X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/77352e05a50ec1c58ad1bf06688b2db440fcdee1..05ec05a87b3a7c6983a16b5ae62d0f1512c4ce89:/print-bootp.c

diff --git a/print-bootp.c b/print-bootp.c
index 04f767ee..c7538ff8 100644
--- a/print-bootp.c
+++ b/print-bootp.c
@@ -21,24 +21,16 @@
  * Format and print bootp packets.
  */
 #ifndef lint
-static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-bootp.c,v 1.59 2001-07-04 21:18:12 fenner Exp $ (LBL)";
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/print-bootp.c,v 1.89 2008-04-22 09:45:08 hannes Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
-#include <sys/param.h>
-#include <sys/time.h>
-#include <sys/socket.h>
+#include <tcpdump-stdinc.h>
 
-struct mbuf;
-struct rtentry;
-
-#include <netinet/in.h>
-
-#include <ctype.h>
 #include <stdio.h>
 #include <string.h>
 
@@ -48,102 +40,101 @@ struct rtentry;
 #include "ether.h"
 #include "bootp.h"
 
-static void rfc1048_print(const u_char *, u_int);
-static void cmu_print(const u_char *, u_int);
+static void rfc1048_print(const u_char *);
+static void cmu_print(const u_char *);
+static char *client_fqdn_flags(u_int flags);
 
 static char tstr[] = " [|bootp]";
 
+static const struct tok bootp_flag_values[] = {
+    { 0x8000,                   "Broadcast" },
+    { 0, NULL}
+};
+
+static const struct tok bootp_op_values[] = {
+    { BOOTPREQUEST,             "Request" },
+    { BOOTPREPLY,               "Reply" },
+    { 0, NULL}
+};
+
 /*
  * Print bootp requests
  */
 void
-bootp_print(register const u_char *cp, u_int length,
-	    u_short sport, u_short dport)
+bootp_print(register const u_char *cp, u_int length)
 {
 	register const struct bootp *bp;
-	static u_char vm_cmu[4] = VM_CMU;
-	static u_char vm_rfc1048[4] = VM_RFC1048;
+	static const u_char vm_cmu[4] = VM_CMU;
+	static const u_char vm_rfc1048[4] = VM_RFC1048;
 
-	bp = (struct bootp *)cp;
+	bp = (const struct bootp *)cp;
 	TCHECK(bp->bp_op);
-	switch (bp->bp_op) {
-
-	case BOOTREQUEST:
-		/* Usually, a request goes from a client to a server */
-		if (sport != IPPORT_BOOTPC || dport != IPPORT_BOOTPS)
-			printf(" (request)");
-		break;
-
-	case BOOTREPLY:
-		/* Usually, a reply goes from a server to a client */
-		if (sport != IPPORT_BOOTPS || dport != IPPORT_BOOTPC)
-			printf(" (reply)");
-		break;
-
-	default:
-		printf(" bootp-#%d", bp->bp_op);
+
+        printf("BOOTP/DHCP, %s",
+	       tok2str(bootp_op_values, "unknown (0x%02x)", bp->bp_op));
+
+	if (bp->bp_htype == 1 && bp->bp_hlen == 6 && bp->bp_op == BOOTPREQUEST) {
+		TCHECK2(bp->bp_chaddr[0], 6);
+		printf(" from %s", etheraddr_string(bp->bp_chaddr));
 	}
 
+        printf(", length %u", length);
+
+        if (!vflag)
+            return;
+
 	TCHECK(bp->bp_secs);
 
 	/* The usual hardware address type is 1 (10Mb Ethernet) */
 	if (bp->bp_htype != 1)
-		printf(" htype-#%d", bp->bp_htype);
+		printf(", htype %d", bp->bp_htype);
 
 	/* The usual length for 10Mb Ethernet address is 6 bytes */
 	if (bp->bp_htype != 1 || bp->bp_hlen != 6)
-		printf(" hlen:%d", bp->bp_hlen);
+		printf(", hlen %d", bp->bp_hlen);
 
