Packet forgery support for IPv6 (TCP & IPv6 packets)

git-svn-id: svn+ssh://scm.wald.intevation.org/openvas/trunk/openvas-libraries@7207 423fd1db-d629-0410-8442-d21db03e70f4
greenbone · Apr 2, 2010 · ddef947 · ddef947
1 parent cfaab8e
commit ddef947
Show file tree

Hide file tree

Showing 8 changed files with 1,165 additions and 60 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,24 @@
+2010-04-02  Preeti Subramanian <spreeti@secpod.com>
+	Packet Forgery support for IPv6.
+
+	* nasl/capture_packet.c (init_v6_capture_device,
+	capture_next_v6_packet): Added new functions.
+
+	* nasl/capture_packet.h (init_v6_capture_device,
+	capture_next_v6_packet): Added new functions.
+
+	* nasl/nasl_packet_forgery.c (nasl_tcp_ping, nasl_pcap_next,
+	nasl_send_capture): Modified to support IPv6.
+
+	* nasl/nasl_packet_forgery_v6.c: Added new module.
+
+	* nasl/nasl_packet_forgery_v6.h: Added new.
+
+	* nasl/CMakeLists.txt: Included nasl_packet_forgery_v6.c.
+
+	* nasl/nasl_init.c: Updated newly added functions from
+	nasl_packet_forgery_v6.c
+
 2010-03-31  Michael Wiegand <michael.wiegand@intevation.de>
 
 	* misc/store.c (store_load_plugin): Load tags and xrefs into the arglist

diff --git a/nasl/CMakeLists.txt b/nasl/CMakeLists.txt
@@ -152,7 +152,7 @@ ADD_CUSTOM_COMMAND (
 set (FILES capture_packet.c exec.c hmacmd5.c lint.c lsearch.c md5.c nasl.c
      nasl_cmd_exec.c nasl_crypto2.c nasl_crypto.c nasl_debug.c nasl_func.c
      nasl_grammar.tab.c nasl_host.c nasl_http.c nasl_init.c nasl_lex_ctxt.c
-     nasl_misc_funcs.c nasl_scanner_glue.c nasl_packet_forgery.c
+     nasl_misc_funcs.c nasl_scanner_glue.c nasl_packet_forgery.c nasl_packet_forgery_v6.c
      nasl_signature.c nasl_smb.c nasl_socket.c nasl_text_utils.c nasl_tree.c
      nasl_var.c nasl_wmi.c preparse.c regex.c strutils.c smb_crypt.c smb_crypt2.c)
 

diff --git a/nasl/capture_packet.c b/nasl/capture_packet.c
@@ -133,3 +133,100 @@ struct ip * capture_next_packet(int bpf, int timeout, int * sz)
   }
  return((struct ip*)ret);
 }
+
+
+int init_v6_capture_device(struct in6_addr src, struct in6_addr dst, char * filter)
+{
+  int ret = -1;
+  char * interface = NULL;
+  char * a_dst, *a_src;
+  int free_filter = 0;
+  char name[INET6_ADDRSTRLEN];
+  char errbuf[PCAP_ERRBUF_SIZE];
+
+  a_src = estrdup(inet_ntop(AF_INET6, &src, name, INET6_ADDRSTRLEN));
+  a_dst = estrdup(inet_ntop(AF_INET6, &dst, name, INET6_ADDRSTRLEN));
+
+  if((filter == NULL) || (filter[0]=='\0') || (filter[0]=='0'))
+  {
+    filter = emalloc(256);
+    free_filter = 1;
+    if(v6_islocalhost(&src) == 0)
+      snprintf(filter, 256, "ip and (src host %s and dst host %s", a_src, a_dst);
+  }
+  else {
+    if(v6_islocalhost(&src) == 0)
+      filter = estrdup(filter);
+    else
+      filter = emalloc(1);
+    free_filter = 1;
+  }
+
+  efree(&a_dst);
+  efree(&a_src);
+
+  if((interface = v6_routethrough(&src, &dst))||
+    (interface = pcap_lookupdev(errbuf)))
+      ret = bpf_open_live(interface, filter);
+
+  if(free_filter != 0)
+    efree(&filter);
+
+  return ret;
+}
+
+
+struct ip6_hdr * capture_next_v6_packet(int bpf, int timeout, int * sz)
+{
+  int len;
+  int dl_len;
+  char * packet = NULL;
+  char * ret = NULL;
+  struct timeval past, now, then;
+  struct timezone tz;
+
+  if(bpf < 0)
+    return NULL;
+
+  dl_len =  get_datalink_size(bpf_datalink(bpf));
+  bzero(&past, sizeof(past));
+  bzero(&now, sizeof(now));
+  gettimeofday(&then, &tz);
+
+  for(;;)
+  {
+    bcopy(&then, &past, sizeof(then));
+    packet = (char*)bpf_next(bpf, &len);
+
+    if(packet != NULL)
+      break;
+
+    gettimeofday(&now, &tz);
+    if(now.tv_usec < past.tv_usec)
+    {
+      past.tv_sec ++;
+      now.tv_usec += 1000000;
+    }
+
+    if(timeout > 0)
+    {
+      if((now.tv_sec - past.tv_sec) >= timeout)
+        break;
+    }
+    else break;
+  }
+
+  if(packet != NULL)
+  {
+    struct ip6_hdr * ip6;
+    ip6 = (struct ip6_hdr *)(packet + dl_len);
+#ifdef BSD_BYTE_ORDERING
+    ip6->ip6_plen = ntohs(ip6->ip6_plen);
+#endif
+    ret = emalloc(len - dl_len);
+    bcopy(ip6, ret, len -  dl_len);
+    if(sz != NULL)*sz = len - dl_len;
+  }
+
+  return((struct ip6_hdr*)ret);
+}
diff --git a/nasl/capture_packet.h b/nasl/capture_packet.h
@@ -20,8 +20,11 @@
 #define CAPTURE_PACKET_H
 
