2 * Routines for BOOTP/DHCP packet disassembly
3 * Gilbert Ramirez <gram@alumni.rice.edu>
5 * $Id: packet-bootp.c,v 1.63 2002/01/24 09:20:47 guy Exp $
7 * The information used comes from:
8 * RFC 951: Bootstrap Protocol
9 * RFC 1497: BOOTP extensions
10 * RFC 1542: Clarifications and Extensions for the Bootstrap Protocol
11 * RFC 2131: Dynamic Host Configuration Protocol
12 * RFC 2132: DHCP Options and BOOTP Vendor Extensions
13 * RFC 2489: Procedure for Defining New DHCP Options
14 * RFC 3046: DHCP Relay Agent Information Option
15 * RFC 3118: Authentication for DHCP Messages
16 * BOOTP and DHCP Parameters
17 * http://www.iana.org/assignments/bootp-dhcp-parameters
19 * Ethereal - Network traffic analyzer
20 * By Gerald Combs <gerald@ethereal.com>
21 * Copyright 1998 Gerald Combs
23 * This program is free software; you can redistribute it and/or
24 * modify it under the terms of the GNU General Public License
25 * as published by the Free Software Foundation; either version 2
26 * of the License, or (at your option) any later version.
28 * This program is distributed in the hope that it will be useful,
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
31 * GNU General Public License for more details.
33 * You should have received a copy of the GNU General Public License
34 * along with this program; if not, write to the Free Software
35 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
42 #ifdef HAVE_SYS_TYPES_H
43 # include <sys/types.h>
48 #include <epan/int-64bit.h>
49 #include <epan/packet.h>
50 #include "packet-arp.h"
52 static int proto_bootp = -1;
53 static int hf_bootp_type = -1;
54 static int hf_bootp_hw_type = -1;
55 static int hf_bootp_hw_len = -1;
56 static int hf_bootp_hops = -1;
57 static int hf_bootp_id = -1;
58 static int hf_bootp_secs = -1;
59 static int hf_bootp_flag = -1;
60 static int hf_bootp_ip_client = -1;
61 static int hf_bootp_ip_your = -1;
62 static int hf_bootp_ip_server = -1;
63 static int hf_bootp_ip_relay = -1;
64 static int hf_bootp_hw_addr = -1;
65 static int hf_bootp_server = -1;
66 static int hf_bootp_file = -1;
67 static int hf_bootp_cookie = -1;
68 static int hf_bootp_dhcp = -1;
70 static guint ett_bootp = -1;
71 static guint ett_bootp_option = -1;
73 #define UDP_PORT_BOOTPS 67
75 enum field_type { none, ipv4, string, toggle, yes_no, special, opaque,
77 val_u_byte, val_u_short, val_u_le_short, val_u_long,
82 enum field_type ftype;
85 #define NUM_OPT_INFOS 211
86 #define NUM_O63_SUBOPTS 11
88 static int dissect_vendor_pxeclient_suboption(proto_tree *v_tree, tvbuff_t *tvb,
90 static int dissect_netware_ip_suboption(proto_tree *v_tree, tvbuff_t *tvb,
92 static int bootp_dhcp_decode_agent_info(proto_tree *v_tree, tvbuff_t *tvb,
96 get_dhcp_type(guint8 byte)
98 static const char *opt53_text[] = {
99 "Unknown Message Type",
111 if (byte > 0 && byte < (sizeof opt53_text / sizeof opt53_text[0]))
115 return opt53_text[i];
118 /* DHCP Authentication protocols */
119 #define AUTHEN_PROTO_CONFIG_TOKEN 0
120 #define AUTHEN_PROTO_DELAYED_AUTHEN 1
122 /* DHCP Authentication algorithms for delayed authentication */
123 #define AUTHEN_DELAYED_ALGO_HMAC_MD5 1
125 /* DHCP Authentication Replay Detection Methods */
126 #define AUTHEN_RDM_MONOTONIC_COUNTER 0x00
128 /* Returns the number of bytes consumed by this option. */
130 bootp_option(tvbuff_t *tvb, proto_tree *bp_tree, int voff, int eoff,
131 gboolean first_pass, gboolean *at_end, const char **dhcp_type_p,
132 const guint8 **vendor_class_id_p)
135 enum field_type ftype;
136 u_char code = tvb_get_guint8(tvb, voff);
139 int i,optp, consumed;
147 static const value_string nbnt_vals[] = {
154 static const value_string authen_protocol_vals[] = {
155 {AUTHEN_PROTO_CONFIG_TOKEN, "configuration token" },
156 {AUTHEN_PROTO_DELAYED_AUTHEN, "delayed authentication" },
159 static const value_string authen_da_algo_vals[] = {
160 {AUTHEN_DELAYED_ALGO_HMAC_MD5, "HMAC_MD5" },
163 static const value_string authen_rdm_vals[] = {
164 {AUTHEN_RDM_MONOTONIC_COUNTER, "Monotonically-increasing counter" },
167 static struct opt_info opt[] = {
168 /* 0 */ { "Padding", none },
169 /* 1 */ { "Subnet Mask", ipv4 },
170 /* 2 */ { "Time Offset", val_s_long },
171 /* 3 */ { "Router", ipv4 },
172 /* 4 */ { "Time Server", ipv4 },
173 /* 5 */ { "Name Server", ipv4 },
174 /* 6 */ { "Domain Name Server", ipv4 },
175 /* 7 */ { "Log Server", ipv4 },
176 /* 8 */ { "Cookie Server", ipv4 },
177 /* 9 */ { "LPR Server", ipv4 },
178 /* 10 */ { "Impress Server", ipv4 },
179 /* 11 */ { "Resource Location Server", ipv4 },
180 /* 12 */ { "Host Name", string },
181 /* 13 */ { "Boot File Size", val_u_short },
182 /* 14 */ { "Merit Dump File", string },
183 /* 15 */ { "Domain Name", string },
184 /* 16 */ { "Swap Server", ipv4 },
