]> The Tcpdump Group git mirrors - tcpdump/blob - print-domain.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Handle (GRE-encapsulated) PPTP
[tcpdump] / print-domain.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/tcpdump/print-domain.c,v 1.69 2001-02-03 05:04:33 itojun Exp $ (LBL)";
25 #endif
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <sys/param.h>
32 #include <sys/time.h>
33
34 #include <netinet/in.h>
35
36 #ifdef NOERROR
37 #undef NOERROR /* Solaris sucks */
38 #endif
39 #ifdef NOERROR
40 #undef T_UNSPEC /* SINIX does too */
41 #endif
42 #include "nameser.h"
43
44 #include <stdio.h>
45 #include <string.h>
46
47 #include "interface.h"
48 #include "addrtoname.h"
49 #include "extract.h" /* must come after interface.h */
50
51 static char *ns_ops[] = {
52 "", " inv_q", " stat", " op3", " notify", " op5", " op6", " op7",
53 " op8", " updataA", " updateD", " updateDA",
54 " updateM", " updateMA", " zoneInit", " zoneRef",
55 };
56
57 static char *ns_resp[] = {
58 "", " FormErr", " ServFail", " NXDomain",
59 " NotImp", " Refused", " Resp6", " Resp7",
60 " Resp8", " Resp9", " Resp10", " Resp11",
61 " Resp12", " Resp13", " Resp14", " NoChange",
62 };
63
64 /* skip over a domain name */
65 static const u_char *
66 ns_nskip(register const u_char *cp, register const u_char *bp)
67 {
68 register u_char i;
69
70 if (((i = *cp++) & INDIR_MASK) == INDIR_MASK)
71 return (cp + 1);
72 if (cp >= snapend)
73 return(NULL);
74 while (i && cp < snapend) {
75 if ((i & INDIR_MASK) == EDNS0_MASK) {
76 int bitlen, bytelen;
77
78 if ((i & ~INDIR_MASK) != EDNS0_ELT_BITLABEL)
79 return(NULL); /* unknown ELT */
80 if ((bitlen = *cp++) == 0)
81 bitlen = 256;
82 bytelen = (bitlen + 7) / 8;
83 cp += bytelen;
84 } else
85 cp += i;
86 if (cp >= snapend)
87 return(NULL);
88 i = *cp++;
89 }
90 return (cp);
91 }
92
93 /* print a <domain-name> */
94 static const u_char *
95 blabel_print(const u_char *cp)
96 {
97 int bitlen, slen, b;
98 int truncated = 0;
99 const u_char *bitp, *lim;
100 char tc;
101
102 if (cp >= snapend)
103 return(NULL);
104 if ((bitlen = *cp) == 0)
105 bitlen = 256;
106 slen = (bitlen + 3) / 4;
107 if ((lim = cp + 1 + slen) > snapend) {
108 truncated = 1;
109 lim = snapend;
110 }
111
112 /* print the bit string as a hex string */
113 printf("\\[x");
114 for (bitp = cp + 1, b = bitlen; bitp < lim && b > 7; b -= 8, bitp++)
115 printf("%02x", *bitp);
116 if (bitp == lim)
117 printf("...");
118 else if (b > 4) {
119 tc = *bitp++;
120 printf("%02x", tc & (0xff << (8 - b)));
121 } else if (b > 0) {
122 tc = *bitp++;
123 printf("%1x", ((tc >> 4) & 0x0f) & (0x0f << (4 - b)));
124 }
125 printf("/%d]", bitlen);
126
127 return(truncated ? NULL : lim);
128 }
129
130 static int
131 labellen(const u_char *cp)
132 {
133 register u_int i;
134
135 if (cp >= snapend)
