]> The Tcpdump Group git mirrors - tcpdump/blob - print-nfs.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove more old-compiler compensation.
[tcpdump] / print-nfs.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Network File System (NFS) printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32 #include <limits.h>
33
34 #include "netdissect.h"
35 #include "addrtoname.h"
36 #include "extract.h"
37
38 #include "nfs.h"
39 #include "nfsfh.h"
40
41 #include "ip.h"
42 #include "ip6.h"
43 #include "rpc_auth.h"
44 #include "rpc_msg.h"
45
46
47 static void nfs_printfh(netdissect_options *, const uint32_t *, const u_int);
48 static int xid_map_enter(netdissect_options *, const struct sunrpc_msg *, const u_char *);
49 static int xid_map_find(netdissect_options *, const struct sunrpc_msg *, const u_char *, uint32_t *, uint32_t *);
50 static void interp_reply(netdissect_options *, const struct sunrpc_msg *, uint32_t, uint32_t, int);
51 static const uint32_t *parse_post_op_attr(netdissect_options *, const uint32_t *, int);
52
53 /*
54 * Mapping of old NFS Version 2 RPC numbers to generic numbers.
55 */
56 static uint32_t nfsv3_procid[NFS_NPROCS] = {
57 NFSPROC_NULL,
58 NFSPROC_GETATTR,
59 NFSPROC_SETATTR,
60 NFSPROC_NOOP,
61 NFSPROC_LOOKUP,
62 NFSPROC_READLINK,
63 NFSPROC_READ,
64 NFSPROC_NOOP,
65 NFSPROC_WRITE,
66 NFSPROC_CREATE,
67 NFSPROC_REMOVE,
68 NFSPROC_RENAME,
69 NFSPROC_LINK,
70 NFSPROC_SYMLINK,
71 NFSPROC_MKDIR,
72 NFSPROC_RMDIR,
73 NFSPROC_READDIR,
74 NFSPROC_FSSTAT,
75 NFSPROC_NOOP,
76 NFSPROC_NOOP,
77 NFSPROC_NOOP,
78 NFSPROC_NOOP,
79 NFSPROC_NOOP,
80 NFSPROC_NOOP,
81 NFSPROC_NOOP,
82 NFSPROC_NOOP
83 };
84
85 static const struct tok nfsproc_str[] = {
86 { NFSPROC_NOOP, "nop" },
87 { NFSPROC_NULL, "null" },
88 { NFSPROC_GETATTR, "getattr" },
89 { NFSPROC_SETATTR, "setattr" },
90 { NFSPROC_LOOKUP, "lookup" },
91 { NFSPROC_ACCESS, "access" },
92 { NFSPROC_READLINK, "readlink" },
93 { NFSPROC_READ, "read" },
94 { NFSPROC_WRITE, "write" },
95 { NFSPROC_CREATE, "create" },
96 { NFSPROC_MKDIR, "mkdir" },
97 { NFSPROC_SYMLINK, "symlink" },
98 { NFSPROC_MKNOD, "mknod" },
99 { NFSPROC_REMOVE, "remove" },
100 { NFSPROC_RMDIR, "rmdir" },
101 { NFSPROC_RENAME, "rename" },
102 { NFSPROC_LINK, "link" },
103 { NFSPROC_READDIR, "readdir" },
104 { NFSPROC_READDIRPLUS, "readdirplus" },
105 { NFSPROC_FSSTAT, "fsstat" },
106 { NFSPROC_FSINFO, "fsinfo" },
107 { NFSPROC_PATHCONF, "pathconf" },
108 { NFSPROC_COMMIT, "commit" },
109 { 0, NULL }
110 };
111
112 /*
113 * NFS V2 and V3 status values.
114 *
115 * Some of these come from the RFCs for NFS V2 and V3, with the message
116 * strings taken from the FreeBSD C library "errlst.c".
117 *
118 * Others are errors that are not in the RFC but that I suspect some
119 * NFS servers could return; the values are FreeBSD errno values, as
120 * the first NFS server was the SunOS 2.0 one, and until 5.0 SunOS
121 * was primarily BSD-derived.
122 */
123 static const struct tok status2str[] = {
124 { 1, "Operation not permitted" }, /* EPERM */
125 { 2, "No such file or directory" }, /* ENOENT */
126 { 5, "Input/output error" }, /* EIO */
127 { 6, "Device not configured" }, /* ENXIO */
128 { 11, "Resource deadlock avoided" }, /* EDEADLK */
129 { 12, "Cannot allocate memory" }, /* ENOMEM */
130 { 13, "Permission denied" }, /* EACCES */
131 { 17, "File exists" }, /* EEXIST */
132 { 18, "Cross-device link" }, /* EXDEV */
133 { 19, "Operation not supported by device" }, /* ENODEV */
134 { 20, "Not a directory" }, /* ENOTDIR */
135 { 21, "Is a directory" }, /* EISDIR */
136 { 22, "Invalid argument" }, /* EINVAL */
137 { 26, "Text file busy" }, /* ETXTBSY */
138 { 27, "File too large" }, /* EFBIG */
139 { 28, "No space left on device" }, /* ENOSPC */
140 { 30, "Read-only file system" }, /* EROFS */
141 { 31, "Too many links" }, /* EMLINK */
142 { 45, "Operation not supported" }, /* EOPNOTSUPP */
143 { 62, "Too many levels of symbolic links" }, /* ELOOP */
144 { 63, "File name too long" }, /* ENAMETOOLONG */
145 { 66, "Directory not empty" }, /* ENOTEMPTY */
146 { 69, "Disc quota exceeded" }, /* EDQUOT */
147 { 70, "Stale NFS file handle" }, /* ESTALE */
148 { 71, "Too many levels of remote in path" }, /* EREMOTE */
149 { 99, "Write cache flushed to disk" }, /* NFSERR_WFLUSH (not used) */
150 { 10001, "Illegal NFS file handle" }, /* NFS3ERR_BADHANDLE */
151 { 10002, "Update synchronization mismatch" }, /* NFS3ERR_NOT_SYNC */
152 { 10003, "READDIR/READDIRPLUS cookie is stale" }, /* NFS3ERR_BAD_COOKIE */
153 { 10004, "Operation not supported" }, /* NFS3ERR_NOTSUPP */
154 { 10005, "Buffer or request is too small" }, /* NFS3ERR_TOOSMALL */
155 { 10006, "Unspecified error on server" }, /* NFS3ERR_SERVERFAULT */
156 { 10007, "Object of that type not supported" }, /* NFS3ERR_BADTYPE */
157 { 10008, "Request couldn't be completed in time" }, /* NFS3ERR_JUKEBOX */
158 { 0, NULL }
159 };
160
161 static const struct tok nfsv3_writemodes[] = {
162 { 0, "unstable" },
163 { 1, "datasync" },
164 { 2, "filesync" },
165 { 0, NULL }
166 };
167
168 static const struct tok type2str[] = {
169 { NFNON, "NON" },
170 { NFREG, "REG" },
171 { NFDIR, "DIR" },
172 { NFBLK, "BLK" },
173 { NFCHR, "CHR" },
174 { NFLNK, "LNK" },
175 { NFFIFO, "FIFO" },
176 { 0, NULL }
177 };
178
179 static const struct tok sunrpc_auth_str[] = {
180 { SUNRPC_AUTH_OK, "OK" },
181 { SUNRPC_AUTH_BADCRED, "Bogus Credentials (seal broken)" },
182 { SUNRPC_AUTH_REJECTEDCRED, "Rejected Credentials (client should begin new session)" },
183 { SUNRPC_AUTH_BADVERF, "Bogus Verifier (seal broken)" },
184 { SUNRPC_AUTH_REJECTEDVERF, "Verifier expired or was replayed" },
185 { SUNRPC_AUTH_TOOWEAK, "Credentials are too weak" },
186 { SUNRPC_AUTH_INVALIDRESP, "Bogus response verifier" },
187 { SUNRPC_AUTH_FAILED, "Unknown failure" },
188 { 0, NULL }
189 };
190
191 static const struct tok sunrpc_str[] = {
192 { SUNRPC_PROG_UNAVAIL, "PROG_UNAVAIL" },
193 { SUNRPC_PROG_MISMATCH, "PROG_MISMATCH" },
194 { SUNRPC_PROC_UNAVAIL, "PROC_UNAVAIL" },
195 { SUNRPC_GARBAGE_ARGS, "GARBAGE_ARGS" },
196 { SUNRPC_SYSTEM_ERR, "SYSTEM_ERR" },
197 { 0, NULL }
198 };
199
200 static void
201 print_nfsaddr(netdissect_options *ndo,
202 const u_char *bp, const char *s, const char *d)
203 {
204 const struct ip *ip;
205 const struct ip6_hdr *ip6;
206 char srcaddr[INET6_ADDRSTRLEN], dstaddr[INET6_ADDRSTRLEN];
207
208 srcaddr[0] = dstaddr[0] = '\0';
209 switch (IP_V((const struct ip *)bp)) {
210 case 4:
211 ip = (const struct ip *)bp;
212 strlcpy(srcaddr, ipaddr_string(ndo, ip->ip_src), sizeof(srcaddr));
213 strlcpy(dstaddr, ipaddr_string(ndo, ip->ip_dst), sizeof(dstaddr));
214 break;
215 case 6:
216 ip6 = (const struct ip6_hdr *)bp;
217 strlcpy(srcaddr, ip6addr_string(ndo, ip6->ip6_src),
218 sizeof(srcaddr));
219 strlcpy(dstaddr, ip6addr_string(ndo, ip6->ip6_dst),
220 sizeof(dstaddr));
221 break;
222 default:
223 strlcpy(srcaddr, "?", sizeof(srcaddr));
224 strlcpy(dstaddr, "?", sizeof(dstaddr));
225 break;
226 }
227
228 ND_PRINT("%s.%s > %s.%s: ", srcaddr, s, dstaddr, d);
229 }
230
231 /*
232 * NFS Version 3 sattr3 structure for the new node creation case.
