Google Git
Sign in
android / platform / external / scapy / refs/heads/pie-cuttlefish-testing / . / scapy / layers / dhcp6.py
blob: fa58ccc899138633c40560a112811f9d6062c5db [file] [log] [blame]
## This file is part of Scapy
## See http://www.secdev.org/projects/scapy for more informations
## Copyright (C) Philippe Biondi <phil@secdev.org>
## This program is published under a GPLv2 license
## Copyright (C) 2005 Guillaume Valadon <guedou@hongo.wide.ad.jp>
## Arnaud Ebalard <arnaud.ebalard@eads.net>
"""
DHCPv6: Dynamic Host Configuration Protocol for IPv6. [RFC 3315]
"""
from __future__ import print_function
import socket
import struct
import time
from scapy.ansmachine import AnsweringMachine
from scapy.arch import get_if_raw_hwaddr, in6_getifaddr
from scapy.config import conf
from scapy.data import EPOCH, ETHER_ANY
from scapy.compat import *
from scapy.error import warning
from scapy.fields import BitField, ByteEnumField, ByteField, FieldLenField, \
FlagsField, IntEnumField, IntField, MACField, PacketField, \
PacketListField, ShortEnumField, ShortField, StrField, StrFixedLenField, \
StrLenField, UTCTimeField, X3BytesField, XIntField, XShortEnumField, \
PacketLenField
from scapy.layers.inet import UDP
from scapy.layers.inet6 import DomainNameListField, IP6Field, IP6ListField, IPv6
from scapy.packet import Packet, bind_bottom_up
from scapy.pton_ntop import inet_pton
from scapy.sendrecv import send
from scapy.themes import Color
from scapy.utils6 import in6_addrtovendor, in6_islladdr
#############################################################################
# Helpers ##
#############################################################################
def get_cls(name, fallback_cls):
return globals().get(name, fallback_cls)
#############################################################################
#############################################################################
### DHCPv6 ###
#############################################################################
#############################################################################
All_DHCP_Relay_Agents_and_Servers = "ff02::1:2"
