• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 1998 and 1999 WIDE Project.
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 3. Neither the name of the project nor the names of its contributors
14  *    may be used to endorse or promote products derived from this software
15  *    without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 /* \summary: IPv6 DHCP printer */
31 
32 /*
33  * RFC3315: DHCPv6
34  * supported DHCPv6 options:
35  *  RFC3319: Session Initiation Protocol (SIP) Servers options,
36  *  RFC3633: IPv6 Prefix options,
37  *  RFC3646: DNS Configuration options,
38  *  RFC3898: Network Information Service (NIS) Configuration options,
39  *  RFC4075: Simple Network Time Protocol (SNTP) Configuration option,
40  *  RFC4242: Information Refresh Time option,
41  *  RFC4280: Broadcast and Multicast Control Servers options,
42  *  RFC5908: Network Time Protocol (NTP) Server Option for DHCPv6
43  *  RFC6334: Dual-Stack Lite option,
44  */
45 
46 #ifdef HAVE_CONFIG_H
47 #include "config.h"
48 #endif
49 
50 #include <netdissect-stdinc.h>
51 
52 #include <stdio.h>
53 #include <string.h>
54 
55 #include "netdissect.h"
56 #include "addrtoname.h"
57 #include "extract.h"
58 
59 /* lease duration */
60 #define DHCP6_DURATION_INFINITE 0xffffffff
61 
62 /* Error Values */
63 #define DH6ERR_FAILURE		16
64 #define DH6ERR_AUTHFAIL		17
65 #define DH6ERR_POORLYFORMED	18
66 #define DH6ERR_UNAVAIL		19
67 #define DH6ERR_OPTUNAVAIL	20
68 
69 /* Message type */
70 #define DH6_SOLICIT	1
71 #define DH6_ADVERTISE	2
72 #define DH6_REQUEST	3
73 #define DH6_CONFIRM	4
74 #define DH6_RENEW	5
75 #define DH6_REBIND	6
76 #define DH6_REPLY	7
77 #define DH6_RELEASE	8
78 #define DH6_DECLINE	9
79 #define DH6_RECONFIGURE	10
80 #define DH6_INFORM_REQ	11
81 #define DH6_RELAY_FORW	12
82 #define DH6_RELAY_REPLY	13
83 #define DH6_LEASEQUERY	14
84 #define DH6_LQ_REPLY	15
85 
86 static const struct tok dh6_msgtype_str[] = {
87 	{ DH6_SOLICIT,     "solicit"          },
88 	{ DH6_ADVERTISE,   "advertise"        },
89 	{ DH6_REQUEST,     "request"          },
90 	{ DH6_CONFIRM,     "confirm"          },
91 	{ DH6_RENEW,       "renew"            },
92 	{ DH6_REBIND,      "rebind"           },
93 	{ DH6_REPLY,       "reply"            },
94 	{ DH6_RELEASE,     "release"          },
95 	{ DH6_DECLINE,     "decline"          },
96 	{ DH6_RECONFIGURE, "reconfigure"      },
97 	{ DH6_INFORM_REQ,  "inf-req"          },
98 	{ DH6_RELAY_FORW,  "relay-fwd"        },
99 	{ DH6_RELAY_REPLY, "relay-reply"      },
100 	{ DH6_LEASEQUERY,  "leasequery"       },
101 	{ DH6_LQ_REPLY,    "leasequery-reply" },
102 	{ 0, NULL }
103 };
104 
105 /* DHCP6 base packet format */
106 struct dhcp6 {
107 	union {
108 		nd_uint8_t m;
109 		nd_uint32_t x;
110 	} dh6_msgtypexid;
111 	/* options follow */
112 };
113 #define dh6_msgtype	dh6_msgtypexid.m
114 #define dh6_xid		dh6_msgtypexid.x
115 #define DH6_XIDMASK	0x00ffffff
116 
117 /* DHCPv6 relay messages */
118 struct dhcp6_relay {
119 	nd_uint8_t dh6relay_msgtype;
120 	nd_uint8_t dh6relay_hcnt;
121 	nd_uint8_t dh6relay_linkaddr[16];	/* XXX: badly aligned */
122 	nd_uint8_t dh6relay_peeraddr[16];
123 	/* options follow */
124 };
125 
126 /* options */
127 #define DH6OPT_CLIENTID	1
128 #define DH6OPT_SERVERID	2
129 #define DH6OPT_IA_NA 3
130 #define DH6OPT_IA_TA 4