233 * This does not have a fixed layout on the network, so this
234 * structure does not correspond to the layout of the data on
235 * the network; it's used to store the data when the sattr3
236 * is parsed for use when it's later printed.
237 */
238 struct nfsv3_sattr {
239 uint32_t sa_modeset;
240 uint32_t sa_mode;
241 uint32_t sa_uidset;
242 uint32_t sa_uid;
243 uint32_t sa_gidset;
244 uint32_t sa_gid;
245 uint32_t sa_sizeset;
246 uint32_t sa_size;
247 uint32_t sa_atimetype;
248 struct {
249 uint32_t nfsv3_sec;
250 uint32_t nfsv3_nsec;
251 } sa_atime;
252 uint32_t sa_mtimetype;
253 struct {
254 uint32_t nfsv3_sec;
255 uint32_t nfsv3_nsec;
256 } sa_mtime;
257 };
258
259 static const uint32_t *
260 parse_sattr3(netdissect_options *ndo,
261 const uint32_t *dp, struct nfsv3_sattr *sa3)
262 {
263 ND_TCHECK_4(dp);
264 sa3->sa_modeset = GET_BE_U_4(dp);
265 dp++;
266 if (sa3->sa_modeset) {
267 ND_TCHECK_4(dp);
268 sa3->sa_mode = GET_BE_U_4(dp);
269 dp++;
270 }
271
272 ND_TCHECK_4(dp);
273 sa3->sa_uidset = GET_BE_U_4(dp);
274 dp++;
275 if (sa3->sa_uidset) {
276 ND_TCHECK_4(dp);
277 sa3->sa_uid = GET_BE_U_4(dp);
278 dp++;
279 }
280
281 ND_TCHECK_4(dp);
282 sa3->sa_gidset = GET_BE_U_4(dp);
283 dp++;
284 if (sa3->sa_gidset) {
285 ND_TCHECK_4(dp);
286 sa3->sa_gid = GET_BE_U_4(dp);
287 dp++;
288 }
289
290 ND_TCHECK_4(dp);
291 sa3->sa_sizeset = GET_BE_U_4(dp);
292 dp++;
293 if (sa3->sa_sizeset) {
294 ND_TCHECK_4(dp);
295 sa3->sa_size = GET_BE_U_4(dp);
296 dp++;
297 }
298
299 ND_TCHECK_4(dp);
300 sa3->sa_atimetype = GET_BE_U_4(dp);
301 dp++;
302 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT) {
303 ND_TCHECK_4(dp + 1);
304 sa3->sa_atime.nfsv3_sec = GET_BE_U_4(dp);
305 dp++;
306 sa3->sa_atime.nfsv3_nsec = GET_BE_U_4(dp);
307 dp++;
308 }
309
310 ND_TCHECK_4(dp);
311 sa3->sa_mtimetype = GET_BE_U_4(dp);
312 dp++;
313 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT) {
314 ND_TCHECK_4(dp + 1);
315 sa3->sa_mtime.nfsv3_sec = GET_BE_U_4(dp);
316 dp++;
317 sa3->sa_mtime.nfsv3_nsec = GET_BE_U_4(dp);
318 dp++;
319 }
320
321 return dp;
322 trunc:
323 return NULL;
324 }
325
326 static void
327 print_sattr3(netdissect_options *ndo,
328 const struct nfsv3_sattr *sa3, int verbose)
329 {
330 if (sa3->sa_modeset)
331 ND_PRINT(" mode %o", sa3->sa_mode);
332 if (sa3->sa_uidset)
333 ND_PRINT(" uid %u", sa3->sa_uid);
334 if (sa3->sa_gidset)
335 ND_PRINT(" gid %u", sa3->sa_gid);
336 if (verbose > 1) {
337 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT)
338 ND_PRINT(" atime %u.%06u", sa3->sa_atime.nfsv3_sec,
339 sa3->sa_atime.nfsv3_nsec);
340 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT)
341 ND_PRINT(" mtime %u.%06u", sa3->sa_mtime.nfsv3_sec,
342 sa3->sa_mtime.nfsv3_nsec);
343 }
344 }
345
346 void
347 nfsreply_print(netdissect_options *ndo,
348 const u_char *bp, u_int length,
349 const u_char *bp2)
350 {
351 const struct sunrpc_msg *rp;
352 char srcid[20], dstid[20]; /*fits 32bit*/
353
354 ndo->ndo_protocol = "nfs";
355 rp = (const struct sunrpc_msg *)bp;
356
357 ND_TCHECK_4(rp->rm_xid);
358 if (!ndo->ndo_nflag) {
359 strlcpy(srcid, "nfs", sizeof(srcid));
360 snprintf(dstid, sizeof(dstid), "%u",
361 GET_BE_U_4(rp->rm_xid));
362 } else {
363 snprintf(srcid, sizeof(srcid), "%u", NFS_PORT);
364 snprintf(dstid, sizeof(dstid), "%u",
365 GET_BE_U_4(rp->rm_xid));
366 }
367 print_nfsaddr(ndo, bp2, srcid, dstid);
368
369 nfsreply_noaddr_print(ndo, bp, length, bp2);
370 return;
371
372 trunc:
373 nd_print_trunc(ndo);
374 }
375
376 void
377 nfsreply_noaddr_print(netdissect_options *ndo,
378 const u_char *bp, u_int length,
379 const u_char *bp2)
380 {
381 const struct sunrpc_msg *rp;
382 uint32_t proc, vers, reply_stat;
383 enum sunrpc_reject_stat rstat;
384 uint32_t rlow;
385 uint32_t rhigh;
386 enum sunrpc_auth_stat rwhy;
387
388 ndo->ndo_protocol = "nfs";
389 rp = (const struct sunrpc_msg *)bp;
390
391 ND_TCHECK_4(rp->rm_reply.rp_stat);
392 reply_stat = GET_BE_U_4(&rp->rm_reply.rp_stat);
393 switch (reply_stat) {
394
395 case SUNRPC_MSG_ACCEPTED:
396 ND_PRINT("reply ok %u", length);
397 if (xid_map_find(ndo, rp, bp2, &proc, &vers) >= 0)
398 interp_reply(ndo, rp, proc, vers, length);
399 break;
400
401 case SUNRPC_MSG_DENIED:
402 ND_PRINT("reply ERR %u: ", length);
403 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_stat);
404 rstat = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_stat);
405 switch (rstat) {
406
407 case SUNRPC_RPC_MISMATCH:
408 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_vers.high);
409 rlow = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.low);
410 rhigh = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.high);
411 ND_PRINT("RPC Version mismatch (%u-%u)", rlow, rhigh);
412 break;
413
414 case SUNRPC_AUTH_ERROR:
415 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_why);
416 rwhy = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_why);
417 ND_PRINT("Auth %s", tok2str(sunrpc_auth_str, "Invalid failure code %u", rwhy));
418 break;
419
420 default:
421 ND_PRINT("Unknown reason for rejecting rpc message %u", (unsigned int)rstat);
422 break;
423 }
424 break;
425
426 default:
427 ND_PRINT("reply Unknown rpc response code=%u %u", reply_stat, length);
428 break;
429 }
430 return;
431
432 trunc:
433 nd_print_trunc(ndo);
434 }
435
436 /*
437 * Return a pointer to the first file handle in the packet.
438 * If the packet was truncated, return 0.
