packetgen 1.2.0 → 1.3.0

data/lib/packetgen/inspect.rb

@@ -9,7 +9,7 @@ module PacketGen
     INSPECT_MAX_WIDTH = 70
 
     # Format to inspect attribute
-    INSPECT_FMT_ATTR = "%7s %12s: %s\n"
+    INSPECT_FMT_ATTR = "%10s %12s: %s\n"
 
     # Create a dashed line with +obj+ class writing in it
     # @param [String] name
@@ -26,7 +26,7 @@ module PacketGen
     end
 
     # @param [#to_i] value
-    # @param [Integer] hex_size
+    # @param [Integer] hexsize
     # @return [String]
     def self.int_dec_hex(value, hexsize)
       "%-10s (0x%0#{hexsize}x)" % [value.to_i, value.to_i]
@@ -34,7 +34,7 @@ module PacketGen
 
     # Format an attribute for +#inspect+.
     # 3 cases are handled:
-    # * attribute value is a {StructFu::Int}: show value as integer and in
+    # * attribute value is a {Types::Int}: show value as integer and in
     #   hexdecimal format,
     # * attribute value responds to +#to_human+: call it,
     # * else, +#to_s+ is used to format attribute value.
@@ -44,7 +44,7 @@ module PacketGen
     # @return [String]
     def self.inspect_attribute(attr, value, level=1)
       str = shift_level(level)
-      val = if value.is_a? StructFu::Int
+      val = if value.is_a? Types::Int
               int_dec_hex(value, value.to_s.size * 2)
             elsif value.respond_to? :to_human
               value.to_human
@@ -57,6 +57,7 @@ module PacketGen
     # @param [#to_s] body
     # @return [String]
     def self.inspect_body(body)
+      return '' if body.nil?
       str = dashed_line('Body', 2)
       str << (0..15).to_a.map { |v| " %02d" % v}.join << "\n"
       str << '-' * INSPECT_MAX_WIDTH << "\n"

data/lib/packetgen/packet.rb

@@ -65,54 +65,7 @@ module PacketGen
     # @return [Packet]
     # @raise [ArgumentError] +first_header+ is an unknown header
     def self.parse(binary_str, first_header: nil)
-      pkt = new
-
-      if first_header.nil?
-        # No decoding forced for first header. Have to guess it!
-        Header.all.each do |hklass|
-          hdr = hklass.new
-          hdr.read binary_str
-          # First header is found when:
-          # * for one known header,
-          # * it exists a known binding with a upper header
-          hklass.known_headers.each do |nh, bindings|
-            bindings.each do |binding|
-              if hdr.send(binding.key) == binding.value
-                first_header = hklass.to_s.gsub(/.*::/, '')
-                break
-              end
-              break unless first_header.nil?
-            end
-          end
-          break unless first_header.nil?
-        end
-        if first_header.nil?
-          raise ParseError, 'cannot identify first header in string'
-        end
-      end
-
-      pkt.add(first_header)
-      pkt.headers.last.read binary_str
-
-      # Decode upper headers recursively
-      decode_packet_bottom_up = true
-      while decode_packet_bottom_up do
-        last_known_hdr = pkt.headers.last
-        last_known_hdr.class.known_headers.each do |nh, bindings|
-          bindings.each do |binding|
-            if last_known_hdr.send(binding.key) == binding.value
-              str = last_known_hdr.body
-              pkt.add nh.to_s.gsub(/.*::/, '')
-              pkt.headers.last.read str
-              break
-            end
-          end
-          break unless last_known_hdr == pkt.headers.last
-        end
-        decode_packet_bottom_up = (pkt.headers.last != last_known_hdr)
-      end
-
-      pkt
+      new.parse binary_str, first_header: first_header
     end
 
     # Capture packets from +iface+
@@ -206,9 +159,9 @@ module PacketGen
     end
 
     # Get packet body
-    # @return [StructFu]
+    # @return [Types]
     def body
-      @headers.last.body
+      @headers.last.body if @headers.last.respond_to? :body
     end
 
     # Set packet body
@@ -268,12 +221,37 @@ module PacketGen
         prev_header = idx > 0 ? @headers[idx - 1] : nil
         next_header = (idx+1) < @headers.size ? @headers[idx + 1] : nil
         @headers.delete_at(idx)
-        add_header(next_header, prev_header) if prev_header and next_header
+        if prev_header and next_header
+          add_header(next_header, previous_header: prev_header)
+        end
       end
     rescue ArgumentError => ex
       raise FormatError, ex.message
     end
 
