mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-24 16:28:23 -05:00
BSD: Use struct ip rather than struct iphdr
As we define __FAVOR_BSD use the BSD IP header. Compile tested on NetBSD, DragonFlyBSD, and Linux. Signed-off-by: Roy Marples <roy@marples.name>
This commit is contained in:
parent
3ea58a0548
commit
a8b00423ea
@ -11,7 +11,11 @@
|
||||
#ifndef CONFIG_NATIVE_WINDOWS
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
#ifdef __NetBSD__
|
||||
#include <net/if_ether.h>
|
||||
#else
|
||||
#include <net/ethernet.h>
|
||||
#endif
|
||||
#include <netinet/ip.h>
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
@ -1857,7 +1861,7 @@ static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
|
||||
{
|
||||
struct hostapd_data *hapd = ctx;
|
||||
const struct ether_header *eth;
|
||||
struct iphdr ip;
|
||||
struct ip ip;
|
||||
const u8 *pos;
|
||||
unsigned int i;
|
||||
char extra[30];
|
||||
@ -1873,14 +1877,14 @@ static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
|
||||
os_memcpy(&ip, eth + 1, sizeof(ip));
|
||||
pos = &buf[sizeof(*eth) + sizeof(ip)];
|
||||
|
||||
if (ip.ihl != 5 || ip.version != 4 ||
|
||||
ntohs(ip.tot_len) > HWSIM_IP_LEN) {
|
||||
if (ip.ip_hl != 5 || ip.ip_v != 4 ||
|
||||
ntohs(ip.ip_len) > HWSIM_IP_LEN) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"test data: RX - ignore unexpect IP header");
|
||||
return;
|
||||
}
|
||||
|
||||
for (i = 0; i < ntohs(ip.tot_len) - sizeof(ip); i++) {
|
||||
for (i = 0; i < ntohs(ip.ip_len) - sizeof(ip); i++) {
|
||||
if (*pos != (u8) i) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"test data: RX - ignore mismatching payload");
|
||||
@ -1890,8 +1894,8 @@ static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
|
||||
}
|
||||
|
||||
extra[0] = '\0';
|
||||
if (ntohs(ip.tot_len) != HWSIM_IP_LEN)
|
||||
os_snprintf(extra, sizeof(extra), " len=%d", ntohs(ip.tot_len));
|
||||
if (ntohs(ip.ip_len) != HWSIM_IP_LEN)
|
||||
os_snprintf(extra, sizeof(extra), " len=%d", ntohs(ip.ip_len));
|
||||
wpa_msg(hapd->msg_ctx, MSG_INFO, "DATA-TEST-RX " MACSTR " " MACSTR "%s",
|
||||
MAC2STR(eth->ether_dhost), MAC2STR(eth->ether_shost), extra);
|
||||
}
|
||||
@ -1944,7 +1948,7 @@ static int hostapd_ctrl_iface_data_test_tx(struct hostapd_data *hapd, char *cmd)
|
||||
u8 tos;
|
||||
u8 buf[2 + HWSIM_PACKETLEN];
|
||||
struct ether_header *eth;
|
||||
struct iphdr *ip;
|
||||
struct ip *ip;
|
||||
u8 *dpos;
|
||||
unsigned int i;
|
||||
size_t send_len = HWSIM_IP_LEN;
|
||||
@ -1983,17 +1987,17 @@ static int hostapd_ctrl_iface_data_test_tx(struct hostapd_data *hapd, char *cmd)
|
||||
os_memcpy(eth->ether_dhost, dst, ETH_ALEN);
|
||||
os_memcpy(eth->ether_shost, src, ETH_ALEN);
|
||||
eth->ether_type = htons(ETHERTYPE_IP);
|
||||
ip = (struct iphdr *) (eth + 1);
|
||||
ip = (struct ip *) (eth + 1);
|
||||
os_memset(ip, 0, sizeof(*ip));
|
||||
ip->ihl = 5;
|
||||
ip->version = 4;
|
||||
ip->ttl = 64;
|
||||
ip->tos = tos;
|
||||
ip->tot_len = htons(send_len);
|
||||
ip->protocol = 1;
|
||||
ip->saddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
|
||||
