]> The Tcpdump Group git mirrors - tcpdump/blob - print-nfs.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix incompatible pointer types with time functions calls on Windows
[tcpdump] / print-nfs.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Network File System (NFS) printer */
23
24 #include <config.h>
25
26 #include "netdissect-stdinc.h"
27
28 #include <stdio.h>
29 #include <string.h>
30 #include <limits.h>
31
32 #include "netdissect.h"
33 #include "addrtoname.h"
34 #include "extract.h"
35
36 #include "nfs.h"
37 #include "nfsfh.h"
38
39 #include "ip.h"
40 #include "ip6.h"
41 #include "rpc_auth.h"
42 #include "rpc_msg.h"
43
44
45 static void nfs_printfh(netdissect_options *, const uint32_t *, const u_int);
46 static int xid_map_enter(netdissect_options *, const struct sunrpc_msg *, const u_char *);
47 static int xid_map_find(netdissect_options *, const struct sunrpc_msg *, const u_char *, uint32_t *, uint32_t *);
48 static void interp_reply(netdissect_options *, const struct sunrpc_msg *, uint32_t, uint32_t, int);
49 static const uint32_t *parse_post_op_attr(netdissect_options *, const uint32_t *, int);
50
51 /*
52 * Mapping of old NFS Version 2 RPC numbers to generic numbers.
53 */
54 static uint32_t nfsv3_procid[NFS_NPROCS] = {
55 NFSPROC_NULL,
56 NFSPROC_GETATTR,
57 NFSPROC_SETATTR,
58 NFSPROC_NOOP,
59 NFSPROC_LOOKUP,
60 NFSPROC_READLINK,
61 NFSPROC_READ,
62 NFSPROC_NOOP,
63 NFSPROC_WRITE,
64 NFSPROC_CREATE,
65 NFSPROC_REMOVE,
66 NFSPROC_RENAME,
67 NFSPROC_LINK,
68 NFSPROC_SYMLINK,
69 NFSPROC_MKDIR,
70 NFSPROC_RMDIR,
71 NFSPROC_READDIR,
72 NFSPROC_FSSTAT,
73 NFSPROC_NOOP,
74 NFSPROC_NOOP,
75 NFSPROC_NOOP,
76 NFSPROC_NOOP,
77 NFSPROC_NOOP,
78 NFSPROC_NOOP,
79 NFSPROC_NOOP,
80 NFSPROC_NOOP
81 };
82
83 static const struct tok nfsproc_str[] = {
84 { NFSPROC_NOOP, "nop" },
85 { NFSPROC_NULL, "null" },
86 { NFSPROC_GETATTR, "getattr" },
87 { NFSPROC_SETATTR, "setattr" },
88 { NFSPROC_LOOKUP, "lookup" },
89 { NFSPROC_ACCESS, "access" },
90 { NFSPROC_READLINK, "readlink" },
91 { NFSPROC_READ, "read" },
92 { NFSPROC_WRITE, "write" },
93 { NFSPROC_CREATE, "create" },
94 { NFSPROC_MKDIR, "mkdir" },
95 { NFSPROC_SYMLINK, "symlink" },
96 { NFSPROC_MKNOD, "mknod" },
97 { NFSPROC_REMOVE, "remove" },
98 { NFSPROC_RMDIR, "rmdir" },
99 { NFSPROC_RENAME, "rename" },
100 { NFSPROC_LINK, "link" },
101 { NFSPROC_READDIR, "readdir" },
102 { NFSPROC_READDIRPLUS, "readdirplus" },
103 { NFSPROC_FSSTAT, "fsstat" },
104 { NFSPROC_FSINFO, "fsinfo" },
105 { NFSPROC_PATHCONF, "pathconf" },
106 { NFSPROC_COMMIT, "commit" },
107 { 0, NULL }
108 };
109
110 /*
111 * NFS V2 and V3 status values.
112 *
113 * Some of these come from the RFCs for NFS V2 and V3, with the message
114 * strings taken from the FreeBSD C library "errlst.c".
115 *
116 * Others are errors that are not in the RFC but that I suspect some
117 * NFS servers could return; the values are FreeBSD errno values, as
118 * the first NFS server was the SunOS 2.0 one, and until 5.0 SunOS
119 * was primarily BSD-derived.
120 */
121 static const struct tok status2str[] = {
122 { 1, "Operation not permitted" }, /* EPERM */
123 { 2, "No such file or directory" }, /* ENOENT */
124 { 5, "Input/output error" }, /* EIO */
125 { 6, "Device not configured" }, /* ENXIO */
126 { 11, "Resource deadlock avoided" }, /* EDEADLK */
127 { 12, "Cannot allocate memory" }, /* ENOMEM */
128 { 13, "Permission denied" }, /* EACCES */
129 { 17, "File exists" }, /* EEXIST */
130 { 18, "Cross-device link" }, /* EXDEV */
131 { 19, "Operation not supported by device" }, /* ENODEV */
132 { 20, "Not a directory" }, /* ENOTDIR */
133 { 21, "Is a directory" }, /* EISDIR */
134 { 22, "Invalid argument" }, /* EINVAL */
135 { 26, "Text file busy" }, /* ETXTBSY */
136 { 27, "File too large" }, /* EFBIG */
137 { 28, "No space left on device" }, /* ENOSPC */
138 { 30, "Read-only file system" }, /* EROFS */
139 { 31, "Too many links" }, /* EMLINK */
140 { 45, "Operation not supported" }, /* EOPNOTSUPP */
141 { 62, "Too many levels of symbolic links" }, /* ELOOP */
142 { 63, "File name too long" }, /* ENAMETOOLONG */
143 { 66, "Directory not empty" }, /* ENOTEMPTY */
144 { 69, "Disc quota exceeded" }, /* EDQUOT */
145 { 70, "Stale NFS file handle" }, /* ESTALE */
146 { 71, "Too many levels of remote in path" }, /* EREMOTE */
147 { 99, "Write cache flushed to disk" }, /* NFSERR_WFLUSH (not used) */
148 { 10001, "Illegal NFS file handle" }, /* NFS3ERR_BADHANDLE */
149 { 10002, "Update synchronization mismatch" }, /* NFS3ERR_NOT_SYNC */
150 { 10003, "READDIR/READDIRPLUS cookie is stale" }, /* NFS3ERR_BAD_COOKIE */
151 { 10004, "Operation not supported" }, /* NFS3ERR_NOTSUPP */
152 { 10005, "Buffer or request is too small" }, /* NFS3ERR_TOOSMALL */
153 { 10006, "Unspecified error on server" }, /* NFS3ERR_SERVERFAULT */
154 { 10007, "Object of that type not supported" }, /* NFS3ERR_BADTYPE */
155 { 10008, "Request couldn't be completed in time" }, /* NFS3ERR_JUKEBOX */
156 { 0, NULL }
157 };
158
159 static const struct tok nfsv3_writemodes[] = {
160 { 0, "unstable" },
161 { 1, "datasync" },
162 { 2, "filesync" },
163 { 0, NULL }
164 };
165
166 static const struct tok type2str[] = {
167 { NFNON, "NON" },
168 { NFREG, "REG" },
169 { NFDIR, "DIR" },
170 { NFBLK, "BLK" },
171 { NFCHR, "CHR" },
172 { NFLNK, "LNK" },
173 { NFFIFO, "FIFO" },
174 { 0, NULL }
175 };
176
177 static const struct tok sunrpc_auth_str[] = {
178 { SUNRPC_AUTH_OK, "OK" },
179 { SUNRPC_AUTH_BADCRED, "Bogus Credentials (seal broken)" },
180 { SUNRPC_AUTH_REJECTEDCRED, "Rejected Credentials (client should begin new session)" },
181 { SUNRPC_AUTH_BADVERF, "Bogus Verifier (seal broken)" },
182 { SUNRPC_AUTH_REJECTEDVERF, "Verifier expired or was replayed" },
183 { SUNRPC_AUTH_TOOWEAK, "Credentials are too weak" },
184 { SUNRPC_AUTH_INVALIDRESP, "Bogus response verifier" },
185 { SUNRPC_AUTH_FAILED, "Unknown failure" },
186 { 0, NULL }
187 };
188
189 static const struct tok sunrpc_str[] = {
190 { SUNRPC_PROG_UNAVAIL, "PROG_UNAVAIL" },
191 { SUNRPC_PROG_MISMATCH, "PROG_MISMATCH" },
192 { SUNRPC_PROC_UNAVAIL, "PROC_UNAVAIL" },
193 { SUNRPC_GARBAGE_ARGS, "GARBAGE_ARGS" },
194 { SUNRPC_SYSTEM_ERR, "SYSTEM_ERR" },
195 { 0, NULL }
196 };
197
198 static void
199 nfsaddr_print(netdissect_options *ndo,
200 const u_char *bp, const char *s, const char *d)
201 {
202 const struct ip *ip;
203 const struct ip6_hdr *ip6;
204 char srcaddr[INET6_ADDRSTRLEN], dstaddr[INET6_ADDRSTRLEN];
205
206 srcaddr[0] = dstaddr[0] = '\0';
207 switch (IP_V((const struct ip *)bp)) {
208 case 4:
209 ip = (const struct ip *)bp;
210 strlcpy(srcaddr, GET_IPADDR_STRING(ip->ip_src), sizeof(srcaddr));
211 strlcpy(dstaddr, GET_IPADDR_STRING(ip->ip_dst), sizeof(dstaddr));
212 break;
213 case 6:
214 ip6 = (const struct ip6_hdr *)bp;
215 strlcpy(srcaddr, GET_IP6ADDR_STRING(ip6->ip6_src),
216 sizeof(srcaddr));
217 strlcpy(dstaddr, GET_IP6ADDR_STRING(ip6->ip6_dst),
218 sizeof(dstaddr));
219 break;
220 default:
221 strlcpy(srcaddr, "?", sizeof(srcaddr));
222 strlcpy(dstaddr, "?", sizeof(dstaddr));
223 break;
224 }
225
226 ND_PRINT("%s.%s > %s.%s: ", srcaddr, s, dstaddr, d);
227 }
228
229 /*
230 * NFS Version 3 sattr3 structure for the new node creation case.
231 * This does not have a fixed layout on the network, so this
232 * structure does not correspond to the layout of the data on
233 * the network; it's used to store the data when the sattr3
234 * is parsed for use when it's later printed.
235 */
236 struct nfsv3_sattr {
237 uint32_t sa_modeset;
238 uint32_t sa_mode;
239 uint32_t sa_uidset;
240 uint32_t sa_uid;
241 uint32_t sa_gidset;
242 uint32_t sa_gid;
243 uint32_t sa_sizeset;
244 uint32_t sa_size;
245 uint32_t sa_atimetype;
246 struct {
247 uint32_t nfsv3_sec;
248 uint32_t nfsv3_nsec;
249 } sa_atime;
250 uint32_t sa_mtimetype;
251 struct {
252 uint32_t nfsv3_sec;
253 uint32_t nfsv3_nsec;
254 } sa_mtime;
255 };
256
257 static const uint32_t *
258 parse_sattr3(netdissect_options *ndo,
259 const uint32_t *dp, struct nfsv3_sattr *sa3)
260 {
261 sa3->sa_modeset = GET_BE_U_4(dp);
262 dp++;
263 if (sa3->sa_modeset) {
264 sa3->sa_mode = GET_BE_U_4(dp);
265 dp++;
266 }
267
268 sa3->sa_uidset = GET_BE_U_4(dp);
269 dp++;
270 if (sa3->sa_uidset) {
271 sa3->sa_uid = GET_BE_U_4(dp);
272 dp++;
273 }
274
275 sa3->sa_gidset = GET_BE_U_4(dp);
276 dp++;
277 if (sa3->sa_gidset) {
278 sa3->sa_gid = GET_BE_U_4(dp);
279 dp++;
280 }
281
282 sa3->sa_sizeset = GET_BE_U_4(dp);
283 dp++;
284 if (sa3->sa_sizeset) {
285 sa3->sa_size = GET_BE_U_4(dp);
286 dp++;
287 }
288
289 sa3->sa_atimetype = GET_BE_U_4(dp);
290 dp++;
291 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT) {
292 sa3->sa_atime.nfsv3_sec = GET_BE_U_4(dp);
293 dp++;
294 sa3->sa_atime.nfsv3_nsec = GET_BE_U_4(dp);
295 dp++;
296 }
297
298 sa3->sa_mtimetype = GET_BE_U_4(dp);
299 dp++;
300 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT) {
301 sa3->sa_mtime.nfsv3_sec = GET_BE_U_4(dp);
302 dp++;
303 sa3->sa_mtime.nfsv3_nsec = GET_BE_U_4(dp);
304 dp++;
305 }
306
307 return dp;
308 }
309
310 static void
311 print_sattr3(netdissect_options *ndo,
312 const struct nfsv3_sattr *sa3, int verbose)
313 {
314 if (sa3->sa_modeset)
315 ND_PRINT(" mode %o", sa3->sa_mode);
316 if (sa3->sa_uidset)
317 ND_PRINT(" uid %u", sa3->sa_uid);
318 if (sa3->sa_gidset)
319 ND_PRINT(" gid %u", sa3->sa_gid);
320 if (verbose > 1) {
321 if (sa3->sa_atimetype == NFSV3SATTRTIME_TOCLIENT)
322 ND_PRINT(" atime %u.%06u", sa3->sa_atime.nfsv3_sec,
323 sa3->sa_atime.nfsv3_nsec);
324 if (sa3->sa_mtimetype == NFSV3SATTRTIME_TOCLIENT)
325 ND_PRINT(" mtime %u.%06u", sa3->sa_mtime.nfsv3_sec,
326 sa3->sa_mtime.nfsv3_nsec);
327 }
328 }
329
330 void
331 nfsreply_print(netdissect_options *ndo,
332 const u_char *bp, u_int length,
333 const u_char *bp2)
334 {
335 const struct sunrpc_msg *rp;
336 char srcid[20], dstid[20]; /*fits 32bit*/
337
338 ndo->ndo_protocol = "nfs";
339 rp = (const struct sunrpc_msg *)bp;
340
341 if (!ndo->ndo_nflag) {
342 strlcpy(srcid, "nfs", sizeof(srcid));
343 snprintf(dstid, sizeof(dstid), "%u",
344 GET_BE_U_4(rp->rm_xid));
345 } else {
346 snprintf(srcid, sizeof(srcid), "%u", NFS_PORT);
347 snprintf(dstid, sizeof(dstid), "%u",
348 GET_BE_U_4(rp->rm_xid));
349 }
350 nfsaddr_print(ndo, bp2, srcid, dstid);
351
352 nfsreply_noaddr_print(ndo, bp, length, bp2);
353 }
354
355 void
356 nfsreply_noaddr_print(netdissect_options *ndo,
357 const u_char *bp, u_int length,
358 const u_char *bp2)
359 {
360 const struct sunrpc_msg *rp;
361 uint32_t proc, vers, reply_stat;
362 enum sunrpc_reject_stat rstat;
363 uint32_t rlow;
364 uint32_t rhigh;
365 enum sunrpc_auth_stat rwhy;
366
367 ndo->ndo_protocol = "nfs";
368 rp = (const struct sunrpc_msg *)bp;
369
370 ND_TCHECK_4(rp->rm_reply.rp_stat);
371 reply_stat = GET_BE_U_4(&rp->rm_reply.rp_stat);
372 switch (reply_stat) {
373
374 case SUNRPC_MSG_ACCEPTED:
375 ND_PRINT("reply ok %u", length);
376 if (xid_map_find(ndo, rp, bp2, &proc, &vers) >= 0)
377 interp_reply(ndo, rp, proc, vers, length);
378 break;
379
380 case SUNRPC_MSG_DENIED:
381 ND_PRINT("reply ERR %u: ", length);
382 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_stat);
383 rstat = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_stat);
384 switch (rstat) {
385
386 case SUNRPC_RPC_MISMATCH:
387 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_vers.high);
388 rlow = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.low);
389 rhigh = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_vers.high);
390 ND_PRINT("RPC Version mismatch (%u-%u)", rlow, rhigh);
391 break;
392
393 case SUNRPC_AUTH_ERROR:
394 ND_TCHECK_4(rp->rm_reply.rp_reject.rj_why);
395 rwhy = GET_BE_U_4(&rp->rm_reply.rp_reject.rj_why);
396 ND_PRINT("Auth %s", tok2str(sunrpc_auth_str, "Invalid failure code %u", rwhy));
397 break;
398
399 default:
400 ND_PRINT("Unknown reason for rejecting rpc message %u", (unsigned int)rstat);
401 break;
402 }
403 break;
404
405 default:
406 ND_PRINT("reply Unknown rpc response code=%u %u", reply_stat, length);
407 break;
408 }
409 return;
410
411 trunc:
412 nd_print_trunc(ndo);
413 }
414
415 /*
416 * Return a pointer to the first file handle in the packet.
417 * If the packet was truncated, return 0.
418 */
419 static const uint32_t *
420 parsereq(netdissect_options *ndo,
421 const struct sunrpc_msg *rp, u_int length)
422 {
423 const uint32_t *dp;
424 u_int len, rounded_len;
425
426 /*
427 * Find the start of the req data (if we captured it).
428 * First, get the length of the credentials, and make sure
429 * we have all of the opaque part of the credentials.
430 */
431 dp = (const uint32_t *)&rp->rm_call.cb_cred;
432 if (length < 2 * sizeof(*dp))
433 goto trunc;
434 len = GET_BE_U_4(dp + 1);
435 rounded_len = roundup2(len, 4);
436 ND_TCHECK_LEN(dp + 2, rounded_len);
437 if (2 * sizeof(*dp) + rounded_len <= length) {
438 /*
439 * We have all of the credentials. Skip past them; they
440 * consist of 4 bytes of flavor, 4 bytes of length,
441 * and len-rounded-up-to-a-multiple-of-4 bytes of
442 * data.
443 */
444 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
445 length -= 2 * sizeof(*dp) + rounded_len;
446
447 /*
448 * Now get the length of the verifier, and make sure
449 * we have all of the opaque part of the verifier.
450 */
451 if (length < 2 * sizeof(*dp))
452 goto trunc;
453 len = GET_BE_U_4(dp + 1);
454 rounded_len = roundup2(len, 4);
455 ND_TCHECK_LEN(dp + 2, rounded_len);
456 if (2 * sizeof(*dp) + rounded_len < length) {
457 /*
458 * We have all of the verifier. Skip past it;
459 * it consists of 4 bytes of flavor, 4 bytes of
460 * length, and len-rounded-up-to-a-multiple-of-4
461 * bytes of data.
462 */
463 dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
464 return (dp);
465 }
466 }
467 trunc:
468 return (NULL);
469 }
470
471 /*
472 * Print out an NFS file handle and return a pointer to following word.
473 * If packet was truncated, return 0.
474 */
475 static const uint32_t *
476 parsefh(netdissect_options *ndo,
477 const uint32_t *dp, int v3)
478 {
479 u_int len;
480
481 if (v3) {
482 len = GET_BE_U_4(dp) / 4;
483 dp++;
484 } else
485 len = NFSX_V2FH / 4;
486
487 if (ND_TTEST_LEN(dp, len * sizeof(*dp))) {
488 nfs_printfh(ndo, dp, len);
489 return (dp + len);
490 } else
491 return NULL;
492 }
493
494 /*
495 * Print out a file name and return pointer to 32-bit word past it.
496 * If packet was truncated, return 0.
497 */
498 static const uint32_t *
499 parsefn(netdissect_options *ndo,
500 const uint32_t *dp)
501 {
502 uint32_t len, rounded_len;
503 const u_char *cp;
504
505 /* Fetch big-endian string length */
506 len = GET_BE_U_4(dp);
507 dp++;
508
509 if (UINT_MAX - len < 3) {
510 ND_PRINT("[cannot pad to 32-bit boundaries]");
511 nd_print_invalid(ndo);
512 return NULL;
513 }
514
515 rounded_len = roundup2(len, 4);
516 ND_TCHECK_LEN(dp, rounded_len);
517
518 cp = (const u_char *)dp;
519 /* Update 32-bit pointer (NFS filenames padded to 32-bit boundaries) */
520 dp += rounded_len / sizeof(*dp);
521 ND_PRINT("\"");
522 if (nd_printn(ndo, cp, len, ndo->ndo_snapend)) {
523 ND_PRINT("\"");
524 goto trunc;
525 }
526 ND_PRINT("\"");
527
528 return (dp);
529 trunc:
530 return NULL;
531 }
532
533 /*
534 * Print out file handle and file name.
535 * Return pointer to 32-bit word past file name.
536 * If packet was truncated (or there was some other error), return 0.
537 */
538 static const uint32_t *
539 parsefhn(netdissect_options *ndo,
540 const uint32_t *dp, int v3)
541 {
542 dp = parsefh(ndo, dp, v3);
543 if (dp == NULL)
544 return (NULL);
545 ND_PRINT(" ");
546 return (parsefn(ndo, dp));
547 }
548
549 void
550 nfsreq_noaddr_print(netdissect_options *ndo,
551 const u_char *bp, u_int length,
552 const u_char *bp2)
553 {
554 const struct sunrpc_msg *rp;
555 const uint32_t *dp;
556 nfs_type type;
557 int v3;
558 uint32_t proc;
559 uint32_t access_flags;
560 struct nfsv3_sattr sa3;
561
562 ndo->ndo_protocol = "nfs";
563 ND_PRINT("%u", length);
564 rp = (const struct sunrpc_msg *)bp;
565
566 if (!xid_map_enter(ndo, rp, bp2)) /* record proc number for later on */
567 goto trunc;
568
569 v3 = (GET_BE_U_4(&rp->rm_call.cb_vers) == NFS_VER3);
570 proc = GET_BE_U_4(&rp->rm_call.cb_proc);
571
572 if (!v3 && proc < NFS_NPROCS)
573 proc = nfsv3_procid[proc];
574
575 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
576 switch (proc) {
577
578 case NFSPROC_GETATTR:
579 case NFSPROC_SETATTR:
580 case NFSPROC_READLINK:
581 case NFSPROC_FSSTAT:
582 case NFSPROC_FSINFO:
583 case NFSPROC_PATHCONF:
584 dp = parsereq(ndo, rp, length);
585 if (dp == NULL)
586 goto trunc;
587 if (parsefh(ndo, dp, v3) == NULL)
588 goto trunc;
589 break;
590
591 case NFSPROC_LOOKUP:
592 case NFSPROC_CREATE:
593 case NFSPROC_MKDIR:
594 case NFSPROC_REMOVE:
595 case NFSPROC_RMDIR:
596 dp = parsereq(ndo, rp, length);
597 if (dp == NULL)
598 goto trunc;
599 if (parsefhn(ndo, dp, v3) == NULL)
600 goto trunc;
601 break;
602
603 case NFSPROC_ACCESS:
604 dp = parsereq(ndo, rp, length);
605 if (dp == NULL)
606 goto trunc;
607 dp = parsefh(ndo, dp, v3);
608 if (dp == NULL)
609 goto trunc;
610 access_flags = GET_BE_U_4(dp);
611 if (access_flags & ~NFSV3ACCESS_FULL) {
612 /* NFSV3ACCESS definitions aren't up to date */
613 ND_PRINT(" %04x", access_flags);
614 } else if ((access_flags & NFSV3ACCESS_FULL) == NFSV3ACCESS_FULL) {
615 ND_PRINT(" NFS_ACCESS_FULL");
616 } else {
617 char separator = ' ';
618 if (access_flags & NFSV3ACCESS_READ) {
619 ND_PRINT(" NFS_ACCESS_READ");
620 separator = '|';
621 }
622 if (access_flags & NFSV3ACCESS_LOOKUP) {
623 ND_PRINT("%cNFS_ACCESS_LOOKUP", separator);
624 separator = '|';
625 }
626 if (access_flags & NFSV3ACCESS_MODIFY) {
627 ND_PRINT("%cNFS_ACCESS_MODIFY", separator);
628 separator = '|';
629 }
630 if (access_flags & NFSV3ACCESS_EXTEND) {
631 ND_PRINT("%cNFS_ACCESS_EXTEND", separator);
632 separator = '|';
633 }
634 if (access_flags & NFSV3ACCESS_DELETE) {
635 ND_PRINT("%cNFS_ACCESS_DELETE", separator);
636 separator = '|';
637 }
638 if (access_flags & NFSV3ACCESS_EXECUTE)
639 ND_PRINT("%cNFS_ACCESS_EXECUTE", separator);
640 }
641 break;
642
643 case NFSPROC_READ:
644 dp = parsereq(ndo, rp, length);
645 if (dp == NULL)
646 goto trunc;
647 dp = parsefh(ndo, dp, v3);
648 if (dp == NULL)
649 goto trunc;
650 if (v3) {
651 ND_PRINT(" %u bytes @ %" PRIu64,
652 GET_BE_U_4(dp + 2),
653 GET_BE_U_8(dp));
654 } else {
655 ND_PRINT(" %u bytes @ %u",
656 GET_BE_U_4(dp + 1),
