xref: /freebsd/contrib/tcpdump/print-babel.c (revision 98e0ffaefb0f241cda3a72395d3be04192ae0d47)
1 /*
2  * Copyright (c) 2007-2011 Grégoire Henry, Juliusz Chroboczek
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  * 3. Neither the name of the project nor the names of its contributors
13  *    may be used to endorse or promote products derived from this software
14  *    without specific prior written permission.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #define NETDISSECT_REWORKED
30 #ifdef HAVE_CONFIG_H
31 #include "config.h"
32 #endif
33 
34 #include <tcpdump-stdinc.h>
35 
36 #include <stdio.h>
37 #include <string.h>
38 
39 #include "interface.h"
40 #include "addrtoname.h"
41 #include "extract.h"
42 
43 static const char tstr[] = "[|babel]";
44 
45 static void babel_print_v2(netdissect_options *, const u_char *cp, u_int length);
46 
47 void
48 babel_print(netdissect_options *ndo,
49             const u_char *cp, u_int length) {
50     ND_PRINT((ndo, "babel"));
51 
52     ND_TCHECK2(*cp, 4);
53 
54     if(cp[0] != 42) {
55         ND_PRINT((ndo, " malformed header"));
56         return;
57     } else {
58         ND_PRINT((ndo, " %d", cp[1]));
59     }
60 
61     switch(cp[1]) {
62     case 2:
63         babel_print_v2(ndo, cp, length);
64         break;
65     default:
66         ND_PRINT((ndo, " unknown version"));
67         break;
68     }
69 
70     return;
71 
72  trunc:
73     ND_PRINT((ndo, " %s", tstr));
74     return;
75 }
76 
77 /* TLVs */
78 #define MESSAGE_PAD1 0
79 #define MESSAGE_PADN 1
80 #define MESSAGE_ACK_REQ 2
81 #define MESSAGE_ACK 3
82 #define MESSAGE_HELLO 4
83 #define MESSAGE_IHU 5
84 #define MESSAGE_ROUTER_ID 6
85 #define MESSAGE_NH 7
86 #define MESSAGE_UPDATE 8
87 #define MESSAGE_REQUEST 9
88 #define MESSAGE_MH_REQUEST 10
89 #define MESSAGE_TSPC 11
90 #define MESSAGE_HMAC 12
91 
92 /* sub-TLVs */
93 #define MESSAGE_SUB_PAD1 0
94 #define MESSAGE_SUB_PADN 1
95 #define MESSAGE_SUB_DIVERSITY 2
96 #define MESSAGE_SUB_TIMESTAMP 3
97 
98 /* Diversity sub-TLV channel codes */
99 static const struct tok diversity_str[] = {
100     { 0,   "reserved" },
101     { 255, "all"      },
102     { 0, NULL }
103 };
104 
105 static const char *
106 format_id(const u_char *id)
107 {
108     static char buf[25];
109     snprintf(buf, 25, "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x",
110              id[0], id[1], id[2], id[3], id[4], id[5], id[6], id[7]);
111     buf[24] = '\0';
112     return buf;
113 }
114 
115 static const unsigned char v4prefix[16] =
116     {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF, 0, 0, 0, 0 };
117 
118 static const char *
119 format_prefix(netdissect_options *ndo, const u_char *prefix, unsigned char plen)
120 {
121     static char buf[50];
122     if(plen >= 96 && memcmp(prefix, v4prefix, 12) == 0)
123         snprintf(buf, 50, "%s/%u", ipaddr_string(ndo, prefix + 12), plen - 96);
124     else
125 #ifdef INET6
126         snprintf(buf, 50, "%s/%u", ip6addr_string(ndo, prefix), plen);
127 #else
128         snprintf(buf, 50, "IPv6 addresses not supported");
129 #endif
130     buf[49] = '\0';
131     return buf;
132 }
133 
134 static const char *
135 format_address(netdissect_options *ndo, const u_char *prefix)
136 {
137     if(memcmp(prefix, v4prefix, 12) == 0)
138         return ipaddr_string(ndo, prefix + 12);
139     else
140 #ifdef INET6
141         return ip6addr_string(ndo, prefix);
142 #else
143         return "IPv6 addresses not supported";
144 #endif
145 }
146 
147 static const char *
148 format_interval(const uint16_t i)
149 {
150     static char buf[sizeof("000.00s")];
151 
152     if (i == 0)
153         return "0.0s (bogus)";
154     snprintf(buf, sizeof(buf), "%u.%02us", i / 100, i % 100);
155     return buf;
156 }
157 
158 static const char *
159 format_interval_update(const uint16_t i)
160 {
161     return i == 0xFFFF ? "infinity" : format_interval(i);
