packetgen 1.1.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 21f7a146ddb2ba2b7e8b86933360a97d95344fef
-  data.tar.gz: e26c103bc3ef15ca5d7064163cd747716215a71b
+  metadata.gz: dfd9d08f263a51dd186442e4b8f8395be3a964a2
+  data.tar.gz: f68b293509bf734b7aa1760ba976b437ce3fba4c
 SHA512:
-  metadata.gz: 304723a5e11714b3092606fd7f7529fd1a4d6ec0b427e364d3603b63cca20fbfc410a996d80a1a3cfb58106e855dcf5fbc76dd957b589eee6b97c1fa70379312
-  data.tar.gz: d95e4b3fa118e33ae9296626fd2855d6d3eaad9a4d2e0fd4605cfca5bdfd193b4397fd4411164a018dfbbf37868a35026134acf01cd2fdb52729cb90c05bc7fd
+  metadata.gz: 024c502d411c3ae81f7272bb5476964421738e3357d6a5e8b6308600408a499805f0015497d31ca792278857dc23609f2352c26a23011ef17c6edc40fe44e726
+  data.tar.gz: 968a82ca1231067f5bc68fefae05c80842ff4b058fb17ff9c269320662e7eb6acb5db4c54435be479294857cadc41fee0d7fcb7d795437b982a30ae2fba17bed

data/.travis.yml

@@ -4,11 +4,15 @@ rvm:
   - 2.1
   - 2.2
   - 2.3.3
+  - 2.4.0
 
 install:
   - sudo apt-get update -qq
   - sudo apt-get install libpcap-dev -qq
   - bundler install --path vendor/bundle --jobs=3 --retry=3
+before_script:
+  - openssl version
+  - gem list openssl
 script:
   - bundler exec rake
   - rvmsudo bundle exec rake spec:sudo

data/lib/packetgen/header.rb

@@ -42,10 +42,7 @@ module PacketGen
     # @return [Array<Class>]
     def self.all
       return @header_classes if @header_classes
-
-      @builtin ||= constants.map { |sym| const_get sym }.
-                 select { |klass| klass < Struct && klass < HeaderMethods }
-      @header_classes = @builtin + @added_header_classes.values
+      @header_classes = @added_header_classes.values
     end
 
     # Add a foreign header class to known header classes. This is
@@ -95,3 +92,4 @@ require_relative 'header/ipv6'
 require_relative 'header/icmpv6'
 require_relative 'header/udp'
 require_relative 'header/tcp'
+require_relative 'header/esp'

