1 /* $OpenBSD: packet.c,v 1.9 2004/05/04 18:58:50 deraadt Exp $ */ 2 3 /* Packet assembly code, originally contributed by Archie Cobbs. */ 4 5 /* 6 * Copyright (c) 1995, 1996, 1999 The Internet Software Consortium. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of The Internet Software Consortium nor the names 19 * of its contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND 23 * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 24 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 25 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 26 * DISCLAIMED. IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR 27 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 29 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 30 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 31 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 32 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 33 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * This software has been written for the Internet Software Consortium 37 * by Ted Lemon <mellon@fugue.com> in cooperation with Vixie 38 * Enterprises. To learn more about the Internet Software Consortium, 39 * see ``http://www.vix.com/isc''. To learn more about Vixie 40 * Enterprises, see ``http://www.vix.com''. 41 */ 42 43 #include <sys/cdefs.h> 44 __FBSDID("$FreeBSD$"); 45 46 #include "dhcpd.h" 47 48 #include <netinet/in_systm.h> 49 #include <netinet/ip.h> 50 #include <netinet/udp.h> 51 #include <netinet/if_ether.h> 52 53 #define ETHER_HEADER_SIZE (ETHER_ADDR_LEN * 2 + sizeof(u_int16_t)) 54 55 u_int32_t checksum(unsigned char *, unsigned, u_int32_t); 56 u_int32_t wrapsum(u_int32_t); 57 58 void assemble_ethernet_header(struct interface_info *, unsigned char *, 59 int *, struct hardware *); 60 ssize_t decode_ethernet_header(struct interface_info *, unsigned char *, 61 int bufix, struct hardware *); 62 63 u_int32_t 64 checksum(unsigned char *buf, unsigned nbytes, u_int32_t sum) 65 { 66 int i; 67 68 /* Checksum all the pairs of bytes first... */ 69 for (i = 0; i < (nbytes & ~1U); i += 2) { 70 sum += (u_int16_t)ntohs(*((u_int16_t *)(buf + i))); 71 if (sum > 0xFFFF) 72 sum -= 0xFFFF; 73 } 74 75 /* 76 * If there's a single byte left over, checksum it, too. 77 * Network byte order is big-endian, so the remaining byte is 78 * the high byte. 79 */ 80 if (i < nbytes) { 81 sum += buf[i] << 8; 82 if (sum > 0xFFFF) 83 sum -= 0xFFFF; 84 } 85 86 return (sum); 87 } 88 89 u_int32_t 90 wrapsum(u_int32_t sum) 91 { 92 sum = ~sum & 0xFFFF; 93 return (htons(sum)); 94 } 95 96 void 97 assemble_hw_header(struct interface_info *interface, unsigned char *buf, 98 int *bufix, struct hardware *to) 99 { 100 struct ether_header eh; 101 102 if (to != NULL && to->hlen == 6) /* XXX */ 103 memcpy(eh.ether_dhost, to->haddr, sizeof(eh.ether_dhost)); 104 else 105 memset(eh.ether_dhost, 0xff, sizeof(eh.ether_dhost)); 106 if (interface->hw_address.hlen == sizeof(eh.ether_shost)) 107 memcpy(eh.ether_shost, interface->hw_address.haddr, 108 sizeof(eh.ether_shost)); 109 else 110 memset(eh.ether_shost, 0x00, sizeof(eh.ether_shost)); 111 112 eh.ether_type = htons(ETHERTYPE_IP); 113 114 memcpy(&buf[*bufix], &eh, ETHER_HEADER_SIZE); 115 *bufix += ETHER_HEADER_SIZE; 116 } 117 118 void 119 assemble_udp_ip_header(unsigned char *buf, int *bufix, u_int32_t from, 120 u_int32_t to, unsigned int port, unsigned char *data, int len) 121 { 122 struct ip ip; 123 struct udphdr udp; 124 125 ip.ip_v = 4; 126 ip.ip_hl = 5; 127 ip.ip_tos = IPTOS_LOWDELAY; 128 ip.ip_len = htons(sizeof(ip) + sizeof(udp) + len); 129 ip.ip_id = 0; 130 ip.ip_off = 0; 131 ip.ip_ttl = 128; 132 ip.ip_p = IPPROTO_UDP; 133 ip.ip_sum = 0; 134 ip.ip_src.s_addr = from; 135 ip.ip_dst.s_addr = to; 136 137 ip.ip_sum = wrapsum(checksum((unsigned char *)&ip, sizeof(ip), 0)); 138 139 /* 140 * While the BPF -- used for broadcasts -- expects a "true" IP header 141 * with all the bytes in network byte order, the raw socket interface 142 * which is used for unicasts expects the ip_len field to be in host 143 * byte order. In both cases, the checksum has to be correct, so this 144 * is as good a place as any to turn the bytes around again. 