Wireshark 4.5.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
packet-dcc.h
1/* packet-dcc.c
2 * Protocol defs for Distributed Checksum Clearinghouse protocol
3 * DCC Home: http://www.rhyolite.com/anti-spam/dcc/
4 *
5 * Copyright 1999, Nathan Neulinger <[email protected]>
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <[email protected]>
9 * Copyright 1998 Gerald Combs
10 *
11 * Copied from packet-tftp.c
12 *
13 * SPDX-License-Identifier: GPL-2.0-or-later
14 */
15
16
17/* Inserted below is dcc_proto.h from the dcc source distribution, with the
18 following changes made:
19
20:%s/u_in*t16_t/uint16_t/g
21:%s/u_in*t32_t/uint32_t/g
22:%s/u_ch*ar/unsigned char/g
23:%s/in*t32_t/int32_t/g
24
25This includes more than is really necessary, but easier to just include whole
26header.
27
28*/
29
30
31/* Distributed Checksum Clearinghouse protocol
32 *
33 * Copyright (c) 2002 by Rhyolite Software
34 *
35 * SPDX-License-Identifier: ISC
36 *
37 * Rhyolite Software DCC 1.0.53-1.45 $Revision: 1.3 $
38 */
39
40#ifndef DCC_PROTO_H
41#define DCC_PROTO_H
42
43
44#define DCC_PORT 6277 /* default UDP port #, MAPS in DTMF */
45
46
47/* No client's retransmission can be delayed by more than this
48 * This matters for how long a DCC server must remember old requests
49 * to recognize retransmissions */
50#define DCC_MAX_DELAY_SEC 30
51
52typedef uint16_t DCC_MS;
53
54/* anonymous client delay */
55#define DCC_MAX_QDELAY_MS (DCC_MAX_DELAY_SEC*1000)
56#define DCC_DEF_QDELAY_MS 0
57
58
59/* types of checksums */
60typedef enum {
61 DCC_CK_INVALID =0, /* deleted from database when seen */
62 DCC_CK_IP =1, /* MD5 of binary source IPv6 address */
63 DCC_CK_ENV_FROM =2, /* " " envelope Mail From value */
64 DCC_CK_FROM =3, /* " " header From: line */
65 DCC_CK_SUB =4, /* " " substitute header line */
66 DCC_CK_MESSAGE_ID=5, /* " " header Message-ID: line */
67 DCC_CK_RECEIVED =6, /* " " last header Received: line */
68 DCC_CK_BODY =7, /* " " body */
69 DCC_CK_FUZ1 =8, /* " " filtered body */
70 DCC_CK_FUZ2 =9, /* " " " " */
71 DCC_CK_FUZ3 =10, /* " " " " */
72 DCC_CK_FUZ4 =11, /* " " " " */
73 DCC_CK_SRVR_ID =12, /* hostname for server-ID check */
74 DCC_CK_ENV_TO =13 /* MD5 of envelope Rcpt To value */
75# define DCC_CK_FLOD_PATH DCC_CK_ENV_TO /* flooding path in server-IDs */
76} DCC_CK_TYPES;
77#define DCC_CK_TYPE_FIRST DCC_CK_IP
78#define DCC_CK_TYPE_LAST DCC_CK_ENV_TO
79#define DCC_NUM_CKS DCC_CK_TYPE_LAST /* # of valid types */
80
81/* DCC_DIM_CKS dimensions arrays of checksum types including DCC_CK_INVALID
82 * Beware that DCC_DIM_CKS is used in the database header. */
83#define DCC_DIM_CKS (DCC_CK_TYPE_LAST+1)
84
85/* Ensure that arrays of DCC_CKs contain an even number so that structures
86 * containing them will have no extra structure packing */
87#define DCC_COMP_DIM_CKS ((((DCC_NUM_CKS+1)+1)/2)*2) /* == DCC_DIM_CKS */
88
89/* keep in the database longer than others */
90#define DCC_CK_LONG_TERM(t) ((t) >= DCC_CK_FUZ1 && (t) <= DCC_CK_FUZ4)
91
