OpenVAS Libraries  9.0.3
ids_send.c File Reference
#include <stdarg.h>
#include <string.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <arpa/inet.h>
#include "arglists.h"
#include "bpf_share.h"
#include "ids_send.h"
#include "network.h"
#include "pcap_openvas.h"
#include "plugutils.h"
#include "openvas_logging.h"
#include "support.h"
Include dependency graph for ids_send.c:

Go to the source code of this file.

Data Structures

struct  ip_packet
 
struct  tcp_packet
 
struct  ipv6_header
 
struct  pseudohdr
 
union  sockaddr_u
 

Macros

#define FIX(n)   htons(n)
 
#define UNFIX(n)   ntohs(n)
 
#define TCP_FLAG_RST   0x0004
 
#define TCP_FLAG_ACK   0x0010
 
#define TCP_FLAG_PUSH   0x0008
 

Functions

int ids_send (int fd, void *buf0, int n, int method)
 
int ids_open_sock_tcp (struct arglist *args, int port, int method, int timeout)
 

Macro Definition Documentation

◆ FIX

#define FIX (   n)    htons(n)
Todo:
: It still needs to be taken care BSD_BYTE_ORDERING gets here if defined (e.g. by config.h)

Definition at line 55 of file ids_send.c.

◆ TCP_FLAG_ACK

#define TCP_FLAG_ACK   0x0010

Definition at line 126 of file ids_send.c.

◆ TCP_FLAG_PUSH

#define TCP_FLAG_PUSH   0x0008

Definition at line 127 of file ids_send.c.

◆ TCP_FLAG_RST

#define TCP_FLAG_RST   0x0004

Definition at line 125 of file ids_send.c.

◆ UNFIX

#define UNFIX (   n)    ntohs(n)

Definition at line 56 of file ids_send.c.

Function Documentation

◆ ids_open_sock_tcp()

int ids_open_sock_tcp ( struct arglist args,
int  port,
int  method,
int  timeout 
)

Definition at line 688 of file ids_send.c.

693 {
694  int bpf;
695  struct in_addr dst, src;
696  struct in6_addr *dst6 = NULL, src6;
697  char *iface;
698  char filter[255];
699  char *src_host, *dst_host;
700  int ret = 0;
701  int len;
702  char hostname[INET6_ADDRSTRLEN];
703  int family;
704 
705  dst6 = plug_get_host_ip (args);
706  if (!dst6)
707  {
708  log_legacy_write ("Error - no address associated with name\n");
709  return -1;
710  }
711  if (IN6_IS_ADDR_V4MAPPED (dst6))
712  {
713  family = AF_INET;
714  dst.s_addr = dst6->s6_addr32[3];
715  src.s_addr = 0;
716  iface = routethrough (&dst, &src);
717  src_host = g_strdup (inet_ntoa (src));
718  dst_host = g_strdup (inet_ntoa (dst));
719  }
720  else
721  {
722  family = AF_INET6;
723  iface = v6_routethrough (dst6, &src6);
724  src_host =
725  g_strdup (inet_ntop (AF_INET6, &src6, hostname, sizeof (hostname)));
726  dst_host =
727  g_strdup (inet_ntop (AF_INET6, dst6, hostname, sizeof (hostname)));
728  }
729 
730  snprintf (filter, sizeof (filter),
731  "tcp and (src host %s and dst host %s and src port %d)", dst_host,
732  src_host, port);
733 
734  g_free (src_host);
735  g_free (dst_host);
736 
737 
738  bpf = bpf_open_live (iface, filter);
739  if (bpf >= 0)
740  {
741  ret = open_sock_tcp (args, port, timeout);
742  if (ret >= 0)
743  {
744  unsigned char *packet = bpf_next (bpf, &len);
745  if (packet)
746  {
747  char *pkt_ip;
748  pkt_ip =
749  (char *) (packet + get_datalink_size (bpf_datalink (bpf)));
750 
751  if (family == AF_INET)
752  inject (pkt_ip, len - get_datalink_size (bpf_datalink (bpf)),
753  method, TCP_FLAG_RST, NULL, 0);
754  else
755  injectv6 (pkt_ip, len - get_datalink_size (bpf_datalink (bpf)),
756  method, TCP_FLAG_RST, NULL, 0);
757  }
758  }
759  bpf_close (bpf);
760  return ret;
761  }
762  else
763  return open_sock_tcp (args, port, timeout);
764 }
#define TCP_FLAG_RST
Definition: ids_send.c:125
char * v6_routethrough(struct in6_addr *dest, struct in6_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
Definition: pcap.c:1061
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
void bpf_close(int bpf)
Definition: bpf_share.c:153
int get_datalink_size(int datalink)
Definition: pcap.c:442
int bpf_datalink(int bpf)
Definition: bpf_share.c:146
int open_sock_tcp(struct arglist *args, unsigned int port, int timeout)
Definition: network.c:1918
int bpf_open_live(char *iface, char *filter)
Definition: bpf_share.c:40
struct in6_addr * plug_get_host_ip(struct arglist *desc)
Definition: plugutils.c:216
char * routethrough(struct in_addr *dest, struct in_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
Definition: pcap.c:1244
u_char * bpf_next(int bpf, int *caplen)
Definition: bpf_share.c:137

