1/* 2 * Copyright (c) 1992, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * OSPF support contributed by Jeffrey Honig (jch@mitchell.cit.cornell.edu) 22 */ 23 24/* \summary: IPv6 Open Shortest Path First (OSPFv3) printer */ 25 26#ifdef HAVE_CONFIG_H 27#include <config.h> 28#endif 29 30#include "netdissect-stdinc.h" 31 32#include <string.h> 33 34#include "netdissect.h" 35#include "addrtoname.h" 36#include "extract.h" 37 38#include "ospf.h" 39 40#define OSPF_TYPE_HELLO 1 /* Hello */ 41#define OSPF_TYPE_DD 2 /* Database Description */ 42#define OSPF_TYPE_LS_REQ 3 /* Link State Request */ 43#define OSPF_TYPE_LS_UPDATE 4 /* Link State Update */ 44#define OSPF_TYPE_LS_ACK 5 /* Link State Ack */ 45 46/* Options *_options */ 47#define OSPF6_OPTION_V6 0x01 /* V6 bit: A bit for peeping tom */ 48#define OSPF6_OPTION_E 0x02 /* E bit: External routes advertised */ 49#define OSPF6_OPTION_MC 0x04 /* MC bit: Multicast capable */ 50#define OSPF6_OPTION_N 0x08 /* N bit: For type-7 LSA */ 51#define OSPF6_OPTION_R 0x10 /* R bit: Router bit */ 52#define OSPF6_OPTION_DC 0x20 /* DC bit: Demand circuits */ 53/* The field is actually 24-bit (RFC5340 Section A.2). */ 54#define OSPF6_OPTION_AF 0x0100 /* AF bit: Multiple address families */ 55#define OSPF6_OPTION_L 0x0200 /* L bit: Link-local signaling (LLS) */ 56#define OSPF6_OPTION_AT 0x0400 /* AT bit: Authentication trailer */ 57 58 59/* db_flags */ 60#define OSPF6_DB_INIT 0x04 /* */ 61#define OSPF6_DB_MORE 0x02 62#define OSPF6_DB_MASTER 0x01 63#define OSPF6_DB_M6 0x10 /* IPv6 MTU */ 64 65/* ls_type */ 66#define LS_TYPE_ROUTER 1 /* router link */ 67#define LS_TYPE_NETWORK 2 /* network link */ 68#define LS_TYPE_INTER_AP 3 /* Inter-Area-Prefix */ 69#define LS_TYPE_INTER_AR 4 /* Inter-Area-Router */ 70#define LS_TYPE_ASE 5 /* ASE */ 71#define LS_TYPE_GROUP 6 /* Group membership */ 72#define LS_TYPE_NSSA 7 /* NSSA */ 73#define LS_TYPE_LINK 8 /* Link LSA */ 74#define LS_TYPE_INTRA_AP 9 /* Intra-Area-Prefix */ 75#define LS_TYPE_INTRA_ATE 10 /* Intra-Area-TE */ 76#define LS_TYPE_GRACE 11 /* Grace LSA */ 77#define LS_TYPE_RI 12 /* Router information */ 78#define LS_TYPE_INTER_ASTE 13 /* Inter-AS-TE */ 79#define LS_TYPE_L1VPN 14 /* L1VPN */ 80#define LS_TYPE_MASK 0x1fff 81 82#define LS_SCOPE_LINKLOCAL 0x0000 83#define LS_SCOPE_AREA 0x2000 84#define LS_SCOPE_AS 0x4000 85#define LS_SCOPE_MASK 0x6000 86#define LS_SCOPE_U 0x8000 87 88/* rla_link.link_type */ 89#define RLA_TYPE_ROUTER 1 /* point-to-point to another router */ 90#define RLA_TYPE_TRANSIT 2 /* connection to transit network */ 91#define RLA_TYPE_VIRTUAL 4 /* virtual link */ 92 93/* rla_flags */ 94#define RLA_FLAG_B 0x01 95#define RLA_FLAG_E 0x02 96#define RLA_FLAG_V 0x04 97#define RLA_FLAG_W 0x08 98#define RLA_FLAG_Nt 0x10 99 100/* lsa_prefix options */ 101#define LSA_PREFIX_OPT_NU 0x01 102#define LSA_PREFIX_OPT_LA 0x02 103#define LSA_PREFIX_OPT_MC 0x04 104#define LSA_PREFIX_OPT_P 0x08 105#define LSA_PREFIX_OPT_DN 0x10 106#define LSA_PREFIX_OPT_N 0x20 107 108/* sla_tosmetric breakdown */ 109#define SLA_MASK_TOS 0x7f000000 110#define SLA_MASK_METRIC 0x00ffffff 111#define SLA_SHIFT_TOS 24 112 113/* asla_metric */ 114#define ASLA_FLAG_FWDADDR 0x02000000 115#define ASLA_FLAG_ROUTETAG 0x01000000 116#define ASLA_MASK_METRIC 0x00ffffff 117 118/* RFC6506 Section 4.1 */ 119#define OSPF6_AT_HDRLEN 16U 120#define OSPF6_AUTH_TYPE_HMAC 0x0001 121 122typedef nd_uint32_t rtrid_t; 123 124/* link state advertisement header */ 125struct lsa6_hdr { 126 nd_uint16_t ls_age; 127 nd_uint16_t ls_type; 128 rtrid_t ls_stateid; 129 