136 return(-1);
137 i = *cp;
138 if ((i & INDIR_MASK) == EDNS0_MASK) {
139 int bitlen, elt;
140
141 if ((elt = (i & ~INDIR_MASK)) != EDNS0_ELT_BITLABEL)
142 return(-1);
143 if (cp + 1 >= snapend)
144 return(-1);
145 if ((bitlen = *(cp + 1)) == 0)
146 bitlen = 256;
147 return(((bitlen + 7) / 8) + 1);
148 } else
149 return(i);
150 }
151
152 static const u_char *
153 ns_nprint(register const u_char *cp, register const u_char *bp)
154 {
155 register u_int i, l;
156 register const u_char *rp = NULL;
157 register int compress = 0;
158 int chars_processed;
159 int elt;
160 int data_size = snapend - bp;
161
162 if ((l = labellen(cp)) < 0)
163 return(NULL);
164 if (cp >= snapend)
165 return(NULL);
166 chars_processed = 1;
167 if (((i = *cp++) & INDIR_MASK) != INDIR_MASK) {
168 compress = 0;
169 rp = cp + l;
170 }
171
172 if (i != 0)
173 while (i && cp < snapend) {
174 if ((i & INDIR_MASK) == INDIR_MASK) {
175 if (!compress) {
176 rp = cp + 1;
177 compress = 1;
178 }
179 cp = bp + (((i << 8) | *cp) & 0x3fff);
180 if (cp >= snapend)
181 return(NULL);
182 if ((l = labellen(cp)) < 0)
183 return(NULL);
184 i = *cp++;
185 chars_processed++;
186
187 /*
188 * If we've looked at every character in
189 * the message, this pointer will make
190 * us look at some character again,
191 * which means we're looping.
192 */
193 if (chars_processed >= data_size) {
194 printf("<LOOP>");
195 return (NULL);
196 }
197 continue;
198 }
199 if ((i & INDIR_MASK) == EDNS0_MASK) {
200 elt = (i & ~INDIR_MASK);
201 switch(elt) {
202 case EDNS0_ELT_BITLABEL:
203 blabel_print(cp);
204 break;
205 default:
206 /* unknown ELT */
207 printf("<ELT %d>", elt);
208 return(NULL);
209 }
210 } else {
211 if (fn_printn(cp, l, snapend))
212 break;
213 }
214
215 cp += l;
216 chars_processed += l;
217 putchar('.');
218 if (cp >= snapend || (l = labellen(cp)) < 0)
219 return(NULL);
220 i = *cp++;
221 chars_processed++;
222 if (!compress)
223 rp += l + 1;
224 }
225 else
226 putchar('.');
227 return (rp);
228 }
229
230 /* print a <character-string> */
231 static const u_char *
232 ns_cprint(register const u_char *cp, register const u_char *bp)
233 {
234 register u_int i;
235
236 if (cp >= snapend)
237 return NULL;
238 i = *cp++;
239 (void)fn_printn(cp, i, snapend);
240 return (cp + i);
241 }
242
243 struct tok ns_type2str[] = {
244 { T_A, "A" },
245 { T_NS, "NS" },
246 { T_MD, "MD" },
247 { T_MF, "MF" },
248 { T_CNAME, "CNAME" },
249 { T_SOA, "SOA" },
250 { T_MB, "MB" },
251 { T_MG, "MG" },
252 { T_MR, "MR" },
253 { T_NULL, "NULL" },
254 { T_WKS, "WKS" },
255 { T_PTR, "PTR" },
256 { T_HINFO, "HINFO" },
257 { T_MINFO, "MINFO" },
258 { T_MX, "MX" },
259 { T_TXT, "TXT" },
260 { T_RP, "RP" },
261 { T_AFSDB, "AFSDB" },
262 { T_X25, "X25" },
263 { T_ISDN, "ISDN" },
264 { T_RT, "RT" },
265 { T_NSAP, "NSAP" },
