From e19c28f1db826244140d75296023d58b91bc4a02 Mon Sep 17 00:00:00 2001 From: David Gwynne Date: Fri, 6 Jul 2018 05:47:23 +0000 Subject: Rework UDP parsing, particularly around IP addresses. This originally started as trying to put a consistent space between the UDP header information and the payload parsing, but while doing that I noticed inconsistent IPv4 vs IPv6 handling. Apart from the default "srcip.srcport > dstip.dstpor" output, all the other places that IP addresses were printed assumed IPv4. It looks like it is possible that udp_print() can be called without an IP header, which made these blind IPv4 prints turn into NULL derefs. This fixes the problem above by only having a single place that prints the addresses out, and makes sure to get the difference between IPv4, IPv6 and no IP correct. This changes how the checksum is calculated. It incrementally builds the UDP checksum by feeding the IPv4 and v6 addresses in separately, then using common code for the rest of the pseudo header and actual payload. Lastly, this does make printing the space between the UDP header and its payload consistent. The UDP code is now responsible for adding a space after itself so the payload parsers don't have to. They got it wrong in some cases anyway, so this should be a lot more uniform. help and ok sthen@ --- usr.sbin/tcpdump/interface.h | 8 +- usr.sbin/tcpdump/print-bootp.c | 8 +- usr.sbin/tcpdump/print-cnfp.c | 6 +- usr.sbin/tcpdump/print-domain.c | 8 +- usr.sbin/tcpdump/print-gtp.c | 10 +- usr.sbin/tcpdump/print-iapp.c | 6 +- usr.sbin/tcpdump/print-ike.c | 6 +- usr.sbin/tcpdump/print-ipsec.c | 24 +-- usr.sbin/tcpdump/print-krb.c | 8 +- usr.sbin/tcpdump/print-l2tp.c | 8 +- usr.sbin/tcpdump/print-lwres.c | 2 +- usr.sbin/tcpdump/print-ntp.c | 4 +- usr.sbin/tcpdump/print-radius.c | 10 +- usr.sbin/tcpdump/print-rip.c | 22 +-- usr.sbin/tcpdump/print-ripng.c | 14 +- usr.sbin/tcpdump/print-snmp.c | 4 +- usr.sbin/tcpdump/print-tftp.c | 4 +- usr.sbin/tcpdump/print-udp.c | 306 +++++++++++++------------------------- usr.sbin/tcpdump/print-udpencap.c | 14 +- usr.sbin/tcpdump/print-vqp.c | 4 +- usr.sbin/tcpdump/print-wb.c | 18 +-- 21 files changed, 186 insertions(+), 308 deletions(-) (limited to 'usr.sbin/tcpdump') diff --git a/usr.sbin/tcpdump/interface.h b/usr.sbin/tcpdump/interface.h index cce81a08f2a..bfa8e80d442 100644 --- a/usr.sbin/tcpdump/interface.h +++ b/usr.sbin/tcpdump/interface.h @@ -1,4 +1,4 @@ -/* $OpenBSD: interface.h,v 1.73 2018/07/06 04:49:21 dlg Exp $ */ +/* $OpenBSD: interface.h,v 1.74 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 @@ -20,7 +20,7 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * @(#) $Id: interface.h,v 1.73 2018/07/06 04:49:21 dlg Exp $ (LBL) + * @(#) $Id: interface.h,v 1.74 2018/07/06 05:47:22 dlg Exp $ (LBL) */ #ifndef tcpdump_interface_h @@ -255,11 +255,11 @@ extern void sl_bsdos_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void snmp_print(const u_char *, u_int); extern void sunrpcrequest_print(const u_char *, u_int, const u_char *); -extern void cnfp_print(const u_char *, u_int, const u_char *); +extern void cnfp_print(const u_char *, u_int); extern void tcp_print(const u_char *, u_int, const u_char *); extern void tftp_print(const u_char *, u_int); extern void timed_print(const u_char *, u_int); -extern void udp_print(const u_char *, u_int, const u_char *); +extern void udp_print(const u_char *, u_int, const void *); extern void wb_print(const void *, u_int); extern void ike_print(const u_char *, u_int); extern void udpencap_print(const u_char *, u_int, const u_char *); diff --git a/usr.sbin/tcpdump/print-bootp.c b/usr.sbin/tcpdump/print-bootp.c index b9083597cb5..47d947a3d04 100644 --- a/usr.sbin/tcpdump/print-bootp.c +++ b/usr.sbin/tcpdump/print-bootp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-bootp.c,v 1.22 2015/12/22 21:01:07 mmcc Exp $ */ +/* $OpenBSD: print-bootp.c,v 1.23 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 @@ -63,17 +63,17 @@ bootp_print(const u_char *cp, u_int length, case BOOTREQUEST: /* Usually, a request goes from a client to a server */ if (sport != IPPORT_BOOTPC || dport != IPPORT_BOOTPS) - printf(" (request)"); + printf("(request)"); break; case BOOTREPLY: /* Usually, a reply goes from a server to a client */ if (sport != IPPORT_BOOTPS || dport != IPPORT_BOOTPC) - printf(" (reply)"); + printf("(reply)"); break; default: - printf(" bootp-#%d", bp->bp_op); + printf("bootp-#%d", bp->bp_op); } TCHECK(bp->bp_flags); diff --git a/usr.sbin/tcpdump/print-cnfp.c b/usr.sbin/tcpdump/print-cnfp.c index d343a18b739..b779f62a015 100644 --- a/usr.sbin/tcpdump/print-cnfp.c +++ b/usr.sbin/tcpdump/print-cnfp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-cnfp.c,v 1.9 2015/11/15 20:35:36 mmcc Exp $ */ +/* $OpenBSD: print-cnfp.c,v 1.10 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1998 Michael Shalayeff @@ -68,15 +68,13 @@ struct nfrec { }; void -cnfp_print(const u_char *cp, u_int len, const u_char *bp) +cnfp_print(const u_char *cp, u_int len) { const struct nfhdr *nh; const struct nfrec *nr; - const struct ip *ip; int nrecs, ver, proto; time_t t; - ip = (struct ip *)bp; nh = (struct nfhdr *)cp; if ((u_char *)(nh + 1) > snapend) diff --git a/usr.sbin/tcpdump/print-domain.c b/usr.sbin/tcpdump/print-domain.c index cf1f43bc118..b7d39f5e947 100644 --- a/usr.sbin/tcpdump/print-domain.c +++ b/usr.sbin/tcpdump/print-domain.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-domain.c,v 1.24 2017/02/27 11:44:23 jca Exp $ */ +/* $OpenBSD: print-domain.c,v 1.25 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 @@ -589,7 +589,7 @@ ns_print(const u_char *bp, u_int length, int is_mdns) if (DNS_QR(np)) { /* this is a response */ - printf(" %d%s%s%s%s%s%s", + printf("%d%s%s%s%s%s%s", EXTRACT_16BITS(&np->id), ns_ops[DNS_OPCODE(np)], ns_resp[DNS_RCODE(np)], @@ -657,7 +657,7 @@ ns_print(const u_char *bp, u_int length, int is_mdns) } else { /* this is a request */ - printf(" %d%s%s%s", EXTRACT_16BITS(&np->id), ns_ops[DNS_OPCODE(np)], + printf("%d%s%s%s", EXTRACT_16BITS(&np->id), ns_ops[DNS_OPCODE(np)], DNS_RD(np) ? "+" : "", DNS_CD(np) ? "%" : ""); @@ -739,7 +739,7 @@ ns_print(const u_char *bp, u_int length, int is_mdns) goto trunc; } } - printf(" (%d)", length); + printf("(%d)", length); return; trunc: diff --git a/usr.sbin/tcpdump/print-gtp.c b/usr.sbin/tcpdump/print-gtp.c index a18f679608e..3f6f6b90fa8 100644 --- a/usr.sbin/tcpdump/print-gtp.c +++ b/usr.sbin/tcpdump/print-gtp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-gtp.c,v 1.9 2015/12/22 21:01:07 mmcc Exp $ */ +/* $OpenBSD: print-gtp.c,v 1.10 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 2009, 2010 Joel Sing * @@ -304,12 +304,12 @@ gtp_print(const u_char *cp, u_int length, u_short sport, u_short dport) else if (version == GTP_VERSION_1) gtp_v1_print(cp, length, sport, dport); else - printf(" GTP (version %i)", version); + printf("GTP (version %i)", version); return; trunc: - printf(" [|GTP]"); + printf("[|GTP]"); } /* @@ -502,7 +502,7 @@ gtp_v0_print(const u_char *cp, u_int length, u_short sport, u_short dport) cp += sizeof(struct gtp_v0_hdr); len = ntohs(gh->length); bcopy(&gh->tid, &tid, sizeof(tid)); - printf(" GTPv0 (len %u, seqno %u, flow %u, N-PDU %u, tid 0x%llx) ", + printf("GTPv0 (len %u, seqno %u, flow %u, N-PDU %u, tid 0x%llx) ", ntohs(gh->length), ntohs(gh->seqno), ntohs(gh->flow), ntohs(gh->npduno), betoh64(tid)); @@ -549,7 +549,7 @@ gtp_v0_print_prime(const u_char *cp) cp += sizeof(*gph); len = ntohs(gph->length); - printf(" GTPv0' (len %u, seq %u) ", len, ntohs(gph->seqno)); + printf("GTPv0' (len %u, seq %u) ", len, ntohs(gph->seqno)); /* Decode GTP message. */ printf("%s", tok2str(gtp_v0_msgtype, "Message Type %u", gph->msgtype)); diff --git a/usr.sbin/tcpdump/print-iapp.c b/usr.sbin/tcpdump/print-iapp.c index 614a917c4ce..64356a97b4c 100644 --- a/usr.sbin/tcpdump/print-iapp.c +++ b/usr.sbin/tcpdump/print-iapp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-iapp.c,v 1.5 2015/01/16 06:40:21 deraadt Exp $ */ +/* $OpenBSD: print-iapp.c,v 1.6 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 2005 Reyk Floeter @@ -52,7 +52,7 @@ iapp_print(const u_char *p, u_int len) TCHECK2(*wf, sizeof(struct ieee80211_iapp_frame)); /* Print common IAPP information */ - printf(" IAPPv%u ", wf->i_version); + printf("IAPPv%u ", wf->i_version); if (wf->i_command & 0xf0) printf("unknown: 0x%0x ", wf->i_command); else @@ -100,6 +100,6 @@ iapp_print(const u_char *p, u_int len) return; trunc: - printf(" [|IAPP]"); + printf("[|IAPP]"); } diff --git a/usr.sbin/tcpdump/print-ike.c b/usr.sbin/tcpdump/print-ike.c index 94175355906..068943b3d06 100644 --- a/usr.sbin/tcpdump/print-ike.c +++ b/usr.sbin/tcpdump/print-ike.