162 }
163 
164 static const char *
165 format_timestamp(const uint32_t i)
166 {
167     static char buf[sizeof("0000.000000s")];
168     snprintf(buf, sizeof(buf), "%u.%06us", i / 1000000, i % 1000000);
169     return buf;
170 }
171 
172 /* Return number of octets consumed from the input buffer (not the prefix length
173  * in bytes), or -1 for encoding error. */
174 static int
175 network_prefix(int ae, int plen, unsigned int omitted,
176                const unsigned char *p, const unsigned char *dp,
177                unsigned int len, unsigned char *p_r)
178 {
179     unsigned pb;
180     unsigned char prefix[16];
181     int consumed = 0;
182 
183     if(plen >= 0)
184         pb = (plen + 7) / 8;
185     else if(ae == 1)
186         pb = 4;
187     else
188         pb = 16;
189 
190     if(pb > 16)
191         return -1;
192 
193     memset(prefix, 0, 16);
194 
195     switch(ae) {
196     case 0: break;
197     case 1:
198         if(omitted > 4 || pb > 4 || (pb > omitted && len < pb - omitted))
199             return -1;
200         memcpy(prefix, v4prefix, 12);
201         if(omitted) {
202             if (dp == NULL) return -1;
203             memcpy(prefix, dp, 12 + omitted);
204         }
205         if(pb > omitted) {
206             memcpy(prefix + 12 + omitted, p, pb - omitted);
207             consumed = pb - omitted;
208         }
209         break;
210     case 2:
211         if(omitted > 16 || (pb > omitted && len < pb - omitted))
212             return -1;
213         if(omitted) {
214             if (dp == NULL) return -1;
215             memcpy(prefix, dp, omitted);
216         }
217         if(pb > omitted) {
218             memcpy(prefix + omitted, p, pb - omitted);
219             consumed = pb - omitted;
220         }
221         break;
222     case 3:
223         if(pb > 8 && len < pb - 8) return -1;
224         prefix[0] = 0xfe;
225         prefix[1] = 0x80;
226         if(pb > 8) {
227             memcpy(prefix + 8, p, pb - 8);
228             consumed = pb - 8;
229         }
230         break;
231     default:
232         return -1;
233     }
234 
235     memcpy(p_r, prefix, 16);
236     return consumed;
237 }
238 
239 static int
240 network_address(int ae, const unsigned char *a, unsigned int len,
241                 unsigned char *a_r)
242 {
243     return network_prefix(ae, -1, 0, a, NULL, len, a_r);
244 }
245 
246 /*
247  * Sub-TLVs consume the "extra data" of Babel TLVs (see Section 4.3 of RFC6126),
248  * their encoding is similar to the encoding of TLVs, but the type namespace is
249  * different:
250  *
251  * o Type 0 stands for Pad1 sub-TLV with the same encoding as the Pad1 TLV.
252  * o Type 1 stands for PadN sub-TLV with the same encoding as the PadN TLV.
253  * o Type 2 stands for Diversity sub-TLV, which propagates diversity routing
254  *   data. Its body is a variable-length sequence of 8-bit unsigned integers,
255  *   each representing per-hop number of interferring radio channel for the
256  *   prefix. Channel 0 is invalid and must not be used in the sub-TLV, channel
257  *   255 interferes with any other channel.
258  * o Type 3 stands for Timestamp sub-TLV, used to compute RTT between
259  *   neighbours. In the case of a Hello TLV, the body stores a 32-bits
260  *   timestamp, while in the case of a IHU TLV, two 32-bits timestamps are
261  *   stored.
262  *
263  * Sub-TLV types 0 and 1 are valid for any TLV type, whether sub-TLV type 2 is
264  * only valid for TLV type 8 (Update). Note that within an Update TLV a missing
265  * Diversity sub-TLV is not the same as a Diversity sub-TLV with an empty body.
266  * The former would mean a lack of any claims about the interference, and the
267  * latter would state that interference is definitely absent.
268  * A type 3 sub-TLV is valid both for Hello and IHU TLVs, though the exact
269  * semantic of the sub-TLV is different in each case.
