1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Mike Muuss. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #if 0 36 #ifndef lint 37 static const char copyright[] = 38 "@(#) Copyright (c) 1989, 1993\n\ 39 The Regents of the University of California. All rights reserved.\n"; 40 #endif /* not lint */ 41 42 #ifndef lint 43 static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; 44 #endif /* not lint */ 45 #endif 46 #include <sys/cdefs.h> 47 __FBSDID("$FreeBSD$"); 48 49 /* 50 * P I N G . C 51 * 52 * Using the Internet Control Message Protocol (ICMP) "ECHO" facility, 53 * measure round-trip-delays and packet loss across network paths. 54 * 55 * Author - 56 * Mike Muuss 57 * U. S. Army Ballistic Research Laboratory 58 * December, 1983 59 * 60 * Status - 61 * Public Domain. Distribution Unlimited. 62 * Bugs - 63 * More statistics could always be gathered. 64 * This program has to run SUID to ROOT to access the ICMP socket. 65 */ 66 67 #include <sys/param.h> /* NB: we rely on this for <sys/types.h> */ 68 #include <sys/capsicum.h> 69 #include <sys/socket.h> 70 #include <sys/sysctl.h> 71 #include <sys/time.h> 72 #include <sys/uio.h> 73 74 #include <netinet/in.h> 75 #include <netinet/in_systm.h> 76 #include <netinet/ip.h> 77 #include <netinet/ip_icmp.h> 78 #include <netinet/ip_var.h> 79 #include <arpa/inet.h> 80 81 #include <libcasper.h> 82 #include <casper/cap_dns.h> 83 84 #ifdef IPSEC 85 #include <netipsec/ipsec.h> 86 #endif /*IPSEC*/ 87 88 #include <capsicum_helpers.h> 89 #include <ctype.h> 90 #include <err.h> 91 #include <errno.h> 92 #include <math.h> 93 #include <netdb.h> 94 #include <stddef.h> 95 #include <signal.h> 96 #include <stdio.h> 97 #include <stdlib.h> 98 #include <string.h> 99 #include <sysexits.h> 100 #include <time.h> 101 #include <unistd.h> 102 103 #include "main.h" 104 #include "ping.h" 105 #include "utils.h" 106 107 #define INADDR_LEN ((int)sizeof(in_addr_t)) 108 #define TIMEVAL_LEN ((int)sizeof(struct tv32)) 109 #define MASK_LEN (ICMP_MASKLEN - ICMP_MINLEN) 110 #define TS_LEN (ICMP_TSLEN - ICMP_MINLEN) 111 #define DEFDATALEN 56 /* default data length */ 112 #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */ 113 /* runs out of buffer space */ 114 #define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN) 115 #define MAXICMPLEN (ICMP_ADVLENMIN + MAX_IPOPTLEN) 116 #define MAXWAIT 10000 /* max ms to wait for response */ 117 #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ 118 #define MAXTOS 255 119 120 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ 121 #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ 122 #define SET(bit) (A(bit) |= B(bit)) 123 #define CLR(bit) (A(bit) &= (~B(bit))) 124 #define TST(bit) (A(bit) & B(bit)) 125 126 struct tv32 { 127 int32_t tv32_sec; 128 int32_t tv32_nsec; 129 }; 130 131 /* various options */ 132 static int options; 133 #define F_FLOOD 0x0001 134 #define F_INTERVAL 0x0002 135 #define F_NUMERIC 0x0004 136 #define F_PINGFILLED 0x0008 137 #define F_QUIET 0x0010 138 #define F_RROUTE 0x0020 139 #define F_SO_DEBUG 0x0040 140 #define F_SO_DONTROUTE 0x0080 141 #define F_VERBOSE 0x0100 142 #define F_QUIET2 0x0200 143 #define F_NOLOOP 0x0400 144 #define F_MTTL 0x0800 145 #define F_MIF 0x1000 146 #define F_AUDIBLE 0x2000 147 #ifdef IPSEC 148 #ifdef IPSEC_POLICY_IPSEC 149 #define F_POLICY 0x4000 150 #endif /*IPSEC_POLICY_IPSEC*/ 151 #endif /*IPSEC*/ 152 #define F_TTL 0x8000 153 #define F_MISSED 0x10000 154 #define F_ONCE 0x20000 155 #define F_HDRINCL 0x40000 156 #define F_MASK 0x80000 157 #define F_TIME 0x100000 158 #define F_SWEEP 0x200000 159 #define F_WAITTIME 0x400000 160 #define F_IP_VLAN_PCP 0x800000 161 #define F_DOT 0x1000000 162 163 /* 164 * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum 165 * number of received sequence numbers we can keep track of. Change 128 166 * to 8192 for complete accuracy... 167 */ 168 #define MAX_DUP_CHK (8 * 128) 169 static int mx_dup_ck = MAX_DUP_CHK; 170 static char rcvd_tbl[MAX_DUP_CHK / 8]; 171 172 static struct sockaddr_in whereto; /* who to ping */ 173 static int datalen = DEFDATALEN; 174 static int maxpayload; 175 static int ssend; /* send socket file descriptor */ 176 static int srecv; /* receive socket file descriptor */ 177 static u_char outpackhdr[IP_MAXPACKET], *outpack; 178 static char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */ 179 static char BSPACE = '\b'; /* characters written for flood */ 180 static const char *DOT = "."; 181 static size_t DOTlen = 1; 182 static size_t DOTidx = 0; 183 static char *hostname; 184 static char *shostname; 185 static int ident; /* process id to identify our packets */ 186 static int uid; /* cached uid for micro-optimization */ 187 static u_char icmp_type = ICMP_ECHO; 188 static u_char icmp_type_rsp = ICMP_ECHOREPLY; 189 static int phdr_len = 0; 190 static int send_len; 191 192 /* counters */ 193 static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ 194 static long npackets; /* max packets to transmit */ 195 static long nreceived; /* # of packets we got back */ 196 static long nrepeats; /* number of duplicates */ 197 static long ntransmitted; /* sequence # for outbound packets = #sent */ 198 static long snpackets; /* max packets to transmit in one sweep */ 199 static long sntransmitted; /* # of packets we sent in this sweep */ 200 static int sweepmax; /* max value of payload in sweep */ 201 static int sweepmin = 0; /* start value of payload in sweep */ 202 static int sweepincr = 1; /* payload increment in sweep */ 203 static int interval = 1000; /* interval between packets, ms */ 204 static int waittime = MAXWAIT; /* timeout for each packet */ 205 static long nrcvtimeout = 0; /* # of packets we got back after waittime */ 206 207 /* timing */ 208 static int timing; /* flag to do timing */ 209 static double tmin = 999999999.0; /* minimum round trip time */ 210 static double tmax = 0.0; /* maximum round trip time */ 211 static double tsum = 0.0; /* sum of all times, for doing average */ 212 static double tsumsq = 0.0; /* sum of all times squared, for std. dev. */ 213 214 /* nonzero if we've been told to finish up */ 215 static volatile sig_atomic_t finish_up; 216 static volatile sig_atomic_t siginfo_p; 217 218 static cap_channel_t *capdns; 219 220 static void fill(char *, char *); 221 static cap_channel_t *capdns_setup(void); 222 static void check_status(void); 223 static void finish(void) __dead2; 224 static void pinger(void); 225 static char *pr_addr(struct in_addr); 226 static char *pr_ntime(n_time); 227 static void pr_icmph(struct icmp *, struct ip *, const u_char *const); 228 static void pr_iph(struct ip *, const u_char *); 229 static void pr_pack(char *, ssize_t, struct sockaddr_in *, struct timespec *); 230 static void status(int); 231 static void stopit(int); 232 233 int 234 ping(int argc, char *const *argv) 235 { 236 struct sockaddr_in from, sock_in; 237 struct in_addr ifaddr; 238 struct timespec last, intvl; 239 struct iovec iov; 240 struct msghdr msg; 241 struct sigaction si_sa; 242 size_t sz; 243 u_char *datap, packet[IP_MAXPACKET] __aligned(4); 244 const char *errstr; 245 char *ep, *source, *target, *payload; 246 struct hostent *hp; 247 #ifdef IPSEC_POLICY_IPSEC 248 char *policy_in, *policy_out; 249 #endif 250 struct sockaddr_in *to; 251 double t; 252 u_long alarmtimeout; 253 long long ltmp; 254 int almost_done, ch, df, hold, i, icmp_len, mib[4], preload; 255 int ssend_errno, srecv_errno, tos, ttl, pcp; 256 char ctrl[CMSG_SPACE(sizeof(struct timespec))]; 257 char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN]; 258 #ifdef IP_OPTIONS 259 char rspace[MAX_IPOPTLEN]; /* record route space */ 260 #endif 261 unsigned char loop, mttl; 262 263 payload = source = NULL; 264 #ifdef IPSEC_POLICY_IPSEC 265 policy_in = policy_out = NULL; 266 #endif 267 cap_rights_t rights; 268 269 options |= F_NUMERIC; 270 271 /* 272 * Do the stuff that we need root priv's for *first*, and 273 * then drop our setuid bit. Save error reporting for 274 * after arg parsing. 275 * 276 * Historicaly ping was using one socket 's' for sending and for 277 * receiving. After capsicum(4) related changes we use two 278 * sockets. It was done for special ping use case - when user 279 * issue ping on multicast or broadcast address replies come 280 * from different addresses, not from the address we 281 * connect(2)'ed to, and send socket do not receive those 282 * packets. 283 */ 284 ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); 285 ssend_errno = errno; 286 srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); 287 srecv_errno = errno; 288 289 if (setuid(getuid()) != 0) 290 err(EX_NOPERM, "setuid() failed"); 291 uid = getuid(); 292 293 if (ssend < 0) { 294 errno = ssend_errno; 295 err(EX_OSERR, "ssend socket"); 296 } 297 298 if (srecv < 0) { 299 errno = srecv_errno; 300 err(EX_OSERR, "srecv socket"); 301 } 302 303 alarmtimeout = df = preload = tos = pcp = 0; 304 305 outpack = outpackhdr + sizeof(struct ip); 306 while ((ch = getopt(argc, argv, PING4OPTS)) != -1) { 307 switch(ch) { 308 case '.': 309 options |= F_DOT; 310 if (optarg != NULL) { 311 DOT = optarg; 312 DOTlen = strlen(optarg); 313 } 314 break; 315 case '4': 316 /* This option is processed in main(). */ 317 break; 318 case 'A': 319 options |= F_MISSED; 320 break; 321 case 'a': 322 options |= F_AUDIBLE; 323 break; 324 case 'C': 325 options |= F_IP_VLAN_PCP; 326 ltmp = strtonum(optarg, -1, 7, &errstr); 327 if (errstr != NULL) 328 errx(EX_USAGE, "invalid PCP: `%s'", optarg); 329 pcp = ltmp; 330 break; 331 case 'c': 332 ltmp = strtonum(optarg, 1, LONG_MAX, &errstr); 333 if (errstr != NULL) 334 errx(EX_USAGE, 335 "invalid count of packets to transmit: `%s'", 336 optarg); 337 npackets = (long)ltmp; 338 break; 339 case 'D': 340 options |= F_HDRINCL; 341 df = 1; 342 break; 343 case 'd': 344 options |= F_SO_DEBUG; 345 break; 346 case 'f': 347 if (uid) { 348 errno = EPERM; 349 err(EX_NOPERM, "-f flag"); 350 } 351 options |= F_FLOOD; 352 options |= F_DOT; 353 setbuf(stdout, (char *)NULL); 354 break; 355 case 'G': /* Maximum packet size for ping sweep */ 356 ltmp = strtonum(optarg, 1, INT_MAX, &errstr); 357 if (errstr != NULL) { 358 errx(EX_USAGE, "invalid packet size: `%s'", 359 optarg); 360 } 361 sweepmax = (int)ltmp; 362 if (uid != 0 && sweepmax > DEFDATALEN) { 363 errc(EX_NOPERM, EPERM, 364 "packet size too large: %d > %u", 365 sweepmax, DEFDATALEN); 366 } 367 options |= F_SWEEP; 368 break; 369 case 'g': /* Minimum packet size for ping sweep */ 370 ltmp = strtonum(optarg, 1, INT_MAX, &errstr); 371 if (errstr != NULL) { 372 errx(EX_USAGE, "invalid packet size: `%s'", 373 optarg); 374 } 375 sweepmin = (int)ltmp; 376 if (uid != 0 && sweepmin > DEFDATALEN) { 377 errc(EX_NOPERM, EPERM, 378 "packet size too large: %d > %u", 379 sweepmin, DEFDATALEN); 380 } 381 options |= F_SWEEP; 382 break; 383 case 'H': 384 options &= ~F_NUMERIC; 385 break; 386 case 'h': /* Packet size increment for ping sweep */ 387 ltmp = strtonum(optarg, 1, INT_MAX, &errstr); 388 if (errstr != NULL) { 389 errx(EX_USAGE, "invalid packet size: `%s'", 390 optarg); 391 } 392 sweepincr = (int)ltmp; 393 if (uid != 0 && sweepincr > DEFDATALEN) { 394 errc(EX_NOPERM, EPERM, 395 "packet size too large: %d > %u", 396 sweepincr, DEFDATALEN); 397 } 398 options |= F_SWEEP; 399 break; 400 case 'I': /* multicast interface */ 401 if (inet_aton(optarg, &ifaddr) == 0) 402 errx(EX_USAGE, 403 "invalid multicast interface: `%s'", 404 optarg); 405 options |= F_MIF; 406 break; 407 case 'i': /* wait between sending packets */ 408 t = strtod(optarg, &ep) * 1000.0; 409 if (*ep || ep == optarg || t > (double)INT_MAX) 410 errx(EX_USAGE, "invalid timing interval: `%s'", 411 optarg); 412 options |= F_INTERVAL; 413 interval = (int)t; 414 if (uid && interval < 1000) { 415 errno = EPERM; 416 err(EX_NOPERM, "-i interval too short"); 417 } 418 break; 419 case 'L': 420 options |= F_NOLOOP; 421 loop = 0; 422 break; 423 case 'l': 424 ltmp = strtonum(optarg, 0, INT_MAX, &errstr); 425 if (errstr != NULL) 426 errx(EX_USAGE, 427 "invalid preload value: `%s'", optarg); 428 if (uid) { 429 errno = EPERM; 430 err(EX_NOPERM, "-l flag"); 431 } 432 preload = (int)ltmp; 433 break; 434 case 'M': 435 switch(optarg[0]) { 436 case 'M': 437 case 'm': 438 options |= F_MASK; 439 break; 440 case 'T': 441 case 't': 442 options |= F_TIME; 443 break; 444 default: 445 errx(EX_USAGE, "invalid message: `%c'", optarg[0]); 446 break; 447 } 448 break; 449 case 'm': /* TTL */ 450 ltmp = strtonum(optarg, 0, MAXTTL, &errstr); 451 if (errstr != NULL) 452 errx(EX_USAGE, "invalid TTL: `%s'", optarg); 453 ttl = (int)ltmp; 454 options |= F_TTL; 455 break; 456 case 'n': 457 options |= F_NUMERIC; 458 break; 459 case 'o': 460 options |= F_ONCE; 461 break; 462 #ifdef IPSEC 463 #ifdef IPSEC_POLICY_IPSEC 464 case 'P': 465 options |= F_POLICY; 466 if (!strncmp("in", optarg, 2)) 467 policy_in = strdup(optarg); 468 else if (!strncmp("out", optarg, 3)) 469 policy_out = strdup(optarg); 470 else 471 errx(1, "invalid security policy"); 472 break; 473 #endif /*IPSEC_POLICY_IPSEC*/ 474 #endif /*IPSEC*/ 475 case 'p': /* fill buffer with user pattern */ 476 options |= F_PINGFILLED; 477 payload = optarg; 478 break; 479 case 'Q': 480 options |= F_QUIET2; 481 break; 482 case 'q': 483 options |= F_QUIET; 484 break; 485 case 'R': 486 options |= F_RROUTE; 487 break; 488 case 'r': 489 options |= F_SO_DONTROUTE; 490 break; 491 case 'S': 492 source = optarg; 493 break; 494 case 's': /* size of packet to send */ 495 ltmp = strtonum(optarg, 0, INT_MAX, &errstr); 496 if (errstr != NULL) 497 errx(EX_USAGE, "invalid packet size: `%s'", 498 optarg); 499 datalen = (int)ltmp; 500 if (uid != 0 && datalen > DEFDATALEN) { 501 errno = EPERM; 502 err(EX_NOPERM, 503 "packet size too large: %d > %u", 504 datalen, DEFDATALEN); 505 } 506 break; 507 case 'T': /* multicast TTL */ 508 ltmp = strtonum(optarg, 0, MAXTTL, &errstr); 509 if (errstr != NULL) 510 errx(EX_USAGE, "invalid multicast TTL: `%s'", 511 optarg); 512 mttl = (unsigned char)ltmp; 513 options |= F_MTTL; 514 break; 515 case 't': 516 alarmtimeout = strtoul(optarg, &ep, 0); 517 if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) 518 errx(EX_USAGE, "invalid timeout: `%s'", 519 optarg); 520 if (alarmtimeout > MAXALARM) 521 errx(EX_USAGE, "invalid timeout: `%s' > %d", 522 optarg, MAXALARM); 523 { 524 struct itimerval itv; 525 526 timerclear(&itv.it_interval); 527 timerclear(&itv.it_value); 528 itv.it_value.tv_sec = (time_t)alarmtimeout; 529 if (setitimer(ITIMER_REAL, &itv, NULL) != 0) 530 err(1, "setitimer"); 531 } 532 break; 533 case 'v': 534 options |= F_VERBOSE; 535 break; 536 case 'W': /* wait ms for answer */ 537 t = strtod(optarg, &ep); 538 if (*ep || ep == optarg || t > (double)INT_MAX) 539 errx(EX_USAGE, "invalid timing interval: `%s'", 540 optarg); 541 options |= F_WAITTIME; 542 waittime = (int)t; 543 break; 544 case 'z': 545 options |= F_HDRINCL; 546 ltmp = strtol(optarg, &ep, 0); 547 if (*ep || ep == optarg || ltmp > MAXTOS || ltmp < 0) 548 errx(EX_USAGE, "invalid TOS: `%s'", optarg); 549 tos = ltmp; 550 break; 551 default: 552 usage(); 553 } 554 } 555 556 if (argc - optind != 1) 557 usage(); 558 target = argv[optind]; 559 560 switch (options & (F_MASK|F_TIME)) { 561 case 0: break; 562 case F_MASK: 563 icmp_type = ICMP_MASKREQ; 564 icmp_type_rsp = ICMP_MASKREPLY; 565 phdr_len = MASK_LEN; 566 if (!(options & F_QUIET)) 567 (void)printf("ICMP_MASKREQ\n"); 568 break; 569 case F_TIME: 570 icmp_type = ICMP_TSTAMP; 571 icmp_type_rsp = ICMP_TSTAMPREPLY; 572 phdr_len = TS_LEN; 573 if (!(options & F_QUIET)) 574 (void)printf("ICMP_TSTAMP\n"); 575 break; 576 default: 577 errx(EX_USAGE, "ICMP_TSTAMP and ICMP_MASKREQ are exclusive."); 578 break; 579 } 580 icmp_len = sizeof(struct ip) + ICMP_MINLEN + phdr_len; 581 if (options & F_RROUTE) 582 icmp_len += MAX_IPOPTLEN; 583 maxpayload = IP_MAXPACKET - icmp_len; 584 if (datalen > maxpayload) 585 errx(EX_USAGE, "packet size too large: %d > %d", datalen, 586 maxpayload); 587 send_len = icmp_len + datalen; 588 datap = &outpack[ICMP_MINLEN + phdr_len + TIMEVAL_LEN]; 589 if (options & F_PINGFILLED) { 590 fill((char *)datap, payload); 591 } 592 capdns = capdns_setup(); 593 if (source) { 594 bzero((char *)&sock_in, sizeof(sock_in)); 595 sock_in.sin_family = AF_INET; 596 if (inet_aton(source, &sock_in.sin_addr) != 0) { 597 shostname = source; 598 } else { 599 hp = cap_gethostbyname2(capdns, source, AF_INET); 600 if (!hp) 601 errx(EX_NOHOST, "cannot resolve %s: %s", 602 source, hstrerror(h_errno)); 603 604 sock_in.sin_len = sizeof sock_in; 605 if ((unsigned)hp->h_length > sizeof(sock_in.sin_addr) || 606 hp->h_length < 0) 607 errx(1, "gethostbyname2: illegal address"); 608 memcpy(&sock_in.sin_addr, hp->h_addr_list[0], 609 sizeof(sock_in.sin_addr)); 610 (void)strncpy(snamebuf, hp->h_name, 611 sizeof(snamebuf) - 1); 612 snamebuf[sizeof(snamebuf) - 1] = '\0'; 613 shostname = snamebuf; 614 } 615 if (bind(ssend, (struct sockaddr *)&sock_in, sizeof sock_in) == 616 -1) 617 err(1, "bind"); 618 } 619 620 bzero(&whereto, sizeof(whereto)); 621 to = &whereto; 622 to->sin_family = AF_INET; 623 to->sin_len = sizeof *to; 624 if (inet_aton(target, &to->sin_addr) != 0) { 625 hostname = target; 626 } else { 627 hp = cap_gethostbyname2(capdns, target, AF_INET); 628 if (!hp) 629 errx(EX_NOHOST, "cannot resolve %s: %s", 630 target, hstrerror(h_errno)); 631 632 if ((unsigned)hp->h_length > sizeof(to->sin_addr)) 633 errx(1, "gethostbyname2 returned an illegal address"); 634 memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr); 635 (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1); 636 hnamebuf[sizeof(hnamebuf) - 1] = '\0'; 637 hostname = hnamebuf; 638 } 639 640 /* From now on we will use only reverse DNS lookups. */ 641 #ifdef WITH_CASPER 642 if (capdns != NULL) { 643 const char *types[1]; 644 645 types[0] = "ADDR2NAME"; 646 if (cap_dns_type_limit(capdns, types, 1) < 0) 647 err(1, "unable to limit access to system.dns service"); 648 } 649 #endif 650 if (connect(ssend, (struct sockaddr *)&whereto, sizeof(whereto)) != 0) 651 err(1, "connect"); 652 653 if (options & F_FLOOD && options & F_INTERVAL) 654 errx(EX_USAGE, "-f and -i: incompatible options"); 655 656 if (options & F_FLOOD && IN_MULTICAST(ntohl(to->sin_addr.s_addr))) 657 errx(EX_USAGE, 658 "-f flag cannot be used with multicast destination"); 659 if (options & (F_MIF | F_NOLOOP | F_MTTL) 660 && !IN_MULTICAST(ntohl(to->sin_addr.s_addr))) 661 errx(EX_USAGE, 662 "-I, -L, -T flags cannot be used with unicast destination"); 663 664 if (datalen >= TIMEVAL_LEN) /* can we time transfer */ 665 timing = 1; 666 667 if ((options & (F_PINGFILLED | F_SWEEP)) == 0) 668 for (i = TIMEVAL_LEN; i < datalen; ++i) 669 *datap++ = i; 670 671 ident = getpid() & 0xFFFF; 672 673 hold = 1; 674 if (options & F_SO_DEBUG) { 675 (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, 676 sizeof(hold)); 677 (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, 678 sizeof(hold)); 679 } 680 if (options & F_SO_DONTROUTE) 681 (void)setsockopt(ssend, SOL_SOCKET, SO_DONTROUTE, (char *)&hold, 682 sizeof(hold)); 683 if (options & F_IP_VLAN_PCP) { 684 (void)setsockopt(ssend, IPPROTO_IP, IP_VLAN_PCP, (char *)&pcp, 685 sizeof(pcp)); 686 } 687 #ifdef IPSEC 688 #ifdef IPSEC_POLICY_IPSEC 689 if (options & F_POLICY) { 690 char *buf; 691 if (policy_in != NULL) { 692 buf = ipsec_set_policy(policy_in, strlen(policy_in)); 693 if (buf == NULL) 694 errx(EX_CONFIG, "%s", ipsec_strerror()); 695 if (setsockopt(srecv, IPPROTO_IP, IP_IPSEC_POLICY, 696 buf, ipsec_get_policylen(buf)) < 0) 697 err(EX_CONFIG, 698 "ipsec policy cannot be configured"); 699 free(buf); 700 } 701 702 if (policy_out != NULL) { 703 buf = ipsec_set_policy(policy_out, strlen(policy_out)); 704 if (buf == NULL) 705 errx(EX_CONFIG, "%s", ipsec_strerror()); 706 if (setsockopt(ssend, IPPROTO_IP, IP_IPSEC_POLICY, 707 buf, ipsec_get_policylen(buf)) < 0) 708 err(EX_CONFIG, 709 "ipsec policy cannot be configured"); 710 free(buf); 711 } 712 } 713 #endif /*IPSEC_POLICY_IPSEC*/ 714 #endif /*IPSEC*/ 715 716 if (options & F_HDRINCL) { 717 struct ip ip; 718 719 memcpy(&ip, outpackhdr, sizeof(ip)); 720 if (!(options & (F_TTL | F_MTTL))) { 721 mib[0] = CTL_NET; 722 mib[1] = PF_INET; 723 mib[2] = IPPROTO_IP; 724 mib[3] = IPCTL_DEFTTL; 725 sz = sizeof(ttl); 726 if (sysctl(mib, 4, &ttl, &sz, NULL, 0) == -1) 727 err(1, "sysctl(net.inet.ip.ttl)"); 728 } 729 setsockopt(ssend, IPPROTO_IP, IP_HDRINCL, &hold, sizeof(hold)); 730 ip.ip_v = IPVERSION; 731 ip.ip_hl = sizeof(struct ip) >> 2; 732 ip.ip_tos = tos; 733 ip.ip_id = 0; 734 ip.ip_off = htons(df ? IP_DF : 0); 735 ip.ip_ttl = ttl; 736 ip.ip_p = IPPROTO_ICMP; 737 ip.ip_src.s_addr = source ? sock_in.sin_addr.s_addr : INADDR_ANY; 738 ip.ip_dst = to->sin_addr; 739 memcpy(outpackhdr, &ip, sizeof(ip)); 740 } 741 742 /* 743 * Here we enter capability mode. Further down access to global 744 * namespaces (e.g filesystem) is restricted (see capsicum(4)). 745 * We must connect(2) our socket before this point. 746 */ 747 caph_cache_catpages(); 748 if (caph_enter_casper() < 0) 749 err(1, "caph_enter_casper"); 750 751 cap_rights_init(&rights, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); 752 if (caph_rights_limit(srecv, &rights) < 0) 753 err(1, "cap_rights_limit srecv"); 754 cap_rights_init(&rights, CAP_SEND, CAP_SETSOCKOPT); 755 if (caph_rights_limit(ssend, &rights) < 0) 756 err(1, "cap_rights_limit ssend"); 757 758 /* record route option */ 759 if (options & F_RROUTE) { 760 #ifdef IP_OPTIONS 761 bzero(rspace, sizeof(rspace)); 762 rspace[IPOPT_OPTVAL] = IPOPT_RR; 763 rspace[IPOPT_OLEN] = sizeof(rspace) - 1; 764 rspace[IPOPT_OFFSET] = IPOPT_MINOFF; 765 rspace[sizeof(rspace) - 1] = IPOPT_EOL; 766 if (setsockopt(ssend, IPPROTO_IP, IP_OPTIONS, rspace, 767 sizeof(rspace)) < 0) 768 err(EX_OSERR, "setsockopt IP_OPTIONS"); 769 #else 770 errx(EX_UNAVAILABLE, 771 "record route not available in this implementation"); 772 #endif /* IP_OPTIONS */ 773 } 774 775 if (options & F_TTL) { 776 if (setsockopt(ssend, IPPROTO_IP, IP_TTL, &ttl, 777 sizeof(ttl)) < 0) { 778 err(EX_OSERR, "setsockopt IP_TTL"); 779 } 780 } 781 if (options & F_NOLOOP) { 782 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, 783 sizeof(loop)) < 0) { 784 err(EX_OSERR, "setsockopt IP_MULTICAST_LOOP"); 785 } 786 } 787 if (options & F_MTTL) { 788 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_TTL, &mttl, 789 sizeof(mttl)) < 0) { 790 err(EX_OSERR, "setsockopt IP_MULTICAST_TTL"); 791 } 792 } 793 if (options & F_MIF) { 794 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_IF, &ifaddr, 795 sizeof(ifaddr)) < 0) { 796 err(EX_OSERR, "setsockopt IP_MULTICAST_IF"); 797 } 798 } 799 #ifdef SO_TIMESTAMP 800 { 801 int on = 1; 802 int ts_clock = SO_TS_MONOTONIC; 803 if (setsockopt(srecv, SOL_SOCKET, SO_TIMESTAMP, &on, 804 sizeof(on)) < 0) 805 err(EX_OSERR, "setsockopt SO_TIMESTAMP"); 806 if (setsockopt(srecv, SOL_SOCKET, SO_TS_CLOCK, &ts_clock, 807 sizeof(ts_clock)) < 0) 808 err(EX_OSERR, "setsockopt SO_TS_CLOCK"); 809 } 810 #endif 811 if (sweepmax) { 812 if (sweepmin > sweepmax) 813 errx(EX_USAGE, 814 "Maximum packet size must be no less than the minimum packet size"); 815 816 if (sweepmax > maxpayload - TIMEVAL_LEN) 817 errx(EX_USAGE, "Invalid sweep maximum"); 818 819 if (datalen != DEFDATALEN) 820 errx(EX_USAGE, 821 "Packet size and ping sweep are mutually exclusive"); 822 823 if (npackets > 0) { 824 snpackets = npackets; 825 npackets = 0; 826 } else 827 snpackets = 1; 828 datalen = sweepmin; 829 send_len = icmp_len + sweepmin; 830 } 831 if (options & F_SWEEP && !sweepmax) 832 errx(EX_USAGE, "Maximum sweep size must be specified"); 833 834 /* 835 * When pinging the broadcast address, you can get a lot of answers. 836 * Doing something so evil is useful if you are trying to stress the 837 * ethernet, or just want to fill the arp cache to get some stuff for 838 * /etc/ethers. But beware: RFC 1122 allows hosts to ignore broadcast 839 * or multicast pings if they wish. 840 */ 841 842 /* 843 * XXX receive buffer needs undetermined space for mbuf overhead 844 * as well. 845 */ 846 hold = IP_MAXPACKET + 128; 847 (void)setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, 848 sizeof(hold)); 849 /* CAP_SETSOCKOPT removed */ 850 cap_rights_init(&rights, CAP_RECV, CAP_EVENT); 851 if (caph_rights_limit(srecv, &rights) < 0) 852 err(1, "cap_rights_limit srecv setsockopt"); 853 if (uid == 0) 854 (void)setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, (char *)&hold, 855 sizeof(hold)); 856 /* CAP_SETSOCKOPT removed */ 857 cap_rights_init(&rights, CAP_SEND); 858 if (caph_rights_limit(ssend, &rights) < 0) 859 err(1, "cap_rights_limit ssend setsockopt"); 860 861 if (to->sin_family == AF_INET) { 862 (void)printf("PING %s (%s)", hostname, 863 inet_ntoa(to->sin_addr)); 864 if (source) 865 (void)printf(" from %s", shostname); 866 if (sweepmax) 867 (void)printf(": (%d ... %d) data bytes\n", 868 sweepmin, sweepmax); 869 else 870 (void)printf(": %d data bytes\n", datalen); 871 872 } else { 873 if (sweepmax) 874 (void)printf("PING %s: (%d ... %d) data bytes\n", 875 hostname, sweepmin, sweepmax); 876 else 877 (void)printf("PING %s: %d data bytes\n", hostname, datalen); 878 } 879 880 /* 881 * Use sigaction() instead of signal() to get unambiguous semantics, 882 * in particular with SA_RESTART not set. 883 */ 884 885 sigemptyset(&si_sa.sa_mask); 886 si_sa.sa_flags = 0; 887 888 si_sa.sa_handler = stopit; 889 if (sigaction(SIGINT, &si_sa, 0) == -1) { 890 err(EX_OSERR, "sigaction SIGINT"); 891 } 892 893 si_sa.sa_handler = status; 894 if (sigaction(SIGINFO, &si_sa, 0) == -1) { 895 err(EX_OSERR, "sigaction"); 896 } 897 898 if (alarmtimeout > 0) { 899 si_sa.sa_handler = stopit; 900 if (sigaction(SIGALRM, &si_sa, 0) == -1) 901 err(EX_OSERR, "sigaction SIGALRM"); 902 } 903 904 bzero(&msg, sizeof(msg)); 905 msg.msg_name = (caddr_t)&from; 906 msg.msg_iov = &iov; 907 msg.msg_iovlen = 1; 908 #ifdef SO_TIMESTAMP 909 msg.msg_control = (caddr_t)ctrl; 910 msg.msg_controllen = sizeof(ctrl); 911 #endif 912 iov.iov_base = packet; 913 iov.iov_len = IP_MAXPACKET; 914 915 if (preload == 0) 916 pinger(); /* send the first ping */ 917 else { 918 if (npackets != 0 && preload > npackets) 919 preload = npackets; 920 while (preload--) /* fire off them quickies */ 921 pinger(); 922 } 923 (void)clock_gettime(CLOCK_MONOTONIC, &last); 924 925 if (options & F_FLOOD) { 926 intvl.tv_sec = 0; 927 intvl.tv_nsec = 10000000; 928 } else { 929 intvl.tv_sec = interval / 1000; 930 intvl.tv_nsec = interval % 1000 * 1000000; 931 } 932 933 almost_done = 0; 934 while (!finish_up) { 935 struct timespec now, timeout; 936 fd_set rfds; 937 int n; 938 ssize_t cc; 939 940 check_status(); 941 if ((unsigned)srecv >= FD_SETSIZE) 942 errx(EX_OSERR, "descriptor too large"); 943 FD_ZERO(&rfds); 944 FD_SET(srecv, &rfds); 945 (void)clock_gettime(CLOCK_MONOTONIC, &now); 946 timespecadd(&last, &intvl, &timeout); 947 timespecsub(&timeout, &now, &timeout); 948 if (timeout.tv_sec < 0) 949 timespecclear(&timeout); 950 n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL); 951 if (n < 0) 952 continue; /* Must be EINTR. */ 953 if (n == 1) { 954 struct timespec *tv = NULL; 955 #ifdef SO_TIMESTAMP 956 struct cmsghdr *cmsg = CMSG_FIRSTHDR(&msg); 957 #endif 958 msg.msg_namelen = sizeof(from); 959 if ((cc = recvmsg(srecv, &msg, 0)) < 0) { 960 if (errno == EINTR) 961 continue; 962 warn("recvmsg"); 963 continue; 964 } 965 /* If we have a 0 byte read from recvfrom continue */ 966 if (cc == 0) 967 continue; 968 #ifdef SO_TIMESTAMP 969 if (cmsg != NULL && 970 cmsg->cmsg_level == SOL_SOCKET && 971 cmsg->cmsg_type == SCM_TIMESTAMP && 972 cmsg->cmsg_len == CMSG_LEN(sizeof *tv)) { 973 /* Copy to avoid alignment problems: */ 974 memcpy(&now, CMSG_DATA(cmsg), sizeof(now)); 975 tv = &now; 976 } 977 #endif 978 if (tv == NULL) { 979 (void)clock_gettime(CLOCK_MONOTONIC, &now); 980 tv = &now; 981 } 982 pr_pack((char *)packet, cc, &from, tv); 983 if ((options & F_ONCE && nreceived) || 984 (npackets && nreceived >= npackets)) 985 break; 986 } 987 if (n == 0 || options & F_FLOOD) { 988 if (sweepmax && sntransmitted == snpackets) { 989 if (datalen + sweepincr > sweepmax) 990 break; 991 for (i = 0; i < sweepincr; i++) 992 *datap++ = i; 993 datalen += sweepincr; 994 send_len = icmp_len + datalen; 995 sntransmitted = 0; 996 } 997 if (!npackets || ntransmitted < npackets) 998 pinger(); 999 else { 1000 if (almost_done) 1001 break; 1002 almost_done = 1; 1003 intvl.tv_nsec = 0; 1004 if (nreceived) { 1005 intvl.tv_sec = 2 * tmax / 1000; 1006 if (!intvl.tv_sec) 1007 intvl.tv_sec = 1; 1008 } else { 1009 intvl.tv_sec = waittime / 1000; 1010 intvl.tv_nsec = waittime % 1000 * 1000000; 1011 } 1012 } 1013 (void)clock_gettime(CLOCK_MONOTONIC, &last); 1014 if (ntransmitted - nreceived - 1 > nmissedmax) { 1015 nmissedmax = ntransmitted - nreceived - 1; 1016 if (options & F_MISSED) 1017 (void)write(STDOUT_FILENO, &BBELL, 1); 1018 } 1019 } 1020 } 1021 finish(); 1022 /* NOTREACHED */ 1023 exit(0); /* Make the compiler happy */ 1024 } 1025 1026 /* 1027 * stopit -- 1028 * Set the global bit that causes the main loop to quit. 1029 * Do NOT call finish() from here, since finish() does far too much 1030 * to be called from a signal handler. 1031 */ 1032 void 1033 stopit(int sig __unused) 1034 { 1035 1036 /* 1037 * When doing reverse DNS lookups, the finish_up flag might not 1038 * be noticed for a while. Just exit if we get a second SIGINT. 1039 */ 1040 if (!(options & F_NUMERIC) && finish_up) 1041 _exit(nreceived ? 0 : 2); 1042 finish_up = 1; 1043 } 1044 1045 /* 1046 * pinger -- 1047 * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet 1048 * will be added on by the kernel. The ID field is our UNIX process ID, 1049 * and the sequence number is an ascending integer. The first TIMEVAL_LEN 1050 * bytes of the data portion are used to hold a UNIX "timespec" struct in 1051 * host byte-order, to compute the round-trip time. 1052 */ 1053 static void 1054 pinger(void) 1055 { 1056 struct timespec now; 1057 struct tv32 tv32; 1058 struct icmp icp; 1059 int cc, i; 1060 u_char *packet; 1061 1062 packet = outpack; 1063 memcpy(&icp, outpack, ICMP_MINLEN + phdr_len); 1064 icp.icmp_type = icmp_type; 1065 icp.icmp_code = 0; 1066 icp.icmp_cksum = 0; 1067 icp.icmp_seq = htons(ntransmitted); 1068 icp.icmp_id = ident; /* ID */ 1069 1070 CLR(ntransmitted % mx_dup_ck); 1071 1072 if ((options & F_TIME) || timing) { 1073 (void)clock_gettime(CLOCK_MONOTONIC, &now); 1074 /* 1075 * Truncate seconds down to 32 bits in order 1076 * to fit the timestamp within 8 bytes of the 1077 * packet. We're only concerned with 1078 * durations, not absolute times. 1079 */ 1080 tv32.tv32_sec = (uint32_t)htonl(now.tv_sec); 1081 tv32.tv32_nsec = (uint32_t)htonl(now.tv_nsec); 1082 if (options & F_TIME) 1083 icp.icmp_otime = htonl((now.tv_sec % (24*60*60)) 1084 * 1000 + now.tv_nsec / 1000000); 1085 if (timing) 1086 bcopy((void *)&tv32, 1087 (void *)&outpack[ICMP_MINLEN + phdr_len], 1088 sizeof(tv32)); 1089 } 1090 1091 memcpy(outpack, &icp, ICMP_MINLEN + phdr_len); 1092 1093 cc = ICMP_MINLEN + phdr_len + datalen; 1094 1095 /* compute ICMP checksum here */ 1096 icp.icmp_cksum = in_cksum(outpack, cc); 1097 /* Update icmp_cksum in the raw packet data buffer. */ 1098 memcpy(outpack + offsetof(struct icmp, icmp_cksum), &icp.icmp_cksum, 1099 sizeof(icp.icmp_cksum)); 1100 1101 if (options & F_HDRINCL) { 1102 struct ip ip; 1103 1104 cc += sizeof(struct ip); 1105 ip.ip_len = htons(cc); 1106 /* Update ip_len in the raw packet data buffer. */ 1107 memcpy(outpackhdr + offsetof(struct ip, ip_len), &ip.ip_len, 1108 sizeof(ip.ip_len)); 1109 ip.ip_sum = in_cksum(outpackhdr, cc); 1110 /* Update ip_sum in the raw packet data buffer. */ 1111 memcpy(outpackhdr + offsetof(struct ip, ip_sum), &ip.ip_sum, 1112 sizeof(ip.ip_sum)); 1113 packet = outpackhdr; 1114 } 1115 i = send(ssend, (char *)packet, cc, 0); 1116 if (i < 0 || i != cc) { 1117 if (i < 0) { 1118 if (options & F_FLOOD && errno == ENOBUFS) { 1119 usleep(FLOOD_BACKOFF); 1120 return; 1121 } 1122 warn("sendto"); 1123 } else { 1124 warn("%s: partial write: %d of %d bytes", 1125 hostname, i, cc); 1126 } 1127 } 1128 ntransmitted++; 1129 sntransmitted++; 1130 if (!(options & F_QUIET) && options & F_DOT) 1131 (void)write(STDOUT_FILENO, &DOT[DOTidx++ % DOTlen], 1); 1132 } 1133 1134 /* 1135 * pr_pack -- 1136 * Print out the packet, if it came from us. This logic is necessary 1137 * because ALL readers of the ICMP socket get a copy of ALL ICMP packets 1138 * which arrive ('tis only fair). This permits multiple copies of this 1139 * program to be run without having intermingled output (or statistics!). 1140 */ 1141 static void 1142 pr_pack(char *buf, ssize_t cc, struct sockaddr_in *from, struct timespec *tv) 1143 { 1144 struct in_addr ina; 1145 u_char *cp, *dp, l; 1146 struct icmp icp; 1147 struct ip ip; 1148 const u_char *icmp_data_raw; 1149 ssize_t icmp_data_raw_len; 1150 double triptime; 1151 int dupflag, i, j, recv_len; 1152 int8_t hlen; 1153 uint16_t seq; 1154 static int old_rrlen; 1155 static char old_rr[MAX_IPOPTLEN]; 1156 struct ip oip; 1157 u_char oip_header_len; 1158 struct icmp oicmp; 1159 const u_char *oicmp_raw; 1160 1161 /* 1162 * Get size of IP header of the received packet. 1163 * The header length is contained in the lower four bits of the first 1164 * byte and represents the number of 4 byte octets the header takes up. 1165 * 1166 * The IHL minimum value is 5 (20 bytes) and its maximum value is 15 1167 * (60 bytes). 1168 */ 1169 memcpy(&l, buf, sizeof(l)); 1170 hlen = (l & 0x0f) << 2; 1171 1172 /* Reject IP packets with a short header */ 1173 if (hlen < (int8_t) sizeof(struct ip)) { 1174 if (options & F_VERBOSE) 1175 warn("IHL too short (%d bytes) from %s", hlen, 1176 inet_ntoa(from->sin_addr)); 1177 return; 1178 } 1179 1180 memcpy(&ip, buf, sizeof(struct ip)); 1181 1182 /* Check packet has enough data to carry a valid ICMP header */ 1183 recv_len = cc; 1184 if (cc < hlen + ICMP_MINLEN) { 1185 if (options & F_VERBOSE) 1186 warn("packet too short (%zd bytes) from %s", cc, 1187 inet_ntoa(from->sin_addr)); 1188 return; 1189 } 1190 1191 icmp_data_raw_len = cc - (hlen + offsetof(struct icmp, icmp_data)); 1192 icmp_data_raw = buf + hlen + offsetof(struct icmp, icmp_data); 1193 1194 /* Now the ICMP part */ 1195 cc -= hlen; 1196 memcpy(&icp, buf + hlen, MIN((ssize_t)sizeof(icp), cc)); 1197 if (icp.icmp_type == icmp_type_rsp) { 1198 if (icp.icmp_id != ident) 1199 return; /* 'Twas not our ECHO */ 1200 ++nreceived; 1201 triptime = 0.0; 1202 if (timing) { 1203 struct timespec tv1; 1204 struct tv32 tv32; 1205 const u_char *tp; 1206 1207 tp = icmp_data_raw + phdr_len; 1208 1209 if ((size_t)(cc - ICMP_MINLEN - phdr_len) >= 1210 sizeof(tv1)) { 1211 /* Copy to avoid alignment problems: */ 1212 memcpy(&tv32, tp, sizeof(tv32)); 1213 tv1.tv_sec = ntohl(tv32.tv32_sec); 1214 tv1.tv_nsec = ntohl(tv32.tv32_nsec); 1215 timespecsub(tv, &tv1, tv); 1216 triptime = ((double)tv->tv_sec) * 1000.0 + 1217 ((double)tv->tv_nsec) / 1000000.0; 1218 if (triptime < 0) { 1219 warnx("time of day goes back (%.3f ms)," 1220 " clamping time to 0", 1221 triptime); 1222 triptime = 0; 1223 } 1224 tsum += triptime; 1225 tsumsq += triptime * triptime; 1226 if (triptime < tmin) 1227 tmin = triptime; 1228 if (triptime > tmax) 1229 tmax = triptime; 1230 } else 1231 timing = 0; 1232 } 1233 1234 seq = ntohs(icp.icmp_seq); 1235 1236 if (TST(seq % mx_dup_ck)) { 1237 ++nrepeats; 1238 --nreceived; 1239 dupflag = 1; 1240 } else { 1241 SET(seq % mx_dup_ck); 1242 dupflag = 0; 1243 } 1244 1245 if (options & F_QUIET) 1246 return; 1247 1248 if (options & F_WAITTIME && triptime > waittime) { 1249 ++nrcvtimeout; 1250 return; 1251 } 1252 1253 if (options & F_DOT) 1254 (void)write(STDOUT_FILENO, &BSPACE, 1); 1255 else { 1256 (void)printf("%zd bytes from %s: icmp_seq=%u", cc, 1257 pr_addr(from->sin_addr), seq); 1258 (void)printf(" ttl=%d", ip.ip_ttl); 1259 if (timing) 1260 (void)printf(" time=%.3f ms", triptime); 1261 if (dupflag) 1262 (void)printf(" (DUP!)"); 1263 if (options & F_AUDIBLE) 1264 (void)write(STDOUT_FILENO, &BBELL, 1); 1265 if (options & F_MASK) { 1266 /* Just prentend this cast isn't ugly */ 1267 (void)printf(" mask=%s", 1268 inet_ntoa(*(struct in_addr *)&(icp.icmp_mask))); 1269 } 1270 if (options & F_TIME) { 1271 (void)printf(" tso=%s", pr_ntime(icp.icmp_otime)); 1272 (void)printf(" tsr=%s", pr_ntime(icp.icmp_rtime)); 1273 (void)printf(" tst=%s", pr_ntime(icp.icmp_ttime)); 1274 } 1275 if (recv_len != send_len) { 1276 (void)printf( 1277 "\nwrong total length %d instead of %d", 1278 recv_len, send_len); 1279 } 1280 /* check the data */ 1281 cp = (u_char*)(buf + hlen + offsetof(struct icmp, 1282 icmp_data) + phdr_len); 1283 dp = &outpack[ICMP_MINLEN + phdr_len]; 1284 cc -= ICMP_MINLEN + phdr_len; 1285 i = 0; 1286 if (timing) { /* don't check variable timestamp */ 1287 cp += TIMEVAL_LEN; 1288 dp += TIMEVAL_LEN; 1289 cc -= TIMEVAL_LEN; 1290 i += TIMEVAL_LEN; 1291 } 1292 for (; i < datalen && cc > 0; ++i, ++cp, ++dp, --cc) { 1293 if (*cp != *dp) { 1294 (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", 1295 i, *dp, *cp); 1296 (void)printf("\ncp:"); 1297 cp = (u_char*)(buf + hlen + 1298 offsetof(struct icmp, icmp_data)); 1299 for (i = 0; i < datalen; ++i, ++cp) { 1300 if ((i % 16) == 8) 1301 (void)printf("\n\t"); 1302 (void)printf("%2x ", *cp); 1303 } 1304 (void)printf("\ndp:"); 1305 cp = &outpack[ICMP_MINLEN]; 1306 for (i = 0; i < datalen; ++i, ++cp) { 1307 if ((i % 16) == 8) 1308 (void)printf("\n\t"); 1309 (void)printf("%2x ", *cp); 1310 } 1311 break; 1312 } 1313 } 1314 } 1315 } else { 1316 /* 1317 * We've got something other than an ECHOREPLY. 