fix(dc-wireshark): parse all packet types in TCP (#2252)

aws · Jun 14, 2024 · 3cd4c28 · 3cd4c28
1 parent d8ee4e6
commit 3cd4c28
Show file tree

Hide file tree

Showing 7 changed files with 60 additions and 15 deletions.
diff --git a/dc/wireshark/pcaps/secret-control-tcp.pcapng b/dc/wireshark/pcaps/secret-control-tcp.pcapng
diff --git a/dc/wireshark/pcaps/secret-control-udp.pcapng b/dc/wireshark/pcaps/secret-control-udp.pcapng
diff --git a/dc/wireshark/src/dissect.rs b/dc/wireshark/src/dissect.rs
@@ -11,13 +11,21 @@ use s2n_codec::DecoderBufferMut;
 use s2n_quic_core::{frame::FrameMut, varint::VarInt};
 use s2n_quic_dc::packet::{self, stream};
 
-pub fn udp_segment<T: Node>(
+#[derive(Clone, Copy, Debug)]
+#[allow(dead_code)]
+pub enum Protocol {
+    Tcp,
+    Udp,
+}
+
+pub fn segment<T: Node>(
     tree: &mut T,
     root: &mut impl Item,
     fields: &Registration,
     ptag: Parsed<packet::Tag>,
     buffer: &mut Buffer,
     info: &mut impl Info,
+    protocol: Protocol,
 ) -> Option<()> {
     match ptag.value {
         packet::Tag::Stream(tag) => {
@@ -26,12 +34,18 @@ pub fn udp_segment<T: Node>(
             stream(tree, fields, tag, buffer, info)
         }
         packet::Tag::Control(tag) => {
-            root.append_text(c" Control");
+            match protocol {
+                Protocol::Tcp => root.append_text(c" Control (UNEXPECTED)"),
+                Protocol::Udp => root.append_text(c" Control"),
+            }
             let tag = ptag.map(|_| tag);
             control(tree, fields, tag, buffer, info)
         }
         packet::Tag::Datagram(tag) => {
-            root.append_text(c" Datagram");
+            match protocol {
+                Protocol::Tcp => root.append_text(c" Datagram (UNEXPECTED)"),
+                Protocol::Udp => root.append_text(c" Datagram"),
+            }
             let tag = ptag.map(|_| tag);
             datagram(tree, fields, tag, buffer, info)
         }
@@ -474,7 +488,7 @@ pub fn secret_control<T: Node>(
 
     match tag.value {
         packet::Tag::UnknownPathSecret(_) => {
-            item.append_text(c"UnknownPathSecret");
+            item.append_text(c" (UnknownPathSecret)");
 
             let path_secret_id = buffer.consume_bytes(16)?;
             path_secret_id.record(buffer, tree, fields.path_secret_id);
@@ -488,7 +502,7 @@ pub fn secret_control<T: Node>(
             Some(())
         }
         packet::Tag::StaleKey(_) => {
-            item.append_text(c"StaleKey");
+            item.append_text(c" (StaleKey)");
 
             let path_secret_id = buffer.consume_bytes(16)?;
             path_secret_id.record(buffer, tree, fields.path_secret_id);
@@ -505,7 +519,7 @@ pub fn secret_control<T: Node>(
             Some(())
         }
         packet::Tag::ReplayDetected(_) => {
-            item.append_text(c"ReplayDetected");
+            item.append_text(c" (ReplayDetected)");
 
             let path_secret_id = buffer.consume_bytes(16)?;
             path_secret_id.record(buffer, tree, fields.path_secret_id);

diff --git a/dc/wireshark/src/plugin.rs b/dc/wireshark/src/plugin.rs
@@ -99,9 +99,15 @@ unsafe extern "C" fn dissect_heur_udp(
             break;
         };
         let (mut tree, mut root) = register_root_node(proto, &buffer, fields);
-        let Some(()) =
-            dissect::udp_segment(&mut tree, &mut root, fields, tag, &mut buffer, &mut info)
-        else {
+        let Some(()) = dissect::segment(
+            &mut tree,
+            &mut root,
+            fields,
+            tag,
+            &mut buffer,
+            &mut info,
+            dissect::Protocol::Udp,
+        ) else {
             break;
         };
 
@@ -146,8 +152,15 @@ unsafe extern "C" fn dissect_heur_tcp(
         };
 
         let (mut tree, mut root) = register_root_node(proto, &buffer, fields);
-        root.append_text(c" Stream");
-        let parse_res = dissect::stream(&mut tree, fields, tag, &mut buffer, &mut info);
+        let parse_res = dissect::segment(
+            &mut tree,
+            &mut root,
+            fields,
+            tag,
+            &mut buffer,
+            &mut info,
+            dissect::Protocol::Tcp,
+        );
         wireshark_sys::proto_item_set_len(root, (buffer.offset - stream_frame_start) as i32);
         if parse_res.is_none() {
             // Start parsing again from the head of this stream...

diff --git a/dc/wireshark/src/test.rs b/dc/wireshark/src/test.rs
@@ -533,7 +533,7 @@ fn random_stream_packets() {
 }
 
 #[test]
-fn random_udp_packets() {
+fn random_segments() {
     // Initialize field IDs.
     let _ = crate::field::get();
 
@@ -545,7 +545,15 @@ fn random_udp_packets() {
             return;
         };
         // May fail to parse, but shouldn't panic.
-        let _ = dissect::udp_segment(&mut tracker, &mut (), fields, tag, &mut buffer, &mut ());
+        let _ = dissect::segment(
+            &mut tracker,
+            &mut (),
+            fields,
+            tag,
+            &mut buffer,
+            &mut (),
+            dissect::Protocol::Udp,
+        );
     });
 }
 

diff --git a/dc/wireshark/xtask/Cargo.toml b/dc/wireshark/xtask/Cargo.toml
@@ -6,4 +6,5 @@ publish = false
 
 [dependencies]
 clap = { version = "4", features = ["derive"] }
+homedir = "0.2"
 xshell = "0.2"
diff --git a/dc/wireshark/xtask/src/main.rs b/dc/wireshark/xtask/src/main.rs
@@ -192,7 +192,10 @@ impl Install {
         Build::default().run(sh)?;
 
         let dir = if cfg!(unix) {
-            format!("~/.local/lib/wireshark/{}", plugin_dir())
+            homedir::get_my_home()?
+                .expect("missing home dir")
+                .join(".local/lib/wireshark")
+                .join(plugin_dir())
         } else {
             todo!("OS is currently unsupported")
         };
@@ -202,7 +205,7 @@ impl Install {
         sh.copy_file(
             format!("target/release/libwireshark_dcquic.{so}"),
             // wireshark always looks for `.so`, regardless of platform
-            format!("{dir}/libdcquic.so"),
+            dir.join("libdcquic.so"),
         )?;
 
         Ok(())