; break; case RSVP_CTYPE_3: if (obj_tlen < 12) - return-1; - printf("%s Waveband ID: %u%s Start Label: %u, Stop Label: %u", - ident, - EXTRACT_32BITS(obj_tptr), - ident, - EXTRACT_32BITS(obj_tptr+4), - EXTRACT_32BITS(obj_tptr+8)); + goto obj_tooshort; + ND_PRINT("%s Waveband ID: %u%s Start Label: %u, Stop Label: %u", + indent, + GET_BE_U_4(obj_tptr), + indent, + GET_BE_U_4(obj_tptr + 4), + GET_BE_U_4(obj_tptr + 8)); obj_tlen-=12; obj_tptr+=12; break; @@ -896,13 +922,13 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: if (obj_tlen < 4) - return-1; - printf("%s Reservation Style: %s, Flags: [0x%02x]", - ident, + goto obj_tooshort; + ND_PRINT("%s Reservation Style: %s, Flags: [0x%02x]", + indent, tok2str(rsvp_resstyle_values, "Unknown", - EXTRACT_24BITS(obj_tptr+1)), - *(obj_tptr)); + GET_BE_U_3(obj_tptr + 1)), + GET_U_1(obj_tptr)); obj_tlen-=4; obj_tptr+=4; break; @@ -915,61 +941,59 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_IPV4: if (obj_tlen < 8) - return-1; - printf("%s Source Address: %s, Source Port: %u", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6)); + goto obj_tooshort; + ND_PRINT("%s Source Address: %s, Source Port: %u", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 6)); obj_tlen-=8; obj_tptr+=8; break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < 20) - return-1; - printf("%s Source Address: %s, Source Port: %u", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18)); + goto obj_tooshort; + ND_PRINT("%s Source Address: %s, Source Port: %u", + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 18)); obj_tlen-=20; obj_tptr+=20; break; case RSVP_CTYPE_13: /* IPv6 p2mp LSP tunnel */ if (obj_tlen < 40) - return-1; - printf("%s IPv6 Tunnel Sender Address: %s, LSP ID: 0x%04x" + goto obj_tooshort; + ND_PRINT("%s IPv6 Tunnel Sender Address: %s, LSP ID: 0x%04x" "%s Sub-Group Originator ID: %s, Sub-Group ID: 0x%04x", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18), - ident, - ip6addr_string(obj_tptr+20), - EXTRACT_16BITS(obj_tptr+38)); + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 18), + indent, + GET_IP6ADDR_STRING(obj_tptr+20), + GET_BE_U_2(obj_tptr + 38)); obj_tlen-=40; obj_tptr+=40; break; -#endif case RSVP_CTYPE_TUNNEL_IPV4: if (obj_tlen < 8) - return-1; - printf("%s IPv4 Tunnel Sender Address: %s, LSP-ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6)); + goto obj_tooshort; + ND_PRINT("%s IPv4 Tunnel Sender Address: %s, LSP-ID: 0x%04x", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 6)); obj_tlen-=8; obj_tptr+=8; break; case RSVP_CTYPE_12: /* IPv4 p2mp LSP tunnel */ if (obj_tlen < 16) - return-1; - printf("%s IPv4 Tunnel Sender Address: %s, LSP ID: 0x%04x" + goto obj_tooshort; + ND_PRINT("%s IPv4 Tunnel Sender Address: %s, LSP ID: 0x%04x" "%s Sub-Group Originator ID: %s, Sub-Group ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ident, - ipaddr_string(obj_tptr+8), - EXTRACT_16BITS(obj_tptr+12)); + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 6), + indent, + GET_IPADDR_STRING(obj_tptr+8), + GET_BE_U_2(obj_tptr + 12)); obj_tlen-=16; obj_tptr+=16; break; @@ -982,71 +1006,72 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: while(obj_tlen >= 4 ) { - printf("%s L3 Protocol ID: %s", - ident, + ND_PRINT("%s L3 Protocol ID: %s", + indent, tok2str(ethertype_values, "Unknown Protocol (0x%04x)", - EXTRACT_16BITS(obj_tptr+2))); + GET_BE_U_2(obj_tptr + 2))); obj_tlen-=4; obj_tptr+=4; } break; case RSVP_CTYPE_2: if (obj_tlen < 12) - return-1; - printf("%s L3 Protocol ID: %s", - ident, + goto obj_tooshort; + ND_PRINT("%s L3 Protocol ID: %s", + indent, tok2str(ethertype_values, "Unknown Protocol (0x%04x)", - EXTRACT_16BITS(obj_tptr+2))); - printf(",%s merge capability",((*(obj_tptr+4))&0x80) ? "no" : "" ); - printf("%s Minimum VPI/VCI: %u/%u", - ident, - (EXTRACT_16BITS(obj_tptr+4))&0xfff, - (EXTRACT_16BITS(obj_tptr+6))&0xfff); - printf("%s Maximum VPI/VCI: %u/%u", - ident, - (EXTRACT_16BITS(obj_tptr+8))&0xfff, - (EXTRACT_16BITS(obj_tptr+10))&0xfff); + GET_BE_U_2(obj_tptr + 2))); + ND_PRINT(",%s merge capability", + ((GET_U_1(obj_tptr + 4)) & 0x80) ? "no" : "" ); + ND_PRINT("%s Minimum VPI/VCI: %u/%u", + indent, + (GET_BE_U_2(obj_tptr + 4))&0xfff, + (GET_BE_U_2(obj_tptr + 6)) & 0xfff); + ND_PRINT("%s Maximum VPI/VCI: %u/%u", + indent, + (GET_BE_U_2(obj_tptr + 8))&0xfff, + (GET_BE_U_2(obj_tptr + 10)) & 0xfff); obj_tlen-=12; obj_tptr+=12; break; case RSVP_CTYPE_3: if (obj_tlen < 12) - return-1; - printf("%s L3 Protocol ID: %s", - ident, + goto obj_tooshort; + ND_PRINT("%s L3 Protocol ID: %s", + indent, tok2str(ethertype_values, "Unknown Protocol (0x%04x)", - EXTRACT_16BITS(obj_tptr+2))); - printf("%s Minimum/Maximum DLCI: %u/%u, %s%s bit DLCI", - ident, - (EXTRACT_32BITS(obj_tptr+4))&0x7fffff, - (EXTRACT_32BITS(obj_tptr+8))&0x7fffff, - (((EXTRACT_16BITS(obj_tptr+4)>>7)&3) == 0 ) ? "10" : "", - (((EXTRACT_16BITS(obj_tptr+4)>>7)&3) == 2 ) ? "23" : ""); + GET_BE_U_2(obj_tptr + 2))); + ND_PRINT("%s Minimum/Maximum DLCI: %u/%u, %s%s bit DLCI", + indent, + (GET_BE_U_4(obj_tptr + 4))&0x7fffff, + (GET_BE_U_4(obj_tptr + 8))&0x7fffff, + (((GET_BE_U_2(obj_tptr + 4)>>7)&3) == 0 ) ? "10" : "", + (((GET_BE_U_2(obj_tptr + 4) >> 