* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
- * Format and print ntp packets.
* By Jeffrey Mogul/DECWRL
* loosely based on print-bootp.c
*/
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
+/* \summary: Network Time Protocol (NTP) printer */
-#include <netdissect-stdinc.h>
+/*
+ * specification:
+ *
+ * RFC 1119 - NTPv2
+ * RFC 1305 - NTPv3
+ * RFC 5905 - NTPv4
+ */
-#ifdef HAVE_STRFTIME
-#include <time.h>
-#endif
+#include <config.h>
+#include "netdissect-stdinc.h"
+#include "netdissect-ctype.h"
+
+#define ND_LONGJMP_FROM_TCHECK
#include "netdissect.h"
#include "addrtoname.h"
#include "extract.h"
+#include "ntp.h"
+
/*
* Based on ntp.h from the U of MD implementation
* This file is based on Version 2 of the NTP spec (RFC1119).
*/
-/*
- * Definitions for the masses
- */
-#define JAN_1970 2208988800U /* 1970 - 1900 in seconds */
-
-/*
- * Structure definitions for NTP fixed point values
- *
- * 0 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Integer Part |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Fraction Part |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- * 0 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Integer Part | Fraction Part |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-*/
-struct l_fixedpt {
- uint32_t int_part;
- uint32_t fraction;
-};
-
-struct s_fixedpt {
- uint16_t int_part;
- uint16_t fraction;
-};
-
-/* rfc2030
+/* RFC 5905 updated by RFC 7822
* 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | |
- * | Originate Timestamp (64) |
+ * | Origin Timestamp (64) |
* | |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | |
* | Transmit Timestamp (64) |
* | |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Key Identifier (optional) (32) |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | |
- * | |
- * | Message Digest (optional) (128) |
* | |
+ * . .
+ * . Optional Extensions (variable) .
+ * . .
* | |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
-struct ntpdata {
- u_char status; /* status of local clock and leap info */
- u_char stratum; /* Stratum level */
- u_char ppoll; /* poll value */
- int precision:8;
+/* Length of the NTP data message with the mandatory fields ("the header")
+ * and without any optional fields (extension, Key Identifier,
+ * Message Digest).
+ */
+#define NTP_TIMEMSG_MINLEN 48U
+
+struct ntp_time_data {
+ nd_uint8_t status; /* status of local clock and leap info */
+ nd_uint8_t stratum; /* Stratum level */
+ nd_int8_t ppoll; /* poll value */
+ nd_int8_t precision;
struct s_fixedpt root_delay;
struct s_fixedpt root_dispersion;
- uint32_t refid;
+ nd_uint32_t refid;
struct l_fixedpt ref_timestamp;
struct l_fixedpt org_timestamp;
struct l_fixedpt rec_timestamp;
struct l_fixedpt xmt_timestamp;
- uint32_t key_id;
- uint8_t message_digest[16];
+ /* extension fields and/or MAC follow */
+};
+
+struct ntp_extension_field {
+ nd_uint16_t type;
+ nd_uint16_t length;
+ /* body follows */
};
+
/*
