X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/fc6f112b40b9da56286ebc125f109e2889f5ebdb..66f29e001c608bf8ca3ed25f492fbd88e23e1b5e:/print-rsvp.c diff --git a/print-rsvp.c b/print-rsvp.c index e869b970..05e76393 100644 --- a/print-rsvp.c +++ b/print-rsvp.c @@ -12,17 +12,18 @@ * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE. * - * Original code by Hannes Gredler (hannes@juniper.net) + * Original code by Hannes Gredler (hannes@gredler.at) */ -#define NETDISSECT_REWORKED +/* \summary: Resource ReSerVation Protocol (RSVP) printer */ + #ifdef HAVE_CONFIG_H #include "config.h" #endif -#include +#include -#include "interface.h" +#include "netdissect.h" #include "extract.h" #include "addrtoname.h" #include "ethertype.h" @@ -30,6 +31,8 @@ #include "af.h" #include "signature.h" +static const char tstr[] = " [|rsvp]"; + /* * RFC 2205 common header * @@ -43,12 +46,12 @@ */ struct rsvp_common_header { - u_int8_t version_flags; - u_int8_t msg_type; - u_int8_t checksum[2]; - u_int8_t ttl; - u_int8_t reserved; - u_int8_t length[2]; + uint8_t version_flags; + uint8_t msg_type; + uint8_t checksum[2]; + uint8_t ttl; + uint8_t reserved; + uint8_t length[2]; }; /* @@ -66,9 +69,9 @@ struct rsvp_common_header { */ struct rsvp_object_header { - u_int8_t length[2]; - u_int8_t class_num; - u_int8_t ctype; + uint8_t length[2]; + uint8_t class_num; + uint8_t ctype; }; #define RSVP_VERSION 1 @@ -82,7 +85,7 @@ struct rsvp_object_header { #define RSVP_MSGTYPE_PATHTEAR 5 #define RSVP_MSGTYPE_RESVTEAR 6 #define RSVP_MSGTYPE_RESVCONF 7 -#define RSVP_MSGTYPE_AGGREGATE 12 +#define RSVP_MSGTYPE_BUNDLE 12 #define RSVP_MSGTYPE_ACK 13 #define RSVP_MSGTYPE_HELLO_OLD 14 /* ancient Hellos */ #define RSVP_MSGTYPE_SREFRESH 15 @@ -96,7 +99,7 @@ static const struct tok rsvp_msg_type_values[] = { { RSVP_MSGTYPE_PATHTEAR, "PathTear" }, { RSVP_MSGTYPE_RESVTEAR, "ResvTear" }, { RSVP_MSGTYPE_RESVCONF, "ResvConf" }, - { RSVP_MSGTYPE_AGGREGATE, "Aggregate" }, + { RSVP_MSGTYPE_BUNDLE, "Bundle" }, { RSVP_MSGTYPE_ACK, "Acknowledgement" }, { RSVP_MSGTYPE_HELLO_OLD, "Hello (Old)" }, { RSVP_MSGTYPE_SREFRESH, "Refresh" }, @@ -136,7 +139,7 @@ static const struct tok rsvp_header_flag_values[] = { #define RSVP_OBJ_LABEL_SET 36 /* rfc3473 */ #define RSVP_OBJ_PROTECTION 37 /* rfc3473 */ #define RSVP_OBJ_S2L 50 /* rfc4875 */ -#define RSVP_OBJ_DETOUR 63 /* draft-ietf-mpls-rsvp-lsp-fastreroute-07 */ +#define RSVP_OBJ_DETOUR 63 /* rfc4090 */ #define RSVP_OBJ_CLASSTYPE 66 /* rfc4124 */ #define RSVP_OBJ_CLASSTYPE_OLD 125 /* draft-ietf-tewg-diff-te-proto-07 */ #define RSVP_OBJ_SUGGESTED_LABEL 129 /* rfc3473 */ @@ -145,7 +148,7 @@ static const struct tok rsvp_header_flag_values[] = { #define RSVP_OBJ_NOTIFY_REQ 195 /* rfc3473 */ #define RSVP_OBJ_ADMIN_STATUS 196 /* rfc3473 */ #define RSVP_OBJ_PROPERTIES 204 /* juniper proprietary */ -#define RSVP_OBJ_FASTREROUTE 205 /* draft-ietf-mpls-rsvp-lsp-fastreroute-07 */ +#define RSVP_OBJ_FASTREROUTE 205 /* rfc4090 */ #define RSVP_OBJ_SESSION_ATTRIBUTE 207 /* rfc3209 */ #define RSVP_OBJ_GENERALIZED_UNI 229 /* OIF RSVP extensions UNI 1.0 Signaling, Rel. 2 */ #define RSVP_OBJ_CALL_ID 230 /* rfc3474 */ @@ -292,11 +295,11 @@ static const struct tok rsvp_ctype_values[] = { }; struct rsvp_obj_integrity_t { - u_int8_t flags; - u_int8_t res; - u_int8_t key_id[6]; - u_int8_t sequence[8]; - u_int8_t digest[16]; + uint8_t flags; + uint8_t res; + uint8_t key_id[6]; + uint8_t sequence[8]; + uint8_t digest[16]; }; static const struct tok rsvp_obj_integrity_flag_values[] = { @@ -305,14 +308,14 @@ static const struct tok rsvp_obj_integrity_flag_values[] = { }; struct rsvp_obj_frr_t { - u_int8_t setup_prio; - u_int8_t hold_prio; - u_int8_t hop_limit; - u_int8_t flags; - u_int8_t bandwidth[4]; - u_int8_t include_any[4]; - u_int8_t exclude_any[4]; - u_int8_t include_all[4]; + uint8_t setup_prio; + uint8_t hold_prio; + uint8_t hop_limit; + uint8_t flags; + uint8_t bandwidth[4]; + uint8_t include_any[4]; + uint8_t exclude_any[4]; + uint8_t include_all[4]; }; @@ -336,7 +339,7 @@ static const struct tok rsvp_obj_xro_values[] = { { 0, NULL} }; -/* draft-ietf-mpls-rsvp-lsp-fastreroute-07.txt */ +/* RFC4090 */ static const struct tok rsvp_obj_rro_flag_values[] = { { 0x01, "Local protection available" }, { 0x02, "Local protection in use" }, @@ -484,26 +487,28 @@ static const struct tok rsvp_obj_generalized_uni_values[] = { * it is called from various rsvp objects; * returns the amount of bytes being processed */ -static int +static u_int rsvp_intserv_print(netdissect_options *ndo, - const u_char *tptr, u_short obj_tlen) { - - int parameter_id,parameter_length; + const u_char *tptr, u_short obj_tlen) +{ + u_int parameter_id,parameter_length; union { float f; - u_int32_t i; + uint32_t i; } bw; if (obj_tlen < 4) return 0; - parameter_id = *(tptr); - parameter_length = EXTRACT_16BITS(tptr+2)<<2; /* convert wordcount to bytecount */ + ND_TCHECK_1(tptr); + parameter_id = EXTRACT_U_1(tptr); + ND_TCHECK_2(tptr + 2); + parameter_length = EXTRACT_BE_U_2(tptr + 2)<<2; /* convert wordcount to bytecount */ ND_PRINT((ndo, "\n\t Parameter ID: %s (%u), length: %u, Flags: [0x%02x]", tok2str(rsvp_intserv_parameter_id_values,"unknown",parameter_id), parameter_id, parameter_length, - *(tptr + 1))); + EXTRACT_U_1(tptr + 1))); if (obj_tlen < parameter_length+4) return 0; @@ -517,8 +522,10 @@ rsvp_intserv_print(netdissect_options *ndo, * | IS hop cnt (32-bit unsigned integer) | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ - if (parameter_length == 4) - ND_PRINT((ndo, "\n\t\tIS hop count: %u", EXTRACT_32BITS(tptr + 4))); + if (parameter_length == 4) { + ND_TCHECK_4(tptr + 4); + ND_PRINT((ndo, "\n\t\tIS hop count: %u", EXTRACT_BE_U_4(tptr + 4))); + } break; case 6: @@ -530,7 +537,8 @@ rsvp_intserv_print(netdissect_options *ndo, * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ if (parameter_length == 4) { - bw.i = EXTRACT_32BITS(tptr+4); + ND_TCHECK_4(tptr + 4); + bw.i = EXTRACT_BE_U_4(tptr + 4); ND_PRINT((ndo, "\n\t\tPath b/w estimate: %.10g Mbps", bw.f / 125000)); } break; @@ -544,11 +552,12 @@ rsvp_intserv_print(netdissect_options *ndo, * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ if (parameter_length == 4) { + ND_TCHECK_4(tptr + 4); ND_PRINT((ndo, "\n\t\tMinimum path latency: ")); - if (EXTRACT_32BITS(tptr+4) == 0xffffffff) + if (EXTRACT_BE_U_4(tptr + 4) == 0xffffffff) ND_PRINT((ndo, "don't care")); else - ND_PRINT((ndo, "%u", EXTRACT_32BITS(tptr + 4))); + ND_PRINT((ndo, "%u", EXTRACT_BE_U_4(tptr + 4))); } break; @@ -561,8 +570,10 @@ rsvp_intserv_print(netdissect_options *ndo, * | Composed MTU (32-bit unsigned integer) | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ - if (parameter_length == 4) - ND_PRINT((ndo, "\n\t\tComposed MTU: %u bytes", EXTRACT_32BITS(tptr + 4))); + if (parameter_length == 4) { + ND_TCHECK_4(tptr + 4); + ND_PRINT((ndo, "\n\t\tComposed MTU: %u bytes", EXTRACT_BE_U_4(tptr + 4))); + } break; case 127: /* @@ -582,14 +593,15 @@ rsvp_intserv_print(netdissect_options *ndo, */ if (parameter_length == 20) { - bw.i = EXTRACT_32BITS(tptr+4); + ND_TCHECK_LEN(tptr + 4, 20); + bw.i = EXTRACT_BE_U_4(tptr + 4); ND_PRINT((ndo, "\n\t\tToken Bucket Rate: %.10g Mbps", bw.f / 125000)); - bw.i = EXTRACT_32BITS(tptr+8); + bw.i = EXTRACT_BE_U_4(tptr + 8); ND_PRINT((ndo, "\n\t\tToken Bucket Size: %.10g bytes", bw.f)); - bw.i = EXTRACT_32BITS(tptr+12); + bw.i = EXTRACT_BE_U_4(tptr + 12); ND_PRINT((ndo, "\n\t\tPeak Data Rate: %.10g Mbps", bw.f / 125000)); - ND_PRINT((ndo, "\n\t\tMinimum Policed Unit: %u bytes", EXTRACT_32BITS(tptr + 16))); - ND_PRINT((ndo, "\n\t\tMaximum Packet Size: %u bytes", EXTRACT_32BITS(tptr + 20))); + ND_PRINT((ndo, "\n\t\tMinimum Policed Unit: %u bytes", EXTRACT_BE_U_4(tptr + 16))); + ND_PRINT((ndo, "\n\t\tMaximum Packet Size: %u bytes", EXTRACT_BE_U_4(tptr + 20))); } break; @@ -605,9 +617,10 @@ rsvp_intserv_print(netdissect_options *ndo, */ if (parameter_length == 8) { - bw.i = EXTRACT_32BITS(tptr+4); + ND_TCHECK_8(tptr + 4); + bw.i = EXTRACT_BE_U_4(tptr + 4); ND_PRINT((ndo, "\n\t\tRate: %.10g Mbps", bw.f / 125000)); - ND_PRINT((ndo, "\n\t\tSlack Term: %u", EXTRACT_32BITS(tptr + 8))); + ND_PRINT((ndo, "\n\t\tSlack Term: %u", EXTRACT_BE_U_4(tptr + 8))); } break; @@ -615,8 +628,10 @@ rsvp_intserv_print(netdissect_options *ndo, case 134: case 135: case 136: - if (parameter_length == 4) - ND_PRINT((ndo, "\n\t\tValue: %u", EXTRACT_32BITS(tptr + 4))); + if (parameter_length == 4) { + ND_TCHECK_4(tptr + 4); + ND_PRINT((ndo, "\n\t\tValue: %u", EXTRACT_BE_U_4(tptr + 4))); + } break; default: @@ -624,21 +639,30 @@ rsvp_intserv_print(netdissect_options *ndo, print_unknown_data(ndo, tptr + 4, "\n\t\t", parameter_length); } return (parameter_length+4); /* header length 4 bytes */ + +trunc: + ND_PRINT((ndo, "%s", tstr)); + return 0; +} + +/* + * Clear checksum prior to signature verification. + */ +static void +rsvp_clear_checksum(void *header) +{ + struct rsvp_common_header *rsvp_com_header = (struct rsvp_common_header *) header; + + rsvp_com_header->checksum[0] = 0; + rsvp_com_header->checksum[1] = 0; } static int rsvp_obj_print(netdissect_options *ndo, - const u_char *pptr -#ifndef HAVE_LIBCRYPTO -_U_ -#endif -, u_int plen -#ifndef HAVE_LIBCRYPTO -_U_ -#endif -, const u_char *tptr, - const char *ident, u_int tlen) { - + const u_char *pptr, u_int plen, const u_char *tptr, + const char *indent, u_int tlen, + const struct rsvp_common_header *rsvp_com_header) +{ const struct rsvp_object_header *rsvp_obj_header; const u_char *obj_tptr; union { @@ -646,37 +670,37 @@ _U_ const struct rsvp_obj_frr_t *rsvp_obj_frr; } obj_ptr; - u_short rsvp_obj_len,rsvp_obj_ctype,obj_tlen,intserv_serv_tlen; + u_short rsvp_obj_len,rsvp_obj_ctype,obj_tlen; + u_int intserv_serv_tlen; int hexdump,processed,padbytes,error_code,error_value,i,sigcheck; union { float f; - u_int32_t i; + uint32_t i; } bw; - u_int8_t namelen; + uint8_t namelen; u_int action, subchannel; while(tlen>=sizeof(struct rsvp_object_header)) { /* did we capture enough for fully decoding the object header ? */ - if (!ND_TTEST2(*tptr, sizeof(struct rsvp_object_header))) - goto trunc; + ND_TCHECK_LEN(tptr, sizeof(struct rsvp_object_header)); rsvp_obj_header = (const struct rsvp_object_header *)tptr; - rsvp_obj_len=EXTRACT_16BITS(rsvp_obj_header->length); + rsvp_obj_len=EXTRACT_BE_U_2(rsvp_obj_header->length); rsvp_obj_ctype=rsvp_obj_header->ctype; if(rsvp_obj_len % 4) { - ND_PRINT((ndo, "%sERROR: object header size %u not a multiple of 4", ident, rsvp_obj_len)); + ND_PRINT((ndo, "%sERROR: object header size %u not a multiple of 4", indent, rsvp_obj_len)); return -1; } if(rsvp_obj_len < sizeof(struct rsvp_object_header)) { - ND_PRINT((ndo, "%sERROR: object header too short %u < %lu", ident, rsvp_obj_len, - (unsigned long)sizeof(const struct rsvp_object_header))); + ND_PRINT((ndo, "%sERROR: object header too short %u < %lu", indent, rsvp_obj_len, + (unsigned long)sizeof(struct rsvp_object_header))); return -1; } ND_PRINT((ndo, "%s%s Object (%u) Flags: [%s", - ident, + indent, tok2str(rsvp_obj_values, "Unknown", rsvp_obj_header->class_num), @@ -695,7 +719,7 @@ _U_ rsvp_obj_len)); if(tlen < rsvp_obj_len) { - ND_PRINT((ndo, "%sERROR: object goes past end of objects TLV", ident)); + ND_PRINT((ndo, "%sERROR: object goes past end of objects TLV", indent)); return -1; } @@ -703,7 +727,7 @@ _U_ obj_tlen=rsvp_obj_len-sizeof(struct rsvp_object_header); /* did we capture enough for fully decoding the object ? */ - if (!ND_TTEST2(*tptr, rsvp_obj_len)) + if (!ND_TTEST_LEN(tptr, rsvp_obj_len)) return -1; hexdump=FALSE; @@ -714,28 +738,27 @@ _U_ if (obj_tlen < 8) return -1; ND_PRINT((ndo, "%s IPv4 DestAddress: %s, Protocol ID: 0x%02x", - ident, - ipaddr_string(obj_tptr), - *(obj_tptr + sizeof(struct