tcpip.cc

Ubuntu packages of security software。 相当不错的源码

/***************************************************************************
 * tcpip.cc -- Various functions relating to low level TCP/IP handling,    *
 * including sending raw packets, routing, printing packets, reading from  *
 * libpcap, etc.                                                           *
 *                                                                         *
 ***********************IMPORTANT NMAP LICENSE TERMS************************
 *                                                                         *
 * The Nmap Security Scanner is (C) 1996-2008 Insecure.Com LLC. Nmap is    *
 * also a registered trademark of Insecure.Com LLC.  This program is free  *
 * software; you may redistribute and/or modify it under the terms of the  *
 * GNU General Public License as published by the Free Software            *
 * Foundation; Version 2 with the clarifications and exceptions described  *
 * below.  This guarantees your right to use, modify, and redistribute     *
 * this software under certain conditions.  If you wish to embed Nmap      *
 * technology into proprietary software, we sell alternative licenses      *
 * (contact sales@insecure.com).  Dozens of software vendors already       *
 * license Nmap technology such as host discovery, port scanning, OS       *
 * detection, and version detection.                                       *
 *                                                                         *
 * Note that the GPL places important restrictions on "derived works", yet *
 * it does not provide a detailed definition of that term.  To avoid       *
 * misunderstandings, we consider an application to constitute a           *
 * "derivative work" for the purpose of this license if it does any of the *
 * following:                                                              *
 * o Integrates source code from Nmap                                      *
 * o Reads or includes Nmap copyrighted data files, such as                *
 *   nmap-os-fingerprints or nmap-service-probes.                          *
 * o Executes Nmap and parses the results (as opposed to typical shell or  *
 *   execution-menu apps, which simply display raw Nmap output and so are  *
 *   not derivative works.)                                                * 
 * o Integrates/includes/aggregates Nmap into a proprietary executable     *
 *   installer, such as those produced by InstallShield.                   *
 * o Links to a library or executes a program that does any of the above   *
 *                                                                         *
 * The term "Nmap" should be taken to also include any portions or derived *
 * works of Nmap.  This list is not exclusive, but is just meant to        *
 * clarify our interpretation of derived works with some common examples.  *
 * These restrictions only apply when you actually redistribute Nmap.  For *
 * example, nothing stops you from writing and selling a proprietary       *
 * front-end to Nmap.  Just distribute it by itself, and point people to   *
 * http://insecure.org/nmap/ to download Nmap.                             *
 *                                                                         *
 * We don't consider these to be added restrictions on top of the GPL, but *
 * just a clarification of how we interpret "derived works" as it applies  *
 * to our GPL-licensed Nmap product.  This is similar to the way Linus     *
 * Torvalds has announced his interpretation of how "derived works"        *
 * applies to Linux kernel modules.  Our interpretation refers only to     *
 * Nmap - we don't speak for any other GPL products.                       *
 *                                                                         *
 * If you have any questions about the GPL licensing restrictions on using *
 * Nmap in non-GPL works, we would be happy to help.  As mentioned above,  *
 * we also offer alternative license to integrate Nmap into proprietary    *
 * applications and appliances.  These contracts have been sold to dozens  *
 * of software vendors, and generally include a perpetual license as well  *
 * as providing for priority support and updates as well as helping to     *
 * fund the continued development of Nmap technology.  Please email        *
 * sales@insecure.com for further information.                             *
 *                                                                         *
 * As a special exception to the GPL terms, Insecure.Com LLC grants        *
 * permission to link the code of this program with any version of the     *
 * OpenSSL library which is distributed under a license identical to that  *
 * listed in the included Copying.OpenSSL file, and distribute linked      *
 * combinations including the two. You must obey the GNU GPL in all        *
 * respects for all of the code used other than OpenSSL.  If you modify    *
 * this file, you may extend this exception to your version of the file,   *
 * but you are not obligated to do so.                                     *
 *                                                                         *
 * If you received these files with a written license agreement or         *
 * contract stating terms other than the terms above, then that            *
 * alternative license agreement takes precedence over these comments.     *
 *                                                                         *
 * Source is provided to this software because we believe users have a     *
 * right to know exactly what a program is going to do before they run it. *
 * This also allows you to audit the software for security holes (none     *
 * have been found so far).                                                *
 *                                                                         *
 * Source code also allows you to port Nmap to new platforms, fix bugs,    *
 * and add new features.  You are highly encouraged to send your changes   *
 * to fyodor@insecure.org for possible incorporation into the main         *
 * distribution.  By sending these changes to Fyodor or one the            *
 * Insecure.Org development mailing lists, it is assumed that you are      *
 * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right *
 * to reuse, modify, and relicense the code.  Nmap will always be          *
 * available Open Source, but this is important because the inability to   *
 * relicense code has caused devastating problems for other Free Software  *
 * projects (such as KDE and NASM).  We also occasionally relicense the    *
 * code to third parties as discussed above.  If you wish to specify       *
 * special license conditions of your contributions, just say so when you  *
 * send them.                                                              *
 *                                                                         *
 * This program is distributed in the hope that it will be useful, but     *
 * WITHOUT ANY WARRANTY; without even the implied warranty of              *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU       *
 * General Public License for more details at                              *
 * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included  *
 * with Nmap.                                                              *
 *                                                                         *
 ***************************************************************************/

