1 /*
2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * Format and print bootp packets.
22 */
23
24 #define NETDISSECT_REWORKED
25 #ifdef HAVE_CONFIG_H
26 #include "config.h"
27 #endif
28
29 #include <tcpdump-stdinc.h>
30
31 #include <string.h>
32
33 #include "interface.h"
34 #include "addrtoname.h"
35 #include "extract.h"
36
37 static const char tstr[] = " [|bootp]";
38
39 /*
40 * Bootstrap Protocol (BOOTP). RFC951 and RFC1048.
41 *
42 * This file specifies the "implementation-independent" BOOTP protocol
43 * information which is common to both client and server.
44 *
45 * Copyright 1988 by Carnegie Mellon.
46 *
47 * Permission to use, copy, modify, and distribute this program for any
48 * purpose and without fee is hereby granted, provided that this copyright
49 * and permission notice appear on all copies and supporting documentation,
50 * the name of Carnegie Mellon not be used in advertising or publicity
51 * pertaining to distribution of the program without specific prior
52 * permission, and notice be given in supporting documentation that copying
53 * and distribution is by permission of Carnegie Mellon and Stanford
54 * University. Carnegie Mellon makes no representations about the
55 * suitability of this software for any purpose. It is provided "as is"
56 * without express or implied warranty.
57 */
58
59 struct bootp {
60 uint8_t bp_op; /* packet opcode type */
61 uint8_t bp_htype; /* hardware addr type */
62 uint8_t bp_hlen; /* hardware addr length */
63 uint8_t bp_hops; /* gateway hops */
64 uint32_t bp_xid; /* transaction ID */
65 uint16_t bp_secs; /* seconds since boot began */
66 uint16_t bp_flags; /* flags - see bootp_flag_values[]
67 in print-bootp.c */
68 struct in_addr bp_ciaddr; /* client IP address */
69 struct in_addr bp_yiaddr; /* 'your' IP address */
70 struct in_addr bp_siaddr; /* server IP address */
71 struct in_addr bp_giaddr; /* gateway IP address */
72 uint8_t bp_chaddr[16]; /* client hardware address */
73 uint8_t bp_sname[64]; /* server host name */
74 uint8_t bp_file[128]; /* boot file name */
75 uint8_t bp_vend[64]; /* vendor-specific area */
76 } UNALIGNED;
77
78 #define BOOTPREPLY 2
79 #define BOOTPREQUEST 1
80
81 /*
82 * Vendor magic cookie (v_magic) for CMU
83 */
84 #define VM_CMU "CMU"
85
86 /*
87 * Vendor magic cookie (v_magic) for RFC1048
88 */
89 #define VM_RFC1048 { 99, 130, 83, 99 }
90
91 /*
92 * RFC1048 tag values used to specify what information is being supplied in
93 * the vendor field of the packet.
94 */
95
96 #define TAG_PAD ((uint8_t) 0)
97 #define TAG_SUBNET_MASK ((uint8_t) 1)
98 #define TAG_TIME_OFFSET ((uint8_t) 2)
99 #define TAG_GATEWAY ((uint8_t) 3)
100 #define TAG_TIME_SERVER ((uint8_t) 4)
101 #define TAG_NAME_SERVER ((uint8_t) 5)
102 #define TAG_DOMAIN_SERVER ((uint8_t) 6)
103 #define TAG_LOG_SERVER ((uint8_t) 7)
104 #define TAG_COOKIE_SERVER ((uint8_t) 8)
105 #define TAG_LPR_SERVER ((uint8_t) 9)
106 #define TAG_IMPRESS_SERVER ((uint8_t) 10)
107 #define TAG_RLP_SERVER ((uint8_t) 11)
108 #define TAG_HOSTNAME ((uint8_t) 12)
109 #define TAG_BOOTSIZE ((uint8_t) 13)
110 #define TAG_END ((uint8_t) 255)
111 /* RFC1497 tags */
112 #define TAG_DUMPPATH ((uint8_t) 14)
113 #define TAG_DOMAINNAME ((uint8_t) 15)
114 #define TAG_SWAP_SERVER ((uint8_t) 16)
115 #define TAG_ROOTPATH ((uint8_t) 17)
116 #define TAG_EXTPATH ((uint8_t) 18)
117 /* RFC2132 */
118 #define TAG_IP_FORWARD ((uint8_t) 19)
119 #define TAG_NL_SRCRT ((uint8_t) 20)
120 #define TAG_PFILTERS ((uint8_t) 21)
121 #define TAG_REASS_SIZE ((uint8_t) 22)
122 #define TAG_DEF_TTL ((uint8_t) 23)
123 #define TAG_MTU_TIMEOUT ((uint8_t) 24)
124 #define TAG_MTU_TABLE ((uint8_t) 25)
125 #define TAG_INT_MTU ((uint8_t) 26)
126 #define TAG_LOCAL_SUBNETS ((uint8_t) 27)
127 #define TAG_BROAD_ADDR ((uint8_t) 28)
128 #define TAG_DO_MASK_DISC ((uint8_t) 29)
129 #define TAG_SUPPLY_MASK ((uint8_t) 30)
130 #define TAG_DO_RDISC ((uint8_t) 31)
131 #define TAG_RTR_SOL_ADDR ((uint8_t) 32)
132 #define TAG_STATIC_ROUTE ((uint8_t) 33)
133 #define TAG_USE_TRAILERS ((uint8_t) 34)
134 #define TAG_ARP_TIMEOUT ((uint8_t) 35)
