xref: /freebsd/contrib/tcpdump/print-icmp.c (revision 63a938566d524836885917d95bd491aa4400b181)
1 /*
2  * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that: (1) source code distributions
7  * retain the above copyright notice and this paragraph in its entirety, (2)
8  * distributions including binary code include the above copyright notice and
9  * this paragraph in its entirety in the documentation or other materials
10  * provided with the distribution, and (3) all advertising materials mentioning
11  * features or use of this software display the following acknowledgement:
12  * ``This product includes software developed by the University of California,
13  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14  * the University nor the names of its contributors may be used to endorse
15  * or promote products derived from this software without specific prior
16  * written permission.
17  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20  */
21 
22 /* \summary: Internet Control Message Protocol (ICMP) printer */
23 
24 #ifdef HAVE_CONFIG_H
25 #include "config.h"
26 #endif
27 
28 #include <netdissect-stdinc.h>
29 
30 #include <stdio.h>
31 #include <string.h>
32 
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "extract.h"
36 
37 #include "ip.h"
38 #include "udp.h"
39 #include "ipproto.h"
40 #include "mpls.h"
41 
42 /*
43  * Interface Control Message Protocol Definitions.
44  * Per RFC 792, September 1981.
45  */
46 
47 /*
48  * Structure of an icmp header.
49  */
50 struct icmp {
51 	uint8_t  icmp_type;		/* type of message, see below */
52 	uint8_t  icmp_code;		/* type sub code */
53 	uint16_t icmp_cksum;		/* ones complement cksum of struct */
54 	union {
55 		uint8_t ih_pptr;			/* ICMP_PARAMPROB */
56 		struct in_addr ih_gwaddr;	/* ICMP_REDIRECT */
57 		struct ih_idseq {
58 			uint16_t icd_id;
59 			uint16_t icd_seq;
60 		} ih_idseq;
61 		uint32_t ih_void;
62 	} icmp_hun;
63 #define	icmp_pptr	icmp_hun.ih_pptr
64 #define	icmp_gwaddr	icmp_hun.ih_gwaddr
65 #define	icmp_id		icmp_hun.ih_idseq.icd_id
66 #define	icmp_seq	icmp_hun.ih_idseq.icd_seq
67 #define	icmp_void	icmp_hun.ih_void
68 	union {
69 		struct id_ts {
70 			uint32_t its_otime;
71 			uint32_t its_rtime;
72 			uint32_t its_ttime;
73 		} id_ts;
74 		struct id_ip  {
75 			struct ip idi_ip;
76 			/* options and then 64 bits of data */
77 		} id_ip;
78 		uint32_t id_mask;
79 		uint8_t id_data[1];
80 	} icmp_dun;
81 #define	icmp_otime	icmp_dun.id_ts.its_otime
82 #define	icmp_rtime	icmp_dun.id_ts.its_rtime
83 #define	icmp_ttime	icmp_dun.id_ts.its_ttime
84 #define	icmp_ip		icmp_dun.id_ip.idi_ip
85 #define	icmp_mask	icmp_dun.id_mask
86 #define	icmp_data	icmp_dun.id_data
87 };
88 
89 #define ICMP_MPLS_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4)
90 #define ICMP_MPLS_EXT_VERSION 2
91 
92 /*
93  * Lower bounds on packet lengths for various types.
94  * For the error advice packets must first insure that the
95  * packet is large enought to contain the returned ip header.
96  * Only then can we do the check to see if 64 bits of packet
97  * data have been returned, since we need to check the returned
98  * ip header length.
99  */
100 #define	ICMP_MINLEN	8				/* abs minimum */
101 #define ICMP_EXTD_MINLEN (156 - sizeof (struct ip))     /* draft-bonica-internet-icmp-08 */
102 #define	ICMP_TSLEN	(8 + 3 * sizeof (uint32_t))	/* timestamp */
103 #define	ICMP_MASKLEN	12				/* address mask */
104 #define	ICMP_ADVLENMIN	(8 + sizeof (struct ip) + 8)	/* min */
105 #define	ICMP_ADVLEN(p)	(8 + (IP_HL(&(p)->icmp_ip) << 2) + 8)
106 	/* N.B.: must separately check that ip_hl >= 5 */
107 
108 /*
109  * Definition of type and code field values.
