]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-tcp.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
NFLOG: fix error message
[tcpdump] / print-tcp.c
diff --git a/print-tcp.c b/print-tcp.c
index 3b0a13541afce82b1da3b26b144efd4678c8fc2f..713778a07ca307fcaabe9029112cf43c6bb4fd2b 100644 (file)
--- a/print-tcp.c
+++ b/print-tcp.c
@@ -70,13 +70,8 @@ static void print_tcp_rst_data(register const u_char *sp, u_int length);
 
 
 struct tha {
 
 
 struct tha {
-#ifndef INET6
         struct in_addr src;
         struct in_addr dst;
         struct in_addr src;
         struct in_addr dst;
-#else
-        struct in6_addr src;
-        struct in6_addr dst;
-#endif /*INET6*/
         u_int port;
 };
 
         u_int port;
 };
 
@@ -87,14 +82,32 @@ struct tcp_seq_hash {
         tcp_seq ack;
 };
 
         tcp_seq ack;
 };
 
+#ifdef INET6
+struct tha6 {
+        struct in6_addr src;
+        struct in6_addr dst;
+        u_int port;
+};
+
+struct tcp_seq_hash6 {
+        struct tcp_seq_hash6 *nxt;
+        struct tha6 addr;
+        tcp_seq seq;
+        tcp_seq ack;
+};
+#endif
+
 #define TSEQ_HASHSIZE 919
 
 /* These tcp optinos do not have the size octet */
 #define ZEROLENOPT(o) ((o) == TCPOPT_EOL || (o) == TCPOPT_NOP)
 
 #define TSEQ_HASHSIZE 919
 
 /* These tcp optinos do not have the size octet */
 #define ZEROLENOPT(o) ((o) == TCPOPT_EOL || (o) == TCPOPT_NOP)
 
-static struct tcp_seq_hash tcp_seq_hash[TSEQ_HASHSIZE];
+static struct tcp_seq_hash tcp_seq_hash4[TSEQ_HASHSIZE];
+#ifdef INET6
+static struct tcp_seq_hash6 tcp_seq_hash6[TSEQ_HASHSIZE];
+#endif
 
 
-struct tok tcp_flag_values[] = {
+static const struct tok tcp_flag_values[] = {
         { TH_FIN, "F" },
         { TH_SYN, "S" },
         { TH_RST, "R" },
         { TH_FIN, "F" },
         { TH_SYN, "S" },
         { TH_RST, "R" },
@@ -106,7 +119,7 @@ struct tok tcp_flag_values[] = {
         { 0, NULL }
 };
 
         { 0, NULL }
 };
 
-struct tok tcp_option_values[] = {
+static const struct tok tcp_option_values[] = {
         { TCPOPT_EOL, "eol" },
         { TCPOPT_NOP, "nop" },
         { TCPOPT_MAXSEG, "mss" },
         { TCPOPT_EOL, "eol" },
         { TCPOPT_NOP, "nop" },
         { TCPOPT_MAXSEG, "mss" },
@@ -122,6 +135,8 @@ struct tok tcp_option_values[] = {
         { TCPOPT_SIGNATURE, "md5" },
         { TCPOPT_AUTH, "enhanced auth" },
         { TCPOPT_UTO, "uto" },
         { TCPOPT_SIGNATURE, "md5" },
         { TCPOPT_AUTH, "enhanced auth" },
         { TCPOPT_UTO, "uto" },
+        { TCPOPT_MPTCP, "mptcp" },
+        { TCPOPT_EXPERIMENT2, "exp" },
         { 0, NULL }
 };
 
         { 0, NULL }
 };
 
@@ -145,7 +160,8 @@ tcp_print(register const u_char *bp, register u_int length,
         u_int16_t sport, dport, win, urp;
         u_int32_t seq, ack, thseq, thack;
         u_int utoval;
         u_int16_t sport, dport, win, urp;
         u_int32_t seq, ack, thseq, thack;
         u_int utoval;
-        int threv;
+        u_int16_t magic;
+        register int rev;
 #ifdef INET6
         register const struct ip6_hdr *ip6;
 #endif
 #ifdef INET6
         register const struct ip6_hdr *ip6;
 #endif
@@ -260,19 +276,21 @@ tcp_print(register const u_char *bp, register u_int length,
         printf("Flags [%s]", bittok2str_nosep(tcp_flag_values, "none", flags));
 
