Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ntpv5 packet parsing #1125

Closed
wants to merge 32 commits into from
Closed

Ntpv5 packet parsing #1125

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
dfb6de9
Start implementation of NTPv5 header parsing
tdittr Oct 9, 2023
52e1eff
Implemented v5 header parsing
marlonbaeten Oct 9, 2023
0cb97ae
Implement parsing and serialization for draft identification extension
tdittr Oct 9, 2023
ae6dd9c
Add NTPv5 header to general NtpHeader to prepare for usage in server
tdittr Oct 9, 2023
5feaff3
fixup! Add NTPv5 header to general NtpHeader to prepare for usage in …
tdittr Oct 10, 2023
aa93a45
Add NTPv5 feature to CI and fuzzing
tdittr Oct 10, 2023
96e0aca
Address clippy warnings
tdittr Oct 10, 2023
518f4f1
fixup! Address clippy warnings
tdittr Oct 10, 2023
60e05eb
fixup! Add NTPv5 feature to CI and fuzzing
tdittr Oct 10, 2023
1358a94
Implement v5 header serialization
marlonbaeten Oct 10, 2023
8ed0bf4
Remove panic from v5 header parsing
marlonbaeten Oct 10, 2023
5bf4d73
Fix clippy warnings in v5.rs
marlonbaeten Oct 10, 2023
c2522d6
Add extension field ids for all draft extensions
tdittr Oct 17, 2023
4ee909e
Address PR comment and simplify draft id deserialization
tdittr Oct 17, 2023
e72d95f
Address PR comment, fix typo, add comments
tdittr Oct 17, 2023
f344a11
Move v5 module to subdirectory
marlonbaeten Oct 17, 2023
86d8b76
Handle V5 extension fields
tdittr Oct 17, 2023
dc12be4
Undo change that violated MSRV
tdittr Oct 17, 2023
6f90c79
Move NTPv5 errors in seperate enum
tdittr Oct 17, 2023
d9ecc48
Switch flags from using hex to binary for better readability
tdittr Oct 17, 2023
0c64b44
Encode correct length in v5 extension fields
marlonbaeten Oct 17, 2023
88088db
Include ExtensionHeaderVersion in fuzzer call
marlonbaeten Oct 17, 2023
d867e25
Implement missing setters and getters for v5 header
tdittr Oct 17, 2023
6eef269
Fix fuzzer for versioned extension headers
marlonbaeten Oct 17, 2023
160ee32
Merge branch 'main' into ntpv5-packet-parsing
marlonbaeten Oct 17, 2023
0d5b78a
Fix lock file
marlonbaeten Oct 17, 2023
68fdd68
Update versions in fuzz/Cargo.lock
marlonbaeten Oct 17, 2023
6a8f81f
Format fuzzer code
marlonbaeten Oct 17, 2023
c4bfb3f
Also run fuzzer smoke tests for ntpv5
tdittr Oct 17, 2023
0580671
We have derive_arbitrary at home
marlonbaeten Oct 17, 2023
993db2b
Address review comments
tdittr Oct 18, 2023
e58ca4c
fixup! Address review comments
tdittr Oct 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 27 additions & 3 deletions ntp-proto/src/packet/error.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,12 @@ pub enum ParsingError<T> {
DecryptError(T),
#[cfg(feature = "ntpv5")]
InvalidDraftIdentification,
#[cfg(feature = "ntpv5")]
MalformedTimescale,
#[cfg(feature = "ntpv5")]
MalformedMode,
#[cfg(feature = "ntpv5")]
InvalidFlags,
}

impl<T> ParsingError<T> {
Expand All @@ -24,9 +30,15 @@ impl<T> ParsingError<T> {
MalformedNtsExtensionFields => Err(MalformedNtsExtensionFields),
MalformedNonce => Err(MalformedNonce),
MalformedCookiePlaceholder => Err(MalformedCookiePlaceholder),
DecryptError(decrypt_error) => Ok(decrypt_error),
#[cfg(feature = "ntpv5")]
InvalidDraftIdentification => Err(InvalidDraftIdentification),
DecryptError(decrypt_error) => Ok(decrypt_error),
#[cfg(feature = "ntpv5")]
MalformedTimescale => Err(MalformedTimescale),
#[cfg(feature = "ntpv5")]
MalformedMode => Err(MalformedMode),
#[cfg(feature = "ntpv5")]
InvalidFlags => Err(InvalidFlags),
}
}
}
Expand All @@ -41,9 +53,15 @@ impl ParsingError<std::convert::Infallible> {
MalformedNtsExtensionFields => MalformedNtsExtensionFields,
MalformedNonce => MalformedNonce,
MalformedCookiePlaceholder => MalformedCookiePlaceholder,
DecryptError(decrypt_error) => match decrypt_error {},
#[cfg(feature = "ntpv5")]
InvalidDraftIdentification => InvalidDraftIdentification,
DecryptError(decrypt_error) => match decrypt_error {},
#[cfg(feature = "ntpv5")]
MalformedTimescale => MalformedTimescale,
#[cfg(feature = "ntpv5")]
MalformedMode => MalformedMode,
#[cfg(feature = "ntpv5")]
InvalidFlags => InvalidFlags,
}
}
}
Expand All @@ -58,9 +76,15 @@ impl<T> Display for ParsingError<T> {
Self::MalformedNtsExtensionFields => f.write_str("Malformed nts extension fields"),
Self::MalformedNonce => f.write_str("Malformed nonce (likely invalid length)"),
Self::MalformedCookiePlaceholder => f.write_str("Malformed cookie placeholder"),
Self::DecryptError(_) => f.write_str("Failed to decrypt NTS extension fields"),
#[cfg(feature = "ntpv5")]
Self::InvalidDraftIdentification => f.write_str("Draft Identification invalid"),
Self::DecryptError(_) => f.write_str("Failed to decrypt NTS extension fields"),
#[cfg(feature = "ntpv5")]
Self::MalformedTimescale => f.write_str("Malformed timescale"),
#[cfg(feature = "ntpv5")]
Self::MalformedMode => f.write_str("Malformed mode"),
#[cfg(feature = "ntpv5")]
Self::InvalidFlags => f.write_str("Invalid flags specified"),
}
}
}
Expand Down
12 changes: 8 additions & 4 deletions ntp-proto/src/packet/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -425,14 +425,14 @@ impl<'a> NtpPacket<'a> {
NtpHeader::V3(header) => header.serialize(w, 3)?,
NtpHeader::V4(header) => header.serialize(w, 4)?,
#[cfg(feature = "ntpv5")]
NtpHeader::V5(_header) => todo!(),
NtpHeader::V5(header) => header.serialize(w)?,
};

match self.header {
NtpHeader::V3(_) => { /* No extension fields in V3 */ }
NtpHeader::V4(_) => self.efdata.serialize(w, cipher)?,
#[cfg(feature = "ntpv5")]
NtpHeader::V5(_header) => todo!(),
NtpHeader::V5(_) => self.efdata.serialize(w, cipher)?,
}

