1 /*
2  * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that: (1) source code distributions
7  * retain the above copyright notice and this paragraph in its entirety, (2)
8  * distributions including binary code include the above copyright notice and
9  * this paragraph in its entirety in the documentation or other materials
10  * provided with the distribution, and (3) all advertising materials mentioning
11  * features or use of this software display the following acknowledgement:
12  * ``This product includes software developed by the University of California,
13  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14  * the University nor the names of its contributors may be used to endorse
15  * or promote products derived from this software without specific prior
16  * written permission.
17  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20  */
21 
22 /* \summary: IPv6 Internet Control Message Protocol (ICMPv6) printer */
23 
24 #ifdef HAVE_CONFIG_H
25 #include "config.h"
26 #endif
27 
28 #include <netdissect-stdinc.h>
29 
30 #include <stdio.h>
31 #include <string.h>
32 
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "addrtostr.h"
36 #include "extract.h"
37 
38 #include "ip6.h"
39 #include "ipproto.h"
40 
41 #include "udp.h"
42 #include "ah.h"
43 
44 /*	NetBSD: icmp6.h,v 1.13 2000/08/03 16:30:37 itojun Exp 	*/
45 /*	$KAME: icmp6.h,v 1.22 2000/08/03 15:25:16 jinmei Exp $	*/
46 
47 /*
48  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
49  * All rights reserved.
50  *
51  * Redistribution and use in source and binary forms, with or without
52  * modification, are permitted provided that the following conditions
53  * are met:
54  * 1. Redistributions of source code must retain the above copyright
55  *    notice, this list of conditions and the following disclaimer.
56  * 2. Redistributions in binary form must reproduce the above copyright
57  *    notice, this list of conditions and the following disclaimer in the
58  *    documentation and/or other materials provided with the distribution.
59  * 3. Neither the name of the project nor the names of its contributors
60  *    may be used to endorse or promote products derived from this software
61  *    without specific prior written permission.
62  *
63  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
64  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
65  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
66  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
67  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
68  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
69  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
70  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
71  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
72  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
73  * SUCH DAMAGE.
74  */
75 
76 struct icmp6_hdr {
77 	uint8_t		icmp6_type;	/* type field */
78 	uint8_t		icmp6_code;	/* code field */
79 	uint16_t	icmp6_cksum;	/* checksum field */
80 	union {
81 		uint32_t	icmp6_un_data32[1]; /* type-specific field */
82 		uint16_t	icmp6_un_data16[2]; /* type-specific field */
83 		uint8_t		icmp6_un_data8[4];  /* type-specific field */
84 	} icmp6_dataun;
85 };
86 
87 #define icmp6_data32	icmp6_dataun.icmp6_un_data32
88 #define icmp6_data16	icmp6_dataun.icmp6_un_data16
89 #define icmp6_data8	icmp6_dataun.icmp6_un_data8
90 #define icmp6_pptr	icmp6_data32[0]		/* parameter prob */
91 #define icmp6_mtu	icmp6_data32[0]		/* packet too big */
92 #define icmp6_id	icmp6_data16[0]		/* echo request/reply */
93 #define icmp6_seq	icmp6_data16[1]		/* echo request/reply */
94 #define icmp6_maxdelay	icmp6_data16[0]		/* mcast group membership */
95 
96 #define ICMP6_DST_UNREACH		1	/* dest unreachable, codes: */
97 #define ICMP6_PACKET_TOO_BIG		2	/* packet too big */
98 #define ICMP6_TIME_EXCEEDED		3	/* time exceeded, code: */
99 #define ICMP6_PARAM_PROB		4	/* ip6 header bad */
100 
101 #define ICMP6_ECHO_REQUEST		128	/* echo service */
102 #define ICMP6_ECHO_REPLY		129	/* echo reply */
103 #define ICMP6_MEMBERSHIP_QUERY		130	/* group membership query */
104 #define MLD6_LISTENER_QUERY		130 	/* multicast listener query */
105 #define ICMP6_MEMBERSHIP_REPORT		131	/* group membership report */
106 #define MLD6_LISTENER_REPORT		131	/* multicast listener report */
107 #define ICMP6_MEMBERSHIP_REDUCTION	132	/* group membership termination */
108 #define MLD6_LISTENER_DONE		132	/* multicast listener done */
109 
110 #define ND_ROUTER_SOLICIT		133	/* router solicitation */
111 #define ND_ROUTER_ADVERT		134	/* router advertisement */
112 #define ND_NEIGHBOR_SOLICIT		135	/* neighbor solicitation */
113 #define ND_NEIGHBOR_ADVERT		136	/* neighbor advertisement */
114 #define ND_REDIRECT			137	/* redirect */
115 
116 #define ICMP6_ROUTER_RENUMBERING	138	/* router renumbering */
117 
118 #define ICMP6_WRUREQUEST		139	/* who are you request */
119 #define ICMP6_WRUREPLY			140	/* who are you reply */
120 #define ICMP6_FQDN_QUERY		139	/* FQDN query */
121 #define ICMP6_FQDN_REPLY		140	/* FQDN reply */
122 #define ICMP6_NI_QUERY			139	/* node information request */
123 #define ICMP6_NI_REPLY			140	/* node information reply */
124 #define IND_SOLICIT			141	/* inverse neighbor solicitation */
125 #define IND_ADVERT			142	/* inverse neighbor advertisement */
126 
127 #define ICMP6_V2_MEMBERSHIP_REPORT	143	/* v2 membership report */
128 #define MLDV2_LISTENER_REPORT		143	/* v2 multicast listener report */
129 #define ICMP6_HADISCOV_REQUEST		144
130 #define ICMP6_HADISCOV_REPLY		145
131 #define ICMP6_MOBILEPREFIX_SOLICIT	146
132 #define ICMP6_MOBILEPREFIX_ADVERT	147
133 
134 #define MLD6_MTRACE_RESP		200	/* mtrace response(to sender) */
135 #define MLD6_MTRACE			201	/* mtrace messages */
136 
137 #define ICMP6_MAXTYPE			201
138 
139 #define ICMP6_DST_UNREACH_NOROUTE	0	/* no route to destination */
140 #define ICMP6_DST_UNREACH_ADMIN	 	1	/* administratively prohibited */
141 #define ICMP6_DST_UNREACH_NOTNEIGHBOR	2	/* not a neighbor(obsolete) */
142 #define ICMP6_DST_UNREACH_BEYONDSCOPE	2	/* beyond scope of source address */
143 #define ICMP6_DST_UNREACH_ADDR		3	/* address unreachable */
144 #define ICMP6_DST_UNREACH_NOPORT	4	/* port unreachable */
145 
146 #define ICMP6_TIME_EXCEED_TRANSIT 	0	/* ttl==0 in transit */
147 #define ICMP6_TIME_EXCEED_REASSEMBLY	1	/* ttl==0 in reass */
148 
149 #define ICMP6_PARAMPROB_HEADER 	 	0	/* erroneous header field */
150 #define ICMP6_PARAMPROB_NEXTHEADER	1	/* unrecognized next header */
151 #define ICMP6_PARAMPROB_OPTION		2	/* unrecognized option */
152 
153 #define ICMP6_INFOMSG_MASK		0x80	/* all informational messages */
154 
155 #define ICMP6_NI_SUBJ_IPV6	0	/* Query Subject is an IPv6 address */
156 #define ICMP6_NI_SUBJ_FQDN	1	/* Query Subject is a Domain name */
157 #define ICMP6_NI_SUBJ_IPV4	2	/* Query Subject is an IPv4 address */
158 
159 #define ICMP6_NI_SUCCESS	0	/* node information successful reply */
160 #define ICMP6_NI_REFUSED	1	/* node information request is refused */
161 #define ICMP6_NI_UNKNOWN	2	/* unknown Qtype */
162 
163 #define ICMP6_ROUTER_RENUMBERING_COMMAND  0	/* rr command */
164 #define ICMP6_ROUTER_RENUMBERING_RESULT   1	/* rr result */
165 #define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET   255	/* rr seq num reset */
166 
167 /* Used in kernel only */
168 #define ND_REDIRECT_ONLINK	0	/* redirect to an on-link node */
169 #define ND_REDIRECT_ROUTER	1	/* redirect to a better router */
170 
171 /*
172  * Multicast Listener Discovery
173  */
174 struct mld6_hdr {
175 	struct icmp6_hdr	mld6_hdr;
176 	struct in6_addr		mld6_addr; /* multicast address */
177 };
178 
179 #define mld6_type	mld6_hdr.icmp6_type
180 #define mld6_code	mld6_hdr.icmp6_code
181 #define mld6_cksum	mld6_hdr.icmp6_cksum
182 #define mld6_maxdelay	mld6_hdr.icmp6_data16[0]
183 #define mld6_reserved	mld6_hdr.icmp6_data16[1]
184 
185 #define MLD_MINLEN	24
186 #define MLDV2_MINLEN	28
187 
188 /*
189  * Neighbor Discovery
190  */
191 
192 struct nd_router_solicit {	/* router solicitation */
193 	struct icmp6_hdr 	nd_rs_hdr;
194 	/* could be followed by options */
195 };
196 
197 #define nd_rs_type	nd_rs_hdr.icmp6_type
198 #define nd_rs_code	nd_rs_hdr.icmp6_code
199 #define nd_rs_cksum	nd_rs_hdr.icmp6_cksum
200 #define nd_rs_reserved	nd_rs_hdr.icmp6_data32[0]
201 
202 struct nd_router_advert {	/* router advertisement */
203 	struct icmp6_hdr	nd_ra_hdr;
204 	uint32_t		nd_ra_reachable;	/* reachable time */
205 	uint32_t		nd_ra_retransmit;	/* retransmit timer */
206 	/* could be followed by options */
207 };
208 
209 #define nd_ra_type		nd_ra_hdr.icmp6_type
210 #define nd_ra_code		nd_ra_hdr.icmp6_code
211 #define nd_ra_cksum		nd_ra_hdr.icmp6_cksum
212 #define nd_ra_curhoplimit	nd_ra_hdr.icmp6_data8[0]
213 #define nd_ra_flags_reserved	nd_ra_hdr.icmp6_data8[1]
214 #define ND_RA_FLAG_MANAGED	0x80
215 #define ND_RA_FLAG_OTHER	0x40
216 #define ND_RA_FLAG_HOME_AGENT	0x20
217 
218 /*
219  * Router preference values based on draft-draves-ipngwg-router-selection-01.
220  * These are non-standard definitions.
