1 /**
2 * Copyright (c) 2012
3 *
4 * Gregory Detal <gregory.detal@uclouvain.be>
5 * Christoph Paasch <christoph.paasch@uclouvain.be>
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * 3. Neither the name of the University nor of the Laboratory may be used
19 * to endorse or promote products derived from this software without
20 * specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35 /* \summary: Multipath TCP (MPTCP) printer */
36
37 /* specification: RFC 6824 */
38
39 #include <config.h>
40
41 #include "netdissect-stdinc.h"
42
43 #include "netdissect.h"
44 #include "extract.h"
45 #include "addrtoname.h"
46
47 #include "tcp.h"
48
49 #define MPTCP_SUB_CAPABLE 0x0
50 #define MPTCP_SUB_JOIN 0x1
51 #define MPTCP_SUB_DSS 0x2
52 #define MPTCP_SUB_ADD_ADDR 0x3
53 #define MPTCP_SUB_REMOVE_ADDR 0x4
54 #define MPTCP_SUB_PRIO 0x5
55 #define MPTCP_SUB_FAIL 0x6
56 #define MPTCP_SUB_FCLOSE 0x7
57
58 struct mptcp_option {
59 nd_uint8_t kind;
60 nd_uint8_t len;
61 nd_uint8_t sub_etc; /* subtype upper 4 bits, other stuff lower 4 bits */
62 };
63
64 #define MPTCP_OPT_SUBTYPE(sub_etc) (((sub_etc) >> 4) & 0xF)
65
66 struct mp_capable {
67 nd_uint8_t kind;
68 nd_uint8_t len;
69 nd_uint8_t sub_ver;
70 nd_uint8_t flags;
71 nd_uint64_t sender_key;
72 nd_uint64_t receiver_key;
73 };
74
75 #define MP_CAPABLE_OPT_VERSION(sub_ver) (((sub_ver) >> 0) & 0xF)
76 #define MP_CAPABLE_C 0x80
77 #define MP_CAPABLE_S 0x01
78
79 struct mp_join {
80 nd_uint8_t kind;
81 nd_uint8_t len;
82 nd_uint8_t sub_b;
83 nd_uint8_t addr_id;
84 union {
85 struct {
86 nd_uint32_t token;
87 nd_uint32_t nonce;
88 } syn;
89 struct {
90 nd_uint64_t mac;
91 nd_uint32_t nonce;
92 } synack;
93 struct {
94 nd_byte mac[20];
95 } ack;
96 } u;
97 };
98
99 #define MP_JOIN_B 0x01
100
101 struct mp_dss {
102 nd_uint8_t kind;
103 nd_uint8_t len;
104 nd_uint8_t sub;
105 nd_uint8_t flags;
106 };
107
108 #define MP_DSS_F 0x10
109 #define MP_DSS_m 0x08
110 #define MP_DSS_M 0x04
111 #define MP_DSS_a 0x02
112 #define MP_DSS_A 0x01
113
114 static const struct tok mptcp_addr_subecho_bits[] = {
115 { 0x6, "v0-ip6" },
116 { 0x4, "v0-ip4" },
117 { 0x1, "v1-echo" },
118 { 0x0, "v1" },
119 { 0, NULL }
120 };
121
122 struct mp_add_addr {
123 nd_uint8_t kind;
124 nd_uint8_t len;
125 nd_uint8_t sub_echo;
126 nd_uint8_t addr_id;
127 union {
128 struct {
129 nd_ipv4 addr;
130 nd_uint16_t port;
131 nd_uint64_t mac;
132 } v4;
133 struct {
134 nd_ipv4 addr;
135 nd_uint64_t mac;
136 } v4np;
137 struct {
138 nd_ipv6 addr;
139 nd_uint16_t port;
140 nd_uint64_t mac;
141 } v6;
142 struct {
143 nd_ipv6 addr;
144 nd_uint64_t mac;
145 } v6np;
146 } u;
147 };
148
149 struct mp_remove_addr {
150 nd_uint8_t kind;
151 nd_uint8_t len;
152 nd_uint8_t sub;
153 /* list of addr_id */
154 nd_uint8_t addrs_id[1];
155 };
156
157 struct mp_fail {
158 nd_uint8_t kind;
159 nd_uint8_t len;
160 nd_uint8_t sub;
161 nd_uint8_t resv;
162 nd_uint64_t data_seq;
163 };
164
165 struct mp_close {
166 nd_uint8_t kind;
167 nd_uint8_t len;
168 nd_uint8_t sub;
169 nd_uint8_t rsv;
170 nd_byte key[8];
171 };
172
173 struct mp_prio {
174 nd_uint8_t kind;
175 nd_uint8_t len;
176 nd_uint8_t sub_b;
177 nd_uint8_t addr_id;
178 };
179