if let Some(ref mac) = self.mac {
Expand Down Expand Up @@ -1180,12 +1180,16 @@ mod tests {
assert!(NtpPacket::deserialize(packet, &NoCipher).is_err());
let packet = b"\x14\x02\x06\xe9\x00\x00\x02\x36\x00\x00\x03\xb7\xc0\x35\x67\x6c\xe5\xf6\x61\xfd\x6f\x16\x5f\x03\xe5\xf6\x63\xa8\x76\x19\xef\x40\xe5\xf6\x63\xa8\x79\x8c\x65\x81\xe5\xf6\x63\xa8\x79\x8e\xae\x2b";
assert!(NtpPacket::deserialize(packet, &NoCipher).is_err());
let packet = b"\x2B\x02\x06\xe9\x00\x00\x02\x36\x00\x00\x03\xb7\xc0\x35\x67\x6c\xe5\xf6\x61\xfd\x6f\x16\x5f\x03\xe5\xf6\x63\xa8\x76\x19\xef\x40\xe5\xf6\x63\xa8\x79\x8c\x65\x81\xe5\xf6\x63\xa8\x79\x8e\xae\x2b";
assert!(NtpPacket::deserialize(packet, &NoCipher).is_err());
let packet = b"\x34\x02\x06\xe9\x00\x00\x02\x36\x00\x00\x03\xb7\xc0\x35\x67\x6c\xe5\xf6\x61\xfd\x6f\x16\x5f\x03\xe5\xf6\x63\xa8\x76\x19\xef\x40\xe5\xf6\x63\xa8\x79\x8c\x65\x81\xe5\xf6\x63\xa8\x79\x8e\xae\x2b";
assert!(NtpPacket::deserialize(packet, &NoCipher).is_err());
let packet = b"\x3B\x02\x06\xe9\x00\x00\x02\x36\x00\x00\x03\xb7\xc0\x35\x67\x6c\xe5\xf6\x61\xfd\x6f\x16\x5f\x03\xe5\xf6\x63\xa8\x76\x19\xef\x40\xe5\xf6\x63\xa8\x79\x8c\x65\x81\xe5\xf6\x63\xa8\x79\x8e\xae\x2b";
assert!(NtpPacket::deserialize(packet, &NoCipher).is_err());

#[cfg(not(feature = "ntpv5"))]
{
let packet = b"\x2C\x02\x06\xe9\x00\x00\x02\x36\x00\x00\x03\xb7\xc0\x35\x67\x6c\xe5\xf6\x61\xfd\x6f\x16\x5f\x03\xe5\xf6\x63\xa8\x76\x19\xef\x40\xe5\xf6\x63\xa8\x79\x8c\x65\x81\xe5\xf6\x63\xa8\x79\x8e\xae\x2b";
assert!(NtpPacket::deserialize(packet, &NoCipher).is_err());
}
tdittr marked this conversation as resolved.
Show resolved Hide resolved
}

#[test]
Expand Down
55 changes: 30 additions & 25 deletions ntp-proto/src/packet/v5.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@ pub enum NtpMode {
}

impl NtpMode {
fn from_bits(bits: u8) -> Option<Self> {
Some(match bits {
fn from_bits(bits: u8) -> Result<Self, ParsingError<std::convert::Infallible>> {
Ok(match bits {
3 => Self::Request,
4 => Self::Response,
_ => return None,
_ => return Err(ParsingError::MalformedMode),
})
}

Expand All @@ -24,10 +24,12 @@ impl NtpMode {
}
}

#[allow(dead_code)]
pub(crate) fn is_request(&self) -> bool {
self == &Self::Request
}

#[allow(dead_code)]
pub(crate) fn is_response(&self) -> bool {
self == &Self::Response
}
Expand All @@ -43,13 +45,13 @@ pub enum NtpTimescale {
}

impl NtpTimescale {
fn from_bits(bits: u8) -> Option<Self> {
Some(match bits {
fn from_bits(bits: u8) -> Result<Self, ParsingError<std::convert::Infallible>> {
Ok(match bits {
0 => Self::Utc,
1 => Self::Tai,
2 => Self::Ut1,
3 => Self::LeadSmearedUtc,
_ => return None,
_ => return Err(ParsingError::MalformedTimescale),
})
}

Expand All @@ -73,22 +75,26 @@ pub struct NtpFlags {
}

impl NtpFlags {
fn from_bits(bits: [u8; 2]) -> Self {
Self {
fn from_bits(bits: [u8; 2]) -> Result<Self, ParsingError<std::convert::Infallible>> {
if bits[0] != 0x00 || bits[1] & 0xFC != 0 {
return Err(ParsingError::InvalidFlags);
tdittr marked this conversation as resolved.
Show resolved Hide resolved
}

