1b0453382SBill Fenner /* 2a90e161bSBill Fenner * Copyright (C) Andrew Tridgell 1995-1999 3a90e161bSBill Fenner * 4a90e161bSBill Fenner * This software may be distributed either under the terms of the 5a90e161bSBill Fenner * BSD-style license that accompanies tcpdump or the GNU GPL version 2 6a90e161bSBill Fenner * or later 7a90e161bSBill Fenner */ 8b0453382SBill Fenner 9b0453382SBill Fenner #ifdef HAVE_CONFIG_H 10b0453382SBill Fenner #include "config.h" 11b0453382SBill Fenner #endif 12b0453382SBill Fenner 13b0453382SBill Fenner #ifndef lint 14b0453382SBill Fenner static const char rcsid[] = 15a90e161bSBill Fenner "@(#) $Header: /tcpdump/master/tcpdump/smbutil.c,v 1.18 2002/01/17 04:38:29 guy Exp $"; 16b0453382SBill Fenner #endif 17b0453382SBill Fenner 18b0453382SBill Fenner #include <sys/param.h> 19b0453382SBill Fenner #include <sys/time.h> 20b0453382SBill Fenner #include <sys/types.h> 21b0453382SBill Fenner #include <sys/socket.h> 22b0453382SBill Fenner 23b0453382SBill Fenner #include <netinet/in.h> 24b0453382SBill Fenner 25b0453382SBill Fenner #include <ctype.h> 26b0453382SBill Fenner #include <stdio.h> 27b0453382SBill Fenner #include <stdlib.h> 28b0453382SBill Fenner #include <string.h> 29685295f4SBill Fenner #include <time.h> 30b0453382SBill Fenner 31b0453382SBill Fenner #include "interface.h" 32a90e161bSBill Fenner #include "extract.h" 33b0453382SBill Fenner #include "smb.h" 34b0453382SBill Fenner 35a90e161bSBill Fenner extern const u_char *startbuf; 36b0453382SBill Fenner 37a90e161bSBill Fenner /* 38a90e161bSBill Fenner * interpret a 32 bit dos packed date/time to some parameters 39a90e161bSBill Fenner */ 40a90e161bSBill Fenner static void 41a90e161bSBill Fenner interpret_dos_date(u_int32_t date, struct tm *tp) 42b0453382SBill Fenner { 43a90e161bSBill Fenner u_int32_t p0, p1, p2, p3; 44b0453382SBill Fenner 45a90e161bSBill Fenner p0 = date & 0xFF; 46a90e161bSBill Fenner p1 = ((date & 0xFF00) >> 8) & 0xFF; 47a90e161bSBill Fenner p2 = ((date & 0xFF0000) >> 16) & 0xFF; 48a90e161bSBill Fenner p3 = ((date & 0xFF000000) >> 24) & 0xFF; 49b0453382SBill Fenner 50a90e161bSBill Fenner tp->tm_sec = 2 * (p0 & 0x1F); 51a90e161bSBill Fenner tp->tm_min = ((p0 >> 5) & 0xFF) + ((p1 & 0x7) << 3); 52a90e161bSBill Fenner tp->tm_hour = (p1 >> 3) & 0xFF; 53a90e161bSBill Fenner tp->tm_mday = (p2 & 0x1F); 54a90e161bSBill Fenner tp->tm_mon = ((p2 >> 5) & 0xFF) + ((p3 & 0x1) << 3) - 1; 55a90e161bSBill Fenner tp->tm_year = ((p3 >> 1) & 0xFF) + 80; 56b0453382SBill Fenner } 57b0453382SBill Fenner 58a90e161bSBill Fenner /* 59a90e161bSBill Fenner * common portion: 60a90e161bSBill Fenner * create a unix date from a dos date 61a90e161bSBill Fenner */ 62a90e161bSBill Fenner static time_t 63a90e161bSBill Fenner int_unix_date(u_int32_t dos_date) 64b0453382SBill Fenner { 65b0453382SBill Fenner struct tm t; 66b0453382SBill Fenner 67a90e161bSBill Fenner if (dos_date == 0) 68a90e161bSBill Fenner return(0); 69b0453382SBill Fenner 70a90e161bSBill Fenner interpret_dos_date(dos_date, &t); 71b0453382SBill Fenner t.tm_wday = 1; 72b0453382SBill Fenner t.tm_yday = 1; 73b0453382SBill Fenner t.tm_isdst = 0; 74b0453382SBill Fenner 75b0453382SBill Fenner return (mktime(&t)); 76b0453382SBill Fenner } 77b0453382SBill Fenner 78a90e161bSBill Fenner /* 79a90e161bSBill Fenner * create a unix date from a dos date 80a90e161bSBill Fenner * in network byte order 81a90e161bSBill Fenner */ 82a90e161bSBill Fenner static time_t 83a90e161bSBill Fenner make_unix_date(const u_char *date_ptr) 84b0453382SBill Fenner { 85a90e161bSBill Fenner u_int32_t dos_date = 0; 86b0453382SBill Fenner 87a90e161bSBill Fenner dos_date = EXTRACT_LE_32BITS(date_ptr); 88b0453382SBill Fenner 89a90e161bSBill Fenner return int_unix_date(dos_date); 90b0453382SBill Fenner } 91b0453382SBill Fenner 92a90e161bSBill Fenner /* 93a90e161bSBill Fenner * create a unix date from a dos date 94a90e161bSBill Fenner * in halfword-swapped network byte order! 95a90e161bSBill Fenner */ 96a90e161bSBill Fenner static time_t 97a90e161bSBill Fenner make_unix_date2(const u_char *date_ptr) 98a90e161bSBill Fenner { 99a90e161bSBill Fenner u_int32_t x, x2; 100a90e161bSBill Fenner 101a90e161bSBill Fenner x = EXTRACT_LE_32BITS(date_ptr); 102a90e161bSBill Fenner x2 = ((x & 0xFFFF) << 16) | ((x & 0xFFFF0000) >> 16); 103a90e161bSBill Fenner return int_unix_date(x2); 104a90e161bSBill Fenner } 105a90e161bSBill Fenner 106a90e161bSBill Fenner /* 107a90e161bSBill Fenner * interpret an 8 byte "filetime" structure to a time_t 108a90e161bSBill Fenner * It's originally in "100ns units since jan 1st 1601" 109a90e161bSBill Fenner */ 110a90e161bSBill Fenner static time_t 111a90e161bSBill Fenner interpret_long_date(const u_char *p) 112b0453382SBill