1 /**	$MirOS: src/usr.sbin/traceroute6/traceroute6.c,v 1.3 2005/12/04 15:02:32 tg Exp $ */
2 /*	$OpenBSD: traceroute6.c,v 1.39 2005/05/03 01:01:14 djm Exp $	*/
3 /*	$KAME: traceroute6.c,v 1.63 2002/10/24 12:53:25 itojun Exp $	*/
4 
5 /*
6  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. Neither the name of the project nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 /*-
35  * Copyright (c) 1990, 1993
36  *	The Regents of the University of California.  All rights reserved.
37  *
38  * This code is derived from software contributed to Berkeley by
39  * Van Jacobson.
40  *
41  * Redistribution and use in source and binary forms, with or without
42  * modification, are permitted provided that the following conditions
43  * are met:
44  * 1. Redistributions of source code must retain the above copyright
45  *    notice, this list of conditions and the following disclaimer.
46  * 2. Redistributions in binary form must reproduce the above copyright
47  *    notice, this list of conditions and the following disclaimer in the
48  *    documentation and/or other materials provided with the distribution.
49  * 3. Neither the name of the University nor the names of its contributors
50  *    may be used to endorse or promote products derived from this software
51  *    without specific prior written permission.
52  *
53  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
54  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
55  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
56  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
57  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
58  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
59  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
61  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
62  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
63  * SUCH DAMAGE.
64  */
65 
66 #ifndef lint
67 static char copyright[] =
68 "@(#) Copyright (c) 1990, 1993\n\
69 	The Regents of the University of California.  All rights reserved.\n";
70 #endif /* not lint */
71 
72 #ifndef lint
73 static char sccsid[] = "@(#)traceroute.c	8.1 (Berkeley) 6/6/93";
74 #endif /* not lint */
75 
76 /*
77  * traceroute host  - trace the route ip packets follow going to "host".
78  *
79  * Attempt to trace the route an ip packet would follow to some
80  * internet host.  We find out intermediate hops by launching probe
81  * packets with a small ttl (time to live) then listening for an
82  * icmp "time exceeded" reply from a gateway.  We start our probes
83  * with a ttl of one and increase by one until we get an icmp "port
84  * unreachable" (which means we got to "host") or hit a max (which
85  * defaults to 30 hops & can be changed with the -m flag).  Three
86  * probes (change with -q flag) are sent at each ttl setting and a
87  * line is printed showing the ttl, address of the gateway and
88  * round trip time of each probe.  If the probe answers come from
89  * different gateways, the address of each responding system will
90  * be printed.  If there is no response within a 5 sec. timeout
91  * interval (changed with the -w flag), a "*" is printed for that
92  * probe.
93  *
94  * Probe packets are UDP format.  We don't want the destination
95  * host to process them so the destination port is set to an
96  * unlikely value (if some clod on the destination is using that
97  * value, it can be changed with the -p flag).
98  *
99  * A sample use might be:
100  *
101  *     [yak 71]% traceroute nis.nsf.net.
102  *     traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 56 byte packet
103  *      1  helios.ee.lbl.gov (128.3.112.1)  19 ms  19 ms  0 ms
104  *      2  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  39 ms  19 ms
105  *      3  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  39 ms  19 ms
106  *      4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  39 ms  40 ms  39 ms
107  *      5  ccn-nerif22.Berkeley.EDU (128.32.168.22)  39 ms  39 ms  39 ms
108  *      6  128.32.197.4 (128.32.197.4)  40 ms  59 ms  59 ms
109  *      7  131.119.2.5 (131.119.2.5)  59 ms  59 ms  59 ms
110  *      8  129.140.70.13 (129.140.70.13)  99 ms  99 ms  80 ms
111  *      9  129.140.71.6 (129.140.71.6)  139 ms  239 ms  319 ms
112  *     10  129.140.81.7 (129.140.81.7)  220 ms  199 ms  199 ms
113  *     11  nic.merit.edu (35.1.1.48)  239 ms  239 ms  239 ms
114  *
115  * Note that lines 2 & 3 are the same.  This is due to a buggy
116  * kernel on the 2nd hop system -- lbl-csam.arpa -- that forwards
117  * packets with a zero ttl.
118  *
119  * A more interesting example is:
120  *
121  *     [yak 72]% traceroute allspice.lcs.mit.edu.
122  *     traceroute to allspice.lcs.mit.edu (18.26.0.115), 30 hops max
123  *      1  helios.ee.lbl.gov (128.3.112.1)  0 ms  0 ms  0 ms
124  *      2  lilac-dmc.Berkeley.EDU (128.32.216.1)  19 ms  19 ms  19 ms
125  *      3  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  19 ms  19 ms
126  *      4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  19 ms  39 ms  39 ms
127  *      5  ccn-nerif22.Berkeley.EDU (128.32.168.22)  20 ms  39 ms  39 ms
128  *      6  128.32.197.4 (128.32.197.4)  59 ms  119 ms  39 ms
129  *      7  131.119.2.5 (131.119.2.5)  59 ms  59 ms  39 ms
130  *      8  129.140.70.13 (129.140.70.13)  80 ms  79 ms  99 ms
131  *      9  129.140.71.6 (129.140.71.6)  139 ms  139 ms  159 ms
132  *     10  129.140.81.7 (129.140.81.7)  199 ms  180 ms  300 ms
133  *     11  129.140.72.17 (129.140.72.17)  300 ms  239 ms  239 ms
134  *     12  * * *
135  *     13  128.121.54.72 (128.121.54.72)  259 ms  499 ms  279 ms
136  *     14  * * *
137  *     15  * * *
138  *     16  * * *
139  *     17  * * *
140  *     18  ALLSPICE.LCS.MIT.EDU (18.26.0.115)  339 ms  279 ms  279 ms
141  *
142  * (I start to see why I'm having so much trouble with mail to
143  * MIT.)  Note that the gateways 12, 14, 15, 16 & 17 hops away
144  * either don't send ICMP "time exceeded" messages or send them
145  * with a ttl too small to reach us.  14 - 17 are running the
146  * MIT C Gateway code that doesn't send "time exceeded"s.  God
147  * only knows what's going on with 12.
148  *
149  * The silent gateway 12 in the above may be the result of a bug in
150  * the 4.[23]BSD network code (and its derivatives):  4.x (x <= 3)
151  * sends an unreachable message using whatever ttl remains in the
152  * original datagram.  Since, for gateways, the remaining ttl is
153  * zero, the icmp "time exceeded" is guaranteed to not make it back
154  * to us.  The behavior of this bug is slightly more interesting
155  * when it appears on the destination system:
156  *
157  *      1  helios.ee.lbl.gov (128.3.112.1)  0 ms  0 ms  0 ms
158  *      2  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  19 ms  39 ms
159  *      3  lilac-dmc.Berkeley.EDU (128.32.216.1)  19 ms  39 ms  19 ms
160  *      4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  39 ms  40 ms  19 ms
161  *      5  ccn-nerif35.Berkeley.EDU (128.32.168.35)  39 ms  39 ms  39 ms
162  *      6  csgw.Berkeley.EDU (128.32.133.254)  39 ms  59 ms  39 ms
163  *      7  * * *
164  *      8  * * *
165  *      9  * * *
166  *     10  * * *
167  *     11  * * *
168  *     12  * * *
169  *     13  rip.Berkeley.EDU (128.32.131.22)  59 ms !  39 ms !  39 ms !
