]> The Tcpdump Group git mirrors - tcpdump/blob - print-nfs.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Cast dport and sport to u_int before shifting them.
[tcpdump] / print-nfs.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Network File System (NFS) printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "extract.h"
36
37 #include "nfs.h"
38 #include "nfsfh.h"
39
40 #include "ip.h"
41 #include "ip6.h"
42 #include "rpc_auth.h"
43 #include "rpc_msg.h"
44
45
46 static void nfs_printfh(netdissect_options *, const uint32_t *, const u_int);
47 static int xid_map_enter(netdissect_options *, const struct sunrpc_msg *, const u_char *);
48 static int xid_map_find(const struct sunrpc_msg *, const u_char *,
49 uint32_t *, uint32_t *);
50 static void interp_reply(netdissect_options *, const struct sunrpc_msg *, uint32_t, uint32_t, int);
51 static const uint32_t *parse_post_op_attr(netdissect_options *, const uint32_t *, int);
52
53 /*
54 * Mapping of old NFS Version 2 RPC numbers to generic numbers.
55 */
56 static uint32_t nfsv3_procid[NFS_NPROCS] = {
57 NFSPROC_NULL,
58 NFSPROC_GETATTR,
59 NFSPROC_SETATTR,
60 NFSPROC_NOOP,
61 NFSPROC_LOOKUP,
62 NFSPROC_READLINK,
63 NFSPROC_READ,
64 NFSPROC_NOOP,
65 NFSPROC_WRITE,
66 NFSPROC_CREATE,
67 NFSPROC_REMOVE,
68 NFSPROC_RENAME,
69 NFSPROC_LINK,
70 NFSPROC_SYMLINK,
71 NFSPROC_MKDIR,
72 NFSPROC_RMDIR,
73 NFSPROC_READDIR,
74 NFSPROC_FSSTAT,
75 NFSPROC_NOOP,
76 NFSPROC_NOOP,
77 NFSPROC_NOOP,
78 NFSPROC_NOOP,
79 NFSPROC_NOOP,
80 NFSPROC_NOOP,
81 NFSPROC_NOOP,
82 NFSPROC_NOOP
83 };
84
85 static const struct tok nfsproc_str[] = {
86 { NFSPROC_NOOP, "nop" },
87 { NFSPROC_NULL, "null" },
88 { NFSPROC_GETATTR, "getattr" },
89 { NFSPROC_SETATTR, "setattr" },
90 { NFSPROC_LOOKUP, "lookup" },
91 { NFSPROC_ACCESS, "access" },
92 { NFSPROC_READLINK, "readlink" },
93 { NFSPROC_READ, "read" },
94 { NFSPROC_WRITE, "write" },
95 { NFSPROC_CREATE, "create" },
96 { NFSPROC_MKDIR, "mkdir" },
97 { NFSPROC_SYMLINK, "symlink" },
98 { NFSPROC_MKNOD, "mknod" },
99 { NFSPROC_REMOVE, "remove" },
100 { NFSPROC_RMDIR, "rmdir" },
101 { NFSPROC_RENAME, "rename" },
102 { NFSPROC_LINK, "link" },
103 { NFSPROC_READDIR, "readdir" },
104 { NFSPROC_READDIRPLUS, "readdirplus" },
105 { NFSPROC_FSSTAT, "fsstat" },
106 { NFSPROC_FSINFO, "fsinfo" },
107 { NFSPROC_PATHCONF, "pathconf" },
108 { NFSPROC_COMMIT, "commit" },
109 { 0, NULL }
110 };
111
112 /*
113 * NFS V2 and V3 status values.
114 *
115 * Some of these come from the RFCs for NFS V2 and V3, with the message
116 * strings taken from the FreeBSD C library "errlst.c".
117 *
118 * Others are errors that are not in the RFC but that I suspect some
119 * NFS servers could return; the values are FreeBSD errno values, as
120 * the first NFS server was the SunOS 2.0 one, and until 5.0 SunOS
121 * was primarily BSD-derived.
122 */
123 static const struct tok status2str[] = {
124 { 1, "Operation not permitted" }, /* EPERM */
125 { 2, "No such file or directory" }, /* ENOENT */
126 { 5, "Input/output error" }, /* EIO */
127 { 6, "Device not configured" }, /* ENXIO */
128 { 11, "Resource deadlock avoided" }, /* EDEADLK */
129 { 12, "Cannot allocate memory" }, /* ENOMEM */
130 { 13, "Permission denied" }, /* EACCES */
131 { 17, "File exists" }, /* EEXIST */
132 { 18, "Cross-device link" }, /* EXDEV */
133 { 19, "Operation not supported by device" }, /* ENODEV */
134 { 20, "Not a directory" }, /* ENOTDIR */
135 { 21, "Is a directory" }, /* EISDIR */
136 { 22, "Invalid argument" }, /* EINVAL */
137 { 26, "Text file busy" }, /* ETXTBSY */
138 { 27, "File too large" }, /* EFBIG */
139 { 28, "No space left on device" }, /* ENOSPC */
140 { 30, "Read-only file system" }, /* EROFS */
141 { 31, "Too many links" }, /* EMLINK */
142 { 45, "Operation not supported" }, /* EOPNOTSUPP */
143 { 62, "Too many levels of symbolic links" }, /* ELOOP */
144 { 63, "File name too long" }, /* ENAMETOOLONG */
145 { 66, "Directory not empty" }, /* ENOTEMPTY */
146 { 69, "Disc quota exceeded" }, /* EDQUOT */
147 { 70, "Stale NFS file handle" }, /* ESTALE */
148 { 71, "Too many levels of remote in path" }, /* EREMOTE */
149 { 99, "Write cache flushed to disk" }, /* NFSERR_WFLUSH (not used) */
150 { 10001, "Illegal NFS file handle" }, /* NFS3ERR_BADHANDLE */
151 { 10002, "Update synchronization mismatch" }, /* NFS3ERR_NOT_SYNC */
152 { 10003, "READDIR/READDIRPLUS cookie is stale" }, /* NFS3ERR_BAD_COOKIE */
153 { 10004, "Operation not supported" }, /* NFS3ERR_NOTSUPP */
154 { 10005, "Buffer or request is too small" }, /* NFS3ERR_TOOSMALL */
155 { 10006, "Unspecified error on server" }, /* NFS3ERR_SERVERFAULT */
156 { 10007, "Object of that type not supported" }, /* NFS3ERR_BADTYPE */
157 { 10008, "Request couldn't be completed in time" }, /* NFS3ERR_JUKEBOX */
158 { 0, NULL }
159 };
160
161 static const struct tok nfsv3_writemodes[] = {
162 { 0, "unstable" },
163 { 1, "datasync" },
164 { 2, "filesync" },
165 { 0, NULL }
166 };
167
168 static const struct tok type2str[] = {
169 { NFNON, "NON" },
170 { NFREG, "REG" },
171 { NFDIR, "DIR" },
172 { NFBLK, "BLK" },
173 { NFCHR, "CHR" },
174 { NFLNK, "LNK" },
175 { NFFIFO, "FIFO" },
176 { 0, NULL }
177 };
178
179 static const struct tok sunrpc_auth_str[] = {
180 { SUNRPC_AUTH_OK, "OK" },
181 { SUNRPC_AUTH_BADCRED, "Bogus Credentials (seal broken)" },
182 { SUNRPC_AUTH_REJECTEDCRED, "Rejected Credentials (client should begin new session)" },
183 { SUNRPC_AUTH_BADVERF, "Bogus Verifier (seal broken)" },
184 { SUNRPC_AUTH_REJECTEDVERF, "Verifier expired or was replayed" },
185 { SUNRPC_AUTH_TOOWEAK, "Credentials are too weak" },
186 { SUNRPC_AUTH_INVALIDRESP, "Bogus response verifier" },
187 { SUNRPC_AUTH_FAILED, "Unknown failure" },
188 { 0, NULL }
189 };
190
191 static const struct tok sunrpc_str[] = {
192 { SUNRPC_PROG_UNAVAIL, "PROG_UNAVAIL" },
193 { SUNRPC_PROG_MISMATCH, "PROG_MISMATCH" },
194 { SUNRPC_PROC_UNAVAIL, "PROC_UNAVAIL" },