Fenner { 113b0453382SBill Fenner double d; 114b0453382SBill Fenner time_t ret; 115b0453382SBill Fenner 116a90e161bSBill Fenner TCHECK2(p[4], 4); 117a90e161bSBill Fenner 118b0453382SBill Fenner /* this gives us seconds since jan 1st 1601 (approx) */ 119a90e161bSBill Fenner d = (EXTRACT_LE_32BITS(p + 4) * 256.0 + p[3]) * (1.0e-7 * (1 << 24)); 120b0453382SBill Fenner 121b0453382SBill Fenner /* now adjust by 369 years to make the secs since 1970 */ 122b0453382SBill Fenner d -= 369.0 * 365.25 * 24 * 60 * 60; 123b0453382SBill Fenner 124b0453382SBill Fenner /* and a fudge factor as we got it wrong by a few days */ 125b0453382SBill Fenner d += (3 * 24 * 60 * 60 + 6 * 60 * 60 + 2); 126b0453382SBill Fenner 127b0453382SBill Fenner if (d < 0) 128b0453382SBill Fenner return(0); 129b0453382SBill Fenner 130b0453382SBill Fenner ret = (time_t)d; 131b0453382SBill Fenner 132b0453382SBill Fenner return(ret); 133a90e161bSBill Fenner trunc: 134a90e161bSBill Fenner return(0); 135b0453382SBill Fenner } 136b0453382SBill Fenner 137a90e161bSBill Fenner /* 138a90e161bSBill Fenner * interpret the weird netbios "name". Return the name type, or -1 if 139a90e161bSBill Fenner * we run past the end of the buffer 140a90e161bSBill Fenner */ 141a90e161bSBill Fenner static int 142a90e161bSBill Fenner name_interpret(const u_char *in, const u_char *maxbuf, char *out) 143b0453382SBill Fenner { 144b0453382SBill Fenner int ret; 145685295f4SBill Fenner int len; 146685295f4SBill Fenner 147685295f4SBill Fenner if (in >= maxbuf) 148685295f4SBill Fenner return(-1); /* name goes past the end of the buffer */ 149685295f4SBill Fenner TCHECK2(*in, 1); 150685295f4SBill Fenner len = (*in++) / 2; 151b0453382SBill Fenner 152b0453382SBill Fenner *out=0; 153b0453382SBill Fenner 154a90e161bSBill Fenner if (len > 30 || len < 1) 155a90e161bSBill Fenner return(0); 156b0453382SBill Fenner 157a90e161bSBill Fenner while (len--) { 158a90e161bSBill Fenner TCHECK2(*in, 2); 159685295f4SBill Fenner if (in + 1 >= maxbuf) 160685295f4SBill Fenner return(-1); /* name goes past the end of the buffer */ 161b0453382SBill Fenner if (in[0] < 'A' || in[0] > 'P' || in[1] < 'A' || in[1] > 'P') { 162b0453382SBill Fenner *out = 0; 163b0453382SBill Fenner return(0); 164b0453382SBill Fenner } 165b0453382SBill Fenner *out = ((in[0] - 'A') << 4) + (in[1] - 'A'); 166b0453382SBill Fenner in += 2; 167b0453382SBill Fenner out++; 168b0453382SBill Fenner } 169b0453382SBill Fenner *out = 0; 170b0453382SBill Fenner ret = out[-1]; 171b0453382SBill Fenner 172b0453382SBill Fenner return(ret); 173685295f4SBill Fenner 174685295f4SBill Fenner trunc: 175685295f4SBill Fenner return(-1); 176b0453382SBill Fenner } 177b0453382SBill Fenner 178a90e161bSBill Fenner /* 179a90e161bSBill Fenner * find a pointer to a netbios name 180a90e161bSBill Fenner */ 181a90e161bSBill Fenner static const u_char * 182a90e161bSBill Fenner name_ptr(const u_char *buf, int ofs, const u_char *maxbuf) 183b0453382SBill Fenner { 184a90e161bSBill Fenner const u_char *p; 185a90e161bSBill Fenner u_char c; 186b0453382SBill Fenner 187685295f4SBill Fenner p = buf + ofs; 188685295f4SBill Fenner if (p >= maxbuf) 189685295f4SBill Fenner return(NULL); /* name goes past the end of the buffer */ 190685295f4SBill Fenner TCHECK2(*p, 1); 191685295f4SBill Fenner 192685295f4SBill Fenner c = *p; 193685295f4SBill Fenner 194685295f4SBill Fenner /* XXX - this should use the same code that the DNS dissector does */ 195a90e161bSBill Fenner if ((c & 0xC0) == 0xC0) { 196a90e161bSBill Fenner u_int16_t l = EXTRACT_16BITS(buf + ofs) & 0x3FFF; 197a90e161bSBill Fenner if (l == 0) { 198685295f4SBill Fenner /* We have a pointer that points to itself. */ 199685295f4SBill Fenner return(NULL); 200685295f4SBill Fenner } 201685295f4SBill Fenner p = buf + l; 202685295f4SBill Fenner if (p >= maxbuf) 203685295f4SBill Fenner return(NULL); /* name goes past the end of the buffer */ 204685295f4SBill Fenner TCHECK2(*p, 1); 205b0453382SBill Fenner return(buf + l); 206a90e161bSBill Fenner } else 207b0453382SBill Fenner return(buf + ofs); 208685295f4SBill Fenner 209685295f4SBill Fenner trunc: 210685295f4SBill Fenner return(NULL); /* name goes past the end of the buffer */ 211b0453382SBill Fenner } 212b0453382SBill Fenner 213a90e161bSBill Fenner /* 214a90e161bSBill Fenner * extract a netbios name from a buf 215a90e161bSBill Fenner */ 216a90e161bSBill Fenner static int 217a90e161bSBill Fenner name_extract(const u_char *buf, int ofs, const u_char *maxbuf, char *name) 218b0453382SBill Fenner { 219a90e161bSBill Fenner const u_char *p = name_ptr(buf, ofs, maxbuf); 220685295f4SBill Fenner if (p == NULL) 221685295f4SBill Fenner return(-1); /* error (probably name going past end of buffer) */ 222a90e161bSBill