]> The Tcpdump Group git mirrors - tcpdump/blob - print.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Introduce a buffer stack, and use it for ESP decryption.
[tcpdump] / print.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Support for splitting captures into multiple files with a maximum
22 * file size:
23 *
24 * Copyright (c) 2001
25 * Seth Webster <swebster@sst.ll.mit.edu>
26 */
27
28 #ifdef HAVE_CONFIG_H
29 #include <config.h>
30 #endif
31
32 #include <stdlib.h>
33 #include <string.h>
34 #include <setjmp.h>
35
36 #include "netdissect-stdinc.h"
37
38 #include "netdissect.h"
39 #include "addrtoname.h"
40 #include "print.h"
41 #include "netdissect-alloc.h"
42
43 #include "pcap-missing.h"
44
45 struct printer {
46 if_printer f;
47 int type;
48 };
49
50 static const struct printer printers[] = {
51 { ether_if_print, DLT_EN10MB },
52 #ifdef DLT_IPNET
53 { ipnet_if_print, DLT_IPNET },
54 #endif
55 #ifdef DLT_IEEE802_15_4
56 { ieee802_15_4_if_print, DLT_IEEE802_15_4 },
57 #endif
58 #ifdef DLT_IEEE802_15_4_NOFCS
59 { ieee802_15_4_if_print, DLT_IEEE802_15_4_NOFCS },
60 #endif
61 #ifdef DLT_IEEE802_15_4_TAP
62 { ieee802_15_4_tap_if_print, DLT_IEEE802_15_4_TAP },
63 #endif
64 #ifdef DLT_PPI
65 { ppi_if_print, DLT_PPI },
66 #endif
67 #ifdef DLT_NETANALYZER
68 { netanalyzer_if_print, DLT_NETANALYZER },
69 #endif
70 #ifdef DLT_NETANALYZER_TRANSPARENT
71 { netanalyzer_transparent_if_print, DLT_NETANALYZER_TRANSPARENT },
72 #endif
73 #ifdef DLT_NFLOG
74 { nflog_if_print, DLT_NFLOG},
75 #endif
76 #ifdef DLT_CIP
77 { cip_if_print, DLT_CIP },
78 #endif
79 #ifdef DLT_ATM_CLIP
80 { cip_if_print, DLT_ATM_CLIP },
81 #endif
82 #ifdef DLT_IP_OVER_FC
83 { ipfc_if_print, DLT_IP_OVER_FC },
84 #endif
85 { null_if_print, DLT_NULL },
86 #ifdef DLT_LOOP
87 { null_if_print, DLT_LOOP },
88 #endif
89 #ifdef DLT_APPLE_IP_OVER_IEEE1394
90 { ap1394_if_print, DLT_APPLE_IP_OVER_IEEE1394 },
91 #endif
92 #ifdef DLT_BLUETOOTH_HCI_H4_WITH_PHDR
93 { bt_if_print, DLT_BLUETOOTH_HCI_H4_WITH_PHDR},
94 #endif
95 #ifdef DLT_LANE8023
96 { lane_if_print, DLT_LANE8023 },
97 #endif
98 { arcnet_if_print, DLT_ARCNET },
99 #ifdef DLT_ARCNET_LINUX
100 { arcnet_linux_if_print, DLT_ARCNET_LINUX },
101 #endif
102 { raw_if_print, DLT_RAW },
103 #ifdef DLT_IPV4
104 { raw_if_print, DLT_IPV4 },
105 #endif
106 #ifdef DLT_IPV6
107 { raw_if_print, DLT_IPV6 },
108 #endif
109 #ifdef DLT_USB_LINUX
110 { usb_linux_48_byte_if_print, DLT_USB_LINUX},
111 #endif /* DLT_USB_LINUX */
112 #ifdef DLT_USB_LINUX_MMAPPED
113 { usb_linux_64_byte_if_print, DLT_USB_LINUX_MMAPPED},
