From: David Cronin Date: Sat, 11 Nov 2017 17:11:29 +0000 (+0000) Subject: Merge remote-tracking branch 'upstream/master' X-Git-Tag: tcpdump-4.99-bp~1621^2~4 X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/f6e96fb070adfef6eb0df3298ad4263b31314724?hp=ced1cac7329ae41cd0c3d3e53ea905cc6c6e36af Merge remote-tracking branch 'upstream/master' --- diff --git a/.travis.yml b/.travis.yml index 3fdc57f9..e8487313 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,6 +21,9 @@ env: # Coverity script test mode (if true no uploading, avoid reaching the quota) # usual processing: false. - coverity_scan_script_test_mode=false + matrix: + - REMOTE=disable + - REMOTE=enable matrix: fast_finish: true @@ -66,7 +69,7 @@ install: - if [ "$TRAVIS_OS_NAME" = osx ]; then brew install libsmi | grep -v '%'; fi before_script: - - if [ "$BUILD_LIBPCAP" = true ]; then (cd .. && echo '$ git clone [...] libpcap.git' && git clone --depth=50 --branch=master --quiet git://github.com/the-tcpdump-group/libpcap.git && cd libpcap && ./configure && make); fi + - if [ "$BUILD_LIBPCAP" = true ]; then (cd .. && echo '$ git clone [...] libpcap.git' && git clone --depth=50 --branch=master --quiet git://github.com/the-tcpdump-group/libpcap.git && cd libpcap && ./configure "--${REMOTE}-remote" && make); fi script: - if [ "$COVERITY_SCAN_BRANCH" != 1 ]; then touch .devel configure; fi diff --git a/CONTRIBUTING b/CONTRIBUTING index 186583ed..cc312dff 100644 --- a/CONTRIBUTING +++ b/CONTRIBUTING @@ -68,9 +68,10 @@ How to add new code and to update existing code 6) Add/update sample.pcap files We use tests directory to do regression tests on the dissection of captured - packets, by running tcpdump against a savefile sample.pcap, created with -w - option and comparing the results with a text file sample.out giving the - expected results. + packets. Those captured packets were saved running tcpdump with option "-w + sample.pcap". Additional options like "-n" and "-t" are used to create + relevant and reproducible output. The actual test compares the current text + output with the expected result (sample.out) saved from a previous version. Any new/updated fields in a dissector must be present in a sample.pcap file and the corresponding output file. @@ -79,8 +80,10 @@ How to add new code and to update existing code Each line in this file has the following format: test-name sample.pcap sample.out tcpdump-options - the sample.out file can be build by: - (cd tests && ../tcpdump -n -r sample.pcap tcpdump-options > sample.out) + The sample.out file can be build by: + (cd tests && ../tcpdump -n -t -r sample.pcap tcpdump-options > sample.out) + + Or, for convenience, use "./update-test.sh test-name" It is often useful to have test outputs with different verbosity levels (none, -v, -vv, -vvv, etc.) depending on the code. diff --git a/Makefile.in b/Makefile.in index 0941f0e5..faa2abb9 100644 --- a/Makefile.in +++ b/Makefile.in @@ -70,7 +70,7 @@ DEPENDENCY_CFLAG = @DEPENDENCY_CFLAG@ @rm -f $@ $(CC) $(FULL_CFLAGS) -c $(srcdir)/$*.c -CSRC = setsignal.c tcpdump.c +CSRC = tcpdump.c LIBNETDISSECT_SRC=\ addrtoname.c \ @@ -238,7 +238,6 @@ LIBNETDISSECT_SRC=\ util-print.c LOCALSRC = @LOCALSRC@ -GENSRC = version.c LIBOBJS = @LIBOBJS@ LIBNETDISSECT_OBJ=$(LIBNETDISSECT_SRC:.c=.o) ${LOCALSRC:.c=.o} ${LIBOBJS} @@ -265,6 +264,7 @@ HDR = \ extract.h \ funcattrs.h \ getopt_long.h \ + getservent.h \ gmpls.h \ gmt2local.h \ interface.h \ @@ -290,7 +290,6 @@ HDR = \ rpc_auth.h \ rpc_msg.h \ rpl.h \ - setsignal.h \ signature.h \ slcompress.h \ smb.h \ @@ -344,6 +343,7 @@ EXTRA_DIST = \ missing/dlnames.c \ missing/datalinks.c \ missing/getopt_long.c \ + missing/getservent.c \ missing/snprintf.c \ missing/strdup.c \ missing/strlcat.c \ @@ -383,6 +383,8 @@ datalinks.o: $(srcdir)/missing/datalinks.c $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/datalinks.c dlnames.o: $(srcdir)/missing/dlnames.c $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/dlnames.c +getservent.o: $(srcdir)/missing/getservent.c + $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/getservent.c getopt_long.o: $(srcdir)/missing/getopt_long.c $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/getopt_long.c snprintf.o: $(srcdir)/missing/snprintf.c @@ -396,19 +398,6 @@ strlcpy.o: $(srcdir)/missing/strlcpy.c strsep.o: $(srcdir)/missing/strsep.c $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strsep.c -version.o: version.c - $(CC) $(FULL_CFLAGS) -c version.c - -version.c: $(srcdir)/VERSION - @rm -f $@ - if grep GIT ${srcdir}/VERSION >/dev/null; then \ - read ver <${srcdir}/VERSION; \ - echo $$ver | tr -d '\012'; \ - date +_%Y_%m_%d; \ - else \ - cat ${srcdir}/VERSION; \ - fi | sed -e 's/.*/const char version[] = "&";/' > $@ - install: all [ -d $(DESTDIR)$(sbindir) ] || \ (mkdir -p $(DESTDIR)$(sbindir); chmod 755 $(DESTDIR)$(sbindir)) diff --git a/README.md b/README.md index a1fba9bc..fcf045ff 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ about tcpdump and how to interpret its output, pick up this book. Some tools for viewing and analyzing tcpdump trace files are available from the Internet Traffic Archive: -* http://www.sigcomm.org/ITA/ +* http://ita.ee.lbl.gov/ Another tool that tcpdump users might find useful is tcpslice: @@ -69,7 +69,7 @@ documentation. Current versions can be found at www.tcpdump.org. - - The TCPdump team + - The TCPdump group original text by: Steve McCanne, Craig Leres, Van Jacobson diff --git a/aclocal.m4 b/aclocal.m4 index a0031412..d8679a64 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -667,41 +667,6 @@ reproduce this problem ourselves.]) ]) ]) -dnl -dnl Define RETSIGTYPE and RETSIGVAL -dnl -dnl usage: -dnl -dnl AC_LBL_TYPE_SIGNAL -dnl -dnl results: -dnl -dnl RETSIGTYPE (defined) -dnl RETSIGVAL (defined) -dnl -AC_DEFUN(AC_LBL_TYPE_SIGNAL, - [AC_BEFORE([$0], [AC_LBL_LIBPCAP]) - AC_TYPE_SIGNAL - if test "$ac_cv_type_signal" = void ; then - AC_DEFINE(RETSIGVAL,[],[return value of signal handlers]) - else - AC_DEFINE(RETSIGVAL,(0),[return value of signal handlers]) - fi - case "$host_os" in - - irix*) - AC_DEFINE(_BSD_SIGNALS,1,[get BSD semantics on Irix]) - ;; - - *) - dnl prefer sigaction() to sigset() - AC_CHECK_FUNCS(sigaction) - if test $ac_cv_func_sigaction = no ; then - AC_CHECK_FUNCS(sigset) - fi - ;; - esac]) - dnl dnl If using gcc, make sure we have ANSI ioctl definitions dnl @@ -767,31 +732,6 @@ AC_DEFUN(AC_LBL_UNION_WAIT, AC_DEFINE(DECLWAITSTATUS,int,[type for wait]) fi]) -dnl -dnl Checks to see if the sockaddr struct has the 4.4 BSD sa_len member -dnl -dnl usage: -dnl -dnl AC_LBL_SOCKADDR_SA_LEN -dnl -dnl results: -dnl -dnl HAVE_SOCKADDR_SA_LEN (defined) -dnl -AC_DEFUN(AC_LBL_SOCKADDR_SA_LEN, - [AC_MSG_CHECKING(if sockaddr struct has the sa_len member) - AC_CACHE_VAL(ac_cv_lbl_sockaddr_has_sa_len, - AC_TRY_COMPILE([ -# include -# include ], - [u_int i = sizeof(((struct sockaddr *)0)->sa_len)], - ac_cv_lbl_sockaddr_has_sa_len=yes, - ac_cv_lbl_sockaddr_has_sa_len=no)) - AC_MSG_RESULT($ac_cv_lbl_sockaddr_has_sa_len) - if test $ac_cv_lbl_sockaddr_has_sa_len = yes ; then - AC_DEFINE(HAVE_SOCKADDR_SA_LEN,1,[if struct sockaddr has the sa_len member]) - fi]) - dnl dnl Checks to see if -R is used dnl @@ -858,106 +798,6 @@ AC_DEFUN(AC_LBL_CHECK_64BIT_FORMAT, ]) ]) -dnl -dnl Checks to see if unaligned memory accesses fail -dnl -dnl usage: -dnl -dnl AC_LBL_UNALIGNED_ACCESS -dnl -dnl results: -dnl -dnl LBL_ALIGN (DEFINED) -dnl -AC_DEFUN(AC_LBL_UNALIGNED_ACCESS, - [AC_MSG_CHECKING(if unaligned accesses fail) - AC_CACHE_VAL(ac_cv_lbl_unaligned_fail, - [case "$host_cpu" in - - # - # These are CPU types where: - # - # the CPU faults on an unaligned access, but at least some - # OSes that support that CPU catch the fault and simulate - # the unaligned access (e.g., Alpha/{Digital,Tru64} UNIX) - - # the simulation is slow, so we don't want to use it; - # - # the CPU, I infer (from the old - # - # XXX: should also check that they don't do weird things (like on arm) - # - # comment) doesn't fault on unaligned accesses, but doesn't - # do a normal unaligned fetch, either (e.g., presumably, ARM); - # - # for whatever reason, the test program doesn't work - # (this has been claimed to be the case for several of those - # CPUs - I don't know what the problem is; the problem - # was reported as "the test program dumps core" for SuperH, - # but that's what the test program is *supposed* to do - - # it dumps core before it writes anything, so the test - # for an empty output file should find an empty output - # file and conclude that unaligned accesses don't work). - # - # This run-time test won't work if you're cross-compiling, so - # in order to support cross-compiling for a particular CPU, - # we have to wire in the list of CPU types anyway, as far as - # I know, so perhaps we should just have a set of CPUs on - # which we know it doesn't work, a set of CPUs on which we - # know it does work, and have the script just fail on other - # cpu types and update it when such a failure occurs. - # - alpha*|arm*|bfin*|hp*|mips*|sh*|sparc*|ia64|nv1) - ac_cv_lbl_unaligned_fail=yes - ;; - - *) - cat >conftest.c < -# include -# include - unsigned char a[[5]] = { 1, 2, 3, 4, 5 }; - main() { - unsigned int i; - pid_t pid; - int status; - /* avoid "core dumped" message */ - pid = fork(); - if (pid < 0) - exit(2); - if (pid > 0) { - /* parent */ - pid = waitpid(pid, &status, 0); - if (pid < 0) - exit(3); - exit(!WIFEXITED(status)); - } - /* child */ - i = *(unsigned int *)&a[[1]]; - printf("%d\n", i); - exit(0); - } -EOF - ${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS \ - conftest.c $LIBS >/dev/null 2>&1 - if test ! -x conftest ; then - dnl failed to compile for some reason - ac_cv_lbl_unaligned_fail=yes - else - ./conftest >conftest.out - if test ! -s conftest.out ; then - ac_cv_lbl_unaligned_fail=yes - else - ac_cv_lbl_unaligned_fail=no - fi - fi - rm -f -r conftest* core core.conftest - ;; - esac]) - AC_MSG_RESULT($ac_cv_lbl_unaligned_fail) - if test $ac_cv_lbl_unaligned_fail = yes ; then - AC_DEFINE(LBL_ALIGN,1,[if unaligned access fails]) - fi]) - dnl dnl If the file .devel exists: dnl Add some warning flags if the compiler supports them @@ -996,6 +836,7 @@ AC_DEFUN(AC_LBL_DEVEL, AC_LBL_CHECK_COMPILER_OPT($1, -Wold-style-definition) AC_LBL_CHECK_COMPILER_OPT($1, -Wused-but-marked-unused) AC_LBL_CHECK_COMPILER_OPT($1, -W) + AC_LBL_CHECK_COMPILER_OPT($1, -Wassign-enum) fi AC_LBL_CHECK_DEPENDENCY_GENERATION_OPT() # diff --git a/addrtoname.c b/addrtoname.c index fe6338d5..731439c3 100644 --- a/addrtoname.c +++ b/addrtoname.c @@ -57,6 +57,9 @@ extern int ether_ntohost(char *, const struct ether_addr *); #include #include +#ifndef HAVE_GETSERVENT +#include +#endif #include #include #include @@ -67,7 +70,6 @@ extern int ether_ntohost(char *, const struct ether_addr *); #include "addrtostr.h" #include "ethertype.h" #include "llc.h" -#include "setsignal.h" #include "extract.h" #include "oui.h" diff --git a/config.h.in b/config.h.in index bc123628..284b4629 100644 --- a/config.h.in +++ b/config.h.in @@ -55,6 +55,9 @@ /* define if you have getrpcbynumber() */ #undef HAVE_GETRPCBYNUMBER +/* Define to 1 if you have the `getservent' function. */ +#undef HAVE_GETSERVENT + /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H @@ -124,9 +127,15 @@ /* define if libpcap has pcap_dump_ftell() */ #undef HAVE_PCAP_DUMP_FTELL +/* Define to 1 if you have the `pcap_dump_ftell64' function. */ +#undef HAVE_PCAP_DUMP_FTELL64 + /* Define to 1 if you have the `pcap_findalldevs' function. */ #undef HAVE_PCAP_FINDALLDEVS +/* Define to 1 if you have the `pcap_findalldevs_ex' function. */ +#undef HAVE_PCAP_FINDALLDEVS_EX + /* Define to 1 if you have the `pcap_free_datalinks' function. */ #undef HAVE_PCAP_FREE_DATALINKS @@ -142,6 +151,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_PCAP_NFLOG_H +/* Define to 1 if you have the `pcap_open' function. */ +#undef HAVE_PCAP_OPEN + /* Define to 1 if you have the header file. */ #undef HAVE_PCAP_PCAP_INTTYPES_H @@ -184,18 +196,9 @@ /* Define to 1 if you have the `setlinebuf' function. */ #undef HAVE_SETLINEBUF -/* Define to 1 if you have the `sigaction' function. */ -#undef HAVE_SIGACTION - -/* Define to 1 if you have the `sigset' function. */ -#undef HAVE_SIGSET - /* Define to 1 if you have the `snprintf' function. */ #undef HAVE_SNPRINTF -/* if struct sockaddr has the sa_len member */ -#undef HAVE_SOCKADDR_SA_LEN - /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H @@ -253,9 +256,6 @@ /* define if your compiler has __attribute__ */ #undef HAVE___ATTRIBUTE__ -/* if unaligned access fails */ -#undef LBL_ALIGN - /* Define to 1 if netinet/ether.h declares `ether_ntohost' */ #undef NETINET_ETHER_H_DECLARES_ETHER_NTOHOST @@ -280,18 +280,9 @@ /* Define to the version of this package. */ #undef PACKAGE_VERSION -/* Define as the return type of signal handlers (`int' or `void'). */ -#undef RETSIGTYPE - -/* return value of signal handlers */ -#undef RETSIGVAL - /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS -/* Define to 1 if you can safely include both and . */ -#undef TIME_WITH_SYS_TIME - /* define if you have ether_ntohost() and it works */ #undef USE_ETHER_NTOHOST @@ -304,9 +295,6 @@ /* define if should drop privileges by default */ #undef WITH_USER -/* get BSD semantics on Irix */ -#undef _BSD_SIGNALS - /* define on AIX to get certain functions */ #undef _SUN diff --git a/configure b/configure index 9a261d52..acf2d14c 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69. +# Generated by GNU Autoconf 2.69 for tcpdump 4.10.0-PRE-GIT. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -575,12 +575,12 @@ MFLAGS= MAKEFLAGS= # Identity of this package. -PACKAGE_NAME= -PACKAGE_TARNAME= -PACKAGE_VERSION= -PACKAGE_STRING= -PACKAGE_BUGREPORT= -PACKAGE_URL= +PACKAGE_NAME='tcpdump' +PACKAGE_TARNAME='tcpdump' +PACKAGE_VERSION='4.10.0-PRE-GIT' +PACKAGE_STRING='tcpdump 4.10.0-PRE-GIT' +PACKAGE_BUGREPORT='' +PACKAGE_URL='' ac_unique_file="tcpdump.c" # Factoring default headers for most tests. @@ -757,7 +757,7 @@ sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' includedir='${prefix}/include' oldincludedir='/usr/include' -docdir='${datarootdir}/doc/${PACKAGE}' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' @@ -1257,7 +1257,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures this package to adapt to many kinds of systems. +\`configure' configures tcpdump 4.10.0-PRE-GIT to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1305,7 +1305,7 @@ Fine tuning of the installation directories: --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] - --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE] + --docdir=DIR documentation root [DATAROOTDIR/doc/tcpdump] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] @@ -1321,7 +1321,9 @@ _ACEOF fi if test -n "$ac_init_help"; then - + case $ac_init_help in + short | recursive ) echo "Configuration of tcpdump 4.10.0-PRE-GIT:";; + esac cat <<\_ACEOF Optional Features: @@ -1423,7 +1425,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -configure +tcpdump configure 4.10.0-PRE-GIT generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1888,7 +1890,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by $as_me, which was +It was created by tcpdump $as_me 4.10.0-PRE-GIT, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2237,6 +2239,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu + ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do if test -f "$ac_dir/install-sh"; then @@ -4083,42 +4086,6 @@ done fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5 -$as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; } -if ${ac_cv_header_time+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#include - -int -main () -{ -if ((struct tm *) 0) -return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_time=yes -else - ac_cv_header_time=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5 -$as_echo "$ac_cv_header_time" >&6; } -if test $ac_cv_header_time = yes; then - -$as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h - -fi - - case "$host_os" in darwin*) @@ -4771,8 +4738,12 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* AF_INET6 available check */ #include +#ifdef _WIN32 +#include +#else #include #include +#endif #ifdef AF_INET6 void foo(struct in6_addr *addr) @@ -5039,6 +5010,19 @@ esac fi +ac_fn_c_check_func "$LINENO" "getservent" "ac_cv_func_getservent" +if test "x$ac_cv_func_getservent" = xyes; then : + $as_echo "#define HAVE_GETSERVENT 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" getservent.