+    # Parse a binary string and populate Packet from it.
+    # @param [String] binary_str
+    # @param [String,nil] first_header First protocol header. +nil+ means discover it!
+    # @return [Packet] self
+    # @raise [ArgumentError] +first_header+ is an unknown header
+    def parse(binary_str, first_header: nil)
+      @headers.clear
+
+      if first_header.nil?
+        # No decoding forced for first header. Have to guess it!
+        first_header = guess_first_header(binary_str)
+        if first_header.nil?
+          raise ParseError, 'cannot identify first header in string'
+        end
+      end
+      add first_header
+      @headers[-1, 1] = @headers.last.read(binary_str)
+
+      # Decode upper headers recursively
+      decode_bottom_up
+      self
+    end
+
     # @return [String]
     def inspect
       str = Inspect.dashed_line(self.class)
@@ -332,23 +310,23 @@ module PacketGen
     end
 
     # Add a header to packet
-    # @param [Header::HeaderMethods] header
-    # @param [Header::HeaderMethods] previous_header
+    # @param [Header::Base] header
+    # @param [Header::Base] previous_header
     # @return [void]
-    def add_header(header, previous_header=nil)
+    def add_header(header, previous_header: nil, parsing: false)
       protocol = header.protocol_name
       prev_header = previous_header || @headers.last
       if prev_header
         bindings = prev_header.class.known_headers[header.class]
-        if bindings.nil? or bindings.empty?
+        if bindings.nil?
           msg = "#{prev_header.class} knowns no layer association with #{protocol}. "
           msg << "Try #{prev_header.class}.bind_layer(PacketGen::Header::#{protocol}, "
           msg << "#{prev_header.protocol_name.downcase}_proto_field: "
           msg << "value_for_#{protocol.downcase})"
           raise ArgumentError, msg
         end
-        prev_header[bindings.first.key].read bindings.first.value
-        prev_header.body = header
+        bindings.set(prev_header) if !bindings.empty? and !parsing
+        prev_header[:body] = header
       end
       header.packet = self
       @headers << header unless previous_header
@@ -357,6 +335,45 @@ module PacketGen
                               "header(#{header.class}, arg); end"
       end
     end
+
+    def guess_first_header(binary_str)
+      first_header = nil
+      Header.all.each do |hklass|
+        hdr = hklass.new
+        # #read may return another object (more specific class)
+        hdr = hdr.read(binary_str)
+        # First header is found when:
+        # * for one known header,
+        # * it exists a known binding with a upper header
+        search_header(hdr) do
+          first_header = hklass.to_s.gsub(/.*::/, '')
+        end
+        break unless first_header.nil?
+      end
+      first_header
+    end
+
+    def decode_bottom_up
+      decode_packet_bottom_up = true
+      while decode_packet_bottom_up do
+        last_known_hdr = @headers.last
+        search_header(last_known_hdr) do |nh|
+          str = last_known_hdr.body
+          add_header nh.new, parsing: true
+          @headers[-1, 1] = @headers.last.read(str)
+        end
+        decode_packet_bottom_up = (@headers.last != last_known_hdr)
+      end
+    end
+
+    def search_header(hdr)
+      hdr.class.known_headers.each do |nh, bindings|
+        if bindings.check?(hdr)
+          yield nh
+          break
+        end
+      end
+    end
   end
 end
 

data/lib/packetgen/pcapng/block.rb

@@ -6,20 +6,41 @@
 module PacketGen
   module PcapNG
 
-    # Mixin module to declare some common methods for block classes.
-    module Block
+    # @abstract Base class for all block types
+    # @author Sylvain Daubert
+    class Block < Types::Fields
+
+      # @return [:little, :big]
+      attr_accessor :endian
+
+      # @!attribute type
+      #  32-bit block type
+      #  @return [Integer]
+      define_field :type, Types::Int32
+      # @!attribute block_len
+      #  32-bit block length
+      #  @return [Integer]
+      define_field :block_len, Types::Int32
+      # @!attribute block_len
+      #  32-bit block length
+      #  @return [Integer]
+      define_field :block_len2, Types::Int32
+
+      def initialize(options={})
+        super
+      end
 
