1 /* 2 * Copyright (C) 2002 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 #ifndef lint 32 __RCSID("$NetBSD: print-mobility.c,v 1.9 2023/08/17 20:19:40 christos Exp $"); 33 #endif 34 35 /* \summary: IPv6 mobility printer */ 36 /* RFC 3775 */ 37 38 #ifdef HAVE_CONFIG_H 39 #include <config.h> 40 #endif 41 42 #include "netdissect-stdinc.h" 43 44 #include "netdissect.h" 45 #include "addrtoname.h" 46 #include "extract.h" 47 48 #include "ip6.h" 49 50 51 /* Mobility header */ 52 struct ip6_mobility { 53 nd_uint8_t ip6m_pproto; /* following payload protocol (for PG) */ 54 nd_uint8_t ip6m_len; /* length in units of 8 octets */ 55 nd_uint8_t ip6m_type; /* message type */ 56 nd_uint8_t reserved; /* reserved */ 57 nd_uint16_t ip6m_cksum; /* sum of IPv6 pseudo-header and MH */ 58 union { 59 nd_uint16_t ip6m_un_data16[1]; /* type-specific field */ 60 nd_uint8_t ip6m_un_data8[2]; /* type-specific field */ 61 } ip6m_dataun; 62 }; 63 64 #define ip6m_data16 ip6m_dataun.ip6m_un_data16 65 #define ip6m_data8 ip6m_dataun.ip6m_un_data8 66 67 #define IP6M_MINLEN 8 68 69 /* https://www.iana.org/assignments/mobility-parameters/mobility-parameters.xhtml */ 70 71 /* message type */ 72 #define IP6M_BINDING_REQUEST 0 /* Binding Refresh Request */ 73 #define IP6M_HOME_TEST_INIT 1 /* Home Test Init */ 74 #define IP6M_CAREOF_TEST_INIT 2 /* Care-of Test Init */ 75 #define IP6M_HOME_TEST 3 /* Home Test */ 76 #define IP6M_CAREOF_TEST 4 /* Care-of Test */ 77 #define IP6M_BINDING_UPDATE 5 /* Binding Update */ 78 #define IP6M_BINDING_ACK 6 /* Binding Acknowledgement */ 79 #define IP6M_BINDING_ERROR 7 /* Binding Error */ 80 #define IP6M_MAX 7 81 82 static const struct tok ip6m_str[] = { 83 { IP6M_BINDING_REQUEST, "BRR" }, 84 { IP6M_HOME_TEST_INIT, "HoTI" }, 85 { IP6M_CAREOF_TEST_INIT, "CoTI" }, 86 { IP6M_HOME_TEST, "HoT" }, 87 { IP6M_CAREOF_TEST, "CoT" }, 88 { IP6M_BINDING_UPDATE, "BU" }, 89 { IP6M_BINDING_ACK, "BA" }, 90 { IP6M_BINDING_ERROR, "BE" }, 91 { 0, NULL } 92 }; 93 94 static const unsigned ip6m_hdrlen[IP6M_MAX + 1] = { 95 IP6M_MINLEN, /* IP6M_BINDING_REQUEST */ 96 IP6M_MINLEN + 8, /* IP6M_HOME_TEST_INIT */ 97 IP6M_MINLEN + 8, /* IP6M_CAREOF_TEST_INIT */ 98 IP6M_MINLEN + 16, /* IP6M_HOME_TEST */ 99 IP6M_MINLEN + 16, /* IP6M_CAREOF_TEST */ 100 IP6M_MINLEN + 4, /* IP6M_BINDING_UPDATE */ 101 IP6M_MINLEN + 4, /* IP6M_BINDING_ACK */ 102 IP6M_MINLEN + 16, /* IP6M_BINDING_ERROR */ 103 }; 104 105 /* Mobility Header Options */ 106 #define IP6MOPT_MINLEN 2 107 #define IP6MOPT_PAD1 0x0 /* Pad1 */ 108 #define IP6MOPT_PADN 0x1 /* PadN */ 109 #define IP6MOPT_REFRESH 0x2 /* Binding Refresh Advice */ 110 #define IP6MOPT_REFRESH_MINLEN 4 111 #define IP6MOPT_ALTCOA 0x3 /* Alternate Care-of Address */ 112 #define IP6MOPT_ALTCOA_MINLEN 18 113 #define IP6MOPT_NONCEID 0x4 /* Nonce Indices */ 114 #define IP6MOPT_NONCEID_MINLEN 6 115 #define IP6MOPT_AUTH 0x5 /* Binding Authorization Data */ 116 #define IP6MOPT_AUTH_MINLEN 12 117 118 static const struct tok ip6m_binding_update_bits [] = { 119 { 0x08, "A" }, 120 { 0x04, "H" }, 121 { 0x02, "L" }, 122 { 0x01, "K" }, 123 { 0, NULL } 124 }; 125 126 static int 127 mobility_opt_print(netdissect_options *ndo, 128 const u_char *bp, const unsigned len) 129 { 130 unsigned i, optlen; 131 132 for (i = 0; i < len; i += optlen) { 133 if (GET_U_1(bp + i) == IP6MOPT_PAD1) 134 optlen = 1; 135 else { 136 if (i + 1 < len) { 137 optlen = GET_U_1(bp + i + 1) + 2; 138 } 139 else 140 goto trunc; 141 } 142 if (i + optlen > len) 143 goto trunc; 144 ND_TCHECK_1(bp + i + optlen); 145 146 switch (GET_U_1(bp + i)) { 147 case IP6MOPT_PAD1: 148 ND_PRINT("(pad1)"); 149 break; 150 case IP6MOPT_PADN: 151 if (len - i < IP6MOPT_MINLEN) { 152 ND_PRINT("(padn: trunc)"); 153 goto trunc; 154 } 155 ND_PRINT("(padn)"); 156 break; 157 case IP6MOPT_REFRESH: 158 if (len - i < IP6MOPT_REFRESH_MINLEN) { 159 ND_PRINT("(refresh: trunc)"); 160 goto trunc; 161 } 162 /* units of 4 secs */ 163 ND_PRINT("(refresh: %u)", 164 GET_BE_U_2(bp + i + 2) << 2); 165 break; 166 case IP6MOPT_ALTCOA: 167 if (len - i < IP6MOPT_ALTCOA_MINLEN) { 168 ND_PRINT("(altcoa: trunc)"); 169 goto trunc; 170 } 171 ND_PRINT("(alt-CoA: %s)", GET_IP6ADDR_STRING(bp + i + 2)); 172 break; 173 case IP6MOPT_NONCEID: 174 if (len - i < IP6MOPT_NONCEID_MINLEN) { 175 ND_PRINT("(ni: trunc)"); 176 goto trunc; 177 } 178 ND_PRINT("(ni: ho=0x%04x co=0x%04x)", 179 GET_BE_U_2(bp + i + 2), 180 GET_BE_U_2(bp + i + 4)); 181 break; 182 case IP6MOPT_AUTH: 183 if (len - i < IP6MOPT_AUTH_MINLEN) { 184 ND_PRINT("(auth: trunc)"); 185 goto trunc; 186 } 187 ND_PRINT("(auth)"); 188 break; 189 default: 190 if (len - i < IP6MOPT_MINLEN) { 191 ND_PRINT("(sopt_type %u: trunc)", 192 GET_U_1(bp + i)); 193 goto trunc; 194 } 195 ND_PRINT("(type-0x%02x: len=%u)", GET_U_1(bp + i), 196 GET_U_1(bp + i + 1)); 197 break; 198 } 199 } 200 return 0; 201 202 trunc: 203 return 1; 204 } 205 206 /* 207 * Mobility Header 208 */ 209 int 210 mobility_print(netdissect_options *ndo, 211 const u_char *bp, const u_char *bp2 _U_) 212 { 213 const struct ip6_mobility *mh; 214 const u_char *ep; 215 unsigned mhlen, hlen; 216 uint8_t type; 217 218 ndo->ndo_protocol = "mobility"; 219 mh = (const struct ip6_mobility *)bp; 220 221 /* 'ep' points to the end of available data. */ 222 ep = ndo->ndo_snapend; 223 224 if (!ND_TTEST_1(mh->ip6m_len)) { 225 /* 226 * There's not enough captured data to include the 227 * mobility header length. 