180 #define MP_PRIO_B 0x01
181
182 static int
dummy_print(netdissect_options * ndo _U_,const u_char * opt _U_,u_int opt_len _U_,u_char flags _U_)183 dummy_print(netdissect_options *ndo _U_,
184 const u_char *opt _U_, u_int opt_len _U_, u_char flags _U_)
185 {
186 return 1;
187 }
188
189 static int
mp_capable_print(netdissect_options * ndo,const u_char * opt,u_int opt_len,u_char flags)190 mp_capable_print(netdissect_options *ndo,
191 const u_char *opt, u_int opt_len, u_char flags)
192 {
193 const struct mp_capable *mpc = (const struct mp_capable *) opt;
194 uint8_t version;
195
196 if (!((opt_len == 12 || opt_len == 4) && flags & TH_SYN) &&
197 !((opt_len == 20 || opt_len == 22) && (flags & (TH_SYN | TH_ACK)) ==
198 TH_ACK))
199 return 0;
200
201 version = MP_CAPABLE_OPT_VERSION(GET_U_1(mpc->sub_ver));
202 switch (version) {
203 case 0: /* fall through */
204 case 1:
205 ND_PRINT(" v%u", version);
206 break;
207 default:
208 ND_PRINT(" Unknown Version (%u)", version);
209 return 1;
210 }
211
212 if (GET_U_1(mpc->flags) & MP_CAPABLE_C)
213 ND_PRINT(" csum");
214 if (opt_len == 12 || opt_len >= 20) {
215 ND_PRINT(" {0x%" PRIx64, GET_BE_U_8(mpc->sender_key));
216 if (opt_len >= 20)
217 ND_PRINT(",0x%" PRIx64, GET_BE_U_8(mpc->receiver_key));
218 ND_PRINT("}");
219 }
220 return 1;
221 }
222
223 static int
mp_join_print(netdissect_options * ndo,const u_char * opt,u_int opt_len,u_char flags)224 mp_join_print(netdissect_options *ndo,
225 const u_char *opt, u_int opt_len, u_char flags)
226 {
227 const struct mp_join *mpj = (const struct mp_join *) opt;
228
229 if (!(opt_len == 12 && (flags & TH_SYN)) &&
230 !(opt_len == 16 && (flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) &&
231 !(opt_len == 24 && (flags & TH_ACK)))
232 return 0;
233
234 if (opt_len != 24) {
235 if (GET_U_1(mpj->sub_b) & MP_JOIN_B)
236 ND_PRINT(" backup");
237 ND_PRINT(" id %u", GET_U_1(mpj->addr_id));
238 }
239
240 switch (opt_len) {
241 case 12: /* SYN */
242 ND_PRINT(" token 0x%x" " nonce 0x%x",
243 GET_BE_U_4(mpj->u.syn.token),
244 GET_BE_U_4(mpj->u.syn.nonce));
245 break;
246 case 16: /* SYN/ACK */
247 ND_PRINT(" hmac 0x%" PRIx64 " nonce 0x%x",
248 GET_BE_U_8(mpj->u.synack.mac),
249 GET_BE_U_4(mpj->u.synack.nonce));
250 break;
251 case 24: {/* ACK */
252 size_t i;
253 ND_PRINT(" hmac 0x");
254 for (i = 0; i < sizeof(mpj->u.ack.mac); ++i)
255 ND_PRINT("%02x", mpj->u.ack.mac[i]);
256 }
257 default:
258 break;
259 }
260 return 1;
261 }
262
263 static int
mp_dss_print(netdissect_options * ndo,const u_char * opt,u_int opt_len,u_char flags)264 mp_dss_print(netdissect_options *ndo,
265 const u_char *opt, u_int opt_len, u_char flags)
266 {
267 const struct mp_dss *mdss = (const struct mp_dss *) opt;
268 uint8_t mdss_flags;
269
270 /* We need the flags, at a minimum. */
271 if (opt_len < 4)
272 return 0;
273
274 if (flags & TH_SYN)
275 return 0;
276
277 mdss_flags = GET_U_1(mdss->flags);
278 if (mdss_flags & MP_DSS_F)
279 ND_PRINT(" fin");
280
281 opt += 4;
282 opt_len -= 4;
283 if (mdss_flags & MP_DSS_A) {
284 /* Ack present */
285 ND_PRINT(" ack ");
286 /*
287 * If the a flag is set, we have an 8-byte ack; if it's
288 * clear, we have a 4-byte ack.