114 #endif /* DLT_USB_LINUX_MMAPPED */
115 #ifdef DLT_SYMANTEC_FIREWALL
116 { symantec_if_print, DLT_SYMANTEC_FIREWALL },
117 #endif
118 #ifdef DLT_C_HDLC
119 { chdlc_if_print, DLT_C_HDLC },
120 #endif
121 #ifdef DLT_HDLC
122 { chdlc_if_print, DLT_HDLC },
123 #endif
124 #ifdef DLT_PPP_ETHER
125 { pppoe_if_print, DLT_PPP_ETHER },
126 #endif
127 #if defined(DLT_PFLOG) && defined(HAVE_NET_IF_PFLOG_H)
128 { pflog_if_print, DLT_PFLOG },
129 #endif
130 { token_if_print, DLT_IEEE802 },
131 { fddi_if_print, DLT_FDDI },
132 #ifdef DLT_LINUX_SLL
133 { sll_if_print, DLT_LINUX_SLL },
134 #endif
135 #ifdef DLT_LINUX_SLL2
136 { sll2_if_print, DLT_LINUX_SLL2 },
137 #endif
138 #ifdef DLT_FR
139 { fr_if_print, DLT_FR },
140 #endif
141 #ifdef DLT_FRELAY
142 { fr_if_print, DLT_FRELAY },
143 #endif
144 #ifdef DLT_MFR
145 { mfr_if_print, DLT_MFR },
146 #endif
147 { atm_if_print, DLT_ATM_RFC1483 },
148 #ifdef DLT_SUNATM
149 { sunatm_if_print, DLT_SUNATM },
150 #endif
151 #ifdef DLT_ENC
152 { enc_if_print, DLT_ENC },
153 #endif
154 { sl_if_print, DLT_SLIP },
155 #ifdef DLT_SLIP_BSDOS
156 { sl_bsdos_if_print, DLT_SLIP_BSDOS },
157 #endif
158 #ifdef DLT_LTALK
159 { ltalk_if_print, DLT_LTALK },
160 #endif
161 #ifdef DLT_JUNIPER_ATM1
162 { juniper_atm1_if_print, DLT_JUNIPER_ATM1 },
163 #endif
164 #ifdef DLT_JUNIPER_ATM2
165 { juniper_atm2_if_print, DLT_JUNIPER_ATM2 },
166 #endif
167 #ifdef DLT_JUNIPER_MFR
168 { juniper_mfr_if_print, DLT_JUNIPER_MFR },
169 #endif
170 #ifdef DLT_JUNIPER_MLFR
171 { juniper_mlfr_if_print, DLT_JUNIPER_MLFR },
172 #endif
173 #ifdef DLT_JUNIPER_MLPPP
174 { juniper_mlppp_if_print, DLT_JUNIPER_MLPPP },
175 #endif
176 #ifdef DLT_JUNIPER_PPPOE
177 { juniper_pppoe_if_print, DLT_JUNIPER_PPPOE },
178 #endif
179 #ifdef DLT_JUNIPER_PPPOE_ATM
180 { juniper_pppoe_atm_if_print, DLT_JUNIPER_PPPOE_ATM },
181 #endif
182 #ifdef DLT_JUNIPER_GGSN
183 { juniper_ggsn_if_print, DLT_JUNIPER_GGSN },
184 #endif
185 #ifdef DLT_JUNIPER_ES
186 { juniper_es_if_print, DLT_JUNIPER_ES },
187 #endif
188 #ifdef DLT_JUNIPER_MONITOR
189 { juniper_monitor_if_print, DLT_JUNIPER_MONITOR },
190 #endif
191 #ifdef DLT_JUNIPER_SERVICES
192 { juniper_services_if_print, DLT_JUNIPER_SERVICES },
193 #endif
194 #ifdef DLT_JUNIPER_ETHER
195 { juniper_ether_if_print, DLT_JUNIPER_ETHER },
196 #endif
197 #ifdef DLT_JUNIPER_PPP
198 { juniper_ppp_if_print, DLT_JUNIPER_PPP },
199 #endif
200 #ifdef DLT_JUNIPER_FRELAY
201 { juniper_frelay_if_print, DLT_JUNIPER_FRELAY },
202 #endif
203 #ifdef DLT_JUNIPER_CHDLC
204 { juniper_chdlc_if_print, DLT_JUNIPER_CHDLC },
205 #endif
206 #ifdef DLT_PKTAP
207 { pktap_if_print, DLT_PKTAP },
208 #endif
209 #ifdef DLT_IEEE802_11_RADIO
210 { ieee802_11_radio_if_print, DLT_IEEE802_11_RADIO },
211 #endif
212 #ifdef DLT_IEEE802_11
213 { ieee802_11_if_print, DLT_IEEE802_11},
214 #endif
215 #ifdef DLT_IEEE802_11_RADIO_AVS
216 { ieee802_11_radio_avs_if_print, DLT_IEEE802_11_RADIO_AVS },
217 #endif
218 #ifdef DLT_PRISM_HEADER
219 { prism_if_print, DLT_PRISM_HEADER },
220 #endif
221 { ppp_if_print, DLT_PPP },
222 #ifdef DLT_PPP_WITHDIRECTION
223 { ppp_if_print, DLT_PPP_WITHDIRECTION },
224 #endif
225 #ifdef DLT_PPP_BSDOS
226 { ppp_bsdos_if_print, DLT_PPP_BSDOS },
227 #endif
228 #ifdef DLT_PPP_SERIAL
229 { ppp_hdlc_if_print, DLT_PPP_SERIAL },
230 #endif
231 #ifdef DLT_DSA_TAG_BRCM
232 { brcm_tag_if_print, DLT_DSA_TAG_BRCM },
233 #endif
234 #ifdef DLT_DSA_TAG_BRCM_PREPEND
235 { brcm_tag_prepend_if_print, DLT_DSA_TAG_BRCM_PREPEND },
236 #endif
237 { NULL, 0 },
238 };
239
240 static void ndo_default_print(netdissect_options *ndo, const u_char *bp,
241 u_int length);
242
243 static void NORETURN ndo_error(netdissect_options *ndo,
244 status_exit_codes_t status,
245 FORMAT_STRING(const char *fmt), ...)
246 PRINTFLIKE(3, 4);
247 static void ndo_warning(netdissect_options *ndo,
248 FORMAT_STRING(const char *fmt), ...)
249 PRINTFLIKE(2, 3);
250
251 static int ndo_printf(netdissect_options *ndo,
252 FORMAT_STRING(const char *fmt), ...)
253 PRINTFLIKE(2, 3);
254
255 void
256 init_print(netdissect_options *ndo, uint32_t localnet, uint32_t mask)
257 {
258
259 init_addrtoname(ndo, localnet, mask);
260 init_checksum();
261 }
262
263 if_printer
264 lookup_printer(int type)
265 {
266 const struct printer *p;
267
268 for (p = printers; p->f; ++p)
269 if (type == p->type)
270 return p->f;
271
272 #if defined(DLT_USER2) && defined(DLT_PKTAP)
273 /*
274 * Apple incorrectly chose to use DLT_USER2 for their PKTAP
275 * header.
276 *
277 * We map DLT_PKTAP, whether it's DLT_USER2 as it is on Darwin-
278 * based OSes or the same value as LINKTYPE_PKTAP as it is on
279 * other OSes, to LINKTYPE_PKTAP, so files written with
280 * this version of libpcap for a DLT_PKTAP capture have a link-
281 * layer header type of LINKTYPE_PKTAP.
282 *
283 * However, files written on OS X Mavericks for a DLT_PKTAP
284 * capture have a link-layer header type of LINKTYPE_USER2.
285 * If we don't have a printer for DLT_USER2, and type is
286 * DLT_USER2, we look up the printer for DLT_PKTAP and use
287 * that.