       # Has this block option?
       # @return [Boolean]
       def has_options?
-        self[:options].size > 0
+        @fields.has_key?(:options) && @fields[:options].sz > 0
       end
 
       # Calculate block length and update :block_len and block_len2 fields
       # @return [void]
       def recalc_block_len
-        len = to_a.map(&:to_s).join.size
-        self[:block_len].value = self[:block_len2].value = len
+        len = fields.map { |f| @fields[f].to_s }.join.size
+        self.block_len = self.block_len2 = len
       end
 
       # Pad given field to 32 bit boundary, if needed
@@ -27,11 +48,32 @@ module PacketGen
       # @return [void]
       def pad_field(*fields)
         fields.each do |field|
-          unless self[field].size % 4 == 0
-            self[field] << "\x00" * (4 - (self[field].size % 4))
+          unless @fields[field].size % 4 == 0
+            @fields[field] << "\x00" * (4 - (@fields[field].size % 4))
           end
         end
       end
+
+      private
+
+      # Set the endianness for the various Int classes handled by self.
+      # Must be called by all subclass #initialize method.
+      # @param [:little, :big] e
+      # @return [:little, :big] returns e
+      def set_endianness(e)
+        unless [:little, :big].include? e
+          raise ArgumentError, "unknown endianness for #{self.class}"
+        end
+        @endian = e
+        @fields.each { |f_, v| v.endian = e if v.is_a?(Types::Int) }
+        e
+      end
+
+      def check_len_coherency
+        unless self[:block_len].to_i == self[:block_len2].to_i
+          raise InvalidFileError, 'Incoherency in Block length'
+        end
+      end
     end
   end
 end

data/lib/packetgen/pcapng/epb.rb

@@ -19,18 +19,42 @@ module PacketGen
     #   String  :data
     #   String  :options
     #   Int32   :block_len2
-    class EPB < Struct.new(:type, :block_len, :interface_id, :tsh, :tsl,
-                           :cap_len, :orig_len, :data, :options, :block_len2)
-      include StructFu
-      include Block
+    class EPB < Block
+
+      # Minimum EPB size
+      MIN_SIZE     = 8*4
 
       # @return [:little, :big]
       attr_accessor :endian
       # @return [IPB]
       attr_accessor :interface
 
-      # Minimum EPB size
-      MIN_SIZE     = 8*4
+      # @!attribute interface_id
+      #  32-bit interface ID
+      #  @return [Integer]
+      define_field_before :block_len2, :interface_id, Types::Int32, default: 0
+      # @!attribute tsh
+      #  high 32-bit timestamp value
+      #  @return [Integer]
+      define_field_before :block_len2, :tsh, Types::Int32, default: 0
+      # @!attribute tsl
+      #  low 32-bit imestamp value
+      #  @return [Integer]
+      define_field_before :block_len2, :tsl, Types::Int32, default: 0
+      # @!attribute cap_len
+      #  32-bit capture length
+      #  @return [Integer]
+      define_field_before :block_len2, :cap_len, Types::Int32, default: 0
+      # @!attribute orig_len
+      #  32-bit original length
+      #  @return [Integer]
+      define_field_before :block_len2, :orig_len, Types::Int32, default: 0
+      # @!attribute data
+      #  @return [Types::String]
+      define_field_before :block_len2, :data, Types::String
+      # @!attribute options
+      #  @return [Types::String]
+      define_field_before :block_len2, :options, Types::String
 
       # @param [Hash] options
       # @option options [:little, :big] :endian set block endianness
@@ -47,29 +71,10 @@ module PacketGen
       # @option options [::String] :options
       # @option options [Integer] :block_len2 block total length
       def initialize(options={})
-        @endian = set_endianness(options[:endian] || :little)
-        init_fields(options)
-        super(options[:type], options[:block_len], options[:interface_id], options[:tsh],
-              options[:tsl], options[:cap_len], options[:orig_len], options[:data],
-              options[:options], options[:block_len2])
-      end
-
-      # Used by {#initialize} to set the initial fields
-      # @param [Hash] options
-      # @see #initialize possible options
-      # @return [Hash] return +options+
-      def init_fields(options={})
-        options[:type]  = @int32.new(options[:type] || PcapNG::EPB_TYPE.to_i)
-        options[:block_len] = @int32.new(options[:block_len] || MIN_SIZE)
-        options[:interface_id] = @int32.new(options[:interface_id] || 0)
-        options[:tsh] = @int32.new(options[:tsh] || 0)
-        options[:tsl] = @int32.new(options[:tsl] || 0)
-        options[:cap_len] = @int32.new(options[:cap_len] || 0)
-        options[:orig_len] = @int32.new(options[:orig_len] || 0)
-        options[:data] = StructFu::String.new(options[:data] || '')
-        options[:options] = StructFu::String.new(options[:options] || '')
-        options[:block_len2] = @int32.new(options[:block_len2] || MIN_SIZE)
-        options
+        super
+        set_endianness(options[:endian] || :little)
+        recalc_block_len
+        self.type = options[:type] || PcapNG::EPB_TYPE.to_i
       end
 
