1/* 2 * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 */ 21 22/* \summary: BOOTP and IPv4 DHCP printer */ 23 24#ifdef HAVE_CONFIG_H 25#include <config.h> 26#endif 27 28#include "netdissect-stdinc.h" 29 30#include <string.h> 31 32#include "netdissect.h" 33#include "addrtoname.h" 34#include "extract.h" 35 36 37/* 38 * Bootstrap Protocol (BOOTP). RFC951 and RFC1048. 39 * 40 * This file specifies the "implementation-independent" BOOTP protocol 41 * information which is common to both client and server. 42 * 43 * Copyright 1988 by Carnegie Mellon. 44 * 45 * Permission to use, copy, modify, and distribute this program for any 46 * purpose and without fee is hereby granted, provided that this copyright 47 * and permission notice appear on all copies and supporting documentation, 48 * the name of Carnegie Mellon not be used in advertising or publicity 49 * pertaining to distribution of the program without specific prior 50 * permission, and notice be given in supporting documentation that copying 51 * and distribution is by permission of Carnegie Mellon and Stanford 52 * University. Carnegie Mellon makes no representations about the 53 * suitability of this software for any purpose. It is provided "as is" 54 * without express or implied warranty. 55 */ 56 57struct bootp { 58 nd_uint8_t bp_op; /* packet opcode type */ 59 nd_uint8_t bp_htype; /* hardware addr type */ 60 nd_uint8_t bp_hlen; /* hardware addr length */ 61 nd_uint8_t bp_hops; /* gateway hops */ 62 nd_uint32_t bp_xid; /* transaction ID */ 63 nd_uint16_t bp_secs; /* seconds since boot began */ 64 nd_uint16_t bp_flags; /* flags - see bootp_flag_values[] 65 in print-bootp.c */ 66 nd_ipv4 bp_ciaddr; /* client IP address */ 67 nd_ipv4 bp_yiaddr; /* 'your' IP address */ 68 nd_ipv4 bp_siaddr; /* server IP address */ 69 nd_ipv4 bp_giaddr; /* gateway IP address */ 70 nd_byte bp_chaddr[16]; /* client hardware address */ 71 nd_byte bp_sname[64]; /* server host name */ 72 nd_byte bp_file[128]; /* boot file name */ 73 nd_byte bp_vend[64]; /* vendor-specific area */ 74}; 75 76#define BOOTPREPLY 2 77#define BOOTPREQUEST 1 78 79/* 80 * Vendor magic cookie (v_magic) for CMU 81 */ 82#define VM_CMU "CMU" 83 84/* 85 * Vendor magic cookie (v_magic) for RFC1048 86 */ 87#define VM_RFC1048 { 99, 130, 83, 99 } 88 89/* 90 * RFC1048 tag values used to specify what information is being supplied in 91 * the vendor field of the packet. 92 */ 93 94#define TAG_PAD ((uint8_t) 0) 95#define TAG_SUBNET_MASK ((uint8_t) 1) 96#define TAG_TIME_OFFSET ((uint8_t) 2) 97#define TAG_GATEWAY ((uint8_t) 3) 98#define TAG_TIME_SERVER ((uint8_t) 4) 99#define TAG_NAME_SERVER ((uint8_t) 5) 100#define TAG_DOMAIN_SERVER ((uint8_t) 6) 101#define TAG_LOG_SERVER ((uint8_t) 7) 102#define TAG_COOKIE_SERVER ((uint8_t) 8) 103#define TAG_LPR_SERVER ((uint8_t) 9) 104#define TAG_IMPRESS_SERVER ((uint8_t) 10) 105#define TAG_RLP_SERVER ((uint8_t) 11) 106#define TAG_HOSTNAME ((uint8_t) 12) 107#define TAG_BOOTSIZE ((uint8_t) 13) 108#define TAG_END ((uint8_t) 255) 109/* RFC1497 tags */ 110#define TAG_DUMPPATH ((uint8_t) 14) 111#define TAG_DOMAINNAME ((uint8_t) 15) 112#define TAG_SWAP_SERVER ((uint8_t) 16) 113#define TAG_ROOTPATH ((uint8_t) 17) 114#define TAG_EXTPATH ((uint8_t) 18) 115/* RFC2132 */ 116#define TAG_IP_FORWARD ((uint8_t) 19) 117#define TAG_NL_SRCRT ((uint8_t) 20) 118#define TAG_PFILTERS ((uint8_t) 21) 119#define TAG_REASS_SIZE ((uint8_t) 22) 120#define TAG_DEF_TTL ((uint8_t) 23) 121#define TAG_MTU_TIMEOUT ((uint8_t) 24) 122#define TAG_MTU_TABLE ((uint8_t) 25) 123#define TAG_INT_MTU ((uint8_t) 26) 124#define TAG_LOCAL_SUBNETS ((uint8_t) 27) 125#define TAG_BROAD_ADDR ((uint8_t) 28) 126#define TAG_DO_MASK_DISC ((uint8_t) 29) 127#define TAG_SUPPLY_MASK ((uint8_t) 30) 128#define TAG_DO_RDISC ((uint8_t) 31) 129#define TAG_RTR_SOL_ADDR ((uint8_t) 32) 130#define TAG_STATIC_ROUTE ((uint8_t) 33) 131#define TAG_USE_TRAILERS ((uint8_t) 34) 132#define TAG_ARP_TIMEOUT ((uint8_t) 35) 133#define TAG_ETH_ENCAP ((uint8_t) 36) 134#define TAG_TCP_TTL ((uint8_t) 37) 135#define TAG_TCP_KEEPALIVE ((uint8_t) 38) 136#define TAG_KEEPALIVE_GO ((uint8_t) 39) 137#define TAG_NIS_DOMAIN ((uint8_t) 40) 138#define TAG_NIS_SERVERS ((uint8_t) 41) 139#define TAG_NTP_SERVERS ((uint8_t) 42) 140#define TAG_VENDOR_OPTS ((uint8_t) 43) 141#define TAG_NETBIOS_NS ((uint8_t) 44) 142#define TAG_NETBIOS_DDS ((uint8_t) 45) 143#define TAG_NETBIOS_NODE ((uint8_t) 46) 144#define TAG_NETBIOS_SCOPE ((uint8_t) 47) 145#define TAG_XWIN_FS ((uint8_t) 48) 146#define TAG_XWIN_DM ((uint8_t) 49) 147#define TAG_NIS_P_DOMAIN ((uint8_t) 64) 148#define TAG_NIS_P_SERVERS ((uint8_t) 65) 149#define TAG_MOBILE_HOME ((uint8_t) 68) 150#define TAG_SMPT_SERVER ((uint8_t) 69) 151#define TAG_POP3_SERVER ((uint8_t) 70) 152#define TAG_NNTP_SERVER ((uint8_t) 71) 153#define TAG_WWW_SERVER ((uint8_t) 72) 154#define TAG_FINGER_SERVER ((uint8_t) 73) 155#define TAG_IRC_SERVER ((uint8_t) 74) 156#define TAG_STREETTALK_SRVR ((uint8_t) 75) 157#define TAG_STREETTALK_STDA ((uint8_t) 76) 158/* DHCP options */ 159#define TAG_REQUESTED_IP ((uint8_t) 50) 160#define TAG_IP_LEASE ((uint8_t) 51) 161#define TAG_OPT_OVERLOAD ((uint8_t) 52) 162#define TAG_TFTP_SERVER ((uint8_t) 66) 163#define TAG_BOOTFILENAME ((uint8_t) 67) 164#define TAG_DHCP_MESSAGE ((uint8_t) 53) 165#define TAG_SERVER_ID ((uint8_t) 54) 166#define TAG_PARM_REQUEST ((uint8_t) 55) 167#define TAG_MESSAGE ((uint8_t) 56) 168#define TAG_MAX_MSG_SIZE ((uint8_t) 57) 169#define TAG_RENEWAL_TIME ((uint8_t) 58) 170#define TAG_REBIND_TIME ((uint8_t) 59) 171#define TAG_VENDOR_CLASS ((uint8_t) 60) 172#define TAG_CLIENT_ID ((uint8_t) 61) 173/* RFC 2241 */ 174#define TAG_NDS_SERVERS ((uint8_t) 85) 175#define TAG_NDS_TREE_NAME ((uint8_t) 86) 176#define TAG_NDS_CONTEXT ((uint8_t) 87) 177/* RFC 2242 */ 178#define TAG_NDS_IPDOMAIN ((uint8_t) 62) 179#define TAG_NDS_IPINFO ((uint8_t) 63) 180/* RFC 2485 */ 181#define TAG_OPEN_GROUP_UAP ((uint8_t) 98) 182/* RFC 2563 */ 183#define TAG_DISABLE_AUTOCONF ((uint8_t) 116) 184/* RFC 2610 */ 185#define TAG_SLP_DA ((uint8_t) 78) 186#define TAG_SLP_SCOPE ((uint8_t) 79) 187/* RFC 2937 */ 188#define TAG_NS_SEARCH ((uint8_t) 117) 189/* RFC 3004 - The User Class Option for DHCP */ 190#define TAG_USER_CLASS ((uint8_t) 77) 191/* RFC 3011 */ 192#define TAG_IP4_SUBNET_SELECT ((uint8_t) 118) 193/* RFC 3442 */ 194#define TAG_CLASSLESS_STATIC_RT ((uint8_t) 121) 195#define TAG_CLASSLESS_STA_RT_MS ((uint8_t) 249) 196/* RFC 5859 - TFTP Server Address Option for DHCPv4 */ 197#define TAG_TFTP_SERVER_ADDRESS ((uint8_t) 150) 198/* https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml */ 199#define TAG_SLP_NAMING_AUTH ((uint8_t) 80) 200#define TAG_CLIENT_FQDN ((uint8_t) 81) 201#define TAG_AGENT_CIRCUIT ((uint8_t) 82) 202#define TAG_AGENT_REMOTE ((uint8_t) 83) 203#define TAG_TZ_STRING ((uint8_t) 88) 204#define TAG_FQDN_OPTION ((uint8_t) 89) 205#define TAG_AUTH ((uint8_t) 90) 206#define TAG_CLIENT_LAST_TRANSACTION_TIME ((uint8_t) 91) 207#define TAG_ASSOCIATED_IP ((uint8_t) 92) 208#define TAG_CLIENT_ARCH ((uint8_t) 93) 209#define TAG_CLIENT_NDI ((uint8_t) 94) 210#define TAG_CLIENT_GUID ((uint8_t) 97) 211#define TAG_LDAP_URL ((uint8_t) 95) 212/* RFC 4833, TZ codes */ 213#define TAG_TZ_PCODE ((uint8_t) 100) 214#define TAG_TZ_TCODE ((uint8_t) 101) 215#define TAG_NETINFO_PARENT ((uint8_t) 112) 216#define TAG_NETINFO_PARENT_TAG ((uint8_t) 113) 217#define TAG_URL ((uint8_t) 114) 218#define TAG_MUDURL ((uint8_t) 161) 219 220/* DHCP Message types (values for TAG_DHCP_MESSAGE option) */ 221#define DHCPDISCOVER 1 222#define DHCPOFFER 2 223#define DHCPREQUEST 3 224#define DHCPDECLINE 4 225#define DHCPACK 5 226#define DHCPNAK 6 227#define DHCPRELEASE 7 228#define DHCPINFORM 8 229/* Defined in RFC4388 */ 230#define DHCPLEASEQUERY 10 231#define DHCPLEASEUNASSIGNED 11 232#define DHCPLEASEUNKNOWN 12 233#define DHCPLEASEACTIVE 13 234 235 236/* 237 * "vendor" data permitted for CMU bootp clients. 238 */ 239 240struct cmu_vend { 241 nd_byte v_magic[4]; /* magic number */ 242 nd_uint32_t v_flags; /* flags/opcodes, etc. */ 243 nd_ipv4 v_smask; /* Subnet mask */ 244 nd_ipv4 v_dgate; /* Default gateway */ 245 nd_ipv4 v_dns1, v_dns2; /* Domain name servers */ 246 nd_ipv4 v_ins1, v_ins2; /* IEN-116 name servers */ 247 nd_ipv4 v_ts1, v_ts2; /* Time servers */ 248 nd_byte v_unused[24]; /* currently unused */ 249}; 250 251 252/* v_flags values */ 253#define VF_SMASK 1 /* Subnet mask field contains valid data */ 254 255/* RFC 4702 DHCP Client FQDN Option */ 256 257#define CLIENT_FQDN_FLAGS_S 0x01 258#define CLIENT_FQDN_FLAGS_O 0x02 259#define CLIENT_FQDN_FLAGS_E 0x04 260#define CLIENT_FQDN_FLAGS_N 0x08 261/* end of original bootp.h */ 262 263static void rfc1048_print(netdissect_options *, const u_char *); 264static void cmu_print(netdissect_options *, const u_char *); 265static char *client_fqdn_flags(u_int flags); 266 267static const struct tok bootp_flag_values[] = { 268 { 0x8000, "Broadcast" }, 269 { 0, NULL} 270}; 271 272static const struct tok bootp_op_values[] = { 273 { BOOTPREQUEST, "Request" }, 274 { BOOTPREPLY, "Reply" }, 275 { 0, NULL} 276}; 277 278/* 279 * Print bootp requests 280 */ 281void 282bootp_print(netdissect_options *ndo, 283 const u_char *cp, u_int length) 284{ 285 const struct bootp *bp; 286 static const u_char vm_cmu[4] = VM_CMU; 287 static const u_char vm_rfc1048[4] = VM_RFC1048; 288 uint8_t bp_op, bp_htype, bp_hlen; 289 290 ndo->ndo_protocol = "bootp"; 291 bp = (const struct bootp *)cp; 292 bp_op = GET_U_1(bp->bp_op); 293 ND_PRINT("BOOTP/DHCP, %s", 294 tok2str(bootp_op_values, "unknown (0x%02x)", bp_op)); 295 296 bp_htype = GET_U_1(bp->bp_htype); 297 bp_hlen = GET_U_1(bp->bp_hlen); 298 if (bp_htype == 1 && bp_hlen == MAC_ADDR_LEN && bp_op == BOOTPREQUEST) { 299 ND_PRINT(" from %s", GET_ETHERADDR_STRING(bp->bp_chaddr)); 300 } 301 302 ND_PRINT(", length %u", length); 303 304 if (!ndo->ndo_vflag) 305 return; 306 307 ND_TCHECK_2(bp->bp_secs); 308 309 /* The usual hardware address type is 1 (10Mb Ethernet) */ 310 if (bp_htype != 1) 311 ND_PRINT(", htype %u", bp_htype); 312 313 /* The usual length for 10Mb Ethernet address is 6 bytes */ 314 if (bp_htype != 1 || bp_hlen != MAC_ADDR_LEN) 315 ND_PRINT(", hlen %u", bp_hlen); 316 317 /* Only print interesting fields */ 318 if (GET_U_1(bp->bp_hops)) 319 ND_PRINT(", hops %u", GET_U_1(bp->bp_hops)); 320 if (GET_BE_U_4(bp->bp_xid)) 321 ND_PRINT(", xid 0x%x", GET_BE_U_4(bp->bp_xid)); 322 if (GET_BE_U_2(bp->bp_secs)) 323 ND_PRINT(", secs %u", GET_BE_U_2(bp->bp_secs)); 324 325 ND_PRINT(", Flags [%s]", 326 bittok2str(bootp_flag_values, "none", GET_BE_U_2(bp->bp_flags))); 327 if (ndo->ndo_vflag > 1) 328 ND_PRINT(" (0x%04x)", GET_BE_U_2(bp->bp_flags)); 329 330 /* Client's ip address */ 331 if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_ciaddr)) 332 ND_PRINT("\n\t Client-IP %s", GET_IPADDR_STRING(bp->bp_ciaddr)); 333 334 /* 'your' ip address (bootp client) */ 335 if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_yiaddr)) 336 ND_PRINT("\n\t Your-IP %s", GET_IPADDR_STRING(bp->bp_yiaddr)); 337 338 /* Server's ip address */ 339 if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_siaddr)) 340 ND_PRINT("\n\t Server-IP %s", GET_IPADDR_STRING(bp->bp_siaddr)); 341 342 /* Gateway's ip address */ 343 if (GET_IPV4_TO_NETWORK_ORDER(bp->bp_giaddr)) 344 ND_PRINT("\n\t Gateway-IP %s", GET_IPADDR_STRING(bp->bp_giaddr)); 345 346 /* Client's Ethernet address */ 347 if (bp_htype == 1 && bp_hlen == MAC_ADDR_LEN) { 348 ND_PRINT("\n\t Client-Ethernet-Address %s", GET_ETHERADDR_STRING(bp->bp_chaddr)); 349 } 350 351 if (GET_U_1(bp->bp_sname)) { /* get first char only */ 352 ND_PRINT("\n\t sname \""); 353 if (nd_printztn(ndo, bp->bp_sname, (u_int)sizeof(bp->bp_sname), 354 ndo->ndo_snapend) == 0) { 355 ND_PRINT("\""); 356 nd_print_trunc(ndo); 357 return; 358 } 359 ND_PRINT("\""); 360 } 361 if (GET_U_1(bp->bp_file)) { /* get first char only */ 362 ND_PRINT("\n\t file \""); 363 if (nd_printztn(ndo, bp->bp_file, (u_int)sizeof(bp->bp_file), 364 ndo->ndo_snapend) == 0) { 365 ND_PRINT("\""); 366 nd_print_trunc(ndo); 367 return; 368 } 369 ND_PRINT("\""); 370 } 371 372 /* Decode the vendor buffer */ 373 ND_TCHECK_4(bp->bp_vend); 374 if (memcmp((const char *)bp->bp_vend, vm_rfc1048, 375 sizeof(uint32_t)) == 0) 376 rfc1048_print(ndo, bp->bp_vend); 377 else if (memcmp((const char *)bp->bp_vend, vm_cmu, 378 sizeof(uint32_t)) == 0) 379 cmu_print(ndo, bp->bp_vend); 380 else { 381 uint32_t ul; 382 383 ul = GET_BE_U_4(bp->bp_vend); 384 if (ul != 0) 385 ND_PRINT("\n\t Vendor-#0x%x", ul); 386 } 387 388 return; 389trunc: 390 nd_print_trunc(ndo); 391} 392 393/* 394 * The first character specifies the format to print: 395 * i - ip address (32 bits) 396 * p - ip address pairs (32 bits + 32 bits) 397 * l - long (32 bits) 398 * L - unsigned long (32 bits) 399 * s - short (16 bits) 400 * b - period-separated decimal bytes (variable length) 401 * x - colon-separated hex bytes (variable length) 402 * a - ASCII string (variable length) 403 * B - on/off (8 bits) 404 * $ - special (explicit code to handle) 405 */ 406static const struct tok tag2str[] = { 407/* RFC1048 tags */ 408 { TAG_PAD, " PAD" }, 409 { TAG_SUBNET_MASK, "iSubnet-Mask" }, /* subnet mask (RFC950) */ 410 { TAG_TIME_OFFSET, "LTime-Zone" }, /* seconds from UTC */ 411 { TAG_GATEWAY, "iDefault-Gateway" }, /* default gateway */ 412 { TAG_TIME_SERVER, "iTime-Server" }, /* time servers (RFC868) */ 413 { TAG_NAME_SERVER, "iIEN-Name-Server" }, /* IEN name servers (IEN116) */ 414 { TAG_DOMAIN_SERVER, "iDomain-Name-Server" }, /* domain name (RFC1035) */ 415 { TAG_LOG_SERVER, "iLOG" }, /* MIT log servers */ 416 { TAG_COOKIE_SERVER, "iCS" }, /* cookie servers (RFC865) */ 417 { TAG_LPR_SERVER, "iLPR-Server" }, /* lpr server (RFC1179) */ 418 { TAG_IMPRESS_SERVER, "iIM" }, /* impress servers (Imagen) */ 419 { TAG_RLP_SERVER, "iRL" }, /* resource location (RFC887) */ 420 { TAG_HOSTNAME, "aHostname" }, /* ASCII hostname */ 421 { TAG_BOOTSIZE, "sBS" }, /* 512 byte blocks */ 422 { TAG_END, " END" }, 423/* RFC1497 tags */ 424 { TAG_DUMPPATH, "aDP" }, 425 { TAG_DOMAINNAME, "aDomain-Name" }, 426 { TAG_SWAP_SERVER, "iSS" }, 427 { TAG_ROOTPATH, "aRP" }, 428 { TAG_EXTPATH, "aEP" }, 429/* RFC2132 tags */ 430 { TAG_IP_FORWARD, "BIPF" }, 431 { TAG_NL_SRCRT, "BSRT" }, 432 { TAG_PFILTERS, "pPF" }, 433 { TAG_REASS_SIZE, "sRSZ" }, 434 { TAG_DEF_TTL, "bTTL" }, 435 { TAG_MTU_TIMEOUT, "lMTU-Timeout" }, 436 { TAG_MTU_TABLE, "sMTU-Table" }, 437 { TAG_INT_MTU, "sMTU" }, 438 { TAG_LOCAL_SUBNETS, "BLSN" }, 439 { TAG_BROAD_ADDR, "iBR" }, 440 { TAG_DO_MASK_DISC, "BMD" }, 441 { TAG_SUPPLY_MASK, "BMS" }, 442 { TAG_DO_RDISC, "BRouter-Discovery" }, 443 { TAG_RTR_SOL_ADDR, "iRSA" }, 444 { TAG_STATIC_ROUTE, "pStatic-Route" }, 445 { TAG_USE_TRAILERS, "BUT" }, 446 { TAG_ARP_TIMEOUT, "lAT" }, 447 { TAG_ETH_ENCAP, "BIE" }, 448 { TAG_TCP_TTL, "bTT" }, 