7) & 3) == 2 ) ? "23" : ""); obj_tlen-=12; obj_tptr+=12; break; case RSVP_CTYPE_4: if (obj_tlen < 4) - return-1; - printf("%s LSP Encoding Type: %s (%u)", - ident, + goto obj_tooshort; + ND_PRINT("%s LSP Encoding Type: %s (%u)", + indent, tok2str(gmpls_encoding_values, "Unknown", - *obj_tptr), - *obj_tptr); - printf("%s Switching Type: %s (%u), Payload ID: %s (0x%04x)", - ident, + GET_U_1(obj_tptr)), + GET_U_1(obj_tptr)); + ND_PRINT("%s Switching Type: %s (%u), Payload ID: %s (0x%04x)", + indent, tok2str(gmpls_switch_cap_values, "Unknown", - *(obj_tptr+1)), - *(obj_tptr+1), + GET_U_1((obj_tptr + 1))), + GET_U_1(obj_tptr + 1), tok2str(gmpls_payload_values, "Unknown", - EXTRACT_16BITS(obj_tptr+2)), - EXTRACT_16BITS(obj_tptr+2)); + GET_BE_U_2(obj_tptr + 2)), + GET_BE_U_2(obj_tptr + 2)); obj_tlen-=4; obj_tptr+=4; break; @@ -1060,42 +1085,68 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_IPV4: while(obj_tlen >= 4 ) { - printf("%s Subobject Type: %s, length %u", - ident, + u_char length; + + ND_TCHECK_4(obj_tptr); + length = GET_U_1(obj_tptr + 1); + ND_PRINT("%s Subobject Type: %s, length %u", + indent, tok2str(rsvp_obj_xro_values, "Unknown %u", - RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)), - *(obj_tptr+1)); + RSVP_OBJ_XRO_MASK_SUBOBJ(GET_U_1(obj_tptr))), + length); + if (obj_tlen < length) { + ND_PRINT("%s ERROR: ERO subobject length > object length", indent); + break; + } - if (*(obj_tptr+1) == 0) { /* prevent infinite loops */ - printf("%s ERROR: zero length ERO subtype",ident); + if (length == 0) { /* prevent infinite loops */ + ND_PRINT("%s ERROR: zero length ERO subtype", indent); break; } - switch(RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)) { + switch(RSVP_OBJ_XRO_MASK_SUBOBJ(GET_U_1(obj_tptr))) { + u_char prefix_length; + case RSVP_OBJ_XRO_IPV4: - printf(", %s, %s/%u, Flags: [%s]", - RSVP_OBJ_XRO_MASK_LOOSE(*obj_tptr) ? "Loose" : "Strict", - ipaddr_string(obj_tptr+2), - *(obj_tptr+6), + if (length != 8) { + ND_PRINT(" ERROR: length != 8"); + goto invalid; + } + ND_TCHECK_8(obj_tptr); + prefix_length = GET_U_1(obj_tptr + 6); + if (prefix_length != 32) { + ND_PRINT(" ERROR: Prefix length %u != 32", + prefix_length); + goto invalid; + } + ND_PRINT(", %s, %s/%u, Flags: [%s]", + RSVP_OBJ_XRO_MASK_LOOSE(GET_U_1(obj_tptr)) ? "Loose" : "Strict", + GET_IPADDR_STRING(obj_tptr+2), + GET_U_1((obj_tptr + 6)), bittok2str(rsvp_obj_rro_flag_values, "none", - *(obj_tptr+7))); /* rfc3209 says that this field is rsvd. */ + GET_U_1((obj_tptr + 7)))); /* rfc3209 says that this field is rsvd. */ break; case RSVP_OBJ_XRO_LABEL: - printf(", Flags: [%s] (%#x), Class-Type: %s (%u), %u", + if (length != 8) { + ND_PRINT(" ERROR: length != 8"); + goto invalid; + } + ND_TCHECK_8(obj_tptr); + ND_PRINT(", Flags: [%s] (%#x), Class-Type: %s (%u), %u", bittok2str(rsvp_obj_rro_label_flag_values, "none", - *(obj_tptr+2)), - *(obj_tptr+2), + GET_U_1((obj_tptr + 2))), + GET_U_1(obj_tptr + 2), tok2str(rsvp_ctype_values, "Unknown", - *(obj_tptr+3) + 256*RSVP_OBJ_RRO), - *(obj_tptr+3), - EXTRACT_32BITS(obj_tptr+4)); + GET_U_1((obj_tptr + 3)) + (256 * RSVP_OBJ_RRO)), + GET_U_1((obj_tptr + 3)), + GET_BE_U_4(obj_tptr + 4)); } - obj_tlen-=*(obj_tptr+1); - obj_tptr+=*(obj_tptr+1); + obj_tlen-=length; + obj_tptr+=length; } break; default: @@ -1108,11 +1159,11 @@ _U_ case RSVP_CTYPE_1: case RSVP_CTYPE_2: if (obj_tlen < 8) - return-1; - printf("%s Source Instance: 0x%08x, Destination Instance: 0x%08x", - ident, - EXTRACT_32BITS(obj_tptr), - EXTRACT_32BITS(obj_tptr+4)); + goto obj_tooshort; + ND_PRINT("%s Source Instance: 0x%08x, Destination Instance: 0x%08x", + indent, + GET_BE_U_4(obj_tptr), + GET_BE_U_4(obj_tptr + 4)); obj_tlen-=8; obj_tptr+=8; break; @@ -1125,11 +1176,11 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: if (obj_tlen < 8) - return-1; - printf("%s Restart Time: %ums, Recovery Time: %ums", - ident, - EXTRACT_32BITS(obj_tptr), - EXTRACT_32BITS(obj_tptr+4)); + goto obj_tooshort; + ND_PRINT("%s Restart Time: %ums, Recovery Time: %ums", + indent, + GET_BE_U_4(obj_tptr), + GET_BE_U_4(obj_tptr + 4)); obj_tlen-=8; obj_tptr+=8; break; @@ -1138,27 +1189,49 @@ _U_ } break; + case RSVP_OBJ_CAPABILITY: + switch(rsvp_obj_ctype) { + case RSVP_CTYPE_1: + if (obj_tlen < 4) + goto obj_tooshort; + uint32_t unused_and_flags = GET_BE_U_4(obj_tptr); + if (unused_and_flags & ~RSVP_OBJ_CAPABILITY_FLAGS_MASK) + ND_PRINT("%s [reserved=0x%08x must be zero]", indent, + unused_and_flags & ~RSVP_OBJ_CAPABILITY_FLAGS_MASK); + ND_PRINT("%s Flags: [%s]", + indent, + bittok2str(rsvp_obj_capability_flag_values, + "none", + (unused_and_flags & RSVP_OBJ_CAPABILITY_FLAGS_MASK))); + obj_tlen-=4; + obj_tptr+=4; + break; + default: + hexdump=TRUE; + } + break; + case RSVP_OBJ_SESSION_ATTRIBUTE: switch(rsvp_obj_ctype) { case RSVP_CTYPE_TUNNEL_IPV4: if (obj_tlen < 4) - return-1; - namelen = *(obj_tptr+3); + goto obj_tooshort; + namelen = GET_U_1(obj_tptr + 3); if (obj_tlen < 4+namelen) - return-1; - printf("%s Session Name: ", ident); + goto obj_tooshort; + ND_PRINT("%s Session Name: ", indent); for (i = 0; i < namelen; i++) - safeputchar(*(obj_tptr+4+i)); - printf("%s Setup Priority: %u, Holding Priority: %u, Flags: [%s] (%#x)", - ident, - (int)*obj_tptr, - (int)*(obj_tptr+1), + fn_print_char(ndo, GET_U_1(obj_tptr + 4 + i)); + ND_PRINT("%s Setup Priority: %u, Holding Priority: %u, Flags: [%s] (%#x)", + indent, + GET_U_1(obj_tptr), + GET_U_1(obj_tptr + 1), bittok2str(rsvp_session_attribute_flag_values, "none", - *(obj_tptr+2)), - *(obj_tptr+2)); - obj_tlen-=4+*(obj_tptr+3); - obj_tptr+=4+*(obj_tptr+3); + GET_U_1((obj_tptr + 2))), + GET_U_1(obj_tptr + 2)); + obj_tlen-=4+namelen; + obj_tptr+=4+namelen; break; default: hexdump=TRUE; @@ -1167,27 +1240,68 @@ _U_ case RSVP_OBJ_GENERALIZED_UNI: switch(rsvp_obj_ctype) { - int subobj_type,af,subobj_len,total_subobj_len; + u_int subobj_type,af,subobj_len,total_subobj_len; case RSVP_CTYPE_1: if (obj_tlen < 4) - return-1; + goto obj_tooshort; /* read variable length subobjects */ total_subobj_len = obj_tlen; while(total_subobj_len > 0) { - subobj_len = EXTRACT_16BITS(obj_tptr); - subobj_type = (EXTRACT_16BITS(obj_tptr+2))>>8; - af = (EXTRACT_16BITS(obj_tptr+2))&0x00FF; - - printf("%s Subobject Type: %s (%u), AF: %s (%u), length: %u", - ident, + /* If RFC 3476 Section 3.1 defined that a sub-object of the + * GENERALIZED_UNI RSVP object must have the Length field as + * a multiple of 4, instead of the check below it would be + * better to test total_subobj_len only once before the loop. + * So long as it does not define it and this while loop does + * not implement such a requirement, let's accept that within + * each iteration subobj_len may happen to be a multiple of 1 + * and test it and total_subobj_len respectively. + */ + if (total_subobj_len < 4) + goto invalid; + subobj_len = GET_BE_U_2(obj_tptr); + subobj_type = (GET_BE_U_2(obj_tptr + 2))>>8; + af = (GET_BE_U_2(obj_tptr + 2))&0x00FF; + + ND_PRINT("%s Subobject Type: %s (%u), AF: %s (%u), length: %u", + indent, tok2str(rsvp_obj_generalized_uni_values, "Unknown", subobj_type), subobj_type, tok2str(af_values, "Unknown", af), af, subobj_len); + /* In addition to what is explained above, the same spec does not + * explicitly say that the same Length field includes the 4-octet + * sub-object header, but as long as this while loop implements it + * as it does include, let's keep the check below consistent with + * the rest of the code. + * + * XXX - RFC 3476 Section 3.1 says "The contents of these + * sub-objects are described in [8]", where [8] is + * UNI 1.0 Signaling Specification, The Optical + * Internetworking Forum. The URL they give for that + * document is + * + * http://www.oiforum.com/public/UNI_1.0_ia.html + * + * but that doesn't work; the new URL appears to be + * + * https://web.archive.org/web/20160401194747/http://www.oiforum.com/public/documents/OIF-UNI-01.0.pdf + * + * and *that* document, in section 12.5.2.3 + * "GENERALIZED_UNI Object (Class-Num=11bbbbbb (TBA))", + * says nothing about the length field in general, but + * some of the examples it gives in subsections have + * length field values that clearly includes the length + * of the sub-object header as well as the length of the + * value. + */ + if(subobj_len < 4 || subobj_len > total_subobj_len || + obj_tlen < subobj_len) + goto invalid; + switch(subobj_type) { case RSVP_GEN_UNI_SUBOBJ_SOURCE_TNA_ADDRESS: case RSVP_GEN_UNI_SUBOBJ_DESTINATION_TNA_ADDRESS: @@ -1195,18 +1309,16 @@ _U_ switch(af) { case AFNUM_INET: if (subobj_len < 8) - return -1; - printf("%s UNI IPv4 TNA address: %s", - ident, ipaddr_string(obj_tptr+4)); + goto subobj_tooshort; + ND_PRINT("%s UNI IPv4 TNA address: %s", + indent, GET_IPADDR_STRING(obj_tptr + 4)); break; -#ifdef INET6 case AFNUM_INET6: if (subobj_len < 20) - return -1; - printf("%s UNI IPv6 TNA address: %s", - ident, ip6addr_string(obj_tptr+4)); + goto subobj_tooshort; + ND_PRINT("%s UNI IPv6 TNA address: %s", + indent, GET_IP6ADDR_STRING(obj_tptr + 4)); break; -#endif case AFNUM_NSAP: if (subobj_len) { /* unless we have a TLV parser lets just hexdump */ @@ -1217,7 +1329,7 @@ _U_ break; case RSVP_GEN_UNI_SUBOBJ_DIVERSITY: - if (subobj_len) { + if (subobj_len > 4) { /* unless we have a TLV parser lets just hexdump */ hexdump=TRUE; } @@ -1225,24 +1337,24 @@ _U_ case RSVP_GEN_UNI_SUBOBJ_EGRESS_LABEL: if (subobj_len < 16) { - return -1; + goto subobj_tooshort; } - printf("%s U-bit: %x, Label type: %u, Logical port id: %u, Label: %u", - ident, - ((EXTRACT_32BITS(obj_tptr+4))>>31), - ((EXTRACT_32BITS(obj_tptr+4))&0xFF), - EXTRACT_32BITS(obj_tptr+8), - EXTRACT_32BITS(obj_tptr+12)); + ND_PRINT("%s U-bit: %x, Label type: %u, Logical port id: %u, Label: %u", + indent, + ((GET_BE_U_4(obj_tptr + 4))>>31), + ((GET_BE_U_4(obj_tptr + 4))&0xFF), + GET_BE_U_4(obj_tptr + 8), + GET_BE_U_4(obj_tptr + 12)); break; case RSVP_GEN_UNI_SUBOBJ_SERVICE_LEVEL: if (subobj_len < 8) { - return -1; + goto subobj_tooshort; } - printf("%s Service level: %u", - ident, (EXTRACT_32BITS(obj_tptr+4))>>24); + ND_PRINT("%s Service level: %u", + indent, (GET_BE_U_4(obj_tptr + 4)) >> 24); break; default: @@ -1253,11 +1365,6 @@ _U_ obj_tptr+=subobj_len; obj_tlen+=subobj_len; } - - if (total_subobj_len) { - /* unless we have a TLV parser lets just hexdump */ - hexdump=TRUE; - } break; default: @@ -1270,30 +1377,28 @@ _U_ case RSVP_CTYPE_3: /* fall through - FIXME add TLV parser */ case RSVP_CTYPE_IPV4: if (obj_tlen < 8) - return-1; - printf("%s Previous/Next Interface: %s, Logical Interface Handle: 0x%08x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_32BITS(obj_tptr+4)); + goto obj_tooshort; + ND_PRINT("%s Previous/Next Interface: %s, Logical Interface Handle: 0x%08x", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_4(obj_tptr + 4)); obj_tlen-=8; obj_tptr+=8; if (obj_tlen) hexdump=TRUE; /* unless we have a TLV parser lets just hexdump */ break; -#ifdef INET6 case RSVP_CTYPE_4: /* fall through - FIXME add TLV parser */ case RSVP_CTYPE_IPV6: if (obj_tlen < 20) - return-1; - printf("%s Previous/Next Interface: %s, Logical Interface Handle: 0x%08x", - ident, - ip6addr_string(obj_tptr), - EXTRACT_32BITS(obj_tptr+16)); + goto obj_tooshort; + ND_PRINT("%s Previous/Next Interface: %s, Logical Interface Handle: 0x%08x", + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_BE_U_4(obj_tptr + 16)); obj_tlen-=20; obj_tptr+=20; hexdump=TRUE; /* unless we have a TLV parser lets just hexdump */ break; -#endif default: hexdump=TRUE; } @@ -1303,10 +1408,10 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: if (obj_tlen < 4) - return-1; - printf("%s Refresh Period: %ums", - ident, - EXTRACT_32BITS(obj_tptr)); + goto obj_tooshort; + ND_PRINT("%s Refresh Period: %ums", + indent, + GET_BE_U_4(obj_tptr)); obj_tlen-=4; obj_tptr+=4; break; @@ -1322,28 +1427,28 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_2: if (obj_tlen < 4) - return-1; - printf("%s Msg-Version: %u, length: %u", - ident, - (*obj_tptr & 0xf0) >> 4, - EXTRACT_16BITS(obj_tptr+2)<<2); + goto obj_tooshort; + ND_PRINT("%s Msg-Version: %u, length: %u", + indent, + (GET_U_1(obj_tptr) & 0xf0) >> 4, + GET_BE_U_2(obj_tptr + 2) << 2); obj_tptr+=4; /* get to the start of the service header */ obj_tlen-=4; while (obj_tlen >= 4) { - intserv_serv_tlen=EXTRACT_16BITS(obj_tptr+2)<<2; - printf("%s Service Type: %s (%u), break bit %s set, Service length: %u", - ident, - tok2str(rsvp_intserv_service_type_values,"unknown",*(obj_tptr)), - *(obj_tptr), - (*(obj_tptr+1)&0x80) ? "" : "not", + intserv_serv_tlen=GET_BE_U_2(obj_tptr + 2)<<2; + ND_PRINT("%s Service Type: %s (%u), break bit %sset, Service length: %u", + indent, + tok2str(rsvp_intserv_service_type_values,"unknown",GET_U_1((obj_tptr))), + GET_U_1(obj_tptr), + (GET_U_1(obj_tptr + 1)&0x80) ? "" : "not ", intserv_serv_tlen); obj_tptr+=4; /* get to the start of the parameter list */ obj_tlen-=4; while (intserv_serv_tlen>=4) { - processed = rsvp_intserv_print(obj_tptr, obj_tlen); + processed = rsvp_intserv_print(ndo, obj_tptr, obj_tlen); if (processed == 0) break; obj_tlen-=processed; @@ -1361,81 +1466,79 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_IPV4: if (obj_tlen < 8) - return-1; - printf("%s Source Address: %s, Source Port: %u", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6)); + goto obj_tooshort; + ND_PRINT("%s Source Address: %s, Source Port: %u", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 6)); obj_tlen-=8; obj_tptr+=8; break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < 20) - return-1; - printf("%s Source Address: %s, Source Port: %u", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18)); + goto obj_tooshort; + ND_PRINT("%s Source Address: %s, Source Port: %u", + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 18)); obj_tlen-=20; obj_tptr+=20; break; case RSVP_CTYPE_3: if (obj_tlen < 20) - return-1; - printf("%s Source Address: %s, Flow Label: %u", - ident, - ip6addr_string(obj_tptr), - EXTRACT_24BITS(obj_tptr+17)); + goto obj_tooshort; + ND_PRINT("%s Source Address: %s, Flow Label: %u", + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_BE_U_3(obj_tptr + 17)); obj_tlen-=20; obj_tptr+=20; break; case RSVP_CTYPE_TUNNEL_IPV6: if (obj_tlen < 20) - return-1; - printf("%s Source Address: %s, LSP-ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18)); + goto obj_tooshort; + ND_PRINT("%s Source Address: %s, LSP-ID: 0x%04x", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 18)); obj_tlen-=20; obj_tptr+=20; break; case RSVP_CTYPE_13: /* IPv6 p2mp LSP tunnel */ if (obj_tlen < 40) - return-1; - printf("%s IPv6 Tunnel Sender Address: %s, LSP ID: 0x%04x" + goto obj_tooshort; + ND_PRINT("%s IPv6 Tunnel Sender Address: %s, LSP ID: 0x%04x" "%s Sub-Group Originator ID: %s, Sub-Group ID: 0x%04x", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18), - ident, - ip6addr_string(obj_tptr+20), - EXTRACT_16BITS(obj_tptr+38)); + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 18), + indent, + GET_IP6ADDR_STRING(obj_tptr+20), + GET_BE_U_2(obj_tptr + 38)); obj_tlen-=40; obj_tptr+=40; break; -#endif case RSVP_CTYPE_TUNNEL_IPV4: if (obj_tlen < 8) - return-1; - printf("%s Source Address: %s, LSP-ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6)); + goto obj_tooshort; + ND_PRINT("%s Source Address: %s, LSP-ID: 0x%04x", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 6)); obj_tlen-=8; obj_tptr+=8; break; case RSVP_CTYPE_12: /* IPv4 p2mp LSP tunnel */ if (obj_tlen < 16) - return-1; - printf("%s IPv4 Tunnel Sender Address: %s, LSP ID: 0x%04x" + goto obj_tooshort; + ND_PRINT("%s