1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Mike Muuss. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #if 0 36 #ifndef lint 37 static const char copyright[] = 38 "@(#) Copyright (c) 1989, 1993\n\ 39 The Regents of the University of California. All rights reserved.\n"; 40 #endif /* not lint */ 41 42 #ifndef lint 43 static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; 44 #endif /* not lint */ 45 #endif 46 #include <sys/cdefs.h> 47 /* 48 * P I N G . C 49 * 50 * Using the Internet Control Message Protocol (ICMP) "ECHO" facility, 51 * measure round-trip-delays and packet loss across network paths. 52 * 53 * Author - 54 * Mike Muuss 55 * U. S. Army Ballistic Research Laboratory 56 * December, 1983 57 * 58 * Status - 59 * Public Domain. Distribution Unlimited. 60 * Bugs - 61 * More statistics could always be gathered. 62 * This program has to run SUID to ROOT to access the ICMP socket. 63 */ 64 65 #include <sys/param.h> /* NB: we rely on this for <sys/types.h> */ 66 #include <sys/capsicum.h> 67 #include <sys/socket.h> 68 #include <sys/sysctl.h> 69 #include <sys/time.h> 70 #include <sys/uio.h> 71 72 #include <netinet/in.h> 73 #include <netinet/in_systm.h> 74 #include <netinet/ip.h> 75 #include <netinet/ip_icmp.h> 76 #include <netinet/ip_var.h> 77 #include <arpa/inet.h> 78 79 #include <libcasper.h> 80 #include <casper/cap_dns.h> 81 82 #ifdef IPSEC 83 #include <netipsec/ipsec.h> 84 #endif /*IPSEC*/ 85 86 #include <capsicum_helpers.h> 87 #include <ctype.h> 88 #include <err.h> 89 #include <errno.h> 90 #include <math.h> 91 #include <netdb.h> 92 #include <stddef.h> 93 #include <signal.h> 94 #include <stdio.h> 95 #include <stdlib.h> 96 #include <string.h> 97 #include <sysexits.h> 98 #include <time.h> 99 #include <unistd.h> 100 101 #include "main.h" 102 #include "ping.h" 103 #include "utils.h" 104 105 #define INADDR_LEN ((int)sizeof(in_addr_t)) 106 #define TIMEVAL_LEN ((int)sizeof(struct tv32)) 107 #define MASK_LEN (ICMP_MASKLEN - ICMP_MINLEN) 108 #define TS_LEN (ICMP_TSLEN - ICMP_MINLEN) 109 #define DEFDATALEN 56 /* default data length */ 110 #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */ 111 /* runs out of buffer space */ 112 #define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN) 113 #define MAXICMPLEN (ICMP_ADVLENMIN + MAX_IPOPTLEN) 114 #define MAXWAIT 10000 /* max ms to wait for response */ 115 #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ 116 #define MAXTOS 255 117 118 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ 119 #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ 120 #define SET(bit) (A(bit) |= B(bit)) 121 #define CLR(bit) (A(bit) &= (~B(bit))) 122 #define TST(bit) (A(bit) & B(bit)) 123 124 struct tv32 { 125 int32_t tv32_sec; 126 int32_t tv32_nsec; 127 }; 128 129 /* various options */ 130 static int options; 131 #define F_FLOOD 0x0001 132 #define F_INTERVAL 0x0002 133 #define F_NUMERIC 0x0004 134 #define F_PINGFILLED 0x0008 135 #define F_QUIET 0x0010 136 #define F_RROUTE 0x0020 137 #define F_SO_DEBUG 0x0040 138 #define F_SO_DONTROUTE 0x0080 139 #define F_VERBOSE 0x0100 140 #define F_QUIET2 0x0200 141 #define F_NOLOOP 0x0400 142 #define F_MTTL 0x0800 143 #define F_MIF 0x1000 144 #define F_AUDIBLE 0x2000 145 #ifdef IPSEC 146 #ifdef IPSEC_POLICY_IPSEC 147 #define F_POLICY 0x4000 148 #endif /*IPSEC_POLICY_IPSEC*/ 149 #endif /*IPSEC*/ 150 #define F_TTL 0x8000 151 #define F_MISSED 0x10000 152 #define F_ONCE 0x20000 153 #define F_HDRINCL 0x40000 154 #define F_MASK 0x80000 155 #define F_TIME 0x100000 156 #define F_SWEEP 0x200000 157 #define F_WAITTIME 0x400000 158 #define F_IP_VLAN_PCP 0x800000 159 #define F_DOT 0x1000000 160 161 /* 162 * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum 163 * number of received sequence numbers we can keep track of. Change 128 164 * to 8192 for complete accuracy... 165 */ 166 #define MAX_DUP_CHK (8 * 128) 167 static int mx_dup_ck = MAX_DUP_CHK; 168 static char rcvd_tbl[MAX_DUP_CHK / 8]; 169 170 static struct sockaddr_in whereto; /* who to ping */ 171 static int datalen = DEFDATALEN; 172 static int maxpayload; 173 static int ssend; /* send socket file descriptor */ 174 static int srecv; /* receive socket file descriptor */ 175 static u_char outpackhdr[IP_MAXPACKET], *outpack; 176 static char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */ 177 static char BSPACE = '\b'; /* characters written for flood */ 178 static const char *DOT = "."; 179 static size_t DOTlen = 1; 180 static size_t DOTidx = 0; 181 static char *hostname; 182 static char *shostname; 183 static int ident; /* process id to identify our packets */ 184 static int uid; /* cached uid for micro-optimization */ 185 static u_char icmp_type = ICMP_ECHO; 186 static u_char icmp_type_rsp = ICMP_ECHOREPLY; 187 static int phdr_len = 0; 188 static int send_len; 189 190 /* counters */ 191 static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ 192 static long npackets; /* max packets to transmit */ 193 static long nreceived; /* # of packets we got back */ 194 static long nrepeats; /* number of duplicates */ 195 static long ntransmitted; /* sequence # for outbound packets = #sent */ 196 static long snpackets; /* max packets to transmit in one sweep */ 197 static long sntransmitted; /* # of packets we sent in this sweep */ 198 static int sweepmax; /* max value of payload in sweep */ 199 static int sweepmin = 0; /* start value of payload in sweep */ 200 static int sweepincr = 1; /* payload increment in sweep */ 201 static int interval = 1000; /* interval between packets, ms */ 202 static int waittime = MAXWAIT; /* timeout for each packet */ 203 static long nrcvtimeout = 0; /* # of packets we got back after waittime */ 204 205 /* timing */ 206 static int timing; /* flag to do timing */ 207 static double tmin = 999999999.0; /* minimum round trip time */ 208 static double tmax = 0.0; /* maximum round trip time */ 209 static double tsum = 0.0; /* sum of all times, for doing average */ 210 static double tsumsq = 0.0; /* sum of all times squared, for std. dev. */ 211 212 /* nonzero if we've been told to finish up */ 213 static volatile sig_atomic_t finish_up; 214 static volatile sig_atomic_t siginfo_p; 215 216 static cap_channel_t *capdns; 217 218 static void fill(char *, char *); 219 static cap_channel_t *capdns_setup(void); 220 static void check_status(void); 221 static