131 #define DH6OPT_IA_ADDR 5
132 #define DH6OPT_ORO 6
133 #define DH6OPT_PREFERENCE 7
134 #  define DH6OPT_PREF_MAX 255
135 #define DH6OPT_ELAPSED_TIME 8
136 #define DH6OPT_RELAY_MSG 9
137 /*#define DH6OPT_SERVER_MSG 10 deprecated */
138 #define DH6OPT_AUTH 11
139 #  define DH6OPT_AUTHPROTO_DELAYED 2
140 #  define DH6OPT_AUTHPROTO_RECONFIG 3
141 #  define DH6OPT_AUTHALG_HMACMD5 1
142 #  define DH6OPT_AUTHRDM_MONOCOUNTER 0
143 #  define DH6OPT_AUTHRECONFIG_KEY 1
144 #  define DH6OPT_AUTHRECONFIG_HMACMD5 2
145 #define DH6OPT_UNICAST 12
146 #define DH6OPT_STATUS_CODE 13
147 #  define DH6OPT_STCODE_SUCCESS 0
148 #  define DH6OPT_STCODE_UNSPECFAIL 1
149 #  define DH6OPT_STCODE_NOADDRAVAIL 2
150 #  define DH6OPT_STCODE_NOBINDING 3
151 #  define DH6OPT_STCODE_NOTONLINK 4
152 #  define DH6OPT_STCODE_USEMULTICAST 5
153 #  define DH6OPT_STCODE_NOPREFIXAVAIL 6
154 #  define DH6OPT_STCODE_UNKNOWNQUERYTYPE 7
155 #  define DH6OPT_STCODE_MALFORMEDQUERY 8
156 #  define DH6OPT_STCODE_NOTCONFIGURED 9
157 #  define DH6OPT_STCODE_NOTALLOWED 10
158 #define DH6OPT_RAPID_COMMIT 14
159 #define DH6OPT_USER_CLASS 15
160 #define DH6OPT_VENDOR_CLASS 16
161 #define DH6OPT_VENDOR_OPTS 17
162 #define DH6OPT_INTERFACE_ID 18
163 #define DH6OPT_RECONF_MSG 19
164 #define DH6OPT_RECONF_ACCEPT 20
165 #define DH6OPT_SIP_SERVER_D 21
166 #define DH6OPT_SIP_SERVER_A 22
167 #define DH6OPT_DNS_SERVERS 23
168 #define DH6OPT_DOMAIN_LIST 24
169 #define DH6OPT_IA_PD 25
170 #define DH6OPT_IA_PD_PREFIX 26
171 #define DH6OPT_NIS_SERVERS 27
172 #define DH6OPT_NISP_SERVERS 28
173 #define DH6OPT_NIS_NAME 29
174 #define DH6OPT_NISP_NAME 30
175 #define DH6OPT_SNTP_SERVERS 31
176 #define DH6OPT_LIFETIME 32
177 #define DH6OPT_BCMCS_SERVER_D 33
178 #define DH6OPT_BCMCS_SERVER_A 34
179 #define DH6OPT_GEOCONF_CIVIC 36
180 #define DH6OPT_REMOTE_ID 37
181 #define DH6OPT_SUBSCRIBER_ID 38
182 #define DH6OPT_CLIENT_FQDN 39
183 #define DH6OPT_PANA_AGENT 40
184 #define DH6OPT_NEW_POSIX_TIMEZONE 41
185 #define DH6OPT_NEW_TZDB_TIMEZONE 42
186 #define DH6OPT_ERO 43
187 #define DH6OPT_LQ_QUERY 44
188 #define DH6OPT_CLIENT_DATA 45
189 #define DH6OPT_CLT_TIME 46
190 #define DH6OPT_LQ_RELAY_DATA 47
191 #define DH6OPT_LQ_CLIENT_LINK 48
192 #define DH6OPT_NTP_SERVER 56
193 #  define DH6OPT_NTP_SUBOPTION_SRV_ADDR 1
194 #  define DH6OPT_NTP_SUBOPTION_MC_ADDR 2
195 #  define DH6OPT_NTP_SUBOPTION_SRV_FQDN 3
196 #define DH6OPT_AFTR_NAME 64
197 #define DH6OPT_MUDURL 112
198 
199 static const struct tok dh6opt_str[] = {
200 	{ DH6OPT_CLIENTID,           "client-ID"            },
201 	{ DH6OPT_SERVERID,           "server-ID"            },
202 	{ DH6OPT_IA_NA,              "IA_NA"                },
203 	{ DH6OPT_IA_TA,              "IA_TA"                },
204 	{ DH6OPT_IA_ADDR,            "IA_ADDR"              },
205 	{ DH6OPT_ORO,                "option-request"       },
206 	{ DH6OPT_PREFERENCE,         "preference"           },
207 	{ DH6OPT_ELAPSED_TIME,       "elapsed-time"         },
208 	{ DH6OPT_RELAY_MSG,          "relay-message"        },
209 	{ DH6OPT_AUTH,               "authentication"       },
210 	{ DH6OPT_UNICAST,            "server-unicast"       },
211 	{ DH6OPT_STATUS_CODE,        "status-code"          },
212 	{ DH6OPT_RAPID_COMMIT,       "rapid-commit"         },
213 	{ DH6OPT_USER_CLASS,         "user-class"           },