Fenner name[0] = '\0'; 223685295f4SBill Fenner return(name_interpret(p, maxbuf, name)); 224b0453382SBill Fenner } 225b0453382SBill Fenner 226b0453382SBill Fenner 227a90e161bSBill Fenner /* 228a90e161bSBill Fenner * return the total storage length of a mangled name 229a90e161bSBill Fenner */ 230a90e161bSBill Fenner static int 231a90e161bSBill Fenner name_len(const unsigned char *s, const unsigned char *maxbuf) 232b0453382SBill Fenner { 233685295f4SBill Fenner const unsigned char *s0 = s; 234685295f4SBill Fenner unsigned char c; 235685295f4SBill Fenner 236685295f4SBill Fenner if (s >= maxbuf) 237685295f4SBill Fenner return(-1); /* name goes past the end of the buffer */ 238685295f4SBill Fenner TCHECK2(*s, 1); 239685295f4SBill Fenner c = *s; 240b0453382SBill Fenner if ((c & 0xC0) == 0xC0) 241b0453382SBill Fenner return(2); 242a90e161bSBill Fenner while (*s) { 243685295f4SBill Fenner if (s >= maxbuf) 244685295f4SBill Fenner return(-1); /* name goes past the end of the buffer */ 245685295f4SBill Fenner TCHECK2(*s, 1); 246685295f4SBill Fenner s += (*s) + 1; 247685295f4SBill Fenner } 248b0453382SBill Fenner return(PTR_DIFF(s, s0) + 1); 249685295f4SBill Fenner 250685295f4SBill Fenner trunc: 251685295f4SBill Fenner return(-1); /* name goes past the end of the buffer */ 252b0453382SBill Fenner } 253b0453382SBill Fenner 254a90e161bSBill Fenner static void 255a90e161bSBill Fenner print_asc(const unsigned char *buf, int len) 256b0453382SBill Fenner { 257b0453382SBill Fenner int i; 258b0453382SBill Fenner for (i = 0; i < len; i++) 259a90e161bSBill Fenner safeputchar(buf[i]); 260b0453382SBill Fenner } 261b0453382SBill Fenner 262a90e161bSBill Fenner static char * 263a90e161bSBill Fenner name_type_str(int name_type) 264b0453382SBill Fenner { 265a90e161bSBill Fenner char *f = NULL; 266a90e161bSBill Fenner 267b0453382SBill Fenner switch (name_type) { 268b0453382SBill Fenner case 0: f = "Workstation"; break; 269b0453382SBill Fenner case 0x03: f = "Client?"; break; 270b0453382SBill Fenner case 0x20: f = "Server"; break; 271b0453382SBill Fenner case 0x1d: f = "Master Browser"; break; 272b0453382SBill Fenner case 0x1b: f = "Domain Controller"; break; 273b0453382SBill Fenner case 0x1e: f = "Browser Server"; break; 274b0453382SBill Fenner default: f = "Unknown"; break; 275b0453382SBill Fenner } 276b0453382SBill Fenner return(f); 277b0453382SBill Fenner } 278b0453382SBill Fenner 279a90e161bSBill Fenner void 280a90e161bSBill Fenner print_data(const unsigned char *buf, int len) 281b0453382SBill Fenner { 282b0453382SBill Fenner int i = 0; 283a90e161bSBill Fenner 284a90e161bSBill Fenner if (len <= 0) 285a90e161bSBill Fenner return; 286b0453382SBill Fenner printf("[%03X] ", i); 287a90e161bSBill Fenner for (i = 0; i < len; /*nothing*/) { 288a90e161bSBill Fenner printf("%02X ", buf[i] & 0xff); 289b0453382SBill Fenner i++; 290a90e161bSBill Fenner if (i%8 == 0) 291a90e161bSBill Fenner printf(" "); 292b0453382SBill Fenner if (i % 16 == 0) { 293a90e161bSBill Fenner print_asc(&buf[i - 16], 8); 294a90e161bSBill Fenner printf(" "); 295a90e161bSBill Fenner print_asc(&buf[i - 8], 8); 296a90e161bSBill Fenner printf("\n"); 297a90e161bSBill Fenner if (i < len) 298a90e161bSBill Fenner printf("[%03X] ", i); 299b0453382SBill Fenner } 300b0453382SBill Fenner } 301b0453382SBill Fenner if (i % 16) { 302b0453382SBill Fenner int n; 303b0453382SBill Fenner 304b0453382SBill Fenner n = 16 - (i % 16); 305b0453382SBill Fenner printf(" "); 306a90e161bSBill Fenner if (n>8) 307a90e161bSBill Fenner printf(" "); 308a90e161bSBill Fenner while (n--) 309a90e161bSBill Fenner printf(" "); 310b0453382SBill Fenner 311a90e161bSBill Fenner n = SMBMIN(8, i % 16); 312a90e161bSBill Fenner print_asc(&buf[i - (i % 16)], n); 313a90e161bSBill Fenner printf(" "); 314b0453382SBill Fenner n = (i % 16) - n; 315a90e161bSBill Fenner if (n > 0) 316a90e161bSBill Fenner print_asc(&buf[i - n], n); 317b0453382SBill Fenner printf("\n"); 318b0453382SBill Fenner } 319b0453382SBill Fenner } 320b0453382SBill Fenner 321b0453382SBill Fenner 322a90e161bSBill Fenner static void 323a90e161bSBill Fenner write_bits(unsigned int val, char *fmt) 324b0453382SBill Fenner { 325b0453382SBill Fenner char *p = fmt; 326b0453382SBill Fenner int i = 0; 327b0453382SBill Fenner 328b0453382SBill Fenner while ((p = strchr(fmt, '|'))) { 329a90e161bSBill Fenner size_t l = PTR_DIFF(p, fmt); 330b0453382SBill Fenner if (l && (val & (1 << i))) 331a90e161bSBill Fenner printf("%.