sipwise
/
kamailio
mirror of https://github.com/sipwise/kamailio.git
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3.1'
${ noResults }
kamailio/ser_stun.c

1157 lines
31 KiB
Raw Permalink Blame History

/*
* $Id$
*
* Copyright (C) 2001-2003 FhG Fokus
*
* This file is part of ser, a free SIP server.
*
* ser is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version
*
* For a license to use the ser software under conditions
* other than those described here, or to purchase support for this
* software, please contact iptel.org by e-mail at the following addresses:
* info@iptel.org
*
* ser is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* History
* --------
* 2006-10-13 created (vlada)
* 2006-12-14 fixed calculation of body length (vlada)
*/
/*!
* \file
* \brief SIP-router core ::
* \ingroup core
* Module: \ref core
*/
#ifdef USE_STUN
#include <arpa/inet.h>
#include <openssl/sha.h>
#include "ser_stun.h"
#include "forward.h"
/*
* ****************************************************************************
* Declaration of functions *
* ****************************************************************************
*/
int stun_parse_header(struct stun_msg* req, USHORT_T* error_code);
int stun_parse_body(
struct stun_msg* req,
struct stun_unknown_att** unknown,
USHORT_T* error_code);
void stun_delete_unknown_attrs(struct stun_unknown_att* unknown);
struct stun_unknown_att* stun_alloc_unknown_attr(USHORT_T type);
int stun_add_address_attr(struct stun_msg* res,
UINT_T af,
USHORT_T port,
UINT_T* ip_addr,
USHORT_T type,
int do_xor);
int add_unknown_attr(struct stun_msg* res, struct stun_unknown_att* unknown);
int add_error_code(struct stun_msg* res, USHORT_T error_code);
int add_fingerprint(struct stun_buffer* msg);
int copy_str_to_buffer(struct stun_msg* res, const char* data, UINT_T pad);
int validate_fingerprint(struct stun_msg* req, USHORT_T* error_code);
int reallock_buffer(struct stun_buffer* buffer, UINT_T len);
int buf_copy(struct stun_buffer* msg, void* source, UINT_T len);
void clean_memory(struct stun_msg* req,
struct stun_msg* res, struct stun_unknown_att* unknown);
int stun_create_response(
struct stun_msg* req,
struct stun_msg* res,
struct receive_info* ri,
struct stun_unknown_att* unknown,
UINT_T error_code);
int stun_add_common_integer_attr(struct stun_msg* res, USHORT_T type, UINT_T value);
int stun_add_common_text_attr(struct stun_msg* res, USHORT_T type, char* value,
USHORT_T pad);
/*
* ****************************************************************************
* Definition of functions *
* ****************************************************************************
*/
/*
* stun_process_msg():
* buf - incoming message
* len - length of incoming message
* ri - information about socket that received a message and
* also information about sender (its IP, port, protocol)
*
* This function ensures processing of incoming message. It's common for both
* TCP and UDP protocol. There is no other function as an interface.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*
*/
int stun_process_msg(char* buf, unsigned len, struct receive_info* ri)
{
struct stun_msg msg_req;
struct stun_msg msg_res;
struct dest_info dst;
struct stun_unknown_att* unknown;
USHORT_T error_code;
memset(&msg_req, 0, sizeof(msg_req));
memset(&msg_res, 0, sizeof(msg_res));
msg_req.msg.buf.s = buf;
msg_req.msg.buf.len = len;
unknown = NULL;
error_code = RESPONSE_OK;
if (stun_parse_header(&msg_req, &error_code) != 0) {
goto error;
}
if (error_code == RESPONSE_OK) {
if (stun_parse_body(&msg_req, &unknown, &error_code) != 0) {
goto error;
}
}
if (stun_create_response(&msg_req, &msg_res, ri,
unknown, error_code) != 0) {
goto error;
}
init_dst_from_rcv(&dst, ri);
#ifdef EXTRA_DEBUG
struct ip_addr ip;
su2ip_addr(&ip, &dst.to);
LOG(L_DBG, "DEBUG: stun_process_msg: decoded request from (%s:%d)\n", ip_addr2a(&ip),
su_getport(&dst.to));
#endif
/* send STUN response */
if (msg_send(&dst, msg_res.msg.buf.s, msg_res.msg.buf.len) != 0) {
goto error;
}
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_process_msg: send response\n");
#endif
clean_memory(&msg_req, &msg_res, unknown);
return 0;
error:
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_process_msg: failed to decode request\n");
#endif
clean_memory(&msg_req, &msg_res, unknown);
return FATAL_ERROR;
}
/*
* stun_parse_header():
* - req: request from host that should be processed
* - error_code: indication of any protocol error
*
* This function ensures parsing of incoming header.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int stun_parse_header(struct stun_msg* req, USHORT_T* error_code)
{
if (sizeof(req->hdr) > req->msg.buf.len) {
/* the received message does not contain whole header */
LOG(L_INFO, "INFO: stun_parse_header: incomplete header of STUN message\n");
/* Any better solution? IMHO it's not possible to send error response
* because the transaction ID is not available.
