]> The Tcpdump Group git mirrors - tcpdump/blob - print-nfs.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove 96 assorted ND_TCHECK calls.
[tcpdump] / print-nfs.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Network File System (NFS) printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32 #include <limits.h>
33
34 #include "netdissect.h"
35 #include "addrtoname.h"
36 #include "extract.h"
37
38 #include "nfs.h"
39 #include "nfsfh.h"
40
41 #include "ip.h"
42 #include "ip6.h"
43 #include "rpc_auth.h"
44 #include "rpc_msg.h"
45
46
47 static void nfs_printfh(netdissect_options *, const uint32_t *, const u_int);
48 static int xid_map_enter(netdissect_options *, const struct sunrpc_msg *, const u_char *);
49 static int xid_map_find(netdissect_options *, const struct sunrpc_msg *, const u_char *, uint32_t *, uint32_t *);
50 static void interp_reply(netdissect_options *, const struct sunrpc_msg *, uint32_t, uint32_t, int);
51 static const uint32_t *parse_post_op_attr(netdissect_options *, const uint32_t *, int);
52
53 /*
54 * Mapping of old NFS Version 2 RPC numbers to generic numbers.
55 */
56 static uint32_t nfsv3_procid[NFS_NPROCS] = {
57 NFSPROC_NULL,
58 NFSPROC_GETATTR,
59 NFSPROC_SETATTR,
60 NFSPROC_NOOP,
61 NFSPROC_LOOKUP,
62 NFSPROC_READLINK,
63 NFSPROC_READ,
64 NFSPROC_NOOP,
65 NFSPROC_WRITE,
66 NFSPROC_CREATE,
67 NFSPROC_REMOVE,
68 NFSPROC_RENAME,
69 NFSPROC_LINK,
70 NFSPROC_SYMLINK,
71 NFSPROC_MKDIR,
72 NFSPROC_RMDIR,
73 NFSPROC_READDIR,
74 NFSPROC_FSSTAT,
75 NFSPROC_NOOP,
76 NFSPROC_NOOP,
77 NFSPROC_NOOP,
78 NFSPROC_NOOP,
79 NFSPROC_NOOP,
80 NFSPROC_NOOP,
81 NFSPROC_NOOP,
82 NFSPROC_NOOP
83 };
84
85 static const struct tok nfsproc_str[] = {
86 { NFSPROC_NOOP, "nop" },
87 { NFSPROC_NULL, "null" },
88 { NFSPROC_GETATTR, "getattr" },
89 { NFSPROC_SETATTR, "setattr" },
90 { NFSPROC_LOOKUP, "lookup" },
91 { NFSPROC_ACCESS, "access" },
92 { NFSPROC_READLINK, "readlink" },
93 { NFSPROC_READ, "read" },
94 { NFSPROC_WRITE, "write" },
95 { NFSPROC_CREATE, "create" },
96 { NFSPROC_MKDIR, "mkdir" },
97 { NFSPROC_SYMLINK, "symlink" },
98 { NFSPROC_MKNOD, "mknod" },
99 { NFSPROC_REMOVE, "remove" },
100 { NFSPROC_RMDIR, "rmdir" },
101 { NFSPROC_RENAME, "rename" },
102 { NFSPROC_LINK, "link" },
103 { NFSPROC_READDIR, "readdir" },
104 { NFSPROC_READDIRPLUS, "readdirplus" },
105 { NFSPROC_FSSTAT, "fsstat" },
106 { NFSPROC_FSINFO, "fsinfo" },
107 { NFSPROC_PATHCONF, "pathconf" },
108 { NFSPROC_COMMIT, "commit" },
109 { 0, NULL }
110 };
111
112 /*
113 * NFS V2 and V3 status values.
114 *
115 * Some of these come from the RFCs for NFS V2 and V3, with the message
116 * strings taken from the FreeBSD C library "errlst.c".
117 *
118 * Others are errors that are not in the RFC but that I suspect some
119 * NFS servers could return; the values are FreeBSD errno values, as
120 * the first NFS server was the SunOS 2.0 one, and until 5.0 SunOS
121 * was primarily BSD-derived.
122 */
123 static const struct tok status2str[] = {
124 { 1, "Operation not permitted" }, /* EPERM */
125 { 2, "No such file or directory" }, /* ENOENT */
126 { 5, "Input/output error" }, /* EIO */
127 { 6, "Device not configured" }, /* ENXIO */
128 { 11, "Resource deadlock avoided" }, /* EDEADLK */
129 { 12, "Cannot allocate memory" }, /* ENOMEM */
130 { 13, "Permission denied" }, /* EACCES */
131 { 17, "File exists" }, /* EEXIST */
132 { 18, "Cross-device link" }, /* EXDEV */
133 { 19, "Operation not supported by device" }, /* ENODEV */
134 { 20, "Not a directory" }, /* ENOTDIR */
135 { 21, "Is a directory" }, /* EISDIR */
136 { 22, "Invalid argument" }, /* EINVAL */
137 { 26, "Text file busy" }, /* ETXTBSY */
138 { 27, "File too large" }, /* EFBIG */
139 { 28, "No space left on device" }, /* ENOSPC */
140 { 30, "Read-only file system" }, /* EROFS */
141 { 31, "Too many links" }, /* EMLINK */
142 { 45, "Operation not supported" }, /* EOPNOTSUPP */
143 { 62, "Too many levels of symbolic links" }, /* ELOOP */
144 { 63, "File name too long" }, /* ENAMETOOLONG */
145 { 66, "Directory not empty" }, /* ENOTEMPTY */
146 { 69, "Disc quota exceeded" }, /* EDQUOT */
147 { 70, "Stale NFS file handle" }, /* ESTALE */
148 { 71, "Too many levels of remote in path" }, /* EREMOTE */
149 { 99, "Write cache flushed to disk" }, /* NFSERR_WFLUSH (not used) */
150 { 10001, "Illegal NFS file handle" }, /* NFS3ERR_BADHANDLE */
151 { 10002, "Update synchronization mismatch" }, /* NFS3ERR_NOT_SYNC */
152 { 10003, "READDIR/READDIRPLUS cookie is stale" }, /* NFS3ERR_BAD_COOKIE */
153 { 10004, "Operation not supported" }, /* NFS3ERR_NOTSUPP */
154 { 10005, "Buffer or request is too small" }, /* NFS3ERR_TOOSMALL */
155 { 10006, "Unspecified error on server" }, /* NFS3ERR_SERVERFAULT */
156 { 10007, "Object of that type not supported" }, /* NFS3ERR_BADTYPE */
157 { 10008, "Request couldn't be completed in time" }, /* NFS3ERR_JUKEBOX */
158 { 0, NULL }
159 };
160
161 static const struct tok nfsv3_writemodes[] = {
162 { 0, "unstable" },
163 { 1, "datasync" },
164 { 2, "filesync" },
165 { 0, NULL }
166 };
167
168 static const struct tok type2str[] = {
169 { NFNON, "NON" },
170 { NFREG, "REG" },
171 { NFDIR, "DIR" },
172 { NFBLK, "BLK" },
173 { NFCHR, "CHR" },
174 { NFLNK, "LNK" },
175 { NFFIFO, "FIFO" },
176 { 0, NULL }
177 };
178
179 static const struct tok sunrpc_auth_str[] = {
180 { SUNRPC_AUTH_OK, "OK" },
181 { SUNRPC_AUTH_BADCRED, "Bogus Credentials (seal broken)" },
182 { SUNRPC_AUTH_REJECTEDCRED, "Rejected Credentials (client should begin new session)" },
183 { SUNRPC_AUTH_BADVERF, "Bogus Verifier (seal broken)" },
184 { SUNRPC_AUTH_REJECTEDVERF, "Verifier expired or was replayed" },
185 { SUNRPC_AUTH_TOOWEAK, "Credentials are too weak" },
186 { SUNRPC_AUTH_INVALIDRESP, "Bogus response verifier" },
187 { SUNRPC_AUTH_FAILED, "Unknown failure" },
188 { 0, NULL }
189 };
190
191 static const struct tok sunrpc_str[] = {
192 { SUNRPC_PROG_UNAVAIL, "PROG_UNAVAIL" },
193 { SUNRPC_PROG_MISMATCH, "PROG_MISMATCH" },
194 { SUNRPC_PROC_UNAVAIL, "PROC_UNAVAIL" },
195 { SUNRPC_GARBAGE_ARGS, "GARBAGE_ARGS" },
196 { SUNRPC_SYSTEM_ERR, "SYSTEM_ERR" },
197 { 0, NULL }
198 };
199
200 static void
201 print_nfsaddr(netdissect_options *ndo,
202 const u_char *bp, const char *s, const char *d)
203 {
204 const struct ip *ip;
205 const struct ip6_hdr *ip6;
206 char srcaddr[INET6_ADDRSTRLEN], dstaddr[INET6_ADDRSTRLEN];
207
208 srcaddr[0] = dstaddr[0] = '\0';
209 switch (IP_V((const struct ip *)bp)) {
210 case 4:
211 ip = (const struct ip *)bp;
212 strlcpy(srcaddr, GET_IPADDR_STRING(ip->ip_src), sizeof(srcaddr));
213 strlcpy(dstaddr, GET_IPADDR_STRING(ip->ip_dst), sizeof(dstaddr));
214 break;
215 case 6:
216 ip6 = (const struct ip6_hdr *)bp;
217 strlcpy(srcaddr, GET_IP6ADDR_STRING(ip6->ip6_src),
218 sizeof(srcaddr));
219 strlcpy(dstaddr, GET_IP6ADDR_STRING(ip6->ip6_dst),
220 sizeof(dstaddr));
221 break;
222 default:
223 strlcpy(srcaddr, "?", sizeof(srcaddr));
224 strlcpy(dstaddr, "?", sizeof(dstaddr));
225 break;
226 }
227
228 ND_PRINT("%s.%s > %s.%s: ", srcaddr, s, dstaddr, d);
229 }
230
231 /*
232 * NFS Version 3 sattr3 structure for the new node creation case.