288 */
289 if (type == DLT_USER2) {
290 for (p = printers; p->f; ++p)
291 if (DLT_PKTAP == p->type)
292 return p->f;
293 }
294 #endif
295
296 return NULL;
297 /* NOTREACHED */
298 }
299
300 int
301 has_printer(int type)
302 {
303 return (lookup_printer(type) != NULL);
304 }
305
306 if_printer
307 get_if_printer(netdissect_options *ndo, int type)
308 {
309 const char *dltname;
310 if_printer printer;
311
312 printer = lookup_printer(type);
313 if (printer == NULL) {
314 dltname = pcap_datalink_val_to_name(type);
315 if (dltname != NULL)
316 (*ndo->ndo_error)(ndo, S_ERR_ND_NO_PRINTER,
317 "packet printing is not supported for link type %s: use -w",
318 dltname);
319 else
320 (*ndo->ndo_error)(ndo, S_ERR_ND_NO_PRINTER,
321 "packet printing is not supported for link type %d: use -w", type);
322 }
323 return printer;
324 }
325
326 void
327 pretty_print_packet(netdissect_options *ndo, const struct pcap_pkthdr *h,
328 const u_char *sp, u_int packets_captured)
329 {
330 u_int hdrlen = 0;
331 int invalid_header = 0;
332
333 if (ndo->ndo_packet_number)
334 ND_PRINT("%5u ", packets_captured);
335
336 /* Sanity checks on packet length / capture length */
337 if (h->caplen == 0) {
338 invalid_header = 1;
339 ND_PRINT("[Invalid header: caplen==0");
340 }
341 if (h->len == 0) {
342 if (!invalid_header) {
343 invalid_header = 1;
344 ND_PRINT("[Invalid header:");
345 } else
346 ND_PRINT(",");
347 ND_PRINT(" len==0");
348 } else if (h->len < h->caplen) {
349 if (!invalid_header) {
350 invalid_header = 1;
351 ND_PRINT("[Invalid header:");
352 } else
353 ND_PRINT(",");
354 ND_PRINT(" len(%u) < caplen(%u)", h->len, h->caplen);
355 }
356 if (h->caplen > MAXIMUM_SNAPLEN) {
357 if (!invalid_header) {
358 invalid_header = 1;
359 ND_PRINT("[Invalid header:");
360 } else
361 ND_PRINT(",");
362 ND_PRINT(" caplen(%u) > %u", h->caplen, MAXIMUM_SNAPLEN);
363 }
364 if (h->len > MAXIMUM_SNAPLEN) {
365 if (!invalid_header) {
366 invalid_header = 1;
367 ND_PRINT("[Invalid header:");
368 } else
369 ND_PRINT(",");
370 ND_PRINT(" len(%u) > %u", h->len, MAXIMUM_SNAPLEN);
371 }
372 if (invalid_header) {
373 ND_PRINT("]\n");
374 return;
375 }
376
377 /*
378 * At this point:
379 * capture length != 0,
380 * packet length != 0,
381 * capture length <= MAXIMUM_SNAPLEN,
382 * packet length <= MAXIMUM_SNAPLEN,
383 * packet length >= capture length.
384 *
385 * Currently, there is no D-Bus printer, thus no need for
386 * bigger lengths.
387 */
388
389 ts_print(ndo, &h->ts);
390
391 /*
392 * Printers must check that they're not walking off the end of
393 * the packet.
394 * Rather than pass it all the way down, we set this member
395 * of the netdissect_options structure.
396 */
397 ndo->ndo_snapend = sp + h->caplen;
398
399 ndo->ndo_protocol = "";
400 if (setjmp(ndo->ndo_truncated) == 0) {
401 /* Print the packet. */
402 hdrlen = (ndo->ndo_if_printer)(ndo, h, sp);
403 } else {
404 /* A printer quit because the packet was truncated; report it */
405 ND_PRINT(" [|%s]", ndo->ndo_protocol);
406 }
407
408 /*
409 * Free all pushed buffers; if we got here by a printer quitting,
410 * we need to release anything that didn't get released because
411 * we longjmped out of the code before it popped a buffer.
412 */
413 nd_pop_all_buffers(ndo);
414
415 /*
416 * Restore the original snapend, as a printer might have
417 * changed it.
418 */
419 ndo->ndo_snapend = sp + h->caplen;
420 if (ndo->ndo_Xflag) {
421 /*
422 * Print the raw packet data in hex and ASCII.
423 */
424 if (ndo->ndo_Xflag > 1) {
425 /*
426 * Include the link-layer header.
