]> The Tcpdump Group git mirrors - tcpdump/blob - print-domain.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Protect code for particular Juniper DLT_ values with #ifdefs, so this
[tcpdump] / print-domain.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #ifndef lint
23 static const char rcsid[] _U_ =
24 "@(#) $Header: /tcpdump/master/tcpdump/print-domain.c,v 1.89.2.1 2005-04-20 20:59:00 guy Exp $ (LBL)";
25 #endif
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <tcpdump-stdinc.h>
32
33 #include "nameser.h"
34
35 #include <stdio.h>
36 #include <string.h>
37
38 #include "interface.h"
39 #include "addrtoname.h"
40 #include "extract.h" /* must come after interface.h */
41
42 static const char *ns_ops[] = {
43 "", " inv_q", " stat", " op3", " notify", " update", " op6", " op7",
44 " op8", " updataA", " updateD", " updateDA",
45 " updateM", " updateMA", " zoneInit", " zoneRef",
46 };
47
48 static const char *ns_resp[] = {
49 "", " FormErr", " ServFail", " NXDomain",
50 " NotImp", " Refused", " YXDomain", " YXRRSet",
51 " NXRRSet", " NotAuth", " NotZone", " Resp11",
52 " Resp12", " Resp13", " Resp14", " NoChange",
53 };
54
55 /* skip over a domain name */
56 static const u_char *
57 ns_nskip(register const u_char *cp)
58 {
59 register u_char i;
60
61 if (!TTEST2(*cp, 1))
62 return (NULL);
63 i = *cp++;
64 while (i) {
65 if ((i & INDIR_MASK) == INDIR_MASK)
66 return (cp + 1);
67 if ((i & INDIR_MASK) == EDNS0_MASK) {
68 int bitlen, bytelen;
69
70 if ((i & ~INDIR_MASK) != EDNS0_ELT_BITLABEL)
71 return(NULL); /* unknown ELT */
72 if (!TTEST2(*cp, 1))
73 return (NULL);
74 if ((bitlen = *cp++) == 0)
75 bitlen = 256;
76 bytelen = (bitlen + 7) / 8;
77 cp += bytelen;
78 } else
79 cp += i;
80 if (!TTEST2(*cp, 1))
81 return (NULL);
82 i = *cp++;
83 }
84 return (cp);
85 }
86
87 /* print a <domain-name> */
88 static const u_char *
89 blabel_print(const u_char *cp)
90 {
91 int bitlen, slen, b;
92 const u_char *bitp, *lim;
93 char tc;
94
95 if (!TTEST2(*cp, 1))
96 return(NULL);
97 if ((bitlen = *cp) == 0)
98 bitlen = 256;
99 slen = (bitlen + 3) / 4;
100 lim = cp + 1 + slen;
101
102 /* print the bit string as a hex string */
103 printf("\\[x");
104 for (bitp = cp + 1, b = bitlen; bitp < lim && b > 7; b -= 8, bitp++) {
105 TCHECK(*bitp);
106 printf("%02x", *bitp);
107 }
108 if (b > 4) {
109 TCHECK(*bitp);
110 tc = *bitp++;
111 printf("%02x", tc & (0xff << (8 - b)));
112 } else if (b > 0) {
113 TCHECK(*bitp);
114 tc = *bitp++;
115 printf("%1x", ((tc >> 4) & 0x0f) & (0x0f << (4 - b)));
116 }
117 printf("/%d]", bitlen);
118 return lim;
119 trunc:
120 printf(".../%d]", bitlen);
121 return NULL;
122 }
123
124 static int
125 labellen(const u_char *cp)
126 {
127 register u_int i;
128
129 if (!TTEST2(*cp, 1))
130 return(-1);