233 * This does not have a fixed layout on the network, so this
234 * structure does not correspond to the layout of the data on
235 * the network; it's used to store the data when the sattr3
236 * is parsed for use when it's later printed.
237 */
238 struct nfsv3_sattr {
239 uint32_t sa_modeset;
240 uint32_t sa_mode;
241 uint32_t sa_uidset;
242 uint32_t sa_uid;
243 uint32_t sa_gidset;
244 uint32_t sa_gid;
245 uint32_t sa_sizeset;
246 uint32_t sa_size;
247 uint32_t sa_atimetype;
248 struct {
249 uint32_t nfsv3_sec;
250 uint32_t nfsv3_nsec;
251 } sa_atime;
252 uint32_t sa_mtimetype;
253 struct {
254 uint32_t nfsv3_sec;
255 uint32_t nfsv3_nsec;
256 } sa_mtime;
257 };
258
259 static const uint32_t *
260 parse_sattr3(netdissect_options *ndo,
261 const uint32_t *dp, struct nfsv3_sattr *sa3)
262 {
263 sa3->sa_modeset = GET_BE_U_4(dp);
264 dp++;
265 if (sa3->sa_modeset) {
266 sa3->sa_mode = GET_BE_U_4(dp);
267 dp++;
268 }
269
270 sa3->sa_uidset = GET_BE_U_4(dp);
271 dp++;
272 if (sa3->sa_uidset) {
273 sa3->sa_uid = GET_BE_U_4(dp);
274 dp++;
275 }
276
277 sa3->sa_gidset = GET_BE_U_4(dp);
278 dp++;
279 if (sa3->sa_gidset) {
280 sa3->sa_gid = GET_BE_U_4(dp);
281 dp++;
282 }
283
284 sa3->sa_sizeset = GET_BE_U_4(dp);
285 dp++;
286 if (sa3->sa_sizeset) {
287 sa3->sa_size = GET_BE_U_4(dp);
288 dp++;
289 }
290
291 sa3->sa_atimetype = GET_BE_U_4(dp);
292 dp++;
293 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT) {
294 sa3->sa_atime.nfsv3_sec = GET_BE_U_4(dp);
295 dp++;
296 sa3->sa_atime.nfsv3_nsec = GET_BE_U_4(dp);
297 dp++;
298 }
299
300 sa3->sa_mtimetype = GET_BE_U_4(dp);
301 dp++;
302 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT) {
303 sa3->sa_mtime.nfsv3_sec = GET_BE_U_4(dp);
304 dp++;
305 sa3->sa_mtime.nfsv3_nsec = GET_BE_U_4(dp);
306 dp++;
307 }
308
309 return dp;
310 }
311
312 static void
313 print_sattr3(netdissect_options *ndo,
314 const struct nfsv3_sattr *sa3, int verbose)
315 {
316 if (sa3->sa_modeset)
317 ND_PRINT(" mode %o", sa3->sa_mode);
318 if (sa3->sa_uidset)
319 ND_PRINT(" uid %u", sa3->sa_uid);
320 if (sa3->sa_gidset)
321 ND_PRINT(" gid %u", sa3->sa_gid);
322 if (verbose > 1) {
323 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT)
324 ND_PRINT(" atime %u.%06u", sa3->sa_atime.nfsv3_sec,
325 sa3->sa_atime.nfsv3_nsec);
326 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT)
327 ND_PRINT(" mtime %u.%06u", sa3->sa_mtime.nfsv3_sec,
328 sa3->sa_mtime.nfsv3_nsec);
329 }
330 }
331
332 void
333 nfsreply_print(netdissect_options *ndo,
334 const u_char *bp, u_int length,
335 const u_char *bp2)
336 {
337 const struct sunrpc_msg *rp;
338 char srcid[20], dstid[20]; /*fits 32bit*/
339
340 ndo->ndo_protocol = "nfs";
341 rp = (const struct sunrpc_msg *)bp;
342
343 ND_TCHECK_4(rp->rm_xid);
344 if (!ndo->ndo_nflag) {
345 strlcpy(srcid, "nfs", sizeof(srcid));
346 snprintf(dstid, sizeof(dstid), "%u",
347 GET_BE_U_4(rp->rm_xid));
348 } else {
349 snprintf(srcid, sizeof(srcid), "%u", NFS_PORT);
350 snprintf(dstid, sizeof(dstid), "%u",
351 GET_BE_U_4(rp->rm_xid));
352 }
353 print_nfsaddr(ndo, bp2, srcid, dstid);
354
355 nfsreply_noaddr_print(ndo, bp, length, bp2);
356 return;
357
358 trunc:
359 nd_print_trunc(ndo);
360 }
361
362 void
363 nfsreply_noaddr_print(netdissect_options *ndo,
364 const u_char *bp, u_int length,
365 const u_char *bp2)
366 {
367 const struct sunrpc_msg *rp;
368 uint32_t proc, vers, reply_stat;
369 enum sunrpc_reject_stat rstat;
370 uint32_t rlow;
371 uint32_t rhigh;
372 enum sunrpc_auth_stat rwhy;
373
374 ndo->ndo_protocol = "nfs";
375 rp = (const struct sunrpc_msg *)bp;
376
377 ND_TCHECK_4(rp->rm_reply.rp_stat);
378 reply_stat = GET_BE_U_4(&rp->rm_reply.rp_stat);
379 switch (reply_stat) {
380
381 case SUNRPC_MSG_ACCEPTED:
382 ND_PRINT("reply ok %u", length);
383 if (xid_map_find(ndo, rp, bp2, &proc, &vers) >= 0)
384 interp_reply(ndo, rp, proc, vers, length);
385 break;
386
387 case SUNRPC_MSG_DENIED:
388 ND_PRINT("reply ERR %u: ", length);
389 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_stat);
390 rstat = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_stat);
391 switch (rstat) {
392
393 case SUNRPC_RPC_MISMATCH:
394 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_vers.high);
395 rlow = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.low);
396 rhigh = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.high);
397 ND_PRINT("RPC Version mismatch (%u-%u)", rlow, rhigh);
398 break;
399
400 case SUNRPC_AUTH_ERROR:
401 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_why);
402 rwhy = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_why);
403 ND_PRINT("Auth %s", tok2str(sunrpc_auth_str, "Invalid failure code %u", rwhy));
404 break;
405
406 default:
407 ND_PRINT("Unknown reason for rejecting rpc message %u", (unsigned int)rstat);
408 break;
409 }
410 break;
411
412 default:
413 ND_PRINT("reply Unknown rpc response code=%u %u", reply_stat, length);
414 break;
415 }
416 return;
417
418 trunc:
419 nd_print_trunc(ndo);
420 }
421
422 /*
423 * Return a pointer to the first file handle in the packet.
424 * If the packet was truncated, return 0.
