1 /*
2 * Copyright (C) 2002 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30 /* \summary: IPv6 mobility printer */
31 /* RFC 6275 */
32
33 #include <config.h>
34
35 #include "netdissect-stdinc.h"
36
37 #define ND_LONGJMP_FROM_TCHECK
38 #include "netdissect.h"
39 #include "addrtoname.h"
40 #include "extract.h"
41
42 #include "ip6.h"
43
44 /* Mobility header */
45 struct ip6_mobility {
46 nd_uint8_t ip6m_pproto; /* following payload protocol (for PG) */
47 nd_uint8_t ip6m_len; /* length in units of 8 octets */
48 nd_uint8_t ip6m_type; /* message type */
49 nd_uint8_t reserved; /* reserved */
50 nd_uint16_t ip6m_cksum; /* sum of IPv6 pseudo-header and MH */
51 union {
52 nd_uint16_t ip6m_un_data16[1]; /* type-specific field */
53 nd_uint8_t ip6m_un_data8[2]; /* type-specific field */
54 } ip6m_dataun;
55 };
56
57 #define ip6m_data16 ip6m_dataun.ip6m_un_data16
58 #define ip6m_data8 ip6m_dataun.ip6m_un_data8
59
60 #define IP6M_MINLEN 8
61
62 /* https://www.iana.org/assignments/mobility-parameters/mobility-parameters.xhtml */
63
64 /* message type */
65 #define IP6M_BINDING_REQUEST 0 /* Binding Refresh Request */
66 #define IP6M_HOME_TEST_INIT 1 /* Home Test Init */
67 #define IP6M_CAREOF_TEST_INIT 2 /* Care-of Test Init */
68 #define IP6M_HOME_TEST 3 /* Home Test */
69 #define IP6M_CAREOF_TEST 4 /* Care-of Test */
70 #define IP6M_BINDING_UPDATE 5 /* Binding Update */
71 #define IP6M_BINDING_ACK 6 /* Binding Acknowledgement */
72 #define IP6M_BINDING_ERROR 7 /* Binding Error */
73 #define IP6M_MAX 7
74
75 static const struct tok ip6m_str[] = {
76 { IP6M_BINDING_REQUEST, "BRR" },
77 { IP6M_HOME_TEST_INIT, "HoTI" },
78 { IP6M_CAREOF_TEST_INIT, "CoTI" },
79 { IP6M_HOME_TEST, "HoT" },
80 { IP6M_CAREOF_TEST, "CoT" },
81 { IP6M_BINDING_UPDATE, "BU" },
82 { IP6M_BINDING_ACK, "BA" },
83 { IP6M_BINDING_ERROR, "BE" },
84 { 0, NULL }
85 };
86
87 static const unsigned ip6m_hdrlen[IP6M_MAX + 1] = {
88 IP6M_MINLEN, /* IP6M_BINDING_REQUEST */
89 IP6M_MINLEN + 8, /* IP6M_HOME_TEST_INIT */
90 IP6M_MINLEN + 8, /* IP6M_CAREOF_TEST_INIT */
91 IP6M_MINLEN + 16, /* IP6M_HOME_TEST */
92 IP6M_MINLEN + 16, /* IP6M_CAREOF_TEST */
93 IP6M_MINLEN + 8, /* IP6M_BINDING_UPDATE */
94 IP6M_MINLEN + 8, /* IP6M_BINDING_ACK */
95 IP6M_MINLEN + 16, /* IP6M_BINDING_ERROR */
96 };
97
98 /* Mobility Header Options */
99 #define IP6MOPT_MINLEN 2
100 #define IP6MOPT_PAD1 0x0 /* Pad1 */
101 #define IP6MOPT_PADN 0x1 /* PadN */
102 #define IP6MOPT_REFRESH 0x2 /* Binding Refresh Advice */
103 #define IP6MOPT_REFRESH_MINLEN 4
104 #define IP6MOPT_ALTCOA 0x3 /* Alternate Care-of Address */
105 #define IP6MOPT_ALTCOA_MINLEN 18
