1 #include "proto-sctp.h"
2 #include "proto-preprocess.h"
3 #include "masscan-status.h"
4 #include "output.h"
5 #include <stdio.h>
6 #include <stdlib.h>
7
8
9 #define CRC32C_POLY 0x1EDC6F41
10 #define CRC32C(c,d) (c=(c>>8)^crc_c[(c^(d))&0xFF])
11
12 static unsigned crc_c[256] =
13 {
14 0x00000000L, 0xF26B8303L, 0xE13B70F7L, 0x1350F3F4L,
15 0xC79A971FL, 0x35F1141CL, 0x26A1E7E8L, 0xD4CA64EBL,
16 0x8AD958CFL, 0x78B2DBCCL, 0x6BE22838L, 0x9989AB3BL,
17 0x4D43CFD0L, 0xBF284CD3L, 0xAC78BF27L, 0x5E133C24L,
18 0x105EC76FL, 0xE235446CL, 0xF165B798L, 0x030E349BL,
19 0xD7C45070L, 0x25AFD373L, 0x36FF2087L, 0xC494A384L,
20 0x9A879FA0L, 0x68EC1CA3L, 0x7BBCEF57L, 0x89D76C54L,
21 0x5D1D08BFL, 0xAF768BBCL, 0xBC267848L, 0x4E4DFB4BL,
22 0x20BD8EDEL, 0xD2D60DDDL, 0xC186FE29L, 0x33ED7D2AL,
23 0xE72719C1L, 0x154C9AC2L, 0x061C6936L, 0xF477EA35L,
24 0xAA64D611L, 0x580F5512L, 0x4B5FA6E6L, 0xB93425E5L,
25 0x6DFE410EL, 0x9F95C20DL, 0x8CC531F9L, 0x7EAEB2FAL,
26 0x30E349B1L, 0xC288CAB2L, 0xD1D83946L, 0x23B3BA45L,
27 0xF779DEAEL, 0x05125DADL, 0x1642AE59L, 0xE4292D5AL,
28 0xBA3A117EL, 0x4851927DL, 0x5B016189L, 0xA96AE28AL,
29 0x7DA08661L, 0x8FCB0562L, 0x9C9BF696L, 0x6EF07595L,
30 0x417B1DBCL, 0xB3109EBFL, 0xA0406D4BL, 0x522BEE48L,
31 0x86E18AA3L, 0x748A09A0L, 0x67DAFA54L, 0x95B17957L,
32 0xCBA24573L, 0x39C9C670L, 0x2A993584L, 0xD8F2B687L,
33 0x0C38D26CL, 0xFE53516FL, 0xED03A29BL, 0x1F682198L,
34 0x5125DAD3L, 0xA34E59D0L, 0xB01EAA24L, 0x42752927L,
35 0x96BF4DCCL, 0x64D4CECFL, 0x77843D3BL, 0x85EFBE38L,
36 0xDBFC821CL, 0x2997011FL, 0x3AC7F2EBL, 0xC8AC71E8L,
37 0x1C661503L, 0xEE0D9600L, 0xFD5D65F4L, 0x0F36E6F7L,
38 0x61C69362L, 0x93AD1061L, 0x80FDE395L, 0x72966096L,
39 0xA65C047DL, 0x5437877EL, 0x4767748AL, 0xB50CF789L,
40 0xEB1FCBADL, 0x197448AEL, 0x0A24BB5AL, 0xF84F3859L,
41 0x2C855CB2L, 0xDEEEDFB1L, 0xCDBE2C45L, 0x3FD5AF46L,
42 0x7198540DL, 0x83F3D70EL, 0x90A324FAL, 0x62C8A7F9L,
43 0xB602C312L, 0x44694011L, 0x5739B3E5L, 0xA55230E6L,
44 0xFB410CC2L, 0x092A8FC1L, 0x1A7A7C35L, 0xE811FF36L,
45 0x3CDB9BDDL, 0xCEB018DEL, 0xDDE0EB2AL, 0x2F8B6829L,
46 0x82F63B78L, 0x709DB87BL, 0x63CD4B8FL, 0x91A6C88CL,
47 0x456CAC67L, 0xB7072F64L, 0xA457DC90L, 0x563C5F93L,
48 0x082F63B7L, 0xFA44E0B4L, 0xE9141340L, 0x1B7F9043L,
49 0xCFB5F4A8L, 0x3DDE77ABL, 0x2E8E845FL, 0xDCE5075CL,