92#define DCC_CK_IS_BODY(t) ((t) >= DCC_CK_BODY && (t) <= DCC_CK_FUZ4)
93
94/* ok for users to talk about */
95#define DCC_CK_OK_USER(t) ((t) > DCC_CK_INVALID && (t) <= DCC_CK_FUZ4)
96/* ok in the database */
97#define DCC_CK_OK_DB(t) ((t) > DCC_CK_INVALID && (t) <= DCC_CK_TYPE_LAST)
98#define DCC_CK_OK_PROTO(t) DCC_CK_OK_USER(t) /* ok from clients */
99#define DCC_CK_OK_FLOD(t) DCC_CK_OK_DB(t) /* ok in floods */
100
101typedef unsigned char DCC_CK_TYPE;
102
103
104typedef enum {
105 DCC_OP_INVALID=0,
106 DCC_OP_NOP, /* see if the server is alive */
107 DCC_OP_REPORT, /* client reporting and querying */
108 DCC_OP_QUERY, /* client querying */
109 DCC_OP_QUERY_RESP, /* server responding */
110 DCC_OP_ADMN, /* local control of the server */
111 DCC_OP_OK, /* administrative operation ok */
112 DCC_OP_ERROR, /* server failing or complaining */
113 DCC_OP_DELETE /* delete some checksums */
114} DCC_OPS;
115
116typedef uint32_t DCC_CLNT_ID;
117#define DCC_ID_INVALID 0
118#define DCC_ID_ANON 1 /* anonymous (non-paying) client */
119#define DCC_ID_WHITE 2 /* white-listed */
120#define DCC_ID_COMP 3 /* compressed */
121#define DCC_SRVR_ID_MIN 100 /* below reserved for special uses */
122#define DCC_SRVR_ID_MAX 32767 /* below are servers--must be 2**n-1 */
123#define DCC_CLNT_ID_MIN (DCC_SRVR_ID_MAX+1)
124#define DCC_CLNT_ID_MAX 16777215
125typedef uint16_t DCC_SRVR_ID;
126#define DCC_SRVR_ID_AUTH (DCC_SRVR_ID_MAX+1) /* client was authenticated */
127
128/* client's identification of its transaction */
129typedef struct {
130 uint32_t h; /* client host ID, e.g. IP address */
131 uint32_t p; /* process ID, serial #, timestamp */
132 uint32_t r; /* report ID */
133 uint32_t t; /* client (re)transmission # */
135
136/* The inter-DCC server flooding algorithm depends on unique-per-server
137 * timestamps to detect duplicates. That imposes a requirement on
138 * timestamps that they have resolution enough to separate reports
139 * from clients arriving at any single server.
140 * The timestamps are 48 bits consisting of 17 bits of 8's of microseconds
141 * and 31 bits of seconds. That's sufficient for the UNIX epoch.
142 * If the DCC is still around in the 2030's (and in the unlikely case that
143 * 8 microseconds are still fine enough), we can make the 31 bits be
144 * an offset in a bigger window.
145 */
146#define DCC_TS_USEC_RSHIFT 3
147#define DCC_TS_USEC_MULT (1<<DCC_TS_USEC_RSHIFT)
148#define DCC_TS_SEC_LSHIFT 17
149#define DCC_TS_USEC_MASK ((1<<DCC_TS_SEC_LSHIFT) - 1)
150typedef unsigned char DCC_TS[6];
151
152/* The start of any DCC packet.
153 * The length and version are early, since they are they only fields
154 * that are constrained in future versions. */
155typedef struct {
156 uint16_t len; /* total DCC packet length (for TCP) */
157 unsigned char pkt_vers; /* packet protocol version */
158# define DCC_PKT_VERSION 4
159# define DCC_PKT_VERSION_MIN DCC_PKT_VERSION
160# define DCC_PKT_VERSION_MAX DCC_PKT_VERSION
161 unsigned char op; /* one of DCC_OPS */
162 /* Identify the transaction.