657 GET_BE_U_4(dp));
658 }
659 break;
660
661 case NFSPROC_WRITE:
662 dp = parsereq(ndo, rp, length);
663 if (dp == NULL)
664 goto trunc;
665 dp = parsefh(ndo, dp, v3);
666 if (dp == NULL)
667 goto trunc;
668 if (v3) {
669 ND_PRINT(" %u (%u) bytes @ %" PRIu64,
670 GET_BE_U_4(dp + 4),
671 GET_BE_U_4(dp + 2),
672 GET_BE_U_8(dp));
673 if (ndo->ndo_vflag) {
674 ND_PRINT(" <%s>",
675 tok2str(nfsv3_writemodes,
676 NULL, GET_BE_U_4(dp + 3)));
677 }
678 } else {
679 ND_PRINT(" %u (%u) bytes @ %u (%u)",
680 GET_BE_U_4(dp + 3),
681 GET_BE_U_4(dp + 2),
682 GET_BE_U_4(dp + 1),
683 GET_BE_U_4(dp));
684 }
685 break;
686
687 case NFSPROC_SYMLINK:
688 dp = parsereq(ndo, rp, length);
689 if (dp == NULL)
690 goto trunc;
691 dp = parsefhn(ndo, dp, v3);
692 if (dp == NULL)
693 goto trunc;
694 ND_PRINT(" ->");
695 if (v3 && (dp = parse_sattr3(ndo, dp, &sa3)) == NULL)
696 goto trunc;
697 if (parsefn(ndo, dp) == NULL)
698 goto trunc;
699 if (v3 && ndo->ndo_vflag)
700 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
701 break;
702
703 case NFSPROC_MKNOD:
704 dp = parsereq(ndo, rp, length);
705 if (dp == NULL)
706 goto trunc;
707 dp = parsefhn(ndo, dp, v3);
708 if (dp == NULL)
709 goto trunc;
710 type = (nfs_type) GET_BE_U_4(dp);
711 dp++;
712 dp = parse_sattr3(ndo, dp, &sa3);
713 if (dp == NULL)
714 goto trunc;
715 ND_PRINT(" %s", tok2str(type2str, "unk-ft %u", type));
716 if (ndo->ndo_vflag && (type == NFCHR || type == NFBLK)) {
717 ND_PRINT(" %u/%u",
718 GET_BE_U_4(dp),
719 GET_BE_U_4(dp + 1));
720 dp += 2;
721 }
722 if (ndo->ndo_vflag)
723 print_sattr3(ndo, &sa3, ndo->ndo_vflag);
724 break;
725
726 case NFSPROC_RENAME:
727 dp = parsereq(ndo, rp, length);
728 if (dp == NULL)
729 goto trunc;
730 dp = parsefhn(ndo, dp, v3);
731 if (dp == NULL)
732 goto trunc;
733 ND_PRINT(" ->");
734 if (parsefhn(ndo, dp, v3) == NULL)
735 goto trunc;
736 break;
737
738 case NFSPROC_LINK:
739 dp = parsereq(ndo, rp, length);
740 if (dp == NULL)
741 goto trunc;
742 dp = parsefh(ndo, dp, v3);
743 if (dp == NULL)
744 goto trunc;
745 ND_PRINT(" ->");
746 if (parsefhn(ndo, dp, v3) == NULL)
747 goto trunc;
748 break;
749
750 case NFSPROC_READDIR:
751 dp = parsereq(ndo, rp, length);
752 if (dp == NULL)
753 goto trunc;
754 dp = parsefh(ndo, dp, v3);
755 if (dp == NULL)
756 goto trunc;
757 if (v3) {
758 /*
759 * We shouldn't really try to interpret the
760 * offset cookie here.
761 */
762 ND_PRINT(" %u bytes @ %" PRId64,
763 GET_BE_U_4(dp + 4),
764 GET_BE_U_8(dp));
765 if (ndo->ndo_vflag) {
766 /*
767 * This displays the 8 bytes
768 * of the verifier in order,
769 * from the low-order byte
770 * to the high-order byte.
771 */
772 ND_PRINT(" verf %08x%08x",
773 GET_BE_U_4(dp + 2),
774 GET_BE_U_4(dp + 3));
775 }
776 } else {
777 /*
778 * Print the offset as signed, since -1 is
779 * common, but offsets > 2^31 aren't.
780 */
781 ND_PRINT(" %u bytes @ %u",
782 GET_BE_U_4(dp + 1),
783 GET_BE_U_4(dp));
784 }
785 break;
786
787 case NFSPROC_READDIRPLUS:
788 dp = parsereq(ndo, rp, length);
789 if (dp == NULL)
790 goto trunc;
791 dp = parsefh(ndo, dp, v3);
792 if (dp == NULL)
793 goto trunc;
794 /*
795 * We don't try to interpret the offset
796 * cookie here.
797 */
798 ND_PRINT(" %u bytes @ %" PRId64,
799 GET_BE_U_4(dp + 4),
800 GET_BE_U_8(dp));
801 if (ndo->ndo_vflag) {
802 /*
803 * This displays the 8 bytes
804 * of the verifier in order,
805 * from the low-order byte
806 * to the high-order byte.
807 */
808 ND_PRINT(" max %u verf %08x%08x",
809 GET_BE_U_4(dp + 5),
810 GET_BE_U_4(dp + 2),
811 GET_BE_U_4(dp + 3));
812 }
813 break;
814
815 case NFSPROC_COMMIT:
816 dp = parsereq(ndo, rp, length);
817 if (dp == NULL)
818 goto trunc;
819 dp = parsefh(ndo, dp, v3);
820 if (dp == NULL)
821 goto trunc;
822 ND_PRINT(" %u bytes @ %" PRIu64,
823 GET_BE_U_4(dp + 2),
824 GET_BE_U_8(dp));
825 break;
826
827 default:
828 break;
829 }
830 return;
831
832 trunc:
833 nd_print_trunc(ndo);
834 }
835
836 /*
837 * Print out an NFS file handle.
838 * We assume packet was not truncated before the end of the
839 * file handle pointed to by dp.
840 *
841 * Note: new version (using portable file-handle parser) doesn't produce
842 * generation number. It probably could be made to do that, with some
843 * additional hacking on the parser code.
844 */
845 static void
846 nfs_printfh(netdissect_options *ndo,
847 const uint32_t *dp, const u_int len)
848 {
849 my_fsid fsid;
850 uint32_t ino;
851 const char *sfsname = NULL;
852 char *spacep;
853
854 if (ndo->ndo_uflag) {
855 u_int i;
856 char const *sep = "";
857
858 ND_PRINT(" fh[");
859 for (i=0; i<len; i++) {
860 /*
861 * This displays 4 bytes in big-endian byte
862 * order. That's as good a choice as little-
863 * endian, as there's no guarantee that the
864 * server is big-endian or little-endian or
865 * that the file handle contains 4-byte
866 * integral fields, and is better than "the
867 * byte order of the host running tcpdump", as
868 * the latter means that different hosts
869 * running tcpdump may show the same file
870 * handle in different ways.
871 */
872 ND_PRINT("%s%x", sep, GET_BE_U_4(dp + i));
873 sep = ":";
874 }
875 ND_PRINT("]");
876 return;
877 }
878
879 Parse_fh(ndo, (const u_char *)dp, len, &fsid, &ino, NULL, &sfsname, 0);
880
881 if (sfsname) {
882 /* file system ID is ASCII, not numeric, for this server OS */
883 char temp[NFSX_V3FHMAX+1];
884 u_int stringlen;
885
886 /* Make sure string is null-terminated */
887 stringlen = len;
888 if (stringlen > NFSX_V3FHMAX)
889 stringlen = NFSX_V3FHMAX;
890 strncpy(temp, sfsname, stringlen);
891 temp[stringlen] = '\0';
892 /* Remove trailing spaces */
893 spacep = strchr(temp, ' ');
894 if (spacep)
895 *spacep = '\0';
896
897 ND_PRINT(" fh ");
898 fn_print_str(ndo, (const u_char *)temp);
899 ND_PRINT("/");
900 } else {
901 ND_PRINT(" fh %u,%u/",
902 fsid.Fsid_dev.Major, fsid.Fsid_dev.Minor);
903 }
904
905 if(fsid.Fsid_dev.Minor == UINT_MAX && fsid.Fsid_dev.Major == UINT_MAX)
906 /* Print the undecoded handle */
907 fn_print_str(ndo, (const u_char *)fsid.Opaque_Handle);
908 else
909 ND_PRINT("%u", ino);
910 }
911
912 /*
913 * Maintain a small cache of recent client.XID.server/proc pairs, to allow
914 * us to match up replies with requests and thus to know how to parse
915 * the reply.