221  */
222 #define ND_RA_FLAG_RTPREF_MASK	0x18 /* 00011000 */
223 
224 #define ND_RA_FLAG_RTPREF_HIGH	0x08 /* 00001000 */
225 #define ND_RA_FLAG_RTPREF_MEDIUM	0x00 /* 00000000 */
226 #define ND_RA_FLAG_RTPREF_LOW	0x18 /* 00011000 */
227 #define ND_RA_FLAG_RTPREF_RSV	0x10 /* 00010000 */
228 
229 #define nd_ra_router_lifetime	nd_ra_hdr.icmp6_data16[1]
230 
231 struct nd_neighbor_solicit {	/* neighbor solicitation */
232 	struct icmp6_hdr	nd_ns_hdr;
233 	struct in6_addr		nd_ns_target;	/*target address */
234 	/* could be followed by options */
235 };
236 
237 #define nd_ns_type		nd_ns_hdr.icmp6_type
238 #define nd_ns_code		nd_ns_hdr.icmp6_code
239 #define nd_ns_cksum		nd_ns_hdr.icmp6_cksum
240 #define nd_ns_reserved		nd_ns_hdr.icmp6_data32[0]
241 
242 struct nd_neighbor_advert {	/* neighbor advertisement */
243 	struct icmp6_hdr	nd_na_hdr;
244 	struct in6_addr		nd_na_target;	/* target address */
245 	/* could be followed by options */
246 };
247 
248 #define nd_na_type		nd_na_hdr.icmp6_type
249 #define nd_na_code		nd_na_hdr.icmp6_code
250 #define nd_na_cksum		nd_na_hdr.icmp6_cksum
251 #define nd_na_flags_reserved	nd_na_hdr.icmp6_data32[0]
252 
253 #define ND_NA_FLAG_ROUTER		0x80000000
254 #define ND_NA_FLAG_SOLICITED		0x40000000
255 #define ND_NA_FLAG_OVERRIDE		0x20000000
256 
257 struct nd_redirect {		/* redirect */
258 	struct icmp6_hdr	nd_rd_hdr;
259 	struct in6_addr		nd_rd_target;	/* target address */
260 	struct in6_addr		nd_rd_dst;	/* destination address */
261 	/* could be followed by options */
262 };
263 
264 #define nd_rd_type		nd_rd_hdr.icmp6_type
265 #define nd_rd_code		nd_rd_hdr.icmp6_code
266 #define nd_rd_cksum		nd_rd_hdr.icmp6_cksum
267 #define nd_rd_reserved		nd_rd_hdr.icmp6_data32[0]
268 
269 struct nd_opt_hdr {		/* Neighbor discovery option header */
270 	uint8_t		nd_opt_type;
271 	uint8_t		nd_opt_len;
272 	/* followed by option specific data*/
273 };
274 
275 #define ND_OPT_SOURCE_LINKADDR		1
276 #define ND_OPT_TARGET_LINKADDR		2
277 #define ND_OPT_PREFIX_INFORMATION	3
278 #define ND_OPT_REDIRECTED_HEADER	4
279 #define ND_OPT_MTU			5
280 #define ND_OPT_ADVINTERVAL		7
281 #define ND_OPT_HOMEAGENT_INFO		8
282 #define ND_OPT_ROUTE_INFO		24	/* RFC4191 */
283 #define ND_OPT_RDNSS			25
284 #define ND_OPT_DNSSL			31
285 
286 struct nd_opt_prefix_info {	/* prefix information */
287 	nd_uint8_t		nd_opt_pi_type;
288 	nd_uint8_t		nd_opt_pi_len;
289 	nd_uint8_t		nd_opt_pi_prefix_len;
290 	nd_uint8_t		nd_opt_pi_flags_reserved;
291 	nd_uint32_t		nd_opt_pi_valid_time;
292 	nd_uint32_t		nd_opt_pi_preferred_time;
293 	nd_uint32_t		nd_opt_pi_reserved2;
294 	struct in6_addr	nd_opt_pi_prefix;
295 };
296 
297 #define ND_OPT_PI_FLAG_ONLINK		0x80
298 #define ND_OPT_PI_FLAG_AUTO		0x40
299 #define ND_OPT_PI_FLAG_ROUTER		0x20	/*2292bis*/
300 
301 struct nd_opt_rd_hdr {         /* redirected header */
302 	uint8_t		nd_opt_rh_type;
303 	uint8_t		nd_opt_rh_len;
304 	uint16_t	nd_opt_rh_reserved1;
305 	uint32_t	nd_opt_rh_reserved2;
306 	/* followed by IP header and data */
307 };
308 
309 struct nd_opt_mtu {		/* MTU option */
310 	uint8_t		nd_opt_mtu_type;
311 	uint8_t		nd_opt_mtu_len;
312 	uint16_t	nd_opt_mtu_reserved;
313 	uint32_t	nd_opt_mtu_mtu;
314 };
315 
316 struct nd_opt_rdnss {		/* RDNSS RFC 6106 5.1 */
317 	uint8_t		nd_opt_rdnss_type;
318 	uint8_t		nd_opt_rdnss_len;
319 	uint16_t	nd_opt_rdnss_reserved;
320 	uint32_t	nd_opt_rdnss_lifetime;
321 	struct in6_addr nd_opt_rdnss_addr[1];	/* variable-length */
322 };
323 
324 struct nd_opt_dnssl {		/* DNSSL RFC 6106 5.2 */
325 	uint8_t  nd_opt_dnssl_type;
326 	uint8_t  nd_opt_dnssl_len;
327 	uint16_t nd_opt_dnssl_reserved;
328 	uint32_t nd_opt_dnssl_lifetime;
329 	/* followed by list of DNS search domains, variable-length */
330 };
331 
332 struct nd_opt_advinterval {	/* Advertisement interval option */
333 	uint8_t		nd_opt_adv_type;
334 	uint8_t		nd_opt_adv_len;
335 	uint16_t	nd_opt_adv_reserved;
336 	uint32_t	nd_opt_adv_interval;
337 };
338 
339 struct nd_opt_homeagent_info {	/* Home Agent info */
340 	uint8_t		nd_opt_hai_type;
341 	uint8_t		nd_opt_hai_len;
342 	uint16_t	nd_opt_hai_reserved;
343 	int16_t		nd_opt_hai_preference;
344 	uint16_t	nd_opt_hai_lifetime;
345 };
346 
347 struct nd_opt_route_info {	/* route info */
348 	uint8_t		nd_opt_rti_type;
349 	uint8_t		nd_opt_rti_len;
350 	uint8_t		nd_opt_rti_prefixlen;
351 	uint8_t		nd_opt_rti_flags;
352 	uint32_t	nd_opt_rti_lifetime;
353 	/* prefix follows */
354 };
355 
356 /*
357  * icmp6 namelookup
358  */
359 
360 struct icmp6_namelookup {
361 	struct icmp6_hdr 	icmp6_nl_hdr;
362 	uint8_t		icmp6_nl_nonce[8];
363 	int32_t		icmp6_nl_ttl;
364 #if 0
365 	uint8_t		icmp6_nl_len;
366 	uint8_t		icmp6_nl_name[3];
367 #endif
368 	/* could be followed by options */
369 };
370 
371 /*
372  * icmp6 node information
373  */
374 struct icmp6_nodeinfo {
375 	struct icmp6_hdr icmp6_ni_hdr;
376 	uint8_t icmp6_ni_nonce[8];
377 	/* could be followed by reply data */
378 };
379 
380 #define ni_type		icmp6_ni_hdr.icmp6_type
381 #define ni_code		icmp6_ni_hdr.icmp6_code
382 #define ni_cksum	icmp6_ni_hdr.icmp6_cksum
383 #define ni_qtype	icmp6_ni_hdr.icmp6_data16[0]
384 #define ni_flags	icmp6_ni_hdr.icmp6_data16[1]
385 
386 #define NI_QTYPE_NOOP		0 /* NOOP  */
387 #define NI_QTYPE_SUPTYPES	1 /* Supported Qtypes */
388 #define NI_QTYPE_FQDN		2 /* FQDN (draft 04) */
389 #define NI_QTYPE_DNSNAME	2 /* DNS Name */
390 #define NI_QTYPE_NODEADDR	3 /* Node Addresses */
391 #define NI_QTYPE_IPV4ADDR	4 /* IPv4 Addresses */
392 
393 /* network endian */
394 #define NI_SUPTYPE_FLAG_COMPRESS	((uint16_t)htons(0x1))
395 #define NI_FQDN_FLAG_VALIDTTL		((uint16_t)htons(0x1))
396 
397 /* network endian */
398 #define NI_NODEADDR_FLAG_TRUNCATE	((uint16_t)htons(0x1))
399 #define NI_NODEADDR_FLAG_ALL		((uint16_t)htons(0x2))
400 #define NI_NODEADDR_FLAG_COMPAT		((uint16_t)htons(0x4))
401 #define NI_NODEADDR_FLAG_LINKLOCAL	((uint16_t)htons(0x8))
402 #define NI_NODEADDR_FLAG_SITELOCAL	((uint16_t)htons(0x10))
403 #define NI_NODEADDR_FLAG_GLOBAL		((uint16_t)htons(0x20))
404 #define NI_NODEADDR_FLAG_ANYCAST	((uint16_t)htons(0x40)) /* just experimental. not in spec */
405 
406 struct ni_reply_fqdn {
407 	uint32_t ni_fqdn_ttl;	/* TTL */
408 	uint8_t ni_fqdn_namelen; /* length in octets of the FQDN */
409 	uint8_t ni_fqdn_name[3]; /* XXX: alignment */
410 };
411 
412 /*
413  * Router Renumbering. as router-renum-08.txt
414  */
415 struct icmp6_router_renum {	/* router renumbering header */
416 	struct icmp6_hdr	rr_hdr;
417 	uint8_t		rr_segnum;
418 	uint8_t		rr_flags;
419 	uint16_t	rr_maxdelay;
420 	uint32_t	rr_reserved;
421 };
422 #define ICMP6_RR_FLAGS_TEST		0x80
423 #define ICMP6_RR_FLAGS_REQRESULT	0x40
424 #define ICMP6_RR_FLAGS_FORCEAPPLY	0x20
425 #define ICMP6_RR_FLAGS_SPECSITE		0x10
426 #define ICMP6_RR_FLAGS_PREVDONE		0x08
427 
428 #define rr_type		rr_hdr.icmp6_type
429 #define rr_code		rr_hdr.icmp6_code
430 #define rr_cksum	rr_hdr.icmp6_cksum
431 #define rr_seqnum 	rr_hdr.icmp6_data32[0]
432 
433 struct rr_pco_match {		/* match prefix part */
434 	uint8_t		rpm_code;
435 	uint8_t		rpm_len;
436 	uint8_t		rpm_ordinal;
437 	uint8_t		rpm_matchlen;
438 	uint8_t		rpm_minlen;
439 	uint8_t		rpm_maxlen;
440 	uint16_t	rpm_reserved;
441 	struct	in6_addr	rpm_prefix;
442 };
443 
444 #define RPM_PCO_ADD		1
445 #define RPM_PCO_CHANGE		2
446 #define RPM_PCO_SETGLOBAL	3
447 #define RPM_PCO_MAX		4
448 
449 struct rr_pco_use {		/* use prefix part */
450 	uint8_t		rpu_uselen;
451 	uint8_t		rpu_keeplen;
452 	uint8_t		rpu_ramask;
453 	uint8_t		rpu_raflags;
454 	uint32_t	rpu_vltime;
455 	uint32_t	rpu_pltime;
456 	uint32_t	rpu_flags;
457 	struct	in6_addr rpu_prefix;
458 };
459 #define ICMP6_RR_PCOUSE_RAFLAGS_ONLINK	0x80
460 #define ICMP6_RR_PCOUSE_RAFLAGS_AUTO	0x40
461 
462 /* network endian */
463 #define ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME     ((uint32_t)htonl(0x80000000))
464 #define ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME     ((uint32_t)htonl(0x40000000))
465 
466 struct rr_result {		/* router renumbering result message */
467 	uint16_t	rrr_flags;
468 	uint8_t		rrr_ordinal;
469 	uint8_t		rrr_matchedlen;
470 	uint32_t	rrr_ifid;
471 	struct	in6_addr rrr_prefix;
472 };
473 /* network endian */
474 #define ICMP6_RR_RESULT_FLAGS_OOB		((uint16_t)htons(0x0002))
475 #define ICMP6_RR_RESULT_FLAGS_FORBIDDEN		((uint16_t)htons(0x0001))
476 
477 static const char *get_rtpref(u_int);
478 static const char *get_lifetime(uint32_t);
479 static void print_lladdr(netdissect_options *ndo, const u_char *, size_t);
480 static void icmp6_opt_print(netdissect_options *ndo, const u_char *, int);
481 static void mld6_print(netdissect_options *ndo, const u_char *);
482 static void mldv2_report_print(netdissect_options *ndo, const u_char *, u_int);