       # Reads a String or a IO to populate the object
@@ -98,10 +103,7 @@ module PacketGen
         self[:options].read io.read(options_len)
         self[:block_len2].read io.read(4)
 
-        unless self[:block_len].to_i == self[:block_len2].to_i
-          raise InvalidFileError, 'Incoherency in Extended Packet Block'
-        end
-      
+        check_len_coherency
         self
       end
 
@@ -116,7 +118,7 @@ module PacketGen
       def to_s
         pad_field :data, :options
         recalc_block_len
-        to_a.map(&:to_s).join
+        fields.map { |f| @fields[f].to_s }.join
       end
 
 

data/lib/packetgen/pcapng/file.rb

@@ -8,6 +8,14 @@ module PacketGen
 
     # PcapNG::File is a complete Pcap-NG file handler.
     class File
+
+      # Known link types
+      KNOWN_LINK_TYPES = {
+        LINKTYPE_ETHERNET => 'Eth',
+        LINKTYPE_IPV4 => 'IP',
+        LINKTYPE_IPV6 => 'IPv6'
+      }
+
       # Get file sections
       # @return [Array]
       attr_accessor :sections
@@ -74,6 +82,7 @@ module PacketGen
       # @overload read_packet_bytes(fname)
       #  @param [String] fname pcapng file name
       #  @yieldparam [String] raw packet raw data
+      #  @yieldparam [Integer] interface's link_type from which packet was captured
       #  @return [Integer] number of packets
       # @raise [ArgumentError] cannot read +fname+
       def read_packet_bytes(fname, &blk)
@@ -83,7 +92,7 @@ module PacketGen
         readfile(fname) do |packet|
           if blk
             count += 1
-            yield packet.data.to_s
+            yield packet.data.to_s, packet.interface.link_type
           else
             packets << packet.data.to_s
           end
@@ -106,12 +115,19 @@ module PacketGen
         count = 0
         packets = [] unless blk
 
-        read_packet_bytes(fname) do |packet|
+        read_packet_bytes(fname) do |packet, link_type|
+          first_header = KNOWN_LINK_TYPES[link_type]
+          parsed_pkt = if first_header.nil?
+                         # unknown link type, try to guess
+                         Packet.parse(packet)
+                       else
+                         Packet.parse(packet, first_header: first_header)
+                       end
           if blk
             count += 1
-            yield Packet.parse(packet)
+            yield parsed_pkt
           else
-            packets << Packet.parse(packet)
+            packets << parsed_pkt
           end
         end
 
@@ -277,7 +293,7 @@ module PacketGen
       # @return [void]
       def parse_section(io)
         shb = SHB.new
-        type = StructFu::Int32.new(0, shb.endian).read(io.read(4))
+        type = Types::Int32.new(0, shb.endian).read(io.read(4))
         io.seek(-4, IO::SEEK_CUR)
         shb = parse(type, io, shb)
         raise InvalidFileError, 'no Section header found' unless shb.is_a?(SHB)
@@ -287,7 +303,7 @@ module PacketGen
           section = StringIO.new(io.read(shb.section_len.to_i))
           while !section.eof? do
             shb = @sections.last
-            type = StructFu::Int32.new(0, shb.endian).read(section.read(4))
+            type = Types::Int32.new(0, shb.endian).read(section.read(4))
             section.seek(-4, IO::SEEK_CUR)
             block = parse(type, section, shb)
           end
@@ -295,7 +311,7 @@ module PacketGen
           # section length is undefined
           while !io.eof?
             shb = @sections.last
-            type = StructFu::Int32.new(0, shb.endian).read(io.read(4))
+            type = Types::Int32.new(0, shb.endian).read(io.read(4))
             io.seek(-4, IO::SEEK_CUR)
             block = parse(type, io, shb)
           end
@@ -303,7 +319,7 @@ module PacketGen
       end
 
