xref: /openbsd-src/usr.sbin/dhcrelay/packet.c (revision e5157e49389faebcb42b7237d55fbf096d9c2523) 
1 /*	$OpenBSD: packet.c,v 1.5 2014/10/25 03:23:49 lteo Exp $	*/
2 
3 /* Packet assembly code, originally contributed by Archie Cobbs. */
4 
5 /*
6  * Copyright (c) 1995, 1996, 1999 The Internet Software Consortium.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  *
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of The Internet Software Consortium nor the names
19  *    of its contributors may be used to endorse or promote products derived
20  *    from this software without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
23  * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
25  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
26  * DISCLAIMED.  IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
27  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
29  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
30  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
31  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
32  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
33  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34  * SUCH DAMAGE.
35  *
36  * This software has been written for the Internet Software Consortium
37  * by Ted Lemon <mellon@fugue.com> in cooperation with Vixie
38  * Enterprises.  To learn more about the Internet Software Consortium,
39  * see ``http://www.vix.com/isc''.  To learn more about Vixie
40  * Enterprises, see ``http://www.vix.com''.
41  */
42 
43 #include "dhcpd.h"
44 
45 #include <net/if_enc.h>
46 #include <netinet/ip.h>
47 #include <netinet/udp.h>
48 #include <netinet/if_ether.h>
49 
50 #define ETHER_HEADER_SIZE (ETHER_ADDR_LEN * 2 + sizeof(u_int16_t))
51 
52 u_int32_t	checksum(unsigned char *, unsigned, u_int32_t);
53 u_int32_t	wrapsum(u_int32_t);
54 
55 u_int32_t
56 checksum(unsigned char *buf, unsigned nbytes, u_int32_t sum)
57 {
58 	int i;
59 
60 	/* Checksum all the pairs of bytes first... */
61 	for (i = 0; i < (nbytes & ~1U); i += 2) {
62 		sum += (u_int16_t)ntohs(*((u_int16_t *)(buf + i)));
63 		if (sum > 0xFFFF)
64 			sum -= 0xFFFF;
65 	}
66 
67 	/*
68 	 * If there's a single byte left over, checksum it, too.
69 	 * Network byte order is big-endian, so the remaining byte is
70 	 * the high byte.
71 	 */
72 	if (i < nbytes) {
73 		sum += buf[i] << 8;
74 		if (sum > 0xFFFF)
75 			sum -= 0xFFFF;
76 	}
77 
78 	return (sum);
79 }
80 
81 u_int32_t
82 wrapsum(u_int32_t sum)
83 {
84 	sum = ~sum & 0xFFFF;
85 	return (htons(sum));
86 }
87 
88 void
89 assemble_hw_header(struct interface_info *interface, unsigned char *buf,
90     int *bufix, struct hardware *to)
91 {
92 	struct ether_header eh;
93 
94 	if (to != NULL && to->hlen == 6) /* XXX */
95 		memcpy(eh.ether_dhost, to->haddr, sizeof(eh.ether_dhost));
96 	else
97 		memset(eh.ether_dhost, 0xff, sizeof(eh.ether_dhost));
98 
99 	/* source address is filled in by the kernel */
100 	memset(eh.ether_shost, 0x00, sizeof(eh.ether_shost));
101 
102 	eh.ether_type = htons(ETHERTYPE_IP);
103 
104 	memcpy(&buf[*bufix], &eh, ETHER_HEADER_SIZE);
105 	*bufix += ETHER_HEADER_SIZE;
106 }
107 
108 void
109 assemble_udp_ip_header(struct interface_info *interface, unsigned char *buf,
110     int *bufix, u_int32_t from, u_int32_t to, unsigned int port,
111     unsigned char *data, int len)
112 {
113 	struct ip ip;
114 	struct udphdr udp;
115 
116 	ip.ip_v = 4;
117 	ip.ip_hl = 5;
118 	ip.ip_tos = IPTOS_LOWDELAY;
119 	ip.ip_len = htons(sizeof(ip) + sizeof(udp) + len);
120 	ip.ip_id = 0;
121 	ip.ip_off = 0;
122 	ip.ip_ttl = 16;
123 	ip.ip_p = IPPROTO_UDP;
124 	ip.ip_sum = 0;
125 	ip.ip_src.s_addr = from;
126 	ip.ip_dst.s_addr = to;
127 
128 	ip.ip_sum = wrapsum(checksum((unsigned char *)&ip, sizeof(ip), 0));
129 	memcpy(&buf[*bufix], &ip, sizeof(ip));
130 	*bufix += sizeof(ip);
131 
132 	udp.uh_sport = server_port;	/* XXX */
133 	udp.uh_dport = port;			/* XXX */
134 	udp.uh_ulen = htons(sizeof(udp) + len);
135 	memset(&udp.uh_sum, 0, sizeof(udp.uh_sum));
136 
137 	udp.uh_sum = wrapsum(checksum((unsigned char *)&udp, sizeof(udp),
138 	    checksum(data, len, checksum((unsigned char *)&ip.ip_src,
