Home | History | Annotate | Download | only in tcpdump
      1 /*
      2  * Copyright (C) 1998 and 1999 WIDE Project.
      3  * All rights reserved.
      4  *
      5  * Redistribution and use in source and binary forms, with or without
      6  * modification, are permitted provided that the following conditions
      7  * are met:
      8  * 1. Redistributions of source code must retain the above copyright
      9  *    notice, this list of conditions and the following disclaimer.
     10  * 2. Redistributions in binary form must reproduce the above copyright
     11  *    notice, this list of conditions and the following disclaimer in the
     12  *    documentation and/or other materials provided with the distribution.
     13  * 3. Neither the name of the project nor the names of its contributors
     14  *    may be used to endorse or promote products derived from this software
     15  *    without specific prior written permission.
     16  *
     17  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
     18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
     21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     27  * SUCH DAMAGE.
     28  */
     29 
     30 /* \summary: IPv6 DHCP printer */
     31 
     32 /*
     33  * RFC3315: DHCPv6
     34  * supported DHCPv6 options:
     35  *  RFC3319: Session Initiation Protocol (SIP) Servers options,
     36  *  RFC3633: IPv6 Prefix options,
     37  *  RFC3646: DNS Configuration options,
     38  *  RFC3898: Network Information Service (NIS) Configuration options,
     39  *  RFC4075: Simple Network Time Protocol (SNTP) Configuration option,
     40  *  RFC4242: Information Refresh Time option,
     41  *  RFC4280: Broadcast and Multicast Control Servers options,
     42  *  RFC5908: Network Time Protocol (NTP) Server Option for DHCPv6
     43  *  RFC6334: Dual-Stack Lite option,
     44  */
     45 
     46 #ifdef HAVE_CONFIG_H
     47 #include "config.h"
     48 #endif
     49 
     50 #include <netdissect-stdinc.h>
     51 
     52 #include <stdio.h>
     53 #include <string.h>
     54 
     55 #include "netdissect.h"
     56 #include "addrtoname.h"
     57 #include "extract.h"
     58 
     59 /* lease duration */
     60 #define DHCP6_DURATION_INFINITE 0xffffffff
     61 
     62 /* Error Values */
     63 #define DH6ERR_FAILURE		16
     64 #define DH6ERR_AUTHFAIL		17
     65 #define DH6ERR_POORLYFORMED	18
     66 #define DH6ERR_UNAVAIL		19
     67 #define DH6ERR_OPTUNAVAIL	20
     68 
     69 /* Message type */
     70 #define DH6_SOLICIT	1
     71 #define DH6_ADVERTISE	2
     72 #define DH6_REQUEST	3
     73 #define DH6_CONFIRM	4
     74 #define DH6_RENEW	5
     75 #define DH6_REBIND	6
     76 #define DH6_REPLY	7
     77 #define DH6_RELEASE	8
     78 #define DH6_DECLINE	9
     79 #define DH6_RECONFIGURE	10
     80 #define DH6_INFORM_REQ	11
     81 #define DH6_RELAY_FORW	12
     82 #define DH6_RELAY_REPLY	13
     83 #define DH6_LEASEQUERY	14
     84 #define DH6_LQ_REPLY	15
     85 
     86 static const struct tok dh6_msgtype_str[] = {
     87 	{ DH6_SOLICIT,     "solicit"          },
     88 	{ DH6_ADVERTISE,   "advertise"        },
     89 	{ DH6_REQUEST,     "request"          },
     90 	{ DH6_CONFIRM,     "confirm"          },
     91 	{ DH6_RENEW,       "renew"            },
     92 	{ DH6_REBIND,      "rebind"           },
     93 	{ DH6_REPLY,       "reply"            },
     94 	{ DH6_RELEASE,     "release"          },
     95 	{ DH6_DECLINE,     "decline"          },
     96 	{ DH6_RECONFIGURE, "reconfigure"      },
     97 	{ DH6_INFORM_REQ,  "inf-req"          },
     98 	{ DH6_RELAY_FORW,  "relay-fwd"        },
     99 	{ DH6_RELAY_REPLY, "relay-reply"      },
    100 	{ DH6_LEASEQUERY,  "leasequery"       },
    101 	{ DH6_LQ_REPLY,    "leasequery-reply" },
    102 	{ 0, NULL }
    103 };
    104 
    105 /* DHCP6 base packet format */
