1 /*
2 ettercap -- IP address management
3
4 Copyright (C) ALoR & NaGA
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19
20 */
21
22 #include <ec.h>
23 #include <ec_inet.h>
24 #include <ec_ui.h>
25
26 /* prototypes */
27
28 static const char *inet_ntop4(const u_char *src, char *dst, size_t size);
29 static const char *inet_ntop6(const u_char *src, char *dst, size_t size);
30
31 /***********************************************************************/
32
33 /*
34 * creates a structure from a buffer
35 */
ip_addr_init(struct ip_addr * sa,u_int16 type,u_char * addr)36 int ip_addr_init(struct ip_addr *sa, u_int16 type, u_char *addr)
37 {
38 /* the version of the IP packet */
39 sa->addr_type = htons(type);
40 /* wipe the buffer */
41 memset(sa->addr, 0, MAX_IP_ADDR_LEN);
42
43 switch (type) {
44 case AF_INET:
45 sa->addr_len = htons(IP_ADDR_LEN);
46 break;
47 case AF_INET6:
48 sa->addr_len = htons(IP6_ADDR_LEN);
49 break;
50 default:
51 /* wipe the struct */
52 memset(sa, 0, sizeof(struct ip_addr));
53 BUG("Invalid ip_addr type");
54 return -E_INVALID;
55 }
56
57 memcpy(&sa->addr, addr, ntohs(sa->addr_len));
58
59 return E_SUCCESS;
60 };
61
62 /*
63 * copy the address in a buffer
64 */
ip_addr_cpy(u_char * addr,struct ip_addr * sa)65 int ip_addr_cpy(u_char *addr, struct ip_addr *sa)
66 {
67 memcpy(addr, &sa->addr, ntohs(sa->addr_len));
68
69 return E_SUCCESS;
70 }
71
72 /*
73 * compare two ip_addr structure.
74 */
ip_addr_cmp(struct ip_addr * sa,struct ip_addr * sb)75 int ip_addr_cmp(struct ip_addr *sa, struct ip_addr *sb)
76 {
77 if (!sa || !sb)
78 return -E_INVALID;
79
80 /* different type are incompatible */
81 if (sa->addr_type != sb->addr_type)
82 return -E_INVALID;
83
84 return memcmp(sa->addr, sb->addr, ntohs(sa->addr_len));
85
86 }
87
88 /*
89 * returns 0 if the ip address is IPv4 or IPv6
90 */
ip_addr_null(struct ip_addr * sa)91 int ip_addr_null(struct ip_addr *sa)
92 {
93 if (ntohs(sa->addr_type) == AF_INET || ntohs(sa->addr_type) == AF_INET6)
94 return 0;
95
96 return 1;
97 }
98
99 /*
100 * return true if an ip address is 0.0.0.0 or invalid
101 */
ip_addr_is_zero(struct ip_addr * sa)102 int ip_addr_is_zero(struct ip_addr *sa)
103 {
104 switch (ntohs(sa->addr_type)) {
105 case AF_INET:
106 if (memcmp(sa->addr, "\x00\x00\x00\x00", IP_ADDR_LEN))
107 return 0;
108 break;
109 case AF_INET6:
110 if (memcmp(sa->addr, "\x00\x00\x00\x00\x00\x00\x00\x00"
111 "\x00\x00\x00\x00\x00\x00\x00\x00", IP6_ADDR_LEN))
112 return 0;
113 break;
114 };
115
116 return 1;
117 }
118
119 /*
120 * generates a random link-local ip address
121 * returns E_SUCCESS or -E_INVALID if address family is unkown
122 */
ip_addr_random(struct ip_addr * ip,u_int16 type)123 int ip_addr_random(struct ip_addr* ip, u_int16 type)
124 {
125 /* generate a random 32-bit number */
126 srand(time(NULL));
127 u_int32 r = rand();
128 u_int32 h1 = r | 0x02000000;
129 u_int32 h2 = ~r;
130
131 switch (type) {
132 case AF_INET:
133 ip->addr_type = htons(type);
134 ip->addr_len = IP_ADDR_LEN;
135 memset(ip->addr, 0, IP_ADDR_LEN);
136 memcpy(ip->addr, "\xa9\xfe", 2); /* 169.254/16 */
137 memcpy(ip->addr + 2, (u_char*)&r, 2);
138 break;
139
140 case AF_INET6:
141 ip->addr_type = htons(type);
142 ip->addr_len = IP6_ADDR_LEN;
143 memset(ip->addr, 0, IP6_ADDR_LEN);
144 memcpy(ip->addr, "\xfe\x80\x00\x00", 4);
145 memcpy(ip->addr + 4, "\x00\x00\x00\x00", 4);
146 memcpy(ip->addr + 8, (u_char*)&h1, 4);
147 memcpy(ip->addr + 12, (u_char*)&h2, 4);
148 memcpy(ip->addr + 11, "\xff\xfe", 2);
149 break;
150
151 default:
152 return -E_INVALID;
153
154 }
155 return E_SUCCESS;
156 }
157
158 /*
159 * initialize a solicited-node IPv6 and link-layer address from a
160 * given ip address.
161 *
162 * returns E_SUCCESS on success or -E_INVALID in case of a unsupported
163 * address familily (actually only IPv6 is supported)
164 */
ip_addr_init_sol(struct ip_addr * sn,struct ip_addr * ip,u_int8 * tmac)165 int ip_addr_init_sol(struct ip_addr* sn, struct ip_addr* ip, u_int8 *tmac)
166 {
167 switch (ntohs(ip->addr_type)) {
168 case AF_INET:
169 (void) sn;
170 (void) tmac;
171 /* not applicable for IPv4 */
172 break;
173 #ifdef WITH_IPV6
174 case AF_INET6:
175 /*
176 * initialize the ip_addr struct with the solicited-node
177 * multicast prefix and copy the tailing 24-bit into the
178 * address to form the complete solicited-node address
179 */
180 ip_addr_init(sn, AF_INET6, (u_char*)IP6_SOL_NODE);
181 memcpy((sn->addr + 13), (ip->addr + 13), 3);
182
183 /*
184 * initialize the MAC address derived from the solicited
185 * node multicast IPv6 address by overwriting the tailing
186 * 32-bit of the all-nodes link-layer multicast address for IPv6
187 */
188 memcpy(tmac, LLA_IP6_ALLNODES_MULTICAST, MEDIA_ADDR_LEN);
189 memcpy((tmac + 2), (sn->addr + 12), 4);
190
191
192 return E_SUCCESS;
193 break;
194 #endif
195 }
196
197 return -E_INVALID;
198 }
199
200
201 /*
202 * convert to ascii an ip address
203 */
ip_addr_ntoa(struct ip_addr * sa,char * dst)204 char * ip_addr_ntoa(struct ip_addr *sa, char *dst)
205 {
206
207 switch (ntohs(sa->addr_type)) {
208 case AF_INET:
209 inet_ntop4(sa->addr, dst, IP_ASCII_ADDR_LEN);
210 return dst;
211 break;
212 case AF_INET6:
213 inet_ntop6(sa->addr, dst, IP6_ASCII_ADDR_LEN);
214 return dst;
215 break;
216 };
217
218 return "invalid";
219 }
220
221 const char *
inet_ntop4(const u_char * src,char * dst,size_t size)222 inet_ntop4(const u_char *src, char *dst, size_t size)
223 {
224 char str[IP_ASCII_ADDR_LEN];
225 int n;
226
227 n = snprintf(str, IP_ASCII_ADDR_LEN, "%u.%u.%u.%u", src[0], src[1], src[2], src[3]);
228
229 str[n] = '\0';
230
231 strncpy(dst, str, size);
232
233 return dst;
234 }
235
236 const char *
inet_ntop6(const u_char * src,char * dst,size_t size)237 inet_ntop6(const u_char *src, char *dst, size_t size)
238 {
239 /*
240 * Note that int32_t and int16_t need only be "at least" large enough
241 * to contain a value of the specified size. On some systems, like
242 * Crays, there is no such thing as an integer variable with 16 bits.
243 * Keep this in mind if you think this function should have been coded
244 * to use pointer overlays. All the world's not a VAX.
245 */
246 char tmp[IP6_ASCII_ADDR_LEN], *tp;
247 struct { int base, len; } best, cur;
248 u_int words[NS_IN6ADDRSZ / NS_INT16SZ];
249 int i;
250
251 best.len = 0;
252 cur.len = 0;
253
254 /*
255 * Preprocess:
256 * Copy the input (bytewise) array into a wordwise array.
257 * Find the longest run of 0x00's in src[] for :: shorthanding.
258 */
259 memset(words, '\0', sizeof words);
260 for (i = 0; i < NS_IN6ADDRSZ; i += 2)
261 words[i / 2] = (src[i] << 8) | src[i + 1];
262 best.base = -1;
263 cur.base = -1;
264 for (i = 0; i < (NS_IN6ADDRSZ / NS_INT16SZ); i++) {
265 if (words[i] == 0) {
266 if (cur.base == -1)
267 cur.base = i, cur.len = 1;
268 else
269 cur.len++;
270 } else {
271 if (cur.base != -1) {
272 if (best.base == -1 || cur.len > best.len)
273 best = cur;
274 cur.base = -1;
275 }
276 }
277 }
278 if (cur.base != -1) {
279 if (best.base == -1 || cur.len > best.len)
280 best = cur;
281 }
282 if (best.base != -1 && best.len < 2)
283 best.base = -1;
284
285 /*
286 * Format the result.
287 */
288 tp = tmp;
289 for (i = 0; i < (NS_IN6ADDRSZ / NS_INT16SZ); i++) {
290 /* Are we inside the best run of 0x00's? */
291 if (best.base != -1 && i >= best.base &&
292 i < (best.base + best.len)) {
293 if (i == best.base)
294 *tp++ = ':';
295 continue;
296 }
297 /* Are we following an initial run of 0x00s or any real hex? */
298 if (i != 0)
299 *tp++ = ':';
300 /* Is this address an encapsulated IPv4? */
301 if (i == 6 && best.base == 0 &&
302 (best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
303 if (inet_ntop4(src+12, tp, IP_ASCII_ADDR_LEN) != 0)
304 return (NULL);
305 tp += strlen(tp);
306 break;
307 }
308 tp += sprintf(tp, "%x", words[i]);
309 }
310 /* Was it a trailing run of 0x00's? */
311 if (best.base != -1 && (best.base + best.len) ==
312 (NS_IN6ADDRSZ / NS_INT16SZ))
313 *tp++ = ':';
314 *tp++ = '\0';
315
316 /*
317 * Check for overflow, copy, and we're done.
318 */
319 if ((size_t)(tp - tmp) > size) {
320 __set_errno (ENOSPC);
321 return (NULL);
322 }
323
324 strncpy(dst, tmp, size);
325
326 return dst;
327 }
328
329 /* Converts character string to IP address if possible */
ip_addr_pton(char * str,struct ip_addr * addr)330 int ip_addr_pton(char *str, struct ip_addr *addr)
331 {
332 struct in_addr inaddr;
333 #ifdef WITH_IPV6
334 struct in6_addr in6addr;
335 #endif
336
337 if(inet_pton(AF_INET, str, &inaddr) == 1) { /* try IPv4 */
338 ip_addr_init(addr, AF_INET, (u_char*)&inaddr);
339 return E_SUCCESS;
340 }
341 #ifdef WITH_IPV6
342 else if (inet_pton(AF_INET6, str, &in6addr) == 1) { /* try IPv6 */
343 ip_addr_init(addr, AF_INET6, (u_char*)&in6addr);
344 return E_SUCCESS;
345 }
346 #endif
347 else {
348 return -E_INVALID;
349 }
350 }
351
352 /*
353 * convert a MAC address to a human readable form
354 */
mac_addr_ntoa(u_char * mac,char * dst)355 char *mac_addr_ntoa(u_char *mac, char *dst)
356 {
357 char str[ETH_ASCII_ADDR_LEN];
358 int n;
359
360 n = snprintf(str, ETH_ASCII_ADDR_LEN, "%02X:%02X:%02X:%02X:%02X:%02X",
361 mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
362
363 str[n] = '\0';
364
365 strncpy(dst, str, ETH_ASCII_ADDR_LEN);
366
367 return dst;
368
369 }
370
371 /*
372 * convert a string to a u_char mac[6]
373 */
mac_addr_aton(char * str,u_char * mac)374 int mac_addr_aton(char *str, u_char *mac)
375 {
376 int i;
377 u_int tmp[MEDIA_ADDR_LEN];
378
379 i = sscanf(str, "%02X:%02X:%02X:%02X:%02X:%02X",
380 (u_int *)&tmp[0], (u_int *)&tmp[1], (u_int *)&tmp[2],
381 (u_int *)&tmp[3], (u_int *)&tmp[4], (u_int *)&tmp[5]);
382
383 /* incorrect parsing */
384 if (i != MEDIA_ADDR_LEN) {
385 memset(mac, 0, MEDIA_ADDR_LEN);
386 return 0;
387 }
388
389 for (i = 0; i < MEDIA_ADDR_LEN; i++)
390 mac[i] = (u_char)tmp[i];
391
392 return i;
393 }
394
395 /*
396 * returns 1 if the ip is a Global Unicast
397 * returns 0 if not
398 * returns -E_INVALID if address family is unknown
399 */
ip_addr_is_global(struct ip_addr * ip)400 int ip_addr_is_global(struct ip_addr *ip)
401 {
402
403 switch (ntohs(ip->addr_type)) {
404 case AF_INET:
405 /* Global for IPv4 means not status "RESERVED" by IANA */
406 if (
407 *ip->addr != 0x0 && /* not 0/8 */
408 *ip->addr != 0x7f && /* not 127/8 */
409 *ip->addr != 0x0a && /* not 10/8 */
410 (ntohs(*ip->addr16) & 0xfff0) != 0xac10 && /* not 172.16/12 */
411 ntohs(*ip->addr16) != 0xc0a8 && /* not 192.168/16 */
412 !ip_addr_is_multicast(ip) /* not 224/3 */
413 )
414 return 1;
415 break;
416 case AF_INET6:
417 /*
418 * as IANA does not appy masks > 8-bit for Global Unicast block,
419 * only the first 8-bit are significant for this test.
420 */
421 if ((*ip->addr & 0xe0) == 0x20) {
422 /*
423 * This may be extended in future as IANA assigns further ranges
424 * to Global Unicast
425 */
426 return 1;
427 }
428 break;
429 default:
430 return -E_INVALID;
431 }
432
433 return 0;
434 }
435
436 /*
437 * returns 1 if the ip is multicast
438 * returns 0 if not
439 * returns -E_INVALID if address family is unknown
440 */
ip_addr_is_multicast(struct ip_addr * ip)441 int ip_addr_is_multicast(struct ip_addr *ip)
442 {
443
444 switch(ntohs(ip->addr_type)) {
445 case AF_INET:
446 if ((*ip->addr & 0xf0) == 0xe0)
447 return 1;
448 break;
449
450 case AF_INET6:
451 if ((*ip->addr & 0xff) == 0xff)
452 return 1;
453 break;
454
455 default:
456 return -E_INVALID;
457 }
458 return 0;
459 }
460
461 /*
462 * returns E_SUCCESS if the ip is broadcast
463 * returns -E_NOTFOUND if not
464 */
ip_addr_is_broadcast(struct ip_addr * sa)465 int ip_addr_is_broadcast(struct ip_addr *sa)
466 {
467 struct ip_addr *nw;
468 struct ip_addr *nm;
469
470 u_int32* address;
471 u_int32* netmask;
472 u_int32* network;
473 u_int32 broadcast;
474
475 switch(ntohs(sa->addr_type)) {
476 case AF_INET:
477 if(!EC_GBL_IFACE->has_ipv4)
478 return -E_INVALID;
479 nm = &EC_GBL_IFACE->netmask;
480 nw = &EC_GBL_IFACE->network;
481
482 /* 255.255.255.255 is definitely broadcast */
483 if(!memcmp(sa->addr, "\xff\xff\xff\xff", IP_ADDR_LEN))
484 return E_SUCCESS;
485
486 address = sa->addr32;
487 netmask = nm->addr32;
488 network = nw->addr32;
489
490 broadcast = (*network) | ~(*netmask);
491
492 if (broadcast == *address)
493 return E_SUCCESS;
494
495 break;
496 case AF_INET6:
497 if(!EC_GBL_IFACE->has_ipv6)
498 return -E_INVALID;
499
500 /* IPv6 has no such thing as a broadcast address. The closest
501 * equivalent is the multicast address ff02::1. Packets sent to that
502 * address are delivered to all link-local nodes.
503 */
504 if(!memcmp(sa->addr, IP6_ALL_NODES, IP6_ADDR_LEN))
505 return E_SUCCESS;
506
507 break;
508 }
509
510 return -E_NOTFOUND;
511 }
512
513 /*
514 * returns E_SUCCESS if the ip address is local.
515 * returns -E_NOTFOUND if it is non local.
516 * the choice is make reading the EC_GBL_IFACE infos
517 *
518 * if the EC_GBL_IFACE is not filled (while reading from files)
519 * returns -E_INVALID.
