From: Ulrich Windl Date: Mon, 4 Sep 2017 07:45:06 +0000 (+0200) Subject: print-ntp.c: Handle NTP Control Messages X-Git-Tag: tcpdump-4.99-bp~1998 X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/c2e2a18f275db8785511035492033ae93268ae65 print-ntp.c: Handle NTP Control Messages In print-ntp.c: Rename struct ntpdata into struct ntp_time_data and add new struct ntp_control_data to map NTP Control messages. Add figure of NTP Control Message Header as comment. Add union ntpdata to provide a common view on NTP messages. Rename ntp_print() to ntp_time_print(), using new structures. Improve comment and re-arrange fields in ntp_print(). Add ntp_control_print() to handle NTP Control Messages. Output R, E, M, OpCode, Sequence, Status, Assoc, Offset, and Count in ntp_control_print(). A new ntp_print() will decode only the very basics (VN, LI and Mode) to call ntp_time_print() or ntp_control_print(), depending on Mode. --- diff --git a/print-ntp.c b/print-ntp.c index 79bff24b..2a42c8f6 100644 --- a/print-ntp.c +++ b/print-ntp.c @@ -119,7 +119,7 @@ struct s_fixedpt { */ #define NTP_MSG_MINLEN 48 -struct ntpdata { +struct ntp_time_data { u_char status; /* status of local clock and leap info */ u_char stratum; /* Stratum level */ int ppoll:8; /* poll value */ @@ -207,14 +207,47 @@ static const struct tok ntp_stratum_values[] = { { 0, NULL } }; +/* draft-ietf-ntp-mode-6-cmds-02 + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |LI | VN |Mode |R|E|M| OpCode | Sequence Number | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Status | Association ID | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Offset | Count | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | | + * / Data (up to 468 bytes) / + * | | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Padding (optional) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | | + * / Authenticator (optional, 96 bytes) / + * | | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * Figure 1: NTP Control Message Header + */ +struct ntp_control_data { + u_char magic; /* LI, VN, Mode */ + u_char control; /* R, E, M, OpCode */ + uint16_t sequence; /* Sequence Number */ + uint16_t status; /* Status */ + uint16_t assoc; /* Association ID */ + uint16_t offset; /* Offset */ + uint16_t count; /* Count */ + u_char data[564]; /* Data, [Padding, [Authenticator]] */ +}; + /* - * Print ntp requests + * Print NTP time requests and responses */ -void -ntp_print(netdissect_options *ndo, - register const u_char *cp, u_int length) +static void +ntp_time_print(netdissect_options *ndo, + register const struct ntp_time_data *bp, u_int length) { - register const struct ntpdata *bp; int mode, version, leapind; if (length < NTP_MSG_MINLEN) { @@ -222,8 +255,6 @@ ntp_print(netdissect_options *ndo, goto invalid; } - bp = (const struct ntpdata *)cp; - ND_TCHECK(bp->status); version = (int)(bp->status & VERSIONMASK) >> VERSIONSHIFT; @@ -351,7 +382,99 @@ ntp_print(netdissect_options *ndo, invalid: ND_PRINT((ndo, " %s", istr)); - ND_TCHECK2(*cp, length); + ND_TCHECK2(*bp, length); + return; + +trunc: + ND_PRINT((ndo, " [|ntp]")); +} + +/* + * Print NTP control message requests and responses + */ +static void +ntp_control_print(netdissect_options *ndo, + register const struct ntp_control_data *cd, u_int length) +{ + u_char R, E, M, opcode; + uint16_t sequence, status, assoc, offset, count; + + R = (cd->control & 0x80) != 0; + E = (cd->control & 0x40) != 0; + M = (cd->control & 0x20) != 0; + opcode = cd->control & 0x1f; + ND_PRINT((ndo, ", %s, %s, %s, OpCode=%u\n", + R ? "Response" : "Request", E ? "Error" : "OK", + M ? "More" : "Last", (unsigned)opcode)); + + sequence = EXTRACT_16BITS(&cd->sequence); + ND_PRINT((ndo, "\tSequence=%hu", sequence)); + + status = EXTRACT_16BITS(&cd->status); + ND_PRINT((ndo, ", Status=%#hx", status)); + + assoc = EXTRACT_16BITS(&cd->assoc); + ND_PRINT((ndo, ", Assoc.=%hu", assoc)); + + offset = EXTRACT_16BITS(&cd->offset); + ND_PRINT((ndo, ", Offset=%hu", offset)); + + count = EXTRACT_16BITS(&cd->count); + ND_PRINT((ndo, ", Count=%hu", count)); + + if ((cd->data - (const u_char *)cd) + count > length) + goto trunc; + if (count != 0) + ND_PRINT((ndo, "\n\tTO-BE-DONE: data not interpreted")); + return; + +trunc: + ND_PRINT((ndo, " [|ntp]")); +} + +union ntpdata { + struct ntp_time_data td; + struct ntp_control_data cd; +}; + +/* + * Print NTP requests, handling the common VN, LI, and Mode + */ +void +ntp_print(netdissect_options *ndo, + register const u_char *cp, u_int length) +{ + register const union ntpdata *bp = (const union ntpdata *)cp; + int mode, version, leapind; + + ND_TCHECK(bp->td.status); + + version = (bp->td.status & VERSIONMASK) >> VERSIONSHIFT; + ND_PRINT((ndo, "NTPv%d", version)); + + mode = (bp->td.status & MODEMASK) >> MODESHIFT; + if (!ndo->ndo_vflag) { + ND_PRINT((ndo, ", %s, length %u", + tok2str(ntp_mode_values, "Unknown mode", mode), + length)); + return; + } + + ND_PRINT((ndo, ", %s, length %u\n", + tok2str(ntp_mode_values, "Unknown mode", mode), length)); + + /* leapind = (bp->td.status & LEAPMASK) >> LEAPSHIFT; */ + leapind = (bp->td.status & LEAPMASK); + ND_PRINT((ndo, "\tLeap indicator: %s (%u)", + tok2str(ntp_leapind_values, "Unknown", leapind), + leapind)); + + if (mode >= MODE_UNSPEC && mode <= MODE_BROADCAST) + ntp_time_print(ndo, &bp->td, length); + else if (mode == MODE_CONTROL) + ntp_control_print(ndo, &bp->cd, length); + else + {;} /* XXX: not implemented! */ return; trunc: