]> The Tcpdump Group git mirrors - tcpdump/blob - print-domain.c
projects / tcpdump / blob


b55d362da29399f3de4c377b43ba149858a4a41b
[tcpdump] / print-domain.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/tcpdump/print-domain.c,v 1.83 2003-04-04 00:18:54 fenner Exp $ (LBL)";
25 #endif
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <tcpdump-stdinc.h>
32
33 #include "nameser.h"
34
35 #include <stdio.h>
36 #include <string.h>
37
38 #include "interface.h"
39 #include "addrtoname.h"
40 #include "extract.h" /* must come after interface.h */
41
42 static const char *ns_ops[] = {
43 "", " inv_q", " stat", " op3", " notify", " update", " op6", " op7",
44 " op8", " updataA", " updateD", " updateDA",
45 " updateM", " updateMA", " zoneInit", " zoneRef",
46 };
47
48 static const char *ns_resp[] = {
49 "", " FormErr", " ServFail", " NXDomain",
50 " NotImp", " Refused", " YXDomain", " YXRRSet",
51 " NXRRSet", " NotAuth", " NotZone", " Resp11",
52 " Resp12", " Resp13", " Resp14", " NoChange",
53 };
54
55 /* skip over a domain name */
56 static const u_char *
57 ns_nskip(register const u_char *cp)
58 {
59 register u_char i;
60
61 if (!TTEST2(*cp, 1))
62 return (NULL);
63 i = *cp++;
64 while (i) {
65 if ((i & INDIR_MASK) == INDIR_MASK)
66 return (cp + 1);
67 if ((i & INDIR_MASK) == EDNS0_MASK) {
68 int bitlen, bytelen;
69
70 if ((i & ~INDIR_MASK) != EDNS0_ELT_BITLABEL)
71 return(NULL); /* unknown ELT */
72 if (!TTEST2(*cp, 1))
73 return (NULL);
74 if ((bitlen = *cp++) == 0)
75 bitlen = 256;
76 bytelen = (bitlen + 7) / 8;
77 cp += bytelen;
78 } else
79 cp += i;
80 if (!TTEST2(*cp, 1))
81 return (NULL);
82 i = *cp++;
83 }
84 return (cp);
85 }
86
87 /* print a <domain-name> */
88 static const u_char *
89 blabel_print(const u_char *cp)
90 {
91 int bitlen, slen, b;
92 int truncated = 0;
93 const u_char *bitp, *lim;
94 char tc;
95
96 if (!TTEST2(*cp, 1))
97 return(NULL);
98 if ((bitlen = *cp) == 0)
99 bitlen = 256;
100 slen = (bitlen + 3) / 4;
101 if ((lim = cp + 1 + slen) > snapend) {
102 truncated = 1;
103 lim = snapend;
104 }
105
106 /* print the bit string as a hex string */
107 printf("\\[x");
108 for (bitp = cp + 1, b = bitlen; bitp < lim && b > 7; b -= 8, bitp++)
109 printf("%02x", *bitp);
110 if (bitp == lim)
111 printf("...");
112 else if (b > 4) {
113 tc = *bitp++;
114 printf("%02x", tc & (0xff << (8 - b)));
115 } else if (b > 0) {
116 tc = *bitp++;
117 printf("%1x", ((tc >> 4) & 0x0f) & (0x0f << (4 - b)));
118 }
119 printf("/%d]", bitlen);
120
121 return(truncated ? NULL : lim);
122 }
123
124 static int
125 labellen(const u_char *cp)
126 {
127 register u_int i;
128
129 if (!TTEST2(*cp, 1))
130 return(-1);
131 i = *cp;
132 if ((i & INDIR_MASK) == EDNS0_MASK) {
133 int bitlen, elt;
134
135 if ((elt = (i & ~INDIR_MASK)) != EDNS0_ELT_BITLABEL)
136 return(-1);
137 if (!TTEST2(*(cp + 1), 1))
138 return(-1);
139 if ((bitlen = *(cp + 1)) == 0)
140 bitlen = 256;
141 return(((bitlen + 7) / 8) + 1);
142 } else
143 return(i);
144 }
145
146 static const u_char *
147 ns_nprint(register const u_char *cp, register const u_char *bp)
148 {
149 register u_int i, l;
150 register const u_char *rp = NULL;
151 register int compress = 0;
152 int chars_processed;
153 int elt;
154 int data_size = snapend - bp;
155
156 if ((l = labellen(cp)) == (u_int)-1)
157 return(NULL);
158 if (!TTEST2(*cp, 1))
159 return(NULL);
160 chars_processed = 1;
161 if (((i = *cp++) & INDIR_MASK) != INDIR_MASK) {
162 compress = 0;
163 rp = cp + l;
164 }
165
166 if (i != 0)
167 while (i && cp < snapend) {
168 if ((i & INDIR_MASK) == INDIR_MASK) {
169 if (!compress) {
170 rp = cp + 1;
171 compress = 1;
172 }
173 if (!TTEST2(*cp, 1))
174 return(NULL);
175 cp = bp + (((i << 8) | *cp) & 0x3fff);
176 if ((l = labellen(cp)) == (u_int)-1)
177 return(NULL);
178 if (!TTEST2(*cp, 1))
179 return(NULL);
180 i = *cp++;
181 chars_processed++;
182
183 /*
184 * If we've looked at every character in
185 * the message, this pointer will make
186 * us look at some character again,
187 * which means we're looping.