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS getservent.$ac_objext" + ;; +esac + +fi + ac_fn_c_check_func "$LINENO" "getopt_long" "ac_cv_func_getopt_long" if test "x$ac_cv_func_getopt_long" = xyes; then : $as_echo "#define HAVE_GETOPT_LONG 1" >>confdefs.h @@ -5102,85 +5086,6 @@ esac fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 -$as_echo_n "checking return type of signal handlers... " >&6; } -if ${ac_cv_type_signal+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include - -int -main () -{ -return *(signal (0, 0)) (0) == 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_type_signal=int -else - ac_cv_type_signal=void -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5 -$as_echo "$ac_cv_type_signal" >&6; } - -cat >>confdefs.h <<_ACEOF -#define RETSIGTYPE $ac_cv_type_signal -_ACEOF - - - if test "$ac_cv_type_signal" = void ; then - -$as_echo "#define RETSIGVAL /**/" >>confdefs.h - - else - -$as_echo "#define RETSIGVAL (0)" >>confdefs.h - - fi - case "$host_os" in - - irix*) - -$as_echo "#define _BSD_SIGNALS 1" >>confdefs.h - - ;; - - *) - for ac_func in sigaction -do : - ac_fn_c_check_func "$LINENO" "sigaction" "ac_cv_func_sigaction" -if test "x$ac_cv_func_sigaction" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SIGACTION 1 -_ACEOF - -fi -done - - if test $ac_cv_func_sigaction = no ; then - for ac_func in sigset -do : - ac_fn_c_check_func "$LINENO" "sigset" "ac_cv_func_sigset" -if test "x$ac_cv_func_sigset" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SIGSET 1 -_ACEOF - -fi -done - - fi - ;; - esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dnet_htoa" >&5 $as_echo_n "checking for library containing dnet_htoa... " >&6; } if ${ac_cv_search_dnet_htoa+:} false; then : @@ -6081,13 +5986,12 @@ fi # Check for a miscellaneous collection of functions which we use # if we have them. # -for ac_func in pcap_findalldevs pcap_dump_flush pcap_lib_version pcap_setdirection pcap_set_immediate_mode +for ac_func in pcap_findalldevs do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + ac_fn_c_check_func "$LINENO" "pcap_findalldevs" "ac_cv_func_pcap_findalldevs" +if test "x$ac_cv_func_pcap_findalldevs" = xyes; then : cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_PCAP_FINDALLDEVS 1 _ACEOF fi @@ -6109,6 +6013,17 @@ fi CPPFLAGS="$savedcppflags" fi +for ac_func in pcap_dump_flush pcap_lib_version +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done if test $ac_cv_func_pcap_lib_version = "no" ; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pcap_version is defined by libpcap" >&5 @@ -6146,6 +6061,30 @@ $as_echo "#define HAVE_PCAP_VERSION 1" >>confdefs.h $as_echo "no" >&6; } fi fi +for ac_func in pcap_setdirection pcap_set_immediate_mode pcap_dump_ftell64 +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + +for ac_func in pcap_open pcap_findalldevs_ex +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + # # Check for special debugging functions @@ -7232,6 +7171,49 @@ else $as_echo "no" >&6; } CFLAGS="$save_CFLAGS" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the -Wassign-enum option" >&5 +$as_echo_n "checking whether the compiler supports the -Wassign-enum option... " >&6; } + save_CFLAGS="$CFLAGS" + if expr "x-Wassign-enum" : "x-W.*" >/dev/null + then + CFLAGS="$CFLAGS $ac_lbl_unknown_warning_option_error -Wassign-enum" + elif expr "x-Wassign-enum" : "x-f.*" >/dev/null + then + CFLAGS="$CFLAGS -Werror -Wassign-enum" + elif expr "x-Wassign-enum" : "x-m.*" >/dev/null + then + CFLAGS="$CFLAGS -Werror -Wassign-enum" + else + CFLAGS="$CFLAGS -Wassign-enum" + fi + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +return 0 + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + CFLAGS="$save_CFLAGS" + V_CCOPT="$V_CCOPT -Wassign-enum" + +else + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + CFLAGS="$save_CFLAGS" + fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext @@ -7356,135 +7338,6 @@ $as_echo "$as_me: WARNING: can't find $name" >&2;} fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if sockaddr struct has the sa_len member" >&5 -$as_echo_n "checking if sockaddr struct has the sa_len member... " >&6; } - if ${ac_cv_lbl_sockaddr_has_sa_len+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -# include -# include -int -main () -{ -u_int i = sizeof(((struct sockaddr *)0)->sa_len) - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_lbl_sockaddr_has_sa_len=yes -else - ac_cv_lbl_sockaddr_has_sa_len=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lbl_sockaddr_has_sa_len" >&5 -$as_echo "$ac_cv_lbl_sockaddr_has_sa_len" >&6; } - if test $ac_cv_lbl_sockaddr_has_sa_len = yes ; then - -$as_echo "#define HAVE_SOCKADDR_SA_LEN 1" >>confdefs.h - - fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if unaligned accesses fail" >&5 -$as_echo_n "checking if unaligned accesses fail... " >&6; } - if ${ac_cv_lbl_unaligned_fail+:} false; then : - $as_echo_n "(cached) " >&6 -else - case "$host_cpu" in - - # - # These are CPU types where: - # - # the CPU faults on an unaligned access, but at least some - # OSes that support that CPU catch the fault and simulate - # the unaligned access (e.g., Alpha/{Digital,Tru64} UNIX) - - # the simulation is slow, so we don't want to use it; - # - # the CPU, I infer (from the old - # - # XXX: should also check that they don't do weird things (like on arm) - # - # comment) doesn't fault on unaligned accesses, but doesn't - # do a normal unaligned fetch, either (e.g., presumably, ARM); - # - # for whatever reason, the test program doesn't work - # (this has been claimed to be the case for several of those - # CPUs - I don't know what the problem is; the problem - # was reported as "the test program dumps core" for SuperH, - # but that's what the test program is *supposed* to do - - # it dumps core before it writes anything, so the test - # for an empty output file should find an empty output - # file and conclude that unaligned accesses don't work). - # - # This run-time test won't work if you're cross-compiling, so - # in order to support cross-compiling for a particular CPU, - # we have to wire in the list of CPU types anyway, as far as - # I know, so perhaps we should just have a set of CPUs on - # which we know it doesn't work, a set of CPUs on which we - # know it does work, and have the script just fail on other - # cpu types and update it when such a failure occurs. - # - alpha*|arm*|bfin*|hp*|mips*|sh*|sparc*|ia64|nv1) - ac_cv_lbl_unaligned_fail=yes - ;; - - *) - cat >conftest.c < -# include -# include - unsigned char a[5] = { 1, 2, 3, 4, 5 }; - main() { - unsigned int i; - pid_t pid; - int status; - /* avoid "core dumped" message */ - pid = fork(); - if (pid < 0) - exit(2); - if (pid > 0) { - /* parent */ - pid = waitpid(pid, &status, 0); - if (pid < 0) - exit(3); - exit(!WIFEXITED(status)); - } - /* child */ - i = *(unsigned int *)&a[1]; - printf("%d\n", i); - exit(0); - } -EOF - ${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS \ - conftest.c $LIBS >/dev/null 2>&1 - if test ! -x conftest ; then - ac_cv_lbl_unaligned_fail=yes - else - ./conftest >conftest.out - if test ! -s conftest.out ; then - ac_cv_lbl_unaligned_fail=yes - else - ac_cv_lbl_unaligned_fail=no - fi - fi - rm -f -r conftest* core core.conftest - ;; - esac -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lbl_unaligned_fail" >&5 -$as_echo "$ac_cv_lbl_unaligned_fail" >&6; } - if test $ac_cv_lbl_unaligned_fail = yes ; then - -$as_echo "#define LBL_ALIGN 1" >>confdefs.h - - fi - # Check for OpenSSL/libressl libcrypto { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to use OpenSSL/libressl libcrypto" >&5 $as_echo_n "checking whether to use OpenSSL/libressl libcrypto... " >&6; } @@ -8358,7 +8211,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by $as_me, which was +This file was extended by tcpdump $as_me 4.10.0-PRE-GIT, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -8424,7 +8277,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -config.status +tcpdump config.status 4.10.0-PRE-GIT configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 6686983e..f484c353 100644 --- a/configure.in +++ b/configure.in @@ -13,8 +13,9 @@ dnl # config.sub. # -AC_PREREQ(2.61) -AC_INIT(tcpdump.c) +AC_PREREQ(2.64) +AC_INIT(tcpdump, m4_esyscmd_s([cat VERSION])) +AC_CONFIG_SRCDIR(tcpdump.c) AC_CANONICAL_HOST @@ -61,8 +62,6 @@ struct rtentry; #include ]) fi -AC_HEADER_TIME - case "$host_os" in darwin*) @@ -259,8 +258,12 @@ AC_COMPILE_IFELSE( [[ /* AF_INET6 available check */ #include +#ifdef _WIN32 +#include +#else #include #include +#endif #ifdef AF_INET6 void foo(struct in6_addr *addr) @@ -401,7 +404,7 @@ if test "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" = yes; then [define if you have a dnet_htoa declaration in ]) fi -AC_REPLACE_FUNCS(vfprintf strlcat strlcpy strdup strsep getopt_long) +AC_REPLACE_FUNCS(vfprintf strlcat strlcpy strdup strsep getservent getopt_long) AC_CHECK_FUNCS(fork vfork strftime) AC_CHECK_FUNCS(setlinebuf alarm) @@ -412,8 +415,6 @@ if test $needsnprintf = yes; then AC_LIBOBJ(snprintf) fi -AC_LBL_TYPE_SIGNAL - AC_SEARCH_LIBS(dnet_htoa, dnet, AC_DEFINE(HAVE_DNET_HTOA, 1, [define if you have the dnet_htoa function])) @@ -618,7 +619,7 @@ fi # Check for a miscellaneous collection of functions which we use # if we have them. # -AC_CHECK_FUNCS(pcap_findalldevs pcap_dump_flush pcap_lib_version pcap_setdirection pcap_set_immediate_mode) +AC_CHECK_FUNCS(pcap_findalldevs) if test $ac_cv_func_pcap_findalldevs = "yes" ; then dnl Check for Mac OS X, which may ship pcap.h from 0.6 but libpcap may dnl be 0.8; this means that lib has pcap_findalldevs but header doesn't @@ -628,7 +629,7 @@ dnl have pcap_if_t. AC_CHECK_TYPES(pcap_if_t, , , [#include ]) CPPFLAGS="$savedcppflags" fi - +AC_CHECK_FUNCS(pcap_dump_flush pcap_lib_version) if test $ac_cv_func_pcap_lib_version = "no" ; then AC_MSG_CHECKING(whether pcap_version is defined by libpcap) AC_TRY_LINK([], @@ -646,6 +647,8 @@ if test $ac_cv_func_pcap_lib_version = "no" ; then AC_MSG_RESULT(no) fi fi +AC_CHECK_FUNCS(pcap_setdirection pcap_set_immediate_mode pcap_dump_ftell64) +AC_CHECK_FUNCS(pcap_open pcap_findalldevs_ex) # # Check for special debugging functions @@ -816,10 +819,6 @@ AC_CHECK_TOOL([AR], [ar]) AC_LBL_DEVEL(V_CCOPT) -AC_LBL_SOCKADDR_SA_LEN - -AC_LBL_UNALIGNED_ACCESS - # Check for OpenSSL/libressl libcrypto AC_MSG_CHECKING(whether to use OpenSSL/libressl libcrypto) # Specify location for both includes and libraries. diff --git a/extract.h b/extract.h index 5969c225..3f880fef 100644 --- a/extract.h +++ b/extract.h @@ -62,19 +62,54 @@ #define UNALIGNED_OK #endif -#ifdef LBL_ALIGN +#if (defined(__i386__) || defined(_M_IX86) || defined(__X86__) || defined(__x86_64__) || defined(_M_X64)) || \ + (defined(__arm__) || defined(_M_ARM) || defined(__aarch64__)) || \ + (defined(__m68k__) && (!defined(__mc68000__) && !defined(__mc68010__))) || \ + (defined(__ppc__) || defined(__ppc64__) || defined(_M_PPC) || defined(_ARCH_PPC) || defined(_ARCH_PPC64)) || \ + (defined(__s390__) || defined(__s390x__) || defined(__zarch__)) /* - * The processor doesn't natively handle unaligned loads. + * The processor natively handles unaligned loads, so we can just + * cast the pointer and fetch through it. + * + * XXX - are those all the x86 tests we need? + * XXX - do we need to worry about ARMv1 through ARMv5, which didn't + * support unaligned loads, and, if so, do we need to worry about all + * of them, or just some of them, e.g. ARMv5? + * XXX - are those the only 68k tests we need not to generated + * unaligned accesses if the target is the 68000 or 68010? + * XXX - are there any tests we don't need, because some definitions are for + * compilers that also predefine the GCC symbols? + * XXX - do we need to test for both 32-bit and 64-bit versions of those + * architectures in all cases? */ -#if defined(__GNUC__) && defined(HAVE___ATTRIBUTE__) && \ +static inline uint16_t UNALIGNED_OK +EXTRACT_16BITS(const void *p) +{ + return ((uint16_t)ntohs(*(const uint16_t *)(p))); +} + +static inline uint32_t UNALIGNED_OK +EXTRACT_32BITS(const void *p) +{ + return ((uint32_t)ntohl(*(const uint32_t *)(p))); +} + +static inline uint64_t UNALIGNED_OK +EXTRACT_64BITS(const void *p) +{ + return ((uint64_t)(((uint64_t)ntohl(*((const uint32_t *)(p) + 0))) << 32 | + ((uint64_t)ntohl(*((const uint32_t *)(p) + 1))) << 0)); + +} +#elif defined(__GNUC__) && defined(HAVE___ATTRIBUTE__) && \ (defined(__alpha) || defined(__alpha__) || \ defined(__mips) || defined(__mips__)) - /* -* This is a GCC-compatible compiler and we have __attribute__, which - * we assume that mean we have __attribute__((packed)), and this is - * MIPS or Alpha, which has instructions that can help when doing - * unaligned loads. + * This is MIPS or Alpha, which don't natively handle unaligned loads, + * but which have instructions that can help when doing unaligned + * loads, and this is a GCC-compatible compiler and we have __attribute__, + * which we assume that mean we have __attribute__((packed)), which + * we can use to convince the compiler to generate those instructions. * * Declare packed structures containing a uint16_t and a uint32_t, * cast the pointer to point to one of those, and fetch through it; @@ -146,10 +181,10 @@ EXTRACT_64BITS(const void *p) return ((uint64_t)(((uint64_t)ntohl(((const unaligned_uint32_t *)(p) + 0)->val)) << 32 | ((uint64_t)ntohl(((const unaligned_uint32_t *)(p) + 1)->val)) << 0)); } - -#else /* have to do it a byte at a time */ +#else /* - * This isn't a GCC-compatible compiler, we don't have __attribute__, + * This architecture doesn't natively support unaligned loads, and either + * this isn't a GCC-compatible compiler, we don't have __attribute__, * or we do but we don't know of any better way with this instruction * set to do unaligned loads, so do unaligned loads of big-endian * quantities the hard way - fetch the bytes one at a time and @@ -172,33 +207,7 @@ EXTRACT_64BITS(const void *p) ((uint64_t)(*((const uint8_t *)(p) + 5)) << 16) | \ ((uint64_t)(*((const uint8_t *)(p) + 6)) << 8) | \ ((uint64_t)(*((const uint8_t *)(p) + 7)) << 0))) -#endif /* must special-case unaligned accesses */ -#else /* LBL_ALIGN */ -/* - * The processor natively handles unaligned loads, so we can just - * cast the pointer and fetch through it. - */ -static inline uint16_t UNALIGNED_OK -EXTRACT_16BITS(const void *p) -{ - return ((uint16_t)ntohs(*(const uint16_t *)(p))); -} - -static inline uint32_t UNALIGNED_OK -EXTRACT_32BITS(const void *p) -{ - return ((uint32_t)ntohl(*(const uint32_t *)(p))); -} - -static inline uint64_t UNALIGNED_OK -EXTRACT_64BITS(const void *p) -{ - return ((uint64_t)(((uint64_t)ntohl(*((const uint32_t *)(p) + 0))) << 32 | - ((uint64_t)ntohl(*((const uint32_t *)(p) + 1))) << 0)); - -} - -#endif /* LBL_ALIGN */ +#endif /* unaligned access checks */ #define EXTRACT_24BITS(p) \ ((uint32_t)(((uint32_t)(*((const uint8_t *)(p) + 0)) << 16) | \ diff --git a/getservent.h b/getservent.h new file mode 100644 index 00000000..83ef8649 --- /dev/null +++ b/getservent.h @@ -0,0 +1,67 @@ +/* +* Copyright (c) 1983, 1993 The Regents of the University of California. +* Copyright (c) 1993 Digital Equipment Corporation. +* Copyright (c) 2012 G. Vanem . +* Copyright (c) 2017 Ali Abdulkadir . +* All rights reserved. +* +* Redistribution and use in source and binary forms, with or without +* modification, are permitted provided that the following conditions +* are met: +* 1. Redistributions of source code must retain the above copyright +* notice, this list of conditions and the following disclaimer. +* 2. Redistributions in binary form must reproduce the above copyright +* notice, this list of conditions and the following disclaimer in the +* documentation and/or other materials provided with the distribution. +* 3. All advertising materials mentioning features or use of this software +* must display the following acknowledgement: +* This product includes software developed by the University of +* California, Berkeley and its contributors. +* 4. Neither the name of the University nor the names of its contributors +* may be used to endorse or promote products derived from this software +* without specific prior written permission. +* +* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +* SUCH DAMAGE. +*/ + +#ifndef _GETSERVENT_H +#define _GETSERVENT_H + +#ifdef _NETDB_H_ +/* Just in case... */ +#error netdb.h and getservent.h are incompatible +#else +#define _NETDB_H_ +#endif + +#ifdef _WIN32 +#define __PATH_SYSROOT "SYSTEMROOT" +#define __PATH_ETC_INET "\\System32\\drivers\\etc\\" +#define __PATH_SERVICES "services" +#else +/* +* The idea here is to be able to replace "PREFIX" in __PATH_SYSROOT with a variable +* that could, for example, point to an alternative install location. +*/ +#define __PATH_SYSROOT "PREFIX" +#define __PATH_ETC_INET "/etc/" +#define __PATH_SERVICES __PATH_ETC_INET"services" +#endif + +#define MAXALIASES 35 + +void endservent (void); +struct servent *getservent(void); +void setservent (int f); + +#endif /* !