110  */
111 #define	ICMP_ECHOREPLY		0		/* echo reply */
112 #define	ICMP_UNREACH		3		/* dest unreachable, codes: */
113 #define		ICMP_UNREACH_NET	0		/* bad net */
114 #define		ICMP_UNREACH_HOST	1		/* bad host */
115 #define		ICMP_UNREACH_PROTOCOL	2		/* bad protocol */
116 #define		ICMP_UNREACH_PORT	3		/* bad port */
117 #define		ICMP_UNREACH_NEEDFRAG	4		/* IP_DF caused drop */
118 #define		ICMP_UNREACH_SRCFAIL	5		/* src route failed */
119 #define		ICMP_UNREACH_NET_UNKNOWN 6		/* unknown net */
120 #define		ICMP_UNREACH_HOST_UNKNOWN 7		/* unknown host */
121 #define		ICMP_UNREACH_ISOLATED	8		/* src host isolated */
122 #define		ICMP_UNREACH_NET_PROHIB	9		/* prohibited access */
123 #define		ICMP_UNREACH_HOST_PROHIB 10		/* ditto */
124 #define		ICMP_UNREACH_TOSNET	11		/* bad tos for net */
125 #define		ICMP_UNREACH_TOSHOST	12		/* bad tos for host */
126 #define	ICMP_SOURCEQUENCH	4		/* packet lost, slow down */
127 #define	ICMP_REDIRECT		5		/* shorter route, codes: */
128 #define		ICMP_REDIRECT_NET	0		/* for network */
129 #define		ICMP_REDIRECT_HOST	1		/* for host */
130 #define		ICMP_REDIRECT_TOSNET	2		/* for tos and net */
131 #define		ICMP_REDIRECT_TOSHOST	3		/* for tos and host */
132 #define	ICMP_ECHO		8		/* echo service */
133 #define	ICMP_ROUTERADVERT	9		/* router advertisement */
134 #define	ICMP_ROUTERSOLICIT	10		/* router solicitation */
135 #define	ICMP_TIMXCEED		11		/* time exceeded, code: */
136 #define		ICMP_TIMXCEED_INTRANS	0		/* ttl==0 in transit */
137 #define		ICMP_TIMXCEED_REASS	1		/* ttl==0 in reass */
138 #define	ICMP_PARAMPROB		12		/* ip header bad */
139 #define		ICMP_PARAMPROB_OPTABSENT 1		/* req. opt. absent */
140 #define	ICMP_TSTAMP		13		/* timestamp request */
141 #define	ICMP_TSTAMPREPLY	14		/* timestamp reply */
142 #define	ICMP_IREQ		15		/* information request */
143 #define	ICMP_IREQREPLY		16		/* information reply */
144 #define	ICMP_MASKREQ		17		/* address mask request */
145 #define	ICMP_MASKREPLY		18		/* address mask reply */
146 
147 #define	ICMP_MAXTYPE		18
148 
149 #define ICMP_ERRTYPE(type) \
150 	((type) == ICMP_UNREACH || (type) == ICMP_SOURCEQUENCH || \
151 	(type) == ICMP_REDIRECT || (type) == ICMP_TIMXCEED || \
152 	(type) == ICMP_PARAMPROB)
153 #define	ICMP_MPLS_EXT_TYPE(type) \
154 	((type) == ICMP_UNREACH || \
155          (type) == ICMP_TIMXCEED || \
156          (type) == ICMP_PARAMPROB)
157 /* rfc1700 */
158 #ifndef ICMP_UNREACH_NET_UNKNOWN
159 #define ICMP_UNREACH_NET_UNKNOWN	6	/* destination net unknown */
160 #endif
161 #ifndef ICMP_UNREACH_HOST_UNKNOWN
162 #define ICMP_UNREACH_HOST_UNKNOWN	7	/* destination host unknown */
163 #endif
164 #ifndef ICMP_UNREACH_ISOLATED
165 #define ICMP_UNREACH_ISOLATED		8	/* source host isolated */
166 #endif
167 #ifndef ICMP_UNREACH_NET_PROHIB
168 #define ICMP_UNREACH_NET_PROHIB		9	/* admin prohibited net */
169 #endif
170 #ifndef ICMP_UNREACH_HOST_PROHIB
171 #define ICMP_UNREACH_HOST_PROHIB	10	/* admin prohibited host */
172 #endif
173 #ifndef ICMP_UNREACH_TOSNET
174 #define ICMP_UNREACH_TOSNET		11	/* tos prohibited net */
175 #endif
176 #ifndef ICMP_UNREACH_TOSHOST
177 #define ICMP_UNREACH_TOSHOST		12	/* tos prohibited host */
178 #endif
179 
180 /* rfc1716 */
181 #ifndef ICMP_UNREACH_FILTER_PROHIB
182 #define ICMP_UNREACH_FILTER_PROHIB	13	/* admin prohibited filter */
183 #endif
184 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
185 #define ICMP_UNREACH_HOST_PRECEDENCE	14	/* host precedence violation */
186 #endif
187 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
188 #define ICMP_UNREACH_PRECEDENCE_CUTOFF	15	/* precedence cutoff */
189 #endif
190 
191 /* Most of the icmp types */
192 static const struct tok icmp2str[] = {
193 	{ ICMP_ECHOREPLY,		"echo reply" },
194 	{ ICMP_SOURCEQUENCH,		"source quench" },
195 	{ ICMP_ECHO,			"echo request" },
196 	{ ICMP_ROUTERSOLICIT,		"router solicitation" },
197 	{ ICMP_TSTAMP,			"time stamp request" },
198 	{ ICMP_TSTAMPREPLY,		"time stamp reply" },
199 	{ ICMP_IREQ,			"information request" },
200 	{ ICMP_IREQREPLY,		"information reply" },
201 	{ ICMP_MASKREQ,			"address mask request" },
202 	{ 0,				NULL }
203 };
204 
205 /* Formats for most of the ICMP_UNREACH codes */
206 static const struct tok unreach2str[] = {
207 	{ ICMP_UNREACH_NET,		"net %s unreachable" },
208 	{ ICMP_UNREACH_HOST,		"host %s unreachable" },
209 	{ ICMP_UNREACH_SRCFAIL,
210 	    "%s unreachable - source route failed" },
211 	{ ICMP_UNREACH_NET_UNKNOWN,	"net %s unreachable - unknown" },
212 	{ ICMP_UNREACH_HOST_UNKNOWN,	"host %s unreachable - unknown" },
213 	{ ICMP_UNREACH_ISOLATED,
214 	    "%s unreachable - source host isolated" },
215 	{ ICMP_UNREACH_NET_PROHIB,
216 	    "net %s unreachable - admin prohibited" },
217 	{ ICMP_UNREACH_HOST_PROHIB,
218 	    "host %s unreachable - admin prohibited" },
219 	{ ICMP_UNREACH_TOSNET,
220 	    "net %s unreachable - tos prohibited" },
221 	{ ICMP_UNREACH_TOSHOST,
222 	    "host %s unreachable - tos prohibited" },
223 	{ ICMP_UNREACH_FILTER_PROHIB,
224 	    "host %s unreachable - admin prohibited filter" },
225 	{ ICMP_UNREACH_HOST_PRECEDENCE,
226 	    "host %s unreachable - host precedence violation" },
227 	{ ICMP_UNREACH_PRECEDENCE_CUTOFF,
228 	    "host %s unreachable - precedence cutoff" },
229 	{ 0,				NULL }
230 };
231 
232 /* Formats for the ICMP_REDIRECT codes */
233 static const struct tok type2str[] = {
234 	{ ICMP_REDIRECT_NET,		"redirect %s to net %s" },
235 	{ ICMP_REDIRECT_HOST,		"redirect %s to host %s" },
236 	{ ICMP_REDIRECT_TOSNET,		"redirect-tos %s to net %s" },
237 	{ ICMP_REDIRECT_TOSHOST,	"redirect-tos %s to host %s" },
238 	{ 0,				NULL }
239 };
240 
241 /* rfc1191 */
242 struct mtu_discovery {
243 	uint16_t unused;
244 	uint16_t nexthopmtu;
245 };
246 
247 /* rfc1256 */
248 struct ih_rdiscovery {
249 	uint8_t ird_addrnum;
250 	uint8_t ird_addrsiz;
251 	uint16_t ird_lifetime;
252 };
253 
254 struct id_rdiscovery {
255 	uint32_t ird_addr;
256 	uint32_t ird_pref;
257 };
258 
259 /*
260  * draft-bonica-internet-icmp-08
261  *
262  * The Destination Unreachable, Time Exceeded
263  * and Parameter Problem messages are slighly changed as per
264  * the above draft. A new Length field gets added to give
265  * the caller an idea about the length of the piggypacked
266  * IP packet before the MPLS extension header starts.