 	/* Only print interesting fields */
 	if (bp->bp_hops)
-		printf(" hops:%d", bp->bp_hops);
+		printf(", hops %d", bp->bp_hops);
 	if (bp->bp_xid)
-		printf(" xid:0x%x", (u_int32_t)ntohl(bp->bp_xid));
+		printf(", xid 0x%x", EXTRACT_32BITS(&bp->bp_xid));
 	if (bp->bp_secs)
-		printf(" secs:%d", ntohs(bp->bp_secs));
-	if (bp->bp_flags)
-		printf(" flags:0x%x", ntohs(bp->bp_flags));
+		printf(", secs %d", EXTRACT_16BITS(&bp->bp_secs));
+
+	printf(", Flags [%s]",
+		bittok2str(bootp_flag_values, "none", EXTRACT_16BITS(&bp->bp_flags)));
+	if (vflag > 1)
+		printf(" (0x%04x)", EXTRACT_16BITS(&bp->bp_flags));
 
 	/* Client's ip address */
 	TCHECK(bp->bp_ciaddr);
 	if (bp->bp_ciaddr.s_addr)
-		printf(" C:%s", ipaddr_string(&bp->bp_ciaddr));
+		printf("\n\t  Client-IP %s", ipaddr_string(&bp->bp_ciaddr));
 
 	/* 'your' ip address (bootp client) */
 	TCHECK(bp->bp_yiaddr);
 	if (bp->bp_yiaddr.s_addr)
-		printf(" Y:%s", ipaddr_string(&bp->bp_yiaddr));
+		printf("\n\t  Your-IP %s", ipaddr_string(&bp->bp_yiaddr));
 
 	/* Server's ip address */
 	TCHECK(bp->bp_siaddr);
 	if (bp->bp_siaddr.s_addr)
-		printf(" S:%s", ipaddr_string(&bp->bp_siaddr));
+		printf("\n\t  Server-IP %s", ipaddr_string(&bp->bp_siaddr));
 
 	/* Gateway's ip address */
 	TCHECK(bp->bp_giaddr);
 	if (bp->bp_giaddr.s_addr)
-		printf(" G:%s", ipaddr_string(&bp->bp_giaddr));
+		printf("\n\t  Gateway-IP %s", ipaddr_string(&bp->bp_giaddr));
 
 	/* Client's Ethernet address */
 	if (bp->bp_htype == 1 && bp->bp_hlen == 6) {
-		register const struct ether_header *eh;
-		register const char *e;
-
 		TCHECK2(bp->bp_chaddr[0], 6);
-		eh = (struct ether_header *)packetp;
-		if (bp->bp_op == BOOTREQUEST)
-			e = (const char *)ESRC(eh);
-		else if (bp->bp_op == BOOTREPLY)
-			e = (const char *)EDST(eh);
-		else
-			e = 0;
-		if (e == 0 || memcmp((char *)bp->bp_chaddr, e, 6) != 0)
-			printf(" ether %s", etheraddr_string(bp->bp_chaddr));
+		printf("\n\t  Client-Ethernet-Address %s", etheraddr_string(bp->bp_chaddr));
 	}
 
 	TCHECK2(bp->bp_sname[0], 1);		/* check first char only */
 	if (*bp->bp_sname) {
-		printf(" sname \"");
+		printf("\n\t  sname \"");
 		if (fn_print(bp->bp_sname, snapend)) {
 			putchar('"');
 			fputs(tstr + 1, stdout);
@@ -151,9 +142,9 @@ bootp_print(register const u_char *cp, u_int length,
 		}
 		putchar('"');
 	}
-	TCHECK2(bp->bp_sname[0], 1);		/* check first char only */
+	TCHECK2(bp->bp_file[0], 1);		/* check first char only */
 	if (*bp->bp_file) {
-		printf(" file \"");
+		printf("\n\t  file \"");
 		if (fn_print(bp->bp_file, snapend)) {
 			putchar('"');
 			fputs(tstr + 1, stdout);
@@ -164,19 +155,18 @@ bootp_print(register const u_char *cp, u_int length,
 
 	/* Decode the vendor buffer */
 	TCHECK(bp->bp_vend[0]);
-	length -= sizeof(*bp) - sizeof(bp->bp_vend);
-	if (memcmp((char *)bp->bp_vend, (char *)vm_rfc1048,
+	if (memcmp((const char *)bp->bp_vend, vm_rfc1048,
 		 sizeof(u_int32_t)) == 0)
-		rfc1048_print(bp->bp_vend, length);
-	else if (memcmp((char *)bp->bp_vend, (char *)vm_cmu,
+		rfc1048_print(bp->bp_vend);
+	else if (memcmp((const char *)bp->bp_vend, vm_cmu,
 		      sizeof(u_int32_t)) == 0)
-		cmu_print(bp->bp_vend, length);
+		cmu_print(bp->bp_vend);
 	else {
 		u_int32_t ul;
 