_GETSERVENT_H */ diff --git a/missing/getservent.c b/missing/getservent.c new file mode 100644 index 00000000..c2dc620d --- /dev/null +++ b/missing/getservent.c @@ -0,0 +1,143 @@ +/* + * Copyright (c) 1983, 1993 The Regents of the University of California. + * Copyright (c) 1993 Digital Equipment Corporation. + * Copyright (c) 2012 G. Vanem . + * Copyright (c) 2017 Ali Abdulkadir . + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include +#include + +static FILE *servf = NULL; +static char line[BUFSIZ+1]; +static struct servent serv; +static char *serv_aliases[MAXALIASES]; +int _serv_stayopen; +const char *etc_path(const char *file); + +/* +* Return either "%SYSTEMROOT%\System32\drivers\etc\", +* $PREFIX/etc/ or simply "" if those failed. +* "" is aka __PATH_SERVICES (aka "services" on Windows and +* "/etc/services" on other platforms that would need this) +*/ +const char *etc_path(const char *file) +{ + const char *env = getenv(__PATH_SYSROOT); + static char path[_MAX_PATH]; + + if (!env) +/* +* #ifdef _DEBUG +* printf("Warning: Environment Variable \"%s\" invalid\nResorting to [CurrentDirectory]/%s\n", +* __PATH_SYSROOT, file); +* #endif +*/ + return (file); + + snprintf(path, sizeof(path), "%s%s%s", env, __PATH_ETC_INET, file); + return (path); +} + +void +setservent(int f) +{ + if (servf == NULL) + servf = fopen(etc_path(__PATH_SERVICES), "r"); + else + rewind(servf); + _serv_stayopen |= f; +} + +void +endservent(void) +{ + if (servf) { + fclose(servf); + servf = NULL; + } + _serv_stayopen = 0; +} + +struct servent * +getservent(void) +{ + char *p; + register char *cp, **q; + + if (servf == NULL && (servf = fopen(etc_path(__PATH_SERVICES), "r")) == NULL) + return (NULL); + +again: + if ((p = fgets(line, BUFSIZ, servf)) == NULL) + return (NULL); + if (*p == '#') + goto again; + cp = strpbrk(p, "#\n"); + if (cp == NULL) + goto again; + *cp = '\0'; + serv.s_name = p; + p = strpbrk(p, " \t"); + if (p == NULL) + goto again; + *p++ = '\0'; + while (*p == ' ' || *p == '\t') + p++; + cp = strpbrk(p, ",/"); + if (cp == NULL) + goto again; + *cp++ = '\0'; + serv.s_port = htons((u_short)atoi(p)); + serv.s_proto = cp; + q = serv.s_aliases = serv_aliases; + cp = strpbrk(cp, " \t"); + if (cp != NULL) + *cp++ = '\0'; + while (cp && *cp) { + if (*cp == ' ' || *cp == '\t') { + cp++; + continue; + } + if (q < &serv_aliases[MAXALIASES - 1]) + *q++ = cp; + cp = strpbrk(cp, " \t"); + if (cp != NULL) + *cp++ = '\0'; + } + *q = NULL; + return (&serv); +} diff --git a/netdissect-stdinc.h b/netdissect-stdinc.h index 9b88ce9e..b214be5f 100644 --- a/netdissect-stdinc.h +++ b/netdissect-stdinc.h @@ -85,6 +85,11 @@ typedef unsigned long long uint64_t; typedef long long int64_t; #endif + + /* + * We have _strtoi64(). Use that for strtoint64_t(). + */ + #define strtoint64_t _strtoi64 #endif /* @@ -163,6 +168,42 @@ #include #include +#ifdef _MSC_VER + /* + * Compiler is MSVC. + */ + #if _MSC_VER >= 1800 + /* + * VS 2013 or newer; we have strtoll(). Use that for strtoint64_t(). + */ + #define strtoint64_t strtoll + #else + /* + * Earlier VS; we don't have strtoll(), but we do have + * _strtoi64(). Use that for strtoint64_t(). + */ + #define strtoint64_t _strtoi64 + #endif + + /* + * Microsoft's documentation doesn't speak of LL as a valid + * suffix for 64-bit integers, so we'll just use i64. + */ + #define INT64_T_CONSTANT(constant) (constant##i64) +#else + /* + * Non-Microsoft compiler. + * + * XXX - should we use strtoll or should we use _strtoi64()? + */ + #define strtoint64_t strtoll + + /* + * Assume LL works. + */ + #define INT64_T_CONSTANT(constant) (constant##LL) +#endif + #ifdef _MSC_VER #define stat _stat #define open _open @@ -179,7 +220,7 @@ #define inline __inline #endif -#ifdef AF_INET6 +#if defined(AF_INET6) && !defined(HAVE_OS_IPV6_SUPPORT) #define HAVE_OS_IPV6_SUPPORT #endif @@ -200,7 +241,6 @@ typedef char* caddr_t; #define MAXHOSTNAMELEN 64 #define snprintf _snprintf #define vsnprintf _vsnprintf -#define RETSIGTYPE void #else /* _WIN32 */ @@ -217,12 +257,20 @@ typedef char* caddr_t; #include #include -#ifdef TIME_WITH_SYS_TIME #include -#endif #include +/* + * Assume all UN*Xes have strtoll(), and use it for strtoint64_t(). + */ +#define strtoint64_t strtoll + +/* + * Assume LL works. + */ +#define INT64_T_CONSTANT(constant) (constant##LL) + #endif /* _WIN32 */ #ifndef HAVE___ATTRIBUTE__ @@ -373,7 +421,20 @@ struct in6_addr { #define DIAG_JOINSTR(x,y) XSTRINGIFY(x ## y) #define DIAG_DO_PRAGMA(x) _Pragma (#x) -#if defined(__GNUC__) && ((__GNUC__ * 100) + __GNUC_MINOR__) >= 402 +/* + * The current clang compilers also define __GNUC__ and __GNUC_MINOR__ + * thus we need to test the clang case before the GCC one + */ +#if defined(__clang__) +# if (__clang_major__ * 100) + __clang_minor__ >= 208 +# define DIAG_PRAGMA(x) DIAG_DO_PRAGMA(clang diagnostic x) +# define DIAG_OFF(x) DIAG_PRAGMA(push) DIAG_PRAGMA(ignored DIAG_JOINSTR(-W,x)) +# define DIAG_ON(x) DIAG_PRAGMA(pop) +# else +# define DIAG_OFF(x) +# define DIAG_ON(x) +# endif +#elif defined(__GNUC__) && ((__GNUC__ * 100) + __GNUC_MINOR__) >= 402 # define DIAG_PRAGMA(x) DIAG_DO_PRAGMA(GCC diagnostic x) # if ((__GNUC__ * 100) + __GNUC_MINOR__) >= 406 # define DIAG_OFF(x) DIAG_PRAGMA(push) DIAG_PRAGMA(ignored DIAG_JOINSTR(-W,x)) @@ -382,15 +443,20 @@ struct in6_addr { # define DIAG_OFF(x) DIAG_PRAGMA(ignored DIAG_JOINSTR(-W,x)) # define DIAG_ON(x) DIAG_PRAGMA(warning DIAG_JOINSTR(-W,x)) # endif -#elif defined(__clang__) && ((__clang_major__ * 100) + __clang_minor__ >= 208) -# define DIAG_PRAGMA(x) DIAG_DO_PRAGMA(clang diagnostic x) -# define DIAG_OFF(x) DIAG_PRAGMA(push) DIAG_PRAGMA(ignored DIAG_JOINSTR(-W,x)) -# define DIAG_ON(x) DIAG_PRAGMA(pop) #else # define DIAG_OFF(x) # define DIAG_ON(x) #endif +/* Use for clang specific warnings */ +#ifdef __clang__ +# define DIAG_OFF_CLANG(x) DIAG_OFF(x) +# define DIAG_ON_CLANG(x) DIAG_ON(x) +#else +# define DIAG_OFF_CLANG(x) +# define DIAG_ON_CLANG(x) +#endif + /* * For dealing with APIs which are only deprecated in OSX (like the OpenSSL API) */ diff --git a/netdissect.h b/netdissect.h index 9060d150..90bc8050 100644 --- a/netdissect.h +++ b/netdissect.h @@ -143,7 +143,7 @@ struct netdissect_options { int ndo_bflag; /* print 4 byte ASes in ASDOT notation */ int ndo_eflag; /* print ethernet header */ int ndo_fflag; /* don't translate "foreign" IP address */ - int ndo_Kflag; /* don't check TCP checksums */ + int ndo_Kflag; /* don't check IP, TCP or UDP checksums */ int ndo_nflag; /* leave addresses as numbers */ int ndo_Nflag; /* remove domains from printed host names */ int ndo_qflag; /* quick (shorter) output */ @@ -340,7 +340,30 @@ extern void txtproto_print(netdissect_options *, const u_char *, u_int, extern void safeputchar(netdissect_options *, const u_char); extern void safeputs(netdissect_options *, const u_char *, const u_int); -#ifdef LBL_ALIGN +#if (defined(__i386__) || defined(_M_IX86) || defined(__X86__) || defined(__x86_64__) || defined(_M_X64)) || \ + (defined(__arm__) || defined(_M_ARM) || defined(__aarch64__)) || \ + (defined(__m68k__) && (!defined(__mc68000__) && !defined(__mc68010__))) || \ + (defined(__ppc__) || defined(__ppc64__) || defined(_M_PPC) || defined(_ARCH_PPC) || defined(_ARCH_PPC64)) || \ + (defined(__s390__) || defined(__s390x__) || defined(__zarch__)) || \ + defined(__vax__) +/* + * The procesor natively handles unaligned loads, so just use memcpy() + * and memcmp(), to enable those optimizations. + * + * XXX - are those all the x86 tests we need? + * XXX - do we need to worry about ARMv1 through ARMv5, which didn't + * support unaligned loads, and, if so, do we need to worry about all + * of them, or just some of them, e.g. ARMv5? + * XXX - are those the only 68k tests we need not to generated + * unaligned accesses if the target is the 68000 or 68010? + * XXX - are there any tests we don't need, because some definitions are for + * compilers that also predefine the GCC symbols? + * XXX - do we need to test for both 32-bit and 64-bit versions of those + * architectures in all cases? + */ +#define UNALIGNED_MEMCPY(p, q, l) memcpy((p), (q), (l)) +#define UNALIGNED_MEMCMP(p, q, l) memcmp((p), (q), (l)) +#else /* * The processor doesn't natively handle unaligned loads, * and the compiler might "helpfully" optimize memcpy() @@ -356,13 +379,6 @@ extern void unaligned_memcpy(void *, const void *, size_t); extern int unaligned_memcmp(const void *, const void *, size_t); #define UNALIGNED_MEMCPY(p, q, l) unaligned_memcpy((p), (q), (l)) #define UNALIGNED_MEMCMP(p, q, l) unaligned_memcmp((p), (q), (l)) -#else -/* - * The procesor natively handles unaligned loads, so just use memcpy() - * and memcmp(), to enable those optimizations. - */ -#define UNALIGNED_MEMCPY(p, q, l) memcpy((p), (q), (l)) -#define UNALIGNED_MEMCMP(p, q, l) memcmp((p), (q), (l)) #endif #define PLURAL_SUFFIX(n) \ diff --git a/print-chdlc.c b/print-chdlc.c index 24acfbd2..16df8499 100644 --- a/print-chdlc.c +++ b/print-chdlc.c @@ -32,6 +32,7 @@ #include "ethertype.h" #include "extract.h" #include "chdlc.h" +#include "nlpid.h" static void chdlc_slarp_print(netdissect_options *, const u_char *, u_int); @@ -94,9 +95,9 @@ chdlc_print(netdissect_options *ndo, register const u_char *p, u_int length) if (length < 2) goto trunc; ND_TCHECK_16BITS(p); - if (*(p+1) == 0x81 || - *(p+1) == 0x82 || - *(p+1) == 0x83) + if (*(p+1) == NLPID_CLNP || + *(p+1) == NLPID_ESIS || + *(p+1) == NLPID_ISIS) isoclns_print(ndo, p + 1, length - 1); else isoclns_print(ndo, p, length); diff --git a/print-hncp.c b/print-hncp.c index 280fecb5..af219c67 100644 --- a/print-hncp.c +++ b/print-hncp.c @@ -396,7 +396,7 @@ print_type_in_line(netdissect_options *ndo, } } -void +static void hncp_print_rec(netdissect_options *ndo, const u_char *cp, u_int length, int indent) { diff --git a/print-ntp.c b/print-ntp.c index 63a35091..55d26907 100644 --- a/print-ntp.c +++ b/print-ntp.c @@ -48,7 +48,7 @@ static const char tstr[] = " [|ntp]"; /* * Definitions for the masses */ -#define JAN_1970 2208988800U /* 1970 - 1900 in seconds */ +#define JAN_1970 INT64_T_CONSTANT(2208988800) /* 1970 - 1900 in seconds */ /* * Structure definitions for NTP fixed point values @@ -256,33 +256,9 @@ static void ntp_time_print(netdissect_options *ndo, register const struct ntp_time_data *bp, u_int length) { - int mode, version, leapind; - if (length < NTP_TIMEMSG_MINLEN) goto invalid; - ND_TCHECK(bp->status); - - version = (int)(bp->status & VERSIONMASK) >> VERSIONSHIFT; - ND_PRINT((ndo, "NTPv%d", version)); - - mode = bp->status & MODEMASK; - if (!ndo->ndo_vflag) { - ND_PRINT((ndo, ", %s, length %u", - tok2str(ntp_mode_values, "Unknown mode", mode), - length)); - return; - } - - ND_PRINT((ndo, ", length %u\n\t%s", - length, - tok2str(ntp_mode_values, "Unknown mode", mode))); - - leapind = bp->status & LEAPMASK; - ND_PRINT((ndo, ", Leap indicator: %s (%u)", - tok2str(ntp_leapind_values, "Unknown", leapind), - leapind)); - ND_TCHECK(bp->stratum); ND_PRINT((ndo, ", Stratum %u (%s)", bp->stratum, @@ -522,7 +498,7 @@ static void p_ntp_time(netdissect_options *ndo, register const struct l_fixedpt *lfp) { - register int32_t i; + register uint32_t i; register uint32_t uf; register uint32_t f; register double ff; @@ -541,14 +517,33 @@ p_ntp_time(netdissect_options *ndo, * print the UTC time in human-readable format. */ if (i) { - time_t seconds = i - JAN_1970; + int64_t seconds_64bit = (int64_t)i - JAN_1970; + time_t seconds; struct tm *tm; char time_buf[128]; - tm = gmtime(&seconds); - /* use ISO 8601 (RFC3339) format */ - strftime(time_buf, sizeof (time_buf), "%Y-%m-%dT%H:%M:%S", tm); - ND_PRINT((ndo, " (%s)", time_buf)); + seconds = (time_t)seconds_64bit; + if (seconds != seconds_64bit) { + /* + * It doesn't fit into a time_t, so we can't hand it + * to gmtime. + */ + ND_PRINT((ndo, " (unrepresentable)")); + } else { + tm = gmtime(&seconds); + if (tm == NULL) { + /* + * gmtime() can't handle it. + * (Yes, that might happen with some version of + * Microsoft's C library.) + */ + ND_PRINT((ndo, " (unrepresentable)")); + } else { + /* use ISO 8601 (RFC3339) format */ + strftime(time_buf, sizeof (time_buf), "%Y-%m-%dT%H:%M:%S", tm); + ND_PRINT((ndo, " (%s)", time_buf)); + } + } } #endif } diff --git a/print-radius.c b/print-radius.c index 8555188e..f212a83e 100644 --- a/print-radius.c +++ b/print-radius.c @@ -40,19 +40,34 @@ * RFC 2869: * "RADIUS Extensions" * + * RFC 3162: + * "RADIUS and IPv6" + * * RFC 3580: * "IEEE 802.1X Remote Authentication Dial In User Service (RADIUS)" * "Usage Guidelines" * + * RFC 4072: + * "Diameter Extensible Authentication Protocol (EAP) Application" + * * RFC 4675: * "RADIUS Attributes for Virtual LAN and Priority Support" * + * RFC 4818: + * "RADIUS Delegated-IPv6-Prefix Attribute" + * * RFC 4849: * "RADIUS Filter Rule Attribute" * + * RFC 5090: + * "RADIUS Extension for Digest Authentication" + * * RFC 5176: * "Dynamic Authorization Extensions to RADIUS" * + * RFC 5580: + * "Carrying Location Objects in RADIUS and Diameter" + * * RFC 7155: * "Diameter Network Access Server Application" * @@ -160,6 +175,8 @@ static const struct tok radius_command_values[] = { #define TUNNEL_CLIENT_AUTH 90 #define TUNNEL_SERVER_AUTH 91 + +#define ERROR_CAUSE 101 /********************************/ /* End Radius Attribute types */ /********************************/ @@ -178,6 +195,8 @@ static void print_attr_string(netdissect_options *, register const u_char *, u_i static void print_attr_num(netdissect_options *, register const u_char *, u_int, u_short ); static void print_vendor_attr(netdissect_options *, register