         if (!Sflag && (flags & TH_ACK)) {
         printf("Flags [%s]", bittok2str_nosep(tcp_flag_values, "none", flags));
 
         if (!Sflag && (flags & TH_ACK)) {
-                register struct tcp_seq_hash *th;
-                const void *src, *dst;
-                register int rev;
-                struct tha tha;
                 /*
                  * Find (or record) the initial sequence numbers for
                  * this conversation.  (we pick an arbitrary
                  * collating order so there's only one entry for
                  * both directions).
                  */
                 /*
                  * Find (or record) the initial sequence numbers for
                  * this conversation.  (we pick an arbitrary
                  * collating order so there's only one entry for
                  * both directions).
                  */
-#ifdef INET6
                 rev = 0;
                 rev = 0;
+#ifdef INET6
                 if (ip6) {
                 if (ip6) {
+                        register struct tcp_seq_hash6 *th;
+                        struct tcp_seq_hash6 *tcp_seq_hash;
+                        const struct in6_addr *src, *dst;
+                        struct tha6 tha;
+
+                        tcp_seq_hash = tcp_seq_hash6;
                         src = &ip6->ip6_src;
                         dst = &ip6->ip6_dst;
                         if (sport > dport)
                         src = &ip6->ip6_src;
                         dst = &ip6->ip6_dst;
                         if (sport > dport)
@@ -290,28 +308,45 @@ tcp_print(register const u_char *bp, register u_int length,
                                 memcpy(&tha.src, src, sizeof ip6->ip6_src);
                                 tha.port = sport << 16 | dport;
                         }
                                 memcpy(&tha.src, src, sizeof ip6->ip6_src);
                                 tha.port = sport << 16 | dport;
                         }
+
+                        for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
+                             th->nxt; th = th->nxt)
+                                if (memcmp((char *)&tha, (char *)&th->addr,
+                                           sizeof(th->addr)) == 0)
+                                        break;
+
+                        if (!th->nxt || (flags & TH_SYN)) {
+                                /* didn't find it or new conversation */
+                                if (th->nxt == NULL) {
+                                        th->nxt = (struct tcp_seq_hash6 *)
+                                                calloc(1, sizeof(*th));
+                                        if (th->nxt == NULL)
+                                                error("tcp_print: calloc");
+                                }
+                                th->addr = tha;
+                                if (rev)
+                                        th->ack = seq, th->seq = ack - 1;
+                                else
+                                        th->seq = seq, th->ack = ack - 1;
+                        } else {
+                                if (rev)
+                                        seq -= th->ack, ack -= th->seq;
+                                else
+                                        seq -= th->seq, ack -= th->ack;
+                        }
+
+                        thseq = th->seq;
+                        thack = th->ack;
                 } else {
                 } else {
-                        /*
-                         * Zero out the tha structure; the src and dst
-                         * fields are big enough to hold an IPv6
-                         * address, but we only have IPv4 addresses
-                         * and thus must clear out the remaining 124
-                         * bits.
-                         *
-                         * XXX - should we just clear those bytes after
-                         * copying the IPv4 addresses, rather than
-                         * zeroing out the entire structure and then
-                         * overwriting some of the zeroes?
-                         *
-                         * XXX - this could fail if we see TCP packets
-                         * with an IPv6 address with the lower 124 bits
-                         * all zero and also see TCP packes with an
-                         * IPv4 address with the same 32 bits as the
-                         * upper 32 bits of the IPv6 address in question.
-                         * Can that happen?  Is it likely enough to be
-                         * an issue?
-                         */
-                        memset(&tha, 0, sizeof(tha));
+#else  /*INET6*/
+                {
+#endif /*INET6*/
+                        register struct tcp_seq_hash *th;
+                        struct tcp_seq_hash *tcp_seq_hash;
+                        const struct in_addr *src, *dst;
+                        struct tha tha;
+
+                        tcp_seq_hash = tcp_seq_hash4;
                         src = &ip->ip_src;
                         dst = &ip->ip_dst;
                         if (sport > dport)
                         src = &ip->ip_src;
                         dst = &ip->ip_dst;
                         if (sport > dport)
@@ -329,60 +364,39 @@ tcp_print(register const u_char *bp, register u_int length,
                                 memcpy(&tha.src, src, sizeof ip->ip_src);
                                 tha.port = sport << 16 | dport;
                         }
                                 memcpy(&tha.src, src, sizeof ip->ip_src);
                                 tha.port = sport << 16 | dport;
                         }
-                }
-#else
-                rev = 0;
-                src = &ip->ip_src;
-                dst = &ip->ip_dst;
-                if (sport > dport)
-                        rev = 1;
-                else if (sport == dport) {
-                        if (memcmp(src, dst, sizeof ip->ip_dst) > 0)
-                                rev = 1;
-                }
-                if (rev) {
-                        memcpy(&tha.src, dst, sizeof ip->ip_dst);
-                        memcpy(&tha.dst, src, sizeof ip->ip_src);
-                        tha.port = dport << 16 | sport;
-                } else {
-                        memcpy(&tha.dst, dst, sizeof ip->ip_dst);
-                        memcpy(&tha.src, src, sizeof ip->ip_src);
-                        tha.port = sport << 16 | dport;
-                }
-#endif
 