*/
return FATAL_ERROR;
}
memcpy(&req->hdr, req->msg.buf.s, sizeof(struct stun_hdr));
req->hdr.type = ntohs(req->hdr.type);
/* the SER supports only Binding Request right now */
if (req->hdr.type != BINDING_REQUEST) {
LOG(L_INFO, "INFO: stun_parse_header: unsupported type of STUN message: %x\n",
req->hdr.type);
/* resending of same message is not welcome */
*error_code = GLOBAL_FAILURE_ERR;
}
req->hdr.len = ntohs(req->hdr.len);
/* check if there is correct magic cookie */
req->old = (req->hdr.id.magic_cookie == htonl(MAGIC_COOKIE)) ? 0 : 1;
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_header: request is old: %i\n", req->old);
#endif
return 0;
}
/*
* stun_parse_body():
* - req: request from host that should be processed
* - unknown: this is a link list header of attributes
* that are unknown to SER; defaul value is NULL
* - error_code: indication of any protocol error
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int stun_parse_body(
struct stun_msg* req,
struct stun_unknown_att** unknown,
USHORT_T* error_code)
{
int not_parsed;
struct stun_attr attr;
USHORT_T attr_size;
UINT_T padded_len;
struct stun_unknown_att* tmp_unknown;
struct stun_unknown_att* body;
char* buf;
int fp_present;
attr_size = sizeof(struct stun_attr);
buf = &req->msg.buf.s[sizeof(struct stun_hdr)];
fp_present = 0;
/*
* Mark the body lenght as unparsed.
*/
not_parsed = req->msg.buf.len - sizeof(struct stun_hdr);
if (not_parsed != req->hdr.len) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: body too short to be valid\n");
#endif
*error_code = BAD_REQUEST_ERR;
return 0;
}
tmp_unknown = *unknown;
body = NULL;
while (not_parsed > 0 && *error_code == RESPONSE_OK) {
memset(&attr, 0, attr_size);
/* check if there are 4 bytes for attribute type and its value */
if (not_parsed < 4) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: attribute header short to be valid\n");
#endif
*error_code = BAD_REQUEST_ERR;
continue;
}
memcpy(&attr, buf, attr_size);
buf += attr_size;
not_parsed -= attr_size;
/* check if there is enought unparsed space for attribute's value */
if (not_parsed < ntohs(attr.len)) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: remaining message is shorter then attribute length\n");
#endif
*error_code = BAD_REQUEST_ERR;
continue;
}
/* check if the attribute is known to the server */
switch (ntohs(attr.type)) {
case REALM_ATTR:
case NONCE_ATTR:
case MAPPED_ADDRESS_ATTR:
case XOR_MAPPED_ADDRESS_ATTR:
case ALTERNATE_SERVER_ATTR:
case REFRESH_INTERVAL_ATTR:
case RESPONSE_ADDRESS_ATTR:
case SOURCE_ADDRESS_ATTR:
case REFLECTED_FROM_ATTR:
case CHANGE_REQUEST_ATTR:
case CHANGED_ADDRESS_ATTR:
padded_len = ntohs(attr.len);
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: known attributes\n");
#endif
break;
/* following attributes must be padded to 4 bytes */
case USERNAME_ATTR:
case PASSWORD_ATTR:
case ERROR_CODE_ATTR:
case UNKNOWN_ATTRIBUTES_ATTR:
case SERVER_ATTR:
padded_len = PADDED_TO_FOUR(ntohs(attr.len));
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: padded to four\n");
#endif
break;
/* MESSAGE_INTEGRITY must be padded to sixty four bytes*/
case MESSAGE_INTEGRITY_ATTR:
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: message integrity attribute found\n");
#endif
padded_len = PADDED_TO_SIXTYFOUR(ntohs(attr.len));
break;
case FINGERPRINT_ATTR:
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: fingerprint attribute found\n");
#endif
fp_present = 1;
if (ntohs(attr.len) != SHA_DIGEST_LENGTH) {
LOG(L_WARN,
"WARNING: STUN: Incorrect fingerprint of request.\n");
*error_code = BAD_REQUEST_ERR;
continue;
}
memcpy(req->fp, buf, SHA_DIGEST_LENGTH);
if(stun_allow_fp) {
if (validate_fingerprint(req, error_code) != 0) {
LOG(L_WARN,
"WARNING: STUN: Incorrect fingerprint of request.\n");
*error_code = BAD_REQUEST_ERR;
continue;
}
}
padded_len = SHA_DIGEST_LENGTH;
if (not_parsed > SHA_DIGEST_LENGTH) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: fingerprint is not the last attribute\n");
#endif
/* fingerprint must be last parameter in request */
*error_code = BAD_REQUEST_ERR;
continue;
}
break;
default:
/*
* the attribute is uknnown to the server
* let see if it's necessary to generate error response
*/
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: low endian: attr - 0x%x const - 0x%x\n", ntohs(attr.type), MANDATORY_ATTR);
LOG(L_DBG, "DEBUG: big endian: attr - 0x%x const - 0x%x\n", attr.type, htons(MANDATORY_ATTR));
#endif
if (ntohs(attr.type) <= MANDATORY_ATTR) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: mandatory unknown attribute found - 0x%x\n", ntohs(attr.type));
#endif
tmp_unknown = stun_alloc_unknown_attr(attr.type);
if (tmp_unknown == NULL) {
return FATAL_ERROR;
}
if (*unknown == NULL) {
*unknown = body = tmp_unknown;
}
else {
body->next = tmp_unknown;
body = body->next;
}
}
#ifdef EXTRA_DEBUG
else {
LOG(L_DBG, "DEBUG: stun_parse_body: optional unknown attribute found - 0x%x\n", ntohs(attr.type));
}
#endif
padded_len = ntohs(attr.len);
break;
}
/* check if there is enough unparsed space for the padded attribute
(the padded length might be greater then the attribute length)
*/
if (not_parsed < padded_len) {
break;
}
buf += padded_len;
not_parsed -= padded_len;
} /* while */
/*
* The unknown attribute error code must set after parsing of whole body
* because it's necessary to obtain all of unknown attributes!
*/
if (*error_code == RESPONSE_OK && *unknown != NULL) {
*error_code = UNKNOWN_ATTRIBUTE_ERR;
}
if (fp_present == 0 && req->old == 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_parse_body: fingerprint is missing is this new request\n");
#endif
/* missing mandatory attribute fingerprint */
*error_code = BAD_REQUEST_ERR;
}
return 0;
}
/*
* stun_create_response():
* - req: original request from host
* - res: this will represent response to host
* - ri: information about request, necessary because of IP
* address and port
* - unknown: link list of unknown attributes
* - error_code: indication of any protocol error
*
* The function stun_create_response ensures creating response to a host.
* The type of response depends on value of error_code parameter.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int stun_create_response(
struct stun_msg* req,
struct stun_msg* res,
struct receive_info* ri,
struct stun_unknown_att* unknown,
UINT_T error_code)
{
UINT_T msg_len;
/*
* Alloc some space for response.