195 { SUNRPC_GARBAGE_ARGS, "GARBAGE_ARGS" },
196 { SUNRPC_SYSTEM_ERR, "SYSTEM_ERR" },
197 { 0, NULL }
198 };
199
200 static void
201 print_nfsaddr(netdissect_options *ndo,
202 const u_char *bp, const char *s, const char *d)
203 {
204 const struct ip *ip;
205 const struct ip6_hdr *ip6;
206 char srcaddr[INET6_ADDRSTRLEN], dstaddr[INET6_ADDRSTRLEN];
207
208 srcaddr[0] = dstaddr[0] = '\0';
209 switch (IP_V((const struct ip *)bp)) {
210 case 4:
211 ip = (const struct ip *)bp;
212 strlcpy(srcaddr, ipaddr_string(ndo, ip->ip_src), sizeof(srcaddr));
213 strlcpy(dstaddr, ipaddr_string(ndo, ip->ip_dst), sizeof(dstaddr));
214 break;
215 case 6:
216 ip6 = (const struct ip6_hdr *)bp;
217 strlcpy(srcaddr, ip6addr_string(ndo, ip6->ip6_src),
218 sizeof(srcaddr));
219 strlcpy(dstaddr, ip6addr_string(ndo, ip6->ip6_dst),
220 sizeof(dstaddr));
221 break;
222 default:
223 strlcpy(srcaddr, "?", sizeof(srcaddr));
224 strlcpy(dstaddr, "?", sizeof(dstaddr));
225 break;
226 }
227
228 ND_PRINT("%s.%s > %s.%s: ", srcaddr, s, dstaddr, d);
229 }
230
231 static const uint32_t *
232 parse_sattr3(netdissect_options *ndo,
233 const uint32_t *dp, struct nfsv3_sattr *sa3)
234 {
235 ND_TCHECK_4(dp);
236 sa3->sa_modeset = EXTRACT_BE_U_4(dp);
237 dp++;
238 if (sa3->sa_modeset) {
239 ND_TCHECK_4(dp);
240 sa3->sa_mode = EXTRACT_BE_U_4(dp);
241 dp++;
242 }
243
244 ND_TCHECK_4(dp);
245 sa3->sa_uidset = EXTRACT_BE_U_4(dp);
246 dp++;
247 if (sa3->sa_uidset) {
248 ND_TCHECK_4(dp);
249 sa3->sa_uid = EXTRACT_BE_U_4(dp);
250 dp++;
251 }
252
253 ND_TCHECK_4(dp);
254 sa3->sa_gidset = EXTRACT_BE_U_4(dp);
255 dp++;
256 if (sa3->sa_gidset) {
257 ND_TCHECK_4(dp);
258 sa3->sa_gid = EXTRACT_BE_U_4(dp);
259 dp++;
260 }
261
262 ND_TCHECK_4(dp);
263 sa3->sa_sizeset = EXTRACT_BE_U_4(dp);
264 dp++;
265 if (sa3->sa_sizeset) {
266 ND_TCHECK_4(dp);
267 sa3->sa_size = EXTRACT_BE_U_4(dp);
268 dp++;
269 }
270
271 ND_TCHECK_4(dp);
272 sa3->sa_atimetype = EXTRACT_BE_U_4(dp);
273 dp++;
274 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT) {
275 ND_TCHECK_4(dp + 1);
276 sa3->sa_atime.nfsv3_sec = EXTRACT_BE_U_4(dp);
277 dp++;
278 sa3->sa_atime.nfsv3_nsec = EXTRACT_BE_U_4(dp);
279 dp++;
280 }
281
282 ND_TCHECK_4(dp);
283 sa3->sa_mtimetype = EXTRACT_BE_U_4(dp);
284 dp++;
285 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT) {
286 ND_TCHECK_4(dp + 1);
287 sa3->sa_mtime.nfsv3_sec = EXTRACT_BE_U_4(dp);
288 dp++;
289 sa3->sa_mtime.nfsv3_nsec = EXTRACT_BE_U_4(dp);
290 dp++;
291 }
292
293 return dp;
294 trunc:
295 return NULL;
296 }
297
298 static int nfserr; /* true if we error rather than trunc */
299
300 static void
301 print_sattr3(netdissect_options *ndo,
302 const struct nfsv3_sattr *sa3, int verbose)
303 {
304 if (sa3->sa_modeset)
305 ND_PRINT(" mode %o", sa3->sa_mode);
306 if (sa3->sa_uidset)
307 ND_PRINT(" uid %u", sa3->sa_uid);
308 if (sa3->sa_gidset)
309 ND_PRINT(" gid %u", sa3->sa_gid);
310 if (verbose > 1) {
311 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT)
312 ND_PRINT(" atime %u.%06u", sa3->sa_atime.nfsv3_sec,
313 sa3->sa_atime.nfsv3_nsec);
314 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT)
315 ND_PRINT(" mtime %u.%06u", sa3->sa_mtime.nfsv3_sec,
316 sa3->sa_mtime.nfsv3_nsec);
317 }
318 }
319
320 void
321 nfsreply_print(netdissect_options *ndo,
322 const u_char *bp, u_int length,
323 const u_char *bp2)
324 {
325 const struct sunrpc_msg *rp;
326 char srcid[20], dstid[20]; /*fits 32bit*/
327
328 ndo->ndo_protocol = "nfs";
329 nfserr = 0; /* assume no error */
330 rp = (const struct sunrpc_msg *)bp;
331
332 ND_TCHECK_4(rp->rm_xid);
333 if (!ndo->ndo_nflag) {
334 strlcpy(srcid, "nfs", sizeof(srcid));
335 nd_snprintf(dstid, sizeof(dstid), "%u",
336 EXTRACT_BE_U_4(rp->rm_xid));
337 } else {
338 nd_snprintf(srcid, sizeof(srcid), "%u", NFS_PORT);
339 nd_snprintf(dstid, sizeof(dstid), "%u",
340 EXTRACT_BE_U_4(rp->rm_xid));
341 }
342 print_nfsaddr(ndo, bp2, srcid, dstid);
343
344 nfsreply_noaddr_print(ndo, bp, length, bp2);
345 return;
346
347 trunc:
348 if (!nfserr)
349 nd_print_trunc(ndo);
350 }
351
352 void
353 nfsreply_noaddr_print(netdissect_options *ndo,
354 const u_char *bp, u_int length,
355 const u_char *bp2)
356 {
357 const struct sunrpc_msg *rp;
358 uint32_t proc, vers, reply_stat;
359 enum sunrpc_reject_stat rstat;
360 uint32_t rlow;
361 uint32_t rhigh;
362 enum sunrpc_auth_stat rwhy;
363
364 ndo->ndo_protocol = "nfs";
365 nfserr = 0; /* assume no error */
366 rp = (const struct sunrpc_msg *)bp;
367
368 ND_TCHECK_4(rp->rm_reply.rp_stat);
369 reply_stat = EXTRACT_BE_U_4(&rp->rm_reply.rp_stat);
370 switch (reply_stat) {
371
372 case SUNRPC_MSG_ACCEPTED:
373 ND_PRINT("reply ok %u", length);
374 if (xid_map_find(rp, bp2, &proc, &vers) >= 0)
375 interp_reply(ndo, rp, proc, vers, length);
376 break;
377
378 case SUNRPC_MSG_DENIED:
379 ND_PRINT("reply ERR %u: ", length);
380 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_stat);
381 rstat = EXTRACT_BE_U_4(&rp->rm_reply.rp_reject.rj_stat);
382 switch (rstat) {
383
384 case SUNRPC_RPC_MISMATCH:
385 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_vers.high);
386 rlow = EXTRACT_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.low);
387 rhigh = EXTRACT_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.high);
388 ND_PRINT("RPC Version mismatch (%u-%u)", rlow, rhigh);
389 break;
390
391 case SUNRPC_AUTH_ERROR:
392 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_why);
393 rwhy = EXTRACT_BE_U_4(&rp->rm_reply.rp_reject.rj_why);
394 ND_PRINT("Auth %s", tok2str(sunrpc_auth_str, "Invalid failure code %u", rwhy));
395 break;
396
397 default:
398 ND_PRINT("Unknown reason for rejecting rpc message %u", (unsigned int)rstat);
399 break;
400 }
401 break;
402
403 default:
404 ND_PRINT("reply Unknown rpc response code=%u %u", reply_stat, length);
405 break;
406 }
407 return;
408
409 trunc:
410 if (!nfserr)
411 nd_print_trunc(ndo);
412 }
413
414 /*
415 * Return a pointer to the first file handle in the packet.
