1 /* 2 * Copyright (c) 1992, 1993, 1994, 1995, 1996 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * Original code by Matt Thomas, Digital Equipment Corporation 22 * 23 * Extensively modified by Hannes Gredler (hannes@gredler.at) for more 24 * complete IS-IS & CLNP support. 25 */ 26 27 #include <sys/cdefs.h> 28 #ifndef lint 29 __RCSID("$NetBSD: print-isoclns.c,v 1.11 2024/09/02 16:15:31 christos Exp $"); 30 #endif 31 32 /* \summary: ISO CLNS, ESIS, and ISIS printer */ 33 34 /* 35 * specification: 36 * 37 * CLNP: ISO 8473 (respective ITU version is at https://www.itu.int/rec/T-REC-X.233/en/) 38 * ES-IS: ISO 9542 39 * IS-IS: ISO 10589 40 */ 41 42 #include <config.h> 43 44 #include "netdissect-stdinc.h" 45 46 #include <string.h> 47 48 #include "netdissect.h" 49 #include "addrtoname.h" 50 #include "nlpid.h" 51 #include "extract.h" 52 #include "gmpls.h" 53 #include "oui.h" 54 #include "signature.h" 55 56 57 /* 58 * IS-IS is defined in ISO 10589. Look there for protocol definitions. 59 */ 60 61 #define SYSTEM_ID_LEN MAC_ADDR_LEN 62 #define NODE_ID_LEN (SYSTEM_ID_LEN+1) 63 #define LSP_ID_LEN (SYSTEM_ID_LEN+2) 64 65 #define ISIS_VERSION 1 66 #define ESIS_VERSION 1 67 #define CLNP_VERSION 1 68 69 #define ISIS_PDU_TYPE_MASK 0x1F 70 #define ESIS_PDU_TYPE_MASK 0x1F 71 #define CLNP_PDU_TYPE_MASK 0x1F 72 #define CLNP_FLAG_MASK 0xE0 73 #define ISIS_LAN_PRIORITY_MASK 0x7F 74 75 #define ISIS_PDU_L1_LAN_IIH 15 76 #define ISIS_PDU_L2_LAN_IIH 16 77 #define ISIS_PDU_PTP_IIH 17 78 #define ISIS_PDU_L1_LSP 18 79 #define ISIS_PDU_L2_LSP 20 80 #define ISIS_PDU_L1_CSNP 24 81 #define ISIS_PDU_L2_CSNP 25 82 #define ISIS_PDU_L1_PSNP 26 83 #define ISIS_PDU_L2_PSNP 27 84 85 static const struct tok isis_pdu_values[] = { 86 { ISIS_PDU_L1_LAN_IIH, "L1 Lan IIH"}, 87 { ISIS_PDU_L2_LAN_IIH, "L2 Lan IIH"}, 88 { ISIS_PDU_PTP_IIH, "p2p IIH"}, 89 { ISIS_PDU_L1_LSP, "L1 LSP"}, 90 { ISIS_PDU_L2_LSP, "L2 LSP"}, 91 { ISIS_PDU_L1_CSNP, "L1 CSNP"}, 92 { ISIS_PDU_L2_CSNP, "L2 CSNP"}, 93 { ISIS_PDU_L1_PSNP, "L1 PSNP"}, 94 { ISIS_PDU_L2_PSNP, "L2 PSNP"}, 95 { 0, NULL} 96 }; 97 98 /* 99 * A TLV is a tuple of a type, length and a value and is normally used for 100 * encoding information in all sorts of places. This is an enumeration of 101 * the well known types. 102 * 103 * list taken from rfc3359 plus some memory from veterans ;-) 104 */ 105 106 #define ISIS_TLV_AREA_ADDR 1 /* iso10589 */ 107 #define ISIS_TLV_IS_REACH 2 /* iso10589 */ 108 #define ISIS_TLV_ESNEIGH 3 /* iso10589 */ 109 #define ISIS_TLV_PART_DIS 4 /* iso10589 */ 110 #define ISIS_TLV_PREFIX_NEIGH 5 /* iso10589 */ 111 #define ISIS_TLV_ISNEIGH 6 /* iso10589 */ 112 #define ISIS_TLV_INSTANCE_ID 7 /* rfc8202 */ 113 #define ISIS_TLV_PADDING 8 /* iso10589 */ 114 #define ISIS_TLV_LSP 9 /* iso10589 */ 115 #define ISIS_TLV_AUTH 10 /* iso10589, rfc3567 */ 116 #define ISIS_TLV_CHECKSUM 12 /* rfc3358 */ 117 #define ISIS_TLV_CHECKSUM_MINLEN 2 118 #define ISIS_TLV_POI 13 /* rfc6232 */ 119 #define ISIS_TLV_LSP_BUFFERSIZE 14 /* iso10589 rev2 */ 120 #define ISIS_TLV_EXT_IS_REACH 22 /* rfc5305 */ 121 #define ISIS_TLV_IS_ALIAS_ID 24 /* rfc5311 */ 122 #define ISIS_TLV_DECNET_PHASE4 42 123 #define ISIS_TLV_LUCENT_PRIVATE 66 124 #define ISIS_TLV_INT_IP_REACH 128 /* rfc1195, rfc2966 */ 125 #define ISIS_TLV_PROTOCOLS 129 /* rfc1195 */ 126 #define ISIS_TLV_EXT_IP_REACH 130 /* rfc1195, rfc2966 */ 127 #define ISIS_TLV_IDRP_INFO 131 /* rfc1195 */ 128 #define ISIS_TLV_IPADDR 132 /* rfc1195 */ 129 #define ISIS_TLV_IPAUTH 133 /* rfc1195 */ 130 #define ISIS_TLV_TE_ROUTER_ID 134 /* rfc5305 */ 131 #define ISIS_TLV_EXTD_IP_REACH 135 /* rfc5305 */ 132 #define ISIS_TLV_HOSTNAME 137 /* rfc2763 */ 133 #define ISIS_TLV_SHARED_RISK_GROUP 138 /* draft-ietf-isis-gmpls-extensions */ 134 #define ISIS_TLV_MT_PORT_CAP 143 /* rfc6165 */ 135 #define ISIS_TLV_MT_CAPABILITY 144 /* rfc6329 */ 136 #define ISIS_TLV_NORTEL_PRIVATE1 176 137 #define ISIS_TLV_NORTEL_PRIVATE2 177 138 #define ISIS_TLV_RESTART_SIGNALING 211 /* rfc3847 */ 139 #define ISIS_TLV_RESTART_SIGNALING_FLAGLEN 1 140 #define ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN 2 141 #define ISIS_TLV_MT_IS_REACH 222 /* draft-ietf-isis-wg-multi-topology-05 */ 142 #define ISIS_TLV_MT_SUPPORTED 229 /* draft-ietf-isis-wg-multi-topology-05 */ 143 #define ISIS_TLV_IP6ADDR 232 /* draft-ietf-isis-ipv6-02 */ 144 #define ISIS_TLV_MT_IP_REACH 235 /* draft-ietf-isis-wg-multi-topology-05 */ 145 #define ISIS_TLV_IP6_REACH 236 /* draft-ietf-isis-ipv6-02 */ 146 #define ISIS_TLV_MT_IP6_REACH 237 /* draft-ietf-isis-wg-multi-topology-05 */ 147 #define ISIS_TLV_PTP_ADJ 240 /* rfc3373 */ 148 #define ISIS_TLV_IIH_SEQNR 241 /* draft-shen-isis-iih-sequence-00 */ 149 #define ISIS_TLV_ROUTER_CAPABILITY 242 /* rfc7981 */ 150 #define ISIS_TLV_VENDOR_PRIVATE 250 /* draft-ietf-isis-experimental-tlv-01 */ 151 #define ISIS_TLV_VENDOR_PRIVATE_MINLEN 3 152 153 static const struct tok isis_tlv_values[] = { 154 { ISIS_TLV_AREA_ADDR, "Area address(es)"}, 155 { ISIS_TLV_IS_REACH, "IS Reachability"}, 156 { ISIS_TLV_ESNEIGH, "ES Neighbor(s)"}, 157 { ISIS_TLV_PART_DIS, "Partition DIS"}, 158 { ISIS_TLV_PREFIX_NEIGH, "Prefix Neighbors"}, 159 { ISIS_TLV_ISNEIGH, "IS Neighbor(s)"}, 160 { ISIS_TLV_INSTANCE_ID, "Instance Identifier"}, 161 { ISIS_TLV_PADDING, "Padding"}, 162 { ISIS_TLV_LSP, "LSP entries"}, 163 { ISIS_TLV_AUTH, "Authentication"}, 164 { ISIS_TLV_CHECKSUM, "Checksum"}, 165 { ISIS_TLV_POI, "Purge Originator Identifier"}, 166 { ISIS_TLV_LSP_BUFFERSIZE, "LSP Buffersize"}, 167 { ISIS_TLV_EXT_IS_REACH, "Extended IS Reachability"}, 168 { ISIS_TLV_IS_ALIAS_ID, "IS Alias ID"}, 169 { ISIS_TLV_DECNET_PHASE4, "DECnet Phase IV"}, 170 { ISIS_TLV_LUCENT_PRIVATE, "Lucent Proprietary"}, 171 { ISIS_TLV_INT_IP_REACH, "IPv4 Internal Reachability"}, 172 { ISIS_TLV_PROTOCOLS, "Protocols supported"}, 173 { ISIS_TLV_EXT_IP_REACH, "IPv4 External Reachability"}, 174 { ISIS_TLV_IDRP_INFO, "Inter-Domain Information Type"}, 175 { ISIS_TLV_IPADDR, "IPv4 Interface address(es)"}, 176 { ISIS_TLV_IPAUTH, "IPv4 authentication (deprecated)"}, 177 { ISIS_TLV_TE_ROUTER_ID, "Traffic Engineering Router ID"}, 178 { ISIS_TLV_EXTD_IP_REACH, "Extended IPv4 Reachability"}, 179 { ISIS_TLV_SHARED_RISK_GROUP, "Shared Risk Link Group"}, 180 { ISIS_TLV_MT_PORT_CAP, "Multi-Topology-Aware Port Capability"}, 181 { ISIS_TLV_MT_CAPABILITY, "Multi-Topology Capability"}, 182 { ISIS_TLV_NORTEL_PRIVATE1, "Nortel Proprietary"}, 183 { ISIS_TLV_NORTEL_PRIVATE2, "Nortel Proprietary"}, 184 { ISIS_TLV_HOSTNAME, "Hostname"}, 185 { ISIS_TLV_RESTART_SIGNALING, "Restart Signaling"}, 186 { ISIS_TLV_MT_IS_REACH, "Multi Topology IS Reachability"}, 187 { ISIS_TLV_MT_SUPPORTED, "Multi Topology"}, 188 { ISIS_TLV_IP6ADDR, "IPv6 Interface address(es)"}, 189 { ISIS_TLV_MT_IP_REACH, "Multi-Topology IPv4 Reachability"}, 190 { ISIS_TLV_IP6_REACH, "IPv6 reachability"}, 191 { ISIS_TLV_MT_IP6_REACH, "Multi-Topology IP6 Reachability"}, 192 { ISIS_TLV_PTP_ADJ, "Point-to-point Adjacency State"}, 193 { ISIS_TLV_IIH_SEQNR, "Hello PDU Sequence Number"}, 194 { ISIS_TLV_ROUTER_CAPABILITY, "IS-IS Router Capability"}, 195 { ISIS_TLV_VENDOR_PRIVATE, "Vendor Private"}, 196 { 0, NULL } 197 }; 198 199 #define ESIS_OPTION_PROTOCOLS 129 200 #define ESIS_OPTION_QOS_MAINTENANCE 195 /* iso9542 */ 201 #define ESIS_OPTION_SECURITY 197 /* iso9542 */ 202 #define ESIS_OPTION_ES_CONF_TIME 198 /* iso9542 */ 203 #define ESIS_OPTION_PRIORITY 205 /* iso9542 */ 204 #define ESIS_OPTION_ADDRESS_MASK 225 /* iso9542 */ 205 #define ESIS_OPTION_SNPA_MASK 226 /* iso9542 */ 206 207 static const struct tok esis_option_values[] = { 208 { ESIS_OPTION_PROTOCOLS, "Protocols supported"}, 209 { ESIS_OPTION_QOS_MAINTENANCE, "QoS Maintenance" }, 210 { ESIS_OPTION_SECURITY, "Security" }, 211 { ESIS_OPTION_ES_CONF_TIME, "ES Configuration Time" }, 212 { ESIS_OPTION_PRIORITY, "Priority" }, 213 { ESIS_OPTION_ADDRESS_MASK, "Address Mask" }, 214 { ESIS_OPTION_SNPA_MASK, "SNPA Mask" }, 215 { 0, NULL } 216 }; 217 218 #define CLNP_OPTION_DISCARD_REASON 193 219 #define CLNP_OPTION_QOS_MAINTENANCE 195 /* iso8473 */ 220 #define CLNP_OPTION_SECURITY 197 /* iso8473 */ 221 #define CLNP_OPTION_SOURCE_ROUTING 200 /* iso8473 */ 222 #define CLNP_OPTION_ROUTE_RECORDING 203 /* iso8473 */ 223 #define CLNP_OPTION_PADDING 204 /* iso8473 */ 224 #define CLNP_OPTION_PRIORITY 205 /* iso8473 */ 225 226 static const struct tok clnp_option_values[] = { 227 { CLNP_OPTION_DISCARD_REASON, "Discard Reason"}, 228 { CLNP_OPTION_PRIORITY, "Priority"}, 229 { CLNP_OPTION_QOS_MAINTENANCE, "QoS Maintenance"}, 230 { CLNP_OPTION_SECURITY, "Security"}, 231 { CLNP_OPTION_SOURCE_ROUTING, "Source Routing"}, 232 { CLNP_OPTION_ROUTE_RECORDING, "Route Recording"}, 233 { CLNP_OPTION_PADDING, "Padding"}, 234 { 0, NULL } 235 }; 236 237 static const struct tok clnp_option_rfd_class_values[] = { 238 { 0x0, "General"}, 239 { 0x8, "Address"}, 240 { 0x9, "Source Routeing"}, 241 { 0xa, "Lifetime"}, 242 { 0xb, "PDU Discarded"}, 243 { 0xc, "Reassembly"}, 244 { 0, NULL } 245 }; 246 247 static const struct tok clnp_option_rfd_general_values[] = { 248 { 0x0, "Reason not specified"}, 249 { 0x1, "Protocol procedure error"}, 250 { 0x2, "Incorrect checksum"}, 251 { 0x3, "PDU discarded due to congestion"}, 252 { 0x4, "Header syntax error (cannot be parsed)"}, 253 { 0x5, "Segmentation needed but not permitted"}, 254 { 0x6, "Incomplete PDU received"}, 255 { 0x7, "Duplicate option"}, 256 { 0, NULL } 257 }; 258 259 static const struct tok clnp_option_rfd_address_values[] = { 260 { 0x0, "Destination address unreachable"}, 261 { 0x1, "Destination address unknown"}, 262 { 0, NULL } 263 }; 264 265 static const struct tok clnp_option_rfd_source_routeing_values[] = { 266 { 0x0, "Unspecified source routeing error"}, 267 { 0x1, "Syntax error in source routeing field"}, 268 { 0x2, "Unknown address in source routeing field"}, 269 { 0x3, "Path not acceptable"}, 270 { 0, NULL } 271 }; 272 273 static const struct tok clnp_option_rfd_lifetime_values[] = { 274 { 0x0, "Lifetime expired while data unit in transit"}, 275 { 0x1, "Lifetime expired during reassembly"}, 276 { 0, NULL } 277 }; 278 279 static const struct tok clnp_option_rfd_pdu_discard_values[] = { 280 { 0x0, "Unsupported option not specified"}, 281 { 0x1, "Unsupported protocol version"}, 282 { 0x2, "Unsupported security option"}, 283 { 0x3, "Unsupported source routeing option"}, 284 { 0x4, "Unsupported recording of route option"}, 285 { 0, NULL } 286 }; 287 288 static const struct tok clnp_option_rfd_reassembly_values[] = { 289 { 0x0, "Reassembly interference"}, 290 { 0, NULL } 291 }; 292 293 /* array of 16 error-classes */ 294 static const struct tok *clnp_option_rfd_error_class[] = { 295 clnp_option_rfd_general_values, 296 NULL, 297 NULL, 298 NULL, 299 NULL, 300 NULL, 301 NULL, 302 NULL, 303 clnp_option_rfd_address_values, 304 clnp_option_rfd_source_routeing_values, 305 clnp_option_rfd_lifetime_values, 306 clnp_option_rfd_pdu_discard_values, 307 clnp_option_rfd_reassembly_values, 308 NULL, 309 NULL, 310 NULL 311 }; 312 313 #define CLNP_OPTION_OPTION_QOS_MASK 0x3f 314 #define CLNP_OPTION_SCOPE_MASK 0xc0 315 #define CLNP_OPTION_SCOPE_SA_SPEC 0x40 316 #define CLNP_OPTION_SCOPE_DA_SPEC 0x80 317 #define CLNP_OPTION_SCOPE_GLOBAL 0xc0 318 319 static const struct tok clnp_option_scope_values[] = { 320 { CLNP_OPTION_SCOPE_SA_SPEC, "Source Address Specific"}, 321 { CLNP_OPTION_SCOPE_DA_SPEC, "Destination Address Specific"}, 322 { CLNP_OPTION_SCOPE_GLOBAL, "Globally unique"}, 323 { 0, NULL } 324 }; 325 326 static const struct tok clnp_option_sr_rr_values[] = { 327 { 0x0, "partial"}, 328 { 0x1, "complete"}, 329 { 0, NULL } 330 }; 331 332 static const struct tok clnp_option_sr_rr_string_values[] = { 333 { CLNP_OPTION_SOURCE_ROUTING, "source routing"}, 334 { CLNP_OPTION_ROUTE_RECORDING, "recording of route in progress"}, 335 { 0, NULL } 336 }; 337 338 static const struct tok clnp_option_qos_global_values[] = { 339 { 0x20, "reserved"}, 340 { 0x10, "sequencing vs. delay"}, 341 { 0x08, "congested"}, 342 { 0x04, "delay vs. cost"}, 343 { 0x02, "error vs. delay"}, 344 { 0x01, "error vs. cost"}, 345 { 0, NULL } 346 }; 347 348 static const struct tok isis_tlv_router_capability_flags[] = { 349 { 0x01, "S bit"}, 350 { 0x02, "D bit"}, 351 { 0, NULL } 352 }; 353 354 #define ISIS_SUBTLV_ROUTER_CAP_SR 2 /* rfc 8667 */ 355 356 static const struct tok isis_router_capability_subtlv_values[] = { 357 { ISIS_SUBTLV_ROUTER_CAP_SR, "SR-Capabilities"}, 358 { 0, NULL } 359 }; 360 361 static const struct tok isis_router_capability_sr_flags[] = { 362 { 0x80, "ipv4"}, 363 { 0x40, "ipv6"}, 364 { 0, NULL } 365 }; 366 367 #define ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP 3 /* rfc5305 */ 368 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID 4 /* rfc4205 */ 369 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID 5 /* rfc5305 */ 370 #define ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR 6 /* rfc5305 */ 371 #define ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR 8 /* rfc5305 */ 372 #define ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW 9 /* rfc5305 */ 373 #define ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW 10 /* rfc5305 */ 374 #define ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW 11 /* rfc4124 */ 375 #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD 12 /* draft-ietf-tewg-diff-te-proto-06 */ 376 #define ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC 18 /* rfc5305 */ 377 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE 19 /* draft-ietf-isis-link-attr-01 */ 378 #define ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE 20 /* rfc4205 */ 379 #define ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR 21 /* rfc4205 */ 380 #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS 22 /* rfc4124 */ 381 #define ISIS_SUBTLV_EXT_IS_REACH_LAN_ADJ_SEGMENT_ID 32 /* rfc8667 */ 382 383 #define ISIS_SUBTLV_SPB_METRIC 29 /* rfc6329 */ 384 385 static const struct tok isis_ext_is_reach_subtlv_values[] = { 386 { ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP, "Administrative groups" }, 387 { ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID, "Link Local/Remote Identifier" }, 388 { ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID, "Link Remote Identifier" }, 389 { ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR, "IPv4 interface address" }, 390 { ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR, "IPv4 neighbor address" }, 391 { ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW, "Maximum link bandwidth" }, 392 { ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW, "Reservable link bandwidth" }, 393 { ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW, "Unreserved bandwidth" }, 394 { ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC, "Traffic Engineering Metric" }, 395 { ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE, "Link Attribute" }, 396 { ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE, "Link Protection Type" }, 397 { ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR, "Interface Switching Capability" }, 398 { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD, "Bandwidth Constraints (old)" }, 399 { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS, "Bandwidth Constraints" }, 400 { ISIS_SUBTLV_EXT_IS_REACH_LAN_ADJ_SEGMENT_ID, "LAN Adjacency Segment Identifier" }, 401 { ISIS_SUBTLV_SPB_METRIC, "SPB Metric" }, 402 { 250, "Reserved for cisco specific extensions" }, 403 { 251, "Reserved for cisco specific extensions" }, 404 { 252, "Reserved for cisco specific extensions" }, 405 { 253, "Reserved for cisco specific extensions" }, 406 { 254, "Reserved for cisco specific extensions" }, 407 { 255, "Reserved for future expansion" }, 408 { 0, NULL } 409 }; 410 411 #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32 1 /* draft-ietf-isis-admin-tags-01 */ 412 #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64 2 /* draft-ietf-isis-admin-tags-01 */ 413 #define ISIS_SUBTLV_EXTD_IP_REACH_PREFIX_SID 3 /* rfc8667 */ 414 #define ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR 117 /* draft-ietf-isis-wg-multi-topology-05 */ 415 416 static const struct tok isis_ext_ip_reach_subtlv_values[] = { 417 { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32, "32-Bit Administrative tag" }, 418 { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64, "64-Bit Administrative tag" }, 419 { ISIS_SUBTLV_EXTD_IP_REACH_PREFIX_SID, "Prefix SID" }, 420 { ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR, "Management Prefix Color" }, 421 { 0, NULL } 422 }; 423 424 #define ISIS_PREFIX_SID_FLAG_R 0x80 /* rfc 8667 */ 425 #define ISIS_PREFIX_SID_FLAG_N 0x40 /* rfc 8667 */ 426 #define ISIS_PREFIX_SID_FLAG_P 0x20 /* rfc 8667 */ 427 #define ISIS_PREFIX_SID_FLAG_E 0x10 /* rfc 8667 */ 428 #define ISIS_PREFIX_SID_FLAG_V 0x08 /* rfc 8667 */ 429 #define ISIS_PREFIX_SID_FLAG_L 0x04 /* rfc 8667 */ 430 431 static const struct tok prefix_sid_flag_values[] = { 432 { ISIS_PREFIX_SID_FLAG_R, "Readvertisement"}, 433 { ISIS_PREFIX_SID_FLAG_N, "Node"}, 434 { ISIS_PREFIX_SID_FLAG_P, "No-PHP"}, 435 { ISIS_PREFIX_SID_FLAG_E, "Explicit NULL"}, 436 { ISIS_PREFIX_SID_FLAG_V, "Value"}, 437 { ISIS_PREFIX_SID_FLAG_L, "Local"}, 438 { 0, NULL} 439 }; 440 441 442 /* rfc 8667 */ 443 static const struct tok prefix_sid_algo_values[] = { 444 { 0, "SPF"}, 445 { 1, "strict-SPF"}, 446 { 0, NULL} 447 }; 448 449 static const struct tok isis_subtlv_link_attribute_values[] = { 450 { 0x01, "Local Protection Available" }, 451 { 0x02, "Link excluded from local protection path" }, 452 { 0x04, "Local maintenance required"}, 453 { 0, NULL } 454 }; 455 456 static const struct tok isis_lan_adj_sid_flag_values[] = { 457 { 0x80, "Address family IPv6" }, 458 { 0x40, "Backup" }, 459 { 0x20, "Value" }, 460 { 0x10, "Local significance" }, 461 { 0x08, "Set of adjacencies" }, 462 { 0x04, "Persistent" }, 463 { 0, NULL } 464 }; 465 466 #define ISIS_SUBTLV_AUTH_SIMPLE 1 467 #define ISIS_SUBTLV_AUTH_GENERIC 3 /* rfc 5310 */ 468 #define ISIS_SUBTLV_AUTH_MD5 54 469 #define ISIS_SUBTLV_AUTH_MD5_LEN 16 470 #define ISIS_SUBTLV_AUTH_PRIVATE 255 471 472 static const struct tok isis_subtlv_auth_values[] = { 473 { ISIS_SUBTLV_AUTH_SIMPLE, "simple text password"}, 474 { ISIS_SUBTLV_AUTH_GENERIC, "Generic Crypto key-id"}, 475 { ISIS_SUBTLV_AUTH_MD5, "HMAC-MD5 password"}, 476 { ISIS_SUBTLV_AUTH_PRIVATE, "Routing Domain private password"}, 477 { 0, NULL } 478 }; 479 480 #define ISIS_SUBTLV_IDRP_RES 0 481 #define ISIS_SUBTLV_IDRP_LOCAL 1 482 #define ISIS_SUBTLV_IDRP_ASN 2 483 484 static const struct tok isis_subtlv_idrp_values[] = { 485 { ISIS_SUBTLV_IDRP_RES, "Reserved"}, 486 { ISIS_SUBTLV_IDRP_LOCAL, "Routing-Domain Specific"}, 487 { ISIS_SUBTLV_IDRP_ASN, "AS Number Tag"}, 488 { 0, NULL} 489 }; 490 491 #define ISIS_SUBTLV_SPB_MCID 4 492 #define ISIS_SUBTLV_SPB_DIGEST 5 493 #define ISIS_SUBTLV_SPB_BVID 6 494 495 #define ISIS_SUBTLV_SPB_INSTANCE 1 496 #define ISIS_SUBTLV_SPBM_SI 3 497 498 #define ISIS_SPB_MCID_LEN 51 499 #define ISIS_SUBTLV_SPB_MCID_MIN_LEN 102 500 #define ISIS_SUBTLV_SPB_DIGEST_MIN_LEN 33 501 #define ISIS_SUBTLV_SPB_BVID_MIN_LEN 6 502 #define ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN 19 503 #define ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN 8 504 505 static const struct tok isis_mt_port_cap_subtlv_values[] = { 506 { ISIS_SUBTLV_SPB_MCID, "SPB MCID" }, 507 { ISIS_SUBTLV_SPB_DIGEST, "SPB Digest" }, 508 { ISIS_SUBTLV_SPB_BVID, "SPB BVID" }, 509 { 0, NULL } 510 }; 511 512 static const struct tok isis_mt_capability_subtlv_values[] = { 513 { ISIS_SUBTLV_SPB_INSTANCE, "SPB Instance" }, 514 { ISIS_SUBTLV_SPBM_SI, "SPBM Service Identifier and Unicast Address" }, 515 { 0, NULL } 516 }; 517 518 struct isis_spb_mcid { 519 nd_uint8_t format_id; 520 nd_byte name[32]; 521 nd_uint16_t revision_lvl; 522 nd_byte digest[16]; 523 }; 524 525 struct isis_subtlv_spb_mcid { 526 struct isis_spb_mcid mcid; 527 struct isis_spb_mcid aux_mcid; 528 }; 529 530 struct isis_subtlv_spb_instance { 531 nd_byte cist_root_id[8]; 532 nd_uint32_t cist_external_root_path_cost; 533 nd_uint16_t bridge_priority; 534 nd_uint32_t spsourceid; 535 nd_uint8_t no_of_trees; 536 }; 537 538 #define CLNP_SEGMENT_PART 0x80 539 #define CLNP_MORE_SEGMENTS 0x40 540 #define CLNP_REQUEST_ER 0x20 541 542 static const struct tok clnp_flag_values[] = { 543 { CLNP_SEGMENT_PART, "Segmentation permitted"}, 544 { CLNP_MORE_SEGMENTS, "more Segments"}, 545 { CLNP_REQUEST_ER, "request Error Report"}, 546 { 0, NULL} 547 }; 548 549 #define ISIS_MASK_LSP_OL_BIT(x) (GET_U_1(x)&0x4) 550 #define ISIS_MASK_LSP_ISTYPE_BITS(x) (GET_U_1(x)&0x3) 551 #define ISIS_MASK_LSP_PARTITION_BIT(x) (GET_U_1(x)&0x80) 552 #define ISIS_MASK_LSP_ATT_BITS(x) (GET_U_1(x)&0x78) 553 #define ISIS_MASK_LSP_ATT_ERROR_BIT(x) (GET_U_1(x)&0x40) 554 #define ISIS_MASK_LSP_ATT_EXPENSE_BIT(x) (GET_U_1(x)&0x20) 555 #define ISIS_MASK_LSP_ATT_DELAY_BIT(x) (GET_U_1(x)&0x10) 556 #define ISIS_MASK_LSP_ATT_DEFAULT_BIT(x) (GET_U_1(x)&0x8) 557 558 #define ISIS_MASK_MTID(x) ((x)&0x0fff) 559 #define ISIS_MASK_MTFLAGS(x) ((x)&0xf000) 560 561 static const struct tok isis_mt_flag_values[] = { 562 { 0x4000, "ATT bit set"}, 563 { 0x8000, "Overload bit set"}, 564 { 0, NULL} 565 }; 566 567 #define ISIS_MASK_TLV_EXTD_IP_UPDOWN(x) ((x)&0x80) 568 #define ISIS_MASK_TLV_EXTD_IP_SUBTLV(x) ((x)&0x40) 569 570 #define ISIS_MASK_TLV_EXTD_IP6_IE(x) ((x)&0x40) 571 #define ISIS_MASK_TLV_EXTD_IP6_SUBTLV(x) ((x)&0x20) 572 573 #define ISIS_LSP_TLV_METRIC_SUPPORTED(x) (GET_U_1(x)&0x80) 574 #define ISIS_LSP_TLV_METRIC_IE(x) (GET_U_1(x)&0x40) 575 #define ISIS_LSP_TLV_METRIC_UPDOWN(x) (GET_U_1(x)&0x80) 576 #define ISIS_LSP_TLV_METRIC_VALUE(x) (GET_U_1(x)&0x3f) 577 578 #define ISIS_MASK_TLV_SHARED_RISK_GROUP(x) ((x)&0x1) 579 580 static const struct tok isis_mt_values[] = { 581 { 0, "IPv4 unicast"}, 582 { 1, "In-Band Management"}, 583 { 2, "IPv6 unicast"}, 584 { 3, "Multicast"}, 585 { 4095, "Development, Experimental or Proprietary"}, 586 { 0, NULL } 587 }; 588 589 static const struct tok isis_iih_circuit_type_values[] = { 590 { 1, "Level 1 only"}, 591 { 2, "Level 2 only"}, 592 { 3, "Level 1, Level 2"}, 593 { 0, NULL} 594 }; 595 596 #define ISIS_LSP_TYPE_UNUSED0 0 597 #define ISIS_LSP_TYPE_LEVEL_1 1 598 #define ISIS_LSP_TYPE_UNUSED2 2 599 #define ISIS_LSP_TYPE_LEVEL_2 3 600 601 static const struct tok isis_lsp_istype_values[] = { 602 { ISIS_LSP_TYPE_UNUSED0, "Unused 0x0 (invalid)"}, 603 { ISIS_LSP_TYPE_LEVEL_1, "L1 IS"}, 604 { ISIS_LSP_TYPE_UNUSED2, "Unused 0x2 (invalid)"}, 605 { ISIS_LSP_TYPE_LEVEL_2, "L2 IS"}, 606 { 0, NULL } 607 }; 608 609 /* 610 * Katz's point to point adjacency TLV uses codes to tell us the state of 611 * the remote adjacency. Enumerate them. 612 */ 613 614 #define ISIS_PTP_ADJ_UP 0 615 #define ISIS_PTP_ADJ_INIT 1 616 #define ISIS_PTP_ADJ_DOWN 2 617 618 static const struct tok isis_ptp_adjacency_values[] = { 619 { ISIS_PTP_ADJ_UP, "Up" }, 620 { ISIS_PTP_ADJ_INIT, "Initializing" }, 621 { ISIS_PTP_ADJ_DOWN, "Down" }, 622 { 0, NULL} 623 }; 624 625 struct isis_tlv_ptp_adj { 626 nd_uint8_t adjacency_state; 627 nd_uint32_t extd_local_circuit_id; 628 nd_byte neighbor_sysid[SYSTEM_ID_LEN]; 629 nd_uint32_t neighbor_extd_local_circuit_id; 630 }; 631 632 static void osi_print_cksum(netdissect_options *, const uint8_t *pptr, 633 uint16_t checksum, int checksum_offset, u_int length); 634 static int clnp_print(netdissect_options *, const uint8_t *, u_int); 635 static void esis_print(netdissect_options *, const uint8_t *, u_int); 636 static int isis_print(netdissect_options *, const uint8_t *, u_int); 637 638 struct isis_metric_block { 639 nd_uint8_t metric_default; 640 nd_uint8_t metric_delay; 641 nd_uint8_t metric_expense; 642 nd_uint8_t metric_error; 643 }; 644 645 struct isis_tlv_is_reach { 646 struct isis_metric_block isis_metric_block; 647 nd_byte neighbor_nodeid[NODE_ID_LEN]; 648 }; 649 650 struct isis_tlv_es_reach { 651 struct isis_metric_block isis_metric_block; 652 nd_byte neighbor_sysid[SYSTEM_ID_LEN]; 653 }; 654 655 struct isis_tlv_ip_reach { 656 struct isis_metric_block isis_metric_block; 657 nd_ipv4 prefix; 658 nd_ipv4 mask; 659 }; 660 661 static const struct tok isis_is_reach_virtual_values[] = { 662 { 0, "IsNotVirtual"}, 663 { 1, "IsVirtual"}, 664 { 0, NULL } 665 }; 666 667 static const struct tok isis_restart_flag_values[] = { 668 { 0x1, "Restart Request"}, 669 { 0x2, "Restart Acknowledgement"}, 670 { 0x4, "Suppress adjacency advertisement"}, 671 { 0, NULL } 672 }; 673 674 struct isis_common_header { 675 nd_uint8_t nlpid; 676 nd_uint8_t fixed_len; 677 nd_uint8_t version; /* Protocol version */ 678 nd_uint8_t id_length; 679 nd_uint8_t pdu_type; /* 3 MSbits are reserved */ 680 nd_uint8_t pdu_version; /* Packet format version */ 681 nd_byte reserved; 682 nd_uint8_t max_area; 683 }; 684 685 struct isis_iih_lan_header { 686 nd_uint8_t circuit_type; 687 nd_byte source_id[SYSTEM_ID_LEN]; 688 nd_uint16_t holding_time; 689 nd_uint16_t pdu_len; 690 nd_uint8_t priority; 691 nd_byte lan_id[NODE_ID_LEN]; 692 }; 693 694 struct isis_iih_ptp_header { 695 nd_uint8_t circuit_type; 696 nd_byte source_id[SYSTEM_ID_LEN]; 697 nd_uint16_t holding_time; 698 nd_uint16_t pdu_len; 699 nd_uint8_t circuit_id; 700 }; 701 702 struct isis_lsp_header { 703 nd_uint16_t pdu_len; 704 nd_uint16_t remaining_lifetime; 705 nd_byte lsp_id[LSP_ID_LEN]; 706 nd_uint32_t sequence_number; 707 nd_uint16_t checksum; 708 nd_uint8_t typeblock; 709 }; 710 711 struct isis_csnp_header { 712 nd_uint16_t pdu_len; 713 nd_byte source_id[NODE_ID_LEN]; 714 nd_byte start_lsp_id[LSP_ID_LEN]; 715 nd_byte end_lsp_id[LSP_ID_LEN]; 716 }; 717 718 struct isis_psnp_header { 719 nd_uint16_t pdu_len; 720 nd_byte source_id[NODE_ID_LEN]; 721 }; 722 723 struct isis_tlv_lsp { 724 nd_uint16_t remaining_lifetime; 725 nd_byte lsp_id[LSP_ID_LEN]; 726 nd_uint32_t sequence_number; 727 nd_uint16_t checksum; 728 }; 729 730 #define ISIS_COMMON_HEADER_SIZE (sizeof(struct isis_common_header)) 731 #define ISIS_IIH_LAN_HEADER_SIZE (sizeof(struct isis_iih_lan_header)) 732 #define ISIS_IIH_PTP_HEADER_SIZE (sizeof(struct isis_iih_ptp_header)) 733 #define ISIS_LSP_HEADER_SIZE (sizeof(struct isis_lsp_header)) 734 #define ISIS_CSNP_HEADER_SIZE (sizeof(struct isis_csnp_header)) 735 #define ISIS_PSNP_HEADER_SIZE (sizeof(struct isis_psnp_header)) 736 737 void 738 isoclns_print(netdissect_options *ndo, const u_char *p, u_int length) 739 { 740 ndo->ndo_protocol = "isoclns"; 741 742 if (ndo->ndo_eflag) 743 ND_PRINT("OSI NLPID %s (0x%02x): ", 744 tok2str(nlpid_values, "Unknown", GET_U_1(p)), 745 GET_U_1(p)); 746 747 switch (GET_U_1(p)) { 748 749 case NLPID_CLNP: 750 if (!clnp_print(ndo, p, length)) 751 print_unknown_data(ndo, p, "\n\t", length); 752 break; 753 754 case NLPID_ESIS: 755 esis_print(ndo, p, length); 756 return; 757 758 case NLPID_ISIS: 759 if (!isis_print(ndo, p, length)) 760 print_unknown_data(ndo, p, "\n\t", length); 761 break; 762 763 case NLPID_NULLNS: 764 ND_PRINT("%slength: %u", ndo->ndo_eflag ? "" : ", ", length); 765 break; 766 767 case NLPID_Q933: 768 q933_print(ndo, p + 1, length - 1); 769 break; 770 771 case NLPID_IP: 772 ip_print(ndo, p + 1, length - 1); 773 break; 774 775 case NLPID_IP6: 776 ip6_print(ndo, p + 1, length - 1); 777 break; 778 779 case NLPID_PPP: 780 ppp_print(ndo, p + 1, length - 1); 781 break; 782 783 default: 784 if (!ndo->ndo_eflag) 785 ND_PRINT("OSI NLPID 0x%02x unknown", GET_U_1(p)); 786 ND_PRINT("%slength: %u", ndo->ndo_eflag ? "" : ", ", length); 787 if (length > 1) 788 print_unknown_data(ndo, p, "\n\t", length); 789 break; 790 } 791 } 792 793 #define CLNP_PDU_ER 1 794 #define CLNP_PDU_DT 28 795 #define CLNP_PDU_MD 29 796 #define CLNP_PDU_ERQ 30 797 #define CLNP_PDU_ERP 31 798 799 static const struct tok clnp_pdu_values[] = { 800 { CLNP_PDU_ER, "Error Report"}, 801 { CLNP_PDU_MD, "MD"}, 802 { CLNP_PDU_DT, "Data"}, 803 { CLNP_PDU_ERQ, "Echo Request"}, 804 { CLNP_PDU_ERP, "Echo Response"}, 805 { 0, NULL } 806 }; 807 808 struct clnp_header_t { 809 nd_uint8_t nlpid; 810 nd_uint8_t length_indicator; 811 nd_uint8_t version; 812 nd_uint8_t lifetime; /* units of 500ms */ 813 nd_uint8_t type; 814 nd_uint16_t segment_length; 815 nd_uint16_t cksum; 816 }; 817 818 struct clnp_segment_header_t { 819 nd_uint16_t data_unit_id; 820 nd_uint16_t segment_offset; 821 nd_uint16_t total_length; 822 }; 823 824 /* 825 * clnp_print 826 * Decode CLNP packets. Return 0 on error. 