All_DHCP_Servers = "ff05::1:3" # Site-Local scope : deprecated by 3879
dhcp6opts = { 1: "CLIENTID",
2: "SERVERID",
3: "IA_NA",
4: "IA_TA",
5: "IAADDR",
6: "ORO",
7: "PREFERENCE",
8: "ELAPSED_TIME",
9: "RELAY_MSG",
11: "AUTH",
12: "UNICAST",
13: "STATUS_CODE",
14: "RAPID_COMMIT",
15: "USER_CLASS",
16: "VENDOR_CLASS",
17: "VENDOR_OPTS",
18: "INTERFACE_ID",
19: "RECONF_MSG",
20: "RECONF_ACCEPT",
21: "SIP Servers Domain Name List", #RFC3319
22: "SIP Servers IPv6 Address List", #RFC3319
23: "DNS Recursive Name Server Option", #RFC3646
24: "Domain Search List option", #RFC3646
25: "OPTION_IA_PD", #RFC3633
26: "OPTION_IAPREFIX", #RFC3633
27: "OPTION_NIS_SERVERS", #RFC3898
28: "OPTION_NISP_SERVERS", #RFC3898
29: "OPTION_NIS_DOMAIN_NAME", #RFC3898
30: "OPTION_NISP_DOMAIN_NAME", #RFC3898
31: "OPTION_SNTP_SERVERS", #RFC4075
32: "OPTION_INFORMATION_REFRESH_TIME", #RFC4242
33: "OPTION_BCMCS_SERVER_D", #RFC4280
34: "OPTION_BCMCS_SERVER_A", #RFC4280
36: "OPTION_GEOCONF_CIVIC", #RFC-ietf-geopriv-dhcp-civil-09.txt
37: "OPTION_REMOTE_ID", #RFC4649
38: "OPTION_SUBSCRIBER_ID", #RFC4580
39: "OPTION_CLIENT_FQDN", #RFC4704
68: "OPTION_VSS", #RFC6607
79: "OPTION_CLIENT_LINKLAYER_ADDR" } #RFC6939
dhcp6opts_by_code = { 1: "DHCP6OptClientId",
2: "DHCP6OptServerId",
3: "DHCP6OptIA_NA",
4: "DHCP6OptIA_TA",
5: "DHCP6OptIAAddress",
6: "DHCP6OptOptReq",
7: "DHCP6OptPref",
8: "DHCP6OptElapsedTime",
9: "DHCP6OptRelayMsg",
11: "DHCP6OptAuth",
12: "DHCP6OptServerUnicast",
13: "DHCP6OptStatusCode",
14: "DHCP6OptRapidCommit",
15: "DHCP6OptUserClass",
16: "DHCP6OptVendorClass",
17: "DHCP6OptVendorSpecificInfo",
18: "DHCP6OptIfaceId",
19: "DHCP6OptReconfMsg",
20: "DHCP6OptReconfAccept",
21: "DHCP6OptSIPDomains", #RFC3319
22: "DHCP6OptSIPServers", #RFC3319
23: "DHCP6OptDNSServers", #RFC3646
24: "DHCP6OptDNSDomains", #RFC3646
25: "DHCP6OptIA_PD", #RFC3633
26: "DHCP6OptIAPrefix", #RFC3633
27: "DHCP6OptNISServers", #RFC3898
28: "DHCP6OptNISPServers", #RFC3898
29: "DHCP6OptNISDomain", #RFC3898
30: "DHCP6OptNISPDomain", #RFC3898
31: "DHCP6OptSNTPServers", #RFC4075
32: "DHCP6OptInfoRefreshTime", #RFC4242
33: "DHCP6OptBCMCSDomains", #RFC4280
34: "DHCP6OptBCMCSServers", #RFC4280
#36: "DHCP6OptGeoConf", #RFC-ietf-geopriv-dhcp-civil-09.txt
37: "DHCP6OptRemoteID", #RFC4649
38: "DHCP6OptSubscriberID", #RFC4580
39: "DHCP6OptClientFQDN", #RFC4704
#40: "DHCP6OptPANAAgent", #RFC-ietf-dhc-paa-option-05.txt
#41: "DHCP6OptNewPOSIXTimeZone, #RFC4833
#42: "DHCP6OptNewTZDBTimeZone, #RFC4833
43: "DHCP6OptRelayAgentERO", #RFC4994
#44: "DHCP6OptLQQuery", #RFC5007
#45: "DHCP6OptLQClientData", #RFC5007
#46: "DHCP6OptLQClientTime", #RFC5007
#47: "DHCP6OptLQRelayData", #RFC5007
#48: "DHCP6OptLQClientLink", #RFC5007
68: "DHCP6OptVSS", #RFC6607
79: "DHCP6OptClientLinkLayerAddr", #RFC6939
}
# sect 5.3 RFC 3315 : DHCP6 Messages types
dhcp6types = { 1:"SOLICIT",
2:"ADVERTISE",
3:"REQUEST",
4:"CONFIRM",
5:"RENEW",
6:"REBIND",
7:"REPLY",
8:"RELEASE",
9:"DECLINE",
10:"RECONFIGURE",
11:"INFORMATION-REQUEST",
12:"RELAY-FORW",
13:"RELAY-REPL" }
#####################################################################
### DHCPv6 DUID related stuff ###
#####################################################################
duidtypes = { 1: "Link-layer address plus time",
2: "Vendor-assigned unique ID based on Enterprise Number",
3: "Link-layer Address",
4: "UUID" }
# DUID hardware types - RFC 826 - Extracted from
# http://www.iana.org/assignments/arp-parameters on 31/10/06
# We should add the length of every kind of address.
duidhwtypes = { 0: "NET/ROM pseudo", # Not referenced by IANA
1: "Ethernet (10Mb)",
2: "Experimental Ethernet (3Mb)",
3: "Amateur Radio AX.25",
4: "Proteon ProNET Token Ring",
5: "Chaos",
6: "IEEE 802 Networks",
7: "ARCNET",
8: "Hyperchannel",
9: "Lanstar",
10: "Autonet Short Address",
11: "LocalTalk",
12: "LocalNet (IBM PCNet or SYTEK LocalNET)",
13: "Ultra link",
14: "SMDS",
15: "Frame Relay",
16: "Asynchronous Transmission Mode (ATM)",
17: "HDLC",
18: "Fibre Channel",
19: "Asynchronous Transmission Mode (ATM)",
20: "Serial Line",
21: "Asynchronous Transmission Mode (ATM)",
22: "MIL-STD-188-220",
23: "Metricom",
24: "IEEE 1394.1995",
25: "MAPOS",
26: "Twinaxial",
27: "EUI-64",
28: "HIPARP",
29: "IP and ARP over ISO 7816-3",
30: "ARPSec",
31: "IPsec tunnel",
32: "InfiniBand (TM)",
33: "TIA-102 Project 25 Common Air Interface (CAI)" }
class _UTCTimeField(UTCTimeField):
def __init__(self, *args, **kargs):
epoch_2000 = (2000, 1, 1, 0, 0, 0, 5, 1, 0) # required Epoch
UTCTimeField.__init__(self, epoch=epoch_2000, *args, **kargs)
class _LLAddrField(MACField):
pass
# XXX We only support Ethernet addresses at the moment. _LLAddrField
# will be modified when needed. Ask us. --arno
class DUID_LLT(Packet): # sect 9.2 RFC 3315
name = "DUID - Link-layer address plus time"
fields_desc = [ ShortEnumField("type", 1, duidtypes),
XShortEnumField("hwtype", 1, duidhwtypes),
_UTCTimeField("timeval", 0), # i.e. 01 Jan 2000
_LLAddrField("lladdr", ETHER_ANY) ]
# In fact, IANA enterprise-numbers file available at
# http://www.iana.org/assignments/enterprise-numbers
# is simply huge (more than 2Mo and 600Ko in bz2). I'll
# add only most common vendors, and encountered values.
# -- arno
iana_enterprise_num = { 9: "ciscoSystems",
35: "Nortel Networks",
43: "3Com",
311: "Microsoft",
2636: "Juniper Networks, Inc.",
4526: "Netgear",
5771: "Cisco Systems, Inc.",
5842: "Cisco Systems",
16885: "Nortel Networks" }
class DUID_EN(Packet): # sect 9.3 RFC 3315
name = "DUID - Assigned by Vendor Based on Enterprise Number"
fields_desc = [ ShortEnumField("type", 2, duidtypes),
IntEnumField("enterprisenum", 311, iana_enterprise_num),
StrField("id","") ]
class DUID_LL(Packet): # sect 9.4 RFC 3315
name = "DUID - Based on Link-layer Address"
fields_desc = [ ShortEnumField("type", 3, duidtypes),
XShortEnumField("hwtype", 1, duidhwtypes),
_LLAddrField("lladdr", ETHER_ANY) ]
class DUID_UUID(Packet): # RFC 6355
name = "DUID - Based on UUID"
fields_desc = [ ShortEnumField("type", 4, duidtypes),
StrFixedLenField("uuid","", 16) ]
duid_cls = { 1: "DUID_LLT",
2: "DUID_EN",
3: "DUID_LL",
4: "DUID_UUID"}
#####################################################################
### DHCPv6 Options classes ###
#####################################################################
class _DHCP6OptGuessPayload(Packet):
def guess_payload_class(self, payload):
cls = conf.raw_layer
if len(payload) > 2 :
opt = struct.unpack("!H", payload[:2])[0]
cls = get_cls(dhcp6opts_by_code.get(opt, "DHCP6OptUnknown"), DHCP6OptUnknown)
return cls
class DHCP6OptUnknown(_DHCP6OptGuessPayload): # A generic DHCPv6 Option
name = "Unknown DHCPv6 Option"
fields_desc = [ ShortEnumField("optcode", 0, dhcp6opts),
FieldLenField("optlen", None, length_of="data", fmt="!H"),
StrLenField("data", "",
length_from = lambda pkt: pkt.optlen)]
class _DUIDField(PacketField):
__slots__ = ["length_from"]
def __init__(self, name, default, length_from=None):
StrField.__init__(self, name, default)
self.length_from = length_from
def i2m(self, pkt, i):
return raw(i)
def m2i(self, pkt, x):
cls = conf.raw_layer
if len(x) > 4:
o = struct.unpack("!H", x[:2])[0]
cls = get_cls(duid_cls.get(o, conf.raw_layer), conf.raw_layer)
return cls(x)
def getfield(self, pkt, s):
l = self.length_from(pkt)
return s[l:], self.m2i(pkt,s[:l])
class DHCP6OptClientId(_DHCP6OptGuessPayload): # RFC sect 22.2
name = "DHCP6 Client Identifier Option"
fields_desc = [ ShortEnumField("optcode", 1, dhcp6opts),
FieldLenField("optlen", None, length_of="duid", fmt="!H"),
_DUIDField("duid", "",
length_from = lambda pkt: pkt.optlen) ]
class DHCP6OptServerId(DHCP6OptClientId): # RFC sect 22.3
name = "DHCP6 Server Identifier Option"
optcode = 2
# Should be encapsulated in the option field of IA_NA or IA_TA options
# Can only appear at that location.
# TODO : last field IAaddr-options is not defined in the reference document
class DHCP6OptIAAddress(_DHCP6OptGuessPayload): # RFC sect 22.6
name = "DHCP6 IA Address Option (IA_TA or IA_NA suboption)"
fields_desc = [ ShortEnumField("optcode", 5, dhcp6opts),
FieldLenField("optlen", None, length_of="iaaddropts",
fmt="!H", adjust = lambda pkt,x: x+24),
IP6Field("addr", "::"),
IntField("preflft", 0),
IntField("validlft", 0),
StrLenField("iaaddropts", "",
length_from = lambda pkt: pkt.optlen - 24) ]
def guess_payload_class(self, payload):
return conf.padding_layer
class _IANAOptField(PacketListField):
def i2len(self, pkt, z):
if z is None or z == []:
return 0
return sum(len(raw(x)) for x in z)
def getfield(self, pkt, s):
l = self.length_from(pkt)
lst = []
remain, payl = s[:l], s[l:]
while len(remain)>0:
p = self.m2i(pkt,remain)
if conf.padding_layer in p:
pad = p[conf.padding_layer]
remain = pad.load
del(pad.underlayer.payload)
else:
remain = ""
lst.append(p)
return payl,lst
class DHCP6OptIA_NA(_DHCP6OptGuessPayload): # RFC sect 22.4
name = "DHCP6 Identity Association for Non-temporary Addresses Option"
fields_desc = [ ShortEnumField("optcode", 3, dhcp6opts),
FieldLenField("optlen", None, length_of="ianaopts",
fmt="!H", adjust = lambda pkt,x: x+12),
XIntField("iaid", None),
IntField("T1", None),
IntField("T2", None),
_IANAOptField("ianaopts", [], DHCP6OptIAAddress,
length_from = lambda pkt: pkt.optlen-12) ]
class _IATAOptField(_IANAOptField):
pass
class DHCP6OptIA_TA(_DHCP6OptGuessPayload): # RFC sect 22.5
name = "DHCP6 Identity Association for Temporary Addresses Option"
fields_desc = [ ShortEnumField("optcode", 4, dhcp6opts),
FieldLenField("optlen", None, length_of="iataopts",
fmt="!H", adjust = lambda pkt,x: x+4),
XIntField("iaid", None),
_IATAOptField("iataopts", [], DHCP6OptIAAddress,
length_from = lambda pkt: pkt.optlen-4) ]
#### DHCPv6 Option Request Option ###################################
class _OptReqListField(StrLenField):
islist = 1
def i2h(self, pkt, x):
if x is None:
return []
return x
def i2len(self, pkt, x):
return 2*len(x)
def any2i(self, pkt, x):
return x
def i2repr(self, pkt, x):
s = []
for y in self.i2h(pkt, x):
if y in dhcp6opts:
s.append(dhcp6opts[y])
else:
s.append("%d" % y)
return "[%s]" % ", ".join(s)
def m2i(self, pkt, x):
r = []
while len(x) != 0:
if len(x)<2:
warning("Odd length for requested option field. Rejecting last byte")
return r
r.append(struct.unpack("!H", x[:2])[0])
x = x[2:]
return r
def i2m(self, pkt, x):
return b"".join(struct.pack('!H', y) for y in x)
# A client may include an ORO in a solicit, Request, Renew, Rebind,
# Confirm or Information-request
class DHCP6OptOptReq(_DHCP6OptGuessPayload): # RFC sect 22.7
name = "DHCP6 Option Request Option"
fields_desc = [ ShortEnumField("optcode", 6, dhcp6opts),
FieldLenField("optlen", None, length_of="reqopts", fmt="!H"),
_OptReqListField("reqopts", [23, 24],
length_from = lambda pkt: pkt.optlen) ]
#### DHCPv6 Preference Option #######################################
# emise par un serveur pour affecter le choix fait par le client. Dans
# les messages Advertise, a priori
class DHCP6OptPref(_DHCP6OptGuessPayload): # RFC sect 22.8
name = "DHCP6 Preference Option"
fields_desc = [ ShortEnumField("optcode", 7, dhcp6opts),
ShortField("optlen", 1 ),
ByteField("prefval",255) ]
#### DHCPv6 Elapsed Time Option #####################################
class _ElapsedTimeField(ShortField):
def i2repr(self, pkt, x):
if x == 0xffff:
return "infinity (0xffff)"
return "%.2f sec" % (self.i2h(pkt, x)/100.)