 		ul = EXTRACT_32BITS(&bp->bp_vend);
 		if (ul != 0)
-			printf("vend-#0x%x", ul);
+			printf("\n\t  Vendor-#0x%x", ul);
 	}
 
 	return;
@@ -200,23 +190,23 @@ trunc:
 static struct tok tag2str[] = {
 /* RFC1048 tags */
 	{ TAG_PAD,		" PAD" },
-	{ TAG_SUBNET_MASK,	"iSM" },	/* subnet mask (RFC950) */
-	{ TAG_TIME_OFFSET,	"LTZ" },	/* seconds from UTC */
-	{ TAG_GATEWAY,		"iDG" },	/* default gateway */
-	{ TAG_TIME_SERVER,	"iTS" },	/* time servers (RFC868) */
-	{ TAG_NAME_SERVER,	"iIEN" },	/* IEN name servers (IEN116) */
-	{ TAG_DOMAIN_SERVER,	"iNS" },	/* domain name (RFC1035) */
+	{ TAG_SUBNET_MASK,	"iSubnet-Mask" },	/* subnet mask (RFC950) */
+	{ TAG_TIME_OFFSET,	"LTime-Zone" },	/* seconds from UTC */
+	{ TAG_GATEWAY,		"iDefault-Gateway" },	/* default gateway */
+	{ TAG_TIME_SERVER,	"iTime-Server" },	/* time servers (RFC868) */
+	{ TAG_NAME_SERVER,	"iIEN-Name-Server" },	/* IEN name servers (IEN116) */
+	{ TAG_DOMAIN_SERVER,	"iDomain-Name-Server" },	/* domain name (RFC1035) */
 	{ TAG_LOG_SERVER,	"iLOG" },	/* MIT log servers */
 	{ TAG_COOKIE_SERVER,	"iCS" },	/* cookie servers (RFC865) */
-	{ TAG_LPR_SERVER,	"iLPR" },	/* lpr server (RFC1179) */
+	{ TAG_LPR_SERVER,	"iLPR-Server" },	/* lpr server (RFC1179) */
 	{ TAG_IMPRESS_SERVER,	"iIM" },	/* impress servers (Imagen) */
 	{ TAG_RLP_SERVER,	"iRL" },	/* resource location (RFC887) */
-	{ TAG_HOSTNAME,		"aHN" },	/* ascii hostname */
+	{ TAG_HOSTNAME,		"aHostname" },	/* ascii hostname */
 	{ TAG_BOOTSIZE,		"sBS" },	/* 512 byte blocks */
 	{ TAG_END,		" END" },
 /* RFC1497 tags */
 	{ TAG_DUMPPATH,		"aDP" },
-	{ TAG_DOMAINNAME,	"aDN" },
+	{ TAG_DOMAINNAME,	"aDomain-Name" },
 	{ TAG_SWAP_SERVER,	"iSS" },
 	{ TAG_ROOTPATH,		"aRP" },
 	{ TAG_EXTPATH,		"aEP" },
@@ -226,16 +216,16 @@ static struct tok tag2str[] = {
 	{ TAG_PFILTERS,		"pPF" },
 	{ TAG_REASS_SIZE,	"sRSZ" },
 	{ TAG_DEF_TTL,		"bTTL" },
-	{ TAG_MTU_TIMEOUT,	"lMA" },
-	{ TAG_MTU_TABLE,	"sMT" },
+	{ TAG_MTU_TIMEOUT,	"lMTU-Timeout" },
+	{ TAG_MTU_TABLE,	"sMTU-Table" },
 	{ TAG_INT_MTU,		"sMTU" },
 	{ TAG_LOCAL_SUBNETS,	"BLSN" },
 	{ TAG_BROAD_ADDR,	"iBR" },
 	{ TAG_DO_MASK_DISC,	"BMD" },
 	{ TAG_SUPPLY_MASK,	"BMS" },
-	{ TAG_DO_RDISC,		"BRD" },
+	{ TAG_DO_RDISC,		"BRouter-Discovery" },
 	{ TAG_RTR_SOL_ADDR,	"iRSA" },
-	{ TAG_STATIC_ROUTE,	"pSR" },
+	{ TAG_STATIC_ROUTE,	"pStatic-Route" },
 	{ TAG_USE_TRAILERS,	"BUT" },