* Leap Second Codes (high order two bits)
*/
*/
#define NTPVERSION_1 0x08
#define VERSIONMASK 0x38
+#define VERSIONSHIFT 3
#define LEAPMASK 0xc0
+#define LEAPSHIFT 6
#ifdef MODEMASK
#undef MODEMASK /* Solaris sucks */
#endif
#define MODEMASK 0x07
+#define MODESHIFT 0
/*
* Code values
#define MODE_CLIENT 3 /* client */
#define MODE_SERVER 4 /* server */
#define MODE_BROADCAST 5 /* broadcast */
-#define MODE_RES1 6 /* reserved */
+#define MODE_CONTROL 6 /* control message */
#define MODE_RES2 7 /* reserved */
/*
#define INFO_REPLY 63 /* **** THIS implementation dependent **** */
static void p_sfix(netdissect_options *ndo, const struct s_fixedpt *);
-static void p_ntp_time(netdissect_options *, const struct l_fixedpt *);
static void p_ntp_delta(netdissect_options *, const struct l_fixedpt *, const struct l_fixedpt *);
+static void p_poll(netdissect_options *, const int);
+static u_int p_ext_fields(netdissect_options *, const u_char *, u_int length);
static const struct tok ntp_mode_values[] = {
{ MODE_UNSPEC, "unspecified" },
{ MODE_CLIENT, "Client" },
{ MODE_SERVER, "Server" },
{ MODE_BROADCAST, "Broadcast" },
- { MODE_RES1, "Reserved" },
+ { MODE_CONTROL, "Control Message" },
{ MODE_RES2, "Reserved" },
{ 0, NULL }
};
static const struct tok ntp_stratum_values[] = {
{ UNSPECIFIED, "unspecified" },
- { PRIM_REF, "primary reference" },
+ { PRIM_REF, "primary reference" },
{ 0, NULL }
};
-/*
- * Print ntp requests
- */
-void
-ntp_print(netdissect_options *ndo,
- register const u_char *cp, u_int length)
-{
- register const struct ntpdata *bp;
- int mode, version, leapind;
-
- bp = (const struct ntpdata *)cp;
-
- ND_TCHECK(bp->status);
+static const struct tok ntp_ef_types[] = {
+ { 0x0104, "Unique Identifier" },
+ { 0x0204, "NTS Cookie" },
+ { 0x0304, "NTS Cookie Placeholder" },
+ { 0x0404, "NTS Authenticator and Encrypted Extension Fields" },
+ { 0x2005, "Checksum Complement" },
+ { 0, NULL }
+};
- version = (int)(bp->status & VERSIONMASK) >> 3;
- ND_PRINT((ndo, "NTPv%d", version));
+/* draft-ietf-ntp-mode-6-cmds-02
+ * 0 1 2 3
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * |LI | VN |Mode |R|E|M| OpCode | Sequence Number |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Status | Association ID |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Offset | Count |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | |
+ * / Data (up to 468 bytes) /
+ * | |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Padding (optional) |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | |
+ * / Authenticator (optional, 96 bytes) /
+ * | |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ * Figure 1: NTP Control Message Header
+ */
- mode = bp->status & MODEMASK;
- if (!ndo->ndo_vflag) {
- ND_PRINT((ndo, ", %s, length %u",
- tok2str(ntp_mode_values, "Unknown mode", mode),
- length));
- return;
- }
+/* Length of the NTP control message with the mandatory fields ("the header")
+ * and without any optional fields (Data, Padding, Authenticator).
+ */
+#define NTP_CTRLMSG_MINLEN 12U
+
+struct ntp_control_data {
+ nd_uint8_t magic; /* LI, VN, Mode */
+ nd_uint8_t control; /* R, E, M, OpCode */
+ nd_uint16_t sequence; /* Sequence Number */
+ nd_uint16_t status; /* Status */
+ nd_uint16_t assoc; /* Association ID */
+ nd_uint16_t offset; /* Offset */
+ nd_uint16_t count; /* Count */
+ nd_uint8_t data[564]; /* Data, [Padding, [Authenticator]] */
+};
- ND_PRINT((ndo, ", length %u\n\t%s",
- length,
- tok2str(ntp_mode_values, "Unknown mode", mode)));
+/*
+ * Print NTP time requests and responses
+ */
+static void
+ntp_time_print(netdissect_options *ndo,
+ const struct ntp_time_data *bp, u_int length, u_int version)
+{
+ const u_char *mac;
+ uint8_t stratum;
+ u_int efs_len;
- leapind = bp->status & LEAPMASK;
- ND_PRINT((ndo, ", Leap indicator: %s (%u)",
- tok2str(ntp_leapind_values, "Unknown", leapind),
- leapind));
+ if (length < NTP_TIMEMSG_MINLEN)
+ goto invalid;
- ND_TCHECK(bp->stratum);
- ND_PRINT((ndo, ", Stratum %u (%s)",
- bp->stratum,
- tok2str(ntp_stratum_values, (bp->stratum >=2 && bp->stratum<=15) ? "secondary reference" : "reserved", bp->stratum)));
+ stratum = GET_U_1(bp->stratum);
+ ND_PRINT(", Stratum %u (%s)",
+ stratum,
+ tok2str(ntp_stratum_values, (stratum >=2 && stratum<=15) ? "secondary reference" : "reserved", stratum));
- ND_TCHECK(bp->ppoll);
- ND_PRINT((ndo, ", poll %u (%us)", bp->ppoll, 1 << bp->ppoll));
+ ND_PRINT(", poll %d", GET_S_1(bp->ppoll));
+ p_poll(ndo, GET_S_1(bp->ppoll));
- /* Can't ND_TCHECK bp->precision bitfield so bp->distance + 0 instead */
- ND_TCHECK2(bp->root_delay, 0);
- ND_PRINT((ndo, ", precision %d", bp->precision));
+ ND_PRINT(", precision %d", GET_S_1(bp->precision));
- ND_TCHECK(bp->root_delay);
- ND_PRINT((ndo, "\n\tRoot Delay: "));
+ ND_PRINT("\n\tRoot Delay: ");
p_sfix(ndo, &bp->root_delay);
- ND_TCHECK(bp->root_dispersion);
- ND_PRINT((ndo, ", Root dispersion: "));
+ ND_PRINT(", Root dispersion: ");
p_sfix(ndo, &bp->root_dispersion);
- ND_TCHECK(bp->refid);
- ND_PRINT((ndo, ", Reference-ID: "));
+ ND_PRINT(", Reference-ID: ");
/* Interpretation depends on stratum */
- switch (bp->stratum) {
+ switch (stratum) {
case UNSPECIFIED:
- ND_PRINT((ndo, "(unspec)"));
+ /* NTPv4 (RFC 5905, section 7.4) formalizes that refid _may_
+ * contain a printable, four-character, left justified, zero
+ * filled ASCII string ("kiss code") for status reporting
+ * and debugging. Some kiss codes are defined in the RFC as
+ * initial set for a new IANA registry, but the list may be
+ * modified or extended in the future, and unregistered kiss
+ * codes are possible (and are being seen in the field).
+ */
+ if (!ND_ASCII_ISPRINT(GET_U_1(bp->refid))) {
+ ND_PRINT("(unspec)");
+ ND_TCHECK_4(bp->refid);
+ } else {
+ nd_printjn(ndo, (const u_char *)&(bp->refid), 4);
+ }
break;
case PRIM_REF:
- if (fn_printn(ndo, (const u_char *)&(bp->refid), 4, ndo->ndo_snapend))
- goto trunc;
+ nd_printjn(ndo, (const u_char *)&(bp->refid), 4);
break;
case INFO_QUERY:
- ND_PRINT((ndo, "%s INFO_QUERY", ipaddr_string(ndo, &(bp->refid))));
+ ND_PRINT("%s INFO_QUERY", GET_IPADDR_STRING(bp->refid));
/* this doesn't have more content */
return;
case INFO_REPLY:
- ND_PRINT((ndo, "%s INFO_REPLY", ipaddr_string(ndo, &(bp->refid))));
+ ND_PRINT("%s INFO_REPLY", GET_IPADDR_STRING(bp->refid));
/* this is too complex to be worth printing */
return;
default:
- ND_PRINT((ndo, "%s", ipaddr_string(ndo, &(bp->refid))));
+ /* In NTPv4 (RFC 5905) refid is an IPv4 address or first 32 bits of
+ MD5 sum of IPv6 address */
+ ND_PRINT("0x%08x", GET_BE_U_4(bp->refid));
break;
}
- ND_TCHECK(bp->ref_timestamp);
- ND_PRINT((ndo, "\n\t Reference Timestamp: "));
+ ND_PRINT("\n\t Reference Timestamp: ");
p_ntp_time(ndo, &(bp->ref_timestamp));
- ND_TCHECK(bp->org_timestamp);
- ND_PRINT((ndo, "\n\t Originator Timestamp: "));
+ ND_PRINT("\n\t Origin Timestamp: ");
p_ntp_time(ndo, &(bp->org_timestamp));
- ND_TCHECK(bp->rec_timestamp);
- ND_PRINT((ndo, "\n\t Receive Timestamp: "));
+ ND_PRINT("\n\t Receive Timestamp: ");
p_ntp_time(ndo, &(bp->rec_timestamp));
- ND_TCHECK(bp->xmt_timestamp);
- ND_PRINT((ndo, "\n\t Transmit Timestamp: "));
+ ND_PRINT("\n\t Transmit Timestamp: ");
p_ntp_time(ndo, &(bp->xmt_timestamp));
- ND_PRINT((ndo, "\n\t Originator - Receive Timestamp: "));
+ ND_PRINT("\n\t Originator - Receive Timestamp: ");
p_ntp_delta(ndo, &(bp->org_timestamp), &(bp->rec_timestamp));
- ND_PRINT((ndo, "\n\t Originator - Transmit Timestamp: "));
+ ND_PRINT("\n\t Originator - Transmit Timestamp: ");
p_ntp_delta(ndo, &(bp->org_timestamp), &(bp->xmt_timestamp));
- if ( (sizeof(struct ntpdata) - length) == 16) { /* Optional: key-id */
- ND_TCHECK(bp->key_id);
- ND_PRINT((ndo, "\n\tKey id: %u", bp->key_id));
- } else if ( (sizeof(struct ntpdata) - length) == 0) { /* Optional: key-id + authentication */
- ND_TCHECK(bp->key_id);
- ND_PRINT((ndo, "\n\tKey id: %u", bp->key_id));
- ND_TCHECK2(bp->message_digest, sizeof (bp->message_digest));
- ND_PRINT((ndo, "\n\tAuthentication: %08x%08x%08x%08x",
- EXTRACT_32BITS(bp->message_digest),
- EXTRACT_32BITS(bp->message_digest + 4),
- EXTRACT_32BITS(bp->message_digest + 8),
- EXTRACT_32BITS(bp->message_digest + 12)));
- }
+ if (version == 4)
+ efs_len = p_ext_fields(ndo, (const u_char *)bp + NTP_TIMEMSG_MINLEN, length - NTP_TIMEMSG_MINLEN);
+ else
+ efs_len = 0;
+
+ mac = (const u_char *)bp + NTP_TIMEMSG_MINLEN + efs_len;
+
+ if (length == NTP_TIMEMSG_MINLEN + efs_len + 4) { /* Optional: key-id (crypto-NAK) */
+ ND_PRINT("\n\tKey id: %u", GET_BE_U_4(mac));
+ } else if (length == NTP_TIMEMSG_MINLEN + efs_len + 4 + 16) { /* Optional: key-id + 128-bit digest */
+ ND_PRINT("\n\tKey id: %u", GET_BE_U_4(mac));
+ ND_PRINT("\n\tAuthentication: %08x%08x%08x%08x",
+ GET_BE_U_4(mac + 4),
+ GET_BE_U_4(mac + 8),
+ GET_BE_U_4(mac + 12),
+ GET_BE_U_4(mac + 16));
+ } else if (length == NTP_TIMEMSG_MINLEN + efs_len + 4 + 20) { /* Optional: key-id + 160-bit digest */
+ ND_PRINT("\n\tKey id: %u", GET_BE_U_4(mac));
+ ND_PRINT("\n\tAuthentication: %08x%08x%08x%08x%08x",
+ GET_BE_U_4(mac + 4),
+ GET_BE_U_4(mac + 8),
+ GET_BE_U_4(mac + 12),
+ GET_BE_U_4(mac + 16),
+ GET_BE_U_4(mac + 20));
+ } else if (length > NTP_TIMEMSG_MINLEN + efs_len) {
+ ND_PRINT("\n\t(%u more bytes after the header and extension fields)",
+ length - NTP_TIMEMSG_MINLEN - efs_len);
+ }
return;
-trunc:
- ND_PRINT((ndo, " [|ntp]"));
+invalid:
+ nd_print_invalid(ndo);
+ ND_TCHECK_LEN(bp, length);
}
+/*
+ * Print NTP control message requests and responses
+ */
static void
-p_sfix(netdissect_options *ndo,
- register const struct s_fixedpt *sfp)
+ntp_control_print(netdissect_options *ndo,
+ const struct ntp_control_data *cd, u_int length)
{
- register int i;
- register int f;
- register double ff;
+ uint8_t control, R, E, M, opcode;
+ uint16_t sequence, status, assoc, offset, count;
- i = EXTRACT_16BITS(&sfp->int_part);
- f = EXTRACT_16BITS(&sfp->fraction);
- ff = f / 65536.0; /* shift radix point by 16 bits */
- f = (int)(ff * 1000000.0); /* Treat fraction as parts per million */
- ND_PRINT((ndo, "%d.%06d", i, f));
+ if (length < NTP_CTRLMSG_MINLEN)
+ goto invalid;
+
+ control = GET_U_1(cd->control);
+ R = (control & 0x80) != 0;
+ E = (control & 0x40) != 0;
+ M = (control & 0x20) != 0;
+ opcode = control & 0x1f;
+ ND_PRINT(", %s, %s, %s, OpCode=%u\n",
+ R ? "Response" : "Request", E ? "Error" : "OK",
+ M ? "More" : "Last", opcode);
+
+ sequence = GET_BE_U_2(cd->sequence);
+ ND_PRINT("\tSequence=%hu", sequence);
+
+ status = GET_BE_U_2(cd->status);
+ ND_PRINT(", Status=%#hx", status);
+
+ assoc = GET_BE_U_2(cd->assoc);
+ ND_PRINT(", Assoc.=%hu", assoc);
+
+ offset = GET_BE_U_2(cd->offset);
+ ND_PRINT(", Offset=%hu", offset);
+
+ count = GET_BE_U_2(cd->count);
+ ND_PRINT(", Count=%hu", count);
+
+ if (NTP_CTRLMSG_MINLEN + count > length)
+ goto invalid;
+ if (count != 0) {
+ ND_TCHECK_LEN(cd->data, count);
+ ND_PRINT("\n\tTO-BE-DONE: data not interpreted");
+ }
+ return;
+
+invalid:
+ nd_print_invalid(ndo);
+ ND_TCHECK_LEN(cd, length);
}
-#define FMAXINT (4294967296.0) /* floating point rep. of MAXINT */
+union ntpdata {
+ struct ntp_time_data td;
+ struct ntp_control_data cd;
+};
-static void
-p_ntp_time(netdissect_options *ndo,
- register const struct l_fixedpt *lfp)
+/*
+ * Print NTP requests, handling the common VN, LI, and Mode
+ */
+void
+ntp_print(netdissect_options *ndo,
+ const u_char *cp, u_int length)
{
- register int32_t i;
- register uint32_t uf;
- register uint32_t f;
- register double ff;
-
- i = EXTRACT_32BITS(&lfp->int_part);
- uf = EXTRACT_32BITS(&lfp->fraction);
- ff = uf;
- if (ff < 0.0) /* some compilers are buggy */
- ff += FMAXINT;
- ff = ff / FMAXINT; /* shift radix point by 32 bits */
- f = (uint32_t)(ff * 1000000000.0); /* treat fraction as parts per billion */
- ND_PRINT((ndo, "%u.%09d", i, f));
-
-#ifdef HAVE_STRFTIME
- /*
- * print the time in human-readable format.
- */
- if (i) {
- time_t seconds = i - JAN_1970;
- struct tm *tm;
- char time_buf[128];
-
- tm = localtime(&seconds);
- strftime(time_buf, sizeof (time_buf), "%Y/%m/%d %H:%M:%S", tm);
- ND_PRINT((ndo, " (%s)", time_buf));
+ const union ntpdata *bp = (const union ntpdata *)cp;
+ u_int mode, version, leapind;
+ uint8_t status;
+
+ ndo->ndo_protocol = "ntp";
+ status = GET_U_1(bp->td.status);
+
+ version = (status & VERSIONMASK) >> VERSIONSHIFT;
+ ND_PRINT("NTPv%u", version);
+
+ mode = (status & MODEMASK) >> MODESHIFT;
+ if (!ndo->ndo_vflag) {
+ ND_PRINT(", %s, length %u",
+ tok2str(ntp_mode_values, "Unknown mode", mode),
+ length);
+ return;
}
-#endif
+
+ ND_PRINT(", %s, length %u\n",
+ tok2str(ntp_mode_values, "Unknown mode", mode), length);
+
+ /* leapind = (status & LEAPMASK) >> LEAPSHIFT; */
+ leapind = (status & LEAPMASK);
+ ND_PRINT("\tLeap indicator: %s (%u)",
+ tok2str(ntp_leapind_values, "Unknown", leapind),
+ leapind);
+
+ switch (mode) {
+
+ case MODE_UNSPEC:
+ case MODE_SYM_ACT:
+ case MODE_SYM_PAS:
+ case MODE_CLIENT:
+ case MODE_SERVER:
+ case MODE_BROADCAST:
+ ntp_time_print(ndo, &bp->td, length, version);
+ break;
+
+ case MODE_CONTROL:
+ ntp_control_print(ndo, &bp->cd, length);
+ break;
+
+ default:
+ break; /* XXX: not implemented! */
+ }
+}
+
+static void
+p_sfix(netdissect_options *ndo,
+ const struct s_fixedpt *sfp)
+{
+ int i;
+ int f;
+ double ff;
+
+ i = GET_BE_U_2(sfp->int_part);
+ f = GET_BE_U_2(sfp->fraction);
+ ff = f / 65536.0; /* shift radix point by 16 bits */
+ f = (int)(ff * 1000000.0); /* Treat fraction as parts per million */
+ ND_PRINT("%d.%06d", i, f);
}
/* Prints time difference between *lfp and *olfp */
static void
p_ntp_delta(netdissect_options *ndo,
- register const struct l_fixedpt *olfp,
- register const struct l_fixedpt *lfp)
+ const struct l_fixedpt *olfp,
+ const struct l_fixedpt *lfp)
{
- register int32_t i;
- register uint32_t u, uf;
- register uint32_t ou, ouf;
- register uint32_t f;
- register double ff;
+ uint32_t u, uf;
+ uint32_t ou, ouf;
+ uint32_t i;
+ uint32_t f;
+ double ff;
int signbit;
- u = EXTRACT_32BITS(&lfp->int_part);
- ou = EXTRACT_32BITS(&olfp->int_part);
- uf = EXTRACT_32BITS(&lfp->fraction);
- ouf = EXTRACT_32BITS(&olfp->fraction);
+ u = GET_BE_U_4(lfp->int_part);
+ ou = GET_BE_U_4(olfp->int_part);
+ uf = GET_BE_U_4(lfp->fraction);
+ ouf = GET_BE_U_4(olfp->fraction);
if (ou == 0 && ouf == 0) {
p_ntp_time(ndo, lfp);
return;
}
- i = u - ou;
-
- if (i > 0) { /* new is definitely greater than old */
+ if (u > ou) { /* new is definitely greater than old */
signbit = 0;
+ i = u - ou;
f = uf - ouf;
if (ouf > uf) /* must borrow from high-order bits */
i -= 1;
- } else if (i < 0) { /* new is definitely less than old */
+ } else if (u < ou) { /* new is definitely less than old */
signbit = 1;
+ i = ou - u;
f = ouf - uf;
- if (uf > ouf) /* must carry into the high-order bits */
- i += 1;
- i = -i;
+ if (uf > ouf) /* must borrow from the high-order bits */
+ i -= 1;
} else { /* int_part is zero */
+ i = 0;
if (uf > ouf) {
signbit = 0;
f = uf - ouf;
ff += FMAXINT;
ff = ff / FMAXINT; /* shift radix point by 32 bits */
f = (uint32_t)(ff * 1000000000.0); /* treat fraction as parts per billion */
- ND_PRINT((ndo, "%s%d.%09d", signbit ? "-" : "+", i, f));
+ ND_PRINT("%s%u.%09u", signbit ? "-" : "+", i, f);
+}
+
+/* Prints polling interval in log2 as seconds or fraction of second */
+static void
+p_poll(netdissect_options *ndo,
+ const int poll_interval)
+{
+ if (poll_interval <= -32 || poll_interval >= 32)
+ return;
+
+ if (poll_interval >= 0)
+ ND_PRINT(" (%us)", 1U << poll_interval);
+ else
+ ND_PRINT(" (1/%us)", 1U << -poll_interval);
+}
+
+/* Prints an NTPv4 extension field */
+static void
+p_ntp_ef(netdissect_options *ndo, u_int type, u_int length, const u_char *ef_body)
+{
+ ND_PRINT("\n\t %s", tok2str(ntp_ef_types, "Unknown type", type));
+ ND_PRINT(" (0x%04x), length %u", type, length);
+
+ if (ndo->ndo_vflag > 2)
+ hex_print(ndo, "\n\t ", ef_body, length - 4);
+ else {
+ /*
+ * If we're not going to print it, at least make sure
+ * it's present in the packet, so if ef_len is too long,
+ * we stop.
+ */
+ ND_TCHECK_LEN(ef_body, length - 4);
+ }
}
+/* Prints list of extension fields per RFC 7822 */
+static u_int
+p_ext_fields(netdissect_options *ndo, const u_char *cp, u_int length)
+{
+ const struct ntp_extension_field *ef;
+ u_int ef_type, ef_len, efs_len;
+ int first_ef;
+
+ first_ef = 1;
+ efs_len = 0;
+
+ /* RFC 7822 requires the last EF in the packet to have at least
+ 28 octets to avoid ambiguity with MACs */
+ while (length - efs_len >= 28) {
+ ef = (const struct ntp_extension_field *)(cp + efs_len);
+ ef_type = GET_BE_U_2(ef->type);
+ ef_len = GET_BE_U_2(ef->length);
+
+ if (efs_len + ef_len > length || ef_len < 4 || ef_len % 4 != 0) {
+ nd_print_invalid(ndo);
+ break;
+ }
+
+ if (first_ef) {
+ ND_PRINT("\n\tExtension fields:");
+ first_ef = 0;
+ }
+
+ p_ntp_ef(ndo, ef_type, ef_len, (const u_char *)(ef + 1));
+
+ /*
+ * The entire extension field is guaranteed to be in the
+ * captured data, as p_ntp_ef() will longjmp out if it
+ * isn't.
+ *
+ * As the total length of the captured data fits in a
+ * u_int, this means that the total length of all the
+ * extension fields will fit in a u_int, so this will
+ * never overflow.
+ */
+ efs_len += ef_len;
+ }
+
+ return efs_len;
+}
projects / tcpdump / blobdiff