131 i = *cp;
132 if ((i & INDIR_MASK) == EDNS0_MASK) {
133 int bitlen, elt;
134 if ((elt = (i & ~INDIR_MASK)) != EDNS0_ELT_BITLABEL) {
135 printf("<ELT %d>", elt);
136 return(-1);
137 }
138 if (!TTEST2(*(cp + 1), 1))
139 return(-1);
140 if ((bitlen = *(cp + 1)) == 0)
141 bitlen = 256;
142 return(((bitlen + 7) / 8) + 1);
143 } else
144 return(i);
145 }
146
147 static const u_char *
148 ns_nprint(register const u_char *cp, register const u_char *bp)
149 {
150 register u_int i, l;
151 register const u_char *rp = NULL;
152 register int compress = 0;
153 int chars_processed;
154 int elt;
155 int data_size = snapend - bp;
156
157 if ((l = labellen(cp)) == (u_int)-1)
158 return(NULL);
159 if (!TTEST2(*cp, 1))
160 return(NULL);
161 chars_processed = 1;
162 if (((i = *cp++) & INDIR_MASK) != INDIR_MASK) {
163 compress = 0;
164 rp = cp + l;
165 }
166
167 if (i != 0)
168 while (i && cp < snapend) {
169 if ((i & INDIR_MASK) == INDIR_MASK) {
170 if (!compress) {
171 rp = cp + 1;
172 compress = 1;
173 }
174 if (!TTEST2(*cp, 1))
175 return(NULL);
176 cp = bp + (((i << 8) | *cp) & 0x3fff);
177 if ((l = labellen(cp)) == (u_int)-1)
178 return(NULL);
179 if (!TTEST2(*cp, 1))
180 return(NULL);
181 i = *cp++;
182 chars_processed++;
183
184 /*
185 * If we've looked at every character in
186 * the message, this pointer will make
187 * us look at some character again,
188 * which means we're looping.
189 */
190 if (chars_processed >= data_size) {
191 printf("<LOOP>");
192 return (NULL);
193 }
194 continue;
195 }
196 if ((i & INDIR_MASK) == EDNS0_MASK) {
197 elt = (i & ~INDIR_MASK);
198 switch(elt) {
199 case EDNS0_ELT_BITLABEL:
200 if (blabel_print(cp) == NULL)
201 return (NULL);
202 break;
203 default:
204 /* unknown ELT */
205 printf("<ELT %d>", elt);
206 return(NULL);
207 }
208 } else {
209 if (fn_printn(cp, l, snapend))
210 return(NULL);
211 }
212
213 cp += l;
214 chars_processed += l;
215 putchar('.');
216 if ((l = labellen(cp)) == (u_int)-1)
217 return(NULL);
218 if (!TTEST2(*cp, 1))
219 return(NULL);
220 i = *cp++;
221 chars_processed++;
222 if (!compress)
223 rp += l + 1;
224 }
225 else
226 putchar('.');
227 return (rp);
228 }
229
230 /* print a <character-string> */
231 static const u_char *
232 ns_cprint(register const u_char *cp)
233 {
234 register u_int i;
235
236 if (!TTEST2(*cp, 1))
237 return (NULL);
238 i = *cp++;
239 if (fn_printn(cp, i, snapend))
240 return (NULL);
241 return (cp + i);
242 }
243
244 /* http://www.iana.org/assignments/dns-parameters */
245 struct tok ns_type2str[] = {
246 { T_A, "A" }, /* RFC 1035 */
247 { T_NS, "NS" }, /* RFC 1035 */
248 { T_MD, "MD" }, /* RFC 1035 */
249 { T_MF, "MF" }, /* RFC 1035 */
250 { T_CNAME, "CNAME" }, /* RFC 1035 */
251 { T_SOA, "SOA" }, /* RFC 1035 */
252 { T_MB, "MB" }, /* RFC 1035 */