135 #define TAG_ETH_ENCAP ((uint8_t) 36)
136 #define TAG_TCP_TTL ((uint8_t) 37)
137 #define TAG_TCP_KEEPALIVE ((uint8_t) 38)
138 #define TAG_KEEPALIVE_GO ((uint8_t) 39)
139 #define TAG_NIS_DOMAIN ((uint8_t) 40)
140 #define TAG_NIS_SERVERS ((uint8_t) 41)
141 #define TAG_NTP_SERVERS ((uint8_t) 42)
142 #define TAG_VENDOR_OPTS ((uint8_t) 43)
143 #define TAG_NETBIOS_NS ((uint8_t) 44)
144 #define TAG_NETBIOS_DDS ((uint8_t) 45)
145 #define TAG_NETBIOS_NODE ((uint8_t) 46)
146 #define TAG_NETBIOS_SCOPE ((uint8_t) 47)
147 #define TAG_XWIN_FS ((uint8_t) 48)
148 #define TAG_XWIN_DM ((uint8_t) 49)
149 #define TAG_NIS_P_DOMAIN ((uint8_t) 64)
150 #define TAG_NIS_P_SERVERS ((uint8_t) 65)
151 #define TAG_MOBILE_HOME ((uint8_t) 68)
152 #define TAG_SMPT_SERVER ((uint8_t) 69)
153 #define TAG_POP3_SERVER ((uint8_t) 70)
154 #define TAG_NNTP_SERVER ((uint8_t) 71)
155 #define TAG_WWW_SERVER ((uint8_t) 72)
156 #define TAG_FINGER_SERVER ((uint8_t) 73)
157 #define TAG_IRC_SERVER ((uint8_t) 74)
158 #define TAG_STREETTALK_SRVR ((uint8_t) 75)
159 #define TAG_STREETTALK_STDA ((uint8_t) 76)
160 /* DHCP options */
161 #define TAG_REQUESTED_IP ((uint8_t) 50)
162 #define TAG_IP_LEASE ((uint8_t) 51)
163 #define TAG_OPT_OVERLOAD ((uint8_t) 52)
164 #define TAG_TFTP_SERVER ((uint8_t) 66)
165 #define TAG_BOOTFILENAME ((uint8_t) 67)
166 #define TAG_DHCP_MESSAGE ((uint8_t) 53)
167 #define TAG_SERVER_ID ((uint8_t) 54)
168 #define TAG_PARM_REQUEST ((uint8_t) 55)
169 #define TAG_MESSAGE ((uint8_t) 56)
170 #define TAG_MAX_MSG_SIZE ((uint8_t) 57)
171 #define TAG_RENEWAL_TIME ((uint8_t) 58)
172 #define TAG_REBIND_TIME ((uint8_t) 59)
173 #define TAG_VENDOR_CLASS ((uint8_t) 60)
174 #define TAG_CLIENT_ID ((uint8_t) 61)
175 /* RFC 2241 */
176 #define TAG_NDS_SERVERS ((uint8_t) 85)
177 #define TAG_NDS_TREE_NAME ((uint8_t) 86)
178 #define TAG_NDS_CONTEXT ((uint8_t) 87)
179 /* RFC 2242 */
180 #define TAG_NDS_IPDOMAIN ((uint8_t) 62)
181 #define TAG_NDS_IPINFO ((uint8_t) 63)
182 /* RFC 2485 */
183 #define TAG_OPEN_GROUP_UAP ((uint8_t) 98)
184 /* RFC 2563 */
185 #define TAG_DISABLE_AUTOCONF ((uint8_t) 116)
186 /* RFC 2610 */
187 #define TAG_SLP_DA ((uint8_t) 78)
188 #define TAG_SLP_SCOPE ((uint8_t) 79)
189 /* RFC 2937 */
190 #define TAG_NS_SEARCH ((uint8_t) 117)
191 /* RFC 3004 - The User Class Option for DHCP */
192 #define TAG_USER_CLASS ((uint8_t) 77)
193 /* RFC 3011 */
194 #define TAG_IP4_SUBNET_SELECT ((uint8_t) 118)
195 /* RFC 3442 */
196 #define TAG_CLASSLESS_STATIC_RT ((uint8_t) 121)
197 #define TAG_CLASSLESS_STA_RT_MS ((uint8_t) 249)
198 /* RFC 5859 - TFTP Server Address Option for DHCPv4 */
199 #define TAG_TFTP_SERVER_ADDRESS ((uint8_t) 150)
200 /* ftp://ftp.isi.edu/.../assignments/bootp-dhcp-extensions */
201 #define TAG_SLP_NAMING_AUTH ((uint8_t) 80)
202 #define TAG_CLIENT_FQDN ((uint8_t) 81)
203 #define TAG_AGENT_CIRCUIT ((uint8_t) 82)
204 #define TAG_AGENT_REMOTE ((uint8_t) 83)
205 #define TAG_AGENT_MASK ((uint8_t) 84)
206 #define TAG_TZ_STRING ((uint8_t) 88)
207 #define TAG_FQDN_OPTION ((uint8_t) 89)
208 #define TAG_AUTH ((uint8_t) 90)
209 #define TAG_VINES_SERVERS ((uint8_t) 91)
210 #define TAG_SERVER_RANK ((uint8_t) 92)
211 #define TAG_CLIENT_ARCH ((uint8_t) 93)
212 #define TAG_CLIENT_NDI ((uint8_t) 94)
213 #define TAG_CLIENT_GUID ((uint8_t) 97)
214 #define TAG_LDAP_URL ((uint8_t) 95)
215 #define TAG_6OVER4 ((uint8_t) 96)
216 #define TAG_PRINTER_NAME ((uint8_t) 100)
217 #define TAG_MDHCP_SERVER ((uint8_t) 101)
218 #define TAG_IPX_COMPAT ((uint8_t) 110)
219 #define TAG_NETINFO_PARENT ((uint8_t) 112)
220 #define TAG_NETINFO_PARENT_TAG ((uint8_t) 113)
221 #define TAG_URL ((uint8_t) 114)
222 #define TAG_FAILOVER ((uint8_t) 115)
223 #define TAG_EXTENDED_REQUEST ((uint8_t) 126)
224 #define TAG_EXTENDED_OPTION ((uint8_t) 127)
225
226 /* DHCP Message types (values for TAG_DHCP_MESSAGE option) */
227 #define DHCPDISCOVER 1
228 #define DHCPOFFER 2
229 #define DHCPREQUEST 3
230 #define DHCPDECLINE 4
231 #define DHCPACK 5
232 #define DHCPNAK 6
233 #define DHCPRELEASE 7
234 #define DHCPINFORM 8
235
236 /*
237 * "vendor" data permitted for CMU bootp clients.