* Optimalization? - maybe it would be better to use biggish static array.
*/
res->msg.buf.s = (char *) pkg_malloc(sizeof(char)*STUN_MSG_LEN);
if (res->msg.buf.s == NULL) {
LOG(L_ERR, "ERROR: STUN: out of memory\n");
return FATAL_ERROR;
}
memset(res->msg.buf.s, 0, sizeof(char)*STUN_MSG_LEN);
res->msg.buf.len = 0;
res->msg.empty = STUN_MSG_LEN;
/* use magic cookie and transaction ID from request */
memcpy(&res->hdr.id, &req->hdr.id, sizeof(struct transaction_id));
/* the correct body length will be added ASAP it will be known */
res->hdr.len = htons(0);
if (error_code == RESPONSE_OK) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: creating normal response\n");
#endif
res->hdr.type = htons(BINDING_RESPONSE);
/* copy header into msg buffer */
if (buf_copy(&res->msg, (void *) &res->hdr,
sizeof(struct stun_hdr)) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to copy buffer\n");
#endif
return FATAL_ERROR;
}
/*
* If the SER received message in old format, then the body will
* contain MAPPED-ADDRESS attribute instead of XOR-MAPPED-ADDRESS
* attribute.
*/
if (req->old == 0) {
if (stun_add_address_attr(res, ri->src_ip.af, ri->src_port,
ri->src_ip.u.addr32, XOR_MAPPED_ADDRESS_ATTR,
XOR) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to add address\n");
#endif
return FATAL_ERROR;
}
if (stun_add_common_integer_attr(res, REFRESH_INTERVAL_ATTR,
stun_refresh_interval) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to common attributes\n");
#endif
return FATAL_ERROR;
}
}
else {
if (stun_add_address_attr(res, ri->src_ip.af, ri->src_port,
ri->src_ip.u.addr32, MAPPED_ADDRESS_ATTR, !XOR) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to add address\n");
#endif
return FATAL_ERROR;
}
}
}
else {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: creating error response\n");
#endif
res->hdr.type = htons(BINDING_ERROR_RESPONSE);
if (buf_copy(&res->msg, (void *) &res->hdr,
sizeof(struct stun_hdr)) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to copy buffer\n");
#endif
return FATAL_ERROR;
}
if (add_error_code(res, error_code) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to add error code\n");
#endif
return FATAL_ERROR;
}
if (unknown != NULL) {
if (add_unknown_attr(res, unknown) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to add unknown attribute\n");
#endif
return FATAL_ERROR;
}
}
}
if (req->old == 0) {
/*
* add optional information about server; attribute SERVER is not a part of
* rfc3489.txt
* */
if (stun_add_common_text_attr(res, SERVER_ATTR, SERVER_HDR, PAD4)!=0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to add common text attribute\n");
#endif
return FATAL_ERROR;
}
}
if (req->old == 0 && stun_allow_fp) {
/* count length of body except header and fingerprint
* and copy message length at the beginning of buffer
*/
msg_len = res->msg.buf.len - sizeof(struct stun_hdr);
msg_len += SHA_DIGEST_LENGTH + sizeof(struct stun_attr);
res->hdr.len = htons(msg_len);
memcpy(&res->msg.buf.s[sizeof(USHORT_T)], (void *) &res->hdr.len,
sizeof(USHORT_T));
if (add_fingerprint(&res->msg) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: stun_create_response: failed to add fingerprint\n");
#endif
return FATAL_ERROR;
}
}
else {
res->hdr.len = htons(res->msg.buf.len - sizeof(struct stun_hdr));
memcpy(&res->msg.buf.s[sizeof(USHORT_T)], (void *) &res->hdr.len,
sizeof(USHORT_T));
}
return 0;
}
/*
* add_unknown_attr()