class DHCP6OptElapsedTime(_DHCP6OptGuessPayload):# RFC sect 22.9
name = "DHCP6 Elapsed Time Option"
fields_desc = [ ShortEnumField("optcode", 8, dhcp6opts),
ShortField("optlen", 2),
_ElapsedTimeField("elapsedtime", 0) ]
#### DHCPv6 Authentication Option ###################################
# The following fields are set in an Authentication option for the
# Reconfigure Key Authentication Protocol:
#
# protocol 3
#
# algorithm 1
#
# RDM 0
#
# The format of the Authentication information for the Reconfigure Key
# Authentication Protocol is:
#
# 0 1 2 3
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
# | Type | Value (128 bits) |
# +-+-+-+-+-+-+-+-+ |
# . .
# . .
# . +-+-+-+-+-+-+-+-+
# | |
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
#
# Type Type of data in Value field carried in this option:
#
# 1 Reconfigure Key value (used in Reply message).
#
# 2 HMAC-MD5 digest of the message (used in Reconfigure
# message).
#
# Value Data as defined by field.
# TODO : Decoding only at the moment
class DHCP6OptAuth(_DHCP6OptGuessPayload): # RFC sect 22.11
name = "DHCP6 Option - Authentication"
fields_desc = [ ShortEnumField("optcode", 11, dhcp6opts),
FieldLenField("optlen", None, length_of="authinfo",
adjust = lambda pkt,x: x+11),
ByteField("proto", 3), # TODO : XXX
ByteField("alg", 1), # TODO : XXX
ByteField("rdm", 0), # TODO : XXX
StrFixedLenField("replay", "A"*8, 8), # TODO: XXX
StrLenField("authinfo", "",
length_from = lambda pkt: pkt.optlen - 11) ]
#### DHCPv6 Server Unicast Option ###################################
class _SrvAddrField(IP6Field):
def i2h(self, pkt, x):
if x is None:
return "::"
return x
def i2m(self, pkt, x):
return inet_pton(socket.AF_INET6, self.i2h(pkt,x))
class DHCP6OptServerUnicast(_DHCP6OptGuessPayload):# RFC sect 22.12
name = "DHCP6 Server Unicast Option"
fields_desc = [ ShortEnumField("optcode", 12, dhcp6opts),
ShortField("optlen", 16 ),
_SrvAddrField("srvaddr",None) ]
#### DHCPv6 Status Code Option ######################################
dhcp6statuscodes = { 0:"Success", # sect 24.4
1:"UnspecFail",
2:"NoAddrsAvail",
3:"NoBinding",
4:"NotOnLink",
5:"UseMulticast",
6:"NoPrefixAvail"} # From RFC3633
class DHCP6OptStatusCode(_DHCP6OptGuessPayload):# RFC sect 22.13
name = "DHCP6 Status Code Option"
fields_desc = [ ShortEnumField("optcode", 13, dhcp6opts),
FieldLenField("optlen", None, length_of="statusmsg",
fmt="!H", adjust = lambda pkt,x:x+2),
ShortEnumField("statuscode",None,dhcp6statuscodes),
StrLenField("statusmsg", "",
length_from = lambda pkt: pkt.optlen-2) ]
#### DHCPv6 Rapid Commit Option #####################################
class DHCP6OptRapidCommit(_DHCP6OptGuessPayload): # RFC sect 22.14
name = "DHCP6 Rapid Commit Option"
fields_desc = [ ShortEnumField("optcode", 14, dhcp6opts),
ShortField("optlen", 0)]
#### DHCPv6 User Class Option #######################################
class _UserClassDataField(PacketListField):
def i2len(self, pkt, z):
if z is None or z == []:
return 0
return sum(len(raw(x)) for x in z)
def getfield(self, pkt, s):
l = self.length_from(pkt)
lst = []
remain, payl = s[:l], s[l:]
while len(remain)>0:
p = self.m2i(pkt,remain)
if conf.padding_layer in p:
pad = p[conf.padding_layer]
remain = pad.load
del(pad.underlayer.payload)
else:
remain = ""
lst.append(p)
return payl,lst
class USER_CLASS_DATA(Packet):
name = "user class data"
fields_desc = [ FieldLenField("len", None, length_of="data"),
StrLenField("data", "",
length_from = lambda pkt: pkt.len) ]
def guess_payload_class(self, payload):
return conf.padding_layer
class DHCP6OptUserClass(_DHCP6OptGuessPayload):# RFC sect 22.15
name = "DHCP6 User Class Option"
fields_desc = [ ShortEnumField("optcode", 15, dhcp6opts),
FieldLenField("optlen", None, fmt="!H",
length_of="userclassdata"),
_UserClassDataField("userclassdata", [], USER_CLASS_DATA,
length_from = lambda pkt: pkt.optlen) ]
#### DHCPv6 Vendor Class Option #####################################
class _VendorClassDataField(_UserClassDataField):
pass
class VENDOR_CLASS_DATA(USER_CLASS_DATA):
name = "vendor class data"
class DHCP6OptVendorClass(_DHCP6OptGuessPayload):# RFC sect 22.16
name = "DHCP6 Vendor Class Option"
fields_desc = [ ShortEnumField("optcode", 16, dhcp6opts),
FieldLenField("optlen", None, length_of="vcdata", fmt="!H",
adjust = lambda pkt,x: x+4),
IntEnumField("enterprisenum",None , iana_enterprise_num ),
_VendorClassDataField("vcdata", [], VENDOR_CLASS_DATA,
length_from = lambda pkt: pkt.optlen-4) ]
#### DHCPv6 Vendor-Specific Information Option ######################
class VENDOR_SPECIFIC_OPTION(_DHCP6OptGuessPayload):
name = "vendor specific option data"
fields_desc = [ ShortField("optcode", None),
FieldLenField("optlen", None, length_of="optdata"),
StrLenField("optdata", "",
length_from = lambda pkt: pkt.optlen) ]
def guess_payload_class(self, payload):
return conf.padding_layer
# The third one that will be used for nothing interesting
class DHCP6OptVendorSpecificInfo(_DHCP6OptGuessPayload):# RFC sect 22.17
name = "DHCP6 Vendor-specific Information Option"
fields_desc = [ ShortEnumField("optcode", 17, dhcp6opts),
FieldLenField("optlen", None, length_of="vso", fmt="!H",
adjust = lambda pkt,x: x+4),
IntEnumField("enterprisenum",None , iana_enterprise_num),
_VendorClassDataField("vso", [], VENDOR_SPECIFIC_OPTION,
length_from = lambda pkt: pkt.optlen-4) ]