425 */
426 static const uint32_t *
427 parsereq(netdissect_options *ndo,
428 const struct sunrpc_msg *rp, u_int length)
429 {
430 const uint32_t *dp;
431 u_int len, rounded_len;
432
433 /*
434 * Find the start of the req data (if we captured it).
435 * First, get the length of the credentials, and make sure
436 * we have all of the opaque part of the credentials.
437 */
438 dp = (const uint32_t *)&rp->rm_call.cb_cred;
439 if (length < 2 * sizeof(*dp))
440 goto trunc;
441 len = GET_BE_U_4(dp + 1);
442 rounded_len = roundup2(len, 4);
443 ND_TCHECK_LEN(dp + 2, rounded_len);
444 if (2 * sizeof(*dp) + rounded_len <= length) {
445 /*
446 * We have all of the credentials. Skip past them; they
447 * consist of 4 bytes of flavor, 4 bytes of length,
448 * and len-rounded-up-to-a-multiple-of-4 bytes of
449 * data.
450 */
451 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
452 length -= 2 * sizeof(*dp) + rounded_len;
453
454 /*
455 * Now get the length of the verifier, and make sure
456 * we have all of the opaque part of the verifier.
457 */
458 if (length < 2 * sizeof(*dp))
459 goto trunc;
460 len = GET_BE_U_4(dp + 1);
461 rounded_len = roundup2(len, 4);
462 ND_TCHECK_LEN(dp + 2, rounded_len);
463 if (2 * sizeof(*dp) + rounded_len < length) {
464 /*
465 * We have all of the verifier. Skip past it;
466 * it consists of 4 bytes of flavor, 4 bytes of
467 * length, and len-rounded-up-to-a-multiple-of-4
468 * bytes of data.
469 */
470 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
471 return (dp);
472 }
473 }
474 trunc:
475 return (NULL);
476 }
477
478 /*
479 * Print out an NFS file handle and return a pointer to following word.
480 * If packet was truncated, return 0.
481 */
482 static const uint32_t *
483 parsefh(netdissect_options *ndo,
484 const uint32_t *dp, int v3)
485 {
486 u_int len;
487
488 if (v3) {
489 len = GET_BE_U_4(dp) / 4;
490 dp++;
491 } else
492 len = NFSX_V2FH / 4;
493
494 if (ND_TTEST_LEN(dp, len * sizeof(*dp))) {
495 nfs_printfh(ndo, dp, len);
496 return (dp + len);
497 } else
498 return NULL;
499 }
500
501 /*
502 * Print out a file name and return pointer to 32-bit word past it.
503 * If packet was truncated, return 0.
504 */
505 static const uint32_t *
506 parsefn(netdissect_options *ndo,
507 const uint32_t *dp)
508 {
509 uint32_t len, rounded_len;
510 const u_char *cp;
511
512 /* Fetch big-endian string length */
513 len = GET_BE_U_4(dp);
514 dp++;
515
516 if (UINT_MAX - len < 3) {
517 ND_PRINT("[cannot pad to 32-bit boundaries]");
518 nd_print_invalid(ndo);
519 return NULL;
520 }
521
522 rounded_len = roundup2(len, 4);
523 ND_TCHECK_LEN(dp, rounded_len);
524
525 cp = (const u_char *)dp;
526 /* Update 32-bit pointer (NFS filenames padded to 32-bit boundaries) */
527 dp += rounded_len / sizeof(*dp);
528 ND_PRINT("\"");
529 if (nd_printn(ndo, cp, len, ndo->ndo_snapend)) {
530 ND_PRINT("\"");
531 goto trunc;
532 }
533 ND_PRINT("\"");
534
535 return (dp);
536 trunc:
537 return NULL;
538 }
539
540 /*
541 * Print out file handle and file name.
542 * Return pointer to 32-bit word past file name.
543 * If packet was truncated (or there was some other error), return 0.
544 */
545 static const uint32_t *
546 parsefhn(netdissect_options *ndo,
547 const uint32_t *dp, int v3)
548 {
549 dp = parsefh(ndo, dp, v3);
550 if (dp == NULL)
551 return (NULL);
552 ND_PRINT(" ");
553 return (parsefn(ndo, dp));
554 }
555
556 void
557 nfsreq_noaddr_print(netdissect_options *ndo,
558 const u_char *bp, u_int length,
559 const u_char *bp2)
560 {
561 const struct sunrpc_msg *rp;
562 const uint32_t *dp;
563 nfs_type type;
564 int v3;
565 uint32_t proc;
566 uint32_t access_flags;
567 struct nfsv3_sattr sa3;
568
569 ndo->ndo_protocol = "nfs";
570 ND_PRINT("%u", length);
571 rp = (const struct sunrpc_msg *)bp;
572
573 if (!xid_map_enter(ndo, rp, bp2)) /* record proc number for later on */
574 goto trunc;
575
576 v3 = (GET_BE_U_4(&rp->rm_call.cb_vers) == NFS_VER3);
577 proc = GET_BE_U_4(&rp->rm_call.cb_proc);
578
579 if (!v3 && proc < NFS_NPROCS)
580 proc = nfsv3_procid[proc];
581
582 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
583 switch (proc) {
584
585 case NFSPROC_GETATTR:
586 case NFSPROC_SETATTR:
587 case NFSPROC_READLINK:
588 case NFSPROC_FSSTAT:
589 case NFSPROC_FSINFO:
590 case NFSPROC_PATHCONF:
591 dp = parsereq(ndo, rp, length);
592 if (dp == NULL)
593 goto trunc;
594 if (parsefh(ndo, dp, v3) == NULL)
595 goto trunc;
596 break;
597
598 case NFSPROC_LOOKUP:
599 case NFSPROC_CREATE:
600 case NFSPROC_MKDIR:
601 case NFSPROC_REMOVE:
602 case NFSPROC_RMDIR:
603 dp = parsereq(ndo, rp, length);
604 if (dp == NULL)
605 goto trunc;
606 if (parsefhn(ndo, dp, v3) == NULL)
607 goto trunc;
608 break;
609
610 case NFSPROC_ACCESS:
611 dp = parsereq(ndo, rp, length);
612 if (dp == NULL)
613 goto trunc;
614 dp = parsefh(ndo, dp, v3);
615 if (dp == NULL)
616 goto trunc;
617 access_flags = GET_BE_U_4(dp);
618 if (access_flags & ~NFSV3ACCESS_FULL) {
619 /* NFSV3ACCESS definitions aren't up to date */
620 ND_PRINT(" %04x", access_flags);
621 } else if ((access_flags & NFSV3ACCESS_FULL) == NFSV3ACCESS_FULL) {
622 ND_PRINT(" NFS_ACCESS_FULL");
623 } else {
624 char separator = ' ';
625 if (access_flags & NFSV3ACCESS_READ) {
626 ND_PRINT(" NFS_ACCESS_READ");
627 separator = '|';
628 }
629 if (access_flags & NFSV3ACCESS_LOOKUP) {
630 ND_PRINT("%cNFS_ACCESS_LOOKUP", separator);
631 separator = '|';
632 }
633 if (access_flags & NFSV3ACCESS_MODIFY) {
634 ND_PRINT("%cNFS_ACCESS_MODIFY", separator);
635 separator = '|';
636 }
637 if (access_flags & NFSV3ACCESS_EXTEND) {
638 ND_PRINT("%cNFS_ACCESS_EXTEND", separator);
639 separator = '|';
640 }
641 if (access_flags & NFSV3ACCESS_DELETE) {
642 ND_PRINT("%cNFS_ACCESS_DELETE", separator);
643 separator = '|';
644 }
645 if (access_flags & NFSV3ACCESS_EXECUTE)
646 ND_PRINT("%cNFS_ACCESS_EXECUTE", separator);
647 }
648 break;
649
650 case NFSPROC_READ:
651 dp = parsereq(ndo, rp, length);
652 if (dp == NULL)
653 goto trunc;
654 dp = parsefh(ndo, dp, v3);
655 if (dp == NULL)
656 goto trunc;
657 if (v3) {
658 ND_PRINT(" %u bytes @ %" PRIu64,
659 GET_BE_U_4(dp + 2),
660 GET_BE_U_8(dp));
661 } else {
662 ND_PRINT(" %u bytes @ %u",