    106 struct dhcp6 {
    107 	union {
    108 		nd_uint8_t m;
    109 		nd_uint32_t x;
    110 	} dh6_msgtypexid;
    111 	/* options follow */
    112 };
    113 #define dh6_msgtype	dh6_msgtypexid.m
    114 #define dh6_xid		dh6_msgtypexid.x
    115 #define DH6_XIDMASK	0x00ffffff
    116 
    117 /* DHCPv6 relay messages */
    118 struct dhcp6_relay {
    119 	nd_uint8_t dh6relay_msgtype;
    120 	nd_uint8_t dh6relay_hcnt;
    121 	nd_uint8_t dh6relay_linkaddr[16];	/* XXX: badly aligned */
    122 	nd_uint8_t dh6relay_peeraddr[16];
    123 	/* options follow */
    124 };
    125 
    126 /* options */
    127 #define DH6OPT_CLIENTID	1
    128 #define DH6OPT_SERVERID	2
    129 #define DH6OPT_IA_NA 3
    130 #define DH6OPT_IA_TA 4
    131 #define DH6OPT_IA_ADDR 5
    132 #define DH6OPT_ORO 6
    133 #define DH6OPT_PREFERENCE 7
    134 #  define DH6OPT_PREF_MAX 255
    135 #define DH6OPT_ELAPSED_TIME 8
    136 #define DH6OPT_RELAY_MSG 9
    137 /*#define DH6OPT_SERVER_MSG 10 deprecated */
    138 #define DH6OPT_AUTH 11
    139 #  define DH6OPT_AUTHPROTO_DELAYED 2
    140 #  define DH6OPT_AUTHPROTO_RECONFIG 3
    141 #  define DH6OPT_AUTHALG_HMACMD5 1
    142 #  define DH6OPT_AUTHRDM_MONOCOUNTER 0
    143 #  define DH6OPT_AUTHRECONFIG_KEY 1
    144 #  define DH6OPT_AUTHRECONFIG_HMACMD5 2
    145 #define DH6OPT_UNICAST 12
    146 #define DH6OPT_STATUS_CODE 13
    147 #  define DH6OPT_STCODE_SUCCESS 0
    148 #  define DH6OPT_STCODE_UNSPECFAIL 1
    149 #  define DH6OPT_STCODE_NOADDRAVAIL 2
    150 #  define DH6OPT_STCODE_NOBINDING 3
    151 #  define DH6OPT_STCODE_NOTONLINK 4
    152 #  define DH6OPT_STCODE_USEMULTICAST 5
    153 #  define DH6OPT_STCODE_NOPREFIXAVAIL 6
    154 #  define DH6OPT_STCODE_UNKNOWNQUERYTYPE 7
    155 #  define DH6OPT_STCODE_MALFORMEDQUERY 8
    156 #  define DH6OPT_STCODE_NOTCONFIGURED 9
    157 #  define DH6OPT_STCODE_NOTALLOWED 10
    158 #define DH6OPT_RAPID_COMMIT 14
    159 #define DH6OPT_USER_CLASS 15
    160 #define DH6OPT_VENDOR_CLASS 16
    161 #define DH6OPT_VENDOR_OPTS 17
    162 #define DH6OPT_INTERFACE_ID 18
    163 #define DH6OPT_RECONF_MSG 19
    164 #define DH6OPT_RECONF_ACCEPT 20
    165 #define DH6OPT_SIP_SERVER_D 21
    166 #define DH6OPT_SIP_SERVER_A 22
    167 #define DH6OPT_DNS_SERVERS 23
    168 #define DH6OPT_DOMAIN_LIST 24
    169 #define DH6OPT_IA_PD 25
    170 #define DH6OPT_IA_PD_PREFIX 26
    171 #define DH6OPT_NIS_SERVERS 27
    172 #define DH6OPT_NISP_SERVERS 28
    173 #define DH6OPT_NIS_NAME 29
    174 #define DH6OPT_NISP_NAME 30
    175 #define DH6OPT_SNTP_SERVERS 31
    176 #define DH6OPT_LIFETIME 32
    177 #define DH6OPT_BCMCS_SERVER_D 33
    178 #define DH6OPT_BCMCS_SERVER_A 34
    179 #define DH6OPT_GEOCONF_CIVIC 36
    180 #define DH6OPT_REMOTE_ID 37
    181 #define DH6OPT_SUBSCRIBER_ID 38
    182 #define DH6OPT_CLIENT_FQDN 39
    183 #define DH6OPT_PANA_AGENT 40
    184 #define DH6OPT_NEW_POSIX_TIMEZONE 41
    185 #define DH6OPT_NEW_TZDB_TIMEZONE 42
    186 #define DH6OPT_ERO 43
    187 #define DH6OPT_LQ_QUERY 44
    188 #define DH6OPT_CLIENT_DATA 45
    189 #define DH6OPT_CLT_TIME 46
    190 #define DH6OPT_LQ_RELAY_DATA 47
    191 #define DH6OPT_LQ_CLIENT_LINK 48
    192 #define DH6OPT_NTP_SERVER 56
    193 #  define DH6OPT_NTP_SUBOPTION_SRV_ADDR 1
    194 #  define DH6OPT_NTP_SUBOPTION_MC_ADDR 2
    195 #  define DH6OPT_NTP_SUBOPTION_SRV_FQDN 3
    196 #define DH6OPT_AFTR_NAME 64
    197 #define DH6OPT_MUDURL 112
    198 
    199 static const struct tok dh6opt_str[] = {
    200 	{ DH6OPT_CLIENTID,           "client-ID"            },
    201 	{ DH6OPT_SERVERID,           "server-ID"            },
    202 	{ DH6OPT_IA_NA,              "IA_NA"                },
    203 	{ DH6OPT_IA_TA,              "IA_TA"                },
    204 	{ DH6OPT_IA_ADDR,            "IA_ADDR"              },
    205 	{ DH6OPT_ORO,                "option-request"       },