*s ", (int)l, fmt); 332b0453382SBill Fenner fmt = p + 1; 333b0453382SBill Fenner i++; 334b0453382SBill Fenner } 335b0453382SBill Fenner } 336b0453382SBill Fenner 337a90e161bSBill Fenner /* convert a UCS2 string into iso-8859-1 string */ 338a90e161bSBill Fenner static const char * 339a90e161bSBill Fenner unistr(const char *s, int *len) 340b0453382SBill Fenner { 341b0453382SBill Fenner static char buf[1000]; 342b0453382SBill Fenner int l=0; 343b0453382SBill Fenner static int use_unicode = -1; 344b0453382SBill Fenner 345b0453382SBill Fenner if (use_unicode == -1) { 346b0453382SBill Fenner char *p = getenv("USE_UNICODE"); 347b0453382SBill Fenner if (p && (atoi(p) == 1)) 348b0453382SBill Fenner use_unicode = 1; 349b0453382SBill Fenner else 350b0453382SBill Fenner use_unicode = 0; 351b0453382SBill Fenner } 352b0453382SBill Fenner 353b0453382SBill Fenner /* maybe it isn't unicode - a cheap trick */ 354b0453382SBill Fenner if (!use_unicode || (s[0] && s[1])) { 355b0453382SBill Fenner *len = strlen(s) + 1; 356b0453382SBill Fenner return s; 357b0453382SBill Fenner } 358b0453382SBill Fenner 359b0453382SBill Fenner *len = 0; 360b0453382SBill Fenner 361b0453382SBill Fenner if (s[0] == 0 && s[1] != 0) { 362b0453382SBill Fenner s++; 363b0453382SBill Fenner *len = 1; 364b0453382SBill Fenner } 365b0453382SBill Fenner 366b0453382SBill Fenner while (l < (sizeof(buf) - 1) && s[0] && s[1] == 0) { 367b0453382SBill Fenner buf[l] = s[0]; 368a90e161bSBill Fenner s += 2; 369a90e161bSBill Fenner l++; 370b0453382SBill Fenner *len += 2; 371b0453382SBill Fenner } 372b0453382SBill Fenner buf[l] = 0; 373b0453382SBill Fenner *len += 2; 374b0453382SBill Fenner return buf; 375b0453382SBill Fenner } 376b0453382SBill Fenner 377a90e161bSBill Fenner static const u_char * 378a90e161bSBill Fenner smb_fdata1(const u_char *buf, const char *fmt, const u_char *maxbuf) 379b0453382SBill Fenner { 380b0453382SBill Fenner int reverse = 0; 381b0453382SBill Fenner char *attrib_fmt = "READONLY|HIDDEN|SYSTEM|VOLUME|DIR|ARCHIVE|"; 382b0453382SBill Fenner int len; 383b0453382SBill Fenner 384b0453382SBill Fenner while (*fmt && buf<maxbuf) { 385b0453382SBill Fenner switch (*fmt) { 386b0453382SBill Fenner case 'a': 387a90e161bSBill Fenner write_bits(buf[0], attrib_fmt); 388a90e161bSBill Fenner buf++; 389a90e161bSBill Fenner fmt++; 390b0453382SBill Fenner break; 391b0453382SBill Fenner 392b0453382SBill Fenner case 'A': 393a90e161bSBill Fenner write_bits(EXTRACT_LE_16BITS(buf), attrib_fmt); 394a90e161bSBill Fenner buf += 2; 395a90e161bSBill Fenner fmt++; 396b0453382SBill Fenner break; 397b0453382SBill Fenner 398b0453382SBill Fenner case '{': 399b0453382SBill Fenner { 400b0453382SBill Fenner char bitfmt[128]; 401b0453382SBill Fenner char *p = strchr(++fmt, '}'); 402b0453382SBill Fenner int l = PTR_DIFF(p, fmt); 403b0453382SBill Fenner strncpy(bitfmt, fmt, l); 404b0453382SBill Fenner bitfmt[l] = 0; 405b0453382SBill Fenner fmt = p + 1; 406a90e161bSBill Fenner write_bits(buf[0], bitfmt); 407b0453382SBill Fenner buf++; 408b0453382SBill Fenner break; 409b0453382SBill Fenner } 410b0453382SBill Fenner 411b0453382SBill Fenner case 'P': 412b0453382SBill Fenner { 413b0453382SBill Fenner int l = atoi(fmt + 1); 414b0453382SBill Fenner buf += l; 415b0453382SBill Fenner fmt++; 416a90e161bSBill Fenner while (isdigit(*fmt)) 417a90e161bSBill Fenner fmt++; 418b0453382SBill Fenner break; 419b0453382SBill Fenner } 420b0453382SBill Fenner case 'r': 421b0453382SBill Fenner reverse = !reverse; 422b0453382SBill Fenner fmt++; 423b0453382SBill Fenner break; 424b0453382SBill Fenner case 'D': 425b0453382SBill Fenner { 426a90e161bSBill Fenner unsigned int x; 427a90e161bSBill Fenner 428a90e161bSBill Fenner TCHECK2(buf[0], 4); 429a90e161bSBill Fenner x = reverse ? EXTRACT_32BITS(buf) : EXTRACT_LE_32BITS(buf); 430b0453382SBill Fenner printf("%d (0x%x)", x, x); 431b0453382SBill Fenner buf += 4; 432b0453382SBill Fenner fmt++; 433b0453382SBill Fenner break; 434b0453382SBill Fenner } 435b0453382SBill Fenner case 'L': 436b0453382SBill Fenner { 437a90e161bSBill Fenner unsigned int x1, x2; 438a90e161bSBill Fenner 439a90e161bSBill Fenner TCHECK2(buf[4], 4); 440a90e161bSBill Fenner x1 = reverse ? EXTRACT_32BITS(buf) : 441a90e161bSBill Fenner EXTRACT_LE_32BITS(buf); 442a90e161bSBill Fenner x2 = reverse ? EXTRACT_32BITS(buf + 4) : 443a90e161bSBill Fenner EXTRACT_LE_32BITS(buf + 4); 444a90e161bSBill Fenner if (x2) 445b0453382SBill Fenner printf("0x%08x:%08x", x2, x1); 446a90e161bSBill Fenner else 447b0453382SBill Fenner printf("%d (0x%08x%08x)", x1, x2, x1); 448b0453382SBill Fenner buf += 8; 449b0453382SBill Fenner fmt++; 450b0453382SBill Fenner break; 451b0453382SBill Fenner } 452b0453382SBill Fenner case 'd': 453b0453382SBill Fenner { 454a90e161bSBill Fenner unsigned int x; 455a90e161bSBill Fenner TCHECK2(buf[0], 2); 456a90e161bSBill Fenner x = reverse ? EXTRACT_16BITS(buf) : 457a90e161bSBill Fenner EXTRACT_LE_16BITS(buf); 458b0453382SBill Fenner printf("%d (0x%x)", x, x); 459b0453382SBill