From 92eac4c690af4884dd331437e620253a02396a47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20J=C3=A4ger?= Date: Mon, 16 Apr 2018 13:01:29 +0200 Subject: [PATCH] Read TPKT/COTP packets / Read MaxPDU size from PLC Read responses from the PLS using classes for TPKT and COPT. This makes the communication more robust. It will now handle empty COTP packets that SoftPLS and WinAC based PLCs send out. I use RFC names for functions and classes. Change logic to use COTP and S7Comm reponse codes instead of relying on packet sizes. Read Max PDU size from connection setup. Ref #21 I did some test on using this limit. But i met a wall when testing against snap7 so i decided to drop changes to read/write size. I have done some tests against WinAC cpu and it seems to handle bigger pdu's if negotiated in the connection setup. This might just be a SNAP7 bug. --- S7.Net/COTP.cs | 99 ++++++++++++++++++++++++++++++++++++++++++++ S7.Net/PLC.cs | 60 +++++++++++++++++---------- S7.Net/S7.Net.csproj | 2 + S7.Net/TPKT.cs | 49 ++++++++++++++++++++++ 4 files changed, 189 insertions(+), 21 deletions(-) create mode 100644 S7.Net/COTP.cs create mode 100644 S7.Net/TPKT.cs diff --git a/S7.Net/COTP.cs b/S7.Net/COTP.cs new file mode 100644 index 00000000..320b5748 --- /dev/null +++ b/S7.Net/COTP.cs @@ -0,0 +1,99 @@ +using System; +using System.IO; +using System.Net.Sockets; + +namespace S7.Net +{ + + /// + /// COTP Protocol functions and types + /// + internal class COTP + { + /// + /// Describes a COTP TPDU (Transport protocol data unit) + /// + public class TPDU + { + public byte HeaderLength; + public byte PDUType; + public int TPDUNumber; + public byte[] Data; + public bool LastDataUnit; + + public TPDU(TPKT tPKT) + { + var br = new BinaryReader(new MemoryStream(tPKT.Data)); + HeaderLength = br.ReadByte(); + if (HeaderLength >= 2) + { + PDUType = br.ReadByte(); + if (PDUType == 0xf0) //DT Data + { + var flags = br.ReadByte(); + TPDUNumber = flags & 0x7F; + LastDataUnit = (flags & 0x80) > 0; + Data = br.ReadBytes(tPKT.Length - HeaderLength - 4); //4 = TPKT Size + return; + } + //TODO: Handle other PDUTypes + } + Data = new byte[0]; + } + + /// + /// Reads COTP TPDU (Transport protocol data unit) from the network stream + /// See: https://tools.ietf.org/html/rfc905 + /// + /// The socket to read from + /// COTP DPDU instance + public static TPDU Read(Socket socket) + { + var tpkt = TPKT.Read(socket); + Console.WriteLine(tpkt); + if (tpkt.Length > 0) return new TPDU(tpkt); + return null; + } + + public override string ToString() + { + return string.Format("Length: {0} PDUType: {1} TPDUNumber: {2} Last: {3} Segment Data: {4}", + HeaderLength, + PDUType, + TPDUNumber, + LastDataUnit, + BitConverter.ToString(Data) + ); + } + + } + + /// + /// Describes a COTP TSDU (Transport service data unit). One TSDU consist of 1 ore more TPDUs + /// + public class TSDU + { + /// + /// Reads the full COTP TSDU (Transport service data unit) + /// See: https://tools.ietf.org/html/rfc905 + /// + /// Data in TSDU + public static byte[] Read(Socket socket) + { + var segment = TPDU.Read(socket); + + if (segment == null) return null; + + var output = new MemoryStream(segment.Data.Length); + output.Write(segment.Data, 