const u_char *, u_int, u_short ); static void print_attr_address(netdissect_options *, register const u_char *, u_int, u_short); +static void print_attr_address6(netdissect_options *, register const u_char *, u_int, u_short); +static void print_attr_netmask6(netdissect_options *, register const u_char *, u_int, u_short); static void print_attr_time(netdissect_options *, register const u_char *, u_int, u_short); static void print_attr_strange(netdissect_options *, register const u_char *, u_int, u_short); @@ -377,6 +396,47 @@ static const char *prompt[]={ "No Echo", "Echo", }; +/* Error-Cause standard values */ +#define ERROR_CAUSE_RESIDUAL_CONTEXT_REMOVED 201 +#define ERROR_CAUSE_INVALID_EAP_PACKET 202 +#define ERROR_CAUSE_UNSUPPORTED_ATTRIBUTE 401 +#define ERROR_CAUSE_MISSING_ATTRIBUTE 402 +#define ERROR_CAUSE_NAS_IDENTIFICATION_MISMATCH 403 +#define ERROR_CAUSE_INVALID_REQUEST 404 +#define ERROR_CAUSE_UNSUPPORTED_SERVICE 405 +#define ERROR_CAUSE_UNSUPPORTED_EXTENSION 406 +#define ERROR_CAUSE_INVALID_ATTRIBUTE_VALUE 407 +#define ERROR_CAUSE_ADMINISTRATIVELY_PROHIBITED 501 +#define ERROR_CAUSE_PROXY_REQUEST_NOT_ROUTABLE 502 +#define ERROR_CAUSE_SESSION_CONTEXT_NOT_FOUND 503 +#define ERROR_CAUSE_SESSION_CONTEXT_NOT_REMOVABLE 504 +#define ERROR_CAUSE_PROXY_PROCESSING_ERROR 505 +#define ERROR_CAUSE_RESOURCES_UNAVAILABLE 506 +#define ERROR_CAUSE_REQUEST_INITIATED 507 +#define ERROR_CAUSE_MULTIPLE_SESSION_SELECTION_UNSUPPORTED 508 +#define ERROR_CAUSE_LOCATION_INFO_REQUIRED 509 +static const struct tok errorcausetype[] = { + { ERROR_CAUSE_RESIDUAL_CONTEXT_REMOVED, "Residual Session Context Removed" }, + { ERROR_CAUSE_INVALID_EAP_PACKET, "Invalid EAP Packet (Ignored)" }, + { ERROR_CAUSE_UNSUPPORTED_ATTRIBUTE, "Unsupported Attribute" }, + { ERROR_CAUSE_MISSING_ATTRIBUTE, "Missing Attribute" }, + { ERROR_CAUSE_NAS_IDENTIFICATION_MISMATCH, "NAS Identification Mismatch" }, + { ERROR_CAUSE_INVALID_REQUEST, "Invalid Request" }, + { ERROR_CAUSE_UNSUPPORTED_SERVICE, "Unsupported Service" }, + { ERROR_CAUSE_UNSUPPORTED_EXTENSION, "Unsupported Extension" }, + { ERROR_CAUSE_INVALID_ATTRIBUTE_VALUE, "Invalid Attribute Value" }, + { ERROR_CAUSE_ADMINISTRATIVELY_PROHIBITED, "Administratively Prohibited" }, + { ERROR_CAUSE_PROXY_REQUEST_NOT_ROUTABLE, "Request Not Routable (Proxy)" }, + { ERROR_CAUSE_SESSION_CONTEXT_NOT_FOUND, "Session Context Not Found" }, + { ERROR_CAUSE_SESSION_CONTEXT_NOT_REMOVABLE, "Session Context Not Removable" }, + { ERROR_CAUSE_PROXY_PROCESSING_ERROR, "Other Proxy Processing Error" }, + { ERROR_CAUSE_RESOURCES_UNAVAILABLE, "Resources Unavailable" }, + { ERROR_CAUSE_REQUEST_INITIATED, "Request Initiated" }, + { ERROR_CAUSE_MULTIPLE_SESSION_SELECTION_UNSUPPORTED, "Multiple Session Selection Unsupported" }, + { ERROR_CAUSE_LOCATION_INFO_REQUIRED, "Location Info Required" }, + { 0, NULL } + }; + static struct attrtype { const char *name; /* Attribute name */ @@ -480,7 +540,36 @@ static struct attrtype { { "Tunnel-Server-Auth-ID", NULL, 0, 0, print_attr_string }, { "NAS-Filter-Rule", NULL, 0, 0, print_attr_string }, { "Unassigned", NULL, 0, 0, NULL }, /*93*/ - { "Originating-Line-Info", NULL, 0, 0, NULL } + { "Originating-Line-Info", NULL, 0, 0, NULL }, + { "NAS-IPv6-Address", NULL, 0, 0, print_attr_address6 }, + { "Framed-Interface-ID", NULL, 0, 0, NULL }, + { "Framed-IPv6-Prefix", NULL, 0, 0, print_attr_netmask6 }, + { "Login-IPv6-Host", NULL, 0, 0, print_attr_address6 }, + { "Framed-IPv6-Route", NULL, 0, 0, print_attr_string }, + { "Framed-IPv6-Pool", NULL, 0, 0, print_attr_string }, + { "Error-Cause", NULL, 0, 0, print_attr_strange }, + { "EAP-Key-Name", NULL, 0, 0, NULL }, + { "Digest-Response", NULL, 0, 0, print_attr_string }, + { "Digest-Realm", NULL, 0, 0, print_attr_string }, + { "Digest-Nonce", NULL, 0, 0, print_attr_string }, + { "Digest-Response-Auth", NULL, 0, 0, print_attr_string }, + { "Digest-Nextnonce", NULL, 0, 0, print_attr_string }, + { "Digest-Method", NULL, 0, 0, print_attr_string }, + { "Digest-URI", NULL, 0, 0, print_attr_string }, + { "Digest-Qop", NULL, 0, 0, print_attr_string }, + { "Digest-Algorithm", NULL, 0, 0, print_attr_string }, + { "Digest-Entity-Body-Hash", NULL, 0, 0, print_attr_string }, + { "Digest-CNonce", NULL, 0, 0, print_attr_string }, + { "Digest-Nonce-Count", NULL, 0, 0, print_attr_string }, + { "Digest-Username", NULL, 0, 0, print_attr_string }, + { "Digest-Opaque", NULL, 0, 0, print_attr_string }, + { "Digest-Auth-Param", NULL, 0, 0, print_attr_string }, + { "Digest-AKA-Auts", NULL, 0, 0, print_attr_string }, + { "Digest-Domain", NULL, 0, 0, print_attr_string }, + { "Digest-Stale", NULL, 0, 0, print_attr_string }, + { "Digest-HA1", NULL, 0, 0, print_attr_string }, + { "SIP-AOR", NULL, 0, 0, print_attr_string }, + { "Delegated-IPv6-Prefix", NULL, 0, 0, print_attr_netmask6 }, }; @@ -779,6 +868,66 @@ print_attr_address(netdissect_options *ndo, ND_PRINT((ndo, "%s", tstr)); } +/*****************************/ +/* Print an attribute IPv6 */ +/* address value pointed by */ +/* 'data' and 'length' size. */ +/*****************************/ +/* Returns nothing. */ +/*****************************/ +static void +print_attr_address6(netdissect_options *ndo, + register const u_char *data, u_int length, u_short attr_code _U_) +{ + if (length != 16) + { + ND_PRINT((ndo, "ERROR: length %u != 16", length)); + return; + } + + ND_TCHECK2(data[0], 16); + + ND_PRINT((ndo, "%s", ip6addr_string(ndo, data))); + + return; + + trunc: + ND_PRINT((ndo, "%s", tstr)); +} + +static void +print_attr_netmask6(netdissect_options *ndo, + register const u_char *data, u_int length, u_short attr_code _U_) +{ + u_char data2[16]; + + if (length < 2 || length > 18) + { + ND_PRINT((ndo, "ERROR: length %u not in range (2..18)", length)); + return; + } + ND_TCHECK2(data[0], length); + if (data[1] > 128) + { + ND_PRINT((ndo, "ERROR: netmask %u not in range (0..128)", data[1])); + return; + } + + memset(data2, 0, sizeof(data2)); + if (length > 2) + memcpy(data2, data+2, length-2); + + ND_PRINT((ndo, "%s/%u", ip6addr_string(ndo, data2), data[1])); + + if (data[1] > 8 * (length - 2)) + ND_PRINT((ndo, " (inconsistent prefix length)")); + + return; + + trunc: + ND_PRINT((ndo, "%s", tstr)); +} + /*************************************/ /* Print an attribute of 'secs since */ /* January 1, 1970 00:00 UTC' value */ @@ -825,6 +974,7 @@ print_attr_strange(netdissect_options *ndo, register const u_char *data, u_int length, u_short attr_code) { u_short len_data; + u_int error_cause_value; switch(attr_code) { @@ -884,6 +1034,18 @@ print_attr_strange(netdissect_options *ndo, len_data = 8; PRINT_HEX(len_data, data); break; + + case ERROR_CAUSE: + if (length != 4) + { + ND_PRINT((ndo, "Error: length %u != 4", length)); + return; + } + ND_TCHECK2(data[0],4); + + error_cause_value = EXTRACT_32BITS(data); + ND_PRINT((ndo, "Error cause %u: %s", error_cause_value, tok2str(errorcausetype, "Error-Cause %u not known", error_cause_value))); + break; } return; diff --git a/print-tcp.c b/print-tcp.c index c9b50fee..35df59c3 100644 --- a/print-tcp.c +++ b/print-tcp.c @@ -687,6 +687,9 @@ tcp_print(netdissect_options *ndo, } else if (IS_SRC_OR_DST_PORT(SMTP_PORT)) { ND_PRINT((ndo, ": ")); smtp_print(ndo, bp, length); + } else if (IS_SRC_OR_DST_PORT(WHOIS_PORT)) { + ND_PRINT((ndo, ": ")); + txtproto_print(ndo, bp, length, "whois", NULL, 0); /* RFC 3912 */ } else if (IS_SRC_OR_DST_PORT(BGP_PORT)) bgp_print(ndo, bp, length); else if (IS_SRC_OR_DST_PORT(PPTP_PORT)) diff --git a/print-udp.c b/print-udp.c index 5a74ff2f..3f26af35 100644 --- a/print-udp.c +++ b/print-udp.c @@ -589,10 +589,8 @@ udp_print(netdissect_options *ndo, register const u_char *bp, u_int length, isakmp_print(ndo, (const u_char *)(up + 1), length, bp2); else if (IS_SRC_OR_DST_PORT(ISAKMP_PORT_NATT)) isakmp_rfc3948_print(ndo, (const u_char *)(up + 1), length, bp2); -#if 1 /*???*/ else if (IS_SRC_OR_DST_PORT(ISAKMP_PORT_USER1) || IS_SRC_OR_DST_PORT(ISAKMP_PORT_USER2)) isakmp_print(ndo, (const u_char *)(up + 1), length, bp2); -#endif else if (IS_SRC_OR_DST_PORT(SNMP_PORT) || IS_SRC_OR_DST_PORT(SNMPTRAP_PORT)) snmp_print(ndo, (const u_char *)(up + 1), length); else if (IS_SRC_OR_DST_PORT(NTP_PORT)) diff --git a/setsignal.c b/setsignal.c deleted file mode 100644 index 4d93cebf..00000000 --- a/setsignal.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 1997 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that: (1) source code distributions - * retain the above copyright notice and this paragraph in its entirety, (2) - * distributions including binary code include the above copyright notice and - * this paragraph in its entirety in the documentation or other materials - * provided with the distribution, and (3) all advertising materials mentioning - * features or use of this software display the following acknowledgement: - * ``This product includes software developed by the University of California, - * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of - * the University nor the names of its contributors may be used to endorse - * or promote products derived from this software without specific prior - * written permission. - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include - -#include -#ifdef HAVE_SIGACTION -#include -#endif - -#ifdef HAVE_OS_PROTO_H -#include "os-proto.h" -#endif - -#include "setsignal.h" - -/* - * An OS-independent signal() with, whenever possible, partial BSD - * semantics, i.e. the signal handler is restored following service - * of the signal, but system calls are *not* restarted, so that if - * "pcap_breakloop()" is called in a signal handler in a live capture, - * the read/recvfrom/whatever in the live capture doesn't get restarted, - * it returns -1 and sets "errno" to EINTR, so we can break out of the - * live capture loop. - * - * We use "sigaction()" if available. We don't specify that the signal - * should restart system calls, so that should always do what we want. - * - * Otherwise, if "sigset()" is available, it probably has BSD semantics - * while "signal()" has traditional semantics, so we use "sigset()"; it - * might cause system calls to be restarted for the signal, however. - * I don't know whether, in any systems where it did cause system calls to - * be restarted, there was a way to ask it not to do so; there may no - * longer be any interesting systems without "sigaction()", however, - * and, if there are, they might have "sigvec()" with SV_INTERRUPT - * (which I think first appeared in 4.3BSD). - * - * Otherwise, we use "signal()" - which means we might get traditional - * semantics, wherein system calls don't get restarted *but* the - * signal handler is reset to SIG_DFL and the signal is not blocked, - * so that a subsequent signal would kill the process immediately. - * - * Did I mention that signals suck? At least in POSIX-compliant systems - * they suck far less, as those systems have "sigaction()". - */ -RETSIGTYPE -(*setsignal (int sig, RETSIGTYPE (*func)(int)))(int) -{ -#ifdef HAVE_SIGACTION - struct sigaction old, new; - - memset(&new, 0, sizeof(new)); - new.sa_handler = func; - if (sig == SIGCHLD) - new.sa_flags = SA_RESTART; - if (sigaction(sig, &new, &old) < 0) - return (SIG_ERR); - return (old.sa_handler); - -#else -#ifdef HAVE_SIGSET - return (sigset(sig, func)); -#else - return (signal(sig, func)); -#endif -#endif -} - diff --git a/setsignal.h b/setsignal.h deleted file mode 100644 index 91a2048a..00000000 --- a/setsignal.h +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright (c) 1997 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that: (1) source code distributions - * retain the above copyright notice and this paragraph in its entirety, (2) - * distributions including binary code include the above copyright notice and - * this paragraph in its entirety in the documentation or other materials - * provided with the distribution, and (3) all advertising materials mentioning - * features or use of this software display the following acknowledgement: - * ``This product includes software developed by the University of California, - * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of - * the University nor the names of its contributors may be used to endorse - * or promote products derived from this software without specific prior - * written permission. - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ -#ifndef setsignal_h -#define setsignal_h - -RETSIGTYPE (*setsignal(int, RETSIGTYPE (*)(int)))(int); -#endif diff --git a/tcp.h b/tcp.h index 912b5e82..d9ffd0df 100644 --- a/tcp.h +++ b/tcp.h @@ -104,6 +104,9 @@ struct tcphdr { #ifndef SMTP_PORT #define SMTP_PORT 25 #endif +#ifndef WHOIS_PORT +#define WHOIS_PORT 43 +#endif #ifndef NAMESERVER_PORT #define NAMESERVER_PORT 53 #endif diff --git a/tcpdump.1.in b/tcpdump.1.in index 081e5d12..51beccb8 100644 --- a/tcpdump.1.in +++ b/tcpdump.1.in @@ -38,24 +38,32 @@ tcpdump \- dump traffic on a network .B \-c .I count ] -.br -.ti +8 [ .B \-C .I file_size -] [ -.B \-G -.I rotate_seconds -] [ +] +.ti +8 +[ +.B \-E +.I spi@ipaddr algo:secret,... +] +.ti +8 +[ .B \-F .I file ] -.br -.ti +8 +[ +.B \-G +.I rotate_seconds +] [ .B \-i .I interface ] +.ti +8 +[ +.B \-\-immediate\-mode +] [ .B \-j .I tstamp_type @@ -64,16 +72,18 @@ tcpdump \- dump traffic on a network .B \-m .I module ] +.ti +8 [ .B \-M .I secret ] -.br -.ti +8 [ .B \-\-number ] [ +.B \-\-print +] +[ .B \-Q .I in|out|inout ] @@ -83,10 +93,6 @@ tcpdump \- dump traffic on a network .I file ] [ -.B \-V -.I file -] -[ .B \-s .I snaplen ] @@ -95,27 +101,26 @@ tcpdump \- dump traffic on a network .I type ] [ +.B \-\-version +] +.ti +8 +[ +.B \-V +.I file +] +[ .B \-w .I file ] -.br -.ti +8 [ .B \-W .I filecount ] -.br -.ti +8 -[ -.B \-E -.I spi@ipaddr algo:secret,... -] -.br -.ti +8 [ .B \-y .I datalinktype ] +.ti +8 [ .B \-z .I postrotate-command @@ -130,13 +135,6 @@ tcpdump \- dump traffic on a network ] .ti +8 [ -.B \-\-immediate\-mode -] -[ -.B \-\-version -] -.ti +8 -[ .I expression ] .br @@ -463,12 +461,12 @@ accuracy to a savefile, the time stamps are written with nanosecond resolution, and the file is written with a different magic number, to indicate that the time stamps are in seconds and nanoseconds; not all programs that read pcap savefiles will be able to read those captures. -.LP +.IP When reading a savefile, convert time stamps to the precision specified by \fItimestamp_precision\fP, and display them with that resolution. If the precision specified is less than the precision of time stamps in the file, the conversion will lose precision. -.LP +.IP The supported values for \fItimestamp_precision\fP are \fBmicro\fP for microsecond resolution and \fBnano\fP for nanosecond resolution. The default is microsecond resolution. @@ -579,6 +577,12 @@ Note that the interface might be in promiscuous mode for some other reason; hence, `-p' cannot be used as an abbreviation for `ether host {local-hw-addr} or ether broadcast'. .TP +.BI \-\-print +Print parsed packet output, even if the raw packets are being saved to a +file with the +.B \-w +flag. +.TP .BI \-Q " direction" .PD 0 .TP @@ -690,7 +694,9 @@ Print undecoded NFS handles. .PD If the .B \-w -option is not specified, make the printed packet output +option is not specified, or if it is specified but the +.B \-\-print +flag is also specified, make the printed packet output ``packet-buffered''; i.e., as the description of the contents of each packet is printed, it will be written to the standard output, rather than, when not writing to a terminal, being written only when the output @@ -722,7 +728,7 @@ IP and ICMP header checksum. .IP When writing to a file with the .B \-w -option, report, every 10 seconds, the number of packets captured. +option, report, once per second, the number of packets captured. .TP .B \-vv Even more verbose output. @@ -1219,7 +1225,7 @@ The \fBS\fP indicates that the \fISYN\fP flag was set. The packet sequence number was 768512 and it contained no data. (The notation is `first:last' which means `sequence numbers \fIfirst\fP -up to but not including \fIlast\fP.) +up to but not including \fIlast\fP'.) There was no piggy-backed ack, the available receive window was 4096 bytes and there was a max-segment-size option requesting an mss of 1024 bytes. @@ -1458,7 +1464,7 @@ Some offsets and field values may be expressed as names rather than as numeric values. For example tcp[13] may be replaced with tcp[tcpflags]. The following TCP flag field values are also available: tcp-fin, tcp-syn, tcp-rst, -tcp-push, tcp-act, tcp-urg. +tcp-push, tcp-ack, tcp-urg. .PP This can be demonstrated as: .RS @@ -1908,7 +1914,7 @@ The original distribution is available via anonymous ftp: .RE .LP IPv6/IPsec support is added by WIDE/KAME project. -This program uses Eric Young's SSLeay library, under specific configurations. +This program uses OpenSSL/LibreSSL, under specific configurations. .SH BUGS To report a security issue please send an e-mail to \%security@tcpdump.org. .LP diff --git a/tcpdump.c b/tcpdump.c index 053dd540..ec99ef36 100644 --- a/tcpdump.c +++ b/tcpdump.c @@ -87,6 +87,9 @@ The Regents of the University of California. All rights reserved.\n"; #include #endif /* HAVE_CASPER */ #endif /* HAVE_CAPSICUM */ +#ifdef HAVE_PCAP_OPEN +#define HAVE_REMOTE +#endif #include #include #include @@ -122,7 +125,6 @@ The Regents of the University of California. All rights reserved.\n"; #include "interface.h" #include "addrtoname.h" #include "machdep.h" -#include "setsignal.h" #include "gmt2local.h" #include "pcap-missing.h" #include "ascii_strcasecmp.h" @@ -140,9 +142,19 @@ The Regents of the University of California. All rights reserved.\n"; #endif static int Bflag; /* buffer size */ +#ifdef HAVE_PCAP_DUMP_FTELL64 +static int64_t Cflag; /* rotate dump files after this many bytes */ +#else static long Cflag; /* rotate dump files after this many bytes */ +#endif static int Cflag_count; /* Keep track of which file number we're writing */ +#ifdef HAVE_PCAP_FINDALLDEVS static int Dflag; /* list available devices and exit */ +#endif +#ifdef HAVE_PCAP_FINDALLDEVS_EX +static char *remote_interfaces_source; /* list available devices from this source and exit */ +#endif + /* * This is exported because, in some versions of libpcap, if libpcap * is built with optimizer debugging code (which is *NOT* the default @@ -188,8 +200,9 @@ cap_channel_t *capdns; static NORETURN void error(FORMAT_STRING(const char *), ...) PRINTFLIKE(1, 2); static void warning(FORMAT_STRING(const char *), ...) PRINTFLIKE(1, 2); static NORETURN void exit_tcpdump(int); -static RETSIGTYPE cleanup(int); -static RETSIGTYPE child_cleanup(int); +static void (*setsignal (int sig, void (*func)(int)))(int); +static void cleanup(int); +static void child_cleanup(int); static void print_version(void); static void print_usage(void); static NORETURN void show_tstamp_types_and_exit(pcap_t *, const char *device); @@ -197,6 +210,9 @@ static NORETURN void show_dlts_and_exit(pcap_t *, const char *device); #ifdef HAVE_PCAP_FINDALLDEVS static NORETURN void show_devices_and_exit(void); #endif +#ifdef HAVE_PCAP_FINDALLDEVS_EX +static NORETURN void show_remote_devices_and_exit(void); +#endif static void print_packet(u_char *, const struct pcap_pkthdr *, const u_char *); static void dump_packet_and_trunc(u_char *, const struct pcap_pkthdr *, const u_char *); @@ -204,7 +220,7 @@ static void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *); static void droproot(const char *, const char *); #ifdef SIGNAL_REQ_INFO -RETSIGTYPE requestinfo(int); +void requestinfo(int); #endif #if defined(USE_WIN32_MM_TIMER) @@ -244,6 +260,7 @@ struct dump_info { char *CurrentFileName; pcap_t *pd; pcap_dumper_t *p; + netdissect_options *ndo; #ifdef HAVE_CAPSICUM int dirfd; #endif @@ -431,7 +448,7 @@ show_dlts_and_exit(pcap_t *pc, const char *device) #ifdef HAVE_PCAP_FINDALLDEVS static void -show_devices_and_exit (void) +show_devices_and_exit(void) { pcap_if_t *dev, *devlist; char ebuf[PCAP_ERRBUF_SIZE]; @@ -452,6 +469,30 @@ show_devices_and_exit (void) } #endif /* HAVE_PCAP_FINDALLDEVS */ +#ifdef HAVE_PCAP_FINDALLDEVS_EX +static void +show_remote_devices_and_exit(void) +{ + pcap_if_t *dev, *devlist; + char ebuf[PCAP_ERRBUF_SIZE]; + int i; + + if (pcap_findalldevs_ex(remote_interfaces_source, NULL, &devlist, + ebuf) < 0) + error("%s", ebuf); + for (i = 0, dev = devlist; dev != NULL; i++, dev = dev->next) { + printf("%d.%s", i+1, dev->name); + if (dev->description != NULL) + printf(" (%s)", dev->description); + if (dev->flags != 0) + printf(" [%s]", bittok2str(status_flags, "none", dev->flags)); + printf("\n"); + } + pcap_freealldevs(devlist); + exit_tcpdump(0); +} +#endif /* HAVE_PCAP_FINDALLDEVS */ + /* * Short options. * @@ -494,6 +535,12 @@ show_devices_and_exit (void) #define B_FLAG_USAGE #endif /* defined(HAVE_PCAP_CREATE) || defined(_WIN32) */ +#ifdef HAVE_PCAP_FINDALLDEVS +#define D_FLAG "D" +#else +#define D_FLAG +#endif + #ifdef HAVE_PCAP_CREATE #define I_FLAG "I" #else /* HAVE_PCAP_CREATE */ @@ -510,10 +557,12 @@ show_devices_and_exit (void) #define J_FLAG #endif /* PCAP_ERROR_TSTAMP_TYPE_NOTSUP */ -#ifdef HAVE_PCAP_FINDALLDEVS -#define D_FLAG "D" +#ifdef HAVE_PCAP_SETDIRECTION +#define Q_FLAG "Q:" +#define Q_FLAG_USAGE " [ -Q in|out|inout ]" #else -#define D_FLAG +#define Q_FLAG +#define Q_FLAG_USAGE #endif #ifdef HAVE_PCAP_DUMP_FLUSH @@ -522,12 +571,6 @@ show_devices_and_exit (void) #define U_FLAG #endif -#ifdef HAVE_PCAP_SETDIRECTION -#define Q_FLAG "Q:" -#else -#define Q_FLAG -#endif - #define SHORTOPTS "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" Q_FLAG "r:s:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:#" /* @@ -550,15 +593,20 @@ show_devices_and_exit (void) * component of the entry for the long option, and have a case for that * option in the switch statement. */ -#define OPTION_VERSION 128 -#define OPTION_TSTAMP_PRECISION 129 -#define OPTION_IMMEDIATE_MODE 130 +#define OPTION_VERSION 128 +#define OPTION_TSTAMP_PRECISION 129 +#define OPTION_IMMEDIATE_MODE 130 +#define OPTION_PRINT 131 +#define OPTION_LIST_REMOTE_INTERFACES 132 static const struct option longopts[] = { #if defined(HAVE_PCAP_CREATE) || defined(_WIN32) { "buffer-size", required_argument, NULL, 'B' }, #endif { "list-interfaces", no_argument, NULL, 'D' }, +#ifdef HAVE_PCAP_FINDALLDEVS_EX + { "list-remote-interfaces", required_argument, NULL, OPTION_LIST_REMOTE_INTERFACES }, +#endif { "help", no_argument, NULL, 'h' }, { "interface", required_argument, NULL, 'i' }, #ifdef HAVE_PCAP_CREATE @@ -592,10 +640,29 @@ static const struct option longopts[] = { #endif { "relinquish-privileges", required_argument, NULL, 'Z' }, { "number", no_argument, NULL, '#' }, + { "print", no_argument, NULL, OPTION_PRINT }, { "version", no_argument, NULL, OPTION_VERSION }, { NULL, 0, NULL, 0 } }; +#ifdef HAVE_PCAP_FINDALLDEVS_EX +#define LIST_REMOTE_INTERFACES_USAGE "[ --list-remote-interfaces remote-source ]" +#else +#define LIST_REMOTE_INTERFACES_USAGE +#endif + +#ifdef HAVE_PCAP_SET_IMMEDIATE_MODE +#define IMMEDIATE_MODE_USAGE " [ --immediate-mode ]" +#else +#define IMMEDIATE_MODE_USAGE "" +#endif + +#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION +#define TIME_STAMP_PRECISION_USAGE " [ --time-stamp-precision precision ]" +#else +#define TIME_STAMP_PRECISION_USAGE +#endif + #ifndef _WIN32 /* Drop root privileges and chroot if necessary */ static void @@ -649,6 +716,7 @@ droproot(const char *username, const char *chroot_dir) } #ifdef HAVE_LIBCAP_NG /* We don't need CAP_SETUID, CAP_SETGID and CAP_SYS_CHROOT any more. */ +DIAG_OFF_CLANG(assign-enum) capng_updatev( CAPNG_DROP, CAPNG_EFFECTIVE | CAPNG_PERMITTED, @@ -656,6 +724,7 @@ droproot(const char *username, const char *chroot_dir) CAP_SETGID, CAP_SYS_CHROOT, -1); +DIAG_ON_CLANG(assign-enum) capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ @@ -985,6 +1054,13 @@ find_interface_by_number(long devnum) } #endif +#ifdef HAVE_PCAP_OPEN +/* + * Prefix for rpcap URLs. + */ +static char rpcap_prefix[] = "rpcap://"; +#endif + static pcap_t * open_interface(const char *device, netdissect_options *ndo, char *ebuf) { @@ -994,6 +1070,36 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf) char *cp; #endif +#ifdef HAVE_PCAP_OPEN + /* + * Is this an rpcap URL? + */ + if (strncmp(device, rpcap_prefix, sizeof(rpcap_prefix) - 1) == 0) { + /* + * Yes. Open it with pcap_open(). + */ + *ebuf = '\0'; +fprintf(stderr, "Opening %s\n", device); + pc = pcap_open(device, ndo->ndo_snaplen, + pflag ? 0 : PCAP_OPENFLAG_PROMISCUOUS, 1000, NULL, + ebuf); + if (pc == NULL) { + /* + * If this failed with "No such device", that means + * the interface doesn't exist; return NULL, so that + * the caller can see whether the device name is + * actually an interface index. + */ + if (strstr(ebuf, "No such device") != NULL) + return (NULL); + error("%s", ebuf); + } + if (*ebuf) + warning("%s", ebuf); + return (pc); + } +#endif /* HAVE_PCAP_OPEN */ + #ifdef HAVE_PCAP_CREATE pc = pcap_create(device, ebuf); if (pc == NULL) { @@ -1175,15 +1281,16 @@ int main(int argc, char **argv) { register int cnt, op, i; - bpf_u_int32 localnet =0 , netmask = 0; + bpf_u_int32 localnet = 0, netmask = 0; int timezone_offset = 0; register char *cp, *infile, *cmdbuf, *device, *RFileName, *VFileName, *WFileName; + char *endp; pcap_handler callback; int dlt; const char *dlt_name; struct bpf_program fcode; #ifndef _WIN32 - RETSIGTYPE (*oldhandler)(int); + void (*oldhandler)(int); #endif struct dump_info dumpinfo; u_char *pcap_userdata; @@ -1206,6 +1313,7 @@ main(int argc, char **argv) int Oflag = 1; /* run filter code optimizer */ int yflag_dlt = -1; const char *yflag_dlt_name = NULL; + int print = 0; netdissect_options Ndo; netdissect_options *ndo = &Ndo; @@ -1278,18 +1386,42 @@ main(int argc, char **argv) break; case 'C': - Cflag = atoi(optarg) * 1000000; - if (Cflag <= 0) + errno = 0; +#ifdef HAVE_PCAP_DUMP_FTELL64 + Cflag = strtoint64_t(optarg, &endp, 10); +#else + Cflag = strtol(optarg, &endp, 10); +#endif + if (endp == optarg || *endp != '\0' || errno != 0 + || Cflag <= 0) error("invalid file size %s", optarg); + /* + * Will multiplying it by 1000000 overflow? + */ +#ifdef HAVE_PCAP_DUMP_FTELL64 + if (Cflag > INT64_T_CONSTANT(0x7fffffffffffffff) / 1000000) +#else + if (Cflag > LONG_MAX / 1000000) +#endif + error("file size %s is too large", optarg); + Cflag *= 1000000; break; case 'd': ++dflag; break; +#ifdef HAVE_PCAP_FINDALLDEVS case 'D': Dflag++; break; +#endif + +#ifdef HAVE_PCAP_FINDALLDEVS_EX + case OPTION_LIST_REMOTE_INTERFACES: + remote_interfaces_source = optarg; + break; +#endif case 'L': Lflag++; @@ -1582,6 +1714,10 @@ main(int argc, char **argv) break; #endif + case OPTION_PRINT: + print = 1; + break; + default: print_usage(); exit_tcpdump(1); @@ -1592,6 +1728,10 @@ main(int argc, char **argv) if (Dflag) show_devices_and_exit(); #endif +#ifdef HAVE_PCAP_FINDALLDEVS_EX + if (remote_interfaces_source != NULL) + show_remote_devices_and_exit(); +#endif switch (ndo->ndo_tflag) { @@ -1620,11 +1760,14 @@ main(int argc, char **argv) #ifdef HAVE_PCAP_SET_IMMEDIATE_MODE /* * If we're printing dissected packets to the standard output - * rather than saving raw packets to a file, and the standard - * output is a terminal, use immediate mode, as the user's - * probably expecting to see packets pop up immediately. + * and the standard output is a terminal, use immediate mode, + * as the user's probably expecting to see packets pop up + * immediately. + * + * XXX - set the timeout to a lower value, instead? If so, + * what value would be appropriate? */ - if (WFileName == NULL && isatty(1)) + if ((WFileName == NULL || print) && isatty(1)) immediate_mode = 1; #endif @@ -1863,8 +2006,8 @@ main(int argc, char **argv) #ifndef _WIN32 (void)setsignal(SIGPIPE, cleanup); (void)setsignal(SIGTERM, cleanup); - (void)setsignal(SIGINT, cleanup); #endif /* _WIN32 */ + (void)setsignal(SIGINT, cleanup); #if defined(HAVE_FORK) || defined(HAVE_VFORK) (void)setsignal(SIGCHLD, child_cleanup); #endif @@ -1898,27 +2041,33 @@ main(int argc, char **argv) /* Initialize capng */ capng_clear(CAPNG_SELECT_BOTH); if (username) { +DIAG_OFF_CLANG(assign-enum) capng_updatev( CAPNG_ADD, CAPNG_PERMITTED | CAPNG_EFFECTIVE, CAP_SETUID, CAP_SETGID, -1); +DIAG_ON_CLANG(assign-enum) } if (chroot_dir) { +DIAG_OFF_CLANG(assign-enum) capng_update( CAPNG_ADD, CAPNG_PERMITTED | CAPNG_EFFECTIVE, CAP_SYS_CHROOT ); +DIAG_ON_CLANG(assign-enum) } if (WFileName) { +DIAG_OFF_CLANG(assign-enum) capng_update( CAPNG_ADD, CAPNG_PERMITTED | CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE ); +DIAG_ON_CLANG(assign-enum) } capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ @@ -2015,8 +2164,18 @@ main(int argc, char **argv) pcap_userdata = (u_char *)&dumpinfo; } else { callback = dump_packet; - pcap_userdata = (u_char *)p; + dumpinfo.WFileName = WFileName; + dumpinfo.pd = pd; + dumpinfo.p = p; + pcap_userdata = (u_char *)&dumpinfo; } + if (print) { + dlt = pcap_datalink(pd); + ndo->ndo_if_printer = get_if_printer(ndo, dlt); + dumpinfo.ndo = ndo; + } else + dumpinfo.ndo = NULL; + #ifdef HAVE_PCAP_DUMP_FLUSH if (Uflag) pcap_dump_flush(p); @@ -2037,11 +2196,11 @@ main(int argc, char **argv) (void)setsignal(SIGNAL_REQ_INFO, requestinfo); #endif - if (ndo->ndo_vflag > 0 && WFileName) { + if (ndo->ndo_vflag > 0 && WFileName && !print) { /* - * When capturing to a file, "-v" means tcpdump should, - * every 10 seconds, "v"erbosely report the number of - * packets captured. + * When capturing to a file, if "--print" wasn't specified, + *"-v" means tcpdump should, once per second, + * "v"erbosely report the number of packets captured. */ #ifdef USE_WIN32_MM_TIMER /* call verbose_stats_dump() each 1000 +/-100msec */ @@ -2209,8 +2368,29 @@ main(int argc, char **argv) exit_tcpdump(status == -1 ? 