238 */
239
240 struct cmu_vend {
241 uint8_t v_magic[4]; /* magic number */
242 uint32_t v_flags; /* flags/opcodes, etc. */
243 struct in_addr v_smask; /* Subnet mask */
244 struct in_addr v_dgate; /* Default gateway */
245 struct in_addr v_dns1, v_dns2; /* Domain name servers */
246 struct in_addr v_ins1, v_ins2; /* IEN-116 name servers */
247 struct in_addr v_ts1, v_ts2; /* Time servers */
248 uint8_t v_unused[24]; /* currently unused */
249 } UNALIGNED;
250
251
252 /* v_flags values */
253 #define VF_SMASK 1 /* Subnet mask field contains valid data */
254
255 /* RFC 4702 DHCP Client FQDN Option */
256
257 #define CLIENT_FQDN_FLAGS_S 0x01
258 #define CLIENT_FQDN_FLAGS_O 0x02
259 #define CLIENT_FQDN_FLAGS_E 0x04
260 #define CLIENT_FQDN_FLAGS_N 0x08
261 /* end of original bootp.h */
262
263 static void rfc1048_print(netdissect_options *, const u_char *);
264 static void cmu_print(netdissect_options *, const u_char *);
265 static char *client_fqdn_flags(u_int flags);
266
267 static const struct tok bootp_flag_values[] = {
268 { 0x8000, "Broadcast" },
269 { 0, NULL}
270 };
271
272 static const struct tok bootp_op_values[] = {
273 { BOOTPREQUEST, "Request" },
274 { BOOTPREPLY, "Reply" },
275 { 0, NULL}
276 };
277
278 /*
279 * Print bootp requests
280 */
281 void
bootp_print(netdissect_options * ndo,register const u_char * cp,u_int length)282 bootp_print(netdissect_options *ndo,
283 register const u_char *cp, u_int length)
284 {
285 register const struct bootp *bp;
286 static const u_char vm_cmu[4] = VM_CMU;
287 static const u_char vm_rfc1048[4] = VM_RFC1048;
288
289 bp = (const struct bootp *)cp;
290 ND_TCHECK(bp->bp_op);
291
292 ND_PRINT((ndo, "BOOTP/DHCP, %s",
293 tok2str(bootp_op_values, "unknown (0x%02x)", bp->bp_op)));
294
295 if (bp->bp_htype == 1 && bp->bp_hlen == 6 && bp->bp_op == BOOTPREQUEST) {
296 ND_TCHECK2(bp->bp_chaddr[0], 6);
297 ND_PRINT((ndo, " from %s", etheraddr_string(ndo, bp->bp_chaddr)));
298 }
299
300 ND_PRINT((ndo, ", length %u", length));
301
302 if (!ndo->ndo_vflag)
303 return;
304
305 ND_TCHECK(bp->bp_secs);
306
307 /* The usual hardware address type is 1 (10Mb Ethernet) */
308 if (bp->bp_htype != 1)
309 ND_PRINT((ndo, ", htype %d", bp->bp_htype));
310
311 /* The usual length for 10Mb Ethernet address is 6 bytes */
312 if (bp->bp_htype != 1 || bp->bp_hlen != 6)
313 ND_PRINT((ndo, ", hlen %d", bp->bp_hlen));
314
315 /* Only print interesting fields */
316 if (bp->bp_hops)
317 ND_PRINT((ndo, ", hops %d", bp->bp_hops));
318 if (EXTRACT_32BITS(&bp->bp_xid))
319 ND_PRINT((ndo, ", xid 0x%x", EXTRACT_32BITS(&bp->bp_xid)));
320 if (EXTRACT_16BITS(&bp->bp_secs))
321 ND_PRINT((ndo, ", secs %d", EXTRACT_16BITS(&bp->bp_secs)));
322
323 ND_PRINT((ndo, ", Flags [%s]",
324 bittok2str(bootp_flag_values, "none", EXTRACT_16BITS(&bp->bp_flags))));
325 if (ndo->ndo_vflag > 1)
326 ND_PRINT((ndo, " (0x%04x)", EXTRACT_16BITS(&bp->bp_flags)));
327
328 /* Client's ip address */
329 ND_TCHECK(bp->bp_ciaddr);
330 if (EXTRACT_32BITS(&bp->bp_ciaddr.s_addr))
331 ND_PRINT((ndo, "\n\t Client-IP %s", ipaddr_string(ndo, &bp->bp_ciaddr)));
332
333 /* 'your' ip address (bootp client) */
334 ND_TCHECK(bp->bp_yiaddr);
335 if (EXTRACT_32BITS(&bp->bp_yiaddr.s_addr))
336 ND_PRINT((ndo, "\n\t Your-IP %s", ipaddr_string(ndo, &bp->bp_yiaddr)));
337
338 /* Server's ip address */
339 ND_TCHECK(bp->bp_siaddr);
340 if (EXTRACT_32BITS(&bp->bp_siaddr.s_addr))
341 ND_PRINT((ndo, "\n\t Server-IP %s", ipaddr_string(ndo, &bp->bp_siaddr)));
342
343 /* Gateway's ip address */
344 ND_TCHECK(bp->bp_giaddr);
345 if (EXTRACT_32BITS(&bp->bp_giaddr.s_addr))
346 ND_PRINT((ndo, "\n\t Gateway-IP %s", ipaddr_string(ndo, &bp->bp_giaddr)));
347
348 /* Client's Ethernet address */
349 if (bp->bp_htype == 1 && bp->bp_hlen == 6) {
350 ND_TCHECK2(bp->bp_chaddr[0], 6);
351 ND_PRINT((ndo, "\n\t Client-Ethernet-Address %s", etheraddr_string(ndo, bp->bp_chaddr)));
