static enum proto_parse_status icmpv6_parse(struct parser *parser, struct proto_info *parent, unsigned way, uint8_t const *packet, size_t cap_len, size_t wire_len, struct timeval const *now, size_t tot_cap_len, uint8_t const *tot_packet) { struct icmp_hdr *icmphdr = (struct icmp_hdr *)packet; // Sanity checks if (wire_len < sizeof(*icmphdr)) return PROTO_PARSE_ERR; if (cap_len < sizeof(*icmphdr)) return PROTO_TOO_SHORT; struct icmp_proto_info info; uint8_t const type = READ_U8(&icmphdr->type); icmpv6_proto_info_ctor(&info, parser, parent, wire_len, type, READ_U8(&icmphdr->code)); if (icmpv6_has_id(type)) { info.set_values |= ICMP_ID_SET; info.id = READ_U16N(&icmphdr->id); } // Extract error values if (icmpv6_is_err(type)) { if (0 == icmpv6_extract_err_infos(&info, packet + sizeof(*icmphdr), cap_len - sizeof(*icmphdr))) { info.set_values |= ICMP_ERR_SET; } } return proto_parse(NULL, &info.info, way, NULL, 0, 0, now, tot_cap_len, tot_packet); }
bool nabto_fallback_connect_u_event(uint16_t packetLength, nabto_packet_header* hdr) { nabto_connect* con; uint8_t* startOfPayloads; uint8_t* endOfPayloads; uint8_t* noncePayloadStart; uint16_t noncePayloadLength; uint8_t type; uint8_t flags; uint8_t* ptr; bool isReliable; bool hasKeepAlive; con = nabto_find_connection(hdr->nsi_sp); if (con == 0) { NABTO_LOG_TRACE((PRInsi " No connection found.", MAKE_NSI_PRINTABLE(hdr->nsi_cp, hdr->nsi_sp, 0))); return false; } startOfPayloads = nabtoCommunicationBuffer + hdr->hlen; endOfPayloads = nabtoCommunicationBuffer + packetLength; if (!find_payload(startOfPayloads, endOfPayloads, NP_PAYLOAD_TYPE_NONCE, &noncePayloadStart, &noncePayloadLength)) { NABTO_LOG_ERROR((PRI_tcp_fb "No nonce payload in GW_CONN_U packet.", TCP_FB_ARGS(con))); return false; } if (noncePayloadLength < 2) { NABTO_LOG_ERROR((PRI_tcp_fb "The payload received is too small to contain both flags and type.", TCP_FB_ARGS(con))); return false; } ptr = noncePayloadStart + NP_PAYLOAD_HDR_BYTELENGTH; READ_U8(type, ptr); ptr++; READ_U8(flags, ptr); ptr++; isReliable = (flags & NP_GW_CONN_U_FLAG_RELIABLE) != 0; hasKeepAlive = (flags & NP_GW_CONN_U_FLAG_KEEP_ALIVE) != 0; con->tcpFallbackConnectionState = UTFS_READY_FOR_DATA; // If the connection is still resolving upgrade it to a fallback connection. if (isReliable) { con->fbConAttr |= CON_ATTR_NO_RETRANSMIT; NABTO_LOG_DEBUG((PRI_tcp_fb "connection needs no retransmition", TCP_FB_ARGS(con))); } if (!hasKeepAlive) { con->fbConAttr |= CON_ATTR_NO_KEEP_ALIVE; NABTO_LOG_DEBUG((PRI_tcp_fb "connection needs no keep alive", TCP_FB_ARGS(con))); } else { NABTO_LOG_DEBUG((PRI_tcp_fb "connection needs keep alive", TCP_FB_ARGS(con))); } return true; }
static int icmpv6_extract_err_infos(struct icmp_proto_info *info, uint8_t const *packet, size_t packet_len) { struct icmp_err *err = &info->err; struct ipv6_hdr const *iphdr = (struct ipv6_hdr *)packet; if (packet_len < sizeof(*iphdr)) { SLOG(LOG_DEBUG, "Bogus ICMPv6 packet too short for IPv6 header"); return -1; } err->protocol = READ_U8(&iphdr->next); ip_addr_ctor_from_ip6(err->addr+0, &iphdr->src); ip_addr_ctor_from_ip6(err->addr+1, &iphdr->dst); switch (iphdr->next) { case IPPROTO_TCP: case IPPROTO_UDP: if (packet_len >= sizeof(*iphdr) + 4) { info->set_values |= ICMP_ERR_PORT_SET; return icmp_extract_err_ports(err, packet + sizeof(*iphdr)); } break; default: SLOG(LOG_DEBUG, "ICMPv6 Error for unsuported protocol %u", iphdr->next); break; } return 0; }
static void rtp_proto_info_ctor(struct rtp_proto_info *info, struct parser *parser, struct proto_info *parent, struct rtp_hdr const *rtph, size_t head_len, size_t payload) { proto_info_ctor(&info->info, parser, parent, head_len, payload); info->payload_type = READ_U8(&rtph->flags1) & F1_PLD_TYPE_MASK; info->sync_src = READ_U32N(&rtph->ssrc); info->seq_num = READ_U16N(&rtph->seq_num); info->timestamp = READ_U32N(&rtph->timestamp); }
