snoop_rpc.c revision 2e3b64671f0fdac42d7fb21a8fa7e3ce9fce3359
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <setjmp.h>
#include <netdb.h>
#include <rpc/auth_unix.h>
#include <rpc/auth_des.h>
#include <rpc/pmap_clnt.h>
#include <rpc/pmap_prot.h>
#include "snoop.h"
#ifndef MIN
#define MIN(a, b) ((a) < (b) ? (a) : (b))
#endif
int pos;
struct cache_struct *find_xid();
void protoprint();
char *nameof_prog();
char *nameof_astat();
char *nameof_why();
static void rpc_detail_call(int, int, int, int, int, int, char *, int);
static void print_creds(int);
static void print_verif(int);
int valid_rpc(char *, int);
int
{
int direction;
struct cache_struct *x;
char *lp;
unsigned recmark;
int markpos;
extern int pi_frame;
"---- short frame ---");
return (fraglen);
}
markpos = getxdr_pos();
recmark = getxdr_long();
}
xid = getxdr_u_long();
direction = getxdr_long();
rpcvers = getxdr_long();
pos = getxdr_pos();
prog = getxdr_long();
vers = getxdr_long();
proc = getxdr_long();
} else {
}
switch (direction) {
case CALL:
(void) sprintf(get_sum_line(),
"RPC C XID=%lu PROG=%d (%s) VERS=%d PROC=%d",
xid,
/* RPCSEC_GSS cred auth data */
} else {
xdr_skip(getxdr_long());
/* non RPCSEC_GSS cred auth data */
}
break;
case REPLY:
lp = get_sum_line();
if (x == NULL)
else
status = getxdr_long();
switch (status) {
case MSG_ACCEPTED:
/* eat flavor and verifier */
(void) getxdr_long();
astat = getxdr_long();
switch (astat) {
case SUCCESS:
if (x) {
xid,
x->xid_prog,
x->xid_vers,
x->xid_proc,
}
break;
case PROG_UNAVAIL :
case PROG_MISMATCH:
case PROC_UNAVAIL :
lo = getxdr_long();
hi = getxdr_long();
" (low=%d, high=%d)",
break;
case GARBAGE_ARGS:
case SYSTEM_ERR:
default:
;
}
break;
case MSG_DENIED:
rstat = getxdr_long();
switch (rstat) {
case RPC_MISMATCH:
lo = getxdr_long();
hi = getxdr_long();
" Vers mismatch (low=%d, high=%d)",
break;
case AUTH_ERROR:
why = getxdr_u_long();
" Can't authenticate (%s)",
nameof_why(why));
break;
}
}
break;
}
}
show_space();
"Record Mark: %s fragment, length = %d",
}
"Transaction id = %lu",
xid);
"Type = %d (%s)",
switch (direction) {
case CALL:
break;
case REPLY:
break;
}
}
return (fraglen);
}
static void
{
char *nameof_flavor();
char *nameof_prog();
"RPC version = %d",
rpcvers);
"Program = %d (%s), version = %d, procedure = %d",
show_trailer();
}
char *
int flavor;
{
switch (flavor) {
case AUTH_NONE : return ("None");
case AUTH_UNIX : return ("Unix");
case AUTH_SHORT: return ("Unix short");
case AUTH_DES : return ("DES");
case RPCSEC_GSS: return ("RPCSEC_GSS");
default: return ("unknown");
}
}
char *
{
int i, j;
static char hbuff[1024];
static char *hexstr = "0123456789ABCDEF";
char toobig = 0;
toobig++;
}
j = 0;
for (i = 0; i < len; i++) {
}
if (toobig) {
} else
hbuff[j] = '\0';
return (hbuff);
}
static void
print_creds(int xid)
{
int i, namekind;
char *p, *line;
pos = getxdr_pos();
flavor = getxdr_long();
authlen = getxdr_long();
"Credentials: Flavor = %d (%s), len = %d bytes",
if (authlen <= 0)
return;
switch (flavor) {
case AUTH_UNIX:
(void) showxdr_time(" Time = %s");
pos = getxdr_pos();
uid = getxdr_u_long();
gid = getxdr_u_long();
" Uid = %d, Gid = %d",
len = getxdr_u_long();
if (len == 0)
else {
while (len--) {
gid = getxdr_u_long();
}
}
break;
case AUTH_DES:
namekind = getxdr_u_long();
" Name kind = %d (%s)",
namekind == ADN_FULLNAME ?