352 }
353
354 ND_TCHECK2(bp->bp_sname[0], 1); /* check first char only */
355 if (*bp->bp_sname) {
356 ND_PRINT((ndo, "\n\t sname \""));
357 if (fn_print(ndo, bp->bp_sname, ndo->ndo_snapend)) {
358 ND_PRINT((ndo, "\""));
359 ND_PRINT((ndo, "%s", tstr + 1));
360 return;
361 }
362 ND_PRINT((ndo, "\""));
363 }
364 ND_TCHECK2(bp->bp_file[0], 1); /* check first char only */
365 if (*bp->bp_file) {
366 ND_PRINT((ndo, "\n\t file \""));
367 if (fn_print(ndo, bp->bp_file, ndo->ndo_snapend)) {
368 ND_PRINT((ndo, "\""));
369 ND_PRINT((ndo, "%s", tstr + 1));
370 return;
371 }
372 ND_PRINT((ndo, "\""));
373 }
374
375 /* Decode the vendor buffer */
376 ND_TCHECK(bp->bp_vend[0]);
377 if (memcmp((const char *)bp->bp_vend, vm_rfc1048,
378 sizeof(uint32_t)) == 0)
379 rfc1048_print(ndo, bp->bp_vend);
380 else if (memcmp((const char *)bp->bp_vend, vm_cmu,
381 sizeof(uint32_t)) == 0)
382 cmu_print(ndo, bp->bp_vend);
383 else {
384 uint32_t ul;
385
386 ul = EXTRACT_32BITS(&bp->bp_vend);
387 if (ul != 0)
388 ND_PRINT((ndo, "\n\t Vendor-#0x%x", ul));
389 }
390
391 return;
392 trunc:
393 ND_PRINT((ndo, "%s", tstr));
394 }
395
396 /*
397 * The first character specifies the format to print:
398 * i - ip address (32 bits)
399 * p - ip address pairs (32 bits + 32 bits)
400 * l - long (32 bits)
401 * L - unsigned long (32 bits)
402 * s - short (16 bits)
403 * b - period-seperated decimal bytes (variable length)
404 * x - colon-seperated hex bytes (variable length)
405 * a - ascii string (variable length)
406 * B - on/off (8 bits)
407 * $ - special (explicit code to handle)
408 */
409 static const struct tok tag2str[] = {
410 /* RFC1048 tags */
411 { TAG_PAD, " PAD" },
412 { TAG_SUBNET_MASK, "iSubnet-Mask" }, /* subnet mask (RFC950) */
413 { TAG_TIME_OFFSET, "LTime-Zone" }, /* seconds from UTC */
414 { TAG_GATEWAY, "iDefault-Gateway" }, /* default gateway */
415 { TAG_TIME_SERVER, "iTime-Server" }, /* time servers (RFC868) */
416 { TAG_NAME_SERVER, "iIEN-Name-Server" }, /* IEN name servers (IEN116) */
417 { TAG_DOMAIN_SERVER, "iDomain-Name-Server" }, /* domain name (RFC1035) */
418 { TAG_LOG_SERVER, "iLOG" }, /* MIT log servers */
419 { TAG_COOKIE_SERVER, "iCS" }, /* cookie servers (RFC865) */
420 { TAG_LPR_SERVER, "iLPR-Server" }, /* lpr server (RFC1179) */
421 { TAG_IMPRESS_SERVER, "iIM" }, /* impress servers (Imagen) */
422 { TAG_RLP_SERVER, "iRL" }, /* resource location (RFC887) */
423 { TAG_HOSTNAME, "aHostname" }, /* ascii hostname */
424 { TAG_BOOTSIZE, "sBS" }, /* 512 byte blocks */
425 { TAG_END, " END" },
426 /* RFC1497 tags */
427 { TAG_DUMPPATH, "aDP" },
428 { TAG_DOMAINNAME, "aDomain-Name" },
429 { TAG_SWAP_SERVER, "iSS" },
430 { TAG_ROOTPATH, "aRP" },
431 { TAG_EXTPATH, "aEP" },
432 /* RFC2132 tags */
433 { TAG_IP_FORWARD, "BIPF" },
434 { TAG_NL_SRCRT, "BSRT" },
435 { TAG_PFILTERS, "pPF" },
436 { TAG_REASS_SIZE, "sRSZ" },
437 { TAG_DEF_TTL, "bTTL" },
438 { TAG_MTU_TIMEOUT, "lMTU-Timeout" },
439 { TAG_MTU_TABLE, "sMTU-Table" },
440 { TAG_INT_MTU, "sMTU" },
441 { TAG_LOCAL_SUBNETS, "BLSN" },
442 { TAG_BROAD_ADDR, "iBR" },
443 { TAG_DO_MASK_DISC, "BMD" },
444 { TAG_SUPPLY_MASK, "BMS" },
445 { TAG_DO_RDISC, "BRouter-Discovery" },
446 { TAG_RTR_SOL_ADDR, "iRSA" },
447 { TAG_STATIC_ROUTE, "pStatic-Route" },
448 { TAG_USE_TRAILERS, "BUT" },
449 { TAG_ARP_TIMEOUT, "lAT" },
450 { TAG_ETH_ENCAP, "BIE" },
451 { TAG_TCP_TTL, "bTT" },
452 { TAG_TCP_KEEPALIVE, "lKI" },
453 { TAG_KEEPALIVE_GO, "BKG" },
454 { TAG_NIS_DOMAIN, "aYD" },
455 { TAG_NIS_SERVERS, "iYS" },
456 { TAG_NTP_SERVERS, "iNTP" },
457 { TAG_VENDOR_OPTS, "bVendor-Option" },
458 { TAG_NETBIOS_NS, "iNetbios-Name-Server" },
459 { TAG_NETBIOS_DDS, "iWDD" },
460 { TAG_NETBIOS_NODE, "$Netbios-Node" },
461 { TAG_NETBIOS_SCOPE, "aNetbios-Scope" },
462 { TAG_XWIN_FS, "iXFS" },
463 { TAG_XWIN_DM, "iXDM" },
464 { TAG_NIS_P_DOMAIN, "sN+D" },
465 { TAG_NIS_P_SERVERS, "iN+S" },