 	{ TAG_ARP_TIMEOUT,	"lAT" },
 	{ TAG_ETH_ENCAP,	"BIE" },
@@ -245,11 +235,11 @@ static struct tok tag2str[] = {
 	{ TAG_NIS_DOMAIN,	"aYD" },
 	{ TAG_NIS_SERVERS,	"iYS" },
 	{ TAG_NTP_SERVERS,	"iNTP" },
-	{ TAG_VENDOR_OPTS,	"bVO" },
-	{ TAG_NETBIOS_NS,	"iWNS" },
+	{ TAG_VENDOR_OPTS,	"bVendor-Option" },
+	{ TAG_NETBIOS_NS,	"iNetbios-Name-Server" },
 	{ TAG_NETBIOS_DDS,	"iWDD" },
-	{ TAG_NETBIOS_NODE,	"$WNT" },
-	{ TAG_NETBIOS_SCOPE,	"aWSC" },
+	{ TAG_NETBIOS_NODE,	"$Netbios-Node" },
+	{ TAG_NETBIOS_SCOPE,	"aNetbios-Scope" },
 	{ TAG_XWIN_FS,		"iXFS" },
 	{ TAG_XWIN_DM,		"iXDM" },
 	{ TAG_NIS_P_DOMAIN,	"sN+D" },
@@ -263,20 +253,20 @@ static struct tok tag2str[] = {
 	{ TAG_IRC_SERVER,	"iIRC" },
 	{ TAG_STREETTALK_SRVR,	"iSTS" },
 	{ TAG_STREETTALK_STDA,	"iSTDA" },
-	{ TAG_REQUESTED_IP,	"iRQ" },
-	{ TAG_IP_LEASE,		"lLT" },
+	{ TAG_REQUESTED_IP,	"iRequested-IP" },
+	{ TAG_IP_LEASE,		"lLease-Time" },
 	{ TAG_OPT_OVERLOAD,	"$OO" },
 	{ TAG_TFTP_SERVER,	"aTFTP" },
 	{ TAG_BOOTFILENAME,	"aBF" },
-	{ TAG_DHCP_MESSAGE,	" DHCP" },
-	{ TAG_SERVER_ID,	"iSID" },
-	{ TAG_PARM_REQUEST,	"bPR" },
+	{ TAG_DHCP_MESSAGE,	" DHCP-Message" },
+	{ TAG_SERVER_ID,	"iServer-ID" },
+	{ TAG_PARM_REQUEST,	"bParameter-Request" },
 	{ TAG_MESSAGE,		"aMSG" },
 	{ TAG_MAX_MSG_SIZE,	"sMSZ" },
 	{ TAG_RENEWAL_TIME,	"lRN" },
 	{ TAG_REBIND_TIME,	"lRB" },
-	{ TAG_VENDOR_CLASS,	"aVC" },
-	{ TAG_CLIENT_ID,	"$CID" },
+	{ TAG_VENDOR_CLASS,	"aVendor-Class" },
+	{ TAG_CLIENT_ID,	"$Client-ID" },
 /* RFC 2485 */
 	{ TAG_OPEN_GROUP_UAP,	"aUAP" },
 /* RFC 2563 */
@@ -288,11 +278,14 @@ static struct tok tag2str[] = {
 	{ TAG_NS_SEARCH,	"sNSSEARCH" },	/* XXX 's' */
 /* RFC 3011 */
 	{ TAG_IP4_SUBNET_SELECT, "iSUBNET" },
-/* ftp://ftp.isi.edu/.../assignments/bootp-dhcp-extensions */
+/* RFC 3442 */
+	{ TAG_CLASSLESS_STATIC_RT, "$Classless-Static-Route" },
+	{ TAG_CLASSLESS_STA_RT_MS, "$Classless-Static-Route-Microsoft" },
+/* http://www.iana.org/assignments/bootp-dhcp-extensions/index.htm */
 	{ TAG_USER_CLASS,	"aCLASS" },
 	{ TAG_SLP_NAMING_AUTH,	"aSLP-NA" },
 	{ TAG_CLIENT_FQDN,	"$FQDN" },
-	{ TAG_AGENT_CIRCUIT,	"bACKT" },
+	{ TAG_AGENT_CIRCUIT,	"$Agent-Information" },
 	{ TAG_AGENT_REMOTE,	"bARMT" },
 	{ TAG_AGENT_MASK,	"bAMSK" },
 	{ TAG_TZ_STRING,	"aTZSTR" },
@@ -347,28 +340,53 @@ static struct tok arp2str[] = {
 	{ 0,			NULL }
 };
 
