]> The Tcpdump Group git mirrors - tcpdump/blob - print-domain.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
IPX SAP requests don't have service names in them, they just have a
[tcpdump] / print-domain.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/tcpdump/print-domain.c,v 1.65 2001-01-12 15:06:06 itojun Exp $ (LBL)";
25 #endif
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <sys/param.h>
32 #include <sys/time.h>
33
34 #include <netinet/in.h>
35
36 #ifdef NOERROR
37 #undef NOERROR /* Solaris sucks */
38 #endif
39 #ifdef NOERROR
40 #undef T_UNSPEC /* SINIX does too */
41 #endif
42 #include "nameser.h"
43
44 #include <stdio.h>
45 #include <string.h>
46
47 #include "interface.h"
48 #include "addrtoname.h"
49 #include "extract.h" /* must come after interface.h */
50
51 /* Compatibility */
52 #ifndef T_TXT
53 #define T_TXT 16 /* text strings */
54 #endif
55 #ifndef T_RP
56 #define T_RP 17 /* responsible person */
57 #endif
58 #ifndef T_AFSDB
59 #define T_AFSDB 18 /* AFS cell database */
60 #endif
61 #ifndef T_X25
62 #define T_X25 19 /* X_25 calling address */
63 #endif
64 #ifndef T_ISDN
65 #define T_ISDN 20 /* ISDN calling address */
66 #endif
67 #ifndef T_RT
68 #define T_RT 21 /* router */
69 #endif
70 #ifndef T_NSAP
71 #define T_NSAP 22 /* NSAP address */
72 #endif
73 #ifndef T_NSAP_PTR
74 #define T_NSAP_PTR 23 /* reverse NSAP lookup (deprecated) */
75 #endif
76 #ifndef T_SIG
77 #define T_SIG 24 /* security signature */
78 #endif
79 #ifndef T_KEY
80 #define T_KEY 25 /* security key */
81 #endif
82 #ifndef T_PX
83 #define T_PX 26 /* X.400 mail mapping */
84 #endif
85 #ifndef T_GPOS
86 #define T_GPOS 27 /* geographical position (withdrawn) */
87 #endif
88 #ifndef T_AAAA
89 #define T_AAAA 28 /* IP6 Address */
90 #endif
91 #ifndef T_LOC
92 #define T_LOC 29 /* Location Information */
93 #endif
94 #ifndef T_NXT
95 #define T_NXT 30 /* Next Valid Name in Zone */
96 #endif
97 #ifndef T_EID
98 #define T_EID 31 /* Endpoint identifier */
99 #endif
100 #ifndef T_NIMLOC
101 #define T_NIMLOC 32 /* Nimrod locator */
102 #endif
103 #ifndef T_SRV
104 #define T_SRV 33 /* Server selection */
105 #endif
106 #ifndef T_ATMA
107 #define T_ATMA 34 /* ATM Address */
108 #endif
109 #ifndef T_NAPTR
110 #define T_NAPTR 35 /* Naming Authority PoinTeR */
111 #endif
112 #ifndef T_A6
113 #define T_A6 38 /* IP6 address */
114 #endif
115 #ifndef T_DNAME
116 #define T_DNAME 39 /* non-terminal redirection */
117 #endif
118
119 #ifndef T_OPT
120 #define T_OPT 41 /* EDNS0 option (meta-RR) */
121 #endif
122
123 #ifndef T_UNSPEC
124 #define T_UNSPEC 103 /* Unspecified format (binary data) */
125 #endif
126 #ifndef T_UNSPECA
127 #define T_UNSPECA 104 /* "unspecified ascii". Ugly MIT hack */
128 #endif
129
130 #ifndef C_CHAOS
131 #define C_CHAOS 3 /* for chaos net (MIT) */
132 #endif
133 #ifndef C_HS
134 #define C_HS 4 /* for Hesiod name server (MIT) (XXX) */
135 #endif
136
137 static char *ns_ops[] = {
138 "", " inv_q", " stat", " op3", " notify", " op5", " op6", " op7",
139 " op8", " updataA", " updateD", " updateDA",
140 " updateM", " updateMA", " zoneInit", " zoneRef",
141 };
142
143 static char *ns_resp[] = {