139 	    2 * sizeof(ip.ip_src),
140 	    IPPROTO_UDP + (u_int32_t)ntohs(udp.uh_ulen)))));
141 
142 	memcpy(&buf[*bufix], &udp, sizeof(udp));
143 	*bufix += sizeof(udp);
144 }
145 
146 ssize_t
147 decode_hw_header(struct interface_info *interface, unsigned char *buf,
148     int bufix, struct hardware *from)
149 {
150 	struct ether_header eh;
151 	size_t offset = 0;
152 
153 	if (interface->hw_address.htype == HTYPE_IPSEC_TUNNEL) {
154 		u_int32_t ip_len;
155 		struct ip *ip;
156 
157 		bufix += ENC_HDRLEN;
158 		ip_len = (buf[bufix] & 0xf) << 2;
159 		ip = (struct ip *)(buf + bufix);
160 
161 		/* Encapsulated IP */
162 		if (ip->ip_p != IPPROTO_IPIP)
163 			return (-1);
164 
165 		bzero(&eh, sizeof(eh));
166 		offset = ENC_HDRLEN + ip_len;
167 	} else {
168 		memcpy(&eh, buf + bufix, ETHER_HEADER_SIZE);
169 		offset = sizeof(eh);
170 	}
171 
172 	memcpy(from->haddr, eh.ether_shost, sizeof(eh.ether_shost));
173 	from->htype = ARPHRD_ETHER;
174 	from->hlen = sizeof(eh.ether_shost);
175 
176 	return (offset);
177 }
178 
179 ssize_t
180 decode_udp_ip_header(struct interface_info *interface, unsigned char *buf,
181     int bufix, struct sockaddr_in *from, unsigned char *data, int buflen)
182 {
183 	struct ip *ip;
184 	struct udphdr *udp;
185 	u_int32_t ip_len = (buf[bufix] & 0xf) << 2;
186 	u_int32_t sum, usum;
187 	static int ip_packets_seen;
188 	static int ip_packets_bad_checksum;
189 	static int udp_packets_seen;
190 	static int udp_packets_bad_checksum;
191 	static int udp_packets_length_checked;
192 	static int udp_packets_length_overflow;
193 	int len = 0;
194 
195 	ip = (struct ip *)(buf + bufix);
196 	udp = (struct udphdr *)(buf + bufix + ip_len);
197 
198 	/* Check the IP header checksum - it should be zero. */
199 	ip_packets_seen++;
200 	if (wrapsum(checksum(buf + bufix, ip_len, 0)) != 0) {
201 		ip_packets_bad_checksum++;
202 		if (ip_packets_seen > 4 && ip_packets_bad_checksum != 0 &&
203 		    (ip_packets_seen / ip_packets_bad_checksum) < 2) {
204 			note("%d bad IP checksums seen in %d packets",
205 			    ip_packets_bad_checksum, ip_packets_seen);
206 			ip_packets_seen = ip_packets_bad_checksum = 0;
207 		}
208 		return (-1);
209 	}
210 
211 	if (ntohs(ip->ip_len) != buflen)
212 		debug("ip length %d disagrees with bytes received %d.",
213 		    ntohs(ip->ip_len), buflen);
214 
215 	memcpy(&from->sin_addr, &ip->ip_src, 4);
216 
217 	/*
218 	 * Compute UDP checksums, including the ``pseudo-header'', the
219 	 * UDP header and the data.   If the UDP checksum field is zero,
220 	 * we're not supposed to do a checksum.
221 	 */
222 	if (!data) {
223 		data = buf + bufix + ip_len + sizeof(*udp);
224 		len = ntohs(udp->uh_ulen) - sizeof(*udp);
225 		udp_packets_length_checked++;
226 		if (len + data > buf + bufix + buflen) {
227 			udp_packets_length_overflow++;
228 			if (udp_packets_length_checked > 4 &&
229 			    udp_packets_length_overflow != 0 &&
230 			    (udp_packets_length_checked /
231 			    udp_packets_length_overflow) < 2) {
232 				note("%d udp packets in %d too long - dropped",
233 				    udp_packets_length_overflow,
234 				    udp_packets_length_checked);
235 				udp_packets_length_overflow =
236 				    udp_packets_length_checked = 0;
237 			}
238 			return (-1);
239 		}
240 		if (len + data != buf + bufix + buflen)
241 			debug("accepting packet with data after udp payload.");
242 	}
243 
244 	usum = udp->uh_sum;
245 	udp->uh_sum = 0;
246 
247 	sum = wrapsum(checksum((unsigned char *)udp, sizeof(*udp),
248 	    checksum(data, len, checksum((unsigned char *)&ip->ip_src,
249 	    2 * sizeof(ip->ip_src),
250 	    IPPROTO_UDP + (u_int32_t)ntohs(udp->uh_ulen)))));
251 
252 	udp_packets_seen++;
253 	if (usum && usum != sum) {
254 		udp_packets_bad_checksum++;
255 		if (udp_packets_seen > 4 && udp_packets_bad_checksum != 0 &&
256 		    (udp_packets_seen / udp_packets_bad_checksum) < 2) {
257 			note("%d bad udp checksums in %d packets",
258 			    udp_packets_bad_checksum, udp_packets_seen);
259 			udp_packets_seen = udp_packets_bad_checksum = 0;
260 		}
261 		return (-1);
262 	}
263 
264 	memcpy(&from->sin_port, &udp->uh_sport, sizeof(udp->uh_sport));
265 
266 	return (ip_len + sizeof(*udp));
267 }
268