]> The Tcpdump Group git mirrors - tcpdump/blob - print-nfs.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
OLSR: Replace the ND_TTEST_*() calls with ND_TCHECK_*() calls
[tcpdump] / print-nfs.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Network File System (NFS) printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "extract.h"
36
37 #include "nfs.h"
38 #include "nfsfh.h"
39
40 #include "ip.h"
41 #include "ip6.h"
42 #include "rpc_auth.h"
43 #include "rpc_msg.h"
44
45
46 static void nfs_printfh(netdissect_options *, const uint32_t *, const u_int);
47 static int xid_map_enter(netdissect_options *, const struct sunrpc_msg *, const u_char *);
48 static int xid_map_find(const struct sunrpc_msg *, const u_char *,
49 uint32_t *, uint32_t *);
50 static void interp_reply(netdissect_options *, const struct sunrpc_msg *, uint32_t, uint32_t, int);
51 static const uint32_t *parse_post_op_attr(netdissect_options *, const uint32_t *, int);
52
53 /*
54 * Mapping of old NFS Version 2 RPC numbers to generic numbers.
55 */
56 static uint32_t nfsv3_procid[NFS_NPROCS] = {
57 NFSPROC_NULL,
58 NFSPROC_GETATTR,
59 NFSPROC_SETATTR,
60 NFSPROC_NOOP,
61 NFSPROC_LOOKUP,
62 NFSPROC_READLINK,
63 NFSPROC_READ,
64 NFSPROC_NOOP,
65 NFSPROC_WRITE,
66 NFSPROC_CREATE,
67 NFSPROC_REMOVE,
68 NFSPROC_RENAME,
69 NFSPROC_LINK,
70 NFSPROC_SYMLINK,
71 NFSPROC_MKDIR,
72 NFSPROC_RMDIR,
73 NFSPROC_READDIR,
74 NFSPROC_FSSTAT,
75 NFSPROC_NOOP,
76 NFSPROC_NOOP,
77 NFSPROC_NOOP,
78 NFSPROC_NOOP,
79 NFSPROC_NOOP,
80 NFSPROC_NOOP,
81 NFSPROC_NOOP,
82 NFSPROC_NOOP
83 };
84
85 static const struct tok nfsproc_str[] = {
86 { NFSPROC_NOOP, "nop" },
87 { NFSPROC_NULL, "null" },
88 { NFSPROC_GETATTR, "getattr" },
89 { NFSPROC_SETATTR, "setattr" },
90 { NFSPROC_LOOKUP, "lookup" },
91 { NFSPROC_ACCESS, "access" },
92 { NFSPROC_READLINK, "readlink" },
93 { NFSPROC_READ, "read" },
94 { NFSPROC_WRITE, "write" },
95 { NFSPROC_CREATE, "create" },
96 { NFSPROC_MKDIR, "mkdir" },
97 { NFSPROC_SYMLINK, "symlink" },
98 { NFSPROC_MKNOD, "mknod" },
99 { NFSPROC_REMOVE, "remove" },
100 { NFSPROC_RMDIR, "rmdir" },
101 { NFSPROC_RENAME, "rename" },
102 { NFSPROC_LINK, "link" },
103 { NFSPROC_READDIR, "readdir" },
104 { NFSPROC_READDIRPLUS, "readdirplus" },
105 { NFSPROC_FSSTAT, "fsstat" },
106 { NFSPROC_FSINFO, "fsinfo" },
107 { NFSPROC_PATHCONF, "pathconf" },
108 { NFSPROC_COMMIT, "commit" },
109 { 0, NULL }
110 };
111
112 /*
113 * NFS V2 and V3 status values.
114 *
115 * Some of these come from the RFCs for NFS V2 and V3, with the message
116 * strings taken from the FreeBSD C library "errlst.c".
117 *
118 * Others are errors that are not in the RFC but that I suspect some
119 * NFS servers could return; the values are FreeBSD errno values, as
120 * the first NFS server was the SunOS 2.0 one, and until 5.0 SunOS
121 * was primarily BSD-derived.
122 */
123 static const struct tok status2str[] = {
124 { 1, "Operation not permitted" }, /* EPERM */
125 { 2, "No such file or directory" }, /* ENOENT */
126 { 5, "Input/output error" }, /* EIO */
127 { 6, "Device not configured" }, /* ENXIO */
128 { 11, "Resource deadlock avoided" }, /* EDEADLK */
129 { 12, "Cannot allocate memory" }, /* ENOMEM */
130 { 13, "Permission denied" }, /* EACCES */
131 { 17, "File exists" }, /* EEXIST */
132 { 18, "Cross-device link" }, /* EXDEV */
133 { 19, "Operation not supported by device" }, /* ENODEV */
134 { 20, "Not a directory" }, /* ENOTDIR */
135 { 21, "Is a directory" }, /* EISDIR */
136 { 22, "Invalid argument" }, /* EINVAL */
137 { 26, "Text file busy" }, /* ETXTBSY */
138 { 27, "File too large" }, /* EFBIG */
139 { 28, "No space left on device" }, /* ENOSPC */
140 { 30, "Read-only file system" }, /* EROFS */
141 { 31, "Too many links" }, /* EMLINK */
142 { 45, "Operation not supported" }, /* EOPNOTSUPP */
143 { 62, "Too many levels of symbolic links" }, /* ELOOP */
144 { 63, "File name too long" }, /* ENAMETOOLONG */
145 { 66, "Directory not empty" }, /* ENOTEMPTY */
146 { 69, "Disc quota exceeded" }, /* EDQUOT */
147 { 70, "Stale NFS file handle" }, /* ESTALE */
148 { 71, "Too many levels of remote in path" }, /* EREMOTE */
149 { 99, "Write cache flushed to disk" }, /* NFSERR_WFLUSH (not used) */
150 { 10001, "Illegal NFS file handle" }, /* NFS3ERR_BADHANDLE */
151 { 10002, "Update synchronization mismatch" }, /* NFS3ERR_NOT_SYNC */
152 { 10003, "READDIR/READDIRPLUS cookie is stale" }, /* NFS3ERR_BAD_COOKIE */
153 { 10004, "Operation not supported" }, /* NFS3ERR_NOTSUPP */
154 { 10005, "Buffer or request is too small" }, /* NFS3ERR_TOOSMALL */
155 { 10006, "Unspecified error on server" }, /* NFS3ERR_SERVERFAULT */
156 { 10007, "Object of that type not supported" }, /* NFS3ERR_BADTYPE */
157 { 10008, "Request couldn't be completed in time" }, /* NFS3ERR_JUKEBOX */
158 { 0, NULL }
159 };
160
161 static const struct tok nfsv3_writemodes[] = {
162 { 0, "unstable" },
163 { 1, "datasync" },
164 { 2, "filesync" },
165 { 0, NULL }
166 };
167
168 static const struct tok type2str[] = {
169 { NFNON, "NON" },
170 { NFREG, "REG" },
171 { NFDIR, "DIR" },
172 { NFBLK, "BLK" },
173 { NFCHR, "CHR" },
174 { NFLNK, "LNK" },
175 { NFFIFO, "FIFO" },
176 { 0, NULL }
177 };
178
179 static const struct tok sunrpc_auth_str[] = {
180 { SUNRPC_AUTH_OK, "OK" },
181 { SUNRPC_AUTH_BADCRED, "Bogus Credentials (seal broken)" },
182 { SUNRPC_AUTH_REJECTEDCRED, "Rejected Credentials (client should begin new session)" },
183 { SUNRPC_AUTH_BADVERF, "Bogus Verifier (seal broken)" },
184 { SUNRPC_AUTH_REJECTEDVERF, "Verifier expired or was replayed" },
185 { SUNRPC_AUTH_TOOWEAK, "Credentials are too weak" },
186 { SUNRPC_AUTH_INVALIDRESP, "Bogus response verifier" },
187 { SUNRPC_AUTH_FAILED, "Unknown failure" },
188 { 0, NULL }
189 };
190
191 static const struct tok sunrpc_str[] = {
192 { SUNRPC_PROG_UNAVAIL, "PROG_UNAVAIL" },
193 { SUNRPC_PROG_MISMATCH, "PROG_MISMATCH" },
194 { SUNRPC_PROC_UNAVAIL, "PROC_UNAVAIL" },
195 { SUNRPC_GARBAGE_ARGS, "GARBAGE_ARGS" },
196 { SUNRPC_SYSTEM_ERR, "SYSTEM_ERR" },
197 { 0, NULL }
198 };
199
200 static void
201 print_nfsaddr(netdissect_options *ndo,
202 const u_char *bp, const char *s, const char *d)
203 {
204 const struct ip *ip;
205 const struct ip6_hdr *ip6;
206 char srcaddr[INET6_ADDRSTRLEN], dstaddr[INET6_ADDRSTRLEN];
207
208 srcaddr[0] = dstaddr[0] = '\0';
209 switch (IP_V((const struct ip *)bp)) {
210 case 4:
211 ip = (const struct ip *)bp;
212 strlcpy(srcaddr, ipaddr_string(ndo, ip->ip_src), sizeof(srcaddr));
213 strlcpy(dstaddr, ipaddr_string(ndo, ip->ip_dst), sizeof(dstaddr));
214 break;
215 case 6:
216 ip6 = (const struct ip6_hdr *)bp;
217 strlcpy(srcaddr, ip6addr_string(ndo, ip6->ip6_src),
218 sizeof(srcaddr));
219 strlcpy(dstaddr, ip6addr_string(ndo, ip6->ip6_dst),
220 sizeof(dstaddr));
221 break;
222 default:
223 strlcpy(srcaddr, "?", sizeof(srcaddr));
224 strlcpy(dstaddr, "?", sizeof(dstaddr));
225 break;
226 }
227
228 ND_PRINT("%s.%s > %s.%s: ", srcaddr, s, dstaddr, d);
229 }
230
231 /*
232 * NFS Version 3 sattr3 structure for the new node creation case.
