1 /* 2 * Copyright (c) 1992, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * OSPF support contributed by Jeffrey Honig (jch@mitchell.cit.cornell.edu) 22 */ 23 24 /* \summary: IPv6 Open Shortest Path First (OSPFv3) printer */ 25 26 #include <config.h> 27 28 #include "netdissect-stdinc.h" 29 30 #include <string.h> 31 32 #include "netdissect.h" 33 #include "addrtoname.h" 34 #include "extract.h" 35 36 #include "ospf.h" 37 38 #define OSPF_TYPE_HELLO 1 /* Hello */ 39 #define OSPF_TYPE_DD 2 /* Database Description */ 40 #define OSPF_TYPE_LS_REQ 3 /* Link State Request */ 41 #define OSPF_TYPE_LS_UPDATE 4 /* Link State Update */ 42 #define OSPF_TYPE_LS_ACK 5 /* Link State Ack */ 43 44 /* Options *_options */ 45 #define OSPF6_OPTION_V6 0x01 /* V6 bit: A bit for peeping tom */ 46 #define OSPF6_OPTION_E 0x02 /* E bit: External routes advertised */ 47 #define OSPF6_OPTION_MC 0x04 /* MC bit: Multicast capable */ 48 #define OSPF6_OPTION_N 0x08 /* N bit: For type-7 LSA */ 49 #define OSPF6_OPTION_R 0x10 /* R bit: Router bit */ 50 #define OSPF6_OPTION_DC 0x20 /* DC bit: Demand circuits */ 51 /* The field is actually 24-bit (RFC5340 Section A.2). */ 52 #define OSPF6_OPTION_AF 0x0100 /* AF bit: Multiple address families */ 53 #define OSPF6_OPTION_L 0x0200 /* L bit: Link-local signaling (LLS) */ 54 #define OSPF6_OPTION_AT 0x0400 /* AT bit: Authentication trailer */ 55 56 57 /* db_flags */ 58 #define OSPF6_DB_INIT 0x04 /* */ 59 #define OSPF6_DB_MORE 0x02 60 #define OSPF6_DB_MASTER 0x01 61 #define OSPF6_DB_M6 0x10 /* IPv6 MTU */ 62 63 /* ls_type */ 64 #define LS_TYPE_ROUTER 1 /* router link */ 65 #define LS_TYPE_NETWORK 2 /* network link */ 66 #define LS_TYPE_INTER_AP 3 /* Inter-Area-Prefix */ 67 #define LS_TYPE_INTER_AR 4 /* Inter-Area-Router */ 68 #define LS_TYPE_ASE 5 /* ASE */ 69 #define LS_TYPE_GROUP 6 /* Group membership */ 70 #define LS_TYPE_NSSA 7 /* NSSA */ 71 #define LS_TYPE_LINK 8 /* Link LSA */ 72 #define LS_TYPE_INTRA_AP 9 /* Intra-Area-Prefix */ 73 #define LS_TYPE_INTRA_ATE 10 /* Intra-Area-TE */ 74 #define LS_TYPE_GRACE 11 /* Grace LSA */ 75 #define LS_TYPE_RI 12 /* Router information */ 76 #define LS_TYPE_INTER_ASTE 13 /* Inter-AS-TE */ 77 #define LS_TYPE_L1VPN 14 /* L1VPN */ 78 #define LS_TYPE_MASK 0x1fff 79 80 #define LS_SCOPE_LINKLOCAL 0x0000 81 #define LS_SCOPE_AREA 0x2000 82 #define LS_SCOPE_AS 0x4000 83 #define LS_SCOPE_MASK 0x6000 84 #define LS_SCOPE_U 0x8000 85 86 /* rla_link.link_type */ 87 #define RLA_TYPE_ROUTER 1 /* point-to-point to another router */ 88 #define RLA_TYPE_TRANSIT 2 /* connection to transit network */ 89 #define RLA_TYPE_VIRTUAL 4 /* virtual link */ 90 91 /* rla_flags */ 92 #define RLA_FLAG_B 0x01 93 #define RLA_FLAG_E 0x02 94 #define RLA_FLAG_V 0x04 95 #define RLA_FLAG_W 0x08 96 #define RLA_FLAG_Nt 0x10 97 98 /* lsa_prefix options */ 99 #define LSA_PREFIX_OPT_NU 0x01 100 #define LSA_PREFIX_OPT_LA 0x02 101 #define LSA_PREFIX_OPT_MC 0x04 102 #define LSA_PREFIX_OPT_P 0x08 103 #define LSA_PREFIX_OPT_DN 0x10 104 #define LSA_PREFIX_OPT_N 0x20 105 106 /* sla_tosmetric breakdown */ 107 #define SLA_MASK_TOS 0x7f000000 108 #define SLA_MASK_METRIC 0x00ffffff 109 #define SLA_SHIFT_TOS 24 110 111 /* asla_metric */ 112 #define ASLA_FLAG_FWDADDR 0x02000000 113 #define ASLA_FLAG_ROUTETAG 0x01000000 114 #define ASLA_MASK_METRIC 0x00ffffff 115 116 /* RFC6506 Section 4.1 */ 117 #define OSPF6_AT_HDRLEN 16U 118 #define OSPF6_AUTH_TYPE_HMAC 0x0001 119 120 typedef nd_uint32_t rtrid_t; 121 122 /* link state advertisement header */ 123 struct lsa6_hdr { 124 nd_uint16_t ls_age; 125 nd_uint16_t ls_type; 126 rtrid_t ls_stateid; 127 