X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/d8acd8f5d0d7cac4881b5552eca5dc40a5d3c0d1..6e12d87355718f309ce9f33183ff8235b9c5eb0d:/print-ospf6.c diff --git a/print-ospf6.c b/print-ospf6.c index e95e4371..98352cbd 100644 --- a/print-ospf6.c +++ b/print-ospf6.c @@ -21,11 +21,6 @@ * OSPF support contributed by Jeffrey Honig (jch@mitchell.cit.cornell.edu) */ -#ifndef lint -static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-ospf6.c,v 1.15 2006-09-13 06:31:11 guy Exp $ (LBL)"; -#endif - #ifdef HAVE_CONFIG_H #include "config.h" #endif @@ -40,7 +35,257 @@ static const char rcsid[] _U_ = #include "extract.h" #include "ospf.h" -#include "ospf6.h" + +#define OSPF_TYPE_HELLO 1 /* Hello */ +#define OSPF_TYPE_DD 2 /* Database Description */ +#define OSPF_TYPE_LS_REQ 3 /* Link State Request */ +#define OSPF_TYPE_LS_UPDATE 4 /* Link State Update */ +#define OSPF_TYPE_LS_ACK 5 /* Link State Ack */ + +/* Options *_options */ +#define OSPF6_OPTION_V6 0x01 /* V6 bit: A bit for peeping tom */ +#define OSPF6_OPTION_E 0x02 /* E bit: External routes advertised */ +#define OSPF6_OPTION_MC 0x04 /* MC bit: Multicast capable */ +#define OSPF6_OPTION_N 0x08 /* N bit: For type-7 LSA */ +#define OSPF6_OPTION_R 0x10 /* R bit: Router bit */ +#define OSPF6_OPTION_DC 0x20 /* DC bit: Demand circuits */ +/* The field is actually 24-bit (RFC5340 Section A.2). */ +#define OSPF6_OPTION_AF 0x0100 /* AF bit: Multiple address families */ +#define OSPF6_OPTION_L 0x0200 /* L bit: Link-local signaling (LLS) */ +#define OSPF6_OPTION_AT 0x0400 /* AT bit: Authentication trailer */ + + +/* db_flags */ +#define OSPF6_DB_INIT 0x04 /* */ +#define OSPF6_DB_MORE 0x02 +#define OSPF6_DB_MASTER 0x01 +#define OSPF6_DB_M6 0x10 /* IPv6 MTU */ + +/* ls_type */ +#define LS_TYPE_ROUTER 1 /* router link */ +#define LS_TYPE_NETWORK 2 /* network link */ +#define LS_TYPE_INTER_AP 3 /* Inter-Area-Prefix */ +#define LS_TYPE_INTER_AR 4 /* Inter-Area-Router */ +#define LS_TYPE_ASE 5 /* ASE */ +#define LS_TYPE_GROUP 6 /* Group membership */ +#define LS_TYPE_NSSA 7 /* NSSA */ +#define LS_TYPE_LINK 8 /* Link LSA */ +#define LS_TYPE_INTRA_AP 9 /* Intra-Area-Prefix */ +#define LS_TYPE_INTRA_ATE 10 /* Intra-Area-TE */ +#define LS_TYPE_GRACE 11 /* Grace LSA */ +#define LS_TYPE_RI 12 /* Router information */ +#define LS_TYPE_INTER_ASTE 13 /* Inter-AS-TE */ +#define LS_TYPE_L1VPN 14 /* L1VPN */ +#define LS_TYPE_MASK 0x1fff + +#define LS_SCOPE_LINKLOCAL 0x0000 +#define LS_SCOPE_AREA 0x2000 +#define LS_SCOPE_AS 0x4000 +#define LS_SCOPE_MASK 0x6000 +#define LS_SCOPE_U 0x8000 + +/* rla_link.link_type */ +#define RLA_TYPE_ROUTER 1 /* point-to-point to another router */ +#define RLA_TYPE_TRANSIT 2 /* connection to transit network */ +#define RLA_TYPE_VIRTUAL 4 /* virtual link */ + +/* rla_flags */ +#define RLA_FLAG_B 0x01 +#define RLA_FLAG_E 0x02 +#define RLA_FLAG_V 0x04 +#define RLA_FLAG_W 0x08 +#define RLA_FLAG_N 0x10 + +/* lsa_prefix options */ +#define LSA_PREFIX_OPT_NU 0x01 +#define LSA_PREFIX_OPT_LA 0x02 +#define LSA_PREFIX_OPT_MC 0x04 +#define LSA_PREFIX_OPT_P 0x08 +#define LSA_PREFIX_OPT_DN 0x10 + +/* sla_tosmetric breakdown */ +#define SLA_MASK_TOS 0x7f000000 +#define SLA_MASK_METRIC 0x00ffffff +#define SLA_SHIFT_TOS 24 + +/* asla_metric */ +#define ASLA_FLAG_FWDADDR 0x02000000 +#define ASLA_FLAG_ROUTETAG 0x01000000 +#define ASLA_MASK_METRIC 0x00ffffff + +/* RFC6506 Section 4.1 */ +#define OSPF6_AT_HDRLEN 16U +#define OSPF6_AUTH_TYPE_HMAC 0x0001 + +typedef u_int32_t rtrid_t; + +/* link state advertisement header */ +struct lsa6_hdr { + u_int16_t ls_age; + u_int16_t ls_type; + rtrid_t ls_stateid; + rtrid_t ls_router; + u_int32_t ls_seq; + u_int16_t ls_chksum; + u_int16_t ls_length; +}; + +struct lsa6_prefix { + u_int8_t lsa_p_len; + u_int8_t lsa_p_opt; + u_int16_t lsa_p_metric; + u_int8_t lsa_p_prefix[4]; +}; + +/* link state advertisement */ +struct lsa6 { + struct lsa6_hdr ls_hdr; + + /* Link state types */ + union { + /* Router links advertisements */ + struct { + union { + u_int8_t flg; + u_int32_t opt; + } rla_flgandopt; +#define rla_flags rla_flgandopt.flg +#define rla_options rla_flgandopt.opt + struct rlalink6 { + u_int8_t link_type; + u_int8_t link_zero[1]; + u_int16_t link_metric; + u_int32_t link_ifid; + u_int32_t link_nifid; + rtrid_t link_nrtid; + } rla_link[1]; /* may repeat */ + } un_rla; + + /* Network links advertisements */ + struct { + u_int32_t nla_options; + rtrid_t nla_router[1]; /* may repeat */ + } un_nla; + + /* Inter Area Prefix LSA */ + struct { + u_int32_t inter_ap_metric; + struct lsa6_prefix inter_ap_prefix[1]; + } un_inter_ap; + + /* AS external links advertisements */ + struct { + u_int32_t asla_metric; + struct lsa6_prefix asla_prefix[1]; + /* some optional fields follow */ + } un_asla; + +#if 0 + /* Summary links advertisements */ + struct { + struct in_addr sla_mask; + u_int32_t sla_tosmetric[1]; /* may repeat */ + } un_sla; + + /* Multicast group membership */ + struct mcla { + u_int32_t mcla_vtype; + struct in_addr mcla_vid; + } un_mcla[1]; +#endif + + /* Type 7 LSA */ + + /* Link LSA */ + struct llsa { + union { + u_int8_t pri; + u_int32_t opt; + } llsa_priandopt; +#define llsa_priority llsa_priandopt.pri +#define llsa_options llsa_priandopt.opt + struct in6_addr llsa_lladdr; + u_int32_t llsa_nprefix; + struct lsa6_prefix llsa_prefix[1]; + } un_llsa; + + /* Intra-Area-Prefix */ + struct { + u_int16_t intra_ap_nprefix; + u_int16_t intra_ap_lstype; + rtrid_t intra_ap_lsid; + rtrid_t intra_ap_rtid; + struct lsa6_prefix intra_ap_prefix[1]; + } un_intra_ap; + } lsa_un; +}; + +/* + * the