916 */
917
918 struct xid_map_entry {
919 uint32_t xid; /* transaction ID (net order) */
920 int ipver; /* IP version (4 or 6) */
921 nd_ipv6 client; /* client IP address (net order) */
922 nd_ipv6 server; /* server IP address (net order) */
923 uint32_t proc; /* call proc number (host order) */
924 uint32_t vers; /* program version (host order) */
925 };
926
927 /*
928 * Map entries are kept in an array that we manage as a ring;
929 * new entries are always added at the tail of the ring. Initially,
930 * all the entries are zero and hence don't match anything.
931 */
932
933 #define XIDMAPSIZE 64
934
935 static struct xid_map_entry xid_map[XIDMAPSIZE];
936
937 static int xid_map_next = 0;
938 static int xid_map_hint = 0;
939
940 static int
941 xid_map_enter(netdissect_options *ndo,
942 const struct sunrpc_msg *rp, const u_char *bp)
943 {
944 const struct ip *ip = NULL;
945 const struct ip6_hdr *ip6 = NULL;
946 struct xid_map_entry *xmep;
947
948 if (!ND_TTEST_4(rp->rm_call.cb_proc))
949 return (0);
950 switch (IP_V((const struct ip *)bp)) {
951 case 4:
952 ip = (const struct ip *)bp;
953 break;
954 case 6:
955 ip6 = (const struct ip6_hdr *)bp;
956 break;
957 default:
958 return (1);
959 }
960
961 xmep = &xid_map[xid_map_next];
962
963 if (++xid_map_next >= XIDMAPSIZE)
964 xid_map_next = 0;
965
966 UNALIGNED_MEMCPY(&xmep->xid, &rp->rm_xid, sizeof(xmep->xid));
967 if (ip) {
968 xmep->ipver = 4;
969 UNALIGNED_MEMCPY(&xmep->client, ip->ip_src,
970 sizeof(ip->ip_src));
971 UNALIGNED_MEMCPY(&xmep->server, ip->ip_dst,
972 sizeof(ip->ip_dst));
973 } else if (ip6) {
974 xmep->ipver = 6;
975 UNALIGNED_MEMCPY(&xmep->client, ip6->ip6_src,
976 sizeof(ip6->ip6_src));
977 UNALIGNED_MEMCPY(&xmep->server, ip6->ip6_dst,
978 sizeof(ip6->ip6_dst));
979 }
980 xmep->proc = GET_BE_U_4(&rp->rm_call.cb_proc);
981 xmep->vers = GET_BE_U_4(&rp->rm_call.cb_vers);
982 return (1);
983 }
984
985 /*
986 * Returns 0 and puts NFSPROC_xxx in proc return and
987 * version in vers return, or returns -1 on failure
988 */
989 static int
990 xid_map_find(netdissect_options *ndo, const struct sunrpc_msg *rp,
991 const u_char *bp, uint32_t *proc, uint32_t *vers)
992 {
993 int i;
994 struct xid_map_entry *xmep;
995 uint32_t xid;
996 const struct ip *ip = (const struct ip *)bp;
997 const struct ip6_hdr *ip6 = (const struct ip6_hdr *)bp;
998 int cmp;
999
1000 UNALIGNED_MEMCPY(&xid, &rp->rm_xid, sizeof(xmep->xid));
1001 /* Start searching from where we last left off */
1002 i = xid_map_hint;
1003 do {
1004 xmep = &xid_map[i];
1005 cmp = 1;
1006 if (xmep->ipver != IP_V(ip) || xmep->xid != xid)
1007 goto nextitem;
1008 switch (xmep->ipver) {
1009 case 4:
1010 if (UNALIGNED_MEMCMP(ip->ip_src, &xmep->server,
1011 sizeof(ip->ip_src)) != 0 ||
1012 UNALIGNED_MEMCMP(ip->ip_dst, &xmep->client,
1013 sizeof(ip->ip_dst)) != 0) {
1014 cmp = 0;
1015 }
1016 break;
1017 case 6:
1018 if (UNALIGNED_MEMCMP(ip6->ip6_src, &xmep->server,
1019 sizeof(ip6->ip6_src)) != 0 ||
1020 UNALIGNED_MEMCMP(ip6->ip6_dst, &xmep->client,
1021 sizeof(ip6->ip6_dst)) != 0) {
1022 cmp = 0;
1023 }
1024 break;
1025 default:
1026 cmp = 0;
1027 break;
1028 }
1029 if (cmp) {
1030 /* match */
1031 xid_map_hint = i;
1032 *proc = xmep->proc;
1033 *vers = xmep->vers;
1034 return 0;
1035 }
1036 nextitem:
1037 if (++i >= XIDMAPSIZE)
1038 i = 0;
1039 } while (i != xid_map_hint);
1040
1041 /* search failed */
1042 return (-1);
1043 }
1044
1045 /*
1046 * Routines for parsing reply packets
1047 */
1048
1049 /*
1050 * Return a pointer to the beginning of the actual results.
1051 * If the packet was truncated, return 0.
1052 */
1053 static const uint32_t *
1054 parserep(netdissect_options *ndo,
1055 const struct sunrpc_msg *rp, u_int length, int *nfserrp)
1056 {
1057 const uint32_t *dp;
1058 u_int len;
1059 enum sunrpc_accept_stat astat;
1060
1061 /*
1062 * Portability note:
1063 * Here we find the address of the ar_verf credentials.
1064 * Originally, this calculation was
1065 * dp = (uint32_t *)&rp->rm_reply.rp_acpt.ar_verf
1066 * On the wire, the rp_acpt field starts immediately after
1067 * the (32 bit) rp_stat field. However, rp_acpt (which is a
1068 * "struct accepted_reply") contains a "struct opaque_auth",
1069 * whose internal representation contains a pointer, so on a
1070 * 64-bit machine the compiler inserts 32 bits of padding
1071 * before rp->rm_reply.rp_acpt.ar_verf. So, we cannot use
1072 * the internal representation to parse the on-the-wire
1073 * representation. Instead, we skip past the rp_stat field,
1074 * which is an "enum" and so occupies one 32-bit word.
1075 */
1076 dp = ((const uint32_t *)&rp->rm_reply) + 1;
1077 len = GET_BE_U_4(dp + 1);
1078 if (len >= length)
1079 return (NULL);
1080 /*
1081 * skip past the ar_verf credentials.
1082 */
1083 dp += (len + (2*sizeof(uint32_t) + 3)) / sizeof(uint32_t);
1084
1085 /*
1086 * now we can check the ar_stat field
1087 */
1088 astat = (enum sunrpc_accept_stat) GET_BE_U_4(dp);
1089 if (astat != SUNRPC_SUCCESS) {
1090 ND_PRINT(" %s", tok2str(sunrpc_str, "ar_stat %u", astat));
1091 *nfserrp = 1; /* suppress trunc string */
1092 return (NULL);
1093 }
1094 /* successful return */
1095 ND_TCHECK_LEN(dp, sizeof(astat));
1096 return ((const uint32_t *) (sizeof(astat) + ((const char *)dp)));
1097 trunc:
1098 return (0);
1099 }
1100
1101 static const uint32_t *
1102 parsestatus(netdissect_options *ndo,
1103 const uint32_t *dp, u_int *er, int *nfserrp)
1104 {
1105 u_int errnum;
1106
1107 errnum = GET_BE_U_4(dp);
1108 if (er)
1109 *er = errnum;
1110 if (errnum != 0) {
1111 if (!ndo->ndo_qflag)
1112 ND_PRINT(" ERROR: %s",
1113 tok2str(status2str, "unk %u", errnum));
1114 *nfserrp = 1;
1115 }
1116 return (dp + 1);
1117 }
1118
1119 static const uint32_t *
1120 parsefattr(netdissect_options *ndo,
1121 const uint32_t *dp, int verbose, int v3)
1122 {
1123 const struct nfs_fattr *fap;
1124
1125 fap = (const struct nfs_fattr *)dp;
1126 ND_TCHECK_4(fap->fa_gid);
1127 if (verbose) {
1128 /*
1129 * XXX - UIDs and GIDs are unsigned in NFS and in
1130 * at least some UN*Xes, but we'll show them as
1131 * signed because -2 has traditionally been the
1132 * UID for "nobody", rather than 4294967294.