266 { T_NSAP_PTR, "NSAP_PTR" },
267 { T_SIG, "SIG" },
268 { T_KEY, "KEY" },
269 { T_PX, "PX" },
270 { T_GPOS, "GPOS" },
271 { T_AAAA, "AAAA" },
272 { T_LOC, "LOC" },
273 { T_NXT, "NXT" },
274 { T_EID, "EID" },
275 { T_NIMLOC, "NIMLOC" },
276 { T_SRV, "SRV" },
277 { T_ATMA, "ATMA" },
278 { T_NAPTR, "NAPTR" },
279 { T_A6, "A6" },
280 { T_DNAME, "DNAME" },
281 { T_OPT, "OPT" },
282 { T_UINFO, "UINFO" },
283 { T_UID, "UID" },
284 { T_GID, "GID" },
285 { T_UNSPEC, "UNSPEC" },
286 { T_UNSPECA, "UNSPECA" },
287 { T_AXFR, "AXFR" },
288 { T_MAILB, "MAILB" },
289 { T_MAILA, "MAILA" },
290 { T_ANY, "ANY" },
291 { 0, NULL }
292 };
293
294 struct tok ns_class2str[] = {
295 { C_IN, "IN" }, /* Not used */
296 { C_CHAOS, "CHAOS" },
297 { C_HS, "HS" },
298 { C_ANY, "ANY" },
299 { 0, NULL }
300 };
301
302 /* print a query */
303 static const u_char *
304 ns_qprint(register const u_char *cp, register const u_char *bp)
305 {
306 register const u_char *np = cp;
307 register u_int i;
308
309 cp = ns_nskip(cp, bp);
310
311 if (cp + 4 > snapend || cp == NULL)
312 return(NULL);
313
314 /* print the qtype and qclass (if it's not IN) */
315 i = *cp++ << 8;
316 i |= *cp++;
317 printf(" %s", tok2str(ns_type2str, "Type%d", i));
318 i = *cp++ << 8;
319 i |= *cp++;
320 if (i != C_IN)
321 printf(" %s", tok2str(ns_class2str, "(Class %d)", i));
322
323 fputs("? ", stdout);
324 cp = ns_nprint(np, bp);
325 return(cp ? cp + 4 : NULL);
326 }
327
328 /* print a reply */
329 static const u_char *
330 ns_rprint(register const u_char *cp, register const u_char *bp)
331 {
332 register u_int class;
333 register u_short typ, len;
334 register const u_char *rp;
335
336 if (vflag) {
337 putchar(' ');
338 if ((cp = ns_nprint(cp, bp)) == NULL)
339 return NULL;
340 } else
341 cp = ns_nskip(cp, bp);
342
343 if (cp + 10 > snapend || cp == NULL)
344 return (snapend);
345
346 /* print the type/qtype and class (if it's not IN) */
347 typ = *cp++ << 8;
348 typ |= *cp++;
349 class = *cp++ << 8;
350 class |= *cp++;
351 if (class != C_IN && typ != T_OPT)
352 printf(" %s", tok2str(ns_class2str, "(Class %d)", class));
353
354 /* ignore ttl */
355 cp += 4;
356
357 len = *cp++ << 8;
358 len |= *cp++;
359
360 rp = cp + len;
361
362 printf(" %s", tok2str(ns_type2str, "Type%d", typ));
363 if (rp > snapend)
364 return(NULL);
365
366 switch (typ) {
367 case T_A:
368 if (cp + sizeof(struct in_addr) > snapend)
369 return(NULL);
370 printf(" %s", ipaddr_string(cp));
371 break;
372
373 case T_NS:
374 case T_CNAME:
375 case T_PTR:
376 #ifdef T_DNAME
377 case T_DNAME:
378 #endif
379 putchar(' ');
380 if (ns_nprint(cp, bp) == NULL)
381 return(NULL);
382 break;
383
384 case T_SOA:
385 if (!vflag)
386 break;
387 putchar(' ');
388 if ((cp = ns_nprint(cp, bp)) == NULL)
389 return(NULL);
390 putchar(' ');
391 if ((cp = ns_nprint(cp, bp)) == NULL)