main header + */ +struct ospf6hdr { + u_int8_t ospf6_version; + u_int8_t ospf6_type; + u_int16_t ospf6_len; + rtrid_t ospf6_routerid; + rtrid_t ospf6_areaid; + u_int16_t ospf6_chksum; + u_int8_t ospf6_instanceid; + u_int8_t ospf6_rsvd; + union { + + /* Hello packet */ + struct { + u_int32_t hello_ifid; + union { + u_int8_t pri; + u_int32_t opt; + } hello_priandopt; +#define hello_priority hello_priandopt.pri +#define hello_options hello_priandopt.opt + u_int16_t hello_helloint; + u_int16_t hello_deadint; + rtrid_t hello_dr; + rtrid_t hello_bdr; + rtrid_t hello_neighbor[1]; /* may repeat */ + } un_hello; + + /* Database Description packet */ + struct { + u_int32_t db_options; + u_int16_t db_mtu; + u_int8_t db_mbz; + u_int8_t db_flags; + u_int32_t db_seq; + struct lsa6_hdr db_lshdr[1]; /* may repeat */ + } un_db; + + /* Link State Request */ + struct lsr6 { + u_int16_t ls_mbz; + u_int16_t ls_type; + rtrid_t ls_stateid; + rtrid_t ls_router; + } un_lsr[1]; /* may repeat */ + + /* Link State Update */ + struct { + u_int32_t lsu_count; + struct lsa6 lsu_lsa[1]; /* may repeat */ + } un_lsu; + + /* Link State Acknowledgement */ + struct { + struct lsa6_hdr lsa_lshdr[1]; /* may repeat */ + } un_lsa ; + } ospf6_un ; +}; + +#define ospf6_hello ospf6_un.un_hello +#define ospf6_db ospf6_un.un_db +#define ospf6_lsr ospf6_un.un_lsr +#define ospf6_lsu ospf6_un.un_lsu +#define ospf6_lsa ospf6_un.un_lsa static const char tstr[] = " [|ospf3]"; @@ -88,12 +333,15 @@ static const struct tok ospf6_lsa_values[] = { { LS_TYPE_INTER_AP, "Inter-Area Prefix" }, { LS_TYPE_INTER_AR, "Inter-Area Router" }, { LS_TYPE_ASE, "External" }, - { LS_TYPE_GROUP, "Multicast Group" }, + { LS_TYPE_GROUP, "Deprecated" }, { LS_TYPE_NSSA, "NSSA" }, { LS_TYPE_LINK, "Link" }, { LS_TYPE_INTRA_AP, "Intra-Area Prefix" }, { LS_TYPE_INTRA_ATE, "Intra-Area TE" }, { LS_TYPE_GRACE, "Grace" }, + { LS_TYPE_RI, "Router Information" }, + { LS_TYPE_INTER_ASTE, "Inter-AS-TE" }, + { LS_TYPE_L1VPN, "Layer 1 VPN" }, { 0, NULL } }; @@ -108,24 +356,23 @@ static const struct tok ospf6_dd_flag_values[] = { { OSPF6_DB_INIT, "Init" }, { OSPF6_DB_MORE, "More" }, { OSPF6_DB_MASTER, "Master" }, + { OSPF6_DB_M6, "IPv6 MTU" }, { 0, NULL } }; static const struct tok ospf6_lsa_prefix_option_values[] = { { LSA_PREFIX_OPT_NU, "No Unicast" }, { LSA_PREFIX_OPT_LA, "Local address" }, - { LSA_PREFIX_OPT_MC, "Multicast" }, + { LSA_PREFIX_OPT_MC, "Deprecated" }, { LSA_PREFIX_OPT_P, "Propagate" }, { LSA_PREFIX_OPT_DN, "Down" }, { 0, NULL } }; -/* Forwards */ -static void ospf6_print_ls_type(u_int, const rtrid_t *); -static int ospf6_print_lshdr(const struct lsa6_hdr *); -static int ospf6_print_lsa(const struct lsa6 *); -static int ospf6_decode_v3(const struct ospf6hdr *, const u_char *); - +static const struct tok ospf6_auth_type_str[] = { + { OSPF6_AUTH_TYPE_HMAC, "HMAC" }, + { 0, NULL } +}; static void ospf6_print_ls_type(register u_int ls_type, register const rtrid_t *ls_stateid) @@ -139,9 +386,10 @@ ospf6_print_ls_type(register u_int ls_type, register const rtrid_t *ls_stateid) } static int -ospf6_print_lshdr(register const struct lsa6_hdr *lshp) +ospf6_print_lshdr(register const struct lsa6_hdr *lshp, const u_char *dataend) { - + if ((u_char *)(lshp + 1) > dataend) + goto trunc; TCHECK(lshp->ls_type); TCHECK(lshp->ls_seq); @@ -199,7 +447,7 @@ trunc: * Print a single link state advertisement. If truncated return 1, else 0. */ static int -ospf6_print_lsa(register const struct lsa6 *lsap) +ospf6_print_lsa(register const struct lsa6 *lsap, const u_char *dataend) { register const struct rlalink6 *rlp; #if 0 @@ -221,7 +469,7 @@ ospf6_print_lsa(register const struct lsa6 *lsap) u_int32_t flags32; const u_int8_t *tptr; - if (ospf6_print_lshdr(&lsap->ls_hdr)) + if (ospf6_print_lshdr(&lsap->ls_hdr, dataend)) return (1); TCHECK(lsap->ls_hdr.ls_length); length = EXTRACT_16BITS(&lsap->ls_hdr.ls_length); @@ -232,7 +480,7 @@ ospf6_print_lsa(register const struct lsa6 *lsap) * If it does, find the length of what follows the * header. */ - if (length < sizeof(struct lsa6_hdr)) + if (length < sizeof(struct lsa6_hdr) || (u_char *)lsap + length > dataend) return (1); lsa_length = length - sizeof(struct lsa6_hdr); tptr = (u_int8_t *)lsap+sizeof(struct lsa6_hdr); @@ -263,7 +511,7 @@ ospf6_print_lsa(register const struct lsa6 *lsap) "\n\t Neighbor Interface-ID %s, Interface %s", ipaddr_string(&rlp->link_nrtid), ipaddr_string(&rlp->link_nifid), - ipaddr_string(&rlp->link_ifid)); + ipaddr_string(&rlp->link_ifid)); break; case RLA_TYPE_ROUTER: @@ -271,7 +519,7 @@ ospf6_print_lsa(register const struct lsa6 *lsap) "\n\t Neighbor Interface-ID %s, Interface %s", ipaddr_string(&rlp->link_nrtid), ipaddr_string(&rlp->link_nifid), - ipaddr_string(&rlp->link_ifid)); + ipaddr_string(&rlp->link_ifid)); break; case RLA_TYPE_TRANSIT: @@ -457,7 +705,7 @@ ospf6_print_lsa(register const struct lsa6 *lsap) break; default: - if(!print_unknown_data(tptr, + if(!print_unknown_data(gndo,tptr, "\n\t ", lsa_length)) { return (1); @@ -502,7 +750,7 @@ ospf6_decode_v3(register const struct ospf6hdr *op, if (op->ospf6_hello.hello_bdr != 0) printf(", Backup Designated Router %s", ipaddr_string(&op->ospf6_hello.hello_bdr)); - if (vflag) { + if (vflag > 1) { printf("\n\t Neighbor List:"); ap = op->ospf6_hello.hello_neighbor; while ((u_char *)ap < dataend) { @@ -526,16 +774,18 @@ ospf6_decode_v3(register const struct ospf6hdr *op, printf(", MTU %u, DD-Sequence 0x%08x", EXTRACT_16BITS(&op->ospf6_db.db_mtu), EXTRACT_32BITS(&op->ospf6_db.db_seq)); - - /* Print all the LS adv's */ - lshp = op->ospf6_db.db_lshdr; - while (!ospf6_print_lshdr(lshp)) { - ++lshp; - } + if (vflag > 1) { + /* Print all the LS adv's */ + lshp = op->ospf6_db.db_lshdr; + while ((u_char *)lshp < dataend) { + if (ospf6_print_lshdr(lshp++, dataend)) + goto trunc; + } + } break; case OSPF_TYPE_LS_REQ: - if (vflag) { + if (vflag > 1) { lsrp = op->ospf6_lsr; while ((u_char *)lsrp < dataend) { TCHECK(*lsrp); @@ -549,12 +799,12 @@ ospf6_decode_v3(register const struct ospf6hdr *op, break; case OSPF_TYPE_LS_UPDATE: - if (vflag) { + if (vflag > 1) { lsap = op->ospf6_lsu.lsu_lsa; TCHECK(op->ospf6_lsu.lsu_count); i = EXTRACT_32BITS(&op->ospf6_lsu.lsu_count); - while (i--) { - if (ospf6_print_lsa(lsap)) + while ((u_char *)lsap < dataend && i--) { + if (ospf6_print_lsa(lsap, dataend)) goto trunc; lsap = (struct lsa6 *)((u_char *)lsap + EXTRACT_16BITS(&lsap->ls_hdr.ls_length)); @@ -564,11 +814,11 @@ ospf6_decode_v3(register const struct ospf6hdr *op, case OSPF_TYPE_LS_ACK: - if (vflag) { + if (vflag > 1) { lshp = op->ospf6_lsa.lsa_lshdr; - - while (!ospf6_print_lshdr(lshp)) { - ++lshp; + while ((u_char *)lshp < dataend) { + if (ospf6_print_lshdr(lshp++, dataend)) + goto trunc; } } break; @@ -581,19 +831,118 @@ trunc: return (1); } +/* RFC5613 Section 2.2 (w/o the TLVs) */ +static int +ospf6_print_lls(const u_char *cp, const u_int len) +{ + uint16_t llsdatalen; + + if (len == 0) + return 0; + if (len < OSPF_LLS_HDRLEN) + goto trunc; + /* Checksum */ + TCHECK2(*cp, 2); + printf("\n\tLLS Checksum 0x%04x", EXTRACT_16BITS(cp)); + cp += 2; + /* LLS Data Length */ + TCHECK2(*cp, 2); + llsdatalen = EXTRACT_16BITS(cp); + printf(", Data Length %u", llsdatalen); + if (llsdatalen < OSPF_LLS_HDRLEN || llsdatalen > len) + goto trunc; + cp += 2; + /* LLS TLVs */ + TCHECK2(*cp, llsdatalen - OSPF_LLS_HDRLEN); + /* FIXME: code in print-ospf.c can be reused to decode the TLVs */ + + return llsdatalen; +trunc: + return -1; +} + +/* RFC6506 Section 4.1 */ +static int +ospf6_decode_at(const u_char *cp, const u_int len) +{ + uint16_t authdatalen; + + if (len == 0) + return 0; + if (len < OSPF6_AT_HDRLEN) + goto trunc; + /* Authentication Type */ + TCHECK2(*cp, 2); + printf("\n\tAuthentication Type %s", tok2str(ospf6_auth_type_str, "unknown (0x%04x)", EXTRACT_16BITS(cp))); + cp += 2; + /* Auth Data Len */ + TCHECK2(*cp, 2); + authdatalen = EXTRACT_16BITS(cp); + printf(", Length %u", authdatalen); + if (authdatalen < OSPF6_AT_HDRLEN || authdatalen > len) + goto trunc; + cp += 2; + /* Reserved */ + TCHECK2(*cp, 2); + cp += 2; + /* Security Association ID */ + TCHECK2(*cp, 2); + printf(", SAID %u", EXTRACT_16BITS(cp)); + cp += 2; + /* Cryptographic Sequence Number (High-Order 32 Bits) */ + TCHECK2(*cp, 4); + printf(", CSN 0x%08x", EXTRACT_32BITS(cp)); + cp += 4; + /* Cryptographic Sequence Number (Low-Order 32 Bits) */ + TCHECK2(*cp, 4); + printf(":%08x", EXTRACT_32BITS(cp)); + cp += 4; + /* Authentication Data */ + TCHECK2(*cp, authdatalen - OSPF6_AT_HDRLEN); + if (vflag > 1) + print_unknown_data(gndo,cp, "\n\tAuthentication Data ", authdatalen - OSPF6_AT_HDRLEN); + return 0; + +trunc: + return 1; +} + +/* The trailing data may include LLS and/or AT data (in this specific order). + * LLS data may be present only in Hello and DBDesc packets with the L-bit set. + * AT data may be present in Hello and DBDesc packets with the AT-bit set or in + * any other packet type, thus decode the AT data regardless of the AT-bit. + */ +static int +ospf6_decode_v3_trailer(const struct ospf6hdr *op, const u_char *cp, const unsigned len) +{ + int llslen = 0; + u_char lls_hello = op->ospf6_type == OSPF_TYPE_HELLO && + op->ospf6_hello.hello_options & OSPF6_OPTION_L; + u_char lls_dd = op->ospf6_type == OSPF_TYPE_DD && + op->ospf6_db.db_options & OSPF6_OPTION_L; + + if ((lls_hello || lls_dd) && (llslen = ospf6_print_lls(cp, len)) < 0) + goto trunc; + return ospf6_decode_at(cp + llslen, len - llslen); + +trunc: + return 1; +} + void ospf6_print(register const u_char *bp, register u_int length) { register const struct ospf6hdr *op; register const u_char *dataend; register const char *cp; + uint16_t datalen; op = (struct ospf6hdr *)bp; /* If the type is valid translate it, or just print the type */ /* value. If it's not valid, say so and return */ TCHECK(op->ospf6_type); - cp = tok2str(ospf6_type_values, "unknown LS-type", op->ospf6_type); + cp = tok2str(ospf6_type_values, "unknown packet type (%u)", op->ospf6_type); printf("OSPFv%u, %s, length %d", op->ospf6_version, cp, length); if (*cp == 'u') { return; @@ -603,14 +952,15 @@ ospf6_print(register const u_char *bp, register u_int length) return; } + /* OSPFv3 data always comes first and optional trailing data may follow. */ TCHECK(op->ospf6_len); - if (length != EXTRACT_16BITS(&op->ospf6_len)) { - printf(" [len %d]", EXTRACT_16BITS(&op->ospf6_len)); + datalen = EXTRACT_16BITS(&op->ospf6_len); + if (datalen > length) { + printf(" [len %d]", datalen); return; } - dataend = bp + length; + dataend = bp + datalen; - /* Print the routerid if it is not the same as the source */ TCHECK(op->ospf6_routerid); printf("\n\tRouter-ID %s", ipaddr_string(&op->ospf6_routerid)); @@ -628,13 +978,10 @@ ospf6_print(register const u_char *bp, register u_int length) case 3: /* ospf version 3 */ - if (ospf6_decode_v3(op, dataend)) + if (ospf6_decode_v3(op, dataend) || + ospf6_decode_v3_trailer(op, dataend, length - datalen)) goto trunc; break; - - default: - printf(" ospf [version %d]", op->ospf6_version); - break; } /* end switch on version */ return;