xref: /freebsd/contrib/tcpdump/print-lisp.c (revision 0b57cec536236d46e3dba9bd041533462f33dbb7)
1 /*
2  * Copyright (c) 2015 Ritesh Ranjan (r.ranjan789@gmail.com)
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 3. The name of the author may not be used to endorse or promote products
14  *    derived from this software without specific prior written permission.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19  * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
20  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
22  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
24  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
25  * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26  * POSSIBILITY OF SUCH DAMAGE.
27  */
28 
29 /* \summary: - Locator/Identifier Separation Protocol (LISP) printer */
30 
31 /*
32  * specification: RFC 6830
33  *
34  *
35  * The Map-Register message format is:
36  *
37  *       0                   1                   2                   3
38  *       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
39  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
40  *      |Type=3 |P|S|I|R|      Reserved               |M| Record Count  |
41  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
42  *      |                         Nonce . . .                           |
43  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
44  *      |                         . . . Nonce                           |
45  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
46  *      |            Key ID             |  Authentication Data Length   |
47  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
48  *      ~                     Authentication Data                       ~
49  *  +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
50  *  |   |                          Record TTL                           |
51  *  |   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
52  *  R   | Locator Count | EID mask-len  | ACT |A|      Reserved         |
53  *  e   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
54  *  c   | Rsvd  |  Map-Version Number   |        EID-Prefix-AFI         |
55  *  o   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
56  *  r   |                          EID-Prefix                           |
57  *  d   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
58  *  |  /|    Priority   |    Weight     |  M Priority   |   M Weight    |
59  *  | L +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
60  *  | o |        Unused Flags     |L|p|R|           Loc-AFI             |
61  *  | c +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
62  *  |  \|                             Locator                           |
63  *  +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
64  *
65  *
66  * The Map-Notify message format is:
67  *
68  *       0                   1                   2                   3
69  *       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
70  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
71  *      |Type=4 |I|R|          Reserved                 | Record Count  |
72  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
73  *      |                         Nonce . . .                           |
74  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
75  *      |                         . . . Nonce                           |
76  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
77  *      |            Key ID             |  Authentication Data Length   |
78  *      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
79  *      ~                     Authentication Data                       ~
80  *  +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
81  *  |   |                          Record TTL                           |
82  *  |   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
83  *  R   | Locator Count | EID mask-len  | ACT |A|      Reserved         |
84  *  e   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
85  *  c   | Rsvd  |  Map-Version Number   |         EID-Prefix-AFI        |
86  *  o   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
87  *  r   |                          EID-Prefix                           |
88  *  d   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
89  *  |  /|    Priority   |    Weight     |  M Priority   |   M Weight    |
90  *  | L +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
91  *  | o |        Unused Flags     |L|p|R|           Loc-AFI             |
92  *  | c +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
93  *  |  \|                             Locator                           |
94  *  +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
95  */
96 
97 #ifdef HAVE_CONFIG_H
98 #include "config.h"
99 #endif
100 
101 #include <netdissect-stdinc.h>
102 #include <netdissect.h>
103 #include <string.h>
104 #include <stdlib.h>
105 
106 #include "ip.h"
107 #include "ip6.h"
108 
109 #include "extract.h"
110 #include "addrtoname.h"
111 
112 static const char tstr[] = " [|LISP]";
113 
114 #define IPv4_AFI			1
115 #define IPv6_AFI			2
116 #define TYPE_INDEX			4
117 #define LISP_MAP_NOTIFY_IBIT_MASK	8
118 #define LISP_MAP_REGISTER_IBIT_MASK	2
119 
120 enum {
121 	LISP_MAP_REQUEST = 1,
122 	LISP_MAP_REPLY,
123 	LISP_MAP_REGISTER,
124 	LISP_MAP_NOTIFY,
125 	LISP_ENCAPSULATED_CONTROL_MESSAGE = 8
126 };
127 
128 enum {
129 	LISP_AUTH_NONE,
130 	LISP_AUTH_SHA1,
131 	LISP_AUTH_SHA256
132 };
133 
134 static const struct tok lisp_type [] = {
135 	{ 0, "LISP-Reserved"			},
136 	{ 1, "LISP-Map-Request"			},
137 	{ 2, "LISP-Map-Reply"			},
138 	{ 3, "LISP-Map-Register"		},
139 	{ 4, "LISP-Map-Notify"			},
140 	{ 8, "LISP-Encapsulated-Contol-Message" },
141 	{ 0, NULL }
142 };
143 
144 /*
145  * P-Bit : Request for Proxy Map-Reply from the MS/MR
146  * S-Bit : Security Enhancement. ETR is LISP-SEC enabled. draft-ietf-lisp-sec
147  * I-Bit : 128 bit xTR-ID and 64 bit Site-ID present.
148  *	   xTR-ID and Site-ID help in differentiation of xTRs in multi xTR
149  *	   and multi Site deployment scenarios.
150  * R-Bit : Built for a Reencapsulating-Tunnel-Router. Used in Traffic
151  *	   Engineering and Service Chaining
152  */
153 static const struct tok map_register_hdr_flag[] = {
154 	{ 0x08000000, "P-Proxy-Map-Reply"  },
155 	{ 0x04000000, "S-LISP-SEC-Capable" },
156 	{ 0x02000000, "I-xTR-ID-Present"   },
157 	{ 0x01000000, "R-Build-For-RTR"    },
158 	{ 0x00000100, "M-Want-Map-Notify"  },
159 	{ 0, NULL }
160 };
161 
162 static const struct tok map_notify_hdr_flag[] = {
163 	{ 0x08000000, "I-xTR-ID-Present"   },
164 	{ 0x04000000, "R-Build-For-RTR"    },
165 	{ 0, NULL }
166 };
167 
168 static const struct tok auth_type[] = {
169 	{ LISP_AUTH_NONE,   "None"   },
170 	{ LISP_AUTH_SHA1,   "SHA1"   },
171 	{ LISP_AUTH_SHA256, "SHA256" },
172 	{ 0, NULL}
173 };
174 
175 static const struct tok lisp_eid_action[] = {
176 	{ 0, "No-Action"	},
177 	{ 1, "Natively-Forward" },
178 	{ 2, "Send-Map-Request" },
179 	{ 3, "Drop"		},
180 	{ 0, NULL}
181 };
182 
183 static const struct tok lisp_loc_flag[] = {
184 	{ 0x0004, "Local-Locator" },
185 	{ 0x0002, "RLoc-Probed"	  },
186 	{ 0x0001, "Reachable"	  },
187 	{ 0, NULL }
188 };
189 
190 typedef struct map_register_hdr {
191 	nd_uint8_t type_and_flag;
192 	nd_uint8_t reserved;
193 	nd_uint8_t reserved_and_flag2;
194 	nd_uint8_t record_count;
195 	nd_uint64_t nonce;
196 	nd_uint16_t key_id;
197 	nd_uint16_t auth_data_len;
198 } lisp_map_register_hdr;
199 
200 #define MAP_REGISTER_HDR_LEN sizeof(lisp_map_register_hdr)
201 
202 typedef struct map_register_eid {
203 	nd_uint32_t ttl;
204 	nd_uint8_t locator_count;
205 	nd_uint8_t eid_prefix_mask_length;
206 	nd_uint8_t act_auth_inc_res;
207 	nd_uint8_t reserved;
208 	nd_uint8_t reserved_version_hi;
209 	nd_uint8_t version_low;
210 	nd_uint16_t eid_prefix_afi;
211 } lisp_map_register_eid;
212 
213 #define MAP_REGISTER_EID_LEN sizeof(lisp_map_register_eid)
214 
215 typedef struct map_register_loc {
216 	nd_uint8_t priority;
217 	nd_uint8_t weight;
218 	nd_uint8_t m_priority;
219 	nd_uint8_t m_weight;
220 	nd_uint16_t unused_and_flag;
221 	nd_uint16_t locator_afi;
222 } lisp_map_register_loc;
223 
224 #define MAP_REGISTER_LOC_LEN sizeof(lisp_map_register_loc)
225 
226 static inline uint8_t extract_lisp_type(uint8_t);
227 static inline uint8_t is_xtr_data_present(uint8_t , uint8_t);
228 static void lisp_hdr_flag(netdissect_options *, const lisp_map_register_hdr *);
229 static void action_flag(netdissect_options *, uint8_t);
230 static void loc_hdr_flag(netdissect_options *, uint16_t);
231 
232 void lisp_print(netdissect_options *ndo, const u_char *bp, u_int length)
233 {
234 	uint8_t type;
235 	uint8_t mask_len;
236 	uint8_t loc_count;
237 	uint8_t xtr_present;
238 	uint8_t record_count;
239 	uint16_t key_id;
240 	uint16_t eid_afi;
241 	uint16_t loc_afi;
242 	uint16_t map_version;
243 	uint16_t packet_offset;
244 	uint16_t auth_data_len;
245 	uint32_t ttl;
246 	const u_char *packet_iterator;
247 	const u_char *loc_ip_pointer;
248 	const lisp_map_register_hdr *lisp_hdr;
249 	const lisp_map_register_eid *lisp_eid;
250 	const lisp_map_register_loc *lisp_loc;
251 
252 	/* Check if enough bytes for header are available */
253 	ND_TCHECK2(*bp, MAP_REGISTER_HDR_LEN);
254 	lisp_hdr = (const lisp_map_register_hdr *) bp;
255 	lisp_hdr_flag(ndo, lisp_hdr);
256 	/* Supporting only MAP NOTIFY and MAP REGISTER LISP packets */
257 	type = extract_lisp_type(lisp_hdr->type_and_flag);
258 	if ((type != LISP_MAP_REGISTER) && (type != LISP_MAP_NOTIFY))
259 		return;
260 
261 	/* Find if the packet contains xTR and Site-ID data */
262 	xtr_present = is_xtr_data_present(type, lisp_hdr->type_and_flag);
263 
264 	/* Extract the number of EID records present */
265 	auth_data_len = EXTRACT_16BITS(&lisp_hdr->auth_data_len);
266 	packet_iterator = (const u_char *)(lisp_hdr);
267 	packet_offset = MAP_REGISTER_HDR_LEN;
268 	record_count = lisp_hdr->record_count;
269 
270 	if (ndo->ndo_vflag) {
271 		key_id = EXTRACT_16BITS(&lisp_hdr->key_id);
272 		ND_PRINT((ndo, "\n    %u record(s), ", record_count));
273 		ND_PRINT((ndo, "Authentication %s,",
274 			tok2str(auth_type, "unknown-type", key_id)));
275 		hex_print(ndo, "\n    Authentication-Data: ", packet_iterator +
276 						packet_offset, auth_data_len);
277 	} else {
278 		ND_PRINT((ndo, " %u record(s),", record_count));
279 	}
280 	packet_offset += auth_data_len;
281 
282 	if (record_count == 0)
283 		goto invalid;
284 
285 	/* Print all the EID records */
286 	while ((length > packet_offset) && (record_count--)) {
287 
288 		ND_TCHECK2(*(packet_iterator + packet_offset), MAP_REGISTER_EID_LEN);
289 		ND_PRINT((ndo, "\n"));
290 		lisp_eid = (const lisp_map_register_eid *)
291 				((const u_char *)lisp_hdr + packet_offset);
292 		packet_offset += MAP_REGISTER_EID_LEN;
293 		mask_len = lisp_eid->eid_prefix_mask_length;
294 		eid_afi = EXTRACT_16BITS(&lisp_eid->eid_prefix_afi);
295 		loc_count = lisp_eid->locator_count;
296 
297 		if (ndo->ndo_vflag) {
298 			ttl = EXTRACT_32BITS(&lisp_eid->ttl);
299 			ND_PRINT((ndo, "      Record TTL %u,", ttl));
300 			action_flag(ndo, lisp_eid->act_auth_inc_res);
301 			map_version = (((lisp_eid->reserved_version_hi) & 15 ) * 255) +
302 					lisp_eid->version_low;
303 			ND_PRINT((ndo, " Map Version: %u,", map_version));
304 		}
305 
306 		switch (eid_afi) {
307 		case IPv4_AFI:
308 			ND_TCHECK2(*(packet_iterator + packet_offset), 4);
309 			ND_PRINT((ndo, " EID %s/%u,", ipaddr_string(ndo,
310 				packet_iterator + packet_offset), mask_len));
311 			packet_offset += 4;
312 			break;
313 		case IPv6_AFI:
314 			ND_TCHECK2(*(packet_iterator + packet_offset), 16);
315 			ND_PRINT((ndo, " EID %s/%u,", ip6addr_string(ndo,
316 				packet_iterator + packet_offset), mask_len));
317 			packet_offset += 16;
318 			break;
319 		default:
320 			/*
321 			 * No support for LCAF right now.
322 			 */
323 			return;
324 			break;
325 		}
326 
327 		ND_PRINT((ndo, " %u locator(s)", loc_count));
328 
329 		while (loc_count--) {
330 			ND_TCHECK2(*(packet_iterator + packet_offset), MAP_REGISTER_LOC_LEN);
331 			lisp_loc = (const lisp_map_register_loc *) (packet_iterator + packet_offset);
332 			loc_ip_pointer = (const u_char *) (lisp_loc + 1);
333 			packet_offset += MAP_REGISTER_LOC_LEN;
334 			loc_afi = EXTRACT_16BITS(&lisp_loc->locator_afi);
335 
336 			if (ndo->ndo_vflag)
337 				ND_PRINT((ndo, "\n       "));
338 
339 			switch (loc_afi) {
340 			case IPv4_AFI:
341 				ND_TCHECK2(*(packet_iterator + packet_offset), 4);
342 				ND_PRINT((ndo, " LOC %s", ipaddr_string(ndo, loc_ip_pointer)));
343 				packet_offset += 4;
344 				break;
345 			case IPv6_AFI:
346 				ND_TCHECK2(*(packet_iterator + packet_offset), 16);
347 				ND_PRINT((ndo, " LOC %s", ip6addr_string(ndo, loc_ip_pointer)));
348 				packet_offset += 16;
349 				break;
350 			default:
351 				break;
352 			}
353 			if (ndo->ndo_vflag) {
354 				ND_PRINT((ndo, "\n          Priority/Weight %u/%u,"
355 						" Multicast Priority/Weight %u/%u,",
356 						lisp_loc->priority, lisp_loc->weight,
357 						lisp_loc->m_priority, lisp_loc->m_weight));
358 				loc_hdr_flag(ndo, EXTRACT_16BITS(&lisp_loc->unused_and_flag));
359 			}
360 		}
361 	}
362 
363 	/*
364 	 * Print xTR and Site ID. Handle the fact that the packet could be invalid.
365 	 * If the xTR_ID_Present bit is not set, and we still have data to display,
366 	 * show it as hex data.
367 	 */
368 	if (xtr_present) {
369 		if (!ND_TTEST2(*(packet_iterator + packet_offset), 24))
370 			goto invalid;
371 		hex_print_with_offset(ndo, "\n    xTR-ID: ", packet_iterator + packet_offset, 16, 0);
372 		ND_PRINT((ndo, "\n    SITE-ID: %" PRIu64,
373 			EXTRACT_64BITS(packet_iterator + packet_offset + 16)));
374 	} else {
375 		/* Check if packet isn't over yet */
376 		if (packet_iterator + packet_offset < ndo->ndo_snapend) {
377 			hex_print_with_offset(ndo, "\n    Data: ", packet_iterator + packet_offset,
378 				(ndo->ndo_snapend - (packet_iterator + packet_offset)), 0);
379 		}
380 	}
381 	return;
382 trunc:
383 	ND_PRINT((ndo, "\n   %s", tstr));
384 	return;
385 invalid:
386 	ND_PRINT((ndo, "\n   %s", istr));
387 	return;
388 }
389 
390 static inline uint8_t extract_lisp_type(uint8_t lisp_hdr_flags)
391 {
392 	return (lisp_hdr_flags) >> TYPE_INDEX;
393 }
394 
395 static inline uint8_t is_xtr_data_present(uint8_t type, uint8_t lisp_hdr_flags)
396 {
397 	uint8_t xtr_present = 0;
398 
399 	if (type == LISP_MAP_REGISTER)
400 		xtr_present = (lisp_hdr_flags) & LISP_MAP_REGISTER_IBIT_MASK;
401 	else if (type == LISP_MAP_NOTIFY)
402 		xtr_present = (lisp_hdr_flags) & LISP_MAP_NOTIFY_IBIT_MASK;
403 
404 	return xtr_present;
405 }
406 
407 static void lisp_hdr_flag(netdissect_options *ndo, const lisp_map_register_hdr *lisp_hdr)
408 {
409 	uint8_t type = extract_lisp_type(lisp_hdr->type_and_flag);
410 
411 	if (!ndo->ndo_vflag) {
412 		ND_PRINT((ndo, "%s,", tok2str(lisp_type, "unknown-type-%u", type)));
413 		return;
414 	} else {
415 		ND_PRINT((ndo, "%s,", tok2str(lisp_type, "unknown-type-%u", type)));
416 	}
417 
418 	if (type == LISP_MAP_REGISTER) {
419 		ND_PRINT((ndo, " flags [%s],", bittok2str(map_register_hdr_flag,
420 			 "none", EXTRACT_32BITS(lisp_hdr))));
421 	} else if (type == LISP_MAP_NOTIFY) {
422 		ND_PRINT((ndo, " flags [%s],", bittok2str(map_notify_hdr_flag,
423 			 "none", EXTRACT_32BITS(lisp_hdr))));
424 	}
425 
426 	return;
427 }
428 
429 static void action_flag(netdissect_options *ndo, uint8_t act_auth_inc_res)
430 {
431 	uint8_t action;
432 	uint8_t authoritative;
433 
434 	authoritative  = ((act_auth_inc_res >> 4) & 1);
435 
436 	if (authoritative)
437 		ND_PRINT((ndo, " Authoritative,"));
438 	else
439 		ND_PRINT((ndo, " Non-Authoritative,"));
440 
441 	action = act_auth_inc_res >> 5;
442 	ND_PRINT((ndo, " %s,", tok2str(lisp_eid_action, "unknown", action)));
443 }
444 
445 static void loc_hdr_flag(netdissect_options *ndo, uint16_t flag)
446 {
447 	ND_PRINT((ndo, " flags [%s],", bittok2str(lisp_loc_flag, "none", flag)));
448 }
449 
450