1 /* $KAME: ping6.c,v 1.169 2003/07/25 06:01:47 itojun Exp $ */ 2 3 /*- 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* BSDI ping.c,v 2.3 1996/01/21 17:56:50 jch Exp */ 35 36 /* 37 * Copyright (c) 1989, 1993 38 * The Regents of the University of California. All rights reserved. 39 * 40 * This code is derived from software contributed to Berkeley by 41 * Mike Muuss. 42 * 43 * Redistribution and use in source and binary forms, with or without 44 * modification, are permitted provided that the following conditions 45 * are met: 46 * 1. Redistributions of source code must retain the above copyright 47 * notice, this list of conditions and the following disclaimer. 48 * 2. Redistributions in binary form must reproduce the above copyright 49 * notice, this list of conditions and the following disclaimer in the 50 * documentation and/or other materials provided with the distribution. 51 * 3. Neither the name of the University nor the names of its contributors 52 * may be used to endorse or promote products derived from this software 53 * without specific prior written permission. 54 * 55 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 56 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 57 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 58 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 59 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 60 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 61 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 62 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 63 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 64 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 65 * SUCH DAMAGE. 66 */ 67 68 #if 0 69 #ifndef lint 70 static const char copyright[] = 71 "@(#) Copyright (c) 1989, 1993\n\ 72 The Regents of the University of California. All rights reserved.\n"; 73 #endif /* not lint */ 74 75 #ifndef lint 76 static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; 77 #endif /* not lint */ 78 #endif 79 80 #include <sys/cdefs.h> 81 /* 82 * Using the InterNet Control Message Protocol (ICMP) "ECHO" facility, 83 * measure round-trip-delays and packet loss across network paths. 84 * 85 * Author - 86 * Mike Muuss 87 * U. S. Army Ballistic Research Laboratory 88 * December, 1983 89 * 90 * Status - 91 * Public Domain. Distribution Unlimited. 92 * Bugs - 93 * More statistics could always be gathered. 94 * This program has to run SUID to ROOT to access the ICMP socket. 95 */ 96 /* 97 * NOTE: 98 * USE_SIN6_SCOPE_ID assumes that sin6_scope_id has the same semantics 99 * as IPV6_PKTINFO. Some people object it (sin6_scope_id specifies *link* 100 * while IPV6_PKTINFO specifies *interface*. Link is defined as collection of 101 * network attached to 1 or more interfaces) 102 */ 103 104 #include <sys/param.h> 105 #include <sys/capsicum.h> 106 #include <sys/uio.h> 107 #include <sys/socket.h> 108 109 #include <net/if.h> 110 #include <net/route.h> 111 112 #include <netinet/in.h> 113 #include <netinet/ip6.h> 114 #include <netinet/icmp6.h> 115 #include <arpa/inet.h> 116 #include <arpa/nameser.h> 117 #include <netdb.h> 118 119 #include <capsicum_helpers.h> 120 #include <casper/cap_dns.h> 121 #include <libcasper.h> 122 123 #include <ctype.h> 124 #include <err.h> 125 #include <errno.h> 126 #include <fcntl.h> 127 #include <signal.h> 128 #include <stdio.h> 129 #include <stdlib.h> 130 #include <string.h> 131 #include <sysexits.h> 132 #include <time.h> 133 #include <unistd.h> 134 135 #ifdef IPSEC 136 #include <netipsec/ah.h> 137 #include <netipsec/ipsec.h> 138 #endif 139 140 #include <md5.h> 141 142 #include "main.h" 143 #include "ping6.h" 144 145 struct tv32 { 146 u_int32_t tv32_sec; 147 u_int32_t tv32_nsec; 148 }; 149 150 #define MAXPACKETLEN 131072 151 #define IP6LEN 40 152 #define ICMP6ECHOLEN 8 /* icmp echo header len excluding time */ 153 #define ICMP6ECHOTMLEN sizeof(struct tv32) 154 #define ICMP6_NIQLEN (ICMP6ECHOLEN + 8) 155 # define CONTROLLEN 10240 /* ancillary data buffer size RFC3542 20.1 */ 156 /* FQDN case, 64 bits of nonce + 32 bits ttl */ 157 #define ICMP6_NIRLEN (ICMP6ECHOLEN + 12) 158 #define EXTRA 256 /* for AH and various other headers. weird. */ 159 #define DEFDATALEN ICMP6ECHOTMLEN 160 #define MAXDATALEN MAXPACKETLEN - IP6LEN - ICMP6ECHOLEN 161 #define NROUTES 9 /* number of record route slots */ 162 #define MAXWAIT 10000 /* max ms to wait for response */ 163 #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ 164 165 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ 166 #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ 167 #define SET(bit) (A(bit) |= B(bit)) 168 #define CLR(bit) (A(bit) &= (~B(bit))) 169 #define TST(bit) (A(bit) & B(bit)) 170 171 #define F_FLOOD 0x0001 172 #define F_INTERVAL 0x0002 173 #define F_PINGFILLED 0x0008 174 #define F_QUIET 0x0010 175 #define F_RROUTE 0x0020 176 #define F_SO_DEBUG 0x0040 177 #define F_VERBOSE 0x0100 178 #ifdef IPSEC 179 #ifdef IPSEC_POLICY_IPSEC 180 #define F_POLICY 0x0400 181 #else 182 #define F_AUTHHDR 0x0200 183 #define F_ENCRYPT 0x0400 184 #endif /*IPSEC_POLICY_IPSEC*/ 185 #endif /*IPSEC*/ 186 #define F_NODEADDR 0x0800 187 #define F_FQDN 0x1000 188 #define F_INTERFACE 0x2000 189 #define F_SRCADDR 0x4000 190 #define F_FQDNOLD 0x20000 191 #define F_NIGROUP 0x40000 192 #define F_SUPTYPES 0x80000 193 #define F_NOMINMTU 0x100000 194 #define F_ONCE 0x200000 195 #define F_AUDIBLE 0x400000 196 #define F_MISSED 0x800000 197 #define F_DONTFRAG 0x1000000 198 #define F_NOUSERDATA (F_NODEADDR | F_FQDN | F_FQDNOLD | F_SUPTYPES) 199 #define F_WAITTIME 0x2000000 200 #define F_DOT 0x4000000 201 202 #define IN6LEN sizeof(struct in6_addr) 203 #define SA6LEN sizeof(struct sockaddr_in6) 204 #define DUMMY_PORT 10101 205 206 #define SIN6(s) ((struct sockaddr_in6 *)(s)) 207 208 /* 209 * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum 210 * number of received sequence numbers we can keep track of. Change 128 211 * to 8192 for complete accuracy... 212 */ 213 #define MAX_DUP_CHK (8 * 8192) 214 static int mx_dup_ck = MAX_DUP_CHK; 215 static char rcvd_tbl[MAX_DUP_CHK / 8]; 216 217 static struct sockaddr_in6 dst; /* who to ping6 */ 218 static struct sockaddr_in6 src; /* src addr of this packet */ 219 static socklen_t srclen; 220 static size_t datalen = DEFDATALEN; 221 static int ssend; /* send socket file descriptor */ 222 static int srecv; /* receive socket file descriptor */ 223 static u_char outpack[MAXPACKETLEN]; 224 static char BSPACE = '\b'; /* characters written for flood */ 225 static char BBELL = '\a'; /* characters written for AUDIBLE */ 226 static const char *DOT = "."; 227 static size_t DOTlen = 1; 228 static size_t DOTidx = 0; 229 static int ident; /* process id to identify our packets */ 230 static u_int8_t nonce[8]; /* nonce field for node information */ 231 static int hoplimit = -1; /* hoplimit */ 232 static int tclass = -1; /* traffic class */ 233 static int pcp = -2; /* vlan priority code point */ 234 static u_char *packet = NULL; 235 static cap_channel_t *capdns; 236 237 /* counters */ 238 static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ 239 static long npackets; /* max packets to transmit */ 240 static long ntransmitfailures; /* number of transmit failures */ 241 static int interval = 1000; /* interval between packets in ms */ 242 static int waittime = MAXWAIT; /* timeout for each packet */ 243 244 /* for node addresses */ 245 static u_short naflags; 246 247 /* for ancillary data(advanced API) */ 248 static struct msghdr smsghdr; 249 static struct iovec smsgiov; 250 static char *scmsg = 0; 251 252 static cap_channel_t *capdns_setup(void); 253 static void fill(char *, char *); 254 static int get_hoplim(struct msghdr *); 255 static int get_pathmtu(struct msghdr *); 256 static struct in6_pktinfo *get_rcvpktinfo(struct msghdr *); 257 static size_t pingerlen(void); 258 static int pinger(void); 259 static const char *pr_addr(struct sockaddr *, int); 260 static void pr_icmph(struct icmp6_hdr *, u_char *); 261 static void pr_iph(struct ip6_hdr *); 262 static void pr_suptypes(struct icmp6_nodeinfo *, size_t); 263 static void pr_nodeaddr(struct icmp6_nodeinfo *, int); 264 static int myechoreply(const struct icmp6_hdr *); 265 static int mynireply(const struct icmp6_nodeinfo *); 266 static const char *dnsdecode(const u_char *, const u_char *, const u_char *, 267 char *, size_t); 268 static void pr_pack(u_char *, int, struct msghdr *); 269 static void pr_exthdrs(struct msghdr *); 270 static void pr_ip6opt(void *, size_t); 271 static void pr_rthdr(void *, size_t); 272 static int pr_bitrange(u_int32_t, int, int); 273 static void pr_retip(struct ip6_hdr *, u_char *); 274 #ifdef IPSEC 275 #ifdef IPSEC_POLICY_IPSEC 276 static int setpolicy(int, char *); 277 #endif 278 #endif 279 static char *nigroup(char *, int); 280 281 int 282 ping6(int argc, char *argv[]) 283 { 284 struct timespec last, intvl; 285 struct sockaddr_in6 from, *sin6; 286 struct addrinfo hints, *res; 287 struct sigaction si_sa; 288 int cc, i; 289 int almost_done, ch, hold, packlen, preload, optval, error; 290 int nig_oldmcprefix = -1; 291 u_char *datap; 292 char *e, *target, *ifname = NULL, *gateway = NULL; 293 int ip6optlen = 0; 294 struct cmsghdr *scmsgp = NULL; 295 /* For control (ancillary) data received from recvmsg() */ 296 u_char cm[CONTROLLEN]; 297 #if defined(SO_SNDBUF) && defined(SO_RCVBUF) 298 u_long lsockbufsize; 299 int sockbufsize = 0; 300 #endif 301 int usepktinfo = 0; 302 struct in6_pktinfo pktinfo; 303 char *cmsg_pktinfo = NULL; 304 struct ip6_rthdr *rthdr = NULL; 305 #ifdef IPSEC_POLICY_IPSEC 306 char *policy_in = NULL; 307 char *policy_out = NULL; 308 #endif 309 double t; 310 u_long alarmtimeout; 311 size_t rthlen; 312 #ifdef IPV6_USE_MIN_MTU 313 int mflag = 0; 