228 * 229 * Our caller expects us to return the length, however, 230 * so return a value that will run to the end of the 231 * captured data. 232 * 233 * XXX - "ip6_print()" doesn't do anything with the 234 * returned length, however, as it breaks out of the 235 * header-processing loop. 236 */ 237 mhlen = (unsigned)(ep - bp); 238 goto trunc; 239 } 240 mhlen = (GET_U_1(mh->ip6m_len) + 1) << 3; 241 242 /* XXX ip6m_cksum */ 243 244 type = GET_U_1(mh->ip6m_type); 245 if (type <= IP6M_MAX && mhlen < ip6m_hdrlen[type]) { 246 ND_PRINT("(header length %u is too small for type %u)", mhlen, type); 247 goto trunc; 248 } 249 ND_PRINT("mobility: %s", tok2str(ip6m_str, "type-#%u", type)); 250 switch (type) { 251 case IP6M_BINDING_REQUEST: 252 hlen = IP6M_MINLEN; 253 break; 254 case IP6M_HOME_TEST_INIT: 255 case IP6M_CAREOF_TEST_INIT: 256 hlen = IP6M_MINLEN; 257 if (ndo->ndo_vflag) { 258 ND_PRINT(" %s Init Cookie=%08x:%08x", 259 type == IP6M_HOME_TEST_INIT ? "Home" : "Care-of", 260 GET_BE_U_4(bp + hlen), 261 GET_BE_U_4(bp + hlen + 4)); 262 } 263 hlen += 8; 264 break; 265 case IP6M_HOME_TEST: 266 case IP6M_CAREOF_TEST: 267 ND_PRINT(" nonce id=0x%x", GET_BE_U_2(mh->ip6m_data16[0])); 268 hlen = IP6M_MINLEN; 269 if (ndo->ndo_vflag) { 270 ND_PRINT(" %s Init Cookie=%08x:%08x", 271 type == IP6M_HOME_TEST ? "Home" : "Care-of", 272 GET_BE_U_4(bp + hlen), 273 GET_BE_U_4(bp + hlen + 4)); 274 } 275 hlen += 8; 276 if (ndo->ndo_vflag) { 277 ND_PRINT(" %s Keygen Token=%08x:%08x", 278 type == IP6M_HOME_TEST ? "Home" : "Care-of", 279 GET_BE_U_4(bp + hlen), 280 GET_BE_U_4(bp + hlen + 4)); 281 } 282 hlen += 8; 283 break; 284 case IP6M_BINDING_UPDATE: 285 { 286 int bits; 287 ND_PRINT(" seq#=%u", GET_BE_U_2(mh->ip6m_data16[0])); 288 hlen = IP6M_MINLEN; 289 ND_TCHECK_2(bp + hlen); 290 bits = (GET_U_1(bp + hlen) & 0xf0) >> 4; 291 if (bits) { 292 ND_PRINT(" "); 293 ND_PRINT("%s", 294 bittok2str_nosep(ip6m_binding_update_bits, 295 "bits-#0x%x", bits)); 296 } 297 /* Reserved (4bits) */ 298 hlen += 1; 299 /* Reserved (8bits) */ 300 hlen += 1; 301 /* units of 4 secs */ 302 ND_PRINT(" lifetime=%u", GET_BE_U_2(bp + hlen) << 2); 303 hlen += 2; 304 break; 305 } 306 case IP6M_BINDING_ACK: 307 ND_PRINT(" status=%u", GET_U_1(mh->ip6m_data8[0])); 308 if (GET_U_1(mh->ip6m_data8[1]) & 0x80) 309 ND_PRINT(" K"); 310 /* Reserved (7bits) */ 311 hlen = IP6M_MINLEN; 312 ND_PRINT(" seq#=%u", GET_BE_U_2(bp + hlen)); 313 hlen += 2; 314 /* units of 4 secs */ 315 ND_PRINT(" lifetime=%u", GET_BE_U_2(bp + hlen) << 2); 316 hlen += 2; 317 break; 318 case IP6M_BINDING_ERROR: 319 ND_PRINT(" status=%u", GET_U_1(mh->ip6m_data8[0])); 320 /* Reserved */ 321 hlen = IP6M_MINLEN; 322 ND_PRINT(" homeaddr %s", GET_IP6ADDR_STRING(bp + hlen)); 323 hlen += 16; 324 break; 325 default: 326 ND_PRINT(" len=%u", GET_U_1(mh->ip6m_len)); 327 return(mhlen); 328 break; 329 } 330 if (ndo->ndo_vflag) 331 if (mobility_opt_print(ndo, bp + hlen, mhlen - hlen)) 332 goto trunc; 333 334 return(mhlen); 335 336 trunc: 337 nd_print_trunc(ndo); 338 return(-1); 339 } 340