ip->daddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
|
||||
ip->check = ipv4_hdr_checksum(ip, sizeof(*ip));
|
||||
ip->ip_hl = 5;
|
||||
ip->ip_v = 4;
|
||||
ip->ip_ttl = 64;
|
||||
ip->ip_tos = tos;
|
||||
ip->ip_len = htons(send_len);
|
||||
ip->ip_p = 1;
|
||||
ip->ip_src.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
|
||||
ip->ip_dst.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
|
||||
ip->ip_sum = ipv4_hdr_checksum(ip, sizeof(*ip));
|
||||
dpos = (u8 *) (ip + 1);
|
||||
for (i = 0; i < send_len - sizeof(*ip); i++)
|
||||
*dpos++ = i;
|
||||
|
@ -39,22 +39,22 @@ static void handle_dhcp(void *ctx, const u8 *src_addr, const u8 *buf,
|
||||
const u8 *end, *pos;
|
||||
int res, msgtype = 0, prefixlen = 32;
|
||||
u32 subnet_mask = 0;
|
||||
u16 tot_len;
|
||||
u16 ip_len;
|
||||
|
||||
exten_len = len - ETH_HLEN - (sizeof(*b) - sizeof(b->exten));
|
||||
if (exten_len < 4)
|
||||
return;
|
||||
|
||||
b = (const struct bootp_pkt *) &buf[ETH_HLEN];
|
||||
tot_len = ntohs(b->iph.tot_len);
|
||||
if (tot_len > (unsigned int) (len - ETH_HLEN))
|
||||
ip_len = ntohs(b->iph.ip_len);
|
||||
if (ip_len > (unsigned int) (len - ETH_HLEN))
|
||||
return;
|
||||
|
||||
if (WPA_GET_BE32(b->exten) != DHCP_MAGIC)
|
||||
return;
|
||||
|
||||
/* Parse DHCP options */
|
||||
end = (const u8 *) b + tot_len;
|
||||
end = (const u8 *) b + ip_len;
|
||||
pos = &b->exten[4];
|
||||
while (pos < end && *pos != DHCP_OPT_END) {
|
||||
const u8 *opt = pos++;
|
||||
|
@ -158,7 +158,7 @@ static void fils_dhcp_handler(int sd, void *eloop_ctx, void *sock_ctx)
|
||||
ssize_t res;
|
||||
u8 msgtype = 0;
|
||||
int rapid_commit = 0;
|
||||
struct iphdr *iph;
|
||||
struct ip *iph;
|
||||
struct udphdr *udph;
|
||||
struct wpabuf *resp;
|
||||
const u8 *rpos;
|
||||
@ -259,14 +259,14 @@ static void fils_dhcp_handler(int sd, void *eloop_ctx, void *sock_ctx)
|
||||
wpabuf_put_data(resp, "\xaa\xaa\x03\x00\x00\x00", 6);
|
||||
wpabuf_put_be16(resp, ETH_P_IP);
|
||||
iph = wpabuf_put(resp, sizeof(*iph));
|
||||
iph->version = 4;
|
||||
iph->ihl = sizeof(*iph) / 4;
|
||||
iph->tot_len = htons(sizeof(*iph) + sizeof(*udph) + (end - pos));
|
||||
iph->ttl = 1;
|
||||
iph->protocol = 17; /* UDP */
|
||||
iph->saddr = hapd->conf->dhcp_server.u.v4.s_addr;
|
||||
iph->daddr = dhcp->client_ip;
|
||||
iph->check = ip_checksum(iph, sizeof(*iph));
|
||||
iph->ip_v = 4;
|
||||
iph->ip_hl = sizeof(*iph) / 4;
|
||||
iph->ip_len = htons(sizeof(*iph) + sizeof(*udph) + (end - pos));
|
||||
iph->ip_ttl = 1;
|
||||
iph->ip_p = 17; /* UDP */
|
||||
iph->ip_src.s_addr = hapd->conf->dhcp_server.u.v4.s_addr;
|
||||
iph->ip_dst.s_addr = dhcp->client_ip;
|
||||
iph->ip_sum = ip_checksum(iph, sizeof(*iph));
|
||||
udph = wpabuf_put(resp, sizeof(*udph));
|
||||
udph->uh_sport = htons(DHCP_SERVER_PORT);
|
||||
udph->uh_dport = htons(DHCP_CLIENT_PORT);
|
||||
@ -479,13 +479,13 @@ static int fils_process_hlp_udp(struct hostapd_data *hapd,
|
||||
struct sta_info *sta, const u8 *dst,
|
||||
const u8 *pos, size_t len)
|
||||
{
|
||||
const struct iphdr *iph;
|
||||
const struct ip *iph;