 #include <netinet/in.h>
+#include <netinet/ip6.h>
 
 int init_capture_device(struct in_addr, struct in_addr, char *);
 struct ip * capture_next_packet(int, int, int *);
 
+int init_v6_capture_device(struct in6_addr, struct in6_addr, char *);
+struct ip6_hdr * capture_next_v6_packet(int, int, int *);
 #endif
diff --git a/nasl/nasl_init.c b/nasl/nasl_init.c
@@ -46,6 +46,7 @@
 #include "nasl_crypto2.h"
 #include "nasl_wmi.h"
 #include "nasl_smb.h"
+#include "nasl_packet_forgery_v6.h"
 
 
 /* **************************************************************** */
@@ -204,29 +205,50 @@ static init_func libfuncs[] = {
   { "forge_ip_packet",	forge_ip_packet, 0, 
     { "data", "ip_dst", "ip_hl", "ip_id", "ip_len", "ip_off", "ip_p", 
       "ip_src", "ip_sum", "ip_tos", "ip_ttl", "ip_v", NULL } },
+  { "forge_ipv6_packet", forge_ipv6_packet, 0, 
+    { "data", "ip6_dst", "ip6_fl", "ip6_hlim", "ip6_p", "ip6_src", 
+      "ip6_tc", "ip6_v", NULL } },
 
   { "get_ip_element",	get_ip_element, 0, { "element", "ip", NULL } },
+  { "get_ipv6_element",	get_ipv6_element, 0, { "element", "ipv6", NULL } },
+
   { "set_ip_elements",	set_ip_elements, 0, 
     { "ip", "ip_dst", "ip_hl", "ip_id", 
       "ip_len", "ip_off", "ip_p", "ip_src", 
       "ip_sum", "ip_tos", "ip_ttl", "ip_v", NULL } },
+  { "set_ipv6_elements", set_ipv6_elements, 0,
+    { "ip6", "ip6_dst", "ip6_fl", "ip6_hlim", "ip6_nxt", "ip6_plen",
+      "ip6_src", "ip6_tc", "ip6_v", NULL } },
 
   { "insert_ip_options", insert_ip_options, 0, { "code", "ip", "length", "value", NULL} },
   { "dump_ip_packet", dump_ip_packet, 9999, { NULL } },
+  { "dump_ipv6_packet", dump_ipv6_packet, 9999, { NULL } },
 
   { "forge_tcp_packet", forge_tcp_packet, 0,
     { "data", "ip", "th_ack", "th_dport", "th_flags", "th_off", "th_seq",
       "th_sport", "th_sum", "th_urp", "th_win", "th_x2", "update_ip_len", NULL } },
+  { "forge_tcp_v6_packet", forge_tcp_v6_packet, 0,
+    { "data", "ip6", "th_ack", "th_dport", "th_flags", "th_off",
+      "th_seq", "th_sport", "th_sum", "th_urp", 
+      "th_win", "th_x2", NULL } },
 
   { "get_tcp_element", get_tcp_element, 0,
     { "element", "tcp", NULL } },
+  { "get_tcp_v6_element", get_tcp_v6_element, 0,
+    { "element", "tcp", NULL } },
 
   { "set_tcp_elements", set_tcp_elements, 0, 
     { "data", "tcp", "th_ack", "th_dport", "th_flags", "th_off", "th_seq",
       "th_sport", "th_sum", "th_urp", "th_win", "th_x2", NULL } },
+  { "set_tcp_v6_elements", set_tcp_v6_elements, 0,
+    { "data", "tcp", "th_ack", "th_dport",
+      "th_flags", "th_off", "th_seq", "th_sport",
+      "th_sum", "th_urp", "th_win", "th_x2", NULL } },
 
   { "dump_tcp_packet", dump_tcp_packet, 999, { NULL } },
+  { "dump_tcp_v6_packet", dump_tcp_v6_packet, 999, { NULL } },
   { "tcp_ping", nasl_tcp_ping, 0, { "port", NULL } },
+  { "tcp_v6_ping", nasl_tcp_v6_ping, 0, { "port", NULL } },
 
   { "forge_udp_packet", forge_udp_packet, 0,
     { "data", "ip", "uh_dport", "uh_sport", "uh_sum", "uh_ulen", "update_ip_len", NULL } },
@@ -250,6 +272,8 @@ static init_func libfuncs[] = {
     { "code", "data", "group", "ip", "type", "update_ip_len", NULL } },
   { "send_packet", nasl_send_packet, 99, 
     { "length", "pcap_active", "pcap_filter", "pcap_timeout", NULL } },
+  { "send_v6packet", nasl_send_v6packet, 99,
+    { "length", "pcap_active", "pcap_filter", "pcap_timeout", NULL } },
 
   { "pcap_next", nasl_pcap_next, 1, { "interface", "pcap_filter", "timeout", NULL} },
   { "send_capture", nasl_send_capture, 1,