185 /* 17 */ { "Root Path", string },
186 /* 18 */ { "Extensions Path", string },
187 /* 19 */ { "IP Forwarding", toggle },
188 /* 20 */ { "Non-Local Source Routing", toggle },
189 /* 21 */ { "Policy Filter", special },
190 /* 22 */ { "Maximum Datagram Reassembly Size", val_u_short },
191 /* 23 */ { "Default IP Time-to-Live", val_u_byte },
192 /* 24 */ { "Path MTU Aging Timeout", time_in_secs },
193 /* 25 */ { "Path MTU Plateau Table", val_u_short },
194 /* 26 */ { "Interface MTU", val_u_short },
195 /* 27 */ { "All Subnets are Local", yes_no },
196 /* 28 */ { "Broadcast Address", ipv4 },
197 /* 29 */ { "Perform Mask Discovery", toggle },
198 /* 30 */ { "Mask Supplier", yes_no },
199 /* 31 */ { "Perform Router Discover", toggle },
200 /* 32 */ { "Router Solicitation Address", ipv4 },
201 /* 33 */ { "Static Route", special },
202 /* 34 */ { "Trailer Encapsulation", toggle },
203 /* 35 */ { "ARP Cache Timeout", time_in_secs },
204 /* 36 */ { "Ethernet Encapsulation", toggle },
205 /* 37 */ { "TCP Default TTL", val_u_byte },
206 /* 38 */ { "TCP Keepalive Interval", time_in_secs },
207 /* 39 */ { "TCP Keepalive Garbage", toggle },
208 /* 40 */ { "Network Information Service Domain", string },
209 /* 41 */ { "Network Information Service Servers", ipv4 },
210 /* 42 */ { "Network Time Protocol Servers", ipv4 },
211 /* 43 */ { "Vendor-Specific Information", special },
212 /* 44 */ { "NetBIOS over TCP/IP Name Server", ipv4 },
213 /* 45 */ { "NetBIOS over TCP/IP Datagram Distribution Name Server", ipv4 },
214 /* 46 */ { "NetBIOS over TCP/IP Node Type", special },
215 /* 47 */ { "NetBIOS over TCP/IP Scope", string },
216 /* 48 */ { "X Window System Font Server", ipv4 },
217 /* 49 */ { "X Window System Display Manager", ipv4 },
218 /* 50 */ { "Requested IP Address", ipv4 },
219 /* 51 */ { "IP Address Lease Time", time_in_secs },
220 /* 52 */ { "Option Overload", special },
221 /* 53 */ { "DHCP Message Type", special },
222 /* 54 */ { "Server Identifier", ipv4 },
223 /* 55 */ { "Parameter Request List", special },
224 /* 56 */ { "Message", string },
225 /* 57 */ { "Maximum DHCP Message Size", val_u_short },
226 /* 58 */ { "Renewal Time Value", time_in_secs },
227 /* 59 */ { "Rebinding Time Value", time_in_secs },
228 /* 60 */ { "Vendor class identifier", special },
229 /* 61 */ { "Client identifier", special },
230 /* 62 */ { "Novell/Netware IP domain", string },
231 /* 63 */ { "Novell Options", special },
232 /* 64 */ { "Network Information Service+ Domain", string },
233 /* 65 */ { "Network Information Service+ Servers", ipv4 },
234 /* 66 */ { "TFTP Server Name", string },
235 /* 67 */ { "Bootfile name", string },
236 /* 68 */ { "Mobile IP Home Agent", ipv4 },
237 /* 69 */ { "SMTP Server", ipv4 },
238 /* 70 */ { "POP3 Server", ipv4 },
239 /* 71 */ { "NNTP Server", ipv4 },
240 /* 72 */ { "Default WWW Server", ipv4 },
241 /* 73 */ { "Default Finger Server", ipv4 },
242 /* 74 */ { "Default IRC Server", ipv4 },
243 /* 75 */ { "StreetTalk Server", ipv4 },
244 /* 76 */ { "StreetTalk Directory Assistance Server", ipv4 },
245 /* 77 */ { "User Class Information", opaque },
246 /* 78 */ { "Directory Agent Information", opaque },
247 /* 79 */ { "Service Location Agent Scope", opaque },
248 /* 80 */ { "Naming Authority", opaque },
249 /* 81 */ { "Client Fully Qualified Domain Name", opaque },
250 /* 82 */ { "Agent Information Option", special },
251 /* 83 */ { "Unassigned", opaque },
252 /* 84 */ { "Unassigned", opaque },
253 /* 85 */ { "Novell Directory Services Servers", opaque },
254 /* 86 */ { "Novell Directory Services Tree Name", opaque },
255 /* 87 */ { "Novell Directory Services Context", opaque },
256 /* 88 */ { "IEEE 1003.1 POSIX Timezone", opaque },
257 /* 89 */ { "Fully Qualified Domain Name", opaque },
258 /* 90 */ { "Authentication", special },
259 /* 91 */ { "Vines TCP/IP Server Option", opaque },
260 /* 92 */ { "Server Selection Option", opaque },
261 /* 93 */ { "Client System Architecture", opaque },
262 /* 94 */ { "Client Network Device Interface", opaque },
263 /* 95 */ { "Lightweight Directory Access Protocol", opaque },
264 /* 96 */ { "IPv6 Transitions", opaque },
265 /* 97 */ { "UUID/GUID-based Client Identifier", opaque },
266 /* 98 */ { "Open Group's User Authentication", opaque },
267 /* 99 */ { "Unassigned", opaque },
268 /* 100 */ { "Printer Name", opaque },
269 /* 101 */ { "MDHCP multicast address", opaque },
270 /* 102 */ { "Removed/unassigned", opaque },
271 /* 103 */ { "Removed/unassigned", opaque },
272 /* 104 */ { "Removed/unassigned", opaque },
273 /* 105 */ { "Removed/unassigned", opaque },
274 /* 106 */ { "Removed/unassigned", opaque },
275 /* 107 */ { "Removed/unassigned", opaque },
276 /* 108 */ { "Swap Path Option", opaque },
277 /* 109 */ { "Unassigned", opaque },