163 * Each client can have many hosts, each host can be multi-homed,
164 * and each host can be running many processes talking to the
165 * server. Each packet needs to be uniquely numbered, so that the
166 * server can recognize as interchangeable all of the (re)transmissions
167 * of a single report (rid) from a client process (pid) on a single
168 * host (hid), and the client can know which transmission (tid)
169 * produced a given server response to maintain the client's RTT
170 * value for the server. */
171 DCC_CLNT_ID sender; /* official DCC client-ID */
172 DCC_OP_NUMS op_nums; /* op_num.t must be last */
173} DCC_HDR;
174
175typedef unsigned char DCC_SIGNATURE[16];
176
177typedef struct {
178 DCC_HDR hdr;
179 DCC_SIGNATURE signature;
180} DCC_NOP;
181
182
183/* administrative requests from localhost
184 * These can be freely changed, because the administrative tools
185 * should match the daemon. */
186typedef enum {
187 DCC_AOP_OK=-1, /* never really sent */
188 DCC_AOP_STOP=1, /* stop gracefully */
189 DCC_AOP_NEW_IDS, /* load keys and client-IDs */
190 DCC_AOP_FLOD, /* start or stop flooding */
191 DCC_AOP_DB_UNLOCK, /* start switch to new database */
192 DCC_AOP_DB_NEW, /* finish switch to new database */
193 DCC_AOP_STATS, /* return counters--val=buffer size */
194 DCC_AOP_STATS_CLEAR, /* return and zero counters */
195 DCC_AOP_TRACE_ON,
196 DCC_AOP_TRACE_OFF,
197 DCC_AOP_CUR_CLIENTS /* some client IP addresses */
198} DCC_AOPS;
199
200/* for DCC_AOP_FLOD */
201typedef enum {
202 DCC_AOP_FLOD_CHECK=0,
203 DCC_AOP_FLOD_SHUTDOWN,
204 DCC_AOP_FLOD_HALT,
205 DCC_AOP_FLOD_RESUME,
206 DCC_AOP_FLOD_REWIND,
207 DCC_AOP_FLOD_LIST,
208 DCC_AOP_FLOD_STATS,
209 DCC_AOP_FLOD_STATS_CLEAR
210} DCC_AOP_FLODS;
211
212typedef struct { /* with operation DCC_OP_ADMN */
213 DCC_HDR hdr;
214 int32_t date; /* seconds since epoch on caller */
215 uint32_t val; /* request type, buffer size, etc. */
216 unsigned char aop; /* one of DCC_AOPS */
217 unsigned char pad[3];
218 DCC_SIGNATURE signature;
220
221/* noisy response to some DCC_AOPS with operation DCC_OP_ADMN */
222typedef struct {
223 unsigned char addr[16];
224 DCC_CLNT_ID id;
225 uint32_t last_used;
226 uint32_t requests;
228typedef union {
229 char string[80*22];
230 DCC_ADMN_RESP_CLIENTS clients[1];
232typedef struct {
233 DCC_HDR hdr;
235 DCC_SIGNATURE signature;
237
238
239#define DCC_TRACE_ADMN_BIT 0x0001 /* administrative requests */
240#define DCC_TRACE_ANON_BIT 0x0002 /* anonymous client errors */
241#define DCC_TRACE_CLNT_BIT 0x0004 /* authenticated client errors */
242#define DCC_TRACE_RLIM_BIT 0x0008 /* rate limited messages */
243#define DCC_TRACE_QUERY_BIT 0x0010 /* all queries and reports */
244#define DCC_TRACE_RIDC_BIT 0x0020 /* RID cache messages */
245#define DCC_TRACE_FLOD_BIT 0x0040 /* input and output flooding */
246/* INFO must always be on */
247#define DCC_TRACE_ALL_BITS (DCC_TRACE_ADMN_BIT | DCC_TRACE_ANON_BIT \
248 | DCC_TRACE_CLNT_BIT | DCC_TRACE_RLIM_BIT \
249 | DCC_TRACE_QUERY_BIT | DCC_TRACE_RIDC_BIT \
250 | DCC_TRACE_FLOD_BIT)
251
252
253typedef char DCC_BRAND[64];
254
255/* administrative or NOP ok */
256typedef struct {
257 DCC_HDR hdr;
258 unsigned char max_pkt_vers; /* can handle this version */
259 unsigned char unused;
260 DCC_MS qdelay_ms;
261 DCC_BRAND brand; /* identity or brandname of sender */
262 DCC_SIGNATURE signature;
263} DCC_OK;
264
265
266/* a reported checksum from a client */
267typedef unsigned char DCC_SUM[16]; /* for now all have 16 bytes */
268typedef struct {
269 DCC_CK_TYPE type;
270 unsigned char len; /* total length of this checksum */
271 DCC_SUM sum;
272} DCC_CK;
273
274typedef uint32_t DCC_TGTS; /* database is limited to 24 bits */
275#define DCC_TGTS_TOO_MANY 0x00fffff0 /* >= 16777200 targets */
276#define DCC_TGTS_OK 0x00fffff1 /* certified not spam */
277#define DCC_TGTS_OK2 0x00fffff2 /* half certified not spam */
278#define DCC_TGTS_DEL 0x00fffff3 /* a deleted checksum */