439 */
440 static const uint32_t *
441 parsereq(netdissect_options *ndo,
442 const struct sunrpc_msg *rp, u_int length)
443 {
444 const uint32_t *dp;
445 u_int len, rounded_len;
446
447 /*
448 * Find the start of the req data (if we captured it).
449 * First, get the length of the credentials, and make sure
450 * we have all of the opaque part of the credentials.
451 */
452 dp = (const uint32_t *)&rp->rm_call.cb_cred;
453 if (length < 2 * sizeof(*dp))
454 goto trunc;
455 ND_TCHECK_4(dp + 1);
456 len = GET_BE_U_4(dp + 1);
457 rounded_len = roundup2(len, 4);
458 ND_TCHECK_LEN(dp + 2, rounded_len);
459 if (2 * sizeof(*dp) + rounded_len <= length) {
460 /*
461 * We have all of the credentials. Skip past them; they
462 * consist of 4 bytes of flavor, 4 bytes of length,
463 * and len-rounded-up-to-a-multiple-of-4 bytes of
464 * data.
465 */
466 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
467 length -= 2 * sizeof(*dp) + rounded_len;
468
469 /*
470 * Now get the length of the verifier, and make sure
471 * we have all of the opaque part of the verifier.
472 */
473 if (length < 2 * sizeof(*dp))
474 goto trunc;
475 ND_TCHECK_4(dp + 1);
476 len = GET_BE_U_4(dp + 1);
477 rounded_len = roundup2(len, 4);
478 ND_TCHECK_LEN(dp + 2, rounded_len);
479 if (2 * sizeof(*dp) + rounded_len < length) {
480 /*
481 * We have all of the verifier. Skip past it;
482 * it consists of 4 bytes of flavor, 4 bytes of
483 * length, and len-rounded-up-to-a-multiple-of-4
484 * bytes of data.
485 */
486 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
487 return (dp);
488 }
489 }
490 trunc:
491 return (NULL);
492 }
493
494 /*
495 * Print out an NFS file handle and return a pointer to following word.
496 * If packet was truncated, return 0.
497 */
498 static const uint32_t *
499 parsefh(netdissect_options *ndo,
500 const uint32_t *dp, int v3)
501 {
502 u_int len;
503
504 if (v3) {
505 ND_TCHECK_4(dp);
506 len = GET_BE_U_4(dp) / 4;
507 dp++;
508 } else
509 len = NFSX_V2FH / 4;
510
511 if (ND_TTEST_LEN(dp, len * sizeof(*dp))) {
512 nfs_printfh(ndo, dp, len);
513 return (dp + len);
514 }
515 trunc:
516 return (NULL);
517 }
518
519 /*
520 * Print out a file name and return pointer to 32-bit word past it.
521 * If packet was truncated, return 0.
522 */
523 static const uint32_t *
524 parsefn(netdissect_options *ndo,
525 const uint32_t *dp)
526 {
527 uint32_t len;
528 const u_char *cp;
529
530 /* Bail if we don't have the string length */
531 ND_TCHECK_4(dp);
532
533 /* Fetch big-endian string length */
534 len = GET_BE_U_4(dp);
535 dp++;
536
537 if (UINT_MAX - len < 3) {
538 ND_PRINT("[cannot pad to 32-bit boundaries]");
539 nd_print_invalid(ndo);
540 return NULL;
541 }
542
543 ND_TCHECK_LEN(dp, ((len + 3) & ~3));
544
545 cp = (const u_char *)dp;
546 /* Update 32-bit pointer (NFS filenames padded to 32-bit boundaries) */
547 dp += ((len + 3) & ~3) / sizeof(*dp);
548 ND_PRINT("\"");
549 if (nd_printn(ndo, cp, len, ndo->ndo_snapend)) {
550 ND_PRINT("\"");
551 goto trunc;
552 }
553 ND_PRINT("\"");
554
555 return (dp);
556 trunc:
557 return NULL;
558 }
559
560 /*
561 * Print out file handle and file name.
562 * Return pointer to 32-bit word past file name.
563 * If packet was truncated (or there was some other error), return 0.
564 */
565 static const uint32_t *
566 parsefhn(netdissect_options *ndo,
567 const uint32_t *dp, int v3)
568 {
569 dp = parsefh(ndo, dp, v3);
570 if (dp == NULL)
571 return (NULL);
572 ND_PRINT(" ");
573 return (parsefn(ndo, dp));
574 }
575
576 void
577 nfsreq_noaddr_print(netdissect_options *ndo,
578 const u_char *bp, u_int length,
579 const u_char *bp2)
580 {
581 const struct sunrpc_msg *rp;
582 const uint32_t *dp;
583 nfs_type type;
584 int v3;
585 uint32_t proc;
586 uint32_t access_flags;
587 struct nfsv3_sattr sa3;
588
589 ndo->ndo_protocol = "nfs";
590 ND_PRINT("%u", length);
591 rp = (const struct sunrpc_msg *)bp;
592
593 if (!xid_map_enter(ndo, rp, bp2)) /* record proc number for later on */
594 goto trunc;
595
596 v3 = (GET_BE_U_4(&rp->rm_call.cb_vers) == NFS_VER3);
597 proc = GET_BE_U_4(&rp->rm_call.cb_proc);
598
599 if (!v3 && proc < NFS_NPROCS)
600 proc = nfsv3_procid[proc];
601
602 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
603 switch (proc) {
604
605 case NFSPROC_GETATTR:
606 case NFSPROC_SETATTR:
607 case NFSPROC_READLINK:
608 case NFSPROC_FSSTAT:
609 case NFSPROC_FSINFO:
610 case NFSPROC_PATHCONF:
611 dp = parsereq(ndo, rp, length);
612 if (dp == NULL)
613 goto trunc;
614 if (parsefh(ndo, dp, v3) == NULL)
615 goto trunc;
616 break;
617
618 case NFSPROC_LOOKUP:
619 case NFSPROC_CREATE:
620 case NFSPROC_MKDIR:
621 case NFSPROC_REMOVE:
622 case NFSPROC_RMDIR:
623 dp = parsereq(ndo, rp, length);
624 if (dp == NULL)
625 goto trunc;
626 if (parsefhn(ndo, dp, v3) == NULL)
627 goto trunc;
628 break;
629
630 case NFSPROC_ACCESS:
631 dp = parsereq(ndo, rp, length);
632 if (dp == NULL)
633 goto trunc;
634 dp = parsefh(ndo, dp, v3);
635 if (dp == NULL)
636 goto trunc;
637 ND_TCHECK_4(dp);
638 access_flags = GET_BE_U_4(dp);
639 if (access_flags & ~NFSV3ACCESS_FULL) {
640 /* NFSV3ACCESS definitions aren't up to date */
641 ND_PRINT(" %04x", access_flags);
642 } else if ((access_flags & NFSV3ACCESS_FULL) == NFSV3ACCESS_FULL) {
643 ND_PRINT(" NFS_ACCESS_FULL");
644 } else {
645 char separator = ' ';
646 if (access_flags & NFSV3ACCESS_READ) {
647 ND_PRINT(" NFS_ACCESS_READ");
648 separator = '|';
649 }
650 if (access_flags & NFSV3ACCESS_LOOKUP) {
651 ND_PRINT("%cNFS_ACCESS_LOOKUP", separator);
652 separator = '|';
653 }
654 if (access_flags & NFSV3ACCESS_MODIFY) {
655 ND_PRINT("%cNFS_ACCESS_MODIFY", separator);
656 separator = '|';
657 }
658 if (access_flags & NFSV3ACCESS_EXTEND) {
659 ND_PRINT("%cNFS_ACCESS_EXTEND", separator);
660 separator = '|';
661 }
662 if (access_flags & NFSV3ACCESS_DELETE) {
663 ND_PRINT("%cNFS_ACCESS_DELETE", separator);
664 separator = '|';
665 }
666 if (access_flags & NFSV3ACCESS_EXECUTE)
667 ND_PRINT("%cNFS_ACCESS_EXECUTE", separator);
668 }
669 break;
670
671 case NFSPROC_READ:
672 dp = parsereq(ndo, rp, length);
673 if (dp == NULL)
674 goto trunc;
675 dp = parsefh(ndo, dp, v3);
676 if (dp == NULL)
677 goto trunc;
678 if (v3) {
679 ND_TCHECK_4(dp + 2);
680 ND_PRINT(" %u bytes @ %" PRIu64,
681 GET_BE_U_4(dp + 2),
682 GET_BE_U_8(dp));
683 } else {
684 ND_TCHECK_4(dp + 1);
685 ND_PRINT(" %u bytes @ %u",
686 GET_BE_U_4(dp + 1),