314 #endif 315 cap_rights_t rights_srecv; 316 cap_rights_t rights_ssend; 317 cap_rights_t rights_stdin; 318 319 /* just to be sure */ 320 memset(&smsghdr, 0, sizeof(smsghdr)); 321 memset(&smsgiov, 0, sizeof(smsgiov)); 322 memset(&pktinfo, 0, sizeof(pktinfo)); 323 324 intvl.tv_sec = interval / 1000; 325 intvl.tv_nsec = interval % 1000 * 1000000; 326 327 alarmtimeout = preload = 0; 328 datap = &outpack[ICMP6ECHOLEN + ICMP6ECHOTMLEN]; 329 capdns = capdns_setup(); 330 331 while ((ch = getopt(argc, argv, PING6OPTS)) != -1) { 332 switch (ch) { 333 case '.': 334 options |= F_DOT; 335 if (optarg != NULL) { 336 DOT = optarg; 337 DOTlen = strlen(optarg); 338 } 339 break; 340 case '6': 341 /* This option is processed in main(). */ 342 break; 343 case 'k': 344 { 345 char *cp; 346 347 options &= ~F_NOUSERDATA; 348 options |= F_NODEADDR; 349 for (cp = optarg; *cp != '\0'; cp++) { 350 switch (*cp) { 351 case 'a': 352 naflags |= NI_NODEADDR_FLAG_ALL; 353 break; 354 case 'c': 355 case 'C': 356 naflags |= NI_NODEADDR_FLAG_COMPAT; 357 break; 358 case 'l': 359 case 'L': 360 naflags |= NI_NODEADDR_FLAG_LINKLOCAL; 361 break; 362 case 's': 363 case 'S': 364 naflags |= NI_NODEADDR_FLAG_SITELOCAL; 365 break; 366 case 'g': 367 case 'G': 368 naflags |= NI_NODEADDR_FLAG_GLOBAL; 369 break; 370 case 'A': /* experimental. not in the spec */ 371 #ifdef NI_NODEADDR_FLAG_ANYCAST 372 naflags |= NI_NODEADDR_FLAG_ANYCAST; 373 break; 374 #else 375 errx(1, 376 "-a A is not supported on the platform"); 377 /*NOTREACHED*/ 378 #endif 379 default: 380 usage(); 381 /*NOTREACHED*/ 382 } 383 } 384 break; 385 } 386 case 'b': 387 #if defined(SO_SNDBUF) && defined(SO_RCVBUF) 388 errno = 0; 389 e = NULL; 390 lsockbufsize = strtoul(optarg, &e, 10); 391 sockbufsize = (int)lsockbufsize; 392 if (errno || !*optarg || *e || 393 lsockbufsize > INT_MAX) 394 errx(1, "invalid socket buffer size"); 395 #else 396 errx(1, 397 "-b option ignored: SO_SNDBUF/SO_RCVBUF socket options not supported"); 398 #endif 399 break; 400 case 'C': /* vlan priority code point */ 401 pcp = strtol(optarg, &e, 10); 402 if (*optarg == '\0' || *e != '\0') 403 errx(1, "illegal vlan pcp %s", optarg); 404 if (7 < pcp || pcp < -1) 405 errx(1, "illegal vlan pcp -- %s", optarg); 406 break; 407 case 'c': 408 npackets = strtol(optarg, &e, 10); 409 if (npackets <= 0 || *optarg == '\0' || *e != '\0') 410 errx(1, 411 "illegal number of packets -- %s", optarg); 412 break; 413 case 'D': 414 options |= F_DONTFRAG; 415 break; 416 case 'd': 417 options |= F_SO_DEBUG; 418 break; 419 case 'f': 420 if (getuid()) { 421 errno = EPERM; 422 errx(1, "Must be superuser to flood ping"); 423 } 424 options |= F_FLOOD; 425 options |= F_DOT; 426 setbuf(stdout, (char *)NULL); 427 break; 428 case 'e': 429 gateway = optarg; 430 break; 431 case 'H': 432 options |= F_HOSTNAME; 433 break; 434 case 'm': /* hoplimit */ 435 hoplimit = strtol(optarg, &e, 10); 436 if (*optarg == '\0' || *e != '\0') 437 errx(1, "illegal hoplimit %s", optarg); 438 if (255 < hoplimit || hoplimit < -1) 439 errx(1, 440 "illegal hoplimit -- %s", optarg); 441 break; 442 case 'I': 443 ifname = optarg; 444 options |= F_INTERFACE; 445 #ifndef USE_SIN6_SCOPE_ID 446 usepktinfo++; 447 #endif 448 break; 449 case 'i': /* wait between sending packets */ 450 t = strtod(optarg, &e); 451 if (*optarg == '\0' || *e != '\0') 452 errx(1, "illegal timing interval %s", optarg); 453 if (t < 1 && getuid()) { 454 errx(1, "%s: only root may use interval < 1s", 455 strerror(EPERM)); 456 } 457 intvl.tv_sec = (time_t)t; 458 intvl.tv_nsec = 459 (long)((t - intvl.tv_sec) * 1000000000); 460 if (intvl.tv_sec < 0) 461 errx(1, "illegal timing interval %s", optarg); 462 /* less than 1/hz does not make sense */ 463 if (intvl.tv_sec == 0 && intvl.tv_nsec < 1000) { 464 warnx("too small interval, raised to .000001"); 465 intvl.tv_nsec = 1000; 466 } 467 options |= F_INTERVAL; 468 break; 469 case 'l': 470 if (getuid()) { 471 errno = EPERM; 472 errx(1, "Must be superuser to preload"); 473 } 474 preload = strtol(optarg, &e, 10); 475 if (preload < 0 || *optarg == '\0' || *e != '\0') 476 errx(1, "illegal preload value -- %s", optarg); 477 break; 478 case 'u': 479 #ifdef IPV6_USE_MIN_MTU 480 mflag++; 481 break; 482 #else 483 errx(1, "-%c is not supported on this platform", ch); 484 /*NOTREACHED*/ 485 #endif 486 case 'n': 487 options &= ~F_HOSTNAME; 488 break; 489 case 'N': 490 options |= F_NIGROUP; 491 nig_oldmcprefix++; 492 break; 493 case 'o': 494 options |= F_ONCE; 495 break; 496 case 'p': /* fill buffer with user pattern */ 497 options |= F_PINGFILLED; 498 fill((char *)datap, optarg); 499 break; 500 case 'q': 501 options |= F_QUIET; 502 break; 503 case 'a': 504 options |= F_AUDIBLE; 505 break; 506 case 'A': 507 options |= F_MISSED; 508 break; 509 case 'S': 510 memset(&hints, 0, sizeof(struct addrinfo)); 511 hints.ai_flags = AI_NUMERICHOST; /* allow hostname? */ 512 hints.ai_family = AF_INET6; 513 hints.ai_socktype = SOCK_RAW; 514 hints.ai_protocol = IPPROTO_ICMPV6; 515 516 error = cap_getaddrinfo(capdns, optarg, NULL, &hints, &res); 517 if (error) { 518 errx(1, "invalid source address: %s", 519 gai_strerror(error)); 520 } 521 /* 522 * res->ai_family must be AF_INET6 and res->ai_addrlen 523 * must be sizeof(src). 524 */ 525 memcpy(&src, res->ai_addr, res->ai_addrlen); 526 srclen = res->ai_addrlen; 527 freeaddrinfo(res); 528 options |= F_SRCADDR; 529 break; 530 case 's': /* size of packet to send */ 531 datalen = strtol(optarg, &e, 10); 532 if (datalen <= 0 || *optarg == '\0' || *e != '\0') 533 errx(1, "illegal datalen value -- %s", optarg); 534 if (datalen > MAXDATALEN) { 535 errx(1, 536 "datalen value too large, maximum is %d", 537 MAXDATALEN); 538 } 539 break; 540 case 'O': 541 options &= ~F_NOUSERDATA; 542 options |= F_SUPTYPES; 543 break; 544 case 'v': 545 options |= F_VERBOSE; 546 break; 547 case 'y': 548 options &= ~F_NOUSERDATA; 549 options |= F_FQDN; 550 break; 551 case 'Y': 552 options &= ~F_NOUSERDATA; 553 options |= F_FQDNOLD; 554 break; 555 case 'W': 556 t = strtod(optarg, &e); 557 if (*e || e == optarg || t > (double)INT_MAX) 558 errx(EX_USAGE, "invalid timing interval: `%s'", 559 optarg); 560 options |= F_WAITTIME; 561 waittime = (int)t; 562 break; 563 case 't': 564 alarmtimeout = strtoul(optarg, &e, 0); 565 if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) 566 errx(EX_USAGE, "invalid timeout: `%s'", 567 optarg); 568 if (alarmtimeout > MAXALARM) 569 errx(EX_USAGE, "invalid timeout: `%s' > %d", 570 optarg, MAXALARM); 571 { 572 struct itimerval itv; 573 574 timerclear(&itv.it_interval); 575 timerclear(&itv.it_value); 576 itv.it_value.tv_sec = (time_t)alarmtimeout; 577 if (setitimer(ITIMER_REAL, &itv, NULL) != 0) 578 err(1, "setitimer"); 579 } 580 break; 581 case 'z': /* traffic class */ 582 tclass = strtol(optarg, &e, 10); 583 if (*optarg == '\0' || *e != '\0') 584 errx(1, "illegal traffic class %s", optarg); 585 if (255 < tclass || tclass < -1) 586 errx(1, 587 "illegal traffic class -- %s", optarg); 588 break; 589 #ifdef IPSEC 590 #ifdef IPSEC_POLICY_IPSEC 591 case 'P': 592 options |= F_POLICY; 593 if (!strncmp("in", optarg, 2)) { 594 if ((policy_in = strdup(optarg)) == NULL) 595 errx(1, "strdup"); 596 } else if (!strncmp("out", optarg, 3)) { 597 if ((policy_out = strdup(optarg)) == NULL) 598 errx(1, "strdup"); 599 } else 600 errx(1, "invalid security policy"); 601 break; 602 #else 603 case 'Z': 604 options |= F_AUTHHDR; 605 break; 606 case 'E': 607 options |= F_ENCRYPT; 608 break; 609 #endif /*IPSEC_POLICY_IPSEC*/ 610 #endif /*IPSEC*/ 611 default: 612 usage(); 613 /*NOTREACHED*/ 614 } 615 } 616 617 argc -= optind; 618 argv += optind; 619 620 if (argc < 1) { 621 usage(); 622 /*NOTREACHED*/ 623 } 624 625 if (argc > 1) { 626 #ifdef IPV6_RECVRTHDR /* 2292bis */ 627 rthlen = CMSG_SPACE(inet6_rth_space(IPV6_RTHDR_TYPE_0, 628 argc - 1)); 629 #else /* RFC2292 */ 630 rthlen = inet6_rthdr_space(IPV6_RTHDR_TYPE_0, argc - 1); 631 #endif 632 if (rthlen == 0) { 633 errx(1, "too many intermediate hops"); 634 /*NOTREACHED*/ 635 } 636 ip6optlen += rthlen; 637 } 638 639 if (options & F_NIGROUP) { 640 target = nigroup(argv[argc - 1], nig_oldmcprefix); 641 if (target == NULL) { 642 usage(); 643 /*NOTREACHED*/ 644 } 645 } else 646 target = argv[argc - 1]; 647 648 /* cap_getaddrinfo */ 649 memset(&hints, 0, sizeof(struct addrinfo)); 650 hints.ai_flags = AI_CANONNAME; 651 hints.ai_family = AF_INET6; 652 hints.ai_socktype = SOCK_RAW; 653 hints.ai_protocol = IPPROTO_ICMPV6; 654 655 error = cap_getaddrinfo(capdns, target, NULL, &hints, &res); 656 if (error) 657 errx(EX_NOHOST, "cannot resolve %s: %s", 658 target, gai_strerror(error)); 659 if (res->ai_canonname) 660 hostname = strdup(res->ai_canonname); 661 else 662 hostname = target; 663 664 if (!res->ai_addr) 665 errx(EX_NOHOST, "cannot resolve %s", target); 666 667 (void)memcpy(&dst, res->ai_addr, res->ai_addrlen); 668 669 if ((ssend = socket(res->ai_family, res->ai_socktype, 670 res->ai_protocol)) < 0) 671 err(1, "socket ssend"); 672 if ((srecv = socket(res->ai_family, res->ai_socktype, 673 res->ai_protocol)) < 0) 674 err(1, "socket srecv"); 675 freeaddrinfo(res); 676 677 /* set the source address if specified. */ 678 if ((options & F_SRCADDR) != 0) { 679 /* properly fill sin6_scope_id */ 680 if (IN6_IS_ADDR_LINKLOCAL(&src.sin6_addr) && ( 681 IN6_IS_ADDR_LINKLOCAL(&dst.sin6_addr) || 682 IN6_IS_ADDR_MC_LINKLOCAL(&dst.sin6_addr) || 683 IN6_IS_ADDR_MC_NODELOCAL(&dst.sin6_addr))) { 684 if (src.sin6_scope_id == 0) 685 src.sin6_scope_id = dst.sin6_scope_id; 686 if (dst.sin6_scope_id == 0) 687 dst.sin6_scope_id = src.sin6_scope_id; 688 } 689 if (bind(ssend, (struct sockaddr *)&src, srclen) != 0) 690 err(1, "bind"); 691 } 692 /* set the gateway (next hop) if specified */ 693 if (gateway) { 694 memset(&hints, 