1 /* $KAME: ping6.c,v 1.169 2003/07/25 06:01:47 itojun Exp $ */ 2 3 /*- 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* BSDI ping.c,v 2.3 1996/01/21 17:56:50 jch Exp */ 35 36 /* 37 * Copyright (c) 1989, 1993 38 * The Regents of the University of California. All rights reserved. 39 * 40 * This code is derived from software contributed to Berkeley by 41 * Mike Muuss. 42 * 43 * Redistribution and use in source and binary forms, with or without 44 * modification, are permitted provided that the following conditions 45 * are met: 46 * 1. Redistributions of source code must retain the above copyright 47 * notice, this list of conditions and the following disclaimer. 48 * 2. Redistributions in binary form must reproduce the above copyright 49 * notice, this list of conditions and the following disclaimer in the 50 * documentation and/or other materials provided with the distribution. 51 * 3. Neither the name of the University nor the names of its contributors 52 * may be used to endorse or promote products derived from this software 53 * without specific prior written permission. 54 * 55 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 56 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 57 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 58 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 59 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 60 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 61 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 62 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 63 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 64 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 65 * SUCH DAMAGE. 66 */ 67 68 /* 69 * Using the InterNet Control Message Protocol (ICMP) "ECHO" facility, 70 * measure round-trip-delays and packet loss across network paths. 71 * 72 * Author - 73 * Mike Muuss 74 * U. S. Army Ballistic Research Laboratory 75 * December, 1983 76 * 77 * Status - 78 * Public Domain. Distribution Unlimited. 79 * Bugs - 80 * More statistics could always be gathered. 81 * This program has to run SUID to ROOT to access the ICMP socket. 82 */ 83 /* 84 * NOTE: 85 * USE_SIN6_SCOPE_ID assumes that sin6_scope_id has the same semantics 86 * as IPV6_PKTINFO. Some people object it (sin6_scope_id specifies *link* 87 * while IPV6_PKTINFO specifies *interface*. Link is defined as collection of 88 * network attached to 1 or more interfaces) 89 */ 90 91 #include <sys/param.h> 92 #include <sys/capsicum.h> 93 #include <sys/uio.h> 94 #include <sys/socket.h> 95 96 #include <net/if.h> 97 #include <net/route.h> 98 99 #include <netinet/in.h> 100 #include <netinet/ip6.h> 101 #include <netinet/icmp6.h> 102 #include <arpa/inet.h> 103 #include <arpa/nameser.h> 104 #include <netdb.h> 105 106 #include <capsicum_helpers.h> 107 #include <casper/cap_dns.h> 108 #include <libcasper.h> 109 110 #include <ctype.h> 111 #include <err.h> 112 #include <errno.h> 113 #include <fcntl.h> 114 #include <poll.h> 115 #include <signal.h> 116 #include <stdio.h> 117 #include <stdlib.h> 118 #include <string.h> 119 #include <sysexits.h> 120 #include <time.h> 121 #include <unistd.h> 122 123 #ifdef IPSEC 124 #include <netipsec/ah.h> 125 #include <netipsec/ipsec.h> 126 #endif 127 128 #include <md5.h> 129 130 #include "main.h" 131 #include "ping6.h" 132 133 struct tv32 { 134 u_int32_t tv32_sec; 135 u_int32_t tv32_nsec; 136 }; 137 138 #define MAXPACKETLEN 131072 139 #define IP6LEN 40 140 #define ICMP6ECHOLEN 8 /* icmp echo header len excluding time */ 141 #define ICMP6ECHOTMLEN sizeof(struct tv32) 142 #define ICMP6_NIQLEN (ICMP6ECHOLEN + 8) 143 # define CONTROLLEN 10240 /* ancillary data buffer size RFC3542 20.1 */ 144 /* FQDN case, 64 bits of nonce + 32 bits ttl */ 145 #define ICMP6_NIRLEN (ICMP6ECHOLEN + 12) 146 #define EXTRA 256 /* for AH and various other headers. weird. */ 147 #define DEFDATALEN ICMP6ECHOTMLEN 148 #define MAXDATALEN MAXPACKETLEN - IP6LEN - ICMP6ECHOLEN 149 #define NROUTES 9 /* number of record route slots */ 150 #define MAXWAIT 10000 /* max ms to wait for response */ 151 #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ 152 153 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ 154 #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ 155 #define SET(bit) (A(bit) |= B(bit)) 156 #define CLR(bit) (A(bit) &= (~B(bit))) 157 #define TST(bit) (A(bit) & B(bit)) 158 159 #define F_FLOOD 0x0001 160 #define F_INTERVAL 0x0002 161 #define F_PINGFILLED 0x0008 162 #define F_QUIET 0x0010 163 #define F_RROUTE 0x0020 164 #define F_SO_DEBUG 0x0040 165 #define F_VERBOSE 0x0100 166 #ifdef IPSEC 167 #ifdef IPSEC_POLICY_IPSEC 168 #define F_POLICY 0x0400 169 #else 170 #define F_AUTHHDR 0x0200 171 #define F_ENCRYPT 0x0400 172 #endif /*IPSEC_POLICY_IPSEC*/ 173 #endif /*IPSEC*/ 174 #define F_NODEADDR 0x0800 175 #define F_FQDN 0x1000 176 #define F_INTERFACE 0x2000 177 #define F_SRCADDR 0x4000 178 #define F_FQDNOLD 0x20000 179 #define F_NIGROUP 0x40000 180 #define F_SUPTYPES 0x80000 181 #define F_NOMINMTU 0x100000 182 #define F_ONCE 0x200000 183 #define F_AUDIBLE 0x400000 184 #define F_MISSED 0x800000 185 #define F_DONTFRAG 0x1000000 186 #define F_NOUSERDATA (F_NODEADDR | F_FQDN | F_FQDNOLD | F_SUPTYPES) 187 #define F_WAITTIME 0x2000000 188 #define F_DOT 0x4000000 189 190 #define IN6LEN sizeof(struct in6_addr) 191 #define SA6LEN sizeof(struct sockaddr_in6) 192 #define DUMMY_PORT 10101 193 194 #define SIN6(s) ((struct sockaddr_in6 *)(s)) 195 196 /* 197 * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum 198 * number of received sequence numbers we can keep track of. Change 128 199 * to 8192 for complete accuracy... 200 */ 201 #define MAX_DUP_CHK (8 * 8192) 202 static int mx_dup_ck = MAX_DUP_CHK; 203 static char rcvd_tbl[MAX_DUP_CHK / 8]; 204 205 static struct sockaddr_in6 dst; /* who to ping6 */ 206 static struct sockaddr_in6 src; /* src addr of this packet */ 207 static socklen_t srclen; 208 static size_t datalen = DEFDATALEN; 209 static int ssend; /* send socket file descriptor */ 210 static int srecv; /* receive socket file descriptor */ 211 static u_char outpack[MAXPACKETLEN]; 212 static char BSPACE = '\b'; /* characters written for flood */ 213 static char BBELL = '\a'; /* characters written for AUDIBLE */ 214 static const char *DOT = "."; 215 static size_t DOTlen = 1; 216 static size_t DOTidx = 0; 217 static int ident; /* process id to identify our packets */ 218 static u_int8_t nonce[8]; /* nonce field for node information */ 219 static int hoplimit = -1; /* hoplimit */ 220 static int tclass = -1; /* traffic class */ 221 static int pcp = -2; /* vlan priority code point */ 222 static u_char *packet = NULL; 223 static cap_channel_t *capdns; 224 225 /* counters */ 226 static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ 227 static long npackets; /* max packets to transmit */ 228 static long ntransmitfailures; /* number of transmit failures */ 229 static int interval = 1000; /* interval between packets in ms */ 230 static int waittime = MAXWAIT; /* timeout for each packet */ 231 232 /* for node addresses */ 233 static u_short naflags; 234 235 /* for ancillary data(advanced API) */ 236 static struct msghdr smsghdr; 237 static struct iovec smsgiov; 238 static char *scmsg = 0; 239 240 static cap_channel_t *capdns_setup(void); 241 static void fill(char *, size_t, char *); 242 static int get_hoplim(struct msghdr *); 243 static int get_pathmtu(struct msghdr *); 244 static struct in6_pktinfo *get_rcvpktinfo(struct msghdr *); 245 static size_t pingerlen(void); 246 static int pinger(void); 247 static const char *pr_addr(struct sockaddr *, int); 248 static void pr_icmph(struct icmp6_hdr *, u_char *); 249 static void pr_iph(struct ip6_hdr *); 250 static void pr_suptypes(struct icmp6_nodeinfo *, size_t); 251 static void pr_nodeaddr(struct icmp6_nodeinfo *, int); 252 static int myechoreply(const struct icmp6_hdr *); 253 static int mynireply(const struct icmp6_nodeinfo *); 254 static const char *dnsdecode(const u_char *, const u_char *, const u_char *, 255 char *, size_t); 256 static void pr_pack(u_char *, int, struct msghdr *); 257 static void pr_exthdrs(struct msghdr *); 258 static void pr_ip6opt(void *, size_t); 259 static void pr_rthdr(void *, size_t); 260 static int pr_bitrange(u_int32_t, int, int); 261 static void pr_retip(struct ip6_hdr *, u_char *); 262 #ifdef IPSEC 263 #ifdef IPSEC_POLICY_IPSEC 264 static int setpolicy(int, char *); 265 #endif 266 #endif 267 static char *nigroup(char *, int); 268 269 int 270 ping6(int argc, char *argv[]) 271 { 272 struct timespec last, intvl; 273 struct sockaddr_in6 from, *sin6; 274 struct addrinfo hints, *res; 275 struct sigaction si_sa; 276 int cc; 277 size_t i; 278 int almost_done, ch, hold, packlen, preload, optval, error; 279 int nig_oldmcprefix = -1; 280 u_char *datap; 281 char *e, *target, *ifname = NULL, *gateway = NULL; 282 int ip6optlen = 0; 283 struct cmsghdr *scmsgp = NULL; 284 /* For control (ancillary) data received from recvmsg() */ 285 u_char cm[CONTROLLEN]; 286 #if defined(SO_SNDBUF) && defined(SO_RCVBUF) 287 u_long lsockbufsize; 288 int sockbufsize = 0; 289 #endif 290 int usepktinfo = 0; 291 struct in6_pktinfo pktinfo; 292 char *cmsg_pktinfo = NULL; 293 struct ip6_rthdr *rthdr = NULL; 294 #ifdef IPSEC_POLICY_IPSEC 295 char *policy_in = NULL; 296 char *policy_out = NULL; 297 #endif 298 double t; 299 u_long alarmtimeout; 300 size_t rthlen; 301 #ifdef IPV6_USE_MIN_MTU 302 int mflag = 0; 303 #endif 304 cap_rights_t rights_srecv; 305 cap_rights_t rights_ssend; 306 cap_rights_t rights_stdin; 307 308 /* just to be sure */ 309 memset(&smsghdr, 0, sizeof(smsghdr)); 310 memset(&smsgiov, 0, sizeof(smsgiov)); 311 memset(&pktinfo, 0, sizeof(pktinfo)); 312 313 intvl.tv_sec = interval / 1000; 314 intvl.tv_nsec = interval % 1000 * 1000000; 315 316 alarmtimeout = preload = 0; 317 datap = &outpack[ICMP6ECHOLEN + ICMP6ECHOTMLEN]; 318 capdns = capdns_setup(); 319 320 while ((ch = getopt(argc, argv, PING6OPTS)) != -1) { 321 switch (ch) { 322 case '.': 323 options |= F_DOT; 324 if (optarg != NULL) { 325 DOT = optarg; 326 DOTlen = strlen(optarg); 327 } 328 break; 329 case '6': 330 /* This option is processed in main(). */ 331 break; 332 case 'k': 333 { 334 char *cp; 335 336 options &= ~F_NOUSERDATA; 337 options |= F_NODEADDR; 338 for (cp = optarg; *cp != '\0'; cp++) { 339 switch (*cp) { 340 case 'a': 341 naflags |= NI_NODEADDR_FLAG_ALL; 342 break; 343 case 'c': 344 case 'C': 345 naflags |= NI_NODEADDR_FLAG_COMPAT; 346 break; 347 case 'l': 348 case 'L': 349 naflags |= NI_NODEADDR_FLAG_LINKLOCAL; 350 break; 351 case 's': 352 case 'S': 353 naflags |= NI_NODEADDR_FLAG_SITELOCAL; 354 break; 355 case 'g': 356 case 'G': 357 naflags |= NI_NODEADDR_FLAG_GLOBAL; 358 break; 359 case 'A': /* experimental. not in the spec */ 360 #ifdef NI_NODEADDR_FLAG_ANYCAST 361 naflags |= NI_NODEADDR_FLAG_ANYCAST; 362 break; 363 #else 364 errx(1, 365 "-a A is not supported on the platform"); 366 /*NOTREACHED*/ 367 #endif 368 default: 369 usage(); 370 /*NOTREACHED*/ 371 } 372 } 373 break; 374 } 375 case 'b': 376 #if defined(SO_SNDBUF) && defined(SO_RCVBUF) 377 errno = 0; 378 e = NULL; 379 lsockbufsize = strtoul(optarg, &e, 10); 380 sockbufsize = (int)lsockbufsize; 381 if (errno || !*optarg || *e || 382 lsockbufsize > INT_MAX) 383 errx(1, "invalid socket buffer size"); 384 #else 385 errx(1, 386 "-b option ignored: SO_SNDBUF/SO_RCVBUF socket options not supported"); 387 #endif 388 break; 389 case 'C': /* vlan priority code point */ 390 pcp = strtol(optarg, &e, 10); 391 if (*optarg == '\0' || *e != '\0') 392 errx(1, "illegal vlan pcp %s", optarg); 393 if (7 < pcp || pcp < -1) 394 errx(1, "illegal vlan pcp -- %s", optarg); 395 break; 396 case 'c': 397 npackets = strtol(optarg, &e, 10); 398 if (npackets <= 0 || *optarg == '\0' || *e != '\0') 399 errx(1, 400 "illegal number of packets -- %s", optarg); 401 break; 402 case 'D': 403 options |= F_DONTFRAG; 404 break; 405 case 'd': 406 options |= F_SO_DEBUG; 407 break; 408 case 'f': 409 if (getuid()) { 410 errno = EPERM; 411 errx(1, "Must be superuser to flood ping"); 412 } 413 options |= F_FLOOD; 414 options |= F_DOT; 415 setbuf(stdout, (char *)NULL); 416 break; 417 case 'e': 418 gateway = optarg; 419 break; 420 case 'H': 421 options |= F_HOSTNAME; 422 break; 423 case 'm': /* hoplimit */ 424 hoplimit = strtol(optarg, &e, 10); 425 if (*optarg == '\0' || *e != '\0') 426 errx(1, "illegal hoplimit %s", optarg); 427 if (255 < hoplimit || hoplimit < -1) 428 errx(1, 429 "illegal hoplimit -- %s", optarg); 430 break; 431 case 'I': 432 ifname = optarg; 433 options |= F_INTERFACE; 434 #ifndef USE_SIN6_SCOPE_ID 435 usepktinfo++; 436 #endif 437 break; 438 case 'i': /* wait between sending packets */ 439 t = strtod(optarg, &e); 440 if (*optarg == '\0' || *e != '\0') 441 errx(1, "illegal timing interval %s", optarg); 442 if (t < 1 && getuid()) { 443 errx(1, "%s: only root may use interval < 1s", 444 strerror(EPERM)); 445 } 446 intvl.tv_sec = (time_t)t; 447 intvl.tv_nsec = 448 (long)((t - intvl.tv_sec) * 1000000000); 449 if (intvl.tv_sec < 0) 450 errx(1, "illegal timing interval %s", optarg); 451 /* less than 1/hz does not make sense */ 452 if (intvl.tv_sec == 0 && intvl.tv_nsec < 1000) { 453 warnx("too small interval, raised to .000001"); 454 intvl.tv_nsec = 1000; 455 } 456 options |= F_INTERVAL; 457 break; 458 case 'l': 459 if (getuid()) { 460 errno = EPERM; 461 errx(1, "Must be superuser to preload"); 462 } 463 preload = strtol(optarg, &e, 10); 464 if (preload < 0 || *optarg == '\0' || *e != '\0') 465 errx(1, "illegal preload value -- %s", optarg); 466 break; 467 case 'u': 468 #ifdef IPV6_USE_MIN_MTU 469 mflag++; 470 break; 471 #else 472 errx(1, "-%c is not supported on this platform", ch); 473 /*NOTREACHED*/ 474 #endif 475 case 'n': 476 options &= ~F_HOSTNAME; 477 break; 478 case 'N': 479 options |= F_NIGROUP; 480 nig_oldmcprefix++; 481 break; 482 case 'o': 483 options |= F_ONCE; 484 break; 485 case 'p': /* fill buffer with user pattern */ 486 options |= F_PINGFILLED; 487 fill((char *)datap, 488 sizeof(outpack) - (datap - outpack), optarg); 489 break; 490 case 'q': 491 options |= F_QUIET; 492 break; 493 case 'a': 494 options |= F_AUDIBLE; 495 break; 496 case 'A': 497 options |= F_MISSED; 498 break; 499 case 'S': 500 memset(&hints, 0, sizeof(struct addrinfo)); 501 hints.ai_flags = AI_NUMERICHOST; /* allow hostname? */ 502 hints.ai_family = AF_INET6; 503 hints.ai_socktype = SOCK_RAW; 504 hints.ai_protocol = IPPROTO_ICMPV6; 505 506 error = cap_getaddrinfo(capdns, optarg, NULL, &hints, &res); 507 if (error) { 508 errx(1, "invalid source address: %s", 509 gai_strerror(error)); 510 } 511 /* 512 * res->ai_family must be AF_INET6 and res->ai_addrlen 513 * must be sizeof(src). 514 */ 515 memcpy(&src, res->ai_addr, res->ai_addrlen); 516 srclen = res->ai_addrlen; 517 freeaddrinfo(res); 518 options |= F_SRCADDR; 519 break; 520 case 's': /* size of packet to send */ 521 datalen = strtol(optarg, &e, 10); 522 if (datalen <= 0 || *optarg == '\0' || *e != '\0') 523 errx(1, "illegal datalen value -- %s", optarg); 524 if (datalen > MAXDATALEN) { 525 errx(1, 526 "datalen value too large, maximum is %d", 527 MAXDATALEN); 528 } 529 break; 530 case 'O': 531 options &= ~F_NOUSERDATA; 532 options |= F_SUPTYPES; 533 break; 534 case 'v': 535 options |= F_VERBOSE; 536 break; 537 case 'y': 538 options &= ~F_NOUSERDATA; 539 options |= F_FQDN; 540 break; 541 case 'Y': 542 options &= ~F_NOUSERDATA; 543 options |= F_FQDNOLD; 544 break; 545 case 'W': 546 t = strtod(optarg, &e); 547 if (*e || e == optarg || t > (double)INT_MAX) 548 errx(EX_USAGE, "invalid timing interval: `%s'", 549 optarg); 550 options |= F_WAITTIME; 551 waittime = (int)t; 552 break; 553 case 't': 554 alarmtimeout = strtoul(optarg, &e, 0); 555 if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) 556 errx(EX_USAGE, "invalid timeout: `%s'", 557 optarg); 558 if (alarmtimeout > MAXALARM) 559 errx(EX_USAGE, "invalid timeout: `%s' > %d", 560 optarg, MAXALARM); 561 { 562 struct itimerval itv; 563 564 timerclear(&itv.it_interval); 565 timerclear(&itv.it_value); 566 itv.it_value.tv_sec = (time_t)alarmtimeout; 567 if (setitimer(ITIMER_REAL, &itv, NULL) != 0) 568 err(1, "setitimer"); 569 } 570 break; 571 case 'z': /* traffic class */ 572 tclass = strtol(optarg, &e, 10); 573 if (*optarg == '\0' || *e != '\0') 574 errx(1, "illegal traffic class %s", optarg); 575 if (255 < tclass || tclass < -1) 576 errx(1, 577 "illegal traffic class -- %s", optarg); 578 break; 579 #ifdef IPSEC 580 #ifdef IPSEC_POLICY_IPSEC 581 case 'P': 582 options |= F_POLICY; 583 if (!strncmp("in", optarg, 2)) { 584 if ((policy_in = strdup(optarg)) == NULL) 585 errx(1, "strdup"); 586 } else if (!strncmp("out", optarg, 3)) { 587 if ((policy_out = strdup(optarg)) == NULL) 588 errx(1, "strdup"); 589 } else 590 errx(1, "invalid security policy"); 591 break; 592 #else 593 case 'Z': 594 options |= F_AUTHHDR; 595 break; 596 case 'E': 597 options |= F_ENCRYPT; 598 break; 599 #endif /*IPSEC_POLICY_IPSEC*/ 600 #endif /*IPSEC*/ 601 default: 602 usage(); 603 /*NOTREACHED*/ 604 } 605 } 606 607 argc -= optind; 608 argv += optind; 609 610 if (argc < 1) { 611 usage(); 612 /*NOTREACHED*/ 613 } 614 615 if (argc > 1) { 616 #ifdef IPV6_RECVRTHDR /* 2292bis */ 617 rthlen = CMSG_SPACE(inet6_rth_space(IPV6_RTHDR_TYPE_0, 618 argc - 1)); 619 #else /* RFC2292 */ 620 rthlen = inet6_rthdr_space(IPV6_RTHDR_TYPE_0, argc - 1); 621 #endif 622 if (rthlen == 0) { 623 errx(1, "too many intermediate hops"); 624 /*NOTREACHED*/ 625 } 626 ip6optlen += rthlen; 627 } 628 629 if (options & F_NIGROUP) { 630 target = nigroup(argv[argc - 1], nig_oldmcprefix); 631 if (target == NULL) { 632 usage(); 633 /*NOTREACHED*/ 634 } 635 } else 636 target = argv[argc - 1]; 637 638 /* cap_getaddrinfo */ 639 memset(&hints, 0, sizeof(struct addrinfo)); 640 hints.ai_flags = AI_CANONNAME; 641 hints.ai_family = AF_INET6; 642 hints.ai_socktype = SOCK_RAW; 643 hints.ai_protocol = IPPROTO_ICMPV6; 644 645 error = cap_getaddrinfo(capdns, target, NULL, &hints, &res); 646 if (error) 647 errx(EX_NOHOST, "cannot resolve %s: %s", 648 target, gai_strerror(error)); 649 if (res->ai_canonname) 650 hostname = strdup(res->ai_canonname); 651 else 652 hostname = target; 653 654 if (!res->ai_addr) 655 errx(EX_NOHOST, "cannot resolve %s", target); 656 657 (void)memcpy(&dst, res->ai_addr, res->ai_addrlen); 658 659 if ((ssend = socket(res->ai_family, res->ai_socktype, 660 res->ai_protocol)) < 0) 661 err(1, "socket ssend"); 662 if ((srecv = socket(res->ai_family, res->ai_socktype, 663 res->ai_protocol)) < 0) 664 err(1, "socket srecv"); 665 freeaddrinfo(res); 666 667 /* set the source address if specified. */ 668 if ((options & F_SRCADDR) != 0) { 669 /* properly fill sin6_scope_id */ 670 if (IN6_IS_ADDR_LINKLOCAL(&src.sin6_addr) && ( 671 IN6_IS_ADDR_LINKLOCAL(&dst.sin6_addr) || 672 IN6_IS_ADDR_MC_LINKLOCAL(&dst.sin6_addr) || 673 IN6_IS_ADDR_MC_NODELOCAL(&dst.sin6_addr))) { 674 if (src.sin6_scope_id == 0) 675 src.sin6_scope_id = dst.sin6_scope_id; 676 if (dst.sin6_scope_id == 0) 677 dst.sin6_scope_id = src.sin6_scope_id; 678 } 679 if (bind(ssend, (struct sockaddr *)&src, srclen) != 0) 680 err(1, "bind"); 681 } 682 /* set the gateway (next hop) if specified */ 683 if (gateway) { 684 memset(&hints, 0, sizeof(hints)); 685 hints.ai_family = AF_INET6; 686 hints.ai_socktype = SOCK_RAW; 687 hints.ai_protocol = IPPROTO_ICMPV6; 688 689 error = cap_getaddrinfo(capdns, gateway, NULL, &hints, &res); 690 if (error) { 691 