    206 	{ DH6OPT_PREFERENCE,         "preference"           },
    207 	{ DH6OPT_ELAPSED_TIME,       "elapsed-time"         },
    208 	{ DH6OPT_RELAY_MSG,          "relay-message"        },
    209 	{ DH6OPT_AUTH,               "authentication"       },
    210 	{ DH6OPT_UNICAST,            "server-unicast"       },
    211 	{ DH6OPT_STATUS_CODE,        "status-code"          },
    212 	{ DH6OPT_RAPID_COMMIT,       "rapid-commit"         },
    213 	{ DH6OPT_USER_CLASS,         "user-class"           },
    214 	{ DH6OPT_VENDOR_CLASS,       "vendor-class"         },
    215 	{ DH6OPT_VENDOR_OPTS,        "vendor-specific-info" },
    216 	{ DH6OPT_INTERFACE_ID,       "interface-ID"         },
    217 	{ DH6OPT_RECONF_MSG,         "reconfigure-message"  },
    218 	{ DH6OPT_RECONF_ACCEPT,      "reconfigure-accept"   },
    219 	{ DH6OPT_SIP_SERVER_D,       "SIP-servers-domain"   },
    220 	{ DH6OPT_SIP_SERVER_A,       "SIP-servers-address"  },
    221 	{ DH6OPT_DNS_SERVERS,        "DNS-server"           },
    222 	{ DH6OPT_DOMAIN_LIST,        "DNS-search-list"      },
    223 	{ DH6OPT_IA_PD,              "IA_PD"                },
    224 	{ DH6OPT_IA_PD_PREFIX,       "IA_PD-prefix"         },
    225 	{ DH6OPT_SNTP_SERVERS,       "SNTP-servers"         },
    226 	{ DH6OPT_LIFETIME,           "lifetime"             },
    227 	{ DH6OPT_NIS_SERVERS,        "NIS-server"           },
    228 	{ DH6OPT_NISP_SERVERS,       "NIS+-server"          },
    229 	{ DH6OPT_NIS_NAME,           "NIS-domain-name"      },
    230 	{ DH6OPT_NISP_NAME,          "NIS+-domain-name"     },
    231 	{ DH6OPT_BCMCS_SERVER_D,     "BCMCS-domain-name"    },
    232 	{ DH6OPT_BCMCS_SERVER_A,     "BCMCS-server"         },
    233 	{ DH6OPT_GEOCONF_CIVIC,      "Geoconf-Civic"        },
    234 	{ DH6OPT_REMOTE_ID,          "Remote-ID"            },
    235 	{ DH6OPT_SUBSCRIBER_ID,      "Subscriber-ID"        },
    236 	{ DH6OPT_CLIENT_FQDN,        "Client-FQDN"          },
    237 	{ DH6OPT_PANA_AGENT,         "PANA-agent"           },
    238 	{ DH6OPT_NEW_POSIX_TIMEZONE, "POSIX-timezone"       },
    239 	{ DH6OPT_NEW_TZDB_TIMEZONE,  "POSIX-tz-database"    },
    240 	{ DH6OPT_ERO,                "Echo-request-option"  },
    241 	{ DH6OPT_LQ_QUERY,           "Lease-query"          },
    242 	{ DH6OPT_CLIENT_DATA,        "LQ-client-data"       },
    243 	{ DH6OPT_CLT_TIME,           "Clt-time"             },
    244 	{ DH6OPT_LQ_RELAY_DATA,      "LQ-relay-data"        },
    245 	{ DH6OPT_LQ_CLIENT_LINK,     "LQ-client-link"       },
    246 	{ DH6OPT_NTP_SERVER,         "NTP-server"           },
    247 	{ DH6OPT_AFTR_NAME,          "AFTR-Name"            },
    248 	{ DH6OPT_MUDURL,             "MUD-URL"              },
    249 	{ 0, NULL }
    250 };
    251 
    252 static const struct tok dh6opt_stcode_str[] = {
    253 	{ DH6OPT_STCODE_SUCCESS,          "Success"          }, /* RFC3315 */
    254 	{ DH6OPT_STCODE_UNSPECFAIL,       "UnspecFail"       }, /* RFC3315 */
    255 	{ DH6OPT_STCODE_NOADDRAVAIL,      "NoAddrsAvail"     }, /* RFC3315 */
    256 	{ DH6OPT_STCODE_NOBINDING,        "NoBinding"        }, /* RFC3315 */
    257 	{ DH6OPT_STCODE_NOTONLINK,        "NotOnLink"        }, /* RFC3315 */
    258 	{ DH6OPT_STCODE_USEMULTICAST,     "UseMulticast"     }, /* RFC3315 */
    259 	{ DH6OPT_STCODE_NOPREFIXAVAIL,    "NoPrefixAvail"    }, /* RFC3633 */
    260 	{ DH6OPT_STCODE_UNKNOWNQUERYTYPE, "UnknownQueryType" }, /* RFC5007 */
    261 	{ DH6OPT_STCODE_MALFORMEDQUERY,   "MalformedQuery"   }, /* RFC5007 */
    262 	{ DH6OPT_STCODE_NOTCONFIGURED,    "NotConfigured"    }, /* RFC5007 */
    263 	{ DH6OPT_STCODE_NOTALLOWED,       "NotAllowed"       }, /* RFC5007 */
    264 	{ 0, NULL }
    265 };
    266 
    267 struct dhcp6opt {
    268 	nd_uint16_t dh6opt_type;
    269 	nd_uint16_t dh6opt_len;