data/lib/packetgen/header/arp.rb

@@ -184,6 +184,8 @@ module PacketGen
       alias :dst_ip= :tpa=
     end
 
+    self.add_class ARP
+
     Eth.bind_header ARP, ethertype: 0x806
   end
 end

data/lib/packetgen/header/esp.rb

@@ -0,0 +1,474 @@
+module PacketGen
+  module Header
+
+    # Error about enciphering/deciphering was encountered
+    class CipherError < Error;end
+
+    # A ESP header consists of:
+    # * a Security Parameters Index (#{spi}, {Int32} type),
+    # * a Sequence Number ({#sn}, +Int32+ type),
+    # * a {#body} (variable length),
+    # * an optional TFC padding ({#tfc}, variable length),
+    # * an optional {#padding} (to align ESP on 32-bit boundary, variable length),
+    # * a {#pad_length} ({Int8}),
+    # * a Next header field ({#next}, +Int8+),
+    # * and an optional Integrity Check Value ({#icv}, variable length).
+    #
+    # == Create an ESP header
+    #  # standalone
+    #  esp = PacketGen::Header::ESP.new
+    #  # in a packet
+    #  pkt = PacketGen.gen('IP').add('ESP')
+    #  # access to ESP header
+    #  pkt.esp   # => PacketGen::Header::ESP
+    #
+    # == Examples
+    # === Create an enciphered UDP packet (ESP transport mode), using CBC mode
+    #  icmp = PacketGen.gen('IP', src: '192.168.1.1', dst: '192.168.2.1').
+    #                   add('ESP', spi: 0xff456e01, sn: 12345678).
+    #                   add('UDP', dport: 4567, sport: 45362, body 'abcdef')
+    #  cipher = OpenSSL::Cipher.new('aes-128-cbc')
+    #  cipher.encrypt
+    #  cipher.key = 16bytes_key
+    #  iv = 16bytes_iv
+    #  esp.esp.encrypt! cipher, iv
+    #
+    # === Create a ESP packet tunneling a UDP one, using GCM combined mode
+    #  # create inner UDP packet
+    #  icmp = PacketGen.gen('IP', src: '192.168.1.1', dst: '192.168.2.1').
+    #                   add('UDP', dport: 4567, sport: 45362, body 'abcdef')
+    #
+    #  # create outer ESP packet
+    #  esp = PacketGen.gen('IP', src '198.76.54.32', dst: '1.2.3.4').add('ESP')
+    #  esp.esp.spi = 0x87654321
+    #  esp.esp.sn  = 0x123
+    #  esp.esp.icv_length = 16
+    #  # encapsulate ICMP packet in ESP one
+    #  esp.encapsulate icmp
+    #  
+    #  # encrypt ESP payload
+    #  cipher = OpenSSL::Cipher.new('aes-128-gcm')
+    #  cipher.encrypt
+    #  cipher.key = 16bytes_key
+    #  iv = 8bytes_iv
+    #  esp.esp.encrypt! cipher, iv, salt: 4bytes_gcm_salt
+    #
+    # === Decrypt a ESP packet using CBC mode and HMAC-SHA-256
+    #  cipher = OpenSSL::Cipher.new('aes-128-cbc')
+    #  cipher.decrypt
+    #  cipher.key = 16bytes_key
+    #  
+    #  hmac = OpenSSL::HMAC.new(hmac_key, OpenSSL::Digest::SHA256.new)
+    #
+    #  pkt.esp.decrypt! cipher, intmode: hmac    # => true if ICV check OK
+    # @author Sylvain Daubert
+    class ESP < Struct.new(:spi, :sn, :body, :tfc, :padding,
+                           :pad_length, :next, :icv)
+      include StructFu
+      include HeaderMethods
+      extend HeaderClassMethods
+
+      # IP protocol number for ESP
+      IP_PROTOCOL = 50
+
+      # Well-known UDP port for ESP
+      UDP_PORT = 4500
+
+      # ICV (Integrity Check Value) length
+      # @return [Integer]
+      attr_accessor :icv_length
+
+      # @param [Hash] options
+      # @option options [Integer] :icv_length ICV length
+      # @option options [Integer] :spi Security Parameters Index
+      # @option options [Integer] :sn Sequence Number
+      # @option options [::String] :body ESP payload data
+      # @option options [::String] :tfc Traffic Flow Confidentiality, random padding
+      #    up to MTU
+      # @option options [::String] :padding ESP padding to align ESP on 32-bit
+      #    boundary
+      # @option options [Integer] :pad_length padding length
+      # @option options [Integer] :next Next Header field
+      # @option options [::String] :icv Integrity Check Value
+      def initialize(options={})
+        @icv_length = options[:icv_length] || 0
+        super Int32.new(options[:spi]),
+              Int32.new(options[:sn]),
+              StructFu::String.new.read(options[:body]),
+              StructFu::String.new.read(options[:tfc]),
+              StructFu::String.new.read(options[:padding]),
+              Int8.new(options[:pad_length]),
+              Int8.new(options[:next]),
+              StructFu::String.new.read(options[:icv])
+      end
+
+      # Read a ESP packet from string.
+      #
+      # {#padding} and {#tfc} are not set as they are enciphered (impossible
+      # to guess their respective size). {#pad_length} and {#next} are also
+      # enciphered.
+      # @param [String] str
+      # @return [self]
+      def read(str)
+        return self if str.nil?
+        raise ParseError, 'string too short for ESP' if str.size < self.sz
+        force_binary str
+        self[:spi].read str[0, 4]
+        self[:sn].read str[4, 4]
+        self[:body].read str[8...-@icv_length-2]
+        self[:tfc].read ''
+        self[:padding].read ''
+        self[:pad_length].read str[-@icv_length-2, 1]
+        self[:next].read str[-@icv_length-1, 1]
+        self[:icv].read str[-@icv_length, @icv_length] if @icv_length
+        self
+      end
+
+      # Getter for SPI attribute
+      # @return [Integer]
+      def spi
+        self[:spi].to_i
+      end
+
+      # Setter for SPI attribute
+      # @param [Integer] val
+      # @return [Integer]
+      def spi=(val)
+        typecast val
+      end
+
+      # Getter for SN attribute
+      # @return [Integer]
+      def sn
+        self[:sn].to_i
+      end
+
+      # Setter for SN attribute
+      # @param [Integer] val
+      # @return [Integer]
+      def sn=(val)
+        typecast val
+      end
+
+      # Getter for +pad_length+ attribute
+      # @return [Integer]
+      def pad_length
+        self[:pad_length].to_i
+      end
+
+      # Setter for +pad_length+ attribute
+      # @param [Integer] val
+      # @return [Integer]
+      def pad_length=(val)
+        typecast val
+      end
+
+      # Getter for +next+ attribute
+      # @return [Integer]
+      def next
+        self[:next].to_i
+      end
+
+      # Setter for +next+ attribute
+      # @param [Integer] val
+      # @return [Integer]
+      def next=(val)
+        typecast val
+      end
+
+      # Encrypt in-place ESP payload and trailer.
+      #
+      # This method removes all data from +tfc+ and +padding+ fields, as their
+      # enciphered values are concatenated into +body+.
+      #
+      # It also removes headers under ESP from packet, as they are enciphered in
+      # ESP body, and then are no more accessible.
+      # @param [OpenSSL::Cipher] cipher keyed cipher.
+      #   This cipher is confidentiality-only one, or AEAD one. To use a second
+      #   cipher to add integrity, use +:intmode+ option.
+      # @param [String] iv full IV for encryption
+      #  * CTR and GCM modes: +iv+ is 8-bytes long.
+      # @param [Hash] options
+      # @option options [String] :salt salt value for CTR and GCM modes
+      # @option options [Boolean] :tfc
+      # @option options [Fixnum] :tfc_size ESP body size used for TFC
+      #   (default 1444, max size for a tunneled IPv4/ESP packet).
+      #   This is the maximum size for ESP packet (without IP header
+      #   nor Eth one).
+      # @option options [Fixnum] :esn 32 high-orber bits of ESN
+      # @option options [Fixnum] :pad_length set a padding length
+      # @option options [String] :padding set a padding. No check with
+      #   +:pad_length+ is made. If +:pad_length+ is not set, +:padding+
+      #   length is shortened to correct padding length
+      # @option options [OpenSSL::HMAC] :intmode integrity mode to use with a
+      #   confidentiality-only cipher. Only HMAC are supported.
+      # @return [self]
+      def encrypt!(cipher, iv, options={})
+        opt = { salt: '', tfc_size: 1444 }.merge(options)
+
+        set_crypto cipher, opt[:intmode]
+
+        real_iv = force_binary(opt[:salt]) + force_binary(iv)
+        real_iv += [1].pack('N') if confidentiality_mode == 'ctr'
+        cipher.iv = real_iv
+
+        authenticate_esp_header_if_needed options, iv
+
+        case confidentiality_mode
+        when 'cbc'
+          cipher_len = self.body.sz + 2
+          self.pad_length = (16 - (cipher_len % 16)) % 16
+        else
+          mod4 = to_s.size % 4
+          self.pad_length = 4 - mod4 if mod4 > 0
+        end
+
+        if opt[:pad_length]
+          self.pad_length = opt[:pad_length]
+          padding = force_binary(opt[:padding] || (1..self.pad_length).to_a.pack("C*"))
+          self[:padding].read padding
+        else
+          padding = force_binary(opt[:padding] || (1..self.pad_length).to_a.pack("C*"))
+          self[:padding].read padding[0...self.pad_length]
+        end
+
+        tfc = ''
+        if opt[:tfc]
+          tfc_size = opt[:tfc_size] - body.sz
+          if tfc_size > 0
+            case confidentiality_mode
+            when 'cbc'
+              tfc_size = (tfc_size / 16) * 16
+            else
+              tfc_size = (tfc_size / 4) * 4
+            end
+            tfc = force_binary("\0" * tfc_size)
+          end
+        end
+
+        msg = self.body.to_s + tfc
+        msg += self[:padding].to_s + self[:pad_length].to_s + self[:next].to_s
+        enc_msg = encipher(msg)
+        # as padding is used to pad for CBC mode, this is unused
+        cipher.final
+
+        self[:body] = StructFu::String.new(iv) << enc_msg[0..-3]
+        self[:pad_length].read enc_msg[-2]
+        self[:next].read enc_msg[-1]
+
+        # reset padding field as it has no sense in encrypted ESP
+        self[:padding].read ''
+
+        set_esp_icv_if_needed
+
+        # Remove enciphered headers from packet
+        id = header_id(self)
+        if id < packet.headers.size - 1
+          (packet.headers.size-1).downto(id+1) do |index|
+            packet.headers.delete_at index
+          end
+        end
+
+        self
+      end
+
+      # Decrypt in-place ESP payload and trailer.
+      # @param [OpenSSL::Cipher] cipher keyed cipher
+      #   This cipher is confidentiality-only one, or AEAD one. To use a second
+      #   cipher to add integrity, use +:intmode+ option.
+      # @param [Hash] options
+      # @option options [Boolean] :parse parse deciphered payload to retrieve
+      #   headers (default: +true+)
+      # @option options [Fixnum] :icv_length ICV length for captured packets,
+      #   or read from PCapNG files
+      # @option options [String] :salt salt value for CTR and GCM modes
+      # @option options [Fixnum] :esn 32 high-orber bits of ESN
+      # @option options [OpenSSL::HMAC] :intmode integrity mode to use with a
+      #   confidentiality-only cipher. Only HMAC are supported.
+      # @return [Boolean] +true+ if ESP packet is authenticated
+      def decrypt!(cipher, options={})
+        opt = { :salt => '', parse: true }.merge(options)
+
+        set_crypto cipher, opt[:intmode]
+
+        case confidentiality_mode
+        when 'gcm'
+          iv = self.body.slice!(0, 8)
+          real_iv = opt[:salt] + iv
+        when 'cbc'
+          cipher.padding = 0
+          real_iv = iv = self.body.slice!(0, 16)
+        when 'ctr'
+          iv = self.body.slice!(0, 8)
+          real_iv = opt[:salt] + iv + [1].pack('N')
+        else
+          real_iv = iv = self.body.slice!(0, 16)
+        end
+        cipher.iv = real_iv
+
+        if authenticated? and (@icv_length == 0 or opt[:icv_length])
+          raise ParseError, 'unknown ICV size' unless opt[:icv_length]
+          @icv_length = opt[:icv_length].to_i
+          # reread ESP to handle new ICV size
+          msg = self.body.to_s + self[:pad_length].to_s
+          msg += self[:next].to_s
+          self[:icv].read msg.slice!(-@icv_length, @icv_length)
+          self[:body].read msg[0..-3]
+          self[:pad_length].read msg[-2]
+          self[:next].read msg[-1]
+        end
+
+        authenticate_esp_header_if_needed options, iv, self[:icv]
+        private_decrypt cipher, opt
+      end
+
+      private
+
+      def set_crypto(conf, intg)
+        @conf, @intg = conf, intg
+      end
+
+      def confidentiality_mode
+        mode = @conf.name.match(/-([^-]*)$/)[1]
+        raise CipherError, 'unknown cipher mode' if mode.nil?
+        mode.downcase
+      end
+