687 GET_BE_U_4(dp));
688 }
689 break;
690
691 case NFSPROC_WRITE:
692 dp = parsereq(ndo, rp, length);
693 if (dp == NULL)
694 goto trunc;
695 dp = parsefh(ndo, dp, v3);
696 if (dp == NULL)
697 goto trunc;
698 if (v3) {
699 ND_TCHECK_4(dp + 4);
700 ND_PRINT(" %u (%u) bytes @ %" PRIu64,
701 GET_BE_U_4(dp + 4),
702 GET_BE_U_4(dp + 2),
703 GET_BE_U_8(dp));
704 if (ndo->ndo_vflag) {
705 ND_PRINT(" <%s>",
706 tok2str(nfsv3_writemodes,
707 NULL, GET_BE_U_4(dp + 3)));
708 }
709 } else {
710 ND_TCHECK_4(dp + 3);
711 ND_PRINT(" %u (%u) bytes @ %u (%u)",
712 GET_BE_U_4(dp + 3),
713 GET_BE_U_4(dp + 2),
714 GET_BE_U_4(dp + 1),
715 GET_BE_U_4(dp));
716 }
717 break;
718
719 case NFSPROC_SYMLINK:
720 dp = parsereq(ndo, rp, length);
721 if (dp == NULL)
722 goto trunc;
723 dp = parsefhn(ndo, dp, v3);
724 if (dp == NULL)
725 goto trunc;
726 ND_PRINT(" ->");
727 if (v3 && (dp = parse_sattr3(ndo, dp, &sa3)) == NULL)
728 goto trunc;
729 if (parsefn(ndo, dp) == NULL)
730 goto trunc;
731 if (v3 && ndo->ndo_vflag)
732 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
733 break;
734
735 case NFSPROC_MKNOD:
736 dp = parsereq(ndo, rp, length);
737 if (dp == NULL)
738 goto trunc;
739 dp = parsefhn(ndo, dp, v3);
740 if (dp == NULL)
741 goto trunc;
742 ND_TCHECK_4(dp);
743 type = (nfs_type) GET_BE_U_4(dp);
744 dp++;
745 dp = parse_sattr3(ndo, dp, &sa3);
746 if (dp == NULL)
747 goto trunc;
748 ND_PRINT(" %s", tok2str(type2str, "unk-ft %u", type));
749 if (ndo->ndo_vflag && (type == NFCHR || type == NFBLK)) {
750 ND_TCHECK_4(dp + 1);
751 ND_PRINT(" %u/%u",
752 GET_BE_U_4(dp),
753 GET_BE_U_4(dp + 1));
754 dp += 2;
755 }
756 if (ndo->ndo_vflag)
757 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
758 break;
759
760 case NFSPROC_RENAME:
761 dp = parsereq(ndo, rp, length);
762 if (dp == NULL)
763 goto trunc;
764 dp = parsefhn(ndo, dp, v3);
765 if (dp == NULL)
766 goto trunc;
767 ND_PRINT(" ->");
768 if (parsefhn(ndo, dp, v3) == NULL)
769 goto trunc;
770 break;
771
772 case NFSPROC_LINK:
773 dp = parsereq(ndo, rp, length);
774 if (dp == NULL)
775 goto trunc;
776 dp = parsefh(ndo, dp, v3);
777 if (dp == NULL)
778 goto trunc;
779 ND_PRINT(" ->");
780 if (parsefhn(ndo, dp, v3) == NULL)
781 goto trunc;
782 break;
783
784 case NFSPROC_READDIR:
785 dp = parsereq(ndo, rp, length);
786 if (dp == NULL)
787 goto trunc;
788 dp = parsefh(ndo, dp, v3);
789 if (dp == NULL)
790 goto trunc;
791 if (v3) {
792 ND_TCHECK_4(dp + 4);
793 /*
794 * We shouldn't really try to interpret the
795 * offset cookie here.
796 */
797 ND_PRINT(" %u bytes @ %" PRId64,
798 GET_BE_U_4(dp + 4),
799 GET_BE_U_8(dp));
800 if (ndo->ndo_vflag) {
801 /*
802 * This displays the 8 bytes
803 * of the verifier in order,
804 * from the low-order byte
805 * to the high-order byte.
806 */
807 ND_PRINT(" verf %08x%08x",
808 GET_BE_U_4(dp + 2),
809 GET_BE_U_4(dp + 3));
810 }
811 } else {
812 ND_TCHECK_4(dp + 1);
813 /*
814 * Print the offset as signed, since -1 is
815 * common, but offsets > 2^31 aren't.
816 */
817 ND_PRINT(" %u bytes @ %u",
818 GET_BE_U_4(dp + 1),
819 GET_BE_U_4(dp));
820 }
821 break;
822
823 case NFSPROC_READDIRPLUS:
824 dp = parsereq(ndo, rp, length);
825 if (dp == NULL)
826 goto trunc;
827 dp = parsefh(ndo, dp, v3);
828 if (dp == NULL)
829 goto trunc;
830 ND_TCHECK_4(dp + 4);
831 /*
832 * We don't try to interpret the offset
833 * cookie here.
834 */
835 ND_PRINT(" %u bytes @ %" PRId64,
836 GET_BE_U_4(dp + 4),
837 GET_BE_U_8(dp));
838 if (ndo->ndo_vflag) {
839 ND_TCHECK_4(dp + 5);
840 /*
841 * This displays the 8 bytes
842 * of the verifier in order,
843 * from the low-order byte
844 * to the high-order byte.
845 */
846 ND_PRINT(" max %u verf %08x%08x",
847 GET_BE_U_4(dp + 5),
848 GET_BE_U_4(dp + 2),
849 GET_BE_U_4(dp + 3));
850 }
851 break;
852
853 case NFSPROC_COMMIT:
854 dp = parsereq(ndo, rp, length);
855 if (dp == NULL)
856 goto trunc;
857 dp = parsefh(ndo, dp, v3);
858 if (dp == NULL)
859 goto trunc;
860 ND_TCHECK_4(dp + 2);
861 ND_PRINT(" %u bytes @ %" PRIu64,
862 GET_BE_U_4(dp + 2),
863 GET_BE_U_8(dp));
864 break;
865
866 default:
867 break;
868 }
869 return;
870
871 trunc:
872 nd_print_trunc(ndo);
873 }
874
875 /*
876 * Print out an NFS file handle.
877 * We assume packet was not truncated before the end of the
878 * file handle pointed to by dp.
879 *
880 * Note: new version (using portable file-handle parser) doesn't produce
881 * generation number. It probably could be made to do that, with some
882 * additional hacking on the parser code.
883 */
884 static void
885 nfs_printfh(netdissect_options *ndo,
886 const uint32_t *dp, const u_int len)
887 {
888 my_fsid fsid;
889 uint32_t ino;
890 const char *sfsname = NULL;
891 char *spacep;
892
893 if (ndo->ndo_uflag) {
894 u_int i;
895 char const *sep = "";
896
897 ND_PRINT(" fh[");
898 for (i=0; i<len; i++) {
899 /*
900 * This displays 4 bytes in big-endian byte
901 * order. That's as good a choice as little-
902 * endian, as there's no guarantee that the
903 * server is big-endian or little-endian or
904 * that the file handle contains 4-byte
905 * integral fields, and is better than "the
906 * byte order of the host running tcpdump", as
907 * the latter means that different hosts
908 * running tcpdump may show the same file
909 * handle in different ways.
910 */
911 ND_PRINT("%s%x", sep, GET_BE_U_4(dp + i));
912 sep = ":";
913 }
914 ND_PRINT("]");
915 return;
916 }
917
918 Parse_fh(ndo, (const u_char *)dp, len, &fsid, &ino, NULL, &sfsname, 0);
919
920 if (sfsname) {
921 /* file system ID is ASCII, not numeric, for this server OS */
922 char temp[NFSX_V3FHMAX+1];
923 u_int stringlen;
924
925 /* Make sure string is null-terminated */
926 stringlen = len;
927 if (stringlen > NFSX_V3FHMAX)
928 stringlen = NFSX_V3FHMAX;
929 strncpy(temp, sfsname, stringlen);
930 temp[stringlen] = '\0';
931 /* Remove trailing spaces */
932 spacep = strchr(temp, ' ');
933 if (spacep)
934 *spacep = '\0';
935
936 ND_PRINT(" fh %s/", temp);
937 } else {
938 ND_PRINT(" fh %u,%u/",
939 fsid.Fsid_dev.Major, fsid.Fsid_dev.Minor);
940 }
941
942 if(fsid.Fsid_dev.Minor == 257)
943 /* Print the undecoded handle */
944 ND_PRINT("%s", fsid.Opaque_Handle);
945 else
946 ND_PRINT("%ld", (long) ino);
947 }
948
949 /*
950 * Maintain a small cache of recent client.XID.server/proc pairs, to allow
951 * us to match up replies with requests and thus to know how to parse
952 * the reply.