    270 	/* type-dependent data follows */
    271 };
    272 
    273 static const char *
    274 dhcp6stcode(const uint16_t code)
    275 {
    276 	return code > 255 ? "INVALID code" : tok2str(dh6opt_stcode_str, "code%u", code);
    277 }
    278 
    279 static void
    280 dhcp6opt_print(netdissect_options *ndo,
    281                const u_char *cp, const u_char *ep)
    282 {
    283 	const struct dhcp6opt *dh6o;
    284 	const u_char *tp;
    285 	size_t i;
    286 	uint16_t opttype;
    287 	size_t optlen;
    288 	uint8_t auth_proto;
    289 	u_int authinfolen, authrealmlen;
    290 	int remain_len;  /* Length of remaining options */
    291 	int label_len;   /* Label length */
    292 	uint16_t subopt_code;
    293 	uint16_t subopt_len;
    294 
    295 	if (cp == ep)
    296 		return;
    297 	while (cp < ep) {
    298 		if (ep < cp + sizeof(*dh6o))
    299 			goto trunc;
    300 		dh6o = (const struct dhcp6opt *)cp;
    301 		ND_TCHECK(*dh6o);
    302 		optlen = EXTRACT_16BITS(&dh6o->dh6opt_len);
    303 		if (ep < cp + sizeof(*dh6o) + optlen)
    304 			goto trunc;
    305 		opttype = EXTRACT_16BITS(&dh6o->dh6opt_type);
    306 		ND_PRINT((ndo, " (%s", tok2str(dh6opt_str, "opt_%u", opttype)));
    307 		ND_TCHECK2(*(cp + sizeof(*dh6o)), optlen);
    308 		switch (opttype) {
    309 		case DH6OPT_CLIENTID:
    310 		case DH6OPT_SERVERID:
    311 			if (optlen < 2) {
    312 				/*(*/
    313 				ND_PRINT((ndo, " ?)"));
    314 				break;
    315 			}
    316 			tp = (const u_char *)(dh6o + 1);
    317 			switch (EXTRACT_16BITS(tp)) {
    318 			case 1:
    319 				if (optlen >= 2 + 6) {
    320 					ND_PRINT((ndo, " hwaddr/time type %u time %u ",
    321 					    EXTRACT_16BITS(&tp[2]),
    322 					    EXTRACT_32BITS(&tp[4])));
    323 					for (i = 8; i < optlen; i++)
    324 						ND_PRINT((ndo, "%02x", tp[i]));
    325 					/*(*/
    326 					ND_PRINT((ndo, ")"));
    327 				} else {
    328 					/*(*/
    329 					ND_PRINT((ndo, " ?)"));
    330 				}
    331 				break;
    332 			case 2:
    333 				if (optlen >= 2 + 8) {
    334 					ND_PRINT((ndo, " vid "));
    335 					for (i = 2; i < 2 + 8; i++)
    336 						ND_PRINT((ndo, "%02x", tp[i]));
    337 					/*(*/
    338 					ND_PRINT((ndo, ")"));
    339 				} else {
    340 					/*(*/
    341 					ND_PRINT((ndo, " ?)"));
    342 				}
    343 				break;
    344 			case 3:
    345 				if (optlen >= 2 + 2) {
    346 					ND_PRINT((ndo, " hwaddr type %u ",
    347 					    EXTRACT_16BITS(&tp[2])));
    348 					for (i = 4; i < optlen; i++)
    349 						ND_PRINT((ndo, "%02x", tp[i]));
    350 					/*(*/
    351 					ND_PRINT((ndo, ")"));
    352 				} else {
    353 					/*(*/
    354 					ND_PRINT((ndo, " ?)"));
    355 				}
    356 				break;
    357 			default:
    358 				ND_PRINT((ndo, " type %d)", EXTRACT_16BITS(tp)));
    359 				break;
    360 			}
    361 			break;
    362 		case DH6OPT_IA_ADDR:
    363 			if (optlen < 24) {
    364 				/*(*/
    365 				ND_PRINT((ndo, " ?)"));
    366 				break;
    367 			}
    368 			tp = (const u_char *)(dh6o + 1);
    369 			ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[0])));
    370 			ND_PRINT((ndo, " pltime:%u vltime:%u",
    371 			    EXTRACT_32BITS(&tp[16]),
    372 			    EXTRACT_32BITS(&tp[20])));
    373 			if (optlen > 24) {
    374 				/* there are sub-options */
    375 				dhcp6opt_print(ndo, tp + 24, tp + optlen);
    376 			}
    377 			ND_PRINT((ndo, ")"));
    378 			break;
    379 		case DH6OPT_ORO:
    380 		case DH6OPT_ERO:
    381 			if (optlen % 2) {
    382 				ND_PRINT((ndo, " ?)"));
    383 				break;
    384 			}
    385 			tp = (const u_char *)(dh6o + 1);
    386 			for (i = 0; i < optlen; i += 2) {
    387 				ND_PRINT((ndo, " %s",
    388 				    tok2str(dh6opt_str, "opt_%u", EXTRACT_16BITS(&tp[i]))));
    389 			}
    390 			ND_PRINT((ndo, ")"));
    391 			break;