Fenner buf += 2; 460b0453382SBill Fenner fmt++; 461b0453382SBill Fenner break; 462b0453382SBill Fenner } 463b0453382SBill Fenner case 'W': 464b0453382SBill Fenner { 465a90e161bSBill Fenner unsigned int x; 466a90e161bSBill Fenner TCHECK2(buf[0], 4); 467a90e161bSBill Fenner x = reverse ? EXTRACT_32BITS(buf) : 468a90e161bSBill Fenner EXTRACT_LE_32BITS(buf); 469b0453382SBill Fenner printf("0x%X", x); 470b0453382SBill Fenner buf += 4; 471b0453382SBill Fenner fmt++; 472b0453382SBill Fenner break; 473b0453382SBill Fenner } 474b0453382SBill Fenner case 'w': 475b0453382SBill Fenner { 476a90e161bSBill Fenner unsigned int x; 477a90e161bSBill Fenner TCHECK2(buf[0], 2); 478a90e161bSBill Fenner x = reverse ? EXTRACT_16BITS(buf) : 479a90e161bSBill Fenner EXTRACT_LE_16BITS(buf); 480b0453382SBill Fenner printf("0x%X", x); 481b0453382SBill Fenner buf += 2; 482b0453382SBill Fenner fmt++; 483b0453382SBill Fenner break; 484b0453382SBill Fenner } 485b0453382SBill Fenner case 'B': 486b0453382SBill Fenner { 487a90e161bSBill Fenner unsigned int x; 488a90e161bSBill Fenner TCHECK(buf[0]); 489a90e161bSBill Fenner x = buf[0]; 490b0453382SBill Fenner printf("0x%X", x); 491b0453382SBill Fenner buf += 1; 492b0453382SBill Fenner fmt++; 493b0453382SBill Fenner break; 494b0453382SBill Fenner } 495b0453382SBill Fenner case 'b': 496b0453382SBill Fenner { 497a90e161bSBill Fenner unsigned int x; 498a90e161bSBill Fenner TCHECK(buf[0]); 499a90e161bSBill Fenner x = buf[0]; 500a90e161bSBill Fenner printf("%u (0x%x)", x, x); 501b0453382SBill Fenner buf += 1; 502b0453382SBill Fenner fmt++; 503b0453382SBill Fenner break; 504b0453382SBill Fenner } 505b0453382SBill Fenner case 'S': 506b0453382SBill Fenner { 507a90e161bSBill Fenner /*XXX unistr() */ 508b0453382SBill Fenner printf("%.*s", (int)PTR_DIFF(maxbuf, buf), unistr(buf, &len)); 509b0453382SBill Fenner buf += len; 510b0453382SBill Fenner fmt++; 511b0453382SBill Fenner break; 512b0453382SBill Fenner } 513b0453382SBill Fenner case 'Z': 514b0453382SBill Fenner { 515b0453382SBill Fenner if (*buf != 4 && *buf != 2) 516a90e161bSBill Fenner printf("Error! ASCIIZ buffer of type %u (safety=%lu)\n", *buf, 517a90e161bSBill Fenner (unsigned long)PTR_DIFF(maxbuf, buf)); 518a90e161bSBill Fenner printf("%.*s", (int)PTR_DIFF(maxbuf, buf + 1), 519a90e161bSBill Fenner unistr(buf + 1, &len)); 520b0453382SBill Fenner buf += len + 1; 521b0453382SBill Fenner fmt++; 522b0453382SBill Fenner break; 523b0453382SBill Fenner } 524b0453382SBill Fenner case 's': 525b0453382SBill Fenner { 526b0453382SBill Fenner int l = atoi(fmt + 1); 527b0453382SBill Fenner printf("%-*.*s", l, l, buf); 528b0453382SBill Fenner buf += l; 529a90e161bSBill Fenner fmt++; 530a90e161bSBill Fenner while (isdigit(*fmt)) 531a90e161bSBill Fenner fmt++; 532b0453382SBill Fenner break; 533b0453382SBill Fenner } 534b0453382SBill Fenner case 'h': 535b0453382SBill Fenner { 536b0453382SBill Fenner int l = atoi(fmt + 1); 537a90e161bSBill Fenner while (l--) 538a90e161bSBill Fenner printf("%02x", *buf++); 539a90e161bSBill Fenner fmt++; 540a90e161bSBill Fenner while (isdigit(*fmt)) 541a90e161bSBill Fenner fmt++; 542b0453382SBill Fenner break; 543b0453382SBill Fenner } 544b0453382SBill Fenner case 'n': 545b0453382SBill Fenner { 546b0453382SBill Fenner int t = atoi(fmt+1); 547b0453382SBill Fenner char nbuf[255]; 548b0453382SBill Fenner int name_type; 549685295f4SBill Fenner int len; 550a90e161bSBill Fenner 551b0453382SBill Fenner switch (t) { 552b0453382SBill Fenner case 1: 553a90e161bSBill Fenner name_type = name_extract(startbuf, PTR_DIFF(buf, startbuf), 554a90e161bSBill Fenner maxbuf, nbuf); 555685295f4SBill Fenner if (name_type < 0) 556685295f4SBill Fenner goto trunc; 557685295f4SBill Fenner len = name_len(buf, maxbuf); 558685295f4SBill Fenner if (len < 0) 559685295f4SBill Fenner goto trunc; 560685295f4SBill Fenner buf += len; 561a90e161bSBill Fenner printf("%-15.15s NameType=0x%02X (%s)", nbuf, name_type, 562a90e161bSBill Fenner name_type_str(name_type)); 563b0453382SBill Fenner break; 564b0453382SBill Fenner case 2: 565b0453382SBill Fenner name_type = buf[15]; 566a90e161bSBill Fenner printf("%-15.15s NameType=0x%02X (%s)", buf, name_type, 567a90e161bSBill Fenner name_type_str(name_type)); 568b0453382SBill Fenner buf += 16; 569b0453382SBill Fenner break; 570b0453382SBill Fenner } 571a90e161bSBill Fenner fmt++; 572a90e161bSBill Fenner while (isdigit(*fmt)) 573a90e161bSBill Fenner fmt++; 574b0453382SBill Fenner break; 575b0453382SBill Fenner } 576b0453382SBill Fenner case 'T': 577b0453382SBill Fenner { 578b0453382SBill Fenner time_t t; 579a90e161bSBill Fenner int x; 580a90e161bSBill Fenner x = EXTRACT_LE_32BITS(buf); 581a90e161bSBill Fenner 582b0453382SBill Fenner switch (atoi(fmt + 1)) { 583b0453382SBill Fenner case 1: 584b0453382SBill Fenner if (x == 0 || x == -1 || x == 0xFFFFFFFF) 585b0453382SBill Fenner t = 0; 586b0453382SBill Fenner else 587b0453382SBill Fenner t = make_unix_date(buf); 588b0453382SBill Fenner buf += 4; 589b0453382SBill Fenner break; 590b0453382SBill Fenner case 2: 591b0453382SBill Fenner if (x == 0 || x == -1 || x == 0xFFFFFFFF) 592b0453382SBill Fenner t = 0; 593b0453382SBill Fenner else 594b0453382SBill Fenner t = make_unix_date2(buf); 595b0453382SBill Fenner buf += 4; 596b0453382SBill Fenner break; 597b0453382SBill Fenner case 3: 598b0453382SBill Fenner t = interpret_long_date(buf); 599b0453382SBill Fenner buf += 8; 600b0453382SBill Fenner break; 601b0453382SBill Fenner } 602b0453382SBill Fenner printf("%s", t ? asctime(localtime(&t)) : "NULL\n"); 603a90e161bSBill Fenner fmt++; 604a90e161bSBill Fenner while (isdigit(*fmt)) 605a90e161bSBill Fenner fmt++; 606b0453382SBill Fenner break; 607b0453382SBill Fenner } 608b0453382SBill Fenner default: 609b0453382SBill Fenner putchar(*fmt); 610b0453382SBill Fenner fmt++; 611b0453382SBill Fenner break; 612b0453382SBill Fenner } 613b0453382SBill Fenner } 614b0453382SBill Fenner 615b0453382SBill Fenner if (buf >= maxbuf && *fmt) 616b0453382SBill Fenner printf("END OF BUFFER\n"); 617b0453382SBill Fenner 618b0453382SBill Fenner return(buf); 619685295f4SBill Fenner 620685295f4SBill Fenner trunc: 621685295f4SBill Fenner printf("\n"); 622685295f4SBill Fenner printf("WARNING: Short packet. Try increasing the snap length\n"); 623685295f4SBill Fenner return(NULL); 624b0453382SBill Fenner } 625b0453382SBill Fenner 626a90e161bSBill Fenner const u_char * 627a90e161bSBill Fenner smb_fdata(const u_char *buf, const char *fmt, const u_char *maxbuf) 628b0453382SBill Fenner { 629b0453382SBill Fenner static int depth = 0; 630b0453382SBill Fenner char s[128]; 631b0453382SBill Fenner char *p; 632b0453382SBill Fenner 633b0453382SBill Fenner while (*fmt) { 634b0453382SBill Fenner switch (*fmt) { 635b0453382SBill Fenner case '*': 636b0453382SBill Fenner fmt++; 637b0453382SBill Fenner while (buf < maxbuf) { 638a90e161bSBill Fenner const u_char *buf2; 639b0453382SBill Fenner depth++; 640a90e161bSBill Fenner buf2 = smb_fdata(buf, fmt, maxbuf); 641b0453382SBill Fenner depth--; 642a90e161bSBill Fenner if (buf2 == NULL) 643a90e161bSBill Fenner return(NULL); 644a90e161bSBill Fenner if (buf2 == buf) 645a90e161bSBill Fenner return(buf); 646b0453382SBill Fenner buf = buf2; 647b0453382SBill Fenner } 648a90e161bSBill Fenner return(buf); 649b0453382SBill Fenner 650b0453382SBill Fenner case '|': 651b0453382SBill Fenner fmt++; 652a90e161bSBill Fenner if (buf >= maxbuf) 653a90e161bSBill Fenner return(buf); 654b0453382SBill Fenner break; 655b0453382SBill Fenner 656b0453382SBill Fenner case '%': 657b0453382SBill Fenner fmt++; 658b0453382SBill Fenner buf = maxbuf; 659b0453382SBill Fenner break; 660b0453382SBill Fenner 661b0453382SBill Fenner case '#': 662b0453382SBill Fenner fmt++; 663b0453382SBill Fenner return(buf); 664b0453382SBill Fenner break; 665b0453382SBill Fenner 666b0453382SBill Fenner case '[': 667b0453382SBill Fenner fmt++; 668a90e161bSBill Fenner if (buf >= maxbuf) 669a90e161bSBill Fenner return(buf); 670685295f4SBill Fenner memset(s, 0, sizeof(s)); 671b0453382SBill Fenner p = strchr(fmt, ']'); 672a90e161bSBill Fenner if (p - fmt + 1 > sizeof(s)) { 673a90e161bSBill Fenner /* overrun */ 674a90e161bSBill Fenner return(buf); 675a90e161bSBill Fenner } 676b0453382SBill Fenner strncpy(s, fmt, p - fmt); 677a90e161bSBill Fenner s[p - fmt] = '\0'; 678b0453382SBill Fenner fmt = p + 1; 679a90e161bSBill Fenner buf = smb_fdata1(buf, s, maxbuf); 680685295f4SBill Fenner if (buf == NULL) 681685295f4SBill Fenner return(NULL); 682b0453382SBill Fenner break; 683b0453382SBill Fenner 684b0453382SBill Fenner default: 685a90e161bSBill Fenner putchar(*fmt); 686a90e161bSBill Fenner fmt++; 687b0453382SBill Fenner fflush(stdout); 688b0453382SBill Fenner break; 689b0453382SBill Fenner } 690b0453382SBill Fenner } 691b0453382SBill Fenner if (!depth && buf < maxbuf) { 692a90e161bSBill Fenner size_t len = PTR_DIFF(maxbuf, buf); 693a90e161bSBill Fenner printf("Data: (%lu bytes)\n", (unsigned long)len); 694b0453382SBill Fenner print_data(buf, len); 695b0453382SBill Fenner return(buf + len); 696b0453382SBill Fenner } 697b0453382SBill Fenner return(buf); 698b0453382SBill Fenner } 699b0453382SBill Fenner 700a90e161bSBill Fenner typedef struct { 701a90e161bSBill Fenner const char *name; 702b0453382SBill Fenner int code; 703a90e161bSBill Fenner const char *message; 704b0453382SBill Fenner } err_code_struct; 705b0453382SBill Fenner 706b0453382SBill Fenner /* Dos Error Messages */ 707b0453382SBill