1b00ab754SHans Petter Selasky /*
2b00ab754SHans Petter Selasky * Copyright (c) 2002 - 2005 NetGroup, Politecnico di Torino (Italy)
3b00ab754SHans Petter Selasky * Copyright (c) 2005 - 2008 CACE Technologies, Davis (California)
4b00ab754SHans Petter Selasky * All rights reserved.
5b00ab754SHans Petter Selasky *
6b00ab754SHans Petter Selasky * Redistribution and use in source and binary forms, with or without
7b00ab754SHans Petter Selasky * modification, are permitted provided that the following conditions
8b00ab754SHans Petter Selasky * are met:
9b00ab754SHans Petter Selasky *
10b00ab754SHans Petter Selasky * 1. Redistributions of source code must retain the above copyright
11b00ab754SHans Petter Selasky * notice, this list of conditions and the following disclaimer.
12b00ab754SHans Petter Selasky * 2. Redistributions in binary form must reproduce the above copyright
13b00ab754SHans Petter Selasky * notice, this list of conditions and the following disclaimer in the
14b00ab754SHans Petter Selasky * documentation and/or other materials provided with the distribution.
15b00ab754SHans Petter Selasky * 3. Neither the name of the Politecnico di Torino, CACE Technologies
16b00ab754SHans Petter Selasky * nor the names of its contributors may be used to endorse or promote
17b00ab754SHans Petter Selasky * products derived from this software without specific prior written
18b00ab754SHans Petter Selasky * permission.
19b00ab754SHans Petter Selasky *
20b00ab754SHans Petter Selasky * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21b00ab754SHans Petter Selasky * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22b00ab754SHans Petter Selasky * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
23b00ab754SHans Petter Selasky * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
24b00ab754SHans Petter Selasky * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
25b00ab754SHans Petter Selasky * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
26b00ab754SHans Petter Selasky * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27b00ab754SHans Petter Selasky * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28b00ab754SHans Petter Selasky * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29b00ab754SHans Petter Selasky * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30b00ab754SHans Petter Selasky * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31b00ab754SHans Petter Selasky *
32b00ab754SHans Petter Selasky */
33b00ab754SHans Petter Selasky
34b00ab754SHans Petter Selasky #ifdef HAVE_CONFIG_H
35b00ab754SHans Petter Selasky #include <config.h>
36b00ab754SHans Petter Selasky #endif
37b00ab754SHans Petter Selasky
38b00ab754SHans Petter Selasky #include <string.h> /* for strlen(), ... */
39b00ab754SHans Petter Selasky #include <stdlib.h> /* for malloc(), free(), ... */
40b00ab754SHans Petter Selasky #include <stdarg.h> /* for functions with variable number of arguments */
41b00ab754SHans Petter Selasky #include <errno.h> /* for the errno variable */
42b00ab754SHans Petter Selasky #include "sockutils.h"
43b00ab754SHans Petter Selasky #include "portability.h"
44b00ab754SHans Petter Selasky #include "rpcap-protocol.h"
45b00ab754SHans Petter Selasky #include <pcap/pcap.h>
46b00ab754SHans Petter Selasky
47b00ab754SHans Petter Selasky /*
48b00ab754SHans Petter Selasky * This file contains functions used both by the rpcap client and the
49b00ab754SHans Petter Selasky * rpcap daemon.
50b00ab754SHans Petter Selasky */
51b00ab754SHans Petter Selasky
52b00ab754SHans Petter Selasky /*
53b00ab754SHans Petter Selasky * This function sends a RPCAP error to our peer.
54b00ab754SHans Petter Selasky *
55b00ab754SHans Petter Selasky * It has to be called when the main program detects an error.
56b00ab754SHans Petter Selasky * It will send to our peer the 'buffer' specified by the user.
57b00ab754SHans Petter Selasky * This function *does not* request a RPCAP CLOSE connection. A CLOSE
58b00ab754SHans Petter Selasky * command must be sent explicitly by the program, since we do not know
59b00ab754SHans Petter Selasky * whether the error can be recovered in some way or if it is a
60b00ab754SHans Petter Selasky * non-recoverable one.
61b00ab754SHans Petter Selasky *
62b00ab754SHans Petter Selasky * \param sock: the socket we are currently using.
63b00ab754SHans Petter Selasky *
64*6f9cba8fSJoseph Mingrone * \param ssl: if compiled with openssl, the optional ssl handler to use with the above socket.
65*6f9cba8fSJoseph Mingrone *
66b00ab754SHans Petter Selasky * \param ver: the protocol version we want to put in the reply.
67b00ab754SHans Petter Selasky *
68b00ab754SHans Petter Selasky * \param errcode: a integer which tells the other party the type of error
69b00ab754SHans Petter Selasky * we had.
70b00ab754SHans Petter Selasky *
71b00ab754SHans Petter Selasky * \param error: an user-allocated (and '0' terminated) buffer that contains
72b00ab754SHans Petter Selasky * the error description that has to be transmitted to our peer. The
73b00ab754SHans Petter Selasky * error message cannot be longer than PCAP_ERRBUF_SIZE.