+static struct tok dhcp_msg_values[] = {
+        { DHCPDISCOVER, "Discover" },
+        { DHCPOFFER, "Offer" },
+        { DHCPREQUEST, "Request" },
+        { DHCPDECLINE, "Decline" },
+        { DHCPACK, "ACK" },
+        { DHCPNAK, "NACK" },
+        { DHCPRELEASE, "Release" },
+        { DHCPINFORM, "Inform" },
+        { 0,			NULL }
+};
+
+#define AGENT_SUBOPTION_CIRCUIT_ID 	1	/* RFC 3046 */
+#define AGENT_SUBOPTION_REMOTE_ID  	2	/* RFC 3046 */
+#define AGENT_SUBOPTION_SUBSCRIBER_ID 	6	/* RFC 3993 */
+static struct tok agent_suboption_values[] = {
+        { AGENT_SUBOPTION_CIRCUIT_ID, "Circuit-ID" },
+        { AGENT_SUBOPTION_REMOTE_ID, "Remote-ID" },
+        { AGENT_SUBOPTION_SUBSCRIBER_ID, "Subscriber-ID" },
+        { 0,			NULL }
+};
+
+
 static void
-rfc1048_print(register const u_char *bp, register u_int length)
+rfc1048_print(register const u_char *bp)
 {
-	register u_char tag;
-	register u_int len, size;
+	register u_int16_t tag;
+	register u_int len;
 	register const char *cp;
 	register char c;
-	int first;
+	int first, idx;
 	u_int32_t ul;
-	u_short us;
+	u_int16_t us;
+	u_int8_t uc, subopt, suboptlen;
 
-	printf(" vend-rfc1048");
+	printf("\n\t  Vendor-rfc1048 Extensions");
 
 	/* Step over magic cookie */
+        printf("\n\t    Magic Cookie 0x%08x", EXTRACT_32BITS(bp));
 	bp += sizeof(int32_t);
 
 	/* Loop while we there is a tag left in the buffer */
-	while (bp + 1 < snapend) {
+	while (TTEST2(*bp, 1)) {
 		tag = *bp++;
-		if (tag == TAG_PAD)
+		if (tag == TAG_PAD && vflag < 3)
 			continue;
-		if (tag == TAG_END)
+		if (tag == TAG_END && vflag < 3)
 			return;
 		if (tag == TAG_EXTENDED_OPTION) {
 			TCHECK2(*(bp + 1), 2);
@@ -377,58 +395,65 @@ rfc1048_print(register const u_char *bp, register u_int length)
 			 * preclude overlap of 1-byte and 2-byte spaces.
 			 * If not, we need to offset tag after this step.
 			 */
-			cp = tok2str(xtag2str, "?xT%d", tag);
+			cp = tok2str(xtag2str, "?xT%u", tag);
 		} else
-			cp = tok2str(tag2str, "?T%d", tag);
+			cp = tok2str(tag2str, "?T%u", tag);
 		c = *cp++;
-		printf(" %s:", cp);
 
-		/* Get the length; check for truncation */
-		if (bp + 1 >= snapend) {
-			fputs(tstr, stdout);
-			return;
+		if (tag == TAG_PAD || tag == TAG_END)
+			len = 0;
+		else {
+			/* Get the length; check for truncation */
+			TCHECK2(*bp, 1);
+			len = *bp++;
+		}
+
+		printf("\n\t    %s Option %u, length %u%s", cp, tag, len,
+		    len > 0 ? ": " : "");
+
+		if (tag == TAG_PAD && vflag > 2) {
+			u_int ntag = 1;
+			while (TTEST2(*bp, 1) && *bp == TAG_PAD) {
+				bp++;
+				ntag++;
+			}
+			if (ntag > 1)
+				printf(", occurs %u", ntag);
 		}
-		len = *bp++;
-		if (bp + len >= snapend) {
-			fputs(tstr, stdout);
+
+		if (!TTEST2(*bp, len)) {
+			printf("[|rfc1048 %u]", len);
 			return;
 		}
 
