mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-07-01 08:48:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add tcp syn packet fingerprinting to redbean

Browse source 
This change also fixes bugs in enoprotoopt reporting with setsockopt and
getsockopt error returns.
This commit is contained in:
Justine Tunney 2022-07-17 02:40:39 -07:00
parent 866b21a151
commit 4d25f8c3c9
75 changed files with 1551 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

133
net/finger/describesyn.c Normal file
View file

@ -0,0 +1,133 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2022 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/bits/bits.h"
#include "libc/fmt/itoa.h"
#include "net/finger/finger.h"
/**
* Describes IP+TCP SYN packet
*
* The layout looks as follows:
*
* TTL:OPTIONS:WSIZE:MSS
*
* The `TTL`, `WSIZE`, and `MSS` fields are unsigned decimal fields.
*
* The `OPTIONS` field communicates the ordering of the commonly used
* subset of tcp options. The following character mappings are defined.
* TCP options not on this list will be ignored.
*
* - E: End of Option list
* - N: No-Operation
* - M: Maxmimum Segment Size
* - K: Window Scale
* - O: SACK Permitted
* - A: SACK
* - e: Echo (obsolete)
* - r: Echo reply (obsolete)
* - T: Timestamps
*
* @param q receives nul-terminated string
* @param m is byte capacity of `q`
* @param p is syn packet
* @param n is byte length of `p`
* @return pointer past last written byte in `q` or null if not a syn packet
* @see https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml
*/
char *DescribeSyn(char *q, size_t m, const char *p, size_t n) {
char *e;
int i, j, k, r, iplen, tcplen, ttl, wsize, mss;
if (n >= 20 + 20 && n >= (iplen = (p[0] & 0x0F) * 4) + 20 &&
n >= iplen + (tcplen = ((p[iplen + 12] & 0xF0) >> 4) * 4)) {
e = q + m;
n = iplen + tcplen;
// Time to Live
// ttl<=256 Crisco, Solaris 6
// ttl<=128 Windows, OpenVMS 8+
// ttl<= 64 Mac, Linux, BSD, Solaris 8+, Tru64, HP-UX
ttl = p[8] & 255;
wsize = READ16BE(p + 14);
if (q + 13 <= e) {
q = FormatUint32(q, ttl);
*q++ = ':';
}
// TCP Options
// We care about the order and presence of leading common options.
for (mss = j = 0, i = iplen + 20; i < n; ++j) {
k = p[i] & 255;
if (k < 9 && q + 1 < e) {
*q++ = "ENMKOAerT"[k];
}
if (k == 2 && i + 4 <= n) {
mss = READ16BE(p + 2);
}
if (k == 1 || // no-operation
k == 2 || // maximum segment size
k == 3 || // window scale
k == 4 || // sack permitted
k == 8) { // timestamps
if (k == 1) {
// no-operation option has no length byte
//
// ┌───┐
// │ 1 │
// └───┘
//
++i;
} else if (i + 1 < n) {
// a normal tcp option should have
//
// ┌──┬───┬───┐
// │OP│LEN│...│
// └──┴───┴───┘
//
// e.g. sack permitted is encoded as
//
// ┌───┬───┐
// │ 4 │ 2 │
// └───┴───┘
//
// e.g. window scale of `7` would be encoded as
//
// ┌───┬───┬───┐
// │ 3 │ 3 │ 7 │
// └───┴───┴───┘
//
i += p[i + 1] & 255;
} else {
break;
}
} else {
break;
}
}
if (q + (1 + 12) * 2 <= e) {
*q++ = ':';
q = FormatUint32(q, wsize);
*q++ = ':';
q = FormatUint32(q, mss);
}
if (q < e) {
*q = 0;
}
return q;
} else {
return 0;
}
}

13
net/finger/finger.h Normal file
View file

@ -0,0 +1,13 @@
#ifndef COSMOPOLITAN_NET_FINGER_FINGER_H_
#define COSMOPOLITAN_NET_FINGER_FINGER_H_
#if !(__ASSEMBLER__ + __LINKER__ + 0)
COSMOPOLITAN_C_START_
char *DescribeSyn(char *, size_t, const char *, size_t);
const char *GetOsName(int);
int GetSynFingerOs(uint32_t);
uint32_t FingerSyn(const char *, size_t);
COSMOPOLITAN_C_END_
#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
#endif /* COSMOPOLITAN_NET_FINGER_FINGER_H_ */

47
net/finger/finger.mk Normal file
View file

@ -0,0 +1,47 @@
#-*-mode:makefile-gmake;indent-tabs-mode:t;tab-width:8;coding:utf-8-*-┐
#───vi: set et ft=make ts=8 tw=8 fenc=utf-8 :vi───────────────────────┘
PKGS += NET_FINGER
NET_FINGER_ARTIFACTS += NET_FINGER_A
NET_FINGER = $(NET_FINGER_A_DEPS) $(NET_FINGER_A)
NET_FINGER_A = o/$(MODE)/net/finger/finger.a
NET_FINGER_A_FILES := $(wildcard net/finger/*)
NET_FINGER_A_HDRS = $(filter %.h,$(NET_FINGER_A_FILES))
NET_FINGER_A_INCS := $(filter %.inc,$(NET_FINGER_A_FILES))
NET_FINGER_A_SRCS_C = $(filter %.c,$(NET_FINGER_A_FILES))
NET_FINGER_A_SRCS_S = $(filter %.S,$(NET_FINGER_A_FILES))
NET_FINGER_A_SRCS = $(NET_FINGER_A_SRCS_S) $(NET_FINGER_A_SRCS_C)
NET_FINGER_A_OBJS_C = $(NET_FINGER_A_SRCS_C:%.c=o/$(MODE)/%.o)
NET_FINGER_A_OBJS_S = $(NET_FINGER_A_SRCS_S:%.S=o/$(MODE)/%.o)
NET_FINGER_A_OBJS = $(NET_FINGER_A_OBJS_S) $(NET_FINGER_A_OBJS_C)
NET_FINGER_A_CHECKS = \
$(NET_FINGER_A).pkg \
$(NET_FINGER_A_HDRS:%=o/$(MODE)/%.ok)
NET_FINGER_A_DIRECTDEPS = \
LIBC_INTRIN \
LIBC_NEXGEN32E
NET_FINGER_A_DEPS := \
$(call uniq,$(foreach x,$(NET_FINGER_A_DIRECTDEPS),$($(x))))
$(NET_FINGER_A): \
net/finger/ \
$(NET_FINGER_A).pkg \
$(NET_FINGER_A_OBJS)
$(NET_FINGER_A).pkg: \
$(NET_FINGER_A_OBJS) \
$(foreach x,$(NET_FINGER_A_DIRECTDEPS),$($(x)_A).pkg)
NET_FINGER_LIBS = $(foreach x,$(NET_FINGER_ARTIFACTS),$($(x)))
NET_FINGER_SRCS = $(foreach x,$(NET_FINGER_ARTIFACTS),$($(x)_SRCS))
NET_FINGER_HDRS = $(foreach x,$(NET_FINGER_ARTIFACTS),$($(x)_HDRS))
NET_FINGER_OBJS = $(foreach x,$(NET_FINGER_ARTIFACTS),$($(x)_OBJS))
NET_FINGER_CHECKS = $(foreach x,$(NET_FINGER_ARTIFACTS),$($(x)_CHECKS))
.PHONY: o/$(MODE)/net/finger
o/$(MODE)/net/finger: \
$(NET_FINGER_CHECKS)

64
net/finger/fingersyn.c Normal file
View file

@ -0,0 +1,64 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2022 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/macros.internal.h"
#include "libc/nexgen32e/bsr.h"
/**
* Fingers IP+TCP SYN packet.
*
* This returns a hash-like magic number that reflects the SYN packet
* structure, e.g. ordering of options, maximum segment size, etc.
*/
uint32_t FingerSyn(const char *p, size_t n) {
uint32_t h = 0;
int i, j, k, q, r, iplen, tcplen, ttl;
if (n >= 20 + 20 && n >= (iplen = (p[0] & 0x0F) * 4) + 20 &&
n >= iplen + (tcplen = ((p[iplen + 12] & 0xF0) >> 4) * 4)) {
n = iplen + tcplen;
// Time to Live
// ttl<=256 Crisco, Solaris 6
// ttl<=128 Windows, OpenVMS 8+
// ttl<=64 Mac, Linux, BSD, Solaris 8+, Tru64, HP-UX
ttl = p[8] & 255;
h += bsr(MAX(1, ttl - 1));
h *= 0x9e3779b1;
// TCP Options
// We care about the order and presence of leading common options.
for (j = 0, i = iplen + 20; i < n; ++j) {
k = p[i] & 255;
if (k == 0 || k == 1 || k == 2 || k == 3 || k == 4 || k == 8) {
if (k <= 1) {
++i;
} else if (i + 1 < n) {
i += p[i + 1] & 255;
} else {
break;
}
} else {
break;
}
h += j << 8 | k;
h *= 0x9e3779b1;
}
if (!h) {
++h;
}
}
return h;
}

45
net/finger/getosname.c Normal file
View file

@ -0,0 +1,45 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2022 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/nexgen32e/bsr.h"
#include "net/finger/finger.h"
const char *GetOsName(int os) {
if (os) {
switch (bsr(os)) {
case 0:
return "LINUX";
case 1:
return "METAL";
case 2:
return "WINDOWS";
case 3:
return "XNU";
case 4:
return "OPENBSD";
case 5:
return "FREEBSD";
case 6:
return "NETBSD";
default:
return 0;
}
} else {
return 0;
}
}

40
net/finger/getsynfingeros.c Normal file
View file

@ -0,0 +1,40 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2022 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/dce.h"
#include "net/finger/finger.h"
/**
* Turns result of FingerprintSyn() into operating system.
*/
int GetSynFingerOs(uint32_t x) {
switch (x) {
case 0x7e7a6599:
return XNU;
case 0xbb724187:
return LINUX;
case 0xb228b212:
return WINDOWS;
case 0x77c30887:
return FREEBSD;
case 0xc45d694b:
return OPENBSD;
default:
return 0;
}
}

3
net/net.mk
View file

@ -2,5 +2,6 @@
#───vi: set et ft=make ts=8 tw=8 fenc=utf-8 :vi───────────────────────┘
.PHONY: o/$(MODE)/net
o/$(MODE)/net: o/$(MODE)/net/http \
o/$(MODE)/net: o/$(MODE)/net/finger \
o/$(MODE)/net/http \
o/$(MODE)/net/https