1 /* 2 * Copyright (C) 2002 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 /* \summary: IPv6 mobility printer */ 31 /* RFC 3775 */ 32 33 #ifdef HAVE_CONFIG_H 34 #include <config.h> 35 #endif 36 37 #include "netdissect-stdinc.h" 38 39 #include "netdissect.h" 40 #include "addrtoname.h" 41 #include "extract.h" 42 43 #include "ip6.h" 44 45 46 /* Mobility header */ 47 struct ip6_mobility { 48 nd_uint8_t ip6m_pproto; /* following payload protocol (for PG) */ 49 nd_uint8_t ip6m_len; /* length in units of 8 octets */ 50 nd_uint8_t ip6m_type; /* message type */ 51 nd_uint8_t reserved; /* reserved */ 52 nd_uint16_t ip6m_cksum; /* sum of IPv6 pseudo-header and MH */ 53 union { 54 nd_uint16_t ip6m_un_data16[1]; /* type-specific field */ 55 nd_uint8_t ip6m_un_data8[2]; /* type-specific field */ 56 } ip6m_dataun; 57 }; 58 59 #define ip6m_data16 ip6m_dataun.ip6m_un_data16 60 #define ip6m_data8 ip6m_dataun.ip6m_un_data8 61 62 #define IP6M_MINLEN 8 63 64 /* https://www.iana.org/assignments/mobility-parameters/mobility-parameters.xhtml */ 65 66 /* message type */ 67 #define IP6M_BINDING_REQUEST 0 /* Binding Refresh Request */ 68 #define IP6M_HOME_TEST_INIT 1 /* Home Test Init */ 69 #define IP6M_CAREOF_TEST_INIT 2 /* Care-of Test Init */ 70 #define IP6M_HOME_TEST 3 /* Home Test */ 71 #define IP6M_CAREOF_TEST 4 /* Care-of Test */ 72 #define IP6M_BINDING_UPDATE 5 /* Binding Update */ 73 #define IP6M_BINDING_ACK 6 /* Binding Acknowledgement */ 74 #define IP6M_BINDING_ERROR 7 /* Binding Error */ 75 #define IP6M_MAX 7 76 77 static const struct tok ip6m_str[] = { 78 { IP6M_BINDING_REQUEST, "BRR" }, 79 { IP6M_HOME_TEST_INIT, "HoTI" }, 80 { IP6M_CAREOF_TEST_INIT, "CoTI" }, 81 { IP6M_HOME_TEST, "HoT" }, 82 { IP6M_CAREOF_TEST, "CoT" }, 83 { IP6M_BINDING_UPDATE, "BU" }, 84 { IP6M_BINDING_ACK, "BA" }, 85 { IP6M_BINDING_ERROR, "BE" }, 86 { 0, NULL } 87 }; 88 89 static const unsigned ip6m_hdrlen[IP6M_MAX + 1] = { 90 IP6M_MINLEN, /* IP6M_BINDING_REQUEST */ 91 IP6M_MINLEN + 8, /* IP6M_HOME_TEST_INIT */ 92 IP6M_MINLEN + 8, /* IP6M_CAREOF_TEST_INIT */ 93 IP6M_MINLEN + 16, /* IP6M_HOME_TEST */ 94 IP6M_MINLEN + 16, /* IP6M_CAREOF_TEST */ 95 IP6M_MINLEN + 4, /* IP6M_BINDING_UPDATE */ 96 IP6M_MINLEN + 4, /* IP6M_BINDING_ACK */ 97 IP6M_MINLEN + 16, /* IP6M_BINDING_ERROR */ 98 }; 99 100 /* Mobility Header Options */ 101 #define IP6MOPT_MINLEN 2 102 #define IP6MOPT_PAD1 0x0 /* Pad1 */ 103 #define IP6MOPT_PADN 0x1 /* PadN */ 104 #define IP6MOPT_REFRESH 0x2 /* Binding Refresh Advice */ 105 #define IP6MOPT_REFRESH_MINLEN 4 106 #define IP6MOPT_ALTCOA 0x3 /* Alternate Care-of Address */ 107 #define IP6MOPT_ALTCOA_MINLEN 18 108 #define IP6MOPT_NONCEID 0x4 /* Nonce Indices */ 109 #define IP6MOPT_NONCEID_MINLEN 6 110 #define IP6MOPT_AUTH 0x5 /* Binding Authorization