416 * If the packet was truncated, return 0.
417 */
418 static const uint32_t *
419 parsereq(netdissect_options *ndo,
420 const struct sunrpc_msg *rp, u_int length)
421 {
422 const uint32_t *dp;
423 u_int len;
424
425 /*
426 * find the start of the req data (if we captured it)
427 */
428 dp = (const uint32_t *)&rp->rm_call.cb_cred;
429 ND_TCHECK_4(dp + 1);
430 len = EXTRACT_BE_U_4(dp + 1);
431 if (len < length) {
432 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
433 ND_TCHECK_4(dp + 1);
434 len = EXTRACT_BE_U_4(dp + 1);
435 if (len < length) {
436 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
437 ND_TCHECK_LEN(dp, 0);
438 return (dp);
439 }
440 }
441 trunc:
442 return (NULL);
443 }
444
445 /*
446 * Print out an NFS file handle and return a pointer to following word.
447 * If packet was truncated, return 0.
448 */
449 static const uint32_t *
450 parsefh(netdissect_options *ndo,
451 const uint32_t *dp, int v3)
452 {
453 u_int len;
454
455 if (v3) {
456 ND_TCHECK_4(dp);
457 len = EXTRACT_BE_U_4(dp) / 4;
458 dp++;
459 } else
460 len = NFSX_V2FH / 4;
461
462 if (ND_TTEST_LEN(dp, len * sizeof(*dp))) {
463 nfs_printfh(ndo, dp, len);
464 return (dp + len);
465 }
466 trunc:
467 return (NULL);
468 }
469
470 /*
471 * Print out a file name and return pointer to 32-bit word past it.
472 * If packet was truncated, return 0.
473 */
474 static const uint32_t *
475 parsefn(netdissect_options *ndo,
476 const uint32_t *dp)
477 {
478 uint32_t len;
479 const u_char *cp;
480
481 /* Bail if we don't have the string length */
482 ND_TCHECK_4(dp);
483
484 /* Fetch big-endian string length */
485 len = EXTRACT_BE_U_4(dp);
486 dp++;
487
488 ND_TCHECK_LEN(dp, ((len + 3) & ~3));
489
490 cp = (const u_char *)dp;
491 /* Update 32-bit pointer (NFS filenames padded to 32-bit boundaries) */
492 dp += ((len + 3) & ~3) / sizeof(*dp);
493 ND_PRINT("\"");
494 if (nd_printn(ndo, cp, len, ndo->ndo_snapend)) {
495 ND_PRINT("\"");
496 goto trunc;
497 }
498 ND_PRINT("\"");
499
500 return (dp);
501 trunc:
502 return NULL;
503 }
504
505 /*
506 * Print out file handle and file name.
507 * Return pointer to 32-bit word past file name.
508 * If packet was truncated (or there was some other error), return 0.
509 */
510 static const uint32_t *
511 parsefhn(netdissect_options *ndo,
512 const uint32_t *dp, int v3)
513 {
514 dp = parsefh(ndo, dp, v3);
515 if (dp == NULL)
516 return (NULL);
517 ND_PRINT(" ");
518 return (parsefn(ndo, dp));
519 }
520
521 void
522 nfsreq_noaddr_print(netdissect_options *ndo,
523 const u_char *bp, u_int length,
524 const u_char *bp2)
525 {
526 const struct sunrpc_msg *rp;
527 const uint32_t *dp;
528 nfs_type type;
529 int v3;
530 uint32_t proc;
531 uint32_t access_flags;
532 struct nfsv3_sattr sa3;
533
534 ndo->ndo_protocol = "nfs";
535 ND_PRINT("%u", length);
536 nfserr = 0; /* assume no error */
537 rp = (const struct sunrpc_msg *)bp;
538
539 if (!xid_map_enter(ndo, rp, bp2)) /* record proc number for later on */
540 goto trunc;
541
542 v3 = (EXTRACT_BE_U_4(&rp->rm_call.cb_vers) == NFS_VER3);
543 proc = EXTRACT_BE_U_4(&rp->rm_call.cb_proc);
544
545 if (!v3 && proc < NFS_NPROCS)
546 proc = nfsv3_procid[proc];
547
548 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
549 switch (proc) {
550
551 case NFSPROC_GETATTR:
552 case NFSPROC_SETATTR:
553 case NFSPROC_READLINK:
554 case NFSPROC_FSSTAT:
555 case NFSPROC_FSINFO:
556 case NFSPROC_PATHCONF:
557 if ((dp = parsereq(ndo, rp, length)) != NULL &&
558 parsefh(ndo, dp, v3) != NULL)
559 return;
560 break;
561
562 case NFSPROC_LOOKUP:
563 case NFSPROC_CREATE:
564 case NFSPROC_MKDIR:
565 case NFSPROC_REMOVE:
566 case NFSPROC_RMDIR:
567 if ((dp = parsereq(ndo, rp, length)) != NULL &&
568 parsefhn(ndo, dp, v3) != NULL)
569 return;
570 break;
571
572 case NFSPROC_ACCESS:
573 if ((dp = parsereq(ndo, rp, length)) != NULL &&
574 (dp = parsefh(ndo, dp, v3)) != NULL) {
575 ND_TCHECK_4(dp);
576 access_flags = EXTRACT_BE_U_4(dp);
577 if (access_flags & ~NFSV3ACCESS_FULL) {
578 /* NFSV3ACCESS definitions aren't up to date */
579 ND_PRINT(" %04x", access_flags);
580 } else if ((access_flags & NFSV3ACCESS_FULL) == NFSV3ACCESS_FULL) {
581 ND_PRINT(" NFS_ACCESS_FULL");
582 } else {
583 char separator = ' ';
584 if (access_flags & NFSV3ACCESS_READ) {
585 ND_PRINT(" NFS_ACCESS_READ");
586 separator = '|';
587 }
588 if (access_flags & NFSV3ACCESS_LOOKUP) {
589 ND_PRINT("%cNFS_ACCESS_LOOKUP", separator);
590 separator = '|';
591 }
592 if (access_flags & NFSV3ACCESS_MODIFY) {
593 ND_PRINT("%cNFS_ACCESS_MODIFY", separator);
594 separator = '|';
595 }
596 if (access_flags & NFSV3ACCESS_EXTEND) {
597 ND_PRINT("%cNFS_ACCESS_EXTEND", separator);
598 separator = '|';
599 }
600 if (access_flags & NFSV3ACCESS_DELETE) {
601 ND_PRINT("%cNFS_ACCESS_DELETE", separator);
602 separator = '|';
603 }
604 if (access_flags & NFSV3ACCESS_EXECUTE)
605 ND_PRINT("%cNFS_ACCESS_EXECUTE", separator);
606 }
607 return;
608 }
609 break;
610
611 case NFSPROC_READ:
612 if ((dp = parsereq(ndo, rp, length)) != NULL &&
613 (dp = parsefh(ndo, dp, v3)) != NULL) {
614 if (v3) {
615 ND_TCHECK_4(dp + 2);
616 ND_PRINT(" %u bytes @ %" PRIu64,
617 EXTRACT_BE_U_4(dp + 2),
618 EXTRACT_BE_U_8(dp));
619 } else {
620 ND_TCHECK_4(dp + 1);
621 ND_PRINT(" %u bytes @ %u",
622 EXTRACT_BE_U_4(dp + 1),
623 EXTRACT_BE_U_4(dp));
624 }
625 return;
626 }
627 break;
628
629 case NFSPROC_WRITE:
630 if ((dp = parsereq(ndo, rp, length)) != NULL &&
631 (dp = parsefh(ndo, dp, v3)) != NULL) {
632 if (v3) {
633 ND_TCHECK_4(dp + 4);
634 ND_PRINT(" %u (%u) bytes @ %" PRIu64,
635 EXTRACT_BE_U_4(dp + 4),
636 EXTRACT_BE_U_4(dp + 2),
637 EXTRACT_BE_U_8(dp));
638 if (ndo->ndo_vflag) {
639 ND_PRINT(" <%s>",
640 tok2str(nfsv3_writemodes,
641 NULL, EXTRACT_BE_U_4(dp + 3)));
642 }
643 } else {