void finish(void) __dead2; 222 static void pinger(void); 223 static char *pr_addr(struct in_addr); 224 static char *pr_ntime(n_time); 225 static void pr_icmph(struct icmp *, struct ip *, const u_char *const); 226 static void pr_iph(struct ip *, const u_char *); 227 static void pr_pack(char *, ssize_t, struct sockaddr_in *, struct timespec *); 228 static void status(int); 229 static void stopit(int); 230 231 int 232 ping(int argc, char *const *argv) 233 { 234 struct sockaddr_in from, sock_in; 235 struct in_addr ifaddr; 236 struct timespec last, intvl; 237 struct iovec iov; 238 struct msghdr msg; 239 struct sigaction si_sa; 240 size_t sz; 241 u_char *datap, packet[IP_MAXPACKET] __aligned(4); 242 const char *errstr; 243 char *ep, *source, *target, *payload; 244 struct hostent *hp; 245 #ifdef IPSEC_POLICY_IPSEC 246 char *policy_in, *policy_out; 247 #endif 248 struct sockaddr_in *to; 249 double t; 250 u_long alarmtimeout; 251 long long ltmp; 252 int almost_done, ch, df, hold, i, icmp_len, mib[4], preload; 253 int ssend_errno, srecv_errno, tos, ttl, pcp; 254 char ctrl[CMSG_SPACE(sizeof(struct timespec))]; 255 char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN]; 256 #ifdef IP_OPTIONS 257 char rspace[MAX_IPOPTLEN]; /* record route space */ 258 #endif 259 unsigned char loop, mttl; 260 261 payload = source = NULL; 262 #ifdef IPSEC_POLICY_IPSEC 263 policy_in = policy_out = NULL; 264 #endif 265 cap_rights_t rights; 266 267 options |= F_NUMERIC; 268 269 /* 270 * Do the stuff that we need root priv's for *first*, and 271 * then drop our setuid bit. Save error reporting for 272 * after arg parsing. 273 * 274 * Historicaly ping was using one socket 's' for sending and for 275 * receiving. After capsicum(4) related changes we use two 276 * sockets. It was done for special ping use case - when user 277 * issue ping on multicast or broadcast address replies come 278 * from different addresses, not from the address we 279 * connect(2)'ed to, and send socket do not receive those 280 * packets. 281 */ 282 ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); 283 ssend_errno = errno; 284 srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); 285 srecv_errno = errno; 286 287 if (setuid(getuid()) != 0) 288 err(EX_NOPERM, "setuid() failed"); 289 uid = getuid(); 290 291 if (ssend < 0) { 292 errno = ssend_errno; 293 err(EX_OSERR, "ssend socket"); 294 } 295 296 if (srecv < 0) { 297 errno = srecv_errno; 298 err(EX_OSERR, "srecv socket"); 299 } 300 301 alarmtimeout = df = preload = tos = pcp = 0; 302 303 outpack = outpackhdr + sizeof(struct ip); 304 while ((ch = getopt(argc, argv, PING4OPTS)) != -1) { 305 switch(ch) { 306 case '.': 307 options |= F_DOT; 308 if (optarg != NULL) { 309 DOT = optarg; 310 DOTlen = strlen(optarg); 311 } 312 break; 313 case '4': 314 /* This option is processed in main(). */ 315 break; 316 case 'A': 317 options |= F_MISSED; 318 break; 319 case 'a': 320 options |= F_AUDIBLE; 321 break; 322 case 'C': 323 options |= F_IP_VLAN_PCP; 324 ltmp = strtonum(optarg, -1, 7, &errstr); 325 if (errstr != NULL) 326 errx(EX_USAGE, "invalid PCP: `%s'", optarg); 327 pcp = ltmp; 328 break; 329 case 'c': 330 ltmp = strtonum(optarg, 1, LONG_MAX, &errstr); 331 if (errstr != NULL) 332 errx(EX_USAGE, 333 "invalid count of packets to transmit: `%s'", 334 optarg); 335 npackets = (long)ltmp; 336 break; 337 case 'D': 338 options |= F_HDRINCL; 339 df = 1; 340 break; 341 case 'd': 342 options |= F_SO_DEBUG; 343 break; 344 case 'f': 345 if (uid) { 346 errno = EPERM; 347 err(EX_NOPERM, "-f flag"); 348 } 349 options |= F_FLOOD; 350 options |= F_DOT; 351 setbuf(stdout, (char *)NULL); 352 break; 353 case 'G': /* Maximum packet size for ping sweep */ 354 ltmp = strtonum(optarg, 1, INT_MAX, &errstr); 355 if (errstr != NULL) { 356 errx(EX_USAGE, "invalid packet size: `%s'", 357 optarg); 358 } 359 sweepmax = (int)ltmp; 360 if (uid != 0 && sweepmax > DEFDATALEN) { 361 errc(EX_NOPERM, EPERM, 362 "packet size too large: %d > %u", 363 sweepmax, DEFDATALEN); 364 } 365 options |= F_SWEEP; 366 break; 367 case 'g': /* Minimum packet size for ping sweep */ 368 ltmp = strtonum(optarg, 1, INT_MAX, &errstr); 369 if (errstr != NULL) { 370 errx(EX_USAGE, "invalid packet size: `%s'", 371 optarg); 372 } 373 sweepmin = (int)ltmp; 374 if (uid != 0 && sweepmin > DEFDATALEN) { 375 errc(EX_NOPERM, EPERM, 376 "packet size too large: %d > %u", 377 sweepmin, DEFDATALEN); 378 } 379 options |= F_SWEEP; 380 break; 381 case 'H': 382 options &= ~F_NUMERIC; 383 break; 384 case 'h': /* Packet size increment for ping sweep */ 385 ltmp = strtonum(optarg, 1, INT_MAX, &errstr); 386 if (errstr != NULL) { 387 errx(EX_USAGE, "invalid packet size: `%s'", 388 optarg); 389 } 390 sweepincr = (int)ltmp; 391 if (uid != 0 && sweepincr > DEFDATALEN) { 392 errc(EX_NOPERM, EPERM, 393 "packet size too large: %d > %u", 394 sweepincr, DEFDATALEN); 395 } 396 options |= F_SWEEP; 397 break; 398 case 'I': /* multicast interface */ 399 if (inet_aton(optarg, &ifaddr) == 0) 400 errx(EX_USAGE, 401 "invalid multicast interface: `%s'", 402 optarg); 403 options |= F_MIF; 404 break; 405 case 'i': /* wait between sending packets */ 406 t = strtod(optarg, &ep) * 1000.0; 407 if (*ep || ep == optarg || t > (double)INT_MAX) 408 errx(EX_USAGE, "invalid timing interval: `%s'", 409 optarg); 410 options |= F_INTERVAL; 411 interval = (int)t; 412 if (uid && interval < 1000) { 413 errno = EPERM; 414 err(EX_NOPERM, "-i interval too short"); 415 } 416 break; 417 case 'L': 418 options |= F_NOLOOP; 419 loop = 0; 420 break; 421 case 'l': 422 ltmp = strtonum(optarg, 0, INT_MAX, &errstr); 423 if (errstr != NULL) 424 errx(EX_USAGE, 425 "invalid preload value: `%s'", optarg); 426 if (uid) { 427 errno = EPERM; 428 err(EX_NOPERM, "-l flag"); 429 } 430 preload = (int)ltmp; 431 break; 432 case 'M': 433 switch(optarg[0]) { 434 case 'M': 435 case 'm': 436 options |= F_MASK; 437 break; 438 case 'T': 439 case 't': 440 options |= F_TIME; 441 break; 442 default: 443 errx(EX_USAGE, "invalid message: `%c'", optarg[0]); 444 break; 445 } 446 break; 447 case 'm': /* TTL */ 448 ltmp = strtonum(optarg, 0, MAXTTL, &errstr); 449 if (errstr != NULL) 450 errx(EX_USAGE, "invalid TTL: `%s'", optarg); 451 ttl = (int)ltmp; 452 options |= F_TTL; 453 break; 454 case 'n': 455 options |= F_NUMERIC; 456 break; 457 case 'o': 458 options |= F_ONCE; 459 break; 