0, sizeof(hints)); 695 hints.ai_family = AF_INET6; 696 hints.ai_socktype = SOCK_RAW; 697 hints.ai_protocol = IPPROTO_ICMPV6; 698 699 error = cap_getaddrinfo(capdns, gateway, NULL, &hints, &res); 700 if (error) { 701 errx(1, "cap_getaddrinfo for the gateway %s: %s", 702 gateway, gai_strerror(error)); 703 } 704 if (res->ai_next && (options & F_VERBOSE)) 705 warnx("gateway resolves to multiple addresses"); 706 707 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_NEXTHOP, 708 res->ai_addr, res->ai_addrlen)) { 709 err(1, "setsockopt(IPV6_NEXTHOP)"); 710 } 711 712 freeaddrinfo(res); 713 } 714 715 /* 716 * let the kerel pass extension headers of incoming packets, 717 * for privileged socket options 718 */ 719 if ((options & F_VERBOSE) != 0) { 720 int opton = 1; 721 722 #ifdef IPV6_RECVHOPOPTS 723 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPOPTS, &opton, 724 sizeof(opton))) 725 err(1, "setsockopt(IPV6_RECVHOPOPTS)"); 726 #else /* old adv. API */ 727 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPOPTS, &opton, 728 sizeof(opton))) 729 err(1, "setsockopt(IPV6_HOPOPTS)"); 730 #endif 731 #ifdef IPV6_RECVDSTOPTS 732 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVDSTOPTS, &opton, 733 sizeof(opton))) 734 err(1, "setsockopt(IPV6_RECVDSTOPTS)"); 735 #else /* old adv. API */ 736 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_DSTOPTS, &opton, 737 sizeof(opton))) 738 err(1, "setsockopt(IPV6_DSTOPTS)"); 739 #endif 740 #ifdef IPV6_RECVRTHDRDSTOPTS 741 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDRDSTOPTS, &opton, 742 sizeof(opton))) 743 err(1, "setsockopt(IPV6_RECVRTHDRDSTOPTS)"); 744 #endif 745 } 746 747 /* revoke root privilege */ 748 if (seteuid(getuid()) != 0) 749 err(1, "seteuid() failed"); 750 if (setuid(getuid()) != 0) 751 err(1, "setuid() failed"); 752 753 if ((options & F_FLOOD) && (options & F_INTERVAL)) 754 errx(1, "-f and -i incompatible options"); 755 756 if ((options & F_NOUSERDATA) == 0) { 757 if (datalen >= sizeof(struct tv32)) { 758 /* we can time transfer */ 759 timing = 1; 760 } else 761 timing = 0; 762 /* in F_VERBOSE case, we may get non-echoreply packets*/ 763 if (options & F_VERBOSE) 764 packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA; 765 else 766 packlen = datalen + IP6LEN + ICMP6ECHOLEN + EXTRA; 767 } else { 768 /* suppress timing for node information query */ 769 timing = 0; 770 datalen = 2048; 771 packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA; 772 } 773 774 if (!(packet = (u_char *)malloc((u_int)packlen))) 775 err(1, "Unable to allocate packet"); 776 if (!(options & F_PINGFILLED)) 777 for (i = ICMP6ECHOLEN; i < packlen; ++i) 778 *datap++ = i; 779 780 ident = getpid() & 0xFFFF; 781 arc4random_buf(nonce, sizeof(nonce)); 782 optval = 1; 783 if (options & F_DONTFRAG) 784 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_DONTFRAG, 785 &optval, sizeof(optval)) == -1) 786 err(1, "IPV6_DONTFRAG"); 787 hold = 1; 788 789 if (options & F_SO_DEBUG) { 790 (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, 791 sizeof(hold)); 792 (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, 793 sizeof(hold)); 794 } 795 optval = IPV6_DEFHLIM; 796 if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr)) 797 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 798 &optval, sizeof(optval)) == -1) 799 err(1, "IPV6_MULTICAST_HOPS"); 800 #ifdef IPV6_USE_MIN_MTU 801 if (mflag != 1) { 802 optval = mflag > 1 ? 0 : 1; 803 804 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_USE_MIN_MTU, 805 &optval, sizeof(optval)) == -1) 806 err(1, "setsockopt(IPV6_USE_MIN_MTU)"); 807 } 808 #ifdef IPV6_RECVPATHMTU 809 else { 810 optval = 1; 811 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPATHMTU, 812 &optval, sizeof(optval)) == -1) 813 err(1, "setsockopt(IPV6_RECVPATHMTU)"); 814 } 815 #endif /* IPV6_RECVPATHMTU */ 816 #endif /* IPV6_USE_MIN_MTU */ 817 818 #ifdef IPSEC 819 #ifdef IPSEC_POLICY_IPSEC 820 if (options & F_POLICY) { 821 if (setpolicy(srecv, policy_in) < 0) 822 errx(1, "%s", ipsec_strerror()); 823 if (setpolicy(ssend, policy_out) < 0) 824 errx(1, "%s", ipsec_strerror()); 825 } 826 #else 827 if (options & F_AUTHHDR) { 828 optval = IPSEC_LEVEL_REQUIRE; 829 #ifdef IPV6_AUTH_TRANS_LEVEL 830 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, 831 &optval, sizeof(optval)) == -1) 832 err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)"); 833 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, 834 &optval, sizeof(optval)) == -1) 835 err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)"); 836 #else /* old def */ 837 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_LEVEL, 838 &optval, sizeof(optval)) == -1) 839 err(1, "setsockopt(IPV6_AUTH_LEVEL)"); 840 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_LEVEL, 841 &optval, sizeof(optval)) == -1) 842 err(1, "setsockopt(IPV6_AUTH_LEVEL)"); 843 #endif 844 } 845 if (options & F_ENCRYPT) { 846 optval = IPSEC_LEVEL_REQUIRE; 847 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, 848 &optval, sizeof(optval)) == -1) 849 err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)"); 850 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, 851 &optval, sizeof(optval)) == -1) 852 err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)"); 853 } 854 #endif /*IPSEC_POLICY_IPSEC*/ 855 #endif 856 857 #ifdef ICMP6_FILTER 858 { 859 struct icmp6_filter filt; 860 if (!(options & F_VERBOSE)) { 861 ICMP6_FILTER_SETBLOCKALL(&filt); 862 if ((options & F_FQDN) || (options & F_FQDNOLD) || 863 (options & F_NODEADDR) || (options & F_SUPTYPES)) 864 ICMP6_FILTER_SETPASS(ICMP6_NI_REPLY, &filt); 865 else 866 ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filt); 867 } else { 868 ICMP6_FILTER_SETPASSALL(&filt); 869 } 870 if (setsockopt(srecv, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, 871 sizeof(filt)) < 0) 872 err(1, "setsockopt(ICMP6_FILTER)"); 873 } 874 #endif /*ICMP6_FILTER*/ 875 876 /* let the kerel pass extension headers of incoming packets */ 877 if ((options & F_VERBOSE) != 0) { 878 int opton = 1; 879 880 #ifdef IPV6_RECVRTHDR 881 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDR, &opton, 882 sizeof(opton))) 883 err(1, "setsockopt(IPV6_RECVRTHDR)"); 884 #else /* old adv. API */ 885 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RTHDR, &opton, 886 sizeof(opton))) 887 err(1, "setsockopt(IPV6_RTHDR)"); 888 #endif 889 } 890 891 /* 892 optval = 1; 893 if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr)) 894 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, 895 &optval, sizeof(optval)) == -1) 896 err(1, "IPV6_MULTICAST_LOOP"); 897 */ 898 899 /* Specify the outgoing interface and/or the source address */ 900 if (usepktinfo) 901 ip6optlen += CMSG_SPACE(sizeof(struct in6_pktinfo)); 902 903 if (hoplimit != -1) 904 ip6optlen += CMSG_SPACE(sizeof(int)); 905 906 /* set IP6 packet options */ 907 if (ip6optlen) { 908 if ((scmsg = (char *)malloc(ip6optlen)) == NULL) 909 errx(1, "can't allocate enough memory"); 910 smsghdr.msg_control = (caddr_t)scmsg; 911 smsghdr.msg_controllen = ip6optlen; 912 scmsgp = CMSG_FIRSTHDR(&smsghdr); 913 } 914 if (usepktinfo) { 915 cmsg_pktinfo = CMSG_DATA(scmsgp); 916 scmsgp->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); 917 scmsgp->cmsg_level = IPPROTO_IPV6; 918 scmsgp->cmsg_type = IPV6_PKTINFO; 919 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); 920 } 921 922 /* set the outgoing interface */ 923 if (ifname) { 924 #ifndef USE_SIN6_SCOPE_ID 925 /* pktinfo must have already been allocated */ 926 if ((pktinfo.ipi6_ifindex = if_nametoindex(ifname)) == 0) 927 errx(1, "%s: invalid interface name", ifname); 928 #else 929 if ((dst.sin6_scope_id = if_nametoindex(ifname)) == 0) 930 errx(1, "%s: invalid interface name", ifname); 931 #endif 932 } 933 if (hoplimit != -1) { 934 scmsgp->cmsg_len = CMSG_LEN(sizeof(int)); 935 scmsgp->cmsg_level = IPPROTO_IPV6; 936 scmsgp->cmsg_type = IPV6_HOPLIMIT; 937 memcpy(CMSG_DATA(scmsgp), &hoplimit, sizeof(hoplimit)); 938 939 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); 940 } 941 942 if (tclass != -1) { 943 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_TCLASS, 944 &tclass, sizeof(tclass)) == -1) 945 err(1, "setsockopt(IPV6_TCLASS)"); 946 } 947 948 if (pcp != -2) { 949 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_VLAN_PCP, 950 &pcp, sizeof(pcp)) == -1) 951 err(1, "setsockopt(IPV6_VLAN_PCP)"); 952 } 953 954 if (argc > 1) { /* some intermediate addrs are specified */ 955 int hops; 956 int rthdrlen; 957 958 rthdrlen = inet6_rth_space(IPV6_RTHDR_TYPE_0, argc - 1); 959 scmsgp->cmsg_len = CMSG_LEN(rthdrlen); 960 scmsgp->cmsg_level = IPPROTO_IPV6; 961 scmsgp->cmsg_type = IPV6_RTHDR; 962 rthdr = (struct ip6_rthdr *)CMSG_DATA(scmsgp); 963 rthdr = inet6_rth_init((void *)rthdr, rthdrlen, 964 IPV6_RTHDR_TYPE_0, argc - 1); 965 if (rthdr == NULL) 966 errx(1, "can't initialize rthdr"); 967 968 for (hops = 0; hops < argc - 1; hops++) { 969 memset(&hints, 0, sizeof(hints)); 970 hints.ai_family = AF_INET6; 971 972 if ((error = cap_getaddrinfo(capdns, argv[hops], NULL, &hints, 973 &res))) 974 errx(1, "%s", gai_strerror(error)); 975 if (res->ai_addr->sa_family != AF_INET6) 976 errx(1, 977 "bad addr family of an intermediate addr"); 978 sin6 = (struct sockaddr_in6 *)(void *)res->ai_addr; 979 if (inet6_rth_add(rthdr, &sin6->sin6_addr)) 980 errx(1, "can't add an intermediate node"); 981 freeaddrinfo(res); 982 } 983 984 scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); 985 } 986 987 /* From now on we will use only reverse DNS lookups. */ 988 #ifdef WITH_CASPER 989 if (capdns != NULL) { 990 const char *types[1]; 991 992 types[0] = "ADDR2NAME"; 993 if (cap_dns_type_limit(capdns, types, nitems(types)) < 0) 994 err(1, "unable to limit access to system.dns service"); 995 } 996 #endif 997 if (!