253 { T_MG, "MG" }, /* RFC 1035 */
254 { T_MR, "MR" }, /* RFC 1035 */
255 { T_NULL, "NULL" }, /* RFC 1035 */
256 { T_WKS, "WKS" }, /* RFC 1035 */
257 { T_PTR, "PTR" }, /* RFC 1035 */
258 { T_HINFO, "HINFO" }, /* RFC 1035 */
259 { T_MINFO, "MINFO" }, /* RFC 1035 */
260 { T_MX, "MX" }, /* RFC 1035 */
261 { T_TXT, "TXT" }, /* RFC 1035 */
262 { T_RP, "RP" }, /* RFC 1183 */
263 { T_AFSDB, "AFSDB" }, /* RFC 1183 */
264 { T_X25, "X25" }, /* RFC 1183 */
265 { T_ISDN, "ISDN" }, /* RFC 1183 */
266 { T_RT, "RT" }, /* RFC 1183 */
267 { T_NSAP, "NSAP" }, /* RFC 1706 */
268 { T_NSAP_PTR, "NSAP_PTR" },
269 { T_SIG, "SIG" }, /* RFC 2535 */
270 { T_KEY, "KEY" }, /* RFC 2535 */
271 { T_PX, "PX" }, /* RFC 2163 */
272 { T_GPOS, "GPOS" }, /* RFC 1712 */
273 { T_AAAA, "AAAA" }, /* RFC 1886 */
274 { T_LOC, "LOC" }, /* RFC 1876 */
275 { T_NXT, "NXT" }, /* RFC 2535 */
276 { T_EID, "EID" }, /* Nimrod */
277 { T_NIMLOC, "NIMLOC" }, /* Nimrod */
278 { T_SRV, "SRV" }, /* RFC 2782 */
279 { T_ATMA, "ATMA" }, /* ATM Forum */
280 { T_NAPTR, "NAPTR" }, /* RFC 2168, RFC 2915 */
281 { T_A6, "A6" }, /* RFC 2874 */
282 { T_DNAME, "DNAME" }, /* RFC 2672 */
283 { T_OPT, "OPT" }, /* RFC 2671 */
284 { T_UINFO, "UINFO" },
285 { T_UID, "UID" },
286 { T_GID, "GID" },
287 { T_UNSPEC, "UNSPEC" },
288 { T_UNSPECA, "UNSPECA" },
289 { T_TKEY, "TKEY" }, /* RFC 2930 */
290 { T_TSIG, "TSIG" }, /* RFC 2845 */
291 { T_IXFR, "IXFR" }, /* RFC 1995 */
292 { T_AXFR, "AXFR" }, /* RFC 1035 */
293 { T_MAILB, "MAILB" }, /* RFC 1035 */
294 { T_MAILA, "MAILA" }, /* RFC 1035 */
295 { T_ANY, "ANY" },
296 { 0, NULL }
297 };
298
299 struct tok ns_class2str[] = {
300 { C_IN, "IN" }, /* Not used */
301 { C_CHAOS, "CHAOS" },
302 { C_HS, "HS" },
303 { C_ANY, "ANY" },
304 { 0, NULL }
305 };
306
307 /* print a query */
308 static const u_char *
309 ns_qprint(register const u_char *cp, register const u_char *bp, int is_mdns)
310 {
311 register const u_char *np = cp;
312 register u_int i;
313
314 cp = ns_nskip(cp);
315
316 if (cp == NULL || !TTEST2(*cp, 4))
317 return(NULL);
318
319 /* print the qtype and qclass (if it's not IN) */
320 i = EXTRACT_16BITS(cp);
321 cp += 2;
322 printf(" %s", tok2str(ns_type2str, "Type%d", i));
323 i = EXTRACT_16BITS(cp);
324 cp += 2;
325 if (is_mdns && i == (C_IN|C_CACHE_FLUSH))
326 printf(" (Cache flush)");
327 else if (i != C_IN)
328 printf(" %s", tok2str(ns_class2str, "(Class %d)", i));
329
330 fputs("? ", stdout);
331 cp = ns_nprint(np, bp);
332 return(cp ? cp + 4 : NULL);
333 }
334
335 /* print a reply */
336 static const u_char *
337 ns_rprint(register const u_char *cp, register const u_char *bp, int is_mdns)
338 {
339 register u_int class;
340 register u_short typ, len;
341 register const u_char *rp;
342
343 if (vflag) {
344 putchar(' ');