106 #define IP6MOPT_NONCEID 0x4 /* Nonce Indices */
107 #define IP6MOPT_NONCEID_MINLEN 6
108 #define IP6MOPT_AUTH 0x5 /* Binding Authorization Data */
109 #define IP6MOPT_AUTH_MINLEN 12
110
111 static const struct tok ip6m_binding_update_bits [] = {
112 { 0x08, "A" },
113 { 0x04, "H" },
114 { 0x02, "L" },
115 { 0x01, "K" },
116 { 0, NULL }
117 };
118
119 static int
mobility_opt_print(netdissect_options * ndo,const u_char * bp,const unsigned len)120 mobility_opt_print(netdissect_options *ndo,
121 const u_char *bp, const unsigned len)
122 {
123 unsigned i, opttype, optlen;
124
125 for (i = 0; i < len; i += optlen) {
126 opttype = GET_U_1(bp + i);
127 if (opttype == IP6MOPT_PAD1)
128 optlen = 1;
129 else {
130 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <,
131 IP6MOPT_MINLEN);
132 optlen = GET_U_1(bp + i + 1) + 2;
133 }
134 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <, optlen);
135 ND_TCHECK_LEN(bp + i, optlen);
136
137 switch (opttype) {
138 case IP6MOPT_PAD1:
139 ND_PRINT("(pad1)");
140 break;
141 case IP6MOPT_PADN:
142 ND_PRINT("(padn)");
143 break;
144 case IP6MOPT_REFRESH:
145 ND_PRINT("(refresh: ");
146 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <,
147 IP6MOPT_REFRESH_MINLEN);
148 /* units of 4 secs */
149 ND_PRINT("%u)", GET_BE_U_2(bp + i + 2) << 2);
150 break;
151 case IP6MOPT_ALTCOA:
152 ND_PRINT("(alt-CoA: ");
153 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <,
154 IP6MOPT_ALTCOA_MINLEN);
155 ND_PRINT("%s)", GET_IP6ADDR_STRING(bp + i + 2));
156 break;
157 case IP6MOPT_NONCEID:
158 ND_PRINT("(ni: ");
159 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <,
160 IP6MOPT_NONCEID_MINLEN);
161 ND_PRINT("ho=0x%04x co=0x%04x)",
162 GET_BE_U_2(bp + i + 2),
163 GET_BE_U_2(bp + i + 4));
164 break;
165 case IP6MOPT_AUTH:
166 ND_PRINT("(auth)");
167 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <,
168 IP6MOPT_AUTH_MINLEN);
169 break;
170 default:
171 ND_PRINT("(unknown: ");
172 ND_PRINT("type-#%u len=%u)", opttype, optlen - 2);
173 break;
174 }
175 }
176 return 0;
177
178 invalid:
179 return 1;
180 }
181
182 /*
183 * Mobility Header
184 */
185 int
mobility_print(netdissect_options * ndo,const u_char * bp,const u_char * bp2 _U_)186 mobility_print(netdissect_options *ndo,
187 const u_char *bp, const u_char *bp2 _U_)
188 {
189 const struct ip6_mobility *mh;
190 unsigned mhlen, hlen;
191 uint8_t pproto, type;
192
193 ndo->ndo_protocol = "mobility";
194 nd_print_protocol(ndo);
195 ND_PRINT(": ");
196 mh = (const struct ip6_mobility *)bp;
197
198 pproto = GET_U_1(mh->ip6m_pproto);
199 if (pproto != IPPROTO_NONE)
200 ND_PRINT("(payload protocol %u should be %u) ", pproto,
201 IPPROTO_NONE);