953 */
954
955 struct xid_map_entry {
956 uint32_t xid; /* transaction ID (net order) */
957 int ipver; /* IP version (4 or 6) */
958 nd_ipv6 client; /* client IP address (net order) */
959 nd_ipv6 server; /* server IP address (net order) */
960 uint32_t proc; /* call proc number (host order) */
961 uint32_t vers; /* program version (host order) */
962 };
963
964 /*
965 * Map entries are kept in an array that we manage as a ring;
966 * new entries are always added at the tail of the ring. Initially,
967 * all the entries are zero and hence don't match anything.
968 */
969
970 #define XIDMAPSIZE 64
971
972 static struct xid_map_entry xid_map[XIDMAPSIZE];
973
974 static int xid_map_next = 0;
975 static int xid_map_hint = 0;
976
977 static int
978 xid_map_enter(netdissect_options *ndo,
979 const struct sunrpc_msg *rp, const u_char *bp)
980 {
981 const struct ip *ip = NULL;
982 const struct ip6_hdr *ip6 = NULL;
983 struct xid_map_entry *xmep;
984
985 if (!ND_TTEST_4(rp->rm_call.cb_proc))
986 return (0);
987 switch (IP_V((const struct ip *)bp)) {
988 case 4:
989 ip = (const struct ip *)bp;
990 break;
991 case 6:
992 ip6 = (const struct ip6_hdr *)bp;
993 break;
994 default:
995 return (1);
996 }
997
998 xmep = &xid_map[xid_map_next];
999
1000 if (++xid_map_next >= XIDMAPSIZE)
1001 xid_map_next = 0;
1002
1003 UNALIGNED_MEMCPY(&xmep->xid, &rp->rm_xid, sizeof(xmep->xid));
1004 if (ip) {
1005 xmep->ipver = 4;
1006 UNALIGNED_MEMCPY(&xmep->client, ip->ip_src,
1007 sizeof(ip->ip_src));
1008 UNALIGNED_MEMCPY(&xmep->server, ip->ip_dst,
1009 sizeof(ip->ip_dst));
1010 }
1011 else if (ip6) {
1012 xmep->ipver = 6;
1013 UNALIGNED_MEMCPY(&xmep->client, ip6->ip6_src,
1014 sizeof(ip6->ip6_src));
1015 UNALIGNED_MEMCPY(&xmep->server, ip6->ip6_dst,
1016 sizeof(ip6->ip6_dst));
1017 }
1018 xmep->proc = GET_BE_U_4(&rp->rm_call.cb_proc);
1019 xmep->vers = GET_BE_U_4(&rp->rm_call.cb_vers);
1020 return (1);
1021 }
1022
1023 /*
1024 * Returns 0 and puts NFSPROC_xxx in proc return and
1025 * version in vers return, or returns -1 on failure
1026 */
1027 static int
1028 xid_map_find(netdissect_options *ndo, const struct sunrpc_msg *rp,
1029 const u_char *bp, uint32_t *proc, uint32_t *vers)
1030 {
1031 int i;
1032 struct xid_map_entry *xmep;
1033 uint32_t xid;
1034 const struct ip *ip = (const struct ip *)bp;
1035 const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp;
1036 int cmp;
1037
1038 UNALIGNED_MEMCPY(&xid, &rp->rm_xid, sizeof(xmep->xid));
1039 /* Start searching from where we last left off */
1040 i = xid_map_hint;
1041 do {
1042 xmep = &xid_map[i];
1043 cmp = 1;
1044 if (xmep->ipver != IP_V(ip) || xmep->xid != xid)
1045 goto nextitem;
1046 switch (xmep->ipver) {
1047 case 4:
1048 if (UNALIGNED_MEMCMP(ip->ip_src, &xmep->server,
1049 sizeof(ip->ip_src)) != 0 ||
1050 UNALIGNED_MEMCMP(ip->ip_dst, &xmep->client,
1051 sizeof(ip->ip_dst)) != 0) {
1052 cmp = 0;
1053 }
1054 break;
1055 case 6:
1056 if (UNALIGNED_MEMCMP(ip6->ip6_src, &xmep->server,
1057 sizeof(ip6->ip6_src)) != 0 ||
1058 UNALIGNED_MEMCMP(ip6->ip6_dst, &xmep->client,
1059 sizeof(ip6->ip6_dst)) != 0) {
1060 cmp = 0;
1061 }
1062 break;
1063 default:
1064 cmp = 0;
1065 break;
1066 }
1067 if (cmp) {
1068 /* match */
1069 xid_map_hint = i;
1070 *proc = xmep->proc;
1071 *vers = xmep->vers;
1072 return 0;
1073 }
1074 nextitem:
1075 if (++i >= XIDMAPSIZE)
1076 i = 0;
1077 } while (i != xid_map_hint);
1078
1079 /* search failed */
1080 return (-1);
1081 }
1082
1083 /*
1084 * Routines for parsing reply packets
1085 */
1086
1087 /*
1088 * Return a pointer to the beginning of the actual results.
1089 * If the packet was truncated, return 0.
1090 */
1091 static const uint32_t *
1092 parserep(netdissect_options *ndo,
1093 const struct sunrpc_msg *rp, u_int length, int *nfserrp)
1094 {
1095 const uint32_t *dp;
1096 u_int len;
1097 enum sunrpc_accept_stat astat;
1098
1099 /*
1100 * Portability note:
1101 * Here we find the address of the ar_verf credentials.
1102 * Originally, this calculation was
1103 * dp = (uint32_t *)&rp->rm_reply.rp_acpt.ar_verf
1104 * On the wire, the rp_acpt field starts immediately after
1105 * the (32 bit) rp_stat field. However, rp_acpt (which is a
1106 * "struct accepted_reply") contains a "struct opaque_auth",
1107 * whose internal representation contains a pointer, so on a
1108 * 64-bit machine the compiler inserts 32 bits of padding
1109 * before rp->rm_reply.rp_acpt.ar_verf. So, we cannot use
1110 * the internal representation to parse the on-the-wire
1111 * representation. Instead, we skip past the rp_stat field,
1112 * which is an "enum" and so occupies one 32-bit word.
1113 */
1114 dp = ((const uint32_t *)&rp->rm_reply) + 1;
1115 ND_TCHECK_4(dp + 1);
1116 len = GET_BE_U_4(dp + 1);
1117 if (len >= length)
1118 return (NULL);
1119 /*
1120 * skip past the ar_verf credentials.
1121 */
1122 dp += (len + (2*sizeof(uint32_t) + 3)) / sizeof(uint32_t);
1123
1124 /*
1125 * now we can check the ar_stat field
1126 */
1127 ND_TCHECK_4(dp);
1128 astat = (enum sunrpc_accept_stat) GET_BE_U_4(dp);
1129 if (astat != SUNRPC_SUCCESS) {
1130 ND_PRINT(" %s", tok2str(sunrpc_str, "ar_stat %u", astat));
1131 *nfserrp = 1; /* suppress trunc string */
1132 return (NULL);
1133 }
1134 /* successful return */
1135 ND_TCHECK_LEN(dp, sizeof(astat));
1136 return ((const uint32_t *) (sizeof(astat) + ((const char *)dp)));
1137 trunc:
1138 return (0);
1139 }
1140
1141 static const uint32_t *
1142 parsestatus(netdissect_options *ndo,
1143 const uint32_t *dp, u_int *er, int *nfserrp)
1144 {
1145 u_int errnum;
1146
1147 ND_TCHECK_4(dp);
1148
1149 errnum = GET_BE_U_4(dp);
1150 if (er)
1151 *er = errnum;
1152 if (errnum != 0) {
1153 if (!ndo->ndo_qflag)
1154 ND_PRINT(" ERROR: %s",
1155 tok2str(status2str, "unk %u", errnum));
1156 *nfserrp = 1;
1157 }
1158 return (dp + 1);
1159 trunc:
1160 return NULL;
1161 }
1162
1163 static const uint32_t *
1164 parsefattr(netdissect_options *ndo,
1165 const uint32_t *dp, int verbose, int v3)
1166 {
1167 const struct nfs_fattr *fap;
1168
1169 fap = (const struct nfs_fattr *)dp;
1170 ND_TCHECK_4(fap->fa_gid);
1171 if (verbose) {
1172 /*
1173 * XXX - UIDs and GIDs are unsigned in NFS and in
1174 * at least some UN*Xes, but we'll show them as
1175 * signed because -2 has traditionally been the
1176 * UID for "nobody", rather than 4294967294.
1177 */
1178 ND_PRINT(" %s %o ids %d/%d",
1179 tok2str(type2str, "unk-ft %u ",
1180 GET_BE_U_4(fap->fa_type)),
1181 GET_BE_U_4(fap->fa_mode),
1182 GET_BE_S_4(fap->fa_uid),
1183 GET_BE_S_4(fap->fa_gid));
1184 if (v3) {
1185 ND_TCHECK_8(fap->fa3_size);
1186 ND_PRINT(" sz %" PRIu64,
1187 GET_BE_U_8(fap->fa3_size));
1188 } else {
1189 ND_TCHECK_4(fap->fa2_size);
1190 ND_PRINT(" sz %u", GET_BE_U_4(fap->fa2_size));
1191 }
1192 }
1193 /* print lots more stuff */
1194 if (verbose > 1) {
1195 if (v3) {
1196 ND_TCHECK_8(&fap->fa3_ctime);
1197 ND_PRINT(" nlink %u rdev %u/%u",
1198 GET_BE_U_4(fap->fa_nlink),
1199 GET_BE_U_4(fap->fa3_rdev.specdata1),
1200 GET_BE_U_4(fap->fa3_rdev.specdata2));
1201 ND_PRINT(" fsid %" PRIx64,
1202 GET_BE_U_8(fap->fa3_fsid));
1203 ND_PRINT(" fileid %" PRIx64,
1204 GET_BE_U_8(fap->fa3_fileid));
1205 ND_PRINT(" a/m/ctime %u.%06u",
1206 GET_BE_U_4(fap->fa3_atime.nfsv3_sec),
1207 GET_BE_U_4(fap->fa3_atime.nfsv3_nsec));
1208 ND_PRINT(" %u.%06u",
1209 GET_BE_U_4(fap->fa3_mtime.nfsv3_sec),
1210 GET_BE_U_4(fap->fa3_mtime.nfsv3_nsec));
1211 ND_PRINT(" %u.%06u",
1212 GET_BE_U_4(fap->fa3_ctime.nfsv3_sec),
1213 GET_BE_U_4(fap->fa3_ctime.nfsv3_nsec));
1214 } else {
1215 ND_TCHECK_8(&fap->fa2_ctime);
1216 ND_PRINT(" nlink %u rdev 0x%x fsid 0x%x nodeid 0x%x a/m/ctime",
1217 GET_BE_U_4(fap->fa_nlink),
1218 GET_BE_U_4(fap->fa2_rdev),
1219 GET_BE_U_4(fap->fa2_fsid),
1220 GET_BE_U_4(fap->fa2_fileid));
1221 ND_PRINT(" %u.%06u",
1222 GET_BE_U_4(fap->fa2_atime.nfsv2_sec),
1223 GET_BE_U_4(fap->fa2_atime.nfsv2_usec));
1224 ND_PRINT(" %u.%06u",
1225 GET_BE_U_4(fap->fa2_mtime.nfsv2_sec),
1226 GET_BE_U_4(fap->fa2_mtime.nfsv2_usec));
1227 ND_PRINT(" %u.%06u",
1228 GET_BE_U_4(fap->fa2_ctime.nfsv2_sec),
1229 GET_BE_U_4(fap->fa2_ctime.nfsv2_usec));
1230 }
1231 }
1232 return ((const uint32_t *)((const unsigned char *)dp +
1233 (v3 ? NFSX_V3FATTR : NFSX_V2FATTR)));
1234 trunc:
1235 return (NULL);
1236 }
1237
1238 static int
1239 parseattrstat(netdissect_options *ndo,
1240 const uint32_t *dp, int verbose, int v3, int *nfserrp)
1241 {
1242 u_int er;
1243
1244 dp = parsestatus(ndo, dp, &er, nfserrp);
1245 if (dp == NULL)
1246 return (0);
1247 if (er)
1248 return (1);
1249
1250 return (parsefattr(ndo, dp, verbose, v3) != NULL);
1251 }
1252
1253 static int
1254 parsediropres(netdissect_options *ndo,
1255 const uint32_t *dp, int *nfserrp)
1256 {
1257 u_int er;
1258
1259 dp = parsestatus(ndo, dp, &er, nfserrp);
1260 if (dp == NULL)
1261 return (0);
1262 if (er)
1263 return (1);
1264
1265 dp = parsefh(ndo, dp, 0);
1266 if (dp == NULL)
1267 return (0);
1268
1269 return (parsefattr(ndo, dp, ndo->ndo_vflag, 0) != NULL);
1270 }
1271
1272 static int
1273 parselinkres(netdissect_options *ndo,
1274 const uint32_t *dp, int v3, int *nfserrp)
1275 {
1276 u_int er;
1277
1278 dp = parsestatus(ndo, dp, &er, nfserrp);
1279 if (dp == NULL)
1280 return(0);
1281 if (er)
1282 return(1);
1283 if (v3) {
1284 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1285 if (dp == NULL)
1286 return (0);
1287 }
1288 ND_PRINT(" ");
1289 return (parsefn(ndo, dp) != NULL);
1290 }
1291
1292 static int
1293 parsestatfs(netdissect_options *ndo,
1294 const uint32_t *dp, int v3, int *nfserrp)
1295 {
1296 const struct nfs_statfs *sfsp;
1297 u_int er;
1298
1299 dp = parsestatus(ndo, dp, &er, nfserrp);
1300 if (dp == NULL)
1301 return (0);
1302 if (!v3 && er)
1303 return (1);
1304
1305 if (ndo->ndo_qflag)
1306 return(1);
1307
1308 if (v3) {
1309 if (ndo->ndo_vflag)
1310 ND_PRINT(" POST:");
1311 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1312 if (dp == NULL)
1313 return (0);
1314 }
1315
1316 ND_TCHECK_LEN(dp, (v3 ? NFSX_V3STATFS : NFSX_V2STATFS));
1317
1318 sfsp = (const struct nfs_statfs *)dp;
1319
1320 if (v3) {
1321 ND_PRINT(" tbytes %" PRIu64 " fbytes %" PRIu64 " abytes %" PRIu64,
1322 GET_BE_U_8(sfsp->sf_tbytes),
1323 GET_BE_U_8(sfsp->sf_fbytes),
1324 GET_BE_U_8(sfsp->sf_abytes));
1325 if (ndo->ndo_vflag) {
1326 ND_PRINT(" tfiles %" PRIu64 " ffiles %" PRIu64 " afiles %" PRIu64 " invar %u",
1327 GET_BE_U_8(sfsp->sf_tfiles),
1328 GET_BE_U_8(sfsp->sf_ffiles),
1329 GET_BE_U_8(sfsp->sf_afiles),
1330 GET_BE_U_4(sfsp->sf_invarsec));
1331 }
1332 } else {
1333 ND_PRINT(" tsize %u bsize %u blocks %u bfree %u bavail %u",
1334 GET_BE_U_4(sfsp->sf_tsize),
1335 GET_BE_U_4(sfsp->sf_bsize),
1336 GET_BE_U_4(sfsp->sf_blocks),
1337 GET_BE_U_4(sfsp->sf_bfree),
1338 GET_BE_U_4(sfsp->sf_bavail));
1339 }
1340
1341 return (1);
1342 trunc:
1343 return (0);
1344 }
1345
1346 static int
1347 parserddires(netdissect_options *ndo,
1348 const uint32_t *dp, int *nfserrp)
1349 {
1350 u_int er;
1351
1352 dp = parsestatus(ndo, dp, &er, nfserrp);
1353 if (dp == NULL)
1354 return (0);
1355 if (er)
1356 return (1);
1357 if (ndo->ndo_qflag)
1358 return (1);
1359
1360 ND_TCHECK_4(dp + 2);
1361 ND_PRINT(" offset 0x%x size %u ",
1362 GET_BE_U_4(dp), GET_BE_U_4(dp + 1));
1363 if (GET_BE_U_4(dp + 2) != 0)
1364 ND_PRINT(" eof");
1365
1366 return (1);
1367 trunc:
1368 return (0);
1369 }
1370
1371 static const uint32_t *
1372 parse_wcc_attr(netdissect_options *ndo,
1373 const uint32_t *dp)
1374 {
1375 /* Our caller has already checked this */
1376 ND_PRINT(" sz %" PRIu64, GET_BE_U_8(dp));
1377 ND_PRINT(" mtime %u.%06u ctime %u.%06u",
1378 GET_BE_U_4(dp + 2), GET_BE_U_4(dp + 3),
1379 GET_BE_U_4(dp + 4), GET_BE_U_4(dp + 5));
1380 return (dp + 6);
1381 }
1382
1383 /*
1384 * Pre operation attributes. Print only if vflag > 1.
1385 */
1386 static const uint32_t *
1387 parse_pre_op_attr(netdissect_options *ndo,
1388 const uint32_t *dp, int verbose)
1389 {
1390 ND_TCHECK_4(dp);
1391 if (!GET_BE_U_4(dp))
1392 return (dp + 1);
1393 dp++;
1394 ND_TCHECK_LEN(dp, 24);
1395 if (verbose > 1) {
1396 return parse_wcc_attr(ndo, dp);
1397 } else {
1398 /* If not verbose enough, just skip over wcc_attr */
1399 return (dp + 6);
1400 }
1401 trunc:
1402 return (NULL);
1403 }
1404
1405 /*
1406 * Post operation attributes are printed if vflag >= 1
1407 */
1408 static const uint32_t *
1409 parse_post_op_attr(netdissect_options *ndo,
1410 const uint32_t *dp, int verbose)
1411 {
1412 ND_TCHECK_4(dp);
1413 if (!GET_BE_U_4(dp))
1414 return (dp + 1);
1415 dp++;
1416 if (verbose) {
1417 return parsefattr(ndo, dp, verbose, 1);
1418 } else
1419 return (dp + (NFSX_V3FATTR / sizeof (uint32_t)));
1420 trunc:
1421 return (NULL);
1422 }
1423
1424 static const uint32_t *
1425 parse_wcc_data(netdissect_options *ndo,
1426 const uint32_t *dp, int verbose)
1427 {
1428 if (verbose > 1)
1429 ND_PRINT(" PRE:");
1430 dp = parse_pre_op_attr(ndo, dp, verbose);
1431 if (dp == NULL)
1432 return (0);
1433
1434 if (verbose)
1435 ND_PRINT(" POST:");
1436 return parse_post_op_attr(ndo, dp, verbose);
1437 }
1438
1439 static const uint32_t *
1440 parsecreateopres(netdissect_options *ndo,
1441 const uint32_t *dp, int verbose, int *nfserrp)
1442 {
1443 u_int er;
1444
1445 dp = parsestatus(ndo, dp, &er, nfserrp);
1446 if (dp == NULL)
1447 return (0);
1448 if (er)
1449 dp = parse_wcc_data(ndo, dp, verbose);
1450 else {
1451 ND_TCHECK_4(dp);
1452 if (!GET_BE_U_4(dp))
1453 return (dp + 1);
1454 dp++;
1455 dp = parsefh(ndo, dp, 1);
1456 if (dp == NULL)
1457 return (0);
1458 if (verbose) {
1459 dp = parse_post_op_attr(ndo, dp, verbose);
1460 if (dp == NULL)
1461 return (0);
1462 if (ndo->ndo_vflag > 1) {
1463 ND_PRINT(" dir attr:");
1464 dp = parse_wcc_data(ndo, dp, verbose);
1465 }
1466 }
1467 }
1468 return (dp);
1469 trunc:
1470 return (NULL);
1471 }
1472
1473 static const uint32_t *
1474 parsewccres(netdissect_options *ndo,
1475 const uint32_t *dp, int verbose, int *nfserrp)
1476 {
1477 u_int er;
1478
1479 dp = parsestatus(ndo, dp, &er, nfserrp);
1480 if (dp == NULL)
1481 return (0);
1482 return parse_wcc_data(ndo, dp, verbose);
1483 }
1484
1485 static const uint32_t *
1486 parsev3rddirres(netdissect_options *ndo,
1487 const uint32_t *dp, int verbose, int *nfserrp)
1488 {
1489 u_int er;
1490
1491 dp = parsestatus(ndo, dp, &er, nfserrp);
1492 if (dp == NULL)
1493 return (0);
1494 if (ndo->ndo_vflag)
1495 ND_PRINT(" POST:");
1496 dp = parse_post_op_attr(ndo, dp, verbose);
1497 if (dp == NULL)
1498 return (0);
1499 if (er)
1500 return dp;
1501 if (ndo->ndo_vflag) {
1502 ND_TCHECK_4(dp + 1);
1503 /*
1504 * This displays the 8 bytes of the verifier in order,
1505 * from the low-order byte to the high-order byte.
1506 */
1507 ND_PRINT(" verf %08x%08x",
1508 GET_BE_U_4(dp), GET_BE_U_4(dp + 1));
1509 dp += 2;
1510 }
1511 return dp;
1512 trunc:
1513 return (NULL);
1514 }
1515
1516 static int
1517 parsefsinfo(netdissect_options *ndo,
1518 const uint32_t *dp, int *nfserrp)
1519 {
1520 const struct nfsv3_fsinfo *sfp;
1521 u_int er;
1522
1523 dp = parsestatus(ndo, dp, &er, nfserrp);
1524 if (dp == NULL)
1525 return (0);
1526 if (ndo->ndo_vflag)
1527 ND_PRINT(" POST:");
1528 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1529 if (dp == NULL)
1530 return (0);
1531 if (er)
1532 return (1);
1533
1534 sfp = (const struct nfsv3_fsinfo *)dp;
1535 ND_TCHECK_SIZE(sfp);
1536 ND_PRINT(" rtmax %u rtpref %u wtmax %u wtpref %u dtpref %u",
1537 GET_BE_U_4(sfp->fs_rtmax),
1538 GET_BE_U_4(sfp->fs_rtpref),
1539 GET_BE_U_4(sfp->fs_wtmax),
1540 GET_BE_U_4(sfp->fs_wtpref),
1541 GET_BE_U_4(sfp->fs_dtpref));
1542 if (ndo->ndo_vflag) {
1543 ND_PRINT(" rtmult %u wtmult %u maxfsz %" PRIu64,
1544 GET_BE_U_4(sfp->fs_rtmult),
1545 GET_BE_U_4(sfp->fs_wtmult),
1546 GET_BE_U_8(sfp->fs_maxfilesize));
1547 ND_PRINT(" delta %u.%06u ",
1548 GET_BE_U_4(sfp->fs_timedelta.nfsv3_sec),
1549 GET_BE_U_4(sfp->fs_timedelta.nfsv3_nsec));
1550 }
1551 return (1);
1552 trunc:
1553 return (0);
1554 }
1555
1556 static int
1557 parsepathconf(netdissect_options *ndo,
1558 const uint32_t *dp, int *nfserrp)
1559 {
1560 u_int er;
1561 const struct nfsv3_pathconf *spp;
1562
1563 dp = parsestatus(ndo, dp, &er, nfserrp);
1564 if (dp == NULL)
1565 return (0);
1566 if (ndo->ndo_vflag)
1567 ND_PRINT(" POST:");
1568 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1569 if (dp == NULL)
1570 return (0);
1571 if (er)
1572 return (1);
1573
1574 spp = (const struct nfsv3_pathconf *)dp;
1575 ND_TCHECK_SIZE(spp);
1576
1577 ND_PRINT(" linkmax %u namemax %u %s %s %s %s",
1578 GET_BE_U_4(spp->pc_linkmax),
1579 GET_BE_U_4(spp->pc_namemax),
1580 GET_BE_U_4(spp->pc_notrunc) ? "notrunc" : "",
1581 GET_BE_U_4(spp->pc_chownrestricted) ? "chownres" : "",
1582 GET_BE_U_4(spp->pc_caseinsensitive) ? "igncase" : "",
1583 GET_BE_U_4(spp->pc_casepreserving) ? "keepcase" : "");
1584 return (1);
1585 trunc:
1586 return (0);
1587 }
1588
1589 static void
1590 interp_reply(netdissect_options *ndo,
1591 const struct sunrpc_msg *rp, uint32_t proc, uint32_t vers,
1592 int length)
1593 {
1594 const uint32_t *dp;
1595 int v3;
1596 u_int er;
1597 int nfserr = 0;
1598
1599 v3 = (vers == NFS_VER3);
1600
1601 if (!v3 && proc < NFS_NPROCS)
1602 proc = nfsv3_procid[proc];
1603
1604 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
1605 switch (proc) {
1606
1607 case NFSPROC_GETATTR:
1608 dp = parserep(ndo, rp, length, &nfserr);
1609 if (dp == NULL)
1610 goto trunc;
1611 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, v3, &nfserr) == 0)
1612 goto trunc;
1613 break;
1614
1615 case NFSPROC_SETATTR:
1616 dp = parserep(ndo, rp, length, &nfserr);
1617 if (dp == NULL)
1618 goto trunc;
1619 if (v3) {
1620 if (parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr) == 0)
1621 goto trunc;
1622 } else {
1623 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, 0, &nfserr) == 0)
1624 goto trunc;
1625 }
1626 break;
1627
1628 case NFSPROC_LOOKUP:
1629 dp = parserep(ndo, rp, length, &nfserr);
1630 if (dp == NULL)
1631 goto trunc;
1632 if (v3) {
1633 dp = parsestatus(ndo, dp, &er, &nfserr);
1634 if (dp == NULL)
1635 goto trunc;
1636 if (er) {
1637 if (ndo->ndo_vflag > 1) {
1638 ND_PRINT(" post dattr:");
1639 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1640 if (dp == NULL)
1641 goto trunc;
1642 }
1643 } else {
1644 dp = parsefh(ndo, dp, v3);
1645 if (dp == NULL)
1646 goto trunc;
1647 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1648 if (dp == NULL)
1649 goto trunc;
1650 if (ndo->ndo_vflag > 1) {
1651 ND_PRINT(" post dattr:");
1652 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1653 if (dp == NULL)
1654 goto trunc;
1655 }
1656 }
1657 } else {
1658 if (parsediropres(ndo, dp, &nfserr) == 0)
1659 goto trunc;
1660 }
1661 break;
1662
1663 case NFSPROC_ACCESS:
1664 dp = parserep(ndo, rp, length, &nfserr);
1665 if (dp == NULL)
1666 goto trunc;
1667 dp = parsestatus(ndo, dp, &er, &nfserr);
1668 if (dp == NULL)
1669 goto trunc;
1670 if (ndo->ndo_vflag)
1671 ND_PRINT(" attr:");
1672 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1673 if (dp == NULL)
1674 goto trunc;
1675 if (!er) {
1676 ND_TCHECK_4(dp);
1677 ND_PRINT(" c %04x", GET_BE_U_4(dp));
1678 }
1679 break;
1680
1681 case NFSPROC_READLINK:
1682 dp = parserep(ndo, rp, length, &nfserr);
1683 if (dp == NULL)
1684 goto trunc;
1685 if (parselinkres(ndo, dp, v3, &nfserr) == 0)
1686 goto trunc;
1687 break;
1688
1689 case NFSPROC_READ:
1690 dp = parserep(ndo, rp, length, &nfserr);
1691 if (dp == NULL)
1692 goto trunc;
1693 if (v3) {
1694 dp = parsestatus(ndo, dp, &er, &nfserr);
1695 if (dp == NULL)
1696 goto trunc;
1697 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1698 if (dp == NULL)
1699 goto trunc;
1700 if (!er) {
1701 if (ndo->ndo_vflag) {
1702 ND_TCHECK_4(dp + 1);
1703 ND_PRINT(" %u bytes", GET_BE_U_4(dp));
1704 if (GET_BE_U_4(dp + 1))
1705 ND_PRINT(" EOF");
1706 }
1707 }
1708 } else {
1709 if (parseattrstat(ndo, dp, ndo->ndo_vflag, 0, &nfserr) == 0)
1710 goto trunc;
1711 }
1712 break;
1713
1714 case NFSPROC_WRITE:
1715 dp = parserep(ndo, rp, length, &nfserr);
1716 if (dp == NULL)
1717 goto trunc;
1718 if (v3) {
1719 dp = parsestatus(ndo, dp, &er, &nfserr);
1720 if (dp == NULL)
1721 goto trunc;
1722 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1723 if (dp == NULL)
1724 goto trunc;
1725 if (!er) {
1726 if (ndo->ndo_vflag) {
1727 ND_TCHECK_4(dp);
1728 ND_PRINT(" %u bytes", GET_BE_U_4(dp));
1729 if (ndo->ndo_vflag > 1) {
1730 ND_TCHECK_4(dp + 1);
1731 ND_PRINT(" <%s>",
1732 tok2str(nfsv3_writemodes,
1733 NULL, GET_BE_U_4(dp + 1)));
1734
1735 /* write-verf-cookie */
1736 ND_TCHECK_8(dp + 2);
1737 ND_PRINT(" verf %" PRIx64,
1738 GET_BE_U_8(dp + 2));
1739 }
1740 }
1741 }
1742 return;
1743 } else {
1744 if (parseattrstat(ndo, dp, ndo->ndo_vflag, v3, &nfserr) == 0)
1745 goto trunc;
1746 }
1747 break;
1748
1749 case NFSPROC_CREATE:
1750 case NFSPROC_MKDIR:
1751 dp = parserep(ndo, rp, length, &nfserr);
1752 if (dp == NULL)
1753 goto trunc;
1754 if (v3) {
1755 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1756 goto trunc;
1757 } else {
1758 if (parsediropres(ndo, dp, &nfserr) == 0)
1759 goto trunc;
1760 }
1761 break;
1762
1763 case NFSPROC_SYMLINK:
1764 dp = parserep(ndo, rp, length, &nfserr);
1765 if (dp == NULL)
1766 goto trunc;
1767 if (v3) {
1768 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1769 goto trunc;
1770 } else {
1771 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1772 goto trunc;
1773 }
1774 break;
1775
1776 case NFSPROC_MKNOD:
1777 dp = parserep(ndo, rp, length, &nfserr);
1778 if (dp == NULL)
1779 goto trunc;
1780 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1781 goto trunc;
1782 break;
1783
1784 case NFSPROC_REMOVE:
1785 case NFSPROC_RMDIR:
1786 dp = parserep(ndo, rp, length, &nfserr);
1787 if (dp == NULL)
1788 goto trunc;
1789 if (v3) {
1790 if (parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1791 goto trunc;
1792 } else {
1793 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1794 goto trunc;
1795 }
1796 break;
1797
1798 case NFSPROC_RENAME:
1799 dp = parserep(ndo, rp, length, &nfserr);
1800 if (dp == NULL)
1801 goto trunc;
1802 if (v3) {
1803 dp = parsestatus(ndo, dp, &er, &nfserr);
1804 if (dp == NULL)
1805 goto trunc;
1806 if (ndo->ndo_vflag) {
1807 ND_PRINT(" from:");
1808 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1809 if (dp == NULL)
1810 goto trunc;
1811 ND_PRINT(" to:");
1812 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1813 if (dp == NULL)
1814 goto trunc;
1815 }
1816 } else {
1817 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1818 goto trunc;
1819 }
1820 break;
1821
1822 case NFSPROC_LINK:
1823 dp = parserep(ndo, rp, length, &nfserr);
1824 if (dp == NULL)
1825 goto trunc;
1826 if (v3) {
1827 dp = parsestatus(ndo, dp, &er, &nfserr);
1828 if (dp == NULL)
1829 goto trunc;
1830 if (ndo->ndo_vflag) {
1831 ND_PRINT(" file POST:");
1832 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1833 if (dp == NULL)
1834 goto trunc;
1835 ND_PRINT(" dir:");
1836 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1837 if (dp == NULL)
1838 goto trunc;
1839 }
1840 return;
1841 } else {
1842 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1843 goto trunc;
1844 }
1845 break;
1846
1847 case NFSPROC_READDIR:
1848 dp = parserep(ndo, rp, length, &nfserr);
1849 if (dp == NULL)
1850 goto trunc;
1851 if (v3) {
1852 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1853 goto trunc;
1854 } else {
1855 if (parserddires(ndo, dp, &nfserr) == 0)
1856 goto trunc;
1857 }
1858 break;
1859
1860 case NFSPROC_READDIRPLUS:
1861 dp = parserep(ndo, rp, length, &nfserr);
1862 if (dp == NULL)
1863 goto trunc;
1864 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1865 goto trunc;
1866 break;
1867
1868 case NFSPROC_FSSTAT:
1869 dp = parserep(ndo, rp, length, &nfserr);
1870 if (dp == NULL)
1871 goto trunc;
1872 if (parsestatfs(ndo, dp, v3, &nfserr) == 0)
1873 goto trunc;
1874 break;
1875
1876 case NFSPROC_FSINFO:
1877 dp = parserep(ndo, rp, length, &nfserr);
1878 if (dp == NULL)
1879 goto trunc;
1880 if (parsefsinfo(ndo, dp, &nfserr) == 0)
1881 goto trunc;
1882 break;
1883
1884 case NFSPROC_PATHCONF:
1885 dp = parserep(ndo, rp, length, &nfserr);
1886 if (dp == NULL)
1887 goto trunc;
1888 if (parsepathconf(ndo, dp, &nfserr) == 0)
1889 goto trunc;
1890 break;
1891
1892 case NFSPROC_COMMIT:
1893 dp = parserep(ndo, rp, length, &nfserr);
1894 if (dp == NULL)
1895 goto trunc;
1896 dp = parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr);
1897 if (dp == NULL)
1898 goto trunc;
1899 if (ndo->ndo_vflag > 1) {
1900 /* write-verf-cookie */
1901 ND_TCHECK_8(dp);
1902 ND_PRINT(" verf %" PRIx64, GET_BE_U_8(dp));
1903 }
1904 break;
1905
1906 default:
1907 break;
1908 }
1909 return;
1910
1911 trunc:
1912 if (!nfserr)
1913 nd_print_trunc(ndo);
1914 }
[mirror] the TCPdump network dissector