xref: /freebsd/contrib/tcpdump/print-babel.c (revision 63d1fd5970ec814904aa0f4580b10a0d302d08b2)
1 /*
2  * Copyright (c) 2007-2011 Grégoire Henry, Juliusz Chroboczek
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  * 3. Neither the name of the project nor the names of its contributors
13  *    may be used to endorse or promote products derived from this software
14  *    without specific prior written permission.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #define NETDISSECT_REWORKED
30 #ifdef HAVE_CONFIG_H
31 #include "config.h"
32 #endif
33 
34 #include <tcpdump-stdinc.h>
35 
36 #include <stdio.h>
37 #include <string.h>
38 
39 #include "interface.h"
40 #include "addrtoname.h"
41 #include "extract.h"
42 
43 static const char tstr[] = "[|babel]";
44 
45 static void babel_print_v2(netdissect_options *, const u_char *cp, u_int length);
46 
47 void
48 babel_print(netdissect_options *ndo,
49             const u_char *cp, u_int length)
50 {
51     ND_PRINT((ndo, "babel"));
52 
53     ND_TCHECK2(*cp, 4);
54 
55     if(cp[0] != 42) {
56         ND_PRINT((ndo, " malformed header"));
57         return;
58     } else {
59         ND_PRINT((ndo, " %d", cp[1]));
60     }
61 
62     switch(cp[1]) {
63     case 2:
64         babel_print_v2(ndo, cp, length);
65         break;
66     default:
67         ND_PRINT((ndo, " unknown version"));
68         break;
69     }
70 
71     return;
72 
73  trunc:
74     ND_PRINT((ndo, " %s", tstr));
75     return;
76 }
77 
78 /* TLVs */
79 #define MESSAGE_PAD1 0
80 #define MESSAGE_PADN 1
81 #define MESSAGE_ACK_REQ 2
82 #define MESSAGE_ACK 3
83 #define MESSAGE_HELLO 4
84 #define MESSAGE_IHU 5
85 #define MESSAGE_ROUTER_ID 6
86 #define MESSAGE_NH 7
87 #define MESSAGE_UPDATE 8
88 #define MESSAGE_REQUEST 9
89 #define MESSAGE_MH_REQUEST 10
90 #define MESSAGE_TSPC 11
91 #define MESSAGE_HMAC 12
92 
93 /* sub-TLVs */
94 #define MESSAGE_SUB_PAD1 0
95 #define MESSAGE_SUB_PADN 1
96 #define MESSAGE_SUB_DIVERSITY 2
97 #define MESSAGE_SUB_TIMESTAMP 3
98 
99 /* Diversity sub-TLV channel codes */
100 static const struct tok diversity_str[] = {
101     { 0,   "reserved" },
102     { 255, "all"      },
103     { 0, NULL }
104 };
105 
106 static const char *
107 format_id(const u_char *id)
108 {
109     static char buf[25];
110     snprintf(buf, 25, "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x",
111              id[0], id[1], id[2], id[3], id[4], id[5], id[6], id[7]);
112     buf[24] = '\0';
113     return buf;
114 }
115 
116 static const unsigned char v4prefix[16] =
117     {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF, 0, 0, 0, 0 };
118 
119 static const char *
120 format_prefix(netdissect_options *ndo, const u_char *prefix, unsigned char plen)
121 {
122     static char buf[50];
123     if(plen >= 96 && memcmp(prefix, v4prefix, 12) == 0)
124         snprintf(buf, 50, "%s/%u", ipaddr_string(ndo, prefix + 12), plen - 96);
125     else
126 #ifdef INET6
127         snprintf(buf, 50, "%s/%u", ip6addr_string(ndo, prefix), plen);
128 #else
129         snprintf(buf, 50, "IPv6 addresses not supported");
130 #endif
131     buf[49] = '\0';
132     return buf;
133 }
134 
135 static const char *
136 format_address(netdissect_options *ndo, const u_char *prefix)
137 {
138     if(memcmp(prefix, v4prefix, 12) == 0)
139         return ipaddr_string(ndo, prefix + 12);
140     else
141 #ifdef INET6
142         return ip6addr_string(ndo, prefix);
143 #else
144         return "IPv6 addresses not supported";
145 #endif
146 }
147 
148 static const char *
149 format_interval(const uint16_t i)
150 {
151     static char buf[sizeof("000.00s")];
152 
153     if (i == 0)
154         return "0.0s (bogus)";
155     snprintf(buf, sizeof(buf), "%u.%02us", i / 100, i % 100);
156     return buf;
157 }
158 
159 static const char *
160 format_interval_update(const uint16_t i)
161 {
162     return i == 0xFFFF ? "infinity" : format_interval(i);