188 */
189 if (chars_processed >= data_size) {
190 printf("<LOOP>");
191 return (NULL);
192 }
193 continue;
194 }
195 if ((i & INDIR_MASK) == EDNS0_MASK) {
196 elt = (i & ~INDIR_MASK);
197 switch(elt) {
198 case EDNS0_ELT_BITLABEL:
199 if (blabel_print(cp) == NULL)
200 return (NULL);
201 break;
202 default:
203 /* unknown ELT */
204 printf("<ELT %d>", elt);
205 return(NULL);
206 }
207 } else {
208 if (fn_printn(cp, l, snapend))
209 return(NULL);
210 }
211
212 cp += l;
213 chars_processed += l;
214 putchar('.');
215 if ((l = labellen(cp)) == (u_int)-1)
216 return(NULL);
217 if (!TTEST2(*cp, 1))
218 return(NULL);
219 i = *cp++;
220 chars_processed++;
221 if (!compress)
222 rp += l + 1;
223 }
224 else
225 putchar('.');
226 return (rp);
227 }
228
229 /* print a <character-string> */
230 static const u_char *
231 ns_cprint(register const u_char *cp)
232 {
233 register u_int i;
234
235 if (!TTEST2(*cp, 1))
236 return (NULL);
237 i = *cp++;
238 if (fn_printn(cp, i, snapend))
239 return (NULL);
240 return (cp + i);
241 }
242
243 struct tok ns_type2str[] = {
244 { T_A, "A" },
245 { T_NS, "NS" },
246 { T_MD, "MD" },
247 { T_MF, "MF" },
248 { T_CNAME, "CNAME" },
249 { T_SOA, "SOA" },
250 { T_MB, "MB" },
251 { T_MG, "MG" },
252 { T_MR, "MR" },
253 { T_NULL, "NULL" },
254 { T_WKS, "WKS" },
255 { T_PTR, "PTR" },
256 { T_HINFO, "HINFO" },
257 { T_MINFO, "MINFO" },
258 { T_MX, "MX" },
259 { T_TXT, "TXT" },
260 { T_RP, "RP" },
261 { T_AFSDB, "AFSDB" },
262 { T_X25, "X25" },
263 { T_ISDN, "ISDN" },
264 { T_RT, "RT" },
265 { T_NSAP, "NSAP" },
266 { T_NSAP_PTR, "NSAP_PTR" },
267 { T_SIG, "SIG" },
268 { T_KEY, "KEY" },
269 { T_PX, "PX" },
270 { T_GPOS, "GPOS" },
271 { T_AAAA, "AAAA" },
272 { T_LOC, "LOC" },
273 { T_NXT, "NXT" },
274 { T_EID, "EID" },
275 { T_NIMLOC, "NIMLOC" },
276 { T_SRV, "SRV" },
277 { T_ATMA, "ATMA" },
278 { T_NAPTR, "NAPTR" },
279 { T_A6, "A6" },
280 { T_DNAME, "DNAME" },
281 { T_OPT, "OPT" },
282 { T_UINFO, "UINFO" },
283 { T_UID, "UID" },
284 { T_GID, "GID" },
285 { T_UNSPEC, "UNSPEC" },
286 { T_UNSPECA, "UNSPECA" },
287 { T_TKEY, "TKEY" },
288 { T_TSIG, "TSIG" },
289 { T_IXFR, "IXFR" },
290 { T_AXFR, "AXFR" },
291 { T_MAILB, "MAILB" },
292 { T_MAILA, "MAILA" },
293 { T_ANY, "ANY" },
294 { 0, NULL }
295 };
296
297 struct tok ns_class2str[] = {
298 { C_IN, "IN" }, /* Not used */
299 { C_CHAOS, "CHAOS" },
300 { C_HS, "HS" },
301 { C_ANY, "ANY" },
302 { 0, NULL }
303 };
304
305 /* print a query */
306 static const u_char *
307 ns_qprint(register const u_char *cp, register const u_char *bp)
308 {
309 register const u_char *np = cp;
310 register u_int i;
311
312 cp = ns_nskip(cp);
313
314 if (cp == NULL || !TTEST2(*cp, 4))
315 return(NULL);
316
317 /* print the qtype and qclass (if it's not IN) */
318 i = *cp++ << 8;
319 i |= *cp++;
