xref: /freebsd/contrib/tcpdump/print-icmp6.c (revision 02e9120893770924227138ba49df1edb3896112a)
1 /*
2  * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that: (1) source code distributions
7  * retain the above copyright notice and this paragraph in its entirety, (2)
8  * distributions including binary code include the above copyright notice and
9  * this paragraph in its entirety in the documentation or other materials
10  * provided with the distribution, and (3) all advertising materials mentioning
11  * features or use of this software display the following acknowledgement:
12  * ``This product includes software developed by the University of California,
13  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14  * the University nor the names of its contributors may be used to endorse
15  * or promote products derived from this software without specific prior
16  * written permission.
17  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20  */
21 
22 /* \summary: IPv6 Internet Control Message Protocol (ICMPv6) printer */
23 
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27 
28 #include "netdissect-stdinc.h"
29 
30 #include <stdio.h>
31 #include <string.h>
32 
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "addrtostr.h"
36 #include "extract.h"
37 
38 #include "ip6.h"
39 #include "ipproto.h"
40 
41 #include "udp.h"
42 #include "ah.h"
43 
44 /*	NetBSD: icmp6.h,v 1.13 2000/08/03 16:30:37 itojun Exp	*/
45 /*	$KAME: icmp6.h,v 1.22 2000/08/03 15:25:16 jinmei Exp $	*/
46 
47 /*
48  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
49  * All rights reserved.
50  *
51  * Redistribution and use in source and binary forms, with or without
52  * modification, are permitted provided that the following conditions
53  * are met:
54  * 1. Redistributions of source code must retain the above copyright
55  *    notice, this list of conditions and the following disclaimer.
56  * 2. Redistributions in binary form must reproduce the above copyright
57  *    notice, this list of conditions and the following disclaimer in the
58  *    documentation and/or other materials provided with the distribution.
59  * 3. Neither the name of the project nor the names of its contributors
60  *    may be used to endorse or promote products derived from this software
61  *    without specific prior written permission.
62  *
63  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
64  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
65  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
66  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
67  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
68  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
69  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
70  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
71  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
72  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
73  * SUCH DAMAGE.
74  */
75 
76 struct icmp6_hdr {
77 	nd_uint8_t	icmp6_type;	/* type field */
78 	nd_uint8_t	icmp6_code;	/* code field */
79 	nd_uint16_t	icmp6_cksum;	/* checksum field */
80 	union {
81 		nd_uint32_t	icmp6_un_data32[1]; /* type-specific field */
82 		nd_uint16_t	icmp6_un_data16[2]; /* type-specific field */
83 		nd_uint8_t	icmp6_un_data8[4];  /* type-specific field */
84 		nd_byte		icmp6_un_data[1];   /* type-specific field */
85 	} icmp6_dataun;
86 };
87 
88 #define icmp6_data32	icmp6_dataun.icmp6_un_data32
89 #define icmp6_data16	icmp6_dataun.icmp6_un_data16
90 #define icmp6_data8	icmp6_dataun.icmp6_un_data8
91 #define icmp6_data	icmp6_dataun.icmp6_un_data
92 #define icmp6_pptr	icmp6_data32[0]		/* parameter prob */
93 #define icmp6_mtu	icmp6_data32[0]		/* packet too big */
94 #define icmp6_id	icmp6_data16[0]		/* echo request/reply */
95 #define icmp6_seq	icmp6_data16[1]		/* echo request/reply */
96 #define icmp6_maxdelay	icmp6_data16[0]		/* mcast group membership */
97 
98 #define ICMP6_DST_UNREACH		1	/* dest unreachable, codes: */
99 #define ICMP6_PACKET_TOO_BIG		2	/* packet too big */
100 #define ICMP6_TIME_EXCEEDED		3	/* time exceeded, code: */
101 #define ICMP6_PARAM_PROB		4	/* ip6 header bad */
102 
103 #define ICMP6_ECHO_REQUEST		128	/* echo service */
104 #define ICMP6_ECHO_REPLY		129	/* echo reply */
105 #define ICMP6_MEMBERSHIP_QUERY		130	/* group membership query */
106 #define MLD6_LISTENER_QUERY		130	/* multicast listener query */
107 #define ICMP6_MEMBERSHIP_REPORT		131	/* group membership report */
108 #define MLD6_LISTENER_REPORT		131	/* multicast listener report */
109 #define ICMP6_MEMBERSHIP_REDUCTION	132	/* group membership termination */
110 #define MLD6_LISTENER_DONE		132	/* multicast listener done */
111 
112 #define ND_ROUTER_SOLICIT		133	/* router solicitation */
113 #define ND_ROUTER_ADVERT		134	/* router advertisement */
114 #define ND_NEIGHBOR_SOLICIT		135	/* neighbor solicitation */
115 #define ND_NEIGHBOR_ADVERT		136	/* neighbor advertisement */
116 #define ND_REDIRECT			137	/* redirect */
117 
118 #define ICMP6_ROUTER_RENUMBERING	138	/* router renumbering */
119 
120 #define ICMP6_WRUREQUEST		139	/* who are you request */
121 #define ICMP6_WRUREPLY			140	/* who are you reply */
122 #define ICMP6_FQDN_QUERY		139	/* FQDN query */
123 #define ICMP6_FQDN_REPLY		140	/* FQDN reply */
124 #define ICMP6_NI_QUERY			139	/* node information request - RFC 4620 */
125 #define ICMP6_NI_REPLY			140	/* node information reply - RFC 4620 */
126 #define IND_SOLICIT			141	/* inverse neighbor solicitation */
127 #define IND_ADVERT			142	/* inverse neighbor advertisement */
128 
129 #define ICMP6_V2_MEMBERSHIP_REPORT	143	/* v2 membership report */
130 #define MLDV2_LISTENER_REPORT		143	/* v2 multicast listener report */
131 #define ICMP6_HADISCOV_REQUEST		144
132 #define ICMP6_HADISCOV_REPLY		145
133 #define ICMP6_MOBILEPREFIX_SOLICIT	146
134 #define ICMP6_MOBILEPREFIX_ADVERT	147
135 
136 #define MLD6_MTRACE_RESP		200	/* mtrace response(to sender) */
137 #define MLD6_MTRACE			201	/* mtrace messages */
138 
139 #define ICMP6_MAXTYPE			201
140 
141 #define ICMP6_DST_UNREACH_NOROUTE	0	/* no route to destination */
142 #define ICMP6_DST_UNREACH_ADMIN		1	/* administratively prohibited */
143 #define ICMP6_DST_UNREACH_NOTNEIGHBOR	2	/* not a neighbor(obsolete) */
144 #define ICMP6_DST_UNREACH_BEYONDSCOPE	2	/* beyond scope of source address */
145 #define ICMP6_DST_UNREACH_ADDR		3	/* address unreachable */
146 #define ICMP6_DST_UNREACH_NOPORT	4	/* port unreachable */
147 
148 #define ICMP6_TIME_EXCEED_TRANSIT	0	/* ttl==0 in transit */
149 #define ICMP6_TIME_EXCEED_REASSEMBLY	1	/* ttl==0 in reass */
150 
151 #define ICMP6_PARAMPROB_HEADER		0	/* erroneous header field */
152 #define ICMP6_PARAMPROB_NEXTHEADER	1	/* unrecognized next header */
153 #define ICMP6_PARAMPROB_OPTION		2	/* unrecognized option */
154 #define ICMP6_PARAMPROB_FRAGHDRCHAIN	3	/* incomplete header chain */
155 
156 #define ICMP6_INFOMSG_MASK		0x80	/* all informational messages */
157 
158 #define ICMP6_NI_SUBJ_IPV6	0	/* Query Subject is an IPv6 address */
159 #define ICMP6_NI_SUBJ_FQDN	1	/* Query Subject is a Domain name */
160 #define ICMP6_NI_SUBJ_IPV4	2	/* Query Subject is an IPv4 address */
161 
162 #define ICMP6_NI_SUCCESS	0	/* node information successful reply */
163 #define ICMP6_NI_REFUSED	1	/* node information request is refused */
164 #define ICMP6_NI_UNKNOWN	2	/* unknown Qtype */
165 
166 #define ICMP6_ROUTER_RENUMBERING_COMMAND  0	/* rr command */
167 #define ICMP6_ROUTER_RENUMBERING_RESULT   1	/* rr result */
168 #define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET   255	/* rr seq num reset */
169 
170 /* Used in kernel only */
171 #define ND_REDIRECT_ONLINK	0	/* redirect to an on-link node */
172 #define ND_REDIRECT_ROUTER	1	/* redirect to a better router */
173 
174 /*
175  * Multicast Listener Discovery
176  */
177 struct mld6_hdr {
178 	struct icmp6_hdr	mld6_hdr;
179 	nd_ipv6			mld6_addr; /* multicast address */
180 };
181 
182 #define mld6_type	mld6_hdr.icmp6_type
183 #define mld6_code	mld6_hdr.icmp6_code
184 #define mld6_cksum	mld6_hdr.icmp6_cksum
185 #define mld6_maxdelay	mld6_hdr.icmp6_data16[0]
186 #define mld6_reserved	mld6_hdr.icmp6_data16[1]
187 
188 #define MLD_MINLEN	24
189 #define MLDV2_MINLEN	28
190 
191 /*
192  * Neighbor Discovery
193  */
194 
195 struct nd_router_solicit {	/* router solicitation */
196 	struct icmp6_hdr	nd_rs_hdr;
197 	/* could be followed by options */
198 };
199 
200 #define nd_rs_type	nd_rs_hdr.icmp6_type
201 #define nd_rs_code	nd_rs_hdr.icmp6_code
202 #define nd_rs_cksum	nd_rs_hdr.icmp6_cksum
203 #define nd_rs_reserved	nd_rs_hdr.icmp6_data32[0]
204 
205 struct nd_router_advert {	/* router advertisement */
206 	struct icmp6_hdr	nd_ra_hdr;
207 	nd_uint32_t		nd_ra_reachable;	/* reachable time */
208 	nd_uint32_t		nd_ra_retransmit;	/* retransmit timer */
209 	/* could be followed by options */
210 };
211 
212 #define nd_ra_type		nd_ra_hdr.icmp6_type
213 #define nd_ra_code		nd_ra_hdr.icmp6_code
214 #define nd_ra_cksum		nd_ra_hdr.icmp6_cksum
215 #define nd_ra_curhoplimit	nd_ra_hdr.icmp6_data8[0]
216 #define nd_ra_flags_reserved	nd_ra_hdr.icmp6_data8[1]
217 #define ND_RA_FLAG_MANAGED	0x80
218 #define ND_RA_FLAG_OTHER	0x40
219 #define ND_RA_FLAG_HOME_AGENT	0x20
220 #define ND_RA_FLAG_IPV6ONLY	0x02
221 
222 /*
223  * Router preference values based on draft-draves-ipngwg-router-selection-01.
224  * These are non-standard definitions.
