/* \summary: Network Time Protocol (NTP) printer */
+/*
+ * specification:
+ *
+ * RFC 1119 - NTPv2
+ * RFC 1305 - NTPv3
+ * RFC 5905 - NTPv4
+ */
+
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "addrtoname.h"
#include "extract.h"
+static const char tstr[] = " [|ntp]";
+
/*
* Based on ntp.h from the U of MD implementation
* This file is based on Version 2 of the NTP spec (RFC1119).
/*
* Definitions for the masses
*/
-#define JAN_1970 2208988800U /* 1970 - 1900 in seconds */
+#define JAN_1970 INT64_T_CONSTANT(2208988800) /* 1970 - 1900 in seconds */
/*
* Structure definitions for NTP fixed point values
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
struct l_fixedpt {
- uint32_t int_part;
- uint32_t fraction;
+ nd_uint32_t int_part;
+ nd_uint32_t fraction;
};
struct s_fixedpt {
- uint16_t int_part;
- uint16_t fraction;
+ nd_uint16_t int_part;
+ nd_uint16_t fraction;
};
/* rfc2030
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
-/* Length of the NTP message with the mandatory fields ("the header")
+/* Length of the NTP data message with the mandatory fields ("the header")
* and without any optional fields (extension, Key Identifier,
* Message Digest).
*/
-#define NTP_MSG_MINLEN 48
+#define NTP_TIMEMSG_MINLEN 48U
struct ntp_time_data {
- u_char status; /* status of local clock and leap info */
- u_char stratum; /* Stratum level */
- int ppoll:8; /* poll value */
- int precision:8;
+ nd_uint8_t status; /* status of local clock and leap info */
+ nd_uint8_t stratum; /* Stratum level */
+ nd_int8_t ppoll; /* poll value */
+ nd_int8_t precision;
struct s_fixedpt root_delay;
struct s_fixedpt root_dispersion;
- uint32_t refid;
+ nd_uint32_t refid;
struct l_fixedpt ref_timestamp;
struct l_fixedpt org_timestamp;
struct l_fixedpt rec_timestamp;
struct l_fixedpt xmt_timestamp;
- uint32_t key_id;
- uint8_t message_digest[20];
+ nd_uint32_t key_id;
+ nd_uint8_t message_digest[20];
};
/*
* Leap Second Codes (high order two bits)
*
* Figure 1: NTP Control Message Header
*/
+
+/* Length of the NTP control message with the mandatory fields ("the header")
+ * and without any optional fields (Data, Padding, Authenticator).
+ */
+#define NTP_CTRLMSG_MINLEN 12U
+
struct ntp_control_data {
- u_char magic; /* LI, VN, Mode */
- u_char control; /* R, E, M, OpCode */
- uint16_t sequence; /* Sequence Number */
- uint16_t status; /* Status */
- uint16_t assoc; /* Association ID */
- uint16_t offset; /* Offset */
- uint16_t count; /* Count */
- u_char data[564]; /* Data, [Padding, [Authenticator]] */
+ nd_uint8_t magic; /* LI, VN, Mode */
+ nd_uint8_t control; /* R, E, M, OpCode */
+ nd_uint16_t sequence; /* Sequence Number */
+ nd_uint16_t status; /* Status */
+ nd_uint16_t assoc; /* Association ID */
+ nd_uint16_t offset; /* Offset */
+ nd_uint16_t count; /* Count */
+ nd_uint8_t data[564]; /* Data, [Padding, [Authenticator]] */
};
/*
ntp_time_print(netdissect_options *ndo,
register const struct ntp_time_data *bp, u_int length)
{
- int mode, version, leapind;
+ uint8_t stratum;
- if (length < NTP_MSG_MINLEN) {
- ND_PRINT((ndo, "NTP, length %u", length));
+ if (length < NTP_TIMEMSG_MINLEN)
goto invalid;
- }
-
- ND_TCHECK(bp->status);