#### DHCPv6 Interface-ID Option #####################################
# Repasser sur cette option a la fin. Elle a pas l'air d'etre des
# masses critique.
class DHCP6OptIfaceId(_DHCP6OptGuessPayload):# RFC sect 22.18
name = "DHCP6 Interface-Id Option"
fields_desc = [ ShortEnumField("optcode", 18, dhcp6opts),
FieldLenField("optlen", None, fmt="!H",
length_of="ifaceid"),
StrLenField("ifaceid", "",
length_from = lambda pkt: pkt.optlen) ]
#### DHCPv6 Reconfigure Message Option ##############################
# A server includes a Reconfigure Message option in a Reconfigure
# message to indicate to the client whether the client responds with a
# renew message or an Information-request message.
class DHCP6OptReconfMsg(_DHCP6OptGuessPayload): # RFC sect 22.19
name = "DHCP6 Reconfigure Message Option"
fields_desc = [ ShortEnumField("optcode", 19, dhcp6opts),
ShortField("optlen", 1 ),
ByteEnumField("msgtype", 11, { 5:"Renew Message",
11:"Information Request"}) ]
#### DHCPv6 Reconfigure Accept Option ###############################
# A client uses the Reconfigure Accept option to announce to the
# server whether the client is willing to accept Recoonfigure
# messages, and a server uses this option to tell the client whether
# or not to accept Reconfigure messages. The default behavior in the
# absence of this option, means unwillingness to accept reconfigure
# messages, or instruction not to accept Reconfigure messages, for the
# client and server messages, respectively.
class DHCP6OptReconfAccept(_DHCP6OptGuessPayload): # RFC sect 22.20
name = "DHCP6 Reconfigure Accept Option"
fields_desc = [ ShortEnumField("optcode", 20, dhcp6opts),
ShortField("optlen", 0)]
class DHCP6OptSIPDomains(_DHCP6OptGuessPayload): #RFC3319
name = "DHCP6 Option - SIP Servers Domain Name List"
fields_desc = [ ShortEnumField("optcode", 21, dhcp6opts),
FieldLenField("optlen", None, length_of="sipdomains"),
DomainNameListField("sipdomains", [],
length_from = lambda pkt: pkt.optlen) ]
class DHCP6OptSIPServers(_DHCP6OptGuessPayload): #RFC3319
name = "DHCP6 Option - SIP Servers IPv6 Address List"
fields_desc = [ ShortEnumField("optcode", 22, dhcp6opts),
FieldLenField("optlen", None, length_of="sipservers"),
IP6ListField("sipservers", [],
length_from = lambda pkt: pkt.optlen) ]
class DHCP6OptDNSServers(_DHCP6OptGuessPayload): #RFC3646
name = "DHCP6 Option - DNS Recursive Name Server"
fields_desc = [ ShortEnumField("optcode", 23, dhcp6opts),
FieldLenField("optlen", None, length_of="dnsservers"),
IP6ListField("dnsservers", [],
length_from = lambda pkt: pkt.optlen) ]
class DHCP6OptDNSDomains(_DHCP6OptGuessPayload): #RFC3646
name = "DHCP6 Option - Domain Search List option"
fields_desc = [ ShortEnumField("optcode", 24, dhcp6opts),
FieldLenField("optlen", None, length_of="dnsdomains"),
DomainNameListField("dnsdomains", [],
length_from = lambda pkt: pkt.optlen) ]
# TODO: Implement iaprefopts correctly when provided with more
# information about it.
class DHCP6OptIAPrefix(_DHCP6OptGuessPayload): #RFC3633
name = "DHCP6 Option - IA_PD Prefix option"
fields_desc = [ ShortEnumField("optcode", 26, dhcp6opts),
FieldLenField("optlen", None, length_of="iaprefopts",
adjust = lambda pkt,x: x+25),
IntField("preflft", 0),
IntField("validlft", 0),
ByteField("plen", 48), # TODO: Challenge that default value
IP6Field("prefix", "2001:db8::"), # At least, global and won't hurt
StrLenField("iaprefopts", "",
length_from = lambda pkt: pkt.optlen-25) ]
class DHCP6OptIA_PD(_DHCP6OptGuessPayload): #RFC3633
name = "DHCP6 Option - Identity Association for Prefix Delegation"
fields_desc = [ ShortEnumField("optcode", 25, dhcp6opts),
FieldLenField("optlen", None, length_of="iapdopt",
adjust = lambda pkt,x: x+12),
IntField("iaid", 0),
IntField("T1", 0),
IntField("T2", 0),
PacketListField("iapdopt", [], DHCP6OptIAPrefix,
length_from = lambda pkt: pkt.optlen-12) ]
class DHCP6OptNISServers(_DHCP6OptGuessPayload): #RFC3898
name = "DHCP6 Option - NIS Servers"
fields_desc = [ ShortEnumField("optcode", 27, dhcp6opts),
FieldLenField("optlen", None, length_of="nisservers"),
IP6ListField("nisservers", [],
length_from = lambda pkt: pkt.optlen) ]
class DHCP6OptNISPServers(_DHCP6OptGuessPayload): #RFC3898
name = "DHCP6 Option - NIS+ Servers"
fields_desc = [ ShortEnumField("optcode", 28, dhcp6opts),
FieldLenField("optlen", None, length_of="nispservers"),
IP6ListField("nispservers", [],
length_from = lambda pkt: pkt.optlen) ]
class DomainNameField(StrLenField):
def getfield(self, pkt, s):
l = self.length_from(pkt)
return s[l:], self.m2i(pkt,s[:l])
def i2len(self, pkt, x):
return len(self.i2m(pkt, x))
def m2i(self, pkt, x):
cur = []
while x:
l = orb(x[0])
cur.append(x[1:1+l])
x = x[l+1:]
return b".".join(cur)
def i2m(self, pkt, x):
if not x:
return b""
return b"".join(chb(len(z)) + z for z in x.split(b'.'))