(options & F_SRCADDR)) { 998 /* 999 * get the source address. XXX since we revoked the root 1000 * privilege, we cannot use a raw socket for this. 1001 */ 1002 int dummy; 1003 socklen_t len = sizeof(src); 1004 1005 if ((dummy = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) 1006 err(1, "UDP socket"); 1007 1008 src.sin6_family = AF_INET6; 1009 src.sin6_addr = dst.sin6_addr; 1010 src.sin6_port = ntohs(DUMMY_PORT); 1011 src.sin6_scope_id = dst.sin6_scope_id; 1012 1013 if (usepktinfo && 1014 setsockopt(dummy, IPPROTO_IPV6, IPV6_PKTINFO, 1015 (void *)&pktinfo, sizeof(pktinfo))) 1016 err(1, "UDP setsockopt(IPV6_PKTINFO)"); 1017 1018 if (hoplimit != -1 && 1019 setsockopt(dummy, IPPROTO_IPV6, IPV6_UNICAST_HOPS, 1020 (void *)&hoplimit, sizeof(hoplimit))) 1021 err(1, "UDP setsockopt(IPV6_UNICAST_HOPS)"); 1022 1023 if (hoplimit != -1 && 1024 setsockopt(dummy, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 1025 (void *)&hoplimit, sizeof(hoplimit))) 1026 err(1, "UDP setsockopt(IPV6_MULTICAST_HOPS)"); 1027 1028 if (rthdr && 1029 setsockopt(dummy, IPPROTO_IPV6, IPV6_RTHDR, 1030 (void *)rthdr, (rthdr->ip6r_len + 1) << 3)) 1031 err(1, "UDP setsockopt(IPV6_RTHDR)"); 1032 1033 if (connect(dummy, (struct sockaddr *)&src, len) < 0) 1034 err(1, "UDP connect"); 1035 1036 if (getsockname(dummy, (struct sockaddr *)&src, &len) < 0) 1037 err(1, "getsockname"); 1038 1039 close(dummy); 1040 } 1041 1042 /* Save pktinfo in the ancillary data. */ 1043 if (usepktinfo) 1044 memcpy(cmsg_pktinfo, &pktinfo, sizeof(pktinfo)); 1045 1046 if (connect(ssend, (struct sockaddr *)&dst, sizeof(dst)) != 0) 1047 err(1, "connect() ssend"); 1048 1049 caph_cache_catpages(); 1050 if (caph_enter_casper() < 0) 1051 err(1, "caph_enter_casper"); 1052 1053 cap_rights_init(&rights_stdin); 1054 if (caph_rights_limit(STDIN_FILENO, &rights_stdin) < 0) 1055 err(1, "caph_rights_limit stdin"); 1056 if (caph_limit_stdout() < 0) 1057 err(1, "caph_limit_stdout"); 1058 if (caph_limit_stderr() < 0) 1059 err(1, "caph_limit_stderr"); 1060 1061 cap_rights_init(&rights_srecv, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); 1062 if (caph_rights_limit(srecv, &rights_srecv) < 0) 1063 err(1, "caph_rights_limit srecv"); 1064 cap_rights_init(&rights_ssend, CAP_SEND, CAP_SETSOCKOPT); 1065 if (caph_rights_limit(ssend, &rights_ssend) < 0) 1066 err(1, "caph_rights_limit ssend"); 1067 1068 #if defined(SO_SNDBUF) && defined(SO_RCVBUF) 1069 if (sockbufsize) { 1070 if (datalen > (size_t)sockbufsize) 1071 warnx("you need -b to increase socket buffer size"); 1072 if (setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, &sockbufsize, 1073 sizeof(sockbufsize)) < 0) 1074 err(1, "setsockopt(SO_SNDBUF)"); 1075 if (setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, &sockbufsize, 1076 sizeof(sockbufsize)) < 0) 1077 err(1, "setsockopt(SO_RCVBUF)"); 1078 } 1079 else { 1080 if (datalen > 8 * 1024) /*XXX*/ 1081 warnx("you need -b to increase socket buffer size"); 1082 /* 1083 * When pinging the broadcast address, you can get a lot of 1084 * answers. Doing something so evil is useful if you are trying 1085 * to stress the ethernet, or just want to fill the arp cache 1086 * to get some stuff for /etc/ethers. 1087 */ 1088 hold = 48 * 1024; 1089 setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, 1090 sizeof(hold)); 1091 } 1092 #endif 1093 1094 optval = 1; 1095 #ifndef USE_SIN6_SCOPE_ID 1096 #ifdef IPV6_RECVPKTINFO 1097 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPKTINFO, &optval, 1098 sizeof(optval)) < 0) 1099 warn("setsockopt(IPV6_RECVPKTINFO)"); /* XXX err? */ 1100 #else /* old adv. API */ 1101 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_PKTINFO, &optval, 1102 sizeof(optval)) < 0) 1103 warn("setsockopt(IPV6_PKTINFO)"); /* XXX err? */ 1104 #endif 1105 #endif /* USE_SIN6_SCOPE_ID */ 1106 #ifdef IPV6_RECVHOPLIMIT 1107 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &optval, 1108 sizeof(optval)) < 0) 1109 warn("setsockopt(IPV6_RECVHOPLIMIT)"); /* XXX err? */ 1110 #else /* old adv. API */ 1111 if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPLIMIT, &optval, 1112 sizeof(optval)) < 0) 1113 warn("setsockopt(IPV6_HOPLIMIT)"); /* XXX err? */ 1114 #endif 1115 1116 cap_rights_clear(&rights_srecv, CAP_SETSOCKOPT); 1117 if (caph_rights_limit(srecv, &rights_srecv) < 0) 1118 err(1, "caph_rights_limit srecv setsockopt"); 1119 cap_rights_clear(&rights_ssend, CAP_SETSOCKOPT); 1120 if (caph_rights_limit(ssend, &rights_ssend) < 0) 1121 err(1, "caph_rights_limit ssend setsockopt"); 1122 1123 printf("PING(%lu=40+8+%lu bytes) ", (unsigned long)(40 + pingerlen()), 1124 (unsigned long)(pingerlen() - 8)); 1125 printf("%s --> ", pr_addr((struct sockaddr *)&src, sizeof(src))); 1126 printf("%s\n", pr_addr((struct sockaddr *)&dst, sizeof(dst))); 1127 1128 if (preload == 0) 1129 pinger(); 1130 else { 1131 if (npackets != 0 && preload > npackets) 1132 preload = npackets; 1133 while (preload--) 1134 pinger(); 1135 } 1136 clock_gettime(CLOCK_MONOTONIC, &last); 1137 1138 sigemptyset(&si_sa.sa_mask); 1139 si_sa.sa_flags = 0; 1140 si_sa.sa_handler = onsignal; 1141 if (sigaction(SIGINT, &si_sa, 0) == -1) 1142 err(EX_OSERR, "sigaction SIGINT"); 1143 seenint = 0; 1144 if (sigaction(SIGINFO, &si_sa, 0) == -1) 1145 err(EX_OSERR, "sigaction SIGINFO"); 1146 seeninfo = 0; 1147 if (alarmtimeout > 0) { 1148 if (sigaction(SIGALRM, &si_sa, 0) == -1) 1149 err(EX_OSERR, "sigaction SIGALRM"); 1150 } 1151 if (options & F_FLOOD) { 1152 intvl.tv_sec = 0; 1153 intvl.tv_nsec = 10000000; 1154 } 1155 1156 almost_done = 0; 1157 while (seenint == 0) { 1158 struct timespec now, timeout; 1159 struct msghdr m; 1160 struct iovec iov[2]; 1161 fd_set rfds; 1162 int n; 1163 1164 /* signal handling */ 1165 if (seeninfo) { 1166 pr_summary(stderr); 1167 seeninfo = 0; 1168 continue; 1169 } 1170 FD_ZERO(&rfds); 1171 FD_SET(srecv, &rfds); 1172 clock_gettime(CLOCK_MONOTONIC, &now); 1173 timespecadd(&last, &intvl, &timeout); 1174 timespecsub(&timeout, &now, &timeout); 1175 if (timeout.tv_sec < 0) 1176 timespecclear(&timeout); 1177 1178 n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL); 1179 if (n < 0) 1180 continue; /* EINTR */ 1181 if (n == 1) { 1182 m.msg_name = (caddr_t)&from; 1183 m.msg_namelen = sizeof(from); 1184 memset(&iov, 0, sizeof(iov)); 1185 iov[0].iov_base = (caddr_t)packet; 1186 iov[0].iov_len = packlen; 1187 m.msg_iov = iov; 1188 m.msg_iovlen = 1; 1189 memset(cm, 0, CONTROLLEN); 1190 m.msg_control = (void *)cm; 1191 m.msg_controllen = CONTROLLEN; 1192 1193 cc = recvmsg(srecv, &m, 0); 1194 if (cc < 0) { 1195 if (errno != EINTR) { 1196 warn("recvmsg"); 1197 sleep(1); 1198 } 1199 continue; 1200 } else if (cc == 0) { 1201 int mtu; 1202 1203 /* 1204 * receive control messages only. Process the 1205 * exceptions (currently the only possibility is 1206 * a path MTU notification.) 1207 */ 1208 if ((mtu = get_pathmtu(&m)) > 0) { 1209 if ((options & F_VERBOSE) != 0) { 1210 printf("new path MTU (%d) is " 1211 "notified\n", mtu); 1212 } 1213 } 1214 continue; 1215 } else { 1216 /* 1217 * an ICMPv6 message (probably an echoreply) 1218 * arrived. 1219 */ 1220 pr_pack(packet, cc, &m); 1221 } 1222 if (((options & F_ONCE) != 0 && nreceived > 0) || 1223 (npackets > 0 && nreceived >= npackets)) 1224 break; 1225 } 1226 if (n == 0 || (options & F_FLOOD)) { 1227 if (npackets == 0 || ntransmitted < npackets) 1228 pinger(); 1229 else { 1230 if (almost_done) 1231 break; 1232 almost_done = 1; 1233 /* 1234 * If we're not transmitting any more packets, 1235 * change the timer to wait two round-trip times 1236 * if we've received any packets or (waittime) 1237 * milliseconds if we haven't. 1238 */ 1239 intvl.tv_nsec = 0; 1240 if (nreceived) { 1241 intvl.tv_sec = 2 * tmax / 1000; 1242 if (intvl.tv_sec == 0) 1243 intvl.tv_sec = 1; 1244 } else { 1245 intvl.tv_sec = waittime / 1000; 1246 intvl.tv_nsec = 1247 waittime % 1000 * 1000000; 1248 } 1249 } 1250 clock_gettime(CLOCK_MONOTONIC, &last); 1251 if (ntransmitted - nreceived - 1 > nmissedmax) { 1252 nmissedmax = ntransmitted - nreceived - 1; 1253 if (options & F_MISSED) 1254 (void)write(STDOUT_FILENO, &BBELL, 1); 1255 } 1256 } 1257 } 1258 sigemptyset(&si_sa.sa_mask); 1259 si_sa.sa_flags = 0; 1260 si_sa.sa_handler = SIG_IGN; 1261 sigaction(SIGINT, &si_sa, 0); 1262 sigaction(SIGALRM, &si_sa, 0); 1263 pr_summary(stdout); 1264 1265 if(packet != NULL) 1266 free(packet); 1267 1268 if (nreceived > 0) 1269 exit(0); 1270 else if (ntransmitted > ntransmitfailures) 1271 exit(2); 1272 else 1273 exit(EX_OSERR); 1274 } 1275 1276 /* 1277 * pinger -- 1278 * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet 1279 * will be added on by the kernel. The ID field is our UNIX process ID, 1280 * and the sequence number is an ascending integer. The first 8 bytes 1281 * of the data portion are used to hold a UNIX "timespec" struct in VAX 1282 * byte-order, to compute the round-trip time. 1283 */ 1284 static size_t 1285 pingerlen(void) 1286 { 1287 size_t l; 1288 1289 if (options & F_FQDN) 1290 l = ICMP6_NIQLEN + sizeof(dst.sin6_addr); 1291 else if (options & F_FQDNOLD) 1292 l = ICMP6_NIQLEN; 1293 else if (options & F_NODEADDR) 1294 l = ICMP6_NIQLEN + sizeof(dst.sin6_addr); 1295 else if (options & F_SUPTYPES) 1296 l = ICMP6_NIQLEN; 1297 else 1298 l = ICMP6ECHOLEN + datalen; 1299 1300 return l; 1301 } 1302 1303 static int 1304 pinger(void) 1305 { 1306 struct icmp6_hdr *icp; 1307 struct iovec iov[2]; 1308 int i, cc; 1309 struct icmp6_nodeinfo *nip; 1310 uint16_t seq; 1311 1312 if (npackets && ntransmitted >= npackets) 1313 return(-1); /* no more transmission */ 1314 1315 icp = (struct icmp6_hdr *)outpack; 1316 nip = (struct icmp6_nodeinfo *)outpack; 1317 memset(icp, 0, sizeof(*icp)); 1318 icp->icmp6_cksum = 0; 1319 seq = ntransmitted++; 1320 CLR(seq % mx_dup_ck); 1321 1322 if (options & F_FQDN) { 1323 uint16_t s; 1324 1325 icp->icmp6_type = ICMP6_NI_QUERY; 1326 icp->icmp6_code = ICMP6_NI_SUBJ_IPV6; 1327 nip->ni_qtype = htons(NI_QTYPE_FQDN); 1328 nip->ni_flags = htons(0); 1329 1330 memcpy(nip->icmp6_ni_nonce, nonce, 1331 sizeof(nip->icmp6_ni_nonce)); 1332 s = htons(seq); 1333 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); 1334 1335 memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr, 1336 sizeof(dst.sin6_addr)); 1337 cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr); 1338 datalen = 0; 1339 } else if (options & F_FQDNOLD) { 1340 uint16_t s; 1341 /* packet format in 03 draft - no Subject data on queries */ 1342 icp->icmp6_type = ICMP6_NI_QUERY; 1343 icp->icmp6_code = 0; /* code field is always 0 */ 1344 nip->ni_qtype = htons(NI_QTYPE_FQDN); 1345 nip->ni_flags = htons(0); 1346 1347 memcpy(nip->icmp6_ni_nonce, nonce, 1348 sizeof(nip->icmp6_ni_nonce)); 1349 s = htons(seq); 1350 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); 1351 1352 cc = ICMP6_NIQLEN; 1353 datalen = 0; 1354 } else if (options & F_NODEADDR) { 1355 uint16_t s; 1356 1357 icp->icmp6_type = ICMP6_NI_QUERY; 1358 icp->icmp6_code = ICMP6_NI_SUBJ_IPV6; 1359 nip->ni_qtype = htons(NI_QTYPE_NODEADDR); 1360 nip->ni_flags = naflags; 1361 1362 memcpy(nip->icmp6_ni_nonce, nonce, 1363 sizeof(nip->icmp6_ni_nonce)); 1364 s = htons(seq); 1365 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); 1366 1367 memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr, 1368 sizeof(dst.sin6_addr)); 1369 cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr); 1370 datalen = 0; 1371 } else if (options & F_SUPTYPES) { 1372 uint16_t s; 1373 1374 icp->icmp6_type = ICMP6_NI_QUERY; 1375 icp->icmp6_code = ICMP6_NI_SUBJ_FQDN; /*empty*/ 1376 nip->ni_qtype = htons(NI_QTYPE_SUPTYPES); 1377 /* we support compressed bitmap */ 1378 nip->ni_flags = NI_SUPTYPE_FLAG_COMPRESS; 1379 1380 memcpy(nip->icmp6_ni_nonce, nonce, 1381 sizeof(nip->icmp6_ni_nonce)); 1382 s = htons(seq); 1383 memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); 1384 1385 cc = ICMP6_NIQLEN; 1386 datalen = 0; 1387 } else { 1388 icp->icmp6_type = ICMP6_ECHO_REQUEST; 1389 icp->icmp6_code = 0; 1390 icp->icmp6_id = htons(ident); 1391 icp->icmp6_seq = htons(seq); 1392 if (timing) { 1393 struct timespec tv; 1394 struct tv32 tv32; 1395 (void)clock_gettime(CLOCK_MONOTONIC, &tv); 1396 /* 1397 * Truncate seconds down to 32 bits in order 1398 * to fit the timestamp within 8 bytes of the 1399 * packet. We're only concerned with 1400 * durations, not absolute times. 1401 */ 1402 tv32.tv32_sec = (uint32_t)htonl(tv.tv_sec); 1403 tv32.tv32_nsec = (uint32_t)htonl(tv.tv_nsec); 1404 memcpy(&outpack[ICMP6ECHOLEN], &tv32, sizeof(tv32)); 1405 } 1406 cc = ICMP6ECHOLEN + datalen; 1407 } 1408 1409 #ifdef DIAGNOSTIC 1410 if (pingerlen() != cc) 1411 errx(1, "internal error; length mismatch"); 1412 #endif 1413 1414 memset(&iov, 0, sizeof(iov)); 1415 iov[0].iov_base = (caddr_t)outpack; 1416 iov[0].iov_len = cc; 1417 smsghdr.msg_iov = iov; 1418 smsghdr.msg_iovlen = 1; 1419 1420 i = sendmsg(ssend, &smsghdr, 0); 1421 1422 if (i < 0 || i != cc) { 1423 if (i < 0) { 1424 ntransmitfailures++; 1425 warn("sendmsg"); 1426 } 1427 (void)printf("ping: wrote %s %d chars, ret=%d\n", 1428 hostname, cc, i); 1429 } 1430 if (!(options & F_QUIET) && options & F_DOT) 1431 (void)write(STDOUT_FILENO, &DOT[DOTidx++ % DOTlen], 1); 1432 1433 return(0); 1434 } 1435 1436 static int 1437 myechoreply(const struct icmp6_hdr *icp) 1438 { 1439 if (ntohs(icp->icmp6_id) == ident) 1440 return 1; 1441 else 1442 return 0; 1443 } 1444 1445 static int 1446 mynireply(const struct icmp6_nodeinfo *nip) 1447 { 1448 if (memcmp(nip->icmp6_ni_nonce + sizeof(u_int16_t), 1449 nonce + sizeof(u_int16_t), 1450 sizeof(nonce) - sizeof(u_int16_t)) == 0) 1451 return 1; 1452 else 1453 return 0; 1454 } 1455 1456 /* 1457 * Decode a name from a DNS message. 1458 * 1459 * Format of the message is described in RFC 1035 subsection 4.1.4. 1460 * 1461 * Arguments: 1462 * sp - Pointer to a DNS pointer octet or to the first octet of a label 1463 * in the message. 1464 * ep - Pointer to the end of the message (one step past the last octet). 1465 * base - Pointer to the beginning of the message. 1466 * buf - Buffer into which the decoded name will be saved. 1467 * bufsiz - Size of the buffer 'buf'. 1468 * 1469 * Return value: 1470 * Pointer to an octet immediately following the ending zero octet 1471 * of the decoded label, or NULL if an error occurred. 1472 */ 1473 static const char * 1474 dnsdecode(const u_char *sp, const u_char *ep, const u_char *base, char *buf, 1475 size_t bufsiz) 1476 { 1477 int i; 1478 const u_char *cp; 1479 char cresult[MAXDNAME + 1]; 1480 const u_char *comp; 1481 int l; 1482 1483 cp = sp; 1484 *buf = '\0'; 1485 1486 if (cp >= ep) 1487 return NULL; 1488 while (cp < ep) { 1489 i = *cp; 1490 if (i == 0 || cp != sp) { 1491 if (strlcat((char *)buf, ".", bufsiz) >= bufsiz) 1492 return NULL; /*result overrun*/ 1493 } 1494 if (i == 0) 1495 break; 1496 cp++; 1497 1498 if ((i & 0xc0) == 0xc0 && cp - base > (i & 0x3f)) { 1499 /* DNS compression */ 1500 if (!base) 1501 return NULL; 1502 1503 comp = base + (i & 0x3f); 1504 if (dnsdecode(comp, cp, base, cresult, 1505 sizeof(cresult)) == NULL) 1506 return NULL; 1507 if (strlcat(buf, cresult, bufsiz) >= bufsiz) 1508 return NULL; /*result overrun*/ 1509 break; 1510 } else if ((i & 0x3f) == i) { 1511 if (i > ep - cp) 1512 return NULL; /*source overrun*/ 1513 while (i-- > 0 && cp < ep) { 1514 l = snprintf(cresult, sizeof(cresult), 1515 isprint(*cp) ? "%c" : "\\%03o", *cp & 0xff); 1516 if ((size_t)l >= sizeof(cresult) || l < 0) 1517 return NULL; 1518 if (strlcat(buf, cresult, bufsiz) >= bufsiz) 1519 return NULL; /*result overrun*/ 1520 cp++; 1521 } 1522 } else 1523 return NULL; /*invalid label*/ 1524 } 1525 if (i != 0) 1526 return NULL; /*not terminated*/ 1527 cp++; 1528 return cp; 1529 } 1530 1531 /* 1532 * pr_pack -- 1533 * Print out the packet, if it came from us. This logic is necessary 1534 * because ALL readers of the ICMP socket get a copy of ALL ICMP packets 1535 * which arrive ('tis only fair). This permits multiple copies of this 1536 * program to be run without having intermingled output (or statistics!). 1537 */ 1538 static void 1539 pr_pack(u_char *buf, int cc, struct msghdr *mhdr) 1540 { 1541 #define safeputc(c) printf((isprint((c)) ? "%c" : "\\%03o"), c) 1542 struct icmp6_hdr *icp; 1543 struct icmp6_nodeinfo *ni; 1544 int i; 1545 int hoplim; 1546 struct sockaddr *from; 1547 int fromlen; 1548 const u_char *cp = NULL; 1549 u_char *dp, *end = buf + cc; 1550 struct in6_pktinfo *pktinfo = NULL; 1551 struct timespec tv, tp; 1552 struct tv32 tpp; 1553 double triptime = 0; 1554 int dupflag; 1555 size_t off; 1556 int oldfqdn; 1557 u_int16_t seq; 1558 char dnsname[MAXDNAME + 1]; 1559 1560 (void)clock_gettime(CLOCK_MONOTONIC, &tv); 1561 1562 if (!mhdr || !mhdr->msg_name || 1563 mhdr->msg_namelen != sizeof(struct sockaddr_in6) || 1564 ((struct sockaddr *)mhdr->msg_name)->sa_family != AF_INET6) { 1565 if (options & F_VERBOSE) 1566 warnx("invalid peername"); 1567 return; 1568 } 1569 from = (struct sockaddr *)mhdr->msg_name; 1570 fromlen = mhdr->msg_namelen; 1571 if (cc < (int)sizeof(struct icmp6_hdr)) { 1572 if (options & F_VERBOSE) 1573 warnx("packet too short (%d bytes) from %s", cc, 1574 pr_addr(from, fromlen)); 1575 return; 1576 } 1577 if (((mhdr->msg_flags & MSG_CTRUNC) != 0) && 1578 (options & F_VERBOSE) != 0) 1579 warnx("some control data discarded, insufficient buffer size"); 1580 icp = (struct icmp6_hdr *)buf; 1581 ni = (struct icmp6_nodeinfo *)buf; 1582 off = 0; 1583 1584 if ((hoplim = get_hoplim(mhdr)) == -1) { 1585 warnx("failed to get receiving hop limit"); 1586 return; 1587 } 1588 if ((pktinfo = get_rcvpktinfo(mhdr)) == NULL) { 1589 warnx("failed to get receiving packet information"); 1590 return; 1591 } 1592 1593 if (icp->icmp6_type == ICMP6_ECHO_REPLY && myechoreply(icp)) { 1594 seq = ntohs(icp->icmp6_seq); 1595 ++nreceived; 1596 if (timing) { 1597 memcpy(&tpp, icp + 1, sizeof(tpp)); 1598 tp.tv_sec = ntohl(tpp.tv32_sec); 1599 tp.tv_nsec = ntohl(tpp.tv32_nsec); 1600 timespecsub(&tv, &tp, &tv); 1601 triptime = ((double)tv.tv_sec) * 1000.0 + 1602 ((double)tv.tv_nsec) / 1000000.0; 1603 tsum += triptime; 1604 tsumsq += triptime * triptime; 1605 if (triptime < tmin) 1606 tmin = triptime; 1607 if (triptime > tmax) 1608 tmax = triptime; 1609 } 1610 1611 if (TST(seq % mx_dup_ck)) { 1612 ++nrepeats; 1613 --nreceived; 1614 dupflag = 1; 1615 } else { 1616 SET(seq % mx_dup_ck); 1617 dupflag = 0; 1618 } 1619 1620 if (options & F_QUIET) 1621 return; 1622 1623 if (options & F_WAITTIME && triptime > waittime) { 1624 ++nrcvtimeout; 1625 return; 1626 } 1627 1628 if (options & F_DOT) 1629 (void)write(STDOUT_FILENO, &BSPACE, 1); 1630 else { 1631 if (options & F_AUDIBLE) 1632 (void)write(STDOUT_FILENO, &BBELL, 1); 1633 (void)printf("%d bytes from %s, icmp_seq=%u", cc, 1634 pr_addr(from, fromlen), seq); 1635 (void)printf(" hlim=%d", hoplim); 1636 if ((options & F_VERBOSE) != 0) { 1637 struct sockaddr_in6 dstsa; 1638 1639 memset(&dstsa, 0, sizeof(dstsa)); 1640 dstsa.sin6_family = AF_INET6; 1641 dstsa.sin6_len = sizeof(dstsa); 1642 dstsa.sin6_scope_id = pktinfo->ipi6_ifindex; 1643 dstsa.sin6_addr = pktinfo->ipi6_addr; 1644 (void)printf(" dst=%s", 1645 pr_addr((struct sockaddr *)&dstsa, 1646 sizeof(dstsa))); 1647 } 1648 if (timing) 1649 (void)printf(" time=%.3f ms", triptime); 1650 if (dupflag) 1651 (void)printf("(DUP!)"); 1652 /* check the data */ 1653 cp = buf + off + ICMP6ECHOLEN + ICMP6ECHOTMLEN; 1654 dp = outpack + ICMP6ECHOLEN + ICMP6ECHOTMLEN; 1655 for (i = 8; cp < end; ++i, ++cp, ++dp) { 1656 if (*cp != *dp) { 1657 (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", i, *dp, *cp); 1658 break; 1659 } 1660 } 1661 } 1662 } else if (icp->icmp6_type == ICMP6_NI_REPLY && mynireply(ni)) { 1663 memcpy(&seq, ni->icmp6_ni_nonce, sizeof(seq)); 1664 seq = ntohs(seq); 1665 ++nreceived; 1666 if (TST(seq % mx_dup_ck)) { 1667 ++nrepeats; 1668 --nreceived; 1669 dupflag = 1; 1670 } else { 1671 SET(seq % mx_dup_ck); 1672 dupflag = 0; 1673 } 1674 1675 if (options & F_QUIET) 1676 return; 1677 1678 (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen)); 1679 1680 switch (ntohs(ni->ni_code)) { 1681 case ICMP6_NI_SUCCESS: 1682 break; 1683 case ICMP6_NI_REFUSED: 1684 printf("refused, type 0x%x", ntohs(ni->ni_type)); 1685 goto fqdnend; 1686 case ICMP6_NI_UNKNOWN: 1687 printf("unknown, type 0x%x", ntohs(ni->ni_type)); 1688 goto fqdnend; 1689 default: 1690 printf("unknown code 0x%x, type 0x%x", 1691 ntohs(ni->ni_code), ntohs(ni->ni_type)); 1692 goto fqdnend; 1693 } 1694 1695 switch (ntohs(ni->ni_qtype)) { 1696 case NI_QTYPE_NOOP: 1697 printf("NodeInfo NOOP"); 1698 break; 1699 case NI_QTYPE_SUPTYPES: 1700 pr_suptypes(ni, end - (u_char *)ni); 1701 break; 1702 case NI_QTYPE_NODEADDR: 1703 pr_nodeaddr(ni, end - (u_char *)ni); 1704 break; 1705 case NI_QTYPE_FQDN: 1706 default: /* XXX: for backward compatibility */ 1707 cp = (u_char *)ni + ICMP6_NIRLEN; 1708 if (buf[off + ICMP6_NIRLEN] == 1709 cc - off - ICMP6_NIRLEN - 1) 1710 oldfqdn = 1; 1711 else 1712 oldfqdn = 0; 1713 if (oldfqdn) { 1714 cp++; /* skip length */ 1715 while (cp < end) { 1716 safeputc(*cp & 0xff); 1717 cp++; 1718 } 1719 } else { 1720 i = 0; 1721 while (cp < end) { 1722 cp = dnsdecode((const u_char *)cp, end, 1723 (const u_char *)(ni + 1), dnsname, 1724 sizeof(dnsname)); 1725 if (cp == NULL) { 1726 printf("???"); 1727 break; 1728 } 1729 /* 1730 * name-lookup special handling for 1731 * truncated name 1732 */ 1733 if (cp + 1 <= end && !*cp && 1734 strlen(dnsname) > 0) { 1735 dnsname[strlen(dnsname) - 1] = '\0'; 1736 cp++; 1737 } 1738 printf("%s%s", i > 0 ? "," : "", 1739 dnsname); 1740 } 1741 } 1742 if (options & F_VERBOSE) { 1743 u_long t; 1744 int32_t ttl; 1745 int comma = 0; 1746 1747 (void)printf(" ("); /*)*/ 1748 1749 switch (ni->ni_code) { 1750 case ICMP6_NI_REFUSED: 1751 (void)printf("refused"); 1752 comma++; 1753 break; 1754 case ICMP6_NI_UNKNOWN: 1755 (void)printf("unknown qtype"); 1756 comma++; 1757 break; 1758 } 1759 1760 if ((end - (u_char *)ni) < ICMP6_NIRLEN) { 1761 /* case of refusion, unknown */ 1762 /*(*/ 1763 putchar(')'); 1764 goto fqdnend; 1765 } 1766 memcpy(&t, &buf[off+ICMP6ECHOLEN+8], sizeof(t)); 1767 ttl = (int32_t)ntohl(t); 1768 if (comma) 1769 printf(","); 1770 if (!(ni->ni_flags & NI_FQDN_FLAG_VALIDTTL)) { 1771 (void)printf("TTL=%d:meaningless", 1772 (int)ttl); 1773 } else { 1774 if (ttl < 0) { 1775 (void)printf("TTL=%d:invalid", 1776 ttl); 1777 } else 1778 (void)printf("TTL=%d", ttl); 1779 } 1780 comma++; 1781 1782 if (oldfqdn) { 1783 if (comma) 1784 printf(","); 1785 printf("03 draft"); 1786 comma++; 1787 } else { 1788 cp = (u_char *)ni + ICMP6_NIRLEN; 1789 if (cp == end) { 1790 if (comma) 1791 printf(","); 1792 printf("no name"); 1793 comma++; 1794 } 1795 } 1796 1797 if (buf[off + ICMP6_NIRLEN] != 1798 cc - off - ICMP6_NIRLEN - 1 && oldfqdn) { 1799 if (comma) 1800 printf(","); 1801 (void)printf("invalid namelen:%d/%lu", 1802 buf[off + ICMP6_NIRLEN], 1803 (u_long)cc - off - ICMP6_NIRLEN - 1); 1804 comma++; 1805 } 1806 /*(*/ 1807 putchar(')'); 1808 } 1809 fqdnend: 1810 ; 1811 } 1812 } else { 1813 /* We've got something other than an ECHOREPLY */ 1814 if (!(options & F_VERBOSE)) 1815 return; 1816 (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen)); 1817 pr_icmph(icp, end); 1818 } 1819 1820 if (!(options & F_DOT)) { 1821 (void)putchar('\n'); 1822 if (options & F_VERBOSE) 1823 pr_exthdrs(mhdr); 1824 (void)fflush(stdout); 1825 } 1826 #undef safeputc 1827 } 1828 1829 static void 1830 pr_exthdrs(struct msghdr *mhdr) 1831 { 1832 ssize_t bufsize; 1833 void *bufp; 1834 struct cmsghdr *cm; 1835 1836 bufsize = 0; 1837 bufp = mhdr->msg_control; 1838 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; 1839 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { 1840 if (cm->cmsg_level != IPPROTO_IPV6) 1841 continue; 1842 1843 bufsize = CONTROLLEN - ((caddr_t)CMSG_DATA(cm) - (caddr_t)bufp); 1844 if (bufsize <= 0) 1845 continue; 1846 switch (cm->cmsg_type) { 1847 case IPV6_HOPOPTS: 1848 printf(" HbH Options: "); 1849 pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize); 1850 break; 1851 case IPV6_DSTOPTS: 1852 #ifdef IPV6_RTHDRDSTOPTS 1853 case IPV6_RTHDRDSTOPTS: 1854 #endif 1855 printf(" Dst Options: "); 1856 pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize); 1857 break; 1858 case IPV6_RTHDR: 1859 printf(" Routing: "); 1860 pr_rthdr(CMSG_DATA(cm), (size_t)bufsize); 1861 break; 1862 } 1863 } 1864 } 1865 1866 static void 1867 pr_ip6opt(void *extbuf, size_t bufsize) 1868 { 1869 struct ip6_hbh *ext; 1870 int currentlen; 1871 u_int8_t type; 1872 socklen_t extlen, len; 1873 void *databuf; 1874 size_t offset; 1875 u_int16_t value2; 1876 u_int32_t value4; 1877 1878 ext = (struct ip6_hbh *)extbuf; 1879 extlen = (ext->ip6h_len + 1) * 8; 1880 printf("nxt %u, len %u (%lu bytes)\n", ext->ip6h_nxt, 1881 (unsigned int)ext->ip6h_len, (unsigned long)extlen); 1882 1883 /* 1884 * Bounds checking on the ancillary data buffer: 1885 * subtract the size of a cmsg structure from the buffer size. 1886 */ 1887 if (bufsize < (extlen + CMSG_SPACE(0))) { 1888 extlen = bufsize - CMSG_SPACE(0); 1889 warnx("options truncated, showing only %u (total=%u)", 1890 (unsigned int)(extlen / 8 - 1), 1891 (unsigned int)(ext->ip6h_len)); 1892 } 1893 1894 currentlen = 0; 1895 while (1) { 1896 currentlen = inet6_opt_next(extbuf, extlen, currentlen, 1897 &type, &len, &databuf); 1898 if (currentlen == -1) 1899 break; 1900 switch (type) { 1901 /* 1902 * Note that inet6_opt_next automatically skips any padding 1903 * optins. 1904 */ 1905 case IP6OPT_JUMBO: 1906 offset = 0; 1907 offset = inet6_opt_get_val(databuf, offset, 1908 &value4, sizeof(value4)); 1909 printf(" Jumbo Payload Opt: Length %u\n", 1910 (u_int32_t)ntohl(value4)); 1911 break; 1912 case IP6OPT_ROUTER_ALERT: 1913 offset = 0; 1914 offset = inet6_opt_get_val(databuf, offset, 1915 &value2, sizeof(value2)); 1916 printf(" Router Alert Opt: Type %u\n", 1917 ntohs(value2)); 1918 break; 1919 default: 1920 printf(" Received Opt %u len %lu\n", 1921 type, (unsigned long)len); 1922 break; 1923 } 1924 } 1925 return; 1926 } 1927 1928 static void 1929 pr_rthdr(void *extbuf, size_t bufsize) 1930 { 1931 struct in6_addr *in6; 1932 char ntopbuf[INET6_ADDRSTRLEN]; 1933 struct ip6_rthdr *rh = (struct ip6_rthdr *)extbuf; 1934 int i, segments, origsegs, rthsize, size0, size1; 1935 1936 /* print fixed part of the header */ 1937 printf("nxt %u, len %u (%d bytes), type %u, ", rh->ip6r_nxt, 1938 rh->ip6r_len, (rh->ip6r_len + 1) << 3, rh->ip6r_type); 1939 if ((segments = inet6_rth_segments(extbuf)) >= 0) { 1940 printf("%d segments, ", segments); 1941 printf("%d left\n", rh->ip6r_segleft); 1942 } else { 1943 printf("segments unknown, "); 1944 printf("%d left\n", rh->ip6r_segleft); 1945 return; 1946 } 1947 1948 /* 1949 * Bounds checking on the ancillary data buffer. When calculating 1950 * the number of items to show keep in mind: 1951 * - The size of the cmsg structure 1952 * - The size of one segment (the size of a Type 0 routing header) 1953 * - When dividing add a fudge factor of one in case the 1954 * dividend is not evenly divisible by the divisor 1955 */ 1956 rthsize = (rh->ip6r_len + 1) * 8; 1957 if (bufsize < (rthsize + CMSG_SPACE(0))) { 1958 origsegs = segments; 1959 size0 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 0); 1960 size1 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 1); 1961 segments -= (rthsize - (bufsize - CMSG_SPACE(0))) / 1962 (size1 - size0) + 1; 1963 warnx("segments truncated, showing only %d (total=%d)", 1964 segments, origsegs); 1965 } 1966 1967 for (i = 0; i < segments; i++) { 1968 in6 = inet6_rth_getaddr(extbuf, i); 1969 if (in6 == NULL) 1970 printf(" [%d]<NULL>\n", i); 1971 else { 1972 if (!inet_ntop(AF_INET6, in6, ntopbuf, 1973 sizeof(ntopbuf))) 1974 strlcpy(ntopbuf, "?", sizeof(ntopbuf)); 1975 printf(" [%d]%s\n", i, ntopbuf); 1976 } 1977 } 1978 1979 return; 1980 1981 } 1982 1983 static int 1984 pr_bitrange(u_int32_t v, int soff, int ii) 1985 { 1986 int off; 1987 int i; 1988 1989 off = 0; 1990 while (off < 32) { 1991 /* shift till we have 0x01 */ 1992 if ((v & 0x01) == 0) { 1993 if (ii > 1) 1994 printf("-%u", soff + off - 1); 1995 ii = 0; 1996 switch (v & 0x0f) { 1997 case 0x00: 1998 v >>= 4; 1999 off += 4; 2000 continue; 2001 case 0x08: 2002 v >>= 3; 2003 off += 3; 2004 continue; 2005 case 0x04: case 0x0c: 2006 v >>= 2; 2007 off += 2; 2008 continue; 2009 default: 2010 v >>= 1; 2011 off += 1; 2012 continue; 2013 } 2014 } 2015 2016 /* we have 0x01 with us */ 2017 for (i = 0; i < 32 - off; i++) { 2018 if ((v & (0x01 << i)) == 0) 2019 break; 2020 } 2021 if (!ii) 2022 printf(" %u", soff + off); 2023 ii += i; 2024 v >>= i; off += i; 2025 } 2026 return ii; 2027 } 2028 2029 static void 2030 pr_suptypes(struct icmp6_nodeinfo *ni, size_t nilen) 2031 /* ni->qtype must be SUPTYPES */ 2032 { 2033 size_t clen; 2034 u_int32_t v; 2035 const u_char *cp, *end; 2036 u_int16_t cur; 2037 struct cbit { 2038 u_int16_t words; /*32bit count*/ 2039 u_int16_t skip; 2040 } cbit; 2041 #define MAXQTYPES (1 << 16) 2042 size_t off; 2043 int b; 2044 2045 cp = (u_char *)(ni + 1); 2046 end = ((u_char *)ni) + nilen; 2047 cur = 0; 2048 b = 0; 2049 2050 printf("NodeInfo Supported Qtypes"); 2051 if (options & F_VERBOSE) { 2052 if (ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) 