IPv4 Tunnel Sender Address: %s, LSP ID: 0x%04x" "%s Sub-Group Originator ID: %s, Sub-Group ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ident, - ipaddr_string(obj_tptr+8), - EXTRACT_16BITS(obj_tptr+12)); + indent, + GET_IPADDR_STRING(obj_tptr), + GET_BE_U_2(obj_tptr + 6), + indent, + GET_IPADDR_STRING(obj_tptr+8), + GET_BE_U_2(obj_tptr + 12)); obj_tlen-=16; obj_tptr+=16; break; @@ -1447,40 +1550,41 @@ _U_ case RSVP_OBJ_FASTREROUTE: /* the differences between c-type 1 and 7 are minor */ obj_ptr.rsvp_obj_frr = (const struct rsvp_obj_frr_t *)obj_tptr; - bw.i = EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->bandwidth); switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: /* new style */ if (obj_tlen < sizeof(struct rsvp_obj_frr_t)) - return-1; - printf("%s Setup Priority: %u, Holding Priority: %u, Hop-limit: %u, Bandwidth: %.10g Mbps", - ident, - (int)obj_ptr.rsvp_obj_frr->setup_prio, - (int)obj_ptr.rsvp_obj_frr->hold_prio, - (int)obj_ptr.rsvp_obj_frr->hop_limit, - bw.f*8/1000000); - printf("%s Include-any: 0x%08x, Exclude-any: 0x%08x, Include-all: 0x%08x", - ident, - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->include_any), - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->exclude_any), - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->include_all)); + goto obj_tooshort; + bw.i = GET_BE_U_4(obj_ptr.rsvp_obj_frr->bandwidth); + ND_PRINT("%s Setup Priority: %u, Holding Priority: %u, Hop-limit: %u, Bandwidth: %.10g Mbps", + indent, + obj_ptr.rsvp_obj_frr->setup_prio, + obj_ptr.rsvp_obj_frr->hold_prio, + obj_ptr.rsvp_obj_frr->hop_limit, + bw.f * 8 / 1000000); + ND_PRINT("%s Include-any: 0x%08x, Exclude-any: 0x%08x, Include-all: 0x%08x", + indent, + GET_BE_U_4(obj_ptr.rsvp_obj_frr->include_any), + GET_BE_U_4(obj_ptr.rsvp_obj_frr->exclude_any), + GET_BE_U_4(obj_ptr.rsvp_obj_frr->include_all)); obj_tlen-=sizeof(struct rsvp_obj_frr_t); obj_tptr+=sizeof(struct rsvp_obj_frr_t); break; case RSVP_CTYPE_TUNNEL_IPV4: /* old style */ if (obj_tlen < 16) - return-1; - printf("%s Setup Priority: %u, Holding Priority: %u, Hop-limit: %u, Bandwidth: %.10g Mbps", - ident, - (int)obj_ptr.rsvp_obj_frr->setup_prio, - (int)obj_ptr.rsvp_obj_frr->hold_prio, - (int)obj_ptr.rsvp_obj_frr->hop_limit, - bw.f*8/1000000); - printf("%s Include Colors: 0x%08x, Exclude Colors: 0x%08x", - ident, - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->include_any), - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->exclude_any)); + goto obj_tooshort; + bw.i = GET_BE_U_4(obj_ptr.rsvp_obj_frr->bandwidth); + ND_PRINT("%s Setup Priority: %u, Holding Priority: %u, Hop-limit: %u, Bandwidth: %.10g Mbps", + indent, + obj_ptr.rsvp_obj_frr->setup_prio, + obj_ptr.rsvp_obj_frr->hold_prio, + obj_ptr.rsvp_obj_frr->hop_limit, + bw.f * 8 / 1000000); + ND_PRINT("%s Include Colors: 0x%08x, Exclude Colors: 0x%08x", + indent, + GET_BE_U_4(obj_ptr.rsvp_obj_frr->include_any), + GET_BE_U_4(obj_ptr.rsvp_obj_frr->exclude_any)); obj_tlen-=16; obj_tptr+=16; break; @@ -1494,10 +1598,10 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_TUNNEL_IPV4: while(obj_tlen >= 8) { - printf("%s PLR-ID: %s, Avoid-Node-ID: %s", - ident, - ipaddr_string(obj_tptr), - ipaddr_string(obj_tptr+4)); + ND_PRINT("%s PLR-ID: %s, Avoid-Node-ID: %s", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_IPADDR_STRING(obj_tptr + 4)); obj_tlen-=8; obj_tptr+=8; } @@ -1511,9 +1615,11 @@ _U_ case RSVP_OBJ_CLASSTYPE_OLD: /* fall through */ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: - printf("%s CT: %u", - ident, - EXTRACT_32BITS(obj_tptr)&0x7); + if (obj_tlen < 4) + goto obj_tooshort; + ND_PRINT("%s CT: %u", + indent, + GET_BE_U_4(obj_tptr) & 0x7); obj_tlen-=4; obj_tptr+=4; break; @@ -1527,53 +1633,52 @@ _U_ case RSVP_CTYPE_3: /* fall through - FIXME add TLV parser */ case RSVP_CTYPE_IPV4: if (obj_tlen < 8) - return-1; - error_code=*(obj_tptr+5); - error_value=EXTRACT_16BITS(obj_tptr+6); - printf("%s Error Node Address: %s, Flags: [0x%02x]%s Error Code: %s (%u)", - ident, - ipaddr_string(obj_tptr), - *(obj_tptr+4), - ident, + goto obj_tooshort; + error_code=GET_U_1(obj_tptr + 5); + error_value=GET_BE_U_2(obj_tptr + 6); + ND_PRINT("%s Error Node Address: %s, Flags: [0x%02x]%s Error Code: %s (%u)", + indent, + GET_IPADDR_STRING(obj_tptr), + GET_U_1(obj_tptr + 4), + indent, tok2str(rsvp_obj_error_code_values,"unknown",error_code), error_code); switch (error_code) { case RSVP_OBJ_ERROR_SPEC_CODE_ROUTING: - printf(", Error Value: %s (%u)", + ND_PRINT(", Error Value: %s (%u)", tok2str(rsvp_obj_error_code_routing_values,"unknown",error_value), error_value); break; case RSVP_OBJ_ERROR_SPEC_CODE_DIFFSERV_TE: /* fall through */ case RSVP_OBJ_ERROR_SPEC_CODE_DIFFSERV_TE_OLD: - printf(", Error Value: %s (%u)", + ND_PRINT(", Error Value: %s (%u)", tok2str(rsvp_obj_error_code_diffserv_te_values,"unknown",error_value), error_value); break; default: - printf(", Unknown Error Value (%u)", error_value); + ND_PRINT(", Unknown Error Value (%u)", error_value); break; } obj_tlen-=8; obj_tptr+=8; break; -#ifdef INET6 case RSVP_CTYPE_4: /* fall through - FIXME add TLV parser */ case RSVP_CTYPE_IPV6: if (obj_tlen < 