1 /* 2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 */ 21 22 /* \summary: BOOTP and IPv4 DHCP printer */ 23 24 #include <sys/cdefs.h> 25 #ifndef lint 26 __RCSID("$NetBSD: print-bootp.c,v 1.11 2023/08/17 20:19:40 christos Exp $"); 27 #endif 28 29 #ifdef HAVE_CONFIG_H 30 #include <config.h> 31 #endif 32 33 #include "netdissect-stdinc.h" 34 35 #include <string.h> 36 37 #include "netdissect.h" 38 #include "addrtoname.h" 39 #include "extract.h" 40 41 42 /* 43 * Bootstrap Protocol (BOOTP). RFC951 and RFC1048. 44 * 45 * This file specifies the "implementation-independent" BOOTP protocol 46 * information which is common to both client and server. 47 * 48 * Copyright 1988 by Carnegie Mellon. 49 * 50 * Permission to use, copy, modify, and distribute this program for any 51 * purpose and without fee is hereby granted, provided that this copyright 52 * and permission notice appear on all copies and supporting documentation, 53 * the name of Carnegie Mellon not be used in advertising or publicity 54 * pertaining to distribution of the program without specific prior 55 * permission, and notice be given in supporting documentation that copying 56 * and distribution is by permission of Carnegie Mellon and Stanford 57 * University. Carnegie Mellon makes no representations about the 58 * suitability of this software for any purpose. It is provided "as is" 59 * without express or implied warranty. 60 */ 61 62 struct bootp { 63 nd_uint8_t bp_op; /* packet opcode type */ 64 nd_uint8_t bp_htype; /* hardware addr type */ 65 nd_uint8_t bp_hlen; /* hardware addr length */ 66 nd_uint8_t bp_hops; /* gateway hops */ 67 nd_uint32_t bp_xid; /* transaction ID */ 68 nd_uint16_t bp_secs; /* seconds since boot began */ 69 nd_uint16_t bp_flags; /* flags - see bootp_flag_values[] 70 in print-bootp.c */ 71 nd_ipv4 bp_ciaddr; /* client IP address */ 72 nd_ipv4 bp_yiaddr; /* 'your' IP address */ 73 nd_ipv4 bp_siaddr; /* server IP address */ 74 nd_ipv4 bp_giaddr; /* gateway IP address */ 75 nd_byte bp_chaddr[16]; /* client hardware address */ 76 nd_byte bp_sname[64]; /* server host name */ 77 nd_byte bp_file[128]; /* boot file name */ 78 nd_byte bp_vend[64]; /* vendor-specific area */ 79 }; 80 81 #define BOOTPREPLY 2 82 #define BOOTPREQUEST 1 83 84 /* 85 * Vendor magic cookie (v_magic) for CMU 86 */ 87 #define VM_CMU "CMU" 88 89 /* 90 * Vendor magic cookie (v_magic) for RFC1048 91 */ 92 #define VM_RFC1048 { 99, 130, 83, 99 } 93 94 /* 95 * RFC1048 tag values used to specify what information is being supplied in 96 * the vendor field of the packet. 97 */ 98 99 #define TAG_PAD ((uint8_t) 0) 100 #define TAG_SUBNET_MASK ((uint8_t) 1) 101 #define TAG_TIME_OFFSET ((uint8_t) 2) 102 #define TAG_GATEWAY ((uint8_t) 3) 103 #define TAG_TIME_SERVER ((uint8_t) 4) 104 #define TAG_NAME_SERVER ((uint8_t) 5) 105 #define TAG_DOMAIN_SERVER ((uint8_t) 6) 106 #define TAG_LOG_SERVER ((uint8_t) 7) 107 #define TAG_COOKIE_SERVER ((uint8_t) 8) 108 #define TAG_LPR_SERVER ((uint8_t) 9) 109 #define TAG_IMPRESS_SERVER ((uint8_t) 10) 110 #define TAG_RLP_SERVER ((uint8_t) 11) 111 #define TAG_HOSTNAME ((uint8_t) 12) 112 #define TAG_BOOTSIZE ((uint8_t) 13) 113 #define TAG_END ((uint8_t) 255) 114 /* RFC1497 tags */ 115 #define TAG_DUMPPATH ((uint8_t) 14) 116 #define TAG_DOMAINNAME ((uint8_t) 15) 117 #define TAG_SWAP_SERVER ((uint8_t) 16) 118 #define TAG_ROOTPATH ((uint8_t) 17) 119 #define TAG_EXTPATH ((uint8_t) 18) 120 /* RFC2132 */ 121 #define TAG_IP_FORWARD ((uint8_t) 19) 122 #define TAG_NL_SRCRT ((uint8_t) 20) 123 #define TAG_PFILTERS ((uint8_t) 21) 124 #define TAG_REASS_SIZE ((uint8_t) 22) 125 #define TAG_DEF_TTL ((uint8_t) 23) 126 #define TAG_MTU_TIMEOUT ((uint8_t) 24) 127 #define TAG_MTU_TABLE ((uint8_t) 25) 128 #define TAG_INT_MTU ((uint8_t) 26) 129 #define TAG_LOCAL_SUBNETS ((uint8_t) 27) 130 #define TAG_BROAD_ADDR ((uint8_t) 28) 131 #define TAG_DO_MASK_DISC ((uint8_t) 29) 132 #define TAG_SUPPLY_MASK ((uint8_t) 30) 133 #define TAG_DO_RDISC ((uint8_t) 31) 134 #define TAG_RTR_SOL_ADDR ((uint8_t) 32) 135 #define TAG_STATIC_ROUTE ((uint8_t) 33) 136 #define TAG_USE_TRAILERS ((uint8_t) 34) 137 #define TAG_ARP_TIMEOUT ((uint8_t) 35) 138 #define TAG_ETH_ENCAP ((uint8_t) 36) 139 #define TAG_TCP_TTL ((uint8_t) 37) 140 #define TAG_TCP_KEEPALIVE ((uint8_t) 38) 141 #define TAG_KEEPALIVE_GO ((uint8_t) 39) 142 #define TAG_NIS_DOMAIN ((uint8_t) 40) 143 #define TAG_NIS_SERVERS ((uint8_t) 41) 144 #define TAG_NTP_SERVERS ((uint8_t) 42) 145 #define TAG_VENDOR_OPTS ((uint8_t) 43) 146 #define TAG_NETBIOS_NS ((uint8_t) 44) 147 #define TAG_NETBIOS_DDS ((uint8_t) 45) 148 #define TAG_NETBIOS_NODE ((uint8_t) 46) 149 #define TAG_NETBIOS_SCOPE ((uint8_t) 47) 150 #define TAG_XWIN_FS ((uint8_t) 48) 151 #define TAG_XWIN_DM ((uint8_t) 49) 152 #define TAG_NIS_P_DOMAIN ((uint8_t) 64) 153 #define TAG_NIS_P_SERVERS ((uint8_t) 65) 154 #define TAG_MOBILE_HOME ((uint8_t) 68) 155 #define TAG_SMPT_SERVER ((uint8_t) 69) 156 #define TAG_POP3_SERVER ((uint8_t) 70) 157 #define TAG_NNTP_SERVER ((uint8_t) 71) 158 #define TAG_WWW_SERVER ((uint8_t) 72) 159 #define TAG_FINGER_SERVER ((uint8_t) 73) 160 #define TAG_IRC_SERVER ((uint8_t) 74) 161 #define TAG_STREETTALK_SRVR ((uint8_t) 75) 162 #define TAG_STREETTALK_STDA ((uint8_t) 76) 163 /* DHCP options */ 164 #define TAG_REQUESTED_IP ((uint8_t) 50) 165 #define TAG_IP_LEASE ((uint8_t) 51) 166 #define TAG_OPT_OVERLOAD ((uint8_t) 52) 167 #define TAG_TFTP_SERVER ((uint8_t) 66) 168 #define TAG_BOOTFILENAME ((uint8_t) 67) 169 #define TAG_DHCP_MESSAGE ((uint8_t) 53) 170 #define TAG_SERVER_ID ((uint8_t) 54) 171 #define TAG_PARM_REQUEST ((uint8_t) 55) 172 #define TAG_MESSAGE ((uint8_t) 56) 173 #define TAG_MAX_MSG_SIZE ((uint8_t) 57) 174 #define TAG_RENEWAL_TIME ((uint8_t) 58) 175 #define TAG_REBIND_TIME ((uint8_t) 59) 176 #define TAG_VENDOR_CLASS ((uint8_t) 60) 177 #define TAG_CLIENT_ID ((uint8_t) 61) 178 /* RFC 2241 */ 179 #define TAG_NDS_SERVERS ((uint8_t) 85) 180 #define TAG_NDS_TREE_NAME ((uint8_t) 86) 181 #define TAG_NDS_CONTEXT ((uint8_t) 87) 182 /* RFC 2242 */ 183 #define TAG_NDS_IPDOMAIN ((uint8_t) 62) 184 #define TAG_NDS_IPINFO ((uint8_t) 63) 185 /* RFC 2485 */ 186 #define TAG_OPEN_GROUP_UAP ((uint8_t) 98) 187 /* RFC 2563 */ 188 #define TAG_DISABLE_AUTOCONF ((uint8_t) 116) 189 /* RFC 2610 */ 190 #define TAG_SLP_DA ((uint8_t) 78) 191 #define TAG_SLP_SCOPE ((uint8_t) 79) 192 /* RFC 2937 */ 193 #define TAG_NS_SEARCH ((uint8_t) 117) 194 /* RFC 3004 - The User Class Option for DHCP */ 195 #define TAG_USER_CLASS ((uint8_t) 77) 196 /* RFC 3011 */ 197 #define TAG_IP4_SUBNET_SELECT ((uint8_t) 118) 198 /* RFC 3442 */ 199 #define TAG_CLASSLESS_STATIC_RT ((uint8_t) 121) 200 #define TAG_CLASSLESS_STA_RT_MS ((uint8_t) 249) 201 /* RFC 5859 - TFTP Server Address Option for DHCPv4 */ 202 #define TAG_TFTP_SERVER_ADDRESS ((uint8_t) 150) 203 /* https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml */ 204 #define TAG_SLP_NAMING_AUTH ((uint8_t) 80) 205 #define TAG_CLIENT_FQDN ((uint8_t) 81) 206 #define TAG_AGENT_CIRCUIT ((uint8_t) 82) 207 #define TAG_AGENT_REMOTE ((uint8_t) 83) 208 #define TAG_TZ_STRING ((uint8_t) 88) 209 #define TAG_FQDN_OPTION ((uint8_t) 89) 210 #define TAG_AUTH ((uint8_t) 90) 211 #define TAG_CLIENT_LAST_TRANSACTION_TIME ((uint8_t) 91) 212 #define TAG_ASSOCIATED_IP ((uint8_t) 92) 213 #define TAG_CLIENT_ARCH ((uint8_t) 93) 214 #define TAG_CLIENT_NDI ((uint8_t) 94) 215 #define TAG_CLIENT_GUID ((uint8_t) 97) 216 #define TAG_LDAP_URL ((uint8_t) 95) 217 /* RFC 4833, TZ codes */ 218 #define TAG_TZ_PCODE ((uint8_t) 100) 219 #define TAG_TZ_TCODE ((uint8_t) 101) 220 #define TAG_NETINFO_PARENT ((uint8_t) 112) 221 #define TAG_NETINFO_PARENT_TAG ((uint8_t) 113) 222 #define TAG_URL ((uint8_t) 114) 223 #define TAG_MUDURL ((uint8_t) 161) 224 225 /* DHCP Message types (values for TAG_DHCP_MESSAGE option) */ 226 #define DHCPDISCOVER 1 227 #define DHCPOFFER 2 228 #define DHCPREQUEST 3 229 #define DHCPDECLINE 4 230 #define DHCPACK 5 231 #define DHCPNAK 6 232 #define DHCPRELEASE 7 233 #define DHCPINFORM 8 234 /* Defined in RFC4388 */ 235 #define DHCPLEASEQUERY 10 236 #define DHCPLEASEUNASSIGNED 11 237 #define DHCPLEASEUNKNOWN 12 238 #define DHCPLEASEACTIVE 13 239 240 241 /* 242 * "vendor" data permitted for CMU bootp clients. 243 */ 244 245 struct cmu_vend { 246 nd_byte v_magic[4]; /* magic number */ 247 nd_uint32_t v_flags; /* flags/opcodes, etc. */ 248 nd_ipv4 v_smask; /* Subnet mask */ 249 nd_ipv4 v_dgate; /* Default gateway */ 250 nd_ipv4 v_dns1, v_dns2; /* Domain name servers */ 251 nd_ipv4 v_ins1, v_ins2; /* IEN-116 name servers */ 252 nd_ipv4 v_ts1, v_ts2; /* Time servers */ 253 nd_byte v_unused[24]; /* currently unused */ 254 }; 255 256 257 /* v_flags values */ 258 #define VF_SMASK 1 /* Subnet mask field contains valid data */ 259 260 /* RFC 4702 DHCP Client FQDN Option */ 261 262 #define CLIENT_FQDN_FLAGS_S 0x01 263 #define CLIENT_FQDN_FLAGS_O 0x02 264 #define CLIENT_FQDN_FLAGS_E 0x04 265 #define CLIENT_FQDN_FLAGS_N 0x08 266 /* end of original bootp.h */ 267 268 static void rfc1048_print(netdissect_options *, const u_char *); 269 static void cmu_print(netdissect_options *, const u_char *); 270 static char *client_fqdn_flags(u_int flags); 271 272 static const struct tok bootp_flag_values[] = { 273 { 0x8000, "Broadcast" }, 274 { 0, NULL} 275 }; 276 277 static const struct tok bootp_op_values[] = { 278 { BOOTPREQUEST, "Request" }, 279 { BOOTPREPLY, "Reply" }, 280 { 0, NULL} 281 }; 282 283 /* 284 * Print bootp requests 285 */ 286 void 287 bootp_print(netdissect_options *ndo, 288 const u_char *cp, u_int length) 289 { 290 const struct bootp *bp; 291 static const u_char vm_cmu[4] = VM_CMU; 292 static const u_char vm_rfc1048[4] = VM_RFC1048; 293 uint8_t bp_op, bp_htype, bp_hlen; 294 295 ndo->ndo_protocol = "bootp"; 296 bp = (const struct bootp *)cp; 297 bp_op = GET_U_1(bp->bp_op); 298 ND_PRINT("BOOTP/DHCP, %s", 299 tok2str(bootp_op_values, "unknown (0x%02x)", bp_op)); 300 301 bp_htype = GET_U_1(bp->bp_htype); 302 bp_hlen = GET_U_1(bp->bp_hlen); 303 if (bp_htype == 1 && bp_hlen == MAC_ADDR_LEN && bp_op == BOOTPREQUEST) { 304 ND_PRINT(" from %s", GET_ETHERADDR_STRING(bp->bp_chaddr)); 305 } 306 307 ND_PRINT(", length %u", length); 308 309 if (!ndo->ndo_vflag) 310 return; 311 312 ND_TCHECK_2(bp->bp_secs); 313 314 /* The usual hardware address type is 1 (10Mb Ethernet) */ 315 if (bp_htype != 1) 316 ND_PRINT(", htype %u", bp_htype); 317 318 /* The usual length for 10Mb Ethernet address is 6 bytes */ 319 if (bp_htype != 1 || bp_hlen != MAC_ADDR_LEN) 320 ND_PRINT(", hlen %u", bp_hlen); 321 322 /* Only print interesting fields */ 323 if (GET_U_1(bp->bp_hops)) 324 ND_PRINT(", hops %u", GET_U_1(bp->bp_hops)); 325 if (GET_BE_U_4(bp->bp_xid)) 326 ND_PRINT(", xid 0x%x", GET_BE_U_4(bp->bp_xid)); 327 if (GET_BE_U_2(bp->bp_secs)) 328 ND_PRINT(", secs %u", GET_BE_U_2(bp->bp_secs)); 329 330 ND_PRINT(", Flags [%s]", 331 bittok2str(bootp_flag_values, "none", GET_BE_U_2(bp->bp_flags))); 332 if (ndo->ndo_vflag > 1) 333 ND_PRINT(" (0x%04x)", GET_BE_U_2(bp->bp_flags)); 334 335 /* Client's ip address */ 336 if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_ciaddr)) 337 ND_PRINT("\n\t Client-IP %s", GET_IPADDR_STRING(bp->bp_ciaddr)); 338 339 /* 'your' ip address (bootp client) */ 340 if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_yiaddr)) 