rt6: parse TLV

Parse Type Length Values (TLV) in IPv6 Routing Header as specified by RFC 8754 [1]. [1] https://datatracker.ietf.org/doc/html/rfc8754 Signed-off-by: Giulio Sidoretti <giulio.sidoretti@uniroma2.it>
author: giulio-sido <giuliosidoretti@gmail.com> 2021-10-12 17:17:58 +0200
committer: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> 2023-04-18 14:36:06 +0200
commit: e69972a8ef1ddbf73924e42f76f53a1f9d0aab0a (patch)
tree: d4459f442399ebec7ff19db6eb2840af356a07da
parent: 61d5da84a02a24cafa3bcc6502293bb3d3e0e1c2 (diff)
download: tcpdump-e69972a8ef1ddbf73924e42f76f53a1f9d0aab0a.tar.gz
9 files changed, 108 insertions, 9 deletions
diff --git a/ip6.h b/ip6.h
index f927d204..c4e2f484 100644
--- a/ip6.h
+++ b/ip6.h
@@ -197,6 +197,10 @@ struct ip6_srh {
 	nd_ipv6		srh_segments[1];	/* SRH segments list*/
 };
 
+#define IPV6_SRH_TLV_PAD1 0
+#define IPV6_SRH_TLV_PADN 4
+#define IPV6_SRH_TLV_HMAC 5
+
 /* Fragment header */
 struct ip6_frag {
 	nd_uint8_t  ip6f_nxt;		/* next header */
diff --git a/print-rt6.c b/print-rt6.c
index 096a9628..82359a42 100644
--- a/print-rt6.c
+++ b/print-rt6.c
@@ -33,13 +33,95 @@
 
 #include "ip6.h"
 
+static int
+srh_tlv_print(netdissect_options *ndo, const u_char *p, u_int bytes_left)
+{
+	u_int tlv_type, tlv_len;
+	while (bytes_left != 0) {
+		tlv_type = GET_U_1(p);
+		ND_ICHECKMSG_U("remaining length", bytes_left, <, 1);
+		p += 1;
+		bytes_left -= 1;
+		if (bytes_left == 0)
+			break;
+		if (tlv_type == IPV6_SRH_TLV_PAD1) {
+			ND_PRINT(", TLV-type=Pad1(%u)", tlv_type);
+			continue;
+		}
+
+		tlv_len = GET_U_1(p);
+		ND_ICHECKMSG_U("remaining length", bytes_left, <, 1);
+		p += 1;
+		bytes_left -= 1;
+
+		switch (tlv_type) {
+		case IPV6_SRH_TLV_PADN:
+			ND_PRINT(", TLV-type=PadN(%u)", tlv_type);
+			ND_PRINT(", TLV-len=%u", tlv_len);
+			ND_ICHECKMSG_U("PadN length", tlv_len, >, 5); /* RFC 8754 */
+			ND_ICHECKMSG_U("remaining length", bytes_left, <, tlv_len);
+			p += tlv_len;
+			bytes_left -= tlv_len;
+			break;
+		case IPV6_SRH_TLV_HMAC:
+			ND_PRINT(", TLV-type=HMAC(%u)", tlv_type);
+			ND_PRINT(", TLV-len=%u", tlv_len);
+			ND_ICHECKMSG_U("remaining length", bytes_left, <, 6);
+			uint16_t reserved;
+			uint32_t key_id;
+			uint8_t hmac_byte;
+			reserved = GET_BE_U_2(p);
+			p += 2;
+			if (ndo->ndo_vflag)
+				ND_PRINT(", D=%u", reserved >> 15);
+			key_id = GET_BE_U_4(p);
+			p += 4;
+			if (ndo->ndo_vflag)
+				ND_PRINT(", HMAC-key-ID=0x%02x", key_id);
+			bytes_left -= 6;
+			if (ndo->ndo_vflag)
+				ND_PRINT(", HMAC=0x");
+			for (u_int i = 0; i < tlv_len; i++) {
+				hmac_byte = GET_U_1(p);
+				ND_ICHECKMSG_U("remaining length", bytes_left, <, 1);
+				p += 1;
+				bytes_left -= 1;
+				if (ndo->ndo_vflag)
+					ND_PRINT("%02x", hmac_byte);
+			}
+			break;
+		default:						/* Unknown type */
+			ND_PRINT(" Unknown");
+			ND_PRINT(", TLV-len=%u", tlv_len);
+			if (ndo->ndo_vflag)
+				ND_PRINT(", TLV-value=0x");
+			ND_ICHECKMSG_U("remaining length", bytes_left, <, tlv_len);
+			uint8_t tlv_byte;
+			for (u_int i = 0; i < tlv_len; i++) {
+				tlv_byte = GET_U_1(p);
+				p += 1;
+				bytes_left -= 1;
+				if (ndo->ndo_vflag)
+					ND_PRINT("%02x", tlv_byte);
+			}
+			break;
+		}
+	}
+	return 0;
+
+invalid:
+	return -1;
+}
+
+
 int
 rt6_print(netdissect_options *ndo, const u_char *bp, const u_char *bp2 _U_)
 {
 	const struct ip6_rthdr *dp;
 	const struct ip6_rthdr0 *dp0;
 	const struct ip6_srh *srh;
-	u_int i, len, type;
+	u_int i, len, type, seg_list_len, last_entry;
+	int err;
 	const u_char *p;
 