74b00ab754SHans Petter Selasky *
75b00ab754SHans Petter Selasky * \param errbuf: a pointer to a user-allocated buffer (of size
76b00ab754SHans Petter Selasky * PCAP_ERRBUF_SIZE) that will contain the error message (in case there
77b00ab754SHans Petter Selasky * is one). It could be network problem.
78b00ab754SHans Petter Selasky *
79b00ab754SHans Petter Selasky * \return '0' if everything is fine, '-1' if some errors occurred. The
80b00ab754SHans Petter Selasky * error message is returned in the 'errbuf' variable.
81b00ab754SHans Petter Selasky */
82b00ab754SHans Petter Selasky int
rpcap_senderror(SOCKET sock,SSL * ssl,uint8 ver,unsigned short errcode,const char * error,char * errbuf)83*6f9cba8fSJoseph Mingrone rpcap_senderror(SOCKET sock, SSL *ssl, uint8 ver, unsigned short errcode, const char *error, char *errbuf)
84b00ab754SHans Petter Selasky {
85b00ab754SHans Petter Selasky char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data to be sent is buffered */
86b00ab754SHans Petter Selasky int sendbufidx = 0; /* index which keeps the number of bytes currently buffered */
87b00ab754SHans Petter Selasky uint16 length;
88b00ab754SHans Petter Selasky
89b00ab754SHans Petter Selasky length = (uint16)strlen(error);
90b00ab754SHans Petter Selasky
91b00ab754SHans Petter Selasky if (length > PCAP_ERRBUF_SIZE)
92b00ab754SHans Petter Selasky length = PCAP_ERRBUF_SIZE;
93b00ab754SHans Petter Selasky
94b00ab754SHans Petter Selasky rpcap_createhdr((struct rpcap_header *) sendbuf, ver, RPCAP_MSG_ERROR, errcode, length);
95b00ab754SHans Petter Selasky
96b00ab754SHans Petter Selasky if (sock_bufferize(NULL, sizeof(struct rpcap_header), NULL, &sendbufidx,
97b00ab754SHans Petter Selasky RPCAP_NETBUF_SIZE, SOCKBUF_CHECKONLY, errbuf, PCAP_ERRBUF_SIZE))
98b00ab754SHans Petter Selasky return -1;
99b00ab754SHans Petter Selasky
100b00ab754SHans Petter Selasky if (sock_bufferize(error, length, sendbuf, &sendbufidx,
101b00ab754SHans Petter Selasky RPCAP_NETBUF_SIZE, SOCKBUF_BUFFERIZE, errbuf, PCAP_ERRBUF_SIZE))
102b00ab754SHans Petter Selasky return -1;
103b00ab754SHans Petter Selasky
104*6f9cba8fSJoseph Mingrone if (sock_send(sock, ssl, sendbuf, sendbufidx, errbuf, PCAP_ERRBUF_SIZE) < 0)
105b00ab754SHans Petter Selasky return -1;
106b00ab754SHans Petter Selasky
107b00ab754SHans Petter Selasky return 0;
108b00ab754SHans Petter Selasky }
109b00ab754SHans Petter Selasky
110b00ab754SHans Petter Selasky /*
111b00ab754SHans Petter Selasky * This function fills in a structure of type rpcap_header.
112b00ab754SHans Petter Selasky *
113b00ab754SHans Petter Selasky * It is provided just because the creation of an rpcap header is a common
114b00ab754SHans Petter Selasky * task. It accepts all the values that appears into an rpcap_header, and
115b00ab754SHans Petter Selasky * it puts them in place using the proper hton() calls.
116b00ab754SHans Petter Selasky *
117b00ab754SHans Petter Selasky * \param header: a pointer to a user-allocated buffer which will contain
118b00ab754SHans Petter Selasky * the serialized header, ready to be sent on the network.
119b00ab754SHans Petter Selasky *
120b00ab754SHans Petter Selasky * \param ver: a value (in the host byte order) which will be placed into the
121b00ab754SHans Petter Selasky * header.ver field and that represents the protocol version number of the
122b00ab754SHans Petter Selasky * current message.
123b00ab754SHans Petter Selasky *
124b00ab754SHans Petter Selasky * \param type: a value (in the host byte order) which will be placed into the
125b00ab754SHans Petter Selasky * header.type field and that represents the type of the current message.
126b00ab754SHans Petter Selasky *
127b00ab754SHans Petter Selasky * \param value: a value (in the host byte order) which will be placed into
128b00ab754SHans Petter Selasky * the header.value field and that has a message-dependent meaning.
129b00ab754SHans Petter Selasky *
130b00ab754SHans Petter Selasky * \param length: a value (in the host by order) which will be placed into
131b00ab754SHans Petter Selasky * the header.length field, representing the payload length of the message.
132b00ab754SHans Petter Selasky *
133b00ab754SHans Petter Selasky * \return Nothing. The serialized header is returned into the 'header'
134b00ab754SHans Petter Selasky * variable.