rtrid_t ls_router; 128 nd_uint32_t ls_seq; 129 nd_uint16_t ls_chksum; 130 nd_uint16_t ls_length; 131 }; 132 133 /* Length of an IPv6 address, in bytes. */ 134 #define IPV6_ADDR_LEN_BYTES (128/8) 135 136 struct lsa6_prefix { 137 nd_uint8_t lsa_p_len; 138 nd_uint8_t lsa_p_opt; 139 nd_uint16_t lsa_p_metric; 140 nd_byte lsa_p_prefix[IPV6_ADDR_LEN_BYTES]; /* maximum length */ 141 }; 142 143 /* link state advertisement */ 144 struct lsa6 { 145 struct lsa6_hdr ls_hdr; 146 147 /* Link state types */ 148 union { 149 /* Router links advertisements */ 150 struct { 151 union { 152 nd_uint8_t flg; 153 nd_uint32_t opt; 154 } rla_flgandopt; 155 #define rla_flags rla_flgandopt.flg 156 #define rla_options rla_flgandopt.opt 157 struct rlalink6 { 158 nd_uint8_t link_type; 159 nd_byte link_zero; 160 nd_uint16_t link_metric; 161 nd_uint32_t link_ifid; 162 nd_uint32_t link_nifid; 163 rtrid_t link_nrtid; 164 } rla_link[1]; /* may repeat */ 165 } un_rla; 166 167 /* Network links advertisements */ 168 struct { 169 nd_uint32_t nla_options; 170 rtrid_t nla_router[1]; /* may repeat */ 171 } un_nla; 172 173 /* Inter Area Prefix LSA */ 174 struct { 175 nd_uint32_t inter_ap_metric; 176 struct lsa6_prefix inter_ap_prefix[1]; 177 } un_inter_ap; 178 179 /* AS external links advertisements */ 180 struct { 181 nd_uint32_t asla_metric; 182 struct lsa6_prefix asla_prefix[1]; 183 /* some optional fields follow */ 184 } un_asla; 185 186 #if 0 187 /* Summary links advertisements */ 188 struct { 189 nd_ipv4 sla_mask; 190 nd_uint32_t sla_tosmetric[1]; /* may repeat */ 191 } un_sla; 192 193 /* Multicast group membership */ 194 struct mcla { 195 nd_uint32_t mcla_vtype; 196 nd_ipv4 mcla_vid; 197 } un_mcla[1]; 198 #endif 199 200 /* Type 7 LSA */ 201 202 /* Link LSA */ 203 struct llsa { 204 union { 205 nd_uint8_t pri; 206 nd_uint32_t opt; 207 } llsa_priandopt; 208 #define llsa_priority llsa_priandopt.pri 209 #define llsa_options llsa_priandopt.opt 210 nd_ipv6 llsa_lladdr; 211 nd_uint32_t llsa_nprefix; 212 struct lsa6_prefix llsa_prefix[1]; 213 } un_llsa; 214 215 /* Intra-Area-Prefix */ 216 struct { 217 nd_uint16_t intra_ap_nprefix; 218 nd_uint16_t intra_ap_lstype; 219 rtrid_t intra_ap_lsid; 220 rtrid_t intra_ap_rtid; 221 struct lsa6_prefix intra_ap_prefix[1]; 222 } un_intra_ap; 223 } lsa_un; 224 }; 225 226 /* 227 * the main header 228 */ 229 struct ospf6hdr { 230 nd_uint8_t ospf6_version; 231 nd_uint8_t ospf6_type; 232 nd_uint16_t ospf6_len; 233 rtrid_t ospf6_routerid; 234 rtrid_t ospf6_areaid; 235 nd_uint16_t ospf6_chksum; 236 nd_uint8_t ospf6_instanceid; 237 nd_uint8_t ospf6_rsvd; 238 }; 239 240 /* 241 * The OSPF6 header length is 16 bytes, regardless of how your compiler 242 * might choose to pad the above structure. 243 */ 244 #define OSPF6HDR_LEN 16 245 246 /* Hello packet */ 247 struct hello6 { 248 nd_uint32_t hello_ifid; 249 union { 250 nd_uint8_t pri; 251 nd_uint32_t opt; 252 } hello_priandopt; 253 #define hello_priority hello_priandopt.pri 254 #define hello_options hello_priandopt.opt 255 nd_uint16_t hello_helloint; 256 nd_uint16_t hello_deadint; 257 rtrid_t hello_dr; 258 rtrid_t hello_bdr; 259 rtrid_t hello_neighbor[1]; /* may repeat */ 260 }; 261 262 /* Database Description packet */ 263 struct dd6 { 264 nd_uint32_t db_options; 265 nd_uint16_t db_mtu; 266 nd_uint8_t db_mbz; 267 nd_uint8_t db_flags; 268 nd_uint32_t db_seq; 269 struct lsa6_hdr db_lshdr[1]; /* may repeat */ 270 }; 271 272 /* Link State Request */ 273 struct lsr6 { 274 nd_uint16_t ls_mbz; 275 nd_uint16_t ls_type; 276 rtrid_t ls_stateid; 277 rtrid_t ls_router; 278 }; 279 280 /* Link State Update */ 281 