 		if (tag == TAG_DHCP_MESSAGE && len == 1) {
-			c = *bp++;
-			switch (c) {
-			case DHCPDISCOVER:	printf("DISCOVER");	break;
-			case DHCPOFFER:		printf("OFFER");	break;
-			case DHCPREQUEST:	printf("REQUEST");	break;
-			case DHCPDECLINE:	printf("DECLINE");	break;
-			case DHCPACK:		printf("ACK");		break;
-			case DHCPNAK:		printf("NACK");		break;
-			case DHCPRELEASE:	printf("RELEASE");	break;
-			case DHCPINFORM:	printf("INFORM");	break;
-			default:		printf("%u", c);	break;
-			}
-			continue;
+			uc = *bp++;
+                        printf("%s", tok2str(dhcp_msg_values, "Unknown (%u)", uc));
+                        continue;
 		}
 
 		if (tag == TAG_PARM_REQUEST) {
-			first = 1;
+			idx = 0;
 			while (len-- > 0) {
-				c = *bp++;
-				cp = tok2str(tag2str, "?T%d", c);
-				if (!first)
-					putchar('+');
+				uc = *bp++;
+				cp = tok2str(tag2str, "?Option %u", uc);
+				if (idx % 4 == 0)
+					printf("\n\t      ");
+				else
+					printf(", ");
 				printf("%s", cp + 1);
-				first = 0;
+				idx++;
 			}
 			continue;
 		}
+
 		if (tag == TAG_EXTENDED_REQUEST) {
 			first = 1;
 			while (len > 1) {
 				len -= 2;
-				c = EXTRACT_16BITS(bp);
+				us = EXTRACT_16BITS(bp);
 				bp += 2;
-				cp = tok2str(xtag2str, "?xT%d", c);
+				cp = tok2str(xtag2str, "?xT%u", us);
 				if (!first)
 					putchar('+');
 				printf("%s", cp + 1);
@@ -438,12 +463,11 @@ rfc1048_print(register const u_char *bp, register u_int length)
 		}
 
 		/* Print data */
-		size = len;
 		if (c == '?') {
 			/* Base default formats for unknown tags on data size */
-			if (size & 1)
+			if (len & 1)
 				c = 'b';
-			else if (size & 2)
+			else if (len & 2)
 				c = 's';
 			else
 				c = 'l';
@@ -454,17 +478,20 @@ rfc1048_print(register const u_char *bp, register u_int length)
 		case 'a':
 			/* ascii strings */
 			putchar('"');
-			(void)fn_printn(bp, size, NULL);
+			if (fn_printn(bp, len, snapend)) {
+				putchar('"');
+				goto trunc;
+			}
 			putchar('"');
-			bp += size;
-			size = 0;
+			bp += len;
+			len = 0;
 			break;
 
 		case 'i':
 		case 'l':
 		case 'L':
 			/* ip addresses/32-bit words */
-			while (size >= sizeof(ul)) {
+			while (len >= sizeof(ul)) {
 				if (!first)
 					putchar(',');
 				ul = EXTRACT_32BITS(bp);
@@ -476,43 +503,43 @@ rfc1048_print(register const u_char *bp, register u_int length)
 				else
 					printf("%u", ul);
 				bp += sizeof(ul);
-				size -= sizeof(ul);
+				len -= sizeof(ul);
 				first = 0;
 			}
 			break;
 
 		case 'p':
 			/* IP address pairs */
-			while (size >= 2*sizeof(ul)) {
+			while (len >= 2*sizeof(ul)) {
 				if (!first)
 					putchar(',');
-				memcpy((char *)&ul, (char *)bp, sizeof(ul));
+				memcpy((char *)&ul, (const char *)bp, sizeof(ul));
 				printf("(%s:", ipaddr_string(&ul));
 				bp += sizeof(ul);
-				memcpy((char *)&ul, (char *)bp, sizeof(ul));
+				memcpy((char *)&ul, (const char *)bp, sizeof(ul));
 				printf("%s)", ipaddr_string(&ul));
 				bp += sizeof(ul);
-				size -= 2*sizeof(ul);
+				len -= 2*sizeof(ul);
 				first = 0;
 			}
 			break;
 
 		case 's':
 			/* shorts */
-			while (size >= sizeof(us)) {
+			while (len >= sizeof(us)) {
 				if (!first)
 					putchar(',');
 				us = EXTRACT_16BITS(bp);
-				printf("%d", us);
+				printf("%u", us);
 				bp += sizeof(us);
-				size -= sizeof(us);
+				len -= sizeof(us);
 				first = 0;
 			}
 			break;
 