errx(1, "cap_getaddrinfo for the gateway %s: %s", 692 gateway, gai_strerror(error)); 693 } 694 if (res->ai_next && (options & F_VERBOSE)) 695 warnx("gateway resolves to multiple addresses"); 696 697 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_NEXTHOP, 698 res->ai_addr, res->ai_addrlen)) { 699 err(1, "setsockopt(IPV6_NEXTHOP)"); 700 } 701 702 freeaddrinfo(res); 703 } 704 705 /* 706 * let the kernel pass extension headers of incoming packets, 707 * for privileged socket options 708 */ 709 if ((options & F_VERBOSE) != 0) { 710 int opton = 1; 711 712 #ifdef IPV6_RECVHOPOPTS 713 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPOPTS, &opton, 714 sizeof(opton))) 715 err(1, "setsockopt(IPV6_RECVHOPOPTS)"); 716 #else /* old adv. API */ 717 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPOPTS, &opton, 718 sizeof(opton))) 719 err(1, "setsockopt(IPV6_HOPOPTS)"); 720 #endif 721 #ifdef IPV6_RECVDSTOPTS 722 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVDSTOPTS, &opton, 723 sizeof(opton))) 724 err(1, "setsockopt(IPV6_RECVDSTOPTS)"); 725 #else /* old adv. API */ 726 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_DSTOPTS, &opton, 727 sizeof(opton))) 728 err(1, "setsockopt(IPV6_DSTOPTS)"); 729 #endif 730 #ifdef IPV6_RECVRTHDRDSTOPTS 731 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDRDSTOPTS, &opton, 732 sizeof(opton))) 733 err(1, "setsockopt(IPV6_RECVRTHDRDSTOPTS)"); 734 #endif 735 } 736 737 /* revoke root privilege */ 738 if (seteuid(getuid()) != 0) 739 err(1, "seteuid() failed"); 740 if (setuid(getuid()) != 0) 741 err(1, "setuid() failed"); 742 743 if ((options & F_FLOOD) && (options & F_INTERVAL)) 744 errx(1, "-f and -i incompatible options"); 745 746 if ((options & F_NOUSERDATA) == 0) { 747 if (datalen >= sizeof(struct tv32)) { 748 /* we can time transfer */ 749 timing = 1; 750 } else 751 timing = 0; 752 /* in F_VERBOSE case, we may get non-echoreply packets*/ 753 if (options & F_VERBOSE) 754 packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA; 755 else 756 packlen = datalen + IP6LEN + ICMP6ECHOLEN + EXTRA; 757 } else { 758 /* suppress timing for node information query */ 759 timing = 0; 760 datalen = 2048; 761 packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA; 762 } 763 764 if (!(packet = (u_char *)malloc((u_int)packlen))) 765 err(1, "Unable to allocate packet"); 766 if (!(options & F_PINGFILLED)) 767 for (i = (size_t)(datap - outpack); i < sizeof(outpack); ++i) 768 *datap++ = i; 769 770 ident = getpid() & 0xFFFF; 771 arc4random_buf(nonce, sizeof(nonce)); 772 optval = 1; 773 if (options & F_DONTFRAG) 774 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_DONTFRAG, 775 &optval, sizeof(optval)) == -1) 776 err(1, "IPV6_DONTFRAG"); 777 hold = 1; 778 779 if (options & F_SO_DEBUG) { 780 (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, 781 sizeof(hold)); 782 (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, 783 sizeof(hold)); 784 } 785 optval = IPV6_DEFHLIM; 786 if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr)) 787 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 788 &optval, sizeof(optval)) == -1) 789 err(1, "IPV6_MULTICAST_HOPS"); 790 #ifdef IPV6_USE_MIN_MTU 791 if (mflag != 1) { 792 optval = mflag > 1 ? 0 : 1; 793 794 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_USE_MIN_MTU, 795 &optval, sizeof(optval)) == -1) 796 err(1, "setsockopt(IPV6_USE_MIN_MTU)"); 797 } 798 #ifdef IPV6_RECVPATHMTU 799 else { 800 optval = 1; 801 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPATHMTU, 802 &optval, sizeof(optval)) == -1) 803 err(1, "setsockopt(IPV6_RECVPATHMTU)"); 804 } 805 #endif /* IPV6_RECVPATHMTU */ 806 #endif /* IPV6_USE_MIN_MTU */ 807 808 #ifdef IPSEC 809 #ifdef IPSEC_POLICY_IPSEC 810 if (options & F_POLICY) { 811 if (setpolicy(srecv, policy_in) < 0) 812 errx(1, "%s", ipsec_strerror()); 813 if (setpolicy(ssend, policy_out) < 0) 814 errx(1, "%s", ipsec_strerror()); 815 } 816 #else 817 if (options & F_AUTHHDR) { 818 optval = IPSEC_LEVEL_REQUIRE; 819 #ifdef IPV6_AUTH_TRANS_LEVEL 820 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, 821 &optval, sizeof(optval)) == -1) 822 err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)"); 823 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, 824 &optval, sizeof(optval)) == -1) 825 err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)"); 826 #else /* old def */ 827 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_LEVEL, 828 &optval, sizeof(optval)) == -1) 829 err(1, "setsockopt(IPV6_AUTH_LEVEL)"); 830 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_LEVEL, 831 &optval, sizeof(optval)) == -1) 832 err(1, "setsockopt(IPV6_AUTH_LEVEL)"); 833 #endif 834 } 835 if (options & F_ENCRYPT) { 836 optval = IPSEC_LEVEL_REQUIRE; 837 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, 838 &optval, sizeof(optval)) == -1) 839 err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)"); 840 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, 841 &optval, sizeof(optval)) == -1) 842 err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)"); 843 } 844 #endif /*IPSEC_POLICY_IPSEC*/ 845 #endif 846 847 #ifdef ICMP6_FILTER 848 { 849 struct icmp6_filter filt; 850 if (!(options & F_VERBOSE)) { 851 ICMP6_FILTER_SETBLOCKALL(&filt); 852 if ((options & F_FQDN) || (options & F_FQDNOLD) || 853 (options & F_NODEADDR) || (options & F_SUPTYPES)) 854 ICMP6_FILTER_SETPASS(ICMP6_NI_REPLY, &filt); 855 else 856 ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filt); 857 } else { 858 ICMP6_FILTER_SETPASSALL(&filt); 859 } 860 if (setsockopt(srecv, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, 861 sizeof(filt)) < 0) 862 err(1, "setsockopt(ICMP6_FILTER)"); 863 } 864 #endif /*ICMP6_FILTER*/ 865 866 /* let the kernel pass extension headers of incoming packets */ 867 if ((options & F_VERBOSE) != 0) { 868 int opton = 1; 869 870 #ifdef IPV6_RECVRTHDR 871 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDR, &opton, 872 sizeof(opton))) 873 err(1, "setsockopt(IPV6_RECVRTHDR)"); 874 #else /* old adv. API */ 875 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RTHDR, &opton, 876 sizeof(opton))) 877 err(1, "setsockopt(IPV6_RTHDR)"); 878 #endif 879 } 880 881 /* 882 optval = 1; 883 if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr)) 884 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, 885 &optval, sizeof(optval)) == -1) 886 err(1, "IPV6_MULTICAST_LOOP"); 887 */ 888 889 /* Specify the outgoing interface and/or the source address */ 890 if (usepktinfo) 891 ip6optlen += CMSG_SPACE(sizeof(struct in6_pktinfo)); 892 893 if (hoplimit != -1) 894 ip6optlen += CMSG_SPACE(sizeof(int)); 895 896 /* set IP6 packet options */ 897 if (ip6optlen) { 898 if ((scmsg = (char *)malloc(ip6optlen)) == NULL) 899 errx(1, "can't allocate enough memory"); 900 smsghdr.msg_control = (caddr_t)scmsg; 901 smsghdr.msg_controllen = ip6optlen; 902 scmsgp = CMSG_FIRSTHDR(&smsghdr); 903 } 904 if (usepktinfo) { 905 cmsg_pktinfo = CMSG_DATA(scmsgp); 906 scmsgp->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); 907 scmsgp->cmsg_level = IPPROTO_IPV6; 908 scmsgp->cmsg_type = IPV6_PKTINFO; 909 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); 910 } 911 912 /* set the outgoing interface */ 913 if (ifname) { 914 #ifndef USE_SIN6_SCOPE_ID 915 /* pktinfo must have already been allocated */ 916 if ((pktinfo.ipi6_ifindex = if_nametoindex(ifname)) == 0) 917 errx(1, "%s: invalid interface name", ifname); 918 #else 919 if ((dst.sin6_scope_id = if_nametoindex(ifname)) == 0) 920 errx(1, "%s: invalid interface name", ifname); 921 #endif 922 } 923 if (hoplimit != -1) { 924 scmsgp->cmsg_len = CMSG_LEN(sizeof(int)); 925 scmsgp->cmsg_level = IPPROTO_IPV6; 926 scmsgp->cmsg_type = IPV6_HOPLIMIT; 927 memcpy(CMSG_DATA(scmsgp), &hoplimit, sizeof(hoplimit)); 928 929 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); 930 } 931 932 if (tclass != -1) { 933 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_TCLASS, 934 &tclass, sizeof(tclass)) == -1) 935 err(1, "setsockopt(IPV6_TCLASS)"); 936 } 937 938 if (pcp != -2) { 939 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_VLAN_PCP, 940 &pcp, sizeof(pcp)) == -1) 941 err(1, "setsockopt(IPV6_VLAN_PCP)"); 942 } 943 944 if (argc > 1) { /* some intermediate addrs are specified */ 945 int hops; 946 int rthdrlen; 947 948 rthdrlen = inet6_rth_space(IPV6_RTHDR_TYPE_0, argc - 1); 949 scmsgp->cmsg_len = CMSG_LEN(rthdrlen); 950 scmsgp->cmsg_level = IPPROTO_IPV6; 951 scmsgp->cmsg_type = IPV6_RTHDR; 952 rthdr = (struct ip6_rthdr *)CMSG_DATA(scmsgp); 953 rthdr = inet6_rth_init((void *)rthdr, rthdrlen, 954 IPV6_RTHDR_TYPE_0, argc - 1); 955 if (rthdr == NULL) 956 errx(1, "can't initialize rthdr"); 957 958 for (hops = 0; hops < argc - 1; hops++) { 959 memset(&hints, 0, sizeof(hints)); 960 hints.ai_family = AF_INET6; 961 962 if ((error = cap_getaddrinfo(capdns, argv[hops], NULL, &hints, 963 &res))) 964 errx(1, "%s", gai_strerror(error)); 965 if (res->ai_addr->sa_family != AF_INET6) 966 errx(1, 967 "bad addr family of an intermediate addr"); 968 sin6 = (struct sockaddr_in6 *)(void *)res->ai_addr; 969 if (inet6_rth_add(rthdr, &sin6->sin6_addr)) 970 errx(1, "can't add an intermediate node"); 971 freeaddrinfo(res); 972 } 973 974 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); 975 } 976 977 /* From now on we will use only reverse DNS lookups. */ 978 #ifdef WITH_CASPER 979 if (capdns != NULL) { 980 const char *types[1]; 981 982 types[0] = "ADDR2NAME"; 983 if (cap_dns_type_limit(capdns, types, nitems(types)) < 0) 984 err(1, "unable to limit access to system.dns service"); 985 } 986 #endif 987 if (!