 	ndo->ndo_protocol = "rt6";
@@ -81,7 +163,8 @@ rt6_print(netdissect_options *ndo, const u_char *bp, const u_char *bp2 _U_)
 		break;
 	case IPV6_RTHDR_TYPE_4:
 		srh = (const struct ip6_srh *)dp;
-		ND_PRINT(", last-entry=%u", GET_U_1(srh->srh_last_ent));
+		last_entry = GET_U_1(srh->srh_last_ent);
+		ND_PRINT(", last-entry=%u", last_entry);
 
 		if (GET_U_1(srh->srh_flags) || ndo->ndo_vflag) {
 			ND_PRINT(", flags=0x%0x",
@@ -89,17 +172,21 @@ rt6_print(netdissect_options *ndo, const u_char *bp, const u_char *bp2 _U_)
 		}
 
 		ND_PRINT(", tag=%x", GET_BE_U_2(srh->srh_tag));
-
-		if (len % 2 == 1) {
-			ND_PRINT(" (invalid length %u)", len);
-			goto invalid;
-		}
-		len >>= 1;
 		p  = (const u_char *) srh->srh_segments;
-		for (i = 0; i < len; i++) {
+		for (i = 0; i < last_entry + 1; i++) {
 			ND_PRINT(", [%u]%s", i, GET_IP6ADDR_STRING(p));
 			p += 16;
 		}
+		seg_list_len = (last_entry + 1) * 2;
+		if (seg_list_len < len) {
+			/* there is TLV */
+			u_int bytes_left;
+			bytes_left = (len - seg_list_len) * 8;
+			err = srh_tlv_print(ndo, p, bytes_left);
+			if (err)
+				goto invalid;
+		}
+
 		/*(*/
 		ND_PRINT(") ");
 		return((GET_U_1(srh->srh_len) + 1) << 3);
diff --git a/tests/TESTLIST b/tests/TESTLIST
index 95592bd6..46babe8d 100644
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -349,6 +349,10 @@ ipv6-srh-ipproto-ether-v ipv6-srh-ipproto-ether.pcap ipv6-srh-ipproto-ether-v.ou
 ipv6-srh-ipproto-ether-ev ipv6-srh-ipproto-ether.pcap ipv6-srh-ipproto-ether-ev.out -ev
 ipv6-too-long-jumbo	ipv6-too-long-jumbo.pcap	ipv6-too-long-jumbo.out -v
 ipv6_jumbogram_1	ipv6_jumbogram_1.pcap	ipv6_jumbogram_1.out -ev
+ipv6-srh-tlv-hmac ipv6-srh-tlv-hmac.pcap ipv6-srh-tlv-hmac.out
+ipv6-srh-tlv-hmac-v ipv6-srh-tlv-hmac.pcap ipv6-srh-tlv-hmac-v.out -v
+ipv6-srh-tlv-pad1-padn-5 ipv6-srh-tlv-pad1-padn-5.pcap ipv6-srh-tlv-pad1-padn-5.out
+ipv6-srh-tlv-pad1-padn-5-v ipv6-srh-tlv-pad1-padn-5.pcap ipv6-srh-tlv-pad1-padn-5-v.out -v
 