278 /* 110 */ { "IPX Compability", opaque },
279 /* 111 */ { "Unassigned", opaque },
280 /* 112 */ { "Netinfo Parent Server Address", opaque },
281 /* 113 */ { "Netinfo Parent Server Tag", opaque },
282 /* 114 */ { "URL", opaque },
283 /* 115 */ { "DHCP Failover Protocol", opaque },
284 /* 116 */ { "DHCP Auto-Configuration", opaque },
285 /* 117 */ { "Unassigned", opaque },
286 /* 118 */ { "Unassigned", opaque },
287 /* 119 */ { "Unassigned", opaque },
288 /* 120 */ { "Unassigned", opaque },
289 /* 121 */ { "Unassigned", opaque },
290 /* 122 */ { "Unassigned", opaque },
291 /* 123 */ { "Unassigned", opaque },
292 /* 124 */ { "Unassigned", opaque },
293 /* 125 */ { "Unassigned", opaque },
294 /* 126 */ { "Extension", opaque },
295 /* 127 */ { "Extension", opaque },
296 /* 128 */ { "Private", opaque },
297 /* 129 */ { "Private", opaque },
298 /* 130 */ { "Private", opaque },
299 /* 131 */ { "Private", opaque },
300 /* 132 */ { "Private", opaque },
301 /* 133 */ { "Private", opaque },
302 /* 134 */ { "Private", opaque },
303 /* 135 */ { "Private", opaque },
304 /* 136 */ { "Private", opaque },
305 /* 137 */ { "Private", opaque },
306 /* 138 */ { "Private", opaque },
307 /* 139 */ { "Private", opaque },
308 /* 140 */ { "Private", opaque },
309 /* 141 */ { "Private", opaque },
310 /* 142 */ { "Private", opaque },
311 /* 143 */ { "Private", opaque },
312 /* 144 */ { "Private", opaque },
313 /* 145 */ { "Private", opaque },
314 /* 146 */ { "Private", opaque },
315 /* 147 */ { "Private", opaque },
316 /* 148 */ { "Private", opaque },
317 /* 149 */ { "Private", opaque },
318 /* 150 */ { "Private", opaque },
319 /* 151 */ { "Private", opaque },
320 /* 152 */ { "Private", opaque },
321 /* 153 */ { "Private", opaque },
322 /* 154 */ { "Private", opaque },
323 /* 155 */ { "Private", opaque },
324 /* 156 */ { "Private", opaque },
325 /* 157 */ { "Private", opaque },
326 /* 158 */ { "Private", opaque },
327 /* 159 */ { "Private", opaque },
328 /* 160 */ { "Private", opaque },
329 /* 161 */ { "Private", opaque },
330 /* 162 */ { "Private", opaque },
331 /* 163 */ { "Private", opaque },
332 /* 164 */ { "Private", opaque },
333 /* 165 */ { "Private", opaque },
334 /* 166 */ { "Private", opaque },
335 /* 167 */ { "Private", opaque },
336 /* 168 */ { "Private", opaque },
337 /* 169 */ { "Private", opaque },
338 /* 170 */ { "Private", opaque },
339 /* 171 */ { "Private", opaque },
340 /* 172 */ { "Private", opaque },
341 /* 173 */ { "Private", opaque },
342 /* 174 */ { "Private", opaque },
343 /* 175 */ { "Private", opaque },
344 /* 176 */ { "Private", opaque },
345 /* 177 */ { "Private", opaque },
346 /* 178 */ { "Private", opaque },
347 /* 179 */ { "Private", opaque },
348 /* 180 */ { "Private", opaque },
349 /* 181 */ { "Private", opaque },
350 /* 182 */ { "Private", opaque },
351 /* 183 */ { "Private", opaque },
352 /* 184 */ { "Private", opaque },
353 /* 185 */ { "Private", opaque },
354 /* 186 */ { "Private", opaque },
355 /* 187 */ { "Private", opaque },
356 /* 188 */ { "Private", opaque },
357 /* 189 */ { "Private", opaque },
358 /* 190 */ { "Private", opaque },
359 /* 191 */ { "Private", opaque },
360 /* 192 */ { "Private", opaque },
361 /* 193 */ { "Private", opaque },
362 /* 194 */ { "Private", opaque },
363 /* 195 */ { "Private", opaque },
364 /* 196 */ { "Private", opaque },
365 /* 197 */ { "Private", opaque },
366 /* 198 */ { "Private", opaque },
367 /* 199 */ { "Private", opaque },
368 /* 200 */ { "Private", opaque },
369 /* 201 */ { "Private", opaque },
370 /* 202 */ { "Private", opaque },
371 /* 203 */ { "Private", opaque },
372 /* 204 */ { "Private", opaque },
373 /* 205 */ { "Private", opaque },
374 /* 206 */ { "Private", opaque },
375 /* 207 */ { "Private", opaque },
376 /* 208 */ { "Private", opaque },
377 /* 209 */ { "Private", opaque },
378 /* 210 */ { "Authentication", special }
381 /* Options whose length isn't "vlen + 2". */
384 case 0: /* Padding */
385 /* check how much padding we have */
386 for (i = voff + 1; i < eoff; i++ ) {
387 if (tvb_get_guint8(tvb, i) != 0) {
393 if (bp_tree != NULL) {
394 proto_tree_add_text(bp_tree, tvb, voff, i,
402 case 255: /* End Option */
404 if (bp_tree != NULL) {
405 proto_tree_add_text(bp_tree, tvb, voff, 1,
415 * Get the length of the option, and the number of bytes it
416 * consumes (the length doesn't include the option code or
419 * On the first pass, check first whether we have the length
420 * byte, so that we don't throw an exception; if we throw an
421 * exception in the first pass, which is only checking for options
422 * whose values we need in order to properly dissect the packet
423 * on the second pass, we won't actually dissect the options, so
424 * you won't be able to see which option had the problem.
427 if (!tvb_bytes_exist(tvb, voff+1, 1)) {
429 * We don't have the length byte; just return 1
430 * as the number of bytes we consumed, to count
436 vlen = tvb_get_guint8(tvb, voff+1);
440 * In the first pass, we don't put anything into the protocol
441 * tree; we just check for some options we have to look at
442 * in order to properly process the packet:
444 * 53 (DHCP message type) - if this is present, this is DHCP
446 * 60 (Vendor class identifier) - we need this in order to
447 * interpret the vendor-specific info
449 * We also check, before fetching anything, to make sure we
450 * have the entire item we're fetching, so that we don't throw
454 if (tvb_bytes_exist(tvb, voff+2, consumed-2)) {
459 get_dhcp_type(tvb_get_guint8(tvb, voff+2));
464 tvb_get_ptr(tvb, voff+2, consumed-2);
470 * We don't do anything else here.
476 * This is the second pass - if there's a protocol tree to be
477 * built, we put stuff into it, otherwise we just return.
479 if (bp_tree == NULL) {
480 /* Don't put anything in the protocol tree. */
484 text = opt[code].text;
488 case 21: /* Policy Filter */
490 /* one IP address pair */
491 proto_tree_add_text(bp_tree, tvb, voff, consumed,
492 "Option %d: %s = %s/%s", code, text,
493 ip_to_str(tvb_get_ptr(tvb, voff+2, 4)),
494 ip_to_str(tvb_get_ptr(tvb, voff+6, 4)));
496 /* > 1 IP address pair. Let's make a sub-tree */
497 vti = proto_tree_add_text(bp_tree, tvb, voff,
498 consumed, "Option %d: %s", code, text);
499 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
500 for (i = voff + 2; i < voff + consumed; i += 8) {
501 proto_tree_add_text(v_tree, tvb, i, 8, "IP Address/Mask: %s/%s",
502 ip_to_str(tvb_get_ptr(tvb, i, 4)),
503 ip_to_str(tvb_get_ptr(tvb, i+4, 4)));
508 case 33: /* Static Route */
510 /* one IP address pair */
511 proto_tree_add_text(bp_tree, tvb, voff, consumed,
512 "Option %d: %s = %s/%s", code, text,
513 ip_to_str(tvb_get_ptr(tvb, voff+2, 4)),
514 ip_to_str(tvb_get_ptr(tvb, voff+6, 4)));
516 /* > 1 IP address pair. Let's make a sub-tree */
517 vti = proto_tree_add_text(bp_tree, tvb, voff,
518 consumed, "Option %d: %s", code, text);
519 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
520 for (i = voff + 2; i < voff + consumed; i += 8) {
521 proto_tree_add_text(v_tree, tvb, i, 8,
522 "Destination IP Address/Router: %s/%s",
523 ip_to_str(tvb_get_ptr(tvb, i, 4)),
524 ip_to_str(tvb_get_ptr(tvb, i+4, 4)));
529 case 43: /* Vendor-Specific Info */
530 /* PXE protocol 2.1 as described in the intel specs */
531 if (*vendor_class_id_p != NULL &&
532 strncmp(*vendor_class_id_p, "PXEClient", strlen("PXEClient")) == 0) {
533 vti = proto_tree_add_text(bp_tree, tvb, voff,
534 consumed, "Option %d: %s (PXEClient)", code, text);
535 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
538 while (optp < voff+consumed) {
539 optp = dissect_vendor_pxeclient_suboption(v_tree,
543 proto_tree_add_text(bp_tree, tvb, voff, consumed,
544 "Option %d: %s (%d bytes)", code, text, vlen);
548 case 46: /* NetBIOS-over-TCP/IP Node Type */
549 byte = tvb_get_guint8(tvb, voff+2);
550 proto_tree_add_text(bp_tree, tvb, voff, consumed,
551 "Option %d: %s = %s", code, text,
552 val_to_str(byte, nbnt_vals,
553 "Unknown (0x%02x)"));
556 case 53: /* DHCP Message Type */
557 proto_tree_add_text(bp_tree, tvb, voff, 3, "Option %d: %s = DHCP %s",
558 code, text, get_dhcp_type(tvb_get_guint8(tvb, voff+2)));
561 case 55: /* Parameter Request List */
562 vti = proto_tree_add_text(bp_tree, tvb, voff,
563 vlen + 2, "Option %d: %s", code, text);
564 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
565 for (i = 0; i < vlen; i++) {
566 byte = tvb_get_guint8(tvb, voff+2+i);
567 if (byte < NUM_OPT_INFOS) {
568 proto_tree_add_text(v_tree, tvb, voff+2+i, 1, "%d = %s",
569 byte, opt[byte].text);
571 proto_tree_add_text(vti, tvb, voff+2+i, 1,
572 "Unknown Option Code: %d", byte);
577 case 60: /* Vendor class identifier */
578 proto_tree_add_text(bp_tree, tvb, voff, consumed,
579 "Option %d: %s = \"%.*s\"", code, text, vlen,
580 tvb_get_ptr(tvb, voff+2, consumed-2));
583 case 61: /* Client Identifier */
584 /* We *MAY* use hwtype/hwaddr. If we have 7 bytes, I'll
585 guess that the first is the hwtype, and the last 6
590 vti = proto_tree_add_text(bp_tree, tvb, voff,
591 consumed, "Option %d: %s", code, text);
592 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
593 htype = tvb_get_guint8(tvb, voff+2);
594 proto_tree_add_text(v_tree, tvb, voff+2, 1,
596 arphrdtype_to_str(htype,
597 "Unknown (0x%02x)"));
598 proto_tree_add_text(v_tree, tvb, voff+3, 6,
599 "Client hardware address: %s",
600 arphrdaddr_to_str(tvb_get_ptr(tvb, voff+3, 6),
603 /* otherwise, it's opaque data */
604 proto_tree_add_text(bp_tree, tvb, voff, consumed,
605 "Option %d: %s (%d bytes)", code, text, vlen);
609 case 63: /* NetWare/IP options */
610 vti = proto_tree_add_text(bp_tree, tvb, voff,
611 consumed, "Option %d: %s", code, text);
612 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
615 while (optp < voff+consumed)
616 optp = dissect_netware_ip_suboption(v_tree, tvb, optp);
619 case 82: /* Relay Agent Information Option */
620 vti = proto_tree_add_text(bp_tree, tvb, voff, consumed,
621 "Option %d: %s (%d bytes)",
623 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
625 while (optp < voff+consumed) {
626 optp = bootp_dhcp_decode_agent_info(v_tree, tvb, optp);
630 case 90: /* DHCP Authentication */
631 case 210: /* Was this used for authentication at one time? */
632 vti = proto_tree_add_text(bp_tree, tvb, voff,
633 vlen + 2, "Option %d: %s", code, text);
634 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
636 protocol = tvb_get_guint8(tvb, voff+2);
637 proto_tree_add_text(v_tree, tvb, voff+2, 1, "Protocol: %s (%u)",
638 val_to_str(protocol, authen_protocol_vals, "Unknown"),
641 algorithm = tvb_get_guint8(tvb, voff+3);
644 case AUTHEN_PROTO_DELAYED_AUTHEN:
645 proto_tree_add_text(v_tree, tvb, voff+3, 1,
646 "Algorithm: %s (%u)",
647 val_to_str(algorithm, authen_da_algo_vals, "Unknown"),
652 proto_tree_add_text(v_tree, tvb, voff+3, 1,
653 "Algorithm: %u", algorithm);
657 rdm = tvb_get_guint8(tvb, voff+4);
658 proto_tree_add_text(v_tree, tvb, voff+4, 1,
659 "Replay Detection Method: %s (%u)",
660 val_to_str(rdm, authen_rdm_vals, "Unknown"),
665 case AUTHEN_RDM_MONOTONIC_COUNTER:
666 proto_tree_add_text(v_tree, tvb, voff+5, 8,
667 "Replay Detection Value: %s",
668 u64toh(tvb_get_ptr(tvb, voff+5, 8)));
672 proto_tree_add_text(v_tree, tvb, voff+5, 8,
673 "Replay Detection Value: %s",
674 tvb_bytes_to_str(tvb, voff+5, 8));
680 case AUTHEN_PROTO_DELAYED_AUTHEN:
683 case AUTHEN_DELAYED_ALGO_HMAC_MD5:
684 proto_tree_add_text(v_tree, tvb, voff+13, 4,
686 tvb_get_ntohl(tvb, voff+13));
687 proto_tree_add_text(v_tree, tvb, voff+17, 16,
689 tvb_bytes_to_str(tvb, voff+17, 16));
693 proto_tree_add_text(v_tree, tvb, voff+13, vlen-11,
694 "Authentication Information: %s",
695 tvb_bytes_to_str(tvb, voff+17, vlen-11));
701 proto_tree_add_text(v_tree, tvb, voff+13, vlen-11,
702 "Authentication Information: %s",
703 tvb_bytes_to_str(tvb, voff+17, vlen-11));
708 default: /* not special */
713 if (code < NUM_OPT_INFOS) {
714 text = opt[code].text;
715 ftype = opt[code].ftype;
725 proto_tree_add_text(bp_tree, tvb, voff, consumed,
726 "Option %d: %s = %s", code, text,
727 ip_to_str(tvb_get_ptr(tvb, voff+2, 4)));
729 /* > 1 IP addresses. Let's make a sub-tree */
730 vti = proto_tree_add_text(bp_tree, tvb, voff,
731 consumed, "Option %d: %s", code, text);
732 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
733 for (i = voff + 2; i < voff + consumed; i += 4) {
734 proto_tree_add_text(v_tree, tvb, i, 4, "IP Address: %s",
735 ip_to_str(tvb_get_ptr(tvb, i, 4)));
741 /* Fix for non null-terminated string supplied by
742 * John Lines <John.Lines@aeat.co.uk>
744 proto_tree_add_text(bp_tree, tvb, voff, consumed,
745 "Option %d: %s = \"%.*s\"", code, text, vlen,
746 tvb_get_ptr(tvb, voff+2, consumed-2));
750 proto_tree_add_text(bp_tree, tvb, voff, consumed,
751 "Option %d: %s (%d bytes)",
758 proto_tree_add_text(bp_tree, tvb, voff, consumed,
759 "Option %d: %s = %d", code, text,
760 tvb_get_ntohs(tvb, voff+2));
763 vti = proto_tree_add_text(bp_tree, tvb, voff,
764 consumed, "Option %d: %s", code, text);
765 v_tree = proto_item_add_subtree(vti, ett_bootp_option);
766 for (i = voff + 2; i < voff + consumed; i += 2) {
767 proto_tree_add_text(v_tree, tvb, i, 4, "Value: %d",
768 tvb_get_ntohs(tvb, i));
774 proto_tree_add_text(bp_tree, tvb, voff, consumed,
775 "Option %d: %s = %d", code, text,
776 tvb_get_ntohl(tvb, voff+2));
780 proto_tree_add_text(bp_tree, tvb, voff, consumed,
781 "Option %d: %s = %d", code, text,
782 tvb_get_guint8(tvb, voff+2));
786 i = tvb_get_guint8(tvb, voff+2);
787 if (i != 0 && i != 1) {
788 proto_tree_add_text(bp_tree, tvb, voff, consumed,
789 "Option %d: %s = Invalid Value %d", code, text,
792 proto_tree_add_text(bp_tree, tvb, voff, consumed,
793 "Option %d: %s = %s", code, text,
794 i == 0 ? "Disabled" : "Enabled");
799 i = tvb_get_guint8(tvb, voff+2);
800 if (i != 0 && i != 1) {
801 proto_tree_add_text(bp_tree, tvb, voff, consumed,
802 "Option %d: %s = Invalid Value %d", code, text,
805 proto_tree_add_text(bp_tree, tvb, voff, consumed,
806 "Option %d: %s = %s", code, text,
807 i == 0 ? "No" : "Yes");
812 time_secs = tvb_get_ntohl(tvb, voff+2);
813 proto_tree_add_text(bp_tree, tvb, voff, consumed,
814 "Option %d: %s = %s", code, text,
815 ((time_secs == 0xffffffff) ?
817 time_secs_to_str(time_secs)));
821 proto_tree_add_text(bp_tree, tvb, voff, consumed,
822 "Option %d: %s (%d bytes)", code, text, vlen);
825 proto_tree_add_text(bp_tree, tvb, voff, consumed,
826 "Unknown Option Code: %d (%d bytes)", code, vlen);
833 bootp_dhcp_decode_agent_info(proto_tree *v_tree, tvbuff_t *tvb, int optp)
838 subopt = tvb_get_guint8(tvb, optp);
839 subopt_len = tvb_get_guint8(tvb, optp+1);
842 proto_tree_add_text(v_tree, tvb, optp, subopt_len + 2,
843 "Agent Circuit ID (%d bytes)", subopt_len);
846 proto_tree_add_text(v_tree, tvb, optp, subopt_len + 2,
847 "Agent Remote ID (%d bytes)", subopt_len);
850 proto_tree_add_text(v_tree, tvb, optp, subopt_len + 2,
851 "Unknown agent option: %d", subopt);
854 optp += (subopt_len + 2);
859 dissect_vendor_pxeclient_suboption(proto_tree *v_tree, tvbuff_t *tvb, int optp)
864 proto_tree *o43pxeclient_v_tree;
867 struct o43pxeclient_opt_info {
872 static struct o43pxeclient_opt_info o43pxeclient_opt[]= {
873 /* 0 */ {"nop", special}, /* dummy */
874 /* 1 */ {"PXE mtftp IP", ipv4},
875 /* 2 */ {"PXE mtftp client port", val_u_le_short},
876 /* 3 */ {"PXE mtftp server port",val_u_le_short},
877 /* 4 */ {"PXE mtftp timeout", val_u_byte},
878 /* 5 */ {"PXE mtftp delay", val_u_byte},
879 /* 6 */ {"PXE discovery control", val_u_byte},
881 * Correct: b0 (lsb): disable broadcast discovery
882 * b1: disable multicast discovery
883 * b2: only use/accept servers in boot servers
884 * b3: download bootfile without prompt/menu/disc
886 /* 7 */ {"PXE multicast address", ipv4},
887 /* 8 */ {"PXE boot servers", special},
888 /* 9 */ {"PXE boot menu", special},
889 /* 10 */ {"PXE menu prompt", special},
890 /* 11 */ {"PXE multicast address alloc", special},
891 /* 12 */ {"PXE credential types", special},
892 /* 71 {"PXE boot item", special} */
893 /* 255 {"PXE end options", special} */
895 #define NUM_O43PXECLIENT_SUBOPTS (12)
897 subopt = tvb_get_guint8(tvb, optp);
900 proto_tree_add_text(v_tree, tvb, optp, 1, "Padding");
902 } else if (subopt == 255) { /* End Option */
903 proto_tree_add_text(v_tree, tvb, optp, 1, "End PXEClient option");
904 /* Make sure we skip any junk left this option */
908 subopt_len = tvb_get_guint8(tvb, optp+1);
910 if ( subopt == 71 ) { /* 71 {"PXE boot item", special} */
912 /* I may need to decode that properly one day */
913 proto_tree_add_text(v_tree, tvb, optp, subopt_len+2,
914 "Suboption %d: %s (%d byte%s)" ,
915 subopt, "PXE boot item",
916 subopt_len, (subopt_len != 1)?"s":"");
917 } else if ( (subopt < 1 ) || (subopt > NUM_O43PXECLIENT_SUBOPTS) ) {
918 proto_tree_add_text(v_tree, tvb, optp, subopt_len+2,
919 "Unknown suboption %d (%d byte%s)", subopt, subopt_len,
920 (subopt_len != 1)?"s":"");
922 switch (o43pxeclient_opt[subopt].ft) {
925 proto_tree_add_text(v_tree, tvb, optp, subopt_len+2,
926 "Suboption %d: %s", subopt, o43pxeclient_opt[subopt].text);
930 /* I may need to decode that properly one day */
931 proto_tree_add_text(v_tree, tvb, optp, subopt_len+2,
932 "Suboption %d: %s (%d byte%s)" ,
933 subopt, o43pxeclient_opt[subopt].text,
934 subopt_len, (subopt_len != 1)?"s":"");
938 proto_tree_add_text(v_tree, tvb, optp, 4, "Suboption %d: %s = %u",
939 subopt, o43pxeclient_opt[subopt].text,
940 tvb_get_letohs(tvb, optp+2));
944 proto_tree_add_text(v_tree, tvb, optp, 3, "Suboption %d: %s = %u",
945 subopt, o43pxeclient_opt[subopt].text,
946 tvb_get_guint8(tvb, optp+2));
950 if (subopt_len == 4) {
952 proto_tree_add_text(v_tree, tvb, optp, 6,
953 "Suboption %d : %s = %s",
954 subopt, o43pxeclient_opt[subopt].text,
955 ip_to_str(tvb_get_ptr(tvb, optp+2, 4)));
957 /* > 1 IP addresses. Let's make a sub-tree */
958 vti = proto_tree_add_text(v_tree, tvb, optp,
959 subopt_len+2, "Suboption %d: %s",
960 subopt, o43pxeclient_opt[subopt].text);
961 o43pxeclient_v_tree = proto_item_add_subtree(vti, ett_bootp_option);
962 for (slask = optp + 2 ; slask < optp+subopt_len; slask += 4) {
963 proto_tree_add_text(o43pxeclient_v_tree, tvb, slask, 4, "IP Address: %s",
964 ip_to_str(tvb_get_ptr(tvb, slask, 4)));
969 proto_tree_add_text(v_tree, tvb, optp, subopt_len+2,"ERROR, please report: Unknown subopt type handler %d", subopt);
973 optp += (subopt_len + 2);
978 dissect_netware_ip_suboption(proto_tree *v_tree, tvbuff_t *tvb, int optp)
983 proto_tree *o63_v_tree;
986 struct o63_opt_info {
992 static struct o63_opt_info o63_opt[]= {
993 /* 0 */ {"","",none},
994 /* 1 */ {"NWIP does not exist on subnet","",string},
995 /* 2 */ {"NWIP exist in options area","",string},
996 /* 3 */ {"NWIP exists in sname/file","",string},
997 /* 4 */ {"NWIP exists, but too big","",string},
998 /* 5 */ {"Broadcast for nearest Netware server","Do NOT Broadcast for nearest Netware server",yes_no},
999 /* 6 */ {"Preferred DSS server","",ipv4},
1000 /* 7 */ {"Nearest NWIP server","",ipv4},
1001 /* 8 */ {"Autoretries","",val_u_short},
1002 /* 9 */ {"Autoretry delay, secs ","",val_u_short},
1003 /* 10*/ {"Support NetWare/IP v1.1","Do NOT support NetWare/IP v1.1",yes_no},
1004 /* 11*/ {"Primary DSS ", "" , special}
1007 subopt = tvb_get_guint8(tvb, optp);
1008 if (subopt > NUM_O63_SUBOPTS) {
1009 proto_tree_add_text(v_tree, tvb,optp,1,"Unknown suboption %d", subopt);
1012 switch (o63_opt[subopt].ft) {
1015 proto_tree_add_text(v_tree, tvb, optp, 2, "Suboption %d: %s", subopt, o63_opt[subopt].truet);
1020 if (tvb_get_guint8(tvb, optp+2)==1) {
1021 proto_tree_add_text(v_tree, tvb, optp, 3, "Suboption %d: %s", subopt, o63_opt[subopt].truet);
1023 proto_tree_add_text(v_tree, tvb, optp, 3, "Suboption %d: %s" , subopt, o63_opt[subopt].falset);
1029 proto_tree_add_text(v_tree, tvb, optp, 6,
1030 "Suboption %d: %s = %s" ,
1031 subopt, o63_opt[subopt].truet,
1032 ip_to_str(tvb_get_ptr(tvb, optp+2, 4)));
1037 proto_tree_add_text(v_tree, tvb, optp, 3, "Suboption %d: %s = %u",
1038 subopt, o63_opt[subopt].truet,
1039 tvb_get_guint8(tvb, optp+2)); /* XXX - 1 byte? */
1044 subopt_len = tvb_get_guint8(tvb, optp+1);
1045 if (subopt_len == 4) {
1046 /* one IP address */
1047 proto_tree_add_text(v_tree, tvb, optp, 6,
1048 "Suboption %d : %s = %s",
1049 subopt, o63_opt[subopt].truet,
1050 ip_to_str(tvb_get_ptr(tvb, optp+2, 4)));
1053 /* > 1 IP addresses. Let's make a sub-tree */
1054 vti = proto_tree_add_text(v_tree, tvb, optp,
1055 subopt_len+2, "Suboption %d: %s",
1056 subopt, o63_opt[subopt].truet);
1057 o63_v_tree = proto_item_add_subtree(vti, ett_bootp_option);
1058 for (slask = optp + 2 ; slask < optp+subopt_len; slask += 4) {
1059 proto_tree_add_text(o63_v_tree, tvb, slask, 4, "IP Address: %s",
1060 ip_to_str(tvb_get_ptr(tvb, slask, 4)));
1066 proto_tree_add_text(v_tree, tvb,optp,1,"Unknown suboption %d", subopt);
1074 #define BOOTREQUEST 1
1077 static const value_string op_vals[] = {
1078 { BOOTREQUEST, "Boot Request" },
1079 { BOOTREPLY, "Boot Reply" },
1084 dissect_bootp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1086 proto_tree *bp_tree = NULL;
1090 const guint8 *haddr;
1091 int voff, eoff, tmpvoff; /* vendor offset, end offset */
1094 const char *dhcp_type = NULL;
1095 const guint8 *vendor_class_id = NULL;
1097 if (check_col(pinfo->cinfo, COL_PROTOCOL))
1098 col_set_str(pinfo->cinfo, COL_PROTOCOL, "BOOTP");
1099 if (check_col(pinfo->cinfo, COL_INFO)) {
1101 * In case we throw an exception fetching the opcode, etc.
1103 col_clear(pinfo->cinfo, COL_INFO);
1106 op = tvb_get_guint8(tvb, 0);
1107 htype = tvb_get_guint8(tvb, 1);
1108 hlen = tvb_get_guint8(tvb, 2);
1109 if (check_col(pinfo->cinfo, COL_INFO)) {
1113 col_add_fstr(pinfo->cinfo, COL_INFO, "Boot Request from %s",
1114 arphrdaddr_to_str(tvb_get_ptr(tvb, 28, hlen),
1119 col_set_str(pinfo->cinfo, COL_INFO, "Boot Reply");
1123 col_add_fstr(pinfo->cinfo, COL_INFO, "Unknown BOOTP message type (%u)",
1130 ti = proto_tree_add_item(tree, proto_bootp, tvb, 0, -1, FALSE);
1131 bp_tree = proto_item_add_subtree(ti, ett_bootp);
1133 proto_tree_add_uint(bp_tree, hf_bootp_type, tvb,
1136 proto_tree_add_uint_format(bp_tree, hf_bootp_hw_type, tvb,
1139 "Hardware type: %s",
1140 arphrdtype_to_str(htype,
1141 "Unknown (0x%02x)"));
1142 proto_tree_add_uint(bp_tree, hf_bootp_hw_len, tvb,
1144 proto_tree_add_item(bp_tree, hf_bootp_hops, tvb,
1146 proto_tree_add_item(bp_tree, hf_bootp_id, tvb,
1148 proto_tree_add_item(bp_tree, hf_bootp_secs, tvb,
1150 proto_tree_add_uint(bp_tree, hf_bootp_flag, tvb,
1151 10, 2, tvb_get_ntohs(tvb, 10) & 0x8000);
1153 proto_tree_add_item(bp_tree, hf_bootp_ip_client, tvb,
1155 proto_tree_add_item(bp_tree, hf_bootp_ip_your, tvb,
1157 proto_tree_add_item(bp_tree, hf_bootp_ip_server, tvb,
1159 proto_tree_add_item(bp_tree, hf_bootp_ip_relay, tvb,
1163 haddr = tvb_get_ptr(tvb, 28, hlen);
1164 proto_tree_add_bytes_format(bp_tree, hf_bootp_hw_addr, tvb,
1167 "Client hardware address: %s",
1168 arphrdaddr_to_str(haddr,
1173 proto_tree_add_text(bp_tree, tvb,
1174 28, 0, "Client address not given");
1177 /* The server host name is optional */
1178 if (tvb_get_guint8(tvb, 44) != '\0') {
1179 proto_tree_add_item(bp_tree, hf_bootp_server, tvb,
1183 proto_tree_add_string_format(bp_tree, hf_bootp_server, tvb,
1185 tvb_get_ptr(tvb, 44, 1),
1186 "Server host name not given");
1190 if (tvb_get_guint8(tvb, 108) != '\0') {
1191 proto_tree_add_item(bp_tree, hf_bootp_file, tvb,
1195 proto_tree_add_string_format(bp_tree, hf_bootp_file, tvb,
1197 tvb_get_ptr(tvb, 108, 1),
1198 "Boot file name not given");
1201 tvb_memcpy(tvb, (void *)&ip_addr, 236, sizeof(ip_addr));
1202 if (tvb_get_ntohl(tvb, 236) == 0x63825363) {
1203 proto_tree_add_ipv4_format(bp_tree, hf_bootp_cookie, tvb,
1205 "Magic cookie: (OK)");
1208 proto_tree_add_ipv4(bp_tree, hf_bootp_cookie, tvb,
1214 eoff = tvb_reported_length(tvb);
1217 * In the first pass, we just look for the DHCP message type
1218 * and Vendor class identifier options.
1222 while (tmpvoff < eoff && !at_end) {
1223 tmpvoff += bootp_option(tvb, 0, tmpvoff, eoff, TRUE, &at_end,
1224 &dhcp_type, &vendor_class_id);
1228 * If there was a DHCP message type option, flag this packet
1231 if (dhcp_type != NULL) {
1233 * Yes, this is a DHCP packet, and "dhcp_type" is the
1236 if (check_col(pinfo->cinfo, COL_PROTOCOL))
1237 col_set_str(pinfo->cinfo, COL_PROTOCOL, "DHCP");
1238 if (check_col(pinfo->cinfo, COL_INFO))
1239 col_add_fstr(pinfo->cinfo, COL_INFO, "DHCP %-8s - Transaction ID 0x%x",
1240 dhcp_type, tvb_get_ntohl(tvb, 4));
1242 proto_tree_add_boolean_hidden(bp_tree, hf_bootp_dhcp,
1247 * If we're not building the protocol tree, we don't need to
1248 * make a second pass.
1254 * OK, now build the protocol tree.
1257 while (voff < eoff && !at_end) {
1258 voff += bootp_option(tvb, bp_tree, voff, eoff, FALSE, &at_end,
1259 &dhcp_type, &vendor_class_id);
1263 * Padding after the end option.
1265 proto_tree_add_text(bp_tree, tvb, voff, eoff - voff, "Padding");
1270 proto_register_bootp(void)
1272 static hf_register_info hf[] = {
1274 { "Frame is DHCP", "bootp.dhcp", FT_BOOLEAN,
1275 BASE_NONE, NULL, 0x0,
1279 { "Message type", "bootp.type", FT_UINT8,
1280 BASE_DEC, VALS(op_vals), 0x0,
1283 { &hf_bootp_hw_type,
1284 { "Hardware type", "bootp.hw.type", FT_UINT8,
1285 BASE_HEX, NULL, 0x0,
1289 { "Hardware address length", "bootp.hw.len", FT_UINT8,
1290 BASE_DEC, NULL, 0x0,
1294 { "Hops", "bootp.hops", FT_UINT8,
1295 BASE_DEC, NULL, 0x0,
1299 { "Transaction ID", "bootp.id", FT_UINT32,
1300 BASE_HEX, NULL, 0x0,
1304 { "Seconds elapsed", "bootp.secs", FT_UINT16,
1305 BASE_DEC, NULL, 0x0,
1309 { "Broadcast flag", "bootp.flag", FT_UINT16,
1310 BASE_HEX, NULL, 0x0,
1313 { &hf_bootp_ip_client,
1314 { "Client IP address", "bootp.ip.client",FT_IPv4,
1315 BASE_NONE, NULL, 0x0,
1318 { &hf_bootp_ip_your,
1319 { "Your (client) IP address", "bootp.ip.your", FT_IPv4,
1320 BASE_NONE, NULL, 0x0,
1323 { &hf_bootp_ip_server,
1324 { "Next server IP address", "bootp.ip.server",FT_IPv4,
1325 BASE_NONE, NULL, 0x0,
1328 { &hf_bootp_ip_relay,
1329 { "Relay agent IP address", "bootp.ip.relay", FT_IPv4,
1330 BASE_NONE, NULL, 0x0,
1333 { &hf_bootp_hw_addr,
1334 { "Client hardware address", "bootp.hw.addr", FT_BYTES,
1335 BASE_NONE, NULL, 0x0,
1339 { "Server host name", "bootp.server", FT_STRING,
1340 BASE_NONE, NULL, 0x0,
1344 { "Boot file name", "bootp.file", FT_STRING,
1345 BASE_NONE, NULL, 0x0,
1349 { "Magic cookie", "bootp.cookie", FT_IPv4,
1350 BASE_NONE, NULL, 0x0,
1353 static gint *ett[] = {
1358 proto_bootp = proto_register_protocol("Bootstrap Protocol", "BOOTP/DHCP",
1360 proto_register_field_array(proto_bootp, hf, array_length(hf));
1361 proto_register_subtree_array(ett, array_length(ett));
1365 proto_reg_handoff_bootp(void)
1367 dissector_handle_t bootp_handle;
1369 bootp_handle = create_dissector_handle(dissect_bootp, proto_bootp);
1370 dissector_add("udp.port", UDP_PORT_BOOTPS, bootp_handle);