1 /* 2 * Copyright (c) 2016 Antonin Décimo, Jean-Raphaël Gaglione 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. Neither the name of the project nor the names of its contributors 13 * may be used to endorse or promote products derived from this software 14 * without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/cdefs.h> 30 #ifndef lint 31 __RCSID("$NetBSD: print-hncp.c,v 1.3 2017/02/05 04:05:05 spz Exp $"); 32 #endif 33 34 /* \summary: Home Networking Control Protocol (HNCP) printer */ 35 36 #ifdef HAVE_CONFIG_H 37 #include "config.h" 38 #endif 39 40 #include <netdissect-stdinc.h> 41 42 #include <stdlib.h> 43 #include <string.h> 44 45 #include "netdissect.h" 46 #include "addrtoname.h" 47 #include "extract.h" 48 49 static void 50 hncp_print_rec(netdissect_options *ndo, 51 const u_char *cp, u_int length, int indent); 52 53 void 54 hncp_print(netdissect_options *ndo, 55 const u_char *cp, u_int length) 56 { 57 ND_PRINT((ndo, "hncp (%d)", length)); 58 hncp_print_rec(ndo, cp, length, 1); 59 } 60 61 /* RFC7787 */ 62 #define DNCP_REQUEST_NETWORK_STATE 1 63 #define DNCP_REQUEST_NODE_STATE 2 64 #define DNCP_NODE_ENDPOINT 3 65 #define DNCP_NETWORK_STATE 4 66 #define DNCP_NODE_STATE 5 67 #define DNCP_PEER 8 68 #define DNCP_KEEP_ALIVE_INTERVAL 9 69 #define DNCP_TRUST_VERDICT 10 70 71 /* RFC7788 */ 72 #define HNCP_HNCP_VERSION 32 73 #define HNCP_EXTERNAL_CONNECTION 33 74 #define HNCP_DELEGATED_PREFIX 34 75 #define HNCP_PREFIX_POLICY 43 76 #define HNCP_DHCPV4_DATA 37 77 #define HNCP_DHCPV6_DATA 38 78 #define HNCP_ASSIGNED_PREFIX 35 79 #define HNCP_NODE_ADDRESS 36 80 #define HNCP_DNS_DELEGATED_ZONE 39 81 #define HNCP_DOMAIN_NAME 40 82 #define HNCP_NODE_NAME 41 83 #define HNCP_MANAGED_PSK 42 84 85 /* See type_mask in hncp_print_rec below */ 86 #define RANGE_DNCP_RESERVED 0x10000 87 #define RANGE_HNCP_UNASSIGNED 0x10001 88 #define RANGE_DNCP_PRIVATE_USE 0x10002 89 #define RANGE_DNCP_FUTURE_USE 0x10003 90 91 static const struct tok type_values[] = { 92 { DNCP_REQUEST_NETWORK_STATE, "Request network state" }, 93 { DNCP_REQUEST_NODE_STATE, "Request node state" }, 94 { DNCP_NODE_ENDPOINT, "Node endpoint" }, 95 { DNCP_NETWORK_STATE, "Network state" }, 96 { DNCP_NODE_STATE, "Node state" }, 97 { DNCP_PEER, "Peer" }, 98 { DNCP_KEEP_ALIVE_INTERVAL, "Keep-alive interval" }, 99 { DNCP_TRUST_VERDICT, "Trust-Verdict" }, 100 101 { HNCP_HNCP_VERSION, "HNCP-Version" }, 102 { HNCP_EXTERNAL_CONNECTION, "External-Connection" }, 103 { HNCP_DELEGATED_PREFIX, "Delegated-Prefix" }, 104 { HNCP_PREFIX_POLICY, "Prefix-Policy" }, 105 { HNCP_DHCPV4_DATA, "DHCPv4-Data" }, 106 { HNCP_DHCPV6_DATA, "DHCPv6-Data" }, 107 { HNCP_ASSIGNED_PREFIX, "Assigned-Prefix" }, 108 { HNCP_NODE_ADDRESS, "Node-Address" }, 109 { HNCP_DNS_DELEGATED_ZONE, "DNS-Delegated-Zone" }, 110 { HNCP_DOMAIN_NAME, "Domain-Name" }, 111 { HNCP_NODE_NAME, "Node-Name" }, 112 { HNCP_MANAGED_PSK, "Managed-PSK" }, 113 114 { RANGE_DNCP_RESERVED, "Reserved" }, 115 { RANGE_HNCP_UNASSIGNED, "Unassigned" }, 116 { RANGE_DNCP_PRIVATE_USE, "Private use" }, 117 { RANGE_DNCP_FUTURE_USE, "Future use" }, 118 119 { 0, NULL} 120 }; 121 122 #define DH4OPT_DNS_SERVERS 6 /* RFC2132 */ 123 #define DH4OPT_NTP_SERVERS 42 /* RFC2132 */ 124 #define DH4OPT_DOMAIN_SEARCH 119 /* RFC3397 */ 125 126 static const struct tok dh4opt_str[] = { 127 { DH4OPT_DNS_SERVERS, "DNS-server" }, 128 { DH4OPT_NTP_SERVERS, "NTP-server"}, 129 { DH4OPT_DOMAIN_SEARCH, "DNS-search" }, 130 { 0, NULL } 131 }; 132 133 #define DH6OPT_DNS_SERVERS 23 /* RFC3646 */ 134 #define DH6OPT_DOMAIN_LIST 24 /* RFC3646 */ 135 #define DH6OPT_SNTP_SERVERS 31 /* RFC4075 */ 136 137 static const struct tok dh6opt_str[] = { 138 { DH6OPT_DNS_SERVERS, "DNS-server" }, 139 { DH6OPT_DOMAIN_LIST, "DNS-search-list" }, 140 { DH6OPT_SNTP_SERVERS, "SNTP-servers" }, 141 { 0, NULL } 142 }; 143 144 /* 145 * For IPv4-mapped IPv6 addresses, length of the prefix that precedes 146 * the 4 bytes of IPv4 address at the end of the IPv6 address. 147 */ 148 #define IPV4_MAPPED_HEADING_LEN 12 149 150 /* 151 * Is an IPv6 address an IPv4-mapped address? 152 */ 153 static inline int 154 is_ipv4_mapped_address(const u_char *addr) 155 { 156 /* The value of the prefix */ 157 static const u_char ipv4_mapped_heading[IPV4_MAPPED_HEADING_LEN] = 158 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF }; 159 160 return memcmp(addr, ipv4_mapped_heading, IPV4_MAPPED_HEADING_LEN) == 0; 161 } 162 163 static const char * 164 format_nid(const u_char *data) 165 { 166 static char buf[4][11+5]; 167 static int i = 0; 168 i = (i + 1) % 4; 169 snprintf(buf[i], 16, "%02x:%02x:%02x:%02x", 170 data[0], data[1], data[2], data[3]); 171 return buf[i]; 172 } 173 174 static const char * 175 format_256(const u_char *data) 176 { 177 static char buf[4][64+5]; 178 static int i = 0; 179 i = (i + 1) % 4; 180 snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64, 181 EXTRACT_64BITS(data), 182 EXTRACT_64BITS(data + 8), 183 EXTRACT_64BITS(data + 16), 184 EXTRACT_64BITS(data + 24) 185 ); 186 return buf[i]; 187 } 188 189 static const char * 190 format_interval(const uint32_t n) 191 { 192 static char buf[4][sizeof("0000000.000s")]; 193 static int i = 0; 194 i = (i + 1) % 4; 195 snprintf(buf[i], sizeof(buf[i]), "%u.%03us", n / 1000, n % 1000); 196 return buf[i]; 197 } 198 199 static const char * 200 format_ip6addr(netdissect_options *ndo, const u_char *cp) 201 { 202 if (is_ipv4_mapped_address(cp)) 203 return ipaddr_string(ndo, cp + IPV4_MAPPED_HEADING_LEN); 204 else 205 return ip6addr_string(ndo, cp); 206 } 207 208 static int 209 print_prefix(netdissect_options *ndo, const u_char *prefix, u_int max_length) 210 { 211 int plenbytes; 212 char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::/128")]; 213 214 if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 && 215 is_ipv4_mapped_address(&prefix[1])) { 216 struct in_addr addr; 217 u_int plen; 218 219 plen = prefix[0]-96; 220 if (32 < plen) 221 return -1; 222 max_length -= 1; 223 224 memset(&addr, 0, sizeof(addr)); 225 plenbytes = (plen + 7) / 8; 226 if (max_length < (u_int)plenbytes + IPV4_MAPPED_HEADING_LEN) 