20) - return-1; - error_code=*(obj_tptr+17); - error_value=EXTRACT_16BITS(obj_tptr+18); - printf("%s Error Node Address: %s, Flags: [0x%02x]%s Error Code: %s (%u)", - ident, - ip6addr_string(obj_tptr), - *(obj_tptr+16), - ident, + goto obj_tooshort; + error_code=GET_U_1(obj_tptr + 17); + error_value=GET_BE_U_2(obj_tptr + 18); + ND_PRINT("%s Error Node Address: %s, Flags: [0x%02x]%s Error Code: %s (%u)", + indent, + GET_IP6ADDR_STRING(obj_tptr), + GET_U_1(obj_tptr + 16), + indent, tok2str(rsvp_obj_error_code_values,"unknown",error_code), error_code); switch (error_code) { case RSVP_OBJ_ERROR_SPEC_CODE_ROUTING: - printf(", Error Value: %s (%u)", + ND_PRINT(", Error Value: %s (%u)", tok2str(rsvp_obj_error_code_routing_values,"unknown",error_value), error_value); break; @@ -1583,7 +1688,6 @@ _U_ obj_tlen-=20; obj_tptr+=20; break; -#endif default: hexdump=TRUE; } @@ -1593,28 +1697,31 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: if (obj_tlen < 4) - return-1; - padbytes = EXTRACT_16BITS(obj_tptr+2); - printf("%s TLV count: %u, padding bytes: %u", - ident, - EXTRACT_16BITS(obj_tptr), + goto obj_tooshort; + padbytes = GET_BE_U_2(obj_tptr + 2); + ND_PRINT("%s TLV count: %u, padding bytes: %u", + indent, + GET_BE_U_2(obj_tptr), padbytes); obj_tlen-=4; obj_tptr+=4; /* loop through as long there is anything longer than the TLV header (2) */ while(obj_tlen >= 2 + padbytes) { - printf("%s %s TLV (0x%02x), length: %u", /* length includes header */ - ident, - tok2str(rsvp_obj_prop_tlv_values,"unknown",*obj_tptr), - *obj_tptr, - *(obj_tptr+1)); - if (obj_tlen < *(obj_tptr+1)) - return-1; - if (*(obj_tptr+1) < 2) + ND_PRINT("%s %s TLV (0x%02x), length: %u", /* length includes header */ + indent, + tok2str(rsvp_obj_prop_tlv_values,"unknown",GET_U_1(obj_tptr)), + GET_U_1(obj_tptr), + GET_U_1(obj_tptr + 1)); + if (obj_tlen < GET_U_1(obj_tptr + 1)) + goto obj_tooshort; + if (GET_U_1(obj_tptr + 1) < 2) { + ND_PRINT("%sERROR: property TLV is too short", indent); return -1; - print_unknown_data(gndo,obj_tptr+2,"\n\t\t",*(obj_tptr+1)-2); - obj_tlen-=*(obj_tptr+1); - obj_tptr+=*(obj_tptr+1); + } + print_unknown_data(ndo, obj_tptr + 2, "\n\t\t", + GET_U_1(obj_tptr + 1) - 2); + obj_tlen-=GET_U_1(obj_tptr + 1); + obj_tptr+=GET_U_1(obj_tptr + 1); } break; default: @@ -1628,20 +1735,20 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: case RSVP_CTYPE_2: - if (obj_tlen < 8) - return-1; - printf("%s Flags [0x%02x], epoch: %u", - ident, - *obj_tptr, - EXTRACT_24BITS(obj_tptr+1)); + if (obj_tlen < 4) + goto obj_tooshort; + ND_PRINT("%s Flags [0x%02x], epoch: %u", + indent, + GET_U_1(obj_tptr), + GET_BE_U_3(obj_tptr + 1)); obj_tlen-=4; obj_tptr+=4; /* loop through as long there are no messages left */ while(obj_tlen >= 4) { - printf("%s Message-ID 0x%08x (%u)", - ident, - EXTRACT_32BITS(obj_tptr), - EXTRACT_32BITS(obj_tptr)); + ND_PRINT("%s Message-ID 0x%08x (%u)", + indent, + GET_BE_U_4(obj_tptr), + GET_BE_U_4(obj_tptr)); obj_tlen-=4; obj_tptr+=4; } @@ -1655,31 +1762,29 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: if (obj_tlen < sizeof(struct rsvp_obj_integrity_t)) - return-1; + goto obj_tooshort; obj_ptr.rsvp_obj_integrity = (const struct rsvp_obj_integrity_t *)obj_tptr; - printf("%s Key-ID 0x%04x%08x, Sequence 0x%08x%08x, Flags [%s]", - ident, - EXTRACT_16BITS(obj_ptr.rsvp_obj_integrity->key_id), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->key_id+2), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->sequence), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->sequence+4), + ND_PRINT("%s Key-ID 0x%04x%08x, Sequence 0x%08x%08x, Flags [%s]", + indent, + GET_BE_U_2(obj_ptr.rsvp_obj_integrity->key_id), + GET_BE_U_4(obj_ptr.rsvp_obj_integrity->key_id + 2), + GET_BE_U_4(obj_ptr.rsvp_obj_integrity->sequence), + GET_BE_U_4(obj_ptr.rsvp_obj_integrity->sequence + 4), bittok2str(rsvp_obj_integrity_flag_values, "none", obj_ptr.rsvp_obj_integrity->flags)); - printf("%s MD5-sum 0x%08x%08x%08x%08x ", - ident, - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->digest), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->digest+4), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->digest+8), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->digest+12)); - -#ifdef HAVE_LIBCRYPTO - sigcheck = signature_verify(pptr, plen, (unsigned char *)obj_ptr.\ - rsvp_obj_integrity->digest); -#else - sigcheck = CANT_CHECK_SIGNATURE; -#endif - printf(" (%s)", tok2str(signature_check_values, "Unknown", sigcheck)); + ND_PRINT("%s MD5-sum 0x%08x%08x%08x%08x ", + indent, + GET_BE_U_4(obj_ptr.rsvp_obj_integrity->digest), + GET_BE_U_4(obj_ptr.rsvp_obj_integrity->digest + 4), + GET_BE_U_4(obj_ptr.rsvp_obj_integrity->digest + 8), + GET_BE_U_4(obj_ptr.rsvp_obj_integrity->digest + 12)); + + sigcheck = signature_verify(ndo, pptr, plen, + obj_ptr.rsvp_obj_integrity->digest, + rsvp_clear_checksum, + rsvp_com_header); + ND_PRINT(" (%s)", tok2str(signature_check_values, "Unknown", sigcheck)); obj_tlen+=sizeof(struct rsvp_obj_integrity_t); obj_tptr+=sizeof(struct rsvp_obj_integrity_t); @@ -1693,10 +1798,10 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: if (obj_tlen < 4) - return-1; - printf("%s Flags [%s]", ident, + goto