483 static void mldv2_query_print(netdissect_options *ndo, const u_char *, u_int);
484 static const struct udphdr *get_upperlayer(netdissect_options *ndo, const u_char *, u_int *);
485 static void dnsname_print(netdissect_options *ndo, const u_char *, const u_char *);
486 static void icmp6_nodeinfo_print(netdissect_options *ndo, u_int, const u_char *, const u_char *);
487 static void icmp6_rrenum_print(netdissect_options *ndo, const u_char *, const u_char *);
488 
489 #ifndef abs
490 #define abs(a)	((0 < (a)) ? (a) : -(a))
491 #endif
492 
493 #include "rpl.h"
494 
495 static const struct tok icmp6_type_values[] = {
496     { ICMP6_DST_UNREACH, "destination unreachable"},
497     { ICMP6_PACKET_TOO_BIG, "packet too big"},
498     { ICMP6_TIME_EXCEEDED, "time exceeded in-transit"},
499     { ICMP6_PARAM_PROB, "parameter problem"},
500     { ICMP6_ECHO_REQUEST, "echo request"},
501     { ICMP6_ECHO_REPLY, "echo reply"},
502     { MLD6_LISTENER_QUERY, "multicast listener query"},
503     { MLD6_LISTENER_REPORT, "multicast listener report"},
504     { MLD6_LISTENER_DONE, "multicast listener done"},
505     { ND_ROUTER_SOLICIT, "router solicitation"},
506     { ND_ROUTER_ADVERT, "router advertisement"},
507     { ND_NEIGHBOR_SOLICIT, "neighbor solicitation"},
508     { ND_NEIGHBOR_ADVERT, "neighbor advertisement"},
509     { ND_REDIRECT, "redirect"},
510     { ICMP6_ROUTER_RENUMBERING, "router renumbering"},
511     { IND_SOLICIT, "inverse neighbor solicitation"},
512     { IND_ADVERT, "inverse neighbor advertisement"},
513     { MLDV2_LISTENER_REPORT, "multicast listener report v2"},
514     { ICMP6_HADISCOV_REQUEST, "ha discovery request"},
515     { ICMP6_HADISCOV_REPLY, "ha discovery reply"},
516     { ICMP6_MOBILEPREFIX_SOLICIT, "mobile router solicitation"},
517     { ICMP6_MOBILEPREFIX_ADVERT, "mobile router advertisement"},
518     { ICMP6_WRUREQUEST, "who-are-you request"},
519     { ICMP6_WRUREPLY, "who-are-you reply"},
520     { ICMP6_NI_QUERY, "node information query"},
521     { ICMP6_NI_REPLY, "node information reply"},
522     { MLD6_MTRACE, "mtrace message"},
523     { MLD6_MTRACE_RESP, "mtrace response"},
524     { ND_RPL_MESSAGE,   "RPL"},
525     { 0,	NULL }
526 };
527 
528 static const struct tok icmp6_dst_unreach_code_values[] = {
529     { ICMP6_DST_UNREACH_NOROUTE, "unreachable route" },
530     { ICMP6_DST_UNREACH_ADMIN, " unreachable prohibited"},
531     { ICMP6_DST_UNREACH_BEYONDSCOPE, "beyond scope"},
532     { ICMP6_DST_UNREACH_ADDR, "unreachable address"},
533     { ICMP6_DST_UNREACH_NOPORT, "unreachable port"},
534     { 0,	NULL }
535 };
536 
537 static const struct tok icmp6_opt_pi_flag_values[] = {
538     { ND_OPT_PI_FLAG_ONLINK, "onlink" },
539     { ND_OPT_PI_FLAG_AUTO, "auto" },
540     { ND_OPT_PI_FLAG_ROUTER, "router" },
541     { 0,	NULL }
542 };
543 
544 static const struct tok icmp6_opt_ra_flag_values[] = {
545     { ND_RA_FLAG_MANAGED, "managed" },
546     { ND_RA_FLAG_OTHER, "other stateful"},
547     { ND_RA_FLAG_HOME_AGENT, "home agent"},
548     { 0,	NULL }
549 };
550 
551 static const struct tok icmp6_nd_na_flag_values[] = {
552     { ND_NA_FLAG_ROUTER, "router" },
553     { ND_NA_FLAG_SOLICITED, "solicited" },
554     { ND_NA_FLAG_OVERRIDE, "override" },
555     { 0,	NULL }
556 };
557 
558 
559 static const struct tok icmp6_opt_values[] = {
560    { ND_OPT_SOURCE_LINKADDR, "source link-address"},
561    { ND_OPT_TARGET_LINKADDR, "destination link-address"},
562    { ND_OPT_PREFIX_INFORMATION, "prefix info"},
563    { ND_OPT_REDIRECTED_HEADER, "redirected header"},
564    { ND_OPT_MTU, "mtu"},
565    { ND_OPT_RDNSS, "rdnss"},
566    { ND_OPT_DNSSL, "dnssl"},
567    { ND_OPT_ADVINTERVAL, "advertisement interval"},
568    { ND_OPT_HOMEAGENT_INFO, "homeagent information"},
569    { ND_OPT_ROUTE_INFO, "route info"},
570    { 0,	NULL }
571 };
572 
573 /* mldv2 report types */
574 static const struct tok mldv2report2str[] = {
575 	{ 1,	"is_in" },
576 	{ 2,	"is_ex" },
577 	{ 3,	"to_in" },
578 	{ 4,	"to_ex" },
579 	{ 5,	"allow" },
580 	{ 6,	"block" },
581 	{ 0,	NULL }
582 };
583 
584 static const char *
get_rtpref(u_int v)585 get_rtpref(u_int v)
586 {
587 	static const char *rtpref_str[] = {
588 		"medium",		/* 00 */
589 		"high",			/* 01 */
590 		"rsv",			/* 10 */
591 		"low"			/* 11 */
592 	};
593 
594 	return rtpref_str[((v & ND_RA_FLAG_RTPREF_MASK) >> 3) & 0xff];
595 }
596 
597 static const char *
get_lifetime(uint32_t v)598 get_lifetime(uint32_t v)
599 {
600 	static char buf[20];
601 
602 	if (v == (uint32_t)~0UL)
603 		return "infinity";
604 	else {
605 		snprintf(buf, sizeof(buf), "%us", v);
606 		return buf;
607 	}
608 }
609 
610 static void
print_lladdr(netdissect_options * ndo,const uint8_t * p,size_t l)611 print_lladdr(netdissect_options *ndo, const uint8_t *p, size_t l)
612 {
613 	const uint8_t *ep, *q;
614 
615 	q = p;
616 	ep = p + l;
617 	while (l > 0 && q < ep) {
618 		if (q > p)
619                         ND_PRINT((ndo,":"));
620 		ND_PRINT((ndo,"%02x", *q++));
621 		l--;
622 	}
623 }
624 
icmp6_cksum(netdissect_options * ndo,const struct ip6_hdr * ip6,const struct icmp6_hdr * icp,u_int len)625 static int icmp6_cksum(netdissect_options *ndo, const struct ip6_hdr *ip6,
626 	const struct icmp6_hdr *icp, u_int len)
627 {
628 	return nextproto6_cksum(ndo, ip6, (const uint8_t *)(const void *)icp, len, len,
629 				IPPROTO_ICMPV6);
630 }
631 
632 static const struct tok rpl_mop_values[] = {
633         { RPL_DIO_NONSTORING,         "nonstoring"},
634         { RPL_DIO_STORING,            "storing"},
635         { RPL_DIO_NONSTORING_MULTICAST, "nonstoring-multicast"},
636         { RPL_DIO_STORING_MULTICAST,  "storing-multicast"},
637         { 0, NULL},
638 };
639 
640 static const struct tok rpl_subopt_values[] = {
641         { RPL_OPT_PAD0, "pad0"},
642         { RPL_OPT_PADN, "padN"},
643         { RPL_DIO_METRICS, "metrics"},
644         { RPL_DIO_ROUTINGINFO, "routinginfo"},
645         { RPL_DIO_CONFIG,    "config"},
646         { RPL_DAO_RPLTARGET, "rpltarget"},
647         { RPL_DAO_TRANSITINFO, "transitinfo"},
648         { RPL_DIO_DESTPREFIX, "destprefix"},
649         { RPL_DAO_RPLTARGET_DESC, "rpltargetdesc"},
650         { 0, NULL},
651 };
652 
653 static void
rpl_dio_printopt(netdissect_options * ndo,const struct rpl_dio_genoption * opt,u_int length)654 rpl_dio_printopt(netdissect_options *ndo,
655                  const struct rpl_dio_genoption *opt,
656                  u_int length)
657 {
658         if(length < RPL_DIO_GENOPTION_LEN) return;
659         length -= RPL_DIO_GENOPTION_LEN;
660 
661         ND_TCHECK(opt->rpl_dio_len);
662 
663         while((opt->rpl_dio_type == RPL_OPT_PAD0 &&
664                (const u_char *)opt < ndo->ndo_snapend) ||
665               ND_TTEST2(*opt,(opt->rpl_dio_len+2))) {
666 
667                 unsigned int optlen = opt->rpl_dio_len+2;
668                 if(opt->rpl_dio_type == RPL_OPT_PAD0) {
669                         optlen = 1;
670                         ND_PRINT((ndo, " opt:pad0"));
671                 } else {
672                         ND_PRINT((ndo, " opt:%s len:%u ",
673                                   tok2str(rpl_subopt_values, "subopt:%u", opt->rpl_dio_type),
674                                   optlen));
675                         if(ndo->ndo_vflag > 2) {
676                                 unsigned int paylen = opt->rpl_dio_len;
677                                 if(paylen > length) paylen = length;
678                                 hex_print(ndo,
679                                           " ",
680                                           ((const uint8_t *)opt) + RPL_DIO_GENOPTION_LEN,  /* content of DIO option */
681                                           paylen);
682                         }
683                 }
684                 opt = (const struct rpl_dio_genoption *)(((const char *)opt) + optlen);
685                 length -= optlen;
686         }
687         return;
688 trunc:
689 	ND_PRINT((ndo," [|truncated]"));
690 	return;
691 }
692 
693 static void
rpl_dio_print(netdissect_options * ndo,const u_char * bp,u_int length)694 rpl_dio_print(netdissect_options *ndo,
695               const u_char *bp, u_int length)
696 {
697         const struct nd_rpl_dio *dio = (const struct nd_rpl_dio *)bp;
698         const char *dagid_str;
699 
700         ND_TCHECK(*dio);
701         dagid_str = ip6addr_string (ndo, dio->rpl_dagid);
702 
703         ND_PRINT((ndo, " [dagid:%s,seq:%u,instance:%u,rank:%u,%smop:%s,prf:%u]",
704                   dagid_str,
705                   dio->rpl_dtsn,
706                   dio->rpl_instanceid,
707                   EXTRACT_16BITS(&dio->rpl_dagrank),
708                   RPL_DIO_GROUNDED(dio->rpl_mopprf) ? "grounded,":"",
709                   tok2str(rpl_mop_values, "mop%u", RPL_DIO_MOP(dio->rpl_mopprf)),