227 return -3; 228 memcpy(&addr, &prefix[1 + IPV4_MAPPED_HEADING_LEN], plenbytes); 229 if (plen % 8) { 230 ((u_char *)&addr)[plenbytes - 1] &= 231 ((0xff00 >> (plen % 8)) & 0xff); 232 } 233 snprintf(buf, sizeof(buf), "%s/%d", ipaddr_string(ndo, &addr), plen); 234 plenbytes += 1 + IPV4_MAPPED_HEADING_LEN; 235 } else { 236 plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf)); 237 } 238 239 ND_PRINT((ndo, "%s", buf)); 240 return plenbytes; 241 } 242 243 static int 244 print_dns_label(netdissect_options *ndo, 245 const u_char *cp, u_int max_length, int print) 246 { 247 u_int length = 0; 248 while (length < max_length) { 249 u_int lab_length = cp[length++]; 250 if (lab_length == 0) 251 return (int)length; 252 if (length > 1 && print) 253 safeputchar(ndo, '.'); 254 if (length+lab_length > max_length) { 255 if (print) 256 safeputs(ndo, cp+length, max_length-length); 257 break; 258 } 259 if (print) 260 safeputs(ndo, cp+length, lab_length); 261 length += lab_length; 262 } 263 if (print) 264 ND_PRINT((ndo, "[|DNS]")); 265 return -1; 266 } 267 268 static int 269 dhcpv4_print(netdissect_options *ndo, 270 const u_char *cp, u_int length, int indent) 271 { 272 u_int i, t; 273 const u_char *tlv, *value; 274 uint8_t type, optlen; 275 276 i = 0; 277 while (i < length) { 278 tlv = cp + i; 279 type = (uint8_t)tlv[0]; 280 optlen = (uint8_t)tlv[1]; 281 value = tlv + 2; 282 283 ND_PRINT((ndo, "\n")); 284 for (t = indent; t > 0; t--) 285 ND_PRINT((ndo, "\t")); 286 287 ND_PRINT((ndo, "%s", tok2str(dh4opt_str, "Unknown", type))); 288 ND_PRINT((ndo," (%u)", optlen + 2 )); 289 290 switch (type) { 291 case DH4OPT_DNS_SERVERS: 292 case DH4OPT_NTP_SERVERS: { 293 if (optlen < 4 || optlen % 4 != 0) { 294 return -1; 295 } 296 for (t = 0; t < optlen; t += 4) 297 ND_PRINT((ndo, " %s", ipaddr_string(ndo, value + t))); 298 } 299 break; 300 case DH4OPT_DOMAIN_SEARCH: { 301 const u_char *tp = value; 302 while (tp < value + optlen) { 303 ND_PRINT((ndo, " ")); 304 if ((tp = ns_nprint(ndo, tp, value + optlen)) == NULL) 305 return -1; 306 } 307 } 308 break; 309 } 310 311 i += 2 + optlen; 312 } 313 return 0; 314 } 315 316 static int 317 dhcpv6_print(netdissect_options *ndo, 318 const u_char *cp, u_int length, int indent) 319 { 320 u_int i, t; 321 const u_char *tlv, *value; 322 uint16_t type, optlen; 323 324 i = 0; 325 while (i < length) { 326 tlv = cp + i; 327 type = EXTRACT_16BITS(tlv); 328 optlen = EXTRACT_16BITS(tlv + 2); 329 value = tlv + 4; 330 331 ND_PRINT((ndo, "\n")); 332 for (t = indent; t > 0; t--) 333 ND_PRINT((ndo, "\t")); 334 335 ND_PRINT((ndo, "%s", tok2str(dh6opt_str, "Unknown", type))); 336 ND_PRINT((ndo," (%u)", optlen + 4 )); 337 338 switch (type) { 339 case DH6OPT_DNS_SERVERS: 340 case DH6OPT_SNTP_SERVERS: { 341 if (optlen % 16 != 0) { 342 ND_PRINT((ndo, " %s", istr)); 343 return -1; 344 } 345 for (t = 0; t < optlen; t += 16) 346 ND_PRINT((ndo, " %s", ip6addr_string(ndo, value + t))); 347 } 348 break; 349 case DH6OPT_DOMAIN_LIST: { 350 const u_char *tp = value; 351 while (tp < value + optlen) { 352 