    392 		case DH6OPT_PREFERENCE:
    393 			if (optlen != 1) {
    394 				ND_PRINT((ndo, " ?)"));
    395 				break;
    396 			}
    397 			tp = (const u_char *)(dh6o + 1);
    398 			ND_PRINT((ndo, " %d)", *tp));
    399 			break;
    400 		case DH6OPT_ELAPSED_TIME:
    401 			if (optlen != 2) {
    402 				ND_PRINT((ndo, " ?)"));
    403 				break;
    404 			}
    405 			tp = (const u_char *)(dh6o + 1);
    406 			ND_PRINT((ndo, " %d)", EXTRACT_16BITS(tp)));
    407 			break;
    408 		case DH6OPT_RELAY_MSG:
    409 			ND_PRINT((ndo, " ("));
    410 			tp = (const u_char *)(dh6o + 1);
    411 			dhcp6_print(ndo, tp, optlen);
    412 			ND_PRINT((ndo, ")"));
    413 			break;
    414 		case DH6OPT_AUTH:
    415 			if (optlen < 11) {
    416 				ND_PRINT((ndo, " ?)"));
    417 				break;
    418 			}
    419 			tp = (const u_char *)(dh6o + 1);
    420 			auth_proto = *tp;
    421 			switch (auth_proto) {
    422 			case DH6OPT_AUTHPROTO_DELAYED:
    423 				ND_PRINT((ndo, " proto: delayed"));
    424 				break;
    425 			case DH6OPT_AUTHPROTO_RECONFIG:
    426 				ND_PRINT((ndo, " proto: reconfigure"));
    427 				break;
    428 			default:
    429 				ND_PRINT((ndo, " proto: %d", auth_proto));
    430 				break;
    431 			}
    432 			tp++;
    433 			switch (*tp) {
    434 			case DH6OPT_AUTHALG_HMACMD5:
    435 				/* XXX: may depend on the protocol */
    436 				ND_PRINT((ndo, ", alg: HMAC-MD5"));
    437 				break;
    438 			default:
    439 				ND_PRINT((ndo, ", alg: %d", *tp));
    440 				break;
    441 			}
    442 			tp++;
    443 			switch (*tp) {
    444 			case DH6OPT_AUTHRDM_MONOCOUNTER:
    445 				ND_PRINT((ndo, ", RDM: mono"));
    446 				break;
    447 			default:
    448 				ND_PRINT((ndo, ", RDM: %d", *tp));
    449 				break;
    450 			}
    451 			tp++;
    452 			ND_PRINT((ndo, ", RD:"));
    453 			for (i = 0; i < 4; i++, tp += 2)
    454 				ND_PRINT((ndo, " %04x", EXTRACT_16BITS(tp)));
    455 
    456 			/* protocol dependent part */
    457 			authinfolen = optlen - 11;
    458 			switch (auth_proto) {
    459 			case DH6OPT_AUTHPROTO_DELAYED:
    460 				if (authinfolen == 0)
    461 					break;
    462 				if (authinfolen < 20) {
    463 					ND_PRINT((ndo, " ??"));
    464 					break;
    465 				}
    466 				authrealmlen = authinfolen - 20;
    467 				if (authrealmlen > 0) {
    468 					ND_PRINT((ndo, ", realm: "));
    469 				}
    470 				for (i = 0; i < authrealmlen; i++, tp++)
    471 					ND_PRINT((ndo, "%02x", *tp));
    472 				ND_PRINT((ndo, ", key ID: %08x", EXTRACT_32BITS(tp)));
    473 				tp += 4;
    474 				ND_PRINT((ndo, ", HMAC-MD5:"));
    475 				for (i = 0; i < 4; i++, tp+= 4)
    476 					ND_PRINT((ndo, " %08x", EXTRACT_32BITS(tp)));
    477 				break;
    478 			case DH6OPT_AUTHPROTO_RECONFIG:
    479 				if (authinfolen != 17) {
    480 					ND_PRINT((ndo, " ??"));
    481 					break;
    482 				}
    483 				switch (*tp++) {
    484 				case DH6OPT_AUTHRECONFIG_KEY:
    485 					ND_PRINT((ndo, " reconfig-key"));
    486 					break;
    487 				case DH6OPT_AUTHRECONFIG_HMACMD5:
    488 					ND_PRINT((ndo, " type: HMAC-MD5"));
    489 					break;
    490 				default:
    491 					ND_PRINT((ndo, " type: ??"));
    492 					break;
    493 				}
    494 				ND_PRINT((ndo, " value:"));
    495 				for (i = 0; i < 4; i++, tp+= 4)
    496 					ND_PRINT((ndo, " %08x", EXTRACT_32BITS(tp)));
    497 				break;
    498 			default:
    499 				ND_PRINT((ndo, " ??"));
    500 				break;
    501 			}
    502 
    503 			ND_PRINT((ndo, ")"));
    504 			break;
    505 		case DH6OPT_RAPID_COMMIT: /* nothing todo */
    506 			ND_PRINT((ndo, ")"));
    507 			break;
    508 		case DH6OPT_INTERFACE_ID:
    509 		case DH6OPT_SUBSCRIBER_ID:
    510 			/*
    511 			 * Since we cannot predict the encoding, print hex dump
    512 			 * at most 10 characters.