233 * This does not have a fixed layout on the network, so this
234 * structure does not correspond to the layout of the data on
235 * the network; it's used to store the data when the sattr3
236 * is parsed for use when it's later printed.
237 */
238 struct nfsv3_sattr {
239 uint32_t sa_modeset;
240 uint32_t sa_mode;
241 uint32_t sa_uidset;
242 uint32_t sa_uid;
243 uint32_t sa_gidset;
244 uint32_t sa_gid;
245 uint32_t sa_sizeset;
246 uint32_t sa_size;
247 uint32_t sa_atimetype;
248 struct {
249 uint32_t nfsv3_sec;
250 uint32_t nfsv3_nsec;
251 } sa_atime;
252 uint32_t sa_mtimetype;
253 struct {
254 uint32_t nfsv3_sec;
255 uint32_t nfsv3_nsec;
256 } sa_mtime;
257 };
258
259 static const uint32_t *
260 parse_sattr3(netdissect_options *ndo,
261 const uint32_t *dp, struct nfsv3_sattr *sa3)
262 {
263 ND_TCHECK_4(dp);
264 sa3->sa_modeset = EXTRACT_BE_U_4(dp);
265 dp++;
266 if (sa3->sa_modeset) {
267 ND_TCHECK_4(dp);
268 sa3->sa_mode = EXTRACT_BE_U_4(dp);
269 dp++;
270 }
271
272 ND_TCHECK_4(dp);
273 sa3->sa_uidset = EXTRACT_BE_U_4(dp);
274 dp++;
275 if (sa3->sa_uidset) {
276 ND_TCHECK_4(dp);
277 sa3->sa_uid = EXTRACT_BE_U_4(dp);
278 dp++;
279 }
280
281 ND_TCHECK_4(dp);
282 sa3->sa_gidset = EXTRACT_BE_U_4(dp);
283 dp++;
284 if (sa3->sa_gidset) {
285 ND_TCHECK_4(dp);
286 sa3->sa_gid = EXTRACT_BE_U_4(dp);
287 dp++;
288 }
289
290 ND_TCHECK_4(dp);
291 sa3->sa_sizeset = EXTRACT_BE_U_4(dp);
292 dp++;
293 if (sa3->sa_sizeset) {
294 ND_TCHECK_4(dp);
295 sa3->sa_size = EXTRACT_BE_U_4(dp);
296 dp++;
297 }
298
299 ND_TCHECK_4(dp);
300 sa3->sa_atimetype = EXTRACT_BE_U_4(dp);
301 dp++;
302 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT) {
303 ND_TCHECK_4(dp + 1);
304 sa3->sa_atime.nfsv3_sec = EXTRACT_BE_U_4(dp);
305 dp++;
306 sa3->sa_atime.nfsv3_nsec = EXTRACT_BE_U_4(dp);
307 dp++;
308 }
309
310 ND_TCHECK_4(dp);
311 sa3->sa_mtimetype = EXTRACT_BE_U_4(dp);
312 dp++;
313 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT) {
314 ND_TCHECK_4(dp + 1);
315 sa3->sa_mtime.nfsv3_sec = EXTRACT_BE_U_4(dp);
316 dp++;
317 sa3->sa_mtime.nfsv3_nsec = EXTRACT_BE_U_4(dp);
318 dp++;
319 }
320
321 return dp;
322 trunc:
323 return NULL;
324 }
325
326 static void
327 print_sattr3(netdissect_options *ndo,
328 const struct nfsv3_sattr *sa3, int verbose)
329 {
330 if (sa3->sa_modeset)
331 ND_PRINT(" mode %o", sa3->sa_mode);
332 if (sa3->sa_uidset)
333 ND_PRINT(" uid %u", sa3->sa_uid);
334 if (sa3->sa_gidset)
335 ND_PRINT(" gid %u", sa3->sa_gid);
336 if (verbose > 1) {
337 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT)
338 ND_PRINT(" atime %u.%06u", sa3->sa_atime.nfsv3_sec,
339 sa3->sa_atime.nfsv3_nsec);
340 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT)
341 ND_PRINT(" mtime %u.%06u", sa3->sa_mtime.nfsv3_sec,
342 sa3->sa_mtime.nfsv3_nsec);
343 }
344 }
345
346 void
347 nfsreply_print(netdissect_options *ndo,
348 const u_char *bp, u_int length,
349 const u_char *bp2)
350 {
351 const struct sunrpc_msg *rp;
352 char srcid[20], dstid[20]; /*fits 32bit*/
353
354 ndo->ndo_protocol = "nfs";
355 rp = (const struct sunrpc_msg *)bp;
356
357 ND_TCHECK_4(rp->rm_xid);
358 if (!ndo->ndo_nflag) {
359 strlcpy(srcid, "nfs", sizeof(srcid));
360 nd_snprintf(dstid, sizeof(dstid), "%u",
361 EXTRACT_BE_U_4(rp->rm_xid));
362 } else {
363 nd_snprintf(srcid, sizeof(srcid), "%u", NFS_PORT);
364 nd_snprintf(dstid, sizeof(dstid), "%u",
365 EXTRACT_BE_U_4(rp->rm_xid));
366 }
367 print_nfsaddr(ndo, bp2, srcid, dstid);
368
369 nfsreply_noaddr_print(ndo, bp, length, bp2);
370 return;
371
372 trunc:
373 nd_print_trunc(ndo);
374 }
375
376 void
377 nfsreply_noaddr_print(netdissect_options *ndo,
378 const u_char *bp, u_int length,
379 const u_char *bp2)
380 {
381 const struct sunrpc_msg *rp;
382 uint32_t proc, vers, reply_stat;
383 enum sunrpc_reject_stat rstat;
384 uint32_t rlow;
385 uint32_t rhigh;
386 enum sunrpc_auth_stat rwhy;
387
388 ndo->ndo_protocol = "nfs";
389 rp = (const struct sunrpc_msg *)bp;
390
391 ND_TCHECK_4(rp->rm_reply.rp_stat);
392 reply_stat = EXTRACT_BE_U_4(&rp->rm_reply.rp_stat);
393 switch (reply_stat) {
394
395 case SUNRPC_MSG_ACCEPTED:
396 ND_PRINT("reply ok %u", length);
397 if (xid_map_find(rp, bp2, &proc, &vers) >= 0)
398 interp_reply(ndo, rp, proc, vers, length);
399 break;
400
401 case SUNRPC_MSG_DENIED:
402 ND_PRINT("reply ERR %u: ", length);
403 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_stat);
404 rstat = EXTRACT_BE_U_4(&rp->rm_reply.rp_reject.rj_stat);
405 switch (rstat) {
406
407 case SUNRPC_RPC_MISMATCH:
408 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_vers.high);
409 rlow = EXTRACT_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.low);
410 rhigh = EXTRACT_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.high);
411 ND_PRINT("RPC Version mismatch (%u-%u)", rlow, rhigh);
412 break;
413
414 case SUNRPC_AUTH_ERROR:
415 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_why);
416 rwhy = EXTRACT_BE_U_4(&rp->rm_reply.rp_reject.rj_why);
417 ND_PRINT("Auth %s", tok2str(sunrpc_auth_str, "Invalid failure code %u", rwhy));
418 break;
419
420 default:
421 ND_PRINT("Unknown reason for rejecting rpc message %u", (unsigned int)rstat);
422 break;
423 }
424 break;
425
426 default:
427 ND_PRINT("reply Unknown rpc response code=%u %u", reply_stat, length);
428 break;
429 }
430 return;
431
432 trunc:
433 nd_print_trunc(ndo);
434 }
435
436 /*
437 * Return a pointer to the first file handle in the packet.
438 * If the packet was truncated, return 0.
