]> The Tcpdump Group git mirrors - tcpdump/blob - print-ntp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
NTP: Improve length checks.
[tcpdump] / print-ntp.c
1 /*
2 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * By Jeffrey Mogul/DECWRL
22 * loosely based on print-bootp.c
23 */
24
25 /* \summary: Network Time Protocol (NTP) printer */
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <netdissect-stdinc.h>
32
33 #ifdef HAVE_STRFTIME
34 #include <time.h>
35 #endif
36
37 #include "netdissect.h"
38 #include "addrtoname.h"
39 #include "extract.h"
40
41 /*
42 * Based on ntp.h from the U of MD implementation
43 * This file is based on Version 2 of the NTP spec (RFC1119).
44 */
45
46 /*
47 * Definitions for the masses
48 */
49 #define JAN_1970 2208988800U /* 1970 - 1900 in seconds */
50
51 /*
52 * Structure definitions for NTP fixed point values
53 *
54 * 0 1 2 3
55 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
56 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
57 * | Integer Part |
58 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
59 * | Fraction Part |
60 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
61 *
62 * 0 1 2 3
63 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
64 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
65 * | Integer Part | Fraction Part |
66 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
67 */
68 struct l_fixedpt {
69 uint32_t int_part;
70 uint32_t fraction;
71 };
72
73 struct s_fixedpt {
74 uint16_t int_part;
75 uint16_t fraction;
76 };
77
78 /* rfc2030
79 * 1 2 3
80 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
81 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
82 * |LI | VN |Mode | Stratum | Poll | Precision |
83 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
84 * | Root Delay |
85 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
86 * | Root Dispersion |
87 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
88 * | Reference Identifier |
89 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
90 * | |
91 * | Reference Timestamp (64) |
92 * | |
93 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
94 * | |
95 * | Originate Timestamp (64) |
96 * | |
97 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
98 * | |
99 * | Receive Timestamp (64) |
100 * | |
101 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
102 * | |
103 * | Transmit Timestamp (64) |
104 * | |
105 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
106 * | Key Identifier (optional) (32) |
107 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
108 * | |
109 * | |
110 * | Message Digest (optional) (128) |
111 * | |
112 * | |
113 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
114 */
115
116 /* Length of the NTP message with the mandatory fields ("the header")
117 * and without any optional fields (extension, Key Identifier,
118 * Message Digest).
119 */
120 #define NTP_MSG_MINLEN 48
121
122 struct ntpdata {
123 u_char status; /* status of local clock and leap info */
124 u_char stratum; /* Stratum level */
125 int ppoll:8; /* poll value */
126 int precision:8;
127 struct s_fixedpt root_delay;
128 struct s_fixedpt root_dispersion;
129 uint32_t refid;
130 struct l_fixedpt ref_timestamp;
131 struct l_fixedpt org_timestamp;
132 struct l_fixedpt rec_timestamp;
133 struct l_fixedpt xmt_timestamp;
134 uint32_t key_id;
135 uint8_t message_digest[20];
136 };
137 /*
138 * Leap Second Codes (high order two bits)
139 */