449 { TAG_TCP_KEEPALIVE, "lKI" }, 450 { TAG_KEEPALIVE_GO, "BKG" }, 451 { TAG_NIS_DOMAIN, "aYD" }, 452 { TAG_NIS_SERVERS, "iYS" }, 453 { TAG_NTP_SERVERS, "iNTP" }, 454 { TAG_VENDOR_OPTS, "bVendor-Option" }, 455 { TAG_NETBIOS_NS, "iNetbios-Name-Server" }, 456 { TAG_NETBIOS_DDS, "iWDD" }, 457 { TAG_NETBIOS_NODE, "$Netbios-Node" }, 458 { TAG_NETBIOS_SCOPE, "aNetbios-Scope" }, 459 { TAG_XWIN_FS, "iXFS" }, 460 { TAG_XWIN_DM, "iXDM" }, 461 { TAG_NIS_P_DOMAIN, "sN+D" }, 462 { TAG_NIS_P_SERVERS, "iN+S" }, 463 { TAG_MOBILE_HOME, "iMH" }, 464 { TAG_SMPT_SERVER, "iSMTP" }, 465 { TAG_POP3_SERVER, "iPOP3" }, 466 { TAG_NNTP_SERVER, "iNNTP" }, 467 { TAG_WWW_SERVER, "iWWW" }, 468 { TAG_FINGER_SERVER, "iFG" }, 469 { TAG_IRC_SERVER, "iIRC" }, 470 { TAG_STREETTALK_SRVR, "iSTS" }, 471 { TAG_STREETTALK_STDA, "iSTDA" }, 472 { TAG_REQUESTED_IP, "iRequested-IP" }, 473 { TAG_IP_LEASE, "lLease-Time" }, 474 { TAG_OPT_OVERLOAD, "$OO" }, 475 { TAG_TFTP_SERVER, "aTFTP" }, 476 { TAG_BOOTFILENAME, "aBF" }, 477 { TAG_DHCP_MESSAGE, " DHCP-Message" }, 478 { TAG_SERVER_ID, "iServer-ID" }, 479 { TAG_PARM_REQUEST, "bParameter-Request" }, 480 { TAG_MESSAGE, "aMSG" }, 481 { TAG_MAX_MSG_SIZE, "sMSZ" }, 482 { TAG_RENEWAL_TIME, "lRN" }, 483 { TAG_REBIND_TIME, "lRB" }, 484 { TAG_VENDOR_CLASS, "aVendor-Class" }, 485 { TAG_CLIENT_ID, "$Client-ID" }, 486/* RFC 2485 */ 487 { TAG_OPEN_GROUP_UAP, "aUAP" }, 488/* RFC 2563 */ 489 { TAG_DISABLE_AUTOCONF, "BNOAUTO" }, 490/* RFC 2610 */ 491 { TAG_SLP_DA, "bSLP-DA" }, /*"b" is a little wrong */ 492 { TAG_SLP_SCOPE, "bSLP-SCOPE" }, /*"b" is a little wrong */ 493/* RFC 2937 */ 494 { TAG_NS_SEARCH, "sNSSEARCH" }, /* XXX 's' */ 495/* RFC 3004 - The User Class Option for DHCP */ 496 { TAG_USER_CLASS, "$User-Class" }, 497/* RFC 3011 */ 498 { TAG_IP4_SUBNET_SELECT, "iSUBNET" }, 499/* RFC 3442 */ 500 { TAG_CLASSLESS_STATIC_RT, "$Classless-Static-Route" }, 501 { TAG_CLASSLESS_STA_RT_MS, "$Classless-Static-Route-Microsoft" }, 502/* RFC 5859 - TFTP Server Address Option for DHCPv4 */ 503 { TAG_TFTP_SERVER_ADDRESS, "iTFTP-Server-Address" }, 504/* https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml#options */ 505 { TAG_SLP_NAMING_AUTH, "aSLP-NA" }, 506 { TAG_CLIENT_FQDN, "$FQDN" }, 507 { TAG_AGENT_CIRCUIT, "$Agent-Information" }, 508 { TAG_AGENT_REMOTE, "bARMT" }, 509 { TAG_TZ_STRING, "aTZSTR" }, 510 { TAG_FQDN_OPTION, "bFQDNS" }, /* XXX 'b' */ 511 { TAG_AUTH, "bAUTH" }, /* XXX 'b' */ 512 { TAG_CLIENT_LAST_TRANSACTION_TIME, "LLast-Transaction-Time" }, 513 { TAG_ASSOCIATED_IP, "iAssociated-IP" }, 514 { TAG_CLIENT_ARCH, "sARCH" }, 515 { TAG_CLIENT_NDI, "bNDI" }, /* XXX 'b' */ 516 { TAG_CLIENT_GUID, "bGUID" }, /* XXX 'b' */ 517 { TAG_LDAP_URL, "aLDAP" }, 518 { TAG_TZ_PCODE, "aPOSIX-TZ" }, 519 { TAG_TZ_TCODE, "aTZ-Name" }, 520 { TAG_NETINFO_PARENT, "iNI" }, 521 { TAG_NETINFO_PARENT_TAG, "aNITAG" }, 522 { TAG_URL, "aURL" }, 523 { TAG_MUDURL, "aMUD-URL" }, 524 { 0, NULL } 525}; 526 527/* DHCP "options overload" types */ 528static const struct tok oo2str[] = { 529 { 1, "file" }, 530 { 2, "sname" }, 531 { 3, "file+sname" }, 532 { 0, NULL } 533}; 534 535/* NETBIOS over TCP/IP node type options */ 536static const struct tok nbo2str[] = { 537 { 0x1, "b-node" }, 538 { 0x2, "p-node" }, 539 { 0x4, "m-node" }, 540 { 0x8, "h-node" }, 541 { 0, NULL } 542}; 543 544/* ARP Hardware types, for Client-ID option */ 545static const struct tok arp2str[] = { 546 { 0x1, "ether" }, 547 { 0x6, "ieee802" }, 548 { 0x7, "arcnet" }, 549 { 0xf, "frelay" }, 550 { 0x17, "strip" }, 551 { 0x18, "ieee1394" }, 552 { 0, NULL } 553}; 554 555static const struct tok dhcp_msg_values[] = { 556 { DHCPDISCOVER, "Discover" }, 557 { DHCPOFFER, "Offer" }, 558 { DHCPREQUEST, "Request" }, 