460 #ifdef IPSEC 461 #ifdef IPSEC_POLICY_IPSEC 462 case 'P': 463 options |= F_POLICY; 464 if (!strncmp("in", optarg, 2)) 465 policy_in = strdup(optarg); 466 else if (!strncmp("out", optarg, 3)) 467 policy_out = strdup(optarg); 468 else 469 errx(1, "invalid security policy"); 470 break; 471 #endif /*IPSEC_POLICY_IPSEC*/ 472 #endif /*IPSEC*/ 473 case 'p': /* fill buffer with user pattern */ 474 options |= F_PINGFILLED; 475 payload = optarg; 476 break; 477 case 'Q': 478 options |= F_QUIET2; 479 break; 480 case 'q': 481 options |= F_QUIET; 482 break; 483 case 'R': 484 options |= F_RROUTE; 485 break; 486 case 'r': 487 options |= F_SO_DONTROUTE; 488 break; 489 case 'S': 490 source = optarg; 491 break; 492 case 's': /* size of packet to send */ 493 ltmp = strtonum(optarg, 0, INT_MAX, &errstr); 494 if (errstr != NULL) 495 errx(EX_USAGE, "invalid packet size: `%s'", 496 optarg); 497 datalen = (int)ltmp; 498 if (uid != 0 && datalen > DEFDATALEN) { 499 errno = EPERM; 500 err(EX_NOPERM, 501 "packet size too large: %d > %u", 502 datalen, DEFDATALEN); 503 } 504 break; 505 case 'T': /* multicast TTL */ 506 ltmp = strtonum(optarg, 0, MAXTTL, &errstr); 507 if (errstr != NULL) 508 errx(EX_USAGE, "invalid multicast TTL: `%s'", 509 optarg); 510 mttl = (unsigned char)ltmp; 511 options |= F_MTTL; 512 break; 513 case 't': 514 alarmtimeout = strtoul(optarg, &ep, 0); 515 if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) 516 errx(EX_USAGE, "invalid timeout: `%s'", 517 optarg); 518 if (alarmtimeout > MAXALARM) 519 errx(EX_USAGE, "invalid timeout: `%s' > %d", 520 optarg, MAXALARM); 521 { 522 struct itimerval itv; 523 524 timerclear(&itv.it_interval); 525 timerclear(&itv.it_value); 526 itv.it_value.tv_sec = (time_t)alarmtimeout; 527 if (setitimer(ITIMER_REAL, &itv, NULL) != 0) 528 err(1, "setitimer"); 529 } 530 break; 531 case 'v': 532 options |= F_VERBOSE; 533 break; 534 case 'W': /* wait ms for answer */ 535 t = strtod(optarg, &ep); 536 if (*ep || ep == optarg || t > (double)INT_MAX) 537 errx(EX_USAGE, "invalid timing interval: `%s'", 538 optarg); 539 options |= F_WAITTIME; 540 waittime = (int)t; 541 break; 542 case 'z': 543 options |= F_HDRINCL; 544 ltmp = strtol(optarg, &ep, 0); 545 if (*ep || ep == optarg || ltmp > MAXTOS || ltmp < 0) 546 errx(EX_USAGE, "invalid TOS: `%s'", optarg); 547 tos = ltmp; 548 break; 549 default: 550 usage(); 551 } 552 } 553 554 if (argc - optind != 1) 555 usage(); 556 target = argv[optind]; 557 558 switch (options & (F_MASK|F_TIME)) { 559 case 0: break; 560 case F_MASK: 561 icmp_type = ICMP_MASKREQ; 562 icmp_type_rsp = ICMP_MASKREPLY; 563 phdr_len = MASK_LEN; 564 if (!(options & F_QUIET)) 565 (void)printf("ICMP_MASKREQ\n"); 566 break; 567 case F_TIME: 568 icmp_type = ICMP_TSTAMP; 569 icmp_type_rsp = ICMP_TSTAMPREPLY; 570 phdr_len = TS_LEN; 571 if (!(options & F_QUIET)) 572 (void)printf("ICMP_TSTAMP\n"); 573 break; 574 default: 575 errx(EX_USAGE, "ICMP_TSTAMP and ICMP_MASKREQ are exclusive."); 576 break; 577 } 578 icmp_len = sizeof(struct ip) + ICMP_MINLEN + phdr_len; 579 if (options & F_RROUTE) 580 icmp_len += MAX_IPOPTLEN; 581 maxpayload = IP_MAXPACKET - icmp_len; 582 if (datalen > maxpayload) 583 errx(EX_USAGE, "packet size too large: %d > %d", datalen, 584 maxpayload); 585 send_len = icmp_len + datalen; 586 datap = &outpack[ICMP_MINLEN + phdr_len + TIMEVAL_LEN]; 587 if (options & F_PINGFILLED) { 588 fill((char *)datap, payload); 589 } 590 capdns = capdns_setup(); 591 if (source) { 592 bzero((char *)&sock_in, sizeof(sock_in)); 593 sock_in.sin_family = AF_INET; 594 if (inet_aton(source, &sock_in.sin_addr) != 0) { 595 shostname = source; 596 } else { 597 hp = cap_gethostbyname2(capdns, source, AF_INET); 598 if (!hp) 599 errx(EX_NOHOST, "cannot resolve %s: %s", 600 source, hstrerror(h_errno)); 601 602 sock_in.sin_len = sizeof sock_in; 603 if ((unsigned)hp->h_length > sizeof(sock_in.sin_addr) || 604 hp->h_length < 0) 605 errx(1, "gethostbyname2: illegal address"); 606 memcpy(&sock_in.sin_addr, hp->h_addr_list[0], 607 sizeof(sock_in.sin_addr)); 608 (void)strncpy(snamebuf, hp->h_name, 609 sizeof(snamebuf) - 1); 610 snamebuf[sizeof(snamebuf) - 1] = '\0'; 611 shostname = snamebuf; 612 } 613 if (bind(ssend, (struct sockaddr *)&sock_in, sizeof sock_in) == 614 -1) 615 err(1, "bind"); 616 } 617 618 bzero(&whereto, sizeof(whereto)); 619 to = &whereto; 620 to->sin_family = AF_INET; 621 to->sin_len = sizeof *to; 622 if (inet_aton(target, &to->sin_addr) != 0) { 623 hostname = target; 624 } else { 625 hp = cap_gethostbyname2(capdns, target, AF_INET); 626 if (!hp) 627 errx(EX_NOHOST, "cannot resolve %s: %s", 628 target, hstrerror(h_errno)); 629 630 if ((unsigned)hp->h_length > sizeof(to->sin_addr)) 631 errx(1, "gethostbyname2 returned an illegal address"); 632 memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr); 633 (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1); 634 hnamebuf[sizeof(hnamebuf) - 1] = '\0'; 635 hostname = hnamebuf; 636 } 637 638 /* From now on we will use only reverse DNS lookups. */ 639 #ifdef WITH_CASPER 640 if (capdns != NULL) { 641 const char *types[1]; 642 643 types[0] = "ADDR2NAME"; 644 if (cap_dns_type_limit(capdns, types, 1) < 0) 645 err(1, "unable to limit access to system.dns service"); 646 } 647 #endif 648 if (connect(ssend, (struct sockaddr *)&whereto, sizeof(whereto)) != 0) 649 err(1, "connect"); 650 651 if (options & F_FLOOD && options & F_INTERVAL) 652 errx(EX_USAGE, "-f and -i: incompatible options"); 653 654 if (options & F_FLOOD && IN_MULTICAST(ntohl(to->sin_addr.s_addr))) 655 errx(EX_USAGE, 656 "-f flag cannot be used with multicast destination"); 657 if (options & (F_MIF | F_NOLOOP | F_MTTL) 658 && !IN_MULTICAST(ntohl(to->sin_addr.s_addr))) 659 errx(EX_USAGE, 660 "-I, -L, -T flags cannot be used with unicast destination"); 661 662 if (datalen >= TIMEVAL_LEN) /* can we time transfer */ 663 timing = 1; 664 665 if ((options & (F_PINGFILLED | F_SWEEP)) == 0) 666 for (i = TIMEVAL_LEN; i < datalen; ++i) 667 *datap++ = i; 668 669 ident = getpid() & 0xFFFF; 670 671 hold = 1; 672 if (options & F_SO_DEBUG) { 673 (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, 674 sizeof(hold)); 675 (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, 676 sizeof(hold)); 677 } 678 if (options & F_SO_DONTROUTE) 679 (void)setsockopt(ssend, SOL_SOCKET, SO_DONTROUTE, (char *)&hold, 680 