struct lsu6 { 282 nd_uint32_t lsu_count; 283 struct lsa6 lsu_lsa[1]; /* may repeat */ 284 }; 285 286 287 static const struct tok ospf6_option_values[] = { 288 { OSPF6_OPTION_V6, "V6" }, 289 { OSPF6_OPTION_E, "External" }, 290 { OSPF6_OPTION_MC, "Deprecated" }, 291 { OSPF6_OPTION_N, "NSSA" }, 292 { OSPF6_OPTION_R, "Router" }, 293 { OSPF6_OPTION_DC, "Demand Circuit" }, 294 { OSPF6_OPTION_AF, "AFs Support" }, 295 { OSPF6_OPTION_L, "LLS" }, 296 { OSPF6_OPTION_AT, "Authentication Trailer" }, 297 { 0, NULL } 298 }; 299 300 static const struct tok ospf6_rla_flag_values[] = { 301 { RLA_FLAG_B, "ABR" }, 302 { RLA_FLAG_E, "External" }, 303 { RLA_FLAG_V, "Virtual-Link Endpoint" }, 304 { RLA_FLAG_W, "Deprecated" }, 305 { RLA_FLAG_Nt, "NSSA Translator" }, 306 { 0, NULL } 307 }; 308 309 static const struct tok ospf6_asla_flag_values[] = { 310 { ASLA_FLAG_EXTERNAL, "External Type 2" }, 311 { ASLA_FLAG_FWDADDR, "Forwarding" }, 312 { ASLA_FLAG_ROUTETAG, "Tag" }, 313 { 0, NULL } 314 }; 315 316 static const struct tok ospf6_type_values[] = { 317 { OSPF_TYPE_HELLO, "Hello" }, 318 { OSPF_TYPE_DD, "Database Description" }, 319 { OSPF_TYPE_LS_REQ, "LS-Request" }, 320 { OSPF_TYPE_LS_UPDATE, "LS-Update" }, 321 { OSPF_TYPE_LS_ACK, "LS-Ack" }, 322 { 0, NULL } 323 }; 324 325 static const struct tok ospf6_lsa_values[] = { 326 { LS_TYPE_ROUTER, "Router" }, 327 { LS_TYPE_NETWORK, "Network" }, 328 { LS_TYPE_INTER_AP, "Inter-Area Prefix" }, 329 { LS_TYPE_INTER_AR, "Inter-Area Router" }, 330 { LS_TYPE_ASE, "External" }, 331 { LS_TYPE_GROUP, "Deprecated" }, 332 { LS_TYPE_NSSA, "NSSA" }, 333 { LS_TYPE_LINK, "Link" }, 334 { LS_TYPE_INTRA_AP, "Intra-Area Prefix" }, 335 { LS_TYPE_INTRA_ATE, "Intra-Area TE" }, 336 { LS_TYPE_GRACE, "Grace" }, 337 { LS_TYPE_RI, "Router Information" }, 338 { LS_TYPE_INTER_ASTE, "Inter-AS-TE" }, 339 { LS_TYPE_L1VPN, "Layer 1 VPN" }, 340 { 0, NULL } 341 }; 342 343 static const struct tok ospf6_ls_scope_values[] = { 344 { LS_SCOPE_LINKLOCAL, "Link Local" }, 345 { LS_SCOPE_AREA, "Area Local" }, 346 { LS_SCOPE_AS, "Domain Wide" }, 347 { 0, NULL } 348 }; 349 350 static const struct tok ospf6_dd_flag_values[] = { 351 { OSPF6_DB_INIT, "Init" }, 352 { OSPF6_DB_MORE, "More" }, 353 { OSPF6_DB_MASTER, "Master" }, 354 { OSPF6_DB_M6, "IPv6 MTU" }, 355 { 0, NULL } 356 }; 357 358 static const struct tok ospf6_lsa_prefix_option_values[] = { 359 { LSA_PREFIX_OPT_NU, "No Unicast" }, 360 { LSA_PREFIX_OPT_LA, "Local address" }, 361 { LSA_PREFIX_OPT_MC, "Deprecated" }, 362 { LSA_PREFIX_OPT_P, "Propagate" }, 363 { LSA_PREFIX_OPT_DN, "Down" }, 364 { LSA_PREFIX_OPT_N, "N-bit" }, 365 { 0, NULL } 366 }; 367 368 static const struct tok ospf6_auth_type_str[] = { 369 { OSPF6_AUTH_TYPE_HMAC, "HMAC" }, 370 { 0, NULL } 371 }; 372 373 static void 374 ospf6_print_ls_type(netdissect_options *ndo, 375 u_int ls_type, const rtrid_t *ls_stateid) 376 { 377 ND_PRINT("\n\t %s LSA (%u), %s Scope%s, LSA-ID %s", 378 tok2str(ospf6_lsa_values, "Unknown", ls_type & LS_TYPE_MASK), 379 ls_type & LS_TYPE_MASK, 380 tok2str(ospf6_ls_scope_values, "Unknown", ls_type & LS_SCOPE_MASK), 381 ls_type &0x8000 ? ", transitive" : "", /* U-bit */ 382 GET_IPADDR_STRING(ls_stateid)); 383 } 384 385 static int 386 ospf6_print_lshdr(netdissect_options *ndo, 387 const struct lsa6_hdr *lshp, const u_char *dataend) 388 { 389 u_int ls_length; 390 391 if ((const u_char *)(lshp + 1) > dataend) 392 goto trunc; 393 394 ls_length = GET_BE_U_2(lshp->ls_length); 395 if (ls_length < sizeof(struct lsa_hdr)) { 396 ND_PRINT("\n\t Bogus length %u < header (%zu)", ls_length, 397 sizeof(struct lsa_hdr)); 398 goto trunc; 399 } 