559 { DHCPDECLINE, "Decline" }, 560 { DHCPACK, "ACK" }, 561 { DHCPNAK, "NACK" }, 562 { DHCPRELEASE, "Release" }, 563 { DHCPINFORM, "Inform" }, 564 { DHCPLEASEQUERY, "LeaseQuery" }, 565 { DHCPLEASEUNASSIGNED, "LeaseUnassigned" }, 566 { DHCPLEASEUNKNOWN, "LeaseUnknown" }, 567 { DHCPLEASEACTIVE, "LeaseActive" }, 568 { 0, NULL } 569}; 570 571#define AGENT_SUBOPTION_CIRCUIT_ID 1 /* RFC 3046 */ 572#define AGENT_SUBOPTION_REMOTE_ID 2 /* RFC 3046 */ 573#define AGENT_SUBOPTION_SUBSCRIBER_ID 6 /* RFC 3993 */ 574static const struct tok agent_suboption_values[] = { 575 { AGENT_SUBOPTION_CIRCUIT_ID, "Circuit-ID" }, 576 { AGENT_SUBOPTION_REMOTE_ID, "Remote-ID" }, 577 { AGENT_SUBOPTION_SUBSCRIBER_ID, "Subscriber-ID" }, 578 { 0, NULL } 579}; 580 581 582static void 583rfc1048_print(netdissect_options *ndo, 584 const u_char *bp) 585{ 586 uint16_t tag; 587 u_int len; 588 const char *cp; 589 char c; 590 int first, idx; 591 uint8_t subopt, suboptlen; 592 593 ND_PRINT("\n\t Vendor-rfc1048 Extensions"); 594 595 /* Step over magic cookie */ 596 ND_PRINT("\n\t Magic Cookie 0x%08x", GET_BE_U_4(bp)); 597 bp += sizeof(int32_t); 598 599 /* Loop while we there is a tag left in the buffer */ 600 while (ND_TTEST_1(bp)) { 601 tag = GET_U_1(bp); 602 bp++; 603 if (tag == TAG_PAD && ndo->ndo_vflag < 3) 604 continue; 605 if (tag == TAG_END && ndo->ndo_vflag < 3) 606 return; 607 cp = tok2str(tag2str, "?Unknown", tag); 608 c = *cp++; 609 610 if (tag == TAG_PAD || tag == TAG_END) 611 len = 0; 612 else { 613 /* Get the length; check for truncation */ 614 len = GET_U_1(bp); 615 bp++; 616 } 617 618 ND_PRINT("\n\t %s (%u), length %u%s", cp, tag, len, 619 len > 0 ? ": " : ""); 620 621 if (tag == TAG_PAD && ndo->ndo_vflag > 2) { 622 u_int ntag = 1; 623 while (ND_TTEST_1(bp) && 624 GET_U_1(bp) == TAG_PAD) { 625 bp++; 626 ntag++; 627 } 628 if (ntag > 1) 629 ND_PRINT(", occurs %u", ntag); 630 } 631 632 ND_TCHECK_LEN(bp, len); 633 634 if (tag == TAG_DHCP_MESSAGE && len == 1) { 635 ND_PRINT("%s", 636 tok2str(dhcp_msg_values, "Unknown (%u)", GET_U_1(bp))); 637 bp++; 638 continue; 639 } 640 641 if (tag == TAG_PARM_REQUEST) { 642 idx = 0; 643 while (len > 0) { 644 uint8_t innertag = GET_U_1(bp); 645 bp++; 646 len--; 647 cp = tok2str(tag2str, "?Unknown", innertag); 648 if (idx % 4 == 0) 649 ND_PRINT("\n\t "); 650 else 651 ND_PRINT(", "); 652 ND_PRINT("%s (%u)", cp + 1, innertag); 653 idx++; 654 } 655 continue; 656 } 657 658 /* Print data */ 659 if (c == '?') { 660 /* Base default formats for unknown tags on data size */ 661 if (len & 1) 662 c = 'b'; 663 else if (len & 2) 664 c = 's'; 665 else 666 c = 'l'; 667 } 668 first = 1; 669 switch (c) { 670 671 case 'a': 672 /* ASCII strings */ 673 ND_PRINT("\""); 674 if (nd_printn(ndo, bp, len, ndo->ndo_snapend)) { 675 ND_PRINT("\""); 676 goto trunc; 677 } 678 ND_PRINT("\""); 679 bp += len; 680 len = 0; 681 break; 682 683 case 'i': 684 case 'l': 685 case 'L': 686 /* ip addresses/32-bit words */ 687 while (len >= 4) { 688 if (!first) 689 ND_PRINT(","); 690 if (c == 'i') 691 ND_PRINT("%s", GET_IPADDR_STRING(bp)); 692 else if (c == 'L') 693 ND_PRINT("%d", GET_BE_S_4(bp)); 694 else 695 ND_PRINT("%u", GET_BE_U_4(bp)); 696 bp += 4; 697 len -= 4; 698 first = 0; 699 } 700 break; 701 702 case 'p': 703 /* IP address pairs */ 704 while (len >= 2*4) { 705 if (!first) 706 ND_PRINT(","); 707 ND_PRINT("(%s:", GET_IPADDR_STRING(bp)); 708 bp += 4; 709 len -= 4; 710 ND_PRINT("%s)", GET_IPADDR_STRING(bp)); 711 bp += 4; 712 len -= 4; 713 first = 0; 714 } 715 break; 716 717 case 's': 718 /* shorts */ 719 while (len >= 2) { 720 if (!first) 721 ND_PRINT(","); 722 ND_PRINT("%u", GET_BE_U_2(bp)); 723 bp += 2; 724 len -= 2; 725 first = 0; 726 } 727 break; 728 729 case 'B': 