Fenner static err_code_struct dos_msgs[] = { 708b0453382SBill Fenner { "ERRbadfunc", 1, "Invalid function." }, 709b0453382SBill Fenner { "ERRbadfile", 2, "File not found." }, 710b0453382SBill Fenner { "ERRbadpath", 3, "Directory invalid." }, 711b0453382SBill Fenner { "ERRnofids", 4, "No file descriptors available" }, 712b0453382SBill Fenner { "ERRnoaccess", 5, "Access denied." }, 713b0453382SBill Fenner { "ERRbadfid", 6, "Invalid file handle." }, 714b0453382SBill Fenner { "ERRbadmcb", 7, "Memory control blocks destroyed." }, 715b0453382SBill Fenner { "ERRnomem", 8, "Insufficient server memory to perform the requested function." }, 716b0453382SBill Fenner { "ERRbadmem", 9, "Invalid memory block address." }, 717b0453382SBill Fenner { "ERRbadenv", 10, "Invalid environment." }, 718b0453382SBill Fenner { "ERRbadformat", 11, "Invalid format." }, 719b0453382SBill Fenner { "ERRbadaccess", 12, "Invalid open mode." }, 720b0453382SBill Fenner { "ERRbaddata", 13, "Invalid data." }, 721b0453382SBill Fenner { "ERR", 14, "reserved." }, 722b0453382SBill Fenner { "ERRbaddrive", 15, "Invalid drive specified." }, 723b0453382SBill Fenner { "ERRremcd", 16, "A Delete Directory request attempted to remove the server's current directory." }, 724b0453382SBill Fenner { "ERRdiffdevice", 17, "Not same device." }, 725b0453382SBill Fenner { "ERRnofiles", 18, "A File Search command can find no more files matching the specified criteria." }, 726b0453382SBill Fenner { "ERRbadshare", 32, "The sharing mode specified for an Open conflicts with existing FIDs on the file." }, 727b0453382SBill Fenner { "ERRlock", 33, "A Lock request conflicted with an existing lock or specified an invalid mode, or an Unlock requested attempted to remove a lock held by another process." }, 728b0453382SBill Fenner { "ERRfilexists", 80, "The file named in a Create Directory, Make New File or Link request already exists." }, 729b0453382SBill Fenner { "ERRbadpipe", 230, "Pipe invalid." }, 730b0453382SBill Fenner { "ERRpipebusy", 231, "All instances of the requested pipe are busy." }, 731b0453382SBill Fenner { "ERRpipeclosing", 232, "Pipe close in progress." }, 732b0453382SBill Fenner { "ERRnotconnected", 233, "No process on other end of pipe." }, 733b0453382SBill Fenner { "ERRmoredata", 234, "There is more data to be returned." }, 734a90e161bSBill Fenner { NULL, -1, NULL } 735a90e161bSBill Fenner }; 736b0453382SBill Fenner 737b0453382SBill Fenner /* Server Error Messages */ 738b0453382SBill Fenner err_code_struct server_msgs[] = { 739b0453382SBill Fenner { "ERRerror", 1, "Non-specific error code." }, 740b0453382SBill Fenner { "ERRbadpw", 2, "Bad password - name/password pair in a Tree Connect or Session Setup are invalid." }, 741b0453382SBill Fenner { "ERRbadtype", 3, "reserved." }, 742b0453382SBill Fenner { "ERRaccess", 4, "The requester does not have the necessary access rights within the specified context for the requested function. The context is defined by the TID or the UID." }, 743b0453382SBill Fenner { "ERRinvnid", 5, "The tree ID (TID) specified in a command was invalid." }, 744b0453382SBill Fenner { "ERRinvnetname", 6, "Invalid network name in tree connect." }, 745b0453382SBill Fenner { "ERRinvdevice", 7, "Invalid device - printer request made to non-printer connection or non-printer request made to printer connection." }, 746b0453382SBill Fenner { "ERRqfull", 49, "Print queue full (files) -- returned by open print file." }, 747b0453382SBill Fenner { "ERRqtoobig", 50, "Print queue full -- no space." }, 748b0453382SBill Fenner { "ERRqeof", 51, "EOF on print queue dump." }, 749b0453382SBill Fenner { "ERRinvpfid", 52, "Invalid print file FID." }, 750b0453382SBill Fenner { "ERRsmbcmd", 64, "The server did not recognize the command received." }, 751b0453382SBill Fenner { "ERRsrverror", 65, "The server encountered an internal error, e.g., system file unavailable." }, 752b0453382SBill Fenner { "ERRfilespecs", 67, "The file handle (FID) and pathname parameters contained an invalid combination of values." }, 753b0453382SBill Fenner { "ERRreserved", 68, "reserved." }, 754b0453382SBill Fenner { "ERRbadpermits", 69, "The access permissions specified for a file or directory are not a valid combination. The server cannot set the requested attribute." }, 755b0453382SBill Fenner { "ERRreserved", 70, "reserved." }, 756b0453382SBill Fenner { "ERRsetattrmode", 71, "The attribute mode in the Set File Attribute request is invalid." }, 757b0453382SBill Fenner { "ERRpaused", 81, "Server is paused." }, 758b0453382SBill Fenner { "ERRmsgoff", 82, "Not receiving messages." }, 759b0453382SBill Fenner { "ERRnoroom", 83, "No room to buffer message." }, 760b0453382SBill Fenner { "ERRrmuns", 87, "Too