ND_PRINT((ndo, " ")); 353 if ((tp = ns_nprint(ndo, tp, value + optlen)) == NULL) 354 return -1; 355 } 356 } 357 break; 358 } 359 360 i += 4 + optlen; 361 } 362 return 0; 363 } 364 365 /* Determine in-line mode */ 366 static int 367 is_in_line(netdissect_options *ndo, int indent) 368 { 369 return indent - 1 >= ndo->ndo_vflag && ndo->ndo_vflag < 3; 370 } 371 372 static void 373 print_type_in_line(netdissect_options *ndo, 374 uint32_t type, int count, int indent, int *first_one) 375 { 376 if (count > 0) { 377 if (*first_one) { 378 *first_one = 0; 379 if (indent > 1) { 380 u_int t; 381 ND_PRINT((ndo, "\n")); 382 for (t = indent; t > 0; t--) 383 ND_PRINT((ndo, "\t")); 384 } else { 385 ND_PRINT((ndo, " ")); 386 } 387 } else { 388 ND_PRINT((ndo, ", ")); 389 } 390 ND_PRINT((ndo, "%s", tok2str(type_values, "Easter Egg", type))); 391 if (count > 1) 392 ND_PRINT((ndo, " (x%d)", count)); 393 } 394 } 395 396 void 397 hncp_print_rec(netdissect_options *ndo, 398 const u_char *cp, u_int length, int indent) 399 { 400 const int in_line = is_in_line(ndo, indent); 401 int first_one = 1; 402 403 u_int i, t; 404 405 uint32_t last_type_mask = 0xffffffffU; 406 int last_type_count = -1; 407 408 const u_char *tlv, *value; 409 uint16_t type, bodylen; 410 uint32_t type_mask; 411 412 i = 0; 413 while (i < length) { 414 tlv = cp + i; 415 416 if (!in_line) { 417 ND_PRINT((ndo, "\n")); 418 for (t = indent; t > 0; t--) 419 ND_PRINT((ndo, "\t")); 420 } 421 422 ND_TCHECK2(*tlv, 4); 423 if (i + 4 > length) 424 goto invalid; 425 426 type = EXTRACT_16BITS(tlv); 427 bodylen = EXTRACT_16BITS(tlv + 2); 428 value = tlv + 4; 429 ND_TCHECK2(*value, bodylen); 430 if (i + bodylen + 4 > length) 431 goto invalid; 432 433 type_mask = 434 (type == 0) ? RANGE_DNCP_RESERVED: 435 (44 <= type && type <= 511) ? RANGE_HNCP_UNASSIGNED: 436 (768 <= type && type <= 1023) ? RANGE_DNCP_PRIVATE_USE: 437 RANGE_DNCP_FUTURE_USE; 438 if (type == 6 || type == 7) 439 type_mask = RANGE_DNCP_FUTURE_USE; 440 441 /* defined types */ 442 { 443 t = 0; 444 while (1) { 445 u_int key = type_values[t++].v; 446 if (key > 0xffff) 447 break; 448 if (key == type) { 449 type_mask = type; 450 break; 451 } 452 } 453 } 454 455 if (in_line) { 456 if (last_type_mask == type_mask) { 457 last_type_count++; 458 } else { 459 print_type_in_line(ndo, last_type_mask, last_type_count, indent, &first_one); 460 last_type_mask = type_mask; 461 last_type_count = 1; 462 } 463 464 goto skip_multiline; 465 } 466 467 ND_PRINT((ndo,"%s", tok2str(type_values, "Easter Egg (42)", type_mask) )); 468 if (type_mask > 0xffff) 469 ND_PRINT((ndo,": type=%u", type )); 470 ND_PRINT((ndo," (%u)", bodylen + 4 )); 471 472 switch (type_mask) { 473 474 case DNCP_REQUEST_NETWORK_STATE: { 475 if (bodylen != 0) 476 ND_PRINT((ndo, " %s", istr)); 477 } 478 break; 479 480 case DNCP_REQUEST_NODE_STATE: { 481 const char *node_identifier; 482 if (bodylen != 4) { 483 ND_PRINT((ndo, " %s", istr)); 484 break; 485 } 486 node_identifier = format_nid(value); 487 ND_PRINT((ndo, " NID: %s", node_identifier)); 488 } 489 break; 