1 /*
2  * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that: (1) source code distributions
7  * retain the above copyright notice and this paragraph in its entirety, (2)
8  * distributions including binary code include the above copyright notice and
9  * this paragraph in its entirety in the documentation or other materials
10  * provided with the distribution, and (3) all advertising materials mentioning
11  * features or use of this software display the following acknowledgement:
12  * ``This product includes software developed by the University of California,
13  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14  * the University nor the names of its contributors may be used to endorse
15  * or promote products derived from this software without specific prior
16  * written permission.
17  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20  *
21  * Format and print bootp packets.
22  */
23 #ifndef lint
24 static const char rcsid[] _U_ =
25     "@(#) $Header: /tcpdump/master/tcpdump/print-bootp.c,v 1.89 2008-04-22 09:45:08 hannes Exp $ (LBL)";
26 #endif
27 
28 #ifdef HAVE_CONFIG_H
29 #include "config.h"
30 #endif
31 
32 #include <tcpdump-stdinc.h>
33 
34 #include <stdio.h>
35 #include <string.h>
36 
37 #include "interface.h"
38 #include "addrtoname.h"
39 #include "extract.h"
40 #include "ether.h"
41 #include "bootp.h"
42 
43 static void rfc1048_print(const u_char *);
44 static void cmu_print(const u_char *);
45 static char *client_fqdn_flags(u_int flags);
46 
47 static char tstr[] = " [|bootp]";
48 
49 static const struct tok bootp_flag_values[] = {
50     { 0x8000,                   "Broadcast" },
51     { 0, NULL}
52 };
53 
54 static const struct tok bootp_op_values[] = {
55     { BOOTPREQUEST,             "Request" },
56     { BOOTPREPLY,               "Reply" },
57     { 0, NULL}
58 };
59 
60 /*
61  * Print bootp requests
62  */
63 void
bootp_print(register const u_char * cp,u_int length)64 bootp_print(register const u_char *cp, u_int length)
65 {
66 	register const struct bootp *bp;
67 	static const u_char vm_cmu[4] = VM_CMU;
68 	static const u_char vm_rfc1048[4] = VM_RFC1048;
69 
70 	bp = (const struct bootp *)cp;
71 	TCHECK(bp->bp_op);
72 
73         printf("BOOTP/DHCP, %s",
74 	       tok2str(bootp_op_values, "unknown (0x%02x)", bp->bp_op));
75 
76 	if (bp->bp_htype == 1 && bp->bp_hlen == 6 && bp->bp_op == BOOTPREQUEST) {
77 		TCHECK2(bp->bp_chaddr[0], 6);
78 		printf(" from %s", etheraddr_string(bp->bp_chaddr));
79 	}
80 
81         printf(", length %u", length);
82 
83         if (!vflag)
84             return;
85 
86 	TCHECK(bp->bp_secs);
87 
88 	/* The usual hardware address type is 1 (10Mb Ethernet) */