225  */
226 #define ND_RA_FLAG_RTPREF_MASK	0x18 /* 00011000 */
227 
228 #define ND_RA_FLAG_RTPREF_HIGH	0x08 /* 00001000 */
229 #define ND_RA_FLAG_RTPREF_MEDIUM	0x00 /* 00000000 */
230 #define ND_RA_FLAG_RTPREF_LOW	0x18 /* 00011000 */
231 #define ND_RA_FLAG_RTPREF_RSV	0x10 /* 00010000 */
232 
233 #define nd_ra_router_lifetime	nd_ra_hdr.icmp6_data16[1]
234 
235 struct nd_neighbor_solicit {	/* neighbor solicitation */
236 	struct icmp6_hdr	nd_ns_hdr;
237 	nd_ipv6			nd_ns_target;	/*target address */
238 	/* could be followed by options */
239 };
240 
241 #define nd_ns_type		nd_ns_hdr.icmp6_type
242 #define nd_ns_code		nd_ns_hdr.icmp6_code
243 #define nd_ns_cksum		nd_ns_hdr.icmp6_cksum
244 #define nd_ns_reserved		nd_ns_hdr.icmp6_data32[0]
245 
246 struct nd_neighbor_advert {	/* neighbor advertisement */
247 	struct icmp6_hdr	nd_na_hdr;
248 	nd_ipv6			nd_na_target;	/* target address */
249 	/* could be followed by options */
250 };
251 
252 #define nd_na_type		nd_na_hdr.icmp6_type
253 #define nd_na_code		nd_na_hdr.icmp6_code
254 #define nd_na_cksum		nd_na_hdr.icmp6_cksum
255 #define nd_na_flags_reserved	nd_na_hdr.icmp6_data32[0]
256 
257 #define ND_NA_FLAG_ROUTER		0x80000000
258 #define ND_NA_FLAG_SOLICITED		0x40000000
259 #define ND_NA_FLAG_OVERRIDE		0x20000000
260 
261 struct nd_redirect {		/* redirect */
262 	struct icmp6_hdr	nd_rd_hdr;
263 	nd_ipv6			nd_rd_target;	/* target address */
264 	nd_ipv6			nd_rd_dst;	/* destination address */
265 	/* could be followed by options */
266 };
267 
268 #define nd_rd_type		nd_rd_hdr.icmp6_type
269 #define nd_rd_code		nd_rd_hdr.icmp6_code
270 #define nd_rd_cksum		nd_rd_hdr.icmp6_cksum
271 #define nd_rd_reserved		nd_rd_hdr.icmp6_data32[0]
272 
273 struct nd_opt_hdr {		/* Neighbor discovery option header */
274 	nd_uint8_t	nd_opt_type;
275 	nd_uint8_t	nd_opt_len;
276 	/* followed by option specific data*/
277 };
278 
279 #define ND_OPT_SOURCE_LINKADDR		1
280 #define ND_OPT_TARGET_LINKADDR		2
281 #define ND_OPT_PREFIX_INFORMATION	3
282 #define ND_OPT_REDIRECTED_HEADER	4
283 #define ND_OPT_MTU			5
284 #define ND_OPT_ADVINTERVAL		7
285 #define ND_OPT_HOMEAGENT_INFO		8
286 #define ND_OPT_ROUTE_INFO		24	/* RFC4191 */
287 #define ND_OPT_RDNSS			25
288 #define ND_OPT_DNSSL			31
289 
290 struct nd_opt_prefix_info {	/* prefix information */
291 	nd_uint8_t	nd_opt_pi_type;
292 	nd_uint8_t	nd_opt_pi_len;
293 	nd_uint8_t	nd_opt_pi_prefix_len;
294 	nd_uint8_t	nd_opt_pi_flags_reserved;
295 	nd_uint32_t	nd_opt_pi_valid_time;
296 	nd_uint32_t	nd_opt_pi_preferred_time;
297 	nd_uint32_t	nd_opt_pi_reserved2;
298 	nd_ipv6		nd_opt_pi_prefix;
299 };
300 
301 #define ND_OPT_PI_FLAG_ONLINK		0x80
302 #define ND_OPT_PI_FLAG_AUTO		0x40
303 #define ND_OPT_PI_FLAG_ROUTER		0x20	/*2292bis*/
304 
305 struct nd_opt_rd_hdr {         /* redirected header */
306 	nd_uint8_t	nd_opt_rh_type;
307 	nd_uint8_t	nd_opt_rh_len;
308 	nd_uint16_t	nd_opt_rh_reserved1;
309 	nd_uint32_t	nd_opt_rh_reserved2;
310 	/* followed by IP header and data */
311 };
312 
313 struct nd_opt_mtu {		/* MTU option */
314 	nd_uint8_t	nd_opt_mtu_type;
315 	nd_uint8_t	nd_opt_mtu_len;
316 	nd_uint16_t	nd_opt_mtu_reserved;
317 	nd_uint32_t	nd_opt_mtu_mtu;
318 };
319 
320 struct nd_opt_rdnss {		/* RDNSS RFC 6106 5.1 */
321 	nd_uint8_t	nd_opt_rdnss_type;
322 	nd_uint8_t	nd_opt_rdnss_len;
323 	nd_uint16_t	nd_opt_rdnss_reserved;
324 	nd_uint32_t	nd_opt_rdnss_lifetime;
325 	nd_ipv6		nd_opt_rdnss_addr[1];	/* variable-length */
326 };
327 
328 struct nd_opt_dnssl {		/* DNSSL RFC 6106 5.2 */
329 	nd_uint8_t  nd_opt_dnssl_type;
330 	nd_uint8_t  nd_opt_dnssl_len;
331 	nd_uint16_t nd_opt_dnssl_reserved;
332 	nd_uint32_t nd_opt_dnssl_lifetime;
333 	/* followed by list of DNS search domains, variable-length */
334 };
335 
336 struct nd_opt_advinterval {	/* Advertisement interval option */
337 	nd_uint8_t	nd_opt_adv_type;
338 	nd_uint8_t	nd_opt_adv_len;
339 	nd_uint16_t	nd_opt_adv_reserved;
340 	nd_uint32_t	nd_opt_adv_interval;
341 };
342 
343 struct nd_opt_homeagent_info {	/* Home Agent info */
344 	nd_uint8_t	nd_opt_hai_type;
345 	nd_uint8_t	nd_opt_hai_len;
346 	nd_uint16_t	nd_opt_hai_reserved;
347 	nd_uint16_t	nd_opt_hai_preference;
348 	nd_uint16_t	nd_opt_hai_lifetime;
349 };
350 
351 struct nd_opt_route_info {	/* route info */
352 	nd_uint8_t	nd_opt_rti_type;
353 	nd_uint8_t	nd_opt_rti_len;
354 	nd_uint8_t	nd_opt_rti_prefixlen;
355 	nd_uint8_t	nd_opt_rti_flags;
356 	nd_uint32_t	nd_opt_rti_lifetime;
357 	/* prefix follows */
358 };
359 
360 /*
361  * icmp6 namelookup
362  */
363 
364 struct icmp6_namelookup {
365 	struct icmp6_hdr	icmp6_nl_hdr;
366 	nd_byte			icmp6_nl_nonce[8];
367 	nd_int32_t		icmp6_nl_ttl;
368 #if 0
369 	nd_uint8_t		icmp6_nl_len;
370 	nd_byte			icmp6_nl_name[3];
371 #endif
372 	/* could be followed by options */
373 };
374 
375 /*
376  * icmp6 node information
377  */
378 struct icmp6_nodeinfo {
379 	struct icmp6_hdr icmp6_ni_hdr;
380 	nd_byte icmp6_ni_nonce[8];
381 	/* could be followed by reply data */
382 };
383 
384 #define ni_type		icmp6_ni_hdr.icmp6_type
385 #define ni_code		icmp6_ni_hdr.icmp6_code
386 #define ni_cksum	icmp6_ni_hdr.icmp6_cksum
387 #define ni_qtype	icmp6_ni_hdr.icmp6_data16[0]
388 #define ni_flags	icmp6_ni_hdr.icmp6_data16[1]
389 
390 #define NI_QTYPE_NOOP		0 /* NOOP  */
391 #define NI_QTYPE_SUPTYPES	1 /* Supported Qtypes (drafts up to 09) */
392 #define NI_QTYPE_FQDN		2 /* FQDN (draft 04) */
393 #define NI_QTYPE_DNSNAME	2 /* DNS Name */
394 #define NI_QTYPE_NODEADDR	3 /* Node Addresses */
395 #define NI_QTYPE_IPV4ADDR	4 /* IPv4 Addresses */
396 
397 #define NI_NODEADDR_FLAG_TRUNCATE	0x0001
398 #define NI_NODEADDR_FLAG_ALL		0x0002
399 #define NI_NODEADDR_FLAG_COMPAT		0x0004
400 #define NI_NODEADDR_FLAG_LINKLOCAL	0x0008
401 #define NI_NODEADDR_FLAG_SITELOCAL	0x0010
402 #define NI_NODEADDR_FLAG_GLOBAL		0x0020
403 #define NI_NODEADDR_FLAG_ANYCAST	0x0040 /* just experimental. not in spec */
404 
405 struct ni_reply_fqdn {
406 	nd_uint32_t ni_fqdn_ttl;	/* TTL */
407 	nd_uint8_t ni_fqdn_namelen; /* length in octets of the FQDN */
408 	nd_byte ni_fqdn_name[3]; /* XXX: alignment */
409 };
410 
411 /*
412  * Router Renumbering. as router-renum-08.txt
413  */
414 struct icmp6_router_renum {	/* router renumbering header */
415 	struct icmp6_hdr	rr_hdr;
416 	nd_uint8_t		rr_segnum;
417 	nd_uint8_t		rr_flags;
418 	nd_uint16_t		rr_maxdelay;
419 	nd_uint32_t		rr_reserved;
420 };
421 #define ICMP6_RR_FLAGS_TEST		0x80
422 #define ICMP6_RR_FLAGS_REQRESULT	0x40
423 #define ICMP6_RR_FLAGS_FORCEAPPLY	0x20
424 #define ICMP6_RR_FLAGS_SPECSITE		0x10
425 #define ICMP6_RR_FLAGS_PREVDONE		0x08
426 
427 #define rr_type		rr_hdr.icmp6_type
428 #define rr_code		rr_hdr.icmp6_code
429 #define rr_cksum	rr_hdr.icmp6_cksum
430 #define rr_seqnum	rr_hdr.icmp6_data32[0]
431 
432 struct rr_pco_match {		/* match prefix part */
433 	nd_uint8_t		rpm_code;
434 	nd_uint8_t		rpm_len;
435 	nd_uint8_t		rpm_ordinal;
436 	nd_uint8_t		rpm_matchlen;
437 	nd_uint8_t		rpm_minlen;
438 	nd_uint8_t		rpm_maxlen;
439 	nd_uint16_t		rpm_reserved;
440 	nd_ipv6			rpm_prefix;
441 };
442 
443 #define RPM_PCO_ADD		1
444 #define RPM_PCO_CHANGE		2
445 #define RPM_PCO_SETGLOBAL	3
446 #define RPM_PCO_MAX		4
447 
448 struct rr_pco_use {		/* use prefix part */
449 	nd_uint8_t	rpu_uselen;
450 	nd_uint8_t	rpu_keeplen;
451 	nd_uint8_t	rpu_ramask;
452 	nd_uint8_t	rpu_raflags;
453 	nd_uint32_t	rpu_vltime;
454 	nd_uint32_t	rpu_pltime;
455 	nd_uint32_t	rpu_flags;
456 	nd_ipv6		rpu_prefix;
457 };
458 #define ICMP6_RR_PCOUSE_RAFLAGS_ONLINK	0x80
459 #define ICMP6_RR_PCOUSE_RAFLAGS_AUTO	0x40
460 
461 /* network endian */
462 #define ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME     ((uint32_t)htonl(0x80000000))
463 #define ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME     ((uint32_t)htonl(0x40000000))
464 
465 struct rr_result {		/* router renumbering result message */
466 	nd_uint16_t	rrr_flags;
467 	nd_uint8_t	rrr_ordinal;
468 	nd_uint8_t	rrr_matchedlen;
469 	nd_uint32_t	rrr_ifid;
470 	nd_ipv6		rrr_prefix;
471 };
472 /* network endian */
473 #define ICMP6_RR_RESULT_FLAGS_OOB		((uint16_t)htons(0x0002))
474 #define ICMP6_RR_RESULT_FLAGS_FORBIDDEN		((uint16_t)htons(0x0001))
475 
476 static const char *get_rtpref(u_int);
477 static const char *get_lifetime(uint32_t);
478 static void print_lladdr(netdissect_options *ndo, const u_char *, size_t);
479 static int icmp6_opt_print(netdissect_options *ndo, const u_char *, int);
480 static void mld6_print(netdissect_options *ndo, const u_char *);
481 static void mldv2_report_print(netdissect_options *ndo, const u_char *, u_int);
482 static void mldv2_query_print(netdissect_options *ndo, const u_char *, u_int);