References bpf_datalink(), bpf_next(), bpf_open_live(), get_datalink_size(), log_legacy_write(), open_sock_tcp(), plug_get_host_ip(), routethrough(), and v6_routethrough().

Here is the call graph for this function:

◆ ids_send()

int ids_send ( int  fd,
void *  buf0,
int  n,
int  method 
)

Definition at line 524 of file ids_send.c.

529 {
530  struct in_addr dst, src;
531  struct in6_addr dst6, src6;
532  struct sockaddr_in6 sockaddr6;
533  struct sockaddr_in *saddr;
534  struct sockaddr *sa;
535  union sockaddr_u *su = NULL;
536  char *iface;
537  char filter[255];
538  char *src_host, *dst_host;
539  int port;
540  int ret = 0;
541  int len;
542  char *buf = (char *) buf0;
543  unsigned int sz = sizeof (sockaddr6);
544  int e;
545  unsigned char *packet;
546  int bpf;
547  char hostname[INET6_ADDRSTRLEN];
548  int family;
549 
550  if (getpeername (fd, &(su->sockaddr), &sz) < 0)
551  {
552  perror ("getpeername() ");
553  return -1;
554  }
555  sa = &(su->sockaddr);
556  if (sa->sa_family == AF_INET)
557  {
558  family = AF_INET;
559  saddr = &(su->in);
560  port = ntohs (saddr->sin_port);
561  dst.s_addr = saddr->sin_addr.s_addr;
562  src.s_addr = 0;
563  iface = routethrough (&dst, &src);
564 
565  src_host = g_strdup (inet_ntoa (src));
566  dst_host = g_strdup (inet_ntoa (dst));
567 
568  snprintf (filter, sizeof (filter),
569  "tcp and (src host %s and dst host %s and src port %d)",
570  dst_host, src_host, port);
571  g_free (src_host);
572  g_free (dst_host);
573  }
574  else
575  {
576  sockaddr6 = su->in6;
577  family = AF_INET6;
578  port = ntohs (sockaddr6.sin6_port);
579  memcpy (&dst6, &sockaddr6.sin6_addr, sizeof (struct in6_addr));
580  bzero (&src6, sizeof (src6));
581  iface = v6_routethrough (&dst6, &src6);
582 
583  src_host =
584  g_strdup (inet_ntop (AF_INET6, &src6, hostname, sizeof (hostname)));
585  dst_host =
586  g_strdup (inet_ntop (AF_INET6, &dst6, hostname, sizeof (hostname)));
587  snprintf (filter, sizeof (filter),
588  "tcp and (src host %s and dst host %s and src port %d)",
589  dst_host, src_host, port);
590  g_free (src_host);
591  g_free (dst_host);
592  }
593 
594  bpf = bpf_open_live (iface, filter);
595  if (bpf >= 0)
596  {
597  e = send (fd, buf + ret, 1, 0);
598  packet = bpf_next (bpf, &len);
599  if (e < 0)
600  return -1;
601  else
602  ret += e;
603  /*
604  * We can start to send stuff now
605  */
606  while (ret < n)
607  {
608  if (packet)
609  {
610  char *pkt_ip;
611  int num_before = (rand () / 1000) % 3;
612  int num_after = (rand () / 1000) % 3;
613  int i;
614 
615  if (!num_before && !num_after)