644 ND_TCHECK_4(dp + 3);
645 ND_PRINT(" %u (%u) bytes @ %u (%u)",
646 EXTRACT_BE_U_4(dp + 3),
647 EXTRACT_BE_U_4(dp + 2),
648 EXTRACT_BE_U_4(dp + 1),
649 EXTRACT_BE_U_4(dp));
650 }
651 return;
652 }
653 break;
654
655 case NFSPROC_SYMLINK:
656 if ((dp = parsereq(ndo, rp, length)) != NULL &&
657 (dp = parsefhn(ndo, dp, v3)) != NULL) {
658 ND_PRINT(" ->");
659 if (v3 && (dp = parse_sattr3(ndo, dp, &sa3)) == NULL)
660 break;
661 if (parsefn(ndo, dp) == NULL)
662 break;
663 if (v3 && ndo->ndo_vflag)
664 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
665 return;
666 }
667 break;
668
669 case NFSPROC_MKNOD:
670 if ((dp = parsereq(ndo, rp, length)) != NULL &&
671 (dp = parsefhn(ndo, dp, v3)) != NULL) {
672 ND_TCHECK_4(dp);
673 type = (nfs_type) EXTRACT_BE_U_4(dp);
674 dp++;
675 if ((dp = parse_sattr3(ndo, dp, &sa3)) == NULL)
676 break;
677 ND_PRINT(" %s", tok2str(type2str, "unk-ft %u", type));
678 if (ndo->ndo_vflag && (type == NFCHR || type == NFBLK)) {
679 ND_TCHECK_4(dp + 1);
680 ND_PRINT(" %u/%u",
681 EXTRACT_BE_U_4(dp),
682 EXTRACT_BE_U_4(dp + 1));
683 dp += 2;
684 }
685 if (ndo->ndo_vflag)
686 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
687 return;
688 }
689 break;
690
691 case NFSPROC_RENAME:
692 if ((dp = parsereq(ndo, rp, length)) != NULL &&
693 (dp = parsefhn(ndo, dp, v3)) != NULL) {
694 ND_PRINT(" ->");
695 if (parsefhn(ndo, dp, v3) != NULL)
696 return;
697 }
698 break;
699
700 case NFSPROC_LINK:
701 if ((dp = parsereq(ndo, rp, length)) != NULL &&
702 (dp = parsefh(ndo, dp, v3)) != NULL) {
703 ND_PRINT(" ->");
704 if (parsefhn(ndo, dp, v3) != NULL)
705 return;
706 }
707 break;
708
709 case NFSPROC_READDIR:
710 if ((dp = parsereq(ndo, rp, length)) != NULL &&
711 (dp = parsefh(ndo, dp, v3)) != NULL) {
712 if (v3) {
713 ND_TCHECK_4(dp + 4);
714 /*
715 * We shouldn't really try to interpret the
716 * offset cookie here.
717 */
718 ND_PRINT(" %u bytes @ %" PRId64,
719 EXTRACT_BE_U_4(dp + 4),
720 EXTRACT_BE_U_8(dp));
721 if (ndo->ndo_vflag) {
722 /*
723 * This displays the 8 bytes
724 * of the verifier in order,
725 * from the low-order byte
726 * to the high-order byte.
727 */
728 ND_PRINT(" verf %08x%08x",
729 EXTRACT_BE_U_4(dp + 2),
730 EXTRACT_BE_U_4(dp + 3));
731 }
732 } else {
733 ND_TCHECK_4(dp + 1);
734 /*
735 * Print the offset as signed, since -1 is
736 * common, but offsets > 2^31 aren't.
737 */
738 ND_PRINT(" %u bytes @ %u",
739 EXTRACT_BE_U_4(dp + 1),
740 EXTRACT_BE_U_4(dp));
741 }
742 return;
743 }
744 break;
745
746 case NFSPROC_READDIRPLUS:
747 if ((dp = parsereq(ndo, rp, length)) != NULL &&
748 (dp = parsefh(ndo, dp, v3)) != NULL) {
749 ND_TCHECK_4(dp + 4);
750 /*
751 * We don't try to interpret the offset
752 * cookie here.
753 */
754 ND_PRINT(" %u bytes @ %" PRId64,
755 EXTRACT_BE_U_4(dp + 4),
756 EXTRACT_BE_U_8(dp));
757 if (ndo->ndo_vflag) {
758 ND_TCHECK_4(dp + 5);
759 /*
760 * This displays the 8 bytes
761 * of the verifier in order,
762 * from the low-order byte
763 * to the high-order byte.
764 */
765 ND_PRINT(" max %u verf %08x%08x",
766 EXTRACT_BE_U_4(dp + 5),
767 EXTRACT_BE_U_4(dp + 2),
768 EXTRACT_BE_U_4(dp + 3));
769 }
770 return;
771 }
772 break;
773
774 case NFSPROC_COMMIT:
775 if ((dp = parsereq(ndo, rp, length)) != NULL &&
776 (dp = parsefh(ndo, dp, v3)) != NULL) {
777 ND_TCHECK_4(dp + 2);
778 ND_PRINT(" %u bytes @ %" PRIu64,
779 EXTRACT_BE_U_4(dp + 2),
780 EXTRACT_BE_U_8(dp));
781 return;
782 }
783 break;
784
785 default:
786 return;
787 }
788
789 trunc:
790 if (!nfserr)
791 nd_print_trunc(ndo);
792 }
793
794 /*
795 * Print out an NFS file handle.
796 * We assume packet was not truncated before the end of the
797 * file handle pointed to by dp.
798 *
799 * Note: new version (using portable file-handle parser) doesn't produce
800 * generation number. It probably could be made to do that, with some
801 * additional hacking on the parser code.
802 */
803 static void
804 nfs_printfh(netdissect_options *ndo,
805 const uint32_t *dp, const u_int len)
806 {
807 my_fsid fsid;
808 uint32_t ino;
809 const char *sfsname = NULL;
810 char *spacep;
811
812 if (ndo->ndo_uflag) {
813 u_int i;
814 char const *sep = "";
815
816 ND_PRINT(" fh[");
817 for (i=0; i<len; i++) {
818 /*
819 * This displays 4 bytes in big-endian byte
820 * order. That's as good a choice as little-
821 * endian, as there's no guarantee that the
822 * server is big-endian or little-endian or
823 * that the file handle contains 4-byte
824 * integral fields, and is better than "the
825 * byte order of the host running tcpdump", as
826 * the latter means that different hosts
827 * running tcpdump may show the same file
828 * handle in different ways.
829 */
830 ND_PRINT("%s%x", sep, EXTRACT_BE_U_4(dp + i));
831 sep = ":";
832 }
833 ND_PRINT("]");
834 return;
835 }
836
837 Parse_fh((const u_char *)dp, len, &fsid, &ino, NULL, &sfsname, 0);
838
839 if (sfsname) {
840 /* file system ID is ASCII, not numeric, for this server OS */
841 char temp[NFSX_V3FHMAX+1];
842 u_int stringlen;
843
844 /* Make sure string is null-terminated */
845 stringlen = len;
846 if (stringlen > NFSX_V3FHMAX)
847 stringlen = NFSX_V3FHMAX;
848 strncpy(temp, sfsname, stringlen);
849 temp[stringlen] = '\0';
850 /* Remove trailing spaces */
851 spacep = strchr(temp, ' ');
852 if (spacep)
853 *spacep = '\0';
854
855 ND_PRINT(" fh %s/", temp);
856 } else {
857 ND_PRINT(" fh %u,%u/",
858 fsid.Fsid_dev.Major, fsid.Fsid_dev.Minor);
859 }
860
861 if(fsid.Fsid_dev.Minor == 257)
862 /* Print the undecoded handle */
863 ND_PRINT("%s", fsid.Opaque_Handle);
864 else
865 ND_PRINT("%ld", (long) ino);
866 }
867
868 /*
869 * Maintain a small cache of recent client.XID.server/proc pairs, to allow
870 * us to match up replies with requests and thus to know how to parse
871 * the reply.