483 static const struct udphdr *get_upperlayer(netdissect_options *ndo, const u_char *, u_int *);
484 static void dnsname_print(netdissect_options *ndo, const u_char *, const u_char *);
485 static void icmp6_nodeinfo_print(netdissect_options *ndo, u_int, const u_char *, const u_char *);
486 static void icmp6_rrenum_print(netdissect_options *ndo, const u_char *, const u_char *);
487 
488 /*
489  * DIO: Updated to RFC6550, as published in 2012: section 6. (page 30)
490  */
491 
492 #define ND_RPL_MESSAGE 155  /* 0x9B */
493 
494 enum ND_RPL_CODE {
495     ND_RPL_DAG_IS=0x00,
496     ND_RPL_DAG_IO=0x01,
497     ND_RPL_DAO   =0x02,
498     ND_RPL_DAO_ACK=0x03,
499     ND_RPL_SEC_DAG_IS = 0x80,
500     ND_RPL_SEC_DAG_IO = 0x81,
501     ND_RPL_SEC_DAG    = 0x82,
502     ND_RPL_SEC_DAG_ACK= 0x83,
503     ND_RPL_SEC_CONSIST= 0x8A
504 };
505 
506 enum ND_RPL_DIO_FLAGS {
507         ND_RPL_DIO_GROUNDED = 0x80,
508         ND_RPL_DIO_DATRIG   = 0x40,
509         ND_RPL_DIO_DASUPPORT= 0x20,
510         ND_RPL_DIO_RES4     = 0x10,
511         ND_RPL_DIO_RES3     = 0x08,
512         ND_RPL_DIO_PRF_MASK = 0x07  /* 3-bit preference */
513 };
514 
515 #define DAGID_LEN 16
516 
517 /* section 6 of draft-ietf-roll-rpl-19 */
518 struct nd_rpl_security {
519     nd_uint8_t  rpl_sec_t_reserved;     /* bit 7 is T-bit */
520     nd_uint8_t  rpl_sec_algo;
521     nd_uint16_t rpl_sec_kim_lvl_flags;  /* bit 15/14, KIM */
522                                       /* bit 10-8, LVL, bit 7-0 flags */
523     nd_uint32_t rpl_sec_counter;
524 #if 0
525     nd_byte     rpl_sec_ki[0];          /* depends upon kim */
526 #endif
527 };
528 
529 /* section 6.2.1, DODAG Information Solication (DIS_IS) */
530 struct nd_rpl_dis_is {
531     nd_uint8_t rpl_dis_flags;
532     nd_uint8_t rpl_dis_reserved;
533 #if 0
534     nd_byte    rpl_dis_options[0];
535 #endif
536 };
537 
538 /* section 6.3.1, DODAG Information Object (DIO) */
539 struct nd_rpl_dio {
540     nd_uint8_t  rpl_instanceid;
541     nd_uint8_t  rpl_version;
542     nd_uint16_t rpl_dagrank;
543     nd_uint8_t  rpl_mopprf;   /* bit 7=G, 5-3=MOP, 2-0=PRF */
544     nd_uint8_t  rpl_dtsn;     /* Dest. Advertisement Trigger Sequence Number */
545     nd_uint8_t  rpl_flags;    /* no flags defined yet */
546     nd_uint8_t  rpl_resv1;
547     nd_byte     rpl_dagid[DAGID_LEN];
548 };
549 #define RPL_DIO_GROUND_FLAG 0x80
550 #define RPL_DIO_MOP_SHIFT   3
551 #define RPL_DIO_MOP_MASK    (7 << RPL_DIO_MOP_SHIFT)
552 #define RPL_DIO_PRF_SHIFT   0
553 #define RPL_DIO_PRF_MASK    (7 << RPL_DIO_PRF_SHIFT)
554 #define RPL_DIO_GROUNDED(X) ((X)&RPL_DIO_GROUND_FLAG)
555 #define RPL_DIO_MOP(X)      (enum RPL_DIO_MOP)(((X)&RPL_DIO_MOP_MASK) >> RPL_DIO_MOP_SHIFT)
556 #define RPL_DIO_PRF(X)      (((X)&RPL_DIO_PRF_MASK) >> RPL_DIO_PRF_SHIFT)
557 
558 enum RPL_DIO_MOP {
559     RPL_DIO_NONSTORING= 0x0,
560     RPL_DIO_STORING   = 0x1,
561     RPL_DIO_NONSTORING_MULTICAST = 0x2,
562     RPL_DIO_STORING_MULTICAST    = 0x3
563 };
564 
565 enum RPL_SUBOPT {
566         RPL_OPT_PAD1        = 0,
567         RPL_OPT_PADN        = 1,
568         RPL_DIO_METRICS     = 2,
569         RPL_DIO_ROUTINGINFO = 3,
570         RPL_DIO_CONFIG      = 4,
571         RPL_DAO_RPLTARGET   = 5,
572         RPL_DAO_TRANSITINFO = 6,
573         RPL_DIO_DESTPREFIX  = 8,
574         RPL_DAO_RPLTARGET_DESC=9
575 };
576 
577 struct rpl_genoption {
578     nd_uint8_t rpl_dio_type;
579     nd_uint8_t rpl_dio_len;        /* suboption length, not including type/len */
580 };
581 #define RPL_GENOPTION_LEN	2
582 
583 #define RPL_DIO_LIFETIME_INFINITE   0xffffffff
584 #define RPL_DIO_LIFETIME_DISCONNECT 0
585 
586 struct rpl_dio_destprefix {
587     nd_uint8_t rpl_dio_type;
588     nd_uint8_t rpl_dio_len;
589     nd_uint8_t rpl_dio_prefixlen;        /* in bits */
590     nd_uint8_t rpl_dio_prf;              /* flags, including Route Preference */
591     nd_uint32_t rpl_dio_prefixlifetime;  /* in seconds */
592 #if 0
593     nd_byte     rpl_dio_prefix[0];       /* variable number of bytes */
594 #endif
595 };
596 
597 /* section 6.4.1, DODAG Information Object (DIO) */
598 struct nd_rpl_dao {
599     nd_uint8_t  rpl_instanceid;
600     nd_uint8_t  rpl_flags;      /* bit 7=K, 6=D */
601     nd_uint8_t  rpl_resv;
602     nd_uint8_t  rpl_daoseq;
603     nd_byte     rpl_dagid[DAGID_LEN];   /* present when D set. */
604 };
605 #define ND_RPL_DAO_MIN_LEN	4	/* length without DAGID */
606 
607 /* indicates if this DAO is to be acK'ed */
608 #define RPL_DAO_K_SHIFT   7
609 #define RPL_DAO_K_MASK    (1 << RPL_DAO_K_SHIFT)
610 #define RPL_DAO_K(X)      (((X)&RPL_DAO_K_MASK) >> RPL_DAO_K_SHIFT)
611 
612 /* indicates if the DAGID is present */
613 #define RPL_DAO_D_SHIFT   6
614 #define RPL_DAO_D_MASK    (1 << RPL_DAO_D_SHIFT)
615 #define RPL_DAO_D(X)      (((X)&RPL_DAO_D_MASK) >> RPL_DAO_D_SHIFT)
616 
617 struct rpl_dao_target {
618     nd_uint8_t rpl_dao_type;
619     nd_uint8_t rpl_dao_len;
620     nd_uint8_t rpl_dao_flags;            /* unused */
621     nd_uint8_t rpl_dao_prefixlen;        /* in bits */
622 #if 0
623     nd_byte    rpl_dao_prefix[0];        /* variable number of bytes */
624 #endif
625 };
626 
627 /* section 6.5.1, Destination Advertisement Object Acknowledgement (DAO-ACK) */
628 struct nd_rpl_daoack {
629     nd_uint8_t  rpl_instanceid;
630     nd_uint8_t  rpl_flags;      /* bit 7=D */
631     nd_uint8_t  rpl_daoseq;
632     nd_uint8_t  rpl_status;
633     nd_byte     rpl_dagid[DAGID_LEN];   /* present when D set. */
634 };
635 #define ND_RPL_DAOACK_MIN_LEN	4	/* length without DAGID */
636 /* indicates if the DAGID is present */
637 #define RPL_DAOACK_D_SHIFT   7
638 #define RPL_DAOACK_D_MASK    (1 << RPL_DAOACK_D_SHIFT)
639 #define RPL_DAOACK_D(X)      (((X)&RPL_DAOACK_D_MASK) >> RPL_DAOACK_D_SHIFT)
640 
641 static const struct tok icmp6_type_values[] = {
642     { ICMP6_DST_UNREACH, "destination unreachable"},
643     { ICMP6_PACKET_TOO_BIG, "packet too big"},
644     { ICMP6_TIME_EXCEEDED, "time exceeded in-transit"},
645     { ICMP6_PARAM_PROB, "parameter problem"},
646     { ICMP6_ECHO_REQUEST, "echo request"},
647     { ICMP6_ECHO_REPLY, "echo reply"},
648     { MLD6_LISTENER_QUERY, "multicast listener query"},
649     { MLD6_LISTENER_REPORT, "multicast listener report"},
650     { MLD6_LISTENER_DONE, "multicast listener done"},
651     { ND_ROUTER_SOLICIT, "router solicitation"},
652     { ND_ROUTER_ADVERT, "router advertisement"},
653     { ND_NEIGHBOR_SOLICIT, "neighbor solicitation"},
654     { ND_NEIGHBOR_ADVERT, "neighbor advertisement"},
655     { ND_REDIRECT, "redirect"},
656     { ICMP6_ROUTER_RENUMBERING, "router renumbering"},
657     { IND_SOLICIT, "inverse neighbor solicitation"},
658     { IND_ADVERT, "inverse neighbor advertisement"},
659     { MLDV2_LISTENER_REPORT, "multicast listener report v2"},
660     { ICMP6_HADISCOV_REQUEST, "ha discovery request"},
661     { ICMP6_HADISCOV_REPLY, "ha discovery reply"},
662     { ICMP6_MOBILEPREFIX_SOLICIT, "mobile router solicitation"},
663     { ICMP6_MOBILEPREFIX_ADVERT, "mobile router advertisement"},
664     { ICMP6_WRUREQUEST, "who-are-you request"},
665     { ICMP6_WRUREPLY, "who-are-you reply"},
666     { ICMP6_NI_QUERY, "node information query"},
667     { ICMP6_NI_REPLY, "node information reply"},
668     { MLD6_MTRACE, "mtrace message"},
669     { MLD6_MTRACE_RESP, "mtrace response"},
670     { ND_RPL_MESSAGE,   "RPL"},
671     { 0,	NULL }
672 };
673 
674 static const struct tok icmp6_dst_unreach_code_values[] = {
675     { ICMP6_DST_UNREACH_NOROUTE, "unreachable route" },
676     { ICMP6_DST_UNREACH_ADMIN, " unreachable prohibited"},
677     { ICMP6_DST_UNREACH_BEYONDSCOPE, "beyond scope"},
678     { ICMP6_DST_UNREACH_ADDR, "unreachable address"},
679     { ICMP6_DST_UNREACH_NOPORT, "unreachable port"},
680     { 0,	NULL }
681 };
682 
683 static const struct tok icmp6_opt_pi_flag_values[] = {
684     { ND_OPT_PI_FLAG_ONLINK, "onlink" },
685     { ND_OPT_PI_FLAG_AUTO, "auto" },
686     { ND_OPT_PI_FLAG_ROUTER, "router" },
687     { 0,	NULL }
688 };
689 
690 static const struct tok icmp6_opt_ra_flag_values[] = {
691     { ND_RA_FLAG_MANAGED, "managed" },
692     { ND_RA_FLAG_OTHER, "other stateful"},
693     { ND_RA_FLAG_HOME_AGENT, "home agent"},
694     { ND_RA_FLAG_IPV6ONLY, "ipv6 only"},
695     { 0,	NULL }
696 };
697 
698 static const struct tok icmp6_nd_na_flag_values[] = {
699     { ND_NA_FLAG_ROUTER, "router" },
700     { ND_NA_FLAG_SOLICITED, "solicited" },
701     { ND_NA_FLAG_OVERRIDE, "override" },
702     { 0,	NULL }
703 };
704 