267  *
268  * The Length field represents length of the padded "original datagram"
269  * field  measured in 32-bit words.
270  *
271  * 0                   1                   2                   3
272  * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
273  * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
274  * |     Type      |     Code      |          Checksum             |
275  * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
276  * |     unused    |    Length     |          unused               |
277  * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
278  * |      Internet Header + leading octets of original datagram    |
279  * |                                                               |
280  * |                           //                                  |
281  * |                                                               |
282  * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
283  */
284 
285 struct icmp_ext_t {
286     uint8_t icmp_type;
287     uint8_t icmp_code;
288     uint8_t icmp_checksum[2];
289     uint8_t icmp_reserved;
290     uint8_t icmp_length;
291     uint8_t icmp_reserved2[2];
292     uint8_t icmp_ext_legacy_header[128]; /* extension header starts 128 bytes after ICMP header */
293     uint8_t icmp_ext_version_res[2];
294     uint8_t icmp_ext_checksum[2];
295     uint8_t icmp_ext_data[1];
296 };
297 
298 struct icmp_mpls_ext_object_header_t {
299     uint8_t length[2];
300     uint8_t class_num;
301     uint8_t ctype;
302 };
303 
304 static const struct tok icmp_mpls_ext_obj_values[] = {
305     { 1, "MPLS Stack Entry" },
306     { 2, "Extended Payload" },
307     { 0, NULL}
308 };
309 
310 /* prototypes */
311 const char *icmp_tstamp_print(u_int);
312 
313 /* print the milliseconds since midnight UTC */
314 const char *
315 icmp_tstamp_print(u_int tstamp)
316 {
317     u_int msec,sec,min,hrs;
318 
319     static char buf[64];
320 
321     msec = tstamp % 1000;
322     sec = tstamp / 1000;
323     min = sec / 60; sec -= min * 60;
324     hrs = min / 60; min -= hrs * 60;
325     snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec);
326     return buf;
327 }
328 
329 void
330 icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *bp2,
331            int fragmented)
332 {
333 	char *cp;
334 	const struct icmp *dp;
335         const struct icmp_ext_t *ext_dp;
336 	const struct ip *ip;
337 	const char *str, *fmt;
338 	const struct ip *oip;
339 	const struct udphdr *ouh;
340         const uint8_t *obj_tptr;
341         uint32_t raw_label;
342         const u_char *snapend_save;
343 	const struct icmp_mpls_ext_object_header_t *icmp_mpls_ext_object_header;
344 	u_int hlen, dport, mtu, obj_tlen, obj_class_num, obj_ctype;
345 	char buf[MAXHOSTNAMELEN + 100];
346 	struct cksum_vec vec[1];
347 
348 	dp = (const struct icmp *)bp;
349         ext_dp = (const struct icmp_ext_t *)bp;
350 	ip = (const struct ip *)bp2;
351 	str = buf;
352 
353 	ND_TCHECK(dp->icmp_code);
354 	switch (dp->icmp_type) {
355 
356 	case ICMP_ECHO:
357 	case ICMP_ECHOREPLY:
358 		ND_TCHECK(dp->icmp_seq);
359 		(void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
360                                dp->icmp_type == ICMP_ECHO ?