663 GET_BE_U_4(dp + 1),
664 GET_BE_U_4(dp));
665 }
666 break;
667
668 case NFSPROC_WRITE:
669 dp = parsereq(ndo, rp, length);
670 if (dp == NULL)
671 goto trunc;
672 dp = parsefh(ndo, dp, v3);
673 if (dp == NULL)
674 goto trunc;
675 if (v3) {
676 ND_PRINT(" %u (%u) bytes @ %" PRIu64,
677 GET_BE_U_4(dp + 4),
678 GET_BE_U_4(dp + 2),
679 GET_BE_U_8(dp));
680 if (ndo->ndo_vflag) {
681 ND_PRINT(" <%s>",
682 tok2str(nfsv3_writemodes,
683 NULL, GET_BE_U_4(dp + 3)));
684 }
685 } else {
686 ND_PRINT(" %u (%u) bytes @ %u (%u)",
687 GET_BE_U_4(dp + 3),
688 GET_BE_U_4(dp + 2),
689 GET_BE_U_4(dp + 1),
690 GET_BE_U_4(dp));
691 }
692 break;
693
694 case NFSPROC_SYMLINK:
695 dp = parsereq(ndo, rp, length);
696 if (dp == NULL)
697 goto trunc;
698 dp = parsefhn(ndo, dp, v3);
699 if (dp == NULL)
700 goto trunc;
701 ND_PRINT(" ->");
702 if (v3 && (dp = parse_sattr3(ndo, dp, &sa3)) == NULL)
703 goto trunc;
704 if (parsefn(ndo, dp) == NULL)
705 goto trunc;
706 if (v3 && ndo->ndo_vflag)
707 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
708 break;
709
710 case NFSPROC_MKNOD:
711 dp = parsereq(ndo, rp, length);
712 if (dp == NULL)
713 goto trunc;
714 dp = parsefhn(ndo, dp, v3);
715 if (dp == NULL)
716 goto trunc;
717 type = (nfs_type) GET_BE_U_4(dp);
718 dp++;
719 dp = parse_sattr3(ndo, dp, &sa3);
720 if (dp == NULL)
721 goto trunc;
722 ND_PRINT(" %s", tok2str(type2str, "unk-ft %u", type));
723 if (ndo->ndo_vflag && (type == NFCHR || type == NFBLK)) {
724 ND_PRINT(" %u/%u",
725 GET_BE_U_4(dp),
726 GET_BE_U_4(dp + 1));
727 dp += 2;
728 }
729 if (ndo->ndo_vflag)
730 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
731 break;
732
733 case NFSPROC_RENAME:
734 dp = parsereq(ndo, rp, length);
735 if (dp == NULL)
736 goto trunc;
737 dp = parsefhn(ndo, dp, v3);
738 if (dp == NULL)
739 goto trunc;
740 ND_PRINT(" ->");
741 if (parsefhn(ndo, dp, v3) == NULL)
742 goto trunc;
743 break;
744
745 case NFSPROC_LINK:
746 dp = parsereq(ndo, rp, length);
747 if (dp == NULL)
748 goto trunc;
749 dp = parsefh(ndo, dp, v3);
750 if (dp == NULL)
751 goto trunc;
752 ND_PRINT(" ->");
753 if (parsefhn(ndo, dp, v3) == NULL)
754 goto trunc;
755 break;
756
757 case NFSPROC_READDIR:
758 dp = parsereq(ndo, rp, length);
759 if (dp == NULL)
760 goto trunc;
761 dp = parsefh(ndo, dp, v3);
762 if (dp == NULL)
763 goto trunc;
764 if (v3) {
765 /*
766 * We shouldn't really try to interpret the
767 * offset cookie here.
768 */
769 ND_PRINT(" %u bytes @ %" PRId64,
770 GET_BE_U_4(dp + 4),
771 GET_BE_U_8(dp));
772 if (ndo->ndo_vflag) {
773 /*
774 * This displays the 8 bytes
775 * of the verifier in order,
776 * from the low-order byte
777 * to the high-order byte.
778 */
779 ND_PRINT(" verf %08x%08x",
780 GET_BE_U_4(dp + 2),
781 GET_BE_U_4(dp + 3));
782 }
783 } else {
784 /*
785 * Print the offset as signed, since -1 is
786 * common, but offsets > 2^31 aren't.
787 */
788 ND_PRINT(" %u bytes @ %u",
789 GET_BE_U_4(dp + 1),
790 GET_BE_U_4(dp));
791 }
792 break;
793
794 case NFSPROC_READDIRPLUS:
795 dp = parsereq(ndo, rp, length);
796 if (dp == NULL)
797 goto trunc;
798 dp = parsefh(ndo, dp, v3);
799 if (dp == NULL)
800 goto trunc;
801 /*
802 * We don't try to interpret the offset
803 * cookie here.
804 */
805 ND_PRINT(" %u bytes @ %" PRId64,
806 GET_BE_U_4(dp + 4),
807 GET_BE_U_8(dp));
808 if (ndo->ndo_vflag) {
809 /*
810 * This displays the 8 bytes
811 * of the verifier in order,
812 * from the low-order byte
813 * to the high-order byte.
814 */
815 ND_PRINT(" max %u verf %08x%08x",
816 GET_BE_U_4(dp + 5),
817 GET_BE_U_4(dp + 2),
818 GET_BE_U_4(dp + 3));
819 }
820 break;
821
822 case NFSPROC_COMMIT:
823 dp = parsereq(ndo, rp, length);
824 if (dp == NULL)
825 goto trunc;
826 dp = parsefh(ndo, dp, v3);
827 if (dp == NULL)
828 goto trunc;
829 ND_PRINT(" %u bytes @ %" PRIu64,
830 GET_BE_U_4(dp + 2),
831 GET_BE_U_8(dp));
832 break;
833
834 default:
835 break;
836 }
837 return;
838
839 trunc:
840 nd_print_trunc(ndo);
841 }
842
843 /*
844 * Print out an NFS file handle.
845 * We assume packet was not truncated before the end of the
846 * file handle pointed to by dp.
847 *
848 * Note: new version (using portable file-handle parser) doesn't produce
849 * generation number. It probably could be made to do that, with some
850 * additional hacking on the parser code.
851 */
852 static void
853 nfs_printfh(netdissect_options *ndo,
854 const uint32_t *dp, const u_int len)
855 {
856 my_fsid fsid;
857 uint32_t ino;
858 const char *sfsname = NULL;
859 char *spacep;
860
861 if (ndo->ndo_uflag) {
862 u_int i;
863 char const *sep = "";
864
865 ND_PRINT(" fh[");
866 for (i=0; i<len; i++) {
867 /*
868 * This displays 4 bytes in big-endian byte
869 * order. That's as good a choice as little-
870 * endian, as there's no guarantee that the
871 * server is big-endian or little-endian or
872 * that the file handle contains 4-byte
873 * integral fields, and is better than "the
874 * byte order of the host running tcpdump", as
875 * the latter means that different hosts
876 * running tcpdump may show the same file
877 * handle in different ways.
878 */
879 ND_PRINT("%s%x", sep, GET_BE_U_4(dp + i));
880 sep = ":";
881 }
882 ND_PRINT("]");
883 return;
884 }
885
886 Parse_fh(ndo, (const u_char *)dp, len, &fsid, &ino, NULL, &sfsname, 0);
887
888 if (sfsname) {
889 /* file system ID is ASCII, not numeric, for this server OS */
890 char temp[NFSX_V3FHMAX+1];
891 u_int stringlen;
892
893 /* Make sure string is null-terminated */
894 stringlen = len;
895 if (stringlen > NFSX_V3FHMAX)
896 stringlen = NFSX_V3FHMAX;
897 strncpy(temp, sfsname, stringlen);
898 temp[stringlen] = '\0';
899 /* Remove trailing spaces */
900 spacep = strchr(temp, ' ');
901 if (spacep)
902 *spacep = '\0';
903
904 ND_PRINT(" fh %s/", temp);
905 } else {
906 ND_PRINT(" fh %u,%u/",
907 fsid.Fsid_dev.Major, fsid.Fsid_dev.Minor);
908 }
909
910 if(fsid.Fsid_dev.Minor == 257)
911 /* Print the undecoded handle */
912 ND_PRINT("%s", fsid.Opaque_Handle);
913 else
914 ND_PRINT("%ld", (long) ino);
915 }
916
917 /*
918 * Maintain a small cache of recent client.XID.server/proc pairs, to allow
919 * us to match up replies with requests and thus to know how to parse
920 * the reply.