140 #define NO_WARNING 0x00 /* no warning */
141 #define PLUS_SEC 0x40 /* add a second (61 seconds) */
142 #define MINUS_SEC 0x80 /* minus a second (59 seconds) */
143 #define ALARM 0xc0 /* alarm condition (clock unsynchronized) */
144
145 /*
146 * Clock Status Bits that Encode Version
147 */
148 #define NTPVERSION_1 0x08
149 #define VERSIONMASK 0x38
150 #define VERSIONSHIFT 3
151 #define LEAPMASK 0xc0
152 #define LEAPSHIFT 6
153 #ifdef MODEMASK
154 #undef MODEMASK /* Solaris sucks */
155 #endif
156 #define MODEMASK 0x07
157 #define MODESHIFT 0
158
159 /*
160 * Code values
161 */
162 #define MODE_UNSPEC 0 /* unspecified */
163 #define MODE_SYM_ACT 1 /* symmetric active */
164 #define MODE_SYM_PAS 2 /* symmetric passive */
165 #define MODE_CLIENT 3 /* client */
166 #define MODE_SERVER 4 /* server */
167 #define MODE_BROADCAST 5 /* broadcast */
168 #define MODE_CONTROL 6 /* control message */
169 #define MODE_RES2 7 /* reserved */
170
171 /*
172 * Stratum Definitions
173 */
174 #define UNSPECIFIED 0
175 #define PRIM_REF 1 /* radio clock */
176 #define INFO_QUERY 62 /* **** THIS implementation dependent **** */
177 #define INFO_REPLY 63 /* **** THIS implementation dependent **** */
178
179 static void p_sfix(netdissect_options *ndo, const struct s_fixedpt *);
180 static void p_ntp_time(netdissect_options *, const struct l_fixedpt *);
181 static void p_ntp_delta(netdissect_options *, const struct l_fixedpt *, const struct l_fixedpt *);
182 static void p_poll(netdissect_options *, register const int);
183
184 static const struct tok ntp_mode_values[] = {
185 { MODE_UNSPEC, "unspecified" },
186 { MODE_SYM_ACT, "symmetric active" },
187 { MODE_SYM_PAS, "symmetric passive" },
188 { MODE_CLIENT, "Client" },
189 { MODE_SERVER, "Server" },
190 { MODE_BROADCAST, "Broadcast" },
191 { MODE_CONTROL, "Control Message" },
192 { MODE_RES2, "Reserved" },
193 { 0, NULL }
194 };
195
196 static const struct tok ntp_leapind_values[] = {
197 { NO_WARNING, "" },
198 { PLUS_SEC, "+1s" },
199 { MINUS_SEC, "-1s" },
200 { ALARM, "clock unsynchronized" },
201 { 0, NULL }
202 };
203
204 static const struct tok ntp_stratum_values[] = {
205 { UNSPECIFIED, "unspecified" },
206 { PRIM_REF, "primary reference" },
207 { 0, NULL }
208 };
209
210 /*
211 * Print ntp requests
212 */
213 void
214 ntp_print(netdissect_options *ndo,
215 register const u_char *cp, u_int length)
216 {
217 register const struct ntpdata *bp;
218 int mode, version, leapind;
219
220 if (length < NTP_MSG_MINLEN) {
221 ND_PRINT((ndo, "NTP, length %u", length));
222 goto invalid;
223 }
224
225 bp = (const struct ntpdata *)cp;
226
227 ND_TCHECK(bp->status);
228
229 version = (int)(bp->status & VERSIONMASK) >> VERSIONSHIFT;
230 ND_PRINT((ndo, "NTPv%d", version));
231
232 mode = bp->status & MODEMASK;
233 if (!ndo->ndo_vflag) {
234 ND_PRINT((ndo, ", %s, length %u",
235 tok2str(ntp_mode_values, "Unknown mode", mode),
236 length));
237 return;
238 }
239
240 ND_PRINT((ndo, ", length %u\n\t%s",
241 length,
242 tok2str(ntp_mode_values, "Unknown mode", mode)));
243
244 leapind = bp->status & LEAPMASK;
245 ND_PRINT((ndo, ", Leap indicator: %s (%u)",
246 tok2str(ntp_leapind_values, "Unknown", leapind),
247 leapind));
248
249 ND_TCHECK(bp->stratum);
250 ND_PRINT((ndo, ", Stratum %u (%s)",
251 bp->stratum,
252 tok2str(ntp_stratum_values, (bp->stratum >=2 && bp->stratum<=15) ? "secondary reference" : "reserved", bp->stratum)));
253
254 /* Can't ND_TCHECK bp->ppoll bitfield so bp->stratum + 2 instead */
255 ND_TCHECK2(bp->stratum, 2);
256 ND_PRINT((ndo, ", poll %d", bp->ppoll));
257 p_poll(ndo, bp->ppoll);
258
259 /* Can't ND_TCHECK bp->precision bitfield so bp->distance + 0 instead */
260 ND_TCHECK2(bp->root_delay, 0);
261 ND_PRINT((ndo, ", precision %d", bp->precision));
262
263 ND_TCHECK(bp->root_delay);
264 ND_PRINT((ndo, "\n\tRoot Delay: "));
265 p_sfix(ndo, &bp->root_delay);
266
267 ND_TCHECK(bp->root_dispersion);
268 ND_PRINT((ndo, ", Root dispersion: "));
269 p_sfix(ndo, &bp->root_dispersion);
270
271 ND_TCHECK(bp->refid);
272 ND_PRINT((ndo, ", Reference-ID: "));
273 /* Interpretation depends on stratum */
274 switch (bp->stratum) {
275
276 case UNSPECIFIED:
277 ND_PRINT((ndo, "(unspec)"));
278 break;
279
280 case PRIM_REF:
281 if (fn_printn(ndo, (const u_char *)&(bp->refid), 4, ndo->ndo_snapend))
282 goto trunc;
283 break;
284
285 case INFO_QUERY:
286 ND_PRINT((ndo, "%s INFO_QUERY", ipaddr_string(ndo, &(bp->refid))));
287 /* this doesn't have more content */
288 return;
289
290 case INFO_REPLY:
291 ND_PRINT((ndo, "%s INFO_REPLY", ipaddr_string(ndo, &(bp->refid))));
292 /* this is too complex to be worth printing */
293 return;
294
295 default:
296 /* In NTPv4 (RFC 5905) refid is an IPv4 address or first 32 bits of
297 MD5 sum of IPv6 address */
298 ND_PRINT((ndo, "0x%08x", EXTRACT_32BITS(&bp->refid)));
299 break;
300 }
301
302 ND_TCHECK(bp->ref_timestamp);
303 ND_PRINT((ndo, "\n\t Reference Timestamp: "));
304 p_ntp_time(ndo, &(bp->ref_timestamp));
305
306 ND_TCHECK(bp->org_timestamp);
307 ND_PRINT((ndo, "\n\t Originator Timestamp: "));
308 p_ntp_time(ndo, &(bp->org_timestamp));
309
310 ND_TCHECK(bp->rec_timestamp);
311 ND_PRINT((ndo, "\n\t Receive Timestamp: "));
312 p_ntp_time(ndo, &(bp->rec_timestamp));
313
314 ND_TCHECK(bp->xmt_timestamp);
315 ND_PRINT((ndo, "\n\t Transmit Timestamp: "));
316 p_ntp_time(ndo, &(bp->xmt_timestamp));
317
318 ND_PRINT((ndo, "\n\t Originator - Receive Timestamp: "));
319 p_ntp_delta(ndo, &(bp->org_timestamp), &(bp->rec_timestamp));
320
321 ND_PRINT((ndo, "\n\t Originator - Transmit Timestamp: "));
322 p_ntp_delta(ndo, &(bp->org_timestamp), &(bp->xmt_timestamp));
323
324 /* FIXME: this code is not aware of any extension fields */
325 if (length == NTP_MSG_MINLEN + 4) { /* Optional: key-id (crypto-NAK) */
326 ND_TCHECK(bp->key_id);
327 ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_32BITS(&bp->key_id)));
328 } else if (length == NTP_MSG_MINLEN + 4 + 16) { /* Optional: key-id + 128-bit digest */
329 ND_TCHECK(bp->key_id);
330 ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_32BITS(&bp->key_id)));
331 ND_TCHECK2(bp->message_digest, 16);
332 ND_PRINT((ndo, "\n\tAuthentication: %08x%08x%08x%08x",
333 EXTRACT_32BITS(bp->message_digest),
334 EXTRACT_32BITS(bp->message_digest + 4),
335 EXTRACT_32BITS(bp->message_digest + 8),
336 EXTRACT_32BITS(bp->message_digest + 12)));
337 } else if (length == NTP_MSG_MINLEN + 4 + 20) { /* Optional: key-id + 160-bit digest */
338 ND_TCHECK(bp->key_id);
339 ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_32BITS(&bp->key_id)));
340 ND_TCHECK2(bp->message_digest, 20);
341 ND_PRINT((ndo, "\n\tAuthentication: %08x%08x%08x%08x%08x",
342 EXTRACT_32BITS(bp->message_digest),
343 EXTRACT_32BITS(bp->message_digest + 4),
344 EXTRACT_32BITS(bp->message_digest + 8),
345 EXTRACT_32BITS(bp->message_digest + 12),
346 EXTRACT_32BITS(bp->message_digest + 16)));
347 } else if (length > NTP_MSG_MINLEN) {