170  *
171  * Notice that there are 12 "gateways" (13 is the final
172  * destination) and exactly the last half of them are "missing".
173  * What's really happening is that rip (a Sun-3 running Sun OS3.5)
174  * is using the ttl from our arriving datagram as the ttl in its
175  * icmp reply.  So, the reply will time out on the return path
176  * (with no notice sent to anyone since icmp's aren't sent for
177  * icmp's) until we probe with a ttl that's at least twice the path
178  * length.  I.e., rip is really only 7 hops away.  A reply that
179  * returns with a ttl of 1 is a clue this problem exists.
180  * Traceroute prints a "!" after the time if the ttl is <= 1.
181  * Since vendors ship a lot of obsolete (DEC's Ultrix, Sun 3.x) or
182  * non-standard (HPUX) software, expect to see this problem
183  * frequently and/or take care picking the target host of your
184  * probes.
185  *
186  * Other possible annotations after the time are !H, !N, !P (got a host,
187  * network or protocol unreachable, respectively), !S or !F (source
188  * route failed or fragmentation needed -- neither of these should
189  * ever occur and the associated gateway is busted if you see one).  If
190  * almost all the probes result in some kind of unreachable, traceroute
191  * will give up and exit.
192  *
193  * Notes
194  * -----
195  * This program must be run by root or be setuid.  (I suggest that
196  * you *don't* make it setuid -- casual use could result in a lot
197  * of unnecessary traffic on our poor, congested nets.)
198  *
199  * This program requires a kernel mod that does not appear in any
200  * system available from Berkeley:  A raw ip socket using proto
201  * IPPROTO_RAW must interpret the data sent as an ip datagram (as
202  * opposed to data to be wrapped in a ip datagram).  See the README
203  * file that came with the source to this program for a description
204  * of the mods I made to /sys/netinet/raw_ip.c.  Your mileage may
205  * vary.  But, again, ANY 4.x (x < 4) BSD KERNEL WILL HAVE TO BE
206  * MODIFIED TO RUN THIS PROGRAM.
207  *
208  * The udp port usage may appear bizarre (well, ok, it is bizarre).
209  * The problem is that an icmp message only contains 8 bytes of
210  * data from the original datagram.  8 bytes is the size of a udp
211  * header so, if we want to associate replies with the original
212  * datagram, the necessary information must be encoded into the
213  * udp header (the ip id could be used but there's no way to
214  * interlock with the kernel's assignment of ip id's and, anyway,
215  * it would have taken a lot more kernel hacking to allow this
216  * code to set the ip id).  So, to allow two or more users to
217  * use traceroute simultaneously, we use this task's pid as the
218  * source port (the high bit is set to move the port number out
219  * of the "likely" range).  To keep track of which probe is being
220  * replied to (so times and/or hop counts don't get confused by a
221  * reply that was delayed in transit), we increment the destination
222  * port number before each probe.
223  *
224  * Don't use this as a coding example.  I was trying to find a
225  * routing problem and this code sort-of popped out after 48 hours
226  * without sleep.  I was amazed it ever compiled, much less ran.
227  *
228  * I stole the idea for this program from Steve Deering.  Since
229  * the first release, I've learned that had I attended the right
230  * IETF working group meetings, I also could have stolen it from Guy
231  * Almes or Matt Mathis.  I don't know (or care) who came up with
232  * the idea first.  I envy the originators' perspicacity and I'm
233  * glad they didn't keep the idea a secret.
234  *
235  * Tim Seaver, Ken Adelman and C. Philip Wood provided bug fixes and/or
236  * enhancements to the original distribution.
237  *
238  * I've hacked up a round-trip-route version of this that works by
239  * sending a loose-source-routed udp datagram through the destination
240  * back to yourself.  Unfortunately, SO many gateways botch source
241  * routing, the thing is almost worthless.  Maybe one day...
242  *
243  *  -- Van Jacobson (van@helios.ee.lbl.gov)
244  *     Tue Dec 20 03:50:13 PST 1988
245  */
246 
247 #include <sys/param.h>
248 #include <sys/time.h>
249 #include <sys/socket.h>
250 #include <sys/uio.h>
251 #include <sys/file.h>
252 #include <sys/ioctl.h>
253 #include <sys/sysctl.h>
254 
255 #include <netinet/in.h>
256 
257 #include <arpa/inet.h>
258 
259 #include <netdb.h>
260 #include <stdio.h>
261 #include <err.h>
262 #ifdef HAVE_POLL
263 #include <poll.h>
264 #endif
265 #include <errno.h>
266 #include <stdlib.h>
267 #include <string.h>
268 #include <unistd.h>
269 
270 #include <netinet/ip6.h>
271 #include <netinet/icmp6.h>
272 #include <netinet/udp.h>
273 
274 #ifdef IPSEC
275 #include <net/route.h>
276 #include <netinet6/ipsec.h>
277 #endif
278 
279 #define DUMMY_PORT 10010
280 
281 #define	MAXPACKET	65535	/* max ip packet size */
282 
283 #ifndef HAVE_GETIPNODEBYNAME
284 #define getipnodebyname(x, y, z, u)	gethostbyname2((x), (y))
285 #define freehostent(x)
286 #endif
287 
288 /*
289  * format of a (udp) probe packet.