439 */
440 static const uint32_t *
441 parsereq(netdissect_options *ndo,
442 const struct sunrpc_msg *rp, u_int length)
443 {
444 const uint32_t *dp;
445 u_int len, rounded_len;
446
447 /*
448 * Find the start of the req data (if we captured it).
449 * First, get the length of the credentials, and make sure
450 * we have all of the opaque part of the credentials.
451 */
452 dp = (const uint32_t *)&rp->rm_call.cb_cred;
453 if (length < 2 * sizeof(*dp))
454 goto trunc;
455 ND_TCHECK_4(dp + 1);
456 len = EXTRACT_BE_U_4(dp + 1);
457 rounded_len = roundup2(len, 4);
458 ND_TCHECK_LEN(dp + 2, rounded_len);
459 if (2 * sizeof(*dp) + rounded_len <= length) {
460 /*
461 * We have all of the credentials. Skip past them; they
462 * consist of 4 bytes of flavor, 4 bytes of length,
463 * and len-rounded-up-to-a-multiple-of-4 bytes of
464 * data.
465 */
466 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
467 length -= 2 * sizeof(*dp) + rounded_len;
468
469 /*
470 * Now get the length of the verifier, and make sure
471 * we have all of the opaque part of the verifier.
472 */
473 if (length < 2 * sizeof(*dp))
474 goto trunc;
475 ND_TCHECK_4(dp + 1);
476 len = EXTRACT_BE_U_4(dp + 1);
477 rounded_len = roundup2(len, 4);
478 ND_TCHECK_LEN(dp + 2, rounded_len);
479 if (2 * sizeof(*dp) + rounded_len < length) {
480 /*
481 * We have all of the verifier. Skip past it;
482 * it consists of 4 bytes of flavor, 4 bytes of
483 * length, and len-rounded-up-to-a-multiple-of-4
484 * bytes of data.
485 */
486 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
487 return (dp);
488 }
489 }
490 trunc:
491 return (NULL);
492 }
493
494 /*
495 * Print out an NFS file handle and return a pointer to following word.
496 * If packet was truncated, return 0.
497 */
498 static const uint32_t *
499 parsefh(netdissect_options *ndo,
500 const uint32_t *dp, int v3)
501 {
502 u_int len;
503
504 if (v3) {
505 ND_TCHECK_4(dp);
506 len = EXTRACT_BE_U_4(dp) / 4;
507 dp++;
508 } else
509 len = NFSX_V2FH / 4;
510
511 if (ND_TTEST_LEN(dp, len * sizeof(*dp))) {
512 nfs_printfh(ndo, dp, len);
513 return (dp + len);
514 }
515 trunc:
516 return (NULL);
517 }
518
519 /*
520 * Print out a file name and return pointer to 32-bit word past it.
521 * If packet was truncated, return 0.
522 */
523 static const uint32_t *
524 parsefn(netdissect_options *ndo,
525 const uint32_t *dp)
526 {
527 uint32_t len;
528 const u_char *cp;
529
530 /* Bail if we don't have the string length */
531 ND_TCHECK_4(dp);
532
533 /* Fetch big-endian string length */
534 len = EXTRACT_BE_U_4(dp);
535 dp++;
536
537 ND_TCHECK_LEN(dp, ((len + 3) & ~3));
538
539 cp = (const u_char *)dp;
540 /* Update 32-bit pointer (NFS filenames padded to 32-bit boundaries) */
541 dp += ((len + 3) & ~3) / sizeof(*dp);
542 ND_PRINT("\"");
543 if (nd_printn(ndo, cp, len, ndo->ndo_snapend)) {
544 ND_PRINT("\"");
545 goto trunc;
546 }
547 ND_PRINT("\"");
548
549 return (dp);
550 trunc:
551 return NULL;
552 }
553
554 /*
555 * Print out file handle and file name.
556 * Return pointer to 32-bit word past file name.
557 * If packet was truncated (or there was some other error), return 0.
558 */
559 static const uint32_t *
560 parsefhn(netdissect_options *ndo,
561 const uint32_t *dp, int v3)
562 {
563 dp = parsefh(ndo, dp, v3);
564 if (dp == NULL)
565 return (NULL);
566 ND_PRINT(" ");
567 return (parsefn(ndo, dp));
568 }
569
570 void
571 nfsreq_noaddr_print(netdissect_options *ndo,
572 const u_char *bp, u_int length,
573 const u_char *bp2)
574 {
575 const struct sunrpc_msg *rp;
576 const uint32_t *dp;
577 nfs_type type;
578 int v3;
579 uint32_t proc;
580 uint32_t access_flags;
581 struct nfsv3_sattr sa3;
582
583 ndo->ndo_protocol = "nfs";
584 ND_PRINT("%u", length);
585 rp = (const struct sunrpc_msg *)bp;
586
587 if (!xid_map_enter(ndo, rp, bp2)) /* record proc number for later on */
588 goto trunc;
589
590 v3 = (EXTRACT_BE_U_4(&rp->rm_call.cb_vers) == NFS_VER3);
591 proc = EXTRACT_BE_U_4(&rp->rm_call.cb_proc);
592
593 if (!v3 && proc < NFS_NPROCS)
594 proc = nfsv3_procid[proc];
595
596 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
597 switch (proc) {
598
599 case NFSPROC_GETATTR:
600 case NFSPROC_SETATTR:
601 case NFSPROC_READLINK:
602 case NFSPROC_FSSTAT:
603 case NFSPROC_FSINFO:
604 case NFSPROC_PATHCONF:
605 dp = parsereq(ndo, rp, length);
606 if (dp == NULL)
607 goto trunc;
608 if (parsefh(ndo, dp, v3) == NULL)
609 goto trunc;
610 break;
611
612 case NFSPROC_LOOKUP:
613 case NFSPROC_CREATE:
614 case NFSPROC_MKDIR:
615 case NFSPROC_REMOVE:
616 case NFSPROC_RMDIR:
617 dp = parsereq(ndo, rp, length);
618 if (dp == NULL)
619 goto trunc;
620 if (parsefhn(ndo, dp, v3) == NULL)
621 goto trunc;
622 break;
623
624 case NFSPROC_ACCESS:
625 dp = parsereq(ndo, rp, length);
626 if (dp == NULL)
627 goto trunc;
628 dp = parsefh(ndo, dp, v3);
629 if (dp == NULL)
630 goto trunc;
631 ND_TCHECK_4(dp);
632 access_flags = EXTRACT_BE_U_4(dp);
633 if (access_flags & ~NFSV3ACCESS_FULL) {
634 /* NFSV3ACCESS definitions aren't up to date */
635 ND_PRINT(" %04x", access_flags);
636 } else if ((access_flags & NFSV3ACCESS_FULL) == NFSV3ACCESS_FULL) {
637 ND_PRINT(" NFS_ACCESS_FULL");
638 } else {
639 char separator = ' ';
640 if (access_flags & NFSV3ACCESS_READ) {
641 ND_PRINT(" NFS_ACCESS_READ");
642 separator = '|';
643 }
644 if (access_flags & NFSV3ACCESS_LOOKUP) {
645 ND_PRINT("%cNFS_ACCESS_LOOKUP", separator);
646 separator = '|';
647 }
648 if (access_flags & NFSV3ACCESS_MODIFY) {
649 ND_PRINT("%cNFS_ACCESS_MODIFY", separator);
650 separator = '|';
651 }
652 if (access_flags & NFSV3ACCESS_EXTEND) {
653 ND_PRINT("%cNFS_ACCESS_EXTEND", separator);
654 separator = '|';
655 }
656 if (access_flags & NFSV3ACCESS_DELETE) {
657 ND_PRINT("%cNFS_ACCESS_DELETE", separator);
658 separator = '|';
659 }
660 if (access_flags & NFSV3ACCESS_EXECUTE)
661 ND_PRINT("%cNFS_ACCESS_EXECUTE", separator);
662 }
663 break;
664
665 case NFSPROC_READ:
666 dp = parsereq(ndo, rp, length);
667 if (dp == NULL)
668 goto trunc;
669 dp = parsefh(ndo, dp, v3);
670 if (dp == NULL)
671 goto trunc;
672 if (v3) {
673 ND_TCHECK_4(dp + 2);
674 ND_PRINT(" %u bytes @ %" PRIu64,
675 EXTRACT_BE_U_4(dp + 2),
676 EXTRACT_BE_U_8(dp));
677 } else {
678 ND_TCHECK_4(dp + 1);
679 ND_PRINT(" %u bytes @ %u",
680 EXTRACT_BE_U_4(dp + 1),
681 EXTRACT_BE_U_4(dp));
682 }
683 break;
684
685 case NFSPROC_WRITE:
686 dp = parsereq(ndo, rp, length);