"fullname" : "nickname");
switch (namekind) {
case ADN_FULLNAME:
(void) showxdr_string(64,
" Network name = %s");
(void) showxdr_hex(8,
" Conversation key = 0x%s (DES encrypted)");
(void) showxdr_hex(4,
" Window = 0x%s (DES encrypted)");
break;
case ADN_NICKNAME:
break;
};
break;
case RPCSEC_GSS:
break;
default:
break;
}
}
static void
print_verif(int direction)
{
pos = getxdr_pos();
flavor = getxdr_long();
verlen = getxdr_long();
"Verifier : Flavor = %d (%s), len = %d bytes",
if (verlen == 0)
return;
switch (flavor) {
case AUTH_DES:
(void) showxdr_hex(4,
" Window = 0x%s (DES encrypted)");
else
break;
/* For other flavors like AUTH_NONE, AUTH_UNIX, RPCSEC_GSS etc. */
default:
break;
}
}
struct rpcnames {
int rp_prog;
char *rp_name;
} rpcnames[] = {
100000, "PMAP", /* Portmapper */
100001, "RSTAT", /* Remote stats */
100002, "RUSERS", /* Remote users */
100003, "NFS", /* Nfs */
100004, "NIS", /* Network Information Service */
100005, "MOUNT", /* Mount demon */
100006, "DBX", /* Remote dbx */
100007, "NISBIND", /* NIS binder */
100008, "WALL", /* Shutdown msg */
100009, "NISPASSWD", /* Yppasswd server */
100010, "ETHERSTAT", /* Ether stats */
100011, "RQUOTA", /* Disk quotas */
100012, "SPRAY", /* Spray packets */
100013, "IBM3270", /* 3270 mapper */
100014, "IBMRJE", /* RJE mapper */
100015, "SELNSVC", /* Selection service */
100016, "RDATABASE", /* Remote database access */
100017, "REX", /* Remote execution */
100018, "ALICE", /* Alice Office Automation */
100019, "SCHED", /* Scheduling service */
100020, "LLM", /* Local lock manager */
100021, "NLM", /* Network lock manager */
100022, "X25INR", /* X.25 inr protocol */
100023, "STATMON1", /* Status monitor 1 */
100024, "STATMON2", /* Status monitor 2 */
100025, "SELNLIB", /* Selection library */
100026, "BOOTPARAM", /* Boot parameters service */
100027, "MAZEPROG", /* Mazewars game */
100028, "NISUPDATE", /* NIS update */
100029, "KEYSERVE", /* Key server */
100030, "SECURECMD", /* Secure login */
100031, "NETFWDI", /* NFS net forwarder init */
100032, "NETFWDT", /* NFS net forwarder trans */
100033, "SUNLINKMAP", /* Sunlink MAP */
100034, "NETMON", /* Network monitor */
100035, "DBASE", /* Lightweight database */
100036, "PWDAUTH", /* Password authorization */
100037, "TFS", /* Translucent file svc */
100038, "NSE", /* NSE server */
100039, "NSE_ACTIVATE", /* NSE activate daemon */
100040, "SUNVIEW_HELP", /* Sunview help */
100041, "PNP", /* PNP install */
100042, "IPADDR_ALLOC", /* IP addr allocator */
100043, "FILEHANDLE", /* Show filehandle */
100044, "MVSNFS", /* MVS NFS mount */
100045, "REM_FILEOP_USER", /* Remote user file operations */
100046, "BATCH_NISUPDATE", /* Batched ypupdate */
100047, "NEM", /* Network execution mgr */
100050, "REM_FILEOP_GROUP", /* Remote group file operations */
100051, "REM_FILEOP_SYSTEM", /* Remote system file operations */
100052, "REM_SYSTEM_ROLE", /* Remote system role operations */
100055, "IOADMD", /* Ioadmd */
100056, "FILEMERGE", /* Filemerge */
100057, "NAMEBIND", /* Name Binding Program */
100058, "NJE", /* Sunlink NJE */