|
||||
const struct udphdr *udph;
|
||||
u16 sport, dport, ulen;
|
||||
|
||||
if (len < sizeof(*iph) + sizeof(*udph))
|
||||
return 0;
|
||||
iph = (const struct iphdr *) pos;
|
||||
iph = (const struct ip *) pos;
|
||||
udph = (const struct udphdr *) (iph + 1);
|
||||
sport = ntohs(udph->uh_sport);
|
||||
dport = ntohs(udph->uh_dport);
|
||||
@ -510,24 +510,24 @@ static int fils_process_hlp_ip(struct hostapd_data *hapd,
|
||||
struct sta_info *sta, const u8 *dst,
|
||||
const u8 *pos, size_t len)
|
||||
{
|
||||
const struct iphdr *iph;
|
||||
u16 tot_len;
|
||||
const struct ip *iph;
|
||||
uint16_t ip_len;
|
||||
|
||||
if (len < sizeof(*iph))
|
||||
return 0;
|
||||
iph = (const struct iphdr *) pos;
|
||||
iph = (const struct ip *) pos;
|
||||
if (ip_checksum(iph, sizeof(*iph)) != 0) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"FILS: HLP request IPv4 packet had invalid header checksum - dropped");
|
||||
return 0;
|
||||
}
|
||||
tot_len = ntohs(iph->tot_len);
|
||||
if (tot_len > len)
|
||||
ip_len = ntohs(iph->ip_len);
|
||||
if (ip_len > len)
|
||||
return 0;
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"FILS: HLP request IPv4: saddr=%08x daddr=%08x protocol=%u",
|
||||
iph->saddr, iph->daddr, iph->protocol);
|
||||
switch (iph->protocol) {
|
||||
iph->ip_src.s_addr, iph->ip_dst.s_addr, iph->ip_p);
|
||||
switch (iph->ip_p) {
|
||||
case 17:
|
||||
return fils_process_hlp_udp(hapd, sta, dst, pos, len);
|
||||
}
|
||||
|
@ -39,7 +39,7 @@ struct dhcp_data {
|
||||
} STRUCT_PACKED;
|
||||
|
||||
struct bootp_pkt {
|
||||
struct iphdr iph;
|
||||
struct ip iph;
|
||||
struct udphdr udph;
|
||||
u8 op;
|
||||
u8 htype;
|
||||
|
@ -116,62 +116,62 @@ void rx_data_ip(struct wlantest *wt, const u8 *bssid, const u8 *sta_addr,
|
||||
const u8 *dst, const u8 *src, const u8 *data, size_t len,
|
||||
const u8 *peer_addr)
|
||||
{
|
||||
const struct iphdr *ip;
|
||||
const struct ip *ip;
|
||||
const u8 *payload;
|
||||
size_t plen;
|
||||
u16 frag_off, tot_len;
|
||||
uint16_t frag_off, ip_len;
|
||||
|
||||
ip = (const struct iphdr *) data;
|
||||
ip = (const struct ip *) data;
|
||||
if (len < sizeof(*ip))
|
||||
return;
|
||||
if (ip->version != 4) {
|
||||
if (ip->ip_v != 4) {
|
||||
if (hwsim_test_packet(data, len)) {
|
||||
add_note(wt, MSG_INFO, "hwsim_test package");
|
||||
return;
|
||||
}
|
||||
add_note(wt, MSG_DEBUG, "Unexpected IP protocol version %u in "
|
||||
"IPv4 packet (bssid=" MACSTR " str=" MACSTR
|
||||
" dst=" MACSTR ")", ip->version, MAC2STR(bssid),
|
||||
" dst=" MACSTR ")", ip->ip_v, MAC2STR(bssid),
|
||||
MAC2STR(src), MAC2STR(dst));
|
||||
return;
|
||||
}
|
||||
if (ip->ihl * 4 < sizeof(*ip)) {
|
||||
if (ip->ip_hl * 4 < sizeof(*ip)) {
|
||||
add_note(wt, MSG_DEBUG, "Unexpected IP header length %u in "
|
||||
"IPv4 packet (bssid=" MACSTR " str=" MACSTR
|
||||
" dst=" MACSTR ")", ip->ihl, MAC2STR(bssid),
|
||||
" dst=" MACSTR ")", ip->ip_hl, MAC2STR(bssid),
|
||||
MAC2STR(src), MAC2STR(dst));
|
||||
return;
|
||||
}
|
||||
if (ip->ihl * 4 > len) {
|
||||
if (ip->ip_hl * 4 > len) {
|
||||