rtrid_t ls_router; 130 nd_uint32_t ls_seq; 131 nd_uint16_t ls_chksum; 132 nd_uint16_t ls_length; 133}; 134 135/* Length of an IPv6 address, in bytes. */ 136#define IPV6_ADDR_LEN_BYTES (128/8) 137 138struct lsa6_prefix { 139 nd_uint8_t lsa_p_len; 140 nd_uint8_t lsa_p_opt; 141 nd_uint16_t lsa_p_metric; 142 nd_byte lsa_p_prefix[IPV6_ADDR_LEN_BYTES]; /* maximum length */ 143}; 144 145/* link state advertisement */ 146struct lsa6 { 147 struct lsa6_hdr ls_hdr; 148 149 /* Link state types */ 150 union { 151 /* Router links advertisements */ 152 struct { 153 union { 154 nd_uint8_t flg; 155 nd_uint32_t opt; 156 } rla_flgandopt; 157#define rla_flags rla_flgandopt.flg 158#define rla_options rla_flgandopt.opt 159 struct rlalink6 { 160 nd_uint8_t link_type; 161 nd_byte link_zero; 162 nd_uint16_t link_metric; 163 nd_uint32_t link_ifid; 164 nd_uint32_t link_nifid; 165 rtrid_t link_nrtid; 166 } rla_link[1]; /* may repeat */ 167 } un_rla; 168 169 /* Network links advertisements */ 170 struct { 171 nd_uint32_t nla_options; 172 rtrid_t nla_router[1]; /* may repeat */ 173 } un_nla; 174 175 /* Inter Area Prefix LSA */ 176 struct { 177 nd_uint32_t inter_ap_metric; 178 struct lsa6_prefix inter_ap_prefix[1]; 179 } un_inter_ap; 180 181 /* AS external links advertisements */ 182 struct { 183 nd_uint32_t asla_metric; 184 struct lsa6_prefix asla_prefix[1]; 185 /* some optional fields follow */ 186 } un_asla; 187 188#if 0 189 /* Summary links advertisements */ 190 struct { 191 nd_ipv4 sla_mask; 192 nd_uint32_t sla_tosmetric[1]; /* may repeat */ 193 } un_sla; 194 195 /* Multicast group membership */ 196 struct mcla { 197 nd_uint32_t mcla_vtype; 198 nd_ipv4 mcla_vid; 199 } un_mcla[1]; 200#endif 201 202 /* Type 7 LSA */ 203 204 /* Link LSA */ 205 struct llsa { 206 union { 207 nd_uint8_t pri; 208 nd_uint32_t opt; 209 } llsa_priandopt; 210#define llsa_priority llsa_priandopt.pri 211#define llsa_options llsa_priandopt.opt 212 nd_ipv6 llsa_lladdr; 213 nd_uint32_t llsa_nprefix; 214 struct lsa6_prefix llsa_prefix[1]; 215 } un_llsa; 216 217 /* Intra-Area-Prefix */ 218 struct { 219 nd_uint16_t intra_ap_nprefix; 220 nd_uint16_t intra_ap_lstype; 221 rtrid_t intra_ap_lsid; 222 rtrid_t intra_ap_rtid; 223 struct lsa6_prefix intra_ap_prefix[1]; 224 } un_intra_ap; 225 } lsa_un; 226}; 227 228/* 229 * the main header 230 */ 231struct ospf6hdr { 232 nd_uint8_t ospf6_version; 233 nd_uint8_t ospf6_type; 234 nd_uint16_t ospf6_len; 235 rtrid_t ospf6_routerid; 236 rtrid_t ospf6_areaid; 237 nd_uint16_t ospf6_chksum; 238 nd_uint8_t ospf6_instanceid; 239 nd_uint8_t ospf6_rsvd; 240}; 241 242/* 243 * The OSPF6 header length is 16 bytes, regardless of how your compiler 244 * might choose to pad the above structure. 245 */ 246#define OSPF6HDR_LEN 16 247 248/* Hello packet */ 249struct hello6 { 250 nd_uint32_t hello_ifid; 251 union { 252 nd_uint8_t pri; 253 nd_uint32_t opt; 254 } hello_priandopt; 255#define hello_priority hello_priandopt.pri 256#define hello_options hello_priandopt.opt 257 nd_uint16_t hello_helloint; 258 nd_uint16_t hello_deadint; 259 rtrid_t hello_dr; 260 rtrid_t hello_bdr; 261 rtrid_t hello_neighbor[1]; /* may repeat */ 262}; 263 264/* Database Description packet */ 265struct dd6 { 266 nd_uint32_t db_options; 267 nd_uint16_t db_mtu; 268 nd_uint8_t db_mbz; 269 nd_uint8_t db_flags; 270 nd_uint32_t db_seq; 271 struct lsa6_hdr db_lshdr[1]; /* may repeat */ 272}; 273 274/* Link State Request */ 275struct lsr6 { 276 nd_uint16_t ls_mbz; 277 nd_uint16_t ls_type; 278 rtrid_t ls_stateid; 279 rtrid_t ls_router; 280}; 281 282/* Link State