1133 */
1134 ND_PRINT(" %s %o ids %d/%d",
1135 tok2str(type2str, "unk-ft %u ",
1136 GET_BE_U_4(fap->fa_type)),
1137 GET_BE_U_4(fap->fa_mode),
1138 GET_BE_S_4(fap->fa_uid),
1139 GET_BE_S_4(fap->fa_gid));
1140 if (v3) {
1141 ND_PRINT(" sz %" PRIu64,
1142 GET_BE_U_8(fap->fa3_size));
1143 } else {
1144 ND_PRINT(" sz %u", GET_BE_U_4(fap->fa2_size));
1145 }
1146 }
1147 /* print lots more stuff */
1148 if (verbose > 1) {
1149 if (v3) {
1150 ND_TCHECK_8(&fap->fa3_ctime);
1151 ND_PRINT(" nlink %u rdev %u/%u",
1152 GET_BE_U_4(fap->fa_nlink),
1153 GET_BE_U_4(fap->fa3_rdev.specdata1),
1154 GET_BE_U_4(fap->fa3_rdev.specdata2));
1155 ND_PRINT(" fsid %" PRIx64,
1156 GET_BE_U_8(fap->fa3_fsid));
1157 ND_PRINT(" fileid %" PRIx64,
1158 GET_BE_U_8(fap->fa3_fileid));
1159 ND_PRINT(" a/m/ctime %u.%06u",
1160 GET_BE_U_4(fap->fa3_atime.nfsv3_sec),
1161 GET_BE_U_4(fap->fa3_atime.nfsv3_nsec));
1162 ND_PRINT(" %u.%06u",
1163 GET_BE_U_4(fap->fa3_mtime.nfsv3_sec),
1164 GET_BE_U_4(fap->fa3_mtime.nfsv3_nsec));
1165 ND_PRINT(" %u.%06u",
1166 GET_BE_U_4(fap->fa3_ctime.nfsv3_sec),
1167 GET_BE_U_4(fap->fa3_ctime.nfsv3_nsec));
1168 } else {
1169 ND_TCHECK_8(&fap->fa2_ctime);
1170 ND_PRINT(" nlink %u rdev 0x%x fsid 0x%x nodeid 0x%x a/m/ctime",
1171 GET_BE_U_4(fap->fa_nlink),
1172 GET_BE_U_4(fap->fa2_rdev),
1173 GET_BE_U_4(fap->fa2_fsid),
1174 GET_BE_U_4(fap->fa2_fileid));
1175 ND_PRINT(" %u.%06u",
1176 GET_BE_U_4(fap->fa2_atime.nfsv2_sec),
1177 GET_BE_U_4(fap->fa2_atime.nfsv2_usec));
1178 ND_PRINT(" %u.%06u",
1179 GET_BE_U_4(fap->fa2_mtime.nfsv2_sec),
1180 GET_BE_U_4(fap->fa2_mtime.nfsv2_usec));
1181 ND_PRINT(" %u.%06u",
1182 GET_BE_U_4(fap->fa2_ctime.nfsv2_sec),
1183 GET_BE_U_4(fap->fa2_ctime.nfsv2_usec));
1184 }
1185 }
1186 return ((const uint32_t *)((const unsigned char *)dp +
1187 (v3 ? NFSX_V3FATTR : NFSX_V2FATTR)));
1188 trunc:
1189 return (NULL);
1190 }
1191
1192 static int
1193 parseattrstat(netdissect_options *ndo,
1194 const uint32_t *dp, int verbose, int v3, int *nfserrp)
1195 {
1196 u_int er;
1197
1198 dp = parsestatus(ndo, dp, &er, nfserrp);
1199 if (dp == NULL)
1200 return (0);
1201 if (er)
1202 return (1);
1203
1204 return (parsefattr(ndo, dp, verbose, v3) != NULL);
1205 }
1206
1207 static int
1208 parsediropres(netdissect_options *ndo,
1209 const uint32_t *dp, int *nfserrp)
1210 {
1211 u_int er;
1212
1213 dp = parsestatus(ndo, dp, &er, nfserrp);
1214 if (dp == NULL)
1215 return (0);
1216 if (er)
1217 return (1);
1218
1219 dp = parsefh(ndo, dp, 0);
1220 if (dp == NULL)
1221 return (0);
1222
1223 return (parsefattr(ndo, dp, ndo->ndo_vflag, 0) != NULL);
1224 }
1225
1226 static int
1227 parselinkres(netdissect_options *ndo,
1228 const uint32_t *dp, int v3, int *nfserrp)
1229 {
1230 u_int er;
1231
1232 dp = parsestatus(ndo, dp, &er, nfserrp);
1233 if (dp == NULL)
1234 return(0);
1235 if (er)
1236 return(1);
1237 if (v3) {
1238 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1239 if (dp == NULL)
1240 return (0);
1241 }
1242 ND_PRINT(" ");
1243 return (parsefn(ndo, dp) != NULL);
1244 }
1245
1246 static int
1247 parsestatfs(netdissect_options *ndo,
1248 const uint32_t *dp, int v3, int *nfserrp)
1249 {
1250 const struct nfs_statfs *sfsp;
1251 u_int er;
1252
1253 dp = parsestatus(ndo, dp, &er, nfserrp);
1254 if (dp == NULL)
1255 return (0);
1256 if (!v3 && er)
1257 return (1);
1258
1259 if (ndo->ndo_qflag)
1260 return(1);
1261
1262 if (v3) {
1263 if (ndo->ndo_vflag)
1264 ND_PRINT(" POST:");
1265 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1266 if (dp == NULL)
1267 return (0);
1268 }
1269
1270 ND_TCHECK_LEN(dp, (v3 ? NFSX_V3STATFS : NFSX_V2STATFS));
1271
1272 sfsp = (const struct nfs_statfs *)dp;
1273
1274 if (v3) {
1275 ND_PRINT(" tbytes %" PRIu64 " fbytes %" PRIu64 " abytes %" PRIu64,
1276 GET_BE_U_8(sfsp->sf_tbytes),
1277 GET_BE_U_8(sfsp->sf_fbytes),
1278 GET_BE_U_8(sfsp->sf_abytes));
1279 if (ndo->ndo_vflag) {
1280 ND_PRINT(" tfiles %" PRIu64 " ffiles %" PRIu64 " afiles %" PRIu64 " invar %u",
1281 GET_BE_U_8(sfsp->sf_tfiles),
1282 GET_BE_U_8(sfsp->sf_ffiles),
1283 GET_BE_U_8(sfsp->sf_afiles),
1284 GET_BE_U_4(sfsp->sf_invarsec));
1285 }
1286 } else {
1287 ND_PRINT(" tsize %u bsize %u blocks %u bfree %u bavail %u",
1288 GET_BE_U_4(sfsp->sf_tsize),
1289 GET_BE_U_4(sfsp->sf_bsize),
1290 GET_BE_U_4(sfsp->sf_blocks),
1291 GET_BE_U_4(sfsp->sf_bfree),
1292 GET_BE_U_4(sfsp->sf_bavail));
1293 }
1294
1295 return (1);
1296 trunc:
1297 return (0);
1298 }
1299
1300 static int
1301 parserddires(netdissect_options *ndo,
1302 const uint32_t *dp, int *nfserrp)
1303 {
1304 u_int er;
1305
1306 dp = parsestatus(ndo, dp, &er, nfserrp);
1307 if (dp == NULL)
1308 return (0);
1309 if (er)
1310 return (1);
1311 if (ndo->ndo_qflag)
1312 return (1);
1313
1314 ND_PRINT(" offset 0x%x size %u ",
1315 GET_BE_U_4(dp), GET_BE_U_4(dp + 1));
1316 if (GET_BE_U_4(dp + 2) != 0)
1317 ND_PRINT(" eof");
1318
1319 return (1);
1320 }
1321
1322 static const uint32_t *
1323 parse_wcc_attr(netdissect_options *ndo,
1324 const uint32_t *dp)
1325 {
1326 /* Our caller has already checked this */
1327 ND_PRINT(" sz %" PRIu64, GET_BE_U_8(dp));
1328 ND_PRINT(" mtime %u.%06u ctime %u.%06u",
1329 GET_BE_U_4(dp + 2), GET_BE_U_4(dp + 3),
1330 GET_BE_U_4(dp + 4), GET_BE_U_4(dp + 5));
1331 return (dp + 6);
1332 }
1333
1334 /*
1335 * Pre operation attributes. Print only if vflag > 1.