100059, "MVSATTR", /* MVSNFS get attribute service */
100061, "UIDALLOC", /* UID allocation service */
100062, "LBSERVER", /* License broker */
100063, "LBBINDER", /* NETlicense client binder */
100064, "GIDALLOC", /* GID allocation service */
100065, "SUNISAM", /* SunIsam */
100066, "RDBSRV", /* Remote Debug Server */
100067, "NETDIR", /* Network directory daemon */
100068, "CMSD", /* Network calendar program */
100069, "NISXFR", /* NIS transfer */
100071, "BUGTRAQ", /* Bugtraqd */
100072, "NeFS", /* Internal use only */
100073, "BILLBOARD", /* Connectathon Billboard - NFS */
100074, "BILLBOARD", /* Connectathon Billboard - X */
100075, "SCHEDROOM", /* Sun meeting room scheduler */
100076, "AUTHNEGOTIATE", /* Authentication negotiation */
100077, "ATTRPROG", /* Database manipulation */
100080, "AUTODUMP", /* Sun consulting special */
100081, "EVENT_SVC", /* Event protocol */
100085, "ARM_PSD", /* ARM policy */
100086, "ARMTOD", /* ARM TOD */
100087, "NA.ADMIN", /* Sun (SNAG) administration agent */
100099, "PLD", /* Genesil 8.1 hot plot */
100101, "NA.EVENT", /* SNM (SunNet Manager) event dispatcher */
100102, "NA.LOGGER", /* SNM report logger */
100103, "NA.DISCOVER", /* SNM network discovery agent */
100104, "NA.SYNC", /* SNM sync interface agent */
100105, "NA.DISKINFO", /* SNM disk info agent */
100106, "NA.IOSTAT", /* SNM iostat agent */
100107, "NA.HOSTPERF", /* SNM rstat proxy agent */
100109, "NA.ACTIVITY", /* SNM activity daemon */
100111, "NA.LPSTAT", /* SNM printer agent */
100112, "NA.HOSTMEM", /* SNM host network memory agent */
100113, "NA.SAMPLE", /* SNM sample agent */
100114, "NA.X25", /* SNM X.25 agent */
100115, "NA.PING", /* SNM ping proxy agent */
100116, "NA.RPCNFS", /* SNM rpc and nfs agent */
100117, "NA.HOSTIF", /* SNM host interface agent */
100118, "NA.ETHERIF", /* SNM ethernet interface agent */
100119, "NA.IPPATH", /* SNM traceroute proxy agent */
100120, "NA.IPROUTES", /* SNM routing table agent */
100121, "NA.LAYERS", /* SNM protocol layers gent */
100122, "NA.SNMP", /* SNM SNMP proxy agent */
100123, "NA.TRAFFIC", /* SNM network traffic agent */
100124, "NA.DNI", /* DNI (DECnet) proxy agent */
100125, "NA.CHAT", /* IBM Channel attach proxy agent */
100126, "NA.FDDI", /* FDDI agent */
100127, "NA.FDDISMT", /* FDDI SMT proxy agent */
100128, "NA.MHS", /* MHS agent */
100130, "SNM_GRAPHER", /* SNM 3D grapher */
100132, "NA.TR", /* Token Ring agent */
100134, "NA.TOKENRING", /* Token Ring agent */
100136, "NA.FRAMERELAY", /* Frame Relay agent */
100175, "NA.SNMPTRAP", /* SNM SNMP trap daemon */
100180, "NA.MIPROUTES", /* SNM multicast routing table agent */
100227, "NFS_ACL", /* NFS ACL support */
100300, "NIS+", /* NIS+ name service */
100302, "NIS+ CB", /* NIS+ callbacks */
101002, "NSELINKTOOL", /* NSE link daemon */
101003, "NSELINKAPP", /* NSE link application */
110001, "GOLABEL", /* SunOS MLS */
110002, "PUC", /* SunOS MLS */
150001, "PCNFSD", /* PC passwd authorization */
150002, "TOPS", /* TOPS name mapping */
150003, "TOPS", /* TOPS external attribute storage */