705 static const struct tok icmp6_opt_values[] = {
706    { ND_OPT_SOURCE_LINKADDR, "source link-address"},
707    { ND_OPT_TARGET_LINKADDR, "destination link-address"},
708    { ND_OPT_PREFIX_INFORMATION, "prefix info"},
709    { ND_OPT_REDIRECTED_HEADER, "redirected header"},
710    { ND_OPT_MTU, "mtu"},
711    { ND_OPT_RDNSS, "rdnss"},
712    { ND_OPT_DNSSL, "dnssl"},
713    { ND_OPT_ADVINTERVAL, "advertisement interval"},
714    { ND_OPT_HOMEAGENT_INFO, "homeagent information"},
715    { ND_OPT_ROUTE_INFO, "route info"},
716    { 0,	NULL }
717 };
718 
719 /* mldv2 report types */
720 static const struct tok mldv2report2str[] = {
721 	{ 1,	"is_in" },
722 	{ 2,	"is_ex" },
723 	{ 3,	"to_in" },
724 	{ 4,	"to_ex" },
725 	{ 5,	"allow" },
726 	{ 6,	"block" },
727 	{ 0,	NULL }
728 };
729 
730 static const char *
731 get_rtpref(u_int v)
732 {
733 	static const char *rtpref_str[] = {
734 		"medium",		/* 00 */
735 		"high",			/* 01 */
736 		"rsv",			/* 10 */
737 		"low"			/* 11 */
738 	};
739 
740 	return rtpref_str[((v & ND_RA_FLAG_RTPREF_MASK) >> 3) & 0xff];
741 }
742 
743 static const char *
744 get_lifetime(uint32_t v)
745 {
746 	static char buf[20];
747 
748 	if (v == (uint32_t)~0UL)
749 		return "infinity";
750 	else {
751 		snprintf(buf, sizeof(buf), "%us", v);
752 		return buf;
753 	}
754 }
755 
756 static void
757 print_lladdr(netdissect_options *ndo, const uint8_t *p, size_t l)
758 {
759 	const uint8_t *ep, *q;
760 
761 	q = p;
762 	ep = p + l;
763 	while (l > 0 && q < ep) {
764 		if (q > p)
765                         ND_PRINT(":");
766 		ND_PRINT("%02x", GET_U_1(q));
767 		q++;
768 		l--;
769 	}
770 }
771 
772 static uint16_t icmp6_cksum(netdissect_options *ndo, const struct ip6_hdr *ip6,
773 	const struct icmp6_hdr *icp, u_int len)
774 {
775 	return nextproto6_cksum(ndo, ip6, (const uint8_t *)(const void *)icp, len, len,
776 				IPPROTO_ICMPV6);
777 }
778 
779 static const struct tok rpl_mop_values[] = {
780         { RPL_DIO_NONSTORING,         "nonstoring"},
781         { RPL_DIO_STORING,            "storing"},
782         { RPL_DIO_NONSTORING_MULTICAST, "nonstoring-multicast"},
783         { RPL_DIO_STORING_MULTICAST,  "storing-multicast"},
784         { 0, NULL},
785 };
786 
787 static const struct tok rpl_subopt_values[] = {
788         { RPL_OPT_PAD1, "pad1"},
789         { RPL_OPT_PADN, "padN"},
790         { RPL_DIO_METRICS, "metrics"},
791         { RPL_DIO_ROUTINGINFO, "routinginfo"},
792         { RPL_DIO_CONFIG,    "config"},
793         { RPL_DAO_RPLTARGET, "rpltarget"},
794         { RPL_DAO_TRANSITINFO, "transitinfo"},
795         { RPL_DIO_DESTPREFIX, "destprefix"},
796         { RPL_DAO_RPLTARGET_DESC, "rpltargetdesc"},
797         { 0, NULL},
798 };
799 
800 static void
801 rpl_printopts(netdissect_options *ndo, const uint8_t *opts, u_int length)
802 {
803 	const struct rpl_genoption *opt;
804 	uint8_t dio_type;
805 	u_int optlen;
806 
807 	while (length != 0) {
808 		opt = (const struct rpl_genoption *)opts;
809 		dio_type = GET_U_1(opt->rpl_dio_type);
810 		if (dio_type == RPL_OPT_PAD1) {
811                         optlen = 1;
812                         ND_PRINT(" opt:pad1");
813                 } else {
814 			if (length < RPL_GENOPTION_LEN)
815 				goto trunc;
816 	                optlen = GET_U_1(opt->rpl_dio_len)+RPL_GENOPTION_LEN;
817                         ND_PRINT(" opt:%s len:%u ",
818                                   tok2str(rpl_subopt_values, "subopt:%u", dio_type),
819                                   optlen);
820                         ND_TCHECK_LEN(opt, optlen);
821                         if (length < optlen)
822 				goto trunc;
823                         if (ndo->ndo_vflag > 2) {
824                                 hex_print(ndo,
825                                           " ",
826                                           opts + RPL_GENOPTION_LEN,  /* content of DIO option */
827                                           optlen - RPL_GENOPTION_LEN);
828                         }
829                 }
830                 opts += optlen;
831                 length -= optlen;
832         }
833         return;
834 trunc:
835 	nd_print_trunc(ndo);
836 }
837 
838 static void
839 rpl_dio_print(netdissect_options *ndo,
840               const u_char *bp, u_int length)
841 {
842         const struct nd_rpl_dio *dio = (const struct nd_rpl_dio *)bp;
843 
844         ND_LCHECK_ZU(length, sizeof(struct nd_rpl_dio));
845         ND_PRINT(" [dagid:%s,seq:%u,instance:%u,rank:%u,%smop:%s,prf:%u]",
846                   GET_IP6ADDR_STRING(dio->rpl_dagid),
847                   GET_U_1(dio->rpl_dtsn),
848                   GET_U_1(dio->rpl_instanceid),
849                   GET_BE_U_2(dio->rpl_dagrank),
850                   RPL_DIO_GROUNDED(GET_U_1(dio->rpl_mopprf)) ? "grounded,":"",
851                   tok2str(rpl_mop_values, "mop%u",
852                           RPL_DIO_MOP(GET_U_1(dio->rpl_mopprf))),
853                   RPL_DIO_PRF(GET_U_1(dio->rpl_mopprf)));
854 
855         if(ndo->ndo_vflag > 1) {
856                 rpl_printopts(ndo, bp + sizeof(struct nd_rpl_dio),
857                               length - sizeof(struct nd_rpl_dio));
858         }
859         return;
860 invalid:
861         nd_print_invalid(ndo);
862 }
863 
864 static void
865 rpl_dao_print(netdissect_options *ndo,
866               const u_char *bp, u_int length)
867 {
868         const struct nd_rpl_dao *dao = (const struct nd_rpl_dao *)bp;
869         const char *dagid_str = "<elided>";
870         uint8_t rpl_flags;
871 
872         ND_TCHECK_SIZE(dao);
873         if (length < ND_RPL_DAO_MIN_LEN)
874 		goto tooshort;
875 
876         bp += ND_RPL_DAO_MIN_LEN;
877         length -= ND_RPL_DAO_MIN_LEN;
878         rpl_flags = GET_U_1(dao->rpl_flags);
879         if(RPL_DAO_D(rpl_flags)) {
880                 ND_TCHECK_LEN(dao->rpl_dagid, DAGID_LEN);
881                 if (length < DAGID_LEN)
882                         goto tooshort;
883                 dagid_str = ip6addr_string (ndo, dao->rpl_dagid);
884                 bp += DAGID_LEN;
885                 length -= DAGID_LEN;
886         }
887 
888         ND_PRINT(" [dagid:%s,seq:%u,instance:%u%s%s,flags:%02x]",
889                   dagid_str,
890                   GET_U_1(dao->rpl_daoseq),
891                   GET_U_1(dao->rpl_instanceid),
892                   RPL_DAO_K(rpl_flags) ? ",acK":"",
893                   RPL_DAO_D(rpl_flags) ? ",Dagid":"",
894                   rpl_flags);
895 
896         if(ndo->ndo_vflag > 1) {
897                 rpl_printopts(ndo, bp, length);
898         }
899 	return;
900 
901 trunc:
902 	nd_print_trunc(ndo);
903 	return;
904 
905 tooshort:
906 	ND_PRINT(" [|length too short]");
907 }
908 
909 static void
910 rpl_daoack_print(netdissect_options *ndo,
911                  const u_char *bp, u_int length)
912 {
913         const struct nd_rpl_daoack *daoack = (const struct nd_rpl_daoack *)bp;
914         const char *dagid_str = "<elided>";
915 
916         ND_TCHECK_LEN(daoack, ND_RPL_DAOACK_MIN_LEN);
917         if (length < ND_RPL_DAOACK_MIN_LEN)
918 		goto tooshort;
919 
920         bp += ND_RPL_DAOACK_MIN_LEN;
921         length -= ND_RPL_DAOACK_MIN_LEN;
922         if(RPL_DAOACK_D(GET_U_1(daoack->rpl_flags))) {
923                 ND_TCHECK_LEN(daoack->rpl_dagid, DAGID_LEN);
924                 if (length < DAGID_LEN)
925                         goto tooshort;
926                 dagid_str = ip6addr_string (ndo, daoack->rpl_dagid);
927                 bp += DAGID_LEN;
928                 length -= DAGID_LEN;
929         }
930 
931         ND_PRINT(" [dagid:%s,seq:%u,instance:%u,status:%u]",
932                   dagid_str,
933                   GET_U_1(daoack->rpl_daoseq),
934                   GET_U_1(daoack->rpl_instanceid),
935                   GET_U_1(daoack->rpl_status));
936 
937         /* no officially defined options for DAOACK, but print any we find */
938         if(ndo->ndo_vflag > 1) {
939                 rpl_printopts(ndo, bp, length);
940         }
941 	return;
942 
943 trunc:
944 	nd_print_trunc(ndo);
945 	return;
946 
947 tooshort:
948 	ND_PRINT(" [|dao-length too short]");
949 }
950 
951 static void
952 rpl_print(netdissect_options *ndo,
953           uint8_t icmp6_code,
954           const u_char *bp, u_int length)
955 {
956         int secured = icmp6_code & 0x80;
957         int basecode= icmp6_code & 0x7f;
958 
959         if(secured) {
960                 ND_PRINT(", (SEC) [worktodo]");
961                 /* XXX
962                  * the next header pointer needs to move forward to
963                  * skip the secure part.