obj_tooshort; + ND_PRINT("%s Flags [%s]", indent, bittok2str(rsvp_obj_admin_status_flag_values, "none", - EXTRACT_32BITS(obj_tptr))); + GET_BE_U_4(obj_tptr))); obj_tlen-=4; obj_tptr+=4; break; @@ -1709,12 +1814,12 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: if (obj_tlen < 4) - return-1; - action = (EXTRACT_16BITS(obj_tptr)>>8); + goto obj_tooshort; + action = (GET_BE_U_2(obj_tptr)>>8); - printf("%s Action: %s (%u), Label type: %u", ident, + ND_PRINT("%s Action: %s (%u), Label type: %u", indent, tok2str(rsvp_obj_label_set_action_values, "Unknown", action), - action, ((EXTRACT_32BITS(obj_tptr) & 0x7F))); + action, (GET_BE_U_4(obj_tptr) & 0x7F)); switch (action) { case LABEL_SET_INCLUSIVE_RANGE: @@ -1722,10 +1827,10 @@ _U_ /* only a couple of subchannels are expected */ if (obj_tlen < 12) - return -1; - printf("%s Start range: %u, End range: %u", ident, - EXTRACT_32BITS(obj_tptr+4), - EXTRACT_32BITS(obj_tptr+8)); + goto obj_tooshort; + ND_PRINT("%s Start range: %u, End range: %u", indent, + GET_BE_U_4(obj_tptr + 4), + GET_BE_U_4(obj_tptr + 8)); obj_tlen-=12; obj_tptr+=12; break; @@ -1735,8 +1840,8 @@ _U_ obj_tptr+=4; subchannel = 1; while(obj_tlen >= 4 ) { - printf("%s Subchannel #%u: %u", ident, subchannel, - EXTRACT_32BITS(obj_tptr)); + ND_PRINT("%s Subchannel #%u: %u", indent, subchannel, + GET_BE_U_4(obj_tptr)); obj_tptr+=4; obj_tlen-=4; subchannel++; @@ -1747,32 +1852,32 @@ _U_ default: hexdump=TRUE; } + break; case RSVP_OBJ_S2L: switch (rsvp_obj_ctype) { case RSVP_CTYPE_IPV4: if (obj_tlen < 4) - return-1; - printf("%s Sub-LSP destination address: %s", - ident, ipaddr_string(obj_tptr)); + goto obj_tooshort; + ND_PRINT("%s Sub-LSP destination address: %s", + indent, GET_IPADDR_STRING(obj_tptr)); obj_tlen-=4; obj_tptr+=4; break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < 16) - return-1; - printf("%s Sub-LSP destination address: %s", - ident, ip6addr_string(obj_tptr)); + goto obj_tooshort; + ND_PRINT("%s Sub-LSP destination address: %s", + indent, GET_IP6ADDR_STRING(obj_tptr)); obj_tlen-=16; obj_tptr+=16; break; -#endif default: hexdump=TRUE; } + break; /* * FIXME those are the defined objects that lack a decoder @@ -1784,136 +1889,153 @@ _U_ case RSVP_OBJ_ACCEPT_LABEL_SET: case RSVP_OBJ_PROTECTION: default: - if (vflag <= 1) - print_unknown_data(gndo,obj_tptr,"\n\t ",obj_tlen); /* FIXME indentation */ + if (ndo->ndo_vflag <= 1) + print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen); /* FIXME indentation */ break; } /* do we also want to see a hex dump ? */ - if (vflag > 1 || hexdump==TRUE) - print_unknown_data(gndo,tptr+sizeof(struct rsvp_object_header),"\n\t ", /* FIXME indentation */ - rsvp_obj_len-sizeof(struct rsvp_object_header)); + if (ndo->ndo_vflag > 1 || hexdump == TRUE) + print_unknown_data(ndo, tptr + sizeof(struct rsvp_object_header), "\n\t ", /* FIXME indentation */ + rsvp_obj_len - sizeof(struct rsvp_object_header)); tptr+=rsvp_obj_len; tlen-=rsvp_obj_len; } return 0; +subobj_tooshort: + ND_PRINT("%sERROR: sub-object is too short", indent); + return -1; +obj_tooshort: + ND_PRINT("%sERROR: object is too short", indent); + return -1; +invalid: + nd_print_invalid(ndo); + return -1; trunc: - printf("\n\t\t packet exceeded snapshot"); + nd_print_trunc(ndo); return -1; } - void -rsvp_print(register const u_char *pptr, register u_int len) { - - struct rsvp_common_header *rsvp_com_header; - const u_char *tptr,*subtptr; - u_short plen, tlen, subtlen; - +rsvp_print(netdissect_options *ndo, + const u_char *pptr, u_int len) +{ + const struct rsvp_common_header *rsvp_com_header; + uint8_t version_flags, msg_type; + const u_char *tptr; + u_short plen, tlen; + + ndo->ndo_protocol = "rsvp"; tptr=pptr; - rsvp_com_header = (struct rsvp_common_header *)pptr; - TCHECK(*rsvp_com_header); + rsvp_com_header = (const struct rsvp_common_header *)pptr; + ND_TCHECK_SIZE(rsvp_com_header); + version_flags = GET_U_1(rsvp_com_header->version_flags); /* * Sanity checking of the header. */ - if (RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags) != RSVP_VERSION) { - printf("ERROR: RSVP version %u packet not supported", - RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags)); + if (RSVP_EXTRACT_VERSION(version_flags) != RSVP_VERSION) { + ND_PRINT("ERROR: RSVP version %u packet not supported", + RSVP_EXTRACT_VERSION(version_flags)); return; } + msg_type = GET_U_1(rsvp_com_header->msg_type); + /* in non-verbose mode just lets print the basic Message Type*/ - if (vflag < 1) { - printf("RSVPv%u %s Message, length: %u", - RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags), - tok2str(rsvp_msg_type_values, "unknown (%u)",rsvp_com_header->msg_type), + if (ndo->ndo_vflag < 1) { + ND_PRINT("RSVPv%u %s Message, length: %u", + RSVP_EXTRACT_VERSION(version_flags), + tok2str(rsvp_msg_type_values, "unknown (%u)",msg_type), len); return; } /* ok they seem to want to know everything - lets fully decode it */ - plen = tlen = EXTRACT_16BITS(rsvp_com_header->length); + plen = tlen = GET_BE_U_2(rsvp_com_header->length); - printf("\n\tRSVPv%u %s Message (%u), Flags: [%s], length: %u, ttl: %u, checksum: 0x%04x", - RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags), - tok2str(rsvp_msg_type_values, "unknown, type: %u",rsvp_com_header->msg_type), - rsvp_com_header->msg_type, - bittok2str(rsvp_header_flag_values,"none",RSVP_EXTRACT_FLAGS(rsvp_com_header->version_flags)), + ND_PRINT("\n\tRSVPv%u %s Message (%u), Flags: [%s], length: %u, ttl: %u, checksum: 0x%04x", + RSVP_EXTRACT_VERSION(version_flags), + tok2str(rsvp_msg_type_values, "unknown, type: %u",msg_type), + msg_type, + bittok2str(rsvp_header_flag_values,"none",RSVP_EXTRACT_FLAGS(version_flags)), tlen, - rsvp_com_header->ttl, - EXTRACT_16BITS(rsvp_com_header->checksum)); - - /* - * Clear checksum prior to signature verification. - */ - rsvp_com_header->checksum[0] = 0; - rsvp_com_header->checksum[1] = 0; + GET_U_1(rsvp_com_header->ttl), + GET_BE_U_2(rsvp_com_header->checksum)); - if (tlen < sizeof(const struct rsvp_common_header)) { - printf("ERROR: common header too short %u < %lu", tlen, - (unsigned long)sizeof(const struct rsvp_common_header)); + if (tlen < sizeof(struct rsvp_common_header)) { + ND_PRINT("ERROR: common header too short %u < %zu", tlen, + sizeof(struct rsvp_common_header)); return; } - tptr+=sizeof(const struct rsvp_common_header); - tlen-=sizeof(const struct rsvp_common_header); + tptr+=sizeof(struct rsvp_common_header); + tlen-=sizeof(struct rsvp_common_header); - switch(rsvp_com_header->msg_type) { + switch(msg_type) { - case RSVP_MSGTYPE_AGGREGATE: + case RSVP_MSGTYPE_BUNDLE: + /* + * Process each submessage in the bundle message. + * Bundle messages may not contain bundle submessages, so we don't + * need to handle bundle submessages specially. + */ while(tlen > 0) { - subtptr=tptr; - rsvp_com_header = (struct rsvp_common_header *)subtptr; - TCHECK(*rsvp_com_header); + const u_char *subpptr=tptr, *subtptr; + u_short subplen, subtlen; + + subtptr=subpptr; + + rsvp_com_header = (const struct rsvp_common_header *)subpptr; + ND_TCHECK_SIZE(rsvp_com_header); + version_flags = GET_U_1(rsvp_com_header->version_flags); /* * Sanity checking of the header. */ - if (RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags) != RSVP_VERSION) { - printf("ERROR: RSVP version %u packet not supported", - RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags)); + if (RSVP_EXTRACT_VERSION(version_flags) != RSVP_VERSION) { + ND_PRINT("ERROR: RSVP version %u packet not supported", + RSVP_EXTRACT_VERSION(version_flags)); return; } - subtlen=EXTRACT_16BITS(rsvp_com_header->length); - printf("\n\t RSVPv%u %s Message (%u), Flags: [%s], length: %u, ttl: %u, checksum: 0x%04x", - RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags), - tok2str(rsvp_msg_type_values, "unknown, type: %u",rsvp_com_header->msg_type), - rsvp_com_header->msg_type, - bittok2str(rsvp_header_flag_values,"none",RSVP_EXTRACT_FLAGS(rsvp_com_header->version_flags)), - subtlen, - rsvp_com_header->ttl, - EXTRACT_16BITS(rsvp_com_header->checksum)); + subplen = subtlen = GET_BE_U_2(rsvp_com_header->length); - /* - * Clear checksum prior to signature verification. - */ - rsvp_com_header->checksum[0] = 0; - rsvp_com_header->checksum[1] = 0; + msg_type = GET_U_1(rsvp_com_header->msg_type); + ND_PRINT("\n\t RSVPv%u %s Message (%u), Flags: [%s], length: %u, ttl: %u, checksum: 0x%04x", + RSVP_EXTRACT_VERSION(version_flags), + tok2str(rsvp_msg_type_values, "unknown, type: %u",msg_type), + msg_type, + bittok2str(rsvp_header_flag_values,"none",RSVP_EXTRACT_FLAGS(version_flags)), + subtlen, + GET_U_1(rsvp_com_header->ttl), + GET_BE_U_2(rsvp_com_header->checksum)); - if (subtlen < sizeof(const struct rsvp_common_header)) { - printf("ERROR: common header too short %u < %lu", subtlen, - (unsigned long)sizeof(const struct rsvp_common_header)); + if (subtlen < sizeof(struct rsvp_common_header)) { + ND_PRINT("ERROR: common header too short %u < %zu", subtlen, + sizeof(struct rsvp_common_header)); return; } if (tlen < subtlen) { - printf("ERROR: common header too large %u > %u", subtlen, + ND_PRINT("ERROR: common header too large %u > %u", subtlen, tlen); return; } - subtptr+=sizeof(const struct rsvp_common_header); - subtlen-=sizeof(const struct rsvp_common_header); + subtptr+=sizeof(struct rsvp_common_header); + subtlen-=sizeof(struct rsvp_common_header); - if (rsvp_obj_print(pptr, plen, subtptr,"\n\t ", subtlen) == -1) + /* + * Print all objects in the submessage. + */ + if (rsvp_obj_print(ndo, subpptr, subplen, subtptr, "\n\t ", subtlen, rsvp_com_header) == -1) return; - tptr+=subtlen+sizeof(const struct rsvp_common_header); - tlen-=subtlen+sizeof(const struct rsvp_common_header); + tptr+=subtlen+sizeof(struct rsvp_common_header); + tlen-=subtlen+sizeof(struct rsvp_common_header); } break; @@ -1929,16 +2051,19 @@ rsvp_print(register const u_char *pptr, register u_int len) { case RSVP_MSGTYPE_HELLO: case RSVP_MSGTYPE_ACK: case RSVP_MSGTYPE_SREFRESH: - if (rsvp_obj_print(pptr, plen, tptr,"\n\t ", tlen) == -1) + /* + * Print all objects in the message. + */ + if (rsvp_obj_print(ndo, pptr, plen, tptr, "\n\t ", tlen, rsvp_com_header) == -1) return; break; default: - print_unknown_data(gndo,tptr,"\n\t ",tlen); + print_unknown_data(ndo, tptr, "\n\t ", tlen); break; } return; trunc: - printf("\n\t\t packet exceeded snapshot"); + nd_print_trunc(ndo); }