Data */ 111 #define IP6MOPT_AUTH_MINLEN 12 112 113 static const struct tok ip6m_binding_update_bits [] = { 114 { 0x08, "A" }, 115 { 0x04, "H" }, 116 { 0x02, "L" }, 117 { 0x01, "K" }, 118 { 0, NULL } 119 }; 120 121 static int 122 mobility_opt_print(netdissect_options *ndo, 123 const u_char *bp, const unsigned len) 124 { 125 unsigned i, optlen; 126 127 for (i = 0; i < len; i += optlen) { 128 if (GET_U_1(bp + i) == IP6MOPT_PAD1) 129 optlen = 1; 130 else { 131 if (i + 1 < len) { 132 optlen = GET_U_1(bp + i + 1) + 2; 133 } 134 else 135 goto trunc; 136 } 137 if (i + optlen > len) 138 goto trunc; 139 ND_TCHECK_1(bp + i + optlen); 140 141 switch (GET_U_1(bp + i)) { 142 case IP6MOPT_PAD1: 143 ND_PRINT("(pad1)"); 144 break; 145 case IP6MOPT_PADN: 146 if (len - i < IP6MOPT_MINLEN) { 147 ND_PRINT("(padn: trunc)"); 148 goto trunc; 149 } 150 ND_PRINT("(padn)"); 151 break; 152 case IP6MOPT_REFRESH: 153 if (len - i < IP6MOPT_REFRESH_MINLEN) { 154 ND_PRINT("(refresh: trunc)"); 155 goto trunc; 156 } 157 /* units of 4 secs */ 158 ND_PRINT("(refresh: %u)", 159 GET_BE_U_2(bp + i + 2) << 2); 160 break; 161 case IP6MOPT_ALTCOA: 162 if (len - i < IP6MOPT_ALTCOA_MINLEN) { 163 ND_PRINT("(altcoa: trunc)"); 164 goto trunc; 165 } 166 ND_PRINT("(alt-CoA: %s)", GET_IP6ADDR_STRING(bp + i + 2)); 167 break; 168 case IP6MOPT_NONCEID: 169 if (len - i < IP6MOPT_NONCEID_MINLEN) { 170 ND_PRINT("(ni: trunc)"); 171 goto trunc; 172 } 173 ND_PRINT("(ni: ho=0x%04x co=0x%04x)", 174 GET_BE_U_2(bp + i + 2), 175 GET_BE_U_2(bp + i + 4)); 176 break; 177 case IP6MOPT_AUTH: 178 if (len - i < IP6MOPT_AUTH_MINLEN) { 179 ND_PRINT("(auth: trunc)"); 180 goto trunc; 181 } 182 ND_PRINT("(auth)"); 183 break; 184 default: 185 if (len - i < IP6MOPT_MINLEN) { 186 ND_PRINT("(sopt_type %u: trunc)", 187 GET_U_1(bp + i)); 188 goto trunc; 189 } 190 ND_PRINT("(type-0x%02x: len=%u)", GET_U_1(bp + i), 191 GET_U_1(bp + i + 1)); 192 break; 193 } 194 } 195 return 0; 196 197 trunc: 198 return 1; 199 } 200 201 /* 202 * Mobility Header 203 */ 204 int 205 mobility_print(netdissect_options *ndo, 206 const u_char *bp, const u_char *bp2 _U_) 207 { 208 const struct ip6_mobility *mh; 209 const u_char *ep; 210 unsigned mhlen, hlen; 211 uint8_t type; 212 213 ndo->ndo_protocol = "mobility"; 214 mh = (const struct ip6_mobility *)bp; 215 216 /* 'ep' points to the end of available data. */ 217 ep = ndo->ndo_snapend; 218 219 if (!ND_TTEST_1(mh->ip6m_len)) { 220 /* 221 * There's not enough captured data to include the 222 * mobility header length. 