/* followed by routing type specific data */
} UNALIGNED;
+#define IPV6_RTHDR_TYPE_0 0
+#define IPV6_RTHDR_TYPE_2 2
+
/* Type 0 Routing header */
+/* Also used for Type 2 */
struct ip6_rthdr0 {
uint8_t ip6r0_nxt; /* next header */
uint8_t ip6r0_len; /* length in units of 8 octets */
#define IP6F_RESERVED_MASK 0x0006 /* reserved bits in ip6f_offlg */
#define IP6F_MORE_FRAG 0x0001 /* more-fragments flag */
-/* in print-ip6.c */
-extern int nextproto6_cksum(const struct ip6_hdr *, const uint8_t *, u_int, u_int, u_int);
-
#endif /* not _NETINET_IP6_H_ */
#include <pcap.h>
#include "ip.h" /* struct ip for nextproto4_cksum() */
+#include "ip6.h" /* struct ip6 for nextproto6_cksum() */
extern int32_t thiszone; /* seconds offset from gmt to local time */
/* invalid string to print '(invalid)' for malformed or corrupted packets */
extern int nextproto4_cksum(netdissect_options *, const struct ip *, const uint8_t *, u_int, u_int, u_int);
+/* in print-ip6.c */
+extern int nextproto6_cksum(netdissect_options *, const struct ip6_hdr *, const uint8_t *, u_int, u_int, u_int);
+
/* Utilities */
extern int mask2plen(uint32_t);
extern int mask62plen(const u_char *);
dccp_csum_coverage(dh, len), IPPROTO_DCCP);
}
-static int dccp6_cksum(const struct ip6_hdr *ip6, const struct dccp_hdr *dh, u_int len)
+static int dccp6_cksum(netdissect_options *ndo, const struct ip6_hdr *ip6,
+ const struct dccp_hdr *dh, u_int len)
{
- return nextproto6_cksum(ip6, (const uint8_t *)(const void *)dh, len,
+ return nextproto6_cksum(ndo, ip6, (const uint8_t *)(const void *)dh, len,
dccp_csum_coverage(dh, len), IPPROTO_DCCP);
}
if (IP_V(ip) == 4)
sum = dccp_cksum(ndo, ip, dh, len);
else if (IP_V(ip) == 6)
- sum = dccp6_cksum(ip6, dh, len);
+ sum = dccp6_cksum(ndo, ip6, dh, len);
if (sum != 0)
ND_PRINT((ndo, "(incorrect -> 0x%04x)",in_cksum_shouldbe(dccp_sum, sum)));
else
}
}
-static int icmp6_cksum(const struct ip6_hdr *ip6, const struct icmp6_hdr *icp,
- u_int len)
+static int icmp6_cksum(netdissect_options *ndo, const struct ip6_hdr *ip6,
+ const struct icmp6_hdr *icp, u_int len)
{
- return nextproto6_cksum(ip6, (const uint8_t *)(const void *)icp, len, len,
+ return nextproto6_cksum(ndo, ip6, (const uint8_t *)(const void *)icp, len, len,
IPPROTO_ICMPV6);
}
if (ND_TTEST2(bp[0], length)) {
udp_sum = EXTRACT_16BITS(&dp->icmp6_cksum);
- sum = icmp6_cksum(ip, dp, length);
+ sum = icmp6_cksum(ndo, ip, dp, length);
if (sum != 0)
ND_PRINT((ndo,"[bad icmp6 cksum 0x%04x -> 0x%04x!] ",
udp_sum,
#include "ip6.h"
#include "ipproto.h"
+/*
+ * If routing headers are presend and valid, set dst to the final destination.
+ * Otherwise, set it to the IPv6 destination.
+ *
+ * This is used for UDP and TCP pseudo-header in the checksum
+ * calculation.
+ */
+static void
+ip6_finddst(netdissect_options *ndo, struct in6_addr *dst,
+ const struct ip6_hdr *ip6)
+{
+ const u_char *cp;
+ int advance;
+ u_int nh;
+ const struct in6_addr *dst_addr;
+ const struct ip6_rthdr *dp;
+ const struct ip6_rthdr0 *dp0;
+ const struct in6_addr *addr;
+ int i, len;
+
+ cp = (const u_char *)ip6;
+ advance = sizeof(struct ip6_hdr);
+ nh = ip6->ip6_nxt;
+ dst_addr = &ip6->ip6_dst;
+
+ while (cp < ndo->ndo_snapend) {
+ cp += advance;
+
+ switch (nh) {
+
+ case IPPROTO_HOPOPTS:
+ case IPPROTO_DSTOPTS:
+ case IPPROTO_MOBILITY_OLD:
+ case IPPROTO_MOBILITY:
+ /*
+ * These have a header length byte, following
+ * the next header byte, giving the length of
+ * the header, in units of 8 octets, excluding
+ * the first 8 octets.