static enum proto_parse_status rtp_parse(struct parser *parser, struct proto_info *parent, unsigned way, uint8_t const *packet, size_t cap_len, size_t wire_len, struct timeval const *now, size_t tot_cap_len, uint8_t const *tot_packet) { SLOG(LOG_DEBUG, "Starting RTP analysis"); /* Parse */ struct rtp_hdr *rtph = (struct rtp_hdr *)packet; if (wire_len < sizeof(*rtph)) return PROTO_PARSE_ERR; if (cap_len < sizeof(*rtph)) return PROTO_TOO_SHORT; unsigned const version = READ_U8(&rtph->flags0) >> 6U; unsigned const csrc_count = READ_U8(&rtph->flags0) & F0_CSRC_COUNT_MASK; unsigned const payload_type = READ_U8(&rtph->flags1) & F1_PLD_TYPE_MASK; SLOG(LOG_DEBUG, "RTP header, version=%u, CSRC_count=%u, payload_type=%u", version, csrc_count, payload_type); size_t head_len = sizeof(*rtph) + csrc_count * 4; if (wire_len < head_len) return PROTO_PARSE_ERR; if (cap_len < head_len) return PROTO_TOO_SHORT; struct rtp_proto_info info; rtp_proto_info_ctor(&info, parser, parent, rtph, head_len, wire_len - head_len); return proto_parse(NULL, &info.info, way, NULL, 0, 0, now, tot_cap_len, tot_packet); }
static void tcp_proto_info_ctor(struct tcp_proto_info *info, struct parser *parser, struct proto_info *parent, size_t head_len, size_t payload, uint16_t sport, uint16_t dport, struct tcp_hdr const *tcphdr) { proto_info_ctor(&info->info, parser, parent, head_len, payload); info->key.port[0] = sport; info->key.port[1] = dport; uint8_t const flags = READ_U8(&tcphdr->flags); info->syn = !!(flags & TCP_SYN_MASK); info->ack = !!(flags & TCP_ACK_MASK); info->rst = !!(flags & TCP_RST_MASK); info->fin = !!(flags & TCP_FIN_MASK); info->urg = !!(flags & TCP_URG_MASK); info->psh = !!(flags & TCP_PSH_MASK); // to_srv set later from tcp_subparser info->window = READ_U16N(&tcphdr->window); info->urg_ptr = READ_U16N(&tcphdr->urg_ptr); info->ack_num = READ_U32N(&tcphdr->ack_seq); info->seq_num = READ_U32N(&tcphdr->seq_num); info->rel_seq_num = 0U; info->set_values = 0; // options will be set later info->nb_options = 0; }
int CDVDOverlayCodecTX3G::Decode(BYTE* data, int size, double pts, double duration) { if (m_pOverlay) SAFE_RELEASE(m_pOverlay); m_pOverlay = new CDVDOverlayText(); m_pOverlay->iPTSStartTime = pts; m_pOverlay->iPTSStopTime = pts + duration; // do not move this. READ_XXXX macros modify pos. uint8_t *pos = data; uint8_t *end = pos + size; // Parse the packet as a TX3G TextSample. // Look for a single StyleBox ('styl') and // read all contained StyleRecords. // Ignore all other box types. // NOTE: Buffer overflows on read are not checked. // ALSO: READ_XXXX/SKIP_XXXX macros will modify pos. uint16_t textLength = READ_U16(); uint8_t *text = READ_ARRAY(textLength); int numStyleRecords = 0; uint8_t *bgnStyle = (uint8_t*)calloc(textLength, 1); uint8_t *endStyle = (uint8_t*)calloc(textLength, 1); int bgnColorIndex = 0, endColorIndex = 0; uint32_t textColorRGBA = m_textColor; while (pos < end) { // Read TextSampleModifierBox uint32_t size = READ_U32(); if (size == 0) size = pos - end; // extends to end of packet if (size == 1) { CLog::Log(LOGDEBUG, "CDVDOverlayCodecTX3G: TextSampleModifierBox has unsupported large size" ); break; } uint32_t type = READ_U32(); if (type == FOURCC("uuid")) { CLog::Log(LOGDEBUG, "CDVDOverlayCodecTX3G: TextSampleModifierBox has unsupported extended type" ); break; } if (type == FOURCC("styl")) { // Found a StyleBox. Parse the contained StyleRecords if ( numStyleRecords != 0 ) { CLog::Log(LOGDEBUG, "CDVDOverlayCodecTX3G: found additional StyleBoxes on subtitle; skipping" ); SKIP_ARRAY(size); continue; } numStyleRecords = READ_U16(); for (int i = 0; i < numStyleRecords; i++) { StyleRecord curRecord; curRecord.bgnChar = READ_U16(); curRecord.endChar = READ_U16(); curRecord.fontID = READ_U16(); curRecord.faceStyleFlags = READ_U8(); curRecord.fontSize = READ_U8(); curRecord.textColorRGBA = READ_U32(); bgnStyle[curRecord.bgnChar] |= curRecord.faceStyleFlags; endStyle[curRecord.endChar] |= curRecord.faceStyleFlags; bgnColorIndex = curRecord.bgnChar; endColorIndex = curRecord.endChar; textColorRGBA = curRecord.textColorRGBA; } } else { // Found some other kind of TextSampleModifierBox. Skip it. SKIP_ARRAY(size); } } // Copy text to out and add HTML markup for the style records int charIndex = 0; CStdStringA strUTF8; for (pos = text, end = text + textLength; pos < end; pos++) { if ((*pos & 0xC0) == 0x80) { // Is a non-first byte of a multi-byte UTF-8 character strUTF8.append((const char*)pos, 1); continue; // ...without incrementing 'charIndex' } uint8_t bgnStyles = bgnStyle[charIndex]; uint8_t endStyles = endStyle[charIndex]; // [B] or [/B] -> toggle bold on and off // [I] or [/I] -> toggle italics on and off // [COLOR ffab007f] or [/COLOR] -> toggle color on and off // [CAPS <option>] or [/CAPS] -> toggle capatilization on and off if (endStyles & BOLD) strUTF8.append("[/B]"); if (endStyles & ITALIC) strUTF8.append("[/I]"); // we do not support underline //if (endStyles & UNDERLINE) // strUTF8.append("[/U]"); if (endColorIndex == charIndex && textColorRGBA != m_textColor) strUTF8.append("[/COLOR]"); // invert the order from above so we bracket the text correctly. if (bgnColorIndex == charIndex && textColorRGBA != m_textColor) strUTF8.AppendFormat("[COLOR %8x]", textColorRGBA); // we do not support underline //if (bgnStyles & UNDERLINE) // strUTF8.append("[U]"); if (bgnStyles & ITALIC) strUTF8.append("[I]"); if (bgnStyles & BOLD) strUTF8.append("[B]"); // stuff the UTF8 char strUTF8.append((const char*)pos, 1); // this is a char index, not a byte index. charIndex++; } free(bgnStyle); free(endStyle); if (strUTF8.IsEmpty()) return OC_BUFFER; if (strUTF8[strUTF8.size()-1] == '\n') strUTF8.Delete(strUTF8.size()-1); // add a new text element to our container m_pOverlay->AddElement(new CDVDOverlayText::CElementText(strUTF8.c_str())); return OC_OVERLAY; }
int CDVDOverlayCodecTX3G::Decode(DemuxPacket *pPacket) { if (m_pOverlay) SAFE_RELEASE(m_pOverlay); m_pOverlay = new CDVDOverlayText(); CDVDOverlayCodec::GetAbsoluteTimes(m_pOverlay->iPTSStartTime, m_pOverlay->iPTSStopTime, pPacket, m_pOverlay->replace); // do not move this. READ_XXXX macros modify pos. uint8_t *pos = pPacket->pData; uint8_t *end = pPacket->pData + pPacket->iSize; // Parse the packet as a TX3G TextSample. // Look for a single StyleBox ('styl') and // read all contained StyleRecords. // Ignore all other box types. // NOTE: Buffer overflows on read are not checked. // ALSO: READ_XXXX/SKIP_XXXX macros will modify pos. LEN_CHECK(2); uint16_t textLength = READ_U16(); LEN_CHECK(textLength); uint8_t *text = READ_ARRAY(textLength); int numStyleRecords = 0; // reserve one more style slot for broken encoders XUTILS::auto_buffer bgnStyle(textLength+1); XUTILS::auto_buffer endStyle(textLength+1); memset(bgnStyle.get(), 0, textLength+1); memset(endStyle.get(), 0, textLength+1); int bgnColorIndex = 0, endColorIndex = 0; uint32_t textColorRGBA = m_textColor; while (pos < end) { // Read TextSampleModifierBox LEN_CHECK(4); uint32_t size = READ_U32(); if (size == 0) size = pos - end; // extends to end of packet if (size == 1) { CLog::Log(LOGDEBUG, "CDVDOverlayCodecTX3G: TextSampleModifierBox has unsupported large size" ); break; } LEN_CHECK(4); uint32_t type = READ_U32(); if (type == FOURCC("uuid")) { CLog::Log(LOGDEBUG, "CDVDOverlayCodecTX3G: TextSampleModifierBox has unsupported extended type" ); break; } if (type == FOURCC("styl")) { // Found a StyleBox. Parse the contained StyleRecords if ( numStyleRecords != 0 ) { CLog::Log(LOGDEBUG, "CDVDOverlayCodecTX3G: found additional StyleBoxes on subtitle; skipping" ); LEN_CHECK(size); SKIP_ARRAY(size); continue; } LEN_CHECK(2); numStyleRecords = READ_U16(); for (int i = 0; i < numStyleRecords; i++) { StyleRecord curRecord; LEN_CHECK(12); curRecord.bgnChar = READ_U16(); curRecord.endChar = READ_U16(); curRecord.fontID = READ_U16(); curRecord.faceStyleFlags = READ_U8(); curRecord.fontSize = READ_U8(); curRecord.textColorRGBA = READ_U32(); // clamp bgnChar/bgnChar to textLength, // we alloc enough space above and this // fixes borken encoders that do not handle // endChar correctly. if (curRecord.bgnChar > textLength) curRecord.bgnChar = textLength; if (curRecord.endChar > textLength) curRecord.endChar = textLength; bgnStyle.get()[curRecord.bgnChar] |= curRecord.faceStyleFlags; endStyle.get()[curRecord.endChar] |= curRecord.faceStyleFlags; bgnColorIndex = curRecord.bgnChar; endColorIndex = curRecord.endChar; textColorRGBA = curRecord.textColorRGBA; } } else { // Found some other kind of TextSampleModifierBox. Skip it. LEN_CHECK(size); SKIP_ARRAY(size); } } // Copy text to out and add HTML markup for the style records int charIndex = 0; std::string strUTF8; // index over textLength chars to include broken encoders, // so we pickup closing styles on broken encoders for (pos = text, end = text + textLength; pos <= end; pos++) { if ((*pos & 0xC0) == 0x80) { // Is a non-first byte of a multi-byte UTF-8 character strUTF8.append((const char*)pos, 1); continue; // ...without incrementing 'charIndex' } uint8_t bgnStyles = bgnStyle.get()[charIndex]; uint8_t endStyles = endStyle.get()[charIndex]; // [B] or [/B] -> toggle bold on and off // [I] or [/I] -> toggle italics on and off // [COLOR ffab007f] or [/COLOR] -> toggle color on and off // [CAPS <option>] or [/CAPS] -> toggle capatilization on and off if (endStyles & BOLD) strUTF8.append("[/B]"); if (endStyles & ITALIC) strUTF8.append("[/I]"); // we do not support underline //if (endStyles & UNDERLINE) // strUTF8.append("[/U]"); if (endColorIndex == charIndex && textColorRGBA != m_textColor) strUTF8.append("[/COLOR]"); // invert the order from above so we bracket the text correctly. if (bgnColorIndex == charIndex && textColorRGBA != m_textColor) strUTF8 += StringUtils::Format("[COLOR %8x]", textColorRGBA); // we do not support underline //if (bgnStyles & UNDERLINE) // strUTF8.append("[U]"); if (bgnStyles & ITALIC) strUTF8.append("[I]"); if (bgnStyles & BOLD) strUTF8.append("[B]"); // stuff the UTF8 char strUTF8.append((const char*)pos, 1); // this is a char index, not a byte index. charIndex++; } if (strUTF8.empty()) return OC_BUFFER; if (strUTF8[strUTF8.size()-1] == '\n') strUTF8.erase(strUTF8.size()-1); // add a new text element to our container m_pOverlay->AddElement(new CDVDOverlayText::CElementText(strUTF8.c_str())); return OC_OVERLAY; }
static enum proto_parse_status tcp_parse(struct parser *parser, struct proto_info *parent, unsigned way, uint8_t const *packet, size_t cap_len, size_t wire_len, struct timeval const *now, size_t tot_cap_len, uint8_t const *tot_packet) { struct mux_parser *mux_parser = DOWNCAST(parser, parser, mux_parser); struct tcp_hdr const *tcphdr = (struct tcp_hdr *)packet; // Sanity checks if (wire_len < sizeof(*tcphdr)) { SLOG(LOG_DEBUG, "Bogus TCP packet: too short (%zu < %zu)", wire_len, sizeof(*tcphdr)); return PROTO_PARSE_ERR; } if (cap_len < sizeof(*tcphdr)) return PROTO_TOO_SHORT; size_t tcphdr_len = TCP_HDR_LENGTH(tcphdr); if (tcphdr_len < sizeof(*tcphdr)) { SLOG(LOG_DEBUG, "Bogus TCP packet: header size too smal (%zu < %zu)", tcphdr_len, sizeof(*tcphdr)); return PROTO_PARSE_ERR; } if (tcphdr_len > wire_len) { SLOG(LOG_DEBUG, "Bogus TCP packet: wrong length %zu > %zu", tcphdr_len, wire_len); return PROTO_PARSE_ERR; } if (tcphdr_len > cap_len) return PROTO_TOO_SHORT; // TODO: move this below call to tcp_proto_info_ctor() and use info instead of reading tcphdr directly uint16_t const sport = READ_U16N(&tcphdr->src); uint16_t const dport = READ_U16N(&tcphdr->dst); bool const syn = !!(READ_U8(&tcphdr->flags) & TCP_SYN_MASK); bool const fin = !!(READ_U8(&tcphdr->flags) & TCP_FIN_MASK); bool const ack = !!(READ_U8(&tcphdr->flags) & TCP_ACK_MASK); bool const rst = !!(READ_U8(&tcphdr->flags) & TCP_RST_MASK); bool const urg = !!(READ_U8(&tcphdr->flags) & TCP_URG_MASK); bool const psh = !!(READ_U8(&tcphdr->flags) & TCP_PSH_MASK); SLOG(LOG_DEBUG, "New TCP packet of %zu bytes (%zu captured), %zu payload, ports %"PRIu16" -> %"PRIu16" Flags: %s%s%s%s%s%s, Seq:%"PRIu32", Ack:%"PRIu32, wire_len, cap_len, wire_len - tcphdr_len, sport, dport, syn ? "Syn":"", fin ? "Fin":"", ack ? "Ack":"", rst ? "Rst":"", urg ? "Urg":"", psh ? "Psh":"", READ_U32N(&tcphdr->seq_num), READ_U32N(&tcphdr->ack_seq)); // Parse struct tcp_proto_info info; tcp_proto_info_ctor(&info, parser, parent, tcphdr_len, wire_len - tcphdr_len, sport, dport, tcphdr); // Parse TCP options uint8_t const *options = (uint8_t *)(tcphdr+1); assert(tcphdr_len >= sizeof(*tcphdr)); for (size_t rem_len = tcphdr_len - sizeof(*tcphdr); rem_len > 0; ) { ssize_t const len = parse_next_option(&info, options, rem_len); if (len < 0) return PROTO_PARSE_ERR; rem_len -= len; options += len; } // Search an already spawned subparser struct port_key key; port_key_init(&key, sport, dport, way); struct mux_subparser *subparser = mux_subparser_lookup(mux_parser, NULL, NULL, &key, now); if (subparser) SLOG(LOG_DEBUG, "Found subparser@%p for this cnx, for proto %s", subparser->parser, subparser->parser->proto->name); if (! subparser) { struct proto *requestor = NULL; struct proto *sub_proto = NULL; // Use connection tracking first ASSIGN_INFO_OPT2(ip, ip6, parent); if (! ip) ip = ip6; if (ip) sub_proto = cnxtrack_ip_lookup(IPPROTO_TCP, ip->key.addr+0, sport, ip->key.addr+1, dport, now, &requestor); if (! sub_proto) { // Then try predefined ports sub_proto = port_muxer_find(&tcp_port_muxers, info.key.port[0], info.key.port[1]); } if (sub_proto) { subparser = mux_subparser_and_parser_new(mux_parser, sub_proto, requestor, &key, now); } else { // Even if we have no child parser to send payload to, we want to submit payload in stream order to our plugins subparser = tcp_subparser_new(mux_parser, NULL, NULL, &key, now); } } if (! subparser) goto fallback; // Keep track of TCP flags & ISN struct tcp_subparser *tcp_sub = DOWNCAST(subparser, mux_subparser, tcp_subparser); mutex_lock(tcp_sub->mutex); if ( info.ack && (!IS_SET_FOR_WAY(way, tcp_sub->ack) || seqnum_gt(info.ack_num, tcp_sub->max_acknum[way])) ) { SET_FOR_WAY(way, tcp_sub->ack); tcp_sub->max_acknum[way] = info.ack_num; } if (info.fin) { SET_FOR_WAY(way, tcp_sub->fin); tcp_sub->fin_seqnum[way] = info.seq_num + info.info.payload; // The FIN is acked after the payload } if (info.syn && !IS_SET_FOR_WAY(way, tcp_sub->syn)) { SET_FOR_WAY(way, tcp_sub->syn); tcp_sub->isn[way] = info.seq_num; } if (!IS_SET_FOR_WAY(way, tcp_sub->origin)) { SET_FOR_WAY(way, tcp_sub->origin); tcp_sub->wl_origin[way] = info.seq_num; if (! IS_SET_FOR_WAY(way, tcp_sub->syn)) SLOG(LOG_DEBUG, "Starting a WL while SYN is yet to be received!"); } // Set relative sequence number if we know it if (IS_SET_FOR_WAY(way, tcp_sub->syn)) info.rel_seq_num = info.seq_num - tcp_sub->isn[way]; // Set srv_way assert(tcp_sub->srv_set < 3); if (tcp_sub->srv_set == 0 || (tcp_sub->srv_set == 1 && info.syn)) { if (comes_from_client(info.key.port, info.syn, info.ack)) { // this packet comes from the client tcp_sub->srv_way = !way; } else { tcp_sub->srv_way = way; } tcp_sub->srv_set = info.syn ? 2:1; } // Now patch it into tcp info info.to_srv = tcp_sub->srv_way != way; SLOG(LOG_DEBUG, "Subparser@%p state: >ISN:%"PRIu32"%s Fin:%"PRIu32" Ack:%"PRIu32" <ISN:%"PRIu32"%s Fin:%"PRIu32" Ack:%"PRIu32", SrvWay=%u%s", subparser->parser, IS_SET_FOR_WAY(0, tcp_sub->syn) ? tcp_sub->isn[0] : IS_SET_FOR_WAY(0, tcp_sub->origin) ? tcp_sub->wl_origin[0] : 0, IS_SET_FOR_WAY(0, tcp_sub->syn) ? "" : " (approx)", IS_SET_FOR_WAY(0, tcp_sub->fin) ? tcp_sub->fin_seqnum[0] : 0, IS_SET_FOR_WAY(0, tcp_sub->ack) ? tcp_sub->max_acknum[0] : 0, IS_SET_FOR_WAY(1, tcp_sub->syn) ? tcp_sub->isn[1] : IS_SET_FOR_WAY(1, tcp_sub->origin) ? tcp_sub->wl_origin[1] : 0, IS_SET_FOR_WAY(1, tcp_sub->syn) ? "" : " (approx)", IS_SET_FOR_WAY(1, tcp_sub->fin) ? tcp_sub->fin_seqnum[1] : 0, IS_SET_FOR_WAY(1, tcp_sub->ack) ? tcp_sub->max_acknum[1] : 0, tcp_sub->srv_way, tcp_sub->srv_set == 0 ? " (unset)": tcp_sub->srv_set == 1 ? " (unsure)":"(certain)"); enum proto_parse_status err; /* Use the wait_list to parse this packet. Notice that we do queue empty packets because subparser (or subscriber) want to receive all packets in order, including empty ones. */ size_t const packet_len = wire_len - tcphdr_len; assert(IS_SET_FOR_WAY(way, tcp_sub->origin)); unsigned const offset = info.seq_num - tcp_sub->wl_origin[way]; unsigned const next_offset = offset + packet_len + info.syn + info.fin; unsigned const sync_offset = info.ack_num - tcp_sub->wl_origin[!way]; // we must not parse this one before we parsed (or timeouted) this one from wl[!way] // FIXME: Here the parser is chosen before we actually parse anything. If later the parser fails we cannot try another one. // Choice of parser should be delayed until we start actual parse. bool const do_sync = info.ack && IS_SET_FOR_WAY(!way, tcp_sub->origin); err = pkt_wait_list_add(tcp_sub->wl+way, offset, next_offset, do_sync, sync_offset, true, &info.info, way, packet + tcphdr_len, cap_len - tcphdr_len, packet_len, now, tot_cap_len, tot_packet); SLOG(LOG_DEBUG, "Waiting list returned %s", proto_parse_status_2_str(err)); if (err == PROTO_OK) { // Try advancing each WL until we are stuck or met an error pkt_wait_list_try_both(tcp_sub->wl+!way, &err, now, false); } bool const term = tcp_subparser_term(tcp_sub); mutex_unlock(tcp_sub->mutex); if (term || err == PROTO_PARSE_ERR) { if (term) { SLOG(LOG_DEBUG, "TCP cnx terminated (was %s)", parser_name(subparser->parser)); } else { SLOG(LOG_DEBUG, "No suitable subparser for this payload"); } mux_subparser_deindex(subparser); } mux_subparser_unref(&subparser); if (err == PROTO_OK) return PROTO_OK; fallback: (void)proto_parse(NULL, &info.info, way, packet + tcphdr_len, cap_len - tcphdr_len, wire_len - tcphdr_len, now, tot_cap_len, tot_packet); return PROTO_OK; }
