1 /* $OpenBSD: print-udp.c,v 1.56 2020/08/17 06:29:29 dlg Exp $ */
2
3 /*
4 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that: (1) source code distributions
9 * retain the above copyright notice and this paragraph in its entirety, (2)
10 * distributions including binary code include the above copyright notice and
11 * this paragraph in its entirety in the documentation or other materials
12 * provided with the distribution, and (3) all advertising materials mentioning
13 * features or use of this software display the following acknowledgement:
14 * ``This product includes software developed by the University of California,
15 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
16 * the University nor the names of its contributors may be used to endorse
17 * or promote products derived from this software without specific prior
18 * written permission.
19 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
20 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
21 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
22 */
23
24 #include <sys/time.h>
25 #include <sys/socket.h>
26
27 #include <netinet/in.h>
28 #include <netinet/ip.h>
29 #include <netinet/ip6.h>
30 #include <netinet/ip_var.h>
31 #include <netinet/udp.h>
32 #include <netinet/udp_var.h>
33
34 #include <net80211/ieee80211.h>
35
36 #ifdef NOERROR
37 #undef NOERROR /* Solaris sucks */
38 #endif
39 #ifdef T_UNSPEC
40 #undef T_UNSPEC /* SINIX does too */
41 #endif
42 #include <arpa/nameser.h>
43 #ifdef SEGSIZE
44 #undef SEGSIZE
45 #endif
46 #include <arpa/tftp.h>
47
48 #include <rpc/rpc.h>
49
50 #include <stdio.h>
51 #include <string.h>
52
53 #include "interface.h"
54 #include "addrtoname.h"
55 #include "extract.h"
56 #include "appletalk.h"
57
58 #include "nfsv2.h"
59 #include "bootp.h"
60 #include "iapp.h"
61
62 struct rtcphdr {
63 u_short rh_flags; /* T:2 P:1 CNT:5 PT:8 */
64 u_short rh_len; /* length of message (in words) */
65 u_int rh_ssrc; /* synchronization src id */
66 };
67
68 typedef struct {
69 u_int upper; /* more significant 32 bits */
70 u_int lower; /* less significant 32 bits */
71 } ntp64;
72
73 /*
74 * Sender report.
75 */
76 struct rtcp_sr {
77 ntp64 sr_ntp; /* 64-bit ntp timestamp */
78 u_int sr_ts; /* reference media timestamp */
79 u_int sr_np; /* no. packets sent */
80 u_int sr_nb; /* no. bytes sent */
81 };
82
83 /*
84 * Receiver report.
85 * Time stamps are middle 32-bits of ntp timestamp.
86 */
87 struct rtcp_rr {
88 u_int rr_srcid; /* sender being reported */
89 u_int rr_nl; /* no. packets lost */
90 u_int rr_ls; /* extended last seq number received */
91 u_int rr_dv; /* jitter (delay variance) */
92 u_int rr_lsr; /* orig. ts from last rr from this src */
93 u_int rr_dlsr; /* time from recpt of last rr to xmit time */
94 };
95
96 /*XXX*/
97 #define RTCP_PT_SR 200
98 #define RTCP_PT_RR 201
99 #define RTCP_PT_SDES 202
100 #define RTCP_SDES_CNAME 1
101 #define RTCP_SDES_NAME 2
102 #define RTCP_SDES_EMAIL 3
103 #define RTCP_SDES_PHONE 4
104 #define RTCP_SDES_LOC 5
105 #define RTCP_SDES_TOOL 6
106 #define RTCP_SDES_NOTE 7
107 #define RTCP_SDES_PRIV 8
108 #define RTCP_PT_BYE 203
109 #define RTCP_PT_APP 204
110
