print-hncp.c revision 356341
1/* 2 * Copyright (c) 2016 Antonin D��cimo, Jean-Rapha��l Gaglione 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. Neither the name of the project nor the names of its contributors 13 * may be used to endorse or promote products derived from this software 14 * without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29/* \summary: Home Networking Control Protocol (HNCP) printer */ 30 31#ifdef HAVE_CONFIG_H 32#include "config.h" 33#endif 34 35#include <netdissect-stdinc.h> 36 37#include <stdlib.h> 38#include <string.h> 39 40#include "netdissect.h" 41#include "addrtoname.h" 42#include "extract.h" 43 44static void 45hncp_print_rec(netdissect_options *ndo, 46 const u_char *cp, u_int length, int indent); 47 48void 49hncp_print(netdissect_options *ndo, 50 const u_char *cp, u_int length) 51{ 52 ND_PRINT((ndo, "hncp (%d)", length)); 53 hncp_print_rec(ndo, cp, length, 1); 54} 55 56/* RFC7787 */ 57#define DNCP_REQUEST_NETWORK_STATE 1 58#define DNCP_REQUEST_NODE_STATE 2 59#define DNCP_NODE_ENDPOINT 3 60#define DNCP_NETWORK_STATE 4 61#define DNCP_NODE_STATE 5 62#define DNCP_PEER 8 63#define DNCP_KEEP_ALIVE_INTERVAL 9 64#define DNCP_TRUST_VERDICT 10 65 66/* RFC7788 */ 67#define HNCP_HNCP_VERSION 32 68#define HNCP_EXTERNAL_CONNECTION 33 69#define HNCP_DELEGATED_PREFIX 34 70#define HNCP_PREFIX_POLICY 43 71#define HNCP_DHCPV4_DATA 37 /* This is correct, see RFC 7788 Errata ID 5113. */ 72#define HNCP_DHCPV6_DATA 38 /* idem */ 73#define HNCP_ASSIGNED_PREFIX 35 74#define HNCP_NODE_ADDRESS 36 75#define HNCP_DNS_DELEGATED_ZONE 39 76#define HNCP_DOMAIN_NAME 40 77#define HNCP_NODE_NAME 41 78#define HNCP_MANAGED_PSK 42 79 80/* See type_mask in hncp_print_rec below */ 81#define RANGE_DNCP_RESERVED 0x10000 82#define RANGE_HNCP_UNASSIGNED 0x10001 83#define RANGE_DNCP_PRIVATE_USE 0x10002 84#define RANGE_DNCP_FUTURE_USE 0x10003 85 86static const struct tok type_values[] = { 87 { DNCP_REQUEST_NETWORK_STATE, "Request network state" }, 88 { DNCP_REQUEST_NODE_STATE, "Request node state" }, 89 { DNCP_NODE_ENDPOINT, "Node endpoint" }, 90 { DNCP_NETWORK_STATE, "Network state" }, 91 { DNCP_NODE_STATE, "Node state" }, 92 { DNCP_PEER, "Peer" }, 93 { DNCP_KEEP_ALIVE_INTERVAL, "Keep-alive interval" }, 94 { DNCP_TRUST_VERDICT, "Trust-Verdict" }, 95 96 { HNCP_HNCP_VERSION, "HNCP-Version" }, 97 { HNCP_EXTERNAL_CONNECTION, "External-Connection" }, 98 { HNCP_DELEGATED_PREFIX, "Delegated-Prefix" }, 99 { HNCP_PREFIX_POLICY, "Prefix-Policy" }, 100 { HNCP_DHCPV4_DATA, "DHCPv4-Data" }, 101 { HNCP_DHCPV6_DATA, "DHCPv6-Data" }, 102 { HNCP_ASSIGNED_PREFIX, "Assigned-Prefix" }, 103 { HNCP_NODE_ADDRESS, "Node-Address" }, 104 { HNCP_DNS_DELEGATED_ZONE, "DNS-Delegated-Zone" }, 105 { HNCP_DOMAIN_NAME, "Domain-Name" }, 106 { HNCP_NODE_NAME, "Node-Name" }, 107 { HNCP_MANAGED_PSK, "Managed-PSK" }, 108 109 { RANGE_DNCP_RESERVED, "Reserved" }, 110 { RANGE_HNCP_UNASSIGNED, "Unassigned" }, 111 { RANGE_DNCP_PRIVATE_USE, "Private use" }, 112 { RANGE_DNCP_FUTURE_USE, "Future use" }, 113 114 { 0, NULL} 115}; 116 117#define DH4OPT_DNS_SERVERS 6 /* RFC2132 */ 118#define DH4OPT_NTP_SERVERS 42 /* RFC2132 */ 119#define DH4OPT_DOMAIN_SEARCH 119 /* RFC3397 */ 120 121static const struct tok dh4opt_str[] = { 122 { DH4OPT_DNS_SERVERS, "DNS-server" }, 123 { DH4OPT_NTP_SERVERS, "NTP-server"}, 124 { DH4OPT_DOMAIN_SEARCH, "DNS-search" }, 125 { 0, NULL } 126}; 127 128#define DH6OPT_DNS_SERVERS 23 /* RFC3646 */ 129#define DH6OPT_DOMAIN_LIST 24 /* RFC3646 */ 130#define DH6OPT_SNTP_SERVERS 31 /* RFC4075 */ 131 132static const struct tok dh6opt_str[] = { 133 { DH6OPT_DNS_SERVERS, "DNS-server" }, 134 { DH6OPT_DOMAIN_LIST, "DNS-search-list" }, 135 { DH6OPT_SNTP_SERVERS, "SNTP-servers" }, 136 { 0, NULL } 137}; 138 139/* 140 * For IPv4-mapped IPv6 addresses, length of the prefix that precedes 141 * the 4 bytes of IPv4 address at the end of the IPv6 address. 142 */ 143#define IPV4_MAPPED_HEADING_LEN 12 144 145/* 146 * Is an IPv6 address an IPv4-mapped address? 147 */ 148static inline int 149is_ipv4_mapped_address(const u_char *addr) 150{ 151 /* The value of the prefix */ 152 static const u_char ipv4_mapped_heading[IPV4_MAPPED_HEADING_LEN] = 153 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF }; 154 155 return memcmp(addr, ipv4_mapped_heading, IPV4_MAPPED_HEADING_LEN) == 0; 156} 157 158static const char * 159format_nid(const u_char *data) 160{ 161 static char buf[4][sizeof("01:01:01:01")]; 162 static int i = 0; 163 i = (i + 1) % 4; 164 snprintf(buf[i], sizeof(buf[i]), "%02x:%02x:%02x:%02x", 165 data[0], data[1], data[2], data[3]); 166 return buf[i]; 167} 168 169static const char * 170format_256(const u_char *data) 171{ 172 static char buf[4][sizeof("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")]; 173 static int i = 0; 174 i = (i + 1) % 4; 175 snprintf(buf[i], sizeof(buf[i]), "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64, 176 EXTRACT_64BITS(data), 177 EXTRACT_64BITS(data + 8), 178 EXTRACT_64BITS(data + 16), 179 EXTRACT_64BITS(data + 24) 180 ); 181 return buf[i]; 182} 183 184static const char * 185format_interval(const uint32_t n) 186{ 187 static char buf[4][sizeof("0000000.000s")]; 188 static int i = 0; 189 i = (i + 1) % 4; 190 snprintf(buf[i], sizeof(buf[i]), "%u.%03us", n / 1000, n % 1000); 191 return buf[i]; 192} 193 194static const char * 195format_ip6addr(netdissect_options *ndo, const u_char *cp) 196{ 197 if (is_ipv4_mapped_address(cp)) 198 return ipaddr_string(ndo, cp + IPV4_MAPPED_HEADING_LEN); 199 else 200 return ip6addr_string(ndo, cp); 201} 202 203static int 204print_prefix(netdissect_options *ndo, const u_char *prefix, u_int max_length) 205{ 206 int plenbytes; 207 char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::/128")]; 208 209 if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 && 210 is_ipv4_mapped_address(&prefix[1])) { 211 struct in_addr addr; 212 u_int plen; 213 214 plen = prefix[0]-96; 215 if (32 < plen) 216 return -1; 217 max_length -= 1; 218 219 memset(&addr, 0, sizeof(addr)); 220 plenbytes = (plen + 7) / 8; 221 if (max_length < (u_int)plenbytes + IPV4_MAPPED_HEADING_LEN) 222 return -3; 223 memcpy(&addr, &prefix[1 + IPV4_MAPPED_HEADING_LEN], plenbytes); 224 if (plen % 8) { 225 ((u_char *)&addr)[plenbytes - 1] &= 226 ((0xff00 >> (plen % 8)) & 0xff); 227 } 228 snprintf(buf, sizeof(buf), "%s/%d", ipaddr_string(ndo, &addr), plen); 229 plenbytes += 1 + IPV4_MAPPED_HEADING_LEN; 230 } else { 231 plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf)); 232 if (plenbytes < 0) 233 return plenbytes; 234 } 235 236 ND_PRINT((ndo, "%s", buf)); 237 return plenbytes; 238} 239 240static int 241print_dns_label(netdissect_options *ndo, 242 const u_char *cp, u_int max_length, int print) 243{ 244 u_int length = 0; 245 while (length < max_length) { 246 u_int lab_length = cp[length++]; 247 if (lab_length == 0) 248 return (int)length; 249 if (length > 1 && print) 250 safeputchar(ndo, '.'); 251 if (length+lab_length > max_length) { 252 if (print) 253 safeputs(ndo, cp+length, max_length-length); 254 break; 255 } 256 if (print) 257 safeputs(ndo, cp+length, lab_length); 258 length += lab_length; 259 } 260 if (print) 261 ND_PRINT((ndo, "[|DNS]")); 262 return -1; 263} 264 265static int 266dhcpv4_print(netdissect_options *ndo, 267 const u_char *cp, u_int length, int indent) 268{ 269 u_int i, t; 270 const u_char *tlv, *value; 271 uint8_t type, optlen; 272 273 i = 0; 274 while (i < length) { 275 if (i + 2 > length) 276 return -1; 277 tlv = cp + i; 278 type = (uint8_t)tlv[0]; 279 optlen = (uint8_t)tlv[1]; 280 value = tlv + 2; 281 282 ND_PRINT((ndo, "\n")); 283 for (t = indent; t > 0; t--) 284 ND_PRINT((ndo, "\t")); 285 286 ND_PRINT((ndo, "%s", tok2str(dh4opt_str, "Unknown", type))); 287 ND_PRINT((ndo," (%u)", optlen + 2 )); 288 if (i + 2 + optlen > length) 289 return -1; 290 291 switch (type) { 292 case DH4OPT_DNS_SERVERS: 293 case DH4OPT_NTP_SERVERS: { 294 if (optlen < 4 || optlen % 4 != 0) { 295 return -1; 296 } 297 for (t = 0; t < optlen; t += 4) 298 ND_PRINT((ndo, " %s", ipaddr_string(ndo, value + t))); 299 } 300 break; 301 case DH4OPT_DOMAIN_SEARCH: { 302 const u_char *tp = value; 303 while (tp < value + optlen) { 304 ND_PRINT((ndo, " ")); 305 if ((tp = ns_nprint(ndo, tp, value + optlen)) == NULL) 306 return -1; 307 } 308 } 309 break; 310 } 311 312 i += 2 + optlen; 313 } 314 return 0; 315} 316 317static int 318dhcpv6_print(netdissect_options *ndo, 319 const u_char *cp, u_int length, int indent) 320{ 321 u_int i, t; 322 const u_char *tlv, *value; 323 uint16_t type, optlen; 324 325 i = 0; 326 while (i < length) { 327 if (i + 4 > length) 328 return -1; 329 tlv = cp + i; 330 type = EXTRACT_16BITS(tlv); 331 optlen = EXTRACT_16BITS(tlv + 2); 332 value = tlv + 4; 333 334 ND_PRINT((ndo, "\n")); 335 for (t = indent; t > 0; t--) 336 ND_PRINT((ndo, "\t")); 337 338 ND_PRINT((ndo, "%s", tok2str(dh6opt_str, "Unknown", type))); 339 ND_PRINT((ndo," (%u)", optlen + 4 )); 340 if (i + 4 + optlen > length) 341 return -1; 342 343 switch (type) { 344 case DH6OPT_DNS_SERVERS: 345 case DH6OPT_SNTP_SERVERS: { 346 if (optlen % 16 != 0) { 347 ND_PRINT((ndo, " %s", istr)); 348 return -1; 349 } 350 for (t = 0; t < optlen; t += 16) 351 ND_PRINT((ndo, " %s", ip6addr_string(ndo, value + t))); 352 } 353 break; 354 case DH6OPT_DOMAIN_LIST: { 355 const u_char *tp = value; 356 while (tp < value + optlen) { 357 ND_PRINT((ndo, " ")); 358 if ((tp = ns_nprint(ndo, tp, value + optlen)) == NULL) 359 return -1; 360 } 361 } 362 break; 363 } 364 365 i += 4 + optlen; 366 } 367 return 0; 368} 369 370/* Determine in-line mode */ 371static int 372is_in_line(netdissect_options *ndo, int indent) 373{ 374 return indent - 1 >= ndo->ndo_vflag && ndo->ndo_vflag < 3; 375} 376 377static void 378print_type_in_line(netdissect_options *ndo, 379 uint32_t type, int count, int indent, int *first_one) 380{ 381 if (count > 0) { 382 if (*first_one) { 383 *first_one = 0; 384 if (indent > 1) { 385 u_int t; 386 ND_PRINT((ndo, "\n")); 387 for (t = indent; t > 0; t--) 388 ND_PRINT((ndo, "\t")); 389 } else { 390 ND_PRINT((ndo, " ")); 391 } 392 } else { 393 ND_PRINT((ndo, ", ")); 394 } 395 ND_PRINT((ndo, "%s", tok2str(type_values, "Easter Egg", type))); 396 if (count > 1) 397 ND_PRINT((ndo, " (x%d)", count)); 398 } 399} 400 401void 402hncp_print_rec(netdissect_options *ndo, 403 const u_char *cp, u_int length, int indent) 404{ 405 const int in_line = is_in_line(ndo, indent); 406 int first_one = 1; 407 408 u_int i, t; 409 410 uint32_t last_type_mask = 0xffffffffU; 411 int last_type_count = -1; 412 413 const u_char *tlv, *value; 414 uint16_t type, bodylen; 415 uint32_t type_mask; 416 417 i = 0; 418 while (i < length) { 419 tlv = cp + i; 420 421 if (!in_line) { 422 ND_PRINT((ndo, "\n")); 423 for (t = indent; t > 0; t--) 424 ND_PRINT((ndo, "\t")); 425 } 426 427 ND_TCHECK2(*tlv, 4); 428 if (i + 4 > length) 429 goto invalid; 430 431 type = EXTRACT_16BITS(tlv); 432 bodylen = EXTRACT_16BITS(tlv + 2); 433 value = tlv + 4; 434 ND_TCHECK2(*value, bodylen); 435 if (i + bodylen + 4 > length) 436 goto invalid; 437 438 type_mask = 439 (type == 0) ? RANGE_DNCP_RESERVED: 440 (44 <= type && type <= 511) ? RANGE_HNCP_UNASSIGNED: 441 (768 <= type && type <= 1023) ? RANGE_DNCP_PRIVATE_USE: 442 RANGE_DNCP_FUTURE_USE; 443 if (type == 6 || type == 7) 444 type_mask = RANGE_DNCP_FUTURE_USE; 445 446 /* defined types */ 447 { 448 t = 0; 449 while (1) { 450 u_int key = type_values[t++].v; 451 if (key > 0xffff) 452 break; 453 if (key == type) { 454 type_mask = type; 455 break; 456 } 457 } 458 } 459 460 if (in_line) { 461 if (last_type_mask == type_mask) { 462 last_type_count++; 463 } else { 464 print_type_in_line(ndo, last_type_mask, last_type_count, indent, &first_one); 465 last_type_mask = type_mask; 466 last_type_count = 1; 467 } 468 469 goto skip_multiline; 470 } 471 472 ND_PRINT((ndo,"%s", tok2str(type_values, "Easter Egg (42)", type_mask) )); 473 if (type_mask > 0xffff) 474 ND_PRINT((ndo,": type=%u", type )); 475 ND_PRINT((ndo," (%u)", bodylen + 4 )); 476 477 switch (type_mask) { 478 479 case DNCP_REQUEST_NETWORK_STATE: { 480 if (bodylen != 0) 481 ND_PRINT((ndo, " %s", istr)); 482 } 483 break; 484 485 case DNCP_REQUEST_NODE_STATE: { 486 const char *node_identifier; 487 if (bodylen != 4) { 488 ND_PRINT((ndo, " %s", istr)); 489 break; 490 } 491 node_identifier = format_nid(value); 492 ND_PRINT((ndo, " NID: %s", node_identifier)); 493 } 494 break; 495 496 case DNCP_NODE_ENDPOINT: { 497 const char *node_identifier; 498 uint32_t endpoint_identifier; 499 if (bodylen != 8) { 500 ND_PRINT((ndo, " %s", istr)); 501 break; 502 } 503 node_identifier = format_nid(value); 504 endpoint_identifier = EXTRACT_32BITS(value + 4); 505 ND_PRINT((ndo, " NID: %s EPID: %08x", 506 node_identifier, 507 endpoint_identifier 508 )); 509 } 510 break; 511 512 case DNCP_NETWORK_STATE: { 513 uint64_t hash; 514 if (bodylen != 8) { 515 ND_PRINT((ndo, " %s", istr)); 516 break; 517 } 518 hash = EXTRACT_64BITS(value); 519 ND_PRINT((ndo, " hash: %016" PRIx64, hash)); 520 } 521 break; 522 523 case DNCP_NODE_STATE: { 524 const char *node_identifier, *interval; 525 uint32_t sequence_number; 526 uint64_t hash; 527 if (bodylen < 20) { 528 ND_PRINT((ndo, " %s", istr)); 529 break; 530 } 531 node_identifier = format_nid(value); 532 sequence_number = EXTRACT_32BITS(value + 4); 533 interval = format_interval(EXTRACT_32BITS(value + 8)); 534 hash = EXTRACT_64BITS(value + 12); 535 ND_PRINT((ndo, " NID: %s seqno: %u %s hash: %016" PRIx64, 536 node_identifier, 537 sequence_number, 538 interval, 539 hash 540 )); 541 hncp_print_rec(ndo, value+20, bodylen-20, indent+1); 542 } 543 break; 544 545 case DNCP_PEER: { 546 const char *peer_node_identifier; 547 uint32_t peer_endpoint_identifier, endpoint_identifier; 548 if (bodylen != 12) { 549 ND_PRINT((ndo, " %s", istr)); 550 break; 551 } 552 peer_node_identifier = format_nid(value); 553 peer_endpoint_identifier = EXTRACT_32BITS(value + 4); 554 endpoint_identifier = EXTRACT_32BITS(value + 8); 555 ND_PRINT((ndo, " Peer-NID: %s Peer-EPID: %08x Local-EPID: %08x", 556 peer_node_identifier, 557 peer_endpoint_identifier, 558 endpoint_identifier 559 )); 560 } 561 break; 562 563 case DNCP_KEEP_ALIVE_INTERVAL: { 564 uint32_t endpoint_identifier; 565 const char *interval; 566 if (bodylen < 8) { 567 ND_PRINT((ndo, " %s", istr)); 568 break; 569 } 570 endpoint_identifier = EXTRACT_32BITS(value); 571 interval = format_interval(EXTRACT_32BITS(value + 4)); 572 ND_PRINT((ndo, " EPID: %08x Interval: %s", 573 endpoint_identifier, 574 interval 575 )); 576 } 577 break; 578 579 case DNCP_TRUST_VERDICT: { 580 if (bodylen <= 36) { 581 ND_PRINT((ndo, " %s", istr)); 582 break; 583 } 584 ND_PRINT((ndo, " Verdict: %u Fingerprint: %s Common Name: ", 585 *value, 586 format_256(value + 4))); 587 safeputs(ndo, value + 36, bodylen - 36); 588 } 589 break; 590 591 case HNCP_HNCP_VERSION: { 592 uint16_t capabilities; 593 uint8_t M, P, H, L; 594 if (bodylen < 5) { 595 ND_PRINT((ndo, " %s", istr)); 596 break; 597 } 598 capabilities = EXTRACT_16BITS(value + 2); 599 M = (uint8_t)((capabilities >> 12) & 0xf); 600 P = (uint8_t)((capabilities >> 8) & 0xf); 601 H = (uint8_t)((capabilities >> 4) & 0xf); 602 L = (uint8_t)(capabilities & 0xf); 603 ND_PRINT((ndo, " M: %u P: %u H: %u L: %u User-agent: ", 604 M, P, H, L 605 )); 606 safeputs(ndo, value + 4, bodylen - 4); 607 } 608 break; 609 610 case HNCP_EXTERNAL_CONNECTION: { 611 /* Container TLV */ 612 hncp_print_rec(ndo, value, bodylen, indent+1); 613 } 614 break; 615 616 case HNCP_DELEGATED_PREFIX: { 617 int l; 618 if (bodylen < 9 || bodylen < 9 + (value[8] + 7) / 8) { 619 ND_PRINT((ndo, " %s", istr)); 620 break; 621 } 622 ND_PRINT((ndo, " VLSO: %s PLSO: %s Prefix: ", 623 format_interval(EXTRACT_32BITS(value)), 624 format_interval(EXTRACT_32BITS(value + 4)) 625 )); 626 l = print_prefix(ndo, value + 8, bodylen - 8); 627 if (l == -1) { 628 ND_PRINT((ndo, "(length is invalid)")); 629 break; 630 } 631 if (l < 0) { 632 /* 633 * We've already checked that we've captured the 634 * entire TLV, based on its length, so this will 635 * either be -1, meaning "the prefix length is 636 * greater than the longest possible address of 637 * that type" (i.e., > 32 for IPv4 or > 128 for 638 * IPv6", or -3, meaning "the prefix runs past 639 * the end of the TLV". 640 */ 641 ND_PRINT((ndo, " %s", istr)); 642 break; 643 } 644 l += 8 + (-l & 3); 645 646 if (bodylen >= l) 647 hncp_print_rec(ndo, value + l, bodylen - l, indent+1); 648 } 649 break; 650 651 case HNCP_PREFIX_POLICY: { 652 uint8_t policy; 653 int l; 654 if (bodylen < 1) { 655 ND_PRINT((ndo, " %s", istr)); 656 break; 657 } 658 policy = value[0]; 659 ND_PRINT((ndo, " type: ")); 660 if (policy == 0) { 661 if (bodylen != 1) { 662 ND_PRINT((ndo, " %s", istr)); 663 break; 664 } 665 ND_PRINT((ndo, "Internet connectivity")); 666 } else if (policy >= 1 && policy <= 128) { 667 ND_PRINT((ndo, "Dest-Prefix: ")); 668 l = print_prefix(ndo, value, bodylen); 669 if (l == -1) { 670 ND_PRINT((ndo, "(length is invalid)")); 671 break; 672 } 673 if (l < 0) { 674 /* 675 * We've already checked that we've captured the 676 * entire TLV, based on its length, so this will 677 * either be -1, meaning "the prefix length is 678 * greater than the longest possible address of 679 * that type" (i.e., > 32 for IPv4 or > 128 for 680 * IPv6", or -3, meaning "the prefix runs past 681 * the end of the TLV". 682 */ 683 ND_PRINT((ndo, " %s", istr)); 684 break; 685 } 686 } else if (policy == 129) { 687 ND_PRINT((ndo, "DNS domain: ")); 688 print_dns_label(ndo, value+1, bodylen-1, 1); 689 } else if (policy == 130) { 690 ND_PRINT((ndo, "Opaque UTF-8: ")); 691 safeputs(ndo, value + 1, bodylen - 1); 692 } else if (policy == 131) { 693 if (bodylen != 1) { 694 ND_PRINT((ndo, " %s", istr)); 695 break; 696 } 697 ND_PRINT((ndo, "Restrictive assignment")); 698 } else if (policy >= 132) { 699 ND_PRINT((ndo, "Unknown (%u)", policy)); /* Reserved for future additions */ 700 } 701 } 702 break; 703 704 case HNCP_DHCPV4_DATA: { 705 if (bodylen == 0) { 706 ND_PRINT((ndo, " %s", istr)); 707 break; 708 } 709 if (dhcpv4_print(ndo, value, bodylen, indent+1) != 0) 710 goto invalid; 711 } 712 break; 713 714 case HNCP_DHCPV6_DATA: { 715 if (bodylen == 0) { 716 ND_PRINT((ndo, " %s", istr)); 717 break; 718 } 719 if (dhcpv6_print(ndo, value, bodylen, indent+1) != 0) { 720 ND_PRINT((ndo, " %s", istr)); 721 break; 722 } 723 } 724 break; 725 726 case HNCP_ASSIGNED_PREFIX: { 727 uint8_t prty; 728 int l; 729 if (bodylen < 6 || bodylen < 6 + (value[5] + 7) / 8) { 730 ND_PRINT((ndo, " %s", istr)); 731 break; 732 } 733 prty = (uint8_t)(value[4] & 0xf); 734 ND_PRINT((ndo, " EPID: %08x Prty: %u", 735 EXTRACT_32BITS(value), 736 prty 737 )); 738 ND_PRINT((ndo, " Prefix: ")); 739 if ((l = print_prefix(ndo, value + 5, bodylen - 5)) < 0) { 740 ND_PRINT((ndo, " %s", istr)); 741 break; 742 } 743 l += 5; 744 l += -l & 3; 745 746 if (bodylen >= l) 747 hncp_print_rec(ndo, value + l, bodylen - l, indent+1); 748 } 749 break; 750 751 case HNCP_NODE_ADDRESS: { 752 uint32_t endpoint_identifier; 753 const char *ip_address; 754 if (bodylen < 20) { 755 ND_PRINT((ndo, " %s", istr)); 756 break; 757 } 758 endpoint_identifier = EXTRACT_32BITS(value); 759 ip_address = format_ip6addr(ndo, value + 4); 760 ND_PRINT((ndo, " EPID: %08x IP Address: %s", 761 endpoint_identifier, 762 ip_address 763 )); 764 765 hncp_print_rec(ndo, value + 20, bodylen - 20, indent+1); 766 } 767 break; 768 769 case HNCP_DNS_DELEGATED_ZONE: { 770 const char *ip_address; 771 int len; 772 if (bodylen < 17) { 773 ND_PRINT((ndo, " %s", istr)); 774 break; 775 } 776 ip_address = format_ip6addr(ndo, value); 777 ND_PRINT((ndo, " IP-Address: %s %c%c%c ", 778 ip_address, 779 (value[16] & 4) ? 'l' : '-', 780 (value[16] & 2) ? 'b' : '-', 781 (value[16] & 1) ? 's' : '-' 782 )); 783 len = print_dns_label(ndo, value+17, bodylen-17, 1); 784 if (len < 0) { 785 ND_PRINT((ndo, " %s", istr)); 786 break; 787 } 788 len += 17; 789 len += -len & 3; 790 if (bodylen >= len) 791 hncp_print_rec(ndo, value+len, bodylen-len, indent+1); 792 } 793 break; 794 795 case HNCP_DOMAIN_NAME: { 796 if (bodylen == 0) { 797 ND_PRINT((ndo, " %s", istr)); 798 break; 799 } 800 ND_PRINT((ndo, " Domain: ")); 801 print_dns_label(ndo, value, bodylen, 1); 802 } 803 break; 804 805 case HNCP_NODE_NAME: { 806 u_int l; 807 if (bodylen < 17) { 808 ND_PRINT((ndo, " %s", istr)); 809 break; 810 } 811 l = value[16]; 812 if (bodylen < 17 + l) { 813 ND_PRINT((ndo, " %s", istr)); 814 break; 815 } 816 ND_PRINT((ndo, " IP-Address: %s Name: ", 817 format_ip6addr(ndo, value) 818 )); 819 if (l < 64) { 820 safeputchar(ndo, '"'); 821 safeputs(ndo, value + 17, l); 822 safeputchar(ndo, '"'); 823 } else { 824 ND_PRINT((ndo, "%s", istr)); 825 } 826 l += 17; 827 l += -l & 3; 828 if (bodylen >= l) 829 hncp_print_rec(ndo, value + l, bodylen - l, indent+1); 830 } 831 break; 832 833 case HNCP_MANAGED_PSK: { 834 if (bodylen < 32) { 835 ND_PRINT((ndo, " %s", istr)); 836 break; 837 } 838 ND_PRINT((ndo, " PSK: %s", format_256(value))); 839 hncp_print_rec(ndo, value + 32, bodylen - 32, indent+1); 840 } 841 break; 842 843 case RANGE_DNCP_RESERVED: 844 case RANGE_HNCP_UNASSIGNED: 845 case RANGE_DNCP_PRIVATE_USE: 846 case RANGE_DNCP_FUTURE_USE: 847 break; 848 849 } 850 skip_multiline: 851 852 i += 4 + bodylen + (-bodylen & 3); 853 } 854 print_type_in_line(ndo, last_type_mask, last_type_count, indent, &first_one); 855 856 return; 857 858 trunc: 859 ND_PRINT((ndo, "%s", "[|hncp]")); 860 return; 861 862 invalid: 863 ND_PRINT((ndo, "%s", istr)); 864 return; 865} 866