* - res: response representation
* - unknown: link list of unknown attributes
*
* The function add_unknown_attr ensures copy of link list of unknown
* attributes into response buffer.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*
*/
int add_unknown_attr(struct stun_msg* res, struct stun_unknown_att* unknown)
{
struct stun_attr attr;
struct stun_unknown_att* tmp_unknown;
UINT_T counter;
USHORT_T orig_len;
counter = 0;
orig_len = res->msg.buf.len;
tmp_unknown = unknown;
attr.type = htons(UNKNOWN_ATTRIBUTES_ATTR);
attr.len = htons(0);
if (buf_copy(&res->msg, (void *) &attr, sizeof(struct stun_attr)) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: add_unknown_attr: failed to copy buffer\n");
#endif
return FATAL_ERROR;
}
while (tmp_unknown != NULL) {
if (buf_copy(&res->msg, (void *)&tmp_unknown->type,
sizeof(USHORT_T)) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: add_unknown_attr: failed to copy unknown attribute\n");
#endif
return FATAL_ERROR;
}
tmp_unknown = tmp_unknown->next;
++counter;
}
attr.len = htons(res->msg.buf.len - orig_len);
memcpy(&res->msg.buf.s[orig_len], (void *)&attr, sizeof(struct stun_attr));
/* check if there is an odd number of unknown attributes and if yes,
* repeat one of them because of padding to 32
*/
if (counter/2 != 0 && unknown != NULL) {
if (buf_copy(&res->msg, (void *)&unknown->type, sizeof(USHORT_T))!=0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: add_unknown_attr: failed to padd\n");
#endif
return FATAL_ERROR;
}
}
return 0;
}
/*
* add_error_code()
* - res: response representation
* - error_code: value of error type
*
* The function add_error_code ensures copy of link list of unknown
* attributes into response buffer.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int add_error_code(struct stun_msg* res, USHORT_T error_code)
{
struct stun_attr attr;
USHORT_T orig_len;
USHORT_T two_bytes;
int text_pad;
char err[2];
orig_len = res->msg.buf.len;
text_pad = 0;
/* the type and length will be copy as last one because of unknown length*/
if (res->msg.buf.len < sizeof(struct stun_attr)) {
if (reallock_buffer(&res->msg, sizeof(struct stun_attr)) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: add_error_code: failed to reallocate buffer\n");
#endif
return FATAL_ERROR;
}
}
res->msg.buf.len += sizeof(struct stun_attr);
res->msg.empty -= sizeof(struct stun_attr);
/* first two bytes are empty */
two_bytes = 0x0000;
if (buf_copy(&res->msg, (void *) &two_bytes, sizeof(USHORT_T)) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: add_error_code: failed to copy buffer\n");
#endif
return FATAL_ERROR;
}
err[0] = error_code / 100;
err[1] = error_code % 100;
if (buf_copy(&res->msg, (void *) err, sizeof(UCHAR_T)*2) != 0) {
return FATAL_ERROR;
}
switch (error_code) {
case TRY_ALTERNATE_ERR:
text_pad = copy_str_to_buffer(res, TRY_ALTERNATE_TXT, PAD4);
break;
case BAD_REQUEST_ERR:
text_pad = copy_str_to_buffer(res, BAD_REQUEST_TXT, PAD4);
break;
case UNAUTHORIZED_ERR:
text_pad = copy_str_to_buffer(res, UNAUTHORIZED_TXT, PAD4);
break;
case UNKNOWN_ATTRIBUTE_ERR:
text_pad = copy_str_to_buffer(res, UNKNOWN_ATTRIBUTE_TXT, PAD4);
break;
case STALE_CREDENTIALS_ERR:
text_pad = copy_str_to_buffer(res, STALE_CREDENTIALS_TXT, PAD4);
break;
case INTEGRITY_CHECK_ERR:
text_pad = copy_str_to_buffer(res, INTEGRITY_CHECK_TXT, PAD4);
break;
case MISSING_USERNAME_ERR:
text_pad = copy_str_to_buffer(res, MISSING_USERNAME_TXT, PAD4);