710                   RPL_DIO_PRF(dio->rpl_mopprf)));
711 
712         if(ndo->ndo_vflag > 1) {
713                 const struct rpl_dio_genoption *opt = (const struct rpl_dio_genoption *)&dio[1];
714                 rpl_dio_printopt(ndo, opt, length);
715         }
716 	return;
717 trunc:
718 	ND_PRINT((ndo," [|truncated]"));
719 	return;
720 }
721 
722 static void
rpl_dao_print(netdissect_options * ndo,const u_char * bp,u_int length)723 rpl_dao_print(netdissect_options *ndo,
724               const u_char *bp, u_int length)
725 {
726         const struct nd_rpl_dao *dao = (const struct nd_rpl_dao *)bp;
727         const char *dagid_str = "<elided>";
728 
729         ND_TCHECK(*dao);
730         if (length < ND_RPL_DAO_MIN_LEN)
731         	goto tooshort;
732 
733         bp += ND_RPL_DAO_MIN_LEN;
734         length -= ND_RPL_DAO_MIN_LEN;
735         if(RPL_DAO_D(dao->rpl_flags)) {
736                 ND_TCHECK2(dao->rpl_dagid, DAGID_LEN);
737                 if (length < DAGID_LEN)
738                 	goto tooshort;
739                 dagid_str = ip6addr_string (ndo, dao->rpl_dagid);
740                 bp += DAGID_LEN;
741                 length -= DAGID_LEN;
742         }
743 
744         ND_PRINT((ndo, " [dagid:%s,seq:%u,instance:%u%s%s,%02x]",
745                   dagid_str,
746                   dao->rpl_daoseq,
747                   dao->rpl_instanceid,
748                   RPL_DAO_K(dao->rpl_flags) ? ",acK":"",
749                   RPL_DAO_D(dao->rpl_flags) ? ",Dagid":"",
750                   dao->rpl_flags));
751 
752         if(ndo->ndo_vflag > 1) {
753                 const struct rpl_dio_genoption *opt = (const struct rpl_dio_genoption *)bp;
754                 rpl_dio_printopt(ndo, opt, length);
755         }
756 	return;
757 
758 trunc:
759 	ND_PRINT((ndo," [|truncated]"));
760 	return;
761 
762 tooshort:
763 	ND_PRINT((ndo," [|length too short]"));
764 	return;
765 }
766 
767 static void
rpl_daoack_print(netdissect_options * ndo,const u_char * bp,u_int length)768 rpl_daoack_print(netdissect_options *ndo,
769                  const u_char *bp, u_int length)
770 {
771         const struct nd_rpl_daoack *daoack = (const struct nd_rpl_daoack *)bp;
772         const char *dagid_str = "<elided>";
773 
774         ND_TCHECK2(*daoack, ND_RPL_DAOACK_MIN_LEN);
775         if (length < ND_RPL_DAOACK_MIN_LEN)
776         	goto tooshort;
777 
778         bp += ND_RPL_DAOACK_MIN_LEN;
779         length -= ND_RPL_DAOACK_MIN_LEN;
780         if(RPL_DAOACK_D(daoack->rpl_flags)) {
781                 ND_TCHECK2(daoack->rpl_dagid, DAGID_LEN);
782                 if (length < DAGID_LEN)
783                 	goto tooshort;
784                 dagid_str = ip6addr_string (ndo, daoack->rpl_dagid);
785                 bp += DAGID_LEN;
786                 length -= DAGID_LEN;
787         }
788 
789         ND_PRINT((ndo, " [dagid:%s,seq:%u,instance:%u,status:%u]",
790                   dagid_str,
791                   daoack->rpl_daoseq,
792                   daoack->rpl_instanceid,
793                   daoack->rpl_status));
794 
795         /* no officially defined options for DAOACK, but print any we find */
796         if(ndo->ndo_vflag > 1) {
797                 const struct rpl_dio_genoption *opt = (const struct rpl_dio_genoption *)bp;
798                 rpl_dio_printopt(ndo, opt, length);
799         }
800 	return;
801 
802 trunc:
803 	ND_PRINT((ndo," [|dao-truncated]"));
804 	return;
805 
806 tooshort:
807 	ND_PRINT((ndo," [|dao-length too short]"));
808 	return;
809 }
810 
811 static void
rpl_print(netdissect_options * ndo,const struct icmp6_hdr * hdr,const u_char * bp,u_int length)812 rpl_print(netdissect_options *ndo,
813           const struct icmp6_hdr *hdr,
814           const u_char *bp, u_int length)
815 {
816         int secured = hdr->icmp6_code & 0x80;
817         int basecode= hdr->icmp6_code & 0x7f;
818 
819         if(secured) {
820                 ND_PRINT((ndo, ", (SEC) [worktodo]"));
821                 /* XXX
822                  * the next header pointer needs to move forward to
823                  * skip the secure part.
824                  */
825                 return;
826         } else {
827                 ND_PRINT((ndo, ", (CLR)"));
828         }
829 
830         switch(basecode) {
831         case ND_RPL_DAG_IS:
832                 ND_PRINT((ndo, "DODAG Information Solicitation"));
833                 if(ndo->ndo_vflag) {
834                 }
835                 break;
836         case ND_RPL_DAG_IO:
837                 ND_PRINT((ndo, "DODAG Information Object"));
838                 if(ndo->ndo_vflag) {
839                         rpl_dio_print(ndo, bp, length);
840                 }
841                 break;
842         case ND_RPL_DAO:
843                 ND_PRINT((ndo, "Destination Advertisement Object"));
844                 if(ndo->ndo_vflag) {
845                         rpl_dao_print(ndo, bp, length);
846                 }
847                 break;
848         case ND_RPL_DAO_ACK:
849                 ND_PRINT((ndo, "Destination Advertisement Object Ack"));
850                 if(ndo->ndo_vflag) {
851                         rpl_daoack_print(ndo, bp, length);
852                 }
853                 break;
854         default:
855                 ND_PRINT((ndo, "RPL message, unknown code %u",hdr->icmp6_code));
856                 break;
857         }
858 	return;
859 
860 #if 0
861 trunc:
862 	ND_PRINT((ndo," [|truncated]"));
863 	return;
864 #endif
865 
866 }
867 
868 
869 void
icmp6_print(netdissect_options * ndo,const u_char * bp,u_int length,const u_char * bp2,int fragmented)870 icmp6_print(netdissect_options *ndo,
871             const u_char *bp, u_int length, const u_char *bp2, int fragmented)
872 {
873 	const struct icmp6_hdr *dp;
874 	const struct ip6_hdr *ip;
875 	const struct ip6_hdr *oip;
876 	const struct udphdr *ouh;
877 	int dport;
878 	const u_char *ep;
879 	u_int prot;
880 
881 	dp = (const struct icmp6_hdr *)bp;
882 	ip = (const struct ip6_hdr *)bp2;
883 	oip = (const struct ip6_hdr *)(dp + 1);
884 	/* 'ep' points to the end of available data. */
885 	ep = ndo->ndo_snapend;
886 
887 	ND_TCHECK(dp->icmp6_cksum);
888 
889 	if (ndo->ndo_vflag && !fragmented) {
890 		uint16_t sum, udp_sum;
891 
892 		if (ND_TTEST2(bp[0], length)) {
893 			udp_sum = EXTRACT_16BITS(&dp->icmp6_cksum);
894 			sum = icmp6_cksum(ndo, ip, dp, length);
895 			if (sum != 0)
896 				ND_PRINT((ndo,"[bad icmp6 cksum 0x%04x -> 0x%04x!] ",
897                                                 udp_sum,
898                                                 in_cksum_shouldbe(udp_sum, sum)));
899 			else
900 				ND_PRINT((ndo,"[icmp6 sum ok] "));
901 		}
902 	}
903 
904         ND_PRINT((ndo,"ICMP6, %s", tok2str(icmp6_type_values,"unknown icmp6 type (%u)",dp->icmp6_type)));
905 
906         /* display cosmetics: print the packet length for printer that use the vflag now */
907         if (ndo->ndo_vflag && (dp->icmp6_type == ND_ROUTER_SOLICIT ||
908                       dp->icmp6_type == ND_ROUTER_ADVERT ||
909                       dp->icmp6_type == ND_NEIGHBOR_ADVERT ||
910                       dp->icmp6_type == ND_NEIGHBOR_SOLICIT ||
911                       dp->icmp6_type == ND_REDIRECT ||
912                       dp->icmp6_type == ICMP6_HADISCOV_REPLY ||
913                       dp->icmp6_type == ICMP6_MOBILEPREFIX_ADVERT ))
914                 ND_PRINT((ndo,", length %u", length));
915 
916 	switch (dp->icmp6_type) {
917 	case ICMP6_DST_UNREACH:
918 		ND_TCHECK(oip->ip6_dst);
919                 ND_PRINT((ndo,", %s", tok2str(icmp6_dst_unreach_code_values,"unknown unreach code (%u)",dp->icmp6_code)));
920 		switch (dp->icmp6_code) {
921 
922 		case ICMP6_DST_UNREACH_NOROUTE: /* fall through */
923 		case ICMP6_DST_UNREACH_ADMIN:
924 		case ICMP6_DST_UNREACH_ADDR:
925                         ND_PRINT((ndo," %s",ip6addr_string(ndo, &oip->ip6_dst)));
926                         break;
927 		case ICMP6_DST_UNREACH_BEYONDSCOPE:
928 			ND_PRINT((ndo," %s, source address %s",
929 			       ip6addr_string(ndo, &oip->ip6_dst),
930                                   ip6addr_string(ndo, &oip->ip6_src)));
931 			break;
932 		case ICMP6_DST_UNREACH_NOPORT:
933 			if ((ouh = get_upperlayer(ndo, (const u_char *)oip, &prot))
934 			    == NULL)
935 				goto trunc;
936 
937 			dport = EXTRACT_16BITS(&ouh->uh_dport);
938 			switch (prot) {
939 			case IPPROTO_TCP:
940 				ND_PRINT((ndo,", %s tcp port %s",
941 					ip6addr_string(ndo, &oip->ip6_dst),
942                                           tcpport_string(ndo, dport)));
943 				break;
944 			case IPPROTO_UDP:
945 				ND_PRINT((ndo,", %s udp port %s",
946 					ip6addr_string(ndo, &oip->ip6_dst),
947                                           udpport_string(ndo, dport)));
948 				break;
949 			default:
950 				ND_PRINT((ndo,", %s protocol %d port %d unreachable",
951 					ip6addr_string(ndo, &oip->ip6_dst),
952                                           oip->ip6_nxt, dport));
953 				break;
954 			}
955 			break;
956 		default:
957                   if (ndo->ndo_vflag <= 1) {
958                     print_unknown_data(ndo, bp,"\n\t",length);
959                     return;
960                   }
961                     break;
962 		}
963 		break;
964 	case ICMP6_PACKET_TOO_BIG:
965 		ND_TCHECK(dp->icmp6_mtu);
966 		ND_PRINT((ndo,", mtu %u", EXTRACT_32BITS(&dp->icmp6_mtu)));
967 		break;
968 	case ICMP6_TIME_EXCEEDED:
969 		ND_TCHECK(oip->ip6_dst);
970 		switch (dp->icmp6_code) {
971 		case ICMP6_TIME_EXCEED_TRANSIT:
972 			ND_PRINT((ndo," for %s",
973                                   ip6addr_string(ndo, &oip->ip6_dst)));
974 			break;
975 		case ICMP6_TIME_EXCEED_REASSEMBLY:
976 			ND_PRINT((ndo," (reassembly)"));
977 			break;
978 		default:
979                         ND_PRINT((ndo,", unknown code (%u)", dp->icmp6_code));
980 			break;
981 		}
982 		break;
983 	case ICMP6_PARAM_PROB:
984 		ND_TCHECK(oip->ip6_dst);
985 		switch (dp->icmp6_code) {
986 		case ICMP6_PARAMPROB_HEADER:
987                         ND_PRINT((ndo,", erroneous - octet %u", EXTRACT_32BITS(&dp->icmp6_pptr)));
988                         break;
989 		case ICMP6_PARAMPROB_NEXTHEADER:
990                         ND_PRINT((ndo,", next header - octet %u", EXTRACT_32BITS(&dp->icmp6_pptr)));
991                         break;
992 		case ICMP6_PARAMPROB_OPTION:
993                         ND_PRINT((ndo,", option - octet %u", EXTRACT_32BITS(&dp->icmp6_pptr)));
994                         break;
995 		default:
996                         ND_PRINT((ndo,", code-#%d",
997                                   dp->icmp6_code));
998                         break;
999 		}
1000 		break;
1001 	case ICMP6_ECHO_REQUEST:
1002 	case ICMP6_ECHO_REPLY:
1003                 ND_TCHECK(dp->icmp6_seq);
1004                 ND_PRINT((ndo,", seq %u", EXTRACT_16BITS(&dp->icmp6_seq)));
1005 		break;
1006 	case ICMP6_MEMBERSHIP_QUERY:
1007 		if (length == MLD_MINLEN) {
1008 			mld6_print(ndo, (const u_char *)dp);
1009 		} else if (length >= MLDV2_MINLEN) {
1010 			ND_PRINT((ndo," v2"));
1011 			mldv2_query_print(ndo, (const u_char *)dp, length);
1012 		} else {
1013                         ND_PRINT((ndo," unknown-version (len %u) ", length));
1014 		}
1015 		break;
1016 	case ICMP6_MEMBERSHIP_REPORT:
1017 		mld6_print(ndo, (const u_char *)dp);
1018 		break;
1019 	case ICMP6_MEMBERSHIP_REDUCTION:
1020 		mld6_print(ndo, (const u_char *)dp);
1021 		break;
1022 	case ND_ROUTER_SOLICIT:
1023 #define RTSOLLEN 8
1024 		if (ndo->ndo_vflag) {
1025 			icmp6_opt_print(ndo, (const u_char *)dp + RTSOLLEN,
1026 					length - RTSOLLEN);
1027 		}
1028 		break;
1029 	case ND_ROUTER_ADVERT:
1030 #define RTADVLEN 16
1031 		if (ndo->ndo_vflag) {
1032 			const struct nd_router_advert *p;
1033 
1034 			p = (const struct nd_router_advert *)dp;
1035 			ND_TCHECK(p->nd_ra_retransmit);
1036 			ND_PRINT((ndo,"\n\thop limit %u, Flags [%s]" \
1037                                   ", pref %s, router lifetime %us, reachable time %us, retrans time %us",
1038                                   (u_int)p->nd_ra_curhoplimit,
1039                                   bittok2str(icmp6_opt_ra_flag_values,"none",(p->nd_ra_flags_reserved)),
1040                                   get_rtpref(p->nd_ra_flags_reserved),
1041                                   EXTRACT_16BITS(&p->nd_ra_router_lifetime),
1042                                   EXTRACT_32BITS(&p->nd_ra_reachable),
1043                                   EXTRACT_32BITS(&p->nd_ra_retransmit)));
1044 
1045 			icmp6_opt_print(ndo, (const u_char *)dp + RTADVLEN,
1046 					length - RTADVLEN);
1047 		}
1048 		break;
1049 	case ND_NEIGHBOR_SOLICIT:
1050 	    {
1051 		const struct nd_neighbor_solicit *p;
1052 		p = (const struct nd_neighbor_solicit *)dp;
1053 		ND_TCHECK(p->nd_ns_target);
1054 		ND_PRINT((ndo,", who has %s", ip6addr_string(ndo, &p->nd_ns_target)));
1055 		if (ndo->ndo_vflag) {
1056 #define NDSOLLEN 24
1057 			icmp6_opt_print(ndo, (const u_char *)dp + NDSOLLEN,
1058 					length - NDSOLLEN);
1059 		}
1060 	    }
1061 		break;
1062 	case ND_NEIGHBOR_ADVERT:
1063 	    {
1064 		const struct nd_neighbor_advert *p;
1065 
1066 		p = (const struct nd_neighbor_advert *)dp;
1067 		ND_TCHECK(p->nd_na_target);
1068 		ND_PRINT((ndo,", tgt is %s",
1069                           ip6addr_string(ndo, &p->nd_na_target)));
1070 		if (ndo->ndo_vflag) {
1071                         ND_PRINT((ndo,", Flags [%s]",
1072                                   bittok2str(icmp6_nd_na_flag_values,
1073                                              "none",
1074                                              EXTRACT_32BITS(&p->nd_na_flags_reserved))));
1075 #define NDADVLEN 24
1076 			icmp6_opt_print(ndo, (const u_char *)dp + NDADVLEN,
1077 					length - NDADVLEN);
1078 #undef NDADVLEN
1079 		}
1080 	    }
1081 		break;
1082 	case ND_REDIRECT:
1083 #define RDR(i) ((const struct nd_redirect *)(i))
1084                          ND_TCHECK(RDR(dp)->nd_rd_dst);
1085                          ND_PRINT((ndo,", %s", ip6addr_string(ndo, &RDR(dp)->nd_rd_dst)));
1086 		ND_TCHECK(RDR(dp)->nd_rd_target);
1087 		ND_PRINT((ndo," to %s",
1088                           ip6addr_string(ndo, &RDR(dp)->nd_rd_target)));
1089 #define REDIRECTLEN 40
1090 		if (ndo->ndo_vflag) {
1091 			icmp6_opt_print(ndo, (const u_char *)dp + REDIRECTLEN,
1092 					length - REDIRECTLEN);
1093 		}
1094 		break;
1095 #undef REDIRECTLEN
1096 #undef RDR
1097 	case ICMP6_ROUTER_RENUMBERING:
1098 		icmp6_rrenum_print(ndo, bp, ep);
1099 		break;
1100 	case ICMP6_NI_QUERY:
1101 	case ICMP6_NI_REPLY:
1102 		icmp6_nodeinfo_print(ndo, length, bp, ep);
1103 		break;
1104 	case IND_SOLICIT:
1105 	case IND_ADVERT:
1106 		break;
1107 	case ICMP6_V2_MEMBERSHIP_REPORT:
1108 		mldv2_report_print(ndo, (const u_char *) dp, length);
1109 		break;
1110 	case ICMP6_MOBILEPREFIX_SOLICIT: /* fall through */
1111 	case ICMP6_HADISCOV_REQUEST:
1112                 ND_TCHECK(dp->icmp6_data16[0]);
1113                 ND_PRINT((ndo,", id 0x%04x", EXTRACT_16BITS(&dp->icmp6_data16[0])));
1114                 break;
1115 	case ICMP6_HADISCOV_REPLY:
1116 		if (ndo->ndo_vflag) {
1117 			const struct in6_addr *in6;
1118 			const u_char *cp;
1119 
1120 			ND_TCHECK(dp->icmp6_data16[0]);
1121 			ND_PRINT((ndo,", id 0x%04x", EXTRACT_16BITS(&dp->icmp6_data16[0])));
1122 			cp = (const u_char *)dp + length;
1123 			in6 = (const struct in6_addr *)(dp + 1);
1124 			for (; (const u_char *)in6 < cp; in6++) {
1125 				ND_TCHECK(*in6);
1126 				ND_PRINT((ndo,", %s", ip6addr_string(ndo, in6)));
1127 			}
1128 		}
1129 		break;
1130 	case ICMP6_MOBILEPREFIX_ADVERT:
1131 		if (ndo->ndo_vflag) {
1132 			ND_TCHECK(dp->icmp6_data16[0]);
1133 			ND_PRINT((ndo,", id 0x%04x", EXTRACT_16BITS(&dp->icmp6_data16[0])));
1134 			ND_TCHECK(dp->icmp6_data16[1]);
1135 			if (dp->icmp6_data16[1] & 0xc0)
1136 				ND_PRINT((ndo," "));
1137 			if (dp->icmp6_data16[1] & 0x80)
1138 				ND_PRINT((ndo,"M"));
1139 			if (dp->icmp6_data16[1] & 0x40)
1140 				ND_PRINT((ndo,"O"));
1141 #define MPADVLEN 8
1142 			icmp6_opt_print(ndo, (const u_char *)dp + MPADVLEN,
1143 					length - MPADVLEN);
1144 		}
1145 		break;
1146         case ND_RPL_MESSAGE:
1147                 /* plus 4, because struct icmp6_hdr contains 4 bytes of icmp payload */
1148                 rpl_print(ndo, dp, &dp->icmp6_data8[0], length-sizeof(struct icmp6_hdr)+4);
1149                 break;
1150 	default:
1151                 ND_PRINT((ndo,", length %u", length));
1152                 if (ndo->ndo_vflag <= 1)
1153                         print_unknown_data(ndo, bp,"\n\t", length);
1154                 return;
1155         }
1156         if (!ndo->ndo_vflag)
1157                 ND_PRINT((ndo,", length %u", length));
1158 	return;
1159 trunc:
1160 	ND_PRINT((ndo, "[|icmp6]"));
1161 }
1162 
1163 static const struct udphdr *
get_upperlayer(netdissect_options * ndo,const u_char * bp,u_int * prot)1164 get_upperlayer(netdissect_options *ndo, const u_char *bp, u_int *prot)
1165 {
1166 	const u_char *ep;
1167 	const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp;
1168 	const struct udphdr *uh;
1169 	const struct ip6_hbh *hbh;
1170 	const struct ip6_frag *fragh;
1171 	const struct ah *ah;
1172 	u_int nh;
1173 	int hlen;
1174 
1175 	/* 'ep' points to the end of available data. */
1176 	ep = ndo->ndo_snapend;
1177 
1178 	if (!ND_TTEST(ip6->ip6_nxt))
1179 		return NULL;
1180 
1181 	nh = ip6->ip6_nxt;
1182 	hlen = sizeof(struct ip6_hdr);
1183 
1184 	while (bp < ep) {