466 { TAG_MOBILE_HOME, "iMH" },
467 { TAG_SMPT_SERVER, "iSMTP" },
468 { TAG_POP3_SERVER, "iPOP3" },
469 { TAG_NNTP_SERVER, "iNNTP" },
470 { TAG_WWW_SERVER, "iWWW" },
471 { TAG_FINGER_SERVER, "iFG" },
472 { TAG_IRC_SERVER, "iIRC" },
473 { TAG_STREETTALK_SRVR, "iSTS" },
474 { TAG_STREETTALK_STDA, "iSTDA" },
475 { TAG_REQUESTED_IP, "iRequested-IP" },
476 { TAG_IP_LEASE, "lLease-Time" },
477 { TAG_OPT_OVERLOAD, "$OO" },
478 { TAG_TFTP_SERVER, "aTFTP" },
479 { TAG_BOOTFILENAME, "aBF" },
480 { TAG_DHCP_MESSAGE, " DHCP-Message" },
481 { TAG_SERVER_ID, "iServer-ID" },
482 { TAG_PARM_REQUEST, "bParameter-Request" },
483 { TAG_MESSAGE, "aMSG" },
484 { TAG_MAX_MSG_SIZE, "sMSZ" },
485 { TAG_RENEWAL_TIME, "lRN" },
486 { TAG_REBIND_TIME, "lRB" },
487 { TAG_VENDOR_CLASS, "aVendor-Class" },
488 { TAG_CLIENT_ID, "$Client-ID" },
489 /* RFC 2485 */
490 { TAG_OPEN_GROUP_UAP, "aUAP" },
491 /* RFC 2563 */
492 { TAG_DISABLE_AUTOCONF, "BNOAUTO" },
493 /* RFC 2610 */
494 { TAG_SLP_DA, "bSLP-DA" }, /*"b" is a little wrong */
495 { TAG_SLP_SCOPE, "bSLP-SCOPE" }, /*"b" is a little wrong */
496 /* RFC 2937 */
497 { TAG_NS_SEARCH, "sNSSEARCH" }, /* XXX 's' */
498 /* RFC 3004 - The User Class Option for DHCP */
499 { TAG_USER_CLASS, "$User-Class" },
500 /* RFC 3011 */
501 { TAG_IP4_SUBNET_SELECT, "iSUBNET" },
502 /* RFC 3442 */
503 { TAG_CLASSLESS_STATIC_RT, "$Classless-Static-Route" },
504 { TAG_CLASSLESS_STA_RT_MS, "$Classless-Static-Route-Microsoft" },
505 /* RFC 5859 - TFTP Server Address Option for DHCPv4 */
506 { TAG_TFTP_SERVER_ADDRESS, "iTFTP-Server-Address" },
507 /* http://www.iana.org/assignments/bootp-dhcp-extensions/index.htm */
508 { TAG_SLP_NAMING_AUTH, "aSLP-NA" },
509 { TAG_CLIENT_FQDN, "$FQDN" },
510 { TAG_AGENT_CIRCUIT, "$Agent-Information" },
511 { TAG_AGENT_REMOTE, "bARMT" },
512 { TAG_AGENT_MASK, "bAMSK" },
513 { TAG_TZ_STRING, "aTZSTR" },
514 { TAG_FQDN_OPTION, "bFQDNS" }, /* XXX 'b' */
515 { TAG_AUTH, "bAUTH" }, /* XXX 'b' */
516 { TAG_VINES_SERVERS, "iVINES" },
517 { TAG_SERVER_RANK, "sRANK" },
518 { TAG_CLIENT_ARCH, "sARCH" },
519 { TAG_CLIENT_NDI, "bNDI" }, /* XXX 'b' */
520 { TAG_CLIENT_GUID, "bGUID" }, /* XXX 'b' */
521 { TAG_LDAP_URL, "aLDAP" },
522 { TAG_6OVER4, "i6o4" },
523 { TAG_PRINTER_NAME, "aPRTR" },
524 { TAG_MDHCP_SERVER, "bMDHCP" }, /* XXX 'b' */
525 { TAG_IPX_COMPAT, "bIPX" }, /* XXX 'b' */
526 { TAG_NETINFO_PARENT, "iNI" },
527 { TAG_NETINFO_PARENT_TAG, "aNITAG" },
528 { TAG_URL, "aURL" },
529 { TAG_FAILOVER, "bFAIL" }, /* XXX 'b' */
530 { 0, NULL }
531 };
532 /* 2-byte extended tags */
533 static const struct tok xtag2str[] = {
534 { 0, NULL }
535 };
536
537 /* DHCP "options overload" types */
538 static const struct tok oo2str[] = {
539 { 1, "file" },
540 { 2, "sname" },
541 { 3, "file+sname" },
542 { 0, NULL }
543 };
544
545 /* NETBIOS over TCP/IP node type options */
546 static const struct tok nbo2str[] = {
547 { 0x1, "b-node" },
548 { 0x2, "p-node" },
549 { 0x4, "m-node" },
550 { 0x8, "h-node" },
551 { 0, NULL }
552 };
553
554 /* ARP Hardware types, for Client-ID option */
555 static const struct tok arp2str[] = {
556 { 0x1, "ether" },
557 { 0x6, "ieee802" },
558 { 0x7, "arcnet" },
559 { 0xf, "frelay" },
560 { 0x17, "strip" },
561 { 0x18, "ieee1394" },
562 { 0, NULL }
563 };
564
565 static const struct tok dhcp_msg_values[] = {
566 { DHCPDISCOVER, "Discover" },
567 { DHCPOFFER, "Offer" },
568 { DHCPREQUEST, "Request" },
569 { DHCPDECLINE, "Decline" },
570 { DHCPACK, "ACK" },
571 { DHCPNAK, "NACK" },
572 { DHCPRELEASE, "Release" },
573 { DHCPINFORM, "Inform" },
574 { 0, NULL }
575 };
576
577 #define AGENT_SUBOPTION_CIRCUIT_ID 1 /* RFC 3046 */
578 #define AGENT_SUBOPTION_REMOTE_ID 2 /* RFC 3046 */
579 #define AGENT_SUBOPTION_SUBSCRIBER_ID 6 /* RFC 3993 */
580 static const struct tok agent_suboption_values[] = {
581 { AGENT_SUBOPTION_CIRCUIT_ID, "Circuit-ID" },
582 { AGENT_SUBOPTION_REMOTE_ID, "Remote-ID" },