279#define DCC_TGTS_INVALID 0x01000000
280
281/* query or query/report packet from client to server */
282typedef struct {
283 DCC_HDR hdr;
284 DCC_TGTS tgts; /* # of addressees */
285# define DCC_QUERY_MAX DCC_DIM_CKS
286 DCC_CK cks[DCC_QUERY_MAX]; /* even to prevent structure padding */
287 DCC_SIGNATURE signature;
289
290
291typedef struct {
292 DCC_TGTS tgts[DCC_QUERY_MAX]; /* individual answers */
294
295/* response to a query or query/report */
296typedef struct {
297 DCC_HDR hdr;
299 DCC_SIGNATURE signature;
301
302
303/* DCC_OP_DELETE request to delete checksums */
304typedef struct {
305 DCC_HDR hdr;
306 int32_t date; /* seconds since epoch on caller */
307 DCC_CK ck;
308 unsigned char pad[2]; /* structure padding */
309 DCC_SIGNATURE signature;
310} DCC_DELETE;
311
312
313/* error response from server to client */
314typedef struct {
315 DCC_HDR hdr;
316# define DCC_ERROR_MSG_LEN 128
317 char msg[DCC_ERROR_MSG_LEN];
318 DCC_SIGNATURE signature;
319} DCC_ERROR;
320
321
322/* sender's position or serial number
323 * Only the sender understands sender positions except for these
324 * special values. However, the special values imply that the position
325 * must be big endian. */
326typedef unsigned char DCC_FLOD_POS[8];
327/* special cases sent by the receiver back to the sender */
328#define DCC_FLOD_POS_END 0 /* receiver closing with message */
329#define DCC_FLOD_POS_END_REQ 1 /* receiver wants to stop */
330#define DCC_FLOD_POS_NOTE 2 /* receiver has a tracing message */
331#define DCC_FLOD_POS_COMPLAINT 3 /* receiver has a problem message */
332#define DCC_FLOD_POS_REWIND 4 /* receiver's database emptied */
333#define DCC_FLOD_POS_MIN 10
334
335#define DCC_FLOD_OK_STR "DCC flod ok: "
336#define DCC_FLOD_MAX_RESP 200
337
338/* report forwarded among servers */
339typedef struct {
340 DCC_FLOD_POS pos;
341 unsigned char tgts[sizeof(DCC_TGTS)];
342 unsigned char srvr_id_auth[sizeof(DCC_SRVR_ID)]; /* receiving server */
343 DCC_TS ts; /* date reported */
344 unsigned char num_cks;
345 DCC_CK cks[DCC_QUERY_MAX];
346} DCC_FLOD;
347
348/* record of path taken by a report */
349#define DCC_NUM_FLOD_PATH ((int)(sizeof(DCC_SUM)/sizeof(DCC_SRVR_ID)))
350typedef struct {
351 unsigned char hi, lo;
353
354typedef struct {
355 DCC_FLOD_POS z;
356 char msg[DCC_FLOD_MAX_RESP];
357 char null;
358} FLOD_END;
359typedef struct {
360 DCC_FLOD_POS op;
361 unsigned char len;
362 char str[DCC_FLOD_MAX_RESP];
363} FLOD_NOTE;
364#define FLOD_NOTE_OVHD ((int)sizeof(FLOD_NOTE)-DCC_FLOD_MAX_RESP)
365
366#define DCC_FLOD_VERSION_STR_BASE "DCC flod version "
367#define DCC_FLOD_VERSION5_STR DCC_FLOD_VERSION_STR_BASE"5"
368#define DCC_FLOD_VERSION5 5
369#define DCC_FLOD_VERSION6_STR DCC_FLOD_VERSION_STR_BASE"6"
370#define DCC_FLOD_VERSION6 6
371#define DCC_FLOD_VERSION7_STR DCC_FLOD_VERSION_STR_BASE"7"
372#define DCC_FLOD_VERSION7 7
373#define DCC_FLOD_VERSION_DEF 0
374#define DCC_FLOD_VERSION_CUR_STR DCC_FLOD_VERSION7_STR
375#define DCC_FLOD_VERSION_CUR DCC_FLOD_VERSION7
376typedef struct {
377# define DCC_FLOD_VERSION_STR_LEN 64
378 char str[DCC_FLOD_VERSION_STR_LEN];
379 DCC_SRVR_ID sender_srvr_id;
380 unsigned char turn;
381 unsigned char unused[3];
383typedef struct {
385 char pad[256-sizeof(DCC_FLOD_VERSION_BODY)-sizeof(DCC_SIGNATURE)];
386 DCC_SIGNATURE signature;
388
389
390#endif /* DCC_PROTO_H */
Definition packet-dcc.h:212
Definition packet-dcc.h:222
Definition packet-dcc.h:232
Definition packet-dcc.h:268
Definition packet-dcc.h:304
Definition packet-dcc.h:314
Definition packet-dcc.h:350
Definition packet-dcc.h:376
Definition packet-dcc.h:383
Definition packet-dcc.h:339
Definition packet-dcc.h:155
Definition packet-dcc.h:177
Definition packet-dcc.h:256
Definition packet-dcc.h:129
Definition packet-dcc.h:282
Definition packet-dcc.h:291
Definition packet-dcc.h:296
Definition packet-dcc.h:354
Definition packet-dcc.h:359
Definition packet-dcc.h:228