packet.c 9.63 KB
Newer Older
1
/* packet.c
Ted Lemon's avatar
Ted Lemon committed
2

3
   Packet assembly code, originally contributed by Archie Cobbs. */
Ted Lemon's avatar
Ted Lemon committed
4
5

/*
Ted Lemon's avatar
Ted Lemon committed
6
 * Copyright (c) 1996-1999 Internet Software Consortium.
Ted Lemon's avatar
Ted Lemon committed
7
 * All rights reserved.
Ted Lemon's avatar
Ted Lemon committed
8
 *
Ted Lemon's avatar
Ted Lemon committed
9
10
11
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
Ted Lemon's avatar
Ted Lemon committed
12
 *
Ted Lemon's avatar
Ted Lemon committed
13
14
15
16
17
18
19
20
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of The Internet Software Consortium nor the names
 *    of its contributors may be used to endorse or promote products derived
 *    from this software without specific prior written permission.
Ted Lemon's avatar
Ted Lemon committed
21
 *
Ted Lemon's avatar
Ted Lemon committed
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
 * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * This code was originally contributed by Archie Cobbs, and is still
 * very similar to that contribution, although the packet checksum code
 * has been hacked significantly with the help of quite a few ISC DHCP
 * users, without whose gracious and thorough help the checksum code would
 * still be disabled.
Ted Lemon's avatar
Ted Lemon committed
41
42
 */

43
44
#ifndef lint
static char copyright[] =
45
"$Id: packet.c,v 1.34 2000/04/14 16:22:04 mellon Exp $ Copyright (c) 1996-2000 The Internet Software Consortium.  All rights reserved.\n";
46
47
48
#endif /* not lint */

#include "dhcpd.h"
49

50
51
52
53
#if defined (PACKET_ASSEMBLY) || defined (PACKET_DECODING)
#include "includes/netinet/ip.h"
#include "includes/netinet/udp.h"
#include "includes/netinet/if_ether.h"
54
#endif /* PACKET_ASSEMBLY || PACKET_DECODING */
Ted Lemon's avatar
Ted Lemon committed
55

56
57
/* Compute the easy part of the checksum on a range of bytes. */

Ted Lemon's avatar
Ted Lemon committed
58
u_int32_t checksum (buf, nbytes, sum)
59
	unsigned char *buf;
60
	unsigned nbytes;
61
62
	u_int32_t sum;
{
63
	unsigned i;
64

65
#ifdef DEBUG_CHECKSUM
66
	log_debug ("checksum (%x %d %x)", buf, nbytes, sum);
67
68
#endif

69
	/* Checksum all the pairs of bytes first... */
70
	for (i = 0; i < (nbytes & ~1U); i += 2) {
71
#ifdef DEBUG_CHECKSUM_VERBOSE
72
		log_debug ("sum = %x", sum);
73
#endif
Ted Lemon's avatar
Ted Lemon committed
74
		sum += (u_int16_t) ntohs(*((u_int16_t *)(buf + i)));
75
76
77
		/* Add carry. */
		if (sum > 0xFFFF)
			sum -= 0xFFFF;
78
	}	
Ted Lemon's avatar
Ted Lemon committed
79

80
81
82
	/* If there's a single byte left over, checksum it, too.   Network
	   byte order is big-endian, so the remaining byte is the high byte. */
	if (i < nbytes) {
83
#ifdef DEBUG_CHECKSUM_VERBOSE
84
		log_debug ("sum = %x", sum);
85
#endif
Ted Lemon's avatar
Ted Lemon committed
86
		sum += buf [i] << 8;
87
88
89
		/* Add carry. */
		if (sum > 0xFFFF)
			sum -= 0xFFFF;
90
91
92
93
94
	}
	
	return sum;
}

95
/* Finish computing the checksum, and then put it into network byte order. */
96

Ted Lemon's avatar
Ted Lemon committed
97
u_int32_t wrapsum (sum)
98
99
	u_int32_t sum;
{
100
#ifdef DEBUG_CHECKSUM
101
	log_debug ("wrapsum (%x)", sum);
102
#endif
Ted Lemon's avatar
Ted Lemon committed
103

104
	sum = ~sum & 0xFFFF;
105
#ifdef DEBUG_CHECKSUM_VERBOSE
106
	log_debug ("sum = %x", sum);
107
#endif
108
	
109
#ifdef DEBUG_CHECKSUM
110
	log_debug ("wrapsum returns %x", htons (sum));
111
#endif
Ted Lemon's avatar
Ted Lemon committed
112
	return htons(sum);
113
114
115
}