616  {
617  if (rand () % 2)
618  num_before = 1;
619  else
620  num_after = 1;
621  }
622  pkt_ip =
623  (char *) (packet + get_datalink_size (bpf_datalink (bpf)));
624 
625  /*
626  * send bogus data before
627  */
628  for (i = 0; i < num_before; i++)
629  {
630  int j;
631  char data[10];
632  for (j = 0; j < 10; j++)
633  data[j] = rand ();
634  if (family == AF_INET)
635  inject (pkt_ip,
636  len - get_datalink_size (bpf_datalink (bpf)),
637  method, TCP_FLAG_ACK | TCP_FLAG_PUSH, data,
638  (rand () % 9) + 1);
639  else
640  injectv6 (pkt_ip,
641  len - get_datalink_size (bpf_datalink (bpf)),
642  method, TCP_FLAG_ACK | TCP_FLAG_PUSH, data,
643  (rand () % 9) + 1);
644 
645  }
646  e = send (fd, buf + ret, 1, 0);
647  packet = bpf_next (bpf, &len);
648  /*
649  * send bogus data after
650  */
651  for (i = 0; i < num_after; i++)
652  {
653  int j;
654  char data[10];
655  for (j = 0; j < 10; j++)
656  data[j] = rand ();
657  if (family == AF_INET)
658  inject (pkt_ip,
659  len - get_datalink_size (bpf_datalink (bpf)),
660  method, TCP_FLAG_ACK | TCP_FLAG_PUSH, data,
661  (rand () % 9) + 1);
662  else
663  injectv6 (pkt_ip,
664  len - get_datalink_size (bpf_datalink (bpf)),
665  method, TCP_FLAG_ACK | TCP_FLAG_PUSH, data,
666  (rand () % 9) + 1);
667  }
668  }
669  else
670  {
671  e = send (fd, buf + ret, 1, 0);
672  packet = bpf_next (bpf, &len);
673  }
674  if (e < 0)
675  return -1;
676  else
677  ret += e;
678  }
679  bpf_close (bpf);
680  return ret;
681  }
682  else
683  return send (fd, buf, n, 0);
684 }
char * v6_routethrough(struct in6_addr *dest, struct in6_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
Definition: pcap.c:1061
struct sockaddr_in6 in6
Definition: ids_send.c:142
void bpf_close(int bpf)
Definition: bpf_share.c:153
int get_datalink_size(int datalink)
Definition: pcap.c:442
#define TCP_FLAG_PUSH
Definition: ids_send.c:127
int bpf_datalink(int bpf)
Definition: bpf_share.c:146
struct sockaddr_in in
Definition: ids_send.c:141
int bpf_open_live(char *iface, char *filter)
Definition: bpf_share.c:40
struct sockaddr sockaddr
Definition: ids_send.c:143
#define TCP_FLAG_ACK
Definition: ids_send.c:126
char * routethrough(struct in_addr *dest, struct in_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
Definition: pcap.c:1244
u_char * bpf_next(int bpf, int *caplen)
Definition: bpf_share.c:137

References bpf_datalink(), bpf_next(), bpf_open_live(), get_datalink_size(), sockaddr_u::in, sockaddr_u::in6, routethrough(), sockaddr_u::sockaddr, and v6_routethrough().

Here is the call graph for this function: