]> The Tcpdump Group git mirrors - tcpdump/blob - print-domain.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added support for Win32, based on WinPcap.
[tcpdump] / print-domain.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/tcpdump/print-domain.c,v 1.79 2002-08-01 08:53:04 risso Exp $ (LBL)";
25 #endif
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <tcpdump-stdinc.h>
32
33 #include "nameser.h"
34
35 #include <stdio.h>
36 #include <string.h>
37
38 #include "interface.h"
39 #include "addrtoname.h"
40 #include "extract.h" /* must come after interface.h */
41
42 static const char *ns_ops[] = {
43 "", " inv_q", " stat", " op3", " notify", " update", " op6", " op7",
44 " op8", " updataA", " updateD", " updateDA",
45 " updateM", " updateMA", " zoneInit", " zoneRef",
46 };
47
48 static const char *ns_resp[] = {
49 "", " FormErr", " ServFail", " NXDomain",
50 " NotImp", " Refused", " YXDomain", " YXRRSet",
51 " NXRRSet", " NotAuth", " NotZone", " Resp11",
52 " Resp12", " Resp13", " Resp14", " NoChange",
53 };
54
55 /* skip over a domain name */
56 static const u_char *
57 ns_nskip(register const u_char *cp, register const u_char *bp)
58 {
59 register u_char i;
60
61 if (!TTEST2(*cp, 1))
62 return (NULL);
63 if (((i = *cp++) & INDIR_MASK) == INDIR_MASK)
64 return (cp + 1);
65 while (i) {
66 if ((i & INDIR_MASK) == EDNS0_MASK) {
67 int bitlen, bytelen;
68
69 if ((i & ~INDIR_MASK) != EDNS0_ELT_BITLABEL)
70 return(NULL); /* unknown ELT */
71 if (!TTEST2(*cp, 1))
72 return (NULL);
73 if ((bitlen = *cp++) == 0)
74 bitlen = 256;
75 bytelen = (bitlen + 7) / 8;
76 cp += bytelen;
77 } else
78 cp += i;
79 if (!TTEST2(*cp, 1))
80 return (NULL);
81 i = *cp++;
82 }
83 return (cp);
84 }
85
86 /* print a <domain-name> */
87 static const u_char *
88 blabel_print(const u_char *cp)
89 {
90 int bitlen, slen, b;
91 int truncated = 0;
92 const u_char *bitp, *lim;
93 char tc;
94
95 if (!TTEST2(*cp, 1))
96 return(NULL);
97 if ((bitlen = *cp) == 0)
98 bitlen = 256;
99 slen = (bitlen + 3) / 4;
100 if ((lim = cp + 1 + slen) > snapend) {
101 truncated = 1;
102 lim = snapend;
103 }
104
105 /* print the bit string as a hex string */
106 printf("\\[x");
107 for (bitp = cp + 1, b = bitlen; bitp < lim && b > 7; b -= 8, bitp++)
108 printf("%02x", *bitp);
109 if (bitp == lim)
110 printf("...");
111 else if (b > 4) {
112 tc = *bitp++;
113 printf("%02x", tc & (0xff << (8 - b)));
114 } else if (b > 0) {
115 tc = *bitp++;
116 printf("%1x", ((tc >> 4) & 0x0f) & (0x0f << (4 - b)));
117 }
118 printf("/%d]", bitlen);
119
120 return(truncated ? NULL : lim);
121 }
122
123 static int
124 labellen(const u_char *cp)
125 {
126 register u_int i;
127
128 if (!TTEST2(*cp, 1))
129 return(-1);
130 i = *cp;
131 if ((i & INDIR_MASK) == EDNS0_MASK) {
132 int bitlen, elt;
133
134 if ((elt = (i & ~INDIR_MASK)) != EDNS0_ELT_BITLABEL)
135 return(-1);
136 if (!TTEST2(*(cp + 1), 1))
137 return(-1);
138 if ((bitlen = *(cp + 1)) == 0)
139 bitlen = 256;
140 return(((bitlen + 7) / 8) + 1);
141 } else
142 return(i);
143 }
144
145 static const u_char *
146 ns_nprint(register const u_char *cp, register const u_char *bp)
147 {
148 register u_int i, l;
149 register const u_char *rp = NULL;
150 register int compress = 0;
151 int chars_processed;
152 int elt;
153 int data_size = snapend - bp;
154
155 if ((l = labellen(cp)) < 0)
156 return(NULL);
157 if (!TTEST2(*cp, 1))
158 return(NULL);
159 chars_processed = 1;
160 if (((i = *cp++) & INDIR_MASK) != INDIR_MASK) {
161 compress = 0;
162 rp = cp + l;
163 }
164
165 if (i != 0)
166 while (i && cp < snapend) {
167 if ((i & INDIR_MASK) == INDIR_MASK) {
168 if (!compress) {
169 rp = cp + 1;
170 compress = 1;
171 }
172 if (!TTEST2(*cp, 1))
173 return(NULL);
174 cp = bp + (((i << 8) | *cp) & 0x3fff);
175 if ((l = labellen(cp)) < 0)
176 return(NULL);
177 if (!TTEST2(*cp, 1))
178 return(NULL);
179 i = *cp++;
180 chars_processed++;
181
182 /*
183 * If we've looked at every character in
184 * the message, this pointer will make
185 * us look at some character again,
186 * which means we're looping.
187 */
188 if (chars_processed >= data_size) {
189 printf("<LOOP>");
190 return (NULL);
191 }
192 continue;
193 }
194 if ((i & INDIR_MASK) == EDNS0_MASK) {
195 elt = (i & ~INDIR_MASK);
196 switch(elt) {
197 case EDNS0_ELT_BITLABEL:
198 if (blabel_print(cp) == NULL)
199 return (NULL);
200 break;
201 default:
202 /* unknown ELT */
203 printf("<ELT %d>", elt);
204 return(NULL);
205 }
206 } else {
207 if (fn_printn(cp, l, snapend))
208 return(NULL);
209 }
210
211 cp += l;
212 chars_processed += l;
213 putchar('.');
214 if ((l = labellen(cp)) < 0)
215 return(NULL);
216 if (!TTEST2(*cp, 1))
217 return(NULL);
218 i = *cp++;
219 chars_processed++;
220 if (!compress)
221 rp += l + 1;
222 }
223 else
224 putchar('.');
225 return (rp);
226 }
227
228 /* print a <character-string> */
229 static const u_char *
230 ns_cprint(register const u_char *cp, register const u_char *bp)
231 {
232 register u_int i;
233
234 if (!TTEST2(*cp, 1))
235 return (NULL);
236 i = *cp++;
237 if (fn_printn(cp, i, snapend))
238 return (NULL);
239 return (cp + i);
240 }
241
242 struct tok ns_type2str[] = {
243 { T_A, "A" },
244 { T_NS, "NS" },
245 { T_MD, "MD" },
246 { T_MF, "MF" },
247 { T_CNAME, "CNAME" },
248 { T_SOA, "SOA" },
249 { T_MB, "MB" },
250 { T_MG, "MG" },
251 { T_MR, "MR" },
252 { T_NULL, "NULL" },
253 { T_WKS, "WKS" },
254 { T_PTR, "PTR" },
255 { T_HINFO, "HINFO" },
256 { T_MINFO, "MINFO" },
257 { T_MX, "MX" },
258 { T_TXT, "TXT" },
259 { T_RP, "RP" },
260 { T_AFSDB, "AFSDB" },
261 { T_X25, "X25" },
262 { T_ISDN, "ISDN" },
263 { T_RT, "RT" },
264 { T_NSAP, "NSAP" },
265 { T_NSAP_PTR, "NSAP_PTR" },
266 { T_SIG, "SIG" },
267 { T_KEY, "KEY" },
268 { T_PX, "PX" },
269 { T_GPOS, "GPOS" },
270 { T_AAAA, "AAAA" },
271 { T_LOC, "LOC" },
272 { T_NXT, "NXT" },
273 { T_EID, "EID" },
274 { T_NIMLOC, "NIMLOC" },
275 { T_SRV, "SRV" },
276 { T_ATMA, "ATMA" },
277 { T_NAPTR, "NAPTR" },
278 { T_A6, "A6" },
279 { T_DNAME, "DNAME" },
280 { T_OPT, "OPT" },
281 { T_UINFO, "UINFO" },
282 { T_UID, "UID" },
283 { T_GID, "GID" },
284 { T_UNSPEC, "UNSPEC" },
285 { T_UNSPECA, "UNSPECA" },
286 { T_TKEY, "TKEY" },
287 { T_TSIG, "TSIG" },
288 { T_IXFR, "IXFR" },
289 { T_AXFR, "AXFR" },
290 { T_MAILB, "MAILB" },
291 { T_MAILA, "MAILA" },
292 { T_ANY, "ANY" },
293 { 0, NULL }
294 };
295
296 struct tok ns_class2str[] = {
297 { C_IN, "IN" }, /* Not used */
298 { C_CHAOS, "CHAOS" },
299 { C_HS, "HS" },
300 { C_ANY, "ANY" },
301 { 0, NULL }
302 };
303
304 /* print a query */
305 static const u_char *
306 ns_qprint(register const u_char *cp, register const u_char *bp)
307 {
308 register const u_char *np = cp;
309 register u_int i;
310
311 cp = ns_nskip(cp, bp);
312
313 if (cp == NULL || !TTEST2(*cp, 4))
314 return(NULL);
315
316 /* print the qtype and qclass (if it's not IN) */
317 i = *cp++ << 8;
318 i |= *cp++;
319 printf(" %s", tok2str(ns_type2str, "Type%d", i));
320 i = *cp++ << 8;
321 i |= *cp++;
322 if (i != C_IN)
323 printf(" %s", tok2str(ns_class2str, "(Class %d)", i));
324
325 fputs("? ", stdout);
326 cp = ns_nprint(np, bp);
327 return(cp ? cp + 4 : NULL);
328 }
329
330 /* print a reply */
331 static const u_char *
332 ns_rprint(register const u_char *cp, register const u_char *bp)
333 {
334 register u_int class;
335 register u_short typ, len;
336 register const u_char *rp;
337
338 if (vflag) {
339 putchar(' ');
340 if ((cp = ns_nprint(cp, bp)) == NULL)
341 return NULL;
342 } else
343 cp = ns_nskip(cp, bp);
344
345 if (cp == NULL || !TTEST2(*cp, 10))
346 return (snapend);
347
348 /* print the type/qtype and class (if it's not IN) */
349 typ = *cp++ << 8;
350 typ |= *cp++;
351 class = *cp++ << 8;
352 class |= *cp++;
353 if (class != C_IN && typ != T_OPT)
354 printf(" %s", tok2str(ns_class2str, "(Class %d)", class));
355
356 /* ignore ttl */
357 cp += 4;
358
359 len = *cp++ << 8;
360 len |= *cp++;
361
362 rp = cp + len;
363
364 printf(" %s", tok2str(ns_type2str, "Type%d", typ));
365 if (rp > snapend)
366 return(NULL);
367
368 switch (typ) {
369 case T_A:
370 if (!TTEST2(*cp, sizeof(struct in_addr)))
371 return(NULL);
372 printf(" %s", ipaddr_string(cp));
373 break;
374
375 case T_NS:
376 case T_CNAME:
377 case T_PTR:
378 #ifdef T_DNAME
379 case T_DNAME:
380 #endif
381 putchar(' ');
382 if (ns_nprint(cp, bp) == NULL)
383 return(NULL);
384 break;
385
386 case T_SOA:
387 if (!vflag)
388 break;
389 putchar(' ');
390 if ((cp = ns_nprint(cp, bp)) == NULL)
391 return(NULL);
392 putchar(' ');
393 if ((cp = ns_nprint(cp, bp)) == NULL)
394 return(NULL);
395 if (!TTEST2(*cp, 5 * 4))
396 return(NULL);
397 printf(" %u", EXTRACT_32BITS(cp));
398 cp += 4;
399 printf(" %u", EXTRACT_32BITS(cp));
400 cp += 4;
401 printf(" %u", EXTRACT_32BITS(cp));
402 cp += 4;
403 printf(" %u", EXTRACT_32BITS(cp));
404 cp += 4;
405 printf(" %u", EXTRACT_32BITS(cp));
406 cp += 4;
407 break;
408 case T_MX:
409 putchar(' ');
410 if (!TTEST2(*cp, 2))
411 return(NULL);
412 if (ns_nprint(cp + 2, bp) == NULL)
413 return(NULL);
414 printf(" %d", EXTRACT_16BITS(cp));
415 break;
416
417 case T_TXT:
418 putchar(' ');
419 (void)ns_cprint(cp, bp);
420 break;
421
422 #ifdef INET6
423 case T_AAAA:
424 if (!TTEST2(*cp, sizeof(struct in6_addr)))
425 return(NULL);
426 printf(" %s", ip6addr_string(cp));
427 break;
428
429 case T_A6:
430 {
431 struct in6_addr a;
432 int pbit, pbyte;
433
434 if (!TTEST2(*cp, 1))
435 return(NULL);
436 pbit = *cp;
437 pbyte = (pbit & ~7) / 8;
438 if (pbit > 128) {
439 printf(" %u(bad plen)", pbit);
440 break;
441 } else if (pbit < 128) {