214 	{ DH6OPT_VENDOR_CLASS,       "vendor-class"         },
215 	{ DH6OPT_VENDOR_OPTS,        "vendor-specific-info" },
216 	{ DH6OPT_INTERFACE_ID,       "interface-ID"         },
217 	{ DH6OPT_RECONF_MSG,         "reconfigure-message"  },
218 	{ DH6OPT_RECONF_ACCEPT,      "reconfigure-accept"   },
219 	{ DH6OPT_SIP_SERVER_D,       "SIP-servers-domain"   },
220 	{ DH6OPT_SIP_SERVER_A,       "SIP-servers-address"  },
221 	{ DH6OPT_DNS_SERVERS,        "DNS-server"           },
222 	{ DH6OPT_DOMAIN_LIST,        "DNS-search-list"      },
223 	{ DH6OPT_IA_PD,              "IA_PD"                },
224 	{ DH6OPT_IA_PD_PREFIX,       "IA_PD-prefix"         },
225 	{ DH6OPT_SNTP_SERVERS,       "SNTP-servers"         },
226 	{ DH6OPT_LIFETIME,           "lifetime"             },
227 	{ DH6OPT_NIS_SERVERS,        "NIS-server"           },
228 	{ DH6OPT_NISP_SERVERS,       "NIS+-server"          },
229 	{ DH6OPT_NIS_NAME,           "NIS-domain-name"      },
230 	{ DH6OPT_NISP_NAME,          "NIS+-domain-name"     },
231 	{ DH6OPT_BCMCS_SERVER_D,     "BCMCS-domain-name"    },
232 	{ DH6OPT_BCMCS_SERVER_A,     "BCMCS-server"         },
233 	{ DH6OPT_GEOCONF_CIVIC,      "Geoconf-Civic"        },
234 	{ DH6OPT_REMOTE_ID,          "Remote-ID"            },
235 	{ DH6OPT_SUBSCRIBER_ID,      "Subscriber-ID"        },
236 	{ DH6OPT_CLIENT_FQDN,        "Client-FQDN"          },
237 	{ DH6OPT_PANA_AGENT,         "PANA-agent"           },
238 	{ DH6OPT_NEW_POSIX_TIMEZONE, "POSIX-timezone"       },
239 	{ DH6OPT_NEW_TZDB_TIMEZONE,  "POSIX-tz-database"    },
240 	{ DH6OPT_ERO,                "Echo-request-option"  },
241 	{ DH6OPT_LQ_QUERY,           "Lease-query"          },
242 	{ DH6OPT_CLIENT_DATA,        "LQ-client-data"       },
243 	{ DH6OPT_CLT_TIME,           "Clt-time"             },
244 	{ DH6OPT_LQ_RELAY_DATA,      "LQ-relay-data"        },
245 	{ DH6OPT_LQ_CLIENT_LINK,     "LQ-client-link"       },
246 	{ DH6OPT_NTP_SERVER,         "NTP-server"           },
247 	{ DH6OPT_AFTR_NAME,          "AFTR-Name"            },
248 	{ DH6OPT_MUDURL,             "MUD-URL"              },
249 	{ 0, NULL }
250 };
251 
252 static const struct tok dh6opt_stcode_str[] = {
253 	{ DH6OPT_STCODE_SUCCESS,          "Success"          }, /* RFC3315 */
254 	{ DH6OPT_STCODE_UNSPECFAIL,       "UnspecFail"       }, /* RFC3315 */
255 	{ DH6OPT_STCODE_NOADDRAVAIL,      "NoAddrsAvail"     }, /* RFC3315 */
256 	{ DH6OPT_STCODE_NOBINDING,        "NoBinding"        }, /* RFC3315 */
257 	{ DH6OPT_STCODE_NOTONLINK,        "NotOnLink"        }, /* RFC3315 */
258 	{ DH6OPT_STCODE_USEMULTICAST,     "UseMulticast"     }, /* RFC3315 */
259 	{ DH6OPT_STCODE_NOPREFIXAVAIL,    "NoPrefixAvail"    }, /* RFC3633 */
260 	{ DH6OPT_STCODE_UNKNOWNQUERYTYPE, "UnknownQueryType" }, /* RFC5007 */
261 	{ DH6OPT_STCODE_MALFORMEDQUERY,   "MalformedQuery"   }, /* RFC5007 */
262 	{ DH6OPT_STCODE_NOTCONFIGURED,    "NotConfigured"    }, /* RFC5007 */
263 	{ DH6OPT_STCODE_NOTALLOWED,       "NotAllowed"       }, /* RFC5007 */
264 	{ 0, NULL }
265 };
266 
267 struct dhcp6opt {
268 	nd_uint16_t dh6opt_type;
269 	nd_uint16_t dh6opt_len;
270 	/* type-dependent data follows */
271 };
272 
273 static const char *
dhcp6stcode(const uint16_t code)274 dhcp6stcode(const uint16_t code)
275 {
276 	return code > 255 ? "INVALID code" : tok2str(dh6opt_stcode_str, "code%u", code);
277 }