Update */ 283struct lsu6 { 284 nd_uint32_t lsu_count; 285 struct lsa6 lsu_lsa[1]; /* may repeat */ 286}; 287 288 289static const struct tok ospf6_option_values[] = { 290 { OSPF6_OPTION_V6, "V6" }, 291 { OSPF6_OPTION_E, "External" }, 292 { OSPF6_OPTION_MC, "Deprecated" }, 293 { OSPF6_OPTION_N, "NSSA" }, 294 { OSPF6_OPTION_R, "Router" }, 295 { OSPF6_OPTION_DC, "Demand Circuit" }, 296 { OSPF6_OPTION_AF, "AFs Support" }, 297 { OSPF6_OPTION_L, "LLS" }, 298 { OSPF6_OPTION_AT, "Authentication Trailer" }, 299 { 0, NULL } 300}; 301 302static const struct tok ospf6_rla_flag_values[] = { 303 { RLA_FLAG_B, "ABR" }, 304 { RLA_FLAG_E, "External" }, 305 { RLA_FLAG_V, "Virtual-Link Endpoint" }, 306 { RLA_FLAG_W, "Deprecated" }, 307 { RLA_FLAG_Nt, "NSSA Translator" }, 308 { 0, NULL } 309}; 310 311static const struct tok ospf6_asla_flag_values[] = { 312 { ASLA_FLAG_EXTERNAL, "External Type 2" }, 313 { ASLA_FLAG_FWDADDR, "Forwarding" }, 314 { ASLA_FLAG_ROUTETAG, "Tag" }, 315 { 0, NULL } 316}; 317 318static const struct tok ospf6_type_values[] = { 319 { OSPF_TYPE_HELLO, "Hello" }, 320 { OSPF_TYPE_DD, "Database Description" }, 321 { OSPF_TYPE_LS_REQ, "LS-Request" }, 322 { OSPF_TYPE_LS_UPDATE, "LS-Update" }, 323 { OSPF_TYPE_LS_ACK, "LS-Ack" }, 324 { 0, NULL } 325}; 326 327static const struct tok ospf6_lsa_values[] = { 328 { LS_TYPE_ROUTER, "Router" }, 329 { LS_TYPE_NETWORK, "Network" }, 330 { LS_TYPE_INTER_AP, "Inter-Area Prefix" }, 331 { LS_TYPE_INTER_AR, "Inter-Area Router" }, 332 { LS_TYPE_ASE, "External" }, 333 { LS_TYPE_GROUP, "Deprecated" }, 334 { LS_TYPE_NSSA, "NSSA" }, 335 { LS_TYPE_LINK, "Link" }, 336 { LS_TYPE_INTRA_AP, "Intra-Area Prefix" }, 337 { LS_TYPE_INTRA_ATE, "Intra-Area TE" }, 338 { LS_TYPE_GRACE, "Grace" }, 339 { LS_TYPE_RI, "Router Information" }, 340 { LS_TYPE_INTER_ASTE, "Inter-AS-TE" }, 341 { LS_TYPE_L1VPN, "Layer 1 VPN" }, 342 { 0, NULL } 343}; 344 345static const struct tok ospf6_ls_scope_values[] = { 346 { LS_SCOPE_LINKLOCAL, "Link Local" }, 347 { LS_SCOPE_AREA, "Area Local" }, 348 { LS_SCOPE_AS, "Domain Wide" }, 349 { 0, NULL } 350}; 351 352static const struct tok ospf6_dd_flag_values[] = { 353 { OSPF6_DB_INIT, "Init" }, 354 { OSPF6_DB_MORE, "More" }, 355 { OSPF6_DB_MASTER, "Master" }, 356 { OSPF6_DB_M6, "IPv6 MTU" }, 357 { 0, NULL } 358}; 359 360static const struct tok ospf6_lsa_prefix_option_values[] = { 361 { LSA_PREFIX_OPT_NU, "No Unicast" }, 362 { LSA_PREFIX_OPT_LA, "Local address" }, 363 { LSA_PREFIX_OPT_MC, "Deprecated" }, 364 { LSA_PREFIX_OPT_P, "Propagate" }, 365 { LSA_PREFIX_OPT_DN, "Down" }, 366 { LSA_PREFIX_OPT_N, "N-bit" }, 367 { 0, NULL } 368}; 369 370static const struct tok ospf6_auth_type_str[] = { 371 { OSPF6_AUTH_TYPE_HMAC, "HMAC" }, 372 { 0, NULL } 373}; 374 375static void 376ospf6_print_ls_type(netdissect_options *ndo, 377 u_int ls_type, const rtrid_t *ls_stateid) 378{ 379 ND_PRINT("\n\t %s LSA (%u), %s Scope%s, LSA-ID %s", 380 tok2str(ospf6_lsa_values, "Unknown", ls_type & LS_TYPE_MASK), 381 ls_type & LS_TYPE_MASK, 382 tok2str(ospf6_ls_scope_values, "Unknown", ls_type & LS_SCOPE_MASK), 383 ls_type &0x8000 ? ", transitive" : "", /* U-bit */ 384 GET_IPADDR_STRING(ls_stateid)); 385} 386 387static int 388ospf6_print_lshdr(netdissect_options *ndo, 389 const struct lsa6_hdr *lshp, const u_char *dataend) 390{ 391 if ((const u_char *)(lshp + 1) > dataend) 392 goto trunc; 393 394 ND_PRINT("\n\t Advertising Router %s, seq 0x%08x, age %us, length %zu", 395 GET_IPADDR_STRING(lshp->ls_router), 396 GET_BE_U_4(lshp->ls_seq), 397 GET_BE_U_2(lshp->ls_age), 398 