static enum proto_parse_status dhcp_parse(struct parser *parser, struct proto_info *parent, unsigned way, uint8_t const *payload, size_t cap_len, size_t wire_len, struct timeval const *now, size_t tot_cap_len, uint8_t const *tot_packet) { struct dhcp const *dhcp = (struct dhcp *)payload; // Sanity Checks // Check that we have at least the size of an DHCP packet for IP protocol if (wire_len < sizeof(*dhcp)) return PROTO_PARSE_ERR; // And that we have enough data to parse it if (cap_len < sizeof(*dhcp)) return PROTO_TOO_SHORT; if (0 != memcmp(dhcp->cookie, &magic_cookie, sizeof(magic_cookie))) { SLOG(LOG_DEBUG, "Bad magic Cookie"); return PROTO_PARSE_ERR; } struct dhcp_proto_info info; proto_info_ctor(&info.info, parser, parent, wire_len, 0); info.opcode = READ_U8(&dhcp->op); if (info.opcode != BOOTP_REQUEST && info.opcode != BOOTP_REPLY) { SLOG(LOG_DEBUG, "Unknown DHCP opcode (%u)", info.opcode); return PROTO_PARSE_ERR; } uint8_t const hlen = READ_U8(&dhcp->hlen); if (hlen > sizeof(dhcp->chaddr)) { SLOG(LOG_DEBUG, "Bad hlen in DHCP (%u)", hlen); return PROTO_PARSE_ERR; } info.xid = READ_U32N(&dhcp->xid); info.set_values = 0; uint32_t const addr = READ_U32(&dhcp->yiaddr); if (addr) { info.set_values |= DHCP_CLIENT_SET; ip_addr_ctor_from_ip4(&info.client, addr); } uint8_t const htype = READ_U8(&dhcp->htype); info.hw_addr_is_eth = htype == 1; if (info.hw_addr_is_eth) { if (hlen != sizeof(info.client_mac)) { SLOG(LOG_DEBUG, "Bad hlen (%u) for Eth type", hlen); return PROTO_PARSE_ERR; } memcpy(info.client_mac, dhcp->chaddr, sizeof(info.client_mac)); } else { memset(info.client_mac, 0, sizeof(info.client_mac)); } memcpy(info.server_name, dhcp->sname, sizeof(info.server_name)); SLOG(LOG_DEBUG, "New DHCP %s", dhcp_opcode_2_str(info.opcode)); // parse options info.msg_type = 0; // mandatory struct cursor c; cursor_ctor(&c, dhcp->options, cap_len - offsetof(struct dhcp, options)); while (c.cap_len >= 2) { uint8_t const type = cursor_read_u8(&c); uint8_t const len = cursor_read_u8(&c); if (c.cap_len < len) { SLOG(LOG_DEBUG, "Cannot read options"); return PROTO_PARSE_ERR; } switch (type) { case 53: // msg type if (len != 1) { SLOG(LOG_DEBUG, "Bad length (%"PRIu8") for msg type DHCP option", len); return PROTO_PARSE_ERR; } info.msg_type = cursor_read_u8(&c); if (info.msg_type > DHCP_INFORM) { SLOG(LOG_DEBUG, "Bad DHCP msg type (%u)", info.msg_type); return PROTO_PARSE_ERR; } break; default: cursor_drop(&c, len); break; } } if (0 == info.msg_type) { // not found SLOG(LOG_DEBUG, "DHCP msg without msg type"); return PROTO_PARSE_ERR; } return proto_parse(NULL, &info.info, way, NULL, 0, 0, now, tot_cap_len, tot_packet); }
static void cifs_proto_info_ctor(struct cifs_proto_info *info, struct parser *parser, struct proto_info *parent, size_t header, size_t payload, struct cifs_hdr const * cifshdr) { proto_info_ctor(&info->info, parser, parent, header, payload); info->command = READ_U8(&cifshdr->command); info->status = READ_U32(&cifshdr->status); }
nabto_connect* nabto_init_connection(nabto_packet_header* hdr, uint32_t* nsi, uint32_t* ec, bool isLocal) { uint8_t type; uint8_t flags; /* NP_PAYLOAD_IPX_FLAG_* */ nabto_connect* con; const uint8_t* end = nabtoCommunicationBuffer + hdr->len; uint8_t* ptr = nabtoCommunicationBuffer + hdr->hlen; uint16_t res; uint16_t ipxPayloadLength; ipxPayloadLength = nabto_rd_payload(ptr, end, &type); ptr += SIZE_PAYLOAD_HEADER; *nsi = 0; *ec = 0; if ((ipxPayloadLength != IPX_PAYLOAD_LENGTH_WITHOUT_NSI) && (ipxPayloadLength != IPX_PAYLOAD_LENGTH_WITH_NSI) && (ipxPayloadLength != IPX_PAYLOAD_LENGTH_FULL_NSI)) { NABTO_LOG_TRACE(("Illegal payload size in U_CONNECT request from GSP: %" PRIu16 " %" PRIu8, ipxPayloadLength, type)); return 0; } if (type != NP_PAYLOAD_TYPE_IPX) { NABTO_LOG_TRACE(("Illegal