89 	if (bp->bp_htype != 1)
90 		printf(", htype %d", bp->bp_htype);
91 
92 	/* The usual length for 10Mb Ethernet address is 6 bytes */
93 	if (bp->bp_htype != 1 || bp->bp_hlen != 6)
94 		printf(", hlen %d", bp->bp_hlen);
95 
96 	/* Only print interesting fields */
97 	if (bp->bp_hops)
98 		printf(", hops %d", bp->bp_hops);
99 	if (EXTRACT_32BITS(&bp->bp_xid))
100 		printf(", xid 0x%x", EXTRACT_32BITS(&bp->bp_xid));
101 	if (EXTRACT_16BITS(&bp->bp_secs))
102 		printf(", secs %d", EXTRACT_16BITS(&bp->bp_secs));
103 
104 	printf(", Flags [%s]",
105 		bittok2str(bootp_flag_values, "none", EXTRACT_16BITS(&bp->bp_flags)));
106 	if (vflag > 1)
107 		printf(" (0x%04x)", EXTRACT_16BITS(&bp->bp_flags));
108 
109 	/* Client's ip address */
110 	TCHECK(bp->bp_ciaddr);
111 	if (EXTRACT_32BITS(&bp->bp_ciaddr.s_addr))
112 		printf("\n\t  Client-IP %s", ipaddr_string(&bp->bp_ciaddr));
113 
114 	/* 'your' ip address (bootp client) */
115 	TCHECK(bp->bp_yiaddr);
116 	if (EXTRACT_32BITS(&bp->bp_yiaddr.s_addr))
117 		printf("\n\t  Your-IP %s", ipaddr_string(&bp->bp_yiaddr));
118 
119 	/* Server's ip address */
120 	TCHECK(bp->bp_siaddr);
121 	if (EXTRACT_32BITS(&bp->bp_siaddr.s_addr))
122 		printf("\n\t  Server-IP %s", ipaddr_string(&bp->bp_siaddr));
123 
124 	/* Gateway's ip address */
125 	TCHECK(bp->bp_giaddr);
126 	if (EXTRACT_32BITS(&bp->bp_giaddr.s_addr))
127 		printf("\n\t  Gateway-IP %s", ipaddr_string(&bp->bp_giaddr));
128 
129 	/* Client's Ethernet address */
130 	if (bp->bp_htype == 1 && bp->bp_hlen == 6) {
131 		TCHECK2(bp->bp_chaddr[0], 6);
132 		printf("\n\t  Client-Ethernet-Address %s", etheraddr_string(bp->bp_chaddr));
133 	}
134 
135 	TCHECK2(bp->bp_sname[0], 1);		/* check first char only */
136 	if (*bp->bp_sname) {
137 		printf("\n\t  sname \"");
138 		if (fn_print(bp->bp_sname, snapend)) {
139 			putchar('"');
140 			fputs(tstr + 1, stdout);
141 			return;
142 		}
143 		putchar('"');
144 	}
145 	TCHECK2(bp->bp_file[0], 1);		/* check first char only */
146 	if (*bp->bp_file) {
147 		printf("\n\t  file \"");
148 		if (fn_print(bp->bp_file, snapend)) {
149 			putchar('"');
150 			fputs(tstr + 1, stdout);
151 			return;
152 		}
153 		putchar('"');
154 	}
155 
156 	/* Decode the vendor buffer */
157 	TCHECK(bp->bp_vend[0]);
158 	if (memcmp((const char *)bp->bp_vend, vm_rfc1048,
159 		 sizeof(u_int32_t)) == 0)
160 		rfc1048_print(bp->bp_vend);
161 	else if (memcmp((const char *)bp->bp_vend, vm_cmu,
162 		      sizeof(u_int32_t)) == 0)
163 		cmu_print(bp->bp_vend);
164 	else {
165 		u_int32_t ul;
166 
167 		ul = EXTRACT_32BITS(&bp->bp_vend);
168 		if (ul != 0)
169 			printf("\n\t  Vendor-#0x%x", ul);