1185 		bp += hlen;
1186 
1187 		switch(nh) {
1188 		case IPPROTO_UDP:
1189 		case IPPROTO_TCP:
1190 			uh = (const struct udphdr *)bp;
1191 			if (ND_TTEST(uh->uh_dport)) {
1192 				*prot = nh;
1193 				return(uh);
1194 			}
1195 			else
1196 				return(NULL);
1197 			/* NOTREACHED */
1198 
1199 		case IPPROTO_HOPOPTS:
1200 		case IPPROTO_DSTOPTS:
1201 		case IPPROTO_ROUTING:
1202 			hbh = (const struct ip6_hbh *)bp;
1203 			if (!ND_TTEST(hbh->ip6h_len))
1204 				return(NULL);
1205 			nh = hbh->ip6h_nxt;
1206 			hlen = (hbh->ip6h_len + 1) << 3;
1207 			break;
1208 
1209 		case IPPROTO_FRAGMENT: /* this should be odd, but try anyway */
1210 			fragh = (const struct ip6_frag *)bp;
1211 			if (!ND_TTEST(fragh->ip6f_offlg))
1212 				return(NULL);
1213 			/* fragments with non-zero offset are meaningless */
1214 			if ((EXTRACT_16BITS(&fragh->ip6f_offlg) & IP6F_OFF_MASK) != 0)
1215 				return(NULL);
1216 			nh = fragh->ip6f_nxt;
1217 			hlen = sizeof(struct ip6_frag);
1218 			break;
1219 
1220 		case IPPROTO_AH:
1221 			ah = (const struct ah *)bp;
1222 			if (!ND_TTEST(ah->ah_len))
1223 				return(NULL);
1224 			nh = ah->ah_nxt;
1225 			hlen = (ah->ah_len + 2) << 2;
1226 			break;
1227 
1228 		default:	/* unknown or undecodable header */
1229 			*prot = nh; /* meaningless, but set here anyway */
1230 			return(NULL);
1231 		}
1232 	}
1233 
1234 	return(NULL);		/* should be notreached, though */
1235 }
1236 
1237 static void
icmp6_opt_print(netdissect_options * ndo,const u_char * bp,int resid)1238 icmp6_opt_print(netdissect_options *ndo, const u_char *bp, int resid)
1239 {
1240 	const struct nd_opt_hdr *op;
1241 	const struct nd_opt_prefix_info *opp;
1242 	const struct nd_opt_mtu *opm;
1243 	const struct nd_opt_rdnss *oprd;
1244 	const struct nd_opt_dnssl *opds;
1245 	const struct nd_opt_advinterval *opa;
1246 	const struct nd_opt_homeagent_info *oph;
1247 	const struct nd_opt_route_info *opri;
1248 	const u_char *cp, *ep, *domp;
1249 	struct in6_addr in6;
1250 	const struct in6_addr *in6p;
1251 	size_t l;
1252 	u_int i;
1253 
1254 #define ECHECK(var) if ((const u_char *)&(var) > ep - sizeof(var)) return
1255 
1256 	cp = bp;
1257 	/* 'ep' points to the end of available data. */
1258 	ep = ndo->ndo_snapend;
1259 
1260 	while (cp < ep) {
1261 		op = (const struct nd_opt_hdr *)cp;
1262 
1263 		ECHECK(op->nd_opt_len);
1264 		if (resid <= 0)
1265 			return;
1266 		if (op->nd_opt_len == 0)
1267 			goto trunc;
1268 		if (cp + (op->nd_opt_len << 3) > ep)
1269 			goto trunc;
1270 
1271                 ND_PRINT((ndo,"\n\t  %s option (%u), length %u (%u): ",
1272                           tok2str(icmp6_opt_values, "unknown", op->nd_opt_type),
1273                           op->nd_opt_type,
1274                           op->nd_opt_len << 3,
1275                           op->nd_opt_len));
1276 
1277 		switch (op->nd_opt_type) {
1278 		case ND_OPT_SOURCE_LINKADDR:
1279 			l = (op->nd_opt_len << 3) - 2;
1280 			print_lladdr(ndo, cp + 2, l);
1281 			break;
1282 		case ND_OPT_TARGET_LINKADDR:
1283 			l = (op->nd_opt_len << 3) - 2;
1284 			print_lladdr(ndo, cp + 2, l);
1285 			break;
1286 		case ND_OPT_PREFIX_INFORMATION:
1287 			opp = (const struct nd_opt_prefix_info *)op;
1288 			ND_TCHECK(opp->nd_opt_pi_prefix);
1289                         ND_PRINT((ndo,"%s/%u%s, Flags [%s], valid time %s",
1290                                   ip6addr_string(ndo, &opp->nd_opt_pi_prefix),
1291                                   opp->nd_opt_pi_prefix_len,
1292                                   (op->nd_opt_len != 4) ? "badlen" : "",
1293                                   bittok2str(icmp6_opt_pi_flag_values, "none", opp->nd_opt_pi_flags_reserved),
1294                                   get_lifetime(EXTRACT_32BITS(&opp->nd_opt_pi_valid_time))));
1295                         ND_PRINT((ndo,", pref. time %s", get_lifetime(EXTRACT_32BITS(&opp->nd_opt_pi_preferred_time))));
1296 			break;
1297 		case ND_OPT_REDIRECTED_HEADER:
1298                         print_unknown_data(ndo, bp,"\n\t    ",op->nd_opt_len<<3);
1299 			/* xxx */
1300 			break;
1301 		case ND_OPT_MTU:
1302 			opm = (const struct nd_opt_mtu *)op;
1303 			ND_TCHECK(opm->nd_opt_mtu_mtu);
1304 			ND_PRINT((ndo," %u%s",
1305                                EXTRACT_32BITS(&opm->nd_opt_mtu_mtu),
1306                                   (op->nd_opt_len != 1) ? "bad option length" : "" ));
1307                         break;
1308 		case ND_OPT_RDNSS:
1309 			oprd = (const struct nd_opt_rdnss *)op;
1310 			l = (op->nd_opt_len - 1) / 2;
1311 			ND_PRINT((ndo," lifetime %us,",
1312                                   EXTRACT_32BITS(&oprd->nd_opt_rdnss_lifetime)));
1313 			for (i = 0; i < l; i++) {
1314 				ND_TCHECK(oprd->nd_opt_rdnss_addr[i]);
1315 				ND_PRINT((ndo," addr: %s",
1316                                           ip6addr_string(ndo, &oprd->nd_opt_rdnss_addr[i])));
1317 			}
1318 			break;
1319 		case ND_OPT_DNSSL:
1320 			opds = (const struct nd_opt_dnssl *)op;
1321 			ND_PRINT((ndo," lifetime %us, domain(s):",
1322                                   EXTRACT_32BITS(&opds->nd_opt_dnssl_lifetime)));
1323 			domp = cp + 8; /* domain names, variable-sized, RFC1035-encoded */
1324 			while (domp < cp + (op->nd_opt_len << 3) && *domp != '\0')
1325 			{
1326 				ND_PRINT((ndo, " "));
1327 				if ((domp = ns_nprint (ndo, domp, bp)) == NULL)
1328 					goto trunc;
1329 			}
1330 			break;
1331 		case ND_OPT_ADVINTERVAL:
1332 			opa = (const struct nd_opt_advinterval *)op;
1333 			ND_TCHECK(opa->nd_opt_adv_interval);
1334 			ND_PRINT((ndo," %ums", EXTRACT_32BITS(&opa->nd_opt_adv_interval)));
1335 			break;
1336                 case ND_OPT_HOMEAGENT_INFO:
1337 			oph = (const struct nd_opt_homeagent_info *)op;
1338 			ND_TCHECK(oph->nd_opt_hai_lifetime);
1339 			ND_PRINT((ndo," preference %u, lifetime %u",
1340                                   EXTRACT_16BITS(&oph->nd_opt_hai_preference),
1341                                   EXTRACT_16BITS(&oph->nd_opt_hai_lifetime)));
1342 			break;
1343 		case ND_OPT_ROUTE_INFO:
1344 			opri = (const struct nd_opt_route_info *)op;
1345 			ND_TCHECK(opri->nd_opt_rti_lifetime);
1346 			memset(&in6, 0, sizeof(in6));
1347 			in6p = (const struct in6_addr *)(opri + 1);
1348 			switch (op->nd_opt_len) {
1349 			case 1:
1350 				break;
1351 			case 2:
1352 				ND_TCHECK2(*in6p, 8);
1353 				memcpy(&in6, opri + 1, 8);
1354 				break;
1355 			case 3:
1356 				ND_TCHECK(*in6p);
1357 				memcpy(&in6, opri + 1, sizeof(in6));
1358 				break;
1359 			default:
1360 				goto trunc;
1361 			}
1362 			ND_PRINT((ndo," %s/%u", ip6addr_string(ndo, &in6),
1363                                   opri->nd_opt_rti_prefixlen));
1364 			ND_PRINT((ndo,", pref=%s", get_rtpref(opri->nd_opt_rti_flags)));
1365 			ND_PRINT((ndo,", lifetime=%s",
1366                                   get_lifetime(EXTRACT_32BITS(&opri->nd_opt_rti_lifetime))));
1367 			break;
1368 		default:
1369                         if (ndo->ndo_vflag <= 1) {
1370                                 print_unknown_data(ndo,cp+2,"\n\t  ", (op->nd_opt_len << 3) - 2); /* skip option header */
1371                             return;
1372                         }
1373                         break;
1374 		}
1375                 /* do we want to see an additional hexdump ? */
1376                 if (ndo->ndo_vflag> 1)
1377                         print_unknown_data(ndo, cp+2,"\n\t    ", (op->nd_opt_len << 3) - 2); /* skip option header */
1378 
1379 		cp += op->nd_opt_len << 3;
1380 		resid -= op->nd_opt_len << 3;
1381 	}
1382 	return;
1383 
1384  trunc:
1385 	ND_PRINT((ndo, "[ndp opt]"));
1386 	return;
1387 #undef ECHECK
1388 }
1389 
1390 static void
mld6_print(netdissect_options * ndo,const u_char * bp)1391 mld6_print(netdissect_options *ndo, const u_char *bp)
1392 {
1393 	const struct mld6_hdr *mp = (const struct mld6_hdr *)bp;
1394 	const u_char *ep;
1395 
1396 	/* 'ep' points to the end of available data. */
1397 	ep = ndo->ndo_snapend;
1398 
1399 	if ((const u_char *)mp + sizeof(*mp) > ep)
1400 		return;
1401 
1402 	ND_PRINT((ndo,"max resp delay: %d ", EXTRACT_16BITS(&mp->mld6_maxdelay)));
1403 	ND_PRINT((ndo,"addr: %s", ip6addr_string(ndo, &mp->mld6_addr)));
1404 }
1405 
1406 static void
mldv2_report_print(netdissect_options * ndo,const u_char * bp,u_int len)1407 mldv2_report_print(netdissect_options *ndo, const u_char *bp, u_int len)
1408 {
1409     const struct icmp6_hdr *icp = (const struct icmp6_hdr *) bp;
1410     u_int group, nsrcs, ngroups;
1411     u_int i, j;
1412 
1413     /* Minimum len is 8 */
1414     if (len < 8) {
1415             ND_PRINT((ndo," [invalid len %d]", len));
1416             return;
1417     }
1418 
1419     ND_TCHECK(icp->icmp6_data16[1]);
1420     ngroups = EXTRACT_16BITS(&icp->icmp6_data16[1]);