 # Loopback/CTP test case
 loopback	loopback.pcap		loopback.out
diff --git a/tests/ipv6-srh-tlv-hmac-v.out b/tests/ipv6-srh-tlv-hmac-v.out
new file mode 100644
index 00000000..29da7a2d
--- /dev/null
+++ b/tests/ipv6-srh-tlv-hmac-v.out
@@ -0,0 +1 @@
+    1  09:28:06.000000 IP6 (class 0x78, flowlabel 0x9abcd, hlim 64, next-header Routing (43) payload length: 48) 2001:db8:1::1 > cafe:1::2: RT6 (len=5, type=4, segleft=0, last-entry=0, flags=0x0, tag=0, [0]cafe:1::2, TLV-type=HMAC(5), TLV-len=16, D=1, HMAC-key-ID=0x5412ab30, HMAC=0x0000000000000000aaaaaaaaaaaaaaaa) no next header
diff --git a/tests/ipv6-srh-tlv-hmac.out b/tests/ipv6-srh-tlv-hmac.out
new file mode 100644
index 00000000..a64f2079
--- /dev/null
+++ b/tests/ipv6-srh-tlv-hmac.out
@@ -0,0 +1 @@
+    1  09:28:06.000000 IP6 2001:db8:1::1 > cafe:1::2: RT6 (len=5, type=4, segleft=0, last-entry=0, tag=0, [0]cafe:1::2, TLV-type=HMAC(5), TLV-len=16) no next header
diff --git a/tests/ipv6-srh-tlv-hmac.pcap b/tests/ipv6-srh-tlv-hmac.pcap
new file mode 100644
index 00000000..3333e00a
--- /dev/null
+++ b/tests/ipv6-srh-tlv-hmac.pcap
diff --git a/tests/ipv6-srh-tlv-pad1-padn-5-v.out b/tests/ipv6-srh-tlv-pad1-padn-5-v.out
new file mode 100644
index 00000000..fd0fc47f
--- /dev/null
+++ b/tests/ipv6-srh-tlv-pad1-padn-5-v.out
@@ -0,0 +1 @@
+    1  17:47:55.000001 IP6 (class 0x78, flowlabel 0x9abcd, hlim 64, next-header Routing (43) payload length: 32) 2001:db8:1::1 > cafe:1::2: RT6 (len=3, type=4, segleft=0, last-entry=0, flags=0x0, tag=0, [0]cafe:1::2, TLV-type=Pad1(0), TLV-type=PadN(4), TLV-len=5) no next header
diff --git a/tests/ipv6-srh-tlv-pad1-padn-5.out b/tests/ipv6-srh-tlv-pad1-padn-5.out
new file mode 100644
index 00000000..a2af4a61
--- /dev/null
+++ b/tests/ipv6-srh-tlv-pad1-padn-5.out
@@ -0,0 +1 @@
+    1  17:47:55.000001 IP6 2001:db8:1::1 > cafe:1::2: RT6 (len=3, type=4, segleft=0, last-entry=0, tag=0, [0]cafe:1::2, TLV-type=Pad1(0), TLV-type=PadN(4), TLV-len=5) no next header
diff --git a/tests/ipv6-srh-tlv-pad1-padn-5.pcap b/tests/ipv6-srh-tlv-pad1-padn-5.pcap
new file mode 100644
index 00000000..ba8fe6e8
--- /dev/null
+++ b/tests/ipv6-srh-tlv-pad1-padn-5.pcap
author	giulio-sido <giuliosidoretti@gmail.com>	2021-10-12 17:17:58 +0200
committer	Francois-Xavier Le Bail <devel.fx.lebail@orange.fr>	2023-04-18 14:36:06 +0200
commit	e69972a8ef1ddbf73924e42f76f53a1f9d0aab0a (patch)
tree	d4459f442399ebec7ff19db6eb2840af356a07da
parent	61d5da84a02a24cafa3bcc6502293bb3d3e0e1c2 (diff)
download	tcpdump-e69972a8ef1ddbf73924e42f76f53a1f9d0aab0a.tar.gz