278 
279 static void
dhcp6opt_print(netdissect_options * ndo,const u_char * cp,const u_char * ep)280 dhcp6opt_print(netdissect_options *ndo,
281                const u_char *cp, const u_char *ep)
282 {
283 	const struct dhcp6opt *dh6o;
284 	const u_char *tp;
285 	size_t i;
286 	uint16_t opttype;
287 	size_t optlen;
288 	uint8_t auth_proto;
289 	u_int authinfolen, authrealmlen;
290 	int remain_len;  /* Length of remaining options */
291 	int label_len;   /* Label length */
292 	uint16_t subopt_code;
293 	uint16_t subopt_len;
294 
295 	if (cp == ep)
296 		return;
297 	while (cp < ep) {
298 		if (ep < cp + sizeof(*dh6o))
299 			goto trunc;
300 		dh6o = (const struct dhcp6opt *)cp;
301 		ND_TCHECK(*dh6o);
302 		optlen = EXTRACT_16BITS(&dh6o->dh6opt_len);
303 		if (ep < cp + sizeof(*dh6o) + optlen)
304 			goto trunc;
305 		opttype = EXTRACT_16BITS(&dh6o->dh6opt_type);
306 		ND_PRINT((ndo, " (%s", tok2str(dh6opt_str, "opt_%u", opttype)));
307 		ND_TCHECK2(*(cp + sizeof(*dh6o)), optlen);
308 		switch (opttype) {
309 		case DH6OPT_CLIENTID:
310 		case DH6OPT_SERVERID:
311 			if (optlen < 2) {
312 				/*(*/
313 				ND_PRINT((ndo, " ?)"));
314 				break;
315 			}
316 			tp = (const u_char *)(dh6o + 1);
317 			switch (EXTRACT_16BITS(tp)) {
318 			case 1:
319 				if (optlen >= 2 + 6) {
320 					ND_PRINT((ndo, " hwaddr/time type %u time %u ",
321 					    EXTRACT_16BITS(&tp[2]),
322 					    EXTRACT_32BITS(&tp[4])));
323 					for (i = 8; i < optlen; i++)
324 						ND_PRINT((ndo, "%02x", tp[i]));
325 					/*(*/
326 					ND_PRINT((ndo, ")"));
327 				} else {
328 					/*(*/
329 					ND_PRINT((ndo, " ?)"));
330 				}
331 				break;
332 			case 2:
333 				if (optlen >= 2 + 8) {
334 					ND_PRINT((ndo, " vid "));
335 					for (i = 2; i < 2 + 8; i++)
336 						ND_PRINT((ndo, "%02x", tp[i]));
337 					/*(*/
338 					ND_PRINT((ndo, ")"));
339 				} else {
340 					/*(*/
341 					ND_PRINT((ndo, " ?)"));
342 				}
343 				break;
344 			case 3:
345 				if (optlen >= 2 + 2) {
346 					ND_PRINT((ndo, " hwaddr type %u ",
347 					    EXTRACT_16BITS(&tp[2])));
348 					for (i = 4; i < optlen; i++)
349 						ND_PRINT((ndo, "%02x", tp[i]));
350 					/*(*/
351 					ND_PRINT((ndo, ")"));
352 				} else {
353 					/*(*/
354 					ND_PRINT((ndo, " ?)"));
355 				}
356 				break;
357 			default:
358 				ND_PRINT((ndo, " type %d)", EXTRACT_16BITS(tp)));
359 				break;
360 			}
361 			break;
362 		case DH6OPT_IA_ADDR:
363 			if (optlen < 24) {
364 				/*(*/
365 				ND_PRINT((ndo, " ?)"));
366 				break;
367 			}
368 			tp = (const u_char *)(dh6o + 1);
369 			ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[0])));
370 			ND_PRINT((ndo, " pltime:%u vltime:%u",
371 			    EXTRACT_32BITS(&tp[16]),
372 			    EXTRACT_32BITS(&tp[20])));
373 			if (optlen > 24) {
374 				/* there are sub-options */
375 				dhcp6opt_print(ndo, tp + 24, tp + optlen);
376 			}
377 			ND_PRINT((ndo, ")"));
378 			break;
379 		case DH6OPT_ORO:
380 		case DH6OPT_ERO:
381 			if (optlen % 2) {
382 				ND_PRINT((ndo, " ?)"));
383 				break;
384 			}
385 			tp = (const u_char *)(dh6o + 1);
386 			for (i = 0; i < optlen; i += 2) {
387 				ND_PRINT((ndo, " %s",
388 				    tok2str(dh6opt_str, "opt_%u", EXTRACT_16BITS(&tp[i]))));
389 			}
390 			ND_PRINT((ndo, ")"));
391 			break;
392 		case DH6OPT_PREFERENCE:
393 			if (optlen != 1) {
