13340d773SGleb Smirnoff /* Copyright (c) 2015, bugyo
23340d773SGleb Smirnoff * All rights reserved.
33340d773SGleb Smirnoff *
43340d773SGleb Smirnoff * Redistribution and use in source and binary forms, with or without
53340d773SGleb Smirnoff * modification, are permitted provided that the following conditions are met:
63340d773SGleb Smirnoff * 1. Redistributions of source code must retain the above copyright notice,
73340d773SGleb Smirnoff * this list of conditions and the following disclaimer.
83340d773SGleb Smirnoff * 2. Redistributions in binary form must reproduce the above copyright notice,
93340d773SGleb Smirnoff * this list of conditions and the following disclaimer in the documentation
103340d773SGleb Smirnoff * and/or other materials provided with the distribution.
113340d773SGleb Smirnoff *
123340d773SGleb Smirnoff * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
133340d773SGleb Smirnoff * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
143340d773SGleb Smirnoff * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
153340d773SGleb Smirnoff * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
163340d773SGleb Smirnoff * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
173340d773SGleb Smirnoff * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
183340d773SGleb Smirnoff * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
193340d773SGleb Smirnoff * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
203340d773SGleb Smirnoff * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
213340d773SGleb Smirnoff * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
223340d773SGleb Smirnoff */
233340d773SGleb Smirnoff
243340d773SGleb Smirnoff /* \summary: Network Service Header (NSH) printer */
253340d773SGleb Smirnoff
26ee67461eSJoseph Mingrone /* specification: RFC 8300 */
273340d773SGleb Smirnoff
28ee67461eSJoseph Mingrone #include <config.h>
293340d773SGleb Smirnoff
30ee67461eSJoseph Mingrone #include "netdissect-stdinc.h"
313340d773SGleb Smirnoff
32ee67461eSJoseph Mingrone #define ND_LONGJMP_FROM_TCHECK
333340d773SGleb Smirnoff #include "netdissect.h"
343340d773SGleb Smirnoff #include "extract.h"
353340d773SGleb Smirnoff
363340d773SGleb Smirnoff static const struct tok nsh_flags [] = {
37ee67461eSJoseph Mingrone { 0x2, "O" },
383340d773SGleb Smirnoff { 0, NULL }
393340d773SGleb Smirnoff };
403340d773SGleb Smirnoff
41ee67461eSJoseph Mingrone /*
42ee67461eSJoseph Mingrone * 0 1 2 3
43ee67461eSJoseph Mingrone * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
44ee67461eSJoseph Mingrone * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
45ee67461eSJoseph Mingrone * |Ver|O|U| TTL | Length |U|U|U|U|MD Type| Next Protocol |
46ee67461eSJoseph Mingrone * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
47ee67461eSJoseph Mingrone */
483340d773SGleb Smirnoff #define NSH_BASE_HDR_LEN 4
49ee67461eSJoseph Mingrone #define NSH_VER(x) (((x) & 0xc0000000) >> 30)
50ee67461eSJoseph Mingrone #define NSH_FLAGS(x) (((x) & 0x30000000) >> 28)
51ee67461eSJoseph Mingrone #define NSH_TTL(x) (((x) & 0x0fc00000) >> 22)
52ee67461eSJoseph Mingrone #define NSH_LENGTH(x) (((x) & 0x003f0000) >> 16)
53ee67461eSJoseph Mingrone #define NSH_MD_TYPE(x) (((x) & 0x00000f00) >> 8)
54ee67461eSJoseph Mingrone #define NSH_NEXT_PROT(x) (((x) & 0x000000ff) >> 0)
55ee67461eSJoseph Mingrone
563340d773SGleb Smirnoff #define NSH_SERVICE_PATH_HDR_LEN 4