/* $Id: tcpip.cc 6633 2007-12-22 06:32:03Z fyodor $ */
#ifdef WIN32
#include "nmap_winconfig.h"
#endif
#include "portreasons.h"
#include <dnet.h>
#include "tcpip.h"
#include "NmapOps.h"
#include "Target.h"
#include "utils.h"

#if HAVE_SYS_TIME_H
#include <sys/time.h>
#endif

#if HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#endif

#if HAVE_UNISTD_H
/* #include <sys/unistd.h> */
#include <unistd.h>
#endif

#if HAVE_NET_IF_H
#ifndef NET_IF_H  /* why doesn't OpenBSD do this? */
#include <net/if.h>
#define NET_IF_H
#endif
#endif

#if HAVE_NETINET_IF_ETHER_H
#ifndef NETINET_IF_ETHER_H
#include <netinet/if_ether.h>
#define NETINET_IF_ETHER_H
#endif /* NETINET_IF_ETHER_H */
#endif /* HAVE_NETINET_IF_ETHER_H */

extern NmapOps o;

#ifdef WIN32
#include "pcap-int.h"

void nmapwin_init();
void nmapwin_cleanup();
void nmapwin_list_interfaces();

int if2nameindex(int ifi);
#endif

static PacketCounter PktCt;

/* These two are for eth_open_cached() and eth_close_cached() */
static char etht_cache_device_name[64];
static eth_t *etht_cache_device = NULL;

void sethdrinclude(int sd) {
#ifdef IP_HDRINCL
int one = 1;
setsockopt(sd, IPPROTO_IP, IP_HDRINCL, (const char *) &one, sizeof(one));
#endif
}

void set_ttl(int sd, int ttl)
{
#ifdef IP_TTL
	if (sd == -1)
		return;

	setsockopt(sd, IPPROTO_IP, IP_TTL, (const char *) &ttl, sizeof ttl);
#endif
}

// Takes a protocol number like IPPROTO_TCP, IPPROTO_UDP, or
// IPPROTO_IP and returns a ascii representation (or "unknown" if it
// doesn't recognize the number).  If uppercase is true, the returned
// value will be in all uppercase letters.  You can skip this
// parameter to use lowercase.
const char *proto2ascii(u8 proto, bool uppercase) {

  switch(proto) {
  case IPPROTO_TCP:
    return uppercase? "TCP" : "tcp"; break;
  case IPPROTO_UDP:
    return uppercase? "UDP" : "udp"; break;
  case IPPROTO_IP:
    return uppercase? "IP" : "ip"; break;
  default:
    return uppercase? "UNKNOWN" : "unknown";
  }

  return NULL; // Unreached

}

static char *ll2shortascii(unsigned long long bytes, char *buf, int buflen) {
  if (buflen < 2 || !buf) fatal("Bogus parameter passed to %s", __func__);

  if (bytes > 1000000) {
    Snprintf(buf, buflen, "%.3fMB", bytes / 1000000.0);
  } else if (bytes > 10000) {
    Snprintf(buf, buflen, "%.3fKB", bytes / 1000.0);
  } else Snprintf(buf, buflen, "%uB", (unsigned int) bytes);
    
  return buf;
}

/* Fill buf (up to buflen -- truncate if necessary but always
   terminate) with a short representation of the packet stats.
   Returns buf.  Aborts if there is a problem. */
char *getFinalPacketStats(char *buf, int buflen) {
  char sendbytesasc[16], recvbytesasc[16];

  if (buflen <= 10 || !buf)
    fatal("%s called with woefully inadequate parameters", __func__);

  Snprintf(buf, buflen, 
#if WIN32
	  "Raw packets sent: %I64u (%s) | Rcvd: %I64u (%s)",
#else
	  "Raw packets sent: %llu (%s) | Rcvd: %llu (%s)",
#endif
	   PktCt.sendPackets,
	   ll2shortascii(PktCt.sendBytes, sendbytesasc, sizeof(sendbytesasc)),
	   PktCt.recvPackets,
	   ll2shortascii(PktCt.recvBytes, recvbytesasc, sizeof(recvbytesasc)));
  return buf;
}

  /* Takes an ARP PACKET (including ethernet header) and prints it if
     packet tracing is enabled.  'frame' must point to the 14-byte
     ethernet header (e.g. starting with destination addr). The
     direction must be PacketTrace::SENT or PacketTrace::RCVD .
     Optional 'now' argument makes this function slightly more
     efficient by avoiding a gettimeofday() call. */
void PacketTrace::traceArp(pdirection pdir, const u8 *frame, u32 len,
			struct timeval *now) {
  struct timeval tv;
  char arpdesc[128];
  char who_has[INET_ADDRSTRLEN], tell[INET_ADDRSTRLEN];
    

  if (pdir == SENT) {
    PktCt.sendPackets++;
    PktCt.sendBytes += len;
  } else {
    PktCt.recvPackets++;
    PktCt.recvBytes += len;
  }

  if (!o.packetTrace()) return;

  if (now)
    tv = *now;
  else gettimeofday(&tv, NULL);

  if (len < 42) {
    error("Packet tracer: Arp packets must be at least 42 bytes long.  Should be exactly that length excl. ethernet padding.");
    return;
  }

  if (frame[21] == 1) /* arp REQUEST */ {
    inet_ntop(AF_INET, frame+38, who_has, sizeof(who_has));
    inet_ntop(AF_INET, frame+28, tell, sizeof(tell));
    Snprintf(arpdesc, sizeof(arpdesc), "who-has %s tell %s", who_has, tell);
  } else { /* ARP REPLY */
    inet_ntop(AF_INET, frame+28, who_has, sizeof(who_has));
    Snprintf(arpdesc, sizeof(arpdesc), 
	     "reply %s is-at %02X:%02X:%02X:%02X:%02X:%02X", who_has, 
	     frame[22], frame[23], frame[24], frame[25], frame[26], frame[27]);
  }

  log_write(LOG_STDOUT|LOG_NORMAL, "%s (%.4fs) ARP %s\n", (pdir == SENT)? "SENT" : "RCVD",  o.TimeSinceStartMS(&tv) / 1000.0, arpdesc);

  return;
}

/* Get an ASCII information about a tcp option which is pointed by
   optp, with a length of len. The result is stored in the result
   buffer. The result may look like "<mss 1452,sackOK,timestamp
   45848914 0,nop,wscale 7>" */
static void tcppacketoptinfo(u8 *optp, int len, char *result, int bufsize) {
  assert(optp);
  assert(result);
  char *p, ch;
  u8 *q;
  int opcode;
  u16 tmpshort;
  u32 tmpword1, tmpword2;

  p = result; *p = '\0';
  q = optp;
  ch = '<';
  
  while(len > 0 && bufsize > 2) {
	Snprintf(p, bufsize, "%c", ch);
	bufsize--;
	p++;
    opcode=*q++;	
    if (!opcode) { /* End of List */
	  
	  Snprintf(p, bufsize, "eol");
	  bufsize -= strlen(p);
	  p += strlen(p);
	  
      len--;
	  
    } else if (opcode == 1) { /* No Op */
	  
	  Snprintf(p, bufsize, "nop");
	  bufsize -= strlen(p);
	  p += strlen(p);
	  
      len--;
	  
    } else if (opcode == 2) { /* MSS */
	  
      if(len<4)
        break; /* MSS has 4 bytes */
	  
      q++;
      memcpy(&tmpshort, q, 2);
	  
	  Snprintf(p, bufsize, "mss %u", ntohs(tmpshort));
	  bufsize -= strlen(p);
	  p += strlen(p);

      q += 2;
      len -= 4;
	  
    } else if (opcode == 3) { /* Window Scale */
	  
      if(len<3)
        break; /* Window Scale option has 3 bytes */
	  
      q++;

	  Snprintf(p, bufsize, "wscale %u", *q);
	  bufsize -= strlen(p);
	  p += strlen(p); 
	  
      q++;
      len -= 3;
	  
    } else if (opcode == 4) { /* SACK permitted */
	  
      if(len<2)
        break; /* SACK permitted option has 2 bytes */
	  
	  Snprintf(p, bufsize, "sackOK");
	  bufsize -= strlen(p);
	  p += strlen(p); 
	  
      q++;
      len -= 2;
	  
    } else if (opcode == 5) { /* SACK */
	  
	  int sackoptlen = *q;
	  if(len < sackoptlen)
		break;
	  
	  q++;
	  
	  if((sackoptlen-2) % 8 != 0) {
		Snprintf(p, bufsize, "malformed sack");
		bufsize -= strlen(p);
		p += strlen(p); 
	  } else {
		Snprintf(p, bufsize, "sack %d ", (sackoptlen-2)/8);
		bufsize -= strlen(p);
		p += strlen(p);
		for(int i = 0; i < sackoptlen - 2; i += 8) {
		  memcpy(&tmpword1, q + i, 4);
		  memcpy(&tmpword2, q + i + 4, 4);
		  Snprintf(p, bufsize, "{%u:%u}", tmpword1, tmpword2);
		  bufsize -= strlen(p);
		  p += strlen(p);
		}
	  }

	  q += sackoptlen-2;
	  len -= sackoptlen;
	  
	} else if (opcode == 8) { /* Timestamp */

      if(len<10)
        break; /* Timestamp option has 10 bytes */

      q++;
      memcpy(&tmpword1, q, 4);
      memcpy(&tmpword2, q+4, 4);

	  Snprintf(p, bufsize, "timestamp %u %u", ntohl(tmpword1), ntohl(tmpword2));
	  bufsize -= strlen(p);
	  p += strlen(p);

	  q += 8;
	  len -= 10;
	  
    }

	ch = ',';