X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/3951a87cbe09333a11faa929f93508c848a93fd5..4c683712d4b483b43f16d41d09ec6232cbc917ca:/print-bootp.c diff --git a/print-bootp.c b/print-bootp.c index ce2ecac4..d84ba6f8 100644 --- a/print-bootp.c +++ b/print-bootp.c @@ -21,11 +21,9 @@ /* \summary: BOOTP and IPv4 DHCP printer */ -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif +#include -#include +#include "netdissect-stdinc.h" #include @@ -33,7 +31,6 @@ #include "addrtoname.h" #include "extract.h" -static const char tstr[] = " [|bootp]"; /* * Bootstrap Protocol (BOOTP). RFC951 and RFC1048. @@ -56,23 +53,23 @@ static const char tstr[] = " [|bootp]"; */ struct bootp { - uint8_t bp_op; /* packet opcode type */ - uint8_t bp_htype; /* hardware addr type */ - uint8_t bp_hlen; /* hardware addr length */ - uint8_t bp_hops; /* gateway hops */ - uint32_t bp_xid; /* transaction ID */ - uint16_t bp_secs; /* seconds since boot began */ - uint16_t bp_flags; /* flags - see bootp_flag_values[] + nd_uint8_t bp_op; /* packet opcode type */ + nd_uint8_t bp_htype; /* hardware addr type */ + nd_uint8_t bp_hlen; /* hardware addr length */ + nd_uint8_t bp_hops; /* gateway hops */ + nd_uint32_t bp_xid; /* transaction ID */ + nd_uint16_t bp_secs; /* seconds since boot began */ + nd_uint16_t bp_flags; /* flags - see bootp_flag_values[] in print-bootp.c */ - struct in_addr bp_ciaddr; /* client IP address */ - struct in_addr bp_yiaddr; /* 'your' IP address */ - struct in_addr bp_siaddr; /* server IP address */ - struct in_addr bp_giaddr; /* gateway IP address */ - uint8_t bp_chaddr[16]; /* client hardware address */ - uint8_t bp_sname[64]; /* server host name */ - uint8_t bp_file[128]; /* boot file name */ - uint8_t bp_vend[64]; /* vendor-specific area */ -} UNALIGNED; + nd_ipv4 bp_ciaddr; /* client IP address */ + nd_ipv4 bp_yiaddr; /* 'your' IP address */ + nd_ipv4 bp_siaddr; /* server IP address */ + nd_ipv4 bp_giaddr; /* gateway IP address */ + nd_byte bp_chaddr[16]; /* client hardware address */ + nd_byte bp_sname[64]; /* server host name */ + nd_byte bp_file[128]; /* boot file name */ + nd_byte bp_vend[64]; /* vendor-specific area */ +}; #define BOOTPREPLY 2 #define BOOTPREQUEST 1 @@ -148,7 +145,7 @@ struct bootp { #define TAG_NIS_P_DOMAIN ((uint8_t) 64) #define TAG_NIS_P_SERVERS ((uint8_t) 65) #define TAG_MOBILE_HOME ((uint8_t) 68) -#define TAG_SMPT_SERVER ((uint8_t) 69) +#define TAG_SMTP_SERVER ((uint8_t) 69) #define TAG_POP3_SERVER ((uint8_t) 70) #define TAG_NNTP_SERVER ((uint8_t) 71) #define TAG_WWW_SERVER ((uint8_t) 72) @@ -194,34 +191,30 @@ struct bootp { /* RFC 3442 */ #define TAG_CLASSLESS_STATIC_RT ((uint8_t) 121) #define TAG_CLASSLESS_STA_RT_MS ((uint8_t) 249) +/* RFC8572 */ +#define TAG_SZTP_REDIRECT ((uint8_t) 143) /* RFC 5859 - TFTP Server Address Option for DHCPv4 */ #define TAG_TFTP_SERVER_ADDRESS ((uint8_t) 150) -/* ftp://ftp.isi.edu/.../assignments/bootp-dhcp-extensions */ +/* https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml */ #define TAG_SLP_NAMING_AUTH ((uint8_t) 80) #define TAG_CLIENT_FQDN ((uint8_t) 81) #define TAG_AGENT_CIRCUIT ((uint8_t) 82) #define TAG_AGENT_REMOTE ((uint8_t) 83) -#define TAG_AGENT_MASK ((uint8_t) 84) #define TAG_TZ_STRING ((uint8_t) 88) #define TAG_FQDN_OPTION ((uint8_t) 89) #define TAG_AUTH ((uint8_t) 90) -#define TAG_VINES_SERVERS ((uint8_t) 91) -#define TAG_SERVER_RANK ((uint8_t) 92) +#define TAG_CLIENT_LAST_TRANSACTION_TIME ((uint8_t) 91) +#define TAG_ASSOCIATED_IP ((uint8_t) 92) #define TAG_CLIENT_ARCH ((uint8_t) 93) #define TAG_CLIENT_NDI ((uint8_t) 94) #define TAG_CLIENT_GUID ((uint8_t) 97) #define TAG_LDAP_URL ((uint8_t) 95) -#define TAG_6OVER4 ((uint8_t) 96) /* RFC 4833, TZ codes */ -#define TAG_TZ_PCODE ((uint8_t) 100) -#define TAG_TZ_TCODE ((uint8_t) 101) -#define TAG_IPX_COMPAT ((uint8_t) 110) +#define TAG_TZ_PCODE ((uint8_t) 100) +#define TAG_TZ_TCODE ((uint8_t) 101) #define TAG_NETINFO_PARENT ((uint8_t) 112) #define TAG_NETINFO_PARENT_TAG ((uint8_t) 113) #define TAG_URL ((uint8_t) 114) -#define TAG_FAILOVER ((uint8_t) 115) -#define TAG_EXTENDED_REQUEST ((uint8_t) 126) -#define TAG_EXTENDED_OPTION ((uint8_t) 127) #define TAG_MUDURL ((uint8_t) 161) /* DHCP Message types (values for TAG_DHCP_MESSAGE option) */ @@ -233,21 +226,27 @@ struct bootp { #define DHCPNAK 6 #define DHCPRELEASE 7 #define DHCPINFORM 8 +/* Defined in RFC4388 */ +#define DHCPLEASEQUERY 10 +#define DHCPLEASEUNASSIGNED 11 +#define DHCPLEASEUNKNOWN 12 +#define DHCPLEASEACTIVE 13 + /* * "vendor" data permitted for CMU bootp clients. */ struct cmu_vend { - uint8_t v_magic[4]; /* magic number */ - uint32_t v_flags; /* flags/opcodes, etc. */ - struct in_addr v_smask; /* Subnet mask */ - struct in_addr v_dgate; /* Default gateway */ - struct in_addr v_dns1, v_dns2; /* Domain name servers */ - struct in_addr v_ins1, v_ins2; /* IEN-116 name servers */ - struct in_addr v_ts1, v_ts2; /* Time servers */ - uint8_t v_unused[24]; /* currently unused */ -} UNALIGNED; + nd_byte v_magic[4]; /* magic number */ + nd_uint32_t v_flags; /* flags/opcodes, etc. */ + nd_ipv4 v_smask; /* Subnet mask */ + nd_ipv4 v_dgate; /* Default gateway */ + nd_ipv4 v_dns1, v_dns2; /* Domain name servers */ + nd_ipv4 v_ins1, v_ins2; /* IEN-116 name servers */ + nd_ipv4 v_ts1, v_ts2; /* Time servers */ + nd_byte v_unused[24]; /* currently unused */ +}; /* v_flags values */ @@ -281,103 +280,97 @@ static const struct tok bootp_op_values[] = { */ void bootp_print(netdissect_options *ndo, - register const u_char *cp, u_int length) + const u_char *cp, u_int length) { - register const struct bootp *bp; + const struct bootp *bp; static const u_char vm_cmu[4] = VM_CMU; static const u_char vm_rfc1048[4] = VM_RFC1048; + uint8_t bp_op, bp_htype, bp_hlen; + ndo->ndo_protocol = "bootp"; bp = (const struct bootp *)cp; - ND_TCHECK(bp->bp_op); - - ND_PRINT((ndo, "BOOTP/DHCP, %s", - tok2str(bootp_op_values, "unknown (0x%02x)", bp->bp_op))); - - ND_TCHECK(bp->bp_hlen); - if (bp->bp_htype == 1 && bp->bp_hlen == 6 && bp->bp_op == BOOTPREQUEST) { - ND_TCHECK2(bp->bp_chaddr[0], 6); - ND_PRINT((ndo, " from %s", etheraddr_string(ndo, bp->bp_chaddr))); + bp_op = GET_U_1(bp->bp_op); + ND_PRINT("BOOTP/DHCP, %s", + tok2str(bootp_op_values, "unknown (0x%02x)", bp_op)); + + bp_htype = GET_U_1(bp->bp_htype); + bp_hlen = GET_U_1(bp->bp_hlen); + if (bp_htype == 1 && bp_hlen == MAC_ADDR_LEN && bp_op == BOOTPREQUEST) { + ND_PRINT(" from %s", GET_ETHERADDR_STRING(bp->bp_chaddr)); } - ND_PRINT((ndo, ", length %u", length)); + ND_PRINT(", length %u", length); if (!ndo->ndo_vflag) return; - ND_TCHECK(bp->bp_secs); + ND_TCHECK_2(bp->bp_secs); /* The usual hardware address type is 1 (10Mb Ethernet) */ - if (bp->bp_htype != 1) - ND_PRINT((ndo, ", htype %d", bp->bp_htype)); + if (bp_htype != 1) + ND_PRINT(", htype %u", bp_htype); /* The usual length for 10Mb Ethernet address is 6 bytes */ - if (bp->bp_htype != 1 || bp->bp_hlen != 6) - ND_PRINT((ndo, ", hlen %d", bp->bp_hlen)); + if (bp_htype != 1 || bp_hlen != MAC_ADDR_LEN) + ND_PRINT(", hlen %u", bp_hlen); /* Only print interesting fields */ - if (bp->bp_hops) - ND_PRINT((ndo, ", hops %d", bp->bp_hops)); - if (EXTRACT_32BITS(&bp->bp_xid)) - ND_PRINT((ndo, ", xid 0x%x", EXTRACT_32BITS(&bp->bp_xid))); - if (EXTRACT_16BITS(&bp->bp_secs)) - ND_PRINT((ndo, ", secs %d", EXTRACT_16BITS(&bp->bp_secs))); - - ND_PRINT((ndo, ", Flags [%s]", - bittok2str(bootp_flag_values, "none", EXTRACT_16BITS(&bp->bp_flags)))); + if (GET_U_1(bp->bp_hops)) + ND_PRINT(", hops %u", GET_U_1(bp->bp_hops)); + if (GET_BE_U_4(bp->bp_xid)) + ND_PRINT(", xid 0x%x", GET_BE_U_4(bp->bp_xid)); + if (GET_BE_U_2(bp->bp_secs)) + ND_PRINT(", secs %u", GET_BE_U_2(bp->bp_secs)); + + ND_PRINT(", Flags [%s]", + bittok2str(bootp_flag_values, "none", GET_BE_U_2(bp->bp_flags))); if (ndo->ndo_vflag > 1) - ND_PRINT((ndo, " (0x%04x)", EXTRACT_16BITS(&bp->bp_flags))); + ND_PRINT(" (0x%04x)", GET_BE_U_2(bp->bp_flags)); /* Client's ip address */ - ND_TCHECK(bp->bp_ciaddr); - if (EXTRACT_32BITS(&bp->bp_ciaddr.s_addr)) - ND_PRINT((ndo, "\n\t Client-IP %s", ipaddr_string(ndo, &bp->bp_ciaddr))); + if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_ciaddr)) + ND_PRINT("\n\t Client-IP %s", GET_IPADDR_STRING(bp->bp_ciaddr)); /* 'your' ip address (bootp client) */ - ND_TCHECK(bp->bp_yiaddr); - if (EXTRACT_32BITS(&bp->bp_yiaddr.s_addr)) - ND_PRINT((ndo, "\n\t Your-IP %s", ipaddr_string(ndo, &bp->bp_yiaddr))); + if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_yiaddr)) + ND_PRINT("\n\t Your-IP %s", GET_IPADDR_STRING(bp->bp_yiaddr)); /* Server's ip address */ - ND_TCHECK(bp->bp_siaddr); - if (EXTRACT_32BITS(&bp->bp_siaddr.s_addr)) - ND_PRINT((ndo, "\n\t Server-IP %s", ipaddr_string(ndo, &bp->bp_siaddr))); + if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_siaddr)) + ND_PRINT("\n\t Server-IP %s", GET_IPADDR_STRING(bp->bp_siaddr)); /* Gateway's ip address */ - ND_TCHECK(bp->bp_giaddr); - if (EXTRACT_32BITS(&bp->bp_giaddr.s_addr)) - ND_PRINT((ndo, "\n\t Gateway-IP %s", ipaddr_string(ndo, &bp->bp_giaddr))); + if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_giaddr)) + ND_PRINT("\n\t Gateway-IP %s", GET_IPADDR_STRING(bp->bp_giaddr)); /* Client's Ethernet address */ - if (bp->bp_htype == 1 && bp->bp_hlen == 6) { - ND_TCHECK2(bp->bp_chaddr[0], 6); - ND_PRINT((ndo, "\n\t Client-Ethernet-Address %s", etheraddr_string(ndo, bp->bp_chaddr))); + if (bp_htype == 1 && bp_hlen == MAC_ADDR_LEN) { + ND_PRINT("\n\t Client-Ethernet-Address %s", GET_ETHERADDR_STRING(bp->bp_chaddr)); } - ND_TCHECK2(bp->bp_sname[0], 1); /* check first char only */ - if (*bp->bp_sname) { - ND_PRINT((ndo, "\n\t sname \"")); - if (fn_printztn(ndo, bp->bp_sname, (u_int)sizeof bp->bp_sname, - ndo->ndo_snapend)) { - ND_PRINT((ndo, "\"")); - ND_PRINT((ndo, "%s", tstr + 1)); + if (GET_U_1(bp->bp_sname)) { /* get first char only */ + ND_PRINT("\n\t sname \""); + if (nd_printztn(ndo, bp->bp_sname, (u_int)sizeof(bp->bp_sname), + ndo->ndo_snapend) == 0) { + ND_PRINT("\""); + nd_print_trunc(ndo); return; } - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); } - ND_TCHECK2(bp->bp_file[0], 1); /* check first char only */ - if (*bp->bp_file) { - ND_PRINT((ndo, "\n\t file \"")); - if (fn_printztn(ndo, bp->bp_file, (u_int)sizeof bp->bp_file, - ndo->ndo_snapend)) { - ND_PRINT((ndo, "\"")); - ND_PRINT((ndo, "%s", tstr + 1)); + if (GET_U_1(bp->bp_file)) { /* get first char only */ + ND_PRINT("\n\t file \""); + if (nd_printztn(ndo, bp->bp_file, (u_int)sizeof(bp->bp_file), + ndo->ndo_snapend) == 0) { + ND_PRINT("\""); + nd_print_trunc(ndo); return; } - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); } /* Decode the vendor buffer */ - ND_TCHECK(bp->bp_vend[0]); + ND_TCHECK_4(bp->bp_vend); if (memcmp((const char *)bp->bp_vend, vm_rfc1048, sizeof(uint32_t)) == 0) rfc1048_print(ndo, bp->bp_vend); @@ -387,25 +380,25 @@ bootp_print(netdissect_options *ndo, else { uint32_t ul; - ul = EXTRACT_32BITS(&bp->bp_vend); + ul = GET_BE_U_4(bp->bp_vend); if (ul != 0) - ND_PRINT((ndo, "\n\t Vendor-#0x%x", ul)); + ND_PRINT("\n\t Vendor-#0x%x", ul); } return; trunc: - ND_PRINT((ndo, "%s", tstr)); + nd_print_trunc(ndo); } /* * The first character specifies the format to print: * i - ip address (32 bits) * p - ip address pairs (32 bits + 32 bits) - * l - long (32 bits) - * L - unsigned long (32 bits) - * s - short (16 bits) - * b - period-seperated decimal bytes (variable length) - * x - colon-seperated hex bytes (variable length) + * l - unsigned longs (32 bits) + * L - longs (32 bits) + * s - unsigned shorts (16 bits) + * b - period-separated decimal bytes (variable length) + * x - colon-separated hex bytes (variable length) * a - ASCII string (variable length) * B - on/off (8 bits) * $ - special (explicit code to handle) @@ -468,7 +461,7 @@ static const struct tok tag2str[] = { { TAG_NIS_P_DOMAIN, "sN+D" }, { TAG_NIS_P_SERVERS, "iN+S" }, { TAG_MOBILE_HOME, "iMH" }, - { TAG_SMPT_SERVER, "iSMTP" }, + { TAG_SMTP_SERVER, "iSMTP" }, { TAG_POP3_SERVER, "iPOP3" }, { TAG_NNTP_SERVER, "iNNTP" }, { TAG_WWW_SERVER, "iWWW" }, @@ -506,38 +499,32 @@ static const struct tok tag2str[] = { /* RFC 3442 */ { TAG_CLASSLESS_STATIC_RT, "$Classless-Static-Route" }, { TAG_CLASSLESS_STA_RT_MS, "$Classless-Static-Route-Microsoft" }, +/* RFC 8572 */ + { TAG_SZTP_REDIRECT, "$SZTP-Redirect" }, /* RFC 5859 - TFTP Server Address Option for DHCPv4 */ { TAG_TFTP_SERVER_ADDRESS, "iTFTP-Server-Address" }, -/* http://www.iana.org/assignments/bootp-dhcp-extensions/index.htm */ +/* https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml#options */ { TAG_SLP_NAMING_AUTH, "aSLP-NA" }, { TAG_CLIENT_FQDN, "$FQDN" }, { TAG_AGENT_CIRCUIT, "$Agent-Information" }, { TAG_AGENT_REMOTE, "bARMT" }, - { TAG_AGENT_MASK, "bAMSK" }, { TAG_TZ_STRING, "aTZSTR" }, { TAG_FQDN_OPTION, "bFQDNS" }, /* XXX 'b' */ { TAG_AUTH, "bAUTH" }, /* XXX 'b' */ - { TAG_VINES_SERVERS, "iVINES" }, - { TAG_SERVER_RANK, "sRANK" }, + { TAG_CLIENT_LAST_TRANSACTION_TIME, "LLast-Transaction-Time" }, + { TAG_ASSOCIATED_IP, "iAssociated-IP" }, { TAG_CLIENT_ARCH, "sARCH" }, { TAG_CLIENT_NDI, "bNDI" }, /* XXX 'b' */ { TAG_CLIENT_GUID, "bGUID" }, /* XXX 'b' */ { TAG_LDAP_URL, "aLDAP" }, - { TAG_6OVER4, "i6o4" }, - { TAG_TZ_PCODE, "aPOSIX-TZ" }, - { TAG_TZ_TCODE, "aTZ-Name" }, - { TAG_IPX_COMPAT, "bIPX" }, /* XXX 'b' */ + { TAG_TZ_PCODE, "aPOSIX-TZ" }, + { TAG_TZ_TCODE, "aTZ-Name" }, { TAG_NETINFO_PARENT, "iNI" }, { TAG_NETINFO_PARENT_TAG, "aNITAG" }, { TAG_URL, "aURL" }, - { TAG_FAILOVER, "bFAIL" }, /* XXX 'b' */ { TAG_MUDURL, "aMUD-URL" }, { 0, NULL } }; -/* 2-byte extended tags */ -static const struct tok xtag2str[] = { - { 0, NULL } -}; /* DHCP "options overload" types */ static const struct tok oo2str[] = { @@ -568,14 +555,18 @@ static const struct tok arp2str[] = { }; static const struct tok dhcp_msg_values[] = { - { DHCPDISCOVER, "Discover" }, - { DHCPOFFER, "Offer" }, - { DHCPREQUEST, "Request" }, - { DHCPDECLINE, "Decline" }, - { DHCPACK, "ACK" }, - { DHCPNAK, "NACK" }, - { DHCPRELEASE, "Release" }, - { DHCPINFORM, "Inform" }, + { DHCPDISCOVER, "Discover" }, + { DHCPOFFER, "Offer" }, + { DHCPREQUEST, "Request" }, + { DHCPDECLINE, "Decline" }, + { DHCPACK, "ACK" }, + { DHCPNAK, "NACK" }, + { DHCPRELEASE, "Release" }, + { DHCPINFORM, "Inform" }, + { DHCPLEASEQUERY, "LeaseQuery" }, + { DHCPLEASEUNASSIGNED, "LeaseUnassigned" }, + { DHCPLEASEUNKNOWN, "LeaseUnknown" }, + { DHCPLEASEACTIVE, "LeaseActive" }, { 0, NULL } }; @@ -592,104 +583,80 @@ static const struct tok agent_suboption_values[] = { static void rfc1048_print(netdissect_options *ndo, - register const u_char *bp) + const u_char *bp) { - register uint16_t tag; - register u_int len; - register const char *cp; - register char c; + uint16_t tag; + u_int len; + const char *cp; + char c; int first, idx; - uint32_t ul; - uint16_t us; - uint8_t uc, subopt, suboptlen; + uint8_t subopt, suboptlen; - ND_PRINT((ndo, "\n\t Vendor-rfc1048 Extensions")); + ND_PRINT("\n\t Vendor-rfc1048 Extensions"); /* Step over magic cookie */ - ND_PRINT((ndo, "\n\t Magic Cookie 0x%08x", EXTRACT_32BITS(bp))); + ND_PRINT("\n\t Magic Cookie 0x%08x", GET_BE_U_4(bp)); bp += sizeof(int32_t); /* Loop while we there is a tag left in the buffer */ - while (ND_TTEST2(*bp, 1)) { - tag = *bp++; + while (ND_TTEST_1(bp)) { + tag = GET_U_1(bp); + bp++; if (tag == TAG_PAD && ndo->ndo_vflag < 3) continue; if (tag == TAG_END && ndo->ndo_vflag < 3) return; - if (tag == TAG_EXTENDED_OPTION) { - ND_TCHECK2(*(bp + 1), 2); - tag = EXTRACT_16BITS(bp + 1); - /* XXX we don't know yet if the IANA will - * preclude overlap of 1-byte and 2-byte spaces. - * If not, we need to offset tag after this step. - */ - cp = tok2str(xtag2str, "?xT%u", tag); - } else - cp = tok2str(tag2str, "?T%u", tag); + cp = tok2str(tag2str, "?Unknown", tag); c = *cp++; if (tag == TAG_PAD || tag == TAG_END) len = 0; else { /* Get the length; check for truncation */ - ND_TCHECK2(*bp, 1); - len = *bp++; + len = GET_U_1(bp); + bp++; } - ND_PRINT((ndo, "\n\t %s Option %u, length %u%s", cp, tag, len, - len > 0 ? ": " : "")); + ND_PRINT("\n\t %s (%u), length %u%s", cp, tag, len, + len > 0 ? ": " : ""); if (tag == TAG_PAD && ndo->ndo_vflag > 2) { u_int ntag = 1; - while (ND_TTEST2(*bp, 1) && *bp == TAG_PAD) { + while (ND_TTEST_1(bp) && + GET_U_1(bp) == TAG_PAD) { bp++; ntag++; } if (ntag > 1) - ND_PRINT((ndo, ", occurs %u", ntag)); + ND_PRINT(", occurs %u", ntag); } - if (!ND_TTEST2(*bp, len)) { - ND_PRINT((ndo, "[|rfc1048 %u]", len)); - return; - } + ND_TCHECK_LEN(bp, len); if (tag == TAG_DHCP_MESSAGE && len == 1) { - uc = *bp++; - ND_PRINT((ndo, "%s", tok2str(dhcp_msg_values, "Unknown (%u)", uc))); + ND_PRINT("%s", + tok2str(dhcp_msg_values, "Unknown (%u)", GET_U_1(bp))); + bp++; continue; } if (tag == TAG_PARM_REQUEST) { idx = 0; - while (len-- > 0) { - uc = *bp++; - cp = tok2str(tag2str, "?Option %u", uc); + while (len > 0) { + uint8_t innertag = GET_U_1(bp); + bp++; + len--; + cp = tok2str(tag2str, "?Unknown", innertag); if (idx % 4 == 0) - ND_PRINT((ndo, "\n\t ")); + ND_PRINT("\n\t "); else - ND_PRINT((ndo, ", ")); - ND_PRINT((ndo, "%s", cp + 1)); + ND_PRINT(", "); + ND_PRINT("%s (%u)", cp + 1, innertag); idx++; } continue; } - if (tag == TAG_EXTENDED_REQUEST) { - first = 1; - while (len > 1) { - len -= 2; - us = EXTRACT_16BITS(bp); - bp += 2; - cp = tok2str(xtag2str, "?xT%u", us); - if (!first) - ND_PRINT((ndo, "+")); - ND_PRINT((ndo, "%s", cp + 1)); - first = 0; - } - continue; - } - /* Print data */ if (c == '?') { /* Base default formats for unknown tags on data size */ @@ -705,12 +672,12 @@ rfc1048_print(netdissect_options *ndo, case 'a': /* ASCII strings */ - ND_PRINT((ndo, "\"")); - if (fn_printn(ndo, bp, len, ndo->ndo_snapend)) { - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); + if (nd_printn(ndo, bp, len, ndo->ndo_snapend)) { + ND_PRINT("\""); goto trunc; } - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); bp += len; len = 0; break; @@ -719,48 +686,44 @@ rfc1048_print(netdissect_options *ndo, case 'l': case 'L': /* ip addresses/32-bit words */ - while (len >= sizeof(ul)) { + while (len >= 4) { if (!first) - ND_PRINT((ndo, ",")); - ul = EXTRACT_32BITS(bp); - if (c == 'i') { - ul = htonl(ul); - ND_PRINT((ndo, "%s", ipaddr_string(ndo, &ul))); - } else if (c == 'L') - ND_PRINT((ndo, "%d", ul)); + ND_PRINT(","); + if (c == 'i') + ND_PRINT("%s", GET_IPADDR_STRING(bp)); + else if (c == 'L') + ND_PRINT("%d", GET_BE_S_4(bp)); else - ND_PRINT((ndo, "%u", ul)); - bp += sizeof(ul); - len -= sizeof(ul); + ND_PRINT("%u", GET_BE_U_4(bp)); + bp += 4; + len -= 4; first = 0; } break; case 'p': /* IP address pairs */ - while (len >= 2*sizeof(ul)) { + while (len >= 2*4) { if (!first) - ND_PRINT((ndo, ",")); - memcpy((char *)&ul, (const char *)bp, sizeof(ul)); - ND_PRINT((ndo, "(%s:", ipaddr_string(ndo, &ul))); - bp += sizeof(ul); - memcpy((char *)&ul, (const char *)bp, sizeof(ul)); - ND_PRINT((ndo, "%s)", ipaddr_string(ndo, &ul))); - bp += sizeof(ul); - len -= 2*sizeof(ul); + ND_PRINT(","); + ND_PRINT("(%s:", GET_IPADDR_STRING(bp)); + bp += 4; + len -= 4; + ND_PRINT("%s)", GET_IPADDR_STRING(bp)); + bp += 4; + len -= 4; first = 0; } break; case 's': - /* shorts */ - while (len >= sizeof(us)) { + /* unsigned shorts */ + while (len >= 2) { if (!first) - ND_PRINT((ndo, ",")); - us = EXTRACT_16BITS(bp); - ND_PRINT((ndo, "%u", us)); - bp += sizeof(us); - len -= sizeof(us); + ND_PRINT(","); + ND_PRINT("%u", GET_BE_U_2(bp)); + bp += 2; + len -= 2; first = 0; } break; @@ -768,17 +731,19 @@ rfc1048_print(netdissect_options *ndo, case 'B': /* boolean */ while (len > 0) { + uint8_t bool_value; if (!first) - ND_PRINT((ndo, ",")); - switch (*bp) { + ND_PRINT(","); + bool_value = GET_U_1(bp); + switch (bool_value) { case 0: - ND_PRINT((ndo, "N")); + ND_PRINT("N"); break; case 1: - ND_PRINT((ndo, "Y")); + ND_PRINT("Y"); break; default: - ND_PRINT((ndo, "%u?", *bp)); + ND_PRINT("%u?", bool_value); break; } ++bp; @@ -792,12 +757,14 @@ rfc1048_print(netdissect_options *ndo, default: /* Bytes */ while (len > 0) { + uint8_t byte_value; if (!first) - ND_PRINT((ndo, c == 'x' ? ":" : ".")); + ND_PRINT(c == 'x' ? ":" : "."); + byte_value = GET_U_1(bp); if (c == 'x') - ND_PRINT((ndo, "%02x", *bp)); + ND_PRINT("%02x", byte_value); else - ND_PRINT((ndo, "%u", *bp)); + ND_PRINT("%u", byte_value); ++bp; --len; first = 0; @@ -811,45 +778,53 @@ rfc1048_print(netdissect_options *ndo, case TAG_NETBIOS_NODE: /* this option should be at least 1 byte long */ if (len < 1) { - ND_PRINT((ndo, "ERROR: length < 1 bytes")); + ND_PRINT("[ERROR: length < 1 bytes]"); break; } - tag = *bp++; + tag = GET_U_1(bp); + ++bp; --len; - ND_PRINT((ndo, "%s", tok2str(nbo2str, NULL, tag))); + ND_PRINT("%s", tok2str(nbo2str, NULL, tag)); break; case TAG_OPT_OVERLOAD: /* this option should be at least 1 byte long */ if (len < 1) { - ND_PRINT((ndo, "ERROR: length < 1 bytes")); + ND_PRINT("[ERROR: length < 1 bytes]"); break; } - tag = *bp++; + tag = GET_U_1(bp); + ++bp; --len; - ND_PRINT((ndo, "%s", tok2str(oo2str, NULL, tag))); + ND_PRINT("%s", tok2str(oo2str, NULL, tag)); break; case TAG_CLIENT_FQDN: /* this option should be at least 3 bytes long */ if (len < 3) { - ND_PRINT((ndo, "ERROR: length < 3 bytes")); + ND_PRINT("[ERROR: length < 3 bytes]"); bp += len; len = 0; break; } - if (*bp) - ND_PRINT((ndo, "[%s] ", client_fqdn_flags(*bp))); + if (GET_U_1(bp) & 0xf0) { + ND_PRINT("[ERROR: MBZ nibble 0x%x != 0] ", + (GET_U_1(bp) & 0xf0) >> 4); + } + if (GET_U_1(bp) & 0x0f) + ND_PRINT("[%s] ", + client_fqdn_flags(GET_U_1(bp))); bp++; - if (*bp || *(bp+1)) - ND_PRINT((ndo, "%u/%u ", *bp, *(bp+1))); + if (GET_U_1(bp) || GET_U_1(bp + 1)) + ND_PRINT("%u/%u ", GET_U_1(bp), + GET_U_1(bp + 1)); bp += 2; - ND_PRINT((ndo, "\"")); - if (fn_printn(ndo, bp, len - 3, ndo->ndo_snapend)) { - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); + if (nd_printn(ndo, bp, len - 3, ndo->ndo_snapend)) { + ND_PRINT("\""); goto trunc; } - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); bp += len - 3; len = 0; break; @@ -860,27 +835,28 @@ rfc1048_print(netdissect_options *ndo, /* this option should be at least 1 byte long */ if (len < 1) { - ND_PRINT((ndo, "ERROR: length < 1 bytes")); + ND_PRINT("[ERROR: length < 1 bytes]"); break; } - type = *bp++; + type = GET_U_1(bp); + bp++; len--; if (type == 0) { - ND_PRINT((ndo, "\"")); - if (fn_printn(ndo, bp, len, ndo->ndo_snapend)) { - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); + if (nd_printn(ndo, bp, len, ndo->ndo_snapend)) { + ND_PRINT("\""); goto trunc; } - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); bp += len; len = 0; break; } else { - ND_PRINT((ndo, "%s ", tok2str(arp2str, "hardware-type %u,", type))); + ND_PRINT("%s ", tok2str(arp2str, "hardware-type %u,", type)); while (len > 0) { if (!first) - ND_PRINT((ndo, ":")); - ND_PRINT((ndo, "%02x", *bp)); + ND_PRINT(":"); + ND_PRINT("%02x", GET_U_1(bp)); ++bp; --len; first = 0; @@ -891,28 +867,29 @@ rfc1048_print(netdissect_options *ndo, case TAG_AGENT_CIRCUIT: while (len >= 2) { - subopt = *bp++; - suboptlen = *bp++; + subopt = GET_U_1(bp); + suboptlen = GET_U_1(bp + 1); + bp += 2; len -= 2; if (suboptlen > len) { - ND_PRINT((ndo, "\n\t %s SubOption %u, length %u: length goes past end of option", + ND_PRINT("\n\t %s SubOption %u, length %u: length goes past end of option", tok2str(agent_suboption_values, "Unknown", subopt), subopt, - suboptlen)); + suboptlen); bp += len; len = 0; break; } - ND_PRINT((ndo, "\n\t %s SubOption %u, length %u: ", + ND_PRINT("\n\t %s SubOption %u, length %u: ", tok2str(agent_suboption_values, "Unknown", subopt), subopt, - suboptlen)); + suboptlen); switch (subopt) { case AGENT_SUBOPTION_CIRCUIT_ID: /* fall through */ case AGENT_SUBOPTION_REMOTE_ID: case AGENT_SUBOPTION_SUBSCRIBER_ID: - if (fn_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) + if (nd_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) goto trunc; break; @@ -932,19 +909,20 @@ rfc1048_print(netdissect_options *ndo, /* this option should be at least 5 bytes long */ if (len < 5) { - ND_PRINT((ndo, "ERROR: length < 5 bytes")); + ND_PRINT("[ERROR: length < 5 bytes]"); bp += len; len = 0; break; } while (len > 0) { if (!first) - ND_PRINT((ndo, ",")); - mask_width = *bp++; + ND_PRINT(","); + mask_width = GET_U_1(bp); + bp++; len--; /* mask_width <= 32 */ if (mask_width > 32) { - ND_PRINT((ndo, "[ERROR: Mask width (%d) > 32]", mask_width)); + ND_PRINT("[ERROR: Mask width (%u) > 32]", mask_width); bp += len; len = 0; break; @@ -952,27 +930,28 @@ rfc1048_print(netdissect_options *ndo, significant_octets = (mask_width + 7) / 8; /* significant octets + router(4) */ if (len < significant_octets + 4) { - ND_PRINT((ndo, "[ERROR: Remaining length (%u) < %u bytes]", len, significant_octets + 4)); + ND_PRINT("[ERROR: Remaining length (%u) < %u bytes]", len, significant_octets + 4); bp += len; len = 0; break; } - ND_PRINT((ndo, "(")); + ND_PRINT("("); if (mask_width == 0) - ND_PRINT((ndo, "default")); + ND_PRINT("default"); else { for (i = 0; i < significant_octets ; i++) { if (i > 0) - ND_PRINT((ndo, ".")); - ND_PRINT((ndo, "%d", *bp++)); + ND_PRINT("."); + ND_PRINT("%u", + GET_U_1(bp)); + bp++; } for (i = significant_octets ; i < 4 ; i++) - ND_PRINT((ndo, ".0")); - ND_PRINT((ndo, "/%d", mask_width)); + ND_PRINT(".0"); + ND_PRINT("/%u", mask_width); } - memcpy((char *)&ul, (const char *)bp, sizeof(ul)); - ND_PRINT((ndo, ":%s)", ipaddr_string(ndo, &ul))); - bp += sizeof(ul); + ND_PRINT(":%s)", GET_IPADDR_STRING(bp)); + bp += 4; len -= (significant_octets + 4); first = 0; } @@ -985,35 +964,36 @@ rfc1048_print(netdissect_options *ndo, first = 1; if (len < 2) { - ND_PRINT((ndo, "ERROR: length < 2 bytes")); + ND_PRINT("[ERROR: length < 2 bytes]"); bp += len; len = 0; break; } while (len > 0) { - suboptlen = *bp++; + suboptlen = GET_U_1(bp); + bp++; len--; - ND_PRINT((ndo, "\n\t ")); - ND_PRINT((ndo, "instance#%u: ", suboptnumber)); + ND_PRINT("\n\t "); + ND_PRINT("instance#%u: ", suboptnumber); if (suboptlen == 0) { - ND_PRINT((ndo, "ERROR: suboption length must be non-zero")); + ND_PRINT("[ERROR: suboption length must be non-zero]"); bp += len; len = 0; break; } if (len < suboptlen) { - ND_PRINT((ndo, "ERROR: invalid option")); + ND_PRINT("[ERROR: invalid option]"); bp += len; len = 0; break; } - ND_PRINT((ndo, "\"")); - if (fn_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) { - ND_PRINT((ndo, "\"")); + ND_PRINT("\""); + if (nd_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) { + ND_PRINT("\""); goto trunc; } - ND_PRINT((ndo, "\"")); - ND_PRINT((ndo, ", length %d", suboptlen)); + ND_PRINT("\""); + ND_PRINT(", length %u", suboptlen); suboptnumber++; len -= suboptlen; bp += suboptlen; @@ -1021,9 +1001,44 @@ rfc1048_print(netdissect_options *ndo, break; } + + case TAG_SZTP_REDIRECT: + /* as per https://datatracker.ietf.org/doc/html/rfc8572#section-8.3 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+ + | uri-length | URI | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+ + + * uri-length: 2 octets long; specifies the length of the URI data. + * URI: URI of the SZTP bootstrap server. + */ + while (len >= 2) { + uint16_t suboptlen2; + + suboptlen2 = GET_BE_U_2(bp); + bp += 2; + len -= 2; + ND_PRINT("\n\t "); + ND_PRINT("length %u: ", suboptlen2); + if (len < suboptlen2) { + ND_PRINT("length goes past end of option"); + bp += len; + len = 0; + break; + } + ND_PRINT("\""); + nd_printjn(ndo, bp, suboptlen2); + ND_PRINT("\""); + len -= suboptlen2; + bp += suboptlen2; + } + if (len != 0) { + ND_PRINT("[ERROR: length < 2 bytes]"); + } + break; + default: - ND_PRINT((ndo, "[unknown special tag %u, size %u]", - tag, len)); + ND_PRINT("[unknown special tag %u, size %u]", + tag, len); bp += len; len = 0; break; @@ -1032,34 +1047,36 @@ rfc1048_print(netdissect_options *ndo, } /* Data left over? */ if (len) { - ND_PRINT((ndo, "\n\t trailing data length %u", len)); + ND_PRINT("\n\t trailing data length %u", len); bp += len; } } return; trunc: - ND_PRINT((ndo, "|[rfc1048]")); + nd_print_trunc(ndo); } +#define PRINTCMUADDR(m, s) { ND_TCHECK_4(cmu->m); \ + if (GET_IPV4_TO_NETWORK_ORDER(cmu->m) != 0) \ + ND_PRINT(" %s:%s", s, GET_IPADDR_STRING(cmu->m)); } + static void cmu_print(netdissect_options *ndo, - register const u_char *bp) + const u_char *bp) { - register const struct cmu_vend *cmu; - -#define PRINTCMUADDR(m, s) { ND_TCHECK(cmu->m); \ - if (cmu->m.s_addr != 0) \ - ND_PRINT((ndo, " %s:%s", s, ipaddr_string(ndo, &cmu->m.s_addr))); } + const struct cmu_vend *cmu; + uint8_t v_flags; - ND_PRINT((ndo, " vend-cmu")); + ND_PRINT(" vend-cmu"); cmu = (const struct cmu_vend *)bp; /* Only print if there are unknown bits */ - ND_TCHECK(cmu->v_flags); - if ((cmu->v_flags & ~(VF_SMASK)) != 0) - ND_PRINT((ndo, " F:0x%x", cmu->v_flags)); + ND_TCHECK_4(cmu->v_flags); + v_flags = GET_U_1(cmu->v_flags); + if ((v_flags & ~(VF_SMASK)) != 0) + ND_PRINT(" F:0x%x", v_flags); PRINTCMUADDR(v_dgate, "DG"); - PRINTCMUADDR(v_smask, cmu->v_flags & VF_SMASK ? "SM" : "SM*"); + PRINTCMUADDR(v_smask, v_flags & VF_SMASK ? "SM" : "SM*"); PRINTCMUADDR(v_dns1, "NS1"); PRINTCMUADDR(v_dns2, "NS2"); PRINTCMUADDR(v_ins1, "IEN1"); @@ -1069,10 +1086,11 @@ cmu_print(netdissect_options *ndo, return; trunc: - ND_PRINT((ndo, "%s", tstr)); -#undef PRINTCMUADDR + nd_print_trunc(ndo); } +#undef PRINTCMUADDR + static char * client_fqdn_flags(u_int flags) {