111 static void
vat_print(const void * hdr,u_int len,const struct udphdr * up)112 vat_print(const void *hdr, u_int len, const struct udphdr *up)
113 {
114 /* vat/vt audio */
115 u_int ts = *(u_short *)hdr;
116 if ((ts & 0xf060) != 0) {
117 /* probably vt */
118 printf("udp/vt %u %d / %d",
119 (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up)),
120 ts & 0x3ff, ts >> 10);
121 } else {
122 /* probably vat */
123 u_int i0 = ntohl(((u_int *)hdr)[0]);
124 u_int i1 = ntohl(((u_int *)hdr)[1]);
125 printf("udp/vat %u c%d %u%s",
126 (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up) - 8),
127 i0 & 0xffff,
128 i1, i0 & 0x800000? "*" : "");
129 /* audio format */
130 if (i0 & 0x1f0000)
131 printf(" f%d", (i0 >> 16) & 0x1f);
132 if (i0 & 0x3f000000)
133 printf(" s%d", (i0 >> 24) & 0x3f);
134 }
135 }
136
137 static void
rtp_print(const void * hdr,u_int len,const struct udphdr * up)138 rtp_print(const void *hdr, u_int len, const struct udphdr *up)
139 {
140 /* rtp v1 or v2 */
141 u_int *ip = (u_int *)hdr;
142 u_int hasopt, hasext, contype, hasmarker;
143 u_int i0 = ntohl(((u_int *)hdr)[0]);
144 u_int i1 = ntohl(((u_int *)hdr)[1]);
145 u_int dlen = ntohs(up->uh_ulen) - sizeof(*up) - 8;
146 const char * ptype;
147
148 ip += 2;
149 len >>= 2;
150 len -= 2;
151 hasopt = 0;
152 hasext = 0;
153 if ((i0 >> 30) == 1) {
154 /* rtp v1 */
155 hasopt = i0 & 0x800000;
156 contype = (i0 >> 16) & 0x3f;
157 hasmarker = i0 & 0x400000;
158 ptype = "rtpv1";
159 } else {
160 /* rtp v2 */
161 hasext = i0 & 0x10000000;
162 contype = (i0 >> 16) & 0x7f;
163 hasmarker = i0 & 0x800000;
164 dlen -= 4;
165 ptype = "rtp";
166 ip += 1;
167 len -= 1;
168 }
169 printf(" udp/%s %d c%d %s%s %d %u",
170 ptype, dlen, contype, (hasopt || hasext)? "+" : "",
171 hasmarker? "*" : "", i0 & 0xffff, i1);
172 if (vflag) {
173 printf(" %u", i1);
174 if (hasopt) {
175 u_int i2, optlen;
176 do {
177 i2 = ip[0];
178 optlen = (i2 >> 16) & 0xff;
179 if (optlen == 0 || optlen > len) {
180 printf(" !opt");
181 return;
182 }
183 ip += optlen;
184 len -= optlen;
185 } while ((int)i2 >= 0);
186 }
187 if (hasext) {
188 u_int i2, extlen;
189 i2 = ip[0];
190 extlen = (i2 & 0xffff) + 1;
191 if (extlen > len) {
192 printf(" !ext");
193 return;
194 }
195 ip += extlen;
196 }
197 if (contype == 0x1f) /*XXX H.261 */
198 printf(" 0x%04x", ip[0] >> 16);
199 }
200 }
201
202 static const u_char *
rtcp_print(const u_char * hdr,const u_char * ep)203 rtcp_print(const u_char *hdr, const u_char *ep)
204 {
205 /* rtp v2 control (rtcp) */
206 struct rtcp_rr *rr = NULL;
207 struct rtcp_sr *sr;
208 struct rtcphdr *rh = (struct rtcphdr *)hdr;
209 u_int len;
210 u_short flags;
211 int cnt;
212 double ts, dts;
213 if ((u_char *)(rh + 1) > ep) {
214 printf(" [|rtcp]");
215 return (ep);
216 }
217 len = (ntohs(rh->rh_len) + 1) * 4;
218 flags = ntohs(rh->rh_flags);
219 cnt = (flags >> 8) & 0x1f;
220 switch (flags & 0xff) {
221 case RTCP_PT_SR:
222 sr = (struct rtcp_sr *)(rh + 1);
223 printf(" sr");
224 if (len != cnt * sizeof(*rr) + sizeof(*sr) + sizeof(*rh))
225 printf(" [%d]", len);
226 if (vflag)
227 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc));
228 if ((u_char *)(sr + 1) > ep) {
