mirror of
https://github.com/the-tcpdump-group/tcpdump.git
synced 2024-11-27 12:03:44 +08:00
SYSLOG: Make a few cleanups.
Add a comment to tell the specification. Untangle the PRI parsing code. Replace a loop with nd_printn() to print a counted string.
This commit is contained in:
parent
38d92a4ff4
commit
4d8d97abab
@ -15,6 +15,7 @@
|
||||
*/
|
||||
|
||||
/* \summary: Syslog protocol printer */
|
||||
/* specification: RFC 3164 (not RFC 5424) */
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
@ -90,24 +91,21 @@ syslog_print(netdissect_options *ndo,
|
||||
* severity and facility values
|
||||
*/
|
||||
|
||||
if (GET_U_1(pptr) == '<') {
|
||||
if (GET_U_1(pptr) != '<')
|
||||
goto invalid;
|
||||
msg_off++;
|
||||
|
||||
while (msg_off <= SYSLOG_MAX_DIGITS &&
|
||||
GET_U_1(pptr + msg_off) >= '0' &&
|
||||
GET_U_1(pptr + msg_off) <= '9') {
|
||||
pri = pri * 10 + (GET_U_1(pptr + msg_off) - '0');
|
||||
msg_off++;
|
||||
while (msg_off <= SYSLOG_MAX_DIGITS &&
|
||||
GET_U_1(pptr + msg_off) >= '0' &&
|
||||
GET_U_1(pptr + msg_off) <= '9') {
|
||||
pri = pri * 10 + (GET_U_1(pptr + msg_off) - '0');
|
||||
msg_off++;
|
||||
}
|
||||
if (GET_U_1(pptr + msg_off) != '>') {
|
||||
nd_print_trunc(ndo);
|
||||
return;
|
||||
}
|
||||
msg_off++;
|
||||
} else {
|
||||
nd_print_trunc(ndo);
|
||||
return;
|
||||
}
|
||||
|
||||
if (GET_U_1(pptr + msg_off) != '>')
|
||||
goto invalid;
|
||||
msg_off++;
|
||||
|
||||
facility = (pri & SYSLOG_FACILITY_MASK) >> 3;
|
||||
severity = pri & SYSLOG_SEVERITY_MASK;
|
||||
|
||||
@ -128,10 +126,25 @@ syslog_print(netdissect_options *ndo,
|
||||
severity);
|
||||
|
||||
/* print the syslog text in verbose mode */
|
||||
for (; msg_off < len; msg_off++) {
|
||||
fn_print_char(ndo, GET_U_1(pptr + msg_off));
|
||||
}
|
||||
/*
|
||||
* RFC 3164 Section 4.1.3: "There is no ending delimiter to this part.
|
||||
* The MSG part of the syslog packet MUST contain visible (printing)
|
||||
* characters."
|
||||
*
|
||||
* RFC 5424 Section 8.2: "This document does not impose any mandatory
|
||||
* restrictions on the MSG or PARAM-VALUE content. As such, they MAY
|
||||
* contain control characters, including the NUL character."
|
||||
*
|
||||
* Hence, to aid in protocol debugging, print the full MSG without
|
||||
* beautification to make it clear what was transmitted on the wire.
|
||||
*/
|
||||
if (len > msg_off)
|
||||
(void)nd_printn(ndo, pptr + msg_off, len - msg_off, NULL);
|
||||
|
||||
if (ndo->ndo_vflag > 1)
|
||||
print_unknown_data(ndo, pptr, "\n\t", len);
|
||||
return;
|
||||
|
||||
invalid:
|
||||
nd_print_invalid(ndo);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user