320 printf(" %s", tok2str(ns_type2str, "Type%d", i));
321 i = *cp++ << 8;
322 i |= *cp++;
323 if (i != C_IN)
324 printf(" %s", tok2str(ns_class2str, "(Class %d)", i));
325
326 fputs("? ", stdout);
327 cp = ns_nprint(np, bp);
328 return(cp ? cp + 4 : NULL);
329 }
330
331 /* print a reply */
332 static const u_char *
333 ns_rprint(register const u_char *cp, register const u_char *bp)
334 {
335 register u_int class;
336 register u_short typ, len;
337 register const u_char *rp;
338
339 if (vflag) {
340 putchar(' ');
341 if ((cp = ns_nprint(cp, bp)) == NULL)
342 return NULL;
343 } else
344 cp = ns_nskip(cp);
345
346 if (cp == NULL || !TTEST2(*cp, 10))
347 return (snapend);
348
349 /* print the type/qtype and class (if it's not IN) */
350 typ = *cp++ << 8;
351 typ |= *cp++;
352 class = *cp++ << 8;
353 class |= *cp++;
354 if (class != C_IN && typ != T_OPT)
355 printf(" %s", tok2str(ns_class2str, "(Class %d)", class));
356
357 /* ignore ttl */
358 cp += 4;
359
360 len = *cp++ << 8;
361 len |= *cp++;
362
363 rp = cp + len;
364
365 printf(" %s", tok2str(ns_type2str, "Type%d", typ));
366 if (rp > snapend)
367 return(NULL);
368
369 switch (typ) {
370 case T_A:
371 if (!TTEST2(*cp, sizeof(struct in_addr)))
372 return(NULL);
373 printf(" %s", ipaddr_string(cp));
374 break;
375
376 case T_NS:
377 case T_CNAME:
378 case T_PTR:
379 #ifdef T_DNAME
380 case T_DNAME:
381 #endif
382 putchar(' ');
383 if (ns_nprint(cp, bp) == NULL)
384 return(NULL);
385 break;
386
387 case T_SOA:
388 if (!vflag)
389 break;
390 putchar(' ');
391 if ((cp = ns_nprint(cp, bp)) == NULL)
392 return(NULL);
393 putchar(' ');
394 if ((cp = ns_nprint(cp, bp)) == NULL)
395 return(NULL);
396 if (!TTEST2(*cp, 5 * 4))
397 return(NULL);
398 printf(" %u", EXTRACT_32BITS(cp));
399 cp += 4;
400 printf(" %u", EXTRACT_32BITS(cp));
401 cp += 4;
402 printf(" %u", EXTRACT_32BITS(cp));
403 cp += 4;
404 printf(" %u", EXTRACT_32BITS(cp));
405 cp += 4;
406 printf(" %u", EXTRACT_32BITS(cp));
407 cp += 4;
408 break;
409 case T_MX:
410 putchar(' ');
411 if (!TTEST2(*cp, 2))
412 return(NULL);
413 if (ns_nprint(cp + 2, bp) == NULL)
414 return(NULL);
415 printf(" %d", EXTRACT_16BITS(cp));
416 break;
417
418 case T_TXT:
419 putchar(' ');
420 (void)ns_cprint(cp);
421 break;
422
423 case T_SRV:
424 putchar(' ');
425 if (!TTEST2(*cp, 6))
426 return(NULL);
427 if (ns_nprint(cp + 6, bp) == NULL)
428 return(NULL);
429 printf(":%d %d %d", EXTRACT_16BITS(cp + 4),
430 EXTRACT_16BITS(cp), EXTRACT_16BITS(cp + 2));
431 break;
432
433 #ifdef INET6
434 case T_AAAA:
435 if (!TTEST2(*cp, sizeof(struct in6_addr)))
436 return(NULL);
437 printf(" %s", ip6addr_string(cp));
438 break;
439
440 case T_A6:
441 {
442 struct in6_addr a;
443 int pbit, pbyte;
444
445 if (!TTEST2(*cp, 1))
446 return(NULL);
447 pbit = *cp;
448 pbyte = (pbit & ~7) / 8;
449 if (pbit > 128) {