(options & F_SRCADDR)) { 988 /* 989 * get the source address. XXX since we revoked the root 990 * privilege, we cannot use a raw socket for this. 991 */ 992 int dummy; 993 socklen_t len = sizeof(src); 994 995 if ((dummy = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) 996 err(1, "UDP socket"); 997 998 src.sin6_family = AF_INET6; 999 src.sin6_addr = dst.sin6_addr; 1000 src.sin6_port = ntohs(DUMMY_PORT); 1001 src.sin6_scope_id = dst.sin6_scope_id; 1002 1003 if (usepktinfo && 1004 setsockopt(dummy, IPPROTO_IPV6, IPV6_PKTINFO, 1005 (void *)&pktinfo, sizeof(pktinfo))) 1006 err(1, "UDP setsockopt(IPV6_PKTINFO)"); 1007 1008 if (hoplimit != -1 && 1009 setsockopt(dummy, IPPROTO_IPV6, IPV6_UNICAST_HOPS, 1010 (void *)&hoplimit, sizeof(hoplimit))) 1011 err(1, "UDP setsockopt(IPV6_UNICAST_HOPS)"); 1012 1013 if (hoplimit != -1 && 1014 setsockopt(dummy, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 1015 (void *)&hoplimit, sizeof(hoplimit))) 1016 err(1, "UDP setsockopt(IPV6_MULTICAST_HOPS)"); 1017 1018 if (rthdr && 1019 setsockopt(dummy, IPPROTO_IPV6, IPV6_RTHDR, 1020 (void *)rthdr, (rthdr->ip6r_len + 1) << 3)) 1021 err(1, "UDP setsockopt(IPV6_RTHDR)"); 1022 1023 if (connect(dummy, (struct sockaddr *)&src, len) < 0) 1024 err(1, "UDP connect"); 1025 1026 if (getsockname(dummy, (struct sockaddr *)&src, &len) < 0) 1027 err(1, "getsockname"); 1028 1029 close(dummy); 1030 } 1031 1032 /* Save pktinfo in the ancillary data. */ 1033 if (usepktinfo) 1034 memcpy(cmsg_pktinfo, &pktinfo, sizeof(pktinfo)); 1035 1036 if (connect(ssend, (struct sockaddr *)&dst, sizeof(dst)) != 0) 1037 err(1, "connect() ssend"); 1038 1039 caph_cache_catpages(); 1040 if (caph_enter_casper() < 0) 1041 err(1, "caph_enter_casper"); 1042 1043 cap_rights_init(&rights_stdin); 1044 if (caph_rights_limit(STDIN_FILENO, &rights_stdin) < 0) 1045 err(1, "caph_rights_limit stdin"); 1046 if (caph_limit_stdout() < 0) 1047 err(1, "caph_limit_stdout"); 1048 if (caph_limit_stderr() < 0) 1049 err(1, "caph_limit_stderr"); 1050 1051 cap_rights_init(&rights_srecv, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); 1052 if (caph_rights_limit(srecv, &rights_srecv) < 0) 1053 err(1, "caph_rights_limit srecv"); 1054 cap_rights_init(&rights_ssend, CAP_SEND, CAP_SETSOCKOPT); 1055 if (caph_rights_limit(ssend, &rights_ssend) < 0) 1056 err(1, "caph_rights_limit ssend"); 1057 1058 #if defined(SO_SNDBUF) && defined(SO_RCVBUF) 1059 if (sockbufsize) { 1060 if (datalen > (size_t)sockbufsize) 1061 warnx("you need -b to increase socket buffer size"); 1062 if (setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, &sockbufsize, 1063 sizeof(sockbufsize)) < 0) 1064 err(1, "setsockopt(SO_SNDBUF)"); 1065 if (setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, &sockbufsize, 1066 sizeof(sockbufsize)) < 0) 1067 err(1, "setsockopt(SO_RCVBUF)"); 1068 } 1069 else { 1070 if (datalen > 8 * 1024) /*XXX*/ 1071 warnx("you need -b to increase socket buffer size"); 1072 /* 1073 * When pinging the broadcast address, you can get a lot of 1074 * answers. Doing something so evil is useful if you are trying 1075 * to stress the ethernet, or just want to fill the arp cache 1076 * to get some stuff for /etc/ethers. 1077 */ 1078 hold = 48 * 1024; 1079 setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, 1080 sizeof(hold)); 1081 } 1082 #endif 1083 1084 optval = 1; 1085 #ifndef USE_SIN6_SCOPE_ID 1086 #ifdef IPV6_RECVPKTINFO 1087 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPKTINFO, &optval, 1088 sizeof(optval)) < 0) 1089 err(1, "setsockopt(IPV6_RECVPKTINFO)"); 1090 #else /* old adv. API */ 1091 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_PKTINFO, &optval, 1092 sizeof(optval)) < 0) 1093 err(1, "setsockopt(IPV6_PKTINFO)"); 1094 #endif 1095 #endif /* USE_SIN6_SCOPE_ID */ 1096 #ifdef IPV6_RECVHOPLIMIT 1097 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &optval, 1098 sizeof(optval)) < 0) 1099 err(1, "setsockopt(IPV6_RECVHOPLIMIT)"); 1100 #else /* old adv. API */ 1101 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPLIMIT, &optval, 1102 sizeof(optval)) < 0) 1103 err(1, "setsockopt(IPV6_HOPLIMIT)"); 1104 #endif 1105 1106 cap_rights_clear(&rights_srecv, CAP_SETSOCKOPT); 1107 if (caph_rights_limit(srecv, &rights_srecv) < 0) 1108 err(1, "caph_rights_limit srecv setsockopt"); 1109 cap_rights_clear(&rights_ssend, CAP_SETSOCKOPT); 1110 if (caph_rights_limit(ssend, &rights_ssend) < 0) 1111 err(1, "caph_rights_limit ssend setsockopt"); 1112 1113 printf("PING(%lu=40+8+%lu bytes) ", (unsigned long)(40 + pingerlen()), 1114 (unsigned long)(pingerlen() - 8)); 1115 printf("%s --> ", pr_addr((struct sockaddr *)&src, sizeof(src))); 1116 printf("%s\n", pr_addr((struct sockaddr *)&dst, sizeof(dst))); 1117 fflush(stdout); 1118 1119 if (preload == 0) 1120 pinger(); 1121 else { 1122 if (npackets != 0 && preload > npackets) 1123 preload = npackets; 1124 while (preload--) 1125 pinger(); 1126 } 1127 clock_gettime(CLOCK_MONOTONIC, &last); 1128 1129 sigemptyset(&si_sa.sa_mask); 1130 si_sa.sa_flags = 0; 1131 si_sa.sa_handler = onsignal; 1132 if (sigaction(SIGINT, &si_sa, 0) == -1) 1133 err(EX_OSERR, "sigaction SIGINT"); 1134 seenint = 0; 1135 if (sigaction(SIGINFO, &si_sa, 0) == -1) 1136 err(EX_OSERR, "sigaction SIGINFO"); 1137 seeninfo = 0; 1138 if (alarmtimeout > 0) { 1139 if (sigaction(SIGALRM, &si_sa, 0) == -1) 1140 err(EX_OSERR, "sigaction SIGALRM"); 1141 } 1142 if (options & F_FLOOD) { 1143 intvl.tv_sec = 0; 1144 intvl.tv_nsec = 10000000; 1145 } 1146 1147 almost_done = 0; 1148 while (seenint == 0) { 1149 struct timespec now, timeout; 1150 struct msghdr m; 1151 struct iovec iov[2]; 1152 struct pollfd pfd; 1153 int n; 1154 1155 /* signal handling */ 1156 if (seeninfo) { 1157 pr_summary(stderr); 1158 seeninfo = 0; 1159 continue; 1160 } 1161 pfd.fd = srecv; 1162 pfd.events = POLLIN; 1163 pfd.revents = 0; 1164 clock_gettime(CLOCK_MONOTONIC, &now); 1165 timespecadd(&last, &intvl, &timeout); 1166 timespecsub(&timeout, &now, &timeout); 1167 if (timeout.tv_sec < 0) 1168 timespecclear(&timeout); 1169 1170 n = ppoll(&pfd, 1, &timeout, NULL); 1171 if (n < 0) 1172 continue; /* EINTR */ 1173 if (n == 1) { 1174 m.msg_name = (caddr_t)&from; 1175 m.msg_namelen = sizeof(from); 1176 memset(&iov, 0, sizeof(iov)); 1177 iov[0].iov_base = (caddr_t)packet; 1178 iov[0].iov_len = packlen; 1179 m.msg_iov = iov; 1180 m.msg_iovlen = 1; 1181 memset(cm, 0, CONTROLLEN); 1182 m.msg_control = (void *)cm; 1183 m.msg_controllen = CONTROLLEN; 1184 1185 cc = recvmsg(srecv, &m, 0); 1186 if (cc < 0) { 1187 if (errno != EINTR) { 1188 warn("recvmsg"); 1189 sleep(1); 1190 } 1191 continue; 1192 } else if (cc == 0) { 1193 int mtu; 1194 1195 /* 1196 * receive control messages only. Process the 1197 * exceptions (currently the only possibility is 1198 * a path MTU notification.) 1199 */ 1200 if ((mtu = get_pathmtu(&m)) > 0) { 1201 if ((options & F_VERBOSE) != 0) { 1202 printf("new path MTU (%d) is " 1203 "notified\n", mtu); 1204 } 1205 } 1206 continue; 1207 } else { 1208 /* 1209 * an ICMPv6 message (probably an echoreply) 1210 * arrived. 1211 */ 1212 pr_pack(packet, cc, &m); 1213 } 1214 if (((options & F_ONCE) != 0 && nreceived > 0) || 1215 (npackets > 0 && nreceived >= npackets)) 1216 break; 1217 } 1218 if (n == 0 || (options & F_FLOOD)) { 1219 if (npackets == 0 || ntransmitted < npackets) 1220 pinger(); 1221 else { 1222 if (almost_done) 1223 break; 1224 almost_done = 1; 1225 /* 1226 * If we're not transmitting any more packets, 1227 * change the timer to wait two round-trip times 1228 * if we've received any packets or (waittime) 1229 * milliseconds if we haven't. 1230 */ 1231 intvl.tv_nsec = 0; 1232 if (nreceived) { 1233 intvl.tv_sec = 2 * tmax / 1000; 1234 if (intvl.tv_sec == 0) 1235 intvl.tv_sec = 1; 1236 } else { 1237 intvl.tv_sec = waittime / 1000; 1238 intvl.tv_nsec = 1239 waittime % 1000 * 1000000; 1240 } 1241 } 1242 clock_gettime(CLOCK_MONOTONIC, &last); 1243 if (ntransmitted - nreceived - 1 > nmissedmax) { 1244 nmissedmax = ntransmitted - nreceived - 1; 1245 if (options & F_MISSED) { 1246 (void)putc(BBELL, stdout); 1247 (void)fflush(stdout); 1248 } 1249 } 1250 } 1251 } 1252 sigemptyset(&si_sa.sa_mask); 1253 si_sa.sa_flags = 0; 1254 si_sa.sa_handler = SIG_IGN; 1255 sigaction(SIGINT, &si_sa, 0); 1256 sigaction(SIGALRM, &si_sa, 0); 1257 pr_summary(stdout); 1258 1259 if(packet != NULL) 1260 free(packet); 1261 1262 if (nreceived > 0) 1263 exit(0); 1264 else if (ntransmitted > ntransmitfailures) 1265 exit(2); 1266 else 1267 exit(EX_OSERR); 1268 } 1269 1270 /* 1271 * pinger -- 1272 * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet 1273 * will be added on by the kernel. The ID field is our UNIX process ID, 1274 * and the sequence number is an ascending integer. The first 8 bytes 1275 * of the data portion are used to hold a UNIX "timespec" struct in VAX 1276 * byte-order, to compute the round-trip time. 1277 */ 1278 static size_t 1279 pingerlen(void) 1280 { 1281 size_t l; 1282 1283 if (options & F_FQDN) 1284 l = ICMP6_NIQLEN + sizeof(dst.sin6_addr); 1285 else if (options & F_FQDNOLD) 1286 l = ICMP6_NIQLEN; 1287 else if (options & F_NODEADDR) 1288 l = ICMP6_NIQLEN + sizeof(dst.sin6_addr); 1289 else if (options & F_SUPTYPES) 1290 l = ICMP6_NIQLEN; 1291 else 1292 l = ICMP6ECHOLEN + datalen; 1293 1294 return l; 1295 } 1296 1297 static int 1298 pinger(void) 1299 { 1300 struct icmp6_hdr *icp; 1301 struct iovec iov[2]; 1302 int i, cc; 1303 struct icmp6_nodeinfo *nip; 1304 uint16_t seq; 1305 1306 if (npackets && ntransmitted >= npackets) 1307 return(-1); /* no more transmission */ 1308 1309 icp = (struct icmp6_hdr *)outpack; 1310 nip = (struct icmp6_nodeinfo *)outpack; 1311 memset(icp, 0, sizeof(*icp)); 1312 icp->icmp6_cksum = 0; 1313 seq = ntransmitted++; 1314 CLR(seq % mx_dup_ck); 1315 1316 if (options & F_FQDN) { 1317 uint16_t s; 1318 1319 icp->icmp6_type = ICMP6_NI_QUERY; 1320 icp->icmp6_code = ICMP6_NI_SUBJ_IPV6; 1321 nip->ni_qtype = htons(NI_QTYPE_FQDN); 1322 nip->ni_flags = htons(0); 1323 1324 memcpy(nip->icmp6_ni_nonce, nonce, 1325 sizeof(nip->icmp6_ni_nonce)); 1326 s = htons(seq); 1327 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); 1328 1329 memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr, 1330 sizeof(dst.sin6_addr)); 1331 cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr); 1332 datalen = 0; 1333 } else if (options & F_FQDNOLD) { 1334 uint16_t s; 1335 /* packet format in 03 draft - no Subject data on queries */ 1336 icp->icmp6_type = ICMP6_NI_QUERY; 1337 icp->icmp6_code = 0; /* code field is always 0 */ 1338 nip->ni_qtype = htons(NI_QTYPE_FQDN); 1339 nip->ni_flags = htons(0); 1340 1341 memcpy(nip->icmp6_ni_nonce, nonce, 1342 sizeof(nip->icmp6_ni_nonce)); 1343 s = htons(seq); 1344 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); 1345 1346 cc = ICMP6_NIQLEN; 1347 datalen = 0; 1348 } else if (options & F_NODEADDR) { 1349 uint16_t s; 1350 1351 icp->icmp6_type = ICMP6_NI_QUERY; 1352 icp->icmp6_code = ICMP6_NI_SUBJ_IPV6; 1353 nip->ni_qtype = htons(NI_QTYPE_NODEADDR); 1354 nip->ni_flags = naflags; 1355 1356 memcpy(nip->icmp6_ni_nonce, nonce, 1357 sizeof(nip->icmp6_ni_nonce)); 1358 s = htons(seq); 1359 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); 1360 1361 memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr, 1362 sizeof(dst.sin6_addr)); 1363 cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr); 1364 datalen = 0; 1365 } else if (options & F_SUPTYPES) { 1366 uint16_t s; 1367 1368 icp->icmp6_type = ICMP6_NI_QUERY; 1369 icp->icmp6_code = ICMP6_NI_SUBJ_FQDN; /*empty*/ 1370 nip->ni_qtype = htons(NI_QTYPE_SUPTYPES); 1371 /* we support compressed bitmap */ 1372 nip->ni_flags = NI_SUPTYPE_FLAG_COMPRESS; 1373 1374 memcpy(nip->icmp6_ni_nonce, nonce, 1375 sizeof(nip->icmp6_ni_nonce)); 1376 s = htons(seq); 1377 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); 1378 1379 cc = ICMP6_NIQLEN; 1380 datalen = 0; 1381 } else { 1382 icp->icmp6_type = ICMP6_ECHO_REQUEST; 1383 icp->icmp6_code = 0; 1384 icp->icmp6_id = htons(ident); 1385 icp->icmp6_seq = htons(seq); 1386 if (timing) { 1387 struct timespec tv; 1388 struct tv32 tv32; 1389 (void)clock_gettime(CLOCK_MONOTONIC, &tv); 1390 /* 1391 * Truncate seconds down to 32 bits in order 1392 * to fit the timestamp within 8 bytes of the 1393 * packet. We're only concerned with 1394 * durations, not absolute times. 1395 */ 1396 tv32.tv32_sec = (uint32_t)htonl(tv.tv_sec); 1397 tv32.tv32_nsec = (uint32_t)htonl(tv.tv_nsec); 1398 memcpy(&outpack[ICMP6ECHOLEN], &tv32, sizeof(tv32)); 1399 } 1400 cc = ICMP6ECHOLEN + datalen; 1401 } 1402 1403 #ifdef DIAGNOSTIC 1404 if (pingerlen() != cc) 1405 errx(1, "internal error; length mismatch"); 1406 #endif 1407 1408 memset(&iov, 0, sizeof(iov)); 1409 iov[0].iov_base = (caddr_t)outpack; 1410 iov[0].iov_len = cc; 1411 smsghdr.msg_iov = iov; 1412 smsghdr.msg_iovlen = 1; 1413 1414 i = sendmsg(ssend, &smsghdr, 0); 1415 1416 if (i < 0 || i != cc) { 1417 if (i < 0) { 1418 ntransmitfailures++; 1419 warn("sendmsg"); 1420 } 1421 (void)printf("ping: wrote %s %d chars, ret=%d\n", 1422 hostname, cc, i); 1423 } 1424 if (!(options & F_QUIET) && options & F_DOT) { 1425 (void)putc(DOT[DOTidx++ % DOTlen], stdout); 1426 (void)fflush(stdout); 1427 } 1428 1429 return(0); 1430 } 1431 1432 static int 1433 myechoreply(const struct icmp6_hdr *icp) 1434 { 1435 if (ntohs(icp->icmp6_id) == ident) 1436 return 1; 1437 else 1438 return 0; 1439 } 1440 1441 static int 1442 mynireply(const struct icmp6_nodeinfo *nip) 1443 { 1444 if (memcmp(nip->icmp6_ni_nonce + sizeof(u_int16_t), 1445 nonce + sizeof(u_int16_t), 1446 sizeof(nonce) - sizeof(u_int16_t)) == 0) 1447 return 1; 1448 else 1449 return 0; 1450 } 1451 1452 /* 1453 * Decode a name from a DNS message. 1454 * 1455 * Format of the message is described in RFC 1035 subsection 4.1.4. 1456 * 1457 * Arguments: 1458 * sp - Pointer to a DNS pointer octet or to the first octet of a label 1459 * in the message. 1460 * ep - Pointer to the end of the message (one step past the last octet). 1461 * base - Pointer to the beginning of the message. 1462 * buf - Buffer into which the decoded name will be saved. 1463 * bufsiz - Size of the buffer 'buf'. 1464 * 1465 * Return value: 1466 * Pointer to an octet immediately following the ending zero octet 1467 * of the decoded label, or NULL if an error occurred. 1468 */ 1469 static const char * 1470 dnsdecode(const u_char *sp, const u_char *ep, const u_char *base, char *buf, 1471 size_t bufsiz) 1472 { 1473 int i; 1474 const u_char *cp; 1475 char cresult[MAXDNAME + 1]; 1476 const u_char *comp; 1477 int l; 1478 1479 cp = sp; 1480 *buf = '\0'; 1481 1482 if (cp >= ep) 1483 return NULL; 1484 while (cp < ep) { 1485 i = *cp; 1486 if (i == 0 || cp != sp) { 1487 if (strlcat((char *)buf, ".", bufsiz) >= bufsiz) 1488 return NULL; /*result overrun*/ 1489 } 1490 if (i == 0) 1491 break; 1492 cp++; 1493 1494 if ((i & 0xc0) == 0xc0 && cp - base > (i & 0x3f)) { 1495 /* DNS compression */ 1496 if (!base) 1497 return NULL; 1498 1499 comp = base + (i & 0x3f); 1500 if (dnsdecode(comp, cp, base, cresult, 1501 sizeof(cresult)) == NULL) 1502 return NULL; 1503 if (strlcat(buf, cresult, bufsiz) >= bufsiz) 1504 return NULL; /*result overrun*/ 1505 break; 1506 } else if ((i & 0x3f) == i) { 1507 if (i > ep - cp) 1508 return NULL; /*source overrun*/ 1509 while (i-- > 0 && cp < ep) { 1510 l = snprintf(cresult, sizeof(cresult), 1511 isprint(*cp) ? "%c" : "\\%03o", *cp & 0xff); 1512 if ((size_t)l >= sizeof(cresult) || l < 0) 1513 return NULL; 1514 if (strlcat(buf, cresult, bufsiz) >= bufsiz) 1515 return NULL; /*result overrun*/ 1516 cp++; 1517 } 1518 } else 1519 return NULL; /*invalid label*/ 1520 } 1521 if (i != 0) 1522 return NULL; /*not terminated*/ 1523 cp++; 1524 return cp; 1525 } 1526 1527 /* 1528 * pr_pack -- 1529 * Print out the packet, if it came from us. This logic is necessary 1530 * because ALL readers of the ICMP socket get a copy of ALL ICMP packets 1531 * which arrive ('tis only fair). This permits multiple copies of this 1532 * program to be run without having intermingled output (or statistics!). 1533 */ 1534 static void 1535 pr_pack(u_char *buf, int cc, struct msghdr *mhdr) 1536 { 1537 #define safeputc(c) printf((isprint((c)) ? "%c" : "\\%03o"), c) 1538 struct icmp6_hdr *icp; 1539 struct icmp6_nodeinfo *ni; 1540 int i; 1541 int hoplim; 1542 struct sockaddr *from; 1543 int fromlen; 1544 const u_char *cp = NULL; 1545 u_char *dp, *end = buf + cc; 1546 struct in6_pktinfo *pktinfo = NULL; 1547 struct timespec tv, tp; 1548 struct tv32 tpp; 1549 double triptime = 0; 1550 int dupflag; 1551 size_t off; 1552 int oldfqdn; 1553 u_int16_t seq; 1554 char dnsname[MAXDNAME + 1]; 1555 1556 (void)clock_gettime(CLOCK_MONOTONIC, &tv); 1557 1558 if (!mhdr || !mhdr->msg_name || 1559 mhdr->msg_namelen != sizeof(struct sockaddr_in6) || 1560 ((struct sockaddr *)mhdr->msg_name)->sa_family != AF_INET6) { 1561 if (options & F_VERBOSE) 1562 warnx("invalid peername"); 1563 return; 1564 } 1565 from = (struct sockaddr *)mhdr->msg_name; 1566 fromlen = mhdr->msg_namelen; 1567 if (cc < (int)sizeof(struct icmp6_hdr)) { 1568 if (options & F_VERBOSE) 1569 warnx("packet too short (%d bytes) from %s", cc, 1570 pr_addr(from, fromlen)); 1571 return; 1572 } 1573 if (((mhdr->msg_flags & MSG_CTRUNC) != 0) && 1574 (options & F_VERBOSE) != 0) 1575 warnx("some control data discarded, insufficient buffer size"); 1576 icp = (struct icmp6_hdr *)buf; 1577 ni = (struct icmp6_nodeinfo *)buf; 1578 off = 0; 1579 1580 if ((hoplim = get_hoplim(mhdr)) == -1) { 1581 warnx("failed to get receiving hop limit"); 1582 return; 1583 } 1584 if ((pktinfo = get_rcvpktinfo(mhdr)) == NULL) { 1585 warnx("failed to get receiving packet information"); 1586 return; 1587 } 1588 1589 if (icp->icmp6_type == ICMP6_ECHO_REPLY && myechoreply(icp)) { 1590 seq = ntohs(icp->icmp6_seq); 1591 ++nreceived; 1592 if (timing) { 1593 memcpy(&tpp, icp + 1, sizeof(tpp)); 1594 tp.tv_sec = ntohl(tpp.tv32_sec); 1595 tp.tv_nsec = ntohl(tpp.tv32_nsec); 1596 timespecsub(&tv, &tp, &tv); 1597 triptime = ((double)tv.tv_sec) * 1000.0 + 1598 ((double)tv.tv_nsec) / 1000000.0; 1599 tsum += triptime; 1600 tsumsq += triptime * triptime; 1601 if (triptime < tmin) 1602 tmin = triptime; 1603 if (triptime > tmax) 1604 tmax = triptime; 1605 } 1606 1607 if (TST(seq % mx_dup_ck)) { 1608 ++nrepeats; 1609 --nreceived; 1610 dupflag = 1; 1611 } else { 1612 SET(seq % mx_dup_ck); 1613 dupflag = 0; 1614 } 1615 1616 if (options & F_QUIET) 1617 return; 1618 1619 if (options & F_WAITTIME && triptime > waittime) { 1620 ++nrcvtimeout; 1621 return; 1622 } 1623 1624 if (options & F_DOT) { 1625 (void)putc(BSPACE, stdout); 1626 (void)fflush(stdout); 1627 } else { 1628 if (options & F_AUDIBLE) { 1629 (void)putc(BBELL, stdout); 1630 (void)fflush(stdout); 1631 } 1632 (void)printf("%d bytes from %s, icmp_seq=%u", cc, 1633 pr_addr(from, fromlen), seq); 1634 (void)printf(" hlim=%d", hoplim); 1635 if ((options & F_VERBOSE) != 0) { 1636 struct sockaddr_in6 dstsa; 1637 1638 memset(&dstsa, 0, sizeof(dstsa)); 1639 dstsa.sin6_family = AF_INET6; 1640 dstsa.sin6_len = sizeof(dstsa); 1641 dstsa.sin6_scope_id = pktinfo->ipi6_ifindex; 1642 dstsa.sin6_addr = pktinfo->ipi6_addr; 1643 (void)printf(" dst=%s", 1644 pr_addr((struct sockaddr *)&dstsa, 1645 sizeof(dstsa))); 1646 } 1647 if (timing) 1648 (void)printf(" time=%.3f ms", triptime); 1649 if (dupflag) 1650 (void)printf("(DUP!)"); 1651 /* check the data */ 1652 cp = buf + off + ICMP6ECHOLEN + ICMP6ECHOTMLEN; 1653 dp = outpack + ICMP6ECHOLEN + ICMP6ECHOTMLEN; 1654 for (i = 8; cp < end; ++i, ++cp, ++dp) { 1655 if (*cp != *dp) { 1656 (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", i, *dp, *cp); 