827 */ 828 829 static int 830 clnp_print(netdissect_options *ndo, 831 const uint8_t *pptr, u_int length) 832 { 833 const uint8_t *optr,*source_address,*dest_address; 834 u_int li,li_remaining,tlen,nsap_offset,source_address_length,dest_address_length, clnp_pdu_type, clnp_flags; 835 const struct clnp_header_t *clnp_header; 836 const struct clnp_segment_header_t *clnp_segment_header; 837 uint8_t rfd_error,rfd_error_major,rfd_error_minor; 838 839 ndo->ndo_protocol = "clnp"; 840 clnp_header = (const struct clnp_header_t *) pptr; 841 ND_TCHECK_SIZE(clnp_header); 842 843 li = GET_U_1(clnp_header->length_indicator); 844 li_remaining = li; 845 optr = pptr; 846 847 if (!ndo->ndo_eflag) 848 nd_print_protocol_caps(ndo); 849 850 /* 851 * Sanity checking of the header. 852 */ 853 854 if (GET_U_1(clnp_header->version) != CLNP_VERSION) { 855 ND_PRINT("version %u packet not supported", 856 GET_U_1(clnp_header->version)); 857 return (0); 858 } 859 860 if (li > length) { 861 ND_PRINT(" length indicator(%u) > PDU size (%u)!", li, length); 862 return (0); 863 } 864 865 if (li < sizeof(struct clnp_header_t)) { 866 ND_PRINT(" length indicator %u < min PDU size:", li); 867 while (pptr < ndo->ndo_snapend) { 868 ND_PRINT("%02X", GET_U_1(pptr)); 869 pptr++; 870 } 871 return (0); 872 } 873 874 /* FIXME further header sanity checking */ 875 876 clnp_pdu_type = GET_U_1(clnp_header->type) & CLNP_PDU_TYPE_MASK; 877 clnp_flags = GET_U_1(clnp_header->type) & CLNP_FLAG_MASK; 878 879 pptr += sizeof(struct clnp_header_t); 880 li_remaining -= sizeof(struct clnp_header_t); 881 882 if (li_remaining < 1) { 883 ND_PRINT("li < size of fixed part of CLNP header and addresses"); 884 return (0); 885 } 886 dest_address_length = GET_U_1(pptr); 887 pptr += 1; 888 li_remaining -= 1; 889 if (li_remaining < dest_address_length) { 890 ND_PRINT("li < size of fixed part of CLNP header and addresses"); 891 return (0); 892 } 893 ND_TCHECK_LEN(pptr, dest_address_length); 894 dest_address = pptr; 895 pptr += dest_address_length; 896 li_remaining -= dest_address_length; 897 898 if (li_remaining < 1) { 899 ND_PRINT("li < size of fixed part of CLNP header and addresses"); 900 return (0); 901 } 902 source_address_length = GET_U_1(pptr); 903 pptr += 1; 904 li_remaining -= 1; 905 if (li_remaining < source_address_length) { 906 ND_PRINT("li < size of fixed part of CLNP header and addresses"); 907 return (0); 908 } 909 ND_TCHECK_LEN(pptr, source_address_length); 910 source_address = pptr; 911 pptr += source_address_length; 912 li_remaining -= source_address_length; 913 914 if (ndo->ndo_vflag < 1) { 915 ND_PRINT("%s%s > %s, %s, length %u", 916 ndo->ndo_eflag ? "" : ", ", 917 GET_ISONSAP_STRING(source_address, source_address_length), 918 GET_ISONSAP_STRING(dest_address, dest_address_length), 919 tok2str(clnp_pdu_values,"unknown (%u)",clnp_pdu_type), 920 length); 921 return (1); 922 } 923 ND_PRINT("%slength %u", ndo->ndo_eflag ? "" : ", ", length); 924 925 ND_PRINT("\n\t%s PDU, hlen: %u, v: %u, lifetime: %u.%us, Segment PDU length: %u, checksum: 0x%04x", 926 tok2str(clnp_pdu_values, "unknown (%u)",clnp_pdu_type), 927 GET_U_1(clnp_header->length_indicator), 928 GET_U_1(clnp_header->version), 929 GET_U_1(clnp_header->lifetime)/2, 930 (GET_U_1(clnp_header->lifetime)%2)*5, 931 GET_BE_U_2(clnp_header->segment_length), 932 GET_BE_U_2(clnp_header->cksum)); 933 934 osi_print_cksum(ndo, optr, GET_BE_U_2(clnp_header->cksum), 7, 935 GET_U_1(clnp_header->length_indicator)); 936 937 ND_PRINT("\n\tFlags [%s]", 938 bittok2str(clnp_flag_values, "none", clnp_flags)); 939 940 ND_PRINT("\n\tsource address (length %u): %s\n\tdest address (length %u): %s", 941 source_address_length, 942 GET_ISONSAP_STRING(source_address, source_address_length), 943 dest_address_length, 944 GET_ISONSAP_STRING(dest_address, dest_address_length)); 945 946 if (clnp_flags & CLNP_SEGMENT_PART) { 947 if (li_remaining < sizeof(struct clnp_segment_header_t)) { 948 ND_PRINT("li < size of fixed part of CLNP header, addresses, and segment part"); 949 return (0); 950 } 951 clnp_segment_header = (const struct clnp_segment_header_t *) pptr; 952 ND_TCHECK_SIZE(clnp_segment_header); 953 ND_PRINT("\n\tData Unit ID: 0x%04x, Segment Offset: %u, Total PDU Length: %u", 954 GET_BE_U_2(clnp_segment_header->data_unit_id), 955 GET_BE_U_2(clnp_segment_header->segment_offset), 956 GET_BE_U_2(clnp_segment_header->total_length)); 957 pptr+=sizeof(struct clnp_segment_header_t); 958 li_remaining-=sizeof(struct clnp_segment_header_t); 959 } 960 961 /* now walk the options */ 962 while (li_remaining != 0) { 963 u_int op, opli; 964 const uint8_t *tptr; 965 966 if (li_remaining < 2) { 967 ND_PRINT(", bad opts/li"); 968 return (0); 969 } 970 op = GET_U_1(pptr); 971 opli = GET_U_1(pptr + 1); 972 pptr += 2; 973 li_remaining -= 2; 974 if (opli > li_remaining) { 975 ND_PRINT(", opt (%u) too long", op); 976 return (0); 977 } 978 ND_TCHECK_LEN(pptr, opli); 979 li_remaining -= opli; 980 tptr = pptr; 981 tlen = opli; 982 983 ND_PRINT("\n\t %s Option #%u, length %u, value: ", 984 tok2str(clnp_option_values,"Unknown",op), 985 op, 986 opli); 987 988 /* 989 * We've already checked that the entire option is present 990 * in the captured packet with the ND_TCHECK_LEN() call. 991 * Therefore, we don't need to do ND_TCHECK()/ND_TCHECK_LEN() 992 * checks. 993 * We do, however, need to check tlen, to make sure we 994 * don't run past the end of the option. 995 */ 996 switch (op) { 997 998 999 case CLNP_OPTION_ROUTE_RECORDING: /* those two options share the format */ 1000 case CLNP_OPTION_SOURCE_ROUTING: 1001 if (tlen < 2) { 1002 ND_PRINT(", bad opt len"); 1003 return (0); 1004 } 1005 ND_PRINT("%s %s", 1006 tok2str(clnp_option_sr_rr_values,"Unknown",GET_U_1(tptr)), 1007 tok2str(clnp_option_sr_rr_string_values, "Unknown Option %u", op)); 1008 nsap_offset=GET_U_1(tptr + 1); 1009 if (nsap_offset == 0) { 1010 ND_PRINT(" Bad NSAP offset (0)"); 1011 break; 1012 } 1013 nsap_offset-=1; /* offset to nsap list */ 1014 if (nsap_offset > tlen) { 1015 ND_PRINT(" Bad NSAP offset (past end of option)"); 1016 break; 1017 } 1018 tptr+=nsap_offset; 1019 tlen-=nsap_offset; 1020 while (tlen > 0) { 1021 source_address_length=GET_U_1(tptr); 1022 if (tlen < source_address_length+1) { 1023 ND_PRINT("\n\t NSAP address goes past end of option"); 1024 break; 1025 } 1026 if (source_address_length > 0) { 1027 source_address=(tptr+1); 1028 ND_PRINT("\n\t NSAP address (length %u): %s", 1029 source_address_length, 1030 GET_ISONSAP_STRING(source_address, source_address_length)); 1031 } 1032 tlen-=source_address_length+1; 1033 } 1034 break; 1035 1036 case CLNP_OPTION_PRIORITY: 1037 if (tlen < 1) { 1038 ND_PRINT(", bad opt len"); 1039 return (0); 1040 } 1041 ND_PRINT("0x%1x", GET_U_1(tptr)&0x0f); 1042 break; 1043 1044 case CLNP_OPTION_QOS_MAINTENANCE: 1045 if (tlen < 1) { 1046 ND_PRINT(", bad opt len"); 1047 return (0); 1048 } 1049 ND_PRINT("\n\t Format Code: %s", 1050 tok2str(clnp_option_scope_values, "Reserved", GET_U_1(tptr) & CLNP_OPTION_SCOPE_MASK)); 1051 1052 if ((GET_U_1(tptr)&CLNP_OPTION_SCOPE_MASK) == CLNP_OPTION_SCOPE_GLOBAL) 1053 ND_PRINT("\n\t QoS Flags [%s]", 1054 bittok2str(clnp_option_qos_global_values, 1055 "none", 1056 GET_U_1(tptr)&CLNP_OPTION_OPTION_QOS_MASK)); 1057 break; 1058 1059 case CLNP_OPTION_SECURITY: 1060 if (tlen < 2) { 1061 ND_PRINT(", bad opt len"); 1062 return (0); 1063 } 1064 ND_PRINT("\n\t Format Code: %s, Security-Level %u", 1065 tok2str(clnp_option_scope_values,"Reserved",GET_U_1(tptr)&CLNP_OPTION_SCOPE_MASK), 1066 GET_U_1(tptr + 1)); 1067 break; 1068 1069 case CLNP_OPTION_DISCARD_REASON: 1070 if (tlen < 1) { 1071 ND_PRINT(", bad opt len"); 1072 return (0); 1073 } 1074 rfd_error = GET_U_1(tptr); 1075 rfd_error_major = (rfd_error&0xf0) >> 4; 1076 rfd_error_minor = rfd_error&0x0f; 1077 ND_PRINT("\n\t Class: %s Error (0x%01x), %s (0x%01x)", 1078 tok2str(clnp_option_rfd_class_values,"Unknown",rfd_error_major), 1079 rfd_error_major, 1080 tok2str(clnp_option_rfd_error_class[rfd_error_major],"Unknown",rfd_error_minor), 1081 rfd_error_minor); 1082 break; 1083 1084 case CLNP_OPTION_PADDING: 1085 ND_PRINT("padding data"); 1086 break; 1087 1088 /* 1089 * FIXME those are the defined Options that lack a decoder 1090 * you are welcome to contribute code ;-) 1091 */ 1092 1093 default: 1094 print_unknown_data(ndo, tptr, "\n\t ", opli); 1095 break; 1096 } 1097 if (ndo->ndo_vflag > 1) 1098 print_unknown_data(ndo, pptr, "\n\t ", opli); 1099 pptr += opli; 1100 } 1101 1102 switch (clnp_pdu_type) { 1103 1104 case CLNP_PDU_ER: /* fall through */ 1105 case CLNP_PDU_ERP: 1106 if (GET_U_1(pptr) == NLPID_CLNP) { 1107 ND_PRINT("\n\t-----original packet-----\n\t"); 1108 /* FIXME recursion protection */ 1109 clnp_print(ndo, pptr, length - li); 1110 break; 1111 } 1112 1113 /* The cases above break from the switch block if they see and print 1114 * a CLNP header in the Data part. For an Error Report PDU this is 1115 * described in Section 7.9.6 of ITU X.233 (1997 E), also known as 1116 * ISO/IEC 8473-1:1998(E). It is not clear why in this code the same 1117 * applies to an Echo Response PDU, as the standard does not specify 1118 * the contents -- could be a proprietary extension or a bug. In either 1119 * case, if the Data part does not contain a CLNP header, its structure 1120 * is considered unknown and the decoding falls through to print the 1121 * contents as-is. 1122 */ 1123 ND_FALL_THROUGH; 1124 1125 case CLNP_PDU_DT: 1126 case CLNP_PDU_MD: 1127 case CLNP_PDU_ERQ: 1128 1129 default: 1130 /* dump the PDU specific data */ 1131 if (length > ND_BYTES_BETWEEN(optr, pptr)) { 1132 ND_PRINT("\n\t undecoded non-header data, length %u", length-li); 1133 print_unknown_data(ndo, pptr, "\n\t ", 1134 length - ND_BYTES_BETWEEN(optr, pptr)); 1135 } 1136 } 1137 1138 return (1); 1139 1140 trunc: 1141 nd_print_trunc(ndo); 1142 return (1); 1143 1144 } 1145 1146 1147 #define ESIS_PDU_REDIRECT 6 1148 #define ESIS_PDU_ESH 2 1149 #define ESIS_PDU_ISH 4 1150 1151 static const struct tok esis_pdu_values[] = { 1152 { ESIS_PDU_REDIRECT, "redirect"}, 1153 { ESIS_PDU_ESH, "ESH"}, 1154 { ESIS_PDU_ISH, "ISH"}, 1155 { 0, NULL } 1156 }; 1157 1158 struct esis_header_t { 1159 nd_uint8_t nlpid; 1160 nd_uint8_t length_indicator; 1161 nd_uint8_t version; 1162 nd_byte reserved; 1163 nd_uint8_t type; 1164 nd_uint16_t holdtime; 1165 nd_uint16_t cksum; 1166 }; 1167 1168 static void 1169 esis_print(netdissect_options *ndo, 1170 const uint8_t *pptr, u_int length) 1171 { 1172 const uint8_t *optr; 1173 u_int li, version, esis_pdu_type, source_address_length, source_address_number; 1174 const struct esis_header_t *esis_header; 1175 1176 ndo->ndo_protocol = "esis"; 1177 if (!ndo->ndo_eflag) 1178 ND_PRINT("ES-IS"); 1179 1180 if (length <= 2) { 1181 ND_PRINT(ndo->ndo_qflag ? "bad pkt!" : "no header at all!"); 1182 return; 1183 } 1184 1185 esis_header = (const struct esis_header_t *) pptr; 1186 ND_TCHECK_SIZE(esis_header); 1187 li = GET_U_1(esis_header->length_indicator); 1188 optr = pptr; 1189 1190 /* 1191 * Sanity checking of the header. 1192 */ 1193 1194 if (GET_U_1(esis_header->nlpid) != NLPID_ESIS) { 1195 ND_PRINT(" nlpid 0x%02x packet not supported", 1196 GET_U_1(esis_header->nlpid)); 1197 return; 1198 } 1199 1200 version = GET_U_1(esis_header->version); 1201 if (version != ESIS_VERSION) { 1202 ND_PRINT(" version %u packet not supported", version); 1203 return; 1204 } 1205 1206 if (li > length) { 1207 ND_PRINT(" length indicator(%u) > PDU size (%u)!", li, length); 1208 return; 1209 } 1210 1211 if (li < sizeof(struct esis_header_t) + 2) { 1212 ND_PRINT(" length indicator %u < min PDU size:", li); 1213 while (pptr < ndo->ndo_snapend) { 1214 ND_PRINT("%02X", GET_U_1(pptr)); 1215 pptr++; 1216 } 1217 return; 1218 } 1219 1220 esis_pdu_type = GET_U_1(esis_header->type) & ESIS_PDU_TYPE_MASK; 1221 1222 if (ndo->ndo_vflag < 1) { 1223 ND_PRINT("%s%s, length %u", 1224 ndo->ndo_eflag ? "" : ", ", 1225 tok2str(esis_pdu_values,"unknown type (%u)",esis_pdu_type), 1226 length); 1227 return; 1228 } else 1229 ND_PRINT("%slength %u\n\t%s (%u)", 1230 ndo->ndo_eflag ? "" : ", ", 1231 length, 1232 tok2str(esis_pdu_values,"unknown type: %u", esis_pdu_type), 1233 esis_pdu_type); 1234 1235 ND_PRINT(", v: %u%s", version, version == ESIS_VERSION ? "" : "unsupported" ); 1236 ND_PRINT(", checksum: 0x%04x", GET_BE_U_2(esis_header->cksum)); 1237 1238 osi_print_cksum(ndo, pptr, GET_BE_U_2(esis_header->cksum), 7, 1239 li); 1240 1241 ND_PRINT(", holding time: %us, length indicator: %u", 1242 GET_BE_U_2(esis_header->holdtime), li); 1243 1244 if (ndo->ndo_vflag > 1) 1245 print_unknown_data(ndo, optr, "\n\t", sizeof(struct esis_header_t)); 1246 1247 pptr += sizeof(struct esis_header_t); 1248 li -= sizeof(struct esis_header_t); 1249 1250 switch (esis_pdu_type) { 1251 case ESIS_PDU_REDIRECT: { 1252 const uint8_t *dst, *snpa, *neta; 1253 u_int dstl, snpal, netal; 1254 1255 ND_TCHECK_1(pptr); 1256 if (li < 1) { 1257 ND_PRINT(", bad redirect/li"); 1258 return; 1259 } 1260 dstl = GET_U_1(pptr); 1261 pptr++; 1262 li--; 1263 ND_TCHECK_LEN(pptr, dstl); 1264 if (li < dstl) { 1265 ND_PRINT(", bad redirect/li"); 1266 return; 1267 } 1268 dst = pptr; 1269 pptr += dstl; 1270 li -= dstl; 1271 ND_PRINT("\n\t %s", GET_ISONSAP_STRING(dst, dstl)); 1272 1273 ND_TCHECK_1(pptr); 1274 if (li < 1) { 1275 ND_PRINT(", bad redirect/li"); 1276 return; 1277 } 1278 snpal = GET_U_1(pptr); 1279 pptr++; 1280 li--; 1281 ND_TCHECK_LEN(pptr, snpal); 1282 if (li < snpal) { 1283 ND_PRINT(", bad redirect/li"); 1284 return; 1285 } 1286 snpa = pptr; 1287 pptr += snpal; 1288 li -= snpal; 1289 ND_TCHECK_1(pptr); 1290 if (li < 1) { 1291 ND_PRINT(", bad redirect/li"); 1292 return; 1293 } 1294 netal = GET_U_1(pptr); 1295 pptr++; 1296 ND_TCHECK_LEN(pptr, netal); 1297 if (li < netal) { 1298 ND_PRINT(", bad redirect/li"); 1299 return; 1300 } 1301 neta = pptr; 1302 pptr += netal; 1303 li -= netal; 1304 1305 if (snpal == MAC_ADDR_LEN) 1306 ND_PRINT("\n\t SNPA (length: %u): %s", 1307 snpal, 1308 GET_ETHERADDR_STRING(snpa)); 1309 else 1310 ND_PRINT("\n\t SNPA (length: %u): %s", 1311 snpal, 1312 GET_LINKADDR_STRING(snpa, LINKADDR_OTHER, snpal)); 1313 if (netal != 0) 1314 ND_PRINT("\n\t NET (length: %u) %s", 1315 netal, 1316 GET_ISONSAP_STRING(neta, netal)); 1317 break; 1318 } 1319 1320 case ESIS_PDU_ESH: 1321 ND_TCHECK_1(pptr); 1322 if (li < 1) { 1323 ND_PRINT(", bad esh/li"); 1324 return; 1325 } 1326 source_address_number = GET_U_1(pptr); 1327 pptr++; 1328 li--; 1329 1330 ND_PRINT("\n\t Number of Source Addresses: %u", source_address_number); 1331 1332 while (source_address_number > 0) { 1333 ND_TCHECK_1(pptr); 1334 if (li < 1) { 1335 ND_PRINT(", bad esh/li"); 1336 return; 1337 } 1338 source_address_length = GET_U_1(pptr); 1339 pptr++; 1340 li--; 1341 1342 ND_TCHECK_LEN(pptr, source_address_length); 1343 if (li < source_address_length) { 1344 ND_PRINT(", bad esh/li"); 1345 return; 1346 } 1347 ND_PRINT("\n\t NET (length: %u): %s", 1348 source_address_length, 1349 GET_ISONSAP_STRING(pptr, source_address_length)); 1350 pptr += source_address_length; 1351 li -= source_address_length; 1352 source_address_number--; 1353 } 1354 1355 break; 1356 1357 case ESIS_PDU_ISH: { 1358 ND_TCHECK_1(pptr); 1359 if (li < 1) { 1360 ND_PRINT(", bad ish/li"); 1361 return; 1362 } 1363 source_address_length = GET_U_1(pptr); 1364 pptr++; 1365 li--; 1366 ND_TCHECK_LEN(pptr, source_address_length); 1367 if (li < source_address_length) { 1368 ND_PRINT(", bad ish/li"); 1369 return; 1370 } 1371 ND_PRINT("\n\t NET (length: %u): %s", source_address_length, GET_ISONSAP_STRING(pptr, source_address_length)); 1372 pptr += source_address_length; 1373 li -= source_address_length; 1374 break; 1375 } 1376 1377 default: 1378 if (ndo->ndo_vflag <= 1) { 1379 /* 1380 * If there's at least one byte to print, print 1381 * it/them. 1382 */ 1383 if (ND_TTEST_LEN(pptr, 1)) 1384 print_unknown_data(ndo, pptr, "\n\t ", ND_BYTES_AVAILABLE_AFTER(pptr)); 1385 } 1386 return; 1387 } 1388 1389 /* now walk the options */ 1390 while (li != 0) { 1391 u_int op, opli; 1392 const uint8_t *tptr; 1393 1394 if (li < 2) { 1395 ND_PRINT(", bad opts/li"); 1396 return; 1397 } 1398 op = GET_U_1(pptr); 1399 opli = GET_U_1(pptr + 1); 1400 pptr += 2; 1401 li -= 2; 1402 if (opli > li) { 1403 ND_PRINT(", opt (%u) too long", op); 1404 return; 1405 } 1406 li -= opli; 1407 tptr = pptr; 1408 1409 ND_PRINT("\n\t %s Option #%u, length %u, value: ", 1410 tok2str(esis_option_values,"Unknown",op), 1411 op, 1412 opli); 1413 1414 switch (op) { 1415 1416 case ESIS_OPTION_ES_CONF_TIME: 1417 if (opli == 2) { 1418 ND_TCHECK_2(pptr); 1419 ND_PRINT("%us", GET_BE_U_2(tptr)); 1420 } else 1421 ND_PRINT("(bad length)"); 1422 break; 1423 1424 case ESIS_OPTION_PROTOCOLS: 1425 while (opli>0) { 1426 ND_PRINT("%s (0x%02x)", 1427 tok2str(nlpid_values, 1428 "unknown", 1429 GET_U_1(tptr)), 1430 GET_U_1(tptr)); 1431 if (opli>1) /* further NPLIDs ? - put comma */ 1432 ND_PRINT(", "); 1433 tptr++; 1434 opli--; 1435 } 1436 break; 1437 1438 /* 1439 * FIXME those are the defined Options that lack a decoder 1440 * you are welcome to contribute code ;-) 1441 */ 1442 1443 case ESIS_OPTION_QOS_MAINTENANCE: 1444 case ESIS_OPTION_SECURITY: 1445 case ESIS_OPTION_PRIORITY: 1446 case ESIS_OPTION_ADDRESS_MASK: 1447 case ESIS_OPTION_SNPA_MASK: 1448 1449 default: 1450 print_unknown_data(ndo, tptr, "\n\t ", opli); 1451 break; 1452 } 1453 if (ndo->ndo_vflag > 1) 1454 print_unknown_data(ndo, pptr, "\n\t ", opli); 1455 pptr += opli; 1456 } 1457 return; 1458 1459 trunc: 1460 nd_print_trunc(ndo); 1461 } 1462 1463 static void 1464 isis_print_mcid(netdissect_options *ndo, 1465 const struct isis_spb_mcid *mcid) 1466 { 1467 int i; 1468 1469 ND_TCHECK_SIZE(mcid); 1470 ND_PRINT("ID: %u, Name: ", GET_U_1(mcid->format_id)); 1471 1472 nd_printjnp(ndo, mcid->name, sizeof(mcid->name)); 1473 1474 ND_PRINT("\n\t Lvl: %u", GET_BE_U_2(mcid->revision_lvl)); 1475 1476 ND_PRINT(", Digest: "); 1477 1478 for(i=0;i<16;i++) 1479 ND_PRINT("%.2x ", mcid->digest[i]); 1480 return; 1481 1482 trunc: 1483 nd_print_trunc(ndo); 1484 } 1485 1486 static int 1487 isis_print_mt_port_cap_subtlv(netdissect_options *ndo, 1488 const uint8_t *tptr, u_int len) 1489 { 1490 u_int stlv_type, stlv_len; 1491 const struct isis_subtlv_spb_mcid *subtlv_spb_mcid; 1492 int i; 1493 1494 while (len > 2) { 1495 stlv_type = GET_U_1(tptr); 1496 stlv_len = GET_U_1(tptr + 1); 1497 1498 /* first lets see if we know the subTLVs name*/ 1499 ND_PRINT("\n\t %s subTLV #%u, length: %u", 1500 tok2str(isis_mt_port_cap_subtlv_values, "unknown", stlv_type), 1501 stlv_type, 1502 stlv_len); 1503 1504 tptr += 2; 1505 /*len -= TLV_TYPE_LEN_OFFSET;*/ 1506 len -= 2; 1507 1508 /* Make sure the subTLV fits within the space left */ 1509 if (len < stlv_len) 1510 goto subtlv_too_long; 1511 /* Make sure the entire subTLV is in the captured data */ 1512 ND_TCHECK_LEN(tptr, stlv_len); 1513 1514 switch (stlv_type) { 1515 case ISIS_SUBTLV_SPB_MCID: 1516 { 1517 if (stlv_len < ISIS_SUBTLV_SPB_MCID_MIN_LEN) 1518 goto subtlv_too_short; 1519 1520 subtlv_spb_mcid = (const struct isis_subtlv_spb_mcid *)tptr; 1521 1522 ND_PRINT("\n\t MCID: "); 1523 isis_print_mcid(ndo, &(subtlv_spb_mcid->mcid)); 1524 1525 /*tptr += SPB_MCID_MIN_LEN; 1526 len -= SPB_MCID_MIN_LEN; */ 1527 1528 ND_PRINT("\n\t AUX-MCID: "); 1529 isis_print_mcid(ndo, &(subtlv_spb_mcid->aux_mcid)); 1530 1531 /*tptr += SPB_MCID_MIN_LEN; 1532 len -= SPB_MCID_MIN_LEN; */ 1533 tptr += ISIS_SUBTLV_SPB_MCID_MIN_LEN; 1534 len -= ISIS_SUBTLV_SPB_MCID_MIN_LEN; 1535 stlv_len -= ISIS_SUBTLV_SPB_MCID_MIN_LEN; 1536 1537 break; 1538 } 1539 1540 case ISIS_SUBTLV_SPB_DIGEST: 1541 { 1542 if (stlv_len < ISIS_SUBTLV_SPB_DIGEST_MIN_LEN) 1543 goto subtlv_too_short; 1544 1545 ND_PRINT("\n\t RES: %u V: %u A: %u D: %u", 1546 (GET_U_1(tptr) >> 5), 1547 ((GET_U_1(tptr) >> 4) & 0x01), 1548 ((GET_U_1(tptr) >> 2) & 0x03), 1549 (GET_U_1(tptr) & 0x03)); 1550 1551 tptr++; 1552 1553 ND_PRINT("\n\t Digest: "); 1554 1555 for(i=1;i<=8; i++) { 1556 ND_PRINT("%08x ", GET_BE_U_4(tptr)); 1557 if (i%4 == 0 && i != 8) 1558 ND_PRINT("\n\t "); 1559 tptr += 4; 1560 } 1561 1562 len -= ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; 1563 stlv_len -= ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; 1564 1565 break; 1566 } 1567 1568 case ISIS_SUBTLV_SPB_BVID: 1569 { 1570 while (stlv_len != 0) { 1571 if (stlv_len < 4) 1572 goto subtlv_too_short; 1573 ND_PRINT("\n\t ECT: %08x", 1574 GET_BE_U_4(tptr)); 1575 1576 tptr += 4; 1577 len -= 4; 1578 stlv_len -= 4; 1579 1580 if (stlv_len < 2) 1581 goto subtlv_too_short; 1582 ND_PRINT(" BVID: %u, U:%01x M:%01x ", 1583 (GET_BE_U_2(tptr) >> 4) , 1584 (GET_BE_U_2(tptr) >> 3) & 0x01, 1585 (GET_BE_U_2(tptr) >> 2) & 0x01); 1586 1587 tptr += 2; 1588 len -= 2; 1589 stlv_len -= 2; 1590 } 1591 1592 break; 1593 } 1594 1595 default: 1596 break; 1597 } 1598 tptr += stlv_len; 1599 len -= stlv_len; 1600 } 1601 return (0); 1602 1603 trunc: 1604 nd_print_trunc(ndo); 1605 return (1); 1606 1607 subtlv_too_long: 1608 ND_PRINT(" (> containing TLV length)"); 1609 return (1); 1610 1611 subtlv_too_short: 1612 ND_PRINT(" (too short)"); 1613 return (1); 1614 } 1615 1616 static int 1617 isis_print_mt_capability_subtlv(netdissect_options *ndo, 1618 const uint8_t *tptr, u_int len) 1619 { 1620 u_int stlv_type, stlv_len, treecount; 1621 1622 while (len > 2) { 1623 stlv_type = GET_U_1(tptr); 1624 stlv_len = GET_U_1(tptr + 1); 1625 tptr += 2; 1626 len -= 2; 1627 1628 /* first lets see if we know the subTLVs name*/ 1629 ND_PRINT("\n\t %s subTLV #%u, length: %u", 1630 tok2str(isis_mt_capability_subtlv_values, "unknown", stlv_type), 1631 stlv_type, 1632 stlv_len); 1633 1634 /* Make sure the subTLV fits within the space left */ 1635 if (len < stlv_len) 1636 goto subtlv_too_long; 1637 /* Make sure the entire subTLV is in the captured data */ 1638 ND_TCHECK_LEN(tptr, stlv_len); 1639 1640 switch (stlv_type) { 1641 case ISIS_SUBTLV_SPB_INSTANCE: 1642 if (stlv_len < ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN) 1643 goto subtlv_too_short; 1644 1645 ND_PRINT("\n\t CIST Root-ID: %08x", GET_BE_U_4(tptr)); 1646 tptr += 4; 1647 ND_PRINT(" %08x", GET_BE_U_4(tptr)); 1648 tptr += 4; 1649 ND_PRINT(", Path Cost: %08x", GET_BE_U_4(tptr)); 1650 tptr += 4; 1651 ND_PRINT(", Prio: %u", GET_BE_U_2(tptr)); 1652 tptr += 2; 1653 ND_PRINT("\n\t RES: %u", 1654 GET_BE_U_2(tptr) >> 5); 1655 ND_PRINT(", V: %u", 1656 (GET_BE_U_2(tptr) >> 4) & 0x0001); 1657 ND_PRINT(", SPSource-ID: %u", 1658 (GET_BE_U_4(tptr) & 0x000fffff)); 1659 tptr += 4; 1660 ND_PRINT(", No of Trees: %x", GET_U_1(tptr)); 1661 1662 treecount = GET_U_1(tptr); 1663 tptr++; 1664 1665 len -= ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; 1666 stlv_len -= ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; 1667 1668 while (treecount) { 1669 if (stlv_len < ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN) 1670 goto trunc; 1671 1672 ND_PRINT("\n\t U:%u, M:%u, A:%u, RES:%u", 1673 GET_U_1(tptr) >> 7, 1674 (GET_U_1(tptr) >> 6) & 0x01, 1675 (GET_U_1(tptr) >> 5) & 0x01, 1676 (GET_U_1(tptr) & 0x1f)); 1677 1678 tptr++; 1679 1680 ND_PRINT(", ECT: %08x", GET_BE_U_4(tptr)); 1681 1682 tptr += 4; 1683 1684 ND_PRINT(", BVID: %u, SPVID: %u", 1685 (GET_BE_U_3(tptr) >> 12) & 0x000fff, 1686 GET_BE_U_3(tptr) & 0x000fff); 1687 1688 tptr += 3; 1689 len -= ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; 1690 stlv_len -= ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; 1691 treecount--; 1692 } 1693 1694 break; 1695 1696 case ISIS_SUBTLV_SPBM_SI: 1697 if (stlv_len < 8) 1698 goto trunc; 1699 1700 ND_PRINT("\n\t BMAC: %08x", GET_BE_U_4(tptr)); 1701 tptr += 4; 1702 ND_PRINT("%04x", GET_BE_U_2(tptr)); 1703 tptr += 2; 1704 1705 ND_PRINT(", RES: %u, VID: %u", GET_BE_U_2(tptr) >> 12, 1706 (GET_BE_U_2(tptr)) & 0x0fff); 1707 1708 tptr += 2; 1709 len -= 8; 1710 stlv_len -= 8; 1711 1712 while (stlv_len >= 4) { 1713 ND_PRINT("\n\t T: %u, R: %u, RES: %u, ISID: %u", 1714 (GET_BE_U_4(tptr) >> 31), 1715 (GET_BE_U_4(tptr) >> 30) & 0x01, 1716 (GET_BE_U_4(tptr) >> 24) & 0x03f, 1717 (GET_BE_U_4(tptr)) & 0x0ffffff); 1718 1719 tptr += 4; 1720 len -= 4; 1721 stlv_len -= 4; 1722 } 1723 1724 break; 1725 1726 default: 1727 break; 1728 } 1729 tptr += stlv_len; 1730 len -= stlv_len; 1731 } 1732 return (0); 1733 1734 trunc: 1735 nd_print_trunc(ndo); 1736 return (1); 1737 1738 subtlv_too_long: 1739 ND_PRINT(" (> containing TLV length)"); 1740 return (1); 1741 1742 subtlv_too_short: 1743 ND_PRINT(" (too short)"); 1744 return (1); 1745 } 1746 1747 /* shared routine for printing system, node and lsp-ids */ 1748 static char * 1749 isis_print_id(netdissect_options *ndo, const uint8_t *cp, u_int id_len) 1750 { 1751 u_int i; 1752 static char id[sizeof("xxxx.xxxx.xxxx.yy-zz")]; 1753 char *pos = id; 1754 u_int sysid_len; 1755 1756 sysid_len = SYSTEM_ID_LEN; 1757 if (sysid_len > id_len) 1758 sysid_len = id_len; 1759 for (i = 1; i <= sysid_len; i++) { 1760 snprintf(pos, sizeof(id) - (pos - id), "%02x", GET_U_1(cp)); 1761 cp++; 1762 pos += strlen(pos); 1763 if (i == 2 || i == 4) 1764 *pos++ = '.'; 1765 } 1766 if (id_len >= NODE_ID_LEN) { 1767 snprintf(pos, sizeof(id) - (pos - id), ".