144 "", " FormErr", " ServFail", " NXDomain",
145 " NotImp", " Refused", " Resp6", " Resp7",
146 " Resp8", " Resp9", " Resp10", " Resp11",
147 " Resp12", " Resp13", " Resp14", " NoChange",
148 };
149
150 /* skip over a domain name */
151 static const u_char *
152 ns_nskip(register const u_char *cp, register const u_char *bp)
153 {
154 register u_char i;
155
156 if (((i = *cp++) & INDIR_MASK) == INDIR_MASK)
157 return (cp + 1);
158 if (cp >= snapend)
159 return(NULL);
160 while (i && cp < snapend) {
161 if ((i & INDIR_MASK) == EDNS0_MASK) {
162 int bitlen, bytelen;
163
164 if ((i & ~INDIR_MASK) != EDNS0_ELT_BITLABEL)
165 return(NULL); /* unknown ELT */
166 if ((bitlen = *cp++) == 0)
167 bitlen = 256;
168 bytelen = (bitlen + 7) / 8;
169 cp += bytelen;
170 } else
171 cp += i;
172 if (cp >= snapend)
173 return(NULL);
174 i = *cp++;
175 }
176 return (cp);
177 }
178
179 /* print a <domain-name> */
180 static const u_char *
181 blabel_print(const u_char *cp)
182 {
183 int bitlen, slen, b;
184 int truncated = 0;
185 const u_char *bitp, *lim;
186 char tc;
187
188 if (cp >= snapend)
189 return(NULL);
190 if ((bitlen = *cp) == 0)
191 bitlen = 256;
192 slen = (bitlen + 3) / 4;
193 if ((lim = cp + 1 + slen) > snapend) {
194 truncated = 1;
195 lim = snapend;
196 }
197
198 /* print the bit string as a hex string */
199 printf("\\[x");
200 for (bitp = cp + 1, b = bitlen; bitp < lim && b > 7; b -= 8, bitp++)
201 printf("%02x", *bitp);
202 if (bitp == lim)
203 printf("...");
204 else if (b > 4) {
205 tc = *bitp++;
206 printf("%02x", tc & (0xff << (8 - b)));
207 } else if (b > 0) {
208 tc = *bitp++;
209 printf("%1x", ((tc >> 4) & 0x0f) & (0x0f << (4 - b)));
210 }
211 printf("/%d]", bitlen);
212
213 return(truncated ? NULL : lim);
214 }
215
216 static int
217 labellen(const u_char *cp)
218 {
219 register u_int i;
220
221 if (cp >= snapend)
222 return(-1);
223 i = *cp;
224 if ((i & INDIR_MASK) == EDNS0_MASK) {
225 int bitlen, elt;
226
227 if ((elt = (i & ~INDIR_MASK)) != EDNS0_ELT_BITLABEL)
228 return(-1);
229 if (cp + 1 >= snapend)
230 return(-1);
231 if ((bitlen = *(cp + 1)) == 0)
232 bitlen = 256;
233 return(((bitlen + 7) / 8) + 1);
234 } else
235 return(i);
236 }
237
238 static const u_char *
239 ns_nprint(register const u_char *cp, register const u_char *bp)
240 {
241 register u_int i, l;
242 register const u_char *rp = NULL;
243 register int compress = 0;
244 int chars_processed;
245 int elt;
246 int data_size = snapend - bp;
247
248 if ((l = labellen(cp)) < 0)
249 return(NULL);
250 if (cp >= snapend)
251 return(NULL);
252 chars_processed = 1;
253 if (((i = *cp++) & INDIR_MASK) != INDIR_MASK) {
254 compress = 0;
255 rp = cp + l;
256 }
257
258 if (i != 0)
259 while (i && cp < snapend) {
260 if ((i & INDIR_MASK) == INDIR_MASK) {
261 if (!compress) {
262 rp = cp + 1;
263 compress = 1;
264 }
265 cp = bp + (((i << 8) | *cp) & 0x3fff);
266 if (cp >= snapend)
267 return(NULL);
268 if ((l = labellen(cp)) < 0)
269 return(NULL);
270 i = *cp++;
271 chars_processed++;
272
273 /*
274 * If we've looked at every character in
275 * the message, this pointer will make
276 * us look at some character again,
277 * which means we're looping.