964                  */
965                 return;
966         } else {
967                 ND_PRINT(", (CLR)");
968         }
969 
970         switch(basecode) {
971         case ND_RPL_DAG_IS:
972                 ND_PRINT("DODAG Information Solicitation");
973                 if(ndo->ndo_vflag) {
974                 }
975                 break;
976         case ND_RPL_DAG_IO:
977                 ND_PRINT("DODAG Information Object");
978                 if(ndo->ndo_vflag) {
979                         rpl_dio_print(ndo, bp, length);
980                 }
981                 break;
982         case ND_RPL_DAO:
983                 ND_PRINT("Destination Advertisement Object");
984                 if(ndo->ndo_vflag) {
985                         rpl_dao_print(ndo, bp, length);
986                 }
987                 break;
988         case ND_RPL_DAO_ACK:
989                 ND_PRINT("Destination Advertisement Object Ack");
990                 if(ndo->ndo_vflag) {
991                         rpl_daoack_print(ndo, bp, length);
992                 }
993                 break;
994         default:
995                 ND_PRINT("RPL message, unknown code %u",icmp6_code);
996                 break;
997         }
998 	return;
999 
1000 #if 0
1001 trunc:
1002 	nd_print_trunc(ndo);
1003 	return;
1004 #endif
1005 
1006 }
1007 
1008 void
1009 icmp6_print(netdissect_options *ndo,
1010             const u_char *bp, u_int length, const u_char *bp2, int fragmented)
1011 {
1012 	const struct icmp6_hdr *dp;
1013 	uint8_t icmp6_type, icmp6_code;
1014 	const struct ip6_hdr *ip;
1015 	const struct ip6_hdr *oip;
1016 	const struct udphdr *ouh;
1017 	uint16_t dport;
1018 	const u_char *ep;
1019 	u_int prot;
1020 
1021 	ndo->ndo_protocol = "icmp6";
1022 	dp = (const struct icmp6_hdr *)bp;
1023 	ip = (const struct ip6_hdr *)bp2;
1024 	oip = (const struct ip6_hdr *)(dp + 1);
1025 	/* 'ep' points to the end of available data. */
1026 	ep = ndo->ndo_snapend;
1027 	if (length == 0) {
1028 		ND_PRINT("ICMP6, length 0");
1029 		nd_print_invalid(ndo);
1030 		return;
1031 	}
1032 
1033 	if (ndo->ndo_vflag && !fragmented) {
1034 		uint16_t sum, udp_sum;
1035 
1036 		if (ND_TTEST_LEN(bp, length)) {
1037 			udp_sum = GET_BE_U_2(dp->icmp6_cksum);
1038 			sum = icmp6_cksum(ndo, ip, dp, length);
1039 			if (sum != 0)
1040 				ND_PRINT("[bad icmp6 cksum 0x%04x -> 0x%04x!] ",
1041                                                 udp_sum,
1042                                                 in_cksum_shouldbe(udp_sum, sum));
1043 			else
1044 				ND_PRINT("[icmp6 sum ok] ");
1045 		}
1046 	}
1047 
1048 	icmp6_type = GET_U_1(dp->icmp6_type);
1049 	ND_PRINT("ICMP6, %s", tok2str(icmp6_type_values,"unknown icmp6 type (%u)",icmp6_type));
1050 
1051         /* display cosmetics: print the packet length for printer that use the vflag now */
1052         if (ndo->ndo_vflag && (icmp6_type == ND_ROUTER_SOLICIT ||
1053                       icmp6_type == ND_ROUTER_ADVERT ||
1054                       icmp6_type == ND_NEIGHBOR_ADVERT ||
1055                       icmp6_type == ND_NEIGHBOR_SOLICIT ||
1056                       icmp6_type == ND_REDIRECT ||
1057                       icmp6_type == ICMP6_HADISCOV_REPLY ||
1058                       icmp6_type == ICMP6_MOBILEPREFIX_ADVERT ))
1059                 ND_PRINT(", length %u", length);
1060 
1061 	icmp6_code = GET_U_1(dp->icmp6_code);
1062 
1063 	switch (icmp6_type) {
1064 	case ICMP6_DST_UNREACH:
1065                 ND_PRINT(", %s", tok2str(icmp6_dst_unreach_code_values,"unknown unreach code (%u)",icmp6_code));
1066 		switch (icmp6_code) {
1067 
1068 		case ICMP6_DST_UNREACH_NOROUTE: /* fall through */
1069 		case ICMP6_DST_UNREACH_ADMIN:
1070 		case ICMP6_DST_UNREACH_ADDR:
1071                         ND_PRINT(" %s",GET_IP6ADDR_STRING(oip->ip6_dst));
1072                         break;
1073 		case ICMP6_DST_UNREACH_BEYONDSCOPE:
1074 			ND_PRINT(" %s, source address %s",
1075 			       GET_IP6ADDR_STRING(oip->ip6_dst),
1076                                   GET_IP6ADDR_STRING(oip->ip6_src));
1077 			break;
1078 		case ICMP6_DST_UNREACH_NOPORT:
1079 			if ((ouh = get_upperlayer(ndo, (const u_char *)oip, &prot))
1080 			    == NULL)
1081 				goto trunc;
1082 
1083 			dport = GET_BE_U_2(ouh->uh_dport);
1084 			switch (prot) {
1085 			case IPPROTO_TCP:
1086 				ND_PRINT(", %s tcp port %s",
1087 					GET_IP6ADDR_STRING(oip->ip6_dst),
1088                                           tcpport_string(ndo, dport));
1089 				break;
1090 			case IPPROTO_UDP:
1091 				ND_PRINT(", %s udp port %s",
1092 					GET_IP6ADDR_STRING(oip->ip6_dst),
1093                                           udpport_string(ndo, dport));
1094 				break;
1095 			default:
1096 				ND_PRINT(", %s protocol %u port %u unreachable",
1097 					GET_IP6ADDR_STRING(oip->ip6_dst),
1098                                           prot, dport);
1099 				break;
1100 			}
1101 			break;
1102 		default:
1103                   if (ndo->ndo_vflag <= 1) {
1104                     print_unknown_data(ndo, bp,"\n\t",length);
1105                     return;
1106                   }
1107                     break;
1108 		}
1109 		break;
1110 	case ICMP6_PACKET_TOO_BIG:
1111 		ND_PRINT(", mtu %u", GET_BE_U_4(dp->icmp6_mtu));
1112 		break;
1113 	case ICMP6_TIME_EXCEEDED:
1114 		switch (icmp6_code) {
1115 		case ICMP6_TIME_EXCEED_TRANSIT:
1116 			ND_PRINT(" for %s",
1117                                   GET_IP6ADDR_STRING(oip->ip6_dst));
1118 			break;
1119 		case ICMP6_TIME_EXCEED_REASSEMBLY:
1120 			ND_PRINT(" (reassembly)");
1121 			break;
1122 		default:
1123                         ND_PRINT(", unknown code (%u)", icmp6_code);
1124 			break;
1125 		}
1126 		break;
1127 	case ICMP6_PARAM_PROB:
1128 		ND_TCHECK_16(oip->ip6_dst);
1129 		switch (icmp6_code) {
1130 		case ICMP6_PARAMPROB_HEADER:
1131                         ND_PRINT(", erroneous - octet %u",
1132 				 GET_BE_U_4(dp->icmp6_pptr));
1133                         break;
1134 		case ICMP6_PARAMPROB_NEXTHEADER:
1135                         ND_PRINT(", next header - octet %u",
1136 				 GET_BE_U_4(dp->icmp6_pptr));
1137                         break;
1138 		case ICMP6_PARAMPROB_OPTION:
1139                         ND_PRINT(", option - octet %u",
1140 				 GET_BE_U_4(dp->icmp6_pptr));
1141                         break;
1142 		case ICMP6_PARAMPROB_FRAGHDRCHAIN:
1143                         ND_PRINT(", incomplete header chain - octet %u",
1144 				 GET_BE_U_4(dp->icmp6_pptr));
1145                         break;
1146 		default:
1147                         ND_PRINT(", code-#%u",
1148                                   icmp6_code);
1149                         break;
1150 		}
1151 		break;
1152 	case ICMP6_ECHO_REQUEST:
1153 	case ICMP6_ECHO_REPLY:
1154                 ND_PRINT(", id %u, seq %u", GET_BE_U_2(dp->icmp6_id),
1155 			 GET_BE_U_2(dp->icmp6_seq));
1156 		break;
1157 	case ICMP6_MEMBERSHIP_QUERY:
1158 		if (length == MLD_MINLEN) {
1159 			mld6_print(ndo, (const u_char *)dp);
1160 		} else if (length >= MLDV2_MINLEN) {
1161 			ND_PRINT(" v2");
1162 			mldv2_query_print(ndo, (const u_char *)dp, length);
1163 		} else {
1164                         ND_PRINT(" unknown-version (len %u) ", length);
1165 		}
1166 		break;
1167 	case ICMP6_MEMBERSHIP_REPORT:
1168 		mld6_print(ndo, (const u_char *)dp);
1169 		break;
1170 	case ICMP6_MEMBERSHIP_REDUCTION:
1171 		mld6_print(ndo, (const u_char *)dp);
1172 		break;
1173 	case ND_ROUTER_SOLICIT:
1174 #define RTSOLLEN 8
1175 		if (ndo->ndo_vflag) {
1176 			if (icmp6_opt_print(ndo, (const u_char *)dp + RTSOLLEN,
1177 					    length - RTSOLLEN) == -1)
1178 				goto trunc;
1179 		}
1180 		break;
1181 	case ND_ROUTER_ADVERT:
1182 #define RTADVLEN 16
1183 		if (ndo->ndo_vflag) {
1184 			const struct nd_router_advert *p;
1185 
1186 			p = (const struct nd_router_advert *)dp;
1187 			ND_PRINT("\n\thop limit %u, Flags [%s]"
1188                                   ", pref %s, router lifetime %us, reachable time %ums, retrans timer %ums",
1189                                   GET_U_1(p->nd_ra_curhoplimit),
1190                                   bittok2str(icmp6_opt_ra_flag_values,"none",GET_U_1(p->nd_ra_flags_reserved)),
1191                                   get_rtpref(GET_U_1(p->nd_ra_flags_reserved)),
1192                                   GET_BE_U_2(p->nd_ra_router_lifetime),
1193                                   GET_BE_U_4(p->nd_ra_reachable),
1194                                   GET_BE_U_4(p->nd_ra_retransmit));
1195 
1196 			if (icmp6_opt_print(ndo, (const u_char *)dp + RTADVLEN,
1197 					    length - RTADVLEN) == -1)
1198 				goto trunc;
1199 		}
1200 		break;
1201 	case ND_NEIGHBOR_SOLICIT:
1202 	    {
1203 		const struct nd_neighbor_solicit *p;
1204 		p = (const struct nd_neighbor_solicit *)dp;
1205 		ND_PRINT(", who has %s", GET_IP6ADDR_STRING(p->nd_ns_target));
1206 		if (ndo->ndo_vflag) {
1207 #define NDSOLLEN 24
1208 			if (icmp6_opt_print(ndo, (const u_char *)dp + NDSOLLEN,
1209 					    length - NDSOLLEN) == -1)
1210 				goto trunc;
1211 		}
1212 	    }
1213 		break;
1214 	case ND_NEIGHBOR_ADVERT:
1215 	    {
1216 		const struct nd_neighbor_advert *p;
1217 
1218 		p = (const struct nd_neighbor_advert *)dp;
1219 		ND_PRINT(", tgt is %s",
1220                           GET_IP6ADDR_STRING(p->nd_na_target));