break;
case USE_TLS_ERR:
text_pad = copy_str_to_buffer(res, USE_TLS_TXT, PAD4);
break;
case MISSING_REALM_ERR:
text_pad = copy_str_to_buffer(res, MISSING_REALM_TXT, PAD4);
break;
case MISSING_NONCE_ERR:
text_pad = copy_str_to_buffer(res, MISSING_NONCE_TXT, PAD4);
break;
case UNKNOWN_USERNAME_ERR:
text_pad = copy_str_to_buffer(res, UNKNOWN_USERNAME_TXT, PAD4);
break;
case STALE_NONCE_ERR:
text_pad = copy_str_to_buffer(res, STALE_NONCE_TXT, PAD4);
break;
case SERVER_ERROR_ERR:
text_pad = copy_str_to_buffer(res, SERVER_ERROR_TXT, PAD4);
break;
case GLOBAL_FAILURE_ERR:
text_pad = copy_str_to_buffer(res, GLOBAL_FAILURE_TXT, PAD4);
break;
default:
LOG(L_ERR, "ERROR: STUN: Unknown error code.\n");
break;
}
if (text_pad < 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: add_error_code: text_pad is negative\n");
#endif
goto error;
}
attr.type = htons(ERROR_CODE_ATTR);
/* count length of "value" field -> without type and lehgth field */
attr.len = htons(res->msg.buf.len - orig_len -
text_pad - sizeof(struct stun_attr));
memcpy(&res->msg.buf.s[orig_len], (void *)&attr, sizeof(struct stun_attr));
return 0;
error:
return FATAL_ERROR;
}
/*
* copy_str_to_buffer()
* - res: response representation
* - data: text data, in our case almost text representation of error
* - pad: the size of pad (for how much bytes the string should be
* padded
*
* The function copy_str_to_buffer ensures copy of text buffer into response
* buffer.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int copy_str_to_buffer(struct stun_msg* res, const char* data, UINT_T pad)
{
USHORT_T pad_len;
UINT_T data_len;
UCHAR_T empty[pad];
data_len = strlen(data);
memset(&empty, 0, pad);
pad_len = (pad - data_len%pad) % pad;
if (buf_copy(&res->msg, (void *) data, sizeof(UCHAR_T)*data_len) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: copy_str_to_buffer: failed to copy buffer\n");
#endif
return FATAL_ERROR;
}
if (pad_len != 0) {
if (buf_copy(&res->msg, &empty, pad_len) != 0) {
#ifdef EXTRA_DEBUG
LOG(L_DBG, "DEBUG: copy_str_to_buffer: failed to pad\n");
#endif
return FATAL_ERROR;
}
}
return pad_len;
}
/*
* stun_add_address_attr()
* - res: response representation
* - af: address family
* - port: port
* - ip_addr: represent both IPv4 and IPv6, the differences is in
* length
* - type: type of attribute
* - do_xor: if the port should be XOR-ed or not.
*
* The function stun_add_address_attr ensures copy of any IP attribute into
* response buffer.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int stun_add_address_attr(struct stun_msg* res,
UINT_T af,
USHORT_T port,
UINT_T* ip_addr,
USHORT_T type,
int do_xor)
{
struct stun_attr attr;
UINT_T id[IP_ADDR];
int ip_struct_len;
int i;
ip_struct_len = 0;
attr.type = htons(type);
res->ip_addr.port = (do_xor) ? htons(port) ^ MAGIC_COOKIE_2B : htons(port);
switch(af) {
case AF_INET:
ip_struct_len = sizeof(struct stun_ip_addr) - 3*sizeof(UINT_T);
res->ip_addr.family = htons(IPV4_FAMILY);
memcpy(res->ip_addr.ip, ip_addr, IPV4_LEN);
res->ip_addr.ip[0] = (do_xor) ?
res->ip_addr.ip[0] ^ MAGIC_COOKIE : res->ip_addr.ip[0];
break;
#ifdef USE_IPV6
case AF_INET6:
ip_struct_len = sizeof(struct stun_ip_addr);
res->ip_addr.family = htons(IPV6_FAMILY);
memcpy(&res->ip_addr.ip, ip_addr, IPV6_LEN);
memcpy(id, &res->hdr.id, sizeof(struct transaction_id));
for (i=0; i<IP_ADDR; i++) {
res->ip_addr.ip[i] = (do_xor) ?