392 return(NULL);
393 if (cp + 5 * 4 > snapend)
394 return(NULL);
395 printf(" %u", EXTRACT_32BITS(cp));
396 cp += 4;
397 printf(" %u", EXTRACT_32BITS(cp));
398 cp += 4;
399 printf(" %u", EXTRACT_32BITS(cp));
400 cp += 4;
401 printf(" %u", EXTRACT_32BITS(cp));
402 cp += 4;
403 printf(" %u", EXTRACT_32BITS(cp));
404 cp += 4;
405 break;
406 case T_MX:
407 putchar(' ');
408 if (cp + 2 > snapend)
409 return(NULL);
410 if (ns_nprint(cp + 2, bp) == NULL)
411 return(NULL);
412 printf(" %d", EXTRACT_16BITS(cp));
413 break;
414
415 case T_TXT:
416 putchar(' ');
417 (void)ns_cprint(cp, bp);
418 break;
419
420 #ifdef INET6
421 case T_AAAA:
422 if (cp + sizeof(struct in6_addr) > snapend)
423 return(NULL);
424 printf(" %s", ip6addr_string(cp));
425 break;
426
427 case T_A6:
428 {
429 struct in6_addr a;
430 int pbit, pbyte;
431
432 pbit = *cp;
433 pbyte = (pbit & ~7) / 8;
434 if (pbit > 128) {
435 printf(" %u(bad plen)", pbit);
436 break;
437 } else if (pbit < 128) {
438 memset(&a, 0, sizeof(a));
439 memcpy(&a.s6_addr[pbyte], cp + 1, sizeof(a) - pbyte);
440 printf(" %u %s", pbit, ip6addr_string(&a));
441 }
442 if (pbit > 0) {
443 putchar(' ');
444 if (ns_nprint(cp + 1 + sizeof(a) - pbyte, bp) == NULL)
445 return(NULL);
446 }
447 break;
448 }
449 #endif /*INET6*/
450
451 case T_OPT:
452 printf(" UDPsize=%u", class);
453 break;
454
455 case T_UNSPECA: /* One long string */
456 if (cp + len > snapend)
457 return(NULL);
458 fn_printn(cp, len, snapend);
459 break;
460 }
461 return (rp); /* XXX This isn't always right */
462 }
463
464 void
465 ns_print(register const u_char *bp, u_int length)
466 {
467 register const HEADER *np;
468 register int qdcount, ancount, nscount, arcount;
469 register const u_char *cp = NULL;
470
471 np = (const HEADER *)bp;
472 /* get the byte-order right */
473 qdcount = ntohs(np->qdcount);
474 ancount = ntohs(np->ancount);
475 nscount = ntohs(np->nscount);
476 arcount = ntohs(np->arcount);
477
478 if (DNS_QR(np)) {
479 /* this is a response */
480 printf(" %d%s%s%s%s%s%s",
481 ntohs(np->id),
482 ns_ops[DNS_OPCODE(np)],
483 ns_resp[DNS_RCODE(np)],
484 DNS_AA(np)? "*" : "",
485 DNS_RA(np)? "" : "-",
486 DNS_TC(np)? "|" : "",
487 DNS_CD(np)? "%" : "");
488
489 if (qdcount != 1)
490 printf(" [%dq]", qdcount);
491 /* Print QUESTION section on -vv */
492 while (qdcount--) {
493 if (qdcount < ntohs(np->qdcount) - 1)
494 putchar(',');
495 if (vflag > 1) {
496 fputs(" q:", stdout);
497 if ((cp = ns_qprint((const u_char *)(np + 1), bp))
498 == NULL)
499 goto trunc;
500 } else {
501 if ((cp = ns_nskip((const u_char *)(np + 1), bp))
502 == NULL)
503 goto trunc;
504 cp += 4; /* skip QTYPE and QCLASS */
505 }
506 }
507 printf(" %d/%d/%d", ancount, nscount, arcount);
508 if (ancount--) {
509 if ((cp = ns_rprint(cp, bp)) == NULL)
510 goto trunc;