345 if ((cp = ns_nprint(cp, bp)) == NULL)
346 return NULL;
347 } else
348 cp = ns_nskip(cp);
349
350 if (cp == NULL || !TTEST2(*cp, 10))
351 return (snapend);
352
353 /* print the type/qtype and class (if it's not IN) */
354 typ = EXTRACT_16BITS(cp);
355 cp += 2;
356 class = EXTRACT_16BITS(cp);
357 cp += 2;
358 if (is_mdns && class == (C_IN|C_CACHE_FLUSH))
359 printf(" (Cache flush)");
360 else if (class != C_IN && typ != T_OPT)
361 printf(" %s", tok2str(ns_class2str, "(Class %d)", class));
362
363 /* ignore ttl */
364 cp += 4;
365
366 len = EXTRACT_16BITS(cp);
367 cp += 2;
368
369 rp = cp + len;
370
371 printf(" %s", tok2str(ns_type2str, "Type%d", typ));
372 if (rp > snapend)
373 return(NULL);
374
375 switch (typ) {
376 case T_A:
377 if (!TTEST2(*cp, sizeof(struct in_addr)))
378 return(NULL);
379 printf(" %s", ipaddr_string(cp));
380 break;
381
382 case T_NS:
383 case T_CNAME:
384 case T_PTR:
385 #ifdef T_DNAME
386 case T_DNAME:
387 #endif
388 putchar(' ');
389 if (ns_nprint(cp, bp) == NULL)
390 return(NULL);
391 break;
392
393 case T_SOA:
394 if (!vflag)
395 break;
396 putchar(' ');
397 if ((cp = ns_nprint(cp, bp)) == NULL)
398 return(NULL);
399 putchar(' ');
400 if ((cp = ns_nprint(cp, bp)) == NULL)
401 return(NULL);
402 if (!TTEST2(*cp, 5 * 4))
403 return(NULL);
404 printf(" %u", EXTRACT_32BITS(cp));
405 cp += 4;
406 printf(" %u", EXTRACT_32BITS(cp));
407 cp += 4;
408 printf(" %u", EXTRACT_32BITS(cp));
409 cp += 4;
410 printf(" %u", EXTRACT_32BITS(cp));
411 cp += 4;
412 printf(" %u", EXTRACT_32BITS(cp));
413 cp += 4;
414 break;
415 case T_MX:
416 putchar(' ');
417 if (!TTEST2(*cp, 2))
418 return(NULL);
419 if (ns_nprint(cp + 2, bp) == NULL)
420 return(NULL);
421 printf(" %d", EXTRACT_16BITS(cp));
422 break;
423
424 case T_TXT:
425 while (cp < rp) {
426 printf(" \"");
427 cp = ns_cprint(cp);
428 if (cp == NULL)
429 return(NULL);
430 putchar('"');
431 }
432 break;
433
434 case T_SRV:
435 putchar(' ');
436 if (!TTEST2(*cp, 6))
437 return(NULL);
438 if (ns_nprint(cp + 6, bp) == NULL)
439 return(NULL);
440 printf(":%d %d %d", EXTRACT_16BITS(cp + 4),
441 EXTRACT_16BITS(cp), EXTRACT_16BITS(cp + 2));
442 break;
443
444 #ifdef INET6
445 case T_AAAA:
446 if (!TTEST2(*cp, sizeof(struct in6_addr)))
447 return(NULL);
448 printf(" %s", ip6addr_string(cp));
449 break;
450
451 case T_A6:
452 {
453 struct in6_addr a;
454 int pbit, pbyte;
455
456 if (!TTEST2(*cp, 1))
457 return(NULL);
458 pbit = *cp;
459 pbyte = (pbit & ~7) / 8;
460 if (pbit > 128) {
461 printf(" %u(bad plen)", pbit);
462 break;
463 } else if (pbit < 128) {
464 if (!TTEST2(*(cp + 1), sizeof(a) - pbyte))
465 return(NULL);
466 memset(&a, 0, sizeof(a));
467 memcpy(&a.s6_addr[pbyte], cp + 1, sizeof(a) - pbyte);
468 printf(" %u %s", pbit, ip6addr_string(&a));
469 }
470 if (pbit > 0) {