class DHCP6OptNISDomain(_DHCP6OptGuessPayload): #RFC3898
name = "DHCP6 Option - NIS Domain Name"
fields_desc = [ ShortEnumField("optcode", 29, dhcp6opts),
FieldLenField("optlen", None, length_of="nisdomain"),
DomainNameField("nisdomain", "",
length_from = lambda pkt: pkt.optlen) ]
class DHCP6OptNISPDomain(_DHCP6OptGuessPayload): #RFC3898
name = "DHCP6 Option - NIS+ Domain Name"
fields_desc = [ ShortEnumField("optcode", 30, dhcp6opts),
FieldLenField("optlen", None, length_of="nispdomain"),
DomainNameField("nispdomain", "",
length_from= lambda pkt: pkt.optlen) ]
class DHCP6OptSNTPServers(_DHCP6OptGuessPayload): #RFC4075
name = "DHCP6 option - SNTP Servers"
fields_desc = [ ShortEnumField("optcode", 31, dhcp6opts),
FieldLenField("optlen", None, length_of="sntpservers"),
IP6ListField("sntpservers", [],
length_from = lambda pkt: pkt.optlen) ]
IRT_DEFAULT=86400
IRT_MINIMUM=600
class DHCP6OptInfoRefreshTime(_DHCP6OptGuessPayload): #RFC4242
name = "DHCP6 Option - Information Refresh Time"
fields_desc = [ ShortEnumField("optcode", 32, dhcp6opts),
ShortField("optlen", 4),
IntField("reftime", IRT_DEFAULT)] # One day
class DHCP6OptBCMCSDomains(_DHCP6OptGuessPayload): #RFC4280
name = "DHCP6 Option - BCMCS Domain Name List"
fields_desc = [ ShortEnumField("optcode", 33, dhcp6opts),
FieldLenField("optlen", None, length_of="bcmcsdomains"),
DomainNameListField("bcmcsdomains", [],
length_from = lambda pkt: pkt.optlen) ]
class DHCP6OptBCMCSServers(_DHCP6OptGuessPayload): #RFC4280
name = "DHCP6 Option - BCMCS Addresses List"
fields_desc = [ ShortEnumField("optcode", 34, dhcp6opts),
FieldLenField("optlen", None, length_of="bcmcsservers"),
IP6ListField("bcmcsservers", [],
length_from= lambda pkt: pkt.optlen) ]
# TODO : Does Nothing at the moment
class DHCP6OptGeoConf(_DHCP6OptGuessPayload): #RFC-ietf-geopriv-dhcp-civil-09.txt
name = ""
fields_desc = [ ShortEnumField("optcode", 36, dhcp6opts),
FieldLenField("optlen", None, length_of="optdata"),
StrLenField("optdata", "",
length_from = lambda pkt: pkt.optlen) ]
# TODO: see if we encounter opaque values from vendor devices
class DHCP6OptRemoteID(_DHCP6OptGuessPayload): #RFC4649
name = "DHCP6 Option - Relay Agent Remote-ID"
fields_desc = [ ShortEnumField("optcode", 37, dhcp6opts),
FieldLenField("optlen", None, length_of="remoteid",
adjust = lambda pkt,x: x+4),
IntEnumField("enterprisenum", None, iana_enterprise_num),
StrLenField("remoteid", "",
length_from = lambda pkt: pkt.optlen-4) ]
# TODO : 'subscriberid' default value should be at least 1 byte long
class DHCP6OptSubscriberID(_DHCP6OptGuessPayload): #RFC4580
name = "DHCP6 Option - Subscriber ID"
fields_desc = [ ShortEnumField("optcode", 38, dhcp6opts),
FieldLenField("optlen", None, length_of="subscriberid"),
StrLenField("subscriberid", "",
length_from = lambda pkt: pkt.optlen) ]
# TODO : "The data in the Domain Name field MUST be encoded
# as described in Section 8 of [5]"
class DHCP6OptClientFQDN(_DHCP6OptGuessPayload): #RFC4704
name = "DHCP6 Option - Client FQDN"
fields_desc = [ ShortEnumField("optcode", 39, dhcp6opts),
FieldLenField("optlen", None, length_of="fqdn",
adjust = lambda pkt,x: x+1),
BitField("res", 0, 5),
FlagsField("flags", 0, 3, "SON" ),
DomainNameField("fqdn", "",
length_from = lambda pkt: pkt.optlen-1) ]
class DHCP6OptRelayAgentERO(_DHCP6OptGuessPayload): # RFC4994
name = "DHCP6 Option - RelayRequest Option"
fields_desc = [ ShortEnumField("optcode", 43, dhcp6opts),
FieldLenField("optlen", None, length_of="reqopts", fmt="!H"),
_OptReqListField("reqopts", [23, 24],
length_from = lambda pkt: pkt.optlen) ]
# "Client link-layer address type. The link-layer type MUST be a valid hardware
# type assigned by the IANA, as described in [RFC0826]
class DHCP6OptClientLinkLayerAddr(_DHCP6OptGuessPayload): # RFC6939
name = "DHCP6 Option - Client Link Layer address"
fields_desc = [ ShortEnumField("optcode", 79, dhcp6opts),
FieldLenField("optlen", None, length_of="clladdr",
adjust = lambda pkt,x: x+1),
ShortField("lltype", 1), # ethernet
_LLAddrField("clladdr", ETHER_ANY) ]
# Virtual Subnet selection
class DHCP6OptVSS(_DHCP6OptGuessPayload): # RFC6607
name = "DHCP6 Option - Virtual Subnet Selection"
fields_desc = [ ShortEnumField("optcode", 68, dhcp6opts),
FieldLenField("optlen", None, length_of="data",
adjust = lambda pkt,x: x+1),
ByteField("type", 255), # Default Global/default table
StrLenField("data", "",
length_from = lambda pkt: pkt.optlen) ]
#####################################################################
### DHCPv6 messages ###
#####################################################################
# Some state parameters of the protocols that should probably be
# useful to have in the configuration (and keep up-to-date)
DHCP6RelayAgentUnicastAddr=""
DHCP6RelayHopCount=""
DHCP6ServerUnicastAddr=""
DHCP6ClientUnicastAddr=""
DHCP6ClientIA_TA=""
DHCP6ClientIA_NA=""
DHCP6ClientIAID=""
T1="" # Voir 2462
T2="" # Voir 2462
DHCP6ServerDUID=""
DHCP6CurrentTransactionID="" # devrait etre utilise pour matcher une
# reponse et mis a jour en mode client par une valeur aleatoire pour
# laquelle on attend un retour de la part d'un serveur.
DHCP6PrefVal="" # la valeur de preference a utiliser dans
# les options preference
# Emitted by :
# - server : ADVERTISE, REPLY, RECONFIGURE, RELAY-REPL (vers relay)
# - client : SOLICIT, REQUEST, CONFIRM, RENEW, REBIND, RELEASE, DECLINE,
# INFORMATION REQUEST
# - relay : RELAY-FORW (toward server)
#####################################################################
## DHCPv6 messages sent between Clients and Servers (types 1 to 11)
# Comme specifie en section 15.1 de la RFC 3315, les valeurs de
# transaction id sont selectionnees de maniere aleatoire par le client
# a chaque emission et doivent matcher dans les reponses faites par
# les clients
class DHCP6(_DHCP6OptGuessPayload):
name = "DHCPv6 Generic Message"
fields_desc = [ ByteEnumField("msgtype",None,dhcp6types),
X3BytesField("trid",0x000000) ]
overload_fields = { UDP: {"sport": 546, "dport": 547} }
def hashret(self):
return struct.pack("!I", self.trid)[1:4]
#### DHCPv6 Relay Message Option ####################################
# Relayed message is seen as a payload.
class DHCP6OptRelayMsg(_DHCP6OptGuessPayload): # RFC sect 22.10
name = "DHCP6 Relay Message Option"
fields_desc = [ ShortEnumField("optcode", 9, dhcp6opts),
FieldLenField("optlen", None, fmt="!H",
length_of="message"),
PacketLenField("message", DHCP6(), DHCP6,
length_from=lambda p: p.optlen) ]
#####################################################################
# Solicit Message : sect 17.1.1 RFC3315
# - sent by client
# - must include a client identifier option
# - the client may include IA options for any IAs to which it wants the
# server to assign address
# - The client use IA_NA options to request the assignment of
# non-temporary addresses and uses IA_TA options to request the
# assignment of temporary addresses
# - The client should include an Option Request option to indicate the
# options the client is interested in receiving (eventually
# including hints)
# - The client includes a Reconfigure Accept option if is willing to
# accept Reconfigure messages from the server.
# Le cas du send and reply est assez particulier car suivant la
# presence d'une option rapid commit dans le solicit, l'attente
# s'arrete au premier message de reponse recu ou alors apres un
# timeout. De la meme maniere, si un message Advertise arrive avec une
# valeur de preference de 255, il arrete l'attente et envoie une
# Request.
# - The client announces its intention to use DHCP authentication by
# including an Authentication option in its solicit message. The
# server selects a key for the client based on the client's DUID. The
# client and server use that key to authenticate all DHCP messages
# exchanged during the session
class DHCP6_Solicit(DHCP6):
name = "DHCPv6 Solicit Message"
msgtype = 1
overload_fields = { UDP: {"sport": 546, "dport": 547} }
#####################################################################
# Advertise Message
# - sent by server
# - Includes a server identifier option
# - Includes a client identifier option
# - the client identifier option must match the client's DUID
# - transaction ID must match
class DHCP6_Advertise(DHCP6):
name = "DHCPv6 Advertise Message"
msgtype = 2
overload_fields = { UDP: {"sport": 547, "dport": 546} }
def answers(self, other):
return (isinstance(other,DHCP6_Solicit) and
other.msgtype == 1 and
self.trid == other.trid)
#####################################################################
# Request Message
# - sent by clients
# - includes a server identifier option
# - the content of Server Identifier option must match server's DUID
# - includes a client identifier option
# - must include an ORO Option (even with hints) p40
# - can includes a reconfigure Accept option indicating whether or
# not the client is willing to accept Reconfigure messages from
# the server (p40)
# - When the server receives a Request message via unicast from a
# client to which the server has not sent a unicast option, the server
# discards the Request message and responds with a Reply message
# containing Status Code option with the value UseMulticast, a Server
# Identifier Option containing the server's DUID, the client
# Identifier option from the client message and no other option.
class DHCP6_Request(DHCP6):
name = "DHCPv6 Request Message"
msgtype = 3
#####################################################################
# Confirm Message
# - sent by clients
# - must include a client identifier option
# - When the server receives a Confirm Message, the server determines
# whether the addresses in the Confirm message are appropriate for the
# link to which the client is attached. cf p50
class DHCP6_Confirm(DHCP6):
name = "DHCPv6 Confirm Message"
msgtype = 4
#####################################################################
# Renew Message
# - sent by clients
# - must include a server identifier option
# - content of server identifier option must match the server's identifier
# - must include a client identifier option
# - the clients includes any IA assigned to the interface that may
# have moved to a new link, along with the addresses associated with
# those IAs in its confirm messages
# - When the server receives a Renew message that contains an IA
# option from a client, it locates the client's binding and verifies
# that the information in the IA from the client matches the
# information for that client. If the server cannot find a client
# entry for the IA the server returns the IA containing no addresses
# with a status code option est to NoBinding in the Reply message. cf
# p51 pour le reste.
class DHCP6_Renew(DHCP6):
name = "DHCPv6 Renew Message"
msgtype = 5
#####################################################################
# Rebind Message
# - sent by clients
# - must include a client identifier option
# cf p52
class DHCP6_Rebind(DHCP6):
name = "DHCPv6 Rebind Message"
msgtype = 6
#####################################################################
# Reply Message
# - sent by servers
# - the message must include a server identifier option
# - transaction-id field must match the value of original message
# The server includes a Rapid Commit option in the Reply message to
# indicate that the reply is in response to a solicit message
# - if the client receives a reply message with a Status code option
# with the value UseMulticast, the client records the receipt of the
# message and sends subsequent messages to the server through the
# interface on which the message was received using multicast. The
# client resends the original message using multicast
# - When the client receives a NotOnLink status from the server in
# response to a Confirm message, the client performs DHCP server
# solicitation as described in section 17 and client-initiated
# configuration as descrribed in section 18 (RFC 3315)
# - when the client receives a NotOnLink status from the server in
# response to a Request, the client can either re-issue the Request
# without specifying any addresses or restart the DHCP server
# discovery process.
# - the server must include a server identifier option containing the
# server's DUID in the Reply message
class DHCP6_Reply(DHCP6):
name = "DHCPv6 Reply Message"
msgtype = 7
overload_fields = { UDP: {"sport": 547, "dport": 546} }
def answers(self, other):
types = (DHCP6_InfoRequest, DHCP6_Confirm, DHCP6_Rebind, DHCP6_Decline, DHCP6_Request, DHCP6_Release, DHCP6_Renew)
return (isinstance(other, types) and
self.trid == other.trid)
#####################################################################
# Release Message
# - sent by clients
# - must include a server identifier option
# cf p53
class DHCP6_Release(DHCP6):
name = "DHCPv6 Release Message"
msgtype = 8
#####################################################################
# Decline Message
# - sent by clients
# - must include a client identifier option
# - Server identifier option must match server identifier
# - The addresses to be declined must be included in the IAs. Any
# addresses for the IAs the client wishes to continue to use should
# not be in added to the IAs.
# - cf p54
class DHCP6_Decline(DHCP6):
name = "DHCPv6 Decline Message"
msgtype = 9
#####################################################################
# Reconfigure Message
# - sent by servers
# - must be unicast to the client
# - must include a server identifier option
# - must include a client identifier option that contains the client DUID
# - must contain a Reconfigure Message Option and the message type
# must be a valid value
# - the server sets the transaction-id to 0
# - The server must use DHCP Authentication in the Reconfigure
# message. Autant dire que ca va pas etre le type de message qu'on va
# voir le plus souvent.
class DHCP6_Reconf(DHCP6):
name = "DHCPv6 Reconfigure Message"
msgtype = 10
overload_fields = { UDP: { "sport": 547, "dport": 546 } }
#####################################################################
# Information-Request Message
# - sent by clients when needs configuration information but no
# addresses.
# - client should include a client identifier option to identify
# itself. If it doesn't the server is not able to return client
# specific options or the server can choose to not respond to the
# message at all. The client must include a client identifier option
# if the message will be authenticated.
# - client must include an ORO of option she's interested in receiving
# (can include hints)
class DHCP6_InfoRequest(DHCP6):
name = "DHCPv6 Information Request Message"
msgtype = 11
#####################################################################
# sent between Relay Agents and Servers
#
# Normalement, doit inclure une option "Relay Message Option"
# peut en inclure d'autres.
# voir section 7.1 de la 3315
# Relay-Forward Message
# - sent by relay agents to servers
# If the relay agent relays messages to the All_DHCP_Servers multicast
# address or other multicast addresses, it sets the Hop Limit field to
# 32.
class DHCP6_RelayForward(_DHCP6OptGuessPayload,Packet):
name = "DHCPv6 Relay Forward Message (Relay Agent/Server Message)"
fields_desc = [ ByteEnumField("msgtype", 12, dhcp6types),
ByteField("hopcount", None),
IP6Field("linkaddr", "::"),
IP6Field("peeraddr", "::") ]
overload_fields = { UDP: { "sport": 547, "dport": 547 } }
def hashret(self): # we filter on peer address field
return inet_pton(socket.AF_INET6, self.peeraddr)
#####################################################################
# sent between Relay Agents and Servers
# Normalement, doit inclure une option "Relay Message Option"
# peut en inclure d'autres.
# Les valeurs des champs hop-count, link-addr et peer-addr
# sont copiees du message Forward associe. POur le suivi de session.
# Pour le moment, comme decrit dans le commentaire, le hashret
# se limite au contenu du champ peer address.
# Voir section 7.2 de la 3315.
# Relay-Reply Message
# - sent by servers to relay agents
# - if the solicit message was received in a Relay-Forward message,
# the server constructs a relay-reply message with the Advertise
# message in the payload of a relay-message. cf page 37/101. Envoie de
# ce message en unicast au relay-agent. utilisation de l'adresse ip
# presente en ip source du paquet recu
class DHCP6_RelayReply(DHCP6_RelayForward):
name = "DHCPv6 Relay Reply Message (Relay Agent/Server Message)"
msgtype = 13
def hashret(self): # We filter on peer address field.
return inet_pton(socket.AF_INET6, self.peeraddr)
def answers(self, other):
return (isinstance(other, DHCP6_RelayForward) and
self.hopcount == other.hopcount and
self.linkaddr == other.linkaddr and
self.peeraddr == other.peeraddr )
dhcp6_cls_by_type = { 1: "DHCP6_Solicit",
2: "DHCP6_Advertise",
3: "DHCP6_Request",
4: "DHCP6_Confirm",
5: "DHCP6_Renew",
6: "DHCP6_Rebind",
7: "DHCP6_Reply",
8: "DHCP6_Release",
9: "DHCP6_Decline",
10: "DHCP6_Reconf",
11: "DHCP6_InfoRequest",
12: "DHCP6_RelayForward",
13: "DHCP6_RelayReply" }
def _dhcp6_dispatcher(x, *args, **kargs):
cls = conf.raw_layer
if len(x) >= 2:
cls = get_cls(dhcp6_cls_by_type.get(orb(x[0]), "Raw"), conf.raw_layer)
return cls(x, *args, **kargs)
bind_bottom_up(UDP, _dhcp6_dispatcher, { "dport": 547 } )
bind_bottom_up(UDP, _dhcp6_dispatcher, { "dport": 546 } )
class DHCPv6_am(AnsweringMachine):
function_name = "dhcp6d"
filter = "udp and port 546 and port 547"
send_function = staticmethod(send)
def usage(self):
msg = """
DHCPv6_am.parse_options( dns="2001:500::1035", domain="localdomain, local",
duid=None, iface=conf.iface6, advpref=255, sntpservers=None,
sipdomains=None, sipservers=None,
nisdomain=None, nisservers=None,
nispdomain=None, nispservers=None,
bcmcsdomains=None, bcmcsservers=None)
debug : When set, additional debugging information is printed.
duid : some DUID class (DUID_LLT, DUID_LL or DUID_EN). If none
is provided a DUID_LLT is constructed based on the MAC
address of the sending interface and launch time of dhcp6d
answering machine.
iface : the interface to listen/reply on if you do not want to use
conf.iface6.
advpref : Value in [0,255] given to Advertise preference field.
By default, 255 is used. Be aware that this specific
value makes clients stops waiting for further Advertise
messages from other servers.
dns : list of recursive DNS servers addresses (as a string or list).
By default, it is set empty and the associated DHCP6OptDNSServers
option is inactive. See RFC 3646 for details.
domain : a list of DNS search domain (as a string or list). By default,
it is empty and the associated DHCP6OptDomains option is inactive.
See RFC 3646 for details.
sntpservers : a list of SNTP servers IPv6 addresses. By default,
it is empty and the associated DHCP6OptSNTPServers option
is inactive.
sipdomains : a list of SIP domains. By default, it is empty and the
associated DHCP6OptSIPDomains option is inactive. See RFC 3319
for details.
sipservers : a list of SIP servers IPv6 addresses. By default, it is
empty and the associated DHCP6OptSIPDomains option is inactive.
See RFC 3319 for details.
nisdomain : a list of NIS domains. By default, it is empty and the
associated DHCP6OptNISDomains option is inactive. See RFC 3898
for details. See RFC 3646 for details.
nisservers : a list of NIS servers IPv6 addresses. By default, it is
empty and the associated DHCP6OptNISServers option is inactive.
See RFC 3646 for details.
nispdomain : a list of NIS+ domains. By default, it is empty and the
associated DHCP6OptNISPDomains option is inactive. See RFC 3898
for details.
nispservers : a list of NIS+ servers IPv6 addresses. By default, it is
empty and the associated DHCP6OptNISServers option is inactive.
See RFC 3898 for details.
bcmcsdomain : a list of BCMCS domains. By default, it is empty and the
associated DHCP6OptBCMCSDomains option is inactive. See RFC 4280
for details.
bcmcsservers : a list of BCMCS servers IPv6 addresses. By default, it is
empty and the associated DHCP6OptBCMCSServers option is inactive.
See RFC 4280 for details.
If you have a need for others, just ask ... or provide a patch."""
print(msg)
def parse_options(self, dns="2001:500::1035", domain="localdomain, local",
startip="2001:db8::1", endip="2001:db8::20", duid=None,
sntpservers=None, sipdomains=None, sipservers=None,
nisdomain=None, nisservers=None, nispdomain=None,
nispservers=None, bcmcsservers=None, bcmcsdomains=None,
iface=None, debug=0, advpref=255):
def norm_list(val, param_name):
if val is None:
return None
if isinstance(val, list):
return val
elif isinstance(val, str):
l = val.split(',')
return [x.strip() for x in l]
else:
print("Bad '%s' parameter provided." % param_name)
self.usage()
return -1
if iface is None:
iface = conf.iface6
self.debug = debug
# Dictionary of provided DHCPv6 options, keyed by option type
self.dhcpv6_options={}
for o in [(dns, "dns", 23, lambda x: DHCP6OptDNSServers(dnsservers=x)),
(domain, "domain", 24, lambda x: DHCP6OptDNSDomains(dnsdomains=x)),
(sntpservers, "sntpservers", 31, lambda x: DHCP6OptSNTPServers(sntpservers=x)),
(sipservers, "sipservers", 22, lambda x: DHCP6OptSIPServers(sipservers=x)),
(sipdomains, "sipdomains", 21, lambda x: DHCP6OptSIPDomains(sipdomains=x)),
(nisservers, "nisservers", 27, lambda x: DHCP6OptNISServers(nisservers=x)),
(nisdomain, "nisdomain", 29, lambda x: DHCP6OptNISDomain(nisdomain=(x+[""])[0])),
(nispservers, "nispservers", 28, lambda x: DHCP6OptNISPServers(nispservers=x)),
(nispdomain, "nispdomain", 30, lambda x: DHCP6OptNISPDomain(nispdomain=(x+[""])[0])),
(bcmcsservers, "bcmcsservers", 33, lambda x: DHCP6OptBCMCSServers(bcmcsservers=x)),
(bcmcsdomains, "bcmcsdomains", 34, lambda x: DHCP6OptBCMCSDomains(bcmcsdomains=x))]:
opt = norm_list(o[0], o[1])
if opt == -1: # Usage() was triggered
return False
elif opt is None: # We won't return that option
pass
else:
self.dhcpv6_options[o[2]] = o[3](opt)
if self.debug:
print("\n[+] List of active DHCPv6 options:")
opts = sorted(self.dhcpv6_options)
for i in opts:
print(" %d: %s" % (i, repr(self.dhcpv6_options[i])))
# Preference value used in Advertise.
self.advpref = advpref
# IP Pool
self.startip = startip
self.endip = endip
# XXX TODO Check IPs are in same subnet
####
# The interface we are listening/replying on
self.iface = iface
####
# Generate a server DUID
if duid is not None:
self.duid = duid
else:
# Timeval
epoch = (2000, 1, 1, 0, 0, 0, 5, 1, 0)
delta = time.mktime(epoch) - EPOCH
timeval = time.time() - delta
# Mac Address
rawmac = get_if_raw_hwaddr(iface)[1]
mac = ":".join("%.02x" % orb(x) for x in rawmac)
self.duid = DUID_LLT(timeval = timeval, lladdr = mac)
if self.debug:
print("\n[+] Our server DUID:")
self.duid.show(label_lvl=" "*4)
####
# Find the source address we will use
try:
addr = next(x for x in in6_getifaddr() if x[2] == iface and in6_islladdr(x[0]))
except StopIteration:
warning("Unable to get a Link-Local address")
return
else:
self.src_addr = addr[0]
####
# Our leases
self.leases = {}
if self.debug:
print("\n[+] Starting DHCPv6 service on %s:" % self.iface)
def is_request(self, p):
if not IPv6 in p:
return False
src = p[IPv6].src
p = p[IPv6].payload
if not isinstance(p, UDP) or p.sport != 546 or p.dport != 547 :
return False
p = p.payload
if not isinstance(p, DHCP6):
return False
# Message we considered client messages :
# Solicit (1), Request (3), Confirm (4), Renew (5), Rebind (6)
# Decline (9), Release (8), Information-request (11),
if not (p.msgtype in [1, 3, 4, 5, 6, 8, 9, 11]):
return False
# Message validation following section 15 of RFC 3315
if ((p.msgtype == 1) or # Solicit
(p.msgtype == 6) or # Rebind
(p.msgtype == 4)): # Confirm
if ((not DHCP6OptClientId in p) or
DHCP6OptServerId in p):
return False
if (p.msgtype == 6 or # Rebind
p.msgtype == 4): # Confirm
# XXX We do not reply to Confirm or Rebind as we
# XXX do not support address assignment
return False
elif (p.msgtype == 3 or # Request
p.msgtype == 5 or # Renew
p.msgtype == 8): # Release
# Both options must be present
if ((not DHCP6OptServerId in p) or
(not DHCP6OptClientId in p)):
return False
# provided server DUID must match ours
duid = p[DHCP6OptServerId].duid
if not isinstance(duid, type(self.duid)):
return False
if raw(duid) != raw(self.duid):
return False
if (p.msgtype == 5 or # Renew
p.msgtype == 8): # Release
# XXX We do not reply to Renew or Release as we
# XXX do not support address assignment
return False
elif p.msgtype == 9: # Decline
# XXX We should check if we are tracking that client
if not self.debug:
return False
bo = Color.bold
g = Color.green + bo
b = Color.blue + bo
n = Color.normal
r = Color.red
vendor = in6_addrtovendor(src)
if (vendor and vendor != "UNKNOWN"):
vendor = " [" + b + vendor + n + "]"
else:
vendor = ""
src = bo + src + n
it = p
addrs = []
while it:
l = []
if isinstance(it, DHCP6OptIA_NA):
l = it.ianaopts
elif isinstance(it, DHCP6OptIA_TA):
l = it.iataopts
addrs += [x.addr for x in l if isinstance(x, DHCP6OptIAAddress)]
it = it.payload
addrs = [bo + x + n for x in addrs]
if self.debug:
msg = r + "[DEBUG]" + n + " Received " + g + "Decline" + n
msg += " from " + bo + src + vendor + " for "
msg += ", ".join(addrs)+ n
print(msg)