       # Parse a block from its type
-      # @param [StructFu::Int32] type
+      # @param [Types::Int32] type
       # @param [IO] io stream from which parse block
       # @param [SHB] shb header of current section
       # @return [void]

data/lib/packetgen/pcapng/idb.rb

@@ -16,10 +16,13 @@ module PacketGen
     #   Int64   :snaplen        Default: 0 (no limit)
     #   String  :options
     #   Int32   :block_len2
-    class IDB < Struct.new(:type, :block_len, :link_type, :reserved,
-                           :snaplen, :options, :block_len2)
-      include StructFu
-      include Block
+    class IDB < Block
+
+      # Minimum IDB size
+      MIN_SIZE     = 5*4
+
+      # Option code for if_tsresol option
+      OPTION_IF_TSRESOL = 9
 
       # @return [:little, :big]
       attr_accessor :endian
@@ -28,11 +31,21 @@ module PacketGen
       # @return [Array<EPB,SPB>]
       attr_accessor :packets
 
-      # Minimum IDB size
-      MIN_SIZE     = 5*4
-
-      # Option code for if_tsresol option
-      OPTION_IF_TSRESOL = 9
+      # @!attribute link_type
+      #  16-bit link type
+      #  @return [Integer]
+      define_field_before :block_len2, :link_type, Types::Int16, default: 1
+      # @!attribute reserved
+      #  16-bit reserved field
+      #  @return [Integer]
+      define_field_before :block_len2, :reserved, Types::Int16, default: 0
+      # @!attribute snaplen
+      #  32-bit snap length
+      #  @return [Integer]
+      define_field_before :block_len2, :snaplen, Types::Int32, default: 0
+      # @!attribute options
+      #  @return [Types::String]
+      define_field_before :block_len2, :options, Types::String
 
       # @param [Hash] options
       # @option options [:little, :big] :endian set block endianness
@@ -45,27 +58,12 @@ module PacketGen
       # @option options [::String] :options
       # @option options [Integer] :block_len2 block total length
       def initialize(options={})
-        @endian = set_endianness(options[:endian] || :little)
+        super
+        set_endianness(options[:endian] || :little)
         @packets = []
         @options_decoded = false
-        init_fields(options)
-        super(options[:type], options[:block_len], options[:link_type], options[:reserved],
-              options[:snaplen], options[:options], options[:block_len2])
-      end
-
-      # Used by {#initialize} to set the initial fields
-      # @see #initialize possible options
-      # @param [Hash] options
-      # @return [Hash] return +options+
-      def init_fields(options={})
-        options[:type]  = @int32.new(options[:type] || PcapNG::IDB_TYPE.to_i)
-        options[:block_len] = @int32.new(options[:block_len] || MIN_SIZE)
-        options[:link_type] = @int16.new(options[:link_type] || 1)
-        options[:reserved] = @int16.new(options[:reserved] || 0)
-        options[:snaplen] = @int32.new(options[:snaplen] || 0)
-        options[:options] = StructFu::String.new(options[:options] || '')
-        options[:block_len2] = @int32.new(options[:block_len2] || MIN_SIZE)
-        options
+        recalc_block_len
+        self.type = options[:type] || PcapNG::IDB_TYPE.to_i
       end
 
       # Reads a String or a IO to populate the object
@@ -87,10 +85,7 @@ module PacketGen
         self[:options].read io.read(self[:block_len].to_i - MIN_SIZE)
         self[:block_len2].read io.read(4)
 
-        unless self[:block_len].to_i == self[:block_len2].to_i
-          raise InvalidFileError, 'Incoherency in Interface Description Block'
-        end
-      
+        check_len_coherency
         self
       end
       
@@ -141,7 +136,7 @@ module PacketGen
       def to_s
         pad_field :options
         recalc_block_len
-        to_a.map(&:to_s).join + @packets.map(&:to_s).join
+        fields.map { |f| @fields[f].to_s }.join << @packets.map(&:to_s).join
       end
 
     end