1 : 0); } +/* + * Catch a signal. + */ +static void +(*setsignal (int sig, void (*func)(int)))(int) +{ +#ifdef _WIN32 + return (signal(sig, func)); +#else + struct sigaction old, new; + + memset(&new, 0, sizeof(new)); + new.sa_handler = func; + if (sig == SIGCHLD) + new.sa_flags = SA_RESTART; + if (sigaction(sig, &new, &old) < 0) + return (SIG_ERR); + return (old.sa_handler); +#endif +} + /* make a clean exit on interrupts */ -static RETSIGTYPE +static void cleanup(int signo _U_) { #ifdef USE_WIN32_MM_TIMER @@ -2255,7 +2435,7 @@ cleanup(int signo _U_) waiting a child processes to die */ #if defined(HAVE_FORK) || defined(HAVE_VFORK) -static RETSIGTYPE +static void child_cleanup(int signo _U_) { wait(NULL); @@ -2486,7 +2666,17 @@ dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *s * file could put it over Cflag. */ if (Cflag != 0) { +#ifdef HAVE_PCAP_DUMP_FTELL64 + int64_t size = pcap_dump_ftell64(dump_info->p); +#else + /* + * XXX - this only handles a Cflag value > 2^31-1 on + * LP64 platforms; to handle ILP32 (32-bit UN*X and + * Windows) or LLP64 (64-bit Windows) would require + * a version of libpcap with pcap_dump_ftell64(). + */ long size = pcap_dump_ftell(dump_info->p); +#endif if (size == -1) error("ftell fails on output file"); @@ -2557,6 +2747,9 @@ dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *s pcap_dump_flush(dump_info->p); #endif + if (dump_info->ndo != NULL) + pretty_print_packet(dump_info->ndo, h, sp, packets_captured); + --infodelay; if (infoprint) info(0); @@ -2565,16 +2758,23 @@ dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *s static void dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) { + struct dump_info *dump_info; + ++packets_captured; ++infodelay; - pcap_dump(user, h, sp); + dump_info = (struct dump_info *)user; + + pcap_dump((u_char *)dump_info->p, h, sp); #ifdef HAVE_PCAP_DUMP_FLUSH if (Uflag) - pcap_dump_flush((pcap_dumper_t *)user); + pcap_dump_flush(dump_info->p); #endif + if (dump_info->ndo != NULL) + pretty_print_packet(dump_info->ndo, h, sp, packets_captured); + --infodelay; if (infoprint) info(0); @@ -2622,7 +2822,7 @@ print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) #endif #ifdef SIGNAL_REQ_INFO -RETSIGTYPE requestinfo(int signo _U_) +void requestinfo(int signo _U_) { if (infodelay) ++infoprint; @@ -2631,6 +2831,18 @@ RETSIGTYPE requestinfo(int signo _U_) } #endif +static void +print_packets_captured (void) +{ + static u_int prev_packets_captured, first = 1; + + if (infodelay == 0 && (first || packets_captured != prev_packets_captured)) { + fprintf(stderr, "Got %u\r", packets_captured); + first = 0; + prev_packets_captured = packets_captured; + } +} + /* * Called once each second in verbose mode while dumping to file */ @@ -2638,14 +2850,12 @@ RETSIGTYPE requestinfo(int signo _U_) void CALLBACK verbose_stats_dump (UINT timer_id _U_, UINT msg _U_, DWORD_PTR arg _U_, DWORD_PTR dw1 _U_, DWORD_PTR dw2 _U_) { - if (infodelay == 0) - fprintf(stderr, "Got %u\r", packets_captured); + print_packets_captured(); } #elif defined(HAVE_ALARM) static void verbose_stats_dump(int sig _U_) { - if (infodelay == 0) - fprintf(stderr, "Got %u\r", packets_captured); + print_packets_captured(); alarm(1); } #endif @@ -2654,7 +2864,6 @@ USES_APPLE_DEPRECATED_API static void print_version(void) { - extern char version[]; #ifndef HAVE_PCAP_LIB_VERSION #if defined(_WIN32) || defined(HAVE_PCAP_VERSION) extern char pcap_version[]; @@ -2664,21 +2873,11 @@ print_version(void) #endif /* HAVE_PCAP_LIB_VERSION */ const char *smi_version_string; + (void)fprintf(stderr, "%s version " PACKAGE_VERSION "\n", program_name); #ifdef HAVE_PCAP_LIB_VERSION -#ifdef _WIN32 - (void)fprintf(stderr, "%s version %s, based on tcpdump version %s\n", program_name, WDversion, version); -#else /* _WIN32 */ - (void)fprintf(stderr, "%s version %s\n", program_name, version); -#endif /* _WIN32 */ (void)fprintf(stderr, "%s\n",pcap_lib_version()); #else /* HAVE_PCAP_LIB_VERSION */ -#ifdef _WIN32 - (void)fprintf(stderr, "%s version %s, based on tcpdump version %s\n", program_name, WDversion, version); - (void)fprintf(stderr, "WinPcap version %s, based on libpcap version %s\n",Wpcap_version, pcap_version); -#else /* _WIN32 */ - (void)fprintf(stderr, "%s version %s\n", program_name, version); (void)fprintf(stderr, "libpcap version %s\n", pcap_version); -#endif /* _WIN32 */ #endif /* HAVE_PCAP_LIB_VERSION */ #if defined(HAVE_LIBCRYPTO) && defined(SSLEAY_VERSION) @@ -2688,6 +2887,9 @@ print_version(void) smi_version_string = nd_smi_version_string(); if (smi_version_string != NULL) (void)fprintf (stderr, "SMI-library: %s\n", smi_version_string); +#ifdef HAVE_DNET_HTOA + (void)fprintf(stderr, "libdnet unknown version\n"); +#endif #if defined(__SANITIZE_ADDRESS__) (void)fprintf (stderr, "Compiled with AddressSanitizer/GCC.\n"); @@ -2708,26 +2910,21 @@ print_usage(void) (void)fprintf(stderr, "\t\t[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]\n"); (void)fprintf(stderr, -"\t\t[ -i interface ]" j_FLAG_USAGE " [ -M secret ] [ --number ]\n"); -#ifdef HAVE_PCAP_SETDIRECTION +"\t\t[ -i interface ]" IMMEDIATE_MODE_USAGE j_FLAG_USAGE "\n"); +#ifdef HAVE_PCAP_FINDALLDEVS_EX (void)fprintf(stderr, -"\t\t[ -Q in|out|inout ]\n"); +"\t\t" LIST_REMOTE_INTERFACES_USAGE "\n"); #endif (void)fprintf(stderr, -"\t\t[ -r file ] [ -s snaplen ] "); -#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION - (void)fprintf(stderr, "[ --time-stamp-precision precision ]\n"); +"\t\t[ -M secret ] [ --number ] [ --print ]" Q_FLAG_USAGE "\n"); (void)fprintf(stderr, -"\t\t"); -#endif -#ifdef HAVE_PCAP_SET_IMMEDIATE_MODE - (void)fprintf(stderr, "[ --immediate-mode ] "); -#endif - (void)fprintf(stderr, "[ -T type ] [ --version ] [ -V file ]\n"); +"\t\t[ -r file ] [ -s snaplen ]" TIME_STAMP_PRECISION_USAGE "\n"); + (void)fprintf(stderr, +"\t\t[ -T type ] [ --version ] [ -V file ] [ -w file ]\n"); (void)fprintf(stderr, -"\t\t[ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z postrotate-command ]\n"); +"\t\t[ -W filecount ] [ -y datalinktype ]\n"); (void)fprintf(stderr, -"\t\t[ -Z user ] [ expression ]\n"); +"\t\t[ -z postrotate-command ] [ -Z user ] [ expression ]\n"); } /* * Local Variables: diff --git a/tests/RADIUS-RFC3162.pcap b/tests/RADIUS-RFC3162.pcap new file mode 100644 index 00000000..b41d67c7 Binary files /dev/null and b/tests/RADIUS-RFC3162.pcap differ diff --git a/tests/RADIUS-RFC5176-2.pcap b/tests/RADIUS-RFC5176-2.pcap new file mode 100644 index 00000000..9c2a4555 Binary files /dev/null and b/tests/RADIUS-RFC5176-2.pcap differ diff --git a/tests/TESTLIST b/tests/TESTLIST index 95d4242a..31794a43 100644 --- a/tests/TESTLIST +++ b/tests/TESTLIST @@ -276,9 +276,11 @@ decnet DECnet_Phone.pcap decnet.out # RADIUS tests radius-v RADIUS.pcap radius-v.out -v +radius-rfc3162 RADIUS-RFC3162.pcap radius-rfc3162-v.out -v radius-rfc4675 RADIUS-RFC4675.pcap radius-rfc4675-v.out -v radius-rfc5176 RADIUS-RFC5176.pcap radius-rfc5176-v.out -v radius-port1700 RADIUS-port1700.pcap radius-port1700-v.out -v +radius-rfc5176-2 RADIUS-RFC5176-2.pcap radius-rfc5176-2-v.out -v # link-level protocols dtp-v DTP.pcap dtp-v.out -v @@ -378,6 +380,10 @@ resp_1 resp_1_benchmark.pcap resp_1.out resp_2 resp_2_inline.pcap resp_2.out resp_3 resp_3_malicious.pcap resp_3.out +# WHOIS tests +whois whois.pcap whois.out +whois-v whois.pcap whois-v.out -v + # HNCP tests hncp hncp.pcap hncp.out -vvv @@ -603,3 +609,19 @@ nfs-seg-fault-1 nfs-seg-fault-1.pcap nfs-seg-fault-1.out dns-zlip-1 dns-zlip-1.pcap dns-zlip-1.out dns-zlip-2 dns-zlip-2.pcap dns-zlip-2.out dns-zlip-3 dns-zlip-3.pcap dns-zlip-3.out + +# NTP tests +ntp ntp.pcap ntp.out +ntp-v ntp.pcap ntp-v.out -v +ntp-time ntp-time.pcap ntp-time.out +ntp-time--v ntp-time.pcap ntp-time--v.out -v +ntp-time--vv ntp-time.pcap ntp-time--vv.out -vv +ntp-time--vvv ntp-time.pcap ntp-time--vvv.out -vvv +ntp-control ntp-control.pcap ntp-control.out +ntp-control--v ntp-control.pcap ntp-control--v.out -v +ntp-control--vv ntp-control.pcap ntp-control--vv.out -vv +ntp-control--vvv ntp-control.pcap ntp-control--vvv.out -vvv +ntp-mode7 ntp-mode7.pcap ntp-mode7.out +ntp-mode7--v ntp-mode7.pcap ntp-mode7--v.out -v +ntp-mode7--vv ntp-mode7.pcap ntp-mode7--vv.out -vv +ntp-mode7--vvv ntp-mode7.pcap ntp-mode7--vvv.out -vvv diff --git a/tests/TESTonce b/tests/TESTonce index 3be31f9a..340f3578 100755 --- a/tests/TESTonce +++ b/tests/TESTonce @@ -42,7 +42,7 @@ if($r == 0) { } printf " %-35s: TEST FAILED(%s)", $name, $r == -1 ? $! : "exit $?"; open FOUT, '>>failure-outputs.txt'; -printf FOUT "Failed test: $name\n\n"; +printf FOUT "\nFailed test: $name\n\n"; close FOUT; if(-f "DIFF/$output.diff") { system "cat DIFF/$output.diff >> failure-outputs.txt"; diff --git a/tests/TESTrun.sh b/tests/TESTrun.sh index 21aa0d9f..07bad6cb 100755 --- a/tests/TESTrun.sh +++ b/tests/TESTrun.sh @@ -62,7 +62,6 @@ echo '------------------------------------------------' printf "%4u tests failed\n" $failed printf "%4u tests passed\n" $passed echo -echo cat failure-outputs.txt echo echo diff --git a/tests/ntp-control--v.out b/tests/ntp-control--v.out new file mode 100644 index 00000000..a8eb0e90 --- /dev/null +++ b/tests/ntp-control--v.out @@ -0,0 +1,76 @@ +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x5280!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=68, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 416) ::1.123 > ::1.38531: [bad udp cksum 0x01b3 -> 0x412f!] NTPv2, Control Message, length 408 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=68, Status=0x618, Assoc.=0, Offset=0, Count=394 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x5280!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=1 + Sequence=69, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 40) ::1.123 > ::1.38531: [bad udp cksum 0x003b -> 0xfba0!] NTPv2, Control Message, length 32 + Leap indicator: (0), Response, OK, Last, OpCode=1 + Sequence=69, Status=0x618, Assoc.=0, Offset=0, Count=20 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x527f!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=1 + Sequence=70, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 40) ::1.123 > ::1.38531: [bad udp cksum 0x003b -> 0xfb9f!] NTPv2, Control Message, length 32 + Leap indicator: (0), Response, OK, Last, OpCode=1 + Sequence=70, Status=0x618, Assoc.=0, Offset=0, Count=20 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93c3!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=71, Status=0, Assoc.=48825, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5350!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=71, Status=0x8011, Assoc.=48825, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0xbcc4!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=71, Status=0x8011, Assoc.=48825, Offset=468, Count=106 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93c1!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=72, Status=0, Assoc.=48826, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0xc0d5!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=72, Status=0x8011, Assoc.=48826, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0x88c5!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=72, Status=0x8011, Assoc.=48826, Offset=468, Count=107 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bf!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=73, Status=0, Assoc.=48827, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5c4a!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=73, Status=0x8011, Assoc.=48827, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 124) ::1.123 > ::1.38531: [bad udp cksum 0x008f -> 0xdcfa!] NTPv2, Control Message, length 116 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=73, Status=0x8011, Assoc.=48827, Offset=468, Count=104 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bd!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=74, Status=0, Assoc.=48828, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5634!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=74, Status=0x8011, Assoc.=48828, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0x8c8c!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=74, Status=0x8011, Assoc.=48828, Offset=468, Count=108 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bb!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=75, Status=0, Assoc.=48829, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x9c1f!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=75, Status=0x961a, Assoc.=48829, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 108) ::1.123 > ::1.38531: [bad udp cksum 0x007f -> 0x77be!] NTPv2, Control Message, length 100 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=75, Status=0x961a, Assoc.=48829, Offset=468, Count=85 + TO-BE-DONE: data not interpreted diff --git a/tests/ntp-control--vv.out b/tests/ntp-control--vv.out new file mode 100644 index 00000000..a8eb0e90 --- /dev/null +++ b/tests/ntp-control--vv.out @@ -0,0 +1,76 @@ +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x5280!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=68, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 416) ::1.123 > ::1.38531: [bad udp cksum 0x01b3 -> 0x412f!] NTPv2, Control Message, length 408 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=68, Status=0x618, Assoc.=0, Offset=0, Count=394 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x5280!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=1 + Sequence=69, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 40) ::1.123 > ::1.38531: [bad udp cksum 0x003b -> 0xfba0!] NTPv2, Control Message, length 32 + Leap indicator: (0), Response, OK, Last, OpCode=1 + Sequence=69, Status=0x618, Assoc.=0, Offset=0, Count=20 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x527f!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=1 + Sequence=70, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 40) ::1.123 > ::1.38531: [bad udp cksum 0x003b -> 0xfb9f!] NTPv2, Control Message, length 32 + Leap indicator: (0), Response, OK, Last, OpCode=1 + Sequence=70, Status=0x618, Assoc.=0, Offset=0, Count=20 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93c3!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=71, Status=0, Assoc.=48825, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5350!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=71, Status=0x8011, Assoc.=48825, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0xbcc4!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=71, Status=0x8011, Assoc.=48825, Offset=468, Count=106 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93c1!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=72, Status=0, Assoc.=48826, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0xc0d5!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=72, Status=0x8011, Assoc.=48826, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0x88c5!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=72, Status=0x8011, Assoc.=48826, Offset=468, Count=107 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bf!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=73, Status=0, Assoc.=48827, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5c4a!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=73, Status=0x8011, Assoc.=48827, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 124) ::1.123 > ::1.38531: [bad udp cksum 0x008f -> 0xdcfa!] NTPv2, Control Message, length 116 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=73, Status=0x8011, Assoc.=48827, Offset=468, Count=104 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bd!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=74, Status=0, Assoc.=48828, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5634!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=74, Status=0x8011, Assoc.=48828, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0x8c8c!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=74, Status=0x8011, Assoc.=48828, Offset=468, Count=108 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bb!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=75, Status=0, Assoc.=48829, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x9c1f!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=75, Status=0x961a, Assoc.=48829, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 108) ::1.123 > ::1.38531: [bad udp cksum 0x007f -> 0x77be!] NTPv2, Control Message, length 100 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=75, Status=0x961a, Assoc.=48829, Offset=468, Count=85 + TO-BE-DONE: data not interpreted diff --git a/tests/ntp-control--vvv.out b/tests/ntp-control--vvv.out new file mode 100644 index 00000000..a8eb0e90 --- /dev/null +++ b/tests/ntp-control--vvv.out @@ -0,0 +1,76 @@ +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x5280!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=68, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 416) ::1.123 > ::1.38531: [bad udp cksum 0x01b3 -> 0x412f!] NTPv2, Control Message, length 408 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=68, Status=0x618, Assoc.=0, Offset=0, Count=394 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x5280!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=1 + Sequence=69, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 40) ::1.123 > ::1.38531: [bad udp cksum 0x003b -> 0xfba0!] NTPv2, Control Message, length 32 + Leap indicator: (0), Response, OK, Last, OpCode=1 + Sequence=69, Status=0x618, Assoc.