290  */
291 struct tv32 {
292 	u_int32_t tv32_sec;
293 	u_int32_t tv32_usec;
294 };
295 
296 struct opacket {
297 	u_char seq;		/* sequence number of this packet */
298 	u_char hops;		/* hop limit of the packet */
299 	u_char pad[2];
300 	struct tv32 tv;		/* time packet left */
301 } __packed;
302 
303 u_char	packet[512];		/* last inbound (icmp) packet */
304 struct opacket	*outpacket;	/* last output (udp) packet */
305 
306 int	main(int, char *[]);
307 int	wait_for_reply(int, struct msghdr *);
308 #ifdef IPSEC
309 #ifdef IPSEC_POLICY_IPSEC
310 int	setpolicy(int so, char *policy);
311 #endif
312 #endif
313 void	send_probe(int, u_long);
314 struct udphdr *get_udphdr(struct ip6_hdr *, u_char *);
315 int	get_hoplim(struct msghdr *);
316 double	deltaT(struct timeval *, struct timeval *);
317 char	*pr_type(int);
318 int	packet_ok(struct msghdr *, int, int);
319 void	print(struct msghdr *, int);
320 const char *inetname(struct sockaddr *);
321 void	usage(void);
322 
323 int rcvsock;			/* receive (icmp) socket file descriptor */
324 int sndsock;			/* send (udp) socket file descriptor */
325 
326 struct msghdr rcvmhdr;
327 struct iovec rcviov[2];
328 int rcvhlim;
329 struct in6_pktinfo *rcvpktinfo;
330 
331 struct sockaddr_in6 Src, Dst, Rcv;
332 u_long datalen;			/* How much data */
333 #define	ICMP6ECHOLEN	8
334 /* XXX: 2064 = 127(max hops in type 0 rthdr) * sizeof(ip6_hdr) + 16(margin) */
335 char rtbuf[2064];
336 #ifdef USE_RFC2292BIS
337 struct ip6_rthdr *rth;
338 #endif
339 struct cmsghdr *cmsg;
340 
341 char *source = 0;
342 char *hostname;
343 
344 u_long nprobes = 3;
345 u_long first_hop = 1;
346 u_long max_hops = 30;
347 u_int16_t srcport;
348 u_int16_t port = 32768+666;	/* start udp dest port # for probe packets */
349 u_int16_t ident;
350 int options;			/* socket options */
351 int verbose;
352 int waittime = 5;		/* time to wait for response (in seconds) */
353 int nflag;			/* print addresses numerically */
354 int useicmp;
355 int lflag;			/* print both numerical address & hostname */
356 
357 int
main(int argc,char * argv[])358 main(int argc, char *argv[])
359 {
360 	int mib[4] = { CTL_NET, PF_INET6, IPPROTO_IPV6, IPV6CTL_DEFHLIM };
361 	char hbuf[NI_MAXHOST], src0[NI_MAXHOST], *ep;
362 	int ch, i, on = 1, seq, rcvcmsglen, error, minlen;
363 	struct addrinfo hints, *res;
364 	static u_char *rcvcmsgbuf;
365 	u_long probe, hops, lport;
366 	struct hostent *hp;
367 	size_t size;
368 	uid_t uid;
369 
370 	/*
371 	 * Receive ICMP
372 	 */
373 	if ((rcvsock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) {
374 		perror("socket(ICMPv6)");
375 		exit(5);
376 	}
377 
378 	/* revoke privs */
379 	uid = getuid();
380 	if (setresuid(uid, uid, uid) == -1)
381 		err(1, "setresuid");
382 
383 	size = sizeof(i);
384 	(void) sysctl(mib, sizeof(mib)/sizeof(mib[0]), &i, &size, NULL, 0);
385 	max_hops = i;
386 
387 	/* specify to tell receiving interface */
388 #ifdef IPV6_RECVPKTINFO
389 	if (setsockopt(rcvsock, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on,
390 	    sizeof(on)) < 0)
391 		err(1, "setsockopt(IPV6_RECVPKTINFO)");
392 #else  /* old adv. API */
393 	if (setsockopt(rcvsock, IPPROTO_IPV6, IPV6_PKTINFO, &on,
394 	    sizeof(on)) < 0)
395 		err(1, "setsockopt(IPV6_PKTINFO)");
396 #endif
397 
398 	/* specify to tell value of hoplimit field of received IP6 hdr */
399 #ifdef IPV6_RECVHOPLIMIT
400 	if (setsockopt(rcvsock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on,
401 	    sizeof(on)) < 0)
402 		err(1, "setsockopt(IPV6_RECVHOPLIMIT)");
403 #else  /* old adv. API */
404 	if (setsockopt(rcvsock, IPPROTO_IPV6, IPV6_HOPLIMIT, &on,
405 	    sizeof(on)) < 0)
406 		err(1, "setsockopt(IPV6_HOPLIMIT)");
407 #endif
408 
409 	seq = 0;
410 
411 	while ((ch = getopt(argc, argv, "df:g:Ilm:np:q:rs:w:v")) != -1)
412 		switch (ch) {
413 		case 'd':
414 			options |= SO_DEBUG;
415 			break;
416 		case 'f':
417 			ep = NULL;
418 			errno = 0;
419 			first_hop = strtoul(optarg, &ep, 0);
420 			if (errno || !*optarg || *ep|| first_hop > 255) {
421 				fprintf(stderr,
422 				    "traceroute6: invalid min hoplimit.\n");
423 				exit(1);
424 			}
425 			break;
426 		case 'g':
427 			hp = getipnodebyname(optarg, AF_INET6, 0, &h_errno);
428 			if (hp == NULL) {
429 				fprintf(stderr,
430 				    "traceroute6: unknown host %s\n", optarg);
431 				exit(1);
432 			}
433 #ifdef USE_RFC2292BIS
434 			if (rth == NULL) {
435 				/*
436 				 * XXX: We can't detect the number of
437 				 * intermediate nodes yet.
438 				 */
439 				if ((rth = inet6_rth_init((void *)rtbuf,
440 				    sizeof(rtbuf), IPV6_RTHDR_TYPE_0,
441 				    0)) == NULL) {
442 					fprintf(stderr,
443 					    "inet6_rth_init failed.\n");
444 					exit(1);
445 				}
446 			}
447 			if (inet6_rth_add((void *)rth,
448 			    (struct in6_addr *)hp->h_addr)) {
449 				fprintf(stderr,
450 				    "inet6_rth_add failed for %s\n",
451 				    optarg);
452 				exit(1);
453 			}
454 #else  /* old advanced API */
455 			if (cmsg == NULL)
456 				cmsg = inet6_rthdr_init(rtbuf, IPV6_RTHDR_TYPE_0);
457 			inet6_rthdr_add(cmsg, (struct in6_addr *)hp->h_addr,
458 			    IPV6_RTHDR_LOOSE);
459 #endif
460 			freehostent(hp);
461 			break;
462 		case 'I':
463 			useicmp++;
464 			ident = htons(getpid() & 0xffff); /* same as ping6 */
465 			break;
466 		case 'l':
467 			lflag++;
468 			break;
469 		case 'm':
470 			ep = NULL;
471 			errno = 0;
472 			max_hops = strtoul(optarg, &ep, 0);
473 			if (errno || !*optarg || *ep || max_hops > 255) {
474 				fprintf(stderr,
475 				    "traceroute6: invalid max hoplimit.\n");
476 				exit(1);
477 			}
478 			break;
479 		case 'n':
480 			nflag++;
481 			break;
482 		case 'p':
483 			ep = NULL;
484 			errno = 0;
485 			lport = strtoul(optarg, &ep, 0);
486 			if (errno || !*optarg || *ep) {
487 				fprintf(stderr, "traceroute6: invalid port.\n");
488 				exit(1);
489 			}
490 			if (lport == 0 || lport != (lport & 0xffff)) {
491 				fprintf(stderr,
492 				    "traceroute6: port out of range.\n");
493 				exit(1);
494 			}
495 			port = lport & 0xffff;
496 			break;
497 		case 'q':
498 			ep = NULL;
499 			errno = 0;
500 			nprobes = strtoul(optarg, &ep, 0);
501 			if (errno || !*optarg || *ep) {
502 				fprintf(stderr,
503 				    "traceroute6: invalid nprobes.\n");
504 				exit(1);
505 			}
506 			if (nprobes < 1) {
507 				fprintf(stderr,
508 				    "traceroute6: nprobes must be >0.\n");
509 				exit(1);
510 			}
511 			break;
512 		case 'r':
513 			options |= SO_DONTROUTE;
514 			break;
515 		case 's':
516 			/*
517 			 * set the ip source address of the outbound
518 			 * probe (e.g., on a multi-homed host).
