/***************************************************************************
* PacketElement.h -- The PacketElement Class is a generic class that *
* represents a protocol header or a part of a network packet. Many other *
* classes inherit from it (NetworkLayerElement, TransportLayerElement, *
* etc). *
* *
***********************IMPORTANT NMAP LICENSE TERMS************************
* *
* The Nmap Security Scanner is (C) 1996-2012 Insecure.Com LLC. Nmap is *
* also a registered trademark of Insecure.Com LLC. This program is free *
* software; you may redistribute and/or modify it under the terms of the *
* GNU General Public License as published by the Free Software *
* Foundation; Version 2 with the clarifications and exceptions described *
* below. This guarantees your right to use, modify, and redistribute *
* this software under certain conditions. If you wish to embed Nmap *
* technology into proprietary software, we sell alternative licenses *
* (contact sales@insecure.com). Dozens of software vendors already *
* license Nmap technology such as host discovery, port scanning, OS *
* detection, version detection, and the Nmap Scripting Engine. *
* *
* Note that the GPL places important restrictions on "derived works", yet *
* it does not provide a detailed definition of that term. To avoid *
* misunderstandings, we interpret that term as broadly as copyright law *
* allows. For example, we consider an application to constitute a *
* "derivative work" for the purpose of this license if it does any of the *
* following: *
* o Integrates source code from Nmap *
* o Reads or includes Nmap copyrighted data files, such as *
* nmap-os-db or nmap-service-probes. *
* o Executes Nmap and parses the results (as opposed to typical shell or *
* execution-menu apps, which simply display raw Nmap output and so are *
* not derivative works.) *
* o Integrates/includes/aggregates Nmap into a proprietary executable *
* installer, such as those produced by InstallShield. *
* o Links to a library or executes a program that does any of the above *
* *
* The term "Nmap" should be taken to also include any portions or derived *
* works of Nmap, as well as other software we distribute under this *
* license such as Zenmap, Ncat, and Nping. This list is not exclusive, *
* but is meant to clarify our interpretation of derived works with some *
* common examples. Our interpretation applies only to Nmap--we don't *
* speak for other people's GPL works. *
* *
* If you have any questions about the GPL licensing restrictions on using *
* Nmap in non-GPL works, we would be happy to help. As mentioned above, *
* we also offer alternative license to integrate Nmap into proprietary *
* applications and appliances. These contracts have been sold to dozens *
* of software vendors, and generally include a perpetual license as well *
* as providing for priority support and updates. They also fund the *
* continued development of Nmap. Please email sales@insecure.com for *
* further information. *
* *
* As a special exception to the GPL terms, Insecure.Com LLC grants *
* permission to link the code of this program with any version of the *
* OpenSSL library which is distributed under a license identical to that *
* listed in the included docs/licenses/OpenSSL.txt file, and distribute *
* linked combinations including the two. You must obey the GNU GPL in all *
* respects for all of the code used other than OpenSSL. If you modify *
* this file, you may extend this exception to your version of the file, *
* but you are not obligated to do so. *
* *
* If you received these files with a written license agreement or *
* contract stating terms other than the terms above, then that *
* alternative license agreement takes precedence over these comments. *
* *
* Source is provided to this software because we believe users have a *
* right to know exactly what a program is going to do before they run it. *
* This also allows you to audit the software for security holes (none *
* have been found so far). *
* *
* Source code also allows you to port Nmap to new platforms, fix bugs, *