520 */
ip_addr_is_local(struct ip_addr * sa,struct ip_addr * ifaddr)521 int ip_addr_is_local(struct ip_addr *sa, struct ip_addr *ifaddr)
522 {
523 struct ip_addr *nm;
524 struct ip_addr *nw;
525 struct net_list* ip6;
526 u_int32* address;
527 u_int32* netmask;
528 u_int32* network;
529 unsigned int i, matched = 0;
530
531
532 switch (ntohs(sa->addr_type)) {
533 case AF_INET:
534 nm = &EC_GBL_IFACE->netmask;
535 nw = &EC_GBL_IFACE->network;
536 /* the address 0.0.0.0 is used by DHCP and it is local for us*/
537 if ( !memcmp(&sa->addr, "\x00\x00\x00\x00", ntohs(sa->addr_len)) )
538 return E_SUCCESS;
539
540 /* make a check on EC_GBL_IFACE (is it initialized ?) */
541 if ( !memcmp(&nw->addr, "\x00\x00\x00\x00", ntohs(sa->addr_len)) )
542 /* return UNKNOWN */
543 return -E_INVALID;
544
545 address = sa->addr32;
546 netmask = nm->addr32;
547 network = nw->addr32;
548 /* check if it is local */
549 if ((*address & *netmask) == *network) {
550 if(ifaddr != NULL)
551 memcpy(ifaddr, &EC_GBL_IFACE->ip, sizeof(*ifaddr));
552 return E_SUCCESS;
553 }
554 break;
555 case AF_INET6:
556 if(!EC_GBL_IFACE->has_ipv6)
557 return -E_INVALID;
558 LIST_FOREACH(ip6, &EC_GBL_IFACE->ip6_list, next) {
559 nm = &ip6->netmask;
560 nw = &ip6->network;
561 address = sa->addr32;
562 netmask = nm->addr32;
563 network = nw->addr32;
564
565
566 for(i = 0; i < IP6_ADDR_LEN / sizeof(u_int32); i++) {
567 if (netmask[i] == 0) { /* no need to check further */
568 break;
569 }
570 else if((address[i] & netmask[i]) != network[i]) {
571 matched = 0;
572 break;
573 }
574 else {
575 matched = 1;
576 }
577 }
578
579 if(ifaddr != NULL)
580 memcpy(ifaddr, &ip6->ip, sizeof(*ifaddr));
581
582 if (matched)
583 return E_SUCCESS;
584 }
585
586 break;
587 };
588
589 return -E_NOTFOUND;
590 }
591
ip_addr_is_ours(struct ip_addr * ip)592 int ip_addr_is_ours(struct ip_addr *ip)
593 {
594 struct net_list *i;
595 switch(ntohs(ip->addr_type)) {
596 case AF_INET:
597 if(!ip_addr_cmp(ip, &EC_GBL_IFACE->ip))
598 return E_FOUND;
599 else if(!ip_addr_cmp(ip, &EC_GBL_BRIDGE->ip))
600 return E_BRIDGE;
601 else
602 return -E_NOTFOUND;
603 break;
604
605 case AF_INET6:
606 LIST_FOREACH(i, &EC_GBL_IFACE->ip6_list, next) {
607 if(!ip_addr_cmp(ip, &i->ip))
608 return E_FOUND;
609 }
610 return -E_NOTFOUND;
611 }
612
613 return -E_INVALID;
614 }
615
ip_addr_get_network(struct ip_addr * ip,struct ip_addr * netmask,struct ip_addr * network)616 int ip_addr_get_network(struct ip_addr *ip, struct ip_addr *netmask, struct ip_addr *network)
617 {
618 u_int32 ip4;
619 u_int32 ip6[IP6_ADDR_LEN / sizeof(u_int32)];
620
621 if(ntohs(ip->addr_type) != ntohs(netmask->addr_type))
622 return -E_INVALID;
623
624 switch(ntohs(ip->addr_type)) {
625 case AF_INET:
626 ip4 = *ip->addr32 & *netmask->addr32;
627 ip_addr_init(network, AF_INET, (u_char*)&ip4);
628 break;
629 case AF_INET6:
630 ip6[0] = ip->addr32[0] & netmask->addr32[0];
631 ip6[1] = ip->addr32[1] & netmask->addr32[1];
632 ip6[2] = ip->addr32[2] & netmask->addr32[2];
633 ip6[3] = ip->addr32[3] & netmask->addr32[3];
634 ip_addr_init(network, AF_INET6, (u_char*)&ip6);
635 break;
636 default:
637 BUG("Invalid addr_type");
638 return -E_INVALID;
639 break;
640 }
641 return E_SUCCESS;
642 }
643
ip_addr_get_prefix(struct ip_addr * netmask)644 int ip_addr_get_prefix(struct ip_addr* netmask)
645 {
646 size_t s;
647 unsigned int i;
648 int prefix = 0;
649 u_int32* mask;
650 u_int32 x;
651
652 s = ntohs(netmask->addr_len) / sizeof(u_int32);
653
654 mask = netmask->addr32;
655
656 for(i = 0; i < s; i++) {
657 x = mask[i];
658 x -= (x >> 1) & 0x55555555;
659 x = (x & 0x33333333) + ((x >> 2) & 0x33333333);
660 prefix += (((x + (x >> 4)) & 0xf0f0f0f) * 0x1010101) >> 24;
661 }
662
663 return prefix;
664 }
665
666 /* EOF */
667
668 // vim:ts=3:expandtab
669
670