872 */
873
874 struct xid_map_entry {
875 uint32_t xid; /* transaction ID (net order) */
876 int ipver; /* IP version (4 or 6) */
877 struct in6_addr client; /* client IP address (net order) */
878 struct in6_addr server; /* server IP address (net order) */
879 uint32_t proc; /* call proc number (host order) */
880 uint32_t vers; /* program version (host order) */
881 };
882
883 /*
884 * Map entries are kept in an array that we manage as a ring;
885 * new entries are always added at the tail of the ring. Initially,
886 * all the entries are zero and hence don't match anything.
887 */
888
889 #define XIDMAPSIZE 64
890
891 static struct xid_map_entry xid_map[XIDMAPSIZE];
892
893 static int xid_map_next = 0;
894 static int xid_map_hint = 0;
895
896 static int
897 xid_map_enter(netdissect_options *ndo,
898 const struct sunrpc_msg *rp, const u_char *bp)
899 {
900 const struct ip *ip = NULL;
901 const struct ip6_hdr *ip6 = NULL;
902 struct xid_map_entry *xmep;
903
904 if (!ND_TTEST_4(rp->rm_call.cb_proc))
905 return (0);
906 switch (IP_V((const struct ip *)bp)) {
907 case 4:
908 ip = (const struct ip *)bp;
909 break;
910 case 6:
911 ip6 = (const struct ip6_hdr *)bp;
912 break;
913 default:
914 return (1);
915 }
916
917 xmep = &xid_map[xid_map_next];
918
919 if (++xid_map_next >= XIDMAPSIZE)
920 xid_map_next = 0;
921
922 UNALIGNED_MEMCPY(&xmep->xid, &rp->rm_xid, sizeof(xmep->xid));
923 if (ip) {
924 xmep->ipver = 4;
925 UNALIGNED_MEMCPY(&xmep->client, ip->ip_src,
926 sizeof(ip->ip_src));
927 UNALIGNED_MEMCPY(&xmep->server, ip->ip_dst,
928 sizeof(ip->ip_dst));
929 }
930 else if (ip6) {
931 xmep->ipver = 6;
932 UNALIGNED_MEMCPY(&xmep->client, ip6->ip6_src,
933 sizeof(ip6->ip6_src));
934 UNALIGNED_MEMCPY(&xmep->server, ip6->ip6_dst,
935 sizeof(ip6->ip6_dst));
936 }
937 xmep->proc = EXTRACT_BE_U_4(&rp->rm_call.cb_proc);
938 xmep->vers = EXTRACT_BE_U_4(&rp->rm_call.cb_vers);
939 return (1);
940 }
941
942 /*
943 * Returns 0 and puts NFSPROC_xxx in proc return and
944 * version in vers return, or returns -1 on failure
945 */
946 static int
947 xid_map_find(const struct sunrpc_msg *rp, const u_char *bp, uint32_t *proc,
948 uint32_t *vers)
949 {
950 int i;
951 struct xid_map_entry *xmep;
952 uint32_t xid;
953 const struct ip *ip = (const struct ip *)bp;
954 const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp;
955 int cmp;
956
957 UNALIGNED_MEMCPY(&xid, &rp->rm_xid, sizeof(xmep->xid));
958 /* Start searching from where we last left off */
959 i = xid_map_hint;
960 do {
961 xmep = &xid_map[i];
962 cmp = 1;
963 if (xmep->ipver != IP_V(ip) || xmep->xid != xid)
964 goto nextitem;
965 switch (xmep->ipver) {
966 case 4:
967 if (UNALIGNED_MEMCMP(ip->ip_src, &xmep->server,
968 sizeof(ip->ip_src)) != 0 ||
969 UNALIGNED_MEMCMP(ip->ip_dst, &xmep->client,
970 sizeof(ip->ip_dst)) != 0) {
971 cmp = 0;
972 }
973 break;
974 case 6:
975 if (UNALIGNED_MEMCMP(ip6->ip6_src, &xmep->server,
976 sizeof(ip6->ip6_src)) != 0 ||
977 UNALIGNED_MEMCMP(ip6->ip6_dst, &xmep->client,
978 sizeof(ip6->ip6_dst)) != 0) {
979 cmp = 0;
980 }
981 break;
982 default:
983 cmp = 0;
984 break;
985 }
986 if (cmp) {
987 /* match */
988 xid_map_hint = i;
989 *proc = xmep->proc;
990 *vers = xmep->vers;
991 return 0;
992 }
993 nextitem:
994 if (++i >= XIDMAPSIZE)
995 i = 0;
996 } while (i != xid_map_hint);
997
998 /* search failed */
999 return (-1);
1000 }
1001
1002 /*
1003 * Routines for parsing reply packets
1004 */
1005
1006 /*
1007 * Return a pointer to the beginning of the actual results.
1008 * If the packet was truncated, return 0.
1009 */
1010 static const uint32_t *
1011 parserep(netdissect_options *ndo,
1012 const struct sunrpc_msg *rp, u_int length)
1013 {
1014 const uint32_t *dp;
1015 u_int len;
1016 enum sunrpc_accept_stat astat;
1017
1018 /*
1019 * Portability note:
1020 * Here we find the address of the ar_verf credentials.
1021 * Originally, this calculation was
1022 * dp = (uint32_t *)&rp->rm_reply.rp_acpt.ar_verf
1023 * On the wire, the rp_acpt field starts immediately after
1024 * the (32 bit) rp_stat field. However, rp_acpt (which is a
1025 * "struct accepted_reply") contains a "struct opaque_auth",
1026 * whose internal representation contains a pointer, so on a
1027 * 64-bit machine the compiler inserts 32 bits of padding
1028 * before rp->rm_reply.rp_acpt.ar_verf. So, we cannot use
1029 * the internal representation to parse the on-the-wire
1030 * representation. Instead, we skip past the rp_stat field,
1031 * which is an "enum" and so occupies one 32-bit word.
1032 */
1033 dp = ((const uint32_t *)&rp->rm_reply) + 1;
1034 ND_TCHECK_4(dp + 1);
1035 len = EXTRACT_BE_U_4(dp + 1);
1036 if (len >= length)
1037 return (NULL);
1038 /*
1039 * skip past the ar_verf credentials.
1040 */
1041 dp += (len + (2*sizeof(uint32_t) + 3)) / sizeof(uint32_t);
1042
1043 /*
1044 * now we can check the ar_stat field
1045 */
1046 ND_TCHECK_4(dp);
1047 astat = (enum sunrpc_accept_stat) EXTRACT_BE_U_4(dp);
1048 if (astat != SUNRPC_SUCCESS) {
1049 ND_PRINT(" %s", tok2str(sunrpc_str, "ar_stat %u", astat));
1050 nfserr = 1; /* suppress trunc string */
1051 return (NULL);
1052 }
1053 /* successful return */
1054 ND_TCHECK_LEN(dp, sizeof(astat));
1055 return ((const uint32_t *) (sizeof(astat) + ((const char *)dp)));
1056 trunc:
1057 return (0);
1058 }
1059
1060 static const uint32_t *
1061 parsestatus(netdissect_options *ndo,
1062 const uint32_t *dp, u_int *er)
1063 {
1064 u_int errnum;
1065
1066 ND_TCHECK_4(dp);
1067
1068 errnum = EXTRACT_BE_U_4(dp);
1069 if (er)
1070 *er = errnum;
1071 if (errnum != 0) {
1072 if (!ndo->ndo_qflag)
1073 ND_PRINT(" ERROR: %s",
1074 tok2str(status2str, "unk %u", errnum));
1075 nfserr = 1;
1076 }
1077 return (dp + 1);
1078 trunc:
1079 return NULL;
1080 }
1081
1082 static const uint32_t *
1083 parsefattr(netdissect_options *ndo,
1084 const uint32_t *dp, int verbose, int v3)
1085 {
1086 const struct nfs_fattr *fap;
1087
1088 fap = (const struct nfs_fattr *)dp;
1089 ND_TCHECK_4(&fap->fa_gid);
1090 if (verbose) {
1091 /*
1092 * XXX - UIDs and GIDs are unsigned in NFS and in
1093 * at least some UN*Xes, but we'll show them as
1094 * signed because -2 has traditionally been the
1095 * UID for "nobody", rather than 4294967294.