341 ND_PRINT("\n\t Your-IP %s", GET_IPADDR_STRING(bp->bp_yiaddr)); 342 343 /* Server's ip address */ 344 if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_siaddr)) 345 ND_PRINT("\n\t Server-IP %s", GET_IPADDR_STRING(bp->bp_siaddr)); 346 347 /* Gateway's ip address */ 348 if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_giaddr)) 349 ND_PRINT("\n\t Gateway-IP %s", GET_IPADDR_STRING(bp->bp_giaddr)); 350 351 /* Client's Ethernet address */ 352 if (bp_htype == 1 && bp_hlen == MAC_ADDR_LEN) { 353 ND_PRINT("\n\t Client-Ethernet-Address %s", GET_ETHERADDR_STRING(bp->bp_chaddr)); 354 } 355 356 if (GET_U_1(bp->bp_sname)) { /* get first char only */ 357 ND_PRINT("\n\t sname \""); 358 if (nd_printztn(ndo, bp->bp_sname, (u_int)sizeof(bp->bp_sname), 359 ndo->ndo_snapend) == 0) { 360 ND_PRINT("\""); 361 nd_print_trunc(ndo); 362 return; 363 } 364 ND_PRINT("\""); 365 } 366 if (GET_U_1(bp->bp_file)) { /* get first char only */ 367 ND_PRINT("\n\t file \""); 368 if (nd_printztn(ndo, bp->bp_file, (u_int)sizeof(bp->bp_file), 369 ndo->ndo_snapend) == 0) { 370 ND_PRINT("\""); 371 nd_print_trunc(ndo); 372 return; 373 } 374 ND_PRINT("\""); 375 } 376 377 /* Decode the vendor buffer */ 378 ND_TCHECK_4(bp->bp_vend); 379 if (memcmp((const char *)bp->bp_vend, vm_rfc1048, 380 sizeof(uint32_t)) == 0) 381 rfc1048_print(ndo, bp->bp_vend); 382 else if (memcmp((const char *)bp->bp_vend, vm_cmu, 383 sizeof(uint32_t)) == 0) 384 cmu_print(ndo, bp->bp_vend); 385 else { 386 uint32_t ul; 387 388 ul = GET_BE_U_4(bp->bp_vend); 389 if (ul != 0) 390 ND_PRINT("\n\t Vendor-#0x%x", ul); 391 } 392 393 return; 394 trunc: 395 nd_print_trunc(ndo); 396 } 397 398 /* 399 * The first character specifies the format to print: 400 * i - ip address (32 bits) 401 * p - ip address pairs (32 bits + 32 bits) 402 * l - long (32 bits) 403 * L - unsigned long (32 bits) 404 * s - short (16 bits) 405 * b - period-separated decimal bytes (variable length) 406 * x - colon-separated hex bytes (variable length) 407 * a - ASCII string (variable length) 408 * B - on/off (8 bits) 409 * $ - special (explicit code to handle) 410 */ 411 static const struct tok tag2str[] = { 412 /* RFC1048 tags */ 413 { TAG_PAD, " PAD" }, 414 { TAG_SUBNET_MASK, "iSubnet-Mask" }, /* subnet mask (RFC950) */ 415 { TAG_TIME_OFFSET, "LTime-Zone" }, /* seconds from UTC */ 416 { TAG_GATEWAY, "iDefault-Gateway" }, /* default gateway */ 417 { TAG_TIME_SERVER, "iTime-Server" }, /* time servers (RFC868) */ 418 { TAG_NAME_SERVER, "iIEN-Name-Server" }, /* IEN name servers (IEN116) */ 419 { TAG_DOMAIN_SERVER, "iDomain-Name-Server" }, /* domain name (RFC1035) */ 420 { TAG_LOG_SERVER, "iLOG" }, /* MIT log servers */ 421 { TAG_COOKIE_SERVER, "iCS" }, /* cookie servers (RFC865) */ 422 { TAG_LPR_SERVER, "iLPR-Server" }, /* lpr server (RFC1179) */ 423 { TAG_IMPRESS_SERVER, "iIM" }, /* impress servers (Imagen) */ 424 { TAG_RLP_SERVER, "iRL" }, /* resource location (RFC887) */ 425 { TAG_HOSTNAME, "aHostname" }, /* ASCII hostname */ 426 { TAG_BOOTSIZE, "sBS" }, /* 512 byte blocks */ 427 { TAG_END, " END" }, 428 /* RFC1497 tags */ 429 { TAG_DUMPPATH, "aDP" }, 430 { TAG_DOMAINNAME, "aDomain-Name" }, 431 { TAG_SWAP_SERVER, "iSS" }, 432 { TAG_ROOTPATH, "aRP" }, 433 { TAG_EXTPATH, "aEP" }, 434 /* RFC2132 tags */ 435 { TAG_IP_FORWARD, "BIPF" }, 436 { TAG_NL_SRCRT, "BSRT" }, 437 { TAG_PFILTERS, "pPF" }, 438 { TAG_REASS_SIZE, "sRSZ" }, 439 { TAG_DEF_TTL, "bTTL" }, 440 { TAG_MTU_TIMEOUT, "lMTU-Timeout" }, 441 { TAG_MTU_TABLE, "sMTU-Table" }, 442 { TAG_INT_MTU, "sMTU" }, 443 { TAG_LOCAL_SUBNETS, "BLSN" }, 444 { TAG_BROAD_ADDR, "iBR" }, 445 { TAG_DO_MASK_DISC, "BMD" }, 446 { TAG_SUPPLY_MASK, "BMS" }, 447 { TAG_DO_RDISC, "BRouter-Discovery" }, 448 { TAG_RTR_SOL_ADDR, "iRSA" }, 449 { TAG_STATIC_ROUTE, "pStatic-Route" }, 450 { TAG_USE_TRAILERS, "BUT" }, 451 { TAG_ARP_TIMEOUT, "lAT" }, 452 { TAG_ETH_ENCAP, "BIE" }, 453 { TAG_TCP_TTL, "bTT" }, 454 { TAG_TCP_KEEPALIVE, "lKI" }, 455 { TAG_KEEPALIVE_GO, "BKG" }, 456 { TAG_NIS_DOMAIN, "aYD" }, 457 { TAG_NIS_SERVERS, "iYS" }, 458 { TAG_NTP_SERVERS, "iNTP" }, 459 { TAG_VENDOR_OPTS, "bVendor-Option" }, 460 { TAG_NETBIOS_NS, "iNetbios-Name-Server" }, 461 { TAG_NETBIOS_DDS, "iWDD" }, 462 { TAG_NETBIOS_NODE, "$Netbios-Node" }, 463 { TAG_NETBIOS_SCOPE, "aNetbios-Scope" }, 464 { TAG_XWIN_FS, "iXFS" }, 465 { TAG_XWIN_DM, "iXDM" }, 466 { TAG_NIS_P_DOMAIN, "sN+D" }, 467 { TAG_NIS_P_SERVERS, "iN+S" }, 468 { TAG_MOBILE_HOME, "iMH" }, 469 { TAG_SMPT_SERVER, "iSMTP" }, 470 { TAG_POP3_SERVER, "iPOP3" }, 471 { TAG_NNTP_SERVER, "iNNTP" }, 472 { TAG_WWW_SERVER, "iWWW" }, 473 { TAG_FINGER_SERVER, "iFG" }, 474 { TAG_IRC_SERVER, "iIRC" }, 475 { TAG_STREETTALK_SRVR, "iSTS" }, 476 { TAG_STREETTALK_STDA, "iSTDA" }, 477 { TAG_REQUESTED_IP, "iRequested-IP" }, 478 { TAG_IP_LEASE, "lLease-Time" }, 479 { TAG_OPT_OVERLOAD, "$OO" }, 480 { TAG_TFTP_SERVER, "aTFTP" }, 481 { TAG_BOOTFILENAME, "aBF" }, 482 { TAG_DHCP_MESSAGE, " DHCP-Message" }, 483 { TAG_SERVER_ID, "iServer-ID" }, 484 { TAG_PARM_REQUEST, "bParameter-Request" }, 485 { TAG_MESSAGE, "aMSG" }, 486 { TAG_MAX_MSG_SIZE, "sMSZ" }, 487 { TAG_RENEWAL_TIME, "lRN" }, 488 { TAG_REBIND_TIME, "lRB" }, 489 { TAG_VENDOR_CLASS, "aVendor-Class" }, 490 { TAG_CLIENT_ID, "$Client-ID" }, 491 /* RFC 2485 */ 492 { TAG_OPEN_GROUP_UAP, "aUAP" }, 493 /* RFC 2563 */ 494 { TAG_DISABLE_AUTOCONF, "BNOAUTO" }, 495 /* RFC 2610 */ 496 { TAG_SLP_DA, "bSLP-DA" }, /*"b" is a little wrong */ 497 { TAG_SLP_SCOPE, "bSLP-SCOPE" }, /*"b" is a little wrong */ 498 /* RFC 2937 */ 499 { TAG_NS_SEARCH, "sNSSEARCH" }, /* XXX 's' */ 500 /* RFC 3004 - The User Class Option for DHCP */ 501 { TAG_USER_CLASS, "$User-Class" }, 502 /* RFC 3011 */ 503 { TAG_IP4_SUBNET_SELECT, "iSUBNET" }, 504 /* RFC 3442 */ 505 { TAG_CLASSLESS_STATIC_RT, "$Classless-Static-Route" }, 506 { TAG_CLASSLESS_STA_RT_MS, "$Classless-Static-Route-Microsoft" }, 507 /* RFC 5859 - TFTP Server Address Option for DHCPv4 */ 508 { TAG_TFTP_SERVER_ADDRESS, "iTFTP-Server-Address" }, 509 /* https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml#options */ 510 { TAG_SLP_NAMING_AUTH, "aSLP-NA" }, 511 { TAG_CLIENT_FQDN, "$FQDN" }, 512 { TAG_AGENT_CIRCUIT, "$Agent-Information" }, 513 { TAG_AGENT_REMOTE, "bARMT" }, 514 { TAG_TZ_STRING, "aTZSTR" }, 515 { TAG_FQDN_OPTION, "bFQDNS" }, /* XXX 'b' */ 516 { TAG_AUTH, "bAUTH" }, /* XXX 'b' */ 517 { TAG_CLIENT_LAST_TRANSACTION_TIME, "LLast-Transaction-Time" }, 518 { TAG_ASSOCIATED_IP, "iAssociated-IP" }, 519 { TAG_CLIENT_ARCH, "sARCH" }, 520 { TAG_CLIENT_NDI, "bNDI" }, /* XXX 'b' */ 521 { TAG_CLIENT_GUID, "bGUID" }, /* XXX 'b' */ 522 { TAG_LDAP_URL, "aLDAP" }, 523 { TAG_TZ_PCODE, "aPOSIX-TZ" }, 524 { TAG_TZ_TCODE, "aTZ-Name" }, 525 { TAG_NETINFO_PARENT, "iNI" }, 526 { TAG_NETINFO_PARENT_TAG, "aNITAG" }, 527 { TAG_URL, "aURL" }, 528 { TAG_MUDURL, "aMUD-URL" }, 529 { 0, NULL } 530 }; 531 532 /* DHCP "options overload" types */ 533 static const struct tok oo2str[] = { 534 { 1, "file" }, 535 { 2, "sname" }, 536 { 3, "file+sname" }, 537 { 0, NULL } 538 }; 539 540 /* NETBIOS over TCP/IP node type options */ 541 static const struct tok nbo2str[] = { 542 { 0x1, "b-node" }, 543 { 0x2, "p-node" }, 544 { 0x4, "m-node" }, 545 { 0x8, "h-node" }, 546 { 0, NULL } 547 }; 548 549 /* ARP Hardware types, for Client-ID option */ 550 static const struct tok arp2str[] = { 551 { 0x1, "ether" }, 552 { 0x6, "ieee802" }, 553 { 0x7, "arcnet" }, 554 { 0xf, "frelay" }, 555 { 0x17, "strip" }, 556 { 0x18, "ieee1394" }, 557 { 0, NULL } 558 }; 559 560 static const struct