0, segment.Data.Length); + + while (!segment.LastDataUnit) + { + segment = TPDU.Read(socket); + output.Write(segment.Data, (int)output.Position, segment.Data.Length); + } + return output.GetBuffer(); + } + } + } +} diff --git a/S7.Net/PLC.cs b/S7.Net/PLC.cs index 5194071f..326a3c80 100644 --- a/S7.Net/PLC.cs +++ b/S7.Net/PLC.cs @@ -38,6 +38,11 @@ public class Plc : IDisposable /// Slot of the CPU of the PLC /// public Int16 Slot { get; private set; } + + /// + /// Max PDU size this cpu supports + /// + public Int16 MaxPDUSize { get; set; } /// /// Returns true if a connection to the PLC can be established @@ -116,6 +121,7 @@ public Plc(CpuType cpu, string ip, Int16 rack, Int16 slot) IP = ip; Rack = rack; Slot = slot; + MaxPDUSize = 240; } private ErrorCode Connect(Socket socket) @@ -232,10 +238,15 @@ public ErrorCode Open() throw new Exception(ErrorCode.WrongNumberReceivedBytes.ToString()); } - byte[] bsend2 = { 3, 0, 0, 25, 2, 240, 128, 50, 1, 0, 0, 255, 255, 0, 8, 0, 0, 240, 0, 0, 3, 0, 3, 1, 0 }; + //S7ComSetup + byte[] bsend2 = { 3, 0, 0, 25, 2, 240, 128, 50, 1, 0, 0, 255, 255, 0, 8, 0, 0, 240, 0, 0, 3, 0, 3, + 7, 80 //Try 1920 PDU Size. Same as libnodave. + }; + _mSocket.Send(bsend2, 25, SocketFlags.None); - if (_mSocket.Receive(bReceive, 27, SocketFlags.None) != 27) + var s7data = COTP.TSDU.Read(_mSocket); + if (s7data == null || s7data[1] != 0x03) //Check for S7 Ack Data { throw new Exception(ErrorCode.WrongNumberReceivedBytes.ToString()); } @@ -273,7 +284,11 @@ public void Close() public void ReadMultipleVars(List dataItems) { int cntBytes = dataItems.Sum(dataItem => VarTypeToByteLength(dataItem.VarType, dataItem.Count)); - + + + //TODO: Figure out how to use MaxPDUSize here + //Snap7 seems to choke on PDU sizes above 256 even if snap7 + //replies with bigger PDU size in connection setup. if (dataItems.Count > 20) throw new Exception("Too many vars requested"); if (cntBytes > 222) @@ -293,12 +308,11 @@ public void ReadMultipleVars(List dataItems) _mSocket.Send(package.array, package.array.Length, SocketFlags.None); - byte[] bReceive = new byte[512]; - int numReceived = _mSocket.Receive(bReceive, 512, SocketFlags.None); - if (bReceive[21] != 0xff) + var s7data = COTP.TSDU.Read(_mSocket); + if (s7data == null || s7data[14] != 0xff) throw new Exception(ErrorCode.WrongNumberReceivedBytes.ToString()); - int offset = 25; + int offset = 18; foreach (var dataItem in dataItems) { int byteCnt = VarTypeToByteLength(dataItem.VarType, dataItem.Count); @@ -306,7 +320,7 @@ public void ReadMultipleVars(List dataItems) for (int i = 0; i < byteCnt; i++) { - bytes[i] = bReceive[i + offset]; + bytes[i] = s7data[i + offset]; } offset += byteCnt + 4; @@ -341,7 +355,11 @@ public byte[] ReadBytes(DataType dataType, int db, int startByteAdr, int count) int index = startByteAdr; while (count > 0) { - var maxToRead = (int)Math.Min(count, 200); + + //TODO: Figure out how to use MaxPDUSize here + //Snap7 seems to choke on PDU sizes above 256 even if snap7 + //replies with bigger PDU size in connection setup. + var maxToRead = (int)Math.Min(count, 200); byte[] bytes = ReadBytesWithASingleRequest(dataType, db, index, maxToRead); if (bytes == null) return resultBytes.ToArray(); @@ -618,7 +636,10 @@ public ErrorCode WriteBytes(DataType dataType, int db, int startByteAdr, byte[] int localIndex = 0; int count = value.Length; while (count > 0) - { + { + //TODO: Figure out how to use MaxPDUSize here + //Snap7 seems to choke on PDU sizes above 256 even if snap7 + //replies with bigger PDU size in connection setup. var maxToWrite = (int)Math.Min(count, 200); ErrorCode lastError = WriteBytesWithASingleRequest(dataType, db, startByteAdr + localIndex, value.Skip(localIndex).Take(maxToWrite).ToArray()); if (lastError != ErrorCode.NoError) @@ -1048,13 +1069,12 @@ private byte[] ReadBytesWithASingleRequest(DataType dataType, int db, int startB _mSocket.Send(package.array, package.array.Length, SocketFlags.None); - byte[] bReceive = new byte[512]; - int numReceived = _mSocket.Receive(bReceive, 512, SocketFlags.None); - if (bReceive[21] != 0xff) + var s7data = COTP.TSDU.Read(_mSocket); + if (s7data == null || s7data[14] != 0xff) throw new Exception(ErrorCode.WrongNumberReceivedBytes.ToString()); for (int cnt = 0; cnt < count; cnt++) - bytes[cnt] = bReceive[cnt + 25]; + bytes[cnt] = s7data[cnt + 18]; return bytes; } @@ -1114,8 +1134,8 @@ private ErrorCode WriteBytesWithASingleRequest(DataType dataType, int db, int st _mSocket.Send(package.array, package.array.Length, SocketFlags.None); - int numReceived = _mSocket.Receive(bReceive, 512, SocketFlags.None); - if (bReceive[21] != 0xff) + var s7data = COTP.TSDU.Read(_mSocket); + if (s7data == null || s7data[14] != 0xff) { throw new Exception(ErrorCode.WrongNumberReceivedBytes.ToString()); } @@ -1164,11 +1184,9 @@ private ErrorCode WriteBitWithASingleRequest(DataType dataType, int db, int star _mSocket.Send(package.array, package.array.Length, SocketFlags.None); - int numReceived = _mSocket.Receive(bReceive, 512, SocketFlags.None); - if (bReceive[21] != 0xff) - { - throw new Exception(ErrorCode.WrongNumberReceivedBytes.ToString()); - } + var s7data = COTP.TSDU.Read(_mSocket); + if (s7data == null || s7data[14] != 0xff) + throw new Exception(ErrorCode.WrongNumberReceivedBytes.ToString()); return ErrorCode.NoError; } diff --git a/S7.Net/S7.Net.csproj b/S7.Net/S7.Net.csproj index ac2ac198..bb2ababe 100644 --- a/S7.Net/S7.Net.csproj +++ b/S7.Net/S7.Net.csproj @@ -77,9 +77,11 @@ + + diff --git a/S7.Net/TPKT.cs b/S7.Net/TPKT.cs new file mode 100644 index 00000000..3ca9fd55 --- /dev/null +++ b/S7.Net/TPKT.cs @@ -0,0 +1,49 @@ +using System; +using System.Net.Sockets; + +namespace S7.Net +{ + + /// + /// Describes a TPKT Packet + /// + internal class TPKT + { + public byte Version; + public byte Reserved1; + public int Length; + public byte[] Data; + + /// + /// Reds a TPKT from the socket + /// + /// The socket to read from + /// TPKT Instace + public static TPKT Read(Socket socket) + { + var buf = new byte[4]; + socket.Receive(buf, 4, SocketFlags.None); + var pkt = new TPKT + { + Version = buf[0], + Reserved1 = buf[1], + Length = buf[2] * 256 + buf[3] //BigEndian + }; + if (pkt.Length > 0) + { + pkt.Data = new byte[pkt.Length - 4]; + socket.Receive(pkt.Data, pkt.Length - 4, SocketFlags.None); + } + return pkt; + } + + public override string ToString() + { + return string.Format("Version: {0} Length: {1} Data: {2}", + Version, + Length, + BitConverter.ToString(Data) + ); + } + } +}