1 /* 2 * Copyright (c) 2015 Ritesh Ranjan (r.ranjan789@gmail.com) 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. The name of the author may not be used to endorse or promote products 14 * derived from this software without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 19 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 20 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 22 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 24 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 25 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 /* 30 * netdissect printer for LISP - Locator/Identifier Separation Protocol 31 * RFC 6830 32 * 33 * 34 * The Map-Register message format is: 35 * 36 * 0 1 2 3 37 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 38 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 39 * |Type=3 |P|S|I|R| Reserved |M| Record Count | 40 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 41 * | Nonce . . . | 42 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 43 * | . . . Nonce | 44 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 45 * | Key ID | Authentication Data Length | 46 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 47 * ~ Authentication Data ~ 48 * +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 49 * | | Record TTL | 50 * | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 51 * R | Locator Count | EID mask-len | ACT |A| Reserved | 52 * e +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 53 * c | Rsvd | Map-Version Number | EID-Prefix-AFI | 54 * o +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 55 * r | EID-Prefix | 56 * d +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 57 * | /| Priority | Weight | M Priority | M Weight | 58 * | L +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 59 * | o | Unused Flags |L|p|R| Loc-AFI | 60 * | c +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 61 * | \| Locator | 62 * +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 63 * 64 * 65 * The Map-Notify message format is: 66 * 67 * 0 1 2 3 68 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 69 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 70 * |Type=4 |I|R| Reserved | Record Count | 71 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 72 * | Nonce . . . | 73 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 74 * | . . . Nonce | 75 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 76 * | Key ID | Authentication Data Length | 77 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 78 * ~ Authentication Data ~ 79 * +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 80 * | | Record TTL | 81 * | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 82 * R | Locator Count | EID mask-len | ACT |A| Reserved | 83 * e +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 84 * c | Rsvd | Map-Version Number | EID-Prefix-AFI | 85 * o +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 86 * r | EID-Prefix | 87 * d +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 88 * | /| Priority | Weight | M Priority | M Weight | 89 * | L +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 90 * | o | Unused Flags |L|p|R| Loc-AFI | 91 * | c +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 92 * | \| Locator | 93 * +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 94 */ 95 96 #include <sys/cdefs.h> 97 #ifndef lint 98 __RCSID("$NetBSD: print-lisp.c,v 1.2 2017/01/24 23:29:14 christos Exp $"); 99 #endif 100 101 #ifdef HAVE_CONFIG_H 102 #include "config.h" 103 #endif 104 105 #include <netdissect-stdinc.h> 106 #include <netdissect.h> 107 #include <string.h> 108 #include <stdlib.h> 109 110 #include "ip.h" 111 #include "ip6.h" 112 113 #include "extract.h" 114 #include "addrtoname.h" 115 116 static const char tstr[] = " [|LISP]"; 117 118 #define IPv4_AFI 1 119 #define IPv6_AFI 2 120 #define TYPE_INDEX 4 121 #define LISP_MAP_NOTIFY_IBIT_MASK 8 122 #define LISP_MAP_REGISTER_IBIT_MASK 2 123 124 enum { 125 LISP_MAP_REQUEST = 1, 126 LISP_MAP_REPLY, 127 LISP_MAP_REGISTER, 128 LISP_MAP_NOTIFY, 129 LISP_ENCAPSULATED_CONTROL_MESSAGE = 8 130 }; 131 132 enum { 133 LISP_AUTH_NONE, 134 LISP_AUTH_SHA1, 135 LISP_AUTH_SHA256 136 }; 137 138 static const struct tok lisp_type [] = { 139 { 0, "LISP-Reserved" }, 140 { 1, "LISP-Map-Request" }, 141 { 2, "LISP-Map-Reply" }, 142 { 3, "LISP-Map-Register" }, 143 { 4, "LISP-Map-Notify" }, 144 { 8, "LISP-Encapsulated-Contol-Message" }, 145 { 0, NULL } 146 }; 147 148 /* 149 * P-Bit : Request for Proxy Map-Reply from the MS/MR 150 * S-Bit : Security Enhancement. ETR is LISP-SEC enabled. draft-ietf-lisp-sec 151 * I-Bit : 128 bit xTR-ID and 64 bit Site-ID present. 152 * xTR-ID and Site-ID help in differentiation of xTRs in multi xTR 153 * and multi Site deployment scenarios. 154 * R-Bit : Built for a Reencapsulating-Tunnel-Router. Used in Traffic 155 * Engineering and Service Chaining 156 */ 157 static const struct tok map_register_hdr_flag[] = { 158 { 0x08000000, "P-Proxy-Map-Reply" }, 159 { 0x04000000, "S-LISP-SEC-Capable" }, 160 { 0x02000000, "I-xTR-ID-Present" }, 161 { 0x01000000, "R-Build-For-RTR" }, 162 { 0x00000100, "M-Want-Map-Notify" }, 163 { 0, NULL } 164 }; 165 166 static const struct tok map_notify_hdr_flag[] = { 167 { 0x08000000, "I-xTR-ID-Present" }, 168 { 0x04000000, "R-Build-For-RTR" }, 169 { 0, NULL } 170 }; 171 172 static const struct tok auth_type[] = { 173 { LISP_AUTH_NONE, "None" }, 174 { LISP_AUTH_SHA1, "SHA1" }, 175 { LISP_AUTH_SHA256, "SHA256" }, 176 { 0, NULL} 177 }; 178 179 static const struct tok lisp_eid_action[] = { 180 { 0, "No-Action" }, 181 { 1, "Natively-Forward" }, 182 { 2, "Send-Map-Request" }, 183 { 3, "Drop" }, 184 { 0, NULL} 185 }; 186 187 static const struct tok lisp_loc_flag[] = { 188 { 0x0004, "Local-Locator" }, 189 { 0x0002, "RLoc-Probed" }, 190 { 0x0001, "Reachable" }, 191 { 0, NULL } 192 }; 193 194 typedef struct map_register_hdr { 195 nd_uint8_t type_and_flag; 196 nd_uint8_t reserved; 197 nd_uint8_t reserved_and_flag2; 198 nd_uint8_t record_count; 199 nd_uint64_t nonce; 200 nd_uint16_t key_id; 201 nd_uint16_t auth_data_len; 202 } lisp_map_register_hdr; 203 204 #define MAP_REGISTER_HDR_LEN sizeof(lisp_map_register_hdr) 205 206 typedef struct map_register_eid { 207 nd_uint32_t ttl; 208 nd_uint8_t locator_count; 209 nd_uint8_t eid_prefix_mask_length; 210 nd_uint8_t act_auth_inc_res; 211 nd_uint8_t reserved; 212 nd_uint8_t reserved_version_hi; 213 nd_uint8_t version_low; 214 nd_uint16_t eid_prefix_afi; 215 } lisp_map_register_eid; 216 217 #define MAP_REGISTER_EID_LEN sizeof(lisp_map_register_eid) 218 219 typedef struct map_register_loc { 220 nd_uint8_t priority; 221 nd_uint8_t weight; 222 nd_uint8_t m_priority; 223 nd_uint8_t m_weight; 224 nd_uint16_t unused_and_flag; 225 nd_uint16_t locator_afi; 226 } lisp_map_register_loc; 227 228 #define MAP_REGISTER_LOC_LEN sizeof(lisp_map_register_loc) 229 230 static inline uint8_t extract_lisp_type(uint8_t); 231 static inline uint8_t is_xtr_data_present(uint8_t , uint8_t); 232 static void lisp_hdr_flag(netdissect_options *, const lisp_map_register_hdr *); 233 static void