163 }
164 
165 static const char *
166 format_timestamp(const uint32_t i)
167 {
168     static char buf[sizeof("0000.000000s")];
169     snprintf(buf, sizeof(buf), "%u.%06us", i / 1000000, i % 1000000);
170     return buf;
171 }
172 
173 /* Return number of octets consumed from the input buffer (not the prefix length
174  * in bytes), or -1 for encoding error. */
175 static int
176 network_prefix(int ae, int plen, unsigned int omitted,
177                const unsigned char *p, const unsigned char *dp,
178                unsigned int len, unsigned char *p_r)
179 {
180     unsigned pb;
181     unsigned char prefix[16];
182     int consumed = 0;
183 
184     if(plen >= 0)
185         pb = (plen + 7) / 8;
186     else if(ae == 1)
187         pb = 4;
188     else
189         pb = 16;
190 
191     if(pb > 16)
192         return -1;
193 
194     memset(prefix, 0, 16);
195 
196     switch(ae) {
197     case 0: break;
198     case 1:
199         if(omitted > 4 || pb > 4 || (pb > omitted && len < pb - omitted))
200             return -1;
201         memcpy(prefix, v4prefix, 12);
202         if(omitted) {
203             if (dp == NULL) return -1;
204             memcpy(prefix, dp, 12 + omitted);
205         }
206         if(pb > omitted) {
207             memcpy(prefix + 12 + omitted, p, pb - omitted);
208             consumed = pb - omitted;
209         }
210         break;
211     case 2:
212         if(omitted > 16 || (pb > omitted && len < pb - omitted))
213             return -1;
214         if(omitted) {
215             if (dp == NULL) return -1;
216             memcpy(prefix, dp, omitted);
217         }
218         if(pb > omitted) {
219             memcpy(prefix + omitted, p, pb - omitted);
220             consumed = pb - omitted;
221         }
222         break;
223     case 3:
224         if(pb > 8 && len < pb - 8) return -1;
225         prefix[0] = 0xfe;
226         prefix[1] = 0x80;
227         if(pb > 8) {
228             memcpy(prefix + 8, p, pb - 8);
229             consumed = pb - 8;
230         }
231         break;
232     default:
233         return -1;
234     }
235 
236     memcpy(p_r, prefix, 16);
237     return consumed;
238 }
239 
240 static int
241 network_address(int ae, const unsigned char *a, unsigned int len,
242                 unsigned char *a_r)
243 {
244     return network_prefix(ae, -1, 0, a, NULL, len, a_r);
245 }
246 
247 /*
248  * Sub-TLVs consume the "extra data" of Babel TLVs (see Section 4.3 of RFC6126),
249  * their encoding is similar to the encoding of TLVs, but the type namespace is
250  * different:
251  *
252  * o Type 0 stands for Pad1 sub-TLV with the same encoding as the Pad1 TLV.
253  * o Type 1 stands for PadN sub-TLV with the same encoding as the PadN TLV.
254  * o Type 2 stands for Diversity sub-TLV, which propagates diversity routing
255  *   data. Its body is a variable-length sequence of 8-bit unsigned integers,
256  *   each representing per-hop number of interferring radio channel for the
257  *   prefix. Channel 0 is invalid and must not be used in the sub-TLV, channel
258  *   255 interferes with any other channel.
259  * o Type 3 stands for Timestamp sub-TLV, used to compute RTT between
260  *   neighbours. In the case of a Hello TLV, the body stores a 32-bits
261  *   timestamp, while in the case of a IHU TLV, two 32-bits timestamps are
262  *   stored.
263  *
264  * Sub-TLV types 0 and 1 are valid for any TLV type, whether sub-TLV type 2 is
265  * only valid for TLV type 8 (Update). Note that within an Update TLV a missing
266  * Diversity sub-TLV is not the same as a Diversity sub-TLV with an empty body.
267  * The former would mean a lack of any claims about the interference, and the
268  * latter would state that interference is definitely absent.
269  * A type 3 sub-TLV is valid both for Hello and IHU TLVs, though the exact
270  * semantic of the sub-TLV is different in each case.
271  */
272 static void
273 subtlvs_print(netdissect_options *ndo,
274               const u_char *cp, const u_char *ep, const uint8_t tlv_type)
275 {
276     uint8_t subtype, sublen;
277     const char *sep;
278     uint32_t t1, t2;
279 
280     while (cp < ep) {
281         subtype = *cp++;
282         if(subtype == MESSAGE_SUB_PAD1) {
283             ND_PRINT((ndo, " sub-pad1"));
284             continue;
285         }
286         if(cp == ep)
287             goto corrupt;
288         sublen = *cp++;
289         if(cp + sublen > ep)
290             goto corrupt;
291 
292         switch(subtype) {
293         case MESSAGE_SUB_PADN:
294             ND_PRINT((ndo, " sub-padn"));
295             cp += sublen;
296             break;
297         case MESSAGE_SUB_DIVERSITY:
298             ND_PRINT((ndo, " sub-diversity"));
299             if (sublen == 0) {
300                 ND_PRINT((ndo, " empty"));
301                 break;
302             }
303             sep = " ";
304             while(sublen--) {
305                 ND_PRINT((ndo, "%s%s", sep, tok2str(diversity_str, "%u", *cp++)));
306                 sep = "-";
307             }
308             if(tlv_type != MESSAGE_UPDATE)
309                 ND_PRINT((ndo, " (bogus)"));
310             break;
311         case MESSAGE_SUB_TIMESTAMP:
312             ND_PRINT((ndo, " sub-timestamp"));
313             if(tlv_type == MESSAGE_HELLO) {
314                 if(sublen < 4)
315                     goto corrupt;
316                 t1 = EXTRACT_32BITS(cp);
317                 ND_PRINT((ndo, " %s", format_timestamp(t1)));
318             } else if(tlv_type == MESSAGE_IHU) {
319                 if(sublen < 8)
320                     goto corrupt;
321                 t1 = EXTRACT_32BITS(cp);
322                 ND_PRINT((ndo, " %s", format_timestamp(t1)));
323                 t2 = EXTRACT_32BITS(cp + 4);
324                 ND_PRINT((ndo, "|%s", format_timestamp(t2)));
325             } else
326                 ND_PRINT((ndo, " (bogus)"));
327             cp += sublen;
328             break;
329         default:
330             ND_PRINT((ndo, " sub-unknown-0x%02x", subtype));
331             cp += sublen;
332         } /* switch */
333     } /* while */
334     return;
335 
336  corrupt:
337     ND_PRINT((ndo, " (corrupt)"));
338 }
339 
340 #define ICHECK(i, l) \
341 	if ((i) + (l) > bodylen || (i) + (l) > length) goto corrupt;
342 
343 static void
344 babel_print_v2(netdissect_options *ndo,
345                const u_char *cp, u_int length)
346 {
347     u_int i;
348     u_short bodylen;
349     u_char v4_prefix[16] =
350         {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF, 0, 0, 0, 0 };
351     u_char v6_prefix[16] = {0};
352 
353     ND_TCHECK2(*cp, 4);
354     if (length < 4)
355         goto corrupt;
356     bodylen = EXTRACT_16BITS(cp + 2);
357     ND_PRINT((ndo, " (%u)", bodylen));
358 
359     /* Process the TLVs in the body */
360     i = 0;
361     while(i < bodylen) {
362         const u_char *message;
363         u_int type, len;
364 
365         message = cp + 4 + i;
366 
367         ND_TCHECK2(*message, 1);
368         if((type = message[0]) == MESSAGE_PAD1) {
369             ND_PRINT((ndo, ndo->ndo_vflag ? "\n\tPad 1" : " pad1"));
370             i += 1;
371             continue;
372         }
373 
374         ND_TCHECK2(*message, 2);
375         ICHECK(i, 2);
376         len = message[1];
377 
378         ND_TCHECK2(*message, 2 + len);
379         ICHECK(i, 2 + len);
380 
381         switch(type) {
382         case MESSAGE_PADN: {
383             if (!ndo->ndo_vflag)
384                 ND_PRINT((ndo, " padN"));
385             else
386                 ND_PRINT((ndo, "\n\tPad %d", len + 2));
387         }
388             break;
389 
390         case MESSAGE_ACK_REQ: {
391             u_short nonce, interval;
392             if (!ndo->ndo_vflag)
393                 ND_PRINT((ndo, " ack-req"));
394             else {
395                 ND_PRINT((ndo, "\n\tAcknowledgment Request "));
396                 if(len < 6) goto corrupt;
397                 nonce = EXTRACT_16BITS(message + 4);
398                 interval = EXTRACT_16BITS(message + 6);
399                 ND_PRINT((ndo, "%04x %s", nonce, format_interval(interval)));