921 */
922
923 struct xid_map_entry {
924 uint32_t xid; /* transaction ID (net order) */
925 int ipver; /* IP version (4 or 6) */
926 nd_ipv6 client; /* client IP address (net order) */
927 nd_ipv6 server; /* server IP address (net order) */
928 uint32_t proc; /* call proc number (host order) */
929 uint32_t vers; /* program version (host order) */
930 };
931
932 /*
933 * Map entries are kept in an array that we manage as a ring;
934 * new entries are always added at the tail of the ring. Initially,
935 * all the entries are zero and hence don't match anything.
936 */
937
938 #define XIDMAPSIZE 64
939
940 static struct xid_map_entry xid_map[XIDMAPSIZE];
941
942 static int xid_map_next = 0;
943 static int xid_map_hint = 0;
944
945 static int
946 xid_map_enter(netdissect_options *ndo,
947 const struct sunrpc_msg *rp, const u_char *bp)
948 {
949 const struct ip *ip = NULL;
950 const struct ip6_hdr *ip6 = NULL;
951 struct xid_map_entry *xmep;
952
953 if (!ND_TTEST_4(rp->rm_call.cb_proc))
954 return (0);
955 switch (IP_V((const struct ip *)bp)) {
956 case 4:
957 ip = (const struct ip *)bp;
958 break;
959 case 6:
960 ip6 = (const struct ip6_hdr *)bp;
961 break;
962 default:
963 return (1);
964 }
965
966 xmep = &xid_map[xid_map_next];
967
968 if (++xid_map_next >= XIDMAPSIZE)
969 xid_map_next = 0;
970
971 UNALIGNED_MEMCPY(&xmep->xid, &rp->rm_xid, sizeof(xmep->xid));
972 if (ip) {
973 xmep->ipver = 4;
974 UNALIGNED_MEMCPY(&xmep->client, ip->ip_src,
975 sizeof(ip->ip_src));
976 UNALIGNED_MEMCPY(&xmep->server, ip->ip_dst,
977 sizeof(ip->ip_dst));
978 }
979 else if (ip6) {
980 xmep->ipver = 6;
981 UNALIGNED_MEMCPY(&xmep->client, ip6->ip6_src,
982 sizeof(ip6->ip6_src));
983 UNALIGNED_MEMCPY(&xmep->server, ip6->ip6_dst,
984 sizeof(ip6->ip6_dst));
985 }
986 xmep->proc = GET_BE_U_4(&rp->rm_call.cb_proc);
987 xmep->vers = GET_BE_U_4(&rp->rm_call.cb_vers);
988 return (1);
989 }
990
991 /*
992 * Returns 0 and puts NFSPROC_xxx in proc return and
993 * version in vers return, or returns -1 on failure
994 */
995 static int
996 xid_map_find(netdissect_options *ndo, const struct sunrpc_msg *rp,
997 const u_char *bp, uint32_t *proc, uint32_t *vers)
998 {
999 int i;
1000 struct xid_map_entry *xmep;
1001 uint32_t xid;
1002 const struct ip *ip = (const struct ip *)bp;
1003 const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp;
1004 int cmp;
1005
1006 UNALIGNED_MEMCPY(&xid, &rp->rm_xid, sizeof(xmep->xid));
1007 /* Start searching from where we last left off */
1008 i = xid_map_hint;
1009 do {
1010 xmep = &xid_map[i];
1011 cmp = 1;
1012 if (xmep->ipver != IP_V(ip) || xmep->xid != xid)
1013 goto nextitem;
1014 switch (xmep->ipver) {
1015 case 4:
1016 if (UNALIGNED_MEMCMP(ip->ip_src, &xmep->server,
1017 sizeof(ip->ip_src)) != 0 ||
1018 UNALIGNED_MEMCMP(ip->ip_dst, &xmep->client,
1019 sizeof(ip->ip_dst)) != 0) {
1020 cmp = 0;
1021 }
1022 break;
1023 case 6:
1024 if (UNALIGNED_MEMCMP(ip6->ip6_src, &xmep->server,
1025 sizeof(ip6->ip6_src)) != 0 ||
1026 UNALIGNED_MEMCMP(ip6->ip6_dst, &xmep->client,
1027 sizeof(ip6->ip6_dst)) != 0) {
1028 cmp = 0;
1029 }
1030 break;
1031 default:
1032 cmp = 0;
1033 break;
1034 }
1035 if (cmp) {
1036 /* match */
1037 xid_map_hint = i;
1038 *proc = xmep->proc;
1039 *vers = xmep->vers;
1040 return 0;
1041 }
1042 nextitem:
1043 if (++i >= XIDMAPSIZE)
1044 i = 0;
1045 } while (i != xid_map_hint);
1046
1047 /* search failed */
1048 return (-1);
1049 }
1050
1051 /*
1052 * Routines for parsing reply packets
1053 */
1054
1055 /*
1056 * Return a pointer to the beginning of the actual results.
1057 * If the packet was truncated, return 0.
1058 */
1059 static const uint32_t *
1060 parserep(netdissect_options *ndo,
1061 const struct sunrpc_msg *rp, u_int length, int *nfserrp)
1062 {
1063 const uint32_t *dp;
1064 u_int len;
1065 enum sunrpc_accept_stat astat;
1066
1067 /*
1068 * Portability note:
1069 * Here we find the address of the ar_verf credentials.
1070 * Originally, this calculation was
1071 * dp = (uint32_t *)&rp->rm_reply.rp_acpt.ar_verf
1072 * On the wire, the rp_acpt field starts immediately after
1073 * the (32 bit) rp_stat field. However, rp_acpt (which is a
1074 * "struct accepted_reply") contains a "struct opaque_auth",
1075 * whose internal representation contains a pointer, so on a
1076 * 64-bit machine the compiler inserts 32 bits of padding
1077 * before rp->rm_reply.rp_acpt.ar_verf. So, we cannot use
1078 * the internal representation to parse the on-the-wire
1079 * representation. Instead, we skip past the rp_stat field,
1080 * which is an "enum" and so occupies one 32-bit word.
1081 */
1082 dp = ((const uint32_t *)&rp->rm_reply) + 1;
1083 len = GET_BE_U_4(dp + 1);
1084 if (len >= length)
1085 return (NULL);
1086 /*
1087 * skip past the ar_verf credentials.
1088 */
1089 dp += (len + (2*sizeof(uint32_t) + 3)) / sizeof(uint32_t);
1090
1091 /*
1092 * now we can check the ar_stat field
1093 */
1094 astat = (enum sunrpc_accept_stat) GET_BE_U_4(dp);
1095 if (astat != SUNRPC_SUCCESS) {
1096 ND_PRINT(" %s", tok2str(sunrpc_str, "ar_stat %u", astat));
1097 *nfserrp = 1; /* suppress trunc string */
1098 return (NULL);
1099 }
1100 /* successful return */
1101 ND_TCHECK_LEN(dp, sizeof(astat));
1102 return ((const uint32_t *) (sizeof(astat) + ((const char *)dp)));
1103 trunc:
1104 return (0);
1105 }
1106
1107 static const uint32_t *
1108 parsestatus(netdissect_options *ndo,
1109 const uint32_t *dp, u_int *er, int *nfserrp)
1110 {
1111 u_int errnum;
1112
1113 errnum = GET_BE_U_4(dp);
1114 if (er)
1115 *er = errnum;
1116 if (errnum != 0) {
1117 if (!ndo->ndo_qflag)
1118 ND_PRINT(" ERROR: %s",
1119 tok2str(status2str, "unk %u", errnum));
1120 *nfserrp = 1;
1121 }
1122 return (dp + 1);
1123 }
1124
1125 static const uint32_t *
1126 parsefattr(netdissect_options *ndo,
1127 const uint32_t *dp, int verbose, int v3)
1128 {
1129 const struct nfs_fattr *fap;
1130
1131 fap = (const struct nfs_fattr *)dp;
1132 ND_TCHECK_4(fap->fa_gid);
1133 if (verbose) {
1134 /*
1135 * XXX - UIDs and GIDs are unsigned in NFS and in
1136 * at least some UN*Xes, but we'll show them as
1137 * signed because -2 has traditionally been the
1138 * UID for "nobody", rather than 4294967294.