tok dhcp_msg_values[] = { 561 { DHCPDISCOVER, "Discover" }, 562 { DHCPOFFER, "Offer" }, 563 { DHCPREQUEST, "Request" }, 564 { DHCPDECLINE, "Decline" }, 565 { DHCPACK, "ACK" }, 566 { DHCPNAK, "NACK" }, 567 { DHCPRELEASE, "Release" }, 568 { DHCPINFORM, "Inform" }, 569 { DHCPLEASEQUERY, "LeaseQuery" }, 570 { DHCPLEASEUNASSIGNED, "LeaseUnassigned" }, 571 { DHCPLEASEUNKNOWN, "LeaseUnknown" }, 572 { DHCPLEASEACTIVE, "LeaseActive" }, 573 { 0, NULL } 574 }; 575 576 #define AGENT_SUBOPTION_CIRCUIT_ID 1 /* RFC 3046 */ 577 #define AGENT_SUBOPTION_REMOTE_ID 2 /* RFC 3046 */ 578 #define AGENT_SUBOPTION_SUBSCRIBER_ID 6 /* RFC 3993 */ 579 static const struct tok agent_suboption_values[] = { 580 { AGENT_SUBOPTION_CIRCUIT_ID, "Circuit-ID" }, 581 { AGENT_SUBOPTION_REMOTE_ID, "Remote-ID" }, 582 { AGENT_SUBOPTION_SUBSCRIBER_ID, "Subscriber-ID" }, 583 { 0, NULL } 584 }; 585 586 587 static void 588 rfc1048_print(netdissect_options *ndo, 589 const u_char *bp) 590 { 591 uint16_t tag; 592 u_int len; 593 const char *cp; 594 char c; 595 int first, idx; 596 uint8_t subopt, suboptlen; 597 598 ND_PRINT("\n\t Vendor-rfc1048 Extensions"); 599 600 /* Step over magic cookie */ 601 ND_PRINT("\n\t Magic Cookie 0x%08x", GET_BE_U_4(bp)); 602 bp += sizeof(int32_t); 603 604 /* Loop while we there is a tag left in the buffer */ 605 while (ND_TTEST_1(bp)) { 606 tag = GET_U_1(bp); 607 bp++; 608 if (tag == TAG_PAD && ndo->ndo_vflag < 3) 609 continue; 610 if (tag == TAG_END && ndo->ndo_vflag < 3) 611 return; 612 cp = tok2str(tag2str, "?Unknown", tag); 613 c = *cp++; 614 615 if (tag == TAG_PAD || tag == TAG_END) 616 len = 0; 617 else { 618 /* Get the length; check for truncation */ 619 len = GET_U_1(bp); 620 bp++; 621 } 622 623 ND_PRINT("\n\t %s (%u), length %u%s", cp, tag, len, 624 len > 0 ? ": " : ""); 625 626 if (tag == TAG_PAD && ndo->ndo_vflag > 2) { 627 u_int ntag = 1; 628 while (ND_TTEST_1(bp) && 629 GET_U_1(bp) == TAG_PAD) { 630 bp++; 631 ntag++; 632 } 633 if (ntag > 1) 634 ND_PRINT(", occurs %u", ntag); 635 } 636 637 ND_TCHECK_LEN(bp, len); 638 639 if (tag == TAG_DHCP_MESSAGE && len == 1) { 640 ND_PRINT("%s", 641 tok2str(dhcp_msg_values, "Unknown (%u)", GET_U_1(bp))); 642 bp++; 643 continue; 644 } 645 646 if (tag == TAG_PARM_REQUEST) { 647 idx = 0; 648 while (len > 0) { 649 uint8_t innertag = GET_U_1(bp); 650 bp++; 651 len--; 652 cp = tok2str(tag2str, "?Unknown", innertag); 653 if (idx % 4 == 0) 654 ND_PRINT("\n\t "); 655 else 656 ND_PRINT(", "); 657 ND_PRINT("%s (%u)", cp + 1, innertag); 658 idx++; 659 } 660 continue; 661 } 662 663 /* Print data */ 664 if (c == '?') { 665 /* Base default formats for unknown tags on data size */ 666 if (len & 1) 667 c = 'b'; 668 else if (len & 2) 669 c = 's'; 670 else 671 c = 'l'; 672 } 673 first = 1; 674 switch (c) { 675 676 case 'a': 677 /* ASCII strings */ 678 ND_PRINT("\""); 679 if (nd_printn(ndo, bp, len, ndo->ndo_snapend)) { 680 ND_PRINT("\""); 681 goto trunc; 682 } 683 ND_PRINT("\""); 684 bp += len; 685 len = 0; 686 break; 687 688 case 'i': 689 case 'l': 690 case 'L': 691 /* ip addresses/32-bit words */ 692 while (len >= 4) { 693 if (!first) 694 ND_PRINT(","); 695 if (c == 'i') 696 ND_PRINT("%s", GET_IPADDR_STRING(bp)); 697 else if (c == 'L') 698 ND_PRINT("%d", GET_BE_S_4(bp)); 699 else 700 ND_PRINT("%u", GET_BE_U_4(bp)); 701 bp += 4; 702 len -= 4; 703 first = 0; 704 } 705 break; 706 707 case 'p': 708 /* IP address pairs */ 709 while (len >= 2*4) { 710 if (!first) 711 ND_PRINT(","); 712 ND_PRINT("(%s:", GET_IPADDR_STRING(bp)); 713 bp += 4; 714 len -= 4; 715 ND_PRINT("%s)", GET_IPADDR_STRING(bp)); 716 bp += 4; 717 len -= 4; 718 first = 0; 719 } 720 break; 721 722 case 's': 723 /* shorts */ 724 while (len >= 2) { 725 if (!first) 726 ND_PRINT(","); 727 ND_PRINT("%u", GET_BE_U_2(bp)); 