150004, "TOPS", /* TOPS hierarchical file system */
150005, "TOPS", /* TOPS NFS transparency extensions */
150006, "SOLARNET_FW", /* SolarNet Framework protocol */
160001, "CM", /* Nihon Sun - Japanese Input system */
300004, "FRAME 1", /* Frame program 1 */
300009, "FRAME 2", /* Frame program 2 */
390101, "RAP", /* Legato RAP protocol */
390102, "RAPRD", /* Legato RAP resource dir protocol */
500021, "ZNS", /* Zeus Network Service */
};
int
compare(a, b)
register struct rpcnames *a, *b;
{
}
char *
int prog;
{
struct rpcnames *r;
if (r)
return (r->rp_name);
return ("transient");
return ("?");
}
char *
int status;
{
switch (status) {
case SUCCESS : return ("Success");
case PROG_UNAVAIL : return ("Program unavailable");
case PROG_MISMATCH: return ("Program number mismatch");
case PROC_UNAVAIL : return ("Procedure unavailable");
case GARBAGE_ARGS : return ("Garbage arguments");
case SYSTEM_ERR : return ("System error");
default: return ("unknown");
}
}
char *
int why;
{
switch (why) {
case AUTH_BADCRED: return ("bogus credentials (seal broken)");
case AUTH_REJECTEDCRED: return ("client should begin new session");
case AUTH_BADVERF: return ("bogus verifier (seal broken)");
case AUTH_REJECTEDVERF: return ("verifier expired or was replayed");
case AUTH_TOOWEAK: return ("too weak");
case AUTH_INVALIDRESP: return ("bogus response verifier");
case AUTH_TIMEEXPIRE: return ("time of credential expired");
case AUTH_TKT_FILE: return ("something wrong with ticket file");
case AUTH_DECODE: return ("can't decode authenticator");
case AUTH_NET_ADDR: return ("net address in ticket wrong");
case RPCSEC_GSS_NOCRED: return ("no credentials for user");
case RPCSEC_GSS_FAILED: return ("GSS failure, credentials deleted");
case AUTH_FAILED:
default:
return ("unknown reason");
}
}
static void
int len)
{
int status;
int pos;
if (x) {
"This is a reply to frame %d",
x->xid_frame);
}
pos = getxdr_pos();
status = getxdr_long();
"Status = %d (%s)",
switch (status) {
case MSG_ACCEPTED:
pos = getxdr_pos();
astat = getxdr_long();
"Accept status = %d (%s)",
switch (astat) {
case SUCCESS:
if (x) {
show_trailer();
}
break;
case PROG_UNAVAIL :
break;
case PROG_MISMATCH:
case PROC_UNAVAIL :
showxdr_long(" Low = %d");
showxdr_long(" High = %d");
break;
case GARBAGE_ARGS:
case SYSTEM_ERR:
default:
;
}
break;
case MSG_DENIED:
pos = getxdr_pos();
rstat = getxdr_long();
"Reject status = %d (%s)",
rstat ? "can't authenticate"
: "version mismatch");
switch (rstat) {
case RPC_MISMATCH:
showxdr_long(" Low = %d");
showxdr_long(" High = %d");
break;
case AUTH_ERROR:
why = getxdr_u_long();
" Why = %d (%s)",
break;
}
break;
}
}
/*
* Return true if this is a valid RPC packet
*/
int
{
if (rpclen < 12)
return (0);
switch (msg.rm_direction) {
case CALL:
return (1);
break;
case REPLY:
return (1);
break;
}
}
return (0);
}
struct cache_struct *
{
struct cache_struct *x;
return (x);
return (x);
return (NULL);
}
static void
{
struct cache_struct *x;
if (x == NULL) {
x = xcp++;
}
x->xid_gss_proc = RPCSEC_GSS_DATA;
}
void
char *line;
{
struct cache_struct *x;
extern int pi_frame;
}