in_addr)))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_U_1(obj_tptr + sizeof(struct in_addr)))); ND_PRINT((ndo, "%s Flags: [0x%02x], DestPort %u", - ident, - *(obj_tptr+5), - EXTRACT_16BITS(obj_tptr + 6))); + indent, + EXTRACT_U_1((obj_tptr + 5)), + EXTRACT_BE_U_2(obj_tptr + 6))); obj_tlen-=8; obj_tptr+=8; break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < 20) return -1; ND_PRINT((ndo, "%s IPv6 DestAddress: %s, Protocol ID: 0x%02x", - ident, - ip6addr_string(obj_tptr), - *(obj_tptr + sizeof(struct in6_addr)))); + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_U_1(obj_tptr + sizeof(struct in6_addr)))); ND_PRINT((ndo, "%s Flags: [0x%02x], DestPort %u", - ident, - *(obj_tptr+sizeof(struct in6_addr)+1), - EXTRACT_16BITS(obj_tptr + sizeof(struct in6_addr) + 2))); + indent, + EXTRACT_U_1((obj_tptr + sizeof(struct in6_addr) + 1)), + EXTRACT_BE_U_2(obj_tptr + sizeof(struct in6_addr) + 2))); obj_tlen-=20; obj_tptr+=20; break; @@ -744,10 +767,10 @@ _U_ if (obj_tlen < 36) return -1; ND_PRINT((ndo, "%s IPv6 Tunnel EndPoint: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18), - ip6addr_string(obj_tptr + 20))); + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 18), + ip6addr_string(ndo, obj_tptr + 20))); obj_tlen-=36; obj_tptr+=36; break; @@ -756,22 +779,21 @@ _U_ if (obj_tlen < 26) return -1; ND_PRINT((ndo, "%s IPv6 P2MP LSP ID: 0x%08x, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", - ident, - EXTRACT_32BITS(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ip6addr_string(obj_tptr + 8))); + indent, + EXTRACT_BE_U_4(obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6), + ip6addr_string(ndo, obj_tptr + 8))); obj_tlen-=26; obj_tptr+=26; break; -#endif case RSVP_CTYPE_13: /* IPv4 p2mp LSP Tunnel */ if (obj_tlen < 12) return -1; ND_PRINT((ndo, "%s IPv4 P2MP LSP ID: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ipaddr_string(obj_tptr + 8))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6), + ipaddr_string(ndo, obj_tptr + 8))); obj_tlen-=12; obj_tptr+=12; break; @@ -780,10 +802,10 @@ _U_ if (obj_tlen < 12) return -1; ND_PRINT((ndo, "%s IPv4 Tunnel EndPoint: %s, Tunnel ID: 0x%04x, Extended Tunnel ID: %s", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ipaddr_string(obj_tptr + 8))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6), + ipaddr_string(ndo, obj_tptr + 8))); obj_tlen-=12; obj_tptr+=12; break; @@ -798,22 +820,20 @@ _U_ if (obj_tlen < sizeof(struct in_addr)) return -1; ND_PRINT((ndo, "%s IPv4 Receiver Address: %s", - ident, - ipaddr_string(obj_tptr))); + indent, + ipaddr_string(ndo, obj_tptr))); obj_tlen-=sizeof(struct in_addr); obj_tptr+=sizeof(struct in_addr); break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < sizeof(struct in6_addr)) return -1; ND_PRINT((ndo, "%s IPv6 Receiver Address: %s", - ident, - ip6addr_string(obj_tptr))); + indent, + ip6addr_string(ndo, obj_tptr))); obj_tlen-=sizeof(struct in6_addr); obj_tptr+=sizeof(struct in6_addr); break; -#endif default: hexdump=TRUE; } @@ -825,22 +845,20 @@ _U_ if (obj_tlen < sizeof(struct in_addr)) return -1; ND_PRINT((ndo, "%s IPv4 Notify Node Address: %s", - ident, - ipaddr_string(obj_tptr))); + indent, + ipaddr_string(ndo, obj_tptr))); obj_tlen-=sizeof(struct in_addr); obj_tptr+=sizeof(struct in_addr); break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < sizeof(struct in6_addr)) return-1; ND_PRINT((ndo, "%s IPv6 Notify Node Address: %s", - ident, - ip6addr_string(obj_tptr))); + indent, + ip6addr_string(ndo, obj_tptr))); obj_tlen-=sizeof(struct in6_addr); obj_tptr+=sizeof(struct in6_addr); break; -#endif default: hexdump=TRUE; } @@ -853,7 +871,7 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: while(obj_tlen >= 4 ) { - ND_PRINT((ndo, "%s Label: %u", ident, EXTRACT_32BITS(obj_tptr))); + ND_PRINT((ndo, "%s Label: %u", indent, EXTRACT_BE_U_4(obj_tptr))); obj_tlen-=4; obj_tptr+=4; } @@ -862,8 +880,8 @@ _U_ if (obj_tlen < 4) return-1; ND_PRINT((ndo, "%s Generalized Label: %u", - ident, - EXTRACT_32BITS(obj_tptr))); + indent, + EXTRACT_BE_U_4(obj_tptr))); obj_tlen-=4; obj_tptr+=4; break; @@ -871,11 +889,11 @@ _U_ if (obj_tlen < 12) return-1; ND_PRINT((ndo, "%s Waveband ID: %u%s Start Label: %u, Stop Label: %u", - ident, - EXTRACT_32BITS(obj_tptr), - ident, - EXTRACT_32BITS(obj_tptr+4), - EXTRACT_32BITS(obj_tptr + 8))); + indent, + EXTRACT_BE_U_4(obj_tptr), + indent, + EXTRACT_BE_U_4(obj_tptr + 4), + EXTRACT_BE_U_4(obj_tptr + 8))); obj_tlen-=12; obj_tptr+=12; break; @@ -890,11 +908,11 @@ _U_ if (obj_tlen < 4) return-1; ND_PRINT((ndo, "%s Reservation Style: %s, Flags: [0x%02x]", - ident, + indent, tok2str(rsvp_resstyle_values, "Unknown", - EXTRACT_24BITS(obj_tptr+1)), - *(obj_tptr))); + EXTRACT_BE_U_3(obj_tptr + 1)), + EXTRACT_U_1(obj_tptr))); obj_tlen-=4; obj_tptr+=4; break; @@ -909,20 +927,19 @@ _U_ if (obj_tlen < 8) return-1; ND_PRINT((ndo, "%s Source Address: %s, Source Port: %u", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr + 6))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6))); obj_tlen-=8; obj_tptr+=8; break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < 20) return-1; ND_PRINT((ndo, "%s Source Address: %s, Source Port: %u", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr + 18))); + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 18))); obj_tlen-=20; obj_tptr+=20; break; @@ -931,23 +948,22 @@ _U_ return-1; ND_PRINT((ndo, "%s IPv6 Tunnel Sender Address: %s, LSP ID: 0x%04x" "%s Sub-Group Originator ID: %s, Sub-Group ID: 0x%04x", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18), - ident, - ip6addr_string(obj_tptr+20), - EXTRACT_16BITS(obj_tptr + 38))); + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 18), + indent, + ip6addr_string(ndo, obj_tptr+20), + EXTRACT_BE_U_2(obj_tptr + 38))); obj_tlen-=40; obj_tptr+=40; break; -#endif case RSVP_CTYPE_TUNNEL_IPV4: if (obj_tlen < 8) return-1; ND_PRINT((ndo, "%s IPv4 Tunnel