1221 		if (ndo->ndo_vflag) {
1222                         ND_PRINT(", Flags [%s]",
1223                                   bittok2str(icmp6_nd_na_flag_values,
1224                                              "none",
1225                                              GET_BE_U_4(p->nd_na_flags_reserved)));
1226 #define NDADVLEN 24
1227 			if (icmp6_opt_print(ndo, (const u_char *)dp + NDADVLEN,
1228 					    length - NDADVLEN) == -1)
1229 				goto trunc;
1230 #undef NDADVLEN
1231 		}
1232 	    }
1233 		break;
1234 	case ND_REDIRECT:
1235 	    {
1236 		const struct nd_redirect *p;
1237 
1238 		p = (const struct nd_redirect *)dp;
1239 		ND_PRINT(", %s", GET_IP6ADDR_STRING(p->nd_rd_dst));
1240 		ND_PRINT(" to %s", GET_IP6ADDR_STRING(p->nd_rd_target));
1241 #define REDIRECTLEN 40
1242 		if (ndo->ndo_vflag) {
1243 			if (icmp6_opt_print(ndo, (const u_char *)dp + REDIRECTLEN,
1244 					    length - REDIRECTLEN) == -1)
1245 				goto trunc;
1246 #undef REDIRECTLEN
1247 		}
1248 	    }
1249 		break;
1250 	case ICMP6_ROUTER_RENUMBERING:
1251 		icmp6_rrenum_print(ndo, bp, ep);
1252 		break;
1253 	case ICMP6_NI_QUERY:
1254 	case ICMP6_NI_REPLY:
1255 		icmp6_nodeinfo_print(ndo, length, bp, ep);
1256 		break;
1257 	case IND_SOLICIT:
1258 	case IND_ADVERT:
1259 		break;
1260 	case ICMP6_V2_MEMBERSHIP_REPORT:
1261 		mldv2_report_print(ndo, (const u_char *) dp, length);
1262 		break;
1263 	case ICMP6_MOBILEPREFIX_SOLICIT: /* fall through */
1264 	case ICMP6_HADISCOV_REQUEST:
1265                 ND_PRINT(", id 0x%04x", GET_BE_U_2(dp->icmp6_data16[0]));
1266                 break;
1267 	case ICMP6_HADISCOV_REPLY:
1268 		if (ndo->ndo_vflag) {
1269 			const u_char *cp;
1270 			const u_char *p;
1271 
1272 			ND_PRINT(", id 0x%04x",
1273 				 GET_BE_U_2(dp->icmp6_data16[0]));
1274 			cp = (const u_char *)dp + length;
1275 			p = (const u_char *)(dp + 1);
1276 			while (p < cp) {
1277 				ND_PRINT(", %s", GET_IP6ADDR_STRING(p));
1278 				p += 16;
1279 			}
1280 		}
1281 		break;
1282 	case ICMP6_MOBILEPREFIX_ADVERT:
1283 		if (ndo->ndo_vflag) {
1284 			uint16_t flags;
1285 
1286 			ND_PRINT(", id 0x%04x",
1287 				 GET_BE_U_2(dp->icmp6_data16[0]));
1288 			flags = GET_BE_U_2(dp->icmp6_data16[1]);
1289 			if (flags & 0xc000)
1290 				ND_PRINT(" ");
1291 			if (flags & 0x8000)
1292 				ND_PRINT("M");
1293 			if (flags & 0x4000)
1294 				ND_PRINT("O");
1295 #define MPADVLEN 8
1296 			if (icmp6_opt_print(ndo, (const u_char *)dp + MPADVLEN,
1297 					    length - MPADVLEN) == -1)
1298 				goto trunc;
1299 		}
1300 		break;
1301         case ND_RPL_MESSAGE:
1302                 /* plus 4, because struct icmp6_hdr contains 4 bytes of icmp payload */
1303                 rpl_print(ndo, icmp6_code, dp->icmp6_data, length-sizeof(struct icmp6_hdr)+4);
1304                 break;
1305 	default:
1306                 ND_PRINT(", length %u", length);
1307                 if (ndo->ndo_vflag <= 1)
1308                         print_unknown_data(ndo, bp,"\n\t", length);
1309                 return;
1310         }
1311         if (!ndo->ndo_vflag)
1312                 ND_PRINT(", length %u", length);
1313 	return;
1314 trunc:
1315 	nd_print_trunc(ndo);
1316 }
1317 
1318 static const struct udphdr *
1319 get_upperlayer(netdissect_options *ndo, const u_char *bp, u_int *prot)
1320 {
1321 	const u_char *ep;
1322 	const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp;
1323 	const struct udphdr *uh;
1324 	const struct ip6_hbh *hbh;
1325 	const struct ip6_frag *fragh;
1326 	const struct ah *ah;
1327 	u_int nh;
1328 	int hlen;
1329 
1330 	/* 'ep' points to the end of available data. */
1331 	ep = ndo->ndo_snapend;
1332 
1333 	if (!ND_TTEST_1(ip6->ip6_nxt))
1334 		return NULL;
1335 
1336 	nh = GET_U_1(ip6->ip6_nxt);
1337 	hlen = sizeof(struct ip6_hdr);
1338 
1339 	while (bp < ep) {
1340 		bp += hlen;
1341 
1342 		switch(nh) {
1343 		case IPPROTO_UDP:
1344 		case IPPROTO_TCP:
1345 			uh = (const struct udphdr *)bp;
1346 			if (ND_TTEST_2(uh->uh_dport)) {
1347 				*prot = nh;
1348 				return(uh);
1349 			}
1350 			else
1351 				return(NULL);
1352 			/* NOTREACHED */
1353 
1354 		case IPPROTO_HOPOPTS:
1355 		case IPPROTO_DSTOPTS:
1356 		case IPPROTO_ROUTING:
1357 			hbh = (const struct ip6_hbh *)bp;
1358 			if (!ND_TTEST_1(hbh->ip6h_len))
1359 				return(NULL);
1360 			nh = GET_U_1(hbh->ip6h_nxt);
1361 			hlen = (GET_U_1(hbh->ip6h_len) + 1) << 3;
1362 			break;
1363 
1364 		case IPPROTO_FRAGMENT: /* this should be odd, but try anyway */
1365 			fragh = (const struct ip6_frag *)bp;
1366 			if (!ND_TTEST_2(fragh->ip6f_offlg))
1367 				return(NULL);
1368 			/* fragments with non-zero offset are meaningless */
1369 			if ((GET_BE_U_2(fragh->ip6f_offlg) & IP6F_OFF_MASK) != 0)
1370 				return(NULL);
1371 			nh = GET_U_1(fragh->ip6f_nxt);
1372 			hlen = sizeof(struct ip6_frag);
1373 			break;
1374 
1375 		case IPPROTO_AH:
1376 			ah = (const struct ah *)bp;
1377 			if (!ND_TTEST_1(ah->ah_len))
1378 				return(NULL);
1379 			nh = GET_U_1(ah->ah_nxt);
1380 			hlen = (GET_U_1(ah->ah_len) + 2) << 2;
1381 			break;
1382 
1383 		default:	/* unknown or undecodable header */
1384 			*prot = nh; /* meaningless, but set here anyway */
1385 			return(NULL);
1386 		}
1387 	}
1388 
1389 	return(NULL);		/* should be notreached, though */
1390 }
1391 
1392 static int
1393 icmp6_opt_print(netdissect_options *ndo, const u_char *bp, int resid)
1394 {
1395 	const struct nd_opt_hdr *op;
1396 	uint8_t opt_type;
1397 	u_int opt_len;
1398 	const struct nd_opt_prefix_info *opp;
1399 	const struct nd_opt_mtu *opm;
1400 	const struct nd_opt_rdnss *oprd;
1401 	const struct nd_opt_dnssl *opds;
1402 	const struct nd_opt_advinterval *opa;
1403 	const struct nd_opt_homeagent_info *oph;
1404 	const struct nd_opt_route_info *opri;
1405 	const u_char *cp, *ep, *domp;
1406 	nd_ipv6 in6;
1407 	size_t l;
1408 	u_int i;
1409 
1410 	cp = bp;
1411 	/* 'ep' points to the end of available data. */
1412 	ep = ndo->ndo_snapend;
1413 
1414 	while (cp < ep) {
1415 		op = (const struct nd_opt_hdr *)cp;
1416 
1417 		ND_TCHECK_1(op->nd_opt_len);
1418 		if (resid <= 0)
1419 			return 0;
1420 		opt_type = GET_U_1(op->nd_opt_type);
1421 		opt_len = GET_U_1(op->nd_opt_len);
1422 		if (opt_len == 0)
1423 			goto trunc;
1424 		if (cp + (opt_len << 3) > ep)
1425 			goto trunc;
1426 
1427                 ND_PRINT("\n\t  %s option (%u), length %u (%u): ",
1428                           tok2str(icmp6_opt_values, "unknown", opt_type),
1429                           opt_type,
1430                           opt_len << 3,
1431                           opt_len);
1432 
1433 		switch (opt_type) {
1434 		case ND_OPT_SOURCE_LINKADDR:
1435 			l = (opt_len << 3) - 2;
1436 			print_lladdr(ndo, cp + 2, l);
1437 			break;
1438 		case ND_OPT_TARGET_LINKADDR:
1439 			l = (opt_len << 3) - 2;
1440 			print_lladdr(ndo, cp + 2, l);
1441 			break;
1442 		case ND_OPT_PREFIX_INFORMATION:
1443 			opp = (const struct nd_opt_prefix_info *)op;
1444                         ND_PRINT("%s/%u%s, Flags [%s], valid time %s",
1445                                   GET_IP6ADDR_STRING(opp->nd_opt_pi_prefix),
1446                                   GET_U_1(opp->nd_opt_pi_prefix_len),
1447                                   (opt_len != 4) ? "badlen" : "",
1448                                   bittok2str(icmp6_opt_pi_flag_values, "none", GET_U_1(opp->nd_opt_pi_flags_reserved)),
1449                                   get_lifetime(GET_BE_U_4(opp->nd_opt_pi_valid_time)));
1450                         ND_PRINT(", pref. time %s",
1451 				 get_lifetime(GET_BE_U_4(opp->nd_opt_pi_preferred_time)));
1452 			break;
1453 		case ND_OPT_REDIRECTED_HEADER:
1454                         print_unknown_data(ndo, bp,"\n\t    ",opt_len<<3);
1455 			/* xxx */
1456 			break;
1457 		case ND_OPT_MTU:
1458 			opm = (const struct nd_opt_mtu *)op;
1459 			ND_PRINT(" %u%s",
1460                                GET_BE_U_4(opm->nd_opt_mtu_mtu),
1461                                (opt_len != 1) ? "bad option length" : "" );
1462                         break;
1463 		case ND_OPT_RDNSS:
1464 			oprd = (const struct nd_opt_rdnss *)op;
1465 			l = (opt_len - 1) / 2;
1466 			ND_PRINT(" lifetime %us,",
1467                                   GET_BE_U_4(oprd->nd_opt_rdnss_lifetime));
1468 			for (i = 0; i < l; i++) {
1469 				ND_PRINT(" addr: %s",
1470                                           GET_IP6ADDR_STRING(oprd->nd_opt_rdnss_addr[i]));
1471 			}
1472 			break;
1473 		case ND_OPT_DNSSL:
1474 			opds = (const struct nd_opt_dnssl *)op;
1475 			ND_PRINT(" lifetime %us, domain(s):",
1476                                   GET_BE_U_4(opds->nd_opt_dnssl_lifetime));
1477 			domp = cp + 8; /* domain names, variable-sized, RFC1035-encoded */
1478 			while (domp < cp + (opt_len << 3) && GET_U_1(domp) != '\0')
1479 			{
1480 				ND_PRINT(" ");
1481 				if ((domp = fqdn_print(ndo, domp, bp)) == NULL)
1482 					goto trunc;
1483 			}
1484 			break;
1485 		case ND_OPT_ADVINTERVAL:
1486 			opa = (const struct nd_opt_advinterval *)op;
1487 			ND_PRINT(" %ums",
1488 				 GET_BE_U_4(opa->nd_opt_adv_interval));
1489 			break;
1490                 case ND_OPT_HOMEAGENT_INFO:
1491 			oph = (const struct nd_opt_homeagent_info *)op;
1492 			ND_PRINT(" preference %u, lifetime %u",
1493                                   GET_BE_U_2(oph->nd_opt_hai_preference),