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-ike.c,v 1.37 2015/01/16 06:40:21 deraadt Exp $ */ +/* $OpenBSD: print-ike.c,v 1.38 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999 @@ -203,9 +203,7 @@ ike_print (const u_int8_t *cp, u_int length) /* 'ep' points to the end of avaible data. */ ep = snapend; - printf(" isakmp"); - - printf(" v%d.%d", ih->version >> 4, ih->version & 0xf); + printf("isakmp v%u.%u", ih->version >> 4, ih->version & 0xf); printf(" exchange "); if (ih->exgtype < (sizeof exgtypes/sizeof exgtypes[0])) diff --git a/usr.sbin/tcpdump/print-ipsec.c b/usr.sbin/tcpdump/print-ipsec.c index 32b9d177393..733ecdb75cc 100644 --- a/usr.sbin/tcpdump/print-ipsec.c +++ b/usr.sbin/tcpdump/print-ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-ipsec.c,v 1.23 2015/11/16 00:16:39 mmcc Exp $ */ +/* $OpenBSD: print-ipsec.c,v 1.24 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999 @@ -201,33 +201,15 @@ esp_decrypt (const u_char *bp, u_int len, const u_char *bp2) void esp_print (const u_char *bp, u_int len, const u_char *bp2) { - const struct ip *ip; const struct esp_hdr *esp; - u_int plen = len; -#ifdef INET6 - const struct ip6_hdr *ip6; -#endif - - ip = (const struct ip *)bp2; -#ifdef INET6 - if (ip->ip_v == 6) { - ip6 = (const struct ip6_hdr *)bp2; - printf("esp %s > %s", ip6addr_string(&ip6->ip6_src), - ip6addr_string(&ip6->ip6_dst)); - } else -#endif - { - printf("esp %s > %s", - ipaddr_string(&ip->ip_src), ipaddr_string(&ip->ip_dst)); - } - if (plen < sizeof(struct esp_hdr)) { + if (len < sizeof(struct esp_hdr)) { printf("[|esp]"); return; } esp = (const struct esp_hdr *)bp; - printf(" spi 0x%08x seq %u len %d", + printf("esp spi 0x%08x seq %u len %d", ntohl(esp->esp_spi), ntohl(esp->esp_seq), len); if (espinit) diff --git a/usr.sbin/tcpdump/print-krb.c b/usr.sbin/tcpdump/print-krb.c index c0e664df905..477814e04b4 100644 --- a/usr.sbin/tcpdump/print-krb.c +++ b/usr.sbin/tcpdump/print-krb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-krb.c,v 1.11 2015/11/16 00:16:39 mmcc Exp $ */ +/* $OpenBSD: print-krb.c,v 1.12 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1995, 1996, 1997 @@ -271,17 +271,17 @@ krb_print(const u_char *dat, u_int length) case 1: case 2: case 3: - printf(" v%d", kp->pvno); + printf("v%d", kp->pvno); break; case 4: - printf(" v%d", kp->pvno); + printf("v%d", kp->pvno); krb4_print((const u_char *)kp); break; case 106: case 107: - fputs(" v5", stdout); + fputs("v5", stdout); /* Decode ASN.1 here "someday" */ break; } diff --git a/usr.sbin/tcpdump/print-l2tp.c b/usr.sbin/tcpdump/print-l2tp.c index 98e04ea652b..67209ebefe1 100644 --- a/usr.sbin/tcpdump/print-l2tp.c +++ b/usr.sbin/tcpdump/print-l2tp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-l2tp.c,v 1.9 2015/12/05 05:56:26 mmcc Exp $ */ +/* $OpenBSD: print-l2tp.c,v 1.10 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1991, 1993, 1994, 1995, 1996, 1997 @@ -632,12 +632,12 @@ l2tp_print(const u_char *dat, u_int length) TCHECK2(*dat, sizeof(val)); memcpy(&val, dat, sizeof(val)); if ((ntohs(val) & L2TP_VERSION_MASK) == L2TP_VERSION_L2TP) { - printf(" l2tp:"); + printf("l2tp:"); } else if ((ntohs(val) & L2TP_VERSION_MASK) == L2TP_VERSION_L2F) { - printf(" l2f:"); + printf("l2f:"); return; /* nothing to do */ } else { - printf(" Unknown Version, neither L2F(1) nor L2TP(2)"); + printf("Unknown Version, neither L2F(1) nor L2TP(2)"); return; /* nothing we can do */ } diff --git a/usr.sbin/tcpdump/print-lwres.c b/usr.sbin/tcpdump/print-lwres.c index 4405c3612f6..685012f96a6 100644 --- a/usr.sbin/tcpdump/print-lwres.c +++ b/usr.sbin/tcpdump/print-lwres.c @@ -354,7 +354,7 @@ lwres_print(const u_char *bp, u_int length) np = (const struct lwres_lwpacket *)bp; TCHECK(np->authlength); - printf(" lwres"); + printf("lwres"); v = ntohs(np->version); if (vflag || v != LWRES_LWPACKETVERSION_0) printf(" v%u", v); diff --git a/usr.sbin/tcpdump/print-ntp.c b/usr.sbin/tcpdump/print-ntp.c index 7a75c82de83..f45f1a64ce3 100644 --- a/usr.sbin/tcpdump/print-ntp.c +++ b/usr.sbin/tcpdump/print-ntp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-ntp.c,v 1.17 2015/11/16 00:16:39 mmcc Exp $ */ +/* $OpenBSD: print-ntp.c,v 1.18 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 @@ -67,7 +67,7 @@ ntp_print(const u_char *cp, u_int length) TCHECK(bp->status); version = (int)(bp->status & VERSIONMASK) >> 3; - printf(" v%d", version); + printf("v%d", version); leapind = bp->status & LEAPMASK; switch (leapind) { diff --git a/usr.sbin/tcpdump/print-radius.c b/usr.sbin/tcpdump/print-radius.c index ba6d65f058b..a89bae3702b 100644 --- a/usr.sbin/tcpdump/print-radius.c +++ b/usr.sbin/tcpdump/print-radius.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-radius.c,v 1.11 2015/11/16 00:16:39 mmcc Exp $ */ +/* $OpenBSD: print-radius.c,v 1.12 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1997 Thomas H. Ptacek. All rights reserved. @@ -241,7 +241,7 @@ void radius_print(const u_char *data, u_int len) { int first, l, ac, al; if(len < sizeof(struct radius_header)) { - fputs(" [|radius]", stdout); + fputs("[|radius]", stdout); return; } @@ -249,15 +249,15 @@ void radius_print(const u_char *data, u_int len) { if(rhp->code > DEFINED_OPCODES || rhp->code < 1) - fprintf(stdout, " Code:%d id:%x [%d]", + fprintf(stdout, "Code:%d id:%x [%d]", rhp->code, rhp->id, ntohs(rhp->len)); else - fprintf(stdout, " %s id:%x [%d]", + fprintf(stdout, "%s id:%x [%d]", radius_codes[rhp->code].name, rhp->id, ntohs(rhp->len)); if(ntohs(rhp->len) > len) { - fputs(" [|radius]", stdout); + fputs("[|radius]", stdout); return; } diff --git a/usr.sbin/tcpdump/print-rip.c b/usr.sbin/tcpdump/print-rip.c index 44e9301296f..4b77c14ecb8 100644 --- a/usr.sbin/tcpdump/print-rip.c +++ b/usr.sbin/tcpdump/print-rip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-rip.c,v 1.16 2015/11/16 00:16:39 mmcc Exp $ */ +/* $OpenBSD: print-rip.c,v 1.17 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1989, 1990, 1991, 1993, 1994, 1996 @@ -159,7 +159,7 @@ rip_print(const u_char *dat, u_int length) i = min(length, snapend - dat) - sizeof(*rp); if (i < 0) { - printf(" [|rip]"); + printf("[|rip]"); return; } @@ -167,21 +167,21 @@ rip_print(const u_char *dat, u_int length) switch (rp->rip_vers) { case 0: /* RFC 1058 */ - printf(" RIPv0: "); + printf("RIPv0: "); rip_printblk((u_char *)(rp + 1), snapend); break; default: switch (rp->rip_cmd) { case RIPCMD_REQUEST: - printf(" RIPv%d-req %d", rp->rip_vers, length); + printf("RIPv%d-req %d", rp->rip_vers, length); break; case RIPCMD_RESPONSE: j = length / sizeof(*ni); if (j * sizeof(*ni) != length - 4) - printf(" RIPv%d-resp [items %d] [%d]:", + printf("RIPv%d-resp [items %d] [%d]:", rp->rip_vers, j, length); else - printf(" RIPv%d-resp [items %d]:", + printf("RIPv%d-resp [items %d]:", rp->rip_vers, j); trunc = (i / sizeof(*ni)) != j; ni = (struct rip_netinfo *)(rp + 1); @@ -195,21 +195,21 @@ rip_print(const u_char *dat, u_int length) printf("[|rip]"); break; case RIPCMD_TRACEON: - printf(" RIPv%d-traceon %d: \"", rp->rip_vers, length); + printf("RIPv%d-traceon %d: \"", rp->rip_vers, length); (void)fn_print((const u_char *)(rp + 1), snapend); fputs("\"", stdout); break; case RIPCMD_TRACEOFF: - printf(" RIPv%d-traceoff %d", rp->rip_vers, length); + printf("RIPv%d-traceoff %d", rp->rip_vers, length); break; case RIPCMD_POLL: - printf(" RIPv%d-poll %d", rp->rip_vers, length); + printf("RIPv%d-poll %d", rp->rip_vers, length); break; case RIPCMD_POLLENTRY: - printf(" RIPv%d-pollentry %d", rp->rip_vers, length); + printf("RIPv%d-pollentry %d", rp->rip_vers, length); break; default: - printf(" RIPv%d-#%d %d", rp->rip_vers, rp->rip_cmd, + printf("RIPv%d-#%d %d", rp->rip_vers, rp->rip_cmd, length); break; } diff --git a/usr.sbin/tcpdump/print-ripng.c b/usr.sbin/tcpdump/print-ripng.c index 78987943888..9d16bf00508 100644 --- a/usr.sbin/tcpdump/print-ripng.c +++ b/usr.sbin/tcpdump/print-ripng.