170 	}
171 
172 	return;
173 trunc:
174 	fputs(tstr, stdout);
175 }
176 
177 /*
178  * The first character specifies the format to print:
179  *     i - ip address (32 bits)
180  *     p - ip address pairs (32 bits + 32 bits)
181  *     l - long (32 bits)
182  *     L - unsigned long (32 bits)
183  *     s - short (16 bits)
184  *     b - period-seperated decimal bytes (variable length)
185  *     x - colon-seperated hex bytes (variable length)
186  *     a - ascii string (variable length)
187  *     B - on/off (8 bits)
188  *     $ - special (explicit code to handle)
189  */
190 static const struct tok tag2str[] = {
191 /* RFC1048 tags */
192 	{ TAG_PAD,		" PAD" },
193 	{ TAG_SUBNET_MASK,	"iSubnet-Mask" },	/* subnet mask (RFC950) */
194 	{ TAG_TIME_OFFSET,	"LTime-Zone" },	/* seconds from UTC */
195 	{ TAG_GATEWAY,		"iDefault-Gateway" },	/* default gateway */
196 	{ TAG_TIME_SERVER,	"iTime-Server" },	/* time servers (RFC868) */
197 	{ TAG_NAME_SERVER,	"iIEN-Name-Server" },	/* IEN name servers (IEN116) */
198 	{ TAG_DOMAIN_SERVER,	"iDomain-Name-Server" },	/* domain name (RFC1035) */
199 	{ TAG_LOG_SERVER,	"iLOG" },	/* MIT log servers */
200 	{ TAG_COOKIE_SERVER,	"iCS" },	/* cookie servers (RFC865) */
201 	{ TAG_LPR_SERVER,	"iLPR-Server" },	/* lpr server (RFC1179) */
202 	{ TAG_IMPRESS_SERVER,	"iIM" },	/* impress servers (Imagen) */
203 	{ TAG_RLP_SERVER,	"iRL" },	/* resource location (RFC887) */
204 	{ TAG_HOSTNAME,		"aHostname" },	/* ascii hostname */
205 	{ TAG_BOOTSIZE,		"sBS" },	/* 512 byte blocks */
206 	{ TAG_END,		" END" },
207 /* RFC1497 tags */
208 	{ TAG_DUMPPATH,		"aDP" },
209 	{ TAG_DOMAINNAME,	"aDomain-Name" },
210 	{ TAG_SWAP_SERVER,	"iSS" },
211 	{ TAG_ROOTPATH,		"aRP" },
212 	{ TAG_EXTPATH,		"aEP" },
213 /* RFC2132 tags */
214 	{ TAG_IP_FORWARD,	"BIPF" },
215 	{ TAG_NL_SRCRT,		"BSRT" },
216 	{ TAG_PFILTERS,		"pPF" },
217 	{ TAG_REASS_SIZE,	"sRSZ" },
218 	{ TAG_DEF_TTL,		"bTTL" },
219 	{ TAG_MTU_TIMEOUT,	"lMTU-Timeout" },
220 	{ TAG_MTU_TABLE,	"sMTU-Table" },
221 	{ TAG_INT_MTU,		"sMTU" },
222 	{ TAG_LOCAL_SUBNETS,	"BLSN" },
223 	{ TAG_BROAD_ADDR,	"iBR" },
224 	{ TAG_DO_MASK_DISC,	"BMD" },
225 	{ TAG_SUPPLY_MASK,	"BMS" },
226 	{ TAG_DO_RDISC,		"BRouter-Discovery" },
227 	{ TAG_RTR_SOL_ADDR,	"iRSA" },
228 	{ TAG_STATIC_ROUTE,	"pStatic-Route" },
229 	{ TAG_USE_TRAILERS,	"BUT" },
230 	{ TAG_ARP_TIMEOUT,	"lAT" },
231 	{ TAG_ETH_ENCAP,	"BIE" },
232 	{ TAG_TCP_TTL,		"bTT" },
233 	{ TAG_TCP_KEEPALIVE,	"lKI" },
234 	{ TAG_KEEPALIVE_GO,	"BKG" },
235 	{ TAG_NIS_DOMAIN,	"aYD" },
236 	{ TAG_NIS_SERVERS,	"iYS" },
237 	{ TAG_NTP_SERVERS,	"iNTP" },
238 	{ TAG_VENDOR_OPTS,	"bVendor-Option" },