400 401 ND_PRINT("\n\t Advertising Router %s, seq 0x%08x, age %us, length %zu", 402 GET_IPADDR_STRING(lshp->ls_router), 403 GET_BE_U_4(lshp->ls_seq), 404 GET_BE_U_2(lshp->ls_age), 405 ls_length-sizeof(struct lsa6_hdr)); 406 407 ospf6_print_ls_type(ndo, GET_BE_U_2(lshp->ls_type), 408 &lshp->ls_stateid); 409 410 return (0); 411 trunc: 412 return (1); 413 } 414 415 static int 416 ospf6_print_lsaprefix(netdissect_options *ndo, 417 const uint8_t *tptr, u_int lsa_length) 418 { 419 const struct lsa6_prefix *lsapp = (const struct lsa6_prefix *)tptr; 420 u_int wordlen; 421 nd_ipv6 prefix; 422 423 if (lsa_length < sizeof (*lsapp) - IPV6_ADDR_LEN_BYTES) 424 goto trunc; 425 lsa_length -= sizeof (*lsapp) - IPV6_ADDR_LEN_BYTES; 426 ND_TCHECK_LEN(lsapp, sizeof(*lsapp) - IPV6_ADDR_LEN_BYTES); 427 wordlen = (GET_U_1(lsapp->lsa_p_len) + 31) / 32; 428 if (wordlen * 4 > sizeof(nd_ipv6)) { 429 ND_PRINT(" bogus prefixlen /%u", GET_U_1(lsapp->lsa_p_len)); 430 goto trunc; 431 } 432 if (lsa_length < wordlen * 4) 433 goto trunc; 434 lsa_length -= wordlen * 4; 435 memset(prefix, 0, sizeof(prefix)); 436 GET_CPY_BYTES(prefix, lsapp->lsa_p_prefix, wordlen * 4); 437 ND_PRINT("\n\t\t%s/%u", ip6addr_string(ndo, prefix), /* local buffer, not packet data; don't use GET_IP6ADDR_STRING() */ 438 GET_U_1(lsapp->lsa_p_len)); 439 if (GET_U_1(lsapp->lsa_p_opt)) { 440 ND_PRINT(", Options [%s]", 441 bittok2str(ospf6_lsa_prefix_option_values, 442 "none", GET_U_1(lsapp->lsa_p_opt))); 443 } 444 ND_PRINT(", metric %u", GET_BE_U_2(lsapp->lsa_p_metric)); 445 return sizeof(*lsapp) - IPV6_ADDR_LEN_BYTES + wordlen * 4; 446 447 trunc: 448 return -1; 449 } 450 451 452 /* 453 * Print a single link state advertisement. If truncated return 1, else 0. 454 */ 455 static int 456 ospf6_print_lsa(netdissect_options *ndo, 457 const struct lsa6 *lsap, const u_char *dataend) 458 { 459 const struct rlalink6 *rlp; 460 #if 0 461 const struct tos_metric *tosp; 462 #endif 463 const rtrid_t *ap; 464 #if 0 465 const struct aslametric *almp; 466 const struct mcla *mcp; 467 #endif 468 const struct llsa *llsap; 469 const struct lsa6_prefix *lsapp; 470 #if 0 471 const uint32_t *lp; 472 #endif 473 u_int prefixes; 474 int bytelen; 475 u_int length, lsa_length; 476 uint32_t flags32; 477 const uint8_t *tptr; 478 479 if (ospf6_print_lshdr(ndo, &lsap->ls_hdr, dataend)) 480 return (1); 481 length = GET_BE_U_2(lsap->ls_hdr.ls_length); 482 483 /* 484 * The LSA length includes the length of the header; 485 * it must have a value that's at least that length. 486 * If it does, find the length of what follows the 487 * header. 488 */ 489 if (length < sizeof(struct lsa6_hdr) || (const u_char *)lsap + length > dataend) 490 return (1); 491 lsa_length = length - sizeof(struct lsa6_hdr); 492 tptr = (const uint8_t *)lsap+sizeof(struct lsa6_hdr); 493 494 switch (GET_BE_U_2(lsap->ls_hdr.ls_type)) { 495 case LS_TYPE_ROUTER | LS_SCOPE_AREA: 496 if (lsa_length < sizeof (lsap->lsa_un.un_rla.rla_options)) 497 return (1); 498 lsa_length -= sizeof (lsap->lsa_un.un_rla.rla_options); 499 ND_PRINT("\n\t Options [%s]", 500 bittok2str(ospf6_option_values, "none", 501 GET_BE_U_4(lsap->lsa_un.un_rla.rla_options))); 502 ND_PRINT(", RLA-Flags [%s]", 503 bittok2str(ospf6_rla_flag_values, "none", 504 GET_U_1(lsap->lsa_un.un_rla.rla_flags))); 505 506 rlp = lsap->lsa_un.un_rla.rla_link; 507 while (lsa_length != 0) { 508 if (lsa_length < sizeof (*rlp)) 509 return (1); 510 lsa_length -= sizeof (*rlp); 511 ND_TCHECK_SIZE(rlp); 512 switch (GET_U_1(rlp->link_type)) { 513 514 case RLA_TYPE_VIRTUAL: 515 ND_PRINT("\n\t Virtual Link: Neighbor Router-ID %s" 