 
-                threv = rev;
-                for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
-                     th->nxt; th = th->nxt)
-                        if (memcmp((char *)&tha, (char *)&th->addr,
-                                   sizeof(th->addr)) == 0)
-                                break;
+                        for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
+                             th->nxt; th = th->nxt)
+                                if (memcmp((char *)&tha, (char *)&th->addr,
+                                           sizeof(th->addr)) == 0)
+                                        break;
 
 
-                if (!th->nxt || (flags & TH_SYN)) {
-                        /* didn't find it or new conversation */
-                        if (th->nxt == NULL) {
-                                th->nxt = (struct tcp_seq_hash *)
-                                        calloc(1, sizeof(*th));
-                                if (th->nxt == NULL)
-                                        error("tcp_print: calloc");
+                        if (!th->nxt || (flags & TH_SYN)) {
+                                /* didn't find it or new conversation */
+                                if (th->nxt == NULL) {
+                                        th->nxt = (struct tcp_seq_hash *)
+                                                calloc(1, sizeof(*th));
+                                        if (th->nxt == NULL)
+                                                error("tcp_print: calloc");
+                                }
+                                th->addr = tha;
+                                if (rev)
+                                        th->ack = seq, th->seq = ack - 1;
+                                else
+                                        th->seq = seq, th->ack = ack - 1;
+                        } else {
+                                if (rev)
+                                        seq -= th->ack, ack -= th->seq;
+                                else
+                                        seq -= th->seq, ack -= th->ack;
                         }
                         }
-                        th->addr = tha;
-                        if (rev)
-                                th->ack = seq, th->seq = ack - 1;
-                        else
-                                th->seq = seq, th->ack = ack - 1;
-                } else {
-                        if (rev)
-                                seq -= th->ack, ack -= th->seq;
-                        else
-                                seq -= th->seq, ack -= th->ack;
-                }
 
 
-                thseq = th->seq;
-                thack = th->ack;
+                        thseq = th->seq;
+                        thack = th->ack;
+                }
         } else {
                 /*fool gcc*/
         } else {
                 /*fool gcc*/
-                thseq = thack = threv = 0;
+                thseq = thack = rev = 0;
         }
         if (hlen > length) {
                 (void)printf(" [bad hdr length %u - too long, > %u]",
         }
         if (hlen > length) {
                 (void)printf(" [bad hdr length %u - too long, > %u]",
@@ -474,7 +488,7 @@ tcp_print(register const u_char *bp, register u_int length,
 #define LENCHECK(l) { if ((l) > hlen) goto bad; TCHECK2(*cp, l); }
 
 
 #define LENCHECK(l) { if ((l) > hlen) goto bad; TCHECK2(*cp, l); }
 
 
-                        printf("%s", tok2str(tcp_option_values, "Unknown Option %u", opt));
+                        printf("%s", tok2str(tcp_option_values, "unknown-%u", opt));
 
                         switch (opt) {
 
 
                         switch (opt) {
 
@@ -503,7 +517,7 @@ tcp_print(register const u_char *bp, register u_int length,
                                                 s = EXTRACT_32BITS(cp + i);
                                                 LENCHECK(i + 8);
                                                 e = EXTRACT_32BITS(cp + i + 4);
                                                 s = EXTRACT_32BITS(cp + i);
                                                 LENCHECK(i + 8);
                                                 e = EXTRACT_32BITS(cp + i + 4);
-                                                if (threv) {
+                                                if (rev) {
                                                         s -= thseq;
                                                         e -= thseq;
                                                 } else {
                                                         s -= thseq;
                                                         e -= thseq;
                                                 } else {
@@ -596,8 +610,52 @@ tcp_print(register const u_char *bp, register u_int length,
                                 (void)printf(" %u", utoval);
                                 break;
 
                                 (void)printf(" %u", utoval);
                                 break;
 
+                        case TCPOPT_MPTCP:
+                                datalen = len - 2;
+                                LENCHECK(datalen);
+                                if (!mptcp_print(cp-2, len, flags))
+                                        goto bad;
+                                break;
+
+                        case TCPOPT_EXPERIMENT2:
+                                datalen = len - 2;
+                                LENCHECK(datalen);
+                                if (datalen < 2)
+                                        goto bad;
+                                /* RFC6994 */
+                                magic = EXTRACT_16BITS(cp);
+                                (void)printf("-");
+
+                                switch(magic) {
+
+                                case 0xf989:
+                                        /* TCP Fast Open: draft-ietf-tcpm-fastopen-04 */
+                                        if (datalen == 2) {
+                                                /* Fast Open Cookie Request */
+                                                (void)printf("tfo cookiereq");
+                                        } else {
+                                                /* Fast Open Cookie */
+                                                if (datalen % 2 != 0 || datalen < 6 || datalen > 18) {
+                                                        (void)printf("tfo malformed");
+                                                } else {
+                                                        (void)printf("tfo cookie ");
+                                                        for (i = 2; i < datalen; ++i)
+                                                                (void)printf("%02x", cp[i]);
+                                                }
+                                        }
+                                        break;
+
+                                default:
+                                        /* Unknown magic number */
+                                        (void)printf("%04x", magic);
+                                        break;
+                                }
+                                break;
+
                         default:
                                 datalen = len - 2;
                         default:
                                 datalen = len - 2;
+                                if (datalen)
+                                        printf(" 0x");
                                 for (i = 0; i < datalen; ++i) {
                                         LENCHECK(i);
                                         (void)printf("%02x", cp[i]);
                                 for (i = 0; i < datalen; ++i) {
                                         LENCHECK(i);
                                         (void)printf("%02x", cp[i]);
@@ -663,6 +721,8 @@ tcp_print(register const u_char *bp, register u_int length,
 #endif
         else if (sport == BEEP_PORT || dport == BEEP_PORT)
                 beep_print(bp, length);
 #endif
         else if (sport == BEEP_PORT || dport == BEEP_PORT)
                 beep_print(bp, length);
+        else if (sport == OPENFLOW_PORT || dport == OPENFLOW_PORT)
+                openflow_print(bp, length);
         else if (length > 2 &&
                  (sport == NAMESERVER_PORT || dport == NAMESERVER_PORT ||
                   sport == MULTICASTDNS_PORT || dport == MULTICASTDNS_PORT)) {
         else if (length > 2 &&
                  (sport == NAMESERVER_PORT || dport == NAMESERVER_PORT ||
                   sport == MULTICASTDNS_PORT || dport == MULTICASTDNS_PORT)) {
@@ -729,6 +789,7 @@ print_tcp_rst_data(register const u_char *sp, u_int length)
 }
 
 #ifdef HAVE_LIBCRYPTO
 }
 
 #ifdef HAVE_LIBCRYPTO
+USES_APPLE_DEPRECATED_API
 static int
 tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
                      const u_char *data, int length, const u_char *rcvsig)
 static int
 tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
                      const u_char *data, int length, const u_char *rcvsig)
@@ -815,6 +876,7 @@ tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
         else
                 return (SIGNATURE_INVALID);
 }
         else
                 return (SIGNATURE_INVALID);
 }
+USES_APPLE_RST
 #endif /* HAVE_LIBCRYPTO */
 
 /*
 #endif /* HAVE_LIBCRYPTO */
 
 /*
[mirror] the TCPdump network dissector