1494                                   GET_BE_U_2(oph->nd_opt_hai_lifetime));
1495 			break;
1496 		case ND_OPT_ROUTE_INFO:
1497 			opri = (const struct nd_opt_route_info *)op;
1498 			ND_TCHECK_4(opri->nd_opt_rti_lifetime);
1499 			memset(&in6, 0, sizeof(in6));
1500 			switch (opt_len) {
1501 			case 1:
1502 				break;
1503 			case 2:
1504 				GET_CPY_BYTES(&in6, opri + 1, 8);
1505 				break;
1506 			case 3:
1507 				GET_CPY_BYTES(&in6, opri + 1, 16);
1508 				break;
1509 			default:
1510 				goto trunc;
1511 			}
1512 			ND_PRINT(" %s/%u", ip6addr_string(ndo, (const u_char *)&in6), /* local buffer, not packet data; don't use GET_IP6ADDR_STRING() */
1513                                   GET_U_1(opri->nd_opt_rti_prefixlen));
1514 			ND_PRINT(", pref=%s",
1515 				 get_rtpref(GET_U_1(opri->nd_opt_rti_flags)));
1516 			ND_PRINT(", lifetime=%s",
1517                                   get_lifetime(GET_BE_U_4(opri->nd_opt_rti_lifetime)));
1518 			break;
1519 		default:
1520                         if (ndo->ndo_vflag <= 1) {
1521                                 print_unknown_data(ndo,cp+2,"\n\t  ", (opt_len << 3) - 2); /* skip option header */
1522                             return 0;
1523                         }
1524                         break;
1525 		}
1526                 /* do we want to see an additional hexdump ? */
1527                 if (ndo->ndo_vflag> 1)
1528                         print_unknown_data(ndo, cp+2,"\n\t    ", (opt_len << 3) - 2); /* skip option header */
1529 
1530 		cp += opt_len << 3;
1531 		resid -= opt_len << 3;
1532 	}
1533 	return 0;
1534 
1535 trunc:
1536 	return -1;
1537 }
1538 
1539 static void
1540 mld6_print(netdissect_options *ndo, const u_char *bp)
1541 {
1542 	const struct mld6_hdr *mp = (const struct mld6_hdr *)bp;
1543 	const u_char *ep;
1544 
1545 	/* 'ep' points to the end of available data. */
1546 	ep = ndo->ndo_snapend;
1547 
1548 	if ((const u_char *)mp + sizeof(*mp) > ep)
1549 		return;
1550 
1551 	ND_PRINT("max resp delay: %u ", GET_BE_U_2(mp->mld6_maxdelay));
1552 	ND_PRINT("addr: %s", GET_IP6ADDR_STRING(mp->mld6_addr));
1553 }
1554 
1555 static void
1556 mldv2_report_print(netdissect_options *ndo, const u_char *bp, u_int len)
1557 {
1558     const struct icmp6_hdr *icp = (const struct icmp6_hdr *) bp;
1559     u_int group, nsrcs, ngroups;
1560     u_int i, j;
1561 
1562     /* Minimum len is 8 */
1563     if (len < 8) {
1564             ND_PRINT(" [invalid len %u]", len);
1565             return;
1566     }
1567 
1568     ngroups = GET_BE_U_2(icp->icmp6_data16[1]);
1569     ND_PRINT(", %u group record(s)", ngroups);
1570     if (ndo->ndo_vflag > 0) {
1571 	/* Print the group records */
1572 	group = 8;
1573         for (i = 0; i < ngroups; i++) {
1574 	    /* type(1) + auxlen(1) + numsrc(2) + grp(16) */
1575 	    if (len < group + 20) {
1576                     ND_PRINT(" [invalid number of groups]");
1577                     return;
1578 	    }
1579             ND_PRINT(" [gaddr %s", GET_IP6ADDR_STRING(bp + group + 4));
1580 	    ND_PRINT(" %s", tok2str(mldv2report2str, " [v2-report-#%u]",
1581                                          GET_U_1(bp + group)));
1582             nsrcs = GET_BE_U_2(bp + group + 2);
1583 	    /* Check the number of sources and print them */
1584 	    if (len < group + 20 + (nsrcs * sizeof(nd_ipv6))) {
1585                     ND_PRINT(" [invalid number of sources %u]", nsrcs);
1586                     return;
1587 	    }
1588             if (ndo->ndo_vflag == 1)
1589                     ND_PRINT(", %u source(s)", nsrcs);
1590             else {
1591 		/* Print the sources */
1592                     ND_PRINT(" {");
1593                 for (j = 0; j < nsrcs; j++) {
1594 		    ND_PRINT(" %s", GET_IP6ADDR_STRING(bp + group + 20 + (j * sizeof(nd_ipv6))));
1595 		}
1596                 ND_PRINT(" }");
1597             }
1598 	    /* Next group record */
1599             group += 20 + nsrcs * sizeof(nd_ipv6);
1600 	    ND_PRINT("]");
1601         }
1602     }
1603 }
1604 
1605 static void
1606 mldv2_query_print(netdissect_options *ndo, const u_char *bp, u_int len)
1607 {
1608     const struct icmp6_hdr *icp = (const struct icmp6_hdr *) bp;
1609     u_int mrc;
1610     u_int mrt, qqi;
1611     u_int nsrcs;
1612     u_int i;
1613 
1614     /* Minimum len is 28 */
1615     if (len < 28) {
1616         ND_PRINT(" [invalid len %u]", len);
1617 	return;
1618     }
1619     mrc = GET_BE_U_2(icp->icmp6_data16[0]);
1620     if (mrc < 32768) {
1621 	mrt = mrc;
1622     } else {
1623         mrt = ((mrc & 0x0fff) | 0x1000) << (((mrc & 0x7000) >> 12) + 3);
1624     }
1625     if (ndo->ndo_vflag) {
1626             ND_PRINT(" [max resp delay=%u]", mrt);
1627     }
1628     ND_PRINT(" [gaddr %s", GET_IP6ADDR_STRING(bp + 8));
1629 
1630     if (ndo->ndo_vflag) {
1631 	if (GET_U_1(bp + 24) & 0x08) {
1632 		ND_PRINT(" sflag");
1633 	}
1634 	if (GET_U_1(bp + 24) & 0x07) {
1635 		ND_PRINT(" robustness=%u", GET_U_1(bp + 24) & 0x07);
1636 	}
1637 	if (GET_U_1(bp + 25) < 128) {
1638 		qqi = GET_U_1(bp + 25);
1639 	} else {
1640 		qqi = ((GET_U_1(bp + 25) & 0x0f) | 0x10) <<
1641 		       (((GET_U_1(bp + 25) & 0x70) >> 4) + 3);
1642 	}
1643 	ND_PRINT(" qqi=%u", qqi);
1644     }
1645 
1646     nsrcs = GET_BE_U_2(bp + 26);
1647     if (nsrcs > 0) {
1648 	if (len < 28 + nsrcs * sizeof(nd_ipv6))
1649 	    ND_PRINT(" [invalid number of sources]");
1650 	else if (ndo->ndo_vflag > 1) {
1651 	    ND_PRINT(" {");
1652 	    for (i = 0; i < nsrcs; i++) {
1653 		ND_PRINT(" %s", GET_IP6ADDR_STRING(bp + 28 + (i * sizeof(nd_ipv6))));
1654 	    }
1655 	    ND_PRINT(" }");
1656 	} else
1657                 ND_PRINT(", %u source(s)", nsrcs);
1658     }
1659     ND_PRINT("]");
1660 }
1661 
1662 static void
1663 dnsname_print(netdissect_options *ndo, const u_char *cp, const u_char *ep)
1664 {
1665 	int i;
1666 
1667 	/* DNS name decoding - no decompression */
1668 	ND_PRINT(", \"");
1669 	while (cp < ep) {
1670 		i = GET_U_1(cp);
1671 		cp++;
1672 		if (i) {
1673 			if (i > ep - cp) {
1674 				ND_PRINT("???");
1675 				break;
1676 			}
1677 			while (i-- && cp < ep) {
1678 				fn_print_char(ndo, GET_U_1(cp));
1679 				cp++;
1680 			}
1681 			if (cp + 1 < ep && GET_U_1(cp))
1682 				ND_PRINT(".");
1683 		} else {
1684 			if (cp == ep) {
1685 				/* FQDN */
1686 				ND_PRINT(".");
1687 			} else if (cp + 1 == ep && GET_U_1(cp) == '\0') {
1688 				/* truncated */
1689 			} else {
1690 				/* invalid */
1691 				ND_PRINT("???");
1692 			}
1693 			break;
1694 		}
1695 	}
1696 	ND_PRINT("\"");
1697 }
1698 
1699 static void
1700 icmp6_nodeinfo_print(netdissect_options *ndo, u_int icmp6len, const u_char *bp, const u_char *ep)
1701 {
1702 	const struct icmp6_nodeinfo *ni6;
1703 	const struct icmp6_hdr *dp;
1704 	const u_char *cp;
1705 	size_t siz, i;
1706 	int needcomma;
1707 
1708 	if (ep < bp)
1709 		return;
1710 	dp = (const struct icmp6_hdr *)bp;
1711 	ni6 = (const struct icmp6_nodeinfo *)bp;
1712 	siz = ep - bp;
1713 
1714 	switch (GET_U_1(ni6->ni_type)) {
1715 	case ICMP6_NI_QUERY:
1716 		if (siz == sizeof(*dp) + 4) {
1717 			/* KAME who-are-you */
1718 			ND_PRINT(" who-are-you request");
1719 			break;
1720 		}
1721 		ND_PRINT(" node information query");
1722 
1723 		ND_TCHECK_LEN(dp, sizeof(*ni6));
1724 		ni6 = (const struct icmp6_nodeinfo *)dp;
1725 		ND_PRINT(" (");	/*)*/
1726 		switch (GET_BE_U_2(ni6->ni_qtype)) {
1727 		case NI_QTYPE_NOOP:
1728 			ND_PRINT("noop");
1729 			break;
1730 		case NI_QTYPE_SUPTYPES:
1731 			ND_PRINT("supported qtypes");
1732 			i = GET_BE_U_2(ni6->ni_flags);
1733 			if (i)
1734 				ND_PRINT(" [%s]", (i & 0x01) ? "C" : "");
1735 			break;
1736 		case NI_QTYPE_FQDN:
1737 			ND_PRINT("DNS name");
1738 			break;
1739 		case NI_QTYPE_NODEADDR:
1740 			ND_PRINT("node addresses");
1741 			i = GET_BE_U_2(ni6->ni_flags);
1742 			if (!i)
1743 				break;
1744 			/* NI_NODEADDR_FLAG_TRUNCATE undefined for query */
1745 			ND_PRINT(" [%s%s%s%s%s%s]",
1746 			    (i & NI_NODEADDR_FLAG_ANYCAST) ? "a" : "",
1747 			    (i & NI_NODEADDR_FLAG_GLOBAL) ? "G" : "",
1748 			    (i & NI_NODEADDR_FLAG_SITELOCAL) ? "S" : "",
1749 			    (i & NI_NODEADDR_FLAG_LINKLOCAL) ? "L" : "",
1750 			    (i & NI_NODEADDR_FLAG_COMPAT) ? "C" : "",
1751 			    (i & NI_NODEADDR_FLAG_ALL) ? "A" : "");
1752 			break;
1753 		default:
1754 			ND_PRINT("unknown");
1755 			break;
1756 		}
1757 
1758 		if (GET_BE_U_2(ni6->ni_qtype) == NI_QTYPE_NOOP ||
1759 		    GET_BE_U_2(ni6->ni_qtype) == NI_QTYPE_SUPTYPES) {
1760 			if (siz != sizeof(*ni6))
1761 				if (ndo->ndo_vflag)
1762 					ND_PRINT(", invalid len");
1763 			/*(*/
1764 			ND_PRINT(")");
1765 			break;
1766 		}
1767 
1768 		/* XXX backward compat, icmp-name-lookup-03 */
1769 		if (siz == sizeof(*ni6)) {
1770 			ND_PRINT(", 03 draft");
1771 			/*(*/
1772 			ND_PRINT(")");
1773 			break;
1774 		}
1775 
1776 		cp = (const u_char *)(ni6 + 1);
1777 		switch (GET_U_1(ni6->ni_code)) {
1778 		case ICMP6_NI_SUBJ_IPV6:
1779 			if (!ND_TTEST_LEN(dp, sizeof(*ni6) + sizeof(nd_ipv6)))
1780 				break;
1781 			if (siz != sizeof(*ni6) + sizeof(nd_ipv6)) {
1782 				if (ndo->ndo_vflag)
1783 					ND_PRINT(", invalid subject len");
1784 				break;
1785 			}
1786 			ND_PRINT(", subject=%s",
1787                                   GET_IP6ADDR_STRING(cp));