1657 break; 1658 } 1659 } 1660 } 1661 } else if (icp->icmp6_type == ICMP6_NI_REPLY && mynireply(ni)) { 1662 memcpy(&seq, ni->icmp6_ni_nonce, sizeof(seq)); 1663 seq = ntohs(seq); 1664 ++nreceived; 1665 if (TST(seq % mx_dup_ck)) { 1666 ++nrepeats; 1667 --nreceived; 1668 dupflag = 1; 1669 } else { 1670 SET(seq % mx_dup_ck); 1671 dupflag = 0; 1672 } 1673 1674 if (options & F_QUIET) 1675 return; 1676 1677 (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen)); 1678 1679 switch (ntohs(ni->ni_code)) { 1680 case ICMP6_NI_SUCCESS: 1681 break; 1682 case ICMP6_NI_REFUSED: 1683 printf("refused, type 0x%x", ntohs(ni->ni_type)); 1684 goto fqdnend; 1685 case ICMP6_NI_UNKNOWN: 1686 printf("unknown, type 0x%x", ntohs(ni->ni_type)); 1687 goto fqdnend; 1688 default: 1689 printf("unknown code 0x%x, type 0x%x", 1690 ntohs(ni->ni_code), ntohs(ni->ni_type)); 1691 goto fqdnend; 1692 } 1693 1694 switch (ntohs(ni->ni_qtype)) { 1695 case NI_QTYPE_NOOP: 1696 printf("NodeInfo NOOP"); 1697 break; 1698 case NI_QTYPE_SUPTYPES: 1699 pr_suptypes(ni, end - (u_char *)ni); 1700 break; 1701 case NI_QTYPE_NODEADDR: 1702 pr_nodeaddr(ni, end - (u_char *)ni); 1703 break; 1704 case NI_QTYPE_FQDN: 1705 default: /* XXX: for backward compatibility */ 1706 cp = (u_char *)ni + ICMP6_NIRLEN; 1707 if (buf[off + ICMP6_NIRLEN] == 1708 cc - off - ICMP6_NIRLEN - 1) 1709 oldfqdn = 1; 1710 else 1711 oldfqdn = 0; 1712 if (oldfqdn) { 1713 cp++; /* skip length */ 1714 while (cp < end) { 1715 safeputc(*cp & 0xff); 1716 cp++; 1717 } 1718 } else { 1719 i = 0; 1720 while (cp < end) { 1721 cp = dnsdecode((const u_char *)cp, end, 1722 (const u_char *)(ni + 1), dnsname, 1723 sizeof(dnsname)); 1724 if (cp == NULL) { 1725 printf("???"); 1726 break; 1727 } 1728 /* 1729 * name-lookup special handling for 1730 * truncated name 1731 */ 1732 if (cp + 1 <= end && !*cp && 1733 strlen(dnsname) > 0) { 1734 dnsname[strlen(dnsname) - 1] = '\0'; 1735 cp++; 1736 } 1737 printf("%s%s", i > 0 ? "," : "", 1738 dnsname); 1739 } 1740 } 1741 if (options & F_VERBOSE) { 1742 u_long t; 1743 int32_t ttl; 1744 int comma = 0; 1745 1746 (void)printf(" ("); /*)*/ 1747 1748 switch (ni->ni_code) { 1749 case ICMP6_NI_REFUSED: 1750 (void)printf("refused"); 1751 comma++; 1752 break; 1753 case ICMP6_NI_UNKNOWN: 1754 (void)printf("unknown qtype"); 1755 comma++; 1756 break; 1757 } 1758 1759 if ((end - (u_char *)ni) < ICMP6_NIRLEN) { 1760 /* case of refusion, unknown */ 1761 /*(*/ 1762 putchar(')'); 1763 goto fqdnend; 1764 } 1765 memcpy(&t, &buf[off+ICMP6ECHOLEN+8], sizeof(t)); 1766 ttl = (int32_t)ntohl(t); 1767 if (comma) 1768 printf(","); 1769 if (!(ni->ni_flags & NI_FQDN_FLAG_VALIDTTL)) { 1770 (void)printf("TTL=%d:meaningless", 1771 (int)ttl); 1772 } else { 1773 if (ttl < 0) { 1774 (void)printf("TTL=%d:invalid", 1775 ttl); 1776 } else 1777 (void)printf("TTL=%d", ttl); 1778 } 1779 comma++; 1780 1781 if (oldfqdn) { 1782 if (comma) 1783 printf(","); 1784 printf("03 draft"); 1785 comma++; 1786 } else { 1787 cp = (u_char *)ni + ICMP6_NIRLEN; 1788 if (cp == end) { 1789 if (comma) 1790 printf(","); 1791 printf("no name"); 1792 comma++; 1793 } 1794 } 1795 1796 if (buf[off + ICMP6_NIRLEN] != 1797 cc - off - ICMP6_NIRLEN - 1 && oldfqdn) { 1798 if (comma) 1799 printf(","); 1800 (void)printf("invalid namelen:%d/%lu", 1801 buf[off + ICMP6_NIRLEN], 1802 (u_long)cc - off - ICMP6_NIRLEN - 1); 1803 comma++; 1804 } 1805 /*(*/ 1806 putchar(')'); 1807 } 1808 fqdnend: 1809 ; 1810 } 1811 } else { 1812 /* We've got something other than an ECHOREPLY */ 1813 if (!(options & F_VERBOSE)) 1814 return; 1815 (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen)); 1816 pr_icmph(icp, end); 1817 } 1818 1819 if (!(options & F_DOT)) { 1820 (void)putc('\n', stdout); 1821 if (options & F_VERBOSE) 1822 pr_exthdrs(mhdr); 1823 (void)fflush(stdout); 1824 } 1825 #undef safeputc 1826 } 1827 1828 static void 1829 pr_exthdrs(struct msghdr *mhdr) 1830 { 1831 ssize_t bufsize; 1832 void *bufp; 1833 struct cmsghdr *cm; 1834 1835 bufsize = 0; 1836 bufp = mhdr->msg_control; 1837 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; 1838 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { 1839 if (cm->cmsg_level != IPPROTO_IPV6) 1840 continue; 1841 1842 bufsize = CONTROLLEN - ((caddr_t)CMSG_DATA(cm) - (caddr_t)bufp); 1843 if (bufsize <= 0) 1844 continue; 1845 switch (cm->cmsg_type) { 1846 case IPV6_HOPOPTS: 1847 printf(" HbH Options: "); 1848 pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize); 1849 break; 1850 case IPV6_DSTOPTS: 1851 #ifdef IPV6_RTHDRDSTOPTS 1852 case IPV6_RTHDRDSTOPTS: 1853 #endif 1854 printf(" Dst Options: "); 1855 pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize); 1856 break; 1857 case IPV6_RTHDR: 1858 printf(" Routing: "); 1859 pr_rthdr(CMSG_DATA(cm), (size_t)bufsize); 1860 break; 1861 } 1862 } 1863 } 1864 1865 static void 1866 pr_ip6opt(void *extbuf, size_t bufsize) 1867 { 1868 struct ip6_hbh *ext; 1869 int currentlen; 1870 u_int8_t type; 1871 socklen_t extlen, len; 1872 void *databuf; 1873 size_t offset; 1874 u_int16_t value2; 1875 u_int32_t value4; 1876 1877 ext = (struct ip6_hbh *)extbuf; 1878 extlen = (ext->ip6h_len + 1) * 8; 1879 printf("nxt %u, len %u (%lu bytes)\n", ext->ip6h_nxt, 1880 (unsigned int)ext->ip6h_len, (unsigned long)extlen); 1881 1882 /* 1883 * Bounds checking on the ancillary data buffer: 1884 * subtract the size of a cmsg structure from the buffer size. 1885 */ 1886 if (bufsize < (extlen + CMSG_SPACE(0))) { 1887 extlen = bufsize - CMSG_SPACE(0); 1888 warnx("options truncated, showing only %u (total=%u)", 1889 (unsigned int)(extlen / 8 - 1), 1890 (unsigned int)(ext->ip6h_len)); 1891 } 1892 1893 currentlen = 0; 1894 while (1) { 1895 currentlen = inet6_opt_next(extbuf, extlen, currentlen, 1896 &type, &len, &databuf); 1897 if (currentlen == -1) 1898 break; 1899 switch (type) { 1900 /* 1901 * Note that inet6_opt_next automatically skips any padding 1902 * optins. 1903 */ 1904 case IP6OPT_JUMBO: 1905 offset = 0; 1906 offset = inet6_opt_get_val(databuf, offset, 1907 &value4, sizeof(value4)); 1908 printf(" Jumbo Payload Opt: Length %u\n", 1909 (u_int32_t)ntohl(value4)); 1910 break; 1911 case IP6OPT_ROUTER_ALERT: 1912 offset = 0; 1913 offset = inet6_opt_get_val(databuf, offset, 1914 &value2, sizeof(value2)); 1915 printf(" Router Alert Opt: Type %u\n", 1916 ntohs(value2)); 1917 break; 1918 default: 1919 printf(" Received Opt %u len %lu\n", 1920 type, (unsigned long)len); 1921 break; 1922 } 1923 } 1924 return; 1925 } 1926 1927 static void 1928 pr_rthdr(void *extbuf, size_t bufsize) 1929 { 1930 struct in6_addr *in6; 1931 char ntopbuf[INET6_ADDRSTRLEN]; 1932 struct ip6_rthdr *rh = (struct ip6_rthdr *)extbuf; 1933 int i, segments, origsegs, rthsize, size0, size1; 1934 1935 /* print fixed part of the header */ 1936 printf("nxt %u, len %u (%d bytes), type %u, ", rh->ip6r_nxt, 1937 rh->ip6r_len, (rh->ip6r_len + 1) << 3, rh->ip6r_type); 1938 if ((segments = inet6_rth_segments(extbuf)) >= 0) { 1939 printf("%d segments, ", segments); 1940 printf("%d left\n", rh->ip6r_segleft); 1941 } else { 1942 printf("segments unknown, "); 1943 printf("%d left\n", rh->ip6r_segleft); 1944 return; 1945 } 1946 1947 /* 1948 * Bounds checking on the ancillary data buffer. When calculating 1949 * the number of items to show keep in mind: 1950 * - The size of the cmsg structure 1951 * - The size of one segment (the size of a Type 0 routing header) 1952 * - When dividing add a fudge factor of one in case the 1953 * dividend is not evenly divisible by the divisor 1954 */ 1955 rthsize = (rh->ip6r_len + 1) * 8; 1956 if (bufsize < (rthsize + CMSG_SPACE(0))) { 1957 origsegs = segments; 1958 size0 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 0); 1959 size1 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 1); 1960 segments -= (rthsize - (bufsize - CMSG_SPACE(0))) / 1961 (size1 - size0) + 1; 1962 warnx("segments truncated, showing only %d (total=%d)", 1963 segments, origsegs); 1964 } 1965 1966 for (i = 0; i < segments; i++) { 1967 in6 = inet6_rth_getaddr(extbuf, i); 1968 if (in6 == NULL) 1969 printf(" [%d]<NULL>\n", i); 1970 else { 1971 if (!inet_ntop(AF_INET6, in6, ntopbuf, 1972 sizeof(ntopbuf))) 1973 strlcpy(ntopbuf, "?", sizeof(ntopbuf)); 1974 printf(" [%d]%s\n", i, ntopbuf); 1975 } 1976 } 1977 1978 return; 1979 1980 } 1981 1982 static int 1983 pr_bitrange(u_int32_t v, int soff, int ii) 1984 { 1985 int off; 1986 int i; 1987 1988 off = 0; 1989 while (off < 32) { 1990 /* shift till we have 0x01 */ 1991 if ((v & 0x01) == 0) { 1992 if (ii > 1) 1993 printf("-%u", soff + off - 1); 1994 ii = 0; 1995 switch (v & 0x0f) { 1996 case 0x00: 1997 v >>= 4; 1998 off += 4; 1999 continue; 2000 case 0x08: 2001 v >>= 3; 2002 off += 3; 2003 continue; 2004 case 0x04: case 0x0c: 2005 v >>= 2; 2006 off += 2; 2007 continue; 2008 default: 2009 v >>= 1; 2010 off += 1; 2011 continue; 2012 } 2013 } 2014 2015 /* we have 0x01 with us */ 2016 for (i = 0; i < 32 - off; i++) { 2017 if ((v & (0x01 << i)) == 0) 2018 break; 2019 } 2020 if (!ii) 2021 printf(" %u", soff + off); 2022 ii += i; 2023 v >>= i; off += i; 2024 } 2025 return ii; 2026 } 2027 2028 static void 2029 pr_suptypes(struct icmp6_nodeinfo *ni, size_t nilen) 2030 /* ni->qtype must be SUPTYPES */ 2031 { 2032 size_t clen; 2033 u_int32_t v; 2034 const u_char *cp, *end; 2035 u_int16_t cur; 2036 struct cbit { 2037 u_int16_t words; /*32bit count*/ 2038 u_int16_t skip; 2039 } cbit; 2040 #define MAXQTYPES (1 << 16) 2041 size_t off; 2042 int b; 2043 2044 cp = (u_char *)(ni + 1); 2045 end = ((u_char *)ni) + nilen; 2046 cur = 0; 2047 b = 0; 2048 2049 printf("NodeInfo Supported Qtypes"); 2050 if (options & F_VERBOSE) { 2051 if (ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) 2052 printf(", compressed bitmap"); 2053 