687 if (dp == NULL)
688 goto trunc;
689 dp = parsefh(ndo, dp, v3);
690 if (dp == NULL)
691 goto trunc;
692 if (v3) {
693 ND_TCHECK_4(dp + 4);
694 ND_PRINT(" %u (%u) bytes @ %" PRIu64,
695 EXTRACT_BE_U_4(dp + 4),
696 EXTRACT_BE_U_4(dp + 2),
697 EXTRACT_BE_U_8(dp));
698 if (ndo->ndo_vflag) {
699 ND_PRINT(" <%s>",
700 tok2str(nfsv3_writemodes,
701 NULL, EXTRACT_BE_U_4(dp + 3)));
702 }
703 } else {
704 ND_TCHECK_4(dp + 3);
705 ND_PRINT(" %u (%u) bytes @ %u (%u)",
706 EXTRACT_BE_U_4(dp + 3),
707 EXTRACT_BE_U_4(dp + 2),
708 EXTRACT_BE_U_4(dp + 1),
709 EXTRACT_BE_U_4(dp));
710 }
711 break;
712
713 case NFSPROC_SYMLINK:
714 dp = parsereq(ndo, rp, length);
715 if (dp == NULL)
716 goto trunc;
717 dp = parsefhn(ndo, dp, v3);
718 if (dp == NULL)
719 goto trunc;
720 ND_PRINT(" ->");
721 if (v3 && (dp = parse_sattr3(ndo, dp, &sa3)) == NULL)
722 goto trunc;
723 if (parsefn(ndo, dp) == NULL)
724 goto trunc;
725 if (v3 && ndo->ndo_vflag)
726 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
727 break;
728
729 case NFSPROC_MKNOD:
730 dp = parsereq(ndo, rp, length);
731 if (dp == NULL)
732 goto trunc;
733 dp = parsefhn(ndo, dp, v3);
734 if (dp == NULL)
735 goto trunc;
736 ND_TCHECK_4(dp);
737 type = (nfs_type) EXTRACT_BE_U_4(dp);
738 dp++;
739 dp = parse_sattr3(ndo, dp, &sa3);
740 if (dp == NULL)
741 goto trunc;
742 ND_PRINT(" %s", tok2str(type2str, "unk-ft %u", type));
743 if (ndo->ndo_vflag && (type == NFCHR || type == NFBLK)) {
744 ND_TCHECK_4(dp + 1);
745 ND_PRINT(" %u/%u",
746 EXTRACT_BE_U_4(dp),
747 EXTRACT_BE_U_4(dp + 1));
748 dp += 2;
749 }
750 if (ndo->ndo_vflag)
751 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
752 break;
753
754 case NFSPROC_RENAME:
755 dp = parsereq(ndo, rp, length);
756 if (dp == NULL)
757 goto trunc;
758 dp = parsefhn(ndo, dp, v3);
759 if (dp == NULL)
760 goto trunc;
761 ND_PRINT(" ->");
762 if (parsefhn(ndo, dp, v3) == NULL)
763 goto trunc;
764 break;
765
766 case NFSPROC_LINK:
767 dp = parsereq(ndo, rp, length);
768 if (dp == NULL)
769 goto trunc;
770 dp = parsefh(ndo, dp, v3);
771 if (dp == NULL)
772 goto trunc;
773 ND_PRINT(" ->");
774 if (parsefhn(ndo, dp, v3) == NULL)
775 goto trunc;
776 break;
777
778 case NFSPROC_READDIR:
779 dp = parsereq(ndo, rp, length);
780 if (dp == NULL)
781 goto trunc;
782 dp = parsefh(ndo, dp, v3);
783 if (dp == NULL)
784 goto trunc;
785 if (v3) {
786 ND_TCHECK_4(dp + 4);
787 /*
788 * We shouldn't really try to interpret the
789 * offset cookie here.
790 */
791 ND_PRINT(" %u bytes @ %" PRId64,
792 EXTRACT_BE_U_4(dp + 4),
793 EXTRACT_BE_U_8(dp));
794 if (ndo->ndo_vflag) {
795 /*
796 * This displays the 8 bytes
797 * of the verifier in order,
798 * from the low-order byte
799 * to the high-order byte.
800 */
801 ND_PRINT(" verf %08x%08x",
802 EXTRACT_BE_U_4(dp + 2),
803 EXTRACT_BE_U_4(dp + 3));
804 }
805 } else {
806 ND_TCHECK_4(dp + 1);
807 /*
808 * Print the offset as signed, since -1 is
809 * common, but offsets > 2^31 aren't.
810 */
811 ND_PRINT(" %u bytes @ %u",
812 EXTRACT_BE_U_4(dp + 1),
813 EXTRACT_BE_U_4(dp));
814 }
815 break;
816
817 case NFSPROC_READDIRPLUS:
818 dp = parsereq(ndo, rp, length);
819 if (dp == NULL)
820 goto trunc;
821 dp = parsefh(ndo, dp, v3);
822 if (dp == NULL)
823 goto trunc;
824 ND_TCHECK_4(dp + 4);
825 /*
826 * We don't try to interpret the offset
827 * cookie here.
828 */
829 ND_PRINT(" %u bytes @ %" PRId64,
830 EXTRACT_BE_U_4(dp + 4),
831 EXTRACT_BE_U_8(dp));
832 if (ndo->ndo_vflag) {
833 ND_TCHECK_4(dp + 5);
834 /*
835 * This displays the 8 bytes
836 * of the verifier in order,
837 * from the low-order byte
838 * to the high-order byte.
839 */
840 ND_PRINT(" max %u verf %08x%08x",
841 EXTRACT_BE_U_4(dp + 5),
842 EXTRACT_BE_U_4(dp + 2),
843 EXTRACT_BE_U_4(dp + 3));
844 }
845 break;
846
847 case NFSPROC_COMMIT:
848 dp = parsereq(ndo, rp, length);
849 if (dp == NULL)
850 goto trunc;
851 dp = parsefh(ndo, dp, v3);
852 if (dp == NULL)
853 goto trunc;
854 ND_TCHECK_4(dp + 2);
855 ND_PRINT(" %u bytes @ %" PRIu64,
856 EXTRACT_BE_U_4(dp + 2),
857 EXTRACT_BE_U_8(dp));
858 break;
859
860 default:
861 break;
862 }
863 return;
864
865 trunc:
866 nd_print_trunc(ndo);
867 }
868
869 /*
870 * Print out an NFS file handle.
871 * We assume packet was not truncated before the end of the
872 * file handle pointed to by dp.
873 *
874 * Note: new version (using portable file-handle parser) doesn't produce
875 * generation number. It probably could be made to do that, with some
876 * additional hacking on the parser code.
877 */
878 static void
879 nfs_printfh(netdissect_options *ndo,
880 const uint32_t *dp, const u_int len)
881 {
882 my_fsid fsid;
883 uint32_t ino;
884 const char *sfsname = NULL;
885 char *spacep;
886
887 if (ndo->ndo_uflag) {
888 u_int i;
889 char const *sep = "";
890
891 ND_PRINT(" fh[");
892 for (i=0; i<len; i++) {
893 /*
894 * This displays 4 bytes in big-endian byte
895 * order. That's as good a choice as little-
896 * endian, as there's no guarantee that the
897 * server is big-endian or little-endian or
898 * that the file handle contains 4-byte
899 * integral fields, and is better than "the
900 * byte order of the host running tcpdump", as
901 * the latter means that different hosts
902 * running tcpdump may show the same file
903 * handle in different ways.
904 */
905 ND_PRINT("%s%x", sep, EXTRACT_BE_U_4(dp + i));
906 sep = ":";
907 }
908 ND_PRINT("]");
909 return;
910 }
911
912 Parse_fh((const u_char *)dp, len, &fsid, &ino, NULL, &sfsname, 0);
913
914 if (sfsname) {
915 /* file system ID is ASCII, not numeric, for this server OS */
916 char temp[NFSX_V3FHMAX+1];
917 u_int stringlen;
918
919 /* Make sure string is null-terminated */
920 stringlen = len;
921 if (stringlen > NFSX_V3FHMAX)
922 stringlen = NFSX_V3FHMAX;
923 strncpy(temp, sfsname, stringlen);
924 temp[stringlen] = '\0';
925 /* Remove trailing spaces */
926 spacep = strchr(temp, ' ');
927 if (spacep)
928 *spacep = '\0';
929
930 ND_PRINT(" fh %s/", temp);
931 } else {
932 ND_PRINT(" fh %u,%u/",
933 fsid.Fsid_dev.Major, fsid.Fsid_dev.Minor);
934 }
935
936 if(fsid.Fsid_dev.Minor == 257)
937 /* Print the undecoded handle */
938 ND_PRINT("%s", fsid.Opaque_Handle);
939 else
940 ND_PRINT("%ld", (long) ino);
941 }
942
943 /*
944 * Maintain a small cache of recent client.XID.server/proc pairs, to allow
945 * us to match up replies with requests and thus to know how to parse
946 * the reply.