1318 * See if it's a reply to something that we sent. 1319 * We can compare IP destination, protocol, 1320 * and ICMP type and ID. 1321 * 1322 * Only print all the error messages if we are running 1323 * as root to avoid leaking information not normally 1324 * available to those not running as root. 1325 */ 1326 1327 /* 1328 * If we don't have enough bytes for a quoted IP header and an 1329 * ICMP header then stop. 1330 */ 1331 if (icmp_data_raw_len < 1332 (ssize_t)(sizeof(struct ip) + sizeof(struct icmp))) { 1333 if (options & F_VERBOSE) 1334 warnx("quoted data too short (%zd bytes) from %s", 1335 icmp_data_raw_len, inet_ntoa(from->sin_addr)); 1336 return; 1337 } 1338 1339 memcpy(&oip_header_len, icmp_data_raw, sizeof(oip_header_len)); 1340 oip_header_len = (oip_header_len & 0x0f) << 2; 1341 1342 /* Reject IP packets with a short header */ 1343 if (oip_header_len < sizeof(struct ip)) { 1344 if (options & F_VERBOSE) 1345 warnx("inner IHL too short (%d bytes) from %s", 1346 oip_header_len, inet_ntoa(from->sin_addr)); 1347 return; 1348 } 1349 1350 /* 1351 * Check against the actual IHL length, to protect against 1352 * quoated packets carrying IP options. 1353 */ 1354 if (icmp_data_raw_len < 1355 (ssize_t)(oip_header_len + sizeof(struct icmp))) { 1356 if (options & F_VERBOSE) 1357 warnx("inner packet too short (%zd bytes) from %s", 1358 icmp_data_raw_len, inet_ntoa(from->sin_addr)); 1359 return; 1360 } 1361 1362 memcpy(&oip, icmp_data_raw, sizeof(struct ip)); 1363 oicmp_raw = icmp_data_raw + oip_header_len; 1364 memcpy(&oicmp, oicmp_raw, sizeof(struct icmp)); 1365 1366 if (((options & F_VERBOSE) && uid == 0) || 1367 (!(options & F_QUIET2) && 1368 (oip.ip_dst.s_addr == whereto.sin_addr.s_addr) && 1369 (oip.ip_p == IPPROTO_ICMP) && 1370 (oicmp.icmp_type == ICMP_ECHO) && 1371 (oicmp.icmp_id == ident))) { 1372 (void)printf("%zd bytes from %s: ", cc, 1373 pr_addr(from->sin_addr)); 1374 pr_icmph(&icp, &oip, icmp_data_raw); 1375 } else 1376 return; 1377 } 1378 1379 /* Display any IP options */ 1380 cp = (u_char *)buf + sizeof(struct ip); 1381 1382 for (; hlen > (int)sizeof(struct ip); --hlen, ++cp) 1383 switch (*cp) { 1384 case IPOPT_EOL: 1385 hlen = 0; 1386 break; 1387 case IPOPT_LSRR: 1388 case IPOPT_SSRR: 1389 (void)printf(*cp == IPOPT_LSRR ? 1390 "\nLSRR: " : "\nSSRR: "); 1391 j = cp[IPOPT_OLEN] - IPOPT_MINOFF + 1; 1392 hlen -= 2; 1393 cp += 2; 1394 if (j >= INADDR_LEN && 1395 j <= hlen - (int)sizeof(struct ip)) { 1396 for (;;) { 1397 bcopy(++cp, &ina.s_addr, INADDR_LEN); 1398 if (ina.s_addr == 0) 1399 (void)printf("\t0.0.0.0"); 1400 else 1401 (void)printf("\t%s", 1402 pr_addr(ina)); 1403 hlen -= INADDR_LEN; 1404 cp += INADDR_LEN - 1; 1405 j -= INADDR_LEN; 1406 if (j < INADDR_LEN) 1407 break; 1408 (void)putchar('\n'); 1409 } 1410 } else 1411 (void)printf("\t(truncated route)\n"); 1412 break; 1413 case IPOPT_RR: 1414 j = cp[IPOPT_OLEN]; /* get length */ 1415 i = cp[IPOPT_OFFSET]; /* and pointer */ 1416 hlen -= 2; 1417 cp += 2; 1418 if (i > j) 1419 i = j; 1420 i = i - IPOPT_MINOFF + 1; 1421 if (i < 0 || i > (hlen - (int)sizeof(struct ip))) { 1422 old_rrlen = 0; 1423 continue; 1424 } 1425 if (i == old_rrlen 1426 && !bcmp((char *)cp, old_rr, i) 1427 && !(options & F_DOT)) { 1428 (void)printf("\t(same route)"); 1429 hlen -= i; 1430 cp += i; 1431 break; 1432 } 1433 old_rrlen = i; 1434 bcopy((char *)cp, old_rr, i); 1435 (void)printf("\nRR: "); 1436 if (i >= INADDR_LEN && 1437 i <= hlen - (int)sizeof(struct ip)) { 1438 for (;;) { 1439 bcopy(++cp, &ina.s_addr, INADDR_LEN); 1440 if (ina.s_addr == 0) 1441 (void)printf("\t0.0.0.0"); 1442 else 1443 (void)printf("\t%s", 1444 pr_addr(ina)); 1445 hlen -= INADDR_LEN; 1446 cp += INADDR_LEN - 1; 1447 i -= INADDR_LEN; 1448 if (i < INADDR_LEN) 1449 break; 1450 (void)putchar('\n'); 1451 } 1452 } else 1453 (void)printf("\t(truncated route)"); 1454 break; 1455 case IPOPT_NOP: 1456 (void)printf("\nNOP"); 1457 break; 1458 default: 1459 (void)printf("\nunknown option %x", *cp); 1460 break; 1461 } 1462 if (!(options & F_DOT)) { 1463 (void)putchar('\n'); 1464 (void)fflush(stdout); 1465 } 1466 } 1467 1468 /* 1469 * status -- 1470 * Print out statistics when SIGINFO is received. 1471 */ 1472 1473 static void 1474 status(int sig __unused) 1475 { 1476 1477 siginfo_p = 1; 1478 } 1479 1480 static void 1481 check_status(void) 1482 { 1483 1484 if (siginfo_p) { 1485 siginfo_p = 0; 1486 (void)fprintf(stderr, "\r%ld/%ld packets received (%.1f%%)", 1487 nreceived, ntransmitted, 1488 ntransmitted ? nreceived * 100.0 / ntransmitted : 0.0); 1489 if (nreceived && timing) 1490 (void)fprintf(stderr, " %.3f min / %.3f avg / %.3f max", 1491 tmin, tsum / (nreceived + nrepeats), tmax); 1492 (void)fprintf(stderr, "\n"); 1493 } 1494 } 1495 1496 /* 1497 * finish -- 1498 * Print out statistics, and give up. 1499 */ 1500 static void 1501 finish(void) 1502 { 1503 1504 (void)signal(SIGINT, SIG_IGN); 1505 (void)signal(SIGALRM, SIG_IGN); 1506 (void)putchar('\n'); 1507 (void)fflush(stdout); 1508 (void)printf("--- %s ping statistics ---\n", hostname); 1509 (void)printf("%ld packets transmitted, ", ntransmitted); 1510 (void)printf("%ld packets received, ", nreceived); 1511 if (nrepeats) 1512 (void)printf("+%ld duplicates, ", nrepeats); 1513 if (ntransmitted) { 1514 if (nreceived > ntransmitted) 1515 (void)printf("-- somebody's printing up packets!"); 1516 else 1517 (void)printf("%.1f%% packet loss", 1518 ((ntransmitted - nreceived) * 100.0) / 1519 ntransmitted); 1520 } 1521 if (nrcvtimeout) 1522 (void)printf(", %ld packets out of wait time", nrcvtimeout); 1523 (void)putchar('\n'); 1524 if (nreceived && timing) { 1525 double n = nreceived + nrepeats; 1526 double avg = tsum / n; 1527 double vari = tsumsq / n - avg * avg; 1528 (void)printf( 1529 "round-trip min/avg/max/stddev = %.3f/%.3f/%.3f/%.3f ms\n", 1530 tmin, avg, tmax, sqrt(vari)); 1531 } 1532 1533 if (nreceived) 1534 exit(0); 1535 else 1536 exit(2); 1537 } 1538 1539 /* 1540 * pr_icmph -- 1541 * Print a descriptive string about an ICMP header. 