else 2054 printf(", raw bitmap"); 2055 } 2056 2057 while (cp < end) { 2058 clen = (size_t)(end - cp); 2059 if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) == 0) { 2060 if (clen == 0 || clen > MAXQTYPES / 8 || 2061 clen % sizeof(v)) { 2062 printf("???"); 2063 return; 2064 } 2065 } else { 2066 if (clen < sizeof(cbit) || clen % sizeof(v)) 2067 return; 2068 memcpy(&cbit, cp, sizeof(cbit)); 2069 if (sizeof(cbit) + ntohs(cbit.words) * sizeof(v) > 2070 clen) 2071 return; 2072 cp += sizeof(cbit); 2073 clen = ntohs(cbit.words) * sizeof(v); 2074 if (cur + clen * 8 + (u_long)ntohs(cbit.skip) * 32 > 2075 MAXQTYPES) 2076 return; 2077 } 2078 2079 for (off = 0; off < clen; off += sizeof(v)) { 2080 memcpy(&v, cp + off, sizeof(v)); 2081 v = (u_int32_t)ntohl(v); 2082 b = pr_bitrange(v, (int)(cur + off * 8), b); 2083 } 2084 /* flush the remaining bits */ 2085 b = pr_bitrange(0, (int)(cur + off * 8), b); 2086 2087 cp += clen; 2088 cur += clen * 8; 2089 if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) != 0) 2090 cur += ntohs(cbit.skip) * 32; 2091 } 2092 } 2093 2094 static void 2095 pr_nodeaddr(struct icmp6_nodeinfo *ni, int nilen) 2096 /* ni->qtype must be NODEADDR */ 2097 { 2098 u_char *cp = (u_char *)(ni + 1); 2099 char ntop_buf[INET6_ADDRSTRLEN]; 2100 int withttl = 0; 2101 2102 nilen -= sizeof(struct icmp6_nodeinfo); 2103 2104 if (options & F_VERBOSE) { 2105 switch (ni->ni_code) { 2106 case ICMP6_NI_REFUSED: 2107 (void)printf("refused"); 2108 break; 2109 case ICMP6_NI_UNKNOWN: 2110 (void)printf("unknown qtype"); 2111 break; 2112 } 2113 if (ni->ni_flags & NI_NODEADDR_FLAG_TRUNCATE) 2114 (void)printf(" truncated"); 2115 } 2116 putchar('\n'); 2117 if (nilen <= 0) 2118 printf(" no address\n"); 2119 2120 /* 2121 * In icmp-name-lookups 05 and later, TTL of each returned address 2122 * is contained in the response. We try to detect the version 2123 * by the length of the data, but note that the detection algorithm 2124 * is incomplete. We assume the latest draft by default. 2125 */ 2126 if (nilen % (sizeof(u_int32_t) + sizeof(struct in6_addr)) == 0) 2127 withttl = 1; 2128 while (nilen > 0) { 2129 u_int32_t ttl = 0; 2130 2131 if (withttl) { 2132 uint32_t t; 2133 2134 memcpy(&t, cp, sizeof(t)); 2135 ttl = (u_int32_t)ntohl(t); 2136 cp += sizeof(u_int32_t); 2137 nilen -= sizeof(u_int32_t); 2138 } 2139 2140 if (inet_ntop(AF_INET6, cp, ntop_buf, sizeof(ntop_buf)) == 2141 NULL) 2142 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2143 printf(" %s", ntop_buf); 2144 if (withttl) { 2145 if (ttl == 0xffffffff) { 2146 /* 2147 * XXX: can this convention be applied to all 2148 * type of TTL (i.e. non-ND TTL)? 2149 */ 2150 printf("(TTL=infty)"); 2151 } 2152 else 2153 printf("(TTL=%u)", ttl); 2154 } 2155 putchar('\n'); 2156 2157 nilen -= sizeof(struct in6_addr); 2158 cp += sizeof(struct in6_addr); 2159 } 2160 } 2161 2162 static int 2163 get_hoplim(struct msghdr *mhdr) 2164 { 2165 struct cmsghdr *cm; 2166 2167 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; 2168 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { 2169 if (cm->cmsg_len == 0) 2170 return(-1); 2171 2172 if (cm->cmsg_level == IPPROTO_IPV6 && 2173 cm->cmsg_type == IPV6_HOPLIMIT && 2174 cm->cmsg_len == CMSG_LEN(sizeof(int))) { 2175 int r; 2176 2177 memcpy(&r, CMSG_DATA(cm), sizeof(r)); 2178 return(r); 2179 } 2180 } 2181 2182 return(-1); 2183 } 2184 2185 static struct in6_pktinfo * 2186 get_rcvpktinfo(struct msghdr *mhdr) 2187 { 2188 static struct in6_pktinfo pi; 2189 struct cmsghdr *cm; 2190 2191 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; 2192 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { 2193 if (cm->cmsg_len == 0) 2194 return(NULL); 2195 2196 if (cm->cmsg_level == IPPROTO_IPV6 && 2197 cm->cmsg_type == IPV6_PKTINFO && 2198 cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) { 2199 memcpy(&pi, CMSG_DATA(cm), sizeof(pi)); 2200 return(&pi); 2201 } 2202 } 2203 2204 return(NULL); 2205 } 2206 2207 static int 2208 get_pathmtu(struct msghdr *mhdr) 2209 { 2210 #ifdef IPV6_RECVPATHMTU 2211 struct cmsghdr *cm; 2212 struct ip6_mtuinfo mtuctl; 2213 2214 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; 2215 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { 2216 if (cm->cmsg_len == 0) 2217 return(0); 2218 2219 if (cm->cmsg_level == IPPROTO_IPV6 && 2220 cm->cmsg_type == IPV6_PATHMTU && 2221 cm->cmsg_len == CMSG_LEN(sizeof(struct ip6_mtuinfo))) { 2222 memcpy(&mtuctl, CMSG_DATA(cm), sizeof(mtuctl)); 2223 2224 /* 2225 * If the notified destination is different from 2226 * the one we are pinging, just ignore the info. 2227 * We check the scope ID only when both notified value 2228 * and our own value have non-0 values, because we may 2229 * have used the default scope zone ID for sending, 2230 * in which case the scope ID value is 0. 2231 */ 2232 if (!IN6_ARE_ADDR_EQUAL(&mtuctl.ip6m_addr.sin6_addr, 2233 &dst.sin6_addr) || 2234 (mtuctl.ip6m_addr.sin6_scope_id && 2235 dst.sin6_scope_id && 2236 mtuctl.ip6m_addr.sin6_scope_id != 2237 dst.sin6_scope_id)) { 2238 if ((options & F_VERBOSE) != 0) { 2239 printf("path MTU for %s is notified. " 2240 "(ignored)\n", 2241 pr_addr((struct sockaddr *)&mtuctl.ip6m_addr, 2242 sizeof(mtuctl.ip6m_addr))); 2243 } 2244 return(0); 2245 } 2246 2247 /* 2248 * Ignore an invalid MTU. XXX: can we just believe 2249 * the kernel check? 2250 */ 2251 if (mtuctl.ip6m_mtu < IPV6_MMTU) 2252 return(0); 2253 2254 /* notification for our destination. return the MTU. */ 2255 return((int)mtuctl.ip6m_mtu); 2256 } 2257 } 2258 #endif 2259 return(0); 2260 } 2261 2262 /*subject type*/ 2263 static const char *niqcode[] = { 2264 "IPv6 address", 2265 "DNS label", /*or empty*/ 2266 "IPv4 address", 2267 }; 2268 2269 /*result code*/ 2270 static const char *nircode[] = { 2271 "Success", "Refused", "Unknown", 2272 }; 2273 2274 2275 /* 2276 * pr_icmph -- 2277 * Print a descriptive string about an ICMP header. 2278 */ 2279 static void 2280 pr_icmph(struct icmp6_hdr *icp, u_char *end) 2281 { 2282 char ntop_buf[INET6_ADDRSTRLEN]; 2283 struct nd_redirect *red; 2284 struct icmp6_nodeinfo *ni; 2285 char dnsname[MAXDNAME + 1]; 2286 const u_char *cp; 2287 size_t l; 2288 2289 switch (icp->icmp6_type) { 2290 case ICMP6_DST_UNREACH: 2291 switch (icp->icmp6_code) { 2292 case ICMP6_DST_UNREACH_NOROUTE: 2293 (void)printf("No Route to Destination\n"); 2294 break; 2295 case ICMP6_DST_UNREACH_ADMIN: 2296 (void)printf("Destination Administratively " 2297 "Unreachable\n"); 2298 break; 2299 case ICMP6_DST_UNREACH_BEYONDSCOPE: 2300 (void)printf("Destination Unreachable Beyond Scope\n"); 2301 break; 2302 case ICMP6_DST_UNREACH_ADDR: 2303 (void)printf("Destination Host Unreachable\n"); 2304 break; 2305 case ICMP6_DST_UNREACH_NOPORT: 2306 (void)printf("Destination Port Unreachable\n"); 2307 break; 2308 default: 2309 (void)printf("Destination Unreachable, Bad Code: %d\n", 2310 icp->icmp6_code); 2311 break; 2312 } 2313 /* Print returned IP header information */ 2314 pr_retip((struct ip6_hdr *)(icp + 1), end); 2315 break; 2316 case ICMP6_PACKET_TOO_BIG: 2317 (void)printf("Packet too big mtu = %d\n", 2318 (int)ntohl(icp->icmp6_mtu)); 2319 pr_retip((struct ip6_hdr *)(icp + 1), end); 2320 break; 2321 case ICMP6_TIME_EXCEEDED: 2322 switch (icp->icmp6_code) { 2323 case ICMP6_TIME_EXCEED_TRANSIT: 2324 (void)printf("Time to live exceeded\n"); 2325 break; 2326 case ICMP6_TIME_EXCEED_REASSEMBLY: 2327 (void)printf("Frag reassembly time exceeded\n"); 2328 break; 2329 default: 2330 (void)printf("Time exceeded, Bad Code: %d\n", 2331 icp->icmp6_code); 2332 break; 2333 } 2334 pr_retip((struct ip6_hdr *)(icp + 1), end); 2335 break; 2336 case ICMP6_PARAM_PROB: 2337 (void)printf("Parameter problem: "); 2338 switch (icp->icmp6_code) { 2339 case ICMP6_PARAMPROB_HEADER: 2340 (void)printf("Erroneous Header "); 2341 break; 2342 case ICMP6_PARAMPROB_NEXTHEADER: 2343 (void)printf("Unknown Nextheader "); 2344 break; 2345 case ICMP6_PARAMPROB_OPTION: 2346 (void)printf("Unrecognized Option "); 2347 break; 2348 default: 2349 (void)printf("Bad code(%d) ", icp->icmp6_code); 2350 break; 2351 } 2352 (void)printf("pointer = 0x%02x\n", 2353 (u_int32_t)ntohl(icp->icmp6_pptr)); 2354 pr_retip((struct ip6_hdr *)(icp + 1), end); 2355 break; 2356 case ICMP6_ECHO_REQUEST: 2357 (void)printf("Echo Request"); 2358 /* XXX ID + Seq + Data */ 2359 break; 2360 case ICMP6_ECHO_REPLY: 2361 (void)printf("Echo Reply"); 2362 /* XXX ID + Seq + Data */ 2363 break; 2364 case ICMP6_MEMBERSHIP_QUERY: 2365 (void)printf("Listener Query"); 2366 break; 2367 case ICMP6_MEMBERSHIP_REPORT: 2368 (void)printf("Listener Report"); 2369 break; 2370 case ICMP6_MEMBERSHIP_REDUCTION: 2371 (void)printf("Listener Done"); 2372 break; 2373 case ND_ROUTER_SOLICIT: 2374 (void)printf("Router Solicitation"); 2375 break; 2376 case ND_ROUTER_ADVERT: 2377 (void)printf("Router Advertisement"); 2378 break; 2379 case ND_NEIGHBOR_SOLICIT: 2380 (void)printf("Neighbor Solicitation"); 2381 break; 2382 case ND_NEIGHBOR_ADVERT: 2383 (void)printf("Neighbor Advertisement"); 2384 break; 2385 case ND_REDIRECT: 2386 red = (struct nd_redirect *)icp; 2387 (void)printf("Redirect\n"); 2388 if (!inet_ntop(AF_INET6, &red->nd_rd_dst, ntop_buf, 2389 sizeof(ntop_buf))) 2390 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2391 (void)printf("Destination: %s", ntop_buf); 2392 if (!inet_ntop(AF_INET6, &red->nd_rd_target, ntop_buf, 2393 sizeof(ntop_buf))) 2394 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2395 (void)printf(" New Target: %s", ntop_buf); 2396 break; 2397 case ICMP6_NI_QUERY: 2398 (void)printf("Node Information Query"); 2399 /* XXX ID + Seq + Data */ 2400 ni = (struct icmp6_nodeinfo *)icp; 2401 l = end - (u_char *)(ni + 1); 2402 printf(", "); 2403 switch (ntohs(ni->ni_qtype)) { 2404 case