573340d773SGleb Smirnoff #define NSH_HDR_WORD_SIZE 4U
583340d773SGleb Smirnoff
59ee67461eSJoseph Mingrone #define MD_RSV 0x00
60ee67461eSJoseph Mingrone #define MD_TYPE1 0x01
61ee67461eSJoseph Mingrone #define MD_TYPE2 0x02
62ee67461eSJoseph Mingrone #define MD_EXP 0x0F
63ee67461eSJoseph Mingrone static const struct tok md_str[] = {
64ee67461eSJoseph Mingrone { MD_RSV, "reserved" },
65ee67461eSJoseph Mingrone { MD_TYPE1, "1" },
66ee67461eSJoseph Mingrone { MD_TYPE2, "2" },
67ee67461eSJoseph Mingrone { MD_EXP, "experimental" },
68ee67461eSJoseph Mingrone { 0, NULL }
69ee67461eSJoseph Mingrone };
70ee67461eSJoseph Mingrone
71ee67461eSJoseph Mingrone #define NP_IPV4 0x01
72ee67461eSJoseph Mingrone #define NP_IPV6 0x02
73ee67461eSJoseph Mingrone #define NP_ETH 0x03
74ee67461eSJoseph Mingrone #define NP_NSH 0x04
75ee67461eSJoseph Mingrone #define NP_MPLS 0x05
76ee67461eSJoseph Mingrone #define NP_EXP1 0xFE
77ee67461eSJoseph Mingrone #define NP_EXP2 0xFF
78ee67461eSJoseph Mingrone static const struct tok np_str[] = {
79ee67461eSJoseph Mingrone { NP_IPV4, "IPv4" },
80ee67461eSJoseph Mingrone { NP_IPV6, "IPv6" },
81ee67461eSJoseph Mingrone { NP_ETH, "Ethernet" },
82ee67461eSJoseph Mingrone { NP_NSH, "NSH" },
83ee67461eSJoseph Mingrone { NP_MPLS, "MPLS" },
84ee67461eSJoseph Mingrone { NP_EXP1, "Experiment 1" },
85ee67461eSJoseph Mingrone { NP_EXP2, "Experiment 2" },
86ee67461eSJoseph Mingrone { 0, NULL }
87ee67461eSJoseph Mingrone };
88ee67461eSJoseph Mingrone
893340d773SGleb Smirnoff void
nsh_print(netdissect_options * ndo,const u_char * bp,u_int len)903340d773SGleb Smirnoff nsh_print(netdissect_options *ndo, const u_char *bp, u_int len)
913340d773SGleb Smirnoff {
92ee67461eSJoseph Mingrone uint32_t basehdr;
93ee67461eSJoseph Mingrone u_int ver, length, md_type;
943340d773SGleb Smirnoff uint8_t next_protocol;
95ee67461eSJoseph Mingrone u_char past_headers = 0;
963340d773SGleb Smirnoff u_int next_len;
973340d773SGleb Smirnoff
98ee67461eSJoseph Mingrone ndo->ndo_protocol = "nsh";
99ee67461eSJoseph Mingrone /*
100ee67461eSJoseph Mingrone * 0 1 2 3
101ee67461eSJoseph Mingrone * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
102ee67461eSJoseph Mingrone * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
103ee67461eSJoseph Mingrone * | Base Header |
104ee67461eSJoseph Mingrone * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
105ee67461eSJoseph Mingrone * | Service Path Header |
106ee67461eSJoseph Mingrone * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
107ee67461eSJoseph Mingrone * | |
108ee67461eSJoseph Mingrone * ~ Context Header(s) ~
109ee67461eSJoseph Mingrone * | |
110ee67461eSJoseph Mingrone * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
111ee67461eSJoseph Mingrone */
112ee67461eSJoseph Mingrone
1133340d773SGleb Smirnoff /* print Base Header and Service Path Header */
114ee67461eSJoseph Mingrone if (len < NSH_BASE_HDR_LEN + NSH_SERVICE_PATH_HDR_LEN) {
115ee67461eSJoseph Mingrone ND_PRINT(" (packet length %u < %u)",
116ee67461eSJoseph Mingrone len, NSH_BASE_HDR_LEN + NSH_SERVICE_PATH_HDR_LEN);
117ee67461eSJoseph Mingrone goto invalid;
1183340d773SGleb Smirnoff }
119ee67461eSJoseph Mingrone
120ee67461eSJoseph Mingrone basehdr = GET_BE_U_4(bp);
121ee67461eSJoseph Mingrone bp += 4;
122ee67461eSJoseph Mingrone ver = NSH_VER(basehdr);
123ee67461eSJoseph Mingrone length = NSH_LENGTH(basehdr);
