1066 lines
30 KiB
C
1066 lines
30 KiB
C
/**
|
|
* @file parser.c
|
|
*
|
|
* @brief Implementation of parser_t.
|
|
*
|
|
*/
|
|
|
|
/*
|
|
* Copyright (C) 2005 Jan Hutter, Martin Willi
|
|
* Hochschule fuer Technik Rapperswil
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License as published by the
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* for more details.
|
|
*/
|
|
|
|
#include <stdlib.h>
|
|
#include <arpa/inet.h>
|
|
#include <string.h>
|
|
|
|
#include "parser.h"
|
|
|
|
#include <types.h>
|
|
#include <definitions.h>
|
|
#include <daemon.h>
|
|
#include <utils/logger.h>
|
|
#include <utils/linked_list.h>
|
|
#include <encoding/payloads/encodings.h>
|
|
#include <encoding/payloads/payload.h>
|
|
#include <encoding/payloads/sa_payload.h>
|
|
#include <encoding/payloads/proposal_substructure.h>
|
|
#include <encoding/payloads/transform_substructure.h>
|
|
#include <encoding/payloads/transform_attribute.h>
|
|
#include <encoding/payloads/ke_payload.h>
|
|
#include <encoding/payloads/nonce_payload.h>
|
|
#include <encoding/payloads/id_payload.h>
|
|
#include <encoding/payloads/notify_payload.h>
|
|
#include <encoding/payloads/encryption_payload.h>
|
|
#include <encoding/payloads/auth_payload.h>
|
|
#include <encoding/payloads/cert_payload.h>
|
|
#include <encoding/payloads/certreq_payload.h>
|
|
#include <encoding/payloads/ts_payload.h>
|
|
#include <encoding/payloads/delete_payload.h>
|
|
#include <encoding/payloads/vendor_id_payload.h>
|
|
#include <encoding/payloads/cp_payload.h>
|
|
#include <encoding/payloads/configuration_attribute.h>
|
|
#include <encoding/payloads/eap_payload.h>
|
|
#include <encoding/payloads/unknown_payload.h>
|
|
|
|
|
|
typedef struct private_parser_t private_parser_t;
|
|
|
|
/**
|
|
* Private data stored in a context.
|
|
*
|
|
* Contains pointers and counters to store current state.
|
|
*/
|
|
struct private_parser_t {
|
|
/**
|
|
* Public members, see parser_t.
|
|
*/
|
|
parser_t public;
|
|
|
|
/**
|
|
* @brief Parse a 4-Bit unsigned integer from the current parsing position.
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer where to write the parsed result
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_uint4) (private_parser_t *this, int rule_number, u_int8_t *output_pos);
|
|
|
|
/**
|
|
* @brief Parse a 8-Bit unsigned integer from the current parsing position.
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer where to write the parsed result
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_uint8) (private_parser_t *this, int rule_number, u_int8_t *output_pos);
|
|
|
|
/**
|
|
* @brief Parse a 15-Bit unsigned integer from the current parsing position.
|
|
*
|
|
* This is a special case used for ATTRIBUTE_TYPE.
|
|
* Big-/Little-endian conversion is done here.
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer where to write the parsed result
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_uint15) (private_parser_t *this, int rule_number, u_int16_t *output_pos);
|
|
|
|
/**
|
|
* @brief Parse a 16-Bit unsigned integer from the current parsing position.
|
|
*
|
|
* Big-/Little-endian conversion is done here.
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer where to write the parsed result
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_uint16) (private_parser_t *this, int rule_number, u_int16_t *output_pos);
|
|
|
|
/**
|
|
* @brief Parse a 32-Bit unsigned integer from the current parsing position.
|
|
*
|
|
* Big-/Little-endian conversion is done here.
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer where to write the parsed result
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_uint32) (private_parser_t *this, int rule_number, u_int32_t *output_pos);
|
|
|
|
/**
|
|
* @brief Parse a 64-Bit unsigned integer from the current parsing position.
|
|
*
|
|
* @todo add support for big-endian machines.