442 if (!TTEST2(*(cp + 1), sizeof(a) - pbyte))
443 return(NULL);
444 memset(&a, 0, sizeof(a));
445 memcpy(&a.s6_addr[pbyte], cp + 1, sizeof(a) - pbyte);
446 printf(" %u %s", pbit, ip6addr_string(&a));
447 }
448 if (pbit > 0) {
449 putchar(' ');
450 if (ns_nprint(cp + 1 + sizeof(a) - pbyte, bp) == NULL)
451 return(NULL);
452 }
453 break;
454 }
455 #endif /*INET6*/
456
457 case T_OPT:
458 printf(" UDPsize=%u", class);
459 break;
460
461 case T_UNSPECA: /* One long string */
462 if (!TTEST2(*cp, len))
463 return(NULL);
464 if (fn_printn(cp, len, snapend))
465 return(NULL);
466 break;
467
468 case T_TSIG:
469 {
470 if (cp + len > snapend)
471 return(NULL);
472 if (!vflag)
473 break;
474 putchar(' ');
475 if ((cp = ns_nprint(cp, bp)) == NULL)
476 return(NULL);
477 cp += 6;
478 if (!TTEST2(*cp, 2))
479 return(NULL);
480 printf(" fudge=%u", EXTRACT_16BITS(cp));
481 cp += 2;
482 if (!TTEST2(*cp, 2))
483 return(NULL);
484 printf(" maclen=%u", EXTRACT_16BITS(cp));
485 cp += 2 + EXTRACT_16BITS(cp);
486 if (!TTEST2(*cp, 2))
487 return(NULL);
488 printf(" origid=%u", EXTRACT_16BITS(cp));
489 cp += 2;
490 if (!TTEST2(*cp, 2))
491 return(NULL);
492 printf(" error=%u", EXTRACT_16BITS(cp));
493 cp += 2;
494 if (!TTEST2(*cp, 2))
495 return(NULL);
496 printf(" otherlen=%u", EXTRACT_16BITS(cp));
497 cp += 2;
498 }
499 }
500 return (rp); /* XXX This isn't always right */
501 }
502
503 void
504 ns_print(register const u_char *bp, u_int length)
505 {
506 register const HEADER *np;
507 register int qdcount, ancount, nscount, arcount;
508 register const u_char *cp;
509
510 np = (const HEADER *)bp;
511 TCHECK(*np);
512 /* get the byte-order right */
513 qdcount = ntohs(np->qdcount);
514 ancount = ntohs(np->ancount);
515 nscount = ntohs(np->nscount);
516 arcount = ntohs(np->arcount);
517
518 if (DNS_QR(np)) {
519 /* this is a response */
520 printf(" %d%s%s%s%s%s%s",
521 ntohs(np->id),
522 ns_ops[DNS_OPCODE(np)],
523 ns_resp[DNS_RCODE(np)],
524 DNS_AA(np)? "*" : "",
525 DNS_RA(np)? "" : "-",
526 DNS_TC(np)? "|" : "",
527 DNS_CD(np)? "%" : "");
528
529 if (qdcount != 1)
530 printf(" [%dq]", qdcount);
531 /* Print QUESTION section on -vv */
532 cp = (const u_char *)(np + 1);
533 while (qdcount--) {
534 if (qdcount < ntohs(np->qdcount) - 1)
535 putchar(',');
536 if (vflag > 1) {
537 fputs(" q:", stdout);
538 if ((cp = ns_qprint(cp, bp)) == NULL)
539 goto trunc;
540 } else {
541 if ((cp = ns_nskip(cp, bp)) == NULL)
542 goto trunc;
543 cp += 4; /* skip QTYPE and QCLASS */
544 }
545 }
546 printf(" %d/%d/%d", ancount, nscount, arcount);
547 if (ancount--) {
548 if ((cp = ns_rprint(cp, bp)) == NULL)
549 goto trunc;
550 while (cp < snapend && ancount--) {
551 putchar(',');
552 if ((cp = ns_rprint(cp, bp)) == NULL)