res->ip_addr.ip[i] ^ id[i] : res->ip_addr.ip[i];
}
break;
#endif /* USE_IPV6 */
default:
break;
}
attr.len = htons(ip_struct_len);
/* copy type and attribute's length */
if (buf_copy(&res->msg, (void *) &attr, sizeof(struct stun_attr)) != 0) {
return FATAL_ERROR;
}
/* copy family, port and IP */
if (buf_copy(&res->msg, (void *) &res->ip_addr, ip_struct_len) != 0) {
return FATAL_ERROR;
}
return 0;
}
/*
* add_fingerprint()
* - msg: response buffer
*
* The function add_fingerprint ensures adding fingerprint attribute into
* response buffer.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int add_fingerprint(struct stun_buffer* msg)
{
struct stun_attr attr;
USHORT_T attr_type_size;
attr_type_size = sizeof(struct stun_attr);
attr.type = htons(FINGERPRINT_ATTR);
attr.len = htons(SHA_DIGEST_LENGTH);
if (msg->empty < (SHA_DIGEST_LENGTH + attr_type_size)) {
if (reallock_buffer(msg, SHA_DIGEST_LENGTH + attr_type_size) != 0) {
return FATAL_ERROR;
}
}
memcpy(&msg->buf.s[msg->buf.len], (void *) &attr, attr_type_size);
msg->buf.len += attr_type_size;
msg->empty -= attr_type_size;
if (SHA1((UCHAR_T *)msg->buf.s, msg->buf.len-attr_type_size,
(UCHAR_T *) &msg->buf.s[msg->buf.len]) == 0) {
LOG(L_ERR, "ERROR: STUN: SHA-1 algorithm failed.\n");
return FATAL_ERROR;
}
msg->buf.len += SHA_DIGEST_LENGTH;
msg->empty -= SHA_DIGEST_LENGTH;
return 0;
}
/*
* stun_alloc_unknown_attr()
* - type: type of unknown attribute
*
* The function stun_alloc_unknown_attr ensures allocationg new element for
* the link list of unknown attributes.
*
* Return value: pointer to new element of link list in positive case
* NULL if there is some enviroment error such as insufficiency
* of memory
*/
struct stun_unknown_att* stun_alloc_unknown_attr(USHORT_T type)
{
struct stun_unknown_att* attr;
attr = (struct stun_unknown_att *) pkg_malloc(sizeof(struct stun_unknown_att));
if (attr == NULL) {
LOG(L_ERR, "ERROR: STUN: out of memory\n");
return NULL;
}
attr->type = type;
attr->next = NULL;
return attr;
}
/*
* stun_delete_unknown_attrs()
* - unknown: link list of unknown attributes
*
* The function stun_delete_unknown_attrs ensures deleting of link list
*
* Return value: none
*/
void stun_delete_unknown_attrs(struct stun_unknown_att* unknown)
{
struct stun_unknown_att* tmp_unknown;
if (unknown == NULL) {
return;
}
while(unknown->next) {
tmp_unknown = unknown->next;
unknown->next = tmp_unknown->next;
pkg_free(tmp_unknown);
}
pkg_free(unknown);
}
/*
* validate_fingerprint()
* - req: structure representing request message
* - error_code: indication of any protocol error
*
* The function validate_fingerprint ensures validation of FINGERPRINT
* attribute.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int validate_fingerprint(struct stun_msg* req, USHORT_T* error_code)
{
UCHAR_T msg_digest[SHA_DIGEST_LENGTH];
UINT_T buf_len;
buf_len = req->hdr.len + sizeof(struct stun_hdr);
buf_len -= SHA_DIGEST_LENGTH + sizeof(struct stun_attr);
if (SHA1((UCHAR_T *) req->msg.buf.s, buf_len, msg_digest) == 0) {
LOG(L_ERR, "ERROR: STUN: SHA-1 algorithm failed.\n");
return FATAL_ERROR;
}
if (memcmp((void *)req->fp, (void *)&msg_digest, SHA_DIGEST_LENGTH) != 0) {
*error_code = BAD_REQUEST_ERR;
}
return 0;
}
/*
* buf_copy()
* - msg: buffer where the data will be copy to