394 				ND_PRINT((ndo, " ?)"));
395 				break;
396 			}
397 			tp = (const u_char *)(dh6o + 1);
398 			ND_PRINT((ndo, " %d)", *tp));
399 			break;
400 		case DH6OPT_ELAPSED_TIME:
401 			if (optlen != 2) {
402 				ND_PRINT((ndo, " ?)"));
403 				break;
404 			}
405 			tp = (const u_char *)(dh6o + 1);
406 			ND_PRINT((ndo, " %d)", EXTRACT_16BITS(tp)));
407 			break;
408 		case DH6OPT_RELAY_MSG:
409 			ND_PRINT((ndo, " ("));
410 			tp = (const u_char *)(dh6o + 1);
411 			dhcp6_print(ndo, tp, optlen);
412 			ND_PRINT((ndo, ")"));
413 			break;
414 		case DH6OPT_AUTH:
415 			if (optlen < 11) {
416 				ND_PRINT((ndo, " ?)"));
417 				break;
418 			}
419 			tp = (const u_char *)(dh6o + 1);
420 			auth_proto = *tp;
421 			switch (auth_proto) {
422 			case DH6OPT_AUTHPROTO_DELAYED:
423 				ND_PRINT((ndo, " proto: delayed"));
424 				break;
425 			case DH6OPT_AUTHPROTO_RECONFIG:
426 				ND_PRINT((ndo, " proto: reconfigure"));
427 				break;
428 			default:
429 				ND_PRINT((ndo, " proto: %d", auth_proto));
430 				break;
431 			}
432 			tp++;
433 			switch (*tp) {
434 			case DH6OPT_AUTHALG_HMACMD5:
435 				/* XXX: may depend on the protocol */
436 				ND_PRINT((ndo, ", alg: HMAC-MD5"));
437 				break;
438 			default:
439 				ND_PRINT((ndo, ", alg: %d", *tp));
440 				break;
441 			}
442 			tp++;
443 			switch (*tp) {
444 			case DH6OPT_AUTHRDM_MONOCOUNTER:
445 				ND_PRINT((ndo, ", RDM: mono"));
446 				break;
447 			default:
448 				ND_PRINT((ndo, ", RDM: %d", *tp));
449 				break;
450 			}
451 			tp++;
452 			ND_PRINT((ndo, ", RD:"));
453 			for (i = 0; i < 4; i++, tp += 2)
454 				ND_PRINT((ndo, " %04x", EXTRACT_16BITS(tp)));
455 
456 			/* protocol dependent part */
457 			authinfolen = optlen - 11;
458 			switch (auth_proto) {
459 			case DH6OPT_AUTHPROTO_DELAYED:
460 				if (authinfolen == 0)
461 					break;
462 				if (authinfolen < 20) {
463 					ND_PRINT((ndo, " ??"));
464 					break;
465 				}
466 				authrealmlen = authinfolen - 20;
467 				if (authrealmlen > 0) {
468 					ND_PRINT((ndo, ", realm: "));
469 				}
470 				for (i = 0; i < authrealmlen; i++, tp++)
471 					ND_PRINT((ndo, "%02x", *tp));
472 				ND_PRINT((ndo, ", key ID: %08x", EXTRACT_32BITS(tp)));
473 				tp += 4;
474 				ND_PRINT((ndo, ", HMAC-MD5:"));
475 				for (i = 0; i < 4; i++, tp+= 4)
476 					ND_PRINT((ndo, " %08x", EXTRACT_32BITS(tp)));
477 				break;
478 			case DH6OPT_AUTHPROTO_RECONFIG:
479 				if (authinfolen != 17) {
480 					ND_PRINT((ndo, " ??"));
481 					break;
482 				}
483 				switch (*tp++) {
484 				case DH6OPT_AUTHRECONFIG_KEY:
485 					ND_PRINT((ndo, " reconfig-key"));
486 					break;
487 				case DH6OPT_AUTHRECONFIG_HMACMD5:
488 					ND_PRINT((ndo, " type: HMAC-MD5"));
489 					break;
490 				default:
491 					ND_PRINT((ndo, " type: ??"));
492 					break;
493 				}
494 				ND_PRINT((ndo, " value:"));
495 				for (i = 0; i < 4; i++, tp+= 4)
496 					ND_PRINT((ndo, " %08x", EXTRACT_32BITS(tp)));
497 				break;
498 			default:
499 				ND_PRINT((ndo, " ??"));
500 				break;
501 			}
502 
503 			ND_PRINT((ndo, ")"));
504 			break;
505 		case DH6OPT_RAPID_COMMIT: /* nothing todo */
506 			ND_PRINT((ndo, ")"));
507 			break;
508 		case DH6OPT_INTERFACE_ID:
509 		case DH6OPT_SUBSCRIBER_ID:
510 			/*
511 			 * Since we cannot predict the encoding, print hex dump
512 			 * at most 10 characters.