1421     ND_PRINT((ndo,", %d group record(s)", ngroups));
1422     if (ndo->ndo_vflag > 0) {
1423 	/* Print the group records */
1424 	group = 8;
1425         for (i = 0; i < ngroups; i++) {
1426 	    /* type(1) + auxlen(1) + numsrc(2) + grp(16) */
1427 	    if (len < group + 20) {
1428                     ND_PRINT((ndo," [invalid number of groups]"));
1429                     return;
1430 	    }
1431             ND_TCHECK2(bp[group + 4], sizeof(struct in6_addr));
1432             ND_PRINT((ndo," [gaddr %s", ip6addr_string(ndo, &bp[group + 4])));
1433 	    ND_PRINT((ndo," %s", tok2str(mldv2report2str, " [v2-report-#%d]",
1434                                          bp[group])));
1435             nsrcs = (bp[group + 2] << 8) + bp[group + 3];
1436 	    /* Check the number of sources and print them */
1437 	    if (len < group + 20 + (nsrcs * sizeof(struct in6_addr))) {
1438                     ND_PRINT((ndo," [invalid number of sources %d]", nsrcs));
1439                     return;
1440 	    }
1441             if (ndo->ndo_vflag == 1)
1442                     ND_PRINT((ndo,", %d source(s)", nsrcs));
1443             else {
1444 		/* Print the sources */
1445                     ND_PRINT((ndo," {"));
1446                 for (j = 0; j < nsrcs; j++) {
1447                     ND_TCHECK2(bp[group + 20 + j * sizeof(struct in6_addr)],
1448                             sizeof(struct in6_addr));
1449 		    ND_PRINT((ndo," %s", ip6addr_string(ndo, &bp[group + 20 + j * sizeof(struct in6_addr)])));
1450 		}
1451                 ND_PRINT((ndo," }"));
1452             }
1453 	    /* Next group record */
1454             group += 20 + nsrcs * sizeof(struct in6_addr);
1455 	    ND_PRINT((ndo,"]"));
1456         }
1457     }
1458     return;
1459 trunc:
1460     ND_PRINT((ndo,"[|icmp6]"));
1461     return;
1462 }
1463 
1464 static void
mldv2_query_print(netdissect_options * ndo,const u_char * bp,u_int len)1465 mldv2_query_print(netdissect_options *ndo, const u_char *bp, u_int len)
1466 {
1467     const struct icmp6_hdr *icp = (const struct icmp6_hdr *) bp;
1468     u_int mrc;
1469     int mrt, qqi;
1470     u_int nsrcs;
1471     register u_int i;
1472 
1473     /* Minimum len is 28 */
1474     if (len < 28) {
1475             ND_PRINT((ndo," [invalid len %d]", len));
1476 	return;
1477     }
1478     ND_TCHECK(icp->icmp6_data16[0]);
1479     mrc = EXTRACT_16BITS(&icp->icmp6_data16[0]);
1480     if (mrc < 32768) {
1481 	mrt = mrc;
1482     } else {
1483         mrt = ((mrc & 0x0fff) | 0x1000) << (((mrc & 0x7000) >> 12) + 3);
1484     }
1485     if (ndo->ndo_vflag) {
1486             ND_PRINT((ndo," [max resp delay=%d]", mrt));
1487     }
1488     ND_TCHECK2(bp[8], sizeof(struct in6_addr));
1489     ND_PRINT((ndo," [gaddr %s", ip6addr_string(ndo, &bp[8])));
1490 
1491     if (ndo->ndo_vflag) {
1492         ND_TCHECK(bp[25]);
1493 	if (bp[24] & 0x08) {
1494 		ND_PRINT((ndo," sflag"));
1495 	}
1496 	if (bp[24] & 0x07) {
1497 		ND_PRINT((ndo," robustness=%d", bp[24] & 0x07));
1498 	}
1499 	if (bp[25] < 128) {
1500 		qqi = bp[25];
1501 	} else {
1502 		qqi = ((bp[25] & 0x0f) | 0x10) << (((bp[25] & 0x70) >> 4) + 3);
1503 	}
1504 	ND_PRINT((ndo," qqi=%d", qqi));
1505     }
1506 
1507     ND_TCHECK2(bp[26], 2);
1508     nsrcs = EXTRACT_16BITS(&bp[26]);
1509     if (nsrcs > 0) {
1510 	if (len < 28 + nsrcs * sizeof(struct in6_addr))
1511 	    ND_PRINT((ndo," [invalid number of sources]"));
1512 	else if (ndo->ndo_vflag > 1) {
1513 	    ND_PRINT((ndo," {"));
1514 	    for (i = 0; i < nsrcs; i++) {
1515 		ND_TCHECK2(bp[28 + i * sizeof(struct in6_addr)],
1516                         sizeof(struct in6_addr));
1517 		ND_PRINT((ndo," %s", ip6addr_string(ndo, &bp[28 + i * sizeof(struct in6_addr)])));
1518 	    }
1519 	    ND_PRINT((ndo," }"));
1520 	} else
1521                 ND_PRINT((ndo,", %d source(s)", nsrcs));
1522     }
1523     ND_PRINT((ndo,"]"));
1524     return;
1525 trunc:
1526     ND_PRINT((ndo,"[|icmp6]"));
1527     return;
1528 }
1529 
1530 static void
dnsname_print(netdissect_options * ndo,const u_char * cp,const u_char * ep)1531 dnsname_print(netdissect_options *ndo, const u_char *cp, const u_char *ep)
1532 {
1533 	int i;
1534 
1535 	/* DNS name decoding - no decompression */
1536 	ND_PRINT((ndo,", \""));
1537 	while (cp < ep) {
1538 		i = *cp++;
1539 		if (i) {
1540 			if (i > ep - cp) {
1541 				ND_PRINT((ndo,"???"));
1542 				break;
1543 			}
1544 			while (i-- && cp < ep) {
1545 				safeputchar(ndo, *cp);
1546 				cp++;
1547 			}
1548 			if (cp + 1 < ep && *cp)
1549 				ND_PRINT((ndo,"."));
1550 		} else {
1551 			if (cp == ep) {
1552 				/* FQDN */
1553 				ND_PRINT((ndo,"."));
1554 			} else if (cp + 1 == ep && *cp == '\0') {
1555 				/* truncated */
1556 			} else {
1557 				/* invalid */
1558 				ND_PRINT((ndo,"???"));
1559 			}
1560 			break;
1561 		}
1562 	}
1563 	ND_PRINT((ndo,"\""));
1564 }
1565 
1566 static void
icmp6_nodeinfo_print(netdissect_options * ndo,u_int icmp6len,const u_char * bp,const u_char * ep)1567 icmp6_nodeinfo_print(netdissect_options *ndo, u_int icmp6len, const u_char *bp, const u_char *ep)
1568 {
1569 	const struct icmp6_nodeinfo *ni6;
1570 	const struct icmp6_hdr *dp;
1571 	const u_char *cp;
1572 	size_t siz, i;
1573 	int needcomma;
1574 
1575 	if (ep < bp)
1576 		return;
1577 	dp = (const struct icmp6_hdr *)bp;
1578 	ni6 = (const struct icmp6_nodeinfo *)bp;
1579 	siz = ep - bp;
1580 
1581 	switch (ni6->ni_type) {
1582 	case ICMP6_NI_QUERY:
1583 		if (siz == sizeof(*dp) + 4) {
1584 			/* KAME who-are-you */
1585 			ND_PRINT((ndo," who-are-you request"));
1586 			break;
1587 		}
1588 		ND_PRINT((ndo," node information query"));
1589 
1590 		ND_TCHECK2(*dp, sizeof(*ni6));
1591 		ni6 = (const struct icmp6_nodeinfo *)dp;
1592 		ND_PRINT((ndo," ("));	/*)*/
1593 		switch (EXTRACT_16BITS(&ni6->ni_qtype)) {
1594 		case NI_QTYPE_NOOP:
1595 			ND_PRINT((ndo,"noop"));
1596 			break;
1597 		case NI_QTYPE_SUPTYPES:
1598 			ND_PRINT((ndo,"supported qtypes"));
1599 			i = EXTRACT_16BITS(&ni6->ni_flags);
1600 			if (i)
1601 				ND_PRINT((ndo," [%s]", (i & 0x01) ? "C" : ""));
1602 			break;
1603 		case NI_QTYPE_FQDN:
1604 			ND_PRINT((ndo,"DNS name"));
1605 			break;
1606 		case NI_QTYPE_NODEADDR:
1607 			ND_PRINT((ndo,"node addresses"));
1608 			i = ni6->ni_flags;
1609 			if (!i)
1610 				break;
1611 			/* NI_NODEADDR_FLAG_TRUNCATE undefined for query */
1612 			ND_PRINT((ndo," [%s%s%s%s%s%s]",
1613 			    (i & NI_NODEADDR_FLAG_ANYCAST) ? "a" : "",
1614 			    (i & NI_NODEADDR_FLAG_GLOBAL) ? "G" : "",
1615 			    (i & NI_NODEADDR_FLAG_SITELOCAL) ? "S" : "",
1616 			    (i & NI_NODEADDR_FLAG_LINKLOCAL) ? "L" : "",
1617 			    (i & NI_NODEADDR_FLAG_COMPAT) ? "C" : "",
1618 			    (i & NI_NODEADDR_FLAG_ALL) ? "A" : ""));
1619 			break;
1620 		default:
1621 			ND_PRINT((ndo,"unknown"));
1622 			break;
1623 		}
1624 
1625 		if (ni6->ni_qtype == NI_QTYPE_NOOP ||
1626 		    ni6->ni_qtype == NI_QTYPE_SUPTYPES) {
1627 			if (siz != sizeof(*ni6))
1628 				if (ndo->ndo_vflag)
1629 					ND_PRINT((ndo,", invalid len"));
1630 			/*(*/
1631 			ND_PRINT((ndo,")"));
1632 			break;
1633 		}
1634 
1635 
1636 		/* XXX backward compat, icmp-name-lookup-03 */
1637 		if (siz == sizeof(*ni6)) {
1638 			ND_PRINT((ndo,", 03 draft"));
1639 			/*(*/
1640 			ND_PRINT((ndo,")"));
1641 			break;
1642 		}
1643 
1644 		switch (ni6->ni_code) {
1645 		case ICMP6_NI_SUBJ_IPV6:
1646 			if (!ND_TTEST2(*dp,
1647 			    sizeof(*ni6) + sizeof(struct in6_addr)))
1648 				break;
1649 			if (siz != sizeof(*ni6) + sizeof(struct in6_addr)) {
1650 				if (ndo->ndo_vflag)
1651 					ND_PRINT((ndo,", invalid subject len"));
1652 				break;
1653 			}
1654 			ND_PRINT((ndo,", subject=%s",
1655                                   ip6addr_string(ndo, ni6 + 1)));
1656 			break;
1657 		case ICMP6_NI_SUBJ_FQDN:
1658 			ND_PRINT((ndo,", subject=DNS name"));
1659 			cp = (const u_char *)(ni6 + 1);
1660 			if (cp[0] == ep - cp - 1) {
1661 				/* icmp-name-lookup-03, pascal string */
1662 				if (ndo->ndo_vflag)
1663 					ND_PRINT((ndo,", 03 draft"));
1664 				cp++;
1665 				ND_PRINT((ndo,", \""));
1666 				while (cp < ep) {
1667 					safeputchar(ndo, *cp);
1668 					cp++;
1669 				}
1670 				ND_PRINT((ndo,"\""));
1671 			} else
1672 				dnsname_print(ndo, cp, ep);
1673 			break;
1674 		case ICMP6_NI_SUBJ_IPV4:
1675 			if (!ND_TTEST2(*dp, sizeof(*ni6) + sizeof(struct in_addr)))
1676 				break;
1677 			if (siz != sizeof(*ni6) + sizeof(struct in_addr)) {
1678 				if (ndo->ndo_vflag)
1679 					ND_PRINT((ndo,", invalid subject len"));
1680 				break;
1681 			}
1682 			ND_PRINT((ndo,", subject=%s",
1683                                   ipaddr_string(ndo, ni6 + 1)));
1684 			break;
1685 		default:
1686 			ND_PRINT((ndo,", unknown subject"));
1687 			break;
1688 		}
1689 
1690 		/*(*/