471 putchar(' ');
472 if (ns_nprint(cp + 1 + sizeof(a) - pbyte, bp) == NULL)
473 return(NULL);
474 }
475 break;
476 }
477 #endif /*INET6*/
478
479 case T_OPT:
480 printf(" UDPsize=%u", class);
481 break;
482
483 case T_UNSPECA: /* One long string */
484 if (!TTEST2(*cp, len))
485 return(NULL);
486 if (fn_printn(cp, len, snapend))
487 return(NULL);
488 break;
489
490 case T_TSIG:
491 {
492 if (cp + len > snapend)
493 return(NULL);
494 if (!vflag)
495 break;
496 putchar(' ');
497 if ((cp = ns_nprint(cp, bp)) == NULL)
498 return(NULL);
499 cp += 6;
500 if (!TTEST2(*cp, 2))
501 return(NULL);
502 printf(" fudge=%u", EXTRACT_16BITS(cp));
503 cp += 2;
504 if (!TTEST2(*cp, 2))
505 return(NULL);
506 printf(" maclen=%u", EXTRACT_16BITS(cp));
507 cp += 2 + EXTRACT_16BITS(cp);
508 if (!TTEST2(*cp, 2))
509 return(NULL);
510 printf(" origid=%u", EXTRACT_16BITS(cp));
511 cp += 2;
512 if (!TTEST2(*cp, 2))
513 return(NULL);
514 printf(" error=%u", EXTRACT_16BITS(cp));
515 cp += 2;
516 if (!TTEST2(*cp, 2))
517 return(NULL);
518 printf(" otherlen=%u", EXTRACT_16BITS(cp));
519 cp += 2;
520 }
521 }
522 return (rp); /* XXX This isn't always right */
523 }
524
525 void
526 ns_print(register const u_char *bp, u_int length, int is_mdns)
527 {
528 register const HEADER *np;
529 register int qdcount, ancount, nscount, arcount;
530 register const u_char *cp;
531 u_int16_t b2;
532
533 np = (const HEADER *)bp;
534 TCHECK(*np);
535 /* get the byte-order right */
536 qdcount = EXTRACT_16BITS(&np->qdcount);
537 ancount = EXTRACT_16BITS(&np->ancount);
538 nscount = EXTRACT_16BITS(&np->nscount);
539 arcount = EXTRACT_16BITS(&np->arcount);
540
541 if (DNS_QR(np)) {
542 /* this is a response */
543 printf(" %d%s%s%s%s%s%s",
544 EXTRACT_16BITS(&np->id),
545 ns_ops[DNS_OPCODE(np)],
546 ns_resp[DNS_RCODE(np)],
547 DNS_AA(np)? "*" : "",
548 DNS_RA(np)? "" : "-",
549 DNS_TC(np)? "|" : "",
550 DNS_AD(np)? "$" : "");
551
552 if (qdcount != 1)
553 printf(" [%dq]", qdcount);
554 /* Print QUESTION section on -vv */
555 cp = (const u_char *)(np + 1);
556 while (qdcount--) {
557 if (qdcount < EXTRACT_16BITS(&np->qdcount) - 1)
558 putchar(',');
559 if (vflag > 1) {
560 fputs(" q:", stdout);
561 if ((cp = ns_qprint(cp, bp, is_mdns)) == NULL)
562 goto trunc;
563 } else {
564 if ((cp = ns_nskip(cp)) == NULL)
565 goto trunc;
566 cp += 4; /* skip QTYPE and QCLASS */
567 }
568 }
569 printf(" %d/%d/%d", ancount, nscount, arcount);
570 if (ancount--) {
571 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
572 goto trunc;
573 while (cp < snapend && ancount--) {
574 putchar(',');
575 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
576 goto trunc;
577 }
578 }
579 if (ancount > 0)
580 goto trunc;
581 /* Print NS and AR sections on -vv */
582 if (vflag > 1) {