513 			 */
514 			tp = (const u_char *)(dh6o + 1);
515 			ND_PRINT((ndo, " "));
516 			for (i = 0; i < optlen && i < 10; i++)
517 				ND_PRINT((ndo, "%02x", tp[i]));
518 			ND_PRINT((ndo, "...)"));
519 			break;
520 		case DH6OPT_RECONF_MSG:
521 			if (optlen != 1) {
522 				ND_PRINT((ndo, " ?)"));
523 				break;
524 			}
525 			tp = (const u_char *)(dh6o + 1);
526 			switch (*tp) {
527 			case DH6_RENEW:
528 				ND_PRINT((ndo, " for renew)"));
529 				break;
530 			case DH6_INFORM_REQ:
531 				ND_PRINT((ndo, " for inf-req)"));
532 				break;
533 			default:
534 				ND_PRINT((ndo, " for ?\?\?(%02x))", *tp));
535 				break;
536 			}
537 			break;
538 		case DH6OPT_RECONF_ACCEPT: /* nothing todo */
539 			ND_PRINT((ndo, ")"));
540 			break;
541 		case DH6OPT_SIP_SERVER_A:
542 		case DH6OPT_DNS_SERVERS:
543 		case DH6OPT_SNTP_SERVERS:
544 		case DH6OPT_NIS_SERVERS:
545 		case DH6OPT_NISP_SERVERS:
546 		case DH6OPT_BCMCS_SERVER_A:
547 		case DH6OPT_PANA_AGENT:
548 		case DH6OPT_LQ_CLIENT_LINK:
549 			if (optlen % 16) {
550 				ND_PRINT((ndo, " ?)"));
551 				break;
552 			}
553 			tp = (const u_char *)(dh6o + 1);
554 			for (i = 0; i < optlen; i += 16)
555 				ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[i])));
556 			ND_PRINT((ndo, ")"));
557 			break;
558 		case DH6OPT_SIP_SERVER_D:
559 		case DH6OPT_DOMAIN_LIST:
560 			tp = (const u_char *)(dh6o + 1);
561 			while (tp < cp + sizeof(*dh6o) + optlen) {
562 				ND_PRINT((ndo, " "));
563 				if ((tp = ns_nprint(ndo, tp, cp + sizeof(*dh6o) + optlen)) == NULL)
564 					goto trunc;
565 			}
566 			ND_PRINT((ndo, ")"));
567 			break;
568 		case DH6OPT_STATUS_CODE:
569 			if (optlen < 2) {
570 				ND_PRINT((ndo, " ?)"));
571 				break;
572 			}
573 			tp = (const u_char *)(dh6o + 1);
574 			ND_PRINT((ndo, " %s)", dhcp6stcode(EXTRACT_16BITS(&tp[0]))));
575 			break;
576 		case DH6OPT_IA_NA:
577 		case DH6OPT_IA_PD:
578 			if (optlen < 12) {
579 				ND_PRINT((ndo, " ?)"));
580 				break;
581 			}
582 			tp = (const u_char *)(dh6o + 1);
583 			ND_PRINT((ndo, " IAID:%u T1:%u T2:%u",
584 			    EXTRACT_32BITS(&tp[0]),
585 			    EXTRACT_32BITS(&tp[4]),
586 			    EXTRACT_32BITS(&tp[8])));
587 			if (optlen > 12) {
588 				/* there are sub-options */
589 				dhcp6opt_print(ndo, tp + 12, tp + optlen);
590 			}
591 			ND_PRINT((ndo, ")"));
592 			break;
593 		case DH6OPT_IA_TA:
594 			if (optlen < 4) {
595 				ND_PRINT((ndo, " ?)"));
596 				break;
597 			}
598 			tp = (const u_char *)(dh6o + 1);