400             }
401         }
402             break;
403 
404         case MESSAGE_ACK: {
405             u_short nonce;
406             if (!ndo->ndo_vflag)
407                 ND_PRINT((ndo, " ack"));
408             else {
409                 ND_PRINT((ndo, "\n\tAcknowledgment "));
410                 if(len < 2) goto corrupt;
411                 nonce = EXTRACT_16BITS(message + 2);
412                 ND_PRINT((ndo, "%04x", nonce));
413             }
414         }
415             break;
416 
417         case MESSAGE_HELLO:  {
418             u_short seqno, interval;
419             if (!ndo->ndo_vflag)
420                 ND_PRINT((ndo, " hello"));
421             else {
422                 ND_PRINT((ndo, "\n\tHello "));
423                 if(len < 6) goto corrupt;
424                 seqno = EXTRACT_16BITS(message + 4);
425                 interval = EXTRACT_16BITS(message + 6);
426                 ND_PRINT((ndo, "seqno %u interval %s", seqno, format_interval(interval)));
427                 /* Extra data. */
428                 if(len > 6)
429                     subtlvs_print(ndo, message + 8, message + 2 + len, type);
430             }
431         }
432             break;
433 
434         case MESSAGE_IHU: {
435             unsigned short txcost, interval;
436             if (!ndo->ndo_vflag)
437                 ND_PRINT((ndo, " ihu"));
438             else {
439                 u_char address[16];
440                 int rc;
441                 ND_PRINT((ndo, "\n\tIHU "));
442                 if(len < 6) goto corrupt;
443                 txcost = EXTRACT_16BITS(message + 4);
444                 interval = EXTRACT_16BITS(message + 6);
445                 rc = network_address(message[2], message + 8, len - 6, address);
446                 if(rc < 0) { ND_PRINT((ndo, "%s", tstr)); break; }
447                 ND_PRINT((ndo, "%s txcost %u interval %s",
448                        format_address(ndo, address), txcost, format_interval(interval)));
449                 /* Extra data. */
450                 if((u_int)rc < len - 6)
451                     subtlvs_print(ndo, message + 8 + rc, message + 2 + len,
452                                   type);
453             }
454         }
455             break;
456 
457         case MESSAGE_ROUTER_ID: {
458             if (!ndo->ndo_vflag)
459                 ND_PRINT((ndo, " router-id"));
460             else {
461                 ND_PRINT((ndo, "\n\tRouter Id"));
462                 if(len < 10) goto corrupt;
463                 ND_PRINT((ndo, " %s", format_id(message + 4)));
464             }
465         }
466             break;
467 
468         case MESSAGE_NH: {
469             if (!ndo->ndo_vflag)
470                 ND_PRINT((ndo, " nh"));
471             else {
472                 int rc;
473                 u_char nh[16];
474                 ND_PRINT((ndo, "\n\tNext Hop"));
475                 if(len < 2) goto corrupt;
476                 rc = network_address(message[2], message + 4, len - 2, nh);
477                 if(rc < 0) goto corrupt;
478                 ND_PRINT((ndo, " %s", format_address(ndo, nh)));
479             }
480         }
481             break;
482 
483         case MESSAGE_UPDATE: {
484             if (!ndo->ndo_vflag) {
485                 ND_PRINT((ndo, " update"));
486                 if(len < 1)
487                     ND_PRINT((ndo, "/truncated"));
488                 else
489                     ND_PRINT((ndo, "%s%s%s",
490                            (message[3] & 0x80) ? "/prefix": "",
491                            (message[3] & 0x40) ? "/id" : "",
492                            (message[3] & 0x3f) ? "/unknown" : ""));
493             } else {
494                 u_short interval, seqno, metric;
495                 u_char plen;
496                 int rc;
497                 u_char prefix[16];
498                 ND_PRINT((ndo, "\n\tUpdate"));
499                 if(len < 10) goto corrupt;
500                 plen = message[4] + (message[2] == 1 ? 96 : 0);
501                 rc = network_prefix(message[2], message[4], message[5],
502                                     message + 12,
503                                     message[2] == 1 ? v4_prefix : v6_prefix,