239 	{ TAG_NETBIOS_NS,	"iNetbios-Name-Server" },
240 	{ TAG_NETBIOS_DDS,	"iWDD" },
241 	{ TAG_NETBIOS_NODE,	"$Netbios-Node" },
242 	{ TAG_NETBIOS_SCOPE,	"aNetbios-Scope" },
243 	{ TAG_XWIN_FS,		"iXFS" },
244 	{ TAG_XWIN_DM,		"iXDM" },
245 	{ TAG_NIS_P_DOMAIN,	"sN+D" },
246 	{ TAG_NIS_P_SERVERS,	"iN+S" },
247 	{ TAG_MOBILE_HOME,	"iMH" },
248 	{ TAG_SMPT_SERVER,	"iSMTP" },
249 	{ TAG_POP3_SERVER,	"iPOP3" },
250 	{ TAG_NNTP_SERVER,	"iNNTP" },
251 	{ TAG_WWW_SERVER,	"iWWW" },
252 	{ TAG_FINGER_SERVER,	"iFG" },
253 	{ TAG_IRC_SERVER,	"iIRC" },
254 	{ TAG_STREETTALK_SRVR,	"iSTS" },
255 	{ TAG_STREETTALK_STDA,	"iSTDA" },
256 	{ TAG_REQUESTED_IP,	"iRequested-IP" },
257 	{ TAG_IP_LEASE,		"lLease-Time" },
258 	{ TAG_OPT_OVERLOAD,	"$OO" },
259 	{ TAG_TFTP_SERVER,	"aTFTP" },
260 	{ TAG_BOOTFILENAME,	"aBF" },
261 	{ TAG_DHCP_MESSAGE,	" DHCP-Message" },
262 	{ TAG_SERVER_ID,	"iServer-ID" },
263 	{ TAG_PARM_REQUEST,	"bParameter-Request" },
264 	{ TAG_MESSAGE,		"aMSG" },
265 	{ TAG_MAX_MSG_SIZE,	"sMSZ" },
266 	{ TAG_RENEWAL_TIME,	"lRN" },
267 	{ TAG_REBIND_TIME,	"lRB" },
268 	{ TAG_VENDOR_CLASS,	"aVendor-Class" },
269 	{ TAG_CLIENT_ID,	"$Client-ID" },
270 /* RFC 2485 */
271 	{ TAG_OPEN_GROUP_UAP,	"aUAP" },
272 /* RFC 2563 */
273 	{ TAG_DISABLE_AUTOCONF,	"BNOAUTO" },
274 /* RFC 2610 */
275 	{ TAG_SLP_DA,		"bSLP-DA" },	/*"b" is a little wrong */
276 	{ TAG_SLP_SCOPE,	"bSLP-SCOPE" },	/*"b" is a little wrong */
277 /* RFC 2937 */
278 	{ TAG_NS_SEARCH,	"sNSSEARCH" },	/* XXX 's' */
279 /* RFC 3011 */
280 	{ TAG_IP4_SUBNET_SELECT, "iSUBNET" },
281 /* RFC 3442 */
282 	{ TAG_CLASSLESS_STATIC_RT, "$Classless-Static-Route" },
283 	{ TAG_CLASSLESS_STA_RT_MS, "$Classless-Static-Route-Microsoft" },
284 /* http://www.iana.org/assignments/bootp-dhcp-extensions/index.htm */
285 	{ TAG_USER_CLASS,	"aCLASS" },
286 	{ TAG_SLP_NAMING_AUTH,	"aSLP-NA" },
287 	{ TAG_CLIENT_FQDN,	"$FQDN" },
288 	{ TAG_AGENT_CIRCUIT,	"$Agent-Information" },
289 	{ TAG_AGENT_REMOTE,	"bARMT" },
290 	{ TAG_AGENT_MASK,	"bAMSK" },
291 	{ TAG_TZ_STRING,	"aTZSTR" },
292 	{ TAG_FQDN_OPTION,	"bFQDNS" },	/* XXX 'b' */
293 	{ TAG_AUTH,		"bAUTH" },	/* XXX 'b' */
294 	{ TAG_VINES_SERVERS,	"iVINES" },
295 	{ TAG_SERVER_RANK,	"sRANK" },
296 	{ TAG_CLIENT_ARCH,	"sARCH" },
297 	{ TAG_CLIENT_NDI,	"bNDI" },	/* XXX 'b' */
298 	{ TAG_CLIENT_GUID,	"bGUID" },	/* XXX 'b' */
299 	{ TAG_LDAP_URL,		"aLDAP" },
300 	{ TAG_6OVER4,		"i6o4" },
301 	{ TAG_PRINTER_NAME,	"aPRTR" },
302 	{ TAG_MDHCP_SERVER,	"bMDHCP" },	/* XXX 'b' */
303 	{ TAG_IPX_COMPAT,	"bIPX" },	/* XXX 'b' */
304 	{ TAG_NETINFO_PARENT,	"iNI" },
305 	{ TAG_NETINFO_PARENT_TAG, "aNITAG" },
306 	{ TAG_URL,		"aURL" },
307 	{ TAG_FAILOVER,		"bFAIL" },	/* XXX 'b' */