490 491 case DNCP_NODE_ENDPOINT: { 492 const char *node_identifier; 493 uint32_t endpoint_identifier; 494 if (bodylen != 8) { 495 ND_PRINT((ndo, " %s", istr)); 496 break; 497 } 498 node_identifier = format_nid(value); 499 endpoint_identifier = EXTRACT_32BITS(value + 4); 500 ND_PRINT((ndo, " NID: %s EPID: %08x", 501 node_identifier, 502 endpoint_identifier 503 )); 504 } 505 break; 506 507 case DNCP_NETWORK_STATE: { 508 uint64_t hash; 509 if (bodylen != 8) { 510 ND_PRINT((ndo, " %s", istr)); 511 break; 512 } 513 hash = EXTRACT_64BITS(value); 514 ND_PRINT((ndo, " hash: %016" PRIx64, hash)); 515 } 516 break; 517 518 case DNCP_NODE_STATE: { 519 const char *node_identifier, *interval; 520 uint32_t sequence_number; 521 uint64_t hash; 522 if (bodylen < 20) { 523 ND_PRINT((ndo, " %s", istr)); 524 break; 525 } 526 node_identifier = format_nid(value); 527 sequence_number = EXTRACT_32BITS(value + 4); 528 interval = format_interval(EXTRACT_32BITS(value + 8)); 529 hash = EXTRACT_64BITS(value + 12); 530 ND_PRINT((ndo, " NID: %s seqno: %u %s hash: %016" PRIx64, 531 node_identifier, 532 sequence_number, 533 interval, 534 hash 535 )); 536 hncp_print_rec(ndo, value+20, bodylen-20, indent+1); 537 } 538 break; 539 540 case DNCP_PEER: { 541 const char *peer_node_identifier; 542 uint32_t peer_endpoint_identifier, endpoint_identifier; 543 if (bodylen != 12) { 544 ND_PRINT((ndo, " %s", istr)); 545 break; 546 } 547 peer_node_identifier = format_nid(value); 548 peer_endpoint_identifier = EXTRACT_32BITS(value + 4); 549 endpoint_identifier = EXTRACT_32BITS(value + 8); 550 ND_PRINT((ndo, " Peer-NID: %s Peer-EPID: %08x Local-EPID: %08x", 551 peer_node_identifier, 552 peer_endpoint_identifier, 553 endpoint_identifier 554 )); 555 } 556 break; 557 558 case DNCP_KEEP_ALIVE_INTERVAL: { 559 uint32_t endpoint_identifier; 560 const char *interval; 561 if (bodylen < 8) { 562 ND_PRINT((ndo, " %s", istr)); 563 break; 564 } 565 endpoint_identifier = EXTRACT_32BITS(value); 566 interval = format_interval(EXTRACT_32BITS(value + 4)); 567 ND_PRINT((ndo, " EPID: %08x Interval: %s", 568 endpoint_identifier, 569 interval 570 )); 571 } 572 break; 573 574 case DNCP_TRUST_VERDICT: { 575 if (bodylen <= 36) { 576 ND_PRINT((ndo, " %s", istr)); 577 break; 578 } 579 ND_PRINT((ndo, " Verdict: %u Fingerprint: %s Common Name: ", 580 *value, 581 format_256(value + 4))); 582 safeputs(ndo, value + 36, bodylen - 36); 583 } 584 break; 585 586 case HNCP_HNCP_VERSION: { 587 uint16_t capabilities; 588 uint8_t M, P, H, L; 589 if (bodylen < 5) { 590 ND_PRINT((ndo, " %s", istr)); 591 break; 592 } 593 capabilities = EXTRACT_16BITS(value + 2); 594 M = (uint8_t)((capabilities >> 12) & 0xf); 595 P = (uint8_t)((capabilities >> 8) & 0xf); 596 H = (uint8_t)((capabilities >> 4) & 0xf); 597 L = (uint8_t)(capabilities & 0xf); 598 ND_PRINT((ndo, " M: %u P: %u H: %u L: %u User-agent: ", 599 M, P, H, L 600 )); 601 safeputs(ndo, value + 4, bodylen - 4); 602 } 603 break; 604 605 case HNCP_EXTERNAL_CONNECTION: { 606 /* Container TLV */ 607 hncp_print_rec(ndo, value, bodylen, indent+1); 