=0, Offset=0, Count=20 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x527f!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=1 + Sequence=70, Status=0, Assoc.=0, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 40) ::1.123 > ::1.38531: [bad udp cksum 0x003b -> 0xfb9f!] NTPv2, Control Message, length 32 + Leap indicator: (0), Response, OK, Last, OpCode=1 + Sequence=70, Status=0x618, Assoc.=0, Offset=0, Count=20 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93c3!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=71, Status=0, Assoc.=48825, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5350!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=71, Status=0x8011, Assoc.=48825, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0xbcc4!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=71, Status=0x8011, Assoc.=48825, Offset=468, Count=106 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93c1!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=72, Status=0, Assoc.=48826, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0xc0d5!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=72, Status=0x8011, Assoc.=48826, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0x88c5!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=72, Status=0x8011, Assoc.=48826, Offset=468, Count=107 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bf!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=73, Status=0, Assoc.=48827, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5c4a!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=73, Status=0x8011, Assoc.=48827, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 124) ::1.123 > ::1.38531: [bad udp cksum 0x008f -> 0xdcfa!] NTPv2, Control Message, length 116 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=73, Status=0x8011, Assoc.=48827, Offset=468, Count=104 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bd!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=74, Status=0, Assoc.=48828, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x5634!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=74, Status=0x8011, Assoc.=48828, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 128) ::1.123 > ::1.38531: [bad udp cksum 0x0093 -> 0x8c8c!] NTPv2, Control Message, length 120 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=74, Status=0x8011, Assoc.=48828, Offset=468, Count=108 + TO-BE-DONE: data not interpreted +IP6 (flowlabel 0x62d8a, hlim 64, next-header UDP (17) payload length: 20) ::1.38531 > ::1.123: [bad udp cksum 0x0027 -> 0x93bb!] NTPv2, Control Message, length 12 + Leap indicator: (0), Request, OK, Last, OpCode=2 + Sequence=75, Status=0, Assoc.=48829, Offset=0, Count=0 +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 488) ::1.123 > ::1.38531: [bad udp cksum 0x01fb -> 0x9c1f!] NTPv2, Control Message, length 480 + Leap indicator: (0), Response, OK, More, OpCode=2 + Sequence=75, Status=0x961a, Assoc.=48829, Offset=0, Count=468 + TO-BE-DONE: data not interpreted +IP6 (class 0xb8, flowlabel 0x834cf, hlim 64, next-header UDP (17) payload length: 108) ::1.123 > ::1.38531: [bad udp cksum 0x007f -> 0x77be!] NTPv2, Control Message, length 100 + Leap indicator: (0), Response, OK, Last, OpCode=2 + Sequence=75, Status=0x961a, Assoc.=48829, Offset=468, Count=85 + TO-BE-DONE: data not interpreted diff --git a/tests/ntp-control.out b/tests/ntp-control.out new file mode 100644 index 00000000..b9149abc --- /dev/null +++ b/tests/ntp-control.out @@ -0,0 +1,21 @@ +IP6 ::1.38531 > ::1.123: NTPv2, Control Message, length 12 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 408 +IP6 ::1.38531 > ::1.123: NTPv2, Control Message, length 12 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 32 +IP6 ::1.38531 > ::1.123: NTPv2, Control Message, length 12 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 32 +IP6 ::1.38531 > ::1.123: NTPv2, Control Message, length 12 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 480 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 120 +IP6 ::1.38531 > ::1.123: NTPv2, Control Message, length 12 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 480 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 120 +IP6 ::1.38531 > ::1.123: NTPv2, Control Message, length 12 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 480 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 116 +IP6 ::1.38531 > ::1.123: NTPv2, Control Message, length 12 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 480 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 120 +IP6 ::1.38531 > ::1.123: NTPv2, Control Message, length 12 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 480 +IP6 ::1.123 > ::1.38531: NTPv2, Control Message, length 100 diff --git a/tests/ntp-control.pcap b/tests/ntp-control.pcap new file mode 100644 index 00000000..f3093366 Binary files /dev/null and b/tests/ntp-control.pcap differ diff --git a/tests/ntp-mode7--v.out b/tests/ntp-mode7--v.out new file mode 100644 index 00000000..b4b1d469 --- /dev/null +++ b/tests/ntp-mode7--v.out @@ -0,0 +1,24 @@ +IP (tos 0x0, ttl 64, id 3928, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 72) + 127.0.0.1.123 > 127.0.0.1.32795: NTPv2, Reserved, length 44 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3929, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 60) + 127.0.0.1.123 > 127.0.0.1.32795: NTPv2, Reserved, length 32 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3930, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 96) + 127.0.0.1.123 > 127.0.0.1.32795: NTPv2, Reserved, length 68 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3931, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 468) + 127.0.0.1.123 > 127.0.0.1.32795: NTPv2, Reserved, length 440 + Leap indicator: -1s (128) diff --git a/tests/ntp-mode7--vv.out b/tests/ntp-mode7--vv.out new file mode 100644 index 00000000..fa8703a0 --- /dev/null +++ b/tests/ntp-mode7--vv.out @@ -0,0 +1,24 @@ +IP (tos 0x0, ttl 64, id 3928, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: [bad udp cksum 0xfedb -> 0x65a9!] NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 72) + 127.0.0.1.123 > 127.0.0.1.32795: [bad udp cksum 0xfe47 -> 0xb900!] NTPv2, Reserved, length 44 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3929, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: [bad udp cksum 0xfedb -> 0x65bd!] NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 60) + 127.0.0.1.123 > 127.0.0.1.32795: [bad udp cksum 0xfe3b -> 0xeb6d!] NTPv2, Reserved, length 32 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3930, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: [bad udp cksum 0xfedb -> 0x659f!] NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 96) + 127.0.0.1.123 > 127.0.0.1.32795: [bad udp cksum 0xfe5f -> 0xf9f5!] NTPv2, Reserved, length 68 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3931, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: [bad udp cksum 0xfedb -> 0x65c4!] NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 468) + 127.0.0.1.123 > 127.0.0.1.32795: [bad udp cksum 0xffd3 -> 0xdf82!] NTPv2, Reserved, length 440 + Leap indicator: -1s (128) diff --git a/tests/ntp-mode7--vvv.out b/tests/ntp-mode7--vvv.out new file mode 100644 index 00000000..fa8703a0 --- /dev/null +++ b/tests/ntp-mode7--vvv.out @@ -0,0 +1,24 @@ +IP (tos 0x0, ttl 64, id 3928, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: [bad udp cksum 0xfedb -> 0x65a9!] NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 72) + 127.0.0.1.123 > 127.0.0.1.32795: [bad udp cksum 0xfe47 -> 0xb900!] NTPv2, Reserved, length 44 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3929, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: [bad udp cksum 0xfedb -> 0x65bd!] NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 60) + 127.0.0.1.123 > 127.0.0.1.32795: [bad udp cksum 0xfe3b -> 0xeb6d!] NTPv2, Reserved, length 32 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3930, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: [bad udp cksum 0xfedb -> 0x659f!] NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 96) + 127.0.0.1.123 > 127.0.0.1.32795: [bad udp cksum 0xfe5f -> 0xf9f5!] NTPv2, Reserved, length 68 + Leap indicator: -1s (128) +IP (tos 0x0, ttl 64, id 3931, offset 0, flags [DF], proto UDP (17), length 220) + 127.0.0.1.32795 > 127.0.0.1.123: [bad udp cksum 0xfedb -> 0x65c4!] NTPv2, Reserved, length 192 + Leap indicator: (0) +IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 468) + 127.0.0.1.123 > 127.0.0.1.32795: [bad udp cksum 0xffd3 -> 0xdf82!] NTPv2, Reserved, length 440 + Leap indicator: -1s (128) diff --git a/tests/ntp-mode7.out b/tests/ntp-mode7.out new file mode 100644 index 00000000..f65f85c0 --- /dev/null +++ b/tests/ntp-mode7.out @@ -0,0 +1,8 @@ +IP 127.0.0.1.32795 > 127.0.0.1.123: NTPv2, Reserved, length 192 +IP 127.0.0.1.123 > 127.0.0.1.32795: NTPv2, Reserved, length 44 +IP 127.0.0.1.32795 > 127.0.0.1.123: NTPv2, Reserved, length 192 +IP 127.0.0.1.123 > 127.0.0.1.32795: NTPv2, Reserved, length 32 +IP 127.0.0.1.32795 > 127.0.0.1.123: NTPv2, Reserved, length 192 +IP 127.0.0.1.123 > 127.0.0.1.32795: NTPv2, Reserved, length 68 +IP 127.0.0.1.32795 > 127.0.0.1.123: NTPv2, Reserved, length 192 +IP 127.0.0.1.123 > 127.0.0.1.32795: NTPv2, Reserved, length 440 diff --git a/tests/ntp-mode7.pcap b/tests/ntp-mode7.pcap new file mode 100644 index 00000000..6d23f80c Binary files /dev/null and b/tests/ntp-mode7.pcap differ diff --git a/tests/ntp-time--v.out b/tests/ntp-time--v.out new file mode 100644 index 00000000..f9ff5664 --- /dev/null +++ b/tests/ntp-time--v.out @@ -0,0 +1,20 @@ +IP (tos 0x0, ttl 64, id 24704, offset 0, flags [DF], proto UDP (17), length 76) + 132.199.152.129.49445 > 132.199.4.1.123: NTPv4, Client, length 48 + Leap indicator: clock unsynchronized (192), Stratum 0 (unspecified), poll 8 (256s), precision 0 + Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec) + Reference Timestamp: 0.000000000 + Originator Timestamp: 0.000000000 + Receive Timestamp: 0.000000000 + Transmit Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) + Originator - Receive Timestamp: 0.000000000 + Originator - Transmit Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) +IP (tos 0xb8, ttl 62, id 8834, offset 0, flags [DF], proto UDP (17), length 76) + 132.199.4.1.123 > 132.199.152.129.49445: NTPv4, Server, length 48 + Leap indicator: (0), Stratum 2 (secondary reference), poll 8 (256s), precision -24 + Root Delay: 0.000320, Root dispersion: 0.036407, Reference-ID: 0x84c707c9 + Reference Timestamp: 3712482106.337741360 (2017-08-23T13:01:46) + Originator Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) + Receive Timestamp: 3712483316.929920629 (2017-08-23T13:21:56) + Transmit Timestamp: 3712483316.929948437 (2017-08-23T13:21:56) + Originator - Receive Timestamp: +0.001441629 + Originator - Transmit Timestamp: +0.001469437 diff --git a/tests/ntp-time--vv.out b/tests/ntp-time--vv.out new file mode 100644 index 00000000..2f57d3dc --- /dev/null +++ b/tests/ntp-time--vv.out @@ -0,0 +1,20 @@ +IP (tos 0x0, ttl 64, id 24704, offset 0, flags [DF], proto UDP (17), length 76) + 132.199.152.129.49445 > 132.199.4.1.123: [udp sum ok] NTPv4, Client, length 48 + Leap indicator: clock unsynchronized (192), Stratum 0 (unspecified), poll 8 (256s), precision 0 + Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec) + Reference Timestamp: 0.000000000 + Originator Timestamp: 0.000000000 + Receive Timestamp: 0.000000000 + Transmit Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) + Originator - Receive Timestamp: 0.000000000 + Originator - Transmit Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) +IP (tos 0xb8, ttl 62, id 8834, offset 0, flags [DF], proto UDP (17), length 76) + 132.199.4.1.123 > 132.199.152.129.49445: [udp sum ok] NTPv4, Server, length 48 + Leap indicator: (0), Stratum 2 (secondary reference), poll 8 (256s), precision -24 + Root Delay: 0.000320, Root dispersion: 0.036407, Reference-ID: 0x84c707c9 + Reference Timestamp: 3712482106.337741360 (2017-08-23T13:01:46) + Originator Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) + Receive Timestamp: 3712483316.929920629 (2017-08-23T13:21:56) + Transmit Timestamp: 3712483316.929948437 (2017-08-23T13:21:56) + Originator - Receive Timestamp: +0.001441629 + Originator - Transmit Timestamp: +0.001469437 diff --git a/tests/ntp-time--vvv.out b/tests/ntp-time--vvv.out new file mode 100644 index 00000000..2f57d3dc --- /dev/null +++ b/tests/ntp-time--vvv.out @@ -0,0 +1,20 @@ +IP (tos 0x0, ttl 64, id 24704, offset 0, flags [DF], proto UDP (17), length 76) + 132.199.152.129.49445 > 132.199.4.1.123: [udp sum ok] NTPv4, Client, length 48 + Leap indicator: clock unsynchronized (192), Stratum 0 (unspecified), poll 8 (256s), precision 0 + Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec) + Reference Timestamp: 0.000000000 + Originator Timestamp: 0.000000000 + Receive Timestamp: 0.000000000 + Transmit Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) + Originator - Receive Timestamp: 0.000000000 + Originator - Transmit Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) +IP (tos 0xb8, ttl 62, id 8834, offset 0, flags [DF], proto UDP (17), length 76) + 132.199.4.1.123 > 132.199.152.129.49445: [udp sum ok] NTPv4, Server, length 48 + Leap indicator: (0), Stratum 2 (secondary reference), poll 8 (256s), precision -24 + Root Delay: 0.000320, Root dispersion: 0.036407, Reference-ID: 0x84c707c9 + Reference Timestamp: 3712482106.337741360 (2017-08-23T13:01:46) + Originator Timestamp: 3712483316.928478999 (2017-08-23T13:21:56) + Receive Timestamp: 3712483316.929920629 (2017-08-23T13:21:56) + Transmit Timestamp: 3712483316.929948437 (2017-08-23T13:21:56) + Originator - Receive Timestamp: +0.001441629 + Originator - Transmit Timestamp: +0.001469437 diff --git a/tests/ntp-time.out b/tests/ntp-time.out new file mode 100644 index 00000000..ab2189e2 --- /dev/null +++ b/tests/ntp-time.out @@ -0,0 +1,2 @@ +IP 132.199.152.129.49445 > 132.199.4.1.123: NTPv4, Client, length 48 +IP 132.199.4.1.123 > 132.199.152.129.49445: NTPv4, Server, length 48 diff --git a/tests/ntp-time.pcap b/tests/ntp-time.pcap new file mode 100644 index 00000000..da187988 Binary files /dev/null and b/tests/ntp-time.pcap differ diff --git a/tests/ntp-v.out b/tests/ntp-v.out new file mode 100644 index 00000000..719b6884 --- /dev/null +++ b/tests/ntp-v.out @@ -0,0 +1,91 @@ +IP (tos 0x0, ttl 64, id 58037, offset 0, flags [DF], proto UDP (17), length 100) + 192.168.100.2.58054 > 192.168.100.1.123: NTPv4, Client, length 72 + Leap indicator: (0), Stratum 0 (unspecified), poll 0 (1s), precision 32 + Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec) + Reference Timestamp: 0.000000000 + Originator Timestamp: 0.000000000 + Receive Timestamp: 0.000000000 + Transmit Timestamp: 2763234513.007738396 (1987-07-25T21:08:33) + Originator - Receive Timestamp: 0.000000000 + Originator - Transmit Timestamp: 2763234513.007738396 (1987-07-25T21:08:33) + Key id: 8 + Authentication: 57ea530f6d74350cc5286bfec1ab8ca747c73584 +IP (tos 0xb8, ttl 64, id 24722, offset 0, flags [DF], proto UDP (17), length 80) + 192.168.100.1.123 > 192.168.100.2.58054: NTPv4, Server, length 52 + Leap indicator: clock unsynchronized (192), Stratum 0 (unspecified), poll 3 (8s), precision -23 + Root Delay: 0.000000, Root dispersion: 0.001373, Reference-ID: (unspec) + Reference Timestamp: 0.000000000 + Originator Timestamp: 2763234513.007738396 (1987-07-25T21:08:33) + Receive Timestamp: 3706870329.516015118 (2017-06-19T14:12:09) + Transmit Timestamp: 3706870329.516074047 (2017-06-19T14:12:09) + Originator - Receive Timestamp: +943635816.508276721 + Originator - Transmit Timestamp: +943635816.508335651 + Key id: 0 +IP (tos 0x0, ttl 64, id 5777, offset 0, flags [DF], proto UDP (17), length 100) + 192.168.100.2.42818 > 192.168.100.1.123: NTPv4, Client, length 72 + Leap indicator: (0), Stratum 0 (unspecified), poll 0 (1s), precision 32 + Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec) + Reference Timestamp: 0.000000000 + Originator Timestamp: 3706870757.473833108 (2017-06-19T14:19:17) + Receive Timestamp: 1802554105.693999877 (1957-02-13T21:28:25) + Transmit Timestamp: 2929527464.107565978 (1992-10-31T13:37:44) + Originator - Receive Timestamp: -1904316651.779833231 + Originator - Transmit Timestamp: -777343293.366267130 + Key id: 8 + Authentication: 8b7e640979156264f3faa5ae979656dd86502431 +IP (tos 0x0, ttl 64, id 64601, offset 0, flags [DF], proto UDP (17), length 100) + 192.168.100.1.123 > 192.168.100.2.42818: NTPv4, Server, length 72 + Leap indicator: (0), Stratum 2 (secondary reference), poll 0 (1s), precision -23 + Root Delay: 0.155502, Root dispersion: 0.001571, Reference-ID: 0x0a051b0a + Reference Timestamp: 3706870757.720418353 (2017-06-19T14:19:17) + Originator Timestamp: 2929527464.107565978 (1992-10-31T13:37:44) + Receive Timestamp: 3706870758.494427815 (2017-06-19T14:19:18) + Transmit Timestamp: 3706870758.494546877 (2017-06-19T14:19:18) + Originator - Receive Timestamp: +777343294.386861836 + Originator - Transmit Timestamp: +777343294.386980899 + Key id: 8 + Authentication: 629990a7fc22cc8467dd88b7af2d220dbe3287d6 +IP (tos 0x0, ttl 64, id 31502, offset 0, flags [DF], proto UDP (17), length 76) + 192.168.100.2.53144 > 192.168.100.1.123: NTPv4, Client, length 48 + Leap indicator: clock unsynchronized (192), Stratum 0 (unspecified), poll 3 (8s), precision -6 + Root Delay: 1.000000, Root dispersion: 1.000000, Reference-ID: (unspec) + Reference Timestamp: 0.000000000 + Originator Timestamp: 0.000000000 + Receive Timestamp: 0.000000000 + Transmit Timestamp: 3706870974.488488492 (2017-06-19T14:22:54) + Originator - Receive Timestamp: 0.000000000 + Originator - Transmit Timestamp: 3706870974.488488492 (2017-06-19T14:22:54) +IP (tos 0x0, ttl 64, id 456, offset 0, flags [DF], proto UDP (17), length 76) + 192.168.100.1.123 > 192.168.100.2.53144: NTPv4, Server, length 48 + Leap indicator: (0), Stratum 2 (secondary reference), poll 3 (8s), precision -23 + Root Delay: 0.155456, Root dispersion: 0.001007, Reference-ID: 0x0a051b0a + Reference Timestamp: 3706870972.021018556 (2017-06-19T14:22:52) + Originator Timestamp: 3706870974.488488492 (2017-06-19T14:22:54) + Receive Timestamp: 3706870974.488540573 (2017-06-19T14:22:54) + Transmit Timestamp: 3706870974.488665335 (2017-06-19T14:22:54) + Originator - Receive Timestamp: +0.000052081 + Originator - Transmit Timestamp: +0.000176842 +IP (tos 0xc0, ttl 64, id 4575, offset 0, flags [DF], proto UDP (17), length 96) + 192.168.100.2.123 > 192.168.100.1.123: NTPv4, Client, length 68 + Leap indicator: clock unsynchronized (192), Stratum 0 (unspecified), poll 6 (64s), precision -25 + Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec) + Reference Timestamp: 0.000000000 + Originator Timestamp: 0.000000000 + Receive Timestamp: 0.000000000 + Transmit Timestamp: 3706872432.800841171 (2017-06-19T14:47:12) + Originator - Receive Timestamp: 0.000000000 + Originator - Transmit Timestamp: 3706872432.800841171 (2017-06-19T14:47:12) + Key id: 8 + Authentication: d5378a09c04da845732097104348843a +IP (tos 0xb8, ttl 64, id 6653, offset 0, flags [DF], proto UDP (17), length 96) + 192.168.100.1.123 > 192.168.100.2.123: NTPv4, Server, length 68 + Leap indicator: (0), Stratum 2 (secondary reference), poll 6 (64s), precision -23 + Root Delay: 0.116577, Root dispersion: 0.001739, Reference-ID: 0x0a0ba0ee + Reference Timestamp: 3706872421.265296222 (2017-06-19T14:47:01) + Originator Timestamp: 3706872432.800841171 (2017-06-19T14:47:12) + Receive Timestamp: 3706872432.799168336 (2017-06-19T14:47:12) + Transmit Timestamp: 3706872432.799217265 (2017-06-19T14:47:12) + Originator - Receive Timestamp: -0.001672834 + Originator - Transmit Timestamp: -0.001623905 + Key id: 8 + Authentication: a7005b034ca215fedfa0d798db37ae9e diff --git a/tests/ntp.out b/tests/ntp.out new file mode 100644 index 00000000..863eea37 --- /dev/null +++ b/tests/ntp.out @@ -0,0 +1,8 @@ +IP 192.168.100.2.58054 > 192.168.100.1.123: NTPv4, Client, length 72 +IP 192.168.100.1.123 > 192.168.100.2.58054: NTPv4, Server, length 52 +IP 192.168.100.2.42818 > 192.168.100.1.123: NTPv4, Client, length 72 +IP 192.168.100.1.123 > 192.168.100.2.42818: NTPv4, Server, length 72 +IP 192.168.100.2.53144 > 192.168.100.1.123: NTPv4, Client, length 48 +IP 192.168.100.1.123 > 192.168.100.2.53144: NTPv4, Server, length 48 +IP 192.168.100.2.123 > 192.168.100.1.123: NTPv4, Client, length 68 +IP 192.168.100.1.123 > 192.168.100.2.123: NTPv4, Server, length 68 diff --git a/tests/ntp.pcap b/tests/ntp.pcap new file mode 100644 index 00000000..2fd5937e Binary files /dev/null and b/tests/ntp.pcap differ diff --git a/tests/radius-rfc3162-v.out b/tests/radius-rfc3162-v.out new file mode 100644 index 00000000..07494078 --- /dev/null +++ b/tests/radius-rfc3162-v.out @@ -0,0 +1,12 @@ +IP (tos 0x0, ttl 64, id 60508, offset 0, flags [DF], proto UDP (17), length 169) + 127.0.0.1.39646 > 127.0.0.1.1812: RADIUS, length: 141 + Access-Request (1), id: 0xf0, Authenticator: 2afdb090418ac6365298fbbb15e0fd2e + User-Name Attribute (1), length: 5, Value: bob + User-Password Attribute (2), length: 18, Value: + NAS-IPv6-Address Attribute (95), length: 18, Value: 2001:db8:a0b:12f0::1 + Framed-IPv6-Prefix Attribute (97), length: 20, Value: 2001:db8:a0b:12f0::/64 + Framed-IPv6-Prefix Attribute (97), length: 12, Value: 2001:db8:a0b:12f0::/64 + Framed-IPv6-Prefix Attribute (97), length: 4, Value: ::/0 + Framed-IPv6-Prefix Attribute (97), length: 3, Value: ERROR: length 1 not in range (2..18) + Framed-IPv6-Prefix Attribute (97), length: 21, Value: ERROR: length 19 not in range (2..18) + Framed-IPv6-Prefix Attribute (97), length: 20, Value: ERROR: netmask 129 not in range (0..128) diff --git a/tests/radius-rfc5176-2-v.out b/tests/radius-rfc5176-2-v.out new file mode 100644 index 00000000..cebbffc8 --- /dev/null +++ b/tests/radius-rfc5176-2-v.out @@ -0,0 +1,7 @@ +IP (tos 0x0, ttl 64, id 41789, offset 0, flags [none], proto UDP (17), length 83) + 127.0.0.1.43124 > 127.0.0.1.1812: RADIUS, length: 55 + Access-Request (1), id: 0xc8, Authenticator: bc6e7022445e359835692c8c121c1985 + User-Name Attribute (1), length: 5, Value: bob + User-Password Attribute (2), length: 18, Value: + Error-Cause Attribute (101), length: 6, Value: Error cause 201: Residual Session Context Removed + Error-Cause Attribute (101), length: 6, Value: Error cause 209: Error-Cause 209 not known diff --git a/tests/whois-v.out b/tests/whois-v.out new file mode 100644 index 00000000..757656da --- /dev/null +++ b/tests/whois-v.out @@ -0,0 +1,34 @@ +IP (tos 0x0, ttl 64, id 32393, offset 0, flags [DF], proto TCP (6), length 60) + 10.0.2.15.44188 > 192.0.47.59.43: Flags [S], cksum 0xfb78 (incorrect -> 0xcc94), seq 2239453442, win 29200, options [mss 1460,sackOK,TS val 2943013729 ecr 0,nop,wscale 6], length 0 +IP (tos 0x0, ttl 64, id 18525, offset 0, flags [none], proto TCP (6), length 44) + 192.0.47.59.43 > 10.0.2.15.44188: Flags [S.], cksum 0xb2ed (correct), seq 9920001, ack 2239453443, win 65535, options [mss 1460], length 0 +IP (tos 0x0, ttl 64, id 32394, offset 0, flags [DF], proto TCP (6), length 40) + 10.0.2.15.44188 > 192.0.47.59.43: Flags [.], cksum 0xfb64 (incorrect -> 0x589a), ack 1, win 29200, length 0 +IP (tos 0x0, ttl 64, id 32395, offset 0, flags [DF], proto TCP (6), length 53) + 10.0.2.15.44188 > 192.0.47.59.43: Flags [P.], cksum 0xfb71 (incorrect -> 0xe187), seq 1:14, ack 1, win 29200, length 13: WHOIS, length: 13 + example.com +IP (tos 0x0, ttl 64, id 18526, offset 0, flags [none], proto TCP (6), length 40) + 192.0.47.59.43 > 10.0.2.15.44188: Flags [.], cksum 0xca9d (correct), ack 14, win 65535, length 0 +IP (tos 0x0, ttl 64, id 18527, offset 0, flags [none], proto TCP (6), length 273) + 192.0.47.59.43 > 10.0.2.15.44188: Flags [P.], cksum 0x4a0c (correct), seq 1:234, ack 14, win 65535, length 233: WHOIS, length: 233 + % IANA WHOIS server + % for more information on IANA, visit http://www.iana.org + % This query returned 1 object + + domain: EXAMPLE.COM + + organisation: Internet Assigned Numbers Authority + + created: 1992-01-01 + source: IANA + +IP (tos 0x0, ttl 64, id 32396, offset 0, flags [DF], proto TCP (6), length 40) + 10.0.2.15.44188 > 192.0.47.59.43: Flags [.], cksum 0xfb64 (incorrect -> 0x5474), ack 234, win 30016, length 0 +IP (tos 0x0, ttl 64, id 18528, offset 0, flags [none], proto TCP (6), length 40) + 192.0.47.59.43 > 10.0.2.15.44188: Flags [F.], cksum 0xc9b3 (correct), seq 234, ack 14, win 65535, length 0 +IP (tos 0x0, ttl 64, id 32397, offset 0, flags [DF], proto TCP (6), length 40) + 10.0.2.15.44188 > 192.0.47.59.43: Flags [.], cksum 0xfb64 (incorrect -> 0x5473), ack 235, win 30016, length 0 +IP (tos 0x0, ttl 64, id 32398, offset 0, flags [DF], proto TCP (6), length 40) + 10.0.2.15.44188 > 192.0.47.59.43: Flags [F.], cksum 0xfb64 (incorrect -> 0x5472), seq 14, ack 235, win 30016, length 0 +IP (tos 0x0, ttl 64, id 18529, offset 0, flags [none], proto TCP (6), length 40) + 192.0.47.59.43 > 10.0.2.15.44188: Flags [.], cksum 0xc9b2 (correct), ack 15, win 65535, length 0 diff --git a/tests/whois.out b/tests/whois.out new file mode 100644 index 00000000..d2e8acbb --- /dev/null +++ b/tests/whois.out @@ -0,0 +1,11 @@ +IP 10.0.2.15.44188 > 192.0.47.59.43: Flags [S], seq 2239453442, win 29200, options [mss 1460,sackOK,TS val 2943013729 ecr 0,nop,wscale 6], length 0 +IP 192.0.47.59.43 > 10.0.2.15.44188: Flags [S.], seq 9920001, ack 2239453443, win 65535, options [mss 1460], length 0 +IP 10.0.2.15.44188 > 192.0.47.59.43: Flags [.], ack 1, win 29200, length 0 +IP 10.0.2.15.44188 > 192.0.47.59.43: Flags [P.], seq 1:14, ack 1, win 29200, length 13: WHOIS: example.com +IP 192.0.47.59.43 > 10.0.2.15.44188: Flags [.], ack 14, win 65535, length 0 +IP 192.0.47.59.43 > 10.0.2.15.44188: Flags [P.], seq 1:234, ack 14, win 65535, length 233: WHOIS: % IANA WHOIS server +IP 10.0.2.15.44188 > 192.0.47.59.43: Flags [.], ack 234, win 30016, length 0 +IP 192.0.47.59.43 > 10.0.2.15.44188: Flags [F.], seq 234, ack 14, win 65535, length 0 +IP 10.0.2.15.44188 > 192.0.47.59.43: Flags [.], ack 235, win 30016, length 0 +IP 10.0.2.15.44188 > 192.0.47.59.43: Flags [F.], seq 14, ack 235, win 30016, length 0 +IP 192.0.47.59.43 > 10.0.2.15.44188: Flags [.], ack 15, win 65535, length 0 diff --git a/tests/whois.pcap b/tests/whois.pcap new file mode 100644 index 00000000..76a003b3 Binary files /dev/null and b/tests/whois.pcap differ diff --git a/update-test.sh b/update-test.sh new file mode 100755 index 00000000..60359d48 --- /dev/null +++ b/update-test.sh @@ -0,0 +1,14 @@ +#!/bin/sh +TEST="$1" +PREFIX=tests +MATCH=0 +while read name input output options +do + [ _$name = _ ] && continue # ignore empty lines + [ _${name#\#} != _$name ] && continue # ignore comment lines + [ $name != "$TEST" ] && continue # not the requested test + [ _$output = _ ] && continue # ignore incomplete lines + MATCH=1 + ./tcpdump -n -t -r "$PREFIX/$input" $options >"$PREFIX/$output" +done < $PREFIX/TESTLIST +[ $MATCH = 0 ] && echo "test $TEST not found" >&2 diff --git a/util-print.c b/util-print.c index 7626c524..892e07a7 100644 --- a/util-print.c +++ b/util-print.c @@ -827,14 +827,21 @@ txtproto_print(netdissect_options *ndo, const u_char *pptr, u_int len, u_int idx, eol; u_char token[MAX_TOKEN+1]; const char *cmd; - int is_reqresp = 0; + int print_this = 0; const char *pnp; if (cmds != NULL) { /* * This protocol has more than just request and * response lines; see whether this looks like a - * request or response. + * request or response and, if so, print it and, + * in verbose mode, print everything after it. + * + * This is for HTTP-like protocols, where we + * want to print requests and responses, but + * don't want to print continuations of request + * or response bodies in packets that don't + * contain the request or response line. */ idx = fetch_token(ndo, pptr, 0, len, token, sizeof(token)); if (idx != 0) { @@ -842,7 +849,7 @@ txtproto_print(netdissect_options *ndo, const u_char *pptr, u_int len, while ((cmd = *cmds++) != NULL) { if (ascii_strcasecmp((const char *)token, cmd) == 0) { /* Yes. */ - is_reqresp = 1; + print_this = 1; break; } } @@ -864,28 +871,36 @@ txtproto_print(netdissect_options *ndo, const u_char *pptr, u_int len, if (isdigit(token[0]) && isdigit(token[1]) && isdigit(token[2]) && token[3] == '\0') { /* Yes. */ - is_reqresp = 1; + print_this = 1; } } } } else { /* - * This protocol has only request and response lines - * (e.g., FTP, where all the data goes over a - * different connection); assume the payload is - * a request or response. + * Either: + * + * 1) This protocol has only request and response lines + * (e.g., FTP, where all the data goes over a different + * connection); assume the payload is a request or + * response. + * + * or + * + * 2) This protocol is just text, so that we should + * always, at minimum, print the first line and, + * in verbose mode, print all lines. */ - is_reqresp = 1; + print_this = 1; } /* Capitalize the protocol name */ for (pnp = protoname; *pnp != '\0'; pnp++) ND_PRINT((ndo, "%c", toupper((u_char)*pnp))); - if (is_reqresp) { + if (print_this) { /* * In non-verbose mode, just print the protocol, followed - * by the first line as the request or response info. + * by the first line. * * In verbose mode, print lines as text until we run out * of characters or see something that's not a @@ -931,11 +946,38 @@ safeputchar(netdissect_options *ndo, ND_PRINT((ndo, (c < 0x80 && ND_ISPRINT(c)) ? "%c" : "\\0x%02x", c)); } -#ifdef LBL_ALIGN +#if (defined(__i386__) || defined(_M_IX86) || defined(__X86__) || defined(__x86_64__) || defined(_M_X64)) || \ + (defined(__arm__) || defined(_M_ARM) || defined(__aarch64__)) || \ + (defined(__m68k__) && (!defined(__mc68000__) && !defined(__mc68010__))) || \ + (defined(__ppc__) || defined(__ppc64__) || defined(_M_PPC) || defined(_ARCH_PPC) || defined(_ARCH_PPC64)) || \ + (defined(__s390__) || defined(__s390x__) || defined(__zarch__)) || \ + defined(__vax__) /* - * Some compilers try to optimize memcpy(), using the alignment constraint - * on the argument pointer type. by using this function, we try to avoid the - * optimization. + * The procesor natively handles unaligned loads, so just use memcpy() + * and memcmp(), to enable those optimizations. + * + * XXX - are those all the x86 tests we need? + * XXX - do we need to worry about ARMv1 through ARMv5, which didn't + * support unaligned loads, and, if so, do we need to worry about all + * of them, or just some of them, e.g. ARMv5? + * XXX - are those the only 68k tests we need not to generated + * unaligned accesses if the target is the 68000 or 68010? + * XXX - are there any tests we don't need, because some definitions are for + * compilers that also predefine the GCC symbols? + * XXX - do we need to test for both 32-bit and 64-bit versions of those + * architectures in all cases? + */ +#else +/* + * The processor doesn't natively handle unaligned loads, + * and the compiler might "helpfully" optimize memcpy() + * and memcmp(), when handed pointers that would normally + * be properly aligned, into sequences that assume proper + * alignment. + * + * Do copies and compares of possibly-unaligned data by + * calling routines that wrap memcpy() and memcmp(), to + * prevent that optimization. */ void unaligned_memcpy(void *p, const void *q, size_t l)