519 			 */
520 			source = optarg;
521 			break;
522 		case 'v':
523 			verbose++;
524 			break;
525 		case 'w':
526 			ep = NULL;
527 			errno = 0;
528 			waittime = strtoul(optarg, &ep, 0);
529 			if (errno || !*optarg || *ep) {
530 				fprintf(stderr,
531 				    "traceroute6: invalid wait time.\n");
532 				exit(1);
533 			}
534 			if (waittime <= 1) {
535 				fprintf(stderr,
536 				    "traceroute6: wait must be >1 sec.\n");
537 				exit(1);
538 			}
539 			break;
540 		default:
541 			usage();
542 		}
543 	argc -= optind;
544 	argv += optind;
545 
546 	if (max_hops < first_hop) {
547 		fprintf(stderr,
548 		    "traceroute6: max hoplimit must be larger than first hoplimit.\n");
549 		exit(1);
550 	}
551 
552 	if (argc < 1 || argc > 2)
553 		usage();
554 
555 #if 1
556 	setvbuf(stdout, NULL, _IOLBF, BUFSIZ);
557 #else
558 	setlinebuf(stdout);
559 #endif
560 
561 	memset(&hints, 0, sizeof(hints));
562 	hints.ai_family = PF_INET6;
563 	hints.ai_socktype = SOCK_RAW;
564 	hints.ai_protocol = IPPROTO_ICMPV6;
565 	hints.ai_flags = AI_CANONNAME;
566 	error = getaddrinfo(*argv, NULL, &hints, &res);
567 	if (error) {
568 		fprintf(stderr,
569 		    "traceroute6: %s\n", gai_strerror(error));
570 		exit(1);
571 	}
572 	if (res->ai_addrlen != sizeof(Dst)) {
573 		fprintf(stderr,
574 		    "traceroute6: size of sockaddr mismatch\n");
575 		exit(1);
576 	}
577 	memcpy(&Dst, res->ai_addr, res->ai_addrlen);
578 	hostname = res->ai_canonname ? strdup(res->ai_canonname) : *argv;
579 	if (!hostname) {
580 		fprintf(stderr, "traceroute6: not enough core\n");
581 		exit(1);
582 	}
583 	if (res->ai_next) {
584 		if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf,
585 		    sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
586 			strlcpy(hbuf, "?", sizeof(hbuf));
587 		fprintf(stderr, "traceroute6: Warning: %s has multiple "
588 		    "addresses; using %s\n", hostname, hbuf);
589 	}
590 
591 	if (*++argv) {
592 		ep = NULL;
593 		errno = 0;
594 		datalen = strtoul(*argv, &ep, 0);
595 		if (errno || !*argv || *ep) {
596 			fprintf(stderr,
597 			    "traceroute6: invalid packet length.\n");
598 			exit(1);
599 		}
600 	}
601 	if (useicmp)
602 		minlen = ICMP6ECHOLEN + sizeof(struct tv32);
603 	else
604 		minlen = sizeof(struct opacket);
605 	if (datalen < minlen)
606 		datalen = minlen;
607 	else if (datalen >= MAXPACKET) {
608 		fprintf(stderr,
609 		    "traceroute6: packet size must be %d <= s < %ld.\n",
610 		    minlen, (long)MAXPACKET);
611 		exit(1);
612 	}
613 	outpacket = (struct opacket *)malloc((unsigned)datalen);
614 	if (!outpacket) {
615 		perror("malloc");
616 		exit(1);
617 	}
618 	(void) bzero((char *)outpacket, datalen);
619 
620 	/* initialize msghdr for receiving packets */
621 	rcviov[0].iov_base = (caddr_t)packet;
622 	rcviov[0].iov_len = sizeof(packet);
623 	rcvmhdr.msg_name = (caddr_t)&Rcv;
624 	rcvmhdr.msg_namelen = sizeof(Rcv);
625 	rcvmhdr.msg_iov = rcviov;
626 	rcvmhdr.msg_iovlen = 1;
627 	rcvcmsglen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
628 	    CMSG_SPACE(sizeof(int));
629 	if ((rcvcmsgbuf = malloc(rcvcmsglen)) == NULL) {
630 		fprintf(stderr, "traceroute6: malloc failed\n");
631 		exit(1);
632 	}
633 	rcvmhdr.msg_control = (caddr_t) rcvcmsgbuf;
634 	rcvmhdr.msg_controllen = rcvcmsglen;
635 
636 	if (options & SO_DEBUG)
637 		(void) setsockopt(rcvsock, SOL_SOCKET, SO_DEBUG,
638 		    (char *)&on, sizeof(on));
639 	if (options & SO_DONTROUTE)
640 		(void) setsockopt(rcvsock, SOL_SOCKET, SO_DONTROUTE,
641 		    (char *)&on, sizeof(on));
642 #ifdef IPSEC
643 #ifdef IPSEC_POLICY_IPSEC
644 	/*
645 	 * do not raise error even if setsockopt fails, kernel may have ipsec
646 	 * turned off.
647 	 */
648 	if (setpolicy(rcvsock, "in bypass") < 0)
649 		errx(1, "%s", ipsec_strerror());
650 	if (setpolicy(rcvsock, "out bypass") < 0)
651 		errx(1, "%s", ipsec_strerror());
652 #else
653     {
654 	int level = IPSEC_LEVEL_NONE;
655 
656 	(void)setsockopt(rcvsock, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, &level,
657 	    sizeof(level));
658 	(void)setsockopt(rcvsock, IPPROTO_IPV6, IPV6_ESP_NETWORK_LEVEL, &level,
659 	    sizeof(level));
660 #ifdef IP_AUTH_TRANS_LEVEL
661 	(void)setsockopt(rcvsock, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, &level,
662 	    sizeof(level));
663 #else
664 	(void)setsockopt(rcvsock, IPPROTO_IPV6, IPV6_AUTH_LEVEL, &level,
665 	    sizeof(level));
666 #endif
667 #ifdef IP_AUTH_NETWORK_LEVEL
668 	(void)setsockopt(rcvsock, IPPROTO_IPV6, IPV6_AUTH_NETWORK_LEVEL, &level,
669 	    sizeof(level));
670 #endif
671     }
672 #endif /*IPSEC_POLICY_IPSEC*/
673 #endif /*IPSEC*/
674 
675 	/*
676 	 * Send UDP or ICMP
677 	 */
678 	if (useicmp) {
679 		sndsock = rcvsock;
680 	} else {
681 		if ((sndsock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) {
682 			perror("socket(SOCK_DGRAM)");
683 			exit(5);
684 		}
685 	}
686 #ifdef SO_SNDBUF
687 	i = datalen;
688 	if (setsockopt(sndsock, SOL_SOCKET, SO_SNDBUF, (char *)&i,
689 	    sizeof(i)) < 0) {
690 		perror("setsockopt(SO_SNDBUF)");
691 		exit(6);
692 	}
693 #endif /* SO_SNDBUF */
694 	if (options & SO_DEBUG)
695 		(void) setsockopt(sndsock, SOL_SOCKET, SO_DEBUG,
696 		    (char *)&on, sizeof(on));
697 	if (options & SO_DONTROUTE)
698 		(void) setsockopt(sndsock, SOL_SOCKET, SO_DONTROUTE,
699 		    (char *)&on, sizeof(on));
700 #ifdef USE_RFC2292BIS
701 	if (rth) {/* XXX: there is no library to finalize the header... */
702 		rth->ip6r_len = rth->ip6r_segleft * 2;
703 		if (setsockopt(sndsock, IPPROTO_IPV6, IPV6_RTHDR,
704 		    (void *)rth, (rth->ip6r_len + 1) << 3)) {
705 			fprintf(stderr, "setsockopt(IPV6_RTHDR): %s\n",
706 			    strerror(errno));
707 			exit(1);
708 		}
709 	}
710 #else  /* old advanced API */
711 	if (cmsg != NULL) {
712 		inet6_rthdr_lasthop(cmsg, IPV6_RTHDR_LOOSE);
713 		if (setsockopt(sndsock, IPPROTO_IPV6, IPV6_PKTOPTIONS,
714 		    rtbuf, cmsg->cmsg_len) < 0) {
715 			fprintf(stderr, "setsockopt(IPV6_PKTOPTIONS): %s\n",
716 			    strerror(errno));
717 			exit(1);
718 		}
719 	}
720 #endif /* USE_RFC2292BIS */
721 #ifdef IPSEC
722 #ifdef IPSEC_POLICY_IPSEC
723 	/*
724 	 * do not raise error even if setsockopt fails, kernel may have ipsec
725 	 * turned off.
726 	 */
727 	if (setpolicy(sndsock, "in bypass") < 0)
728 		errx(1, "%s", ipsec_strerror());
729 	if (setpolicy(sndsock, "out bypass") < 0)
730 		errx(1, "%s", ipsec_strerror());
731 #else
732     {
733 	int level = IPSEC_LEVEL_BYPASS;
734 
735 	(void)setsockopt(sndsock, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, &level,
736 	    sizeof(level));
737 	(void)setsockopt(sndsock, IPPROTO_IPV6, IPV6_ESP_NETWORK_LEVEL, &level,
738 	    sizeof(level));
739 #ifdef IP_AUTH_TRANS_LEVEL
740 	(void)setsockopt(sndsock, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, &level,
741 	    sizeof(level));
742 #else
743 	(void)setsockopt(sndsock, IPPROTO_IPV6, IPV6_AUTH_LEVEL, &level,
744 	    sizeof(level));
745 #endif
746 #ifdef IP_AUTH_NETWORK_LEVEL
747 	(void)setsockopt(sndsock, IPPROTO_IPV6, IPV6_AUTH_NETWORK_LEVEL, &level,
748 	    sizeof(level));
749 #endif
750     }
751 #endif /*IPSEC_POLICY_IPSEC*/
752 #endif /*IPSEC*/
753 
754 	/*
755 	 * Source selection
756 	 */
757 	bzero(&Src, sizeof(Src));
758 	if (source) {
759 		struct addrinfo hints, *res;
760 		int error;
761 
762 		memset(&hints, 0, sizeof(hints));
763 		hints.ai_family = AF_INET6;
764 		hints.ai_socktype = SOCK_DGRAM;	/*dummy*/
765 		hints.ai_flags = AI_NUMERICHOST;
766 		error = getaddrinfo(source, "0", &hints, &res);
767 		if (error) {
768 			printf("traceroute6: %s: %s\n", source,
769 			    gai_strerror(error));
770 			exit(1);
771 		}
772 		if (res->ai_addrlen > sizeof(Src)) {
773 			printf("traceroute6: %s: %s\n", source,
774 			    gai_strerror(error));
775 			exit(1);
776 		}
777 		memcpy(&Src, res->ai_addr, res->ai_addrlen);
778 		freeaddrinfo(res);
779 	} else {
780 		struct sockaddr_in6 Nxt;
781 		int dummy;
782 		socklen_t len;
783 
784 		Nxt = Dst;
785 		Nxt.sin6_port = htons(DUMMY_PORT);
786 		if (cmsg != NULL)
787 			memmove(&Nxt.sin6_addr, inet6_rthdr_getaddr(cmsg, 1),
788 			    sizeof(Nxt.sin6_addr));
789 		if ((dummy = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) {
790 			perror("socket");
791 			exit(1);
792 		}
793 		if (connect(dummy, (struct sockaddr *)&Nxt, Nxt.sin6_len) < 0) {
794 			perror("connect");
795 			exit(1);
796 		}
797 		len = sizeof(Src);
798 		if (getsockname(dummy, (struct sockaddr *)&Src, &len) < 0) {
799 			perror("getsockname");
800 			exit(1);
801 		}
802 		if (getnameinfo((struct sockaddr *)&Src, Src.sin6_len,
803 		    src0, sizeof(src0), NULL, 0, NI_NUMERICHOST)) {
804 			fprintf(stderr, "getnameinfo failed for source\n");
805 			exit(1);
806 		}
807 		source = src0;
808 		close(dummy);
809 	}
810 
811 	Src.sin6_port = htons(0);
812 	if (bind(sndsock, (struct sockaddr *)&Src, Src.sin6_len) < 0) {
813 		perror("bind");
814 		exit(1);
815 	}
816 
817 	{
818 		socklen_t len;
819 
820 		len = sizeof(Src);
821 		if (getsockname(sndsock, (struct sockaddr *)&Src, &len) < 0) {
822 			perror("getsockname");
823 			exit(1);
824 		}
825 		srcport = ntohs(Src.sin6_port);
826 	}
827 
828 	/*
829 	 * Message to users
830 	 */
831 	if (getnameinfo((struct sockaddr *)&Dst, Dst.sin6_len, hbuf,