#ifdef PACKET_ASSEMBLY
116
117
118
void assemble_hw_header (interface, buf, bufix, to)
	struct interface_info *interface;
	unsigned char *buf;
119
	unsigned *bufix;
120
121
	struct hardware *to;
{
Ted Lemon's avatar
Ted Lemon committed
122
#if defined (HAVE_TR_SUPPORT)
123
	if (interface -> hw_address.hbuf [0] == HTYPE_IEEE802)
Ted Lemon's avatar
Ted Lemon committed
124
		assemble_tr_header (interface, buf, bufix, to);
125
	else
126
127
#endif
#if defined (DEC_FDDI)
128
	     if (interface -> hw_address.hbuf [0] == HTYPE_FDDI)
129
130
		     assemble_fddi_header (interface, buf, bufix, to);
	else
Ted Lemon's avatar
Ted Lemon committed
131
#endif
Ted Lemon's avatar
Ted Lemon committed
132
		assemble_ethernet_header (interface, buf, bufix, to);
133
134
135
136

}

/* UDP header and IP header assembled together for convenience. */
Ted Lemon's avatar
Ted Lemon committed
137

138
139
void assemble_udp_ip_header (interface, buf, bufix,
			     from, to, port, data, len)
140
141
	struct interface_info *interface;
	unsigned char *buf;
142
	unsigned *bufix;
143
144
	u_int32_t from;
	u_int32_t to;
145
	u_int32_t port;
146
	unsigned char *data;
147
	unsigned len;
148
149
150
151
152
{
	struct ip ip;
	struct udphdr udp;

	/* Fill out the IP header */
153
154
	IP_V_SET (&ip, 4);
	IP_HL_SET (&ip, 20);
155
156
157
158
159
160
161
	ip.ip_tos = IPTOS_LOWDELAY;
	ip.ip_len = htons(sizeof(ip) + sizeof(udp) + len);
	ip.ip_id = 0;
	ip.ip_off = 0;
	ip.ip_ttl = 16;
	ip.ip_p = IPPROTO_UDP;
	ip.ip_sum = 0;
162
163
	ip.ip_src.s_addr = from;
	ip.ip_dst.s_addr = to;
164
165
166
167
168
169
170
171
172
	
	/* Checksum the IP header... */
	ip.ip_sum = wrapsum (checksum ((unsigned char *)&ip, sizeof ip, 0));
	
	/* Copy the ip header into the buffer... */
	memcpy (&buf [*bufix], &ip, sizeof ip);
	*bufix += sizeof ip;

	/* Fill out the UDP header */
173
	udp.uh_sport = local_port;		/* XXX */
174
175
176
177
178
179
180
181
182
183
184
185
	udp.uh_dport = port;			/* XXX */
	udp.uh_ulen = htons(sizeof(udp) + len);
	memset (&udp.uh_sum, 0, sizeof udp.uh_sum);

	/* Compute UDP checksums, including the ``pseudo-header'', the UDP
	   header and the data. */

	udp.uh_sum =
		wrapsum (checksum ((unsigned char *)&udp, sizeof udp,
				   checksum (data, len, 
					     checksum ((unsigned char *)
						       &ip.ip_src,
Ted Lemon's avatar
Ted Lemon committed
186
						       2 * sizeof ip.ip_src,
187
188
189
190
191
192
193
194
						       IPPROTO_UDP +
						       (u_int32_t)
						       ntohs (udp.uh_ulen)))));

	/* Copy the udp header into the buffer... */
	memcpy (&buf [*bufix], &udp, sizeof udp);
	*bufix += sizeof udp;
}
195
#endif /* PACKET_ASSEMBLY */
Ted Lemon's avatar
Ted Lemon committed
196

197
#ifdef PACKET_DECODING
198
199
/* Decode a hardware header... */
/* XXX currently only supports ethernet; doesn't check for other types. */
Ted Lemon's avatar
Ted Lemon committed
200

201
ssize_t decode_hw_header (interface, buf, bufix, from)
202
203
     struct interface_info *interface;
     unsigned char *buf;
204
     unsigned bufix;
205
206
     struct hardware *from;
{
Ted Lemon's avatar
Ted Lemon committed
207
#if defined (HAVE_TR_SUPPORT)
208
	if (interface -> hw_address.hbuf [0] == HTYPE_IEEE802)
Ted Lemon's avatar
Ted Lemon committed
209
210
		return decode_tr_header (interface, buf, bufix, from);
	else
211
212
#endif
#if defined (DEC_FDDI)
213
214
	     if (interface -> hw_address.hbuf [0] == HTYPE_FDDI)
		     return decode_fddi_header (interface, buf, bufix, from);
215
	else
216
#endif
Ted Lemon's avatar
Ted Lemon committed
217
		return decode_ethernet_header (interface, buf, bufix, from);
Ted Lemon's avatar
Ted Lemon committed
218
219
}

220
/* UDP header and IP header decoded together for convenience. */
Ted Lemon's avatar
Ted Lemon committed
221