* - source: source data buffer
* - len: number of bytes that should be copied
*
* The function buf_copy copies "len" bytes from source into msg buffer
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int buf_copy(struct stun_buffer* msg, void* source, UINT_T len)
{
if (msg->empty < len) {
if (reallock_buffer(msg, len) != 0) {
return FATAL_ERROR;
}
}
memcpy(&msg->buf.s[msg->buf.len], source, len);
msg->buf.len += len;
msg->empty -= len;
return 0;
}
/*
* reallock_buffer()
* - buffer: original buffer
* - len: represents minimum of bytes that must be available after
* reallocation
*
* The function reallock_buffer reallocks buffer. New buffer's length will be
* original length plus bigger from len and STUN_MSG_LEN constant.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int reallock_buffer(struct stun_buffer* buffer, UINT_T len)
{
char* tmp_buf;
UINT_T new_len;
new_len = (STUN_MSG_LEN < len) ? STUN_MSG_LEN+len : STUN_MSG_LEN;
tmp_buf = (char *) pkg_realloc(buffer->buf.s,
buffer->buf.len + buffer->empty + new_len);
if (tmp_buf == 0) {
LOG(L_ERR, "ERROR: STUN: out of memory\n");
return FATAL_ERROR;
}
buffer->buf.s = tmp_buf;
buffer->empty += new_len;
return 0;
}
/*
* clean_memory()
* - res: structure representing response message
* - unknown: link list of unknown attributes
*
* The function clean_memory should free dynamic allocated memory.
*
* Return value: none
*/
void clean_memory(struct stun_msg* req,
struct stun_msg* res, struct stun_unknown_att* unknown)
{
#ifdef DYN_BUF
pkg_free(req->msg.buf.s);
#endif
if (res->msg.buf.s != NULL) {
pkg_free(res->msg.buf.s);
}
stun_delete_unknown_attrs(unknown);
}
/*
* stun_add_common_integer_attr()
* - res: structure representing response
* - type: type of attribute
* - value: attribute's value
*
* The function stun_add_common_integer_attr copy attribute with integer value
* into response buffer.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int stun_add_common_integer_attr(struct stun_msg* res,
USHORT_T type,
UINT_T value)
{
struct stun_attr attr;
attr.type = htons(type);
attr.len = htons(sizeof(UINT_T));
if (buf_copy(&res->msg, (void *) &attr, sizeof(struct stun_attr)) != 0) {
return FATAL_ERROR;
}
value = htonl(value);
if (buf_copy(&res->msg, (void *) &value, sizeof(UINT_T)) != 0) {
return FATAL_ERROR;
}
return 0;
}
/*
* stun_add_common_text_attr()
* - res: structure representing response
* - type: type of attribute
* - value: attribute's value
* - pad: size of pad
*
* The function stun_add_common_text_attr copy attribute with string value
* into response buffer.
*
* Return value: 0 if there is no environment error
* -1 if there is some enviroment error such as insufficiency
* of memory
*/
int stun_add_common_text_attr(struct stun_msg* res,
USHORT_T type,
char* value,
USHORT_T pad)
{
struct stun_attr attr;
if (value == NULL) {
LOG(L_INFO, "INFO: stun_add_common_text_attr: value is NULL\n");
return 0;
}
attr.type = htons(type);
attr.len = htons(strlen(value));
if (buf_copy(&res->msg, (void *) &attr, sizeof(struct stun_attr)) != 0) {
return FATAL_ERROR;
}
if (copy_str_to_buffer(res, value, pad) < 0) {
return FATAL_ERROR;
}
return 0;
}
#endif /* USE_STUN */
Reference in new issue View Git Blame Copy Permalink