832 	    sizeof(hbuf), NULL, 0, NI_NUMERICHOST))
833 		strlcpy(hbuf, "(invalid)", sizeof(hbuf));
834 	fprintf(stderr, "traceroute6");
835 	fprintf(stderr, " to %s (%s)", hostname, hbuf);
836 	if (source)
837 		fprintf(stderr, " from %s", source);
838 	fprintf(stderr, ", %lu hops max, %lu byte packets\n",
839 	    max_hops, datalen);
840 	(void) fflush(stderr);
841 
842 	if (first_hop > 1)
843 		printf("Skipping %lu intermediate hops\n", first_hop - 1);
844 
845 	/*
846 	 * Main loop
847 	 */
848 	for (hops = first_hop; hops <= max_hops; ++hops) {
849 		struct in6_addr lastaddr;
850 		int got_there = 0;
851 		int unreachable = 0;
852 
853 		printf("%2lu ", hops);
854 		bzero(&lastaddr, sizeof(lastaddr));
855 		for (probe = 0; probe < nprobes; ++probe) {
856 			int cc;
857 			struct timeval t1, t2;
858 
859 			(void) gettimeofday(&t1, NULL);
860 			send_probe(++seq, hops);
861 			while ((cc = wait_for_reply(rcvsock, &rcvmhdr))) {
862 				(void) gettimeofday(&t2, NULL);
863 				if ((i = packet_ok(&rcvmhdr, cc, seq))) {
864 					if (!IN6_ARE_ADDR_EQUAL(&Rcv.sin6_addr,
865 					    &lastaddr)) {
866 						print(&rcvmhdr, cc);
867 						lastaddr = Rcv.sin6_addr;
868 					}
869 					printf("  %g ms", deltaT(&t1, &t2));
870 					switch (i - 1) {
871 					case ICMP6_DST_UNREACH_NOROUTE:
872 						++unreachable;
873 						printf(" !N");
874 						break;
875 					case ICMP6_DST_UNREACH_ADMIN:
876 						++unreachable;
877 						printf(" !P");
878 						break;
879 					case ICMP6_DST_UNREACH_NOTNEIGHBOR:
880 						++unreachable;
881 						printf(" !S");
882 						break;
883 					case ICMP6_DST_UNREACH_ADDR:
884 						++unreachable;
885 						printf(" !A");
886 						break;
887 					case ICMP6_DST_UNREACH_NOPORT:
888 						if (rcvhlim >= 0 &&
889 						    rcvhlim <= 1)
890 							printf(" !");
891 						++got_there;
892 						break;
893 					}
894 					break;
895 				}
896 			}
897 			if (cc == 0)
898 				printf(" *");
899 			(void) fflush(stdout);
900 		}
901 		putchar('\n');
902 		if (got_there ||
903 		    (unreachable > 0 && unreachable >= ((nprobes + 1) / 2))) {
904 			exit(0);
905 		}
906 	}
907 
908 	exit(0);
909 }
910 
911 int
wait_for_reply(int sock,struct msghdr * mhdr)912 wait_for_reply(int sock, struct msghdr *mhdr)
913 {
914 #ifdef HAVE_POLL
915 	struct pollfd pfd[1];
916 	int cc = 0;
917 
918 	pfd[0].fd = sock;
919 	pfd[0].events = POLLIN;
920 	pfd[0].revents = 0;
921 
922 	if (poll(pfd, 1, waittime * 1000) > 0)
923 		cc = recvmsg(rcvsock, mhdr, 0);
924 
925 	return(cc);
926 #else
927 	fd_set *fdsp;
928 	struct timeval wait;
929 	int cc = 0, fdsn;
930 
931 	fdsn = howmany(sock + 1, NFDBITS) * sizeof(fd_mask);
932 	if ((fdsp = (fd_set *)malloc(fdsn)) == NULL)
933 		err(1, "malloc");
934 	memset(fdsp, 0, fdsn);
935 	FD_SET(sock, fdsp);
936 	wait.tv_sec = waittime; wait.tv_usec = 0;
937 
938 	if (select(sock+1, fdsp, (fd_set *)0, (fd_set *)0, &wait) > 0)
939 		cc = recvmsg(rcvsock, mhdr, 0);
940 
941 	free(fdsp);
942 	return(cc);
943 #endif
944 }
945 
946 #ifdef IPSEC
947 #ifdef IPSEC_POLICY_IPSEC
948 int
setpolicy(int so,char * policy)949 setpolicy(int so, char *policy)
950 {
951 	char *buf;
952 
953 	buf = ipsec_set_policy(policy, strlen(policy));
954 	if (buf == NULL) {
955 		warnx("%s", ipsec_strerror());
956 		return -1;
957 	}
958 	(void)setsockopt(so, IPPROTO_IPV6, IPV6_IPSEC_POLICY,
959 	    buf, ipsec_get_policylen(buf));
960 
961 	free(buf);
962 
963 	return 0;
964 }
965 #endif
966 #endif
967 
968 void
send_probe(int seq,u_long hops)969 send_probe(int seq, u_long hops)
970 {
971 	struct timeval tv;
972 	struct tv32 tv32;
973 	int i;
974 
975 	i = hops;
976 	if (setsockopt(sndsock, IPPROTO_IPV6, IPV6_UNICAST_HOPS,
977 	    (char *)&i, sizeof(i)) < 0) {
978 		perror("setsockopt IPV6_UNICAST_HOPS");
979 	}
980 
981 	Dst.sin6_port = htons(port + seq);
982 	(void) gettimeofday(&tv, NULL);
983 	tv32.tv32_sec = htonl(tv.tv_sec);
984 	tv32.tv32_usec = htonl(tv.tv_usec);
985 
986 	if (useicmp) {
987 		struct icmp6_hdr *icp = (struct icmp6_hdr *)outpacket;
988 
989 		icp->icmp6_type = ICMP6_ECHO_REQUEST;
990 		icp->icmp6_code = 0;
991 		icp->icmp6_cksum = 0;
992 		icp->icmp6_id = ident;
993 		icp->icmp6_seq = htons(seq);
994 		memmove(((u_int8_t *)outpacket + ICMP6ECHOLEN), &tv32, sizeof tv32);
995 	} else {
996 		struct opacket *op = outpacket;
997 
998 		op->seq = seq;
999 		op->hops = hops;
1000 		memmove(&tv32, &op->tv, sizeof tv32);
1001 	}
1002 
1003 	i = sendto(sndsock, (char *)outpacket, datalen, 0,
1004 	    (struct sockaddr *)&Dst, Dst.sin6_len);
1005 	if (i < 0 || i != datalen)  {
1006 		if (i < 0)
1007 			perror("sendto");
1008 		printf("traceroute6: wrote %s %lu chars, ret=%d\n",
1009 		    hostname, datalen, i);
1010 		(void) fflush(stdout);
1011 	}
1012 }
1013 
1014 int
get_hoplim(struct msghdr * mhdr)1015 get_hoplim(struct msghdr *mhdr)
1016 {
1017 	struct cmsghdr *cm;
1018 
1019 	for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm;
1020 	    cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) {
1021 		if (cm->cmsg_level == IPPROTO_IPV6 &&
1022 		    cm->cmsg_type == IPV6_HOPLIMIT &&
1023 		    cm->cmsg_len == CMSG_LEN(sizeof(int)))
1024 			return(*(int *)CMSG_DATA(cm));
1025 	}
1026 
1027 	return(-1);
1028 }
1029 
1030 double
deltaT(struct timeval * t1p,struct timeval * t2p)1031 deltaT(struct timeval *t1p, struct timeval *t2p)
1032 {
1033 	double dt;
1034 
1035 	dt = (double)(t2p->tv_sec - t1p->tv_sec) * 1000.0 +
1036 	    (double)(t2p->tv_usec - t1p->tv_usec) / 1000.0;
1037 	return (dt);
1038 }
1039 
1040 /*
1041  * Convert an ICMP "type" field to a printable string.