608 } 609 break; 610 611 case HNCP_DELEGATED_PREFIX: { 612 int l; 613 if (bodylen < 9 || bodylen < 9 + (value[8] + 7) / 8) { 614 ND_PRINT((ndo, " %s", istr)); 615 break; 616 } 617 ND_PRINT((ndo, " VLSO: %s PLSO: %s Prefix: ", 618 format_interval(EXTRACT_32BITS(value)), 619 format_interval(EXTRACT_32BITS(value + 4)) 620 )); 621 l = print_prefix(ndo, value + 8, bodylen - 8); 622 if (l == -1) { 623 ND_PRINT((ndo, "(length is invalid)")); 624 break; 625 } 626 if (l < 0) { 627 /* 628 * We've already checked that we've captured the 629 * entire TLV, based on its length, so this will 630 * either be -1, meaning "the prefix length is 631 * greater than the longest possible address of 632 * that type" (i.e., > 32 for IPv4 or > 128 for 633 * IPv6", or -3, meaning "the prefix runs past 634 * the end of the TLV". 635 */ 636 ND_PRINT((ndo, " %s", istr)); 637 break; 638 } 639 l += 8 + (-l & 3); 640 641 if (bodylen >= l) 642 hncp_print_rec(ndo, value + l, bodylen - l, indent+1); 643 } 644 break; 645 646 case HNCP_PREFIX_POLICY: { 647 uint8_t policy; 648 int l; 649 if (bodylen < 1) { 650 ND_PRINT((ndo, " %s", istr)); 651 break; 652 } 653 policy = value[0]; 654 ND_PRINT((ndo, " type: ")); 655 if (policy == 0) { 656 if (bodylen != 1) { 657 ND_PRINT((ndo, " %s", istr)); 658 break; 659 } 660 ND_PRINT((ndo, "Internet connectivity")); 661 } else if (policy >= 1 && policy <= 128) { 662 ND_PRINT((ndo, "Dest-Prefix: ")); 663 l = print_prefix(ndo, value, bodylen); 664 if (l == -1) { 665 ND_PRINT((ndo, "(length is invalid)")); 666 break; 667 } 668 if (l < 0) { 669 /* 670 * We've already checked that we've captured the 671 * entire TLV, based on its length, so this will 672 * either be -1, meaning "the prefix length is 673 * greater than the longest possible address of 674 * that type" (i.e., > 32 for IPv4 or > 128 for 675 * IPv6", or -3, meaning "the prefix runs past 676 * the end of the TLV". 677 */ 678 ND_PRINT((ndo, " %s", istr)); 679 break; 680 } 681 } else if (policy == 129) { 682 ND_PRINT((ndo, "DNS domain: ")); 683 print_dns_label(ndo, value+1, bodylen-1, 1); 684 } else if (policy == 130) { 685 ND_PRINT((ndo, "Opaque UTF-8: ")); 686 safeputs(ndo, value + 1, bodylen - 1); 687 } else if (policy == 131) { 688 if (bodylen != 1) { 689 ND_PRINT((ndo, " %s", istr)); 690 break; 691 } 692 ND_PRINT((ndo, "Restrictive assignment")); 693 } else if (policy >= 132) { 694 ND_PRINT((ndo, "Unknown (%u)", policy)); /* Reserved for future additions */ 695 } 696 } 697 break; 698 699 case HNCP_DHCPV4_DATA: { 700 if (bodylen == 0) { 701 ND_PRINT((ndo, " %s", istr)); 702 break; 703 } 704 if (dhcpv4_print(ndo, value, bodylen, indent+1) != 0) 705 goto invalid; 706 } 707 break; 708 709 case HNCP_DHCPV6_DATA: { 710 if (bodylen == 0) { 711 ND_PRINT((ndo, " %s", istr)); 712 break; 713 } 714 if (dhcpv6_print(ndo, value, bodylen, indent+1) != 0) { 715 ND_PRINT((ndo, " %s", istr)); 716 break; 717 } 718 } 719 break; 720 721 case HNCP_ASSIGNED_PREFIX: { 722 uint8_t prty; 723 int l; 724 if (bodylen < 6 || bodylen < 6 + (value[5] + 7) / 8) { 725 ND_PRINT((ndo, " %s", istr)); 726 break; 727 } 728 prty = (uint8_t)(value[4] & 0xf); 729 ND_PRINT((ndo, " EPID: %08x Prty: %u", 730 EXTRACT_32BITS(value), 731 prty 732 )); 733 ND_PRINT((ndo, " Prefix: ")); 734 if ((l = print_prefix(ndo, value + 5, bodylen - 5)) < 0) { 735 ND_PRINT((ndo, " %s", istr)); 736 break; 737 } 738 l += 5; 739 l += -l & 3; 740 741 if (bodylen >= l) 742 hncp_print_rec(ndo, value + l, bodylen - l, indent+1); 743 } 744 break; 745 746 case HNCP_NODE_ADDRESS: { 747 uint32_t endpoint_identifier; 748 const char *ip_address; 749 if (bodylen < 20) { 750 ND_PRINT((ndo, " %s", istr)); 751 break; 752 } 753 endpoint_identifier = EXTRACT_32BITS(value); 754 ip_address = format_ip6addr(ndo, value + 4); 755 ND_PRINT((ndo, " EPID: %08x IP Address: %s", 756 endpoint_identifier, 757 ip_address 758 )); 759 760 hncp_print_rec(ndo, value + 20, bodylen - 20, indent+1); 761 } 762 break; 763 764 case HNCP_DNS_DELEGATED_ZONE: { 765 const char *ip_address; 766 int len; 767 if (bodylen < 17) { 768 ND_PRINT((ndo, " %s", istr)); 769 break; 770 } 771 ip_address = format_ip6addr(ndo, value); 772 ND_PRINT((ndo, " IP-Address: %s %c%c%c ", 773 ip_address, 774 (value[16] & 4) ? 'l' : '-', 775 (value[16] & 2) ? 'b' : '-', 776 (value[16] & 1) ? 's' : '-' 777 )); 778 len = print_dns_label(ndo, value+17, bodylen-17, 1); 779 if (len < 0) { 780 ND_PRINT((ndo, " %s", istr)); 781 break; 782 } 783 len += 17; 784 len += -len & 3; 785 if (bodylen >= len) 786 hncp_print_rec(ndo, value+len, bodylen-len, indent+1); 787 } 788 break; 789 790 case HNCP_DOMAIN_NAME: { 791 if (bodylen == 0) { 792 ND_PRINT((ndo, " %s", istr)); 793 break; 794 } 795 ND_PRINT((ndo, " Domain: ")); 796 print_dns_label(ndo, value, bodylen, 1); 797 } 798 break; 799 800 case HNCP_NODE_NAME: { 801 u_int l; 802 if (bodylen < 17) { 803 ND_PRINT((ndo, " %s", istr)); 804 break; 805 } 806 l = value[16]; 807 if (bodylen < 17 + l) { 808 ND_PRINT((ndo, " %s", istr)); 809 break; 810 } 811 ND_PRINT((ndo, " IP-Address: %s Name: ", 812 format_ip6addr(ndo, value) 813 )); 814 if (l < 64) { 815 safeputchar(ndo, '"'); 816 safeputs(ndo, value + 17, l); 817 safeputchar(ndo, '"'); 818 } else { 819 ND_PRINT((ndo, "%s", istr)); 820 } 821 l += 17; 822 l += -l & 3; 823 if (bodylen >= l) 824 hncp_print_rec(ndo, value + l, bodylen - l, indent+1); 825 } 826 break; 827 828 case HNCP_MANAGED_PSK: { 829 if (bodylen < 32) { 830 ND_PRINT((ndo, " %s", istr)); 831 break; 832 } 833 ND_PRINT((ndo, " PSK: %s", format_256(value))); 834 hncp_print_rec(ndo, value + 32, bodylen - 32, indent+1); 835 } 836 break; 837 838 case RANGE_DNCP_RESERVED: 839 case RANGE_HNCP_UNASSIGNED: 840 case RANGE_DNCP_PRIVATE_USE: 841 case RANGE_DNCP_FUTURE_USE: 842 break; 843 844 } 845 skip_multiline: 846 847 i += 4 + bodylen + (-bodylen & 3); 848 } 849 print_type_in_line(ndo, last_type_mask, last_type_count, indent, &first_one); 850 851 return; 852 853 trunc: 854 ND_PRINT((ndo, "%s", "[|hncp]")); 855 return; 856 857 invalid: 858 ND_PRINT((ndo, "%s", istr)); 859 return; 860 } 861