202
203 mhlen = (GET_U_1(mh->ip6m_len) + 1) << 3;
204
205 /* XXX ip6m_cksum */
206
207 type = GET_U_1(mh->ip6m_type);
208 ND_PRINT("%s", tok2str(ip6m_str, "type-#%u", type));
209 if (type <= IP6M_MAX && mhlen < ip6m_hdrlen[type]) {
210 ND_PRINT(" (header length %u < %u)", mhlen, ip6m_hdrlen[type]);
211 goto invalid;
212 }
213 switch (type) {
214 case IP6M_BINDING_REQUEST:
215 hlen = IP6M_MINLEN;
216 break;
217 case IP6M_HOME_TEST_INIT:
218 case IP6M_CAREOF_TEST_INIT:
219 hlen = IP6M_MINLEN;
220 if (ndo->ndo_vflag) {
221 ND_PRINT(" %s Init Cookie=%08x:%08x",
222 type == IP6M_HOME_TEST_INIT ? "Home" : "Care-of",
223 GET_BE_U_4(bp + hlen),
224 GET_BE_U_4(bp + hlen + 4));
225 }
226 hlen += 8;
227 break;
228 case IP6M_HOME_TEST:
229 case IP6M_CAREOF_TEST:
230 ND_PRINT(" nonce id=0x%x", GET_BE_U_2(mh->ip6m_data16[0]));
231 hlen = IP6M_MINLEN;
232 if (ndo->ndo_vflag) {
233 ND_PRINT(" %s Init Cookie=%08x:%08x",
234 type == IP6M_HOME_TEST ? "Home" : "Care-of",
235 GET_BE_U_4(bp + hlen),
236 GET_BE_U_4(bp + hlen + 4));
237 }
238 hlen += 8;
239 if (ndo->ndo_vflag) {
240 ND_PRINT(" %s Keygen Token=%08x:%08x",
241 type == IP6M_HOME_TEST ? "Home" : "Care-of",
242 GET_BE_U_4(bp + hlen),
243 GET_BE_U_4(bp + hlen + 4));
244 }
245 hlen += 8;
246 break;
247 case IP6M_BINDING_UPDATE:
248 {
249 int bits;
250 ND_PRINT(" seq#=%u", GET_BE_U_2(mh->ip6m_data16[0]));
251 hlen = IP6M_MINLEN;
252 bits = (GET_U_1(bp + hlen) & 0xf0) >> 4;
253 if (bits) {
254 ND_PRINT(" ");
255 ND_PRINT("%s",
256 bittok2str_nosep(ip6m_binding_update_bits,
257 "bits-#0x%x", bits));
258 }
259 /* Reserved (4bits) */
260 hlen += 1;
261 /* Reserved (8bits) */
262 hlen += 1;
263 /* units of 4 secs */
264 ND_PRINT(" lifetime=%u", GET_BE_U_2(bp + hlen) << 2);
265 hlen += 2;
266 break;
267 }
268 case IP6M_BINDING_ACK:
269 ND_PRINT(" status=%u", GET_U_1(mh->ip6m_data8[0]));
270 if (GET_U_1(mh->ip6m_data8[1]) & 0x80)
271 ND_PRINT(" K");
272 /* Reserved (7bits) */
273 hlen = IP6M_MINLEN;
274 ND_PRINT(" seq#=%u", GET_BE_U_2(bp + hlen));
275 hlen += 2;
276 /* units of 4 secs */
277 ND_PRINT(" lifetime=%u", GET_BE_U_2(bp + hlen) << 2);
278 hlen += 2;
279 break;
280 case IP6M_BINDING_ERROR:
281 ND_PRINT(" status=%u", GET_U_1(mh->ip6m_data8[0]));
282 /* Reserved */
283 hlen = IP6M_MINLEN;
284 ND_PRINT(" homeaddr %s", GET_IP6ADDR_STRING(bp + hlen));
285 hlen += 16;
286 break;
287 default:
288 ND_PRINT(" len=%u", GET_U_1(mh->ip6m_len));
289 return(mhlen);
290 break;
291 }
292 if (ndo->ndo_vflag)
293 if (mobility_opt_print(ndo, bp + hlen, mhlen - hlen))
294 goto invalid;
295
296 return(mhlen);
297
298 invalid:
299 nd_print_invalid(ndo);
300 return(-1);
301 }
302