278 */
279 if (chars_processed >= data_size) {
280 printf("<LOOP>");
281 return (NULL);
282 }
283 continue;
284 }
285 if ((i & INDIR_MASK) == EDNS0_MASK) {
286 elt = (i & ~INDIR_MASK);
287 switch(elt) {
288 case EDNS0_ELT_BITLABEL:
289 blabel_print(cp);
290 break;
291 default:
292 /* unknown ELT */
293 printf("<ELT %d>", elt);
294 return(NULL);
295 }
296 } else {
297 if (fn_printn(cp, l, snapend))
298 break;
299 }
300
301 cp += l;
302 chars_processed += l;
303 putchar('.');
304 if (cp >= snapend || (l = labellen(cp)) < 0)
305 return(NULL);
306 i = *cp++;
307 chars_processed++;
308 if (!compress)
309 rp += l + 1;
310 }
311 else
312 putchar('.');
313 return (rp);
314 }
315
316 /* print a <character-string> */
317 static const u_char *
318 ns_cprint(register const u_char *cp, register const u_char *bp)
319 {
320 register u_int i;
321
322 if (cp >= snapend)
323 return NULL;
324 i = *cp++;
325 (void)fn_printn(cp, i, snapend);
326 return (cp + i);
327 }
328
329 static struct tok type2str[] = {
330 { T_A, "A" },
331 { T_NS, "NS" },
332 { T_MD, "MD" },
333 { T_MF, "MF" },
334 { T_CNAME, "CNAME" },
335 { T_SOA, "SOA" },
336 { T_MB, "MB" },
337 { T_MG, "MG" },
338 { T_MR, "MR" },
339 { T_NULL, "NULL" },
340 { T_WKS, "WKS" },
341 { T_PTR, "PTR" },
342 { T_HINFO, "HINFO" },
343 { T_MINFO, "MINFO" },
344 { T_MX, "MX" },
345 { T_TXT, "TXT" },
346 { T_RP, "RP" },
347 { T_AFSDB, "AFSDB" },
348 { T_X25, "X25" },
349 { T_ISDN, "ISDN" },
350 { T_RT, "RT" },
351 { T_NSAP, "NSAP" },
352 { T_NSAP_PTR, "NSAP_PTR" },
353 { T_SIG, "SIG" },
354 { T_KEY, "KEY" },
355 { T_PX, "PX" },
356 { T_GPOS, "GPOS" },
357 { T_AAAA, "AAAA" },
358 { T_LOC, "LOC " },
359 { T_NXT, "NXT " },
360 { T_EID, "EID " },
361 { T_NIMLOC, "NIMLOC " },
362 { T_SRV, "SRV " },
363 { T_ATMA, "ATMA " },
364 { T_NAPTR, "NAPTR " },
365 { T_A6, "A6 " },
366 { T_DNAME, "DNAME " },
367 { T_OPT, "OPT " },
368 { T_UINFO, "UINFO" },
369 { T_UID, "UID" },
370 { T_GID, "GID" },
371 { T_UNSPEC, "UNSPEC" },
372 { T_UNSPECA, "UNSPECA" },
373 { T_AXFR, "AXFR" },
374 { T_MAILB, "MAILB" },
375 { T_MAILA, "MAILA" },
376 { T_ANY, "ANY" },
377 { 0, NULL }
378 };
379
380 static struct tok class2str[] = {
381 { C_IN, "IN" }, /* Not used */
382 { C_CHAOS, "CHAOS)" },
383 { C_HS, "HS" },
384 { C_ANY, "ANY" },
385 { 0, NULL }
386 };
387
388 /* print a query */
389 static const u_char *
390 ns_qprint(register const u_char *cp, register const u_char *bp)
391 {
392 register const u_char *np = cp;
393 register u_int i;
394
395 cp = ns_nskip(cp, bp);
396
397 if (cp + 4 > snapend || cp == NULL)
398 return(NULL);
399
400 /* print the qtype and qclass (if it's not IN) */
401 i = *cp++ << 8;
402 i |= *cp++;
403 printf(" %s", tok2str(type2str, "Type%d", i));
404 i = *cp++ << 8;
405 i |= *cp++;
406 if (i != C_IN)
407 printf(" %s", tok2str(class2str, "(Class %d)", i));
408
409 fputs("? ", stdout);
410 cp = ns_nprint(np, bp);
411 return(cp ? cp + 4 : NULL);
412 }
413
414 /* print a reply */
415 static const u_char *
416 ns_rprint(register const u_char *cp, register const u_char *bp)
417 {
418 register u_int class;
419 register u_short typ, len;
420 register const u_char *rp;
421
422 if (vflag) {
423 putchar(' ');
424 if ((cp = ns_nprint(cp, bp)) == NULL)
425 return NULL;
426 } else