50 0x92A8FC17L, 0x60C37F14L, 0x73938CE0L, 0x81F80FE3L,
51 0x55326B08L, 0xA759E80BL, 0xB4091BFFL, 0x466298FCL,
52 0x1871A4D8L, 0xEA1A27DBL, 0xF94AD42FL, 0x0B21572CL,
53 0xDFEB33C7L, 0x2D80B0C4L, 0x3ED04330L, 0xCCBBC033L,
54 0xA24BB5A6L, 0x502036A5L, 0x4370C551L, 0xB11B4652L,
55 0x65D122B9L, 0x97BAA1BAL, 0x84EA524EL, 0x7681D14DL,
56 0x2892ED69L, 0xDAF96E6AL, 0xC9A99D9EL, 0x3BC21E9DL,
57 0xEF087A76L, 0x1D63F975L, 0x0E330A81L, 0xFC588982L,
58 0xB21572C9L, 0x407EF1CAL, 0x532E023EL, 0xA145813DL,
59 0x758FE5D6L, 0x87E466D5L, 0x94B49521L, 0x66DF1622L,
60 0x38CC2A06L, 0xCAA7A905L, 0xD9F75AF1L, 0x2B9CD9F2L,
61 0xFF56BD19L, 0x0D3D3E1AL, 0x1E6DCDEEL, 0xEC064EEDL,
62 0xC38D26C4L, 0x31E6A5C7L, 0x22B65633L, 0xD0DDD530L,
63 0x0417B1DBL, 0xF67C32D8L, 0xE52CC12CL, 0x1747422FL,
64 0x49547E0BL, 0xBB3FFD08L, 0xA86F0EFCL, 0x5A048DFFL,
65 0x8ECEE914L, 0x7CA56A17L, 0x6FF599E3L, 0x9D9E1AE0L,
66 0xD3D3E1ABL, 0x21B862A8L, 0x32E8915CL, 0xC083125FL,
67 0x144976B4L, 0xE622F5B7L, 0xF5720643L, 0x07198540L,
68 0x590AB964L, 0xAB613A67L, 0xB831C993L, 0x4A5A4A90L,
69 0x9E902E7BL, 0x6CFBAD78L, 0x7FAB5E8CL, 0x8DC0DD8FL,
70 0xE330A81AL, 0x115B2B19L, 0x020BD8EDL, 0xF0605BEEL,
71 0x24AA3F05L, 0xD6C1BC06L, 0xC5914FF2L, 0x37FACCF1L,
72 0x69E9F0D5L, 0x9B8273D6L, 0x88D28022L, 0x7AB90321L,
73 0xAE7367CAL, 0x5C18E4C9L, 0x4F48173DL, 0xBD23943EL,
74 0xF36E6F75L, 0x0105EC76L, 0x12551F82L, 0xE03E9C81L,
75 0x34F4F86AL, 0xC69F7B69L, 0xD5CF889DL, 0x27A40B9EL,
76 0x79B737BAL, 0x8BDCB4B9L, 0x988C474DL, 0x6AE7C44EL,
77 0xBE2DA0A5L, 0x4C4623A6L, 0x5F16D052L, 0xAD7D5351L,
78 };
79
80
81
82
83
84 unsigned
sctp_checksum(const void * vbuffer,size_t length)85 sctp_checksum(const void *vbuffer, size_t length)
86 {
87 const unsigned char *buffer = (const unsigned char *)vbuffer;
88 unsigned i;
89 unsigned crc32 = (unsigned)~0;
90 unsigned result;
91 unsigned char byte0,byte1,byte2,byte3;
92
93 for (i = 0; i < 8; i++) {
94 CRC32C(crc32, buffer[i]);
95 }
96
97 CRC32C(crc32, 0);
98 CRC32C(crc32, 0);
99 CRC32C(crc32, 0);
100 CRC32C(crc32, 0);
101
102 for (i = 12; i < length; i++) {
103 CRC32C(crc32, buffer[i]);
104 }
105 result = ~crc32;
106
107 /* result now holds the negated polynomial remainder;
108 * since the table and algorithm is "reflected" [williams95].