450 printf(" %u(bad plen)", pbit);
451 break;
452 } else if (pbit < 128) {
453 if (!TTEST2(*(cp + 1), sizeof(a) - pbyte))
454 return(NULL);
455 memset(&a, 0, sizeof(a));
456 memcpy(&a.s6_addr[pbyte], cp + 1, sizeof(a) - pbyte);
457 printf(" %u %s", pbit, ip6addr_string(&a));
458 }
459 if (pbit > 0) {
460 putchar(' ');
461 if (ns_nprint(cp + 1 + sizeof(a) - pbyte, bp) == NULL)
462 return(NULL);
463 }
464 break;
465 }
466 #endif /*INET6*/
467
468 case T_OPT:
469 printf(" UDPsize=%u", class);
470 break;
471
472 case T_UNSPECA: /* One long string */
473 if (!TTEST2(*cp, len))
474 return(NULL);
475 if (fn_printn(cp, len, snapend))
476 return(NULL);
477 break;
478
479 case T_TSIG:
480 {
481 if (cp + len > snapend)
482 return(NULL);
483 if (!vflag)
484 break;
485 putchar(' ');
486 if ((cp = ns_nprint(cp, bp)) == NULL)
487 return(NULL);
488 cp += 6;
489 if (!TTEST2(*cp, 2))
490 return(NULL);
491 printf(" fudge=%u", EXTRACT_16BITS(cp));
492 cp += 2;
493 if (!TTEST2(*cp, 2))
494 return(NULL);
495 printf(" maclen=%u", EXTRACT_16BITS(cp));
496 cp += 2 + EXTRACT_16BITS(cp);
497 if (!TTEST2(*cp, 2))
498 return(NULL);
499 printf(" origid=%u", EXTRACT_16BITS(cp));
500 cp += 2;
501 if (!TTEST2(*cp, 2))
502 return(NULL);
503 printf(" error=%u", EXTRACT_16BITS(cp));
504 cp += 2;
505 if (!TTEST2(*cp, 2))
506 return(NULL);
507 printf(" otherlen=%u", EXTRACT_16BITS(cp));
508 cp += 2;
509 }
510 }
511 return (rp); /* XXX This isn't always right */
512 }
513
514 void
515 ns_print(register const u_char *bp, u_int length)
516 {
517 register const HEADER *np;
518 register int qdcount, ancount, nscount, arcount;
519 register const u_char *cp;
520 u_int16_t b2;
521
522 np = (const HEADER *)bp;
523 TCHECK(*np);
524 /* get the byte-order right */
525 qdcount = EXTRACT_16BITS(&np->qdcount);
526 ancount = EXTRACT_16BITS(&np->ancount);
527 nscount = EXTRACT_16BITS(&np->nscount);
528 arcount = EXTRACT_16BITS(&np->arcount);
529
530 if (DNS_QR(np)) {
531 /* this is a response */
532 printf(" %d%s%s%s%s%s%s",
533 EXTRACT_16BITS(&np->id),
534 ns_ops[DNS_OPCODE(np)],
535 ns_resp[DNS_RCODE(np)],
536 DNS_AA(np)? "*" : "",
537 DNS_RA(np)? "" : "-",
538 DNS_TC(np)? "|" : "",
539 DNS_CD(np)? "%" : "");
540
541 if (qdcount != 1)
542 printf(" [%dq]", qdcount);
543 /* Print QUESTION section on -vv */
544 cp = (const u_char *)(np + 1);
545 while (qdcount--) {
546 if (qdcount < EXTRACT_16BITS(&np->qdcount) - 1)
547 putchar(',');
548 if (vflag > 1) {
549 fputs(" q:", stdout);
550 if ((cp = ns_qprint(cp, bp)) == NULL)
551 goto trunc;
552 } else {
553 if ((cp = ns_nskip(cp)) == NULL)
554 goto trunc;
555 cp += 4; /* skip QTYPE and QCLASS */
556 }
557 }
558 printf(" %d/%d/%d", ancount, nscount, arcount);
559 if (ancount--) {
560 if ((cp = ns_rprint(cp, bp)) == NULL)
561 goto trunc;