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer where to write the parsed result
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_uint64) (private_parser_t *this, int rule_number, u_int64_t *output_pos);
|
|
|
|
/**
|
|
* @brief Parse a given amount of bytes and writes them to a specific location
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer where to write the parsed result
|
|
* @param bytes number of bytes to parse
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_bytes) (private_parser_t *this, int rule_number, u_int8_t *output_pos,size_t bytes);
|
|
|
|
/**
|
|
* @brief Parse a single Bit from the current parsing position
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer where to write the parsed result
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_bit) (private_parser_t *this, int rule_number, bool *output_pos);
|
|
|
|
/**
|
|
* @brief Parse substructures in a list
|
|
*
|
|
* This function calls the parser recursivly to parse contained substructures
|
|
* in a linked_list_t. The list must already be created. Payload defines
|
|
* the type of the substructures. parsing is continued until the specified length
|
|
* is completely parsed.
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer of a linked_list where substructures are added
|
|
* @param payload_type type of the contained substructures to parse
|
|
* @param length number of bytes to parse in this list
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_list) (private_parser_t *this, int rule_number, linked_list_t **output_pos, payload_type_t payload_ype, size_t length);
|
|
|
|
/**
|
|
* @brief Parse data from current parsing position in a chunk.
|
|
*
|
|
* This function clones length number of bytes to output_pos, without
|
|
* modifiyng them. Space will be allocated and must be freed by caller.
|
|
*
|
|
* @param this parser_t object
|
|
* @param rule_number number of current rule
|
|
* @param[out] output_pos pointer of a chunk which will point to the allocated data
|
|
* @param length number of bytes to clone
|
|
* @return
|
|
* - SUCCESS or
|
|
* - PARSE_ERROR when not successful
|
|
*/
|
|
status_t (*parse_chunk) (private_parser_t *this, int rule_number, chunk_t *output_pos, size_t length);
|
|
|
|
/**
|
|
* Current bit for reading in input data.
|
|
*/
|
|
u_int8_t bit_pos;
|
|
|
|
/**
|
|
* Current byte for reading in input data.
|
|
*/
|
|
u_int8_t *byte_pos;
|
|
|
|
/**
|
|
* Input data to parse.
|
|
*/
|
|
u_int8_t *input;
|
|
|
|
/**
|
|
* Roof of input, used for length-checking.
|
|
*/
|
|
u_int8_t *input_roof;
|
|
|
|
/**
|
|
* Set of encoding rules for this parsing session.
|
|
*/
|
|
encoding_rule_t *rules;
|
|
|
|
/**
|
|
* Assigned logger_t object.
|
|
*/
|
|
logger_t *logger;
|
|
};
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_uint4.
|
|
*/
|
|
static status_t parse_uint4(private_parser_t *this, int rule_number, u_int8_t *output_pos)
|
|
{
|
|
if (this->byte_pos + sizeof(u_int8_t) > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m,
|
|
this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
switch (this->bit_pos)
|
|
{
|
|
case 0:
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
*output_pos = *(this->byte_pos) >> 4;
|
|
}
|
|
this->bit_pos = 4;
|
|
break;
|
|
case 4:
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
*output_pos = *(this->byte_pos) & 0x0F;
|
|
}
|
|
this->bit_pos = 0;
|
|
this->byte_pos++;
|
|
break;
|
|
default:
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m,
|
|
this->rules[rule_number].type), this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
|
|
if (output_pos != NULL)
|
|
{
|
|
this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos);
|
|
}
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_uint8.
|
|
*/
|
|
static status_t parse_uint8(private_parser_t *this, int rule_number, u_int8_t *output_pos)
|
|
{
|
|
if (this->byte_pos + sizeof(u_int8_t) > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m,
|
|
this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
if (this->bit_pos)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m,
|
|
this->rules[rule_number].type), this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
*output_pos = *(this->byte_pos);
|
|
this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos);
|
|
}
|
|
this->byte_pos++;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_uint15.