GET_BE_U_2(lshp->ls_length)-sizeof(struct lsa6_hdr)); 399 400 ospf6_print_ls_type(ndo, GET_BE_U_2(lshp->ls_type), 401 &lshp->ls_stateid); 402 403 return (0); 404trunc: 405 return (1); 406} 407 408static int 409ospf6_print_lsaprefix(netdissect_options *ndo, 410 const uint8_t *tptr, u_int lsa_length) 411{ 412 const struct lsa6_prefix *lsapp = (const struct lsa6_prefix *)tptr; 413 u_int wordlen; 414 nd_ipv6 prefix; 415 416 if (lsa_length < sizeof (*lsapp) - IPV6_ADDR_LEN_BYTES) 417 goto trunc; 418 lsa_length -= sizeof (*lsapp) - IPV6_ADDR_LEN_BYTES; 419 ND_TCHECK_LEN(lsapp, sizeof(*lsapp) - IPV6_ADDR_LEN_BYTES); 420 wordlen = (GET_U_1(lsapp->lsa_p_len) + 31) / 32; 421 if (wordlen * 4 > sizeof(nd_ipv6)) { 422 ND_PRINT(" bogus prefixlen /%u", GET_U_1(lsapp->lsa_p_len)); 423 goto trunc; 424 } 425 if (lsa_length < wordlen * 4) 426 goto trunc; 427 lsa_length -= wordlen * 4; 428 memset(prefix, 0, sizeof(prefix)); 429 GET_CPY_BYTES(prefix, lsapp->lsa_p_prefix, wordlen * 4); 430 ND_PRINT("\n\t\t%s/%u", ip6addr_string(ndo, prefix), /* local buffer, not packet data; don't use GET_IP6ADDR_STRING() */ 431 GET_U_1(lsapp->lsa_p_len)); 432 if (GET_U_1(lsapp->lsa_p_opt)) { 433 ND_PRINT(", Options [%s]", 434 bittok2str(ospf6_lsa_prefix_option_values, 435 "none", GET_U_1(lsapp->lsa_p_opt))); 436 } 437 ND_PRINT(", metric %u", GET_BE_U_2(lsapp->lsa_p_metric)); 438 return sizeof(*lsapp) - IPV6_ADDR_LEN_BYTES + wordlen * 4; 439 440trunc: 441 return -1; 442} 443 444 445/* 446 * Print a single link state advertisement. If truncated return 1, else 0. 447 */ 448static int 449ospf6_print_lsa(netdissect_options *ndo, 450 const struct lsa6 *lsap, const u_char *dataend) 451{ 452 const struct rlalink6 *rlp; 453#if 0 454 const struct tos_metric *tosp; 455#endif 456 const rtrid_t *ap; 457#if 0 458 const struct aslametric *almp; 459 const struct mcla *mcp; 460#endif 461 const struct llsa *llsap; 462 const struct lsa6_prefix *lsapp; 463#if 0 464 const uint32_t *lp; 465#endif 466 u_int prefixes; 467 int bytelen; 468 u_int length, lsa_length; 469 uint32_t flags32; 470 const uint8_t *tptr; 471 472 if (ospf6_print_lshdr(ndo, &lsap->ls_hdr, dataend)) 473 return (1); 474 length = GET_BE_U_2(lsap->ls_hdr.ls_length); 475 476 /* 477 * The LSA length includes the length of the header; 478 * it must have a value that's at least that length. 479 * If it does, find the length of what follows the 480 * header. 481 */ 482 if (length < sizeof(struct lsa6_hdr) || (const u_char *)lsap + length > dataend) 483 return (1); 484 lsa_length = length - sizeof(struct lsa6_hdr); 485 tptr = (const uint8_t *)lsap+sizeof(struct lsa6_hdr); 486 487 switch (GET_BE_U_2(lsap->ls_hdr.ls_type)) { 488 case LS_TYPE_ROUTER | LS_SCOPE_AREA: 489 if (lsa_length < sizeof (lsap->lsa_un.un_rla.rla_options)) 490 return (1); 491 lsa_length -= sizeof (lsap->lsa_un.un_rla.rla_options); 492 ND_PRINT("\n\t Options [%s]", 493 bittok2str(ospf6_option_values, "none", 494 GET_BE_U_4(lsap->lsa_un.un_rla.rla_options))); 495 ND_PRINT(", RLA-Flags [%s]", 496 bittok2str(ospf6_rla_flag_values, "none", 497 GET_U_1(lsap->lsa_un.un_rla.rla_flags))); 498 499 rlp = lsap->lsa_un.un_rla.rla_link; 500 while (lsa_length != 0) { 501 if (lsa_length < sizeof (*rlp)) 502 return (1); 503 lsa_length -= sizeof (*rlp); 504 ND_TCHECK_SIZE(rlp); 505 switch (GET_U_1(rlp->link_type)) { 506 507 case RLA_TYPE_VIRTUAL: 508 ND_PRINT("\n\t Virtual Link: Neighbor Router-ID %s" 509 "\n\t Neighbor Interface-ID %s, Interface %s", 510 GET_IPADDR_STRING(rlp->link_nrtid), 511 GET_IPADDR_STRING(rlp->link_nifid), 512 