229 printf(" [|rtcp]");
230 return (ep);
231 }
232 ts = (double)((u_int32_t)ntohl(sr->sr_ntp.upper)) +
233 ((double)((u_int32_t)ntohl(sr->sr_ntp.lower)) /
234 4294967296.0);
235 printf(" @%.2f %u %up %ub", ts, (u_int32_t)ntohl(sr->sr_ts),
236 (u_int32_t)ntohl(sr->sr_np), (u_int32_t)ntohl(sr->sr_nb));
237 rr = (struct rtcp_rr *)(sr + 1);
238 break;
239 case RTCP_PT_RR:
240 printf(" rr");
241 if (len != cnt * sizeof(*rr) + sizeof(*rh))
242 printf(" [%d]", len);
243 rr = (struct rtcp_rr *)(rh + 1);
244 if (vflag)
245 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc));
246 break;
247 case RTCP_PT_SDES:
248 printf(" sdes %d", len);
249 if (vflag)
250 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc));
251 cnt = 0;
252 break;
253 case RTCP_PT_BYE:
254 printf(" bye %d", len);
255 if (vflag)
256 printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc));
257 cnt = 0;
258 break;
259 default:
260 printf(" type-0x%x %d", flags & 0xff, len);
261 cnt = 0;
262 break;
263 }
264 if (cnt > 1)
265 printf(" c%d", cnt);
266 while (--cnt >= 0) {
267 if ((u_char *)(rr + 1) > ep) {
268 printf(" [|rtcp]");
269 return (ep);
270 }
271 if (vflag)
272 printf(" %u", (u_int32_t)ntohl(rr->rr_srcid));
273 ts = (double)((u_int32_t)ntohl(rr->rr_lsr)) / 65536.;
274 dts = (double)((u_int32_t)ntohl(rr->rr_dlsr)) / 65536.;
275 printf(" %ul %us %uj @%.2f+%.2f",
276 (u_int32_t)ntohl(rr->rr_nl) & 0x00ffffff,
277 (u_int32_t)ntohl(rr->rr_ls),
278 (u_int32_t)ntohl(rr->rr_dv), ts, dts);
279 }
280 return (hdr + len);
281 }
282
283 /* XXX probably should use getservbyname() and cache answers */
284 #define TFTP_PORT 69 /*XXX*/
285 #define KERBEROS_PORT 88 /*XXX*/
286 #define SUNRPC_PORT 111 /*XXX*/
287 #define NTP_PORT 123 /*XXX*/
288 #define NETBIOS_NS_PORT 137 /*XXX*/
289 #define NETBIOS_DGRAM_PORT 138 /*XXX*/
290 #define SNMP_PORT 161 /*XXX*/
291 #define SNMPTRAP_PORT 162 /*XXX*/
292 #define ISAKMP_PORT 500 /*XXX*/
293 #define RIP_PORT 520 /*XXX*/
294 #define TIMED_PORT 525 /*XXX*/
295 #define KERBEROS_SEC_PORT 750 /*XXX*/
296 #define LWRES_PORT 921
297 #define VQP_PORT 1589
298 #define OLD_RADIUS_AUTH_PORT 1645
299 #define OLD_RADIUS_ACCT_PORT 1646
300 #define L2TP_PORT 1701 /*XXX*/
301 #define RADIUS_AUTH_PORT 1812
302 #define RADIUS_ACCT_PORT 1813
303 #define HSRP_PORT 1985 /*XXX*/
304 #define GTP_C_PORT 2123
305 #define GTP_U_PORT 2152
306 #define GTP_PRIME_PORT 3386
307 #define UDPENCAP_PORT 4500 /*XXX*/
308 #define GRE_PORT 4754
309 #define VXLAN_PORT 4789
310 #define VXLAN_GPE_PORT 4790
311 #define GENEVE_PORT 6081
312 #define MULTICASTDNS_PORT 5353
313 #define MPLS_PORT 6635
314
315 #define RIPNG_PORT 521 /*XXX*/
316 #define DHCP6_PORT1 546 /*XXX*/
317 #define DHCP6_PORT2 547 /*XXX*/
318
319 void
udp_print(const u_char * bp,u_int length,const void * iph)320 udp_print(const u_char *bp, u_int length, const void *iph)
321 {
322 const struct udphdr *up;
323 const u_char *cp;
324 const u_char *ep = bp + length;
325 u_int16_t sport, dport, ulen;
326 const char *ipsrc = NULL, *ipdst = NULL;
327 unsigned int ipv = 0;
328 uint32_t cksum = 0;
329
330 if (ep > snapend)
331 ep = snapend;
332
333 if (iph != NULL) {
334 const struct ip *ip = iph;