348 ND_PRINT((ndo, "\n\t(%u more bytes after the header)", length - NTP_MSG_MINLEN));
349 }
350 return;
351
352 invalid:
353 ND_PRINT((ndo, " %s", istr));
354 ND_TCHECK2(*cp, length);
355 return;
356
357 trunc:
358 ND_PRINT((ndo, " [|ntp]"));
359 }
360
361 static void
362 p_sfix(netdissect_options *ndo,
363 register const struct s_fixedpt *sfp)
364 {
365 register int i;
366 register int f;
367 register double ff;
368
369 i = EXTRACT_16BITS(&sfp->int_part);
370 f = EXTRACT_16BITS(&sfp->fraction);
371 ff = f / 65536.0; /* shift radix point by 16 bits */
372 f = (int)(ff * 1000000.0); /* Treat fraction as parts per million */
373 ND_PRINT((ndo, "%d.%06d", i, f));
374 }
375
376 #define FMAXINT (4294967296.0) /* floating point rep. of MAXINT */
377
378 static void
379 p_ntp_time(netdissect_options *ndo,
380 register const struct l_fixedpt *lfp)
381 {
382 register int32_t i;
383 register uint32_t uf;
384 register uint32_t f;
385 register double ff;
386
387 i = EXTRACT_32BITS(&lfp->int_part);
388 uf = EXTRACT_32BITS(&lfp->fraction);
389 ff = uf;
390 if (ff < 0.0) /* some compilers are buggy */
391 ff += FMAXINT;
392 ff = ff / FMAXINT; /* shift radix point by 32 bits */
393 f = (uint32_t)(ff * 1000000000.0); /* treat fraction as parts per billion */
394 ND_PRINT((ndo, "%u.%09d", i, f));
395
396 #ifdef HAVE_STRFTIME
397 /*
398 * print the UTC time in human-readable format.
399 */
400 if (i) {
401 time_t seconds = i - JAN_1970;
402 struct tm *tm;
403 char time_buf[128];
404
405 tm = gmtime(&seconds);
406 /* use ISO 8601 (RFC3339) format */
407 strftime(time_buf, sizeof (time_buf), "%Y-%m-%dT%H:%M:%S", tm);
408 ND_PRINT((ndo, " (%s)", time_buf));
409 }
410 #endif
411 }
412
413 /* Prints time difference between *lfp and *olfp */
414 static void
415 p_ntp_delta(netdissect_options *ndo,
416 register const struct l_fixedpt *olfp,
417 register const struct l_fixedpt *lfp)
418 {
419 register int32_t i;
420 register uint32_t u, uf;
421 register uint32_t ou, ouf;
422 register uint32_t f;
423 register double ff;
424 int signbit;
425
426 u = EXTRACT_32BITS(&lfp->int_part);
427 ou = EXTRACT_32BITS(&olfp->int_part);
428 uf = EXTRACT_32BITS(&lfp->fraction);
429 ouf = EXTRACT_32BITS(&olfp->fraction);
430 if (ou == 0 && ouf == 0) {
431 p_ntp_time(ndo, lfp);
432 return;
433 }
434
435 i = u - ou;
436
437 if (i > 0) { /* new is definitely greater than old */
438 signbit = 0;
439 f = uf - ouf;
440 if (ouf > uf) /* must borrow from high-order bits */
441 i -= 1;
442 } else if (i < 0) { /* new is definitely less than old */
443 signbit = 1;
444 f = ouf - uf;
445 if (uf > ouf) /* must carry into the high-order bits */
446 i += 1;
447 i = -i;
448 } else { /* int_part is zero */
449 if (uf > ouf) {
450 signbit = 0;
451 f = uf - ouf;
452 } else {
453 signbit = 1;
454 f = ouf - uf;
455 }
456 }
457
458 ff = f;
459 if (ff < 0.0) /* some compilers are buggy */
460 ff += FMAXINT;
461 ff = ff / FMAXINT; /* shift radix point by 32 bits */
462 f = (uint32_t)(ff * 1000000000.0); /* treat fraction as parts per billion */
463 ND_PRINT((ndo, "%s%d.%09d", signbit ? "-" : "+", i, f));
464 }
465
466 /* Prints polling interval in log2 as seconds or fraction of second */
467 static void
468 p_poll(netdissect_options *ndo,
469 register const int poll)
470 {
471 if (poll <= -32 || poll >= 32)
472 return;
473
474 if (poll >= 0)
475 ND_PRINT((ndo, " (%us)", 1U << poll));
476 else
477 ND_PRINT((ndo, " (1/%us)", 1U << -poll));
478 }
479
[mirror] the TCPdump network dissector