289 */
290 if (mdss_flags & MP_DSS_a) {
291 if (opt_len < 8)
292 return 0;
293 ND_PRINT("%" PRIu64, GET_BE_U_8(opt));
294 opt += 8;
295 opt_len -= 8;
296 } else {
297 if (opt_len < 4)
298 return 0;
299 ND_PRINT("%u", GET_BE_U_4(opt));
300 opt += 4;
301 opt_len -= 4;
302 }
303 }
304
305 if (mdss_flags & MP_DSS_M) {
306 /*
307 * Data Sequence Number (DSN), Subflow Sequence Number (SSN),
308 * Data-Level Length present, and Checksum possibly present.
309 */
310 ND_PRINT(" seq ");
311 /*
312 * If the m flag is set, we have an 8-byte NDS; if it's clear,
313 * we have a 4-byte DSN.
314 */
315 if (mdss_flags & MP_DSS_m) {
316 if (opt_len < 8)
317 return 0;
318 ND_PRINT("%" PRIu64, GET_BE_U_8(opt));
319 opt += 8;
320 opt_len -= 8;
321 } else {
322 if (opt_len < 4)
323 return 0;
324 ND_PRINT("%u", GET_BE_U_4(opt));
325 opt += 4;
326 opt_len -= 4;
327 }
328 if (opt_len < 4)
329 return 0;
330 ND_PRINT(" subseq %u", GET_BE_U_4(opt));
331 opt += 4;
332 opt_len -= 4;
333 if (opt_len < 2)
334 return 0;
335 ND_PRINT(" len %u", GET_BE_U_2(opt));
336 opt += 2;
337 opt_len -= 2;
338
339 /*
340 * The Checksum is present only if negotiated.
341 * If there are at least 2 bytes left, process the next 2
342 * bytes as the Checksum.
343 */
344 if (opt_len >= 2) {
345 ND_PRINT(" csum 0x%x", GET_BE_U_2(opt));
346 opt_len -= 2;
347 }
348 }
349 if (opt_len != 0)
350 return 0;
351 return 1;
352 }
353
354 static int
add_addr_print(netdissect_options * ndo,const u_char * opt,u_int opt_len,u_char flags _U_)355 add_addr_print(netdissect_options *ndo,
356 const u_char *opt, u_int opt_len, u_char flags _U_)
357 {
358 const struct mp_add_addr *add_addr = (const struct mp_add_addr *) opt;
359
360 if (!(opt_len == 8 || opt_len == 10 || opt_len == 16 || opt_len == 18 ||
361 opt_len == 20 || opt_len == 22 || opt_len == 28 || opt_len == 30))
362 return 0;
363
364 ND_PRINT(" %s",
365 tok2str(mptcp_addr_subecho_bits, "[bad version/echo]",
366 GET_U_1(add_addr->sub_echo) & 0xF));
367 ND_PRINT(" id %u", GET_U_1(add_addr->addr_id));
368 if (opt_len == 8 || opt_len == 10 || opt_len == 16 || opt_len == 18) {
369 ND_PRINT(" %s", GET_IPADDR_STRING(add_addr->u.v4.addr));
370 if (opt_len == 10 || opt_len == 18)
371 ND_PRINT(":%u", GET_BE_U_2(add_addr->u.v4.port));
372 if (opt_len == 16)
373 ND_PRINT(" hmac 0x%" PRIx64, GET_BE_U_8(add_addr->u.v4np.mac));
374 if (opt_len == 18)
375 ND_PRINT(" hmac 0x%" PRIx64, GET_BE_U_8(add_addr->u.v4.mac));
376 }
377
378 if (opt_len == 20 || opt_len == 22 || opt_len == 28 || opt_len == 30) {
379 ND_PRINT(" %s", GET_IP6ADDR_STRING(add_addr->u.v6.addr));
380 if (opt_len == 22 || opt_len == 30)
381 ND_PRINT(":%u", GET_BE_U_2(add_addr->u.v6.port));
382 if (opt_len == 28)
383 ND_PRINT(" hmac 0x%" PRIx64, GET_BE_U_8(add_addr->u.v6np.mac));
384 if (opt_len == 30)
385 ND_PRINT(" hmac 0x%" PRIx64, GET_BE_U_8(add_addr->u.v6.mac));