    513 			 */
    514 			tp = (const u_char *)(dh6o + 1);
    515 			ND_PRINT((ndo, " "));
    516 			for (i = 0; i < optlen && i < 10; i++)
    517 				ND_PRINT((ndo, "%02x", tp[i]));
    518 			ND_PRINT((ndo, "...)"));
    519 			break;
    520 		case DH6OPT_RECONF_MSG:
    521 			if (optlen != 1) {
    522 				ND_PRINT((ndo, " ?)"));
    523 				break;
    524 			}
    525 			tp = (const u_char *)(dh6o + 1);
    526 			switch (*tp) {
    527 			case DH6_RENEW:
    528 				ND_PRINT((ndo, " for renew)"));
    529 				break;
    530 			case DH6_INFORM_REQ:
    531 				ND_PRINT((ndo, " for inf-req)"));
    532 				break;
    533 			default:
    534 				ND_PRINT((ndo, " for ?\?\?(%02x))", *tp));
    535 				break;
    536 			}
    537 			break;
    538 		case DH6OPT_RECONF_ACCEPT: /* nothing todo */
    539 			ND_PRINT((ndo, ")"));
    540 			break;
    541 		case DH6OPT_SIP_SERVER_A:
    542 		case DH6OPT_DNS_SERVERS:
    543 		case DH6OPT_SNTP_SERVERS:
    544 		case DH6OPT_NIS_SERVERS:
    545 		case DH6OPT_NISP_SERVERS:
    546 		case DH6OPT_BCMCS_SERVER_A:
    547 		case DH6OPT_PANA_AGENT:
    548 		case DH6OPT_LQ_CLIENT_LINK:
    549 			if (optlen % 16) {
    550 				ND_PRINT((ndo, " ?)"));
    551 				break;
    552 			}
    553 			tp = (const u_char *)(dh6o + 1);
    554 			for (i = 0; i < optlen; i += 16)
    555 				ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[i])));
    556 			ND_PRINT((ndo, ")"));
    557 			break;
    558 		case DH6OPT_SIP_SERVER_D:
    559 		case DH6OPT_DOMAIN_LIST:
    560 			tp = (const u_char *)(dh6o + 1);
    561 			while (tp < cp + sizeof(*dh6o) + optlen) {
    562 				ND_PRINT((ndo, " "));
    563 				if ((tp = ns_nprint(ndo, tp, cp + sizeof(*dh6o) + optlen)) == NULL)
    564 					goto trunc;
    565 			}
    566 			ND_PRINT((ndo, ")"));
    567 			break;
    568 		case DH6OPT_STATUS_CODE:
    569 			if (optlen < 2) {
    570 				ND_PRINT((ndo, " ?)"));
    571 				break;
    572 			}
    573 			tp = (const u_char *)(dh6o + 1);
    574 			ND_PRINT((ndo, " %s)", dhcp6stcode(EXTRACT_16BITS(&tp[0]))));
    575 			break;
    576 		case DH6OPT_IA_NA:
    577 		case DH6OPT_IA_PD:
    578 			if (optlen < 12) {
    579 				ND_PRINT((ndo, " ?)"));
    580 				break;
    581 			}
    582 			tp = (const u_char *)(dh6o + 1);
    583 			ND_PRINT((ndo, " IAID:%u T1:%u T2:%u",
    584 			    EXTRACT_32BITS(&tp[0]),
    585 			    EXTRACT_32BITS(&tp[4]),
    586 			    EXTRACT_32BITS(&tp[8])));
    587 			if (optlen > 12) {
    588 				/* there are sub-options */
    589 				dhcp6opt_print(ndo, tp + 12, tp + optlen);
    590 			}
    591 			ND_PRINT((ndo, ")"));
    592 			break;
    593 		case DH6OPT_IA_TA:
    594 			if (optlen < 4) {
    595 				ND_PRINT((ndo, " ?)"));
    596 				break;
    597 			}
    598 			tp = (const u_char *)(dh6o + 1);