2053 printf(", compressed bitmap"); 2054 else 2055 printf(", raw bitmap"); 2056 } 2057 2058 while (cp < end) { 2059 clen = (size_t)(end - cp); 2060 if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) == 0) { 2061 if (clen == 0 || clen > MAXQTYPES / 8 || 2062 clen % sizeof(v)) { 2063 printf("???"); 2064 return; 2065 } 2066 } else { 2067 if (clen < sizeof(cbit) || clen % sizeof(v)) 2068 return; 2069 memcpy(&cbit, cp, sizeof(cbit)); 2070 if (sizeof(cbit) + ntohs(cbit.words) * sizeof(v) > 2071 clen) 2072 return; 2073 cp += sizeof(cbit); 2074 clen = ntohs(cbit.words) * sizeof(v); 2075 if (cur + clen * 8 + (u_long)ntohs(cbit.skip) * 32 > 2076 MAXQTYPES) 2077 return; 2078 } 2079 2080 for (off = 0; off < clen; off += sizeof(v)) { 2081 memcpy(&v, cp + off, sizeof(v)); 2082 v = (u_int32_t)ntohl(v); 2083 b = pr_bitrange(v, (int)(cur + off * 8), b); 2084 } 2085 /* flush the remaining bits */ 2086 b = pr_bitrange(0, (int)(cur + off * 8), b); 2087 2088 cp += clen; 2089 cur += clen * 8; 2090 if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) != 0) 2091 cur += ntohs(cbit.skip) * 32; 2092 } 2093 } 2094 2095 static void 2096 pr_nodeaddr(struct icmp6_nodeinfo *ni, int nilen) 2097 /* ni->qtype must be NODEADDR */ 2098 { 2099 u_char *cp = (u_char *)(ni + 1); 2100 char ntop_buf[INET6_ADDRSTRLEN]; 2101 int withttl = 0; 2102 2103 nilen -= sizeof(struct icmp6_nodeinfo); 2104 2105 if (options & F_VERBOSE) { 2106 switch (ni->ni_code) { 2107 case ICMP6_NI_REFUSED: 2108 (void)printf("refused"); 2109 break; 2110 case ICMP6_NI_UNKNOWN: 2111 (void)printf("unknown qtype"); 2112 break; 2113 } 2114 if (ni->ni_flags & NI_NODEADDR_FLAG_TRUNCATE) 2115 (void)printf(" truncated"); 2116 } 2117 putchar('\n'); 2118 if (nilen <= 0) 2119 printf(" no address\n"); 2120 2121 /* 2122 * In icmp-name-lookups 05 and later, TTL of each returned address 2123 * is contained in the resposne. We try to detect the version 2124 * by the length of the data, but note that the detection algorithm 2125 * is incomplete. We assume the latest draft by default. 2126 */ 2127 if (nilen % (sizeof(u_int32_t) + sizeof(struct in6_addr)) == 0) 2128 withttl = 1; 2129 while (nilen > 0) { 2130 u_int32_t ttl = 0; 2131 2132 if (withttl) { 2133 uint32_t t; 2134 2135 memcpy(&t, cp, sizeof(t)); 2136 ttl = (u_int32_t)ntohl(t); 2137 cp += sizeof(u_int32_t); 2138 nilen -= sizeof(u_int32_t); 2139 } 2140 2141 if (inet_ntop(AF_INET6, cp, ntop_buf, sizeof(ntop_buf)) == 2142 NULL) 2143 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2144 printf(" %s", ntop_buf); 2145 if (withttl) { 2146 if (ttl == 0xffffffff) { 2147 /* 2148 * XXX: can this convention be applied to all 2149 * type of TTL (i.e. non-ND TTL)? 2150 */ 2151 printf("(TTL=infty)"); 2152 } 2153 else 2154 printf("(TTL=%u)", ttl); 2155 } 2156 putchar('\n'); 2157 2158 nilen -= sizeof(struct in6_addr); 2159 cp += sizeof(struct in6_addr); 2160 } 2161 } 2162 2163 static int 2164 get_hoplim(struct msghdr *mhdr) 2165 { 2166 struct cmsghdr *cm; 2167 2168 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; 2169 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { 2170 if (cm->cmsg_len == 0) 2171 return(-1); 2172 2173 if (cm->cmsg_level == IPPROTO_IPV6 && 2174 cm->cmsg_type == IPV6_HOPLIMIT && 2175 cm->cmsg_len == CMSG_LEN(sizeof(int))) { 2176 int r; 2177 2178 memcpy(&r, CMSG_DATA(cm), sizeof(r)); 2179 return(r); 2180 } 2181 } 2182 2183 return(-1); 2184 } 2185 2186 static struct in6_pktinfo * 2187 get_rcvpktinfo(struct msghdr *mhdr) 2188 { 2189 static struct in6_pktinfo pi; 2190 struct cmsghdr *cm; 2191 2192 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; 2193 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { 2194 if (cm->cmsg_len == 0) 2195 return(NULL); 2196 2197 if (cm->cmsg_level == IPPROTO_IPV6 && 2198 cm->cmsg_type == IPV6_PKTINFO && 2199 cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) { 2200 memcpy(&pi, CMSG_DATA(cm), sizeof(pi)); 2201 return(&pi); 2202 } 2203 } 2204 2205 return(NULL); 2206 } 2207 2208 static int 2209 get_pathmtu(struct msghdr *mhdr) 2210 { 2211 #ifdef IPV6_RECVPATHMTU 2212 struct cmsghdr *cm; 2213 struct ip6_mtuinfo mtuctl; 2214 2215 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; 2216 cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { 2217 if (cm->cmsg_len == 0) 2218 return(0); 2219 2220 if (cm->cmsg_level == IPPROTO_IPV6 && 2221 cm->cmsg_type == IPV6_PATHMTU && 2222 cm->cmsg_len == CMSG_LEN(sizeof(struct ip6_mtuinfo))) { 2223 memcpy(&mtuctl, CMSG_DATA(cm), sizeof(mtuctl)); 2224 2225 /* 2226 * If the notified destination is different from 2227 * the one we are pinging, just ignore the info. 2228 * We check the scope ID only when both notified value 2229 * and our own value have non-0 values, because we may 2230 * have used the default scope zone ID for sending, 2231 * in which case the scope ID value is 0. 2232 */ 2233 if (!IN6_ARE_ADDR_EQUAL(&mtuctl.ip6m_addr.sin6_addr, 2234 &dst.sin6_addr) || 2235 (mtuctl.ip6m_addr.sin6_scope_id && 2236 dst.sin6_scope_id && 2237 mtuctl.ip6m_addr.sin6_scope_id != 2238 dst.sin6_scope_id)) { 2239 if ((options & F_VERBOSE) != 0) { 2240 printf("path MTU for %s is notified. " 2241 "(ignored)\n", 2242 pr_addr((struct sockaddr *)&mtuctl.ip6m_addr, 2243 sizeof(mtuctl.ip6m_addr))); 2244 } 2245 return(0); 2246 } 2247 2248 /* 2249 * Ignore an invalid MTU. XXX: can we just believe 2250 * the kernel check? 2251 */ 2252 if (mtuctl.ip6m_mtu < IPV6_MMTU) 2253 return(0); 2254 2255 /* notification for our destination. return the MTU. */ 2256 return((int)mtuctl.ip6m_mtu); 2257 } 2258 } 2259 #endif 2260 return(0); 2261 } 2262 2263 /*subject type*/ 2264 static const char *niqcode[] = { 2265 "IPv6 address", 2266 "DNS label", /*or empty*/ 2267 "IPv4 address", 2268 }; 2269 2270 /*result code*/ 2271 static const char *nircode[] = { 2272 "Success", "Refused", "Unknown", 2273 }; 2274 2275 2276 /* 2277 * pr_icmph -- 2278 * Print a descriptive string about an ICMP header. 2279 */ 2280 static void 2281 pr_icmph(struct icmp6_hdr *icp, u_char *end) 2282 { 2283 char ntop_buf[INET6_ADDRSTRLEN]; 2284 struct nd_redirect *red; 2285 struct icmp6_nodeinfo *ni; 2286 char dnsname[MAXDNAME + 1]; 2287 const u_char *cp; 2288 size_t l; 2289 2290 switch (icp->icmp6_type) { 2291 case ICMP6_DST_UNREACH: 2292 switch (icp->icmp6_code) { 2293 case ICMP6_DST_UNREACH_NOROUTE: 2294 (void)printf("No Route to Destination\n"); 2295 break; 2296 case ICMP6_DST_UNREACH_ADMIN: 2297 (void)printf("Destination Administratively " 2298 "Unreachable\n"); 2299 break; 2300 case ICMP6_DST_UNREACH_BEYONDSCOPE: 2301 (void)printf("Destination Unreachable Beyond Scope\n"); 2302 break; 2303 case ICMP6_DST_UNREACH_ADDR: 2304 (void)printf("Destination Host Unreachable\n"); 2305 break; 2306 case ICMP6_DST_UNREACH_NOPORT: 2307 (void)printf("Destination Port Unreachable\n"); 2308 break; 2309 default: 2310 (void)printf("Destination Unreachable, Bad Code: %d\n", 2311 icp->icmp6_code); 2312 break; 2313 } 2314 /* Print returned IP header information */ 2315 pr_retip((struct ip6_hdr *)(icp + 1), end); 2316 break; 2317 case ICMP6_PACKET_TOO_BIG: 2318 (void)printf("Packet too big mtu = %d\n", 2319 (int)ntohl(icp->icmp6_mtu)); 2320 pr_retip((struct ip6_hdr *)(icp + 1), end); 2321 break; 2322 case ICMP6_TIME_EXCEEDED: 2323 switch (icp->icmp6_code) { 2324 case ICMP6_TIME_EXCEED_TRANSIT: 2325 (void)printf("Time to live exceeded\n"); 2326 break; 2327 case ICMP6_TIME_EXCEED_REASSEMBLY: 2328 (void)printf("Frag reassembly time exceeded\n"); 2329 break; 2330 default: 2331 (void)printf("Time exceeded, Bad Code: %d\n", 2332 icp->icmp6_code); 2333 break; 2334 } 2335 pr_retip((struct ip6_hdr *)(icp + 1), end); 2336 break; 2337 case ICMP6_PARAM_PROB: 2338 (void)printf("Parameter problem: "); 2339 switch (icp->icmp6_code) { 2340 case ICMP6_PARAMPROB_HEADER: 2341 (void)printf("Erroneous Header "); 2342 break; 2343 case ICMP6_PARAMPROB_NEXTHEADER: 2344 (void)printf("Unknown Nextheader "); 2345 break; 2346 case ICMP6_PARAMPROB_OPTION: 2347 (void)printf("Unrecognized Option "); 2348 break; 2349 default: 2350 (void)printf("Bad code(%d) ", icp->icmp6_code); 2351 break; 2352 } 2353 (void)printf("pointer = 0x%02x\n", 2354 (u_int32_t)ntohl(icp->icmp6_pptr)); 2355 pr_retip((struct ip6_hdr *)(icp + 1), end); 2356 break; 2357 case ICMP6_ECHO_REQUEST: 2358 (void)printf("Echo Request"); 2359 /* XXX ID + Seq + Data */ 2360 break; 2361 case ICMP6_ECHO_REPLY: 2362 (void)printf("Echo Reply"); 2363 /* XXX ID + Seq + Data */ 2364 break; 2365 case ICMP6_MEMBERSHIP_QUERY: 2366 (void)printf("Listener Query"); 2367 break; 2368 case ICMP6_MEMBERSHIP_REPORT: 2369 (void)printf("Listener Report"); 2370 break; 2371 case ICMP6_MEMBERSHIP_REDUCTION: 2372 (void)printf("Listener Done"); 2373 break; 2374 case ND_ROUTER_SOLICIT: 2375 (void)printf("Router Solicitation"); 2376 break; 2377 case ND_ROUTER_ADVERT: 2378 (void)printf("Router Advertisement"); 2379 break; 2380 case ND_NEIGHBOR_SOLICIT: 2381 (void)printf("Neighbor Solicitation"); 2382 break; 2383 case ND_NEIGHBOR_ADVERT: 2384 (void)printf("Neighbor Advertisement"); 2385 break; 2386 case ND_REDIRECT: 2387 red = (struct nd_redirect *)icp; 2388 (void)printf("Redirect\n"); 2389 if (!inet_ntop(AF_INET6, &red->nd_rd_dst, ntop_buf, 2390 sizeof(ntop_buf))) 2391 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2392 (void)printf("Destination: %s", ntop_buf); 2393 if (!inet_ntop(AF_INET6, &red->nd_rd_target, ntop_buf, 2394 sizeof(ntop_buf))) 2395 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2396 (void)printf(" New Target: %s", ntop_buf); 2397 break; 2398 case ICMP6_NI_QUERY: 2399 (void)printf("Node Information Query"); 2400 /* XXX ID + Seq + Data */ 2401 ni = (struct icmp6_nodeinfo *)icp; 2402 l = end - (u_char *)(ni + 1); 2403 printf(", "); 2404 switch (ntohs(ni->ni_qtype)) { 