308 	{ 0,			NULL }
309 };
310 /* 2-byte extended tags */
311 static const struct tok xtag2str[] = {
312 	{ 0,			NULL }
313 };
314 
315 /* DHCP "options overload" types */
316 static const struct tok oo2str[] = {
317 	{ 1,			"file" },
318 	{ 2,			"sname" },
319 	{ 3,			"file+sname" },
320 	{ 0,			NULL }
321 };
322 
323 /* NETBIOS over TCP/IP node type options */
324 static const struct tok nbo2str[] = {
325 	{ 0x1,			"b-node" },
326 	{ 0x2,			"p-node" },
327 	{ 0x4,			"m-node" },
328 	{ 0x8,			"h-node" },
329 	{ 0,			NULL }
330 };
331 
332 /* ARP Hardware types, for Client-ID option */
333 static const struct tok arp2str[] = {
334 	{ 0x1,			"ether" },
335 	{ 0x6,			"ieee802" },
336 	{ 0x7,			"arcnet" },
337 	{ 0xf,			"frelay" },
338 	{ 0x17,			"strip" },
339 	{ 0x18,			"ieee1394" },
340 	{ 0,			NULL }
341 };
342 
343 static const struct tok dhcp_msg_values[] = {
344         { DHCPDISCOVER, "Discover" },
345         { DHCPOFFER, "Offer" },
346         { DHCPREQUEST, "Request" },
347         { DHCPDECLINE, "Decline" },
348         { DHCPACK, "ACK" },
349         { DHCPNAK, "NACK" },
350         { DHCPRELEASE, "Release" },
351         { DHCPINFORM, "Inform" },
352         { 0,			NULL }
353 };
354 
355 #define AGENT_SUBOPTION_CIRCUIT_ID 	1	/* RFC 3046 */
356 #define AGENT_SUBOPTION_REMOTE_ID  	2	/* RFC 3046 */
357 #define AGENT_SUBOPTION_SUBSCRIBER_ID 	6	/* RFC 3993 */
358 static const struct tok agent_suboption_values[] = {
359         { AGENT_SUBOPTION_CIRCUIT_ID, "Circuit-ID" },
360         { AGENT_SUBOPTION_REMOTE_ID, "Remote-ID" },
361         { AGENT_SUBOPTION_SUBSCRIBER_ID, "Subscriber-ID" },
362         { 0,			NULL }
363 };
364 
365 
366 static void
rfc1048_print(register const u_char * bp)367 rfc1048_print(register const u_char *bp)
368 {
369 	register u_int16_t tag;
370 	register u_int len;
371 	register const char *cp;
372 	register char c;
373 	int first, idx;
374 	u_int32_t ul;
375 	u_int16_t us;
376 	u_int8_t uc, subopt, suboptlen;
377 
378 	printf("\n\t  Vendor-rfc1048 Extensions");
379 
380 	/* Step over magic cookie */
381         printf("\n\t    Magic Cookie 0x%08x", EXTRACT_32BITS(bp));
382 	bp += sizeof(int32_t);
383 
384 	/* Loop while we there is a tag left in the buffer */
385 	while (TTEST2(*bp, 1)) {
386 		tag = *bp++;
387 		if (tag == TAG_PAD && vflag < 3)
388 			continue;
389 		if (tag == TAG_END && vflag < 3)
390 			return;
391 		if (tag == TAG_EXTENDED_OPTION) {
392 			TCHECK2(*(bp + 1), 2);
393 			tag = EXTRACT_16BITS(bp + 1);
394 			/* XXX we don't know yet if the IANA will
395 			 * preclude overlap of 1-byte and 2-byte spaces.
396 			 * If not, we need to offset tag after this step.
