1 /* $OpenBSD: packet.c,v 1.6 2013/12/05 21:03:40 krw Exp $ */ 2 3 /* Packet assembly code, originally contributed by Archie Cobbs. */ 4 5 /* 6 * Copyright (c) 1995, 1996, 1999 The Internet Software Consortium. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of The Internet Software Consortium nor the names 19 * of its contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND 23 * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 24 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 25 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 26 * DISCLAIMED. IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR 27 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 29 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 30 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 31 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 32 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 33 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * This software has been written for the Internet Software Consortium 37 * by Ted Lemon <mellon@fugue.com> in cooperation with Vixie 38 * Enterprises. To learn more about the Internet Software Consortium, 39 * see ``http://www.vix.com/isc''. To learn more about Vixie 40 * Enterprises, see ``http://www.vix.com''. 41 */ 42 43 #include "dhcpd.h" 44 45 #include <netinet/in_systm.h> 46 #include <netinet/ip.h> 47 #include <netinet/udp.h> 48 #include <netinet/if_ether.h> 49 50 u_int32_t checksum(unsigned char *, unsigned, u_int32_t); 51 u_int32_t wrapsum(u_int32_t); 52 53 u_int32_t 54 checksum(unsigned char *buf, unsigned nbytes, u_int32_t sum) 55 { 56 int i; 57 58 /* Checksum all the pairs of bytes first... */ 59 for (i = 0; i < (nbytes & ~1U); i += 2) { 60 sum += (u_int16_t)ntohs(*((u_int16_t *)(buf + i))); 61 if (sum > 0xFFFF) 62 sum -= 0xFFFF; 63 } 64 65 /* 66 * If there's a single byte left over, checksum it, too. 67 * Network byte order is big-endian, so the remaining byte is 68 * the high byte. 69 */ 70 if (i < nbytes) { 71 sum += buf[i] << 8; 72 if (sum > 0xFFFF) 73 sum -= 0xFFFF; 74 } 75 76 return (sum); 77 } 78 79 u_int32_t 80 wrapsum(u_int32_t sum) 81 { 82 sum = ~sum & 0xFFFF; 83 return (htons(sum)); 84 } 85 86 void 87 assemble_hw_header(struct interface_info *interface, unsigned char *buf, 88 int *bufix, struct hardware *to) 89 { 90 struct ether_header eh; 91 92 if (to != NULL && to->hlen == 6) /* XXX */ 93 memcpy(eh.ether_dhost, to->haddr, sizeof(eh.ether_dhost)); 94 else 95 memset(eh.ether_dhost, 0xff, sizeof(eh.ether_dhost)); 96 97 /* source address is filled in by the kernel */ 98 memset(eh.ether_shost, 0x00, sizeof(eh.ether_shost)); 99 100 eh.ether_type = htons(ETHERTYPE_IP); 101 102 memcpy(&buf[*bufix], &eh, ETHER_HDR_LEN); 103 *bufix += ETHER_HDR_LEN; 104 } 105 106 void 107 assemble_udp_ip_header(struct interface_info *interface, unsigned char *buf, 108 int *bufix, u_int32_t from, u_int32_t to, unsigned int port, 109 unsigned char *data, int len) 110 { 111 struct ip ip; 112 struct udphdr udp; 113 114 ip.ip_v = 4; 115 ip.ip_hl = 5; 116 ip.ip_tos = IPTOS_LOWDELAY; 117 ip.ip_len = htons(sizeof(ip) + sizeof(udp) + len); 118 ip.ip_id = 0; 119 ip.ip_off = 0; 120 ip.ip_ttl = 16; 121 ip.ip_p = IPPROTO_UDP; 122 ip.ip_sum = 0; 123 ip.ip_src.s_addr = from; 124 ip.ip_dst.s_addr = to; 125 126 ip.ip_sum = wrapsum(checksum((unsigned char *)&ip, sizeof(ip), 0)); 127 memcpy(&buf[*bufix], &ip, sizeof(ip)); 128 *bufix += sizeof(ip); 129 130 udp.uh_sport = server_port; /* XXX */ 131 udp.uh_dport = port; /* XXX */ 132 udp.uh_ulen = htons(sizeof(udp) + len); 133 