Sender Address: %s, LSP-ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr + 6))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6))); obj_tlen-=8; obj_tptr+=8; break; @@ -956,12 +972,12 @@ _U_ return-1; ND_PRINT((ndo, "%s IPv4 Tunnel Sender Address: %s, LSP ID: 0x%04x" "%s Sub-Group Originator ID: %s, Sub-Group ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ident, - ipaddr_string(obj_tptr+8), - EXTRACT_16BITS(obj_tptr + 12))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6), + indent, + ipaddr_string(ndo, obj_tptr+8), + EXTRACT_BE_U_2(obj_tptr + 12))); obj_tlen-=16; obj_tptr+=16; break; @@ -975,10 +991,10 @@ _U_ case RSVP_CTYPE_1: while(obj_tlen >= 4 ) { ND_PRINT((ndo, "%s L3 Protocol ID: %s", - ident, + indent, tok2str(ethertype_values, "Unknown Protocol (0x%04x)", - EXTRACT_16BITS(obj_tptr + 2)))); + EXTRACT_BE_U_2(obj_tptr + 2)))); obj_tlen-=4; obj_tptr+=4; } @@ -987,19 +1003,19 @@ _U_ if (obj_tlen < 12) return-1; ND_PRINT((ndo, "%s L3 Protocol ID: %s", - ident, + indent, tok2str(ethertype_values, "Unknown Protocol (0x%04x)", - EXTRACT_16BITS(obj_tptr + 2)))); - ND_PRINT((ndo, ",%s merge capability",((*(obj_tptr + 4)) & 0x80) ? "no" : "" )); + EXTRACT_BE_U_2(obj_tptr + 2)))); + ND_PRINT((ndo, ",%s merge capability",((EXTRACT_U_1(obj_tptr + 4)) & 0x80) ? "no" : "" )); ND_PRINT((ndo, "%s Minimum VPI/VCI: %u/%u", - ident, - (EXTRACT_16BITS(obj_tptr+4))&0xfff, - (EXTRACT_16BITS(obj_tptr + 6)) & 0xfff)); + indent, + (EXTRACT_BE_U_2(obj_tptr + 4))&0xfff, + (EXTRACT_BE_U_2(obj_tptr + 6)) & 0xfff)); ND_PRINT((ndo, "%s Maximum VPI/VCI: %u/%u", - ident, - (EXTRACT_16BITS(obj_tptr+8))&0xfff, - (EXTRACT_16BITS(obj_tptr + 10)) & 0xfff)); + indent, + (EXTRACT_BE_U_2(obj_tptr + 8))&0xfff, + (EXTRACT_BE_U_2(obj_tptr + 10)) & 0xfff)); obj_tlen-=12; obj_tptr+=12; break; @@ -1007,16 +1023,16 @@ _U_ if (obj_tlen < 12) return-1; ND_PRINT((ndo, "%s L3 Protocol ID: %s", - ident, + indent, tok2str(ethertype_values, "Unknown Protocol (0x%04x)", - EXTRACT_16BITS(obj_tptr + 2)))); + EXTRACT_BE_U_2(obj_tptr + 2)))); ND_PRINT((ndo, "%s Minimum/Maximum DLCI: %u/%u, %s%s bit DLCI", - ident, - (EXTRACT_32BITS(obj_tptr+4))&0x7fffff, - (EXTRACT_32BITS(obj_tptr+8))&0x7fffff, - (((EXTRACT_16BITS(obj_tptr+4)>>7)&3) == 0 ) ? "10" : "", - (((EXTRACT_16BITS(obj_tptr + 4) >> 7) & 3) == 2 ) ? "23" : "")); + indent, + (EXTRACT_BE_U_4(obj_tptr + 4))&0x7fffff, + (EXTRACT_BE_U_4(obj_tptr + 8))&0x7fffff, + (((EXTRACT_BE_U_2(obj_tptr + 4)>>7)&3) == 0 ) ? "10" : "", + (((EXTRACT_BE_U_2(obj_tptr + 4) >> 7) & 3) == 2 ) ? "23" : "")); obj_tlen-=12; obj_tptr+=12; break; @@ -1024,21 +1040,21 @@ _U_ if (obj_tlen < 4) return-1; ND_PRINT((ndo, "%s LSP Encoding Type: %s (%u)", - ident, + indent, tok2str(gmpls_encoding_values, "Unknown", - *obj_tptr), - *obj_tptr)); + EXTRACT_U_1(obj_tptr)), + EXTRACT_U_1(obj_tptr))); ND_PRINT((ndo, "%s Switching Type: %s (%u), Payload ID: %s (0x%04x)", - ident, + indent, tok2str(gmpls_switch_cap_values, "Unknown", - *(obj_tptr+1)), - *(obj_tptr+1), + EXTRACT_U_1((obj_tptr + 1))), + EXTRACT_U_1(obj_tptr + 1), tok2str(gmpls_payload_values, "Unknown", - EXTRACT_16BITS(obj_tptr+2)), - EXTRACT_16BITS(obj_tptr + 2))); + EXTRACT_BE_U_2(obj_tptr + 2)), + EXTRACT_BE_U_2(obj_tptr + 2))); obj_tlen-=4; obj_tptr+=4; break; @@ -1052,42 +1068,64 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_IPV4: while(obj_tlen >= 4 ) { + u_char length; + + ND_TCHECK_4(obj_tptr); + length = EXTRACT_U_1(obj_tptr + 1); ND_PRINT((ndo, "%s Subobject Type: %s, length %u", - ident, + indent, tok2str(rsvp_obj_xro_values, "Unknown %u", - RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)), - *(obj_tptr + 1))); + RSVP_OBJ_XRO_MASK_SUBOBJ(EXTRACT_U_1(obj_tptr))), + length)); - if (*(obj_tptr+1) == 0) { /* prevent infinite loops */ - ND_PRINT((ndo, "%s ERROR: zero length ERO subtype", ident)); + if (length == 0) { /* prevent infinite loops */ + ND_PRINT((ndo, "%s ERROR: zero length ERO subtype", indent)); break; } - switch(RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)) { + switch(RSVP_OBJ_XRO_MASK_SUBOBJ(EXTRACT_U_1(obj_tptr))) { + u_char prefix_length; + case RSVP_OBJ_XRO_IPV4: + if (length != 8) { + ND_PRINT((ndo, " ERROR: length != 8")); + goto invalid; + } + ND_TCHECK_8(obj_tptr); + prefix_length = EXTRACT_U_1(obj_tptr + 6); + if (prefix_length != 32) { + ND_PRINT((ndo, " ERROR: Prefix length %u != 32", + prefix_length)); + goto invalid; + } ND_PRINT((ndo, ", %s, %s/%u, Flags: [%s]", - RSVP_OBJ_XRO_MASK_LOOSE(*obj_tptr) ? "Loose" : "Strict", - ipaddr_string(obj_tptr+2), - *(obj_tptr+6), + RSVP_OBJ_XRO_MASK_LOOSE(EXTRACT_U_1(obj_tptr)) ? "Loose" : "Strict", + ipaddr_string(ndo, obj_tptr+2), + EXTRACT_U_1((obj_tptr + 6)), bittok2str(rsvp_obj_rro_flag_values, "none", - *(obj_tptr + 7)))); /* rfc3209 says that this field is rsvd. */ + EXTRACT_U_1((obj_tptr + 7))))); /* rfc3209 says that this field is rsvd. */ break; case RSVP_OBJ_XRO_LABEL: + if (length != 8) { + ND_PRINT((ndo, " ERROR: length != 8")); + goto invalid; + } + ND_TCHECK_8(obj_tptr); ND_PRINT((ndo, ", Flags: [%s] (%#x), Class-Type: %s (%u), %u", bittok2str(rsvp_obj_rro_label_flag_values, "none", - *(obj_tptr+2)), - *(obj_tptr+2), + EXTRACT_U_1((obj_tptr + 2))), + EXTRACT_U_1(obj_tptr + 2), tok2str(rsvp_ctype_values, "Unknown", - *(obj_tptr+3) + 256*RSVP_OBJ_RRO), - *(obj_tptr+3), - EXTRACT_32BITS(obj_tptr + 4))); + EXTRACT_U_1((obj_tptr + 3)) + (256 * RSVP_OBJ_RRO)), + EXTRACT_U_1((obj_tptr + 3)), + EXTRACT_BE_U_4(obj_tptr + 4))); } - obj_tlen-=*(obj_tptr+1); - obj_tptr+=*(obj_tptr+1); + obj_tlen-=EXTRACT_U_1(obj_tptr + 1); + obj_tptr+=EXTRACT_U_1(obj_tptr + 1); } break; default: @@ -1102,9 +1140,9 @@ _U_ if (obj_tlen < 8) return-1; ND_PRINT((ndo, "%s Source Instance: 0x%08x, Destination Instance: 0x%08x", - ident, - EXTRACT_32BITS(obj_tptr), - EXTRACT_32BITS(obj_tptr + 4))); + indent, + EXTRACT_BE_U_4(obj_tptr), + EXTRACT_BE_U_4(obj_tptr + 4))); obj_tlen-=8; obj_tptr+=8; break; @@ -1119,9 +1157,9 @@ _U_ if (obj_tlen < 8) return-1; ND_PRINT((ndo, "%s Restart Time: %ums, Recovery Time: %ums", - ident, - EXTRACT_32BITS(obj_tptr), - EXTRACT_32BITS(obj_tptr + 4))); + indent, + EXTRACT_BE_U_4(obj_tptr), + EXTRACT_BE_U_4(obj_tptr + 4))); obj_tlen-=8; obj_tptr+=8; break; @@ -1135,22 +1173,22 @@ _U_ case RSVP_CTYPE_TUNNEL_IPV4: if (obj_tlen < 4) return-1; - namelen = *(obj_tptr+3); + namelen = EXTRACT_U_1(obj_tptr + 3); if (obj_tlen < 4+namelen) return-1; - ND_PRINT((ndo, "%s Session Name: ", ident)); + ND_PRINT((ndo, "%s Session Name: ", indent)); for (i = 0; i < namelen; i++) - safeputchar(ndo, *(obj_tptr + 4 + i)); + safeputchar(ndo, EXTRACT_U_1(obj_tptr + 4 + i)); ND_PRINT((ndo, "%s Setup Priority: %u, Holding Priority: %u, Flags: [%s] (%#x)", - ident, - (int)*obj_tptr, - (int)*(obj_tptr+1), + indent, + EXTRACT_U_1(obj_tptr), + EXTRACT_U_1(obj_tptr + 1), bittok2str(rsvp_session_attribute_flag_values, "none", - *(obj_tptr+2)), - *(obj_tptr + 2))); - obj_tlen-=4+*(obj_tptr+3); - obj_tptr+=4+*(obj_tptr+3); + EXTRACT_U_1((obj_tptr + 2))), + EXTRACT_U_1(obj_tptr + 2))); + obj_tlen-=4+EXTRACT_U_1((obj_tptr + 3)); + obj_tptr+=4+EXTRACT_U_1((obj_tptr + 3)); break; default: hexdump=TRUE; @@ -1169,17 +1207,37 @@ _U_ /* read variable length subobjects */ total_subobj_len = obj_tlen; while(total_subobj_len > 0) { - subobj_len = EXTRACT_16BITS(obj_tptr); - subobj_type = (EXTRACT_16BITS(obj_tptr+2))>>8; - af = (EXTRACT_16BITS(obj_tptr+2))&0x00FF; + /* If RFC 3476 Section 3.1 defined that a sub-object of the + * GENERALIZED_UNI RSVP object must have the Length field as + * a multiple of 4, instead of the check below it would be + * better to test total_subobj_len only once before the loop. + * So long as it does not define it and this while loop does + * not implement such a requirement, let's accept that within + * each iteration subobj_len may happen to be a multiple of 1 + * and test it and total_subobj_len respectively. + */ + if (total_subobj_len < 4) + goto invalid; + subobj_len = EXTRACT_BE_U_2(obj_tptr); + subobj_type = (EXTRACT_BE_U_2(obj_tptr + 2))>>8; + af = (EXTRACT_BE_U_2(obj_tptr + 2))&0x00FF; ND_PRINT((ndo, "%s Subobject Type: %s (%u), AF: %s (%u), length: %u", - ident, + indent, tok2str(rsvp_obj_generalized_uni_values, "Unknown", subobj_type), subobj_type, tok2str(af_values, "Unknown", af), af, subobj_len)); + /* In addition to what is explained above, the same spec does not + * explicitly say that the same Length field includes the 4-octet + * sub-object header, but as long as this while loop implements it + * as it does include, let's keep the check below consistent with + * the rest of the code. + */ + if(subobj_len < 4 || subobj_len > total_subobj_len) + goto invalid; + switch(subobj_type) { case RSVP_GEN_UNI_SUBOBJ_SOURCE_TNA_ADDRESS: case RSVP_GEN_UNI_SUBOBJ_DESTINATION_TNA_ADDRESS: @@ -1189,16 +1247,14 @@ _U_ if (subobj_len < 8) return -1; ND_PRINT((ndo, "%s UNI IPv4 TNA address: %s", - ident, ipaddr_string(obj_tptr + 4))); + indent, ipaddr_string(ndo, obj_tptr + 4))); break; -#ifdef INET6 case AFNUM_INET6: if (subobj_len < 20) return -1; ND_PRINT((ndo, "%s UNI IPv6 TNA address: %s", - ident, ip6addr_string(obj_tptr + 4))); + indent, ip6addr_string(ndo, obj_tptr + 4))); break; -#endif case AFNUM_NSAP: if (subobj_len) { /* unless we have a TLV parser lets just hexdump */ @@ -1221,11 +1277,11 @@ _U_ } ND_PRINT((ndo, "%s U-bit: %x, Label type: %u, Logical port id: %u, Label: %u", - ident, - ((EXTRACT_32BITS(obj_tptr+4))>>31), - ((EXTRACT_32BITS(obj_tptr+4))&0xFF), - EXTRACT_32BITS(obj_tptr+8), - EXTRACT_32BITS(obj_tptr + 12))); + indent, + ((EXTRACT_BE_U_4(obj_tptr + 4))>>31), + ((EXTRACT_BE_U_4(obj_tptr + 4))&0xFF), + EXTRACT_BE_U_4(obj_tptr + 8), + EXTRACT_BE_U_4(obj_tptr + 12))); break; case RSVP_GEN_UNI_SUBOBJ_SERVICE_LEVEL: @@ -1234,7 +1290,7 @@ _U_ } ND_PRINT((ndo, "%s Service level: %u", - ident, (EXTRACT_32BITS(obj_tptr + 4)) >> 24)); + indent, (EXTRACT_BE_U_4(obj_tptr + 4)) >> 24)); break; default: @@ -1264,28 +1320,26 @@ _U_ if (obj_tlen < 8) return-1; ND_PRINT((ndo, "%s Previous/Next Interface: %s, Logical Interface Handle: 0x%08x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_32BITS(obj_tptr + 4))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_4(obj_tptr + 4))); obj_tlen-=8; obj_tptr+=8; if (obj_tlen) hexdump=TRUE; /* unless we have a TLV parser lets just hexdump */ break; -#ifdef INET6 case RSVP_CTYPE_4: /* fall through - FIXME add TLV parser */ case RSVP_CTYPE_IPV6: if (obj_tlen < 20) return-1; ND_PRINT((ndo, "%s Previous/Next Interface: %s, Logical Interface Handle: 0x%08x", - ident, - ip6addr_string(obj_tptr), - EXTRACT_32BITS(obj_tptr + 16))); + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_BE_U_4(obj_tptr + 16))); obj_tlen-=20; obj_tptr+=20; hexdump=TRUE; /* unless we have a TLV parser lets just hexdump */ break; -#endif default: hexdump=TRUE; } @@ -1297,8 +1351,8 @@ _U_ if (obj_tlen < 4) return-1; ND_PRINT((ndo, "%s Refresh Period: %ums", - ident, - EXTRACT_32BITS(obj_tptr))); + indent, + EXTRACT_BE_U_4(obj_tptr))); obj_tlen-=4; obj_tptr+=4; break; @@ -1316,19 +1370,19 @@ _U_ if (obj_tlen < 4) return-1; ND_PRINT((ndo, "%s Msg-Version: %u, length: %u", - ident, - (*obj_tptr & 0xf0) >> 4, - EXTRACT_16BITS(obj_tptr + 2) << 2)); + indent, + (EXTRACT_U_1(obj_tptr) & 0xf0) >> 4, + EXTRACT_BE_U_2(obj_tptr + 2) << 2)); obj_tptr+=4; /* get to the start of the service header */ obj_tlen-=4; while (obj_tlen >= 4) { - intserv_serv_tlen=EXTRACT_16BITS(obj_tptr+2)<<2; - ND_PRINT((ndo, "%s Service Type: %s (%u), break bit %s set, Service length: %u", - ident, - tok2str(rsvp_intserv_service_type_values,"unknown",*(obj_tptr)), - *(obj_tptr), - (*(obj_tptr+1)&0x80) ? "" : "not", + intserv_serv_tlen=EXTRACT_BE_U_2(obj_tptr + 2)<<2; + ND_PRINT((ndo, "%s Service