1139 */
1140 ND_PRINT(" %s %o ids %d/%d",
1141 tok2str(type2str, "unk-ft %u ",
1142 GET_BE_U_4(fap->fa_type)),
1143 GET_BE_U_4(fap->fa_mode),
1144 GET_BE_S_4(fap->fa_uid),
1145 GET_BE_S_4(fap->fa_gid));
1146 if (v3) {
1147 ND_PRINT(" sz %" PRIu64,
1148 GET_BE_U_8(fap->fa3_size));
1149 } else {
1150 ND_PRINT(" sz %u", GET_BE_U_4(fap->fa2_size));
1151 }
1152 }
1153 /* print lots more stuff */
1154 if (verbose > 1) {
1155 if (v3) {
1156 ND_TCHECK_8(&fap->fa3_ctime);
1157 ND_PRINT(" nlink %u rdev %u/%u",
1158 GET_BE_U_4(fap->fa_nlink),
1159 GET_BE_U_4(fap->fa3_rdev.specdata1),
1160 GET_BE_U_4(fap->fa3_rdev.specdata2));
1161 ND_PRINT(" fsid %" PRIx64,
1162 GET_BE_U_8(fap->fa3_fsid));
1163 ND_PRINT(" fileid %" PRIx64,
1164 GET_BE_U_8(fap->fa3_fileid));
1165 ND_PRINT(" a/m/ctime %u.%06u",
1166 GET_BE_U_4(fap->fa3_atime.nfsv3_sec),
1167 GET_BE_U_4(fap->fa3_atime.nfsv3_nsec));
1168 ND_PRINT(" %u.%06u",
1169 GET_BE_U_4(fap->fa3_mtime.nfsv3_sec),
1170 GET_BE_U_4(fap->fa3_mtime.nfsv3_nsec));
1171 ND_PRINT(" %u.%06u",
1172 GET_BE_U_4(fap->fa3_ctime.nfsv3_sec),
1173 GET_BE_U_4(fap->fa3_ctime.nfsv3_nsec));
1174 } else {
1175 ND_TCHECK_8(&fap->fa2_ctime);
1176 ND_PRINT(" nlink %u rdev 0x%x fsid 0x%x nodeid 0x%x a/m/ctime",
1177 GET_BE_U_4(fap->fa_nlink),
1178 GET_BE_U_4(fap->fa2_rdev),
1179 GET_BE_U_4(fap->fa2_fsid),
1180 GET_BE_U_4(fap->fa2_fileid));
1181 ND_PRINT(" %u.%06u",
1182 GET_BE_U_4(fap->fa2_atime.nfsv2_sec),
1183 GET_BE_U_4(fap->fa2_atime.nfsv2_usec));
1184 ND_PRINT(" %u.%06u",
1185 GET_BE_U_4(fap->fa2_mtime.nfsv2_sec),
1186 GET_BE_U_4(fap->fa2_mtime.nfsv2_usec));
1187 ND_PRINT(" %u.%06u",
1188 GET_BE_U_4(fap->fa2_ctime.nfsv2_sec),
1189 GET_BE_U_4(fap->fa2_ctime.nfsv2_usec));
1190 }
1191 }
1192 return ((const uint32_t *)((const unsigned char *)dp +
1193 (v3 ? NFSX_V3FATTR : NFSX_V2FATTR)));
1194 trunc:
1195 return (NULL);
1196 }
1197
1198 static int
1199 parseattrstat(netdissect_options *ndo,
1200 const uint32_t *dp, int verbose, int v3, int *nfserrp)
1201 {
1202 u_int er;
1203
1204 dp = parsestatus(ndo, dp, &er, nfserrp);
1205 if (dp == NULL)
1206 return (0);
1207 if (er)
1208 return (1);
1209
1210 return (parsefattr(ndo, dp, verbose, v3) != NULL);
1211 }
1212
1213 static int
1214 parsediropres(netdissect_options *ndo,
1215 const uint32_t *dp, int *nfserrp)
1216 {
1217 u_int er;
1218
1219 dp = parsestatus(ndo, dp, &er, nfserrp);
1220 if (dp == NULL)
1221 return (0);
1222 if (er)
1223 return (1);
1224
1225 dp = parsefh(ndo, dp, 0);
1226 if (dp == NULL)
1227 return (0);
1228
1229 return (parsefattr(ndo, dp, ndo->ndo_vflag, 0) != NULL);
1230 }
1231
1232 static int
1233 parselinkres(netdissect_options *ndo,
1234 const uint32_t *dp, int v3, int *nfserrp)
1235 {
1236 u_int er;
1237
1238 dp = parsestatus(ndo, dp, &er, nfserrp);
1239 if (dp == NULL)
1240 return(0);
1241 if (er)
1242 return(1);
1243 if (v3) {
1244 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1245 if (dp == NULL)
1246 return (0);
1247 }
1248 ND_PRINT(" ");
1249 return (parsefn(ndo, dp) != NULL);
1250 }
1251
1252 static int
1253 parsestatfs(netdissect_options *ndo,
1254 const uint32_t *dp, int v3, int *nfserrp)
1255 {
1256 const struct nfs_statfs *sfsp;
1257 u_int er;
1258
1259 dp = parsestatus(ndo, dp, &er, nfserrp);
1260 if (dp == NULL)
1261 return (0);
1262 if (!v3 && er)
1263 return (1);
1264
1265 if (ndo->ndo_qflag)
1266 return(1);
1267
1268 if (v3) {
1269 if (ndo->ndo_vflag)
1270 ND_PRINT(" POST:");
1271 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1272 if (dp == NULL)
1273 return (0);
1274 }
1275
1276 ND_TCHECK_LEN(dp, (v3 ? NFSX_V3STATFS : NFSX_V2STATFS));
1277
1278 sfsp = (const struct nfs_statfs *)dp;
1279
1280 if (v3) {
1281 ND_PRINT(" tbytes %" PRIu64 " fbytes %" PRIu64 " abytes %" PRIu64,
1282 GET_BE_U_8(sfsp->sf_tbytes),
1283 GET_BE_U_8(sfsp->sf_fbytes),
1284 GET_BE_U_8(sfsp->sf_abytes));
1285 if (ndo->ndo_vflag) {
1286 ND_PRINT(" tfiles %" PRIu64 " ffiles %" PRIu64 " afiles %" PRIu64 " invar %u",
1287 GET_BE_U_8(sfsp->sf_tfiles),
1288 GET_BE_U_8(sfsp->sf_ffiles),
1289 GET_BE_U_8(sfsp->sf_afiles),
1290 GET_BE_U_4(sfsp->sf_invarsec));
1291 }
1292 } else {
1293 ND_PRINT(" tsize %u bsize %u blocks %u bfree %u bavail %u",
1294 GET_BE_U_4(sfsp->sf_tsize),
1295 GET_BE_U_4(sfsp->sf_bsize),
1296 GET_BE_U_4(sfsp->sf_blocks),
1297 GET_BE_U_4(sfsp->sf_bfree),
1298 GET_BE_U_4(sfsp->sf_bavail));
1299 }
1300
1301 return (1);
1302 trunc:
1303 return (0);
1304 }
1305
1306 static int
1307 parserddires(netdissect_options *ndo,
1308 const uint32_t *dp, int *nfserrp)
1309 {
1310 u_int er;
1311
1312 dp = parsestatus(ndo, dp, &er, nfserrp);
1313 if (dp == NULL)
1314 return (0);
1315 if (er)
1316 return (1);
1317 if (ndo->ndo_qflag)
1318 return (1);
1319
1320 ND_TCHECK_4(dp + 2);
1321 ND_PRINT(" offset 0x%x size %u ",
1322 GET_BE_U_4(dp), GET_BE_U_4(dp + 1));
1323 if (GET_BE_U_4(dp + 2) != 0)
1324 ND_PRINT(" eof");
1325
1326 return (1);
1327 trunc:
1328 return (0);
1329 }
1330
1331 static const uint32_t *
1332 parse_wcc_attr(netdissect_options *ndo,
1333 const uint32_t *dp)
1334 {
1335 /* Our caller has already checked this */
1336 ND_PRINT(" sz %" PRIu64, GET_BE_U_8(dp));
1337 ND_PRINT(" mtime %u.%06u ctime %u.%06u",
1338 GET_BE_U_4(dp + 2), GET_BE_U_4(dp + 3),
1339 GET_BE_U_4(dp + 4), GET_BE_U_4(dp + 5));
1340 return (dp + 6);
1341 }
1342
1343 /*
1344 * Pre operation attributes. Print only if vflag > 1.