335 ipv = ip->ip_v;
336
337 switch (ipv) {
338 case 6: {
339 const struct ip6_hdr *ip6 = iph;
340
341 ipsrc = ip6addr_string(&ip6->ip6_src);
342 ipdst = ip6addr_string(&ip6->ip6_dst);
343
344 cksum = in_cksum_add(&ip6->ip6_src,
345 sizeof(ip6->ip6_src), cksum);
346 cksum = in_cksum_add(&ip6->ip6_dst,
347 sizeof(ip6->ip6_dst), cksum);
348 break;
349 }
350 case 4:
351 ipsrc = ipaddr_string(&ip->ip_src);
352 ipdst = ipaddr_string(&ip->ip_dst);
353
354 cksum = in_cksum_add(&ip->ip_src,
355 sizeof(ip->ip_src), cksum);
356 cksum = in_cksum_add(&ip->ip_dst,
357 sizeof(ip->ip_dst), cksum);
358 break;
359 }
360 }
361
362 up = (const struct udphdr *)bp;
363 cp = (const u_char *)(up + 1);
364
365 /* check if the udp header was captured */
366 if (cp > snapend) {
367 if (ipv)
368 printf("%s > %s: ", ipsrc, ipdst);
369
370 printf("[|udp]");
371 return;
372 }
373
374 /* check if the packet payload is long enough */
375 if (length < sizeof(*up)) {
376 if (ipv)
377 printf("%s > %s: ", ipsrc, ipdst);
378
379 printf("truncated-udp %u", length);
380 return;
381 }
382
383 sport = ntohs(up->uh_sport);
384 dport = ntohs(up->uh_dport);
385
386 if (ipv) {
387 printf("%s.%s > %s.%s",
388 ipsrc, udpport_string(sport),
389 ipdst, udpport_string(dport));
390 } else {
391 printf("udp %s > %s",
392 udpport_string(sport),
393 udpport_string(dport));
394 }
395
396 printf(": ");
397
398 cksum += htons(length);
399
400 ulen = ntohs(up->uh_ulen);
401 if (length < ulen)
402 printf(" truncated-udp - %u bytes missing!", ulen - length);
403
404 length -= sizeof(*up);
405
406 if (vflag && ipv && TTEST2(cp[0], length)) {
407 uint16_t sum, usum = up->uh_sum;
408
409 if (usum == 0) {
410 if (ipv == 4)
411 printf("[no udp cksum] ");
412 else
413 printf("[invalid udp cksum 0] ");
414 } else {
415 cksum += htons(IPPROTO_UDP);
416 cksum += up->uh_sport;
417 cksum += up->uh_dport;
418 cksum += up->uh_ulen;
419
420 sum = in_cksum(cp, length, cksum);
421
422 if (sum == usum)
423 printf("[udp sum ok] ");
424 else {
425 printf("[bad udp cksum %04x! -> %04x] ",
426 usum, sum);
427 }
428 }
429 }
430
431 if (packettype) {
432 struct rpc_msg *rp;
433 enum msg_type direction;
434
435 switch (packettype) {
436 case PT_VAT:
437 vat_print(cp, length, up);
438 break;
439
440 case PT_WB:
441 wb_print(cp, length);
442 break;
443
444 case PT_RPC:
445 rp = (struct rpc_msg *)cp;
446 direction = (enum msg_type)ntohl(rp->rm_direction);
447 if (direction == CALL)
448 sunrpcrequest_print(cp, length, iph);
449 else
450 nfsreply_print(cp, length, iph);
451 break;
452
453 case PT_RTP:
454 rtp_print(cp, length, up);
455 break;
456
457 case PT_RTCP:
458 while (cp < ep)
459 cp = rtcp_print(cp, ep);
460 break;
461 case PT_CNFP:
462 cnfp_print(cp, length);
463 break;
464 case PT_GRE:
465 gre_print(cp, length);
466 break;
467 case PT_VXLAN:
468 vxlan_print(cp, length);
469 break;
470 case PT_GENEVE:
471 geneve_print(cp, length);
472 break;
473 case PT_MPLS:
474 mpls_print(cp, length);
475 break;
476 case PT_TFTP:
477 tftp_print(cp, length);
478 break;
479 case PT_WIREGUARD:
480 wg_print(cp, length);
481 break;
482 }
483 return;
484 }
485
486 if (!qflag) {