427 cp = ns_nskip(cp, bp);
428
429 if (cp + 10 > snapend || cp == NULL)
430 return (snapend);
431
432 /* print the type/qtype and class (if it's not IN) */
433 typ = *cp++ << 8;
434 typ |= *cp++;
435 class = *cp++ << 8;
436 class |= *cp++;
437 if (class != C_IN && typ != T_OPT)
438 printf(" %s", tok2str(class2str, "(Class %d)", class));
439
440 /* ignore ttl */
441 cp += 4;
442
443 len = *cp++ << 8;
444 len |= *cp++;
445
446 rp = cp + len;
447
448 printf(" %s", tok2str(type2str, "Type%d", typ));
449 if (rp > snapend)
450 return(NULL);
451
452 switch (typ) {
453 case T_A:
454 if (cp + sizeof(struct in_addr) > snapend)
455 return(NULL);
456 printf(" %s", ipaddr_string(cp));
457 break;
458
459 case T_NS:
460 case T_CNAME:
461 case T_PTR:
462 #ifdef T_DNAME
463 case T_DNAME:
464 #endif
465 putchar(' ');
466 if (ns_nprint(cp, bp) == NULL)
467 return(NULL);
468 break;
469
470 case T_SOA:
471 if (!vflag)
472 break;
473 putchar(' ');
474 if ((cp = ns_nprint(cp, bp)) == NULL)
475 return(NULL);
476 putchar(' ');
477 if ((cp = ns_nprint(cp, bp)) == NULL)
478 return(NULL);
479 if (cp + 5 * 4 > snapend)
480 return(NULL);
481 printf(" %u", EXTRACT_32BITS(cp));
482 cp += 4;
483 printf(" %u", EXTRACT_32BITS(cp));
484 cp += 4;
485 printf(" %u", EXTRACT_32BITS(cp));
486 cp += 4;
487 printf(" %u", EXTRACT_32BITS(cp));
488 cp += 4;
489 printf(" %u", EXTRACT_32BITS(cp));
490 cp += 4;
491 break;
492 case T_MX:
493 putchar(' ');
494 if (cp + 2 > snapend)
495 return(NULL);
496 if (ns_nprint(cp + 2, bp) == NULL)
497 return(NULL);
498 printf(" %d", EXTRACT_16BITS(cp));
499 break;
500
501 case T_TXT:
502 putchar(' ');
503 (void)ns_cprint(cp, bp);
504 break;
505
506 #ifdef INET6
507 case T_AAAA:
508 if (cp + sizeof(struct in6_addr) > snapend)
509 return(NULL);
510 printf(" %s", ip6addr_string(cp));
511 break;
512
513 case T_A6:
514 {
515 struct in6_addr a;
516 int pbit, pbyte;
517
518 pbit = *cp;
519 pbyte = (pbit & ~7) / 8;
520 if (pbit > 128) {
521 printf(" %u(bad plen)", pbit);
522 break;
523 } else if (pbit < 128) {
524 memset(&a, 0, sizeof(a));
525 memcpy(&a.s6_addr[pbyte], cp + 1, sizeof(a) - pbyte);
526 printf(" %u %s", pbit, ip6addr_string(&a));
527 }
528 if (pbit > 0) {
529 putchar(' ');
530 if (ns_nprint(cp + 1 + sizeof(a) - pbyte, bp) == NULL)
531 return(NULL);
532 }
533 break;
534 }
535 #endif /*INET6*/
536
537 case T_OPT:
538 printf(" UDPsize=%u", class);
539 break;
540
541 case T_UNSPECA: /* One long string */
542 if (cp + len > snapend)
543 return(NULL);
544 fn_printn(cp, len, snapend);
545 break;
546 }
547 return (rp); /* XXX This isn't always right */
548 }
549
550 void
551 ns_print(register const u_char *bp, u_int length)
552 {
553 register const HEADER *np;
554 register int qdcount, ancount, nscount, arcount;
555 register const u_char *cp = NULL;
556
557 np = (const HEADER *)bp;
558 /* get the byte-order right */
559 qdcount = ntohs(np->qdcount);
560 ancount = ntohs(np->ancount);
561 nscount = ntohs(np->nscount);
562 arcount = ntohs(np->arcount);
563
564 if (DNS_QR(np)) {
565 /* this is a response */
566 printf(" %d%s%s%s%s%s%s",
567 ntohs(np->id),
568 ns_ops[DNS_OPCODE(np)],
569 ns_resp[DNS_RCODE(np)],
570 DNS_AA(np)? "*" : "",
571 DNS_RA(np)? "" : "-",
572 DNS_TC(np)? "|" : "",
573 DNS_CD(np)? "%" : "");
574
575 if (qdcount != 1)