1788 			break;
1789 		case ICMP6_NI_SUBJ_FQDN:
1790 			ND_PRINT(", subject=DNS name");
1791 			if (GET_U_1(cp) == ep - cp - 1) {
1792 				/* icmp-name-lookup-03, pascal string */
1793 				if (ndo->ndo_vflag)
1794 					ND_PRINT(", 03 draft");
1795 				cp++;
1796 				ND_PRINT(", \"");
1797 				while (cp < ep) {
1798 					fn_print_char(ndo, GET_U_1(cp));
1799 					cp++;
1800 				}
1801 				ND_PRINT("\"");
1802 			} else
1803 				dnsname_print(ndo, cp, ep);
1804 			break;
1805 		case ICMP6_NI_SUBJ_IPV4:
1806 			if (!ND_TTEST_LEN(dp, sizeof(*ni6) + sizeof(nd_ipv4)))
1807 				break;
1808 			if (siz != sizeof(*ni6) + sizeof(nd_ipv4)) {
1809 				if (ndo->ndo_vflag)
1810 					ND_PRINT(", invalid subject len");
1811 				break;
1812 			}
1813 			ND_PRINT(", subject=%s",
1814                                   GET_IPADDR_STRING(cp));
1815 			break;
1816 		default:
1817 			ND_PRINT(", unknown subject");
1818 			break;
1819 		}
1820 
1821 		/*(*/
1822 		ND_PRINT(")");
1823 		break;
1824 
1825 	case ICMP6_NI_REPLY:
1826 		if (icmp6len > siz)
1827 			goto trunc;
1828 
1829 		needcomma = 0;
1830 
1831 		ND_TCHECK_LEN(dp, sizeof(*ni6));
1832 		ni6 = (const struct icmp6_nodeinfo *)dp;
1833 		ND_PRINT(" node information reply");
1834 		ND_PRINT(" (");	/*)*/
1835 		switch (GET_U_1(ni6->ni_code)) {
1836 		case ICMP6_NI_SUCCESS:
1837 			if (ndo->ndo_vflag) {
1838 				ND_PRINT("success");
1839 				needcomma++;
1840 			}
1841 			break;
1842 		case ICMP6_NI_REFUSED:
1843 			ND_PRINT("refused");
1844 			needcomma++;
1845 			if (siz != sizeof(*ni6))
1846 				if (ndo->ndo_vflag)
1847 					ND_PRINT(", invalid length");
1848 			break;
1849 		case ICMP6_NI_UNKNOWN:
1850 			ND_PRINT("unknown");
1851 			needcomma++;
1852 			if (siz != sizeof(*ni6))
1853 				if (ndo->ndo_vflag)
1854 					ND_PRINT(", invalid length");
1855 			break;
1856 		}
1857 
1858 		if (GET_U_1(ni6->ni_code) != ICMP6_NI_SUCCESS) {
1859 			/*(*/
1860 			ND_PRINT(")");
1861 			break;
1862 		}
1863 
1864 		switch (GET_BE_U_2(ni6->ni_qtype)) {
1865 		case NI_QTYPE_NOOP:
1866 			if (needcomma)
1867 				ND_PRINT(", ");
1868 			ND_PRINT("noop");
1869 			if (siz != sizeof(*ni6))
1870 				if (ndo->ndo_vflag)
1871 					ND_PRINT(", invalid length");
1872 			break;
1873 		case NI_QTYPE_SUPTYPES:
1874 			if (needcomma)
1875 				ND_PRINT(", ");
1876 			ND_PRINT("supported qtypes");
1877 			i = GET_BE_U_2(ni6->ni_flags);
1878 			if (i)
1879 				ND_PRINT(" [%s]", (i & 0x01) ? "C" : "");
1880 			break;
1881 		case NI_QTYPE_FQDN:
1882 			if (needcomma)
1883 				ND_PRINT(", ");
1884 			ND_PRINT("DNS name");
1885 			cp = (const u_char *)(ni6 + 1) + 4;
1886 			if (GET_U_1(cp) == ep - cp - 1) {
1887 				/* icmp-name-lookup-03, pascal string */
1888 				if (ndo->ndo_vflag)
1889 					ND_PRINT(", 03 draft");
1890 				cp++;
1891 				ND_PRINT(", \"");
1892 				while (cp < ep) {
1893 					fn_print_char(ndo, GET_U_1(cp));
1894 					cp++;
1895 				}
1896 				ND_PRINT("\"");
1897 			} else
1898 				dnsname_print(ndo, cp, ep);
1899 			if ((GET_BE_U_2(ni6->ni_flags) & 0x01) != 0)
1900 				ND_PRINT(" [TTL=%u]", GET_BE_U_4(ni6 + 1));
1901 			break;
1902 		case NI_QTYPE_NODEADDR:
1903 			if (needcomma)
1904 				ND_PRINT(", ");
1905 			ND_PRINT("node addresses");
1906 			i = sizeof(*ni6);
1907 			while (i < siz) {
1908 				if (i + sizeof(uint32_t) + sizeof(nd_ipv6) > siz)
1909 					break;
1910 				ND_PRINT(" %s(%u)",
1911 				    GET_IP6ADDR_STRING(bp + i + sizeof(uint32_t)),
1912 				    GET_BE_U_4(bp + i));
1913 				i += sizeof(uint32_t) + sizeof(nd_ipv6);
1914 			}
1915 			i = GET_BE_U_2(ni6->ni_flags);
1916 			if (!i)
1917 				break;
1918 			ND_PRINT(" [%s%s%s%s%s%s%s]",
1919                                   (i & NI_NODEADDR_FLAG_ANYCAST) ? "a" : "",
1920                                   (i & NI_NODEADDR_FLAG_GLOBAL) ? "G" : "",
1921                                   (i & NI_NODEADDR_FLAG_SITELOCAL) ? "S" : "",
1922                                   (i & NI_NODEADDR_FLAG_LINKLOCAL) ? "L" : "",
1923                                   (i & NI_NODEADDR_FLAG_COMPAT) ? "C" : "",
1924                                   (i & NI_NODEADDR_FLAG_ALL) ? "A" : "",
1925                                   (i & NI_NODEADDR_FLAG_TRUNCATE) ? "T" : "");
1926 			break;
1927 		default:
1928 			if (needcomma)
1929 				ND_PRINT(", ");
1930 			ND_PRINT("unknown");
1931 			break;
1932 		}
1933 
1934 		/*(*/
1935 		ND_PRINT(")");
1936 		break;
1937 	}
1938 	return;
1939 
1940 trunc:
1941 	nd_print_trunc(ndo);
1942 }
1943 
1944 static void
1945 icmp6_rrenum_print(netdissect_options *ndo, const u_char *bp, const u_char *ep)
1946 {
1947 	const struct icmp6_router_renum *rr6;
1948 	const char *cp;
1949 	const struct rr_pco_match *match;
1950 	const struct rr_pco_use *use;
1951 	char hbuf[NI_MAXHOST];
1952 	int n;
1953 
1954 	if (ep < bp)
1955 		return;
1956 	rr6 = (const struct icmp6_router_renum *)bp;
1957 	cp = (const char *)(rr6 + 1);
1958 
1959 	ND_TCHECK_4(rr6->rr_reserved);
1960 	switch (GET_U_1(rr6->rr_code)) {
1961 	case ICMP6_ROUTER_RENUMBERING_COMMAND:
1962 		ND_PRINT(", command");
1963 		break;
1964 	case ICMP6_ROUTER_RENUMBERING_RESULT:
1965 		ND_PRINT(", result");
1966 		break;
1967 	case ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET:
1968 		ND_PRINT(", sequence number reset");
1969 		break;
1970 	default:
1971 		ND_PRINT(", code-#%u", GET_U_1(rr6->rr_code));
1972 		break;
1973 	}
1974 
1975         ND_PRINT(", seq=%u", GET_BE_U_4(rr6->rr_seqnum));
1976 
1977 	if (ndo->ndo_vflag) {
1978 		uint8_t rr_flags = GET_U_1(rr6->rr_flags);
1979 #define F(x, y)	(rr_flags & (x) ? (y) : "")
1980 		ND_PRINT("[");	/*]*/
1981 		if (rr_flags) {
1982 			ND_PRINT("%s%s%s%s%s,", F(ICMP6_RR_FLAGS_TEST, "T"),
1983                                   F(ICMP6_RR_FLAGS_REQRESULT, "R"),
1984                                   F(ICMP6_RR_FLAGS_FORCEAPPLY, "A"),
1985                                   F(ICMP6_RR_FLAGS_SPECSITE, "S"),
1986                                   F(ICMP6_RR_FLAGS_PREVDONE, "P"));
1987 		}
1988                 ND_PRINT("seg=%u,", GET_U_1(rr6->rr_segnum));
1989                 ND_PRINT("maxdelay=%u", GET_BE_U_2(rr6->rr_maxdelay));
1990 		if (GET_BE_U_4(rr6->rr_reserved))
1991 			ND_PRINT("rsvd=0x%x", GET_BE_U_4(rr6->rr_reserved));
1992 		/*[*/
1993 		ND_PRINT("]");
1994 #undef F
1995 	}
1996 
1997 	if (GET_U_1(rr6->rr_code) == ICMP6_ROUTER_RENUMBERING_COMMAND) {
1998 		match = (const struct rr_pco_match *)cp;
1999 		cp = (const char *)(match + 1);
2000 
2001 		ND_TCHECK_16(match->rpm_prefix);
2002 
2003 		if (ndo->ndo_vflag > 1)
2004 			ND_PRINT("\n\t");
2005 		else
2006 			ND_PRINT(" ");
2007 		ND_PRINT("match(");	/*)*/
2008 		switch (GET_U_1(match->rpm_code)) {
2009 		case RPM_PCO_ADD:	ND_PRINT("add"); break;
2010 		case RPM_PCO_CHANGE:	ND_PRINT("change"); break;
2011 		case RPM_PCO_SETGLOBAL:	ND_PRINT("setglobal"); break;
2012 		default:		ND_PRINT("#%u",
2013 						 GET_U_1(match->rpm_code)); break;
2014 		}
2015 
2016 		if (ndo->ndo_vflag) {
2017 			ND_PRINT(",ord=%u", GET_U_1(match->rpm_ordinal));
2018 			ND_PRINT(",min=%u", GET_U_1(match->rpm_minlen));
2019 			ND_PRINT(",max=%u", GET_U_1(match->rpm_maxlen));
2020 		}
2021 		if (addrtostr6(match->rpm_prefix, hbuf, sizeof(hbuf)))
2022 			ND_PRINT(",%s/%u", hbuf, GET_U_1(match->rpm_matchlen));
2023 		else
2024 			ND_PRINT(",?/%u", GET_U_1(match->rpm_matchlen));
2025 		/*(*/
2026 		ND_PRINT(")");
2027 
2028 		n = GET_U_1(match->rpm_len) - 3;
2029 		if (n % 4)
2030 			goto trunc;
2031 		n /= 4;
2032 		while (n-- > 0) {
2033 			use = (const struct rr_pco_use *)cp;
2034 			cp = (const char *)(use + 1);
2035 
2036 			ND_TCHECK_16(use->rpu_prefix);
2037 
2038 			if (ndo->ndo_vflag > 1)
2039 				ND_PRINT("\n\t");
2040 			else
2041 				ND_PRINT(" ");
2042 			ND_PRINT("use(");	/*)*/
2043 			if (GET_U_1(use->rpu_flags)) {
2044 #define F(x, y)	(GET_U_1(use->rpu_flags) & (x) ? (y) : "")
2045 				ND_PRINT("%s%s,",
2046                                           F(ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME, "V"),
2047                                           F(ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME, "P"));
2048 #undef F
2049 			}
2050 			if (ndo->ndo_vflag) {
2051 				ND_PRINT("mask=0x%x,",
2052 					 GET_U_1(use->rpu_ramask));
2053 				ND_PRINT("raflags=0x%x,",
2054 					 GET_U_1(use->rpu_raflags));
2055 				if (GET_BE_U_4(use->rpu_vltime) == 0xffffffff)
2056 					ND_PRINT("vltime=infty,");
2057 				else
2058 					ND_PRINT("vltime=%u,",
2059                                                   GET_BE_U_4(use->rpu_vltime));
2060 				if (GET_BE_U_4(use->rpu_pltime) == 0xffffffff)
2061 					ND_PRINT("pltime=infty,");
2062 				else
2063 					ND_PRINT("pltime=%u,",
2064                                                   GET_BE_U_4(use->rpu_pltime));
2065 			}
2066 			if (addrtostr6(use->rpu_prefix, hbuf, sizeof(hbuf)))
2067 				ND_PRINT("%s/%u/%u", hbuf,
2068                                           GET_U_1(use->rpu_uselen),
2069                                           GET_U_1(use->rpu_keeplen));
2070 			else
2071 				ND_PRINT("?/%u/%u", GET_U_1(use->rpu_uselen),
2072                                           GET_U_1(use->rpu_keeplen));
2073 			/*(*/
2074                         ND_PRINT(")");
2075 		}
2076 	}
2077 
2078 	return;
2079 
2080 trunc:
2081 	nd_print_trunc(ndo);
2082 }
2083