270  */
271 static void
272 subtlvs_print(netdissect_options *ndo,
273               const u_char *cp, const u_char *ep, const uint8_t tlv_type) {
274     uint8_t subtype, sublen;
275     const char *sep;
276     uint32_t t1, t2;
277 
278     while (cp < ep) {
279         subtype = *cp++;
280         if(subtype == MESSAGE_SUB_PAD1) {
281             ND_PRINT((ndo, " sub-pad1"));
282             continue;
283         }
284         if(cp == ep)
285             goto corrupt;
286         sublen = *cp++;
287         if(cp + sublen > ep)
288             goto corrupt;
289 
290         switch(subtype) {
291         case MESSAGE_SUB_PADN:
292             ND_PRINT((ndo, " sub-padn"));
293             cp += sublen;
294             break;
295         case MESSAGE_SUB_DIVERSITY:
296             ND_PRINT((ndo, " sub-diversity"));
297             if (sublen == 0) {
298                 ND_PRINT((ndo, " empty"));
299                 break;
300             }
301             sep = " ";
302             while(sublen--) {
303                 ND_PRINT((ndo, "%s%s", sep, tok2str(diversity_str, "%u", *cp++)));
304                 sep = "-";
305             }
306             if(tlv_type != MESSAGE_UPDATE)
307                 ND_PRINT((ndo, " (bogus)"));
308             break;
309         case MESSAGE_SUB_TIMESTAMP:
310             ND_PRINT((ndo, " sub-timestamp"));
311             if(tlv_type == MESSAGE_HELLO) {
312                 if(sublen < 4)
313                     goto corrupt;
314                 t1 = EXTRACT_32BITS(cp);
315                 ND_PRINT((ndo, " %s", format_timestamp(t1)));
316             } else if(tlv_type == MESSAGE_IHU) {
317                 if(sublen < 8)
318                     goto corrupt;
319                 t1 = EXTRACT_32BITS(cp);
320                 ND_PRINT((ndo, " %s", format_timestamp(t1)));
321                 t2 = EXTRACT_32BITS(cp + 4);
322                 ND_PRINT((ndo, "|%s", format_timestamp(t2)));
323             } else
324                 ND_PRINT((ndo, " (bogus)"));
325             cp += sublen;
326             break;
327         default:
328             ND_PRINT((ndo, " sub-unknown-0x%02x", subtype));
329             cp += sublen;
330         } /* switch */
331     } /* while */
332     return;
333 
334  corrupt:
335     ND_PRINT((ndo, " (corrupt)"));
336 }
337 
338 #define ICHECK(i, l) \
339 	if ((i) + (l) > bodylen || (i) + (l) > length) goto corrupt;
340 
341 static void
342 babel_print_v2(netdissect_options *ndo,
343                const u_char *cp, u_int length) {
344     u_int i;
345     u_short bodylen;
346     u_char v4_prefix[16] =
347         {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF, 0, 0, 0, 0 };
348     u_char v6_prefix[16] = {0};
349 
350     ND_TCHECK2(*cp, 4);
351     if (length < 4)
352         goto corrupt;
353     bodylen = EXTRACT_16BITS(cp + 2);
354     ND_PRINT((ndo, " (%u)", bodylen));
355 
356     /* Process the TLVs in the body */
357     i = 0;
358     while(i < bodylen) {
359         const u_char *message;
360         u_int type, len;
361 
362         message = cp + 4 + i;
363 
364         ND_TCHECK2(*message, 1);
365         if((type = message[0]) == MESSAGE_PAD1) {
366             ND_PRINT((ndo, ndo->ndo_vflag ? "\n\tPad 1" : " pad1"));
367             i += 1;
368             continue;
369         }
370 
371         ND_TCHECK2(*message, 2);
372         ICHECK(i, 2);
373         len = message[1];
374 
375         ND_TCHECK2(*message, 2 + len);
376         ICHECK(i, 2 + len);
377 
378         switch(type) {
379         case MESSAGE_PADN: {
380             if (!ndo->ndo_vflag)
381                 ND_PRINT((ndo, " padN"));
382             else
383                 ND_PRINT((ndo, "\n\tPad %d", len + 2));
384         }
385             break;
386 
387         case MESSAGE_ACK_REQ: {
388             u_short nonce, interval;
389             if (!ndo->ndo_vflag)
390                 ND_PRINT((ndo, " ack-req"));
391             else {
392                 ND_PRINT((ndo, "\n\tAcknowledgment Request "));
393                 if(len < 6) goto corrupt;
394                 nonce = EXTRACT_16BITS(message + 4);
395                 interval = EXTRACT_16BITS(message + 6);
396                 ND_PRINT((ndo, "%04x %s", nonce, format_interval(interval)));