599 			ND_PRINT((ndo, " IAID:%u", EXTRACT_32BITS(tp)));
600 			if (optlen > 4) {
601 				/* there are sub-options */
602 				dhcp6opt_print(ndo, tp + 4, tp + optlen);
603 			}
604 			ND_PRINT((ndo, ")"));
605 			break;
606 		case DH6OPT_IA_PD_PREFIX:
607 			if (optlen < 25) {
608 				ND_PRINT((ndo, " ?)"));
609 				break;
610 			}
611 			tp = (const u_char *)(dh6o + 1);
612 			ND_PRINT((ndo, " %s/%d", ip6addr_string(ndo, &tp[9]), tp[8]));
613 			ND_PRINT((ndo, " pltime:%u vltime:%u",
614 			    EXTRACT_32BITS(&tp[0]),
615 			    EXTRACT_32BITS(&tp[4])));
616 			if (optlen > 25) {
617 				/* there are sub-options */
618 				dhcp6opt_print(ndo, tp + 25, tp + optlen);
619 			}
620 			ND_PRINT((ndo, ")"));
621 			break;
622 		case DH6OPT_LIFETIME:
623 		case DH6OPT_CLT_TIME:
624 			if (optlen != 4) {
625 				ND_PRINT((ndo, " ?)"));
626 				break;
627 			}
628 			tp = (const u_char *)(dh6o + 1);
629 			ND_PRINT((ndo, " %d)", EXTRACT_32BITS(tp)));
630 			break;
631 		case DH6OPT_REMOTE_ID:
632 			if (optlen < 4) {
633 				ND_PRINT((ndo, " ?)"));
634 				break;
635 			}
636 			tp = (const u_char *)(dh6o + 1);
637 			ND_PRINT((ndo, " %d ", EXTRACT_32BITS(tp)));
638 			/*
639 			 * Print hex dump first 10 characters.
640 			 */
641 			for (i = 4; i < optlen && i < 14; i++)
642 				ND_PRINT((ndo, "%02x", tp[i]));
643 			ND_PRINT((ndo, "...)"));
644 			break;
645 		case DH6OPT_LQ_QUERY:
646 			if (optlen < 17) {
647 				ND_PRINT((ndo, " ?)"));
648 				break;
649 			}
650 			tp = (const u_char *)(dh6o + 1);
651 			switch (*tp) {
652 			case 1:
653 				ND_PRINT((ndo, " by-address"));
654 				break;
655 			case 2:
656 				ND_PRINT((ndo, " by-clientID"));
657 				break;
658 			default:
659 				ND_PRINT((ndo, " type_%d", (int)*tp));
660 				break;
661 			}
662 			ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[1])));
663 			if (optlen > 17) {
664 				/* there are query-options */
665 				dhcp6opt_print(ndo, tp + 17, tp + optlen);
666 			}
667 			ND_PRINT((ndo, ")"));
668 			break;
669 		case DH6OPT_CLIENT_DATA:
670 			tp = (const u_char *)(dh6o + 1);
671 			if (optlen > 0) {
672 				/* there are encapsulated options */
673 				dhcp6opt_print(ndo, tp, tp + optlen);
674 			}
675 			ND_PRINT((ndo, ")"));
676 			break;
677 		case DH6OPT_LQ_RELAY_DATA:
678 			if (optlen < 16) {
679 				ND_PRINT((ndo, " ?)"));
680 				break;
681 			}
682 			tp = (const u_char *)(dh6o + 1);
683 			ND_PRINT((ndo, " %s ", ip6addr_string(ndo, &tp[0])));
684 			/*
685 			 * Print hex dump first 10 characters.