1691 		ND_PRINT((ndo,")"));
1692 		break;
1693 
1694 	case ICMP6_NI_REPLY:
1695 		if (icmp6len > siz) {
1696 			ND_PRINT((ndo,"[|icmp6: node information reply]"));
1697 			break;
1698 		}
1699 
1700 		needcomma = 0;
1701 
1702 		ND_TCHECK2(*dp, sizeof(*ni6));
1703 		ni6 = (const struct icmp6_nodeinfo *)dp;
1704 		ND_PRINT((ndo," node information reply"));
1705 		ND_PRINT((ndo," ("));	/*)*/
1706 		switch (ni6->ni_code) {
1707 		case ICMP6_NI_SUCCESS:
1708 			if (ndo->ndo_vflag) {
1709 				ND_PRINT((ndo,"success"));
1710 				needcomma++;
1711 			}
1712 			break;
1713 		case ICMP6_NI_REFUSED:
1714 			ND_PRINT((ndo,"refused"));
1715 			needcomma++;
1716 			if (siz != sizeof(*ni6))
1717 				if (ndo->ndo_vflag)
1718 					ND_PRINT((ndo,", invalid length"));
1719 			break;
1720 		case ICMP6_NI_UNKNOWN:
1721 			ND_PRINT((ndo,"unknown"));
1722 			needcomma++;
1723 			if (siz != sizeof(*ni6))
1724 				if (ndo->ndo_vflag)
1725 					ND_PRINT((ndo,", invalid length"));
1726 			break;
1727 		}
1728 
1729 		if (ni6->ni_code != ICMP6_NI_SUCCESS) {
1730 			/*(*/
1731 			ND_PRINT((ndo,")"));
1732 			break;
1733 		}
1734 
1735 		switch (EXTRACT_16BITS(&ni6->ni_qtype)) {
1736 		case NI_QTYPE_NOOP:
1737 			if (needcomma)
1738 				ND_PRINT((ndo,", "));
1739 			ND_PRINT((ndo,"noop"));
1740 			if (siz != sizeof(*ni6))
1741 				if (ndo->ndo_vflag)
1742 					ND_PRINT((ndo,", invalid length"));
1743 			break;
1744 		case NI_QTYPE_SUPTYPES:
1745 			if (needcomma)
1746 				ND_PRINT((ndo,", "));
1747 			ND_PRINT((ndo,"supported qtypes"));
1748 			i = EXTRACT_16BITS(&ni6->ni_flags);
1749 			if (i)
1750 				ND_PRINT((ndo," [%s]", (i & 0x01) ? "C" : ""));
1751 			break;
1752 		case NI_QTYPE_FQDN:
1753 			if (needcomma)
1754 				ND_PRINT((ndo,", "));
1755 			ND_PRINT((ndo,"DNS name"));
1756 			cp = (const u_char *)(ni6 + 1) + 4;
1757 			ND_TCHECK(cp[0]);
1758 			if (cp[0] == ep - cp - 1) {
1759 				/* icmp-name-lookup-03, pascal string */
1760 				if (ndo->ndo_vflag)
1761 					ND_PRINT((ndo,", 03 draft"));
1762 				cp++;
1763 				ND_PRINT((ndo,", \""));
1764 				while (cp < ep) {
1765 					safeputchar(ndo, *cp);
1766 					cp++;
1767 				}
1768 				ND_PRINT((ndo,"\""));
1769 			} else
1770 				dnsname_print(ndo, cp, ep);
1771 			if ((EXTRACT_16BITS(&ni6->ni_flags) & 0x01) != 0)
1772 				ND_PRINT((ndo," [TTL=%u]", EXTRACT_32BITS(ni6 + 1)));
1773 			break;
1774 		case NI_QTYPE_NODEADDR:
1775 			if (needcomma)
1776 				ND_PRINT((ndo,", "));
1777 			ND_PRINT((ndo,"node addresses"));
1778 			i = sizeof(*ni6);
1779 			while (i < siz) {
1780 				if (i + sizeof(struct in6_addr) + sizeof(int32_t) > siz)
1781 					break;
1782 				ND_PRINT((ndo," %s", ip6addr_string(ndo, bp + i)));
1783 				i += sizeof(struct in6_addr);
1784 				ND_PRINT((ndo,"(%d)", (int32_t)EXTRACT_32BITS(bp + i)));
1785 				i += sizeof(int32_t);
1786 			}
1787 			i = ni6->ni_flags;
1788 			if (!i)
1789 				break;
1790 			ND_PRINT((ndo," [%s%s%s%s%s%s%s]",
1791                                   (i & NI_NODEADDR_FLAG_ANYCAST) ? "a" : "",
1792                                   (i & NI_NODEADDR_FLAG_GLOBAL) ? "G" : "",
1793                                   (i & NI_NODEADDR_FLAG_SITELOCAL) ? "S" : "",
1794                                   (i & NI_NODEADDR_FLAG_LINKLOCAL) ? "L" : "",
1795                                   (i & NI_NODEADDR_FLAG_COMPAT) ? "C" : "",
1796                                   (i & NI_NODEADDR_FLAG_ALL) ? "A" : "",
1797                                   (i & NI_NODEADDR_FLAG_TRUNCATE) ? "T" : ""));
1798 			break;
1799 		default:
1800 			if (needcomma)
1801 				ND_PRINT((ndo,", "));
1802 			ND_PRINT((ndo,"unknown"));
1803 			break;
1804 		}
1805 
1806 		/*(*/
1807 		ND_PRINT((ndo,")"));
1808 		break;
1809 	}
1810 	return;
1811 
1812 trunc:
1813 	ND_PRINT((ndo, "[|icmp6]"));
1814 }
1815 
1816 static void
icmp6_rrenum_print(netdissect_options * ndo,const u_char * bp,const u_char * ep)1817 icmp6_rrenum_print(netdissect_options *ndo, const u_char *bp, const u_char *ep)
1818 {
1819 	const struct icmp6_router_renum *rr6;
1820 	const char *cp;
1821 	const struct rr_pco_match *match;
1822 	const struct rr_pco_use *use;
1823 	char hbuf[NI_MAXHOST];
1824 	int n;
1825 
1826 	if (ep < bp)
1827 		return;
1828 	rr6 = (const struct icmp6_router_renum *)bp;
1829 	cp = (const char *)(rr6 + 1);
1830 
1831 	ND_TCHECK(rr6->rr_reserved);
1832 	switch (rr6->rr_code) {
1833 	case ICMP6_ROUTER_RENUMBERING_COMMAND:
1834 		ND_PRINT((ndo,"router renum: command"));
1835 		break;
1836 	case ICMP6_ROUTER_RENUMBERING_RESULT:
1837 		ND_PRINT((ndo,"router renum: result"));
1838 		break;
1839 	case ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET:
1840 		ND_PRINT((ndo,"router renum: sequence number reset"));
1841 		break;
1842 	default:
1843 		ND_PRINT((ndo,"router renum: code-#%d", rr6->rr_code));
1844 		break;
1845 	}
1846 
1847         ND_PRINT((ndo,", seq=%u", EXTRACT_32BITS(&rr6->rr_seqnum)));
1848 
1849 	if (ndo->ndo_vflag) {
1850 #define F(x, y)	((rr6->rr_flags) & (x) ? (y) : "")
1851 		ND_PRINT((ndo,"["));	/*]*/
1852 		if (rr6->rr_flags) {
1853 			ND_PRINT((ndo,"%s%s%s%s%s,", F(ICMP6_RR_FLAGS_TEST, "T"),
1854                                   F(ICMP6_RR_FLAGS_REQRESULT, "R"),
1855                                   F(ICMP6_RR_FLAGS_FORCEAPPLY, "A"),
1856                                   F(ICMP6_RR_FLAGS_SPECSITE, "S"),
1857                                   F(ICMP6_RR_FLAGS_PREVDONE, "P")));
1858 		}
1859                 ND_PRINT((ndo,"seg=%u,", rr6->rr_segnum));
1860                 ND_PRINT((ndo,"maxdelay=%u", EXTRACT_16BITS(&rr6->rr_maxdelay)));
1861 		if (rr6->rr_reserved)
1862 			ND_PRINT((ndo,"rsvd=0x%x", EXTRACT_32BITS(&rr6->rr_reserved)));
1863 		/*[*/
1864 		ND_PRINT((ndo,"]"));
1865 #undef F
1866 	}
1867 
1868 	if (rr6->rr_code == ICMP6_ROUTER_RENUMBERING_COMMAND) {
1869 		match = (const struct rr_pco_match *)cp;
1870 		cp = (const char *)(match + 1);
1871 
1872 		ND_TCHECK(match->rpm_prefix);
1873 
1874 		if (ndo->ndo_vflag > 1)
1875 			ND_PRINT((ndo,"\n\t"));
1876 		else
1877 			ND_PRINT((ndo," "));
1878 		ND_PRINT((ndo,"match("));	/*)*/
1879 		switch (match->rpm_code) {
1880 		case RPM_PCO_ADD:	ND_PRINT((ndo,"add")); break;
1881 		case RPM_PCO_CHANGE:	ND_PRINT((ndo,"change")); break;
1882 		case RPM_PCO_SETGLOBAL:	ND_PRINT((ndo,"setglobal")); break;
1883 		default:		ND_PRINT((ndo,"#%u", match->rpm_code)); break;
1884 		}
1885 
1886 		if (ndo->ndo_vflag) {
1887 			ND_PRINT((ndo,",ord=%u", match->rpm_ordinal));
1888 			ND_PRINT((ndo,",min=%u", match->rpm_minlen));
1889 			ND_PRINT((ndo,",max=%u", match->rpm_maxlen));
1890 		}
1891 		if (addrtostr6(&match->rpm_prefix, hbuf, sizeof(hbuf)))
1892 			ND_PRINT((ndo,",%s/%u", hbuf, match->rpm_matchlen));
1893 		else
1894 			ND_PRINT((ndo,",?/%u", match->rpm_matchlen));
1895 		/*(*/
1896 		ND_PRINT((ndo,")"));
1897 
1898 		n = match->rpm_len - 3;
1899 		if (n % 4)
1900 			goto trunc;
1901 		n /= 4;
1902 		while (n-- > 0) {
1903 			use = (const struct rr_pco_use *)cp;
1904 			cp = (const char *)(use + 1);
1905 
1906 			ND_TCHECK(use->rpu_prefix);
1907 
1908 			if (ndo->ndo_vflag > 1)
1909 				ND_PRINT((ndo,"\n\t"));
1910 			else
1911 				ND_PRINT((ndo," "));
1912 			ND_PRINT((ndo,"use("));	/*)*/
1913 			if (use->rpu_flags) {
1914 #define F(x, y)	((use->rpu_flags) & (x) ? (y) : "")
1915 				ND_PRINT((ndo,"%s%s,",
1916                                           F(ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME, "V"),
1917                                           F(ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME, "P")));
1918 #undef F
1919 			}
1920 			if (ndo->ndo_vflag) {
1921 				ND_PRINT((ndo,"mask=0x%x,", use->rpu_ramask));
1922 				ND_PRINT((ndo,"raflags=0x%x,", use->rpu_raflags));
1923 				if (~use->rpu_vltime == 0)
1924 					ND_PRINT((ndo,"vltime=infty,"));
1925 				else
1926 					ND_PRINT((ndo,"vltime=%u,",
1927                                                   EXTRACT_32BITS(&use->rpu_vltime)));
1928 				if (~use->rpu_pltime == 0)
1929 					ND_PRINT((ndo,"pltime=infty,"));
1930 				else
1931 					ND_PRINT((ndo,"pltime=%u,",
1932                                                   EXTRACT_32BITS(&use->rpu_pltime)));
1933 			}
1934 			if (addrtostr6(&use->rpu_prefix, hbuf, sizeof(hbuf)))
1935 				ND_PRINT((ndo,"%s/%u/%u", hbuf, use->rpu_uselen,
1936                                           use->rpu_keeplen));
1937 			else
1938 				ND_PRINT((ndo,"?/%u/%u", use->rpu_uselen,
1939                                           use->rpu_keeplen));
1940 			/*(*/
1941                         ND_PRINT((ndo,")"));
1942 		}
1943 	}
1944 
1945 	return;
1946 
1947 trunc:
1948 	ND_PRINT((ndo,"[|icmp6]"));
1949 }
1950 
1951 /*
1952  * Local Variables:
1953  * c-style: whitesmith
1954  * c-basic-offset: 8
1955  * End:
1956  */
1957