124ee67461eSJoseph Mingrone md_type = NSH_MD_TYPE(basehdr);
125ee67461eSJoseph Mingrone next_protocol = NSH_NEXT_PROT(basehdr);
126ee67461eSJoseph Mingrone
127ee67461eSJoseph Mingrone ND_PRINT("NSH, ");
128ee67461eSJoseph Mingrone if (ndo->ndo_vflag > 1) {
129ee67461eSJoseph Mingrone ND_PRINT("ver %u, ", ver);
130ee67461eSJoseph Mingrone }
131ee67461eSJoseph Mingrone if (ver != 0)
132ee67461eSJoseph Mingrone return;
133ee67461eSJoseph Mingrone ND_PRINT("flags [%s], ",
134ee67461eSJoseph Mingrone bittok2str_nosep(nsh_flags, "none", NSH_FLAGS(basehdr)));
1353340d773SGleb Smirnoff if (ndo->ndo_vflag > 2) {
136ee67461eSJoseph Mingrone ND_PRINT("TTL %u, ", NSH_TTL(basehdr));
137ee67461eSJoseph Mingrone ND_PRINT("length %u, ", length);
138ee67461eSJoseph Mingrone ND_PRINT("md type %s, ", tok2str(md_str, "unknown (0x%02x)", md_type));
1393340d773SGleb Smirnoff }
1403340d773SGleb Smirnoff if (ndo->ndo_vflag > 1) {
141ee67461eSJoseph Mingrone ND_PRINT("next-protocol %s, ",
142ee67461eSJoseph Mingrone tok2str(np_str, "unknown (0x%02x)", next_protocol));
1433340d773SGleb Smirnoff }
1443340d773SGleb Smirnoff
1453340d773SGleb Smirnoff /* Make sure we have all the headers */
146ee67461eSJoseph Mingrone if (len < length * NSH_HDR_WORD_SIZE) {
147ee67461eSJoseph Mingrone ND_PRINT(" (too many headers for packet length %u)", len);
148ee67461eSJoseph Mingrone goto invalid;
149ee67461eSJoseph Mingrone }
1503340d773SGleb Smirnoff
151ee67461eSJoseph Mingrone /*
152ee67461eSJoseph Mingrone * 0 1 2 3
153ee67461eSJoseph Mingrone * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
154ee67461eSJoseph Mingrone * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
155ee67461eSJoseph Mingrone * | Service Path Identifier (SPI) | Service Index |
156ee67461eSJoseph Mingrone * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
157ee67461eSJoseph Mingrone *
158ee67461eSJoseph Mingrone */
159ee67461eSJoseph Mingrone ND_PRINT("service-path-id 0x%06x, ", GET_BE_U_3(bp));
160ee67461eSJoseph Mingrone bp += 3;
161ee67461eSJoseph Mingrone ND_PRINT("service-index 0x%x", GET_U_1(bp));
162ee67461eSJoseph Mingrone bp += 1;
1633340d773SGleb Smirnoff
1643340d773SGleb Smirnoff /*
1653340d773SGleb Smirnoff * length includes the lengths of the Base and Service Path headers.
1663340d773SGleb Smirnoff * That means it must be at least 2.
1673340d773SGleb Smirnoff */
168ee67461eSJoseph Mingrone if (length < 2) {
169ee67461eSJoseph Mingrone ND_PRINT(" (less than two headers)");
170ee67461eSJoseph Mingrone goto invalid;
171ee67461eSJoseph Mingrone }
1723340d773SGleb Smirnoff
1733340d773SGleb Smirnoff /*
1743340d773SGleb Smirnoff * Print, or skip, the Context Headers.
1753340d773SGleb Smirnoff * (length - 2) is the length of those headers.
1763340d773SGleb Smirnoff */
1773340d773SGleb Smirnoff if (ndo->ndo_vflag > 2) {
178ee67461eSJoseph Mingrone u_int n;
179ee67461eSJoseph Mingrone
180ee67461eSJoseph Mingrone if (md_type == MD_TYPE1) {
181ee67461eSJoseph Mingrone if (length != 6) {
182*0a7e5f1fSJoseph Mingrone ND_PRINT(" (length for the MD type)");
183ee67461eSJoseph Mingrone goto invalid;
184ee67461eSJoseph Mingrone }
1853340d773SGleb Smirnoff for (n = 0; n < length - 2; n++) {
186ee67461eSJoseph Mingrone ND_PRINT("\n Context[%02u]: 0x%08x", n, GET_BE_U_4(bp));
1873340d773SGleb Smirnoff bp += NSH_HDR_WORD_SIZE;
1883340d773SGleb Smirnoff }