2405 case NI_QTYPE_NOOP: 2406 (void)printf("NOOP"); 2407 break; 2408 case NI_QTYPE_SUPTYPES: 2409 (void)printf("Supported qtypes"); 2410 break; 2411 case NI_QTYPE_FQDN: 2412 (void)printf("DNS name"); 2413 break; 2414 case NI_QTYPE_NODEADDR: 2415 (void)printf("nodeaddr"); 2416 break; 2417 case NI_QTYPE_IPV4ADDR: 2418 (void)printf("IPv4 nodeaddr"); 2419 break; 2420 default: 2421 (void)printf("unknown qtype"); 2422 break; 2423 } 2424 if (options & F_VERBOSE) { 2425 switch (ni->ni_code) { 2426 case ICMP6_NI_SUBJ_IPV6: 2427 if (l == sizeof(struct in6_addr) && 2428 inet_ntop(AF_INET6, ni + 1, ntop_buf, 2429 sizeof(ntop_buf)) != NULL) { 2430 (void)printf(", subject=%s(%s)", 2431 niqcode[ni->ni_code], ntop_buf); 2432 } else { 2433 #if 1 2434 /* backward compat to -W */ 2435 (void)printf(", oldfqdn"); 2436 #else 2437 (void)printf(", invalid"); 2438 #endif 2439 } 2440 break; 2441 case ICMP6_NI_SUBJ_FQDN: 2442 if (end == (u_char *)(ni + 1)) { 2443 (void)printf(", no subject"); 2444 break; 2445 } 2446 printf(", subject=%s", niqcode[ni->ni_code]); 2447 cp = (const u_char *)(ni + 1); 2448 cp = dnsdecode(cp, end, NULL, dnsname, 2449 sizeof(dnsname)); 2450 if (cp != NULL) 2451 printf("(%s)", dnsname); 2452 else 2453 printf("(invalid)"); 2454 break; 2455 case ICMP6_NI_SUBJ_IPV4: 2456 if (l == sizeof(struct in_addr) && 2457 inet_ntop(AF_INET, ni + 1, ntop_buf, 2458 sizeof(ntop_buf)) != NULL) { 2459 (void)printf(", subject=%s(%s)", 2460 niqcode[ni->ni_code], ntop_buf); 2461 } else 2462 (void)printf(", invalid"); 2463 break; 2464 default: 2465 (void)printf(", invalid"); 2466 break; 2467 } 2468 } 2469 break; 2470 case ICMP6_NI_REPLY: 2471 (void)printf("Node Information Reply"); 2472 /* XXX ID + Seq + Data */ 2473 ni = (struct icmp6_nodeinfo *)icp; 2474 printf(", "); 2475 switch (ntohs(ni->ni_qtype)) { 2476 case NI_QTYPE_NOOP: 2477 (void)printf("NOOP"); 2478 break; 2479 case NI_QTYPE_SUPTYPES: 2480 (void)printf("Supported qtypes"); 2481 break; 2482 case NI_QTYPE_FQDN: 2483 (void)printf("DNS name"); 2484 break; 2485 case NI_QTYPE_NODEADDR: 2486 (void)printf("nodeaddr"); 2487 break; 2488 case NI_QTYPE_IPV4ADDR: 2489 (void)printf("IPv4 nodeaddr"); 2490 break; 2491 default: 2492 (void)printf("unknown qtype"); 2493 break; 2494 } 2495 if (options & F_VERBOSE) { 2496 if (ni->ni_code > nitems(nircode)) 2497 printf(", invalid"); 2498 else 2499 printf(", %s", nircode[ni->ni_code]); 2500 } 2501 break; 2502 default: 2503 (void)printf("Bad ICMP type: %d", icp->icmp6_type); 2504 } 2505 } 2506 2507 /* 2508 * pr_iph -- 2509 * Print an IP6 header. 2510 */ 2511 static void 2512 pr_iph(struct ip6_hdr *ip6) 2513 { 2514 u_int32_t flow = ip6->ip6_flow & IPV6_FLOWLABEL_MASK; 2515 u_int8_t tc; 2516 char ntop_buf[INET6_ADDRSTRLEN]; 2517 2518 tc = *(&ip6->ip6_vfc + 1); /* XXX */ 2519 tc = (tc >> 4) & 0x0f; 2520 tc |= (ip6->ip6_vfc << 4); 2521 2522 printf("Vr TC Flow Plen Nxt Hlim\n"); 2523 printf(" %1x %02x %05x %04x %02x %02x\n", 2524 (ip6->ip6_vfc & IPV6_VERSION_MASK) >> 4, tc, (u_int32_t)ntohl(flow), 2525 ntohs(ip6->ip6_plen), ip6->ip6_nxt, ip6->ip6_hlim); 2526 if (!inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf, sizeof(ntop_buf))) 2527 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2528 printf("%s->", ntop_buf); 2529 if (!inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf, sizeof(ntop_buf))) 2530 strlcpy(ntop_buf, "?", sizeof(ntop_buf)); 2531 printf("%s\n", ntop_buf); 2532 } 2533 2534 /* 2535 * pr_addr -- 2536 * Return an ascii host address as a dotted quad and optionally with 2537 * a hostname. 2538 */ 2539 static const char * 2540 pr_addr(struct sockaddr *addr, int addrlen) 2541 { 2542 static char buf[NI_MAXHOST]; 2543 int flag = 0; 2544 2545 if (!(options & F_HOSTNAME)) 2546 flag |= NI_NUMERICHOST; 2547 2548 if (cap_getnameinfo(capdns, addr, addrlen, buf, sizeof(buf), NULL, 0, 2549 flag) == 0) 2550 return (buf); 2551 else 2552 return "?"; 2553 } 2554 2555 /* 2556 * pr_retip -- 2557 * Dump some info on a returned (via ICMPv6) IPv6 packet. 2558 */ 2559 static void 2560 pr_retip(struct ip6_hdr *ip6, u_char *end) 2561 { 2562 u_char *cp = (u_char *)ip6, nh; 2563 int hlen; 2564 2565 if ((size_t)(end - (u_char *)ip6) < sizeof(*ip6)) { 2566 printf("IP6"); 2567 goto trunc; 2568 } 2569 pr_iph(ip6); 2570 hlen = sizeof(*ip6); 2571 2572 nh = ip6->ip6_nxt; 2573 cp += hlen; 2574 while (end - cp >= 8) { 2575 #ifdef IPSEC 2576 struct ah ah; 2577 #endif 2578 2579 switch (nh) { 2580 case IPPROTO_HOPOPTS: 2581 printf("HBH "); 2582 hlen = (((struct ip6_hbh *)cp)->ip6h_len+1) << 3; 2583 nh = ((struct ip6_hbh *)cp)->ip6h_nxt; 2584 break; 2585 case IPPROTO_DSTOPTS: 2586 printf("DSTOPT "); 2587 hlen = (((struct ip6_dest *)cp)->ip6d_len+1) << 3; 2588 nh = ((struct ip6_dest *)cp)->ip6d_nxt; 2589 break; 2590 case IPPROTO_FRAGMENT: 2591 printf("FRAG "); 2592 hlen = sizeof(struct ip6_frag); 2593 nh = ((struct ip6_frag *)cp)->ip6f_nxt; 2594 break; 2595 case IPPROTO_ROUTING: 2596 printf("RTHDR "); 2597 hlen = (((struct ip6_rthdr *)cp)->ip6r_len+1) << 3; 2598 nh = ((struct ip6_rthdr *)cp)->ip6r_nxt; 2599 break; 2600 #ifdef IPSEC 2601 case IPPROTO_AH: 2602 printf("AH "); 2603 memcpy(&ah, cp, sizeof(ah)); 2604 hlen = (ah.ah_len+2) << 2; 2605 nh = ah.ah_nxt; 2606 break; 2607 #endif 2608 case IPPROTO_ICMPV6: 2609 printf("ICMP6: type = %d, code = %d\n", 2610 *cp, *(cp + 1)); 2611 return; 2612 case IPPROTO_ESP: 2613 printf("ESP\n"); 2614 return; 2615 case IPPROTO_TCP: 2616 printf("TCP: from port %u, to port %u (decimal)\n", 2617 (*cp * 256 + *(cp + 1)), 2618 (*(cp + 2) * 256 + *(cp + 3))); 2619 return; 2620 case IPPROTO_UDP: 2621 printf("UDP: from port %u, to port %u (decimal)\n", 2622 (*cp * 256 + *(cp + 1)), 2623 (*(cp + 2) * 256 + *(cp + 3))); 2624 return; 2625 default: 2626 printf("Unknown Header(%d)\n", nh); 2627 return; 2628 } 2629 2630 if ((cp += hlen) >= end) 2631 goto trunc; 2632 } 2633 if (end - cp < 8) 2634 goto trunc; 2635 2636 putchar('\n'); 2637 return; 2638 2639 trunc: 2640 printf("...\n"); 2641 return; 2642 } 2643 2644 static void 2645 fill(char *bp, char *patp) 2646 { 2647 int ii, jj, kk; 2648 int pat[16]; 2649 char *cp; 2650 2651 for (cp = patp; *cp; cp++) 2652 if (!isxdigit(*cp)) 2653 errx(1, "patterns must be specified as hex digits"); 2654 ii = sscanf(patp, 2655 "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", 2656 &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], 2657 &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], 2658 &pat[13], &pat[14], &pat[15]); 2659 2660 /* xxx */ 2661 if (ii > 0) 2662 for (kk = 0; 2663 (size_t)kk <= MAXDATALEN - 8 + sizeof(struct tv32) + ii; 2664 kk += ii) 2665 for (jj = 0; jj < ii; ++jj) 2666 bp[jj + kk] = pat[jj]; 2667 if (!(options & F_QUIET)) { 2668 (void)printf("PATTERN: 0x"); 2669 for (jj = 0; jj < ii; ++jj) 2670 (void)printf("%02x", bp[jj] & 0xFF); 2671 (void)printf("\n"); 2672 } 2673 } 2674 2675 #ifdef IPSEC 2676 #ifdef IPSEC_POLICY_IPSEC 2677 static int 2678 setpolicy(int so __unused, char *policy) 2679 { 2680 char *buf; 2681 2682 if (policy == NULL) 2683 return 0; /* ignore */ 2684 2685 buf = ipsec_set_policy(policy, strlen(policy)); 2686 if (buf == NULL) 2687 errx(1, "%s", ipsec_strerror()); 2688 if (setsockopt(ssend, IPPROTO_IPV6, IPV6_IPSEC_POLICY, buf, 2689 ipsec_get_policylen(buf)) < 0) 2690 warnx("Unable to set IPsec policy"); 2691 free(buf); 2692 2693 return 0; 2694 } 2695 #endif 2696 #endif 2697 2698 static char * 2699 nigroup(char *name, int nig_oldmcprefix) 2700 { 2701 char *p; 2702 char *q; 2703 MD5_CTX ctxt; 2704 u_int8_t digest[16]; 2705 u_int8_t c; 2706 size_t l; 2707 char hbuf[NI_MAXHOST]; 2708 struct in6_addr in6; 2709 int valid; 2710 2711 p = strchr(name, '.'); 2712 if (!p) 2713 p = name + strlen(name); 2714 l = p - name; 2715 if (l > 63 || l > sizeof(hbuf) - 1) 2716 return NULL; /*label too long*/ 2717 strncpy(hbuf, name, l); 2718 hbuf[(int)l] = '\0'; 2719 2720 for (q = name; *q; q++) { 2721 if (isupper(*(unsigned char *)q)) 2722 *q = tolower(*(unsigned char *)q); 2723 } 2724 2725 /* generate 16 bytes of pseudo-random value. */ 2726 memset(&ctxt, 0, sizeof(ctxt)); 2727 MD5Init(&ctxt); 2728 c = l & 0xff; 2729 MD5Update(&ctxt, &c, sizeof(c)); 2730 MD5Update(&ctxt, (unsigned char *)name, l); 2731 MD5Final(digest, &ctxt); 2732 2733 if (nig_oldmcprefix) { 2734 /* draft-ietf-ipngwg-icmp-name-lookup */ 2735 valid = inet_pton(AF_INET6, "ff02::2:0000:0000", &in6); 2736 } else { 2737 /* RFC 4620 */ 2738 valid = inet_pton(AF_INET6, "ff02::2:ff00:0000", &in6); 2739 } 2740 if (valid != 1) 2741 return NULL; /*XXX*/ 2742 2743 if (nig_oldmcprefix) { 2744 /* draft-ietf-ipngwg-icmp-name-lookup */ 2745 bcopy(digest, &in6.s6_addr[12], 4); 2746 } else { 2747 /* RFC 4620 */ 2748 bcopy(digest, &in6.s6_addr[13], 3); 2749 } 2750 2751 if (inet_ntop(AF_INET6, &in6, hbuf, sizeof(hbuf)) == NULL) 2752 return NULL; 2753 2754 return strdup(hbuf); 2755 } 2756 2757 static cap_channel_t * 2758 capdns_setup(void) 2759 { 2760 cap_channel_t *capcas, *capdnsloc; 2761 #ifdef WITH_CASPER 2762 const char *types[2]; 2763 int families[1]; 2764 #endif 2765 capcas = cap_init(); 2766 if (capcas == NULL) 2767 err(1, "unable to create casper process"); 2768 capdnsloc = cap_service_open(capcas, "system.dns"); 2769 /* Casper capability no longer needed. */ 2770 cap_close(capcas); 2771 if (capdnsloc == NULL) 2772 err(1, "unable to open system.dns service"); 2773 #ifdef WITH_CASPER 2774 types[0] = "NAME2ADDR"; 2775 types[1] = "ADDR2NAME"; 2776 if (cap_dns_type_limit(capdnsloc, types, nitems(types)) < 0) 2777 err(1, "unable to limit access to system.dns service"); 2778 families[0] = AF_INET6; 2779 if (cap_dns_family_limit(capdnsloc, families, nitems(families)) < 0) 2780 err(1, "unable to limit access to system.dns service"); 2781 #endif 2782 return (capdnsloc); 2783 } 2784