145 */ 146 if (to != INADDR_BROADCAST) 147 ip.ip_len = ntohs(ip.ip_len); 148 149 memcpy(&buf[*bufix], &ip, sizeof(ip)); 150 *bufix += sizeof(ip); 151 152 udp.uh_sport = htons(LOCAL_PORT); /* XXX */ 153 udp.uh_dport = port; /* XXX */ 154 udp.uh_ulen = htons(sizeof(udp) + len); 155 memset(&udp.uh_sum, 0, sizeof(udp.uh_sum)); 156 157 udp.uh_sum = wrapsum(checksum((unsigned char *)&udp, sizeof(udp), 158 checksum(data, len, checksum((unsigned char *)&ip.ip_src, 159 2 * sizeof(ip.ip_src), 160 IPPROTO_UDP + (u_int32_t)ntohs(udp.uh_ulen))))); 161 162 memcpy(&buf[*bufix], &udp, sizeof(udp)); 163 *bufix += sizeof(udp); 164 } 165 166 ssize_t 167 decode_hw_header(unsigned char *buf, int bufix, struct hardware *from) 168 { 169 struct ether_header eh; 170 171 memcpy(&eh, buf + bufix, ETHER_HEADER_SIZE); 172 173 memcpy(from->haddr, eh.ether_shost, sizeof(eh.ether_shost)); 174 from->htype = ARPHRD_ETHER; 175 from->hlen = sizeof(eh.ether_shost); 176 177 return (sizeof(eh)); 178 } 179 180 ssize_t 181 decode_udp_ip_header(unsigned char *buf, int bufix, struct sockaddr_in *from, 182 unsigned char *data, int buflen) 183 { 184 struct ip *ip; 185 struct udphdr *udp; 186 u_int32_t ip_len = (buf[bufix] & 0xf) << 2; 187 u_int32_t sum, usum; 188 static int ip_packets_seen; 189 static int ip_packets_bad_checksum; 190 static int udp_packets_seen; 191 static int udp_packets_bad_checksum; 192 static int udp_packets_length_checked; 193 static int udp_packets_length_overflow; 194 int len = 0; 195 196 ip = (struct ip *)(buf + bufix); 197 udp = (struct udphdr *)(buf + bufix + ip_len); 198 199 /* Check the IP header checksum - it should be zero. */ 200 ip_packets_seen++; 201 if (wrapsum(checksum(buf + bufix, ip_len, 0)) != 0) { 202 ip_packets_bad_checksum++; 203 if (ip_packets_seen > 4 && 204 (ip_packets_seen / ip_packets_bad_checksum) < 2) { 205 note("%d bad IP checksums seen in %d packets", 206 ip_packets_bad_checksum, ip_packets_seen); 207 ip_packets_seen = ip_packets_bad_checksum = 0; 208 } 209 return (-1); 210 } 211 212 if (ntohs(ip->ip_len) != buflen) 213 debug("ip length %d disagrees with bytes received %d.", 214 ntohs(ip->ip_len), buflen); 215 216 memcpy(&from->sin_addr, &ip->ip_src, 4); 217 218 /* 219 * Compute UDP checksums, including the ``pseudo-header'', the 220 * UDP header and the data. If the UDP checksum field is zero, 221 * we're not supposed to do a checksum. 222 */ 223 if (!data) { 224 data = buf + bufix + ip_len + sizeof(*udp); 225 len = ntohs(udp->uh_ulen) - sizeof(*udp); 226 udp_packets_length_checked++; 227 if (len + data > buf + bufix + buflen) { 228 udp_packets_length_overflow++; 229 if (udp_packets_length_checked > 4 && 230 (udp_packets_length_checked / 231 udp_packets_length_overflow) < 2) { 232 note("%d udp packets in %d too long - dropped", 233 udp_packets_length_overflow, 234 udp_packets_length_checked); 235 udp_packets_length_overflow = 236 udp_packets_length_checked = 0; 237 } 238 return (-1); 239 } 240 if (len + data != buf + bufix + buflen) 241 debug("accepting packet with data after udp payload."); 242 } 243 244 usum = udp->uh_sum; 245 udp->uh_sum = 0; 246 247 sum = wrapsum(checksum((unsigned char *)udp, sizeof(*udp), 248 checksum(data, len, checksum((unsigned char *)&ip->ip_src, 249 2 * sizeof(ip->ip_src), 250 IPPROTO_UDP + (u_int32_t)ntohs(udp->uh_ulen))))); 251 252 udp_packets_seen++; 253 if (usum && usum != sum) { 254 udp_packets_bad_checksum++; 255 if (udp_packets_seen > 4 && 256 (udp_packets_seen / udp_packets_bad_checksum) < 2) { 257 note("%d bad udp checksums in %d packets", 258 udp_packets_bad_checksum, udp_packets_seen); 259 udp_packets_seen = udp_packets_bad_checksum = 0; 260 } 261 return (-1); 262 } 263 264 memcpy(&from->sin_port, &udp->uh_sport, sizeof(udp->uh_sport)); 265 266 return (ip_len + sizeof(*udp)); 267 } 268