583 { AGENT_SUBOPTION_SUBSCRIBER_ID, "Subscriber-ID" },
584 { 0, NULL }
585 };
586
587
588 static void
rfc1048_print(netdissect_options * ndo,register const u_char * bp)589 rfc1048_print(netdissect_options *ndo,
590 register const u_char *bp)
591 {
592 register uint16_t tag;
593 register u_int len;
594 register const char *cp;
595 register char c;
596 int first, idx;
597 uint32_t ul;
598 uint16_t us;
599 uint8_t uc, subopt, suboptlen;
600
601 ND_PRINT((ndo, "\n\t Vendor-rfc1048 Extensions"));
602
603 /* Step over magic cookie */
604 ND_PRINT((ndo, "\n\t Magic Cookie 0x%08x", EXTRACT_32BITS(bp)));
605 bp += sizeof(int32_t);
606
607 /* Loop while we there is a tag left in the buffer */
608 while (ND_TTEST2(*bp, 1)) {
609 tag = *bp++;
610 if (tag == TAG_PAD && ndo->ndo_vflag < 3)
611 continue;
612 if (tag == TAG_END && ndo->ndo_vflag < 3)
613 return;
614 if (tag == TAG_EXTENDED_OPTION) {
615 ND_TCHECK2(*(bp + 1), 2);
616 tag = EXTRACT_16BITS(bp + 1);
617 /* XXX we don't know yet if the IANA will
618 * preclude overlap of 1-byte and 2-byte spaces.
619 * If not, we need to offset tag after this step.
620 */
621 cp = tok2str(xtag2str, "?xT%u", tag);
622 } else
623 cp = tok2str(tag2str, "?T%u", tag);
624 c = *cp++;
625
626 if (tag == TAG_PAD || tag == TAG_END)
627 len = 0;
628 else {
629 /* Get the length; check for truncation */
630 ND_TCHECK2(*bp, 1);
631 len = *bp++;
632 }
633
634 ND_PRINT((ndo, "\n\t %s Option %u, length %u%s", cp, tag, len,
635 len > 0 ? ": " : ""));
636
637 if (tag == TAG_PAD && ndo->ndo_vflag > 2) {
638 u_int ntag = 1;
639 while (ND_TTEST2(*bp, 1) && *bp == TAG_PAD) {
640 bp++;
641 ntag++;
642 }
643 if (ntag > 1)
644 ND_PRINT((ndo, ", occurs %u", ntag));
645 }
646
647 if (!ND_TTEST2(*bp, len)) {
648 ND_PRINT((ndo, "[|rfc1048 %u]", len));
649 return;
650 }
651
652 if (tag == TAG_DHCP_MESSAGE && len == 1) {
653 uc = *bp++;
654 ND_PRINT((ndo, "%s", tok2str(dhcp_msg_values, "Unknown (%u)", uc)));
655 continue;
656 }
657
658 if (tag == TAG_PARM_REQUEST) {
659 idx = 0;
660 while (len-- > 0) {
661 uc = *bp++;
662 cp = tok2str(tag2str, "?Option %u", uc);
663 if (idx % 4 == 0)
664 ND_PRINT((ndo, "\n\t "));
665 else
666 ND_PRINT((ndo, ", "));
667 ND_PRINT((ndo, "%s", cp + 1));
668 idx++;
669 }
670 continue;
671 }
672
673 if (tag == TAG_EXTENDED_REQUEST) {
674 first = 1;
675 while (len > 1) {
676 len -= 2;
677 us = EXTRACT_16BITS(bp);
678 bp += 2;
679 cp = tok2str(xtag2str, "?xT%u", us);
680 if (!first)
681 ND_PRINT((ndo, "+"));
682 ND_PRINT((ndo, "%s", cp + 1));
683 first = 0;
684 }
685 continue;
686 }
687
688 /* Print data */
689 if (c == '?') {
690 /* Base default formats for unknown tags on data size */
691 if (len & 1)
692 c = 'b';
693 else if (len & 2)
694 c = 's';
695 else
696 c = 'l';
697 }
698 first = 1;
699 switch (c) {
700
701 case 'a':
702 /* ascii strings */
703 ND_PRINT((ndo, "\""));
704 if (fn_printn(ndo, bp, len, ndo->ndo_snapend)) {
705 ND_PRINT((ndo, "\""));
706 goto trunc;
707 }
708 ND_PRINT((ndo, "\""));
709 bp += len;
710 len = 0;
711 break;
712
713 case 'i':
714 case 'l':
715 case 'L':
716 /* ip addresses/32-bit words */
717 while (len >= sizeof(ul)) {
718 if (!first)
719 ND_PRINT((ndo, ","));
720 ul = EXTRACT_32BITS(bp);
721 if (c == 'i') {
722 ul = htonl(ul);
723 ND_PRINT((ndo, "%s", ipaddr_string(ndo, &ul)));
724 } else if (c == 'L')
725 ND_PRINT((ndo, "%d", ul));
726 else
727 ND_PRINT((ndo, "%u", ul));
728 bp += sizeof(ul);
729 len -= sizeof(ul);
730 first = 0;
731 }
732 break;
733
734 case 'p':
735 /* IP address pairs */
736 while (len >= 2*sizeof(ul)) {
737 if (!first)
738 ND_PRINT((ndo, ","));
739 memcpy((char *)&ul, (const char *)bp, sizeof(ul));
740 ND_PRINT((ndo, "(%s:", ipaddr_string(ndo, &ul)));
741 bp += sizeof(ul);
742 memcpy((char *)&ul, (const char *)bp, sizeof(ul));
743 ND_PRINT((ndo, "%s)", ipaddr_string(ndo, &ul)));
744 bp += sizeof(ul);
745 len -= 2*sizeof(ul);
746 first = 0;
747 }
748 break;
749
750 case 's':
751 /* shorts */
752 while (len >= sizeof(us)) {
753 if (!first)
754 ND_PRINT((ndo, ","));
755 us = EXTRACT_16BITS(bp);
756 ND_PRINT((ndo, "%u", us));
757 bp += sizeof(us);
758 len -= sizeof(us);
759 first = 0;
760 }
761 break;
762
763 case 'B':
764 /* boolean */
765 while (len > 0) {
766 if (!first)
767 ND_PRINT((ndo, ","));
768 switch (*bp) {
769 case 0:
770 ND_PRINT((ndo, "N"));
771 break;
772 case 1:
773 ND_PRINT((ndo, "Y"));
774 break;
775 default:
776 ND_PRINT((ndo, "%u?", *bp));
777 break;
778 }
779 ++bp;
780 --len;
781 first = 0;
782 }
783 break;
784
785 case 'b':
786 case 'x':
787 default:
788 /* Bytes */
789 while (len > 0) {
790 if (!first)
791 ND_PRINT((ndo, c == 'x' ? ":" : "."));
792 if (c == 'x')
793 ND_PRINT((ndo, "%02x", *bp));
794 else
795 ND_PRINT((ndo, "%u", *bp));
796 ++bp;
797 --len;
798 first = 0;
799 }
800 break;
801
802 case '$':
803 /* Guys we can't handle with one of the usual cases */
804 switch (tag) {
805
806 case TAG_NETBIOS_NODE:
807 /* this option should be at least 1 byte long */
808 if (len < 1) {
809 ND_PRINT((ndo, "ERROR: length < 1 bytes"));
810 break;
811 }
812 tag = *bp++;
813 --len;
814 ND_PRINT((ndo, "%s", tok2str(nbo2str, NULL, tag)));
815 break;
816
817 case TAG_OPT_OVERLOAD:
818 /* this option should be at least 1 byte long */
819 if (len < 1) {
820 ND_PRINT((ndo, "ERROR: length < 1 bytes"));
821 break;
822 }
823 tag = *bp++;
824 --len;
825 ND_PRINT((ndo, "%s", tok2str(oo2str, NULL, tag)));
826 break;
827
828 case TAG_CLIENT_FQDN:
829 /* this option should be at least 3 bytes long */
830 if (len < 3) {
831 ND_PRINT((ndo, "ERROR: length < 3 bytes"));
832 bp += len;
833 len = 0;
834 break;
835 }
836 if (*bp)
837 ND_PRINT((ndo, "[%s] ", client_fqdn_flags(*bp)));
838 bp++;
839 if (*bp || *(bp+1))
840 ND_PRINT((ndo, "%u/%u ", *bp, *(bp+1)));
841 bp += 2;
842 ND_PRINT((ndo, "\""));
843 if (fn_printn(ndo, bp, len - 3, ndo->ndo_snapend)) {
844 ND_PRINT((ndo, "\""));
845 goto trunc;
846 }
847 ND_PRINT((ndo, "\""));
848 bp += len - 3;
849 len = 0;
850 break;
851
852 case TAG_CLIENT_ID:
853 {
854 int type;
855
856 /* this option should be at least 1 byte long */
857 if (len < 1) {
858 ND_PRINT((ndo, "ERROR: length < 1 bytes"));
859 break;
860 }
861 type = *bp++;
862 len--;
863 if (type == 0) {
864 ND_PRINT((ndo, "\""));
865 if (fn_printn(ndo, bp, len, ndo->ndo_snapend)) {
866 ND_PRINT((ndo, "\""));
867 goto trunc;
868 }
869 ND_PRINT((ndo, "\""));
870 bp += len;
871 len = 0;
872 break;
873 } else {
874 ND_PRINT((ndo, "%s ", tok2str(arp2str, "hardware-type %u,", type)));
875 while (len > 0) {
876 if (!first)
877 ND_PRINT((ndo, ":"));
878 ND_PRINT((ndo, "%02x", *bp));
879 ++bp;
880 --len;
881 first = 0;
882 }
883 }
884 break;
885 }
886
887 case TAG_AGENT_CIRCUIT:
888 while (len >= 2) {
889 subopt = *bp++;
890 suboptlen = *bp++;
891 len -= 2;
892 if (suboptlen > len) {
893 ND_PRINT((ndo, "\n\t %s SubOption %u, length %u: length goes past end of option",
894 tok2str(agent_suboption_values, "Unknown", subopt),
895 subopt,
896 suboptlen));
897 bp += len;
898 len = 0;
899 break;
900 }
901 ND_PRINT((ndo, "\n\t %s SubOption %u, length %u: ",
902 tok2str(agent_suboption_values, "Unknown", subopt),
903 subopt,
904 suboptlen));
905 switch (subopt) {
906
907 case AGENT_SUBOPTION_CIRCUIT_ID: /* fall through */
908 case AGENT_SUBOPTION_REMOTE_ID:
909 case AGENT_SUBOPTION_SUBSCRIBER_ID:
910 if (fn_printn(ndo, bp, suboptlen, ndo->ndo_snapend))
911 goto trunc;
912 break;
913
914 default:
915 print_unknown_data(ndo, bp, "\n\t\t", suboptlen);
916 }
917
918 len -= suboptlen;
919 bp += suboptlen;
920 }
921 break;
922
923 case TAG_CLASSLESS_STATIC_RT:
924 case TAG_CLASSLESS_STA_RT_MS:
925 {
926 u_int mask_width, significant_octets, i;
927
928 /* this option should be at least 5 bytes long */
929 if (len < 5) {
930 ND_PRINT((ndo, "ERROR: length < 5 bytes"));