1542 */ 1543 static void 1544 pr_icmph(struct icmp *icp, struct ip *oip, const u_char *const oicmp_raw) 1545 { 1546 1547 switch(icp->icmp_type) { 1548 case ICMP_ECHOREPLY: 1549 (void)printf("Echo Reply\n"); 1550 /* XXX ID + Seq + Data */ 1551 break; 1552 case ICMP_UNREACH: 1553 switch(icp->icmp_code) { 1554 case ICMP_UNREACH_NET: 1555 (void)printf("Destination Net Unreachable\n"); 1556 break; 1557 case ICMP_UNREACH_HOST: 1558 (void)printf("Destination Host Unreachable\n"); 1559 break; 1560 case ICMP_UNREACH_PROTOCOL: 1561 (void)printf("Destination Protocol Unreachable\n"); 1562 break; 1563 case ICMP_UNREACH_PORT: 1564 (void)printf("Destination Port Unreachable\n"); 1565 break; 1566 case ICMP_UNREACH_NEEDFRAG: 1567 (void)printf("frag needed and DF set (MTU %d)\n", 1568 ntohs(icp->icmp_nextmtu)); 1569 break; 1570 case ICMP_UNREACH_SRCFAIL: 1571 (void)printf("Source Route Failed\n"); 1572 break; 1573 case ICMP_UNREACH_FILTER_PROHIB: 1574 (void)printf("Communication prohibited by filter\n"); 1575 break; 1576 default: 1577 (void)printf("Dest Unreachable, Bad Code: %d\n", 1578 icp->icmp_code); 1579 break; 1580 } 1581 /* Print returned IP header information */ 1582 pr_iph(oip, oicmp_raw); 1583 break; 1584 case ICMP_SOURCEQUENCH: 1585 (void)printf("Source Quench\n"); 1586 pr_iph(oip, oicmp_raw); 1587 break; 1588 case ICMP_REDIRECT: 1589 switch(icp->icmp_code) { 1590 case ICMP_REDIRECT_NET: 1591 (void)printf("Redirect Network"); 1592 break; 1593 case ICMP_REDIRECT_HOST: 1594 (void)printf("Redirect Host"); 1595 break; 1596 case ICMP_REDIRECT_TOSNET: 1597 (void)printf("Redirect Type of Service and Network"); 1598 break; 1599 case ICMP_REDIRECT_TOSHOST: 1600 (void)printf("Redirect Type of Service and Host"); 1601 break; 1602 default: 1603 (void)printf("Redirect, Bad Code: %d", icp->icmp_code); 1604 break; 1605 } 1606 (void)printf("(New addr: %s)\n", inet_ntoa(icp->icmp_gwaddr)); 1607 pr_iph(oip, oicmp_raw); 1608 break; 1609 case ICMP_ECHO: 1610 (void)printf("Echo Request\n"); 1611 /* XXX ID + Seq + Data */ 1612 break; 1613 case ICMP_TIMXCEED: 1614 switch(icp->icmp_code) { 1615 case ICMP_TIMXCEED_INTRANS: 1616 (void)printf("Time to live exceeded\n"); 1617 break; 1618 case ICMP_TIMXCEED_REASS: 1619 (void)printf("Frag reassembly time exceeded\n"); 1620 break; 1621 default: 1622 (void)printf("Time exceeded, Bad Code: %d\n", 1623 icp->icmp_code); 1624 break; 1625 } 1626 pr_iph(oip, oicmp_raw); 1627 break; 1628 case ICMP_PARAMPROB: 1629 (void)printf("Parameter problem: pointer = 0x%02x\n", 1630 icp->icmp_hun.ih_pptr); 1631 pr_iph(oip, oicmp_raw); 1632 break; 1633 case ICMP_TSTAMP: 1634 (void)printf("Timestamp\n"); 1635 /* XXX ID + Seq + 3 timestamps */ 1636 break; 1637 case ICMP_TSTAMPREPLY: 1638 (void)printf("Timestamp Reply\n"); 1639 /* XXX ID + Seq + 3 timestamps */ 1640 break; 1641 case ICMP_IREQ: 1642 (void)printf("Information Request\n"); 1643 /* XXX ID + Seq */ 1644 break; 1645 case ICMP_IREQREPLY: 1646 (void)printf("Information Reply\n"); 1647 /* XXX ID + Seq */ 1648 break; 1649 case ICMP_MASKREQ: 1650 (void)printf("Address Mask Request\n"); 1651 break; 1652 case ICMP_MASKREPLY: 1653 (void)printf("Address Mask Reply\n"); 1654 break; 1655 case ICMP_ROUTERADVERT: 1656 (void)printf("Router Advertisement\n"); 1657 break; 1658 case ICMP_ROUTERSOLICIT: 1659 (void)printf("Router Solicitation\n"); 1660 break; 1661 default: 1662 (void)printf("Bad ICMP type: %d\n", icp->icmp_type); 1663 } 1664 } 1665 1666 /* 1667 * pr_iph -- 1668 * Print an IP header with options. 1669 */ 1670 static void 1671 pr_iph(struct ip *ip, const u_char *cp) 1672 { 1673 struct in_addr ina; 1674 int hlen; 1675 1676 hlen = ip->ip_hl << 2; 1677 cp = cp + sizeof(struct ip); /* point to options */ 1678 1679 (void)printf("Vr HL TOS Len ID Flg off TTL Pro cks Src Dst\n"); 1680 (void)printf(" %1x %1x %02x %04x %04x", 1681 ip->ip_v, ip->ip_hl, ip->ip_tos, ntohs(ip->ip_len), 1682 ntohs(ip->ip_id)); 1683 (void)printf(" %1x %04x", 1684 (ntohs(ip->ip_off) & 0xe000) >> 13, 1685 ntohs(ip->ip_off) & 0x1fff); 1686 (void)printf(" %02x %02x %04x", ip->ip_ttl, ip->ip_p, 1687 ntohs(ip->ip_sum)); 1688 memcpy(&ina, &ip->ip_src.s_addr, sizeof ina); 1689 (void)printf(" %s ", inet_ntoa(ina)); 1690 memcpy(&ina, &ip->ip_dst.s_addr, sizeof ina); 1691 (void)printf(" %s ", inet_ntoa(ina)); 1692 /* dump any option bytes */ 1693 while (hlen-- > (int)sizeof(struct ip)) { 1694 (void)printf("%02x", *cp++); 1695 } 1696 (void)putchar('\n'); 1697 } 1698 1699 /* 1700 * pr_addr -- 1701 * Return an ascii host address as a dotted quad and optionally with 1702 * a hostname. 1703 */ 1704 static char * 1705 pr_addr(struct in_addr ina) 1706 { 1707 struct hostent *hp; 1708 static char buf[16 + 3 + MAXHOSTNAMELEN]; 1709 1710 if (options & F_NUMERIC) 1711 return inet_ntoa(ina); 1712 1713 hp = cap_gethostbyaddr(capdns, (char *)&ina, sizeof(ina), AF_INET); 1714 1715 if (hp == NULL) 1716 return inet_ntoa(ina); 1717 1718 (void)snprintf(buf, sizeof(buf), "%s (%s)", hp->h_name, 1719 inet_ntoa(ina)); 1720 return(buf); 1721 } 1722 1723 static char * 1724 pr_ntime(n_time timestamp) 1725 { 1726 static char buf[11]; 1727 int hour, min, sec; 1728 1729 sec = ntohl(timestamp) / 1000; 1730 hour = sec / 60 / 60; 1731 min = (sec % (60 * 60)) / 60; 1732 sec = (sec % (60 * 60)) % 60; 1733 1734 (void)snprintf(buf, sizeof(buf), "%02d:%02d:%02d", hour, min, sec); 1735 1736 return (buf); 1737 } 1738 1739 static void 1740 fill(char *bp, char *patp) 1741 { 1742 char *cp; 1743 int pat[16]; 1744 u_int ii, jj, kk; 1745 1746 for (cp = patp; *cp; cp++) { 1747 if (!isxdigit(*cp)) 1748 errx(EX_USAGE, 1749 "patterns must be specified as hex digits"); 1750 1751 } 1752 ii = sscanf(patp, 1753 "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", 1754 &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], 1755 &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], 1756 &pat[13], &pat[14], &pat[15]); 1757 1758 if (ii > 0) 1759 for (kk = 0; kk <= maxpayload - (TIMEVAL_LEN + ii); kk += ii) 1760 for (jj = 0; jj < ii; ++jj) 1761 bp[jj + kk] = pat[jj]; 1762 if (!(options & F_QUIET)) { 1763 (void)printf("PATTERN: 0x"); 1764 for (jj = 0; jj < ii; ++jj) 1765 (void)printf("%02x", bp[jj] & 0xFF); 1766 (void)printf("\n"); 1767 } 1768 } 1769 1770 static cap_channel_t * 1771 capdns_setup(void) 1772 { 1773 cap_channel_t *capcas, *capdnsloc; 1774 #ifdef WITH_CASPER 1775 const char *types[2]; 1776 int families[1]; 1777 #endif 1778 capcas = cap_init(); 1779 if (capcas == NULL) 1780 err(1, "unable to create casper process"); 1781 capdnsloc = cap_service_open(capcas, "system.dns"); 1782 /* Casper capability no longer needed. */ 1783 cap_close(capcas); 1784 if (capdnsloc == NULL) 1785 err(1, "unable to open system.dns service"); 1786 #ifdef WITH_CASPER 1787 types[0] = "NAME2ADDR"; 1788 types[1] = "ADDR2NAME"; 1789 if (cap_dns_type_limit(capdnsloc, types, 2) < 0) 1790 err(1, "unable to limit access to system.dns service"); 1791 families[0] = AF_INET; 1792 if (cap_dns_family_limit(capdnsloc, families, 1) < 0) 1793 err(1, "unable to limit access to system.dns service"); 1794 #endif 1795 return (capdnsloc); 1796 } 1797