189ee67461eSJoseph Mingrone past_headers = 1;
190*0a7e5f1fSJoseph Mingrone } else if (md_type == MD_TYPE2) {
1913340d773SGleb Smirnoff n = 0;
1923340d773SGleb Smirnoff while (n < length - 2) {
193ee67461eSJoseph Mingrone uint16_t tlv_class;
194ee67461eSJoseph Mingrone uint8_t tlv_type, tlv_len, tlv_len_padded;
1953340d773SGleb Smirnoff
196ee67461eSJoseph Mingrone tlv_class = GET_BE_U_2(bp);
197ee67461eSJoseph Mingrone bp += 2;
198ee67461eSJoseph Mingrone tlv_type = GET_U_1(bp);
199ee67461eSJoseph Mingrone bp += 1;
200ee67461eSJoseph Mingrone tlv_len = GET_U_1(bp) & 0x7f;
201ee67461eSJoseph Mingrone bp += 1;
202ee67461eSJoseph Mingrone tlv_len_padded = roundup2(tlv_len, NSH_HDR_WORD_SIZE);
203ee67461eSJoseph Mingrone
204ee67461eSJoseph Mingrone ND_PRINT("\n TLV Class %u, Type %u, Len %u",
205ee67461eSJoseph Mingrone tlv_class, tlv_type, tlv_len);
2063340d773SGleb Smirnoff
2073340d773SGleb Smirnoff n += 1;
2083340d773SGleb Smirnoff
209ee67461eSJoseph Mingrone if (length - 2 < n + tlv_len_padded / NSH_HDR_WORD_SIZE) {
210ee67461eSJoseph Mingrone ND_PRINT(" (length too big)");
211ee67461eSJoseph Mingrone goto invalid;
2123340d773SGleb Smirnoff }
2133340d773SGleb Smirnoff
214ee67461eSJoseph Mingrone if (tlv_len) {
215ee67461eSJoseph Mingrone const char *sep = "0x";
216ee67461eSJoseph Mingrone u_int vn;
217ee67461eSJoseph Mingrone
218ee67461eSJoseph Mingrone ND_PRINT("\n Value: ");
2193340d773SGleb Smirnoff for (vn = 0; vn < tlv_len; vn++) {
220ee67461eSJoseph Mingrone ND_PRINT("%s%02x", sep, GET_U_1(bp));
221ee67461eSJoseph Mingrone bp += 1;
222ee67461eSJoseph Mingrone sep = ":";
2233340d773SGleb Smirnoff }
224ee67461eSJoseph Mingrone /* Cover any TLV padding. */
225ee67461eSJoseph Mingrone ND_TCHECK_LEN(bp, tlv_len_padded - tlv_len);
226ee67461eSJoseph Mingrone bp += tlv_len_padded - tlv_len;
227ee67461eSJoseph Mingrone n += tlv_len_padded / NSH_HDR_WORD_SIZE;
2283340d773SGleb Smirnoff }
2293340d773SGleb Smirnoff }
230ee67461eSJoseph Mingrone past_headers = 1;
2313340d773SGleb Smirnoff }
2323340d773SGleb Smirnoff }
233ee67461eSJoseph Mingrone if (! past_headers) {
234ee67461eSJoseph Mingrone ND_TCHECK_LEN(bp, (length - 2) * NSH_HDR_WORD_SIZE);
2353340d773SGleb Smirnoff bp += (length - 2) * NSH_HDR_WORD_SIZE;
2363340d773SGleb Smirnoff }
237ee67461eSJoseph Mingrone ND_PRINT(ndo->ndo_vflag ? "\n " : ": ");
2383340d773SGleb Smirnoff
2393340d773SGleb Smirnoff /* print Next Protocol */
2403340d773SGleb Smirnoff next_len = len - length * NSH_HDR_WORD_SIZE;
2413340d773SGleb Smirnoff switch (next_protocol) {
242ee67461eSJoseph Mingrone case NP_IPV4:
2433340d773SGleb Smirnoff ip_print(ndo, bp, next_len);
2443340d773SGleb Smirnoff break;
245ee67461eSJoseph Mingrone case NP_IPV6:
2463340d773SGleb Smirnoff ip6_print(ndo, bp, next_len);
2473340d773SGleb Smirnoff break;
248ee67461eSJoseph Mingrone case NP_ETH:
249ee67461eSJoseph Mingrone ether_print(ndo, bp, next_len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL);
2503340d773SGleb Smirnoff break;
2513340d773SGleb Smirnoff default:
252ee67461eSJoseph Mingrone ND_PRINT("ERROR: unknown-next-protocol");
2533340d773SGleb Smirnoff return;
2543340d773SGleb Smirnoff }
2553340d773SGleb Smirnoff
2563340d773SGleb Smirnoff return;
2573340d773SGleb Smirnoff
258ee67461eSJoseph Mingrone invalid:
259ee67461eSJoseph Mingrone nd_print_invalid(ndo);
2603340d773SGleb Smirnoff }
2613340d773SGleb Smirnoff
262