947 */
948
949 struct xid_map_entry {
950 uint32_t xid; /* transaction ID (net order) */
951 int ipver; /* IP version (4 or 6) */
952 struct in6_addr client; /* client IP address (net order) */
953 struct in6_addr server; /* server IP address (net order) */
954 uint32_t proc; /* call proc number (host order) */
955 uint32_t vers; /* program version (host order) */
956 };
957
958 /*
959 * Map entries are kept in an array that we manage as a ring;
960 * new entries are always added at the tail of the ring. Initially,
961 * all the entries are zero and hence don't match anything.
962 */
963
964 #define XIDMAPSIZE 64
965
966 static struct xid_map_entry xid_map[XIDMAPSIZE];
967
968 static int xid_map_next = 0;
969 static int xid_map_hint = 0;
970
971 static int
972 xid_map_enter(netdissect_options *ndo,
973 const struct sunrpc_msg *rp, const u_char *bp)
974 {
975 const struct ip *ip = NULL;
976 const struct ip6_hdr *ip6 = NULL;
977 struct xid_map_entry *xmep;
978
979 if (!ND_TTEST_4(rp->rm_call.cb_proc))
980 return (0);
981 switch (IP_V((const struct ip *)bp)) {
982 case 4:
983 ip = (const struct ip *)bp;
984 break;
985 case 6:
986 ip6 = (const struct ip6_hdr *)bp;
987 break;
988 default:
989 return (1);
990 }
991
992 xmep = &xid_map[xid_map_next];
993
994 if (++xid_map_next >= XIDMAPSIZE)
995 xid_map_next = 0;
996
997 UNALIGNED_MEMCPY(&xmep->xid, &rp->rm_xid, sizeof(xmep->xid));
998 if (ip) {
999 xmep->ipver = 4;
1000 UNALIGNED_MEMCPY(&xmep->client, ip->ip_src,
1001 sizeof(ip->ip_src));
1002 UNALIGNED_MEMCPY(&xmep->server, ip->ip_dst,
1003 sizeof(ip->ip_dst));
1004 }
1005 else if (ip6) {
1006 xmep->ipver = 6;
1007 UNALIGNED_MEMCPY(&xmep->client, ip6->ip6_src,
1008 sizeof(ip6->ip6_src));
1009 UNALIGNED_MEMCPY(&xmep->server, ip6->ip6_dst,
1010 sizeof(ip6->ip6_dst));
1011 }
1012 xmep->proc = EXTRACT_BE_U_4(&rp->rm_call.cb_proc);
1013 xmep->vers = EXTRACT_BE_U_4(&rp->rm_call.cb_vers);
1014 return (1);
1015 }
1016
1017 /*
1018 * Returns 0 and puts NFSPROC_xxx in proc return and
1019 * version in vers return, or returns -1 on failure
1020 */
1021 static int
1022 xid_map_find(const struct sunrpc_msg *rp, const u_char *bp, uint32_t *proc,
1023 uint32_t *vers)
1024 {
1025 int i;
1026 struct xid_map_entry *xmep;
1027 uint32_t xid;
1028 const struct ip *ip = (const struct ip *)bp;
1029 const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp;
1030 int cmp;
1031
1032 UNALIGNED_MEMCPY(&xid, &rp->rm_xid, sizeof(xmep->xid));
1033 /* Start searching from where we last left off */
1034 i = xid_map_hint;
1035 do {
1036 xmep = &xid_map[i];
1037 cmp = 1;
1038 if (xmep->ipver != IP_V(ip) || xmep->xid != xid)
1039 goto nextitem;
1040 switch (xmep->ipver) {
1041 case 4:
1042 if (UNALIGNED_MEMCMP(ip->ip_src, &xmep->server,
1043 sizeof(ip->ip_src)) != 0 ||
1044 UNALIGNED_MEMCMP(ip->ip_dst, &xmep->client,
1045 sizeof(ip->ip_dst)) != 0) {
1046 cmp = 0;
1047 }
1048 break;
1049 case 6:
1050 if (UNALIGNED_MEMCMP(ip6->ip6_src, &xmep->server,
1051 sizeof(ip6->ip6_src)) != 0 ||
1052 UNALIGNED_MEMCMP(ip6->ip6_dst, &xmep->client,
1053 sizeof(ip6->ip6_dst)) != 0) {
1054 cmp = 0;
1055 }
1056 break;
1057 default:
1058 cmp = 0;
1059 break;
1060 }
1061 if (cmp) {
1062 /* match */
1063 xid_map_hint = i;
1064 *proc = xmep->proc;
1065 *vers = xmep->vers;
1066 return 0;
1067 }
1068 nextitem:
1069 if (++i >= XIDMAPSIZE)
1070 i = 0;
1071 } while (i != xid_map_hint);
1072
1073 /* search failed */
1074 return (-1);
1075 }
1076
1077 /*
1078 * Routines for parsing reply packets
1079 */
1080
1081 /*
1082 * Return a pointer to the beginning of the actual results.
1083 * If the packet was truncated, return 0.
1084 */
1085 static const uint32_t *
1086 parserep(netdissect_options *ndo,
1087 const struct sunrpc_msg *rp, u_int length, int *nfserrp)
1088 {
1089 const uint32_t *dp;
1090 u_int len;
1091 enum sunrpc_accept_stat astat;
1092
1093 /*
1094 * Portability note:
1095 * Here we find the address of the ar_verf credentials.
1096 * Originally, this calculation was
1097 * dp = (uint32_t *)&rp->rm_reply.rp_acpt.ar_verf
1098 * On the wire, the rp_acpt field starts immediately after
1099 * the (32 bit) rp_stat field. However, rp_acpt (which is a
1100 * "struct accepted_reply") contains a "struct opaque_auth",
1101 * whose internal representation contains a pointer, so on a
1102 * 64-bit machine the compiler inserts 32 bits of padding
1103 * before rp->rm_reply.rp_acpt.ar_verf. So, we cannot use
1104 * the internal representation to parse the on-the-wire
1105 * representation. Instead, we skip past the rp_stat field,
1106 * which is an "enum" and so occupies one 32-bit word.
1107 */
1108 dp = ((const uint32_t *)&rp->rm_reply) + 1;
1109 ND_TCHECK_4(dp + 1);
1110 len = EXTRACT_BE_U_4(dp + 1);
1111 if (len >= length)
1112 return (NULL);
1113 /*
1114 * skip past the ar_verf credentials.
1115 */
1116 dp += (len + (2*sizeof(uint32_t) + 3)) / sizeof(uint32_t);
1117
1118 /*
1119 * now we can check the ar_stat field
1120 */
1121 ND_TCHECK_4(dp);
1122 astat = (enum sunrpc_accept_stat) EXTRACT_BE_U_4(dp);
1123 if (astat != SUNRPC_SUCCESS) {
1124 ND_PRINT(" %s", tok2str(sunrpc_str, "ar_stat %u", astat));
1125 *nfserrp = 1; /* suppress trunc string */
1126 return (NULL);
1127 }
1128 /* successful return */
1129 ND_TCHECK_LEN(dp, sizeof(astat));
1130 return ((const uint32_t *) (sizeof(astat) + ((const char *)dp)));
1131 trunc:
1132 return (0);
1133 }
1134
1135 static const uint32_t *
1136 parsestatus(netdissect_options *ndo,
1137 const uint32_t *dp, u_int *er, int *nfserrp)
1138 {
1139 u_int errnum;
1140
1141 ND_TCHECK_4(dp);
1142
1143 errnum = EXTRACT_BE_U_4(dp);
1144 if (er)
1145 *er = errnum;
1146 if (errnum != 0) {
1147 if (!ndo->ndo_qflag)
1148 ND_PRINT(" ERROR: %s",
1149 tok2str(status2str, "unk %u", errnum));
1150 *nfserrp = 1;
1151 }
1152 return (dp + 1);
1153 trunc:
1154 return NULL;
1155 }
1156
1157 static const uint32_t *
1158 parsefattr(netdissect_options *ndo,
1159 const uint32_t *dp, int verbose, int v3)
1160 {
1161 const struct nfs_fattr *fap;
1162
1163 fap = (const struct nfs_fattr *)dp;
1164 ND_TCHECK_4(fap->fa_gid);
1165 if (verbose) {
1166 /*
1167 * XXX - UIDs and GIDs are unsigned in NFS and in
1168 * at least some UN*Xes, but we'll show them as
1169 * signed because -2 has traditionally been the
1170 * UID for "nobody", rather than 4294967294.
1171 */
1172 ND_PRINT(" %s %o ids %d/%d",
1173 tok2str(type2str, "unk-ft %u ",
1174 EXTRACT_BE_U_4(fap->fa_type)),
1175 EXTRACT_BE_U_4(fap->fa_mode),
1176 EXTRACT_BE_S_4(fap->fa_uid),
1177 EXTRACT_BE_S_4(fap->fa_gid));
1178 if (v3) {
1179 ND_TCHECK_8(fap->fa3_size);
1180 ND_PRINT(" sz %" PRIu64,
1181 EXTRACT_BE_U_8(fap->fa3_size));
1182 } else {
1183 ND_TCHECK_4(fap->fa2_size);
1184 ND_PRINT(" sz %u", EXTRACT_BE_U_4(fap->fa2_size));
1185 }
1186 }
1187 /* print lots more stuff */
1188 if (verbose > 1) {
1189 if (v3) {
1190 ND_TCHECK_8(&fap->fa3_ctime);
1191 ND_PRINT(" nlink %u rdev %u/%u",
1192 EXTRACT_BE_U_4(fap->fa_nlink),
1193 EXTRACT_BE_U_4(fap->fa3_rdev.specdata1),
1194 EXTRACT_BE_U_4(fap->fa3_rdev.specdata2));
1195 ND_PRINT(" fsid %" PRIx64,
1196 EXTRACT_BE_U_8(fap->fa3_fsid));
1197 ND_PRINT(" fileid %" PRIx64,
1198 EXTRACT_BE_U_8(fap->fa3_fileid));
1199 ND_PRINT(" a/m/ctime %u.%06u",
1200 EXTRACT_BE_U_4(fap->fa3_atime.nfsv3_sec),
1201 EXTRACT_BE_U_4(fap->fa3_atime.nfsv3_nsec));
1202 ND_PRINT(" %u.%06u",
1203 EXTRACT_BE_U_4(fap->fa3_mtime.nfsv3_sec),
1204 EXTRACT_BE_U_4(fap->fa3_mtime.nfsv3_nsec));
1205 ND_PRINT(" %u.%06u",
1206 EXTRACT_BE_U_4(fap->fa3_ctime.nfsv3_sec),
1207 EXTRACT_BE_U_4(fap->fa3_ctime.nfsv3_nsec));
1208 } else {
1209 ND_TCHECK_8(&fap->fa2_ctime);
1210 ND_PRINT(" nlink %u rdev 0x%x fsid 0x%x nodeid 0x%x a/m/ctime",
1211 EXTRACT_BE_U_4(fap->fa_nlink),
1212 EXTRACT_BE_U_4(fap->fa2_rdev),
1213 EXTRACT_BE_U_4(fap->fa2_fsid),
1214 EXTRACT_BE_U_4(fap->fa2_fileid));
1215 ND_PRINT(" %u.%06u",
1216 EXTRACT_BE_U_4(fap->fa2_atime.nfsv2_sec),
1217 EXTRACT_BE_U_4(fap->fa2_atime.nfsv2_usec));
1218 ND_PRINT(" %u.%06u",
1219 EXTRACT_BE_U_4(fap->fa2_mtime.nfsv2_sec),
1220 EXTRACT_BE_U_4(fap->fa2_mtime.nfsv2_usec));
1221 ND_PRINT(" %u.%06u",
1222 EXTRACT_BE_U_4(fap->fa2_ctime.nfsv2_sec),
1223 EXTRACT_BE_U_4(fap->fa2_ctime.nfsv2_usec));
1224 }
1225 }
1226 return ((const uint32_t *)((const unsigned char *)dp +
1227 (v3 ? NFSX_V3FATTR : NFSX_V2FATTR)));
1228 trunc:
1229 return (NULL);
1230 }
1231
1232 static int
1233 parseattrstat(netdissect_options *ndo,
1234 const uint32_t *dp, int verbose, int v3, int *nfserrp)
1235 {
1236 u_int er;
1237
1238 dp = parsestatus(ndo, dp, &er, nfserrp);
1239 if (dp == NULL)
1240 return (0);
1241 if (er)
1242 return (1);
1243
1244 return (parsefattr(ndo, dp, verbose, v3) != NULL);
1245 }
1246
1247 static int
1248 parsediropres(netdissect_options *ndo,
1249 const uint32_t *dp, int *nfserrp)
1250 {
1251 u_int er;
1252
1253 dp = parsestatus(ndo, dp, &er, nfserrp);
1254 if (dp == NULL)
1255 return (0);
1256 if (er)
1257 return (1);
1258
1259 dp = parsefh(ndo, dp, 0);
1260 if (dp == NULL)
1261 return (0);
1262
1263 return (parsefattr(ndo, dp, ndo->ndo_vflag, 0) != NULL);
1264 }
1265
1266 static int
1267 parselinkres(netdissect_options *ndo,
1268 const uint32_t *dp, int v3, int *nfserrp)
1269 {
1270 u_int er;
1271
1272 dp = parsestatus(ndo, dp, &er, nfserrp);
1273 if (dp == NULL)
1274 return(0);
1275 if (er)
1276 return(1);
1277 if (v3) {
1278 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1279 if (dp == NULL)
1280 return (0);
1281 }
1282 ND_PRINT(" ");
1283 return (parsefn(ndo, dp) != NULL);
1284 }
1285
1286 static int
1287 parsestatfs(netdissect_options *ndo,
1288 const uint32_t *dp, int v3, int *nfserrp)
1289 {
1290 const struct nfs_statfs *sfsp;
1291 u_int er;
1292
1293 dp = parsestatus(ndo, dp, &er, nfserrp);
1294 if (dp == NULL)
1295 return (0);
1296 if (!v3 && er)
1297 return (1);
1298
1299 if (ndo->ndo_qflag)
1300 return(1);
1301
1302 if (v3) {
1303 if (ndo->ndo_vflag)
1304 ND_PRINT(" POST:");
1305 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1306 if (dp == NULL)
1307 return (0);
1308 }
1309
1310 ND_TCHECK_LEN(dp, (v3 ? NFSX_V3STATFS : NFSX_V2STATFS));
1311
1312 sfsp = (const struct nfs_statfs *)dp;
1313
1314 if (v3) {
1315 ND_PRINT(" tbytes %" PRIu64 " fbytes %" PRIu64 " abytes %" PRIu64,
1316 EXTRACT_BE_U_8(sfsp->sf_tbytes),
1317 EXTRACT_BE_U_8(sfsp->sf_fbytes),
1318 EXTRACT_BE_U_8(sfsp->sf_abytes));
1319 if (ndo->ndo_vflag) {
1320 ND_PRINT(" tfiles %" PRIu64 " ffiles %" PRIu64 " afiles %" PRIu64 " invar %u",
1321 EXTRACT_BE_U_8(sfsp->sf_tfiles),
1322 EXTRACT_BE_U_8(sfsp->sf_ffiles),
1323 EXTRACT_BE_U_8(sfsp->sf_afiles),
1324 EXTRACT_BE_U_4(sfsp->sf_invarsec));
1325 }
1326 } else {
1327 ND_PRINT(" tsize %u bsize %u blocks %u bfree %u bavail %u",
1328 EXTRACT_BE_U_4(sfsp->sf_tsize),
1329 EXTRACT_BE_U_4(sfsp->sf_bsize),
1330 EXTRACT_BE_U_4(sfsp->sf_blocks),
1331 EXTRACT_BE_U_4(sfsp->sf_bfree),
1332 EXTRACT_BE_U_4(sfsp->sf_bavail));
1333 }
1334
1335 return (1);
1336 trunc:
1337 return (0);
1338 }
1339
1340 static int
1341 parserddires(netdissect_options *ndo,
1342 const uint32_t *dp, int *nfserrp)
1343 {
1344 u_int er;
1345
1346 dp = parsestatus(ndo, dp, &er, nfserrp);
1347 if (dp == NULL)
1348 return (0);
1349 if (er)
1350 return (1);
1351 if (ndo->ndo_qflag)
1352 return (1);
1353
1354 ND_TCHECK_4(dp + 2);
1355 ND_PRINT(" offset 0x%x size %u ",
1356 EXTRACT_BE_U_4(dp), EXTRACT_BE_U_4(dp + 1));
1357 if (EXTRACT_BE_U_4(dp + 2) != 0)
1358 ND_PRINT(" eof");
1359
1360 return (1);
1361 trunc:
1362 return (0);
1363 }
1364
1365 static const uint32_t *
1366 parse_wcc_attr(netdissect_options *ndo,
1367 const uint32_t *dp)
1368 {
1369 /* Our caller has already checked this */
1370 ND_PRINT(" sz %" PRIu64, EXTRACT_BE_U_8(dp));
1371 ND_PRINT(" mtime %u.%06u ctime %u.%06u",
1372 EXTRACT_BE_U_4(dp + 2), EXTRACT_BE_U_4(dp + 3),
1373 EXTRACT_BE_U_4(dp + 4), EXTRACT_BE_U_4(dp + 5));
1374 return (dp + 6);
1375 }
1376
1377 /*
1378 * Pre operation attributes. Print only if vflag > 1.