516 "\n\t Neighbor Interface-ID %s, Interface %s", 517 GET_IPADDR_STRING(rlp->link_nrtid), 518 GET_IPADDR_STRING(rlp->link_nifid), 519 GET_IPADDR_STRING(rlp->link_ifid)); 520 break; 521 522 case RLA_TYPE_ROUTER: 523 ND_PRINT("\n\t Neighbor Router-ID %s" 524 "\n\t Neighbor Interface-ID %s, Interface %s", 525 GET_IPADDR_STRING(rlp->link_nrtid), 526 GET_IPADDR_STRING(rlp->link_nifid), 527 GET_IPADDR_STRING(rlp->link_ifid)); 528 break; 529 530 case RLA_TYPE_TRANSIT: 531 ND_PRINT("\n\t Neighbor Network-ID %s" 532 "\n\t Neighbor Interface-ID %s, Interface %s", 533 GET_IPADDR_STRING(rlp->link_nrtid), 534 GET_IPADDR_STRING(rlp->link_nifid), 535 GET_IPADDR_STRING(rlp->link_ifid)); 536 break; 537 538 default: 539 ND_PRINT("\n\t Unknown Router Links Type 0x%02x", 540 GET_U_1(rlp->link_type)); 541 return (0); 542 } 543 ND_PRINT(", metric %u", GET_BE_U_2(rlp->link_metric)); 544 rlp++; 545 } 546 break; 547 548 case LS_TYPE_NETWORK | LS_SCOPE_AREA: 549 if (lsa_length < sizeof (lsap->lsa_un.un_nla.nla_options)) 550 return (1); 551 lsa_length -= sizeof (lsap->lsa_un.un_nla.nla_options); 552 ND_PRINT("\n\t Options [%s]", 553 bittok2str(ospf6_option_values, "none", 554 GET_BE_U_4(lsap->lsa_un.un_nla.nla_options))); 555 556 ND_PRINT("\n\t Connected Routers:"); 557 ap = lsap->lsa_un.un_nla.nla_router; 558 while (lsa_length != 0) { 559 if (lsa_length < sizeof (*ap)) 560 return (1); 561 lsa_length -= sizeof (*ap); 562 ND_PRINT("\n\t\t%s", GET_IPADDR_STRING(ap)); 563 ++ap; 564 } 565 break; 566 567 case LS_TYPE_INTER_AP | LS_SCOPE_AREA: 568 if (lsa_length < sizeof (lsap->lsa_un.un_inter_ap.inter_ap_metric)) 569 return (1); 570 lsa_length -= sizeof (lsap->lsa_un.un_inter_ap.inter_ap_metric); 571 ND_PRINT(", metric %u", 572 GET_BE_U_4(lsap->lsa_un.un_inter_ap.inter_ap_metric) & SLA_MASK_METRIC); 573 574 tptr = (const uint8_t *)lsap->lsa_un.un_inter_ap.inter_ap_prefix; 575 while (lsa_length != 0) { 576 bytelen = ospf6_print_lsaprefix(ndo, tptr, lsa_length); 577 if (bytelen < 0) 578 goto trunc; 579 /* 580 * ospf6_print_lsaprefix() will return -1 if 581 * the length is too high, so this will not 582 * underflow. 583 */ 584 lsa_length -= bytelen; 585 tptr += bytelen; 586 } 587 break; 588 589 case LS_TYPE_ASE | LS_SCOPE_AS: 590 if (lsa_length < sizeof (lsap->lsa_un.un_asla.asla_metric)) 591 return (1); 592 lsa_length -= sizeof (lsap->lsa_un.un_asla.asla_metric); 593 flags32 = GET_BE_U_4(lsap->lsa_un.un_asla.asla_metric); 594 ND_PRINT("\n\t Flags [%s]", 595 bittok2str(ospf6_asla_flag_values, "none", flags32)); 596 ND_PRINT(" metric %u", 597 GET_BE_U_4(lsap->lsa_un.un_asla.asla_metric) & 598 ASLA_MASK_METRIC); 599 600 tptr = (const uint8_t *)lsap->lsa_un.un_asla.asla_prefix; 601 lsapp = (const struct lsa6_prefix *)tptr; 602 bytelen = ospf6_print_lsaprefix(ndo, tptr, lsa_length); 603 if (bytelen < 0) 604 goto trunc; 605 /* 606 * ospf6_print_lsaprefix() will return -1 if 607 * the length is too high, so this will not 608 * underflow. 609 */ 610 lsa_length -= bytelen; 611 tptr += bytelen; 612 613 if ((flags32 & ASLA_FLAG_FWDADDR) != 0) { 614 if (lsa_length < sizeof (nd_ipv6)) 615 return (1); 616 lsa_length -= sizeof (nd_ipv6); 617 ND_PRINT(" forward %s", 618 GET_IP6ADDR_STRING(tptr)); 619 tptr += sizeof(nd_ipv6); 620 } 621 622 if ((flags32 & ASLA_FLAG_ROUTETAG) != 0) { 623 if (lsa_length < sizeof (uint32_t)) 624 return (1); 625 lsa_length -= sizeof (uint32_t); 626 ND_PRINT(" tag %s", 627 GET_IPADDR_STRING(tptr)); 628 tptr += sizeof(uint32_t); 629 } 630 631 if (GET_U_1(lsapp->lsa_p_metric)) { 632 if (lsa_length < sizeof (uint32_t)) 633 return (1); 634 lsa_length -= sizeof (uint32_t); 635 ND_PRINT(" RefLSID: %s", 636 GET_IPADDR_STRING(tptr)); 637 tptr += sizeof(uint32_t); 638 } 639 break; 640 641 case LS_TYPE_LINK: 642 /* Link LSA */ 643 llsap = &lsap->lsa_un.un_llsa; 644 if (lsa_length < sizeof (llsap->llsa_priandopt)) 645 return (1); 646 lsa_length -= sizeof (llsap->llsa_priandopt); 647 ND_TCHECK_SIZE(&llsap->llsa_priandopt); 648 ND_PRINT("\n\t Options [%s]", 649 bittok2str(ospf6_option_values, "none", 650 GET_BE_U_4(llsap->llsa_options))); 651 652 if (lsa_length < sizeof (llsap->llsa_lladdr) + sizeof (llsap->llsa_nprefix)) 653 return (1); 654 lsa_length -= sizeof (llsap->llsa_lladdr) + sizeof (llsap->llsa_nprefix); 655 prefixes = GET_BE_U_4(llsap->llsa_nprefix); 656 ND_PRINT("\n\t Priority %u, Link-local address %s, Prefixes %u:", 657 GET_U_1(llsap->llsa_priority), 658 GET_IP6ADDR_STRING(llsap->llsa_lladdr), 659 prefixes); 660 661 tptr = (const uint8_t *)llsap->llsa_prefix; 662 while (prefixes > 0) { 663 bytelen = ospf6_print_lsaprefix(ndo, tptr, lsa_length); 664 if (bytelen < 0) 665 goto trunc; 666 prefixes--; 667 /* 668 * ospf6_print_lsaprefix() will return -1 if 669 * the length is too high, so this will not 670 * underflow. 671 */ 672 lsa_length -= bytelen; 673 tptr += bytelen; 674 } 675 break; 676 677 case LS_TYPE_INTRA_AP | LS_SCOPE_AREA: 678 /* Intra-Area-Prefix LSA */ 679 if (lsa_length < sizeof (lsap->lsa_un.un_intra_ap.intra_ap_rtid)) 680 return (1); 681 lsa_length -= sizeof (lsap->lsa_un.un_intra_ap.intra_ap_rtid); 682 ND_TCHECK_4(lsap->lsa_un.un_intra_ap.intra_ap_rtid); 683 ospf6_print_ls_type(ndo, 684 GET_BE_U_2(lsap->lsa_un.un_intra_ap.intra_ap_lstype), 685 &lsap->lsa_un.un_intra_ap.intra_ap_lsid); 686 687 if (lsa_length < sizeof (lsap->lsa_un.un_intra_ap.intra_ap_nprefix)) 688 return (1); 689 lsa_length -= sizeof (lsap->lsa_un.un_intra_ap.intra_ap_nprefix); 690 prefixes = GET_BE_U_2(lsap->lsa_un.un_intra_ap.intra_ap_nprefix); 691 ND_PRINT("\n\t Prefixes %u:", prefixes); 692 693 tptr = (const uint8_t *)lsap->lsa_un.un_intra_ap.intra_ap_prefix; 694 while (prefixes > 0) { 695 bytelen = ospf6_print_lsaprefix(ndo, tptr, lsa_length); 696 if (bytelen < 0) 697 goto trunc; 698 prefixes--; 699 /* 700 * ospf6_print_lsaprefix() will return -1 if 701 * the length is too high, so this will not 702 * underflow. 703 */ 704 lsa_length -= bytelen; 705 tptr += bytelen; 706 } 707 break; 708 709 case LS_TYPE_GRACE | LS_SCOPE_LINKLOCAL: 710 if (ospf_grace_lsa_print(ndo, tptr, lsa_length) == -1) { 711 return 1; 712 } 713 break; 714 715 case LS_TYPE_INTRA_ATE | LS_SCOPE_LINKLOCAL: 716 if (ospf_te_lsa_print(ndo, tptr, lsa_length) == -1) { 717 return 1; 718 } 719 break; 720 721 default: 722 if(!print_unknown_data(ndo,tptr, 723 "\n\t ", 724 lsa_length)) { 725 return (1); 726 } 727 break; 728 } 729 730 return (0); 731 trunc: 732 return (1); 733 } 734 735 static int 736 ospf6_decode_v3(netdissect_options *ndo, 737 const struct ospf6hdr *op, 738 const u_char *dataend) 739 { 740 const rtrid_t *ap; 741 const struct lsr6 *lsrp; 742 const struct lsa6_hdr *lshp; 743 const struct lsa6 *lsap; 744 uint32_t i; 745 746 switch (GET_U_1(op->ospf6_type)) { 747 748 case OSPF_TYPE_HELLO: { 749 const struct hello6 *hellop = (const struct hello6 *)((const uint8_t *)op + OSPF6HDR_LEN); 750 751 ND_PRINT("\n\tOptions [%s]", 752 bittok2str(ospf6_option_values, "none", 753 GET_BE_U_4(hellop->hello_options))); 754 755 ND_PRINT("\n\t Hello Timer %us, Dead Timer %us, Interface-ID %s, Priority %u", 756 GET_BE_U_2(hellop->hello_helloint), 757 GET_BE_U_2(hellop->hello_deadint), 758 GET_IPADDR_STRING(hellop->hello_ifid), 759 