%02x", GET_U_1(cp)); 1768 cp++; 1769 pos += strlen(pos); 1770 } 1771 if (id_len == LSP_ID_LEN) 1772 snprintf(pos, sizeof(id) - (pos - id), "-%02x", GET_U_1(cp)); 1773 return (id); 1774 } 1775 1776 /* print the 4-byte metric block which is common found in the old-style TLVs */ 1777 static int 1778 isis_print_metric_block(netdissect_options *ndo, 1779 const struct isis_metric_block *isis_metric_block) 1780 { 1781 ND_PRINT(", Default Metric: %u, %s", 1782 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_default), 1783 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_default) ? "External" : "Internal"); 1784 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_delay)) 1785 ND_PRINT("\n\t\t Delay Metric: %u, %s", 1786 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_delay), 1787 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_delay) ? "External" : "Internal"); 1788 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_expense)) 1789 ND_PRINT("\n\t\t Expense Metric: %u, %s", 1790 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_expense), 1791 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_expense) ? "External" : "Internal"); 1792 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(isis_metric_block->metric_error)) 1793 ND_PRINT("\n\t\t Error Metric: %u, %s", 1794 ISIS_LSP_TLV_METRIC_VALUE(isis_metric_block->metric_error), 1795 ISIS_LSP_TLV_METRIC_IE(isis_metric_block->metric_error) ? "External" : "Internal"); 1796 1797 return(1); /* everything is ok */ 1798 } 1799 1800 static int 1801 isis_print_tlv_ip_reach(netdissect_options *ndo, 1802 const uint8_t *cp, const char *ident, u_int length) 1803 { 1804 int prefix_len; 1805 const struct isis_tlv_ip_reach *tlv_ip_reach; 1806 1807 tlv_ip_reach = (const struct isis_tlv_ip_reach *)cp; 1808 1809 while (length > 0) { 1810 if ((size_t)length < sizeof(*tlv_ip_reach)) { 1811 ND_PRINT("short IPv4 Reachability (%u vs %zu)", 1812 length, 1813 sizeof(*tlv_ip_reach)); 1814 return (0); 1815 } 1816 1817 ND_TCHECK_SIZE(tlv_ip_reach); 1818 1819 prefix_len = mask2plen(GET_IPV4_TO_HOST_ORDER(tlv_ip_reach->mask)); 1820 1821 if (prefix_len == -1) 1822 ND_PRINT("%sIPv4 prefix: %s mask %s", 1823 ident, 1824 GET_IPADDR_STRING(tlv_ip_reach->prefix), 1825 GET_IPADDR_STRING(tlv_ip_reach->mask)); 1826 else 1827 ND_PRINT("%sIPv4 prefix: %15s/%u", 1828 ident, 1829 GET_IPADDR_STRING(tlv_ip_reach->prefix), 1830 prefix_len); 1831 1832 ND_PRINT(", Distribution: %s, Metric: %u, %s", 1833 ISIS_LSP_TLV_METRIC_UPDOWN(tlv_ip_reach->isis_metric_block.metric_default) ? "down" : "up", 1834 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_default), 1835 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_default) ? "External" : "Internal"); 1836 1837 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_delay)) 1838 ND_PRINT("%s Delay Metric: %u, %s", 1839 ident, 1840 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_delay), 1841 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_delay) ? "External" : "Internal"); 1842 1843 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_expense)) 1844 ND_PRINT("%s Expense Metric: %u, %s", 1845 ident, 1846 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_expense), 1847 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_expense) ? "External" : "Internal"); 1848 1849 if (!ISIS_LSP_TLV_METRIC_SUPPORTED(tlv_ip_reach->isis_metric_block.metric_error)) 1850 ND_PRINT("%s Error Metric: %u, %s", 1851 ident, 1852 ISIS_LSP_TLV_METRIC_VALUE(tlv_ip_reach->isis_metric_block.metric_error), 1853 ISIS_LSP_TLV_METRIC_IE(tlv_ip_reach->isis_metric_block.metric_error) ? "External" : "Internal"); 1854 1855 length -= sizeof(struct isis_tlv_ip_reach); 1856 tlv_ip_reach++; 1857 } 1858 return (1); 1859 trunc: 1860 return 0; 1861 } 1862 1863 /* 1864 * this is the common IP-REACH subTLV decoder it is called 1865 * from various EXTD-IP REACH TLVs (135,235,236,237) 1866 */ 1867 1868 static int 1869 isis_print_ip_reach_subtlv(netdissect_options *ndo, 1870 const uint8_t *tptr, u_int subt, u_int subl, 1871 const char *ident) 1872 { 1873 /* first lets see if we know the subTLVs name*/ 1874 ND_PRINT("%s%s subTLV #%u, length: %u", 1875 ident, tok2str(isis_ext_ip_reach_subtlv_values, "unknown", subt), 1876 subt, subl); 1877 1878 ND_TCHECK_LEN(tptr, subl); 1879 1880 switch(subt) { 1881 case ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR: /* fall through */ 1882 case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32: 1883 while (subl >= 4) { 1884 ND_PRINT(", 0x%08x (=%u)", 1885 GET_BE_U_4(tptr), 1886 GET_BE_U_4(tptr)); 1887 tptr+=4; 1888 subl-=4; 1889 } 1890 break; 1891 case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64: 1892 while (subl >= 8) { 1893 ND_PRINT(", 0x%08x%08x", 1894 GET_BE_U_4(tptr), 1895 GET_BE_U_4(tptr + 4)); 1896 tptr+=8; 1897 subl-=8; 1898 } 1899 break; 1900 case ISIS_SUBTLV_EXTD_IP_REACH_PREFIX_SID: 1901 { 1902 uint8_t algo, flags; 1903 uint32_t sid; 1904 1905 flags = GET_U_1(tptr); 1906 algo = GET_U_1(tptr+1); 1907 1908 if (flags & ISIS_PREFIX_SID_FLAG_V) { 1909 if (subl < 5) 1910 goto trunc; 1911 sid = GET_BE_U_3(tptr+2); 1912 tptr+=5; 1913 subl-=5; 1914 } else { 1915 if (subl < 6) 1916 goto trunc; 1917 sid = GET_BE_U_4(tptr+2); 1918 tptr+=6; 1919 subl-=6; 1920 } 1921 1922 ND_PRINT(", Flags [%s], Algo %s (%u), %s %u", 1923 bittok2str(prefix_sid_flag_values, "None", flags), 1924 tok2str(prefix_sid_algo_values, "Unknown", algo), algo, 1925 flags & ISIS_PREFIX_SID_FLAG_V ? "label" : "index", 1926 sid); 1927 } 1928 break; 1929 default: 1930 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) 1931 return(0); 1932 break; 1933 } 1934 return(1); 1935 1936 trunc: 1937 nd_print_trunc(ndo); 1938 return(0); 1939 } 1940 1941 /* 1942 * this is the common IS-REACH decoder it is called 1943 * from various EXTD-IS REACH style TLVs (22,24,222) 1944 */ 1945 1946 static int 1947 isis_print_ext_is_reach(netdissect_options *ndo, 1948 const uint8_t *tptr, const char *ident, u_int tlv_type, 1949 u_int tlv_remaining) 1950 { 1951 char ident_buffer[20]; 1952 u_int subtlv_type,subtlv_len,subtlv_sum_len; 1953 int proc_bytes = 0; /* how many bytes did we process ? */ 1954 u_int te_class,priority_level,gmpls_switch_cap; 1955 union { /* int to float conversion buffer for several subTLVs */ 1956 float f; 1957 uint32_t i; 1958 } bw; 1959 1960 ND_TCHECK_LEN(tptr, NODE_ID_LEN); 1961 if (tlv_remaining < NODE_ID_LEN) 1962 return(0); 1963 1964 ND_PRINT("%sIS Neighbor: %s", ident, isis_print_id(ndo, tptr, NODE_ID_LEN)); 1965 tptr+=NODE_ID_LEN; 1966 tlv_remaining-=NODE_ID_LEN; 1967 proc_bytes+=NODE_ID_LEN; 1968 1969 if (tlv_type != ISIS_TLV_IS_ALIAS_ID) { /* the Alias TLV Metric field is implicit 0 */ 1970 ND_TCHECK_3(tptr); 1971 if (tlv_remaining < 3) 1972 return(0); 1973 ND_PRINT(", Metric: %u", GET_BE_U_3(tptr)); 1974 tptr+=3; 1975 tlv_remaining-=3; 1976 proc_bytes+=3; 1977 } 1978 1979 ND_TCHECK_1(tptr); 1980 if (tlv_remaining < 1) 1981 return(0); 1982 subtlv_sum_len=GET_U_1(tptr); /* read out subTLV length */ 1983 tptr++; 1984 tlv_remaining--; 1985 proc_bytes++; 1986 ND_PRINT(", %ssub-TLVs present",subtlv_sum_len ? "" : "no "); 1987 if (subtlv_sum_len) { 1988 ND_PRINT(" (%u)", subtlv_sum_len); 1989 /* prepend the indent string */ 1990 snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); 1991 ident = ident_buffer; 1992 while (subtlv_sum_len != 0) { 1993 ND_TCHECK_2(tptr); 1994 if (tlv_remaining < 2) { 1995 ND_PRINT("%sRemaining data in TLV shorter than a subTLV header",ident); 1996 proc_bytes += tlv_remaining; 1997 break; 1998 } 1999 if (subtlv_sum_len < 2) { 2000 ND_PRINT("%sRemaining data in subTLVs shorter than a subTLV header",ident); 2001 proc_bytes += subtlv_sum_len; 2002 break; 2003 } 2004 subtlv_type=GET_U_1(tptr); 2005 subtlv_len=GET_U_1(tptr + 1); 2006 tptr += 2; 2007 tlv_remaining -= 2; 2008 subtlv_sum_len -= 2; 2009 proc_bytes += 2; 2010 ND_PRINT("%s%s subTLV #%u, length: %u", 2011 ident, tok2str(isis_ext_is_reach_subtlv_values, "unknown", subtlv_type), 2012 subtlv_type, subtlv_len); 2013 2014 if (subtlv_sum_len < subtlv_len) { 2015 ND_PRINT(" (remaining data in subTLVs shorter than the current subTLV)"); 2016 proc_bytes += subtlv_sum_len; 2017 break; 2018 } 2019 2020 if (tlv_remaining < subtlv_len) { 2021 ND_PRINT(" (> remaining tlv length)"); 2022 proc_bytes += tlv_remaining; 2023 break; 2024 } 2025 2026 ND_TCHECK_LEN(tptr, subtlv_len); 2027 2028 switch(subtlv_type) { 2029 case ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP: 2030 case ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID: 2031 case ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID: 2032 if (subtlv_len >= 4) { 2033 ND_PRINT(", 0x%08x", GET_BE_U_4(tptr)); 2034 if (subtlv_len == 8) /* rfc4205 */ 2035 ND_PRINT(", 0x%08x", GET_BE_U_4(tptr + 4)); 2036 } 2037 break; 2038 case ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR: 2039 case ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR: 2040 if (subtlv_len >= sizeof(nd_ipv4)) 2041 ND_PRINT(", %s", GET_IPADDR_STRING(tptr)); 2042 break; 2043 case ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW : 2044 case ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW: 2045 if (subtlv_len >= 4) { 2046 bw.i = GET_BE_U_4(tptr); 2047 ND_PRINT(", %.3f Mbps", bw.f * 8 / 1000000); 2048 } 2049 break; 2050 case ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW : 2051 if (subtlv_len >= 32) { 2052 for (te_class = 0; te_class < 8; te_class++) { 2053 bw.i = GET_BE_U_4(tptr); 2054 ND_PRINT("%s TE-Class %u: %.3f Mbps", 2055 ident, 2056 te_class, 2057 bw.f * 8 / 1000000); 2058 tptr += 4; 2059 subtlv_len -= 4; 2060 subtlv_sum_len -= 4; 2061 proc_bytes += 4; 2062 } 2063 } 2064 break; 2065 case ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS: /* fall through */ 2066 case ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD: 2067 if (subtlv_len == 0) 2068 break; 2069 ND_PRINT("%sBandwidth Constraints Model ID: %s (%u)", 2070 ident, 2071 tok2str(diffserv_te_bc_values, "unknown", GET_U_1(tptr)), 2072 GET_U_1(tptr)); 2073 tptr++; 2074 subtlv_len--; 2075 subtlv_sum_len--; 2076 proc_bytes++; 2077 /* decode BCs until the subTLV ends */ 2078 for (te_class = 0; subtlv_len != 0; te_class++) { 2079 if (subtlv_len < 4) 2080 break; 2081 bw.i = GET_BE_U_4(tptr); 2082 ND_PRINT("%s Bandwidth constraint CT%u: %.3f Mbps", 2083 ident, 2084 te_class, 2085 bw.f * 8 / 1000000); 2086 tptr += 4; 2087 subtlv_len -= 4; 2088 subtlv_sum_len -= 4; 2089 proc_bytes += 4; 2090 } 2091 break; 2092 case ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC: 2093 if (subtlv_len >= 3) 2094 ND_PRINT(", %u", GET_BE_U_3(tptr)); 2095 break; 2096 case ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE: 2097 if (subtlv_len == 2) { 2098 ND_PRINT(", [ %s ] (0x%04x)", 2099 bittok2str(isis_subtlv_link_attribute_values, 2100 "Unknown", 2101 GET_BE_U_2(tptr)), 2102 GET_BE_U_2(tptr)); 2103 } 2104 break; 2105 case ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE: 2106 if (subtlv_len >= 2) { 2107 ND_PRINT(", %s, Priority %u", 2108 bittok2str(gmpls_link_prot_values, "none", GET_U_1(tptr)), 2109 GET_U_1(tptr + 1)); 2110 } 2111 break; 2112 case ISIS_SUBTLV_SPB_METRIC: 2113 if (subtlv_len >= 6) { 2114 ND_PRINT(", LM: %u", GET_BE_U_3(tptr)); 2115 tptr += 3; 2116 subtlv_len -= 3; 2117 subtlv_sum_len -= 3; 2118 proc_bytes += 3; 2119 ND_PRINT(", P: %u", GET_U_1(tptr)); 2120 tptr++; 2121 subtlv_len--; 2122 subtlv_sum_len--; 2123 proc_bytes++; 2124 ND_PRINT(", P-ID: %u", GET_BE_U_2(tptr)); 2125 } 2126 break; 2127 case ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR: 2128 if (subtlv_len >= 36) { 2129 gmpls_switch_cap = GET_U_1(tptr); 2130 ND_PRINT("%s Interface Switching Capability:%s", 2131 ident, 2132 tok2str(gmpls_switch_cap_values, "Unknown", gmpls_switch_cap)); 2133 ND_PRINT(", LSP Encoding: %s", 2134 tok2str(gmpls_encoding_values, "Unknown", GET_U_1((tptr + 1)))); 2135 tptr += 4; 2136 subtlv_len -= 4; 2137 subtlv_sum_len -= 4; 2138 proc_bytes += 4; 2139 ND_PRINT("%s Max LSP Bandwidth:", ident); 2140 for (priority_level = 0; priority_level < 8; priority_level++) { 2141 bw.i = GET_BE_U_4(tptr); 2142 ND_PRINT("%s priority level %u: %.3f Mbps", 2143 ident, 2144 priority_level, 2145 bw.f * 8 / 1000000); 2146 tptr += 4; 2147 subtlv_len -= 4; 2148 subtlv_sum_len -= 4; 2149 proc_bytes += 4; 2150 } 2151 switch (gmpls_switch_cap) { 2152 case GMPLS_PSC1: 2153 case GMPLS_PSC2: 2154 case GMPLS_PSC3: 2155 case GMPLS_PSC4: 2156 if (subtlv_len < 6) 2157 break; 2158 bw.i = GET_BE_U_4(tptr); 2159 ND_PRINT("%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000); 2160 ND_PRINT("%s Interface MTU: %u", ident, 2161 GET_BE_U_2(tptr + 4)); 2162 break; 2163 case GMPLS_TSC: 2164 if (subtlv_len < 8) 2165 break; 2166 bw.i = GET_BE_U_4(tptr); 2167 ND_PRINT("%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000); 2168 ND_PRINT("%s Indication %s", ident, 2169 tok2str(gmpls_switch_cap_tsc_indication_values, "Unknown (%u)", GET_U_1((tptr + 4)))); 2170 break; 2171 default: 2172 /* there is some optional stuff left to decode but this is as of yet 2173 not specified so just lets hexdump what is left */ 2174 if (subtlv_len != 0) { 2175 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subtlv_len)) 2176 return(0); 2177 } 2178 } 2179 } 2180 break; 2181 case ISIS_SUBTLV_EXT_IS_REACH_LAN_ADJ_SEGMENT_ID: 2182 if (subtlv_len >= 8) { 2183 ND_PRINT("%s Flags: [%s]", ident, 2184 bittok2str(isis_lan_adj_sid_flag_values, 2185 "none", 2186 GET_U_1(tptr))); 2187 int vflag = (GET_U_1(tptr) & 0x20) ? 1:0; 2188 int lflag = (GET_U_1(tptr) & 0x10) ? 