730 /* boolean */ 731 while (len > 0) { 732 uint8_t bool_value; 733 if (!first) 734 ND_PRINT(","); 735 bool_value = GET_U_1(bp); 736 switch (bool_value) { 737 case 0: 738 ND_PRINT("N"); 739 break; 740 case 1: 741 ND_PRINT("Y"); 742 break; 743 default: 744 ND_PRINT("%u?", bool_value); 745 break; 746 } 747 ++bp; 748 --len; 749 first = 0; 750 } 751 break; 752 753 case 'b': 754 case 'x': 755 default: 756 /* Bytes */ 757 while (len > 0) { 758 uint8_t byte_value; 759 if (!first) 760 ND_PRINT(c == 'x' ? ":" : "."); 761 byte_value = GET_U_1(bp); 762 if (c == 'x') 763 ND_PRINT("%02x", byte_value); 764 else 765 ND_PRINT("%u", byte_value); 766 ++bp; 767 --len; 768 first = 0; 769 } 770 break; 771 772 case '$': 773 /* Guys we can't handle with one of the usual cases */ 774 switch (tag) { 775 776 case TAG_NETBIOS_NODE: 777 /* this option should be at least 1 byte long */ 778 if (len < 1) { 779 ND_PRINT("[ERROR: length < 1 bytes]"); 780 break; 781 } 782 tag = GET_U_1(bp); 783 ++bp; 784 --len; 785 ND_PRINT("%s", tok2str(nbo2str, NULL, tag)); 786 break; 787 788 case TAG_OPT_OVERLOAD: 789 /* this option should be at least 1 byte long */ 790 if (len < 1) { 791 ND_PRINT("[ERROR: length < 1 bytes]"); 792 break; 793 } 794 tag = GET_U_1(bp); 795 ++bp; 796 --len; 797 ND_PRINT("%s", tok2str(oo2str, NULL, tag)); 798 break; 799 800 case TAG_CLIENT_FQDN: 801 /* this option should be at least 3 bytes long */ 802 if (len < 3) { 803 ND_PRINT("[ERROR: length < 3 bytes]"); 804 bp += len; 805 len = 0; 806 break; 807 } 808 if (GET_U_1(bp) & 0xf0) { 809 ND_PRINT("[ERROR: MBZ nibble 0x%x != 0] ", 810 (GET_U_1(bp) & 0xf0) >> 4); 811 } 812 if (GET_U_1(bp) & 0x0f) 813 ND_PRINT("[%s] ", 814 client_fqdn_flags(GET_U_1(bp))); 815 bp++; 816 if (GET_U_1(bp) || GET_U_1(bp + 1)) 817 ND_PRINT("%u/%u ", GET_U_1(bp), 818 GET_U_1(bp + 1)); 819 bp += 2; 820 ND_PRINT("\""); 821 if (nd_printn(ndo, bp, len - 3, ndo->ndo_snapend)) { 822 ND_PRINT("\""); 823 goto trunc; 824 } 825 ND_PRINT("\""); 826 bp += len - 3; 827 len = 0; 828 break; 829 830 case TAG_CLIENT_ID: 831 { 832 int type; 833 834 /* this option should be at least 1 byte long */ 835 if (len < 1) { 836 ND_PRINT("[ERROR: length < 1 bytes]"); 837 break; 838 } 839 type = GET_U_1(bp); 840 bp++; 841 len--; 842 if (type == 0) { 843 ND_PRINT("\""); 844 if (nd_printn(ndo, bp, len, ndo->ndo_snapend)) { 845 ND_PRINT("\""); 846 goto trunc; 847 } 848 ND_PRINT("\""); 849 bp += len; 850 len = 0; 851 break; 852 } else { 853 ND_PRINT("%s ", tok2str(arp2str, "hardware-type %u,", type)); 854 while (len > 0) { 855 if (!first) 856 ND_PRINT(":"); 857 ND_PRINT("%02x", GET_U_1(bp)); 858 ++bp; 859 --len; 860 first = 0; 861 } 862 } 863 break; 864 } 865 866 case TAG_AGENT_CIRCUIT: 867 while (len >= 2) { 868 subopt = GET_U_1(bp); 869 suboptlen = GET_U_1(bp + 1); 870 bp += 2; 871 len -= 2; 872 if (suboptlen > len) { 873 ND_PRINT("\n\t %s SubOption %u, length %u: length goes past end of option", 874 tok2str(agent_suboption_values, "Unknown", subopt), 875 subopt, 876 suboptlen); 877 bp += len; 878 len = 0; 879 break; 880 } 881 ND_PRINT("\n\t %s SubOption %u, length %u: ", 882 tok2str(agent_suboption_values, "Unknown", subopt), 883 subopt, 884 suboptlen); 885 switch (subopt) { 886 887 case AGENT_SUBOPTION_CIRCUIT_ID: /* fall through */ 888 case AGENT_SUBOPTION_REMOTE_ID: 889 case AGENT_SUBOPTION_SUBSCRIBER_ID: 890 if (nd_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) 891 goto trunc; 892 break; 893 894 default: 895 print_unknown_data(ndo, bp, "\n\t\t", suboptlen); 896 } 897 898 len -= suboptlen; 899 bp += suboptlen; 900 } 901 break; 902 903 case TAG_CLASSLESS_STATIC_RT: 904 case TAG_CLASSLESS_STA_RT_MS: 905 { 906 u_int mask_width, significant_octets, i; 907 