1042  */
1043 char *
pr_type(int t0)1044 pr_type(int t0)
1045 {
1046 	u_char t = t0 & 0xff;
1047 	char *cp;
1048 
1049 	switch (t) {
1050 	case ICMP6_DST_UNREACH:
1051 		cp = "Destination Unreachable";
1052 		break;
1053 	case ICMP6_PACKET_TOO_BIG:
1054 		cp = "Packet Too Big";
1055 		break;
1056 	case ICMP6_TIME_EXCEEDED:
1057 		cp = "Time Exceeded";
1058 		break;
1059 	case ICMP6_PARAM_PROB:
1060 		cp = "Parameter Problem";
1061 		break;
1062 	case ICMP6_ECHO_REQUEST:
1063 		cp = "Echo Request";
1064 		break;
1065 	case ICMP6_ECHO_REPLY:
1066 		cp = "Echo Reply";
1067 		break;
1068 	case ICMP6_MEMBERSHIP_QUERY:
1069 		cp = "Group Membership Query";
1070 		break;
1071 	case ICMP6_MEMBERSHIP_REPORT:
1072 		cp = "Group Membership Report";
1073 		break;
1074 	case ICMP6_MEMBERSHIP_REDUCTION:
1075 		cp = "Group Membership Reduction";
1076 		break;
1077 	case ND_ROUTER_SOLICIT:
1078 		cp = "Router Solicitation";
1079 		break;
1080 	case ND_ROUTER_ADVERT:
1081 		cp = "Router Advertisement";
1082 		break;
1083 	case ND_NEIGHBOR_SOLICIT:
1084 		cp = "Neighbor Solicitation";
1085 		break;
1086 	case ND_NEIGHBOR_ADVERT:
1087 		cp = "Neighbor Advertisement";
1088 		break;
1089 	case ND_REDIRECT:
1090 		cp = "Redirect";
1091 		break;
1092 	default:
1093 		cp = "Unknown";
1094 		break;
1095 	}
1096 	return cp;
1097 }
1098 
1099 int
packet_ok(struct msghdr * mhdr,int cc,int seq)1100 packet_ok(struct msghdr *mhdr, int cc, int seq)
1101 {
1102 	struct icmp6_hdr *icp;
1103 	struct sockaddr_in6 *from = (struct sockaddr_in6 *)mhdr->msg_name;
1104 	u_char type, code;
1105 	char *buf = (char *)mhdr->msg_iov[0].iov_base;
1106 	struct cmsghdr *cm;
1107 	int *hlimp;
1108 	char hbuf[NI_MAXHOST];
1109 
1110 #ifdef OLDRAWSOCKET
1111 	int hlen;
1112 	struct ip6_hdr *ip;
1113 #endif
1114 
1115 #ifdef OLDRAWSOCKET
1116 	ip = (struct ip6_hdr *) buf;
1117 	hlen = sizeof(struct ip6_hdr);
1118 	if (cc < hlen + sizeof(struct icmp6_hdr)) {
1119 		if (verbose) {
1120 			if (getnameinfo((struct sockaddr *)from, from->sin6_len,
1121 			    hbuf, sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
1122 				strlcpy(hbuf, "invalid", sizeof(hbuf));
1123 			printf("packet too short (%d bytes) from %s\n", cc,
1124 			    hbuf);
1125 		}
1126 		return (0);
1127 	}
1128 	cc -= hlen;
1129 	icp = (struct icmp6_hdr *)(buf + hlen);
1130 #else
1131 	if (cc < sizeof(struct icmp6_hdr)) {
1132 		if (verbose) {
1133 			if (getnameinfo((struct sockaddr *)from, from->sin6_len,
1134 			    hbuf, sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
1135 				strlcpy(hbuf, "invalid", sizeof(hbuf));
1136 			printf("data too short (%d bytes) from %s\n", cc, hbuf);
1137 		}
1138 		return(0);
1139 	}
1140 	icp = (struct icmp6_hdr *)buf;
1141 #endif
1142 	/* get optional information via advanced API */
1143 	rcvpktinfo = NULL;
1144 	hlimp = NULL;
1145 	for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm;
1146 	    cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) {
1147 		if (cm->cmsg_level == IPPROTO_IPV6 &&
1148 		    cm->cmsg_type == IPV6_PKTINFO &&
1149 		    cm->cmsg_len ==
1150 		    CMSG_LEN(sizeof(struct in6_pktinfo)))
1151 			rcvpktinfo = (struct in6_pktinfo *)(CMSG_DATA(cm));
1152 
1153 		if (cm->cmsg_level == IPPROTO_IPV6 &&
1154 		    cm->cmsg_type == IPV6_HOPLIMIT &&
1155 		    cm->cmsg_len == CMSG_LEN(sizeof(int)))
1156 			hlimp = (int *)CMSG_DATA(cm);
1157 	}
1158 	if (rcvpktinfo == NULL || hlimp == NULL) {
1159 		warnx("failed to get received hop limit or packet info");
1160 #if 0
1161 		return(0);
1162 #else
1163 		rcvhlim = 0;	/*XXX*/
1164 #endif
1165 	}
1166 	else
1167 		rcvhlim = *hlimp;
1168 
1169 	type = icp->icmp6_type;
1170 	code = icp->icmp6_code;
1171 	if ((type == ICMP6_TIME_EXCEEDED && code == ICMP6_TIME_EXCEED_TRANSIT)
1172 	    || type == ICMP6_DST_UNREACH) {
1173 		struct ip6_hdr *hip;
1174 		struct udphdr *up;
1175 
1176 		hip = (struct ip6_hdr *)(icp + 1);
1177 		if ((up = get_udphdr(hip, (u_char *)(buf + cc))) == NULL) {
1178 			if (verbose)
1179 				warnx("failed to get upper layer header");
1180 			return(0);
1181 		}
1182 		if (useicmp &&
1183 		    ((struct icmp6_hdr *)up)->icmp6_id == ident &&
1184 		    ((struct icmp6_hdr *)up)->icmp6_seq == htons(seq))
1185 			return (type == ICMP6_TIME_EXCEEDED ? -1 : code + 1);
1186 		else if (!useicmp &&
1187 		    up->uh_sport == htons(srcport) &&
1188 		    up->uh_dport == htons(port + seq))
1189 			return (type == ICMP6_TIME_EXCEEDED ? -1 : code + 1);
1190 	} else if (useicmp && type == ICMP6_ECHO_REPLY) {
1191 		if (icp->icmp6_id == ident &&
1192 		    icp->icmp6_seq == htons(seq))
1193 			return (ICMP6_DST_UNREACH_NOPORT + 1);
1194 	}
1195 	if (verbose) {
1196 		char sbuf[NI_MAXHOST+1], dbuf[INET6_ADDRSTRLEN];
1197 		u_int8_t *p;
1198 		int i;
1199 
1200 		if (getnameinfo((struct sockaddr *)from, from->sin6_len,
1201 		    sbuf, sizeof(sbuf), NULL, 0, NI_NUMERICHOST) != 0)
1202 			strlcpy(sbuf, "invalid", sizeof(sbuf));
1203 		printf("\n%d bytes from %s to %s", cc, sbuf,
1204 		    rcvpktinfo ? inet_ntop(AF_INET6, &rcvpktinfo->ipi6_addr,
1205 		    dbuf, sizeof(dbuf)) : "?");
1206 		printf(": icmp type %d (%s) code %d\n", type, pr_type(type),
1207 		    icp->icmp6_code);
1208 		p = (u_int8_t *)(icp + 1);
1209 #define WIDTH	16
1210 		for (i = 0; i < cc; i++) {
1211 			if (i % WIDTH == 0)
1212 				printf("%04x:", i);
1213 			if (i % 4 == 0)
1214 				printf(" ");
1215 			printf("%02x", p[i]);
1216 			if (i % WIDTH == WIDTH - 1)
1217 				printf("\n");
1218 		}
1219 		if (cc % WIDTH != 0)
1220 			printf("\n");
1221 	}
1222 	return(0);
1223 }
1224 
1225 /*
1226  * Increment pointer until find the UDP or ICMP header.