562 while (cp < snapend && ancount--) {
563 putchar(',');
564 if ((cp = ns_rprint(cp, bp)) == NULL)
565 goto trunc;
566 }
567 }
568 if (ancount > 0)
569 goto trunc;
570 /* Print NS and AR sections on -vv */
571 if (vflag > 1) {
572 if (cp < snapend && nscount--) {
573 fputs(" ns:", stdout);
574 if ((cp = ns_rprint(cp, bp)) == NULL)
575 goto trunc;
576 while (cp < snapend && nscount--) {
577 putchar(',');
578 if ((cp = ns_rprint(cp, bp)) == NULL)
579 goto trunc;
580 }
581 }
582 if (nscount > 0)
583 goto trunc;
584 if (cp < snapend && arcount--) {
585 fputs(" ar:", stdout);
586 if ((cp = ns_rprint(cp, bp)) == NULL)
587 goto trunc;
588 while (cp < snapend && arcount--) {
589 putchar(',');
590 if ((cp = ns_rprint(cp, bp)) == NULL)
591 goto trunc;
592 }
593 }
594 if (arcount > 0)
595 goto trunc;
596 }
597 }
598 else {
599 /* this is a request */
600 printf(" %d%s%s%s", EXTRACT_16BITS(&np->id), ns_ops[DNS_OPCODE(np)],
601 DNS_RD(np) ? "+" : "",
602 DNS_AD(np) ? "$" : "");
603
604 /* any weirdness? */
605 b2 = EXTRACT_16BITS(((u_short *)np)+1);
606 if (b2 & 0x6cf)
607 printf(" [b2&3=0x%x]", b2);
608
609 if (DNS_OPCODE(np) == IQUERY) {
610 if (qdcount)
611 printf(" [%dq]", qdcount);
612 if (ancount != 1)
613 printf(" [%da]", ancount);
614 }
615 else {
616 if (ancount)
617 printf(" [%da]", ancount);
618 if (qdcount != 1)
619 printf(" [%dq]", qdcount);
620 }
621 if (nscount)
622 printf(" [%dn]", nscount);
623 if (arcount)
624 printf(" [%dau]", arcount);
625
626 cp = (const u_char *)(np + 1);
627 if (qdcount--) {
628 cp = ns_qprint(cp, (const u_char *)np);
629 if (!cp)
630 goto trunc;
631 while (cp < snapend && qdcount--) {
632 cp = ns_qprint((const u_char *)cp,
633 (const u_char *)np);
634 if (!cp)
635 goto trunc;
636 }
637 }
638 if (qdcount > 0)
639 goto trunc;
640
641 /* Print remaining sections on -vv */
642 if (vflag > 1) {
643 if (ancount--) {
644 if ((cp = ns_rprint(cp, bp)) == NULL)
645 goto trunc;
646 while (cp < snapend && ancount--) {
647 putchar(',');
648 if ((cp = ns_rprint(cp, bp)) == NULL)
649 goto trunc;
650 }
651 }
652 if (ancount > 0)
653 goto trunc;
654 if (cp < snapend && nscount--) {
655 fputs(" ns:", stdout);
656 if ((cp = ns_rprint(cp, bp)) == NULL)
657 goto trunc;
658 while (nscount-- && cp < snapend) {
659 putchar(',');
660 if ((cp = ns_rprint(cp, bp)) == NULL)
661 goto trunc;
662 }
663 }
664 if (nscount > 0)
665 goto trunc;
666 if (cp < snapend && arcount--) {
667 fputs(" ar:", stdout);
668 if ((cp = ns_rprint(cp, bp)) == NULL)
669 goto trunc;
670 while (cp < snapend && arcount--) {
671 putchar(',');
672 if ((cp = ns_rprint(cp, bp)) == NULL)
673 goto trunc;
674 }
675 }
676 if (arcount > 0)
677 goto trunc;
678 }
679 }
680 printf(" (%d)", length);
681 return;
682
683 trunc:
684 printf("[|domain]");
685 return;
686 }
[mirror] the TCPdump network dissector