908 /* this option should be at least 5 bytes long */ 909 if (len < 5) { 910 ND_PRINT("[ERROR: length < 5 bytes]"); 911 bp += len; 912 len = 0; 913 break; 914 } 915 while (len > 0) { 916 if (!first) 917 ND_PRINT(","); 918 mask_width = GET_U_1(bp); 919 bp++; 920 len--; 921 /* mask_width <= 32 */ 922 if (mask_width > 32) { 923 ND_PRINT("[ERROR: Mask width (%u) > 32]", mask_width); 924 bp += len; 925 len = 0; 926 break; 927 } 928 significant_octets = (mask_width + 7) / 8; 929 /* significant octets + router(4) */ 930 if (len < significant_octets + 4) { 931 ND_PRINT("[ERROR: Remaining length (%u) < %u bytes]", len, significant_octets + 4); 932 bp += len; 933 len = 0; 934 break; 935 } 936 ND_PRINT("("); 937 if (mask_width == 0) 938 ND_PRINT("default"); 939 else { 940 for (i = 0; i < significant_octets ; i++) { 941 if (i > 0) 942 ND_PRINT("."); 943 ND_PRINT("%u", 944 GET_U_1(bp)); 945 bp++; 946 } 947 for (i = significant_octets ; i < 4 ; i++) 948 ND_PRINT(".0"); 949 ND_PRINT("/%u", mask_width); 950 } 951 ND_PRINT(":%s)", GET_IPADDR_STRING(bp)); 952 bp += 4; 953 len -= (significant_octets + 4); 954 first = 0; 955 } 956 break; 957 } 958 959 case TAG_USER_CLASS: 960 { 961 u_int suboptnumber = 1; 962 963 first = 1; 964 if (len < 2) { 965 ND_PRINT("[ERROR: length < 2 bytes]"); 966 bp += len; 967 len = 0; 968 break; 969 } 970 while (len > 0) { 971 suboptlen = GET_U_1(bp); 972 bp++; 973 len--; 974 ND_PRINT("\n\t "); 975 ND_PRINT("instance#%u: ", suboptnumber); 976 if (suboptlen == 0) { 977 ND_PRINT("[ERROR: suboption length must be non-zero]"); 978 bp += len; 979 len = 0; 980 break; 981 } 982 if (len < suboptlen) { 983 ND_PRINT("[ERROR: invalid option]"); 984 bp += len; 985 len = 0; 986 break; 987 } 988 ND_PRINT("\""); 989 if (nd_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) { 990 ND_PRINT("\""); 991 goto trunc; 992 } 993 ND_PRINT("\""); 994 ND_PRINT(", length %u", suboptlen); 995 suboptnumber++; 996 len -= suboptlen; 997 bp += suboptlen; 998 } 999 break; 1000 } 1001 1002 default: 1003 ND_PRINT("[unknown special tag %u, size %u]", 1004 tag, len); 1005 bp += len; 1006 len = 0; 1007 break; 1008 } 1009 break; 1010 } 1011 /* Data left over? */ 1012 if (len) { 1013 ND_PRINT("\n\t trailing data length %u", len); 1014 bp += len; 1015 } 1016 } 1017 return; 1018trunc: 1019 nd_print_trunc(ndo); 1020} 1021 1022#define PRINTCMUADDR(m, s) { ND_TCHECK_4(cmu->m); \ 1023 if (GET_IPV4_TO_NETWORK_ORDER(cmu->m) != 0) \ 1024 ND_PRINT(" %s:%s", s, GET_IPADDR_STRING(cmu->m)); } 1025 1026static void 1027cmu_print(netdissect_options *ndo, 1028 const u_char *bp) 1029{ 1030 const struct cmu_vend *cmu; 1031 uint8_t v_flags; 1032 1033 ND_PRINT(" vend-cmu"); 1034 cmu = (const struct cmu_vend *)bp; 1035 1036 /* Only print if there are unknown bits */ 1037 ND_TCHECK_4(cmu->v_flags); 1038 v_flags = GET_U_1(cmu->v_flags); 1039 if ((v_flags & ~(VF_SMASK)) != 0) 1040 ND_PRINT(" F:0x%x", v_flags); 1041 PRINTCMUADDR(v_dgate, "DG"); 1042 PRINTCMUADDR(v_smask, v_flags & VF_SMASK ? "SM" : "SM*"); 1043 PRINTCMUADDR(v_dns1, "NS1"); 1044 PRINTCMUADDR(v_dns2, "NS2"); 1045 PRINTCMUADDR(v_ins1, "IEN1"); 1046 PRINTCMUADDR(v_ins2, "IEN2"); 1047 PRINTCMUADDR(v_ts1, "TS1"); 1048 PRINTCMUADDR(v_ts2, "TS2"); 1049 return; 1050 1051trunc: 1052 nd_print_trunc(ndo); 1053} 1054 1055#undef PRINTCMUADDR 1056 1057static char * 1058client_fqdn_flags(u_int flags) 1059{ 1060 static char buf[8+1]; 1061 int i = 0; 1062 1063 if (flags & CLIENT_FQDN_FLAGS_S) 1064 buf[i++] = 'S'; 1065 if (flags & CLIENT_FQDN_FLAGS_O) 1066 buf[i++] = 'O'; 1067 if (flags & CLIENT_FQDN_FLAGS_E) 1068 buf[i++] = 'E'; 1069 if (flags & CLIENT_FQDN_FLAGS_N) 1070 buf[i++] = 'N'; 1071 buf[i] = '\0'; 1072 1073 return buf; 1074} 1075