Type: %s (%u), break bit %sset, Service length: %u", + indent, + tok2str(rsvp_intserv_service_type_values,"unknown",EXTRACT_U_1((obj_tptr))), + EXTRACT_U_1(obj_tptr), + (EXTRACT_U_1(obj_tptr + 1)&0x80) ? "" : "not ", intserv_serv_tlen)); obj_tptr+=4; /* get to the start of the parameter list */ @@ -1355,20 +1409,19 @@ _U_ if (obj_tlen < 8) return-1; ND_PRINT((ndo, "%s Source Address: %s, Source Port: %u", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr + 6))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6))); obj_tlen-=8; obj_tptr+=8; break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < 20) return-1; ND_PRINT((ndo, "%s Source Address: %s, Source Port: %u", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr + 18))); + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 18))); obj_tlen-=20; obj_tptr+=20; break; @@ -1376,9 +1429,9 @@ _U_ if (obj_tlen < 20) return-1; ND_PRINT((ndo, "%s Source Address: %s, Flow Label: %u", - ident, - ip6addr_string(obj_tptr), - EXTRACT_24BITS(obj_tptr + 17))); + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_BE_U_3(obj_tptr + 17))); obj_tlen-=20; obj_tptr+=20; break; @@ -1386,9 +1439,9 @@ _U_ if (obj_tlen < 20) return-1; ND_PRINT((ndo, "%s Source Address: %s, LSP-ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr + 18))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 18))); obj_tlen-=20; obj_tptr+=20; break; @@ -1397,23 +1450,22 @@ _U_ return-1; ND_PRINT((ndo, "%s IPv6 Tunnel Sender Address: %s, LSP ID: 0x%04x" "%s Sub-Group Originator ID: %s, Sub-Group ID: 0x%04x", - ident, - ip6addr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+18), - ident, - ip6addr_string(obj_tptr+20), - EXTRACT_16BITS(obj_tptr + 38))); + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 18), + indent, + ip6addr_string(ndo, obj_tptr+20), + EXTRACT_BE_U_2(obj_tptr + 38))); obj_tlen-=40; obj_tptr+=40; break; -#endif case RSVP_CTYPE_TUNNEL_IPV4: if (obj_tlen < 8) return-1; ND_PRINT((ndo, "%s Source Address: %s, LSP-ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr + 6))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6))); obj_tlen-=8; obj_tptr+=8; break; @@ -1422,12 +1474,12 @@ _U_ return-1; ND_PRINT((ndo, "%s IPv4 Tunnel Sender Address: %s, LSP ID: 0x%04x" "%s Sub-Group Originator ID: %s, Sub-Group ID: 0x%04x", - ident, - ipaddr_string(obj_tptr), - EXTRACT_16BITS(obj_tptr+6), - ident, - ipaddr_string(obj_tptr+8), - EXTRACT_16BITS(obj_tptr + 12))); + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_BE_U_2(obj_tptr + 6), + indent, + ipaddr_string(ndo, obj_tptr+8), + EXTRACT_BE_U_2(obj_tptr + 12))); obj_tlen-=16; obj_tptr+=16; break; @@ -1439,23 +1491,23 @@ _U_ case RSVP_OBJ_FASTREROUTE: /* the differences between c-type 1 and 7 are minor */ obj_ptr.rsvp_obj_frr = (const struct rsvp_obj_frr_t *)obj_tptr; - bw.i = EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->bandwidth); switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: /* new style */ if (obj_tlen < sizeof(struct rsvp_obj_frr_t)) return-1; + bw.i = EXTRACT_BE_U_4(obj_ptr.rsvp_obj_frr->bandwidth); ND_PRINT((ndo, "%s Setup Priority: %u, Holding Priority: %u, Hop-limit: %u, Bandwidth: %.10g Mbps", - ident, - (int)obj_ptr.rsvp_obj_frr->setup_prio, - (int)obj_ptr.rsvp_obj_frr->hold_prio, - (int)obj_ptr.rsvp_obj_frr->hop_limit, - bw.f * 8 / 1000000)); + indent, + obj_ptr.rsvp_obj_frr->setup_prio, + obj_ptr.rsvp_obj_frr->hold_prio, + obj_ptr.rsvp_obj_frr->hop_limit, + bw.f * 8 / 1000000)); ND_PRINT((ndo, "%s Include-any: 0x%08x, Exclude-any: 0x%08x, Include-all: 0x%08x", - ident, - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->include_any), - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->exclude_any), - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->include_all))); + indent, + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_frr->include_any), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_frr->exclude_any), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_frr->include_all))); obj_tlen-=sizeof(struct rsvp_obj_frr_t); obj_tptr+=sizeof(struct rsvp_obj_frr_t); break; @@ -1463,16 +1515,17 @@ _U_ case RSVP_CTYPE_TUNNEL_IPV4: /* old style */ if (obj_tlen < 16) return-1; + bw.i = EXTRACT_BE_U_4(obj_ptr.rsvp_obj_frr->bandwidth); ND_PRINT((ndo, "%s Setup Priority: %u, Holding Priority: %u, Hop-limit: %u, Bandwidth: %.10g Mbps", - ident, - (int)obj_ptr.rsvp_obj_frr->setup_prio, - (int)obj_ptr.rsvp_obj_frr->hold_prio, - (int)obj_ptr.rsvp_obj_frr->hop_limit, - bw.f * 8 / 1000000)); + indent, + obj_ptr.rsvp_obj_frr->setup_prio, + obj_ptr.rsvp_obj_frr->hold_prio, + obj_ptr.rsvp_obj_frr->hop_limit, + bw.f * 8 / 1000000)); ND_PRINT((ndo, "%s Include Colors: 0x%08x, Exclude Colors: 0x%08x", - ident, - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->include_any), - EXTRACT_32BITS(obj_ptr.rsvp_obj_frr->exclude_any))); + indent, + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_frr->include_any), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_frr->exclude_any))); obj_tlen-=16; obj_tptr+=16; break; @@ -1487,9 +1540,9 @@ _U_ case RSVP_CTYPE_TUNNEL_IPV4: while(obj_tlen >= 8) { ND_PRINT((ndo, "%s PLR-ID: %s, Avoid-Node-ID: %s", - ident, - ipaddr_string(obj_tptr), - ipaddr_string(obj_tptr + 4))); + indent, + ipaddr_string(ndo, obj_tptr), + ipaddr_string(ndo, obj_tptr + 4))); obj_tlen-=8; obj_tptr+=8; } @@ -1504,8 +1557,8 @@ _U_ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: ND_PRINT((ndo, "%s CT: %u", - ident, - EXTRACT_32BITS(obj_tptr) & 0x7)); + indent, + EXTRACT_BE_U_4(obj_tptr) & 0x7)); obj_tlen-=4; obj_tptr+=4; break; @@ -1520,13 +1573,13 @@ _U_ case RSVP_CTYPE_IPV4: if (obj_tlen < 8) return-1; - error_code=*(obj_tptr+5); - error_value=EXTRACT_16BITS(obj_tptr+6); + error_code=EXTRACT_U_1(obj_tptr + 5); + error_value=EXTRACT_BE_U_2(obj_tptr + 6); ND_PRINT((ndo, "%s Error Node Address: %s, Flags: [0x%02x]%s