1227  */
1228 struct udphdr *
get_udphdr(struct ip6_hdr * ip6,u_char * lim)1229 get_udphdr(struct ip6_hdr *ip6, u_char *lim)
1230 {
1231 	u_char *cp = (u_char *)ip6, nh;
1232 	int hlen;
1233 
1234 	if (cp + sizeof(*ip6) >= lim)
1235 		return(NULL);
1236 
1237 	nh = ip6->ip6_nxt;
1238 	cp += sizeof(struct ip6_hdr);
1239 
1240 	while (lim - cp >= 8) {
1241 		switch (nh) {
1242 		case IPPROTO_ESP:
1243 		case IPPROTO_TCP:
1244 			return(NULL);
1245 		case IPPROTO_ICMPV6:
1246 			return(useicmp ? (struct udphdr *)cp : NULL);
1247 		case IPPROTO_UDP:
1248 			return(useicmp ? NULL : (struct udphdr *)cp);
1249 		case IPPROTO_FRAGMENT:
1250 			hlen = sizeof(struct ip6_frag);
1251 			nh = ((struct ip6_frag *)cp)->ip6f_nxt;
1252 			break;
1253 		case IPPROTO_AH:
1254 			hlen = (((struct ip6_ext *)cp)->ip6e_len + 2) << 2;
1255 			nh = ((struct ip6_ext *)cp)->ip6e_nxt;
1256 			break;
1257 		default:
1258 			hlen = (((struct ip6_ext *)cp)->ip6e_len + 1) << 3;
1259 			nh = ((struct ip6_ext *)cp)->ip6e_nxt;
1260 			break;
1261 		}
1262 
1263 		cp += hlen;
1264 	}
1265 
1266 	return(NULL);
1267 }
1268 
1269 void
print(struct msghdr * mhdr,int cc)1270 print(struct msghdr *mhdr, int cc)
1271 {
1272 	struct sockaddr_in6 *from = (struct sockaddr_in6 *)mhdr->msg_name;
1273 	char hbuf[NI_MAXHOST];
1274 
1275 	if (getnameinfo((struct sockaddr *)from, from->sin6_len,
1276 	    hbuf, sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
1277 		strlcpy(hbuf, "invalid", sizeof(hbuf));
1278 	if (nflag)
1279 		printf(" %s", hbuf);
1280 	else if (lflag)
1281 		printf(" %s (%s)", inetname((struct sockaddr *)from), hbuf);
1282 	else
1283 		printf(" %s", inetname((struct sockaddr *)from));
1284 
1285 	if (verbose) {
1286 #ifdef OLDRAWSOCKET
1287 		printf(" %d bytes to %s", cc,
1288 		    rcvpktinfo ? inet_ntop(AF_INET6, &rcvpktinfo->ipi6_addr,
1289 		    hbuf, sizeof(hbuf)) : "?");
1290 #else
1291 		printf(" %d bytes of data to %s", cc,
1292 		    rcvpktinfo ?  inet_ntop(AF_INET6, &rcvpktinfo->ipi6_addr,
1293 		    hbuf, sizeof(hbuf)) : "?");
1294 #endif
1295 	}
1296 }
1297 
1298 /*
1299  * Construct an Internet address representation.
1300  * If the nflag has been supplied, give
1301  * numeric value, otherwise try for symbolic name.
1302  */
1303 const char *
inetname(struct sockaddr * sa)1304 inetname(struct sockaddr *sa)
1305 {
1306 	static char line[NI_MAXHOST], domain[MAXHOSTNAMELEN + 1];
1307 	static int first = 1;
1308 	char *cp;
1309 
1310 	if (first && !nflag) {
1311 		first = 0;
1312 		if (gethostname(domain, sizeof(domain)) == 0 &&
1313 		    (cp = strchr(domain, '.')))
1314 			(void) strlcpy(domain, cp + 1, sizeof(domain));
1315 		else
1316 			domain[0] = 0;
1317 	}
1318 	cp = NULL;
1319 	if (!nflag) {
1320 		if (getnameinfo(sa, sa->sa_len, line, sizeof(line), NULL, 0,
1321 		    NI_NAMEREQD) == 0) {
1322 			if ((cp = strchr(line, '.')) &&
1323 			    !strcmp(cp + 1, domain))
1324 				*cp = 0;
1325 			cp = line;
1326 		}
1327 	}
1328 	if (cp)
1329 		return cp;
1330 
1331 	if (getnameinfo(sa, sa->sa_len, line, sizeof(line), NULL, 0,
1332 	    NI_NUMERICHOST) != 0)
1333 		strlcpy(line, "invalid", sizeof(line));
1334 	return line;
1335 }
1336 
1337 void
usage(void)1338 usage(void)
1339 {
1340 
1341 	fprintf(stderr,
1342 "usage: traceroute6 [-dIlnrv] [-f firsthop] [-g gateway] [-m hoplimit]\n"
1343 "       [-p port] [-q probes] [-s src] [-w waittime] target [datalen]\n");
1344 	exit(1);
1345 }
1346