576 printf(" [%dq]", qdcount);
577 /* Print QUESTION section on -vv */
578 if (vflag > 1) {
579 fputs(" q:", stdout);
580 if ((cp = ns_qprint((const u_char *)(np + 1), bp))
581 == NULL)
582 goto trunc;
583 } else {
584 if ((cp = ns_nskip((const u_char *)(np + 1), bp))
585 == NULL)
586 goto trunc;
587 cp += 4;
588 }
589 printf(" %d/%d/%d", ancount, nscount, arcount);
590 if (ancount--) {
591 if ((cp = ns_rprint(cp, bp)) == NULL)
592 goto trunc;
593 while (cp < snapend && ancount--) {
594 putchar(',');
595 if ((cp = ns_rprint(cp, bp)) == NULL)
596 goto trunc;
597 }
598 }
599 if (ancount > 0)
600 goto trunc;
601 /* Print NS and AR sections on -vv */
602 if (vflag > 1) {
603 if (cp < snapend && nscount--) {
604 fputs(" ns:", stdout);
605 if ((cp = ns_rprint(cp, bp)) == NULL)
606 goto trunc;
607 while (cp < snapend && nscount--) {
608 putchar(',');
609 if ((cp = ns_rprint(cp, bp)) == NULL)
610 goto trunc;
611 }
612 }
613 if (nscount > 0)
614 goto trunc;
615 if (cp < snapend && arcount--) {
616 fputs(" ar:", stdout);
617 if ((cp = ns_rprint(cp, bp)) == NULL)
618 goto trunc;
619 while (cp < snapend && arcount--) {
620 putchar(',');
621 if ((cp = ns_rprint(cp, bp)) == NULL)
622 goto trunc;
623 }
624 }
625 if (arcount > 0)
626 goto trunc;
627 }
628 }
629 else {
630 /* this is a request */
631 printf(" %d%s%s%s", ntohs(np->id), ns_ops[DNS_OPCODE(np)],
632 DNS_RD(np) ? "+" : "",
633 DNS_AD(np) ? "$" : "");
634
635 /* any weirdness? */
636 if (*(((u_short *)np)+1) & htons(0x6cf))
637 printf(" [b2&3=0x%x]", ntohs(*(((u_short *)np)+1)));
638
639 if (DNS_OPCODE(np) == IQUERY) {
640 if (qdcount)
641 printf(" [%dq]", qdcount);
642 if (ancount != 1)
643 printf(" [%da]", ancount);
644 }
645 else {
646 if (ancount)
647 printf(" [%da]", ancount);
648 if (qdcount != 1)
649 printf(" [%dq]", qdcount);
650 }
651 if (nscount)
652 printf(" [%dn]", nscount);
653 if (arcount)
654 printf(" [%dau]", arcount);
655
656 if (qdcount--) {
657 cp = ns_qprint((const u_char *)(np + 1),
658 (const u_char *)np);
659 if (!cp)
660 goto trunc;
661 while (cp < snapend && qdcount--) {
662 cp = ns_qprint((const u_char *)cp,
663 (const u_char *)np);
664 if (!cp)
665 goto trunc;
666 }
667 }
668 if (qdcount > 0)
669 goto trunc;
670
671 /* Print remaining sections on -vv */
672 if (vflag > 1) {
673 if (ancount--) {
674 if ((cp = ns_rprint(cp, bp)) == NULL)
675 goto trunc;
676 while (cp < snapend && ancount--) {
677 putchar(',');
678 if ((cp = ns_rprint(cp, bp)) == NULL)
679 goto trunc;
680 }
681 }
682 if (ancount > 0)
683 goto trunc;
684 if (cp < snapend && nscount--) {
685 fputs(" ns:", stdout);
686 if ((cp = ns_rprint(cp, bp)) == NULL)
687 goto trunc;
688 while (nscount-- && cp < snapend) {
689 putchar(',');
690 if ((cp = ns_rprint(cp, bp)) == NULL)
691 goto trunc;
692 }
693 }
694 if (nscount > 0)
695 goto trunc;
696 if (cp < snapend && arcount--) {
697 fputs(" ar:", stdout);
698 if ((cp = ns_rprint(cp, bp)) == NULL)
699 goto trunc;
700 while (cp < snapend && arcount--) {
701 putchar(',');
702 if ((cp = ns_rprint(cp, bp)) == NULL)
703 goto trunc;
704 }
705 }
706 if (arcount > 0)
707 goto trunc;
708 }
709 }
710 printf(" (%d)", length);
711 return;
712
713 trunc:
714 printf("[|domain]");
715 return;
716 }
[mirror] the TCPdump network dissector