397 			 */
398 			cp = tok2str(xtag2str, "?xT%u", tag);
399 		} else
400 			cp = tok2str(tag2str, "?T%u", tag);
401 		c = *cp++;
402 
403 		if (tag == TAG_PAD || tag == TAG_END)
404 			len = 0;
405 		else {
406 			/* Get the length; check for truncation */
407 			TCHECK2(*bp, 1);
408 			len = *bp++;
409 		}
410 
411 		printf("\n\t    %s Option %u, length %u%s", cp, tag, len,
412 		    len > 0 ? ": " : "");
413 
414 		if (tag == TAG_PAD && vflag > 2) {
415 			u_int ntag = 1;
416 			while (TTEST2(*bp, 1) && *bp == TAG_PAD) {
417 				bp++;
418 				ntag++;
419 			}
420 			if (ntag > 1)
421 				printf(", occurs %u", ntag);
422 		}
423 
424 		if (!TTEST2(*bp, len)) {
425 			printf("[|rfc1048 %u]", len);
426 			return;
427 		}
428 
429 		if (tag == TAG_DHCP_MESSAGE && len == 1) {
430 			uc = *bp++;
431                         printf("%s", tok2str(dhcp_msg_values, "Unknown (%u)", uc));
432                         continue;
433 		}
434 
435 		if (tag == TAG_PARM_REQUEST) {
436 			idx = 0;
437 			while (len-- > 0) {
438 				uc = *bp++;
439 				cp = tok2str(tag2str, "?Option %u", uc);
440 				if (idx % 4 == 0)
441 					printf("\n\t      ");
442 				else
443 					printf(", ");
444 				printf("%s", cp + 1);
445 				idx++;
446 			}
447 			continue;
448 		}
449 
450 		if (tag == TAG_EXTENDED_REQUEST) {
451 			first = 1;
452 			while (len > 1) {
453 				len -= 2;
454 				us = EXTRACT_16BITS(bp);
455 				bp += 2;
456 				cp = tok2str(xtag2str, "?xT%u", us);
457 				if (!first)
458 					putchar('+');
459 				printf("%s", cp + 1);
460 				first = 0;
461 			}
462 			continue;
463 		}
464 
465 		/* Print data */
466 		if (c == '?') {
467 			/* Base default formats for unknown tags on data size */
468 			if (len & 1)
469 				c = 'b';
470 			else if (len & 2)
471 				c = 's';
472 			else
473 				c = 'l';
474 		}
475 		first = 1;
476 		switch (c) {
477 
478 		case 'a':
479 			/* ascii strings */
480 			putchar('"');
481 			if (fn_printn(bp, len, snapend)) {
482 				putchar('"');
483 				goto trunc;
484 			}
485 			putchar('"');
486 			bp += len;
487 			len = 0;
488 			break;
489 
490 		case 'i':
491 		case 'l':
492 		case 'L':
493 			/* ip addresses/32-bit words */
494 			while (len >= sizeof(ul)) {
495 				if (!first)
496 					putchar(',');
497 				ul = EXTRACT_32BITS(bp);
498 				if (c == 'i') {
499 					ul = htonl(ul);
500 					printf("%s", ipaddr_string(&ul));
501 				} else if (c == 'L')
502 					printf("%d", ul);
503 				else
504 					printf("%u", ul);
505 				bp += sizeof(ul);
506 				len -= sizeof(ul);
507 				first = 0;
508 			}
509 			break;
510 
511 		case 'p':
512 			/* IP address pairs */
513 			while (len >= 2*sizeof(ul)) {
514 				if (!first)
515 					putchar(',');
516 				memcpy((char *)&ul, (const char *)bp, sizeof(ul));
517 				printf("(%s:", ipaddr_string(&ul));
518 				bp += sizeof(ul);
519 				memcpy((char *)&ul, (const char *)bp, sizeof(ul));
520 				printf("%s)", ipaddr_string(&ul));
521 				bp += sizeof(ul);
522 				len -= 2*sizeof(ul);
523 				first = 0;
524 			}
525 			break;
526 
527 		case 's':
528 			/* shorts */
529 			while (len >= sizeof(us)) {
530 				if (!first)
531 					putchar(',');
532 				us = EXTRACT_16BITS(bp);
533 				printf("%u", us);
534 				bp += sizeof(us);
535 				len -= sizeof(us);
536 				first = 0;
537 			}
538 			break;
539 
540 		case 'B':
541 			/* boolean */
542 			while (len > 0) {
543 				if (!first)
544 					putchar(',');
545 				switch (*bp) {
546 				case 0:
547 					putchar('N');
548 					break;
549 				case 1:
550 					putchar('Y');
551 					break;
552 				default:
553 					printf("%u?", *bp);