397             }
398         }
399             break;
400 
401         case MESSAGE_ACK: {
402             u_short nonce;
403             if (!ndo->ndo_vflag)
404                 ND_PRINT((ndo, " ack"));
405             else {
406                 ND_PRINT((ndo, "\n\tAcknowledgment "));
407                 if(len < 2) goto corrupt;
408                 nonce = EXTRACT_16BITS(message + 2);
409                 ND_PRINT((ndo, "%04x", nonce));
410             }
411         }
412             break;
413 
414         case MESSAGE_HELLO:  {
415             u_short seqno, interval;
416             if (!ndo->ndo_vflag)
417                 ND_PRINT((ndo, " hello"));
418             else {
419                 ND_PRINT((ndo, "\n\tHello "));
420                 if(len < 6) goto corrupt;
421                 seqno = EXTRACT_16BITS(message + 4);
422                 interval = EXTRACT_16BITS(message + 6);
423                 ND_PRINT((ndo, "seqno %u interval %s", seqno, format_interval(interval)));
424                 /* Extra data. */
425                 if(len > 6)
426                     subtlvs_print(ndo, message + 8, message + 2 + len, type);
427             }
428         }
429             break;
430 
431         case MESSAGE_IHU: {
432             unsigned short txcost, interval;
433             if (!ndo->ndo_vflag)
434                 ND_PRINT((ndo, " ihu"));
435             else {
436                 u_char address[16];
437                 int rc;
438                 ND_PRINT((ndo, "\n\tIHU "));
439                 if(len < 6) goto corrupt;
440                 txcost = EXTRACT_16BITS(message + 4);
441                 interval = EXTRACT_16BITS(message + 6);
442                 rc = network_address(message[2], message + 8, len - 6, address);
443                 if(rc < 0) { ND_PRINT((ndo, "%s", tstr)); break; }
444                 ND_PRINT((ndo, "%s txcost %u interval %s",
445                        format_address(ndo, address), txcost, format_interval(interval)));
446                 /* Extra data. */
447                 if((u_int)rc < len - 6)
448                     subtlvs_print(ndo, message + 8 + rc, message + 2 + len,
449                                   type);
450             }
451         }
452             break;
453 
454         case MESSAGE_ROUTER_ID: {
455             if (!ndo->ndo_vflag)
456                 ND_PRINT((ndo, " router-id"));
457             else {
458                 ND_PRINT((ndo, "\n\tRouter Id"));
459                 if(len < 10) goto corrupt;
460                 ND_PRINT((ndo, " %s", format_id(message + 4)));
461             }
462         }
463             break;
464 
465         case MESSAGE_NH: {
466             if (!ndo->ndo_vflag)
467                 ND_PRINT((ndo, " nh"));
468             else {
469                 int rc;
470                 u_char nh[16];
471                 ND_PRINT((ndo, "\n\tNext Hop"));
472                 if(len < 2) goto corrupt;
473                 rc = network_address(message[2], message + 4, len - 2, nh);
474                 if(rc < 0) goto corrupt;
475                 ND_PRINT((ndo, " %s", format_address(ndo, nh)));
476             }
477         }
478             break;
479 
480         case MESSAGE_UPDATE: {
481             if (!ndo->ndo_vflag) {
482                 ND_PRINT((ndo, " update"));
483                 if(len < 1)
484                     ND_PRINT((ndo, "/truncated"));
485                 else
486                     ND_PRINT((ndo, "%s%s%s",
487                            (message[3] & 0x80) ? "/prefix": "",
488                            (message[3] & 0x40) ? "/id" : "",
489                            (message[3] & 0x3f) ? "/unknown" : ""));
490             } else {
491                 u_short interval, seqno, metric;
492                 u_char plen;
493                 int rc;
494                 u_char prefix[16];
495                 ND_PRINT((ndo, "\n\tUpdate"));
496                 if(len < 10) goto corrupt;
497                 plen = message[4] + (message[2] == 1 ? 96 : 0);
498                 rc = network_prefix(message[2], message[4], message[5],
499                                     message + 12,
500                                     message[2] == 1 ? v4_prefix : v6_prefix,
501                                     len - 10, prefix);
502                 if(rc < 0) goto corrupt;
503                 interval = EXTRACT_16BITS(message + 6);
504                 seqno = EXTRACT_16BITS(message + 8);
505                 metric = EXTRACT_16BITS(message + 10);
506                 ND_PRINT((ndo, "%s%s%s %s metric %u seqno %u interval %s",
507                        (message[3] & 0x80) ? "/prefix": "",
508                        (message[3] & 0x40) ? "/id" : "",
509                        (message[3] & 0x3f) ? "/unknown" : "",
510                        format_prefix(ndo, prefix, plen),
511                        metric, seqno, format_interval_update(interval)));
512                 if(message[3] & 0x80) {
513                     if(message[2] == 1)
514                         memcpy(v4_prefix, prefix, 16);
515                     else
516                         memcpy(v6_prefix, prefix, 16);
517                 }
518                 /* extra data? */
519                 if((u_int)rc < len - 10)
520                     subtlvs_print(ndo, message + 12 + rc, message + 2 + len, type);
521             }
522         }
523             break;
524 
525         case MESSAGE_REQUEST: {
526             if (!ndo->ndo_vflag)
527                 ND_PRINT((ndo, " request"));
528             else {
529                 int rc;
530                 u_char prefix[16], plen;
531                 ND_PRINT((ndo, "\n\tRequest "));
532                 if(len < 2) goto corrupt;
533                 plen = message[3] + (message[2] == 1 ? 96 : 0);
534                 rc = network_prefix(message[2], message[3], 0,
535                                     message + 4, NULL, len - 2, prefix);
536                 if(rc < 0) goto corrupt;
537                 ND_PRINT((ndo, "for %s",
538                        message[2] == 0 ? "any" : format_prefix(ndo, prefix, plen)));
539             }
540         }
541             break;
542 
543         case MESSAGE_MH_REQUEST : {
544             if (!ndo->ndo_vflag)
545                 ND_PRINT((ndo, " mh-request"));
546             else {
547                 int rc;
548                 u_short seqno;
549                 u_char prefix[16], plen;
550                 ND_PRINT((ndo, "\n\tMH-Request "));
551                 if(len < 14) goto corrupt;
552                 seqno = EXTRACT_16BITS(message + 4);
553                 rc = network_prefix(message[2], message[3], 0,
554                                     message + 16, NULL, len - 14, prefix);
555                 if(rc < 0) goto corrupt;
556                 plen = message[3] + (message[2] == 1 ? 96 : 0);
557                 ND_PRINT((ndo, "(%u hops) for %s seqno %u id %s",
558                        message[6], format_prefix(ndo, prefix, plen),
559                        seqno, format_id(message + 8)));
560             }
561         }
562             break;
563         case MESSAGE_TSPC :
564             if (!ndo->ndo_vflag)
565                 ND_PRINT((ndo, " tspc"));
566             else {
567                 ND_PRINT((ndo, "\n\tTS/PC "));
568                 if(len < 6) goto corrupt;
569                 ND_PRINT((ndo, "timestamp %u packetcounter %u", EXTRACT_32BITS (message + 4),
570                        EXTRACT_16BITS(message + 2)));
571             }
572             break;
573         case MESSAGE_HMAC : {
574             if (!ndo->ndo_vflag)
575                 ND_PRINT((ndo, " hmac"));
576             else {
577                 unsigned j;
578                 ND_PRINT((ndo, "\n\tHMAC "));
579                 if(len < 18) goto corrupt;
580                 ND_PRINT((ndo, "key-id %u digest-%u ", EXTRACT_16BITS(message + 2), len - 2));
581                 for (j = 0; j < len - 2; j++)
582                     ND_PRINT((ndo, "%02X", message[4 + j]));
583             }
584         }
585             break;
586         default:
587             if (!ndo->ndo_vflag)
588                 ND_PRINT((ndo, " unknown"));
589             else
590                 ND_PRINT((ndo, "\n\tUnknown message type %d", type));
591         }
592         i += len + 2;
593     }
594     return;
595 
596  trunc:
597     ND_PRINT((ndo, " %s", tstr));
598     return;
599 
600  corrupt:
601     ND_PRINT((ndo, " (corrupt)"));
602     return;
603 }
604