931 bp += len;
932 len = 0;
933 break;
934 }
935 while (len > 0) {
936 if (!first)
937 ND_PRINT((ndo, ","));
938 mask_width = *bp++;
939 len--;
940 /* mask_width <= 32 */
941 if (mask_width > 32) {
942 ND_PRINT((ndo, "[ERROR: Mask width (%d) > 32]", mask_width));
943 bp += len;
944 len = 0;
945 break;
946 }
947 significant_octets = (mask_width + 7) / 8;
948 /* significant octets + router(4) */
949 if (len < significant_octets + 4) {
950 ND_PRINT((ndo, "[ERROR: Remaining length (%u) < %u bytes]", len, significant_octets + 4));
951 bp += len;
952 len = 0;
953 break;
954 }
955 ND_PRINT((ndo, "("));
956 if (mask_width == 0)
957 ND_PRINT((ndo, "default"));
958 else {
959 for (i = 0; i < significant_octets ; i++) {
960 if (i > 0)
961 ND_PRINT((ndo, "."));
962 ND_PRINT((ndo, "%d", *bp++));
963 }
964 for (i = significant_octets ; i < 4 ; i++)
965 ND_PRINT((ndo, ".0"));
966 ND_PRINT((ndo, "/%d", mask_width));
967 }
968 memcpy((char *)&ul, (const char *)bp, sizeof(ul));
969 ND_PRINT((ndo, ":%s)", ipaddr_string(ndo, &ul)));
970 bp += sizeof(ul);
971 len -= (significant_octets + 4);
972 first = 0;
973 }
974 break;
975 }
976
977 case TAG_USER_CLASS:
978 {
979 u_int suboptnumber = 1;
980
981 first = 1;
982 if (len < 2) {
983 ND_PRINT((ndo, "ERROR: length < 2 bytes"));
984 bp += len;
985 len = 0;
986 break;
987 }
988 while (len > 0) {
989 suboptlen = *bp++;
990 len--;
991 ND_PRINT((ndo, "\n\t "));
992 ND_PRINT((ndo, "instance#%u: ", suboptnumber));
993 if (suboptlen == 0) {
994 ND_PRINT((ndo, "ERROR: suboption length must be non-zero"));
995 bp += len;
996 len = 0;
997 break;
998 }
999 if (len < suboptlen) {
1000 ND_PRINT((ndo, "ERROR: malformed option"));
1001 bp += len;
1002 len = 0;
1003 break;
1004 }
1005 ND_PRINT((ndo, "\""));
1006 if (fn_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) {
1007 ND_PRINT((ndo, "\""));
1008 goto trunc;
1009 }
1010 ND_PRINT((ndo, "\""));
1011 ND_PRINT((ndo, ", length %d", suboptlen));
1012 suboptnumber++;
1013 len -= suboptlen;
1014 bp += suboptlen;
1015 }
1016 break;
1017 }
1018
1019 default:
1020 ND_PRINT((ndo, "[unknown special tag %u, size %u]",
1021 tag, len));
1022 bp += len;
1023 len = 0;
1024 break;
1025 }
1026 break;
1027 }
1028 /* Data left over? */
1029 if (len) {
1030 ND_PRINT((ndo, "\n\t trailing data length %u", len));
1031 bp += len;
1032 }
1033 }
1034 return;
1035 trunc:
1036 ND_PRINT((ndo, "|[rfc1048]"));
1037 }
1038
1039 static void
cmu_print(netdissect_options * ndo,register const u_char * bp)1040 cmu_print(netdissect_options *ndo,
1041 register const u_char *bp)
1042 {
1043 register const struct cmu_vend *cmu;
1044
1045 #define PRINTCMUADDR(m, s) { ND_TCHECK(cmu->m); \
1046 if (cmu->m.s_addr != 0) \
1047 ND_PRINT((ndo, " %s:%s", s, ipaddr_string(ndo, &cmu->m.s_addr))); }
1048
1049 ND_PRINT((ndo, " vend-cmu"));
1050 cmu = (const struct cmu_vend *)bp;
1051
1052 /* Only print if there are unknown bits */
1053 ND_TCHECK(cmu->v_flags);
1054 if ((cmu->v_flags & ~(VF_SMASK)) != 0)
1055 ND_PRINT((ndo, " F:0x%x", cmu->v_flags));
1056 PRINTCMUADDR(v_dgate, "DG");
1057 PRINTCMUADDR(v_smask, cmu->v_flags & VF_SMASK ? "SM" : "SM*");
1058 PRINTCMUADDR(v_dns1, "NS1");
1059 PRINTCMUADDR(v_dns2, "NS2");
1060 PRINTCMUADDR(v_ins1, "IEN1");
1061 PRINTCMUADDR(v_ins2, "IEN2");
1062 PRINTCMUADDR(v_ts1, "TS1");
1063 PRINTCMUADDR(v_ts2, "TS2");
1064 return;
1065
1066 trunc:
1067 ND_PRINT((ndo, "%s", tstr));
1068 #undef PRINTCMUADDR
1069 }
1070
1071 static char *
client_fqdn_flags(u_int flags)1072 client_fqdn_flags(u_int flags)
1073 {
1074 static char buf[8+1];
1075 int i = 0;
1076
1077 if (flags & CLIENT_FQDN_FLAGS_S)
1078 buf[i++] = 'S';
1079 if (flags & CLIENT_FQDN_FLAGS_O)
1080 buf[i++] = 'O';
1081 if (flags & CLIENT_FQDN_FLAGS_E)
1082 buf[i++] = 'E';
1083 if (flags & CLIENT_FQDN_FLAGS_N)
1084 buf[i++] = 'N';
1085 buf[i] = '\0';
1086
1087 return buf;
1088 }
1089