1345 */
1346 static const uint32_t *
1347 parse_pre_op_attr(netdissect_options *ndo,
1348 const uint32_t *dp, int verbose)
1349 {
1350 if (!GET_BE_U_4(dp))
1351 return (dp + 1);
1352 dp++;
1353 ND_TCHECK_LEN(dp, 24);
1354 if (verbose > 1) {
1355 return parse_wcc_attr(ndo, dp);
1356 } else {
1357 /* If not verbose enough, just skip over wcc_attr */
1358 return (dp + 6);
1359 }
1360 trunc:
1361 return (NULL);
1362 }
1363
1364 /*
1365 * Post operation attributes are printed if vflag >= 1
1366 */
1367 static const uint32_t *
1368 parse_post_op_attr(netdissect_options *ndo,
1369 const uint32_t *dp, int verbose)
1370 {
1371 if (!GET_BE_U_4(dp))
1372 return (dp + 1);
1373 dp++;
1374 if (verbose) {
1375 return parsefattr(ndo, dp, verbose, 1);
1376 } else
1377 return (dp + (NFSX_V3FATTR / sizeof (uint32_t)));
1378 }
1379
1380 static const uint32_t *
1381 parse_wcc_data(netdissect_options *ndo,
1382 const uint32_t *dp, int verbose)
1383 {
1384 if (verbose > 1)
1385 ND_PRINT(" PRE:");
1386 dp = parse_pre_op_attr(ndo, dp, verbose);
1387 if (dp == NULL)
1388 return (0);
1389
1390 if (verbose)
1391 ND_PRINT(" POST:");
1392 return parse_post_op_attr(ndo, dp, verbose);
1393 }
1394
1395 static const uint32_t *
1396 parsecreateopres(netdissect_options *ndo,
1397 const uint32_t *dp, int verbose, int *nfserrp)
1398 {
1399 u_int er;
1400
1401 dp = parsestatus(ndo, dp, &er, nfserrp);
1402 if (dp == NULL)
1403 return (0);
1404 if (er)
1405 dp = parse_wcc_data(ndo, dp, verbose);
1406 else {
1407 if (!GET_BE_U_4(dp))
1408 return (dp + 1);
1409 dp++;
1410 dp = parsefh(ndo, dp, 1);
1411 if (dp == NULL)
1412 return (0);
1413 if (verbose) {
1414 dp = parse_post_op_attr(ndo, dp, verbose);
1415 if (dp == NULL)
1416 return (0);
1417 if (ndo->ndo_vflag > 1) {
1418 ND_PRINT(" dir attr:");
1419 dp = parse_wcc_data(ndo, dp, verbose);
1420 }
1421 }
1422 }
1423 return (dp);
1424 }
1425
1426 static const uint32_t *
1427 parsewccres(netdissect_options *ndo,
1428 const uint32_t *dp, int verbose, int *nfserrp)
1429 {
1430 u_int er;
1431
1432 dp = parsestatus(ndo, dp, &er, nfserrp);
1433 if (dp == NULL)
1434 return (0);
1435 return parse_wcc_data(ndo, dp, verbose);
1436 }
1437
1438 static const uint32_t *
1439 parsev3rddirres(netdissect_options *ndo,
1440 const uint32_t *dp, int verbose, int *nfserrp)
1441 {
1442 u_int er;
1443
1444 dp = parsestatus(ndo, dp, &er, nfserrp);
1445 if (dp == NULL)
1446 return (0);
1447 if (ndo->ndo_vflag)
1448 ND_PRINT(" POST:");
1449 dp = parse_post_op_attr(ndo, dp, verbose);
1450 if (dp == NULL)
1451 return (0);
1452 if (er)
1453 return dp;
1454 if (ndo->ndo_vflag) {
1455 /*
1456 * This displays the 8 bytes of the verifier in order,
1457 * from the low-order byte to the high-order byte.
1458 */
1459 ND_PRINT(" verf %08x%08x",
1460 GET_BE_U_4(dp), GET_BE_U_4(dp + 1));
1461 dp += 2;
1462 }
1463 return dp;
1464 }
1465
1466 static int
1467 parsefsinfo(netdissect_options *ndo,
1468 const uint32_t *dp, int *nfserrp)
1469 {
1470 const struct nfsv3_fsinfo *sfp;
1471 u_int er;
1472
1473 dp = parsestatus(ndo, dp, &er, nfserrp);
1474 if (dp == NULL)
1475 return (0);
1476 if (ndo->ndo_vflag)
1477 ND_PRINT(" POST:");
1478 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1479 if (dp == NULL)
1480 return (0);
1481 if (er)
1482 return (1);
1483
1484 sfp = (const struct nfsv3_fsinfo *)dp;
1485 ND_TCHECK_SIZE(sfp);
1486 ND_PRINT(" rtmax %u rtpref %u wtmax %u wtpref %u dtpref %u",
1487 GET_BE_U_4(sfp->fs_rtmax),
1488 GET_BE_U_4(sfp->fs_rtpref),
1489 GET_BE_U_4(sfp->fs_wtmax),
1490 GET_BE_U_4(sfp->fs_wtpref),
1491 GET_BE_U_4(sfp->fs_dtpref));
1492 if (ndo->ndo_vflag) {
1493 ND_PRINT(" rtmult %u wtmult %u maxfsz %" PRIu64,
1494 GET_BE_U_4(sfp->fs_rtmult),
1495 GET_BE_U_4(sfp->fs_wtmult),
1496 GET_BE_U_8(sfp->fs_maxfilesize));
1497 ND_PRINT(" delta %u.%06u ",
1498 GET_BE_U_4(sfp->fs_timedelta.nfsv3_sec),
1499 GET_BE_U_4(sfp->fs_timedelta.nfsv3_nsec));
1500 }
1501 return (1);
1502 trunc:
1503 return (0);
1504 }
1505
1506 static int
1507 parsepathconf(netdissect_options *ndo,
1508 const uint32_t *dp, int *nfserrp)
1509 {
1510 u_int er;
1511 const struct nfsv3_pathconf *spp;
1512
1513 dp = parsestatus(ndo, dp, &er, nfserrp);
1514 if (dp == NULL)
1515 return (0);
1516 if (ndo->ndo_vflag)
1517 ND_PRINT(" POST:");
1518 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1519 if (dp == NULL)
1520 return (0);
1521 if (er)
1522 return (1);
1523
1524 spp = (const struct nfsv3_pathconf *)dp;
1525 ND_TCHECK_SIZE(spp);
1526
1527 ND_PRINT(" linkmax %u namemax %u %s %s %s %s",
1528 GET_BE_U_4(spp->pc_linkmax),
1529 GET_BE_U_4(spp->pc_namemax),
1530 GET_BE_U_4(spp->pc_notrunc) ? "notrunc" : "",
1531 GET_BE_U_4(spp->pc_chownrestricted) ? "chownres" : "",
1532 GET_BE_U_4(spp->pc_caseinsensitive) ? "igncase" : "",
1533 GET_BE_U_4(spp->pc_casepreserving) ? "keepcase" : "");
1534 return (1);
1535 trunc:
1536 return (0);
1537 }
1538
1539 static void
1540 interp_reply(netdissect_options *ndo,
1541 const struct sunrpc_msg *rp, uint32_t proc, uint32_t vers,
1542 int length)
1543 {
1544 const uint32_t *dp;
1545 int v3;
1546 u_int er;
1547 int nfserr = 0;
1548
1549 v3 = (vers == NFS_VER3);
1550
1551 if (!v3 && proc < NFS_NPROCS)
1552 proc = nfsv3_procid[proc];
1553
1554 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
1555 switch (proc) {
1556
1557 case NFSPROC_GETATTR:
1558 dp = parserep(ndo, rp, length, &nfserr);
1559 if (dp == NULL)
1560 goto trunc;
1561 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, v3, &nfserr) == 0)
1562 goto trunc;
1563 break;
1564
1565 case NFSPROC_SETATTR:
1566 dp = parserep(ndo, rp, length, &nfserr);
1567 if (dp == NULL)
1568 goto trunc;
1569 if (v3) {
1570 if (parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr) == 0)
1571 goto trunc;
1572 } else {
1573 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, 0, &nfserr) == 0)
1574 goto trunc;
1575 }
1576 break;
1577
1578 case NFSPROC_LOOKUP:
1579 dp = parserep(ndo, rp, length, &nfserr);
1580 if (dp == NULL)
1581 goto trunc;
1582 if (v3) {
1583 dp = parsestatus(ndo, dp, &er, &nfserr);
1584 if (dp == NULL)
1585 goto trunc;
1586 if (er) {
1587 if (ndo->ndo_vflag > 1) {
1588 ND_PRINT(" post dattr:");
1589 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1590 if (dp == NULL)
1591 goto trunc;
1592 }
1593 } else {
1594 dp = parsefh(ndo, dp, v3);
1595 if (dp == NULL)