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-ripng.c,v 1.5 2015/11/16 00:16:39 mmcc Exp $ */ +/* $OpenBSD: print-ripng.c,v 1.6 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1989, 1990, 1991, 1993, 1994 @@ -75,13 +75,13 @@ ripng_print(const u_char *dat, int length) if (j == 1 && rp->rip6_nets->rip6_metric == HOPCNT_INFINITY6 && IN6_IS_ADDR_UNSPECIFIED(&rp->rip6_nets->rip6_dest)) { - printf(" ripng-req dump"); + printf("ripng-req dump"); break; } if (j * sizeof(*ni) != length - 4) - printf(" ripng-req %d[%d]:", j, length); + printf("ripng-req %d[%d]:", j, length); else - printf(" ripng-req %d:", j); + printf("ripng-req %d:", j); trunc = ((i / sizeof(*ni)) * sizeof(*ni) != i); for (ni = rp->rip6_nets; (i -= sizeof(*ni)) >= 0; ++ni) { if (vflag) @@ -94,9 +94,9 @@ ripng_print(const u_char *dat, int length) case RIP6_RESPONSE: j = length / sizeof(*ni); if (j * sizeof(*ni) != length - 4) - printf(" ripng-resp %d[%d]:", j, length); + printf("ripng-resp %d[%d]:", j, length); else - printf(" ripng-resp %d:", j); + printf("ripng-resp %d:", j); trunc = ((i / sizeof(*ni)) * sizeof(*ni) != i); for (ni = rp->rip6_nets; (i -= sizeof(*ni)) >= 0; ++ni) { if (vflag) @@ -109,7 +109,7 @@ ripng_print(const u_char *dat, int length) printf("[|rip]"); break; default: - printf(" ripng-%d ?? %d", rp->rip6_cmd, length); + printf("ripng-%d ?? %d", rp->rip6_cmd, length); break; } if (rp->rip6_vers != RIP6_VERSION) diff --git a/usr.sbin/tcpdump/print-snmp.c b/usr.sbin/tcpdump/print-snmp.c index 0ec491a12df..36b1ea29cd9 100644 --- a/usr.sbin/tcpdump/print-snmp.c +++ b/usr.sbin/tcpdump/print-snmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-snmp.c,v 1.21 2016/03/15 05:03:11 mmcc Exp $ */ +/* $OpenBSD: print-snmp.c,v 1.22 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 @@ -1048,8 +1048,6 @@ snmp_print(const u_char *np, u_int length) length = snapend - np; } - putchar(' '); - /* initial Sequence */ if ((count = asn1_parse(np, length, &elem)) < 0) return; diff --git a/usr.sbin/tcpdump/print-tftp.c b/usr.sbin/tcpdump/print-tftp.c index d43966bd9a3..31a131c1dda 100644 --- a/usr.sbin/tcpdump/print-tftp.c +++ b/usr.sbin/tcpdump/print-tftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-tftp.c,v 1.12 2015/11/16 00:16:39 mmcc Exp $ */ +/* $OpenBSD: print-tftp.c,v 1.13 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 @@ -77,7 +77,7 @@ tftp_print(const u_char *bp, u_int length) tp = (const struct tftphdr *)bp; /* Print length */ - printf(" %d", length); + printf("%d", length); /* Print tftp request type */ TCHECK(tp->th_opcode); diff --git a/usr.sbin/tcpdump/print-udp.c b/usr.sbin/tcpdump/print-udp.c index b7729e3b5b3..327b1df53d6 100644 --- a/usr.sbin/tcpdump/print-udp.c +++ b/usr.sbin/tcpdump/print-udp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-udp.c,v 1.42 2018/07/03 23:51:13 dlg Exp $ */ +/* $OpenBSD: print-udp.c,v 1.43 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996 @@ -118,14 +118,14 @@ vat_print(const void *hdr, u_int len, const struct udphdr *up) u_int ts = *(u_short *)hdr; if ((ts & 0xf060) != 0) { /* probably vt */ - (void)printf(" udp/vt %u %d / %d", + (void)printf("udp/vt %u %d / %d", (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up)), ts & 0x3ff, ts >> 10); } else { /* probably vat */ u_int i0 = ntohl(((u_int *)hdr)[0]); u_int i1 = ntohl(((u_int *)hdr)[1]); - printf(" udp/vat %u c%d %u%s", + printf("udp/vat %u c%d %u%s", (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up) - 8), i0 & 0xffff, i1, i0 & 0x800000? "*" : ""); @@ -288,66 +288,6 @@ rtcp_print(const u_char *hdr, const u_char *ep) return (hdr + len); } -static int -udp_cksum(const struct ip *ip, const struct udphdr *up, int len) -{ - union phu { - struct phdr { - u_int32_t src; - u_int32_t dst; - u_char mbz; - u_char proto; - u_int16_t len; - } ph; - u_int16_t pa[6]; - } phu; - const u_int16_t *sp; - u_int32_t sum; - - /* pseudo-header.. */ - phu.ph.len = htons((u_int16_t)len); - phu.ph.mbz = 0; - phu.ph.proto = IPPROTO_UDP; - memcpy(&phu.ph.src, &ip->ip_src.s_addr, sizeof(u_int32_t)); - memcpy(&phu.ph.dst, &ip->ip_dst.s_addr, sizeof(u_int32_t)); - - sp = &phu.pa[0]; - sum = sp[0]+sp[1]+sp[2]+sp[3]+sp[4]+sp[5]; - - return in_cksum((u_short *)up, len, sum); -} - -#ifdef INET6 -static int -udp6_cksum(const struct ip6_hdr *ip6, const struct udphdr *up, u_int len) -{ - union { - struct { - struct in6_addr ph_src; - struct in6_addr ph_dst; - u_int32_t ph_len; - u_int8_t ph_zero[3]; - u_int8_t ph_nxt; - } ph; - u_int16_t pa[20]; - } phu; - size_t i; - u_int32_t sum = 0; - - /* pseudo-header */ - memset(&phu, 0, sizeof(phu)); - phu.ph.ph_src = ip6->ip6_src; - phu.ph.ph_dst = ip6->ip6_dst; - phu.ph.ph_len = htonl(len); - phu.ph.ph_nxt = IPPROTO_UDP; - - for (i = 0; i < sizeof(phu.pa) / sizeof(phu.pa[0]); i++) - sum += phu.pa[i]; - - return in_cksum((u_short *)up, len, sum); -} -#endif - /* XXX probably should use getservbyname() and cache answers */ #define TFTP_PORT 69 /*XXX*/ #define KERBEROS_PORT 88 /*XXX*/ @@ -383,101 +323,151 @@ udp6_cksum(const struct ip6_hdr *ip6, const struct udphdr *up, u_int len) #endif void -udp_print(const u_char *bp, u_int length, const u_char *bp2) +udp_print(const u_char *bp, u_int length, const void *iph) { const struct udphdr *up; - const struct ip *ip; const u_char *cp; const u_char *ep = bp + length; u_int16_t sport, dport, ulen; -#ifdef INET6 - const struct ip6_hdr *ip6; -#endif + const char *ipsrc = NULL, *ipdst = NULL; + unsigned int ipv = 0; + uint32_t cksum = 0; if (ep > snapend) ep = snapend; - up = (struct udphdr *)bp; - ip = (struct ip *)bp2; + + if (iph != NULL) { + const struct ip *ip = iph; + ipv = ip->ip_v; + + switch (ipv) { #ifdef INET6 - if (ip->ip_v == 6) - ip6 = (struct ip6_hdr *)bp2; - else - ip6 = NULL; + case 6: { + const struct ip6_hdr *ip6 = iph; + + ipsrc = ip6addr_string(&ip6->ip6_src); + ipdst = ip6addr_string(&ip6->ip6_dst); + + cksum = in_cksum_add(&ip6->ip6_src, + sizeof(ip6->ip6_src), cksum); + cksum = in_cksum_add(&ip6->ip6_dst, + sizeof(ip6->ip6_dst), cksum); + break; + } #endif /*INET6*/ - cp = (u_char *)(up + 1); + case 4: + ipsrc = ipaddr_string(&ip->ip_src); + ipdst = ipaddr_string(&ip->ip_dst); + + cksum = in_cksum_add(&ip->ip_src, + sizeof(ip->ip_src), cksum); + cksum = in_cksum_add(&ip->ip_dst, + sizeof(ip->ip_dst), cksum); + break; + } + } + + up = (const struct udphdr *)bp; + cp = (const u_char *)(up + 1); + + /* check if the udp header was captured */ if (cp > snapend) { + if (ipv) + printf("%s > %s: ", ipsrc, ipdst); + printf("[|udp]"); return; } - if (length < sizeof(struct udphdr)) { - (void)printf(" truncated-udp %d", length); + + /* check if the packet payload is long enough */ + if (length < sizeof(*up)) { + if (ipv) + printf("%s > %s: ", ipsrc, ipdst); + + printf("truncated-udp %u", length); return; } - length -= sizeof(struct udphdr); sport = ntohs(up->uh_sport); dport = ntohs(up->uh_dport); + + if (ipv) { + printf("%s.%s > %s.%s", + ipsrc, udpport_string(sport), + ipdst, udpport_string(dport)); + } else { + printf("udp %s > %s", + udpport_string(sport), + udpport_string(dport)); + } + + cksum += htons(length); + ulen = ntohs(up->uh_ulen); + if (length < ulen) + printf(" truncated-udp - %u bytes missing!", ulen - length); + + length -= sizeof(*up); + + if (vflag && ipv && TTEST2(cp[0], length)) { + uint16_t sum, usum = up->uh_sum; + + if (usum == 0) { + if (ipv == 4) + printf(" [no udp cksum]"); + else + printf(" [invalid udp cksum 0]"); + } else { + cksum += htons(IPPROTO_UDP); + cksum += up->uh_sport; + cksum += up->uh_dport; + cksum += up->uh_ulen; + + sum = in_cksum(cp, length, cksum); + + if (sum == usum) + printf(" [udp sum ok]"); + else { + printf(" [bad udp cksum %04x! -> %04x]", + usum, sum); + } + } + } + + printf(": "); + if (packettype) { struct rpc_msg *rp; enum msg_type direction; switch (packettype) { - case PT_VAT: - (void)printf("%s.%s > %s.%s:", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); - vat_print((void *)(up + 1), length, up); + vat_print(cp, length, up); break; case PT_WB: - (void)printf("%s.%s > %s.%s:", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); wb_print((void *)(up + 1), length); break; case PT_RPC: - (void)printf("%s.%s > %s.