583 if (cp < snapend && nscount--) {
584 fputs(" ns:", stdout);
585 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
586 goto trunc;
587 while (cp < snapend && nscount--) {
588 putchar(',');
589 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
590 goto trunc;
591 }
592 }
593 if (nscount > 0)
594 goto trunc;
595 if (cp < snapend && arcount--) {
596 fputs(" ar:", stdout);
597 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
598 goto trunc;
599 while (cp < snapend && arcount--) {
600 putchar(',');
601 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
602 goto trunc;
603 }
604 }
605 if (arcount > 0)
606 goto trunc;
607 }
608 }
609 else {
610 /* this is a request */
611 printf(" %d%s%s%s", EXTRACT_16BITS(&np->id), ns_ops[DNS_OPCODE(np)],
612 DNS_RD(np) ? "+" : "",
613 DNS_CD(np) ? "%" : "");
614
615 /* any weirdness? */
616 b2 = EXTRACT_16BITS(((u_short *)np)+1);
617 if (b2 & 0x6cf)
618 printf(" [b2&3=0x%x]", b2);
619
620 if (DNS_OPCODE(np) == IQUERY) {
621 if (qdcount)
622 printf(" [%dq]", qdcount);
623 if (ancount != 1)
624 printf(" [%da]", ancount);
625 }
626 else {
627 if (ancount)
628 printf(" [%da]", ancount);
629 if (qdcount != 1)
630 printf(" [%dq]", qdcount);
631 }
632 if (nscount)
633 printf(" [%dn]", nscount);
634 if (arcount)
635 printf(" [%dau]", arcount);
636
637 cp = (const u_char *)(np + 1);
638 if (qdcount--) {
639 cp = ns_qprint(cp, (const u_char *)np, is_mdns);
640 if (!cp)
641 goto trunc;
642 while (cp < snapend && qdcount--) {
643 cp = ns_qprint((const u_char *)cp,
644 (const u_char *)np,
645 is_mdns);
646 if (!cp)
647 goto trunc;
648 }
649 }
650 if (qdcount > 0)
651 goto trunc;
652
653 /* Print remaining sections on -vv */
654 if (vflag > 1) {
655 if (ancount--) {
656 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
657 goto trunc;
658 while (cp < snapend && ancount--) {
659 putchar(',');
660 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
661 goto trunc;
662 }
663 }
664 if (ancount > 0)
665 goto trunc;
666 if (cp < snapend && nscount--) {
667 fputs(" ns:", stdout);
668 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
669 goto trunc;
670 while (nscount-- && cp < snapend) {
671 putchar(',');
672 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
673 goto trunc;
674 }
675 }
676 if (nscount > 0)
677 goto trunc;
678 if (cp < snapend && arcount--) {
679 fputs(" ar:", stdout);
680 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
681 goto trunc;
682 while (cp < snapend && arcount--) {
683 putchar(',');
684 if ((cp = ns_rprint(cp, bp, is_mdns)) == NULL)
685 goto trunc;
686 }
687 }
688 if (arcount > 0)
689 goto trunc;
690 }
691 }
692 printf(" (%d)", length);
693 return;
694
695 trunc:
696 printf("[|domain]");
697 return;
698 }
[mirror] the TCPdump network dissector