1336 */
1337 static const uint32_t *
1338 parse_pre_op_attr(netdissect_options *ndo,
1339 const uint32_t *dp, int verbose)
1340 {
1341 if (!GET_BE_U_4(dp))
1342 return (dp + 1);
1343 dp++;
1344 ND_TCHECK_LEN(dp, 24);
1345 if (verbose > 1) {
1346 return parse_wcc_attr(ndo, dp);
1347 } else {
1348 /* If not verbose enough, just skip over wcc_attr */
1349 return (dp + 6);
1350 }
1351 trunc:
1352 return (NULL);
1353 }
1354
1355 /*
1356 * Post operation attributes are printed if vflag >= 1
1357 */
1358 static const uint32_t *
1359 parse_post_op_attr(netdissect_options *ndo,
1360 const uint32_t *dp, int verbose)
1361 {
1362 if (!GET_BE_U_4(dp))
1363 return (dp + 1);
1364 dp++;
1365 if (verbose) {
1366 return parsefattr(ndo, dp, verbose, 1);
1367 } else
1368 return (dp + (NFSX_V3FATTR / sizeof (uint32_t)));
1369 }
1370
1371 static const uint32_t *
1372 parse_wcc_data(netdissect_options *ndo,
1373 const uint32_t *dp, int verbose)
1374 {
1375 if (verbose > 1)
1376 ND_PRINT(" PRE:");
1377 dp = parse_pre_op_attr(ndo, dp, verbose);
1378 if (dp == NULL)
1379 return (0);
1380
1381 if (verbose)
1382 ND_PRINT(" POST:");
1383 return parse_post_op_attr(ndo, dp, verbose);
1384 }
1385
1386 static const uint32_t *
1387 parsecreateopres(netdissect_options *ndo,
1388 const uint32_t *dp, int verbose, int *nfserrp)
1389 {
1390 u_int er;
1391
1392 dp = parsestatus(ndo, dp, &er, nfserrp);
1393 if (dp == NULL)
1394 return (0);
1395 if (er)
1396 dp = parse_wcc_data(ndo, dp, verbose);
1397 else {
1398 if (!GET_BE_U_4(dp))
1399 return (dp + 1);
1400 dp++;
1401 dp = parsefh(ndo, dp, 1);
1402 if (dp == NULL)
1403 return (0);
1404 if (verbose) {
1405 dp = parse_post_op_attr(ndo, dp, verbose);
1406 if (dp == NULL)
1407 return (0);
1408 if (ndo->ndo_vflag > 1) {
1409 ND_PRINT(" dir attr:");
1410 dp = parse_wcc_data(ndo, dp, verbose);
1411 }
1412 }
1413 }
1414 return (dp);
1415 }
1416
1417 static const uint32_t *
1418 parsewccres(netdissect_options *ndo,
1419 const uint32_t *dp, int verbose, int *nfserrp)
1420 {
1421 u_int er;
1422
1423 dp = parsestatus(ndo, dp, &er, nfserrp);
1424 if (dp == NULL)
1425 return (0);
1426 return parse_wcc_data(ndo, dp, verbose);
1427 }
1428
1429 static const uint32_t *
1430 parsev3rddirres(netdissect_options *ndo,
1431 const uint32_t *dp, int verbose, int *nfserrp)
1432 {
1433 u_int er;
1434
1435 dp = parsestatus(ndo, dp, &er, nfserrp);
1436 if (dp == NULL)
1437 return (0);
1438 if (ndo->ndo_vflag)
1439 ND_PRINT(" POST:");
1440 dp = parse_post_op_attr(ndo, dp, verbose);
1441 if (dp == NULL)
1442 return (0);
1443 if (er)
1444 return dp;
1445 if (ndo->ndo_vflag) {
1446 /*
1447 * This displays the 8 bytes of the verifier in order,
1448 * from the low-order byte to the high-order byte.
1449 */
1450 ND_PRINT(" verf %08x%08x",
1451 GET_BE_U_4(dp), GET_BE_U_4(dp + 1));
1452 dp += 2;
1453 }
1454 return dp;
1455 }
1456
1457 static int
1458 parsefsinfo(netdissect_options *ndo,
1459 const uint32_t *dp, int *nfserrp)
1460 {
1461 const struct nfsv3_fsinfo *sfp;
1462 u_int er;
1463
1464 dp = parsestatus(ndo, dp, &er, nfserrp);
1465 if (dp == NULL)
1466 return (0);
1467 if (ndo->ndo_vflag)
1468 ND_PRINT(" POST:");
1469 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1470 if (dp == NULL)
1471 return (0);
1472 if (er)
1473 return (1);
1474
1475 sfp = (const struct nfsv3_fsinfo *)dp;
1476 ND_TCHECK_SIZE(sfp);
1477 ND_PRINT(" rtmax %u rtpref %u wtmax %u wtpref %u dtpref %u",
1478 GET_BE_U_4(sfp->fs_rtmax),
1479 GET_BE_U_4(sfp->fs_rtpref),
1480 GET_BE_U_4(sfp->fs_wtmax),
1481 GET_BE_U_4(sfp->fs_wtpref),
1482 GET_BE_U_4(sfp->fs_dtpref));
1483 if (ndo->ndo_vflag) {
1484 ND_PRINT(" rtmult %u wtmult %u maxfsz %" PRIu64,
1485 GET_BE_U_4(sfp->fs_rtmult),
1486 GET_BE_U_4(sfp->fs_wtmult),
1487 GET_BE_U_8(sfp->fs_maxfilesize));
1488 ND_PRINT(" delta %u.%06u ",
1489 GET_BE_U_4(sfp->fs_timedelta.nfsv3_sec),
1490 GET_BE_U_4(sfp->fs_timedelta.nfsv3_nsec));
1491 }
1492 return (1);
1493 trunc:
1494 return (0);
1495 }
1496
1497 static int
1498 parsepathconf(netdissect_options *ndo,
1499 const uint32_t *dp, int *nfserrp)
1500 {
1501 u_int er;
1502 const struct nfsv3_pathconf *spp;
1503
1504 dp = parsestatus(ndo, dp, &er, nfserrp);
1505 if (dp == NULL)
1506 return (0);
1507 if (ndo->ndo_vflag)
1508 ND_PRINT(" POST:");
1509 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1510 if (dp == NULL)
1511 return (0);
1512 if (er)
1513 return (1);
1514
1515 spp = (const struct nfsv3_pathconf *)dp;
1516 ND_TCHECK_SIZE(spp);
1517
1518 ND_PRINT(" linkmax %u namemax %u %s %s %s %s",
1519 GET_BE_U_4(spp->pc_linkmax),
1520 GET_BE_U_4(spp->pc_namemax),
1521 GET_BE_U_4(spp->pc_notrunc) ? "notrunc" : "",
1522 GET_BE_U_4(spp->pc_chownrestricted) ? "chownres" : "",
1523 GET_BE_U_4(spp->pc_caseinsensitive) ? "igncase" : "",
1524 GET_BE_U_4(spp->pc_casepreserving) ? "keepcase" : "");
1525 return (1);
1526 trunc:
1527 return (0);
1528 }
1529
1530 static void
1531 interp_reply(netdissect_options *ndo,
1532 const struct sunrpc_msg *rp, uint32_t proc, uint32_t vers,
1533 int length)
1534 {
1535 const uint32_t *dp;
1536 int v3;
1537 u_int er;
1538 int nfserr = 0;
1539
1540 v3 = (vers == NFS_VER3);
1541
1542 if (!v3 && proc < NFS_NPROCS)
1543 proc = nfsv3_procid[proc];
1544
1545 ND_PRINT(" %s", tok2str(nfsproc_str, "proc-%u", proc));
1546 switch (proc) {
1547
1548 case NFSPROC_GETATTR:
1549 dp = parserep(ndo, rp, length, &nfserr);
1550 if (dp == NULL)
1551 goto trunc;
1552 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, v3, &nfserr) == 0)
1553 goto trunc;
1554 break;
1555
1556 case NFSPROC_SETATTR:
1557 dp = parserep(ndo, rp, length, &nfserr);
1558 if (dp == NULL)
1559 goto trunc;
1560 if (v3) {
1561 if (parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1562 goto trunc;
1563 } else {
1564 if (parseattrstat(ndo, dp, !ndo->ndo_qflag, 0, &nfserr) == 0)
1565 goto trunc;
1566 }
1567 break;
1568
1569 case NFSPROC_LOOKUP:
1570 dp = parserep(ndo, rp, length, &nfserr);
1571 if (dp == NULL)
1572 goto trunc;
1573 if (v3) {
1574 dp = parsestatus(ndo, dp, &er, &nfserr);
1575 if (dp == NULL)
1576 goto trunc;
1577 if (er) {
1578 if (ndo->ndo_vflag > 1) {
1579 ND_PRINT(" post dattr:");
1580 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1581 if (dp == NULL)
1582 goto trunc;
1583 }
1584 } else {
1585 dp = parsefh(ndo, dp, v3);
1586 if (dp == NULL)
1587 goto trunc;