Error Code: %s (%u)", - ident, - ipaddr_string(obj_tptr), - *(obj_tptr+4), - ident, + indent, + ipaddr_string(ndo, obj_tptr), + EXTRACT_U_1(obj_tptr + 4), + indent, tok2str(rsvp_obj_error_code_values,"unknown",error_code), error_code)); switch (error_code) { @@ -1548,18 +1601,17 @@ _U_ obj_tlen-=8; obj_tptr+=8; break; -#ifdef INET6 case RSVP_CTYPE_4: /* fall through - FIXME add TLV parser */ case RSVP_CTYPE_IPV6: if (obj_tlen < 20) return-1; - error_code=*(obj_tptr+17); - error_value=EXTRACT_16BITS(obj_tptr+18); + error_code=EXTRACT_U_1(obj_tptr + 17); + error_value=EXTRACT_BE_U_2(obj_tptr + 18); ND_PRINT((ndo, "%s Error Node Address: %s, Flags: [0x%02x]%s Error Code: %s (%u)", - ident, - ip6addr_string(obj_tptr), - *(obj_tptr+16), - ident, + indent, + ip6addr_string(ndo, obj_tptr), + EXTRACT_U_1(obj_tptr + 16), + indent, tok2str(rsvp_obj_error_code_values,"unknown",error_code), error_code)); @@ -1575,7 +1627,6 @@ _U_ obj_tlen-=20; obj_tptr+=20; break; -#endif default: hexdump=TRUE; } @@ -1586,27 +1637,28 @@ _U_ case RSVP_CTYPE_1: if (obj_tlen < 4) return-1; - padbytes = EXTRACT_16BITS(obj_tptr+2); + padbytes = EXTRACT_BE_U_2(obj_tptr + 2); ND_PRINT((ndo, "%s TLV count: %u, padding bytes: %u", - ident, - EXTRACT_16BITS(obj_tptr), + indent, + EXTRACT_BE_U_2(obj_tptr), padbytes)); obj_tlen-=4; obj_tptr+=4; /* loop through as long there is anything longer than the TLV header (2) */ while(obj_tlen >= 2 + padbytes) { ND_PRINT((ndo, "%s %s TLV (0x%02x), length: %u", /* length includes header */ - ident, - tok2str(rsvp_obj_prop_tlv_values,"unknown",*obj_tptr), - *obj_tptr, - *(obj_tptr + 1))); - if (obj_tlen < *(obj_tptr+1)) + indent, + tok2str(rsvp_obj_prop_tlv_values,"unknown",EXTRACT_U_1(obj_tptr)), + EXTRACT_U_1(obj_tptr), + EXTRACT_U_1(obj_tptr + 1))); + if (obj_tlen < EXTRACT_U_1((obj_tptr + 1))) return-1; - if (*(obj_tptr+1) < 2) + if (EXTRACT_U_1(obj_tptr + 1) < 2) return -1; - print_unknown_data(ndo, obj_tptr + 2, "\n\t\t", *(obj_tptr + 1) - 2); - obj_tlen-=*(obj_tptr+1); - obj_tptr+=*(obj_tptr+1); + print_unknown_data(ndo, obj_tptr + 2, "\n\t\t", + EXTRACT_U_1(obj_tptr + 1) - 2); + obj_tlen-=EXTRACT_U_1(obj_tptr + 1); + obj_tptr+=EXTRACT_U_1(obj_tptr + 1); } break; default: @@ -1623,17 +1675,17 @@ _U_ if (obj_tlen < 8) return-1; ND_PRINT((ndo, "%s Flags [0x%02x], epoch: %u", - ident, - *obj_tptr, - EXTRACT_24BITS(obj_tptr + 1))); + indent, + EXTRACT_U_1(obj_tptr), + EXTRACT_BE_U_3(obj_tptr + 1))); obj_tlen-=4; obj_tptr+=4; /* loop through as long there are no messages left */ while(obj_tlen >= 4) { ND_PRINT((ndo, "%s Message-ID 0x%08x (%u)", - ident, - EXTRACT_32BITS(obj_tptr), - EXTRACT_32BITS(obj_tptr))); + indent, + EXTRACT_BE_U_4(obj_tptr), + EXTRACT_BE_U_4(obj_tptr))); obj_tlen-=4; obj_tptr+=4; } @@ -1650,27 +1702,25 @@ _U_ return-1; obj_ptr.rsvp_obj_integrity = (const struct rsvp_obj_integrity_t *)obj_tptr; ND_PRINT((ndo, "%s Key-ID 0x%04x%08x, Sequence 0x%08x%08x, Flags [%s]", - ident, - EXTRACT_16BITS(obj_ptr.rsvp_obj_integrity->key_id), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->key_id+2), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->sequence), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->sequence+4), + indent, + EXTRACT_BE_U_2(obj_ptr.rsvp_obj_integrity->key_id), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_integrity->key_id + 2), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_integrity->sequence), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_integrity->sequence + 4), bittok2str(rsvp_obj_integrity_flag_values, "none", obj_ptr.rsvp_obj_integrity->flags))); ND_PRINT((ndo, "%s MD5-sum 0x%08x%08x%08x%08x ", - ident, - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->digest), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->digest+4), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->digest+8), - EXTRACT_32BITS(obj_ptr.rsvp_obj_integrity->digest + 12))); - -#ifdef HAVE_LIBCRYPTO - sigcheck = signature_verify(pptr, plen, (unsigned char *)obj_ptr.\ - rsvp_obj_integrity->digest); -#else - sigcheck = CANT_CHECK_SIGNATURE; -#endif + indent, + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_integrity->digest), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_integrity->digest + 4), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_integrity->digest + 8), + EXTRACT_BE_U_4(obj_ptr.rsvp_obj_integrity->digest + 12))); + + sigcheck = signature_verify(ndo, pptr, plen, + obj_ptr.rsvp_obj_integrity->digest, + rsvp_clear_checksum, + rsvp_com_header); ND_PRINT((ndo, " (%s)", tok2str(signature_check_values, "Unknown", sigcheck))); obj_tlen+=sizeof(struct rsvp_obj_integrity_t); @@ -1686,9 +1736,9 @@ _U_ case RSVP_CTYPE_1: if (obj_tlen < 4) return-1; - ND_PRINT((ndo, "%s Flags [%s]", ident, + ND_PRINT((ndo, "%s Flags [%s]", indent, bittok2str(rsvp_obj_admin_status_flag_values, "none", - EXTRACT_32BITS(obj_tptr)))); + EXTRACT_BE_U_4(obj_tptr)))); obj_tlen-=4; obj_tptr+=4; break; @@ -1702,11 +1752,11 @@ _U_ case RSVP_CTYPE_1: if (obj_tlen < 4) return-1; - action = (EXTRACT_16BITS(obj_tptr)>>8); + action = (EXTRACT_BE_U_2(obj_tptr)>>8); - ND_PRINT((ndo, "%s Action: %s (%u), Label type: %u", ident, + ND_PRINT((ndo, "%s Action: %s (%u), Label type: %u", indent, tok2str(rsvp_obj_label_set_action_values, "Unknown", action), - action, ((EXTRACT_32BITS(obj_tptr) & 0x7F)))); + action, ((EXTRACT_BE_U_4(obj_tptr) & 0x7F)))); switch (action) { case LABEL_SET_INCLUSIVE_RANGE: @@ -1715,9 +1765,9 @@ _U_ /* only a couple of subchannels are expected */ if (obj_tlen < 12) return -1; - ND_PRINT((ndo, "%s Start range: %u, End range: %u", ident, - EXTRACT_32BITS(obj_tptr+4), - EXTRACT_32BITS(obj_tptr + 8))); + ND_PRINT((ndo, "%s Start range: %u, End range: %u", indent, + EXTRACT_BE_U_4(obj_tptr + 4), + EXTRACT_BE_U_4(obj_tptr + 8))); obj_tlen-=12; obj_tptr+=12; break; @@ -1727,8 +1777,8 @@ _U_ obj_tptr+=4; subchannel = 1; while(obj_tlen >= 4 ) { - ND_PRINT((ndo, "%s Subchannel #%u: %u", ident, subchannel, - EXTRACT_32BITS(obj_tptr))); + ND_PRINT((ndo, "%s Subchannel #%u: %u", indent, subchannel, + EXTRACT_BE_U_4(obj_tptr))); obj_tptr+=4; obj_tlen-=4; subchannel++; @@ -1739,6 +1789,7 @@ _U_ default: hexdump=TRUE; } + break; case RSVP_OBJ_S2L: switch (rsvp_obj_ctype) { @@ -1746,25 +1797,24 @@ _U_ if (obj_tlen < 4) return-1; ND_PRINT((ndo, "%s Sub-LSP destination address: %s", - ident, ipaddr_string(obj_tptr))); + indent, ipaddr_string(ndo, obj_tptr))); obj_tlen-=4; obj_tptr+=4; break; -#ifdef INET6 case RSVP_CTYPE_IPV6: if (obj_tlen < 16) return-1; ND_PRINT((ndo, "%s Sub-LSP destination address: %s", - ident, ip6addr_string(obj_tptr))); + indent, ip6addr_string(ndo, obj_tptr))); obj_tlen-=16; obj_tptr+=16; break; -#endif default: hexdump=TRUE; } + break; /* * FIXME those are the defined objects that lack a decoder @@ -1789,22 +1839,26 @@ _U_ tlen-=rsvp_obj_len; } return 0; +invalid: + ND_PRINT((ndo, "%s", istr)); + return -1; trunc: - ND_PRINT((ndo, "\n\t\t packet exceeded snapshot")); + ND_PRINT((ndo, "\n\t\t")); + ND_PRINT((ndo, "%s", tstr)); return -1; } void rsvp_print(netdissect_options *ndo, - register const u_char *pptr, register u_int len) { - - struct rsvp_common_header *rsvp_com_header; - const u_char *tptr,*subtptr; - u_short plen, tlen, subtlen; + const u_char *pptr, u_int len) +{ + const struct rsvp_common_header *rsvp_com_header; + const u_char *tptr; + u_short plen, tlen; tptr=pptr; - rsvp_com_header = (struct rsvp_common_header *)pptr; + rsvp_com_header = (const struct rsvp_common_header *)pptr; ND_TCHECK(*rsvp_com_header); /* @@ -1827,7 +1881,7 @@ rsvp_print(netdissect_options *ndo, /* ok they seem to want to know everything - lets fully decode it */ - plen = tlen = EXTRACT_16BITS(rsvp_com_header->length); + plen = tlen = EXTRACT_BE_U_2(rsvp_com_header->length); ND_PRINT((ndo, "\n\tRSVPv%u %s Message (%u), Flags: [%s], length: %u, ttl: %u, checksum: 0x%04x", RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags), @@ -1836,29 +1890,32 @@ rsvp_print(netdissect_options *ndo, bittok2str(rsvp_header_flag_values,"none",RSVP_EXTRACT_FLAGS(rsvp_com_header->version_flags)), tlen, rsvp_com_header->ttl, - EXTRACT_16BITS(rsvp_com_header->checksum))); - - /* - * Clear checksum prior to signature verification. - */ - rsvp_com_header->checksum[0] = 0; - rsvp_com_header->checksum[1] = 0; + EXTRACT_BE_U_2(rsvp_com_header->checksum))); - if (tlen < sizeof(const struct rsvp_common_header)) { + if (tlen < sizeof(struct rsvp_common_header)) { ND_PRINT((ndo, "ERROR: common header too short %u < %lu", tlen, - (unsigned long)sizeof(const struct rsvp_common_header))); + (unsigned long)sizeof(struct rsvp_common_header))); return; } - tptr+=sizeof(const struct rsvp_common_header); - tlen-=sizeof(const struct rsvp_common_header); + tptr+=sizeof(struct rsvp_common_header); + tlen-=sizeof(struct rsvp_common_header); switch(rsvp_com_header->msg_type) { - case RSVP_MSGTYPE_AGGREGATE: + case RSVP_MSGTYPE_BUNDLE: + /* + * Process each submessage in the bundle message. + * Bundle messages may not contain bundle submessages, so we don't + * need to handle bundle submessages specially. + */ while(tlen > 0) { - subtptr=tptr; - rsvp_com_header = (struct rsvp_common_header *)subtptr; + const u_char *subpptr=tptr, *subtptr; + u_short subplen, subtlen; + + subtptr=subpptr; + + rsvp_com_header = (const struct rsvp_common_header *)subpptr; ND_TCHECK(*rsvp_com_header); /* @@ -1869,7 +1926,8 @@ rsvp_print(netdissect_options *ndo, RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags))); return; } - subtlen=EXTRACT_16BITS(rsvp_com_header->length); + + subplen = subtlen = EXTRACT_BE_U_2(rsvp_com_header->length); ND_PRINT((ndo, "\n\t RSVPv%u %s Message (%u), Flags: [%s], length: %u, ttl: %u, checksum: 0x%04x", RSVP_EXTRACT_VERSION(rsvp_com_header->version_flags), @@ -1878,17 +1936,11 @@ rsvp_print(netdissect_options *ndo, bittok2str(rsvp_header_flag_values,"none",RSVP_EXTRACT_FLAGS(rsvp_com_header->version_flags)), subtlen, rsvp_com_header->ttl, - EXTRACT_16BITS(rsvp_com_header->checksum))); + EXTRACT_BE_U_2(rsvp_com_header->checksum))); - /* - * Clear checksum prior to signature verification. - */ - rsvp_com_header->checksum[0] = 0; - rsvp_com_header->checksum[1] = 0; - - if (subtlen < sizeof(const struct rsvp_common_header)) { + if (subtlen < sizeof(struct rsvp_common_header)) { ND_PRINT((ndo, "ERROR: common header too short %u < %lu", subtlen, - (unsigned long)sizeof(const struct rsvp_common_header))); + (unsigned long)sizeof(struct rsvp_common_header))); return; } @@ -1898,14 +1950,17 @@ rsvp_print(netdissect_options *ndo, return; } - subtptr+=sizeof(const struct rsvp_common_header); - subtlen-=sizeof(const struct rsvp_common_header); + subtptr+=sizeof(struct rsvp_common_header); + subtlen-=sizeof(struct rsvp_common_header); - if (rsvp_obj_print(ndo, pptr, plen, subtptr, "\n\t ", subtlen) == -1) + /* + * Print all objects in the submessage. + */ + if (rsvp_obj_print(ndo, subpptr, subplen, subtptr, "\n\t ", subtlen, rsvp_com_header) == -1) return; - tptr+=subtlen+sizeof(const struct rsvp_common_header); - tlen-=subtlen+sizeof(const struct rsvp_common_header); + tptr+=subtlen+sizeof(struct rsvp_common_header); + tlen-=subtlen+sizeof(struct rsvp_common_header); } break; @@ -1921,7 +1976,10 @@ rsvp_print(netdissect_options *ndo, case RSVP_MSGTYPE_HELLO: case RSVP_MSGTYPE_ACK: case RSVP_MSGTYPE_SREFRESH: - if (rsvp_obj_print(ndo, pptr, plen, tptr, "\n\t ", tlen) == -1) + /* + * Print all objects in the message. + */ + if (rsvp_obj_print(ndo, pptr, plen, tptr, "\n\t ", tlen, rsvp_com_header) == -1) return; break; @@ -1932,5 +1990,6 @@ rsvp_print(netdissect_options *ndo, return; trunc: - ND_PRINT((ndo, "\n\t\t packet exceeded snapshot")); + ND_PRINT((ndo, "\n\t\t")); + ND_PRINT((ndo, "%s", tstr)); }