1379 */
1380 static const uint32_t *
1381 parse_pre_op_attr(netdissect_options *ndo,
1382 const uint32_t *dp, int verbose)
1383 {
1384 ND_TCHECK_4(dp);
1385 if (!EXTRACT_BE_U_4(dp))
1386 return (dp + 1);
1387 dp++;
1388 ND_TCHECK_LEN(dp, 24);
1389 if (verbose > 1) {
1390 return parse_wcc_attr(ndo, dp);
1391 } else {
1392 /* If not verbose enough, just skip over wcc_attr */
1393 return (dp + 6);
1394 }
1395 trunc:
1396 return (NULL);
1397 }
1398
1399 /*
1400 * Post operation attributes are printed if vflag >= 1
1401 */
1402 static const uint32_t *
1403 parse_post_op_attr(netdissect_options *ndo,
1404 const uint32_t *dp, int verbose)
1405 {
1406 ND_TCHECK_4(dp);
1407 if (!EXTRACT_BE_U_4(dp))
1408 return (dp + 1);
1409 dp++;
1410 if (verbose) {
1411 return parsefattr(ndo, dp, verbose, 1);
1412 } else
1413 return (dp + (NFSX_V3FATTR / sizeof (uint32_t)));
1414 trunc:
1415 return (NULL);
1416 }
1417
1418 static const uint32_t *
1419 parse_wcc_data(netdissect_options *ndo,
1420 const uint32_t *dp, int verbose)
1421 {
1422 if (verbose > 1)
1423 ND_PRINT(" PRE:");
1424 dp = parse_pre_op_attr(ndo, dp, verbose);
1425 if (dp == NULL)
1426 return (0);
1427
1428 if (verbose)
1429 ND_PRINT(" POST:");
1430 return parse_post_op_attr(ndo, dp, verbose);
1431 }
1432
1433 static const uint32_t *
1434 parsecreateopres(netdissect_options *ndo,
1435 const uint32_t *dp, int verbose, int *nfserrp)
1436 {
1437 u_int er;
1438
1439 dp = parsestatus(ndo, dp, &er, nfserrp);
1440 if (dp == NULL)
1441 return (0);
1442 if (er)
1443 dp = parse_wcc_data(ndo, dp, verbose);
1444 else {
1445 ND_TCHECK_4(dp);
1446 if (!EXTRACT_BE_U_4(dp))
1447 return (dp + 1);
1448 dp++;
1449 dp = parsefh(ndo, dp, 1);
1450 if (dp == NULL)
1451 return (0);
1452 if (verbose) {
1453 dp = parse_post_op_attr(ndo, dp, verbose);
1454 if (dp == NULL)
1455 return (0);
1456 if (ndo->ndo_vflag > 1) {
1457 ND_PRINT(" dir attr:");
1458 dp = parse_wcc_data(ndo, dp, verbose);
1459 }
1460 }
1461 }
1462 return (dp);
1463 trunc:
1464 return (NULL);
1465 }
1466
1467 static const uint32_t *
1468 parsewccres(netdissect_options *ndo,
1469 const uint32_t *dp, int verbose, int *nfserrp)
1470 {
1471 u_int er;
1472
1473 dp = parsestatus(ndo, dp, &er, nfserrp);
1474 if (dp == NULL)
1475 return (0);
1476 return parse_wcc_data(ndo, dp, verbose);
1477 }
1478
1479 static const uint32_t *
1480 parsev3rddirres(netdissect_options *ndo,
1481 const uint32_t *dp, int verbose, int *nfserrp)
1482 {
1483 u_int er;
1484
1485 dp = parsestatus(ndo, dp, &er, nfserrp);
1486 if (dp == NULL)
1487 return (0);
1488 if (ndo->ndo_vflag)
1489 ND_PRINT(" POST:");
1490 dp = parse_post_op_attr(ndo, dp, verbose);
1491 if (dp == NULL)
1492 return (0);
1493 if (er)
1494 return dp;
1495 if (ndo->ndo_vflag) {
1496 ND_TCHECK_4(dp + 1);
1497 /*
1498 * This displays the 8 bytes of the verifier in order,
1499 * from the low-order byte to the high-order byte.
1500 */
1501 ND_PRINT(" verf %08x%08x",
1502 EXTRACT_BE_U_4(dp), EXTRACT_BE_U_4(dp + 1));
1503 dp += 2;
1504 }
1505 return dp;
1506 trunc:
1507 return (NULL);
1508 }
1509
1510 static int
1511 parsefsinfo(netdissect_options *ndo,
1512 const uint32_t *dp, int *nfserrp)
1513 {
1514 const struct nfsv3_fsinfo *sfp;
1515 u_int er;
1516
1517 dp = parsestatus(ndo, dp, &er, nfserrp);
1518 if (dp == NULL)
1519 return (0);
1520 if (ndo->ndo_vflag)
1521 ND_PRINT(" POST:");
1522 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1523 if (dp == NULL)
1524 return (0);
1525 if (er)
1526 return (1);
1527
1528 sfp = (const struct nfsv3_fsinfo *)dp;
1529 ND_TCHECK_SIZE(sfp);
1530 ND_PRINT(" rtmax %u rtpref %u wtmax %u wtpref %u dtpref %u",
1531 EXTRACT_BE_U_4(sfp->fs_rtmax),
1532 EXTRACT_BE_U_4(sfp->fs_rtpref),
1533 EXTRACT_BE_U_4(sfp->fs_wtmax),
1534 EXTRACT_BE_U_4(sfp->fs_wtpref),
1535 EXTRACT_BE_U_4(sfp->fs_dtpref));
1536 if (ndo->ndo_vflag) {
1537 ND_PRINT(" rtmult %u wtmult %u maxfsz %" PRIu64,
1538 EXTRACT_BE_U_4(sfp->fs_rtmult),
1539 EXTRACT_BE_U_4(sfp->fs_wtmult),
1540 EXTRACT_BE_U_8(sfp->fs_maxfilesize));
1541 ND_PRINT(" delta %u.%06u ",
1542 EXTRACT_BE_U_4(sfp->fs_timedelta.nfsv3_sec),
1543 EXTRACT_BE_U_4(sfp->fs_timedelta.nfsv3_nsec));
1544 }
1545 return (1);
1546 trunc:
1547 return (0);
1548 }
1549
1550 static int
1551 parsepathconf(netdissect_options *ndo,
1552 const uint32_t *dp, int *nfserrp)
1553 {
1554 u_int er;
1555 const struct nfsv3_pathconf *spp;
1556
1557 dp = parsestatus(ndo, dp, &er, nfserrp);
1558 if (dp == NULL)
1559 return (0);
1560 if (ndo->ndo_vflag)
1561 ND_PRINT(" POST:");
1562 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1563 if (dp == NULL)
1564 return (0);
1565 if (er)
1566 return (1);
1567
1568 spp = (const struct nfsv3_pathconf *)dp;
1569 ND_TCHECK_SIZE(spp);
1570
1571 ND_PRINT(" linkmax %u namemax %u %s %s %s %s",
1572 EXTRACT_BE_U_4(spp->pc_linkmax),
1573 EXTRACT_BE_U_4(spp->pc_namemax),
1574 EXTRACT_BE_U_4(spp->pc_notrunc) ? "notrunc" : "",
1575 EXTRACT_BE_U_4(spp->pc_chownrestricted) ? "chownres" : "",
1576 EXTRACT_BE_U_4(spp->pc_caseinsensitive) ? "igncase" : "",
1577 EXTRACT_BE_U_4(spp->pc_casepreserving) ? "keepcase" : "");
1578 return (1);
1579 trunc:
1580 return (0);
1581 }
1582
1583 static void
1584 interp_reply(netdissect_options *ndo,
1585 const struct sunrpc_msg *rp, uint32_t proc, uint32_t vers,
1586 int length)
1587 {
1588 const uint32_t *dp;
1589 int v3;
1590 u_int er;
1591 int nfserr = 0;
1592
1593 v3 = (vers == NFS_VER3);
1594
1595 if (!v3 && proc < NFS_NPROCS)
1596 proc = nfsv3_procid[proc];
1597
1598 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
1599 switch (proc) {
1600
1601 case NFSPROC_GETATTR:
1602 dp = parserep(ndo, rp, length, &nfserr);
1603 if (dp == NULL)
1604 goto trunc;
1605 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, v3, &nfserr) == 0)
1606 goto trunc;
1607 break;
1608
1609 case NFSPROC_SETATTR:
1610 dp = parserep(ndo, rp, length, &nfserr);
1611 if (dp == NULL)
1612 goto trunc;
1613 if (v3) {
1614 if (parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr) == 0)
1615 goto trunc;
1616 } else {
1617 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, 0, &nfserr) == 0)
1618 goto trunc;
1619 }
1620 break;
1621
1622 case NFSPROC_LOOKUP:
1623 dp = parserep(ndo, rp, length, &nfserr);
1624 if (dp == NULL)
1625 goto trunc;
1626 if (v3) {
1627 dp = parsestatus(ndo, dp, &er, &nfserr);
1628 if (dp == NULL)
1629 goto trunc;
1630 if (er) {
1631 if (ndo->ndo_vflag > 1) {
1632 ND_PRINT(" post dattr:");
1633 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1634 if (dp == NULL)
1635 goto trunc;
1636 }
1637 } else {