* and add new features. You are highly encouraged to send your changes *
* to nmap-dev@insecure.org for possible incorporation into the main *
* distribution. By sending these changes to Fyodor or one of the *
* Insecure.Org development mailing lists, or checking them into the Nmap *
* source code repository, it is understood (unless you specify otherwise) *
* that you are offering the Nmap Project (Insecure.Com LLC) the *
* unlimited, non-exclusive right to reuse, modify, and relicense the *
* code. Nmap will always be available Open Source, but this is important *
* because the inability to relicense code has caused devastating problems *
* for other Free Software projects (such as KDE and NASM). We also *
* occasionally relicense the code to third parties as discussed above. *
* If you wish to specify special license conditions of your *
* contributions, just say so when you send them. *
* *
* This program is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
* General Public License v2.0 for more details at *
* http://www.gnu.org/licenses/gpl-2.0.html , or in the COPYING file *
* included with Nmap. *
* *
***************************************************************************/
/* This code was originally part of the Nping tool. */
#ifndef PACKETELEMENT_H
#define PACKETELEMENT_H 1
#include "nbase.h"
#include "netutil.h"
#define HEADER_TYPE_IPv6_HOPOPT 0 /* IPv6 Hop-by-Hop Option */
#define HEADER_TYPE_ICMPv4 1 /* ICMP Internet Control Message */
#define HEADER_TYPE_IGMP 2 /* IGMP Internet Group Management */
#define HEADER_TYPE_IPv4 4 /* IPv4 IPv4 encapsulation */
#define HEADER_TYPE_TCP 6 /* TCP Transmission Control */
#define HEADER_TYPE_EGP 8 /* EGP Exterior Gateway Protocol */
#define HEADER_TYPE_UDP 17 /* UDP User Datagram */
#define HEADER_TYPE_IPv6 41 /* IPv6 IPv6 encapsulation */
#define HEADER_TYPE_IPv6_ROUTE 43 /* IPv6-Route Routing Header for IPv6 */
#define HEADER_TYPE_IPv6_FRAG 44 /* IPv6-Frag Fragment Header for IPv6 */
#define HEADER_TYPE_GRE 47 /* GRE General Routing Encapsulation */
#define HEADER_TYPE_ESP 50 /* ESP Encap Security Payload */
#define HEADER_TYPE_AH 51 /* AH Authentication Header */
#define HEADER_TYPE_ICMPv6 58 /* IPv6-ICMP ICMP for IPv6 */
#define HEADER_TYPE_IPv6_NONXT 59 /* IPv6-NoNxt No Next Header for IPv6 */
#define HEADER_TYPE_IPv6_OPTS 60 /* IPv6-Opts IPv6 Destination Options */
#define HEADER_TYPE_EIGRP 88 /* EIGRP */
#define HEADER_TYPE_ETHERNET 97 /* Ethernet */
#define HEADER_TYPE_L2TP 115 /* L2TP Layer Two Tunneling Protocol */
#define HEADER_TYPE_SCTP 132 /* SCTP Stream Control Transmission P. */
#define HEADER_TYPE_IPv6_MOBILE 135 /* Mobility Header */
#define HEADER_TYPE_MPLS_IN_IP 137 /* MPLS-in-IP */
#define HEADER_TYPE_ARP 2054 /* ARP Address Resolution Protocol */
#define HEADER_TYPE_ICMPv6_OPTION 9997 /* ICMPv6 option */
#define HEADER_TYPE_NEP 9998 /* Nping Echo Protocol */
#define HEADER_TYPE_RAW_DATA 9999 /* Raw unknown data */
#define PRINT_DETAIL_LOW 1
#define PRINT_DETAIL_MED 2
#define PRINT_DETAIL_HIGH 3
#define DEFAULT_PRINT_DETAIL (PRINT_DETAIL_LOW)
#define DEFAULT_PRINT_DESCRIPTOR stdout
class PacketElement {
protected:
int length;
PacketElement *next; /**< Next PacketElement (next proto header) */
PacketElement *prev; /**< Prev PacketElement (previous proto header) */
public:
PacketElement();
virtual ~PacketElement(){
} /* End of PacketElement destructor */
/** This function MUST be overwritten on ANY class that inherits from
* this one. Otherwise getBinaryBuffer will fail */
virtual u8 * getBufferPointer(){
netutil_fatal("getBufferPointer(): Attempting to use superclass PacketElement method.\n");
return NULL;
} /* End of getBufferPointer() */
/** Returns a buffer that contains the header of the packet + all the
* lower level headers and payload. Returned buffer should be ok to be
* passes to a send() call to be transferred trough a socket.
* @return a pointer to a free()able buffer that contains packet's binary
* data.
* @warning If there are linked elements, their getBinaryBuffer() method
* will be called recursively and the buffers that they return WILL be
* free()d as soon as we copy the data in our own allocated buffer.