223 * 224 * Our caller expects us to return the length, however, 225 * so return a value that will run to the end of the 226 * captured data. 227 * 228 * XXX - "ip6_print()" doesn't do anything with the 229 * returned length, however, as it breaks out of the 230 * header-processing loop. 231 */ 232 mhlen = (unsigned)(ep - bp); 233 goto trunc; 234 } 235 mhlen = (GET_U_1(mh->ip6m_len) + 1) << 3; 236 237 /* XXX ip6m_cksum */ 238 239 type = GET_U_1(mh->ip6m_type); 240 if (type <= IP6M_MAX && mhlen < ip6m_hdrlen[type]) { 241 ND_PRINT("(header length %u is too small for type %u)", mhlen, type); 242 goto trunc; 243 } 244 ND_PRINT("mobility: %s", tok2str(ip6m_str, "type-#%u", type)); 245 switch (type) { 246 case IP6M_BINDING_REQUEST: 247 hlen = IP6M_MINLEN; 248 break; 249 case IP6M_HOME_TEST_INIT: 250 case IP6M_CAREOF_TEST_INIT: 251 hlen = IP6M_MINLEN; 252 if (ndo->ndo_vflag) { 253 ND_PRINT(" %s Init Cookie=%08x:%08x", 254 type == IP6M_HOME_TEST_INIT ? "Home" : "Care-of", 255 GET_BE_U_4(bp + hlen), 256 GET_BE_U_4(bp + hlen + 4)); 257 } 258 hlen += 8; 259 break; 260 case IP6M_HOME_TEST: 261 case IP6M_CAREOF_TEST: 262 ND_PRINT(" nonce id=0x%x", GET_BE_U_2(mh->ip6m_data16[0])); 263 hlen = IP6M_MINLEN; 264 if (ndo->ndo_vflag) { 265 ND_PRINT(" %s Init Cookie=%08x:%08x", 266 type == IP6M_HOME_TEST ? "Home" : "Care-of", 267 GET_BE_U_4(bp + hlen), 268 GET_BE_U_4(bp + hlen + 4)); 269 } 270 hlen += 8; 271 if (ndo->ndo_vflag) { 272 ND_PRINT(" %s Keygen Token=%08x:%08x", 273 type == IP6M_HOME_TEST ? "Home" : "Care-of", 274 GET_BE_U_4(bp + hlen), 275 GET_BE_U_4(bp + hlen + 4)); 276 } 277 hlen += 8; 278 break; 279 case IP6M_BINDING_UPDATE: 280 { 281 int bits; 282 ND_PRINT(" seq#=%u", GET_BE_U_2(mh->ip6m_data16[0])); 283 hlen = IP6M_MINLEN; 284 ND_TCHECK_2(bp + hlen); 285 bits = (GET_U_1(bp + hlen) & 0xf0) >> 4; 286 if (bits) { 287 ND_PRINT(" "); 288 ND_PRINT("%s", 289 bittok2str_nosep(ip6m_binding_update_bits, 290 "bits-#0x%x", bits)); 291 } 292 /* Reserved (4bits) */ 293 hlen += 1; 294 /* Reserved (8bits) */ 295 hlen += 1; 296 /* units of 4 secs */ 297 ND_PRINT(" lifetime=%u", GET_BE_U_2(bp + hlen) << 2); 298 hlen += 2; 299 break; 300 } 301 case IP6M_BINDING_ACK: 302 ND_PRINT(" status=%u", GET_U_1(mh->ip6m_data8[0])); 303 if (GET_U_1(mh->ip6m_data8[1]) & 0x80) 304 ND_PRINT(" K"); 305 /* Reserved (7bits) */ 306 hlen = IP6M_MINLEN; 307 ND_PRINT(" seq#=%u", GET_BE_U_2(bp + hlen)); 308 hlen += 2; 309 /* units of 4 secs */ 310 ND_PRINT(" lifetime=%u", GET_BE_U_2(bp + hlen) << 2); 311 hlen += 2; 312 break; 313 case IP6M_BINDING_ERROR: 314 ND_PRINT(" status=%u", GET_U_1(mh->ip6m_data8[0])); 315 /* Reserved */ 316 hlen = IP6M_MINLEN; 317 ND_PRINT(" homeaddr %s", GET_IP6ADDR_STRING(bp + hlen)); 318 hlen += 16; 319 break; 320 default: 321 ND_PRINT(" len=%u", GET_U_1(mh->ip6m_len)); 322 return(mhlen); 323 break; 324 } 325 if (ndo->ndo_vflag) 326 if (mobility_opt_print(ndo, bp + hlen, mhlen - hlen)) 327 goto trunc; 328 329 return(mhlen); 330 331 trunc: 332 nd_print_trunc(ndo); 333 return(-1); 334 } 335