361                                "request" : "reply",
362                                EXTRACT_16BITS(&dp->icmp_id),
363                                EXTRACT_16BITS(&dp->icmp_seq));
364 		break;
365 
366 	case ICMP_UNREACH:
367 		ND_TCHECK(dp->icmp_ip.ip_dst);
368 		switch (dp->icmp_code) {
369 
370 		case ICMP_UNREACH_PROTOCOL:
371 			ND_TCHECK(dp->icmp_ip.ip_p);
372 			(void)snprintf(buf, sizeof(buf),
373 			    "%s protocol %d unreachable",
374 			    ipaddr_string(ndo, &dp->icmp_ip.ip_dst),
375 			    dp->icmp_ip.ip_p);
376 			break;
377 
378 		case ICMP_UNREACH_PORT:
379 			ND_TCHECK(dp->icmp_ip.ip_p);
380 			oip = &dp->icmp_ip;
381 			hlen = IP_HL(oip) * 4;
382 			ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
383 			ND_TCHECK(ouh->uh_dport);
384 			dport = EXTRACT_16BITS(&ouh->uh_dport);
385 			switch (oip->ip_p) {
386 
387 			case IPPROTO_TCP:
388 				(void)snprintf(buf, sizeof(buf),
389 					"%s tcp port %s unreachable",
390 					ipaddr_string(ndo, &oip->ip_dst),
391 					tcpport_string(ndo, dport));
392 				break;
393 
394 			case IPPROTO_UDP:
395 				(void)snprintf(buf, sizeof(buf),
396 					"%s udp port %s unreachable",
397 					ipaddr_string(ndo, &oip->ip_dst),
398 					udpport_string(ndo, dport));
399 				break;
400 
401 			default:
402 				(void)snprintf(buf, sizeof(buf),
403 					"%s protocol %d port %d unreachable",
404 					ipaddr_string(ndo, &oip->ip_dst),
405 					oip->ip_p, dport);
406 				break;
407 			}
408 			break;
409 
410 		case ICMP_UNREACH_NEEDFRAG:
411 		    {
412 			register const struct mtu_discovery *mp;
413 			mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
414 			mtu = EXTRACT_16BITS(&mp->nexthopmtu);
415 			if (mtu) {
416 				(void)snprintf(buf, sizeof(buf),
417 				    "%s unreachable - need to frag (mtu %d)",
418 				    ipaddr_string(ndo, &dp->icmp_ip.ip_dst), mtu);
419 			} else {
420 				(void)snprintf(buf, sizeof(buf),
421 				    "%s unreachable - need to frag",
422 				    ipaddr_string(ndo, &dp->icmp_ip.ip_dst));
423 			}
424 		    }
425 			break;
426 
427 		default:
428 			fmt = tok2str(unreach2str, "#%d %%s unreachable",
429 			    dp->icmp_code);
430 			(void)snprintf(buf, sizeof(buf), fmt,
431 			    ipaddr_string(ndo, &dp->icmp_ip.ip_dst));
432 			break;
433 		}
434 		break;
435 
436 	case ICMP_REDIRECT:
437 		ND_TCHECK(dp->icmp_ip.ip_dst);
438 		fmt = tok2str(type2str, "redirect-#%d %%s to net %%s",
439 		    dp->icmp_code);
440 		(void)snprintf(buf, sizeof(buf), fmt,
441 		    ipaddr_string(ndo, &dp->icmp_ip.ip_dst),
442 		    ipaddr_string(ndo, &dp->icmp_gwaddr));
443 		break;
444 
445 	case ICMP_ROUTERADVERT:
446 	    {
447 		register const struct ih_rdiscovery *ihp;
448 		register const struct id_rdiscovery *idp;
449 		u_int lifetime, num, size;
450 
451 		(void)snprintf(buf, sizeof(buf), "router advertisement");
452 		cp = buf + strlen(buf);
453 
454 		ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
455 		ND_TCHECK(*ihp);
456 		(void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf));
457 		cp = buf + strlen(buf);
458 		lifetime = EXTRACT_16BITS(&ihp->ird_lifetime);
459 		if (lifetime < 60) {
460 			(void)snprintf(cp, sizeof(buf) - (cp - buf), "%u",
461 			    lifetime);
462 		} else if (lifetime < 60 * 60) {
463 			(void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
464 			    lifetime / 60, lifetime % 60);
465 		} else {
466 			(void)snprintf(cp, sizeof(buf) - (cp - buf),
467 			    "%u:%02u:%02u",
468 			    lifetime / 3600,
469 			    (lifetime % 3600) / 60,
470 			    lifetime % 60);
471 		}
472 		cp = buf + strlen(buf);
473 
474 		num = ihp->ird_addrnum;
475 		(void)snprintf(cp, sizeof(buf) - (cp - buf), " %d:", num);
476 		cp = buf + strlen(buf);
477 
478 		size = ihp->ird_addrsiz;
479 		if (size != 2) {
480 			(void)snprintf(cp, sizeof(buf) - (cp - buf),
481 			    " [size %d]", size);