1:0; 2189 tptr++; 2190 subtlv_len--; 2191 subtlv_sum_len--; 2192 proc_bytes++; 2193 ND_PRINT("%s Weight: %u", ident, GET_U_1(tptr)); 2194 tptr++; 2195 subtlv_len--; 2196 subtlv_sum_len--; 2197 proc_bytes++; 2198 if(subtlv_len>=SYSTEM_ID_LEN) { 2199 ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); 2200 ND_PRINT("%s Neighbor System-ID: %s", ident, 2201 isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); 2202 } 2203 /* RFC 8667 section 2.2.2 */ 2204 /* if V-flag is set to 1 and L-flag is set to 1 ==> 3 octet label */ 2205 /* if V-flag is set to 0 and L-flag is set to 0 ==> 4 octet index */ 2206 if (vflag && lflag) { 2207 ND_PRINT("%s Label: %u", 2208 ident, GET_BE_U_3(tptr+SYSTEM_ID_LEN)); 2209 } else if ((!vflag) && (!lflag)) { 2210 ND_PRINT("%s Index: %u", 2211 ident, GET_BE_U_4(tptr+SYSTEM_ID_LEN)); 2212 } else 2213 nd_print_invalid(ndo); 2214 } 2215 break; 2216 default: 2217 if (!print_unknown_data(ndo, tptr, "\n\t\t ", subtlv_len)) 2218 return(0); 2219 break; 2220 } 2221 2222 tptr += subtlv_len; 2223 tlv_remaining -= subtlv_len; 2224 subtlv_sum_len -= subtlv_len; 2225 proc_bytes += subtlv_len; 2226 } 2227 } 2228 return(proc_bytes); 2229 2230 trunc: 2231 return(0); 2232 } 2233 2234 /* 2235 * this is the common Multi Topology ID decoder 2236 * it is called from various MT-TLVs (222,229,235,237) 2237 */ 2238 2239 static uint8_t 2240 isis_print_mtid(netdissect_options *ndo, 2241 const uint8_t *tptr, const char *ident, u_int tlv_remaining) 2242 { 2243 if (tlv_remaining < 2) 2244 goto trunc; 2245 2246 ND_PRINT("%s%s", 2247 ident, 2248 tok2str(isis_mt_values, 2249 "Reserved for IETF Consensus", 2250 ISIS_MASK_MTID(GET_BE_U_2(tptr)))); 2251 2252 ND_PRINT(" Topology (0x%03x), Flags: [%s]", 2253 ISIS_MASK_MTID(GET_BE_U_2(tptr)), 2254 bittok2str(isis_mt_flag_values, "none",ISIS_MASK_MTFLAGS(GET_BE_U_2(tptr)))); 2255 2256 return(2); 2257 trunc: 2258 return 0; 2259 } 2260 2261 /* 2262 * this is the common extended IP reach decoder 2263 * it is called from TLVs (135,235,236,237) 2264 * we process the TLV and optional subTLVs and return 2265 * the amount of processed bytes 2266 */ 2267 2268 static u_int 2269 isis_print_extd_ip_reach(netdissect_options *ndo, 2270 const uint8_t *tptr, const char *ident, uint16_t afi) 2271 { 2272 char ident_buffer[20]; 2273 uint8_t prefix[sizeof(nd_ipv6)]; /* shared copy buffer for IPv4 and IPv6 prefixes */ 2274 u_int metric, status_byte, bit_length, byte_length, sublen, processed, subtlvtype, subtlvlen; 2275 2276 metric = GET_BE_U_4(tptr); 2277 processed=4; 2278 tptr+=4; 2279 2280 if (afi == AF_INET) { 2281 status_byte=GET_U_1(tptr); 2282 tptr++; 2283 bit_length = status_byte&0x3f; 2284 if (bit_length > 32) { 2285 ND_PRINT("%sIPv4 prefix: bad bit length %u", 2286 ident, 2287 bit_length); 2288 return (0); 2289 } 2290 processed++; 2291 } else if (afi == AF_INET6) { 2292 status_byte=GET_U_1(tptr); 2293 bit_length=GET_U_1(tptr + 1); 2294 if (bit_length > 128) { 2295 ND_PRINT("%sIPv6 prefix: bad bit length %u", 2296 ident, 2297 bit_length); 2298 return (0); 2299 } 2300 tptr+=2; 2301 processed+=2; 2302 } else 2303 return (0); /* somebody is fooling us */ 2304 2305 byte_length = (bit_length + 7) / 8; /* prefix has variable length encoding */ 2306 2307 memset(prefix, 0, sizeof(prefix)); /* clear the copy buffer */ 2308 GET_CPY_BYTES(prefix,tptr,byte_length); /* copy as much as is stored in the TLV */ 2309 tptr+=byte_length; 2310 processed+=byte_length; 2311 2312 if (afi == AF_INET) 2313 ND_PRINT("%sIPv4 prefix: %15s/%u", 2314 ident, 2315 ipaddr_string(ndo, prefix), /* local buffer, not packet data; don't use GET_IPADDR_STRING() */ 2316 bit_length); 2317 else if (afi == AF_INET6) 2318 ND_PRINT("%sIPv6 prefix: %s/%u", 2319 ident, 2320 ip6addr_string(ndo, prefix), /* local buffer, not packet data; don't use GET_IP6ADDR_STRING() */ 2321 bit_length); 2322 2323 ND_PRINT(", Distribution: %s, Metric: %u", 2324 ISIS_MASK_TLV_EXTD_IP_UPDOWN(status_byte) ? "down" : "up", 2325 metric); 2326 2327 if (afi == AF_INET && ISIS_MASK_TLV_EXTD_IP_SUBTLV(status_byte)) 2328 ND_PRINT(", sub-TLVs present"); 2329 else if (afi == AF_INET6) 2330 ND_PRINT(", %s%s", 2331 ISIS_MASK_TLV_EXTD_IP6_IE(status_byte) ? "External" : "Internal", 2332 ISIS_MASK_TLV_EXTD_IP6_SUBTLV(status_byte) ? ", sub-TLVs present" : ""); 2333 2334 if ((afi == AF_INET && ISIS_MASK_TLV_EXTD_IP_SUBTLV(status_byte)) 2335 || (afi == AF_INET6 && ISIS_MASK_TLV_EXTD_IP6_SUBTLV(status_byte)) 2336 ) { 2337 /* assume that one prefix can hold more 2338 than one subTLV - therefore the first byte must reflect 2339 the aggregate bytecount of the subTLVs for this prefix 2340 */ 2341 sublen=GET_U_1(tptr); 2342 tptr++; 2343 processed+=sublen+1; 2344 ND_PRINT(" (%u)", sublen); /* print out subTLV length */ 2345 2346 while (sublen>0) { 2347 subtlvtype=GET_U_1(tptr); 2348 subtlvlen=GET_U_1(tptr + 1); 2349 tptr+=2; 2350 /* prepend the indent string */ 2351 snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); 2352 if (!isis_print_ip_reach_subtlv(ndo, tptr, subtlvtype, subtlvlen, ident_buffer)) 2353 return(0); 2354 tptr+=subtlvlen; 2355 sublen-=(subtlvlen+2); 2356 } 2357 } 2358 return (processed); 2359 } 2360 2361 static void 2362 isis_print_router_cap_subtlv(netdissect_options *ndo, const uint8_t *tptr, uint8_t tlen) 2363 { 2364 uint8_t subt, subl; 2365 2366 while (tlen >= 2) { 2367 subt = GET_U_1(tptr); 2368 subl = GET_U_1(tptr+1); 2369 tlen -= 2; 2370 tptr += 2; 2371 2372 /* first lets see if we know the subTLVs name*/ 2373 ND_PRINT("\n\t\t%s subTLV #%u, length: %u", 2374 tok2str(isis_router_capability_subtlv_values, "unknown", subt), 2375 subt, subl); 2376 2377 /* 2378 * Boundary check. 2379 */ 2380 if (subl > tlen) { 2381 break; 2382 } 2383 ND_TCHECK_LEN(tptr, subl); 2384 2385 switch (subt) { 2386 case ISIS_SUBTLV_ROUTER_CAP_SR: 2387 { 2388 uint8_t flags, sid_tlen, sid_type, sid_len; 2389 uint32_t range; 2390 const uint8_t *sid_ptr; 2391 2392 flags = GET_U_1(tptr); 2393 range = GET_BE_U_3(tptr+1); 2394 ND_PRINT(", Flags [%s], Range %u", 2395 bittok2str(isis_router_capability_sr_flags, "None", flags), 2396 range); 2397 sid_ptr = tptr + 4; 2398 sid_tlen = subl - 4; 2399 2400 while (sid_tlen >= 5) { 2401 sid_type = GET_U_1(sid_ptr); 2402 sid_len = GET_U_1(sid_ptr+1); 2403 sid_tlen -= 2; 2404 sid_ptr += 2; 2405 2406 /* 2407 * Boundary check. 2408 */ 2409 if (sid_len > sid_tlen) { 2410 break; 2411 } 2412 2413 switch (sid_type) { 2414 case 1: 2415 if (sid_len == 3) { 2416 ND_PRINT(", SID value %u", GET_BE_U_3(sid_ptr)); 2417 } else if (sid_len == 4) { 2418 ND_PRINT(", SID value %u", GET_BE_U_4(sid_ptr)); 2419 } else { 2420 ND_PRINT(", Unknown SID length%u", sid_len); 2421 } 2422 break; 2423 default: 2424 print_unknown_data(ndo, sid_ptr, "\n\t\t ", sid_len); 2425 } 2426 2427 sid_ptr += sid_len; 2428 sid_tlen -= sid_len; 2429 } 2430 } 2431 break; 2432 default: 2433 print_unknown_data(ndo, tptr, "\n\t\t", subl); 2434 break; 2435 } 2436 2437 tlen -= subl; 2438 tptr += subl; 2439 } 2440 trunc: 2441 return; 2442 } 2443 2444 /* 2445 * Clear checksum and lifetime prior to signature verification. 2446 */ 2447 static void 2448 isis_clear_checksum_lifetime(void *header) 2449 { 2450 struct isis_lsp_header *header_lsp = (struct isis_lsp_header *) header; 2451 2452 header_lsp->checksum[0] = 0; 2453 header_lsp->checksum[1] = 0; 2454 header_lsp->remaining_lifetime[0] = 0; 2455 header_lsp->remaining_lifetime[1] = 0; 2456 } 2457 2458 /* 2459 * isis_print 2460 * Decode IS-IS packets. Return 0 on error. 2461 */ 2462 2463 #define INVALID_OR_DECREMENT(length,decr) \ 2464 if ((length) < (decr)) { \ 2465 ND_PRINT(" [packet length %u < %zu]", (length), (decr)); \ 2466 nd_print_invalid(ndo); \ 2467 return 1; \ 2468 } \ 2469 length -= (decr); 2470 2471 static int 2472 isis_print(netdissect_options *ndo, 2473 const uint8_t *p, u_int length) 2474 { 2475 const struct isis_common_header *isis_header; 2476 2477 const struct isis_iih_lan_header *header_iih_lan; 2478 const struct isis_iih_ptp_header *header_iih_ptp; 2479 const struct isis_lsp_header *header_lsp; 2480 const struct isis_csnp_header *header_csnp; 2481 const struct isis_psnp_header *header_psnp; 2482 2483 const struct isis_tlv_lsp *tlv_lsp; 2484 const struct isis_tlv_ptp_adj *tlv_ptp_adj; 2485 const struct isis_tlv_is_reach *tlv_is_reach; 2486 const struct isis_tlv_es_reach *tlv_es_reach; 2487 2488 uint8_t version, pdu_version, fixed_len; 2489 uint8_t pdu_type, pdu_max_area, max_area, pdu_id_length, id_length, tlv_type, tlv_len, tlen, alen, prefix_len; 2490 u_int ext_is_len, ext_ip_len; 2491 uint8_t mt_len; 2492 uint8_t isis_subtlv_idrp; 2493 const uint8_t *optr, *pptr, *tptr; 2494 u_int packet_len; 2495 u_short pdu_len, key_id; 2496 u_int i,vendor_id, num_vals; 2497 uint8_t auth_type; 2498 uint8_t num_system_ids; 2499 int sigcheck; 2500 2501 ndo->ndo_protocol = "isis"; 2502 packet_len=length; 2503 optr = p; /* initialize the _o_riginal pointer to the packet start - 2504 need it for parsing the checksum TLV and authentication 2505 TLV verification */ 2506 isis_header = (const struct isis_common_header *)p; 2507 ND_TCHECK_SIZE(isis_header); 2508 if (length < ISIS_COMMON_HEADER_SIZE) 2509 goto trunc; 2510 pptr = p+(ISIS_COMMON_HEADER_SIZE); 2511 header_iih_lan = (const struct isis_iih_lan_header *)pptr; 2512 header_iih_ptp = (const struct isis_iih_ptp_header *)pptr; 2513 header_lsp = (const struct isis_lsp_header *)pptr; 2514 header_csnp = (const struct isis_csnp_header *)pptr; 2515 header_psnp = (const struct isis_psnp_header *)pptr; 2516 2517 if (!ndo->ndo_eflag) 2518 ND_PRINT("IS-IS"); 2519 2520 /* 2521 * Sanity checking of the header. 2522 */ 2523 2524 version = GET_U_1(isis_header->version); 2525 if (version != ISIS_VERSION) { 2526 ND_PRINT("version %u packet not supported", version); 2527 return (0); 2528 } 2529 2530 pdu_id_length = GET_U_1(isis_header->id_length); 2531 if ((pdu_id_length != SYSTEM_ID_LEN) && (pdu_id_length != 0)) { 2532 ND_PRINT("system ID length of %u is not supported", 2533 pdu_id_length); 2534 return (0); 2535 } 2536 2537 pdu_version = GET_U_1(isis_header->pdu_version); 2538 if (pdu_version != ISIS_VERSION) { 2539 ND_PRINT("version %u packet not supported", pdu_version); 2540 return (0); 2541 } 2542 2543 fixed_len = GET_U_1(isis_header->fixed_len); 2544 if (length < fixed_len) { 2545 ND_PRINT("fixed header length %u > packet length %u", fixed_len, length); 2546 return (0); 2547 } 2548 2549 if (fixed_len < ISIS_COMMON_HEADER_SIZE) { 2550 ND_PRINT("fixed header length %u < minimum header size %u", fixed_len, (u_int)ISIS_COMMON_HEADER_SIZE); 2551 return (0); 2552 } 2553 2554 pdu_max_area = GET_U_1(isis_header->max_area); 2555 switch(pdu_max_area) { 2556 case 0: 2557 max_area = 3; /* silly shit */ 2558 break; 2559 case 255: 2560 ND_PRINT("bad packet -- 255 areas"); 2561 return (0); 2562 default: 2563 max_area = pdu_max_area; 2564 break; 2565 } 2566 2567 switch(pdu_id_length) { 2568 case 0: 2569 id_length = 6; /* silly shit again */ 2570 break; 2571 case 1: /* 1-8 are valid sys-ID lengths */ 2572 case 2: 2573 case 3: 2574 case 4: 2575 case 5: 2576 case 6: 2577 case 7: 2578 case 8: 2579 id_length = pdu_id_length; 2580 break; 2581 case 255: 2582 id_length = 0; /* entirely useless */ 2583 break; 2584 default: 2585 id_length = pdu_id_length; 2586 break; 2587 } 2588 2589 /* toss any non 6-byte sys-ID len PDUs */ 2590 if (id_length != 6 ) { 2591 ND_PRINT("bad packet -- illegal sys-ID length (%u)", id_length); 2592 return (0); 2593 } 2594 2595 pdu_type = GET_U_1(isis_header->pdu_type); 2596 2597 /* in non-verbose mode print the basic PDU Type plus PDU specific brief information*/ 2598 if (ndo->ndo_vflag == 0) { 2599 ND_PRINT("%s%s", 2600 ndo->ndo_eflag ? "" : ", ", 2601 tok2str(isis_pdu_values, "unknown PDU-Type %u", pdu_type)); 2602 } else { 2603 /* ok they seem to want to know everything - lets fully decode it */ 2604 ND_PRINT("%slength %u", ndo->ndo_eflag ? "" : ", ", length); 2605 2606 ND_PRINT("\n\t%s, hlen: %u, v: %u, pdu-v: %u, sys-id-len: %u (%u), max-area: %u (%u)", 2607 tok2str(isis_pdu_values, 2608 "unknown, type %u", 2609 pdu_type), 2610 fixed_len, 2611 version, 2612 pdu_version, 2613 id_length, 2614 pdu_id_length, 2615 max_area, 2616 pdu_max_area); 2617 2618 if (ndo->ndo_vflag > 1) { 2619 if (!print_unknown_data(ndo, optr, "\n\t", 8)) /* provide the _o_riginal pointer */ 2620 return (0); /* for optionally debugging the common header */ 2621 } 2622 } 2623 2624 switch (pdu_type) { 2625 2626 case ISIS_PDU_L1_LAN_IIH: 2627 case ISIS_PDU_L2_LAN_IIH: 2628 if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE)) { 2629 ND_PRINT(", bogus fixed header length %u should be %zu", 2630 fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2631 return (0); 2632 } 2633 ND_TCHECK_SIZE(header_iih_lan); 2634 if (length < ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE) 2635 goto trunc; 2636 if (ndo->ndo_vflag == 0) { 2637 ND_PRINT(", src-id %s", 2638 isis_print_id(ndo, header_iih_lan->source_id, SYSTEM_ID_LEN)); 2639 ND_PRINT(", lan-id %s, prio %u", 2640 isis_print_id(ndo, header_iih_lan->lan_id,NODE_ID_LEN), 2641 GET_U_1(header_iih_lan->priority)); 2642 ND_PRINT(", length %u", length); 2643 return (1); 2644 } 2645 pdu_len=GET_BE_U_2(header_iih_lan->pdu_len); 2646 if (packet_len>pdu_len) { 2647 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2648 length=pdu_len; 2649 } 2650 2651 ND_PRINT("\n\t source-id: %s, holding time: %us, Flags: [%s]", 2652 isis_print_id(ndo, header_iih_lan->source_id,SYSTEM_ID_LEN), 2653 GET_BE_U_2(header_iih_lan->holding_time), 2654 tok2str(isis_iih_circuit_type_values, 2655 "unknown circuit type 0x%02x", 2656 GET_U_1(header_iih_lan->circuit_type))); 2657 2658 ND_PRINT("\n\t