    599 			ND_PRINT((ndo, " IAID:%u", EXTRACT_32BITS(tp)));
    600 			if (optlen > 4) {
    601 				/* there are sub-options */
    602 				dhcp6opt_print(ndo, tp + 4, tp + optlen);
    603 			}
    604 			ND_PRINT((ndo, ")"));
    605 			break;
    606 		case DH6OPT_IA_PD_PREFIX:
    607 			if (optlen < 25) {
    608 				ND_PRINT((ndo, " ?)"));
    609 				break;
    610 			}
    611 			tp = (const u_char *)(dh6o + 1);
    612 			ND_PRINT((ndo, " %s/%d", ip6addr_string(ndo, &tp[9]), tp[8]));
    613 			ND_PRINT((ndo, " pltime:%u vltime:%u",
    614 			    EXTRACT_32BITS(&tp[0]),
    615 			    EXTRACT_32BITS(&tp[4])));
    616 			if (optlen > 25) {
    617 				/* there are sub-options */
    618 				dhcp6opt_print(ndo, tp + 25, tp + optlen);
    619 			}
    620 			ND_PRINT((ndo, ")"));
    621 			break;
    622 		case DH6OPT_LIFETIME:
    623 		case DH6OPT_CLT_TIME:
    624 			if (optlen != 4) {
    625 				ND_PRINT((ndo, " ?)"));
    626 				break;
    627 			}
    628 			tp = (const u_char *)(dh6o + 1);
    629 			ND_PRINT((ndo, " %d)", EXTRACT_32BITS(tp)));
    630 			break;
    631 		case DH6OPT_REMOTE_ID:
    632 			if (optlen < 4) {
    633 				ND_PRINT((ndo, " ?)"));
    634 				break;
    635 			}
    636 			tp = (const u_char *)(dh6o + 1);
    637 			ND_PRINT((ndo, " %d ", EXTRACT_32BITS(tp)));
    638 			/*
    639 			 * Print hex dump first 10 characters.
    640 			 */
    641 			for (i = 4; i < optlen && i < 14; i++)
    642 				ND_PRINT((ndo, "%02x", tp[i]));
    643 			ND_PRINT((ndo, "...)"));
    644 			break;
    645 		case DH6OPT_LQ_QUERY:
    646 			if (optlen < 17) {
    647 				ND_PRINT((ndo, " ?)"));
    648 				break;
    649 			}
    650 			tp = (const u_char *)(dh6o + 1);
    651 			switch (*tp) {
    652 			case 1:
    653 				ND_PRINT((ndo, " by-address"));
    654 				break;
    655 			case 2:
    656 				ND_PRINT((ndo, " by-clientID"));
    657 				break;
    658 			default:
    659 				ND_PRINT((ndo, " type_%d", (int)*tp));
    660 				break;
    661 			}
    662 			ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[1])));
    663 			if (optlen > 17) {
    664 				/* there are query-options */
    665 				dhcp6opt_print(ndo, tp + 17, tp + optlen);
    666 			}
    667 			ND_PRINT((ndo, ")"));
    668 			break;
    669 		case DH6OPT_CLIENT_DATA:
    670 			tp = (const u_char *)(dh6o + 1);
    671 			if (optlen > 0) {
    672 				/* there are encapsulated options */
    673 				dhcp6opt_print(ndo, tp, tp + optlen);
    674 			}
    675 			ND_PRINT((ndo, ")"));
    676 			break;
    677 		case DH6OPT_LQ_RELAY_DATA:
    678 			if (optlen < 16) {
    679 				ND_PRINT((ndo, " ?)"));
    680 				break;
    681 			}
    682 			tp = (const u_char *)(dh6o + 1);
    683 			ND_PRINT((ndo, " %s ", ip6addr_string(ndo, &tp[0])));
    684 			/*
    685 			 * Print hex dump first 10 characters.