NI_QTYPE_NOOP: 2405 (void)printf("NOOP"); 2406 break; 2407 case NI_QTYPE_SUPTYPES: 2408 (void)printf("Supported qtypes"); 2409 break; 2410 case NI_QTYPE_FQDN: 2411 (void)printf("DNS name"); 2412 break; 2413 case NI_QTYPE_NODEADDR: 2414 (void)printf("nodeaddr"); 2415 break; 2416 case NI_QTYPE_IPV4ADDR: 2417 (void)printf("IPv4 nodeaddr"); 2418 break; 2419 default: 2420 (void)printf("unknown qtype"); 2421 break; 2422 } 2423 if (options & F_VERBOSE) { 2424 switch (ni->ni_code) { 2425 case ICMP6_NI_SUBJ_IPV6: 2426 if (l == sizeof(struct in6_addr) && 2427 inet_ntop(AF_INET6, ni + 1, ntop_buf, 2428 sizeof(ntop_buf)) != NULL) { 2429 (void)printf(", subject=%s(%s)", 2430 niqcode[ni->ni_code], ntop_buf); 2431 } else { 2432 #if 1 2433 /* backward compat to -W */ 2434 (void)printf(", oldfqdn"); 2435 #else 2436 (void)printf(", invalid"); 2437 #endif 2438 } 2439 break; 2440 case ICMP6_NI_SUBJ_FQDN: 2441 if (end == (u_char *)(ni + 1)) { 2442 (void)printf(", no subject"); 2443 break; 2444 } 2445 printf(", subject=%s", niqcode[ni->ni_code]); 2446 cp = (const u_char *)(ni + 1); 2447 cp = dnsdecode(cp, end, NULL, dnsname, 2448 sizeof(dnsname)); 2449 if (cp != NULL) 2450 printf("(%s)", dnsname); 2451 else 2452 printf("(invalid)"); 2453 break; 2454 case ICMP6_NI_SUBJ_IPV4: 2455 if (l == sizeof(struct in_addr) && 2456 inet_ntop(AF_INET, ni + 1, ntop_buf, 2457 sizeof(ntop_buf)) != NULL) { 2458 (void)printf(", subject=%s(%s)", 2459 niqcode[ni->ni_code], ntop_buf); 2460 } else 2461 (void)printf(", invalid"); 2462 break; 2463 default: 2464 (void)printf(", invalid"); 2465 break; 2466 } 2467 } 2468 break; 2469 case ICMP6_NI_REPLY: 2470 (void)printf("Node Information Reply"); 2471 /* XXX ID + Seq + Data */ 2472 ni = (struct icmp6_nodeinfo *)icp; 2473 printf(", "); 2474 switch (ntohs(ni->ni_qtype)) { 2475 case NI_QTYPE_NOOP: 2476 (void)printf("NOOP"); 2477 break; 2478 case NI_QTYPE_SUPTYPES: 2479 (void)printf("Supported qtypes"); 2480 break; 2481 case NI_QTYPE_FQDN: 2482 (void)printf("DNS name"); 2483 break; 2484 case NI_QTYPE_NODEADDR: 2485 (void)printf("nodeaddr"); 2486 break; 2487 case NI_QTYPE_IPV4ADDR: 2488 (void)printf("IPv4 nodeaddr"); 2489 break; 2490 default: 2491 (void)printf("unknown qtype"); 2492 break; 2493 } 2494 if (options & F_VERBOSE) { 2495 if (ni->ni_code > nitems(nircode)) 2496 printf(", invalid"); 2497 else 2498 printf(", %s", nircode[ni->ni_code]); 2499 } 2500 break; 2501 default: 2502 (void)printf("Bad ICMP type: %d", icp->icmp6_type); 2503 } 2504 } 2505 2506 /* 2507 * pr_iph -- 2508 * Print an IP6 header. 2509 */ 2510 static void 2511 pr_iph(struct ip6_hdr *ip6) 2512 { 2513 u_int32_t flow = ip6->ip6_flow & IPV6_FLOWLABEL_MASK; 2514 u_int8_t tc; 2515 char ntop_buf[INET6_ADDRSTRLEN]; 2516 2517 tc = *(&ip6->ip6_vfc + 1); /* XXX */ 2518 tc = (tc >> 4) & 0x0f; 2519 tc |= (ip6->ip6_vfc << 4); 2520 2521 printf("Vr TC Flow Plen Nxt Hlim\n"); 2522 printf(" %1x %02x %05x %04x %02x %02x\n", 2523 (ip6->ip6_vfc & IPV6_VERSION_MASK) >> 4, tc, (u_int32_t)ntohl(flow), 2524 ntohs(ip6->ip6_plen), ip6->ip6_nxt, ip6->ip6_hlim); 2525 if (!inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf, sizeof(ntop_buf))) 2526 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2527 printf("%s->", ntop_buf); 2528 if (!inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf, sizeof(ntop_buf))) 2529 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2530 printf("%s\n", ntop_buf); 2531 } 2532 2533 /* 2534 * pr_addr -- 2535 * Return an ascii host address as a dotted quad and optionally with 2536 * a hostname. 2537 */ 2538 static const char * 2539 pr_addr(struct sockaddr *addr, int addrlen) 2540 { 2541 static char buf[NI_MAXHOST]; 2542 int flag = 0; 2543 2544 if (!(options & F_HOSTNAME)) 2545 flag |= NI_NUMERICHOST; 2546 2547 if (cap_getnameinfo(capdns, addr, addrlen, buf, sizeof(buf), NULL, 0, 2548 flag) == 0) 2549 return (buf); 2550 else 2551 return "?"; 2552 } 2553 2554 /* 2555 * pr_retip -- 2556 * Dump some info on a returned (via ICMPv6) IPv6 packet. 2557 */ 2558 static void 2559 pr_retip(struct ip6_hdr *ip6, u_char *end) 2560 { 2561 u_char *cp = (u_char *)ip6, nh; 2562 int hlen; 2563 2564 if ((size_t)(end - (u_char *)ip6) < sizeof(*ip6)) { 2565 printf("IP6"); 2566 goto trunc; 2567 } 2568 pr_iph(ip6); 2569 hlen = sizeof(*ip6); 2570 2571 nh = ip6->ip6_nxt; 2572 cp += hlen; 2573 while (end - cp >= 8) { 2574 #ifdef IPSEC 2575 struct ah ah; 2576 #endif 2577 2578 switch (nh) { 2579 case IPPROTO_HOPOPTS: 2580 printf("HBH "); 2581 hlen = (((struct ip6_hbh *)cp)->ip6h_len+1) << 3; 2582 nh = ((struct ip6_hbh *)cp)->ip6h_nxt; 2583 break; 2584 case IPPROTO_DSTOPTS: 2585 printf("DSTOPT "); 2586 hlen = (((struct ip6_dest *)cp)->ip6d_len+1) << 3; 2587 nh = ((struct ip6_dest *)cp)->ip6d_nxt; 2588 break; 2589 case IPPROTO_FRAGMENT: 2590 printf("FRAG "); 2591 hlen = sizeof(struct ip6_frag); 2592 nh = ((struct ip6_frag *)cp)->ip6f_nxt; 2593 break; 2594 case IPPROTO_ROUTING: 2595 printf("RTHDR "); 2596 hlen = (((struct ip6_rthdr *)cp)->ip6r_len+1) << 3; 2597 nh = ((struct ip6_rthdr *)cp)->ip6r_nxt; 2598 break; 2599 #ifdef IPSEC 2600 case IPPROTO_AH: 2601 printf("AH "); 2602 memcpy(&ah, cp, sizeof(ah)); 2603 hlen = (ah.ah_len+2) << 2; 2604 nh = ah.ah_nxt; 2605 break; 2606 #endif 2607 case IPPROTO_ICMPV6: 2608 printf("ICMP6: type = %d, code = %d\n", 2609 *cp, *(cp + 1)); 2610 return; 2611 case IPPROTO_ESP: 2612 printf("ESP\n"); 2613 return; 2614 case IPPROTO_TCP: 2615 printf("TCP: from port %u, to port %u (decimal)\n", 2616 (*cp * 256 + *(cp + 1)), 2617 (*(cp + 2) * 256 + *(cp + 3))); 2618 return; 2619 case IPPROTO_UDP: 2620 printf("UDP: from port %u, to port %u (decimal)\n", 2621 (*cp * 256 + *(cp + 1)), 2622 (*(cp + 2) * 256 + *(cp + 3))); 2623 return; 2624 default: 2625 printf("Unknown Header(%d)\n", nh); 2626 return; 2627 } 2628 2629 if ((cp += hlen) >= end) 2630 goto trunc; 2631 } 2632 if (end - cp < 8) 2633 goto trunc; 2634 2635 putchar('\n'); 2636 return; 2637 2638 trunc: 2639 printf("...\n"); 2640 return; 2641 } 2642 2643 static void 2644 fill(char *bp, size_t bplen, char *patp) 2645 { 2646 int ii, jj, kk; 2647 int pat[16]; 2648 char *cp; 2649 2650 for (cp = patp; *cp; cp++) 2651 if (!isxdigit(*cp)) 2652 errx(1, "patterns must be specified as hex digits"); 2653 ii = sscanf(patp, 2654 "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", 2655 &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], 2656 &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], 2657 &pat[13], &pat[14], &pat[15]); 2658 2659 if (ii > 0) { 2660 for (kk = 0; (size_t)kk + ii <= bplen; kk += ii) 2661 for (jj = 0; jj < ii; ++jj) 2662 bp[jj + kk] = pat[jj]; 2663 } 2664 if (!(options & F_QUIET)) { 2665 (void)printf("PATTERN: 0x"); 2666 for (jj = 0; jj < ii; ++jj) 2667 (void)printf("%02x", bp[jj] & 0xFF); 2668 (void)printf("\n"); 2669 } 2670 } 2671 2672 #ifdef IPSEC 2673 #ifdef IPSEC_POLICY_IPSEC 2674 static int 2675 setpolicy(int so __unused, char *policy) 2676 { 2677 char *buf; 2678 2679 if (policy == NULL) 2680 return 0; /* ignore */ 2681 2682 buf = ipsec_set_policy(policy, strlen(policy)); 2683 if (buf == NULL) 2684 errx(1, "%s", ipsec_strerror()); 2685 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_IPSEC_POLICY, buf, 2686 ipsec_get_policylen(buf)) < 0) 2687 warnx("Unable to set IPsec policy"); 2688 free(buf); 2689 2690 return 0; 2691 } 2692 #endif 2693 #endif 2694 2695 static char * 2696 nigroup(char *name, int nig_oldmcprefix) 2697 { 2698 char *p; 2699 char *q; 2700 MD5_CTX ctxt; 2701 u_int8_t digest[16]; 2702 u_int8_t c; 2703 size_t l; 2704 char hbuf[NI_MAXHOST]; 2705 struct in6_addr in6; 2706 int valid; 2707 2708 p = strchr(name, '.'); 2709 if (!p) 2710 p = name + strlen(name); 2711 l = p - name; 2712 if (l > 63 || l > sizeof(hbuf) - 1) 2713 return NULL; /*label too long*/ 2714 strncpy(hbuf, name, l); 2715 hbuf[(int)l] = '\0'; 2716 2717 for (q = name; *q; q++) { 2718 if (isupper(*(unsigned char *)q)) 2719 *q = tolower(*(unsigned char *)q); 2720 } 2721 2722 /* generate 16 bytes of pseudo-random value. */ 2723 memset(&ctxt, 0, sizeof(ctxt)); 2724 MD5Init(&ctxt); 2725 c = l & 0xff; 2726 MD5Update(&ctxt, &c, sizeof(c)); 2727 MD5Update(&ctxt, (unsigned char *)name, l); 2728 MD5Final(digest, &ctxt); 2729 2730 if (nig_oldmcprefix) { 2731 /* draft-ietf-ipngwg-icmp-name-lookup */ 2732 valid = inet_pton(AF_INET6, "ff02::2:0000:0000", &in6); 2733 } else { 2734 /* RFC 4620 */ 2735 valid = inet_pton(AF_INET6, "ff02::2:ff00:0000", &in6); 2736 } 2737 if (valid != 1) 2738 return NULL; /*XXX*/ 2739 2740 if (nig_oldmcprefix) { 2741 /* draft-ietf-ipngwg-icmp-name-lookup */ 2742 bcopy(digest, &in6.s6_addr[12], 4); 2743 } else { 2744 /* RFC 4620 */ 2745 bcopy(digest, &in6.s6_addr[13], 3); 2746 } 2747 2748 if (inet_ntop(AF_INET6, &in6, hbuf, sizeof(hbuf)) == NULL) 2749 return NULL; 2750 2751 return strdup(hbuf); 2752 } 2753 2754 static cap_channel_t * 2755 capdns_setup(void) 2756 { 2757 cap_channel_t *capcas, *capdnsloc; 2758 #ifdef WITH_CASPER 2759 const char *types[2]; 2760 int families[1]; 2761 #endif 2762 capcas = cap_init(); 2763 if (capcas == NULL) 2764 err(1, "unable to create casper process"); 2765 capdnsloc = cap_service_open(capcas, "system.dns"); 2766 /* Casper capability no longer needed. */ 2767 cap_close(capcas); 2768 if (capdnsloc == NULL) 2769 err(1, "unable to open system.dns service"); 2770 #ifdef WITH_CASPER 2771 types[0] = "NAME2ADDR"; 2772 types[1] = "ADDR2NAME"; 2773 if (cap_dns_type_limit(capdnsloc, types, nitems(types)) < 0) 2774 err(1, "unable to limit access to system.dns service"); 2775 families[0] = AF_INET6; 2776 if (cap_dns_family_limit(capdnsloc, families, nitems(families)) < 0) 2777 err(1, "unable to limit access to system.dns service"); 2778 #endif 2779 return (capdnsloc); 2780 } 2781