action_flag(netdissect_options *, uint8_t); 234 static void loc_hdr_flag(netdissect_options *, uint16_t); 235 236 void lisp_print(netdissect_options *ndo, const u_char *bp, u_int length) 237 { 238 uint8_t type; 239 uint8_t mask_len; 240 uint8_t loc_count; 241 uint8_t xtr_present; 242 uint8_t record_count; 243 uint16_t key_id; 244 uint16_t eid_afi; 245 uint16_t loc_afi; 246 uint16_t map_version; 247 uint16_t packet_offset; 248 uint16_t auth_data_len; 249 uint32_t ttl; 250 const u_char *packet_iterator; 251 const u_char *loc_ip_pointer; 252 const lisp_map_register_hdr *lisp_hdr; 253 const lisp_map_register_eid *lisp_eid; 254 const lisp_map_register_loc *lisp_loc; 255 256 /* Check if enough bytes for header are available */ 257 ND_TCHECK2(*bp, MAP_REGISTER_HDR_LEN); 258 lisp_hdr = (const lisp_map_register_hdr *) bp; 259 lisp_hdr_flag(ndo, lisp_hdr); 260 /* Supporting only MAP NOTIFY and MAP REGISTER LISP packets */ 261 type = extract_lisp_type(lisp_hdr->type_and_flag); 262 if ((type != LISP_MAP_REGISTER) && (type != LISP_MAP_NOTIFY)) 263 return; 264 265 /* Find if the packet contains xTR and Site-ID data */ 266 xtr_present = is_xtr_data_present(type, lisp_hdr->type_and_flag); 267 268 /* Extract the number of EID records present */ 269 auth_data_len = EXTRACT_16BITS(&lisp_hdr->auth_data_len); 270 packet_iterator = (const u_char *)(lisp_hdr); 271 packet_offset = MAP_REGISTER_HDR_LEN; 272 record_count = lisp_hdr->record_count; 273 274 if (ndo->ndo_vflag) { 275 key_id = EXTRACT_16BITS(&lisp_hdr->key_id); 276 ND_PRINT((ndo, "\n %u record(s), ", record_count)); 277 ND_PRINT((ndo, "Authentication %s,", 278 tok2str(auth_type, "unknown-type", key_id))); 279 hex_print(ndo, "\n Authentication-Data: ", packet_iterator + 280 packet_offset, auth_data_len); 281 } else { 282 ND_PRINT((ndo, " %u record(s),", record_count)); 283 } 284 packet_offset += auth_data_len; 285 286 if (record_count == 0) 287 goto invalid; 288 289 /* Print all the EID records */ 290 while ((length > packet_offset) && (record_count--)) { 291 292 ND_TCHECK2(*(packet_iterator + packet_offset), MAP_REGISTER_EID_LEN); 293 ND_PRINT((ndo, "\n")); 294 lisp_eid = (const lisp_map_register_eid *) 295 ((const u_char *)lisp_hdr + packet_offset); 296 packet_offset += MAP_REGISTER_EID_LEN; 297 mask_len = lisp_eid->eid_prefix_mask_length; 298 eid_afi = EXTRACT_16BITS(&lisp_eid->eid_prefix_afi); 299 loc_count = lisp_eid->locator_count; 300 301 if (ndo->ndo_vflag) { 302 ttl = EXTRACT_32BITS(&lisp_eid->ttl); 303 ND_PRINT((ndo, " Record TTL %u,", ttl)); 304 action_flag(ndo, lisp_eid->act_auth_inc_res); 305 map_version = (((lisp_eid->reserved_version_hi) & 15 ) * 255) + 306 lisp_eid->version_low; 307 ND_PRINT((ndo, " Map Version: %u,", map_version)); 308 } 309 310 switch (eid_afi) { 311 case IPv4_AFI: 312 ND_TCHECK2(*(packet_iterator + packet_offset), 4); 313 ND_PRINT((ndo, " EID %s/%u,", ipaddr_string(ndo, 314 packet_iterator + packet_offset), mask_len)); 315 packet_offset += 4; 316 break; 317 case IPv6_AFI: 318 ND_TCHECK2(*(packet_iterator + packet_offset), 16); 319 ND_PRINT((ndo, " EID %s/%u,", ip6addr_string(ndo, 320 packet_iterator + packet_offset), mask_len)); 321 packet_offset += 16; 322 break; 323 default: 324 /* 325 * No support for LCAF right now. 326 */ 327 return; 328 break; 329 } 330 331 ND_PRINT((ndo, " %u locator(s)", loc_count)); 332 333 while (loc_count--) { 334 ND_TCHECK2(*(packet_iterator + packet_offset), MAP_REGISTER_LOC_LEN); 335 lisp_loc = (const lisp_map_register_loc *) (packet_iterator + packet_offset); 336 loc_ip_pointer = (const u_char *) (lisp_loc + 1); 337 packet_offset += MAP_REGISTER_LOC_LEN; 338 loc_afi = EXTRACT_16BITS(&lisp_loc->locator_afi); 339 340 if (ndo->ndo_vflag) 341 ND_PRINT((ndo, "\n ")); 342 343 switch (loc_afi) { 344 case IPv4_AFI: 345 ND_TCHECK2(*(packet_iterator + packet_offset), 4); 346 ND_PRINT((ndo, " LOC %s", ipaddr_string(ndo, loc_ip_pointer))); 347 packet_offset += 4; 348 break; 349 case IPv6_AFI: 350 ND_TCHECK2(*(packet_iterator + packet_offset), 16); 351 ND_PRINT((ndo, " LOC %s", ip6addr_string(ndo, loc_ip_pointer))); 352 packet_offset += 16; 353 break; 354 default: 355 break; 356 } 357 if (ndo->ndo_vflag) { 358 ND_PRINT((ndo, "\n Priority/Weight %u/%u," 359 " Multicast Priority/Weight %u/%u,", 360 lisp_loc->priority, lisp_loc->weight, 361 lisp_loc->m_priority, lisp_loc->m_weight)); 362 loc_hdr_flag(ndo, EXTRACT_16BITS(&lisp_loc->unused_and_flag)); 363 } 364 } 365 } 366 367 /* 368 * Print xTR and Site ID. Handle the fact that the packet could be invalid. 369 * If the xTR_ID_Present bit is not set, and we still have data to display, 370 * show it as hex data. 371 */ 372 if (xtr_present) { 373 if (!ND_TTEST2(*(packet_iterator + packet_offset), 24)) 374 goto invalid; 375 hex_print_with_offset(ndo, "\n xTR-ID: ", packet_iterator + packet_offset, 16, 0); 376 ND_PRINT((ndo, "\n SITE-ID: %" PRIu64, 377 EXTRACT_64BITS(packet_iterator + packet_offset + 16))); 378 } else { 379 /* Check if packet isn't over yet */ 380 if (packet_iterator + packet_offset < ndo->ndo_snapend) { 381 hex_print_with_offset(ndo, "\n Data: ", packet_iterator + packet_offset, 382 (ndo->ndo_snapend - (packet_iterator + packet_offset)), 0); 383 } 384 } 385 return; 386 trunc: 387 ND_PRINT((ndo, "\n %s", tstr)); 388 return; 389 invalid: 390 ND_PRINT((ndo, "\n %s", istr)); 391 return; 392 } 393 394 static inline uint8_t extract_lisp_type(uint8_t lisp_hdr_flags) 395 { 396 return (lisp_hdr_flags) >> TYPE_INDEX; 397 } 398 399 static inline uint8_t is_xtr_data_present(uint8_t type, uint8_t lisp_hdr_flags) 400 { 401 uint8_t xtr_present = 0; 402 403 if (type == LISP_MAP_REGISTER) 404 xtr_present = (lisp_hdr_flags) & LISP_MAP_REGISTER_IBIT_MASK; 405 else if (type == LISP_MAP_NOTIFY) 406 xtr_present = (lisp_hdr_flags) & LISP_MAP_NOTIFY_IBIT_MASK; 407 408 return xtr_present; 409 } 410 411 static void lisp_hdr_flag(netdissect_options *ndo, const lisp_map_register_hdr *lisp_hdr) 412 { 413 uint8_t type = extract_lisp_type(lisp_hdr->type_and_flag); 414 415 if (!ndo->ndo_vflag) { 416 ND_PRINT((ndo, "%s,", tok2str(lisp_type, "unknown-type-%u", type))); 417 return; 418 } else { 419 ND_PRINT((ndo, "%s,", tok2str(lisp_type, "unknown-type-%u", type))); 420 } 421 422 if (type == LISP_MAP_REGISTER) { 423 ND_PRINT((ndo, " flags [%s],", bittok2str(map_register_hdr_flag, 424 "none", EXTRACT_32BITS(lisp_hdr)))); 425 } else if (type == LISP_MAP_NOTIFY) { 426 ND_PRINT((ndo, " flags [%s],", bittok2str(map_notify_hdr_flag, 427 "none", EXTRACT_32BITS(lisp_hdr)))); 428 } 429 430 return; 431 } 432 433 static void action_flag(netdissect_options *ndo, uint8_t act_auth_inc_res) 434 { 435 uint8_t action; 436 uint8_t authoritative; 437 438 authoritative = ((act_auth_inc_res >> 4) & 1); 439 440 if (authoritative) 441 ND_PRINT((ndo, " Authoritative,")); 442 else 443 ND_PRINT((ndo, " Non-Authoritative,")); 444 445 action = act_auth_inc_res >> 5; 446 ND_PRINT((ndo, " %s,", tok2str(lisp_eid_action, "unknown", action))); 447 } 448 449 static void loc_hdr_flag(netdissect_options *ndo, uint16_t flag) 450 { 451 ND_PRINT((ndo, " flags [%s],", bittok2str(lisp_loc_flag, "none", flag))); 452 } 453 454