|
|
*/
|
|
static status_t parse_uint15(private_parser_t *this, int rule_number, u_int16_t *output_pos)
|
|
{
|
|
if (this->byte_pos + sizeof(u_int16_t) > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m,
|
|
this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
if (this->bit_pos != 1)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type),
|
|
this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
*output_pos = ntohs(*((u_int16_t*)this->byte_pos)) & ~0x8000;
|
|
this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos);
|
|
}
|
|
this->byte_pos += 2;
|
|
this->bit_pos = 0;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_uint16.
|
|
*/
|
|
static status_t parse_uint16(private_parser_t *this, int rule_number, u_int16_t *output_pos)
|
|
{
|
|
if (this->byte_pos + sizeof(u_int16_t) > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
if (this->bit_pos)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type),
|
|
this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
*output_pos = ntohs(*((u_int16_t*)this->byte_pos));
|
|
|
|
this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos);
|
|
}
|
|
this->byte_pos += 2;
|
|
|
|
return SUCCESS;
|
|
}
|
|
/**
|
|
* Implementation of private_parser_t.parse_uint32.
|
|
*/
|
|
static status_t parse_uint32(private_parser_t *this, int rule_number, u_int32_t *output_pos)
|
|
{
|
|
if (this->byte_pos + sizeof(u_int32_t) > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
if (this->bit_pos)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type),
|
|
this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
*output_pos = ntohl(*((u_int32_t*)this->byte_pos));
|
|
|
|
this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos);
|
|
}
|
|
this->byte_pos += 4;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_uint64.
|
|
*/
|
|
static status_t parse_uint64(private_parser_t *this, int rule_number, u_int64_t *output_pos)
|
|
{
|
|
if (this->byte_pos + sizeof(u_int64_t) > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
if (this->bit_pos)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type),
|
|
this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
/* assuming little endian host order */
|
|
*(output_pos + 1) = ntohl(*((u_int32_t*)this->byte_pos));
|
|
*output_pos = ntohl(*(((u_int32_t*)this->byte_pos) + 1));
|
|
|
|
this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)output_pos, 8);
|
|
}
|
|
this->byte_pos += 8;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_bytes.
|
|
*/
|
|
static status_t parse_bytes (private_parser_t *this, int rule_number, u_int8_t *output_pos,size_t bytes)
|
|
{
|
|
if (this->byte_pos + bytes > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
if (this->bit_pos)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type),
|
|
this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
memcpy(output_pos,this->byte_pos,bytes);
|
|
|
|
this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)output_pos, bytes);
|
|
}
|
|
this->byte_pos += bytes;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_bit.
|
|
*/
|
|
static status_t parse_bit(private_parser_t *this, int rule_number, bool *output_pos)
|
|
{
|
|
if (this->byte_pos + sizeof(u_int8_t) > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
/* caller interested in result ? */
|
|
if (output_pos != NULL)
|
|
{
|
|
u_int8_t mask;
|
|
mask = 0x01 << (7 - this->bit_pos);
|
|
*output_pos = *this->byte_pos & mask;
|
|
|
|
if (*output_pos)
|
|
{
|
|
/* set to a "clean", comparable true */
|
|
*output_pos = TRUE;
|
|
}
|
|
|
|
this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos);
|
|
}
|
|
this->bit_pos = (this->bit_pos + 1) % 8;
|
|
if (this->bit_pos == 0)
|
|
{
|
|
this->byte_pos++;
|
|
}
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_list.
|
|
*/
|
|
static status_t parse_list(private_parser_t *this, int rule_number, linked_list_t **output_pos, payload_type_t payload_type, size_t length)
|
|
{
|
|
linked_list_t * list = *output_pos;
|
|
|
|
if (length < 0)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " invalid length for rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
|
|
if (this->bit_pos)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
|
|
while (length > 0)
|
|
{
|
|
u_int8_t *pos_before = this->byte_pos;
|
|
payload_t *payload;
|
|
status_t status;
|
|
this->logger->log(this->logger, CONTROL|LEVEL1, " %d bytes left, parsing recursivly %s",
|
|
length, mapping_find(payload_type_m, payload_type));
|
|
status = this->public.parse_payload((parser_t*)this, payload_type, &payload);
|
|
if (status != SUCCESS)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " parsing of a %s substructure failed",
|
|
mapping_find(payload_type_m, payload_type));
|
|
return status;
|
|
}
|
|
list->insert_last(list, payload);
|
|
length -= this->byte_pos - pos_before;
|
|
}
|
|
*output_pos = list;
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of private_parser_t.parse_chunk.
|
|
*/
|
|
static status_t parse_chunk(private_parser_t *this, int rule_number, chunk_t *output_pos, size_t length)
|
|
{
|
|
if (this->byte_pos + length > this->input_roof)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " not enough input (%d bytes) to parse rule %d %s",
|
|
length, rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type));
|
|
return PARSE_ERROR;
|
|
}
|
|
if (this->bit_pos)
|
|
{
|
|
this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d",
|
|
rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), this->bit_pos);
|
|
return PARSE_ERROR;
|
|
}
|
|
if (output_pos != NULL)
|
|
{
|
|
output_pos->len = length;
|
|
output_pos->ptr = malloc(length);
|
|
memcpy(output_pos->ptr, this->byte_pos, length);
|
|
}
|
|
this->byte_pos += length;
|
|
this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)output_pos->ptr, length);
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of parser_t.parse_payload.
|
|
*/
|
|
static status_t parse_payload(private_parser_t *this, payload_type_t payload_type, payload_t **payload)
|
|
{
|
|
payload_t *pld;
|
|
void *output;
|
|
size_t rule_count, payload_length, spi_size, attribute_length;
|
|
u_int16_t ts_type;
|
|
bool attribute_format;
|
|
int rule_number;
|
|
encoding_rule_t *rule;
|
|
|
|
/* create instance of the payload to parse */
|
|
pld = payload_create(payload_type);
|
|
|
|
this->logger->log(this->logger, CONTROL|LEVEL1, "parsing %s payload, %d bytes left",
|
|
mapping_find(payload_type_m, payload_type),
|
|
this->input_roof-this->byte_pos);
|
|
|
|
this->logger->log_bytes(this->logger, RAW|LEVEL3, "parsing payload from", this->byte_pos,
|
|
this->input_roof-this->byte_pos);
|
|
|
|
if (pld->get_type(pld) == UNKNOWN_PAYLOAD)
|
|
{
|
|
this->logger->log(this->logger, ERROR|LEVEL1, " payload type %d is unknown, handling as %s",
|
|
payload_type, mapping_find(payload_type_m, UNKNOWN_PAYLOAD));
|
|
}
|
|
|
|
/* base pointer for output, avoids casting in every rule */
|
|
output = pld;
|
|
|
|
/* parse the payload with its own rulse */
|
|
pld->get_encoding_rules(pld, &(this->rules), &rule_count);
|
|
for (rule_number = 0; rule_number < rule_count; rule_number++)
|
|
{
|
|
rule = &(this->rules[rule_number]);
|
|
this->logger->log(this->logger, CONTROL|LEVEL2, " parsing rule %d %s",
|
|
rule_number, mapping_find(encoding_type_m, rule->type));
|
|
switch (rule->type)
|
|
{
|
|
case U_INT_4:
|
|
{
|
|
if (this->parse_uint4(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case U_INT_8:
|
|
{
|
|
if (this->parse_uint8(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case U_INT_16:
|
|
{
|
|
if (this->parse_uint16(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case U_INT_32:
|
|
{
|
|
if (this->parse_uint32(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case U_INT_64:
|
|
{
|
|
if (this->parse_uint64(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case IKE_SPI:
|
|
{
|
|
if (this->parse_bytes(this, rule_number, output + rule->offset,8) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case RESERVED_BIT:
|
|
{
|
|
if (this->parse_bit(this, rule_number, NULL) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case RESERVED_BYTE:
|
|
{
|
|
if (this->parse_uint8(this, rule_number, NULL) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case FLAG:
|
|
{
|
|
if (this->parse_bit(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case PAYLOAD_LENGTH:
|
|
{
|
|
if (this->parse_uint16(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
payload_length = *(u_int16_t*)(output + rule->offset);
|
|
break;
|
|
}
|
|
case HEADER_LENGTH:
|
|
{
|
|
if (this->parse_uint32(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case SPI_SIZE:
|
|
{
|
|
if (this->parse_uint8(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
spi_size = *(u_int8_t*)(output + rule->offset);
|
|
break;
|
|
}
|
|
case SPI:
|
|
{
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, spi_size) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case PROPOSALS:
|
|
{
|
|
size_t proposals_length = payload_length - SA_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_list(this, rule_number, output + rule->offset, PROPOSAL_SUBSTRUCTURE, proposals_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case TRANSFORMS:
|
|
{
|
|
size_t transforms_length = payload_length - spi_size - PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH;
|
|
if (this->parse_list(this, rule_number, output + rule->offset, TRANSFORM_SUBSTRUCTURE, transforms_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case TRANSFORM_ATTRIBUTES:
|
|
{
|
|
size_t transform_a_length = payload_length - TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH;
|
|
if (this->parse_list(this, rule_number, output + rule->offset, TRANSFORM_ATTRIBUTE, transform_a_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case CONFIGURATION_ATTRIBUTES:
|
|
{
|
|
size_t configuration_attributes_length = payload_length - CP_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_list(this, rule_number, output + rule->offset, CONFIGURATION_ATTRIBUTE, configuration_attributes_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case ATTRIBUTE_FORMAT:
|
|
{
|
|
if (this->parse_bit(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
attribute_format = *(bool*)(output + rule->offset);
|
|
break;
|
|
}
|
|
case ATTRIBUTE_TYPE:
|
|
{
|
|
if (this->parse_uint15(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
attribute_format = *(bool*)(output + rule->offset);
|
|
break;
|
|
}
|
|
case CONFIGURATION_ATTRIBUTE_LENGTH:
|
|
{
|
|
if (this->parse_uint16(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
attribute_length = *(u_int16_t*)(output + rule->offset);
|
|
break;
|
|
}
|
|
case ATTRIBUTE_LENGTH_OR_VALUE:
|
|
{
|
|
if (this->parse_uint16(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
attribute_length = *(u_int16_t*)(output + rule->offset);
|
|
break;
|
|
}
|
|
case ATTRIBUTE_VALUE:
|
|
{
|
|
if (attribute_format == FALSE)
|
|
{
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, attribute_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
}
|
|
break;
|
|
}
|
|
case NONCE_DATA:
|
|
{
|
|
size_t nonce_length = payload_length - NONCE_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, nonce_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case ID_DATA:
|
|
{
|
|
size_t data_length = payload_length - ID_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case AUTH_DATA:
|
|
{
|
|
size_t data_length = payload_length - AUTH_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case CERT_DATA:
|
|
{
|
|
size_t data_length = payload_length - CERT_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case CERTREQ_DATA:
|
|
{
|
|
size_t data_length = payload_length - CERTREQ_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case EAP_MESSAGE:
|
|
{
|
|
size_t data_length = payload_length - EAP_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case SPIS:
|
|
{
|
|
size_t data_length = payload_length - DELETE_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case VID_DATA:
|
|
{
|
|
size_t data_length = payload_length - VENDOR_ID_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case CONFIGURATION_ATTRIBUTE_VALUE:
|
|
{
|
|
size_t data_length = attribute_length;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case KEY_EXCHANGE_DATA:
|
|
{
|
|
size_t keydata_length = payload_length - KE_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, keydata_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case NOTIFICATION_DATA:
|
|
{
|
|
size_t notify_length = payload_length - NOTIFY_PAYLOAD_HEADER_LENGTH - spi_size;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, notify_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case ENCRYPTED_DATA:
|
|
{
|
|
size_t data_length = payload_length - ENCRYPTION_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case TS_TYPE:
|
|
{
|
|
if (this->parse_uint8(this, rule_number, output + rule->offset) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
ts_type = *(u_int8_t*)(output + rule->offset);
|
|
break;
|
|
}
|
|
case ADDRESS:
|
|
{
|
|
size_t address_length = (ts_type == TS_IPV4_ADDR_RANGE) ? 4 : 16;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset,address_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case TRAFFIC_SELECTORS:
|
|
{
|
|
size_t traffic_selectors_length = payload_length - TS_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_list(this, rule_number, output + rule->offset, TRAFFIC_SELECTOR_SUBSTRUCTURE, traffic_selectors_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
case UNKNOWN_PAYLOAD:
|
|
{
|
|
size_t unknown_payload_data_length = payload_length - UNKNOWN_PAYLOAD_HEADER_LENGTH;
|
|
if (this->parse_chunk(this, rule_number, output + rule->offset, unknown_payload_data_length) != SUCCESS)
|
|
{
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
break;
|
|
}
|
|
default:
|
|
{
|
|
this->logger->log(this->logger, ERROR, " no rule to parse rule %d %s (%d)", rule_number, mapping_find(encoding_type_m, rule->type), rule->type);
|
|
pld->destroy(pld);
|
|
return PARSE_ERROR;
|
|
}
|
|
}
|
|
/* process next rulue */
|
|
rule++;
|
|
}
|
|
|
|
*payload = pld;
|
|
this->logger->log(this->logger, CONTROL|LEVEL2, "parsing %s payload finished.",
|
|
mapping_find(payload_type_m, payload_type));
|
|
return SUCCESS;
|
|
}
|
|
|
|
/**
|
|
* Implementation of parser_t.get_remaining_byte_count.
|
|
*/
|
|
static int get_remaining_byte_count (private_parser_t *this)
|
|
{
|
|
int count = (this->input_roof - this->byte_pos);
|
|
return count;
|
|
}
|
|
|
|
/**
|
|
* Implementation of parser_t.reset_context.
|
|
*/
|
|
static void reset_context (private_parser_t *this)
|
|
{
|
|
this->byte_pos = this->input;
|
|
this->bit_pos = 0;
|
|
}
|
|
|
|
/**
|
|
* Implementation of parser_t.destroy.
|
|
*/
|
|
static void destroy(private_parser_t *this)
|
|
{
|
|
free(this);
|
|
}
|
|
|
|
/*
|
|
* Described in header.
|
|
*/
|
|
parser_t *parser_create(chunk_t data)
|
|
{
|
|
private_parser_t *this = malloc_thing(private_parser_t);
|
|
|
|
this->logger = logger_manager->get_logger(logger_manager, PARSER);
|
|
|
|
this->public.parse_payload = (status_t(*)(parser_t*,payload_type_t,payload_t**)) parse_payload;
|
|
this->public.reset_context = (void(*)(parser_t*)) reset_context;
|
|
this->public.get_remaining_byte_count = (int (*) (parser_t *))get_remaining_byte_count;
|
|
this->public.destroy = (void(*)(parser_t*)) destroy;
|
|
|
|
this->parse_uint4 = parse_uint4;
|
|
this->parse_uint8 = parse_uint8;
|
|
this->parse_uint15 = parse_uint15;
|
|
this->parse_uint16 = parse_uint16;
|
|
this->parse_uint32 = parse_uint32;
|
|
this->parse_uint64 = parse_uint64;
|
|
this->parse_bytes = parse_bytes;
|
|
this->parse_bit = parse_bit;
|
|
this->parse_list = parse_list;
|
|
this->parse_chunk = parse_chunk;
|
|
|
|
this->input = data.ptr;
|
|
this->byte_pos = data.ptr;
|
|
this->bit_pos = 0;
|
|
this->input_roof = data.ptr + data.len;
|
|
|
|
return (parser_t*)this;
|
|
}
|
|
|