511 while (cp < snapend && ancount--) {
512 putchar(',');
513 if ((cp = ns_rprint(cp, bp)) == NULL)
514 goto trunc;
515 }
516 }
517 if (ancount > 0)
518 goto trunc;
519 /* Print NS and AR sections on -vv */
520 if (vflag > 1) {
521 if (cp < snapend && nscount--) {
522 fputs(" ns:", stdout);
523 if ((cp = ns_rprint(cp, bp)) == NULL)
524 goto trunc;
525 while (cp < snapend && nscount--) {
526 putchar(',');
527 if ((cp = ns_rprint(cp, bp)) == NULL)
528 goto trunc;
529 }
530 }
531 if (nscount > 0)
532 goto trunc;
533 if (cp < snapend && arcount--) {
534 fputs(" ar:", stdout);
535 if ((cp = ns_rprint(cp, bp)) == NULL)
536 goto trunc;
537 while (cp < snapend && arcount--) {
538 putchar(',');
539 if ((cp = ns_rprint(cp, bp)) == NULL)
540 goto trunc;
541 }
542 }
543 if (arcount > 0)
544 goto trunc;
545 }
546 }
547 else {
548 /* this is a request */
549 printf(" %d%s%s%s", ntohs(np->id), ns_ops[DNS_OPCODE(np)],
550 DNS_RD(np) ? "+" : "",
551 DNS_AD(np) ? "$" : "");
552
553 /* any weirdness? */
554 if (*(((u_short *)np)+1) & htons(0x6cf))
555 printf(" [b2&3=0x%x]", ntohs(*(((u_short *)np)+1)));
556
557 if (DNS_OPCODE(np) == IQUERY) {
558 if (qdcount)
559 printf(" [%dq]", qdcount);
560 if (ancount != 1)
561 printf(" [%da]", ancount);
562 }
563 else {
564 if (ancount)
565 printf(" [%da]", ancount);
566 if (qdcount != 1)
567 printf(" [%dq]", qdcount);
568 }
569 if (nscount)
570 printf(" [%dn]", nscount);
571 if (arcount)
572 printf(" [%dau]", arcount);
573
574 if (qdcount--) {
575 cp = ns_qprint((const u_char *)(np + 1),
576 (const u_char *)np);
577 if (!cp)
578 goto trunc;
579 while (cp < snapend && qdcount--) {
580 cp = ns_qprint((const u_char *)cp,
581 (const u_char *)np);
582 if (!cp)
583 goto trunc;
584 }
585 }
586 if (qdcount > 0)
587 goto trunc;
588
589 /* Print remaining sections on -vv */
590 if (vflag > 1) {
591 if (ancount--) {
592 if ((cp = ns_rprint(cp, bp)) == NULL)
593 goto trunc;
594 while (cp < snapend && ancount--) {
595 putchar(',');
596 if ((cp = ns_rprint(cp, bp)) == NULL)
597 goto trunc;
598 }
599 }
600 if (ancount > 0)
601 goto trunc;
602 if (cp < snapend && nscount--) {
603 fputs(" ns:", stdout);
604 if ((cp = ns_rprint(cp, bp)) == NULL)
605 goto trunc;
606 while (nscount-- && cp < snapend) {
607 putchar(',');
608 if ((cp = ns_rprint(cp, bp)) == NULL)
609 goto trunc;
610 }
611 }
612 if (nscount > 0)
613 goto trunc;
614 if (cp < snapend && arcount--) {
615 fputs(" ar:", stdout);
616 if ((cp = ns_rprint(cp, bp)) == NULL)
617 goto trunc;
618 while (cp < snapend && arcount--) {
619 putchar(',');
620 if ((cp = ns_rprint(cp, bp)) == NULL)
621 goto trunc;
622 }
623 }
624 if (arcount > 0)
625 goto trunc;
626 }
627 }
628 printf(" (%d)", length);
629 return;
630
631 trunc:
632 printf("[|domain]");
633 return;
634 }
[mirror] the TCPdump network dissector