 		case 'B':
 			/* boolean */
-			while (size > 0) {
+			while (len > 0) {
 				if (!first)
 					putchar(',');
 				switch (*bp) {
@@ -523,11 +550,11 @@ rfc1048_print(register const u_char *bp, register u_int length)
 					putchar('Y');
 					break;
 				default:
-					printf("%d?", *bp);
+					printf("%u?", *bp);
 					break;
 				}
 				++bp;
-				--size;
+				--len;
 				first = 0;
 			}
 			break;
@@ -536,15 +563,15 @@ rfc1048_print(register const u_char *bp, register u_int length)
 		case 'x':
 		default:
 			/* Bytes */
-			while (size > 0) {
+			while (len > 0) {
 				if (!first)
 					putchar(c == 'x' ? ':' : '.');
 				if (c == 'x')
 					printf("%02x", *bp);
 				else
-					printf("%d", *bp);
+					printf("%u", *bp);
 				++bp;
-				--size;
+				--len;
 				first = 0;
 			}
 			break;
@@ -554,64 +581,193 @@ rfc1048_print(register const u_char *bp, register u_int length)
 			switch (tag) {
 
 			case TAG_NETBIOS_NODE:
+				/* this option should be at least 1 byte long */
+				if (len < 1)  {
+					printf("ERROR: option %u len %u < 1 bytes",
+					    TAG_NETBIOS_NODE, len);
+					break;
+				}
 				tag = *bp++;
-				--size;
+				--len;
 				fputs(tok2str(nbo2str, NULL, tag), stdout);
 				break;
 
 			case TAG_OPT_OVERLOAD:
+				/* this option should be at least 1 byte long */
+				if (len < 1)  {
+					printf("ERROR: option %u len %u < 1 bytes",
+					    TAG_OPT_OVERLOAD, len);
+					break;
+				}
 				tag = *bp++;
-				--size;
+				--len;
 				fputs(tok2str(oo2str, NULL, tag), stdout);
 				break;
 
 			case TAG_CLIENT_FQDN:
-				if (*bp++)
-					printf("[svrreg]");
+				/* this option should be at least 3 bytes long */
+				if (len < 3)  {
+					printf("ERROR: option %u len %u < 3 bytes",
+					    TAG_CLIENT_FQDN, len);
+					bp += len;
+					len = 0;
+					break;
+				}
 				if (*bp)
-					printf("%d/%d/", *bp, *(bp+1));
+					printf("[%s] ", client_fqdn_flags(*bp));
+				bp++;
+				if (*bp || *(bp+1))
+					printf("%u/%u ", *bp, *(bp+1));
 				bp += 2;
 				putchar('"');
-				(void)fn_printn(bp, size - 3, NULL);
+				if (fn_printn(bp, len - 3, snapend)) {
+					putchar('"');
+					goto trunc;
+				}
 				putchar('"');
-				bp += size - 3;
-				size = 0;
+				bp += len - 3;
+				len = 0;
 				break;
 