1638 dp = parsefh(ndo, dp, v3);
1639 if (dp == NULL)
1640 goto trunc;
1641 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1642 if (dp == NULL)
1643 goto trunc;
1644 if (ndo->ndo_vflag > 1) {
1645 ND_PRINT(" post dattr:");
1646 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1647 if (dp == NULL)
1648 goto trunc;
1649 }
1650 }
1651 } else {
1652 if (parsediropres(ndo, dp, &nfserr) == 0)
1653 goto trunc;
1654 }
1655 break;
1656
1657 case NFSPROC_ACCESS:
1658 dp = parserep(ndo, rp, length, &nfserr);
1659 if (dp == NULL)
1660 goto trunc;
1661 dp = parsestatus(ndo, dp, &er, &nfserr);
1662 if (dp == NULL)
1663 goto trunc;
1664 if (ndo->ndo_vflag)
1665 ND_PRINT(" attr:");
1666 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1667 if (dp == NULL)
1668 goto trunc;
1669 if (!er) {
1670 ND_TCHECK_4(dp);
1671 ND_PRINT(" c %04x", EXTRACT_BE_U_4(dp));
1672 }
1673 break;
1674
1675 case NFSPROC_READLINK:
1676 dp = parserep(ndo, rp, length, &nfserr);
1677 if (dp == NULL)
1678 goto trunc;
1679 if (parselinkres(ndo, dp, v3, &nfserr) == 0)
1680 goto trunc;
1681 break;
1682
1683 case NFSPROC_READ:
1684 dp = parserep(ndo, rp, length, &nfserr);
1685 if (dp == NULL)
1686 goto trunc;
1687 if (v3) {
1688 dp = parsestatus(ndo, dp, &er, &nfserr);
1689 if (dp == NULL)
1690 goto trunc;
1691 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1692 if (dp == NULL)
1693 goto trunc;
1694 if (!er) {
1695 if (ndo->ndo_vflag) {
1696 ND_TCHECK_4(dp + 1);
1697 ND_PRINT(" %u bytes", EXTRACT_BE_U_4(dp));
1698 if (EXTRACT_BE_U_4(dp + 1))
1699 ND_PRINT(" EOF");
1700 }
1701 }
1702 } else {
1703 if (parseattrstat(ndo, dp, ndo->ndo_vflag, 0, &nfserr) == 0)
1704 goto trunc;
1705 }
1706 break;
1707
1708 case NFSPROC_WRITE:
1709 dp = parserep(ndo, rp, length, &nfserr);
1710 if (dp == NULL)
1711 goto trunc;
1712 if (v3) {
1713 dp = parsestatus(ndo, dp, &er, &nfserr);
1714 if (dp == NULL)
1715 goto trunc;
1716 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1717 if (dp == NULL)
1718 goto trunc;
1719 if (!er) {
1720 if (ndo->ndo_vflag) {
1721 ND_TCHECK_4(dp);
1722 ND_PRINT(" %u bytes", EXTRACT_BE_U_4(dp));
1723 if (ndo->ndo_vflag > 1) {
1724 ND_TCHECK_4(dp + 1);
1725 ND_PRINT(" <%s>",
1726 tok2str(nfsv3_writemodes,
1727 NULL, EXTRACT_BE_U_4(dp + 1)));
1728
1729 /* write-verf-cookie */
1730 ND_TCHECK_8(dp + 2);
1731 ND_PRINT(" verf %" PRIx64, EXTRACT_BE_U_8(dp + 2));
1732 }
1733 }
1734 }
1735 return;
1736 } else {
1737 if (parseattrstat(ndo, dp, ndo->ndo_vflag, v3, &nfserr) == 0)
1738 goto trunc;
1739 }
1740 break;
1741
1742 case NFSPROC_CREATE:
1743 case NFSPROC_MKDIR:
1744 dp = parserep(ndo, rp, length, &nfserr);
1745 if (dp == NULL)
1746 goto trunc;
1747 if (v3) {
1748 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1749 goto trunc;
1750 } else {
1751 if (parsediropres(ndo, dp, &nfserr) == 0)
1752 goto trunc;
1753 }
1754 break;
1755
1756 case NFSPROC_SYMLINK:
1757 dp = parserep(ndo, rp, length, &nfserr);
1758 if (dp == NULL)
1759 goto trunc;
1760 if (v3) {
1761 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1762 goto trunc;
1763 } else {
1764 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1765 goto trunc;
1766 }
1767 break;
1768
1769 case NFSPROC_MKNOD:
1770 dp = parserep(ndo, rp, length, &nfserr);
1771 if (dp == NULL)
1772 goto trunc;
1773 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1774 goto trunc;
1775 break;
1776
1777 case NFSPROC_REMOVE:
1778 case NFSPROC_RMDIR:
1779 dp = parserep(ndo, rp, length, &nfserr);
1780 if (dp == NULL)
1781 goto trunc;
1782 if (v3) {
1783 if (parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1784 goto trunc;
1785 } else {
1786 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1787 goto trunc;
1788 }
1789 break;
1790
1791 case NFSPROC_RENAME:
1792 dp = parserep(ndo, rp, length, &nfserr);
1793 if (dp == NULL)
1794 goto trunc;
1795 if (v3) {
1796 dp = parsestatus(ndo, dp, &er, &nfserr);
1797 if (dp == NULL)
1798 goto trunc;
1799 if (ndo->ndo_vflag) {
1800 ND_PRINT(" from:");
1801 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1802 if (dp == NULL)
1803 goto trunc;
1804 ND_PRINT(" to:");
1805 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1806 if (dp == NULL)
1807 goto trunc;
1808 }
1809 } else {
1810 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1811 goto trunc;
1812 }
1813 break;
1814
1815 case NFSPROC_LINK:
1816 dp = parserep(ndo, rp, length, &nfserr);
1817 if (dp == NULL)
1818 goto trunc;
1819 if (v3) {
1820 dp = parsestatus(ndo, dp, &er, &nfserr);
1821 if (dp == NULL)
1822 goto trunc;
1823 if (ndo->ndo_vflag) {
1824 ND_PRINT(" file POST:");
1825 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1826 if (dp == NULL)
1827 goto trunc;
1828 ND_PRINT(" dir:");
1829 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1830 if (dp == NULL)
1831 goto trunc;
1832 }
1833 return;
1834 } else {
1835 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1836 goto trunc;
1837 }
1838 break;
1839
1840 case NFSPROC_READDIR:
1841 dp = parserep(ndo, rp, length, &nfserr);
1842 if (dp == NULL)
1843 goto trunc;
1844 if (v3) {
1845 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1846 goto trunc;
1847 } else {
1848 if (parserddires(ndo, dp, &nfserr) == 0)
1849 goto trunc;
1850 }
1851 break;
1852
1853 case NFSPROC_READDIRPLUS:
1854 dp = parserep(ndo, rp, length, &nfserr);
1855 if (dp == NULL)
1856 goto trunc;
1857 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1858 goto trunc;
1859 break;
1860
1861 case NFSPROC_FSSTAT:
1862 dp = parserep(ndo, rp, length, &nfserr);
1863 if (dp == NULL)
1864 goto trunc;
1865 if (parsestatfs(ndo, dp, v3, &nfserr) == 0)
1866 goto trunc;
1867 break;
1868
1869 case NFSPROC_FSINFO:
1870 dp = parserep(ndo, rp, length, &nfserr);
1871 if (dp == NULL)
1872 goto trunc;
1873 if (parsefsinfo(ndo, dp, &nfserr) == 0)
1874 goto trunc;
1875 break;
1876
1877 case NFSPROC_PATHCONF:
1878 dp = parserep(ndo, rp, length, &nfserr);
1879 if (dp == NULL)
1880 goto trunc;
1881 if (parsepathconf(ndo, dp, &nfserr) == 0)
1882 goto trunc;
1883 break;
1884
1885 case NFSPROC_COMMIT:
1886 dp = parserep(ndo, rp, length, &nfserr);
1887 if (dp == NULL)
1888 goto trunc;
1889 dp = parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr);
1890 if (dp == NULL)
1891 goto trunc;
1892 if (ndo->ndo_vflag > 1) {
1893 /* write-verf-cookie */
1894 ND_TCHECK_8(dp);
1895 ND_PRINT(" verf %" PRIx64, EXTRACT_BE_U_8(dp));
1896 }
1897 break;
1898
1899 default:
1900 break;
1901 }
1902 return;
1903
1904 trunc:
1905 if (!nfserr)
1906 nd_print_trunc(ndo);
1907 }
[mirror] the TCPdump network dissector