554 					break;
555 				}
556 				++bp;
557 				--len;
558 				first = 0;
559 			}
560 			break;
561 
562 		case 'b':
563 		case 'x':
564 		default:
565 			/* Bytes */
566 			while (len > 0) {
567 				if (!first)
568 					putchar(c == 'x' ? ':' : '.');
569 				if (c == 'x')
570 					printf("%02x", *bp);
571 				else
572 					printf("%u", *bp);
573 				++bp;
574 				--len;
575 				first = 0;
576 			}
577 			break;
578 
579 		case '$':
580 			/* Guys we can't handle with one of the usual cases */
581 			switch (tag) {
582 
583 			case TAG_NETBIOS_NODE:
584 				/* this option should be at least 1 byte long */
585 				if (len < 1)  {
586 					printf("ERROR: option %u len %u < 1 bytes",
587 					    TAG_NETBIOS_NODE, len);
588 					break;
589 				}
590 				tag = *bp++;
591 				--len;
592 				fputs(tok2str(nbo2str, NULL, tag), stdout);
593 				break;
594 
595 			case TAG_OPT_OVERLOAD:
596 				/* this option should be at least 1 byte long */
597 				if (len < 1)  {
598 					printf("ERROR: option %u len %u < 1 bytes",
599 					    TAG_OPT_OVERLOAD, len);
600 					break;
601 				}
602 				tag = *bp++;
603 				--len;
604 				fputs(tok2str(oo2str, NULL, tag), stdout);
605 				break;
606 
607 			case TAG_CLIENT_FQDN:
608 				/* this option should be at least 3 bytes long */
609 				if (len < 3)  {
610 					printf("ERROR: option %u len %u < 3 bytes",
611 					    TAG_CLIENT_FQDN, len);
612 					bp += len;
613 					len = 0;
614 					break;
615 				}
616 				if (*bp)
617 					printf("[%s] ", client_fqdn_flags(*bp));
618 				bp++;
619 				if (*bp || *(bp+1))
620 					printf("%u/%u ", *bp, *(bp+1));
621 				bp += 2;
622 				putchar('"');
623 				if (fn_printn(bp, len - 3, snapend)) {
624 					putchar('"');
625 					goto trunc;
626 				}
627 				putchar('"');
628 				bp += len - 3;
629 				len = 0;
630 				break;
631 
632 			case TAG_CLIENT_ID:
633 			    {	int type;
634 
635 				/* this option should be at least 1 byte long */
636 				if (len < 1)  {
637 					printf("ERROR: option %u len %u < 1 bytes",
638 					    TAG_CLIENT_ID, len);
639 					break;
640 				}
641 				type = *bp++;
642 				len--;
643 				if (type == 0) {
644 					putchar('"');
645 					if (fn_printn(bp, len, snapend)) {
646 						putchar('"');
647 						goto trunc;
648 					}
649 					putchar('"');
650 					bp += len;
651 					len = 0;
652 					break;
653 				} else {
654 					printf("%s ", tok2str(arp2str, "hardware-type %u,", type));
655 					while (len > 0) {
656 						if (!first)
657 							putchar(':');
658 						printf("%02x", *bp);
659 						++bp;
660 						--len;
661 						first = 0;
662 					}
663 				}
664 				break;
665 			    }
666 
667 			case TAG_AGENT_CIRCUIT:
668 				while (len >= 2) {
669 					subopt = *bp++;
670 					suboptlen = *bp++;
671 					len -= 2;
672 					if (suboptlen > len) {
673 						printf("\n\t      %s SubOption %u, length %u: length goes past end of option",
674 						   tok2str(agent_suboption_values, "Unknown", subopt),
675 						   subopt,
676 						   suboptlen);
677 						bp += len;
678 						len = 0;
679 						break;
680 					}
681 					printf("\n\t      %s SubOption %u, length %u: ",
682 					   tok2str(agent_suboption_values, "Unknown", subopt),
683 					   subopt,
684 					   suboptlen);
685 					switch (subopt) {
686 
687                                         case AGENT_SUBOPTION_CIRCUIT_ID: /* fall through */
688                                         case AGENT_SUBOPTION_REMOTE_ID:
689                                         case AGENT_SUBOPTION_SUBSCRIBER_ID:
690                                                 fn_printn(bp, suboptlen, NULL);