GET_IPADDR_STRING(rlp->link_ifid)); 513 break; 514 515 case RLA_TYPE_ROUTER: 516 ND_PRINT("\n\t Neighbor Router-ID %s" 517 "\n\t Neighbor Interface-ID %s, Interface %s", 518 GET_IPADDR_STRING(rlp->link_nrtid), 519 GET_IPADDR_STRING(rlp->link_nifid), 520 GET_IPADDR_STRING(rlp->link_ifid)); 521 break; 522 523 case RLA_TYPE_TRANSIT: 524 ND_PRINT("\n\t Neighbor Network-ID %s" 525 "\n\t Neighbor Interface-ID %s, Interface %s", 526 GET_IPADDR_STRING(rlp->link_nrtid), 527 GET_IPADDR_STRING(rlp->link_nifid), 528 GET_IPADDR_STRING(rlp->link_ifid)); 529 break; 530 531 default: 532 ND_PRINT("\n\t Unknown Router Links Type 0x%02x", 533 GET_U_1(rlp->link_type)); 534 return (0); 535 } 536 ND_PRINT(", metric %u", GET_BE_U_2(rlp->link_metric)); 537 rlp++; 538 } 539 break; 540 541 case LS_TYPE_NETWORK | LS_SCOPE_AREA: 542 if (lsa_length < sizeof (lsap->lsa_un.un_nla.nla_options)) 543 return (1); 544 lsa_length -= sizeof (lsap->lsa_un.un_nla.nla_options); 545 ND_PRINT("\n\t Options [%s]", 546 bittok2str(ospf6_option_values, "none", 547 GET_BE_U_4(lsap->lsa_un.un_nla.nla_options))); 548 549 ND_PRINT("\n\t Connected Routers:"); 550 ap = lsap->lsa_un.un_nla.nla_router; 551 while (lsa_length != 0) { 552 if (lsa_length < sizeof (*ap)) 553 return (1); 554 lsa_length -= sizeof (*ap); 555 ND_PRINT("\n\t\t%s", GET_IPADDR_STRING(ap)); 556 ++ap; 557 } 558 break; 559 560 case LS_TYPE_INTER_AP | LS_SCOPE_AREA: 561 if (lsa_length < sizeof (lsap->lsa_un.un_inter_ap.inter_ap_metric)) 562 return (1); 563 lsa_length -= sizeof (lsap->lsa_un.un_inter_ap.inter_ap_metric); 564 ND_PRINT(", metric %u", 565 GET_BE_U_4(lsap->lsa_un.un_inter_ap.inter_ap_metric) & SLA_MASK_METRIC); 566 567 tptr = (const uint8_t *)lsap->lsa_un.un_inter_ap.inter_ap_prefix; 568 while (lsa_length != 0) { 569 bytelen = ospf6_print_lsaprefix(ndo, tptr, lsa_length); 570 if (bytelen < 0) 571 goto trunc; 572 /* 573 * ospf6_print_lsaprefix() will return -1 if 574 * the length is too high, so this will not 575 * underflow. 576 */ 577 lsa_length -= bytelen; 578 tptr += bytelen; 579 } 580 break; 581 582 case LS_TYPE_ASE | LS_SCOPE_AS: 583 if (lsa_length < sizeof (lsap->lsa_un.un_asla.asla_metric)) 584 return (1); 585 lsa_length -= sizeof (lsap->lsa_un.un_asla.asla_metric); 586 flags32 = GET_BE_U_4(lsap->lsa_un.un_asla.asla_metric); 587 ND_PRINT("\n\t Flags [%s]", 588 bittok2str(ospf6_asla_flag_values, "none", flags32)); 589 ND_PRINT(" metric %u", 590 GET_BE_U_4(lsap->lsa_un.un_asla.asla_metric) & 591 ASLA_MASK_METRIC); 592 593 tptr = (const uint8_t *)lsap->lsa_un.un_asla.asla_prefix; 594 lsapp = (const struct lsa6_prefix *)tptr; 595 bytelen = ospf6_print_lsaprefix(ndo, tptr, lsa_length); 596 if (bytelen < 0) 597 goto trunc; 598 /* 599 * ospf6_print_lsaprefix() will return -1 if 600 * the length is too high, so this will not 601 * underflow. 602 */ 603 lsa_length -= bytelen; 604 tptr += bytelen; 605 606 if ((flags32 & ASLA_FLAG_FWDADDR) != 0) { 607 if (lsa_length < sizeof (nd_ipv6)) 608 return (1); 609 lsa_length -= sizeof (nd_ipv6); 610 ND_PRINT(" forward %s", 611 GET_IP6ADDR_STRING(tptr)); 612 tptr += sizeof(nd_ipv6); 613 } 614 615 if ((flags32 & ASLA_FLAG_ROUTETAG) != 0) { 616 if (lsa_length < sizeof (uint32_t)) 617 return (1); 618 lsa_length -= sizeof (uint32_t); 619 ND_PRINT(" tag %s", 620 GET_IPADDR_STRING(tptr)); 621 tptr += sizeof(uint32_t); 622 } 623 624 if (GET_U_1(lsapp->lsa_p_metric)) { 625 if (lsa_length < sizeof (uint32_t)) 626 return (1); 627 lsa_length -= sizeof (uint32_t); 628 ND_PRINT(" RefLSID: %s", 629 GET_IPADDR_STRING(tptr)); 630 tptr += sizeof(uint32_t); 