lan-id: %s, Priority: %u, PDU length: %u", 2659 isis_print_id(ndo, header_iih_lan->lan_id, NODE_ID_LEN), 2660 GET_U_1(header_iih_lan->priority) & ISIS_LAN_PRIORITY_MASK, 2661 pdu_len); 2662 2663 if (ndo->ndo_vflag > 1) { 2664 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_LAN_HEADER_SIZE)) 2665 return (0); 2666 } 2667 2668 INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2669 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); 2670 break; 2671 2672 case ISIS_PDU_PTP_IIH: 2673 if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE)) { 2674 ND_PRINT(", bogus fixed header length %u should be %zu", 2675 fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2676 return (0); 2677 } 2678 ND_TCHECK_SIZE(header_iih_ptp); 2679 if (length < ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE) 2680 goto trunc; 2681 if (ndo->ndo_vflag == 0) { 2682 ND_PRINT(", src-id %s", isis_print_id(ndo, header_iih_ptp->source_id, SYSTEM_ID_LEN)); 2683 ND_PRINT(", length %u", length); 2684 return (1); 2685 } 2686 pdu_len=GET_BE_U_2(header_iih_ptp->pdu_len); 2687 if (packet_len>pdu_len) { 2688 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2689 length=pdu_len; 2690 } 2691 2692 ND_PRINT("\n\t source-id: %s, holding time: %us, Flags: [%s]", 2693 isis_print_id(ndo, header_iih_ptp->source_id,SYSTEM_ID_LEN), 2694 GET_BE_U_2(header_iih_ptp->holding_time), 2695 tok2str(isis_iih_circuit_type_values, 2696 "unknown circuit type 0x%02x", 2697 GET_U_1(header_iih_ptp->circuit_type))); 2698 2699 ND_PRINT("\n\t circuit-id: 0x%02x, PDU length: %u", 2700 GET_U_1(header_iih_ptp->circuit_id), 2701 pdu_len); 2702 2703 if (ndo->ndo_vflag > 1) { 2704 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_PTP_HEADER_SIZE)) 2705 return (0); 2706 } 2707 INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2708 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); 2709 break; 2710 2711 case ISIS_PDU_L1_LSP: 2712 case ISIS_PDU_L2_LSP: 2713 if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE)) { 2714 ND_PRINT(", bogus fixed header length %u should be %zu", 2715 fixed_len, ISIS_LSP_HEADER_SIZE); 2716 return (0); 2717 } 2718 ND_TCHECK_SIZE(header_lsp); 2719 if (length < ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE) 2720 goto trunc; 2721 if (ndo->ndo_vflag == 0) { 2722 ND_PRINT(", lsp-id %s, seq 0x%08x, lifetime %5us", 2723 isis_print_id(ndo, header_lsp->lsp_id, LSP_ID_LEN), 2724 GET_BE_U_4(header_lsp->sequence_number), 2725 GET_BE_U_2(header_lsp->remaining_lifetime)); 2726 ND_PRINT(", length %u", length); 2727 return (1); 2728 } 2729 pdu_len=GET_BE_U_2(header_lsp->pdu_len); 2730 if (packet_len>pdu_len) { 2731 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2732 length=pdu_len; 2733 } 2734 2735 ND_PRINT("\n\t lsp-id: %s, seq: 0x%08x, lifetime: %5us\n\t chksum: 0x%04x", 2736 isis_print_id(ndo, header_lsp->lsp_id, LSP_ID_LEN), 2737 GET_BE_U_4(header_lsp->sequence_number), 2738 GET_BE_U_2(header_lsp->remaining_lifetime), 2739 GET_BE_U_2(header_lsp->checksum)); 2740 2741 osi_print_cksum(ndo, (const uint8_t *)header_lsp->lsp_id, 2742 GET_BE_U_2(header_lsp->checksum), 2743 12, length-12); 2744 2745 ND_PRINT(", PDU length: %u, Flags: [ %s", 2746 pdu_len, 2747 ISIS_MASK_LSP_OL_BIT(header_lsp->typeblock) ? "Overload bit set, " : ""); 2748 2749 if (ISIS_MASK_LSP_ATT_BITS(header_lsp->typeblock)) { 2750 ND_PRINT("%s", ISIS_MASK_LSP_ATT_DEFAULT_BIT(header_lsp->typeblock) ? "default " : ""); 2751 ND_PRINT("%s", ISIS_MASK_LSP_ATT_DELAY_BIT(header_lsp->typeblock) ? "delay " : ""); 2752 ND_PRINT("%s", ISIS_MASK_LSP_ATT_EXPENSE_BIT(header_lsp->typeblock) ? "expense " : ""); 2753 ND_PRINT("%s", ISIS_MASK_LSP_ATT_ERROR_BIT(header_lsp->typeblock) ? "error " : ""); 2754 ND_PRINT("ATT bit set, "); 2755 } 2756 ND_PRINT("%s", ISIS_MASK_LSP_PARTITION_BIT(header_lsp->typeblock) ? "P bit set, " : ""); 2757 ND_PRINT("%s ]", tok2str(isis_lsp_istype_values, "Unknown(0x%x)", 2758 ISIS_MASK_LSP_ISTYPE_BITS(header_lsp->typeblock))); 2759 2760 if (ndo->ndo_vflag > 1) { 2761 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_LSP_HEADER_SIZE)) 2762 return (0); 2763 } 2764 2765 INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); 2766 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); 2767 break; 2768 2769 case ISIS_PDU_L1_CSNP: 2770 case ISIS_PDU_L2_CSNP: 2771 if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE)) { 2772 ND_PRINT(", bogus fixed header length %u should be %zu", 2773 fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2774 return (0); 2775 } 2776 ND_TCHECK_SIZE(header_csnp); 2777 if (length < ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE) 2778 goto trunc; 2779 if (ndo->ndo_vflag == 0) { 2780 ND_PRINT(", src-id %s", isis_print_id(ndo, header_csnp->source_id, NODE_ID_LEN)); 2781 ND_PRINT(", length %u", length); 2782 return (1); 2783 } 2784 pdu_len=GET_BE_U_2(header_csnp->pdu_len); 2785 if (packet_len>pdu_len) { 2786 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2787 length=pdu_len; 2788 } 2789 2790 ND_PRINT("\n\t source-id: %s, PDU length: %u", 2791 isis_print_id(ndo, header_csnp->source_id, NODE_ID_LEN), 2792 pdu_len); 2793 ND_PRINT("\n\t start lsp-id: %s", 2794 isis_print_id(ndo, header_csnp->start_lsp_id, LSP_ID_LEN)); 2795 ND_PRINT("\n\t end lsp-id: %s", 2796 isis_print_id(ndo, header_csnp->end_lsp_id, LSP_ID_LEN)); 2797 2798 if (ndo->ndo_vflag > 1) { 2799 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_CSNP_HEADER_SIZE)) 2800 return (0); 2801 } 2802 2803 INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2804 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); 2805 break; 2806 2807 case ISIS_PDU_L1_PSNP: 2808 case ISIS_PDU_L2_PSNP: 2809 if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE)) { 2810 ND_PRINT("- bogus fixed header length %u should be %zu", 2811 fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2812 return (0); 2813 } 2814 ND_TCHECK_SIZE(header_psnp); 2815 if (length < ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE) 2816 goto trunc; 2817 if (ndo->ndo_vflag == 0) { 2818 ND_PRINT(", src-id %s", isis_print_id(ndo, header_psnp->source_id, NODE_ID_LEN)); 2819 ND_PRINT(", length %u", length); 2820 return (1); 2821 } 2822 pdu_len=GET_BE_U_2(header_psnp->pdu_len); 2823 if (packet_len>pdu_len) { 2824 packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ 2825 length=pdu_len; 2826 } 2827 2828 ND_PRINT("\n\t source-id: %s, PDU length: %u", 2829 isis_print_id(ndo, header_psnp->source_id, NODE_ID_LEN), 2830 pdu_len); 2831 2832 if (ndo->ndo_vflag > 1) { 2833 if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_PSNP_HEADER_SIZE)) 2834 return (0); 2835 } 2836 2837 INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2838 pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); 2839 break; 2840 2841 default: 2842 if (ndo->ndo_vflag == 0) { 2843 ND_PRINT(", length %u", length); 2844 return (1); 2845 } 2846 (void)print_unknown_data(ndo, pptr, "\n\t ", length); 2847 return (0); 2848 } 2849 2850 /* 2851 * Now print the TLV's. 2852 */ 2853 2854 while (packet_len > 0) { 2855 ND_TCHECK_2(pptr); 2856 if (packet_len < 2) 2857 goto trunc; 2858 tlv_type = GET_U_1(pptr); 2859 tlv_len = GET_U_1(pptr + 1); 2860 pptr += 2; 2861 packet_len -= 2; 2862 tlen = tlv_len; /* copy temporary len & pointer to packet data */ 2863 tptr = pptr; 2864 2865 /* first lets see if we know the TLVs name*/ 2866 ND_PRINT("\n\t %s TLV #%u, length: %u", 2867 tok2str(isis_tlv_values, 2868 "unknown", 2869 tlv_type), 2870 tlv_type, 2871 tlv_len); 2872 2873 if (packet_len < tlv_len) 2874 goto trunc; 2875 2876 /* now check if we have a decoder otherwise do a hexdump at the end*/ 2877 switch (tlv_type) { 2878 case ISIS_TLV_AREA_ADDR: 2879 while (tlen != 0) { 2880 alen = GET_U_1(tptr); 2881 tptr++; 2882 tlen--; 2883 if (tlen < alen) 2884 goto tlv_trunc; 2885 ND_PRINT("\n\t Area address (length: %u): %s", 2886 alen, 2887 GET_ISONSAP_STRING(tptr, alen)); 2888 tptr += alen; 2889 tlen -= alen; 2890 } 2891 break; 2892 case ISIS_TLV_ISNEIGH: 2893 while (tlen != 0) { 2894 if (tlen < MAC_ADDR_LEN) 2895 goto tlv_trunc; 2896 ND_TCHECK_LEN(tptr, MAC_ADDR_LEN); 2897 ND_PRINT("\n\t SNPA: %s", isis_print_id(ndo, tptr, MAC_ADDR_LEN)); 2898 tlen -= MAC_ADDR_LEN; 2899 tptr += MAC_ADDR_LEN; 2900 } 2901 break; 2902 2903 case ISIS_TLV_INSTANCE_ID: 2904 if (tlen < 4) 2905 goto tlv_trunc; 2906 num_vals = (tlen-2)/2; 2907 ND_PRINT("\n\t Instance ID: %u, ITIDs(%u)%s ", 2908 GET_BE_U_2(tptr), num_vals, 2909 num_vals ? ":" : ""); 2910 tptr += 2; 2911 tlen -= 2; 2912 for (i=0; i < num_vals; i++) { 2913 ND_PRINT("%u", GET_BE_U_2(tptr)); 2914 if (i < (num_vals - 1)) { 2915 ND_PRINT(", "); 2916 } 2917 tptr += 2; 2918 tlen -= 2; 2919 } 2920 break; 2921 2922 case ISIS_TLV_PADDING: 2923 break; 2924 2925 case ISIS_TLV_MT_IS_REACH: 2926 mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); 2927 if (mt_len == 0) /* did something go wrong ? */ 2928 goto trunc; 2929 tptr+=mt_len; 2930 tlen-=mt_len; 2931 while (tlen != 0) { 2932 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); 2933 if (ext_is_len == 0) /* did something go wrong ? */ 2934 goto trunc; 2935 if (tlen < ext_is_len) { 2936 ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_is_len); 2937 nd_print_invalid(ndo); 2938 break; 2939 } 2940 tlen-=(uint8_t)ext_is_len; 2941 tptr+=(uint8_t)ext_is_len; 2942 } 2943 break; 2944 2945 case ISIS_TLV_IS_ALIAS_ID: 2946 while (tlen != 0) { 2947 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); 2948 if (ext_is_len == 0) /* did something go wrong ? */ 2949 goto trunc; 2950 if (tlen < ext_is_len) { 2951 ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_is_len); 2952 nd_print_invalid(ndo); 2953 break; 2954 } 2955 tlen-=(uint8_t)ext_is_len; 2956 tptr+=(uint8_t)ext_is_len; 2957 } 2958 break; 2959 2960 case ISIS_TLV_EXT_IS_REACH: 2961 while (tlen != 0) { 2962 ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); 2963 if (ext_is_len == 0) /* did something go wrong ? */ 2964 goto trunc; 2965 if (tlen < ext_is_len) { 2966 ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_is_len); 2967 nd_print_invalid(ndo); 2968 break; 2969 } 2970 tlen-=(uint8_t)ext_is_len; 2971 tptr+=(uint8_t)ext_is_len; 2972 } 2973 break; 2974 case ISIS_TLV_IS_REACH: 2975 if (tlen < 1) 2976 goto tlv_trunc; 2977 ND_PRINT("\n\t %s", 2978 tok2str(isis_is_reach_virtual_values, 2979 "bogus virtual flag 0x%02x", 2980 GET_U_1(tptr))); 2981 tptr++; 2982 tlen--; 2983 tlv_is_reach = (const struct isis_tlv_is_reach *)tptr; 2984 while (tlen != 0) { 2985 if (tlen < sizeof(struct isis_tlv_is_reach)) 2986 goto tlv_trunc; 2987 ND_TCHECK_SIZE(tlv_is_reach); 2988 ND_PRINT("\n\t IS Neighbor: %s", 2989 isis_print_id(ndo, tlv_is_reach->neighbor_nodeid, NODE_ID_LEN)); 2990 isis_print_metric_block(ndo, &tlv_is_reach->isis_metric_block); 2991 tlen -= sizeof(struct isis_tlv_is_reach); 2992 tlv_is_reach++; 2993 } 2994 break; 2995 2996 case ISIS_TLV_ESNEIGH: 2997 tlv_es_reach = (const struct isis_tlv_es_reach *)tptr; 2998 while (tlen != 0) { 2999 if (tlen < sizeof(struct isis_tlv_es_reach)) 3000 goto tlv_trunc; 3001 ND_TCHECK_SIZE(tlv_es_reach); 3002 ND_PRINT("\n\t ES Neighbor: %s", 3003 isis_print_id(ndo, tlv_es_reach->neighbor_sysid, SYSTEM_ID_LEN)); 3004 isis_print_metric_block(ndo, &tlv_es_reach->isis_metric_block); 3005 tlen -= sizeof(struct isis_tlv_es_reach); 3006 tlv_es_reach++; 3007 } 3008 break; 3009 3010 /* those two TLVs share the same format */ 3011 case ISIS_TLV_INT_IP_REACH: 3012 case ISIS_TLV_EXT_IP_REACH: 3013 if (!isis_print_tlv_ip_reach(ndo, pptr, "\n\t ", tlv_len)) 3014 return (1); 3015 break; 3016 3017 case ISIS_TLV_EXTD_IP_REACH: 3018 while (tlen != 0) { 3019 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); 3020 if (ext_ip_len == 0) /* did something go wrong ? */ 3021 goto trunc; 3022 if (tlen < ext_ip_len) { 3023 ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_ip_len); 3024 nd_print_invalid(ndo); 3025 break; 3026 } 3027 tlen-=(uint8_t)ext_ip_len; 3028 tptr+=(uint8_t)ext_ip_len; 3029 } 3030 break; 3031 3032 case ISIS_TLV_MT_IP_REACH: 3033 mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); 3034 if (mt_len == 0) { /* did something go wrong ? */ 3035 goto trunc; 3036 } 3037 tptr+=mt_len; 3038 tlen-=mt_len; 3039 3040 while (tlen != 0) { 3041 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); 3042 if (ext_ip_len == 0) /* did something go wrong ? */ 3043 goto trunc; 3044 if (tlen < ext_ip_len) { 3045 ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_ip_len); 3046 nd_print_invalid(ndo); 3047 break; 3048 } 3049 tlen-=(uint8_t)ext_ip_len; 3050 tptr+=(uint8_t)ext_ip_len; 3051 } 3052 break; 3053 3054 case ISIS_TLV_IP6_REACH: 3055 while (tlen != 0) { 3056 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); 3057 if (ext_ip_len == 0) /* did something go wrong ? */ 3058 goto trunc; 3059 if (tlen < ext_ip_len) { 3060 ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_ip_len); 3061 nd_print_invalid(ndo); 3062 break; 3063 } 3064 tlen-=(uint8_t)ext_ip_len; 3065 tptr+=(uint8_t)ext_ip_len; 3066 } 3067 break; 3068 3069 case ISIS_TLV_MT_IP6_REACH: 3070 mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); 3071 if (mt_len == 0) { /* did something go wrong ? */ 3072 goto trunc; 3073 } 3074 tptr+=mt_len; 3075 tlen-=mt_len; 3076 3077 while (tlen != 0) { 3078 ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); 3079 if (ext_ip_len == 0) /* did something go wrong ? */ 3080 goto trunc; 3081 if (tlen < ext_ip_len) { 3082 ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_ip_len); 3083 nd_print_invalid(ndo); 3084 break; 3085 } 3086 tlen-=(uint8_t)ext_ip_len; 3087 tptr+=(uint8_t)ext_ip_len; 3088 } 3089 break; 3090 3091 case ISIS_TLV_IP6ADDR: 3092 while (tlen != 0) { 3093 if (tlen < sizeof(nd_ipv6)) 3094 goto tlv_trunc; 3095 ND_PRINT("\n\t IPv6 interface address: %s", 3096 GET_IP6ADDR_STRING(tptr)); 3097 3098 tptr += sizeof(nd_ipv6); 3099 tlen -= sizeof(nd_ipv6); 3100 } 3101 break; 3102 case ISIS_TLV_AUTH: 3103 if (tlen < 1) 3104 goto tlv_trunc; 3105 auth_type = GET_U_1(tptr); 3106 tptr++; 3107 tlen--; 3108 3109 ND_PRINT("\n\t %s: ", 3110 tok2str(isis_subtlv_auth_values, 3111 "unknown Authentication type 0x%02x", 3112 auth_type)); 3113 3114 switch (auth_type) { 3115 case ISIS_SUBTLV_AUTH_SIMPLE: 3116 nd_printjnp(ndo, tptr, tlen); 3117 break; 3118 case ISIS_SUBTLV_AUTH_MD5: 3119 for(i=0;i<tlen;i++) { 3120 ND_PRINT("%02x", GET_U_1(tptr + i)); 3121 } 3122 if (tlen != ISIS_SUBTLV_AUTH_MD5_LEN) 3123 ND_PRINT(", (invalid subTLV) "); 3124 3125 sigcheck = signature_verify(ndo, optr, length, tptr, 3126 isis_clear_checksum_lifetime, 3127 header_lsp); 3128 ND_PRINT(" (%s)", tok2str(signature_check_values, "Unknown", sigcheck)); 3129 3130 break; 3131 case ISIS_SUBTLV_AUTH_GENERIC: 3132 if (tlen < 2) 3133 goto tlv_trunc; 3134 key_id = GET_BE_U_2(tptr); 3135 ND_PRINT("%u, password: ", key_id); 3136 tptr += 2; 3137 tlen -= 2; 3138 for(i=0;i<tlen;i++) { 3139 ND_PRINT("%02x", GET_U_1(tptr + i)); 3140 } 3141 break; 3142 case ISIS_SUBTLV_AUTH_PRIVATE: 3143 default: 3144 if (!print_unknown_data(ndo, tptr, "\n\t\t ", tlen)) 3145 return(0); 3146 break; 3147 } 3148 break; 3149 3150 case ISIS_TLV_PTP_ADJ: 3151 tlv_ptp_adj = (const struct isis_tlv_ptp_adj *)tptr; 3152 if(tlen>=1) { 3153 ND_PRINT("\n\t Adjacency State: %s (%u)", 3154 tok2str(isis_ptp_adjacency_values, "unknown", GET_U_1(tptr)), 3155 GET_U_1(tptr)); 3156 tlen--; 3157 } 3158 if(tlen>sizeof(tlv_ptp_adj->extd_local_circuit_id)) { 3159 ND_PRINT("\n\t Extended Local circuit-ID: 0x%08x", 3160 GET_BE_U_4(tlv_ptp_adj->extd_local_circuit_id)); 3161 tlen-=sizeof(tlv_ptp_adj->extd_local_circuit_id); 3162 } 3163 if(tlen>=SYSTEM_ID_LEN) { 3164 ND_TCHECK_LEN(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN); 3165 ND_PRINT("\n\t Neighbor System-ID: %s", 3166 isis_print_id(ndo, tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN)); 3167 tlen-=SYSTEM_ID_LEN; 3168 } 3169 if(tlen>=sizeof(tlv_ptp_adj->neighbor_extd_local_circuit_id)) { 3170 ND_PRINT("\n\t Neighbor Extended Local circuit-ID: 0x%08x", 3171 GET_BE_U_4(tlv_ptp_adj->neighbor_extd_local_circuit_id)); 3172 } 3173 break; 3174 3175 case ISIS_TLV_PROTOCOLS: 3176 ND_PRINT("\n\t NLPID(s): "); 3177 while (tlen != 0) { 3178 ND_PRINT("%s (0x%02x)", 3179 tok2str(nlpid_values, 3180 "unknown", 3181 GET_U_1(tptr)), 3182 GET_U_1(tptr)); 3183 if (tlen>1) /* further NPLIDs ? - put comma */ 3184 ND_PRINT(", "); 3185 tptr++; 3186 tlen--; 3187 } 3188 break; 3189 3190 case ISIS_TLV_MT_PORT_CAP: 3191 { 3192 if (tlen < 2) 3193 goto tlv_trunc; 3194 3195 ND_PRINT("\n\t RES: %u, MTID(s): %u", 3196 (GET_BE_U_2(tptr) >> 12), 3197 (GET_BE_U_2(tptr) & 0x0fff)); 3198 3199 tptr += 2; 3200 tlen -= 2; 3201 3202 if (tlen) 3203 isis_print_mt_port_cap_subtlv(ndo, tptr, tlen); 3204 3205 break; 3206 } 3207 3208 case ISIS_TLV_MT_CAPABILITY: 3209 if (tlen < 2) 3210 goto tlv_trunc; 3211 3212 ND_PRINT("\n\t O: %u, RES: %u, MTID(s): %u", 3213 (GET_BE_U_2(tptr) >> 15) & 0x01, 3214 (GET_BE_U_2(tptr) >> 12) & 0x07, 3215 GET_BE_U_2(tptr) & 0x0fff); 3216 3217 tptr += 2; 3218 tlen -= 2; 3219 3220 if (tlen) 3221 isis_print_mt_capability_subtlv(ndo, tptr, tlen); 3222 3223 break; 3224 3225 case ISIS_TLV_TE_ROUTER_ID: 3226 if (tlen < sizeof(nd_ipv4)) 3227 goto tlv_trunc; 3228 ND_PRINT("\n\t Traffic Engineering Router ID: %s", GET_IPADDR_STRING(pptr)); 3229 break; 3230 3231 case ISIS_TLV_IPADDR: 3232 while (tlen != 0) { 3233 if (tlen < sizeof(nd_ipv4)) 3234 goto tlv_trunc; 3235 ND_PRINT("\n\t IPv4 interface address: %s", GET_IPADDR_STRING(tptr)); 3236 tptr += sizeof(nd_ipv4); 3237 tlen -= sizeof(nd_ipv4); 3238 } 3239 break; 3240 3241 case ISIS_TLV_HOSTNAME: 3242 ND_PRINT("\n\t Hostname: "); 3243 nd_printjnp(ndo, tptr, tlen); 3244 break; 3245 3246 case ISIS_TLV_SHARED_RISK_GROUP: 3247 if (tlen < NODE_ID_LEN) 3248 break; 3249 ND_TCHECK_LEN(tptr, NODE_ID_LEN); 3250 ND_PRINT("\n\t IS Neighbor: %s", isis_print_id(ndo, tptr, NODE_ID_LEN)); 3251 tptr+=NODE_ID_LEN; 3252 tlen-=NODE_ID_LEN; 3253 3254 if (tlen < 1) 3255 break; 3256 ND_PRINT(", Flags: [%s]", 3257 ISIS_MASK_TLV_SHARED_RISK_GROUP(GET_U_1(tptr)) ? "numbered" : "unnumbered"); 3258 tptr++; 3259 tlen--; 3260 3261 if (tlen < sizeof(nd_ipv4)) 3262 break; 3263 ND_PRINT("\n\t IPv4 interface address: %s", GET_IPADDR_STRING(tptr)); 3264 tptr+=sizeof(nd_ipv4); 3265 tlen-=sizeof(nd_ipv4); 3266 3267 if (tlen < sizeof(nd_ipv4)) 3268 break; 3269 ND_PRINT("\n\t IPv4 neighbor address: %s", GET_IPADDR_STRING(tptr)); 3270 tptr+=sizeof(nd_ipv4); 3271 tlen-=sizeof(nd_ipv4); 3272 3273 while (tlen != 0) { 3274 if (tlen < 4) 3275 goto tlv_trunc; 3276 ND_PRINT("\n\t Link-ID: 0x%08x", GET_BE_U_4(tptr)); 3277 tptr+=4; 3278 tlen-=4; 3279 } 3280 break; 3281 3282 case ISIS_TLV_LSP: 3283 tlv_lsp = (const struct isis_tlv_lsp *)tptr; 3284 while (tlen != 0) { 3285 if (tlen < sizeof(struct isis_tlv_lsp)) 3286 goto tlv_trunc; 3287 ND_TCHECK_1(tlv_lsp->lsp_id + LSP_ID_LEN - 1); 3288 ND_PRINT("\n\t lsp-id: %s", 3289 isis_print_id(ndo, tlv_lsp->lsp_id, LSP_ID_LEN)); 3290 ND_PRINT(", seq: 0x%08x", 3291 GET_BE_U_4(tlv_lsp->sequence_number)); 3292 ND_PRINT(", lifetime: %5ds", 3293 GET_BE_U_2(tlv_lsp->remaining_lifetime)); 3294 ND_PRINT(", chksum: 0x%04x", GET_BE_U_2(tlv_lsp->checksum)); 3295 tlen-=sizeof(struct isis_tlv_lsp); 3296 tlv_lsp++; 3297 } 3298 break; 3299 3300 case ISIS_TLV_CHECKSUM: 3301 if (tlen < ISIS_TLV_CHECKSUM_MINLEN) 3302 break; 3303 ND_TCHECK_LEN(tptr, ISIS_TLV_CHECKSUM_MINLEN); 3304 ND_PRINT("\n\t checksum: 0x%04x ", GET_BE_U_2(tptr)); 3305 /* do not attempt to verify the checksum if it is zero 3306 * most likely a HMAC-MD5 TLV is also present and 3307 * to avoid conflicts the checksum TLV is zeroed. 3308 * see rfc3358 for details 3309 */ 3310 osi_print_cksum(ndo, optr, GET_BE_U_2(tptr), (int)(tptr-optr), 3311 length); 3312 break; 3313 3314 case ISIS_TLV_POI: 3315 if (tlen < 1) 3316 goto tlv_trunc; 3317 num_system_ids = GET_U_1(tptr); 3318 tptr++; 3319 tlen--; 3320 if (num_system_ids == 0) { 3321 /* Not valid */ 3322 ND_PRINT(" No system IDs supplied"); 3323 } else { 3324 if (tlen < SYSTEM_ID_LEN) 3325 goto tlv_trunc; 3326 ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); 3327 ND_PRINT("\n\t Purge Originator System-ID: %s", 3328 isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); 3329 tptr += SYSTEM_ID_LEN; 3330 tlen -= SYSTEM_ID_LEN; 3331 3332 if (num_system_ids > 1) { 3333 if (tlen < SYSTEM_ID_LEN) 3334 goto tlv_trunc; 3335 ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); 3336 ND_TCHECK_LEN(tptr, 2 * SYSTEM_ID_LEN + 1); 3337 ND_PRINT("\n\t Received from System-ID: %s", 3338 isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); 3339 } 3340 } 3341 break; 3342 3343 case ISIS_TLV_MT_SUPPORTED: 3344 while (tlen != 0) { 3345 /* length can only be a multiple of 2, otherwise there is 3346 something broken -> so decode down until length is 1 */ 3347 if (tlen!=1) { 3348 mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); 3349 if (mt_len == 0) /* did something go wrong ? */ 3350 goto trunc; 3351 tptr+=mt_len; 3352 tlen-=mt_len; 3353 } else { 3354 ND_PRINT("\n\t invalid MT-ID"); 3355 break; 3356 } 3357 } 3358 break; 3359 3360 case ISIS_TLV_RESTART_SIGNALING: 3361 /* first attempt to decode the flags */ 3362 if (tlen < ISIS_TLV_RESTART_SIGNALING_FLAGLEN) 3363 break; 3364 ND_TCHECK_LEN(tptr, ISIS_TLV_RESTART_SIGNALING_FLAGLEN); 3365 ND_PRINT("\n\t Flags [%s]", 3366 bittok2str(isis_restart_flag_values, "none", GET_U_1(tptr))); 3367 tptr+=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; 3368 tlen-=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; 3369 3370 /* is there anything other than the flags field? */ 3371 if (tlen == 0) 3372 break; 3373 3374 if (tlen < ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN) 3375 break; 3376 ND_TCHECK_LEN(tptr, ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN); 3377 3378 ND_PRINT(", Remaining holding time %us", GET_BE_U_2(tptr)); 3379 tptr+=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; 3380 tlen-=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; 3381 3382 /* is there an additional sysid field present ?*/ 3383 if (tlen == SYSTEM_ID_LEN) { 3384 ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); 3385 ND_PRINT(", for %s", isis_print_id(ndo, tptr,SYSTEM_ID_LEN)); 3386 } 3387 break; 3388 3389 case ISIS_TLV_IDRP_INFO: 3390 if (tlen < 1) 3391 break; 3392 isis_subtlv_idrp = GET_U_1(tptr); 3393 ND_PRINT("\n\t Inter-Domain Information Type: %s", 3394 tok2str(isis_subtlv_idrp_values, 3395 "Unknown (0x%02x)", 3396 isis_subtlv_idrp)); 3397 tptr++; 3398 tlen--; 3399 switch (isis_subtlv_idrp) { 3400 case ISIS_SUBTLV_IDRP_ASN: 3401 if (tlen < 2) 3402 goto tlv_trunc; 3403 ND_PRINT("AS Number: %u", GET_BE_U_2(tptr)); 3404 break; 3405 case ISIS_SUBTLV_IDRP_LOCAL: 3406 case ISIS_SUBTLV_IDRP_RES: 3407 default: 3408 if (!print_unknown_data(ndo, tptr, "\n\t ", tlen)) 3409 return(0); 3410 break; 3411 } 3412 break; 3413 3414 case ISIS_TLV_LSP_BUFFERSIZE: 3415 if (tlen < 2) 3416 break; 3417 ND_PRINT("\n\t LSP Buffersize: %u", GET_BE_U_2(tptr)); 3418 break; 3419 3420 case ISIS_TLV_PART_DIS: 3421 while (tlen != 0) { 3422 if (tlen < SYSTEM_ID_LEN) 3423 goto tlv_trunc; 3424 ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); 3425 ND_PRINT("\n\t %s", isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); 3426 tptr+=SYSTEM_ID_LEN; 3427 tlen-=SYSTEM_ID_LEN; 3428 } 3429 break; 3430 3431 case ISIS_TLV_PREFIX_NEIGH: 3432 if (tlen < sizeof(struct isis_metric_block)) 3433 break; 3434 ND_TCHECK_LEN(tptr, sizeof(struct isis_metric_block)); 3435 ND_PRINT("\n\t Metric Block"); 3436 isis_print_metric_block(ndo, (const struct isis_metric_block *)tptr); 3437 tptr+=sizeof(struct isis_metric_block); 3438 tlen-=sizeof(struct isis_metric_block); 3439 3440 while (tlen != 0) { 3441 prefix_len=GET_U_1(tptr); /* read out prefix length in semioctets*/ 3442 tptr++; 3443 tlen--; 3444 if (prefix_len < 2) { 3445 ND_PRINT("\n\t\tAddress: prefix length %u < 2", prefix_len); 3446 break; 3447 } 3448 if (tlen < prefix_len/2) 3449 break; 3450 ND_PRINT("\n\t\tAddress: %s/%u", 3451 GET_ISONSAP_STRING(tptr, prefix_len / 2), prefix_len * 4); 3452 tptr+=prefix_len/2; 3453 tlen-=prefix_len/2; 3454 } 3455 break; 3456 3457 case ISIS_TLV_IIH_SEQNR: 3458 if (tlen < 4) 3459 break; 3460 ND_PRINT("\n\t Sequence number: %u", GET_BE_U_4(tptr)); 3461 break; 3462 3463 case ISIS_TLV_ROUTER_CAPABILITY: 3464 if (tlen < 5) { 3465 ND_PRINT(" [object length %u < 5]", tlen); 3466 nd_print_invalid(ndo); 3467 break; 3468 } 3469 ND_PRINT("\n\t Router-ID %s", GET_IPADDR_STRING(tptr)); 3470 ND_PRINT(", Flags [%s]", 3471 bittok2str(isis_tlv_router_capability_flags, "none", GET_U_1(tptr+4))); 3472 3473 /* Optional set of sub-TLV */ 3474 if (tlen > 5) { 3475 isis_print_router_cap_subtlv(ndo, tptr+5, tlen-5); 3476 } 3477 break; 3478 3479 case ISIS_TLV_VENDOR_PRIVATE: 3480 if (tlen < 3) 3481 break; 3482 vendor_id = GET_BE_U_3(tptr); 3483 ND_PRINT("\n\t Vendor: %s (%u)", 3484 tok2str(oui_values, "Unknown", vendor_id), 3485 vendor_id); 3486 tptr+=3; 3487 tlen-=3; 3488 if (tlen != 0) /* hexdump the rest */ 3489 if (!print_unknown_data(ndo, tptr, "\n\t\t", tlen)) 3490 return(0); 3491 break; 3492 /* 3493 * FIXME those are the defined TLVs that lack a decoder 3494 * you are welcome to contribute code ;-) 3495 */ 3496 3497 case ISIS_TLV_DECNET_PHASE4: 3498 case ISIS_TLV_LUCENT_PRIVATE: 3499 case ISIS_TLV_IPAUTH: 3500 case ISIS_TLV_NORTEL_PRIVATE1: 3501 case ISIS_TLV_NORTEL_PRIVATE2: 3502 3503 default: 3504 if (ndo->ndo_vflag <= 1) { 3505 if (!print_unknown_data(ndo, pptr, "\n\t\t", tlv_len)) 3506 return(0); 3507 } 3508 break; 3509 } 3510 tlv_trunc: 3511 /* do we want to see an additionally hexdump ? */ 3512 if (ndo->ndo_vflag> 1) { 3513 if (!print_unknown_data(ndo, pptr, "\n\t ", tlv_len)) 3514 return(0); 3515 } 3516 3517 pptr += tlv_len; 3518 packet_len -= tlv_len; 3519 } 3520 3521 if (packet_len != 0) { 3522 ND_PRINT("\n\t %u straggler bytes", packet_len); 3523 } 3524 return (1); 3525 3526 trunc: 3527 nd_print_trunc(ndo); 3528 return (1); 3529 } 3530 3531 static void 3532 osi_print_cksum(netdissect_options *ndo, const uint8_t *pptr, 3533 uint16_t checksum, int checksum_offset, u_int length) 3534 { 3535 uint16_t calculated_checksum; 3536 3537 /* do not attempt to verify the checksum if it is zero, 3538 * if the offset is nonsense, 3539 * or the base pointer is not sane 3540 */ 3541 if (!checksum 3542 || checksum_offset < 0 3543 || !ND_TTEST_2(pptr + checksum_offset) 3544 || (u_int)checksum_offset > length 3545 || !ND_TTEST_LEN(pptr, length)) { 3546 ND_PRINT(" (unverified)"); 3547 } else { 3548 #if 0 3549 ND_PRINT("\nosi_print_cksum: %p %d %u\n", pptr, checksum_offset, length); 3550 #endif 3551 calculated_checksum = create_osi_cksum(pptr, checksum_offset, length); 3552 if (checksum == calculated_checksum) { 3553 ND_PRINT(" (correct)"); 3554 } else { 3555 ND_PRINT(" (incorrect should be 0x%04x)", calculated_checksum); 3556 } 3557 } 3558 } 3559