payload type in U_CONNECT request from GSP: %" PRIu16 " %" PRIu8, ipxPayloadLength, type)); return 0; } if (ipxPayloadLength == IPX_PAYLOAD_LENGTH_WITH_NSI || ipxPayloadLength == IPX_PAYLOAD_LENGTH_FULL_NSI) { READ_U32(*nsi, ptr + 13); NABTO_LOG_TRACE(("IPX payload with NSI (SPNSI=%" PRIu32 ")", *nsi)); } else { *nsi = fresh_nsi(); NABTO_LOG_TRACE(("IPX payload without NSI (fresh NSI=%" PRIu32 ")", *nsi)); } if (*nsi == 0) { NABTO_LOG_ERROR(("Trying to create connection with spnsi == 0")); return 0; } if (nabto_find_connection(*nsi)) { NABTO_LOG_DEBUG((PRInsi " A connection already exists this is probably a retransmission", MAKE_NSI_PRINTABLE(0, *nsi, 0))); *ec = NOTIFY_CONNECT_OK; return 0; } con = nabto_init_connection_real(*nsi); if (con == 0) { if (nabto_find_connection(*nsi)) { NABTO_LOG_DEBUG((PRInsi " U_CONNECT: A connection resource is already pending new connection", MAKE_NSI_PRINTABLE(0, *nsi, 0))); } else { NABTO_LOG_INFO((PRInsi " U_CONNECT: No connection resources free for new connection", MAKE_NSI_PRINTABLE(0, *nsi, 0))); #if NABTO_ENABLE_DEVICE_BUSY_AS_FATAL NABTO_LOG_FATAL((PRInsi " U_CONNECT: No free connections configured to be considered fatal", MAKE_NSI_PRINTABLE(0, *nsi, 0))); #endif } *ec = NOTIFY_ERROR_BUSY_MICRO; return 0; } NABTO_LOG_DEBUG((PRInsi " U_CONNECT: Connecting using record %i", MAKE_NSI_PRINTABLE(0, *nsi, 0), nabto_connection_index(con))); READ_U32(con->cp.privateEndpoint.addr, ptr + 0); READ_U16(con->cp.privateEndpoint.port, ptr + 4); READ_U32(con->cp.globalEndpoint.addr, ptr + 6); READ_U16(con->cp.globalEndpoint.port, ptr + 10); READ_U8(flags, ptr + 12); /* the final word (4 bytes) has been read already (nsi) */ con->noRendezvous = (flags & NP_PAYLOAD_IPX_FLAG_NO_RENDEZVOUS) ? 1 : 0; con->cpEqual = EP_EQUAL(con->cp.privateEndpoint, con->cp.globalEndpoint); con->cpAsync = (flags & NP_PAYLOAD_IPX_FLAG_CP_ASYNC) ? 1 : 0; con->clientNatType = (flags & NP_PAYLOAD_IPX_NAT_MASK); con->isLocal = isLocal; NABTO_LOG_INFO((PRInsi " U_CONNECT: cp.private: " PRIep " cp.global: " PRIep ", noRdv=%" PRIu8 ", cpeq=%" PRIu8 ", asy=%" PRIu8 ", NATType: %" PRIu8 , MAKE_NSI_PRINTABLE(0, *nsi, 0), MAKE_EP_PRINTABLE(con->cp.privateEndpoint), MAKE_EP_PRINTABLE(con->cp.globalEndpoint), con->noRendezvous, con->cpEqual, con->cpAsync, con->clientNatType)); #if NABTO_ENABLE_TCP_FALLBACK if (ipxPayloadLength == IPX_PAYLOAD_LENGTH_FULL_NSI) { memcpy(con->consi, ptr+17, 8); con->nsico = con->consi; READ_U32(con->cpnsi, ptr+25); } #endif ptr += ipxPayloadLength; //IPX_PAYLOAD_LENGTH_WITHOUT_NSI or IPX_PAYLOAD_LENGTH_WITH_NSI con->clientId[0] = 0; res = nabto_rd_payload(ptr, end, &type); if (type == NP_PAYLOAD_TYPE_CP_ID) { uint8_t idType; ptr += SIZE_PAYLOAD_HEADER; if (res > 0) { READ_U8(idType, ptr); ++ptr; --res; if (idType == 1) { // 1 == EMAIL size_t sz = res; if (sz >= sizeof(con->clientId)) { if (sizeof(con->clientId) > 1) { NABTO_LOG_WARN(("Client ID truncated")); } sz = sizeof(con->clientId) - 1; } if (sz) { memcpy(con->clientId, (const void*) ptr, sz); } con->clientId[sz] = 0; } } NABTO_LOG_TRACE(("Connection opened from '%s' (to %s)", con->clientId, nmc.nabtoMainSetup.id)); ptr += res; } #if NABTO_ENABLE_CONNECTION_ESTABLISHMENT_ACL_CHECK if (!allow_client_access(con)) { *ec = NOTIFY_ERROR_CP_ACCESS; goto init_error; } #endif #if NABTO_ENABLE_TCP_FALLBACK { uint8_t* gatewayPtr = ptr; res = nabto_rd_payload(ptr, end, &type); if (type == NP_PAYLOAD_TYPE_GW && ipxPayloadLength == IPX_PAYLOAD_LENGTH_FULL_NSI) { uint8_t* gatewayEndPtr; size_t idLength; NABTO_LOG_TRACE(("The connect contains a gateway payload.")); ptr += res + SIZE_PAYLOAD_HEADER; gatewayPtr += SIZE_PAYLOAD_HEADER; gatewayEndPtr = ptr; READ_U32(con->fallbackHost.addr, gatewayPtr); gatewayPtr+=4; READ_U16(con->fallbackHost.port, gatewayPtr); gatewayPtr+=2; // skip the nsi gatewayPtr+=4; idLength = gatewayEndPtr-gatewayPtr; if (idLength != 20) { NABTO_LOG_FATAL(("The id length should be 20 bytes. bytes=%" PRIsize, idLength)); // todo } memcpy(con->gatewayId, gatewayPtr, 20); con->hasTcpFallbackCapabilities = true; } } #endif #if NABTO_ENABLE_UCRYPTO if (nmc.context.nonceSize == NONCE_SIZE) { uint8_t* decryptedDataStart; uint16_t decryptedDataLength; if (!unabto_connection_verify_and_decrypt_connect_packet(hdr, &decryptedDataStart, &decryptedDataLength)) { NABTO_LOG_TRACE(("Failed to read crypto payload in U_CONNECT")); } else { unabto_crypto_reinit_d(&con->cryptoctx, nmc.nabtoMainSetup.cryptoSuite, decryptedDataStart, decryptedDataLength); } } else #endif { NABTO_LOG_TRACE(("######## U_CONNECT without crypto payload")); unabto_crypto_reinit_d(&con->cryptoctx, CRYPT_W_NULL_DATA, 0, 0); } con->timeOut = CONNECTION_TIMEOUT; nabtoSetFutureStamp(&con->stamp, 20000); /* give much extra time during initialisation */ if (!verify_connection_encryption(con)) { goto init_crypto_error; } if (con->cpEqual) { NABTO_LOG_DEBUG((PRInsi " U_CONNECT: addr:" PRIep " rendezvous:%" PRIu8, MAKE_NSI_PRINTABLE(0, *nsi, 0), MAKE_EP_PRINTABLE(con->cp.privateEndpoint), !con->noRendezvous)); } else { NABTO_LOG_DEBUG((PRInsi " U_CONNECT: private:" PRIep ", global:" PRIep " rendezvous:%" PRIu8, MAKE_NSI_PRINTABLE(0, *nsi, 0), MAKE_EP_PRINTABLE(con->cp.privateEndpoint), MAKE_EP_PRINTABLE(con->cp.globalEndpoint), !con->noRendezvous)); } NABTO_LOG_INFO(("Connection opened from '%s' (to %s). Encryption code %i", con->clientId, nmc.nabtoMainSetup.id, con->cryptoctx.code)); return con; init_crypto_error: *ec = NOTIFY_ERROR_ENCR_MISMATCH; #if NABTO_ENABLE_CONNECTION_ESTABLISHMENT_ACL_CHECK init_error: nabto_release_connection(con); #endif return 0; }
static hb_buffer_t *tx3g_decode_to_utf8( hb_buffer_t *in ) { uint8_t *pos = in->data; uint8_t *end = in->data + in->size; uint16_t numStyleRecords = 0; uint8_t *startStyle; uint8_t *endStyle; /* * Parse the packet as a TX3G TextSample. * * Look for a single StyleBox ('styl') and read all contained StyleRecords. * Ignore all other box types. * * NOTE: Buffer overflows on read are not checked. */ uint16_t textLength = READ_U16(); uint8_t *text = READ_ARRAY(textLength); startStyle = calloc( textLength, 1 ); endStyle = calloc( textLength, 1 ); while ( pos < end ) { /* * Read TextSampleModifierBox */ uint32_t size = READ_U32(); if ( size == 0 ) { size = pos - end; // extends to end of packet } if ( size == 1 ) { hb_log( "dectx3gsub: TextSampleModifierBox has unsupported large size" ); break; } uint32_t type = READ_U32(); if ( type == FOURCC("uuid") ) { hb_log( "dectx3gsub: TextSampleModifierBox has unsupported extended type" ); break; } if ( type == FOURCC("styl") ) { // Found a StyleBox. Parse the contained StyleRecords if ( numStyleRecords != 0 ) { hb_log( "dectx3gsub: found additional StyleBoxes on subtitle; skipping" ); SKIP_ARRAY(size); continue; } numStyleRecords = READ_U16(); int i; for (i=0; i<numStyleRecords; i++) { StyleRecord curRecord; curRecord.startChar = READ_U16(); curRecord.endChar = READ_U16(); curRecord.fontID = READ_U16(); curRecord.faceStyleFlags = READ_U8(); curRecord.fontSize = READ_U8(); curRecord.textColorRGBA = READ_U32(); startStyle[curRecord.startChar] |= curRecord.faceStyleFlags; endStyle[curRecord.endChar] |= curRecord.faceStyleFlags; } } else { // Found some other kind of TextSampleModifierBox. Skip it. SKIP_ARRAY(size); } } /* * Copy text to output buffer, and add HTML markup for the style records */ int maxOutputSize = textLength + (numStyleRecords * NUM_FACE_STYLE_FLAGS * (MAX_OPEN_TAG_SIZE + MAX_CLOSE_TAG_SIZE)); hb_buffer_t *out = hb_buffer_init( maxOutputSize ); if ( out == NULL ) goto fail; uint8_t *dst = out->data; int charIndex = 0; for ( pos = text, end = text + textLength; pos < end; pos++ ) { if (IS_10xxxxxx(*pos)) { // Is a non-first byte of a multi-byte UTF-8 character WRITE_CHAR(*pos); continue; // ...without incrementing 'charIndex' } uint8_t plusStyles = startStyle[charIndex]; uint8_t minusStyles = endStyle[charIndex]; if (minusStyles & UNDERLINE) WRITE_END_TAG('u'); if (minusStyles & ITALIC) WRITE_END_TAG('i'); if (minusStyles & BOLD) WRITE_END_TAG('b'); if (plusStyles & BOLD) WRITE_START_TAG('b'); if (plusStyles & ITALIC) WRITE_START_TAG('i'); if (plusStyles & UNDERLINE) WRITE_START_TAG('u'); WRITE_CHAR(*pos); charIndex++; } // Trim output buffer to the actual amount of data written out->size = dst - out->data; // Copy metadata from the input packet to the output packet out->s.start = in->s.start; out->s.stop = in->s.stop; fail: free( startStyle ); free( endStyle ); return out; }