memset(&udp.uh_sum, 0, sizeof(udp.uh_sum)); 134 135 udp.uh_sum = wrapsum(checksum((unsigned char *)&udp, sizeof(udp), 136 checksum(data, len, checksum((unsigned char *)&ip.ip_src, 137 2 * sizeof(ip.ip_src), 138 IPPROTO_UDP + (u_int32_t)ntohs(udp.uh_ulen))))); 139 140 memcpy(&buf[*bufix], &udp, sizeof(udp)); 141 *bufix += sizeof(udp); 142 } 143 144 ssize_t 145 decode_hw_header(struct interface_info *interface, unsigned char *buf, 146 int bufix, struct hardware *from) 147 { 148 struct ether_header eh; 149 150 memcpy(&eh, buf + bufix, ETHER_HDR_LEN); 151 152 memcpy(from->haddr, eh.ether_shost, sizeof(eh.ether_shost)); 153 from->htype = ARPHRD_ETHER; 154 from->hlen = sizeof(eh.ether_shost); 155 156 return (sizeof(eh)); 157 } 158 159 ssize_t 160 decode_udp_ip_header(struct interface_info *interface, unsigned char *buf, 161 int bufix, struct sockaddr_in *from, int buflen) 162 { 163 struct ip *ip; 164 struct udphdr *udp; 165 unsigned char *data; 166 u_int32_t ip_len = (buf[bufix] & 0xf) << 2; 167 u_int32_t sum, usum; 168 static int ip_packets_seen; 169 static int ip_packets_bad_checksum; 170 static int udp_packets_seen; 171 static int udp_packets_bad_checksum; 172 static int udp_packets_length_checked; 173 static int udp_packets_length_overflow; 174 int len; 175 176 ip = (struct ip *)(buf + bufix); 177 udp = (struct udphdr *)(buf + bufix + ip_len); 178 179 /* Check the IP header checksum - it should be zero. */ 180 ip_packets_seen++; 181 if (wrapsum(checksum(buf + bufix, ip_len, 0)) != 0) { 182 ip_packets_bad_checksum++; 183 if (ip_packets_seen > 4 && 184 (ip_packets_seen / ip_packets_bad_checksum) < 2) { 185 note("%d bad IP checksums seen in %d packets", 186 ip_packets_bad_checksum, ip_packets_seen); 187 ip_packets_seen = ip_packets_bad_checksum = 0; 188 } 189 return (-1); 190 } 191 192 if (ntohs(ip->ip_len) != buflen) 193 debug("ip length %d disagrees with bytes received %d.", 194 ntohs(ip->ip_len), buflen); 195 196 memcpy(&from->sin_addr, &ip->ip_src, 4); 197 198 /* 199 * Compute UDP checksums, including the ``pseudo-header'', the 200 * UDP header and the data. If the UDP checksum field is zero, 201 * we're not supposed to do a checksum. 202 */ 203 data = buf + bufix + ip_len + sizeof(*udp); 204 len = ntohs(udp->uh_ulen) - sizeof(*udp); 205 udp_packets_length_checked++; 206 if ((len < 0) || (len + data > buf + bufix + buflen)) { 207 udp_packets_length_overflow++; 208 if (udp_packets_length_checked > 4 && 209 (udp_packets_length_checked / 210 udp_packets_length_overflow) < 2) { 211 note("%d udp packets in %d too long - dropped", 212 udp_packets_length_overflow, 213 udp_packets_length_checked); 214 udp_packets_length_overflow = 215 udp_packets_length_checked = 0; 216 } 217 return (-1); 218 } 219 if (len + data != buf + bufix + buflen) 220 debug("accepting packet with data after udp payload."); 221 222 usum = udp->uh_sum; 223 udp->uh_sum = 0; 224 225 sum = wrapsum(checksum((unsigned char *)udp, sizeof(*udp), 226 checksum(data, len, checksum((unsigned char *)&ip->ip_src, 227 2 * sizeof(ip->ip_src), 228 IPPROTO_UDP + (u_int32_t)ntohs(udp->uh_ulen))))); 229 230 udp_packets_seen++; 231 if (usum && usum != sum) { 232 udp_packets_bad_checksum++; 233 if (udp_packets_seen > 4 && 234 (udp_packets_seen / udp_packets_bad_checksum) < 2) { 235 note("%d bad udp checksums in %d packets", 236 udp_packets_bad_checksum, udp_packets_seen); 237 udp_packets_seen = udp_packets_bad_checksum = 0; 238 } 239 return (-1); 240 } 241 242 memcpy(&from->sin_port, &udp->uh_sport, sizeof(udp->uh_sport)); 243 244 return (ip_len + sizeof(*udp)); 245 } 246