1 /* 2 * Copyright (C) 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 #ifndef lint 32 __RCSID("$NetBSD: print-ip6opts.c,v 1.10 2026/03/19 00:05:13 christos Exp $"); 33 #endif 34 35 /* \summary: IPv6 header option printer */ 36 37 #include <config.h> 38 39 #include "netdissect-stdinc.h" 40 41 #define ND_LONGJMP_FROM_TCHECK 42 #include "netdissect.h" 43 #include "addrtoname.h" 44 #include "extract.h" 45 46 #include "ip6.h" 47 48 static int 49 ip6_sopt_print(netdissect_options *ndo, const u_char *bp, const u_int len) 50 { 51 unsigned int i, opttype, optlen; 52 53 for (i = 0; i < len; i += optlen) { 54 opttype = GET_U_1(bp + i); 55 if (opttype == IP6OPT_PAD1) 56 optlen = 1; 57 else { 58 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <, 59 IP6OPT_MINLEN); 60 optlen = GET_U_1(bp + i + 1) + 2; 61 } 62 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <, optlen); 63 ND_TCHECK_LEN(bp + i, optlen); 64 65 switch (opttype) { 66 case IP6OPT_PAD1: 67 ND_PRINT(", pad1"); 68 break; 69 case IP6OPT_PADN: 70 ND_PRINT(", padn"); 71 break; 72 default: 73 ND_PRINT(", unknown subopt-type 0x%02x len=%u", opttype, optlen - 2); 74 break; 75 } 76 } 77 return 0; 78 79 invalid: 80 return -1; 81 } 82 83 static int 84 ip6_opt_process(netdissect_options *ndo, const u_char *bp, const u_int len, 85 int *found_jumbop, uint32_t *payload_len) 86 { 87 unsigned int i, opttype, optlen; 88 int found_jumbo = 0; 89 uint32_t jumbolen = 0; 90 91 if (len == 0) 92 return 0; 93 for (i = 0; i < len; i += optlen) { 94 opttype = GET_U_1(bp + i); 95 if (opttype == IP6OPT_PAD1) 96 optlen = 1; 97 else { 98 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <, 99 IP6OPT_MINLEN); 100 optlen = GET_U_1(bp + i + 1) + 2; 101 } 102 ND_ICHECKMSG_U("remaining length", (u_int)(len - i), <, optlen); 103 ND_TCHECK_LEN(bp + i, optlen); 104 105 switch (opttype) { 106 case IP6OPT_PAD1: 107 if (ndo->ndo_vflag) 108 ND_PRINT("(pad1)"); 109 break; 110 case IP6OPT_PADN: 111 if (ndo->ndo_vflag) 112 ND_PRINT("(padn)"); 113 break; 114 case IP6OPT_ROUTER_ALERT: 115 ND_ICHECKMSG_U("(rtalert) remaining length", (u_int)(len - i), <, 116 IP6OPT_RTALERT_LEN); 117 ND_ICHECKMSG_U("(rtalert) length", optlen - 2, !=, 118 IP6OPT_RTALERT_LEN - 2); 119 if (ndo->ndo_vflag) 120 ND_PRINT("(rtalert: 0x%04x) ", GET_BE_U_2(bp + i + 2)); 121 break; 122 case IP6OPT_JUMBO: 123 ND_ICHECKMSG_U("(jumbo) remaining length", (u_int)(len - i), <, 124 IP6OPT_JUMBO_LEN); 125 ND_ICHECKMSG_U("(jumbo) length", optlen - 2, !