add_note(wt, MSG_DEBUG, "Truncated IP header (ihl=%u len=%u) "
|
||||
"in IPv4 packet (bssid=" MACSTR " str=" MACSTR
|
||||
" dst=" MACSTR ")", ip->ihl, (unsigned) len,
|
||||
" dst=" MACSTR ")", ip->ip_hl, (unsigned) len,
|
||||
MAC2STR(bssid), MAC2STR(src), MAC2STR(dst));
|
||||
return;
|
||||
}
|
||||
|
||||
/* TODO: check header checksum in ip->check */
|
||||
/* TODO: check header checksum in ip->ip_sum */
|
||||
|
||||
frag_off = be_to_host16(ip->frag_off);
|
||||
frag_off = be_to_host16(ip->ip_off);
|
||||
if (frag_off & 0x1fff) {
|
||||
wpa_printf(MSG_EXCESSIVE, "IP fragment reassembly not yet "
|
||||
"supported");
|
||||
return;
|
||||
}
|
||||
|
||||
tot_len = be_to_host16(ip->tot_len);
|
||||
if (tot_len > len)
|
||||
ip_len = be_to_host16(ip->ip_len);
|
||||
if (ip_len > len)
|
||||
return;
|
||||
if (tot_len < len)
|
||||
len = tot_len;
|
||||
if (ip_len < len)
|
||||
len = ip_len;
|
||||
|
||||
payload = data + 4 * ip->ihl;
|
||||
plen = len - 4 * ip->ihl;
|
||||
payload = data + 4 * ip->ip_hl;
|
||||
plen = len - 4 * ip->ip_hl;
|
||||
|
||||
switch (ip->protocol) {
|
||||
switch (ip->ip_p) {
|
||||
case IPPROTO_ICMP:
|
||||
rx_data_icmp(wt, bssid, sta_addr, ip->daddr, ip->saddr,
|
||||
payload, plen, peer_addr);
|
||||
rx_data_icmp(wt, bssid, sta_addr, ip->ip_dst.s_addr,
|
||||
ip->ip_src.s_addr, payload, plen, peer_addr);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -231,43 +231,44 @@ static void process_udp(struct wlantest *wt, u32 dst, u32 src,
|
||||
|
||||
static void process_ipv4(struct wlantest *wt, const u8 *data, size_t len)
|
||||
{
|
||||
const struct iphdr *ip;
|
||||
const struct ip *ip;
|
||||
const u8 *payload;
|
||||
size_t plen;
|
||||
u16 frag_off, tot_len;
|
||||
uint16_t frag_off, ip_len;
|
||||
|
||||
if (len < sizeof(*ip))
|
||||
return;
|
||||
|
||||
ip = (const struct iphdr *) data;
|
||||
if (ip->version != 4)
|
||||
ip = (const struct ip *) data;
|
||||
if (ip->ip_v != 4)
|
||||
return;
|
||||
if (ip->ihl < 5)
|
||||
if (ip->ip_hl < 5)
|
||||
return;
|
||||
|
||||
/* TODO: check header checksum in ip->check */
|
||||
|
||||
frag_off = be_to_host16(ip->frag_off);
|
||||
frag_off = be_to_host16(ip->ip_off);
|
||||
if (frag_off & 0x1fff) {
|
||||
wpa_printf(MSG_EXCESSIVE, "IP fragment reassembly not yet "
|
||||
"supported");
|
||||
return;
|
||||
}
|
||||
|
||||
tot_len = be_to_host16(ip->tot_len);
|
||||
if (tot_len > len)
|
||||
ip_len = be_to_host16(ip->ip_len);
|
||||
if (ip_len > len)
|
||||
return;
|
||||
if (tot_len < len)
|
||||
len = tot_len;
|
||||
if (ip_len < len)
|
||||
len = ip_len;
|
||||
|
||||
payload = data + 4 * ip->ihl;
|
||||
plen = len - 4 * ip->ihl;
|
||||
payload = data + 4 * ip->ip_hl;
|
||||
plen = len - 4 * ip->ip_hl;
|
||||
if (payload + plen > data + len)
|
||||
return;
|
||||
|
||||
switch (ip->protocol) {
|
||||
switch (ip->ip_p) {
|
||||
case IPPROTO_UDP:
|
||||
process_udp(wt, ip->daddr, ip->saddr, payload, plen);
|
||||
process_udp(wt, ip->ip_dst.s_addr, ip->ip_src.s_addr,
|
||||
payload, plen);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -8964,7 +8964,7 @@ static void wpas_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
|
||||
{
|
||||
struct wpa_supplicant *wpa_s = ctx;
|
||||
const struct ether_header *eth;
|
||||
struct iphdr ip;
|
||||
struct ip ip;
|
||||
const u8 *pos;
|
||||
unsigned int i;
|
||||
char extra[30];
|
||||
@ -8980,14 +8980,13 @@ static void wpas_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
|
||||
os_memcpy(&ip, eth + 1, sizeof(ip));
|
||||
pos = &buf[sizeof(*eth) + sizeof(ip)];
|
||||
|
||||
if (ip.ihl != 5 || ip.version != 4 ||
|
||||
ntohs(ip.tot_len) > HWSIM_IP_LEN) {
|
||||
if (ip.ip_hl != 5 || ip.ip_v != 4 || ntohs(ip.ip_len) > HWSIM_IP_LEN) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"test data: RX - ignore unexpect IP header");
|
||||
return;
|
||||
}
|
||||
|
||||
for (i = 0; i < ntohs(ip.tot_len) - sizeof(ip); i++) {
|
||||
for (i = 0; i < ntohs(ip.ip_len) - sizeof(ip); i++) {
|
||||
if (*pos != (u8) i) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"test data: RX - ignore mismatching payload");
|
||||
@ -8996,8 +8995,8 @@ static void wpas_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
|
||||
pos++;
|
||||
}
|
||||
extra[0] = '\0';
|
||||
if (ntohs(ip.tot_len) != HWSIM_IP_LEN)
|
||||
os_snprintf(extra, sizeof(extra), " len=%d", ntohs(ip.tot_len));
|
||||
if (ntohs(ip.ip_len) != HWSIM_IP_LEN)
|
||||
os_snprintf(extra, sizeof(extra), " len=%d", ntohs(ip.ip_len));
|
||||
wpa_msg(wpa_s, MSG_INFO, "DATA-TEST-RX " MACSTR " " MACSTR "%s",
|
||||
MAC2STR(eth->ether_dhost), MAC2STR(eth->ether_shost), extra);
|
||||
}
|
||||
@ -9049,7 +9048,7 @@ static int wpas_ctrl_iface_data_test_tx(struct wpa_supplicant *wpa_s, char *cmd)
|
||||
u8 tos;
|
||||
u8 buf[2 + HWSIM_PACKETLEN];
|
||||
struct ether_header *eth;
|
||||
struct iphdr *ip;
|
||||
struct ip *ip;
|
||||
u8 *dpos;
|
||||
unsigned int i;
|
||||
size_t send_len = HWSIM_IP_LEN;
|
||||
@ -9088,17 +9087,17 @@ static int wpas_ctrl_iface_data_test_tx(struct wpa_supplicant *wpa_s, char *cmd)
|
||||
os_memcpy(eth->ether_dhost, dst, ETH_ALEN);
|
||||
os_memcpy(eth->ether_shost, src, ETH_ALEN);
|
||||
eth->ether_type = htons(ETHERTYPE_IP);
|
||||
ip = (struct iphdr *) (eth + 1);
|
||||
ip = (struct ip *) (eth + 1);
|
||||
os_memset(ip, 0, sizeof(*ip));
|
||||
ip->ihl = 5;
|
||||
ip->version = 4;
|
||||
ip->ttl = 64;
|
||||
ip->tos = tos;
|
||||
ip->tot_len = htons(send_len);
|
||||
ip->protocol = 1;
|
||||
ip->saddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
|
||||
ip->daddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
|
||||
ip->check = ipv4_hdr_checksum(ip, sizeof(*ip));
|
||||
ip->ip_hl = 5;
|
||||
ip->ip_v = 4;
|
||||
ip->ip_ttl = 64;
|
||||
ip->ip_tos = tos;
|
||||
ip->ip_len = htons(send_len);
|
||||
ip->ip_p = 1;
|
||||
ip->ip_src.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
|
||||
ip->ip_dst.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
|
||||
ip->ip_sum = ipv4_hdr_checksum(ip, sizeof(*ip));
|
||||
dpos = (u8 *) (ip + 1);
|
||||
for (i = 0; i < send_len - sizeof(*ip); i++)
|
||||
*dpos++ = i;
|
||||
|
Loading…
Reference in New Issue
Block a user