728 bp += 2; 729 len -= 2; 730 first = 0; 731 } 732 break; 733 734 case 'B': 735 /* boolean */ 736 while (len > 0) { 737 uint8_t bool_value; 738 if (!first) 739 ND_PRINT(","); 740 bool_value = GET_U_1(bp); 741 switch (bool_value) { 742 case 0: 743 ND_PRINT("N"); 744 break; 745 case 1: 746 ND_PRINT("Y"); 747 break; 748 default: 749 ND_PRINT("%u?", bool_value); 750 break; 751 } 752 ++bp; 753 --len; 754 first = 0; 755 } 756 break; 757 758 case 'b': 759 case 'x': 760 default: 761 /* Bytes */ 762 while (len > 0) { 763 uint8_t byte_value; 764 if (!first) 765 ND_PRINT(c == 'x' ? ":" : "."); 766 byte_value = GET_U_1(bp); 767 if (c == 'x') 768 ND_PRINT("%02x", byte_value); 769 else 770 ND_PRINT("%u", byte_value); 771 ++bp; 772 --len; 773 first = 0; 774 } 775 break; 776 777 case '$': 778 /* Guys we can't handle with one of the usual cases */ 779 switch (tag) { 780 781 case TAG_NETBIOS_NODE: 782 /* this option should be at least 1 byte long */ 783 if (len < 1) { 784 ND_PRINT("[ERROR: length < 1 bytes]"); 785 break; 786 } 787 tag = GET_U_1(bp); 788 ++bp; 789 --len; 790 ND_PRINT("%s", tok2str(nbo2str, NULL, tag)); 791 break; 792 793 case TAG_OPT_OVERLOAD: 794 /* this option should be at least 1 byte long */ 795 if (len < 1) { 796 ND_PRINT("[ERROR: length < 1 bytes]"); 797 break; 798 } 799 tag = GET_U_1(bp); 800 ++bp; 801 --len; 802 ND_PRINT("%s", tok2str(oo2str, NULL, tag)); 803 break; 804 805 case TAG_CLIENT_FQDN: 806 /* this option should be at least 3 bytes long */ 807 if (len < 3) { 808 ND_PRINT("[ERROR: length < 3 bytes]"); 809 bp += len; 810 len = 0; 811 break; 812 } 813 if (GET_U_1(bp) & 0xf0) { 814 ND_PRINT("[ERROR: MBZ nibble 0x%x != 0] ", 815 (GET_U_1(bp) & 0xf0) >> 4); 816 } 817 if (GET_U_1(bp) & 0x0f) 818 ND_PRINT("[%s] ", 819 client_fqdn_flags(GET_U_1(bp))); 820 bp++; 821 if (GET_U_1(bp) || GET_U_1(bp + 1)) 822 ND_PRINT("%u/%u ", GET_U_1(bp), 823 GET_U_1(bp + 1)); 824 bp += 2; 825 ND_PRINT("\""); 826 if (nd_printn(ndo, bp, len - 3, ndo->ndo_snapend)) { 827 ND_PRINT("\""); 828 goto trunc; 829 } 830 ND_PRINT("\""); 831 bp += len - 3; 832 len = 0; 833 break; 834 835 case TAG_CLIENT_ID: 836 { 837 int type; 838 839 /* this option should be at least 1 byte long */ 840 if (len < 1) { 841 ND_PRINT("[ERROR: length < 1 bytes]"); 842 break; 843 } 844 type = GET_U_1(bp); 845 bp++; 846 len--; 847 if (type == 0) { 848 ND_PRINT("\""); 849 if (nd_printn(ndo, bp, len, ndo->ndo_snapend)) { 850 ND_PRINT("\""); 851 goto trunc; 852 } 853 ND_PRINT("\""); 854 bp += len; 855 len = 0; 856 break; 857 } else { 858 ND_PRINT("%s ", tok2str(arp2str, "hardware-type %u,", type)); 859 while (len > 0) { 860 if (!first) 861 ND_PRINT(":"); 862 ND_PRINT("%02x", GET_U_1(bp)); 863 ++bp; 864 --len; 865 first = 0; 866 } 867 } 868 break; 869 } 870 871 case TAG_AGENT_CIRCUIT: 872 while (len >= 2) { 873 subopt = GET_U_1(bp); 874 suboptlen = GET_U_1(bp + 1); 875 bp += 2; 876 len -= 2; 877 if (suboptlen > len) { 878 ND_PRINT("\n\t %s SubOption %u, length %u: length goes past end of option", 879 tok2str(agent_suboption_values, "Unknown", subopt), 880 subopt, 881 suboptlen); 882 bp += len; 883 len = 0; 884 break; 885 } 886 ND_PRINT("\n\t %s SubOption %u, length %u: ", 887 tok2str(agent_suboption_values, "Unknown", subopt), 888 subopt, 889 suboptlen); 890 switch (subopt) { 891 892 case AGENT_SUBOPTION_CIRCUIT_ID: /* fall through */ 893 case AGENT_SUBOPTION_REMOTE_ID: 894 case AGENT_SUBOPTION_SUBSCRIBER_ID: 895 if (nd_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) 896 goto trunc; 897 break; 898 899 default: 900 print_unknown_data(ndo, bp, "\n\t\t", suboptlen); 901 } 902 903 len -= suboptlen; 904 bp += suboptlen; 905 } 906 break; 907 908 case TAG_CLASSLESS_STATIC_RT: 909 case TAG_CLASSLESS_STA_RT_MS: 910 { 911 u_int mask_width, significant_octets, i; 912 913 /* this option should be at least 5 bytes long */ 914 if (len < 5) { 915 ND_PRINT("[ERROR: length < 5 bytes]"); 916 bp += len; 917 len = 0; 918 break; 919 } 920 while (len > 0) { 921 if (!first) 922 ND_PRINT(","); 923 mask_width = GET_U_1(bp); 924 bp++; 925 len--; 926 /* mask_width <= 32 */ 927 if (mask_width > 32) { 928 ND_PRINT("[ERROR: Mask width (%u) > 32]", mask_width); 929 bp += len; 930 len = 0; 931 break; 932 } 933 significant_octets = (mask_width + 7) / 8; 934 /* significant octets + router(4) */ 935 if (len < significant_octets + 4) { 936 ND_PRINT("[ERROR: Remaining length (%u) < %u bytes]", len, significant_octets + 4); 937 bp += len; 938 len = 0; 939 break; 940 } 941 ND_PRINT("("); 942 if (mask_width == 0) 943 ND_PRINT("default"); 944 else { 945 for (i = 0; i < significant_octets ; i++) { 946 if (i > 0) 947 ND_PRINT("."); 948 ND_PRINT("%u", 949 GET_U_1(bp)); 950 bp++; 951 } 952 for (i = significant_octets ; i < 4 ; i++) 953 ND_PRINT(".0"); 954 ND_PRINT("/%u", mask_width); 955 } 956 ND_PRINT(":%s)", GET_IPADDR_STRING(bp)); 957 bp += 4; 958 len -= (significant_octets + 4); 959 first = 0; 960 } 961 break; 962 } 963 964 case TAG_USER_CLASS: 965 { 966 u_int suboptnumber = 1; 967 968 first = 1; 969 if (len < 2) { 970 ND_PRINT("[ERROR: length < 2 bytes]"); 971 bp += len; 972 len = 0; 973 break; 974 } 975 while (len > 0) { 976 suboptlen = GET_U_1(bp); 977 bp++; 978 len--; 979 ND_PRINT("\n\t "); 980 ND_PRINT("instance#%u: ", suboptnumber); 981 if (suboptlen == 0) { 982 ND_PRINT("[ERROR: suboption length must be non-zero]"); 983 bp += len; 984 len = 0; 985 break; 986 } 987 if (len < suboptlen) { 988 ND_PRINT("[ERROR: invalid option]"); 989 bp += len; 990 len = 0; 991 break; 992 } 993 ND_PRINT("\""); 994 if (nd_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) { 995 ND_PRINT("\""); 996 goto trunc; 997 } 998 ND_PRINT("\""); 999 ND_PRINT(", length %u", suboptlen); 1000 suboptnumber++; 1001 len -= suboptlen; 1002 bp += suboptlen; 1003 } 1004 break; 1005 } 1006 1007 default: 1008 ND_PRINT("[unknown special tag %u, size %u]", 1009 tag, len); 1010 bp += len; 1011 len = 0; 1012 break; 1013 } 1014 break; 1015 } 1016 /* Data left over? */ 1017 if (len) { 1018 ND_PRINT("\n\t trailing data length %u", len); 1019 bp += len; 1020 } 1021 } 1022 return; 1023 trunc: 1024 nd_print_trunc(ndo); 1025 } 1026 1027 #define PRINTCMUADDR(m, s) { ND_TCHECK_4(cmu->m); \ 1028 if (GET_IPV4_TO_NETWORK_ORDER(cmu->m) != 0) \ 1029 ND_PRINT(" %s:%s", s, GET_IPADDR_STRING(cmu->m)); } 1030 1031 static void 1032 cmu_print(netdissect_options *ndo, 1033 const u_char *bp) 1034 { 1035 const struct cmu_vend *cmu; 1036 uint8_t v_flags; 1037 1038 ND_PRINT(" vend-cmu"); 1039 cmu = (const struct cmu_vend *)bp; 1040 1041 /* Only print if there are unknown bits */ 1042 ND_TCHECK_4(cmu->v_flags); 1043 v_flags = GET_U_1(cmu->v_flags); 1044 if ((v_flags & ~(VF_SMASK)) != 0) 1045 ND_PRINT(" F:0x%x", v_flags); 1046 PRINTCMUADDR(v_dgate, "DG"); 1047 PRINTCMUADDR(v_smask, v_flags & VF_SMASK ? "SM" : "SM*"); 1048 PRINTCMUADDR(v_dns1, "NS1"); 1049 PRINTCMUADDR(v_dns2, "NS2"); 1050 PRINTCMUADDR(v_ins1, "IEN1"); 1051 PRINTCMUADDR(v_ins2, "IEN2"); 1052 PRINTCMUADDR(v_ts1, "TS1"); 1053 PRINTCMUADDR(v_ts2, "TS2"); 1054 return; 1055 1056 trunc: 1057 nd_print_trunc(ndo); 1058 } 1059 1060 #undef PRINTCMUADDR 1061 1062 static char * 1063 client_fqdn_flags(u_int flags) 1064 { 1065 static char buf[8+1]; 1066 int i = 0; 1067 1068 if (flags & CLIENT_FQDN_FLAGS_S) 1069 buf[i++] = 'S'; 1070 if (flags & CLIENT_FQDN_FLAGS_O) 1071 buf[i++] = 'O'; 1072 if (flags & CLIENT_FQDN_FLAGS_E) 1073 buf[i++] = 'E'; 1074 if (flags & CLIENT_FQDN_FLAGS_N) 1075 buf[i++] = 'N'; 1076 buf[i] = '\0'; 1077 1078 return buf; 1079 } 1080