504                                     len - 10, prefix);
505                 if(rc < 0) goto corrupt;
506                 interval = EXTRACT_16BITS(message + 6);
507                 seqno = EXTRACT_16BITS(message + 8);
508                 metric = EXTRACT_16BITS(message + 10);
509                 ND_PRINT((ndo, "%s%s%s %s metric %u seqno %u interval %s",
510                        (message[3] & 0x80) ? "/prefix": "",
511                        (message[3] & 0x40) ? "/id" : "",
512                        (message[3] & 0x3f) ? "/unknown" : "",
513                        format_prefix(ndo, prefix, plen),
514                        metric, seqno, format_interval_update(interval)));
515                 if(message[3] & 0x80) {
516                     if(message[2] == 1)
517                         memcpy(v4_prefix, prefix, 16);
518                     else
519                         memcpy(v6_prefix, prefix, 16);
520                 }
521                 /* extra data? */
522                 if((u_int)rc < len - 10)
523                     subtlvs_print(ndo, message + 12 + rc, message + 2 + len, type);
524             }
525         }
526             break;
527 
528         case MESSAGE_REQUEST: {
529             if (!ndo->ndo_vflag)
530                 ND_PRINT((ndo, " request"));
531             else {
532                 int rc;
533                 u_char prefix[16], plen;
534                 ND_PRINT((ndo, "\n\tRequest "));
535                 if(len < 2) goto corrupt;
536                 plen = message[3] + (message[2] == 1 ? 96 : 0);
537                 rc = network_prefix(message[2], message[3], 0,
538                                     message + 4, NULL, len - 2, prefix);
539                 if(rc < 0) goto corrupt;
540                 ND_PRINT((ndo, "for %s",
541                        message[2] == 0 ? "any" : format_prefix(ndo, prefix, plen)));
542             }
543         }
544             break;
545 
546         case MESSAGE_MH_REQUEST : {
547             if (!ndo->ndo_vflag)
548                 ND_PRINT((ndo, " mh-request"));
549             else {
550                 int rc;
551                 u_short seqno;
552                 u_char prefix[16], plen;
553                 ND_PRINT((ndo, "\n\tMH-Request "));
554                 if(len < 14) goto corrupt;
555                 seqno = EXTRACT_16BITS(message + 4);
556                 rc = network_prefix(message[2], message[3], 0,
557                                     message + 16, NULL, len - 14, prefix);
558                 if(rc < 0) goto corrupt;
559                 plen = message[3] + (message[2] == 1 ? 96 : 0);
560                 ND_PRINT((ndo, "(%u hops) for %s seqno %u id %s",
561                        message[6], format_prefix(ndo, prefix, plen),
562                        seqno, format_id(message + 8)));
563             }
564         }
565             break;
566         case MESSAGE_TSPC :
567             if (!ndo->ndo_vflag)
568                 ND_PRINT((ndo, " tspc"));
569             else {
570                 ND_PRINT((ndo, "\n\tTS/PC "));
571                 if(len < 6) goto corrupt;
572                 ND_PRINT((ndo, "timestamp %u packetcounter %u", EXTRACT_32BITS (message + 4),
573                        EXTRACT_16BITS(message + 2)));
574             }
575             break;
576         case MESSAGE_HMAC : {
577             if (!ndo->ndo_vflag)
578                 ND_PRINT((ndo, " hmac"));
579             else {
580                 unsigned j;
581                 ND_PRINT((ndo, "\n\tHMAC "));
582                 if(len < 18) goto corrupt;
583                 ND_PRINT((ndo, "key-id %u digest-%u ", EXTRACT_16BITS(message + 2), len - 2));
584                 for (j = 0; j < len - 2; j++)
585                     ND_PRINT((ndo, "%02X", message[4 + j]));
586             }
587         }
588             break;
589         default:
590             if (!ndo->ndo_vflag)
591                 ND_PRINT((ndo, " unknown"));
592             else
593                 ND_PRINT((ndo, "\n\tUnknown message type %d", type));
594         }
595         i += len + 2;
596     }
597     return;
598 
599  trunc:
600     ND_PRINT((ndo, " %s", tstr));
601     return;
602 
603  corrupt:
604     ND_PRINT((ndo, " (corrupt)"));
605     return;
606 }
607