# See sect 18.1.7
# Sent by a client to warn us she has determined
# one or more addresses assigned to her is already
# used on the link.
# We should simply log that fact. No messaged should
# be sent in return.
# - Message must include a Server identifier option
# - the content of the Server identifier option must
# match the server's identifier
# - the message must include a Client Identifier option
return False
elif p.msgtype == 11: # Information-Request
if DHCP6OptServerId in p:
duid = p[DHCP6OptServerId].duid
if not isinstance(duid, type(self.duid)):
return False
if raw(duid) != raw(self.duid):
return False
if ((DHCP6OptIA_NA in p) or
(DHCP6OptIA_TA in p) or
(DHCP6OptIA_PD in p)):
return False
else:
return False
return True
def print_reply(self, req, reply):
def norm(s):
if s.startswith("DHCPv6 "):
s = s[7:]
if s.endswith(" Message"):
s = s[:-8]
return s
if reply is None:
return
bo = Color.bold
g = Color.green + bo
b = Color.blue + bo
n = Color.normal
reqtype = g + norm(req.getlayer(UDP).payload.name) + n
reqsrc = req.getlayer(IPv6).src
vendor = in6_addrtovendor(reqsrc)
if (vendor and vendor != "UNKNOWN"):
vendor = " [" + b + vendor + n + "]"
else:
vendor = ""
reqsrc = bo + reqsrc + n
reptype = g + norm(reply.getlayer(UDP).payload.name) + n
print("Sent %s answering to %s from %s%s" % (reptype, reqtype, reqsrc, vendor))
def make_reply(self, req):
p = req[IPv6]
req_src = p.src
p = p.payload.payload
msgtype = p.msgtype
trid = p.trid
if msgtype == 1: # SOLICIT (See Sect 17.1 and 17.2 of RFC 3315)
# XXX We don't support address or prefix assignment
# XXX We also do not support relay function --arno
client_duid = p[DHCP6OptClientId].duid
resp = IPv6(src=self.src_addr, dst=req_src)
resp /= UDP(sport=547, dport=546)
if p.haslayer(DHCP6OptRapidCommit):
# construct a Reply packet
resp /= DHCP6_Reply(trid=trid)
resp /= DHCP6OptRapidCommit() # See 17.1.2
resp /= DHCP6OptServerId(duid = self.duid)
resp /= DHCP6OptClientId(duid = client_duid)
else: # No Rapid Commit in the packet. Reply with an Advertise
if (p.haslayer(DHCP6OptIA_NA) or
p.haslayer(DHCP6OptIA_TA)):
# XXX We don't assign addresses at the moment
msg = "Scapy6 dhcp6d does not support address assignment"
resp /= DHCP6_Advertise(trid = trid)
resp /= DHCP6OptStatusCode(statuscode=2, statusmsg=msg)
resp /= DHCP6OptServerId(duid = self.duid)
resp /= DHCP6OptClientId(duid = client_duid)
elif p.haslayer(DHCP6OptIA_PD):
# XXX We don't assign prefixes at the moment
msg = "Scapy6 dhcp6d does not support prefix assignment"
resp /= DHCP6_Advertise(trid = trid)
resp /= DHCP6OptStatusCode(statuscode=6, statusmsg=msg)
resp /= DHCP6OptServerId(duid = self.duid)
resp /= DHCP6OptClientId(duid = client_duid)
else: # Usual case, no request for prefixes or addresse
resp /= DHCP6_Advertise(trid = trid)
resp /= DHCP6OptPref(prefval = self.advpref)
resp /= DHCP6OptServerId(duid = self.duid)
resp /= DHCP6OptClientId(duid = client_duid)
resp /= DHCP6OptReconfAccept()
# See which options should be included
reqopts = []
if p.haslayer(DHCP6OptOptReq): # add only asked ones
reqopts = p[DHCP6OptOptReq].reqopts
for o, opt in six.iteritems(self.dhcpv6_options):
if o in reqopts:
resp /= opt
else: # advertise everything we have available
for o, opt in six.iteritems(self.dhcpv6_options):
resp /= opt
return resp
elif msgtype == 3: #REQUEST (INFO-REQUEST is further below)
client_duid = p[DHCP6OptClientId].duid
resp = IPv6(src=self.src_addr, dst=req_src)
resp /= UDP(sport=547, dport=546)
resp /= DHCP6_Solicit(trid=trid)
resp /= DHCP6OptServerId(duid = self.duid)
resp /= DHCP6OptClientId(duid = client_duid)
# See which options should be included
reqopts = []
if p.haslayer(DHCP6OptOptReq): # add only asked ones
reqopts = p[DHCP6OptOptReq].reqopts
for o, opt in six.iteritems(self.dhcpv6_options):
if o in reqopts:
resp /= opt
else:
# advertise everything we have available.
# Should not happen has clients MUST include
# and ORO in requests (sec 18.1.1) -- arno
for o, opt in six.iteritems(self.dhcpv6_options):
resp /= opt
return resp
elif msgtype == 4: # CONFIRM
# see Sect 18.1.2
# Client want to check if addresses it was assigned
# are still appropriate
# Server must discard any Confirm messages that
# do not include a Client Identifier option OR
# THAT DO INCLUDE a Server Identifier Option
# XXX we must discard the SOLICIT if it is received with
# a unicast destination address
pass
elif msgtype == 5: # RENEW
# see Sect 18.1.3
# Clients want to extend lifetime of assigned addresses
# and update configuration parameters. This message is sent
# specifically to the server that provided her the info
# - Received message must include a Server Identifier
# option.
# - the content of server identifier option must match
# the server's identifier.
# - the message must include a Client identifier option
pass
elif msgtype == 6: # REBIND
# see Sect 18.1.4
# Same purpose as the Renew message but sent to any
# available server after he received no response
# to its previous Renew message.
# - Message must include a Client Identifier Option
# - Message can't include a Server identifier option
# XXX we must discard the SOLICIT if it is received with
# a unicast destination address
pass
elif msgtype == 8: # RELEASE
# See section 18.1.6
# Message is sent to the server to indicate that
# she will no longer use the addresses that was assigned
# We should parse the message and verify our dictionary
# to log that fact.
# - The message must include a server identifier option
# - The content of the Server Identifier option must
# match the server's identifier
# - the message must include a Client Identifier option
pass
elif msgtype == 9: # DECLINE
# See section 18.1.7
pass
elif msgtype == 11: # INFO-REQUEST
client_duid = None
if not p.haslayer(DHCP6OptClientId):
if self.debug:
warning("Received Info Request message without Client Id option")
else:
client_duid = p[DHCP6OptClientId].duid
resp = IPv6(src=self.src_addr, dst=req_src)
resp /= UDP(sport=547, dport=546)
resp /= DHCP6_Reply(trid=trid)
resp /= DHCP6OptServerId(duid = self.duid)
if client_duid:
resp /= DHCP6OptClientId(duid = client_duid)
# Stack requested options if available
reqopts = []
if p.haslayer(DHCP6OptOptReq):
reqopts = p[DHCP6OptOptReq].reqopts
for o, opt in six.iteritems(self.dhcpv6_options):
resp /= opt
return resp
else:
# what else ?
pass
# - We won't support reemission
# - We won't support relay role, nor relay forwarded messages
# at the beginning