X-Git-Url: https://git.tcpdump.org/libpcap/blobdiff_plain/72ee65e9a0dbc0ff8a91cdf24fb446de62429b94..09b51d326c38ea8e10ce4da09c09d50e08c5aeb8:/rpcap-protocol.h diff --git a/rpcap-protocol.h b/rpcap-protocol.h index 7598a0ae..a93b0a8b 100644 --- a/rpcap-protocol.h +++ b/rpcap-protocol.h @@ -63,80 +63,20 @@ * * Version negotiation is done as part of the authentication process: * - * The client sends an authentication request, with the version number - * in the request being the maximum version it supports. - * - * If the server supports that version, it attempts to authenticate the - * client, and replies as appropriate, with the version number in the - * reply being that version. - * - * If the server doesn't support that version because it's too large, - * it replies with a RPCAP_MSG_ERROR message, with the maximum version - * they support as the version number in the reply, and with the error - * code being PCAP_ERR_WRONGVER. - * - * If the server doesn't support that version because it's too small, - * it replies with a RPCAP_MSG_ERROR message, with that version as - * the version number in the reply, and with the error code being - * PCAP_ERR_WRONGVER. - * - * If the client supports that version, it retries the authentication - * with that version and, if that fails for any reason, including - * PCAP_ERR_WRONGVER, fails. Otherwise, it fails, telling its caller - * that there's no version that both support. - * - * This requires that the set of versions supported by a client or - * server be a range of integers, with no gaps. Thus: - * - * the client's version set is [Cmin, Cmax], with Cmin <= Cmax; - * - * the server's version set is [Smin, Smax], with Smin <= Smax; - * - * the client sends Cmax as the version number in the initial - * authentication request; - * - * if the server doesn't support the version sent by the client, - * either Smax < Cmax or Smin > Cmax (because the client sent Cmax - * to the server, and the server doesn't support it); - * - * if Smax < Cmax: - * - * the server sends Smax as the version number in the RPCAP_MSG_ERROR/ - * PCAP_ERR_WRONGVER message - the client will accept this because - * Cmax != 0, as these numbers are unsigned, and this means that - * this isn't an old client that rejects all messages with a non-zero - * version number, it's a new client that accepts RPCAP_MSG_ERROR - * messages no matter what the version is; - * - * if Smax >= Cmin, both the client and the server can use it, and - * the client retries with Smax; - * - * if Smax < Cmin, there is no version the client and server can - * both support. - * - * if Smin > Cmax: - * - * the server sends Cmax as the version number in the RPCAP_MSG_ERROR/ - * PCAP_ERR_WRONGVER message - the client will accept this because - * Cmax is a valid client version number. - * - * the client will retry with Cmax, get the same version failure, - * and report that there is no version the client and server can - * both support (as the version sets are disjoint). - * - * Old negotiation-unaware clients just send version 0 and, if they - * get back PCAP_ERR_WRONGVER, treat it as a fatal error. This - * means they'll fail to talk to any server that can't handle - * version 0, which is the appropriate thing to do, as they can - * only use version 0. - * - * Old negotiation-unaware servers fail if they get a version other - * than 0, sending back PCAP_ERR_WRONGVER with version 0, which is - * the only version, and thus both the minimum and maximum version, - * they support. The client will either fail if it doesn't support - * version 0, or will retry with version 0 and succeed, so it will - * fail with servers that can't handle version 0 or will negotiate - * version 0 with servers that can handle version 0. + * The client sends an authentication request, with a version number + * of 0. All servers must accept authentication requests with a version + * number of 0, even if they don't support version 0 for any other + * requests. + * + * The server attempts to authenticate the client. If that succeeds, + * older servers - which only support version 0 - will send an + * authentication reply with no payload. Newer servers - which might + * support other versions - will send an authentication reply with + * a payload giving the minimum and maximum versions it supports. + * + * The client attempts to find the largest version number that is + * in both its range of supported versions and the server's supported + * versions. If it fails, it gives up; otherwise, it uses that version. */ #define RPCAP_MIN_VERSION 0 #define RPCAP_MAX_VERSION 0 @@ -148,7 +88,8 @@ * comparison will always succeed. */ #if RPCAP_MIN_VERSION == 0 -#define RPCAP_VERSION_IS_SUPPORTED(v) ((v) <= RPCAP_MAX_VERSION) +#define RPCAP_VERSION_IS_SUPPORTED(v) \ + ((v) <= RPCAP_MAX_VERSION) #else #define RPCAP_VERSION_IS_SUPPORTED(v) \ ((v) >= RPCAP_MIN_VERSION && (v) <= RPCAP_MAX_VERSION) @@ -176,6 +117,12 @@ * for better alignment. * These structures have been created in order to be correctly aligned to * a 32-bit boundary, but be careful in any case. + * + * The layout of these structures MUST not be changed. If a packet + * format is different in different versions of the protocol, versions + * of the structure should be provided for all the different versions or + * version ranges (if more than one version of the protocol has the same + * layout) that we support. */ /* @@ -185,10 +132,12 @@ * XXX - use the C99 types? Microsoft's newer versions of Visual Studio * support them. */ +#ifndef __HAIKU__ typedef unsigned char uint8; /* 8-bit unsigned integer */ typedef unsigned short uint16; /* 16-bit unsigned integer */ typedef unsigned int uint32; /* 32-bit unsigned integer */ typedef int int32; /* 32-bit signed integer */ +#endif /* Common header for all the RPCAP messages */ struct rpcap_header @@ -199,6 +148,38 @@ struct rpcap_header uint32 plen; /* Length of the payload of this RPCAP message */ }; +/* + * Format of data that may appear at the end of an authentication reply, + * giving the minimum and maximum versions of the protocol that the + * server supports. + * + * Older servers don't provide this; they support only version 0. + */ +struct rpcap_authreply +{ + uint8 minvers; /* Minimum version supported */ + uint8 maxvers; /* Maximum version supported */ + uint8 pad[2]; /* Pad to 4-byte boundary **/ + uint32 byte_order_magic; /* RPCAP_BYTE_ORDER_MAGIC, in server byte order */ +}; + +/* + * Any resemblance between this and the pcap file magic number + * is purely coincidental, trust me. + */ +#define RPCAP_BYTE_ORDER_MAGIC 0xa1b2c3d4U +#define RPCAP_BYTE_ORDER_MAGIC_SWAPPED 0xd4c3b2a1U + +/* + * Older version of authentication reply, without byte order indication + * and padding. + */ +struct rpcap_authreply_old +{ + uint8 minvers; /* Minimum version supported */ + uint8 maxvers; /* Maximum version supported */ +}; + /* Format of the message for the interface description (findalldevs command) */ struct rpcap_findalldevs_if { @@ -299,6 +280,7 @@ struct rpcap_findalldevs_ifaddr struct rpcap_openreply { int32 linktype; /* Link type */ + int32 tzoff; /* Timezone offset - not used by newer clients */ }; /* Format of the message that starts a remote capture (startcap command) */ @@ -333,7 +315,7 @@ struct rpcap_pkthdr uint32 timestamp_sec; /* 'struct timeval' compatible, it represents the 'tv_sec' field */ uint32 timestamp_usec; /* 'struct timeval' compatible, it represents the 'tv_usec' field */ uint32 caplen; /* Length of portion present in the capture */ - uint32 len; /* Real length this packet (off wire) */ + uint32 len; /* Real length of this packet (off wire) */ uint32 npkt; /* Ordinal number of the packet (i.e. the first one captured has '1', the second one '2', etc) */ }; @@ -345,7 +327,7 @@ struct rpcap_filter uint32 nitems; /* Number of items contained into the filter (e.g. BPF instructions for BPF filters) */ }; -/* Structure that keeps a single BPF instuction; it is repeated 'ninsn' times according to the 'rpcap_filterbpf' header */ +/* Structure that keeps a single BPF instruction; it is repeated 'ninsn' times according to the 'rpcap_filterbpf' header */ struct rpcap_filterbpf_insn { uint16 code; /* opcode of the instruction */ @@ -381,20 +363,25 @@ struct rpcap_sampling uint32 value; /* Parameter related to the sampling method */ }; -/* Messages field coding */ +/* + * Messages field coding. + * + * These values are used in messages sent over the network, and MUST + * not be changed. + */ #define RPCAP_MSG_IS_REPLY 0x080 /* Flag indicating a reply */ -#define RPCAP_MSG_ERROR 1 /* Message that keeps an error notification */ -#define RPCAP_MSG_FINDALLIF_REQ 2 /* Request to list all the remote interfaces */ -#define RPCAP_MSG_OPEN_REQ 3 /* Request to open a remote device */ -#define RPCAP_MSG_STARTCAP_REQ 4 /* Request to start a capture on a remote device */ -#define RPCAP_MSG_UPDATEFILTER_REQ 5 /* Send a compiled filter into the remote device */ -#define RPCAP_MSG_CLOSE 6 /* Close the connection with the remote peer */ -#define RPCAP_MSG_PACKET 7 /* This is a 'data' message, which carries a network packet */ -#define RPCAP_MSG_AUTH_REQ 8 /* Message that keeps the authentication parameters */ -#define RPCAP_MSG_STATS_REQ 9 /* It requires to have network statistics */ -#define RPCAP_MSG_ENDCAP_REQ 10 /* Stops the current capture, keeping the device open */ -#define RPCAP_MSG_SETSAMPLING_REQ 11 /* Set sampling parameters */ +#define RPCAP_MSG_ERROR 0x01 /* Message that keeps an error notification */ +#define RPCAP_MSG_FINDALLIF_REQ 0x02 /* Request to list all the remote interfaces */ +#define RPCAP_MSG_OPEN_REQ 0x03 /* Request to open a remote device */ +#define RPCAP_MSG_STARTCAP_REQ 0x04 /* Request to start a capture on a remote device */ +#define RPCAP_MSG_UPDATEFILTER_REQ 0x05 /* Send a compiled filter into the remote device */ +#define RPCAP_MSG_CLOSE 0x06 /* Close the connection with the remote peer */ +#define RPCAP_MSG_PACKET 0x07 /* This is a 'data' message, which carries a network packet */ +#define RPCAP_MSG_AUTH_REQ 0x08 /* Message that keeps the authentication parameters */ +#define RPCAP_MSG_STATS_REQ 0x09 /* It requires to have network statistics */ +#define RPCAP_MSG_ENDCAP_REQ 0x0A /* Stops the current capture, keeping the device open */ +#define RPCAP_MSG_SETSAMPLING_REQ 0x0B /* Set sampling parameters */ #define RPCAP_MSG_FINDALLIF_REPLY (RPCAP_MSG_FINDALLIF_REQ | RPCAP_MSG_IS_REPLY) /* Keeps the list of all the remote interfaces */ #define RPCAP_MSG_OPEN_REPLY (RPCAP_MSG_OPEN_REQ | RPCAP_MSG_IS_REPLY) /* The remote device has been opened correctly */ @@ -413,24 +400,32 @@ struct rpcap_sampling #define RPCAP_UPDATEFILTER_BPF 1 /* This code tells us that the filter is encoded with the BPF/NPF syntax */ -/* Network error codes */ -#define PCAP_ERR_NETW 1 /* Network error */ -#define PCAP_ERR_INITTIMEOUT 2 /* The RPCAP initial timeout has expired */ -#define PCAP_ERR_AUTH 3 /* Generic authentication error */ -#define PCAP_ERR_FINDALLIF 4 /* Generic findalldevs error */ -#define PCAP_ERR_NOREMOTEIF 5 /* The findalldevs was ok, but the remote end had no interfaces to list */ -#define PCAP_ERR_OPEN 6 /* Generic pcap_open error */ -#define PCAP_ERR_UPDATEFILTER 7 /* Generic updatefilter error */ -#define PCAP_ERR_GETSTATS 8 /* Generic pcap_stats error */ -#define PCAP_ERR_READEX 9 /* Generic pcap_next_ex error */ -#define PCAP_ERR_HOSTNOAUTH 10 /* The host is not authorized to connect to this server */ -#define PCAP_ERR_REMOTEACCEPT 11 /* Generic pcap_remoteaccept error */ -#define PCAP_ERR_STARTCAPTURE 12 /* Generic pcap_startcapture error */ -#define PCAP_ERR_ENDCAPTURE 13 /* Generic pcap_endcapture error */ -#define PCAP_ERR_RUNTIMETIMEOUT 14 /* The RPCAP run-time timeout has expired */ -#define PCAP_ERR_SETSAMPLING 15 /* Error during the settings of sampling parameters */ -#define PCAP_ERR_WRONGMSG 16 /* The other end endpoint sent a message which has not been recognized */ -#define PCAP_ERR_WRONGVER 17 /* The other end endpoint has a version number that is not compatible with our */ +/* + * Network error codes. + * + * These values are used in messages sent over the network, and MUST + * not be changed. + */ +#define PCAP_ERR_NETW 1 /* Network error */ +#define PCAP_ERR_INITTIMEOUT 2 /* The RPCAP initial timeout has expired */ +#define PCAP_ERR_AUTH 3 /* Generic authentication error */ +#define PCAP_ERR_FINDALLIF 4 /* Generic findalldevs error */ +#define PCAP_ERR_NOREMOTEIF 5 /* The findalldevs was ok, but the remote end had no interfaces to list */ +#define PCAP_ERR_OPEN 6 /* Generic pcap_open error */ +#define PCAP_ERR_UPDATEFILTER 7 /* Generic updatefilter error */ +#define PCAP_ERR_GETSTATS 8 /* Generic pcap_stats error */ +#define PCAP_ERR_READEX 9 /* Generic pcap_next_ex error */ +#define PCAP_ERR_HOSTNOAUTH 10 /* The host is not authorized to connect to this server */ +#define PCAP_ERR_REMOTEACCEPT 11 /* Generic pcap_remoteaccept error */ +#define PCAP_ERR_STARTCAPTURE 12 /* Generic pcap_startcapture error */ +#define PCAP_ERR_ENDCAPTURE 13 /* Generic pcap_endcapture error */ +#define PCAP_ERR_RUNTIMETIMEOUT 14 /* The RPCAP run-time timeout has expired */ +#define PCAP_ERR_SETSAMPLING 15 /* Error during the settings of sampling parameters */ +#define PCAP_ERR_WRONGMSG 16 /* The other end endpoint sent a message which has not been recognized */ +#define PCAP_ERR_WRONGVER 17 /* The other end endpoint has a version number that is not compatible with our */ +#define PCAP_ERR_AUTH_FAILED 18 /* The user couldn't be authenticated */ +#define PCAP_ERR_TLS_REQUIRED 19 /* The server requires TLS to connect */ +#define PCAP_ERR_AUTH_TYPE_NOTSUP 20 /* The authentication type isn't supported */ /* * \brief Buffer used by socket functions to send-receive packets. @@ -445,9 +440,10 @@ struct rpcap_sampling *********************************************************/ #include "sockutils.h" +#include "sslutils.h" extern void rpcap_createhdr(struct rpcap_header *header, uint8 ver, uint8 type, uint16 value, uint32 length); extern const char *rpcap_msg_type_string(uint8 type); -extern int rpcap_senderror(SOCKET sock, uint8 ver, uint16 errcode, const char *error, char *errbuf); +extern int rpcap_senderror(SOCKET sock, SSL *ssl, uint8 ver, uint16 errcode, const char *error, char *errbuf); #endif