GET_U_1(hellop->hello_priority)); 760 761 if (GET_BE_U_4(hellop->hello_dr) != 0) 762 ND_PRINT("\n\t Designated Router %s", 763 GET_IPADDR_STRING(hellop->hello_dr)); 764 if (GET_BE_U_4(hellop->hello_bdr) != 0) 765 ND_PRINT(", Backup Designated Router %s", 766 GET_IPADDR_STRING(hellop->hello_bdr)); 767 if (ndo->ndo_vflag > 1) { 768 ND_PRINT("\n\t Neighbor List:"); 769 ap = hellop->hello_neighbor; 770 while ((const u_char *)ap < dataend) { 771 ND_PRINT("\n\t %s", GET_IPADDR_STRING(ap)); 772 ++ap; 773 } 774 } 775 break; /* HELLO */ 776 } 777 778 case OSPF_TYPE_DD: { 779 const struct dd6 *ddp = (const struct dd6 *)((const uint8_t *)op + OSPF6HDR_LEN); 780 781 ND_PRINT("\n\tOptions [%s]", 782 bittok2str(ospf6_option_values, "none", 783 GET_BE_U_4(ddp->db_options))); 784 ND_PRINT(", DD Flags [%s]", 785 bittok2str(ospf6_dd_flag_values,"none",GET_U_1(ddp->db_flags))); 786 787 ND_PRINT(", MTU %u, DD-Sequence 0x%08x", 788 GET_BE_U_2(ddp->db_mtu), 789 GET_BE_U_4(ddp->db_seq)); 790 if (ndo->ndo_vflag > 1) { 791 /* Print all the LS adv's */ 792 lshp = ddp->db_lshdr; 793 while ((const u_char *)lshp < dataend) { 794 if (ospf6_print_lshdr(ndo, lshp++, dataend)) 795 goto trunc; 796 } 797 } 798 break; 799 } 800 801 case OSPF_TYPE_LS_REQ: 802 if (ndo->ndo_vflag > 1) { 803 lsrp = (const struct lsr6 *)((const uint8_t *)op + OSPF6HDR_LEN); 804 while ((const u_char *)lsrp < dataend) { 805 ND_TCHECK_SIZE(lsrp); 806 ND_PRINT("\n\t Advertising Router %s", 807 GET_IPADDR_STRING(lsrp->ls_router)); 808 ospf6_print_ls_type(ndo, 809 GET_BE_U_2(lsrp->ls_type), 810 &lsrp->ls_stateid); 811 ++lsrp; 812 } 813 } 814 break; 815 816 case OSPF_TYPE_LS_UPDATE: 817 if (ndo->ndo_vflag > 1) { 818 const struct lsu6 *lsup = (const struct lsu6 *)((const uint8_t *)op + OSPF6HDR_LEN); 819 820 i = GET_BE_U_4(lsup->lsu_count); 821 lsap = lsup->lsu_lsa; 822 while ((const u_char *)lsap < dataend && i--) { 823 if (ospf6_print_lsa(ndo, lsap, dataend)) 824 goto trunc; 825 lsap = (const struct lsa6 *)((const u_char *)lsap + 826 GET_BE_U_2(lsap->ls_hdr.ls_length)); 827 } 828 } 829 break; 830 831 case OSPF_TYPE_LS_ACK: 832 if (ndo->ndo_vflag > 1) { 833 lshp = (const struct lsa6_hdr *)((const uint8_t *)op + OSPF6HDR_LEN); 834 while ((const u_char *)lshp < dataend) { 835 if (ospf6_print_lshdr(ndo, lshp++, dataend)) 836 goto trunc; 837 } 838 } 839 break; 840 841 default: 842 break; 843 } 844 return (0); 845 trunc: 846 return (1); 847 } 848 849 /* RFC5613 Section 2.2 (w/o the TLVs) */ 850 static int 851 ospf6_print_lls(netdissect_options *ndo, 852 const u_char *cp, const u_int len) 853 { 854 uint16_t llsdatalen; 855 856 if (len == 0) 857 return 0; 858 if (len < OSPF_LLS_HDRLEN) 859 goto trunc; 860 /* Checksum */ 861 ND_PRINT("\n\tLLS Checksum 0x%04x", GET_BE_U_2(cp)); 862 cp += 2; 863 /* LLS Data Length */ 864 llsdatalen = GET_BE_U_2(cp); 865 ND_PRINT(", Data Length %u", llsdatalen); 866 if (llsdatalen < OSPF_LLS_HDRLEN || llsdatalen > len) 867 goto trunc; 868 cp += 2; 869 /* LLS TLVs */ 870 ND_TCHECK_LEN(cp, llsdatalen - OSPF_LLS_HDRLEN); 871 /* FIXME: code in print-ospf.c can be reused to decode the TLVs */ 872 873 return llsdatalen; 874 trunc: 875 return -1; 876 } 877 878 /* RFC6506 Section 4.1 */ 879 static int 880 ospf6_decode_at(netdissect_options *ndo, 881 const u_char *cp, const u_int len) 882 { 883 uint16_t authdatalen; 884 885 if (len == 0) 886 return 0; 887 if (len < OSPF6_AT_HDRLEN) 888 goto trunc; 889 /* Authentication Type */ 890 ND_PRINT("\n\tAuthentication Type %s", 891 tok2str(ospf6_auth_type_str, "unknown (0x%04x)", GET_BE_U_2(cp))); 892 cp += 2; 893 /* Auth Data Len */ 894 authdatalen = GET_BE_U_2(cp); 895 ND_PRINT(", Length %u", authdatalen); 896 if (authdatalen < OSPF6_AT_HDRLEN || authdatalen > len) 897 goto trunc; 898 cp += 2; 899 /* Reserved */ 900 cp += 2; 901 /* Security Association ID */ 902 ND_PRINT(", SAID %u", GET_BE_U_2(cp)); 903 cp += 2; 904 /* Cryptographic Sequence Number (High-Order 32 Bits) */ 905 ND_PRINT(", CSN 0x%08x", GET_BE_U_4(cp)); 906 cp += 4; 907 /* Cryptographic Sequence Number (Low-Order 32 Bits) */ 908 ND_PRINT(":%08x", GET_BE_U_4(cp)); 909 cp += 4; 910 /* Authentication Data */ 911 ND_TCHECK_LEN(cp, authdatalen - OSPF6_AT_HDRLEN); 912 if (ndo->ndo_vflag > 1) 913 print_unknown_data(ndo,cp, "\n\tAuthentication Data ", authdatalen - OSPF6_AT_HDRLEN); 914 return 0; 915 916 trunc: 917 return 1; 918 } 919 920 /* The trailing data may include LLS and/or AT data (in this specific order). 921 * LLS data may be present only in Hello and DBDesc packets with the L-bit set. 922 * AT data may be present in Hello and DBDesc packets with the AT-bit set or in 923 * any other packet type, thus decode the AT data regardless of the AT-bit. 924 */ 925 static int 926 ospf6_decode_v3_trailer(netdissect_options *ndo, 927 const struct ospf6hdr *op, const u_char *cp, const unsigned len) 928 { 929 uint8_t type; 930 int llslen = 0; 931 int lls_hello = 0; 932 int lls_dd = 0; 933 934 type = GET_U_1(op->ospf6_type); 935 if (type == OSPF_TYPE_HELLO) { 936 const struct hello6 *hellop = (const struct hello6 *)((const uint8_t *)op + OSPF6HDR_LEN); 937 if (GET_BE_U_4(hellop->hello_options) & OSPF6_OPTION_L) 938 lls_hello = 1; 939 } else if (type == OSPF_TYPE_DD) { 940 const struct dd6 *ddp = (const struct dd6 *)((const uint8_t *)op + OSPF6HDR_LEN); 941 if (GET_BE_U_4(ddp->db_options) & OSPF6_OPTION_L) 942 lls_dd = 1; 943 } 944 if ((lls_hello || lls_dd) && (llslen = ospf6_print_lls(ndo, cp, len)) < 0) 945 goto trunc; 946 return ospf6_decode_at(ndo, cp + llslen, len - llslen); 947 948 trunc: 949 return 1; 950 } 951 952 void 953 ospf6_print(netdissect_options *ndo, 954 const u_char *bp, u_int length) 955 { 956 const struct ospf6hdr *op; 957 const u_char *dataend; 958 const char *cp; 959 uint16_t datalen; 960 961 ndo->ndo_protocol = "ospf3"; 962 op = (const struct ospf6hdr *)bp; 963 964 /* If the type is valid translate it, or just print the type */ 965 /* value. If it's not valid, say so and return */ 966 cp = tok2str(ospf6_type_values, "unknown packet type (%u)", 967 GET_U_1(op->ospf6_type)); 968 ND_PRINT("OSPFv%u, %s, length %u", GET_U_1(op->ospf6_version), cp, 969 length); 970 if (*cp == 'u') { 971 return; 972 } 973 974 if(!ndo->ndo_vflag) { /* non verbose - so lets bail out here */ 975 return; 976 } 977 978 /* OSPFv3 data always comes first and optional trailing data may follow. */ 979 datalen = GET_BE_U_2(op->ospf6_len); 980 if (datalen > length) { 981 ND_PRINT(" [len %u]", datalen); 982 return; 983 } 984 dataend = bp + datalen; 985 986 ND_PRINT("\n\tRouter-ID %s", GET_IPADDR_STRING(op->ospf6_routerid)); 987 988 if (GET_BE_U_4(op->ospf6_areaid) != 0) 989 ND_PRINT(", Area %s", GET_IPADDR_STRING(op->ospf6_areaid)); 990 else 991 ND_PRINT(", Backbone Area"); 992 if (GET_U_1(op->ospf6_instanceid)) 993 ND_PRINT(", Instance %u", GET_U_1(op->ospf6_instanceid)); 994 995 /* Do rest according to version. */ 996 switch (GET_U_1(op->ospf6_version)) { 997 998 case 3: 999 /* ospf version 3 */ 1000 if (ospf6_decode_v3(ndo, op, dataend) || 1001 ospf6_decode_v3_trailer(ndo, op, dataend, length - datalen)) 1002 goto trunc; 1003 break; 1004 } /* end switch on version */ 1005 1006 return; 1007 trunc: 1008 nd_print_trunc(ndo); 1009 } 1010