sizeof(hold)); 681 if (options & F_IP_VLAN_PCP) { 682 (void)setsockopt(ssend, IPPROTO_IP, IP_VLAN_PCP, (char *)&pcp, 683 sizeof(pcp)); 684 } 685 #ifdef IPSEC 686 #ifdef IPSEC_POLICY_IPSEC 687 if (options & F_POLICY) { 688 char *buf; 689 if (policy_in != NULL) { 690 buf = ipsec_set_policy(policy_in, strlen(policy_in)); 691 if (buf == NULL) 692 errx(EX_CONFIG, "%s", ipsec_strerror()); 693 if (setsockopt(srecv, IPPROTO_IP, IP_IPSEC_POLICY, 694 buf, ipsec_get_policylen(buf)) < 0) 695 err(EX_CONFIG, 696 "ipsec policy cannot be configured"); 697 free(buf); 698 } 699 700 if (policy_out != NULL) { 701 buf = ipsec_set_policy(policy_out, strlen(policy_out)); 702 if (buf == NULL) 703 errx(EX_CONFIG, "%s", ipsec_strerror()); 704 if (setsockopt(ssend, IPPROTO_IP, IP_IPSEC_POLICY, 705 buf, ipsec_get_policylen(buf)) < 0) 706 err(EX_CONFIG, 707 "ipsec policy cannot be configured"); 708 free(buf); 709 } 710 } 711 #endif /*IPSEC_POLICY_IPSEC*/ 712 #endif /*IPSEC*/ 713 714 if (options & F_HDRINCL) { 715 struct ip ip; 716 717 memcpy(&ip, outpackhdr, sizeof(ip)); 718 if (!(options & (F_TTL | F_MTTL))) { 719 mib[0] = CTL_NET; 720 mib[1] = PF_INET; 721 mib[2] = IPPROTO_IP; 722 mib[3] = IPCTL_DEFTTL; 723 sz = sizeof(ttl); 724 if (sysctl(mib, 4, &ttl, &sz, NULL, 0) == -1) 725 err(1, "sysctl(net.inet.ip.ttl)"); 726 } 727 setsockopt(ssend, IPPROTO_IP, IP_HDRINCL, &hold, sizeof(hold)); 728 ip.ip_v = IPVERSION; 729 ip.ip_hl = sizeof(struct ip) >> 2; 730 ip.ip_tos = tos; 731 ip.ip_id = 0; 732 ip.ip_off = htons(df ? IP_DF : 0); 733 ip.ip_ttl = ttl; 734 ip.ip_p = IPPROTO_ICMP; 735 ip.ip_src.s_addr = source ? sock_in.sin_addr.s_addr : INADDR_ANY; 736 ip.ip_dst = to->sin_addr; 737 memcpy(outpackhdr, &ip, sizeof(ip)); 738 } 739 740 /* 741 * Here we enter capability mode. Further down access to global 742 * namespaces (e.g filesystem) is restricted (see capsicum(4)). 743 * We must connect(2) our socket before this point. 744 */ 745 caph_cache_catpages(); 746 if (caph_enter_casper() < 0) 747 err(1, "caph_enter_casper"); 748 749 cap_rights_init(&rights, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); 750 if (caph_rights_limit(srecv, &rights) < 0) 751 err(1, "cap_rights_limit srecv"); 752 cap_rights_init(&rights, CAP_SEND, CAP_SETSOCKOPT); 753 if (caph_rights_limit(ssend, &rights) < 0) 754 err(1, "cap_rights_limit ssend"); 755 756 /* record route option */ 757 if (options & F_RROUTE) { 758 #ifdef IP_OPTIONS 759 bzero(rspace, sizeof(rspace)); 760 rspace[IPOPT_OPTVAL] = IPOPT_RR; 761 rspace[IPOPT_OLEN] = sizeof(rspace) - 1; 762 rspace[IPOPT_OFFSET] = IPOPT_MINOFF; 763 rspace[sizeof(rspace) - 1] = IPOPT_EOL; 764 if (setsockopt(ssend, IPPROTO_IP, IP_OPTIONS, rspace, 765 sizeof(rspace)) < 0) 766 err(EX_OSERR, "setsockopt IP_OPTIONS"); 767 #else 768 errx(EX_UNAVAILABLE, 769 "record route not available in this implementation"); 770 #endif /* IP_OPTIONS */ 771 } 772 773 if (options & F_TTL) { 774 if (setsockopt(ssend, IPPROTO_IP, IP_TTL, &ttl, 775 sizeof(ttl)) < 0) { 776 err(EX_OSERR, "setsockopt IP_TTL"); 777 } 778 } 779 if (options & F_NOLOOP) { 780 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, 781 sizeof(loop)) < 0) { 782 err(EX_OSERR, "setsockopt IP_MULTICAST_LOOP"); 783 } 784 } 785 if (options & F_MTTL) { 786 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_TTL, &mttl, 787 sizeof(mttl)) < 0) { 788 err(EX_OSERR, "setsockopt IP_MULTICAST_TTL"); 789 } 790 } 791 if (options & F_MIF) { 792 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_IF, &ifaddr, 793 sizeof(ifaddr)) < 0) { 794 err(EX_OSERR, "setsockopt IP_MULTICAST_IF"); 795 } 796 } 797 #ifdef SO_TIMESTAMP 798 { 799 int on = 1; 800 int ts_clock = SO_TS_MONOTONIC; 801 if (setsockopt(srecv, SOL_SOCKET, SO_TIMESTAMP, &on, 802 sizeof(on)) < 0) 803 err(EX_OSERR, "setsockopt SO_TIMESTAMP"); 804 if (setsockopt(srecv, SOL_SOCKET, SO_TS_CLOCK, &ts_clock, 805 sizeof(ts_clock)) < 0) 806 err(EX_OSERR, "setsockopt SO_TS_CLOCK"); 807 } 808 #endif 809 if (sweepmax) { 810 if (sweepmin > sweepmax) 811 errx(EX_USAGE, 812 "Maximum packet size must be no less than the minimum packet size"); 813 814 if (sweepmax > maxpayload - TIMEVAL_LEN) 815 errx(EX_USAGE, "Invalid sweep maximum"); 816 817 if (datalen != DEFDATALEN) 818 errx(EX_USAGE, 819 "Packet size and ping sweep are mutually exclusive"); 820 821 if (npackets > 0) { 822 snpackets = npackets; 823 npackets = 0; 824 } else 825 snpackets = 1; 826 datalen = sweepmin; 827 send_len = icmp_len + sweepmin; 828 } 829 if (options & F_SWEEP && !sweepmax) 830 errx(EX_USAGE, "Maximum sweep size must be specified"); 831 832 /* 833 * When pinging the broadcast address, you can get a lot of answers. 834 * Doing something so evil is useful if you are trying to stress the 835 * ethernet, or just want to fill the arp cache to get some stuff for 836 * /etc/ethers. But beware: RFC 1122 allows hosts to ignore broadcast 837 * or multicast pings if they wish. 838 */ 839 840 /* 841 * XXX receive buffer needs undetermined space for mbuf overhead 842 * as well. 843 */ 844 hold = IP_MAXPACKET + 128; 845 (void)setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, 846 sizeof(hold)); 847 /* CAP_SETSOCKOPT removed */ 848 cap_rights_init(&rights, CAP_RECV, CAP_EVENT); 849 if (caph_rights_limit(srecv, &rights) < 0) 850 err(1, "cap_rights_limit srecv setsockopt"); 851 if (uid == 0) 852 (void)setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, (char *)&hold, 853 sizeof(hold)); 854 /* CAP_SETSOCKOPT removed */ 855 cap_rights_init(&rights, CAP_SEND); 856 if (caph_rights_limit(ssend, &rights) < 0) 857 err(1, "cap_rights_limit ssend setsockopt"); 858 859 if (to->sin_family == AF_INET) { 860 (void)printf("PING %s (%s)", hostname, 861 inet_ntoa(to->sin_addr)); 862 if (source) 863 (void)printf(" from %s", shostname); 864 if (sweepmax) 865 (void)printf(": (%d ... %d) data bytes\n", 866 sweepmin, sweepmax); 867 else 868 (void)printf(": %d data bytes\n", datalen); 869 870 } else { 871 if (sweepmax) 872 (void)printf("PING %s: (%d ... %d) data bytes\n", 873 hostname, sweepmin, sweepmax); 874 else 875 (void)printf("PING %s: %d data bytes\n", hostname, datalen); 876 } 877 878 /* 879 * Use sigaction() instead of signal() to get unambiguous semantics, 880 * in particular with SA_RESTART not set. 881 */ 882 883 sigemptyset(&si_sa.sa_mask); 884 si_sa.sa_flags = 0; 885 886 si_sa.sa_handler = stopit; 887 if (sigaction(SIGINT, &si_sa, 0) == -1) { 888 err(EX_OSERR, "sigaction SIGINT"); 889 } 890 891 si_sa.sa_handler = status; 892 if (sigaction(SIGINFO, &si_sa, 0) == -1) { 893 err(EX_OSERR, "sigaction"); 894 } 895 896 if (alarmtimeout > 0) { 897 si_sa.sa_handler = stopit; 898 if (sigaction(SIGALRM, &si_sa, 0) == -1) 899 err(EX_OSERR, "sigaction SIGALRM"); 900 } 901 902 bzero(&msg, sizeof(msg)); 903 msg.msg_name = (caddr_t)&from; 904 msg.msg_iov = &iov; 905 msg.msg_iovlen = 1; 906 #ifdef SO_TIMESTAMP 907 msg.msg_control = (caddr_t)ctrl; 908 msg.msg_controllen = sizeof(ctrl); 909 #endif 910 iov.iov_base = packet; 911 iov.iov_len = IP_MAXPACKET; 912 913 if (preload == 0) 914 pinger(); /* send the first ping */ 915 else { 916 if (npackets != 0 && preload > npackets) 917 preload = npackets; 918 while (preload--) /* fire off them quickies */ 919 pinger(); 920 } 921 (void)clock_gettime(CLOCK_MONOTONIC, &last); 922 923 if (options & F_FLOOD) { 924 intvl.tv_sec = 0; 925 intvl.tv_nsec = 10000000; 926 } else { 927 intvl.tv_sec = interval / 1000; 928 intvl.tv_nsec = interval % 1000 * 1000000; 929 } 930 931 almost_done = 0; 932 while (!finish_up) { 933 struct timespec now, timeout; 934 fd_set rfds; 935 int n; 936 ssize_t cc; 937 938 check_status(); 939 if ((unsigned)srecv >= FD_SETSIZE) 940 errx(EX_OSERR, "descriptor too large"); 941 FD_ZERO(&rfds); 942 FD_SET(srecv, &rfds); 943 (void)clock_gettime(CLOCK_MONOTONIC, &now); 944 timespecadd(&last, &intvl, &timeout); 945 timespecsub(&timeout, &now, &timeout); 946 if (timeout.tv_sec < 0) 947 timespecclear(&timeout); 948 n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL); 949 if (n < 0) 950 continue; /* Must be EINTR. */ 951 if (n == 1) { 952 struct timespec *tv = NULL; 953 #ifdef SO_TIMESTAMP 954 struct cmsghdr *cmsg = CMSG_FIRSTHDR(&msg); 955 #endif 956 msg.msg_namelen = sizeof(from); 957 if ((cc = recvmsg(srecv, &msg, 0)) < 0) { 958 if (errno == EINTR) 959 continue; 960 warn("recvmsg"); 961 continue; 962 } 963 /* If we have a 0 byte read from recvfrom continue */ 964 if (cc == 0) 965 continue; 966 #ifdef SO_TIMESTAMP 967 if (cmsg != NULL && 968 cmsg->cmsg_level == SOL_SOCKET && 969 cmsg->cmsg_type == SCM_TIMESTAMP && 970 cmsg->cmsg_len == CMSG_LEN(sizeof *tv)) { 971 /* Copy to avoid alignment problems: */ 972 memcpy(&now, CMSG_DATA(cmsg), sizeof(now)); 973 tv = &now; 974 } 975 #endif 976 if (tv == NULL) { 977 (void)clock_gettime(CLOCK_MONOTONIC, &now); 978 tv = &now; 979 } 980 pr_pack((char *)packet, cc, &from, tv); 981 if ((options & F_ONCE && nreceived) || 982 (npackets && nreceived >= npackets)) 983 break; 984 } 985 if (n == 0 || options & F_FLOOD) { 986 if (sweepmax && sntransmitted == snpackets) { 987 if (datalen + sweepincr > sweepmax) 988 break; 989 for (i = 0; i < sweepincr; i++) 990 *datap++ = i; 991 datalen += sweepincr; 992 send_len = icmp_len + datalen; 993 sntransmitted = 0; 994 } 995 if (!npackets || ntransmitted < npackets) 996 pinger(); 997 else { 998 if (almost_done) 999 break; 1000 almost_done = 1; 1001 intvl.tv_nsec = 0; 1002 if (nreceived) { 1003 intvl.tv_sec = 2 * tmax / 1000; 1004 if (!intvl.tv_sec) 1005 intvl.tv_sec = 1; 1006 } else { 1007 intvl.tv_sec = waittime / 1000; 1008 intvl.tv_nsec = waittime % 1000 * 1000000; 1009 } 1010 } 1011 (void)clock_gettime(CLOCK_MONOTONIC, &last); 1012 if (ntransmitted - nreceived - 1 > nmissedmax) { 1013 nmissedmax = ntransmitted - nreceived - 1; 1014 if (options & F_MISSED) 1015 (void)write(STDOUT_FILENO, &BBELL, 1); 1016 } 1017 } 1018 } 1019 finish(); 1020 /* NOTREACHED */ 1021 exit(0); /* Make the compiler happy */ 1022 } 1023 1024 /* 1025 * stopit -- 1026 * Set the global bit that causes the main loop to quit. 1027 * Do NOT call finish() from here, since finish() does far too much 1028 * to be called from a signal handler. 1029 */ 1030 void 1031 stopit(int sig __unused) 1032 { 1033 1034 /* 1035 * When doing reverse DNS lookups, the finish_up flag might not 1036 * be noticed for a while. Just exit if we get a second SIGINT. 1037 */ 1038 if (!(options & F_NUMERIC) && finish_up) 1039 _exit(nreceived ? 0 : 2); 1040 finish_up = 1; 1041 } 1042 1043 /* 1044 * pinger -- 1045 * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet 1046 * will be added on by the kernel. The ID field is our UNIX process ID, 1047 * and the sequence number is an ascending integer. The first TIMEVAL_LEN 1048 * bytes of the data portion are used to hold a UNIX "timespec" struct in 1049 * host byte-order, to compute the round-trip time. 1050 */ 1051 static void 1052 pinger(void) 1053 { 1054 struct timespec now; 1055 struct tv32 tv32; 1056 struct icmp icp; 1057 int cc, i; 1058 u_char *packet; 1059 1060 packet = outpack; 1061 memcpy(&icp, outpack, ICMP_MINLEN + phdr_len); 1062 icp.icmp_type = icmp_type; 1063 icp.icmp_code = 0; 1064 icp.icmp_cksum = 0; 1065 icp.icmp_seq = htons(ntransmitted); 1066 icp.icmp_id = ident; /* ID */ 1067 1068 CLR(ntransmitted % mx_dup_ck); 1069 1070 if ((options & F_TIME) || timing) { 1071 (void)clock_gettime(CLOCK_MONOTONIC, &now); 1072 /* 1073 * Truncate seconds down to 32 bits in order 1074 * to fit the timestamp within 8 bytes of the 1075 * packet. We're only concerned with 1076 * durations, not absolute times. 1077 */ 1078 tv32.tv32_sec = (uint32_t)htonl(now.tv_sec); 1079 tv32.tv32_nsec = (uint32_t)htonl(now.tv_nsec); 1080 if (options & F_TIME) 1081 icp.icmp_otime = htonl((now.tv_sec % (24*60*60)) 1082 * 1000 + now.tv_nsec / 1000000); 1083 if (timing) 1084 bcopy((void *)&tv32, 1085 (void *)&outpack[ICMP_MINLEN + phdr_len], 1086 sizeof(tv32)); 1087 } 1088 1089 memcpy(outpack, &icp, ICMP_MINLEN + phdr_len); 1090 1091 cc = ICMP_MINLEN + phdr_len + datalen; 1092 1093 /* compute ICMP checksum here */ 1094 icp.icmp_cksum = in_cksum(outpack, cc); 1095 /* Update icmp_cksum in the raw packet data buffer. */ 1096 memcpy(outpack + offsetof(struct icmp, icmp_cksum), &icp.icmp_cksum, 1097 sizeof(icp.icmp_cksum)); 1098 1099 if (options & F_HDRINCL) { 1100 struct ip ip; 1101 1102 cc += sizeof(struct ip); 1103 ip.ip_len = htons(cc); 1104 /* Update ip_len in the raw packet data buffer. */ 1105 memcpy(outpackhdr + offsetof(struct ip, ip_len), &ip.ip_len, 1106 sizeof(ip.ip_len)); 1107 ip.ip_sum = in_cksum(outpackhdr, cc); 1108 /* Update ip_sum in the raw packet data buffer. */ 1109 memcpy(outpackhdr + offsetof(struct ip, ip_sum), &ip.ip_sum, 1110 sizeof(ip.ip_sum)); 1111 packet = outpackhdr; 1112 } 1113 i = send(ssend, (char *)packet, cc, 0); 1114 if (i < 0 || i != cc) { 1115 if (i < 0) { 1116 if (options & F_FLOOD && errno == ENOBUFS) { 1117 usleep(FLOOD_BACKOFF); 1118 return; 1119 } 1120 warn("sendto"); 1121 } else { 1122 warn("%s: partial write: %d of %d bytes", 1123 hostname, i, cc); 1124 } 1125 } 1126 ntransmitted++; 1127 sntransmitted++; 1128 if (!