Ok(Self {
unknown_leap: bits[1] & 0x01 != 0,
interleaved_mode: bits[1] & 0x02 != 0,
}
})
}

fn to_bits(&self) -> [u8; 2] {
fn as_bits(&self) -> [u8; 2] {
let mut flags: u16 = 0;

if self.unknown_leap {
flags = flags | 0x01;
flags |= 0x01;
}

if self.interleaved_mode {
flags = flags | 0x02;
flags |= 0x02;
}

flags.to_be_bytes()
Expand Down Expand Up @@ -139,13 +145,13 @@ impl NtpHeaderV5 {
Ok((
Self {
leap: NtpLeapIndicator::from_bits((data[0] & 0xC0) >> 6),
mode: NtpMode::from_bits(data[0] & 0x07).unwrap(),
mode: NtpMode::from_bits(data[0] & 0x07)?,
stratum: data[1],
poll: data[2] as i8,
precision: data[3] as i8,
timescale: NtpTimescale::from_bits(data[4]).unwrap(),
timescale: NtpTimescale::from_bits(data[4])?,
era: NtpEra(data[5]),
flags: NtpFlags::from_bits(data[6..8].try_into().unwrap()),
flags: NtpFlags::from_bits(data[6..8].try_into().unwrap())?,
root_delay: NtpDuration::from_bits_short(data[8..12].try_into().unwrap()),
root_dispersion: NtpDuration::from_bits_short(data[12..16].try_into().unwrap()),
server_cookie: NtpServerCookie(data[16..24].try_into().unwrap()),
Expand All @@ -157,12 +163,13 @@ impl NtpHeaderV5 {
))
}

#[allow(dead_code)]
pub(crate) fn serialize<W: std::io::Write>(&self, w: &mut W) -> std::io::Result<()> {
w.write_all(&[(self.leap.to_bits() << 6) | (5 << 3) | self.mode.to_bits()])?;
w.write_all(&[self.stratum, self.poll as u8, self.precision as u8])?;
w.write_all(&[self.timescale.to_bits()])?;
w.write_all(&[self.era.0])?;
w.write_all(&self.flags.to_bits())?;
w.write_all(&self.flags.as_bits())?;
w.write_all(&self.root_delay.to_bits_short())?;
w.write_all(&self.root_dispersion.to_bits_short())?;
w.write_all(&self.server_cookie.0)?;
Expand All @@ -175,35 +182,33 @@ impl NtpHeaderV5 {

#[cfg(test)]
mod tests {
use std::io::Cursor;

use super::*;
use std::io::Cursor;

#[test]
fn round_trip_timescale() {
for i in 0..=u8::MAX {
match NtpTimescale::from_bits(i) {
None => {}
Some(ts) => assert_eq!(ts as u8, i),
if let Ok(ts) = NtpTimescale::from_bits(i) {
assert_eq!(ts as u8, i);
}
}
}

#[test]
fn flags() {
let flags = NtpFlags::from_bits([0x00, 0x00]);
let flags = NtpFlags::from_bits([0x00, 0x00]).unwrap();
assert_eq!(flags.unknown_leap, false);
assert_eq!(flags.interleaved_mode, false);

let flags = NtpFlags::from_bits([0x00, 0x01]);
let flags = NtpFlags::from_bits([0x00, 0x01]).unwrap();
assert_eq!(flags.unknown_leap, true);
assert_eq!(flags.interleaved_mode, false);

let flags = NtpFlags::from_bits([0x00, 0x02]);
let flags = NtpFlags::from_bits([0x00, 0x02]).unwrap();
assert_eq!(flags.unknown_leap, false);
assert_eq!(flags.interleaved_mode, true);

let flags = NtpFlags::from_bits([0x00, 0x03]);
let flags = NtpFlags::from_bits([0x00, 0x03]).unwrap();
assert_eq!(flags.unknown_leap, true);
assert_eq!(flags.interleaved_mode, true);
}
Expand Down