+      def authenticated?
+        @conf.authenticated? or !!@intg
+      end
+
+      def authenticate!
+        @conf.final
+        if @intg
+          @intg.update @esn.to_s if @esn
+          @intg.digest[0, @icv_length] == @icv
+        else
+          true
+        end
+      rescue OpenSSL::Cipher::CipherError
+        false
+      end
+
+      def encipher(data)
+        enciphered_data = @conf.update(data)
+        @intg.update(enciphered_data) if @intg
+        enciphered_data
+      end
+
+      def decipher(data)
+        @intg.update(data) if @intg
+        @conf.update(data)
+      end
+
+      def get_auth_data(opt)
+        ad = self[:spi].to_s
+        if opt[:esn]
+          @esn = StructFu::Int32.new(opt[:esn])
+          ad << @esn.to_s if @conf.authenticated?
+        end
+        ad << self[:sn].to_s
+      end
+
+      def authenticate_esp_header_if_needed(opt, iv, icv=nil)
+        if @conf.authenticated?
+          @conf.auth_tag = icv if icv
+          @conf.auth_data = get_auth_data(opt)
+        elsif @intg
+          @intg.reset
+          @intg.update get_auth_data(opt)
+          @intg.update iv
+          @icv = icv
+        else
+          @icv = nil
+        end
+      end
+
+      def set_esp_icv_if_needed
+        return unless authenticated?
+        if @conf.authenticated?
+          self[:icv].read @conf.auth_tag[0, @icv_length]
+        else
+          self[:icv].read @intg.digest[0, @icv_length]
+        end
+      end
+
+      def private_decrypt(cipher, options)
+        # decrypt
+        msg = self.body.to_s
+        msg += self[:padding].to_s + self[:pad_length].to_s + self[:next].to_s
+        plain_msg = decipher(msg)
+
+        # check authentication tag
+        if authenticated?
+          return false unless authenticate!
+        end
+
+        # Set ESP fields
+        self[:body].read plain_msg[0..-3]
+        self[:pad_length].read plain_msg[-2]
+        self[:next].read plain_msg[-1]
+
+        # Set padding
+        if self.pad_length > 0
+          len = self.pad_length
+          self[:padding].read self.body.slice!(-len, len)
+        end
+
+        # Set TFC padding
+        encap_length = 0
+        pkt = nil
+        case self.next
+        when 4   # IPv4
+        pkt = Packet.parse(body, first_header: 'IP')
+        encap_length = pkt.ip.length
+        when 41  # IPv6
+          pkt = Packet.parse(body, first_header: 'IPv6')
+          encap_length = pkt.ipv6.length + pkt.ipv6.sz
+        when ICMP::IP_PROTOCOL
+          pkt = Packet.parse(body, first_header: 'ICMP')
+          # no size field. cannot recover TFC padding
+          encap_length = body.sz
+        when UDP::IP_PROTOCOL
+          pkt = Packet.parse(body, first_header: 'UDP')
+          encap_length = pkt.udp.length
+        when TCP::IP_PROTOCOL
+          # No length in TCP header, so TFC may not be used.
+          # Or underlayer protocol should have a size information...
+          pkt = Packet.parse(body, first_header: 'TCP')
+          encap_length = pkt.sz
+        when ICMPv6::IP_PROTOCOL
+          pkt = Packet.parse(body, first_header: 'ICMPv6')
+          # no size field. cannot recover TFC padding
+          encap_length = body.sz
+        else
+          # Unmanaged encapsulated protocol
+          encap_length = body.sz
+        end
+
+        if encap_length < body.sz
+          tfc_len = body.sz - encap_length
+          self[:tfc].read self.body.slice!(encap_length, tfc_len)
+        end
+
+        if options[:parse]
+          packet.encapsulate pkt unless pkt.nil?
+        end
+
+        true
+      end
+    end
+
+    self.add_class ESP
+
+    IP.bind_header ESP, protocol: ESP::IP_PROTOCOL
+    IPv6.bind_header ESP, next: ESP::IP_PROTOCOL
+    UDP.bind_header ESP, dport: ESP::UDP_PORT, sport: ESP::UDP_PORT
+    ESP.bind_header IP, next: 4
+    ESP.bind_header IPv6, next: 41
+    ESP.bind_header TCP, next: TCP::IP_PROTOCOL
+    ESP.bind_header UDP, next: TCP::IP_PROTOCOL
+    ESP.bind_header ICMP, next: ICMP::IP_PROTOCOL
+    ESP.bind_header ICMPv6, next: ICMPv6::IP_PROTOCOL
+  end
+end