386 }
387
388 return 1;
389 }
390
391 static int
remove_addr_print(netdissect_options * ndo,const u_char * opt,u_int opt_len,u_char flags _U_)392 remove_addr_print(netdissect_options *ndo,
393 const u_char *opt, u_int opt_len, u_char flags _U_)
394 {
395 const struct mp_remove_addr *remove_addr = (const struct mp_remove_addr *) opt;
396 u_int i;
397
398 if (opt_len < 4)
399 return 0;
400
401 opt_len -= 3;
402 ND_PRINT(" id");
403 for (i = 0; i < opt_len; i++)
404 ND_PRINT(" %u", GET_U_1(remove_addr->addrs_id[i]));
405 return 1;
406 }
407
408 static int
mp_prio_print(netdissect_options * ndo,const u_char * opt,u_int opt_len,u_char flags _U_)409 mp_prio_print(netdissect_options *ndo,
410 const u_char *opt, u_int opt_len, u_char flags _U_)
411 {
412 const struct mp_prio *mpp = (const struct mp_prio *) opt;
413
414 if (opt_len != 3 && opt_len != 4)
415 return 0;
416
417 if (GET_U_1(mpp->sub_b) & MP_PRIO_B)
418 ND_PRINT(" backup");
419 else
420 ND_PRINT(" non-backup");
421 if (opt_len == 4)
422 ND_PRINT(" id %u", GET_U_1(mpp->addr_id));
423
424 return 1;
425 }
426
427 static int
mp_fail_print(netdissect_options * ndo,const u_char * opt,u_int opt_len,u_char flags _U_)428 mp_fail_print(netdissect_options *ndo,
429 const u_char *opt, u_int opt_len, u_char flags _U_)
430 {
431 if (opt_len != 12)
432 return 0;
433
434 ND_PRINT(" seq %" PRIu64, GET_BE_U_8(opt + 4));
435 return 1;
436 }
437
438 static int
mp_fast_close_print(netdissect_options * ndo,const u_char * opt,u_int opt_len,u_char flags _U_)439 mp_fast_close_print(netdissect_options *ndo,
440 const u_char *opt, u_int opt_len, u_char flags _U_)
441 {
442 if (opt_len != 12)
443 return 0;
444
445 ND_PRINT(" key 0x%" PRIx64, GET_BE_U_8(opt + 4));
446 return 1;
447 }
448
449 static const struct {
450 const char *name;
451 int (*print)(netdissect_options *, const u_char *, u_int, u_char);
452 } mptcp_options[] = {
453 { "capable", mp_capable_print },
454 { "join", mp_join_print },
455 { "dss", mp_dss_print },
456 { "add-addr", add_addr_print },
457 { "rem-addr", remove_addr_print },
458 { "prio", mp_prio_print },
459 { "fail", mp_fail_print },
460 { "fast-close", mp_fast_close_print },
461 { "unknown", dummy_print },
462 };
463
464 int
mptcp_print(netdissect_options * ndo,const u_char * cp,u_int len,u_char flags)465 mptcp_print(netdissect_options *ndo,
466 const u_char *cp, u_int len, u_char flags)
467 {
468 const struct mptcp_option *opt;
469 u_int subtype;
470
471 ndo->ndo_protocol = "mptcp";
472 if (len < 3)
473 return 0;
474
475 opt = (const struct mptcp_option *) cp;
476 subtype = MPTCP_OPT_SUBTYPE(GET_U_1(opt->sub_etc));
477 subtype = ND_MIN(subtype, MPTCP_SUB_FCLOSE + 1);
478
479 ND_PRINT(" %u", len);
480
481 ND_PRINT(" %s", mptcp_options[subtype].name);
482 return mptcp_options[subtype].print(ndo, cp, len, flags);
483 }
484