631 } 632 break; 633 634 case LS_TYPE_LINK: 635 /* Link LSA */ 636 llsap = &lsap->lsa_un.un_llsa; 637 if (lsa_length < sizeof (llsap->llsa_priandopt)) 638 return (1); 639 lsa_length -= sizeof (llsap->llsa_priandopt); 640 ND_TCHECK_SIZE(&llsap->llsa_priandopt); 641 ND_PRINT("\n\t Options [%s]", 642 bittok2str(ospf6_option_values, "none", 643 GET_BE_U_4(llsap->llsa_options))); 644 645 if (lsa_length < sizeof (llsap->llsa_lladdr) + sizeof (llsap->llsa_nprefix)) 646 return (1); 647 lsa_length -= sizeof (llsap->llsa_lladdr) + sizeof (llsap->llsa_nprefix); 648 prefixes = GET_BE_U_4(llsap->llsa_nprefix); 649 ND_PRINT("\n\t Priority %u, Link-local address %s, Prefixes %u:", 650 GET_U_1(llsap->llsa_priority), 651 GET_IP6ADDR_STRING(llsap->llsa_lladdr), 652 prefixes); 653 654 tptr = (const uint8_t *)llsap->llsa_prefix; 655 while (prefixes > 0) { 656 bytelen = ospf6_print_lsaprefix(ndo, tptr, lsa_length); 657 if (bytelen < 0) 658 goto trunc; 659 prefixes--; 660 /* 661 * ospf6_print_lsaprefix() will return -1 if 662 * the length is too high, so this will not 663 * underflow. 664 */ 665 lsa_length -= bytelen; 666 tptr += bytelen; 667 } 668 break; 669 670 case LS_TYPE_INTRA_AP | LS_SCOPE_AREA: 671 /* Intra-Area-Prefix LSA */ 672 if (lsa_length < sizeof (lsap->lsa_un.un_intra_ap.intra_ap_rtid)) 673 return (1); 674 lsa_length -= sizeof (lsap->lsa_un.un_intra_ap.intra_ap_rtid); 675 ND_TCHECK_4(lsap->lsa_un.un_intra_ap.intra_ap_rtid); 676 ospf6_print_ls_type(ndo, 677 GET_BE_U_2(lsap->lsa_un.un_intra_ap.intra_ap_lstype), 678 &lsap->lsa_un.un_intra_ap.intra_ap_lsid); 679 680 if (lsa_length < sizeof (lsap->lsa_un.un_intra_ap.intra_ap_nprefix)) 681 return (1); 682 lsa_length -= sizeof (lsap->lsa_un.un_intra_ap.intra_ap_nprefix); 683 prefixes = GET_BE_U_2(lsap->lsa_un.un_intra_ap.intra_ap_nprefix); 684 ND_PRINT("\n\t Prefixes %u:", prefixes); 685 686 tptr = (const uint8_t *)lsap->lsa_un.un_intra_ap.intra_ap_prefix; 687 while (prefixes > 0) { 688 bytelen = ospf6_print_lsaprefix(ndo, tptr, lsa_length); 689 if (bytelen < 0) 690 goto trunc; 691 prefixes--; 692 /* 693 * ospf6_print_lsaprefix() will return -1 if 694 * the length is too high, so this will not 695 * underflow. 696 */ 697 lsa_length -= bytelen; 698 tptr += bytelen; 699 } 700 break; 701 702 case LS_TYPE_GRACE | LS_SCOPE_LINKLOCAL: 703 if (ospf_grace_lsa_print(ndo, tptr, lsa_length) == -1) { 704 return 1; 705 } 706 break; 707 708 case LS_TYPE_INTRA_ATE | LS_SCOPE_LINKLOCAL: 709 if (ospf_te_lsa_print(ndo, tptr, lsa_length) == -1) { 710 return 1; 711 } 712 break; 713 714 default: 715 if(!print_unknown_data(ndo,tptr, 716 "\n\t ", 717 lsa_length)) { 718 return (1); 719 } 720 break; 721 } 722 723 return (0); 724trunc: 725 return (1); 726} 727 728static int 729ospf6_decode_v3(netdissect_options *ndo, 730 const struct ospf6hdr *op, 731 const u_char *dataend) 732{ 733 const rtrid_t *ap; 734 const struct lsr6 *lsrp; 735 const struct lsa6_hdr *lshp; 736 const struct lsa6 *lsap; 737 int i; 738 739 switch (GET_U_1(op->ospf6_type)) { 740 741 case OSPF_TYPE_HELLO: { 742 const struct hello6 *hellop = (const struct hello6 *)((const uint8_t *)op + OSPF6HDR_LEN); 743 744 ND_PRINT("\n\tOptions [%s]", 745 bittok2str(ospf6_option_values, "none", 746 GET_BE_U_4(hellop->hello_options))); 747 748 ND_PRINT("\n\t Hello Timer %us, Dead Timer %us, Interface-ID %s, Priority %u", 749 GET_BE_U_2(hellop->hello_helloint), 750 GET_BE_U_2(hellop->hello_deadint), 751 GET_IPADDR_STRING(hellop->hello_ifid), 752 GET_U_1(hellop->hello_priority)); 753 754 if (GET_BE_U_4(hellop->hello_dr) != 0) 755 ND_PRINT("\n\t Designated Router %s", 756 GET_IPADDR_STRING(hellop->hello_dr)); 757 if (GET_BE_U_4(hellop->hello_bdr) != 0) 758 ND_PRINT(", Backup Designated Router %s", 759 GET_IPADDR_STRING(hellop->hello_bdr)); 760 if (ndo->ndo_vflag > 1) { 761 ND_PRINT("\n\t Neighbor List:"); 762 ap = hellop->hello_neighbor; 763 while ((const u_char *)ap < dataend) { 764 ND_PRINT("\n\t %s", GET_IPADDR_STRING(ap)); 765 ++ap; 766 } 767 } 768 break; /* HELLO */ 769 } 770 771 case OSPF_TYPE_DD: { 772 const struct dd6 *ddp = (const struct dd6 *)((const uint8_t *)op + OSPF6HDR_LEN); 773 774 ND_PRINT("\n\tOptions [%s]", 775 bittok2str(ospf6_option_values, "none", 776 GET_BE_U_4(ddp->db_options))); 777 ND_PRINT(", DD Flags [%s]", 778 bittok2str(ospf6_dd_flag_values,"none",GET_U_1(ddp->db_flags))); 779 780 ND_PRINT(", MTU %u, DD-Sequence 0x%08x", 781 GET_BE_U_2(ddp->db_mtu), 782 GET_BE_U_4(ddp->db_seq)); 783 if (ndo->ndo_vflag > 1) { 784 /* Print all the LS adv's */ 785 lshp = ddp->db_lshdr; 786 while ((const u_char *)lshp < dataend) { 787 if (ospf6_print_lshdr(ndo, lshp++, dataend)) 788 goto trunc; 789 } 790 } 791 break; 792 } 793 794 case OSPF_TYPE_LS_REQ: 795 if (ndo->ndo_vflag > 1) { 796 lsrp = (const struct lsr6 *)((const uint8_t *)op + OSPF6HDR_LEN); 797 while ((const u_char *)lsrp < dataend) { 798 ND_TCHECK_SIZE(lsrp); 799 ND_PRINT("\n\t Advertising Router %s", 800 GET_IPADDR_STRING(lsrp->ls_router)); 801 ospf6_print_ls_type(ndo, 802 GET_BE_U_2(lsrp->ls_type), 803 &lsrp->ls_stateid); 804 ++lsrp; 805 } 806 } 807 break; 808 809 case OSPF_TYPE_LS_UPDATE: 810 if (ndo->ndo_vflag > 1) { 811 const struct lsu6 *lsup = (const struct lsu6 *)((const uint8_t *)op + OSPF6HDR_LEN); 812 813 i = GET_BE_U_4(lsup->lsu_count); 814 lsap = lsup->lsu_lsa; 815 while ((const u_char *)lsap < dataend && i--) { 816 if (ospf6_print_lsa(ndo, lsap, dataend)) 817 goto trunc; 818 lsap = (const struct lsa6 *)((const u_char *)lsap + 819 GET_BE_U_2(lsap->ls_hdr.ls_length)); 820 } 821 } 822 break; 823 824 case OSPF_TYPE_LS_ACK: 825 if (ndo->ndo_vflag > 1) { 826 lshp = (const struct lsa6_hdr *)((const uint8_t *)op + OSPF6HDR_LEN); 827 while ((const u_char *)lshp < dataend) { 828 if (ospf6_print_lshdr(ndo, lshp++, dataend)) 829 goto trunc; 830 } 831 } 832 break; 833 834 default: 835 break; 836 } 837 return (0); 838trunc: 839 return (1); 840} 841 842/* RFC5613 Section 2.2 (w/o the TLVs) */ 843static int 844ospf6_print_lls(netdissect_options *ndo, 845 const u_char *cp, const u_int len) 846{ 847 uint16_t llsdatalen; 848 849 if (len == 0) 850 return 0; 851 if (len < OSPF_LLS_HDRLEN) 852 goto trunc; 853 /* Checksum */ 854 ND_PRINT("\n\tLLS Checksum 0x%04x", GET_BE_U_2(cp)); 855 cp += 2; 856 /* LLS Data Length */ 857 llsdatalen = GET_BE_U_2(cp); 858 ND_PRINT(", Data Length %u", llsdatalen); 859 if (llsdatalen < OSPF_LLS_HDRLEN || llsdatalen > len) 860 goto trunc; 861 cp += 2; 862 /* LLS TLVs */ 863 ND_TCHECK_LEN(cp, llsdatalen - OSPF_LLS_HDRLEN); 864 /* FIXME: code in print-ospf.c can be reused to decode the TLVs */ 865 866 return llsdatalen; 867trunc: 868 return -1; 869} 870 871/* RFC6506 Section 4.1 */ 872static int 873ospf6_decode_at(netdissect_options *ndo, 874 const u_char *cp, const u_int len) 875{ 876 uint16_t authdatalen; 877 878 if (len == 0) 879 return 0; 880 if (len < OSPF6_AT_HDRLEN) 881 goto trunc; 882 /* Authentication Type */ 883 ND_PRINT("\n\tAuthentication Type %s", 884 tok2str(ospf6_auth_type_str, "unknown (0x%04x)", GET_BE_U_2(cp))); 885 cp += 2; 886 /* Auth Data Len */ 887 authdatalen = GET_BE_U_2(cp); 888 