+ */
+ ND_TCHECK2(*cp, 2);
+ advance = (int)((*(cp + 1) + 1) << 3);
+ nh = *cp;
+ break;
+
+ case IPPROTO_FRAGMENT:
+ /*
+ * The byte following the next header byte is
+ * marked as reserved, and the header is always
+ * the same size.
+ */
+ ND_TCHECK2(*cp, 1);
+ advance = sizeof(struct ip6_frag);
+ nh = *cp;
+ break;
+
+ case IPPROTO_ROUTING:
+ /*
+ * OK, we found it.
+ */
+ dp = (const struct ip6_rthdr *)cp;
+ ND_TCHECK(*dp);
+ len = dp->ip6r_len;
+ switch (dp->ip6r_type) {
+
+ case IPV6_RTHDR_TYPE_0:
+ case IPV6_RTHDR_TYPE_2: /* Mobile IPv6 ID-20 */
+ dp0 = (const struct ip6_rthdr0 *)dp;
+ if (len % 2 == 1)
+ goto trunc;
+ len >>= 1;
+ addr = &dp0->ip6r0_addr[0];
+ for (i = 0; i < len; i++) {
+ if ((const u_char *)(addr + 1) > ndo->ndo_snapend)
+ goto trunc;
+
+ dst_addr = addr;
+ addr++;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ /*
+ * Only one routing header to a customer.
+ */
+ goto done;
+
+ case IPPROTO_AH:
+ case IPPROTO_ESP:
+ case IPPROTO_IPCOMP:
+ default:
+ /*
+ * AH and ESP are, in the RFCs that describe them,
+ * described as being "viewed as an end-to-end
+ * payload" "in the IPv6 context, so that they
+ * "should appear after hop-by-hop, routing, and
+ * fragmentation extension headers". We assume
+ * that's the case, and stop as soon as we see
+ * one. (We can't handle an ESP header in
+ * the general case anyway, as its length depends
+ * on the encryption algorithm.)
+ *
+ * IPComp is also "viewed as an end-to-end
+ * payload" "in the IPv6 context".
+ *
+ * All other protocols are assumed to be the final
+ * protocol.
+ */
+ goto done;
+ }
+ }
+
+done:
+trunc:
+ UNALIGNED_MEMCPY(dst, dst_addr, sizeof(struct in6_addr));
+}
+
/*
* Compute a V6-style checksum by building a pseudoheader.
*/
int
-nextproto6_cksum(const struct ip6_hdr *ip6, const uint8_t *data,
+nextproto6_cksum(netdissect_options *ndo,
+ const struct ip6_hdr *ip6, const uint8_t *data,
u_int len, u_int covlen, u_int next_proto)
{
struct {
/* pseudo-header */
memset(&ph, 0, sizeof(ph));
UNALIGNED_MEMCPY(&ph.ph_src, &ip6->ip6_src, sizeof (struct in6_addr));
- UNALIGNED_MEMCPY(&ph.ph_dst, &ip6->ip6_dst, sizeof (struct in6_addr));
+ switch (ip6->ip6_nxt) {
+
+ case IPPROTO_HOPOPTS:
+ case IPPROTO_DSTOPTS:
+ case IPPROTO_MOBILITY_OLD:
+ case IPPROTO_MOBILITY:
+ case IPPROTO_FRAGMENT:
+ case IPPROTO_ROUTING:
+ /*
+ * The next header is either a routing header or a header
+ * after which there might be a routing header, so scan
+ * for a routing header.