data/lib/packetgen/header/eth.rb

@@ -176,5 +176,7 @@ module PacketGen
         pcap.inject self.to_s
       end
     end
+
+    self.add_class Eth
   end
 end

data/lib/packetgen/header/header_class_methods.rb

@@ -8,22 +8,26 @@ module PacketGen
 
     module HeaderClassMethods
 
+      # @api private
       # Simple class to handle header association
       Binding = Struct.new(:key, :value)
 
       # Bind a upper header to current class
       # @param [Class] header_klass header class to bind to current class
-      # @param [Hash] args current class field and its value when +header_klass+
+      # @param [Hash] args current class fields and their value when +header_klass+
       #  is embedded in current class
       # @return [void]
       def bind_header(header_klass, args={})
         @known_headers ||= {}
-        key = args.keys.first
-        @known_headers[header_klass] = Binding.new(key, args[key])
+        @known_headers[header_klass] ||= []
+        args.each do |key, value|
+          @known_headers[header_klass] << Binding.new(key, value)
+        end
       end
 
+      # @api private
       # Get knwon headers
-      # @return [Hash] keys: header classes, values: struct with methods #key and #value
+      # @return [Hash] keys: header classes, values: array of {Binding}
       def known_headers
         @known_headers ||= {}
       end

data/lib/packetgen/header/icmp.rb

@@ -115,6 +115,8 @@ module PacketGen
       end
     end
 
+    self.add_class ICMP
+
     IP.bind_header ICMP, protocol: ICMP::IP_PROTOCOL
   end
 end

data/lib/packetgen/header/icmpv6.rb

@@ -51,6 +51,8 @@ module PacketGen
       end
     end
 
+    self.add_class ICMPv6
+
     IPv6.bind_header ICMPv6, next: ICMPv6::IP_PROTOCOL
   end
 end

data/lib/packetgen/header/ip.rb

@@ -380,6 +380,8 @@ module PacketGen
       end
     end
 
+    self.add_class IP
+
     Eth.bind_header IP, ethertype: 0x800
     IP.bind_header IP, protocol: 4
   end

data/lib/packetgen/header/ipv6.rb

@@ -305,6 +305,8 @@ module PacketGen
       end
     end
 
+    self.add_class IPv6
+
     Eth.bind_header IPv6, ethertype: 0x86DD
     IP.bind_header IPv6, protocol: 41    # 6to4
   end

data/lib/packetgen/header/tcp.rb

@@ -96,7 +96,7 @@ module PacketGen
       end
 
       # @!attribute data_offset
-      #  @return [Integer] 4-bit data offsetfrom {#u16}
+      #  @return [Integer] 4-bit data offset from {#u16}
       # @!attribute reserved
       #  @return [Integer] 3-bit reserved from {#u16}
       # @!attribute flags
@@ -293,6 +293,8 @@ module PacketGen
       end
     end
 