=, 126 IP6OPT_JUMBO_LEN - 2); 127 jumbolen = GET_BE_U_4(bp + i + 2); 128 if (found_jumbo) { 129 /* More than one Jumbo Payload option */ 130 if (ndo->ndo_vflag) 131 ND_PRINT("(jumbo: %u - already seen) ", jumbolen); 132 } else { 133 found_jumbo = 1; 134 if (payload_len == NULL) { 135 /* Not a hop-by-hop option - not valid */ 136 if (ndo->ndo_vflag) 137 ND_PRINT("(jumbo: %u - not a hop-by-hop option) ", jumbolen); 138 } else if (*payload_len != 0) { 139 /* Payload length was non-zero - not valid */ 140 if (ndo->ndo_vflag) 141 ND_PRINT("(jumbo: %u - payload len != 0) ", jumbolen); 142 } else { 143 /* 144 * This is a hop-by-hop option, and Payload length 145 * was zero in the IPv6 header. 146 */ 147 if (jumbolen < 65536) { 148 /* Too short */ 149 if (ndo->ndo_vflag) 150 ND_PRINT("(jumbo: %u - < 65536) ", jumbolen); 151 } else { 152 /* OK, this is valid */ 153 *found_jumbop = 1; 154 *payload_len = jumbolen; 155 if (ndo->ndo_vflag) 156 ND_PRINT("(jumbo: %u) ", jumbolen); 157 } 158 } 159 } 160 break; 161 case IP6OPT_HOME_ADDRESS: 162 ND_ICHECKMSG_U("(homeaddr) remaining length", (u_int)(len - i), <, 163 IP6OPT_HOMEADDR_MINLEN); 164 ND_ICHECKMSG_U("(homeaddr) length", optlen - 2, <, 165 IP6OPT_HOMEADDR_MINLEN - 2); 166 if (ndo->ndo_vflag) { 167 ND_PRINT("(homeaddr: %s", GET_IP6ADDR_STRING(bp + i + 2)); 168 if (optlen > IP6OPT_HOMEADDR_MINLEN) { 169 if (ip6_sopt_print(ndo, bp + i + IP6OPT_HOMEADDR_MINLEN, 170 (optlen - IP6OPT_HOMEADDR_MINLEN)) == -1) 171 goto invalid; 172 } 173 ND_PRINT(")"); 174 } 175 break; 176 default: 177 if (ndo->ndo_vflag) 178 ND_PRINT("(unknown opt-type 0x%02x len=%u)", opttype, optlen - 2); 179 break; 180 } 181 } 182 if (ndo->ndo_vflag) 183 ND_PRINT(" "); 184 return 0; 185 186 invalid: 187 return -1; 188 } 189 190 int 191 hbhopt_process(netdissect_options *ndo, const u_char *bp, int *found_jumbo, 192 uint32_t *jumbolen) 193 { 194 const struct ip6_hbh *dp = (const struct ip6_hbh *)bp; 195 u_int hbhlen = 0; 196 197 ndo->ndo_protocol = "hbh"; 198 hbhlen = (GET_U_1(dp->ip6h_len) + 1) << 3; 199 ND_TCHECK_LEN(dp, hbhlen); 200 nd_print_protocol_caps(ndo); 201 ND_PRINT(" "); 202 if (ip6_opt_process(ndo, (const u_char *)dp + sizeof(*dp), 203 hbhlen - sizeof(*dp), found_jumbo, jumbolen) == -1) 204 goto invalid; 205 return hbhlen; 206 207 invalid: 208 nd_print_invalid(ndo); 209 return -1; 210 } 211 212 int 213 dstopt_process(netdissect_options *ndo, const u_char *bp) 214 { 215 const struct ip6_dest *dp = (const struct ip6_dest *)bp; 216 u_int dstoptlen = 0; 217 218 ndo->ndo_protocol = "dstopt"; 219 dstoptlen = (GET_U_1(dp->ip6d_len) + 1) << 3; 220 ND_TCHECK_LEN(dp, dstoptlen); 221 nd_print_protocol_caps(ndo); 222 ND_PRINT(" "); 223 if (ndo->ndo_vflag) { 224 /* 225 * The Jumbo Payload option is a hop-by-hop option; we don't 226 * honor Jumbo Payload destination options, reporting them 227 * as invalid. 228 */ 229 if (ip6_opt_process(ndo, (const u_char *)dp + sizeof(*dp), 230 dstoptlen - sizeof(*dp), NULL, NULL) == -1) 231 goto invalid; 232 } 233 234 return dstoptlen; 235 236 invalid: 237 nd_print_invalid(ndo); 238 return -1; 239 } 240
Indexes created Wed Jun 17 00:25:26 UTC 2026