427 */
428 hex_and_ascii_print(ndo, "\n\t", sp, h->caplen);
429 } else {
430 /*
431 * Don't include the link-layer header - and if
432 * we have nothing past the link-layer header,
433 * print nothing.
434 */
435 if (h->caplen > hdrlen)
436 hex_and_ascii_print(ndo, "\n\t", sp + hdrlen,
437 h->caplen - hdrlen);
438 }
439 } else if (ndo->ndo_xflag) {
440 /*
441 * Print the raw packet data in hex.
442 */
443 if (ndo->ndo_xflag > 1) {
444 /*
445 * Include the link-layer header.
446 */
447 hex_print(ndo, "\n\t", sp, h->caplen);
448 } else {
449 /*
450 * Don't include the link-layer header - and if
451 * we have nothing past the link-layer header,
452 * print nothing.
453 */
454 if (h->caplen > hdrlen)
455 hex_print(ndo, "\n\t", sp + hdrlen,
456 h->caplen - hdrlen);
457 }
458 } else if (ndo->ndo_Aflag) {
459 /*
460 * Print the raw packet data in ASCII.
461 */
462 if (ndo->ndo_Aflag > 1) {
463 /*
464 * Include the link-layer header.
465 */
466 ascii_print(ndo, sp, h->caplen);
467 } else {
468 /*
469 * Don't include the link-layer header - and if
470 * we have nothing past the link-layer header,
471 * print nothing.
472 */
473 if (h->caplen > hdrlen)
474 ascii_print(ndo, sp + hdrlen, h->caplen - hdrlen);
475 }
476 }
477
478 ND_PRINT("\n");
479 nd_free_all(ndo);
480 }
481
482 /*
483 * By default, print the specified data out in hex and ASCII.
484 */
485 static void
486 ndo_default_print(netdissect_options *ndo, const u_char *bp, u_int length)
487 {
488 hex_and_ascii_print(ndo, "\n\t", bp, length); /* pass on lf and indentation string */
489 }
490
491 /* VARARGS */
492 static void
493 ndo_error(netdissect_options *ndo, status_exit_codes_t status,
494 const char *fmt, ...)
495 {
496 va_list ap;
497
498 if (ndo->program_name)
499 (void)fprintf(stderr, "%s: ", ndo->program_name);
500 va_start(ap, fmt);
501 (void)vfprintf(stderr, fmt, ap);
502 va_end(ap);
503 if (*fmt) {
504 fmt += strlen(fmt);
505 if (fmt[-1] != '\n')
506 (void)fputc('\n', stderr);
507 }
508 nd_cleanup();
509 exit(status);
510 /* NOTREACHED */
511 }
512
513 /* VARARGS */
514 static void
515 ndo_warning(netdissect_options *ndo, const char *fmt, ...)
516 {
517 va_list ap;
518
519 if (ndo->program_name)
520 (void)fprintf(stderr, "%s: ", ndo->program_name);
521 (void)fprintf(stderr, "WARNING: ");
522 va_start(ap, fmt);
523 (void)vfprintf(stderr, fmt, ap);
524 va_end(ap);
525 if (*fmt) {
526 fmt += strlen(fmt);
527 if (fmt[-1] != '\n')
528 (void)fputc('\n', stderr);
529 }
530 }
531
532 static int
533 ndo_printf(netdissect_options *ndo, const char *fmt, ...)
534 {
535 va_list args;
536 int ret;
537
538 va_start(args, fmt);
539 ret = vfprintf(stdout, fmt, args);
540 va_end(args);
541
542 if (ret < 0)
543 ndo_error(ndo, S_ERR_ND_WRITE_FILE,
544 "Unable to write output: %s", pcap_strerror(errno));
545 return (ret);
546 }
547
548 void
549 ndo_set_function_pointers(netdissect_options *ndo)
550 {
551 ndo->ndo_default_print=ndo_default_print;
552 ndo->ndo_printf=ndo_printf;
553 ndo->ndo_error=ndo_error;
554 ndo->ndo_warning=ndo_warning;
555 }
[mirror] the TCPdump network dissector