222
ssize_t decode_udp_ip_header (interface, buf, bufix, from, data, buflen)
223
224
	struct interface_info *interface;
	unsigned char *buf;
225
	unsigned bufix;
226
227
	struct sockaddr_in *from;
	unsigned char *data;
228
	unsigned buflen;
Ted Lemon's avatar
Ted Lemon committed
229
{
230
231
232
233
  struct ip *ip;
  struct udphdr *udp;
  u_int32_t ip_len = (buf [bufix] & 0xf) << 2;
  u_int32_t sum, usum;
234
235
236
237
238
239
  static int ip_packets_seen;
  static int ip_packets_bad_checksum;
  static int udp_packets_seen;
  static int udp_packets_bad_checksum;
  static int udp_packets_length_checked;
  static int udp_packets_length_overflow;
240
  unsigned len;
241
242
243
244
245
246
247
248
249
250

  ip = (struct ip *)(buf + bufix);
  udp = (struct udphdr *)(buf + bufix + ip_len);

#ifdef USERLAND_FILTER
  /* Is it a UDP packet? */
  if (ip -> ip_p != IPPROTO_UDP)
	  return -1;

  /* Is it to the port we're serving? */
251
  if (udp -> uh_dport != local_port)
252
253
	  return -1;
#endif /* USERLAND_FILTER */
254
255

  /* Check the IP header checksum - it should be zero. */
256
  ++ip_packets_seen;
257
  if (wrapsum (checksum (buf + bufix, ip_len, 0))) {
258
259
	  ++ip_packets_bad_checksum;
	  if (ip_packets_seen > 4 &&
260
	      (ip_packets_seen / ip_packets_bad_checksum) < 2) {
261
262
263
264
		  log_info ("%d bad IP checksums seen in %d packets",
			    ip_packets_bad_checksum, ip_packets_seen);
		  ip_packets_seen = ip_packets_bad_checksum = 0;
	  }
265
	  return -1;
266
  }
Ted Lemon's avatar
Ted Lemon committed
267

268
269
270
271
272
  /* Check the IP packet length. */
  if (ntohs (ip -> ip_len) != buflen)
	  log_debug ("ip length %d disagrees with bytes received %d.",
		     ntohs (ip -> ip_len), buflen);

273
274
  /* Copy out the IP source address... */
  memcpy (&from -> sin_addr, &ip -> ip_src, 4);
Ted Lemon's avatar
Ted Lemon committed
275

276
277
278
  /* Compute UDP checksums, including the ``pseudo-header'', the UDP
     header and the data.   If the UDP checksum field is zero, we're
     not supposed to do a checksum. */
Ted Lemon's avatar
Ted Lemon committed
279

280
281
  if (!data) {
	  data = buf + bufix + ip_len + sizeof *udp;
282
283
	  len = ntohs (udp -> uh_ulen) - sizeof *udp;
	  ++udp_packets_length_checked;
284
	  if (len + data > buf + bufix + buflen) {
285
286
287
288
289
290
291
		  ++udp_packets_length_overflow;
		  if (udp_packets_length_checked > 4 &&
		      (udp_packets_length_checked /
		       udp_packets_length_overflow) < 2) {
			  log_info ("%d udp packets in %d too long - dropped",
				    udp_packets_length_overflow,
				    udp_packets_length_checked);
292
293
			  udp_packets_length_overflow =
				  udp_packets_length_checked = 0;
294
295
296
		  }
		  return -1;
	  }
297
	  if (len + data != buf + bufix + buflen)
298
		  log_debug ("accepting packet with data after udp payload.");
299
  }
Ted Lemon's avatar
Ted Lemon committed
300

301
302
  usum = udp -> uh_sum;
  udp -> uh_sum = 0;
303

304
305
306
307
  sum = wrapsum (checksum ((unsigned char *)udp, sizeof *udp,
			   checksum (data, len,
				     checksum ((unsigned char *)
					       &ip -> ip_src,
Ted Lemon's avatar
Ted Lemon committed
308
					       2 * sizeof ip -> ip_src,
309
310
311
312
					       IPPROTO_UDP +
					       (u_int32_t)
					       ntohs (udp -> uh_ulen)))));

313
  udp_packets_seen++;
314
  if (usum && usum != sum) {
315
	  udp_packets_bad_checksum++;
316
317
	  if (udp_packets_seen > 4 &&
	      (udp_packets_seen / udp_packets_bad_checksum) < 2) {
318
		  log_info ("%d bad udp checksums in %d packets",
319
320
321
			    udp_packets_bad_checksum, udp_packets_seen);
		  udp_packets_seen = udp_packets_bad_checksum = 0;
	  }
322
323
	  return -1;
  }
Ted Lemon's avatar
Ted Lemon committed
324

325
326
327
328
  /* Copy out the port... */
  memcpy (&from -> sin_port, &udp -> uh_sport, sizeof udp -> uh_sport);

  return ip_len + sizeof *udp;
Ted Lemon's avatar
Ted Lemon committed
329
}
330
#endif /* PACKET_DECODING */