1588 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1589 if (dp == NULL)
1590 goto trunc;
1591 if (ndo->ndo_vflag > 1) {
1592 ND_PRINT(" post dattr:");
1593 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1594 if (dp == NULL)
1595 goto trunc;
1596 }
1597 }
1598 } else {
1599 if (parsediropres(ndo, dp, &nfserr) == 0)
1600 goto trunc;
1601 }
1602 break;
1603
1604 case NFSPROC_ACCESS:
1605 dp = parserep(ndo, rp, length, &nfserr);
1606 if (dp == NULL)
1607 goto trunc;
1608 dp = parsestatus(ndo, dp, &er, &nfserr);
1609 if (dp == NULL)
1610 goto trunc;
1611 if (ndo->ndo_vflag)
1612 ND_PRINT(" attr:");
1613 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1614 if (dp == NULL)
1615 goto trunc;
1616 if (!er) {
1617 ND_PRINT(" c %04x", GET_BE_U_4(dp));
1618 }
1619 break;
1620
1621 case NFSPROC_READLINK:
1622 dp = parserep(ndo, rp, length, &nfserr);
1623 if (dp == NULL)
1624 goto trunc;
1625 if (parselinkres(ndo, dp, v3, &nfserr) == 0)
1626 goto trunc;
1627 break;
1628
1629 case NFSPROC_READ:
1630 dp = parserep(ndo, rp, length, &nfserr);
1631 if (dp == NULL)
1632 goto trunc;
1633 if (v3) {
1634 dp = parsestatus(ndo, dp, &er, &nfserr);
1635 if (dp == NULL)
1636 goto trunc;
1637 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1638 if (dp == NULL)
1639 goto trunc;
1640 if (!er) {
1641 if (ndo->ndo_vflag) {
1642 ND_PRINT(" %u bytes", GET_BE_U_4(dp));
1643 if (GET_BE_U_4(dp + 1))
1644 ND_PRINT(" EOF");
1645 }
1646 }
1647 } else {
1648 if (parseattrstat(ndo, dp, ndo->ndo_vflag, 0, &nfserr) == 0)
1649 goto trunc;
1650 }
1651 break;
1652
1653 case NFSPROC_WRITE:
1654 dp = parserep(ndo, rp, length, &nfserr);
1655 if (dp == NULL)
1656 goto trunc;
1657 if (v3) {
1658 dp = parsestatus(ndo, dp, &er, &nfserr);
1659 if (dp == NULL)
1660 goto trunc;
1661 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1662 if (dp == NULL)
1663 goto trunc;
1664 if (!er) {
1665 if (ndo->ndo_vflag) {
1666 ND_PRINT(" %u bytes", GET_BE_U_4(dp));
1667 if (ndo->ndo_vflag > 1) {
1668 ND_PRINT(" <%s>",
1669 tok2str(nfsv3_writemodes,
1670 NULL, GET_BE_U_4(dp + 1)));
1671
1672 /* write-verf-cookie */
1673 ND_PRINT(" verf %" PRIx64,
1674 GET_BE_U_8(dp + 2));
1675 }
1676 }
1677 }
1678 return;
1679 } else {
1680 if (parseattrstat(ndo, dp, ndo->ndo_vflag, v3, &nfserr) == 0)
1681 goto trunc;
1682 }
1683 break;
1684
1685 case NFSPROC_CREATE:
1686 case NFSPROC_MKDIR:
1687 dp = parserep(ndo, rp, length, &nfserr);
1688 if (dp == NULL)
1689 goto trunc;
1690 if (v3) {
1691 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1692 goto trunc;
1693 } else {
1694 if (parsediropres(ndo, dp, &nfserr) == 0)
1695 goto trunc;
1696 }
1697 break;
1698
1699 case NFSPROC_SYMLINK:
1700 dp = parserep(ndo, rp, length, &nfserr);
1701 if (dp == NULL)
1702 goto trunc;
1703 if (v3) {
1704 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1705 goto trunc;
1706 } else {
1707 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1708 goto trunc;
1709 }
1710 break;
1711
1712 case NFSPROC_MKNOD:
1713 dp = parserep(ndo, rp, length, &nfserr);
1714 if (dp == NULL)
1715 goto trunc;
1716 if (parsecreateopres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1717 goto trunc;
1718 break;
1719
1720 case NFSPROC_REMOVE:
1721 case NFSPROC_RMDIR:
1722 dp = parserep(ndo, rp, length, &nfserr);
1723 if (dp == NULL)
1724 goto trunc;
1725 if (v3) {
1726 if (parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1727 goto trunc;
1728 } else {
1729 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1730 goto trunc;
1731 }
1732 break;
1733
1734 case NFSPROC_RENAME:
1735 dp = parserep(ndo, rp, length, &nfserr);
1736 if (dp == NULL)
1737 goto trunc;
1738 if (v3) {
1739 dp = parsestatus(ndo, dp, &er, &nfserr);
1740 if (dp == NULL)
1741 goto trunc;
1742 if (ndo->ndo_vflag) {
1743 ND_PRINT(" from:");
1744 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1745 if (dp == NULL)
1746 goto trunc;
1747 ND_PRINT(" to:");
1748 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1749 if (dp == NULL)
1750 goto trunc;
1751 }
1752 } else {
1753 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1754 goto trunc;
1755 }
1756 break;
1757
1758 case NFSPROC_LINK:
1759 dp = parserep(ndo, rp, length, &nfserr);
1760 if (dp == NULL)
1761 goto trunc;
1762 if (v3) {
1763 dp = parsestatus(ndo, dp, &er, &nfserr);
1764 if (dp == NULL)
1765 goto trunc;
1766 if (ndo->ndo_vflag) {
1767 ND_PRINT(" file POST:");
1768 dp = parse_post_op_attr(ndo, dp, ndo->ndo_vflag);
1769 if (dp == NULL)
1770 goto trunc;
1771 ND_PRINT(" dir:");
1772 dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag);
1773 if (dp == NULL)
1774 goto trunc;
1775 }
1776 return;
1777 } else {
1778 if (parsestatus(ndo, dp, &er, &nfserr) == NULL)
1779 goto trunc;
1780 }
1781 break;
1782
1783 case NFSPROC_READDIR:
1784 dp = parserep(ndo, rp, length, &nfserr);
1785 if (dp == NULL)
1786 goto trunc;
1787 if (v3) {
1788 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1789 goto trunc;
1790 } else {
1791 if (parserddires(ndo, dp, &nfserr) == 0)
1792 goto trunc;
1793 }
1794 break;
1795
1796 case NFSPROC_READDIRPLUS:
1797 dp = parserep(ndo, rp, length, &nfserr);
1798 if (dp == NULL)
1799 goto trunc;
1800 if (parsev3rddirres(ndo, dp, ndo->ndo_vflag, &nfserr) == NULL)
1801 goto trunc;
1802 break;
1803
1804 case NFSPROC_FSSTAT:
1805 dp = parserep(ndo, rp, length, &nfserr);
1806 if (dp == NULL)
1807 goto trunc;
1808 if (parsestatfs(ndo, dp, v3, &nfserr) == 0)
1809 goto trunc;
1810 break;
1811
1812 case NFSPROC_FSINFO:
1813 dp = parserep(ndo, rp, length, &nfserr);
1814 if (dp == NULL)
1815 goto trunc;
1816 if (parsefsinfo(ndo, dp, &nfserr) == 0)
1817 goto trunc;
1818 break;
1819
1820 case NFSPROC_PATHCONF:
1821 dp = parserep(ndo, rp, length, &nfserr);
1822 if (dp == NULL)
1823 goto trunc;
1824 if (parsepathconf(ndo, dp, &nfserr) == 0)
1825 goto trunc;
1826 break;
1827
1828 case NFSPROC_COMMIT:
1829 dp = parserep(ndo, rp, length, &nfserr);
1830 if (dp == NULL)
1831 goto trunc;
1832 dp = parsewccres(ndo, dp, ndo->ndo_vflag, &nfserr);
1833 if (dp == NULL)
1834 goto trunc;
1835 if (ndo->ndo_vflag > 1) {
1836 /* write-verf-cookie */
1837 ND_PRINT(" verf %" PRIx64, GET_BE_U_8(dp));
1838 }
1839 break;
1840
1841 default:
1842 break;
1843 }
1844 return;
1845
1846 trunc:
1847 if (!nfserr)
1848 nd_print_trunc(ndo);
1849 }
[mirror] the TCPdump network dissector