1096 */
1097 ND_PRINT(" %s %o ids %d/%d",
1098 tok2str(type2str, "unk-ft %u ",
1099 EXTRACT_BE_U_4(&fap->fa_type)),
1100 EXTRACT_BE_U_4(&fap->fa_mode),
1101 EXTRACT_BE_S_4(&fap->fa_uid),
1102 EXTRACT_BE_S_4(&fap->fa_gid));
1103 if (v3) {
1104 ND_TCHECK_8(&fap->fa3_size);
1105 ND_PRINT(" sz %" PRIu64,
1106 EXTRACT_BE_U_8((const uint32_t *)&fap->fa3_size));
1107 } else {
1108 ND_TCHECK_4(&fap->fa2_size);
1109 ND_PRINT(" sz %u", EXTRACT_BE_U_4(&fap->fa2_size));
1110 }
1111 }
1112 /* print lots more stuff */
1113 if (verbose > 1) {
1114 if (v3) {
1115 ND_TCHECK_8(&fap->fa3_ctime);
1116 ND_PRINT(" nlink %u rdev %u/%u",
1117 EXTRACT_BE_U_4(&fap->fa_nlink),
1118 EXTRACT_BE_U_4(&fap->fa3_rdev.specdata1),
1119 EXTRACT_BE_U_4(&fap->fa3_rdev.specdata2));
1120 ND_PRINT(" fsid %" PRIx64,
1121 EXTRACT_BE_U_8((const uint32_t *)&fap->fa3_fsid));
1122 ND_PRINT(" fileid %" PRIx64,
1123 EXTRACT_BE_U_8((const uint32_t *)&fap->fa3_fileid));
1124 ND_PRINT(" a/m/ctime %u.%06u",
1125 EXTRACT_BE_U_4(&fap->fa3_atime.nfsv3_sec),
1126 EXTRACT_BE_U_4(&fap->fa3_atime.nfsv3_nsec));
1127 ND_PRINT(" %u.%06u",
1128 EXTRACT_BE_U_4(&fap->fa3_mtime.nfsv3_sec),
1129 EXTRACT_BE_U_4(&fap->fa3_mtime.nfsv3_nsec));
1130 ND_PRINT(" %u.%06u",
1131 EXTRACT_BE_U_4(&fap->fa3_ctime.nfsv3_sec),
1132 EXTRACT_BE_U_4(&fap->fa3_ctime.nfsv3_nsec));
1133 } else {
1134 ND_TCHECK_8(&fap->fa2_ctime);
1135 ND_PRINT(" nlink %u rdev 0x%x fsid 0x%x nodeid 0x%x a/m/ctime",
1136 EXTRACT_BE_U_4(&fap->fa_nlink),
1137 EXTRACT_BE_U_4(&fap->fa2_rdev),
1138 EXTRACT_BE_U_4(&fap->fa2_fsid),
1139 EXTRACT_BE_U_4(&fap->fa2_fileid));
1140 ND_PRINT(" %u.%06u",
1141 EXTRACT_BE_U_4(&fap->fa2_atime.nfsv2_sec),
1142 EXTRACT_BE_U_4(&fap->fa2_atime.nfsv2_usec));
1143 ND_PRINT(" %u.%06u",
1144 EXTRACT_BE_U_4(&fap->fa2_mtime.nfsv2_sec),
1145 EXTRACT_BE_U_4(&fap->fa2_mtime.nfsv2_usec));
1146 ND_PRINT(" %u.%06u",
1147 EXTRACT_BE_U_4(&fap->fa2_ctime.nfsv2_sec),
1148 EXTRACT_BE_U_4(&fap->fa2_ctime.nfsv2_usec));
1149 }
1150 }
1151 return ((const uint32_t *)((const unsigned char *)dp +
1152 (v3 ? NFSX_V3FATTR : NFSX_V2FATTR)));
1153 trunc:
1154 return (NULL);
1155 }
1156
1157 static int
1158 parseattrstat(netdissect_options *ndo,
1159 const uint32_t *dp, int verbose, int v3)
1160 {
1161 u_int er;
1162
1163 dp = parsestatus(ndo, dp, &er);
1164 if (dp == NULL)
1165 return (0);
1166 if (er)
1167 return (1);
1168
1169 return (parsefattr(ndo, dp, verbose, v3) != NULL);
1170 }
1171
1172 static int
1173 parsediropres(netdissect_options *ndo,
1174 const uint32_t *dp)
1175 {
1176 u_int er;
1177
1178 if (!(dp = parsestatus(ndo, dp, &er)))
1179 return (0);
1180 if (er)
1181 return (1);
1182
1183 dp = parsefh(ndo, dp, 0);
1184 if (dp == NULL)
1185 return (0);
1186
1187 return (parsefattr(ndo, dp, ndo->ndo_vflag, 0) != NULL);
1188 }
1189
1190 static int
1191 parselinkres(netdissect_options *ndo,
1192 const uint32_t *dp, int v3)
1193 {
1194 u_int er;
1195
1196 dp = parsestatus(ndo, dp, &er);
1197 if (dp == NULL)
1198 return(0);
1199 if (er)
1200 return(1);
1201 if (v3 && !(dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag)))
1202 return (0);
1203 ND_PRINT(" ");
1204 return (parsefn(ndo, dp) != NULL);
1205 }
1206
1207 static int
1208 parsestatfs(netdissect_options *ndo,
1209 const uint32_t *dp, int v3)
1210 {
1211 const struct nfs_statfs *sfsp;
1212 u_int er;
1213
1214 dp = parsestatus(ndo, dp, &er);
1215 if (dp == NULL)
1216 return (0);
1217 if (!v3 && er)
1218 return (1);
1219
1220 if (ndo->ndo_qflag)
1221 return(1);
1222
1223 if (v3) {
1224 if (ndo->ndo_vflag)
1225 ND_PRINT(" POST:");
1226 if (!(dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag)))
1227 return (0);
1228 }
1229
1230 ND_TCHECK_LEN(dp, (v3 ? NFSX_V3STATFS : NFSX_V2STATFS));
1231
1232 sfsp = (const struct nfs_statfs *)dp;
1233
1234 if (v3) {
1235 ND_PRINT(" tbytes %" PRIu64 " fbytes %" PRIu64 " abytes %" PRIu64,
1236 EXTRACT_BE_U_8((const uint32_t *)&sfsp->sf_tbytes),
1237 EXTRACT_BE_U_8((const uint32_t *)&sfsp->sf_fbytes),
1238 EXTRACT_BE_U_8((const uint32_t *)&sfsp->sf_abytes));
1239 if (ndo->ndo_vflag) {
1240 ND_PRINT(" tfiles %" PRIu64 " ffiles %" PRIu64 " afiles %" PRIu64 " invar %u",
1241 EXTRACT_BE_U_8((const uint32_t *)&sfsp->sf_tfiles),
1242 EXTRACT_BE_U_8((const uint32_t *)&sfsp->sf_ffiles),
1243 EXTRACT_BE_U_8((const uint32_t *)&sfsp->sf_afiles),
1244 EXTRACT_BE_U_4(&sfsp->sf_invarsec));
1245 }
1246 } else {
1247 ND_PRINT(" tsize %u bsize %u blocks %u bfree %u bavail %u",
1248 EXTRACT_BE_U_4(&sfsp->sf_tsize),
1249 EXTRACT_BE_U_4(&sfsp->sf_bsize),
1250 EXTRACT_BE_U_4(&sfsp->sf_blocks),
1251 EXTRACT_BE_U_4(&sfsp->sf_bfree),
1252 EXTRACT_BE_U_4(&sfsp->sf_bavail));
1253 }
1254
1255 return (1);
1256 trunc:
1257 return (0);
1258 }
1259
1260 static int
1261 parserddires(netdissect_options *ndo,
1262 const uint32_t *dp)
1263 {
1264 u_int er;
1265
1266 dp = parsestatus(ndo, dp, &er);
1267 if (dp == NULL)
1268 return (0);
1269 if (er)
1270 return (1);
1271 if (ndo->ndo_qflag)
1272 return (1);
1273
1274 ND_TCHECK_4(dp + 2);
1275 ND_PRINT(" offset 0x%x size %u ",
1276 EXTRACT_BE_U_4(dp), EXTRACT_BE_U_4(dp + 1));
1277 if (EXTRACT_BE_U_4(dp + 2) != 0)
1278 ND_PRINT(" eof");
1279
1280 return (1);
1281 trunc:
1282 return (0);
1283 }
1284
1285 static const uint32_t *
1286 parse_wcc_attr(netdissect_options *ndo,
1287 const uint32_t *dp)
1288 {
1289 /* Our caller has already checked this */
1290 ND_PRINT(" sz %" PRIu64, EXTRACT_BE_U_8(dp));
1291 ND_PRINT(" mtime %u.%06u ctime %u.%06u",
1292 EXTRACT_BE_U_4(dp + 2), EXTRACT_BE_U_4(dp + 3),
1293 EXTRACT_BE_U_4(dp + 4), EXTRACT_BE_U_4(dp + 5));
1294 return (dp + 6);
1295 }
1296
1297 /*
1298 * Pre operation attributes. Print only if vflag > 1.