ND_PRINT(", Length %u", authdatalen); 889 if (authdatalen < OSPF6_AT_HDRLEN || authdatalen > len) 890 goto trunc; 891 cp += 2; 892 /* Reserved */ 893 cp += 2; 894 /* Security Association ID */ 895 ND_PRINT(", SAID %u", GET_BE_U_2(cp)); 896 cp += 2; 897 /* Cryptographic Sequence Number (High-Order 32 Bits) */ 898 ND_PRINT(", CSN 0x%08x", GET_BE_U_4(cp)); 899 cp += 4; 900 /* Cryptographic Sequence Number (Low-Order 32 Bits) */ 901 ND_PRINT(":%08x", GET_BE_U_4(cp)); 902 cp += 4; 903 /* Authentication Data */ 904 ND_TCHECK_LEN(cp, authdatalen - OSPF6_AT_HDRLEN); 905 if (ndo->ndo_vflag > 1) 906 print_unknown_data(ndo,cp, "\n\tAuthentication Data ", authdatalen - OSPF6_AT_HDRLEN); 907 return 0; 908 909trunc: 910 return 1; 911} 912 913/* The trailing data may include LLS and/or AT data (in this specific order). 914 * LLS data may be present only in Hello and DBDesc packets with the L-bit set. 915 * AT data may be present in Hello and DBDesc packets with the AT-bit set or in 916 * any other packet type, thus decode the AT data regardless of the AT-bit. 917 */ 918static int 919ospf6_decode_v3_trailer(netdissect_options *ndo, 920 const struct ospf6hdr *op, const u_char *cp, const unsigned len) 921{ 922 uint8_t type; 923 int llslen = 0; 924 int lls_hello = 0; 925 int lls_dd = 0; 926 927 type = GET_U_1(op->ospf6_type); 928 if (type == OSPF_TYPE_HELLO) { 929 const struct hello6 *hellop = (const struct hello6 *)((const uint8_t *)op + OSPF6HDR_LEN); 930 if (GET_BE_U_4(hellop->hello_options) & OSPF6_OPTION_L) 931 lls_hello = 1; 932 } else if (type == OSPF_TYPE_DD) { 933 const struct dd6 *ddp = (const struct dd6 *)((const uint8_t *)op + OSPF6HDR_LEN); 934 if (GET_BE_U_4(ddp->db_options) & OSPF6_OPTION_L) 935 lls_dd = 1; 936 } 937 if ((lls_hello || lls_dd) && (llslen = ospf6_print_lls(ndo, cp, len)) < 0) 938 goto trunc; 939 return ospf6_decode_at(ndo, cp + llslen, len - llslen); 940 941trunc: 942 return 1; 943} 944 945void 946ospf6_print(netdissect_options *ndo, 947 const u_char *bp, u_int length) 948{ 949 const struct ospf6hdr *op; 950 const u_char *dataend; 951 const char *cp; 952 uint16_t datalen; 953 954 ndo->ndo_protocol = "ospf3"; 955 op = (const struct ospf6hdr *)bp; 956 957 /* If the type is valid translate it, or just print the type */ 958 /* value. If it's not valid, say so and return */ 959 cp = tok2str(ospf6_type_values, "unknown packet type (%u)", 960 GET_U_1(op->ospf6_type)); 961 ND_PRINT("OSPFv%u, %s, length %u", GET_U_1(op->ospf6_version), cp, 962 length); 963 if (*cp == 'u') { 964 return; 965 } 966 967 if(!ndo->ndo_vflag) { /* non verbose - so lets bail out here */ 968 return; 969 } 970 971 /* OSPFv3 data always comes first and optional trailing data may follow. */ 972 datalen = GET_BE_U_2(op->ospf6_len); 973 if (datalen > length) { 974 ND_PRINT(" [len %u]", datalen); 975 return; 976 } 977 dataend = bp + datalen; 978 979 ND_PRINT("\n\tRouter-ID %s", GET_IPADDR_STRING(op->ospf6_routerid)); 980 981 if (GET_BE_U_4(op->ospf6_areaid) != 0) 982 ND_PRINT(", Area %s", GET_IPADDR_STRING(op->ospf6_areaid)); 983 else 984 ND_PRINT(", Backbone Area"); 985 if (GET_U_1(op->ospf6_instanceid)) 986 ND_PRINT(", Instance %u", GET_U_1(op->ospf6_instanceid)); 987 988 /* Do rest according to version. */ 989 switch (GET_U_1(op->ospf6_version)) { 990 991 case 3: 992 /* ospf version 3 */ 993 if (ospf6_decode_v3(ndo, op, dataend) || 994 ospf6_decode_v3_trailer(ndo, op, dataend, length - datalen)) 995 goto trunc; 996 break; 997 } /* end switch on version */ 998 999 return; 1000trunc: 1001 nd_print_trunc(ndo); 1002} 1003