487 struct rpc_msg *rp;
488 enum msg_type direction;
489
490 rp = (struct rpc_msg *)cp;
491 if (TTEST(rp->rm_direction)) {
492 direction = (enum msg_type)ntohl(rp->rm_direction);
493 if (dport == NFS_PORT && direction == CALL) {
494 nfsreq_print(cp, length, iph);
495 return;
496 }
497 if (sport == NFS_PORT && direction == REPLY) {
498 nfsreply_print(cp, length, iph);
499 return;
500 }
501 #ifdef notdef
502 if (dport == SUNRPC_PORT && direction == CALL) {
503 sunrpcrequest_print(cp, length, iph);
504 return;
505 }
506 #endif
507 }
508 if (TTEST(((struct LAP *)cp)->type) &&
509 ((struct LAP *)cp)->type == lapDDP &&
510 (atalk_port(sport) || atalk_port(dport))) {
511 if (vflag)
512 printf("kip ");
513 atalk_print_llap(cp, length);
514 return;
515 }
516 }
517
518 if (!qflag) {
519 #define ISPORT(p) (dport == (p) || sport == (p))
520 if (ISPORT(NAMESERVER_PORT))
521 ns_print(cp, length, 0);
522 else if (ISPORT(MULTICASTDNS_PORT))
523 ns_print(cp, length, 1);
524 else if (ISPORT(LWRES_PORT))
525 lwres_print(cp, length);
526 else if (ISPORT(TIMED_PORT))
527 timed_print(cp, length);
528 else if (ISPORT(TFTP_PORT))
529 tftp_print(cp, length);
530 else if (ISPORT(IPPORT_BOOTPC) || ISPORT(IPPORT_BOOTPS))
531 bootp_print(cp, length, sport, dport);
532 else if (ISPORT(RIP_PORT))
533 rip_print(cp, length);
534 else if (ISPORT(SNMP_PORT) || ISPORT(SNMPTRAP_PORT))
535 snmp_print(cp, length);
536 else if (ISPORT(NTP_PORT))
537 ntp_print(cp, length);
538 else if (ISPORT(KERBEROS_PORT) || ISPORT(KERBEROS_SEC_PORT))
539 krb_print(cp, length);
540 else if (ISPORT(L2TP_PORT))
541 l2tp_print(cp, length);
542 else if (ISPORT(UDPENCAP_PORT))
543 udpencap_print(cp, length, iph);
544 else if (ISPORT(ISAKMP_PORT))
545 ike_print(cp, length);
546 #if 0
547 else if (ISPORT(NETBIOS_NS_PORT))
548 nbt_udp137_print(cp, length);
549 else if (ISPORT(NETBIOS_DGRAM_PORT))
550 nbt_udp138_print(cp, length);
551 #endif
552 else if (ISPORT(OLD_RADIUS_AUTH_PORT) ||
553 ISPORT(OLD_RADIUS_ACCT_PORT) ||
554 ISPORT(RADIUS_AUTH_PORT) ||
555 ISPORT(RADIUS_ACCT_PORT))
556 radius_print(cp, length);
557 else if (dport == 3456)
558 vat_print(cp, length, up);
559 else if (ISPORT(IAPP_PORT) || ISPORT(IAPP_OLD_PORT))
560 iapp_print(cp, length);
561 else if (ISPORT(VQP_PORT))
562 vqp_print(cp, length);
563 else if (ISPORT(GRE_PORT))
564 gre_print(cp, length);
565 else if (ISPORT(VXLAN_PORT) || ISPORT(VXLAN_GPE_PORT))
566 vxlan_print(cp, length);
567 else if (ISPORT(GENEVE_PORT))
568 geneve_print(cp, length);
569 else if (ISPORT(MPLS_PORT))
570 mpls_print(cp, length);
571 else if (ISPORT(RIPNG_PORT))
572 ripng_print(cp, length);
573 else if (ISPORT(DHCP6_PORT1) || ISPORT(DHCP6_PORT2))
574 dhcp6_print(cp, length);
575 else if (ISPORT(GTP_C_PORT) || ISPORT(GTP_U_PORT) ||
576 ISPORT(GTP_PRIME_PORT))
577 gtp_print(cp, length, sport, dport);
578 /*
579 * Kludge in test for whiteboard packets.
580 */
581 else if (dport == 4567)
582 wb_print(cp, length);
583 else if (dport == HSRP_PORT)
584 hsrp_print(cp, length);
585 else if (wg_match(cp, length))
586 wg_print(cp, length);
587 else
588 printf("udp %u", length);
589 #undef ISPORT
590 } else
591 printf("udp %u", length);
592 }
593