482 			break;
483 		}
484 		idp = (const struct id_rdiscovery *)&dp->icmp_data;
485 		while (num-- > 0) {
486 			ND_TCHECK(*idp);
487 			(void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
488 			    ipaddr_string(ndo, &idp->ird_addr),
489 			    EXTRACT_32BITS(&idp->ird_pref));
490 			cp = buf + strlen(buf);
491 			++idp;
492 		}
493 	    }
494 		break;
495 
496 	case ICMP_TIMXCEED:
497 		ND_TCHECK(dp->icmp_ip.ip_dst);
498 		switch (dp->icmp_code) {
499 
500 		case ICMP_TIMXCEED_INTRANS:
501 			str = "time exceeded in-transit";
502 			break;
503 
504 		case ICMP_TIMXCEED_REASS:
505 			str = "ip reassembly time exceeded";
506 			break;
507 
508 		default:
509 			(void)snprintf(buf, sizeof(buf), "time exceeded-#%d",
510 			    dp->icmp_code);
511 			break;
512 		}
513 		break;
514 
515 	case ICMP_PARAMPROB:
516 		if (dp->icmp_code)
517 			(void)snprintf(buf, sizeof(buf),
518 			    "parameter problem - code %d", dp->icmp_code);
519 		else {
520 			ND_TCHECK(dp->icmp_pptr);
521 			(void)snprintf(buf, sizeof(buf),
522 			    "parameter problem - octet %d", dp->icmp_pptr);
523 		}
524 		break;
525 
526 	case ICMP_MASKREPLY:
527 		ND_TCHECK(dp->icmp_mask);
528 		(void)snprintf(buf, sizeof(buf), "address mask is 0x%08x",
529 		    EXTRACT_32BITS(&dp->icmp_mask));
530 		break;
531 
532 	case ICMP_TSTAMP:
533 		ND_TCHECK(dp->icmp_seq);
534 		(void)snprintf(buf, sizeof(buf),
535 		    "time stamp query id %u seq %u",
536 		    EXTRACT_16BITS(&dp->icmp_id),
537 		    EXTRACT_16BITS(&dp->icmp_seq));
538 		break;
539 
540 	case ICMP_TSTAMPREPLY:
541 		ND_TCHECK(dp->icmp_ttime);
542 		(void)snprintf(buf, sizeof(buf),
543 		    "time stamp reply id %u seq %u: org %s",
544                                EXTRACT_16BITS(&dp->icmp_id),
545                                EXTRACT_16BITS(&dp->icmp_seq),
546                                icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_otime)));
547 
548                 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
549                          icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_rtime)));
550                 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
551                          icmp_tstamp_print(EXTRACT_32BITS(&dp->icmp_ttime)));
552                 break;
553 
554 	default:
555 		str = tok2str(icmp2str, "type-#%d", dp->icmp_type);
556 		break;
557 	}
558 	ND_PRINT((ndo, "ICMP %s, length %u", str, plen));
559 	if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
560 		uint16_t sum, icmp_sum;
561 
562 		if (ND_TTEST2(*bp, plen)) {
563 			vec[0].ptr = (const uint8_t *)(const void *)dp;
564 			vec[0].len = plen;
565 			sum = in_cksum(vec, 1);
566 			if (sum != 0) {
567 				icmp_sum = EXTRACT_16BITS(&dp->icmp_cksum);
568 				ND_PRINT((ndo, " (wrong icmp cksum %x (->%x)!)",
569 					     icmp_sum,
570 					     in_cksum_shouldbe(icmp_sum, sum)));
571 			}
572 		}
573 	}
574 
575         /*
576          * print the remnants of the IP packet.
577          * save the snaplength as this may get overidden in the IP printer.
578          */
579 	if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(dp->icmp_type)) {
580 		bp += 8;
581 		ND_PRINT((ndo, "\n\t"));
582 		ip = (const struct ip *)bp;
583 		ndo->ndo_snaplen = ndo->ndo_snapend - bp;
584                 snapend_save = ndo->ndo_snapend;
585 		ND_TCHECK_16BITS(&ip->ip_len);
586 		ip_print(ndo, bp, EXTRACT_16BITS(&ip->ip_len));
587                 ndo->ndo_snapend = snapend_save;
588 	}
589 
590         /*
591          * Attempt to decode the MPLS extensions only for some ICMP types.
592          */
593         if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MPLS_EXT_TYPE(dp->icmp_type)) {
594 
595             ND_TCHECK(*ext_dp);
596 
597             /*
598              * Check first if the mpls extension header shows a non-zero length.