+    self.add_class TCP
+
     IP.bind_header TCP, protocol: TCP::IP_PROTOCOL
     IPv6.bind_header TCP, next: TCP::IP_PROTOCOL
   end

data/lib/packetgen/header/udp.rb

@@ -151,6 +151,8 @@ module PacketGen
       end
     end
 
+    self.add_class UDP
+
     IP.bind_header UDP, protocol: UDP::IP_PROTOCOL
     IPv6.bind_header UDP, next: UDP::IP_PROTOCOL
   end

data/lib/packetgen/inspect.rb

@@ -49,7 +49,7 @@ module PacketGen
             elsif value.respond_to? :to_human
               value.to_human
             else
-              value.to_s
+              value.to_s.inspect
             end
       str << INSPECT_FMT_ATTR % [value.class.to_s.sub(/.*::/, ''), attr, val]
     end

data/lib/packetgen/packet.rb

@@ -75,10 +75,13 @@ module PacketGen
           # First header is found when:
           # * for one known header,
           # * it exists a known binding with a upper header
-          hklass.known_headers.each do |nh, binding|
-            if hdr.send(binding.key) == binding.value
-              first_header = hklass.to_s.gsub(/.*::/, '')
-              break
+          hklass.known_headers.each do |nh, bindings|
+            bindings.each do |binding|
+              if hdr.send(binding.key) == binding.value
+                first_header = hklass.to_s.gsub(/.*::/, '')
+                break
+              end
+              break unless first_header.nil?
             end
           end
           break unless first_header.nil?
@@ -95,13 +98,16 @@ module PacketGen
       decode_packet_bottom_up = true
       while decode_packet_bottom_up do
         last_known_hdr = pkt.headers.last
-        last_known_hdr.class.known_headers.each do |nh, binding|
-          if last_known_hdr.send(binding.key) == binding.value
-            str = last_known_hdr.body
-            pkt.add nh.to_s.gsub(/.*::/, '')
-            pkt.headers.last.read str
-            break
+        last_known_hdr.class.known_headers.each do |nh, bindings|
+          bindings.each do |binding|
+            if last_known_hdr.send(binding.key) == binding.value
+              str = last_known_hdr.body
+              pkt.add nh.to_s.gsub(/.*::/, '')
+              pkt.headers.last.read str
+              break
+            end
           end
+          break unless last_known_hdr == pkt.headers.last
         end
         decode_packet_bottom_up = (pkt.headers.last != last_known_hdr)
       end
@@ -285,6 +291,12 @@ module PacketGen
 
     private
 
+    # Dup +@headers+ instance variable. Internally used by +#dup+ and +#clone+
+    # @return [void]
+    def initialize_copy(other)
+      @headers = @headers.dup
+    end
+
     # @overload header(klass, layer=1)
     #  @param [Class] klass
     #  @param [Integer] layer
@@ -327,15 +339,15 @@ module PacketGen
       protocol = header.protocol_name
       prev_header = previous_header || @headers.last
       if prev_header
-        binding = prev_header.class.known_headers[header.class]
-        if binding.nil?
+        bindings = prev_header.class.known_headers[header.class]
+        if bindings.nil? or bindings.empty?
           msg = "#{prev_header.class} knowns no layer association with #{protocol}. "
           msg << "Try #{prev_header.class}.bind_layer(PacketGen::Header::#{protocol}, "
           msg << "#{prev_header.protocol_name.downcase}_proto_field: "
           msg << "value_for_#{protocol.downcase})"
           raise ArgumentError, msg
         end
-        prev_header[binding.key].read binding.value
+        prev_header[bindings.first.key].read bindings.first.value
         prev_header.body = header
       end
       header.packet = self

data/lib/packetgen/version.rb

@@ -8,5 +8,5 @@
 # @author Sylvain Daubert
 module PacketGen
   # PacketGen version
-  VERSION = "1.1.0"
+  VERSION = "1.2.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: packetgen
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Sylvain Daubert
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-12-28 00:00:00.000000000 Z
+date: 2017-01-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pcaprub
@@ -111,6 +111,7 @@ files:
 - lib/packetgen/capture.rb
 - lib/packetgen/header.rb
 - lib/packetgen/header/arp.rb
+- lib/packetgen/header/esp.rb
 - lib/packetgen/header/eth.rb
 - lib/packetgen/header/header_class_methods.rb
 - lib/packetgen/header/header_methods.rb
@@ -154,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.6.8
 signing_key: 
 specification_version: 4
 summary: Network packet generator and analyzor