686 			 */
687 			for (i = 16; i < optlen && i < 26; i++)
688 				ND_PRINT((ndo, "%02x", tp[i]));
689 			ND_PRINT((ndo, "...)"));
690 			break;
691 		case DH6OPT_NTP_SERVER:
692 			if (optlen < 4) {
693 				ND_PRINT((ndo, " ?)"));
694 				break;
695 			}
696 			tp = (const u_char *)(dh6o + 1);
697 			while (tp < cp + sizeof(*dh6o) + optlen - 4) {
698 				subopt_code = EXTRACT_16BITS(tp);
699 				tp += 2;
700 				subopt_len = EXTRACT_16BITS(tp);
701 				tp += 2;
702 				if (tp + subopt_len > cp + sizeof(*dh6o) + optlen)
703 					goto trunc;
704 				ND_PRINT((ndo, " subopt:%d", subopt_code));
705 				switch (subopt_code) {
706 				case DH6OPT_NTP_SUBOPTION_SRV_ADDR:
707 				case DH6OPT_NTP_SUBOPTION_MC_ADDR:
708 					if (subopt_len != 16) {
709 						ND_PRINT((ndo, " ?"));
710 						break;
711 					}
712 					ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[0])));
713 					break;
714 				case DH6OPT_NTP_SUBOPTION_SRV_FQDN:
715 					ND_PRINT((ndo, " "));
716 					if (ns_nprint(ndo, tp, tp + subopt_len) == NULL)
717 						goto trunc;
718 					break;
719 				default:
720 					ND_PRINT((ndo, " ?"));
721 					break;
722 				}
723 				tp += subopt_len;
724 			}
725 			ND_PRINT((ndo, ")"));
726 			break;
727 		case DH6OPT_AFTR_NAME:
728 			if (optlen < 3) {
729 				ND_PRINT((ndo, " ?)"));
730 				break;
731 			}
732 			tp = (const u_char *)(dh6o + 1);
733 			remain_len = optlen;
734 			ND_PRINT((ndo, " "));
735 			/* Encoding is described in section 3.1 of RFC 1035 */
736 			while (remain_len && *tp) {
737 				label_len =  *tp++;
738 				if (label_len < remain_len - 1) {
739 					(void)fn_printn(ndo, tp, label_len, NULL);
740 					tp += label_len;
741 					remain_len -= (label_len + 1);
742 					if(*tp) ND_PRINT((ndo, "."));
743 				} else {
744 					ND_PRINT((ndo, " ?"));
745 					break;
746 				}
747 			}
748 			ND_PRINT((ndo, ")"));
749 			break;
750 		case DH6OPT_NEW_POSIX_TIMEZONE: /* all three of these options */
751 		case DH6OPT_NEW_TZDB_TIMEZONE:	/* are encoded similarly */
752 		case DH6OPT_MUDURL:		/* although GMT might not work */
753 		        if (optlen < 5) {
754 				ND_PRINT((ndo, " ?)"));
755 				break;
756 			}
757 			tp = (const u_char *)(dh6o + 1);
758 			ND_PRINT((ndo, "="));
759 			(void)fn_printn(ndo, tp, (u_int)optlen, NULL);
760 			ND_PRINT((ndo, ")"));
761 			break;
762 
763 		default:
764 			ND_PRINT((ndo, ")"));
765 			break;
766 		}
767 
768 		cp += sizeof(*dh6o) + optlen;
769 	}
770 	return;
771 
772 trunc:
773 	ND_PRINT((ndo, "[|dhcp6ext]"));
774 }
775 
776 /*
777  * Print dhcp6 packets
778  */
779 void
dhcp6_print(netdissect_options * ndo,const u_char * cp,u_int length)780 dhcp6_print(netdissect_options *ndo,
781             const u_char *cp, u_int length)
782 {
783 	const struct dhcp6 *dh6;
784 	const struct dhcp6_relay *dh6relay;
785 	const u_char *ep;
786 	const u_char *extp;
787 	const char *name;
788 
789 	ND_PRINT((ndo, "dhcp6"));
790 
791 	ep = (const u_char *)ndo->ndo_snapend;
792 	if (cp + length < ep)
793 		ep = cp + length;
794 
795 	dh6 = (const struct dhcp6 *)cp;
796 	dh6relay = (const struct dhcp6_relay *)cp;
797 	ND_TCHECK(dh6->dh6_xid);
798 	name = tok2str(dh6_msgtype_str, "msgtype-%u", dh6->dh6_msgtype);
799 
800 	if (!ndo->ndo_vflag) {
801 		ND_PRINT((ndo, " %s", name));
802 		return;
803 	}
804 
805 	/* XXX relay agent messages have to be handled differently */
806 
807 	ND_PRINT((ndo, " %s (", name));	/*)*/
808 	if (dh6->dh6_msgtype != DH6_RELAY_FORW &&
809 	    dh6->dh6_msgtype != DH6_RELAY_REPLY) {
810 		ND_PRINT((ndo, "xid=%x", EXTRACT_32BITS(&dh6->dh6_xid) & DH6_XIDMASK));
811 		extp = (const u_char *)(dh6 + 1);
812 		dhcp6opt_print(ndo, extp, ep);
813 	} else {		/* relay messages */
814 		struct in6_addr addr6;
815 
816 		ND_TCHECK(dh6relay->dh6relay_peeraddr);
817 
818 		memcpy(&addr6, dh6relay->dh6relay_linkaddr, sizeof (addr6));
819 		ND_PRINT((ndo, "linkaddr=%s", ip6addr_string(ndo, &addr6)));
820 
821 		memcpy(&addr6, dh6relay->dh6relay_peeraddr, sizeof (addr6));
822 		ND_PRINT((ndo, " peeraddr=%s", ip6addr_string(ndo, &addr6)));
823 
824 		dhcp6opt_print(ndo, (const u_char *)(dh6relay + 1), ep);
825 	}
826 	/*(*/
827 	ND_PRINT((ndo, ")"));
828 	return;
829 
830 trunc:
831 	ND_PRINT((ndo, "[|dhcp6]"));
832 }
833