553 goto trunc;
554 }
555 }
556 if (ancount > 0)
557 goto trunc;
558 /* Print NS and AR sections on -vv */
559 if (vflag > 1) {
560 if (cp < snapend && nscount--) {
561 fputs(" ns:", stdout);
562 if ((cp = ns_rprint(cp, bp)) == NULL)
563 goto trunc;
564 while (cp < snapend && nscount--) {
565 putchar(',');
566 if ((cp = ns_rprint(cp, bp)) == NULL)
567 goto trunc;
568 }
569 }
570 if (nscount > 0)
571 goto trunc;
572 if (cp < snapend && arcount--) {
573 fputs(" ar:", stdout);
574 if ((cp = ns_rprint(cp, bp)) == NULL)
575 goto trunc;
576 while (cp < snapend && arcount--) {
577 putchar(',');
578 if ((cp = ns_rprint(cp, bp)) == NULL)
579 goto trunc;
580 }
581 }
582 if (arcount > 0)
583 goto trunc;
584 }
585 }
586 else {
587 /* this is a request */
588 printf(" %d%s%s%s", ntohs(np->id), ns_ops[DNS_OPCODE(np)],
589 DNS_RD(np) ? "+" : "",
590 DNS_AD(np) ? "$" : "");
591
592 /* any weirdness? */
593 if (*(((u_short *)np)+1) & htons(0x6cf))
594 printf(" [b2&3=0x%x]", ntohs(*(((u_short *)np)+1)));
595
596 if (DNS_OPCODE(np) == IQUERY) {
597 if (qdcount)
598 printf(" [%dq]", qdcount);
599 if (ancount != 1)
600 printf(" [%da]", ancount);
601 }
602 else {
603 if (ancount)
604 printf(" [%da]", ancount);
605 if (qdcount != 1)
606 printf(" [%dq]", qdcount);
607 }
608 if (nscount)
609 printf(" [%dn]", nscount);
610 if (arcount)
611 printf(" [%dau]", arcount);
612
613 cp = (const u_char *)(np + 1);
614 if (qdcount--) {
615 cp = ns_qprint(cp, (const u_char *)np);
616 if (!cp)
617 goto trunc;
618 while (cp < snapend && qdcount--) {
619 cp = ns_qprint((const u_char *)cp,
620 (const u_char *)np);
621 if (!cp)
622 goto trunc;
623 }
624 }
625 if (qdcount > 0)
626 goto trunc;
627
628 /* Print remaining sections on -vv */
629 if (vflag > 1) {
630 if (ancount--) {
631 if ((cp = ns_rprint(cp, bp)) == NULL)
632 goto trunc;
633 while (cp < snapend && ancount--) {
634 putchar(',');
635 if ((cp = ns_rprint(cp, bp)) == NULL)
636 goto trunc;
637 }
638 }
639 if (ancount > 0)
640 goto trunc;
641 if (cp < snapend && nscount--) {
642 fputs(" ns:", stdout);
643 if ((cp = ns_rprint(cp, bp)) == NULL)
644 goto trunc;
645 while (nscount-- && cp < snapend) {
646 putchar(',');
647 if ((cp = ns_rprint(cp, bp)) == NULL)
648 goto trunc;
649 }
650 }
651 if (nscount > 0)
652 goto trunc;
653 if (cp < snapend && arcount--) {
654 fputs(" ar:", stdout);
655 if ((cp = ns_rprint(cp, bp)) == NULL)
656 goto trunc;
657 while (cp < snapend && arcount--) {
658 putchar(',');
659 if ((cp = ns_rprint(cp, bp)) == NULL)
660 goto trunc;
661 }
662 }
663 if (arcount > 0)
664 goto trunc;
665 }
666 }
667 printf(" (%d)", length);
668 return;
669
670 trunc:
671 printf("[|domain]");
672 return;
673 }
[mirror] the TCPdump network dissector