%s: ", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); rp = (struct rpc_msg *)(up + 1); direction = (enum msg_type)ntohl(rp->rm_direction); if (direction == CALL) - sunrpcrequest_print((u_char *)rp, length, - (u_char *)ip); + sunrpcrequest_print((u_char *)rp, length, iph); else - nfsreply_print((u_char *)rp, length, - (u_char *)ip); /*XXX*/ + nfsreply_print((u_char *)rp, length, iph); break; case PT_RTP: - (void)printf("%s.%s > %s.%s:", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); rtp_print((void *)(up + 1), length, up); break; case PT_RTCP: - (void)printf("%s.%s > %s.%s:", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); while (cp < ep) cp = rtcp_print(cp, ep); break; case PT_CNFP: - cnfp_print(cp, length, (u_char *)ip); + cnfp_print(cp, length); break; } return; @@ -491,33 +481,16 @@ udp_print(const u_char *bp, u_int length, const u_char *bp2) if (TTEST(rp->rm_direction)) { direction = (enum msg_type)ntohl(rp->rm_direction); if (dport == NFS_PORT && direction == CALL) { - (void)printf("%s.%s > %s.%s: ", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); - nfsreq_print((u_char *)rp, length, - (u_char *)ip); + nfsreq_print((u_char *)rp, length, iph); return; } if (sport == NFS_PORT && direction == REPLY) { - (void)printf("%s.%s > %s.%s: ", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); - nfsreply_print((u_char *)rp, length, - (u_char *)ip); + nfsreply_print((u_char *)rp, length, iph); return; } #ifdef notdef if (dport == SUNRPC_PORT && direction == CALL) { - (void)printf("%s.%s > %s.%s: ", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); - sunrpcrequest_print((u_char *)rp, length, (u_char *)ip); + sunrpcrequest_print((u_char *)rp, length, iph); return; } #endif @@ -531,68 +504,6 @@ udp_print(const u_char *bp, u_int length, const u_char *bp2) return; } } -#if 0 - (void)printf("%s.%s > %s.%s:", - ipaddr_string(&ip->ip_src), udpport_string(sport), - ipaddr_string(&ip->ip_dst), udpport_string(dport)); -#else -#ifdef INET6 - if (ip6) { - if (ip6->ip6_nxt == IPPROTO_UDP) { - (void)printf("%s.%s > %s.%s:", - ip6addr_string(&ip6->ip6_src), - udpport_string(sport), - ip6addr_string(&ip6->ip6_dst), - udpport_string(dport)); - } else { - (void)printf("%s > %s: ", - udpport_string(sport), udpport_string(dport)); - } - } else -#endif /*INET6*/ - { - if (ip->ip_p == IPPROTO_UDP) { - (void)printf("%s.%s > %s.%s:", - ipaddr_string(&ip->ip_src), - udpport_string(sport), - ipaddr_string(&ip->ip_dst), - udpport_string(dport)); - } else { - (void)printf("%s > %s:", - udpport_string(sport), udpport_string(dport)); - } - } -#endif - - if (ip->ip_v == 4 && vflag) { - u_int16_t sum, udp_sum = EXTRACT_16BITS(&up->uh_sum); - if (udp_sum == 0) { - (void)printf(" [no udp cksum]"); - } else if (TTEST2(cp[0], length)) { - sum = udp_cksum(ip, up, length + sizeof(struct udphdr)); - if (sum != 0) - (void)printf(" [bad udp cksum %x! -> %x]", udp_sum, - in_cksum_shouldbe(udp_sum, sum)); - else - (void)printf(" [udp sum ok]"); - } - } -#ifdef INET6 - if (ip->ip_v == 6 && ip6->ip6_plen && vflag) { - u_int16_t sum, udp_sum = EXTRACT_16BITS(&up->uh_sum); - /* for IPv6, UDP checksum is mandatory */ - if (udp_sum == 0) { - (void)printf(" [invalid udp cksum 0]"); - } else if (TTEST2(cp[0], length)) { - sum = udp6_cksum(ip6, up, length + sizeof(struct udphdr)); - if (sum != 0) - (void)printf(" [bad udp cksum %x! -> %x]", udp_sum, - in_cksum_shouldbe(udp_sum, sum)); - else - (void)printf(" [udp sum ok]"); - } - } -#endif if (!qflag) { #define ISPORT(p) (dport == (p) || sport == (p)) @@ -620,7 +531,7 @@ udp_print(const u_char *bp, u_int length, const u_char *bp2) else if (ISPORT(L2TP_PORT)) l2tp_print((const u_char *)(up + 1), length); else if (ISPORT(UDPENCAP_PORT)) - udpencap_print((const u_char *)(up + 1), length, bp2); + udpencap_print((const u_char *)(up + 1), length, iph); else if (ISPORT(ISAKMP_PORT)) ike_print((const u_char *)(up + 1), length); #if 0 @@ -640,10 +551,8 @@ udp_print(const u_char *bp, u_int length, const u_char *bp2) iapp_print((const u_char *)(up + 1), length); else if (ISPORT(VQP_PORT)) vqp_print((const u_char *)(up + 1), length); - else if (ISPORT(GRE_PORT)) { - printf(" "); + else if (ISPORT(GRE_PORT)) gre_print((const u_char *)(up + 1), length); - } #ifdef INET6 else if (ISPORT(RIPNG_PORT)) ripng_print((const u_char *)(up + 1), length); @@ -664,9 +573,8 @@ udp_print(const u_char *bp, u_int length, const u_char *bp2) else if (dport == HSRP_PORT) hsrp_print((const u_char *)(up + 1), length); else - (void)printf(" udp %u", - (u_int32_t)(ulen - sizeof(*up))); + printf("udp %u", length); #undef ISPORT } else - (void)printf(" udp %u", (u_int32_t)(ulen - sizeof(*up))); + printf("udp %u", length); } diff --git a/usr.sbin/tcpdump/print-udpencap.c b/usr.sbin/tcpdump/print-udpencap.c index e9b88f4ec39..2dc9948e6ce 100644 --- a/usr.sbin/tcpdump/print-udpencap.c +++ b/usr.sbin/tcpdump/print-udpencap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-udpencap.c,v 1.5 2009/10/27 23:59:57 deraadt Exp $ */ +/* $OpenBSD: print-udpencap.c,v 1.6 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. @@ -36,24 +36,18 @@ udpencap_print(const u_char *bp, u_int len, const u_char *bp2) /* Recognize NAT-T Keepalive msgs. (draft-ietf-ipsec-udp-encaps-nn) */ if (len == 1 && *bp == 0xFF) { - if (vflag) - fputs(" ", stdout); fputs("NAT-T Keepalive", stdout); return; } if (len < sizeof(u_int32_t)) { - fputs(" [|udpencap]", stdout); + fputs("[|udpencap]", stdout); return; } - if (vflag) - fputs(" ", stdout); - fputs("udpencap:", stdout); + fputs("udpencap: ", stdout); spi = (u_int32_t *)(bp); if (*spi == 0) ike_print(bp + sizeof(u_int32_t), len - sizeof(u_int32_t)); - else { - fputs(" ", stdout); + else esp_print(bp, len, bp2); - } } diff --git a/usr.sbin/tcpdump/print-vqp.c b/usr.sbin/tcpdump/print-vqp.c index 857edabc2d0..871196caeb3 100644 --- a/usr.sbin/tcpdump/print-vqp.c +++ b/usr.sbin/tcpdump/print-vqp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-vqp.c,v 1.7 2006/08/24 05:11:43 stevesk Exp $ */ +/* $OpenBSD: print-vqp.c,v 1.8 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 2006 Kevin Steves @@ -217,7 +217,7 @@ vqp_print(const u_char *bp, u_int len) u_int dcount; TCHECK(p->version); - printf(" VQPv%u", p->version); + printf("VQPv%u", p->version); if (p->version != 1) return; TCHECK(p->opcode); diff --git a/usr.sbin/tcpdump/print-wb.c b/usr.sbin/tcpdump/print-wb.c index d249a69ac00..bbb452fbb3e 100644 --- a/usr.sbin/tcpdump/print-wb.c +++ b/usr.sbin/tcpdump/print-wb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-wb.c,v 1.10 2017/08/30 09:23:00 otto Exp $ */ +/* $OpenBSD: print-wb.c,v 1.11 2018/07/06 05:47:22 dlg Exp $ */ /* * Copyright (c) 1993, 1994, 1995, 1996 @@ -178,7 +178,7 @@ wb_id(const struct pkt_id *id, u_int len) char c; int nid; - printf(" wb-id:"); + printf("wb-id:"); len -= sizeof(*id); if ((u_char *)(id + 1) > snapend) return (-1); @@ -217,7 +217,7 @@ wb_id(const struct pkt_id *id, u_int len) static int wb_rreq(const struct pkt_rreq *rreq, u_int len) { - printf(" wb-rreq:"); + printf("wb-rreq:"); if (len < sizeof(*rreq) || (u_char *)(rreq + 1) > snapend) return (-1); @@ -233,7 +233,7 @@ wb_rreq(const struct pkt_rreq *rreq, u_int len) static int wb_preq(const struct pkt_preq *preq, u_int len) { - printf(" wb-preq:"); + printf("wb-preq:"); if (len < sizeof(*preq) || (u_char *)(preq + 1) > snapend) return (-1); @@ -251,7 +251,7 @@ wb_prep(const struct pkt_prep *prep, u_int len) const struct pgstate *ps; const u_char *ep = snapend; - printf(" wb-prep:"); + printf("wb-prep:"); if (len < sizeof(*prep)) { return (-1); } @@ -334,7 +334,7 @@ wb_rrep(const struct pkt_rrep *rrep, u_int len) { const struct pkt_dop *dop = &rrep->pr_dop; - printf(" wb-rrep:"); + printf("wb-rrep:"); len -= sizeof(*rrep); if ((u_char *)(rrep + 1) > snapend) return (-1); @@ -355,7 +355,7 @@ wb_rrep(const struct pkt_rrep *rrep, u_int len) static int wb_drawop(const struct pkt_dop *dop, u_int len) { - printf(" wb-dop:"); + printf("wb-dop:"); len -= sizeof(*dop); if ((u_char *)(dop + 1) > snapend) return (-1); @@ -388,7 +388,7 @@ wb_print(const void *hdr, u_int len) switch (ph->ph_type) { case PT_KILL: - printf(" wb-kill"); + printf("wb-kill"); return; case PT_ID: @@ -422,7 +422,7 @@ wb_print(const void *hdr, u_int len) break; default: - printf(" wb-%d!", ph->ph_type); + printf("wb-%d!", ph->ph_type); return; } } -- cgit v1.2.3