1596 goto trunc;
1597 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1598 if (dp == NULL)
1599 goto trunc;
1600 if (ndo->ndo_vflag > 1) {
1601 ND_PRINT(" post dattr:");
1602 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1603 if (dp == NULL)
1604 goto trunc;
1605 }
1606 }
1607 } else {
1608 if (parsediropres(ndo, dp, &nfserr) == 0)
1609 goto trunc;
1610 }
1611 break;
1612
1613 case NFSPROC_ACCESS:
1614 dp = parserep(ndo, rp, length, &nfserr);
1615 if (dp == NULL)
1616 goto trunc;
1617 dp = parsestatus(ndo, dp, &er, &nfserr);
1618 if (dp == NULL)
1619 goto trunc;
1620 if (ndo->ndo_vflag)
1621 ND_PRINT(" attr:");
1622 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1623 if (dp == NULL)
1624 goto trunc;
1625 if (!er) {
1626 ND_PRINT(" c %04x", GET_BE_U_4(dp));
1627 }
1628 break;
1629
1630 case NFSPROC_READLINK:
1631 dp = parserep(ndo, rp, length, &nfserr);
1632 if (dp == NULL)
1633 goto trunc;
1634 if (parselinkres(ndo, dp, v3, &nfserr) == 0)
1635 goto trunc;
1636 break;
1637
1638 case NFSPROC_READ:
1639 dp = parserep(ndo, rp, length, &nfserr);
1640 if (dp == NULL)
1641 goto trunc;
1642 if (v3) {
1643 dp = parsestatus(ndo, dp, &er, &nfserr);
1644 if (dp == NULL)
1645 goto trunc;
1646 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1647 if (dp == NULL)
1648 goto trunc;
1649 if (!er) {
1650 if (ndo->ndo_vflag) {
1651 ND_PRINT(" %u bytes", GET_BE_U_4(dp));
1652 if (GET_BE_U_4(dp + 1))
1653 ND_PRINT(" EOF");
1654 }
1655 }
1656 } else {
1657 if (parseattrstat(ndo, dp, ndo->ndo_vflag, 0, &nfserr) == 0)
1658 goto trunc;
1659 }
1660 break;
1661
1662 case NFSPROC_WRITE:
1663 dp = parserep(ndo, rp, length, &nfserr);
1664 if (dp == NULL)
1665 goto trunc;
1666 if (v3) {
1667 dp = parsestatus(ndo, dp, &er, &nfserr);
1668 if (dp == NULL)
1669 goto trunc;
1670 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1671 if (dp == NULL)
1672 goto trunc;
1673 if (!er) {
1674 if (ndo->ndo_vflag) {
1675 ND_PRINT(" %u bytes", GET_BE_U_4(dp));
1676 if (ndo->ndo_vflag > 1) {
1677 ND_PRINT(" <%s>",
1678 tok2str(nfsv3_writemodes,
1679 NULL, GET_BE_U_4(dp + 1)));
1680
1681 /* write-verf-cookie */
1682 ND_PRINT(" verf %" PRIx64,
1683 GET_BE_U_8(dp + 2));
1684 }
1685 }
1686 }
1687 return;
1688 } else {
1689 if (parseattrstat(ndo, dp, ndo->ndo_vflag, v3, &nfserr) == 0)
1690 goto trunc;
1691 }
1692 break;
1693
1694 case NFSPROC_CREATE:
1695 case NFSPROC_MKDIR:
1696 dp = parserep(ndo, rp, length, &nfserr);
1697 if (dp == NULL)
1698 goto trunc;
1699 if (v3) {
1700 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1701 goto trunc;
1702 } else {
1703 if (parsediropres(ndo, dp, &nfserr) == 0)
1704 goto trunc;
1705 }
1706 break;
1707
1708 case NFSPROC_SYMLINK:
1709 dp = parserep(ndo, rp, length, &nfserr);
1710 if (dp == NULL)
1711 goto trunc;
1712 if (v3) {
1713 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1714 goto trunc;
1715 } else {
1716 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1717 goto trunc;
1718 }
1719 break;
1720
1721 case NFSPROC_MKNOD:
1722 dp = parserep(ndo, rp, length, &nfserr);
1723 if (dp == NULL)
1724 goto trunc;
1725 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1726 goto trunc;
1727 break;
1728
1729 case NFSPROC_REMOVE:
1730 case NFSPROC_RMDIR:
1731 dp = parserep(ndo, rp, length, &nfserr);
1732 if (dp == NULL)
1733 goto trunc;
1734 if (v3) {
1735 if (parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1736 goto trunc;
1737 } else {
1738 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1739 goto trunc;
1740 }
1741 break;
1742
1743 case NFSPROC_RENAME:
1744 dp = parserep(ndo, rp, length, &nfserr);
1745 if (dp == NULL)
1746 goto trunc;
1747 if (v3) {
1748 dp = parsestatus(ndo, dp, &er, &nfserr);
1749 if (dp == NULL)
1750 goto trunc;
1751 if (ndo->ndo_vflag) {
1752 ND_PRINT(" from:");
1753 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1754 if (dp == NULL)
1755 goto trunc;
1756 ND_PRINT(" to:");
1757 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1758 if (dp == NULL)
1759 goto trunc;
1760 }
1761 } else {
1762 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1763 goto trunc;
1764 }
1765 break;
1766
1767 case NFSPROC_LINK:
1768 dp = parserep(ndo, rp, length, &nfserr);
1769 if (dp == NULL)
1770 goto trunc;
1771 if (v3) {
1772 dp = parsestatus(ndo, dp, &er, &nfserr);
1773 if (dp == NULL)
1774 goto trunc;
1775 if (ndo->ndo_vflag) {
1776 ND_PRINT(" file POST:");
1777 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1778 if (dp == NULL)
1779 goto trunc;
1780 ND_PRINT(" dir:");
1781 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1782 if (dp == NULL)
1783 goto trunc;
1784 }
1785 return;
1786 } else {
1787 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1788 goto trunc;
1789 }
1790 break;
1791
1792 case NFSPROC_READDIR:
1793 dp = parserep(ndo, rp, length, &nfserr);
1794 if (dp == NULL)
1795 goto trunc;
1796 if (v3) {
1797 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1798 goto trunc;
1799 } else {
1800 if (parserddires(ndo, dp, &nfserr) == 0)
1801 goto trunc;
1802 }
1803 break;
1804
1805 case NFSPROC_READDIRPLUS:
1806 dp = parserep(ndo, rp, length, &nfserr);
1807 if (dp == NULL)
1808 goto trunc;
1809 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1810 goto trunc;
1811 break;
1812
1813 case NFSPROC_FSSTAT:
1814 dp = parserep(ndo, rp, length, &nfserr);
1815 if (dp == NULL)
1816 goto trunc;
1817 if (parsestatfs(ndo, dp, v3, &nfserr) == 0)
1818 goto trunc;
1819 break;
1820
1821 case NFSPROC_FSINFO:
1822 dp = parserep(ndo, rp, length, &nfserr);
1823 if (dp == NULL)
1824 goto trunc;
1825 if (parsefsinfo(ndo, dp, &nfserr) == 0)
1826 goto trunc;
1827 break;
1828
1829 case NFSPROC_PATHCONF:
1830 dp = parserep(ndo, rp, length, &nfserr);
1831 if (dp == NULL)
1832 goto trunc;
1833 if (parsepathconf(ndo, dp, &nfserr) == 0)
1834 goto trunc;
1835 break;
1836
1837 case NFSPROC_COMMIT:
1838 dp = parserep(ndo, rp, length, &nfserr);
1839 if (dp == NULL)
1840 goto trunc;
1841 dp = parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr);
1842 if (dp == NULL)
1843 goto trunc;
1844 if (ndo->ndo_vflag > 1) {
1845 /* write-verf-cookie */
1846 ND_PRINT(" verf %" PRIx64, GET_BE_U_8(dp));
1847 }
1848 break;
1849
1850 default:
1851 break;
1852 }
1853 return;
1854
1855 trunc:
1856 if (!nfserr)
1857 nd_print_trunc(ndo);
1858 }
[mirror] the TCPdump network dissector