691                                                 break;
692 
693 					default:
694 						print_unknown_data(bp, "\n\t\t", suboptlen);
695 					}
696 
697 					len -= suboptlen;
698 					bp += suboptlen;
699 			    }
700 			    break;
701 
702 			case TAG_CLASSLESS_STATIC_RT:
703 			case TAG_CLASSLESS_STA_RT_MS:
704 			{
705 				u_int mask_width, significant_octets, i;
706 
707 				/* this option should be at least 5 bytes long */
708 				if (len < 5)  {
709 					printf("ERROR: option %u len %u < 5 bytes",
710 					    TAG_CLASSLESS_STATIC_RT, len);
711 					bp += len;
712 					len = 0;
713 					break;
714 				}
715 				while (len > 0) {
716 					if (!first)
717 						putchar(',');
718 					mask_width = *bp++;
719 					len--;
720 					/* mask_width <= 32 */
721 					if (mask_width > 32) {
722 						printf("[ERROR: Mask width (%d) > 32]",  mask_width);
723 						bp += len;
724 						len = 0;
725 						break;
726 					}
727 					significant_octets = (mask_width + 7) / 8;
728 					/* significant octets + router(4) */
729 					if (len < significant_octets + 4) {
730 						printf("[ERROR: Remaining length (%u) < %u bytes]",  len, significant_octets + 4);
731 						bp += len;
732 						len = 0;
733 						break;
734 					}
735 					putchar('(');
736 					if (mask_width == 0)
737 						printf("default");
738 					else {
739 						for (i = 0; i < significant_octets ; i++) {
740 							if (i > 0)
741 								putchar('.');
742 							printf("%d", *bp++);
743 						}
744 						for (i = significant_octets ; i < 4 ; i++)
745 							printf(".0");
746 						printf("/%d", mask_width);
747 					}
748 					memcpy((char *)&ul, (const char *)bp, sizeof(ul));
749 					printf(":%s)", ipaddr_string(&ul));
750 					bp += sizeof(ul);
751 					len -= (significant_octets + 4);
752 					first = 0;
753 				}
754 			}
755 			break;
756 
757 			default:
758 				printf("[unknown special tag %u, size %u]",
759 				    tag, len);
760 				bp += len;
761 				len = 0;
762 				break;
763 			}
764 			break;
765 		}
766 		/* Data left over? */
767 		if (len) {
768 			printf("\n\t  trailing data length %u", len);
769 			bp += len;
770 		}
771 	}
772 	return;
773 trunc:
774 	printf("|[rfc1048]");
775 }
776 
777 static void
cmu_print(register const u_char * bp)778 cmu_print(register const u_char *bp)
779 {
780 	register const struct cmu_vend *cmu;
781 
782 #define PRINTCMUADDR(m, s) { TCHECK(cmu->m); \
783     if (cmu->m.s_addr != 0) \
784 	printf(" %s:%s", s, ipaddr_string(&cmu->m.s_addr)); }
785 
786 	printf(" vend-cmu");
787 	cmu = (const struct cmu_vend *)bp;
788 
789 	/* Only print if there are unknown bits */
790 	TCHECK(cmu->v_flags);
791 	if ((cmu->v_flags & ~(VF_SMASK)) != 0)
792 		printf(" F:0x%x", cmu->v_flags);
793 	PRINTCMUADDR(v_dgate, "DG");
794 	PRINTCMUADDR(v_smask, cmu->v_flags & VF_SMASK ? "SM" : "SM*");
795 	PRINTCMUADDR(v_dns1, "NS1");
796 	PRINTCMUADDR(v_dns2, "NS2");
797 	PRINTCMUADDR(v_ins1, "IEN1");
798 	PRINTCMUADDR(v_ins2, "IEN2");
799 	PRINTCMUADDR(v_ts1, "TS1");
800 	PRINTCMUADDR(v_ts2, "TS2");
801 	return;
802 
803 trunc:
804 	fputs(tstr, stdout);
805 #undef PRINTCMUADDR
806 }
807 
808 static char *
client_fqdn_flags(u_int flags)809 client_fqdn_flags(u_int flags)
810 {
811 	static char buf[8+1];
812 	int i = 0;
813 
814 	if (flags & CLIENT_FQDN_FLAGS_S)
815 		buf[i++] = 'S';
816 	if (flags & CLIENT_FQDN_FLAGS_O)
817 		buf[i++] = 'O';
818 	if (flags & CLIENT_FQDN_FLAGS_E)
819 		buf[i++] = 'E';
820 	if (flags & CLIENT_FQDN_FLAGS_N)
821 		buf[i++] = 'N';
822 	buf[i] = '\0';
823 
824 	return buf;
825 }
826