(options & F_QUIET) && options & F_DOT) 1129 (void)write(STDOUT_FILENO, &DOT[DOTidx++ % DOTlen], 1); 1130 } 1131 1132 /* 1133 * pr_pack -- 1134 * Print out the packet, if it came from us. This logic is necessary 1135 * because ALL readers of the ICMP socket get a copy of ALL ICMP packets 1136 * which arrive ('tis only fair). This permits multiple copies of this 1137 * program to be run without having intermingled output (or statistics!). 1138 */ 1139 static void 1140 pr_pack(char *buf, ssize_t cc, struct sockaddr_in *from, struct timespec *tv) 1141 { 1142 struct in_addr ina; 1143 u_char *cp, *dp, l; 1144 struct icmp icp; 1145 struct ip ip; 1146 const u_char *icmp_data_raw; 1147 ssize_t icmp_data_raw_len; 1148 double triptime; 1149 int dupflag, i, j, recv_len; 1150 int8_t hlen; 1151 uint16_t seq; 1152 static int old_rrlen; 1153 static char old_rr[MAX_IPOPTLEN]; 1154 struct ip oip; 1155 u_char oip_header_len; 1156 struct icmp oicmp; 1157 const u_char *oicmp_raw; 1158 1159 /* 1160 * Get size of IP header of the received packet. 1161 * The header length is contained in the lower four bits of the first 1162 * byte and represents the number of 4 byte octets the header takes up. 1163 * 1164 * The IHL minimum value is 5 (20 bytes) and its maximum value is 15 1165 * (60 bytes). 1166 */ 1167 memcpy(&l, buf, sizeof(l)); 1168 hlen = (l & 0x0f) << 2; 1169 1170 /* Reject IP packets with a short header */ 1171 if (hlen < (int8_t) sizeof(struct ip)) { 1172 if (options & F_VERBOSE) 1173 warn("IHL too short (%d bytes) from %s", hlen, 1174 inet_ntoa(from->sin_addr)); 1175 return; 1176 } 1177 1178 memcpy(&ip, buf, sizeof(struct ip)); 1179 1180 /* Check packet has enough data to carry a valid ICMP header */ 1181 recv_len = cc; 1182 if (cc < hlen + ICMP_MINLEN) { 1183 if (options & F_VERBOSE) 1184 warn("packet too short (%zd bytes) from %s", cc, 1185 inet_ntoa(from->sin_addr)); 1186 return; 1187 } 1188 1189 icmp_data_raw_len = cc - (hlen + offsetof(struct icmp, icmp_data)); 1190 icmp_data_raw = buf + hlen + offsetof(struct icmp, icmp_data); 1191 1192 /* Now the ICMP part */ 1193 cc -= hlen; 1194 memcpy(&icp, buf + hlen, MIN((ssize_t)sizeof(icp), cc)); 1195 if (icp.icmp_type == icmp_type_rsp) { 1196 if (icp.icmp_id != ident) 1197 return; /* 'Twas not our ECHO */ 1198 ++nreceived; 1199 triptime = 0.0; 1200 if (timing) { 1201 struct timespec tv1; 1202 struct tv32 tv32; 1203 const u_char *tp; 1204 1205 tp = icmp_data_raw + phdr_len; 1206 1207 if ((size_t)(cc - ICMP_MINLEN - phdr_len) >= 1208 sizeof(tv1)) { 1209 /* Copy to avoid alignment problems: */ 1210 memcpy(&tv32, tp, sizeof(tv32)); 1211 tv1.tv_sec = ntohl(tv32.tv32_sec); 1212 tv1.tv_nsec = ntohl(tv32.tv32_nsec); 1213 timespecsub(tv, &tv1, tv); 1214 triptime = ((double)tv->tv_sec) * 1000.0 + 1215 ((double)tv->tv_nsec) / 1000000.0; 1216 if (triptime < 0) { 1217 warnx("time of day goes back (%.3f ms)," 1218 " clamping time to 0", 1219 triptime); 1220 triptime = 0; 1221 } 1222 tsum += triptime; 1223 tsumsq += triptime * triptime; 1224 if (triptime < tmin) 1225 tmin = triptime; 1226 if (triptime > tmax) 1227 tmax = triptime; 1228 } else 1229 timing = 0; 1230 } 1231 1232 seq = ntohs(icp.icmp_seq); 1233 1234 if (TST(seq % mx_dup_ck)) { 1235 ++nrepeats; 1236 --nreceived; 1237 dupflag = 1; 1238 } else { 1239 SET(seq % mx_dup_ck); 1240 dupflag = 0; 1241 } 1242 1243 if (options & F_QUIET) 1244 return; 1245 1246 if (options & F_WAITTIME && triptime > waittime) { 1247 ++nrcvtimeout; 1248 return; 1249 } 1250 1251 if (options & F_DOT) 1252 (void)write(STDOUT_FILENO, &BSPACE, 1); 1253 else { 1254 (void)printf("%zd bytes from %s: icmp_seq=%u", cc, 1255 pr_addr(from->sin_addr), seq); 1256 (void)printf(" ttl=%d", ip.ip_ttl); 1257 if (timing) 1258 (void)printf(" time=%.3f ms", triptime); 1259 if (dupflag) 1260 (void)printf(" (DUP!)"); 1261 if (options & F_AUDIBLE) 1262 (void)write(STDOUT_FILENO, &BBELL, 1); 1263 if (options & F_MASK) { 1264 /* Just prentend this cast isn't ugly */ 1265 (void)printf(" mask=%s", 1266 inet_ntoa(*(struct in_addr *)&(icp.icmp_mask))); 1267 } 1268 if (options & F_TIME) { 1269 (void)printf(" tso=%s", pr_ntime(icp.icmp_otime)); 1270 (void)printf(" tsr=%s", pr_ntime(icp.icmp_rtime)); 1271 (void)printf(" tst=%s", pr_ntime(icp.icmp_ttime)); 1272 } 1273 if (recv_len != send_len) { 1274 (void)printf( 1275 "\nwrong total length %d instead of %d", 1276 recv_len, send_len); 1277 } 1278 /* check the data */ 1279 cp = (u_char*)(buf + hlen + offsetof(struct icmp, 1280 icmp_data) + phdr_len); 1281 dp = &outpack[ICMP_MINLEN + phdr_len]; 1282 cc -= ICMP_MINLEN + phdr_len; 1283 i = 0; 1284 if (timing) { /* don't check variable timestamp */ 1285 cp += TIMEVAL_LEN; 1286 dp += TIMEVAL_LEN; 1287 cc -= TIMEVAL_LEN; 1288 i += TIMEVAL_LEN; 1289 } 1290 for (; i < datalen && cc > 0; ++i, ++cp, ++dp, --cc) { 1291 if (*cp != *dp) { 1292 (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", 1293 i, *dp, *cp); 1294 (void)printf("\ncp:"); 1295 cp = (u_char*)(buf + hlen + 1296 offsetof(struct icmp, icmp_data)); 1297 for (i = 0; i < datalen; ++i, ++cp) { 1298 if ((i % 16) == 8) 1299 (void)printf("\n\t"); 1300 (void)printf("%2x ", *cp); 1301 } 1302 (void)printf("\ndp:"); 1303 cp = &outpack[ICMP_MINLEN]; 1304 for (i = 0; i < datalen; ++i, ++cp) { 1305 if ((i % 16) == 8) 1306 (void)printf("\n\t"); 1307 (void)printf("%2x ", *cp); 1308 } 1309 break; 1310 } 1311 } 1312 } 1313 } else { 1314 /* 1315 * We've got something other than an ECHOREPLY. 1316 * See if it's a reply to something that we sent. 1317 * We can compare IP destination, protocol, 1318 * and ICMP type and ID. 1319 * 1320 * Only print all the error messages if we are running 1321 * as root to avoid leaking information not normally 1322 * available to those not running as root. 1323 */ 1324 1325 /* 1326 * If we don't have enough bytes for a quoted IP header and an 1327 * ICMP header then stop. 1328 */ 1329 if (icmp_data_raw_len < 1330 (ssize_t)(sizeof(struct ip) + sizeof(struct icmp))) { 1331 if (options & F_VERBOSE) 1332 warnx("quoted data too short (%zd bytes) from %s", 1333 icmp_data_raw_len, inet_ntoa(from->sin_addr)); 1334 return; 1335 } 1336 1337 memcpy(&oip_header_len, icmp_data_raw, sizeof(oip_header_len)); 1338 oip_header_len = (oip_header_len & 0x0f) << 2; 1339 1340 /* Reject IP packets with a short header */ 1341 if (oip_header_len < sizeof(struct ip)) { 1342 if (options & F_VERBOSE) 1343 warnx("inner IHL too short (%d bytes) from %s", 1344 oip_header_len, inet_ntoa(from->sin_addr)); 1345 return; 1346 } 1347 1348 /* 1349 * Check against the actual IHL length, to protect against 1350 * quoated packets carrying IP options. 1351 */ 1352 if (icmp_data_raw_len < 1353 (ssize_t)(oip_header_len + sizeof(struct icmp))) { 1354 if (options & F_VERBOSE) 1355 warnx("inner packet too short (%zd bytes) from %s", 1356 icmp_data_raw_len, inet_ntoa(from->sin_addr)); 1357 return; 1358 } 1359 1360 memcpy(&oip, icmp_data_raw, sizeof(struct ip)); 1361 oicmp_raw = icmp_data_raw + oip_header_len; 1362 memcpy(&oicmp, oicmp_raw, sizeof(struct icmp)); 1363 1364 if (((options & F_VERBOSE) && uid == 0) || 1365 (!(options & F_QUIET2) && 1366 (oip.ip_dst.s_addr == whereto.sin_addr.s_addr) && 1367 (oip.ip_p == IPPROTO_ICMP) && 1368 (oicmp.icmp_type == ICMP_ECHO) && 1369 (oicmp.icmp_id == ident))) { 1370 (void)printf("%zd bytes from %s: ", cc, 1371 pr_addr(from->sin_addr)); 1372 pr_icmph(&icp, &oip, icmp_data_raw); 1373 } else 1374 return; 1375 } 1376 1377 /* Display any IP options */ 1378 cp = (u_char *)buf + sizeof(struct ip); 1379 1380 for (; hlen > (int)sizeof(struct ip); --hlen, ++cp) 1381 switch (*cp) { 1382 case IPOPT_EOL: 1383 hlen = 0; 1384 break; 1385 case IPOPT_LSRR: 1386 case IPOPT_SSRR: 1387 (void)printf(*cp == IPOPT_LSRR ? 1388 "\nLSRR: " : "\nSSRR: "); 1389 j = cp[IPOPT_OLEN] - IPOPT_MINOFF + 1; 1390 hlen -= 2; 1391 cp += 2; 1392 if (j >= INADDR_LEN && 1393 j <= hlen - (int)sizeof(struct ip)) { 1394 for (;;) { 1395 bcopy(++cp, &ina.s_addr, INADDR_LEN); 1396 if (ina.s_addr == 0) 1397 (void)printf("\t0.0.0.0"); 1398 else 1399 (void)printf("\t%s", 1400 pr_addr(ina)); 1401 hlen -= INADDR_LEN; 1402 cp += INADDR_LEN - 1; 1403 j -= INADDR_LEN; 1404 if (j < INADDR_LEN) 1405 break; 1406 (void)putchar('\n'); 1407 } 1408 } else 1409 (void)printf("\t(truncated route)\n"); 1410 break; 1411 case IPOPT_RR: 1412 j = cp[IPOPT_OLEN]; /* get length */ 1413 i = cp[IPOPT_OFFSET]; /* and pointer */ 1414 hlen -= 2; 1415 cp += 2; 1416 if (i > j) 1417 i = j; 1418 i = i - IPOPT_MINOFF + 1; 1419 if (i < 0 || i > (hlen - (int)sizeof(struct ip))) { 1420 old_rrlen = 0; 1421 continue; 1422 } 1423 if (i == old_rrlen 1424 && !bcmp((char *)cp, old_rr, i) 1425 && !(options & F_DOT)) { 1426 (void)printf("\t(same route)"); 1427 hlen -= i; 1428 cp += i; 1429 break; 1430 } 1431 old_rrlen = i; 1432 bcopy((char *)cp, old_rr, i); 1433 (void)printf("\nRR: "); 1434 if (i >= INADDR_LEN && 1435 i <= hlen - (int)sizeof(struct ip)) { 1436 for (;;) { 1437 bcopy(++cp, &ina.s_addr, INADDR_LEN); 1438 if (ina.s_addr == 0) 1439 (void)printf("\t0.0.0.0"); 1440 else 1441 (void)printf("\t%s", 1442 pr_addr(ina)); 1443 hlen -= INADDR_LEN; 1444 cp += INADDR_LEN - 1; 1445 i -= INADDR_LEN; 1446 if (i < INADDR_LEN) 1447 break; 1448 (void)putchar('\n'); 1449 } 1450 } else 1451 (void)printf("\t(truncated route)"); 1452 break; 1453 case IPOPT_NOP: 1454 (void)printf("\nNOP"); 1455 break; 1456 default: 1457 (void)printf("\nunknown option %x", *cp); 1458 break; 1459 } 1460 if (!(options & F_DOT)) { 1461 (void)putchar('\n'); 1462 (void)fflush(stdout); 1463 } 1464 } 1465 1466 /* 1467 * status -- 1468 * Print out statistics when SIGINFO is received. 1469 */ 1470 1471 static void 1472 status(int sig __unused) 1473 { 1474 1475 siginfo_p = 1; 1476 } 1477 1478 static void 1479 check_status(void) 1480 { 1481 1482 if (siginfo_p) { 1483 siginfo_p = 0; 1484 (void)fprintf(stderr, "\r%ld/%ld packets received (%.1f%%)", 1485 nreceived, ntransmitted, 1486 ntransmitted ? nreceived * 100.0 / ntransmitted : 0.0); 1487 if (nreceived && timing) 1488 (void)fprintf(stderr, " %.3f min / %.3f avg / %.3f max", 1489 tmin, tsum / (nreceived + nrepeats), tmax); 1490 (void)fprintf(stderr, "\n"); 1491 } 1492 } 1493 1494 /* 1495 * finish -- 1496 * Print out statistics, and give up. 1497 */ 1498 static void 1499 finish(void) 1500 { 1501 1502 (void)signal(SIGINT, SIG_IGN); 1503 (void)signal(SIGALRM, SIG_IGN); 1504 (void)putchar('\n'); 1505 (void)fflush(stdout); 1506 (void)printf("--- %s ping statistics ---\n", hostname); 1507 (void)printf("%ld packets transmitted, ", ntransmitted); 1508 (void)printf("%ld packets received, ", nreceived); 1509 if (nrepeats) 1510 (void)printf("+%ld duplicates, ", nrepeats); 1511 if (ntransmitted) { 1512 if (nreceived > ntransmitted) 1513 (void)printf("-- somebody's printing up packets!"); 1514 else 1515 (void)printf("%.1f%% packet loss", 1516 ((ntransmitted - nreceived) * 100.0) / 1517 ntransmitted); 1518 } 1519 if (nrcvtimeout) 1520 (void)printf(", %ld packets out of wait time", nrcvtimeout); 1521 (void)putchar('\n'); 1522 if (nreceived && timing) { 1523 double n = nreceived + nrepeats; 1524 double avg = tsum / n; 1525 double vari = tsumsq / n - avg * avg; 1526 (void)printf( 1527 "round-trip min/avg/max/stddev = %.3f/%.3f/%.3f/%.3f ms\n", 1528 tmin, avg, tmax, sqrt(vari)); 1529 } 1530 1531 if (nreceived) 1532 exit(0); 1533 else 1534 exit(2); 1535 } 1536 1537 /* 1538 * pr_icmph -- 1539 * Print a descriptive string about an ICMP header. 1540 */ 1541 static void 1542 pr_icmph(struct icmp *icp, struct ip *oip, const u_char *const oicmp_raw) 1543 { 1544 1545 switch(icp->icmp_type) { 1546 case ICMP_ECHOREPLY: 1547 (void)printf("Echo Reply\n"); 1548 /* XXX ID + Seq + Data */ 1549 break; 1550 case ICMP_UNREACH: 1551 switch(icp->icmp_code) { 1552 case ICMP_UNREACH_NET: 1553 (void)printf("Destination Net Unreachable\n"); 1554 break; 1555 case ICMP_UNREACH_HOST: 1556 (void)printf("Destination Host Unreachable\n"); 1557 break; 1558 case ICMP_UNREACH_PROTOCOL: 1559 (void)printf("Destination Protocol Unreachable\n"); 1560 break; 1561 case ICMP_UNREACH_PORT: 1562 (void)printf("Destination Port Unreachable\n"); 1563 break; 1564 case ICMP_UNREACH_NEEDFRAG: 1565 (void)printf("frag needed and DF set (MTU %d)\n", 1566 ntohs(icp->icmp_nextmtu)); 1567 break; 1568 case ICMP_UNREACH_SRCFAIL: 1569 (void)printf("Source Route Failed\n"); 1570 break; 1571 case ICMP_UNREACH_FILTER_PROHIB: 1572 (void)printf("Communication prohibited by filter\n"); 1573 break; 1574 default: 1575 (void)printf("Dest Unreachable, Bad Code: %d\n", 1576 icp->icmp_code); 1577 break; 1578 } 1579 /* Print returned IP header information */ 1580 pr_iph(oip, oicmp_raw); 1581 break; 1582 case ICMP_SOURCEQUENCH: 1583 (void)printf("Source Quench\n"); 1584 pr_iph(oip, oicmp_raw); 1585 break; 1586 case ICMP_REDIRECT: 1587 switch(icp->icmp_code) { 1588 case ICMP_REDIRECT_NET: 1589 (void)printf("Redirect Network"); 1590 break; 1591 case ICMP_REDIRECT_HOST: 1592 (void)printf("Redirect Host"); 1593 break; 1594 case ICMP_REDIRECT_TOSNET: 1595 (void)printf("Redirect Type of Service and Network"); 1596 break; 1597 case ICMP_REDIRECT_TOSHOST: 1598 (void)printf("Redirect Type of Service and Host"); 1599 break; 1600 default: 1601 (void)printf("Redirect, Bad Code: %d", icp->icmp_code); 1602 break; 1603 } 1604 (void)printf("(New addr: %s)\n", inet_ntoa(icp->icmp_gwaddr)); 1605 pr_iph(oip, oicmp_raw); 1606 break; 1607 case ICMP_ECHO: 1608 (void)printf("Echo Request\n"); 1609 /* XXX ID + Seq + Data */ 1610 break; 1611 case ICMP_TIMXCEED: 1612 switch(icp->icmp_code) { 1613 case ICMP_TIMXCEED_INTRANS: 1614 (void)printf("Time to live exceeded\n"); 1615 break; 1616 case ICMP_TIMXCEED_REASS: 1617 (void)printf("Frag reassembly time exceeded\n"); 1618 break; 1619 default: 1620 (void)printf("Time exceeded, Bad Code: %d\n", 1621 icp->icmp_code); 1622 break; 1623 } 1624 pr_iph(oip, oicmp_raw); 1625 break; 1626 case ICMP_PARAMPROB: 1627 (void)printf("Parameter problem: pointer = 0x%02x\n", 1628 icp->icmp_hun.ih_pptr); 1629 pr_iph(oip, oicmp_raw); 1630 break; 1631 case ICMP_TSTAMP: 1632 (void)printf("Timestamp\n"); 1633 /* XXX ID + Seq + 3 timestamps */ 1634 break; 1635 case ICMP_TSTAMPREPLY: 1636 (void)printf("Timestamp Reply\n"); 1637 /* XXX ID + Seq + 3 timestamps */ 1638 break; 1639 case ICMP_IREQ: 1640 (void)printf("Information Request\n"); 1641 /* XXX ID + Seq */ 1642 break; 1643 case ICMP_IREQREPLY: 1644 (void)printf("Information Reply\n"); 1645 /* XXX ID + Seq */ 1646 break; 1647 case ICMP_MASKREQ: 1648 (void)printf("Address Mask Request\n"); 1649 break; 1650 case ICMP_MASKREPLY: 1651 (void)printf("Address Mask Reply\n"); 1652 break; 1653 case ICMP_ROUTERADVERT: 1654 (void)printf("Router Advertisement\n"); 1655 break; 1656 case ICMP_ROUTERSOLICIT: 1657 (void)printf("Router Solicitation\n"); 1658 break; 1659 default: 1660 (void)printf("Bad ICMP type: %d\n", icp->icmp_type); 1661 } 1662 } 1663 1664 /* 1665 * pr_iph -- 1666 * Print an IP header with options. 1667 */ 1668 static void 1669 pr_iph(struct ip *ip, const u_char *cp) 1670 { 1671 struct in_addr ina; 1672 int hlen; 1673 1674 hlen = ip->ip_hl << 2; 1675 cp = cp + sizeof(struct ip); /* point to options */ 1676 1677 (void)printf("Vr HL TOS Len ID Flg off TTL Pro cks Src Dst\n"); 1678 (void)printf(" %1x %1x %02x %04x %04x", 1679 ip->ip_v, ip->ip_hl, ip->ip_tos, ntohs(ip->ip_len), 1680 ntohs(ip->ip_id)); 1681 (void)printf(" %1x %04x", 1682 (ntohs(ip->ip_off) & 0xe000) >> 13, 1683 ntohs(ip->ip_off) & 0x1fff); 1684 (void)printf(" %02x %02x %04x", ip->ip_ttl, ip->ip_p, 1685 ntohs(ip->ip_sum)); 1686 memcpy(&ina, &ip->ip_src.s_addr, sizeof ina); 1687 (void)printf(" %s ", inet_ntoa(ina)); 1688 memcpy(&ina, &ip->ip_dst.s_addr, sizeof ina); 1689 (void)printf(" %s ", inet_ntoa(ina)); 1690 /* dump any option bytes */ 1691 while (hlen-- > (int)sizeof(struct ip)) { 1692 (void)printf("%02x", *cp++); 1693 } 1694 (void)putchar('\n'); 1695 } 1696 1697 /* 1698 * pr_addr -- 1699 * Return an ascii host address as a dotted quad and optionally with 1700 * a hostname. 1701 */ 1702 static char * 1703 pr_addr(struct in_addr ina) 1704 { 1705 struct hostent *hp; 1706 static char buf[16 + 3 + MAXHOSTNAMELEN]; 1707 1708 if (options & F_NUMERIC) 1709 return inet_ntoa(ina); 1710 1711 hp = cap_gethostbyaddr(capdns, (char *)&ina, sizeof(ina), AF_INET); 1712 1713 if (hp == NULL) 1714 return inet_ntoa(ina); 1715 1716 (void)snprintf(buf, sizeof(buf), "%s (%s)", hp->h_name, 1717 inet_ntoa(ina)); 1718 return(buf); 1719 } 1720 1721 static char * 1722 pr_ntime(n_time timestamp) 1723 { 1724 static char buf[11]; 1725 int hour, min, sec; 1726 1727 sec = ntohl(timestamp) / 1000; 1728 hour = sec / 60 / 60; 1729 min = (sec % (60 * 60)) / 60; 1730 sec = (sec % (60 * 60)) % 60; 1731 1732 (void)snprintf(buf, sizeof(buf), "%02d:%02d:%02d", hour, min, sec); 1733 1734 return (buf); 1735 } 1736 1737 static void 1738 fill(char *bp, char *patp) 1739 { 1740 char *cp; 1741 int pat[16]; 1742 u_int ii, jj, kk; 1743 1744 for (cp = patp; *cp; cp++) { 1745 if (!isxdigit(*cp)) 1746 errx(EX_USAGE, 1747 "patterns must be specified as hex digits"); 1748 1749 } 1750 ii = sscanf(patp, 1751 "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", 1752 &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], 1753 &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], 1754 &pat[13], &pat[14], &pat[15]); 1755 1756 if (ii > 0) 1757 for (kk = 0; kk <= maxpayload - (TIMEVAL_LEN + ii); kk += ii) 1758 for (jj = 0; jj < ii; ++jj) 1759 bp[jj + kk] = pat[jj]; 1760 if (!(options & F_QUIET)) { 1761 (void)printf("PATTERN: 0x"); 1762 for (jj = 0; jj < ii; ++jj) 1763 (void)printf("%02x", bp[jj] & 0xFF); 1764 (void)printf("\n"); 1765 } 1766 } 1767 1768 static cap_channel_t * 1769 capdns_setup(void) 1770 { 1771 cap_channel_t *capcas, *capdnsloc; 1772 #ifdef WITH_CASPER 1773 const char *types[2]; 1774 int families[1]; 1775 #endif 1776 capcas = cap_init(); 1777 if (capcas == NULL) 1778 err(1, "unable to create casper process"); 1779 capdnsloc = cap_service_open(capcas, "system.dns"); 1780 /* Casper capability no longer needed. */ 1781 cap_close(capcas); 1782 if (capdnsloc == NULL) 1783 err(1, "unable to open system.dns service"); 1784 #ifdef WITH_CASPER 1785 types[0] = "NAME2ADDR"; 1786 types[1] = "ADDR2NAME"; 1787 if (cap_dns_type_limit(capdnsloc, types, 2) < 0) 1788 err(1, "unable to limit access to system.dns service"); 1789 families[0] = AF_INET; 1790 if (cap_dns_family_limit(capdnsloc, families, 1) < 0) 1791 err(1, "unable to limit access to system.dns service"); 1792 #endif 1793 return (capdnsloc); 1794 } 1795