many remote user names." }, 761b0453382SBill Fenner { "ERRtimeout", 88, "Operation timed out." }, 762b0453382SBill Fenner { "ERRnoresource", 89, "No resources currently available for request." }, 763b0453382SBill Fenner { "ERRtoomanyuids", 90, "Too many UIDs active on this session." }, 764b0453382SBill Fenner { "ERRbaduid", 91, "The UID is not known as a valid ID on this session." }, 765b0453382SBill Fenner { "ERRusempx", 250, "Temp unable to support Raw, use MPX mode." }, 766b0453382SBill Fenner { "ERRusestd", 251, "Temp unable to support Raw, use standard read/write." }, 767b0453382SBill Fenner { "ERRcontmpx", 252, "Continue in MPX mode." }, 768b0453382SBill Fenner { "ERRreserved", 253, "reserved." }, 769b0453382SBill Fenner { "ERRreserved", 254, "reserved." }, 770b0453382SBill Fenner { "ERRnosupport", 0xFFFF, "Function not supported." }, 771a90e161bSBill Fenner { NULL, -1, NULL } 772a90e161bSBill Fenner }; 773b0453382SBill Fenner 774b0453382SBill Fenner /* Hard Error Messages */ 775b0453382SBill Fenner err_code_struct hard_msgs[] = { 776b0453382SBill Fenner { "ERRnowrite", 19, "Attempt to write on write-protected diskette." }, 777b0453382SBill Fenner { "ERRbadunit", 20, "Unknown unit." }, 778b0453382SBill Fenner { "ERRnotready", 21, "Drive not ready." }, 779b0453382SBill Fenner { "ERRbadcmd", 22, "Unknown command." }, 780b0453382SBill Fenner { "ERRdata", 23, "Data error (CRC)." }, 781b0453382SBill Fenner { "ERRbadreq", 24, "Bad request structure length." }, 782b0453382SBill Fenner { "ERRseek", 25 , "Seek error." }, 783b0453382SBill Fenner { "ERRbadmedia", 26, "Unknown media type." }, 784b0453382SBill Fenner { "ERRbadsector", 27, "Sector not found." }, 785b0453382SBill Fenner { "ERRnopaper", 28, "Printer out of paper." }, 786b0453382SBill Fenner { "ERRwrite", 29, "Write fault." }, 787b0453382SBill Fenner { "ERRread", 30, "Read fault." }, 788b0453382SBill Fenner { "ERRgeneral", 31, "General failure." }, 789b0453382SBill Fenner { "ERRbadshare", 32, "A open conflicts with an existing open." }, 790b0453382SBill Fenner { "ERRlock", 33, "A Lock request conflicted with an existing lock or specified an invalid mode, or an Unlock requested attempted to remove a lock held by another process." }, 791b0453382SBill Fenner { "ERRwrongdisk", 34, "The wrong disk was found in a drive." }, 792b0453382SBill Fenner { "ERRFCBUnavail", 35, "No FCBs are available to process request." }, 793b0453382SBill Fenner { "ERRsharebufexc", 36, "A sharing buffer has been exceeded." }, 794a90e161bSBill Fenner { NULL, -1, NULL } 795a90e161bSBill Fenner }; 796b0453382SBill Fenner 797a90e161bSBill Fenner static struct { 798b0453382SBill Fenner int code; 799b0453382SBill Fenner char *class; 800b0453382SBill Fenner err_code_struct *err_msgs; 801b0453382SBill Fenner } err_classes[] = { 802b0453382SBill Fenner { 0, "SUCCESS", NULL }, 803b0453382SBill Fenner { 0x01, "ERRDOS", dos_msgs }, 804b0453382SBill Fenner { 0x02, "ERRSRV", server_msgs }, 805b0453382SBill Fenner { 0x03, "ERRHRD", hard_msgs }, 806b0453382SBill Fenner { 0x04, "ERRXOS", NULL }, 807b0453382SBill Fenner { 0xE1, "ERRRMX1", NULL }, 808b0453382SBill Fenner { 0xE2, "ERRRMX2", NULL }, 809b0453382SBill Fenner { 0xE3, "ERRRMX3", NULL }, 810b0453382SBill Fenner { 0xFF, "ERRCMD", NULL }, 811a90e161bSBill Fenner { -1, NULL, NULL } 812a90e161bSBill Fenner }; 813b0453382SBill Fenner 814a90e161bSBill Fenner /* 815a90e161bSBill Fenner * return a SMB error string from a SMB buffer 816a90e161bSBill Fenner */ 817a90e161bSBill Fenner char * 818a90e161bSBill Fenner smb_errstr(int class, int num) 819b0453382SBill Fenner { 820b0453382SBill Fenner static char ret[128]; 821b0453382SBill Fenner int i, j; 822b0453382SBill Fenner 823b0453382SBill Fenner ret[0] = 0; 824b0453382SBill Fenner 825b0453382SBill Fenner for (i = 0; err_classes[i].class; i++) 826a90e161bSBill Fenner if (err_classes[i].code == class) { 827a90e161bSBill Fenner if (err_classes[i].err_msgs) { 828b0453382SBill Fenner err_code_struct *err = err_classes[i].err_msgs; 829b0453382SBill Fenner for (j = 0; err[j].name; j++) 830a90e161bSBill Fenner if (num == err[j].code) { 831a90e161bSBill Fenner snprintf(ret, sizeof(ret), "%s - %s (%s)", 832a90e161bSBill Fenner err_classes[i].class, err[j].name, err[j].message); 833b0453382SBill Fenner return ret; 834b0453382SBill Fenner } 835b0453382SBill Fenner } 836b0453382SBill Fenner 837685295f4SBill Fenner snprintf(ret, sizeof(ret), "%s - %d", err_classes[i].class, num); 838b0453382SBill Fenner return ret; 839b0453382SBill Fenner } 840b0453382SBill Fenner 841685295f4SBill Fenner snprintf(ret, sizeof(ret), "ERROR: Unknown error (%d,%d)", class, num); 842b0453382SBill Fenner return(ret); 843b0453382SBill Fenner } 844