135b00ab754SHans Petter Selasky */
136b00ab754SHans Petter Selasky void
rpcap_createhdr(struct rpcap_header * header,uint8 ver,uint8 type,uint16 value,uint32 length)137b00ab754SHans Petter Selasky rpcap_createhdr(struct rpcap_header *header, uint8 ver, uint8 type, uint16 value, uint32 length)
138b00ab754SHans Petter Selasky {
139b00ab754SHans Petter Selasky memset(header, 0, sizeof(struct rpcap_header));
140b00ab754SHans Petter Selasky
141b00ab754SHans Petter Selasky header->ver = ver;
142b00ab754SHans Petter Selasky header->type = type;
143b00ab754SHans Petter Selasky header->value = htons(value);
144b00ab754SHans Petter Selasky header->plen = htonl(length);
145b00ab754SHans Petter Selasky }
146b00ab754SHans Petter Selasky
147b00ab754SHans Petter Selasky /*
148b00ab754SHans Petter Selasky * Convert a message type to a string containing the type name.
149b00ab754SHans Petter Selasky */
150b00ab754SHans Petter Selasky static const char *requests[] =
151b00ab754SHans Petter Selasky {
152b00ab754SHans Petter Selasky NULL, /* not a valid message type */
153b00ab754SHans Petter Selasky "RPCAP_MSG_ERROR",
154b00ab754SHans Petter Selasky "RPCAP_MSG_FINDALLIF_REQ",
155b00ab754SHans Petter Selasky "RPCAP_MSG_OPEN_REQ",
156b00ab754SHans Petter Selasky "RPCAP_MSG_STARTCAP_REQ",
157b00ab754SHans Petter Selasky "RPCAP_MSG_UPDATEFILTER_REQ",
158b00ab754SHans Petter Selasky "RPCAP_MSG_CLOSE",
159b00ab754SHans Petter Selasky "RPCAP_MSG_PACKET",
160b00ab754SHans Petter Selasky "RPCAP_MSG_AUTH_REQ",
161b00ab754SHans Petter Selasky "RPCAP_MSG_STATS_REQ",
162b00ab754SHans Petter Selasky "RPCAP_MSG_ENDCAP_REQ",
163b00ab754SHans Petter Selasky "RPCAP_MSG_SETSAMPLING_REQ",
164b00ab754SHans Petter Selasky };
165b00ab754SHans Petter Selasky #define NUM_REQ_TYPES (sizeof requests / sizeof requests[0])
166b00ab754SHans Petter Selasky
167b00ab754SHans Petter Selasky static const char *replies[] =
168b00ab754SHans Petter Selasky {
169b00ab754SHans Petter Selasky NULL,
170b00ab754SHans Petter Selasky NULL, /* this would be a reply to RPCAP_MSG_ERROR */
171b00ab754SHans Petter Selasky "RPCAP_MSG_FINDALLIF_REPLY",
172b00ab754SHans Petter Selasky "RPCAP_MSG_OPEN_REPLY",
173b00ab754SHans Petter Selasky "RPCAP_MSG_STARTCAP_REPLY",
174b00ab754SHans Petter Selasky "RPCAP_MSG_UPDATEFILTER_REPLY",
175b00ab754SHans Petter Selasky NULL, /* this would be a reply to RPCAP_MSG_CLOSE */
176b00ab754SHans Petter Selasky NULL, /* this would be a reply to RPCAP_MSG_PACKET */
177b00ab754SHans Petter Selasky "RPCAP_MSG_AUTH_REPLY",
178b00ab754SHans Petter Selasky "RPCAP_MSG_STATS_REPLY",
179b00ab754SHans Petter Selasky "RPCAP_MSG_ENDCAP_REPLY",
180b00ab754SHans Petter Selasky "RPCAP_MSG_SETSAMPLING_REPLY",
181b00ab754SHans Petter Selasky };
182b00ab754SHans Petter Selasky #define NUM_REPLY_TYPES (sizeof replies / sizeof replies[0])
183b00ab754SHans Petter Selasky
184b00ab754SHans Petter Selasky const char *
rpcap_msg_type_string(uint8 type)185b00ab754SHans Petter Selasky rpcap_msg_type_string(uint8 type)
186b00ab754SHans Petter Selasky {
187b00ab754SHans Petter Selasky if (type & RPCAP_MSG_IS_REPLY) {
188b00ab754SHans Petter Selasky type &= ~RPCAP_MSG_IS_REPLY;
189b00ab754SHans Petter Selasky if (type >= NUM_REPLY_TYPES)
190b00ab754SHans Petter Selasky return NULL;
191b00ab754SHans Petter Selasky return replies[type];
192b00ab754SHans Petter Selasky } else {
193b00ab754SHans Petter Selasky if (type >= NUM_REQ_TYPES)
194b00ab754SHans Petter Selasky return NULL;
195b00ab754SHans Petter Selasky return requests[type];
196b00ab754SHans Petter Selasky }
197b00ab754SHans Petter Selasky }
198