109 * That is, result has the same value as if we mapped the message
110 * to a polynomial, computed the host-bit-order polynomial
111 * remainder, performed final negation, then did an end-for-end
112 * bit-reversal.
113 * Note that a 32-bit bit-reversal is identical to four inplace
114 * 8-bit reversals followed by an end-for-end byteswap.
115 * In other words, the bytes of each bit are in the right order,
116 * but the bytes have been byteswapped. So we now do an explicit
117 * byteswap. On a little-endian machine, this byteswap and
118 * the final ntohl cancel out and could be elided.
119 */
120
121 byte0 = result & 0xff;
122 byte1 = (result>>8) & 0xff;
123 byte2 = (result>>16) & 0xff;
124 byte3 = (result>>24) & 0xff;
125
126 crc32 = ((byte0 << 24) |
127 (byte1 << 16) |
128 (byte2 << 8) |
129 byte3);
130 return ( crc32 );
131 }
132
133
134 /*****************************************************************************
135 *****************************************************************************/
136 void
handle_sctp(struct Output * out,time_t timestamp,const unsigned char * px,unsigned length,unsigned cookie,struct PreprocessedInfo * parsed,uint64_t entropy)137 handle_sctp(struct Output *out, time_t timestamp,
138 const unsigned char *px, unsigned length,
139 unsigned cookie,
140 struct PreprocessedInfo *parsed,
141 uint64_t entropy)
142 {
143 ipaddress ip_them = parsed->src_ip;
144 unsigned port_them = parsed->port_src;
145 unsigned verification_tag;
146 unsigned offset = parsed->transport_offset;
147
148 UNUSEDPARM(entropy);
149
150 verification_tag = px[offset + 4] << 24 | px[offset + 5] << 16 |
151 px[offset + 6] << 8 | px[offset + 7];
152 if (cookie != verification_tag)
153 return;
154
155 if (offset + 16 > length)
156 return;
157
158 switch (px[offset + 12]) {
159 case 2: /* init ack */
160 output_report_status(
161 out,
162 timestamp,
163 PortStatus_Open,
164 ip_them,
165 132, /* ip proto = sctp */
166 port_them,
167 0,
168 parsed->ip_ttl,
169 parsed->mac_src);
170 break;
171 case 6: /* abort */
172 output_report_status(
173 out,
174 timestamp,
175 PortStatus_Closed,
176 ip_them,
177 132, /* ip proto = sctp */
178 port_them,
179 0,
180 parsed->ip_ttl,
181 parsed->mac_src);
182 break;
183 default:
184 ;
185 }
186
187
188
189 }
190
191
192 /*****************************************************************************
193 *****************************************************************************/
194 int
sctp_selftest(void)195 sctp_selftest(void)
196 {
197 const char testcase[] =
198 "\xd1\x60\x00\x50\x00\x00\x00\x00\x58\xe4\x5d\x36\x01\x00\x00\x14"
199 "\x9e\x8d\x52\x25\x00\x00\x80\x00\x00\x0a\x08\x00\x46\x1a\xdf\x3d";
200
201 unsigned xsum;
202
203 xsum = sctp_checksum(testcase, 32);
204
205 if (xsum != 0x58e45d36)
206 return 1;
207
208 return 0;
209 }
210