+ */
+ ip6_finddst(ndo, &ph.ph_dst, ip6);
+ break;
+
+ default:
+ UNALIGNED_MEMCPY(&ph.ph_dst, &ip6->ip6_dst, sizeof (struct in6_addr));
+ break;
+ }
ph.ph_len = htonl(len);
ph.ph_nxt = next_proto;
case IPPROTO_MOBILITY_OLD:
case IPPROTO_MOBILITY:
/*
- * XXX - we don't use "advance"; the current
- * "Mobility Support in IPv6" draft
- * (draft-ietf-mobileip-ipv6-24) says that
+ * XXX - we don't use "advance"; RFC 3775 says that
* the next header field in a mobility header
* should be IPPROTO_NONE, but speaks of
* the possiblity of a future extension in
};
static enum checksum_status
-pimv2_check_checksum(const u_char *bp, const u_char *bp2, u_int len)
+pimv2_check_checksum(netdissect_options *ndo, const u_char *bp, const u_char *bp2, u_int len)
{
const struct ip *ip;
u_int cksum;
const struct ip6_hdr *ip6;
ip6 = (const struct ip6_hdr *)bp2;
- cksum = nextproto6_cksum(ip6, bp, len, len, IPPROTO_PIM);
+ cksum = nextproto6_cksum(ndo, ip6, bp, len, len, IPPROTO_PIM);
return (cksum ? INCORRECT : CORRECT);
} else {
return (UNVERIFIED);
* The checksum only covers the packet header,
* not the encapsulated packet.
*/
- cksum_status = pimv2_check_checksum(bp, bp2, 8);
+ cksum_status = pimv2_check_checksum(ndo, bp, bp2, 8);
if (cksum_status == INCORRECT) {
/*
* To quote RFC 4601, "For interoperability
* calculated over the entire PIM Register
* message should also be accepted."
*/
- cksum_status = pimv2_check_checksum(bp, bp2, len);
+ cksum_status = pimv2_check_checksum(ndo, bp, bp2, len);
}
} else {
/*
* The checksum covers the entire packet.
*/
- cksum_status = pimv2_check_checksum(bp, bp2, len);
+ cksum_status = pimv2_check_checksum(ndo, bp, bp2, len);
}
switch (cksum_status) {
ND_PRINT((ndo, ", segleft=%d", dp->ip6r_segleft));
switch (dp->ip6r_type) {
-#ifndef IPV6_RTHDR_TYPE_0
-#define IPV6_RTHDR_TYPE_0 0
-#endif
-#ifndef IPV6_RTHDR_TYPE_2
-#define IPV6_RTHDR_TYPE_2 2
-#endif
case IPV6_RTHDR_TYPE_0:
case IPV6_RTHDR_TYPE_2: /* Mobile IPv6 ID-20 */
dp0 = (const struct ip6_rthdr0 *)dp;
last_addr = addr;
addr++;
}
- /*
- * the destination address used in the pseudo-header is that of the final
- * destination : the last address of the routing header
- */
- if (last_addr != NULL) {
- const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp2;
- UNALIGNED_MEMCPY(&ip6->ip6_dst, last_addr, sizeof (struct in6_addr));
- }
/*(*/
ND_PRINT((ndo, ") "));
return((dp0->ip6r0_len + 1) << 3);
IPPROTO_TCP);
}
+static int
+tcp6_cksum(netdissect_options *ndo,
+ register const struct ip6_hdr *ip6,
+ register const struct tcphdr *tp,
+ register u_int len)
+{
+ return nextproto6_cksum(ndo, ip6, (const uint8_t *)tp, len, len,
+ IPPROTO_TCP);
+}
+
void
tcp_print(netdissect_options *ndo,
register const u_char *bp, register u_int length,
}
} else if (IP_V(ip) == 6 && ip6->ip6_plen) {
if (ND_TTEST2(tp->th_sport, length)) {
- sum = nextproto6_cksum(ip6, (const uint8_t *)tp,
- length, length, IPPROTO_TCP);
+ sum = tcp6_cksum(ndo, ip6, tp, length);
tcp_sum = EXTRACT_16BITS(&tp->th_sum);
ND_PRINT((ndo, ", cksum 0x%04x", tcp_sum));
IPPROTO_UDP);
}
-static int udp6_cksum(const struct ip6_hdr *ip6, const struct udphdr *up,
- u_int len)
+static int udp6_cksum(netdissect_options *ndo, const struct ip6_hdr *ip6,
+ const struct udphdr *up, u_int len)
{
- return nextproto6_cksum(ip6, (const uint8_t *)(const void *)up, len, len,
- IPPROTO_UDP);
+ return nextproto6_cksum(ndo, ip6, (const uint8_t *)(const void *)up, len, len,
+ IPPROTO_UDP);
}
static void
else if (IP_V(ip) == 6 && ip6->ip6_plen) {
/* for IPv6, UDP checksum is mandatory */
if (ND_TTEST2(cp[0], length)) {
- sum = udp6_cksum(ip6, up, length + sizeof(struct udphdr));
+ sum = udp6_cksum(ndo, ip6, up, length + sizeof(struct udphdr));
udp_sum = EXTRACT_16BITS(&up->uh_sum);
if (sum != 0) {
projects / tcpdump / commitdiff