 			case TAG_CLIENT_ID:
-			    {	int type = *bp++;
-				size--;
+			    {	int type;
+
+				/* this option should be at least 1 byte long */
+				if (len < 1)  {
+					printf("ERROR: option %u len %u < 1 bytes",
+					    TAG_CLIENT_ID, len);
+					break;
+				}
+				type = *bp++;
+				len--;
 				if (type == 0) {
 					putchar('"');
-					(void)fn_printn(bp, size, NULL);  
+					if (fn_printn(bp, len, snapend)) {
+						putchar('"');
+						goto trunc;
+					}
 					putchar('"');
+					bp += len;
+					len = 0;
 					break;
 				} else {
-					printf("[%s]", tok2str(arp2str, "type-%d", type));
+					printf("%s ", tok2str(arp2str, "hardware-type %u,", type));
+					while (len > 0) {
+						if (!first)
+							putchar(':');
+						printf("%02x", *bp);
+						++bp;
+						--len;
+						first = 0;
+					}
 				}
-				while (size > 0) {
+				break;
+			    }
+
+			case TAG_AGENT_CIRCUIT:
+				while (len >= 2) {
+					subopt = *bp++;
+					suboptlen = *bp++;
+					len -= 2;
+					if (suboptlen > len) {
+						printf("\n\t      %s SubOption %u, length %u: length goes past end of option",
+						   tok2str(agent_suboption_values, "Unknown", subopt),
+						   subopt,
+						   suboptlen);
+						bp += len;
+						len = 0;
+						break;
+					}
+					printf("\n\t      %s SubOption %u, length %u: ",
+					   tok2str(agent_suboption_values, "Unknown", subopt),
+					   subopt,
+					   suboptlen);
+					switch (subopt) {
+
+                                        case AGENT_SUBOPTION_CIRCUIT_ID: /* fall through */
+                                        case AGENT_SUBOPTION_REMOTE_ID:
+                                        case AGENT_SUBOPTION_SUBSCRIBER_ID:
+                                                fn_printn(bp, suboptlen, NULL);
+                                                break;
+
+					default:
+						print_unknown_data(bp, "\n\t\t", suboptlen);
+					}
+
+					len -= suboptlen;
+					bp += suboptlen;
+			    }
+			    break;
+
+			case TAG_CLASSLESS_STATIC_RT:
+			case TAG_CLASSLESS_STA_RT_MS:
+			{	
+				u_int mask_width, significant_octets, i;
+
+				/* this option should be at least 5 bytes long */
+				if (len < 5)  {
+					printf("ERROR: option %u len %u < 5 bytes",
+					    TAG_CLASSLESS_STATIC_RT, len);
+					bp += len;
+					len = 0;
+					break;
+				}
+				while (len > 0) {
 					if (!first)
-						putchar(':');
-					printf("%02x", *bp);
-					++bp;
-					--size;
+						putchar(',');
+					mask_width = *bp++;
+					len--;
+					/* mask_width <= 32 */
+					if (mask_width > 32) {
+						printf("[ERROR: Mask width (%d) > 32]",  mask_width);
+						bp += len;
+						len = 0;
+						break;
+					}
+					significant_octets = (mask_width + 7) / 8;
+					/* significant octets + router(4) */
+					if (len < significant_octets + 4) {
+						printf("[ERROR: Remaining length (%u) < %u bytes]",  len, significant_octets + 4);
+						bp += len;
+						len = 0;
+						break;
+					}
+					putchar('(');
+					if (mask_width == 0)
+						printf("default");
+					else {
+						for (i = 0; i < significant_octets ; i++) {
+							if (i > 0)
+								putchar('.');
+							printf("%d", *bp++);
+						}
+						for (i = significant_octets ; i < 4 ; i++)
+							printf(".0");
+						printf("/%d", mask_width);
+					}
+					memcpy((char *)&ul, (const char *)bp, sizeof(ul));
+					printf(":%s)", ipaddr_string(&ul));
+					bp += sizeof(ul);
+					len -= (significant_octets + 4);
 					first = 0;
 				}
-				break;
-			    }
+			}
+			break;
 
 			default:
-				printf("[unknown special tag %d, size %d]",
-				    tag, size);
-				bp += size;
-				size = 0;
+				printf("[unknown special tag %u, size %u]",
+				    tag, len);
+				bp += len;
+				len = 0;
 				break;
 			}
 			break;
 		}
 		/* Data left over? */
-		if (size)
-			printf("[len %d]", len);
+		if (len) {
+			printf("\n\t  trailing data length %u", len);
+			bp += len;
+		}
 	}
 	return;
 trunc:
@@ -619,7 +775,7 @@ trunc:
 }
 
 static void
-cmu_print(register const u_char *bp, register u_int length)
+cmu_print(register const u_char *bp)
 {
 	register const struct cmu_vend *cmu;
 
@@ -628,7 +784,7 @@ cmu_print(register const u_char *bp, register u_int length)
 	printf(" %s:%s", s, ipaddr_string(&cmu->m.s_addr)); }
 
 	printf(" vend-cmu");
-	cmu = (struct cmu_vend *)bp;
+	cmu = (const struct cmu_vend *)bp;
 
 	/* Only print if there are unknown bits */
 	TCHECK(cmu->v_flags);
@@ -648,3 +804,22 @@ trunc:
 	fputs(tstr, stdout);
 #undef PRINTCMUADDR
 }
+
+static char *
+client_fqdn_flags(u_int flags)
+{
+	static char buf[8+1];
+	int i = 0;
+
+	if (flags & CLIENT_FQDN_FLAGS_S)
+		buf[i++] = 'S';
+	if (flags & CLIENT_FQDN_FLAGS_O)
+		buf[i++] = 'O';
+	if (flags & CLIENT_FQDN_FLAGS_E)
+		buf[i++] = 'E';
+	if (flags & CLIENT_FQDN_FLAGS_N)
+		buf[i++] = 'N';
+	buf[i] = '\0';
+
+	return buf;
+}