    686 			 */
    687 			for (i = 16; i < optlen && i < 26; i++)
    688 				ND_PRINT((ndo, "%02x", tp[i]));
    689 			ND_PRINT((ndo, "...)"));
    690 			break;
    691 		case DH6OPT_NTP_SERVER:
    692 			if (optlen < 4) {
    693 				ND_PRINT((ndo, " ?)"));
    694 				break;
    695 			}
    696 			tp = (const u_char *)(dh6o + 1);
    697 			while (tp < cp + sizeof(*dh6o) + optlen - 4) {
    698 				subopt_code = EXTRACT_16BITS(tp);
    699 				tp += 2;
    700 				subopt_len = EXTRACT_16BITS(tp);
    701 				tp += 2;
    702 				if (tp + subopt_len > cp + sizeof(*dh6o) + optlen)
    703 					goto trunc;
    704 				ND_PRINT((ndo, " subopt:%d", subopt_code));
    705 				switch (subopt_code) {
    706 				case DH6OPT_NTP_SUBOPTION_SRV_ADDR:
    707 				case DH6OPT_NTP_SUBOPTION_MC_ADDR:
    708 					if (subopt_len != 16) {
    709 						ND_PRINT((ndo, " ?"));
    710 						break;
    711 					}
    712 					ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[0])));
    713 					break;
    714 				case DH6OPT_NTP_SUBOPTION_SRV_FQDN:
    715 					ND_PRINT((ndo, " "));
    716 					if (ns_nprint(ndo, tp, tp + subopt_len) == NULL)
    717 						goto trunc;
    718 					break;
    719 				default:
    720 					ND_PRINT((ndo, " ?"));
    721 					break;
    722 				}
    723 				tp += subopt_len;
    724 			}
    725 			ND_PRINT((ndo, ")"));
    726 			break;
    727 		case DH6OPT_AFTR_NAME:
    728 			if (optlen < 3) {
    729 				ND_PRINT((ndo, " ?)"));
    730 				break;
    731 			}
    732 			tp = (const u_char *)(dh6o + 1);
    733 			remain_len = optlen;
    734 			ND_PRINT((ndo, " "));
    735 			/* Encoding is described in section 3.1 of RFC 1035 */
    736 			while (remain_len && *tp) {
    737 				label_len =  *tp++;
    738 				if (label_len < remain_len - 1) {
    739 					(void)fn_printn(ndo, tp, label_len, NULL);
    740 					tp += label_len;
    741 					remain_len -= (label_len + 1);
    742 					if(*tp) ND_PRINT((ndo, "."));
    743 				} else {
    744 					ND_PRINT((ndo, " ?"));
    745 					break;
    746 				}
    747 			}
    748 			ND_PRINT((ndo, ")"));
    749 			break;
    750 		case DH6OPT_NEW_POSIX_TIMEZONE: /* all three of these options */
    751 		case DH6OPT_NEW_TZDB_TIMEZONE:	/* are encoded similarly */
    752 		case DH6OPT_MUDURL:		/* although GMT might not work */
    753 		        if (optlen < 5) {
    754 				ND_PRINT((ndo, " ?)"));
    755 				break;
    756 			}
    757 			tp = (const u_char *)(dh6o + 1);
    758 			ND_PRINT((ndo, "="));
    759 			(void)fn_printn(ndo, tp, (u_int)optlen, NULL);
    760 			ND_PRINT((ndo, ")"));
    761 			break;
    762 
    763 		default:
    764 			ND_PRINT((ndo, ")"));
    765 			break;
    766 		}
    767 
    768 		cp += sizeof(*dh6o) + optlen;
    769 	}
    770 	return;
    771 
    772 trunc:
    773 	ND_PRINT((ndo, "[|dhcp6ext]"));
    774 }
    775 
    776 /*
    777  * Print dhcp6 packets
    778  */
    779 void
    780 dhcp6_print(netdissect_options *ndo,
    781             const u_char *cp, u_int length)
    782 {
    783 	const struct dhcp6 *dh6;
    784 	const struct dhcp6_relay *dh6relay;
    785 	const u_char *ep;
    786 	const u_char *extp;
    787 	const char *name;
    788 
    789 	ND_PRINT((ndo, "dhcp6"));
    790 
    791 	ep = (const u_char *)ndo->ndo_snapend;
    792 	if (cp + length < ep)
    793 		ep = cp + length;
    794 
    795 	dh6 = (const struct dhcp6 *)cp;
    796 	dh6relay = (const struct dhcp6_relay *)cp;
    797 	ND_TCHECK(dh6->dh6_xid);
    798 	name = tok2str(dh6_msgtype_str, "msgtype-%u", dh6->dh6_msgtype);
    799 
    800 	if (!ndo->ndo_vflag) {
    801 		ND_PRINT((ndo, " %s", name));
    802 		return;
    803 	}
    804 
    805 	/* XXX relay agent messages have to be handled differently */
    806 
    807 	ND_PRINT((ndo, " %s (", name));	/*)*/
    808 	if (dh6->dh6_msgtype != DH6_RELAY_FORW &&
    809 	    dh6->dh6_msgtype != DH6_RELAY_REPLY) {
    810 		ND_PRINT((ndo, "xid=%x", EXTRACT_32BITS(&dh6->dh6_xid) & DH6_XIDMASK));
    811 		extp = (const u_char *)(dh6 + 1);
    812 		dhcp6opt_print(ndo, extp, ep);
    813 	} else {		/* relay messages */
    814 		struct in6_addr addr6;
    815 
    816 		ND_TCHECK(dh6relay->dh6relay_peeraddr);
    817 
    818 		memcpy(&addr6, dh6relay->dh6relay_linkaddr, sizeof (addr6));
    819 		ND_PRINT((ndo, "linkaddr=%s", ip6addr_string(ndo, &addr6)));
    820 
    821 		memcpy(&addr6, dh6relay->dh6relay_peeraddr, sizeof (addr6));
    822 		ND_PRINT((ndo, " peeraddr=%s", ip6addr_string(ndo, &addr6)));
    823 
    824 		dhcp6opt_print(ndo, (const u_char *)(dh6relay + 1), ep);
    825 	}
    826 	/*(*/
    827 	ND_PRINT((ndo, ")"));
    828 	return;
    829 
    830 trunc:
    831 	ND_PRINT((ndo, "[|dhcp6]"));
    832 }
    833