599              * If the length field is not set then silently verify the checksum
600              * to check if an extension header is present. This is expedient,
601              * however not all implementations set the length field proper.
602              */
603             if (!ext_dp->icmp_length &&
604                 ND_TTEST2(ext_dp->icmp_ext_version_res, plen - ICMP_EXTD_MINLEN)) {
605                 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
606                 vec[0].len = plen - ICMP_EXTD_MINLEN;
607                 if (in_cksum(vec, 1)) {
608                     return;
609                 }
610             }
611 
612             ND_PRINT((ndo, "\n\tMPLS extension v%u",
613                    ICMP_MPLS_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res))));
614 
615             /*
616              * Sanity checking of the header.
617              */
618             if (ICMP_MPLS_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) !=
619                 ICMP_MPLS_EXT_VERSION) {
620                 ND_PRINT((ndo, " packet not supported"));
621                 return;
622             }
623 
624             hlen = plen - ICMP_EXTD_MINLEN;
625             if (ND_TTEST2(ext_dp->icmp_ext_version_res, hlen)) {
626                 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
627                 vec[0].len = hlen;
628                 ND_PRINT((ndo, ", checksum 0x%04x (%scorrect), length %u",
629                        EXTRACT_16BITS(ext_dp->icmp_ext_checksum),
630                        in_cksum(vec, 1) ? "in" : "",
631                        hlen));
632             }
633 
634             hlen -= 4; /* subtract common header size */
635             obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data;
636 
637             while (hlen > sizeof(struct icmp_mpls_ext_object_header_t)) {
638 
639                 icmp_mpls_ext_object_header = (const struct icmp_mpls_ext_object_header_t *)obj_tptr;
640                 ND_TCHECK(*icmp_mpls_ext_object_header);
641                 obj_tlen = EXTRACT_16BITS(icmp_mpls_ext_object_header->length);
642                 obj_class_num = icmp_mpls_ext_object_header->class_num;
643                 obj_ctype = icmp_mpls_ext_object_header->ctype;
644                 obj_tptr += sizeof(struct icmp_mpls_ext_object_header_t);
645 
646                 ND_PRINT((ndo, "\n\t  %s Object (%u), Class-Type: %u, length %u",
647                        tok2str(icmp_mpls_ext_obj_values,"unknown",obj_class_num),
648                        obj_class_num,
649                        obj_ctype,
650                        obj_tlen));
651 
652                 hlen-=sizeof(struct icmp_mpls_ext_object_header_t); /* length field includes tlv header */
653 
654                 /* infinite loop protection */
655                 if ((obj_class_num == 0) ||
656                     (obj_tlen < sizeof(struct icmp_mpls_ext_object_header_t))) {
657                     return;
658                 }
659                 obj_tlen-=sizeof(struct icmp_mpls_ext_object_header_t);
660 
661                 switch (obj_class_num) {
662                 case 1:
663                     switch(obj_ctype) {
664                     case 1:
665                         ND_TCHECK2(*obj_tptr, 4);
666                         raw_label = EXTRACT_32BITS(obj_tptr);
667                         ND_PRINT((ndo, "\n\t    label %u, exp %u", MPLS_LABEL(raw_label), MPLS_EXP(raw_label)));
668                         if (MPLS_STACK(raw_label))
669                             ND_PRINT((ndo, ", [S]"));
670                         ND_PRINT((ndo, ", ttl %u", MPLS_TTL(raw_label)));
671                         break;
672                     default:
673                         print_unknown_data(ndo, obj_tptr, "\n\t    ", obj_tlen);
674                     }
675                     break;
676 
677                /*
678                 *  FIXME those are the defined objects that lack a decoder
679                 *  you are welcome to contribute code ;-)
680                 */
681                 case 2:
682                 default:
683                     print_unknown_data(ndo, obj_tptr, "\n\t    ", obj_tlen);
684                     break;
685                 }
686                 if (hlen < obj_tlen)
687                     break;
688                 hlen -= obj_tlen;
689                 obj_tptr += obj_tlen;
690             }
691         }
692 
693 	return;
694 trunc:
695 	ND_PRINT((ndo, "[|icmp]"));
696 }
697 /*
698  * Local Variables:
699  * c-style: whitesmith
700  * c-basic-offset: 8
701  * End:
702  */
703