* @warning Calls to this method may not ve very efficient since they
* always involved a few malloc()s and free()s. If you want efficiency
* use dumpToBinaryBuffer(); */
virtual u8 * getBinaryBuffer(){
u8 *ourbuff=NULL;
u8 *othersbuff=NULL;
u8 *totalbuff=NULL;
long otherslen=0;
/* Get our own buffer address */
if ( (ourbuff=getBufferPointer()) == NULL ){
netutil_fatal("getBinaryBuffer(): Couldn't get own data pointer\n");
}
if( next != NULL ){ /* There is some other packet element */
othersbuff = next->getBinaryBuffer();
otherslen=next->getLen();
totalbuff=(u8 *)safe_zalloc(otherslen + length);
memcpy(totalbuff, ourbuff, length);
memcpy(totalbuff+length, othersbuff, otherslen);
free(othersbuff);
}else{
totalbuff=(u8 *)safe_zalloc(length);
memcpy(totalbuff, ourbuff, length);
}
return totalbuff;
} /* End of getBinaryBuffer() */
virtual int dumpToBinaryBuffer(u8* dst, int maxlen){
u8 *ourbuff=NULL;
long ourlength=0;
/* Get our own buffer address and length */
if ( (ourbuff=getBufferPointer()) == NULL || (ourlength=this->length) < 0 )
netutil_fatal("getBinaryBuffer(): Couldn't get own data pointer\n");
/* Copy our part of the buffer */
if ( maxlen < ourlength )
netutil_fatal("getBinaryBuffer(): Packet exceeds maximum length %d\n", maxlen);
memcpy( dst, ourbuff, ourlength);
/* If there are more elements, tell them to copy their part */
if( next!= NULL ){
next->dumpToBinaryBuffer(dst+ourlength, maxlen-ourlength);
}
return this->getLen();
} /* End of dumpToBinaryBuffer() */
/** Does the same as the previous one but it stores the length of the
* return buffer on the memory pointed by the supplied int pointer. */
virtual u8 * getBinaryBuffer(int *len){
u8 *buff = getBinaryBuffer();
if( len != NULL )
*len = getLen();
return buff;
} /* End of getBinaryBuffer() */
/** Returns the lenght of this PacketElement + the length of all the
* PacketElements that are next to it (are linked trough the "next"
* attribute). So for example, if we have IPv4Header p1, linked to
* a TCPHeader p2, representing a simple TCP SYN with no options,
* a call to p1.getLen() will return 20 (IP header with no options) + 20
* (TCP header with no options) = 40 bytes. */
int getLen() const {
/* If we have some other packet element linked, get its length */
if (next!=NULL)
return length + next->getLen();
else
return length;
} /* End of getLen() */
/** Returns the address of the next PacketElement that is linked to this */
virtual PacketElement *getNextElement() const {
return next;
} /* End of getNextElement() */
/** Links current object with the next header in the protocol chain. Note
* that this method also links the next element with this one, calling
* setPrevElement(). */
virtual int setNextElement(PacketElement *n){
next=n;
if(next!=NULL)
next->setPrevElement(this);
return OP_SUCCESS;
} /* End of setNextElement() */
/** Sets attribute prev with the supplied pointer value.
* @warning Supplied pointer must point to a PacketElement object or
* an object that inherits from it. */
virtual int setPrevElement(PacketElement *n){
this->prev=n;
return OP_SUCCESS;
} /* End of setPrevElement() */
/** Returns the address of the previous PacketElement that is linked to
* this one.
* @warning In many cases this function will return NULL since there is
* a high probability that the user of this class does not link
* PacketElements in both directions. Normally one would set attribute
* "next" of an IPHeader object to the TCPHeader that follows it, but
* not the other way around. */
virtual PacketElement *getPrevElement(){
return prev;
} /* End of getPrevElement() */
/** This method should be overwritten by any class that inherits from
* PacketElement. It should print the object contents and then call
* this->next->print(), providing this->next!=NULL */
virtual int print(FILE *output, int detail) const {
if(this->next!=NULL)
this->next->print(output, detail);
return OP_SUCCESS;
} /* End of printf() */
virtual int print() const {
return print(DEFAULT_PRINT_DESCRIPTOR, DEFAULT_PRINT_DETAIL);
}
virtual int print(int detail) const {
return print(DEFAULT_PRINT_DESCRIPTOR, detail);
}
virtual void print_separator(FILE *output, int detail) const {
fprintf(output, " ");
}
/* Returns the type of protocol an object represents. This method MUST
* be overwritten by all children. */
virtual int protocol_id() const = 0;
};
#endif