1299 */
1300 static const uint32_t *
1301 parse_pre_op_attr(netdissect_options *ndo,
1302 const uint32_t *dp, int verbose)
1303 {
1304 ND_TCHECK_4(dp);
1305 if (!EXTRACT_BE_U_4(dp))
1306 return (dp + 1);
1307 dp++;
1308 ND_TCHECK_LEN(dp, 24);
1309 if (verbose > 1) {
1310 return parse_wcc_attr(ndo, dp);
1311 } else {
1312 /* If not verbose enough, just skip over wcc_attr */
1313 return (dp + 6);
1314 }
1315 trunc:
1316 return (NULL);
1317 }
1318
1319 /*
1320 * Post operation attributes are printed if vflag >= 1
1321 */
1322 static const uint32_t *
1323 parse_post_op_attr(netdissect_options *ndo,
1324 const uint32_t *dp, int verbose)
1325 {
1326 ND_TCHECK_4(dp);
1327 if (!EXTRACT_BE_U_4(dp))
1328 return (dp + 1);
1329 dp++;
1330 if (verbose) {
1331 return parsefattr(ndo, dp, verbose, 1);
1332 } else
1333 return (dp + (NFSX_V3FATTR / sizeof (uint32_t)));
1334 trunc:
1335 return (NULL);
1336 }
1337
1338 static const uint32_t *
1339 parse_wcc_data(netdissect_options *ndo,
1340 const uint32_t *dp, int verbose)
1341 {
1342 if (verbose > 1)
1343 ND_PRINT(" PRE:");
1344 if (!(dp = parse_pre_op_attr(ndo, dp, verbose)))
1345 return (0);
1346
1347 if (verbose)
1348 ND_PRINT(" POST:");
1349 return parse_post_op_attr(ndo, dp, verbose);
1350 }
1351
1352 static const uint32_t *
1353 parsecreateopres(netdissect_options *ndo,
1354 const uint32_t *dp, int verbose)
1355 {
1356 u_int er;
1357
1358 if (!(dp = parsestatus(ndo, dp, &er)))
1359 return (0);
1360 if (er)
1361 dp = parse_wcc_data(ndo, dp, verbose);
1362 else {
1363 ND_TCHECK_4(dp);
1364 if (!EXTRACT_BE_U_4(dp))
1365 return (dp + 1);
1366 dp++;
1367 if (!(dp = parsefh(ndo, dp, 1)))
1368 return (0);
1369 if (verbose) {
1370 if (!(dp = parse_post_op_attr(ndo, dp, verbose)))
1371 return (0);
1372 if (ndo->ndo_vflag > 1) {
1373 ND_PRINT(" dir attr:");
1374 dp = parse_wcc_data(ndo, dp, verbose);
1375 }
1376 }
1377 }
1378 return (dp);
1379 trunc:
1380 return (NULL);
1381 }
1382
1383 static int
1384 parsewccres(netdissect_options *ndo,
1385 const uint32_t *dp, int verbose)
1386 {
1387 u_int er;
1388
1389 if (!(dp = parsestatus(ndo, dp, &er)))
1390 return (0);
1391 return parse_wcc_data(ndo, dp, verbose) != NULL;
1392 }
1393
1394 static const uint32_t *
1395 parsev3rddirres(netdissect_options *ndo,
1396 const uint32_t *dp, int verbose)
1397 {
1398 u_int er;
1399
1400 if (!(dp = parsestatus(ndo, dp, &er)))
1401 return (0);
1402 if (ndo->ndo_vflag)
1403 ND_PRINT(" POST:");
1404 if (!(dp = parse_post_op_attr(ndo, dp, verbose)))
1405 return (0);
1406 if (er)
1407 return dp;
1408 if (ndo->ndo_vflag) {
1409 ND_TCHECK_4(dp + 1);
1410 /*
1411 * This displays the 8 bytes of the verifier in order,
1412 * from the low-order byte to the high-order byte.
1413 */
1414 ND_PRINT(" verf %08x%08x",
1415 EXTRACT_BE_U_4(dp), EXTRACT_BE_U_4(dp + 1));
1416 dp += 2;
1417 }
1418 return dp;
1419 trunc:
1420 return (NULL);
1421 }
1422
1423 static int
1424 parsefsinfo(netdissect_options *ndo,
1425 const uint32_t *dp)
1426 {
1427 const struct nfsv3_fsinfo *sfp;
1428 u_int er;
1429
1430 if (!(dp = parsestatus(ndo, dp, &er)))
1431 return (0);
1432 if (ndo->ndo_vflag)
1433 ND_PRINT(" POST:");
1434 if (!(dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag)))
1435 return (0);
1436 if (er)
1437 return (1);
1438
1439 sfp = (const struct nfsv3_fsinfo *)dp;
1440 ND_TCHECK_SIZE(sfp);
1441 ND_PRINT(" rtmax %u rtpref %u wtmax %u wtpref %u dtpref %u",
1442 EXTRACT_BE_U_4(&sfp->fs_rtmax),
1443 EXTRACT_BE_U_4(&sfp->fs_rtpref),
1444 EXTRACT_BE_U_4(&sfp->fs_wtmax),
1445 EXTRACT_BE_U_4(&sfp->fs_wtpref),
1446 EXTRACT_BE_U_4(&sfp->fs_dtpref));
1447 if (ndo->ndo_vflag) {
1448 ND_PRINT(" rtmult %u wtmult %u maxfsz %" PRIu64,
1449 EXTRACT_BE_U_4(&sfp->fs_rtmult),
1450 EXTRACT_BE_U_4(&sfp->fs_wtmult),
1451 EXTRACT_BE_U_8((const uint32_t *)&sfp->fs_maxfilesize));
1452 ND_PRINT(" delta %u.%06u ",
1453 EXTRACT_BE_U_4(&sfp->fs_timedelta.nfsv3_sec),
1454 EXTRACT_BE_U_4(&sfp->fs_timedelta.nfsv3_nsec));
1455 }
1456 return (1);
1457 trunc:
1458 return (0);
1459 }
1460
1461 static int
1462 parsepathconf(netdissect_options *ndo,
1463 const uint32_t *dp)
1464 {
1465 u_int er;
1466 const struct nfsv3_pathconf *spp;
1467
1468 if (!(dp = parsestatus(ndo, dp, &er)))
1469 return (0);
1470 if (ndo->ndo_vflag)
1471 ND_PRINT(" POST:");
1472 if (!(dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag)))
1473 return (0);
1474 if (er)
1475 return (1);
1476
1477 spp = (const struct nfsv3_pathconf *)dp;
1478 ND_TCHECK_SIZE(spp);
1479
1480 ND_PRINT(" linkmax %u namemax %u %s %s %s %s",
1481 EXTRACT_BE_U_4(&spp->pc_linkmax),
1482 EXTRACT_BE_U_4(&spp->pc_namemax),
1483 EXTRACT_BE_U_4(&spp->pc_notrunc) ? "notrunc" : "",
1484 EXTRACT_BE_U_4(&spp->pc_chownrestricted) ? "chownres" : "",
1485 EXTRACT_BE_U_4(&spp->pc_caseinsensitive) ? "igncase" : "",
1486 EXTRACT_BE_U_4(&spp->pc_casepreserving) ? "keepcase" : "");
1487 return (1);
1488 trunc:
1489 return (0);
1490 }
1491
1492 static void
1493 interp_reply(netdissect_options *ndo,
1494 const struct sunrpc_msg *rp, uint32_t proc, uint32_t vers, int length)
1495 {
1496 const uint32_t *dp;
1497 int v3;
1498 u_int er;
1499
1500 v3 = (vers == NFS_VER3);
1501
1502 if (!v3 && proc < NFS_NPROCS)
1503 proc = nfsv3_procid[proc];
1504
1505 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
1506 switch (proc) {
1507
1508 case NFSPROC_GETATTR:
1509 dp = parserep(ndo, rp, length);
1510 if (dp != NULL && parseattrstat(ndo, dp, !ndo->ndo_qflag, v3) != 0)
1511 return;
1512 break;
1513
1514 case NFSPROC_SETATTR:
1515 if (!(dp = parserep(ndo, rp, length)))
1516 return;
1517 if (v3) {
1518 if (parsewccres(ndo, dp, ndo->ndo_vflag))
1519 return;
1520 } else {