- version = (int)(bp->status & VERSIONMASK) >> VERSIONSHIFT;
- ND_PRINT((ndo, "NTPv%d", version));
-
- mode = bp->status & MODEMASK;
- if (!ndo->ndo_vflag) {
- ND_PRINT((ndo, ", %s, length %u",
- tok2str(ntp_mode_values, "Unknown mode", mode),
- length));
- return;
- }
-
- ND_PRINT((ndo, ", length %u\n\t%s",
- length,
- tok2str(ntp_mode_values, "Unknown mode", mode)));
-
- leapind = bp->status & LEAPMASK;
- ND_PRINT((ndo, ", Leap indicator: %s (%u)",
- tok2str(ntp_leapind_values, "Unknown", leapind),
- leapind));
-
- ND_TCHECK(bp->stratum);
+ ND_TCHECK_1(bp->stratum);
+ stratum = EXTRACT_U_1(bp->stratum);
ND_PRINT((ndo, ", Stratum %u (%s)",
- bp->stratum,
- tok2str(ntp_stratum_values, (bp->stratum >=2 && bp->stratum<=15) ? "secondary reference" : "reserved", bp->stratum)));
+ stratum,
+ tok2str(ntp_stratum_values, (stratum >=2 && stratum<=15) ? "secondary reference" : "reserved", stratum)));
- /* Can't ND_TCHECK bp->ppoll bitfield so bp->stratum + 2 instead */
- ND_TCHECK2(bp->stratum, 2);
- ND_PRINT((ndo, ", poll %d", bp->ppoll));
- p_poll(ndo, bp->ppoll);
+ ND_TCHECK_1(bp->ppoll);
+ ND_PRINT((ndo, ", poll %d", EXTRACT_S_1(bp->ppoll)));
+ p_poll(ndo, EXTRACT_U_1(bp->ppoll));
- /* Can't ND_TCHECK bp->precision bitfield so bp->distance + 0 instead */
- ND_TCHECK2(bp->root_delay, 0);
- ND_PRINT((ndo, ", precision %d", bp->precision));
+ ND_TCHECK_1(bp->precision);
+ ND_PRINT((ndo, ", precision %d", EXTRACT_S_1(bp->precision)));
ND_TCHECK(bp->root_delay);
ND_PRINT((ndo, "\n\tRoot Delay: "));
ND_TCHECK(bp->refid);
ND_PRINT((ndo, ", Reference-ID: "));
/* Interpretation depends on stratum */
- switch (bp->stratum) {
+ switch (stratum) {
case UNSPECIFIED:
ND_PRINT((ndo, "(unspec)"));
default:
/* In NTPv4 (RFC 5905) refid is an IPv4 address or first 32 bits of
MD5 sum of IPv6 address */
- ND_PRINT((ndo, "0x%08x", EXTRACT_32BITS(&bp->refid)));
+ ND_PRINT((ndo, "0x%08x", EXTRACT_BE_U_4(&bp->refid)));
break;
}
p_ntp_delta(ndo, &(bp->org_timestamp), &(bp->xmt_timestamp));
/* FIXME: this code is not aware of any extension fields */
- if (length == NTP_MSG_MINLEN + 4) { /* Optional: key-id (crypto-NAK) */
- ND_TCHECK(bp->key_id);
- ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_32BITS(&bp->key_id)));
- } else if (length == NTP_MSG_MINLEN + 4 + 16) { /* Optional: key-id + 128-bit digest */
- ND_TCHECK(bp->key_id);
- ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_32BITS(&bp->key_id)));
+ if (length == NTP_TIMEMSG_MINLEN + 4) { /* Optional: key-id (crypto-NAK) */
+ ND_TCHECK_4(bp->key_id);
+ ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_BE_U_4(bp->key_id)));
+ } else if (length == NTP_TIMEMSG_MINLEN + 4 + 16) { /* Optional: key-id + 128-bit digest */
+ ND_TCHECK_4(bp->key_id);
+ ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_BE_U_4(bp->key_id)));
ND_TCHECK2(bp->message_digest, 16);
ND_PRINT((ndo, "\n\tAuthentication: %08x%08x%08x%08x",
- EXTRACT_32BITS(bp->message_digest),
- EXTRACT_32BITS(bp->message_digest + 4),
- EXTRACT_32BITS(bp->message_digest + 8),
- EXTRACT_32BITS(bp->message_digest + 12)));
- } else if (length == NTP_MSG_MINLEN + 4 + 20) { /* Optional: key-id + 160-bit digest */
- ND_TCHECK(bp->key_id);
- ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_32BITS(&bp->key_id)));
+ EXTRACT_BE_U_4(bp->message_digest),
+ EXTRACT_BE_U_4(bp->message_digest + 4),
+ EXTRACT_BE_U_4(bp->message_digest + 8),
+ EXTRACT_BE_U_4(bp->message_digest + 12)));
+ } else if (length == NTP_TIMEMSG_MINLEN + 4 + 20) { /* Optional: key-id + 160-bit digest */
+ ND_TCHECK_4(bp->key_id);
+ ND_PRINT((ndo, "\n\tKey id: %u", EXTRACT_BE_U_4(bp->key_id)));
ND_TCHECK2(bp->message_digest, 20);
ND_PRINT((ndo, "\n\tAuthentication: %08x%08x%08x%08x%08x",
- EXTRACT_32BITS(bp->message_digest),
- EXTRACT_32BITS(bp->message_digest + 4),
- EXTRACT_32BITS(bp->message_digest + 8),
- EXTRACT_32BITS(bp->message_digest + 12),
- EXTRACT_32BITS(bp->message_digest + 16)));
- } else if (length > NTP_MSG_MINLEN) {
- ND_PRINT((ndo, "\n\t(%u more bytes after the header)", length - NTP_MSG_MINLEN));
+ EXTRACT_BE_U_4(bp->message_digest),
+ EXTRACT_BE_U_4(bp->message_digest + 4),
+ EXTRACT_BE_U_4(bp->message_digest + 8),
+ EXTRACT_BE_U_4(bp->message_digest + 12),
+ EXTRACT_BE_U_4(bp->message_digest + 16)));
+ } else if (length > NTP_TIMEMSG_MINLEN) {
+ ND_PRINT((ndo, "\n\t(%u more bytes after the header)", length - NTP_TIMEMSG_MINLEN));
}
return;
return;
trunc:
- ND_PRINT((ndo, " [|ntp]"));
+ ND_PRINT((ndo, " %s", tstr));
}
/*
ntp_control_print(netdissect_options *ndo,
register const struct ntp_control_data *cd, u_int length)
{
- u_char R, E, M, opcode;
+ u_int8_t control, R, E, M, opcode;
uint16_t sequence, status, assoc, offset, count;
- R = (cd->control & 0x80) != 0;
- E = (cd->control & 0x40) != 0;
- M = (cd->control & 0x20) != 0;
- opcode = cd->control & 0x1f;
+ if (length < NTP_CTRLMSG_MINLEN)
+ goto invalid;
+
+ ND_TCHECK_1(cd->control);
+ control = EXTRACT_U_1(cd->control);
+ R = (control & 0x80) != 0;
+ E = (control & 0x40) != 0;
+ M = (control & 0x20) != 0;
+ opcode = control & 0x1f;
ND_PRINT((ndo, ", %s, %s, %s, OpCode=%u\n",
R ? "Response" : "Request", E ? "Error" : "OK",
- M ? "More" : "Last", (unsigned)opcode));
+ M ? "More" : "Last", opcode));
- sequence = EXTRACT_16BITS(&cd->sequence);
+ ND_TCHECK_2(cd->sequence);
+ sequence = EXTRACT_BE_U_2(cd->sequence);
ND_PRINT((ndo, "\tSequence=%hu", sequence));
- status = EXTRACT_16BITS(&cd->status);
+ ND_TCHECK_2(cd->status);
+ status = EXTRACT_BE_U_2(cd->status);
ND_PRINT((ndo, ", Status=%#hx", status));
- assoc = EXTRACT_16BITS(&cd->assoc);
+ ND_TCHECK_2(cd->assoc);
+ assoc = EXTRACT_BE_U_2(cd->assoc);
ND_PRINT((ndo, ", Assoc.=%hu", assoc));
- offset = EXTRACT_16BITS(&cd->offset);
+ ND_TCHECK_2(cd->offset);
+ offset = EXTRACT_BE_U_2(cd->offset);
ND_PRINT((ndo, ", Offset=%hu", offset));
- count = EXTRACT_16BITS(&cd->count);
+ ND_TCHECK_2(cd->count);
+ count = EXTRACT_BE_U_2(cd->count);
ND_PRINT((ndo, ", Count=%hu", count));
- if ((cd->data - (const u_char *)cd) + count > length)
- goto trunc;
- if (count != 0)
+ if (NTP_CTRLMSG_MINLEN + count > length)
+ goto invalid;
+ if (count != 0) {
+ ND_TCHECK2(cd->data, count);
ND_PRINT((ndo, "\n\tTO-BE-DONE: data not interpreted"));
+ }
+ return;
+
+invalid:
+ ND_PRINT((ndo, " %s", istr));
+ ND_TCHECK2(*cd, length);
return;
trunc:
- ND_PRINT((ndo, " [|ntp]"));
+ ND_PRINT((ndo, " %s", tstr));
}
union ntpdata {
{
register const union ntpdata *bp = (const union ntpdata *)cp;
int mode, version, leapind;
+ uint8_t status;
ND_TCHECK(bp->td.status);
+ status = EXTRACT_U_1(bp->td.status);
- version = (bp->td.status & VERSIONMASK) >> VERSIONSHIFT;
+ version = (status & VERSIONMASK) >> VERSIONSHIFT;
ND_PRINT((ndo, "NTPv%d", version));
- mode = (bp->td.status & MODEMASK) >> MODESHIFT;
+ mode = (status & MODEMASK) >> MODESHIFT;
if (!ndo->ndo_vflag) {
ND_PRINT((ndo, ", %s, length %u",
tok2str(ntp_mode_values, "Unknown mode", mode),
ND_PRINT((ndo, ", %s, length %u\n",
tok2str(ntp_mode_values, "Unknown mode", mode), length));
- /* leapind = (bp->td.status & LEAPMASK) >> LEAPSHIFT; */
- leapind = (bp->td.status & LEAPMASK);
+ /* leapind = (status & LEAPMASK) >> LEAPSHIFT; */
+ leapind = (status & LEAPMASK);
ND_PRINT((ndo, "\tLeap indicator: %s (%u)",
tok2str(ntp_leapind_values, "Unknown", leapind),
leapind));
return;
trunc:
- ND_PRINT((ndo, " [|ntp]"));
+ ND_PRINT((ndo, " %s", tstr));
}
static void
register int f;
register double ff;
- i = EXTRACT_16BITS(&sfp->int_part);
- f = EXTRACT_16BITS(&sfp->fraction);
+ i = EXTRACT_BE_U_2(&sfp->int_part);
+ f = EXTRACT_BE_U_2(&sfp->fraction);
ff = f / 65536.0; /* shift radix point by 16 bits */
f = (int)(ff * 1000000.0); /* Treat fraction as parts per million */
ND_PRINT((ndo, "%d.%06d", i, f));
p_ntp_time(netdissect_options *ndo,
register const struct l_fixedpt *lfp)
{
- register int32_t i;
+ register uint32_t i;
register uint32_t uf;
register uint32_t f;
register double ff;
- i = EXTRACT_32BITS(&lfp->int_part);
- uf = EXTRACT_32BITS(&lfp->fraction);
+ i = EXTRACT_BE_U_4(&lfp->int_part);
+ uf = EXTRACT_BE_U_4(&lfp->fraction);
ff = uf;
if (ff < 0.0) /* some compilers are buggy */
ff += FMAXINT;
* print the UTC time in human-readable format.
*/
if (i) {
- time_t seconds = i - JAN_1970;
+ int64_t seconds_64bit = (int64_t)i - JAN_1970;
+ time_t seconds;
struct tm *tm;
char time_buf[128];
- tm = gmtime(&seconds);
- /* use ISO 8601 (RFC3339) format */
- strftime(time_buf, sizeof (time_buf), "%Y-%m-%dT%H:%M:%S", tm);
- ND_PRINT((ndo, " (%s)", time_buf));
+ seconds = (time_t)seconds_64bit;
+ if (seconds != seconds_64bit) {
+ /*
+ * It doesn't fit into a time_t, so we can't hand it
+ * to gmtime.
+ */
+ ND_PRINT((ndo, " (unrepresentable)"));
+ } else {
+ tm = gmtime(&seconds);
+ if (tm == NULL) {
+ /*
+ * gmtime() can't handle it.
+ * (Yes, that might happen with some version of
+ * Microsoft's C library.)
+ */
+ ND_PRINT((ndo, " (unrepresentable)"));
+ } else {
+ /* use ISO 8601 (RFC3339) format */
+ strftime(time_buf, sizeof (time_buf), "%Y-%m-%dT%H:%M:%S", tm);
+ ND_PRINT((ndo, " (%s)", time_buf));
+ }
+ }
}
#endif
}
register double ff;
int signbit;
- u = EXTRACT_32BITS(&lfp->int_part);
- ou = EXTRACT_32BITS(&olfp->int_part);
- uf = EXTRACT_32BITS(&lfp->fraction);
- ouf = EXTRACT_32BITS(&olfp->fraction);
+ u = EXTRACT_BE_U_4(&lfp->int_part);
+ ou = EXTRACT_BE_U_4(&olfp->int_part);
+ uf = EXTRACT_BE_U_4(&lfp->fraction);
+ ouf = EXTRACT_BE_U_4(&olfp->fraction);
if (ou == 0 && ouf == 0) {
p_ntp_time(ndo, lfp);
return;
projects / tcpdump / blobdiff