1521 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, 0) != 0)
1522 return;
1523 }
1524 break;
1525
1526 case NFSPROC_LOOKUP:
1527 if (!(dp = parserep(ndo, rp, length)))
1528 break;
1529 if (v3) {
1530 if (!(dp = parsestatus(ndo, dp, &er)))
1531 break;
1532 if (er) {
1533 if (ndo->ndo_vflag > 1) {
1534 ND_PRINT(" post dattr:");
1535 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1536 }
1537 } else {
1538 if (!(dp = parsefh(ndo, dp, v3)))
1539 break;
1540 if ((dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag)) &&
1541 ndo->ndo_vflag > 1) {
1542 ND_PRINT(" post dattr:");
1543 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1544 }
1545 }
1546 if (dp)
1547 return;
1548 } else {
1549 if (parsediropres(ndo, dp) != 0)
1550 return;
1551 }
1552 break;
1553
1554 case NFSPROC_ACCESS:
1555 if (!(dp = parserep(ndo, rp, length)))
1556 break;
1557 if (!(dp = parsestatus(ndo, dp, &er)))
1558 break;
1559 if (ndo->ndo_vflag)
1560 ND_PRINT(" attr:");
1561 if (!(dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag)))
1562 break;
1563 if (!er) {
1564 ND_TCHECK_4(dp);
1565 ND_PRINT(" c %04x", EXTRACT_BE_U_4(dp));
1566 }
1567 return;
1568
1569 case NFSPROC_READLINK:
1570 dp = parserep(ndo, rp, length);
1571 if (dp != NULL && parselinkres(ndo, dp, v3) != 0)
1572 return;
1573 break;
1574
1575 case NFSPROC_READ:
1576 if (!(dp = parserep(ndo, rp, length)))
1577 break;
1578 if (v3) {
1579 if (!(dp = parsestatus(ndo, dp, &er)))
1580 break;
1581 if (!(dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag)))
1582 break;
1583 if (er)
1584 return;
1585 if (ndo->ndo_vflag) {
1586 ND_TCHECK_4(dp + 1);
1587 ND_PRINT(" %u bytes", EXTRACT_BE_U_4(dp));
1588 if (EXTRACT_BE_U_4(dp + 1))
1589 ND_PRINT(" EOF");
1590 }
1591 return;
1592 } else {
1593 if (parseattrstat(ndo, dp, ndo->ndo_vflag, 0) != 0)
1594 return;
1595 }
1596 break;
1597
1598 case NFSPROC_WRITE:
1599 if (!(dp = parserep(ndo, rp, length)))
1600 break;
1601 if (v3) {
1602 if (!(dp = parsestatus(ndo, dp, &er)))
1603 break;
1604 if (!(dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag)))
1605 break;
1606 if (er)
1607 return;
1608 if (ndo->ndo_vflag) {
1609 ND_TCHECK_4(dp);
1610 ND_PRINT(" %u bytes", EXTRACT_BE_U_4(dp));
1611 if (ndo->ndo_vflag > 1) {
1612 ND_TCHECK_4(dp + 1);
1613 ND_PRINT(" <%s>",
1614 tok2str(nfsv3_writemodes,
1615 NULL, EXTRACT_BE_U_4(dp + 1)));
1616 }
1617 return;
1618 }
1619 } else {
1620 if (parseattrstat(ndo, dp, ndo->ndo_vflag, v3) != 0)
1621 return;
1622 }
1623 break;
1624
1625 case NFSPROC_CREATE:
1626 case NFSPROC_MKDIR:
1627 if (!(dp = parserep(ndo, rp, length)))
1628 break;
1629 if (v3) {
1630 if (parsecreateopres(ndo, dp, ndo->ndo_vflag) != NULL)
1631 return;
1632 } else {
1633 if (parsediropres(ndo, dp) != 0)
1634 return;
1635 }
1636 break;
1637
1638 case NFSPROC_SYMLINK:
1639 if (!(dp = parserep(ndo, rp, length)))
1640 break;
1641 if (v3) {
1642 if (parsecreateopres(ndo, dp, ndo->ndo_vflag) != NULL)
1643 return;
1644 } else {
1645 if (parsestatus(ndo, dp, &er) != NULL)
1646 return;
1647 }
1648 break;
1649
1650 case NFSPROC_MKNOD:
1651 if (!(dp = parserep(ndo, rp, length)))
1652 break;
1653 if (parsecreateopres(ndo, dp, ndo->ndo_vflag) != NULL)
1654 return;
1655 break;
1656
1657 case NFSPROC_REMOVE:
1658 case NFSPROC_RMDIR:
1659 if (!(dp = parserep(ndo, rp, length)))
1660 break;
1661 if (v3) {
1662 if (parsewccres(ndo, dp, ndo->ndo_vflag))
1663 return;
1664 } else {
1665 if (parsestatus(ndo, dp, &er) != NULL)
1666 return;
1667 }
1668 break;
1669
1670 case NFSPROC_RENAME:
1671 if (!(dp = parserep(ndo, rp, length)))
1672 break;
1673 if (v3) {
1674 if (!(dp = parsestatus(ndo, dp, &er)))
1675 break;
1676 if (ndo->ndo_vflag) {
1677 ND_PRINT(" from:");
1678 if (!(dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag)))
1679 break;
1680 ND_PRINT(" to:");
1681 if (!(dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag)))
1682 break;
1683 }
1684 return;
1685 } else {
1686 if (parsestatus(ndo, dp, &er) != NULL)
1687 return;
1688 }
1689 break;
1690
1691 case NFSPROC_LINK:
1692 if (!(dp = parserep(ndo, rp, length)))
1693 break;
1694 if (v3) {
1695 if (!(dp = parsestatus(ndo, dp, &er)))
1696 break;
1697 if (ndo->ndo_vflag) {
1698 ND_PRINT(" file POST:");
1699 if (!(dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag)))
1700 break;
1701 ND_PRINT(" dir:");
1702 if (!(dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag)))
1703 break;
1704 return;
1705 }
1706 } else {
1707 if (parsestatus(ndo, dp, &er) != NULL)
1708 return;
1709 }
1710 break;
1711
1712 case NFSPROC_READDIR:
1713 if (!(dp = parserep(ndo, rp, length)))
1714 break;
1715 if (v3) {
1716 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag))
1717 return;
1718 } else {
1719 if (parserddires(ndo, dp) != 0)
1720 return;
1721 }
1722 break;
1723
1724 case NFSPROC_READDIRPLUS:
1725 if (!(dp = parserep(ndo, rp, length)))
1726 break;
1727 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag))
1728 return;
1729 break;
1730
1731 case NFSPROC_FSSTAT:
1732 dp = parserep(ndo, rp, length);
1733 if (dp != NULL && parsestatfs(ndo, dp, v3) != 0)
1734 return;
1735 break;
1736
1737 case NFSPROC_FSINFO:
1738 dp = parserep(ndo, rp, length);
1739 if (dp != NULL && parsefsinfo(ndo, dp) != 0)
1740 return;
1741 break;
1742
1743 case NFSPROC_PATHCONF:
1744 dp = parserep(ndo, rp, length);
1745 if (dp != NULL && parsepathconf(ndo, dp) != 0)
1746 return;
1747 break;
1748
1749 case NFSPROC_COMMIT:
1750 dp = parserep(ndo, rp, length);
1751 if (dp != NULL && parsewccres(ndo, dp, ndo->ndo_vflag) != 0)
1752 return;
1753 break;
1754
1755 default:
1756 return;
1757 }
1758 trunc:
1759 if (!nfserr)
1760 nd_print_trunc(ndo);
1761 }
[mirror] the TCPdump network dissector